mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 13:30:48 +02:00
Merge pull request #9740 from douzzer/20260204-linuxkm-with-global-replace-etc
20260204-linuxkm-with-global-replace-etc
This commit is contained in:
@@ -637,7 +637,6 @@ WC_RSA_NONBLOCK
|
||||
WC_RSA_NONBLOCK_TIME
|
||||
WC_RSA_NO_FERMAT_CHECK
|
||||
WC_RWLOCK_OPS_INLINE
|
||||
WC_SHA3_HARDEN
|
||||
WC_SHA384
|
||||
WC_SHA384_DIGEST_SIZE
|
||||
WC_SHA512
|
||||
|
||||
+5
-7
@@ -1383,13 +1383,13 @@ then
|
||||
esac
|
||||
fi
|
||||
|
||||
# 32 bit armasm and RISC-V asm don't yet support WOLFSSL_AESGCM_STREAM. Disable
|
||||
# RISC-V asm doesn't yet support WOLFSSL_AESGCM_STREAM. Disable
|
||||
# implicit activation, and error on explicit activation.
|
||||
if test "$enable_riscv_asm" = "yes" || (test "$enable_armasm" = "yes" && test "$host_cpu" != "aarch64" && test "$host_cpu" != "aarch64_be")
|
||||
if test "$enable_riscv_asm" = "yes"
|
||||
then
|
||||
if test "$enable_aesgcm_stream" = "yes"
|
||||
then
|
||||
AC_MSG_ERROR([32 bit armasm and RISC-V asm don't yet support WOLFSSL_AESGCM_STREAM.])
|
||||
AC_MSG_ERROR([RISC-V asm doesn't yet support WOLFSSL_AESGCM_STREAM.])
|
||||
fi
|
||||
enable_aesgcm_stream=no
|
||||
fi
|
||||
@@ -10689,11 +10689,9 @@ then
|
||||
if test "$ENABLED_AESGCM" = "no"
|
||||
then
|
||||
AC_MSG_ERROR([AES-GCM streaming is enabled but AES-GCM is disabled.])
|
||||
elif test "$ENABLED_RISCV_ASM" = "yes" || \
|
||||
(test "$ENABLED_ARMASM" = "yes" && \
|
||||
test "$host_cpu" != "aarch64" && test "$host_cpu" != "aarch64_be")
|
||||
elif test "$ENABLED_RISCV_ASM" = "yes"
|
||||
then
|
||||
AC_MSG_ERROR([32 bit armasm and RISC-V asm don't yet support WOLFSSL_AESGCM_STREAM.])
|
||||
AC_MSG_ERROR([RISC-V asm doesn't yet support WOLFSSL_AESGCM_STREAM.])
|
||||
else
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AESGCM_STREAM"
|
||||
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AESGCM_STREAM"
|
||||
|
||||
@@ -545,9 +545,10 @@
|
||||
* to assure that calls to get_random_bytes() in random.c are gated out
|
||||
* (they would recurse, potentially infinitely).
|
||||
*/
|
||||
#if (defined(LINUXKM_LKCAPI_REGISTER_ALL) && \
|
||||
!defined(LINUXKM_LKCAPI_DONT_REGISTER_HASH_DRBG) && \
|
||||
!defined(LINUXKM_LKCAPI_DONT_REGISTER_HASH_DRBG_DEFAULT)) && \
|
||||
#if defined(LINUXKM_LKCAPI_REGISTER_ALL) && \
|
||||
!defined(LINUXKM_LKCAPI_DONT_REGISTER_HASH_DRBG) && \
|
||||
!defined(LINUXKM_LKCAPI_DONT_REGISTER_HASH_DRBG_DEFAULT) && \
|
||||
!defined(NO_LINUXKM_DRBG_GET_RANDOM_BYTES) && \
|
||||
!defined(LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT)
|
||||
#define LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT
|
||||
#endif
|
||||
|
||||
+25
-16
@@ -30,6 +30,22 @@
|
||||
#error SHA* WC_LINUXKM_C_FALLBACK_IN_SHIMS is not currently supported.
|
||||
#endif
|
||||
|
||||
#ifdef NO_LINUXKM_DRBG_GET_RANDOM_BYTES
|
||||
#undef LINUXKM_DRBG_GET_RANDOM_BYTES
|
||||
/* setup for LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT is in linuxkm_wc_port.h */
|
||||
#elif defined(LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT) && \
|
||||
(defined(WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS) || \
|
||||
defined(WOLFSSL_LINUXKM_USE_GET_RANDOM_KPROBES))
|
||||
#ifndef LINUXKM_DRBG_GET_RANDOM_BYTES
|
||||
#define LINUXKM_DRBG_GET_RANDOM_BYTES
|
||||
#endif
|
||||
#else
|
||||
#ifdef LINUXKM_DRBG_GET_RANDOM_BYTES
|
||||
#error LINUXKM_DRBG_GET_RANDOM_BYTES configured with no callback model configured.
|
||||
#undef LINUXKM_DRBG_GET_RANDOM_BYTES
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#include <wolfssl/wolfcrypt/sha.h>
|
||||
#include <wolfssl/wolfcrypt/hmac.h>
|
||||
|
||||
@@ -94,7 +110,14 @@
|
||||
* exhaustion. A caller that really needs PR can pass in seed data in its call
|
||||
* to our rng_alg.generate() implementation.
|
||||
*/
|
||||
#define WOLFKM_STDRNG_DRIVER ("sha2-256-drbg-nopr" WOLFKM_SHA_DRIVER_SUFFIX)
|
||||
#ifdef LINUXKM_DRBG_GET_RANDOM_BYTES
|
||||
#define WOLFKM_STDRNG_DRIVER ("sha2-256-drbg-nopr" \
|
||||
WOLFKM_DRIVER_SUFFIX_BASE \
|
||||
"-with-global-replace")
|
||||
#else
|
||||
#define WOLFKM_STDRNG_DRIVER ("sha2-256-drbg-nopr" \
|
||||
WOLFKM_DRIVER_SUFFIX_BASE)
|
||||
#endif
|
||||
|
||||
#ifdef LINUXKM_LKCAPI_REGISTER_SHA_ALL
|
||||
#define LINUXKM_LKCAPI_REGISTER_SHA1
|
||||
@@ -388,7 +411,7 @@
|
||||
#else
|
||||
#if defined(LINUXKM_LKCAPI_REGISTER_ALL_KCONFIG) && defined(CONFIG_CRYPTO_DRBG) && \
|
||||
!defined(LINUXKM_LKCAPI_DONT_REGISTER_HASH_DRBG)
|
||||
#error Config conflict: target kernel has CONFIG_CRYPTO_SHA3, but module is missing WOLFSSL_SHA3
|
||||
#error Config conflict: target kernel has CONFIG_CRYPTO_DRBG, but module is missing HAVE_HASHDRBG
|
||||
#endif
|
||||
#undef LINUXKM_LKCAPI_REGISTER_HASH_DRBG
|
||||
#endif
|
||||
@@ -1257,20 +1280,6 @@ static struct rng_alg wc_linuxkm_drbg = {
|
||||
};
|
||||
static int wc_linuxkm_drbg_loaded = 0;
|
||||
|
||||
#ifdef NO_LINUXKM_DRBG_GET_RANDOM_BYTES
|
||||
#undef LINUXKM_DRBG_GET_RANDOM_BYTES
|
||||
#elif defined(LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT) && \
|
||||
(defined(WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS) || defined(WOLFSSL_LINUXKM_USE_GET_RANDOM_KPROBES))
|
||||
#ifndef LINUXKM_DRBG_GET_RANDOM_BYTES
|
||||
#define LINUXKM_DRBG_GET_RANDOM_BYTES
|
||||
#endif
|
||||
#else
|
||||
#ifdef LINUXKM_DRBG_GET_RANDOM_BYTES
|
||||
#error LINUXKM_DRBG_GET_RANDOM_BYTES configured with no callback model configured.
|
||||
#undef LINUXKM_DRBG_GET_RANDOM_BYTES
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef LINUXKM_DRBG_GET_RANDOM_BYTES
|
||||
|
||||
#ifndef WOLFSSL_SMALL_STACK_CACHE
|
||||
|
||||
+1
-2
@@ -4341,7 +4341,6 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
|
||||
int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
|
||||
const byte* iv, int dir)
|
||||
{
|
||||
int ret;
|
||||
if ((aes == NULL) || (userKey == NULL)) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
@@ -4367,7 +4366,7 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
if (aes->devId != INVALID_DEVID) {
|
||||
#ifdef WOLF_CRYPTO_CB_AES_SETKEY
|
||||
ret = wc_CryptoCb_AesSetKey(aes, userKey, keylen);
|
||||
int ret = wc_CryptoCb_AesSetKey(aes, userKey, keylen);
|
||||
if (ret == 0) {
|
||||
/* Callback succeeded - SE owns the key */
|
||||
aes->keylen = (int)keylen;
|
||||
|
||||
Reference in New Issue
Block a user