Move programs from mbedtls to framework #131
Conversation
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/x509*.c Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO {library,include/mbedtls}/ssl_{ticket,cookie}.[ch]
Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO {library,include/mbedtls}/ssl_ciphersuites*
Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
Manual removal as unifdef doesn't handle non-trivial expressions. Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO {library,include/mbedtls}/ssl*.h
Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
Expression that are too complex for unifdef - please review carefully :) Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
Manual, as most expressions were too complex for unifdef. Most of those were or had a part like "we need XXX or USE_PSA" (where XXX was Cipher or MD) and those are always satisfied now. Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_tls13*.c Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
The one expression that was apparently too much for unifdef Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_tls12_server.c framework/scripts/code_style.py --fix library/ssl_tls12_server.c Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
Manual. Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_msg.c Took care of everything in this file Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_tls.c framework/scripts/code_style.py --fix library/ssl_tls.c Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
Manually handle more complex expressions. Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
I was going to describe those changes as temporary, to be undone after applying unifdef, but it turns out they're both in dead code, so there will be nothing to undo after unifdef has run. Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_tls12_client.c Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
Manually handle unifdef leftovers Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
This was the last occurrence found by:
git grep -c 'MBEDTLS_USE_PSA_CRYPTO' library include
Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
There was two versions of this function with different arguments. Update the documentation to match the signature of the function we kept. Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
Signed-off-by: Manuel Pégourié-Gonnard <[email protected]>
Rm dead !USE_PSA_CRYPTO code from the library
Convert the mbedtl_ssl_ticket_setup function to use the TF_PSA_Crypto API. Signed-off-by: Ben Taylor <[email protected]>
This commit moves macro checks specifically for Mbed TLS from TF-PSA-Crypto to Mbed TLS where they more approriately belong. Signed-off-by: Harry Ramsey <[email protected]>
Signed-off-by: Minos Galanakis <[email protected]>
PR-Template: Updated the PR template with TF-PSA-Crypto checkbox
Correct the typos in the mbedtls_ssl_ticket_setup function docs Signed-off-by: Ben Taylor <[email protected]>
Improve the description of the API changes in the changelog and fix some incorrect alg selection variables in ssl_server2.c. Signed-off-by: Ben Taylor <[email protected]>
This commit updates the TF-PSA-Crypto pointer to include the moved config files. Signed-off-by: Harry Ramsey <[email protected]>
ronald-cron-arm
added
priority-high
Harry-Ramsey
force-pushed
the
move-programs-from-mbedtls-to-framework
branch
2 times, most recently
from
e2c5c1e to
c41675a
Compare
[development] Add components-compliance.sh
| @@ -0,0 +1,42 @@ | |||
| #!/bin/sh | |||
There was a problem hiding this comment.
Note that we have a program run_demos.py, invoked by all.sh components, which runs all the scripts called *_demo.sh. Please make sure to update this script so that it looks in all framework/tests/programs.
On a related note, run_demos.py should move to the framework. It may be easier to do this before changing it.
There was a problem hiding this comment.
Reviewers beware: there's no automatic mechanism that would let us know if we stop running the demo programs on the CI. They aren't even recorded in the outcome file. So please check the CI logs.
There was a problem hiding this comment.
Good point, thanks. However, currently, dlopen_demo.sh is actually never run through run_demos.py as there is no component where shared libraries are built and run_demos.py is run. dlopen_demo.sh is run directly in test_make_shared and test_cmake_shared.
There was a problem hiding this comment.
This set of PRs is already quite big, I prefer do that rather as part of Mbed-TLS/TF-PSA-Crypto#127. I've added a note there to not forget about it.
Harry-Ramsey
force-pushed
the
move-programs-from-mbedtls-to-framework
branch
from
906105e to
0b7fc41
Compare
| ## Succeeds if the library configuration has all SYMBOLs set. | ||
| config_has () { | ||
| for x in "$@"; do | ||
| "$programs_dir/test/query_compile_time_config" "$x" |
There was a problem hiding this comment.
Not sure this is OK. On line 43 we're setting
programs_dir="$root_dir/programs"
which means this line would be:
"$root_dir/programs/test/query_compile_time_config" "$x"
but query_compile_time_config is being moved in this PR into the framework repo. Am I wrong?
There was a problem hiding this comment.
I believe that is the executable. The files have been moved but the executable is still built in the programs directory.
There was a problem hiding this comment.
Oh right, I missed that. Question though: is there any reason for which we move source files in the framework, but we keep the generated program file in the Mbed TLS main repo?
There was a problem hiding this comment.
From my understanding it is because we do not want any build objects/generated files in the framework as this is shared between MbedTLS and TF-PSA crypto. There may be additional reasons others can clarify :)
There was a problem hiding this comment.
That way we have all the test programs in the same place. The ones built from only branch specific code like benchmark, the ones built with a mix of branch specific code and framework code like query_compile_time_config and the ones built only with framework code.
Harry-Ramsey
force-pushed
the
move-programs-from-mbedtls-to-framework
branch
from
0b7fc41 to
9a7384d
Compare
This commit moves user-config-zeroize-memset.h to TF-PSA-Crypto where it more appropriately belongs. Signed-off-by: Harry Ramsey <[email protected]>
This commit updates the path to user-config-zeroize-memset.h as it has been moved to TF-PSA-Crypto. Signed-off-by: Harry Ramsey <[email protected]>
Signed-off-by: Harry Ramsey <[email protected]>
…uration Move zeroize memset configuration
ronald-cron-arm
added
needs-review
This commit moves demo_common.sh, dlopen_demo.sh, metatest.c query_compile_time_config.c, query_config.h, query_included_headers.c, zeroize.c and test_zeroize.gdb from MbedTLS into the MbedTLS framework. Signed-off-by: Harry Ramsey <[email protected]>
This commit updates the filepath to demo_common.sh in dlopen_demo.sh and the comment in demo_common.sh regarding how to use demo_common.sh. Signed-off-by: Harry Ramsey <[email protected]>
This commit updates the path of zeroize.c in the GDB script test_zeroize.gdb. Signed-off-by: Harry Ramsey <[email protected]>
This commit updates comments regarding the moved zeroize files. Signed-off-by: Harry Ramsey <[email protected]>
Harry-Ramsey
force-pushed
the
move-programs-from-mbedtls-to-framework
branch
from
30ebcb6 to
483262b
Compare
ronald-cron-arm
added
approved
Description
Move program files to MbedTLS-Framework.
PR checklist