-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature unavailable errors #2054
Feature unavailable errors #2054
Conversation
include/mbedtls/error.h
Outdated
* GCM 2 0x0012-0x0014 | ||
* BLOWFISH 2 0x0016-0x0018 | ||
* THREADING 3 0x001C-0x001E | ||
* AES 3 0x0020-0x0022 0x0021-0x0021 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks a bit funny. Isn't 0x0021
within the range of 0x0020-0x0022
Why does it need a separate entry?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The left is the even error codes, the right are the odd error codes
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Weird. THREADING
doesn't do that. BLOWFISH
doesn't do that.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nevermind. BLOWFISH
doesn't do this because we deleted 0x0017
. THREADING
also doesn't have odd error codes.
include/mbedtls/error.h
Outdated
* BLOWFISH 2 0x0016-0x0018 | ||
* THREADING 3 0x001C-0x001E | ||
* AES 3 0x0020-0x0022 0x0021-0x0021 | ||
* CAMELLIA 2 0x0024-0x002 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
0x002
looks wrong.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes, it's a typo
* \return #MBEDTLS_ERR_GCM_HW_ACCEL_FAILED or a cipher-specific | ||
* error code if the encryption or decryption failed. | ||
* \return #MBEDTLS_ERR_GCM_BAD_INPUT if the lengths are not valid or | ||
* a cipher-specific error code if the encryption |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A platform error code is not a cipher-specific error code. What makes sense to say here? Should we list MBEDTLS_ERR_PLATFORM_HW_FAILED
explicitly or say "a cipher- or platform-specific error code"? Same goes for other similar comments for other functions and files.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Correct, but the MBEDTLS_ERR_PLATFORM_HW_FAILED
is a generic error that is returned by the platform. The cipher specific code is because gcm
is part of the cipher module.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Where in this function's documentation do we indicate that you might receive a platform error code? Or is that universally implied or expressly written elsewhere?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It should be universally implied. It will be updated in the relevant KB article, about implementing alternative modules
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK
@Patater I addressed your comments |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
CI failed in timing test, which is a known issue |
@Patater Thank you for your review. |
@Patater @itayzafrir Thank you for reviewing. I would like to hear your comments about the additional comments in the description. |
I could see that making sense, but it's also OK as-is, IMO. |
include/mbedtls/platform.h
Outdated
@@ -43,6 +43,9 @@ | |||
#include "platform_time.h" | |||
#endif | |||
|
|||
#define MBEDTLS_ERR_PLATFORM_HW_FAILED -0x0080 /**< Hardware failed platform operation. */ | |||
#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0082 /**< The requested feature is not supported by the platform */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The value probably needs to be changed.
I get the following:
programs/util/strerror 0x82
Last error was: -0x0082 - UNKNOWN ERROR CODE (0080) : BIGNUM - An error occurred while reading from or writing to a file
I'll change to 0x78, assuming the parsing will work
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The problem is that our low level error codes are defined as:
(0x0002-0x007E, 0x0003-0x007F)
a7307a2
to
e9afdd2
Compare
@Patater @itayzafrir I have updated the error code value. |
Looks good to me. Note there's a typo in commit message for e9afdd2, rage -> range. |
As discussed offline, I have returned the removed error codes, for API compatibility sake, and made them deprecated |
include/mbedtls/aes.h
Outdated
#define MBEDTLS_DEPRECATED | ||
#endif | ||
|
||
#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE static inline int MBEDTLS_DEPRECATED( void ){ return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ); } |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- What's the name of this inline function?
- Why do we need an inline function? Add a comment.
- I think I'd rather update our test scripts to work with constant deprecation than to use inline functions to work around the scripts' limitations.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What's the name of this inline function?
Copy paste error. I'll add names to the functions
Why do we need an inline function? Add a comment.
I couldn't find another way to deprecate MACROs. If I add a warning, we get compilation warnings, and thus compilation errors when warnings are treated as errors. see https://stackoverflow.com/questions/2681259/how-to-deprecate-a-macro-in-gcc
I think I'd rather update our test scripts to work with constant deprecation than to use inline functions to work around the scripts' limitations.
Me too, but how do you suggest we make the constant deprecations?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note that all.sh
checks explicitely for MBEDTLS_DEPRECATED_WARNINGS
and treat warnings as errors:
msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s
cleanup
cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl full
scripts/config.pl set MBEDTLS_DEPRECATED_WARNING
# Build with -O -Wextra to catch a maximum of issues.
make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' lib programs
make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests
msg "build: make, full config + DEPRECATED_REMOVED, clang -O" # ~ 30s
# No cleanup, just tweak the configuration and rebuild
make clean
scripts/config.pl unset MBEDTLS_DEPRECATED_WARNING
scripts/config.pl set MBEDTLS_DEPRECATED_REMOVED
# Build with -O -Wextra to catch a maximum of issues.
make CC=clang CFLAGS='-O -Werror -Wall -Wextra' lib programs
make CC=clang CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Patater How about we go with our original plan and define the MACROS as the platform errors, but not using the MBEDTLS_DEPRECATED_WARNING
?
dc011c0
to
fd9a4b2
Compare
As discussed offline, I dropped the deprecation of the constant, and kept the commit for the build error |
bc4dd9f
to
ac0fb67
Compare
CI failure is timing-suite on FreeBSD, a known issue. |
Add a common error for the feature unavailable, in the platform module.
ac0fb67
to
e9ed646
Compare
Rebased to add back in and deprecate the deprecated errors. Updated ChangeLog wording slightly. Old branch at https://github.com/Patater/mbedtls/tree/dev/RonEld/feature_unavailable_errors |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED
was removed in the previous version, it should probably get a deprecated warning now.
Deprecate the module-specific XXX_HW_ACCEL_FAILED and XXX_FEATURE_UNAVAILABLE errors, as alternative implementations should now return `MBEDTLS_ERR_PLATFORM_HW_FAILED` and `MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED`.
Add the ChangeLog entry describing the change.
e9ed646
to
6aa9fb4
Compare
Fixed in original commit |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we need to change the ChangeLog (which I can do if you agree), and we should schedule work to deprecate the constants differently at a later date (including moving the comments to doxygen).
@@ -2,6 +2,10 @@ mbed TLS ChangeLog (Sorted per branch, date) | |||
|
|||
= mbed TLS x.x.x branch released xxxx-xx-xx | |||
|
|||
API Changes | |||
* Add a common error code for a feature that is not supported by the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we can be specific and say MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED
has been added,
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, specific is better.
@@ -24,6 +28,12 @@ Features | |||
hash and signature sizes that comply with FIPS 186-4, including SHA-512 | |||
with a 1024-bit key. | |||
|
|||
New deprecations | |||
* All the current module specific errors that mean a feature is not available | |||
are deprecated, so the platform error should be used. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we can specify what we mean here. eg.
All the current module specific errors that mean a feature is not available, such as
MBEDTLS_ERR_XXX_FEATURE_UNAVAILABLE
, are deprecated.
* All the current module specific errors that mean a feature is not available | ||
are deprecated, so the platform error should be used. | ||
* All the module specific generic hardware accelaration errors that existed | ||
are deprecated, so the platform error should be used. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same comment as above. We can show an example symbol,
@@ -60,7 +60,11 @@ | |||
|
|||
/* Error codes in range 0x0021-0x0025 */ | |||
#define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 /**< Invalid input data. */ | |||
|
|||
/* MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE is deprecated and should not be used. */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not a blocker because there's precedent, but why have the statement on the symbol being deprecated above it and not in the doxygen comment?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure what the best way for our library to document or tell the compiler that a define is deprecated, yet. Copied the approach used previously.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If there is a deprecated feature for doxygen, I think it is better. The approach use previously was on a file that is not part of the doxygen headers.
Yes, please feel free to update the ChangeLog as desired. |
retest |
Description
MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED
.Dependent on #1993 to be merged first
One of the PRs that supersedes #1716
Status
HOLD
Requires Backporting
NO
Migrations
If there is any API change, what's the incentive and logic for it.
YES
Removing existing error codes may result n backwards incompatibility. Developers May need to change their returned error codes for their alternative implementations. In addition, If a specific error code is expected, it should be changed as well.
The incentive is to have one common error code for a feature that is not supported by the underlying HW accelerator, which makes tests and applications simpler and readable.
This may result in future ABI break, since removed error codes might be reused in the future,
Additional comments
Any additional information that could be of interest
The following FEATURE UNAVAILABLE errors were kept, as they actually mean that a specific feature is currently unavailable, because of missing configuration or other reasons, but are not related to the alternative implementation:
In addition,
MBEDTLS_ERR_SSL_HW_ACCEL_FAILED
was kept as it is a specific TLS feature.Open question: should have
MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE
been removed?Todos