Skip to content

[aes_gcm,sca] Allow setting IV or key as FvsR #179

[aes_gcm,sca] Allow setting IV or key as FvsR

[aes_gcm,sca] Allow setting IV or key as FvsR #179

Workflow file for this run

# Copyright lowRISC contributors (OpenTitan project).
# Licensed under the Apache License, Version 2.0, see LICENSE for details.
# SPDX-License-Identifier: Apache-2.0
name: CI
on:
pull_request:
push:
branches-ignore:
- "backport-*"
tags:
- "*"
permissions:
contents: read
# Needed for workload identity federation
id-token: write
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
env:
VIVADO_VERSION: "2021.1"
jobs:
quick_lint:
name: Lint (quick)
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Required so we can lint commit messages.
- name: Prepare environment
uses: ./.github/actions/prepare-env
- name: Show environment
run: ./ci/scripts/show-env.sh
- name: Commit metadata
run: ./ci/scripts/lint-commits.sh "$GITHUB_BASE_REF"
if: ${{ github.event_name == 'pull_request' }}
- name: License headers
run: ./ci/scripts/check-licence-headers.sh "$GITHUB_BASE_REF"
if: ${{ github.event_name == 'pull_request' }}
- name: Executable bits
run: ./ci/scripts/exec-check.sh
- name: Non-ASCII characters
run: ./ci/scripts/check-ascii.sh
- name: Python (flake8)
run: ./ci/scripts/python-lint.sh "$GITHUB_BASE_REF"
if: ${{ github.event_name == 'pull_request' }}
- name: Python (mypy)
run: ./ci/scripts/mypy.sh
- name: Validate testplans with schema
run: ./ci/scripts/validate_testplans.sh
- name: C/C++ formatting
run: ./bazelisk.sh test //quality:clang_format_check
- name: Rust formatting
run: ./bazelisk.sh test //quality:rustfmt_check
- name: Shellcheck
run: ./bazelisk.sh test //quality:shellcheck_check
- name: Header guards
run: ./ci/scripts/include-guard.sh "$GITHUB_BASE_REF"
if: ${{ github.event_name == 'pull_request' }}
- name: Trailing whitespace
run: ./ci/scripts/whitespace.sh "$GITHUB_BASE_REF"
if: ${{ github.event_name == 'pull_request' }}
- name: Broken links
run: ./ci/scripts/check-links.sh
- name: Generated documentation
run: ./ci/scripts/check-cmdgen.sh
slow_lint:
name: Lint (slow)
runs-on: ubuntu-20.04
needs: quick_lint
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Bitstream cache requires all commits.
- name: Prepare environment
uses: ./.github/actions/prepare-env
- name: Countermeasures implemented (earlgrey)
run: ./ci/scripts/check-countermeasures.sh earlgrey
continue-on-error: true
- name: Countermeasures implemented (englishbreakfast)
run: ./ci/scripts/check-countermeasures.sh englishbreakfast
continue-on-error: true
- name: Bazel test suite tags
run: ./ci/scripts/check_bazel_test_suites.py
continue-on-error: true
# See #21973: disabled until Verilator tags are fixed.
# - name: Check Bazel tags
# run: ./ci/scripts/check-bazel-tags.sh
# continue-on-error: true
- name: Banned Bazel rules
run: ./ci/scripts/check-bazel-banned-rules.sh
- name: Bazel target names
run: ./ci/scripts/check_bazel_target_names.py
continue-on-error: true
- name: DV software images
run: ./ci/scripts/check_dv_sw_images.sh
continue-on-error: true
- name: Build documentation
run: ./ci/scripts/build-docs.sh
- name: Generated files
run: ./ci/scripts/check-generated.sh
env:
OT_DESTRUCTIVE: 1 # Required by the script to clean up.
- name: Buildifier
run: ./bazelisk.sh test //quality:buildifier_check
- name: Vendored files
run: ./ci/scripts/check-vendoring.sh
- name: Verible RTL
run: ./ci/scripts/verible-lint.sh rtl
- name: Verible DV
run: ./ci/scripts/verible-lint.sh dv
- name: Verible FPV
run: ./ci/scripts/verible-lint.sh fpv
