Skip to content

Fix Mbed TLS adjust-config.sh script #12998

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 18, 2020
Merged

Fix Mbed TLS adjust-config.sh script #12998

merged 1 commit into from
Jun 18, 2020

Conversation

simonbutcher
Copy link
Contributor

Summary of changes

The Mbed TLS import script is quite fragile, and depends on certain lines to be present in the files it adjusts to be able to do the modifications it needs to to allow Mbed TLS to build within Mbed OS.

This commit changes the adjust-config.sh script to look for a the end of the config.h file, defined as #endif /* MBEDTLS_CONFIG_H */ rather than the include line for "check_config.h".

That's because the inclusion of "check_config.h" is being removed upstream in Mbed TLS to fix another issue, which you can see here.

I recommend to the maintainers that they put in their backlog to remove or replace these scripts. They were added as a temporary measure some years ago, and were never updated.

Impact of changes

This change should work with the current Mbed OS source, but critically, the change is necessary to allow a future version of Mbed TLS to work.

Migration actions required

None.

Documentation

Not necessary.

Pull request type 

[x] Patch update (Bug fix / Target update / Docs update / Test update / Refactor)
[] Feature update (New feature / Functionality change / New API)
[] Major update (Breaking change E.g. Return code change / API behaviour change)

Test results 

[x] No Tests required for this change (E.g docs only update)
[] Covered by existing mbed-os tests (Greentea or Unittest)
[] Tests / results supplied as part of this PR

This has been tested by running the Mbed TLS importer script with make update && make deploy with the current source code, and that from Mbed TLS PR #1999.

Reviewers

@Patater for old times's sake and @dgreen-arm who seems to have been the last person to touch the script.

@simonbutcher
Fix Mbed TLS adjust-config.sh script
5b03168 
The Mbed TLS import script is quite fragile, and depends on certain lines to be
present in the files it adjusts to be able to do the modifications it needs to
to allow Mbed TLS to build within Mbed OS.

Thsi commit changes the `adjust-config.sh` script to look for a the end of the
config.h file, defined as "#endif /* MBEDTLS_CONFIG_H */" rather than the
include line for "check_config.h".

That's because the inclusion of "check_config.h" is being removed upstream in
Mbed TLS to fix another issue.
@simonbutcher simonbutcher mentioned this pull request May 19, 2020
Closed
4 tasks
@ciarmcom ciarmcom requested review from dgreen-arm, Patater and a team May 19, 2020 23:00
@ciarmcom
Copy link
Member

@sbutcher-arm, thank you for your changes.
@dgreen-arm @Patater @ARMmbed/mbed-os-security @ARMmbed/mbed-os-maintainers please review.

@mergify mergify bot added needs: CI and removed needs: review labels May 25, 2020
@0xc0170
Copy link
Contributor

0xc0170 commented May 25, 2020

CI started

@mbed-ci
Copy link

mbed-ci commented May 25, 2020

Test run: SUCCESS

Summary: 6 of 6 test jobs passed
Build number : 1
Build artifacts

gilles-peskine-arm
gilles-peskine-arm reviewed Jun 2, 2020
View reviewed changes
features/mbedtls/importer/adjust-config.sh
add_code \
"#include \"mbedtls\/check_config.h\"\n" \
prepend_code \
"#endif \/\* MBEDTLS_CONFIG_H \*\/" \
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This new approach only makes sense if Mbed TLS has changed to not include check_config.h in config.h, which hasn't happened yet. How about changing adjust-config.sh to work both with the current Mbed TLS and with a future Mbed TLS without check_config.h in config.h, by replacing at #include MBEDTLS_USER_CONFIG_FILE?
``

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As I said above:

I recommend to the maintainers that they put in their backlog to remove or replace these scripts. They were added as a temporary measure some years ago, and were never updated.

The correct approach is to remove the script and do this differently, preferably without scripts that adapt the source code.

Currently these scripts are brittle and break easily, and this is a modest change to address the immediate problem only.

@0xc0170
Copy link
Contributor

0xc0170 commented Jun 10, 2020

@dgreen-arm @Patater Shall we merge this one?

@adbridge adbridge added the release-type: patch Indentifies a PR as containing just a patch label Jun 11, 2020
Patater
Patater approved these changes Jun 17, 2020
View reviewed changes
Copy link
Contributor

@Patater Patater left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM as a robustness improvement. Thanks!

@0xc0170
Copy link
Contributor

0xc0170 commented Jun 17, 2020

CI started

@mbed-ci
Copy link

mbed-ci commented Jun 17, 2020

Test run: SUCCESS

Summary: 6 of 6 test jobs passed
Build number : 2
Build artifacts

@0xc0170 0xc0170 merged commit 0bdc712 into ARMmbed:master Jun 18, 2020
@mergify mergify bot removed the ready for merge label Jun 18, 2020
@adbridge adbridge added Release-pending and removed release-type: patch Indentifies a PR as containing just a patch Release-pending labels Jun 24, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gilles-peskine-arm gilles-peskine-arm gilles-peskine-arm left review comments

@Patater Patater Patater approved these changes

@0xc0170 0xc0170 0xc0170 approved these changes

@dgreen-arm dgreen-arm Awaiting requested review from dgreen-arm

Assignees
No one assigned
Labels
release-version: 6.1.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@simonbutcher @ciarmcom @0xc0170 @mbed-ci @Patater @gilles-peskine-arm @adbridge