• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#!/usr/bin/env perl
2#
3# Copyright The Mbed TLS Contributors
4# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
5#
6# This file is provided under the Apache License 2.0, or the
7# GNU General Public License v2.0 or later.
8#
9# **********
10# Apache License 2.0:
11#
12# Licensed under the Apache License, Version 2.0 (the "License"); you may
13# not use this file except in compliance with the License.
14# You may obtain a copy of the License at
15#
16# http://www.apache.org/licenses/LICENSE-2.0
17#
18# Unless required by applicable law or agreed to in writing, software
19# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
20# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21# See the License for the specific language governing permissions and
22# limitations under the License.
23#
24# **********
25#
26# **********
27# GNU General Public License v2.0 or later:
28#
29# This program is free software; you can redistribute it and/or modify
30# it under the terms of the GNU General Public License as published by
31# the Free Software Foundation; either version 2 of the License, or
32# (at your option) any later version.
33#
34# This program is distributed in the hope that it will be useful,
35# but WITHOUT ANY WARRANTY; without even the implied warranty of
36# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
37# GNU General Public License for more details.
38#
39# You should have received a copy of the GNU General Public License along
40# with this program; if not, write to the Free Software Foundation, Inc.,
41# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
42#
43# **********
44#
45# Purpose
46#
47# Comments and uncomments #define lines in the given header file and optionally
48# sets their value or can get the value. This is to provide scripting control of
49# what preprocessor symbols, and therefore what build time configuration flags
50# are set in the 'config.h' file.
51#
52# Usage: config.pl [-f <file> | --file <file>] [-o | --force]
53#                   [set <symbol> <value> | unset <symbol> | get <symbol> |
54#                       full | realfull]
55#
56# Full usage description provided below.
57#
58# The following options are disabled instead of enabled with "full".
59#
60# * Options that require additional build dependencies or unusual hardware.
61# * Options that make testing less effective.
62# * Options that are incompatible with other options, or more generally that
63#   interact with other parts of the code in such a way that a bulk enabling
64#   is not a good way to test them.
65# * Options that remove features.
66#
67# The baremetal configuration excludes options that require a library or
68# operating system feature that is typically not present on bare metal
69# systems. Features that are excluded from "full" won't be in "baremetal"
70# either.
71
72use warnings;
73use strict;
74
75my $config_file = "include/mbedtls/config.h";
76my $usage = <<EOU;
77$0 [-f <file> | --file <file>] [-o | --force]
78                   [set <symbol> <value> | unset <symbol> | get <symbol> |
79                        full | realfull | baremetal]
80
81Commands
82    set <symbol> [<value>]  - Uncomments or adds a #define for the <symbol> to
83                              the configuration file, and optionally making it
84                              of <value>.
85                              If the symbol isn't present in the file an error
86                              is returned.
87    unset <symbol>          - Comments out the #define for the given symbol if
88                              present in the configuration file.
89    get <symbol>            - Finds the #define for the given symbol, returning
90                              an exitcode of 0 if the symbol is found, and 1 if
91                              not. The value of the symbol is output if one is
92                              specified in the configuration file.
93    full                    - Uncomments all #define's in the configuration file
94                              excluding some reserved symbols, until the
95                              'Module configuration options' section
96    realfull                - Uncomments all #define's with no exclusions
97    baremetal               - Sets full configuration suitable for baremetal build.
98
99Options
100    -f | --file <filename>  - The file or file path for the configuration file
101                              to edit. When omitted, the following default is
102                              used:
103                                $config_file
104    -o | --force            - If the symbol isn't present in the configuration
105                              file when setting its value, a #define is
106                              appended to the end of the file.
107
108EOU
109
110my @excluded = qw(
111MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
112MBEDTLS_DEPRECATED_REMOVED
113MBEDTLS_DEPRECATED_WARNING
114MBEDTLS_ECP_NO_INTERNAL_RNG
115MBEDTLS_HAVE_SSE2
116MBEDTLS_MEMORY_BACKTRACE
117MBEDTLS_MEMORY_BUFFER_ALLOC_C
118MBEDTLS_MEMORY_DEBUG
119MBEDTLS_NO_64BIT_MULTIPLICATION
120MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
121MBEDTLS_NO_PLATFORM_ENTROPY
122MBEDTLS_NO_UDBL_DIVISION
123MBEDTLS_PKCS11_C
124MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
125MBEDTLS_REMOVE_3DES_CIPHERSUITES
126MBEDTLS_REMOVE_ARC4_CIPHERSUITES
127MBEDTLS_RSA_NO_CRT
128MBEDTLS_SSL_HW_RECORD_ACCEL
129MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
130MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
131MBEDTLS_TEST_NULL_ENTROPY
132MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
133MBEDTLS_ZLIB_SUPPORT
134_ALT\s*$
135);
136
137# Things that should be disabled in "baremetal"
138my @excluded_baremetal = qw(
139MBEDTLS_ENTROPY_NV_SEED
140MBEDTLS_FS_IO
141MBEDTLS_HAVEGE_C
142MBEDTLS_HAVE_TIME
143MBEDTLS_HAVE_TIME_DATE
144MBEDTLS_MEMORY_BACKTRACE
145MBEDTLS_MEMORY_BUFFER_ALLOC_C
146MBEDTLS_NET_C
147MBEDTLS_PLATFORM_FPRINTF_ALT
148MBEDTLS_PLATFORM_NV_SEED_ALT
149MBEDTLS_PLATFORM_TIME_ALT
150MBEDTLS_THREADING_C
151MBEDTLS_THREADING_PTHREAD
152MBEDTLS_TIMING_C
153);
154
155# Things that should be enabled in "full" even if they match @excluded.
156# Platform ALTs enable global variables that allow configuring the behavior
157# but default to the default behavior, except for PLATFORM_SETUP_TEARDOWN_ALT
158# which requires the application to provide relevant functions like
159# non-platform ALTs.
160my @non_excluded = qw(
161PLATFORM_(?!SETUP_TEARDOWN_)[A-Z_0-9]+_ALT
162);
163
164# Things that should be enabled in "baremetal"
165my @non_excluded_baremetal = qw(
166MBEDTLS_NO_PLATFORM_ENTROPY
167);
168
169# Process the command line arguments
170
171my $force_option = 0;
172
173my ($arg, $name, $value, $action);
174
175while ($arg = shift) {
176
177    # Check if the argument is an option
178    if ($arg eq "-f" || $arg eq "--file") {
179        $config_file = shift;
180
181        -f $config_file or die "No such file: $config_file\n";
182
183    }
184    elsif ($arg eq "-o" || $arg eq "--force") {
185        $force_option = 1;
186
187    }
188    else
189    {
190        # ...else assume it's a command
191        $action = $arg;
192
193        if ($action eq "full" || $action eq "realfull" || $action eq "baremetal" ) {
194            # No additional parameters
195            die $usage if @ARGV;
196
197        }
198        elsif ($action eq "unset" || $action eq "get") {
199            die $usage unless @ARGV;
200            $name = shift;
201
202        }
203        elsif ($action eq "set") {
204            die $usage unless @ARGV;
205            $name = shift;
206            $value = shift if @ARGV;
207
208        }
209        else {
210            die "Command '$action' not recognised.\n\n".$usage;
211        }
212    }
213}
214
215# If no command was specified, exit...
216if ( not defined($action) ){ die $usage; }
217
218# Check the config file is present
219if (! -f $config_file)  {
220
221    chdir '..' or die;
222
223    # Confirm this is the project root directory and try again
224    if ( !(-d 'scripts' && -d 'include' && -d 'library' && -f $config_file) ) {
225        die "If no file specified, must be run from the project root or scripts directory.\n";
226    }
227}
228
229
230# Now read the file and process the contents
231
232open my $config_read, '<', $config_file or die "read $config_file: $!\n";
233my @config_lines = <$config_read>;
234close $config_read;
235
236# Add required baremetal symbols to the list that is included.
237if ( $action eq "baremetal" ) {
238    @non_excluded = ( @non_excluded, @non_excluded_baremetal );
239}
240
241my ($exclude_re, $no_exclude_re, $exclude_baremetal_re);
242if ($action eq "realfull") {
243    $exclude_re = qr/^$/;
244    $no_exclude_re = qr/./;
245} else {
246    $exclude_re = join '|', @excluded;
247    $no_exclude_re = join '|', @non_excluded;
248}
249if ( $action eq "baremetal" ) {
250    $exclude_baremetal_re = join '|', @excluded_baremetal;
251}
252
253my $config_write = undef;
254if ($action ne "get") {
255    open $config_write, '>', $config_file or die "write $config_file: $!\n";
256}
257
258my $done;
259for my $line (@config_lines) {
260    if ($action eq "full" || $action eq "realfull" || $action eq "baremetal" ) {
261        if ($line =~ /name SECTION: Module configuration options/) {
262            $done = 1;
263        }
264
265        if (!$done && $line =~ m!^//\s?#define! &&
266                ( $line !~ /$exclude_re/ || $line =~ /$no_exclude_re/ ) &&
267                ( $action ne "baremetal" || ( $line !~ /$exclude_baremetal_re/ ) ) ) {
268            $line =~ s!^//\s?!!;
269        }
270        if (!$done && $line =~ m!^\s?#define! &&
271                ! ( ( $line !~ /$exclude_re/ || $line =~ /$no_exclude_re/ ) &&
272                    ( $action ne "baremetal" || ( $line !~ /$exclude_baremetal_re/ ) ) ) ) {
273            $line =~ s!^!//!;
274        }
275    } elsif ($action eq "unset") {
276        if (!$done && $line =~ /^\s*#define\s*$name\b/) {
277            $line = '//' . $line;
278            $done = 1;
279        }
280    } elsif (!$done && $action eq "set") {
281        if ($line =~ m!^(?://)?\s*#define\s*$name\b!) {
282            $line = "#define $name";
283            $line .= " $value" if defined $value && $value ne "";
284            $line .= "\n";
285            $done = 1;
286        }
287    } elsif (!$done && $action eq "get") {
288        if ($line =~ /^\s*#define\s*$name(?:\s+(.*?))\s*(?:$|\/\*|\/\/)/) {
289            $value = $1;
290            $done = 1;
291        }
292    }
293
294    if (defined $config_write) {
295        print $config_write $line or die "write $config_file: $!\n";
296    }
297}
298
299# Did the set command work?
300if ($action eq "set" && $force_option && !$done) {
301
302    # If the force option was set, append the symbol to the end of the file
303    my $line = "#define $name";
304    $line .= " $value" if defined $value && $value ne "";
305    $line .= "\n";
306    $done = 1;
307
308    print $config_write $line or die "write $config_file: $!\n";
309}
310
311if (defined $config_write) {
312    close $config_write or die "close $config_file: $!\n";
313}
314
315if ($action eq "get") {
316    if ($done) {
317        if ($value ne '') {
318            print "$value\n";
319        }
320        exit 0;
321    } else {
322        # If the symbol was not found, return an error
323        exit 1;
324    }
325}
326
327if ($action eq "full" && !$done) {
328    die "Configuration section was not found in $config_file\n";
329
330}
331
332if ($action ne "full" && $action ne "unset" && !$done) {
333    die "A #define for the symbol $name was not found in $config_file\n";
334}
335
336__END__
337