Skip to content

kernel: credentials: add signature checker #25

kernel: credentials: add signature checker

kernel: credentials: add signature checker #25

Workflow file for this run

# Licensed under the Apache License, Version 2.0 or the MIT License.
# SPDX-License-Identifier: Apache-2.0 OR MIT
# Copyright Tock Contributors 2023.
# This workflow contains the litex-ci-runner job, which uses the LiteX Verilated
# simulation to run a Tock kernel and perform various tests using libtock-c
# example applications.
name: litex-sim-ci
env:
TERM: xterm # Makes tput work in actions output
# Controls when the action will run. Triggers the workflow on push or pull
# request events but only for the master branch
on:
push: # Run CI for all branches except GitHub merge queue tmp branches
branches-ignore:
- "gh-readonly-queue/**"
pull_request: # Run CI for PRs on any branch
merge_group: # Run CI for the GitHub merge queue
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
# If you add additional jobs, remember to add them to bors.toml
permissions:
contents: read
jobs:
litex-sim-ci:
strategy:
matrix:
os: [ubuntu-latest]
# The type of runner that the job will run on
runs-on: ${{ matrix.os }}
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checkout the Tock repo, needs to happen at the beginning given
# that other steps (such as the Rust toolchain) depend on files
# in this repo.
- name: Checkout the current repository
uses: actions/checkout@v3
# Install basic packages required for the GitHub actions workflow
- name: Update packages and install dependencies
run: |
sudo apt update
sudo apt install python3-pip python3-venv \
verilator libevent-dev libjson-c-dev libz-dev libzmq3-dev
# Uses a custom RISCV toolchain containing the required headers. This
# follows the libtock-c GitHub actions definition.
- name: Setup RISC-V GCC toolchain
run: |
RISCV_TOOLCHAIN_MIRRORS=(\
"http://www.cs.virginia.edu/~bjc8c/archive/gcc-riscv64-unknown-elf-8.3.0-ubuntu.zip" \
"https://alpha.mirror.svc.schuermann.io/files/2023-08-17_gcc-riscv64-unknown-elf-8.3.0-ubuntu.zip"\
)
pushd $HOME
for MIRROR in ${RISCV_TOOLCHAIN_MIRRORS[@]}; do
echo "Fetching RISC-V toolchain from ${MIRROR}..."
wget -Oriscv-toolchain.zip -q "$MIRROR" &&\
(echo "2c82a8f3ac77bf2b24d66abff3aa5e873750c76de24c77e12dae91b9d2f4da27 riscv-toolchain.zip" |\
sha256sum -c)
if [ $? -ne 0 ]; then
echo "WARNING: Fetching RISC-V from mirror $MIRROR failed!" >&2
else
break
fi
done
unzip riscv-toolchain.zip
echo "$HOME/gcc-riscv64-unknown-elf-8.3.0-ubuntu/bin" >> $GITHUB_PATH
popd
# Install elf2tab to be able to build userspace apps
- name: Install elf2tab
run: |
cargo install elf2tab@0.10.2
# Install tockloader, which is used to prepare binaries with userspace
# applications.
- name: Install tockloader
run: |
pip3 install tockloader==1.9.0
# Clone tock-litex support repository under ./tock-litex, check out the
# targeted release.
- name: Checkout the tock-litex repository
uses: actions/checkout@v3
with:
repository: lschuermann/tock-litex
# The pinned revision is different from the targeted release as
# documented in the LiteX boards, as the CI requires special patches
# to LiteX for interacting with the simulation:
ref: 2022081701-tock-ci-0
path: tock-litex
# Install all of the required Python packages from the tock-litex'
# requirements.txt file
- name: Install Python packages pinned by the tock-litex revision
run: |
pushd tock-litex
# Migen is the DSL which the LiteX ecosystem uses as its
# hardware-description language. It effectively provides a set of
# Python classes and constructs which can be translated into Verilog.
# It is not a package of the LiteX ecosystem, and thus not in the
# requirements.txt, but it is required to be present on the system.
# It should not require any specific or patched version.
pip3 install migen==0.9.2
pip3 install -r requirements.txt
popd
# Build the LiteX simulator Tock kernel. This kernel is never touched, the
# litex-ci-runner will use its own temporary flash files.
- name: Build the LiteX simulator Tock kernel
run: |
pushd boards/litex/sim
make
popd
# Revision to checkout defined in the main tock repository in
# .libtock_c_ci_rev
- name: Checkout libtock-c CI revision
uses: actions/checkout@v3
with:
repository: tock/libtock-c
# Pins a libtock-c revision for LiteX CI tests. In case of
# bugs fixed in libtock-c, backwards-incompatible changes in
# Tock or new tests this might need to be updated.
#
# libtock-c of Sep 8, 2022, 5:42 PM EDT
ref: ad372e599e5a9e664f12c7757576cb28c8b40412
path: libtock-c
- name: Build libtock-c apps
run: |
# We only need to build for a single target, but at multiple flash and
# memory addresses such that tockloader can place the non-PIC apps
# into the kernel binary properly.
export TOCK_TARGETS="\
rv32imc|rv32imc.0x00080060.0x40008000|0x00080060|0x40008000
rv32imc|rv32imc.0x00088060.0x40010000|0x00088060|0x40010000"
export LIBTOCK_C_APPS="\
c_hello \
tests/console_timeout \
tests/mpu_walk_region \
tests/printf_long \
rot13_service \
rot13_client \
tests/console_recv_short \
tests/console_recv_long"
pushd libtock-c/examples
for APP in $LIBTOCK_C_APPS; do
make -C "$APP"
done
popd
# Run the LiteX simulation with required options for Tock
- name: Run various tests in the LiteX simulation using the litex-ci-runner
run: |
pushd tools/litex-ci-runner
cargo run