diff options
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/bazel.mk | 16 | ||||
| -rw-r--r-- | tools/go_generics/rules_tests/template_test.go | 6 | ||||
| -rw-r--r-- | tools/go_stateify/main.go | 7 | ||||
| -rw-r--r-- | tools/nogo/analyzers.go | 4 | ||||
| -rw-r--r-- | tools/nogo/defs.bzl | 5 | ||||
| -rw-r--r-- | tools/show_paths.bzl | 25 | ||||
| -rw-r--r-- | tools/verity/measure_tool.go | 30 |
7 files changed, 75 insertions, 18 deletions
diff --git a/tools/bazel.mk b/tools/bazel.mk index 60b50cfb0..4f979bbeb 100644 --- a/tools/bazel.mk +++ b/tools/bazel.mk @@ -84,7 +84,7 @@ DOCKER_RUN_OPTIONS += -v "$(shell readlink -m $(GCLOUD_CONFIG)):$(GCLOUD_CONFIG) DOCKER_RUN_OPTIONS += -v "/tmp:/tmp" DOCKER_EXEC_OPTIONS := --user $(UID):$(GID) DOCKER_EXEC_OPTIONS += --interactive -ifeq (true,$(shell test -t 0 && echo true)) +ifeq (true,$(shell test -t 1 && echo true)) DOCKER_EXEC_OPTIONS += --tty endif @@ -181,21 +181,11 @@ endif # build_paths extracts the built binary from the bazel stderr output. # -# This could be alternately done by parsing the bazel build event stream, but -# this is a complex schema, and begs the question: what will build the thing -# that parses the output? Bazel? Do we need a separate bootstrapping build -# command here? Yikes, let's just stick with the ugly shell pipeline. -# # The last line is used to prevent terminal shenanigans. build_paths = \ (set -euo pipefail; \ - $(call wrapper,$(BAZEL) build $(BASE_OPTIONS) $(BAZEL_OPTIONS) $(1)) 2>&1 \ - | tee /dev/fd/2 \ - | sed -n -e '/^Target/,$$p' \ - | sed -n -e '/^ \($(subst /,\/,$(subst $(SPACE),\|,$(BUILD_ROOTS)))\)/p' \ - | sed -e 's/ /\n/g' \ - | awk '{$$1=$$1};1' \ - | strings \ + $(call wrapper,$(BAZEL) build $(BASE_OPTIONS) $(BAZEL_OPTIONS) $(1)) && \ + $(call wrapper,$(BAZEL) cquery $(BASE_OPTIONS) $(BAZEL_OPTIONS) $(1) --output=starlark --starlark:file=tools/show_paths.bzl) \ | xargs -r -n 1 -I {} readlink -f "{}" \ | xargs -r -n 1 -I {} bash -c 'set -xeuo pipefail; $(2)') diff --git a/tools/go_generics/rules_tests/template_test.go b/tools/go_generics/rules_tests/template_test.go index b2a3446ef..6f4d140da 100644 --- a/tools/go_generics/rules_tests/template_test.go +++ b/tools/go_generics/rules_tests/template_test.go @@ -20,14 +20,16 @@ import ( ) func TestMax(t *testing.T) { - var a int = max(10, 20) + var a int + a = max(10, 20) if a != 20 { t.Errorf("Bad result of max, got %v, want %v", a, 20) } } func TestIntConst(t *testing.T) { - var a int = add(10) + var a int + a = add(10) if a != 30 { t.Errorf("Bad result of add, got %v, want %v", a, 30) } diff --git a/tools/go_stateify/main.go b/tools/go_stateify/main.go index 7216388a0..3cf00b5dd 100644 --- a/tools/go_stateify/main.go +++ b/tools/go_stateify/main.go @@ -362,7 +362,12 @@ func main() { fmt.Fprintf(outputFile, " stateSourceObject.LoadWait(%d, &%s.%s)\n", fields[name], recv, name) } emitSaveValue := func(name, typName string) { - fmt.Fprintf(outputFile, " var %sValue %s = %s.save%s()\n", name, typName, recv, camelCased(name)) + // Emit typName to be more robust against code generation bugs, + // but instead of one line make two lines to silence ST1023 + // finding (i.e. avoid nogo finding: "should omit type $typName + // from declaration; it will be inferred from the right-hand side") + fmt.Fprintf(outputFile, " var %sValue %s\n", name, typName) + fmt.Fprintf(outputFile, " %sValue = %s.save%s()\n", name, recv, camelCased(name)) fmt.Fprintf(outputFile, " stateSinkObject.SaveValue(%d, %sValue)\n", fields[name], name) } emitSave := func(name string) { diff --git a/tools/nogo/analyzers.go b/tools/nogo/analyzers.go index 6705fc905..db8bbdb8a 100644 --- a/tools/nogo/analyzers.go +++ b/tools/nogo/analyzers.go @@ -117,11 +117,11 @@ func register(all []*analysis.Analyzer) { func init() { // Add all staticcheck analyzers. for _, a := range staticcheck.Analyzers { - AllAnalyzers = append(AllAnalyzers, a) + AllAnalyzers = append(AllAnalyzers, a.Analyzer) } // Add all stylecheck analyzers. for _, a := range stylecheck.Analyzers { - AllAnalyzers = append(AllAnalyzers, a) + AllAnalyzers = append(AllAnalyzers, a.Analyzer) } // Register lists. diff --git a/tools/nogo/defs.bzl b/tools/nogo/defs.bzl index 80182ff6c..dc9a8b24e 100644 --- a/tools/nogo/defs.bzl +++ b/tools/nogo/defs.bzl @@ -160,6 +160,11 @@ def _nogo_stdlib_impl(ctx): return [NogoStdlibInfo( facts = facts, raw_findings = raw_findings, + ), DefaultInfo( + # Declare the facts and findings as default outputs. This is not + # strictly required, but ensures that the target still perform analysis + # when built directly rather than just indirectly via a nogo_test. + files = depset([facts, raw_findings]), )] nogo_stdlib = go_rule( diff --git a/tools/show_paths.bzl b/tools/show_paths.bzl new file mode 100644 index 000000000..ba78d3494 --- /dev/null +++ b/tools/show_paths.bzl @@ -0,0 +1,25 @@ +"""Formatter to extract the output files from a target.""" + +def format(target): + provider_map = providers(target) + outputs = dict() + + # Try to resolve in order. + files_to_run = provider_map.get("FilesToRunProvider", None) + default_info = provider_map.get("DefaultInfo", None) + output_group_info = provider_map.get("OutputGroupInfo", None) + if files_to_run and files_to_run.executable: + outputs[files_to_run.executable.path] = True + elif default_info: + for x in default_info.files: + outputs[x.path] = True + elif output_group_info: + for entry in dir(output_group_info): + # Filter out all built-ins and anything that is not a depset. + if entry.startswith("_") or not hasattr(getattr(output_group_info, entry), "to_list"): + continue + for x in getattr(output_group_info, entry).to_list(): + outputs[x.path] = True + + # Return all found files. + return "\n".join(outputs.keys()) diff --git a/tools/verity/measure_tool.go b/tools/verity/measure_tool.go index 0d314ae70..4a0bc497a 100644 --- a/tools/verity/measure_tool.go +++ b/tools/verity/measure_tool.go @@ -21,12 +21,14 @@ import ( "io/ioutil" "log" "os" + "strings" "syscall" "gvisor.dev/gvisor/pkg/abi/linux" ) var path = flag.String("path", "", "path to the verity file system.") +var rawpath = flag.String("rawpath", "", "path to the raw file system.") const maxDigestSize = 64 @@ -40,6 +42,14 @@ func main() { if *path == "" { log.Fatalf("no path provided") } + if *rawpath == "" { + log.Fatalf("no rawpath provided") + } + // TODO(b/182315468): Optimize the Merkle tree generate process to + // allow only updating certain files/directories. + if err := clearMerkle(*rawpath); err != nil { + log.Fatalf("Failed to clear merkle files in %s: %v", *rawpath, err) + } if err := enableDir(*path); err != nil { log.Fatalf("Failed to enable file system %s: %v", *path, err) } @@ -49,6 +59,26 @@ func main() { } } +func clearMerkle(path string) error { + files, err := ioutil.ReadDir(path) + if err != nil { + return err + } + + for _, file := range files { + if file.IsDir() { + if err := clearMerkle(path + "/" + file.Name()); err != nil { + return err + } + } else if strings.HasPrefix(file.Name(), ".merkle.verity") { + if err := os.Remove(path + "/" + file.Name()); err != nil { + return err + } + } + } + return nil +} + // enableDir enables verity features on all the files and sub-directories within // path. func enableDir(path string) error { |