1# components-configuration.sh 2# 3# Copyright The Mbed TLS Contributors 4# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 5 6# This file contains test components that are executed by all.sh 7 8################################################################ 9#### Configuration Testing 10################################################################ 11 12component_test_default_out_of_box () { 13 msg "build: make, default config (out-of-box)" # ~1min 14 make 15 # Disable fancy stuff 16 unset MBEDTLS_TEST_OUTCOME_FILE 17 18 msg "test: main suites make, default config (out-of-box)" # ~10s 19 make test 20 21 msg "selftest: make, default config (out-of-box)" # ~10s 22 programs/test/selftest 23 24 msg "program demos: make, default config (out-of-box)" # ~10s 25 tests/scripts/run_demos.py 26} 27 28component_test_default_cmake_gcc_asan () { 29 msg "build: cmake, gcc, ASan" # ~ 1 min 50s 30 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 31 make 32 33 msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s 34 make test 35 36 msg "program demos (ASan build)" # ~10s 37 tests/scripts/run_demos.py 38 39 msg "test: selftest (ASan build)" # ~ 10s 40 programs/test/selftest 41 42 msg "test: metatests (GCC, ASan build)" 43 tests/scripts/run-metatests.sh any asan poison 44 45 msg "test: ssl-opt.sh (ASan build)" # ~ 1 min 46 tests/ssl-opt.sh 47 48 msg "test: compat.sh (ASan build)" # ~ 6 min 49 tests/compat.sh 50 51 msg "test: context-info.sh (ASan build)" # ~ 15 sec 52 tests/context-info.sh 53} 54 55component_test_default_cmake_gcc_asan_new_bignum () { 56 msg "build: cmake, gcc, ASan" # ~ 1 min 50s 57 scripts/config.py set MBEDTLS_ECP_WITH_MPI_UINT 58 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 59 make 60 61 msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s 62 make test 63 64 msg "test: selftest (ASan build)" # ~ 10s 65 programs/test/selftest 66 67 msg "test: ssl-opt.sh (ASan build)" # ~ 1 min 68 tests/ssl-opt.sh 69 70 msg "test: compat.sh (ASan build)" # ~ 6 min 71 tests/compat.sh 72 73 msg "test: context-info.sh (ASan build)" # ~ 15 sec 74 tests/context-info.sh 75} 76 77component_test_full_cmake_gcc_asan () { 78 msg "build: full config, cmake, gcc, ASan" 79 scripts/config.py full 80 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 81 make 82 83 msg "test: main suites (inc. selftests) (full config, ASan build)" 84 make test 85 86 msg "test: selftest (full config, ASan build)" # ~ 10s 87 programs/test/selftest 88 89 msg "test: ssl-opt.sh (full config, ASan build)" 90 tests/ssl-opt.sh 91 92 # Note: the next two invocations cover all compat.sh test cases. 93 # We should use the same here and in basic-build-test.sh. 94 msg "test: compat.sh: default version (full config, ASan build)" 95 tests/compat.sh -e 'ARIA\|CHACHA' 96 97 msg "test: compat.sh: next: ARIA, Chacha (full config, ASan build)" 98 env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' 99 100 msg "test: context-info.sh (full config, ASan build)" # ~ 15 sec 101 tests/context-info.sh 102} 103 104component_test_full_cmake_gcc_asan_new_bignum () { 105 msg "build: full config, cmake, gcc, ASan" 106 scripts/config.py full 107 scripts/config.py set MBEDTLS_ECP_WITH_MPI_UINT 108 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 109 make 110 111 msg "test: main suites (inc. selftests) (full config, new bignum, ASan)" 112 make test 113 114 msg "test: selftest (full config, new bignum, ASan)" # ~ 10s 115 programs/test/selftest 116 117 msg "test: ssl-opt.sh (full config, new bignum, ASan)" 118 tests/ssl-opt.sh 119 120 # Note: the next two invocations cover all compat.sh test cases. 121 # We should use the same here and in basic-build-test.sh. 122 msg "test: compat.sh: default version (full config, new bignum, ASan)" 123 tests/compat.sh -e 'ARIA\|CHACHA' 124 125 msg "test: compat.sh: next: ARIA, Chacha (full config, new bignum, ASan)" 126 env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' 127 128 msg "test: context-info.sh (full config, new bignum, ASan)" # ~ 15 sec 129 tests/context-info.sh 130} 131 132component_test_ref_configs () { 133 msg "test/build: ref-configs (ASan build)" # ~ 6 min 20s 134 # test-ref-configs works by overwriting mbedtls_config.h; this makes cmake 135 # want to re-generate generated files that depend on it, quite correctly. 136 # However this doesn't work as the generation script expects a specific 137 # format for mbedtls_config.h, which the other files don't follow. Also, 138 # cmake can't know this, but re-generation is actually not necessary as 139 # the generated files only depend on the list of available options, not 140 # whether they're on or off. So, disable cmake's (over-sensitive here) 141 # dependency resolution for generated files and just rely on them being 142 # present (thanks to pre_generate_files) by turning GEN_FILES off. 143 CC=$ASAN_CC cmake -D GEN_FILES=Off -D CMAKE_BUILD_TYPE:String=Asan . 144 tests/scripts/test-ref-configs.pl 145} 146 147component_test_full_cmake_clang () { 148 msg "build: cmake, full config, clang" # ~ 50s 149 scripts/config.py full 150 CC=clang CXX=clang cmake -D CMAKE_BUILD_TYPE:String=Release -D ENABLE_TESTING=On -D TEST_CPP=1 . 151 make 152 153 msg "test: main suites (full config, clang)" # ~ 5s 154 make test 155 156 msg "test: cpp_dummy_build (full config, clang)" # ~ 1s 157 programs/test/cpp_dummy_build 158 159 msg "test: metatests (clang)" 160 tests/scripts/run-metatests.sh any pthread 161 162 msg "program demos (full config, clang)" # ~10s 163 tests/scripts/run_demos.py 164 165 msg "test: psa_constant_names (full config, clang)" # ~ 1s 166 tests/scripts/test_psa_constant_names.py 167 168 msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s 169 tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private' 170} 171 172component_test_default_no_deprecated () { 173 # Test that removing the deprecated features from the default 174 # configuration leaves something consistent. 175 msg "build: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 30s 176 scripts/config.py set MBEDTLS_DEPRECATED_REMOVED 177 make CFLAGS='-O -Werror -Wall -Wextra' 178 179 msg "test: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 5s 180 make test 181} 182 183component_test_full_no_deprecated () { 184 msg "build: make, full_no_deprecated config" # ~ 30s 185 scripts/config.py full_no_deprecated 186 make CFLAGS='-O -Werror -Wall -Wextra' 187 188 msg "test: make, full_no_deprecated config" # ~ 5s 189 make test 190 191 msg "test: ensure that X509 has no direct dependency on BIGNUM_C" 192 not grep mbedtls_mpi library/libmbedx509.a 193} 194 195component_test_full_no_deprecated_deprecated_warning () { 196 # Test that there is nothing deprecated in "full_no_deprecated". 197 # A deprecated feature would trigger a warning (made fatal) from 198 # MBEDTLS_DEPRECATED_WARNING. 199 msg "build: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 30s 200 scripts/config.py full_no_deprecated 201 scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED 202 scripts/config.py set MBEDTLS_DEPRECATED_WARNING 203 make CFLAGS='-O -Werror -Wall -Wextra' 204 205 msg "test: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s 206 make test 207} 208 209component_test_full_deprecated_warning () { 210 # Test that when MBEDTLS_DEPRECATED_WARNING is enabled, the build passes 211 # with only certain whitelisted types of warnings. 212 msg "build: make, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s 213 scripts/config.py full 214 scripts/config.py set MBEDTLS_DEPRECATED_WARNING 215 # Expect warnings from '#warning' directives in check_config.h. 216 # Note that gcc is required to allow the use of -Wno-error=cpp, which allows us to 217 # display #warning messages without them being treated as errors. 