Merge branch 'aws:main' into cbmc_6_minimal

.gitignore

@@ -40,3 +40,5 @@ build/
 result
 result-*
 *.class
+# Exclude rust build directories
+*target/

bindings/rust/s2n-tls/Cargo.toml

@@ -15,6 +15,7 @@ unstable-ktls = ["s2n-tls-sys/unstable-ktls"]
 quic = ["s2n-tls-sys/quic"]
 fips = ["s2n-tls-sys/fips"]
 pq = ["s2n-tls-sys/pq"]
+unstable-testing = []
 
 [dependencies]
 errno = { version = "0.3" }

bindings/rust/s2n-tls/src/lib.rs

@@ -27,5 +27,5 @@ pub mod security;
 
 pub use s2n_tls_sys as ffi;
 
-#[cfg(test)]
-mod testing;
+#[cfg(any(feature = "unstable-testing", test))]
+pub mod testing;

codebuild/bin/install_s2n_head.sh

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License").
@@ -12,31 +12,53 @@
 # express or implied. See the License for the specific language governing
 # permissions and limitations under the License.
 
-set -ex
-pushd "$(pwd)"
+set -eu
 
 usage() {
     echo "install_s2n_head.sh build_dir"
     exit 1
 }
 
+BUILD_DIR=$1
+SRC_ROOT=${SRC_ROOT:-$(pwd)}
+
 if [ "$#" -ne "1" ]; then
     usage
 fi
 
-BUILD_DIR=$1
-source codebuild/bin/jobs.sh
-cd "$BUILD_DIR"
-
-# Clone the most recent s2n commit
-git clone --depth=1 https://github.com/aws/s2n-tls s2n_head
-cmake ./s2n_head -Bbuild -DCMAKE_PREFIX_PATH="$LIBCRYPTO_ROOT" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=on -DBUILD_TESTING=on
-cmake --build ./build -- -j $JOBS
+clone(){
+    git clone --branch main --single-branch . "$SRC_ROOT"/s2n_head
+}
 
-# Copy new executables to bin directory
-cp -f "$BUILD_DIR"/build/bin/s2nc "$BASE_S2N_DIR"/bin/s2nc_head
-cp -f "$BUILD_DIR"/build/bin/s2nd "$BASE_S2N_DIR"/bin/s2nd_head
+# CMake(nix) and Make are using different directory structures.
+set +u
+if [[ "$IN_NIX_SHELL" ]]; then
+    export DEST_DIR="$SRC_ROOT"/build/bin
+    export EXTRA_BUILD_FLAGS=""
+else
+    export DEST_DIR="$SRC_ROOT"/bin
+    export EXTRA_BUILD_FLAGS="-DCMAKE_PREFIX_PATH=$LIBCRYPTO_ROOT"
+fi
+set -u
 
-popd
+# Cleanup any stale s2n_head clones.
+if [[ -d "$SRC_ROOT/s2n_head" ]]; then
+    now=$(date +%s)
+    last_modified=$(stat -c %Y s2n_head)
+    days_old=$(( (now - last_modified) / 86400))
+    if ((days_old > 1 )); then
+        echo "s2n_head is $days_old days old, removing and cloning again."
+        rm -rf s2n_head
+        clone
+    else
+        echo "s2n_head already exists and is $days_old days old."
+    fi
+else
+    clone
+fi
+cmake "$SRC_ROOT"/s2n_head -B"$BUILD_DIR" "$EXTRA_BUILD_FLAGS" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=on -DBUILD_TESTING=on
+cmake --build "$BUILD_DIR" -- -j "$(nproc)"
+cp -f "$BUILD_DIR"/bin/s2nc "$DEST_DIR"/s2nc_head
+cp -f "$BUILD_DIR"/bin/s2nd "$DEST_DIR"/s2nd_head
 
 exit 0

nix/shell.sh

@@ -28,7 +28,7 @@ libcrypto_alias libressl "${LIBRESSL_INSTALL_DIR}/bin/openssl"
 
 function clean {
     banner "Cleanup ./build"
-    rm -rf ./build
+    rm -rf ./build ./s2n_head
 }
 
 function configure {
@@ -47,6 +47,10 @@ function build {
     banner "Running Build"
     javac tests/integrationv2/bin/SSLSocketClient.java
     cmake --build ./build -j $(nproc)
+    # Build s2n from HEAD
+    if [[ -z "${S2N_KTLS_TESTING_EXPECTED}" ]]; then
+        $SRC_ROOT/codebuild/bin/install_s2n_head.sh $(mktemp -d)
+    fi
 }
 
 function unit {
@@ -60,21 +64,16 @@ function unit {
 function integ {
     if [ "$1" == "help" ]; then
         echo "The following tests are not supported:"
-        echo " - cross_compatibility"
-        echo "    This test depends on s2nc_head and s2nd_head. To run"
-        echo "    the test build s2n-tls from the main branch on github."
-        echo "    Change the names of s2n[cd] to s2n[cd]_head and add those"
-        echo "    binaries to \$PATH."
         echo "- renegotiate_apache"
         echo "   This test requires apache to be running. See codebuild/bin/s2n_apache.sh"
         echo "    for more info."
         return
     fi
     if [[ -z "$1" ]]; then
-        banner "Running all integ tests except cross_compatibility, renegotiate_apache."
+        banner "Running all integ tests except renegotiate_apache."
         (cd $SRC_ROOT/build; ctest -L integrationv2 -E "(integrationv2_cross_compatibility|integrationv2_renegotiate_apache)" --verbose)
     else
-        banner "Warning: cross_compatibility & renegotiate_apache are not supported in nix for various reasons integ help for more info."
+        banner "Warning: renegotiate_apache is not supported in nix for various reasons integ help for more info."
         for test in $@; do
             ctest --test-dir ./build -L integrationv2 --no-tests=error --output-on-failure -R "$test" --verbose
             if [ "$?" -ne 0 ]; then

tests/regression/Cargo.toml

@@ -0,0 +1,14 @@
+[package]
+name = "regression"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
+s2n-tls = { path = "../../bindings/rust/s2n-tls", features = ["unstable-testing"] }
+bytes = { version = "1", optional = true }
+errno = { version = "0.3" }
+libc = "0.2"
+crabgrind = "0.1"
+futures-test = "0.3.30"
+[profile.release]
+debug = true

tests/regression/README.md

@@ -0,0 +1,106 @@
+# Regression Testing for s2n-tls
+
+This folder contains regression tests and benchmarking tools for the `s2n-tls` library. The tests focus on various aspects of TLS connections.
+
+## Testing Philosophy
+
+Currently, s2n-tls implements a wall clock benchmarking tool which measures end-to-end handshake performance to compare s2n-tls with rustls and OpenSSL. In the past, s2n-tls has tried benchmarking to detect regressions through criterion in Rust, but the subprocess and spin-up time contributed to performance measurement which made the results inaccurate and difficult to use in CI. The project has a slightly different focus, learning from these existing tools. Performance assertion in s2n-tls focuses on a benchmarking tool that can detail performance by API path and do so with enough repeatability and accuracy to detect regressions between two versions of s2n-tls so that performance analysis can occur at PR time. This means that the scope of each harness is limited and mutually exclusive of other harnesses since we are intersted in measuring the performance of the important paths a TLS connection typically follows. 
+## Contents
+
+1. **lib.rs**
+   - **test_set_config**: Builds a new s2n-tls config with a security policy, host callback and certs
+   - **test_rsa_handshake**: Performs an RSA handshake in s2n-tls.
+
+2. **Cargo.toml**
+   - The configuration file for building and running the regression tests using Cargo.
+
+
+## Prerequisites
+
+Ensure you have the following installed:
+- Rust (with Cargo)
+- Valgrind (for cachegrind instrumentation)
+
+## Running the Harnesses with Valgrind (scalar performance)
+To run the harnesses with Valgrind and store the annotated results, run:
+
+```
+ENABLE_VALGRIND = true cargo test
+```
+
+This will recursively call all tests with valgrind enabled so the performance output is generated and stored
+## Running the tests w/o Valgrind
+
+```
+cargo test
+```
+
+This will run the tests without valgrind to test if the process completes as expected
+## Sample Output for Valgrind test
+
+Running the test will run all harnesses and fail if any number of harnesses exceed the performance threshold. For example, a regression test faliure could look like:
+```
+---- tests::test_set_security_policy_and_build stdout ----
+Running command: valgrind --tool=cachegrind --cachegrind-out-file=cachegrind_test_set_security_policy_and_build.out /home/ubuntu/proj/s2n/tests/regression/target/debug/deps/regression-7c7d86aeafe3b426 test_set_security_policy_and_build
+Running command: cg_annotate cachegrind_test_set_security_policy_and_build.out > perf_outputs/test_set_security_policy_and_build.annotated.txt
+thread 'tests::test_set_security_policy_and_build' panicked at src/lib.rs:174:9:
+Instruction count difference in test_set_security_policy_and_build exceeds the threshold, regression of 13975865 instructions
+note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
+
+---- tests::test_rsa_handshake stdout ----
+Running command: valgrind --tool=cachegrind --cachegrind-out-file=cachegrind_test_rsa_handshake.out /home/ubuntu/proj/s2n/tests/regression/target/debug/deps/regression-7c7d86aeafe3b426 test_rsa_handshake
+Running command: cg_annotate cachegrind_test_rsa_handshake.out > perf_outputs/test_rsa_handshake.annotated.txt
+thread 'tests::test_rsa_handshake' panicked at src/lib.rs:174:9:
+Instruction count difference in test_rsa_handshake exceeds the threshold, regression of 51176459 instructions
+
+
+failures:
+    tests::test_rsa_handshake
+    tests::test_set_security_policy_and_build
+```
+
+It also produces annotated cachegrind files stored in the `perf_ouput` directory which detail the instruction counts, how many instructions a particular file/function account for, and the contribution of individual lines of code to the overall instruction count. For example, these are the first few lines of the output generated for 'test_rsa_handshake.annotated.txt':
+
+```
+--------------------------------------------------------------------------------
+-- Summary
+--------------------------------------------------------------------------------
+Ir_________________ 
+
+79,270,744 (100.0%)  PROGRAM TOTALS
+
+--------------------------------------------------------------------------------
+-- File:function summary
+--------------------------------------------------------------------------------
+  Ir_______________________  file:function
+
+< 71,798,872 (90.6%, 90.6%)  /home/ubuntu/.cargo/registry/src/index.crates.io-6f17d22bba15001f/aws-lc-sys-0.19.0/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/x86_64-mont5.S:
+  54,908,926 (69.3%)           aws_lc_0_19_0_bn_sqr8x_internal
+  15,699,024 (19.8%)           mul4x_internal
+   1,114,840  (1.4%)           __bn_post4x_internal
+
+<  1,551,316  (2.0%, 92.5%)  /home/ubuntu/.cargo/registry/src/index.crates.io-6f17d22bba15001f/aws-lc-sys-0.19.0/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/p256-x86_64-asm.S:
+     676,336  (0.9%)           __ecp_nistz256_mul_montq
+     475,750  (0.6%)           __ecp_nistz256_sqr_montq
+      95,732  (0.1%)           aws_lc_0_19_0_ecp_nistz256_point_double
+
+<    833,553  (1.1%, 93.6%)  /home/ubuntu/.cargo/registry/src/index.crates.io-6f17d22bba15001f/aws-lc-sys-0.19.0/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/sha256-x86_64.S:
+     830,671  (1.0%)           sha256_block_data_order_avx
+
+<    557,697  (0.7%, 94.3%)  /home/ubuntu/.cargo/registry/src/index.crates.io-6f17d22bba15001f/aws-lc-sys-0.19.0/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/x86_64-mont.S:
+     493,032  (0.6%)           bn_mul4x_mont
+
+```
+
+### Understanding the Annotated Output
+The total instruction counts are listed at the top, and segmented by file:function beneath it. When comparing versions of s2n-tls (during PR workflow or otherwise) this can be useful to pinpoint the source of instruction count difference to inform you on how changes to the code impact performance. This [link](https://valgrind.org/docs/manual/cg-manual.html#cg-manual.running-cg_annotate:~:text=Information%20Source%20Code%20Documentation%20Contact%20How%20to%20Help%20Gallery,5.2.3.%C2%A0Running%20cg_annotate,-Before%20using%20cg_annotate) provides a more detailed description to fully understand the output file. 
+
+## Test Details
+
+### test_set_config
+
+Configures and creates a new s2n-tls configuration with a specified security policy and loads a certificate key pair. Ensures the configuration is valid and can be built.
+
+### test_rsa_handshake
+
+Performs an RSA handshake in s2n-tls and validates the handshake process utilizing rsa_4096_sha512.