diff --git a/CMakeLists.txt b/CMakeLists.txt index 46d06c21ea..66f52fe754 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -65,7 +65,6 @@ set(MBEDTLS_FRAMEWORK_DIR ${CMAKE_CURRENT_SOURCE_DIR}/framework) option(ENABLE_PROGRAMS "Build Mbed TLS programs." ON) -option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF) option(MBEDTLS_FATAL_WARNINGS "Compiler warnings treated as errors" ON) if(CMAKE_HOST_WIN32) # N.B. The comment on the next line is significant! If you change it, @@ -213,36 +212,49 @@ include(CheckCCompilerFlag) set(CMAKE_C_EXTENSIONS OFF) set(CMAKE_C_STANDARD 99) -if(CMAKE_COMPILER_IS_GNU) +function(set_base_compile_options target) + if(CMAKE_COMPILER_IS_GNU) + set_gnu_base_compile_options(${target}) + elseif(CMAKE_COMPILER_IS_CLANG) + set_clang_base_compile_options(${target}) + elseif(CMAKE_COMPILER_IS_IAR) + set_iar_base_compile_options(${target}) + elseif(CMAKE_COMPILER_IS_MSVC) + set_msvc_base_compile_options(${target}) + endif() +endfunction(set_base_compile_options) + +function(set_gnu_base_compile_options target) # some warnings we want are not available with old GCC versions # note: starting with CMake 2.8 we could use CMAKE_C_COMPILER_VERSION execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion OUTPUT_VARIABLE GCC_VERSION) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wmissing-prototypes") + target_compile_options(${target} PRIVATE -Wall -Wextra -Wwrite-strings -Wmissing-prototypes) if (GCC_VERSION VERSION_GREATER 3.0 OR GCC_VERSION VERSION_EQUAL 3.0) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat=2 -Wno-format-nonliteral") + target_compile_options(${target} PRIVATE -Wformat=2 -Wno-format-nonliteral) endif() if (GCC_VERSION VERSION_GREATER 4.3 OR GCC_VERSION VERSION_EQUAL 4.3) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wvla") + target_compile_options(${target} PRIVATE -Wvla) endif() if (GCC_VERSION VERSION_GREATER 4.5 OR GCC_VERSION VERSION_EQUAL 4.5) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wlogical-op") + target_compile_options(${target} PRIVATE -Wlogical-op) endif() if (GCC_VERSION VERSION_GREATER 4.8 OR GCC_VERSION VERSION_EQUAL 4.8) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow") + target_compile_options(${target} PRIVATE -Wshadow) endif() if (GCC_VERSION VERSION_GREATER 5.0) CHECK_C_COMPILER_FLAG("-Wformat-signedness" C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS) if(C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-signedness") + target_compile_options(${target} PRIVATE -Wformat-signedness) endif() endif() if (GCC_VERSION VERSION_GREATER 7.0 OR GCC_VERSION VERSION_EQUAL 7.0) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-overflow=2 -Wformat-truncation") + target_compile_options(${target} PRIVATE -Wformat-overflow=2 -Wformat-truncation) endif() - set(CMAKE_C_FLAGS_RELEASE "-O2") - set(CMAKE_C_FLAGS_DEBUG "-O0 -g3") - set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") + target_compile_options(${target} PRIVATE $<$:-O2>) + target_compile_options(${target} PRIVATE $<$:-O0 -g3>) + target_compile_options(${target} PRIVATE $<$:-O0 -g3 --coverage>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_COVERAGE "--coverage") # Old GCC versions hit a performance problem with test_suite_pkwrite # "Private keey write check EC" tests when building with Asan+UBSan # and -O3: those tests take more than 100x time than normal, with @@ -251,63 +263,70 @@ if(CMAKE_COMPILER_IS_GNU) # GCC 7.5 and above on Ubuntu 18.04 appear fine. # To avoid the performance problem, we use -O2 when GCC version is lower than 7.0. # It doesn't slow down much even with modern compiler versions. + target_compile_options(${target} PRIVATE $<$:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all>) if (GCC_VERSION VERSION_LESS 7.0) - message(STATUS "USING O2") - set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O2") + target_compile_options(${target} PRIVATE $<$:-O2>) else() - message(STATUS "USING O3") - set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") + target_compile_options(${target} PRIVATE $<$:-O3>) endif() - set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") - set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -O3") - set(CMAKE_C_FLAGS_TSANDBG "-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") - set(CMAKE_C_FLAGS_CHECK "-Os") - set(CMAKE_C_FLAGS_CHECKFULL "${CMAKE_C_FLAGS_CHECK} -Wcast-qual") -endif(CMAKE_COMPILER_IS_GNU) + set_target_properties(${target} PROPERTIES LINK_FLAGS_ASAN "-fsanitize=address -fsanitize=undefined") + target_compile_options(${target} PRIVATE $<$:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_ASANDBG "-fsanitize=address -fsanitize=undefined") + target_compile_options(${target} PRIVATE $<$:-fsanitize=thread -O3>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_TSAN "-fsanitize=thread") + target_compile_options(${target} PRIVATE $<$:-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_TSANDBG "-fsanitize=thread") + target_compile_options(${target} PRIVATE $<$:-Os>) + target_compile_options(${target} PRIVATE $<$:-Os -Wcast-qual>) -if(CMAKE_COMPILER_IS_CLANG) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wmissing-prototypes -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral") - set(CMAKE_C_FLAGS_RELEASE "-O2") - set(CMAKE_C_FLAGS_DEBUG "-O0 -g3") - set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") - set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") - set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") - set(CMAKE_C_FLAGS_MEMSAN "-fsanitize=memory -O3") - set(CMAKE_C_FLAGS_MEMSANDBG "-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2") - set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -O3") - set(CMAKE_C_FLAGS_TSANDBG "-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") - set(CMAKE_C_FLAGS_CHECK "-Os") -endif(CMAKE_COMPILER_IS_CLANG) + if(MBEDTLS_FATAL_WARNINGS) + target_compile_options(${target} PRIVATE -Werror) + endif(MBEDTLS_FATAL_WARNINGS) +endfunction(set_gnu_base_compile_options) -if(CMAKE_COMPILER_IS_IAR) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts") - set(CMAKE_C_FLAGS_RELEASE "-Ohz") - set(CMAKE_C_FLAGS_DEBUG "--debug -On") -endif(CMAKE_COMPILER_IS_IAR) +function(set_clang_base_compile_options target) + target_compile_options(${target} PRIVATE -Wall -Wextra -Wwrite-strings -Wmissing-prototypes -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral) + target_compile_options(${target} PRIVATE $<$:-O2>) + target_compile_options(${target} PRIVATE $<$:-O0 -g3>) + target_compile_options(${target} PRIVATE $<$:-O0 -g3 --coverage>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_COVERAGE "--coverage") + target_compile_options(${target} PRIVATE $<$:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_ASAN "-fsanitize=address -fsanitize=undefined") + target_compile_options(${target} PRIVATE $<$:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_ASANDBG "-fsanitize=address -fsanitize=undefined") + target_compile_options(${target} PRIVATE $<$:-fsanitize=memory>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_MEMSAN "-fsanitize=memory") + target_compile_options(${target} PRIVATE $<$:-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_MEMSANDBG "-fsanitize=memory") + target_compile_options(${target} PRIVATE $<$:-fsanitize=thread -O3>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_TSAN "-fsanitize=thread") + target_compile_options(${target} PRIVATE $<$:-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_TSANDBG "-fsanitize=thread") + target_compile_options(${target} PRIVATE $<$:-Os>) -if(CMAKE_COMPILER_IS_MSVC) + if(MBEDTLS_FATAL_WARNINGS) + target_compile_options(${target} PRIVATE -Werror) + endif(MBEDTLS_FATAL_WARNINGS) +endfunction(set_clang_base_compile_options) + +function(set_iar_base_compile_options target) + target_compile_options(${target} PRIVATE --warn_about_c_style_casts) + target_compile_options(${target} PRIVATE $<$:-Ohz>) + target_compile_options(${target} PRIVATE $<$:--debug -On>) + + if(MBEDTLS_FATAL_WARNINGS) + target_compile_options(${target} PRIVATE --warnings_are_errors) + endif(MBEDTLS_FATAL_WARNINGS) +endfunction(set_iar_base_compile_options) + +function(set_msvc_base_compile_options target) # Strictest warnings, UTF-8 source and execution charset - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3 /utf-8") -endif(CMAKE_COMPILER_IS_MSVC) + target_compile_options(${target} PRIVATE /W3 /utf-8) -if(MBEDTLS_FATAL_WARNINGS) - if(CMAKE_COMPILER_IS_MSVC) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX") - endif(CMAKE_COMPILER_IS_MSVC) - - if(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror") - if(UNSAFE_BUILD) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-error=cpp") - set(CMAKE_C_FLAGS_ASAN "${CMAKE_C_FLAGS_ASAN} -Wno-error=cpp") - set(CMAKE_C_FLAGS_ASANDBG "${CMAKE_C_FLAGS_ASANDBG} -Wno-error=cpp") - endif(UNSAFE_BUILD) - endif(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU) - - if (CMAKE_COMPILER_IS_IAR) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warnings_are_errors") - endif(CMAKE_COMPILER_IS_IAR) -endif(MBEDTLS_FATAL_WARNINGS) + if(MBEDTLS_FATAL_WARNINGS) + target_compile_options(${target} PRIVATE /WX) + endif(MBEDTLS_FATAL_WARNINGS) +endfunction(set_msvc_base_compile_options) if(CMAKE_BUILD_TYPE STREQUAL "Check" AND TEST_CPP) set(CMAKE_CXX_STANDARD 11) @@ -318,12 +337,6 @@ if(CMAKE_BUILD_TYPE STREQUAL "Check" AND TEST_CPP) endif() endif() -if(CMAKE_BUILD_TYPE STREQUAL "Coverage") - if(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG) - set(CMAKE_SHARED_LINKER_FLAGS "--coverage") - endif(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG) -endif(CMAKE_BUILD_TYPE STREQUAL "Coverage") - if (NOT EXISTS "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt") message(FATAL_ERROR "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt not found. Run `git submodule update --init` from the source tree to fetch the submodule contents.") endif() @@ -356,6 +369,7 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/*.c ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/drivers/*.c) add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES}) + set_base_compile_options(mbedtls_test) if(GEN_FILES) add_custom_command( OUTPUT @@ -401,6 +415,7 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) file(GLOB MBEDTLS_TEST_HELPER_FILES ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_helpers/*.c) add_library(mbedtls_test_helpers OBJECT ${MBEDTLS_TEST_HELPER_FILES}) + set_base_compile_options(mbedtls_test_helpers) target_include_directories(mbedtls_test_helpers PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 0415c6565b..1e09d31c57 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -89,11 +89,11 @@ else() endif() if(CMAKE_COMPILER_IS_GNUCC) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations") + set(LIBS_C_FLAGS -Wmissing-declarations) endif(CMAKE_COMPILER_IS_GNUCC) if(CMAKE_COMPILER_IS_CLANG) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code") + set(LIBS_C_FLAGS -Wmissing-declarations -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code) endif(CMAKE_COMPILER_IS_CLANG) if(CMAKE_COMPILER_IS_MSVC) @@ -153,20 +153,28 @@ endif() if(USE_STATIC_MBEDTLS_LIBRARY) add_library(${mbedx509_static_target} STATIC ${src_x509}) + set_base_compile_options(${mbedx509_static_target}) + target_compile_options(${mbedx509_static_target} PRIVATE ${LIBS_C_FLAGS}) set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509) target_link_libraries(${mbedx509_static_target} PUBLIC ${libs} ${mbedcrypto_static_target}) add_library(${mbedtls_static_target} STATIC ${src_tls}) + set_base_compile_options(${mbedtls_static_target}) + target_compile_options(${mbedtls_static_target} PRIVATE ${LIBS_C_FLAGS}) set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls) target_link_libraries(${mbedtls_static_target} PUBLIC ${libs} ${mbedx509_static_target}) endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) add_library(${mbedx509_target} SHARED ${src_x509}) + set_base_compile_options(${mbedx509_target}) + target_compile_options(${mbedx509_target} PRIVATE ${LIBS_C_FLAGS}) set_target_properties(${mbedx509_target} PROPERTIES VERSION 4.0.0 SOVERSION 7) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) add_library(${mbedtls_target} SHARED ${src_tls}) + set_base_compile_options(${mbedtls_target}) + target_compile_options(${mbedtls_target} PRIVATE ${LIBS_C_FLAGS}) set_target_properties(${mbedtls_target} PROPERTIES VERSION 4.0.0 SOVERSION 21) target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) endif(USE_SHARED_MBEDTLS_LIBRARY) diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt index 4d4c890fbf..b6dde7199c 100644 --- a/programs/aes/CMakeLists.txt +++ b/programs/aes/CMakeLists.txt @@ -5,6 +5,7 @@ add_dependencies(${programs_target} ${executables}) foreach(exe IN LISTS executables) add_executable(${exe} ${exe}.c $) + set_base_compile_options(${exe}) target_link_libraries(${exe} ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT}) target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() diff --git a/programs/cipher/CMakeLists.txt b/programs/cipher/CMakeLists.txt index effaf8a931..7d4e4525eb 100644 --- a/programs/cipher/CMakeLists.txt +++ b/programs/cipher/CMakeLists.txt @@ -5,6 +5,7 @@ add_dependencies(${programs_target} ${executables}) foreach(exe IN LISTS executables) add_executable(${exe} ${exe}.c $) + set_base_compile_options(${exe}) target_link_libraries(${exe} ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT}) target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() diff --git a/programs/fuzz/CMakeLists.txt b/programs/fuzz/CMakeLists.txt index f5358ffff6..44fff9a348 100644 --- a/programs/fuzz/CMakeLists.txt +++ b/programs/fuzz/CMakeLists.txt @@ -40,6 +40,7 @@ foreach(exe IN LISTS executables_no_common_c executables_with_common_c) endif() add_executable(${exe} ${exe_sources}) + set_base_compile_options(${exe}) target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) if (NOT FUZZINGENGINE_LIB) diff --git a/programs/hash/CMakeLists.txt b/programs/hash/CMakeLists.txt index 0ad974d9a9..c27c4e7153 100644 --- a/programs/hash/CMakeLists.txt +++ b/programs/hash/CMakeLists.txt @@ -7,6 +7,7 @@ add_dependencies(${programs_target} ${executables}) foreach(exe IN LISTS executables) add_executable(${exe} ${exe}.c $) + set_base_compile_options(${exe}) target_link_libraries(${exe} ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT}) target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt index defbe281d9..9caec87325 100644 --- a/programs/pkey/CMakeLists.txt +++ b/programs/pkey/CMakeLists.txt @@ -6,6 +6,7 @@ add_dependencies(${programs_target} ${executables_mbedtls}) foreach(exe IN LISTS executables_mbedtls) add_executable(${exe} ${exe}.c $) + set_base_compile_options(${exe}) target_link_libraries(${exe} ${mbedtls_target} ${CMAKE_THREAD_LIBS_INIT}) target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() @@ -34,6 +35,7 @@ add_dependencies(${programs_target} ${executables_mbedcrypto}) foreach(exe IN LISTS executables_mbedcrypto) add_executable(${exe} ${exe}.c $) + set_base_compile_options(${exe}) target_link_libraries(${exe} ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT}) target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt index cfc983c19c..707de434fc 100644 --- a/programs/psa/CMakeLists.txt +++ b/programs/psa/CMakeLists.txt @@ -29,6 +29,7 @@ endif() foreach(exe IN LISTS executables) add_executable(${exe} ${exe}.c $) + set_base_compile_options(${exe}) target_link_libraries(${exe} ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT}) target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 2734ceb7fb..0ea434fc5f 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -392,6 +392,7 @@ static psa_status_t wrap_data(const char *input_file_name, input_file = NULL; /* Construct a header. */ + memset(&header, 0, sizeof(header)); memcpy(&header.magic, WRAPPED_DATA_MAGIC, WRAPPED_DATA_MAGIC_LENGTH); header.ad_size = sizeof(header); header.payload_size = input_size; diff --git a/programs/random/CMakeLists.txt b/programs/random/CMakeLists.txt index f0c78259ff..a83bf9ea35 100644 --- a/programs/random/CMakeLists.txt +++ b/programs/random/CMakeLists.txt @@ -6,6 +6,7 @@ add_dependencies(${programs_target} ${executables}) foreach(exe IN LISTS executables) add_executable(${exe} ${exe}.c $) + set_base_compile_options(${exe}) target_link_libraries(${exe} ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT}) target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt index 02010d8a7f..6919a8e04e 100644 --- a/programs/ssl/CMakeLists.txt +++ b/programs/ssl/CMakeLists.txt @@ -40,6 +40,7 @@ foreach(exe IN LISTS executables) endif() add_executable(${exe} ${exe}.c $ ${extra_sources}) + set_base_compile_options(${exe}) target_link_libraries(${exe} ${libs} ${CMAKE_THREAD_LIBS_INIT}) target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) if(exe STREQUAL "ssl_client2" OR exe STREQUAL "ssl_server2") @@ -53,6 +54,7 @@ endforeach() if(THREADS_FOUND) add_executable(ssl_pthread_server ssl_pthread_server.c $) + set_base_compile_options(ssl_pthread_server) target_include_directories(ssl_pthread_server PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) target_link_libraries(ssl_pthread_server ${libs} ${CMAKE_THREAD_LIBS_INIT}) list(APPEND executables ssl_pthread_server) diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 928ab49b28..83bc9bf30b 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -29,6 +29,7 @@ if(TEST_CPP) WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}" ) add_executable(cpp_dummy_build "${cpp_dummy_build_cpp}") + set_base_compile_options(cpp_dummy_build) target_include_directories(cpp_dummy_build PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tf-psa-crypto/include @@ -39,6 +40,7 @@ endif() if(USE_SHARED_MBEDTLS_LIBRARY AND NOT ${CMAKE_SYSTEM_NAME} MATCHES "[Ww][Ii][Nn]") add_executable(dlopen "dlopen.c") + set_base_compile_options(dlopen) target_include_directories(dlopen PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tf-psa-crypto/include @@ -82,6 +84,7 @@ foreach(exe IN LISTS executables_libs executables_mbedcrypto) endif() add_executable(${exe} ${exe}.c $ ${extra_sources}) + set_base_compile_options(${exe}) target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) target_include_directories(${exe} diff --git a/programs/util/CMakeLists.txt b/programs/util/CMakeLists.txt index 9ceb13f7cf..ac713dce2e 100644 --- a/programs/util/CMakeLists.txt +++ b/programs/util/CMakeLists.txt @@ -11,6 +11,7 @@ add_dependencies(${programs_target} ${executables}) foreach(exe IN LISTS executables) add_executable(${exe} ${exe}.c $) + set_base_compile_options(${exe}) target_link_libraries(${exe} ${libs} ${CMAKE_THREAD_LIBS_INIT}) target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() diff --git a/programs/x509/CMakeLists.txt b/programs/x509/CMakeLists.txt index a09813c917..a31bada7fd 100644 --- a/programs/x509/CMakeLists.txt +++ b/programs/x509/CMakeLists.txt @@ -14,6 +14,7 @@ add_dependencies(${programs_target} ${executables}) foreach(exe IN LISTS executables) add_executable(${exe} ${exe}.c $) + set_base_compile_options(${exe}) target_link_libraries(${exe} ${libs} ${CMAKE_THREAD_LIBS_INIT}) target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index a9d5c842b8..8318e8bf3b 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -156,6 +156,8 @@ function(add_test_suite suite_name) add_executable(test_suite_${data_name} test_suite_${data_name}.c $ $) + set_base_compile_options(test_suite_${data_name}) + target_compile_options(test_suite_${data_name} PRIVATE ${TEST_C_FLAGS}) add_dependencies(test_suite_${data_name} ${dependency}) target_link_libraries(test_suite_${data_name} ${libs}) # Include test-specific header files from ./include and private header @@ -183,13 +185,12 @@ endfunction(add_test_suite) add_definitions("-D_POSIX_C_SOURCE=200809L") if(CMAKE_COMPILER_IS_CLANG) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code") + set(TEST_C_FLAGS -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code) endif(CMAKE_COMPILER_IS_CLANG) if(MSVC) # If a warning level has been defined, suppress all warnings for test code - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W0") - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX-") + set(TEST_C_FLAGS /W0 /WX-) endif(MSVC) file(GLOB test_suites RELATIVE "${CMAKE_CURRENT_SOURCE_DIR}" suites/*.data) diff --git a/tf-psa-crypto/TF-PSA-Crypto.cmake b/tf-psa-crypto/TF-PSA-Crypto.cmake index b96dab210e..13b7a45bf0 100644 --- a/tf-psa-crypto/TF-PSA-Crypto.cmake +++ b/tf-psa-crypto/TF-PSA-Crypto.cmake @@ -29,7 +29,6 @@ ADD_CUSTOM_TARGET(${TF_PSA_CRYPTO_TARGET_PREFIX}apidoc option(ENABLE_PROGRAMS "Build TF-PSA-Crypto programs." ON) -option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF) option(TF_PSA_CRYPTO_FATAL_WARNINGS "Compiler warnings treated as errors" ON) if(CMAKE_HOST_WIN32) # N.B. The comment on the next line is significant! If you change it, @@ -178,87 +177,121 @@ include(CheckCCompilerFlag) set(CMAKE_C_EXTENSIONS OFF) set(CMAKE_C_STANDARD 99) -if(CMAKE_COMPILER_IS_GNU) +function(set_base_compile_options target) + if(CMAKE_COMPILER_IS_GNU) + set_gnu_base_compile_options(${target}) + elseif(CMAKE_COMPILER_IS_CLANG) + set_clang_base_compile_options(${target}) + elseif(CMAKE_COMPILER_IS_IAR) + set_iar_base_compile_options(${target}) + elseif(CMAKE_COMPILER_IS_MSVC) + set_msvc_base_compile_options(${target}) + endif() +endfunction(set_base_compile_options) + +function(set_gnu_base_compile_options target) # some warnings we want are not available with old GCC versions # note: starting with CMake 2.8 we could use CMAKE_C_COMPILER_VERSION execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion OUTPUT_VARIABLE GCC_VERSION) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wmissing-prototypes") + target_compile_options(${target} PRIVATE -Wall -Wextra -Wwrite-strings -Wmissing-prototypes) if (GCC_VERSION VERSION_GREATER 3.0 OR GCC_VERSION VERSION_EQUAL 3.0) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat=2 -Wno-format-nonliteral") + target_compile_options(${target} PRIVATE -Wformat=2 -Wno-format-nonliteral) endif() if (GCC_VERSION VERSION_GREATER 4.3 OR GCC_VERSION VERSION_EQUAL 4.3) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wvla") + target_compile_options(${target} PRIVATE -Wvla) endif() if (GCC_VERSION VERSION_GREATER 4.5 OR GCC_VERSION VERSION_EQUAL 4.5) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wlogical-op") + target_compile_options(${target} PRIVATE -Wlogical-op) endif() if (GCC_VERSION VERSION_GREATER 4.8 OR GCC_VERSION VERSION_EQUAL 4.8) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow") + target_compile_options(${target} PRIVATE -Wshadow) endif() if (GCC_VERSION VERSION_GREATER 5.0) CHECK_C_COMPILER_FLAG("-Wformat-signedness" C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS) if(C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-signedness") + target_compile_options(${target} PRIVATE -Wformat-signedness) endif() endif() if (GCC_VERSION VERSION_GREATER 7.0 OR GCC_VERSION VERSION_EQUAL 7.0) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-overflow=2 -Wformat-truncation") + target_compile_options(${target} PRIVATE -Wformat-overflow=2 -Wformat-truncation) endif() - set(CMAKE_C_FLAGS_RELEASE "-O2") - set(CMAKE_C_FLAGS_DEBUG "-O0 -g3") - set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") - set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") - set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") - set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -O3") - set(CMAKE_C_FLAGS_TSANDBG "-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") - set(CMAKE_C_FLAGS_CHECK "-Os") - set(CMAKE_C_FLAGS_CHECKFULL "${CMAKE_C_FLAGS_CHECK} -Wcast-qual") -endif(CMAKE_COMPILER_IS_GNU) + target_compile_options(${target} PRIVATE $<$:-O2>) + target_compile_options(${target} PRIVATE $<$:-O0 -g3>) + target_compile_options(${target} PRIVATE $<$:-O0 -g3 --coverage>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_COVERAGE "--coverage") + # Old GCC versions hit a performance problem with test_suite_pkwrite + # "Private keey write check EC" tests when building with Asan+UBSan + # and -O3: those tests take more than 100x time than normal, with + # test_suite_pkwrite taking >3h on the CI. Observed with GCC 5.4 on + # Ubuntu 16.04 x86_64 and GCC 6.5 on Ubuntu 18.04 x86_64. + # GCC 7.5 and above on Ubuntu 18.04 appear fine. + # To avoid the performance problem, we use -O2 when GCC version is lower than 7.0. + # It doesn't slow down much even with modern compiler versions. + target_compile_options(${target} PRIVATE $<$:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all>) + if (GCC_VERSION VERSION_LESS 7.0) + target_compile_options(${target} PRIVATE $<$:-O2>) + else() + target_compile_options(${target} PRIVATE $<$:-O3>) + endif() + set_target_properties(${target} PROPERTIES LINK_FLAGS_ASAN "-fsanitize=address -fsanitize=undefined") + target_compile_options(${target} PRIVATE $<$:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_ASANDBG "-fsanitize=address -fsanitize=undefined") + target_compile_options(${target} PRIVATE $<$:-fsanitize=thread -O3>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_TSAN "-fsanitize=thread") + target_compile_options(${target} PRIVATE $<$:-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_TSANDBG "-fsanitize=thread") + target_compile_options(${target} PRIVATE $<$:-Os>) + target_compile_options(${target} PRIVATE $<$:-Os -Wcast-qual>) -if(CMAKE_COMPILER_IS_CLANG) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wmissing-prototypes -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral") - set(CMAKE_C_FLAGS_RELEASE "-O2") - set(CMAKE_C_FLAGS_DEBUG "-O0 -g3") - set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") - set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") - set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") - set(CMAKE_C_FLAGS_MEMSAN "-fsanitize=memory -O3") - set(CMAKE_C_FLAGS_MEMSANDBG "-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2") - set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -O3") - set(CMAKE_C_FLAGS_TSANDBG "-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") - set(CMAKE_C_FLAGS_CHECK "-Os") -endif(CMAKE_COMPILER_IS_CLANG) + if(TF_PSA_CRYPTO_FATAL_WARNINGS) + target_compile_options(${target} PRIVATE -Werror) + endif(TF_PSA_CRYPTO_FATAL_WARNINGS) +endfunction(set_gnu_base_compile_options) -if(CMAKE_COMPILER_IS_IAR) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts") - set(CMAKE_C_FLAGS_RELEASE "-Ohz") - set(CMAKE_C_FLAGS_DEBUG "--debug -On") -endif(CMAKE_COMPILER_IS_IAR) +function(set_clang_base_compile_options target) + target_compile_options(${target} PRIVATE -Wall -Wextra -Wwrite-strings -Wmissing-prototypes -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral) + target_compile_options(${target} PRIVATE $<$:-O2>) + target_compile_options(${target} PRIVATE $<$:-O0 -g3>) + target_compile_options(${target} PRIVATE $<$:-O0 -g3 --coverage>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_COVERAGE "--coverage") + target_compile_options(${target} PRIVATE $<$:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_ASAN "-fsanitize=address -fsanitize=undefined") + target_compile_options(${target} PRIVATE $<$:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_ASANDBG "-fsanitize=address -fsanitize=undefined") + target_compile_options(${target} PRIVATE $<$:-fsanitize=memory>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_MEMSAN "-fsanitize=memory") + target_compile_options(${target} PRIVATE $<$:-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_MEMSANDBG "-fsanitize=memory") + target_compile_options(${target} PRIVATE $<$:-fsanitize=thread -O3>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_TSAN "-fsanitize=thread") + target_compile_options(${target} PRIVATE $<$:-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>) + set_target_properties(${target} PROPERTIES LINK_FLAGS_TSANDBG "-fsanitize=thread") + target_compile_options(${target} PRIVATE $<$:-Os>) -if(CMAKE_COMPILER_IS_MSVC) + if(MBEDTLS_FATAL_WARNINGS) + target_compile_options(${target} PRIVATE -Werror) + endif(MBEDTLS_FATAL_WARNINGS) +endfunction(set_clang_base_compile_options) + +function(set_iar_base_compile_options target) + target_compile_options(${target} PRIVATE --warn_about_c_style_casts) + target_compile_options(${target} PRIVATE $<$:-Ohz>) + target_compile_options(${target} PRIVATE $<$:--debug -On>) + + if(MBEDTLS_FATAL_WARNINGS) + target_compile_options(${target} PRIVATE --warnings_are_errors) + endif(MBEDTLS_FATAL_WARNINGS) +endfunction(set_iar_base_compile_options) + +function(set_msvc_base_compile_options target) # Strictest warnings, UTF-8 source and execution charset - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3 /utf-8") -endif(CMAKE_COMPILER_IS_MSVC) + target_compile_options(${target} PRIVATE /W3 /utf-8) -if(TF_PSA_CRYPTO_FATAL_WARNINGS) - if(CMAKE_COMPILER_IS_MSVC) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX") - endif(CMAKE_COMPILER_IS_MSVC) - - if(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror") - if(UNSAFE_BUILD) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-error=cpp") - set(CMAKE_C_FLAGS_ASAN "${CMAKE_C_FLAGS_ASAN} -Wno-error=cpp") - set(CMAKE_C_FLAGS_ASANDBG "${CMAKE_C_FLAGS_ASANDBG} -Wno-error=cpp") - endif(UNSAFE_BUILD) - endif(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU) - - if (CMAKE_COMPILER_IS_IAR) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warnings_are_errors") - endif(CMAKE_COMPILER_IS_IAR) -endif(TF_PSA_CRYPTO_FATAL_WARNINGS) + if(MBEDTLS_FATAL_WARNINGS) + target_compile_options(${target} PRIVATE /WX) + endif(MBEDTLS_FATAL_WARNINGS) +endfunction(set_msvc_base_compile_options) if(CMAKE_BUILD_TYPE STREQUAL "Check" AND TEST_CPP) set(CMAKE_CXX_STANDARD 11) @@ -269,12 +302,6 @@ if(CMAKE_BUILD_TYPE STREQUAL "Check" AND TEST_CPP) endif() endif() -if(CMAKE_BUILD_TYPE STREQUAL "Coverage") - if(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG) - set(CMAKE_SHARED_LINKER_FLAGS "--coverage") - endif(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG) -endif(CMAKE_BUILD_TYPE STREQUAL "Coverage") - if (NOT EXISTS "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt") message(FATAL_ERROR "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt not found. Run `git submodule update --init` from the source tree to fetch the submodule contents.") endif() @@ -303,6 +330,7 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) ${MBEDTLS_DIR}/tests/src/*.c ${MBEDTLS_DIR}/tests/src/drivers/*.c) add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES}) + set_base_compile_options(mbedtls_test) if(GEN_FILES) add_custom_command( OUTPUT diff --git a/tf-psa-crypto/core/CMakeLists.txt b/tf-psa-crypto/core/CMakeLists.txt index 0917cae2f4..1264acf33e 100644 --- a/tf-psa-crypto/core/CMakeLists.txt +++ b/tf-psa-crypto/core/CMakeLists.txt @@ -28,11 +28,11 @@ else() endif() if(CMAKE_COMPILER_IS_GNUCC) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes") + set(LIBS_C_FLAGS -Wmissing-declarations -Wmissing-prototypes) endif(CMAKE_COMPILER_IS_GNUCC) if(CMAKE_COMPILER_IS_CLANG) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code") + set(LIBS_C_FLAGS -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code) endif(CMAKE_COMPILER_IS_CLANG) if(CMAKE_COMPILER_IS_MSVC) @@ -91,6 +91,8 @@ set(everest_target "${TF_PSA_CRYPTO_TARGET_PREFIX}everest") if(USE_STATIC_TF_PSA_CRYPTO_LIBRARY) add_library(${mbedcrypto_static_target} STATIC ${src_crypto}) + set_base_compile_options(${mbedcrypto_static_target}) + target_compile_options(${mbedcrypto_static_target} PRIVATE ${LIBS_C_FLAGS}) set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto) target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs}) @@ -108,6 +110,8 @@ endif(USE_STATIC_TF_PSA_CRYPTO_LIBRARY) if(USE_SHARED_TF_PSA_CRYPTO_LIBRARY) set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR}) add_library(${mbedcrypto_target} SHARED ${src_crypto}) + set_base_compile_options(${mbedcrypto_target}) + target_compile_options(${mbedcrypto_static_target} PRIVATE ${LIBS_C_FLAGS}) set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 4.0.0 SOVERSION 16) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) diff --git a/tf-psa-crypto/drivers/builtin/CMakeLists.txt b/tf-psa-crypto/drivers/builtin/CMakeLists.txt index 9ec1a87b42..dd1a1130fe 100644 --- a/tf-psa-crypto/drivers/builtin/CMakeLists.txt +++ b/tf-psa-crypto/drivers/builtin/CMakeLists.txt @@ -3,11 +3,11 @@ add_subdirectory(src) file(GLOB src_builtin RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} src/*.c) if(CMAKE_COMPILER_IS_GNUCC) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes") + set(LIBS_C_FLAGS -Wmissing-declarations -Wmissing-prototypes) endif(CMAKE_COMPILER_IS_GNUCC) if(CMAKE_COMPILER_IS_CLANG) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code") + set(LIBS_C_FLAGS -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code) endif(CMAKE_COMPILER_IS_CLANG) if(CMAKE_COMPILER_IS_MSVC) @@ -54,6 +54,8 @@ set(everest_target "${TF_PSA_CRYPTO_TARGET_PREFIX}everest") if(USE_STATIC_TF_PSA_CRYPTO_LIBRARY) add_library(${builtin_static_target} STATIC ${src_builtin}) + set_base_compile_options(${builtin_static_target}) + target_compile_options(${builtin_static_target} PRIVATE ${LIBS_C_FLAGS}) target_link_libraries(${builtin_static_target} PUBLIC ${libs}) if(TARGET ${everest_target}) target_link_libraries(${builtin_static_target} PUBLIC ${everest_target}) @@ -66,6 +68,8 @@ endif(USE_STATIC_TF_PSA_CRYPTO_LIBRARY) if(USE_SHARED_TF_PSA_CRYPTO_LIBRARY) add_library(${builtin_target} SHARED ${src_builtin}) + set_base_compile_options(${builtin_target}) + target_compile_options(${builtin_static_target} PRIVATE ${LIBS_C_FLAGS}) target_link_libraries(${builtin_target} PUBLIC ${libs}) if(TARGET ${everest_target}) target_link_libraries(${builtin_target} PUBLIC ${everest_target}) diff --git a/tf-psa-crypto/drivers/everest/CMakeLists.txt b/tf-psa-crypto/drivers/everest/CMakeLists.txt index e7048590ef..5671200387 100644 --- a/tf-psa-crypto/drivers/everest/CMakeLists.txt +++ b/tf-psa-crypto/drivers/everest/CMakeLists.txt @@ -5,6 +5,7 @@ add_library(${everest_target} library/x25519.c library/Hacl_Curve25519_joined.c) +set_base_compile_options(${everest_target}) target_include_directories(${everest_target} PUBLIC $ $ diff --git a/tf-psa-crypto/drivers/p256-m/CMakeLists.txt b/tf-psa-crypto/drivers/p256-m/CMakeLists.txt index ede2831950..af046da7be 100644 --- a/tf-psa-crypto/drivers/p256-m/CMakeLists.txt +++ b/tf-psa-crypto/drivers/p256-m/CMakeLists.txt @@ -4,6 +4,8 @@ add_library(${p256m_target} p256-m_driver_entrypoints.c p256-m/p256-m.c) +set_base_compile_options(${p256m_target}) + target_include_directories(${p256m_target} PUBLIC $ $ diff --git a/tf-psa-crypto/tests/CMakeLists.txt b/tf-psa-crypto/tests/CMakeLists.txt index 0e84bab201..0793dbe35f 100644 --- a/tf-psa-crypto/tests/CMakeLists.txt +++ b/tf-psa-crypto/tests/CMakeLists.txt @@ -294,6 +294,8 @@ function(add_test_suite suite_name) add_executable(test_suite_${data_name} test_suite_${data_name}.c $) + set_base_compile_options(test_suite_${data_name}) + target_compile_options(test_suite_${data_name} PRIVATE ${TEST_C_FLAGS}) add_dependencies(test_suite_${data_name} ${dependency}) target_link_libraries(test_suite_${data_name} ${libs}) # Include test-specific header files from ./include and private header @@ -321,13 +323,12 @@ endfunction(add_test_suite) add_definitions("-D_POSIX_C_SOURCE=200809L") if(CMAKE_COMPILER_IS_CLANG) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code") + set(TEST_C_FLAGS -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code) endif(CMAKE_COMPILER_IS_CLANG) if(MSVC) # If a warning level has been defined, suppress all warnings for test code - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W0") - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX-") + set(TEST_C_FLAGS /W0 /WX-) endif(MSVC) file(GLOB test_suites RELATIVE "${CMAKE_CURRENT_SOURCE_DIR}" suites/*.data)