Repair TLS 1.3 proofs after c096a55 #3079
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
I don't have the ability to view why the CI is failing, so I'll need to ask someone with the necessary permissions to do so. My hope is that the CI failure is simply due to the other issues discovered in #3074. |
lrstewart
requested changes
Oct 1, 2021
RyanGlScott
force-pushed
the
rgs/tls-1.3-fix
branch
from
acf5de9 to
806bdf1
Compare
RyanGlScott
commented
Oct 4, 2021
lrstewart
reviewed
Oct 4, 2021
feliperodri
suggested changes
Oct 5, 2021
feliperodri
approved these changes
Oct 5, 2021
|
@RyanGlScott could you also rebase your branch? |
RyanGlScott
force-pushed
the
rgs/tls-1.3-fix
branch
from
21a88e2 to
0d09ef3
Compare
|
I've rebased on top of 270bfbb. |
lrstewart
approved these changes
Oct 5, 2021
|
Is there anything else I should do before this can be merged? |
I don't think so, just update your branch and merge once CI is happy with it. @lrstewart ? |
Ultimately, this is for the benefit of the SAW proofs. Due to a limitation in how SAW currently works, bitfields must be accessed by index rather than by name, and due to how often new fields are added to `s2n_connection`, the only way to do this in way that's maintainable is to have all the bitfield fields be up front. That way, the index to access the bitfield will always be zero, which significantly decreases the likelihood that the SAW proofs will need to be updated with each new field added to `s2n_connection`. This is all rather unfortunate. See GaloisInc/saw-script#1461 for a plan to make handling bitfields more maintainable in SAW.
Unfortunately, aws#3031 landed before it had a chance to be tested against c096a55, which alters the logic used to check whether QUIC is enabled `s2n_connection_is_quic_enabled`. This updates the corresponding SAW specification to take the new definition of `s2n_connection_is_quic_enabled` into account. This requires inspecting one more bitfield in `s2n_connection` to accomplish. While I was in town, I took the time to tidy up the various pieces of the SAW specification that involve bitfields. It's still not as pretty as it could be, but it's a sit better than it was before.
This will reduce the likelihood that their positions will change, which should make the SAW proofs less susceptible to breakage.
RyanGlScott
force-pushed
the
rgs/tls-1.3-fix
branch
from
0d09ef3 to
e6dde7f
Compare
|
I've rebased on top of b05cc94. I don't have push access to |
|
Thanks! |
RyanGlScott
added a commit
to RyanGlScott/s2n-tls
that referenced
this pull request
Dec 5, 2021
Now that the positions of bitfields in structs are no longer important to SAW, there is no reason to keep the bitfields in `s2n_config` and `s2n_connection` up front, as was done in aws#3079. As a result, we can move the fields back to their original positions before that commit.
RyanGlScott
added a commit
to RyanGlScott/s2n-tls
that referenced
this pull request
Dec 15, 2021
This uses SAW's new `llvm_points_to_bitfield` command (introduced in GaloisInc/saw-script#1539) to simplify specifications that involve the bitfields in `s2n_config` and `s2n_connection`. In particular, there is no longer any need to manually compute the size of the bitfields or the indices of the fields within the bitfields, as these details are handled automatically by `llvm_points_to_bitfield`. The positions of the fields within bitfields are also no longer important. This, along with a subsequent commit that will restore the bitfields' field order to what they were before aws#3709, will address a review comment in aws#3079 (comment).
RyanGlScott
added a commit
to RyanGlScott/s2n-tls
that referenced
this pull request
Dec 15, 2021
Now that the positions of bitfields in structs are no longer important to SAW, there is no reason to keep the bitfields in `s2n_config` and `s2n_connection` up front, as was done in aws#3079. As a result, we can move the fields back to their original positions before that commit.
RyanGlScott
added a commit
to RyanGlScott/s2n-tls
that referenced
this pull request
Jan 4, 2022
This uses SAW's new `llvm_points_to_bitfield` command (introduced in GaloisInc/saw-script#1539) to simplify specifications that involve the bitfields in `s2n_config` and `s2n_connection`. In particular, there is no longer any need to manually compute the size of the bitfields or the indices of the fields within the bitfields, as these details are handled automatically by `llvm_points_to_bitfield`. The positions of the fields within bitfields are also no longer important. This, along with a subsequent commit that will restore the bitfields' field order to what they were before aws#3709, will address a review comment in aws#3079 (comment).
RyanGlScott
added a commit
to RyanGlScott/s2n-tls
that referenced
this pull request
Jan 4, 2022
Now that the positions of bitfields in structs are no longer important to SAW, there is no reason to keep the bitfields in `s2n_config` and `s2n_connection` up front, as was done in aws#3079. As a result, we can move the fields back to their original positions before that commit.
RyanGlScott
added a commit
to RyanGlScott/s2n-tls
that referenced
this pull request
Jan 10, 2022
This uses SAW's new `llvm_points_to_bitfield` command (introduced in GaloisInc/saw-script#1539) to simplify specifications that involve the bitfields in `s2n_config` and `s2n_connection`. In particular, there is no longer any need to manually compute the size of the bitfields or the indices of the fields within the bitfields, as these details are handled automatically by `llvm_points_to_bitfield`. The positions of the fields within bitfields are also no longer important. This addresses a review comment in aws#3079 (comment).
RyanGlScott
added a commit
to RyanGlScott/s2n-tls
that referenced
this pull request
Jan 24, 2022
This uses SAW's new `llvm_points_to_bitfield` command (introduced in GaloisInc/saw-script#1539) to simplify specifications that involve the bitfields in `s2n_config` and `s2n_connection`. In particular, there is no longer any need to manually compute the size of the bitfields or the indices of the fields within the bitfields, as these details are handled automatically by `llvm_points_to_bitfield`. The positions of the fields within bitfields are also no longer important. This addresses a review comment in aws#3079 (comment).
RyanGlScott
added a commit
to RyanGlScott/s2n-tls
that referenced
this pull request
Jan 26, 2022
This uses SAW's new `llvm_points_to_bitfield` command (introduced in GaloisInc/saw-script#1539) to simplify specifications that involve the bitfields in `s2n_config` and `s2n_connection`. In particular, there is no longer any need to manually compute the size of the bitfields or the indices of the fields within the bitfields, as these details are handled automatically by `llvm_points_to_bitfield`. The positions of the fields within bitfields are also no longer important. This addresses a review comment in aws#3079 (comment).
RyanGlScott
added a commit
to RyanGlScott/s2n-tls
that referenced
this pull request
Jan 26, 2022
This uses SAW's new `llvm_points_to_bitfield` command (introduced in GaloisInc/saw-script#1539) to simplify specifications that involve the bitfields in `s2n_config` and `s2n_connection`. In particular, there is no longer any need to manually compute the size of the bitfields or the indices of the fields within the bitfields, as these details are handled automatically by `llvm_points_to_bitfield`. The positions of the fields within bitfields are also no longer important. This addresses a review comment in aws#3079 (comment).
RyanGlScott
added a commit
to RyanGlScott/s2n-tls
that referenced
this pull request
Jan 27, 2022
This uses SAW's new `llvm_points_to_bitfield` command (introduced in GaloisInc/saw-script#1539) to simplify specifications that involve the bitfields in `s2n_config` and `s2n_connection`. In particular, there is no longer any need to manually compute the size of the bitfields or the indices of the fields within the bitfields, as these details are handled automatically by `llvm_points_to_bitfield`. The positions of the fields within bitfields are also no longer important. This addresses a review comment in aws#3079 (comment).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolved issues:
This fixes an issue that was discovered in #3074/#3077 involving the TLS 1.3 proofs, which were re-enabled in #3031.
Description of changes:
Unfortunately, #3031 landed before it had a chance to be tested against c096a55, which alters the logic used to check whether QUIC is enabled
s2n_connection_is_quic_enabled. This updates the corresponding SAW specification to take the new definition ofs2n_connection_is_quic_enabledinto account. This requires inspecting one more bitfield ins2n_connectionto accomplish.While I was in town, I updated the relevant comments in the SAW specification that describe
quic_enabledand friends.Call-outs:
The first commit in this PR simply reverts #3077 so that the TLS 1.3 proofs are re-enabled. That code is exactly as it was in #3031. The last two commits are the interesting part, so reviewers should look at those commits as a starting point.
Testing:
To check the proofs, run
make -C tests/saw tmp/verify_handshake.log. This should be covered by CI, which runs this command as one of its steps.For the most part, this PR only changes SAW code, so the behavior of
s2n-tlsitself is not affected. I made one change to the C code intls/s2n_connection.hto move all of the bitfields upfront so that the SAW proofs can more maintainbly index into them withcrucible_elem(see the comments intests/saw/spec/handshake/handshake_io_lowlevel.saw). However, reordering bitfields should not have any user-observable effect on the C code itself.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.