Add br_thunk_* calls to do ref counting, painting

Add reference counting br_thunk_add/del_ref() to replace stack handling code
in the class.

Add in stack painting and max usage calculation.

Author: earlephilhower

libraries/ESP8266WiFi/src/BearSSLThunks.S

@@ -0,0 +1,119 @@
+/*
+  BearSSLThunks.c - Allow use second stack for BearSSL calls
+
+  BearSSL uses a significant amount of stack space, much larger than
+  the default Arduino core stack. These routines handle swapping
+  between a secondary, user-allocated stack on the heap and the real
+  stack.
+
+  Copyright (c) 2017 Earle F. Philhower, III. All rights reserved.
+
+  This library is free software; you can redistribute it and/or
+  modify it under the terms of the GNU Lesser General Public
+  License as published by the Free Software Foundation; either
+  version 2.1 of the License, or (at your option) any later version.
+
+  This library is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public
+  License along with this library; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+  Modified 8 May 2015 by Hristo Gochkov (proper post and file upload handling)
+*/
+
+#include <stdint.h>
+#include <stdlib.h>
+
+static uint32_t *_stackPtr = NULL;
+static uint32_t *_stackTop = NULL;
+static uint32_t _refcnt = 0;
+
+#define _stackSize (4500/4)
+#define _stackPaint 0xdeadbeef
+
+/* Add a reference, and allocate the stack if necessary */
+void br_thunk_add_ref()
+{
+  _refcnt++;
+  if (_refcnt == 1) {
+    _stackPtr = (uint32_t *)malloc(_stackSize * sizeof(uint32_t));
+    _stackTop = _stackPtr + _stackSize - 1;
+    for (int i=0; i < _stackSize; i++) {
+      _stackPtr[i] = _stackPaint;
+    }
+  }
+}
+
+/* Drop a reference, and free stack if no more in use */
+void br_thunk_del_ref()
+{
+  if (_refcnt == 0) {
+    /* Error! */
+    return;
+  }
+  _refcnt--;
+  if (!_refcnt) {
+    free(_stackPtr);
+    _stackPtr = NULL;
+    _stackTop = NULL;
+  }
+}
+
+/* Return the number of bytes ever used since the stack was created */
+uint32_t br_thunk_get_max_usage()
+{
+  uint32_t cnt = 0;
+
+  /* No stack == no usage by definition! */
+  if (!_stackPtr) {
+    return 0;
+  }
+
+  for (cnt=0; (cnt < _stackSize) && (_stackPtr[cnt] == _stackPaint); cnt++) {
+    /* Noop, all work done in for() */
+  }
+  return 4 * (_stackSize - cnt);
+}
+
+__asm("\n\
+.data\n\
+.align 4\n\
+_saveStack: .word 0x00000000\n\
+\n\
+.text\n\
+.literal_position\n\
+\n\
+.macro thunk fcnName\n\
+  .text\n\
+  .global thunk_\\fcnName\n\
+  .type thunk_\\fcnName, @function\n\
+  .align 4\n\
+  thunk_\\fcnName:\n\
+    addi a1, a1, -16      /* Allocate space for saved registers on stack */\n\
+    s32i a0, a1, 12       /* Store A0, trounced by calls */\n\
+    s32i a15, a1, 8       /* Store A15 (our temporary one) */\n\
+    movi a15, _saveStack  /* Store A1(SP) in temp space */\n\
+    s32i a1, a15, 0\n\
+    movi a15, _stackTop   /* Load A1(SP) with thunk stack */\n\
+    l32i.n a1, a15, 0\n\
+    call0 \\fcnName        /* Do the call */\n\
+    movi a15, _saveStack  /* Restore A1(SP) */\n\
+    l32i.n a1, a15, 0\n\
+    l32i.n a15, a1, 8     /* Restore the saved registers */\n\
+    l32i.n a0, a1, 12\n\
+    addi a1, a1, 16       /* Free up stack and return to caller */\n\
+    ret\n\
+  .size thunk_\\fcnName, . - thunk_\\fcnName\n\
+.endm\n\
+\n\
+thunk br_ssl_engine_recvapp_ack\n\
+thunk br_ssl_engine_recvapp_buf\n\
+thunk br_ssl_engine_recvrec_ack\n\
+thunk br_ssl_engine_recvrec_buf\n\
+thunk br_ssl_engine_sendapp_ack\n\
+thunk br_ssl_engine_sendapp_buf\n\
+thunk br_ssl_engine_sendrec_ack\n\
+thunk br_ssl_engine_sendrec_buf");

libraries/ESP8266WiFi/src/BearSSLThunks.c

@@ -1,5 +1,5 @@
 /*
-  esp8266_thunks.h - Allow use second stack for BearSSL calls
+  BearSSLThunks.h - Allow use second stack for BearSSL calls
 
   BearSSL uses a significant amount of stack space, much larger than
   the default Arduino core stack. These routines handle swapping
@@ -31,7 +31,9 @@ extern "C" {
 
 #include <bearssl/bearssl.h>
 
-extern void SetThunkStackEnd(unsigned int *end);
+extern void br_thunk_add_ref();
+extern void br_thunk_del_ref();
+extern uint32_t br_thunk_get_max_usage();
 
 extern unsigned char *thunk_br_ssl_engine_recvapp_buf( const br_ssl_engine_context *cc, size_t *len);
 extern void thunk_br_ssl_engine_recvapp_ack(br_ssl_engine_context *cc, size_t len);

libraries/ESP8266WiFi/src/BearSSLThunks.h

@@ -44,6 +44,7 @@ extern "C" {
 #include "c_types.h"
 #include "coredecls.h"
 
+// The BearSSL thunks in use for now
 #define br_ssl_engine_recvapp_ack thunk_br_ssl_engine_recvapp_ack
 #define br_ssl_engine_recvapp_buf thunk_br_ssl_engine_recvapp_buf
 #define br_ssl_engine_recvrec_ack thunk_br_ssl_engine_recvrec_ack
@@ -53,16 +54,8 @@ extern "C" {
 #define br_ssl_engine_sendrec_ack thunk_br_ssl_engine_sendrec_ack
 #define br_ssl_engine_sendrec_buf thunk_br_ssl_engine_sendrec_buf
 
-
 namespace BearSSL {
 
-// BearSSL needs a very large stack, larger than the entire ESP8266 Arduino
-// default one.  This shared_pointer is allocated on first use and cleared
-// on last cleanup, with only one stack no matter how many SSL objects.
-std::shared_ptr<uint8_t> WiFiClientSecure::_bearssl_stack = nullptr;
-
-
-
 void WiFiClientSecure::_clear() {
   // TLS handshake may take more than the 5 second default timeout
   _timeout = 15000;
@@ -102,18 +95,7 @@ WiFiClientSecure::WiFiClientSecure() : WiFiClient() {
   _clear();
   _clearAuthenticationSettings();
   _certStore = nullptr; // Don't want to remove cert store on a clear, should be long lived
-  _ensureStackAvailable();
-  _local_bearssl_stack = _bearssl_stack;
-}
-
-void WiFiClientSecure::_ensureStackAvailable() {
-  if (!_bearssl_stack) {
-    const int stacksize = 4500; // Empirically determined stack for EC and RSA connections
-    _bearssl_stack = std::shared_ptr<uint8_t>(new uint8_t[stacksize], std::default_delete<uint8_t[]>());
-    unsigned int *endOfStack = (unsigned int *)_bearssl_stack.get();
-    endOfStack += (stacksize/4) - 1;
-    SetThunkStackEnd(endOfStack);
-  }
+  br_thunk_add_ref();
 }
 
 WiFiClientSecure::~WiFiClientSecure() {
@@ -123,11 +105,8 @@ WiFiClientSecure::~WiFiClientSecure() {
   }
   free(_cipher_list);
   _freeSSL();
-  _local_bearssl_stack = nullptr;
-  // If there are no other uses than the initial creation, free the stack
-  if (_bearssl_stack.use_count() == 1) {
-    _bearssl_stack = nullptr;
-  }
+  // Serial.printf("Max stack usage: %d bytes\n", br_thunk_get_max_usage());
+  br_thunk_del_ref();
   if (_deleteChainKeyTA) {
     delete _ta;
     delete _chain;
@@ -140,8 +119,7 @@ WiFiClientSecure::WiFiClientSecure(ClientContext* client,
                                      int iobuf_in_size, int iobuf_out_size, const BearSSLX509List *client_CA_ta) {
   _clear();
   _clearAuthenticationSettings();
-  _ensureStackAvailable();
-  _local_bearssl_stack = _bearssl_stack;
+  br_thunk_add_ref();
   _iobuf_in_size = iobuf_in_size;
   _iobuf_out_size = iobuf_out_size;
   _client = client;
@@ -159,8 +137,7 @@ WiFiClientSecure::WiFiClientSecure(ClientContext *client,
                                      int iobuf_in_size, int iobuf_out_size, const BearSSLX509List *client_CA_ta) {
   _clear();
   _clearAuthenticationSettings();
-  _ensureStackAvailable();
-  _local_bearssl_stack = _bearssl_stack;
+  br_thunk_add_ref();
   _iobuf_in_size = iobuf_in_size;
   _iobuf_out_size = iobuf_out_size;
   _client = client;

libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.cpp

@@ -225,13 +225,6 @@ class WiFiClientSecure : public WiFiClient {
 
     // AXTLS compatible mode needs to delete the stored certs and keys on destruction
     bool _deleteChainKeyTA;
-
-  private:
-    // Single memory buffer used for BearSSL auxilliary stack, insead of growing main Arduino stack for all apps
-    static std::shared_ptr<uint8_t> _bearssl_stack;
-    void _ensureStackAvailable(); // Allocate the stack if necessary
-    // The local copy, only used to enable a reference count
-    std::shared_ptr<uint8_t> _local_bearssl_stack;
 };
 
 };