Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Lib lpc55 rng seed #1820

Open
wants to merge 16 commits into
base: master
Choose a base branch
from
Open

Lib lpc55 rng seed #1820

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
5a6ce9e
lpc55-rng: Move Lpc55Core and Lpc55Rng to a library.
flihp Jun 27, 2024
6551ef3
lpc55-rng: Combine Lpc55Core and Lpc55Rng.
flihp Jun 27, 2024
6427006
lpc55-rng: cleanup some nonsense
flihp Jun 27, 2024
dd1dbc0
lpc55-rng: Streamline the `fill` loop & increase the read buffer size.
flihp Jun 27, 2024
f76e271
lpc55-rng: Make ReseedingRng generic over the reseeder.
flihp Jun 27, 2024
c16168f
lpc55-rng: Include 32 bytes from the last PRNG instance when reseeding.
flihp May 22, 2024
67828cf
lpc55-rng: Include DICE derived seed in initial PRNG seed.
flihp May 22, 2024
0c8a4be
lpc55-rng: Include SN from platform id cert in initial PRNG seed.
flihp Jun 14, 2024
6036d0e
oxide-rot-1: Add rng task to app-dev.toml.
flihp Jul 23, 2024
bce3889
Pass lpc55 PMC & RNG devices as parameters to Lpc55Rng 'new'.
flihp Sep 24, 2024
c29dffa
Panic if RNG is powered off after Lpc55Rng instantiation.
flihp Sep 24, 2024
cf2704f
Make safety comment on code loading data from handoff region true.
flihp Sep 24, 2024
bf092d3
Undo increased stack usage from cf2704fae6.
flihp Sep 26, 2024
11f962a
Create inputs to `Lpc55Rng::new` in dedicated scope.
flihp Sep 26, 2024
de27347
Restructure the construction of the server.
flihp Sep 25, 2024
b43295c
Use `mutable-static` to create hash instance.
flihp Sep 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion app/lpc55xpresso/app.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,7 @@ name = "drv-lpc55-rng"
priority = 3
uses = ["rng", "pmc"]
start = true
stacksize = 3904
stacksize = 3504
task-slots = ["syscon_driver"]
extern-regions = ["dice_certs", "dice_rng"]

Expand Down
1 change: 1 addition & 0 deletions drv/lpc55-rng/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ drv-lpc55-syscon-api = { path = "../lpc55-syscon-api" }
drv-rng-api = { path = "../rng-api" }
lib-dice.path = "../../lib/dice"
lib-lpc55-rng.path = "../../lib/lpc55-rng"
mutable-statics.path = "../../lib/mutable-statics"
ringbuf.path = "../../lib/ringbuf"
stage0-handoff = { path = "../../lib/stage0-handoff", optional = true }
userlib = { path = "../../sys/userlib", features = ["panic-messages"] }
Expand Down
34 changes: 22 additions & 12 deletions drv/lpc55-rng/src/main.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ use idol_runtime::{ClientError, NotificationHandler, RequestError};
use lib_dice::{persistid_cert_tmpl::SUBJECT_CN_LENGTH, RngSeed, SeedBuf};
use lib_lpc55_rng::Lpc55Rng;
use lpc55_pac::Peripherals;
use mutable_statics::mutable_statics;
use rand_chacha::ChaCha20Rng;
use rand_core::{impls, Error, RngCore, SeedableRng};
use ringbuf::ringbuf;
Expand Down Expand Up @@ -53,12 +54,12 @@ enum Trace {
ringbuf!(Trace, 16, Trace::None);

// low-budget rand::rngs::adapter::ReseedingRng w/o fork stuff
struct ReseedingRng<T: SeedableRng, R: RngCore, H: Digest> {
struct ReseedingRng<T: SeedableRng, R: RngCore, H: Digest + 'static> {
inner: T,
reseeder: R,
threshold: usize,
bytes_until_reseed: usize,
mixer: H,
mixer: &'static mut H,
}

impl<T, R, H> ReseedingRng<T, R, H>
Expand All @@ -73,28 +74,28 @@ where
mut reseeder: R,
pid: Option<&[u8; SUBJECT_CN_LENGTH]>,
threshold: usize,
mixer: &'static mut H,
) -> Result<Self, Error> {
let threshold = if threshold == 0 {
usize::MAX
} else {
threshold
};

let mut mixer = H::default();
if let Some(seed) = seed {
// mix platform unique seed derived by measured boot
Digest::update(&mut mixer, seed.as_bytes());
Digest::update(mixer, seed.as_bytes());
}

if let Some(pid) = pid {
// mix in unique platform id
Digest::update(&mut mixer, pid);
Digest::update(mixer, pid);
}

// w/ 32 bytes from HRNG
let mut buf = Zeroizing::new(T::Seed::default());
reseeder.try_fill_bytes(buf.as_mut())?;
Digest::update(&mut mixer, buf.as_ref());
Digest::update(mixer, buf.as_ref());

// create initial instance of the SeedableRng from the seed
let inner = T::from_seed(mixer.finalize_fixed_reset().into());
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FYI, you might see lighter stack usage here by using one of the finalize_into operations, instead of returning the array. It might also not change anything. Hard to tell.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This approach seems to be thwarted by T::from_seed taking ownership of the seed. If we keep a GenericArray in the ReseedingRng to hold the digest we end up having to clone it in try_fill_bytes. If we keep a [u8; 32] in the ReseedingRng the compiler will do the copy for us. This ends up taking up more stack not less. I didn't commit this experiment to this PR branch but put a wip here if you think it could be made to work.

Expand Down Expand Up @@ -144,11 +145,11 @@ where

// mix 32 bytes from current PRNG instance
self.inner.try_fill_bytes(buf.as_mut())?;
Digest::update(&mut self.mixer, buf.as_mut());
Digest::update(self.mixer, buf.as_mut());

// w/ 32 bytes from HRNG
self.reseeder.try_fill_bytes(buf.as_mut())?;
Digest::update(&mut self.mixer, buf.as_mut());
Digest::update(self.mixer, buf.as_mut());

// seed new RNG instance & reset mixer
self.inner =
Expand All @@ -163,7 +164,7 @@ where
}
}

struct Lpc55RngServer<T: SeedableRng, R: RngCore, H: Digest>(
struct Lpc55RngServer<T: SeedableRng, R: RngCore, H: Digest + 'static>(
ReseedingRng<T, R, H>,
);

Expand Down Expand Up @@ -283,13 +284,22 @@ fn main() -> ! {
)
};

let mixer = mutable_statics! {
static mut MIXER: [Sha3_256; 1] = [Sha3_256::new; _];
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the change I had in mind -- I'm surprised it didn't reduce stack usage more! Oh well. It's still an improvement.

};

let reseeding_rng: ReseedingRng<ChaCha20Rng, Lpc55Rng, Sha3_256> = {
let seed = get_dice_seed();
let pid = get_seed_personalization();
let threshold = 0x100000; // 1 MiB

ReseedingRng::new(seed.as_ref(), rng, pid.as_ref(), threshold)
.unwrap_lite()
ReseedingRng::new(
seed.as_ref(),
rng,
pid.as_ref(),
threshold,
&mut mixer[0],
)
.unwrap_lite()
};

let mut server = Lpc55RngServer(reseeding_rng);
Expand Down