Merge branch 'bugfix/aes_dma_completion_v4.2' into 'release/v4.2'

mbedtls: Fix AES dma completion race condition (v4.2) See merge request espressif/esp-idf!12904
2021-05-26 03:30:18 +00:00
parent 176ea97dd0 6e0c046bd9
commit 536d6eea61
2 changed files with 18 additions and 5 deletions
--- a/components/mbedtls/port/esp32s2/aes.c
+++ b/components/mbedtls/port/esp32s2/aes.c
@@ -405,7 +405,8 @@ static int esp_aes_process_dma(esp_aes_context *ctx, const unsigned char *input,
 {
    lldesc_t stream_in_desc, stream_out_desc;
    lldesc_t *in_desc_head, *out_desc_head;
-    lldesc_t *block_desc = NULL, *block_in_desc, *block_out_desc;
+    lldesc_t *out_desc_tail = NULL; /* pointer to the final output descriptor */
+    lldesc_t *block_desc = NULL, *block_in_desc = NULL, *block_out_desc = NULL;
    size_t lldesc_num;
    uint8_t stream_in[16] = {};
    unsigned stream_bytes = len % AES_BLOCK_BYTES; // bytes which aren't in a full block
@@ -472,8 +473,10 @@ static int esp_aes_process_dma(esp_aes_context *ctx, const unsigned char *input,
        block_in_desc = block_desc;
        block_out_desc = block_desc + lldesc_num;

-        lldesc_setup_link(block_desc, input, block_bytes, 0);
-        lldesc_setup_link(block_desc + lldesc_num, output, block_bytes, 0);
+        lldesc_setup_link(block_in_desc, input, block_bytes, 0);
+        lldesc_setup_link(block_out_desc, output, block_bytes, 0);
+
+        out_desc_tail = &block_out_desc[lldesc_num - 1];
    }

    /* Any leftover bytes which are appended as an additional DMA list */
@@ -488,6 +491,8 @@ static int esp_aes_process_dma(esp_aes_context *ctx, const unsigned char *input,
            block_in_desc[lldesc_num - 1].empty = (uint32_t)&stream_in_desc;
            block_out_desc[lldesc_num - 1].empty = (uint32_t)&stream_out_desc;
        }
+
+        out_desc_tail = &stream_out_desc;
    }

    // block buffers are sent to DMA first, unless there aren't any
@@ -516,7 +521,7 @@ static int esp_aes_process_dma(esp_aes_context *ctx, const unsigned char *input,

    /* Start AES operation */
    REG_WRITE(AES_TRIGGER_REG, 1);
-    esp_aes_dma_wait_complete(use_intr, out_desc_head);
+    esp_aes_dma_wait_complete(use_intr, out_desc_tail);



--- a/components/mbedtls/test/test_aes.c
+++ b/components/mbedtls/test/test_aes.c
@@ -8,6 +8,7 @@
 #include "mbedtls/gcm.h"
 #include "unity.h"
 #include "sdkconfig.h"
+#include "esp_log.h"
 #include "esp_timer.h"
 #include "esp_heap_caps.h"
 #include "test_utils.h"
@@ -73,7 +74,7 @@ TEST_CASE("mbedtls CTR stream test", "[aes]")
        no matter how many bytes we encrypt each call
        */
    for (int bytes_to_process = 1; bytes_to_process < SZ; bytes_to_process++) {
-
+        ESP_LOGD("test", "bytes_to_process %d", bytes_to_process);
        memset(nonce, 0xEE, 16);
        memset(chipertext, 0x0, SZ);
        memset(decryptedtext, 0x0, SZ);
@@ -87,10 +88,14 @@ TEST_CASE("mbedtls CTR stream test", "[aes]")
            mbedtls_aes_crypt_ctr(&ctx, length, &offset, nonce,
                                  stream_block, plaintext + idx, chipertext + idx );
        }
+        ESP_LOG_BUFFER_HEXDUMP("expected", expected_cipher, SZ, ESP_LOG_DEBUG);
+        ESP_LOG_BUFFER_HEXDUMP("actual  ", chipertext, SZ, ESP_LOG_DEBUG);
+
        TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher, chipertext, SZ);

        // Decrypt
        memset(nonce, 0xEE, 16);
+        memset(decryptedtext, 0x22, SZ);
        offset = 0;
        for (int idx = 0; idx < SZ; idx = idx + bytes_to_process) {
            // Limit length of last call to avoid exceeding buffer size
@@ -98,6 +103,7 @@ TEST_CASE("mbedtls CTR stream test", "[aes]")
            mbedtls_aes_crypt_ctr(&ctx, length, &offset, nonce,
                                  stream_block, chipertext + idx, decryptedtext + idx );
        }
+        ESP_LOG_BUFFER_HEXDUMP("decrypted", decryptedtext, SZ, ESP_LOG_DEBUG);
        TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext, decryptedtext, SZ);
    }
    free(plaintext);
@@ -273,6 +279,7 @@ TEST_CASE("mbedtls OFB stream test", "[aes]")
        */

    for (int bytes_to_process = 1; bytes_to_process < SZ; bytes_to_process++) {
+        ESP_LOGD("test", "bytes_to_process %d", bytes_to_process);
        // Encrypt
        memset(iv, 0xEE, 16);
        size_t offset = 0;
@@ -286,6 +293,7 @@ TEST_CASE("mbedtls OFB stream test", "[aes]")

        // Decrypt
        memset(iv, 0xEE, 16);
+        memset(decryptedtext, 0x22, SZ);
        offset = 0;
        for (int idx = 0; idx < SZ; idx = idx + bytes_to_process) {
            // Limit length of last call to avoid exceeding buffer size