Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Mbed TLS for 5.12 release to Mbed TLS development HEAD #9920

Merged
merged 3 commits into from Mar 5, 2019

Conversation

@sbutcher-arm
Copy link
Contributor

commented Mar 4, 2019

Description

This PR updates the current version of Mbed TLS to the current HEAD of the development branch of Mbed TLS. This is intended to be the next release of Mbed TLS, minus any bug fixes found in OOB or integration testing.

Note, this PR also changes the configuration of the storage options, so they are now dependent on the TARGET_PSA symbol being defined, (which means the PSA label has been defined for the target).

This PR supersedes PR #9779, which I can't update as I'm not the author.

Pull request type

[ ] Fix
[ ] Refactor
[ ] Target update
[x] Functionality change
[ ] Docs update
[ ] Test update
[ ] Breaking change

Reviewers

@Patater / @hanno-arm / @k-stachowiak

Release Notes

These will be updated at a later time, when we provide a final Mbed TLS PR to update the version number.
This release of Mbed TLS includes:-

  • integration of the PSA Crypto API sufficient to support Pelion Client
  • RAM optimisations to reduce RAM usage during TLS handshakes when using X.509 authentication. This reduces the overall RAM required by Mbed TLS.

sbutcher-arm added some commits Mar 3, 2019

Make the storage configs dependent on the PSA label
This commit makes the storage configurations - setting
MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C and unsetting
MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C - dependent on the PSA label being defined for
the target.

Previously these symbols were always defined for all platforms which could
cause problems for targets that don't yet support PSA.
Move the Mbed TLS target to the development branch
Before moving to the new release of Mbed TLS, this moves the default imported
version of Mbed TLS to the development branch, and will import the HEAD of the
branch, not just a specific release.
Update Mbed TLS to the latest development version
This updates Mbed TLS to the latest development version, commit 535ee4a35b9c
in the Mbed TLS repo.
@ciarmcom

This comment has been minimized.

Copy link
Member

commented Mar 4, 2019

@NirSonnenschein

This comment has been minimized.

Copy link
Contributor

commented Mar 4, 2019

started CI pending review

@mbed-ci

This comment has been minimized.

Copy link

commented Mar 4, 2019

Test run: SUCCESS

Summary: 13 of 13 test jobs passed
Build number : 1
Build artifacts

@0xc0170

0xc0170 approved these changes Mar 4, 2019

@0xc0170

This comment has been minimized.

Copy link
Member

commented Mar 4, 2019

Initial CI passed. Needs completed reviews now!

@sbutcher-arm When this become the final version (ready for integration) ?

@0xc0170 0xc0170 added the risk: A label Mar 4, 2019

@Patater

Patater approved these changes Mar 4, 2019

Copy link
Contributor

left a comment

LGTM

Agreed we need to discuss PSA target configuration within Mbed OS. We've been assuming a homogeneous level of support from hardware on targets that are marked as PSA, but that will potentially limit where PSA APIs will be available as we grow target support.

@0xc0170 0xc0170 referenced this pull request Mar 4, 2019

Merged

PSA compliance tests suite #9312

@k-stachowiak
Copy link
Contributor

left a comment

Looks good to me!

@sbutcher-arm

This comment has been minimized.

Copy link
Contributor Author

commented Mar 4, 2019

@sbutcher-arm When this become the final version (ready for integration) ?

We have more bug fixes available to us that we could merge, but ran out of time on, so this is the effective final release, with the assumption that the only thing to change is the version number. We'll issue a new PR to badge the release with a version number once OOB is complete and it has been confirmed that there are no last minute bugs that need fixing.

If you'll permit us, we can add further fixes into this release today - but until yourself and @ChiefBureaucraticOfficer confirm we can - we'll assume a code freeze so you can merge it if you wish.

I forgot to mention last night, because this changes the way the storage configuration options are enabled, it needs approval from someone in @dannybenor's team.

cc: @dannybenor / @itayzafrir

@NirSonnenschein

This comment has been minimized.

Copy link
Contributor

commented Mar 4, 2019

CC @ARMmbed/mbed-os-storage (@dannybenor 's team)

@NirSonnenschein NirSonnenschein requested a review from ARMmbed/mbed-os-storage Mar 4, 2019

@adbridge

This comment has been minimized.

Copy link
Contributor

commented Mar 4, 2019

@sbutcher-arm Could you please add some details for the release notes prior to us creating RC2 one week today. These notes will all feed into the OOB team so they can see what has been updated.

@davidsaada
Copy link
Contributor

left a comment

Approving, based on the fact that PSA storage options (including ITS) are derived from PSA.

@sbutcher-arm

This comment has been minimized.

Copy link
Contributor Author

commented Mar 4, 2019

Could you please add some details for the release notes prior to us creating RC2 one week today.

@adbridge - I've added a short description as requested.

@sbutcher-arm

This comment has been minimized.

Copy link
Contributor Author

commented Mar 4, 2019

@k-stachowiak and @Patater have approved this, which is good enough for TLS approval.

@0xc0170

This comment has been minimized.

Copy link
Member

commented Mar 5, 2019

If you'll permit us, we can add further fixes into this release today - but until yourself and @ChiefBureaucraticOfficer confirm we can - we'll assume a code freeze so you can merge it if you wish.

This is ready for integration ? Or anything else expecting here?

@sbutcher-arm

This comment has been minimized.

Copy link
Contributor Author

commented Mar 5, 2019

@0xc0170 - There's no reason to hold this back, as it appears to be holding back the overall release. Please just merge this PR as it is.

@ChiefBureaucraticOfficer
Copy link

left a comment

Meets criteria, needed for PSA.

@0xc0170 0xc0170 merged commit 63dd5cb into ARMmbed:master Mar 5, 2019

28 checks passed

continuous-integration/jenkins/pr-head This commit looks good
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
jenkins-ci/build-ARMC5 Success
Details
jenkins-ci/build-ARMC6 Success
Details
jenkins-ci/build-GCC_ARM Success
Details
jenkins-ci/build-IAR8 Success
Details
jenkins-ci/cloud-client-test Success
Details
jenkins-ci/dynamic-memory-usage RTOS ROM(+0 bytes) RAM(+0 bytes)
Details
jenkins-ci/exporter Success
Details
jenkins-ci/greentea-test Success
Details
jenkins-ci/mbed2-build-ARMC5 Success
Details
jenkins-ci/mbed2-build-ARMC6 Success
Details
jenkins-ci/mbed2-build-GCC_ARM Success
Details
jenkins-ci/mbed2-build-IAR8 Success
Details
jenkins-ci/unittests Success
Details
travis-ci/astyle Local astyle testing has passed
Details
travis-ci/docs Local docs testing has passed
Details
travis-ci/doxy-spellcheck Local doxy-spellcheck testing has passed
Details
travis-ci/events Passed, runtime is 9271 cycles (-1212 cycles)
Details
travis-ci/gitattributestest Local gitattributestest testing has passed
Details
travis-ci/include_check Local include_check testing has passed
Details
travis-ci/licence_check Local licence_check testing has passed
Details
travis-ci/littlefs Passed, code size is 8408B (+0.00%)
Details
travis-ci/psa-autogen Local psa-autogen testing has passed
Details
travis-ci/tools-py2.7 Local tools-py2.7 testing has passed
Details
travis-ci/tools-py3.5 Local tools-py3.5 testing has passed
Details
travis-ci/tools-py3.6 Local tools-py3.6 testing has passed
Details
travis-ci/tools-py3.7 Local tools-py3.7 testing has passed
Details

@0xc0170 0xc0170 removed the ready for merge label Mar 5, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.