Skip to content

mbedtls: STM32F439xI: Don't enable AES acceleration by default #4934

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 4, 2017
Merged

mbedtls: STM32F439xI: Don't enable AES acceleration by default #4934

merged 1 commit into from
Sep 4, 2017

Conversation

Patater
Copy link
Contributor

@Patater Patater commented Aug 18, 2017
edited
Loading

Critical workaround to issue #4928. This issue blocks releases until either the issue is fixed or this workaround is merged.

STM32F439xI-family AES hardware acceleration occasionally produces
incorrect output (#4928).

Don't enable AES HW acceleration on STM32F439xI-family targets by
default until issue #4928 is fixed.

Status

READY for REVIEW as WORKAROUND

This is a workaround for issue #4928

@Patater
mbedtls: STM32F439xI: Don't enable AES acceleration by default
bea62d6 
STM32F439xI-family AES hardware acceleration occasionally produces
incorrect output (ARMmbed#4928).

Don't enable AES HW acceleration on STM32F439xI-family targets by
default until issue ARMmbed#4928 is fixed.
@Patater Patater requested review from andresag01 and adustm August 18, 2017 09:13
@adustm
Copy link
Member

adustm commented Aug 18, 2017

Hello @Patater
Such a workaround has already been implemented yesterday by @andresag01 in ARMmbed/mbed-os-example-tls#112 directly.
I am working on the issue #4928 today.
Would you accept to wait before this PR is merged ? We may not even need it...

@Patater
Copy link
Contributor Author

Patater commented Aug 18, 2017

Hi @adustm

The workaround implemented by @andresag01 yesterday was only for the Mbed TLS example. The issue is currently affecting all applications using AES on STM32F439xI-family targets.

I would much prefer issue #4928 fixed instead of this PR's workaround merged. Please keep us posted. We'll watch the issue.

Thanks

@adustm
Copy link
Member

adustm commented Aug 18, 2017

Are you aware of any other use case that would fail ?
I'd be interested in a use case that isn't as deep as the mbedtls hanshake. It looks like the issue is timing dependant (adding breakpoint does not show the error log always at the same time).

@Patater
Copy link
Contributor Author

Patater commented Aug 18, 2017

@adustm
We don't have any other test cases that reproduce this issue.

@andresag01
Copy link

@adustm: As @Patater mentioned, we do not have any other test cases that reproduce this issue. However, @JanneKiiskila mentioned:

using the HW acceleration for crypto also breaks the SD-cards init

If this is indeed some timing or concurrency issue, you could try to reproduce the problem by exercising the accelerator in a therad and while simultaneously spinning other threads that use IO such as ethernet or the sd card. Again, I am not sure this will reproduce the issue, but if it does its probably simpler to investigate than running the full TLS stack.

@RobMeades RobMeades mentioned this pull request Aug 21, 2017
Merged
andresag01
andresag01 approved these changes Aug 23, 2017
View reviewed changes
Copy link

@andresag01 andresag01 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The changes look good to me. I think we should merge this for the next release only if the actual problem is not fixed by then.

@Patater Patater mentioned this pull request Aug 23, 2017
Closed
@sg-
Copy link
Contributor

sg- commented Aug 23, 2017

/morph test

@mbed-bot
Copy link

Result: ABORTED

Your command has finished executing! Here's what you wrote!

/morph test

Output

mbed Build Number: 1098

Example Prep failed!

@studavekar
Copy link
Contributor

/morph test

@mbed-bot
Copy link

Result: FAILURE

Your command has finished executing! Here's what you wrote!

/morph test

Output

mbed Build Number: 1103

Build failed!

@theotherjimmy
Copy link
Contributor

@yanesca Could you review when you get the chance?

yanesca
yanesca approved these changes Aug 30, 2017
View reviewed changes
Copy link
Contributor

@yanesca yanesca left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

@0xc0170
Copy link
Contributor

0xc0170 commented Aug 31, 2017

As this was approved by both sides, this run CI and be ready for integration (if the fix does not come by then).

@studavekar
Copy link
Contributor

/morph test

@mbed-bot
Copy link

mbed-bot commented Sep 1, 2017

Result: FAILURE

Your command has finished executing! Here's what you wrote!

/morph test

Output

mbed Build Number: 1151

Build failed!

@0xc0170
Copy link
Contributor

0xc0170 commented Sep 1, 2017

/morph test

@mbed-bot
Copy link

mbed-bot commented Sep 1, 2017

Result: SUCCESS

Your command has finished executing! Here's what you wrote!

/morph test

Output

mbed Build Number: 1155

All builds and test passed!

@0xc0170 0xc0170 merged commit fc4afab into ARMmbed:master Sep 4, 2017
@adustm adustm mentioned this pull request Sep 5, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andresag01 andresag01 andresag01 approved these changes

@yanesca yanesca yanesca approved these changes

@adustm adustm adustm approved these changes

Assignees
No one assigned
Labels
release-version: 5.5.7
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@Patater @adustm @andresag01 @sg- @mbed-bot @studavekar @theotherjimmy @0xc0170 @yanesca