Version
5.9.0
Description
During testing, we encountered a trap when wc_InitRng() was called. The trap was triggered by a write to one of the RNG structure fields:
rng->drbg = NULL;
The code runs on Infineon TriCore TC29 and TC26 devices, whose architecture only supports word-aligned pointers.
See https://resources.tasking.com/sites/default/files/2021-02/TASKING_Alignment%20Requirements%20Restrictions_WEB.pdf
We examined the memory and saw that the drbg field was not word-aligned.
We fixed this by adding the __align(4) directive to the WC_RNG struct definition to enforce word alignment. The structure now looks as follows:
/* RNG context */
struct WC_RNG {
struct OS_Seed seed;
void* heap;
byte status;
#if defined(WC_RNG_BANK_SUPPORT) || defined(HAVE_HASHDRBG)
#ifdef HAVE_ANONYMOUS_INLINE_AGGREGATES
union {
#endif
#ifdef WC_RNG_BANK_SUPPORT
struct wc_rng_bank *bankref;
#endif
#ifdef HAVE_HASHDRBG
#ifdef HAVE_ANONYMOUS_INLINE_AGGREGATES
struct {
#endif
/* Hash-based Deterministic Random Bit Generator */
struct DRBG* drbg;
#if defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_STATIC_MEMORY)
struct DRBG_internal drbg_data;
#endif
#ifdef WOLFSSL_SMALL_STACK_CACHE
/* Scratch buffers -- all preallocated by _InitRng(). */
struct DRBG_internal *drbg_scratch;
byte *health_check_scratch;
byte *newSeed_buf;
#endif
#ifdef HAVE_ANONYMOUS_INLINE_AGGREGATES
};
#endif
#endif /* HAVE_HASHDRBG */
#ifdef HAVE_ANONYMOUS_INLINE_AGGREGATES
};
#endif
#endif /* WC_RNG_BANK_SUPPORT || HAVE_HASHDRBG */
#if defined(HAVE_GETPID) && !defined(WOLFSSL_NO_GETPID)
pid_t pid;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
int devId;
#endif
} __align(4);We are not sure if this was caused by our user settings or if this could potentially affect other structs or memory accesses.
Our user_settings.h looks like this:
//Platform/Porting
//======================================================
/* Define a macro to display user settings version in example code: */
#define WOLFSSL_USER_SETTINGS_ID "TriCore TC29 user_settings.h"
#define NO_FILESYSTEM
#define SINGLE_THREADED
/* disable the built-in socket support and use the IO callbacks */
#define WOLFSSL_NO_SOCK
/* user recv/send callbacks for network IO */
#define WOLFSSL_USER_IO
#define NO_WRITEV
#define WOLFSSL_IGNORE_FILE_WARN
/* Time porting */
#define TIME_OVERRIDES
#define HAVE_TIME_T_TYPE
extern volatile unsigned long jiffies;
static inline long XTIME(long *x) { return jiffies;}
#define WOLFSSL_USER_CURRTIME
#define NO_ASN_TIME
/* Allow user supplied ptr type */
#define WC_PTR_TYPE
/*-- strcasecmp */
#define XSTRCASECMP(s1,s2) strcmp((s1),(s2))
#define WOLFSSL_NO_ATOMIC
#define WOLFSSL_GENSEED_FORTEST
//#define CUSTOM_RAND_GENERATE_SEED(output, sz) (rand_gen_seed)
/* wolfSSL comes bundled with test certificate and key files */
/*These buffers are available in certs_test.h when defining one or more of USE_CERT_BUFFERS_1024, USE_CERT_BUFFERS_2048, or USE_CERT_BUFFERS_256*/
//#define USE_CERT_BUFFERS_2048
/* USE_FAST_MATH is default */
#define USE_FAST_MATH
/*The ALT_ECC_SIZE option can only be enabled with USE_FAST_MATH.*/
//#define ALT_ECC_SIZE
//Memory Usage
//======================================================
//#define WOLFSSL_STATIC_MEMORY
//#define WOLFSSL_STATIC_MEMORY_LEAN
//#define WOLFSSL_NO_MALLOC
/* Cannot use WOLFSSL_NO_MALLOC with small stack? */
#define WOLFSSL_SMALL_STACK
//#define WOLFSSL_SMALL_STACK_EXTRA
//#define WOLFSSL_SMALL_STACK_CIPHERS
//#define MICRO_SESSION_CACHE
#define NO_SESSION_CACHE
#define WOLFSSL_LOW_MEMORY
#ifdef WOLFSSL_NO_MALLOC
#define WOLFSSL_DYN_CERT
#endif
//TLS Settings
//======================================================
#define NO_TLS
#define NO_WOLFSSL_SERVER
#define NO_WOLFSSL_CLIENT
#define NO_OLD_TLS
#undef HAVE_TLS_EXTENSIONS
#undef HAVE_SUPPORTED_CURVES
/* TLS 1.3 */
#define WOLFSSL_TLS13
#if defined ( WOLFSSL_TLS13 )
#define HAVE_TLS_EXTENSIONS
#define WC_RSA_PSS
#define HAVE_AEAD
#endif
#define HAVE_HKDF
//Algorithms/Features
//======================================================
//#undef WOLFSSL_ASN_TEMPLATE
/* Enable PRNG (SHA2-256) */
#define HAVE_HASHDRBG
#define HAVE_AESGCM
#define HAVE_ECC
#define HAVE_ECC_ENCRYPT
/* Reduce memory usage */
//#define USE_SLOW_SHA256
#define WOLFSSL_BASE64_ENCODE
/*Disable unused algorithms/features */
//#define NO_RSA
#define WC_NO_RSA_OAEP
#define NO_DH
#define NO_DSA
#define NO_RC4
#define NO_MD5
#define NO_SHA
#define NO_PSK
#define NO_HC128
#define NO_RABBIT
#define NO_MD4
#define NO_DES3
#define NO_PWDBASED
#define NO_AES_256
#define NO_AES_192
#define NO_ASN_TIME
#define NO_MULTIBYTE_PRINT
#define NO_OLD_WC_NAMES
#define NO_OLD_POLY1305
#define WOLFSSL_NOSHA512_224
#define WOLFSSL_NOSHA512_256Should there be an option for every struct to specify alignment and/or other packing methods?
Version
5.9.0
Description
During testing, we encountered a trap when wc_InitRng() was called. The trap was triggered by a write to one of the RNG structure fields:
rng->drbg = NULL;The code runs on Infineon TriCore TC29 and TC26 devices, whose architecture only supports word-aligned pointers.
See https://resources.tasking.com/sites/default/files/2021-02/TASKING_Alignment%20Requirements%20Restrictions_WEB.pdf
We examined the memory and saw that the drbg field was not word-aligned.
We fixed this by adding the
__align(4)directive to the WC_RNG struct definition to enforce word alignment. The structure now looks as follows:We are not sure if this was caused by our user settings or if this could potentially affect other structs or memory accesses.
Our user_settings.h looks like this:
Should there be an option for every struct to specify alignment and/or other packing methods?