-
Notifications
You must be signed in to change notification settings - Fork 14
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Jiewen Yao <[email protected]>
- Loading branch information
Showing
1,347 changed files
with
79,460 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| version: 2 | ||
| updates: | ||
|
|
||
| - package-ecosystem: "cargo" | ||
| directory: "/" | ||
| schedule: | ||
| # Check for updates to cargo dependencies every week | ||
| interval: "weekly" | ||
| open-pull-requests-limit: 1 | ||
| allow: | ||
| - dependency-type: direct | ||
| - dependency-type: indirect | ||
|
|
||
| - package-ecosystem: "github-actions" | ||
| directory: "/" | ||
| schedule: | ||
| # Check for updates to GitHub Actions every week | ||
| interval: "weekly" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,157 @@ | ||
| name: Coverage | ||
| on: | ||
| push: | ||
| branches: [coverage] | ||
| tags: | ||
| - "**" | ||
| pull_request: | ||
| branches: [coverage] | ||
| # Allows you to run this workflow manually from the Actions tab | ||
| workflow_dispatch: | ||
| jobs: | ||
| generate_coverage: | ||
| runs-on: ubuntu-latest | ||
|
|
||
| # Steps represent a sequence of tasks that will be executed as part of the job | ||
| steps: | ||
| - uses: ilammy/setup-nasm@v1 | ||
|
|
||
| - name: Checkout sources | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| submodules: recursive | ||
|
|
||
| - name: Install LLVM and Clang | ||
| uses: KyleMayes/install-llvm-action@v1 | ||
| with: | ||
| version: "12.0.1" | ||
| directory: ${{ runner.temp }}/llvm | ||
|
|
||
| - name: Install toolchain | ||
| uses: actions-rs/toolchain@v1 | ||
| with: | ||
| profile: minimal | ||
| toolchain: nightly-2023-08-28 | ||
| override: true | ||
| components: rust-src, rustfmt, clippy, llvm-tools-preview | ||
|
|
||
| - name: Run cargo install grcov | ||
| uses: actions-rs/cargo@v1 | ||
| with: | ||
| command: install | ||
| args: grcov | ||
|
|
||
| - name: Cache | ||
| uses: Swatinem/rust-cache@v2 | ||
|
|
||
| - name: Check code | ||
| run: | | ||
| ./sh_script/build.sh -c | ||
| - name: Install AFL (Linux) | ||
| uses: actions-rs/cargo@v1 | ||
| with: | ||
| command: install | ||
| args: --force --version 0.12.12 afl | ||
| if: runner.os == 'Linux' | ||
|
|
||
| - name: Install Cargo-Fuzz (Linux) | ||
| uses: actions-rs/cargo@v1 | ||
| with: | ||
| command: install | ||
| args: cargo-fuzz | ||
| if: runner.os == 'Linux' | ||
|
|
||
| - name: set core_pattern for core | ||
| run: | | ||
| sudo su - root <<EOF | ||
| echo core >/proc/sys/kernel/core_pattern | ||
| pushd /sys/devices/system/cpu | ||
| echo performance | tee cpu*/cpufreq/scaling_governor | ||
| popd | ||
| exit | ||
| EOF | ||
| if: runner.os == 'Linux' | ||
|
|
||
| - name: cargo build | ||
| env: | ||
| LLVM_PROFILE_FILE: build-%p-%m.profraw | ||
| RUSTFLAGS: "-C instrument-coverage" | ||
| CC_x86_64_unknown_none: clang | ||
| AR_x86_64_unknown_none: llvm-ar | ||
| RUN_REQUESTER_FEATURES: "spdm-ring" | ||
| RUN_RESPONDER_FEATURES: "spdm-ring" | ||
| run: | | ||
| ./sh_script/build.sh -r | ||
| - name: cargo build hashed-transcript-data | ||
| env: | ||
| LLVM_PROFILE_FILE: build-hashed-transcript-data-%p-%m.profraw | ||
| RUSTFLAGS: "-C instrument-coverage" | ||
| CC_x86_64_unknown_none: clang | ||
| AR_x86_64_unknown_none: llvm-ar | ||
| RUN_REQUESTER_FEATURES: "spdm-ring,hashed-transcript-data,async-executor" | ||
| RUN_RESPONDER_FEATURES: "spdm-ring,hashed-transcript-data,async-executor" | ||
| run: | | ||
| ./sh_script/build.sh -r | ||
| - name: cargo build spdm-mbedtls | ||
| env: | ||
| LLVM_PROFILE_FILE: build-hashed-transcript-data-%p-%m.profraw | ||
| RUSTFLAGS: "-C instrument-coverage" | ||
| CC_x86_64_unknown_none: clang | ||
| AR_x86_64_unknown_none: llvm-ar | ||
| RUN_REQUESTER_FEATURES: "spdm-mbedtls,async-executor" | ||
| RUN_RESPONDER_FEATURES: "spdm-mbedtls,async-executor" | ||
| run: | | ||
| ./sh_script/build.sh -r | ||
| - name: cargo build mbedtls hashed-transcript-data | ||
| env: | ||
| LLVM_PROFILE_FILE: build-hashed-transcript-data-%p-%m.profraw | ||
| RUSTFLAGS: "-C instrument-coverage" | ||
| CC_x86_64_unknown_none: clang | ||
| AR_x86_64_unknown_none: llvm-ar | ||
| RUN_REQUESTER_FEATURES: "spdm-mbedtls,hashed-transcript-data,async-executor" | ||
| RUN_RESPONDER_FEATURES: "spdm-mbedtls,hashed-transcript-data,async-executor" | ||
| run: | | ||
| ./sh_script/build.sh -r | ||
| - name: Run fuzz hash-transcript-data | ||
| env: | ||
| FUZZ_HASH_TRANSCRIPT_DATA_FEATURE: true | ||
| run: | | ||
| ./sh_script/fuzz_run.sh -c Scoverage | ||
| - name: Run fuzz | ||
| env: | ||
| FUZZ_HASH_TRANSCRIPT_DATA_FEATURE: false | ||
| run: | | ||
| ./sh_script/fuzz_run.sh -c Scoverage | ||
| - name: Run tests and collect coverage | ||
| run: | | ||
| grcov $(find . -name "*.profraw") \ | ||
| --branch \ | ||
| --binary-path ./target/debug/ \ | ||
| -s . \ | ||
| -t html \ | ||
| --ignore-not-existing \ | ||
| -o coverage | ||
| grcov $(find . -name "*.profraw") \ | ||
| --branch \ | ||
| --binary-path ./target/debug/ \ | ||
| -s . \ | ||
| -t lcov \ | ||
| --ignore-not-existing \ | ||
| -o coverage/lcov.info | ||
| - uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: coverage_data-${{ github.sha }} | ||
| path: coverage/ | ||
| - name: Upload coverage reports to Codecov with GitHub Action | ||
| uses: codecov/codecov-action@v3 | ||
| with: | ||
| files: coverage/lcov.info | ||
| fail_ci_if_error: false | ||
| verbose: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| name: deny | ||
| on: [push, pull_request] | ||
| jobs: | ||
| cargo-deny: | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| checks: | ||
| - sources | ||
| - bans | ||
| - advisories | ||
|
|
||
| # Prevent sudden announcement of a new advisory from failing ci: | ||
| continue-on-error: ${{ matrix.checks == 'sources' }} | ||
|
|
||
| steps: | ||
| - name: Checkout sources | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| submodules: recursive | ||
| - name: Apply patch | ||
| shell: bash | ||
| run: | | ||
| ./sh_script/pre-build.sh | ||
| - uses: EmbarkStudios/cargo-deny-action@v1 | ||
| with: | ||
| command: check ${{ matrix.checks }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,103 @@ | ||
| on: [push, pull_request] | ||
|
|
||
| name: Nightly lints | ||
|
|
||
| jobs: | ||
| clippy: | ||
| name: Clippy | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout sources | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| submodules: recursive | ||
| - name: Apply patch | ||
| shell: bash | ||
| run: | | ||
| ./sh_script/pre-build.sh | ||
| - name: Install nightly toolchain with clippy available | ||
| uses: actions-rs/toolchain@v1 | ||
| with: | ||
| profile: minimal | ||
| toolchain: nightly-2023-08-28 | ||
| override: true | ||
| components: clippy | ||
|
|
||
| - name: Run cargo clippy | ||
| uses: actions-rs/cargo@v1 | ||
| with: | ||
| command: clippy | ||
| args: -- -D warnings -A clippy::only-used-in-recursion -A incomplete-features -A clippy::bad_bit_mask -A clippy::derivable_impls | ||
|
|
||
| rustfmt: | ||
| name: Format | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout sources | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| submodules: recursive | ||
| - name: Apply patch | ||
| shell: bash | ||
| run: | | ||
| ./sh_script/pre-build.sh | ||
| - name: Install nightly toolchain with rustfmt available | ||
| uses: actions-rs/toolchain@v1 | ||
| with: | ||
| profile: minimal | ||
| toolchain: nightly-2023-08-28 | ||
| override: true | ||
| components: rustfmt | ||
| - name: Cache | ||
| uses: Swatinem/rust-cache@v2 | ||
|
|
||
| - name: Run cargo check | ||
| uses: actions-rs/cargo@v1 | ||
| with: | ||
| command: check | ||
|
|
||
| - name: Run cargo fmt | ||
| uses: actions-rs/cargo@v1 | ||
| with: | ||
| command: fmt | ||
| args: --all -- --check | ||
|
|
||
| combo: | ||
| name: Clippy + rustfmt | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout sources | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| submodules: recursive | ||
| - name: Apply patch | ||
| shell: bash | ||
| run: | | ||
| ./sh_script/pre-build.sh | ||
| - name: Install nightly toolchain | ||
| uses: actions-rs/toolchain@v1 | ||
| with: | ||
| profile: minimal | ||
| toolchain: nightly-2023-08-28 | ||
| override: true | ||
| components: rustfmt, clippy | ||
|
|
||
| - name: Cache | ||
| uses: Swatinem/rust-cache@v2 | ||
|
|
||
| - name: Run cargo check | ||
| uses: actions-rs/cargo@v1 | ||
| with: | ||
| command: check | ||
|
|
||
| - name: Run cargo fmt | ||
| uses: actions-rs/cargo@v1 | ||
| with: | ||
| command: fmt | ||
| args: --all -- --check | ||
|
|
||
| - name: Run cargo clippy | ||
| uses: actions-rs/cargo@v1 | ||
| with: | ||
| command: clippy | ||
| args: -- -D warnings -A clippy::only-used-in-recursion -A incomplete-features -A clippy::bad_bit_mask -A clippy::derivable_impls |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,81 @@ | ||
| name: FUZZING CODE | ||
|
|
||
| on: | ||
| push: | ||
| branches: [main] | ||
| pull_request: | ||
| branches: [main] | ||
|
|
||
| workflow_dispatch: | ||
|
|
||
| jobs: | ||
| fuzzing_test: | ||
| strategy: | ||
| matrix: | ||
| fuzz_hash_transcript_data_feature: [true, false] | ||
| fuzz_mut_auth_feature: [true, false] | ||
|
|
||
| runs-on: ubuntu-22.04 | ||
|
|
||
| # Steps represent a sequence of tasks that will be executed as part of the job | ||
| steps: | ||
| - name: install NASM | ||
| uses: ilammy/setup-nasm@v1 | ||
|
|
||
| - name: Install LLVM and Clang | ||
| uses: KyleMayes/install-llvm-action@v1 | ||
| with: | ||
| version: "12.0.1" | ||
| directory: ${{ runner.temp }}/llvm | ||
|
|
||
| - name: Checkout sources | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| submodules: recursive | ||
|
|
||
| - name: Install toolchain | ||
| uses: actions-rs/toolchain@v1 | ||
| with: | ||
| profile: minimal | ||
| toolchain: nightly-2023-08-28 | ||
| override: true | ||
| components: rust-src, rustfmt, clippy, llvm-tools-preview | ||
| - name: Checkout sources | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| submodules: recursive | ||
|
|
||
| - name: Check code | ||
| run: | | ||
| ./sh_script/build.sh -c | ||
| - name: Install AFL (Linux) | ||
| uses: actions-rs/cargo@v1 | ||
| with: | ||
| command: install | ||
| args: --force --version 0.12.17 afl | ||
| if: runner.os == 'Linux' | ||
|
|
||
| - name: Install Cargo-Fuzz (Linux) | ||
| uses: actions-rs/cargo@v1 | ||
| with: | ||
| command: install | ||
| args: cargo-fuzz | ||
| if: runner.os == 'Linux' | ||
| - name: set core_pattern for core | ||
| run: | | ||
| sudo su - root <<EOF | ||
| echo core >/proc/sys/kernel/core_pattern | ||
| pushd /sys/devices/system/cpu | ||
| echo performance | tee cpu*/cpufreq/scaling_governor | ||
| popd | ||
| exit | ||
| EOF | ||
| if: runner.os == 'Linux' | ||
|
|
||
| - name: Run fuzz | ||
| env: | ||
| FUZZ_HASH_TRANSCRIPT_DATA_FEATURE: ${{ matrix.fuzz_hash_transcript_data_feature }} | ||
| FUZZ_MUT_AUTH_FEATURE: ${{ matrix.fuzz_mut_auth_feature }} | ||
| run: | | ||
| ./sh_script/fuzz_run.sh |
Oops, something went wrong.