Brad Bishop | bec4ebc | 2022-08-03 09:55:16 -0400 | [diff] [blame] | 1 | From 47db072e9ec749c6be7c0a27d64d7fbd75748d60 Mon Sep 17 00:00:00 2001 |
| 2 | From: Gyorgy Szing <Gyorgy.Szing@arm.com> |
| 3 | Date: Wed, 8 Dec 2021 04:20:34 +0100 |
| 4 | Subject: [PATCH] Enhance mbedtls fetch process |
| 5 | |
| 6 | Update management of MbedTLS external component to be optimized |
| 7 | for download speed insted of availability. |
| 8 | The updated process is: |
| 9 | - check if binary is available. If yes configure build to use it |
| 10 | and stop. |
| 11 | - if not, check is source is available. If yes, build it and use |
| 12 | the resulting binary. |
| 13 | - if not, then download the source using git, compile it and use |
| 14 | the resulting binary |
| 15 | |
| 16 | The following variables can be set on the command line to alter the |
| 17 | behavior of the module: |
| 18 | - MBEDTLS_URL git repo URL to fetch from. |
| 19 | - MBEDTLS_REFSPEC revision to fetch |
| 20 | - MBEDTLS_SOURCE_DIR to specify location of source code in |
| 21 | local file syetem. |
| 22 | - MBEDTLS_INSTALL_DIR to specify location of binary. |
| 23 | |
| 24 | I.e. cmake -S <...> -B <...> -DMBEDTLS_INSTALL_DIR=~/mbedtls |
| 25 | will make the resulting binary installed to ~/mbedtls. This can be |
| 26 | used later to speed up a clean build an use the prebuilt binary. |
| 27 | |
| 28 | Change-Id: I8a9ad8b3303e6dfa0a7c9c3d7e4b4787b94d925a |
| 29 | Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com> |
| 30 | |
| 31 | Upstream-Status: Pending [Not submitted to upstream yet] |
| 32 | Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com> |
| 33 | |
| 34 | |
| 35 | --- |
| 36 | external/MbedTLS/MbedTLS.cmake | 192 ++++++++++++++++++++------------- |
| 37 | 1 file changed, 119 insertions(+), 73 deletions(-) |
| 38 | |
| 39 | diff --git a/external/MbedTLS/MbedTLS.cmake b/external/MbedTLS/MbedTLS.cmake |
| 40 | index 3cbaed15..935be765 100644 |
| 41 | --- a/external/MbedTLS/MbedTLS.cmake |
| 42 | +++ b/external/MbedTLS/MbedTLS.cmake |
| 43 | @@ -1,96 +1,142 @@ |
| 44 | #------------------------------------------------------------------------------- |
| 45 | -# Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved. |
| 46 | +# Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved. |
| 47 | # |
| 48 | # SPDX-License-Identifier: BSD-3-Clause |
| 49 | # |
| 50 | #------------------------------------------------------------------------------- |
| 51 | |
| 52 | -# Determine the number of processes to run while running parallel builds. |
| 53 | -# Pass -DPROCESSOR_COUNT=<n> to cmake to override. |
| 54 | -if(NOT DEFINED PROCESSOR_COUNT) |
| 55 | - include(ProcessorCount) |
| 56 | - ProcessorCount(PROCESSOR_COUNT) |
| 57 | - set(PROCESSOR_COUNT ${PROCESSOR_COUNT} CACHE STRING "Number of cores to use for parallel builds.") |
| 58 | -endif() |
| 59 | +set(MBEDTLS_URL "https://github.com/ARMmbed/mbedtls.git" |
| 60 | + CACHE STRING "Mbed TLS repository URL") |
| 61 | +set(MBEDTLS_REFSPEC "mbedtls-3.0.0" |
| 62 | + CACHE STRING "Mbed TLS git refspec") |
| 63 | +set(MBEDTLS_SOURCE_DIR "${CMAKE_CURRENT_BINARY_DIR}/_deps/mbedtls-src" |
| 64 | + CACHE PATH "MbedTLS source directory") |
| 65 | +set(MBEDTLS_INSTALL_DIR "${CMAKE_CURRENT_BINARY_DIR}/mbedtls_install" |
| 66 | + CACHE PATH "Mbed TLS installation directory") |
| 67 | |
| 68 | -set(MBEDTLS_URL "https://github.com/ARMmbed/mbedtls.git" CACHE STRING "Mbed TLS repository URL") |
| 69 | -set(MBEDTLS_REFSPEC "mbedtls-3.0.0" CACHE STRING "Mbed TLS git refspec") |
| 70 | -set(MBEDTLS_INSTALL_PATH "${CMAKE_CURRENT_BINARY_DIR}/mbedtls_install" CACHE PATH "Mbed TLS installation directory") |
| 71 | -set(MBEDTLS_PACKAGE_PATH "${MBEDTLS_INSTALL_PATH}/lib/mbedtls/cmake" CACHE PATH "Mbed TLS CMake package directory") |
| 72 | +find_library(MBEDCRYPTO_LIB_FILE |
| 73 | + NAMES libmbedcrypto.a mbedcrypto.a libmbedcrypto.lib mbedcrypto.lib |
| 74 | + PATHS ${MBEDTLS_INSTALL_DIR} |
| 75 | + PATH_SUFFIXES "lib" |
| 76 | + DOC "Location of mberdrypto library." |
| 77 | + NO_DEFAULT_PATH |
| 78 | +) |
| 79 | |
| 80 | -include(FetchContent) |
| 81 | +set(MBEDCRYPTO_LIB_FILE ${MBEDCRYPTO_LIB_FILE}) |
| 82 | +unset(MBEDCRYPTO_LIB_FILE CACHE) |
| 83 | |
| 84 | -# Checking git |
| 85 | -find_program(GIT_COMMAND "git") |
| 86 | -if (NOT GIT_COMMAND) |
| 87 | - message(FATAL_ERROR "Please install git") |
| 88 | -endif() |
| 89 | +set(MBEDTLS_BINARY_DIR "${CMAKE_CURRENT_BINARY_DIR}/_deps/mbedtls-build") |
| 90 | |
| 91 | -# Fetching Mbed TLS |
| 92 | -FetchContent_Declare( |
| 93 | - mbedtls |
| 94 | - GIT_REPOSITORY ${MBEDTLS_URL} |
| 95 | - GIT_TAG ${MBEDTLS_REFSPEC} |
| 96 | - GIT_SHALLOW TRUE |
| 97 | -) |
| 98 | +# Binary not found and it needs to be built. |
| 99 | +if (NOT MBEDCRYPTO_LIB_FILE) |
| 100 | + # Determine the number of processes to run while running parallel builds. |
| 101 | + # Pass -DPROCESSOR_COUNT=<n> to cmake to override. |
| 102 | + if(NOT DEFINED PROCESSOR_COUNT) |
| 103 | + include(ProcessorCount) |
| 104 | + ProcessorCount(PROCESSOR_COUNT) |
| 105 | + set(PROCESSOR_COUNT ${PROCESSOR_COUNT} |
| 106 | + CACHE STRING "Number of cores to use for parallel builds.") |
| 107 | + endif() |
| 108 | |
| 109 | -# FetchContent_GetProperties exports mbedtls_SOURCE_DIR and mbedtls_BINARY_DIR variables |
| 110 | -FetchContent_GetProperties(mbedtls) |
| 111 | -if(NOT mbedtls_POPULATED) |
| 112 | - message(STATUS "Fetching Mbed TLS") |
| 113 | - FetchContent_Populate(mbedtls) |
| 114 | -endif() |
| 115 | + # See if the source is available locally |
| 116 | + find_file(MBEDCRYPTO_HEADER_FILE |
| 117 | + NAMES crypto.h |
| 118 | + PATHS ${MBEDTLS_SOURCE_DIR} |
| 119 | + PATH_SUFFIXES "include/psa" |
| 120 | + NO_DEFAULT_PATH |
| 121 | + ) |
| 122 | + set(MBEDCRYPTO_HEADER_FILE ${MBEDCRYPTO_HEADER_FILE}) |
| 123 | + unset(MBEDCRYPTO_HEADER_FILE CACHE) |
| 124 | |
| 125 | -# Convert the include path list to a string. Needed to make parameter passing to |
| 126 | -# Mbed TLS build work fine. |
| 127 | -string(REPLACE ";" "\\;" MBEDTLS_EXTRA_INCLUDES "${MBEDTLS_EXTRA_INCLUDES}") |
| 128 | + # Source not found, fetch it. |
| 129 | + if (NOT MBEDCRYPTO_HEADER_FILE) |
| 130 | + include(FetchContent) |
| 131 | |
| 132 | -find_package(Python3 COMPONENTS Interpreter) |
| 133 | -if (NOT Python3_Interpreter_FOUND) |
| 134 | - message(FATAL_ERROR "Python 3 interpreter not found.") |
| 135 | -endif() |
| 136 | + # Checking git |
| 137 | + find_program(GIT_COMMAND "git") |
| 138 | + if (NOT GIT_COMMAND) |
| 139 | + message(FATAL_ERROR "Please install git") |
| 140 | + endif() |
| 141 | |
| 142 | -#Configure Mbed TLS to build only mbedcrypto lib |
| 143 | -execute_process(COMMAND ${Python3_EXECUTABLE} scripts/config.py crypto WORKING_DIRECTORY ${mbedtls_SOURCE_DIR}) |
| 144 | - |
| 145 | -# Advertise Mbed TLS as the provider of the psa crypto API |
| 146 | -set(PSA_CRYPTO_API_INCLUDE "${MBEDTLS_INSTALL_PATH}/include" CACHE STRING "PSA Crypto API include path") |
| 147 | - |
| 148 | -#Configure the library |
| 149 | -execute_process(COMMAND |
| 150 | - ${CMAKE_COMMAND} |
| 151 | - -DENABLE_PROGRAMS=OFF |
| 152 | - -DENABLE_TESTING=OFF |
| 153 | - -DUNSAFE_BUILD=ON |
| 154 | - -DCMAKE_INSTALL_PREFIX=${MBEDTLS_INSTALL_PATH} |
| 155 | - -DCMAKE_TOOLCHAIN_FILE=${TS_EXTERNAL_LIB_TOOLCHAIN_FILE} |
| 156 | - -DCMAKE_TRY_COMPILE_TARGET_TYPE=STATIC_LIBRARY |
| 157 | - -DEXTERNAL_DEFINITIONS=-DMBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}" |
| 158 | - -DEXTERNAL_INCLUDE_PATHS=${MBEDTLS_EXTRA_INCLUDES} |
| 159 | - -GUnix\ Makefiles |
| 160 | - ${mbedtls_SOURCE_DIR} |
| 161 | - WORKING_DIRECTORY |
| 162 | - ${mbedtls_BINARY_DIR} |
| 163 | - RESULT_VARIABLE _exec_error |
| 164 | -) |
| 165 | + # Fetching Mbed TLS |
| 166 | + FetchContent_Declare( |
| 167 | + mbedtls |
| 168 | + SOURCE_DIR ${MBEDTLS_SOURCE_DIR} |
| 169 | + BINARY_DIR ${MBEDTLS_BINARY_DIR} |
| 170 | + GIT_REPOSITORY ${MBEDTLS_URL} |
| 171 | + GIT_TAG ${MBEDTLS_REFSPEC} |
| 172 | + GIT_SHALLOW TRUE |
| 173 | + ) |
| 174 | |
| 175 | -if (_exec_error) |
| 176 | - message(FATAL_ERROR "Configuration step of Mbed TLS failed with ${_exec_error}.") |
| 177 | -endif() |
| 178 | + # FetchContent_GetProperties exports mbedtls_SOURCE_DIR and mbedtls_BINARY_DIR variables |
| 179 | + FetchContent_GetProperties(mbedtls) |
| 180 | + # FetchContent_Populate will fail if the source directory is removed since it will try to |
| 181 | + # do an "update" and not a "populate" action. As a workaround, remove the subbuild directory. |
| 182 | + # Note: this fix assumes, the default subbuild location is used. |
| 183 | + file(REMOVE_RECURSE "${CMAKE_CURRENT_BINARY_DIR}/_deps/mbedtls-subbuild") |
| 184 | + |
| 185 | + # If the source directory has been moved, the binary dir must be regenerated from scratch. |
| 186 | + file(REMOVE_RECURSE "${MBEDTLS_BINARY_DIR}") |
| 187 | |
| 188 | -#TODO: add dependency to generated project on this file! |
| 189 | -#TODO: add custom target to rebuild Mbed TLS |
| 190 | + if (NOT mbedtls_POPULATED) |
| 191 | + message(STATUS "Fetching Mbed TLS") |
| 192 | + FetchContent_Populate(mbedtls) |
| 193 | + endif() |
| 194 | + set_property(DIRECTORY APPEND PROPERTY CMAKE_CONFIGURE_DEPENDS ${MBEDTLS_SOURCE_DIR}) |
| 195 | + endif() |
| 196 | |
| 197 | -#Build the library |
| 198 | -execute_process(COMMAND |
| 199 | - ${CMAKE_COMMAND} --build ${mbedtls_BINARY_DIR} --parallel ${PROCESSOR_COUNT} --target install |
| 200 | + # Build mbedcrypto library |
| 201 | + |
| 202 | + # Convert the include path list to a string. Needed to make parameter passing to |
| 203 | + # Mbed TLS build work fine. |
| 204 | + string(REPLACE ";" "\\;" MBEDTLS_EXTRA_INCLUDES "${MBEDTLS_EXTRA_INCLUDES}") |
| 205 | + |
| 206 | + find_package(Python3 REQUIRED COMPONENTS Interpreter) |
| 207 | + |
| 208 | + #Configure Mbed TLS to build only mbedcrypto lib |
| 209 | + execute_process(COMMAND ${Python3_EXECUTABLE} scripts/config.py crypto WORKING_DIRECTORY ${MBEDTLS_SOURCE_DIR}) |
| 210 | + |
| 211 | + # Advertise Mbed TLS as the provider of the psa crypto API |
| 212 | + set(PSA_CRYPTO_API_INCLUDE "${MBEDTLS_INSTALL_DIR}/include" CACHE STRING "PSA Crypto API include path") |
| 213 | + |
| 214 | + #Configure the library |
| 215 | + execute_process(COMMAND |
| 216 | + ${CMAKE_COMMAND} -E env CROSS_COMPILE=${CROSS_COMPILE} |
| 217 | + ${CMAKE_COMMAND} |
| 218 | + -DENABLE_PROGRAMS=OFF |
| 219 | + -DENABLE_TESTING=OFF |
| 220 | + -DUNSAFE_BUILD=ON |
| 221 | + -DCMAKE_INSTALL_PREFIX=${MBEDTLS_INSTALL_DIR} |
| 222 | + -DCMAKE_TOOLCHAIN_FILE=${TS_EXTERNAL_LIB_TOOLCHAIN_FILE} |
| 223 | + -DCMAKE_TRY_COMPILE_TARGET_TYPE=STATIC_LIBRARY |
| 224 | + -DEXTERNAL_DEFINITIONS=-DMBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}" |
| 225 | + -DEXTERNAL_INCLUDE_PATHS=${MBEDTLS_EXTRA_INCLUDES} |
| 226 | + -GUnix\ Makefiles |
| 227 | + ${MBEDTLS_SOURCE_DIR} |
| 228 | + WORKING_DIRECTORY |
| 229 | + ${MBEDTLS_BINARY_DIR} |
| 230 | RESULT_VARIABLE _exec_error |
| 231 | ) |
| 232 | -if (_exec_error) |
| 233 | - message(FATAL_ERROR "Build step of Mbed TLS failed with ${_exec_error}.") |
| 234 | + |
| 235 | + if (_exec_error) |
| 236 | + message(FATAL_ERROR "Configuration step of Mbed TLS failed with ${_exec_error}.") |
| 237 | + endif() |
| 238 | + |
| 239 | + #Build the library |
| 240 | + execute_process(COMMAND |
| 241 | + ${CMAKE_COMMAND} --build ${MBEDTLS_BINARY_DIR} --parallel ${PROCESSOR_COUNT} --target install |
| 242 | + RESULT_VARIABLE _exec_error |
| 243 | + ) |
| 244 | + |
| 245 | + if (_exec_error) |
| 246 | + message(FATAL_ERROR "Build step of Mbed TLS failed with ${_exec_error}.") |
| 247 | + endif() |
| 248 | + |
| 249 | + set(MBEDCRYPTO_LIB_FILE "${MBEDTLS_INSTALL_DIR}/lib/${CMAKE_STATIC_LIBRARY_PREFIX}mbedcrypto${CMAKE_STATIC_LIBRARY_SUFFIX}") |
| 250 | endif() |
| 251 | |
| 252 | #Create an imported target to have clean abstraction in the build-system. |
| 253 | add_library(mbedcrypto STATIC IMPORTED) |
| 254 | -set_property(TARGET mbedcrypto PROPERTY IMPORTED_LOCATION "${MBEDTLS_INSTALL_PATH}/lib/${CMAKE_STATIC_LIBRARY_PREFIX}mbedcrypto${CMAKE_STATIC_LIBRARY_SUFFIX}") |
| 255 | -set_property(TARGET mbedcrypto PROPERTY INTERFACE_INCLUDE_DIRECTORIES "${MBEDTLS_INSTALL_PATH}/include") |
| 256 | +set_property(DIRECTORY ${CMAKE_SOURCE_DIR} APPEND PROPERTY CMAKE_CONFIGURE_DEPENDS ${MBEDCRYPTO_LIB_FILE}) |
| 257 | +set_property(TARGET mbedcrypto PROPERTY IMPORTED_LOCATION ${MBEDCRYPTO_LIB_FILE}) |
| 258 | +set_property(TARGET mbedcrypto PROPERTY INTERFACE_INCLUDE_DIRECTORIES "${MBEDTLS_INSTALL_DIR}/include") |