Werner Almesberger
2016-01-15 17:42:21 UTC
Some more new firmware features:
- The account database code was fairly inefficient, and decrypted
records way too often, e.g., also when only stepping through the
list.
It now uses lazy decrypting. Also, the directory code is now much
more efficient and robust.
All this means that navigating a real-life database (with 45
accounts so far) is now without noticeable delay.
- To measure delays, I added a performance monitor. It is enabled
in the setup menu on the login screen ("Perfmon on/off"). When
the performance monitor is on, it displays the number of
milliseconds it took to process the last tap.
(fw/ui/std.c:std_tap)
- The sideways scrolling had a nasty bug: if the line was partially
outside the visible display area, the code tried to draw pixels
off-screen. display_set and display_clr oops in that case.
This was somewhat tricky to track down. The "oops" code so far
only showed at which line the problem was detected. Now it also
displays a stack trace. You can test this (also in the simulator)
with "Panic" in the login setup menu.
Speaking of the simulator, debugging this issue would have been
very easy there, but it didn't have the same draconian sanity
checks in display_set and display_clr as the real firmware. Now
it does.
- When in standby, the bottom button can be used to check the
authentication state: if a previous authentication is still valid,
the LED will be lit while the button is pressed.
The LED still flashes periodically when authenticated in standby,
but I've reduced the frequency from a nervous 0.5 Hz to a more
sedate 0.2 Hz.
If keeping the bottom button pressed for more than 1.5 seconds,
the authentication is zapped. This is a shortcut for quickly
dropping an authentication, without having to bring up the user
interface.
There is one small usage inconsistency: if Anelok is in one of
the shallower sleep states (Dark1, Dark2, or Ready), i.e., when
the screen is dark but it can be awakened instantly with any
button press, the bottom button just turns on the display and
does not perform authentication check or zap shortcut.
For consistency, I should probably add the zap shortcut in this
mode, too.
- Last but not least, I integrated uNaCl:
https://gitlab.com/anelok/doc/wikis/Task_unacl
The speedup is pretty impressive: the time to generate the shared
secret (i.e., the "login delay") is now down from what felt like
2-3 seconds to well below one second.
Oh, and password safes et al. recently got obsoleted. For once, the
scientific breakthrough doesn't come from xkcd but from SMBC:
http://www.smbc-comics.com/index.php?id=3955
- Werner
- The account database code was fairly inefficient, and decrypted
records way too often, e.g., also when only stepping through the
list.
It now uses lazy decrypting. Also, the directory code is now much
more efficient and robust.
All this means that navigating a real-life database (with 45
accounts so far) is now without noticeable delay.
- To measure delays, I added a performance monitor. It is enabled
in the setup menu on the login screen ("Perfmon on/off"). When
the performance monitor is on, it displays the number of
milliseconds it took to process the last tap.
(fw/ui/std.c:std_tap)
- The sideways scrolling had a nasty bug: if the line was partially
outside the visible display area, the code tried to draw pixels
off-screen. display_set and display_clr oops in that case.
This was somewhat tricky to track down. The "oops" code so far
only showed at which line the problem was detected. Now it also
displays a stack trace. You can test this (also in the simulator)
with "Panic" in the login setup menu.
Speaking of the simulator, debugging this issue would have been
very easy there, but it didn't have the same draconian sanity
checks in display_set and display_clr as the real firmware. Now
it does.
- When in standby, the bottom button can be used to check the
authentication state: if a previous authentication is still valid,
the LED will be lit while the button is pressed.
The LED still flashes periodically when authenticated in standby,
but I've reduced the frequency from a nervous 0.5 Hz to a more
sedate 0.2 Hz.
If keeping the bottom button pressed for more than 1.5 seconds,
the authentication is zapped. This is a shortcut for quickly
dropping an authentication, without having to bring up the user
interface.
There is one small usage inconsistency: if Anelok is in one of
the shallower sleep states (Dark1, Dark2, or Ready), i.e., when
the screen is dark but it can be awakened instantly with any
button press, the bottom button just turns on the display and
does not perform authentication check or zap shortcut.
For consistency, I should probably add the zap shortcut in this
mode, too.
- Last but not least, I integrated uNaCl:
https://gitlab.com/anelok/doc/wikis/Task_unacl
The speedup is pretty impressive: the time to generate the shared
secret (i.e., the "login delay") is now down from what felt like
2-3 seconds to well below one second.
Oh, and password safes et al. recently got obsoleted. For once, the
scientific breakthrough doesn't come from xkcd but from SMBC:
http://www.smbc-comics.com/index.php?id=3955
- Werner