-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add reference counter for platform context #7099
Changes from 6 commits
ca94a49
c3b31bc
127b68f
4794389
1f5cee9
666ebe3
c1b6fdc
a2531b5
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -22,9 +22,10 @@ | |
|
||
#include <string.h> | ||
#include "trng_api.h" | ||
#include "mbedtls/platform.h" | ||
|
||
extern CRYS_RND_State_t rndState; | ||
extern CRYS_RND_WorkBuff_t rndWorkBuff; | ||
extern mbedtls_platform_context ctx; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Is this still needed? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. yes. Since there isn't any |
||
static CRYS_RND_WorkBuff_t rndWorkBuff; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Should There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. As mentioned in #7099 (comment), this is only a sandbox for the initialization operation, and not used later, so I don't think it should be part of the context |
||
|
||
/* Implementation that should never be optimized out by the compiler */ | ||
static void mbedtls_zeroize( void *v, size_t n ) { | ||
|
@@ -48,7 +49,7 @@ CRYSError_t LLF_RND_GetTrngSource( | |
|
||
void trng_init(trng_t *obj) | ||
{ | ||
RNG_PLAT_SetUserRngParameters(&rndState, obj); | ||
RNG_PLAT_SetUserRngParameters(&ctx.platform_impl_ctx.rndState, obj); | ||
} | ||
|
||
void trng_free(trng_t *obj) | ||
|
@@ -66,7 +67,7 @@ int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *outputLe | |
uint32_t actualLength; | ||
|
||
ret = LLF_RND_GetTrngSource( | ||
&rndState , /*in/out*/ | ||
&ctx.platform_impl_ctx.rndState , /*in/out*/ | ||
obj, /*in/out*/ | ||
0, /*in*/ | ||
&entropySizeBits, /*in/out*/ | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,38 +20,34 @@ | |
|
||
#include "mbedtls/platform.h" | ||
#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) | ||
#include "sns_silib.h" | ||
#include "mbed_critical.h" | ||
|
||
/* once https://github.com/ARMmbed/mbedtls/issues/1200 will be supported, | ||
* rndState should be part of mbedtls_platform_context | ||
* Until then, we should keep it global and extern */ | ||
mbedtls_platform_context ctx = { }; | ||
|
||
CRYS_RND_State_t rndState = { { 0 } } ; | ||
CRYS_RND_WorkBuff_t rndWorkBuff = { { 0 } } ; | ||
|
||
|
||
int mbedtls_platform_setup( mbedtls_platform_context *ctx ) | ||
int mbedtls_platform_setup( mbedtls_platform_context *obsolete_ctx ) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Why is the context called obsolete? I think that's misleading. It's simply unused. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It's obsolete, because it's not used and ignored anymore. I can rename There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. If it were obsolete it would no longer be used in any context - but that's not true. We're just choosing not to use it in Mbed OS. It could be used in other OS's and platforms. I really think it's misleading still. Thanks for changing it. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Should we check There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't think so, it is just being ignored. This way, it will be backwards compatible to applications \ modules using this function, that are still sending a content as parameter. Note the example applications weren't updated yet with |
||
{ | ||
int ret = 0; | ||
if( ctx == NULL ) | ||
return ( -1 ); | ||
|
||
/* call platform specific code to setup CC driver*/ | ||
if( ( ret = cc_platform_setup( &ctx->platform_impl_ctx ) ) != 0 ) | ||
return ( ret ); | ||
core_util_atomic_incr_u32( ( volatile uint32_t * )&ctx.reference_count, 1 ); | ||
|
||
if( SaSi_LibInit( &rndState, &rndWorkBuff ) != 0 ) | ||
return ( -1 ); | ||
return ( 0 ); | ||
if( ctx.reference_count == 1 ) | ||
{ | ||
/* call platform specific code to setup crypto driver */ | ||
ret = crypto_platform_setup( &ctx.platform_impl_ctx ); | ||
} | ||
return ( ret ); | ||
} | ||
|
||
void mbedtls_platform_teardown( mbedtls_platform_context *ctx ) | ||
void mbedtls_platform_teardown( mbedtls_platform_context *obsolete_ctx ) | ||
{ | ||
if( ctx == NULL ) | ||
return; | ||
|
||
SaSi_LibFini( &rndState ); | ||
cc_platform_terminate( &ctx->platform_impl_ctx ); | ||
core_util_atomic_decr_u32( ( volatile uint32_t * )&ctx.reference_count, 1 ); | ||
if( ctx.reference_count < 1 ) | ||
{ | ||
/* call platform specific code to terminate crypto driver */ | ||
crypto_platform_terminate( &ctx.platform_impl_ctx ); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This can call terminate multiple times if a client calls teardown too often. Do we care? Maybe this should only call terminate when reference_count goes from 1 to 0, and does nothing otherwise. We might also want to use atomic decrement if we care about overlapping calls to There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is what I did in the begining. See #7099 (comment)
I don't think so, because basically it's an on\off button, us pressing the off button more than once. The likelihood for that is minor, as we do set it to 0 after termination |
||
ctx.reference_count = 0; | ||
} | ||
} | ||
|
||
#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT*/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should this go in the
crypto_platform_ctx
?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think so, it's only a sandbox for the initialization operation, and not used later
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK