diff --git a/README.md b/README.md index 1cad9c0f26..03a1a5c5a5 100644 --- a/README.md +++ b/README.md @@ -52,14 +52,6 @@ AWS-LC is compatible with the majority of OpenSSL’s APIs to make it easy to us existing applications. We’re open to discussing adding missing functionality and understanding your use case in an [issue](https://github.com/aws/aws-lc/issues/new/choose). -### Compiler, OS, and CPU support - -AWS-LC correctness is tested on a variety of C/C++ compiler, OS, and CPU -combinations. For a complete list of tested combinations see -[tests/ci/Readme.md](https://github.com/aws/aws-lc/blob/main/tests/ci/README.md). -If you use a different combination and would like to make sure we test it, -please open an issue to discuss adding it to our CI. - ### Algorithm optimization support A portable C implementation of all algorithms is included and optimized assembly @@ -74,6 +66,54 @@ If you use another CPU and would like to make sure we test it or discuss adding an assembly optimized algorithm implementation, please open an issue to discuss adding it to our CI. +## Platform Support + +AWS-LC correctness is tested on a variety of *platforms* (i.e., OS/CPU combinations). +The following is an overview of the platforms we actively support or are +known to be of interest to our community. + +If you use a platform not listed below and would like to request it be added to our CI, +please open an [issue](https://github.com/aws/aws-lc/issues/new/choose) for discussion. +Regardless of our support level for a particular platform, we will gladly consider contributions that +improve or extend our support. + +### Supported Platforms + +The following platforms are actively tested in our CI pipeline. A few of these platforms are tested across +multiple compilers or compiler versions. For each pull request, the proposed change is validated to confirm that it +successfully builds and tests pass for these platform. +A more complete description of our test setup can be found in the +[CI README](https://github.com/aws/aws-lc/blob/main/tests/ci/README.md). + +| OS | CPU | +|---------|---------| +| Linux | x86 | +| Linux | x86-64 | +| Linux | aarch64 | +| Windows | x86-64 | +| macOS | x86-64 | +| macOS | aarch64 | +| Android | aarch64 | +| Linux | ppc | +| Linux | ppc64 | +| Linux | ppc64le | + +### Other platforms + +The platforms listed below are of interest to us or to our community. However, problems reported +against them might not be prioritized for immediate action by our team. We welcome contributions +that improve the experience for consumers on these platforms. + +| OS | CPU | +|-----------|-------------| +| Android | arm32 | +| iOS | aarch64 | +| Linux | arm32 | +| Linux | Loongarch64 | +| Windows | aarch64 | +| OpenBSD | x86-64 | +| FreeBSD | x86-64 | + ## AWS-LC safety mechanisms ### Automated testing diff --git a/tests/ci/README.md b/tests/ci/README.md index 8788317c6d..c69aec36f0 100644 --- a/tests/ci/README.md +++ b/tests/ci/README.md @@ -1,8 +1,8 @@ # CI for AWS-LC -We use prebuilt docker images for all of our builds for speed and consistency. +For speed and consistency, our CodeBuild CI build projects utilze prebuilt docker images. ## Setup - To setup the images for local testing or testing in your own AWS account see +To setup the docker images for local testing or testing in your own AWS account see the platform specific `README` in docker_images/*. Once you have the docker images uploaded to AWS Elastic Container Registry you @@ -53,89 +53,95 @@ docker run -e GOPROXY=direct -v `pwd`:`pwd` -w `pwd` -it ubuntu-20.04:clang-9x ## Test locations +Our CI uses a combination of CodeBuild and GitHub Workflow build environments. Both for transparency and to assist +contributors in diagnosing issues, most CI build logs are publicly available. If a CI failure occurs on your pull +request and you are unable to diagnose it (whether due to lack of log availability or otherwise), our team will gladly +assist you in identifying the cause. For other CI-related concerns, you may submit an +[issue](https://github.com/aws/aws-lc/issues) to our Github repository. + ### Unit tests General test suite with a varying set of build options (FIPS (shared-build), non-FIPS, debug, shared, static, etc.) is executed on the following combinations: -CI Tool| Compiler |CPU|OS ------------- |-----------------------------------| -------------|------------- -CodeBuild| gcc 4.1.3 |x86|Ubuntu 10.04 -CodeBuild| gcc 4.8.5 |x86|Centos 7 -CodeBuild| gcc 4.8.5 |x86-64|Centos 7 -CodeBuild| gcc 5.4.0 |x86|Ubuntu 16.04 -CodeBuild| gcc 7.3.1 |x86-64|AL2 -CodeBuild| gcc 7.3.1 |aarch64|AL2 -CodeBuild| gcc 7.5.0 |x86-64|Ubuntu 18.04 -CodeBuild| gcc 7.5.0 |x86-64|Ubuntu 20.04 -CodeBuild| gcc 7.5.0 |aarch64|Ubuntu 20.04 -CodeBuild| gcc 8.4.0 |x86-64|Ubuntu 20.04 -CodeBuild| gcc 8.4.0 |aarch64|Ubuntu 20.04 -CodeBuild| gcc 11 |x86-64|AL2023 -CodeBuild| gcc 11 |aarch64|AL2023 -CodeBuild| gcc 11 |x86-64|Ubuntu 22.04 -CodeBuild| gcc 11 |aarch64|Ubuntu 22.04 -CodeBuild| gcc 12 |x86-64|Ubuntu 22.04 -CodeBuild| gcc 12 |aarch64|Ubuntu 22.04 -CodeBuild| clang 7.0.1 |x86-64|AL2 -CodeBuild| clang 7.0.1 |aarch64|AL2 -CodeBuild| clang 6.0.0 |x86-64|Ubuntu 18.04 -CodeBuild| clang 9.0.1 |x86-64|Fedora 31 -CodeBuild| clang 7.0.1 |x86-64|Ubuntu 20.04 -CodeBuild| clang 7.0.1 |aarch64|Ubuntu 20.04 -CodeBuild| clang 8.0.1 |x86-64|Ubuntu 20.04 -CodeBuild| clang 8.0.1 |aarch64|Ubuntu 20.04 -CodeBuild| clang 9.0.1 |x86-64|Ubuntu 20.04 -CodeBuild| clang 9.0.1 |aarch64|Ubuntu 20.04 -CodeBuild| clang 10.0.0 |x86-64|Ubuntu 20.04 -CodeBuild| clang 10.0.0 |aarch64|Ubuntu 20.04 -CodeBuild| clang 15.0.6 |x86-64|AL2023 -CodeBuild| clang 15.0.6 |aarch64|AL2023 -CodeBuild| Visual Studio 2015 |x86-64|Windows Server 19 -CodeBuild| Visual Studio 2017 |x86-64|Windows Server 19 -GitHub Workflow| AppleClang 13.0.0 |x86-64|macOS 11 -SSM->EC2 Instance| AppleClang 14.0.0 |aarch64|macOS 12 -AWS Device Farm| Android ndkVersion "21.0.6113669" |aarch64|Android 10 -AWS Device Farm| Android ndkVersion "21.0.6113669" |aarch64|Android 11 -AWS Device Farm| Android ndkVersion "21.0.6113669" |aarch64|Android 12 +| CI Tool | Compiler | CPU | OS | Public Logs | +|-------------------|-----------------------------------|---------|-------------------|----------------------------------| +| CodeBuild | gcc 4.1.3 | x86 | Ubuntu 10.04 | _aws-lc-ci-linux-x86_ | +| CodeBuild | gcc 4.8.5 | x86 | Centos 7 | _aws-lc-ci-linux-x86_ | +| CodeBuild | gcc 4.8.5 | x86-64 | Centos 7 | _aws-lc-ci-linux-x86_ | +| CodeBuild | gcc 5.4.0 | x86 | Ubuntu 16.04 | _aws-lc-ci-linux-x86_ | +| CodeBuild | gcc 7.3.1 | x86-64 | AL2 | _aws-lc-ci-linux-x86_ | +| CodeBuild | gcc 7.3.1 | aarch64 | AL2 | _aws-lc-ci-linux-arm_ | +| CodeBuild | gcc 7.5.0 | x86-64 | Ubuntu 18.04 | _aws-lc-ci-linux-x86_ | +| CodeBuild | gcc 7.5.0 | x86-64 | Ubuntu 20.04 | _aws-lc-ci-linux-x86_ | +| CodeBuild | gcc 7.5.0 | aarch64 | Ubuntu 20.04 | _aws-lc-ci-linux-arm_ | +| CodeBuild | gcc 8.4.0 | x86-64 | Ubuntu 20.04 | _aws-lc-ci-linux-x86_ | +| CodeBuild | gcc 8.4.0 | aarch64 | Ubuntu 20.04 | _aws-lc-ci-linux-arm_ | +| CodeBuild | gcc 11 | x86-64 | AL2023 | _aws-lc-ci-linux-x86_ | +| CodeBuild | gcc 11 | aarch64 | AL2023 | _aws-lc-ci-linux-arm_ | +| CodeBuild | gcc 11 | x86-64 | Ubuntu 22.04 | _aws-lc-ci-linux-x86_ | +| CodeBuild | gcc 11 | aarch64 | Ubuntu 22.04 | _aws-lc-ci-linux-arm_ | +| CodeBuild | gcc 12 | x86-64 | Ubuntu 22.04 | _aws-lc-ci-linux-x86_ | +| CodeBuild | gcc 12 | aarch64 | Ubuntu 22.04 | _aws-lc-ci-linux-arm_ | +| CodeBuild | clang 7.0.1 | x86-64 | AL2 | _aws-lc-ci-linux-x86_ | +| CodeBuild | clang 7.0.1 | aarch64 | AL2 | _aws-lc-ci-linux-arm_ | +| CodeBuild | clang 6.0.0 | x86-64 | Ubuntu 18.04 | _aws-lc-ci-linux-x86_ | +| CodeBuild | clang 9.0.1 | x86-64 | Fedora 31 | _aws-lc-ci-linux-x86_ | +| CodeBuild | clang 7.0.1 | x86-64 | Ubuntu 20.04 | _aws-lc-ci-linux-x86_ | +| CodeBuild | clang 7.0.1 | aarch64 | Ubuntu 20.04 | _aws-lc-ci-linux-arm_ | +| CodeBuild | clang 8.0.1 | x86-64 | Ubuntu 20.04 | _aws-lc-ci-linux-x86_ | +| CodeBuild | clang 8.0.1 | aarch64 | Ubuntu 20.04 | _aws-lc-ci-linux-arm_ | +| CodeBuild | clang 9.0.1 | x86-64 | Ubuntu 20.04 | _aws-lc-ci-linux-x86_ | +| CodeBuild | clang 9.0.1 | aarch64 | Ubuntu 20.04 | _aws-lc-ci-linux-arm_ | +| CodeBuild | clang 10.0.0 | x86-64 | Ubuntu 20.04 | _aws-lc-ci-linux-x86_ | +| CodeBuild | clang 10.0.0 | aarch64 | Ubuntu 20.04 | _aws-lc-ci-linux-arm_ | +| CodeBuild | clang 15.0.6 | x86-64 | AL2023 | _aws-lc-ci-linux-x86_ | +| CodeBuild | clang 15.0.6 | aarch64 | AL2023 | _aws-lc-ci-linux-arm_ | +| CodeBuild | Visual Studio 2015 | x86-64 | Windows Server 19 | _aws-lc-ci-windows-x86_ | +| CodeBuild | Visual Studio 2017 | x86-64 | Windows Server 19 | _aws-lc-ci-windows-x86_ | +| GitHub Workflow | AppleClang 13.0.0 | x86-64 | macOS 11 | _macOS-x86_ and _macOS-x86-FIPS_ | +| GitHub Workflow | AppleClang 14.0.0 | aarch64 | macOS 12 | _macOS-ARM_ and _macOS-ARM-FIPS_ | +| AWS Device Farm | Android ndkVersion "21.0.6113669" | aarch64 | Android 10 | N/A | +| AWS Device Farm | Android ndkVersion "21.0.6113669" | aarch64 | Android 11 | N/A | +| AWS Device Farm | Android ndkVersion "21.0.6113669" | aarch64 | Android 12 | N/A | ### FIPS static build tests Unfortunately, it's a known issue that the FIPS build has limited support when producing a static library. The static AWS-LC FIPS build is only supported on Linux based platforms for x86_64 and aarch64. -CI Tool| Compiler |CPU|OS ------------- |-----------------------------------| -------------|------------- -CodeBuild| gcc 4.8.5 |x86-64|Centos 7 -CodeBuild| gcc 7.3.1 |x86-64|AL2 -CodeBuild| gcc 7.3.1 |aarch64|AL2 -CodeBuild| gcc 7.5.0 |x86-64|Ubuntu 18.04 -CodeBuild| gcc 7.5.0 |x86-64|Ubuntu 20.04 -CodeBuild| gcc 7.5.0 |aarch64|Ubuntu 20.04 -CodeBuild| gcc 8.4.0 |x86-64|Ubuntu 20.04 -CodeBuild| gcc 8.4.0 |aarch64|Ubuntu 20.04 -CodeBuild| gcc 11 |x86-64|AL2023 -CodeBuild| gcc 11 |aarch64|AL2023 -CodeBuild| gcc 11 |x86-64|Ubuntu 22.04 -CodeBuild| gcc 11 |aarch64|Ubuntu 22.04 -CodeBuild| gcc 12 |x86-64|Ubuntu 22.04 -CodeBuild| gcc 12 |aarch64|Ubuntu 22.04 -CodeBuild| clang 7.0.1 |x86-64|AL2 -CodeBuild| clang 7.0.1 |aarch64|AL2 -CodeBuild| clang 6.0.0 |x86-64|Ubuntu 18.04 -CodeBuild| clang 9.0.1 |x86-64|Fedora 31 -CodeBuild| clang 7.0.1 |x86-64|Ubuntu 20.04 -CodeBuild| clang 7.0.1 |aarch64|Ubuntu 20.04 -CodeBuild| clang 8.0.1 |x86-64|Ubuntu 20.04 -CodeBuild| clang 8.0.1 |aarch64|Ubuntu 20.04 -CodeBuild| clang 9.0.1 |x86-64|Ubuntu 20.04 -CodeBuild| clang 9.0.1 |aarch64|Ubuntu 20.04 -CodeBuild| clang 10.0.0 |x86-64|Ubuntu 20.04 -CodeBuild| clang 10.0.0 |aarch64|Ubuntu 20.04 -CodeBuild| clang 15.0.6 |x86-64|AL2023 -CodeBuild| clang 15.0.6 |aarch64|AL2023 -AWS Device Farm| Android ndkVersion "21.0.6113669" |aarch64|Android 10 -AWS Device Farm| Android ndkVersion "21.0.6113669" |aarch64|Android 11 -AWS Device Farm| Android ndkVersion "21.0.6113669" |aarch64|Android 12 + CI Tool | Compiler | CPU | OS | Public Logs | +-----------------|-----------------------------------|---------|-----------------|-----------------------| + CodeBuild | gcc 4.8.5 | x86-64 | Centos 7 | _aws-lc-ci-linux-x86_ | + CodeBuild | gcc 7.3.1 | x86-64 | AL2 | _aws-lc-ci-linux-x86_ | + CodeBuild | gcc 7.3.1 | aarch64 | AL2 | _aws-lc-ci-linux-arm_ | + CodeBuild | gcc 7.5.0 | x86-64 | Ubuntu 18.04 | _aws-lc-ci-linux-x86_ | + CodeBuild | gcc 7.5.0 | x86-64 | Ubuntu 20.04 | _aws-lc-ci-linux-x86_ | + CodeBuild | gcc 7.5.0 | aarch64 | Ubuntu 20.04 | _aws-lc-ci-linux-arm_ | + CodeBuild | gcc 8.4.0 | x86-64 | Ubuntu 20.04 | _aws-lc-ci-linux-x86_ | + CodeBuild | gcc 8.4.0 | aarch64 | Ubuntu 20.04 | _aws-lc-ci-linux-arm_ | + CodeBuild | gcc 11 | x86-64 | AL2023 | _aws-lc-ci-linux-x86_ | + CodeBuild | gcc 11 | aarch64 | AL2023 | _aws-lc-ci-linux-arm_ | + CodeBuild | gcc 11 | x86-64 | Ubuntu 22.04 | _aws-lc-ci-linux-x86_ | + CodeBuild | gcc 11 | aarch64 | Ubuntu 22.04 | _aws-lc-ci-linux-arm_ | + CodeBuild | gcc 12 | x86-64 | Ubuntu 22.04 | _aws-lc-ci-linux-x86_ | + CodeBuild | gcc 12 | aarch64 | Ubuntu 22.04 | _aws-lc-ci-linux-arm_ | + CodeBuild | clang 7.0.1 | x86-64 | AL2 | _aws-lc-ci-linux-x86_ | + CodeBuild | clang 7.0.1 | aarch64 | AL2 | _aws-lc-ci-linux-arm_ | + CodeBuild | clang 6.0.0 | x86-64 | Ubuntu 18.04 | _aws-lc-ci-linux-x86_ | + CodeBuild | clang 9.0.1 | x86-64 | Fedora 31 | _aws-lc-ci-linux-x86_ | + CodeBuild | clang 7.0.1 | x86-64 | Ubuntu 20.04 | _aws-lc-ci-linux-x86_ | + CodeBuild | clang 7.0.1 | aarch64 | Ubuntu 20.04 | _aws-lc-ci-linux-arm_ | + CodeBuild | clang 8.0.1 | x86-64 | Ubuntu 20.04 | _aws-lc-ci-linux-x86_ | + CodeBuild | clang 8.0.1 | aarch64 | Ubuntu 20.04 | _aws-lc-ci-linux-arm_ | + CodeBuild | clang 9.0.1 | x86-64 | Ubuntu 20.04 | _aws-lc-ci-linux-x86_ | + CodeBuild | clang 9.0.1 | aarch64 | Ubuntu 20.04 | _aws-lc-ci-linux-arm_ | + CodeBuild | clang 10.0.0 | x86-64 | Ubuntu 20.04 | _aws-lc-ci-linux-x86_ | + CodeBuild | clang 10.0.0 | aarch64 | Ubuntu 20.04 | _aws-lc-ci-linux-arm_ | + CodeBuild | clang 15.0.6 | x86-64 | AL2023 | _aws-lc-ci-linux-x86_ | + CodeBuild | clang 15.0.6 | aarch64 | AL2023 | _aws-lc-ci-linux-arm_ | + AWS Device Farm | Android ndkVersion "21.0.6113669" | aarch64 | Android 10 | N/A | + AWS Device Farm | Android ndkVersion "21.0.6113669" | aarch64 | Android 11 | N/A | + AWS Device Farm | Android ndkVersion "21.0.6113669" | aarch64 | Android 12 | N/A | ### Sanitizer tests @@ -146,28 +152,29 @@ Runs all tests with: * Thread sanitizer * Undefined behavior sanitizer -CI Tool| Compiler |CPU platform|OS ------------- |--------------| -------------|------------- -CodeBuild| clang 15.0.6 |x86-64|AL2023 -CodeBuild| clang 15.0.6 |aarch64|AL2023 + CI Tool | Compiler | CPU platform | OS | Public Logs | +-----------|--------------|--------------|--------|-----------------------| + CodeBuild | clang 15.0.6 | x86-64 | AL2023 | _aws-lc-ci-linux-x86_ | + CodeBuild | clang 15.0.6 | aarch64 | AL2023 | _aws-lc-ci-linux-arm_ | ### Valgrind tests The following Valgrind tests are run for a subset of targets in `utils/all_tests.json` using the debug build of AWS-LC: -CI Tool|Compiler|CPU platform| OS | memcheck ------------- | -------------| -------------|--------|------------- -CodeBuild|gcc 11|x86-64| AL2023 | X -CodeBuild|gcc 11|aarch64| AL2023 | X + CI Tool | Compiler | CPU platform | OS | memcheck | Public Logs | +-----------|----------|--------------|--------|----------|-----------------------| + CodeBuild | gcc 11 | x86-64 | AL2023 | X | _aws-lc-ci-linux-x86_ | + CodeBuild | gcc 11 | aarch64 | AL2023 | X | _aws-lc-ci-linux-arm_ | ### Fuzz tests -All Fuzz tests under /fuzz are run in CodeBuild for an hour total. +All Fuzz tests under /fuzz are run in CodeBuild for an hour total. + -CI Tool|Compiler|CPU platform|OS|Flags -------------|-------------|-------------|-------------|------------- -CodeBuild|clang 10.0.0|x86-64|Ubuntu 20.04|ASAN=1 -CodeBuild|clang 10.0.0|aarch64|ubuntu 20.04|ASAN=1 + CI Tool | Compiler | CPU platform | OS | Flags | +-----------|--------------|--------------|--------------|--------| + CodeBuild | clang 10.0.0 | x86-64 | Ubuntu 20.04 | ASAN=1 | + CodeBuild | clang 10.0.0 | aarch64 | ubuntu 20.04 | ASAN=1 | To add a new fuzz test create a new executable follow [libFuzzer's](https://llvm.org/docs/LibFuzzer.html) documentation and existing tests. Generate a seed corpus and check it into a folder with the same name as the executable. The CI will @@ -183,7 +190,8 @@ runs in AWS EFS. Cryptofuzz is built with 3 modules: * Botan * Crypto++ -CI Tool|Compiler|CPU platform|OS|Flags -------------|-------------|-------------|-------------|------------- -CodeBuild|clang 10.0.0|x86-64|Ubuntu 20.04|ASAN=1 -CodeBuild|clang 10.0.0|aarch64|Ubuntu 20.04|ASAN=1 + CI Tool | Compiler | CPU platform | OS | Flags | +-----------|--------------|--------------|--------------|--------| + CodeBuild | clang 10.0.0 | x86-64 | Ubuntu 20.04 | ASAN=1 | + CodeBuild | clang 10.0.0 | aarch64 | Ubuntu 20.04 | ASAN=1 | +