Working code with second stack thunking

Author: earlephilhower

cores/esp8266/cont.h

@@ -24,7 +24,7 @@
 #include <stdbool.h>
 
 #ifndef CONT_STACKSIZE
-#define CONT_STACKSIZE (4096+4500)
+#define CONT_STACKSIZE 4096
 #endif
 
 #ifdef __cplusplus

libraries/ESP8266WiFi/src/BearSSLThunks.S

@@ -0,0 +1,102 @@
+/*
+  esp8266_thunks.S - Allow use second stack for BearSSL calls
+
+  BearSSL uses a significant amount of stack space, much larger than
+  the default Arduino core stack. These routines handle swapping
+  between a secondary, user-allocated stack on the heap and the real
+  stack.
+
+  Copyright (c) 2017 Earle F. Philhower, III. All rights reserved.
+
+  This library is free software; you can redistribute it and/or
+  modify it under the terms of the GNU Lesser General Public
+  License as published by the Free Software Foundation; either
+  version 2.1 of the License, or (at your option) any later version.
+
+  This library is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public
+  License along with this library; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+  Modified 8 May 2015 by Hristo Gochkov (proper post and file upload handling)
+*/
+
+#ifdef ESP8266
+
+/* We need to keep track of the end of the thunking stack and the */
+/* original stack pointer (A1). Keep them local here. */
+.data
+.align 4
+_stackEnd: .word 0x00000000
+_saveStack: .word 0x00000000
+
+
+
+/* void SetThunkStackEnd(unsigned int *end);
+ *  
+ * Stores the address of the user-allocated thunking stack (be sure to pass
+ * in the *end* of the stack (highest value) since stacks move down on this
+ * architecture.
+ */
+.text
+.global SetThunkStackEnd
+.type SetThunkStackEnd, @function
+.align 4
+SetThunkStackEnd:
+  movi a15, _stackEnd
+  s32i a2, a15, 0
+  ret
+  .size SetThunkStackEnd, . - SetThunkStackEnd
+
+
+/*
+ * Thunk code generator macro.  Only works for functions whose parameters
+ * are passed in registers (up to 6 params).
+ */
+
+.macro thunk fcnName
+  .text
+  .global thunk_\fcnName
+  .type thunk_\fcnName, @function
+  .align 4
+  thunk_\fcnName:
+    addi a1, a1, -16      /* Allocate space for saved registers on stack */
+    
+    s32i a0, a1, 12       /* Store A0, trounced by calls */
+    s32i a15, a1, 8       /* Store A15 (our temporary one) */
+  
+    movi a15, _saveStack  /* Store A1(SP) in temp space */
+    s32i a1, a15, 0
+  
+    movi a15, _stackEnd   /* Load A1(SP) with thunk stack */
+    l32i.n a1, a15, 0
+  
+    call0 \fcnName        /* Do the call */
+  
+    movi a15, _saveStack  /* Restore A1(SP) */
+    l32i.n a1, a15, 0
+    
+    l32i.n a15, a1, 8     /* Restore the saved registers */
+    l32i.n a0, a1, 12
+
+    addi a1, a1, 16       /* Free up stack and return to caller */
+    ret
+  .size thunk_\fcnName, . - thunk_\fcnName
+.endm
+
+/* Actual thunks */
+
+/* Only a few stack-hungry calls need to be thunked */
+thunk br_ssl_engine_recvapp_ack
+thunk br_ssl_engine_recvapp_buf
+thunk br_ssl_engine_recvrec_ack
+thunk br_ssl_engine_recvrec_buf
+thunk br_ssl_engine_sendapp_ack
+thunk br_ssl_engine_sendapp_buf
+thunk br_ssl_engine_sendrec_ack
+thunk br_ssl_engine_sendrec_buf
+
+#endif

libraries/ESP8266WiFi/src/BearSSLThunks.h

@@ -0,0 +1,47 @@
+/*
+  esp8266_thunks.h - Allow use second stack for BearSSL calls
+
+  BearSSL uses a significant amount of stack space, much larger than
+  the default Arduino core stack. These routines handle swapping
+  between a secondary, user-allocated stack on the heap and the real
+  stack.
+
+  Copyright (c) 2017 Earle F. Philhower, III. All rights reserved.
+
+  This library is free software; you can redistribute it and/or
+  modify it under the terms of the GNU Lesser General Public
+  License as published by the Free Software Foundation; either
+  version 2.1 of the License, or (at your option) any later version.
+
+  This library is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public
+  License along with this library; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+  Modified 8 May 2015 by Hristo Gochkov (proper post and file upload handling)
+*/
+
+#ifndef _BearSSLThunks_H
+#define _BearSSLThunks_H
+
+extern "C" {
+
+#include <bearssl/bearssl.h>
+
+extern void SetThunkStackEnd(unsigned int *end);
+
+extern unsigned char *thunk_br_ssl_engine_recvapp_buf( const br_ssl_engine_context *cc, size_t *len);
+extern void thunk_br_ssl_engine_recvapp_ack(br_ssl_engine_context *cc, size_t len);
+extern unsigned char *thunk_br_ssl_engine_recvrec_buf( const br_ssl_engine_context *cc, size_t *len);
+extern void thunk_br_ssl_engine_recvrec_ack(br_ssl_engine_context *cc, size_t len);
+extern unsigned char *thunk_br_ssl_engine_sendapp_buf( const br_ssl_engine_context *cc, size_t *len);
+extern void thunk_br_ssl_engine_sendapp_ack(br_ssl_engine_context *cc, size_t len);
+extern unsigned char *thunk_br_ssl_engine_sendrec_buf( const br_ssl_engine_context *cc, size_t *len);
+extern void thunk_br_ssl_engine_sendrec_ack(br_ssl_engine_context *cc, size_t len);
+
+}
+
+#endif

libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.cpp

@@ -34,6 +34,7 @@ extern "C" {
 #include "ESP8266WiFi.h"
 #include "WiFiClient.h"
 #include "WiFiClientSecureBearSSL.h"
+#include "BearSSLThunks.h"
 #include "lwip/opt.h"
 #include "lwip/ip.h"
 #include "lwip/tcp.h"
@@ -43,6 +44,16 @@ extern "C" {
 #include "c_types.h"
 #include "coredecls.h"
 
+#define br_ssl_engine_recvapp_ack thunk_br_ssl_engine_recvapp_ack
+#define br_ssl_engine_recvapp_buf thunk_br_ssl_engine_recvapp_buf
+#define br_ssl_engine_recvrec_ack thunk_br_ssl_engine_recvrec_ack
+#define br_ssl_engine_recvrec_buf thunk_br_ssl_engine_recvrec_buf
+#define br_ssl_engine_sendapp_ack thunk_br_ssl_engine_sendapp_ack
+#define br_ssl_engine_sendapp_buf thunk_br_ssl_engine_sendapp_buf
+#define br_ssl_engine_sendrec_ack thunk_br_ssl_engine_sendrec_ack
+#define br_ssl_engine_sendrec_buf thunk_br_ssl_engine_sendrec_buf
+
+
 namespace BearSSL {
 
 // BearSSL needs a very large stack, larger than the entire ESP8266 Arduino
@@ -91,12 +102,14 @@ WiFiClientSecure::WiFiClientSecure() : WiFiClient() {
   _clear();
   _clearAuthenticationSettings();
   _certStore = nullptr; // Don't want to remove cert store on a clear, should be long lived
-//  if (!_bearssl_stack) {
-//    const int stacksize = 4500; // Empirically determined stack for EC and RSA connections
-//    _bearssl_stack = std::shared_ptr<uint8_t>(new uint8_t[stacksize], std::default_delete<uint8_t[]>());
-//    br_esp8266_stack_proxy_init(_bearssl_stack.get(), stacksize);
-//  }
-//  _local_bearssl_stack = _bearssl_stack;
+  if (!_bearssl_stack) {
+    const int stacksize = 4500; // Empirically determined stack for EC and RSA connections
+    _bearssl_stack = std::shared_ptr<uint8_t>(new uint8_t[stacksize], std::default_delete<uint8_t[]>());
+    unsigned int *endOfStack = (unsigned int *)_bearssl_stack.get();
+    endOfStack += (stacksize/4) - 1;
+    SetThunkStackEnd(endOfStack);
+  }
+  _local_bearssl_stack = _bearssl_stack;
 }
 
 WiFiClientSecure::~WiFiClientSecure() {
@@ -106,7 +119,7 @@ WiFiClientSecure::~WiFiClientSecure() {
   }
   free(_cipher_list);
   _freeSSL();
-//  _local_bearssl_stack = nullptr; // Potentially delete it if we're the last SSL object
+  _local_bearssl_stack = nullptr; // Potentially delete it if we're the last SSL object
   if (_deleteChainKeyTA) {
     delete _ta;
     delete _chain;

libraries/ESP8266WiFi/src/include/ClientContext.h

@@ -327,10 +327,10 @@ class ClientContext
                 loop = max_wait_ms;
             }
 
+            delay(1);
             if (state() != ESTABLISHED || sndbuf == TCP_SND_BUF || --loop <= 0)
                 break;
 
-            delay(1);
         }
 
         #ifdef DEBUGV