debug.h is a NuttX-specific, non-POSIX header. Placing it in the
top-level include/ directory creates naming conflicts with external
projects that define their own debug.h.
This commit moves the canonical header to include/nuttx/debug.h,
following the NuttX convention for non-POSIX/non-standard headers,
and updates all in-tree references.
A backward-compatibility shim is left at include/debug.h that
emits a deprecation #warning and re-includes <nuttx/debug.h>,
allowing out-of-tree code to continue building while migrating.
Signed-off-by: Piyush Patle <piyushpatle228@gmail.com>
This commit modularizes the curve25519 and idgen implementations in the
crypto subsystem.
Previously, curve25519.c and idgen.c were only compiled when
CONFIG_CRYPTO_RANDOM_POOL was enabled. However, cryptosoft.c (used by
software cipher support) has a direct dependency on curve25519 functions.
This caused linker errors (undefined reference to curve25519) when
software crypto was enabled but the random pool was disabled.
Changes:
- Introduce hidden Kconfig options CRYPTO_CURVE25519 and CRYPTO_IDGEN.
- Make CRYPTO_RANDOM_POOL select both CRYPTO_IDGEN and CRYPTO_CURVE25519.
- Make CRYPTO_CRYPTODEV_SOFTWARE_CRYPTO/KEYMGMT select CRYPTO_CURVE25519.
- Update CMakeLists.txt and Makefile to use the new config flags.
This ensures that required algorithms are automatically included in the
build regardless of whether the entropy pool is enabled.
Signed-off-by: karaketir16 <osmankaraketir@gmail.com>
This adds support for PBKDF2 (SHA1 and SHA256) while leveraging
the existing infrastructure for HMAC.
Signed-off-by: Vlad Pruteanu <pruteanuvlad1611@yahoo.com>
Intermediate files of make depend like .ddc and .dds may remain
when make is interrupted. Remove them using make distclean.
Signed-off-by: SPRESENSE <41312067+SPRESENSE@users.noreply.github.com>
When using a key that is longer than the block size of the hashing
algorithm used, the key must be hashed before it is used.
Signed-off-by: Vlad Pruteanu <pruteanuvlad1611@yahoo.com>
When a key is successfully exported, the return value should reflect the actual length of the exported key data.
Signed-off-by: makejian <makejian@xiaomi.com>
Add support for generating AES keys (128/192/256 bits) using the software key management backend.
The generated keys are random numbers produced by the system PRNG.
Signed-off-by: makejian <makejian@xiaomi.com>
This patch adds support for managing cryptographic keys using MTD storage.
It enables the persistence of keys across reboots using a software-based key management system.
Includes fixes for compilation warnings and validation logic.
Signed-off-by: makejian <makejian@xiaomi.com>
The callback parameters are currently passed in by the upper layer, so the release process in close should not be performed here.
This prevents double-free issues and ensures proper resource management.
Signed-off-by: makejian <makejian@xiaomi.com>
Fix incorrect memory management for asynchronous process callbacks.
Ensure callback memory is self-managed to prevent leaks or use-after-free issues.
Signed-off-by: makejian <makejian@xiaomi.com>
Fix issue where input buffer pointer was modified during crypto operations.
Ensures original buffer pointer remains valid for the caller.
Signed-off-by: makejian <makejian@xiaomi.com>
Add support for exporting RSA operations with PKCS#1 v1.5 and PSS padding schemes through the cryptodev interface.
This enables both traditional and modern RSA signature schemes:
- CRK_RSA_PKCS15_SIGN/VERIFY for PKCS#1 v1.5 padding
- CRK_RSA_PSS_SIGN/VERIFY for PSS padding
Signed-off-by: makejian <makejian@xiaomi.com>
1. p.x uninitialized in line 1643
2. l_public.y uninitialized in line 1579
3. l_public.y uninitialized in line 1533
Signed-off-by: makejian <makejian@xiaomi.com>
After adding the cross-core crypto driver, there are now three encryption modes:
1. Hardware driver in local core
2. Crypto driver in remote core
3. Software encryption in local core
This prioritizes local hardware driver first, then remote driver (typically hardware),
and finally local software encryption as a fallback.
Signed-off-by: makejian <makejian@xiaomi.com>
Replace dynamic memory allocation with stack-based variables in cryptodev_op().
This eliminates kmm_malloc/kmm_free overhead and simplifies error handling
by removing the need for goto bail cleanup paths.
Signed-off-by: makejian <makejian@xiaomi.com>
Add ivlen field to crypt_op and crp_ivlen to cryptop structure to support
cipher algorithms with different IV lengths.
Signed-off-by: makejian <makejian@xiaomi.com>
Add olen field to crypt_op structure and crp_olen to cryptop structure
to support output length tracking in virtio crypto mode.
Signed-off-by: makejian <makejian@xiaomi.com>
Rename siphash related symbols to avoid conflicts with compiler-generated
section names. Tricore-gcc produces function sections with '_end' suffix,
which conflicts with siphash_end symbol.
Signed-off-by: makejian <makejian@xiaomi.com>
Add support for storing driver-specific private data in the crypto
driver structure. This allows crypto drivers to maintain session
state and other driver-specific information.
Signed-off-by: makejian <makejian@xiaomi.com>
Replace the non-standard howmany macro with the common div_round_up macro
for consistency and better code maintainability.
Signed-off-by: makejian <makejian@xiaomi.com>
Add key management interfaces and support for generating key pairs in RSA and ECDSA cryptographic processes to the cryptodev module.
Signed-off-by: makejian <makejian@xiaomi.com>
Extend AES-CBC algorithm support to include 192-bit and 256-bit key sizes in addition to the existing 128-bit support. This enables broader compatibility with cryptographic standards and provides applications with additional key length options for enhanced security requirements.
Signed-off-by: makejian <makejian@xiaomi.com>
According to the feedback from SPDX community we should use
LicenseRef-NuttX-PublicDomain because NuttX-PublicDomain
is not a valid SPDX id, so it will fail tests for SPDX spec compliance.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
"hmac" was mistyped as "hmca", breaking linking to some prototype
functions. Also, a couple of includes were missing.
Signed-off-by: Niccolò Maggioni <nicco.maggioni+nuttx@gmail.com>
This patch is a rework of the NuttX file descriptor implementation. The
goal is two-fold:
1. Improve POSIX compliance. The old implementation tied file description
to inode only, not the file struct. POSIX however dictates otherwise.
2. Fix a bug with descriptor duplication (dup2() and dup3()). There is
an existing race condition with this POSIX API that currently results
in a kernel side crash.
The crash occurs when a partially open / closed file descriptor is
duplicated. The reason for the crash is that even if the descriptor is
closed, the file might still be in use by the kernel (due to e.g. ongoing
write to file). The open file data is changed by file_dup3() and this
causes a crash in the device / drivers themselves as they lose access to
the inode and private data.
The fix is done by separating struct file into file and file descriptor
structs. The file struct can live on even if the descriptor is closed,
fixing the crash. This also fixes the POSIX issue, as two descriptors
can now point to the same file.
Signed-off-by: Ville Juven <ville.juven@unikie.com>
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.
NOTE
The code was reported as GPL by FOSS ID
and Xiaomi scanned the file xform.c with Black Duck Security and it showed
that the license was BSD-3-Clause and no risk was reported.
Since there is no clause on the license it was concluded as 0BSD
Refference
https://github.com/apache/nuttx/pull/15252
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.
define NuttX local NuttX-PublicDomain identifier
“Public Domain” is a concept distinct from copyright licensing;
it generally means that the work no longer has any copyright protection
or ownership, and therefore requires no license permission in order to
use, copy, modify, distribute, perform, display, etc.
In the United States – and many jurisdictions – copyright protections
attach automatically to creative works upon creation if they satisfy
certain minimum criteria.
“Public Domain” would thus represent a significant change to the legal
status of the work.
The rules around “Public Domain” often vary or are unspecified
jurisdiction to jurisdiction. Adding to the confusion, some
jurisdictions may not even recognize the concept of “Public Domain”
(or similar). As such, a license may nevertheless be required or implied
in these cases. Even in the U.S., there is no clear,
officially-sanctioned procedure for affirmatively placing
copyright-eligible works into the “Public Domain” aside from natural
statutory expiration of copyright. The bottom-line is, there are few if
any objective, brightline rules for proactively placing
copyright-eligible works into the Public Domain that we can broadly
rely on.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.
define NuttX local NuttX-PublicDomain identifier
“Public Domain” is a concept distinct from copyright licensing;
it generally means that the work no longer has any copyright protection
or ownership, and therefore requires no license permission in order to
use, copy, modify, distribute, perform, display, etc.
In the United States – and many jurisdictions – copyright protections
attach automatically to creative works upon creation if they satisfy
certain minimum criteria.
“Public Domain” would thus represent a significant change to the legal
status of the work.
The rules around “Public Domain” often vary or are unspecified
jurisdiction to jurisdiction. Adding to the confusion, some
jurisdictions may not even recognize the concept of “Public Domain”
(or similar). As such, a license may nevertheless be required or implied
in these cases. Even in the U.S., there is no clear,
officially-sanctioned procedure for affirmatively placing
copyright-eligible works into the “Public Domain” aside from natural
statutory expiration of copyright. The bottom-line is, there are few if
any objective, brightline rules for proactively placing
copyright-eligible works into the Public Domain that we can broadly
rely on.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.
define NuttX local NuttX-PublicDomain identifier
“Public Domain” is a concept distinct from copyright licensing;
it generally means that the work no longer has any copyright protection
or ownership, and therefore requires no license permission in order to
use, copy, modify, distribute, perform, display, etc.
In the United States – and many jurisdictions – copyright protections
attach automatically to creative works upon creation if they satisfy
certain minimum criteria.
“Public Domain” would thus represent a significant change to the legal
status of the work.
The rules around “Public Domain” often vary or are unspecified
jurisdiction to jurisdiction. Adding to the confusion, some
jurisdictions may not even recognize the concept of “Public Domain”
(or similar). As such, a license may nevertheless be required or implied
in these cases. Even in the U.S., there is no clear,
officially-sanctioned procedure for affirmatively placing
copyright-eligible works into the “Public Domain” aside from natural
statutory expiration of copyright. The bottom-line is, there are few if
any objective, brightline rules for proactively placing
copyright-eligible works into the Public Domain that we can broadly
rely on.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.
define NuttX local NuttX-PublicDomain identifier
“Public Domain” is a concept distinct from copyright licensing;
it generally means that the work no longer has any copyright protection
or ownership, and therefore requires no license permission in order to
use, copy, modify, distribute, perform, display, etc.
In the United States – and many jurisdictions – copyright protections
attach automatically to creative works upon creation if they satisfy
certain minimum criteria.
“Public Domain” would thus represent a significant change to the legal
status of the work.
The rules around “Public Domain” often vary or are unspecified
jurisdiction to jurisdiction. Adding to the confusion, some
jurisdictions may not even recognize the concept of “Public Domain”
(or similar). As such, a license may nevertheless be required or implied
in these cases. Even in the U.S., there is no clear,
officially-sanctioned procedure for affirmatively placing
copyright-eligible works into the “Public Domain” aside from natural
statutory expiration of copyright. The bottom-line is, there are few if
any objective, brightline rules for proactively placing
copyright-eligible works into the Public Domain that we can broadly
rely on.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.
define NuttX local NuttX-PublicDomain identifier
“Public Domain” is a concept distinct from copyright licensing;
it generally means that the work no longer has any copyright protection
or ownership, and therefore requires no license permission in order to
use, copy, modify, distribute, perform, display, etc.
In the United States – and many jurisdictions – copyright protections
attach automatically to creative works upon creation if they satisfy
certain minimum criteria.
“Public Domain” would thus represent a significant change to the legal
status of the work.
The rules around “Public Domain” often vary or are unspecified
jurisdiction to jurisdiction. Adding to the confusion, some
jurisdictions may not even recognize the concept of “Public Domain”
(or similar). As such, a license may nevertheless be required or implied
in these cases. Even in the U.S., there is no clear,
officially-sanctioned procedure for affirmatively placing
copyright-eligible works into the “Public Domain” aside from natural
statutory expiration of copyright. The bottom-line is, there are few if
any objective, brightline rules for proactively placing
copyright-eligible works into the Public Domain that we can broadly
rely on.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.
define NuttX local NuttX-PublicDomain identifier
“Public Domain” is a concept distinct from copyright licensing;
it generally means that the work no longer has any copyright protection
or ownership, and therefore requires no license permission in order to
use, copy, modify, distribute, perform, display, etc.
In the United States – and many jurisdictions – copyright protections
attach automatically to creative works upon creation if they satisfy
certain minimum criteria.
“Public Domain” would thus represent a significant change to the legal
status of the work.
The rules around “Public Domain” often vary or are unspecified
jurisdiction to jurisdiction. Adding to the confusion, some
jurisdictions may not even recognize the concept of “Public Domain”
(or similar). As such, a license may nevertheless be required or implied
in these cases. Even in the U.S., there is no clear,
officially-sanctioned procedure for affirmatively placing
copyright-eligible works into the “Public Domain” aside from natural
statutory expiration of copyright. The bottom-line is, there are few if
any objective, brightline rules for proactively placing
copyright-eligible works into the Public Domain that we can broadly
rely on.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
This patch fixed userspace headers conflict. Architecture-related definition and API should not be exposed to users.
Signed-off-by: ouyangxiangzhen <ouyangxiangzhen@xiaomi.com>
Summary:
1.Modified the i_crefs from int16_t to atomic_int
2.Modified the i_crefs add, delete, read, and initialize interfaces to atomic operations
The purpose of this change is to avoid deadlock in cross-core scenarios, where A Core blocks B Core’s request for a write operation to A Core when A Core requests a read operation to B Core.
Signed-off-by: chenrun1 <chenrun1@xiaomi.com>
Piyush Patle
karaketir16
Vlad Pruteanu
SPRESENSE
makejian
Alin Jerpelea
Niccolò Maggioni
Ville Juven
raiden00pl
Lars Kruse
ouyangxiangzhen
Xiang Xiao
guoshichao
chenrun1
Masayuki Ishikawa