From 8da0e9eef7c824853646a519b3c467cce4ba2026 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 23 Oct 2024 09:42:47 +0200 Subject: [PATCH 1/8] all.sh: rationalize relative path usage MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In preparation for adding tf-psa-crypto/test/scripts/all.sh which will run from tf-psa-crypto. Use paths relative to the currently sourced file when including common files (ie, those that will soon be moved to the framework). Otherwise, use paths relative to the current directory, aka project's root. Document that test/script/all.sh must be invoked from the project's root (that was already the case, but implicit so far). Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all-core.sh | 11 ++++++----- tests/scripts/all.sh | 5 +++-- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/tests/scripts/all-core.sh b/tests/scripts/all-core.sh index ccd7e59ea155..cfb2d8c6afea 100644 --- a/tests/scripts/all-core.sh +++ b/tests/scripts/all-core.sh @@ -156,8 +156,8 @@ pre_check_environment () { # Must be called before pre_initialize_variables which sets ALL_COMPONENTS. pre_load_components () { # Include the components from components.sh - test_script_dir="${0%/*}" - for file in "$test_script_dir"/components-*.sh; do + # Use a path relative to the current directory, aka project's root. + for file in tests/scripts/components-*.sh; do source $file done } @@ -864,7 +864,8 @@ pre_check_tools () { set "$@" ARMC5_CC="$ARMC5_CC" ARMC6_CC="$ARMC6_CC" RUN_ARMCC=1;; *) set "$@" RUN_ARMCC=0;; esac - "$@" scripts/output_env.sh + # Use a path relative to the currently-sourced file. + "$@" "${BASH_SOURCE%/*}"/../../scripts/output_env.sh } pre_generate_files() { @@ -879,8 +880,8 @@ pre_generate_files() { } pre_load_helpers () { - # The path is going to change when this is moved to the framework - test_script_dir="${0%/*}" + # Use a path relative to the currently-sourced file. + test_script_dir="${BASH_SOURCE%/*}" source "$test_script_dir"/all-helpers.sh } diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 6708de102772..a73c090dfe20 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -8,8 +8,9 @@ # This file is executable; it is the entry point for users and the CI. # See "Files structure" in all-core.sh for other files used. +# This script must be invoked from the project's root. + # The path is going to change when this is moved to the framework -test_script_dir="${0%/*}" -source "$test_script_dir"/all-core.sh +source tests/scripts/all-core.sh main "$@" From 3d411541100a8e844c2fd86d761d741719c977e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 23 Oct 2024 09:53:54 +0200 Subject: [PATCH 2/8] all.sh: improve check for clean config files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The existing check only took care of CONFIG_H. This was both not enough and too much: - not enough because config.py can also modify CRYPTO_CONFIG_H and we want to know about it just as much as CONFIG_H; - too much because CONFIG_H does not exist in tf-psa-crypto. Check a list of files instead of a single one, and adjust that list. Also update an outdated comment about Makefiles Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all-core.sh | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) diff --git a/tests/scripts/all-core.sh b/tests/scripts/all-core.sh index cfb2d8c6afea..a660a6517b04 100644 --- a/tests/scripts/all-core.sh +++ b/tests/scripts/all-core.sh @@ -109,11 +109,12 @@ # means that components can assume that the working directory is in a # cleaned-up state, and don't need to perform the cleanup themselves. # * Run `make clean`. -# * Restore `include/mbedtls/mbedtls_config.h` from a backup made before running -# the component. -# * Check out `Makefile`, `library/Makefile`, `programs/Makefile`, -# `tests/Makefile` and `programs/fuzz/Makefile` from git. -# This cleans up after an in-tree use of CMake. +# * Restore the various config files (potentially modified by config.py) from +# a backup made when starting the script. +# * If in Mbed TLS, restore the various `Makefile`s (potentially modified by +# in-tree use of CMake) from a backup made when starting the script. (Note: +# if the files look generated when starting the script, they will be +# restored from the git index before making the backup.) ################################################################ @@ -165,6 +166,7 @@ pre_load_components () { pre_initialize_variables () { if in_mbedtls_repo; then CONFIG_H='include/mbedtls/mbedtls_config.h' + CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h' if [ -d tf-psa-crypto ]; then CRYPTO_CONFIG_H='tf-psa-crypto/include/psa/crypto_config.h' PSA_CORE_PATH='tf-psa-crypto/core' @@ -176,20 +178,21 @@ pre_initialize_variables () { PSA_CORE_PATH='' BUILTIN_SRC_PATH='' fi + config_files="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H" else - CONFIG_H='drivers/builtin/include/mbedtls/mbedtls_config.h' CRYPTO_CONFIG_H='include/psa/crypto_config.h' PSA_CORE_PATH='core' BUILTIN_SRC_PATH='drivers/builtin/src' + + config_files="$CRYPTO_CONFIG_H" fi - CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h' # Files that are clobbered by some jobs will be backed up. Use a different # suffix from auxiliary scripts so that all.sh and auxiliary scripts can # independently decide when to remove the backup file. backup_suffix='.all.bak' # Files clobbered by config.py - files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H" + files_to_back_up="$config_files" if in_mbedtls_repo; then # Files clobbered by in-tree cmake files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile" @@ -616,7 +619,7 @@ pre_parse_command_line () { pre_check_git () { if [ $FORCE -eq 1 ]; then rm -rf "$OUT_OF_SOURCE_DIR" - git checkout-index -f -q $CONFIG_H + git checkout-index -f -q $config_files cleanup else @@ -627,12 +630,14 @@ pre_check_git () { exit 1 fi - if ! git diff --quiet "$CONFIG_H"; then - err_msg "Warning - the configuration file '$CONFIG_H' has been edited. " - echo "You can either delete or preserve your work, or force the test by rerunning the" - echo "script as: $0 --force" - exit 1 - fi + for config in $config_files; do + if ! git diff --quiet "$config"; then + err_msg "Warning - the configuration file '$config' has been edited. " + echo "You can either delete or preserve your work, or force the test by rerunning the" + echo "script as: $0 --force" + exit 1 + fi + done fi } From 8bcad48ca5f46f1e859adeb5ebe77b026c48a771 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 23 Oct 2024 10:41:15 +0200 Subject: [PATCH 3/8] Add tf-psa-crypto's own all.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit With a first component. Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/components-build-system.sh | 20 ---------------- tf-psa-crypto/tests/scripts/all.sh | 16 +++++++++++++ .../tests/scripts/components-build-system.sh | 24 +++++++++++++++++++ 3 files changed, 40 insertions(+), 20 deletions(-) create mode 100755 tf-psa-crypto/tests/scripts/all.sh create mode 100644 tf-psa-crypto/tests/scripts/components-build-system.sh diff --git a/tests/scripts/components-build-system.sh b/tests/scripts/components-build-system.sh index a2c32f7e574e..2c2d46004e60 100644 --- a/tests/scripts/components-build-system.sh +++ b/tests/scripts/components-build-system.sh @@ -85,26 +85,6 @@ component_test_cmake_out_of_source () { rm -rf "$OUT_OF_SOURCE_DIR" } -component_test_cmake_tf_psa_crypto_out_of_source () { - # Remove existing generated files so that we use the ones cmake - # generates - make neat - msg "build: cmake tf-psa-crypto 'out-of-source' build" - MBEDTLS_ROOT_DIR="$PWD" - cd tf-psa-crypto - TF_PSA_CRYPTO_ROOT_DIR="$PWD" - mkdir "$OUT_OF_SOURCE_DIR" - cd "$OUT_OF_SOURCE_DIR" - # Note: Explicitly generate files as these are turned off in releases - cmake -D CMAKE_BUILD_TYPE:String=Check -D GEN_FILES=ON "$TF_PSA_CRYPTO_ROOT_DIR" - make - msg "test: cmake tf-psa-crypto 'out-of-source' build" - make test - cd "$TF_PSA_CRYPTO_ROOT_DIR" - rm -rf "$OUT_OF_SOURCE_DIR" - cd "$MBEDTLS_ROOT_DIR" -} - component_test_cmake_as_subdirectory () { # Remove existing generated files so that we use the ones CMake # generates diff --git a/tf-psa-crypto/tests/scripts/all.sh b/tf-psa-crypto/tests/scripts/all.sh new file mode 100755 index 000000000000..301595830ee8 --- /dev/null +++ b/tf-psa-crypto/tests/scripts/all.sh @@ -0,0 +1,16 @@ +#! /usr/bin/env