| commit | 35cc5769734f5cd8a99786fda9e00bf08f6401c5 | [log] [tgz] |
|---|---|---|
| author | pigweed-roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com> | Mon Jun 03 00:44:40 2024 +0000 |
| committer | CQ Bot Account <pigweed-scoped@luci-project-accounts.iam.gserviceaccount.com> | Mon Jun 03 00:44:40 2024 +0000 |
| tree | 3e6d740d635618319fdb0988e1719387dd4b0071 | |
| parent | 85e53e7aed5e6e7ce25f6a6af5c2b65b91219060 [diff] |
[third_party/pigweed/src] Roll 48 commits b0b4108bd83aa5a roll: gn 386a40b1ab0043a [fuchsia_infra] Roll 29 commits ff21b928c01c169 pw_build: Add pw_elf_to_dump rule ee4eea8fda11b8d pw_digital_io_linux: Add trigger option to CLI wat eee966337afe905 pw_log: Cast log level to int32_t 962d662171f05d0 pw_transfer: Always terminate transfers on stream 66c06bc9f876fc1 docs: blog: Bazel feature flags 7a6837d6e7ca33d pw_digital_io_linux: Add "watch" command 1ed69ae399e31f7 pw_digital_io_linux: Add support for input interru e56d63cfa56952f pw_digital_io_linux: Move examples out to compiled 2fd1e9cc714a565 pw_digital_io_linux: Update mock_vfs a07f9d1b43ebf67 pw_digital_io_linux: Add log_errno.h 9e5f85b2ed9593a pw_system: Mention that extra libs need alwayslink 96313b7cc138b0c pw_malloc: Add allocator backends 93fa287dc5010cf targets/rp2040: Add pico/debug probe filtering fla bdc50b62ca4c11a pw_log_string: Set default log backend da28a3e5e0b0048 pw_stream_uart_mcuxpresso: InterruptSafeWriter exa 1aa9d51028fcbc3 pw_stream_uart_mcuxpresso: Stream example a9a64a72393ed20 pw_stream_uart_mcuxpresso: Use clock tree 57310630f125c37 pw_clock_tree: Introduce ElementController class 1a672e2605ac5a4 pw_clock_tree_mcuxpresso: Fix source set name and 1d491c30feb54ee pw_clock_tree: Fix source set name and visibility aaa553c8693be3d pw_stream_uart_mcuxpresso: DMA stream example e8dcc48f4c5e8aa mimxrt595: Upgrade to SDK_2_14_0_EVK-MIMXRT59 1f6ad3a910c7cb0 pw_multibuf: SimpleAllocatorForTest 7bb5a76cced7e77 docs: Update changelog 201c503d9d3f066 pw_build: Add pw_elf_to_bin rule fc373c8032fdfd0 pw_build: Populate executable field in return from 432437af38911f2 pw_system: Add host_device_simulator transitions 33602efe7702181 roll: clang 272873750faa652 pw_multisink: Fix compiler warnings for tests 694805ff7c3e249 pw_hex_dump: Add Android.bp 9913b3beb9551d4 pw_channel: Only open read/write if channel is rea ed678303dec5a41 pw_thread: Fix thread snapshot service test e07a08914d79ea1 pw_channel: Add EpollChannel 3763a9d5b54c766 bazel: Support asan in Bazel 27f4c88862d06f8 pw_cpu_exception_cortex_m: Add crash analysis API 11777bcd3424150 pw_clock_tree_mcuxpresso: Mcuxpresso module 3eeee6c30e8388e pw_emu/py: Exclude tests module from the Pigweed P 65f7cc874344954 pw_web: Move shoelace split panel import 1eaa4363d3615df pw_build: Introduce PW_MUST_PLACE linker script ma 9edec04e128ec8d pw_allocator: Add BlockAllocator::MeasureFragmenta 69fa240add6d3f3 pw_libcxx: Only enable in clang builds ffaaf974d53a74a bazel: Update rules_rust to 0.45.1 c2915194debfc14 pw_toolchain: Add manual tag to Rust toolchains eb97b4508f6e0ca rp2040: Add upstream Bazel platform definition c932087017d7024 pw_cpu_exception_cortex_m: Fix incorrect inputs to c71207f85e160f4 pw_allocator: Fix Android build https://pigweed.googlesource.com/pigweed/pigweed third_party/pigweed/src Rolled-Commits: bbcdd74e4ed9487..b0b4108bd83aa5a Roller-URL: https://ci.chromium.org/b/8746195355220219761 GitWatcher: ignore CQ-Do-Not-Cancel-Tryjobs: true Change-Id: I6735d4b0967024f1fc4fb446646db2ae6c8f47cd Reviewed-on: https://pigweed-review.googlesource.com/c/open-dice/+/213431 Bot-Commit: Pigweed Roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com> Commit-Queue: Pigweed Roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com> Lint: Lint 🤖 <android-build-ayeaye@system.gserviceaccount.com>
This repository contains the specification for the Open Profile for DICE along with production-quality code. This profile is a specialization of the Hardware Requirements for a Device Identifier Composition Engine and DICE Layering Architecture specifications published by the Trusted Computing Group (TCG). For readers already familiar with those specs, notable distinctives of this profile include:
You can find us (and join us!) at https://groups.google.com/g/open-profile-for-dice. We're happy to answer questions and discuss proposed changes or features.
