Message ID | 20241114142917.481564-1-ilias.apalodimas@linaro.org |
---|---|
State | New |
Headers | show |
Series | [v2] net: lwip: provide entropy to MBed TLS in one go | expand |
On Thu, 14 Nov 2024 at 07:29, Ilias Apalodimas <ilias.apalodimas@linaro.org> wrote: > > We currently provide entropy to mbedTLS using 8b chunks. > Take into account the 'len' parameter passed by MBed TLS to the entropy > gathering function instead. Note that the current code works because len > is always 128 (defined at compile time), therefore mbedtls_hardware_poll() > is called repeatedly and the buffer is filled correctly. But passing 'len' > to dm_rng_read() is both better and simpler. > > Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> > Suggested-by: Simon Glass <sjg@chromium.org> > Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> > --- > > Changes since v1: > - Update the commit message and title and picked up r-b from Jerome > - v1 can be found here https://lore.kernel.org/u-boot/42870ab3-1621-491f-a221-8ced932ed703@linaro.org/ > > net/lwip/wget.c | 6 ++---- > 1 file changed, 2 insertions(+), 4 deletions(-) Reviewed-by: Simon Glass <sjg@chromium.org> Yes this seems better!
On Thu, Nov 14, 2024 at 04:29:15PM +0200, Ilias Apalodimas wrote: > We currently provide entropy to mbedTLS using 8b chunks. > Take into account the 'len' parameter passed by MBed TLS to the entropy > gathering function instead. Note that the current code works because len > is always 128 (defined at compile time), therefore mbedtls_hardware_poll() > is called repeatedly and the buffer is filled correctly. But passing 'len' > to dm_rng_read() is both better and simpler. > > Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> > Suggested-by: Simon Glass <sjg@chromium.org> > Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> > Reviewed-by: Simon Glass <sjg@chromium.org> Applied to u-boot/master, thanks!
diff --git a/net/lwip/wget.c b/net/lwip/wget.c index ba8579899002..4fd552fd306e 100644 --- a/net/lwip/wget.c +++ b/net/lwip/wget.c @@ -42,7 +42,6 @@ int mbedtls_hardware_poll(void *data, unsigned char *output, size_t len, size_t *olen) { struct udevice *dev; - u64 rng = 0; int ret; *olen = 0; @@ -52,12 +51,11 @@ int mbedtls_hardware_poll(void *data, unsigned char *output, size_t len, log_err("Failed to get an rng: %d\n", ret); return ret; } - ret = dm_rng_read(dev, &rng, sizeof(rng)); + ret = dm_rng_read(dev, output, len); if (ret) return ret; - memcpy(output, &rng, len); - *olen = sizeof(rng); + *olen = len; return 0; }