Age | Commit message (Collapse) | Author |
|
|
|
so the user might be able to copy and paste a generated key into the CLI
for recovery.
Display had been a 32-byte hexdump. Parsing (manual re-entry of the KEK)
had been 8 32-bit little-endian values. This has been a pain point for
literally two years, albeit at a low enough pain level that I've managed
to cringe and ignore it.
|
|
|
|
bank-switched memory works.
|
|
|
|
|
|
|
|
We really ought to rototill cli-test, but not today.
|
|
|
|
unnecessary code (no more double read, yay!)
|
|
|
|
|
|
fmc_read_32() and fmc_write_32() get called often enough that it's
worth eliminating unnecessary function call overhead.
|
|
We're no longer using a preemptive multitasker, and we're on the
Alpha, not the old bridge board, so all we really need to do is read
or write one word at a time via a pointer then wait for the GPIO idle
pin to light. Well, other than needing to read twice because of a
known hardware problem with the STM32.
So we dont need to fiddle with IRQ, or use the CMSIS SRAM lock, or....
|
|
|
|
|
|
|
|
|
|
This can take long enough (several minutes for h=10) that we do it in a
background task, which is then converted to an RPC dispatch task.
Also add a very limited form of free(), to free the topmost allocation in
the sdram "heap". I don't want to deal with real heap management, but I do
want to be able to recover memory upon deleting a hashsig key, if it's
easy to do so.
|
|
|
|
This is from October's cleanup binge, but I forgot to commit it at the time.
|
|
This can take long enough (several minutes for h=10) that we do it in a
background task, which is then converted to an RPC dispatch task.
Also add a very limited form of free(), to free the topmost allocation in
the sdram "heap". I don't want to deal with real heap management, but I do
want to be able to recover memory upon deleting a hashsig key, if it's
easy to do so.
|
|
|
|
|
|
This is from October's cleanup binge, but I forgot to commit it at the time.
|
|
|
|
MGMT is the default UART, and no one should have to explicitly refer to
the UART unless they need USER (hsm.c:hal_serial_send_char).
The default UART is now exposed in the header file, so that the
default-using functions can be macros, which saves a few bytes in code
space, and a few microseconds in function call overhead.
|
|
Note: This affects libhal/ks_token.c, which uses the keystore driver directly.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
interrupted) rather than LR (the return address from the function we
interrupted).
Also, change u_short and u_int to unsigned short and unsigned int, since
gcc recently decided that those aren't part of the C99 standard.
Finally, add profilable versions of memcpy, memset, and friends, because
they get called a lot in the course of unit testing, and it would be nice
to know who's calling them.
|
|
A previous version of this code ran over the RTOS, where threads used the
Process Stack, while the SysTick interrupt used the Main Stack. Now
everything's on the main stack, so we need to account for 2 extra words
that SysTick_Handler pushes on the stack at entry.
|
|
|
|
|
|
|
|
|
|
already a user-callback mechanism with HAL_SYSTICK_IRQHandler() and HAL_SYSTICK_Callback().
|
|
|
|
subject to the same forces that made it a good idea in the first place.
commit 2b6b9f8
Change RPC UART to have a high-priority thread monitoring a large(ish) DMA
buffer, because we've observed out-of-order receives under load.
|
|
it's easier than setting up a dedicated timer.
|
|
|
|
This is a quick fix, so that we can get on with testing the ks9 branch
changes.
A better fix in the long run might be to add a third keystore
("ks_pin_read_only", or some such) which implemented the bare minimum
interface that the bootloader needs and left everything else
unimplemented. This would require a bit of refactoring the current
PIN code to make it work right with both the bootloader's abbreivated
keystore and the normal token keystore. Probably worth doing, but a
bit of a can of worms, so postponing for now.
|
|
|
|
|