ext: lib: mbedtls: Enable and set heap size at device startup

As the mbedtls heap is global for the whole device, enable it during device startup if configured so. The heap size can be set in config file. There is no default value for the heap as that depends very much on application needs. Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
2017-06-22 16:23:39 +03:00 · 2017-06-22 16:23:39 +03:00 · a9c0a3f9eb
parent 8f9c305a15
commit a9c0a3f9eb
3 changed files with 77 additions and 0 deletions
--- a/ext/lib/crypto/mbedtls/Kbuild
+++ b/ext/lib/crypto/mbedtls/Kbuild
@ -1,6 +1,8 @@

 include $(srctree)/ext/lib/crypto/mbedtls/Makefile.include

+obj-y += zephyr_init.o
+
 obj-y += library/aes.o
 obj-y += library/aesni.o
 obj-y += library/arc4.o
--- a/ext/lib/crypto/mbedtls/Kconfig
+++ b/ext/lib/crypto/mbedtls/Kconfig
@ -59,3 +59,27 @@ config MBEDTLS_INSTALL_PATH
 	This option holds the path where the mbedTLS libraries and headers are
 	installed. Make sure this option is properly set when MBEDTLS_LIBRARY
 	is enabled otherwise the build will fail.
+
+config MBEDTLS_ENABLE_HEAP
+	bool "Enable global heap for mbed TLS"
+	default n
+	depends on MBEDTLS
+	help
+	This option enables the mbedtls to use the heap. This setting must
+	be global so that various applications and libraries in Zephyr do not
+	try to do this themselves as there can be only one heap defined
+	in mbedtls. If this is enabled, then the Zephyr will, during the device
+	startup, initialize the heap automatically.
+
+config MBEDTLS_HEAP_SIZE
+	int "Heap size for mbed TLS"
+	depends on MBEDTLS_ENABLE_HEAP
+	help
+	The mbedtls routines will use this heap if enabled.
+	See ext/lib/crypto/mbedtls/include/mbedtls/config.h and
+	MBEDTLS_MEMORY_BUFFER_ALLOC_C option for details. That option is not
+	enabled by default.
+	Default value for the heap size is not set as it depends on the
+	application. For server application 15000 bytes should be enough.
+	For some dedicated and specific usage of mbedtls API, the 1000 bytes
+	might be ok.
--- a/ext/lib/crypto/mbedtls/zephyr_init.c
+++ b/ext/lib/crypto/mbedtls/zephyr_init.c
@ -0,0 +1,51 @@
+/** @file
+ * @brief mbed TLS initialization
+ *
+ * Initialize the mbed TLS library like setup the heap etc.
+ */
+
+/*
+ * Copyright (c) 2017 Intel Corporation
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#include <init.h>
+
+#if defined(CONFIG_MBEDTLS)
+#if !defined(CONFIG_MBEDTLS_CFG_FILE)
+#include "mbedtls/config.h"
+#else
+#include CONFIG_MBEDTLS_CFG_FILE
+#endif /* CONFIG_MBEDTLS_CFG_FILE */
+#endif
+
+#if defined(CONFIG_MBEDTLS_ENABLE_HEAP) && \
+					defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include <mbedtls/memory_buffer_alloc.h>
+
+#if !defined(CONFIG_MBEDTLS_HEAP_SIZE)
+#error "Please set heap size to be used. Set value to CONFIG_MBEDTLS_HEAP_SIZE \
+option."
+#endif
+
+static unsigned char _mbedtls_heap[CONFIG_MBEDTLS_HEAP_SIZE];
+
+static void init_heap(void)
+{
+	mbedtls_memory_buffer_alloc_init(_mbedtls_heap, sizeof(_mbedtls_heap));
+}
+#else
+#define init_heap(...)
+#endif /* CONFIG_MBEDTLS_ENABLE_HEAP && MBEDTLS_MEMORY_BUFFER_ALLOC_C */
+
+static int _mbedtls_init(struct device *device)
+{
+	ARG_UNUSED(device);
+
+	init_heap();
+
+	return 0;
+}
+
+SYS_INIT(_mbedtls_init, POST_KERNEL, 0);