commit | 5f750ee4d8cecf8dc4c29f18457bdbca26f8455e | [log] [tgz] |
---|---|---|
author | pigweed-roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com> | Mon Sep 25 00:45:13 2023 +0000 |
committer | CQ Bot Account <pigweed-scoped@luci-project-accounts.iam.gserviceaccount.com> | Mon Sep 25 00:45:13 2023 +0000 |
tree | 7975757d319328da6f97f10cf78aa7f886e75154 | |
parent | ba1425b829318f51356312e51f5ff8c529c9d902 [diff] |
[third_party/pigweed/src] Roll 63 commits 2ff4f59fdcad9e6 pw_allocator: Add SplitFreeListAllocator 6b125b992aaf41b roll: host_tools 4ef538b368937a8 pw_allocator: Add FallbackAllocator 694439eb756c769 roll: absolute_uploader, incremental_uploader a395f0351dc9cc8 roll: 310, 311, 38, 39 403e0c384e0af87 roll: cmake 75f843cb759c48c pw_allocator: Generic interface for allocators 8a6d531c956667b pw_web: Remove need for Buffer package in pw_hdlc 8aec844858ea0f5 pw_rpc: Refer to bug in TODO and fix format 4d47695ec939cca docs: Add Doxygen @endcode guidance 3f377ec76c5e775 Bazel: Retire pigweed_config (part 2) a5093f40d304cd4 pw_env_setup: Better highlight bootstrap failure f8292004be3df74 pw_console: Allow injecting args via Python call 165bbc751c8a591 pw_stream: Add Windows socket support 2b4d032535d1625 Revert "pw_env_setup: Fix double bootstrap.bat fai c5b0fe6fde3f2b4 pw_build: Apply -Wextra-semi to C code as well as 20b325b70d0a8eb pw_env_setup: Fix double bootstrap.bat failures on a7201858123869e pw_chre: Update bug numbers d58641e79baa503 pw_web: Remove date-fns 809a82a930d0404 pw_ide: Reformat json files 65122c3fcc08164 pw_bytes: Move Align functions from pw_kvs 2260430432a66e6 pw_presubmit: Add JSON formatter cc0d6fac9ed9aa2 pw_presubmit: Better handling of missing newlines 7970ac98c81a9a0 pw_libc: Pull in 'abort' 8d43cd1f960a97c OWNERS: Add toolchain team members 418fa41be76b7a4 docs: Clean up remaining instances of code:: f7d387e4036533d docs: Document code review process c177a43eef90582 Bazel: Retire pigweed_config (part 1) f18b8bbb4602bfb pw_env_setup: Enable overriding Clang CIPD version e0952479f4de6c5 pw_containers: Silence MSAN false positives b25fd46e6c4a8dc targets/host: Add pw_strict_host_clang_debug_dynam 3c1b249c8152dcf pw_chre: Minor fixes 879dbf96d534466 pw_string: Fix signed integer overflow 8a618cbb8f45ea7 pw_ide: Fix clangd path on Windows 2f6d0ec3f0a81a1 pw_libc: Use .test convention c1100a6fc2ea8a5 pw_libc: Use underscore prefixed variables 62f7163e5711aa5 pw_libc: Add documentation for pw_libc_source_set 0edc40e6e073f18 pw_env_setup: PyPI version bump to 0.0.15 882f691609b7697 pw_libc: Pull in 'gmtime' 572cbc2ce0622cd pw_{checksum, function, perf_test}: Sign conversio b03180dbc4aec94 pw_web: Export ProgressStats, ProgressCallback typ b683e530986e6c1 pw_libc: Fix printf for newer llvm-libc commits 609e4e5df3ed64c pw_web: Add back 'buffer' dependency 410227f26edd8bf pw_presubmit: Expand Bazel parser to tests 5a1691e618e1312 pw_presubmit: Remove now-unnecessary flag 514b73c7ac35076 pw_chre: Fix build rules to use paramertized paths dabaf05670a549f pw_tokenizer: C++ Base64 detokenization improvemen 3593369ee0f7ace pw_toolchain: Add missing objcopy tool to bazel to cb408fd88b63404 pw_thread: Fix small typo in docs 865e6cc5a9eabdf pw_toolchain_bazel: Support ar opts in pw_toolchai 3ba5e8857428774 SEED-0112: Claim SEED number ba80fb545318d33 SEED-0111: Claim SEED number 9fbdfd61795515f pw_web: NPM version bump to 0.0.13 8d89cdc2ea36f20 pw_toolchain_bazel: Add cortex-m7 constraint_value 7c74e216709f134 third_party/pico_sdk: Selectively disable elf2uf2 0c5eb3d4c354879 pw_web: Improve scrolling behavior 2328c7a79129a57 pw_toolchain: Add cpu flags to asmopts as well 6a54072d189a3ed pw_work_queue: Don't lock around work_notification 2e1fd23945e02da pw_libc: Fix llvm-libc after internal assert chang f1bf169cd2209b6 *: Use new TODO style 45527d21adb3984 Bazel: Remove -Wno-private-header from copts d62bb0b9358658a pw_chre: Split out shared_platform e765c4d38e33d40 build: Update Android.bp https://pigweed.googlesource.com/pigweed/pigweed third_party/pigweed/src Rolled-Commits: dabecbad7aa1ceb..2ff4f59fdcad9e6 Roller-URL: https://ci.chromium.org/b/8769025788897981153 GitWatcher: ignore CQ-Do-Not-Cancel-Tryjobs: true Change-Id: I10dd3c7144656ec0cbf2ab643195d97b234d5963 Reviewed-on: https://pigweed-review.googlesource.com/c/open-dice/+/172690 Bot-Commit: Pigweed Roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com> Commit-Queue: Pigweed Roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com>
This repository contains the specification for the Open Profile for DICE along with production-quality code. This profile is a specialization of the Hardware Requirements for a Device Identifier Composition Engine and DICE Layering Architecture specifications published by the Trusted Computing Group (TCG). For readers already familiar with those specs, notable distinctives of this profile include:
You can find us (and join us!) at https://groups.google.com/g/open-profile-for-dice. We're happy to answer questions and discuss proposed changes or features.
