aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--docs/porting-guide.rst26
-rw-r--r--drivers/auth/mbedtls/mbedtls_common.c33
-rw-r--r--include/drivers/auth/mbedtls/mbedtls_config.h14
-rw-r--r--include/plat/common/platform.h1
-rw-r--r--plat/common/plat_bl_common.c23
5 files changed, 78 insertions, 19 deletions
diff --git a/docs/porting-guide.rst b/docs/porting-guide.rst
index de7b5dba35..83fac2860f 100644
--- a/docs/porting-guide.rst
+++ b/docs/porting-guide.rst
@@ -1055,7 +1055,7 @@ next image. This function is currently invoked in BL2 to flush this information
to the next BL image, when LOAD\_IMAGE\_V2 is enabled.
Function : plat\_log\_get\_prefix()
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
::
@@ -1066,9 +1066,31 @@ This function defines the prefix string corresponding to the `log_level` to be
prepended to all the log output from TF-A. The `log_level` (argument) will
correspond to one of the standard log levels defined in debug.h. The platform
can override the common implementation to define a different prefix string for
-the log output. The implementation should be robust to future changes that
+the log output. The implementation should be robust to future changes that
increase the number of log levels.
+Function : plat\_get\_mbedtls\_heap()
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Arguments : void **heap_addr, size_t *heap_size
+ Return : int
+
+This function is invoked during Mbed TLS library initialisation to get
+a heap, by means of a starting address and a size. This heap will then be used
+internally by the Mbed TLS library. The heap is requested from the current
+BL stage, i.e. the current BL image inside which Mbed TLS is used.
+
+The default implementation allocates a new heap every time Mbed TLS gets
+initialised. This means that a new heap is statically allocated inside
+every image (i.e. every BL stage) that utilises Mbed TLS. In the default
+implementation, this function returns the address and size of this default
+heap. However, by overriding the default implementation, platforms have the ability
+to optimise memory usage.
+
+On success it returns 0 and a negative error code otherwise.
+
Modifications specific to a Boot Loader stage
---------------------------------------------
diff --git a/drivers/auth/mbedtls/mbedtls_common.c b/drivers/auth/mbedtls/mbedtls_common.c
index 7095fde33f..dbf45baebd 100644
--- a/drivers/auth/mbedtls/mbedtls_common.c
+++ b/drivers/auth/mbedtls/mbedtls_common.c
@@ -4,26 +4,15 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
+#include <assert.h>
#include <debug.h>
-#include <stdlib.h>
-#include <stdio.h>
-
/* mbed TLS headers */
#include <mbedtls/memory_buffer_alloc.h>
#include <mbedtls/platform.h>
-#include <mbedtls_config.h>
#include <mbedtls_common.h>
-
-/*
- * mbed TLS heap
- */
-#if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA) \
- || (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA)
-#define MBEDTLS_HEAP_SIZE (13*1024)
-#elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA)
-#define MBEDTLS_HEAP_SIZE (7*1024)
-#endif
-static unsigned char heap[MBEDTLS_HEAP_SIZE];
+#include <mbedtls_config.h>
+#include <platform.h>
+#include <stddef.h>
static void cleanup(void)
{
@@ -37,13 +26,25 @@ static void cleanup(void)
void mbedtls_init(void)
{
static int ready;
+ void *heap_addr;
+ size_t heap_size = 0;
+ int err;
if (!ready) {
if (atexit(cleanup))
panic();
+ err = plat_get_mbedtls_heap(&heap_addr, &heap_size);
+
+ /* Ensure heap setup is proper */
+ if (err < 0) {
+ ERROR("Mbed TLS failed to get a heap\n");
+ panic();
+ }
+ assert(heap_size >= TF_MBEDTLS_HEAP_SIZE);
+
/* Initialize the mbed TLS heap */
- mbedtls_memory_buffer_alloc_init(heap, MBEDTLS_HEAP_SIZE);
+ mbedtls_memory_buffer_alloc_init(heap_addr, heap_size);
#ifdef MBEDTLS_PLATFORM_SNPRINTF_ALT
mbedtls_platform_set_snprintf(snprintf);
diff --git a/include/drivers/auth/mbedtls/mbedtls_config.h b/include/drivers/auth/mbedtls/mbedtls_config.h
index f8f260808b..59aeea9929 100644
--- a/include/drivers/auth/mbedtls/mbedtls_config.h
+++ b/include/drivers/auth/mbedtls/mbedtls_config.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -95,4 +95,16 @@
#include "mbedtls/check_config.h"
#endif
+/*
+ * Determine Mbed TLS heap size
+ * 13312 = 13*1024
+ * 7168 = 7*1024
+ */
+#if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA) \
+ || (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA)
+#define TF_MBEDTLS_HEAP_SIZE U(13312)
+#elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA)
+#define TF_MBEDTLS_HEAP_SIZE U(7168)
+#endif
+
#endif /* __MBEDTLS_CONFIG_H__ */
diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h
index dae9589570..e0297ae2e9 100644
--- a/include/plat/common/platform.h
+++ b/include/plat/common/platform.h
@@ -103,6 +103,7 @@ void plat_panic_handler(void) __dead2;
const char *plat_log_get_prefix(unsigned int log_level);
void bl2_plat_preload_setup(void);
int plat_try_next_boot_source(void);
+int plat_get_mbedtls_heap(void **heap_addr, size_t *heap_size);
/*******************************************************************************
* Mandatory BL1 functions
diff --git a/plat/common/plat_bl_common.c b/plat/common/plat_bl_common.c
index b471a7e7b5..95d73e3c92 100644
--- a/plat/common/plat_bl_common.c
+++ b/plat/common/plat_bl_common.c
@@ -9,6 +9,9 @@
#include <bl_common.h>
#include <debug.h>
#include <errno.h>
+#if TRUSTED_BOARD_BOOT
+#include <mbedtls_config.h>
+#endif
#include <platform.h>
/*
@@ -21,6 +24,7 @@
#pragma weak bl2_plat_handle_pre_image_load
#pragma weak bl2_plat_handle_post_image_load
#pragma weak plat_try_next_boot_source
+#pragma weak plat_get_mbedtls_heap
void bl2_el3_plat_prepare_exit(void)
{
@@ -66,3 +70,22 @@ void bl2_early_platform_setup2(u_register_t arg0, u_register_t arg1,
bl2_early_platform_setup((void *)arg1);
}
#endif
+
+
+#if TRUSTED_BOARD_BOOT
+/*
+ * The following default implementation of the function simply returns the
+ * by-default allocated heap.
+ */
+int plat_get_mbedtls_heap(void **heap_addr, size_t *heap_size)
+{
+ static unsigned char heap[TF_MBEDTLS_HEAP_SIZE];
+
+ assert(heap_addr != NULL);
+ assert(heap_size != NULL);
+
+ *heap_addr = heap;
+ *heap_size = sizeof(heap);
+ return 0;
+}
+#endif /* TRUSTED_BOARD_BOOT */