Skip to content

Commit e3776fa

Browse files
authored
Merge branch 'main' into platform-nucleo-n657x0-q
Signed-off-by: Brendan Moran <brendan.moran@arm.com>
2 parents f0364d9 + d703fcc commit e3776fa

599 files changed

Lines changed: 69984 additions & 43318 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.github/actionlint.yaml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
# Copyright (c) The mlkem-native project authors
2+
# SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
3+
4+
self-hosted-runner:
5+
labels:
6+
# actionlint 1.7.7 does not recognize macos-15-intel yet
7+
# TODO: Remove when upgrading to >= 1.7.8
8+
- macos-15-intel
9+
# PQCP runners
10+
- pqcp-arm64
11+
- pqcp-ppc64
12+
- pqcp-x64

.github/actions/cbmc/action.yml

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ inputs:
2626
runs:
2727
using: composite
2828
steps:
29-
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
29+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3030
- uses: ./.github/actions/setup-shell
3131
with:
3232
nix-shell: ${{ inputs.nix-shell }}
@@ -46,7 +46,6 @@ runs:
4646
- $(nix --version)
4747
- $(cbmc --version)
4848
- litani Version $(litani --version)
49-
- Cadical Version $(cadical --version)
5049
- $(bash --version | grep -m1 "")
5150
EOF
5251
- name: Run CBMC proofs (MLKEM_K=${{ inputs.mlkem_k }})

.github/actions/functest/action.yml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,9 @@ inputs:
4444
acvp:
4545
description: Determine whether to run acvp test or not
4646
default: "true"
47+
wycheproof:
48+
description: Determine whether to run wycheproof test or not
49+
default: "true"
4750
examples:
4851
description: Determine whether to run examples or not
4952
default: "true"
@@ -80,6 +83,7 @@ runs:
8083
echo KAT="${{ inputs.kat == 'true' && 'kat' || 'no-kat' }}" >> $GITHUB_ENV
8184
echo UNIT="${{ inputs.unit == 'true' && 'unit' || 'no-unit' }}" >> $GITHUB_ENV
8285
echo ACVP="${{ inputs.acvp == 'true' && 'acvp' || 'no-acvp' }}" >> $GITHUB_ENV
86+
echo WYCHEPROOF="${{ inputs.wycheproof == 'true' && 'wycheproof' || 'no-wycheproof' }}" >> $GITHUB_ENV
8387
echo EXAMPLES="${{ inputs.examples == 'true' && 'examples' || 'no-examples' }}" >> $GITHUB_ENV
8488
echo STACK="${{ inputs.stack == 'true' && 'stack' || 'no-stack' }}" >> $GITHUB_ENV
8589
echo ALLOC="${{ inputs.alloc == 'true' && 'alloc' || 'no-alloc' }}" >> $GITHUB_ENV
@@ -118,7 +122,7 @@ runs:
118122
shell: ${{ env.SHELL }}
119123
run: |
120124
make clean
121-
${{ inputs.extra_env }} ./scripts/tests all ${{ inputs.check_namespace == 'true' && '--check-namespace' || ''}} --exec-wrapper="${{ inputs.exec_wrapper }}" --cross-prefix="${{ inputs.cross_prefix }}" --cflags="${{ inputs.cflags }}" --ldflags="${{ inputs.ldflags }}" --opt=${{ inputs.opt }} --${{ env.FUNC }} --${{ env.KAT }} --${{ env.ACVP }} --${{ env.EXAMPLES }} --${{ env.STACK }} --${{ env.UNIT }} --${{ env.ALLOC }} --${{ env.RNGFAIL }} -v ${{ inputs.extra_args }}
125+
${{ inputs.extra_env }} ./scripts/tests all ${{ inputs.check_namespace == 'true' && '--check-namespace' || ''}} --exec-wrapper="${{ inputs.exec_wrapper }}" --cross-prefix="${{ inputs.cross_prefix }}" --cflags="${{ inputs.cflags }}" --ldflags="${{ inputs.ldflags }}" --opt=${{ inputs.opt }} --${{ env.FUNC }} --${{ env.KAT }} --${{ env.ACVP }} --${{ env.WYCHEPROOF }} --${{ env.EXAMPLES }} --${{ env.STACK }} --${{ env.UNIT }} --${{ env.ALLOC }} --${{ env.RNGFAIL }} -v ${{ inputs.extra_args }}
122126
- name: Post ${{ env.MODE }} Tests
123127
shell: ${{ env.SHELL }}
124128
if: success() || failure()

.github/actions/multi-functest/action.yml

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,9 @@ inputs:
4141
acvp:
4242
description: Determine whether to run acvp test or not
4343
default: "true"
44+
wycheproof:
45+
description: Determine whether to run wycheproof test or not
46+
default: "true"
4447
examples:
4548
description: Determine whether to run examples or not
4649
default: "true"
@@ -84,6 +87,7 @@ runs:
8487
kat: ${{ inputs.kat }}
8588
unit: ${{ inputs.unit }}
8689
acvp: ${{ inputs.acvp }}
90+
wycheproof: ${{ inputs.wycheproof }}
8791
examples: ${{ inputs.examples }}
8892
check_namespace: ${{ inputs.check_namespace }}
8993
stack: ${{ inputs.stack }}
@@ -109,6 +113,7 @@ runs:
109113
kat: ${{ inputs.kat }}
110114
unit: ${{ inputs.unit }}
111115
acvp: ${{ inputs.acvp }}
116+
wycheproof: ${{ inputs.wycheproof }}
112117
examples: ${{ inputs.examples }}
113118
check_namespace: ${{ inputs.check_namespace }}
114119
stack: ${{ inputs.stack }}
@@ -134,6 +139,7 @@ runs:
134139
kat: ${{ inputs.kat }}
135140
unit: ${{ inputs.unit }}
136141
acvp: ${{ inputs.acvp }}
142+
wycheproof: ${{ inputs.wycheproof }}
137143
examples: ${{ inputs.examples }}
138144
check_namespace: ${{ inputs.check_namespace }}
139145
stack: ${{ inputs.stack }}
@@ -159,6 +165,7 @@ runs:
159165
kat: ${{ inputs.kat }}
160166
unit: ${{ inputs.unit }}
161167
acvp: ${{ inputs.acvp }}
168+
wycheproof: ${{ inputs.wycheproof }}
162169
examples: ${{ inputs.examples }}
163170
check_namespace: ${{ inputs.check_namespace }}
164171
stack: ${{ inputs.stack }}
@@ -184,6 +191,7 @@ runs:
184191
kat: ${{ inputs.kat }}
185192
unit: ${{ inputs.unit }}
186193
acvp: ${{ inputs.acvp }}
194+
wycheproof: ${{ inputs.wycheproof }}
187195
examples: ${{ inputs.examples }}
188196
check_namespace: ${{ inputs.check_namespace }}
189197
stack: ${{ inputs.stack }}
@@ -209,6 +217,7 @@ runs:
209217
kat: ${{ inputs.kat }}
210218
unit: ${{ inputs.unit }}
211219
acvp: ${{ inputs.acvp }}
220+
wycheproof: ${{ inputs.wycheproof }}
212221
examples: ${{ inputs.examples }}
213222
check_namespace: ${{ inputs.check_namespace }}
214223
stack: ${{ inputs.stack }}
@@ -233,6 +242,7 @@ runs:
233242
kat: ${{ inputs.kat }}
234243
unit: ${{ inputs.unit }}
235244
acvp: ${{ inputs.acvp }}
245+
wycheproof: ${{ inputs.wycheproof }}
236246
examples: ${{ inputs.examples }}
237247
check_namespace: ${{ inputs.check_namespace }}
238248
stack: ${{ inputs.stack }}
@@ -257,6 +267,7 @@ runs:
257267
kat: ${{ inputs.kat }}
258268
unit: ${{ inputs.unit }}
259269
acvp: ${{ inputs.acvp }}
270+
wycheproof: ${{ inputs.wycheproof }}
260271
examples: ${{ inputs.examples }}
261272
check_namespace: ${{ inputs.check_namespace }}
262273
stack: ${{ inputs.stack }}
@@ -281,6 +292,7 @@ runs:
281292
kat: ${{ inputs.kat }}
282293
unit: ${{ inputs.unit }}
283294
acvp: ${{ inputs.acvp }}
295+
wycheproof: ${{ inputs.wycheproof }}
284296
examples: ${{ inputs.examples }}
285297
check_namespace: ${{ inputs.check_namespace }}
286298
stack: ${{ inputs.stack }}
@@ -306,6 +318,7 @@ runs:
306318
kat: ${{ inputs.kat }}
307319
unit: ${{ inputs.unit }}
308320
acvp: ${{ inputs.acvp }}
321+
wycheproof: ${{ inputs.wycheproof }}
309322
examples: ${{ inputs.examples }}
310323
check_namespace: ${{ inputs.check_namespace }}
311324
stack: ${{ inputs.stack }}

.github/actions/setup-aws-lc/action.yml

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -34,8 +34,3 @@ runs:
3434
# Remember AWS-LC directory
3535
echo AWSLC_DIR="$GITHUB_WORKSPACE/${{ inputs.dir }}" >> $GITHUB_ENV
3636
AWSLC_DIR=$GITHUB_WORKSPACE/${{ inputs.dir }}
37-
38-
# TEMPORARY: Patch up importer
39-
if [[ "$(uname)" == "Darwin" ]]; then
40-
sed -i '' 's/\$SED_I/"${SED_I[@]}"/g' $AWSLC_DIR/crypto/fipsmodule/ml_kem/importer.sh
41-
fi

.github/actions/setup-nix/action.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -62,8 +62,10 @@ runs:
6262
shell: bash
6363
run: |
6464
if [[ -f /.dockerenv ]]; then
65+
apt update
6566
apt install nix -y
6667
else
68+
sudo apt update
6769
sudo apt install nix -y
6870
fi
6971
mkdir -p ~/.config/nix

.github/mlc_config.json

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
{
2+
"_comment": "Config for markdown-link-check. Domains below are often temporarily unavailable but the links are valid.",
3+
"ignorePatterns": [
4+
{
5+
"pattern": "^https://cr\\.yp\\.to"
6+
},
7+
{
8+
"pattern": "^https://kyberslash\\.cr\\.yp\\.to"
9+
},
10+
{
11+
"pattern": "^https://holtrace\\.cr\\.yp\\.to"
12+
},
13+
{
14+
"pattern": "^https://lib\\.mceliece\\.org"
15+
},
16+
{
17+
"pattern": "^https://github\\.com/pq-code-package/mlkem-native/compare/.*\\.\\.\\.v"
18+
},
19+
{
20+
"pattern": "^http://nvlpubs\\.nist\\.gov"
21+
}
22+
]
23+
}

.github/workflows/all.yml

Lines changed: 3 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -67,25 +67,15 @@ jobs:
6767
needs: [ base ]
6868
uses: ./.github/workflows/integration-opentitan.yml
6969
secrets: inherit
70-
awslc_integration_fixed:
71-
name: AWS-LC (v1.64.0)
70+
awslc_integration:
71+
name: AWS-LC
7272
permissions:
7373
contents: 'read'
7474
id-token: 'write'
7575
needs: [ base ]
7676
uses: ./.github/workflows/integration-awslc.yml
7777
with:
78-
commit: 7187ab572ddcdae4fa408e932d3e878c9941137b # v1.64.0
79-
secrets: inherit
80-
awslc_integration_head:
81-
name: AWS-LC (HEAD)
82-
permissions:
83-
contents: 'read'
84-
id-token: 'write'
85-
needs: [ base ]
86-
uses: ./.github/workflows/integration-awslc.yml
87-
with:
88-
commit: main
78+
commit: v1.72.0
8979
secrets: inherit
9080
ct-test:
9181
name: Constant-time

.github/workflows/baremetal.yml

Lines changed: 45 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,22 +23,34 @@ jobs:
2323
func: true
2424
kat: true
2525
acvp: true
26+
wycheproof: false
2627
alloc: true
2728
bench: true
2829
opt: all
30+
- runner: ubuntu-latest
31+
name: 'M33-AN524'
32+
makefile: test/baremetal/platform/m33-an524/platform.mk
33+
nix-shell: cross-arm-embedded
34+
func: true
35+
kat: true
36+
acvp: true
37+
alloc: true
38+
bench: true
39+
opt: no_opt
2940
- runner: ubuntu-latest
3041
name: 'AVR ATmega128RFR2 (modified for 32K RAM)'
3142
makefile: test/baremetal/platform/avr/platform.mk
3243
nix-shell: cross-avr
3344
func: true
3445
kat: true
3546
acvp: true
47+
wycheproof: false
3648
alloc: false
3749
bench: false
3850
opt: no_opt
3951
runs-on: ${{ matrix.target.runner }}
4052
steps:
41-
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
53+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
4254
- name: baremetal build + test
4355
uses: ./.github/actions/functest
4456
env:
@@ -50,6 +62,7 @@ jobs:
5062
func: ${{ matrix.target.func }}
5163
kat: ${{ matrix.target.kat }}
5264
acvp: ${{ matrix.target.acvp }}
65+
wycheproof: ${{ matrix.target.wycheproof }}
5366
examples: false
5467
stack: false
5568
alloc: ${{ matrix.target.alloc }}
@@ -66,3 +79,34 @@ jobs:
6679
perf: PMU
6780
opt: true
6881
store_results: false
82+
83+
baremetal_aarch64_virt:
84+
name: AArch64-virt no-MMU (${{ matrix.fips202_backend }})
85+
strategy:
86+
fail-fast: false
87+
matrix:
88+
fips202_backend:
89+
- x1_scalar
90+
- x1_v84a
91+
- x2_v84a
92+
- x4_v8a_scalar
93+
- x4_v8a_v84a_scalar
94+
runs-on: ubuntu-latest
95+
steps:
96+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
97+
- name: baremetal build + test
98+
uses: ./.github/actions/functest
99+
env:
100+
EXTRA_MAKEFILE: test/baremetal/platform/aarch64-virt/platform.mk
101+
with:
102+
nix-shell: cross-aarch64-embedded
103+
gh_token: ${{ secrets.GITHUB_TOKEN }}
104+
opt: opt
105+
func: true
106+
kat: true
107+
acvp: true
108+
examples: false
109+
stack: false
110+
alloc: false
111+
rng_fail: true
112+
extra_args: '--fips202-aarch64-backend=${{ matrix.fips202_backend }}'

0 commit comments

Comments
 (0)