Merge pull request #548 from danielinux/encrypt_cache_in_stack

Move encrypt cache to stack
2025-03-27 11:07:13 -07:00 · 2025-03-27 11:07:13 -07:00 · 574f68b984
parent d13f3260ab 076cd1d6c4
commit 574f68b984
8 changed files with 52 additions and 10 deletions
--- a/docs/encrypted_partitions.md
+++ b/docs/encrypted_partitions.md
@ -179,6 +179,13 @@ as template. The file `hal/stm32l0_chacha_ram.ld` contains the changes described
 all the needed symbols in RAM.


+### Using a custom buffer as encrypt/decrypt cache
+
+By default, encryption support requires a buffer of the same size as the external flash page size to be allocated in RAM.
+You can provide a custom pre-allocated buffer by passing its address via the option `ENCRYPT_CACHE`, e.g.:
+
+`ENCRYPT_CACHE=0x20010000`
+
 ### API usage in the application

 When transferring the image, the application can still use the libwolfboot API functions to store the encrypted firmware. When called from the application,
--- a/include/image.h
+++ b/include/image.h
@ -74,6 +74,7 @@ int wolfBot_get_dts_size(void *dts_addr);
 #  endif
 #endif

+
 /* Helpers for memory alignment */
 #ifndef XALIGNED
    #if defined(__GNUC__) || defined(__llvm__) || \
@ -90,6 +91,15 @@ int wolfBot_get_dts_size(void *dts_addr);
    #endif
 #endif

+#ifndef XALIGNED_STACK
+    /* Don't enforce stack alignment on IAR */
+    #if defined (__IAR_SYSTEMS_ICC__)
+        #define XALIGNED_STACK(x)
+    #else
+        #define XALIGNED_STACK(x) XALIGNED(x)
+    #endif
+#endif
+

 #ifndef WOLFBOOT_FLAGS_INVERT
 #define SECT_FLAG_NEW      0x0F
--- a/options.mk
+++ b/options.mk
@ -770,6 +770,14 @@ ifeq ($(RAM_CODE),1)
  endif
 endif

+# Support external encryption cache
+#
+ifeq ($(ENCRYPT),1)
+  ifeq ($(ENCRYPT_CACHE),1)
+	CFLAGS+=-D"WOLFBOOT_ENCRYPT_CACHE=$(ENCRYPT_CACHE)"
+  endif
+endif
+
 # support for elf32 or elf64 loader
 ifeq ($(ELF),1)
  CFLAGS+=-DWOLFBOOT_ELF
--- a/src/libwolfboot.c
+++ b/src/libwolfboot.c
@ -177,7 +177,7 @@ static const uint32_t wolfboot_magic_trail = WOLFBOOT_MAGIC_TRAIL;

 #include <stddef.h>
 #include <string.h>
-static uint8_t NVM_CACHE[NVM_CACHE_SIZE] __attribute__((aligned(16)));
+static uint8_t NVM_CACHE[NVM_CACHE_SIZE] XALIGNED(16);
 static int nvm_cached_sector = 0;
 static uint8_t get_base_offset(uint8_t *base, uintptr_t off)
 {
@ -1334,16 +1334,21 @@ int wolfBoot_fallback_is_possible(void)

 #ifdef EXT_ENCRYPTED
 #include "encrypt.h"
+
 #if !defined(EXT_FLASH) && !defined(MMU)
-#error option EXT_ENCRYPTED requires EXT_FLASH or MMU mode
+    #error option EXT_ENCRYPTED requires EXT_FLASH or MMU mode
 #endif

-
-
-#ifdef NVM_FLASH_WRITEONCE
-#define ENCRYPT_CACHE NVM_CACHE
+#ifndef WOLFBOOT_ENCRYPT_CACHE
+    #ifdef NVM_FLASH_WRITEONCE
+        #define ENCRYPT_CACHE NVM_CACHE
+    #else
+        #ifdef WOLFBOOT_SMALL_STACK
+        static uint8_t ENCRYPT_CACHE[NVM_CACHE_SIZE] XALIGNED(32);
+        #endif
+    #endif
 #else
-static uint8_t ENCRYPT_CACHE[NVM_CACHE_SIZE] __attribute__((aligned(32)));
+    #define ENCRYPT_CACHE (WOLFBOOT_ENCRYPT_CACHE)
 #endif

 #if defined(EXT_ENCRYPTED) && defined(MMU)
@ -1356,6 +1361,11 @@ static int RAMFUNCTION hal_set_key(const uint8_t *k, const uint8_t *nonce)
    int ret = 0;
    int sel_sec = 0;
    uint32_t trailer_relative_off = 4;
+
+#if !defined(WOLFBOOT_SMALL_STACK) && !defined(NVM_FLASH_WRITEONCE) && !defined(WOLFBOOT_ENCRYPT_CACHE)
+    uint8_t ENCRYPT_CACHE[NVM_CACHE_SIZE] XALIGNED_STACK(32);
+#endif
+
 #ifdef MMU
    XMEMCPY(ENCRYPT_KEY, k, ENCRYPT_KEY_SIZE);
    XMEMCPY(ENCRYPT_KEY + ENCRYPT_KEY_SIZE, nonce, ENCRYPT_NONCE_SIZE);
@ -1692,6 +1702,9 @@ int RAMFUNCTION ext_flash_encrypt_write(uintptr_t address, const uint8_t *data,
    int sz = len, i, step;
    uint8_t part;
    uint32_t iv_counter = 0;
+#if defined(EXT_ENCRYPTED) && !defined(WOLFBOOT_SMALL_STACK) && !defined(NVM_FLASH_WRITEONCE)
+    uint8_t ENCRYPT_CACHE[NVM_CACHE_SIZE] XALIGNED_STACK(32);
+#endif

    row_offset = address & (ENCRYPT_BLOCK_SIZE - 1);
    if (row_offset != 0) {
--- a/src/update_disk.c
+++ b/src/update_disk.c
@ -79,7 +79,7 @@ extern uint8_t _end_wb[];
 */
 void RAMFUNCTION wolfBoot_start(void)
 {
-    uint8_t p_hdr[IMAGE_HEADER_SIZE] __attribute__((aligned(16)));
+    uint8_t p_hdr[IMAGE_HEADER_SIZE] XALIGNED_STACK(16);
    struct stage2_parameter *stage2_params;
    struct wolfBoot_image os_image;
    int pA_ver = 0, pB_ver = 0;
--- a/tools/config.mk
+++ b/tools/config.mk
@ -111,4 +111,5 @@ CONFIG_VARS:= ARCH TARGET SIGN HASH MCUXSDK MCUXPRESSO MCUXPRESSO_CPU MCUXPRESSO
 	NO_ARM_ASM \
 	SIGN_SECONDARY \
 	WOLFHSM_CLIENT \
-	WOLFHSM_CLIENT_LOCAL_KEYS
+	WOLFHSM_CLIENT_LOCAL_KEYS \
+	ENCRYPT_CACHE
--- a/tools/keytools/user_settings.h
+++ b/tools/keytools/user_settings.h
@ -29,7 +29,9 @@
 #include <stdint.h>

 /* System */
-#define WOLFBOOT_KEYTOOLS
+#ifndef WOLFBOOT_KEYTOOLS
+    #define WOLFBOOT_KEYTOOLS
+#endif
 #define SINGLE_THREADED
 #define WOLFCRYPT_ONLY

--- a/tools/unit-tests/unit-extflash.c
+++ b/tools/unit-tests/unit-extflash.c
@ -47,6 +47,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include "user_settings.h"
+#include "image.h"

 #include "libwolfboot.c"