[Cryptech Core] about that agenda

Peter Stuge peter at stuge.se
Fri Aug 4 14:20:31 UTC 2017

Previous message (by thread): [Cryptech Core] about that agenda
Next message (by thread): [Cryptech Core] about that agenda
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Rob Austein wrote:
> > Let me ask this: How does the STM32 separate RPC calls from two (or more)
> > mux clients?
> 
> The MUX tags messages with a "client handle".   At the moment, that's
> a 32 bit integer, the rough outline for a secure channel says that'll
> likely turn into a key hash or some such.  In any case, the HSM just
> knows that different client identifiers mean different clients.
> 
> > Is there a queue in the muxd?
> 
> In effect, although it's implemented by refusing to accept further
> input from the client until the current request completes.

We could call it an input queue of length 1 for each client.

Is there also an output queue towards the STM32? Or is the request from
each client simply sent out right away, tagged with the new client handle?


> > Are there no queues, and the STM32 starts a new "thread" for each
> > incoming call?
> 
> Yes, with the understanding that this is "cooperative multitasking"
> (basically, co-routines with task swapping) rather than preemptive
> multitasking.  There's a configured limit to the number of these we
> support, but we run into problems long before we hit that limit.

Cool - and the STM32 deals with FPGA BUSY waiting, if requests from
client 1 and client 2 want to use the same block?


> > But changing the protocol might also allow simply removing the mux.
> > It depends on how the STM32 code works at the moment. Note that I
> > don't want to change the STM32 too much, just to get reliable I/O,
> > but I also don't want to completely exclude the possibility before
> > knowing the code better.
> 
> Overall, the MUX actually simplifies the architecture, since it
> isolates all the "how do I talk to the HSM?" voodoo in one place, so
> we'd probably keep it.  But not worth worrying about at this point.

It sounds like we could easily remove it if/when we want, at least
if clients can acquire their handle (generate a key?) on the fly.


> After http://www.worldcon.fi/

All right. I'll keep an eye out for messages from Paul.

Thanks!


//Peter

Previous message (by thread): [Cryptech Core] about that agenda
Next message (by thread): [Cryptech Core] about that agenda
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Core mailing list