218 make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=cpp' lib programs 219 220 msg "build: make tests, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s 221 # Set MBEDTLS_TEST_DEPRECATED to enable tests for deprecated features. 222 # By default those are disabled when MBEDTLS_DEPRECATED_WARNING is set. 223 # Expect warnings from '#warning' directives in check_config.h and 224 # from the use of deprecated functions in test suites. 225 make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests 226 227 msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s 228 make test 229 230 msg "program demos: full config + MBEDTLS_TEST_DEPRECATED" # ~10s 231 tests/scripts/run_demos.py 232} 233 234component_build_baremetal () { 235 msg "build: make, baremetal config" 236 scripts/config.py baremetal 237 make CFLAGS="-O1 -Werror -I$PWD/tests/include/baremetal-override/" 238} 239 240support_build_baremetal () { 241 # Older Glibc versions include time.h from other headers such as stdlib.h, 242 # which makes the no-time.h-in-baremetal check fail. Ubuntu 16.04 has this 243 # problem, Ubuntu 18.04 is ok. 244 ! grep -q -F time.h /usr/include/x86_64-linux-gnu/sys/types.h 245} 246 247component_test_no_psa_crypto_full_cmake_asan () { 248 # full minus MBEDTLS_PSA_CRYPTO_C: run the same set of tests as basic-build-test.sh 249 msg "build: cmake, full config minus PSA crypto, ASan" 250 scripts/config.py full 251 scripts/config.py unset MBEDTLS_PSA_CRYPTO_C 252 scripts/config.py unset MBEDTLS_PSA_CRYPTO_CLIENT 253 scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 254 scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 255 scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C 256 scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C 257 scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C 258 scripts/config.py unset MBEDTLS_LMS_C 259 scripts/config.py unset MBEDTLS_LMS_PRIVATE 260 CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . 261 make 262 263 msg "test: main suites (full minus PSA crypto)" 264 make test 265 266 # Note: ssl-opt.sh has some test cases that depend on 267 # MBEDTLS_ECP_RESTARTABLE && !MBEDTLS_USE_PSA_CRYPTO 268 # This is the only component where those tests are not skipped. 269 msg "test: ssl-opt.sh (full minus PSA crypto)" 270 tests/ssl-opt.sh 271 272 # Note: the next two invocations cover all compat.sh test cases. 273 # We should use the same here and in basic-build-test.sh. 274 msg "test: compat.sh: default version (full minus PSA crypto)" 275 tests/compat.sh -e 'ARIA\|CHACHA' 276 277 msg "test: compat.sh: next: ARIA, Chacha (full minus PSA crypto)" 278 env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' 279} 280 281component_build_tfm () { 282 # Check that the TF-M configuration can build cleanly with various 283 # warning flags enabled. We don't build or run tests, since the 284 # TF-M configuration needs a TF-M platform. A tweaked version of 285 # the configuration that works on mainstream platforms is in 286 # configs/config-tfm.h, tested via test-ref-configs.pl. 287 cp configs/config-tfm.h "$CONFIG_H" 288 289 msg "build: TF-M config, clang, armv7-m thumb2" 290 make lib CC="clang" CFLAGS="--target=arm-linux-gnueabihf -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused -I../tests/include/spe" 291 292 msg "build: TF-M config, gcc native build" 293 make clean 294 make lib CC="gcc" CFLAGS="-Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wformat-signedness -Wlogical-op -I../tests/include/spe" 295} 296 297component_test_no_platform () { 298 # Full configuration build, without platform support, file IO and net sockets. 