From 68eda7d4c51a9a3310cfcc5a2c428c424bda2f6f Mon Sep 17 00:00:00 2001 From: Amit Aryeh Levy Date: Wed, 5 Jul 2023 12:52:27 -0700 Subject: [PATCH 1/3] capsules: del virtualizers that don't virtualize --- capsules/core/src/virtualizers/mod.rs | 3 - .../core/src/virtualizers/virtual_digest.rs | 554 ------------------ .../core/src/virtualizers/virtual_hmac.rs | 392 ------------- capsules/core/src/virtualizers/virtual_sha.rs | 385 ------------ 4 files changed, 1334 deletions(-) delete mode 100644 capsules/core/src/virtualizers/virtual_digest.rs delete mode 100644 capsules/core/src/virtualizers/virtual_hmac.rs delete mode 100644 capsules/core/src/virtualizers/virtual_sha.rs diff --git a/capsules/core/src/virtualizers/mod.rs b/capsules/core/src/virtualizers/mod.rs index bd861b83cd..348ace8cd5 100644 --- a/capsules/core/src/virtualizers/mod.rs +++ b/capsules/core/src/virtualizers/mod.rs @@ -5,13 +5,10 @@ pub mod virtual_adc; pub mod virtual_aes_ccm; pub mod virtual_alarm; -pub mod virtual_digest; pub mod virtual_flash; -pub mod virtual_hmac; pub mod virtual_i2c; pub mod virtual_pwm; pub mod virtual_rng; -pub mod virtual_sha; pub mod virtual_spi; pub mod virtual_timer; pub mod virtual_uart; diff --git a/capsules/core/src/virtualizers/virtual_digest.rs b/capsules/core/src/virtualizers/virtual_digest.rs deleted file mode 100644 index c650e6a15c..0000000000 --- a/capsules/core/src/virtualizers/virtual_digest.rs +++ /dev/null @@ -1,554 +0,0 @@ -// Licensed under the Apache License, Version 2.0 or the MIT License. -// SPDX-License-Identifier: Apache-2.0 OR MIT -// Copyright Tock Contributors 2022. - -//! Virtualize the Digest interface to enable multiple users of an underlying -//! Digest hardware peripheral. - -use core::cell::Cell; - -use kernel::collections::list::{List, ListLink, ListNode}; -use kernel::hil::digest::{self, ClientHash, ClientVerify}; -use kernel::hil::digest::{ClientData, DigestData}; -use kernel::utilities::cells::{OptionalCell, TakeCell}; -use kernel::utilities::leasable_buffer::{ - LeasableBuffer, LeasableBufferDynamic, LeasableMutableBuffer, -}; -use kernel::ErrorCode; - -#[derive(Clone, Copy, PartialEq)] -pub enum Operation { - Sha256, - Sha384, - Sha512, -} - -#[derive(Clone, Copy, PartialEq)] -pub enum Mode { - None, - Hmac(Operation), - Sha(Operation), -} - -pub struct VirtualMuxDigest<'a, A: digest::Digest<'a, L>, const L: usize> { - mux: &'a MuxDigest<'a, A, L>, - next: ListLink<'a, VirtualMuxDigest<'a, A, L>>, - sha_client: OptionalCell<&'a dyn digest::Client>, - hmac_client: OptionalCell<&'a dyn digest::Client>, - key: TakeCell<'static, [u8]>, - data: OptionalCell>, - digest: TakeCell<'static, [u8; L]>, - verify: Cell, - mode: Cell, - ready: Cell, - id: u32, -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> ListNode<'a, VirtualMuxDigest<'a, A, L>> - for VirtualMuxDigest<'a, A, L> -{ - fn next(&self) -> &'a ListLink> { - &self.next - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> VirtualMuxDigest<'a, A, L> { - pub fn new( - mux_digest: &'a MuxDigest<'a, A, L>, - key: &'static mut [u8], - ) -> VirtualMuxDigest<'a, A, L> { - let id = mux_digest.next_id.get(); - mux_digest.next_id.set(id + 1); - - VirtualMuxDigest { - mux: mux_digest, - next: ListLink::empty(), - sha_client: OptionalCell::empty(), - hmac_client: OptionalCell::empty(), - key: TakeCell::new(key), - data: OptionalCell::empty(), - digest: TakeCell::empty(), - verify: Cell::new(false), - mode: Cell::new(Mode::None), - ready: Cell::new(false), - id: id, - } - } - - pub fn set_hmac_client(&'a self, client: &'a dyn digest::Client) { - let node = self.mux.users.iter().find(|node| node.id == self.id); - if node.is_none() { - self.mux.users.push_head(self); - } - self.hmac_client.set(client); - } - - pub fn set_sha_client(&'a self, client: &'a dyn digest::Client) { - let node = self.mux.users.iter().find(|node| node.id == self.id); - if node.is_none() { - self.mux.users.push_head(self); - } - self.sha_client.set(client); - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> digest::DigestData<'a, L> - for VirtualMuxDigest<'a, A, L> -{ - /// Add data to the digest IP. - /// All data passed in is fed to the Digest hardware block. - /// Returns the number of bytes written on success - fn add_data( - &self, - data: LeasableBuffer<'static, u8>, - ) -> Result<(), (ErrorCode, LeasableBuffer<'static, u8>)> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running_id.get() == self.id { - self.mux.digest.add_data(data) - } else { - // Another app is already running, queue this app as long as we - // don't already have data queued. - if self.data.is_none() { - self.data.replace(LeasableBufferDynamic::Immutable(data)); - Ok(()) - } else { - Err((ErrorCode::BUSY, data)) - } - } - } - - /// Add data to the digest IP. - /// All data passed in is fed to the Digest hardware block. - /// Returns the number of bytes written on success - fn add_mut_data( - &self, - data: LeasableMutableBuffer<'static, u8>, - ) -> Result<(), (ErrorCode, LeasableMutableBuffer<'static, u8>)> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running_id.get() == self.id { - self.mux.digest.add_mut_data(data) - } else { - // Another app is already running, queue this app as long as we - // don't already have data queued. - if self.data.is_none() { - self.data.replace(LeasableBufferDynamic::Mutable(data)); - Ok(()) - } else { - Err((ErrorCode::BUSY, data)) - } - } - } - - /// Disable the Digest hardware and clear the keys and any other sensitive - /// data - fn clear_data(&self) { - if self.mux.running_id.get() == self.id { - self.mux.running.set(false); - self.mode.set(Mode::None); - self.mux.digest.clear_data() - } - } - - fn set_data_client(&'a self, _client: &'a (dyn digest::ClientData + 'a)) { - unimplemented!() - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> digest::DigestHash<'a, L> - for VirtualMuxDigest<'a, A, L> -{ - /// Request the hardware block to generate a Digest - /// This doesn't return anything, instead the client needs to have - /// set a `hash_done` handler. - fn run( - &'a self, - digest: &'static mut [u8; L], - ) -> Result<(), (ErrorCode, &'static mut [u8; L])> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running_id.get() == self.id { - self.mux.digest.run(digest) - } else { - // Another app is already running, queue this app as long as we - // don't already have data queued. - if self.digest.is_none() { - self.digest.replace(digest); - self.ready.set(true); - Ok(()) - } else { - Err((ErrorCode::BUSY, digest)) - } - } - } - - fn set_hash_client(&'a self, _client: &'a (dyn digest::ClientHash + 'a)) { - unimplemented!() - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> digest::DigestVerify<'a, L> - for VirtualMuxDigest<'a, A, L> -{ - fn verify( - &self, - compare: &'static mut [u8; L], - ) -> Result<(), (ErrorCode, &'static mut [u8; L])> { - // Check if any mux is enabled - if self.mux.running_id.get() == self.id { - self.mux.digest.verify(compare) - } else { - // Another app is already running, queue this app as long as we - // don't already have data queued. - if self.digest.is_none() { - self.digest.replace(compare); - self.verify.set(true); - self.ready.set(true); - Ok(()) - } else { - Err((ErrorCode::BUSY, compare)) - } - } - } - - fn set_verify_client(&'a self, _client: &'a (dyn digest::ClientVerify + 'a)) { - unimplemented!() - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> digest::Digest<'a, L> - for VirtualMuxDigest<'a, A, L> -{ - /// Set the client instance which will receive `add_data_done()` and - /// `hash_done()` callbacks - fn set_client(&'a self, _client: &'a dyn digest::Client) { - unimplemented!() - } -} - -impl< - 'a, - A: digest::Digest<'a, L> - + digest::HmacSha256 - + digest::HmacSha384 - + digest::HmacSha512 - + digest::Sha256 - + digest::Sha384 - + digest::Sha512, - const L: usize, - > digest::ClientData for VirtualMuxDigest<'a, A, L> -{ - fn add_data_done(&self, result: Result<(), ErrorCode>, data: LeasableBuffer<'static, u8>) { - match self.mode.get() { - Mode::None => {} - Mode::Hmac(_) => { - self.hmac_client - .map(move |client| client.add_data_done(result, data)); - } - Mode::Sha(_) => { - self.sha_client - .map(move |client| client.add_data_done(result, data)); - } - } - self.mux.do_next_op(); - } - - fn add_mut_data_done( - &self, - result: Result<(), ErrorCode>, - data: LeasableMutableBuffer<'static, u8>, - ) { - match self.mode.get() { - Mode::None => {} - Mode::Hmac(_) => { - self.hmac_client - .map(move |client| client.add_mut_data_done(result, data)); - } - Mode::Sha(_) => { - self.sha_client - .map(move |client| client.add_mut_data_done(result, data)); - } - } - self.mux.do_next_op(); - } -} - -impl< - 'a, - A: digest::Digest<'a, L> - + digest::HmacSha256 - + digest::HmacSha384 - + digest::HmacSha512 - + digest::Sha256 - + digest::Sha384 - + digest::Sha512, - const L: usize, - > digest::ClientHash for VirtualMuxDigest<'a, A, L> -{ - fn hash_done(&self, result: Result<(), ErrorCode>, digest: &'static mut [u8; L]) { - match self.mode.get() { - Mode::None => {} - Mode::Hmac(_) => { - self.hmac_client - .map(move |client| client.hash_done(result, digest)); - } - Mode::Sha(_) => { - self.sha_client - .map(move |client| client.hash_done(result, digest)); - } - } - - // Forcefully clear the data to allow other apps to use the HMAC - self.clear_data(); - self.mux.do_next_op(); - } -} -impl< - 'a, - A: digest::Digest<'a, L> - + digest::HmacSha256 - + digest::HmacSha384 - + digest::HmacSha512 - + digest::Sha256 - + digest::Sha384 - + digest::Sha512, - const L: usize, - > digest::ClientVerify for VirtualMuxDigest<'a, A, L> -{ - fn verification_done(&self, result: Result, compare: &'static mut [u8; L]) { - match self.mode.get() { - Mode::None => {} - Mode::Hmac(_) => { - self.hmac_client - .map(move |client| client.verification_done(result, compare)); - } - Mode::Sha(_) => { - self.sha_client - .map(move |client| client.verification_done(result, compare)); - } - } - - // Forcefully clear the data to allow other apps to use the HMAC - self.clear_data(); - self.mux.do_next_op(); - } -} - -impl<'a, A: digest::Digest<'a, L> + digest::HmacSha256, const L: usize> digest::HmacSha256 - for VirtualMuxDigest<'a, A, L> -{ - fn set_mode_hmacsha256(&self, key: &[u8]) -> Result<(), ErrorCode> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running.get() == false { - self.mux.running.set(true); - self.mux.running_id.set(self.id); - self.mode.set(Mode::Hmac(Operation::Sha256)); - self.mux.digest.set_mode_hmacsha256(key) - } else { - self.mode.set(Mode::Hmac(Operation::Sha256)); - self.key.map(|buf| buf.copy_from_slice(key)); - Ok(()) - } - } -} - -impl<'a, A: digest::Digest<'a, L> + digest::HmacSha384, const L: usize> digest::HmacSha384 - for VirtualMuxDigest<'a, A, L> -{ - fn set_mode_hmacsha384(&self, key: &[u8]) -> Result<(), ErrorCode> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running.get() == false { - self.mux.running.set(true); - self.mux.running_id.set(self.id); - self.mode.set(Mode::Hmac(Operation::Sha384)); - self.mux.digest.set_mode_hmacsha384(key) - } else { - self.mode.set(Mode::Hmac(Operation::Sha384)); - self.key.map(|buf| buf.copy_from_slice(key)); - Ok(()) - } - } -} - -impl<'a, A: digest::Digest<'a, L> + digest::HmacSha512, const L: usize> digest::HmacSha512 - for VirtualMuxDigest<'a, A, L> -{ - fn set_mode_hmacsha512(&self, key: &[u8]) -> Result<(), ErrorCode> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running.get() == false { - self.mux.running.set(true); - self.mux.running_id.set(self.id); - self.mode.set(Mode::Hmac(Operation::Sha512)); - self.mux.digest.set_mode_hmacsha512(key) - } else { - self.mode.set(Mode::Hmac(Operation::Sha512)); - self.key.map(|buf| buf.copy_from_slice(key)); - Ok(()) - } - } -} - -impl<'a, A: digest::Digest<'a, L> + digest::Sha256, const L: usize> digest::Sha256 - for VirtualMuxDigest<'a, A, L> -{ - fn set_mode_sha256(&self) -> Result<(), ErrorCode> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running.get() == false { - self.mux.running.set(true); - self.mux.running_id.set(self.id); - self.mode.set(Mode::Sha(Operation::Sha256)); - self.mux.digest.set_mode_sha256() - } else { - self.mode.set(Mode::Sha(Operation::Sha256)); - Ok(()) - } - } -} - -impl<'a, A: digest::Digest<'a, L> + digest::Sha384, const L: usize> digest::Sha384 - for VirtualMuxDigest<'a, A, L> -{ - fn set_mode_sha384(&self) -> Result<(), ErrorCode> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running.get() == false { - self.mux.running.set(true); - self.mux.running_id.set(self.id); - self.mode.set(Mode::Sha(Operation::Sha384)); - self.mux.digest.set_mode_sha384() - } else { - self.mode.set(Mode::Sha(Operation::Sha384)); - Ok(()) - } - } -} - -impl<'a, A: digest::Digest<'a, L> + digest::Sha512, const L: usize> digest::Sha512 - for VirtualMuxDigest<'a, A, L> -{ - fn set_mode_sha512(&self) -> Result<(), ErrorCode> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running.get() == false { - self.mux.running.set(true); - self.mux.running_id.set(self.id); - self.mode.set(Mode::Sha(Operation::Sha512)); - self.mux.digest.set_mode_sha512() - } else { - self.mode.set(Mode::Sha(Operation::Sha512)); - Ok(()) - } - } -} - -/// Calling a 'set_mode*()' function from a `VirtualMuxDigest` will mark that -/// `VirtualMuxDigest` as the one that has been enabled and running. Until that -/// Mux calls `clear_data()` it will be the only `VirtualMuxDigest` that can -/// interact with the underlying device. -pub struct MuxDigest<'a, A: digest::Digest<'a, L>, const L: usize> { - digest: &'a A, - running: Cell, - running_id: Cell, - next_id: Cell, - users: List<'a, VirtualMuxDigest<'a, A, L>>, -} - -impl< - 'a, - A: digest::Digest<'a, L> - + digest::HmacSha256 - + digest::HmacSha384 - + digest::HmacSha512 - + digest::Sha256 - + digest::Sha384 - + digest::Sha512, - const L: usize, - > MuxDigest<'a, A, L> -{ - pub const fn new(digest: &'a A) -> MuxDigest<'a, A, L> { - MuxDigest { - digest: digest, - running: Cell::new(false), - running_id: Cell::new(0), - next_id: Cell::new(0), - users: List::new(), - } - } - - fn do_next_op(&self) { - // Search for a node that has a mode set and is set as ready. - // Ready will indicate that `run()` has been called and the operation - // can complete - let mnode = self - .users - .iter() - .find(|node| node.mode.get() != Mode::None && node.ready.get()); - mnode.map(|node| { - self.running.set(true); - self.running_id.set(node.id); - - match node.mode.get() { - Mode::None => {} - Mode::Hmac(op) => { - match op { - Operation::Sha256 => { - node.key.map(|buf| { - self.digest.set_mode_hmacsha256(buf).unwrap(); - }); - } - Operation::Sha384 => { - node.key.map(|buf| { - self.digest.set_mode_hmacsha384(buf).unwrap(); - }); - } - Operation::Sha512 => { - node.key.map(|buf| { - self.digest.set_mode_hmacsha512(buf).unwrap(); - }); - } - } - return; - } - Mode::Sha(op) => { - match op { - Operation::Sha256 => { - self.digest.set_mode_sha256().unwrap(); - } - Operation::Sha384 => { - self.digest.set_mode_sha384().unwrap(); - } - Operation::Sha512 => { - self.digest.set_mode_sha512().unwrap(); - } - } - return; - } - } - - if node.data.is_some() { - let leasable = node.data.take().unwrap(); - match leasable { - LeasableBufferDynamic::Mutable(b) => { - if let Err((err, slice)) = self.digest.add_mut_data(b) { - node.add_mut_data_done(Err(err), slice); - } - } - LeasableBufferDynamic::Immutable(b) => { - if let Err((err, slice)) = self.digest.add_data(b) { - node.add_data_done(Err(err), slice); - } - } - } - return; - } - - if node.digest.is_some() { - if node.verify.get() { - if let Err((err, compare)) = self.digest.verify(node.digest.take().unwrap()) { - node.verification_done(Err(err), compare); - } - } else { - if let Err((err, data)) = self.digest.run(node.digest.take().unwrap()) { - node.hash_done(Err(err), data); - } - } - } - }); - } -} diff --git a/capsules/core/src/virtualizers/virtual_hmac.rs b/capsules/core/src/virtualizers/virtual_hmac.rs deleted file mode 100644 index 4f9695f9dd..0000000000 --- a/capsules/core/src/virtualizers/virtual_hmac.rs +++ /dev/null @@ -1,392 +0,0 @@ -// Licensed under the Apache License, Version 2.0 or the MIT License. -// SPDX-License-Identifier: Apache-2.0 OR MIT -// Copyright Tock Contributors 2022. - -//! Virtualize the HMAC interface to enable multiple users of an underlying -//! HMAC hardware peripheral. - -use core::cell::Cell; - -use kernel::collections::list::{List, ListLink, ListNode}; -use kernel::hil::digest::{self, ClientHash, ClientVerify}; -use kernel::hil::digest::{ClientData, DigestData}; -use kernel::utilities::cells::{OptionalCell, TakeCell}; -use kernel::utilities::leasable_buffer::{ - LeasableBuffer, LeasableBufferDynamic, LeasableMutableBuffer, -}; -use kernel::ErrorCode; - -use crate::virtualizers::virtual_digest::{Mode, Operation}; - -pub struct VirtualMuxHmac<'a, A: digest::Digest<'a, L>, const L: usize> { - mux: &'a MuxHmac<'a, A, L>, - next: ListLink<'a, VirtualMuxHmac<'a, A, L>>, - client: OptionalCell<&'a dyn digest::Client>, - key: TakeCell<'static, [u8]>, - data: OptionalCell>, - digest: TakeCell<'static, [u8; L]>, - verify: Cell, - mode: Cell, - id: u32, -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> ListNode<'a, VirtualMuxHmac<'a, A, L>> - for VirtualMuxHmac<'a, A, L> -{ - fn next(&self) -> &'a ListLink> { - &self.next - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> VirtualMuxHmac<'a, A, L> { - pub fn new( - mux_hmac: &'a MuxHmac<'a, A, L>, - key: &'static mut [u8], - ) -> VirtualMuxHmac<'a, A, L> { - let id = mux_hmac.next_id.get(); - mux_hmac.next_id.set(id + 1); - - VirtualMuxHmac { - mux: mux_hmac, - next: ListLink::empty(), - client: OptionalCell::empty(), - key: TakeCell::new(key), - data: OptionalCell::empty(), - digest: TakeCell::empty(), - verify: Cell::new(false), - mode: Cell::new(Mode::None), - id: id, - } - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> digest::DigestData<'a, L> - for VirtualMuxHmac<'a, A, L> -{ - /// Add data to the hmac IP. - /// All data passed in is fed to the HMAC hardware block. - /// Returns the number of bytes written on success - fn add_data( - &self, - data: LeasableBuffer<'static, u8>, - ) -> Result<(), (ErrorCode, LeasableBuffer<'static, u8>)> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running_id.get() == self.id { - self.mux.hmac.add_data(data) - } else { - // Another app is already running, queue this app as long as we - // don't already have data queued. - if self.data.is_none() { - self.data.replace(LeasableBufferDynamic::Immutable(data)); - Ok(()) - } else { - Err((ErrorCode::BUSY, data)) - } - } - } - - /// Add data to the hmac IP. - /// All data passed in is fed to the HMAC hardware block. - /// Returns the number of bytes written on success - fn add_mut_data( - &self, - data: LeasableMutableBuffer<'static, u8>, - ) -> Result<(), (ErrorCode, LeasableMutableBuffer<'static, u8>)> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running_id.get() == self.id { - self.mux.hmac.add_mut_data(data) - } else { - // Another app is already running, queue this app as long as we - // don't already have data queued. - if self.data.is_none() { - self.data.replace(LeasableBufferDynamic::Mutable(data)); - Ok(()) - } else { - Err((ErrorCode::BUSY, data)) - } - } - } - - /// Disable the HMAC hardware and clear the keys and any other sensitive - /// data - fn clear_data(&self) { - if self.mux.running_id.get() == self.id { - self.mux.running.set(false); - self.mode.set(Mode::None); - self.mux.hmac.clear_data() - } - } - - fn set_data_client(&'a self, _client: &'a (dyn digest::ClientData + 'a)) { - unimplemented!() - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> digest::DigestHash<'a, L> - for VirtualMuxHmac<'a, A, L> -{ - /// Request the hardware block to generate a HMAC - /// This doesn't return anything, instead the client needs to have - /// set a `hash_done` handler. - fn run( - &'a self, - digest: &'static mut [u8; L], - ) -> Result<(), (ErrorCode, &'static mut [u8; L])> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running_id.get() == self.id { - self.mux.hmac.run(digest) - } else { - // Another app is already running, queue this app as long as we - // don't already have data queued. - if self.digest.is_none() { - self.digest.replace(digest); - Ok(()) - } else { - Err((ErrorCode::BUSY, digest)) - } - } - } - - fn set_hash_client(&'a self, _client: &'a (dyn digest::ClientHash + 'a)) { - unimplemented!() - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> digest::DigestVerify<'a, L> - for VirtualMuxHmac<'a, A, L> -{ - fn verify( - &self, - compare: &'static mut [u8; L], - ) -> Result<(), (ErrorCode, &'static mut [u8; L])> { - // Check if any mux is enabled - if self.mux.running_id.get() == self.id { - self.mux.hmac.verify(compare) - } else { - // Another app is already running, queue this app as long as we - // don't already have data queued. - if self.digest.is_none() { - self.digest.replace(compare); - self.verify.set(true); - Ok(()) - } else { - Err((ErrorCode::BUSY, compare)) - } - } - } - - fn set_verify_client(&'a self, _client: &'a (dyn digest::ClientVerify + 'a)) { - unimplemented!() - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> digest::Digest<'a, L> - for VirtualMuxHmac<'a, A, L> -{ - /// Set the client instance which will receive `add_data_done()` and - /// `hash_done()` callbacks - fn set_client(&'a self, client: &'a dyn digest::Client) { - let node = self.mux.users.iter().find(|node| node.id == self.id); - if node.is_none() { - self.mux.users.push_head(self); - } - self.mux.hmac.set_client(client); - } -} - -impl< - 'a, - A: digest::Digest<'a, L> + digest::HmacSha256 + digest::HmacSha384 + digest::HmacSha512, - const L: usize, - > digest::ClientData for VirtualMuxHmac<'a, A, L> -{ - fn add_data_done(&self, result: Result<(), ErrorCode>, data: LeasableBuffer<'static, u8>) { - self.client - .map(move |client| client.add_data_done(result, data)); - self.mux.do_next_op(); - } - - fn add_mut_data_done( - &self, - result: Result<(), ErrorCode>, - data: LeasableMutableBuffer<'static, u8>, - ) { - self.client - .map(move |client| client.add_mut_data_done(result, data)); - self.mux.do_next_op(); - } -} - -impl< - 'a, - A: digest::Digest<'a, L> + digest::HmacSha256 + digest::HmacSha384 + digest::HmacSha512, - const L: usize, - > digest::ClientHash for VirtualMuxHmac<'a, A, L> -{ - fn hash_done(&self, result: Result<(), ErrorCode>, digest: &'static mut [u8; L]) { - self.client - .map(move |client| client.hash_done(result, digest)); - - // Forcefully clear the data to allow other apps to use the HMAC - self.clear_data(); - self.mux.do_next_op(); - } -} - -impl< - 'a, - A: digest::Digest<'a, L> + digest::HmacSha256 + digest::HmacSha384 + digest::HmacSha512, - const L: usize, - > digest::ClientVerify for VirtualMuxHmac<'a, A, L> -{ - fn verification_done(&self, result: Result, digest: &'static mut [u8; L]) { - self.client - .map(move |client| client.verification_done(result, digest)); - - // Forcefully clear the data to allow other apps to use the HMAC - self.clear_data(); - self.mux.do_next_op(); - } -} - -impl<'a, A: digest::Digest<'a, L> + digest::HmacSha256, const L: usize> digest::HmacSha256 - for VirtualMuxHmac<'a, A, L> -{ - fn set_mode_hmacsha256(&self, key: &[u8]) -> Result<(), ErrorCode> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running.get() == false { - self.mux.running.set(true); - self.mux.running_id.set(self.id); - self.mode.set(Mode::Hmac(Operation::Sha256)); - self.mux.hmac.set_mode_hmacsha256(key) - } else { - self.mode.set(Mode::Hmac(Operation::Sha256)); - self.key.map(|buf| buf.copy_from_slice(key)); - Ok(()) - } - } -} - -impl<'a, A: digest::Digest<'a, L> + digest::HmacSha384, const L: usize> digest::HmacSha384 - for VirtualMuxHmac<'a, A, L> -{ - fn set_mode_hmacsha384(&self, key: &[u8]) -> Result<(), ErrorCode> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running.get() == false { - self.mux.running.set(true); - self.mux.running_id.set(self.id); - self.mode.set(Mode::Hmac(Operation::Sha384)); - self.mux.hmac.set_mode_hmacsha384(key) - } else { - self.mode.set(Mode::Hmac(Operation::Sha384)); - self.key.map(|buf| buf.copy_from_slice(key)); - Ok(()) - } - } -} - -impl<'a, A: digest::Digest<'a, L> + digest::HmacSha512, const L: usize> digest::HmacSha512 - for VirtualMuxHmac<'a, A, L> -{ - fn set_mode_hmacsha512(&self, key: &[u8]) -> Result<(), ErrorCode> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running.get() == false { - self.mux.running.set(true); - self.mux.running_id.set(self.id); - self.mode.set(Mode::Hmac(Operation::Sha512)); - self.mux.hmac.set_mode_hmacsha512(key) - } else { - self.mode.set(Mode::Hmac(Operation::Sha512)); - self.key.map(|buf| buf.copy_from_slice(key)); - Ok(()) - } - } -} - -pub struct MuxHmac<'a, A: digest::Digest<'a, L>, const L: usize> { - hmac: &'a A, - running: Cell, - running_id: Cell, - next_id: Cell, - users: List<'a, VirtualMuxHmac<'a, A, L>>, -} - -impl< - 'a, - A: digest::Digest<'a, L> + digest::HmacSha256 + digest::HmacSha384 + digest::HmacSha512, - const L: usize, - > MuxHmac<'a, A, L> -{ - pub const fn new(hmac: &'a A) -> MuxHmac<'a, A, L> { - MuxHmac { - hmac, - running: Cell::new(false), - running_id: Cell::new(0), - next_id: Cell::new(0), - users: List::new(), - } - } - - fn do_next_op(&self) { - let mnode = self.users.iter().find(|node| node.mode.get() != Mode::None); - mnode.map(|node| { - self.running.set(true); - self.running_id.set(node.id); - - match node.mode.get() { - Mode::None => {} - Mode::Sha(_) => {} - Mode::Hmac(op) => { - match op { - Operation::Sha256 => { - node.key.map(|buf| { - self.hmac.set_mode_hmacsha256(buf).unwrap(); - }); - } - Operation::Sha384 => { - node.key.map(|buf| { - self.hmac.set_mode_hmacsha384(buf).unwrap(); - }); - } - Operation::Sha512 => { - node.key.map(|buf| { - self.hmac.set_mode_hmacsha512(buf).unwrap(); - }); - } - } - return; - } - } - - let data = node.data.take(); - let added_data = data.map_or(false, |lease| { - match lease { - LeasableBufferDynamic::Immutable(b) => { - if let Err((err, slice)) = self.hmac.add_data(b) { - node.add_data_done(Err(err), slice); - } - } - LeasableBufferDynamic::Mutable(b) => { - if let Err((err, slice)) = self.hmac.add_mut_data(b) { - node.add_mut_data_done(Err(err), slice); - } - } - } - true - }); - - // We don't have more data, so we must be starting the operation. - if !added_data && node.digest.is_some() { - if node.verify.get() { - if let Err((err, compare)) = self.hmac.verify(node.digest.take().unwrap()) { - node.verification_done(Err(err), compare); - } - } else { - if let Err((err, data)) = self.hmac.run(node.digest.take().unwrap()) { - node.hash_done(Err(err), data); - } - } - } - }); - } -} diff --git a/capsules/core/src/virtualizers/virtual_sha.rs b/capsules/core/src/virtualizers/virtual_sha.rs deleted file mode 100644 index be534ac4cb..0000000000 --- a/capsules/core/src/virtualizers/virtual_sha.rs +++ /dev/null @@ -1,385 +0,0 @@ -// Licensed under the Apache License, Version 2.0 or the MIT License. -// SPDX-License-Identifier: Apache-2.0 OR MIT -// Copyright Tock Contributors 2022. - -//! Virtualize the SHA interface to enable multiple users of an underlying -//! SHA hardware peripheral. - -use core::cell::Cell; - -use kernel::collections::list::{List, ListLink, ListNode}; -use kernel::hil::digest::{self, ClientHash, ClientVerify}; -use kernel::hil::digest::{ClientData, DigestData}; -use kernel::utilities::cells::{OptionalCell, TakeCell}; -use kernel::utilities::leasable_buffer::{ - LeasableBuffer, LeasableBufferDynamic, LeasableMutableBuffer, -}; -use kernel::ErrorCode; - -use crate::virtualizers::virtual_digest::{Mode, Operation}; - -pub struct VirtualMuxSha<'a, A: digest::Digest<'a, L>, const L: usize> { - mux: &'a MuxSha<'a, A, L>, - next: ListLink<'a, VirtualMuxSha<'a, A, L>>, - client: OptionalCell<&'a dyn digest::Client>, - data: OptionalCell>, - data_len: Cell, - digest: TakeCell<'static, [u8; L]>, - verify: Cell, - mode: Cell, - id: u32, -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> ListNode<'a, VirtualMuxSha<'a, A, L>> - for VirtualMuxSha<'a, A, L> -{ - fn next(&self) -> &'a ListLink> { - &self.next - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> VirtualMuxSha<'a, A, L> { - pub fn new(mux_sha: &'a MuxSha<'a, A, L>) -> VirtualMuxSha<'a, A, L> { - let id = mux_sha.next_id.get(); - mux_sha.next_id.set(id + 1); - - VirtualMuxSha { - mux: mux_sha, - next: ListLink::empty(), - client: OptionalCell::empty(), - data: OptionalCell::empty(), - data_len: Cell::new(0), - digest: TakeCell::empty(), - verify: Cell::new(false), - mode: Cell::new(Mode::None), - id: id, - } - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> digest::DigestData<'a, L> - for VirtualMuxSha<'a, A, L> -{ - /// Add data to the sha IP. - /// All data passed in is fed to the SHA hardware block. - /// Returns the number of bytes written on success - fn add_data( - &self, - data: LeasableBuffer<'static, u8>, - ) -> Result<(), (ErrorCode, LeasableBuffer<'static, u8>)> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running_id.get() == self.id { - self.mux.sha.add_data(data) - } else { - // Another app is already running, queue this app as long as we - // don't already have data queued. - if self.data.is_none() { - let len = data.len(); - self.data.replace(LeasableBufferDynamic::Immutable(data)); - self.data_len.set(len); - Ok(()) - } else { - Err((ErrorCode::BUSY, data)) - } - } - } - - /// Add data to the sha IP. - /// All data passed in is fed to the SHA hardware block. - /// Returns the number of bytes written on success - fn add_mut_data( - &self, - data: LeasableMutableBuffer<'static, u8>, - ) -> Result<(), (ErrorCode, LeasableMutableBuffer<'static, u8>)> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running_id.get() == self.id { - self.mux.sha.add_mut_data(data) - } else { - // Another app is already running, queue this app as long as we - // don't already have data queued. - if self.data.is_none() { - let len = data.len(); - self.data.replace(LeasableBufferDynamic::Mutable(data)); - self.data_len.set(len); - Ok(()) - } else { - Err((ErrorCode::BUSY, data)) - } - } - } - - /// Disable the SHA hardware and clear the keys and any other sensitive - /// data - fn clear_data(&self) { - if self.mux.running_id.get() == self.id { - self.mux.running.set(false); - self.mode.set(Mode::None); - self.mux.sha.clear_data() - } - } - - fn set_data_client(&'a self, _client: &'a (dyn digest::ClientData + 'a)) { - unimplemented!() - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> digest::DigestHash<'a, L> - for VirtualMuxSha<'a, A, L> -{ - /// Request the hardware block to generate a SHA - /// This doesn't return anything, instead the client needs to have - /// set a `hash_done` handler. - fn run( - &'a self, - digest: &'static mut [u8; L], - ) -> Result<(), (ErrorCode, &'static mut [u8; L])> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running_id.get() == self.id { - self.mux.sha.run(digest) - } else { - // Another app is already running, queue this app as long as we - // don't already have data queued. - if self.digest.is_none() { - self.digest.replace(digest); - Ok(()) - } else { - Err((ErrorCode::BUSY, digest)) - } - } - } - - fn set_hash_client(&'a self, _client: &'a (dyn digest::ClientHash + 'a)) { - unimplemented!() - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> digest::DigestVerify<'a, L> - for VirtualMuxSha<'a, A, L> -{ - fn verify( - &self, - compare: &'static mut [u8; L], - ) -> Result<(), (ErrorCode, &'static mut [u8; L])> { - // Check if any mux is enabled - if self.mux.running_id.get() == self.id { - self.mux.sha.verify(compare) - } else { - // Another app is already running, queue this app as long as we - // don't already have data queued. - if self.digest.is_none() { - self.digest.replace(compare); - self.verify.set(true); - Ok(()) - } else { - Err((ErrorCode::BUSY, compare)) - } - } - } - - fn set_verify_client(&'a self, _client: &'a (dyn digest::ClientVerify + 'a)) { - unimplemented!() - } -} - -impl<'a, A: digest::Digest<'a, L>, const L: usize> digest::Digest<'a, L> - for VirtualMuxSha<'a, A, L> -{ - /// Set the client instance which will receive `add_data_done()` and - /// `hash_done()` callbacks - fn set_client(&'a self, client: &'a dyn digest::Client) { - let node = self.mux.users.iter().find(|node| node.id == self.id); - if node.is_none() { - self.mux.users.push_head(self); - } - self.mux.sha.set_client(client); - } -} - -impl< - 'a, - A: digest::Digest<'a, L> + digest::Sha256 + digest::Sha384 + digest::Sha512, - const L: usize, - > digest::ClientData for VirtualMuxSha<'a, A, L> -{ - fn add_data_done(&self, result: Result<(), ErrorCode>, data: LeasableBuffer<'static, u8>) { - self.client - .map(move |client| client.add_data_done(result, data)); - self.mux.do_next_op(); - } - - fn add_mut_data_done( - &self, - result: Result<(), ErrorCode>, - data: LeasableMutableBuffer<'static, u8>, - ) { - self.client - .map(move |client| client.add_mut_data_done(result, data)); - self.mux.do_next_op(); - } -} - -impl< - 'a, - A: digest::Digest<'a, L> + digest::Sha256 + digest::Sha384 + digest::Sha512, - const L: usize, - > digest::ClientHash for VirtualMuxSha<'a, A, L> -{ - fn hash_done(&self, result: Result<(), ErrorCode>, digest: &'static mut [u8; L]) { - self.client - .map(move |client| client.hash_done(result, digest)); - - // Forcefully clear the data to allow other apps to use the HMAC - self.clear_data(); - self.mux.do_next_op(); - } -} - -impl< - 'a, - A: digest::Digest<'a, L> + digest::Sha256 + digest::Sha384 + digest::Sha512, - const L: usize, - > digest::ClientVerify for VirtualMuxSha<'a, A, L> -{ - fn verification_done(&self, result: Result, digest: &'static mut [u8; L]) { - self.client - .map(move |client| client.verification_done(result, digest)); - - // Forcefully clear the data to allow other apps to use the HMAC - self.clear_data(); - self.mux.do_next_op(); - } -} - -impl<'a, A: digest::Digest<'a, L> + digest::Sha256, const L: usize> digest::Sha256 - for VirtualMuxSha<'a, A, L> -{ - fn set_mode_sha256(&self) -> Result<(), ErrorCode> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running.get() == false { - self.mux.running.set(true); - self.mux.running_id.set(self.id); - self.mode.set(Mode::Sha(Operation::Sha256)); - self.mux.sha.set_mode_sha256() - } else { - self.mode.set(Mode::Sha(Operation::Sha256)); - Ok(()) - } - } -} - -impl<'a, A: digest::Digest<'a, L> + digest::Sha384, const L: usize> digest::Sha384 - for VirtualMuxSha<'a, A, L> -{ - fn set_mode_sha384(&self) -> Result<(), ErrorCode> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running.get() == false { - self.mux.running.set(true); - self.mux.running_id.set(self.id); - self.mode.set(Mode::Sha(Operation::Sha384)); - self.mux.sha.set_mode_sha384() - } else { - self.mode.set(Mode::Sha(Operation::Sha384)); - Ok(()) - } - } -} - -impl<'a, A: digest::Digest<'a, L> + digest::Sha512, const L: usize> digest::Sha512 - for VirtualMuxSha<'a, A, L> -{ - fn set_mode_sha512(&self) -> Result<(), ErrorCode> { - // Check if any mux is enabled. If it isn't we enable it for us. - if self.mux.running.get() == false { - self.mux.running.set(true); - self.mux.running_id.set(self.id); - self.mode.set(Mode::Sha(Operation::Sha512)); - self.mux.sha.set_mode_sha512() - } else { - self.mode.set(Mode::Sha(Operation::Sha512)); - Ok(()) - } - } -} - -pub struct MuxSha<'a, A: digest::Digest<'a, L>, const L: usize> { - sha: &'a A, - running: Cell, - running_id: Cell, - next_id: Cell, - users: List<'a, VirtualMuxSha<'a, A, L>>, -} - -impl< - 'a, - A: digest::Digest<'a, L> + digest::Sha256 + digest::Sha384 + digest::Sha512, - const L: usize, - > MuxSha<'a, A, L> -{ - pub const fn new(sha: &'a A) -> MuxSha<'a, A, L> { - MuxSha { - sha, - running: Cell::new(false), - running_id: Cell::new(0), - next_id: Cell::new(0), - users: List::new(), - } - } - - fn do_next_op(&self) { - let mnode = self.users.iter().find(|node| node.mode.get() != Mode::None); - mnode.map(|node| { - self.running.set(true); - self.running_id.set(node.id); - - match node.mode.get() { - Mode::None => {} - Mode::Hmac(_) => {} - Mode::Sha(op) => { - match op { - Operation::Sha256 => { - self.sha.set_mode_sha256().unwrap(); - } - Operation::Sha384 => { - self.sha.set_mode_sha384().unwrap(); - } - Operation::Sha512 => { - self.sha.set_mode_sha512().unwrap(); - } - } - return; - } - } - - if node.data.is_some() { - let leasable = node.data.take().unwrap(); - match leasable { - LeasableBufferDynamic::Mutable(mut b) => { - b.slice(0..node.data_len.get()); - if let Err((err, slice)) = self.sha.add_mut_data(b) { - node.add_mut_data_done(Err(err), slice); - } - } - LeasableBufferDynamic::Immutable(mut b) => { - b.slice(0..node.data_len.get()); - if let Err((err, slice)) = self.sha.add_data(b) { - node.add_data_done(Err(err), slice); - } - } - } - return; - } - - if node.digest.is_some() { - if node.verify.get() { - if let Err((err, compare)) = self.sha.verify(node.digest.take().unwrap()) { - node.verification_done(Err(err), compare); - } - } else { - if let Err((err, data)) = self.sha.run(node.digest.take().unwrap()) { - node.hash_done(Err(err), data); - } - } - } - }); - } -} From c601514ef2e6a93042a4bb72605667263308574e Mon Sep 17 00:00:00 2001 From: Brad Campbell Date: Mon, 17 Jul 2023 10:30:43 -0400 Subject: [PATCH 2/3] components: remove virtualizers from components --- boards/components/src/digest.rs | 112 -------------------------------- boards/components/src/hmac.rs | 81 ++++------------------- boards/components/src/lib.rs | 1 - boards/components/src/sha.rs | 67 ++++--------------- 4 files changed, 27 insertions(+), 234 deletions(-) delete mode 100644 boards/components/src/digest.rs diff --git a/boards/components/src/digest.rs b/boards/components/src/digest.rs deleted file mode 100644 index 762eca9103..0000000000 --- a/boards/components/src/digest.rs +++ /dev/null @@ -1,112 +0,0 @@ -// Licensed under the Apache License, Version 2.0 or the MIT License. -// SPDX-License-Identifier: Apache-2.0 OR MIT -// Copyright Tock Contributors 2022. - -//! Components for collections of Digests. -//! -//! Usage -//! ----- -//! ```rust -//! let mux_digest = components::digest::DigestMuxComponent::new(&earlgrey::digest::Digest) -//! .finalize( -//! components::digest_mux_component_static!(lowrisc::digest::Digest, [u8; 32]), -//! ); -//! -//! let digest = components::digest::DigestComponent::new( -//! board_kernel, -//! &mux_digest, -//! ) -//! .finalize(components::digest_component_static!( -//! lowrisc::digest::Digest, -//! [u8; 32] -//! )); -//! ``` - -use capsules_core::virtualizers::virtual_digest::MuxDigest; -use capsules_core::virtualizers::virtual_digest::VirtualMuxDigest; -use core::mem::MaybeUninit; -use kernel::component::Component; -use kernel::hil::digest; - -#[macro_export] -macro_rules! digest_mux_component_static { - ($A:ty, $L:expr $(,)?) => {{ - kernel::static_buf!(capsules_core::virtualizers::virtual_digest::MuxDigest<'static, $A, $L>) - };}; -} - -#[macro_export] -macro_rules! digest_component_static { - ($A:ty, $L:expr $(,)?) => {{ - let virtual_mux = kernel::static_buf!( - capsules_core::virtualizers::virtual_digest::VirtualMuxDigest<'static, $A, $L> - ); - let key_buffer = kernel::static_buf!([u8; $L]); - - (virtual_mux, key_buffer) - };}; -} - -pub struct DigestMuxComponent, const L: usize> { - digest: &'static A, -} - -impl, const L: usize> DigestMuxComponent { - pub fn new(digest: &'static A) -> DigestMuxComponent { - DigestMuxComponent { digest } - } -} - -impl< - A: 'static - + digest::Digest<'static, L> - + digest::HmacSha256 - + digest::HmacSha384 - + digest::HmacSha512 - + digest::Sha256 - + digest::Sha384 - + digest::Sha512, - const L: usize, - > Component for DigestMuxComponent -{ - type StaticInput = &'static mut MaybeUninit>; - type Output = &'static MuxDigest<'static, A, L>; - - fn finalize(self, s: Self::StaticInput) -> Self::Output { - s.write(MuxDigest::new(self.digest)) - } -} - -pub struct DigestComponent, const L: usize> { - mux_digest: &'static MuxDigest<'static, A, L>, -} - -impl, const L: usize> DigestComponent { - pub fn new(mux_digest: &'static MuxDigest<'static, A, L>) -> DigestComponent { - DigestComponent { mux_digest } - } -} - -impl< - A: kernel::hil::digest::HmacSha256 - + digest::HmacSha384 - + digest::HmacSha512 - + 'static - + digest::Digest<'static, L>, - const L: usize, - > Component for DigestComponent -{ - type StaticInput = ( - &'static mut MaybeUninit>, - &'static mut MaybeUninit<[u8; L]>, - ); - type Output = &'static VirtualMuxDigest<'static, A, L>; - - fn finalize(self, s: Self::StaticInput) -> Self::Output { - let key_buffer = s.1.write([0; L]); - let virtual_digest_user = - s.0.write(VirtualMuxDigest::new(self.mux_digest, key_buffer)); - - virtual_digest_user - } -} diff --git a/boards/components/src/hmac.rs b/boards/components/src/hmac.rs index b8986a09bc..8236f311d0 100644 --- a/boards/components/src/hmac.rs +++ b/boards/components/src/hmac.rs @@ -7,13 +7,9 @@ //! Usage //! ----- //! ```rust -//! let mux_hmac = components::hmac::HmacMuxComponent::new(&earlgrey::hmac::HMAC).finalize( -//! components::hmac_mux_component_static!(lowrisc::hmac::Hmac, 32), -//! ); -//! //! let hmac = components::hmac::HmacComponent::new( //! board_kernel, -//! &mux_hmac, +//! chip.hmac, //! ) //! .finalize(components::hmac_component_static!( //! lowrisc::hmac::Hmac, @@ -21,8 +17,6 @@ //! )); //! ``` -use capsules_core::virtualizers::virtual_hmac::MuxHmac; -use capsules_core::virtualizers::virtual_hmac::VirtualMuxHmac; use capsules_extra::hmac::HmacDriver; use core::mem::MaybeUninit; use kernel::capabilities; @@ -30,78 +24,34 @@ use kernel::component::Component; use kernel::create_capability; use kernel::hil::digest; -#[macro_export] -macro_rules! hmac_mux_component_static { - ($A:ty, $L:expr $(,)?) => {{ - kernel::static_buf!(capsules_core::virtualizers::virtual_hmac::MuxHmac<'static, $A, $L>) - };}; -} - #[macro_export] macro_rules! hmac_component_static { ($A:ty, $L:expr $(,)?) => {{ - let virtual_mux = kernel::static_buf!( - capsules_core::virtualizers::virtual_hmac::VirtualMuxHmac<'static, $A, $L> - ); - let hmac = kernel::static_buf!( - capsules_extra::hmac::HmacDriver< - 'static, - capsules_core::virtualizers::virtual_hmac::VirtualMuxHmac<'static, $A, $L>, - $L, - > - ); + let hmac = kernel::static_buf!(capsules_extra::hmac::HmacDriver<'static, $A, $L>); - let key_buffer = kernel::static_buf!([u8; 32]); let data_buffer = kernel::static_buf!([u8; 64]); let dest_buffer = kernel::static_buf!([u8; $L]); - (virtual_mux, hmac, key_buffer, data_buffer, dest_buffer) + (hmac, data_buffer, dest_buffer) };}; } -pub struct HmacMuxComponent, const L: usize> { - hmac: &'static A, -} - -impl, const L: usize> HmacMuxComponent { - pub fn new(hmac: &'static A) -> HmacMuxComponent { - HmacMuxComponent { hmac } - } -} - -impl< - A: 'static - + digest::Digest<'static, L> - + digest::HmacSha256 - + digest::HmacSha384 - + digest::HmacSha512, - const L: usize, - > Component for HmacMuxComponent -{ - type StaticInput = &'static mut MaybeUninit>; - type Output = &'static MuxHmac<'static, A, L>; - - fn finalize(self, s: Self::StaticInput) -> Self::Output { - s.write(MuxHmac::new(self.hmac)) - } -} - pub struct HmacComponent, const L: usize> { board_kernel: &'static kernel::Kernel, driver_num: usize, - mux_hmac: &'static MuxHmac<'static, A, L>, + hmac: &'static A, } impl, const L: usize> HmacComponent { pub fn new( board_kernel: &'static kernel::Kernel, driver_num: usize, - mux_hmac: &'static MuxHmac<'static, A, L>, + hmac: &'static A, ) -> HmacComponent { HmacComponent { board_kernel, driver_num, - mux_hmac, + hmac, } } } @@ -116,30 +66,27 @@ impl< > Component for HmacComponent { type StaticInput = ( - &'static mut MaybeUninit>, - &'static mut MaybeUninit, L>>, - &'static mut MaybeUninit<[u8; 32]>, + &'static mut MaybeUninit>, &'static mut MaybeUninit<[u8; 64]>, &'static mut MaybeUninit<[u8; L]>, ); - type Output = &'static HmacDriver<'static, VirtualMuxHmac<'static, A, L>, L>; + type Output = &'static HmacDriver<'static, A, L>; fn finalize(self, s: Self::StaticInput) -> Self::Output { let grant_cap = create_capability!(capabilities::MemoryAllocationCapability); - let key_buffer = s.2.write([0; 32]); - let data_buffer = s.3.write([0; 64]); - let dest_buffer = s.4.write([0; L]); - - let virtual_hmac_user = s.0.write(VirtualMuxHmac::new(self.mux_hmac, key_buffer)); + let data_buffer = s.1.write([0; 64]); + let dest_buffer = s.2.write([0; L]); - let hmac = s.1.write(capsules_extra::hmac::HmacDriver::new( - virtual_hmac_user, + let hmac = s.0.write(capsules_extra::hmac::HmacDriver::new( + self.hmac, data_buffer, dest_buffer, self.board_kernel.create_grant(self.driver_num, &grant_cap), )); + self.hmac.set_client(hmac); + hmac } } diff --git a/boards/components/src/lib.rs b/boards/components/src/lib.rs index eb8ae74b12..fce2dd02f8 100644 --- a/boards/components/src/lib.rs +++ b/boards/components/src/lib.rs @@ -26,7 +26,6 @@ pub mod ctap; pub mod dac; pub mod debug_queue; pub mod debug_writer; -pub mod digest; pub mod flash; pub mod fm25cl; pub mod ft6x06; diff --git a/boards/components/src/sha.rs b/boards/components/src/sha.rs index 02be69aae8..f49f712516 100644 --- a/boards/components/src/sha.rs +++ b/boards/components/src/sha.rs @@ -7,13 +7,9 @@ //! Usage //! ----- //! ```rust -//! let mux_sha = components::sha::ShaMuxComponent::new(&earlgrey::sha::HMAC).finalize( -//! components::sha_mux_component_static!(lowrisc::sha::Sha, 32), -//! ); -//! //! let sha = components::sha::ShaComponent::new( //! board_kernel, -//! &mux_sha, +//! chip.sha, //! ) //! .finalize(components::sha_component_static!( //! lowrisc::sha::Sha, @@ -21,8 +17,6 @@ //! )); //! ``` -use capsules_core::virtualizers::virtual_sha::MuxSha; -use capsules_core::virtualizers::virtual_sha::VirtualMuxSha; use capsules_extra::sha::ShaDriver; use core::mem::MaybeUninit; use kernel::capabilities; @@ -30,44 +24,10 @@ use kernel::component::Component; use kernel::create_capability; use kernel::hil::digest; -// Setup static space for the objects. -#[macro_export] -macro_rules! sha_mux_component_static { - ($A:ty, $L:expr $(,)?) => {{ - kernel::static_buf!(capsules_core::virtualizers::virtual_sha::MuxSha<'static, $A, $L>) - };}; -} - -pub struct ShaMuxComponent, const L: usize> { - sha: &'static A, -} - -impl, const L: usize> ShaMuxComponent { - pub fn new(sha: &'static A) -> ShaMuxComponent { - ShaMuxComponent { sha } - } -} - -impl< - A: 'static + digest::Digest<'static, L> + digest::Sha256 + digest::Sha384 + digest::Sha512, - const L: usize, - > Component for ShaMuxComponent -{ - type StaticInput = &'static mut MaybeUninit>; - type Output = &'static MuxSha<'static, A, L>; - - fn finalize(self, s: Self::StaticInput) -> Self::Output { - s.write(MuxSha::new(self.sha)) - } -} - // Setup static space for the objects. #[macro_export] macro_rules! sha_component_static { ($A:ty, $L:expr$(,)?) => {{ - let sha_mux = kernel::static_buf!( - capsules_core::virtualizers::virtual_sha::VirtualMuxSha<'static, $A, $L> - ); let sha_driver = kernel::static_buf!( capsules_extra::sha::ShaDriver< 'static, @@ -79,26 +39,26 @@ macro_rules! sha_component_static { let data_buffer = kernel::static_buf!([u8; 64]); let dest_buffer = kernel::static_buf!([u8; $L]); - (sha_mux, sha_driver, data_buffer, dest_buffer) + (sha_driver, data_buffer, dest_buffer) };}; } pub struct ShaComponent, const L: usize> { board_kernel: &'static kernel::Kernel, driver_num: usize, - mux_sha: &'static MuxSha<'static, A, L>, + sha: &'static A, } impl, const L: usize> ShaComponent { pub fn new( board_kernel: &'static kernel::Kernel, driver_num: usize, - mux_sha: &'static MuxSha<'static, A, L>, + sha: &'static A, ) -> ShaComponent { ShaComponent { board_kernel, driver_num, - mux_sha, + sha, } } } @@ -113,29 +73,28 @@ impl< > Component for ShaComponent { type StaticInput = ( - &'static mut MaybeUninit>, - &'static mut MaybeUninit, L>>, + &'static mut MaybeUninit>, &'static mut MaybeUninit<[u8; 64]>, &'static mut MaybeUninit<[u8; L]>, ); - type Output = &'static ShaDriver<'static, VirtualMuxSha<'static, A, L>, L>; + type Output = &'static ShaDriver<'static, A, L>; fn finalize(self, s: Self::StaticInput) -> Self::Output { let grant_cap = create_capability!(capabilities::MemoryAllocationCapability); - let virtual_sha_user = s.0.write(VirtualMuxSha::new(self.mux_sha)); - - let data_buffer = s.2.write([0; 64]); - let dest_buffer = s.3.write([0; L]); + let data_buffer = s.1.write([0; 64]); + let dest_buffer = s.2.write([0; L]); - let sha = s.1.write(capsules_extra::sha::ShaDriver::new( - virtual_sha_user, + let sha = s.0.write(capsules_extra::sha::ShaDriver::new( + self.sha, data_buffer, dest_buffer, self.board_kernel.create_grant(self.driver_num, &grant_cap), )); + self.sha.set_client(sha); + sha } } From 57d6496a3659349db989173fd74f3e0a58e230e6 Mon Sep 17 00:00:00 2001 From: Brad Campbell Date: Mon, 17 Jul 2023 10:30:56 -0400 Subject: [PATCH 3/3] boards: ot: remove digest virtualizer This means choosing between SHA and HMAC (I assume only SHA worked before). I decided to keep HMAC, rather arbitrarily. --- boards/opentitan/src/main.rs | 68 ++---------------------------------- 1 file changed, 3 insertions(+), 65 deletions(-) diff --git a/boards/opentitan/src/main.rs b/boards/opentitan/src/main.rs index 70142d8151..d5c05f51af 100644 --- a/boards/opentitan/src/main.rs +++ b/boards/opentitan/src/main.rs @@ -19,13 +19,10 @@ use crate::otbn::OtbnComponent; use capsules_aes_gcm::aes_gcm; use capsules_core::virtualizers::virtual_aes_ccm; use capsules_core::virtualizers::virtual_alarm::{MuxAlarm, VirtualMuxAlarm}; -use capsules_core::virtualizers::virtual_hmac::VirtualMuxHmac; -use capsules_core::virtualizers::virtual_sha::VirtualMuxSha; use earlgrey::chip::EarlGreyDefaultPeripherals; use kernel::capabilities; use kernel::component::Component; use kernel::hil; -use kernel::hil::digest::Digest; use kernel::hil::entropy::Entropy32; use kernel::hil::hasher::Hasher; use kernel::hil::i2c::I2CMaster; @@ -122,32 +119,7 @@ struct EarlGrey { 'static, VirtualMuxAlarm<'static, earlgrey::timer::RvTimer<'static>>, >, - hmac: &'static capsules_extra::hmac::HmacDriver< - 'static, - VirtualMuxHmac< - 'static, - capsules_core::virtualizers::virtual_digest::VirtualMuxDigest< - 'static, - lowrisc::hmac::Hmac<'static>, - 32, - >, - 32, - >, - 32, - >, - sha: &'static capsules_extra::sha::ShaDriver< - 'static, - VirtualMuxSha< - 'static, - capsules_core::virtualizers::virtual_digest::VirtualMuxDigest< - 'static, - lowrisc::hmac::Hmac<'static>, - 32, - >, - 32, - >, - 32, - >, + hmac: &'static capsules_extra::hmac::HmacDriver<'static, lowrisc::hmac::Hmac<'static>, 32>, lldb: &'static capsules_core::low_level_debug::LowLevelDebug< 'static, capsules_core::virtualizers::virtual_uart::UartDevice<'static>, @@ -198,7 +170,6 @@ impl SyscallDriverLookup for EarlGrey { match driver_num { capsules_core::led::DRIVER_NUM => f(Some(self.led)), capsules_extra::hmac::DRIVER_NUM => f(Some(self.hmac)), - capsules_extra::sha::DRIVER_NUM => f(Some(self.sha)), capsules_core::gpio::DRIVER_NUM => f(Some(self.gpio)), capsules_core::console::DRIVER_NUM => f(Some(self.console)), capsules_core::alarm::DRIVER_NUM => f(Some(self.alarm)), @@ -395,44 +366,12 @@ unsafe fn setup() -> ( ) .finalize(components::low_level_debug_component_static!()); - let mux_digest = components::digest::DigestMuxComponent::new(&peripherals.hmac).finalize( - components::digest_mux_component_static!(lowrisc::hmac::Hmac, 32), - ); - - let digest = components::digest::DigestComponent::new(&mux_digest).finalize( - components::digest_component_static!(lowrisc::hmac::Hmac, 32,), - ); - - peripherals.hmac.set_client(digest); - - let mux_hmac = components::hmac::HmacMuxComponent::new(digest).finalize( - components::hmac_mux_component_static!(capsules_core::virtualizers::virtual_digest::VirtualMuxDigest, 32), - ); - let hmac = components::hmac::HmacComponent::new( board_kernel, capsules_extra::hmac::DRIVER_NUM, - &mux_hmac, + &peripherals.hmac, ) - .finalize(components::hmac_component_static!( - capsules_core::virtualizers::virtual_digest::VirtualMuxDigest, - 32, - )); - - digest.set_hmac_client(hmac); - - let mux_sha = components::sha::ShaMuxComponent::new(digest).finalize( - components::sha_mux_component_static!(capsules_core::virtualizers::virtual_digest::VirtualMuxDigest, 32), - ); - - let sha = components::sha::ShaComponent::new( - board_kernel, - capsules_extra::sha::DRIVER_NUM, - &mux_sha, - ) - .finalize(components::sha_component_static!(capsules_core::virtualizers::virtual_digest::VirtualMuxDigest, 32)); - - digest.set_sha_client(sha); + .finalize(components::hmac_component_static!(lowrisc::hmac::Hmac, 32)); let i2c_master_buffer = static_init!( [u8; capsules_core::i2c_master::BUFFER_LENGTH], @@ -743,7 +682,6 @@ unsafe fn setup() -> ( console, alarm, hmac, - sha, rng, lldb: lldb, i2c_master,