The specification can be found here. It is versioned using a major.minor scheme. Compatibility is maintained across minor versions but not necessarily across major versions.
Production quality, portable C code is included. The main code is in dice.h and dice.c. Cryptographic and certificate generation operations are injected via a set of callbacks. Multiple implementations of these operations are provided, all equally acceptable. Integrators should choose just one of these, or write their own.
Tests are included for all code and the build files in this repository can be used to build and run these tests.
Disclaimer: This is not an officially supported Google product.
Different implementations use different third party libraries. The third_party directory contains build files and git submodules for each of these. The submodules must be initialized once after cloning the repo, using git submodule update --init, and updated after pulling commits that roll the submodules using git submodule update.
To setup the build environment the first time:
$ git submodule update --init $ source bootstrap.sh $ gn gen out
To build and run tests:
$ ninja -C out
The easiest way, and currently the only supported way, to build and run tests is from a Pigweed environment on Linux. Pigweed does support other host platforms so it shouldn't be too hard to get this running on Windows for example, but we use Linux.
There are two scripts to help set this up:
bootstrap.sh will initialize submodules, bootstrap a Pigweed environment, and generate build files. This can take some time and may download on the order of 1GB of dependencies so the normal workflow is to just do this once.
activate.sh quickly reactivates an environment that has been previously bootstrapped.
These scripts must be sourced into the current session: source activate.sh.
In the environment, from the base directory of the dice-profile checkout, run ninja -C out to build everything and run all tests. You can also run pw watch which will build, run tests, and continue to watch for changes.
This will build and run tests on the host using the clang toolchain. Pigweed makes it easy to configure other targets and toolchains. See toolchains/BUILD.gn and the Pigweed documentation.
The code is designed to be portable and should work with a variety of modern toolchains and in a variety of environments. The main code in dice.h and dice.c is C99; it uses uint8_t, size_t, and memcpy from the C standard library. The various ops implementations are as portable as their dependencies (often not C99 but still very portable). Notably, this code uses designated initializers for readability. This is a feature available in C since C99 but missing from C++ until C++20 where it appears in a stricter form.
The Google C++ Style Guide is used. A .clang-format file is provided for convenience.
To incorporate the code into another project, there are a few options:
Copy only the necessary code. For example:
Take the main code as is: include/dice/dice.h, src/dice.c
Choose an implementation for crypto and certificate generation or choose to write your own. If you choose the boringssl implementation, for example, take include/dice/utils.h, include/dice/boringssl_ops.h, src/utils.c, and src/boringssl_ops.c. Taking a look at the library targets in BUILD.gn may be helpful.
Add this repository as a git submodule and integrate into the project build, optionally using the gn library targets provided.
Integrate into a project already using Pigweed using the gn build files provided.
The build reports code size using Bloaty McBloatface via the pw_bloat Pigweed module. There are two reports generated:
Library sizes - This report includes just the library code in this repository. It shows the baseline DICE code with no ops selected, and it shows the delta introduced by choosing various ops implementations. This report does not include the size of the third party dependencies.
Executable sizes - This report includes sizes for the library code in this repository plus all dependencies linked into a simple main function which makes a single DICE call with all-zero input. It shows the baseline DICE code with no ops (and therefore no dependencies other than libc), and it shows the delta introduced by choosing various ops implementations. This report does include the size of the third party dependencies. Note that rows specialized from ‘Boringssl Ops’ use that as a baseline for sizing.
The reports will be in the build output, but you can also find the reports in .txt files in the build output. For example, cat out/host_optimized/gen/*.txt | less will display all reports.
This code does not itself use mutable global variables, or any other type of shared data structure so there is no thread-safety concerns. However, additional care is needed to ensure dependencies are configured to be thread-safe. For example, the current boringssl configuration defines OPENSSL_NO_THREADS_CORRUPT_MEMORY_AND_LEAK_SECRETS_IF_THREADED, and that would need to be changed before running in a threaded environment.
This code makes a reasonable effort to clear memory holding sensitive data. This may help with a broader strategy to clear sensitive data but it is not sufficient on its own. Here are a few things to consider.