299 # This should catch missing mbedtls_printf definitions, and by disabling file 300 # IO, it should catch missing '#include <stdio.h>' 301 msg "build: full config except platform/fsio/net, make, gcc, C99" # ~ 30s 302 scripts/config.py full_no_platform 303 scripts/config.py unset MBEDTLS_PLATFORM_C 304 scripts/config.py unset MBEDTLS_NET_C 305 scripts/config.py unset MBEDTLS_FS_IO 306 scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C 307 scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C 308 scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C 309 scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED 310 # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19, 311 # to re-enable platform integration features otherwise disabled in C99 builds 312 make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -Os -D_DEFAULT_SOURCE' lib programs 313 make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' test 314} 315 316component_test_memory_buffer_allocator_backtrace () { 317 msg "build: default config with memory buffer allocator and backtrace enabled" 318 scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C 319 scripts/config.py set MBEDTLS_PLATFORM_MEMORY 320 scripts/config.py set MBEDTLS_MEMORY_BACKTRACE 321 scripts/config.py set MBEDTLS_MEMORY_DEBUG 322 cmake -DCMAKE_BUILD_TYPE:String=Release . 323 make 324 325 msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE" 326 make test 327} 328 329component_test_memory_buffer_allocator () { 330 msg "build: default config with memory buffer allocator" 331 scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C 332 scripts/config.py set MBEDTLS_PLATFORM_MEMORY 333 cmake -DCMAKE_BUILD_TYPE:String=Release . 334 make 335 336 msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C" 337 make test 338 339 msg "test: ssl-opt.sh, MBEDTLS_MEMORY_BUFFER_ALLOC_C" 340 # MBEDTLS_MEMORY_BUFFER_ALLOC is slow. Skip tests that tend to time out. 341 tests/ssl-opt.sh -e '^DTLS proxy' 342} 343 344component_test_malloc_0_null () { 345 msg "build: malloc(0) returns NULL (ASan+UBSan build)" 346 scripts/config.py full 347 make CC=$ASAN_CC CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" 348 349 msg "test: malloc(0) returns NULL (ASan+UBSan build)" 350 make test 351 352 msg "selftest: malloc(0) returns NULL (ASan+UBSan build)" 353 # Just the calloc selftest. "make test" ran the others as part of the 354 # test suites. 355 programs/test/selftest calloc 356 357 msg "test ssl-opt.sh: malloc(0) returns NULL (ASan+UBSan build)" 358 # Run a subset of the tests. The choice is a balance between coverage 359 # and time (including time indirectly wasted due to flaky tests). 360 # The current choice is to skip tests whose description includes 361 # "proxy", which is an approximation of skipping tests that use the 362 # UDP proxy, which tend to be slower and flakier. 363 tests/ssl-opt.sh -e 'proxy' 364} 365 366component_build_mbedtls_config_file () { 367 msg "build: make with MBEDTLS_CONFIG_FILE" # ~40s 368 scripts/config.py -w full_config.h full 369 echo '#error "MBEDTLS_CONFIG_FILE is not working"' >"$CONFIG_H" 370 make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'" 371 # Make sure this feature is enabled. We'll disable it in the next phase. 372 programs/test/query_compile_time_config MBEDTLS_NIST_KW_C 373 make clean 374 375 msg "build: make with MBEDTLS_CONFIG_FILE + MBEDTLS_USER_CONFIG_FILE" 376 # In the user config, disable one feature (for simplicity, pick a feature 377 # that nothing else depends on). 378 echo '#undef MBEDTLS_NIST_KW_C' >user_config.h 379 make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"' -DMBEDTLS_USER_CONFIG_FILE='\"user_config.h\"'" 380 not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C 381 382 rm -f user_config.h full_config.h 383} 384 385component_test_no_strings () { 386 msg "build: no strings" # ~10s 387 scripts/config.py full 388 # Disable options that activate a large amount of string constants. 389 scripts/config.py unset MBEDTLS_DEBUG_C 390 scripts/config.py unset MBEDTLS_ERROR_C 391 scripts/config.py set MBEDTLS_ERROR_STRERROR_DUMMY 392 scripts/config.py unset MBEDTLS_VERSION_FEATURES 393 make CFLAGS='-Werror -Os' 394 395 msg "test: no strings" # ~ 10s 396 make test 397} 398
