Merge pull request #10625 from gilles-peskine-arm/unix-detection-202601-mingw-prep

Simplify platform requirements before 4.1: MingW

include/mbedtls/debug.h

@@ -59,10 +59,10 @@
  */
 #if defined(__has_attribute)
 #if __has_attribute(format)
-#if defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1
+#if defined(__MINGW32__)
 #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check)    \
     __attribute__((__format__(gnu_printf, string_index, first_to_check)))
-#else /* defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 */
+#else /* defined(__MINGW32__) */
 #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check)    \
     __attribute__((format(printf, string_index, first_to_check)))
 #endif
@@ -73,30 +73,15 @@
 #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check)
 #endif
 
-/**
- * \def MBEDTLS_PRINTF_SIZET
- *
- * MBEDTLS_PRINTF_xxx: Due to issues with older window compilers
- * and MinGW we need to define the printf specifier for size_t
- * and long long per platform.
- *
- * Module:  library/debug.c
- * Caller:
- *
- * This module provides debugging functions.
+/* Legacy definitions, kept for backward compatibility.
+ * Since Mbed TLS 4.1, the standard specifiers are always valid.
+ * We still define the macros because they're part of the Mbed TLS 4.0 API.
+ * In the library and test code, keep using them for code that's backported
+ * to 3.6.
  */
-#if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1900)
-   #include <inttypes.h>
-   #define MBEDTLS_PRINTF_SIZET     PRIuPTR
-   #define MBEDTLS_PRINTF_SIZET_HEX PRIxPTR
-   #define MBEDTLS_PRINTF_LONGLONG  "I64d"
-#else \
-    /* defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1900) */
-   #define MBEDTLS_PRINTF_SIZET     "zu"
-   #define MBEDTLS_PRINTF_SIZET_HEX "zx"
-   #define MBEDTLS_PRINTF_LONGLONG  "lld"
-#endif \
-    /* defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1900) */
+#define MBEDTLS_PRINTF_SIZET     "zu"
+#define MBEDTLS_PRINTF_SIZET_HEX "zx"
+#define MBEDTLS_PRINTF_LONGLONG  "lld"
 
 #if !defined(MBEDTLS_PRINTF_MS_TIME)
 #include <inttypes.h>

library/debug.c

@@ -21,6 +21,30 @@
 /* DEBUG_BUF_SIZE must be at least 2 */
 #define DEBUG_BUF_SIZE      512
 
+/* Temporary hack: on MingW, do not honor the platform.h configuration
+ * for snprintf and vsnprintf. Instead, force the native functions,
+ * which are the standard ones, not the Windows legacy ones.
+ *
+ * This hack should be removed once TF-PSA-Crypto has been updated to
+ * use the standard printf family.
+ */
+#if defined(__MINGW32__)
+#undef mbedtls_snprintf
+#define mbedtls_snprintf snprintf
+#undef mbedtls_vsnprintf
+#define mbedtls_vsnprintf vsnprintf
+#endif
+
+int mbedtls_debug_snprintf(char *dest, size_t maxlen,
+                           const char *format, ...)
+{
+    va_list argp;
+    va_start(argp, format);
+    int ret = mbedtls_vsnprintf(dest, maxlen, format, argp);
+    va_end(argp);
+    return ret;
+}
+
 static int debug_threshold = 0;
 
 void mbedtls_debug_set_threshold(int threshold)

library/debug_internal.h

@@ -12,6 +12,19 @@
 
 #include "mbedtls/debug.h"
 
+/* This should be equivalent to mbedtls_snprintf(). But it might not be due
+ * to platform shenanigans. For example, Mbed TLS and TF-PSA-Crypto could
+ * have inconsistent platform definitions. On Mingw, some code might
+ * be built with a different setting of __USE_MINGW_ANSI_STDIO, resulting
+ * in an old non-C99 printf being used somewhere.
+ *
+ * Our library assumes that mbedtls_snprintf() and other printf functions
+ * are consistent throughout. This function is not an official API and
+ * is not meant to be used inside the library. It is provided to help
+ * debugging printf inconsistencies issues. If you need it, good luck!
+ */
+int mbedtls_debug_snprintf(char *dest, size_t maxlen,
+                           const char *format, ...) MBEDTLS_PRINTF_ATTRIBUTE(3, 4);
 /**
  * \brief    Print a message to the debug output. This function is always used
  *          through the MBEDTLS_SSL_DEBUG_MSG() macro, which supplies the ssl

library/mbedtls_common.h

@@ -0,0 +1,43 @@
+/**
+ * \file mbedtls_common.h
+ *
+ * \brief Utility macros for internal use in the library.
+ *
+ * This file should be included as the first thing in all library C files
+ * (directly, or indirectly via x509_internal.h or ssl_misc.h).
+ * It must not be included by sample programs, since sample programs
+ * illustrate what you can do without the library sources.
+ * It may be included (often indirectly) by test code that isn't purely
+ * black-box testing.
+ *
+ * This file takes care of setting up requirements for platform headers.
+ * It includes the library configuration and derived macros.
+ * It additionally defines various utility macros and other definitions
+ * (but no function declarations).
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_MBEDTLS_COMMON_H
+#define MBEDTLS_MBEDTLS_COMMON_H
+
+/* Before including any system header, declare some macros to tell system
+ * headers what we expect of them.
+ *
+ * Do this before including any header from TF-PSA-Crypto, since the
+ * convention is first-come-first-served (so that users can
+ * override some macros on the command line, and individual users can
+ * override some macros before including the common header).
+ */
+#include "mbedtls_platform_requirements.h"
+
+/* From this point onwards, ensure we have the library configuration and
+ * the configuration-derived macros. */
+#include <mbedtls/build_info.h>
+
+/* Mbed TLS requires TF-PSA-Crypto internals. */
+#include "tf_psa_crypto_common.h"
+
+#endif /* MBEDTLS_MBEDTLS_COMMON_H */

library/mbedtls_config.c

@@ -6,6 +6,10 @@
  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
+/* We are a special snowflake: we don't include "mbedtls_common.h",
+ * because that would pull <mbedtls/build_info.h> and we need to
+ * tune the way it works. */
+
 /* Apply the TF-PSA-Crypto configuration first. We need to do this
  * before <mbedtls/build_info.h>, because "mbedtls_config_check_before.h"
  * needs to run after the crypto config (including derived macros) is

library/mbedtls_platform_requirements.h

@@ -0,0 +1,32 @@
+/**
+ * \file mbedtls_platform_requirements.h
+ *
+ * \brief Declare macros that tell system headers what we expect of them.
+ *
+ * This file must be included before any system header, and so in particular
+ * before build_info.h (which includes the user config, which may include
+ * system headers).
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_MBEDTLS_PLATFORM_REQUIREMENTS_H
+#define MBEDTLS_MBEDTLS_PLATFORM_REQUIREMENTS_H
+
+/* On Mingw-w64, force the use of a C99-compliant printf() and friends.
+ * This is necessary on older versions of Mingw and/or Windows runtimes
+ * where snprintf does not always zero-terminate the buffer, and does
+ * not support formats such as "%zu" for size_t and "%lld" for long long.
+ *
+ * Defining __USE_MINGW_ANSI_STDIO=0 may work and provide a small code size
+ * and performance benefit for some combinations of older Mingw and Windows
+ * versions. Do this at your own risk and make sure that least
+ * test_suite_debug passes.
+ */
+#if !defined(__USE_MINGW_ANSI_STDIO)
+#define __USE_MINGW_ANSI_STDIO 1
+#endif
+
+#endif /* MBEDTLS_MBEDTLS_PLATFORM_REQUIREMENTS_H */

library/ssl_misc.h

@@ -10,7 +10,7 @@
 #ifndef MBEDTLS_SSL_MISC_H
 #define MBEDTLS_SSL_MISC_H
 
-#include "tf_psa_crypto_common.h"
+#include "mbedtls_common.h"
 #include "mbedtls/build_info.h"
 
 #include "mbedtls/error.h"

library/x509_internal.h

@@ -10,7 +10,7 @@
 #ifndef MBEDTLS_X509_INTERNAL_H
 #define MBEDTLS_X509_INTERNAL_H
 
-#include "tf_psa_crypto_common.h"
+#include "mbedtls_common.h"
 #include "mbedtls/build_info.h"
 #include "mbedtls/private_access.h"
 

programs/ssl/ssl_client2.c

@@ -5,14 +5,8 @@
  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
-#define MBEDTLS_ALLOW_PRIVATE_ACCESS
-
-#include "mbedtls/private/pk_private.h"
-
 #include "ssl_test_lib.h"
 
-#include "test/psa_crypto_helpers.h"
-
 #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
 int main(void)
 {
@@ -27,6 +21,8 @@ int main(void)
 }
 #else /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_CLI_C */
 
+#include "test/psa_crypto_helpers.h"
+
 /* Size of memory to be allocated for the heap, when using the library's memory
  * management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */
 #define MEMORY_HEAP_SIZE      120000

programs/ssl/ssl_context_info.c

@@ -5,6 +5,15 @@
  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
+/* On Mingw-w64, force the use of a C99-compliant printf() and friends.
+ * This is necessary on older versions of Mingw and/or Windows runtimes
+ * where snprintf does not always zero-terminate the buffer, and does
+ * not support formats such as "%zu" for size_t and "%lld" for long long.
+ */
+#if !defined(__USE_MINGW_ANSI_STDIO)
+#define __USE_MINGW_ANSI_STDIO 1
+#endif
+
 #include "mbedtls/build_info.h"
 #include "mbedtls/debug.h"
 #include "mbedtls/platform.h"

programs/ssl/ssl_server2.c

@@ -5,8 +5,6 @@
  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
-#define MBEDTLS_ALLOW_PRIVATE_ACCESS
-
 #include "ssl_test_lib.h"
 
 #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)

programs/ssl/ssl_test_lib.h

@@ -8,6 +8,17 @@
 #ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H
 #define MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H
 
+/* On Mingw-w64, force the use of a C99-compliant printf() and friends.
+ * This is necessary on older versions of Mingw and/or Windows runtimes
+ * where snprintf does not always zero-terminate the buffer, and does
+ * not support formats such as "%zu" for size_t and "%lld" for long long.
+ */
+#if !defined(__USE_MINGW_ANSI_STDIO)
+#define __USE_MINGW_ANSI_STDIO 1
+#endif
+
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
+
 #include "mbedtls/private/pk_private.h"
 
 #include "mbedtls/build_info.h"

programs/test/selftest.c

@@ -5,6 +5,15 @@
  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
+/* On Mingw-w64, force the use of a C99-compliant printf() and friends.
+ * This is necessary on older versions of Mingw and/or Windows runtimes
+ * where snprintf does not always zero-terminate the buffer, and does
+ * not support formats such as "%zu" for size_t and "%lld" for long long.
+ */
+#if !defined(__USE_MINGW_ANSI_STDIO)
+#define __USE_MINGW_ANSI_STDIO 1
+#endif
+
 #define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
 
 #include "mbedtls/build_info.h"
@@ -441,8 +450,7 @@ int main(int argc, char *argv[])
             }                                                           \
         } else {                                                        \
             mbedtls_printf("Padding checks only implemented for types of size 2, 4 or 8" \
-                           " - cannot check type '" #TYPE "' of size %" MBEDTLS_PRINTF_SIZET \
-                           "\n",       \
+                           " - cannot check type '" #TYPE "' of size %zu\n", \
                            sizeof(TYPE));                                       \
             mbedtls_exit(MBEDTLS_EXIT_FAILURE);                       \
         }                                                               \

scripts/data_files/error.fmt

@@ -1,11 +1,11 @@
-/*
+/* -*-c-*-
  *  Error message information
  *
  *  Copyright The Mbed TLS Contributors
  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
-#include "tf_psa_crypto_common.h"
+#include "mbedtls_common.h"
 
 #include "mbedtls/error.h"
 

scripts/data_files/version_features.fmt

@@ -1,11 +1,11 @@
-/*
+/* -*-c-*-
  *  Version feature information
  *
  *  Copyright The Mbed TLS Contributors
  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
-#include "ssl_misc.h"
+#include "mbedtls_common.h"
 
 #if defined(MBEDTLS_VERSION_C)
 

tests/suites/test_suite_debug.data

@@ -1,12 +1,46 @@
 printf "%" MBEDTLS_PRINTF_SIZET, 0
 printf_int_expr:PRINTF_SIZET:sizeof(size_t):0:"0"
 
+printf "%" MBEDTLS_PRINTF_SIZET, 1 byte
+printf_int_expr:PRINTF_SIZET:sizeof(size_t):42:"42"
+
+printf "%" MBEDTLS_PRINTF_SIZET, 4 bytes
+printf_int_expr:PRINTF_SIZET:sizeof(size_t):0xfedcba98:"4275878552"
+
+printf "%" MBEDTLS_PRINTF_SIZET, 8 bytes
+depends_on:SIZE_MAX>=0xffffffffffffffff
+printf_int_expr:PRINTF_SIZET:sizeof(size_t):0xfedcba9876543210:"18364758544493064720"
+
 printf "%" MBEDTLS_PRINTF_LONGLONG, 0
 printf_int_expr:PRINTF_LONGLONG:sizeof(long long):0:"0"
 
+printf "%" MBEDTLS_PRINTF_LONGLONG, 1 byte
+printf_int_expr:PRINTF_LONGLONG:sizeof(long long):42:"42"
+
+printf "%" MBEDTLS_PRINTF_LONGLONG, 4 bytes
+printf_int_expr:PRINTF_LONGLONG:sizeof(long long):0xfedcba98:"4275878552"
+
+printf "%" MBEDTLS_PRINTF_LONGLONG, 8 bytes
+printf_int_expr:PRINTF_LONGLONG:sizeof(long long):0x7edcba9876543210:"9141386507638288912"
+
+printf "%" MBEDTLS_PRINTF_LONGLONG, 8 bytes, negative
+printf_int_expr:PRINTF_LONGLONG:sizeof(long long):-0x7edcba9876543210:"-9141386507638288912"
+
 printf "%" MBEDTLS_PRINTF_MS_TIME, 0
 printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):0:"0"
 
+printf "%" MBEDTLS_PRINTF_MS_TIME, 1 byte
+printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):42:"42"
+
+printf "%" MBEDTLS_PRINTF_MS_TIME, 4 bytes
+printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):0xfedcba98:"4275878552"
+
+printf "%" MBEDTLS_PRINTF_MS_TIME, 8 bytes
+printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):0x7edcba9876543210:"9141386507638288912"
+
+printf "%" MBEDTLS_PRINTF_MS_TIME, 8 bytes, negative
+printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):-0x7edcba9876543210:"-9141386507638288912"
+
 Debug print msg (threshold 1, level 0)
 debug_print_msg_threshold:1:0:"MyFile":999:"MyFile(0999)\: Text message, 2 == 2\n"
 

tests/suites/test_suite_debug.function

@@ -116,11 +116,11 @@ void printf_int_expr(int format_indicator, intmax_t sizeof_x, intmax_t x, char *
     /* Nominal case: buffer just large enough */
     TEST_CALLOC(output, n + 1);
     if ((size_t) sizeof_x <= sizeof(int)) { // Any smaller integers would be promoted to an int due to calling a vararg function
-        TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, (int) x));
+        TEST_EQUAL(n, mbedtls_debug_snprintf(output, n + 1, format, (int) x));
     } else if (sizeof_x == sizeof(long)) {
-        TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, (long) x));
+        TEST_EQUAL(n, mbedtls_debug_snprintf(output, n + 1, format, (long) x));
     } else if (sizeof_x == sizeof(long long)) {
-        TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, (long long) x));
+        TEST_EQUAL(n, mbedtls_debug_snprintf(output, n + 1, format, (long long) x));
     } else {
         TEST_FAIL(
             "sizeof_x <= sizeof(int) || sizeof_x == sizeof(long) || sizeof_x == sizeof(long long)");