meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/files/build-deps-upgrade-to-mbed-TLS-2.28.0.patch - openbmc/openbmc - Gitiles

 Upstream-Status: Backport
 Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>

 From a93084be95634b66b917f1c8baf403067dc75c5d Mon Sep 17 00:00:00 2001
 From: Sandrine Bailleux <sandrine.bailleux@arm.com>
 Date: Thu, 21 Apr 2022 10:21:29 +0200
 Subject: [PATCH] build(deps): upgrade to mbed TLS 2.28.0

 Upgrade to the latest and greatest 2.x release of Mbed TLS library
 (i.e. v2.28.0) to take advantage of their bug fixes.

 Note that the Mbed TLS project published version 3.x some time
 ago. However, as this is a major release with API breakages, upgrading
 to 3.x might require some more involved changes in TF-A, which we are
 not ready to do. We shall upgrade to mbed TLS 3.x after the v2.7
 release of TF-A.

 Actually, the upgrade this time simply boils down to including the new
 source code module 'constant_time.c' into the firmware.

 To quote mbed TLS v2.28.0 release notes [1]:

   The mbedcrypto library includes a new source code module
   constant_time.c, containing various functions meant to resist timing
   side channel attacks. This module does not have a separate
   configuration option, and functions from this module will be
   included in the build as required.

 As a matter of fact, if one is attempting to link TF-A against mbed
 TLS v2.28.0 without the present patch, one gets some linker errors
 due to missing symbols from this new module.

 Apart from this, none of the items listed in mbed TLS release
 notes [1] directly affect TF-A. Special note on the following one:

   Fix a bug in mbedtls_gcm_starts() when the bit length of the iv
   exceeds 2^32.

 In TF-A, we do use mbedtls_gcm_starts() when the firmware decryption
 feature is enabled with AES-GCM as the authenticated decryption
 algorithm (DECRYPTION_SUPPORT=aes_gcm). However, the iv_len variable
 which gets passed to mbedtls_gcm_starts() is an unsigned int, i.e. a
 32-bit value which by definition is always less than 2**32. Therefore,
 we are immune to this bug.

 With this upgrade, the size of BL1 and BL2 binaries does not appear to
 change on a standard sample test build (with trusted boot and measured
 boot enabled).

 [1] https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.0

 Change-Id: Icd5dbf527395e9e22c8fd6b77427188bd7237fd6
 Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
 ---
  drivers/auth/mbedtls/mbedtls_common.mk | 1 +
  1 file changed, 1 insertion(+)

 diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk
 index 0a4775d00..3eb41617f 100644
 --- a/drivers/auth/mbedtls/mbedtls_common.mk
 +++ b/drivers/auth/mbedtls/mbedtls_common.mk
 @@ -48,6 +48,7 @@ LIBMBEDTLS_SRCS		:= $(addprefix ${MBEDTLS_DIR}/library/,	\
  					rsa_internal.c				\
  					x509.c 					\
  					x509_crt.c 				\
 +					constant_time.c 			\
  					)

  # The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
 --
 2.25.1
	Upstream-Status: Backport
	Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>

	From a93084be95634b66b917f1c8baf403067dc75c5d Mon Sep 17 00:00:00 2001
	From: Sandrine Bailleux <sandrine.bailleux@arm.com>
	Date: Thu, 21 Apr 2022 10:21:29 +0200
	Subject: [PATCH] build(deps): upgrade to mbed TLS 2.28.0

	Upgrade to the latest and greatest 2.x release of Mbed TLS library
	(i.e. v2.28.0) to take advantage of their bug fixes.

	Note that the Mbed TLS project published version 3.x some time
	ago. However, as this is a major release with API breakages, upgrading
	to 3.x might require some more involved changes in TF-A, which we are
	not ready to do. We shall upgrade to mbed TLS 3.x after the v2.7
	release of TF-A.

	Actually, the upgrade this time simply boils down to including the new
	source code module 'constant_time.c' into the firmware.

	To quote mbed TLS v2.28.0 release notes [1]:

	The mbedcrypto library includes a new source code module
	constant_time.c, containing various functions meant to resist timing
	side channel attacks. This module does not have a separate
	configuration option, and functions from this module will be
	included in the build as required.

	As a matter of fact, if one is attempting to link TF-A against mbed
	TLS v2.28.0 without the present patch, one gets some linker errors
	due to missing symbols from this new module.

	Apart from this, none of the items listed in mbed TLS release
	notes [1] directly affect TF-A. Special note on the following one:

	Fix a bug in mbedtls_gcm_starts() when the bit length of the iv
	exceeds 2^32.

	In TF-A, we do use mbedtls_gcm_starts() when the firmware decryption
	feature is enabled with AES-GCM as the authenticated decryption
	algorithm (DECRYPTION_SUPPORT=aes_gcm). However, the iv_len variable
	which gets passed to mbedtls_gcm_starts() is an unsigned int, i.e. a
	32-bit value which by definition is always less than 2**32. Therefore,
	we are immune to this bug.

	With this upgrade, the size of BL1 and BL2 binaries does not appear to
	change on a standard sample test build (with trusted boot and measured
	boot enabled).

	[1] https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.0

	Change-Id: Icd5dbf527395e9e22c8fd6b77427188bd7237fd6
	Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
	---
	drivers/auth/mbedtls/mbedtls_common.mk \| 1 +
	1 file changed, 1 insertion(+)

	diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk
	index 0a4775d00..3eb41617f 100644
	--- a/drivers/auth/mbedtls/mbedtls_common.mk
	+++ b/drivers/auth/mbedtls/mbedtls_common.mk
	@@ -48,6 +48,7 @@ LIBMBEDTLS_SRCS := $(addprefix ${MBEDTLS_DIR}/library/, \
	rsa_internal.c \
	x509.c \
	x509_crt.c \
	+ constant_time.c \
	)

	# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
	--
	2.25.1