mbedtls tests: utility tests for APB corruption

Used when running mbedTLS self-tests to verify DPORT protection is working correctly.

components/mbedtls/test/test_apb_dport_access.c

@@ -0,0 +1,55 @@
+/* Implementation of utility functions to verify
+   unit tests aren't performing SMP-unsafe DPORT reads.
+*/
+
+#include "unity.h"
+#include "sdkconfig.h"
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "soc/uart_reg.h"
+#include "test_apb_dport_access.h"
+
+#ifndef CONFIG_FREERTOS_UNICORE
+
+static void apb_access_loop_task(void *ignore);
+
+static volatile bool apb_access_corrupt;
+static TaskHandle_t apb_task_handle;
+
+void start_apb_access_loop()
+{
+    apb_access_corrupt = false;
+    xTaskCreatePinnedToCore(apb_access_loop_task, "accessAPB", 2048, NULL,
+                            UNITY_FREERTOS_PRIORITY - 1,
+                            &apb_task_handle, !UNITY_FREERTOS_CPU);
+}
+
+void verify_apb_access_loop()
+{
+    vTaskDelete(apb_task_handle);
+    apb_task_handle = NULL;
+    TEST_ASSERT_FALSE(apb_access_corrupt);
+    printf("Verified no APB corruption from operations\n");
+}
+
+static void apb_access_loop_task(void *ignore)
+{
+    uint32_t initial = REG_READ(UART_DATE_REG(0));
+    while(1) {
+        if (REG_READ(UART_DATE_REG(0)) != initial) {
+            apb_access_corrupt = true;
+        }
+    }
+}
+
+#else /*CONFIG_FREERTOS_UNICORE */
+
+void start_apb_access_loop()
+{
+}
+
+void verify_apb_access_loop()
+{
+}
+
+#endif

components/mbedtls/test/test_apb_dport_access.h

@@ -0,0 +1,18 @@
+/* Utility functions to test that APB access is still safe
+   while the other CPU performs some set of DPORT accesses
+
+   (see ECO 3.10 and the standalone esp32 test_dport.c for more).
+*/
+
+/* start_apb_access_loop() starts a task reading from APB in a loop on the non-Unity-test CPU.
+
+   Call this before doing something which involes DPORT reads.
+
+   Does nothing in unicore mode.
+*/
+void start_apb_access_loop();
+
+/* verify_apb_access_loop() kills the task started by start_apb_access_loop()
+   and verifies that none of the APB reads were corrupted by unsafe DPORT reads.
+*/
+void verify_apb_access_loop();

components/mbedtls/test/test_mbedtls.c

@@ -20,19 +20,26 @@
 #include "freertos/semphr.h"
 #include "unity.h"
 #include "sdkconfig.h"
+#include "test_apb_dport_access.h"
 
 TEST_CASE("mbedtls AES self-tests", "[aes]")
 {
+    start_apb_access_loop();
     TEST_ASSERT_FALSE_MESSAGE(mbedtls_aes_self_test(1), "AES self-tests should pass.");
+    verify_apb_access_loop();
 }
 
 TEST_CASE("mbedtls MPI self-tests", "[bignum]")
 {
+    start_apb_access_loop();
     TEST_ASSERT_FALSE_MESSAGE(mbedtls_mpi_self_test(1), "MPI self-tests should pass.");
+    verify_apb_access_loop();
 }
 
 TEST_CASE("mbedtls RSA self-tests", "[bignum]")
 {
+    start_apb_access_loop();
     TEST_ASSERT_FALSE_MESSAGE(mbedtls_rsa_self_test(1), "RSA self-tests should pass.");
+    verify_apb_access_loop();
 }
 

components/mbedtls/test/test_mbedtls_sha.c

@@ -13,13 +13,16 @@
 #include "freertos/semphr.h"
 #include "unity.h"
 #include "sdkconfig.h"
+#include "test_apb_dport_access.h"
 
 TEST_CASE("mbedtls SHA self-tests", "[mbedtls]")
 {
+    start_apb_access_loop();
     TEST_ASSERT_FALSE_MESSAGE(mbedtls_sha1_self_test(1), "SHA1 self-tests should pass.");
     TEST_ASSERT_FALSE_MESSAGE(mbedtls_sha256_self_test(1), "SHA256 self-tests should pass.");
     TEST_ASSERT_FALSE_MESSAGE(mbedtls_sha512_self_test(1), "SHA512 self-tests should pass.");
     TEST_ASSERT_FALSE_MESSAGE(mbedtls_sha512_self_test(1), "SHA512 self-tests should pass.");
+    verify_apb_access_loop();
 }
 
 static const unsigned char *one_hundred_as = (unsigned char *)