Prepare for the removal of MBEDTLS_PLATFORM_GET_ENTROPY_ALT

We cannot remove it completely yet. It must remain in config.py so that it is not included in the full configuration. A temporary exception is required for it in analyze_outcomes.py. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2025-10-17 04:51:22 +03:00 · 2025-09-03 09:57:29 +02:00
parent 3b30643143
commit eb16a9d9ea
6 changed files with 18 additions and 10 deletions
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -210,7 +210,7 @@ static int run_test_snprintf(void)
 * back.
 */
 #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_ENTROPY_C)
-#if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_PLATFORM_GET_ENTROPY_ALT)
+#if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_PSA_DRIVER_GET_ENTROPY)
 static void dummy_entropy(unsigned char *output, size_t output_size)
 {
    srand(1);
@@ -239,7 +239,7 @@ static void create_entropy_seed_file(void)

 static int mbedtls_entropy_self_test_wrapper(int verbose)
 {
-#if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_PLATFORM_GET_ENTROPY_ALT)
+#if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_PSA_DRIVER_GET_ENTROPY)
    create_entropy_seed_file();
 #endif
    return mbedtls_entropy_self_test(verbose);
--- a/scripts/config.py
+++ b/scripts/config.py
@@ -180,8 +180,10 @@ def baremetal_adapter(name, value, active):
    """Config adapter for "baremetal"."""
    if not is_boolean_setting(name, value):
        return active
-    if name == 'MBEDTLS_PLATFORM_GET_ENTROPY_ALT':
+    if name == 'MBEDTLS_PSA_BUILTIN_GET_ENTROPY':
        # No OS-provided entropy source
+        return False
+    if name == 'MBEDTLS_PSA_DRIVER_GET_ENTROPY':
        return True
    return include_in_full(name) and keep_in_baremetal(name)

--- a/scripts/footprint.sh
+++ b/scripts/footprint.sh
@@ -64,7 +64,8 @@ doit()
        scripts/config.py unset MBEDTLS_NET_C || true
        scripts/config.py unset MBEDTLS_TIMING_C || true
        scripts/config.py unset MBEDTLS_FS_IO || true
-        scripts/config.py --force set MBEDTLS_PLATFORM_GET_ENTROPY_ALT || true
+        scripts/config.py unset MBEDTLS_PSA_BUILTIN_GET_ENTROPY || true
+        scripts/config.py --force set MBEDTLS_PSA_DRIVER_GET_ENTROPY || true
    } >/dev/null 2>&1

    make clean >/dev/null
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -128,6 +128,8 @@ class CoverageTask(outcome_analysis.CoverageTask):
            # PSA entropy drivers.
            # https://github.com/Mbed-TLS/mbedtls/issues/8150
            'Config: MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES',
+            # Obsolete config option that we are about to remove
+            'Config: MBEDTLS_PLATFORM_GET_ENTROPY_ALT',
            # Untested aspect of the platform interface.
            # https://github.com/Mbed-TLS/mbedtls/issues/9589
            'Config: MBEDTLS_PLATFORM_NO_STD_FUNCTIONS',
--- a/tests/scripts/components-configuration-platform.sh
+++ b/tests/scripts/components-configuration-platform.sh
@@ -20,17 +20,18 @@ component_build_no_std_function () {
    make
 }

-component_test_platform_get_entropy_alt()
+component_test_psa_driver_get_entropy()
 {
-    msg "build: default config + MBEDTLS_PLATFORM_GET_ENTROPY_ALT"
+    msg "build: default - MBEDTLS_PSA_BUILTIN_GET_ENTROPY + MBEDTLS_PSA_DRIVER_GET_ENTROPY"
    # Use hardware polling as the only source for entropy
-    scripts/config.py set MBEDTLS_PLATFORM_GET_ENTROPY_ALT
+    scripts/config.py unset MBEDTLS_PSA_BUILTIN_GET_ENTROPY
    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
+    scripts/config.py set MBEDTLS_PSA_DRIVER_GET_ENTROPY

    make

    # Run all the tests
-    msg "test: default config + MBEDTLS_PLATFORM_GET_ENTROPY_ALT"
+    msg "test: default - MBEDTLS_PSA_BUILTIN_GET_ENTROPY + MBEDTLS_PSA_DRIVER_GET_ENTROPY"
    make test
 }

@@ -40,7 +41,8 @@ component_build_no_sockets () {
    msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s
    scripts/config.py full
    scripts/config.py unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc.
-    scripts/config.py set MBEDTLS_PLATFORM_GET_ENTROPY_ALT # prevent syscall() on GNU/Linux
+    scripts/config.py unset MBEDTLS_PSA_BUILTIN_GET_ENTROPY # prevent syscall() on GNU/Linux
+    scripts/config.py set MBEDTLS_PSA_DRIVER_GET_ENTROPY
    make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1 -std=c99 -pedantic' lib
 }

--- a/tests/scripts/components-configuration.sh
+++ b/tests/scripts/components-configuration.sh
@@ -284,7 +284,8 @@ component_test_no_platform () {
    # Use the test alternative implementation of mbedtls_platform_get_entropy()
    # which is provided in "framework/tests/src/fake_external_rng_for_test.c"
    # since the default one is excluded in this scenario.
-    scripts/config.py set MBEDTLS_PLATFORM_GET_ENTROPY_ALT
+    scripts/config.py unset MBEDTLS_PSA_BUILTIN_GET_ENTROPY
+    scripts/config.py set MBEDTLS_PSA_DRIVER_GET_ENTROPY
    # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19,
    # to re-enable platform integration features otherwise disabled in C99 builds
    make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -Os -D_DEFAULT_SOURCE' lib programs