Merge pull request #548 from danielinux/encrypt_cache_in_stack

dgarske · web-flow · commit 574f68b9847e · 2025-03-27T11:07:13.000-07:00
Move encrypt cache to stack
diff --git a/docs/encrypted_partitions.md b/docs/encrypted_partitions.md
@@ -179,6 +179,13 @@ as template. The file `hal/stm32l0_chacha_ram.ld` contains the changes described
 all the needed symbols in RAM.
 
 
+### Using a custom buffer as encrypt/decrypt cache
+
+By default, encryption support requires a buffer of the same size as the external flash page size to be allocated in RAM.
+You can provide a custom pre-allocated buffer by passing its address via the option `ENCRYPT_CACHE`, e.g.:
+
+`ENCRYPT_CACHE=0x20010000`
+
 ### API usage in the application
 
 When transferring the image, the application can still use the libwolfboot API functions to store the encrypted firmware. When called from the application,
diff --git a/include/image.h b/include/image.h
@@ -74,6 +74,7 @@ int wolfBot_get_dts_size(void *dts_addr);
 #  endif
 #endif
 
+
 /* Helpers for memory alignment */
 #ifndef XALIGNED
     #if defined(__GNUC__) || defined(__llvm__) || \
@@ -90,6 +91,15 @@ int wolfBot_get_dts_size(void *dts_addr);
     #endif
 #endif
 
+#ifndef XALIGNED_STACK
+    /* Don't enforce stack alignment on IAR */
+    #if defined (__IAR_SYSTEMS_ICC__)
+        #define XALIGNED_STACK(x)
+    #else
+        #define XALIGNED_STACK(x) XALIGNED(x)
+    #endif
+#endif
+
 
 #ifndef WOLFBOOT_FLAGS_INVERT
 #define SECT_FLAG_NEW      0x0F
diff --git a/options.mk b/options.mk
@@ -770,6 +770,14 @@ ifeq ($(RAM_CODE),1)
   endif
 endif
 
+# Support external encryption cache
+#
+ifeq ($(ENCRYPT),1)
+  ifeq ($(ENCRYPT_CACHE),1)
+	CFLAGS+=-D"WOLFBOOT_ENCRYPT_CACHE=$(ENCRYPT_CACHE)"
+  endif
+endif
+
 # support for elf32 or elf64 loader
 ifeq ($(ELF),1)
   CFLAGS+=-DWOLFBOOT_ELF
diff --git a/src/libwolfboot.c b/src/libwolfboot.c
@@ -177,7 +177,7 @@ static const uint32_t wolfboot_magic_trail = WOLFBOOT_MAGIC_TRAIL;
 
 #include <stddef.h>
 #include <string.h>
-static uint8_t NVM_CACHE[NVM_CACHE_SIZE] __attribute__((aligned(16)));
+static uint8_t NVM_CACHE[NVM_CACHE_SIZE] XALIGNED(16);
 static int nvm_cached_sector = 0;
 static uint8_t get_base_offset(uint8_t *base, uintptr_t off)
 {
@@ -1334,16 +1334,21 @@ int wolfBoot_fallback_is_possible(void)
 
 #ifdef EXT_ENCRYPTED
 #include "encrypt.h"
+
 #if !defined(EXT_FLASH) && !defined(MMU)
-#error option EXT_ENCRYPTED requires EXT_FLASH or MMU mode
+    #error option EXT_ENCRYPTED requires EXT_FLASH or MMU mode
 #endif
 
-
-
-#ifdef NVM_FLASH_WRITEONCE
-#define ENCRYPT_CACHE NVM_CACHE
+#ifndef WOLFBOOT_ENCRYPT_CACHE
+    #ifdef NVM_FLASH_WRITEONCE
+        #define ENCRYPT_CACHE NVM_CACHE
+    #else
+        #ifdef WOLFBOOT_SMALL_STACK
+        static uint8_t ENCRYPT_CACHE[NVM_CACHE_SIZE] XALIGNED(32);
+        #endif
+    #endif
 #else
-static uint8_t ENCRYPT_CACHE[NVM_CACHE_SIZE] __attribute__((aligned(32)));
+    #define ENCRYPT_CACHE (WOLFBOOT_ENCRYPT_CACHE)
 #endif
 
 #if defined(EXT_ENCRYPTED) && defined(MMU)
@@ -1356,6 +1361,11 @@ static int RAMFUNCTION hal_set_key(const uint8_t *k, const uint8_t *nonce)
     int ret = 0;
     int sel_sec = 0;
     uint32_t trailer_relative_off = 4;
+
+#if !defined(WOLFBOOT_SMALL_STACK) && !defined(NVM_FLASH_WRITEONCE) && !defined(WOLFBOOT_ENCRYPT_CACHE)
+    uint8_t ENCRYPT_CACHE[NVM_CACHE_SIZE] XALIGNED_STACK(32);
+#endif
+
 #ifdef MMU
     XMEMCPY(ENCRYPT_KEY, k, ENCRYPT_KEY_SIZE);
     XMEMCPY(ENCRYPT_KEY + ENCRYPT_KEY_SIZE, nonce, ENCRYPT_NONCE_SIZE);
@@ -1692,6 +1702,9 @@ int RAMFUNCTION ext_flash_encrypt_write(uintptr_t address, const uint8_t *data,
     int sz = len, i, step;
     uint8_t part;
     uint32_t iv_counter = 0;
+#if defined(EXT_ENCRYPTED) && !defined(WOLFBOOT_SMALL_STACK) && !defined(NVM_FLASH_WRITEONCE)
+    uint8_t ENCRYPT_CACHE[NVM_CACHE_SIZE] XALIGNED_STACK(32);
+#endif
 
     row_offset = address & (ENCRYPT_BLOCK_SIZE - 1);
     if (row_offset != 0) {
diff --git a/src/update_disk.c b/src/update_disk.c
@@ -79,7 +79,7 @@ extern uint8_t _end_wb[];
  */
 void RAMFUNCTION wolfBoot_start(void)
 {
-    uint8_t p_hdr[IMAGE_HEADER_SIZE] __attribute__((aligned(16)));
+    uint8_t p_hdr[IMAGE_HEADER_SIZE] XALIGNED_STACK(16);
     struct stage2_parameter *stage2_params;
     struct wolfBoot_image os_image;
     int pA_ver = 0, pB_ver = 0;
diff --git a/tools/config.mk b/tools/config.mk
@@ -111,4 +111,5 @@ CONFIG_VARS:= ARCH TARGET SIGN HASH MCUXSDK MCUXPRESSO MCUXPRESSO_CPU MCUXPRESSO
 	NO_ARM_ASM \
 	SIGN_SECONDARY \
 	WOLFHSM_CLIENT \
-	WOLFHSM_CLIENT_LOCAL_KEYS
+	WOLFHSM_CLIENT_LOCAL_KEYS \
+	ENCRYPT_CACHE
diff --git a/tools/keytools/user_settings.h b/tools/keytools/user_settings.h
@@ -29,7 +29,9 @@
 #include <stdint.h>
 
 /* System */
-#define WOLFBOOT_KEYTOOLS
+#ifndef WOLFBOOT_KEYTOOLS
+    #define WOLFBOOT_KEYTOOLS
+#endif
 #define SINGLE_THREADED
 #define WOLFCRYPT_ONLY
 
diff --git a/tools/unit-tests/unit-extflash.c b/tools/unit-tests/unit-extflash.c
@@ -47,6 +47,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include "user_settings.h"
+#include "image.h"
 
 #include "libwolfboot.c"
 

Original file line number	Diff line number	Diff line change
`@@ -79,7 +79,7 @@ extern uint8_t _end_wb[];`
`79`	`79`	`*/`
`80`	`80`	`void RAMFUNCTION wolfBoot_start(void)`
`81`	`81`	`{`
`82`		`- uint8_t p_hdr[IMAGE_HEADER_SIZE] __attribute__((aligned(16)));`
	`82`	`+ uint8_t p_hdr[IMAGE_HEADER_SIZE] XALIGNED_STACK(16);`
`83`	`83`	`struct stage2_parameter *stage2_params;`
`84`	`84`	`struct wolfBoot_image os_image;`
`85`	`85`	`int pA_ver = 0, pB_ver = 0;`