69b290589b
Merge pull request #8057 from mpg/cipher-study
...
[G2] Tentative definition of Cipher light
2023-12-22 08:53:30 +00:00
3dd6cde0d8
Mention functional correctness explicitly
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-20 16:47:57 +00:00
f5e135670b
Clarify key generation and memory-management correctness
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-20 15:24:47 +00:00
c1c6e0d906
Justify linearization points
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-15 12:33:26 +00:00
6ecb9ce5fc
Link directly to the state transition diagram
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-14 15:19:31 +00:00
acfd774bca
Add some clarifications in thread_safety.md
...
Make it clearer how it is possible to reason here using linearization
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-14 15:19:31 +00:00
3eb4274a57
Fix transitions in diagram
...
Move the finish_key_creation transition
Neaten the diagram
Add transitions for the key loading functions in psa_get_and_lock_key_slot
Add psa_wipe_key_slot transition
Change file to be a png
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-14 15:19:01 +00:00
b461b8731c
Change how the state transition diagram is stored
...
Store the source of the diagram as a url instead of an xml file.
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-14 14:40:45 +00:00
4dde0b293c
md-cipher-dispatch: editorial improvements
...
Fix a typo, add a reference.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-12-14 12:09:38 +01:00
177a45f556
Small clarifications in documentation
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-07 11:24:30 +00:00
b8c4254f44
Update cipher light -> block cipher definition
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-12-07 12:12:39 +01:00
204c852442
Move psa-thread-safety.md
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-07 11:05:37 +00:00
1e9733c6a8
Add graph
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-07 11:05:37 +00:00
9f06681cb4
Update psa-thread-safety.md
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-07 11:05:37 +00:00
303121eb16
Fix a typo
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-12-07 12:05:07 +01:00
16799db69a
update headers
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-11-02 19:47:20 +00:00
4823d2c94e
Extend design discussion
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-10-26 12:56:39 +02:00
a365efc6f1
Threading design: fix internal links
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-10-26 10:22:55 +01:00
6b3643117b
Document chosen goals and priorities for 3.x
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-10-26 11:02:17 +02:00
3bcda449c0
Things forgotten in the previous commit
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-10-26 10:03:49 +02:00
54bd71b40f
Update operation threading strategy
...
The library does not need to provide protection, leave it to the crypto
service.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-10-23 10:30:50 +01:00
e604269a59
Threading Design: emphasise performance requirement
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-10-23 10:16:58 +01:00
23f7e41633
Threading design: improve language
...
Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com >
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-10-23 10:11:18 +01:00
49d467c37d
Threading design: update and clarify 3.6 plan
...
- Separation of attr and slot state is added
- Driver support is cut back
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-10-20 15:41:40 +01:00
de0e3e352d
Threading design: Update empty slot tracking
...
Using a dedicated field allows clean separatin between key attributes
and slot state. This allows us to use the same mechanics for attributes
and key content. Which in turn means lower code size and easier
maintenance.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-10-20 15:12:42 +01:00
52586895f7
Clarify threading design document structure
...
Separate design analysis from plans and make the distinction clear
between what is implemented, what is planned to be implemented soon,
what is planned to be implemented in the future, and what is ideas that
are rejected.
(The distinction between the last two categories doesn't have to be
clear, we can't and shouldn't plan that far ahead.)
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-10-20 14:26:57 +01:00
19192a5158
Clarify reentrancy requirements for drivers
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-10-20 13:16:48 +01:00
d7a39ae21e
Add plan for 3.6 to threading design
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-10-17 14:34:26 +01:00
574100bb0d
Add clarifications to thread safety design
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-10-17 12:50:28 +01:00
811a954383
Add reentrancy section to thread safety design
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-10-17 12:50:21 +01:00
f1878d8974
Update to only serve GCM and CCM
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-10-12 11:19:00 +02:00
28b4da954b
Add PSA threading design
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-10-10 15:15:55 +01:00
301d2a29a7
Update to MD light section
...
Mostly to reflect this has been implemented, and remove references to
temporary remains from the previous strategy (hash_info, legacy_or_psa)
which would probably be more confusing than helpful at this point.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-10-10 10:04:07 +02:00
2daee0410e
Update list of modules using hashes
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-10-10 10:04:07 +02:00
ca18b7747e
Update definition of Cipher light
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-10-10 10:04:07 +02:00
839d3580bd
Update details of modules using cipher operations
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-10-10 09:22:59 +02:00
32743619a2
Merge pull request #8114 from yanesca/threading_requirements_update
...
Refine thread safety requirements
2023-10-09 11:22:59 +00:00
db3035b8bc
Fix a typo in psa-crypto-implementation-structure.md
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2023-09-26 09:09:20 +00:00
76e55a20dd
Change the documenti about psa_crypto_driver_wrappers.c{h}
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2023-09-26 09:09:20 +00:00
1198e43644
Change the description of auto-generated driver dispatch files
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2023-09-26 09:09:20 +00:00
845693c513
Change comments to psa_crypto_driver_wrappers.h
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2023-09-26 09:09:20 +00:00
b4527fbd82
Add clarifications to the threading requirements
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-31 14:01:24 +01:00
b6954730f0
Fix typo
...
Co-authored-by: Ronald Cron <ronald.cron@arm.com >
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-31 13:54:21 +01:00
35633dd977
Add threading non-requirement
...
State explicitly the non-requirement that it's ok for psa_destroy_key to
block waiting for a driver.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-31 08:31:19 +01:00
15d9ec29be
Improve thread safety presentation
...
- Use unique section titles so that there are unique anchors
- Make list style consistent between similar sections
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-31 08:22:21 +01:00
0385c2815c
Tighten thread safety requirements
...
We shouldn't violate the requirement that the key identifier can be
reused. In practice, a key manager may destroy a key that's in use by
another process, and the privileged world containing the key manager and
the crypto service should not be perturbed by an unprivileged process.
With respect to blocking, again, a key manager should not be blocked
indefinitely by an unprivileged application.
These are desirable properties even in the short term.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-30 16:44:04 +01:00
7ec993d804
Refine thread safety requirements
...
Split and refine short term requirements for key deletion.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-23 16:04:48 +01:00
36cd3f9f8e
Add tentative definition of Cipher light
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-08-11 10:06:42 +02:00
948137be59
Add details on use of ciphers from other modules
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-08-10 16:58:30 +02:00
33291ba35f
Merge pull request #5538 from gilles-peskine-arm/psa-thread_safety-doc
...
PSA thread safety requirements
2023-08-10 16:21:55 +02:00
