Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Backport 25556 to earlgrey 1.0.0 #25573

Merged
merged 3 commits into from
Dec 10, 2024
Merged

Backport 25556 to earlgrey 1.0.0 #25573

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
5be3ba9
[CI, nightly] Fix merge skew
engdoreis Dec 9, 2024
73cf630
[CI, nightly] Rename tag skip_in_nightly_ci to slow_test
engdoreis Dec 9, 2024
e474dfe
[CI, nightly] Add a job to run slow tests on CW340
engdoreis Dec 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
96 changes: 83 additions & 13 deletions .github/workflows/nightly.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ jobs:
| grep -v examples \
| grep -v penetrationtests \
> "$bazel_tests"
./bazelisk.sh test --build_tests_only --test_tag_filters=-broken,-skip_in_nightly_ci --target_pattern_file="$bazel_tests"
./bazelisk.sh test --build_tests_only --test_tag_filters=-slow_test --target_pattern_file="$bazel_tests"

- name: Run tests after ROM_EXT boot stage
if: success() || failure()
Expand All @@ -72,23 +72,28 @@ jobs:
| grep -v examples \
| grep -v penetrationtests \
> "$bazel_tests"
./bazelisk.sh test --build_tests_only --test_tag_filters=-broken,-skip_in_nightly_ci --target_pattern_file="$bazel_tests"
./bazelisk.sh test --build_tests_only --test_tag_filters=-slow_test --target_pattern_file="$bazel_tests"

- name: Publish bazel test results
if: success() || failure()
- name: Compute bucket destination
id: bucket_destination
if: ${{ !cancelled() }}
run: |
# Bazel produce one xml for each test. So we merge them together.
find -L bazel-out -name "test.xml" | xargs merge-junit -o "$BAZEL_TEST_RESULTS"
BUCKET_PATH=$GS_PATH/job/${{ github.job }}/branch/${{ inputs.branch || 'earlgrey_1.0.0'}}/$(date +%Y-%m-%d-%H%M%S)_test_results.xml
echo "BUCKET_PATH=$BUCKET_PATH" >> $GITHUB_OUTPUT

BUCKET_PATH=$GS_PATH/job/${{ github.job }}/branch/${{ inputs.branch || 'earlgrey_1.0.0'}}/$(date +%Y-%m-%d-%H%M%S)_${BAZEL_TEST_RESULTS}
gcloud storage cp $BAZEL_TEST_RESULTS "$BUCKET_PATH"
- name: Publish Bazel test results
uses: ./.github/actions/publish-bazel-test-results
if: ${{ !cancelled() }}
with:
artifact-name: fpga_cw310_sival_nightly-test-results
bucket-destination: ${{ steps.bucket_destination.outputs.BUCKET_PATH }}

fpga_cw340_sival_nightly:
name: FPGA CW340 SiVal tests
runs-on: [ubuntu-22.04-fpga, cw340]

env:
GS_PATH: gs://opentitan-test-results
GS_PATH: opentitan-test-results
BAZEL_TEST_RESULTS: test_results.xml

steps:
Expand Down Expand Up @@ -125,7 +130,7 @@ jobs:
| grep -v examples \
| grep -v penetrationtests \
> "$bazel_tests"
./bazelisk.sh test --build_tests_only --test_tag_filters=-skip_in_nightly_ci --target_pattern_file="$bazel_tests"
./bazelisk.sh test --build_tests_only --test_tag_filters=-slow_test --target_pattern_file="$bazel_tests"

- name: Run tests after ROM_EXT boot stage
if: success() || failure()
Expand All @@ -136,13 +141,78 @@ jobs:
| grep -v examples \
| grep -v penetrationtests \
> "$bazel_tests"
./bazelisk.sh test --build_tests_only --test_tag_filters=-skip_in_nightly_ci --target_pattern_file="$bazel_tests"
./bazelisk.sh test --build_tests_only --test_tag_filters=-slow_test --target_pattern_file="$bazel_tests"

- name: Publish bazel test results
if: success() || failure()
run: |
# Bazel produce one xml for each test. So we merge them together.
find -L bazel-out -name "test.xml" | xargs merge-junit -o "$BAZEL_TEST_RESULTS"

BUCKET_PATH=$GS_PATH/job/${{ github.job }}/branch/${{ inputs.branch || 'earlgrey_1.0.0'}}/$(date +%Y-%m-%d-%H%M%S)_${BAZEL_TEST_RESULTS}
gcloud storage cp $BAZEL_TEST_RESULTS "$BUCKET_PATH"
- name: Publish Bazel test results
uses: ./.github/actions/publish-bazel-test-results
if: ${{ !cancelled() }}
with:
artifact-name: fpga_cw340_sival_nightly-test-results
bucket-destination: ${{ steps.bucket_destination.outputs.BUCKET_PATH }}

fpga_cw340_slow_sival_nightly:
name: FPGA CW340 slow SiVal tests
runs-on: [ubuntu-22.04-fpga, cw340]

env:
GS_PATH: opentitan-test-results
BAZEL_TEST_RESULTS: test_results.xml

steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Required for the bitstream cache to work.
ref: ${{ inputs.branch || 'earlgrey_1.0.0' }} # Schedule only work on the default branch, but we want to run on a different branch.

- name: Install dependencies
uses: ./.github/actions/prepare-env
with:
service_account_json: '${{ secrets.BAZEL_CACHE_CREDS }}'

- uses: google-github-actions/setup-gcloud@v2

- name: Update hyperdebug
# We run the update command twice to workaround an issue with udev on the container.
# Where rusb cannot dynamically update its device list in CI (udev is not completely
# functional). If the device is in normal mode, the first thing that opentitantool
# does is to switch it to DFU mode and wait until it reconnects. This reconnection is
# never detected. But if we run the tool another time, the device list is queried again
# and opentitantool can finish the update. The device will now reboot in normal mode
# and work for the hyperdebug job.
run: |
./bazelisk.sh run //sw/host/opentitantool -- --interface=hyperdebug_dfu transport update-firmware \
|| ./bazelisk.sh run //sw/host/opentitantool -- --interface=hyperdebug_dfu transport update-firmware

- name: Run tests
if: success() || failure()
run: |
module load xilinx/vivado
bazel_tests="$(mktemp)"

./bazelisk.sh query 'attr("tags", "[\[ ]cw340_sival_rom_ext[,\]]", tests(//sw/device/...))' \
'intersect attr("tags", "slow_test", tests(//sw/device/...))' \
| grep -v examples \
| grep -v penetrationtests \
> "$bazel_tests"

./bazelisk.sh test --build_tests_only --target_pattern_file="$bazel_tests"

- name: Compute bucket destination
id: bucket_destination
if: ${{ !cancelled() }}
run: |
BUCKET_PATH=$GS_PATH/job/${{ github.job }}/branch/${{ inputs.branch || 'earlgrey_1.0.0'}}/$(date +%Y-%m-%d-%H%M%S)_test_results.xml
echo "BUCKET_PATH=$BUCKET_PATH" >> $GITHUB_OUTPUT

- name: Publish Bazel test results
uses: ./.github/actions/publish-bazel-test-results
if: ${{ !cancelled() }}
with:
artifact-name: fpga_cw340_slow_sival_nightly-test-results
bucket-destination: ${{ steps.bucket_destination.outputs.BUCKET_PATH }}
18 changes: 15 additions & 3 deletions sw/device/tests/crypto/cryptotest/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ AES_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "aes_kat",
skip_in_nightly_ci = True,
slow_test = True,
test_args = AES_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/aes_nist_kat:harness",
test_vectors = AES_TESTVECTOR_TARGETS,
Expand Down Expand Up @@ -68,6 +68,7 @@ ECDSA_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "ecdsa_kat",
slow_test = True,
test_args = ECDSA_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/ecdsa_kat:harness",
test_vectors = ECDSA_TESTVECTOR_TARGETS,
Expand Down Expand Up @@ -113,6 +114,7 @@ SHA256_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "sha256_kat",
slow_test = True,
test_args = SHA256_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/hash_kat:harness",
test_vectors = SHA256_TESTVECTOR_TARGETS,
Expand All @@ -135,6 +137,7 @@ SHA384_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "sha384_kat",
slow_test = True,
test_args = SHA384_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/hash_kat:harness",
test_vectors = SHA384_TESTVECTOR_TARGETS,
Expand All @@ -157,6 +160,7 @@ SHA512_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "sha512_kat",
slow_test = True,
test_args = SHA512_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/hash_kat:harness",
test_vectors = SHA512_TESTVECTOR_TARGETS,
Expand Down Expand Up @@ -201,6 +205,7 @@ SHA3_256_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "sha3_256_kat",
slow_test = True,
test_args = SHA3_256_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/hash_kat:harness",
test_vectors = SHA3_256_TESTVECTOR_TARGETS,
Expand All @@ -223,6 +228,7 @@ SHA3_384_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "sha3_384_kat",
slow_test = True,
test_args = SHA3_384_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/hash_kat:harness",
test_vectors = SHA3_384_TESTVECTOR_TARGETS,
Expand All @@ -245,6 +251,7 @@ SHA3_512_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "sha3_512_kat",
slow_test = True,
test_args = SHA3_512_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/hash_kat:harness",
test_vectors = SHA3_512_TESTVECTOR_TARGETS,
Expand All @@ -268,7 +275,7 @@ SHAKE128_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "shake128_kat",
skip_in_nightly_ci = True,
slow_test = True,
test_args = SHAKE128_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/hash_kat:harness",
test_vectors = SHAKE128_TESTVECTOR_TARGETS,
Expand All @@ -292,7 +299,7 @@ SHAKE256_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "shake256_kat",
skip_in_nightly_ci = True,
slow_test = True,
test_args = SHAKE256_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/hash_kat:harness",
test_vectors = SHAKE256_TESTVECTOR_TARGETS,
Expand Down Expand Up @@ -326,6 +333,7 @@ DRBG_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "drbg_kat",
slow_test = True,
test_args = DRBG_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/drbg_kat:harness",
test_vectors = DRBG_TESTVECTOR_TARGETS,
Expand All @@ -343,6 +351,7 @@ HMAC_SHA256_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "hmac_sha256_kat",
slow_test = True,
test_args = HMAC_SHA256_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/hmac_kat:harness",
test_vectors = HMAC_SHA256_TESTVECTOR_TARGETS,
Expand All @@ -360,6 +369,7 @@ HMAC_SHA384_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "hmac_sha384_kat",
slow_test = True,
test_args = HMAC_SHA384_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/hmac_kat:harness",
test_vectors = HMAC_SHA384_TESTVECTOR_TARGETS,
Expand All @@ -377,6 +387,7 @@ HMAC_SHA512_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "hmac_sha512_kat",
slow_test = True,
test_args = HMAC_SHA512_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/hmac_kat:harness",
test_vectors = HMAC_SHA512_TESTVECTOR_TARGETS,
Expand Down Expand Up @@ -416,6 +427,7 @@ SPHINCSPLUS_TESTVECTOR_ARGS = " ".join([

cryptotest(
name = "sphincsplus_kat",
slow_test = True,
test_args = SPHINCSPLUS_TESTVECTOR_ARGS,
test_harness = "//sw/host/tests/crypto/sphincsplus_kat:harness",
test_vectors = SPHINCSPLUS_TESTVECTOR_TARGETS,
Expand Down
8 changes: 5 additions & 3 deletions sw/device/tests/crypto/cryptotest/cryptotest.bzl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ load(
CRYPTOTEST_EXEC_ENVS = {
"//hw/top_earlgrey:fpga_cw310_test_rom": None,
"//hw/top_earlgrey:fpga_cw310_sival_rom_ext": None,
"//hw/top_earlgrey:fpga_cw340_test_rom": "fpga_cw340",
"//hw/top_earlgrey:fpga_cw340_sival_rom_ext": "fpga_cw340",
"//hw/top_earlgrey:silicon_owner_sival_rom_ext": "silicon",
}

Expand All @@ -43,17 +45,17 @@ FIRMWARE_DEPS = [
"//sw/device/tests/crypto/cryptotest/json:commands",
]

def cryptotest(name, test_vectors, test_args, test_harness, skip_in_nightly_ci = False):
def cryptotest(name, test_vectors, test_args, test_harness, slow_test = False):
"""A macro for defining a CryptoTest test case.

Args:
name: the name of the test.
test_vectors: the test vectors to use.
test_args: additional arguments to pass to the test.
test_harness: the test harness to use.
skip_in_nightly_ci: indicate if the test should be run in the nightly CI.
slow_test: indicate if the test should be run in the nightly CI.
"""
tags = ["skip_in_nightly_ci"] if skip_in_nightly_ci else []
tags = ["slow_test"] if slow_test else []
opentitan_test(
name = name,
srcs = ["//sw/device/tests/crypto/cryptotest/firmware:firmware.c"],
Expand Down
Loading