From 5c30d9262765a4ce45047cbb05949528ad8e87ab Mon Sep 17 00:00:00 2001 From: s-hadinger <49731213+s-hadinger@users.noreply.github.com> Date: Sun, 25 Aug 2024 23:10:48 +0200 Subject: [PATCH] BearSSL panic on ESP8266 in rare conditions (#22017) --- CHANGELOG.md | 1 + .../bearssl-esp8266/src/ec/ec_prime_i15.c | 2 +- .../bearssl-esp8266/src/rsa/rsa_i15_priv.c | 6 ++--- lib/lib_ssl/bearssl-esp8266/src/t_inner.h | 6 ++--- lib/lib_ssl/tls_mini/src/StackThunk_light.cpp | 22 +++++++++++++++++++ lib/lib_ssl/tls_mini/src/StackThunk_light.h | 2 ++ 6 files changed, 32 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ffefd0bf0..4c12efde0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ All notable changes to this project will be documented in this file. - Matter fixed UI bug when no endpoints configured - Zigbee extend timeout for MCU reboot from 5s to 10s - Matter fix when Rules are disabled +- BearSSL panic on ESP8266 in rare conditions ### Removed diff --git a/lib/lib_ssl/bearssl-esp8266/src/ec/ec_prime_i15.c b/lib/lib_ssl/bearssl-esp8266/src/ec/ec_prime_i15.c index 63d90fcf1..62bf46d05 100644 --- a/lib/lib_ssl/bearssl-esp8266/src/ec/ec_prime_i15.c +++ b/lib/lib_ssl/bearssl-esp8266/src/ec/ec_prime_i15.c @@ -465,7 +465,7 @@ run_code(jacobian *P1, const jacobian *P2, memcpy(t[P1x], P1->c, 3 * I15_LEN * sizeof(uint16_t)); memcpy(t[P2x], P2->c, 3 * I15_LEN * sizeof(uint16_t)); - optimistic_yield(10000); + stack_thunk_yield(); /* * Run formulas. diff --git a/lib/lib_ssl/bearssl-esp8266/src/rsa/rsa_i15_priv.c b/lib/lib_ssl/bearssl-esp8266/src/rsa/rsa_i15_priv.c index 6c09a427c..b456a069e 100644 --- a/lib/lib_ssl/bearssl-esp8266/src/rsa/rsa_i15_priv.c +++ b/lib/lib_ssl/bearssl-esp8266/src/rsa/rsa_i15_priv.c @@ -141,7 +141,7 @@ br_rsa_i15_private(unsigned char *x, const br_rsa_private_key *sk) mp = mq + 2 * fwlen; memmove(mp, t1, fwlen * sizeof *t1); - optimistic_yield(10000); + stack_thunk_yield(); /* * Compute s2 = x^dq mod q. @@ -152,7 +152,7 @@ br_rsa_i15_private(unsigned char *x, const br_rsa_private_key *sk) r &= br_i15_modpow_opt(s2, sk->dq, sk->dqlen, mq, q0i, mq + 3 * fwlen, TLEN - 3 * fwlen); - optimistic_yield(10000); + stack_thunk_yield(); /* * Compute s1 = x^dq mod q. @@ -184,7 +184,7 @@ br_rsa_i15_private(unsigned char *x, const br_rsa_private_key *sk) br_i15_decode_reduce(t1, sk->iq, sk->iqlen, mp); br_i15_montymul(t2, s1, t1, mp, p0i); - optimistic_yield(10000); + stack_thunk_yield(); /* * h is now in t2. We compute the final result: diff --git a/lib/lib_ssl/bearssl-esp8266/src/t_inner.h b/lib/lib_ssl/bearssl-esp8266/src/t_inner.h index d5fecd71b..de08990e5 100644 --- a/lib/lib_ssl/bearssl-esp8266/src/t_inner.h +++ b/lib/lib_ssl/bearssl-esp8266/src/t_inner.h @@ -2598,16 +2598,16 @@ br_cpuid(uint32_t mask_eax, uint32_t mask_ebx, #define _debugBearSSL (0) #ifdef ESP8266 - extern void optimistic_yield(uint32_t); + extern void stack_thunk_yield(void); #else - #define optimistic_yield(ignored) + #define stack_thunk_yield(ignored) #endif #ifdef __cplusplus } #endif #else - #define optimistic_yield(ignored) + #define stack_thunk_yield(ignored) #endif #ifdef ESP32 diff --git a/lib/lib_ssl/tls_mini/src/StackThunk_light.cpp b/lib/lib_ssl/tls_mini/src/StackThunk_light.cpp index f41c8df59..098752c88 100644 --- a/lib/lib_ssl/tls_mini/src/StackThunk_light.cpp +++ b/lib/lib_ssl/tls_mini/src/StackThunk_light.cpp @@ -35,6 +35,9 @@ extern "C" { +extern void yield(); +extern bool can_yield(); + uint32_t *stack_thunk_light_ptr = NULL; uint32_t *stack_thunk_light_top = NULL; uint32_t *stack_thunk_light_save = NULL; /* Saved A1 while in BearSSL */ @@ -48,6 +51,25 @@ uint32_t stack_thunk_light_refcnt = 0; #endif #define _stackPaint 0xdeadbeef +void stack_thunk_yield() +{ + if (can_yield()) { + uint32_t tmp; + register uint32_t* save __asm__("a3") = stack_thunk_light_save; + + __asm__ __volatile__ ( + "mov.n %0, a1\n\t" + "mov.n a1, %1\n\t" + : "=r"(tmp) : "r"(save) : "memory"); + + yield(); + + __asm__ __volatile__ ( + "mov.n a1, %0\n\t" + :: "r"(tmp) : "memory"); + } +} + /* Add a reference, and allocate the stack if necessary */ void stack_thunk_light_add_ref() { diff --git a/lib/lib_ssl/tls_mini/src/StackThunk_light.h b/lib/lib_ssl/tls_mini/src/StackThunk_light.h index 9fa562655..ca6701422 100644 --- a/lib/lib_ssl/tls_mini/src/StackThunk_light.h +++ b/lib/lib_ssl/tls_mini/src/StackThunk_light.h @@ -32,6 +32,8 @@ extern "C" { #endif +extern void stack_thunk_yield(); + extern void stack_thunk_light_add_ref(); extern void stack_thunk_light_del_ref(); extern void stack_thunk_light_repaint();