1# components-configuration.sh 2# 3# Copyright The Mbed TLS Contributors 4# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 5 6# This file contains test components that are executed by all.sh 7 8################################################################ 9#### Configuration Testing 10################################################################ 11 12component_test_default_out_of_box () { 13 msg "build: make, default config (out-of-box)" # ~1min 14 make 15 # Disable fancy stuff 16 unset MBEDTLS_TEST_OUTCOME_FILE 17 18 msg "test: main suites make, default config (out-of-box)" # ~10s 19 make test 20 21 msg "selftest: make, default config (out-of-box)" # ~10s 22 programs/test/selftest 23 24 msg "program demos: make, default config (out-of-box)" # ~10s 25 tests/scripts/run_demos.py 26} 27 28component_test_default_cmake_gcc_asan () { 29 msg "build: cmake, gcc, ASan" # ~ 1 min 50s 30 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 31 make 32 33 msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s 34 make test 35 36 msg "program demos (ASan build)" # ~10s 37 tests/scripts/run_demos.py 38 39 msg "test: selftest (ASan build)" # ~ 10s 40 programs/test/selftest 41 42 msg "test: metatests (GCC, ASan build)" 43 tests/scripts/run-metatests.sh any asan poison 44 45 msg "test: ssl-opt.sh (ASan build)" # ~ 1 min 46 tests/ssl-opt.sh 47 48 msg "test: compat.sh (ASan build)" # ~ 6 min 49 tests/compat.sh 50 51 msg "test: context-info.sh (ASan build)" # ~ 15 sec 52 tests/context-info.sh 53} 54 55component_test_default_cmake_gcc_asan_new_bignum () { 56 msg "build: cmake, gcc, ASan" # ~ 1 min 50s 57 scripts/config.py set MBEDTLS_ECP_WITH_MPI_UINT 58 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 59 make 60 61 msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s 62 make test 63 64 msg "test: selftest (ASan build)" # ~ 10s 65 programs/test/selftest 66 67 msg "test: ssl-opt.sh (ASan build)" # ~ 1 min 68 tests/ssl-opt.sh 69 70 msg "test: compat.sh (ASan build)" # ~ 6 min 71 tests/compat.sh 72 73 msg "test: context-info.sh (ASan build)" # ~ 15 sec 74 tests/context-info.sh 75} 76 77component_test_full_cmake_gcc_asan () { 78 msg "build: full config, cmake, gcc, ASan" 79 scripts/config.py full 80 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 81 make 82 83 msg "test: main suites (inc. selftests) (full config, ASan build)" 84 make test 85 86 msg "test: selftest (full config, ASan build)" # ~ 10s 87 programs/test/selftest 88 89 msg "test: ssl-opt.sh (full config, ASan build)" 90 tests/ssl-opt.sh 91 92 # Note: the next two invocations cover all compat.sh test cases. 93 # We should use the same here and in basic-build-test.sh. 94 msg "test: compat.sh: default version (full config, ASan build)" 95 tests/compat.sh -e 'ARIA\|CHACHA' 96 97 msg "test: compat.sh: next: ARIA, Chacha (full config, ASan build)" 98 env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' 99 100 msg "test: context-info.sh (full config, ASan build)" # ~ 15 sec 101 tests/context-info.sh 102} 103 104component_test_full_cmake_gcc_asan_new_bignum () { 105 msg "build: full config, cmake, gcc, ASan" 106 scripts/config.py full 107 scripts/config.py set MBEDTLS_ECP_WITH_MPI_UINT 108 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 109 make 110 111 msg "test: main suites (inc. selftests) (full config, new bignum, ASan)" 112 make test 113 114 msg "test: selftest (full config, new bignum, ASan)" # ~ 10s 115 programs/test/selftest 116 117 msg "test: ssl-opt.sh (full config, new bignum, ASan)" 118 tests/ssl-opt.sh 119 120 # Note: the next two invocations cover all compat.sh test cases. 121 # We should use the same here and in basic-build-test.sh. 122 msg "test: compat.sh: default version (full config, new bignum, ASan)" 123 tests/compat.sh -e 'ARIA\|CHACHA' 124 125 msg "test: compat.sh: next: ARIA, Chacha (full config, new bignum, ASan)" 126 env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' 127 128 msg "test: context-info.sh (full config, new bignum, ASan)" # ~ 15 sec 129 tests/context-info.sh 130} 131 132component_test_full_cmake_clang () { 133 msg "build: cmake, full config, clang" # ~ 50s 134 scripts/config.py full 135 CC=clang CXX=clang++ cmake -D CMAKE_BUILD_TYPE:String=Release \ 136 -D ENABLE_TESTING=On -D TEST_CPP=1 . 137 make 138 139 msg "test: main suites (full config, clang)" # ~ 5s 140 make test 141 142 msg "test: cpp_dummy_build (full config, clang)" # ~ 1s 143 programs/test/cpp_dummy_build 144 145 msg "test: metatests (clang)" 146 tests/scripts/run-metatests.sh any pthread 147 148 msg "program demos (full config, clang)" # ~10s 149 tests/scripts/run_demos.py 150 151 msg "test: psa_constant_names (full config, clang)" # ~ 1s 152 $FRAMEWORK/scripts/test_psa_constant_names.py 153 154 msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s 155 tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private' 156} 157 158component_test_default_no_deprecated () { 159 # Test that removing the deprecated features from the default 160 # configuration leaves something consistent. 161 msg "build: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 30s 162 scripts/config.py set MBEDTLS_DEPRECATED_REMOVED 163 make CFLAGS='-O -Werror -Wall -Wextra' 164 165 msg "test: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 5s 166 make test 167} 168 169component_test_full_no_deprecated () { 170 msg "build: make, full_no_deprecated config" # ~ 30s 171 scripts/config.py full_no_deprecated 172 make CFLAGS='-O -Werror -Wall -Wextra' 173 174 msg "test: make, full_no_deprecated config" # ~ 5s 175 make test 176 177 msg "test: ensure that X509 has no direct dependency on BIGNUM_C" 178 not grep mbedtls_mpi library/libmbedx509.a 179} 180 181component_test_full_no_deprecated_deprecated_warning () { 182 # Test that there is nothing deprecated in "full_no_deprecated". 183 # A deprecated feature would trigger a warning (made fatal) from 184 # MBEDTLS_DEPRECATED_WARNING. 185 msg "build: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 30s 186 scripts/config.py full_no_deprecated 187 scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED 188 scripts/config.py set MBEDTLS_DEPRECATED_WARNING 189 make CFLAGS='-O -Werror -Wall -Wextra' 190 191 msg "test: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s 192 make test 193} 194 195component_test_full_deprecated_warning () { 196 # Test that when MBEDTLS_DEPRECATED_WARNING is enabled, the build passes 197 # with only certain whitelisted types of warnings. 198 msg "build: make, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s 199 scripts/config.py full 200 scripts/config.py set MBEDTLS_DEPRECATED_WARNING 201 # Expect warnings from '#warning' directives in check_config.h. 202 # Note that gcc is required to allow the use of -Wno-error=cpp, which allows us to 203 # display #warning messages without them being treated as errors. 204 make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=cpp' lib programs 205 206 msg "build: make tests, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s 207 # Set MBEDTLS_TEST_DEPRECATED to enable tests for deprecated features. 208 # By default those are disabled when MBEDTLS_DEPRECATED_WARNING is set. 209 # Expect warnings from '#warning' directives in check_config.h and 210 # from the use of deprecated functions in test suites. 211 make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests 212 213 msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s 214 make test 215 216 msg "program demos: full config + MBEDTLS_TEST_DEPRECATED" # ~10s 217 tests/scripts/run_demos.py 218} 219 220component_build_baremetal () { 221 msg "build: make, baremetal config" 222 scripts/config.py baremetal 223 make CFLAGS="-O1 -Werror -I$PWD/framework/tests/include/baremetal-override/" 224} 225 226support_build_baremetal () { 227 # Older Glibc versions include time.h from other headers such as stdlib.h, 228 # which makes the no-time.h-in-baremetal check fail. Ubuntu 16.04 has this 229 # problem, Ubuntu 18.04 is ok. 230 ! grep -q -F time.h /usr/include/x86_64-linux-gnu/sys/types.h 231} 232 233component_build_tfm () { 234 # Check that the TF-M configuration can build cleanly with various 235 # warning flags enabled. We don't build or run tests, since the 236 # TF-M configuration needs a TF-M platform. A tweaked version of 237 # the configuration that works on mainstream platforms is in 238 # configs/config-tfm.h, tested via test-ref-configs.pl. 239 cp configs/config-tfm.h "$CONFIG_H" 240 cp tf-psa-crypto/configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" 241 242 msg "build: TF-M config, clang, armv7-m thumb2" 243 make lib CC="clang" CFLAGS="--target=arm-linux-gnueabihf -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused -I../framework/tests/include/spe" 244 245 msg "build: TF-M config, gcc native build" 246 make clean 247 make lib CC="gcc" CFLAGS="-Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wformat-signedness -Wlogical-op -I../framework/tests/include/spe" 248} 249 250component_test_malloc_0_null () { 251 msg "build: malloc(0) returns NULL (ASan+UBSan build)" 252 scripts/config.py full 253 make CC=$ASAN_CC CFLAGS="'-DTF_PSA_CRYPTO_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" 254 255 msg "test: malloc(0) returns NULL (ASan+UBSan build)" 256 make test 257 258 msg "selftest: malloc(0) returns NULL (ASan+UBSan build)" 259 # Just the calloc selftest. "make test" ran the others as part of the 260 # test suites. 261 programs/test/selftest calloc 262 263 msg "test ssl-opt.sh: malloc(0) returns NULL (ASan+UBSan build)" 264 # Run a subset of the tests. The choice is a balance between coverage 265 # and time (including time indirectly wasted due to flaky tests). 266 # The current choice is to skip tests whose description includes 267 # "proxy", which is an approximation of skipping tests that use the 268 # UDP proxy, which tend to be slower and flakier. 269 tests/ssl-opt.sh -e 'proxy' 270} 271 272component_test_no_platform () { 273 # Full configuration build, without platform support, file IO and net sockets. 274 # This should catch missing mbedtls_printf definitions, and by disabling file 275 # IO, it should catch missing '#include <stdio.h>' 276 msg "build: full config except platform/fsio/net, make, gcc, C99" # ~ 30s 277 scripts/config.py full_no_platform 278 scripts/config.py unset MBEDTLS_PLATFORM_C 279 scripts/config.py unset MBEDTLS_NET_C 280 scripts/config.py unset MBEDTLS_FS_IO 281 scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C 282 scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C 283 scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED 284 # Use the test alternative implementation of mbedtls_platform_get_entropy() 285 # which is provided in "framework/tests/src/fake_external_rng_for_test.c" 286 # since the default one is excluded in this scenario. 287 scripts/config.py set MBEDTLS_PLATFORM_GET_ENTROPY_ALT 288 # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19, 289 # to re-enable platform integration features otherwise disabled in C99 builds 290 make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -Os -D_DEFAULT_SOURCE' lib programs 291 make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' test 292} 293 294component_build_mbedtls_config_file () { 295 msg "build: make with MBEDTLS_CONFIG_FILE" # ~40s 296 scripts/config.py -w full_config.h full 297 echo '#error "MBEDTLS_CONFIG_FILE is not working"' >"$CONFIG_H" 298 make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'" 299 # Make sure this feature is enabled. We'll disable it in the next phase. 300 programs/test/query_compile_time_config MBEDTLS_SSL_ALL_ALERT_MESSAGES 301 make clean 302 303 msg "build: make with MBEDTLS_CONFIG_FILE + MBEDTLS_USER_CONFIG_FILE" 304 # In the user config, disable one feature (for simplicity, pick a feature 305 # that nothing else depends on). 306 echo '#undef MBEDTLS_SSL_ALL_ALERT_MESSAGES' >user_config.h 307 make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"' -DMBEDTLS_USER_CONFIG_FILE='\"user_config.h\"'" 308 not programs/test/query_compile_time_config MBEDTLS_SSL_ALL_ALERT_MESSAGES 309 310 rm -f user_config.h full_config.h 311} 312 313component_test_no_strings () { 314 msg "build: no strings" # ~10s 315 scripts/config.py full 316 # Disable options that activate a large amount of string constants. 317 scripts/config.py unset MBEDTLS_DEBUG_C 318 scripts/config.py unset MBEDTLS_ERROR_C 319 scripts/config.py set MBEDTLS_ERROR_STRERROR_DUMMY 320 scripts/config.py unset MBEDTLS_VERSION_FEATURES 321 make CFLAGS='-Werror -Os' 322 323 msg "test: no strings" # ~ 10s 324 make test 325} 326 327component_test_memory_buffer_allocator_backtrace () { 328 msg "build: default config with memory buffer allocator and backtrace enabled" 329 scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C 330 scripts/config.py set MBEDTLS_PLATFORM_MEMORY 331 scripts/config.py set MBEDTLS_MEMORY_BACKTRACE 332 scripts/config.py set MBEDTLS_MEMORY_DEBUG 333 cmake -DCMAKE_BUILD_TYPE:String=Release . 334 make 335 336 msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE" 337 make test 338} 339 340component_test_memory_buffer_allocator () { 341 msg "build: default config with memory buffer allocator" 342 scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C 343 scripts/config.py set MBEDTLS_PLATFORM_MEMORY 344 cmake -DCMAKE_BUILD_TYPE:String=Release . 345 make 346 347 msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C" 348 make test 349 350 msg "test: ssl-opt.sh, MBEDTLS_MEMORY_BUFFER_ALLOC_C" 351 # MBEDTLS_MEMORY_BUFFER_ALLOC is slow. Skip tests that tend to time out. 352 tests/ssl-opt.sh -e '^DTLS proxy' 353} 354