Skip to content

Introduce the ast10x0 HACE peripheral#241

Draft
rusty1968 wants to merge 6 commits into
OpenPRoT:mainfrom
rusty1968:ast10x0-hace-pr
Draft

Introduce the ast10x0 HACE peripheral#241
rusty1968 wants to merge 6 commits into
OpenPRoT:mainfrom
rusty1968:ast10x0-hace-pr

Conversation

@rusty1968

Copy link
Copy Markdown
Collaborator

No description provided.

rusty1968 and others added 4 commits June 29, 2026 16:28
The no_panics_test scans the compiled ELF and fails if any panic path is
reachable. Two root causes remained in the SHA-2 / HMAC code linked into
the hace_sha256 binary:

- div_by_zero: chunks_exact(4).zip(..) in load_iv / digest_from_context.
  ChunksExact stores its chunk size as a runtime field, so Zip::new emits
  a len / chunk_size division the optimizer cannot prove non-zero.
  Replaced with index-stride loops over length-proven [u8; 4] arrays.

- copy_from_slice len_mismatch_fail: the staging copies in
  HaceDigest::update and HaceHmacCtx::update copy between two range-sliced
  &[u8] of equal-by-construction length the optimizer cannot prove equal.
  Replaced with zip element-wise copies (no length assert, no division).

Also hardened the AES IV copies (AesCipher::crypt, AesSkin CBC chaining)
to use <[u8; AES_BLOCK]>::try_from array assignment instead of
copy_from_slice, per the project no-panic patterns.

no_panics_test now PASSES; nm shows no panic_is_possible, len_mismatch_fail,
or div_by_zero symbols.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The HACE SHA-2/HMAC KAT test (hace_sha256_test) HardFaulted with an
unaligned UsageFault (wild pointer 0x191818f6) at the sha256 stream-9000
case. Root cause: run_hace_sha2_kats builds a large single stack frame
that overflowed the pigweed-default 2 KiB kernel bootstrap stack into
adjacent .bss (INPUT_BUF); the first case that writes that 4 KiB buffer
(stream-9000) clobbered the live frame and corrupted a saved pointer.
The one-shot cases passed only because they never write INPUT_BUF.

Two parts:
- hmac.rs: move the large HMAC working buffers (key, ipad, opad, and the
  1 KiB msg) off the stack into a single .ram_nc static (HmacNcBufs), so
  HaceHmacCtx is just a few scalars (~20 bytes). This removes the dominant
  per-op stack pressure from the back-to-back HMAC cases. Remaining
  copy_from_slice calls are also converted to zip-copies.
- config.rs: raise KernelConfigInterface::KERNEL_STACK_SIZE_BYTES from the
  2 KiB default to 16 KiB, giving the bootstrap/idle kernel stacks ample
  headroom for the crypto KAT workloads. The AST10x0 has 768 KiB SRAM so
  the extra RAM is negligible.

hace_sha256_test and no_panics_test both pass.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant