Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve implementation of Mbed TLS timing #14772

Merged
merged 6 commits into from
Jun 15, 2021

Conversation

LDong-Arm
Copy link
Contributor

@LDong-Arm LDong-Arm commented Jun 14, 2021

Summary of changes

This PR makes the following fixes and improvements to the Mbed OS implementation of Mbed TLS timing:

  • Switches to use LowPowerTimer or Timer for time measurements. The Mbed OS implementation of gettimeofday() is only precise to seconds, but Mbed TLS timing requires milliseconds.
  • Uses LowPowerTimeout (instead of Timeout) for mbedtls_set_alarm() if available, to save power.
  • Adds a full implementation of timing.h, to fix "undefined symbol" errors generated by the Arm Compiler. This will also benefits user applications if they need to enable timing in Mbed TLS.
  • Adds mbedtls_timing_self_test to the existing Greentea test connectivity-mbedtls-tests-TESTS-mbedtls-selftest, if MBEDTLS_TIMING_C is available.
  • Unsets MBEDTLS_SELF_TEST from the default configuration, and adds TESTS/configs/mbedtls.json to enable self tests and timing.

Please see the commit messages for reasoning.

To run the timing self test (e.g. on K64F, with the ARM toolchain):

mbed test -t ARM -m K64F -n connectivity-mbedtls-tests-TESTS-mbedtls-selftest --app-config TESTS/configs/mbedtls.json

Impact of changes

Now compilation failure with the Arm Compiler with MBEDTLS_TIMING_C is fixed. For example, the benchmark application in mbed-os-example-tls depends on that.

Additionally, a full implementation of Mbed TLS timing becomes available if an application needs it, and it can be enabled by defining MBEDTLS_TIMING_C and MBEDTLS_TIMING_ALT.

Migration actions required

None.

Documentation

None.


Pull request type

[x] Patch update (Bug fix / Target update / Docs update / Test update / Refactor)
[] Feature update (New feature / Functionality change / New API)
[] Major update (Breaking change E.g. Return code change / API behaviour change)

Test results

[] No Tests required for this change (E.g docs only update)
[x] Covered by existing mbed-os tests (Greentea or Unittest)
[x] Tests / results supplied as part of this PR

Manually ran the self test (see description above) and got

test case: 'mbedtls_timing_self_test' ........................................................ OK in 2.56 sec

Reviewers

@ARMmbed/mbed-os-core @Patater @0xc0170


@ciarmcom ciarmcom added the release-type: patch Indentifies a PR as containing just a patch label Jun 14, 2021
@ciarmcom
Copy link
Member

@LDong-Arm, thank you for your changes.
@0xc0170 @Patater @ARMmbed/mbed-os-maintainers please review.

@mergify mergify bot dismissed Patater’s stale review June 14, 2021 15:29

Pull request has been modified.

Copy link
Contributor Author

@LDong-Arm LDong-Arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Patater Thanks for the review, I've addressed your comments.

@LDong-Arm LDong-Arm requested a review from Patater June 14, 2021 15:35
connectivity/mbedtls/platform/src/timing_mbed.cpp Outdated Show resolved Hide resolved
connectivity/mbedtls/platform/src/timing_mbed.cpp Outdated Show resolved Hide resolved
connectivity/mbedtls/platform/src/timing_mbed.cpp Outdated Show resolved Hide resolved
connectivity/mbedtls/platform/src/timing_mbed.cpp Outdated Show resolved Hide resolved
connectivity/mbedtls/include/mbedtls/config.h Show resolved Hide resolved
connectivity/mbedtls/tools/importer/adjust-config.sh Outdated Show resolved Hide resolved
Previously we used `gettimeofday()` for Mbed TLS timing, but its
implementation provided by Mbed OS is only precise to seconds. The
microsecond component of the output `struct timeval` is always set
to zero. But Mbed TLS requires millisecond precision.

To provide required timing precision, switch to use `LowPowerTicker`
or (microsecond) `Ticker`. `LowPowerTicker` is preferred as it saves
power and Mbed TLS does not require microsecond precision.
When MBEDTLS_TIMING_C and MBEDTLS_TIMING_ALT are enabled,
the Arm Compiler generates errors like the following (one for
each missing symbol):

    Error: L6218E: Undefined symbol mbedtls_timing_get_delay

Reason:

The function `mbedtls_timing_self_test()` in the Mbed TLS default
`timing.c` always gets compiled, if MBEDTLS_SELF_TEST is defined.
And MBEDTLS_SELF_TEST is always defined, as we have a Greentea test
to run some of the Mbed TLS self tests. (In the future we should try
not to enable MBEDTLS_SELF_TEST except for tests, but it requires
a rework in our test flow.)

`mbedtls_timing_self_test()` tests (calls) the full API declared in
`timing.h`, and the ARM Compiler requires all symbols referenced by
all functions to be defined, even those not used by the final
application. This is unlike GCC_ARM which resolves what are required.

Solution:

To fix the "undefined symbol" errors, we add an implementation of
`mbedtls_timing_get_timer()` based on Mbed OS `LowPowerTimer` or
`Timer` (depending on which one is available), and copy Mbed TLS's
default `mbedtls_timing_set_delay()` and `mbedtls_timing_get_delay()`
which are built on top of `mbedtls_timing_get_timer()`. This will also
benefit user applications that need to enable timing in Mbed TLS.
Do not compile the Mbed implementation of Mbed TLS unless
MBEDTLS_TIMING_ALT is defined. This prevents a macro check error on
devices that do not have LPTICKER or USTICKER when Mbed TLS timing
is not enabled.
The function `mbedtls_set_alarm()` is only precise to seconds, so
`LowPowerTimeout` is enough and saves power.
This allows us to verify the support for Mbed TLS timing on Mbed OS.

Note: The macros MBEDTLS_TIMING_C and MBEDTLS_TIMING_ALT are not
enabled by default and need to be additionally enabled to run this
test.
@mergify mergify bot dismissed Patater’s stale review June 14, 2021 16:58

Pull request has been modified.

@LDong-Arm LDong-Arm requested a review from Patater June 14, 2021 17:06
We potentially save flash space by not enabling Mbed TLS self-tests
by default. A new test config file, TESTS/configs/mbedtls.json, is
provided to enable self tests. This newly created JSON file also
enables timing in Mbed TLS so timing gets tested.
@mergify mergify bot dismissed Patater’s stale review June 15, 2021 09:55

Pull request has been modified.

Copy link
Contributor

@Patater Patater left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Patater
Copy link
Contributor

Patater commented Jun 15, 2021

CI started

@mbed-ci
Copy link

mbed-ci commented Jun 15, 2021

Jenkins CI Test : ✔️ SUCCESS

Build Number: 1 | 🔒 Jenkins CI Job | 🌐 Logs & Artifacts

CLICK for Detailed Summary

jobs Status
jenkins-ci/mbed-os-ci_unittests ✔️
jenkins-ci/mbed-os-ci_cmake-cloud-example-ARM ✔️
jenkins-ci/mbed-os-ci_build-cloud-example-ARM ✔️
jenkins-ci/mbed-os-ci_cmake-cloud-example-GCC_ARM ✔️
jenkins-ci/mbed-os-ci_build-cloud-example-GCC_ARM ✔️
jenkins-ci/mbed-os-ci_build-greentea-ARM ✔️
jenkins-ci/mbed-os-ci_cmake-example-ARM ✔️
jenkins-ci/mbed-os-ci_build-greentea-GCC_ARM ✔️
jenkins-ci/mbed-os-ci_cmake-example-GCC_ARM ✔️
jenkins-ci/mbed-os-ci_build-example-ARM ✔️
jenkins-ci/mbed-os-ci_build-example-GCC_ARM ✔️
jenkins-ci/mbed-os-ci_greentea-test ✔️

@jeromecoutant
Copy link
Collaborator

MBEDTLS seltests are not executed by default now.
Is that expected ?

Before:

$ mbed test -m NUCLEO_F429ZI -t ARM -v -n connectivity-mbedtls*
Build successes:
  * NUCLEO_F429ZI::ARMC6::CONNECTIVITY-MBEDTLS-TESTS-TESTS-MBEDTLS-MULTI
  * NUCLEO_F429ZI::ARMC6::CONNECTIVITY-MBEDTLS-TESTS-TESTS-MBEDTLS-SELFTEST
  * NUCLEO_F429ZI::ARMC6::MBED-BUILD
Build skips:
  * NUCLEO_F429ZI::ARMC6::CONNECTIVITY-MBEDTLS-TESTS-TESTS-MBEDTLS-SANITY

Now:

$ mbed test -m NUCLEO_F429ZI -t ARM -v -n connectivity-mbedtls*

Build successes:
  * NUCLEO_F429ZI::ARMC6::CONNECTIVITY-MBEDTLS-TESTS-TESTS-MBEDTLS-MULTI
  * NUCLEO_F429ZI::ARMC6::MBED-BUILD
Build skips:
  * NUCLEO_F429ZI::ARMC6::CONNECTIVITY-MBEDTLS-TESTS-TESTS-MBEDTLS-SANITY
  * NUCLEO_F429ZI::ARMC6::CONNECTIVITY-MBEDTLS-TESTS-TESTS-MBEDTLS-SELFTEST

"macros": [
"MBEDTLS_SELF_TEST",
"MBEDTLS_TIMING_C",
"MBEDTLS_TIMING_ALT"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

_ALT should be enabled only for HW crypto targets ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mbed TLS has a number of _ALT macros, but MBEDTLS_TIMING_ALT is only to enable timing based on Mbed OS API (i.e. LowPowerTicker/Ticker). This one is not related to crypto capabilities.

@LDong-Arm
Copy link
Contributor Author

MBEDTLS seltests are not executed by default now.
Is that expected ?

This is expected. Now if you want to enable Mbed TLS self tests, you need to pass --app-config TESTS/configs/mbedtls.json. The idea is to not enable tests in the default configuration.

@mbedmain mbedmain removed release-type: patch Indentifies a PR as containing just a patch Release-pending labels Jun 23, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants