mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-12 01:14:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #9720 from mpg/all.sh-tf-psa-crypto-dev

Browse Source 
All.sh add support for tf-psa-crypto components
This commit is contained in:
Manuel Pégourié-Gonnard 2024-11-07 08:49:44 +00:00 committed by GitHub
commit e248de54bf
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 193 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
tests/scripts/all-core.sh
View File

@ -109,11 +109,12 @@
# means that components can assume that the working directory is in a
# cleaned-up state, and don't need to perform the cleanup themselves.
# * Run `make clean`.
# * Restore `include/mbedtls/mbedtls_config.h` from a backup made before running
# the component.
# * Check out `Makefile`, `library/Makefile`, `programs/Makefile`,
# `tests/Makefile` and `programs/fuzz/Makefile` from git.
# This cleans up after an in-tree use of CMake.
# * Restore the various config files (potentially modified by config.py) from
# a backup made when starting the script.
# * If in Mbed TLS, restore the various `Makefile`s (potentially modified by
# in-tree use of CMake) from a backup made when starting the script. (Note:
# if the files look generated when starting the script, they will be
# restored from the git index before making the backup.)
################################################################
@ -156,8 +157,8 @@ pre_check_environment () {
# Must be called before pre_initialize_variables which sets ALL_COMPONENTS.
pre_load_components () {
# Include the components from components.sh
test_script_dir="${0%/*}"
for file in "$test_script_dir"/components-*.sh; do
# Use a path relative to the current directory, aka project's root.
for file in tests/scripts/components-*.sh; do
source $file
done
}
@ -165,6 +166,7 @@ pre_load_components () {
pre_initialize_variables () {
if in_mbedtls_repo; then
CONFIG_H='include/mbedtls/mbedtls_config.h'
CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h'
if [ -d tf-psa-crypto ]; then
CRYPTO_CONFIG_H='tf-psa-crypto/include/psa/crypto_config.h'
PSA_CORE_PATH='tf-psa-crypto/core'
@ -176,20 +178,21 @@ pre_initialize_variables () {
PSA_CORE_PATH=''
BUILTIN_SRC_PATH=''
fi
config_files="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H"
else
CONFIG_H='drivers/builtin/include/mbedtls/mbedtls_config.h'
CRYPTO_CONFIG_H='include/psa/crypto_config.h'
PSA_CORE_PATH='core'
BUILTIN_SRC_PATH='drivers/builtin/src'
config_files="$CRYPTO_CONFIG_H"
fi
CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h'
# Files that are clobbered by some jobs will be backed up. Use a different
# suffix from auxiliary scripts so that all.sh and auxiliary scripts can
# independently decide when to remove the backup file.
backup_suffix='.all.bak'
# Files clobbered by config.py
files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H"
files_to_back_up="$config_files"
if in_mbedtls_repo; then
# Files clobbered by in-tree cmake
files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile"
@ -623,7 +626,7 @@ pre_parse_command_line () {
pre_check_git () {
if [ $FORCE -eq 1 ]; then
rm -rf "$OUT_OF_SOURCE_DIR"
git checkout-index -f -q $CONFIG_H
git checkout-index -f -q $config_files
cleanup
else
@ -634,12 +637,14 @@ pre_check_git () {
exit 1
fi
if ! git diff --quiet "$CONFIG_H"; then
err_msg "Warning - the configuration file '$CONFIG_H' has been edited. "
echo "You can either delete or preserve your work, or force the test by rerunning the"
echo "script as: $0 --force"
exit 1
fi
for config in $config_files; do
if ! git diff --quiet "$config"; then
err_msg "Warning - the configuration file '$config' has been edited. "
echo "You can either delete or preserve your work, or force the test by rerunning the"
echo "script as: $0 --force"
exit 1
fi
done
fi
}
@ -866,7 +871,8 @@ pre_check_tools () {
set "$@" ARMC6_CC="$ARMC6_CC" RUN_ARMCC=1;;
*) set "$@" RUN_ARMCC=0;;
esac
"$@" scripts/output_env.sh
# Use a path relative to the currently-sourced file.
"$@" "${BASH_SOURCE%/*}"/../../scripts/output_env.sh
}
pre_generate_files() {
@ -881,8 +887,8 @@ pre_generate_files() {
}
pre_load_helpers () {
# The path is going to change when this is moved to the framework
test_script_dir="${0%/*}"
# Use a path relative to the currently-sourced file.
test_script_dir="${BASH_SOURCE%/*}"
source "$test_script_dir"/all-helpers.sh
}

111
tests/scripts/all.sh
View File

@ -1,15 +1,112 @@
#! /usr/bin/env bash
# all.sh
# all.sh (transitional wrapper)
#
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
# This file is executable; it is the entry point for users and the CI.
# See "Files structure" in all-core.sh for other files used.
# This is a transitional wrapper that's only meant for the CI.
# Developers should directly invoke on or two of:
# - tests/scripts/mbedtls-all.sh ...
# - (cd tf-psa-crypto && tests/scripts/all.sh ...)
#
# During the transition, it's illegal for a tf-psa-crypto component to have
# the same name as an mbedtls components; since this wrapper handles both
# sides at once, component names need to be globally unique. Once the
# transition period is over, unicity on each side will be enough.
#
# For context, here are the steps of the transition:
# 1. We have an all.sh in tf-psa-crypto but for now we don't invoke it directly
# on the CI, only through this transitional wrapper in mbedtls. (tf-psa-crypto
# doesn't have its own CI initially and runs Mbed TLS's instead.)
# 2. We move all relevant components to tf-psa-crypto so that it gets the level of
# coverage we want. We need to make sure the new names are unique.
# 3. We change the CI job on tf-psa-crypto to stop checking out mbedtls and running
# its all.sh - instead we do the normal thing of checking out tf-psa-crypto and
# running its all.sh. (In two steps: (a) add the new job, (b) remove the old
# one.)
# 4. We remove the transitional wrapper in mbedtls and we're now free to rename
# tf-psa-crypto components as we want. If we followed a consistent naming
# pattern, this can be as simple as s/_tf_psa_crypto// in components-*.sh.
# The path is going to change when this is moved to the framework
test_script_dir="${0%/*}"
source "$test_script_dir"/all-core.sh
# This script must be invoked from the project's root.
main "$@"
# There are exactly 4 ways this is invoked in the CI:
# 1. tests/scripts/all.sh --help
# 2. tests/scripts/all.sh --list-all-components
# 3. tests/scripts/all.sh --list-components
# 4. tests/scripts/all.sh --seed 4 --keep-going single_component_name
# This wrapper does not support other invocations.
set -eu
# Cases 1-3
if [ "$#" -eq 1 ]; then
if [ "$1" = '--help' ]; then
# It doesn't matter which one we use, they're the same
tests/scripts/mbedtls-all.sh "$1"
exit 0
fi
if [ "$1" = '--list-all-components' -o "$1" = '--list-components' ]; then
# Invoke both
tests/scripts/mbedtls-all.sh "$1"
(cd tf-psa-crypto && tests/scripts/all.sh "$1")
exit 0
fi
fi
if [ "$#" -ne 4 -o "${1:-unset}" != '--seed' -o "${3:-unset}" != '--keep-going' ]; then
echo "This invocation is not supported by the transitional wrapper." >&2
echo "See the comments at the top of $0." >&2
exit 1
fi
# Case 4: invoke the right all.sh for this component
comp_name=$4
# Get the list of components available on each side.
COMP_MBEDTLS=$(tests/scripts/mbedtls-all.sh --list-all-components | tr '\n' ' ')
COMP_CRYPTO=$(cd tf-psa-crypto && tests/scripts/all.sh --list-all-components | tr '\n' ' ')
# tell if $1 is in space-separated list $2
is_in() {
needle=$1
haystack=$2
case " $haystack " in
*" $needle "*) echo 1;;
*) echo 0;;
esac
}
is_crypto=$(is_in "$comp_name" "$COMP_CRYPTO")
is_mbedtls=$(is_in "$comp_name" "$COMP_MBEDTLS")
# Component should be on exactly one side (see comment near the top).
if [ "$is_crypto" -eq 1 -a "$is_mbedtls" -eq 1 ]; then
echo "Component '$comp_name' is both in crypto and Mbed TLS". >&2
echo "See the comments at the top of $0." >&2
exit 1
fi
if [ "$is_crypto" -eq 0 -a "$is_mbedtls" -eq 0 ]; then
echo "Component '$comp_name' is neither in crypto nor in Mbed TLS". >&2
echo "See the comments at the top of $0." >&2
exit 1
fi
# Invoke the real thing
if [ "$is_crypto" -eq 1 ]; then
# Make sure the path to the outcomes file is absolute. This is done by
# pre_prepare_outcome_file() however by the time it runs we've already
# changed the working directory, so do it now.
if [ -n "${MBEDTLS_TEST_OUTCOME_FILE+set}" ]; then
case "$MBEDTLS_TEST_OUTCOME_FILE" in
[!/]*) MBEDTLS_TEST_OUTCOME_FILE="$PWD/$MBEDTLS_TEST_OUTCOME_FILE";;
esac
export MBEDTLS_TEST_OUTCOME_FILE
fi
cd tf-psa-crypto
exec tests/scripts/all.sh "$@"
else
exec tests/scripts/mbedtls-all.sh "$@"
fi

20
tests/scripts/components-build-system.sh
View File

@ -85,26 +85,6 @@ component_test_cmake_out_of_source () {
rm -rf "$OUT_OF_SOURCE_DIR"
}
component_test_cmake_tf_psa_crypto_out_of_source () {
# Remove existing generated files so that we use the ones cmake
# generates
make neat
msg "build: cmake tf-psa-crypto 'out-of-source' build"
MBEDTLS_ROOT_DIR="$PWD"
cd tf-psa-crypto
TF_PSA_CRYPTO_ROOT_DIR="$PWD"
mkdir "$OUT_OF_SOURCE_DIR"
cd "$OUT_OF_SOURCE_DIR"
# Note: Explicitly generate files as these are turned off in releases
cmake -D CMAKE_BUILD_TYPE:String=Check -D GEN_FILES=ON "$TF_PSA_CRYPTO_ROOT_DIR"
make
msg "test: cmake tf-psa-crypto 'out-of-source' build"
make test
cd "$TF_PSA_CRYPTO_ROOT_DIR"
rm -rf "$OUT_OF_SOURCE_DIR"
cd "$MBEDTLS_ROOT_DIR"
}
component_test_cmake_as_subdirectory () {
# Remove existing generated files so that we use the ones CMake
# generates

16
tests/scripts/mbedtls-all.sh Executable file
View File

@ -0,0 +1,16 @@
#! /usr/bin/env bash
# all.sh (mbedtls part)
#
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
# This file is executable; it is the entry point for users and the CI.
# See "Files structure" in all-core.sh for other files used.
# This script must be invoked from the project's root.
# The path is going to change when this is moved to the framework
source tests/scripts/all-core.sh
main "$@"

23
tf-psa-crypto/tests/scripts/all.sh Executable file
View File

@ -0,0 +1,23 @@
#! /usr/bin/env bash
# all.sh
#
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
# This file is executable; it is the entry point for users and the CI.
# See "Files structure" in all-core.sh for other files used.
# This script must be invoked from the project's root.
# Prevent silly mistakes when people would invoke this from mbedtls
if [ -d tf-psa-crypto -a -d library ]; then
echo "When invoking this script from an mbedtls checkout," >&2
echo "you must change the working directory to tf-psa-crypto." >&2
exit 255
fi
# The path is going to change when this is moved to the framework
source ../tests/scripts/all-core.sh
main "$@"

24
tf-psa-crypto/tests/scripts/components-build-system.sh Normal file
View File

@ -0,0 +1,24 @@
# components-build-system.sh
#
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
# This file contains test components that are executed by all.sh
################################################################
#### Build System Testing
################################################################
component_test_cmake_tf_psa_crypto_out_of_source () {
msg "build: cmake tf-psa-crypto 'out-of-source' build"
TF_PSA_CRYPTO_ROOT_DIR="$PWD"
mkdir "$OUT_OF_SOURCE_DIR"
cd "$OUT_OF_SOURCE_DIR"
# Note: Explicitly generate files as these are turned off in releases
cmake -D CMAKE_BUILD_TYPE:String=Check -D GEN_FILES=ON "$TF_PSA_CRYPTO_ROOT_DIR"
make
msg "test: cmake tf-psa-crypto 'out-of-source' build"
make test
cd "$TF_PSA_CRYPTO_ROOT_DIR"
rm -rf "$OUT_OF_SOURCE_DIR"
}