Commit Graph

26 Commits

Author SHA1 Message Date
JacobBarthelmeh a156ed7bc7 update Copyright year 2026-02-18 09:52:21 -07:00
Daniel Pouzzner b2199e9862 linuxkm/{lkcapi_dh_glue.c,lkcapi_ecdh_glue.c,lkcapi_rsa_glue.c}: use LKCAPI_INITRNG() rather than wc_InitRng(), and remove calls to LKCAPI_INITRNG_FOR_SELFTEST(). also, in km_rsa_ctx_init_rng(), recognize WC_DRBG_BANKREF as a usable RNG status. 2026-01-07 22:54:07 -06:00
Sameeh Jubran d27c04bbca linuxkm: handle RHEL9 disabled akcipher sign/decrypt ops
RHEL9 kernels (9.6+) disable RSA signing and decryption in the kernel
crypto API for security reasons (CVE-2023-6240). The kernel forcibly
overwrites akcipher sign/decrypt callbacks to return -ENOSYS, regardless
of what the driver provides.

Commit 3709c35c in the RHEL kernel:
"crypto: akcipher - Disable signing and decryption"

This affects our self-tests which call crypto_akcipher_sign() and
crypto_akcipher_decrypt(). On RHEL9, these operations return -ENOSYS
even though our driver correctly implements them.

Add compile-time checks for RHEL_RELEASE_CODE >= 9.6 to detect this
scenario and skip the affected self-tests gracefully. The tests pass
since the algorithms are registered correctly; the kernel simply
refuses to execute sign/decrypt operations as a matter of policy.

Note: encrypt and verify operations are unaffected and continue to be
tested normally.

Signed-off-by: Sameeh Jubran <sameeh@wolfssl.com>
2026-01-05 19:42:29 +02:00
Daniel Pouzzner b087533fdf linuxkm/lkcapi_sha_glue.c:
* add drbg_init_from() and fork_default_rng(), and
* use the latter to define LKCAPI_INITRNG_FOR_SELFTEST() opportunistically (with fallback to plain wc_InitRng());

linuxkm/lkcapi_rsa_glue.c:
* add km_rsa_ctx_init_rng(),
* remove wc_InitRng() from km_rsa_ctx_init(),
* remove the WC_RSA_BLINDING gates around calls to wc_RsaSetRNG(), and
* call km_rsa_ctx_init_rng() before each call that needs an initialized RNG;

linuxkm/lkcapi_dh_glue.c and linuxkm/lkcapi_ecdh_glue.c: in km_ffdhe_init() and km_ecdh_init(), if linuxkm_lkcapi_registering_now, use LKCAPI_INITRNG_FOR_SELFTEST() to initialize ctx->rng;

linuxkm/lkcapi_glue.c: add notes that lkcapi_sha_glue inclusion and registrations must precede PK, and move declaration of linuxkm_lkcapi_registering_now to precede lkcapi glue inclusions.
2025-12-22 22:58:29 -06:00
Daniel Pouzzner 15fcf7095f linuxkm/lkcapi_{dh,ecdh,ecdsa,rsa,aes}_glue.c: when LINUXKM_LKCAPI_REGISTER_ALL_KCONFIG, don't "#error Config conflict" if explicit LINUXKM_LKCAPI_DONT_REGISTER_foo is defined for the missing algorithm. 2025-12-17 11:01:10 -06:00
Daniel Pouzzner aa96c352d4 add !WC_SKIP_INCLUDED_C_FILES gates in indirectly compiled files in linuxkm/, to avoid false positive unknownMacro reports from cppcheck-force-source. 2025-08-30 14:15:55 -05:00
Daniel Pouzzner 01313cc0c8 linuxkm/x86_vector_register_glue.c:
* refactor the save_vector_registers_x86() algorithm to depend directly on preempt_count(), and use local_bh_enable() and preempt_disable() directly, to mitigate glitchiness around irq_fpu_usable() and crypto_simd_usable();

* eliminate the WC_FPU_ALREADY_FLAG kludge.

* improve the error and warning messages, and add some additional checks and messages for unexpected states; add VRG_PR_ERR_X and VRG_PR_WARN_X for pr_*_once() semantics on regular builds, but unlimited messages when WOLFSSL_LINUXKM_VERBOSE_DEBUG.

linuxkm/linuxkm_wc_port.h and linuxkm/module_hooks.c:

* move the spinlock-based implementation of wc_LockMutex() from linuxkm_wc_port.h to module_hooks.c, due to numerous stuboorn direct external symbol references;

* extensively refactor the kernel header #include strategy, keeping many more superfluous headers out of __PIE__ objects, and fixing unavoidable static header functions with grafted __always_inline attributes;

* add version exceptions for RHEL 9.5.

linuxkm/Kbuild:

* on x86 with CONFIG_MITIGATION_{RETPOLINE,RETHUNK}, use inline rethunks rather than none;

