| From 47db072e9ec749c6be7c0a27d64d7fbd75748d60 Mon Sep 17 00:00:00 2001 |
| From: Gyorgy Szing <Gyorgy.Szing@arm.com> |
| Date: Wed, 8 Dec 2021 04:20:34 +0100 |
| Subject: [PATCH] Enhance mbedtls fetch process |
| |
| Update management of MbedTLS external component to be optimized |
| for download speed insted of availability. |
| The updated process is: |
| - check if binary is available. If yes configure build to use it |
| and stop. |
| - if not, check is source is available. If yes, build it and use |
| the resulting binary. |
| - if not, then download the source using git, compile it and use |
| the resulting binary |
| |
| The following variables can be set on the command line to alter the |
| behavior of the module: |
| - MBEDTLS_URL git repo URL to fetch from. |
| - MBEDTLS_REFSPEC revision to fetch |
| - MBEDTLS_SOURCE_DIR to specify location of source code in |
| local file syetem. |
| - MBEDTLS_INSTALL_DIR to specify location of binary. |
| |
| I.e. cmake -S <...> -B <...> -DMBEDTLS_INSTALL_DIR=~/mbedtls |
| will make the resulting binary installed to ~/mbedtls. This can be |
| used later to speed up a clean build an use the prebuilt binary. |
| |
| Change-Id: I8a9ad8b3303e6dfa0a7c9c3d7e4b4787b94d925a |
| Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com> |
| |
| Upstream-Status: Pending [Not submitted to upstream yet] |
| Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com> |
| |
| |
| --- |
| external/MbedTLS/MbedTLS.cmake | 192 ++++++++++++++++++++------------- |
| 1 file changed, 119 insertions(+), 73 deletions(-) |
| |
| diff --git a/external/MbedTLS/MbedTLS.cmake b/external/MbedTLS/MbedTLS.cmake |
| index 3cbaed15..935be765 100644 |
| --- a/external/MbedTLS/MbedTLS.cmake |
| +++ b/external/MbedTLS/MbedTLS.cmake |
| @@ -1,96 +1,142 @@ |
| #------------------------------------------------------------------------------- |
| -# Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved. |
| +# Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved. |
| # |
| # SPDX-License-Identifier: BSD-3-Clause |
| # |
| #------------------------------------------------------------------------------- |
| |
| -# Determine the number of processes to run while running parallel builds. |
| -# Pass -DPROCESSOR_COUNT=<n> to cmake to override. |
| -if(NOT DEFINED PROCESSOR_COUNT) |
| - include(ProcessorCount) |
| - ProcessorCount(PROCESSOR_COUNT) |
| - set(PROCESSOR_COUNT ${PROCESSOR_COUNT} CACHE STRING "Number of cores to use for parallel builds.") |
| -endif() |
| +set(MBEDTLS_URL "https://github.com/ARMmbed/mbedtls.git" |
| + CACHE STRING "Mbed TLS repository URL") |
| +set(MBEDTLS_REFSPEC "mbedtls-3.0.0" |
| + CACHE STRING "Mbed TLS git refspec") |
| +set(MBEDTLS_SOURCE_DIR "${CMAKE_CURRENT_BINARY_DIR}/_deps/mbedtls-src" |
| + CACHE PATH "MbedTLS source directory") |
| +set(MBEDTLS_INSTALL_DIR "${CMAKE_CURRENT_BINARY_DIR}/mbedtls_install" |
| + CACHE PATH "Mbed TLS installation directory") |
| |
| -set(MBEDTLS_URL "https://github.com/ARMmbed/mbedtls.git" CACHE STRING "Mbed TLS repository URL") |
| -set(MBEDTLS_REFSPEC "mbedtls-3.0.0" CACHE STRING "Mbed TLS git refspec") |
| -set(MBEDTLS_INSTALL_PATH "${CMAKE_CURRENT_BINARY_DIR}/mbedtls_install" CACHE PATH "Mbed TLS installation directory") |
| -set(MBEDTLS_PACKAGE_PATH "${MBEDTLS_INSTALL_PATH}/lib/mbedtls/cmake" CACHE PATH "Mbed TLS CMake package directory") |
| +find_library(MBEDCRYPTO_LIB_FILE |
| + NAMES libmbedcrypto.a mbedcrypto.a libmbedcrypto.lib mbedcrypto.lib |
| + PATHS ${MBEDTLS_INSTALL_DIR} |
| + PATH_SUFFIXES "lib" |
| + DOC "Location of mberdrypto library." |
| + NO_DEFAULT_PATH |
| +) |
| |
| -include(FetchContent) |
| +set(MBEDCRYPTO_LIB_FILE ${MBEDCRYPTO_LIB_FILE}) |
| +unset(MBEDCRYPTO_LIB_FILE CACHE) |
| |
| -# Checking git |
| -find_program(GIT_COMMAND "git") |
| -if (NOT GIT_COMMAND) |
| - message(FATAL_ERROR "Please install git") |
| -endif() |
| +set(MBEDTLS_BINARY_DIR "${CMAKE_CURRENT_BINARY_DIR}/_deps/mbedtls-build") |
| |
| -# Fetching Mbed TLS |
| -FetchContent_Declare( |
| - mbedtls |
| - GIT_REPOSITORY ${MBEDTLS_URL} |
| - GIT_TAG ${MBEDTLS_REFSPEC} |
| - GIT_SHALLOW TRUE |
| -) |
| +# Binary not found and it needs to be built. |
| +if (NOT MBEDCRYPTO_LIB_FILE) |
| + # Determine the number of processes to run while running parallel builds. |
| + # Pass -DPROCESSOR_COUNT=<n> to cmake to override. |
| + if(NOT DEFINED PROCESSOR_COUNT) |
| + include(ProcessorCount) |
| + ProcessorCount(PROCESSOR_COUNT) |
| + set(PROCESSOR_COUNT ${PROCESSOR_COUNT} |
| + CACHE STRING "Number of cores to use for parallel builds.") |
| + endif() |
| |
| -# FetchContent_GetProperties exports mbedtls_SOURCE_DIR and mbedtls_BINARY_DIR variables |
| -FetchContent_GetProperties(mbedtls) |
| -if(NOT mbedtls_POPULATED) |
| - message(STATUS "Fetching Mbed TLS") |
| - FetchContent_Populate(mbedtls) |
| -endif() |
| + # See if the source is available locally |
| + find_file(MBEDCRYPTO_HEADER_FILE |
| + NAMES crypto.h |
| + PATHS ${MBEDTLS_SOURCE_DIR} |
| + PATH_SUFFIXES "include/psa" |
| + NO_DEFAULT_PATH |
| + ) |
| + set(MBEDCRYPTO_HEADER_FILE ${MBEDCRYPTO_HEADER_FILE}) |
| + unset(MBEDCRYPTO_HEADER_FILE CACHE) |
| |
| -# Convert the include path list to a string. Needed to make parameter passing to |
| -# Mbed TLS build work fine. |
| -string(REPLACE ";" "\\;" MBEDTLS_EXTRA_INCLUDES "${MBEDTLS_EXTRA_INCLUDES}") |
| + # Source not found, fetch it. |
| + if (NOT MBEDCRYPTO_HEADER_FILE) |
| + include(FetchContent) |
| |
| -find_package(Python3 COMPONENTS Interpreter) |
| -if (NOT Python3_Interpreter_FOUND) |
| - message(FATAL_ERROR "Python 3 interpreter not found.") |
| -endif() |
| + # Checking git |
| + find_program(GIT_COMMAND "git") |
| + if (NOT GIT_COMMAND) |
| + message(FATAL_ERROR "Please install git") |
| + endif() |
| |
| -#Configure Mbed TLS to build only mbedcrypto lib |
| -execute_process(COMMAND ${Python3_EXECUTABLE} scripts/config.py crypto WORKING_DIRECTORY ${mbedtls_SOURCE_DIR}) |
| - |
| -# Advertise Mbed TLS as the provider of the psa crypto API |
| -set(PSA_CRYPTO_API_INCLUDE "${MBEDTLS_INSTALL_PATH}/include" CACHE STRING "PSA Crypto API include path") |
| - |
| -#Configure the library |
| -execute_process(COMMAND |
| - ${CMAKE_COMMAND} |
| - -DENABLE_PROGRAMS=OFF |
| - -DENABLE_TESTING=OFF |
| - -DUNSAFE_BUILD=ON |
| - -DCMAKE_INSTALL_PREFIX=${MBEDTLS_INSTALL_PATH} |
| - -DCMAKE_TOOLCHAIN_FILE=${TS_EXTERNAL_LIB_TOOLCHAIN_FILE} |
| - -DCMAKE_TRY_COMPILE_TARGET_TYPE=STATIC_LIBRARY |
| - -DEXTERNAL_DEFINITIONS=-DMBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}" |
| - -DEXTERNAL_INCLUDE_PATHS=${MBEDTLS_EXTRA_INCLUDES} |
| - -GUnix\ Makefiles |
| - ${mbedtls_SOURCE_DIR} |
| - WORKING_DIRECTORY |
| - ${mbedtls_BINARY_DIR} |
| - RESULT_VARIABLE _exec_error |
| -) |
| + # Fetching Mbed TLS |
| + FetchContent_Declare( |
| + mbedtls |
| + SOURCE_DIR ${MBEDTLS_SOURCE_DIR} |
| + BINARY_DIR ${MBEDTLS_BINARY_DIR} |
| + GIT_REPOSITORY ${MBEDTLS_URL} |
| + GIT_TAG ${MBEDTLS_REFSPEC} |
| + GIT_SHALLOW TRUE |
| + ) |
| |
| -if (_exec_error) |
| - message(FATAL_ERROR "Configuration step of Mbed TLS failed with ${_exec_error}.") |
| -endif() |
| + # FetchContent_GetProperties exports mbedtls_SOURCE_DIR and mbedtls_BINARY_DIR variables |
| + FetchContent_GetProperties(mbedtls) |
| + # FetchContent_Populate will fail if the source directory is removed since it will try to |
| + # do an "update" and not a "populate" action. As a workaround, remove the subbuild directory. |
| + # Note: this fix assumes, the default subbuild location is used. |
| + file(REMOVE_RECURSE "${CMAKE_CURRENT_BINARY_DIR}/_deps/mbedtls-subbuild") |
| + |
| + # If the source directory has been moved, the binary dir must be regenerated from scratch. |
| + file(REMOVE_RECURSE "${MBEDTLS_BINARY_DIR}") |
| |
| -#TODO: add dependency to generated project on this file! |
| -#TODO: add custom target to rebuild Mbed TLS |
| + if (NOT mbedtls_POPULATED) |
| + message(STATUS "Fetching Mbed TLS") |
| + FetchContent_Populate(mbedtls) |
| + endif() |
| + set_property(DIRECTORY APPEND PROPERTY CMAKE_CONFIGURE_DEPENDS ${MBEDTLS_SOURCE_DIR}) |
| + endif() |
| |
| -#Build the library |
| -execute_process(COMMAND |
| - ${CMAKE_COMMAND} --build ${mbedtls_BINARY_DIR} --parallel ${PROCESSOR_COUNT} --target install |
| + # Build mbedcrypto library |
| + |
| + # Convert the include path list to a string. Needed to make parameter passing to |
| + # Mbed TLS build work fine. |
| + string(REPLACE ";" "\\;" MBEDTLS_EXTRA_INCLUDES "${MBEDTLS_EXTRA_INCLUDES}") |
| + |
| + find_package(Python3 REQUIRED COMPONENTS Interpreter) |
| + |
| + #Configure Mbed TLS to build only mbedcrypto lib |
| + execute_process(COMMAND ${Python3_EXECUTABLE} scripts/config.py crypto WORKING_DIRECTORY ${MBEDTLS_SOURCE_DIR}) |
| + |
| + # Advertise Mbed TLS as the provider of the psa crypto API |
| + set(PSA_CRYPTO_API_INCLUDE "${MBEDTLS_INSTALL_DIR}/include" CACHE STRING "PSA Crypto API include path") |
| + |
| + #Configure the library |
| + execute_process(COMMAND |
| + ${CMAKE_COMMAND} -E env CROSS_COMPILE=${CROSS_COMPILE} |
| + ${CMAKE_COMMAND} |
| + -DENABLE_PROGRAMS=OFF |
| + -DENABLE_TESTING=OFF |
| + -DUNSAFE_BUILD=ON |
| + -DCMAKE_INSTALL_PREFIX=${MBEDTLS_INSTALL_DIR} |
| + -DCMAKE_TOOLCHAIN_FILE=${TS_EXTERNAL_LIB_TOOLCHAIN_FILE} |
| + -DCMAKE_TRY_COMPILE_TARGET_TYPE=STATIC_LIBRARY |
| + -DEXTERNAL_DEFINITIONS=-DMBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}" |
| + -DEXTERNAL_INCLUDE_PATHS=${MBEDTLS_EXTRA_INCLUDES} |
| + -GUnix\ Makefiles |
| + ${MBEDTLS_SOURCE_DIR} |
| + WORKING_DIRECTORY |
| + ${MBEDTLS_BINARY_DIR} |
| RESULT_VARIABLE _exec_error |
| ) |
| -if (_exec_error) |
| - message(FATAL_ERROR "Build step of Mbed TLS failed with ${_exec_error}.") |
| + |
| + if (_exec_error) |
| + message(FATAL_ERROR "Configuration step of Mbed TLS failed with ${_exec_error}.") |
| + endif() |
| + |
| + #Build the library |
| + execute_process(COMMAND |
| + ${CMAKE_COMMAND} --build ${MBEDTLS_BINARY_DIR} --parallel ${PROCESSOR_COUNT} --target install |
| + RESULT_VARIABLE _exec_error |
| + ) |
| + |
| + if (_exec_error) |
| + message(FATAL_ERROR "Build step of Mbed TLS failed with ${_exec_error}.") |
| + endif() |
| + |
| + set(MBEDCRYPTO_LIB_FILE "${MBEDTLS_INSTALL_DIR}/lib/${CMAKE_STATIC_LIBRARY_PREFIX}mbedcrypto${CMAKE_STATIC_LIBRARY_SUFFIX}") |
| endif() |
| |
| #Create an imported target to have clean abstraction in the build-system. |
| add_library(mbedcrypto STATIC IMPORTED) |
| -set_property(TARGET mbedcrypto PROPERTY IMPORTED_LOCATION "${MBEDTLS_INSTALL_PATH}/lib/${CMAKE_STATIC_LIBRARY_PREFIX}mbedcrypto${CMAKE_STATIC_LIBRARY_SUFFIX}") |
| -set_property(TARGET mbedcrypto PROPERTY INTERFACE_INCLUDE_DIRECTORIES "${MBEDTLS_INSTALL_PATH}/include") |
| +set_property(DIRECTORY ${CMAKE_SOURCE_DIR} APPEND PROPERTY CMAKE_CONFIGURE_DEPENDS ${MBEDCRYPTO_LIB_FILE}) |
| +set_property(TARGET mbedcrypto PROPERTY IMPORTED_LOCATION ${MBEDCRYPTO_LIB_FILE}) |
| +set_property(TARGET mbedcrypto PROPERTY INTERFACE_INCLUDE_DIRECTORIES "${MBEDTLS_INSTALL_DIR}/include") |