aboutsummaryrefslogtreecommitdiff
path: root/projects/hsm
diff options
context:
space:
mode:
Diffstat (limited to 'projects/hsm')
-rw-r--r--projects/hsm/Makefile7
-rw-r--r--projects/hsm/hsm.c115
-rw-r--r--projects/hsm/mgmt-cli.c3
-rw-r--r--projects/hsm/mgmt-fpga.c3
-rw-r--r--projects/hsm/mgmt-thread.c97
-rw-r--r--projects/hsm/mgmt-thread.h42
6 files changed, 207 insertions, 60 deletions
diff --git a/projects/hsm/Makefile b/projects/hsm/Makefile
index 0ab4bff..b92390a 100644
--- a/projects/hsm/Makefile
+++ b/projects/hsm/Makefile
@@ -8,7 +8,8 @@ OBJS = crc32.o \
mgmt-fpga.c \
mgmt-keystore.c \
mgmt-masterkey.c \
- mgmt-misc.c
+ mgmt-misc.c \
+ mgmt-thread.c
BOARD_OBJS = \
$(TOPLEVEL)/stm-init.o \
@@ -26,9 +27,7 @@ BOARD_OBJS = \
$(BOARD_DIR)/stm32f4xx_hal_msp.o \
$(BOARD_DIR)/stm32f4xx_it_rtos.o
-ifndef CRYPTECH_ROOT
- CRYPTECH_ROOT := $(abspath ../../../..)
-endif
+CFLAGS += -DNUM_RPC_TASK=4
CFLAGS += -I$(LIBHAL_SRC)
CFLAGS += -I$(LIBCLI_SRC)
diff --git a/projects/hsm/hsm.c b/projects/hsm/hsm.c
index adce889..862e718 100644
--- a/projects/hsm/hsm.c
+++ b/projects/hsm/hsm.c
@@ -91,28 +91,21 @@ typedef struct {
uint8_t buf[MAX_PKT_SIZE];
} rpc_buffer_t;
+/* A mail queue (memory pool + message queue) for RPC request messages.
+ */
+osMailQId ibuf_queue;
+osMailQDef(ibuf_queue, NUM_RPC_TASK, rpc_buffer_t);
+
#if NUM_RPC_TASK > 1
/* A mutex to arbitrate concurrent UART transmits, from RPC responses.
*/
osMutexId uart_mutex;
osMutexDef(uart_mutex);
-
-/* A mutex so only one dispatch thread can receive requests.
- */
-osMutexId dispatch_mutex;
-osMutexDef(dispatch_mutex);
#endif
-/* Semaphore to inform the dispatch thread that there's a new RPC request.
- */
-osSemaphoreId rpc_sem;
-osSemaphoreDef(rpc_sem);
-
static volatile uint8_t uart_rx; /* current character received from UART */
-static rpc_buffer_t * volatile rbuf; /* current RPC input buffer */
-static volatile int reenable_recv = 1;
-/* Callback for HAL_UART_Receive_IT().
+/* Callback for HAL_UART_Receive_DMA().
* With multiple worker threads, we can't do a blocking receive, because
* that prevents other threads from sending RPC responses (because they
* both want to lock the UART - see stm32f4xx_hal_uart.c). So we have to
@@ -122,25 +115,35 @@ static volatile int reenable_recv = 1;
*/
void HAL_UART2_RxCpltCallback(UART_HandleTypeDef *huart)
{
+ /* current RPC input buffer */
+ static rpc_buffer_t *ibuf = NULL;
int complete;
- if (hal_slip_recv_char(rbuf->buf, &rbuf->len, sizeof(rbuf->buf), &complete) != LIBHAL_OK)
+ if (ibuf == NULL) {
+ if ((ibuf = (rpc_buffer_t *)osMailAlloc(ibuf_queue, 0)) == NULL)
+ Error_Handler();
+ ibuf->len = 0;
+ }
+
+ if (hal_slip_recv_char(ibuf->buf, &ibuf->len, sizeof(ibuf->buf), &complete) != LIBHAL_OK)
Error_Handler();
- if (complete)
- if (osSemaphoreRelease(rpc_sem) != osOK)
+ if (complete) {
+ if (osMailPut(ibuf_queue, (void *)ibuf) != osOK)
Error_Handler();
+ ibuf = NULL;
+ }
+}
- if (HAL_UART_Receive_IT(huart, (uint8_t *)&uart_rx, 1) != CMSIS_HAL_OK)
- /* We may have collided with a transmit.
- * Signal the dispatch_thread to try again.
- */
- reenable_recv = 1;
+void HAL_UART_ErrorCallback(UART_HandleTypeDef *huart)
+{
+ /* I dunno, just trap it for now */
+ Error_Handler();
}
hal_error_t hal_serial_recv_char(uint8_t *cp)
{
- /* return the character from HAL_UART_Receive_IT */
+ /* return the character from HAL_UART_Receive_DMA */
*cp = uart_rx;
return LIBHAL_OK;
}
@@ -154,49 +157,35 @@ hal_error_t hal_serial_send_char(uint8_t c)
*/
void dispatch_thread(void const *args)
{
- rpc_buffer_t ibuf, obuf;
+ rpc_buffer_t obuf_s, *obuf = &obuf_s, *ibuf;
while (1) {
- memset(&ibuf, 0, sizeof(ibuf));
- memset(&obuf, 0, sizeof(obuf));
- obuf.len = sizeof(obuf.buf);
+ memset(obuf, 0, sizeof(*obuf));
+ obuf->len = sizeof(obuf->buf);
-#if NUM_RPC_TASK > 1
- /* Wait for access to the uart */
- osMutexWait(dispatch_mutex, osWaitForever);
-#endif
-
- /* Start receiving, or re-enable after failing in the callback. */
- if (reenable_recv) {
- if (HAL_UART_Receive_IT(&huart_user, (uint8_t *)&uart_rx, 1) != CMSIS_HAL_OK)
- Error_Handler();
- reenable_recv = 0;
- }
-
- /* Wait for the complete rpc request */
- rbuf = &ibuf;
- osSemaphoreWait(rpc_sem, osWaitForever);
-
-#if NUM_RPC_TASK > 1
- /* Let the next thread handle the next request */
- osMutexRelease(dispatch_mutex);
- /* Let the next thread take the mutex */
- osThreadYield();
-#endif
+ /* Wait for a complete RPC request */
+ osEvent evt = osMailGet(ibuf_queue, osWaitForever);
+ if (evt.status != osEventMail)
+ continue;
+ ibuf = (rpc_buffer_t *)evt.value.p;
/* Process the request */
- if (hal_rpc_server_dispatch(ibuf.buf, ibuf.len, obuf.buf, &obuf.len) != LIBHAL_OK)
+ hal_error_t ret = hal_rpc_server_dispatch(ibuf->buf, ibuf->len, obuf->buf, &obuf->len);
+ osMailFree(ibuf_queue, (void *)ibuf);
+ if (ret != LIBHAL_OK) {
+ Error_Handler();
/* If hal_rpc_server_dispatch failed with an XDR error, it
* probably means the request packet was garbage. In any case, we
* have nothing to transmit.
*/
continue;
+ }
/* Send the response */
#if NUM_RPC_TASK > 1
osMutexWait(uart_mutex, osWaitForever);
#endif
- hal_error_t ret = hal_rpc_sendto(obuf.buf, obuf.len, NULL);
+ ret = hal_rpc_sendto(obuf->buf, obuf->len, NULL);
#if NUM_RPC_TASK > 1
osMutexRelease(uart_mutex);
#endif
@@ -228,6 +217,20 @@ static uint8_t *sdram_malloc(size_t size)
return p;
}
+#if NUM_RPC_TASK > 1
+/* Critical section start/end, currently used just for hal_core_alloc/_free.
+ */
+void hal_critical_section_start(void)
+{
+ __disable_irq();
+}
+
+void hal_critical_section_end(void)
+{
+ __enable_irq();
+}
+#endif
+
/* The main thread. This does all the setup, and the worker threads handle
* the rest.
*/
@@ -241,13 +244,13 @@ int main()
fmc_init();
sdram_init();
+ if ((ibuf_queue = osMailCreate(osMailQ(ibuf_queue), NULL)) == NULL)
+ Error_Handler();
+
#if NUM_RPC_TASK > 1
- if ((uart_mutex = osMutexCreate(osMutex(uart_mutex))) == NULL ||
- (dispatch_mutex = osMutexCreate(osMutex(dispatch_mutex)) == NULL)
+ if ((uart_mutex = osMutexCreate(osMutex(uart_mutex))) == NULL)
Error_Handler();
#endif
- if ((rpc_sem = osSemaphoreCreate(osSemaphore(rpc_sem), 0)) == NULL)
- Error_Handler();
if (hal_rpc_server_init() != LIBHAL_OK)
Error_Handler();
@@ -265,6 +268,10 @@ int main()
Error_Handler();
}
+ /* Start the UART receiver. */
+ if (HAL_UART_Receive_DMA(&huart_user, (uint8_t *)&uart_rx, 1) != CMSIS_HAL_OK)
+ Error_Handler();
+
/* Launch other threads (csprng warm-up thread?)
* Wait for FPGA_DONE interrupt.
*/
diff --git a/projects/hsm/mgmt-cli.c b/projects/hsm/mgmt-cli.c
index 539ba4c..ee1b31b 100644
--- a/projects/hsm/mgmt-cli.c
+++ b/projects/hsm/mgmt-cli.c
@@ -49,6 +49,7 @@
#include "mgmt-misc.h"
#include "mgmt-keystore.h"
#include "mgmt-masterkey.h"
+#include "mgmt-thread.h"
#undef HAL_OK
#define HAL_OK LIBHAL_OK
@@ -106,7 +107,6 @@ void HAL_UART1_RxCpltCallback(UART_HandleTypeDef *huart)
{
ringbuf_write_char(&uart_ringbuf, uart_rx);
osSemaphoreRelease(uart_sem);
- HAL_UART_Receive_DMA(huart, &uart_rx, 1);
}
static void uart_cli_print(struct cli_def *cli __attribute__ ((unused)), const char *buf)
@@ -196,6 +196,7 @@ int cli_main(void)
configure_cli_firmware(cli);
configure_cli_bootloader(cli);
configure_cli_misc(cli);
+ configure_cli_thread(cli);
while (1) {
control_mgmt_uart_dma_rx(DMA_RX_START);
diff --git a/projects/hsm/mgmt-fpga.c b/projects/hsm/mgmt-fpga.c
index 778ded9..d76315e 100644
--- a/projects/hsm/mgmt-fpga.c
+++ b/projects/hsm/mgmt-fpga.c
@@ -119,6 +119,7 @@ static int cmd_fpga_reset(struct cli_def *cli, const char *command, char *argv[]
{
fpgacfg_access_control(ALLOW_FPGA);
fpgacfg_reset_fpga(RESET_FULL);
+ hal_core_reset_table();
cli_print(cli, "FPGA has been reset");
return CLI_OK;
@@ -126,7 +127,7 @@ static int cmd_fpga_reset(struct cli_def *cli, const char *command, char *argv[]
static int cmd_fpga_show_cores(struct cli_def *cli, const char *command, char *argv[], int argc)
{
- const hal_core_t *core;
+ hal_core_t *core;
const hal_core_info_t *info;
if (! fpgacfg_check_done()) {
diff --git a/projects/hsm/mgmt-thread.c b/projects/hsm/mgmt-thread.c
new file mode 100644
index 0000000..82b8e72
--- /dev/null
+++ b/projects/hsm/mgmt-thread.c
@@ -0,0 +1,97 @@
+/*
+ * mgmt-thread.c
+ * -----------
+ * CLI 'thread' functions.
+ *
+ * Copyright (c) 2016, NORDUnet A/S All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ * - Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * - Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * - Neither the name of the NORDUnet nor the names of its contributors may
+ * be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Show the active threads. This is mostly for debugging, and looks deeply
+ * into OS-level structures, but sometimes you just need to know...
+ */
+
+#include "mgmt-cli.h"
+#include "mgmt-thread.h"
+
+/* rt_TypeDef.h redefines NULL (previously defined in stddef.h, via libcli.h) */
+#undef NULL
+
+#include "rt_TypeDef.h"
+#include "RTX_Conf.h"
+
+static char *task_state[] = {
+ "INACTIVE",
+ "READY",
+ "RUNNING",
+ "WAIT_DLY",
+ "WAIT_ITV",
+ "WAIT_OR",
+ "WAIT_AND",
+ "WAIT_SEM",
+ "WAIT_MBX",
+ "WAIT_MUT",
+};
+
+static int cmd_thread_show(struct cli_def *cli, const char *command, char *argv[], int argc)
+{
+ OS_TID task_id;
+ P_TCB task;
+ char *name;
+ extern void main(void);
+ extern void dispatch_thread(void);
+ extern void osTimerThread(void);
+
+ for (task_id = 1; task_id <= os_maxtaskrun; ++ task_id) {
+ if ((task = os_active_TCB[task_id-1]) != NULL) {
+ if (task->ptask == main)
+ name = "main";
+ else if (task->ptask == dispatch_thread)
+ name = "dispatch_thread";
+ else if (task->ptask == osTimerThread)
+ name = "osTimerThread";
+ else
+ name = "unknown";
+
+ cli_print(cli, "%d:\tptask\t%p\t%s", task_id, task->ptask, name);
+ cli_print(cli, "\tstate\t%d\t\t%s", (int)task->state, task_state[task->state]);
+ cli_print(cli, "\tprio\t%d", (int)task->prio);
+ cli_print(cli, "\tstack\t%p", task->stack);
+ }
+ }
+ return CLI_OK;
+}
+
+void configure_cli_thread(struct cli_def *cli)
+{
+ struct cli_command *c = cli_register_command(cli, NULL, "thread", NULL, 0, 0, NULL);
+
+ /* thread show */
+ cli_register_command(cli, c, "show", cmd_thread_show, 0, 0, "Show the active threads");
+}
diff --git a/projects/hsm/mgmt-thread.h b/projects/hsm/mgmt-thread.h
new file mode 100644
index 0000000..f72695e
--- /dev/null
+++ b/projects/hsm/mgmt-thread.h
@@ -0,0 +1,42 @@
+/*
+ * mgmt-thread.h
+ * -----------
+ * Management CLI 'thread' functions.
+ *
+ * Copyright (c) 2016, NORDUnet A/S All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ * - Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * - Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * - Neither the name of the NORDUnet nor the names of its contributors may
+ * be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef __STM32_CLI_MGMT_THREAD_H
+#define __STM32_CLI_MGMT_THREAD_H
+
+#include <libcli.h>
+
+extern void configure_cli_thread(struct cli_def *cli);
+
+#endif /* __STM32_CLI_MGMT_THREAD_H */