| commit | c7734201b4c4ed136636acd8f319d0ac189f22b2 | [log] [tgz] |
|---|---|---|
| author | pigweed-roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com> | Mon Aug 05 00:44:33 2024 +0000 |
| committer | CQ Bot Account <pigweed-scoped@luci-project-accounts.iam.gserviceaccount.com> | Mon Aug 05 00:44:33 2024 +0000 |
| tree | b9e561c3fc545ca42be0a915d3393f6f128cc2d3 | |
| parent | f118be39a83a7a867e46bdc2087c55cb06c59949 [diff] |
roll: third_party/pigweed/src 60 commits
71c4c844f102502 roll: gn
297f80e8180c0e0 roll: fuchsia_infra 119 commits
24a8258c6a77a3b roll: cmake
66d59b0e5f76b58 roll: rust
61f8b7ee89ec9e4 pw_presubmit: Fix incl-lang when not at repo root
474eecbbc9c11d0 pw_status: Don't silently discard status returns
779488194f46bd0 *: Run 'pw format --fix'
b27f297d255242c roll: Clang
0be2c4009313c57 pw_{multibuf, router}: Add missing includes
d4b4837220363c4 pw_env_setup: Update rust thumbv7m target
d0547a507e32440 bazel: Manage pw_ide deps via bzlmod
7c264e539443293 pw_allocator: Add missing include
324ee75ec152caa third_party/emboss: Append public_deps in GN templ
446b73e84b7ae45 pw_presubmit: Remove misc program
a21a327d126ba0d roll: bazel_skylib
dc7b7803aed532f pw_web: Change word-wrap to default true and save
65c56255b82a13c pw_system: Don't use implementation_deps
a55cfda13df756e pw_presubmit: Rename "misc" program to "sapphire"
f94f3f7299d8799 pw_spi_mcuxpresso: Add SPI_RxError() and SPI_TxErr
e51b311a154e11c pw_toolchain: Use `crate_name` for GN rust targets
e194c83f1d06383 pw_toolchain: proc_macro GN cross compile
ddcc251bcac0c2c pw_toolchain: Rustc cross compile to qemu-clang
2bccf25ed3d181d pw_build: Fix configs in pw_rust_executable
61f6e54585a0e81 pw_rust: Add no_std build to basic_executable
79f0dd143867866 pw_rust: Rename host_executable
9d49c47bb21b0cc pw_env_setup: Add rustc thumbv7m target
55c5087185c0ff3 pw_tokenizer: decode_optionally_tokenized without
280aeccf0bef690 pw_console: Additional UI and code themes
5cb019aed9d68b2 pw_web: NPM version bump to 0.0.22
1df8cb6e2022a85 pw_web: Show REPL message at every run
0e17c001aa2a1c6 pw_symbolizer: Add missing runfiles dep
59f96058375492f pw_rpc: Fix Typescript client streaming return typ
93c2ec369ab5a18 pw_console: Bump version of console js, add titles
8f276075de78ca5 pw_web: NPM version bump to 0.0.21
116b67dbec88d7b bazel: Manage Java deps through bzlmod
9b9615e17801148 pw_presubmit: Add new presubmit steps
285805a35a9878a pw_web: Enable custom titles, log-view access
71a9d5447de318e docs: Fix some bad links in the changelog
40caf32b68cf760 third_party/stm32cube: bzlmod-friendly changes
df07efa092d4072 pw_rpc: Add yield mode constraint_setting
b454ef6a4541f4f pw_ide: Automatically activate Bazelisk in new ter
ac59830dcdbd32c pw_system: Add console device aliases for common R
b0153387ffcae11 pw_clock_tree_mcuxpresso: Introduce ClockMcuxpress
ed88d9b037da70c pw_presubmit: Allow fxbug.dev and crbug.com TODOs
513f5005834264d pw_transfer: Add a delay after opening a stream to
b313a19ee2da2e9 pw_web: Change severity to level
cb0686574d879d8 pw_transfer: Use initial timeout when resending st
cbd04b9968e997f pw_bluetooth_sapphire: Remove manufacturer list
f513cf21c32c28e pw_digital_io_linux: Set log level to INFO
dbd8c53b25ddf3b pw_ide: Use stable clangd path
2f14cedd1d0ed0e pw_bluetooth_proxy: Release active connections onc
3bf584bb6065729 bazel: Provide symlink to clangd at root
1dfc6ad96d1931b pw_build: Auto disable project builder progress ba
46609c530888a1f pw_ide: Add inactive source file decoration
6b0942cafc5232f pw_multisink: Interface to read entries count
eb94603ae83c4eb pw_presubmit: Expose name of Bazel executable
262f3ce7028d220 pw_bluetooth_proxy: Only log disconnect events for
c9e99bb603446a8 pw_system: Save snapshots to /tmp
d6d9edae2f8faf4 pw_system: Make crash detection logs louder
7bbbec8a98bcf12 pw_toolchain: Expose a symlink to clangd
https://pigweed.googlesource.com/pigweed/pigweed
third_party/pigweed/src Rolled-Commits: 88f05c77b478b16..71c4c844f102502
Roller-URL: https://ci.chromium.org/b/8740487745098906481
GitWatcher: ignore
CQ-Do-Not-Cancel-Tryjobs: true
Change-Id: I0f3e328d907aa3a03956003aed8e0ef21d11c67e
Reviewed-on: https://pigweed-review.googlesource.com/c/open-dice/+/227597
Commit-Queue: Pigweed Roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com>
Lint: Lint 🤖 <android-build-ayeaye@system.gserviceaccount.com>
Bot-Commit: Pigweed Roller <pigweed-roller@pigweed-service-accounts.iam.gserviceaccount.com>
This repository contains the specification for the Open Profile for DICE along with production-quality code. This profile is a specialization of the Hardware Requirements for a Device Identifier Composition Engine and DICE Layering Architecture specifications published by the Trusted Computing Group (TCG). For readers already familiar with those specs, notable distinctives of this profile include:
You can find us (and join us!) at https://groups.google.com/g/open-profile-for-dice. We're happy to answer questions and discuss proposed changes or features.
The specification can be found here. It is versioned using a major.minor scheme. Compatibility is maintained across minor versions but not necessarily across major versions.
Production quality, portable C code is included. The main code is in dice.h and dice.c. Cryptographic and certificate generation operations are injected via a set of callbacks. Multiple implementations of these operations are provided, all equally acceptable. Integrators should choose just one of these, or write their own.
Tests are included for all code and the build files in this repository can be used to build and run these tests.
Disclaimer: This is not an officially supported Google product.
Different implementations use different third party libraries. The third_party directory contains build files and git submodules for each of these. The submodules must be initialized once after cloning the repo, using git submodule update --init, and updated after pulling commits that roll the submodules using git submodule update.
To setup the build environment the first time:
$ git submodule update --init $ source bootstrap.sh $ gn gen out
To build and run tests:
$ ninja -C out
The easiest way, and currently the only supported way, to build and run tests is from a Pigweed environment on Linux. Pigweed does support other host platforms so it shouldn't be too hard to get this running on Windows for example, but we use Linux.
There are two scripts to help set this up:
bootstrap.sh will initialize submodules, bootstrap a Pigweed environment, and generate build files. This can take some time and may download on the order of 1GB of dependencies so the normal workflow is to just do this once.
activate.sh quickly reactivates an environment that has been previously bootstrapped.
These scripts must be sourced into the current session: source activate.sh.
In the environment, from the base directory of the dice-profile checkout, run ninja -C out to build everything and run all tests. You can also run pw watch which will build, run tests, and continue to watch for changes.
This will build and run tests on the host using the clang toolchain. Pigweed makes it easy to configure other targets and toolchains. See toolchains/BUILD.gn and the Pigweed documentation.
The code is designed to be portable and should work with a variety of modern toolchains and in a variety of environments. The main code in dice.h and dice.c is C99; it uses uint8_t, size_t, and memcpy from the C standard library. The various ops implementations are as portable as their dependencies (often not C99 but still very portable). Notably, this code uses designated initializers for readability. This is a feature available in C since C99 but missing from C++ until C++20 where it appears in a stricter form.
The Google C++ Style Guide is used. A .clang-format file is provided for convenience.
To incorporate the code into another project, there are a few options:
Copy only the necessary code. For example:
Take the main code as is: include/dice/dice.h, src/dice.c
Choose an implementation for crypto and certificate generation or choose to write your own. If you choose the boringssl implementation, for example, take include/dice/utils.h, include/dice/boringssl_ops.h, src/utils.c, and src/boringssl_ops.c. Taking a look at the library targets in BUILD.gn may be helpful.
Add this repository as a git submodule and integrate into the project build, optionally using the gn library targets provided.
Integrate into a project already using Pigweed using the gn build files provided.
The build reports code size using Bloaty McBloatface via the pw_bloat Pigweed module. There are two reports generated:
Library sizes - This report includes just the library code in this repository. It shows the baseline DICE code with no ops selected, and it shows the delta introduced by choosing various ops implementations. This report does not include the size of the third party dependencies.
Executable sizes - This report includes sizes for the library code in this repository plus all dependencies linked into a simple main function which makes a single DICE call with all-zero input. It shows the baseline DICE code with no ops (and therefore no dependencies other than libc), and it shows the delta introduced by choosing various ops implementations. This report does include the size of the third party dependencies. Note that rows specialized from ‘Boringssl Ops’ use that as a baseline for sizing.
The reports will be in the build output, but you can also find the reports in .txt files in the build output. For example, cat out/host_optimized/gen/*.txt | less will display all reports.
This code does not itself use mutable global variables, or any other type of shared data structure so there is no thread-safety concerns. However, additional care is needed to ensure dependencies are configured to be thread-safe. For example, the current boringssl configuration defines OPENSSL_NO_THREADS_CORRUPT_MEMORY_AND_LEAK_SECRETS_IF_THREADED, and that would need to be changed before running in a threaded environment.
This code makes a reasonable effort to clear memory holding sensitive data. This may help with a broader strategy to clear sensitive data but it is not sufficient on its own. Here are a few things to consider.