From 9ab201416baaebe345884783a74f9a24bf8d991c Mon Sep 17 00:00:00 2001 From: marton bognar Date: Sun, 28 Dec 2025 18:01:46 +0100 Subject: [PATCH 1/3] Use original scripts provided in EVAL-HD --- .github/workflows/ci.yml | 5 ++-- synthesis/eval-hd.py | 56 ---------------------------------------- synthesis/eval-hd.sh | 4 +++ synthesis/top.py | 32 ----------------------- 4 files changed, 6 insertions(+), 91 deletions(-) delete mode 100755 synthesis/eval-hd.py create mode 100755 synthesis/eval-hd.sh delete mode 100755 synthesis/top.py diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 85dbf77..9a9a34d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -122,14 +122,13 @@ jobs: make -C programs vcd SIM_EXE=/ecosystem/simulation/build/sim-32-o waveform-security - - name: Run EVAL-HD + - name: Run EVAL-HD example uses: addnab/docker-run-action@v3 with: image: ecosystem:latest run: | - . /ecosystem/waveform-analysis/.venv/bin/activate cd /ecosystem/synthesis - ./eval-hd.py ../core/Core.v --cell-library ../eval-hd/freepdk-45nm/stdcells.lib + ./eval-hd.sh - name: Run one riscv-formal test uses: addnab/docker-run-action@v3 diff --git a/synthesis/eval-hd.py b/synthesis/eval-hd.py deleted file mode 100755 index 2b14d8b..0000000 --- a/synthesis/eval-hd.py +++ /dev/null @@ -1,56 +0,0 @@ -#!/usr/bin/env python3 - -from pyosys import libyosys as ys -import argparse - -def run_analysis(report_timing: bool, design_file: str, top_module: str, timing_target: int, cell_library: str) -> None: - design = ys.Design() - - # read design - ys.run_pass(f"read_verilog {design_file}", design) - - # elaborate design hierarchy - ys.run_pass(f"hierarchy -check -top {top_module}", design) - - if report_timing: - # flatten the design - ys.run_pass("flatten", design) - - # the high-level stuff - ys.run_pass("proc; opt; fsm; opt; memory; opt", design) - - # mapping to internal cell library - ys.run_pass("techmap; opt", design) - - # mapping flip-flops to cell library - ys.run_pass(f"dfflibmap -liberty {cell_library}", design) - - if report_timing: - # mapping logic to cell library with timing constraint - ys.run_pass(f"abc -liberty {cell_library} -fast -D {timing_target}", design) - else: - # mapping logic to cell library - ys.run_pass(f"abc -liberty {cell_library}", design) - - # cleanup - ys.run_pass("clean", design) - - # write synthesized design - ys.run_pass("write_verilog result.v", design) - - # get ASIC gate count and area numbers - ys.run_pass(f"stat -liberty {cell_library}", design) - -def main() -> None: - parser = argparse.ArgumentParser(description="Synthesize a design for ASIC using Yosys.") - parser.add_argument("design_file", type=str, help="Path to the Verilog design file.") - parser.add_argument("--top_module", type=str, default="Core", help="Name of the top module (default: Core).") - parser.add_argument("--cell-library", default="freepdk-45nm/stdcells.lib", help="Path to the cell library (default: FreePDK).") - parser.add_argument("--report-timing", action="store_true", help="Enable timing analysis during synthesis.") - parser.add_argument("--timing-target", type=int, default=2500, help="Target timing constraint (in picoseconds, default: 2500).") - args = parser.parse_args() - - run_analysis(args.report_timing, args.design_file, args.top_module, args.timing_target, args.cell_library) - -if __name__ == "__main__": - main() diff --git a/synthesis/eval-hd.sh b/synthesis/eval-hd.sh new file mode 100755 index 0000000..67acdcd --- /dev/null +++ b/synthesis/eval-hd.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +source ../waveform-analysis/.venv/bin/activate +../eval-hd/eval-hd.py ../core/Core.v --cell-library ../eval-hd/freepdk-45nm/stdcells.lib diff --git a/synthesis/top.py b/synthesis/top.py deleted file mode 100755 index 65f5869..0000000 --- a/synthesis/top.py +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/env python3 - -import subprocess -import re - -def run_with_timing(target: int) -> bool: - timing_failed = False - - result = subprocess.run(["./eval-hd.py", "../core/Core.v", "--report-timing", "--timing-target", str(target), "--cell-library", "../eval-hd/freepdk-45nm/stdcells.lib"], capture_output=True, text=True) - rs = re.search(r"Chip area for module \'\\Core\': (\d+.\d+)", result.stdout) - if rs: - area = float(rs.group(1)) - print(f"Area = {area:.2f} µm² = {(area / 1000000):.4f} mm²") - - trs = re.search(r"Cannot meet the target required times \((\d+.\d+)\). Continue anyway.", result.stdout) - if trs: - timing = float(trs.group(1)) - print("Timing failed") - timing_failed = True - else: - print(f"Timing met: {target} ps = {target / 1000} ns = {1 / (target / 1000000):.2f} MHz") - - return timing_failed - -successful_target = 10000 - -for step in [1000, 100, 10, 1]: - for target in range(successful_target - 9 * step, successful_target, step): - failed = run_with_timing(target) - if not failed: - successful_target = target - break From a92a4f205fe053797553a766b2db20c1ce2f7bbb Mon Sep 17 00:00:00 2001 From: marton bognar Date: Mon, 5 Jan 2026 11:02:11 +0100 Subject: [PATCH 2/3] Remove absolute paths --- install-scripts/eval-hd.sh | 2 +- install-scripts/python-modules.sh | 2 +- noninterference-testing/README.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/install-scripts/eval-hd.sh b/install-scripts/eval-hd.sh index 37465e5..900a7e3 100755 --- a/install-scripts/eval-hd.sh +++ b/install-scripts/eval-hd.sh @@ -3,5 +3,5 @@ set -ex git clone --recurse-submodules --depth 1 --shallow-submodules https://github.com/KULeuven-COSIC/eval-hd.git -. /ecosystem/waveform-analysis/.venv/bin/activate +. "$(dirname "$0")/../waveform-analysis/.venv/bin/activate" pip install pyosys diff --git a/install-scripts/python-modules.sh b/install-scripts/python-modules.sh index 36b745e..a66f1bb 100755 --- a/install-scripts/python-modules.sh +++ b/install-scripts/python-modules.sh @@ -2,7 +2,7 @@ set -ex -cd /ecosystem/waveform-analysis +cd "$(dirname "$0")/../waveform-analysis" python3 -m venv .venv source .venv/bin/activate # build module from waveform-analysis diff --git a/noninterference-testing/README.md b/noninterference-testing/README.md index 3e9801c..1067bab 100644 --- a/noninterference-testing/README.md +++ b/noninterference-testing/README.md @@ -10,7 +10,7 @@ For noninterference testing, we use the `waveform-security` binary, while for co ```shell $ make -C programs all -$ make -C programs vcd SIM_EXE=/ecosystem/simulation/build/sim +$ make -C programs vcd SIM_EXE="$(pwd)/../simulation/build/sim" $ waveform-correctness --p1 programs/vcd/pht-test1_FULLFENCE_LEAKBR_EXP1.vcd --p2 programs/vcd/pht-test1_NOFENCE_LEAKBR_EXP0.vcd --diff # correctness checking script ---------------------------------------- From 934361770130320c6404af807f26beb175618dee Mon Sep 17 00:00:00 2001 From: marton bognar Date: Mon, 5 Jan 2026 11:50:04 +0100 Subject: [PATCH 3/3] Only deploy Docker image based on the main branch --- .github/workflows/ci.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9a9a34d..9d489d9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,5 +1,9 @@ name: Full CI tests and Docker deployment -on: [pull_request] +on: + pull_request: {} + push: + branches: + - main jobs: build-docker: @@ -141,8 +145,9 @@ jobs: push-image: name: Push Docker image runs-on: ubuntu-latest - # only run when build and ci-tests both succeed - needs: [build-docker, ci-tests ] + # only run on the main branch when build and ci-tests both succeed + needs: [build-docker, ci-tests] + if: github.ref == 'refs/heads/main' steps: - name: Free Disk Space uses: jlumbroso/free-disk-space@main