airgapped_build:
name: Airgapped build
runs-on: ubuntu-20.04
needs: quick_lint
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Bitstream cache requires all commits.
- name: Prepare environment
uses: ./.github/actions/prepare-env
with:
configure-bazel: false
- name: Free disk space
uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be
- name: Check disk space
run: |
df -h
- name: Prepare airgapped environment
run: ./util/prep-bazel-airgapped-build.sh
- name: Check disk space
run: |
df -h
- name: Build in the airgapped environment
run: ./ci/scripts/test-airgapped-build.sh
verible_lint:
name: Verible lint
runs-on: ubuntu-24.04
needs: quick_lint
if: ${{ github.event_name == 'pull_request' }}
env:
verible_config: hw/lint/tools/veriblelint/lowrisc-styleguide.rules.verible_lint
verible_version: v0.0-3430-g060bde0f
steps:
- uses: actions/checkout@v4
- name: Prepare Verible config
run: |
echo "Concatenating Verible waivers"
find . -type f -name '*.vbl' -exec cat {} \; >> verible_waiver
echo "::group::Verible config"
cat "$verible_config"
echo "::endgroup::"
echo "::group::Verible waiver"
cat "verible_waiver"
echo "::endgroup::"
- name: Run Verible linter action
uses: chipsalliance/[email protected]
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
verible_version: ${{ env.verible_version }}
reviewdog_reporter: 'github-pr-check'
suggest_fixes: 'false'
config_file: ${{ env.verible_config }}
extra_args: "--waiver_files=verible_waiver"
verilator_englishbreakfast:
name: Verilated English Breakfast
runs-on: ubuntu-20.04
needs: quick_lint
steps:
- uses: actions/checkout@v4
- name: Prepare environment
uses: ./.github/actions/prepare-env
- name: Build simulator with Verilator
run: ./ci/scripts/build-chip-verilator.sh englishbreakfast
- name: Upload binary
uses: actions/upload-artifact@v4
with:
name: verilated_englishbreakfast
path: build-bin/hw/top_englishbreakfast/Vchip_englishbreakfast_verilator
overwrite: true
- name: Test
run: ./ci/scripts/run-english-breakfast-verilator-tests.sh
# Build CW305 variant of the English Breakfast toplevel design using Vivado
chip_englishbreakfast_cw305:
name: CW305's Bitstream
runs-on: ubuntu-22.04-bitstream
needs: quick_lint
steps:
- uses: actions/checkout@v4
- name: Prepare environment
uses: ./.github/actions/prepare-env
- name: Build bitstream
run: |
# Build CW305 test rom required by `build-bitstream-vivado.sh`
rom_path="sw/device/lib/testing/test_rom"
./bazelisk.sh build "//${rom_path}:test_rom_fpga_cw305" \
--features=-rv32_bitmanip \
--copt=-DOT_IS_ENGLISH_BREAKFAST_REDUCED_SUPPORT_FOR_INTERNAL_USE_ONLY_
vmem="$(./bazelisk.sh cquery --output=files "//${rom_path}:test_rom_fpga_cw305" \
--features=-rv32_bitmanip \
--copt=-DOT_IS_ENGLISH_BREAKFAST_REDUCED_SUPPORT_FOR_INTERNAL_USE_ONLY_
)"
mkdir -p "build-bin/${rom_path}"
cp "$vmem" "build-bin/${rom_path}"
module load "xilinx/vivado/${VIVADO_VERSION}"
ci/scripts/build-bitstream-vivado.sh top_englishbreakfast cw305
- name: Upload bitstream
uses: actions/upload-artifact@v4
with:
name: chip_englishbreakfast_cw305
path: build-bin/hw/top_englishbreakfast/lowrisc_systems_chip_englishbreakfast_cw305_0.1.bit
overwrite: true
build_docker_containers:
name: Build Docker Containers
runs-on: ubuntu-20.04
needs: quick_lint
steps:
- uses: actions/checkout@v4
- name: Build Developer Utility Container
uses: docker/build-push-action@v6
with:
context: .
file: util/container/Dockerfile
continue-on-error: true
- name: Build Documentation Redirector Container
uses: docker/build-push-action@v6
with:
context: site/redirector/landing