bash + +# all.sh +# +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +# This file is executable; it is the entry point for users and the CI. +# See "Files structure" in all-core.sh for other files used. + +# This script must be invoked from the project's root. + +# The path is going to change when this is moved to the framework +source ../tests/scripts/all-core.sh + +main "$@" diff --git a/tf-psa-crypto/tests/scripts/components-build-system.sh b/tf-psa-crypto/tests/scripts/components-build-system.sh new file mode 100644 index 000000000000..957e23a4fce3 --- /dev/null +++ b/tf-psa-crypto/tests/scripts/components-build-system.sh @@ -0,0 +1,24 @@ +# components-build-system.sh +# +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +# This file contains test components that are executed by all.sh + +################################################################ +#### Build System Testing +################################################################ + +component_test_cmake_tf_psa_crypto_out_of_source () { + msg "build: cmake tf-psa-crypto 'out-of-source' build" + TF_PSA_CRYPTO_ROOT_DIR="$PWD" + mkdir "$OUT_OF_SOURCE_DIR" + cd "$OUT_OF_SOURCE_DIR" + # Note: Explicitly generate files as these are turned off in releases + cmake -D CMAKE_BUILD_TYPE:String=Check -D GEN_FILES=ON "$TF_PSA_CRYPTO_ROOT_DIR" + make + msg "test: cmake tf-psa-crypto 'out-of-source' build" + make test + cd "$TF_PSA_CRYPTO_ROOT_DIR" + rm -rf "$OUT_OF_SOURCE_DIR" +} From a93f988779caf149af6988eff675a15fa6bbdd90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 24 Oct 2024 09:49:34 +0200 Subject: [PATCH 4/8] all.sh: wrapper for both mbedtls and tf-psa-crypto MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In order to avoid changing the CI job's definition (which fewer team members understand, compared to shell scripts), just have a wrapper so that all.sh does both mbedtls and tf-psa-crypto under the hood for now. When tf-psa-crypto has its own CI running its own all.sh (with enough components migrated to get sufficient coverage) we can remove this hack. Rejected strategy: modify all-core.sh so that when running in mbedtls, it also sources components-*.sh from tf-psa-crypto, remembers which components come from Mbed TLS and which come from crypto, and magically adjust the environment for each component it runs. Rejected because it's hard to be confident we're adjusting everything that needs adjusting in the environment. Having separate processes seems much safer. The downside is we get more complexity around error handling (check for components requested but not available, --keep-going). When using --keep-going with failing component(s) in mbedtls and some components in tf-psa-crypto, the output is not satisfying for humans as we don't have a nice summary of all errors at the end like we normally would. IMO this is acceptable since: - this wrapper is transitional and should be removed in a few months; - it is mainly for the benefit of the CI; humans can always invoke the underlying commands directly. Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 92 +++++++++++++++++++++++++++++++++--- tests/scripts/mbedtls-all.sh | 16 +++++++ 2 files changed, 102 insertions(+), 6 deletions(-) create mode 100755 tests/scripts/mbedtls-all.sh diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a73c090dfe20..76738d9c0e05 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1,16 +1,96 @@ #! /usr/bin/env bash -# all.sh +# all.sh (transitional wrapper) # # Copyright The Mbed TLS Contributors # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later -# This file is executable; it is the entry point for users and the CI. -# See "Files structure" in all-core.sh for other files used. +# During the transition of CI associated with the repo split, +# we want all.sh from the mbedtls repo to transparently run both +# mbedtls and tf-psa-crypto components. +# This is what this wrapper is about. +# Once the transition is over, this wrapper can be removed, +# and mbedtls-all.sh renamed again to all.sh. +# +# This wrapper is mostly for the CI's benefit. Developers probably want to +# directly invoke one or two of the following commands: +# - tests/scripts/mbedtls-all.sh ... +# - (cd tf-psa-crypto && tests/scripts/all.sh ...) # This script must be invoked from the project's root. -# The path is going to change when this is moved to the framework -source tests/scripts/all-core.sh +set -eu + +# Get the list of components available on each side. +COMP_MBEDTLS=$(tests/scripts/mbedtls-all.sh --list-all-components | sort) +COMP_CRYPTO=$(cd tf-psa-crypto && tests/scripts/all.sh --list-all-components | sort) + +# Error out if any component is available on both sides +COMMON=$(comm -12 <(echo "$COMP_MBEDTLS") <(echo "$COMP_CRYPTO") | tr '\n' ' ') +if [ -n "$COMMON" ]; then + echo "The following components are duplicated: $COMMON" >&2 + exit 2 +fi + +# all.sh complains when a component is requested explicitly but is not +# available. However, here we actually run two instances of all.sh, so when +# requesting one component epxlicitly, at least one instance is not going to +# know about it. So, when invoking each side, remove the other side's +# components from its command line. This is safe because we know from above +# that no component is on both sides. + +# mbedtls args are global args without the crypto components +COMP_CRYPTO=$(echo $COMP_CRYPTO | tr '\n' ' ') +for arg in "$@"; do + case " $COMP_CRYPTO " in + *" $arg "*) ;; + *) mbedtls_args+=( $arg ) ;; + esac +done + +# crypto args are global args without the mbedtls components +COMP_MBEDTLS=$(echo $COMP_MBEDTLS | tr '\n' ' ') +for arg in "$@"; do + case " $COMP_MBEDTLS " in + *" $arg "*) ;; + *) crypto_args+=( $arg ) ;; + esac +done + +# Note: don't print debug info on what commands are being run, because we +# don't want to pollute the output especially when --list-components is used. + +# call mbedtls's all.sh +set +e +tests/scripts/mbedtls-all.sh "${mbedtls_args[@]}" +mbedtls_exit=$? +set -e +if [ $mbedtls_exit -ne 0 ]; then + echo "mbedtls-all.sh exited $mbedtls_exit" >&2 +fi + +# if it returned non-zero, should we keep going? +if [ $mbedtls_exit -ne 0 ]; then + case " $@ " in + *" --keep-going "*) ;; # fall through and run tf-psa-crypto's all.sh + *) exit $mbedtls_exit;; + esac +fi + +# call tf-psa-crypto's all.sh +set +e +(cd tf-psa-crypto && tests/scripts/all.sh "${crypto_args[@]}") +crypto_exit=$? +set -e +if [ $crypto_exit -ne 0 ]; then + echo "tf-psa-crypto's all.sh exited $crypto_exit" >&2 +fi -main "$@" +# return an appropriate exit code +if [ $mbedtls_exit -ne 0 ]; then + echo "mbedtls-all.sh exited $mbedtls_exit" >&2 + echo "Please scroll up for a summary of errors in mbedtls-all.sh" >&2 + exit $mbedtls_exit +else + exit $crypto_exit +fi diff --git a/tests/scripts/mbedtls-all.sh b/tests/scripts/mbedtls-all.sh new file mode 100755 index 000000000000..cdf296d7cae8 --- /dev/null +++ b/tests/scripts/mbedtls-all.sh @@ -0,0 +1,16 @@ +#! /usr/bin/env bash + +# all.sh (mbedtls part) +# +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +# This file is executable; it is the entry point for users and the CI. +# See "Files structure" in all-core.sh for other files used. + +# This script must be invoked from the project's root. + +# The path is going to change when this is moved to the framework +source tests/scripts/all-core.sh + +main "$@" From a4f0227669a2e833efdb885833930122bef6d6a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 24 Oct 2024 10:05:36 +0200 Subject: [PATCH 5/8] all.sh: prevent a silly mistake MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tf-psa-crypto/tests/scripts/all.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tf-psa-crypto/tests/scripts/all.sh b/tf-psa-crypto/tests/scripts/all.sh index 301595830ee8..e26abd811338 100755 --- a/tf-psa-crypto/tests/scripts/all.sh +++ b/tf-psa-crypto/tests/scripts/all.sh @@ -10,6 +10,13 @@ # This script must be invoked from the project's root. +# Prevent silly mistakes when people would invoke this from mbedtls +if [ -d tf-psa-crypto -a -d library ]; then + echo "When invoking this script from an mbedtls checkout," >&2 + echo "you must change the working directory to tf-psa-crypto." >&2 + exit 255 +fi + # The path is going to change when this is moved to the framework source ../tests/scripts/all-core.sh From 