Skip to content

Commit 78b97d9

Browse files
hanno-beckerhanno-becker
committed
AWS-LC: Remove stdlib patch
The previously applied patch has been upstreamed and is no longer necessary. The CI logic for applying potential patches is kept to avoid having to look it up in the git history when future temporary patches are required. An issue in the AWS-LC importer requires a different temporary patch. Signed-off-by: Hanno Becker <[email protected]>
1 parent 36a90f4 commit 78b97d9

File tree

4 files changed

+67
-39
lines changed

4 files changed

+67
-39
lines changed

.github/workflows/all.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -52,14 +52,14 @@ jobs:
5252
uses: ./.github/workflows/integration-liboqs.yml
5353
secrets: inherit
5454
awslc_integration_fixed:
55-
name: AWS-LC (8568a08)
55+
name: AWS-LC (873ca6f2)
5656
permissions:
5757
contents: 'read'
5858
id-token: 'write'
5959
needs: [ base ]
6060
uses: ./.github/workflows/integration-awslc.yml
6161
with:
62-
commit: bce1d2cbfd702f3bb6dcbc5ffd2da45bce08adcb # v1.56.0
62+
commit: 873ca6f227e3ad2351325f921ee93760095b9ddf
6363
secrets: inherit
6464
awslc_integration_head:
6565
name: AWS-LC (HEAD)

.github/workflows/integration-awslc.yml

Lines changed: 30 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -40,14 +40,22 @@ jobs:
4040
with:
4141
repository: ${{ inputs.repository }}
4242
commit: ${{ inputs.commit }}
43+
- name: Apply pre-import patch if present
44+
run: |
45+
cd $AWSLC_DIR
46+
if [ -f "$GITHUB_WORKSPACE/integration/aws-lc/pre_import.patch" ]; then
47+
git apply $GITHUB_WORKSPACE/integration/aws-lc/pre_import.patch
48+
fi
4349
- name: Run importer
4450
run: |
4551
cd $AWSLC_DIR/crypto/fipsmodule/ml_kem
4652
GITHUB_REPOSITORY=$GITHUB_REPOSITORY GITHUB_SHA=$GITHUB_SHA ./importer.sh --force
47-
- name: Apply custom stdlib patch
53+
- name: Apply post-import patch if present
4854
run: |
4955
cd $AWSLC_DIR
50-
patch -p0 < $GITHUB_WORKSPACE/integration/aws-lc/add-custom-stdlib.patch
56+
if [ -f "$GITHUB_WORKSPACE/integration/aws-lc/post_import.patch" ]; then
57+
git apply $GITHUB_WORKSPACE/integration/aws-lc/post_import.patch
58+
fi
5159
- name: Build+Test AWS-LC (FIPS=${{ matrix.fips }})
5260
run: |
5361
cd $AWSLC_DIR
@@ -91,14 +99,22 @@ jobs:
9199
with:
92100
repository: ${{ inputs.repository }}
93101
commit: ${{ inputs.commit }}
102+
- name: Apply pre-import patch if present
103+
run: |
104+
cd $AWSLC_DIR
105+
if [ -f "$GITHUB_WORKSPACE/integration/aws-lc/pre_import.patch" ]; then
106+
git apply $GITHUB_WORKSPACE/integration/aws-lc/pre_import.patch
107+
fi
94108
- name: Run importer
95109
run: |
96110
cd $AWSLC_DIR/crypto/fipsmodule/ml_kem
97111
GITHUB_REPOSITORY=$GITHUB_REPOSITORY GITHUB_SHA=$GITHUB_SHA ./importer.sh --force
98-
- name: Apply custom stdlib patch
112+
- name: Apply post-import patch if present
99113
run: |
100114
cd $AWSLC_DIR
101-
patch -p0 < $GITHUB_WORKSPACE/integration/aws-lc/add-custom-stdlib.patch
115+
if [ -f "$GITHUB_WORKSPACE/integration/aws-lc/post_import.patch" ]; then
116+
git apply $GITHUB_WORKSPACE/integration/aws-lc/post_import.patch
117+
fi
102118
- name: Run test
103119
run: |
104120
cd $AWSLC_DIR
@@ -127,14 +143,22 @@ jobs:
127143
with:
128144
repository: ${{ inputs.repository }}
129145
commit: ${{ inputs.commit }}
146+
- name: Apply pre-import patch if present
147+
run: |
148+
cd $AWSLC_DIR
149+
if [ -f "$GITHUB_WORKSPACE/integration/aws-lc/pre_import.patch" ]; then
150+
git apply $GITHUB_WORKSPACE/integration/aws-lc/pre_import.patch
151+
fi
130152
- name: Run importer
131153
run: |
132154
cd $AWSLC_DIR/crypto/fipsmodule/ml_kem
133155
GITHUB_REPOSITORY=$GITHUB_REPOSITORY GITHUB_SHA=$GITHUB_SHA ./importer.sh --force
134-
- name: Apply custom stdlib patch
156+
- name: Apply post-import patch if present
135157
run: |
136158
cd $AWSLC_DIR
137-
patch -p0 < $GITHUB_WORKSPACE/integration/aws-lc/add-custom-stdlib.patch
159+
if [ -f "$GITHUB_WORKSPACE/integration/aws-lc/post_import.patch" ]; then
160+
git apply $GITHUB_WORKSPACE/integration/aws-lc/post_import.patch
161+
fi
138162
- name: Run test
139163
run: |
140164
cd $AWSLC_DIR

integration/aws-lc/add-custom-stdlib.patch

Lines changed: 0 additions & 31 deletions
This file was deleted.

integration/aws-lc/pre_import.patch

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
-# Copyright (c) The mlkem-native project authors
2+
-# SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
3+
---
4+
crypto/fipsmodule/ml_kem/importer.sh | 18 +++++++++---------
5+
1 file changed, 9 insertions(+), 9 deletions(-)
6+
7+
diff --git a/crypto/fipsmodule/ml_kem/importer.sh b/crypto/fipsmodule/ml_kem/importer.sh
8+
index e3d8650ce..24832abb7 100755
9+
--- a/crypto/fipsmodule/ml_kem/importer.sh
10+
+++ b/crypto/fipsmodule/ml_kem/importer.sh
11+
@@ -115,15 +115,15 @@ else
12+
fi
13+
14+
# Exclude POLY_COMPRESS/DECOMPRESS functions from the x86 backend for now.
15+
-sed ${SED_I[@]} '/compress_avx2.c/d' $SRC/mlkem_native_bcm.c
16+
-sed ${SED_I[@]} '/MLK_USE_NATIVE_POLY_COMPRESS_D4/d' $SRC/native/x86_64/meta.h
17+
-sed ${SED_I[@]} '/MLK_USE_NATIVE_POLY_COMPRESS_D5/d' $SRC/native/x86_64/meta.h
18+
-sed ${SED_I[@]} '/MLK_USE_NATIVE_POLY_COMPRESS_D10/d' $SRC/native/x86_64/meta.h
19+
-sed ${SED_I[@]} '/MLK_USE_NATIVE_POLY_COMPRESS_D11/d' $SRC/native/x86_64/meta.h
20+
-sed ${SED_I[@]} '/MLK_USE_NATIVE_POLY_DECOMPRESS_D4/d' $SRC/native/x86_64/meta.h
21+
-sed ${SED_I[@]} '/MLK_USE_NATIVE_POLY_DECOMPRESS_D5/d' $SRC/native/x86_64/meta.h
22+
-sed ${SED_I[@]} '/MLK_USE_NATIVE_POLY_DECOMPRESS_D10/d' $SRC/native/x86_64/meta.h
23+
-sed ${SED_I[@]} '/MLK_USE_NATIVE_POLY_DECOMPRESS_D11/d' $SRC/native/x86_64/meta.h
24+
+sed "${SED_I[@]}" '/compress_avx2.c/d' $SRC/mlkem_native_bcm.c
25+
+sed "${SED_I[@]}" '/MLK_USE_NATIVE_POLY_COMPRESS_D4/d' $SRC/native/x86_64/meta.h
26+
+sed "${SED_I[@]}" '/MLK_USE_NATIVE_POLY_COMPRESS_D5/d' $SRC/native/x86_64/meta.h
27+
+sed "${SED_I[@]}" '/MLK_USE_NATIVE_POLY_COMPRESS_D10/d' $SRC/native/x86_64/meta.h
28+
+sed "${SED_I[@]}" '/MLK_USE_NATIVE_POLY_COMPRESS_D11/d' $SRC/native/x86_64/meta.h
29+
+sed "${SED_I[@]}" '/MLK_USE_NATIVE_POLY_DECOMPRESS_D4/d' $SRC/native/x86_64/meta.h
30+
+sed "${SED_I[@]}" '/MLK_USE_NATIVE_POLY_DECOMPRESS_D5/d' $SRC/native/x86_64/meta.h
31+
+sed "${SED_I[@]}" '/MLK_USE_NATIVE_POLY_DECOMPRESS_D10/d' $SRC/native/x86_64/meta.h
32+
+sed "${SED_I[@]}" '/MLK_USE_NATIVE_POLY_DECOMPRESS_D11/d' $SRC/native/x86_64/meta.h
33+
34+
# Copy mlkem-native header
35+
# This is only needed for access to the various macros defining key sizes.

0 commit comments

Comments
 (0)