Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Add reference counter for platform context #7099
Should work with system modules using Mbed TLS, such as BLE, that wouldn't terminate the cryptographic driver for the application, in the middle of operation.
Question: Should we protect the reference counter with a mutex?
Pull request type
referenced this pull request
Jun 4, 2018
Thanks for this submission that intend to solves #7069. Unfortunately reference
counting is not the right tool to solve the issue; not at the mbed tls level.
Reference counting implies that a single instance/context is shared across multiple
parts of the program. In our case, it is expected that application code using mbed
tls submit a different/specific context every time
With the code as it is proposed, a context will never be initialized if their is at least
another context initialized. This can have dramatic consequences if
actually contains valuable informations like CRYS_RND_State_t: The code may setup one
instance and teardown one that hasn't been initialized.
I strongly believe that keeping track of initialization is an implementation detail
and this as no place in the platform code at mbed tls level.
@pan- The idea in the mbedtls layer, is the platform itslef is shared across all the modules.
Specifically for NRF53840, there shouldn't be a problem, as the driver is initialized once, and terminated once. The
I agree there might be a need for additional tweaking, such as protecting the
Thanks for the clarification.
In that case wouldn't it make sense to remove
That's not really how we intended the platform context to be used. It's not well documented, mainly because no one has provided an implementation until now, but the context is supposed to be a one-per-platform singleton.
The intention was you should initialise once.
The implication of what you're suggesting is that the API we're providing isn't adequate, and you actually need a
I agree that if the context passed into
Given that in the current design the platform context singleton lives outside mbed tls platform layer; library and system code API using mbed tls must be updated to accept the platform context singleton instantiated by the application. In some cases - like BLE - that would force us to expose implementation details that are target specific in our abstract interfaces.
I wonder if it wouldn't be easier to encapsulate the platform context singleton into mbed tls platform layer and completely hide its existence and management from the API exposed to applications. In other words remove the context parameter in setup and teardown.
What do you think ?
PS: If the context is a singleton it may be better to add a reference counter field in the platform context structure rather than having another singleton in the global scope.
@pan- I have updated the context to be a global one, holding the reference counter within. You can now call the
Minor comments only. My only real concern is your use of the word 'blocker' which I think is misleading.
Build number : 2986
Build number : 2988
Build number : 2596