Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport 2.28: Fix builds with MBEDTLS_HAVE_TIME disabled and test #5563

Merged
merged 16 commits into from
Mar 15, 2022
Merged

Backport 2.28: Fix builds with MBEDTLS_HAVE_TIME disabled and test #5563

merged 16 commits into from
Mar 15, 2022

Conversation

AndrzejKurek
Copy link
Contributor

@AndrzejKurek AndrzejKurek commented Feb 22, 2022
edited
Loading

Backport of #3624.
Fix builds that use time.h without MBEDTLS_HAVE_TIME.
Changes compared to the original:

  • programs/fuzz/common.h using config.h directly instead of build_info.h;
  • programs/test/query_config.c uploaded.

@AndrzejKurek AndrzejKurek added bug enhancement mbed TLS team needs-review Every commit must be reviewed by at least two team members, component-platform Portability layer and build scripts needs-ci Needs to pass CI tests needs-reviewer This PR needs someone to pick it up for review labels Feb 22, 2022
@AndrzejKurek AndrzejKurek force-pushed the timeless-2.28 branch 5 times, most recently from 053ff42 to 8896c8d Compare February 22, 2022 18:49
@AndrzejKurek AndrzejKurek removed the needs-ci Needs to pass CI tests label Feb 22, 2022
@AndrzejKurek AndrzejKurek mentioned this pull request Feb 22, 2022
Merged
4 tasks
@mpg
Copy link
Contributor

mpg commented Feb 23, 2022

@d3zd3z @tom-cosgrove-arm Since you reviewed the main PR, will you review this backport as well?

d3zd3z
d3zd3z previously approved these changes Feb 25, 2022
View reviewed changes
Copy link
Contributor

@d3zd3z d3zd3z left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

@tom-cosgrove-arm
Copy link
Contributor

My comments on #3624 pretty much apply here too

daxtens and others added 9 commits March 4, 2022 15:25
@daxtens
Add header guard around malloc(0) returning NULL implementation
b3f25b0 
Make it safe to import the config multiple times without having
multiple definition errors.

(This prevents errors in the fuzzers in a later patch.)

Signed-off-by: Daniel Axtens <[email protected]>
@daxtens
Do not include time.h without MBEDTLS_HAVE_TIME
301db66 
MBEDTLS_HAVE_TIME is documented as: "System has time.h and time()."

If that is not defined, do not attempt to include time.h.

A particular problem is platform-time.h, which should only be included if
MBEDTLS_HAVE_TIME is defined, which makes everything messier. Maybe it
should be refactored to have the check inside the header.

Signed-off-by: Daniel Axtens <[email protected]>
@daxtens
tests: prevent inclusion of time.h in baremetal compiles
6f63cc7 
baremetal compiles should not include time.h, as MBEDTLS_HAVE_TIME is
undefined. To test this, provide an overriding include directory that
has a time.h which throws a meaningful error if included.

Signed-off-by: Daniel Axtens <[email protected]>
@raoulstrackx
programs/ssl: Fix compile errors when MBEDTLS_HAVE_TIME is not defined
2db000f 
Signed-off-by: Raoul Strackx <[email protected]>
[dja: add some more fixes, tweak title]
Signed-off-by: Daniel Axtens <[email protected]>
@daxtens
tests: add baremetal full config build
1a021af 
To be able to test utility programs for an absence of time.h, we need a
baremetal config that is not crypto only. Add one.

Signed-off-by: Daniel Axtens <[email protected]>
@davidhorstmann-arm
programs/test: fix build without MBEDTLS_HAVE_TIME
0e4a1aa 
Allow programs/test/udp_proxy.c to build when MBEDTLS_HAVE_TIME is
not defined. In this case, do not attempt to seed the pseudo-random
number generator used to sometimes produce corrupt packets and other
erroneous data.

Signed-off-by: David Horstmann <[email protected]>
@davidhorstmann-arm
programs/fuzz: Remove superfluous MBEDTLS_HAVE_TIME
11d0a6f 
MBEDTLS_HAVE_TIME_ALT implies MBEDTLS_HAVE_TIME, so an extra
check for MBEDTLS_HAVE_TIME is not needed.

