From db1390ac58f2d5cc7d58a1de74c92c19611d773e Mon Sep 17 00:00:00 2001 From: SimonIT Date: Thu, 17 Jul 2025 18:15:50 +0200 Subject: [PATCH 01/21] Replace std with core --- boringtun/Cargo.toml | 6 ++++-- boringtun/src/ffi/mod.rs | 24 ++++++++++++------------ boringtun/src/jni.rs | 4 ++-- boringtun/src/lib.rs | 6 ++++++ boringtun/src/noise/handshake.rs | 23 +++++++++++++---------- boringtun/src/noise/mod.rs | 16 ++++++++++------ boringtun/src/noise/rate_limiter.rs | 4 ++-- boringtun/src/noise/session.rs | 6 +++--- boringtun/src/noise/timers.rs | 6 +++--- boringtun/src/serialization.rs | 2 +- boringtun/src/sleepyinstant/mod.rs | 3 ++- 11 files changed, 58 insertions(+), 42 deletions(-) diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index 2e8661cd5..b0ab198c8 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -14,8 +14,10 @@ documentation = "https://docs.rs/boringtun/0.5.2/boringtun/" edition = "2018" [features] -default = [] -device = ["socket2", "thiserror"] +default = [ "std" ] +alloc = [ ] +std = [ "alloc" ] +device = ["socket2", "thiserror", "std"] jni-bindings = ["ffi-bindings", "jni"] ffi-bindings = ["tracing-subscriber"] # mocks std::time::Instant with mock_instant diff --git a/boringtun/src/ffi/mod.rs b/boringtun/src/ffi/mod.rs index 1e5a2a9f3..b389c68f0 100644 --- a/boringtun/src/ffi/mod.rs +++ b/boringtun/src/ffi/mod.rs @@ -17,14 +17,14 @@ use tracing; use tracing_subscriber::fmt; use crate::serialization::KeyBytes; -use std::ffi::{CStr, CString}; -use std::io::{Error, ErrorKind, Write}; -use std::os::raw::c_char; -use std::panic; -use std::ptr; -use std::ptr::null_mut; -use std::slice; -use std::sync::Once; +use core::ffi::{CStr, CString}; +use core::io::{Error, ErrorKind, Write}; +use core::os::raw::c_char; +use core::panic; +use core::ptr; +use core::ptr::null_mut; +use core::slice; +use core::sync::Once; static PANIC_HOOK: Once = Once::new(); @@ -170,7 +170,7 @@ struct FFIFunctionPointerWriter { /// Implements Write trait for use with tracing_subscriber impl Write for FFIFunctionPointerWriter { - fn write(&mut self, buf: &[u8]) -> Result { + fn write(&mut self, buf: &[u8]) -> Result { let out_str = String::from_utf8_lossy(buf).to_string(); if let Ok(c_string) = CString::new(out_str) { unsafe { (self.log_func)(c_string.as_ptr()) } @@ -183,7 +183,7 @@ impl Write for FFIFunctionPointerWriter { } } - fn flush(&mut self) -> Result<(), std::io::Error> { + fn flush(&mut self) -> Result<(), core::io::Error> { // no-op Ok(()) } @@ -207,7 +207,7 @@ impl Write for FFIFunctionPointerWriter { pub unsafe extern "C" fn set_logging_function( log_func: unsafe extern "C" fn(*const c_char), ) -> bool { - let result = std::panic::catch_unwind(|| -> bool { + let result = core::panic::catch_unwind(|| -> bool { let writer = FFIFunctionPointerWriter { log_func }; let format = fmt::format() // don't include levels in formatted output @@ -225,7 +225,7 @@ pub unsafe extern "C" fn set_logging_function( fmt() .event_format(format) - .with_writer(std::sync::Mutex::new(writer)) + .with_writer(core::sync::Mutex::new(writer)) .with_max_level(tracing::Level::TRACE) .with_ansi(false) .try_init() diff --git a/boringtun/src/jni.rs b/boringtun/src/jni.rs index 7bc2bdcd7..3ec2a6292 100644 --- a/boringtun/src/jni.rs +++ b/boringtun/src/jni.rs @@ -5,8 +5,8 @@ #![allow(clippy::missing_safety_doc)] /// JNI bindings for BoringTun library -use std::os::raw::c_char; -use std::ptr; +use core::os::raw::c_char; +use core::ptr; use jni::objects::{JByteBuffer, JClass, JString}; use jni::strings::JNIStr; diff --git a/boringtun/src/lib.rs b/boringtun/src/lib.rs index 6ab410dc3..c3149cee1 100644 --- a/boringtun/src/lib.rs +++ b/boringtun/src/lib.rs @@ -5,6 +5,12 @@ //! //! git clone https://github.com/cloudflare/boringtun.git +// Set `no_std` where `std` feature is disabled +#![cfg_attr(not(feature = "std"), no_std)] + +#[cfg(feature = "alloc")] +extern crate alloc; + #[cfg(feature = "device")] pub mod device; diff --git a/boringtun/src/noise/handshake.rs b/boringtun/src/noise/handshake.rs index 40ed8037d..4be0ee5a3 100644 --- a/boringtun/src/noise/handshake.rs +++ b/boringtun/src/noise/handshake.rs @@ -13,8 +13,8 @@ use blake2::{Blake2s256, Blake2sMac, Digest}; use chacha20poly1305::XChaCha20Poly1305; use rand_core::OsRng; use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305}; -use std::convert::TryInto; -use std::time::{Duration, SystemTime}; +use core::convert::TryInto; +use core::time::{Duration, SystemTime}; #[cfg(feature = "mock-instant")] use mock_instant::Instant; @@ -206,7 +206,7 @@ impl Tai64N { return Err(WireGuardError::InvalidTai64nTimestamp); } - let (sec_bytes, nano_bytes) = buf.split_at(std::mem::size_of::()); + let (sec_bytes, nano_bytes) = buf.split_at(size_of::()); let secs = u64::from_be_bytes(sec_bytes.try_into().unwrap()); let nano = u32::from_be_bytes(nano_bytes.try_into().unwrap()); @@ -244,8 +244,8 @@ struct NoiseParams { preshared_key: Option<[u8; KEY_LEN]>, } -impl std::fmt::Debug for NoiseParams { - fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { +impl core::fmt::Debug for NoiseParams { + fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result { f.debug_struct("NoiseParams") .field("static_public", &self.static_public) .field("static_private", &"") @@ -265,8 +265,8 @@ struct HandshakeInitSentState { time_sent: Instant, } -impl std::fmt::Debug for HandshakeInitSentState { - fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { +impl core::fmt::Debug for HandshakeInitSentState { + fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result { f.debug_struct("HandshakeInitSentState") .field("local_index", &self.local_index) .field("hash", &self.hash) @@ -549,7 +549,7 @@ impl Handshake { // initiator.hash = HASH(initiator.hash || msg.encrypted_timestamp) hash = b2s_hash(&hash, packet.encrypted_timestamp); - self.previous = std::mem::replace( + self.previous = core::mem::replace( &mut self.state, HandshakeState::InitReceived { chaining_key, @@ -772,7 +772,7 @@ impl Handshake { hash = b2s_hash(&hash, encrypted_timestamp); let time_now = Instant::now(); - self.previous = std::mem::replace( + self.previous = core::mem::replace( &mut self.state, HandshakeState::InitSent(HandshakeInitSentState { local_index, @@ -794,7 +794,7 @@ impl Handshake { return Err(WireGuardError::DestinationBufferTooSmall); } - let state = std::mem::replace(&mut self.state, HandshakeState::None); + let state = core::mem::replace(&mut self.state, HandshakeState::None); let (mut chaining_key, mut hash, peer_ephemeral_public, peer_index) = match state { HandshakeState::InitReceived { chaining_key, @@ -882,6 +882,9 @@ impl Handshake { #[cfg(test)] mod tests { + extern crate std; + + use alloc::vec; use super::*; #[test] diff --git a/boringtun/src/noise/mod.rs b/boringtun/src/noise/mod.rs index 76e377b63..fb29a4f9d 100644 --- a/boringtun/src/noise/mod.rs +++ b/boringtun/src/noise/mod.rs @@ -14,11 +14,11 @@ use crate::noise::rate_limiter::RateLimiter; use crate::noise::timers::{TimerName, Timers}; use crate::x25519; -use std::collections::VecDeque; -use std::convert::{TryFrom, TryInto}; -use std::net::{IpAddr, Ipv4Addr, Ipv6Addr}; -use std::sync::Arc; -use std::time::Duration; +use alloc::collections::VecDeque; +use core::convert::{TryFrom, TryInto}; +use core::net::{IpAddr, Ipv4Addr, Ipv6Addr}; +use alloc::sync::Arc; +use core::time::Duration; /// The default value to use for rate limiting, when no other rate limiter is defined const PEER_HANDSHAKE_RATE_LIMIT: u64 = 10; @@ -153,7 +153,7 @@ impl Tunn { nonce: &src[8..32], encrypted_cookie: &src[32..64], }), - (DATA, DATA_OVERHEAD_SZ..=std::usize::MAX) => Packet::PacketData(PacketData { + (DATA, DATA_OVERHEAD_SZ..=usize::MAX) => Packet::PacketData(PacketData { receiver_idx: u32::from_le_bytes(src[4..8].try_into().unwrap()), counter: u64::from_le_bytes(src[8..16].try_into().unwrap()), encrypted_encapsulated_packet: &src[16..], @@ -587,6 +587,10 @@ impl Tunn { #[cfg(test)] mod tests { + extern crate std; + + use std::vec::Vec; + use std::vec; #[cfg(feature = "mock-instant")] use crate::noise::timers::{REKEY_AFTER_TIME, REKEY_TIMEOUT}; diff --git a/boringtun/src/noise/rate_limiter.rs b/boringtun/src/noise/rate_limiter.rs index 052cbb326..4be5165c9 100644 --- a/boringtun/src/noise/rate_limiter.rs +++ b/boringtun/src/noise/rate_limiter.rs @@ -4,8 +4,8 @@ use crate::noise::{HandshakeInit, HandshakeResponse, Packet, Tunn, TunnResult, W #[cfg(feature = "mock-instant")] use mock_instant::Instant; -use std::net::IpAddr; -use std::sync::atomic::{AtomicU64, Ordering}; +use core::net::IpAddr; +use core::sync::atomic::{AtomicU64, Ordering}; #[cfg(not(feature = "mock-instant"))] use crate::sleepyinstant::Instant; diff --git a/boringtun/src/noise/session.rs b/boringtun/src/noise/session.rs index 0d05b95c4..d02c820f5 100644 --- a/boringtun/src/noise/session.rs +++ b/boringtun/src/noise/session.rs @@ -5,7 +5,7 @@ use super::PacketData; use crate::noise::errors::WireGuardError; use parking_lot::Mutex; use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305}; -use std::sync::atomic::{AtomicUsize, Ordering}; +use core::sync::atomic::{AtomicUsize, Ordering}; pub struct Session { pub(crate) receiving_index: u32, @@ -16,8 +16,8 @@ pub struct Session { receiving_key_counter: Mutex, } -impl std::fmt::Debug for Session { - fn fmt(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result { +impl core::fmt::Debug for Session { + fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result { write!( f, "Session: {}<- ->{}", diff --git a/boringtun/src/noise/timers.rs b/boringtun/src/noise/timers.rs index 6b91d5767..93cb89222 100644 --- a/boringtun/src/noise/timers.rs +++ b/boringtun/src/noise/timers.rs @@ -3,10 +3,10 @@ use super::errors::WireGuardError; use crate::noise::{Tunn, TunnResult}; -use std::mem; -use std::ops::{Index, IndexMut}; +use core::mem; +use core::ops::{Index, IndexMut}; -use std::time::Duration; +use core::time::Duration; #[cfg(feature = "mock-instant")] use mock_instant::Instant; diff --git a/boringtun/src/serialization.rs b/boringtun/src/serialization.rs index e6920f8b6..24175d5df 100644 --- a/boringtun/src/serialization.rs +++ b/boringtun/src/serialization.rs @@ -1,6 +1,6 @@ pub(crate) struct KeyBytes(pub [u8; 32]); -impl std::str::FromStr for KeyBytes { +impl core::str::FromStr for KeyBytes { type Err = &'static str; /// Can parse a secret key from a hex or base64 encoded string. diff --git a/boringtun/src/sleepyinstant/mod.rs b/boringtun/src/sleepyinstant/mod.rs index 542beea38..126ad4f33 100644 --- a/boringtun/src/sleepyinstant/mod.rs +++ b/boringtun/src/sleepyinstant/mod.rs @@ -1,7 +1,7 @@ #![forbid(unsafe_code)] //! Attempts to provide the same functionality as std::time::Instant, except it //! uses a timer which accounts for time when the system is asleep -use std::time::Duration; +use core::time::Duration; #[cfg(target_os = "windows")] mod windows; @@ -65,6 +65,7 @@ impl Instant { #[cfg(test)] mod tests { + extern crate std; use super::*; #[test] From cc229d96e4903882afda223b2cb31e94202b9006 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Sun, 10 Aug 2025 12:52:16 +0200 Subject: [PATCH 02/21] Building on linux with embedded_time --- Cargo.lock | 66 ++++++++++++++++++- boringtun-cli/src/main.rs | 2 +- boringtun/Cargo.toml | 13 ++-- .../chacha20poly1305_benching.rs | 2 +- boringtun/src/device/api.rs | 28 ++++---- boringtun/src/device/dev_lock.rs | 6 +- boringtun/src/device/epoll.rs | 2 +- boringtun/src/device/integration_tests/mod.rs | 2 +- boringtun/src/device/mod.rs | 10 +-- boringtun/src/device/peer.rs | 10 +-- boringtun/src/device/tun_linux.rs | 2 +- boringtun/src/ffi/mod.rs | 14 +--- boringtun/src/jni.rs | 8 +-- boringtun/src/noise/handshake.rs | 29 ++++---- boringtun/src/noise/mod.rs | 20 ++++-- boringtun/src/noise/rate_limiter.rs | 26 ++++++-- boringtun/src/noise/session.rs | 4 +- boringtun/src/noise/timers.rs | 39 ++++++----- boringtun/src/sleepyinstant/mod.rs | 25 ++++--- boringtun/src/sleepyinstant/unix.rs | 52 +++++---------- boringtun/src/sleepyinstant/windows.rs | 13 ++++ 21 files changed, 230 insertions(+), 143 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index ba0117aaa..b0f9375ec 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -46,9 +46,9 @@ checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" [[package]] name = "base64" -version = "0.13.0" +version = "0.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" +checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" [[package]] name = "bitflags" @@ -83,6 +83,7 @@ dependencies = [ "blake2", "chacha20poly1305", "criterion", + "embedded-time", "etherparse", "hex", "hmac", @@ -437,6 +438,14 @@ version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3f107b87b6afc2a64fd13cac55fe06d6c8859f12d4b14cbcdd2c67d0976781be" +[[package]] +name = "embedded-time" +version = "0.13.0" +source = "git+https://github.com/FluenTech/embedded-time.git?branch=release%2Fv0.13.0#e313ce96f5fa19e15266fefe33e86f0f3163764e" +dependencies = [ + "num", +] + [[package]] name = "etherparse" version = "0.13.0" @@ -664,6 +673,59 @@ dependencies = [ "libc", ] +[[package]] +name = "num" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b7a8e9be5e039e2ff869df49155f1c06bd01ade2117ec783e56ab0932b67a8f" +dependencies = [ + "num-complex", + "num-integer", + "num-iter", + "num-rational", + "num-traits", +] + +[[package]] +name = "num-complex" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "747d632c0c558b87dbabbe6a82f3b4ae03720d0646ac5b7b4dae89394be5f2c5" +dependencies = [ + "num-traits", +] + +[[package]] +name = "num-integer" +version = "0.1.46" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f" +dependencies = [ + "num-traits", +] + +[[package]] +name = "num-iter" +version = "0.1.45" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1429034a0490724d0075ebb2bc9e875d6503c3cf69e235a8941aa757d83ef5bf" +dependencies = [ + "autocfg", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-rational" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "12ac428b1cb17fce6f731001d307d351ec70a6d202fc2e60f7d4c5e42d8f4f07" +dependencies = [ + "autocfg", + "num-integer", + "num-traits", +] + [[package]] name = "num-traits" version = "0.2.15" diff --git a/boringtun-cli/src/main.rs b/boringtun-cli/src/main.rs index 922ce1071..06572d66a 100644 --- a/boringtun-cli/src/main.rs +++ b/boringtun-cli/src/main.rs @@ -106,7 +106,7 @@ fn main() { let log = matches.value_of("log").unwrap(); let log_file = - File::create(log).unwrap_or_else(|_| panic!("Could not create log file {}", log)); + File::create(log).unwrap_or_else(|_| panic!("Could not create log file {log}")); let (non_blocking, guard) = tracing_appender::non_blocking(log_file); diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index b0ab198c8..b5ec05f2a 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -11,7 +11,7 @@ license = "BSD-3-Clause" readme = "../README.md" repository = "https://github.com/cloudflare/boringtun" documentation = "https://docs.rs/boringtun/0.5.2/boringtun/" -edition = "2018" +edition = "2024" [features] default = [ "std" ] @@ -24,16 +24,16 @@ ffi-bindings = ["tracing-subscriber"] mock-instant = ["mock_instant"] [dependencies] -base64 = "0.13" -hex = "0.4" +base64 = { version = "0.13", features = ["alloc"] } +hex = { version = "0.4", features = ["alloc"] } untrusted = "0.9.0" -libc = "0.2" +libc = { version = "0.2", default-features = false } parking_lot = "0.12" -tracing = "0.1.40" +tracing = { version = "0.1.40", default-features = false } tracing-subscriber = { version = "0.3", features = ["fmt"], optional = true } ip_network = "0.4.1" ip_network_table = "0.2.0" -ring = "0.17" +ring = { version = "0.17", default-features = false } x25519-dalek = { version = "2.0.1", features = [ "reusable_secrets", "static_secrets", @@ -47,6 +47,7 @@ jni = { version = "0.19.0", optional = true } mock_instant = { version = "0.3", optional = true } socket2 = { version = "0.4.7", features = ["all"], optional = true } thiserror = { version = "1", optional = true } +embedded-time = { git = "https://github.com/FluenTech/embedded-time.git", branch = "release/v0.13.0" } [target.'cfg(unix)'.dependencies] nix = { version = "0.25", default-features = false, features = [ diff --git a/boringtun/benches/crypto_benches/chacha20poly1305_benching.rs b/boringtun/benches/crypto_benches/chacha20poly1305_benching.rs index ed857a77b..59e8728bf 100644 --- a/boringtun/benches/crypto_benches/chacha20poly1305_benching.rs +++ b/boringtun/benches/crypto_benches/chacha20poly1305_benching.rs @@ -1,7 +1,7 @@ use aead::{AeadInPlace, KeyInit}; use criterion::{BenchmarkId, Criterion, Throughput}; use rand_core::{OsRng, RngCore}; -use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305}; +use ring::aead::{Aad, CHACHA20_POLY1305, LessSafeKey, Nonce, UnboundKey}; fn chacha20poly1305_ring(key_bytes: &[u8], buf: &mut [u8]) { let len = buf.len(); diff --git a/boringtun/src/device/api.rs b/boringtun/src/device/api.rs index 0486de68b..87102044f 100644 --- a/boringtun/src/device/api.rs +++ b/boringtun/src/device/api.rs @@ -6,7 +6,10 @@ use super::drop_privileges::get_saved_ids; use super::{AllowedIP, Device, Error, SocketAddr}; use crate::device::Action; use crate::serialization::KeyBytes; +use crate::sleepyinstant::ClockImpl; use crate::x25519; +use embedded_time::Clock; +use embedded_time::duration::{Nanoseconds, Seconds}; use hex::encode as encode_hex; use libc::*; use std::fs::{create_dir, remove_file}; @@ -69,7 +72,7 @@ impl Device { _ => EIO, }; // The protocol requires to return an error code as the response, or zero on success - writeln!(writer, "errno={}\n", status).ok(); + writeln!(writer, "errno={status}\n").ok(); } Action::Continue // Indicates the worker thread should continue as normal }), @@ -99,7 +102,7 @@ impl Device { _ => EIO, }; // The protocol requires to return an error code as the response, or zero on success - writeln!(writer, "errno={}\n", status).ok(); + writeln!(writer, "errno={status}\n").ok(); } else { // The remote side is likely closed; we should trigger an exit. d.trigger_exit(); @@ -165,7 +168,7 @@ fn api_get(writer: &mut BufWriter<&UnixStream>, d: &Device) -> i32 { } if let Some(fwmark) = d.fwmark { - writeln!(writer, "fwmark={}", fwmark); + writeln!(writer, "fwmark={fwmark}"); } for (k, p) in d.peers.iter() { @@ -177,26 +180,29 @@ fn api_get(writer: &mut BufWriter<&UnixStream>, d: &Device) -> i32 { } if let Some(keepalive) = p.persistent_keepalive() { - writeln!(writer, "persistent_keepalive_interval={}", keepalive); + writeln!(writer, "persistent_keepalive_interval={keepalive}"); } if let Some(ref addr) = p.endpoint().addr { - writeln!(writer, "endpoint={}", addr); + writeln!(writer, "endpoint={addr}"); } for (ip, cidr) in p.allowed_ips() { - writeln!(writer, "allowed_ip={}/{}", ip, cidr); + writeln!(writer, "allowed_ip={ip}/{cidr}"); } if let Some(time) = p.time_since_last_handshake() { - writeln!(writer, "last_handshake_time_sec={}", time.as_secs()); - writeln!(writer, "last_handshake_time_nsec={}", time.subsec_nanos()); + let secs = Seconds::<::T>::try_from(time).unwrap(); + writeln!(writer, "last_handshake_time_sec={secs}"); + let sub = + Nanoseconds::<::T>::try_from(time).unwrap() % Seconds(1u32); + writeln!(writer, "last_handshake_time_nsec={sub}"); } let (_, tx_bytes, rx_bytes, ..) = p.tunnel.stats(); - writeln!(writer, "rx_bytes={}", rx_bytes); - writeln!(writer, "tx_bytes={}", tx_bytes); + writeln!(writer, "rx_bytes={rx_bytes}"); + writeln!(writer, "tx_bytes={tx_bytes}"); } 0 } @@ -260,7 +266,7 @@ fn api_set(reader: &mut BufReader<&UnixStream>, d: &mut LockReadGuard) - reader, device, x25519::PublicKey::from(key_bytes.0), - ) + ); } Err(_) => return EINVAL, }, diff --git a/boringtun/src/device/dev_lock.rs b/boringtun/src/device/dev_lock.rs index 1a700fab9..6076a2f63 100644 --- a/boringtun/src/device/dev_lock.rs +++ b/boringtun/src/device/dev_lock.rs @@ -26,7 +26,7 @@ impl Lock { impl Lock { /// Acquire a read lock pub fn read(&self) -> LockReadGuard { - let (ref lock, ref cvar) = &self.wants_write; + let (lock, cvar) = &self.wants_write; let mut wants_write = lock.lock(); while *wants_write { // We have a writer and we want to wait for it to go away @@ -64,7 +64,7 @@ impl<'a, T: ?Sized> LockReadGuard<'a, T> { ) -> Option { // First tell everyone that we want to write now, this will prevent any new reader from starting until we are done. { - let &(ref lock, cvar) = &self.wants_write; + let &(lock, cvar) = &self.wants_write; let mut wants_write = lock.lock(); RwLockReadGuard::unlocked(&mut self.inner, move || { @@ -90,7 +90,7 @@ impl<'a, T: ?Sized> LockReadGuard<'a, T> { })); // Finally signal other threads - let (ref lock, ref cvar) = &self.wants_write; + let (lock, cvar) = &self.wants_write; let mut wants_write = lock.lock(); *wants_write = false; cvar.notify_all(); diff --git a/boringtun/src/device/epoll.rs b/boringtun/src/device/epoll.rs index b6ecaf0b9..4cd810edc 100644 --- a/boringtun/src/device/epoll.rs +++ b/boringtun/src/device/epoll.rs @@ -301,7 +301,7 @@ impl EventPoll { unsafe { write( notification_event.trigger, - &(std::u64::MAX - 1).to_ne_bytes()[0] as *const u8 as _, + &(u64::MAX - 1).to_ne_bytes()[0] as *const u8 as _, 8, ) }; diff --git a/boringtun/src/device/integration_tests/mod.rs b/boringtun/src/device/integration_tests/mod.rs index b4e360c3d..89b7e4f2d 100644 --- a/boringtun/src/device/integration_tests/mod.rs +++ b/boringtun/src/device/integration_tests/mod.rs @@ -16,8 +16,8 @@ mod tests { use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr}; use std::os::unix::net::UnixStream; use std::process::Command; - use std::sync::atomic::{AtomicUsize, Ordering}; use std::sync::Arc; + use std::sync::atomic::{AtomicUsize, Ordering}; use std::thread; static NEXT_IFACE_IDX: AtomicUsize = AtomicUsize::new(100); // utun 100+ should be vacant during testing on CI diff --git a/boringtun/src/device/mod.rs b/boringtun/src/device/mod.rs index b250f5e5d..7232113ea 100644 --- a/boringtun/src/device/mod.rs +++ b/boringtun/src/device/mod.rs @@ -30,8 +30,8 @@ use std::io::{self, Write as _}; use std::mem::MaybeUninit; use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr, SocketAddrV4, SocketAddrV6}; use std::os::unix::io::AsRawFd; -use std::sync::atomic::{AtomicUsize, Ordering}; use std::sync::Arc; +use std::sync::atomic::{AtomicUsize, Ordering}; use std::thread; use std::thread::JoinHandle; @@ -316,7 +316,7 @@ impl Device { } // Update an existing peer - if self.peers.get(&pub_key).is_some() { + if self.peers.contains_key(&pub_key) { // We already have a peer, we need to merge the existing config into the newly created one panic!("Modifying existing peers is not yet supported. Remove and add again instead."); } @@ -726,7 +726,7 @@ impl Device { &mut t.dst_buf[..], ) { TunnResult::Done => {} - TunnResult::Err(e) => eprintln!("Decapsulate error {:?}", e), + TunnResult::Err(e) => eprintln!("Decapsulate error {e:?}"), TunnResult::WriteToNetwork(packet) => { flush = true; let _: Result<_, _> = udp.send(packet); @@ -787,11 +787,11 @@ impl Device { if ek == io::ErrorKind::Interrupted || ek == io::ErrorKind::WouldBlock { break; } - eprintln!("Fatal read error on tun interface: {:?}", e); + eprintln!("Fatal read error on tun interface: {e:?}"); return Action::Exit; } Err(e) => { - eprintln!("Unexpected error on tun interface: {:?}", e); + eprintln!("Unexpected error on tun interface: {e:?}"); return Action::Exit; } }; diff --git a/boringtun/src/device/peer.rs b/boringtun/src/device/peer.rs index d7f2c22e5..0e067270d 100644 --- a/boringtun/src/device/peer.rs +++ b/boringtun/src/device/peer.rs @@ -1,14 +1,16 @@ // Copyright (c) 2019 Cloudflare, Inc. All rights reserved. // SPDX-License-Identifier: BSD-3-Clause +use embedded_time::duration::Generic; use parking_lot::RwLock; use socket2::{Domain, Protocol, Type}; -use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, Shutdown, SocketAddr, SocketAddrV4, SocketAddrV6}; -use std::str::FromStr; - use crate::device::{AllowedIps, Error}; use crate::noise::{Tunn, TunnResult}; +use crate::sleepyinstant::ClockImpl; +use embedded_time::Clock; +use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, Shutdown, SocketAddr, SocketAddrV4, SocketAddrV6}; +use std::str::FromStr; #[derive(Default, Debug)] pub struct Endpoint { @@ -152,7 +154,7 @@ impl Peer { self.allowed_ips.iter().map(|(_, ip, cidr)| (ip, cidr)) } - pub fn time_since_last_handshake(&self) -> Option { + pub fn time_since_last_handshake(&self) -> Option::T>> { self.tunnel.time_since_last_handshake() } diff --git a/boringtun/src/device/tun_linux.rs b/boringtun/src/device/tun_linux.rs index dee2999e4..a35312cad 100644 --- a/boringtun/src/device/tun_linux.rs +++ b/boringtun/src/device/tun_linux.rs @@ -72,7 +72,7 @@ impl TunSocket { }); } - let fd = match unsafe { open(b"/dev/net/tun\0".as_ptr() as _, O_RDWR) } { + let fd = match unsafe { open(c"/dev/net/tun".as_ptr() as _, O_RDWR) } { -1 => return Err(Error::Socket(io::Error::last_os_error())), fd => fd, }; diff --git a/boringtun/src/ffi/mod.rs b/boringtun/src/ffi/mod.rs index b389c68f0..b45bfa70c 100644 --- a/boringtun/src/ffi/mod.rs +++ b/boringtun/src/ffi/mod.rs @@ -10,7 +10,7 @@ use super::noise::{Tunn, TunnResult}; use crate::x25519::{PublicKey, StaticSecret}; use base64::{decode, encode}; use hex::encode as encode_hex; -use libc::{raise, SIGSEGV}; +use libc::{SIGSEGV, raise}; use parking_lot::Mutex; use rand_core::OsRng; use tracing; @@ -153,11 +153,7 @@ pub unsafe extern "C" fn check_base64_encoded_x25519_key(key: *const c_char) -> for b in key { zero |= b } - if len == 32 && zero != 0 { - 1 - } else { - 0 - } + if len == 32 && zero != 0 { 1 } else { 0 } } else { 0 } @@ -231,11 +227,7 @@ pub unsafe extern "C" fn set_logging_function( .try_init() .is_ok() }); - if let Ok(value) = result { - value - } else { - false - } + if let Ok(value) = result { value } else { false } } /// Allocate a new tunnel, return NULL on failure. diff --git a/boringtun/src/jni.rs b/boringtun/src/jni.rs index 3ec2a6292..2bd64c5ec 100644 --- a/boringtun/src/jni.rs +++ b/boringtun/src/jni.rs @@ -8,10 +8,10 @@ use core::os::raw::c_char; use core::ptr; +use jni::JNIEnv; use jni::objects::{JByteBuffer, JClass, JString}; use jni::strings::JNIStr; use jni::sys::{jbyteArray, jint, jlong, jshort, jstring}; -use jni::JNIEnv; use parking_lot::Mutex; use crate::ffi::new_tunnel; @@ -62,7 +62,7 @@ pub unsafe extern "C" fn generate_public_key1( } let secret_key = x25519_key { - key: std::mem::transmute::<[i8; 32], [u8; 32]>(key_inner), + key: core::mem::transmute::<[i8; 32], [u8; 32]>(key_inner), }; match env.byte_array_from_slice(&x25519_public_key(secret_key).key) { @@ -86,7 +86,7 @@ pub unsafe extern "C" fn convert_x25519_key_to_hex( } let x25519_key = x25519_key { - key: std::mem::transmute::<[i8; 32], [u8; 32]>(key), + key: core::mem::transmute::<[i8; 32], [u8; 32]>(key), }; let output = match env.new_string(JNIStr::from_ptr(x25519_key_to_hex(x25519_key)).to_owned()) { @@ -112,7 +112,7 @@ pub unsafe extern "C" fn convert_x25519_key_to_base64( } let x25519_key = x25519_key { - key: std::mem::transmute::<[i8; 32], [u8; 32]>(key), + key: core::mem::transmute::<[i8; 32], [u8; 32]>(key), }; let output = match env.new_string(JNIStr::from_ptr(x25519_key_to_base64(x25519_key)).to_owned()) diff --git a/boringtun/src/noise/handshake.rs b/boringtun/src/noise/handshake.rs index 4be0ee5a3..1f9125bc3 100644 --- a/boringtun/src/noise/handshake.rs +++ b/boringtun/src/noise/handshake.rs @@ -5,19 +5,21 @@ use super::{HandshakeInit, HandshakeResponse, PacketCookieReply}; use crate::noise::errors::WireGuardError; use crate::noise::session::Session; #[cfg(not(feature = "mock-instant"))] -use crate::sleepyinstant::Instant; +use crate::sleepyinstant::{ClockImpl, Instant}; use crate::x25519; use aead::{Aead, Payload}; use blake2::digest::{FixedOutput, KeyInit}; use blake2::{Blake2s256, Blake2sMac, Digest}; use chacha20poly1305::XChaCha20Poly1305; -use rand_core::OsRng; -use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305}; +use core::convert::TryFrom; use core::convert::TryInto; -use core::time::{Duration, SystemTime}; - +use embedded_time::Clock; +use embedded_time::duration::{Generic, Milliseconds, Nanoseconds, Seconds}; +use embedded_time::fixed_point::FixedPoint; #[cfg(feature = "mock-instant")] use mock_instant::Instant; +use rand_core::OsRng; +use ring::aead::{Aad, CHACHA20_POLY1305, LessSafeKey, Nonce, UnboundKey}; pub(crate) const LABEL_MAC1: &[u8; 8] = b"mac1----"; pub(crate) const LABEL_COOKIE: &[u8; 8] = b"cookie--"; @@ -168,7 +170,7 @@ struct Tai64N { #[derive(Debug)] /// This struct computes a [Tai64N](https://cr.yp.to/libtai/tai64.html) timestamp from current system time struct TimeStamper { - duration_at_start: Duration, + duration_at_start: Generic<::T>, instant_at_start: Instant, } @@ -176,9 +178,7 @@ impl TimeStamper { /// Create a new TimeStamper pub fn new() -> TimeStamper { TimeStamper { - duration_at_start: SystemTime::now() - .duration_since(SystemTime::UNIX_EPOCH) - .unwrap(), + duration_at_start: ClockImpl.try_now().unwrap().duration_since_epoch(), instant_at_start: Instant::now(), } } @@ -188,8 +188,10 @@ impl TimeStamper { const TAI64_BASE: u64 = (1u64 << 62) + 37; let mut ext_stamp = [0u8; 12]; let stamp = Instant::now().duration_since(self.instant_at_start) + self.duration_at_start; - ext_stamp[0..8].copy_from_slice(&(stamp.as_secs() + TAI64_BASE).to_be_bytes()); - ext_stamp[8..12].copy_from_slice(&stamp.subsec_nanos().to_be_bytes()); + let secs = Seconds::<::T>::try_from(stamp).unwrap(); + ext_stamp[0..8].copy_from_slice(&(secs.integer() + TAI64_BASE).to_be_bytes()); + let sub = Nanoseconds::<::T>::try_from(stamp).unwrap() % Seconds(1u32); + ext_stamp[8..12].copy_from_slice(&(sub.integer() as u32).to_be_bytes()); ext_stamp } } @@ -634,7 +636,8 @@ impl Handshake { let temp3 = b2s_hmac2(&temp1, &temp2, &[0x02]); let rtt_time = Instant::now().duration_since(state.time_sent); - self.last_rtt = Some(rtt_time.as_millis() as u32); + let millis = Milliseconds::try_from(rtt_time).unwrap(); + self.last_rtt = Some(millis.integer()); if is_previous { self.previous = HandshakeState::None; @@ -884,8 +887,8 @@ impl Handshake { mod tests { extern crate std; - use alloc::vec; use super::*; + use alloc::vec; #[test] fn chacha20_seal_rfc7530_test_vector() { diff --git a/boringtun/src/noise/mod.rs b/boringtun/src/noise/mod.rs index fb29a4f9d..92cc68477 100644 --- a/boringtun/src/noise/mod.rs +++ b/boringtun/src/noise/mod.rs @@ -14,11 +14,13 @@ use crate::noise::rate_limiter::RateLimiter; use crate::noise::timers::{TimerName, Timers}; use crate::x25519; +use crate::sleepyinstant::ClockImpl; use alloc::collections::VecDeque; +use alloc::sync::Arc; use core::convert::{TryFrom, TryInto}; use core::net::{IpAddr, Ipv4Addr, Ipv6Addr}; -use alloc::sync::Arc; -use core::time::Duration; +use embedded_time::Clock; +use embedded_time::duration::Generic; /// The default value to use for rate limiting, when no other rate limiter is defined const PEER_HANDSHAKE_RATE_LIMIT: u64 = 10; @@ -574,7 +576,15 @@ impl Tunn { /// * Time since last handshake in seconds /// * Data bytes sent /// * Data bytes received - pub fn stats(&self) -> (Option, usize, usize, f32, Option) { + pub fn stats( + &self, + ) -> ( + Option::T>>, + usize, + usize, + f32, + Option, + ) { let time = self.time_since_last_handshake(); let tx_bytes = self.tx_bytes; let rx_bytes = self.rx_bytes; @@ -589,10 +599,10 @@ impl Tunn { mod tests { extern crate std; - use std::vec::Vec; - use std::vec; #[cfg(feature = "mock-instant")] use crate::noise::timers::{REKEY_AFTER_TIME, REKEY_TIMEOUT}; + use std::vec; + use std::vec::Vec; use super::*; use rand_core::{OsRng, RngCore}; diff --git a/boringtun/src/noise/rate_limiter.rs b/boringtun/src/noise/rate_limiter.rs index 4be5165c9..f3aae47c3 100644 --- a/boringtun/src/noise/rate_limiter.rs +++ b/boringtun/src/noise/rate_limiter.rs @@ -2,27 +2,31 @@ use super::handshake::{b2s_hash, b2s_keyed_mac_16, b2s_keyed_mac_16_2, b2s_mac_2 use crate::noise::handshake::{LABEL_COOKIE, LABEL_MAC1}; use crate::noise::{HandshakeInit, HandshakeResponse, Packet, Tunn, TunnResult, WireGuardError}; -#[cfg(feature = "mock-instant")] -use mock_instant::Instant; use core::net::IpAddr; use core::sync::atomic::{AtomicU64, Ordering}; +#[cfg(feature = "mock-instant")] +use mock_instant::Instant; #[cfg(not(feature = "mock-instant"))] use crate::sleepyinstant::Instant; +use crate::sleepyinstant::ClockImpl; use aead::generic_array::GenericArray; use aead::{AeadInPlace, KeyInit}; use chacha20poly1305::{Key, XChaCha20Poly1305}; +use embedded_time::Clock; +use embedded_time::duration::Seconds; +use embedded_time::fixed_point::FixedPoint; use parking_lot::Mutex; use rand_core::{OsRng, RngCore}; use ring::constant_time::verify_slices_are_equal; -const COOKIE_REFRESH: u64 = 128; // Use 128 and not 120 so the compiler can optimize out the division +const COOKIE_REFRESH: Seconds = Seconds(128); // Use 128 and not 120 so the compiler can optimize out the division const COOKIE_SIZE: usize = 16; const COOKIE_NONCE_SIZE: usize = 24; /// How often should reset count in seconds -const RESET_PERIOD: u64 = 1; +const RESET_PERIOD: Seconds = Seconds(1); type Cookie = [u8; COOKIE_SIZE]; @@ -79,7 +83,7 @@ impl RateLimiter { // The rate limiter is not very accurate, but at the scale we care about it doesn't matter much let current_time = Instant::now(); let mut last_reset_time = self.last_reset.lock(); - if current_time.duration_since(*last_reset_time).as_secs() >= RESET_PERIOD { + if current_time.duration_since(*last_reset_time) >= RESET_PERIOD { self.count.store(0, Ordering::SeqCst); *last_reset_time = current_time; } @@ -96,10 +100,18 @@ impl RateLimiter { // The current cookie for a given IP is the MAC(responder.changing_secret_every_two_minutes, initiator.ip_address) // First we derive the secret from the current time, the value of cur_counter would change with time. - let cur_counter = Instant::now().duration_since(self.start_time).as_secs() / COOKIE_REFRESH; + let cur_counter = Seconds::<::T>::try_from( + Instant::now().duration_since(self.start_time), + ) + .unwrap() + / COOKIE_REFRESH.integer() as ::T; // Next we derive the cookie - b2s_keyed_mac_16_2(&self.secret_key, &cur_counter.to_le_bytes(), &addr_bytes) + b2s_keyed_mac_16_2( + &self.secret_key, + &cur_counter.integer().to_le_bytes(), + &addr_bytes, + ) } fn nonce(&self) -> [u8; COOKIE_NONCE_SIZE] { diff --git a/boringtun/src/noise/session.rs b/boringtun/src/noise/session.rs index d02c820f5..45d291af3 100644 --- a/boringtun/src/noise/session.rs +++ b/boringtun/src/noise/session.rs @@ -3,9 +3,9 @@ use super::PacketData; use crate::noise::errors::WireGuardError; -use parking_lot::Mutex; -use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305}; use core::sync::atomic::{AtomicUsize, Ordering}; +use parking_lot::Mutex; +use ring::aead::{Aad, CHACHA20_POLY1305, LessSafeKey, Nonce, UnboundKey}; pub struct Session { pub(crate) receiving_index: u32, diff --git a/boringtun/src/noise/timers.rs b/boringtun/src/noise/timers.rs index 93cb89222..7865af164 100644 --- a/boringtun/src/noise/timers.rs +++ b/boringtun/src/noise/timers.rs @@ -3,25 +3,24 @@ use super::errors::WireGuardError; use crate::noise::{Tunn, TunnResult}; +use crate::sleepyinstant::ClockImpl; +#[cfg(not(feature = "mock-instant"))] +use crate::sleepyinstant::Instant; use core::mem; use core::ops::{Index, IndexMut}; - -use core::time::Duration; - +use embedded_time::Clock; +use embedded_time::duration::{Generic, Seconds}; #[cfg(feature = "mock-instant")] use mock_instant::Instant; -#[cfg(not(feature = "mock-instant"))] -use crate::sleepyinstant::Instant; - // Some constants, represent time in seconds // https://www.wireguard.com/papers/wireguard.pdf#page=14 -pub(crate) const REKEY_AFTER_TIME: Duration = Duration::from_secs(120); -const REJECT_AFTER_TIME: Duration = Duration::from_secs(180); -const REKEY_ATTEMPT_TIME: Duration = Duration::from_secs(90); -pub(crate) const REKEY_TIMEOUT: Duration = Duration::from_secs(5); -const KEEPALIVE_TIMEOUT: Duration = Duration::from_secs(10); -const COOKIE_EXPIRATION_TIME: Duration = Duration::from_secs(120); +pub(crate) const REKEY_AFTER_TIME: Seconds = Seconds(120); +const REJECT_AFTER_TIME: Seconds = Seconds(180); +const REKEY_ATTEMPT_TIME: Seconds = Seconds(90); +pub(crate) const REKEY_TIMEOUT: Seconds = Seconds(5); +const KEEPALIVE_TIMEOUT: Seconds = Seconds(10); +const COOKIE_EXPIRATION_TIME: Seconds = Seconds(120); #[derive(Debug)] pub enum TimerName { @@ -54,8 +53,8 @@ pub struct Timers { is_initiator: bool, /// Start time of the tunnel time_started: Instant, - timers: [Duration; TimerName::Top as usize], - pub(super) session_timers: [Duration; super::N_SESSIONS], + timers: [Generic<::T>; TimerName::Top as usize], + pub(super) session_timers: [Generic<::T>; super::N_SESSIONS], /// Did we receive data without sending anything back? want_keepalive: bool, /// Did we send data without hearing back? @@ -96,14 +95,14 @@ impl Timers { } impl Index for Timers { - type Output = Duration; - fn index(&self, index: TimerName) -> &Duration { + type Output = Generic<::T>; + fn index(&self, index: TimerName) -> &Generic<::T> { &self.timers[index as usize] } } impl IndexMut for Timers { - fn index_mut(&mut self, index: TimerName) -> &mut Duration { + fn index_mut(&mut self, index: TimerName) -> &mut Generic<::T> { &mut self.timers[index as usize] } } @@ -149,7 +148,7 @@ impl Tunn { self.timers.clear(); } - fn update_session_timers(&mut self, time_now: Duration) { + fn update_session_timers(&mut self, time_now: Generic<::T>) { let timers = &mut self.timers; for (i, t) in timers.session_timers.iter_mut().enumerate() { @@ -290,7 +289,7 @@ impl Tunn { // Persistent KEEPALIVE if persistent_keepalive > 0 && (now - self.timers[TimePersistentKeepalive] - >= Duration::from_secs(persistent_keepalive as _)) + >= Seconds::<::T>(persistent_keepalive as _)) { tracing::debug!("KEEPALIVE(PERSISTENT_KEEPALIVE)"); self.timer_tick(TimePersistentKeepalive); @@ -311,7 +310,7 @@ impl Tunn { TunnResult::Done } - pub fn time_since_last_handshake(&self) -> Option { + pub fn time_since_last_handshake(&self) -> Option::T>> { let current_session = self.current; if self.sessions[current_session % super::N_SESSIONS].is_some() { let duration_since_tun_start = Instant::now().duration_since(self.timers.time_started); diff --git a/boringtun/src/sleepyinstant/mod.rs b/boringtun/src/sleepyinstant/mod.rs index 126ad4f33..40c3094e0 100644 --- a/boringtun/src/sleepyinstant/mod.rs +++ b/boringtun/src/sleepyinstant/mod.rs @@ -1,16 +1,22 @@ #![forbid(unsafe_code)] //! Attempts to provide the same functionality as std::time::Instant, except it //! uses a timer which accounts for time when the system is asleep -use core::time::Duration; + +use embedded_time::Clock; +use embedded_time::duration::Generic; #[cfg(target_os = "windows")] mod windows; +#[cfg(windows)] +pub use inner::WindowsClock as ClockImpl; #[cfg(target_os = "windows")] use windows as inner; #[cfg(unix)] mod unix; #[cfg(unix)] +pub use inner::UnixClock as ClockImpl; +#[cfg(unix)] use unix as inner; /// A measurement of a monotonically nondecreasing clock. @@ -36,14 +42,14 @@ use unix as inner; /// #[derive(Clone, Copy, Debug)] pub struct Instant { - t: inner::Instant, + t: embedded_time::Instant, } impl Instant { /// Returns an instant corresponding to "now". pub fn now() -> Self { Self { - t: inner::Instant::now(), + t: ClockImpl.try_now().unwrap(), } } @@ -53,12 +59,12 @@ impl Instant { /// # Panics /// /// panics when `earlier` was later than `self`. - pub fn duration_since(&self, earlier: Instant) -> Duration { - self.t.duration_since(earlier.t) + pub fn duration_since(&self, earlier: Instant) -> Generic<::T> { + self.t.checked_duration_since(&earlier.t).unwrap() } /// Returns the amount of time elapsed since this instant was created. - pub fn elapsed(&self) -> Duration { + pub fn elapsed(&self) -> Generic<::T> { Self::now().duration_since(*self) } } @@ -66,13 +72,16 @@ impl Instant { #[cfg(test)] mod tests { extern crate std; + use super::*; + use core::convert::TryInto; + use embedded_time::duration::Milliseconds; #[test] fn time_increments_after_sleep() { - let sleep_time = Duration::from_millis(10); + let sleep_time = Milliseconds(10u32); let start = Instant::now(); - std::thread::sleep(sleep_time); + std::thread::sleep(sleep_time.try_into().unwrap()); assert!(start.elapsed() >= sleep_time); } } diff --git a/boringtun/src/sleepyinstant/unix.rs b/boringtun/src/sleepyinstant/unix.rs index 1c17c2e5e..467d943a4 100644 --- a/boringtun/src/sleepyinstant/unix.rs +++ b/boringtun/src/sleepyinstant/unix.rs @@ -1,7 +1,8 @@ -use std::time::Duration; - -use nix::sys::time::TimeSpec; -use nix::time::{clock_gettime, ClockId}; +use embedded_time::duration::Seconds; +use embedded_time::rate::Fraction; +use embedded_time::{Clock, Instant}; +use nix::time::{ClockId, clock_gettime}; +use std::ops::Add; #[cfg(any( target_os = "macos", @@ -18,41 +19,18 @@ const CLOCK_ID: ClockId = ClockId::CLOCK_MONOTONIC; )))] const CLOCK_ID: ClockId = ClockId::CLOCK_BOOTTIME; -#[derive(Clone, Copy, Debug)] -pub(crate) struct Instant { - t: TimeSpec, -} +#[derive(Debug)] +pub struct UnixClock; -impl Instant { - pub(crate) fn now() -> Self { - // std::time::Instant unwraps as well, so feel safe doing so here - let t = clock_gettime(CLOCK_ID).unwrap(); - Self { t } - } +impl Clock for UnixClock { + type T = u64; - fn checked_duration_since(&self, earlier: Instant) -> Option { - const NANOSECOND: nix::libc::c_long = 1_000_000_000; - let (tv_sec, tv_nsec) = if self.t.tv_nsec() < earlier.t.tv_nsec() { - ( - self.t.tv_sec() - earlier.t.tv_sec() - 1, - self.t.tv_nsec() - earlier.t.tv_nsec() + NANOSECOND, - ) - } else { - ( - self.t.tv_sec() - earlier.t.tv_sec(), - self.t.tv_nsec() - earlier.t.tv_nsec(), - ) - }; + const SCALING_FACTOR: Fraction = Fraction::new(1, 1_000_000_000); - if tv_sec < 0 { - None - } else { - Some(Duration::new(tv_sec as _, tv_nsec as _)) - } - } - - pub(crate) fn duration_since(&self, earlier: Instant) -> Duration { - self.checked_duration_since(earlier) - .unwrap_or(Duration::ZERO) + fn try_now(&self) -> Result, embedded_time::clock::Error> { + let t = clock_gettime(CLOCK_ID).unwrap(); + let mut i = Instant::new(t.tv_nsec() as u64); + i = i.add(Seconds(t.tv_sec() as u64)); + Ok(i) } } diff --git a/boringtun/src/sleepyinstant/windows.rs b/boringtun/src/sleepyinstant/windows.rs index ac852292f..81a0ff2ee 100644 --- a/boringtun/src/sleepyinstant/windows.rs +++ b/boringtun/src/sleepyinstant/windows.rs @@ -1 +1,14 @@ pub(crate) use std::time::Instant; + +#[derive(Debug)] +pub struct WindowsClock; + +impl Clock for WindowsClock { + fn now() -> Instant { + Instant::now() + } + + fn duration_since(start: Instant, end: Instant) -> Duration { + end.duration_since(start) + } +} From 1f2db4cc14bcbbf3fbf7690d18d8e73ef4b2cb75 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Wed, 13 Aug 2025 23:57:19 +0200 Subject: [PATCH 03/21] Use std-embedded-time on windows --- Cargo.lock | 21 ++++++++++++++++++++- boringtun/Cargo.toml | 3 ++- boringtun/src/noise/handshake.rs | 5 ++++- boringtun/src/sleepyinstant/mod.rs | 9 ++------- boringtun/src/sleepyinstant/unix.rs | 4 ++-- boringtun/src/sleepyinstant/windows.rs | 14 -------------- 6 files changed, 30 insertions(+), 26 deletions(-) delete mode 100644 boringtun/src/sleepyinstant/windows.rs diff --git a/Cargo.lock b/Cargo.lock index b0f9375ec..dff9c6fe6 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -83,7 +83,7 @@ dependencies = [ "blake2", "chacha20poly1305", "criterion", - "embedded-time", + "embedded-time 0.13.0", "etherparse", "hex", "hmac", @@ -97,6 +97,7 @@ dependencies = [ "rand_core", "ring", "socket2", + "std-embedded-time", "thiserror", "tracing", "tracing-subscriber", @@ -438,6 +439,15 @@ version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3f107b87b6afc2a64fd13cac55fe06d6c8859f12d4b14cbcdd2c67d0976781be" +[[package]] +name = "embedded-time" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d7a4b4d10ac48d08bfe3db7688c402baadb244721f30a77ce360bd24c3dffe58" +dependencies = [ + "num", +] + [[package]] name = "embedded-time" version = "0.13.0" @@ -1049,6 +1059,15 @@ dependencies = [ "winapi", ] +[[package]] +name = "std-embedded-time" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d7a82a83bf323e55022f3d875305319a23a4936de5a316b9c67cf31e9758bb63" +dependencies = [ + "embedded-time 0.12.1", +] + [[package]] name = "strsim" version = "0.10.0" diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index b5ec05f2a..1ecc0ced1 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -16,7 +16,7 @@ edition = "2024" [features] default = [ "std" ] alloc = [ ] -std = [ "alloc" ] +std = [ "alloc", "dep:std-embedded-time" ] device = ["socket2", "thiserror", "std"] jni-bindings = ["ffi-bindings", "jni"] ffi-bindings = ["tracing-subscriber"] @@ -48,6 +48,7 @@ mock_instant = { version = "0.3", optional = true } socket2 = { version = "0.4.7", features = ["all"], optional = true } thiserror = { version = "1", optional = true } embedded-time = { git = "https://github.com/FluenTech/embedded-time.git", branch = "release/v0.13.0" } +std-embedded-time = { version = "0.1.0", optional = true } [target.'cfg(unix)'.dependencies] nix = { version = "0.25", default-features = false, features = [ diff --git a/boringtun/src/noise/handshake.rs b/boringtun/src/noise/handshake.rs index 1f9125bc3..5d152806b 100644 --- a/boringtun/src/noise/handshake.rs +++ b/boringtun/src/noise/handshake.rs @@ -178,7 +178,10 @@ impl TimeStamper { /// Create a new TimeStamper pub fn new() -> TimeStamper { TimeStamper { - duration_at_start: ClockImpl.try_now().unwrap().duration_since_epoch(), + duration_at_start: ClockImpl::default() + .try_now() + .unwrap() + .duration_since_epoch(), instant_at_start: Instant::now(), } } diff --git a/boringtun/src/sleepyinstant/mod.rs b/boringtun/src/sleepyinstant/mod.rs index 40c3094e0..8cec0448c 100644 --- a/boringtun/src/sleepyinstant/mod.rs +++ b/boringtun/src/sleepyinstant/mod.rs @@ -4,13 +4,8 @@ use embedded_time::Clock; use embedded_time::duration::Generic; - -#[cfg(target_os = "windows")] -mod windows; #[cfg(windows)] -pub use inner::WindowsClock as ClockImpl; -#[cfg(target_os = "windows")] -use windows as inner; +pub use std_embedded_time::StandardClock as ClockImpl; #[cfg(unix)] mod unix; @@ -49,7 +44,7 @@ impl Instant { /// Returns an instant corresponding to "now". pub fn now() -> Self { Self { - t: ClockImpl.try_now().unwrap(), + t: ClockImpl::default().try_now().unwrap(), } } diff --git a/boringtun/src/sleepyinstant/unix.rs b/boringtun/src/sleepyinstant/unix.rs index 467d943a4..e96b01102 100644 --- a/boringtun/src/sleepyinstant/unix.rs +++ b/boringtun/src/sleepyinstant/unix.rs @@ -1,8 +1,8 @@ +use core::ops::Add; use embedded_time::duration::Seconds; use embedded_time::rate::Fraction; use embedded_time::{Clock, Instant}; use nix::time::{ClockId, clock_gettime}; -use std::ops::Add; #[cfg(any( target_os = "macos", @@ -19,7 +19,7 @@ const CLOCK_ID: ClockId = ClockId::CLOCK_MONOTONIC; )))] const CLOCK_ID: ClockId = ClockId::CLOCK_BOOTTIME; -#[derive(Debug)] +#[derive(Copy, Clone, Debug, Default)] pub struct UnixClock; impl Clock for UnixClock { diff --git a/boringtun/src/sleepyinstant/windows.rs b/boringtun/src/sleepyinstant/windows.rs deleted file mode 100644 index 81a0ff2ee..000000000 --- a/boringtun/src/sleepyinstant/windows.rs +++ /dev/null @@ -1,14 +0,0 @@ -pub(crate) use std::time::Instant; - -#[derive(Debug)] -pub struct WindowsClock; - -impl Clock for WindowsClock { - fn now() -> Instant { - Instant::now() - } - - fn duration_since(start: Instant, end: Instant) -> Duration { - end.duration_since(start) - } -} From 5c34040a3de75e85f92fa9a89d88be0fd2647332 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Thu, 14 Aug 2025 13:15:23 +0200 Subject: [PATCH 04/21] Use std-embedded-time for v0.13.0 --- Cargo.lock | 16 +++------------- boringtun/Cargo.toml | 2 +- 2 files changed, 4 insertions(+), 14 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index dff9c6fe6..b56b6c913 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -83,7 +83,7 @@ dependencies = [ "blake2", "chacha20poly1305", "criterion", - "embedded-time 0.13.0", + "embedded-time", "etherparse", "hex", "hmac", @@ -439,15 +439,6 @@ version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3f107b87b6afc2a64fd13cac55fe06d6c8859f12d4b14cbcdd2c67d0976781be" -[[package]] -name = "embedded-time" -version = "0.12.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7a4b4d10ac48d08bfe3db7688c402baadb244721f30a77ce360bd24c3dffe58" -dependencies = [ - "num", -] - [[package]] name = "embedded-time" version = "0.13.0" @@ -1062,10 +1053,9 @@ dependencies = [ [[package]] name = "std-embedded-time" version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7a82a83bf323e55022f3d875305319a23a4936de5a316b9c67cf31e9758bb63" +source = "git+https://github.com/SimonIT/std-embedded-time.git?branch=release%2Fv0.13.0#2c4b90174c841b075fde0e53b270385d5a5198a7" dependencies = [ - "embedded-time 0.12.1", + "embedded-time", ] [[package]] diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index 1ecc0ced1..c21cf0b59 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -48,7 +48,7 @@ mock_instant = { version = "0.3", optional = true } socket2 = { version = "0.4.7", features = ["all"], optional = true } thiserror = { version = "1", optional = true } embedded-time = { git = "https://github.com/FluenTech/embedded-time.git", branch = "release/v0.13.0" } -std-embedded-time = { version = "0.1.0", optional = true } +std-embedded-time = { git = "https://github.com/SimonIT/std-embedded-time.git", branch = "release/v0.13.0", optional = true } [target.'cfg(unix)'.dependencies] nix = { version = "0.25", default-features = false, features = [ From 476c599b2ee5449e833732e24cb39f426c81a26f Mon Sep 17 00:00:00 2001 From: SimonIT Date: Thu, 14 Aug 2025 23:27:53 +0200 Subject: [PATCH 05/21] Split lot_api and parking_lot usages for possible no_std mutex --- Cargo.lock | 88 ++++++------------- boringtun/Cargo.toml | 11 +-- .../chacha20poly1305_benching.rs | 2 +- boringtun/src/device/api.rs | 2 +- boringtun/src/device/integration_tests/mod.rs | 2 +- boringtun/src/device/mod.rs | 2 +- boringtun/src/device/tun_linux.rs | 2 +- boringtun/src/ffi/mod.rs | 63 ++++++++----- boringtun/src/jni.rs | 6 +- boringtun/src/noise/handshake.rs | 4 +- boringtun/src/noise/mod.rs | 2 +- boringtun/src/noise/rate_limiter.rs | 9 +- boringtun/src/noise/session.rs | 8 +- boringtun/src/noise/timers.rs | 2 +- boringtun/src/sleepyinstant/mod.rs | 2 +- boringtun/src/sleepyinstant/unix.rs | 2 +- 16 files changed, 99 insertions(+), 108 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index b56b6c913..cce40860e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -56,6 +56,12 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +[[package]] +name = "bitflags" +version = "2.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b8e56985ec62d17e9c1001dc89c88ecd7dc08e47eba5ec7c29c7b5eeecde967" + [[package]] name = "blake2" version = "0.10.6" @@ -91,6 +97,7 @@ dependencies = [ "ip_network_table", "jni", "libc", + "lock_api", "mock_instant", "nix", "parking_lot", @@ -224,7 +231,7 @@ version = "2.34.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a0610544180c38b88101fecf2dd634b174a62eef6946f84dfc6a7127512b381c" dependencies = [ - "bitflags", + "bitflags 1.3.2", "textwrap 0.11.0", "unicode-width", ] @@ -236,7 +243,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "190814073e85d238f31ff738fcb0bf6910cedeb73376c87cd69291028966fd83" dependencies = [ "atty", - "bitflags", + "bitflags 1.3.2", "clap_lex", "indexmap", "strsim", @@ -624,9 +631,9 @@ checksum = "d750af042f7ef4f724306de029d18836c26c1765a54a6a3f094cbd23a7267ffa" [[package]] name = "lock_api" -version = "0.4.7" +version = "0.4.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "327fa5b6a6940e4699ec49a9beae1ea4845c6bab9314e4f84ac68742139d8c53" +checksum = "96936507f153605bddfcda068dd804796c84324ed2510809e5b2a624c81da765" dependencies = [ "autocfg", "scopeguard", @@ -669,7 +676,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e322c04a9e3440c327fca7b6c8a63e6890a32fa2ad689db972425f07e0d22abb" dependencies = [ "autocfg", - "bitflags", + "bitflags 1.3.2", "cfg-if", "libc", ] @@ -781,9 +788,9 @@ checksum = "21326818e99cfe6ce1e524c2a805c189a99b5ae555a35d19f9a284b427d86afa" [[package]] name = "parking_lot" -version = "0.12.1" +version = "0.12.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" +checksum = "70d58bf43669b5795d1576d0641cfb6fbb2057bf629506267a92807158584a13" dependencies = [ "lock_api", "parking_lot_core", @@ -791,15 +798,15 @@ dependencies = [ [[package]] name = "parking_lot_core" -version = "0.9.3" +version = "0.9.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09a279cbf25cb0757810394fbc1e359949b59e348145c643a939a525692e6929" +checksum = "bc838d2a56b5b1a6c25f55575dfc605fabb63bb2365f6c2353ef9159aa69e4a5" dependencies = [ "cfg-if", "libc", "redox_syscall", "smallvec", - "windows-sys 0.36.1", + "windows-targets", ] [[package]] @@ -900,11 +907,11 @@ dependencies = [ [[package]] name = "redox_syscall" -version = "0.2.13" +version = "0.5.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62f25bc4c7e55e0b0b7a1d43fb893f4fa1361d0abe38b9ce4f323c2adfe6ef42" +checksum = "5407465600fb0548f1442edf71dd20683c6ed326200ace4b1ef0763521bb3b77" dependencies = [ - "bitflags", + "bitflags 2.9.1", ] [[package]] @@ -939,7 +946,7 @@ dependencies = [ "getrandom", "libc", "untrusted", - "windows-sys 0.52.0", + "windows-sys", ] [[package]] @@ -1410,19 +1417,6 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" -[[package]] -name = "windows-sys" -version = "0.36.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ea04155a16a59f9eab786fe12a4a450e75cdb175f9e0d80da1e17db09f55b8d2" -dependencies = [ - "windows_aarch64_msvc 0.36.1", - "windows_i686_gnu 0.36.1", - "windows_i686_msvc 0.36.1", - "windows_x86_64_gnu 0.36.1", - "windows_x86_64_msvc 0.36.1", -] - [[package]] name = "windows-sys" version = "0.52.0" @@ -1439,13 +1433,13 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" dependencies = [ "windows_aarch64_gnullvm", - "windows_aarch64_msvc 0.52.6", - "windows_i686_gnu 0.52.6", + "windows_aarch64_msvc", + "windows_i686_gnu", "windows_i686_gnullvm", - "windows_i686_msvc 0.52.6", - "windows_x86_64_gnu 0.52.6", + "windows_i686_msvc", + "windows_x86_64_gnu", "windows_x86_64_gnullvm", - "windows_x86_64_msvc 0.52.6", + "windows_x86_64_msvc", ] [[package]] @@ -1454,24 +1448,12 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" -[[package]] -name = "windows_aarch64_msvc" -version = "0.36.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47" - [[package]] name = "windows_aarch64_msvc" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" -[[package]] -name = "windows_i686_gnu" -version = "0.36.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6" - [[package]] name = "windows_i686_gnu" version = "0.52.6" @@ -1484,24 +1466,12 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" -[[package]] -name = "windows_i686_msvc" -version = "0.36.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024" - [[package]] name = "windows_i686_msvc" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" -[[package]] -name = "windows_x86_64_gnu" -version = "0.36.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1" - [[package]] name = "windows_x86_64_gnu" version = "0.52.6" @@ -1514,12 +1484,6 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" -[[package]] -name = "windows_x86_64_msvc" -version = "0.36.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680" - [[package]] name = "windows_x86_64_msvc" version = "0.52.6" diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index c21cf0b59..a8bfb290e 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -11,15 +11,15 @@ license = "BSD-3-Clause" readme = "../README.md" repository = "https://github.com/cloudflare/boringtun" documentation = "https://docs.rs/boringtun/0.5.2/boringtun/" -edition = "2024" +edition = "2018" [features] default = [ "std" ] alloc = [ ] -std = [ "alloc", "dep:std-embedded-time" ] -device = ["socket2", "thiserror", "std"] +std = [ "alloc", "dep:parking_lot", "dep:std-embedded-time" ] +device = ["std", "socket2", "thiserror"] jni-bindings = ["ffi-bindings", "jni"] -ffi-bindings = ["tracing-subscriber"] +ffi-bindings = ["std", "tracing-subscriber"] # mocks std::time::Instant with mock_instant mock-instant = ["mock_instant"] @@ -28,7 +28,8 @@ base64 = { version = "0.13", features = ["alloc"] } hex = { version = "0.4", features = ["alloc"] } untrusted = "0.9.0" libc = { version = "0.2", default-features = false } -parking_lot = "0.12" +parking_lot = { version = "0.12.4", optional = true } +lock_api = "0.4.13" tracing = { version = "0.1.40", default-features = false } tracing-subscriber = { version = "0.3", features = ["fmt"], optional = true } ip_network = "0.4.1" diff --git a/boringtun/benches/crypto_benches/chacha20poly1305_benching.rs b/boringtun/benches/crypto_benches/chacha20poly1305_benching.rs index 59e8728bf..ed857a77b 100644 --- a/boringtun/benches/crypto_benches/chacha20poly1305_benching.rs +++ b/boringtun/benches/crypto_benches/chacha20poly1305_benching.rs @@ -1,7 +1,7 @@ use aead::{AeadInPlace, KeyInit}; use criterion::{BenchmarkId, Criterion, Throughput}; use rand_core::{OsRng, RngCore}; -use ring::aead::{Aad, CHACHA20_POLY1305, LessSafeKey, Nonce, UnboundKey}; +use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305}; fn chacha20poly1305_ring(key_bytes: &[u8], buf: &mut [u8]) { let len = buf.len(); diff --git a/boringtun/src/device/api.rs b/boringtun/src/device/api.rs index 87102044f..b003260a0 100644 --- a/boringtun/src/device/api.rs +++ b/boringtun/src/device/api.rs @@ -8,8 +8,8 @@ use crate::device::Action; use crate::serialization::KeyBytes; use crate::sleepyinstant::ClockImpl; use crate::x25519; -use embedded_time::Clock; use embedded_time::duration::{Nanoseconds, Seconds}; +use embedded_time::Clock; use hex::encode as encode_hex; use libc::*; use std::fs::{create_dir, remove_file}; diff --git a/boringtun/src/device/integration_tests/mod.rs b/boringtun/src/device/integration_tests/mod.rs index 89b7e4f2d..b4e360c3d 100644 --- a/boringtun/src/device/integration_tests/mod.rs +++ b/boringtun/src/device/integration_tests/mod.rs @@ -16,8 +16,8 @@ mod tests { use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr}; use std::os::unix::net::UnixStream; use std::process::Command; - use std::sync::Arc; use std::sync::atomic::{AtomicUsize, Ordering}; + use std::sync::Arc; use std::thread; static NEXT_IFACE_IDX: AtomicUsize = AtomicUsize::new(100); // utun 100+ should be vacant during testing on CI diff --git a/boringtun/src/device/mod.rs b/boringtun/src/device/mod.rs index 7232113ea..2210dcacc 100644 --- a/boringtun/src/device/mod.rs +++ b/boringtun/src/device/mod.rs @@ -30,8 +30,8 @@ use std::io::{self, Write as _}; use std::mem::MaybeUninit; use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr, SocketAddrV4, SocketAddrV6}; use std::os::unix::io::AsRawFd; -use std::sync::Arc; use std::sync::atomic::{AtomicUsize, Ordering}; +use std::sync::Arc; use std::thread; use std::thread::JoinHandle; diff --git a/boringtun/src/device/tun_linux.rs b/boringtun/src/device/tun_linux.rs index a35312cad..dee2999e4 100644 --- a/boringtun/src/device/tun_linux.rs +++ b/boringtun/src/device/tun_linux.rs @@ -72,7 +72,7 @@ impl TunSocket { }); } - let fd = match unsafe { open(c"/dev/net/tun".as_ptr() as _, O_RDWR) } { + let fd = match unsafe { open(b"/dev/net/tun\0".as_ptr() as _, O_RDWR) } { -1 => return Err(Error::Socket(io::Error::last_os_error())), fd => fd, }; diff --git a/boringtun/src/ffi/mod.rs b/boringtun/src/ffi/mod.rs index b45bfa70c..e813aca78 100644 --- a/boringtun/src/ffi/mod.rs +++ b/boringtun/src/ffi/mod.rs @@ -10,21 +10,28 @@ use super::noise::{Tunn, TunnResult}; use crate::x25519::{PublicKey, StaticSecret}; use base64::{decode, encode}; use hex::encode as encode_hex; -use libc::{SIGSEGV, raise}; -use parking_lot::Mutex; +use libc::{raise, SIGSEGV}; +use lock_api::Mutex; +use parking_lot::RawMutex; use rand_core::OsRng; use tracing; use tracing_subscriber::fmt; use crate::serialization::KeyBytes; -use core::ffi::{CStr, CString}; -use core::io::{Error, ErrorKind, Write}; -use core::os::raw::c_char; -use core::panic; +use crate::sleepyinstant::ClockImpl; +use core::ffi::CStr; use core::ptr; use core::ptr::null_mut; use core::slice; -use core::sync::Once; +use embedded_time::duration::Seconds; +use embedded_time::fixed_point::FixedPoint; +use embedded_time::Clock; +use std::convert::TryFrom; +use std::ffi::CString; +use std::io::{Error, ErrorKind, Write}; +use std::os::raw::c_char; +use std::panic; +use std::sync::Once; static PANIC_HOOK: Once = Once::new(); @@ -153,7 +160,11 @@ pub unsafe extern "C" fn check_base64_encoded_x25519_key(key: *const c_char) -> for b in key { zero |= b } - if len == 32 && zero != 0 { 1 } else { 0 } + if len == 32 && zero != 0 { + 1 + } else { + 0 + } } else { 0 } @@ -166,7 +177,7 @@ struct FFIFunctionPointerWriter { /// Implements Write trait for use with tracing_subscriber impl Write for FFIFunctionPointerWriter { - fn write(&mut self, buf: &[u8]) -> Result { + fn write(&mut self, buf: &[u8]) -> Result { let out_str = String::from_utf8_lossy(buf).to_string(); if let Ok(c_string) = CString::new(out_str) { unsafe { (self.log_func)(c_string.as_ptr()) } @@ -179,7 +190,7 @@ impl Write for FFIFunctionPointerWriter { } } - fn flush(&mut self) -> Result<(), core::io::Error> { + fn flush(&mut self) -> Result<(), std::io::Error> { // no-op Ok(()) } @@ -203,7 +214,7 @@ impl Write for FFIFunctionPointerWriter { pub unsafe extern "C" fn set_logging_function( log_func: unsafe extern "C" fn(*const c_char), ) -> bool { - let result = core::panic::catch_unwind(|| -> bool { + let result = std::panic::catch_unwind(|| -> bool { let writer = FFIFunctionPointerWriter { log_func }; let format = fmt::format() // don't include levels in formatted output @@ -221,13 +232,17 @@ pub unsafe extern "C" fn set_logging_function( fmt() .event_format(format) - .with_writer(core::sync::Mutex::new(writer)) + .with_writer(std::sync::Mutex::new(writer)) .with_max_level(tracing::Level::TRACE) .with_ansi(false) .try_init() .is_ok() }); - if let Ok(value) = result { value } else { false } + if let Ok(value) = result { + value + } else { + false + } } /// Allocate a new tunnel, return NULL on failure. @@ -239,7 +254,7 @@ pub unsafe extern "C" fn new_tunnel( preshared_key: *const c_char, keep_alive: u16, index: u32, -) -> *mut Mutex { +) -> *mut Mutex { let c_str = CStr::from_ptr(static_private); let static_private = match c_str.to_str() { Err(_) => return ptr::null_mut(), @@ -305,7 +320,7 @@ pub unsafe extern "C" fn new_tunnel( /// Drops the Tunn object #[no_mangle] -pub unsafe extern "C" fn tunnel_free(tunnel: *mut Mutex) { +pub unsafe extern "C" fn tunnel_free(tunnel: *mut Mutex) { drop(Box::from_raw(tunnel)); } @@ -313,7 +328,7 @@ pub unsafe extern "C" fn tunnel_free(tunnel: *mut Mutex) { /// For more details check noise::tunnel_to_network functions. #[no_mangle] pub unsafe extern "C" fn wireguard_write( - tunnel: *const Mutex, + tunnel: *const Mutex, src: *const u8, src_size: u32, dst: *mut u8, @@ -330,7 +345,7 @@ pub unsafe extern "C" fn wireguard_write( /// For more details check noise::network_to_tunnel functions. #[no_mangle] pub unsafe extern "C" fn wireguard_read( - tunnel: *const Mutex, + tunnel: *const Mutex, src: *const u8, src_size: u32, dst: *mut u8, @@ -347,7 +362,7 @@ pub unsafe extern "C" fn wireguard_read( /// Recommended interval: 100ms. #[no_mangle] pub unsafe extern "C" fn wireguard_tick( - tunnel: *const Mutex, + tunnel: *const Mutex, dst: *mut u8, dst_size: u32, ) -> wireguard_result { @@ -360,7 +375,7 @@ pub unsafe extern "C" fn wireguard_tick( /// Force the tunnel to initiate a new handshake, dst buffer must be at least 148 byte long. #[no_mangle] pub unsafe extern "C" fn wireguard_force_handshake( - tunnel: *const Mutex, + tunnel: *const Mutex, dst: *mut u8, dst_size: u32, ) -> wireguard_result { @@ -375,11 +390,17 @@ pub unsafe extern "C" fn wireguard_force_handshake( /// Number of data bytes encapsulated /// Number of data bytes decapsulated #[no_mangle] -pub unsafe extern "C" fn wireguard_stats(tunnel: *const Mutex) -> stats { +pub unsafe extern "C" fn wireguard_stats(tunnel: *const Mutex) -> stats { let tunnel = tunnel.as_ref().unwrap().lock(); let (time, tx_bytes, rx_bytes, estimated_loss, estimated_rtt) = tunnel.stats(); stats { - time_since_last_handshake: time.map(|t| t.as_secs() as i64).unwrap_or(-1), + time_since_last_handshake: time + .map(|t| { + Seconds::<::T>::try_from(t) + .unwrap() + .integer() as i64 + }) + .unwrap_or(-1), tx_bytes, rx_bytes, estimated_loss, diff --git a/boringtun/src/jni.rs b/boringtun/src/jni.rs index 2bd64c5ec..58718f5b1 100644 --- a/boringtun/src/jni.rs +++ b/boringtun/src/jni.rs @@ -4,14 +4,14 @@ // temporary, we need to do some verification around these bindings later #![allow(clippy::missing_safety_doc)] -/// JNI bindings for BoringTun library -use core::os::raw::c_char; use core::ptr; +/// JNI bindings for BoringTun library +use std::os::raw::c_char; -use jni::JNIEnv; use jni::objects::{JByteBuffer, JClass, JString}; use jni::strings::JNIStr; use jni::sys::{jbyteArray, jint, jlong, jshort, jstring}; +use jni::JNIEnv; use parking_lot::Mutex; use crate::ffi::new_tunnel; diff --git a/boringtun/src/noise/handshake.rs b/boringtun/src/noise/handshake.rs index 5d152806b..7542457fd 100644 --- a/boringtun/src/noise/handshake.rs +++ b/boringtun/src/noise/handshake.rs @@ -13,13 +13,13 @@ use blake2::{Blake2s256, Blake2sMac, Digest}; use chacha20poly1305::XChaCha20Poly1305; use core::convert::TryFrom; use core::convert::TryInto; -use embedded_time::Clock; use embedded_time::duration::{Generic, Milliseconds, Nanoseconds, Seconds}; use embedded_time::fixed_point::FixedPoint; +use embedded_time::Clock; #[cfg(feature = "mock-instant")] use mock_instant::Instant; use rand_core::OsRng; -use ring::aead::{Aad, CHACHA20_POLY1305, LessSafeKey, Nonce, UnboundKey}; +use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305}; pub(crate) const LABEL_MAC1: &[u8; 8] = b"mac1----"; pub(crate) const LABEL_COOKIE: &[u8; 8] = b"cookie--"; diff --git a/boringtun/src/noise/mod.rs b/boringtun/src/noise/mod.rs index 92cc68477..933ebdef0 100644 --- a/boringtun/src/noise/mod.rs +++ b/boringtun/src/noise/mod.rs @@ -19,8 +19,8 @@ use alloc::collections::VecDeque; use alloc::sync::Arc; use core::convert::{TryFrom, TryInto}; use core::net::{IpAddr, Ipv4Addr, Ipv6Addr}; -use embedded_time::Clock; use embedded_time::duration::Generic; +use embedded_time::Clock; /// The default value to use for rate limiting, when no other rate limiter is defined const PEER_HANDSHAKE_RATE_LIMIT: u64 = 10; diff --git a/boringtun/src/noise/rate_limiter.rs b/boringtun/src/noise/rate_limiter.rs index f3aae47c3..b7d464cab 100644 --- a/boringtun/src/noise/rate_limiter.rs +++ b/boringtun/src/noise/rate_limiter.rs @@ -6,6 +6,7 @@ use core::net::IpAddr; use core::sync::atomic::{AtomicU64, Ordering}; #[cfg(feature = "mock-instant")] use mock_instant::Instant; +use std::convert::TryFrom; #[cfg(not(feature = "mock-instant"))] use crate::sleepyinstant::Instant; @@ -14,10 +15,12 @@ use crate::sleepyinstant::ClockImpl; use aead::generic_array::GenericArray; use aead::{AeadInPlace, KeyInit}; use chacha20poly1305::{Key, XChaCha20Poly1305}; -use embedded_time::Clock; use embedded_time::duration::Seconds; use embedded_time::fixed_point::FixedPoint; -use parking_lot::Mutex; +use embedded_time::Clock; +use lock_api::Mutex; +#[cfg(feature = "std")] +use parking_lot::RawMutex; use rand_core::{OsRng, RngCore}; use ring::constant_time::verify_slices_are_equal; @@ -52,7 +55,7 @@ pub struct RateLimiter { /// The counter since last reset count: AtomicU64, /// The time last reset was performed on this rate limiter - last_reset: Mutex, + last_reset: Mutex, } impl RateLimiter { diff --git a/boringtun/src/noise/session.rs b/boringtun/src/noise/session.rs index 45d291af3..be4bcbdd7 100644 --- a/boringtun/src/noise/session.rs +++ b/boringtun/src/noise/session.rs @@ -4,8 +4,10 @@ use super::PacketData; use crate::noise::errors::WireGuardError; use core::sync::atomic::{AtomicUsize, Ordering}; -use parking_lot::Mutex; -use ring::aead::{Aad, CHACHA20_POLY1305, LessSafeKey, Nonce, UnboundKey}; +use lock_api::Mutex; +#[cfg(feature = "std")] +use parking_lot::RawMutex; +use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305}; pub struct Session { pub(crate) receiving_index: u32, @@ -13,7 +15,7 @@ pub struct Session { receiver: LessSafeKey, sender: LessSafeKey, sending_key_counter: AtomicUsize, - receiving_key_counter: Mutex, + receiving_key_counter: Mutex, } impl core::fmt::Debug for Session { diff --git a/boringtun/src/noise/timers.rs b/boringtun/src/noise/timers.rs index 7865af164..6257e5431 100644 --- a/boringtun/src/noise/timers.rs +++ b/boringtun/src/noise/timers.rs @@ -8,8 +8,8 @@ use crate::sleepyinstant::ClockImpl; use crate::sleepyinstant::Instant; use core::mem; use core::ops::{Index, IndexMut}; -use embedded_time::Clock; use embedded_time::duration::{Generic, Seconds}; +use embedded_time::Clock; #[cfg(feature = "mock-instant")] use mock_instant::Instant; diff --git a/boringtun/src/sleepyinstant/mod.rs b/boringtun/src/sleepyinstant/mod.rs index 8cec0448c..0dcb24a49 100644 --- a/boringtun/src/sleepyinstant/mod.rs +++ b/boringtun/src/sleepyinstant/mod.rs @@ -2,8 +2,8 @@ //! Attempts to provide the same functionality as std::time::Instant, except it //! uses a timer which accounts for time when the system is asleep -use embedded_time::Clock; use embedded_time::duration::Generic; +use embedded_time::Clock; #[cfg(windows)] pub use std_embedded_time::StandardClock as ClockImpl; diff --git a/boringtun/src/sleepyinstant/unix.rs b/boringtun/src/sleepyinstant/unix.rs index e96b01102..f2f2d8097 100644 --- a/boringtun/src/sleepyinstant/unix.rs +++ b/boringtun/src/sleepyinstant/unix.rs @@ -2,7 +2,7 @@ use core::ops::Add; use embedded_time::duration::Seconds; use embedded_time::rate::Fraction; use embedded_time::{Clock, Instant}; -use nix::time::{ClockId, clock_gettime}; +use nix::time::{clock_gettime, ClockId}; #[cfg(any( target_os = "macos", From 02c481d6f2700ca660b132ff8ec9c3a9afaaa3ad Mon Sep 17 00:00:00 2001 From: SimonIT Date: Fri, 15 Aug 2025 15:03:49 +0200 Subject: [PATCH 06/21] Missing TryFrom --- boringtun/src/device/api.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/boringtun/src/device/api.rs b/boringtun/src/device/api.rs index b003260a0..d0515290c 100644 --- a/boringtun/src/device/api.rs +++ b/boringtun/src/device/api.rs @@ -12,6 +12,7 @@ use embedded_time::duration::{Nanoseconds, Seconds}; use embedded_time::Clock; use hex::encode as encode_hex; use libc::*; +use std::convert::TryFrom; use std::fs::{create_dir, remove_file}; use std::io::{BufRead, BufReader, BufWriter, Write}; use std::os::unix::io::{AsRawFd, FromRawFd}; From 701b28aa0c4b6752c90318f20101dc64ffbba6b3 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Sun, 17 Aug 2025 13:16:58 +0200 Subject: [PATCH 07/21] mock-instant doesn't work anymore as we don't use instant from std --- Cargo.lock | 7 ---- boringtun/Cargo.toml | 3 -- boringtun/src/lib.rs | 1 - boringtun/src/noise/handshake.rs | 3 -- boringtun/src/noise/mod.rs | 53 ----------------------------- boringtun/src/noise/rate_limiter.rs | 3 -- boringtun/src/noise/timers.rs | 3 -- 7 files changed, 73 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index cce40860e..d6f244496 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -98,7 +98,6 @@ dependencies = [ "jni", "libc", "lock_api", - "mock_instant", "nix", "parking_lot", "rand_core", @@ -663,12 +662,6 @@ dependencies = [ "autocfg", ] -[[package]] -name = "mock_instant" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c1a54de846c4006b88b1516731cc1f6026eb5dc4bcb186aa071ef66d40524ec" - [[package]] name = "nix" version = "0.25.0" diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index a8bfb290e..0c13350b7 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -20,8 +20,6 @@ std = [ "alloc", "dep:parking_lot", "dep:std-embedded-time" ] device = ["std", "socket2", "thiserror"] jni-bindings = ["ffi-bindings", "jni"] ffi-bindings = ["std", "tracing-subscriber"] -# mocks std::time::Instant with mock_instant -mock-instant = ["mock_instant"] [dependencies] base64 = { version = "0.13", features = ["alloc"] } @@ -45,7 +43,6 @@ aead = "0.5.0-pre.2" blake2 = "0.10" hmac = "0.12" jni = { version = "0.19.0", optional = true } -mock_instant = { version = "0.3", optional = true } socket2 = { version = "0.4.7", features = ["all"], optional = true } thiserror = { version = "1", optional = true } embedded-time = { git = "https://github.com/FluenTech/embedded-time.git", branch = "release/v0.13.0" } diff --git a/boringtun/src/lib.rs b/boringtun/src/lib.rs index c3149cee1..6609978f8 100644 --- a/boringtun/src/lib.rs +++ b/boringtun/src/lib.rs @@ -20,7 +20,6 @@ pub mod ffi; pub mod jni; pub mod noise; -#[cfg(not(feature = "mock-instant"))] pub(crate) mod sleepyinstant; pub(crate) mod serialization; diff --git a/boringtun/src/noise/handshake.rs b/boringtun/src/noise/handshake.rs index 7542457fd..5555c1d88 100644 --- a/boringtun/src/noise/handshake.rs +++ b/boringtun/src/noise/handshake.rs @@ -4,7 +4,6 @@ use super::{HandshakeInit, HandshakeResponse, PacketCookieReply}; use crate::noise::errors::WireGuardError; use crate::noise::session::Session; -#[cfg(not(feature = "mock-instant"))] use crate::sleepyinstant::{ClockImpl, Instant}; use crate::x25519; use aead::{Aead, Payload}; @@ -16,8 +15,6 @@ use core::convert::TryInto; use embedded_time::duration::{Generic, Milliseconds, Nanoseconds, Seconds}; use embedded_time::fixed_point::FixedPoint; use embedded_time::Clock; -#[cfg(feature = "mock-instant")] -use mock_instant::Instant; use rand_core::OsRng; use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305}; diff --git a/boringtun/src/noise/mod.rs b/boringtun/src/noise/mod.rs index 933ebdef0..f45161cfe 100644 --- a/boringtun/src/noise/mod.rs +++ b/boringtun/src/noise/mod.rs @@ -599,8 +599,6 @@ impl Tunn { mod tests { extern crate std; - #[cfg(feature = "mock-instant")] - use crate::noise::timers::{REKEY_AFTER_TIME, REKEY_TIMEOUT}; use std::vec; use std::vec::Vec; @@ -689,20 +687,6 @@ mod tests { packet } - #[cfg(feature = "mock-instant")] - fn update_timer_results_in_handshake(tun: &mut Tunn) { - let mut dst = vec![0u8; 2048]; - let result = tun.update_timers(&mut dst); - assert!(matches!(result, TunnResult::WriteToNetwork(_))); - let packet_data = if let TunnResult::WriteToNetwork(data) = result { - data - } else { - unreachable!(); - }; - let packet = Tunn::parse_incoming_packet(packet_data).unwrap(); - assert!(matches!(packet, Packet::HandshakeInit(_))); - } - #[test] fn create_two_tunnels_linked_to_eachother() { let (_my_tun, _their_tun) = create_two_tuns(); @@ -743,43 +727,6 @@ mod tests { assert!(matches!(their_tun.update_timers(&mut []), TunnResult::Done)); } - #[test] - #[cfg(feature = "mock-instant")] - fn new_handshake_after_two_mins() { - let (mut my_tun, mut their_tun) = create_two_tuns_and_handshake(); - let mut my_dst = [0u8; 1024]; - - // Advance time 1 second and "send" 1 packet so that we send a handshake - // after the timeout - mock_instant::MockClock::advance(Duration::from_secs(1)); - assert!(matches!(their_tun.update_timers(&mut []), TunnResult::Done)); - assert!(matches!( - my_tun.update_timers(&mut my_dst), - TunnResult::Done - )); - let sent_packet_buf = create_ipv4_udp_packet(); - let data = my_tun.encapsulate(&sent_packet_buf, &mut my_dst); - assert!(matches!(data, TunnResult::WriteToNetwork(_))); - - //Advance to timeout - mock_instant::MockClock::advance(REKEY_AFTER_TIME); - assert!(matches!(their_tun.update_timers(&mut []), TunnResult::Done)); - update_timer_results_in_handshake(&mut my_tun); - } - - #[test] - #[cfg(feature = "mock-instant")] - fn handshake_no_resp_rekey_timeout() { - let (mut my_tun, _their_tun) = create_two_tuns(); - - let init = create_handshake_init(&mut my_tun); - let packet = Tunn::parse_incoming_packet(&init).unwrap(); - assert!(matches!(packet, Packet::HandshakeInit(_))); - - mock_instant::MockClock::advance(REKEY_TIMEOUT); - update_timer_results_in_handshake(&mut my_tun) - } - #[test] fn one_ip_packet() { let (mut my_tun, mut their_tun) = create_two_tuns_and_handshake(); diff --git a/boringtun/src/noise/rate_limiter.rs b/boringtun/src/noise/rate_limiter.rs index b7d464cab..11e2bc565 100644 --- a/boringtun/src/noise/rate_limiter.rs +++ b/boringtun/src/noise/rate_limiter.rs @@ -4,11 +4,8 @@ use crate::noise::{HandshakeInit, HandshakeResponse, Packet, Tunn, TunnResult, W use core::net::IpAddr; use core::sync::atomic::{AtomicU64, Ordering}; -#[cfg(feature = "mock-instant")] -use mock_instant::Instant; use std::convert::TryFrom; -#[cfg(not(feature = "mock-instant"))] use crate::sleepyinstant::Instant; use crate::sleepyinstant::ClockImpl; diff --git a/boringtun/src/noise/timers.rs b/boringtun/src/noise/timers.rs index 6257e5431..2bf7402b0 100644 --- a/boringtun/src/noise/timers.rs +++ b/boringtun/src/noise/timers.rs @@ -4,14 +4,11 @@ use super::errors::WireGuardError; use crate::noise::{Tunn, TunnResult}; use crate::sleepyinstant::ClockImpl; -#[cfg(not(feature = "mock-instant"))] use crate::sleepyinstant::Instant; use core::mem; use core::ops::{Index, IndexMut}; use embedded_time::duration::{Generic, Seconds}; use embedded_time::Clock; -#[cfg(feature = "mock-instant")] -use mock_instant::Instant; // Some constants, represent time in seconds // https://www.wireguard.com/papers/wireguard.pdf#page=14 From fa4fb62849f06a5833bd11a03895879f0ae64489 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Fri, 29 Aug 2025 15:49:56 +0200 Subject: [PATCH 08/21] Use ariel_os_lock for RawMutex on Ariel OS --- Cargo.lock | 1418 ++++++++++++++++++++++++++- boringtun/Cargo.toml | 5 +- boringtun/src/noise/rate_limiter.rs | 4 +- boringtun/src/noise/session.rs | 2 + 4 files changed, 1398 insertions(+), 31 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index d6f244496..18082b0b1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -21,6 +21,78 @@ dependencies = [ "winapi", ] +[[package]] +name = "anyhow" +version = "1.0.99" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0674a1ddeecb70197781e945de4b3b8ffb61fa939a5597bcf48503737663100" + +[[package]] +name = "ariel-os-debug" +version = "0.2.0" +source = "git+https://github.com/ariel-os/ariel-os.git?tag=v0.2.1#1d9062d957168d8ac0a3c9536123480114186163" +dependencies = [ + "ariel-os-debug-log", + "ariel-os-utils", + "const-str", +] + +[[package]] +name = "ariel-os-debug-log" +version = "0.2.0" +source = "git+https://github.com/ariel-os/ariel-os.git?tag=v0.2.1#1d9062d957168d8ac0a3c9536123480114186163" +dependencies = [ + "featurecomb", +] + +[[package]] +name = "ariel-os-lock" +version = "0.1.0" +source = "git+https://github.com/SimonIT/ariel-os-lock#0bb147867e64576c3b444e982e967ddcb17004e9" +dependencies = [ + "ariel-os-threads", + "lock_api", +] + +[[package]] +name = "ariel-os-runqueue" +version = "0.2.0" +source = "git+https://github.com/ariel-os/ariel-os.git?tag=v0.2.1#1d9062d957168d8ac0a3c9536123480114186163" +dependencies = [ + "hax-lib", +] + +[[package]] +name = "ariel-os-threads" +version = "0.2.0" +source = "git+https://github.com/ariel-os/ariel-os.git?tag=v0.2.1#1d9062d957168d8ac0a3c9536123480114186163" +dependencies = [ + "ariel-os-debug", + "ariel-os-runqueue", + "ariel-os-utils", + "cfg-if", + "cortex-m", + "cortex-m-rt", + "cortex-m-semihosting", + "critical-section", + "esp-hal", + "linkme", + "panic-semihosting", + "paste", + "static_cell", + "xtensa-lx-rt", +] + +[[package]] +name = "ariel-os-utils" +version = "0.2.0" +source = "git+https://github.com/ariel-os/ariel-os.git?tag=v0.2.1#1d9062d957168d8ac0a3c9536123480114186163" +dependencies = [ + "const-str", + "const_panic", + "konst", +] + [[package]] name = "arrayvec" version = "0.7.2" @@ -44,12 +116,42 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" +[[package]] +name = "bare-metal" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5deb64efa5bd81e31fcd1938615a6d98c82eafcbcd787162b6f63b91d6bac5b3" +dependencies = [ + "rustc_version 0.2.3", +] + [[package]] name = "base64" version = "0.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" +[[package]] +name = "basic-toml" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba62675e8242a4c4e806d12f11d136e626e6c8361d6b829310732241652a178a" +dependencies = [ + "serde", +] + +[[package]] +name = "bitfield" +version = "0.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "46afbd2983a5d5a7bd740ccb198caf5b82f45c40c09c0eed36052d91cb92e719" + +[[package]] +name = "bitfield" +version = "0.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f798d2d157e547aa99aab0967df39edd0b70307312b6f8bd2848e6abe40896e0" + [[package]] name = "bitflags" version = "1.3.2" @@ -85,10 +187,12 @@ name = "boringtun" version = "0.6.0" dependencies = [ "aead", + "ariel-os-lock", "base64", "blake2", "chacha20poly1305", "criterion", + "embassy-embedded-time", "embedded-time", "etherparse", "hex", @@ -147,6 +251,18 @@ version = "3.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0d261e256854913907f67ed06efbc3338dfe6179796deefc1ff763fc1aee5535" +[[package]] +name = "bytemuck" +version = "1.23.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3995eaeebcdf32f91f980d360f78732ddc061097ab4e39991ae7a6ace9194677" + +[[package]] +name = "byteorder" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" + [[package]] name = "bytes" version = "1.1.0" @@ -159,7 +275,7 @@ version = "0.2.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4c24dab4283a142afa2fdca129b80ad2c6284e073930f964c3a1293c225ee39a" dependencies = [ - "rustc_version", + "rustc_version 0.4.0", ] [[package]] @@ -213,6 +329,15 @@ dependencies = [ "zeroize", ] +[[package]] +name = "chrono" +version = "0.4.41" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c469d952047f47f91b68d1cba3f10d63c11d73e4636f24f08daf0278abf01c4d" +dependencies = [ + "num-traits", +] + [[package]] name = "cipher" version = "0.4.3" @@ -244,8 +369,8 @@ dependencies = [ "atty", "bitflags 1.3.2", "clap_lex", - "indexmap", - "strsim", + "indexmap 1.9.1", + "strsim 0.10.0", "termcolor", "textwrap 0.15.0", ] @@ -269,6 +394,62 @@ dependencies = [ "memchr", ] +[[package]] +name = "const-str" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "451d0640545a0553814b4c646eb549343561618838e9b42495f466131fe3ad49" + +[[package]] +name = "const_panic" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bb8a602185c3c95b52f86dc78e55a6df9a287a7a93ddbcf012509930880cf879" +dependencies = [ + "typewit", +] + +[[package]] +name = "cortex-m" +version = "0.7.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ec610d8f49840a5b376c69663b6369e71f4b34484b9b2eb29fb918d92516cb9" +dependencies = [ + "bare-metal", + "bitfield 0.13.2", + "embedded-hal 0.2.7", + "volatile-register", +] + +[[package]] +name = "cortex-m-rt" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee84e813d593101b1723e13ec38b6ab6abbdbaaa4546553f5395ed274079ddb1" +dependencies = [ + "cortex-m-rt-macros", +] + +[[package]] +name = "cortex-m-rt-macros" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0f6f3e36f203cfedbc78b357fb28730aa2c6dc1ab060ee5c2405e843988d3c7" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.98", +] + +[[package]] +name = "cortex-m-semihosting" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c23234600452033cc77e4b761e740e02d2c4168e11dbf36ab14a0f58973592b0" +dependencies = [ + "cortex-m", +] + [[package]] name = "cpufeatures" version = "0.2.9" @@ -314,6 +495,12 @@ dependencies = [ "itertools", ] +[[package]] +name = "critical-section" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "790eea4361631c5e7d22598ecd5723ff611904e3344ce8720784c93e3d83d40b" + [[package]] name = "crossbeam-channel" version = "0.5.5" @@ -402,7 +589,7 @@ dependencies = [ "cpufeatures", "curve25519-dalek-derive", "fiat-crypto", - "rustc_version", + "rustc_version 0.4.0", "subtle", "zeroize", ] @@ -415,7 +602,7 @@ checksum = "83fdaf97f4804dcebfa5862639bc9ce4121e82140bec2a987ac5140294865b5b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.23", + "syn 2.0.106", ] [[package]] @@ -428,6 +615,86 @@ dependencies = [ "libc", ] +[[package]] +name = "darling" +version = "0.20.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fc7f46116c46ff9ab3eb1597a45688b6715c6e628b5c133e288e709a29bcb4ee" +dependencies = [ + "darling_core 0.20.11", + "darling_macro 0.20.11", +] + +[[package]] +name = "darling" +version = "0.21.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08440b3dd222c3d0433e63e097463969485f112baff337dfdaca043a0d760570" +dependencies = [ + "darling_core 0.21.2", + "darling_macro 0.21.2", +] + +[[package]] +name = "darling_core" +version = "0.20.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0d00b9596d185e565c2207a0b01f8bd1a135483d02d9b7b0a54b11da8d53412e" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "strsim 0.11.1", + "syn 2.0.106", +] + +[[package]] +name = "darling_core" +version = "0.21.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d25b7912bc28a04ab1b7715a68ea03aaa15662b43a1a4b2c480531fd19f8bf7e" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "syn 2.0.106", +] + +[[package]] +name = "darling_macro" +version = "0.20.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fc34b93ccb385b40dc71c6fceac4b2ad23662c7eeb248cf10d529b7e055b6ead" +dependencies = [ + "darling_core 0.20.11", + "quote", + "syn 2.0.106", +] + +[[package]] +name = "darling_macro" +version = "0.21.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce154b9bea7fb0c8e8326e62d00354000c36e79770ff21b8c84e3aa267d9d531" +dependencies = [ + "darling_core 0.21.2", + "quote", + "syn 2.0.106", +] + +[[package]] +name = "delegate" +version = "0.13.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6178a82cf56c836a3ba61a7935cdb1c49bfaa6fa4327cd5bf554a503087de26b" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.106", +] + [[package]] name = "digest" version = "0.10.3" @@ -439,12 +706,227 @@ dependencies = [ "subtle", ] +[[package]] +name = "document-features" +version = "0.2.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95249b50c6c185bee49034bcb378a49dc2b5dff0be90ff6616d31d64febab05d" +dependencies = [ + "litrs", +] + [[package]] name = "either" version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3f107b87b6afc2a64fd13cac55fe06d6c8859f12d4b14cbcdd2c67d0976781be" +[[package]] +name = "embassy-embedded-hal" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8c62a3bf127e03832fb97d8b01a058775e617653bc89e2a12c256485a7fb54c1" +dependencies = [ + "embassy-embedded-hal 0.4.0", + "embassy-futures", + "embassy-sync 0.6.2", + "embassy-time", + "embedded-hal 0.2.7", + "embedded-hal 1.0.0", + "embedded-hal-async", + "embedded-storage", + "embedded-storage-async", + "nb 1.1.0", +] + +[[package]] +name = "embassy-embedded-hal" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d1611b7a7ab5d1fbed84c338df26d56fd9bded58006ebb029075112ed2c5e039" +dependencies = [ + "embassy-futures", + "embassy-hal-internal", + "embassy-sync 0.7.1", + "embedded-hal 0.2.7", + "embedded-hal 1.0.0", + "embedded-hal-async", + "embedded-storage", + "embedded-storage-async", + "nb 1.1.0", +] + +[[package]] +name = "embassy-embedded-time" +version = "0.1.0" +source = "git+https://github.com/SimonIT/embassy-embedded-time.git?branch=release%2Fv0.13.0#d3d6c77eb54c3dcd1b38e396801fe33106141c9e" +dependencies = [ + "embassy-time", + "embedded-time", +] + +[[package]] +name = "embassy-futures" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f878075b9794c1e4ac788c95b728f26aa6366d32eeb10c7051389f898f7d067" + +[[package]] +name = "embassy-hal-internal" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95285007a91b619dc9f26ea8f55452aa6c60f7115a4edc05085cd2bd3127cd7a" +dependencies = [ + "num-traits", +] + +[[package]] +name = "embassy-sync" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d2c8cdff05a7a51ba0087489ea44b0b1d97a296ca6b1d6d1a33ea7423d34049" +dependencies = [ + "cfg-if", + "critical-section", + "embedded-io-async", + "futures-sink", + "futures-util", + "heapless", +] + +[[package]] +name = "embassy-sync" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "03c372c90d3525a648684fa1c131decaf7d9ff181030db09c876fad6043443b9" +dependencies = [ + "cfg-if", + "critical-section", + "embedded-io-async", + "futures-core", + "futures-sink", + "heapless", +] + +[[package]] +name = "embassy-time" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f820157f198ada183ad62e0a66f554c610cdcd1a9f27d4b316358103ced7a1f8" +dependencies = [ + "cfg-if", + "critical-section", + "document-features", + "embassy-time-driver", + "embedded-hal 0.2.7", + "embedded-hal 1.0.0", + "embedded-hal-async", + "futures-util", +] + +[[package]] +name = "embassy-time-driver" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d45f5d833b6d98bd2aab0c2de70b18bfaa10faf661a1578fd8e5dfb15eb7eba" +dependencies = [ + "document-features", +] + +[[package]] +name = "embassy-usb-driver" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "340c5ce591ef58c6449e43f51d2c53efe1bf0bb6a40cbf80afa0d259c7d52c76" +dependencies = [ + "embedded-io-async", +] + +[[package]] +name = "embassy-usb-synopsys-otg" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08e753b23799329780c7ac434264026d0422044d6649ed70a73441b14a6436d7" +dependencies = [ + "critical-section", + "embassy-sync 0.6.2", + "embassy-usb-driver", +] + +[[package]] +name = "embedded-can" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e9d2e857f87ac832df68fa498d18ddc679175cf3d2e4aa893988e5601baf9438" +dependencies = [ + "nb 1.1.0", +] + +[[package]] +name = "embedded-hal" +version = "0.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "35949884794ad573cf46071e41c9b60efb0cb311e3ca01f7af807af1debc66ff" +dependencies = [ + "nb 0.1.3", + "void", +] + +[[package]] +name = "embedded-hal" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "361a90feb7004eca4019fb28352a9465666b24f840f5c3cddf0ff13920590b89" + +[[package]] +name = "embedded-hal-async" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c4c685bbef7fe13c3c6dd4da26841ed3980ef33e841cddfa15ce8a8fb3f1884" +dependencies = [ + "embedded-hal 1.0.0", +] + +[[package]] +name = "embedded-hal-nb" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fba4268c14288c828995299e59b12babdbe170f6c6d73731af1b4648142e8605" +dependencies = [ + "embedded-hal 1.0.0", + "nb 1.1.0", +] + +[[package]] +name = "embedded-io" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "edd0f118536f44f5ccd48bcb8b111bdc3de888b58c74639dfb034a357d0f206d" + +[[package]] +name = "embedded-io-async" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ff09972d4073aa8c299395be75161d582e7629cd663171d62af73c8d50dba3f" +dependencies = [ + "embedded-io", +] + +[[package]] +name = "embedded-storage" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a21dea9854beb860f3062d10228ce9b976da520a73474aed3171ec276bc0c032" + +[[package]] +name = "embedded-storage-async" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1763775e2323b7d5f0aa6090657f5e21cfa02ede71f5dc40eead06d64dcd15cc" +dependencies = [ + "embedded-storage", +] + [[package]] name = "embedded-time" version = "0.13.0" @@ -453,6 +935,211 @@ dependencies = [ "num", ] +[[package]] +name = "enum-as-inner" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1e6a265c649f3f5979b601d26f1d05ada116434c87741c9493cb56218f76cbc" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "syn 2.0.106", +] + +[[package]] +name = "enumset" +version = "1.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f50acec76c668b4621fe3694e5ddee53c8fae2a03410026f50947d195eb44dc1" +dependencies = [ + "enumset_derive", +] + +[[package]] +name = "enumset_derive" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "588eaef9dbc5d72c5fa4edf162527e67dab5d14ba61519ef7c8e233d5bdc092c" +dependencies = [ + "darling 0.21.2", + "proc-macro2", + "quote", + "syn 2.0.106", +] + +[[package]] +name = "equivalent" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f" + +[[package]] +name = "esp-build" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8aa1c8f9954c9506699cf1ca10a2adcc226ff10b6ae3cb9e875cf2c6a0b9a372" +dependencies = [ + "quote", + "syn 2.0.106", + "termcolor", +] + +[[package]] +name = "esp-config" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "158dba334d3a2acd8d93873c0ae723ca1037cc78eefe5d6b4c5919b0ca28e38e" +dependencies = [ + "document-features", +] + +[[package]] +name = "esp-hal" +version = "0.23.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a573175c540fd1d21a9cf07b0dee286b5a8f4cfde4b35da0f4f4657de7942c45" +dependencies = [ + "basic-toml", + "bitfield 0.17.0", + "bitflags 2.9.1", + "bytemuck", + "cfg-if", + "chrono", + "critical-section", + "delegate", + "document-features", + "embassy-embedded-hal 0.3.2", + "embassy-futures", + "embassy-sync 0.6.2", + "embassy-usb-driver", + "embassy-usb-synopsys-otg", + "embedded-can", + "embedded-hal 1.0.0", + "embedded-hal-async", + "embedded-hal-nb", + "embedded-io", + "embedded-io-async", + "enumset", + "esp-build", + "esp-config", + "esp-hal-procmacros", + "esp-metadata", + "esp-riscv-rt", + "esp-synopsys-usb-otg", + "esp32", + "esp32c3", + "esp32c6", + "esp32s3", + "fugit", + "instability", + "nb 1.1.0", + "paste", + "portable-atomic", + "rand_core", + "riscv", + "serde", + "strum", + "ufmt-write", + "usb-device", + "void", + "xtensa-lx", + "xtensa-lx-rt", +] + +[[package]] +name = "esp-hal-procmacros" +version = "0.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e4a3297005c2b31cd00e2ba50037edc9bddf99da3afe1c97a2d1b0165a312eab" +dependencies = [ + "darling 0.20.11", + "document-features", + "litrs", + "object", + "proc-macro-crate", + "proc-macro-error2", + "proc-macro2", + "quote", + "syn 2.0.106", +] + +[[package]] +name = "esp-metadata" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fb15c17e50f4cccb0d88305c19eae2d5533d750f0a05b6a05f1c99864974758e" +dependencies = [ + "anyhow", + "basic-toml", + "serde", + "strum", +] + +[[package]] +name = "esp-riscv-rt" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94aca65db6157aa5f42d9df6595b21462f28207ca4230b799aa3620352ef6a72" +dependencies = [ + "document-features", + "riscv", + "riscv-rt-macros", +] + +[[package]] +name = "esp-synopsys-usb-otg" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8938451cb19032f13365328ea66ab38c8d16deecdf322067442297110eb74468" +dependencies = [ + "critical-section", + "embedded-hal 0.2.7", + "ral-registers", + "usb-device", + "vcell", +] + +[[package]] +name = "esp32" +version = "0.35.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19d3bff1d268a4b8d34b494c0e88466cd59a827bb330189773db299ff525ea13" +dependencies = [ + "critical-section", + "vcell", +] + +[[package]] +name = "esp32c3" +version = "0.27.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61655d48e45039dfac5ae769581fb50ea7f61dea3227b4b744a1a900d03fbbd4" +dependencies = [ + "critical-section", + "vcell", +] + +[[package]] +name = "esp32c6" +version = "0.18.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd38a7771b65cb640cc4a79324a6301ba4ac3bf2987caca5d3aa34492238fdb9" +dependencies = [ + "critical-section", + "vcell", +] + +[[package]] +name = "esp32s3" +version = "0.30.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9f0ab39d5ae3b61b3a83f5616a03220a7dc9c4d6e4ed16d2da73d50bf8d798d7" +dependencies = [ + "critical-section", + "vcell", +] + [[package]] name = "etherparse" version = "0.13.0" @@ -462,12 +1149,86 @@ dependencies = [ "arrayvec", ] +[[package]] +name = "featurecomb" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f153f6b80e9a75303a62296e48cb4b908030c6aaa3362872e29e8999132a1c4d" +dependencies = [ + "featurecomb-schema", + "proc-macro2", + "quote", + "serde", + "toml", +] + +[[package]] +name = "featurecomb-schema" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c486f63dbdcad99caa45f900ee8b51c8213483e7f53ff8992aa2b0c4d971362" +dependencies = [ + "indexmap 2.10.0", + "serde", +] + [[package]] name = "fiat-crypto" version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "28dea519a9695b9977216879a3ebfddf92f1c08c05d984f8996aecd6ecdc811d" +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + +[[package]] +name = "fugit" +version = "0.3.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17186ad64927d5ac8f02c1e77ccefa08ccd9eaa314d5a4772278aa204a22f7e7" +dependencies = [ + "gcd", +] + +[[package]] +name = "futures-core" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05f29059c0c2090612e8d742178b0580d2dc940c837851ad723096f87af6663e" + +[[package]] +name = "futures-sink" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e575fab7d1e0dcb8d0c7bcf9a63ee213816ab51902e6d244a95819acacf1d4f7" + +[[package]] +name = "futures-task" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f90f7dce0722e95104fcb095585910c0977252f286e354b5e3bd38902cd99988" + +[[package]] +name = "futures-util" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9fa08315bb612088cc391249efdc3bc77536f16c91f6cf495e6fbe85b20a4a81" +dependencies = [ + "futures-core", + "futures-task", + "pin-project-lite", + "pin-utils", +] + +[[package]] +name = "gcd" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d758ba1b47b00caf47f24925c0074ecb20d6dfcffe7f6d53395c0465674841a" + [[package]] name = "generic-array" version = "0.14.5" @@ -486,7 +1247,19 @@ checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427" dependencies = [ "cfg-if", "libc", - "wasi", + "wasi 0.11.0+wasi-snapshot-preview1", +] + +[[package]] +name = "getrandom" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26145e563e54f2cadc477553f1ec5ee650b00862f0a58bcd12cbdc5f0ea2d2f4" +dependencies = [ + "cfg-if", + "libc", + "r-efi", + "wasi 0.14.2+wasi-0.2.4", ] [[package]] @@ -495,12 +1268,78 @@ version = "1.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "eabb4a44450da02c90444cf74558da904edde8fb4e9035a9a6a4e15445af0bd7" +[[package]] +name = "hash32" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "47d60b12902ba28e2730cd37e95b8c9223af2808df9e902d4df49588d1470606" +dependencies = [ + "byteorder", +] + [[package]] name = "hashbrown" version = "0.12.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "607c8a29735385251a339424dd462993c0fed8fa09d378f259377df08c126022" +[[package]] +name = "hashbrown" +version = "0.15.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9229cfe53dfd69f0609a49f65461bd93001ea1ef889cd5529dd176593f5338a1" + +[[package]] +name = "hax-lib" +version = "0.1.0-pre.1" +source = "git+https://github.com/hacspec/hax?rev=cc29a3f8c0eee80a1682be78cb3b0447a0257d5b#cc29a3f8c0eee80a1682be78cb3b0447a0257d5b" +dependencies = [ + "hax-lib-macros", + "num-bigint", + "num-traits", +] + +[[package]] +name = "hax-lib-macros" +version = "0.1.0-pre.1" +source = "git+https://github.com/hacspec/hax?rev=cc29a3f8c0eee80a1682be78cb3b0447a0257d5b#cc29a3f8c0eee80a1682be78cb3b0447a0257d5b" +dependencies = [ + "hax-lib-macros-types", + "paste", + "proc-macro-error", + "proc-macro2", + "quote", + "syn 2.0.106", +] + +[[package]] +name = "hax-lib-macros-types" +version = "0.1.0-pre.1" +source = "git+https://github.com/hacspec/hax?rev=cc29a3f8c0eee80a1682be78cb3b0447a0257d5b#cc29a3f8c0eee80a1682be78cb3b0447a0257d5b" +dependencies = [ + "proc-macro2", + "quote", + "serde", + "serde_json", + "uuid", +] + +[[package]] +name = "heapless" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0bfb9eb618601c89945a70e254898da93b13be0388091d42117462b265bb3fad" +dependencies = [ + "hash32", + "stable_deref_trait", +] + +[[package]] +name = "heck" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" + [[package]] name = "hermit-abi" version = "0.1.19" @@ -525,6 +1364,12 @@ dependencies = [ "digest", ] +[[package]] +name = "ident_case" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39" + [[package]] name = "indexmap" version = "1.9.1" @@ -532,9 +1377,26 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "10a35a97730320ffe8e2d410b5d3b69279b98d2c14bdb8b70ea89ecf7888d41e" dependencies = [ "autocfg", - "hashbrown", + "hashbrown 0.12.2", +] + +[[package]] +name = "indexmap" +version = "2.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fe4cd85333e22411419a0bcae1297d25e58c9443848b11dc6a86fefe8c78a661" +dependencies = [ + "equivalent", + "hashbrown 0.15.5", + "serde", ] +[[package]] +name = "indoc" +version = "2.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4c7245a08504955605670dbf141fceab975f15ca21570696aebe9d2e71576bd" + [[package]] name = "inout" version = "0.1.3" @@ -544,6 +1406,19 @@ dependencies = [ "generic-array", ] +[[package]] +name = "instability" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "435d80800b936787d62688c927b6490e887c7ef5ff9ce922c6c6050fca75eb9a" +dependencies = [ + "darling 0.20.11", + "indoc", + "proc-macro2", + "quote", + "syn 2.0.106", +] + [[package]] name = "ip_network" version = "0.4.1" @@ -616,6 +1491,26 @@ dependencies = [ "wasm-bindgen", ] +[[package]] +name = "konst" +version = "0.3.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4381b9b00c55f251f2ebe9473aef7c117e96828def1a7cb3bd3f0f903c6894e9" +dependencies = [ + "const_panic", + "konst_kernel", + "typewit", +] + +[[package]] +name = "konst_kernel" +version = "0.3.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e4b1eb7788f3824c629b1116a7a9060d6e898c358ebff59070093d51103dcc3c" +dependencies = [ + "typewit", +] + [[package]] name = "lazy_static" version = "1.4.0" @@ -628,6 +1523,35 @@ version = "0.2.172" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d750af042f7ef4f724306de029d18836c26c1765a54a6a3f094cbd23a7267ffa" +[[package]] +name = "linkme" +version = "0.3.33" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1b1703c00b2a6a70738920544aa51652532cacddfec2e162d2e29eae01e665c" +dependencies = [ + "linkme-impl", +] + +[[package]] +name = "linkme-impl" +version = "0.3.33" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "04d55ca5d5a14363da83bf3c33874b8feaa34653e760d5216d7ef9829c88001a" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.106", +] + +[[package]] +name = "litrs" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f5e54036fe321fd421e10d732f155734c4e4afd610dd556d9a82833ab3ee0bed" +dependencies = [ + "proc-macro2", +] + [[package]] name = "lock_api" version = "0.4.13" @@ -657,11 +1581,35 @@ checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" name = "memoffset" version = "0.6.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5aa361d4faea93603064a027415f07bd8e1d5c88c9fbf68bf56a285428fd79ce" +checksum = "5aa361d4faea93603064a027415f07bd8e1d5c88c9fbf68bf56a285428fd79ce" +dependencies = [ + "autocfg", +] + +[[package]] +name = "minijinja" +version = "2.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e60ac08614cc09062820e51d5d94c2fce16b94ea4e5003bb81b99a95f84e876" +dependencies = [ + "serde", +] + +[[package]] +name = "nb" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "801d31da0513b6ec5214e9bf433a77966320625a37860f910be265be6e18d06f" dependencies = [ - "autocfg", + "nb 1.1.0", ] +[[package]] +name = "nb" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d5439c4ad607c3c23abf66de8c8bf57ba8adcd1f129e699851a6e43935d339d" + [[package]] name = "nix" version = "0.25.0" @@ -687,6 +1635,16 @@ dependencies = [ "num-traits", ] +[[package]] +name = "num-bigint" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a5e44f723f1133c9deac646763579fdb3ac745e418f2a7af9cd0c431da1f20b9" +dependencies = [ + "num-integer", + "num-traits", +] + [[package]] name = "num-complex" version = "0.3.1" @@ -729,9 +1687,9 @@ dependencies = [ [[package]] name = "num-traits" -version = "0.2.15" +version = "0.2.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" +checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841" dependencies = [ "autocfg", ] @@ -755,6 +1713,15 @@ dependencies = [ "libc", ] +[[package]] +name = "object" +version = "0.36.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62948e14d923ea95ea2c7c86c71013138b66525b86bdc08d2dcc262bdb497b87" +dependencies = [ + "memchr", +] + [[package]] name = "once_cell" version = "1.13.0" @@ -779,6 +1746,16 @@ version = "6.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "21326818e99cfe6ce1e524c2a805c189a99b5ae555a35d19f9a284b427d86afa" +[[package]] +name = "panic-semihosting" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee8a3e1233d9073d76a870223512ce4eeea43c067a94a445c13bd6d792d7b1ab" +dependencies = [ + "cortex-m", + "cortex-m-semihosting", +] + [[package]] name = "parking_lot" version = "0.12.4" @@ -802,12 +1779,24 @@ dependencies = [ "windows-targets", ] +[[package]] +name = "paste" +version = "1.0.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57c0d7b74b563b49d38dae00a0c37d4d6de9b432382b2892f0574ddcae73fd0a" + [[package]] name = "pin-project-lite" version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e0a7ae3ac2f1173085d398531c705756c94a4c56843785df85a60c1a0afac116" +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + [[package]] name = "plotters" version = "0.3.2" @@ -847,31 +1836,110 @@ dependencies = [ "universal-hash", ] +[[package]] +name = "portable-atomic" +version = "1.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f84267b20a16ea918e43c6a88433c2d54fa145c92a811b5b047ccbe153674483" + +[[package]] +name = "proc-macro-crate" +version = "3.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "edce586971a4dfaa28950c6f18ed55e0406c1ab88bbce2c6f6293a7aaba73d35" +dependencies = [ + "toml_edit", +] + +[[package]] +name = "proc-macro-error" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" +dependencies = [ + "proc-macro-error-attr", + "proc-macro2", + "quote", + "syn 1.0.98", + "version_check", +] + +[[package]] +name = "proc-macro-error-attr" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" +dependencies = [ + "proc-macro2", + "quote", + "version_check", +] + +[[package]] +name = "proc-macro-error-attr2" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96de42df36bb9bba5542fe9f1a054b8cc87e172759a1868aa05c1f3acc89dfc5" +dependencies = [ + "proc-macro2", + "quote", +] + +[[package]] +name = "proc-macro-error2" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11ec05c52be0a07b08061f7dd003e7d7092e0472bc731b4af7bb1ef876109802" +dependencies = [ + "proc-macro-error-attr2", + "proc-macro2", + "quote", + "syn 2.0.106", +] + [[package]] name = "proc-macro2" -version = "1.0.63" +version = "1.0.101" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b368fba921b0dce7e60f5e04ec15e565b3303972b42bcfde1d0713b881959eb" +checksum = "89ae43fd86e4158d6db51ad8e2b80f313af9cc74f5c0e03ccb87de09998732de" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.29" +version = "1.0.40" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "573015e8ab27661678357f27dc26460738fd2b6c86e46f386fde94cb5d913105" +checksum = "1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d" dependencies = [ "proc-macro2", ] +[[package]] +name = "r-efi" +version = "5.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f" + +[[package]] +name = "r0" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd7a31eed1591dcbc95d92ad7161908e72f4677f8fabf2a32ca49b4237cbf211" + +[[package]] +name = "ral-registers" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "46b71a9d9206e8b46714c74255adcaea8b11e0350c1d8456165073c3f75fc81a" + [[package]] name = "rand_core" version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" dependencies = [ - "getrandom", + "getrandom 0.2.10", ] [[package]] @@ -936,21 +2004,77 @@ checksum = "a4689e6c2294d81e88dc6261c768b63bc4fcdb852be6d1352498b114f61383b7" dependencies = [ "cc", "cfg-if", - "getrandom", + "getrandom 0.2.10", "libc", "untrusted", "windows-sys", ] +[[package]] +name = "riscv" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5ea8ff73d3720bdd0a97925f0bf79ad2744b6da8ff36be3840c48ac81191d7a7" +dependencies = [ + "critical-section", + "embedded-hal 1.0.0", + "paste", + "riscv-macros", + "riscv-pac", +] + +[[package]] +name = "riscv-macros" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f265be5d634272320a7de94cea15c22a3bfdd4eb42eb43edc528415f066a1f25" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.106", +] + +[[package]] +name = "riscv-pac" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8188909339ccc0c68cfb5a04648313f09621e8b87dc03095454f1a11f6c5d436" + +[[package]] +name = "riscv-rt-macros" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "30f19a85fe107b65031e0ba8ec60c34c2494069fe910d6c297f5e7cb5a6f76d0" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.106", +] + +[[package]] +name = "rustc_version" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "138e3e0acb6c9fb258b19b67cb8abd63c00679d2851805ea151465464fe9030a" +dependencies = [ + "semver 0.9.0", +] + [[package]] name = "rustc_version" version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366" dependencies = [ - "semver", + "semver 1.0.12", ] +[[package]] +name = "rustversion" +version = "1.0.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b39cdef0fa800fc44525c84ccb54a029961a8215f9619753635a9c0d2538d46d" + [[package]] name = "ryu" version = "1.0.10" @@ -972,17 +2096,32 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" +[[package]] +name = "semver" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d7eb9ef2c18661902cc47e535f9bc51b78acd254da71d375c2f6720d9a40403" +dependencies = [ + "semver-parser", +] + [[package]] name = "semver" version = "1.0.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a2333e6df6d6598f2b1974829f853c2b4c5f4a6e503c10af918081aa6f8564e1" +[[package]] +name = "semver-parser" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" + [[package]] name = "serde" -version = "1.0.139" +version = "1.0.219" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0171ebb889e45aa68b44aee0859b3eede84c6f5f5c228e6f140c0b2a0a46cad6" +checksum = "5f0e2c6ed6606019b4e29e69dbaba95b11854410e5347d525002456dbbb786b6" dependencies = [ "serde_derive", ] @@ -999,13 +2138,13 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.139" +version = "1.0.219" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc1d3230c1de7932af58ad8ffbe1d784bd55efd5a9d84ac24f69c72d83543dfb" +checksum = "5b0276cf7f2c73365f7157c8123c21cd9a50fbbd844757af28ca1f5925fc2a00" dependencies = [ "proc-macro2", "quote", - "syn 1.0.98", + "syn 2.0.106", ] [[package]] @@ -1019,6 +2158,15 @@ dependencies = [ "serde", ] +[[package]] +name = "serde_spanned" +version = "0.6.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf41e0cfaf7226dca15e8197172c295a782857fcb97fad1808a166870dee75a3" +dependencies = [ + "serde", +] + [[package]] name = "sharded-slab" version = "0.1.4" @@ -1050,6 +2198,21 @@ dependencies = [ "winapi", ] +[[package]] +name = "stable_deref_trait" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3" + +[[package]] +name = "static_cell" +version = "2.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0530892bb4fa575ee0da4b86f86c667132a94b74bb72160f58ee5a4afec74c23" +dependencies = [ + "portable-atomic", +] + [[package]] name = "std-embedded-time" version = "0.1.0" @@ -1064,6 +2227,34 @@ version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" +[[package]] +name = "strsim" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" + +[[package]] +name = "strum" +version = "0.26.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8fec0f0aef304996cf250b31b5a10dee7980c85da9d759361292b8bca5a18f06" +dependencies = [ + "strum_macros", +] + +[[package]] +name = "strum_macros" +version = "0.26.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c6bee85a5a24955dc440386795aa378cd9cf82acd5f764469152d2270e581be" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "rustversion", + "syn 2.0.106", +] + [[package]] name = "subtle" version = "2.4.1" @@ -1083,9 +2274,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.23" +version = "2.0.106" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "59fb7d6d8281a51045d62b8eb3a7d1ce347b76f312af50cd3dc0af39c87c1737" +checksum = "ede7c438028d4436d71104916910f5bb611972c5cfd7f89b8300a8186e6fada6" dependencies = [ "proc-macro2", "quote", @@ -1106,9 +2297,9 @@ dependencies = [ [[package]] name = "termcolor" -version = "1.1.3" +version = "1.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bab24d30b911b2376f3a13cc2cd443142f0c81dda04c118693e35b3835757755" +checksum = "06794f8f6c5c898b3275aebefa6b8a1cb24cd2c6c79397ab15774837a0bc5755" dependencies = [ "winapi-util", ] @@ -1145,7 +2336,7 @@ checksum = "266b2e40bc00e5a6c09c3584011e08b06f123c00362c92b975ba9843aaaa14b8" dependencies = [ "proc-macro2", "quote", - "syn 2.0.23", + "syn 2.0.106", ] [[package]] @@ -1178,6 +2369,47 @@ dependencies = [ "serde_json", ] +[[package]] +name = "toml" +version = "0.8.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc1beb996b9d83529a9e75c17a1686767d148d70663143c7854d8b4a09ced362" +dependencies = [ + "serde", + "serde_spanned", + "toml_datetime", + "toml_edit", +] + +[[package]] +name = "toml_datetime" +version = "0.6.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "22cddaf88f4fbc13c51aebbf5f8eceb5c7c5a9da2ac40a13519eb5b0a0e8f11c" +dependencies = [ + "serde", +] + +[[package]] +name = "toml_edit" +version = "0.22.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41fe8c660ae4257887cf66394862d21dbca4a6ddd26f04a3560410406a2f819a" +dependencies = [ + "indexmap 2.10.0", + "serde", + "serde_spanned", + "toml_datetime", + "toml_write", + "winnow", +] + +[[package]] +name = "toml_write" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5d99f8c9a7727884afe522e9bd5edbfc91a3312b36a77b5fb8926e4c31a41801" + [[package]] name = "tracing" version = "0.1.40" @@ -1208,7 +2440,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.23", + "syn 2.0.106", ] [[package]] @@ -1252,6 +2484,27 @@ version = "1.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "dcf81ac59edc17cc8697ff311e8f5ef2d99fcbd9817b34cec66f90b6c3dfd987" +[[package]] +name = "typewit" +version = "1.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "97e72ba082eeb9da9dc68ff5a2bf727ef6ce362556e8d29ec1aed3bd05e7d86a" +dependencies = [ + "typewit_proc_macros", +] + +[[package]] +name = "typewit_proc_macros" +version = "1.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e36a83ea2b3c704935a01b4642946aadd445cea40b10935e3f8bd8052b8193d6" + +[[package]] +name = "ufmt-write" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e87a2ed6b42ec5e28cc3b94c09982969e9227600b2e3dcbc1db927a84c06bd69" + [[package]] name = "unicode-ident" version = "1.0.1" @@ -1286,18 +2539,58 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" +[[package]] +name = "usb-device" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "98816b1accafbb09085168b90f27e93d790b4bfa19d883466b5e53315b5f06a6" +dependencies = [ + "heapless", + "portable-atomic", +] + +[[package]] +name = "uuid" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "458f7a779bf54acc9f347480ac654f68407d3aab21269a6e3c9f922acd9e2da9" +dependencies = [ + "getrandom 0.3.3", +] + [[package]] name = "valuable" version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "830b7e5d4d90034032940e4ace0d9a9a057e7a45cd94e6c007832e39edb82f6d" +[[package]] +name = "vcell" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77439c1b53d2303b20d9459b1ade71a83c716e3f9c34f3228c00e6f185d6c002" + [[package]] name = "version_check" version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" +[[package]] +name = "void" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a02e4885ed3bc0f2de90ea6dd45ebcbb66dacffe03547fadbb0eeae2770887d" + +[[package]] +name = "volatile-register" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de437e2a6208b014ab52972a27e59b33fa2920d3e00fe05026167a1c509d19cc" +dependencies = [ + "vcell", +] + [[package]] name = "walkdir" version = "2.3.2" @@ -1315,6 +2608,15 @@ version = "0.11.0+wasi-snapshot-preview1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" +[[package]] +name = "wasi" +version = "0.14.2+wasi-0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9683f9a5a998d873c0d21fcbe3c083009670149a8fab228644b8bd36b2c48cb3" +dependencies = [ + "wit-bindgen-rt", +] + [[package]] name = "wasm-bindgen" version = "0.2.81" @@ -1483,6 +2785,24 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" +[[package]] +name = "winnow" +version = "0.7.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f3edebf492c8125044983378ecb5766203ad3b4c2f7a922bd7dd207f6d443e95" +dependencies = [ + "memchr", +] + +[[package]] +name = "wit-bindgen-rt" +version = "0.39.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6f42320e61fe2cfd34354ecb597f86f413484a798ba44a8ca1165c58d42da6c1" +dependencies = [ + "bitflags 2.9.1", +] + [[package]] name = "x25519-dalek" version = "2.0.1" @@ -1495,6 +2815,46 @@ dependencies = [ "zeroize", ] +[[package]] +name = "xtensa-lx" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "51cbb46c78cfd284c9378070ab90bae9d14d38b3766cb853a97c0a137f736d5b" +dependencies = [ + "critical-section", + "document-features", +] + +[[package]] +name = "xtensa-lx-rt" +version = "0.18.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "689c2ef159d9cd4fc9503603e9999968a84a30db9bde0f0f880d0cceea0190a9" +dependencies = [ + "anyhow", + "document-features", + "enum-as-inner", + "minijinja", + "r0", + "serde", + "strum", + "toml", + "xtensa-lx", + "xtensa-lx-rt-proc-macros", +] + +[[package]] +name = "xtensa-lx-rt-proc-macros" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11277b1e4cbb7ffe44678c668518b249c843c81df249b8f096701757bc50d7ee" +dependencies = [ + "darling 0.20.11", + "proc-macro2", + "quote", + "syn 2.0.106", +] + [[package]] name = "zeroize" version = "1.5.6" diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index 0c13350b7..2a7f9d5a8 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -17,8 +17,9 @@ edition = "2018" default = [ "std" ] alloc = [ ] std = [ "alloc", "dep:parking_lot", "dep:std-embedded-time" ] +ariel-os = [ "dep:ariel-os-lock", "dep:embassy-embedded-time" ] device = ["std", "socket2", "thiserror"] -jni-bindings = ["ffi-bindings", "jni"] +jni-bindings = ["std", "ffi-bindings", "jni"] ffi-bindings = ["std", "tracing-subscriber"] [dependencies] @@ -27,6 +28,7 @@ hex = { version = "0.4", features = ["alloc"] } untrusted = "0.9.0" libc = { version = "0.2", default-features = false } parking_lot = { version = "0.12.4", optional = true } +ariel-os-lock = { git = "https://github.com/SimonIT/ariel-os-lock", optional = true } lock_api = "0.4.13" tracing = { version = "0.1.40", default-features = false } tracing-subscriber = { version = "0.3", features = ["fmt"], optional = true } @@ -47,6 +49,7 @@ socket2 = { version = "0.4.7", features = ["all"], optional = true } thiserror = { version = "1", optional = true } embedded-time = { git = "https://github.com/FluenTech/embedded-time.git", branch = "release/v0.13.0" } std-embedded-time = { git = "https://github.com/SimonIT/std-embedded-time.git", branch = "release/v0.13.0", optional = true } +embassy-embedded-time = { git = "https://github.com/SimonIT/embassy-embedded-time.git", branch = "release/v0.13.0", optional = true } [target.'cfg(unix)'.dependencies] nix = { version = "0.25", default-features = false, features = [ diff --git a/boringtun/src/noise/rate_limiter.rs b/boringtun/src/noise/rate_limiter.rs index 11e2bc565..91c460bdd 100644 --- a/boringtun/src/noise/rate_limiter.rs +++ b/boringtun/src/noise/rate_limiter.rs @@ -4,7 +4,7 @@ use crate::noise::{HandshakeInit, HandshakeResponse, Packet, Tunn, TunnResult, W use core::net::IpAddr; use core::sync::atomic::{AtomicU64, Ordering}; -use std::convert::TryFrom; +use core::convert::TryFrom; use crate::sleepyinstant::Instant; @@ -18,6 +18,8 @@ use embedded_time::Clock; use lock_api::Mutex; #[cfg(feature = "std")] use parking_lot::RawMutex; +#[cfg(feature = "ariel-os")] +use ariel_os_lock::RawMutex; use rand_core::{OsRng, RngCore}; use ring::constant_time::verify_slices_are_equal; diff --git a/boringtun/src/noise/session.rs b/boringtun/src/noise/session.rs index be4bcbdd7..85eceff83 100644 --- a/boringtun/src/noise/session.rs +++ b/boringtun/src/noise/session.rs @@ -7,6 +7,8 @@ use core::sync::atomic::{AtomicUsize, Ordering}; use lock_api::Mutex; #[cfg(feature = "std")] use parking_lot::RawMutex; +#[cfg(feature = "ariel-os")] +use ariel_os_lock::RawMutex; use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305}; pub struct Session { From 37c05cbc942a22419957c8e787dad4995fe4551e Mon Sep 17 00:00:00 2001 From: SimonIT Date: Sat, 13 Sep 2025 14:26:20 +0200 Subject: [PATCH 09/21] Missing imports and fmt --- boringtun/src/noise/handshake.rs | 2 ++ boringtun/src/noise/mod.rs | 1 + boringtun/src/noise/rate_limiter.rs | 6 +++--- boringtun/src/noise/session.rs | 4 ++-- 4 files changed, 8 insertions(+), 5 deletions(-) diff --git a/boringtun/src/noise/handshake.rs b/boringtun/src/noise/handshake.rs index 5555c1d88..07a139b40 100644 --- a/boringtun/src/noise/handshake.rs +++ b/boringtun/src/noise/handshake.rs @@ -7,6 +7,7 @@ use crate::noise::session::Session; use crate::sleepyinstant::{ClockImpl, Instant}; use crate::x25519; use aead::{Aead, Payload}; +use alloc::borrow::ToOwned; use blake2::digest::{FixedOutput, KeyInit}; use blake2::{Blake2s256, Blake2sMac, Digest}; use chacha20poly1305::XChaCha20Poly1305; @@ -889,6 +890,7 @@ mod tests { use super::*; use alloc::vec; + use std::eprintln; #[test] fn chacha20_seal_rfc7530_test_vector() { diff --git a/boringtun/src/noise/mod.rs b/boringtun/src/noise/mod.rs index f45161cfe..2126c1fd7 100644 --- a/boringtun/src/noise/mod.rs +++ b/boringtun/src/noise/mod.rs @@ -17,6 +17,7 @@ use crate::x25519; use crate::sleepyinstant::ClockImpl; use alloc::collections::VecDeque; use alloc::sync::Arc; +use alloc::vec::Vec; use core::convert::{TryFrom, TryInto}; use core::net::{IpAddr, Ipv4Addr, Ipv6Addr}; use embedded_time::duration::Generic; diff --git a/boringtun/src/noise/rate_limiter.rs b/boringtun/src/noise/rate_limiter.rs index 91c460bdd..589a8b529 100644 --- a/boringtun/src/noise/rate_limiter.rs +++ b/boringtun/src/noise/rate_limiter.rs @@ -2,15 +2,17 @@ use super::handshake::{b2s_hash, b2s_keyed_mac_16, b2s_keyed_mac_16_2, b2s_mac_2 use crate::noise::handshake::{LABEL_COOKIE, LABEL_MAC1}; use crate::noise::{HandshakeInit, HandshakeResponse, Packet, Tunn, TunnResult, WireGuardError}; +use core::convert::TryFrom; use core::net::IpAddr; use core::sync::atomic::{AtomicU64, Ordering}; -use core::convert::TryFrom; use crate::sleepyinstant::Instant; use crate::sleepyinstant::ClockImpl; use aead::generic_array::GenericArray; use aead::{AeadInPlace, KeyInit}; +#[cfg(feature = "ariel-os")] +use ariel_os_lock::RawMutex; use chacha20poly1305::{Key, XChaCha20Poly1305}; use embedded_time::duration::Seconds; use embedded_time::fixed_point::FixedPoint; @@ -18,8 +20,6 @@ use embedded_time::Clock; use lock_api::Mutex; #[cfg(feature = "std")] use parking_lot::RawMutex; -#[cfg(feature = "ariel-os")] -use ariel_os_lock::RawMutex; use rand_core::{OsRng, RngCore}; use ring::constant_time::verify_slices_are_equal; diff --git a/boringtun/src/noise/session.rs b/boringtun/src/noise/session.rs index 85eceff83..f8a4c46dd 100644 --- a/boringtun/src/noise/session.rs +++ b/boringtun/src/noise/session.rs @@ -3,12 +3,12 @@ use super::PacketData; use crate::noise::errors::WireGuardError; +#[cfg(feature = "ariel-os")] +use ariel_os_lock::RawMutex; use core::sync::atomic::{AtomicUsize, Ordering}; use lock_api::Mutex; #[cfg(feature = "std")] use parking_lot::RawMutex; -#[cfg(feature = "ariel-os")] -use ariel_os_lock::RawMutex; use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305}; pub struct Session { From 0997c03e23c76eef7e9bd4570e11ba016c803e27 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Sun, 14 Sep 2025 19:02:48 +0200 Subject: [PATCH 10/21] Update some deps for newer rand --- Cargo.lock | 161 +++++++++++++++++-------------------------- boringtun/Cargo.toml | 14 ++-- 2 files changed, 69 insertions(+), 106 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 18082b0b1..9b3b82b68 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4,12 +4,12 @@ version = 4 [[package]] name = "aead" -version = "0.5.0-pre.2" +version = "0.6.0-rc.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ebd885afa9fa966b7715dc1c46bf47330b9156eec79a09d2003c5af03d153ba0" +checksum = "ac8202ab55fcbf46ca829833f347a82a2a4ce0596f0304ac322c2d100030cd56" dependencies = [ "crypto-common", - "generic-array", + "inout", ] [[package]] @@ -166,20 +166,20 @@ checksum = "1b8e56985ec62d17e9c1001dc89c88ecd7dc08e47eba5ec7c29c7b5eeecde967" [[package]] name = "blake2" -version = "0.10.6" +version = "0.11.0-rc.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46502ad458c9a52b69d4d4d32775c788b7a1b85e8bc9d482d92250fc0e3f8efe" +checksum = "1edac47499deef695d9431bf241c75ea29f4cf3dcb78d39e19b31515e4ad3b08" dependencies = [ "digest", ] [[package]] name = "block-buffer" -version = "0.10.2" +version = "0.11.0-rc.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0bf7fe51849ea569fd452f37822f606a5cabb684dc918707a0193fd4664ff324" +checksum = "e9ef36a6fcdb072aa548f3da057640ec10859eb4e91ddf526ee648d50c76a949" dependencies = [ - "generic-array", + "hybrid-array", ] [[package]] @@ -204,7 +204,7 @@ dependencies = [ "lock_api", "nix", "parking_lot", - "rand_core", + "rand_core 0.9.3", "ring", "socket2", "std-embedded-time", @@ -307,9 +307,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "chacha20" -version = "0.9.0" +version = "0.10.0-rc.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7fc89c7c5b9e7a02dfe45cd2367bae382f9ed31c61ca8debe5f827c420a2f08" +checksum = "9bd162f2b8af3e0639d83f28a637e4e55657b7a74508dba5a9bf4da523d5c9e9" dependencies = [ "cfg-if", "cipher", @@ -318,15 +318,14 @@ dependencies = [ [[package]] name = "chacha20poly1305" -version = "0.10.0-pre.1" +version = "0.11.0-rc.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa5c8884b2dd73aa47cd73fff4ebee4f962cb9b8b07eba70251500e9fd756832" +checksum = "ecc260dd2c69bf5581e9603fff348843363a649edde02768e84c0088f21c3f52" dependencies = [ "aead", "chacha20", "cipher", "poly1305", - "zeroize", ] [[package]] @@ -340,13 +339,13 @@ dependencies = [ [[package]] name = "cipher" -version = "0.4.3" +version = "0.5.0-rc.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d1873270f8f7942c191139cb8a40fd228da6c3fd2fc376d7e92d47aa14aeb59e" +checksum = "1e12a13eb01ded5d32ee9658d94f553a19e804204f2dc811df69ab4d9e0cb8c7" dependencies = [ + "block-buffer", "crypto-common", "inout", - "zeroize", ] [[package]] @@ -452,9 +451,9 @@ dependencies = [ [[package]] name = "cpufeatures" -version = "0.2.9" +version = "0.2.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a17b76ff3a4162b0b27f354a0c87015ddad39d35f9c0c36607a3bdd175dde1f1" +checksum = "59ed5838eebb26a2bb2e58f6d5b5316989ae9d08bab10e0e6d103e656d1b0280" dependencies = [ "libc", ] @@ -548,13 +547,12 @@ dependencies = [ [[package]] name = "crypto-common" -version = "0.1.5" +version = "0.2.0-rc.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2ccfd8c0ee4cce11e45b3fd6f9d5e69e0cc62912aa6a0cb1bf4617b0eba5a12f" +checksum = "6a8235645834fbc6832939736ce2f2d08192652269e11010a6240f61b908a1c6" dependencies = [ - "generic-array", - "rand_core", - "typenum", + "hybrid-array", + "rand_core 0.9.3", ] [[package]] @@ -581,9 +579,9 @@ dependencies = [ [[package]] name = "curve25519-dalek" -version = "4.1.3" +version = "5.0.0-pre.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97fb8b7c4503de7d6ae7b42ab72a5a59857b4c937ec27a3d4539dba95b5ab2be" +checksum = "6f9200d1d13637f15a6acb71e758f64624048d85b31a5fdbfd8eca1e2687d0b7" dependencies = [ "cfg-if", "cpufeatures", @@ -697,9 +695,9 @@ dependencies = [ [[package]] name = "digest" -version = "0.10.3" +version = "0.11.0-rc.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f2fb860ca6fafa5552fb6d0e816a69c8e49f0908bf524e30a90d97c85892d506" +checksum = "3a4aae35a0fcbe22ff1be50fe96df72002d5a4a6fb4aae9193cf2da0daa36da2" dependencies = [ "block-buffer", "crypto-common", @@ -1036,7 +1034,7 @@ dependencies = [ "nb 1.1.0", "paste", "portable-atomic", - "rand_core", + "rand_core 0.6.4", "riscv", "serde", "strum", @@ -1174,9 +1172,9 @@ dependencies = [ [[package]] name = "fiat-crypto" -version = "0.2.9" +version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "28dea519a9695b9977216879a3ebfddf92f1c08c05d984f8996aecd6ecdc811d" +checksum = "64cd1e32ddd350061ae6edb1b082d7c54915b5c672c389143b9a63403a109f24" [[package]] name = "fnv" @@ -1229,16 +1227,6 @@ version = "2.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1d758ba1b47b00caf47f24925c0074ecb20d6dfcffe7f6d53395c0465674841a" -[[package]] -name = "generic-array" -version = "0.14.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd48d33ec7f05fbfa152300fdad764757cbded343c1aa1cff2fbaf4134851803" -dependencies = [ - "typenum", - "version_check", -] - [[package]] name = "getrandom" version = "0.2.10" @@ -1357,13 +1345,22 @@ checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" [[package]] name = "hmac" -version = "0.12.1" +version = "0.13.0-rc.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" +checksum = "49e206bca159aebaaed410f5e78b2fe56bfc0dd5b19ecae922813b8556b8b07e" dependencies = [ "digest", ] +[[package]] +name = "hybrid-array" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c7116c472cf19838450b1d421b4e842569f52b519d640aee9ace1ebcf5b21051" +dependencies = [ + "typenum", +] + [[package]] name = "ident_case" version = "1.0.1" @@ -1399,11 +1396,11 @@ checksum = "f4c7245a08504955605670dbf141fceab975f15ca21570696aebe9d2e71576bd" [[package]] name = "inout" -version = "0.1.3" +version = "0.2.0-rc.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" +checksum = "1603f76010ff924b616c8f44815a42eb10fb0b93d308b41deaa8da6d4251fd4b" dependencies = [ - "generic-array", + "hybrid-array", ] [[package]] @@ -1734,12 +1731,6 @@ version = "11.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0ab1bc2a289d34bd04a330323ac98a1b4bc82c9d9fcb1e66b63caa84da26b575" -[[package]] -name = "opaque-debug" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" - [[package]] name = "os_str_bytes" version = "6.1.0" @@ -1827,12 +1818,11 @@ dependencies = [ [[package]] name = "poly1305" -version = "0.7.2" +version = "0.9.0-rc.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "048aeb476be11a4b6ca432ca569e375810de9294ae78f4774e78ea98a9246ede" +checksum = "fb78a635f75d76d856374961deecf61031c0b6f928c83dc9c0924ab6c019c298" dependencies = [ "cpufeatures", - "opaque-debug", "universal-hash", ] @@ -1938,8 +1928,14 @@ name = "rand_core" version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" + +[[package]] +name = "rand_core" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "99d9a13982dcf210057a8a78572b2217b667c3beacbf3a0d8b454f6f82837d38" dependencies = [ - "getrandom 0.2.10", + "getrandom 0.3.3", ] [[package]] @@ -2257,9 +2253,9 @@ dependencies = [ [[package]] name = "subtle" -version = "2.4.1" +version = "2.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" +checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292" [[package]] name = "syn" @@ -2283,18 +2279,6 @@ dependencies = [ "unicode-ident", ] -[[package]] -name = "synstructure" -version = "0.12.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f36bdaa60a83aca3921b5259d5400cbf5e90fc51931376a9bd4a0eb79aa7210f" -dependencies = [ - "proc-macro2", - "quote", - "syn 1.0.98", - "unicode-xid", -] - [[package]] name = "termcolor" version = "1.4.1" @@ -2480,9 +2464,9 @@ dependencies = [ [[package]] name = "typenum" -version = "1.15.0" +version = "1.18.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcf81ac59edc17cc8697ff311e8f5ef2d99fcbd9817b34cec66f90b6c3dfd987" +checksum = "1dccffe3ce07af9386bfd29e80c0ab1a8205a2fc34e4bcd40364df902cfa8f3f" [[package]] name = "typewit" @@ -2517,19 +2501,13 @@ version = "0.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3ed742d4ea2bd1176e236172c8429aaf54486e7ac098db29ffe6529e0ce50973" -[[package]] -name = "unicode-xid" -version = "0.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "957e51f3646910546462e67d5f7599b9e4fb8acdd304b087a6494730f9eebf04" - [[package]] name = "universal-hash" -version = "0.4.1" +version = "0.6.0-rc.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f214e8f697e925001e66ec2c6e37a4ef93f0f78c2eed7814394e10c62025b05" +checksum = "a55be643b40a21558f44806b53ee9319595bc7ca6896372e4e08e5d7d83c9cd6" dependencies = [ - "generic-array", + "crypto-common", "subtle", ] @@ -2805,12 +2783,12 @@ dependencies = [ [[package]] name = "x25519-dalek" -version = "2.0.1" +version = "3.0.0-pre.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7e468321c81fb07fa7f4c636c3972b9100f0346e5b6a9f2bd0603a52f7ed277" +checksum = "3a45998121837fd8c92655d2334aa8f3e5ef0645cdfda5b321b13760c548fd55" dependencies = [ "curve25519-dalek", - "rand_core", + "rand_core 0.9.3", "serde", "zeroize", ] @@ -2860,18 +2838,3 @@ name = "zeroize" version = "1.5.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "20b578acffd8516a6c3f2a1bdefc1ec37e547bb4e0fb8b6b01a4cafc886b4442" -dependencies = [ - "zeroize_derive", -] - -[[package]] -name = "zeroize_derive" -version = "1.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f8f187641dad4f680d25c4bfc4225b418165984179f26ca76ec4fb6441d3a17" -dependencies = [ - "proc-macro2", - "quote", - "syn 1.0.98", - "synstructure", -] diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index 2a7f9d5a8..23858e81f 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -34,16 +34,16 @@ tracing = { version = "0.1.40", default-features = false } tracing-subscriber = { version = "0.3", features = ["fmt"], optional = true } ip_network = "0.4.1" ip_network_table = "0.2.0" -ring = { version = "0.17", default-features = false } -x25519-dalek = { version = "2.0.1", features = [ +ring = { version = "0.17.14", default-features = false } +x25519-dalek = { version = "3.0.0-pre.1", features = [ "reusable_secrets", "static_secrets", ] } -rand_core = { version = "0.6.4", features = ["getrandom"] } -chacha20poly1305 = "0.10.0-pre.1" -aead = "0.5.0-pre.2" -blake2 = "0.10" -hmac = "0.12" +rand_core = { version = "0.9.3", features = ["os_rng"] } +chacha20poly1305 = "0.11.0-rc.1" +aead = "0.6.0-rc.2" +blake2 = "0.11.0-rc.2" +hmac = "0.13.0-rc.1" jni = { version = "0.19.0", optional = true } socket2 = { version = "0.4.7", features = ["all"], optional = true } thiserror = { version = "1", optional = true } From 8993b915d39b88b093269463f65efe24fe581d66 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Mon, 15 Sep 2025 17:50:14 +0200 Subject: [PATCH 11/21] Fix compatibility with updated crates --- boringtun/Cargo.toml | 5 +++-- boringtun/src/device/integration_tests/mod.rs | 20 +++++++++---------- boringtun/src/device/mod.rs | 4 ++-- boringtun/src/noise/handshake.rs | 14 ++++++------- boringtun/src/noise/mod.rs | 10 +++++----- boringtun/src/noise/rate_limiter.rs | 14 ++++++------- 6 files changed, 34 insertions(+), 33 deletions(-) diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index 23858e81f..5d6eda0cd 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -32,12 +32,13 @@ ariel-os-lock = { git = "https://github.com/SimonIT/ariel-os-lock", optional = t lock_api = "0.4.13" tracing = { version = "0.1.40", default-features = false } tracing-subscriber = { version = "0.3", features = ["fmt"], optional = true } -ip_network = "0.4.1" -ip_network_table = "0.2.0" +ip_network = { version = "0.4.1", default-features = false } +ip_network_table = { version = "0.2.0", default-features = false } ring = { version = "0.17.14", default-features = false } x25519-dalek = { version = "3.0.0-pre.1", features = [ "reusable_secrets", "static_secrets", + "os_rng" ] } rand_core = { version = "0.9.3", features = ["os_rng"] } chacha20poly1305 = "0.11.0-rc.1" diff --git a/boringtun/src/device/integration_tests/mod.rs b/boringtun/src/device/integration_tests/mod.rs index b4e360c3d..6d92e980b 100644 --- a/boringtun/src/device/integration_tests/mod.rs +++ b/boringtun/src/device/integration_tests/mod.rs @@ -87,7 +87,7 @@ mod tests { /// Create a new peer with a given endpoint and a list of allowed IPs fn new(endpoint: SocketAddr, allowed_ips: Vec) -> Peer { Peer { - key: StaticSecret::random_from_rng(OsRng), + key: StaticSecret::random(), endpoint, allowed_ips, container_name: None, @@ -476,7 +476,7 @@ mod tests { /// Test if wireguard starts and creates a unix socket that we can use to set settings fn test_wireguard_set() { let port = next_port(); - let private_key = StaticSecret::random_from_rng(OsRng); + let private_key = StaticSecret::random(); let own_public_key = PublicKey::from(&private_key); let wg = WGHandle::init("192.0.2.0".parse().unwrap(), "::2".parse().unwrap()); @@ -494,7 +494,7 @@ mod tests { ) ); - let peer_key = StaticSecret::random_from_rng(OsRng); + let peer_key = StaticSecret::random(); let peer_pub_key = PublicKey::from(&peer_key); let endpoint = SocketAddr::new(IpAddr::V4(Ipv4Addr::new(172, 0, 0, 1)), 50001); let allowed_ips = [ @@ -543,7 +543,7 @@ mod tests { #[ignore] fn test_wg_start_ipv4_non_connected() { let port = next_port(); - let private_key = StaticSecret::random_from_rng(OsRng); + let private_key = StaticSecret::random(); let public_key = PublicKey::from(&private_key); let addr_v4 = next_ip(); let addr_v6 = next_ip_v6(); @@ -590,7 +590,7 @@ mod tests { #[ignore] fn test_wg_start_ipv4() { let port = next_port(); - let private_key = StaticSecret::random_from_rng(OsRng); + let private_key = StaticSecret::random(); let public_key = PublicKey::from(&private_key); let addr_v4 = next_ip(); let addr_v6 = next_ip_v6(); @@ -626,7 +626,7 @@ mod tests { /// Test if wireguard can handle simple ipv6 connections fn test_wg_start_ipv6() { let port = next_port(); - let private_key = StaticSecret::random_from_rng(OsRng); + let private_key = StaticSecret::random(); let public_key = PublicKey::from(&private_key); let addr_v4 = next_ip(); let addr_v6 = next_ip_v6(); @@ -662,7 +662,7 @@ mod tests { #[cfg(target_os = "linux")] // Can't make docker work with ipv6 on macOS ATM fn test_wg_start_ipv6_endpoint() { let port = next_port(); - let private_key = StaticSecret::random_from_rng(OsRng); + let private_key = StaticSecret::random(); let public_key = PublicKey::from(&private_key); let addr_v4 = next_ip(); let addr_v6 = next_ip_v6(); @@ -701,7 +701,7 @@ mod tests { #[cfg(target_os = "linux")] // Can't make docker work with ipv6 on macOS ATM fn test_wg_start_ipv6_endpoint_not_connected() { let port = next_port(); - let private_key = StaticSecret::random_from_rng(OsRng); + let private_key = StaticSecret::random(); let public_key = PublicKey::from(&private_key); let addr_v4 = next_ip(); let addr_v6 = next_ip_v6(); @@ -750,7 +750,7 @@ mod tests { #[ignore] fn test_wg_concurrent() { let port = next_port(); - let private_key = StaticSecret::random_from_rng(OsRng); + let private_key = StaticSecret::random(); let public_key = PublicKey::from(&private_key); let addr_v4 = next_ip(); let addr_v6 = next_ip_v6(); @@ -801,7 +801,7 @@ mod tests { #[ignore] fn test_wg_concurrent_v6() { let port = next_port(); - let private_key = StaticSecret::random_from_rng(OsRng); + let private_key = StaticSecret::random(); let public_key = PublicKey::from(&private_key); let addr_v4 = next_ip(); let addr_v6 = next_ip_v6(); diff --git a/boringtun/src/device/mod.rs b/boringtun/src/device/mod.rs index 2210dcacc..fd333eec2 100644 --- a/boringtun/src/device/mod.rs +++ b/boringtun/src/device/mod.rs @@ -44,7 +44,7 @@ use allowed_ips::AllowedIps; use parking_lot::Mutex; use peer::{AllowedIP, Peer}; use poll::{EventPoll, EventRef, WaitResult}; -use rand_core::{OsRng, RngCore}; +use rand_core::{OsRng, TryRngCore}; use socket2::{Domain, Protocol, Type}; use tun::TunSocket; @@ -852,7 +852,7 @@ impl IndexLfsr { fn random_index() -> u32 { const LFSR_MAX: u32 = 0xffffff; // 24-bit seed loop { - let i = OsRng.next_u32() & LFSR_MAX; + let i = OsRng.try_next_u32().unwrap() & LFSR_MAX; if i > 0 { // LFSR seed must be non-zero return i; diff --git a/boringtun/src/noise/handshake.rs b/boringtun/src/noise/handshake.rs index 07a139b40..aef889e2e 100644 --- a/boringtun/src/noise/handshake.rs +++ b/boringtun/src/noise/handshake.rs @@ -8,6 +8,7 @@ use crate::sleepyinstant::{ClockImpl, Instant}; use crate::x25519; use aead::{Aead, Payload}; use alloc::borrow::ToOwned; +use blake2::digest::consts::{U16, U24}; use blake2::digest::{FixedOutput, KeyInit}; use blake2::{Blake2s256, Blake2sMac, Digest}; use chacha20poly1305::XChaCha20Poly1305; @@ -16,7 +17,6 @@ use core::convert::TryInto; use embedded_time::duration::{Generic, Milliseconds, Nanoseconds, Seconds}; use embedded_time::fixed_point::FixedPoint; use embedded_time::Clock; -use rand_core::OsRng; use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305}; pub(crate) const LABEL_MAC1: &[u8; 8] = b"mac1----"; @@ -67,21 +67,21 @@ pub(crate) fn b2s_hmac2(key: &[u8], data1: &[u8], data2: &[u8]) -> [u8; 32] { #[inline] pub(crate) fn b2s_keyed_mac_16(key: &[u8], data1: &[u8]) -> [u8; 16] { - let mut hmac = Blake2sMac::new_from_slice(key).unwrap(); + let mut hmac = Blake2sMac::::new_from_slice(key).unwrap(); blake2::digest::Update::update(&mut hmac, data1); hmac.finalize_fixed().into() } #[inline] pub(crate) fn b2s_keyed_mac_16_2(key: &[u8], data1: &[u8], data2: &[u8]) -> [u8; 16] { - let mut hmac = Blake2sMac::new_from_slice(key).unwrap(); + let mut hmac = Blake2sMac::::new_from_slice(key).unwrap(); blake2::digest::Update::update(&mut hmac, data1); blake2::digest::Update::update(&mut hmac, data2); hmac.finalize_fixed().into() } pub(crate) fn b2s_mac_24(key: &[u8], data1: &[u8]) -> [u8; 24] { - let mut hmac = Blake2sMac::new_from_slice(key).unwrap(); + let mut hmac = Blake2sMac::::new_from_slice(key).unwrap(); blake2::digest::Update::update(&mut hmac, data1); hmac.finalize_fixed().into() } @@ -672,7 +672,7 @@ impl Handshake { }; let plaintext = XChaCha20Poly1305::new_from_slice(&key) .unwrap() - .decrypt(packet.nonce.into(), payload) + .decrypt(packet.nonce.try_into().unwrap(), payload) .map_err(|_| WireGuardError::InvalidAeadTag)?; let cookie = plaintext @@ -732,7 +732,7 @@ impl Handshake { let mut hash = INITIAL_CHAIN_HASH; hash = b2s_hash(&hash, self.params.peer_static_public.as_bytes()); // initiator.ephemeral_private = DH_GENERATE() - let ephemeral_private = x25519::ReusableSecret::random_from_rng(OsRng); + let ephemeral_private = x25519::ReusableSecret::random(); // msg.message_type = 1 // msg.reserved_zero = { 0, 0, 0 } message_type.copy_from_slice(&super::HANDSHAKE_INIT.to_le_bytes()); @@ -818,7 +818,7 @@ impl Handshake { let (encrypted_nothing, _) = rest.split_at_mut(16); // responder.ephemeral_private = DH_GENERATE() - let ephemeral_private = x25519::ReusableSecret::random_from_rng(OsRng); + let ephemeral_private = x25519::ReusableSecret::random(); let local_index = self.inc_index(); // msg.message_type = 2 // msg.reserved_zero = { 0, 0, 0 } diff --git a/boringtun/src/noise/mod.rs b/boringtun/src/noise/mod.rs index 2126c1fd7..ab65179df 100644 --- a/boringtun/src/noise/mod.rs +++ b/boringtun/src/noise/mod.rs @@ -604,16 +604,16 @@ mod tests { use std::vec::Vec; use super::*; - use rand_core::{OsRng, RngCore}; + use rand_core::{OsRng, TryRngCore}; fn create_two_tuns() -> (Tunn, Tunn) { - let my_secret_key = x25519_dalek::StaticSecret::random_from_rng(OsRng); + let my_secret_key = x25519_dalek::StaticSecret::random(); let my_public_key = x25519_dalek::PublicKey::from(&my_secret_key); - let my_idx = OsRng.next_u32(); + let my_idx = OsRng.try_next_u32().unwrap(); - let their_secret_key = x25519_dalek::StaticSecret::random_from_rng(OsRng); + let their_secret_key = x25519_dalek::StaticSecret::random(); let their_public_key = x25519_dalek::PublicKey::from(&their_secret_key); - let their_idx = OsRng.next_u32(); + let their_idx = OsRng.try_next_u32().unwrap(); let my_tun = Tunn::new(my_secret_key, their_public_key, None, None, my_idx, None); diff --git a/boringtun/src/noise/rate_limiter.rs b/boringtun/src/noise/rate_limiter.rs index 589a8b529..b1ef8b3fe 100644 --- a/boringtun/src/noise/rate_limiter.rs +++ b/boringtun/src/noise/rate_limiter.rs @@ -9,8 +9,8 @@ use core::sync::atomic::{AtomicU64, Ordering}; use crate::sleepyinstant::Instant; use crate::sleepyinstant::ClockImpl; -use aead::generic_array::GenericArray; -use aead::{AeadInPlace, KeyInit}; +use aead::array::Array; +use aead::{AeadInOut, KeyInit}; #[cfg(feature = "ariel-os")] use ariel_os_lock::RawMutex; use chacha20poly1305::{Key, XChaCha20Poly1305}; @@ -20,7 +20,7 @@ use embedded_time::Clock; use lock_api::Mutex; #[cfg(feature = "std")] use parking_lot::RawMutex; -use rand_core::{OsRng, RngCore}; +use rand_core::{OsRng, TryRngCore}; use ring::constant_time::verify_slices_are_equal; const COOKIE_REFRESH: Seconds = Seconds(128); // Use 128 and not 120 so the compiler can optimize out the division @@ -60,7 +60,7 @@ pub struct RateLimiter { impl RateLimiter { pub fn new(public_key: &crate::x25519::PublicKey, limit: u64) -> Self { let mut secret_key = [0u8; 16]; - OsRng.fill_bytes(&mut secret_key); + OsRng.try_fill_bytes(&mut secret_key).unwrap(); RateLimiter { nonce_key: Self::rand_bytes(), secret_key, @@ -76,7 +76,7 @@ impl RateLimiter { fn rand_bytes() -> [u8; 32] { let mut key = [0u8; 32]; - OsRng.fill_bytes(&mut key); + OsRng.try_fill_bytes(&mut key).unwrap(); key } @@ -151,11 +151,11 @@ impl RateLimiter { let cipher = XChaCha20Poly1305::new(&self.cookie_key); - let iv = GenericArray::from_slice(nonce); + let iv = Array::from_slice(nonce); encrypted_cookie[..16].copy_from_slice(&cookie); let tag = cipher - .encrypt_in_place_detached(iv, mac1, &mut encrypted_cookie[..16]) + .encrypt_inout_detached(&iv, mac1, (&mut encrypted_cookie[..16]).into()) .map_err(|_| WireGuardError::DestinationBufferTooSmall)?; encrypted_cookie[16..].copy_from_slice(&tag); From 4b4d3c89400a0f3d9ff799cb3e01268728fac398 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Mon, 15 Sep 2025 22:07:41 +0200 Subject: [PATCH 12/21] Update base64 --- Cargo.lock | 4 ++-- boringtun/Cargo.toml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 9b3b82b68..a294db297 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -127,9 +127,9 @@ dependencies = [ [[package]] name = "base64" -version = "0.13.1" +version = "0.22.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" +checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" [[package]] name = "basic-toml" diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index 5d6eda0cd..5a57bd117 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -23,7 +23,7 @@ jni-bindings = ["std", "ffi-bindings", "jni"] ffi-bindings = ["std", "tracing-subscriber"] [dependencies] -base64 = { version = "0.13", features = ["alloc"] } +base64 = { version = "0.22.1", default-features = false, features = ["alloc"] } hex = { version = "0.4", features = ["alloc"] } untrusted = "0.9.0" libc = { version = "0.2", default-features = false } From c479313eac11f879439e17f1abbe4eccf3a049b2 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Mon, 15 Sep 2025 22:10:58 +0200 Subject: [PATCH 13/21] hex no_std --- boringtun/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index 5a57bd117..470688caf 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -24,7 +24,7 @@ ffi-bindings = ["std", "tracing-subscriber"] [dependencies] base64 = { version = "0.22.1", default-features = false, features = ["alloc"] } -hex = { version = "0.4", features = ["alloc"] } +hex = { version = "0.4", default-features = false, features = ["alloc"] } untrusted = "0.9.0" libc = { version = "0.2", default-features = false } parking_lot = { version = "0.12.4", optional = true } From e1a77785be4167f0ba39926a8734fea3c7c38324 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Fri, 19 Sep 2025 10:33:58 +0200 Subject: [PATCH 14/21] Mabye ring/less-safe-getrandom-custom-or-rdrand works --- boringtun/Cargo.toml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index 470688caf..661d36db0 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -14,10 +14,10 @@ documentation = "https://docs.rs/boringtun/0.5.2/boringtun/" edition = "2018" [features] -default = [ "std" ] -alloc = [ ] -std = [ "alloc", "dep:parking_lot", "dep:std-embedded-time" ] -ariel-os = [ "dep:ariel-os-lock", "dep:embassy-embedded-time" ] +default = ["std"] +alloc = [] +std = ["alloc", "dep:parking_lot", "dep:std-embedded-time"] +ariel-os = ["dep:ariel-os-lock", "dep:embassy-embedded-time", "ring/less-safe-getrandom-custom-or-rdrand"] device = ["std", "socket2", "thiserror"] jni-bindings = ["std", "ffi-bindings", "jni"] ffi-bindings = ["std", "tracing-subscriber"] From 00fccdc1d8b5b91efa5f3c46e25a8d88b53d9ed6 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Fri, 19 Sep 2025 14:12:14 +0200 Subject: [PATCH 15/21] Oops, forgot import --- boringtun/src/sleepyinstant/mod.rs | 3 +++ 1 file changed, 3 insertions(+) diff --git a/boringtun/src/sleepyinstant/mod.rs b/boringtun/src/sleepyinstant/mod.rs index 0dcb24a49..5ae89c208 100644 --- a/boringtun/src/sleepyinstant/mod.rs +++ b/boringtun/src/sleepyinstant/mod.rs @@ -14,6 +14,9 @@ pub use inner::UnixClock as ClockImpl; #[cfg(unix)] use unix as inner; +#[cfg(feature = "ariel-os")] +pub use embassy_embedded_time::EmbassyClock as ClockImpl; + /// A measurement of a monotonically nondecreasing clock. /// Opaque and useful only with [`Duration`]. /// From 6d0a45b22661b1718c2f471dfb38ae188197058d Mon Sep 17 00:00:00 2001 From: SimonIT Date: Fri, 19 Sep 2025 14:14:38 +0200 Subject: [PATCH 16/21] Make counter AtomicUsize for 32 bit compatibility --- boringtun/src/noise/rate_limiter.rs | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/boringtun/src/noise/rate_limiter.rs b/boringtun/src/noise/rate_limiter.rs index b1ef8b3fe..02eaf776c 100644 --- a/boringtun/src/noise/rate_limiter.rs +++ b/boringtun/src/noise/rate_limiter.rs @@ -4,7 +4,7 @@ use crate::noise::{HandshakeInit, HandshakeResponse, Packet, Tunn, TunnResult, W use core::convert::TryFrom; use core::net::IpAddr; -use core::sync::atomic::{AtomicU64, Ordering}; +use core::sync::atomic::{AtomicUsize, Ordering}; use crate::sleepyinstant::Instant; @@ -46,13 +46,13 @@ pub struct RateLimiter { /// The key we use to derive the cookie secret_key: [u8; 16], start_time: Instant, - /// A single 64 bit counter (should suffice for many years) - nonce_ctr: AtomicU64, + /// A single usize bit counter (should suffice for many years) + nonce_ctr: AtomicUsize, mac1_key: [u8; 32], cookie_key: Key, limit: u64, /// The counter since last reset - count: AtomicU64, + count: AtomicUsize, /// The time last reset was performed on this rate limiter last_reset: Mutex, } @@ -65,11 +65,11 @@ impl RateLimiter { nonce_key: Self::rand_bytes(), secret_key, start_time: Instant::now(), - nonce_ctr: AtomicU64::new(0), + nonce_ctr: AtomicUsize::new(0), mac1_key: b2s_hash(LABEL_MAC1, public_key.as_bytes()), cookie_key: b2s_hash(LABEL_COOKIE, public_key.as_bytes()).into(), limit, - count: AtomicU64::new(0), + count: AtomicUsize::new(0), last_reset: Mutex::new(Instant::now()), } } @@ -123,7 +123,7 @@ impl RateLimiter { } fn is_under_load(&self) -> bool { - self.count.fetch_add(1, Ordering::SeqCst) >= self.limit + self.count.fetch_add(1, Ordering::SeqCst) >= self.limit as usize } pub(crate) fn format_cookie_reply<'a>( From 4122f81c540fb650bb579ee9b3b243a23995d161 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Sat, 20 Sep 2025 22:19:12 +0200 Subject: [PATCH 17/21] staticlib doesn't seem to work with no_std --- boringtun/Cargo.toml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index 661d36db0..8ee33b794 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -17,7 +17,7 @@ edition = "2018" default = ["std"] alloc = [] std = ["alloc", "dep:parking_lot", "dep:std-embedded-time"] -ariel-os = ["dep:ariel-os-lock", "dep:embassy-embedded-time", "ring/less-safe-getrandom-custom-or-rdrand"] +ariel-os = ["dep:ariel-os-lock", "dep:embassy-embedded-time"] device = ["std", "socket2", "thiserror"] jni-bindings = ["std", "ffi-bindings", "jni"] ffi-bindings = ["std", "tracing-subscriber"] @@ -49,8 +49,8 @@ jni = { version = "0.19.0", optional = true } socket2 = { version = "0.4.7", features = ["all"], optional = true } thiserror = { version = "1", optional = true } embedded-time = { git = "https://github.com/FluenTech/embedded-time.git", branch = "release/v0.13.0" } -std-embedded-time = { git = "https://github.com/SimonIT/std-embedded-time.git", branch = "release/v0.13.0", optional = true } -embassy-embedded-time = { git = "https://github.com/SimonIT/embassy-embedded-time.git", branch = "release/v0.13.0", optional = true } +std-embedded-time = { git = "https://github.com/SimonIT/std-embedded-time.git", branch = "release/v0.13.0", optional = true } +embassy-embedded-time = { git = "https://github.com/SimonIT/embassy-embedded-time.git", branch = "release/v0.13.0", optional = true } [target.'cfg(unix)'.dependencies] nix = { version = "0.25", default-features = false, features = [ @@ -64,7 +64,7 @@ tracing-subscriber = "0.3" criterion = { version = "0.3.5", features = ["html_reports"] } [lib] -crate-type = ["staticlib", "cdylib", "rlib"] +crate-type = ["cdylib", "rlib"] [[bench]] name = "crypto_benches" From 03d6d8f45b14bdf717393eeccfc8fb6a96b0b707 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Sun, 12 Oct 2025 13:01:28 +0200 Subject: [PATCH 18/21] Alias types for unit and duration --- boringtun/src/device/api.rs | 8 +++----- boringtun/src/device/peer.rs | 6 ++---- boringtun/src/ffi/mod.rs | 6 +----- boringtun/src/noise/handshake.rs | 10 +++++----- boringtun/src/noise/mod.rs | 14 ++------------ boringtun/src/noise/rate_limiter.rs | 12 ++++-------- boringtun/src/noise/timers.rs | 21 ++++++++++----------- boringtun/src/sleepyinstant/mod.rs | 10 ++++++++-- 8 files changed, 35 insertions(+), 52 deletions(-) diff --git a/boringtun/src/device/api.rs b/boringtun/src/device/api.rs index d0515290c..fb6ec219b 100644 --- a/boringtun/src/device/api.rs +++ b/boringtun/src/device/api.rs @@ -6,10 +6,9 @@ use super::drop_privileges::get_saved_ids; use super::{AllowedIP, Device, Error, SocketAddr}; use crate::device::Action; use crate::serialization::KeyBytes; -use crate::sleepyinstant::ClockImpl; +use crate::sleepyinstant::ClockUnit; use crate::x25519; use embedded_time::duration::{Nanoseconds, Seconds}; -use embedded_time::Clock; use hex::encode as encode_hex; use libc::*; use std::convert::TryFrom; @@ -193,10 +192,9 @@ fn api_get(writer: &mut BufWriter<&UnixStream>, d: &Device) -> i32 { } if let Some(time) = p.time_since_last_handshake() { - let secs = Seconds::<::T>::try_from(time).unwrap(); + let secs = Seconds::::try_from(time).unwrap(); writeln!(writer, "last_handshake_time_sec={secs}"); - let sub = - Nanoseconds::<::T>::try_from(time).unwrap() % Seconds(1u32); + let sub = Nanoseconds::::try_from(time).unwrap() % Seconds(1u32); writeln!(writer, "last_handshake_time_nsec={sub}"); } diff --git a/boringtun/src/device/peer.rs b/boringtun/src/device/peer.rs index 0e067270d..5155b6ece 100644 --- a/boringtun/src/device/peer.rs +++ b/boringtun/src/device/peer.rs @@ -1,14 +1,12 @@ // Copyright (c) 2019 Cloudflare, Inc. All rights reserved. // SPDX-License-Identifier: BSD-3-Clause -use embedded_time::duration::Generic; use parking_lot::RwLock; use socket2::{Domain, Protocol, Type}; use crate::device::{AllowedIps, Error}; use crate::noise::{Tunn, TunnResult}; -use crate::sleepyinstant::ClockImpl; -use embedded_time::Clock; +use crate::sleepyinstant::ClockDuration; use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, Shutdown, SocketAddr, SocketAddrV4, SocketAddrV6}; use std::str::FromStr; @@ -154,7 +152,7 @@ impl Peer { self.allowed_ips.iter().map(|(_, ip, cidr)| (ip, cidr)) } - pub fn time_since_last_handshake(&self) -> Option::T>> { + pub fn time_since_last_handshake(&self) -> Option { self.tunnel.time_since_last_handshake() } diff --git a/boringtun/src/ffi/mod.rs b/boringtun/src/ffi/mod.rs index e813aca78..45d231c4c 100644 --- a/boringtun/src/ffi/mod.rs +++ b/boringtun/src/ffi/mod.rs @@ -395,11 +395,7 @@ pub unsafe extern "C" fn wireguard_stats(tunnel: *const Mutex) - let (time, tx_bytes, rx_bytes, estimated_loss, estimated_rtt) = tunnel.stats(); stats { time_since_last_handshake: time - .map(|t| { - Seconds::<::T>::try_from(t) - .unwrap() - .integer() as i64 - }) + .map(|t| Seconds::::try_from(t).unwrap().integer() as i64) .unwrap_or(-1), tx_bytes, rx_bytes, diff --git a/boringtun/src/noise/handshake.rs b/boringtun/src/noise/handshake.rs index aef889e2e..f0ea4c9f3 100644 --- a/boringtun/src/noise/handshake.rs +++ b/boringtun/src/noise/handshake.rs @@ -4,7 +4,7 @@ use super::{HandshakeInit, HandshakeResponse, PacketCookieReply}; use crate::noise::errors::WireGuardError; use crate::noise::session::Session; -use crate::sleepyinstant::{ClockImpl, Instant}; +use crate::sleepyinstant::{ClockDuration, ClockImpl, ClockUnit, Instant}; use crate::x25519; use aead::{Aead, Payload}; use alloc::borrow::ToOwned; @@ -14,7 +14,7 @@ use blake2::{Blake2s256, Blake2sMac, Digest}; use chacha20poly1305::XChaCha20Poly1305; use core::convert::TryFrom; use core::convert::TryInto; -use embedded_time::duration::{Generic, Milliseconds, Nanoseconds, Seconds}; +use embedded_time::duration::{Milliseconds, Nanoseconds, Seconds}; use embedded_time::fixed_point::FixedPoint; use embedded_time::Clock; use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305}; @@ -168,7 +168,7 @@ struct Tai64N { #[derive(Debug)] /// This struct computes a [Tai64N](https://cr.yp.to/libtai/tai64.html) timestamp from current system time struct TimeStamper { - duration_at_start: Generic<::T>, + duration_at_start: ClockDuration, instant_at_start: Instant, } @@ -189,9 +189,9 @@ impl TimeStamper { const TAI64_BASE: u64 = (1u64 << 62) + 37; let mut ext_stamp = [0u8; 12]; let stamp = Instant::now().duration_since(self.instant_at_start) + self.duration_at_start; - let secs = Seconds::<::T>::try_from(stamp).unwrap(); + let secs = Seconds::::try_from(stamp).unwrap(); ext_stamp[0..8].copy_from_slice(&(secs.integer() + TAI64_BASE).to_be_bytes()); - let sub = Nanoseconds::<::T>::try_from(stamp).unwrap() % Seconds(1u32); + let sub = Nanoseconds::::try_from(stamp).unwrap() % Seconds(1u32); ext_stamp[8..12].copy_from_slice(&(sub.integer() as u32).to_be_bytes()); ext_stamp } diff --git a/boringtun/src/noise/mod.rs b/boringtun/src/noise/mod.rs index ab65179df..8663b5f67 100644 --- a/boringtun/src/noise/mod.rs +++ b/boringtun/src/noise/mod.rs @@ -14,14 +14,12 @@ use crate::noise::rate_limiter::RateLimiter; use crate::noise::timers::{TimerName, Timers}; use crate::x25519; -use crate::sleepyinstant::ClockImpl; +use crate::sleepyinstant::ClockDuration; use alloc::collections::VecDeque; use alloc::sync::Arc; use alloc::vec::Vec; use core::convert::{TryFrom, TryInto}; use core::net::{IpAddr, Ipv4Addr, Ipv6Addr}; -use embedded_time::duration::Generic; -use embedded_time::Clock; /// The default value to use for rate limiting, when no other rate limiter is defined const PEER_HANDSHAKE_RATE_LIMIT: u64 = 10; @@ -577,15 +575,7 @@ impl Tunn { /// * Time since last handshake in seconds /// * Data bytes sent /// * Data bytes received - pub fn stats( - &self, - ) -> ( - Option::T>>, - usize, - usize, - f32, - Option, - ) { + pub fn stats(&self) -> (Option, usize, usize, f32, Option) { let time = self.time_since_last_handshake(); let tx_bytes = self.tx_bytes; let rx_bytes = self.rx_bytes; diff --git a/boringtun/src/noise/rate_limiter.rs b/boringtun/src/noise/rate_limiter.rs index 02eaf776c..d0f97117d 100644 --- a/boringtun/src/noise/rate_limiter.rs +++ b/boringtun/src/noise/rate_limiter.rs @@ -6,9 +6,8 @@ use core::convert::TryFrom; use core::net::IpAddr; use core::sync::atomic::{AtomicUsize, Ordering}; -use crate::sleepyinstant::Instant; +use crate::sleepyinstant::{ClockUnit, Instant}; -use crate::sleepyinstant::ClockImpl; use aead::array::Array; use aead::{AeadInOut, KeyInit}; #[cfg(feature = "ariel-os")] @@ -16,7 +15,6 @@ use ariel_os_lock::RawMutex; use chacha20poly1305::{Key, XChaCha20Poly1305}; use embedded_time::duration::Seconds; use embedded_time::fixed_point::FixedPoint; -use embedded_time::Clock; use lock_api::Mutex; #[cfg(feature = "std")] use parking_lot::RawMutex; @@ -102,11 +100,9 @@ impl RateLimiter { // The current cookie for a given IP is the MAC(responder.changing_secret_every_two_minutes, initiator.ip_address) // First we derive the secret from the current time, the value of cur_counter would change with time. - let cur_counter = Seconds::<::T>::try_from( - Instant::now().duration_since(self.start_time), - ) - .unwrap() - / COOKIE_REFRESH.integer() as ::T; + let cur_counter = + Seconds::::try_from(Instant::now().duration_since(self.start_time)).unwrap() + / COOKIE_REFRESH.integer() as ClockUnit; // Next we derive the cookie b2s_keyed_mac_16_2( diff --git a/boringtun/src/noise/timers.rs b/boringtun/src/noise/timers.rs index 2bf7402b0..9462fff6e 100644 --- a/boringtun/src/noise/timers.rs +++ b/boringtun/src/noise/timers.rs @@ -3,12 +3,11 @@ use super::errors::WireGuardError; use crate::noise::{Tunn, TunnResult}; -use crate::sleepyinstant::ClockImpl; use crate::sleepyinstant::Instant; +use crate::sleepyinstant::{ClockDuration, ClockUnit}; use core::mem; use core::ops::{Index, IndexMut}; -use embedded_time::duration::{Generic, Seconds}; -use embedded_time::Clock; +use embedded_time::duration::Seconds; // Some constants, represent time in seconds // https://www.wireguard.com/papers/wireguard.pdf#page=14 @@ -50,8 +49,8 @@ pub struct Timers { is_initiator: bool, /// Start time of the tunnel time_started: Instant, - timers: [Generic<::T>; TimerName::Top as usize], - pub(super) session_timers: [Generic<::T>; super::N_SESSIONS], + timers: [ClockDuration; TimerName::Top as usize], + pub(super) session_timers: [ClockDuration; super::N_SESSIONS], /// Did we receive data without sending anything back? want_keepalive: bool, /// Did we send data without hearing back? @@ -92,14 +91,14 @@ impl Timers { } impl Index for Timers { - type Output = Generic<::T>; - fn index(&self, index: TimerName) -> &Generic<::T> { + type Output = ClockDuration; + fn index(&self, index: TimerName) -> &ClockDuration { &self.timers[index as usize] } } impl IndexMut for Timers { - fn index_mut(&mut self, index: TimerName) -> &mut Generic<::T> { + fn index_mut(&mut self, index: TimerName) -> &mut ClockDuration { &mut self.timers[index as usize] } } @@ -145,7 +144,7 @@ impl Tunn { self.timers.clear(); } - fn update_session_timers(&mut self, time_now: Generic<::T>) { + fn update_session_timers(&mut self, time_now: ClockDuration) { let timers = &mut self.timers; for (i, t) in timers.session_timers.iter_mut().enumerate() { @@ -286,7 +285,7 @@ impl Tunn { // Persistent KEEPALIVE if persistent_keepalive > 0 && (now - self.timers[TimePersistentKeepalive] - >= Seconds::<::T>(persistent_keepalive as _)) + >= Seconds::(persistent_keepalive as _)) { tracing::debug!("KEEPALIVE(PERSISTENT_KEEPALIVE)"); self.timer_tick(TimePersistentKeepalive); @@ -307,7 +306,7 @@ impl Tunn { TunnResult::Done } - pub fn time_since_last_handshake(&self) -> Option::T>> { + pub fn time_since_last_handshake(&self) -> Option { let current_session = self.current; if self.sessions[current_session % super::N_SESSIONS].is_some() { let duration_since_tun_start = Instant::now().duration_since(self.timers.time_started); diff --git a/boringtun/src/sleepyinstant/mod.rs b/boringtun/src/sleepyinstant/mod.rs index 5ae89c208..c574a370b 100644 --- a/boringtun/src/sleepyinstant/mod.rs +++ b/boringtun/src/sleepyinstant/mod.rs @@ -43,6 +43,12 @@ pub struct Instant { t: embedded_time::Instant, } +/// The underlying unit of time for the clock. +pub type ClockUnit = ::T; + +/// A span of time between two instants of the clock. +pub type ClockDuration = Generic; + impl Instant { /// Returns an instant corresponding to "now". pub fn now() -> Self { @@ -57,12 +63,12 @@ impl Instant { /// # Panics /// /// panics when `earlier` was later than `self`. - pub fn duration_since(&self, earlier: Instant) -> Generic<::T> { + pub fn duration_since(&self, earlier: Instant) -> ClockDuration { self.t.checked_duration_since(&earlier.t).unwrap() } /// Returns the amount of time elapsed since this instant was created. - pub fn elapsed(&self) -> Generic<::T> { + pub fn elapsed(&self) -> ClockDuration { Self::now().duration_since(*self) } } From f4370d3c73714bb02ff54583759a810381ff1709 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Mon, 13 Oct 2025 13:08:31 +0200 Subject: [PATCH 19/21] Global clock and some defmt for debugging --- Cargo.lock | 101 ++++++++++++++++++++++++----- Cargo.toml | 3 + boringtun/Cargo.toml | 5 +- boringtun/src/noise/handshake.rs | 7 +- boringtun/src/sleepyinstant/mod.rs | 13 ++-- 5 files changed, 104 insertions(+), 25 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index a294db297..e58f1218a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -48,7 +48,7 @@ dependencies = [ [[package]] name = "ariel-os-lock" version = "0.1.0" -source = "git+https://github.com/SimonIT/ariel-os-lock#0bb147867e64576c3b444e982e967ddcb17004e9" +source = "git+https://github.com/SimonIT/ariel-os-lock#720f7e2263ec8ecaffb14bb8b56444a9e764398a" dependencies = [ "ariel-os-threads", "lock_api", @@ -192,8 +192,9 @@ dependencies = [ "blake2", "chacha20poly1305", "criterion", + "defmt 1.0.1", "embassy-embedded-time", - "embedded-time", + "embedded-time 0.13.0 (git+https://github.com/SimonIT/embedded-time.git?branch=update-defmt)", "etherparse", "hex", "hmac", @@ -203,12 +204,13 @@ dependencies = [ "libc", "lock_api", "nix", + "once_cell", "parking_lot", "rand_core 0.9.3", "ring", "socket2", "std-embedded-time", - "thiserror", + "thiserror 1.0.50", "tracing", "tracing-subscriber", "untrusted", @@ -682,6 +684,47 @@ dependencies = [ "syn 2.0.106", ] +[[package]] +name = "defmt" +version = "0.3.100" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0963443817029b2024136fc4dd07a5107eb8f977eaf18fcd1fdeb11306b64ad" +dependencies = [ + "defmt 1.0.1", +] + +[[package]] +name = "defmt" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "548d977b6da32fa1d1fda2876453da1e7df63ad0304c8b3dae4dbe7b96f39b78" +dependencies = [ + "bitflags 1.3.2", + "defmt-macros", +] + +[[package]] +name = "defmt-macros" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3d4fc12a85bcf441cfe44344c4b72d58493178ce635338a3f3b78943aceb258e" +dependencies = [ + "defmt-parser", + "proc-macro-error2", + "proc-macro2", + "quote", + "syn 2.0.106", +] + +[[package]] +name = "defmt-parser" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "10d60334b3b2e7c9d91ef8150abfb6fa4c1c39ebbcf4a81c2e346aad939fee3e" +dependencies = [ + "thiserror 2.0.17", +] + [[package]] name = "delegate" version = "0.13.4" @@ -757,10 +800,11 @@ dependencies = [ [[package]] name = "embassy-embedded-time" version = "0.1.0" -source = "git+https://github.com/SimonIT/embassy-embedded-time.git?branch=release%2Fv0.13.0#d3d6c77eb54c3dcd1b38e396801fe33106141c9e" +source = "git+https://github.com/SimonIT/embassy-embedded-time.git?branch=release%2Fv0.13.0#28038a2be0413b8cc59acbf3271dcb0900e0e750" dependencies = [ + "defmt 1.0.1", "embassy-time", - "embedded-time", + "embedded-time 0.13.0 (git+https://github.com/SimonIT/embedded-time.git?branch=update-defmt)", ] [[package]] @@ -814,6 +858,7 @@ checksum = "f820157f198ada183ad62e0a66f554c610cdcd1a9f27d4b316358103ced7a1f8" dependencies = [ "cfg-if", "critical-section", + "defmt 0.3.100", "document-features", "embassy-time-driver", "embedded-hal 0.2.7", @@ -933,6 +978,15 @@ dependencies = [ "num", ] +[[package]] +name = "embedded-time" +version = "0.13.0" +source = "git+https://github.com/SimonIT/embedded-time.git?branch=update-defmt#7f182813748a6a88ce5f663e8340650262025af6" +dependencies = [ + "defmt 1.0.1", + "num", +] + [[package]] name = "enum-as-inner" version = "0.6.1" @@ -1469,7 +1523,7 @@ dependencies = [ "combine", "jni-sys", "log", - "thiserror", + "thiserror 1.0.50", "walkdir", ] @@ -1561,12 +1615,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.17" +version = "0.4.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" -dependencies = [ - "cfg-if", -] +checksum = "34080505efa8e45a4b816c349525ebe327ceaa8559756f0356cba97ef3bf7432" [[package]] name = "memchr" @@ -1721,9 +1772,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.13.0" +version = "1.21.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "18a6dbe30758c9f83eb00cbea4ac95966305f5a7772f3f42ebfc7fc7eddbd8e1" +checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" [[package]] name = "oorandom" @@ -2214,7 +2265,7 @@ name = "std-embedded-time" version = "0.1.0" source = "git+https://github.com/SimonIT/std-embedded-time.git?branch=release%2Fv0.13.0#2c4b90174c841b075fde0e53b270385d5a5198a7" dependencies = [ - "embedded-time", + "embedded-time 0.13.0 (git+https://github.com/FluenTech/embedded-time.git?branch=release%2Fv0.13.0)", ] [[package]] @@ -2309,7 +2360,16 @@ version = "1.0.50" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f9a7210f5c9a7156bb50aa36aed4c95afb51df0df00713949448cf9e97d382d2" dependencies = [ - "thiserror-impl", + "thiserror-impl 1.0.50", +] + +[[package]] +name = "thiserror" +version = "2.0.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f63587ca0f12b72a0600bcba1d40081f830876000bb46dd2337a3051618f4fc8" +dependencies = [ + "thiserror-impl 2.0.17", ] [[package]] @@ -2323,6 +2383,17 @@ dependencies = [ "syn 2.0.106", ] +[[package]] +name = "thiserror-impl" +version = "2.0.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ff15c8ecd7de3849db632e14d18d2571fa09dfc5ed93479bc4485c7a517c913" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.106", +] + [[package]] name = "thread_local" version = "1.1.4" diff --git a/Cargo.toml b/Cargo.toml index d6f8adeac..eb6dad617 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -8,3 +8,6 @@ codegen-units = 1 # Use only 1 codegen-unit to enable full optimizations. [profile.bench] lto = true # Enable full link-time optimization. codegen-units = 1 # Use only 1 codegen-unit to enable full optimizations. + +[patch.crates-io] +ariel-os-threads = { git = "https://github.com/ariel-os/ariel-os.git", tag = "v0.2.1" } diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index 8ee33b794..a5b925450 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -21,6 +21,7 @@ ariel-os = ["dep:ariel-os-lock", "dep:embassy-embedded-time"] device = ["std", "socket2", "thiserror"] jni-bindings = ["std", "ffi-bindings", "jni"] ffi-bindings = ["std", "tracing-subscriber"] +defmt = ["dep:defmt", "embedded-time/defmt", "embassy-embedded-time/defmt"] [dependencies] base64 = { version = "0.22.1", default-features = false, features = ["alloc"] } @@ -30,6 +31,7 @@ libc = { version = "0.2", default-features = false } parking_lot = { version = "0.12.4", optional = true } ariel-os-lock = { git = "https://github.com/SimonIT/ariel-os-lock", optional = true } lock_api = "0.4.13" +once_cell = { version = "1.19.0", default-features = false } tracing = { version = "0.1.40", default-features = false } tracing-subscriber = { version = "0.3", features = ["fmt"], optional = true } ip_network = { version = "0.4.1", default-features = false } @@ -48,9 +50,10 @@ hmac = "0.13.0-rc.1" jni = { version = "0.19.0", optional = true } socket2 = { version = "0.4.7", features = ["all"], optional = true } thiserror = { version = "1", optional = true } -embedded-time = { git = "https://github.com/FluenTech/embedded-time.git", branch = "release/v0.13.0" } +embedded-time = { git = "https://github.com/SimonIT/embedded-time.git", branch = "update-defmt" } std-embedded-time = { git = "https://github.com/SimonIT/std-embedded-time.git", branch = "release/v0.13.0", optional = true } embassy-embedded-time = { git = "https://github.com/SimonIT/embassy-embedded-time.git", branch = "release/v0.13.0", optional = true } +defmt = { version = "1.0.1", optional = true } [target.'cfg(unix)'.dependencies] nix = { version = "0.25", default-features = false, features = [ diff --git a/boringtun/src/noise/handshake.rs b/boringtun/src/noise/handshake.rs index f0ea4c9f3..6d6264d4e 100644 --- a/boringtun/src/noise/handshake.rs +++ b/boringtun/src/noise/handshake.rs @@ -4,7 +4,7 @@ use super::{HandshakeInit, HandshakeResponse, PacketCookieReply}; use crate::noise::errors::WireGuardError; use crate::noise::session::Session; -use crate::sleepyinstant::{ClockDuration, ClockImpl, ClockUnit, Instant}; +use crate::sleepyinstant::{ClockDuration, ClockUnit, Instant, BORING_CLOCK}; use crate::x25519; use aead::{Aead, Payload}; use alloc::borrow::ToOwned; @@ -176,10 +176,7 @@ impl TimeStamper { /// Create a new TimeStamper pub fn new() -> TimeStamper { TimeStamper { - duration_at_start: ClockImpl::default() - .try_now() - .unwrap() - .duration_since_epoch(), + duration_at_start: BORING_CLOCK.try_now().unwrap().duration_since_epoch(), instant_at_start: Instant::now(), } } diff --git a/boringtun/src/sleepyinstant/mod.rs b/boringtun/src/sleepyinstant/mod.rs index c574a370b..72131a786 100644 --- a/boringtun/src/sleepyinstant/mod.rs +++ b/boringtun/src/sleepyinstant/mod.rs @@ -5,17 +5,18 @@ use embedded_time::duration::Generic; use embedded_time::Clock; #[cfg(windows)] -pub use std_embedded_time::StandardClock as ClockImpl; +use std_embedded_time::StandardClock as ClockImpl; #[cfg(unix)] mod unix; #[cfg(unix)] -pub use inner::UnixClock as ClockImpl; +use inner::UnixClock as ClockImpl; #[cfg(unix)] use unix as inner; #[cfg(feature = "ariel-os")] -pub use embassy_embedded_time::EmbassyClock as ClockImpl; +use embassy_embedded_time::EmbassyClock as ClockImpl; +use once_cell::sync::Lazy; /// A measurement of a monotonically nondecreasing clock. /// Opaque and useful only with [`Duration`]. @@ -38,6 +39,7 @@ pub use embassy_embedded_time::EmbassyClock as ClockImpl; /// The size of an `Instant` struct may vary depending on the target operating /// system. /// +#[cfg_attr(feature = "defmt", derive(defmt::Format))] #[derive(Clone, Copy, Debug)] pub struct Instant { t: embedded_time::Instant, @@ -49,11 +51,14 @@ pub type ClockUnit = ::T; /// A span of time between two instants of the clock. pub type ClockDuration = Generic; +/// A global clock instance +pub static BORING_CLOCK: Lazy = Lazy::new(|| ClockImpl::default()); + impl Instant { /// Returns an instant corresponding to "now". pub fn now() -> Self { Self { - t: ClockImpl::default().try_now().unwrap(), + t: BORING_CLOCK.try_now().unwrap(), } } From 0e69eca57fcbddfaff21ea4792e79b90a172895b Mon Sep 17 00:00:00 2001 From: SimonIT Date: Mon, 13 Oct 2025 13:41:04 +0200 Subject: [PATCH 20/21] Defmt for TunnResult and WireGuardError --- boringtun/src/noise/errors.rs | 1 + boringtun/src/noise/mod.rs | 1 + boringtun/src/sleepyinstant/mod.rs | 2 +- 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/boringtun/src/noise/errors.rs b/boringtun/src/noise/errors.rs index 10513aefe..cf5626ab7 100644 --- a/boringtun/src/noise/errors.rs +++ b/boringtun/src/noise/errors.rs @@ -1,6 +1,7 @@ // Copyright (c) 2019 Cloudflare, Inc. All rights reserved. // SPDX-License-Identifier: BSD-3-Clause +#[cfg_attr(feature = "defmt", derive(defmt::Format))] #[derive(Debug)] pub enum WireGuardError { DestinationBufferTooSmall, diff --git a/boringtun/src/noise/mod.rs b/boringtun/src/noise/mod.rs index 8663b5f67..b0a114f78 100644 --- a/boringtun/src/noise/mod.rs +++ b/boringtun/src/noise/mod.rs @@ -42,6 +42,7 @@ const MAX_QUEUE_DEPTH: usize = 256; /// number of sessions in the ring, better keep a PoT const N_SESSIONS: usize = 8; +#[cfg_attr(feature = "defmt", derive(defmt::Format))] #[derive(Debug)] pub enum TunnResult<'a> { Done, diff --git a/boringtun/src/sleepyinstant/mod.rs b/boringtun/src/sleepyinstant/mod.rs index 72131a786..de182ac0e 100644 --- a/boringtun/src/sleepyinstant/mod.rs +++ b/boringtun/src/sleepyinstant/mod.rs @@ -52,7 +52,7 @@ pub type ClockUnit = ::T; pub type ClockDuration = Generic; /// A global clock instance -pub static BORING_CLOCK: Lazy = Lazy::new(|| ClockImpl::default()); +pub static BORING_CLOCK: Lazy = Lazy::new(ClockImpl::default); impl Instant { /// Returns an instant corresponding to "now". From 275ba15e481c12624e9058307a73855bd3d956d0 Mon Sep 17 00:00:00 2001 From: SimonIT Date: Wed, 12 Nov 2025 23:23:13 +0100 Subject: [PATCH 21/21] Defmt for Timers, once_cell std --- Cargo.lock | 4 ++++ boringtun/Cargo.toml | 4 ++-- boringtun/src/noise/timers.rs | 1 + boringtun/src/sleepyinstant/mod.rs | 8 ++++---- 4 files changed, 11 insertions(+), 6 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index e58f1218a..20929304e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1775,6 +1775,10 @@ name = "once_cell" version = "1.21.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" +dependencies = [ + "critical-section", + "portable-atomic", +] [[package]] name = "oorandom" diff --git a/boringtun/Cargo.toml b/boringtun/Cargo.toml index a5b925450..00dcc3c98 100644 --- a/boringtun/Cargo.toml +++ b/boringtun/Cargo.toml @@ -16,8 +16,8 @@ edition = "2018" [features] default = ["std"] alloc = [] -std = ["alloc", "dep:parking_lot", "dep:std-embedded-time"] -ariel-os = ["dep:ariel-os-lock", "dep:embassy-embedded-time"] +std = ["alloc", "dep:parking_lot", "dep:std-embedded-time", "once_cell/std"] +ariel-os = ["dep:ariel-os-lock", "dep:embassy-embedded-time", "once_cell/critical-section"] device = ["std", "socket2", "thiserror"] jni-bindings = ["std", "ffi-bindings", "jni"] ffi-bindings = ["std", "tracing-subscriber"] diff --git a/boringtun/src/noise/timers.rs b/boringtun/src/noise/timers.rs index 9462fff6e..28ff36a9f 100644 --- a/boringtun/src/noise/timers.rs +++ b/boringtun/src/noise/timers.rs @@ -43,6 +43,7 @@ pub enum TimerName { use self::TimerName::*; +#[cfg_attr(feature = "defmt", derive(defmt::Format))] #[derive(Debug)] pub struct Timers { /// Is the owner of the timer the initiator or the responder for the last handshake? diff --git a/boringtun/src/sleepyinstant/mod.rs b/boringtun/src/sleepyinstant/mod.rs index de182ac0e..a927a68e9 100644 --- a/boringtun/src/sleepyinstant/mod.rs +++ b/boringtun/src/sleepyinstant/mod.rs @@ -4,14 +4,14 @@ use embedded_time::duration::Generic; use embedded_time::Clock; -#[cfg(windows)] +#[cfg(all(windows, not(feature = "ariel-os")))] use std_embedded_time::StandardClock as ClockImpl; -#[cfg(unix)] +#[cfg(all(unix, not(feature = "ariel-os")))] mod unix; -#[cfg(unix)] +#[cfg(all(unix, not(feature = "ariel-os")))] use inner::UnixClock as ClockImpl; -#[cfg(unix)] +#[cfg(all(unix, not(feature = "ariel-os")))] use unix as inner; #[cfg(feature = "ariel-os")]