parallaxsecond · tgonzalezorlandoarm · May 23, 2024 · May 23, 2024 · May 23, 2024 · minosgalanakis
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -8,10 +8,15 @@ on:
         description: "'parsec-openssl-provider-test' if docker build should be triggered"
         required: false
         default: ""
+      trigger_test_cross_docker:
+        description: "'parsec-openssl-provider-cross-compile' if docker build should be triggered"
+        required: false
+        default: ""
   push:
 
 env:
   TEST_DOCKER_IMAGE: ${{ github.event.inputs.trigger_docker || 'ghcr.io/parallaxsecond/parsec-openssl-provider-test' }}
+  TEST_CROSS_DOCKER_IMAGE: ${{ github.event.inputs.trigger_test_cross_docker || 'ghcr.io/parallaxsecond/parsec-openssl-provider-cross-compile' }}
 
 jobs:
   build-and-export-test-docker:
@@ -30,6 +35,22 @@ jobs:
         name: parsec-openssl-provider-test
         path: /tmp/parsec-openssl-provider-test.tar
 
+  build-and-export-cross-compile-docker:
+    runs-on: ubuntu-latest
+    # For running this job  we need to manually trigger the CI and set the variable
+    if: ${{ github.event.inputs.trigger_test_cross_docker == 'parsec-openssl-provider-cross-compile' }}
+    steps:
+    - uses: actions/checkout@v3
+    - name: Build the docker container
+      run: pushd tests/docker_image && docker build -t parsec-openssl-provider-cross-compile -f parsec-openssl-provider-cross-compile.Dockerfile . && popd
+    - name: Export the docker container
+      run: docker save parsec-openssl-provider-cross-compile > /tmp/parsec-openssl-provider-cross-compile.tar
+    - name: Upload artifact
+      uses: actions/upload-artifact@v3
+      with:
+        name: parsec-openssl-provider-cross-compile
+        path: /tmp/parsec-openssl-provider-cross-compile.tar
+
   build-and-test:
     name: Build Parsec OpenSSL Provider and run tests 
     runs-on: ubuntu-latest
@@ -65,3 +86,24 @@ jobs:
         uses: ./.github/actions/ci_script
         with:
           ci-flags: "static-checks"  
+
+  cross-compilation:
+    # Currently only the Mbed Crypto provider is tested
+    name: Cross-compile Parsec OpenSSL Provider to various targets
+    runs-on: ubuntu-latest
+    if: ${{ always() }}
+    needs: [build-and-export-cross-compile-docker]
+    steps:
+      - uses: actions/checkout@v3
+      - name: Load Docker
+        uses: ./.github/actions/load_docker
+        if: ${{ env.TEST_CROSS_DOCKER_IMAGE == 'parsec-openssl-provider-cross-compile' }}
+        with:
+          image-name: "${{ env.TEST_CROSS_DOCKER_IMAGE }}"
+          image-path: "/tmp"
+      - name: Run the cross compiler tests using pre-built docker image
+        if: ${{ env.TEST_CROSS_DOCKER_IMAGE != 'parsec-openssl-provider-cross-compile' }}
+        run: docker run -v $(pwd):/tmp/parsec-openssl-provider -w /tmp/parsec-openssl-provider ghcr.io/parallaxsecond/parsec-openssl-provider-cross-compile /tmp/parsec-openssl-provider/tests/cross-compile.sh
+      - name: Run the cross compiler tests using image built on the CI
+        if: ${{ env.TEST_CROSS_DOCKER_IMAGE == 'parsec-openssl-provider-cross-compile' }}
+        run: docker run -v $(pwd):/tmp/parsec-openssl-provider -w /tmp/parsec-openssl-provider "${{ env.TEST_CROSS_DOCKER_IMAGE }}" /tmp/parsec-openssl-provider/tests/cross-compile.sh
diff --git a/parsec-openssl-sys2/build.rs b/parsec-openssl-sys2/build.rs
@@ -32,9 +32,12 @@ fn main() -> std::io::Result<()> {
         .size_t_is_usize(true);
 
     // Build the bindings
-    let openssl_bindings = openssl_builder
-        .generate()
-        .map_err(|_| Error::new(ErrorKind::Other, "Unable to generate bindings to openssl"))?;
+    let openssl_bindings = openssl_builder.generate().map_err(|e| {
+        Error::new(
+            ErrorKind::Other,
+            format!("Unable to generate bindings to openssl: {}", e),
+        )
+    })?;
 
     let out_path = PathBuf::from(env::var("OUT_DIR").unwrap());
     openssl_bindings.write_to_file(out_path.join("openssl_bindings.rs"))?;

diff --git a/tests/cross-compile.sh b/tests/cross-compile.sh
@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+
+# Copyright 2024 Contributors to the Parsec project.
+# SPDX-License-Identifier: Apache-2.0
+
+set -xeuf -o pipefail
+
+# Allow the `pkg-config` crate to cross-compile
+export PKG_CONFIG_ALLOW_CROSS=1
+# Make the `pkg-config` crate use our wrapper
+export PKG_CONFIG=/tmp/parsec-openssl-provider/tests/pkg-config
+
+export SYSROOT=/tmp/aarch64-linux-gnu
+export RUSTFLAGS="-lcrypto -L/tmp/aarch64-linux-gnu/lib"
+cd /tmp/parsec-openssl-provider
+cargo build --target aarch64-unknown-linux-gnu \
+	--config 'target.aarch64-unknown-linux-gnu.linker="aarch64-linux-gnu-gcc"'
+
+cd parsec-openssl-provider-shared
+cargo build --target aarch64-unknown-linux-gnu \
+	--config 'target.aarch64-unknown-linux-gnu.linker="aarch64-linux-gnu-gcc"'
diff --git a/tests/docker_image/cross-compile-openssl.sh b/tests/docker_image/cross-compile-openssl.sh
@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+
+# Copyright 2024 Contributors to the Parsec project.
+# SPDX-License-Identifier: Apache-2.0
+
+# Cross compile the OpenSSL library for a given target
+
+set -xeuf -o pipefail
+
+rustup target add aarch64-unknown-linux-gnu
+
+OPENSSL_VERSION="openssl-3.0.2"
+git clone https://github.com/openssl/openssl.git --branch $OPENSSL_VERSION
+
+# Prepare directory for cross-compiled OpenSSL files
+mkdir -p /tmp/$1
+export INSTALL_DIR=/tmp/$1
+
+pushd /tmp/openssl
+# Compile and copy files over
+./Configure $2 shared --prefix=$INSTALL_DIR --openssldir=$INSTALL_DIR/openssl --cross-compile-prefix=$1-
+make clean
+make depend
+make -j$(nproc)
+make install
+popd
+
+unset INSTALL_DIR
+
+pushd /usr/include/openssl
+ln -s /tmp/$1/include/openssl/opensslconf.h .
+ln -s /tmp/$1/include/openssl/configuration.h .
+popd
diff --git a/tests/docker_image/parsec-openssl-provider-cross-compile.Dockerfile b/tests/docker_image/parsec-openssl-provider-cross-compile.Dockerfile
@@ -0,0 +1,45 @@
+# Copyright 2024 Contributors to the Parsec project.
+# SPDX-License-Identifier: Apache-2.0
+FROM ubuntu:22.04
+
+RUN apt update && apt-get -y upgrade
+RUN apt install -y autoconf-archive libcmocka0 libcmocka-dev procps
+RUN apt install -y iproute2 build-essential git pkg-config gcc libtool automake libssl-dev uthash-dev doxygen libjson-c-dev
+RUN apt install -y --fix-missing wget python3 cmake clang
+RUN apt install -y libini-config-dev curl libgcc1
+RUN apt install -y python3-distutils libclang-11-dev protobuf-compiler python3-pip
+RUN apt install -y libgcrypt20-dev uuid-dev
+RUN apt install -y git gcc
+
+
+# Setup git config
+RUN git config --global user.email "some@email.com"
+RUN git config --global user.name "Parsec Team"
+
+WORKDIR /tmp
+
+# Install Rust toolchain for all users
+# This way of installing allows all users to call the same binaries, but non-root
+# users cannot modify the toolchains or install new ones.
+# See: https://github.com/rust-lang/rustup/issues/1085
+ENV RUSTUP_HOME /opt/rust
+ENV CARGO_HOME /opt/rust
+RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --no-modify-path
+ENV PATH="/root/.cargo/bin:/opt/rust/bin:${PATH}"
+
+# Install aarch64-none-linux-gnu cross compilation toolchain
+RUN wget https://developer.arm.com/-/media/Files/downloads/gnu-a/9.2-2019.12/binrel/gcc-arm-9.2-2019.12-x86_64-aarch64-none-linux-gnu.tar.xz?revision=61c3be5d-5175-4db6-9030-b565aae9f766 -O aarch64-gcc.tar.xz
+RUN tar --strip-components=1 -C /usr/ -xvf aarch64-gcc.tar.xz
+RUN rm aarch64-gcc.tar.xz
+
+# Install cross-compilers
+RUN apt install -y gcc-multilib
+RUN apt install -y gcc-arm-linux-gnueabihf
+RUN apt install -y gcc-aarch64-linux-gnu
+
+WORKDIR /tmp
+
+# Copy OpenSSL cross-compilation script
+COPY cross-compile-openssl.sh /tmp/
+# Cross-compile OpenSSL for Linux on aarch64
+RUN ./cross-compile-openssl.sh aarch64-linux-gnu linux-generic64
diff --git a/tests/pkg-config b/tests/pkg-config
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+unset PKG_CONFIG_PATH
+export PKG_CONFIG_LIBDIR=${SYSROOT}/lib/pkgconfig:${SYSROOT}/usr/lib/pkgconfig:${SYSROOT}/usr/share/pkgconfig:${SYSROOT}/usr/local/lib/pkgconfig
+
+exec pkg-config "$@"