| commit | 3b32e8df77ce27c47e4927b094bcc91c8a45ea4e | [log] [tgz] |
|---|---|---|
| author | pigweed-roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com> | Mon Jun 24 00:44:56 2024 +0000 |
| committer | CQ Bot Account <pigweed-scoped@luci-project-accounts.iam.gserviceaccount.com> | Mon Jun 24 00:44:56 2024 +0000 |
| tree | d1ae93c8df5e32fd586896d4ff196b130ebfb723 | |
| parent | e811e078c484d73ade112e64d7b5c37dfb593351 [diff] |
roll: third_party/pigweed/src 66 commits 7ad2bee3e541072 rust: Fix clippy lints 880f40d3709839d roll: cmake ba4a1747954de39 pw_format: Fix and enable disabled Rust tests 99dfabfb6139412 docs: Add emboss to packages installed for build_d 1edcc733fe2cec8 targets/rp2040: Update docs a0b96183e45057a pw_allocator: Use specific block allocator headers 20f3739c55ea860 targets/rp2040: Add debugprobe version detection a 7bcd8c6a947594f pw_cli: Improve messaging for GitErrors db4aa332cdf0199 pw_bluetooth_proxy: Have release_fn take buffer* d9c9e4959765f34 pw_bluetooth_proxy: Add GetH4Span 0b1d2bfaf3402bf pw_clock_tree_mcuxpresso: Use AcquireWith for audi ae68ff1f200c77a pw_clock_tree: Introduce ClockTree AcquireWith met f894d1aa8d7e589 pw_target_runner: Send test binaries over gRPC 3292a27ec33acdd pw_bluetooth: Add WritePinTypeCommandCompleteEvent 3a9cb7b0cb084d5 pw_bluetooth: Add ReadPinTypeCommandCompleteEvent 3ca190b3b1553c6 pw_bluetooth: Add PinCodeRequestNegativeReplyComma f6773e365ff933f docs: Remove mention of multiplexers 68e267dfae009b6 pw_bluetooth: Add PinCodeRequestReplyCommandComple ac53f2a285fbe45 pw_bluetooth: Add WritePinTypeCommand Emboss struc 484b22c0c4f9945 pw_bluetooth: Add ReadPinTypeCommand Emboss struct 3eb5b9bc5991940 pw_bluetooth: Add PinCodeRequestNegativeReplyComma 81b9531df0d3fcb pw_env_setup: Suppress error message when running 144113cb55fa118 pw_build: Introduce boolean_constraint_value 2c02684d3e6344c pw_bluetooth: Add PinCodeRequestReplyCommand Embos 3a6c587166bb34e pw_bluetooth: Add PinType enum 9c34c1d5ec37823 pw_spi_mcuxpresso: Separate Bazel build targets d3e6e664ebf362e pw_spi_mcuxpresso: Fix unused paramter warning 4e881b4bf42a8d4 pw_transfer: Java style fixes; remove unused varia 4b96f4d43938c31 pw_presubmit: Build STM32F429i baremetal in CI d9bba5855b72a9f rp2040: Add a bazel rule for flashing 23df123c1a72c91 bazel: Update pin for rules_libusb b1a86a0d336a1b0 pw_emu: Add bazel python build d65c4f2ea2217b7 pw_toolchain: Add clippy-driver to rust toolchains 1d9d180c93b9523 pw_bluetooth_proxy: Add release_fn to H4PacketWith 02532d3875f0244 pw_bluetooth_proxy: Fix case style for some test v f9f845234c3f536 pw_bluetooth_proxy: Move to-controller flow to usi da47a16ccccd12f pw_bluetooth_proxy: Add H4PacketWithH4 ctor that t 0d7dfd58bd444d4 pw_bluetooth_proxy: Move H4Packet to using move se 0b2a6a9d699a848 nanopb: Import proto module 27b0e9eeeaffaea bazel: Update TODO in bazelrc c6e8cd83c4dd6c0 pw_bluetooth_proxy: Fix naming of SetH4Type 325f9a48db05e1c pw_system: Rename target_io.cc aa9d7a115b06c2f pw_web: Implement responsive toolbar behavior e6c5165547f3054 pw_bluetooth_proxy: Move to using H4Packet wrapper c6f3a9eeb718be6 rp2040: Add interrupt and freertos backends cfcc5533808a58b rp2040: Add flash main target 8e4ae345f623819 docs: Add OWNERS 67b6c47a019a9ca pw_build_info: Add git_build_info.h header for emb 2c8b44aa6836dd3 python: Add python targets for pw_i2c, pw_digital_ 0af21c49fa7f692 pw_ide: Run commands from PW_PROJECT_ROOT dir 49d5876907ba804 pw_grpc: Avoid buffer overflow when processing cor 9650f5fcbae1ea3 docs: Add Bazel installation guide c4f8c47ed2a739c pw_build: Move host_backend_alias (part 2) a78709c948aa0d3 rp2040: Add rp2040_binary transition 2ae7586e1ca9644 bazel: Stop using deprecated pw_facade aliases, v3 42504afa03234e3 pw_docgen: Add bug Docutils role 3c319b21bb978db OWNERS: Add gwsq 67ea3940b6d3c0e pw_multibuf: Fix Android build 3a1996034e63dea docs: Update GitHub actions tutorial 6411cd88cf8cd7c rp2040: Refactor test runner and extract flashing 2304e6ebc21e39b third_party/pico_sdk: Fix exception names in GN bu 5496bcf12266a83 docs: Update Pigweed Live schedule 2ed9c5a80eeb76d pw_system: Allow disabling of DeviceTracing RPC ca 5f36f8db6dcbb70 docs: Bazel compatibility patterns b0cdbe138ff4623 pw_allocator: Fix Android build 76f06970fcdd064 Revert "roll: bazel" https://pigweed.googlesource.com/pigweed/pigweed third_party/pigweed/src Rolled-Commits: 8059f92ef1a93df..7ad2bee3e541072 Roller-URL: https://ci.chromium.org/b/8744292816631881681 GitWatcher: ignore CQ-Do-Not-Cancel-Tryjobs: true Change-Id: I64b1c83c405fc76289f4da5fb0a644dcae1f67bf Reviewed-on: https://pigweed-review.googlesource.com/c/open-dice/+/217671 Lint: Lint 🤖 <android-build-ayeaye@system.gserviceaccount.com> Commit-Queue: Pigweed Roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com> Bot-Commit: Pigweed Roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com>
This repository contains the specification for the Open Profile for DICE along with production-quality code. This profile is a specialization of the Hardware Requirements for a Device Identifier Composition Engine and DICE Layering Architecture specifications published by the Trusted Computing Group (TCG). For readers already familiar with those specs, notable distinctives of this profile include:
You can find us (and join us!) at https://groups.google.com/g/open-profile-for-dice. We're happy to answer questions and discuss proposed changes or features.
The specification can be found here. It is versioned using a major.minor scheme. Compatibility is maintained across minor versions but not necessarily across major versions.
Production quality, portable C code is included. The main code is in dice.h and dice.c. Cryptographic and certificate generation operations are injected via a set of callbacks. Multiple implementations of these operations are provided, all equally acceptable. Integrators should choose just one of these, or write their own.
Tests are included for all code and the build files in this repository can be used to build and run these tests.
Disclaimer: This is not an officially supported Google product.
Different implementations use different third party libraries. The third_party directory contains build files and git submodules for each of these. The submodules must be initialized once after cloning the repo, using git submodule update --init, and updated after pulling commits that roll the submodules using git submodule update.
To setup the build environment the first time:
$ git submodule update --init $ source bootstrap.sh $ gn gen out
To build and run tests:
$ ninja -C out
The easiest way, and currently the only supported way, to build and run tests is from a Pigweed environment on Linux. Pigweed does support other host platforms so it shouldn't be too hard to get this running on Windows for example, but we use Linux.
There are two scripts to help set this up:
bootstrap.sh will initialize submodules, bootstrap a Pigweed environment, and generate build files. This can take some time and may download on the order of 1GB of dependencies so the normal workflow is to just do this once.
activate.sh quickly reactivates an environment that has been previously bootstrapped.
These scripts must be sourced into the current session: source activate.sh.
In the environment, from the base directory of the dice-profile checkout, run ninja -C out to build everything and run all tests. You can also run pw watch which will build, run tests, and continue to watch for changes.
This will build and run tests on the host using the clang toolchain. Pigweed makes it easy to configure other targets and toolchains. See toolchains/BUILD.gn and the Pigweed documentation.
The code is designed to be portable and should work with a variety of modern toolchains and in a variety of environments. The main code in dice.h and dice.c is C99; it uses uint8_t, size_t, and memcpy from the C standard library. The various ops implementations are as portable as their dependencies (often not C99 but still very portable). Notably, this code uses designated initializers for readability. This is a feature available in C since C99 but missing from C++ until C++20 where it appears in a stricter form.
The Google C++ Style Guide is used. A .clang-format file is provided for convenience.
To incorporate the code into another project, there are a few options:
Copy only the necessary code. For example:
Take the main code as is: include/dice/dice.h, src/dice.c
Choose an implementation for crypto and certificate generation or choose to write your own. If you choose the boringssl implementation, for example, take include/dice/utils.h, include/dice/boringssl_ops.h, src/utils.c, and src/boringssl_ops.c. Taking a look at the library targets in BUILD.gn may be helpful.
Add this repository as a git submodule and integrate into the project build, optionally using the gn library targets provided.
Integrate into a project already using Pigweed using the gn build files provided.
The build reports code size using Bloaty McBloatface via the pw_bloat Pigweed module. There are two reports generated:
Library sizes - This report includes just the library code in this repository. It shows the baseline DICE code with no ops selected, and it shows the delta introduced by choosing various ops implementations. This report does not include the size of the third party dependencies.
Executable sizes - This report includes sizes for the library code in this repository plus all dependencies linked into a simple main function which makes a single DICE call with all-zero input. It shows the baseline DICE code with no ops (and therefore no dependencies other than libc), and it shows the delta introduced by choosing various ops implementations. This report does include the size of the third party dependencies. Note that rows specialized from ‘Boringssl Ops’ use that as a baseline for sizing.
The reports will be in the build output, but you can also find the reports in .txt files in the build output. For example, cat out/host_optimized/gen/*.txt | less will display all reports.
This code does not itself use mutable global variables, or any other type of shared data structure so there is no thread-safety concerns. However, additional care is needed to ensure dependencies are configured to be thread-safe. For example, the current boringssl configuration defines OPENSSL_NO_THREADS_CORRUPT_MEMORY_AND_LEAK_SECRETS_IF_THREADED, and that would need to be changed before running in a threaded environment.
This code makes a reasonable effort to clear memory holding sensitive data. This may help with a broader strategy to clear sensitive data but it is not sufficient on its own. Here are a few things to consider.