wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-12 09:04:48 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9077 from douzzer/20250807-wc_ForceZero-and-linuxkm-RHEL9v6

Browse Source 
20250807-wc_ForceZero-and-linuxkm-RHEL9v6
This commit is contained in:
Sean Parkinson
2025-08-11 21:06:51 +10:00
committed by GitHub
parent 5a402b2254 a821e4cfa2
commit 55f30adb3e
5 changed files with 42 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.wolfssl_known_macro_extras
View File

@@ -883,6 +883,7 @@ WOLFSSL_USER_MUTEX
WOLFSSL_USER_THREADING WOLFSSL_USER_THREADING
WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW
WOLFSSL_USE_FLASHMEM WOLFSSL_USE_FLASHMEM
WOLFSSL_USE_FORCE_ZERO
WOLFSSL_USE_OPTIONS_H WOLFSSL_USE_OPTIONS_H
WOLFSSL_VALIDATE_DH_KEYGEN WOLFSSL_VALIDATE_DH_KEYGEN
WOLFSSL_WC_LMS_SERIALIZE_STATE WOLFSSL_WC_LMS_SERIALIZE_STATE

1
linuxkm/module_hooks.c
View File

@@ -837,6 +837,7 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) {
PRAGMA_GCC_DIAG_PUSH PRAGMA_GCC_DIAG_PUSH
PRAGMA_GCC("GCC diagnostic ignored \"-Wnested-externs\"") PRAGMA_GCC("GCC diagnostic ignored \"-Wnested-externs\"")
PRAGMA_GCC("GCC diagnostic ignored \"-Wpointer-arith\"") PRAGMA_GCC("GCC diagnostic ignored \"-Wpointer-arith\"")
PRAGMA_GCC("GCC diagnostic ignored \"-Wunused-parameter\"")
#include <crypto/hash.h> #include <crypto/hash.h>
PRAGMA_GCC_DIAG_POP PRAGMA_GCC_DIAG_POP

34
wolfcrypt/src/memory.c
View File

@@ -1660,6 +1660,40 @@ void __attribute__((no_instrument_function))
} }
#endif #endif
#ifndef WOLFSSL_NO_FORCE_ZERO
/* Exported version of ForceZero() that takes a size_t. */
void wc_ForceZero(void *mem, size_t len)
{
byte *zb = (byte *)mem;
unsigned long *zl;
XFENCE();
while ((wc_ptr_t)zb & (wc_ptr_t)(sizeof(unsigned long) - 1U)) {
if (len == 0)
return;
*zb++ = 0;
--len;
}
zl = (unsigned long *)zb;
while (len > sizeof(unsigned long)) {
*zl++ = 0;
len -= sizeof(unsigned long);
}
zb = (byte *)zl;
while (len) {
*zb++ = 0;
--len;
}
XFENCE();
}
#endif
#ifdef WC_DEBUG_CIPHER_LIFECYCLE #ifdef WC_DEBUG_CIPHER_LIFECYCLE
static const byte wc_debug_cipher_lifecycle_tag_value[] = static const byte wc_debug_cipher_lifecycle_tag_value[] =
{ 'W', 'o', 'l', 'f' }; { 'W', 'o', 'l', 'f' };

4
wolfssl/wolfcrypt/memory.h
View File

@@ -342,6 +342,10 @@ WOLFSSL_LOCAL void wc_MemZero_Add(const char* name, const void* addr,
WOLFSSL_LOCAL void wc_MemZero_Check(void* addr, size_t len); WOLFSSL_LOCAL void wc_MemZero_Check(void* addr, size_t len);
#endif #endif
#ifndef WOLFSSL_NO_FORCE_ZERO
WOLFSSL_API void wc_ForceZero(void *mem, size_t len);
#endif
#ifdef WC_DEBUG_CIPHER_LIFECYCLE #ifdef WC_DEBUG_CIPHER_LIFECYCLE
WOLFSSL_LOCAL int wc_debug_CipherLifecycleInit(void **CipherLifecycleTag, WOLFSSL_LOCAL int wc_debug_CipherLifecycleInit(void **CipherLifecycleTag,
void *heap); void *heap);

3
wolfssl/wolfcrypt/settings.h
View File

@@ -4047,7 +4047,8 @@ extern void uITRON4_free(void *p) ;
#if defined(WOLFCRYPT_ONLY) && defined(NO_AES) && !defined(WOLFSSL_SHA384) && \ #if defined(WOLFCRYPT_ONLY) && defined(NO_AES) && !defined(WOLFSSL_SHA384) && \
!defined(WOLFSSL_SHA512) && defined(WC_NO_RNG) && \ !defined(WOLFSSL_SHA512) && defined(WC_NO_RNG) && \
!defined(WOLFSSL_SP_MATH) && !defined(WOLFSSL_SP_MATH_ALL) \ !defined(WOLFSSL_SP_MATH) && !defined(WOLFSSL_SP_MATH_ALL) \
&& !defined(USE_FAST_MATH) && defined(NO_SHA256) && !defined(USE_FAST_MATH) && defined(NO_SHA256) && \
!defined(WOLFSSL_USE_FORCE_ZERO)
#undef WOLFSSL_NO_FORCE_ZERO #undef WOLFSSL_NO_FORCE_ZERO
#define WOLFSSL_NO_FORCE_ZERO #define WOLFSSL_NO_FORCE_ZERO
#endif #endif