boringssl: Switch to Zephyr implementation of getentropy()

Since we have support for getentropy() in Zephyr[1], we can remove
the EC/Zephyr implementation.

The tests were also upstreamed, so we will remove them here. Now the
getentropy() tests can be found at zephyr/main/tests/posix/getentropy.

[1] zephyrproject-rtos/zephyr#71862

BUG=b:321092852
TEST=twister -T ../../third_party/zephyr/main/tests/posix/getentropy
TEST=twister -v -i -T zephyr/test/ --test boringssl.selftest

Cq-Depend: chromium:5497107
Change-Id: I5e0cc9e776cc2f1ebdf6a41a0edbb1f8f5dcd0f9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/5490419
Code-Coverage: Zoss <[email protected]>
Reviewed-by: Tom Hughes <[email protected]>
Commit-Queue: Patryk Duda <[email protected]>
Tested-by: Patryk Duda <[email protected]>

Author: duda-patryk

third_party/boringssl/CMakeLists.txt

@@ -4,7 +4,7 @@
 
 if(CONFIG_BORINGSSL_CRYPTO)
 
-zephyr_library_named(boringssl)
+zephyr_interface_library_named(boringssl)
 
 # Currently BoringSSL is not as a module, so we need to provide a path to
 # sources.
@@ -60,10 +60,6 @@ add_subdirectory(${BORINGSSL_SOURCES} build EXCLUDE_FROM_ALL)
 # Link 'crypto' library into boringssl library.
 zephyr_library_link_libraries(crypto)
 
-# Provide implementation of getentropy() using Zephyr Entropy Device.
-zephyr_library_sources_ifdef(CONFIG_BORINGSSL_HARDWARE_ENTROPY
-	common/getentropy_zephyr.c)
-
 # Add compile options required by BoringSSL.
 # -D_POSIX_C_SOURCE=200809L is needed because BoringSSL uses strdup() function
 # is guarded by __POSIX_VISIBLE >=200809 in Newlib's string.h file.

third_party/boringssl/Kconfig

@@ -15,7 +15,7 @@ if BORINGSSL_CRYPTO
 config BORINGSSL_HARDWARE_ENTROPY
 	bool "Provide entropy from hardware RNG"
 	default y
-	depends on ENTROPY_GENERATOR
+	depends on GETENTROPY
 	help
 	  This option enables support for providing entropy to BoringSSL.
 	  Entropy comes from hardware RNG selected in DTS.

third_party/boringssl/common/getentropy_zephyr.c

@@ -99,6 +99,7 @@ CONFIG_PTHREAD=y
 CONFIG_PTHREAD_IPC=y
 CONFIG_PTHREAD_KEY=y
 CONFIG_PTHREAD_MUTEX=y
+CONFIG_GETENTROPY=y
 # Disable unused part of the POSIX API.
 CONFIG_POSIX_CONFSTR=n
 CONFIG_POSIX_MQUEUE=n

zephyr/program/fpmcu/prj.conf

@@ -50,36 +50,3 @@ ZTEST(boringssl_crypto, test_rand_large_request)
 	CRYPTO_sysrand(buffer, buf_size);
 	zassert_true(memcmp(buffer, zeroes, buf_size) != 0);
 }
-
-ZTEST(boringssl_crypto, test_getentropy_too_large)
-{
-	uint8_t buf[256 + 1] = { 0 };
-
-	int ret = getentropy(buf, sizeof(buf));
-	zassert_equal(ret, -1);
-	zassert_equal(errno, EIO);
-}
-
-ZTEST(boringssl_crypto, test_getentropy_null_buffer)
-{
-	int ret = getentropy(NULL, 0);
-	zassert_equal(ret, -1);
-	zassert_equal(errno, EFAULT);
-}
-
-ZTEST(boringssl_crypto, test_getentropy)
-{
-	uint8_t zero[256] = { 0 };
-	uint8_t buf1[256];
-	uint8_t buf2[256];
-
-	int ret = getentropy(buf1, sizeof(buf1));
-	zassert_equal(ret, 0);
-
-	ret = getentropy(buf2, sizeof(buf2));
-	zassert_equal(ret, 0);
-
-	zassert_true(memcmp(buf1, zero, sizeof(zero)) != 0);
-	zassert_true(memcmp(buf2, zero, sizeof(zero)) != 0);
-	zassert_true(memcmp(buf1, buf2, sizeof(buf1)) != 0);
-}

zephyr/test/boringssl/main.c

@@ -8,3 +8,4 @@ CONFIG_BORINGSSL_HARDWARE_ENTROPY=y
 CONFIG_COMMON_LIBC_MALLOC=y
 CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=131070
 CONFIG_ENTROPY_GENERATOR=y
+CONFIG_GETENTROPY=y