6ffebef9c4f9a663f9e3ac3da181e61fb18078fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 29 Oct 2024 12:57:24 +0100 Subject: [PATCH 6/8] New all.sh wrapper with reduced scope (CI only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 144 ++++++++++++++++++++++--------------------- 1 file changed, 75 insertions(+), 69 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 76738d9c0e05..d09e2908e949 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -5,92 +5,98 @@ # Copyright The Mbed TLS Contributors # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later -# During the transition of CI associated with the repo split, -# we want all.sh from the mbedtls repo to transparently run both -# mbedtls and tf-psa-crypto components. -# This is what this wrapper is about. -# Once the transition is over, this wrapper can be removed, -# and mbedtls-all.sh renamed again to all.sh. -# -# This wrapper is mostly for the CI's benefit. Developers probably want to -# directly invoke one or two of the following commands: +# This is a transitional wrapper that's only meant for the CI. +# Developers should directly invoke on or two of: # - tests/scripts/mbedtls-all.sh ... # - (cd tf-psa-crypto && tests/scripts/all.sh ...) +# +# During the transition, it's illegal for a tf-psa-crypto component to have +# the same name as an mbedtls components; since this wrapper handles both +# sides at once, component names need to be globally unique. Once the +# transition period is over, unicity on each side will be enough. +# +# For context, here are the steps of the transition: +# 1. We have an all.sh in tf-psa-crypto but for now we don't invoke it directly +# on the CI, only through this transitional wrapper in mbedtls. (tf-psa-crypto +# doesn't have its own CI initially and runs Mbed TLS's instead.) +# 2. We move all relevant components to tf-psa-crypto so that it gets the level of +# coverage we want. We need to make sure the new names are unique. +# 3. We change the CI job on tf-psa-crypto to stop checking out mbedtls and running +# its all.sh - instead we do the normal thing of checking out tf-psa-crypto and +# running its all.sh. (In two steps: (a) add the new job, (b) remove the old +# one.) +# 4. We remove the transitional wrapper in mbedtls and we're now free to rename +# tf-psa-crypto components as we want. If we followed a consistent naming +# pattern, this can be as simple as s/_tf_psa_crypto// in components-*.sh. # This script must be invoked from the project's root. +# There are exactly 4 ways this is invoked in the CI: +# 1. tests/scripts/all.sh --help +# 2. tests/scripts/all.sh --list-all-components +# 3. tests/scripts/all.sh --list-components +# 4. tests/scripts/all.sh --seed 4 --keep-going single_component_name +# This wrapper does not support other invocations. + set -eu -# Get the list of components available on each side. -COMP_MBEDTLS=$(tests/scripts/mbedtls-all.sh --list-all-components | sort) -COMP_CRYPTO=$(cd tf-psa-crypto && tests/scripts/all.sh --list-all-components | sort) +# Cases 1-3 +if [ "$#" -eq 1 ]; then + if [ "$1" = '--help' ]; then + # It doesn't matter which one we use, they're the same + tests/scripts/mbedtls-all.sh "$1" + exit 0 + fi + if [ "$1" = '--list-all-components' -o "$1" = '--list-components' ]; then + # Invoke both + tests/scripts/mbedtls-all.sh "$1" + (cd tf-psa-crypto && tests/scripts/all.sh "$1") + exit 0 + fi +fi -# Error out if any component is available on both sides -COMMON=$(comm -12 <(echo "$COMP_MBEDTLS") <(echo "$COMP_CRYPTO") | tr '\n' ' ') -if [ -n "$COMMON" ]; then - echo "The following components are duplicated: $COMMON" >&2 - exit 2 +if [ "$#" -ne 4 -o "$1" != '--seed' -o "$3" != '--keep-going' ]; then + echo "This invocation is not supported by the transitional wrapper." >&2 + echo "See the comments at the top of $0." >&2 + exit 1 fi -# all.sh complains when a component is requested explicitly but is not -# available. However, here we actually run two instances of all.sh, so when -# requesting one component epxlicitly, at least one instance is not going to -# know about it. So, when invoking each side, remove the other side's -# components from its command line. This is safe because we know from above -# that no component is on both sides. +# Case 4: invoke the right all.sh for this component +comp_name=$4 -# mbedtls args are global args without the crypto components -COMP_CRYPTO=$(echo $COMP_CRYPTO | tr '\n' ' ') -for arg in "$@"; do - case " $COMP_CRYPTO " in - *" $arg "*) ;; - *) mbedtls_args+=( $arg ) ;; - esac -done +# Get the list of components available on each side. +COMP_MBEDTLS=$(tests/scripts/mbedtls-all.sh --list-all-components | tr '\n' ' ') +COMP_CRYPTO=$(cd tf-psa-crypto && tests/scripts/all.sh --list-all-components | tr '\n' ' ') -# crypto args are global args without the mbedtls components -COMP_MBEDTLS=$(echo $COMP_MBEDTLS | tr '\n' ' ') -for arg in "$@"; do - case " $COMP_MBEDTLS " in - *" $arg "*) ;; - *) crypto_args+=( $arg ) ;; +# tell if $1 is in space-separated list $2 +is_in() { + needle=$1 + haystack=$2 + case " $haystack " in + *" $needle "*) echo 1;; + *) echo 0;; esac -done +} -# Note: don't print debug info on what commands are being run, because we -# don't want to pollute the output especially when --list-components is used. +is_crypto=$(is_in "$comp_name" "$COMP_CRYPTO") +is_mbedtls=$(is_in "$comp_name" "$COMP_MBEDTLS") -# call mbedtls's all.sh -set +e -tests/scripts/mbedtls-all.sh "${mbedtls_args[@]}" -mbedtls_exit=$? -set -e -if [ $mbedtls_exit -ne 0 ]; then - echo "mbedtls-all.sh exited $mbedtls_exit" >&2 +# Component should be on exactly one side (see comment near the top). +if [ "$is_crypto" -eq 1 -a "$is_mbedtls" -eq 1 ]; then + echo "Component '$comp_name' is both in crypto and Mbed TLS". >&2 + echo "See the comments at the top of $0." >&2 + exit 1 fi - -# if it returned non-zero, should we keep going? -if [ $mbedtls_exit -ne 0 ]; then - case " $@ " in - *" --keep-going "*) ;; # fall through and run tf-psa-crypto's all.sh - *) exit $mbedtls_exit;; - esac -fi - -# call tf-psa-crypto's all.sh -set +e -(cd tf-psa-crypto && tests/scripts/all.sh "${crypto_args[@]}") -crypto_exit=$? -set -e -if [ $crypto_exit -ne 0 ]; then - echo "tf-psa-crypto's all.sh exited $crypto_exit" >&2 +if [ "$is_crypto" -eq 0 -a "$is_mbedtls" -eq 0 ]; then + echo "Component '$comp_name' is neither in crypto nor in Mbed TLS". >&2 + echo "See the comments at the top of $0." >&2 + exit 1 fi -# return an appropriate exit code -if [ $mbedtls_exit -ne 0 ]; then - echo "mbedtls-all.sh exited $mbedtls_exit" >&2 - echo "Please scroll up for a summary of errors in mbedtls-all.sh" >&2 - exit $mbedtls_exit +# Invoke the real thing +if [ "$is_crypto" -eq 1 ]; then + cd tf-psa-crypto + exec tests/scripts/all.sh "$@" else - exit $crypto_exit + exec tests/scripts/mbedtls-all.sh "$@" fi From d10f42f5e6409f989009b64ee22488e35175d16b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 30 Oct 2024 09:52:36 +0100 Subject: [PATCH 7/8] Fix making the path of the outcomes file absolute. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d09e2908e949..20ca89951d2b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -93,8 +93,18 @@ if [ "$is_crypto" -eq 0 -a "$is_mbedtls" -eq 0 ]; then exit 1 fi + # Invoke the real thing if [ "$is_crypto" -eq 1 ]; then + # Make sure the path to the outcomes file is absolute. This is done by + # pre_prepare_outcome_file() however by the time it runs we've already + # changed the working directory, so do it now. + if [ -n "${MBEDTLS_TEST_OUTCOME_FILE+set}" ]; then + case "$MBEDTLS_TEST_OUTCOME_FILE" in + [!/]*) MBEDTLS_TEST_OUTCOME_FILE="$PWD/$MBEDTLS_TEST_OUTCOME_FILE";; + esac + export MBEDTLS_TEST_OUTCOME_FILE + fi cd tf-psa-crypto exec tests/scripts/all.sh "$@" else From dea700dd3811ed9614896932e8844a10bb713464 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 4 Nov 2024 11:40:44 +0100 Subject: [PATCH 8/8] all.sh: improve wrapper error reporting MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 20ca89951d2b..b1261bfc156b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -55,7 +55,7 @@ if [ "$#" -eq 1 ]; then fi fi -if [ "$#" -ne 4 -o "$1" != '--seed' -o "$3" != '--keep-going' ]; then +if [ "$#" -ne 4 -o "${1:-unset}" != '--seed' -o "${3:-unset}" != '--keep-going' ]; then echo "This invocation is not supported by the transitional wrapper." >&2 echo "See the comments at the top of $0." >&2 exit 1