Read the list of historical config options in 3.6, compare that to 1.0/4.0
and emit the appropriate checkers.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
There's only one subproject and that's unlikely to change, so being able to
specify a subproject at runtime is overkill.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Run a C compiler, not just the preprocessor. This allows capturing static
assertions (`MBEDTLS_STATIC_ASSERT`).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When we add a new generation script in crypto, there is a transition period
when mbedtls does not yet know that it has to run this script. For this
transition period, we can declare the script as optional, and
`make_generated_files.py --check` will not complain if the files are
missing.
Apply this, right now, to `scripts/generate_config_checks.py`, which is
being introduced in TF-PSA-Crypto.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When the current directory is the project root, have `--list` print relative
paths, rather than absolute paths that start with
`build_treeguess_project_root()`.
This is not only nice to humans, but also necessary for
`make_generated_files.py --root DIR --check`: it calls
this script with `--list` and expects a path that is relative
to DIR, not an absolute path that is under the project root.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
`output_files` was accidentally an iterator that was not iterated over
unless one of the list-only options was enabled.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Similar to `generate_*_tests.py`, let Python rather than Cmake worry about
constructing a CMake list.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
For the time being, only do this if the generation script
`scripts/generate_config_checks.py` exists in the consuming repository. This
way we can use this framework revision before the scripts are added to the
consuming repositories.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Infrastructure to generate config check headers, to be included in
`${PROJECT}_config.c`.
This commit creates a module with the core logic, and support for three
generated files, to be included before the user config, just after the user
config, and after finalizing the user config.
This commit provides a basic `Checker` class. Future commits will add
derived classes for common cases such as options set in the wrong project.
This module is meant to be used in an executable script in each project,
containing the project-specific names to use and the list of options.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
mypy can't deal with two modules with the same basename on its command line.
We don't normally want modules with the same name in different directories,
to avoid confusion, but it can happen occasionally while moving files across
repositories.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Having separate patch files has several benefits:
* They're available for integrators who wouldn't use our script to
test compliance.
* We keep them separate so they're easier for us to keep track of,
and apply separately if needed.
* No need to cheat with unchanged empty lines (normally represented by
a line containing a single space in a patch file) to keep `check_files.py`
happy.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When looking for constructors, do complain if we see an unusual macro with a
parameter: there's a significant chance that it's something new that will
require specific handling. As a consequence, we need to explicitly skip more
things that are known not to be constructors.
Keep ignoring macros without parameters that don't look like constructors
for the types we care about. Those probably don't matter.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Gilles Peskine