lp://qastaging/ipxe
- Get this branch:
- bzr branch lp://qastaging/ipxe
Branch information
Import details
This branch is an import of the HEAD branch of the Git repository at https://github.com/ipxe/ipxe.git.
Last successful import was .
Recent revisions
- 6529. By Michael Brown <email address hidden>
-
[efi] Add EFI_TCG2_PROTOCOL header and GUID definition
Signed-off-by: Michael Brown <email address hidden>
- 6528. By Michael Brown <email address hidden>
-
[efi] Update to current EDK2 headers
Signed-off-by: Michael Brown <email address hidden>
- 6527. By Michael Brown <email address hidden>
-
[crypto] Calculate inverse of modulus on demand in bigint_montgomery()
Reduce the number of parameters passed to bigint_montgomery() by
calculating the inverse of the modulus modulo the element size on
demand. Cache the result, since Montgomery reduction will be used
repeatedly with the same modulus value.In all currently supported algorithms, the modulus is a public value
(or a fixed value defined by specification) and so this non-constant
timing does not leak any private information.Signed-off-by: Michael Brown <email address hidden>
- 6526. By Michael Brown <email address hidden>
-
[gve] Run startup process only while device is open
The startup process is scheduled to run when the device is opened and
terminated (if still running) when the device is closed. It assumes
that the resource allocation performed in gve_open() has taken place,
and that the admin and transmit/receive data structure pointers are
therefore valid.The process initialisation in gve_probe() erroneously calls
process_init() rather than process_init_stopped( ) and will therefore
schedule the startup process immediately, before the relevant
resources have been allocated.This bug is masked in the typical use case of a Google Cloud instance
with a single NIC built with the config/cloud/gce. ipxe embedded
script, since the embedded script will immediately open the NIC (and
therefore allocate the required resources) before the scheduled
process is allowed to run for the first time. In a multi-NIC
instance, undefined behaviour will arise as soon as the startup
process for the second NIC is allowed to run.Fix by using process_
init_stopped( ) to avoid implicitly scheduling the
startup process during gve_probe().Originally-
fixed-by: Kal Cutter Conley <email address hidden>
Signed-off-by: Michael Brown <email address hidden> - 6525. By Michael Brown <email address hidden>
-
[crypto] Remove obsolete bigint_
mod_multiply( ) There is no further need for a standalone modular multiplication
primitive, since the only consumer is modular exponentiation (which
now uses Montgomery multiplication instead).Remove the now obsolete bigint_
mod_multiply( ). Signed-off-by: Michael Brown <email address hidden>
- 6524. By Michael Brown <email address hidden>
-
[crypto] Use Montgomery reduction for modular exponentiation
Speed up modular exponentiation by using Montgomery reduction rather
than direct modular reduction.Montgomery reduction in base 2^n requires the modulus to be coprime to
2^n, which would limit us to requiring that the modulus is an odd
number. Extend the implementation to include support for
exponentiation with even moduli via Garner's algorithm as described in
"Montgomery reduction with even modulus" (KoƧ, 1994).Since almost all use cases for modular exponentation require a large
prime (and hence odd) modulus, the support for even moduli could
potentially be removed in future.Signed-off-by: Michael Brown <email address hidden>
- 6523. By Michael Brown <email address hidden>
-
[crypto] Add bigint_montgomery() to perform Montgomery reduction
Montgomery reduction is substantially faster than direct reduction,
and is better suited for modular exponentiation operations.Add bigint_montgomery() to perform the Montgomery reduction operation
(often referred to as "REDC"), along with some test vectors.Signed-off-by: Michael Brown <email address hidden>
- 6522. By Michael Brown <email address hidden>
-
[crypto] Use inverse size as effective size for bigint_mod_invert()
Montgomery reduction requires only the least significant element of an
inverse modulo 2^k, which in turn depends upon only the least
significant element of the invertend.Use the inverse size (rather than the invertend size) as the effective
size for bigint_mod_invert( ). This eliminates around 97% of the loop
iterations for a typical 2048-bit RSA modulus.Signed-off-by: Michael Brown <email address hidden>
- 6521. By Michael Brown <email address hidden>
-
[crypto] Eliminate temporary working space for bigint_mod_invert()
With a slight modification to the algorithm to ignore bits of the
residue that can never contribute to the result, it is possible to
reuse the as-yet uncalculated portions of the inverse to hold the
residue. This removes the requirement for additional temporary
working space.Signed-off-by: Michael Brown <email address hidden>
- 6520. By Michael Brown <email address hidden>
-
[crypto] Eliminate temporary working space for bigint_reduce()
Direct modular reduction is expected to be used in situations where
there is no requirement to retain the original (unreduced) value.Modify the API for bigint_reduce() to reduce the value in place,
(removing the separate result buffer), impose a constraint that the
modulus and value have the same size, and require the modulus to be
passed in writable memory (to allow for scaling in place). This
removes the requirement for additional temporary working space.Reverse the order of arguments so that the constant input is first,
to match the usage pattern for bigint_add() et al.Signed-off-by: Michael Brown <email address hidden>
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)