mirror of https://github.com/ARMmbed/mbed-os.git
[NUC472/M487] Guard from re-entry into crypto H/W
ccli8
parent
d66074fecc
commit
6cc3aa3e54
|
|
@ -143,6 +143,10 @@ static void __nvt_aes_crypt( mbedtls_aes_context *ctx,
|
|||
error("Buffer for AES alter. DMA requires to be word-aligned and located in 0x20000000-0x2FFFFFFF region.");
|
||||
}
|
||||
|
||||
/* TODO: Change busy-wait to other means to release CPU */
|
||||
/* Acquire ownership of AES H/W */
|
||||
while (! crypto_aes_acquire());
|
||||
|
||||
/* Init crypto module */
|
||||
crypto_init();
|
||||
/* Enable AES interrupt */
|
||||
|
|
@ -195,6 +199,9 @@ static void __nvt_aes_crypt( mbedtls_aes_context *ctx,
|
|||
AES_DISABLE_INT();
|
||||
/* Uninit crypto module */
|
||||
crypto_uninit();
|
||||
|
||||
/* Release ownership of AES H/W */
|
||||
crypto_aes_release();
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -24,11 +24,19 @@
|
|||
#include "nu_bitutil.h"
|
||||
#include "crypto-misc.h"
|
||||
|
||||
static int crypto_sha_avail = 1;
|
||||
/* Track if AES H/W is available */
|
||||
static uint16_t crypto_aes_avail = 1;
|
||||
/* Track if DES H/W is available */
|
||||
static uint16_t crypto_des_avail = 1;
|
||||
/* Track if SHA H/W is available */
|
||||
static uint16_t crypto_sha_avail = 1;
|
||||
|
||||
/* Crypto (AES, DES, SHA, etc.) init counter. Crypto's keeps active as it is non-zero. */
|
||||
static uint16_t crypto_init_counter = 0U;
|
||||
|
||||
static bool crypto_submodule_acquire(uint16_t *submodule_avail);
|
||||
static void crypto_submodule_release(uint16_t *submodule_avail);
|
||||
|
||||
/* As crypto init counter changes from 0 to 1:
|
||||
*
|
||||
* 1. Enable crypto clock
|
||||
|
|
@ -84,20 +92,44 @@ void crypto_zeroize(void *v, size_t n)
|
|||
}
|
||||
}
|
||||
|
||||
int crypto_sha_acquire(void)
|
||||
bool crypto_aes_acquire(void)
|
||||
{
|
||||
if (crypto_sha_avail) {
|
||||
crypto_sha_avail = 0;
|
||||
return 1;
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
return crypto_submodule_acquire(&crypto_aes_avail);
|
||||
}
|
||||
|
||||
void crypto_aes_release(void)
|
||||
{
|
||||
crypto_submodule_release(&crypto_aes_avail);
|
||||
}
|
||||
|
||||
bool crypto_des_acquire(void)
|
||||
{
|
||||
return crypto_submodule_acquire(&crypto_des_avail);
|
||||
}
|
||||
|
||||
void crypto_des_release(void)
|
||||
{
|
||||
crypto_submodule_release(&crypto_des_avail);
|
||||
}
|
||||
|
||||
bool crypto_sha_acquire(void)
|
||||
{
|
||||
return crypto_submodule_acquire(&crypto_sha_avail);
|
||||
}
|
||||
|
||||
void crypto_sha_release(void)
|
||||
{
|
||||
if (! crypto_sha_avail) {
|
||||
crypto_sha_avail = 1;
|
||||
}
|
||||
crypto_submodule_release(&crypto_sha_avail);
|
||||
}
|
||||
|
||||
static bool crypto_submodule_acquire(uint16_t *submodule_avail)
|
||||
{
|
||||
uint16_t expectedCurrentValue = 1;
|
||||
return core_util_atomic_cas_u16(submodule_avail, &expectedCurrentValue, 0);
|
||||
}
|
||||
|
||||
static void crypto_submodule_release(uint16_t *submodule_avail)
|
||||
{
|
||||
uint16_t expectedCurrentValue = 0;
|
||||
while (! core_util_atomic_cas_u16(submodule_avail, &expectedCurrentValue, 1));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,14 +17,31 @@
|
|||
#ifndef MBED_CRYPTO_MISC_H
|
||||
#define MBED_CRYPTO_MISC_H
|
||||
|
||||
#include <stdbool.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* Init/Uninit crypto module */
|
||||
void crypto_init(void);
|
||||
void crypto_uninit(void);
|
||||
|
||||
void crypto_zeroize(void *v, size_t n);
|
||||
int crypto_sha_acquire(void);
|
||||
|
||||
/* Acquire/release ownership of AES H/W */
|
||||
/* NOTE: If "acquire" succeeds, "release" must be done to pair it. */
|
||||
bool crypto_aes_acquire(void);
|
||||
void crypto_aes_release(void);
|
||||
|
||||
/* Acquire/release ownership of DES H/W */
|
||||
/* NOTE: If "acquire" succeeds, "release" must be done to pair it. */
|
||||
bool crypto_des_acquire(void);
|
||||
void crypto_des_release(void);
|
||||
|
||||
/* Acquire/release ownership of SHA H/W */
|
||||
/* NOTE: If "acquire" succeeds, "release" must be done to pair it. */
|
||||
bool crypto_sha_acquire(void);
|
||||
void crypto_sha_release(void);
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
|||
|
|
@ -327,6 +327,10 @@ static int mbedtls_des_docrypt(uint16_t keyopt, uint8_t key[3][MBEDTLS_DES_KEY_S
|
|||
error("Buffer for DES alter. DMA requires to be word-aligned and located in 0x20000000-0x2FFFFFFF region.");
|
||||
}
|
||||
|
||||
/* TODO: Change busy-wait to other means to release CPU */
|
||||
/* Acquire ownership of DES H/W */
|
||||
while (! crypto_des_acquire());
|
||||
|
||||
/* Init crypto module */
|
||||
crypto_init();
|
||||
|
||||
|
|
@ -422,6 +426,9 @@ static int mbedtls_des_docrypt(uint16_t keyopt, uint8_t key[3][MBEDTLS_DES_KEY_S
|
|||
/* Uninit crypto module */
|
||||
crypto_uninit();
|
||||
|
||||
/* Release ownership of DES H/W */
|
||||
crypto_des_release();
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -143,6 +143,10 @@ static void __nvt_aes_crypt( mbedtls_aes_context *ctx,
|
|||
error("Buffer for AES alter. DMA requires to be word-aligned and located in 0x20000000-0x2FFFFFFF region.");
|
||||
}
|
||||
|
||||
/* TODO: Change busy-wait to other means to release CPU */
|
||||
/* Acquire ownership of AES H/W */
|
||||
while (! crypto_aes_acquire());
|
||||
|
||||
/* Init crypto module */
|
||||
crypto_init();
|
||||
/* Enable AES interrupt */
|
||||
|
|
@ -195,6 +199,9 @@ static void __nvt_aes_crypt( mbedtls_aes_context *ctx,
|
|||
AES_DISABLE_INT();
|
||||
/* Uninit crypto module */
|
||||
crypto_uninit();
|
||||
|
||||
/* Release ownership of AES H/W */
|
||||
crypto_aes_release();
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -24,11 +24,19 @@
|
|||
#include "nu_bitutil.h"
|
||||
#include "crypto-misc.h"
|
||||
|
||||
static int crypto_sha_avail = 1;
|
||||
/* Track if AES H/W is available */
|
||||
static uint16_t crypto_aes_avail = 1;
|
||||
/* Track if DES H/W is available */
|
||||
static uint16_t crypto_des_avail = 1;
|
||||
/* Track if SHA H/W is available */
|
||||
static uint16_t crypto_sha_avail = 1;
|
||||
|
||||
/* Crypto (AES, DES, SHA, etc.) init counter. Crypto's keeps active as it is non-zero. */
|
||||
static uint16_t crypto_init_counter = 0U;
|
||||
|
||||
static bool crypto_submodule_acquire(uint16_t *submodule_avail);
|
||||
static void crypto_submodule_release(uint16_t *submodule_avail);
|
||||
|
||||
/* As crypto init counter changes from 0 to 1:
|
||||
*
|
||||
* 1. Enable crypto clock
|
||||
|
|
@ -84,20 +92,44 @@ void crypto_zeroize(void *v, size_t n)
|
|||
}
|
||||
}
|
||||
|
||||
int crypto_sha_acquire(void)
|
||||
bool crypto_aes_acquire(void)
|
||||
{
|
||||
if (crypto_sha_avail) {
|
||||
crypto_sha_avail = 0;
|
||||
return 1;
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
return crypto_submodule_acquire(&crypto_aes_avail);
|
||||
}
|
||||
|
||||
void crypto_aes_release(void)
|
||||
{
|
||||
crypto_submodule_release(&crypto_aes_avail);
|
||||
}
|
||||
|
||||
bool crypto_des_acquire(void)
|
||||
{
|
||||
return crypto_submodule_acquire(&crypto_des_avail);
|
||||
}
|
||||
|
||||
void crypto_des_release(void)
|
||||
{
|
||||
crypto_submodule_release(&crypto_des_avail);
|
||||
}
|
||||
|
||||
bool crypto_sha_acquire(void)
|
||||
{
|
||||
return crypto_submodule_acquire(&crypto_sha_avail);
|
||||
}
|
||||
|
||||
void crypto_sha_release(void)
|
||||
{
|
||||
if (! crypto_sha_avail) {
|
||||
crypto_sha_avail = 1;
|
||||
}
|
||||
crypto_submodule_release(&crypto_sha_avail);
|
||||
}
|
||||
|
||||
static bool crypto_submodule_acquire(uint16_t *submodule_avail)
|
||||
{
|
||||
uint16_t expectedCurrentValue = 1;
|
||||
return core_util_atomic_cas_u16(submodule_avail, &expectedCurrentValue, 0);
|
||||
}
|
||||
|
||||
static void crypto_submodule_release(uint16_t *submodule_avail)
|
||||
{
|
||||
uint16_t expectedCurrentValue = 0;
|
||||
while (! core_util_atomic_cas_u16(submodule_avail, &expectedCurrentValue, 1));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,14 +17,31 @@
|
|||
#ifndef MBED_CRYPTO_MISC_H
|
||||
#define MBED_CRYPTO_MISC_H
|
||||
|
||||
#include <stdbool.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* Init/Uninit crypto module */
|
||||
void crypto_init(void);
|
||||
void crypto_uninit(void);
|
||||
|
||||
void crypto_zeroize(void *v, size_t n);
|
||||
int crypto_sha_acquire(void);
|
||||
|
||||
/* Acquire/release ownership of AES H/W */
|
||||
/* NOTE: If "acquire" succeeds, "release" must be done to pair it. */
|
||||
bool crypto_aes_acquire(void);
|
||||
void crypto_aes_release(void);
|
||||
|
||||
/* Acquire/release ownership of DES H/W */
|
||||
/* NOTE: If "acquire" succeeds, "release" must be done to pair it. */
|
||||
bool crypto_des_acquire(void);
|
||||
void crypto_des_release(void);
|
||||
|
||||
/* Acquire/release ownership of SHA H/W */
|
||||
/* NOTE: If "acquire" succeeds, "release" must be done to pair it. */
|
||||
bool crypto_sha_acquire(void);
|
||||
void crypto_sha_release(void);
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
|||
|
|
@ -327,6 +327,10 @@ static int mbedtls_des_docrypt(uint16_t keyopt, uint8_t key[3][MBEDTLS_DES_KEY_S
|
|||
error("Buffer for DES alter. DMA requires to be word-aligned and located in 0x20000000-0x2FFFFFFF region.");
|
||||
}
|
||||
|
||||
/* TODO: Change busy-wait to other means to release CPU */
|
||||
/* Acquire ownership of DES H/W */
|
||||
while (! crypto_des_acquire());
|
||||
|
||||
/* Init crypto module */
|
||||
crypto_init();
|
||||
|
||||
|
|
@ -422,6 +426,9 @@ static int mbedtls_des_docrypt(uint16_t keyopt, uint8_t key[3][MBEDTLS_DES_KEY_S
|
|||
/* Uninit crypto module */
|
||||
crypto_uninit();
|
||||
|
||||
/* Release ownership of DES H/W */
|
||||
crypto_des_release();
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue