You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Alternative implementations of whole modules may define their own context type. We do not explicitly specify whether an alternative implementation is allowed to maintain a pointer to contexts while no function using this context is active, or to remember the address of a context inside the context itself. As a consequence, it is not permitted for applications to move a context structure in memory, which can happen if the structure lives in managed memory.
Our own implementation of mbedtls_aes_context takes advantage of this implicit permission to maintain a pointer to the context: ctx->rk points inside ctx->buf (this is done for the sole sake of the MBEDTLS_PADLOCK_C implementation, because it requires a particular alignment in memory). This is a problem in practice: #2147.
Proposal
Document that in Mbed TLS 3, alternative implementations must allow moving a context structure in memory while no function operating on this context is active.
The reason this needs to be done in 3.0 is that it can break some existing applications.
Context and rationale
Alternative implementations of whole modules may define their own context type. We do not explicitly specify whether an alternative implementation is allowed to maintain a pointer to contexts while no function using this context is active, or to remember the address of a context inside the context itself. As a consequence, it is not permitted for applications to move a context structure in memory, which can happen if the structure lives in managed memory.
Our own implementation of
mbedtls_aes_context
takes advantage of this implicit permission to maintain a pointer to the context:ctx->rk
points insidectx->buf
(this is done for the sole sake of theMBEDTLS_PADLOCK_C
implementation, because it requires a particular alignment in memory). This is a problem in practice: #2147.Proposal
Document that in Mbed TLS 3, alternative implementations must allow moving a context structure in memory while no function operating on this context is active.
The reason this needs to be done in 3.0 is that it can break some existing applications.
This is a sort of extension of #4371.
Work items for 3.0
Work items for 3.x
ctx->rk
field toctx->buf + ctx->rk_offset
.The text was updated successfully, but these errors were encountered: