Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CI: Add Docker-based compatibility tests #563

Closed
wants to merge 8 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions .github/actions/functest/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -68,26 +68,28 @@ runs:
## Setup
Architecture: $ARCH
- $(uname -a)
- $(nix --version)
- $(nix --version || echo 'nix not present')
- $(bash --version | grep -m1 "")
- $(python3 --version)
- $(${{ inputs.cross_prefix }}${CC} --version | grep -m1 "")
EOF
cat >> $GITHUB_STEP_SUMMARY <<-EOF
## Setup
Architecture: $ARCH
- $(uname -a)
- $(nix --version)
- $(nix --version || echo 'nix not present')
- $(bash --version | grep -m1 "")
- $(python3 --version)
- $(${{ inputs.cross_prefix }}${CC} --version | grep -m1 "")
EOF
- name: ${{ env.MODE }} ${{ inputs.opt }} tests (${{ env.FUNC }}, ${{ env.KAT }}, ${{ env.NISTKAT }})
shell: ${{ env.SHELL }}
run: |
tests all --cross-prefix="${{ inputs.cross_prefix }}" --cflags="${{ inputs.cflags }}" --opt=${{ inputs.opt }} --${{ env.FUNC }} --${{ env.KAT }} --${{ env.NISTKAT }} --${{ env.ACVP }} -v
./scripts/tests all --cross-prefix="${{ inputs.cross_prefix }}" --cflags="${{ inputs.cflags }}" --opt=${{ inputs.opt }} --${{ env.FUNC }} --${{ env.KAT }} --${{ env.NISTKAT }} --${{ env.ACVP }} -v
- name: Check namespacing ${{ env.MODE }} ${{ inputs.opt }} tests (${{ env.FUNC }}, ${{ env.KAT }}, ${{ env.NISTKAT }})
shell: ${{ env.SHELL }}
run: |
check-namespace
./scripts/ci/check-namespace
- name: Post ${{ env.MODE }} Tests
shell: ${{ env.SHELL }}
if: success() || failure()
Expand Down
9 changes: 6 additions & 3 deletions .github/actions/setup-ubuntu/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,23 +8,26 @@ inputs:
description: Space-separated list of additional packages to install
required: false
default: ''
sudo:
required: false
default: 'sudo'

runs:
using: composite
steps:
- name: Update package repository
shell: bash
run: |
sudo apt-get update
${{ inputs.sudo }} apt-get update
- name: Install base packages
shell: bash
run: |
sudo apt-get install python3-venv python3-pip make -y
${{ inputs.sudo }} apt-get install python3-venv python3-pip make -y
- name: Install additional packages
if: ${{ inputs.packages != ''}}
shell: bash
run: |
sudo apt-get install ${{ inputs.packages }} -y
${{ inputs.sudo }} apt-get install ${{ inputs.packages }} -y
- name: Setup Python venv
shell: bash
run: |
Expand Down
40 changes: 39 additions & 1 deletion .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -385,7 +385,6 @@ jobs:
kat: false
acvp: false
ec2_functests:
needs: [quickcheck, quickcheck-windows, quickcheck-c90, quickcheck-lib, examples, lint, lint-markdown-link]
strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -419,6 +418,7 @@ jobs:
contents: 'read'
id-token: 'write'
uses: ./.github/workflows/ci_ec2_reusable.yml
needs: [quickcheck, quickcheck-windows, quickcheck-c90, quickcheck-lib, examples, lint, lint-markdown-link]
if: github.repository_owner == 'pq-code-package' && !github.event.pull_request.head.repo.fork
with:
name: ${{ matrix.target.name }}
Expand All @@ -434,6 +434,44 @@ jobs:
lint: false
verbose: true
secrets: inherit
ec2_compatibilitytests:
strategy:
fail-fast: false
matrix:
container:
- id: ubuntu-22.04:gcc-12x
- id: ubuntu-22.04:gcc-11x
- id: ubuntu-20.04:gcc-8x
- id: ubuntu-20.04:gcc-7x
- id: ubuntu-20.04:clang-9x
- id: ubuntu-20.04:clang-8x
- id: ubuntu-20.04:clang-7x-bm-framework
- id: ubuntu-20.04:clang-7x
- id: ubuntu-20.04:clang-10x
- id: ubuntu-22.04:base
- id: ubuntu-20.04:base
name: Compatibility tests (${{ matrix.container.id }})
needs: [ec2_functests]
permissions:
contents: 'read'
id-token: 'write'
uses: ./.github/workflows/ci_ec2_reusable.yml
if: github.repository_owner == 'pq-code-package' && !github.event.pull_request.head.repo.fork
with:
container: ${{ matrix.container.id }}
name: ${{ matrix.container.id }}
ec2_instance_type: c7g.medium
ec2_ami: ubuntu-latest (custom AMI)
ec2_ami_id: ami-0f4b26c5372aa0525 # Has docker images preinstalled
compile_mode: native
opt: all
functest: true
kattest: true
nistkattest: true
acvptest: true
lint: false
verbose: true
secrets: inherit
cbmc_k2:
name: CBMC (ML-KEM-512)
needs: [quickcheck, quickcheck-windows, quickcheck-c90, quickcheck-lib, examples, lint, lint-markdown-link]
Expand Down
37 changes: 36 additions & 1 deletion .github/workflows/ci_ec2_reusable.yml
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,9 @@ on:
cbmc_mlkem_k:
type: string
default: 2
container:
type: string
default: ''
env:
AWS_ROLE: arn:aws:iam::559050233797:role/mlkem-c-aarch64-gh-action
AWS_REGION: us-east-1
Expand Down Expand Up @@ -112,9 +115,40 @@ jobs:
ec2-instance-type: ${{ inputs.ec2_instance_type }}
subnet-id: subnet-07b2729e5e065962f
security-group-id: sg-0ab2e297196c8c381
container_tests:
name: Run container tests
needs: start-ec2-runner
if: ${{ inputs.container != '' }}
runs-on: ${{ needs.start-ec2-runner.outputs.label }}
container:
localhost:5000/${{ inputs.container }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./.github/actions/setup-ubuntu
with:
sudo: ""
- name: make quickcheck
run: |
OPT=0 make quickcheck >/dev/null
make clean >/dev/null
OPT=1 make quickcheck >/dev/null
- name: Functional Tests
uses: ./.github/actions/multi-functest
with:
nix-shell: ""
gh_token: ${{ secrets.AWS_GITHUB_TOKEN }}
cflags: ${{ inputs.cflags }}
compile_mode: ${{ inputs.compile_mode }}
opt: ${{ inputs.opt }}
func: ${{ inputs.functest }}
kat: ${{ inputs.kattest }}
nistkat: ${{ inputs.nistkattest }}
acvp: ${{ inputs.acvptest }}

tests:
name: Run test
name: Run tests
needs: start-ec2-runner
if: ${{ inputs.container == '' }}
runs-on: ${{ needs.start-ec2-runner.outputs.label }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
Expand Down Expand Up @@ -160,6 +194,7 @@ jobs:
needs:
- start-ec2-runner
- tests
- container_tests
runs-on: ubuntu-latest
if: ${{ always() }} # required to stop the runner even if the error happened in the previous jobs
steps:
Expand Down
9 changes: 4 additions & 5 deletions mk/config.mk
Original file line number Diff line number Diff line change
Expand Up @@ -13,11 +13,10 @@ CC ?= gcc
CPP ?= cpp
AR ?= ar
# NOTE: gcc-ar is a wrapper around ar that ensures proper integration with GCC plugins,
# such as lto. Using gcc-ar is preferred when creating or linking static libraries
# if the binary is compiled with -flto.
# However, this doesn't apply to darwin as it is using clang instead, and there's no
# gcc-ar wrapper as well.
CC_AR ?= $(if $(findstring Darwin,$(shell uname -s)),ar,gcc-ar)
# such as lto. Using gcc-ar is preferred when creating or linking static libraries
# if the binary is compiled with -flto. However, it is not universally present, so
# only use it if available.
CC_AR ?= $(if $(shell which gcc-ar),gcc-ar,ar)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doesn't this break if you are using Darwin with gcc-ar installed, but you compile with clang?
I'm not very sure about this.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried to fix this by looking at cc --version to see if it's clang or not, and if it's gcc, check for gcc-ar.


CC := $(CROSS_PREFIX)$(CC)
CPP := $(CROSS_PREFIX)$(CPP)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,7 @@

/* Mapping of Kecck-f1600 state to scalar registers
* at the beginning and end of each round. */
sAba .req x1
tAba .req x1 /* Some compilers don't like sAba */
sAbe .req x6
sAbi .req x11
sAbo .req x16
Expand Down Expand Up @@ -279,7 +279,7 @@

.macro store_input_scalar idx
add input_addr, input_addr, #((2 + \idx)*25*8)
stp sAba, sAbe, [input_addr, #(1*8*0)]
stp tAba, sAbe, [input_addr, #(1*8*0)]
stp sAbi, sAbo, [input_addr, #(1*8*2)]
stp sAbu, sAga, [input_addr, #(1*8*4)]
stp sAge, sAgi, [input_addr, #(1*8*6)]
Expand All @@ -297,7 +297,7 @@

.macro load_input_scalar idx
add input_addr, input_addr, #((2 + \idx)*25*8)
ldp sAba, sAbe, [input_addr, #(1*8*0)]
ldp tAba, sAbe, [input_addr, #(1*8*0)]
ldp sAbi, sAbo, [input_addr, #(1*8*2)]
ldp sAbu, sAga, [input_addr, #(1*8*4)]
ldp sAge, sAgi, [input_addr, #(1*8*6)]
Expand Down Expand Up @@ -495,7 +495,7 @@
eor x14, x26, x6, ror #46 // .....................................................*
eor x6, x27, x29, ror #41 // .....................................................*

// eor5 X<sC0>, sAma, sAsa, sAba, sAga, sAka
// eor5 X<sC0>, sAma, sAsa, tAba, sAga, sAka
// eor5 X<sC1>, sAme, sAse, sAbe, sAge, sAke
// eor5 X<sC2>, sAmi, sAsi, sAbi, sAgi, sAki
// eor5 X<sC3>, sAmo, sAso, sAbo, sAgo, sAko
Expand All @@ -507,7 +507,7 @@
// eor X<sE2>, X<sC1>, X<sC3>, ror #63
// eor X<sE4>, X<sC3>, X<sC0>, ror #63

// eor X<sBba>, sAba, X<sE0>
// eor X<sBba>, tAba, X<sE0>
// eor X<sBsa>, sAbi, X<sE2>
// eor X<sBbi>, sAki, X<sE2>
// eor X<sBki>, sAko, X<sE3>
Expand Down Expand Up @@ -558,13 +558,13 @@
// chi_step_ror sAsi, X<sBsi>, X<sBsu>, X<sBso>, 25, 27
// chi_step_ror sAso, X<sBso>, X<sBsa>, X<sBsu>, 60, 21
// chi_step_ror sAsu, X<sBsu>, X<sBse>, X<sBsa>, 57, 53
// chi_step_ror2 sAba, X<sBba>, X<sBbi>, X<sBbe>, 63, 21
// chi_step_ror2 tAba, X<sBba>, X<sBbi>, X<sBbe>, 63, 21
// chi_step_ror sAbe, X<sBbe>, X<sBbo>, X<sBbi>, 42, 41
// chi_step_ror sAbi, X<sBbi>, X<sBbu>, X<sBbo>, 57, 35
// chi_step_ror sAbo, X<sBbo>, X<sBba>, X<sBbu>, 50, 43
// chi_step_ror sAbu, X<sBbu>, X<sBbe>, X<sBba>, 44, 30

