commit | 92ceaf599c5931015f0c6b98cb9e634ce05cb216 | [log] [tgz] |
---|---|---|
author | pigweed-roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com> | Mon Feb 05 00:43:53 2024 +0000 |
committer | CQ Bot Account <pigweed-scoped@luci-project-accounts.iam.gserviceaccount.com> | Mon Feb 05 00:43:53 2024 +0000 |
tree | 7f2e609a8d5d184385bc7ac3bfe072414f988159 | |
parent | 50abd3600884a654793a252682b9fba92c051d1d [diff] |
[third_party/pigweed/src] Roll 63 commits a2c5384a67fc2c2 pw_bluetooth: Fix typo in SbcAllocationMethod 65a39d12d1ae5ac pw_bytes: Check for integer overflow a05ea168f47e6af pw_digital_io: [[nodiscard]] on as() conversion fu c5018fb03faf024 pw_toolchain: Fix divergent configuration in arm_c b415803c442d9eb pw_presubmit: Simplify 'gn gen' color logic a3cda56922d4837 pw_build: Enable fixed point types for clang build 3693d2abbdd34dd pw_allocator: Add additional metrics 0d599609762fd1b pw_random: Clean up build files 65d864a45d46a21 bazel: Update clang version 66a9be95250139b pw_allocator: Rename AllocatorMetricProxy to Track 6f4be3a99554bce pw_transfer: Rename TransferHandle -> Handle 7c55f06493264d6 pw_assert: Break out compatibility backend target 562215ca3338a60 pw_bazel_toolchain: Support regular binaries as to cc506980578e4e0 pw_transfer: Add resumeable transfers 1d4aae4d5bb30cc pw_toolchain_bazel: Migrate to PwToolInfo a8913567b439813 pw_toolchain_bazel: Pull file collection into conf 6d6ceb87c6949b0 pw_toolchain_bazel: Implement pw_cc_provides b087ad070626ad9 docs: Update homepage 2459ff43134cdf9 pw_env_setup: Make npm actions more robust 2aad3ffeec6a06c pw_toolchain_bazel: Implement PwActionConfigInfo f38af373c2facf4 pw_presubmit: Use color logic in gn gen call 6a7e52a2e5bf59c pw_presubmit: Apply color logic in more cases 065ec0f8496dcaf pw_env_setup: Only add mingw to PATH once 525d409ba89ae26 various: Fix clang-format findings c3041bb8dec2b51 docs: Update README links 9d700d34f4a9625 pw_boot: Update status and general doc cleanup b63b498bfa32e6f pw_toolchain_bazel: Create temporary variable 0e8ccae17ac616b pw_async_basic: Test flake fix 494b7f1305cde7c pw_toolchain: Use less generic names for B1-B5 cab494ddb20862d pw_toolchain_bazel: Add a concept of well-known fe 0bb3c2e2e67cefa pw_async_basic: Fix data race in newly added test 07f3883976500d5 pw_grpc: Add new module b75dbe548abb71d pw_toolchain_bazel: Implement requires_any_of for d85afb6beb1915f seed: Add authors to SEED document headers 81b4e41ca85045e pw_alignment: Add CMake & Soong support 5d09b50704fedfa pw_cpu_exception_cortex_m: Handle ARM v8.1 case 54df1af04307a7c pw_transfer: Make cancellation a method on handles e5a3ac35b63b7e8 pw_toolchain: Use LLVM compiler-rt builtins 0f089a31b24f9d4 pw_toolchain_bazel: Migrate to custom PwFeatureInf 2fbb8d04e0ac4b6 docs: Fix module homepage canonical URLs c692387895636a8 pw_tokenizer: Mention GCC template bug in the docs 88a609196fd8cb5 pw_format: Fix safe buildifier warnings 714f42a5e69e0fa pw_transfer: Allow setting a transfer resource siz 58010f768811359 pw_compilation_testing: Minor improvements e61c2daa82871ad pw_async_basic: Fix ordering of tasks posted at sa 2f985e8ce1ff67b pw_{build,presubmit}: Support disabling colors 9fcd145216a27e4 pw_toolchain_bazel: Add custom PwFlagSetInfo 905522bde753d85 pw_toolchain_bazel: Replace bazel_tools providers c7690f39d1627b8 pw_allocator: Add SynchronizedAllocator 2a924228b92f3cc mbedtls: Upgrade mbedtls to 3.5.0 abe112ca621be5d pw_allocator: Fix typo 6b7bdab53a8ea34 pw_{digital_io,protobuf,stream}: Use pw::internal: 36746572ed96755 pw_toolchain: Internal wrapper for casting between 9a601fb495b0b32 pw_allocator: Fix Allocator::Reallocate 8dc20520ccdf799 pw_rpc: Avoid undefined behavior when casting to r c2403a44d4b4d87 fxbug.dev: Migrate bug numbers 0316a4d4ae164d4 pw_toolchain: Small docs update 4207f9a237cf92e pw_function: Follow new docs guidelines 91ae9b642bfce23 docs: Update Bazel quickstart output sample 38d917f16b877ca SEED-0122: Update status, add bug reference 76c3f705fb7e8f2 pw_ide: Remove terminal env vars from VSC settings fc28a56edc7d71c pw_ide: VSC extension 0.1.4 release 76d5af51dfa5347 seed: Add sensors SEED https://pigweed.googlesource.com/pigweed/pigweed third_party/pigweed/src Rolled-Commits: 763cd05c56745c3..a2c5384a67fc2c2 Roller-URL: https://ci.chromium.org/b/8756976390934166673 GitWatcher: ignore CQ-Do-Not-Cancel-Tryjobs: true Change-Id: I9caaf579dcee7b4b1afcaec96e65476497403832 Reviewed-on: https://pigweed-review.googlesource.com/c/open-dice/+/190410 Bot-Commit: Pigweed Roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com> Commit-Queue: Pigweed Roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com>
This repository contains the specification for the Open Profile for DICE along with production-quality code. This profile is a specialization of the Hardware Requirements for a Device Identifier Composition Engine and DICE Layering Architecture specifications published by the Trusted Computing Group (TCG). For readers already familiar with those specs, notable distinctives of this profile include:
You can find us (and join us!) at https://groups.google.com/g/open-profile-for-dice. We're happy to answer questions and discuss proposed changes or features.
The specification can be found here. It is versioned using a major.minor scheme. Compatibility is maintained across minor versions but not necessarily across major versions.
Production quality, portable C code is included. The main code is in dice.h and dice.c. Cryptographic and certificate generation operations are injected via a set of callbacks. Multiple implementations of these operations are provided, all equally acceptable. Integrators should choose just one of these, or write their own.
Tests are included for all code and the build files in this repository can be used to build and run these tests.
Disclaimer: This is not an officially supported Google product.
Different implementations use different third party libraries. The third_party directory contains build files and git submodules for each of these. The submodules must be initialized once after cloning the repo, using git submodule update --init
, and updated after pulling commits that roll the submodules using git submodule update
.
To setup the build environment the first time:
$ git submodule update --init $ source bootstrap.sh $ gn gen out
To build and run tests:
$ ninja -C out
The easiest way, and currently the only supported way, to build and run tests is from a Pigweed environment on Linux. Pigweed does support other host platforms so it shouldn't be too hard to get this running on Windows for example, but we use Linux.
There are two scripts to help set this up:
bootstrap.sh will initialize submodules, bootstrap a Pigweed environment, and generate build files. This can take some time and may download on the order of 1GB of dependencies so the normal workflow is to just do this once.
activate.sh quickly reactivates an environment that has been previously bootstrapped.
These scripts must be sourced into the current session: source activate.sh
.
In the environment, from the base directory of the dice-profile checkout, run ninja -C out
to build everything and run all tests. You can also run pw watch
which will build, run tests, and continue to watch for changes.
This will build and run tests on the host using the clang toolchain. Pigweed makes it easy to configure other targets and toolchains. See toolchains/BUILD.gn and the Pigweed documentation.
The code is designed to be portable and should work with a variety of modern toolchains and in a variety of environments. The main code in dice.h and dice.c is C99; it uses uint8_t, size_t, and memcpy from the C standard library. The various ops implementations are as portable as their dependencies (often not C99 but still very portable). Notably, this code uses designated initializers for readability. This is a feature available in C since C99 but missing from C++ until C++20 where it appears in a stricter form.
The Google C++ Style Guide is used. A .clang-format
file is provided for convenience.
To incorporate the code into another project, there are a few options:
Copy only the necessary code. For example:
Take the main code as is: include/dice/dice.h, src/dice.c
Choose an implementation for crypto and certificate generation or choose to write your own. If you choose the boringssl implementation, for example, take include/dice/utils.h, include/dice/boringssl_ops.h, src/utils.c, and src/boringssl_ops.c. Taking a look at the library targets in BUILD.gn may be helpful.
Add this repository as a git submodule and integrate into the project build, optionally using the gn library targets provided.
Integrate into a project already using Pigweed using the gn build files provided.
The build reports code size using Bloaty McBloatface via the pw_bloat Pigweed module. There are two reports generated:
Library sizes - This report includes just the library code in this repository. It shows the baseline DICE code with no ops selected, and it shows the delta introduced by choosing various ops implementations. This report does not include the size of the third party dependencies.
Executable sizes - This report includes sizes for the library code in this repository plus all dependencies linked into a simple main function which makes a single DICE call with all-zero input. It shows the baseline DICE code with no ops (and therefore no dependencies other than libc), and it shows the delta introduced by choosing various ops implementations. This report does include the size of the third party dependencies. Note that rows specialized from ‘Boringssl Ops’ use that as a baseline for sizing.
The reports will be in the build output, but you can also find the reports in .txt
files in the build output. For example, cat out/host_optimized/gen/*.txt | less
will display all reports.
This code does not itself use mutable global variables, or any other type of shared data structure so there is no thread-safety concerns. However, additional care is needed to ensure dependencies are configured to be thread-safe. For example, the current boringssl configuration defines OPENSSL_NO_THREADS_CORRUPT_MEMORY_AND_LEAK_SECRETS_IF_THREADED, and that would need to be changed before running in a threaded environment.
This code makes a reasonable effort to clear memory holding sensitive data. This may help with a broader strategy to clear sensitive data but it is not sufficient on its own. Here are a few things to consider.