diff --git a/linuxkm/linuxkm_wc_port.h b/linuxkm/linuxkm_wc_port.h index fc30b60eb2..9e511392b2 100644 --- a/linuxkm/linuxkm_wc_port.h +++ b/linuxkm/linuxkm_wc_port.h @@ -216,6 +216,19 @@ #define WC_GENERATE_SEED_DEFAULT wc_linuxkm_GenerateSeed_IntelRD #endif + /* setup for LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT needs to be here + * to assure that calls to get_random_bytes() in random.c are gated out + * (they would recurse, potentially infinitely). + */ + #if defined(LINUXKM_LKCAPI_REGISTER_ALL) && \ + !defined(LINUXKM_LKCAPI_DONT_REGISTER_HASH_DRBG) && \ + !defined(LINUXKM_LKCAPI_DONT_REGISTER_HASH_DRBG_DEFAULT) && \ + !defined(NO_LINUXKM_DRBG_GET_RANDOM_BYTES) && \ + !defined(LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT) && \ + defined(HAVE_HASHDRBG) + #define LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT + #endif + #ifdef BUILDING_WOLFSSL #if ((LINUX_VERSION_CODE >= KERNEL_VERSION(5, 16, 0)) || \ @@ -560,18 +573,6 @@ #define WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS #endif - /* setup for LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT needs to be here - * to assure that calls to get_random_bytes() in random.c are gated out - * (they would recurse, potentially infinitely). - */ - #if defined(LINUXKM_LKCAPI_REGISTER_ALL) && \ - !defined(LINUXKM_LKCAPI_DONT_REGISTER_HASH_DRBG) && \ - !defined(LINUXKM_LKCAPI_DONT_REGISTER_HASH_DRBG_DEFAULT) && \ - !defined(NO_LINUXKM_DRBG_GET_RANDOM_BYTES) && \ - !defined(LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT) - #define LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT - #endif - #ifndef WC_CONTAINERIZE_THIS #include #include @@ -603,6 +604,7 @@ #endif #define WC_LKM_REFCOUNT_TO_INT(refcount) wc_lkm_refcount_to_int(&(refcount)) #endif /* !WC_CONTAINERIZE_THIS */ + #endif /* LINUXKM_LKCAPI_REGISTER */ /* benchmarks.c uses floating point math, so needs a working @@ -1778,6 +1780,11 @@ #endif + #ifdef LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT + struct crypto_rng; + WOLFSSL_API int wc_linux_kernel_rng_is_wolfcrypt(struct crypto_rng *rng); + #endif + /* Undo copied defines from wc_port.h, to avoid redefinition warnings. */ #ifdef HAVE_FIPS #undef wc_InitMutex diff --git a/linuxkm/lkcapi_sha_glue.c b/linuxkm/lkcapi_sha_glue.c index a8ace24a7a..e1337e0ca5 100644 --- a/linuxkm/lkcapi_sha_glue.c +++ b/linuxkm/lkcapi_sha_glue.c @@ -1128,6 +1128,18 @@ static void linuxkm_put_drbg(struct crypto_rng *tfm, struct wc_rng_bank_inst **d #if defined(LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT) && defined(HAVE_HASHDRBG) +int wc_linux_kernel_rng_is_wolfcrypt(struct crypto_rng *rng) { + if (rng && + wc_linuxkm_drbg_default_instance_registered && + (rng->base.__crt_alg->cra_init == wc_linuxkm_drbg_init_tfm)) + { + return 1; + } + else { + return 0; + } +} + static inline struct crypto_rng *get_crypto_default_rng(void) { struct crypto_rng *current_crypto_default_rng = crypto_default_rng; @@ -1149,7 +1161,6 @@ static inline struct crypto_rng *get_crypto_default_rng(void) { if (current_crypto_default_rng->base.__crt_alg->cra_init != wc_linuxkm_drbg_init_tfm) { pr_err("BUG: get_default_drbg_ctx() found wrong crypto_default_rng \"%s\"\n", crypto_tfm_alg_driver_name(¤t_crypto_default_rng->base)); - crypto_put_default_rng(); return NULL; }