-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add reference counter for platform context #7099
Changes from 3 commits
ca94a49
c3b31bc
127b68f
4794389
1f5cee9
666ebe3
c1b6fdc
a2531b5
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -22,9 +22,10 @@ | |
|
||
#include <string.h> | ||
#include "trng_api.h" | ||
#include "mbedtls/platform.h" | ||
|
||
extern CRYS_RND_State_t rndState; | ||
extern CRYS_RND_WorkBuff_t rndWorkBuff; | ||
extern mbedtls_platform_context ctx; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Is this still needed? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. yes. Since there isn't any |
||
static CRYS_RND_WorkBuff_t rndWorkBuff; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Should There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. As mentioned in #7099 (comment), this is only a sandbox for the initialization operation, and not used later, so I don't think it should be part of the context |
||
|
||
/* Implementation that should never be optimized out by the compiler */ | ||
static void mbedtls_zeroize( void *v, size_t n ) { | ||
|
@@ -48,7 +49,7 @@ CRYSError_t LLF_RND_GetTrngSource( | |
|
||
void trng_init(trng_t *obj) | ||
{ | ||
RNG_PLAT_SetUserRngParameters(&rndState, obj); | ||
RNG_PLAT_SetUserRngParameters(&ctx.platform_impl_ctx.rndState, obj); | ||
} | ||
|
||
void trng_free(trng_t *obj) | ||
|
@@ -66,7 +67,7 @@ int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *outputLe | |
uint32_t actualLength; | ||
|
||
ret = LLF_RND_GetTrngSource( | ||
&rndState , /*in/out*/ | ||
&ctx.platform_impl_ctx.rndState , /*in/out*/ | ||
obj, /*in/out*/ | ||
0, /*in*/ | ||
&entropySizeBits, /*in/out*/ | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,50 +20,48 @@ | |
|
||
#ifndef __PLATFORM_ALT__ | ||
#define __PLATFORM_ALT__ | ||
#include "cc_platform.h" | ||
#include "crys_rnd.h" | ||
|
||
#include "platform_mbed.h" | ||
#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) | ||
#include "crypto_platform.h" | ||
/** | ||
* \brief The platform context structure. | ||
* | ||
* \note This structure may be used to assist platform-specific | ||
* setup or teardown operations. | ||
*/ | ||
typedef struct { | ||
cc_platform_ctx platform_impl_ctx; /** A context holding all the partner's platform specific context */ | ||
/* | ||
* Add CRYS_RND_State_t rndState; when https://github.com/ARMmbed/mbedtls/issues/1200 is supported | ||
* */ | ||
crypto_platform_ctx platform_impl_ctx; /* A context holding all the platform specific context for cryptography. Should be defined in crypto_platform.h */ | ||
int reference_count; | ||
} | ||
mbedtls_platform_context; | ||
|
||
|
||
void mbedtls_platform_init( mbedtls_platform_context* ctx); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Where did this function declaration come from? Do we need it here? Where are the Doxygen comments for it? Why isn't In the header file that documents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Probably, but this should be done as a PR in the Mbed TLS repository There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
|
||
/** | ||
* \brief This function performs any partner platform initialization operations, | ||
* needed top enable CryptoCell. | ||
* \brief This function performs any platform initialization operations, | ||
* needed for setting up cryptographic modules. | ||
* | ||
* \param ctx The platform specific context. | ||
* | ||
* \return \c 0 on success. | ||
* | ||
* \note This function is intended to allow platform-specific initialization for CryptoCell, | ||
* and is called before initializing the CC library(SaSi_LibInit). Its | ||
* \note This function is intended to allow platform-specific initialization for Mbed TLS, | ||
* and is called before initializing the Mbed TLS functions. Its | ||
* implementation is platform-specific, and its implementation MUST be provided. | ||
* | ||
*/ | ||
int cc_platform_setup( cc_platform_ctx *ctx ); | ||
int crypto_platform_setup( crypto_platform_ctx *ctx ); | ||
|
||
/** | ||
* \brief This function performs any partner platform teardown operations, to disable CryptoCell. | ||
* \brief This function performs any platform teardown operations, to disable cryptographic operations. | ||
* | ||
* \param ctx The platform specific context. | ||
* | ||
* \note This function is called after terminating CC library(SaSi_LibFini) | ||
* and intended to free any resource used for CryptoCell by the platform. | ||
* \note This function is intended to free any resource used Mbed TLS by the platform. | ||
* Its implementation is platform-specific,and its implementation MUST be provided. | ||
* | ||
*/ | ||
void cc_platform_terminate( cc_platform_ctx *ctx ); | ||
|
||
void crypto_platform_terminate( crypto_platform_ctx *ctx ); | ||
#endif | ||
#endif /* __PLATFORM_ALT__ */ | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,38 +20,33 @@ | |
|
||
#include "mbedtls/platform.h" | ||
#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) | ||
#include "sns_silib.h" | ||
mbedtls_platform_context ctx = {0}; | ||
|
||
/* once https://github.com/ARMmbed/mbedtls/issues/1200 will be supported, | ||
* rndState should be part of mbedtls_platform_context | ||
* Until then, we should keep it global and extern */ | ||
|
||
CRYS_RND_State_t rndState = { { 0 } } ; | ||
CRYS_RND_WorkBuff_t rndWorkBuff = { { 0 } } ; | ||
|
||
|
||
int mbedtls_platform_setup( mbedtls_platform_context *ctx ) | ||
int mbedtls_platform_setup( mbedtls_platform_context *obsolete_ctx ) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Why is the context called obsolete? I think that's misleading. It's simply unused. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It's obsolete, because it's not used and ignored anymore. I can rename There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. If it were obsolete it would no longer be used in any context - but that's not true. We're just choosing not to use it in Mbed OS. It could be used in other OS's and platforms. I really think it's misleading still. Thanks for changing it. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Should we check There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't think so, it is just being ignored. This way, it will be backwards compatible to applications \ modules using this function, that are still sending a content as parameter. Note the example applications weren't updated yet with |
||
{ | ||
int ret = 0; | ||
if( ctx == NULL ) | ||
return ( -1 ); | ||
|
||
/* call platform specific code to setup CC driver*/ | ||
if( ( ret = cc_platform_setup( &ctx->platform_impl_ctx ) ) != 0 ) | ||
return ( ret ); | ||
ctx.reference_count++; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Does this function need to work in multi-threaded environments (multiple callers from different threads)? If so, consider using a mutex or atomic increment ( There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I did leave an open question in the Pr description, whether we should consider concurrency issues;
I'll change to atomic increase and decrease |
||
|
||
if( SaSi_LibInit( &rndState, &rndWorkBuff ) != 0 ) | ||
return ( -1 ); | ||
return ( 0 ); | ||
if( ctx.reference_count == 1 ) | ||
{ | ||
/* call platform specific code to setup crypto driver*/ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Add a space after |
||
ret = crypto_platform_setup( &ctx.platform_impl_ctx ); | ||
} | ||
return ( ret ); | ||
} | ||
|
||
void mbedtls_platform_teardown( mbedtls_platform_context *ctx ) | ||
void mbedtls_platform_teardown( mbedtls_platform_context *obsolete_ctx ) | ||
{ | ||
if( ctx == NULL ) | ||
return; | ||
|
||
SaSi_LibFini( &rndState ); | ||
cc_platform_terminate( &ctx->platform_impl_ctx ); | ||
ctx.reference_count--; | ||
|
||
if( ctx.reference_count <= 0 ) | ||
{ | ||
/* call platform specific code to terminate crypto driver*/ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Add a space after |
||
crypto_platform_terminate( &ctx.platform_impl_ctx ); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This can call terminate multiple times if a client calls teardown too often. Do we care? Maybe this should only call terminate when reference_count goes from 1 to 0, and does nothing otherwise. We might also want to use atomic decrement if we care about overlapping calls to There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is what I did in the begining. See #7099 (comment)
I don't think so, because basically it's an on\off button, us pressing the off button more than once. The likelihood for that is minor, as we do set it to 0 after termination |
||
ctx.reference_count = 0; | ||
} | ||
} | ||
|
||
#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT*/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should this go in the
crypto_platform_ctx
?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think so, it's only a sandbox for the initialization operation, and not used later
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK