Expose FreeRTOS+TCP checksum APIs to the firewall.

Signed-off-by: Hugo Lefeuvre <[email protected]>
(cherry picked from commit af215ef)

Author: hlef

lib/tcpip/checksum-internal.h

@@ -0,0 +1,50 @@
+// Copyright SCI Semiconductor and CHERIoT Contributors.
+// SPDX-License-Identifier: MIT
+
+#pragma once
+#include <compartment-macros.h>
+#include <stddef.h>
+#include <stdint.h>
+/**
+ * Internal APIs that the TCP/IP compartment exposes for the firewall to use.
+ *
+ * These should be called only from the firewall compartment (validated by
+ * checking the compartment linkage report).  These APIs trust the caller and
+ * do *not* check arguments.
+ */
+
+/**
+ * Returns the IPv4 checksum for passed packet.
+ *
+ * This function is stateless and can be called at any point of the lifetime of
+ * the TCP/IP stack.
+ *
+ * The IPv4 header (only) should be passed in `ipv4Header`, along with its
+ * length in `headerLength`.
+ *
+ * The returned checksum is in network byte order and can be used as-is for
+ * transmission in the IPv4 header.
+ */
+uint16_t __cheri_compartment("TCPIP")
+  network_calculate_ipv4_checksum(const uint8_t *ipv4Header,
+                                  size_t         headerLength);
+
+/**
+ * Returns the TCP checksum for passed packet.
+ *
+ * This function is stateless and can be called at any point of the lifetime of
+ * the TCP/IP stack.
+ *
+ * Unlike `network_calculate_ipv4_checksum`, this takes the entire Ethernet
+ * frame into `frame`, along with its length in `frameLength`.
+ *
+ * The offset of the TCP checksum in the `frame` buffer must be passed in
+ * `tcpChecksumOffset`.
+ *
+ * The returned checksum is in network byte order and can be used as-is for
+ * transmission in the TCP header.
+ */
+uint16_t __cheri_compartment("TCPIP")
+  network_calculate_tcp_checksum(const uint8_t *frame,
+                                 size_t         frameLength,
+                                 size_t         tcpChecksumOffset);

lib/tcpip/network_wrapper.cc

@@ -7,6 +7,7 @@
 #include <tcpip_error_handler.h>
 
 #include "../firewall/firewall.hh"
+#include "checksum-internal.h"
 #include "network-internal.h"
 #include "tcpip-internal.h"
 
@@ -472,6 +473,39 @@ namespace
 	}
 } // namespace
 
+uint16_t network_calculate_ipv4_checksum(const uint8_t *ipv4Header, size_t headerLength)
+{
+	// Note: no restarting checks because stateless.
+
+	// `usGenerateChecksum` returns a checksum which is 1) not negated (we
+	// must bitwise NOT it) and 2) in host byte order.
+	return htons(~usGenerateChecksum(
+	  0 /* generate checksum for the full packet */, ipv4Header, headerLength));
+}
+
+uint16_t network_calculate_tcp_checksum(const uint8_t *frame,
+                                        size_t         frameLength,
+                                        size_t         tcpChecksumOffset)
+{
+	// Note: no restarting checks because stateless.
+
+	// `usGenerateProtocolChecksum` *writes* the checksum into the packet
+	// buffer. It is not possible to have it return the checksum instead of
+	// modifying the buffer. This is really annoying because we only have a
+	// read-only capability to the frame, as we want to *return* the
+	// checksum.
+	//
+	// To workaround this, make a local copy of the Ethernet frame and
+	// extract the computed checksum from it using `tcpChecksumOffset`.
+	// Putting this copy on the stack should be fine since this is only
+	// used in RST packets which have no payload.
+	uint8_t copy[frameLength];
+	memcpy(copy, frame, frameLength);
+	uint16_t *checksum = reinterpret_cast<uint16_t *>(&copy[tcpChecksumOffset]);
+	usGenerateProtocolChecksum(copy, frameLength, true /* write checksum */);
+	return *checksum;
+}
+
 int network_host_resolve(const char     *hostname,
                          bool            useIPv6,
                          NetworkAddress *address)