From 9ca32e23d408f4f9dc76b81e6bdfd530ccecfca3 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Fri, 20 Feb 2026 15:45:27 -0600 Subject: [PATCH] linuxkm/linuxkm-fips-hash.c: cosmetic bikeshedding (AI-prompted); linuxkm/linuxkm_memory.c and linuxkm/linuxkm_memory.h: set up and use WOLFSSL_TEXT_SEGMENT_CANONICALIZER_BUFSIZ. --- linuxkm/linuxkm-fips-hash.c | 26 +++++++++++--------------- linuxkm/linuxkm_memory.c | 4 ++-- linuxkm/linuxkm_memory.h | 4 ++++ 3 files changed, 17 insertions(+), 17 deletions(-) diff --git a/linuxkm/linuxkm-fips-hash.c b/linuxkm/linuxkm-fips-hash.c index 4223a93219..fc53a1619f 100644 --- a/linuxkm/linuxkm-fips-hash.c +++ b/linuxkm/linuxkm-fips-hash.c @@ -62,12 +62,7 @@ extern const char coreKey[FIPS_IN_CORE_KEY_SZ*2 + 1]; #endif static int hmac_setkey_cb(Hmac *hmac, const byte *key, word32 key_len) { - int ret; - - ret = wc_HmacSetKey(hmac, FIPS_IN_CORE_HASH_TYPE, key, key_len); - if (ret != 0) - return ret; - return 0; + return wc_HmacSetKey(hmac, FIPS_IN_CORE_HASH_TYPE, key, key_len); } static int hmac_update_cb(Hmac *hmac, const byte *in, word32 in_len) { @@ -89,7 +84,7 @@ int main(int argc, char **argv) int ret; struct wc_reloc_table_segments seg_map = WC_RELOC_TABLE_SEGMENTS_INITIALIZER; word32 new_verifyCore_size = FIPS_IN_CORE_DIGEST_SIZE*2 + 1; - char new_verifyCore[new_verifyCore_size]; + char new_verifyCore[FIPS_IN_CORE_DIGEST_SIZE*2 + 1]; const char *progname = strchr(argv[0], '/') ? strrchr(argv[0], '/') + 1 : argv[0]; const char *mod_path = NULL; const char *user_coreKey = NULL; @@ -134,13 +129,6 @@ int main(int argc, char **argv) { } }; - ret = wolfCrypt_Init(); - if (ret < 0) { - fprintf(stderr, "%s: wolfCrypt_Init() failed: %s.\n", - progname, wc_GetErrorString(ret)); - exit(1); - } - for (;;) { int option_index = 0; int c = getopt_long(argc, argv, "f:ik:qvh", long_options, &option_index); @@ -292,7 +280,8 @@ int main(int argc, char **argv) mod_map = (byte *)mmap(NULL, st.st_size, inplace ? PROT_READ | PROT_WRITE : PROT_READ, - MAP_SHARED | MAP_POPULATE, mod_fd, 0); + (inplace ? MAP_SHARED : MAP_PRIVATE) | MAP_POPULATE, + mod_fd, 0); if (mod_map == MAP_FAILED) { fprintf(stderr, "%s: mmap() of %s, length %zu: %m.\n", progname, mod_path, st.st_size); @@ -323,6 +312,13 @@ int main(int argc, char **argv) seg_map.bss_start += (unsigned long)mod_map; seg_map.bss_end += (unsigned long)mod_map; + ret = wolfCrypt_Init(); + if (ret < 0) { + fprintf(stderr, "%s: wolfCrypt_Init() failed: %s.\n", + progname, wc_GetErrorString(ret)); + exit(1); + } + ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); if (ret != 0) { fprintf(stderr, "%s: wc_HmacInit() failed: %s.\n", diff --git a/linuxkm/linuxkm_memory.c b/linuxkm/linuxkm_memory.c index ecda60f590..542933c2a2 100644 --- a/linuxkm/linuxkm_memory.c +++ b/linuxkm/linuxkm_memory.c @@ -730,7 +730,7 @@ int wc_fips_generate_hash( { ssize_t cur_reloc_index = -1; const byte *text_p = (const byte *)seg_map->fips_text_start; - byte *buf = XMALLOC(8192, NULL, DYNAMIC_TYPE_TMP_BUFFER); + byte *buf = XMALLOC(WOLFSSL_TEXT_SEGMENT_CANONICALIZER_BUFSIZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (! buf) { ret = MEMORY_E; @@ -744,7 +744,7 @@ int wc_fips_generate_hash( */ ssize_t progress = wc_reloc_normalize_text( text_p, - min(8192, (word32)((const byte *)seg_map->fips_text_end - text_p)), + min(WOLFSSL_TEXT_SEGMENT_CANONICALIZER_BUFSIZ, (word32)((const byte *)seg_map->fips_text_end - text_p)), buf, &cur_reloc_index, seg_map, diff --git a/linuxkm/linuxkm_memory.h b/linuxkm/linuxkm_memory.h index 011b2ee457..695a82aafa 100644 --- a/linuxkm/linuxkm_memory.h +++ b/linuxkm/linuxkm_memory.h @@ -200,6 +200,10 @@ struct wc_reloc_counts { #if defined(WC_SYM_RELOC_TABLES) || defined(WC_SYM_RELOC_TABLES_SUPPORT) +#ifndef WOLFSSL_TEXT_SEGMENT_CANONICALIZER_BUFSIZ + #define WOLFSSL_TEXT_SEGMENT_CANONICALIZER_BUFSIZ 8192 +#endif + WOLFSSL_API ssize_t wc_reloc_normalize_text( const byte *text_in, size_t text_in_len,