Reorder structures

Place smallest items first, as this makes them most easily addressable in Thumb architecture. 16-bit access instructions have a 5-bit offset field, which is interpreted as bytes, halfwords, or words depending on access size, so smaller fields have smaller range. Range is 0-31 times the access size. The mbedtls_ssl_context structure is too large to be fully easily accessed even for words, so reorder functional blocks to put more frequently-referenced fields in the first 128 bytes, reducing total code size. Signed-off-by: Kevin Bracey <kevin.bracey@arm.com>
2024-11-22 18:25:42 +01:00 · 2020-11-03 15:52:30 +02:00 · 2020-11-03 15:52:30 +02:00 · 57d9bdc5f9
commit 57d9bdc5f9
parent 1d53ce33c4
2 changed files with 167 additions and 165 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -971,8 +971,6 @@ struct mbedtls_ssl_session
    int compression;            /*!< chosen compression */
 #endif /* MBEDTLS_ZLIB_SUPPORT */
    size_t id_len;              /*!< session id length  */
-    unsigned char id[32];       /*!< session identifier */
-    unsigned char master[48];   /*!< the master secret  */

 #if defined(MBEDTLS_X509_CRT_PARSE_C)
 #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
@ -1004,6 +1002,9 @@ struct mbedtls_ssl_session
 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
    int encrypt_then_mac;       /*!< flag for EtM activation                */
 #endif
+
+    unsigned char id[32];       /*!< session identifier */
+    unsigned char master[48];   /*!< the master secret  */
 };

 /**
@ -1011,7 +1012,124 @@ struct mbedtls_ssl_session
 */
 struct mbedtls_ssl_config
 {
-    /* Group items by size (largest first) to minimize padding overhead */
+    /* Group items by size (smallest first) to minimize padding overhead */
+
+    /*
+     * Flags (bytes)
+     */
+
+#if !defined(MBEDTLS_SSL_CONF_ENDPOINT)
+    uint8_t endpoint;               /*!< 0: client, 1: server               */
+#endif /* !MBEDTLS_SSL_CONF_ENDPOINT */
+#if !defined(MBEDTLS_SSL_CONF_TRANSPORT)
+    uint8_t transport;              /*!< stream (TLS) or datagram (DTLS)    */
+#endif /* !MBEDTLS_SSL_CONF_TRANSPORT */
+#if !defined(MBEDTLS_SSL_CONF_AUTHMODE)
+    uint8_t authmode;               /*!< MBEDTLS_SSL_VERIFY_XXX             */
+#endif /* !MBEDTLS_SSL_CONF_AUTHMODE */
+#if !defined(MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION)
+    /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE          */
+    uint8_t allow_legacy_renegotiation; /*!< MBEDTLS_LEGACY_XXX   */
+#endif /* !MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION */
+#if defined(MBEDTLS_ARC4_C)
+    uint8_t arc4_disabled;          /*!< blacklist RC4 ciphersuites?        */
+#endif
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    uint8_t mfl_code;               /*!< desired fragment length            */
+#endif
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    uint8_t encrypt_then_mac;       /*!< negotiate encrypt-then-mac?        */
+#endif
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+#if !defined(MBEDTLS_SSL_CONF_EXTENDED_MASTER_SECRET)
+    uint8_t extended_ms;            /*!< negotiate extended master secret?  */
+#endif /* !MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+#if !defined(MBEDTLS_SSL_CONF_ENFORCE_EXTENDED_MASTER_SECRET)
+    uint8_t enforce_extended_master_secret; /*!< enforce the usage of
+                                             *   extended master secret     */
+#endif /* !MBEDTLS_SSL_CONF_ENFORCE_EXTENDED_MASTER_SECRET */
+#endif
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+#if !defined(MBEDTLS_SSL_CONF_ANTI_REPLAY)
+    uint8_t anti_replay;            /*!< detect and prevent replay?         */
+#endif /* !MBEDTLS_SSL_CONF_ANTI_REPLAY */
+#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    uint8_t cbc_record_splitting;   /*!< do cbc record splitting            */
+#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    uint8_t disable_renegotiation;  /*!< disable renegotiation?             */
+#endif
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    uint8_t trunc_hmac;             /*!< negotiate truncated hmac?          */
+#endif
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    uint8_t session_tickets;        /*!< use session tickets?               */
+#endif
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
+    uint8_t fallback;               /*!< is this a fallback?                */
+#endif
+#if defined(MBEDTLS_SSL_SRV_C)
+#if !defined(MBEDTLS_SSL_CONF_CERT_REQ_CA_LIST)
+    uint8_t cert_req_ca_list;       /*!< enable sending CA list in
+                                         Certificate Request messages?      */
+#endif /* !MBEDTLS_SSL_CONF_CERT_REQ_CA_LIST */
+#endif
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+#if !defined(MBEDTLS_SSL_CONF_IGNORE_UNEXPECTED_CID)
+    uint8_t ignore_unexpected_cid;  /*!< Determines whether DTLS record
+                                     *   with unexpected CID should
+                                     *   lead to failure.                   */
+#endif /* !MBEDTLS_SSL_CONF_IGNORE_UNEXPECTED_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+    /*
+     * Numerical settings
+     */
+
+#if !defined(MBEDTLS_SSL_CONF_MIN_MAJOR_VER)
+    unsigned char min_major_ver;    /*!< min. major version used            */
+#endif /* !MBEDTLS_SSL_CONF_MIN_MAJOR_VER */
+#if !defined(MBEDTLS_SSL_CONF_MAX_MAJOR_VER)
+    unsigned char max_major_ver;    /*!< max. major version used            */
+#endif /* !MBEDTLS_SSL_CONF_MAX_MAJOR_VER */
+#if !defined(MBEDTLS_SSL_CONF_MIN_MINOR_VER)
+    uint16_t min_minor_ver;    /*!< min. minor version used            */
+#endif /* !MBEDTLS_SSL_CONF_MIN_MINOR_VER */
+#if !defined(MBEDTLS_SSL_CONF_MAX_MINOR_VER)
+    uint16_t max_minor_ver;    /*!< max. minor version used            */
+#endif /* !MBEDTLS_SSL_CONF_MAX_MINOR_VER */
+
+#if !defined(MBEDTLS_SSL_CONF_READ_TIMEOUT)
+    uint32_t read_timeout;          /*!< timeout for mbedtls_ssl_read (ms)  */
+#endif /* !MBEDTLS_SSL_CONF_READ_TIMEOUT */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+#if !defined(MBEDTLS_SSL_CONF_HS_TIMEOUT_MIN)
+    uint32_t hs_timeout_min;        /*!< initial value of the handshake
+                                         retransmission timeout (ms)        */
+#endif /* !MBEDTLS_SSL_CONF_HS_TIMEOUT_MIN */
+#if !defined(MBEDTLS_SSL_CONF_HS_TIMEOUT_MAX)
+    uint32_t hs_timeout_max;        /*!< maximum value of the handshake
+                                         retransmission timeout (ms)        */
+#endif /* !MBEDTLS_SSL_CONF_HS_TIMEOUT_MAX */
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    int renego_max_records;         /*!< grace period for renegotiation     */
+    unsigned char renego_period[8]; /*!< value of the record counters
+                                         that triggers renegotiation        */
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+#if !defined(MBEDTLS_SSL_CONF_BADMAC_LIMIT)
+    unsigned int badmac_limit;      /*!< limit of records with a bad MAC    */
+#endif /* !MBEDTLS_SSL_CONF_BADMAC_LIMIT */
+#endif
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
+    unsigned int dhm_min_bitlen;    /*!< min. bit length of the DHM prime   */
+#endif

    /*
     * Pointers
@ -1145,122 +1263,6 @@ struct mbedtls_ssl_config
    const char **alpn_list;         /*!< ordered list of protocols          */
 #endif

-    /*
-     * Numerical settings (int then char)
-     */
-
-#if !defined(MBEDTLS_SSL_CONF_READ_TIMEOUT)
-    uint32_t read_timeout;          /*!< timeout for mbedtls_ssl_read (ms)  */
-#endif /* !MBEDTLS_SSL_CONF_READ_TIMEOUT */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-#if !defined(MBEDTLS_SSL_CONF_HS_TIMEOUT_MIN)
-    uint32_t hs_timeout_min;        /*!< initial value of the handshake
-                                         retransmission timeout (ms)        */
-#endif /* !MBEDTLS_SSL_CONF_HS_TIMEOUT_MIN */
-#if !defined(MBEDTLS_SSL_CONF_HS_TIMEOUT_MAX)
-    uint32_t hs_timeout_max;        /*!< maximum value of the handshake
-                                         retransmission timeout (ms)        */
-#endif /* !MBEDTLS_SSL_CONF_HS_TIMEOUT_MAX */
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    int renego_max_records;         /*!< grace period for renegotiation     */
-    unsigned char renego_period[8]; /*!< value of the record counters
-                                         that triggers renegotiation        */
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
-#if !defined(MBEDTLS_SSL_CONF_BADMAC_LIMIT)
-    unsigned int badmac_limit;      /*!< limit of records with a bad MAC    */
-#endif /* !MBEDTLS_SSL_CONF_BADMAC_LIMIT */
-#endif
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
-    unsigned int dhm_min_bitlen;    /*!< min. bit length of the DHM prime   */
-#endif
-
-#if !defined(MBEDTLS_SSL_CONF_MIN_MAJOR_VER)
-    unsigned char min_major_ver;    /*!< min. major version used            */
-#endif /* !MBEDTLS_SSL_CONF_MIN_MAJOR_VER */
-#if !defined(MBEDTLS_SSL_CONF_MAX_MAJOR_VER)
-    unsigned char max_major_ver;    /*!< max. major version used            */
-#endif /* !MBEDTLS_SSL_CONF_MAX_MAJOR_VER */
-#if !defined(MBEDTLS_SSL_CONF_MIN_MINOR_VER)
-    uint16_t min_minor_ver;    /*!< min. minor version used            */
-#endif /* !MBEDTLS_SSL_CONF_MIN_MINOR_VER */
-#if !defined(MBEDTLS_SSL_CONF_MAX_MINOR_VER)
-    uint16_t max_minor_ver;    /*!< max. minor version used            */
-#endif /* !MBEDTLS_SSL_CONF_MAX_MINOR_VER */
-
-    /*
-     * Flags (bytes)
-     */
-
-#if !defined(MBEDTLS_SSL_CONF_ENDPOINT)
-    uint8_t endpoint;               /*!< 0: client, 1: server               */
-#endif /* !MBEDTLS_SSL_CONF_ENDPOINT */
-#if !defined(MBEDTLS_SSL_CONF_TRANSPORT)
-    uint8_t transport;              /*!< stream (TLS) or datagram (DTLS)    */
-#endif /* !MBEDTLS_SSL_CONF_TRANSPORT */
-#if !defined(MBEDTLS_SSL_CONF_AUTHMODE)
-    uint8_t authmode;               /*!< MBEDTLS_SSL_VERIFY_XXX             */
-#endif /* !MBEDTLS_SSL_CONF_AUTHMODE */
-#if !defined(MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION)
-    /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE          */
-    uint8_t allow_legacy_renegotiation; /*!< MBEDTLS_LEGACY_XXX   */
-#endif /* !MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION */
-#if defined(MBEDTLS_ARC4_C)
-    uint8_t arc4_disabled;          /*!< blacklist RC4 ciphersuites?        */
-#endif
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    uint8_t mfl_code;               /*!< desired fragment length            */
-#endif
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    uint8_t encrypt_then_mac;       /*!< negotiate encrypt-then-mac?        */
-#endif
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-#if !defined(MBEDTLS_SSL_CONF_EXTENDED_MASTER_SECRET)
-    uint8_t extended_ms;            /*!< negotiate extended master secret?  */
-#endif /* !MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
-#if !defined(MBEDTLS_SSL_CONF_ENFORCE_EXTENDED_MASTER_SECRET)
-    uint8_t enforce_extended_master_secret; /*!< enforce the usage of
-                                             *   extended master secret     */
-#endif /* !MBEDTLS_SSL_CONF_ENFORCE_EXTENDED_MASTER_SECRET */
-#endif
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-#if !defined(MBEDTLS_SSL_CONF_ANTI_REPLAY)
-    uint8_t anti_replay;            /*!< detect and prevent replay?         */
-#endif /* !MBEDTLS_SSL_CONF_ANTI_REPLAY */
-#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
-#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-    uint8_t cbc_record_splitting;   /*!< do cbc record splitting            */
-#endif
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    uint8_t disable_renegotiation;  /*!< disable renegotiation?             */
-#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-    uint8_t trunc_hmac;             /*!< negotiate truncated hmac?          */
-#endif
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    uint8_t session_tickets;        /*!< use session tickets?               */
-#endif
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
-    uint8_t fallback;               /*!< is this a fallback?                */
-#endif
-#if defined(MBEDTLS_SSL_SRV_C)
-#if !defined(MBEDTLS_SSL_CONF_CERT_REQ_CA_LIST)
-    uint8_t cert_req_ca_list;       /*!< enable sending CA list in
-                                         Certificate Request messages?      */
-#endif /* !MBEDTLS_SSL_CONF_CERT_REQ_CA_LIST */
-#endif
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-#if !defined(MBEDTLS_SSL_CONF_IGNORE_UNEXPECTED_CID)
-    uint8_t ignore_unexpected_cid;  /*!< Determines whether DTLS record
-                                     *   with unexpected CID should
-                                     *   lead to failure.                   */
-#endif /* !MBEDTLS_SSL_CONF_IGNORE_UNEXPECTED_CID */
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
 };

 struct mbedtls_ssl_context
@ -1308,19 +1310,6 @@ struct mbedtls_ssl_context
    unsigned badmac_seen;       /*!< records with a bad MAC received    */
 #endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */

-#if !defined(MBEDTLS_SSL_CONF_SEND)
-    mbedtls_ssl_send_t *f_send; /*!< Callback for network send */
-#endif /* !MBEDTLS_SSL_CONF_SEND */
-#if !defined(MBEDTLS_SSL_CONF_RECV)
-    mbedtls_ssl_recv_t *f_recv; /*!< Callback for network receive */
-#endif /* !MBEDTLS_SSL_CONF_RECV */
-#if !defined(MBEDTLS_SSL_CONF_RECV_TIMEOUT)
-    mbedtls_ssl_recv_timeout_t *f_recv_timeout;
-#endif /* !MBEDTLS_SSL_CONF_RECV_TIMEOUT */
-                                /*!< Callback for network receive with timeout */
-
-    void *p_bio;                /*!< context for I/O operations   */
-
    /*
     * Session layer
     */
@ -1332,26 +1321,6 @@ struct mbedtls_ssl_context
    mbedtls_ssl_handshake_params *handshake;    /*!<  params required only during
                                              the handshake process        */

-    /*
-     * Record layer transformations
-     */
-    mbedtls_ssl_transform *transform_in;        /*!<  current transform params (in)   */
-    mbedtls_ssl_transform *transform_out;       /*!<  current transform params (in)   */
-    mbedtls_ssl_transform *transform;           /*!<  negotiated transform params     */
-    mbedtls_ssl_transform *transform_negotiate; /*!<  transform params in negotiation */
-
-    /*
-     * Timers
-     */
-    void *p_timer;              /*!< context for the timer callbacks */
-
-#if !defined(MBEDTLS_SSL_CONF_SET_TIMER)
-    mbedtls_ssl_set_timer_t *f_set_timer;       /*!< set timer callback */
-#endif /* !MBEDTLS_SSL_CONF_SET_TIMER */
-#if !defined(MBEDTLS_SSL_CONF_GET_TIMER)
-    mbedtls_ssl_get_timer_t *f_get_timer;       /*!< get timer callback */
-#endif /* !MBEDTLS_SSL_CONF_GET_TIMER */
-
    /*
     * Record layer (incoming data)
     */
@ -1415,6 +1384,39 @@ struct mbedtls_ssl_context
    signed char split_done;     /*!< current record already splitted? */
 #endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */

+    /*
+     * Record layer transformations
+     */
+    mbedtls_ssl_transform *transform_in;        /*!<  current transform params (in)   */
+    mbedtls_ssl_transform *transform_out;       /*!<  current transform params (in)   */
+    mbedtls_ssl_transform *transform;           /*!<  negotiated transform params     */
+    mbedtls_ssl_transform *transform_negotiate; /*!<  transform params in negotiation */
+
+#if !defined(MBEDTLS_SSL_CONF_SEND)
+    mbedtls_ssl_send_t *f_send; /*!< Callback for network send */
+#endif /* !MBEDTLS_SSL_CONF_SEND */
+#if !defined(MBEDTLS_SSL_CONF_RECV)
+    mbedtls_ssl_recv_t *f_recv; /*!< Callback for network receive */
+#endif /* !MBEDTLS_SSL_CONF_RECV */
+#if !defined(MBEDTLS_SSL_CONF_RECV_TIMEOUT)
+    mbedtls_ssl_recv_timeout_t *f_recv_timeout;
+#endif /* !MBEDTLS_SSL_CONF_RECV_TIMEOUT */
+                                /*!< Callback for network receive with timeout */
+
+    void *p_bio;                /*!< context for I/O operations   */
+
+    /*
+     * Timers
+     */
+    void *p_timer;              /*!< context for the timer callbacks */
+
+#if !defined(MBEDTLS_SSL_CONF_SET_TIMER)
+    mbedtls_ssl_set_timer_t *f_set_timer;       /*!< set timer callback */
+#endif /* !MBEDTLS_SSL_CONF_SET_TIMER */
+#if !defined(MBEDTLS_SSL_CONF_GET_TIMER)
+    mbedtls_ssl_get_timer_t *f_get_timer;       /*!< get timer callback */
+#endif /* !MBEDTLS_SSL_CONF_GET_TIMER */
+
    /*
     * PKI layer
     */
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@ -461,19 +461,6 @@ struct mbedtls_ssl_handshake_params
    unsigned char *psk;                 /*!<  PSK from the callback         */
    size_t psk_len;                     /*!<  Length of PSK from callback   */
 #endif
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    mbedtls_ssl_key_cert *key_cert;     /*!< chosen key/cert pair (server)  */
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    mbedtls_pk_context peer_pubkey;     /*!< The public key from the peer.  */
-#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-    int sni_authmode;                   /*!< authmode from SNI callback     */
-    mbedtls_ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI         */
-    mbedtls_x509_crt *sni_ca_chain;     /*!< trusted CAs from SNI callback  */
-    mbedtls_x509_crl *sni_ca_crl;       /*!< trusted CAs CRLs from SNI      */
-#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
 #if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
    int ecrs_enabled;                   /*!< Handshake supports EC restart? */
    mbedtls_x509_crt_restart_ctx ecrs_ctx;  /*!< restart context            */
@ -530,6 +517,19 @@ struct mbedtls_ssl_handshake_params
    unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; /*! The peer's CID */
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    mbedtls_ssl_key_cert *key_cert;     /*!< chosen key/cert pair (server)  */
+#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    mbedtls_pk_context peer_pubkey;     /*!< The public key from the peer.  */
+#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    int sni_authmode;                   /*!< authmode from SNI callback     */
+    mbedtls_ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI         */
+    mbedtls_x509_crt *sni_ca_chain;     /*!< trusted CAs from SNI callback  */
+    mbedtls_x509_crl *sni_ca_crl;       /*!< trusted CAs CRLs from SNI      */
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
    unsigned char randbytes[64];        /*!<  random bytes            */
    unsigned char premaster[MBEDTLS_PREMASTER_SIZE];
                                        /*!<  premaster secret        */