wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

wolfssl/wolfcrypt/settings.h: add #define WOLFSSL_NO_PUBLIC_FFDHE and #undef HAVE_PUBLIC_FFDHE to WOLFSSL_LINUXKM setup to avoid .data.rel.ro.local functions in dh.c;

Browse Source 
linuxkm/linuxkm_wc_port.h: only use kvrealloc() on kernel >=6.11 -- the version in 5.15-6.10 is incompatible (oldsize arg).  also, restore use of kvmalloc on 4.12+, but with XREALLOC undefined, suitable for cryptonly modules; add #include <linux/sched.h> even on __PIE__ objects to make cond_sched() available;

wolfcrypt/src/asn.c: harmonize gate around definitions of BEGIN_DSA_PRIV and END_DSA_PRIV;

wolfcrypt/src/asn.c: in EccSpecifiedECDomainDecode(), work around "const char[]" types in WOLFSSL_ECC_CURVE_STATIC struct ecc_set_type on FIPS <6;

wolfcrypt/src/asn.c, wolfcrypt/src/wc_xmss.c, wolfssl/wolfcrypt/wc_lms.h: add comments to new WOLFSSL_NAMES_STATIC slots explaining where the size comes from.
This commit is contained in:
Daniel Pouzzner
2025-07-09 18:22:01 -05:00
parent 7c6afeb106
commit 01e8815762
6 changed files with 41 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
linuxkm/linuxkm_wc_port.h
View File

@@ -80,13 +80,16 @@
/* kvmalloc()/kvfree() and friends added in linux commit a7c3e901, merged for 4.12.
* kvrealloc() added in de2860f463, merged for 5.15, backported to 5.10.137.
* moved to ultimate home (slab.h) in 8587ca6f34, merged for 5.16.
*
* however, until 6.11, it took an extra argument, oldsize, that makes it
* incompatible with traditional libc usage patterns, so we don't try to use it.
*/
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 15, 0)) || \
((LINUX_VERSION_CODE >= KERNEL_VERSION(5, 10, 137)) && \
(LINUX_VERSION_CODE < KERNEL_VERSION(5, 11, 90)))
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0)
#define HAVE_KVMALLOC
#endif
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 11, 0)
#define HAVE_KVREALLOC
#endif
/* kernel printf doesn't implement fp. */
#ifndef WOLFSSL_NO_FLOAT_FMT
@@ -306,6 +309,7 @@
#endif
#include <linux/slab.h>
#include <linux/sched.h>
#ifndef __PIE__
#ifndef SINGLE_THREADED
@@ -637,12 +641,16 @@
typeof(kzalloc_noprof) *kzalloc_noprof;
typeof(kvmalloc_node_noprof) *kvmalloc_node_noprof;
typeof(kmalloc_trace_noprof) *kmalloc_trace_noprof;
typeof(kvrealloc_noprof) *kvrealloc_noprof;
#ifdef HAVE_KVREALLOC
typeof(kvrealloc_noprof) *kvrealloc_noprof;
#endif
#else /* <6.10.0 */
typeof(kmalloc) *kmalloc;
typeof(krealloc) *krealloc;
#ifdef HAVE_KVMALLOC
typeof(kvmalloc_node) *kvmalloc_node;
#endif
#ifdef HAVE_KVREALLOC
typeof(kvrealloc) *kvrealloc;
#endif
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 1, 0)
@@ -879,6 +887,8 @@
#define kzalloc(size, flags) kmalloc(size, (flags) | __GFP_ZERO)
#ifdef HAVE_KVMALLOC
#define kvmalloc_node (wolfssl_linuxkm_get_pie_redirect_table()->kvmalloc_node)
#endif
#ifdef HAVE_KVREALLOC
#define kvrealloc (wolfssl_linuxkm_get_pie_redirect_table()->kvrealloc)
#endif
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 1, 0)
@@ -1175,7 +1185,11 @@
#ifdef HAVE_KVMALLOC
#define malloc(size) kvmalloc_node(WC_LINUXKM_ROUND_UP_P_OF_2(size), (preempt_count() == 0 ? GFP_KERNEL : GFP_ATOMIC), NUMA_NO_NODE)
#define free(ptr) kvfree(ptr)
#define realloc(ptr, newsize) kvrealloc(ptr, WC_LINUXKM_ROUND_UP_P_OF_2(newsize), (preempt_count() == 0 ? GFP_KERNEL : GFP_ATOMIC))
#ifdef HAVE_KVREALLOC
#define realloc(ptr, newsize) kvrealloc(ptr, WC_LINUXKM_ROUND_UP_P_OF_2(newsize), (preempt_count() == 0 ? GFP_KERNEL : GFP_ATOMIC))
#else
#define realloc(ptr, newsize) ((void)(ptr), (void)(newsize), NULL)
#endif
#else
#define malloc(size) kmalloc(WC_LINUXKM_ROUND_UP_P_OF_2(size), (preempt_count() == 0 ? GFP_KERNEL : GFP_ATOMIC))
#define free(ptr) kfree(ptr)
@@ -1204,7 +1218,9 @@
#else
#define XFREE(p, h, t) ({void* _xp; (void)(h); (void)(t); _xp = (p); if(_xp) free(_xp);})
#endif
#define XREALLOC(p, n, h, t) ({(void)(h); (void)(t); realloc(p, n);})
#if defined(HAVE_KVREALLOC) || !defined(HAVE_KVMALLOC)
#define XREALLOC(p, n, h, t) ({(void)(h); (void)(t); realloc(p, n);})
#endif
#endif
#include <linux/limits.h>

2
linuxkm/module_hooks.c
View File

@@ -523,6 +523,8 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) {
wolfssl_linuxkm_pie_redirect_table.krealloc = krealloc;
#ifdef HAVE_KVMALLOC
wolfssl_linuxkm_pie_redirect_table.kvmalloc_node = kvmalloc_node;
#endif
#ifdef HAVE_KVREALLOC
wolfssl_linuxkm_pie_redirect_table.kvrealloc = kvrealloc;
#endif
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 1, 0)

19
wolfcrypt/src/asn.c
View File

@@ -14323,7 +14323,9 @@ static int GetHashId(const byte* id, int length, byte* hash, int hashAlg)
typedef struct CertNameData {
/* Type string of name component. */
#ifdef WOLFSSL_NAMES_STATIC
const char str[20];
const char str[20]; /* large enough for largest string in certNameSubject[]
* below
*/
#define EMPTY_STR { 0 }
#else
const char* str;
@@ -26192,8 +26194,7 @@ static wcchar END_ENC_PRIV_KEY = "-----END ENCRYPTED PRIVATE KEY-----";
static wcchar BEGIN_PKCS7 = "-----BEGIN PKCS7-----";
static wcchar END_PKCS7 = "-----END PKCS7-----";
#endif
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) || \
!defined(NO_DSA)
#if defined(HAVE_ECC) || !defined(NO_DSA)
static wcchar BEGIN_DSA_PRIV = "-----BEGIN DSA PRIVATE KEY-----";
static wcchar END_DSA_PRIV = "-----END DSA PRIVATE KEY-----";
#endif
@@ -35701,25 +35702,25 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
#else
if (ret == 0) {
/* Base X-ordinate */
DataToHexString(base + 1, (word32)curve->size, curve->Gx);
DataToHexString(base + 1, (word32)curve->size, (char *)curve->Gx);
/* Base Y-ordinate */
DataToHexString(base + 1 + curve->size, (word32)curve->size, curve->Gy);
DataToHexString(base + 1 + curve->size, (word32)curve->size, (char *)curve->Gy);
/* Prime */
DataToHexString(dataASN[ECCSPECIFIEDASN_IDX_PRIME_P].data.ref.data,
dataASN[ECCSPECIFIEDASN_IDX_PRIME_P].data.ref.length,
curve->prime);
(char *)curve->prime);
/* Parameter A */
DataToHexString(dataASN[ECCSPECIFIEDASN_IDX_PARAM_A].data.ref.data,
dataASN[ECCSPECIFIEDASN_IDX_PARAM_A].data.ref.length,
curve->Af);
(char *)curve->Af);
/* Parameter B */
DataToHexString(dataASN[ECCSPECIFIEDASN_IDX_PARAM_B].data.ref.data,
dataASN[ECCSPECIFIEDASN_IDX_PARAM_B].data.ref.length,
curve->Bf);
(char *)curve->Bf);
/* Order of curve */
DataToHexString(dataASN[ECCSPECIFIEDASN_IDX_ORDER].data.ref.data,
dataASN[ECCSPECIFIEDASN_IDX_ORDER].data.ref.length,
curve->order);
(char *)curve->order);
}
#endif /* WOLFSSL_ECC_CURVE_STATIC */

4
wolfcrypt/src/wc_xmss.c
View File

@@ -150,7 +150,9 @@ static WC_INLINE void wc_xmss_state_free(XmssState* state)
typedef struct wc_XmssString {
/* Name of algorithm as a string. */
#ifdef WOLFSSL_NAMES_STATIC
const char str[32];
const char str[32]; /* large enough for largest string in wc_xmss_alg[] or
* wc_xmssmt_alg[]
*/
#else
const char* str;
#endif

2
wolfssl/wolfcrypt/settings.h
View File

@@ -3699,6 +3699,8 @@ extern void uITRON4_free(void *p) ;
#define WC_NO_INTERNAL_FUNCTION_POINTERS
#define WOLFSSL_ECC_CURVE_STATIC
#define WOLFSSL_NAMES_STATIC
#define WOLFSSL_NO_PUBLIC_FFDHE
#undef HAVE_PUBLIC_FFDHE
#endif
#ifndef NO_OLD_WC_NAMES

2
wolfssl/wolfcrypt/wc_lms.h
View File

@@ -385,7 +385,7 @@ typedef struct wc_LmsParamsMap {
enum wc_LmsParm id;
/* String representation of identifier of parameters. */
#ifdef WOLFSSL_NAMES_STATIC
const char str[32];
const char str[32]; /* large enough for largest string in wc_lms_map[] */
#else
const char* str;
#endif