[acc] Minor improvements to information-flow checker.#246
[acc] Minor improvements to information-flow checker.#246jadephilipoom wants to merge 3 commits into
Conversation
jadephilipoom
force-pushed
the
jadep/iflow-backend-improvements
branch
3 times, most recently
from
64fceca to
bcaf83f
Compare
jadephilipoom
force-pushed
the
jadep/iflow-backend-improvements
branch
from
bcaf83f to
c3e9482
Compare
jadephilipoom
force-pushed
the
jadep/trigger-fault-common
branch
from
f62909a to
b67e603
Compare
There was a problem hiding this comment.
Thanks @jadephilipoom. I think you forgot to push something or something went wrong when rebasing.
I'm a little concerned that this still made it through CI even do it seems to break the information flow analysis. Are we not running the constant time tests in CI on every PR? Shouldn't we? The constant-time tests are not depending on this script - I got that wrong.
| from shared.decode import decode_elf | ||
| from shared.information_flow import InformationFlowGraph | ||
| from shared.information_flow_analysis import (get_program_iflow, | ||
| from shared.information_flow_analysis import (get_dmem_symbols, |
There was a problem hiding this comment.
I'm getting a
ImportError: cannot import name 'get_dmem_symbols' from 'shared.information_flow_analysis' here.
There was a problem hiding this comment.
Given that CI did not flag this, aren't we running the constant-time tests in CI?
Given that CI did not flag this, should we extend the CI so this script is exercised? Remind me what the main purpose of the information-flow check is?
There was a problem hiding this comment.
We run the check_const_time.py script in CI; this analyze_information_flow.py script uses the same backend but gives more detail. It's run manually if you want to understand what's going on in the code better.
| return out | ||
|
|
||
|
|
||
| def parse_information_flow_node(program: ACCProgram, x: str) -> str: |
There was a problem hiding this comment.
program is not used in this function - is that intentional?
| # Deliberately invalid CSR address used by unimp. | ||
| UNIMP_CSR_ADDR = 3072 |
There was a problem hiding this comment.
This is unused? Was that intentional?
There was a problem hiding this comment.
Again an artifact from #247, it gets used there to detect unimp calls and not error out on the invalid CSR. Will remove here.
| 'program; use --subroutine to analyze a specific ' | ||
| 'subroutine.') | ||
| constants = parse_required_constants(args.constants) | ||
| constants = parse_required_constants(args.constants, dmem_symbols) |
There was a problem hiding this comment.
I think you didn't change parse_required_constants? It only takes 1 argument.
There was a problem hiding this comment.
Once again a rebase artifact, should be fixed now! Sorry for all the interference, these two were quite intertwined but since #247 is pretty large I wanted to separate out as much as I could.
jadephilipoom
force-pushed
the
jadep/trigger-fault-common
branch
from
b67e603 to
9e756e9
Compare
Small fixup that was helpful to me while debugging. Signed-off-by: Jade Philipoom <jadep@zerorisc.com>
If both sides of a branch are constant, resolve the branch. This helps especially with fine-grained DMEM tracking when different branches write different memory. Signed-off-by: Jade Philipoom <jadep@zerorisc.com>
jadephilipoom
force-pushed
the
jadep/iflow-backend-improvements
branch
2 times, most recently
from
83be05b to
5726439
Compare
Signed-off-by: Jade Philipoom <jadep@zerorisc.com>
jadephilipoom
force-pushed
the
jadep/iflow-backend-improvements
branch
from
5726439 to
d6aadb3
Compare
mkannwischer
left a comment
mkannwischer
left a comment
There was a problem hiding this comment.
Thanks for addressing my comments.
A couple of more nits - feel free to ignore. LGTM.
| # Load the program. | ||
| program = decode_elf(args.elf) |
There was a problem hiding this comment.
There is another decode_elf in line 94. Can one be removed?
| raise ValueError('Cannot specify --secret and --public together.') | ||
|
|
||
| # Parse the secrets as information-flow nodes. | ||
| secret_nodes = set() |
There was a problem hiding this comment.
secret_nodes is never used, but I guess you will need it later? feel free to ignore.
| if value.startswith('0x'): | ||
| value = int(value, 16) | ||
| else: | ||
| value = int(value) |
There was a problem hiding this comment.
nit: Could be value = int(value, 0)?
2 participants
On top of #245, draft until that PR is merged.
These were some small improvements I made along the way towards a bigger extension to the information-flow checker that I'll post as a follow-up PR; I separated these out for easier review. There's more detail in the commit messages, but in summary: