Merge pull request #8881 from douzzer/20250615-heapmath-FREE_MP_INT_SIZE

20250615-heapmath-FREE_MP_INT_SIZE
This commit is contained in:
David Garske
2025-06-16 11:46:12 -07:00
committed by GitHub
3 changed files with 58 additions and 30 deletions

View File

@ -87,7 +87,6 @@ CONFIG_ESP_TLS_USING_WOLFSSL
CONFIG_ESP_WIFI_PASSWORD
CONFIG_ESP_WIFI_SSID
CONFIG_ESP_WOLFSSL_ENABLE_KYBER
CONFIG_ESP_WOLFSSL_ENABLE_MLKEM
CONFIG_ESP_WOLFSSL_ENABLE_WOLFSSH
CONFIG_ESP_WOLFSSL_NO_ESP32_CRYPT
CONFIG_ESP_WOLFSSL_NO_HW_AES
@ -287,7 +286,6 @@ IOTSAFE_NO_GETDATA
IOTSAFE_SIG_8BIT_LENGTH
KCAPI_USE_XMALLOC
K_SERIES
LIBWOLFSSL_CMAKE_OUTPUT
LIBWOLFSSL_VERSION_GIT_BRANCH
LIBWOLFSSL_VERSION_GIT_HASH
LIBWOLFSSL_VERSION_GIT_HASH_DATE
@ -460,7 +458,6 @@ SHOW_CERTS
SHOW_GEN
SHOW_SIZES
SHOW_SSID_AND_PASSWORD
SHOW_WOLFSSL_BUNDLE_ERROR
SIM_SCGC3_RNGA_MASK
SIM_SCGC5_PORTC_MASK
SIM_SCGC5_PORTD_MASK
@ -682,7 +679,6 @@ WOLFSSL_EDDSA_CHECK_PRIV_ON_SIGN
WOLFSSL_EMNET
WOLFSSL_ESPWROOM32
WOLFSSL_EVP_PRINT
WOLFSSL_EXPERIMENTAL_SETTINGS
WOLFSSL_EXPORT_INT
WOLFSSL_EXPORT_SPC_SZ
WOLFSSL_EXTRA
@ -699,7 +695,6 @@ WOLFSSL_HARDEN_TLS_ALLOW_OLD_TLS
WOLFSSL_HARDEN_TLS_ALLOW_TRUNCATED_HMAC
WOLFSSL_HARDEN_TLS_NO_PKEY_CHECK
WOLFSSL_HARDEN_TLS_NO_SCR_CHECK
WOLFSSL_HAVE_MLKEM
WOLFSSL_HOSTNAME_VERIFY_ALT_NAME_ONLY
WOLFSSL_I2D_ECDSA_SIG_ALLOC
WOLFSSL_IAR_ARM_TIME
@ -712,9 +707,6 @@ WOLFSSL_IMXRT_DCP
WOLFSSL_ISOTP
WOLFSSL_KEIL
WOLFSSL_KEIL_NET
WOLFSSL_KYBER1024
WOLFSSL_KYBER512
WOLFSSL_KYBER768
WOLFSSL_KYBER_NO_DECAPSULATE
WOLFSSL_KYBER_NO_ENCAPSULATE
WOLFSSL_KYBER_NO_MAKE_KEY
@ -737,7 +729,6 @@ WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM
WOLFSSL_MLKEM_NO_LARGE_CODE
WOLFSSL_MLKEM_NO_MALLOC
WOLFSSL_MLKEM_NTT_UNROLL
WOLFSSL_ML_KEM_USE_OLD_IDS
WOLFSSL_MONT_RED_CT
WOLFSSL_MP_COND_COPY
WOLFSSL_MP_INVMOD_CONSTANT_TIME
@ -768,9 +759,6 @@ WOLFSSL_NO_KCAPI_HMAC_SHA256
WOLFSSL_NO_KCAPI_HMAC_SHA384
WOLFSSL_NO_KCAPI_HMAC_SHA512
WOLFSSL_NO_KCAPI_SHA224
WOLFSSL_NO_ML_KEM_1024
WOLFSSL_NO_ML_KEM_512
WOLFSSL_NO_ML_KEM_768
WOLFSSL_NO_OCSP_DATE_CHECK
WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK
WOLFSSL_NO_OCSP_OPTIONAL_CERTS
@ -833,8 +821,6 @@ WOLFSSL_SERVER_EXAMPLE
WOLFSSL_SETTINGS_FILE
WOLFSSL_SH224
WOLFSSL_SHA256_ALT_CH_MAJ
WOLFSSL_SHAKE128
WOLFSSL_SHAKE256
WOLFSSL_SHUTDOWNONCE
WOLFSSL_SILABS_TRNG
WOLFSSL_SM4_EBC
@ -876,7 +862,6 @@ WOLFSSL_USE_FLASHMEM
WOLFSSL_USE_OPTIONS_H
WOLFSSL_USE_POPEN_HOST
WOLFSSL_VALIDATE_DH_KEYGEN
WOLFSSL_WC_MLKEM
WOLFSSL_WC_XMSS_NO_SHA256
WOLFSSL_WC_XMSS_NO_SHAKE256
WOLFSSL_WICED_PSEUDO_UNIX_EPOCH_TIME

View File

@ -414,7 +414,7 @@ WC_MAYBE_UNUSED static int sha3_test_once(void) {
#define WC_LINUXKM_SHA_IMPLEMENT(name, digest_size, block_size, \
this_cra_name, this_cra_driver_name, \
init_f, update_f, final_f, \
test_routine) \
free_f, test_routine) \
\
\
static int km_ ## name ## _init(struct shash_desc *desc) { \
@ -436,8 +436,10 @@ static int km_ ## name ## _update(struct shash_desc *desc, const u8 *data, \
\
if (ret == 0) \
return 0; \
else \
else { \
free_f(&ctx-> name ## _state); \
return -EINVAL; \
} \
} \
\
static int km_ ## name ## _final(struct shash_desc *desc, u8 *out) { \
@ -445,6 +447,8 @@ static int km_ ## name ## _final(struct shash_desc *desc, u8 *out) { \
\
int ret = final_f(&ctx-> name ## _state, out); \
\
free_f(&ctx-> name ## _state); \
\
if (ret == 0) \
return 0; \
else \
@ -458,8 +462,10 @@ static int km_ ## name ## _finup(struct shash_desc *desc, const u8 *data, \
\
int ret = update_f(&ctx-> name ## _state, data, len); \
\
if (ret != 0) \
if (ret != 0) { \
free_f(&ctx-> name ## _state); \
return -EINVAL; \
} \
\
return km_ ## name ## _final(desc, out); \
} \
@ -510,7 +516,7 @@ struct wc_swallow_the_semicolon
#define WC_LINUXKM_SHA3_IMPLEMENT(name, digest_size, block_size, \
this_cra_name, this_cra_driver_name, \
init_f, update_f, final_f, \
test_routine) \
free_f, test_routine) \
\
\
static int km_ ## name ## _init(struct shash_desc *desc) { \
@ -537,6 +543,7 @@ static int km_ ## name ## _update(struct shash_desc *desc, const u8 *data, \
if (ret == 0) \
return 0; \
else { \
free_f(ctx-> name ## _state); \
km_sha3_free_tstate(ctx); \
return -EINVAL; \
} \
@ -547,6 +554,7 @@ static int km_ ## name ## _final(struct shash_desc *desc, u8 *out) { \
\
int ret = final_f(ctx-> name ## _state, out); \
\
free_f(ctx-> name ## _state); \
km_sha3_free_tstate(ctx); \
if (ret == 0) \
return 0; \
@ -561,8 +569,10 @@ static int km_ ## name ## _finup(struct shash_desc *desc, const u8 *data, \
\
int ret = update_f(ctx-> name ## _state, data, len); \
\
if (ret != 0) \
if (ret != 0) { \
free_f(ctx-> name ## _state); \
return -EINVAL; \
} \
\
return km_ ## name ## _final(desc, out); \
} \
@ -613,63 +623,63 @@ struct wc_swallow_the_semicolon
WC_LINUXKM_SHA_IMPLEMENT(sha1, WC_SHA_DIGEST_SIZE, WC_SHA_BLOCK_SIZE,
WOLFKM_SHA1_NAME, WOLFKM_SHA1_DRIVER,
wc_InitSha, wc_ShaUpdate, wc_ShaFinal,
sha_test);
wc_ShaFree, sha_test);
#endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA2_224
WC_LINUXKM_SHA_IMPLEMENT(sha2_224, WC_SHA224_DIGEST_SIZE, WC_SHA224_BLOCK_SIZE,
WOLFKM_SHA2_224_NAME, WOLFKM_SHA2_224_DRIVER,
wc_InitSha224, wc_Sha224Update, wc_Sha224Final,
sha224_test);
wc_Sha224Free, sha224_test);
#endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA2_256
WC_LINUXKM_SHA_IMPLEMENT(sha2_256, WC_SHA256_DIGEST_SIZE, WC_SHA256_BLOCK_SIZE,
WOLFKM_SHA2_256_NAME, WOLFKM_SHA2_256_DRIVER,
wc_InitSha256, wc_Sha256Update, wc_Sha256Final,
sha256_test);
wc_Sha256Free, sha256_test);
#endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA2_384
WC_LINUXKM_SHA_IMPLEMENT(sha2_384, WC_SHA384_DIGEST_SIZE, WC_SHA384_BLOCK_SIZE,
WOLFKM_SHA2_384_NAME, WOLFKM_SHA2_384_DRIVER,
wc_InitSha384, wc_Sha384Update, wc_Sha384Final,
sha384_test);
wc_Sha384Free, sha384_test);
#endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA2_512
WC_LINUXKM_SHA_IMPLEMENT(sha2_512, WC_SHA512_DIGEST_SIZE, WC_SHA512_BLOCK_SIZE,
WOLFKM_SHA2_512_NAME, WOLFKM_SHA2_512_DRIVER,
wc_InitSha512, wc_Sha512Update, wc_Sha512Final,
sha512_test);
wc_Sha512Free, sha512_test);
#endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA3_224
WC_LINUXKM_SHA3_IMPLEMENT(sha3_224, WC_SHA3_224_DIGEST_SIZE, WC_SHA3_224_BLOCK_SIZE,
WOLFKM_SHA3_224_NAME, WOLFKM_SHA3_224_DRIVER,
wc_InitSha3_224, wc_Sha3_224_Update, wc_Sha3_224_Final,
sha3_test_once);
wc_Sha3_224_Free, sha3_test_once);
#endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA3_256
WC_LINUXKM_SHA3_IMPLEMENT(sha3_256, WC_SHA3_256_DIGEST_SIZE, WC_SHA3_256_BLOCK_SIZE,
WOLFKM_SHA3_256_NAME, WOLFKM_SHA3_256_DRIVER,
wc_InitSha3_256, wc_Sha3_256_Update, wc_Sha3_256_Final,
sha3_test_once);
wc_Sha3_256_Free, sha3_test_once);
#endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA3_384
WC_LINUXKM_SHA3_IMPLEMENT(sha3_384, WC_SHA3_384_DIGEST_SIZE, WC_SHA3_384_BLOCK_SIZE,
WOLFKM_SHA3_384_NAME, WOLFKM_SHA3_384_DRIVER,
wc_InitSha3_384, wc_Sha3_384_Update, wc_Sha3_384_Final,
sha3_test_once);
wc_Sha3_384_Free, sha3_test_once);
#endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA3_512
WC_LINUXKM_SHA3_IMPLEMENT(sha3_512, WC_SHA3_512_DIGEST_SIZE, WC_SHA3_512_BLOCK_SIZE,
WOLFKM_SHA3_512_NAME, WOLFKM_SHA3_512_DRIVER,
wc_InitSha3_512, wc_Sha3_512_Update, wc_Sha3_512_Final,
sha3_test_once);
wc_Sha3_512_Free, sha3_test_once);
#endif
struct km_sha_hmac_pstate {
@ -700,6 +710,7 @@ WC_MAYBE_UNUSED static int linuxkm_hmac_setkey_common(struct crypto_shash *tfm,
}
WC_MAYBE_UNUSED static void km_hmac_free_tstate(struct km_sha_hmac_state *t_ctx) {
wc_HmacFree(t_ctx->wc_hmac);
free(t_ctx->wc_hmac);
t_ctx->wc_hmac = NULL;
}
@ -731,6 +742,33 @@ WC_MAYBE_UNUSED static int km_hmac_init(struct shash_desc *desc) {
XMEMCPY(t_ctx->wc_hmac, &p_ctx->wc_hmac, sizeof *t_ctx->wc_hmac);
#ifdef WOLFSSL_SMALL_STACK_CACHE
/* The cached W buffer from the persistent ctx can't be used because it
* would be double-freed, first by km_hmac_free_tstate(), then by
* km_hmac_exit_tfm().
*/
switch (t_ctx->wc_hmac->macType) {
#ifndef NO_SHA256
case WC_SHA256:
#ifdef WOLFSSL_SHA224
case WC_SHA224:
#endif
t_ctx->wc_hmac->hash.sha256.W = NULL;
break;
#endif /* WOLFSSL_SHA256 */
#ifdef WOLFSSL_SHA512
case WC_SHA512:
#ifdef WOLFSSL_SHA384
case WC_SHA384:
#endif
t_ctx->wc_hmac->hash.sha512.W = NULL;
break;
#endif /* WOLFSSL_SHA512 */
}
#endif /* WOLFSSL_SMALL_STACK_CACHE */
return 0;
}

View File

@ -205,7 +205,12 @@ typedef int mp_err;
#define NEW_MP_INT_SIZE(name, bits, heap, type) \
XMEMSET(name, 0, sizeof(mp_int))
/* Dispose of static mp_int. */
#define FREE_MP_INT_SIZE(name, heap, type) WC_DO_NOTHING
#define FREE_MP_INT_SIZE(name, heap, type) \
do { \
if ((name) != NULL) { \
mp_free(name); \
} \
} while (0)
/* Initialize an mp_int. */
#define INIT_MP_INT_SIZE(name, bits) \
mp_init(name)