Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor Crypto Service Proxy #10036

Merged
merged 7 commits into from
Mar 26, 2019
Merged

Refactor Crypto Service Proxy #10036

merged 7 commits into from
Mar 26, 2019

Conversation

itayzafrir
Copy link
Contributor

@itayzafrir itayzafrir commented Mar 11, 2019
edited
Loading

Description

Refactor common functionality in crypto service proxy (client side) to prevent code duplication and save some flash space.

Tested locally:
Cypress - crypto sanity + crypto access control + crypto compliance - PASSED
NXP - crypto sanity + crypto access control + crypto compliance - PASSED

Pull request type

[ ] Fix
[X] Refactor
[ ] Target update
[ ] Functionality change
[ ] Docs update
[ ] Test update
[ ] Breaking change

Reviewers

@avolinski @NirSonnenschein

Release Notes

@ciarmcom ciarmcom requested review from alekshex, NirSonnenschein and a team March 11, 2019 16:00
@ciarmcom
Copy link
Member

@itayzafrir, thank you for your changes.
@avolinski @NirSonnenschein @ARMmbed/mbed-os-maintainers please review.

@mikisch81
Copy link
Contributor

How much space did it save?
Can you post the result of the secure build before and after?

@itayzafrir
Copy link
Contributor Author

I'll post the size diff tomorrow, but this PR affects the non-secure side only. I'm planning on refactoring the secure side as well when I get a chance...

orenc17
orenc17 suggested changes Mar 11, 2019
View reviewed changes
Copy link
Contributor

@orenc17 orenc17 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, main focus is consistency
probably needed to be documented that the ipc_call returns BAD_STATE on a bad handle
But again looks great

components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c Outdated Show resolved Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c Outdated Show resolved Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c Show resolved Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c Outdated Show resolved Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c Show resolved Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c Outdated Show resolved Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c Outdated Show resolved Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c Outdated Show resolved Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c Outdated Show resolved Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c Outdated Show resolved Hide resolved
@itayzafrir
Copy link
Contributor Author

itayzafrir commented Mar 12, 2019
edited
Loading

@orenc17 thanks for the review. I've added some more commits, please take a look.

Currently running tests on NXP & Cypress: crypto-sanity, crypto-access-control, crypto-compliance
All tests passed on NXP, Cypress is still running, I'll attach a log once tests are done.

@0xc0170 can you please remove the needs work label and add the needs review?

@itayzafrir
Copy link
Contributor Author

All tests passed locally on both Cypress & NXP:

  • crypto sanity
  • crypto access control
  • crypto compliance

test_results.txt

@itayzafrir itayzafrir force-pushed the crypto-ipc-refactor branch 2 times, most recently from 2c87258 to 5bd8591 Compare March 12, 2019 12:29
Unify code style
c97b90a 
- Use designated initializers for IPC structs
- Unify variables declaration and initialization
orenc17
orenc17 approved these changes Mar 12, 2019
View reviewed changes
Copy link
Contributor

@orenc17 orenc17 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@0xc0170
Copy link
Contributor

0xc0170 commented Mar 13, 2019

5.12.1 release target?

@itayzafrir
Copy link
Contributor Author

5.12.1 release target?

This isn't anything urgent, it can wait.

0xc0170
0xc0170 requested changes Mar 18, 2019
View reviewed changes
Copy link
Contributor

@0xc0170 0xc0170 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One small change. Otherwise looks fine

components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c Outdated
{
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
//TODO: add retry mechanism to make sure resources were deallocated.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should not leave TODO in the code, create a tracking issue rather

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I removed the comment as it's not relevant anymore.

@itayzafrir
Copy link
Contributor Author

@avolinski please review

@0xc0170
Copy link
Contributor

0xc0170 commented Mar 18, 2019

While waiting for final approval, CI started

alekshex
alekshex reviewed Mar 18, 2019
View reviewed changes
components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c

status = psa_call(handle, NULL, 0, NULL, 0);
psa_close(handle);
psa_status_t status = psa_call(*handle, in_vec, in_vec_size, out_vec, out_vec_size);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if call failed, do we close anyway?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, if close == true

@mbed-ci
Copy link

mbed-ci commented Mar 18, 2019

Test run: SUCCESS

Summary: 13 of 13 test jobs passed
Build number : 1
Build artifacts

@itayzafrir
Copy link
Contributor Author

Please hold the merge until @avolinski completes his review.

@cmonr cmonr requested a review from alekshex March 18, 2019 19:49
@itayzafrir
Copy link
Contributor Author

All reviews are done, can we get this merged please

@NirSonnenschein NirSonnenschein merged commit ca62922 into ARMmbed:master Mar 26, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@0xc0170 0xc0170 0xc0170 approved these changes

@NirSonnenschein NirSonnenschein NirSonnenschein approved these changes

@orenc17 orenc17 orenc17 approved these changes

@alekshex alekshex alekshex approved these changes

Assignees
No one assigned
Labels
release-version: 5.12.1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@itayzafrir @ciarmcom @mikisch81 @0xc0170 @mbed-ci @NirSonnenschein @orenc17 @alekshex @cmonr