Skip to content

gate CRYPTO AFFINITY under WOLFHSM_CFG_CRYPTO_AFFINITY#434

Merged
AlexLanzano merged 3 commits into
wolfSSL:mainfrom
rizlik:wolfhsm-affinity-guard
Jul 8, 2026
Merged

gate CRYPTO AFFINITY under WOLFHSM_CFG_CRYPTO_AFFINITY#434
AlexLanzano merged 3 commits into
wolfSSL:mainfrom
rizlik:wolfhsm-affinity-guard

Conversation

@rizlik

@rizlik rizlik commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

To allow ports that do not support affinity to error out at compile time.

If you think a negative macro is better, I'll do it.

@rizlik rizlik requested review from AlexLanzano, bigbrett and Copilot and removed request for Copilot July 1, 2026 13:39
@rizlik rizlik self-assigned this Jul 1, 2026
bigbrett
bigbrett previously approved these changes Jul 2, 2026
Comment thread wolfhsm/wh_client.h Outdated
@bigbrett bigbrett removed their assignment Jul 2, 2026
@bigbrett

bigbrett commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

@AlexLanzano over to you

AlexLanzano
AlexLanzano previously approved these changes Jul 3, 2026
@AlexLanzano AlexLanzano removed their assignment Jul 3, 2026
Copilot AI review requested due to automatic review settings July 8, 2026 12:21
@rizlik rizlik dismissed stale reviews from AlexLanzano and bigbrett via 4ce1bbb July 8, 2026 12:21
@rizlik rizlik assigned AlexLanzano and unassigned rizlik Jul 8, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR introduces a compile-time feature flag (WOLFHSM_CFG_CRYPTO_AFFINITY) to explicitly enable/disable per-client crypto affinity, so ports without affinity support can keep the behavior (and API surface) out of the build and avoid accidental usage.

Changes:

  • Add WOLFHSM_CFG_CRYPTO_AFFINITY documentation and a config incompatibility check vs WOLFHSM_CFG_NO_CRYPTO.
  • Gate server devId selection logic and the client affinity setter/getter behind WOLFHSM_CFG_CRYPTO_AFFINITY.
  • Update tests, docs, and CI/build matrix to exercise both affinity-enabled and affinity-disabled builds.

Reviewed changes

Copilot reviewed 11 out of 11 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
wolfhsm/wh_settings.h Documents the new feature flag and adds a compile-time incompatibility check.
wolfhsm/wh_client.h Updates API docs to indicate affinity APIs require the new macro.
src/wh_client.c Wraps wh_Client_SetCryptoAffinity / wh_Client_GetCryptoAffinity implementations with the new macro.
src/wh_server_crypto.c Uses per-request affinity only when enabled; otherwise always uses the server’s configured devId.
test/wh_test.c Runs crypto affinity tests only when both callbacks and affinity feature are enabled.
test/wh_test_crypto_affinity.c Compiles the affinity unit test only when the affinity feature is enabled.
test/Makefile Adds CRYPTO_AFFINITY=1 knob to define WOLFHSM_CFG_CRYPTO_AFFINITY.
test/wh_test_posix_threadsafe_stress.c Simplifies counter-phase validation bookkeeping.
docs/src/5-Features.md Documents that crypto affinity is compile-time gated and API is unavailable when disabled.
docs/draft/crypto_affinity.md Adds an explicit “compile-time guard” note describing behavior when disabled.
.github/workflows/build-and-test.yml Adds CI jobs to build/test with crypto affinity enabled (including with DMA).

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread wolfhsm/wh_client.h
Comment thread test/wh_test_crypto_affinity.c
@AlexLanzano AlexLanzano merged commit 7f4d6ed into wolfSSL:main Jul 8, 2026
108 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants