aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohn Tsichritzis <john.tsichritzis@arm.com>2018-06-07 16:31:34 +0100
committerJohn Tsichritzis <john.tsichritzis@arm.com>2018-09-04 10:32:06 +0100
commit6d01a463348b04af2afa3c00579ebc6ecd12eaf1 (patch)
tree01f023aa03e4631d8ad6a30beaea6757e8c64bb6
parent708531cf0541295f50d81b0bfa3441e757a00348 (diff)
downloadtrusted-firmware-a-6d01a463348b04af2afa3c00579ebc6ecd12eaf1.tar.gz
Prepare Mbed TLS drivers for shared heap
The Mbed TLS drivers, in order to work, need a heap for internal usage. This heap, instead of being directly referenced by the drivers, now it is being accessed indirectly through a pointer. Also, the heap, instead of being part of the drivers, now it is being received through the plat_get_mbedtls_heap() function. This function requests a heap from the current BL image which utilises the Mbed TLS drivers. Those changes create the opportunity for the Mbed TLS heap to be shared among different images, thus saving memory. A default heap implementation is provided but it can be overridden by a platform specific, optimised implemenetation. Change-Id: I286a1f10097a9cdcbcd312201eea576c18d157fa Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-rw-r--r--docs/porting-guide.rst26
-rw-r--r--drivers/auth/mbedtls/mbedtls_common.c33
-rw-r--r--include/drivers/auth/mbedtls/mbedtls_config.h14
-rw-r--r--include/plat/common/platform.h1
-rw-r--r--plat/common/plat_bl_common.c23
5 files changed, 78 insertions, 19 deletions
diff --git a/docs/porting-guide.rst b/docs/porting-guide.rst
index de7b5dba35..83fac2860f 100644
--- a/docs/porting-guide.rst
+++ b/docs/porting-guide.rst
@@ -1055,7 +1055,7 @@ next image. This function is currently invoked in BL2 to flush this information
to the next BL image, when LOAD\_IMAGE\_V2 is enabled.
Function : plat\_log\_get\_prefix()
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
::
@@ -1066,9 +1066,31 @@ This function defines the prefix string corresponding to the `log_level` to be
prepended to all the log output from TF-A. The `log_level` (argument) will
correspond to one of the standard log levels defined in debug.h. The platform
can override the common implementation to define a different prefix string for
-the log output. The implementation should be robust to future changes that
+the log output. The implementation should be robust to future changes that
increase the number of log levels.
+Function : plat\_get\_mbedtls\_heap()
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Arguments : void **heap_addr, size_t *heap_size
+ Return : int
+
+This function is invoked during Mbed TLS library initialisation to get
+a heap, by means of a starting address and a size. This heap will then be used
+internally by the Mbed TLS library. The heap is requested from the current
+BL stage, i.e. the current BL image inside which Mbed TLS is used.
+
+The default implementation allocates a new heap every time Mbed TLS gets
+initialised. This means that a new heap is statically allocated inside
+every image (i.e. every BL stage) that utilises Mbed TLS. In the default
+implementation, this function returns the address and size of this default
+heap. However, by overriding the default implementation, platforms have the ability
+to optimise memory usage.
+
+On success it returns 0 and a negative error code otherwise.
+
Modifications specific to a Boot Loader stage
---------------------------------------------
diff --git a/drivers/auth/mbedtls/mbedtls_common.c b/drivers/auth/mbedtls/mbedtls_common.c
index 7095fde33f..dbf45baebd 100644
--- a/drivers/auth/mbedtls/mbedtls_common.c
+++ b/drivers/auth/mbedtls/mbedtls_common.c
@@ -4,26 +4,15 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
+#include <assert.h>
#include <debug.h>
-#include <stdlib.h>
-#include <stdio.h>
-
/* mbed TLS headers */
#include <mbedtls/memory_buffer_alloc.h>
#include <mbedtls/platform.h>
-#include <mbedtls_config.h>
#include <mbedtls_common.h>
-
-/*
- * mbed TLS heap
- */
-#if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA) \
- || (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA)
-#define MBEDTLS_HEAP_SIZE (13*1024)
-#elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA)
-#define MBEDTLS_HEAP_SIZE (7*1024)
-#endif
-static unsigned char heap[MBEDTLS_HEAP_SIZE];
+#include <mbedtls_config.h>
+#include <platform.h>
+#include <stddef.h>
static void cleanup(void)
{
@@ -37,13 +26,25 @@ static void cleanup(void)
void mbedtls_init(void)
{
static int ready;
+ void *heap_addr;
+ size_t heap_size = 0;
+ int err;
if (!ready) {
if (atexit(cleanup))
panic();
+ err = plat_get_mbedtls_heap(&heap_addr, &heap_size);
+
+ /* Ensure heap setup is proper */
+ if (err < 0) {
+ ERROR("Mbed TLS failed to get a heap\n");
+ panic();
+ }
+ assert(heap_size >= TF_MBEDTLS_HEAP_SIZE);
+
/* Initialize the mbed TLS heap */
- mbedtls_memory_buffer_alloc_init(heap, MBEDTLS_HEAP_SIZE);
+ mbedtls_memory_buffer_alloc_init(heap_addr, heap_size);
#ifdef MBEDTLS_PLATFORM_SNPRINTF_ALT
mbedtls_platform_set_snprintf(snprintf);
diff --git a/include/drivers/auth/mbedtls/mbedtls_config.h b/include/drivers/auth/mbedtls/mbedtls_config.h
index f8f260808b..59aeea9929 100644
--- a/include/drivers/auth/mbedtls/mbedtls_config.h
+++ b/include/drivers/auth/mbedtls/mbedtls_config.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -95,4 +95,16 @@
#include "mbedtls/check_config.h"
#endif
+/*
+ * Determine Mbed TLS heap size
+ * 13312 = 13*1024
+ * 7168 = 7*1024
+ */
+#if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA) \
+ || (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA)
+#define TF_MBEDTLS_HEAP_SIZE U(13312)
+#elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA)
+#define TF_MBEDTLS_HEAP_SIZE U(7168)
+#endif
+
#endif /* __MBEDTLS_CONFIG_H__ */
diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h
index dae9589570..e0297ae2e9 100644
--- a/include/plat/common/platform.h
+++ b/include/plat/common/platform.h
@@ -103,6 +103,7 @@ void plat_panic_handler(void) __dead2;
const char *plat_log_get_prefix(unsigned int log_level);
void bl2_plat_preload_setup(void);
int plat_try_next_boot_source(void);
+int plat_get_mbedtls_heap(void **heap_addr, size_t *heap_size);
/*******************************************************************************
* Mandatory BL1 functions
diff --git a/plat/common/plat_bl_common.c b/plat/common/plat_bl_common.c
index b471a7e7b5..95d73e3c92 100644
--- a/plat/common/plat_bl_common.c
+++ b/plat/common/plat_bl_common.c
@@ -9,6 +9,9 @@
#include <bl_common.h>
#include <debug.h>
#include <errno.h>
+#if TRUSTED_BOARD_BOOT
+#include <mbedtls_config.h>
+#endif
#include <platform.h>
/*
@@ -21,6 +24,7 @@
#pragma weak bl2_plat_handle_pre_image_load
#pragma weak bl2_plat_handle_post_image_load
#pragma weak plat_try_next_boot_source
+#pragma weak plat_get_mbedtls_heap
void bl2_el3_plat_prepare_exit(void)
{
@@ -66,3 +70,22 @@ void bl2_early_platform_setup2(u_register_t arg0, u_register_t arg1,
bl2_early_platform_setup((void *)arg1);
}
#endif
+
+
+#if TRUSTED_BOARD_BOOT
+/*
+ * The following default implementation of the function simply returns the
+ * by-default allocated heap.
+ */
+int plat_get_mbedtls_heap(void **heap_addr, size_t *heap_size)
+{
+ static unsigned char heap[TF_MBEDTLS_HEAP_SIZE];
+
+ assert(heap_addr != NULL);
+ assert(heap_size != NULL);
+
+ *heap_addr = heap;
+ *heap_size = sizeof(heap);
+ return 0;
+}
+#endif /* TRUSTED_BOARD_BOOT */