From a672187f4b94bf66303ea1af55f49f3f50d91eab Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 27 Sep 2023 10:44:51 -0700 Subject: [PATCH] * Fix for building on MacOS (new keystore section issues). * Fix for `WOLFBOOT_SMALL_STACK` and custom XMALLOC with TFM (ECC). * Fix for library.o workaround. * Added new `WOLFBOOT_DEBUG_MALLOC` option to help diagnosing malloc failures. --- .github/workflows/test-configs.yml | 33 ++++++++++++- .github/workflows/test-keytools.yml | 10 ++-- CMakeLists.txt | 18 ++++--- Makefile | 4 +- arch.mk | 7 +++ config/examples/library.config | 2 - config/examples/sim-ecc.config | 18 ------- config/examples/sim-rsa.config | 19 -------- config/examples/sim.config | 12 +++-- include/user_settings.h | 13 +++-- options.mk | 4 +- src/xmalloc.c | 74 ++++++++++++++++++++++++++--- tools/keytools/keygen.c | 11 ++++- 13 files changed, 151 insertions(+), 74 deletions(-) delete mode 100644 config/examples/sim-ecc.config delete mode 100644 config/examples/sim-rsa.config diff --git a/.github/workflows/test-configs.yml b/.github/workflows/test-configs.yml index defaaecba..18c7aa293 100644 --- a/.github/workflows/test-configs.yml +++ b/.github/workflows/test-configs.yml @@ -95,11 +95,42 @@ jobs: config-file: ./config/examples/raspi3.config make-args: wolfboot.bin CROSS_COMPILE=aarch64-linux-gnu- - sim_test: + sim_tfm_smallstack_test: uses: ./.github/workflows/test-build.yml with: arch: host config-file: ./config/examples/sim.config + make-args: WOLFBOOT_SMALL_STACK=1 + + sim_tfm_bigstack_test: + uses: ./.github/workflows/test-build.yml + with: + arch: host + config-file: ./config/examples/sim.config + make-args: WOLFBOOT_SMALL_STACK=0 WOLFBOOT_HUGE_STACK=1 + + sim_spmathall_smallstack_test: + uses: ./.github/workflows/test-build.yml + with: + arch: host + config-file: ./config/examples/sim.config + make-args: SPMATHALL=1 WOLFBOOT_SMALL_STACK=1 + + sim_spmathall_bigsack_test: + uses: ./.github/workflows/test-build.yml + with: + arch: host + config-file: ./config/examples/sim.config + make-args: SPMATHALL=1 WOLFBOOT_SMALL_STACK=0 WOLFBOOT_HUGE_STACK=1 + + sim_spmath_bigstack_test: + uses: ./.github/workflows/test-build.yml + with: + arch: host + config-file: ./config/examples/sim.config + make-args: SPMATH=1 WOLFBOOT_SMALL_STACK=0 WOLFBOOT_HUGE_STACK=1 + + # TODO: SP math with small stack has issues stm32f4_small_blocks_uart_update_test: uses: ./.github/workflows/test-build.yml diff --git a/.github/workflows/test-keytools.yml b/.github/workflows/test-keytools.yml index e297c3de1..e323aa701 100644 --- a/.github/workflows/test-keytools.yml +++ b/.github/workflows/test-keytools.yml @@ -23,7 +23,7 @@ jobs: - name: Select config run: | - cp config/examples/sim-ecc.config .config && make include/target.h + cp config/examples/sim.config .config && make include/target.h - name: Build tools run: | @@ -31,7 +31,7 @@ jobs: - name: Build wolfboot run: | - make ${{inputs.make-args}} + make SIGN=ECC256 HASH=SHA256 - name: Generate external key run: | @@ -73,7 +73,7 @@ jobs: - name: Build wolfboot run: | - make ${{inputs.make-args}} + make SIGN=ED25519 HASH=SHA256 - name: Generate external key run: | @@ -107,7 +107,7 @@ jobs: - name: Select config run: | - cp config/examples/sim-rsa.config .config && make include/target.h + cp config/examples/sim.config .config && make include/target.h - name: Build tools run: | @@ -115,7 +115,7 @@ jobs: - name: Build wolfboot run: | - make ${{inputs.make-args}} + make SIGN=RSA2048 HASH=SHA256 - name: Generate external key run: | diff --git a/CMakeLists.txt b/CMakeLists.txt index 34ab52b3c..c84943cf6 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -285,7 +285,11 @@ if(SIGN STREQUAL "NONE") set(WOLFBOOT_SIGNING_PRIVATE_KEY "" CACHE INTERNAL "") - set(STACK_USAGE 1216) + if(HASH STREQUAL "SHA384") + set(STACK_USAGE 3760) + else() + set(STACK_USAGE 1216) + endif() list(APPEND SIGN_OPTIONS WOLFBOOT_NO_SIGN) else() set(WOLFBOOT_SIGNING_PRIVATE_KEY ${CMAKE_CURRENT_BINARY_DIR}/wolfboot_signing_private_key.der) @@ -312,9 +316,9 @@ if(SIGN STREQUAL "ECC256") if(WOLFBOOT_SMALL_STACK) set(STACK_USAGE 4096) elseif(NOT SPMATH) - set(STACK_USAGE 5008) + set(STACK_USAGE 5264) else() - set(STACK_USAGE 3952) + set(STACK_USAGE 7632) endif() if(${IMAGE_HEADER_SIZE} LESS 256) @@ -333,7 +337,7 @@ if(SIGN STREQUAL "ECC384") elseif(NOT SPMATH) set(STACK_USAGE 11248) else() - set(STACK_USAGE 5880) + set(STACK_USAGE 11216) endif() if(${IMAGE_HEADER_SIZE} LESS 512) @@ -367,7 +371,7 @@ if(SIGN STREQUAL "ED25519") list(APPEND SIGN_OPTIONS WOLFBOOT_SIGN_ED25519) if(NOT DEFINED STACK_USAGE) - set(STACK_USAGE 1180) + set(STACK_USAGE 5000) endif() if(${IMAGE_HEADER_SIZE} LESS 256) @@ -412,7 +416,7 @@ if(SIGN STREQUAL "RSA2048") elseif(NOT SPMATH) set(STACK_USAGE 35952) else() - set(STACK_USAGE 12288) + set(STACK_USAGE 17568) endif() if(${IMAGE_HEADER_SIZE} LESS 512) @@ -430,7 +434,7 @@ if(SIGN STREQUAL "RSA4096") if(NOT SPMATH) set(STACK_USAGE 5888) else() - set(STACK_USAGE 4096) + set(STACK_USAGE 5768) endif() elseif(NOT SPMATH) set(STACK_USAGE 69232) diff --git a/Makefile b/Makefile index a3a316055..0606e2202 100644 --- a/Makefile +++ b/Makefile @@ -117,8 +117,8 @@ stage1/loader_stage1.bin: FORCE @echo "\t[BIN] $@" $(Q)$(MAKE) -C $(dir $@) $(notdir $@) -test-lib: $(OBJS) - $(Q)$(CC) $(CFLAGS) -o $@ $^ +test-lib: include/target.h $(OBJS) + $(Q)$(CC) $(CFLAGS) -o $@ $(OBJS) wolfboot.efi: wolfboot.elf @echo "\t[BIN] $@" diff --git a/arch.mk b/arch.mk index 8cd8d352d..0ba7ef7ed 100644 --- a/arch.mk +++ b/arch.mk @@ -716,6 +716,10 @@ ifeq ($(TARGET),sim) LD_END_GROUP= BOOT_IMG=test-app/image.elf CFLAGS+=-DARCH_SIM + ifeq ($(SPMATH),1) + MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_c32.o + CFLAGS+=-DWOLFSSL_SP_DIV_WORD_HALF + endif endif CFLAGS+=-DARCH_FLASH_OFFSET=$(ARCH_FLASH_OFFSET) @@ -731,9 +735,12 @@ ifeq ($(DUALBANK_SWAP),1) UPDATE_OBJS:=src/update_flash_hwswap.o endif +# Set default update object (if not library) +ifneq ($(TARGET),library) ifeq ($(UPDATE_OBJS),) UPDATE_OBJS:=./src/update_flash.o endif +endif ## wolfBoot origin ifeq ($(WOLFBOOT_ORIGIN),) diff --git a/config/examples/library.config b/config/examples/library.config index c5270014a..5e20bfffe 100644 --- a/config/examples/library.config +++ b/config/examples/library.config @@ -1,8 +1,6 @@ ARCH= NO_LOADER=1 USE_GCC_HEADLESS=0 -# ends up double including this to work around defaulting to update_flash -UPDATE_OBJS:=hal/library.o TARGET=library WOLFBOOT_SMALL_STACK=1 SIGN?=ED25519 diff --git a/config/examples/sim-ecc.config b/config/examples/sim-ecc.config deleted file mode 100644 index 1ad26942b..000000000 --- a/config/examples/sim-ecc.config +++ /dev/null @@ -1,18 +0,0 @@ -ARCH=sim -TARGET=sim -SIGN?=ECC256 -HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 -SPI_FLASH=0 -DEBUG=1 - -# sizes should be multiple of system page size -WOLFBOOT_PARTITION_SIZE=0x40000 -WOLFBOOT_SECTOR_SIZE=0x1000 -WOLFBOOT_PARTITION_BOOT_ADDRESS=0x20000 -# if on external flash, it should be multiple of system page size -WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x60000 -WOLFBOOT_PARTITION_SWAP_ADDRESS=0xA0000 - -# required for keytools -WOLFBOOT_FIXED_PARTITIONS=1 diff --git a/config/examples/sim-rsa.config b/config/examples/sim-rsa.config deleted file mode 100644 index 8ed3cfefa..000000000 --- a/config/examples/sim-rsa.config +++ /dev/null @@ -1,19 +0,0 @@ -ARCH=sim -TARGET=sim -SIGN?=RSA2048 -HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 -SPI_FLASH=0 -DEBUG=1 -SPMATHALL=1 - -# sizes should be multiple of system page size -WOLFBOOT_PARTITION_SIZE=0x40000 -WOLFBOOT_SECTOR_SIZE=0x1000 -WOLFBOOT_PARTITION_BOOT_ADDRESS=0x20000 -# if on external flash, it should be multiple of system page size -WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x60000 -WOLFBOOT_PARTITION_SWAP_ADDRESS=0xA0000 - -# required for keytools -WOLFBOOT_FIXED_PARTITIONS=1 diff --git a/config/examples/sim.config b/config/examples/sim.config index 11faf04f2..6bd914dff 100644 --- a/config/examples/sim.config +++ b/config/examples/sim.config @@ -2,17 +2,21 @@ ARCH=sim TARGET=sim SIGN?=ED25519 HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SPI_FLASH=0 DEBUG=1 +SPMATH?=0 # sizes should be multiple of system page size WOLFBOOT_PARTITION_SIZE=0x40000 WOLFBOOT_SECTOR_SIZE=0x1000 -WOLFBOOT_PARTITION_BOOT_ADDRESS=0x20000 +WOLFBOOT_PARTITION_BOOT_ADDRESS=0x80000 # if on external flash, it should be multiple of system page size -WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x60000 -WOLFBOOT_PARTITION_SWAP_ADDRESS=0xA0000 +WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x100000 +WOLFBOOT_PARTITION_SWAP_ADDRESS=0x180000 # required for keytools WOLFBOOT_FIXED_PARTITIONS=1 + +# For debugging XMALLOC/XFREE +#CFLAGS_EXTRA+=-DWOLFBOOT_DEBUG_MALLOC diff --git a/include/user_settings.h b/include/user_settings.h index 0d1b44b13..43e7148cf 100644 --- a/include/user_settings.h +++ b/include/user_settings.h @@ -30,12 +30,12 @@ # include "test-app/wcs/user_settings.h" #else - #include /* System */ #define WOLFSSL_GENERAL_ALIGNMENT 4 #define SINGLE_THREADED +#define WOLFSSL_USER_MUTEX /* avoid wc_port.c wc_InitAndAllocMutex */ #define WOLFCRYPT_ONLY #define SIZEOF_LONG_LONG 8 @@ -166,14 +166,14 @@ extern int tolower(int c); defined(WOLFBOOT_SIGN_RSA4096) || \ defined(WOLFCRYPT_SECURE_MODE) - -# define WC_RSA_BLINDING +# define WC_RSA_BLINDING # define WC_RSA_DIRECT # define RSA_LOW_MEM # define WC_ASN_HASH_SHA256 # if !defined(WOLFBOOT_TPM) && !defined(WOLFCRYPT_SECURE_MODE) # define WOLFSSL_RSA_VERIFY_INLINE # define WOLFSSL_RSA_VERIFY_ONLY +# define WOLFSSL_RSA_PUBLIC_ONLY # define WC_NO_RSA_OAEP # endif # if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH_ALL) @@ -369,6 +369,9 @@ extern int tolower(int c); #define WOLFSSL_NO_SOCK #define WOLFSSL_IGNORE_FILE_WARN #define NO_ERROR_STRINGS +#define NO_PKCS12 +#define NO_PKCS8 +#define NO_CHECK_PRIVATE_KEY #define BENCH_EMBEDDED #define NO_CRYPT_TEST @@ -392,13 +395,13 @@ extern int tolower(int c); # define WOLFSSL_SP_NO_MALLOC # define WOLFSSL_SP_NO_DYN_STACK # endif -# if !defined(ARCH_SIM) && !defined(SECURE_PKCS11) +# if !defined(SECURE_PKCS11) # define WOLFSSL_NO_MALLOC # endif #else # if defined(WOLFBOOT_HUGE_STACK) # error "Cannot use SMALL_STACK=1 with HUGE_STACK=1" -#endif +# endif # define WOLFSSL_SMALL_STACK #endif diff --git a/options.mk b/options.mk index bae89a7c2..12a43ad77 100644 --- a/options.mk +++ b/options.mk @@ -77,9 +77,9 @@ ifeq ($(SIGN),ECC256) STACK_USAGE=6680 else ifneq ($(SPMATH),1) - STACK_USAGE=5008 + STACK_USAGE=5264 else - STACK_USAGE=7600 + STACK_USAGE=7632 endif endif endif diff --git a/src/xmalloc.c b/src/xmalloc.c index bc4912b77..7e307d70b 100644 --- a/src/xmalloc.c +++ b/src/xmalloc.c @@ -36,6 +36,12 @@ #include "target.h" +#ifdef WOLFBOOT_DEBUG_MALLOC +#include +#endif + + + struct xmalloc_slot { uint8_t *addr; uint32_t size; @@ -62,6 +68,7 @@ struct xmalloc_slot { #ifndef USE_FAST_MATH /* SP MATH */ #ifdef WOLFBOOT_SIGN_ECC256 + #define MP_SCHEME "SP ECC256" #define MP_CURVE_SPECS_SIZE (76) #ifdef WOLFSSL_SP_ARM_CORTEX_M_ASM #define MP_POINT_SIZE (196) @@ -76,6 +83,7 @@ struct xmalloc_slot { #endif #endif /* WOLFBOOT_SIGN_ECC256 */ #ifdef WOLFBOOT_SIGN_ECC384 + #define MP_SCHEME "SP ECC384" #define MP_CURVE_SPECS_SIZE (108) #ifdef WOLFSSL_SP_ARM_CORTEX_M_ASM #define MP_POINT_SIZE (292) @@ -108,16 +116,28 @@ struct xmalloc_slot { /* TFM */ #define MP_INT_TYPE_SIZE ((sizeof (fp_int))) #ifdef WOLFBOOT_SIGN_ECC256 + #define MP_SCHEME "TFM ECC256" #define MP_CURVE_SPECS_SIZE (MP_INT_TYPE_SIZE) #define MP_CURVE_FIELD_COUNT_SIZE (380) - #define ECC_POINT_SIZE (228) - #define MP_INT_BUFFER_SIZE (MP_INT_TYPE_SIZE * 6) + #ifdef WOLFSSL_SMALL_STACK + #define ECC_POINT_SIZE (312) + #define MP_INT_BUFFER_SIZE (MP_INT_TYPE_SIZE * 5) + #define MP_INT_BUFFER_SIZE_1 (MP_INT_TYPE_SIZE * 6) + #else + #define ECC_POINT_SIZE (228) + #define MP_INT_BUFFER_SIZE (MP_INT_TYPE_SIZE * 6) + #endif #define MP_DIGIT_BUFFER_MONT_SIZE (sizeof(fp_digit)*(FP_SIZE + 1)) #endif #ifdef WOLFBOOT_SIGN_ECC384 + #define MP_SCHEME "TFM ECC384" #define MP_CURVE_SPECS_SIZE (MP_INT_TYPE_SIZE) #define MP_CURVE_FIELD_COUNT_SIZE (380) - #define ECC_POINT_SIZE (408) + #ifdef WOLFSSL_SMALL_STACK + #define ECC_POINT_SIZE (504) + #else + #define ECC_POINT_SIZE (408) + #endif #define MP_INT_BUFFER_SIZE (MP_INT_TYPE_SIZE * 5) #define MP_INT_BUFFER_SIZE_1 (MP_INT_TYPE_SIZE * 6) #define MP_DIGIT_BUFFER_MONT_SIZE (sizeof(fp_digit)*(FP_SIZE + 1)) @@ -139,7 +159,7 @@ struct xmalloc_slot { static uint8_t ecc_point4[ECC_POINT_SIZE]; static uint8_t ecc_point5[ECC_POINT_SIZE]; static uint8_t mp_buffer0[MP_INT_BUFFER_SIZE]; - #ifdef WOLFBOOT_SIGN_ECC384 + #ifdef MP_INT_BUFFER_SIZE_1 static uint8_t mp_buffer1[MP_INT_BUFFER_SIZE_1]; #endif static uint8_t mp_digits_buffer[MP_DIGIT_BUFFER_MONT_SIZE]; @@ -191,7 +211,7 @@ static struct xmalloc_slot xmalloc_pool[] = { { ecc_point4, ECC_POINT_SIZE, 0}, { ecc_point5, ECC_POINT_SIZE, 0}, { mp_buffer0, MP_INT_BUFFER_SIZE, 0}, - #ifdef WOLFBOOT_SIGN_ECC384 + #ifdef MP_INT_BUFFER_SIZE_1 { mp_buffer1, MP_INT_BUFFER_SIZE_1, 0}, #endif { mp_digits_buffer, MP_DIGIT_BUFFER_MONT_SIZE, 0}, @@ -201,6 +221,7 @@ static struct xmalloc_slot xmalloc_pool[] = { #elif defined WOLFBOOT_SIGN_ED25519 +#define MP_SCHEME "ED25519" static uint32_t sha_block[HASH_BLOCK_SIZE]; static uint32_t sha512_block[sizeof(word64) * 16]; @@ -217,6 +238,7 @@ static struct xmalloc_slot xmalloc_pool[] = { #include +#define MP_SCHEME "ED448" #define GE448_WINDOW_BUF_SIZE 448 static uint32_t aslide[GE448_WINDOW_BUF_SIZE / sizeof(uint32_t)]; @@ -239,11 +261,12 @@ static struct xmalloc_slot xmalloc_pool[] = { #elif defined(WOLFBOOT_SIGN_RSA2048) || defined(WOLFBOOT_SIGN_RSA4096) || \ - defined(WOLFBOOT_SIGN_RSA3072) + defined(WOLFBOOT_SIGN_RSA3072) static uint32_t sha_block[HASH_BLOCK_SIZE]; #ifndef USE_FAST_MATH #ifdef WOLFBOOT_SIGN_RSA2048 + #define MP_SCHEME "SP RSA2048" #ifdef WOLFSSL_SP_ARM_CORTEX_M_ASM #define MPDIGIT_BUF0_SIZE (MP_DIGIT_SIZE * 64 * 5) #else @@ -252,6 +275,7 @@ static uint32_t sha_block[HASH_BLOCK_SIZE]; static uint8_t mp_digit_buf1[MPDIGIT_BUF1_SIZE]; #endif #elif defined WOLFBOOT_SIGN_RSA3072 + #define MP_SCHEME "SP RSA3072" #ifdef WOLFSSL_SP_ARM_CORTEX_M_ASM #define MPDIGIT_BUF0_SIZE (MP_DIGIT_SIZE * 96 * 5) #else @@ -262,6 +286,7 @@ static uint32_t sha_block[HASH_BLOCK_SIZE]; #else + #define MP_SCHEME "SP RSA4096" #ifdef WOLFSSL_SP_ARM_CORTEX_M_ASM #define MPDIGIT_BUF0_SIZE (MP_DIGIT_SIZE * 128 * 5) #else @@ -282,6 +307,7 @@ static uint32_t sha_block[HASH_BLOCK_SIZE]; { NULL, 0, 0} }; #else + #define MP_SCHEME "TFM RSA" #define MP_INT_TYPE_SIZE (sizeof(mp_int)) #define MP_MONT_REDUCE_BUF_SIZE (sizeof(fp_digit)*(FP_SIZE + 1)) static uint8_t mp_int_buffer0[MP_INT_TYPE_SIZE]; @@ -306,6 +332,7 @@ static uint32_t sha_block[HASH_BLOCK_SIZE]; #elif defined WOLFBOOT_NO_SIGN +#define MP_SCHEME "NONE" static uint32_t sha_block[HASH_BLOCK_SIZE]; static struct xmalloc_slot xmalloc_pool[] = { #if defined(WOLFBOOT_HASH_SHA256) || defined(WOLFBOOT_HASH_SHA384) @@ -314,30 +341,63 @@ static struct xmalloc_slot xmalloc_pool[] = { { NULL, 0, 0} }; -#else +#else # error "No cipher selected." #endif +#ifdef WOLFBOOT_DEBUG_MALLOC + static void dump_pool(void) + { + size_t i; + for (i=0; i