The specification can be found here. It is versioned using a major.minor scheme. Compatibility is maintained across minor versions but not necessarily across major versions.
Production quality, portable C code is included. The main code is in dice.h and dice.c. Cryptographic and certificate generation operations are injected via a set of callbacks. Multiple implementations of these operations are provided, all equally acceptable. Integrators should choose just one of these, or write their own.
Tests are included for all code and the build files in this repository can be used to build and run these tests.
Disclaimer: This is not an officially supported Google product.
Different implementations use different third party libraries. The third_party directory contains build files and git submodules for each of these. The submodules must be initialized once after cloning the repo, using git submodule update --init
, and updated after pulling commits that roll the submodules using git submodule update
.
To setup the build environment the first time:
$ git submodule update --init $ source bootstrap.sh $ gn gen out
To build and run tests:
$ ninja -C out
The easiest way, and currently the only supported way, to build and run tests is from a Pigweed environment on Linux. Pigweed does support other host platforms so it shouldn't be too hard to get this running on Windows for example, but we use Linux.
There are two scripts to help set this up:
bootstrap.sh will initialize submodules, bootstrap a Pigweed environment, and generate build files. This can take some time and may download on the order of 1GB of dependencies so the normal workflow is to just do this once.
activate.sh quickly reactivates an environment that has been previously bootstrapped.
These scripts must be sourced into the current session: source activate.sh
.
In the environment, from the base directory of the dice-profile checkout, run ninja -C out
to build everything and run all tests. You can also run pw watch
which will build, run tests, and continue to watch for changes.
This will build and run tests on the host using the clang toolchain. Pigweed makes it easy to configure other targets and toolchains. See toolchains/BUILD.gn and the Pigweed documentation.
The code is designed to be portable and should work with a variety of modern toolchains and in a variety of environments. The main code in dice.h and dice.c is C99; it uses uint8_t, size_t, and memcpy from the C standard library. The various ops implementations are as portable as their dependencies (often not C99 but still very portable). Notably, this code uses designated initializers for readability. This is a feature available in C since C99 but missing from C++ until C++20 where it appears in a stricter form.
The Google C++ Style Guide is used. A .clang-format
file is provided for convenience.
To incorporate the code into another project, there are a few options:
Copy only the necessary code. For example:
Take the main code as is: include/dice/dice.h, src/dice.c
Choose an implementation for crypto and certificate generation or choose to write your own. If you choose the boringssl implementation, for example, take include/dice/utils.h, include/dice/boringssl_ops.h, src/utils.c, and src/boringssl_ops.c. Taking a look at the library targets in BUILD.gn may be helpful.
Add this repository as a git submodule and integrate into the project build, optionally using the gn library targets provided.
Integrate into a project already using Pigweed using the gn build files provided.
The build reports code size using Bloaty McBloatface via the pw_bloat Pigweed module. There are two reports generated:
Library sizes - This report includes just the library code in this repository. It shows the baseline DICE code with no ops selected, and it shows the delta introduced by choosing various ops implementations. This report does not include the size of the third party dependencies.
Executable sizes - This report includes sizes for the library code in this repository plus all dependencies linked into a simple main function which makes a single DICE call with all-zero input. It shows the baseline DICE code with no ops (and therefore no dependencies other than libc), and it shows the delta introduced by choosing various ops implementations. This report does include the size of the third party dependencies. Note that rows specialized from ‘Boringssl Ops’ use that as a baseline for sizing.
The reports will be in the build output, but you can also find the reports in .txt
files in the build output. For example, cat out/host_optimized/gen/*.txt | less
will display all reports.
This code does not itself use mutable global variables, or any other type of shared data structure so there is no thread-safety concerns. However, additional care is needed to ensure dependencies are configured to be thread-safe. For example, the current boringssl configuration defines OPENSSL_NO_THREADS_CORRUPT_MEMORY_AND_LEAK_SECRETS_IF_THREADED, and that would need to be changed before running in a threaded environment.
This code makes a reasonable effort to clear memory holding sensitive data. This may help with a broader strategy to clear sensitive data but it is not sufficient on its own. Here are a few things to consider.