Merge pull request #8947 from rojer/consts
Mark ssl_tls12_preset_default_sig_algs const
diff --git a/programs/test/dlopen.c b/programs/test/dlopen.c
index ec4ee7e..bb7fba8 100644
--- a/programs/test/dlopen.c
+++ b/programs/test/dlopen.c
@@ -50,8 +50,15 @@
#if defined(MBEDTLS_SSL_TLS_C)
void *tls_so = dlopen(TLS_SO_FILENAME, RTLD_NOW);
CHECK_DLERROR("dlopen", TLS_SO_FILENAME);
+#pragma GCC diagnostic push
+ /* dlsym() returns an object pointer which is meant to be used as a
+ * function pointer. This has undefined behavior in standard C, so
+ * "gcc -std=c99 -pedantic" complains about it, but it is perfectly
+ * fine on platforms that have dlsym(). */
+#pragma GCC diagnostic ignored "-Wpedantic"
const int *(*ssl_list_ciphersuites)(void) =
dlsym(tls_so, "mbedtls_ssl_list_ciphersuites");
+#pragma GCC diagnostic pop
CHECK_DLERROR("dlsym", "mbedtls_ssl_list_ciphersuites");
const int *ciphersuites = ssl_list_ciphersuites();
for (n = 0; ciphersuites[n] != 0; n++) {/* nothing to do, we're just counting */
@@ -85,9 +92,15 @@
CHECK_DLERROR("dlopen", TFPSACRYPTO_SO_FILENAME);
crypto_so_filename = TFPSACRYPTO_SO_FILENAME;
}
-
+#pragma GCC diagnostic push
+ /* dlsym() returns an object pointer which is meant to be used as a
+ * function pointer. This has undefined behavior in standard C, so
+ * "gcc -std=c99 -pedantic" complains about it, but it is perfectly
+ * fine on platforms that have dlsym(). */
+#pragma GCC diagnostic ignored "-Wpedantic"
const int *(*md_list)(void) =
dlsym(crypto_so, "mbedtls_md_list");
+#pragma GCC diagnostic pop
CHECK_DLERROR("dlsym", "mbedtls_md_list");
const int *mds = md_list();
for (n = 0; mds[n] != 0; n++) {/* nothing to do, we're just counting */
diff --git a/tests/scripts/components-compiler.sh b/tests/scripts/components-compiler.sh
index 74543b1..52ba8bf 100644
--- a/tests/scripts/components-compiler.sh
+++ b/tests/scripts/components-compiler.sh
@@ -73,6 +73,39 @@
type "$GCC_LATEST" >/dev/null 2>/dev/null
}
+# Prepare for a non-regression for https://github.com/Mbed-TLS/mbedtls/issues/9814 :
+# test with GCC 15.
+# Eventually, $GCC_LATEST will be GCC 15 or above, and we can remove this
+# separate component.
+# For the time being, we don't make $GCC_LATEST be GCC 15 on the CI
+# platform, because that would break branches where #9814 isn't fixed yet.
+support_test_gcc15_drivers_opt () {
+ if type gcc-15 >/dev/null 2>/dev/null; then
+ GCC_15=gcc-15
+ elif [ -x /usr/local/gcc-15/bin/gcc-15 ]; then
+ GCC_15=/usr/local/gcc-15/bin/gcc-15
+ else
+ return 1
+ fi
+}
+component_test_gcc15_drivers_opt () {
+ msg "build: GCC 15: full + test drivers dispatching to builtins"
+ scripts/config.py full
+ loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_CONFIG_ADJUST_TEST_ACCELERATORS"
+ loc_cflags="${loc_cflags} -I../framework/tests/include -O2"
+ # Until https://github.com/Mbed-TLS/mbedtls/issues/9814 is fixed,
+ # disable the new problematic optimization.
+ loc_cflags="${loc_cflags} -fzero-init-padding-bits=unions"
+ # Also allow a warning that we don't yet comply to.
+ # https://github.com/Mbed-TLS/mbedtls/issues/9944
+ loc_cflags="${loc_cflags} -Wno-error=unterminated-string-initialization"
+
+ make CC=$GCC_15 CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS"
+
+ msg "test: GCC 15: full + test drivers dispatching to builtins"
+ make test
+}
+
component_test_gcc_earliest_opt () {
scripts/config.py full
test_build_opt 'full config' "$GCC_EARLIEST" -O2
diff --git a/tf-psa-crypto b/tf-psa-crypto
index 5ab6c9c..dc6c602 160000
--- a/tf-psa-crypto
+++ b/tf-psa-crypto
@@ -1 +1 @@
-Subproject commit 5ab6c9c8d6fae90fa46f51fbc7d5d1327a041388
+Subproject commit dc6c60204bbf841f0b118840813e561a399e4d73