Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix warning in Crypto when using boot seed injection #9566

Merged
merged 3 commits into from Feb 7, 2019

Conversation

@alzix
Copy link
Contributor

commented Jan 31, 2019

Description

When enabling boot seed injection (e.g. FUTURE_SEQUANA_M0_PSA) entropy read & write callbacks are injected via macros and cause implicit declaration compilation warning.

Compile [ 37.1%]: entropy.c
[Warning] <command-line>@0,38: implicit declaration of function 'mbed_default_seed_write' [-Wimplicit-function-declaration]
...
Compile [ 37.1%]: entropy.c
[Warning] <command-line>@0,38: implicit declaration of function 'mbed_default_seed_write' [-Wimplicit-function-declaration]

This PR fixes the warning by adding include to a platfrom_mbed.h

In addition this PR suggests simplified and user friendly way of wiring NVSEED read/write callbacks.
MBEDTLS_ENTROPY_NV_SEED macro is sufficient since the callbacks have fixed values for all PSA targets.

The option for advanced user to inject custom version of MBEDTLS_PLATFORM_NV_SEED_READ_MACRO and MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO is preserved.

Pull request type

[x] Fix
[X] Refactor
[ ] Target update
[ ] Functionality change
[ ] Docs update
[ ] Test update
[ ] Breaking change

Reviewers

@netanelgonen @Patater @avolinski @sbutcher-arm

@ciarmcom ciarmcom requested review from avolinski, netanelgonen, Patater, sbutcher-arm and ARMmbed/mbed-os-maintainers Jan 31, 2019

@ciarmcom

This comment has been minimized.

Copy link
Member

commented Jan 31, 2019

@ciarmcom ciarmcom requested review from ARMmbed/mbed-os-tls Jan 31, 2019

@cmonr cmonr added needs: work and removed needs: review labels Jan 31, 2019

#ifndef __PLATFORM_MBED__H__
#define __PLATFORM_MBED__H__

#include "default_random_seed.h"

This comment has been minimized.

Copy link
@sbutcher-arm

sbutcher-arm Feb 1, 2019

Contributor

Why do we need to include this header?

There should be no "default random seed". That sounds really dangerous. (And not very random).

This comment has been minimized.

Copy link
@yanesca

yanesca Feb 1, 2019

Contributor

This header contains the default read/write functions that supposed to be registered with the Mbed TLS NV_SEED feature.

@sbutcher-arm

This comment has been minimized.

Copy link
Contributor

commented Feb 1, 2019

Maintainers - I'm too busy to approve this, so I'd like to delegate this to @andresag01. When he's approved it, it's fine by me.

#ifndef __PLATFORM_MBED__H__
#define __PLATFORM_MBED__H__

#include "default_random_seed.h"

This comment has been minimized.

Copy link
@yanesca

yanesca Feb 1, 2019

Contributor

This default_random_seed.h seems to be TARGET_PSA specific. How will the compiler find it when the target is not TARGET_PSA?

This comment has been minimized.

Copy link
@alzix

alzix Feb 3, 2019

Author Contributor

fixed

@alzix alzix force-pushed the kfnta:alzix/crypto-warn branch 2 times, most recently Feb 3, 2019

@Patater

Patater approved these changes Feb 4, 2019


#if (defined(TARGET_PSA) && defined(MBEDTLS_ENTROPY_NV_SEED))

#include "default_random_seed.h"

This comment has been minimized.

Copy link
@netanelgonen

netanelgonen Feb 4, 2019

Contributor

Is this possible to be in target PSA with NV_SEED but in the non-secure side?
If yes, we will have compilation error on default_random_seed.h file would not found

This comment has been minimized.

Copy link
@alzix

alzix Feb 4, 2019

Author Contributor

There are two use cases:

  1. PSA target (with SPE and NSPE) and we are building for NSPE. e.g. FUTURE_SEQUANA_PSA for such a targets it is not expected to have MBEDTLS_ENTROPY_NV_SEED macro enabled.
  2. PSA compliant target (NSPE only). e.g. K64F. IIRC you have tested it on such a target yourself :)

@0xc0170 0xc0170 requested a review from andresag01 Feb 4, 2019

alzix added some commits Feb 3, 2019

Fix compilation warning
Fix warning in entropy.c caused by injecting seed read & write callbacks
Simplify entropy seed injection configuration
Move NVSEED callbacks configuration to a header file

@alzix alzix force-pushed the kfnta:alzix/crypto-warn branch to 4a20401 Feb 5, 2019

@alzix

This comment has been minimized.

Copy link
Contributor Author

commented Feb 6, 2019

@0xc0170 can we proceed with it?

@NirSonnenschein

This comment has been minimized.

Copy link
Contributor

commented Feb 6, 2019

@alzix martin is ooo today

@NirSonnenschein

This comment has been minimized.

Copy link
Contributor

commented Feb 7, 2019

starting CI

@alekla01

This comment has been minimized.

Copy link
Contributor

commented Feb 7, 2019

Restarted CI

@mbed-ci

This comment has been minimized.

Copy link

commented Feb 7, 2019

Test run: SUCCESS

Summary: 12 of 12 test jobs passed
Build number : 2
Build artifacts

@0xc0170

This comment has been minimized.

Copy link
Member

commented Feb 7, 2019

Labeled for 5.12 (adding new config - stated as refactor above).

One additional question - this is changing mbedtls file, is this intentional (we do not accept changes besides doing version updates) and won't be overriden by next mbedtls update?

@yanesca

This comment has been minimized.

Copy link
Contributor

commented Feb 7, 2019

The files in the features/mbedtls/platform, features/mbedtls/targets directories and the scripts in the features/mbedtls/importer directory are not (in the strict sense) part of Mbed TLS and are unaffected by the Mbed TLS update.

@NirSonnenschein NirSonnenschein merged commit e6c2a1d into ARMmbed:master Feb 7, 2019

27 checks passed

continuous-integration/jenkins/pr-head This commit looks good
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
jenkins-ci/build-ARM Success
Details
jenkins-ci/build-ARMC6 Success
Details
jenkins-ci/build-GCC_ARM Success
Details
jenkins-ci/build-IAR Success
Details
jenkins-ci/cloud-client-test Success
Details
jenkins-ci/dynamic-memory-usage RTOS ROM(+0 bytes) RAM(+0 bytes)
Details
jenkins-ci/exporter Success
Details
jenkins-ci/greentea-test Success
Details
jenkins-ci/mbed2-build-ARM Success
Details
jenkins-ci/mbed2-build-GCC_ARM Success
Details
jenkins-ci/mbed2-build-IAR Success
Details
jenkins-ci/unittests Success
Details
travis-ci/astyle Local astyle testing has passed
Details
travis-ci/docs Local docs testing has passed
Details
travis-ci/doxy-spellcheck Local doxy-spellcheck testing has passed
Details
travis-ci/events Passed, runtime is 9190 cycles (-1278 cycles)
Details
travis-ci/gitattributestest Local gitattributestest testing has passed
Details
travis-ci/include_check Local include_check testing has passed
Details
travis-ci/licence_check Local licence_check testing has passed
Details
travis-ci/littlefs Passed, code size is 8408B (+0.00%)
Details
travis-ci/psa-autogen Local psa-autogen testing has passed
Details
travis-ci/tools-py2.7 Local tools-py2.7 testing has passed
Details
travis-ci/tools-py3.5 Local tools-py3.5 testing has passed
Details
travis-ci/tools-py3.6 Local tools-py3.6 testing has passed
Details
travis-ci/tools-py3.7 Local tools-py3.7 testing has passed
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.