From cd94f5ee0be90f2d0b0137a626ea269773850c43 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 22 Dec 2024 18:58:00 +0000 Subject: [PATCH] [WIP] CI: Attempt to call `make` directly in `functest` action Signed-off-by: Hanno Becker --- .github/actions/functest/action.yml | 51 +++++++++++++++++++++++++++-- Makefile | 22 ++++++++----- test/acvp_client.py | 18 ++++++++-- 3 files changed, 77 insertions(+), 14 deletions(-) diff --git a/.github/actions/functest/action.yml b/.github/actions/functest/action.yml index 340d3b73b..9db0f74aa 100644 --- a/.github/actions/functest/action.yml +++ b/.github/actions/functest/action.yml @@ -85,10 +85,57 @@ runs: - $(python3 --version) - $(${{ inputs.cross_prefix }}${CC} --version | grep -m1 "") EOF - - name: ${{ env.MODE }} ${{ inputs.opt }} tests (${{ env.FUNC }}, ${{ env.KAT }}, ${{ env.NISTKAT }}) + + - name: Cleanup + shell: ${{ env.SHELL }} + run: | + make clean + - name: ${{ env.MODE }} ${{ inputs.opt }} tests (no_opt, func) + if: ${{ inputs.func == 'true' && (inputs.opt == 'no_opt' || inputs.opt == 'all') }} + shell: ${{ env.SHELL }} + run: | + CFLAGS="${{ inputs.cflags }}" make EXEC_PREFIX="${{ inputs.exec_wrapper }}" CROSS_PREFIX="${{ inputs.cross_prefix }}" AUTO=1 OPT=0 check_func + - name: ${{ env.MODE }} ${{ inputs.opt }} tests (no_opt, nistkat) + if: ${{ inputs.nistkat == 'true' && (inputs.opt == 'no_opt' || inputs.opt == 'all') }} shell: ${{ env.SHELL }} run: | - ./scripts/tests all --exec-wrapper="${{ inputs.exec_wrapper }}" --cross-prefix="${{ inputs.cross_prefix }}" --cflags="${{ inputs.cflags }}" --opt=${{ inputs.opt }} --${{ env.FUNC }} --${{ env.KAT }} --${{ env.NISTKAT }} --${{ env.ACVP }} -v + CFLAGS="${{ inputs.cflags }}" make EXEC_PREFIX="${{ inputs.exec_wrapper }}" CROSS_PREFIX="${{ inputs.cross_prefix }}" AUTO=1 OPT=0 check_nistkat + - name: ${{ env.MODE }} ${{ inputs.opt }} tests (no_opt, kat) + if: ${{ inputs.kat == 'true' && (inputs.opt == 'no_opt' || inputs.opt == 'all') }} + shell: ${{ env.SHELL }} + run: | + CFLAGS="${{ inputs.cflags }}" make EXEC_PREFIX="${{ inputs.exec_wrapper }}" CROSS_PREFIX="${{ inputs.cross_prefix }}" AUTO=1 OPT=0 check_kat + - name: ${{ env.MODE }} ${{ inputs.opt }} tests (no_opt, acvp) + if: ${{ inputs.acvp == 'true' && (inputs.opt == 'no_opt' || inputs.opt == 'all') }} + shell: ${{ env.SHELL }} + run: | + CFLAGS="${{ inputs.cflags }}" make EXEC_PREFIX="${{ inputs.exec_wrapper }}" CROSS_PREFIX="${{ inputs.cross_prefix }}" AUTO=1 OPT=0 check_acvp + + - name: Cleanup + shell: ${{ env.SHELL }} + run: | + make clean + - name: ${{ env.MODE }} ${{ inputs.opt }} tests (opt, func) + if: ${{ inputs.func == 'true' && (inputs.opt == 'opt' || inputs.opt == 'all') }} + shell: ${{ env.SHELL }} + run: | + CFLAGS="${{ inputs.cflags }}" make EXEC_PREFIX="${{ inputs.exec_wrapper }}" CROSS_PREFIX="${{ inputs.cross_prefix }}" AUTO=1 OPT=1 check_func + - name: ${{ env.MODE }} ${{ inputs.opt }} tests (opt, nistkat) + if: ${{ inputs.nistkat == 'true' && (inputs.opt == 'opt' || inputs.opt == 'all') }} + shell: ${{ env.SHELL }} + run: | + CFLAGS="${{ inputs.cflags }}" make EXEC_PREFIX="${{ inputs.exec_wrapper }}" CROSS_PREFIX="${{ inputs.cross_prefix }}" AUTO=1 OPT=1 check_nistkat + - name: ${{ env.MODE }} ${{ inputs.opt }} tests (opt, kat) + if: ${{ inputs.kat == 'true' && (inputs.opt == 'opt' || inputs.opt == 'all') }} + shell: ${{ env.SHELL }} + run: | + CFLAGS="${{ inputs.cflags }}" make EXEC_PREFIX="${{ inputs.exec_wrapper }}" CROSS_PREFIX="${{ inputs.cross_prefix }}" AUTO=1 OPT=1 check_kat + - name: ${{ env.MODE }} ${{ inputs.opt }} tests (opt, acvp) + if: ${{ inputs.acvp == 'true' && (inputs.opt == 'opt' || inputs.opt == 'all') }} + shell: ${{ env.SHELL }} + run: | + CFLAGS="${{ inputs.cflags }}" make EXEC_PREFIX="${{ inputs.exec_wrapper }}" CROSS_PREFIX="${{ inputs.cross_prefix }}" AUTO=1 OPT=1 check_acvp + - name: Check namespacing ${{ env.MODE }} ${{ inputs.opt }} tests (${{ env.FUNC }}, ${{ env.KAT }}, ${{ env.NISTKAT }}) shell: ${{ env.SHELL }} run: | diff --git a/Makefile b/Makefile index cee9d27e4..2e417fbce 100644 --- a/Makefile +++ b/Makefile @@ -10,6 +10,10 @@ include mk/crypto.mk include mk/schemes.mk include mk/rules.mk +# Binary wrapper, e.g. qemu-aarch64/qemu-x86_64 for emulation. +# Usually chosen consistently with CROSS_PREFIX for compilation. +EXEC_PREFIX?= + quickcheck: checkall buildall: mlkem nistkat kat acvp @@ -19,19 +23,19 @@ checkall: buildall check_kat check_nistkat check_func check_acvp $(Q)echo " Everything checks fine!" check_kat: buildall - $(MLKEM512_DIR)/bin/gen_KAT512 | sha256sum | cut -d " " -f 1 | xargs ./META.sh ML-KEM-512 kat-sha256 - $(MLKEM768_DIR)/bin/gen_KAT768 | sha256sum | cut -d " " -f 1 | xargs ./META.sh ML-KEM-768 kat-sha256 - $(MLKEM1024_DIR)/bin/gen_KAT1024 | sha256sum | cut -d " " -f 1 | xargs ./META.sh ML-KEM-1024 kat-sha256 + $(EXEC_PREFIX) $(MLKEM512_DIR)/bin/gen_KAT512 | sha256sum | cut -d " " -f 1 | xargs ./META.sh ML-KEM-512 kat-sha256 + $(EXEC_PREFIX) $(MLKEM768_DIR)/bin/gen_KAT768 | sha256sum | cut -d " " -f 1 | xargs ./META.sh ML-KEM-768 kat-sha256 + $(EXEC_PREFIX) $(MLKEM1024_DIR)/bin/gen_KAT1024 | sha256sum | cut -d " " -f 1 | xargs ./META.sh ML-KEM-1024 kat-sha256 check_nistkat: buildall - $(MLKEM512_DIR)/bin/gen_NISTKAT512 | sha256sum | cut -d " " -f 1 | xargs ./META.sh ML-KEM-512 nistkat-sha256 - $(MLKEM768_DIR)/bin/gen_NISTKAT768 | sha256sum | cut -d " " -f 1 | xargs ./META.sh ML-KEM-768 nistkat-sha256 - $(MLKEM1024_DIR)/bin/gen_NISTKAT1024 | sha256sum | cut -d " " -f 1 | xargs ./META.sh ML-KEM-1024 nistkat-sha256 + $(EXEC_PREFIX) $(MLKEM512_DIR)/bin/gen_NISTKAT512 | sha256sum | cut -d " " -f 1 | xargs ./META.sh ML-KEM-512 nistkat-sha256 + $(EXEC_PREFIX) $(MLKEM768_DIR)/bin/gen_NISTKAT768 | sha256sum | cut -d " " -f 1 | xargs ./META.sh ML-KEM-768 nistkat-sha256 + $(EXEC_PREFIX) $(MLKEM1024_DIR)/bin/gen_NISTKAT1024 | sha256sum | cut -d " " -f 1 | xargs ./META.sh ML-KEM-1024 nistkat-sha256 check_func: buildall - $(MLKEM512_DIR)/bin/test_mlkem512 - $(MLKEM768_DIR)/bin/test_mlkem768 - $(MLKEM1024_DIR)/bin/test_mlkem1024 + $(EXEC_PREFIX) $(MLKEM512_DIR)/bin/test_mlkem512 + $(EXEC_PREFIX) $(MLKEM768_DIR)/bin/test_mlkem768 + $(EXEC_PREFIX) $(MLKEM1024_DIR)/bin/test_mlkem1024 check_acvp: buildall python3 ./test/acvp_client.py diff --git a/test/acvp_client.py b/test/acvp_client.py index e0080dd68..140b29fab 100644 --- a/test/acvp_client.py +++ b/test/acvp_client.py @@ -9,12 +9,18 @@ # Invokes `acvp_mlkem{lvl}` under the hood. import json +import os import subprocess acvp_dir = "test/acvp_data" acvp_keygen_json = f"{acvp_dir}/acvp_keygen_internalProjection.json" acvp_encapDecap_json = f"{acvp_dir}/acvp_encapDecap_internalProjection.json" +if "EXEC_WRAPPER" in os.environ.keys(): + exec_wrapper = [os.environ["EXEC_WRAPPER"]] +else: + exec_wrapper = [] + with open(acvp_keygen_json, "r") as f: acvp_keygen_data = json.load(f) @@ -39,7 +45,7 @@ def run_encapDecap_test(tg, tc): print(f"Running encapDecap test case {tc['tcId']} ({tg['function']}) ... ", end="") if tg["function"] == "encapsulation": acvp_bin = get_acvp_binary(tg) - acvp_call = [ + acvp_call = exec_wrapper + [ acvp_bin, "encapDecap", "AFT", @@ -63,7 +69,7 @@ def run_encapDecap_test(tg, tc): print("OK") elif tg["function"] == "decapsulation": acvp_bin = get_acvp_binary(tg) - acvp_call = [ + acvp_call = exec_wrapper + [ acvp_bin, "encapDecap", "VAL", @@ -90,7 +96,13 @@ def run_encapDecap_test(tg, tc): def run_keyGen_test(tg, tc): print(f"Running keyGen test case {tc['tcId']} ... ", end="") acvp_bin = get_acvp_binary(tg) - acvp_call = [acvp_bin, "keyGen", "AFT", f"z={tc['z']}", f"d={tc['d']}"] + acvp_call = exec_wrapper + [ + acvp_bin, + "keyGen", + "AFT", + f"z={tc['z']}", + f"d={tc['d']}", + ] result = subprocess.run(acvp_call, encoding="utf-8", capture_output=True) if result.returncode != 0: print("FAIL!")