Skip to content

fix: enable -Wcast-qual flag for libcrypto=awslc #4735

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

fix: enable -Wcast-qual flag for libcrypto=awslc #4735

wants to merge 3 commits into from

Conversation

boquan-fang
Copy link
Contributor

@boquan-fang boquan-fang commented Aug 26, 2024
edited
Loading

Resolved issues:

resolves #4710

Description of changes:

  • Remove the condition which only add -Wcast-qual back for non AWS-lc Libcrypto.

Call-outs:

Testing:

  • Local testing without specifying S2N_LIBCRYPTO=openssl.
  • CI should test it as well with AWSLC and AWSLC-FIPS.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

fix: enable -Wcast-qual flag for libcrypto=awslc
34ecf2c 
* Remove the condition which only add -Wcast-qual back for non AWS-lc
  Libcrypto.
@github-actions github-actions bot added the s2n-core team label Aug 26, 2024
goatgoose
goatgoose reviewed Aug 27, 2024
View reviewed changes
@lrstewart lrstewart requested review from lrstewart and removed request for dougch August 27, 2024 18:14
@boquan-fang boquan-fang mentioned this pull request Aug 27, 2024
Open
@github-actions GitHub Actions
Copy link

This PR has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

boquan-fang and others added 2 commits April 8, 2025 11:59
@boquan-fang
Merge branch 'main' into fix-cast-qual
356c721
address PR comments:
0203732 
* add -Wcast-qual to the general compilation options
@boquan-fang boquan-fang requested a review from goatgoose April 8, 2025 19:16
@boquan-fang
Copy link
Contributor Author

This PR should be unblocked. The original problem is caused by AWSLC having cast-qual issue, and it is fixed now.

This was the original problem with compilation:

/codebuild/output/src2687327939/src/github.com/aws/s2n-tls/crypto/s2n_kyber_evp.c: In function 's2n_kyber_evp_decapsulate':
/codebuild/output/src2687327939/src/github.com/aws/s2n-tls/crypto/s2n_kyber_evp.c:83:30: error: cast discards 'const' qualifier from pointer target type [-Werror=cast-qual]
   83 |                              (uint8_t *) ciphertext, kem->ciphertext_length),
      |                              ^
/codebuild/output/src2687327939/src/github.com/aws/s2n-tls/utils/s2n_ensure.h:35:15: note: in definition of macro '__S2N_ENSURE'
   35 |         if (!(cond)) {             \
      |               ^~~~
/codebuild/output/src2687327939/src/github.com/aws/s2n-tls/crypto/s2n_kyber_evp.c:82:5: note: in expansion of macro 'POSIX_GUARD_OSSL'
   82 |     POSIX_GUARD_OSSL(EVP_PKEY_decapsulate(kyber_pkey_ctx, shared_secret, &shared_secret_size,
      |     ^~~~~~~~~~~~~~~~

We have removed that s2n_kyber_evp.c, and compilation with AWSLC and AWSLC-FIPS are succeeding. We should generalize our check for -Wcast-qual in CMakeList.txt.

goatgoose
goatgoose reviewed Apr 8, 2025
View reviewed changes
CMakeLists.txt
@@ -135,6 +135,7 @@ target_compile_options(${PROJECT_NAME} PRIVATE
-std=gnu99
-Wall
-Wcast-align
-Wcast-qual
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this change conflicts with #5198?

If we want to continue to support older versions of AWS-LC, I'm not sure we can add this flag. Unless there's a way to check the AWS-LC version first.

@boquan-fang boquan-fang mentioned this pull request Apr 8, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@goatgoose goatgoose goatgoose left review comments

@lrstewart lrstewart Awaiting requested review from lrstewart

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
s2n-core team status/stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

-Wcast-qual not enabled in cmake file
2 participants
@boquan-fang @goatgoose