md: allow dispatch to PSA whenever CRYPTO_CLIENT is enabled #9562
Conversation
valeriosetti
added
needs-review
|
@mpg I took the liberty to add you as reviewer because you were the one who improved MD last year, allowing for the PSA dispatch, and we also discussed about this change in Slack. However if you don't have enough review bandwidth for this, please let me know and I'll remove you ;) |
valeriosetti
force-pushed
the
md-psa-dispatch-3.6
branch
2 times, most recently
from
a011d15 to
51772c4
Compare
|
The ABI-API break is expected because |
valeriosetti
force-pushed
the
md-psa-dispatch-3.6
branch
3 times, most recently
from
acd4c96 to
e43f2e1
Compare
|
CI green (a part from the ABI-API failure mentioned above), so I think the PR is ready for reviews |
IMO not ChangeLog for this, as support for |
The current plan is for MD to remain public in 4.0, so I think we want to forward-port this to development. However there might be other changes planned (or already done) in development that would make this moot, I'm not sure. Cc @gilles-peskine-arm |
Aw, I'm afraid this is a blocker. We promise not to change the ABI in LTS branches (which 3.6 now is) unless we can't find another way to fix a security issue. So, changing the size of Would there be a way to achieve what you're after while keeping the structure unchanged in the default config, and only changing it in a few specific configs? |
Oh, I see. I based my previous comment on the fact that
I think the easiest way will be to enable PSA dispatching based on PSA_WANTs only in the usual |
Currently all of the legacy crypto headers have moved as part of the work to split the repositories. We'll move some of them again as part of the work to evolve the API. Sorry about the lack of clarity. We're still working on clarifying what's going to happen and making a plan for it to happen in time. |
Move the auto-enabling of CRYPTO_CLIENT when CRYPTO_C at the beginning of the file so that all that becomes later is aware of this. Signed-off-by: Valerio Setti <[email protected]>
Instead of allowing PSA dispatching only when CRYPTO_C is set and some MBEDTLS_PSA_ACCEL_ALG_xxx is set, we enable dispatching when CRYPTO_CLIENT and PSA_WANT_ALG_xxx are set. This makes the feature more useful in cases where the PSA support is provided externally, like for example TF-M in Zephyr. This commit also: - fixes disparities in hmac accel/ref comparison; - add proper stubs for the PSA crypto build without a PSA provider (CRYPTO_CLIENT && !CRYPTO_C scenario); - add proper guards for tests trying to use MD+PSA dispatch. Signed-off-by: Valerio Setti <[email protected]>
The previous change that replaced CRYPTO_C with CRYPTO_CLIENT caused an increase of the mbedtls_md struct in scenarios where the hash related PSA_WANTs were enabled, but not accelerated. This caused an ABI-API break which is not allowed for an LTS branch. Since the main goal here is to allow PSA dispatch in a "pure crypto client" scenario, we partially revert the previous change to config_adjust_legacy_crypto.h and add an extra condition for "CRYPTO_CLIENT && !CRYPTO_C". This commit also reverts changes done in analyze_outcomes.py because they are no more necessary. Signed-off-by: Valerio Setti <[email protected]>
valeriosetti
force-pushed
the
md-psa-dispatch-3.6
branch
from
e43f2e1 to
de2f6f9
Compare
Thanks to this change the ABI-API failure disappeared and the CI is fully green now :)
Thanks a lot for the update! So I think that the forward port of this fix will need to wait until MD design is stabilized/planned on |
gilles-peskine-arm
removed
the
needs-reviewer
gilles-peskine-arm
added
priority-medium
There was a problem hiding this comment.
I'm ok with this change in principle. And I agree that since this is targeting a configuration that is not officially supported (MBEDTLS_PSA_CRYPTO_CLIENT without MBEDTLS_PSA_CRYPTO_C), we should in principle not add a changelog entry. But still, I want more documentation for two audiences:
- For maintainers, there should be an explanation of when md dispatches to PSA in plain English (as opposed to C code spread over multiple files). This is in principle covered by
docs/architecture/psa-migration/md-cipher-dispatch.md, though I'm not sure it was fully up to date even before this pull request. Please update that document. And I'd like a summary, or a reference to that file, at least inmd.c. - For users who use CLIENT without C (and who enable at least one hash), there is an incompatible change: they now need to implement
psa_can_do_hash. We should document that somewhere, even if we keep saying that it's experimental. I guess in the documentation ofMBEDTLS_PSA_CRYPTO_CLIENT?
Note that I'm not convinced that we shouldn't add a changelog entry. This is a long-time support branch, so the threshold for considering a change to be important it low. We do sometimes announce things like “The undocumented ability … has been removed” in the changelog. I think now is one of those times.
gilles-peskine-arm
added
needs-work
and removed
needs-review
|
Ok, I'm not opposed to a ChangeLog entry as long as it reminds readers that Good point about updating the documentation, thanks for noticing! |
Description
Instead of allowing PSA dispatching only when CRYPTO_C is set and some MBEDTLS_PSA_ACCEL_ALG_xxx is set, we enable dispatching when CRYPTO_CLIENT and PSA_WANT_ALG_xxx are set. This makes the feature more useful in cases where the PSA support is provided externally, like for example TF-M in Zephyr.
PR checklist