diff options
| author | Rob Austein <sra@hactrn.net> | 2018-05-20 18:18:40 -0400 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2018-05-20 18:18:40 -0400 |
| commit | e6bdf57820121b6eac9f35c8ef53a4e7a76205e1 (patch) | |
| tree | b8701157fa06ea8f873b1c330d9599e4eb7384cf /hal_internal.h | |
| parent | 76edd86d940956eb42ced93ccd4ee5f1d95bd01f (diff) | |
Better hal_core_alloc() semantics, assert() and printf() cleanup.
Various fixes extracted from the abandoned(-for-now?) reuse-cores
branch, principally:
* Change hal_core_alloc*() to support core reuse and to pick the
least-recently-used core of a particular type otherwise;
* Replace assert() and printf() calls with hal_assert() and hal_log(),
respectively. assert() is particularly useless on the HSM, since it
sends its error message into hyperspace then hangs the HSM.
Diffstat (limited to 'hal_internal.h')
| -rw-r--r-- | hal_internal.h | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/hal_internal.h b/hal_internal.h index 922562a..742b67b 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -48,6 +48,19 @@ */ /* + * Assertions, using our logger rather than printf() and assuming a + * hal_error_t return value. + */ + +#define hal_assert(_whatever_) \ + do { \ + if (!(_whatever_)) { \ + hal_log(HAL_LOG_ERROR, "Assertion failed: %s", #_whatever_); \ + return HAL_ERROR_ASSERTION_FAILED; \ + } \ + } while (0) + +/* * htonl is not available in arm-none-eabi headers or libc. */ #ifndef STM32F4XX @@ -513,15 +526,8 @@ typedef struct { int hint; /* - * This might be where we'd stash a (hal_core_t *) pointing to a - * core which has already been loaded with the key, if we were - * trying to be clever about using multiple signing cores. Moot - * point (ie, no way we could possibly test such a thing) as long as - * the FPGA is too small to hold more than one modexp core and ECDSA - * is entirely software, so skip it for now, but the implied - * semantics are interesting: a pkey handle starts to resemble an - * initialized signing core, and once all the cores are in use, one - * can't load another key without closing an existing pkey handle. + * This might be where we'd stash one or more (hal_core_t *) + * pointing to cores which have already been loaded with the key. */ } hal_pkey_slot_t; |