ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-09 08:31:33 +08:00
Code Issues Releases Wiki Activity

Merge pull request #9720 from mpg/all.sh-tf-psa-crypto-dev

Browse Source 
All.sh add support for tf-psa-crypto components
This commit is contained in:
Manuel Pégourié-Gonnard 2024-11-07 08:49:44 +00:00 committed by GitHub
commit e248de54bf
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 193 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
tests/scripts/all-core.sh
View File

@ -109,11 +109,12 @@
# means that components can assume that the working directory is in a # means that components can assume that the working directory is in a
# cleaned-up state, and don't need to perform the cleanup themselves. # cleaned-up state, and don't need to perform the cleanup themselves.
# * Run `make clean`. # * Run `make clean`.
# * Restore `include/mbedtls/mbedtls_config.h` from a backup made before running # * Restore the various config files (potentially modified by config.py) from
# the component. # a backup made when starting the script.
# * Check out `Makefile`, `library/Makefile`, `programs/Makefile`, # * If in Mbed TLS, restore the various `Makefile`s (potentially modified by
# `tests/Makefile` and `programs/fuzz/Makefile` from git. # in-tree use of CMake) from a backup made when starting the script. (Note:
# This cleans up after an in-tree use of CMake. # if the files look generated when starting the script, they will be
# restored from the git index before making the backup.)
################################################################ ################################################################
@ -156,8 +157,8 @@ pre_check_environment () {
# Must be called before pre_initialize_variables which sets ALL_COMPONENTS. # Must be called before pre_initialize_variables which sets ALL_COMPONENTS.
pre_load_components () { pre_load_components () {
# Include the components from components.sh # Include the components from components.sh
test_script_dir="${0%/*}" # Use a path relative to the current directory, aka project's root.
for file in "$test_script_dir"/components-*.sh; do for file in tests/scripts/components-*.sh; do
source $file source $file
done done
} }
@ -165,6 +166,7 @@ pre_load_components () {
pre_initialize_variables () { pre_initialize_variables () {
if in_mbedtls_repo; then if in_mbedtls_repo; then
CONFIG_H='include/mbedtls/mbedtls_config.h' CONFIG_H='include/mbedtls/mbedtls_config.h'
CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h'
if [ -d tf-psa-crypto ]; then if [ -d tf-psa-crypto ]; then
CRYPTO_CONFIG_H='tf-psa-crypto/include/psa/crypto_config.h' CRYPTO_CONFIG_H='tf-psa-crypto/include/psa/crypto_config.h'
PSA_CORE_PATH='tf-psa-crypto/core' PSA_CORE_PATH='tf-psa-crypto/core'
@ -176,20 +178,21 @@ pre_initialize_variables () {
PSA_CORE_PATH='' PSA_CORE_PATH=''
BUILTIN_SRC_PATH='' BUILTIN_SRC_PATH=''
fi fi
config_files="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H"
else else
CONFIG_H='drivers/builtin/include/mbedtls/mbedtls_config.h'
CRYPTO_CONFIG_H='include/psa/crypto_config.h' CRYPTO_CONFIG_H='include/psa/crypto_config.h'
PSA_CORE_PATH='core' PSA_CORE_PATH='core'
BUILTIN_SRC_PATH='drivers/builtin/src' BUILTIN_SRC_PATH='drivers/builtin/src'
config_files="$CRYPTO_CONFIG_H"
fi fi
CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h'
# Files that are clobbered by some jobs will be backed up. Use a different # Files that are clobbered by some jobs will be backed up. Use a different
# suffix from auxiliary scripts so that all.sh and auxiliary scripts can # suffix from auxiliary scripts so that all.sh and auxiliary scripts can
# independently decide when to remove the backup file. # independently decide when to remove the backup file.
backup_suffix='.all.bak' backup_suffix='.all.bak'
# Files clobbered by config.py # Files clobbered by config.py
files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H" files_to_back_up="$config_files"
if in_mbedtls_repo; then if in_mbedtls_repo; then
# Files clobbered by in-tree cmake # Files clobbered by in-tree cmake
files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile" files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile"
@ -623,7 +626,7 @@ pre_parse_command_line () {
pre_check_git () { pre_check_git () {
if [ $FORCE -eq 1 ]; then if [ $FORCE -eq 1 ]; then
rm -rf "$OUT_OF_SOURCE_DIR" rm -rf "$OUT_OF_SOURCE_DIR"
git checkout-index -f -q $CONFIG_H git checkout-index -f -q $config_files
cleanup cleanup
else else
@ -634,12 +637,14 @@ pre_check_git () {
exit 1 exit 1
fi fi
if ! git diff --quiet "$CONFIG_H"; then for config in $config_files; do
err_msg "Warning - the configuration file '$CONFIG_H' has been edited. " if ! git diff --quiet "$config"; then
err_msg "Warning - the configuration file '$config' has been edited. "
echo "You can either delete or preserve your work, or force the test by rerunning the" echo "You can either delete or preserve your work, or force the test by rerunning the"
echo "script as: $0 --force" echo "script as: $0 --force"
exit 1 exit 1
fi fi
done
fi fi
} }
@ -866,7 +871,8 @@ pre_check_tools () {
set "$@" ARMC6_CC="$ARMC6_CC" RUN_ARMCC=1;; set "$@" ARMC6_CC="$ARMC6_CC" RUN_ARMCC=1;;
*) set "$@" RUN_ARMCC=0;; *) set "$@" RUN_ARMCC=0;;
esac esac
"$@" scripts/output_env.sh # Use a path relative to the currently-sourced file.
"$@" "${BASH_SOURCE%/*}"/../../scripts/output_env.sh
} }
pre_generate_files() { pre_generate_files() {
@ -881,8 +887,8 @@ pre_generate_files() {
} }
pre_load_helpers () { pre_load_helpers () {
# The path is going to change when this is moved to the framework # Use a path relative to the currently-sourced file.
test_script_dir="${0%/*}" test_script_dir="${BASH_SOURCE%/*}"
source "$test_script_dir"/all-helpers.sh source "$test_script_dir"/all-helpers.sh
} }

111
tests/scripts/all.sh
View File

@ -1,15 +1,112 @@
#! /usr/bin/env bash #! /usr/bin/env bash
# all.sh # all.sh (transitional wrapper)
# #
# Copyright The Mbed TLS Contributors # Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
# This file is executable; it is the entry point for users and the CI. # This is a transitional wrapper that's only meant for the CI.
# See "Files structure" in all-core.sh for other files used. # Developers should directly invoke on or two of:
# - tests/scripts/mbedtls-all.sh ...
# - (cd tf-psa-crypto && tests/scripts/all.sh ...)
#
# During the transition, it's illegal for a tf-psa-crypto component to have
# the same name as an mbedtls components; since this wrapper handles both
# sides at once, component names need to be globally unique. Once the
# transition period is over, unicity on each side will be enough.
#
# For context, here are the steps of the transition:
# 1. We have an all.sh in tf-psa-crypto but for now we don't invoke it directly
# on the CI, only through this transitional wrapper in mbedtls. (tf-psa-crypto
# doesn't have its own CI initially and runs Mbed TLS's instead.)
# 2. We move all relevant components to tf-psa-crypto so that it gets the level of
# coverage we want. We need to make sure the new names are unique.
# 3. We change the CI job on tf-psa-crypto to stop checking out mbedtls and running
# its all.sh - instead we do the normal thing of checking out tf-psa-crypto and
# running its all.sh. (In two steps: (a) add the new job, (b) remove the old
# one.)
# 4. We remove the transitional wrapper in mbedtls and we're now free to rename
# tf-psa-crypto components as we want. If we followed a consistent naming
# pattern, this can be as simple as s/_tf_psa_crypto// in components-*.sh.
# The path is going to change when this is moved to the framework # This script must be invoked from the project's root.
test_script_dir="${0%/*}"
source "$test_script_dir"/all-core.sh
main "$@" # There are exactly 4 ways this is invoked in the CI:
# 1. tests/scripts/all.sh --help
# 2. tests/scripts/all.sh --list-all-components
# 3. tests/scripts/all.sh --list-components
# 4. tests/scripts/all.sh --seed 4 --keep-going single_component_name
# This wrapper does not support other invocations.
set -eu
# Cases 1-3
if [ "$#" -eq 1 ]; then
if [ "$1" = '--help' ]; then
# It doesn't matter which one we use, they're the same
tests/scripts/mbedtls-all.sh "$1"
exit 0
fi
if [ "$1" = '--list-all-components' -o "$1" = '--list-components' ]; then
# Invoke both
tests/scripts/mbedtls-all.sh "$1"
(cd tf-psa-crypto && tests/scripts/all.sh "$1")
exit 0
fi
fi
if [ "$#" -ne 4 -o "${1:-unset}" != '--seed' -o "${3:-unset}" != '--keep-going' ]; then
echo "This invocation is not supported by the transitional wrapper." >&2
echo "See the comments at the top of $0." >&2
exit 1
fi
# Case 4: invoke the right all.sh for this component
comp_name=$4
# Get the list of components available on each side.
COMP_MBEDTLS=$(tests/scripts/mbedtls-all.sh --list-all-components | tr '\n' ' ')
COMP_CRYPTO=$(cd tf-psa-crypto && tests/scripts/all.sh --list-all-components | tr '\n' ' ')
# tell if $1 is in space-separated list $2
is_in() {
needle=$1
haystack=$2
case " $haystack " in
*" $needle "*) echo 1;;
*) echo 0;;
esac
}
is_crypto=$(is_in "$comp_name" "$COMP_CRYPTO")
is_mbedtls=$(is_in "$comp_name" "$COMP_MBEDTLS")
# Component should be on exactly one side (see comment near the top).
if [ "$is_crypto" -eq 1 -a "$is_mbedtls" -eq 1 ]; then
echo "Component '$comp_name' is both in crypto and Mbed TLS". >&2
echo "See the comments at the top of $0." >&2
exit 1
fi
if [ "$is_crypto" -eq 0 -a "$is_mbedtls" -eq 0 ]; then
echo "Component '$comp_name' is neither in crypto nor in Mbed TLS". >&2
echo "See the comments at the top of $0." >&2
exit 1
fi
# Invoke the real thing
if [ "$is_crypto" -eq 1 ]; then
# Make sure the path to the outcomes file is absolute. This is done by
# pre_prepare_outcome_file() however by the time it runs we've already
# changed the working directory, so do it now.
if [ -n "${MBEDTLS_TEST_OUTCOME_FILE+set}" ]; then
case "$MBEDTLS_TEST_OUTCOME_FILE" in
[!/]*) MBEDTLS_TEST_OUTCOME_FILE="$PWD/$MBEDTLS_TEST_OUTCOME_FILE";;
esac
export MBEDTLS_TEST_OUTCOME_FILE
fi
cd tf-psa-crypto
exec tests/scripts/all.sh "$@"
else
exec tests/scripts/mbedtls-all.sh "$@"
fi

20
tests/scripts/components-build-system.sh
View File

@ -85,26 +85,6 @@ component_test_cmake_out_of_source () {
rm -rf "$OUT_OF_SOURCE_DIR" rm -rf "$OUT_OF_SOURCE_DIR"
} }
component_test_cmake_tf_psa_crypto_out_of_source () {
# Remove existing generated files so that we use the ones cmake
# generates
make neat
msg "build: cmake tf-psa-crypto 'out-of-source' build"
MBEDTLS_ROOT_DIR="$PWD"
cd tf-psa-crypto
TF_PSA_CRYPTO_ROOT_DIR="$PWD"
mkdir "$OUT_OF_SOURCE_DIR"
cd "$OUT_OF_SOURCE_DIR"
# Note: Explicitly generate files as these are turned off in releases
cmake -D CMAKE_BUILD_TYPE:String=Check -D GEN_FILES=ON "$TF_PSA_CRYPTO_ROOT_DIR"
make
msg "test: cmake tf-psa-crypto 'out-of-source' build"
make test
cd "$TF_PSA_CRYPTO_ROOT_DIR"
rm -rf "$OUT_OF_SOURCE_DIR"
cd "$MBEDTLS_ROOT_DIR"
}
component_test_cmake_as_subdirectory () { component_test_cmake_as_subdirectory () {
# Remove existing generated files so that we use the ones CMake # Remove existing generated files so that we use the ones CMake
# generates # generates

16
tests/scripts/mbedtls-all.sh Executable file
View File

@ -0,0 +1,16 @@
#! /usr/bin/env bash
# all.sh (mbedtls part)
#
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
# This file is executable; it is the entry point for users and the CI.
# See "Files structure" in all-core.sh for other files used.
# This script must be invoked from the project's root.
# The path is going to change when this is moved to the framework
source tests/scripts/all-core.sh
main "$@"

23
tf-psa-crypto/tests/scripts/all.sh Executable file
View File

@ -0,0 +1,23 @@
#! /usr/bin/env bash
# all.sh
#
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
# This file is executable; it is the entry point for users and the CI.
# See "Files structure" in all-core.sh for other files used.
# This script must be invoked from the project's root.
# Prevent silly mistakes when people would invoke this from mbedtls
if [ -d tf-psa-crypto -a -d library ]; then
echo "When invoking this script from an mbedtls checkout," >&2
echo "you must change the working directory to tf-psa-crypto." >&2
exit 255
fi
# The path is going to change when this is moved to the framework
source ../tests/scripts/all-core.sh
main "$@"

24
tf-psa-crypto/tests/scripts/components-build-system.sh Normal file
View File

@ -0,0 +1,24 @@
# components-build-system.sh
#
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
# This file contains test components that are executed by all.sh
################################################################
#### Build System Testing
################################################################
component_test_cmake_tf_psa_crypto_out_of_source () {
msg "build: cmake tf-psa-crypto 'out-of-source' build"
TF_PSA_CRYPTO_ROOT_DIR="$PWD"
mkdir "$OUT_OF_SOURCE_DIR"
cd "$OUT_OF_SOURCE_DIR"
# Note: Explicitly generate files as these are turned off in releases
cmake -D CMAKE_BUILD_TYPE:String=Check -D GEN_FILES=ON "$TF_PSA_CRYPTO_ROOT_DIR"
make
msg "test: cmake tf-psa-crypto 'out-of-source' build"
make test
cd "$TF_PSA_CRYPTO_ROOT_DIR"
rm -rf "$OUT_OF_SOURCE_DIR"
}