1 /**
2 * @file
3 * Application layered TCP connection API (to be used from TCPIP thread)
4 *
5 * This file contains memory management functions for a TLS layer using mbedTLS.
6 *
7 * ATTENTION: For production usage, you might want to override this file with
8 * your own implementation since this implementation simply uses the
9 * lwIP heap without caring for fragmentation or leaving heap for
10 * other parts of lwIP!
11 */
12
13 /*
14 * Copyright (c) 2017 Simon Goldschmidt
15 * All rights reserved.
16 *
17 * Redistribution and use in source and binary forms, with or without modification,
18 * are permitted provided that the following conditions are met:
19 *
20 * 1. Redistributions of source code must retain the above copyright notice,
21 * this list of conditions and the following disclaimer.
22 * 2. Redistributions in binary form must reproduce the above copyright notice,
23 * this list of conditions and the following disclaimer in the documentation
24 * and/or other materials provided with the distribution.
25 * 3. The name of the author may not be used to endorse or promote products
26 * derived from this software without specific prior written permission.
27 *
28 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
29 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
30 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
31 * SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
32 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
33 * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
34 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
35 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
36 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
37 * OF SUCH DAMAGE.
38 *
39 * This file is part of the lwIP TCP/IP stack.
40 *
41 * Author: Simon Goldschmidt <goldsimon@gmx.de>
42 *
43 * Missing things / @todo:
44 * - RX data is acknowledged after receiving (tcp_recved is called when enqueueing
45 * the pbuf for mbedTLS receive, not when processed by mbedTLS or the inner
46 * connection; altcp_recved() from inner connection does nothing)
47 * - TX data is marked as 'sent' (i.e. acknowledged; sent callback is called) right
48 * after enqueueing for transmission, not when actually ACKed be the remote host.
49 */
50
51 #include "lwip/opt.h"
52
53 #if LWIP_ALTCP /* don't build if not configured for use in lwipopts.h */
54
55 #include "lwip/apps/altcp_tls_mbedtls_opts.h"
56
57 #if LWIP_ALTCP_TLS && LWIP_ALTCP_TLS_MBEDTLS
58
59 #include "altcp_tls_mbedtls_mem.h"
60 #include "altcp_tls_mbedtls_structs.h"
61 #include "lwip/mem.h"
62
63 #include "mbedtls/platform.h"
64
65 #include <string.h>
66
67 #ifndef ALTCP_MBEDTLS_MEM_DEBUG
68 #define ALTCP_MBEDTLS_MEM_DEBUG LWIP_DBG_OFF
69 #endif
70
71 #if defined(MBEDTLS_PLATFORM_MEMORY) && \
72 (!defined(MBEDTLS_PLATFORM_FREE_MACRO) || \
73 defined(MBEDTLS_PLATFORM_CALLOC_MACRO))
74 #define ALTCP_MBEDTLS_PLATFORM_ALLOC 1
75 #else
76 #define ALTCP_MBEDTLS_PLATFORM_ALLOC 0
77 #endif
78
79 #if ALTCP_MBEDTLS_PLATFORM_ALLOC
80
81 #ifndef ALTCP_MBEDTLS_PLATFORM_ALLOC_STATS
82 #define ALTCP_MBEDTLS_PLATFORM_ALLOC_STATS 0
83 #endif
84
85 /* This is an example/debug implementation of alloc/free functions only */
86 typedef struct altcp_mbedtls_malloc_helper_s {
87 size_t c;
88 size_t len;
89 } altcp_mbedtls_malloc_helper_t;
90
91 #if ALTCP_MBEDTLS_PLATFORM_ALLOC_STATS
92 typedef struct altcp_mbedtls_malloc_stats_s {
93 size_t allocedBytes;
94 size_t allocCnt;
95 size_t maxBytes;
96 size_t totalBytes;
97 } altcp_mbedtls_malloc_stats_t;
98 altcp_mbedtls_malloc_stats_t altcp_mbedtls_malloc_stats;
99 volatile int altcp_mbedtls_malloc_clear_stats;
100 #endif
101
102 static void *
tls_malloc(size_t c,size_t len)103 tls_malloc(size_t c, size_t len)
104 {
105 altcp_mbedtls_malloc_helper_t *hlpr;
106 void *ret;
107 size_t alloc_size;
108 #if ALTCP_MBEDTLS_PLATFORM_ALLOC_STATS
109 if (altcp_mbedtls_malloc_clear_stats) {
110 altcp_mbedtls_malloc_clear_stats = 0;
111 memset(&altcp_mbedtls_malloc_stats, 0, sizeof(altcp_mbedtls_malloc_stats));
112 }
113 #endif
114 alloc_size = sizeof(altcp_mbedtls_malloc_helper_t) + (c * len);
115 /* check for maximum allocation size, mainly to prevent mem_size_t overflow */
116 if (alloc_size > MEM_SIZE) {
117 LWIP_DEBUGF(ALTCP_MBEDTLS_MEM_DEBUG, ("mbedtls allocation too big: %c * %d bytes vs MEM_SIZE=%d",
118 (int)c, (int)len, (int)MEM_SIZE));
119 return NULL;
120 }
121 hlpr = (altcp_mbedtls_malloc_helper_t *)mem_malloc((mem_size_t)alloc_size);
122 if (hlpr == NULL) {
123 LWIP_DEBUGF(ALTCP_MBEDTLS_MEM_DEBUG, ("mbedtls alloc callback failed for %c * %d bytes", (int)c, (int)len));
124 return NULL;
125 }
126 #if ALTCP_MBEDTLS_PLATFORM_ALLOC_STATS
127 altcp_mbedtls_malloc_stats.allocCnt++;
128 altcp_mbedtls_malloc_stats.allocedBytes += c * len;
129 if (altcp_mbedtls_malloc_stats.allocedBytes > altcp_mbedtls_malloc_stats.maxBytes) {
130 altcp_mbedtls_malloc_stats.maxBytes = altcp_mbedtls_malloc_stats.allocedBytes;
131 }
132 altcp_mbedtls_malloc_stats.totalBytes += c * len;
133 #endif
134 hlpr->c = c;
135 hlpr->len = len;
136 ret = hlpr + 1;
137 /* zeroing the allocated chunk is required by mbedTLS! */
138 memset(ret, 0, c * len);
139 return ret;
140 }
141
142 static void
tls_free(void * ptr)143 tls_free(void *ptr)
144 {
145 altcp_mbedtls_malloc_helper_t *hlpr;
146 if (ptr == NULL) {
147 /* this obviously happened in mbedtls... */
148 return;
149 }
150 hlpr = ((altcp_mbedtls_malloc_helper_t *)ptr) - 1;
151 #if ALTCP_MBEDTLS_PLATFORM_ALLOC_STATS
152 if (!altcp_mbedtls_malloc_clear_stats) {
153 altcp_mbedtls_malloc_stats.allocedBytes -= hlpr->c * hlpr->len;
154 }
155 #endif
156 mem_free(hlpr);
157 }
158 #endif /* ALTCP_MBEDTLS_PLATFORM_ALLOC*/
159
160 void
altcp_mbedtls_mem_init(void)161 altcp_mbedtls_mem_init(void)
162 {
163 /* not much to do here when using the heap */
164
165 #if ALTCP_MBEDTLS_PLATFORM_ALLOC
166 /* set mbedtls allocation methods */
167 mbedtls_platform_set_calloc_free(&tls_malloc, &tls_free);
168 #endif
169 }
170
171 altcp_mbedtls_state_t *
altcp_mbedtls_alloc(void * conf)172 altcp_mbedtls_alloc(void *conf)
173 {
174 altcp_mbedtls_state_t *ret = (altcp_mbedtls_state_t *)mem_calloc(1, sizeof(altcp_mbedtls_state_t));
175 if (ret != NULL) {
176 ret->conf = conf;
177 }
178 return ret;
179 }
180
181 void
altcp_mbedtls_free(void * conf,altcp_mbedtls_state_t * state)182 altcp_mbedtls_free(void *conf, altcp_mbedtls_state_t *state)
183 {
184 LWIP_UNUSED_ARG(conf);
185 LWIP_ASSERT("state != NULL", state != NULL);
186 mem_free(state);
187 }
188
189 void *
altcp_mbedtls_alloc_config(size_t size)190 altcp_mbedtls_alloc_config(size_t size)
191 {
192 void *ret;
193 size_t checked_size = (mem_size_t)size;
194 if (size != checked_size) {
195 /* allocation too big (mem_size_t overflow) */
196 return NULL;
197 }
198 ret = (altcp_mbedtls_state_t *)mem_calloc(1, (mem_size_t)size);
199 return ret;
200 }
201
202 void
altcp_mbedtls_free_config(void * item)203 altcp_mbedtls_free_config(void *item)
204 {
205 LWIP_ASSERT("item != NULL", item != NULL);
206 mem_free(item);
207 }
208
209 #endif /* LWIP_ALTCP_TLS && LWIP_ALTCP_TLS_MBEDTLS */
210 #endif /* LWIP_ALTCP */
211