Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

br: make br support FIPS (#48421) | tidb-test=pr/2255 #48786

Merged
merged 1 commit into from
Dec 15, 2023
Merged

br: make br support FIPS (#48421) | tidb-test=pr/2255 #48786

merged 1 commit into from
Dec 15, 2023

Conversation

ti-chi-bot
Copy link
Member

This is an automated cherry-pick of #48421

What problem does this PR solve?

Issue Number: close #48419

Problem Summary:

What is changed and how it works?

imitate the #47949

Check List

Tests

  • Unit test
  • Integration test
  • Manual test (add detailed scripts or steps below)
make build_br_fips
go tool nm bin/br |grep boring
 1f55d60 t local.crypto/internal/boring._Cfunc_EVP_AEAD_CTX_open_wrapper.abi0
 1f55f40 t local.crypto/internal/boring._Cfunc_EVP_AEAD_CTX_seal_wrapper.abi0
 1f56120 t local.crypto/internal/boring._Cfunc__goboringcrypto_AES_cbc_encrypt.abi0
 1f56280 t local.crypto/internal/boring._Cfunc__goboringcrypto_AES_ctr128_encrypt.abi0
 1f563e0 t local.crypto/internal/boring._Cfunc__goboringcrypto_AES_decrypt.abi0
 1f564a0 t local.crypto/internal/boring._Cfunc__goboringcrypto_AES_encrypt.abi0
 1f56560 t local.crypto/internal/boring._Cfunc__goboringcrypto_AES_set_decrypt_key.abi0
 1f56640 t local.crypto/internal/boring._Cfunc__goboringcrypto_AES_set_encrypt_key.abi0
 1f56720 t local.crypto/internal/boring._Cfunc__goboringcrypto_BN_bin2bn.abi0
 1f56800 t local.crypto/internal/boring._Cfunc__goboringcrypto_BN_bn2bin_padded.abi0
 1f568e0 t local.crypto/internal/boring._Cfunc__goboringcrypto_BN_bn2le_padded.abi0
 1f68580 t local.crypto/internal/boring._Cfunc__goboringcrypto_BN_free
 1f569c0 t local.crypto/internal/boring._Cfunc__goboringcrypto_BN_free.abi0
 1f56a40 t local.crypto/internal/boring._Cfunc__goboringcrypto_BN_le2bn.abi0
 1f56b20 t local.crypto/internal/boring._Cfunc__goboringcrypto_BN_new.abi0
 1f56b80 t local.crypto/internal/boring._Cfunc__goboringcrypto_BN_num_bytes.abi0
 1f56c00 t local.crypto/internal/boring._Cfunc__goboringcrypto_BORINGSSL_bcm_power_on_self_test.abi0
 1f56c60 t local.crypto/internal/boring._Cfunc__goboringcrypto_ECDSA_sign.abi0
 1f56dc0 t local.crypto/internal/boring._Cfunc__goboringcrypto_ECDSA_size.abi0
 1f56e40 t local.crypto/internal/boring._Cfunc__goboringcrypto_ECDSA_verify.abi0

./bin/br -V
Release Version: v7.6.0-alpha-203-gb3fbb4951d-dirty-fips
Git Commit Hash: b3fbb4951dd16b9e22987ef57845c83dc33da99a
Git Branch: br_fips
Go Version: go1.21.0 X:boringcrypto
 ...

./bin/tidb-lightning -V           
Release Version: v7.6.0-alpha-203-gb3fbb4951d-dirty-fips
Git Commit Hash: b3fbb4951dd16b9e22987ef57845c83dc33da99a
Git Branch: br_fips
Go Version: go1.21.0 X:boringcrypto
...

./bin/tidb-lightning-ctl -V 
Release Version: v7.6.0-alpha-203-gb3fbb4951d-dirty-fips
Git Commit Hash: b3fbb4951dd16b9e22987ef57845c83dc33da99a
Git Branch: br_fips
Go Version: go1.21.0 X:boringcrypto
...

./bin/tidb-server -V       
Release Version: v7.6.0-alpha-203-gb3fbb4951d-dirty-fips
Edition: Community
Git Commit Hash: b3fbb4951dd16b9e22987ef57845c83dc33da99a
Git Branch: br_fips
UTC Build Time: 2023-11-16 05:34:40
GoVersion: go1.21.0 X:boringcrypto
...
  • No need to test
    • I checked and no code files have been changed.

Side effects

  • Performance regression: Consumes more CPU
  • Performance regression: Consumes more Memory
  • Breaking backward compatibility

Documentation

  • Affects user behaviors
  • Contains syntax changes
  • Contains variable changes
  • Contains experimental features
  • Changes MySQL compatibility

Release note

Please refer to Release Notes Language Style Guide to write a quality release note.

None

@ti-chi-bot ti-chi-bot added release-note-none Denotes a PR that doesn't merit a release note. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. type/cherry-pick-for-release-6.5 This PR is cherry-picked to release-6.5 from a source PR. labels Nov 22, 2023
@ti-chi-bot ti-chi-bot mentioned this pull request Nov 22, 2023
Merged
13 tasks
@codecov Codecov
Copy link

codecov bot commented Nov 22, 2023
edited
Loading

Codecov Report

❗ No coverage uploaded for pull request base (feature/release-6.5-fips@bfbcedf). Click here to learn what that means.
The diff coverage is n/a.

Additional details and impacted files 
@@                      Coverage Diff                      @@
##             feature/release-6.5-fips     #48786   +/-   ##
=============================================================
  Coverage                            ?   73.6249%           
=============================================================
  Files                               ?       1087           
  Lines                               ?     349436           
  Branches                            ?          0           
=============================================================
  Hits                                ?     257272           
  Misses                              ?      75643           
  Partials                            ?      16521

@overvenus
Copy link
Member

/hold

@ti-chi-bot ti-chi-bot bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Nov 30, 2023
@overvenus overvenus changed the base branch from release-6.5 to feature/release-6.5-fips December 14, 2023 10:29
@ti-chi-bot ti-chi-bot bot added needs-1-more-lgtm Indicates a PR needs 1 more LGTM. approved labels Dec 14, 2023
@overvenus
Copy link
Member

/unhold

@ti-chi-bot ti-chi-bot bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Dec 14, 2023
@overvenus
Copy link
Member

/retest

@Leavrth Leavrth force-pushed the cherry-pick-48421-to-release-6.5 branch from ba119d5 to 8b67fbf Compare December 14, 2023 11:26
@ti-chi-bot ti-chi-bot bot added the lgtm label Dec 14, 2023
@ti-chi-bot ti-chi-bot
Copy link

ti-chi-bot bot commented Dec 14, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: BornChanger, Leavrth

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ti-chi-bot ti-chi-bot bot removed the needs-1-more-lgtm Indicates a PR needs 1 more LGTM. label Dec 14, 2023
@ti-chi-bot ti-chi-bot
Copy link

ti-chi-bot bot commented Dec 14, 2023

[LGTM Timeline notifier]

Timeline:

  • 2023-12-14 10:32:52.568612632 +0000 UTC m=+525063.605839559: ☑️ agreed by Leavrth.
  • 2023-12-14 15:36:02.553110791 +0000 UTC m=+543253.590337718: ☑️ agreed by BornChanger.

@Leavrth
Copy link
Contributor

Leavrth commented Dec 15, 2023

/retest

@Leavrth Leavrth changed the title br: make br support FIPS (#48421) br: make br support FIPS (#48421) | tidb-test=pr/2255 Dec 15, 2023
@Leavrth
Copy link
Contributor

Leavrth commented Dec 15, 2023

/retest

@ti-chi-bot ti-chi-bot bot merged commit f67cdab into pingcap:feature/release-6.5-fips Dec 15, 2023
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BornChanger BornChanger BornChanger approved these changes

@Leavrth Leavrth Leavrth approved these changes

Assignees

@Leavrth Leavrth

Labels
approved lgtm release-note-none Denotes a PR that doesn't merit a release note. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. type/cherry-pick-for-release-6.5 This PR is cherry-picked to release-6.5 from a source PR.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ti-chi-bot @overvenus @Leavrth @BornChanger