Skip to content

Update Mbed TLS for 5.12 release to Mbed TLS development HEAD #9920

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Mar 5, 2019
Merged

Update Mbed TLS for 5.12 release to Mbed TLS development HEAD #9920

merged 3 commits into from
Mar 5, 2019

Conversation

simonbutcher
Copy link
Contributor

@simonbutcher simonbutcher commented Mar 4, 2019
edited
Loading

Description

This PR updates the current version of Mbed TLS to the current HEAD of the development branch of Mbed TLS. This is intended to be the next release of Mbed TLS, minus any bug fixes found in OOB or integration testing.

Note, this PR also changes the configuration of the storage options, so they are now dependent on the TARGET_PSA symbol being defined, (which means the PSA label has been defined for the target).

This PR supersedes PR #9779, which I can't update as I'm not the author.

Pull request type

[ ] Fix
[ ] Refactor
[ ] Target update
[x] Functionality change
[ ] Docs update
[ ] Test update
[ ] Breaking change

Reviewers

@Patater / @hanno-arm / @k-stachowiak

Release Notes

These will be updated at a later time, when we provide a final Mbed TLS PR to update the version number.
This release of Mbed TLS includes:-

  • integration of the PSA Crypto API sufficient to support Pelion Client
  • RAM optimisations to reduce RAM usage during TLS handshakes when using X.509 authentication. This reduces the overall RAM required by Mbed TLS.

@simonbutcher
Make the storage configs dependent on the PSA label
21c6c90 
This commit makes the storage configurations - setting
MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C and unsetting
MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C - dependent on the PSA label being defined for
the target.

Previously these symbols were always defined for all platforms which could
cause problems for targets that don't yet support PSA.
@simonbutcher
Move the Mbed TLS target to the development branch
86825a6 
Before moving to the new release of Mbed TLS, this moves the default imported
version of Mbed TLS to the development branch, and will import the HEAD of the
branch, not just a specific release.
@simonbutcher
Update Mbed TLS to the latest development version
5285b39 
This updates Mbed TLS to the latest development version, commit 535ee4a35b9c
in the Mbed TLS repo.
@simonbutcher simonbutcher mentioned this pull request Mar 4, 2019
Closed
@ciarmcom ciarmcom requested review from hanno-becker, k-stachowiak, Patater and a team March 4, 2019 02:00
@ciarmcom
Copy link
Member

ciarmcom commented Mar 4, 2019

@sbutcher-arm, thank you for your changes.
@hanno-arm @Patater @k-stachowiak @ARMmbed/mbed-os-tls @ARMmbed/mbed-os-crypto @ARMmbed/mbed-os-maintainers please review.

@NirSonnenschein
Copy link
Contributor

started CI pending review

@0xc0170 0xc0170 requested a review from a user March 4, 2019 06:57
@mbed-ci
Copy link

mbed-ci commented Mar 4, 2019

Test run: SUCCESS

Summary: 13 of 13 test jobs passed
Build number : 1
Build artifacts

@0xc0170
Copy link
Contributor

0xc0170 commented Mar 4, 2019

Initial CI passed. Needs completed reviews now!

@sbutcher-arm When this become the final version (ready for integration) ?

@0xc0170 0xc0170 added the risk: A label Mar 4, 2019
Patater
Patater approved these changes Mar 4, 2019
View reviewed changes
Copy link
Contributor

@Patater Patater left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Agreed we need to discuss PSA target configuration within Mbed OS. We've been assuming a homogeneous level of support from hardware on targets that are marked as PSA, but that will potentially limit where PSA APIs will be available as we grow target support.

@0xc0170 0xc0170 mentioned this pull request Mar 4, 2019
Merged
k-stachowiak
k-stachowiak approved these changes Mar 4, 2019
View reviewed changes
Copy link
Contributor

@k-stachowiak k-stachowiak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me!

@simonbutcher
Copy link
Contributor Author

@sbutcher-arm When this become the final version (ready for integration) ?

We have more bug fixes available to us that we could merge, but ran out of time on, so this is the effective final release, with the assumption that the only thing to change is the version number. We'll issue a new PR to badge the release with a version number once OOB is complete and it has been confirmed that there are no last minute bugs that need fixing.

If you'll permit us, we can add further fixes into this release today - but until yourself and @ChiefBureaucraticOfficer confirm we can - we'll assume a code freeze so you can merge it if you wish.

I forgot to mention last night, because this changes the way the storage configuration options are enabled, it needs approval from someone in @dannybenor's team.

cc: @dannybenor / @itayzafrir

@NirSonnenschein
Copy link
Contributor

CC @ARMmbed/mbed-os-storage (@dannybenor 's team)

@NirSonnenschein NirSonnenschein requested a review from a team March 4, 2019 10:37
@adbridge
Copy link
Contributor

adbridge commented Mar 4, 2019

@sbutcher-arm Could you please add some details for the release notes prior to us creating RC2 one week today. These notes will all feed into the OOB team so they can see what has been updated.

davidsaada
davidsaada approved these changes Mar 4, 2019
View reviewed changes
Copy link
Contributor

@davidsaada davidsaada left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving, based on the fact that PSA storage options (including ITS) are derived from PSA.

@simonbutcher
Copy link
Contributor Author

Could you please add some details for the release notes prior to us creating RC2 one week today.

@adbridge - I've added a short description as requested.

@ghost ghost added the PM_ACCEPTED label Mar 4, 2019
@simonbutcher
Copy link
Contributor Author

@k-stachowiak and @Patater have approved this, which is good enough for TLS approval.

@0xc0170
Copy link
Contributor

0xc0170 commented Mar 5, 2019

If you'll permit us, we can add further fixes into this release today - but until yourself and @ChiefBureaucraticOfficer confirm we can - we'll assume a code freeze so you can merge it if you wish.

This is ready for integration ? Or anything else expecting here?

@simonbutcher
Copy link
Contributor Author

@0xc0170 - There's no reason to hold this back, as it appears to be holding back the overall release. Please just merge this PR as it is.

ghost
ghost approved these changes Mar 5, 2019
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Meets criteria, needed for PSA.

@0xc0170 0xc0170 merged commit 63dd5cb into ARMmbed:master Mar 5, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Patater Patater Patater approved these changes

@k-stachowiak k-stachowiak k-stachowiak approved these changes

@0xc0170 0xc0170 0xc0170 approved these changes

@davidsaada davidsaada davidsaada approved these changes

@hanno-becker hanno-becker Awaiting requested review from hanno-becker

Assignees
No one assigned
Labels
release-version: 5.12.0-rc1 risk: A
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@simonbutcher @ciarmcom @NirSonnenschein @mbed-ci @0xc0170 @adbridge @Patater @k-stachowiak @davidsaada