// eor sAba, sAba, X<cur_const>
// eor tAba, tAba, X<cur_const>
.endm

.macro vector_round
Expand Down Expand Up @@ -753,7 +753,7 @@
eor x23, x3, x26, ror #52 // ........................................................*
eor x3, x29, x30, ror #24 // ........................................................*

// eor X<sC0>, sAba, sAga, ror #61
// eor X<sC0>, tAba, sAga, ror #61
// eor X<sC0>, X<sC0>, sAma, ror #54
// eor X<sC0>, X<sC0>, sAka, ror #39
// eor X<sC0>, X<sC0>, sAsa, ror #25
Expand Down Expand Up @@ -787,7 +787,7 @@
// eor X<sE2>, X<sC1>, X<sC3>, ror #63
// eor X<sE4>, X<sC3>, X<sC0>, ror #63

// eor X<sBba>, X<sE0>, sAba
// eor X<sBba>, X<sE0>, tAba
// eor X<sBsa>, X<sE2>, sAbi, ror #50
// eor X<sBbi>, X<sE2>, sAki, ror #46
// eor X<sBki>, X<sE3>, sAko, ror #63
Expand Down Expand Up @@ -840,13 +840,13 @@
// chi_step_ror sAsi, X<sBsi>, X<sBsu>, X<sBso>, 25, 27
// chi_step_ror sAso, X<sBso>, X<sBsa>, X<sBsu>, 60, 21
// chi_step_ror sAsu, X<sBsu>, X<sBse>, X<sBsa>, 57, 53
// chi_step_ror2 sAba, X<sBba>, X<sBbi>, X<sBbe>, 63, 21
// chi_step_ror2 tAba, X<sBba>, X<sBbi>, X<sBbe>, 63, 21
// chi_step_ror sAbe, X<sBbe>, X<sBbo>, X<sBbi>, 42, 41
// chi_step_ror sAbi, X<sBbi>, X<sBbu>, X<sBbo>, 57, 35
// chi_step_ror sAbo, X<sBbo>, X<sBba>, X<sBbu>, 50, 43
// chi_step_ror sAbu, X<sBbu>, X<sBbe>, X<sBba>, 44, 30

// eor sAba, sAba, X<cur_const>
// eor tAba, tAba, X<cur_const>
.endm

.macro final_scalar_rotate
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,7 @@

/* Mapping of Kecck-f1600 state to scalar registers
* at the beginning and end of each round. */
sAba .req x1
tAba .req x1 /* Some compilers don't like sAba */
sAbe .req x6
sAbi .req x11
sAbo .req x16
Expand Down Expand Up @@ -261,7 +261,7 @@

.macro store_input_scalar idx
add input_addr, input_addr, #((2 + \idx)*25*8)
stp sAba, sAbe, [input_addr, #(1*8*0)]
stp tAba, sAbe, [input_addr, #(1*8*0)]
stp sAbi, sAbo, [input_addr, #(1*8*2)]
stp sAbu, sAga, [input_addr, #(1*8*4)]
stp sAge, sAgi, [input_addr, #(1*8*6)]
Expand All @@ -279,7 +279,7 @@

.macro load_input_scalar idx
add input_addr, input_addr, #((2 + \idx)*25*8)
ldp sAba, sAbe, [input_addr, #(1*8*0)]
ldp tAba, sAbe, [input_addr, #(1*8*0)]
ldp sAbi, sAbo, [input_addr, #(1*8*2)]
ldp sAbu, sAga, [input_addr, #(1*8*4)]
ldp sAge, sAgi, [input_addr, #(1*8*6)]
Expand Down Expand Up @@ -477,7 +477,7 @@
eor x14, x26, x6, ror #46 // .....................................................*
eor x6, x27, x29, ror #41 // .....................................................*

// eor5 X<sC0>, sAma, sAsa, sAba, sAga, sAka
// eor5 X<sC0>, sAma, sAsa, tAba, sAga, sAka
// eor5 X<sC1>, sAme, sAse, sAbe, sAge, sAke
// eor5 X<sC2>, sAmi, sAsi, sAbi, sAgi, sAki
// eor5 X<sC3>, sAmo, sAso, sAbo, sAgo, sAko
Expand All @@ -489,7 +489,7 @@
// eor X<sE2>, X<sC1>, X<sC3>, ror #63
// eor X<sE4>, X<sC3>, X<sC0>, ror #63

// eor X<sBba>, sAba, X<sE0>
// eor X<sBba>, tAba, X<sE0>
// eor X<sBsa>, sAbi, X<sE2>
// eor X<sBbi>, sAki, X<sE2>
// eor X<sBki>, sAko, X<sE3>
Expand Down Expand Up @@ -540,13 +540,13 @@
// chi_step_ror sAsi, X<sBsi>, X<sBsu>, X<sBso>, 25, 27
// chi_step_ror sAso, X<sBso>, X<sBsa>, X<sBsu>, 60, 21
// chi_step_ror sAsu, X<sBsu>, X<sBse>, X<sBsa>, 57, 53
// chi_step_ror2 sAba, X<sBba>, X<sBbi>, X<sBbe>, 63, 21
// chi_step_ror2 tAba, X<sBba>, X<sBbi>, X<sBbe>, 63, 21
// chi_step_ror sAbe, X<sBbe>, X<sBbo>, X<sBbi>, 42, 41
// chi_step_ror sAbi, X<sBbi>, X<sBbu>, X<sBbo>, 57, 35
// chi_step_ror sAbo, X<sBbo>, X<sBba>, X<sBbu>, 50, 43
// chi_step_ror sAbu, X<sBbu>, X<sBbe>, X<sBba>, 44, 30

// eor sAba, sAba, X<cur_const>
// eor tAba, tAba, X<cur_const>
.endm

.macro vector_round
Expand Down Expand Up @@ -735,7 +735,7 @@
eor x23, x3, x26, ror #52 // ........................................................*
eor x3, x29, x30, ror #24 // ........................................................*

// eor X<sC0>, sAba, sAga, ror #61
// eor X<sC0>, tAba, sAga, ror #61
// eor X<sC0>, X<sC0>, sAma, ror #54
// eor X<sC0>, X<sC0>, sAka, ror #39
// eor X<sC0>, X<sC0>, sAsa, ror #25
Expand Down Expand Up @@ -769,7 +769,7 @@
// eor X<sE2>, X<sC1>, X<sC3>, ror #63
// eor X<sE4>, X<sC3>, X<sC0>, ror #63

// eor X<sBba>, X<sE0>, sAba
// eor X<sBba>, X<sE0>, tAba
// eor X<sBsa>, X<sE2>, sAbi, ror #50
// eor X<sBbi>, X<sE2>, sAki, ror #46
// eor X<sBki>, X<sE3>, sAko, ror #63
Expand Down Expand Up @@ -822,13 +822,13 @@
// chi_step_ror sAsi, X<sBsi>, X<sBsu>, X<sBso>, 25, 27
// chi_step_ror sAso, X<sBso>, X<sBsa>, X<sBsu>, 60, 21
// chi_step_ror sAsu, X<sBsu>, X<sBse>, X<sBsa>, 57, 53
// chi_step_ror2 sAba, X<sBba>, X<sBbi>, X<sBbe>, 63, 21
// chi_step_ror2 tAba, X<sBba>, X<sBbi>, X<sBbe>, 63, 21
// chi_step_ror sAbe, X<sBbe>, X<sBbo>, X<sBbi>, 42, 41
// chi_step_ror sAbi, X<sBbi>, X<sBbu>, X<sBbo>, 57, 35
// chi_step_ror sAbo, X<sBbo>, X<sBba>, X<sBbu>, 50, 43
// chi_step_ror sAbu, X<sBbu>, X<sBbe>, X<sBba>, 44, 30

// eor sAba, sAba, X<cur_const>
// eor tAba, tAba, X<cur_const>
.endm

.macro final_scalar_rotate
Expand Down
Loading
Loading