Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mbedtls: Disable MD5, SHA1, SHA256 HW ACC for STM32F439xI #5080

Merged
merged 1 commit into from
Sep 21, 2017
Merged

mbedtls: Disable MD5, SHA1, SHA256 HW ACC for STM32F439xI #5080

merged 1 commit into from
Sep 21, 2017

Conversation

andresag01
Copy link

Critical workaround to issue #5079.

STM32F439xI-family MD5, SHA1 and SHA256 hardware acceleration
occasionally produces incorrect output (#5079).

Don't enable MD5, SHA1 and SHA256 HW acceleration on STM32F439xI-family
targets by default until issue #5079 is fixed.

Status

READY for REVIEW as WORKAROUND

mbedtls: Disable MD5, SHA1, SHA256 HW ACC for STM32F439xI
f928e7a 
STM32F439xI-family MD5, SHA1 and SHA256 hardware acceleration
occasionally produces incorrect output (ARMmbed#5079).

Don't enable MD5, SHA1 and SHA256 HW acceleration on STM32F439xI-family
targets by default until issue ARMmbed#5079 is fixed.
@andresag01 andresag01 mentioned this pull request Sep 12, 2017
Closed
@adbridge
Copy link
Contributor

@andresag01 What is the impact of just disabling these ?

@adbridge
Copy link
Contributor

Should we be aiming to get this in for 5.6 RC2 ?

@andresag01
Copy link
Author

@adbridge: The impact of disabling this is a potential decrease in performance and possibly an increase in code size, etc in targets that are using this acceleration code as disabling it just means that we will be using the default mbed TLS software implementation. Of course, this PR is only a workaround and I am currently working with @adustm to assess the full impact of the issue in #5079 and #4928.

I hope this is clear. However, it would also be beneficial if @RonEld, @yanesca, @sbutcher-arm take a look at these changes.

@0xc0170
Copy link
Contributor

0xc0170 commented Sep 19, 2017

@andresag01 #5018 - this PR fixes the issues (it was already reviewed by you and @yanesca ), deprecate this fix? Is that correct? please let us know the status of this PR, as this has critical in the description, I would like to an answer for this asap

cc @adustm

@andresag01
Copy link
Author

@0xc0170: This is not directly related to the fix at #5018 as that is for AES, while this is a workaround for MD5, SHA1 and SHA256 acceleration. Therefore #5018 does not deprecate this. I am not sure how would @yanesca and @Patater would like to deal with this though.

@adustm
Copy link
Member

adustm commented Sep 19, 2017

Hello @0xc0170
Andres is right, I've fixed the AES part only, not the MD5/SHA1/SHA256 part.
You can keep this workaround for the time being.

@0xc0170
Copy link
Contributor

0xc0170 commented Sep 20, 2017

/morph test-nightly

@mbed-bot
Copy link

Result: SUCCESS

Your command has finished executing! Here's what you wrote!

/morph test-nightly

Output

mbed Build Number: 1346

All builds and test passed!

@theotherjimmy theotherjimmy merged commit 181d7bc into ARMmbed:master Sep 21, 2017
@SeppoTakalo SeppoTakalo mentioned this pull request Oct 9, 2017
Closed
@andreaslarssonublox andreaslarssonublox mentioned this pull request Oct 17, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Patater Patater Patater approved these changes

@yanesca yanesca yanesca approved these changes

Assignees
No one assigned
Labels
component: security release-version: 5.6.1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@andresag01 @adbridge @0xc0170 @adustm @mbed-bot @Patater @yanesca @theotherjimmy