Closed kaspar030 closed 1 year ago
I fixed the free linker error. As expected, now mbedtls is missing an entropy source:
When doing cargo run --no-default-features --features psa
in examples/edhoc-rs-no_std:
...
Running `qemu-system-arm -cpu cortex-m3 -machine lm3s6965evb -nographic -semihosting-config enable=on,target=native -kernel /home/kaspar/src/edhoc-rs/target/thumbv7m-none-eabi/debug/edhoc-rs-no_std`
Timer with period zero, disabling
Hello, hacspec!
panicked at 'called `Result::unwrap()` on an `Err` value: InsufficientEntropy', crypto/edhoc-crypto-psa/src/lib.rs:16:24
Info on how to add a source for mbedtls in C is straight forward, but not so much going through rust-psa-crypto -> rust-psa-crypto-sys -> mbedtls. :(
Two commits pushed:
First one fixes the missing entropy source issue by:
mbedtls_hardware_poll
function in psa crypto library, andcrypto_baremetal
build with MBEDTLS_ENTROPY_HARDWARE_ALT
define, now in the baremetal
branch on my fork of mbedtls.The second commit adds a full handshake test which unfortunately fails to link with the following output:
= note: rust-lld: warning: section type mismatch for .got
>>> <internal>:(.got): SHT_PROGBITS
>>> output section .got: SHT_NOBITS
rust-lld: warning: section type mismatch for .got.plt
>>> <internal>:(.got.plt): SHT_PROGBITS
>>> output section .got: SHT_NOBITS
rust-lld: warning: section type mismatch for .got
>>> <internal>:(.got): SHT_PROGBITS
>>> output section .got: SHT_NOBITS
rust-lld: error: undefined symbol: calloc
>>> referenced by platform.c
>>> platform.c.obj:(mbedtls_calloc_func) in archive /Users/malishav/Software/edhoc-rs/target/thumbv7m-none-eabi/debug/deps/libpsa_crypto_sys-a033baa857b1b4c9.rlib
>>> did you mean: malloc
>>> defined in: /Users/malishav/Software/edhoc-rs/target/thumbv7m-none-eabi/debug/deps/edhoc_rs_no_std-8b0cfcca31d2f4f7.8qrvu5iabanhtea.rcgu.o
rust-lld: error: undefined symbol: strstr
>>> referenced by pem.c:246 (/Users/malishav/.cargo/git/checkouts/rust-psa-crypto-e072e91dbdaa7d8f/efd8cf4/psa-crypto-sys/vendor/library/pem.c:246)
>>> pem.c.obj:(mbedtls_pem_read_buffer) in archive /Users/malishav/Software/edhoc-rs/target/thumbv7m-none-eabi/debug/deps/libpsa_crypto_sys-a033baa857b1b4c9.rlib
>>> referenced by pem.c:251 (/Users/malishav/.cargo/git/checkouts/rust-psa-crypto-e072e91dbdaa7d8f/efd8cf4/psa-crypto-sys/vendor/library/pem.c:251)
>>> pem.c.obj:(mbedtls_pem_read_buffer) in archive /Users/malishav/Software/edhoc-rs/target/thumbv7m-none-eabi/debug/deps/libpsa_crypto_sys-a033baa857b1b4c9.rlib
rust-lld: error: undefined symbol: mbedtls_psa_platform_get_builtin_key
>>> referenced by psa_crypto_slot_management.c:295 (/Users/malishav/.cargo/git/checkouts/rust-psa-crypto-e072e91dbdaa7d8f/efd8cf4/psa-crypto-sys/vendor/library/psa_crypto_slot_management.c:295)
>>> psa_crypto_slot_management.c.obj:(psa_load_builtin_key_into_slot) in archive /Users/malishav/Software/edhoc-rs/target/thumbv7m-none-eabi/debug/deps/libpsa_crypto_sys-a033baa857b1b4c9.rlib
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 74 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 268 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 462 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 476 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 490 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 534 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 578 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 628 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 678 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 708 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 738 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 768 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 798 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 828 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 858 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 888 bytes
rust-lld: error: section '.text' will not fit in region 'FLASH': overflowed by 918 bytes
rust-lld: error: too many errors emitted, stopping now (use --error-limit=0 to see all errors)
Hooray! I got the full handshake to work on thumbv7m-none-eabi
target and the test passes when executed in the QEMU simulator using: cargo run --no-default-features --features psa --release
!
Note the usage of the --release
flag. Without it, the linker fails due to the lack of flash memory (the linker is configured with 256K limit for flash!?). However, when a similar example is built for CC2538 (changes in a separate branch), without the --release
flag, things run smoothly in 512K.
To get this to work, I had to:
static-alloc
to embedded-alloc
, and allocate 1024 Bytes for heap. With static-alloc
no matter the size of the buffer I tried, panic is thrown as hacspec fails to allocate internal arrays.MBEDTLS_MEMORY_BUFFER_ALLOC_C
) and to call the appropriate C init function (mbedtls_memory_buffer_alloc_init
) from Rust with an array of size 8192 Bytes.@kaspar030 let me know if you see any showstopper to merging this PR, otherwise feel free to remove the Draft status so that we go ahead with the merge!
Hooray! I got the full handshake to work on
thumbv7m-none-eabi
target and the test passes when executed in the QEMU simulator using:cargo run --no-default-features --features psa --release
!
Awesome!
Without it, the linker fails due to the lack of flash memory (the linker is configured with 256K limit for flash!?).
Yup, the emulated board only has that much configured. IIUC that's hard-coded in the QEMU sources for that particular emulated SoC (lm3s6965evb). There's probably some other board with more flash.
I've tried to just do 'RUSTFLAGS=-Copt-level=s', but that hard-faults unfortunately.
Yep, there isn't much we can do about the memory footprint at this point as it is due to mbedtls and the hacspec dependencies. Proceeding with merge here
This PR wires up the PSA backend to
examples/edhoc-rs-no_std
. (it's #28 rebased on main)This is using a rust-psa-crypto fork, need to upstream needed no_std/baremetal patches. Also, the no_std fixes are hard-coded, so this breaks the psa std build
TODO: