Migrate configuration-crypto components to cmake

[minosgalanakis]

Description

Migrates a series of components from the configuration-crypto on mbedtls to cmake. One of many pr's required for #10472

PR checklist

Please remove the segment/s on either side of the | symbol as appropriate, and add any relevant link/s to the end of the line.
If the provided content is part of the present PR remove the # symbol.

• changelog not required because: Changes the testing framework not the code itself
• development PR provided here
• TF-PSA-Crypto PR provided # TODO
• framework PR not required
• 3.6 PR provided # | not required because: Will not be backported
• tests provided

[minosgalanakis]

Force push to latest development --> diff

Squashing and grouping the commits for easier review --> diff to pre-rebase base

[ronald-cron-arm]

This looks quit good to me. I have a few questions and suggestions. Regarding completeness, although we discuss to discard it at some point, we should be able to migrate test_psa_crypto_drivers as well I'd say.

[minosgalanakis]

This looks quit good to me. I have a few questions and suggestions. Regarding completeness, although we discuss to discard it at some point, we should be able to migrate test_psa_crypto_drivers as well I'd say.

@ronald-cron-arm This is possible but not as straighforward right now.

As you have discovered in your own pr https://github.com/Mbed-TLS/mbedtls-framework/pull/243/files#diff-778df0488579c2de20bb280c3c142e099f065b8a3887e31ce3ed4462a06ff0af those utiility functions demonstrated in my now void pr need to be static, because the [-Werror,-Wmissing-prototypes] was not consistently propagated in the old build system but the new one with the cmake does it correctly.

To migrate the component_test_psa_crypto_drivers to cmake should be as simple as this
CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan -D CMAKE_C_FLAGS:STRING="${loc_cflags}" .
but now it needs:

• A compatible tf-psa-crypto upate pointing to the framework at the Add support for TF-PSA-Crypto test driver mbedtls-framework#243
• A compatible mbedtls update commit that is pointing at the tf-psa-crypto created above
• A rebase of this pr on that.

The gains of migrating one component do not outweight the cost of trying to target a moving chain of commits.

ps. Currently tested with the latest mbedtls pointing to the latest tf-psa-crypto with the framework pointer and it does not work.

Alternatively I can write the cmake component now, and explicitly disable all the compilation flags that scream e.g loc_cflags="${loc_cflags} -Wno-error=missing-prototypes -Wno-missing-prototypes -Wno-error" and we clean it up in the future. wdyt?

[ronald-cron-arm]

This looks quit good to me. I have a few questions and suggestions. Regarding completeness, although we discuss to discard it at some point, we should be able to migrate test_psa_crypto_drivers as well I'd say.

@ronald-cron-arm This is possible but not as straighforward right now.

As you have discovered in your own pr https://github.com/Mbed-TLS/mbedtls-framework/pull/243/files#diff-778df0488579c2de20bb280c3c142e099f065b8a3887e31ce3ed4462a06ff0af those utiility functions demonstrated in my now void pr need to be static, because the [-Werror,-Wmissing-prototypes] was not consistently propagated in the old build system but the new one with the cmake does it correctly.

To migrate the component_test_psa_crypto_drivers to cmake should be as simple as this CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan -D CMAKE_C_FLAGS:STRING="${loc_cflags}" . but now it needs:

* A compatible tf-psa-crypto upate pointing to the framework at the [Add support for TF-PSA-Crypto test driver mbedtls-framework#243](https://github.com/Mbed-TLS/mbedtls-framework/pull/243)

* A compatible mbedtls update commit that is pointing at the tf-psa-crypto created above

* A rebase of this pr on that.

The gains of migrating one component do not outweight the cost of trying to target a moving chain of commits.

ps. Currently tested with the latest mbedtls pointing to the latest tf-psa-crypto with the framework pointer and it does not work.

Alternatively I can write the cmake component now, and explicitly disable all the compilation flags that scream e.g loc_cflags="${loc_cflags} -Wno-error=missing-prototypes -Wno-missing-prototypes -Wno-error" and we clean it up in the future. wdyt?

If you need to update the tf-psa-crypto and framework pointers and to rebase, please do it.
If after that we have an issue not related to your PR, then we have a problem that we will have to face sooner or later anyway.

[ronald-cron-arm]

This looks almost good to me. A few final comments.

[ronald-cron-arm]

Suggested change

	CFLAGS="-DMBEDTLS_SHA3_THETA_UNROLL=1 -DMBEDTLS_SHA3_PI_UNROLL=1 -DMBEDTLS_SHA3_CHI_UNROLL=1 -DMBEDTLS_SHA3_RHO_UNROLL=1" cmake -D CMAKE_BUILD_TYPE:String=None .
	CFLAGS="-DMBEDTLS_SHA3_THETA_UNROLL=1 -DMBEDTLS_SHA3_PI_UNROLL=1 -DMBEDTLS_SHA3_CHI_UNROLL=1 -DMBEDTLS_SHA3_RHO_UNROLL=1" cmake .

We have started to remove some "-D CMAKE_BUILD_TYPE:String=None", what about to remove them consistently?

[minosgalanakis]

I am happy to do it but again I need to reiterate that the decision tree choice to use CMAKE_BUILD_TYPE:String=None is when we want to test fine grained flag combinations. This component will work either way but felt like it was doing that.

[minosgalanakis]

If you need to update the tf-psa-crypto and framework pointers and to rebase, please do it. If after that we have an issue not related to your PR, then we have a problem that we will have to face sooner or later anyway.

So the answer to that is a yes & no. Yes we have an issue, but no our CI will not catch it, but my computer will. Also need to update the framework pointer in tf-psa-crypto to bring the changes that I discussed above.

Raised a PR that does both here Mbed-TLS/TF-PSA-Crypto#614

[minosgalanakis]

Addressed @ronald-cron-arm's comments at 1025f2b and then rebased on top of head of public/development.

The only outstandading comment which I did not push an update for is the discussion about CMAKE_BUILD_TYPE:String=Release vs None mentioned 1, 2

[ronald-cron-arm]

Addressed @ronald-cron-arm's comments at 1025f2b and then rebased on top of head of public/development.

The only outstandading comment which I did not push an update for is the discussion about CMAKE_BUILD_TYPE:String=Release vs None mentioned 1, 2

My last #10507 (comment) was not about cmake -DCMAKE_BUILD_TYPE:String=Release vs cmake -DCMAKE_BUILD_TYPE:String=None but cmake -DCMAKE_BUILD_TYPE:String=None vs cmake. cmake -DCMAKE_BUILD_TYPE:String=None and just cmake are equivalent and cmake is mostly used in this PR, like in CFLAGS="-O1" cmake ., or CFLAGS="-O1 -I$PWD/framework/tests/include/baremetal-override/" cmake . ... Thus I was proposing to replace the cmake -DCMAKE_BUILD_TYPE:String=None we introduce in this PR by just "cmake".

[ronald-cron-arm]

Thanks for addressing my comments. My last comment #10507 (comment) is not a blocker thus I am approving as it is. Regarding test_psa_crypto_drivers that was discussed at some point I can see that it would need some changes in the framework and TF-PSA-Crypto. Thus better to address that one separately.

[minosgalanakis]

Thanks @ronald-cron-arm for the approval and the clarification for the 1025f2b comment. I will prepare a fix and upload it later today if it has no been reviewed yet, or I will move it to one of the follow up prs, if this one gets approved today.