Signed-off-by: David Horstmann <[email protected]>
@davidhorstmann-arm
Use $PWD instead of $(pwd) for consistency
3cb5e9b 
Change the new baremetal all.sh tests to use $PWD rather than
calling pwd again directly.

Signed-off-by: David Horstmann <[email protected]>
Add a changelog entry
c841508 
Signed-off-by: Andrzej Kurek <[email protected]>
Andrzej Kurek added 7 commits March 4, 2022 15:25
Add a missing guard for time.h in net_sockets.c
516e1b0 
Signed-off-by: Andrzej Kurek <[email protected]>
Fix requirement mismatch in fuzz/common.c
448cf48 
Signed-off-by: Andrzej Kurek <[email protected]>
Provide a dummy implementation of timing.c
77daaad 
Also move the self test implementation guards 
so that alternate implementations must
provide their own.
Signed-off-by: Andrzej Kurek <[email protected]>
Fix udp_proxy dependency on MBEDTLS_HAVE_TIME
65f93d5 
Signed-off-by: Andrzej Kurek <[email protected]>
Add the timing test dependency on MBEDTLS_HAVE_TIME
161005b 
Signed-off-by: Andrzej Kurek <[email protected]>
Guard cache_timeout in ssl_server2 with MBEDTLS_HAVE_TIME
388ee8a 
Signed-off-by: Andrzej Kurek <[email protected]>
Refactor ssl_context_info time printing
478181d 
Signed-off-by: Andrzej Kurek <[email protected]>
@AndrzejKurek
Copy link
Contributor Author

AndrzejKurek commented Mar 4, 2022
edited
Loading

Pulled new commits from the original PR.
Changes compared to original:

  • timing.c has different structure and contains things from development's benchmark.c. I changed the guards to not compile selftest if MBEDTLS_TIMING_ALT is provided.
  • benchmark.c - in 2.28, mbedtls_timing_hardclock from timing.c doesn't use timing.c utilities, but is guarded by MBEDTLS_TIMING, thus benchmark requires it too (compared to development's MBEDTLS_HAVE_TIME). Other possible approach: refactor timing.c and benchmark.c to be more in line with development, letting benchmark work without MBEDTLS_TIMING, but with MBEDTLS_HAVE_TIME.

@AndrzejKurek AndrzejKurek requested a review from d3zd3z March 5, 2022 00:27
@AndrzejKurek AndrzejKurek removed the needs-reviewer This PR needs someone to pick it up for review label Mar 5, 2022
d3zd3z
d3zd3z approved these changes Mar 8, 2022
View reviewed changes
library/timing.c
@@ -527,4 +527,44 @@ int mbedtls_timing_self_test( int verbose )

#endif /* MBEDTLS_SELF_TEST */

#else
volatile int mbedtls_timing_alarmed = 0;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not really related to this particular change, but volatile is insufficient to make this code correct on non-strongly ordered SMP targets (e.g. Arm).

@tom-cosgrove-arm tom-cosgrove-arm added approved Design and code approved - may be waiting for CI or backports and removed needs-review Every commit must be reviewed by at least two team members, approved Design and code approved - may be waiting for CI or backports labels Mar 9, 2022
@tom-cosgrove-arm
Copy link
Contributor

CI failures: 1 x No such property: pullRequest for class: groovy.lang.Binding + 2 x ?

Internal CI all passes

@daverodgman daverodgman merged commit ce514de into Mbed-TLS:mbedtls-2.28 Mar 15, 2022
This was referenced Mar 28, 2022
Closed
Closed
Closed
@AndrzejKurek AndrzejKurek mentioned this pull request Apr 8, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@d3zd3z d3zd3z d3zd3z approved these changes

@tom-cosgrove-arm tom-cosgrove-arm tom-cosgrove-arm approved these changes

Assignees
No one assigned
Labels
approved Design and code approved - may be waiting for CI or backports bug component-platform Portability layer and build scripts enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@AndrzejKurek @mpg @tom-cosgrove-arm @d3zd3z @daverodgman @daxtens @raoulstrackx @davidhorstmann-arm