* refactor check for "Error: section(s) missed by containerization." using `readelf --sections --syms`, for 100% coverage, more informative error output, and suppression of false positives on printk-related cruft;

configure.ac and linuxkm/lkcapi_sha_glue.c: use LINUXKM_LKCAPI_[DONT_]REGISTER_{SHA,HMAC}_ALL to represent --enable-linuxkm-lkcapi-register=[-]all-{sha,hmac}, which allows alg families (notably SHA1) to be masked out piecemeal;

linuxkm/lkcapi_rsa_glue.c: in linuxkm_test_pkcs1pad_driver(), mitigate unused args when LINUXKM_AKCIPHER_NO_SIGNVERIFY.
2025-07-16 13:09:03 -05:00
JacobBarthelmeh 629c5b4cf6 updating license from GPLv2 to GPLv3 2025-07-10 16:11:36 -06:00
jordan e73fa74f14 linuxkm: misc cleanup. 2025-07-09 21:43:02 -05:00
jordan 0aacffd6a2 linuxkm rsa: retry wc_MakeRsaKey if not prime. 2025-07-09 20:55:50 -05:00
Daniel Pouzzner 6275f1f7e6 linuxkm/lkcapi_rsa_glue.c: update version threshold for the v6.16 change in crypto_sig_*size() semantics, now backported to 6.15.3. 2025-07-02 14:25:05 -05:00
jordan 1e0e4932ca linuxkm rsa: fix km_pkcs1_key_size callback. 2025-06-24 14:41:57 -05:00
jordan 0b64a5549c linuxkm rsa: fix ret value usage for crypto_sig_sign. 2025-05-29 16:22:40 -05:00
jordan da9410565d linuxkm rsa: km_pkcs1_sign should return sig_len on success. 2025-05-23 22:29:16 -05:00
jordan 402ebec3b7 linuxkm rsa: comments, cleanup work buffer useage. 2025-05-22 11:07:36 -05:00
jordan 54104887ca linuxkm rsa: clean up duplicate code. 2025-05-21 16:59:02 -05:00
jordan 8fef82cc59 linuxkm rsa: linux 6.13 support. 2025-05-21 16:07:46 -05:00
Daniel Pouzzner 629d812eb3 Merge pull request #8730 from philljj/linuxkm_pkcs1pad_more
linuxkm rsa: add more pkcs1pad sha variants
2025-05-05 16:59:29 -05:00
jordan a341333589 linuxkm rsa: additional pkcs1 sha variants. 2025-05-05 13:50:12 -05:00
Daniel Pouzzner b9b66042d7 wolfssl/wolfcrypt/dh.h: gate in wc_DhGeneratePublic() with WOLFSSL_DH_EXTRA,
adding WOLFSSL_NO_DH_GEN_PUB in the unlikely event it needs to be disabled;

configure.ac: in --enable-linuxkm-lkcapi-register section, remove special-case
  handling for -DWOLFSSL_DH_GEN_PUB, and add support for
  --enable-linuxkm-lkcapi-register=all-kconfig, which disables registration of
  any algs that are disabled in the target kernel, and #errors if any algs or
  registrations are disabled or incompatible in libwolfssl but enabled in the
  target kernel (note, it does not #error for algorithms we don't currently
  shim/implement);

linuxkm/lkcapi_glue.c: change default WOLFSSL_LINUXKM_LKCAPI_PRIORITY from 10000
  to INT_MAX to make masking impossible;

linuxkm/lkcapi*glue.c: move all remaining algorithm-specific gate setup into the
  respective algorithm family files, and in each family file, add
  LINUXKM_LKCAPI_REGISTER_ALL_KCONFIG logic to activate shims only if the
  corresponding algorithm is activated in the target kernel.

linuxkm/lkcapi_sha_glue.c: fix -Wunuseds in
  wc_linuxkm_drbg_default_instance_registered() and wc_linuxkm_drbg_cleanup()
  when !LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT.
2025-05-05 13:17:06 -05:00
Daniel Pouzzner a18a8ced23 linuxkm/lkcapi_*_glue.c: in test harnesses, fix several out-of-order NULLing of PTR_ERR-type pointers in error paths. 2025-05-01 16:55:30 -05:00
Daniel Pouzzner 1b59bc25d1 linuxkm:
in lkcapi_sha_glue.c:

    in linuxkm_hmac_setkey_common(), ignore keylength even in FIPS modules (use
    wc_HmacSetKey_ex(..., 1)) on kernel < 6.0 to work around crypto manager bug;

    in wc_linuxkm_drbg_startup(), add rng workout routine using handle from
    crypto_alloc_rng();

  in lkcapi_*_glue.c: fix test routines to return valid wolfCrypt error codes
  consistently;

  in module_hooks.c, implement
    * linuxkm_lkcapi_sysfs_install_node(),
    * linuxkm_lkcapi_sysfs_deinstall_node(),
    * FIPS_rerun_self_test_handler()
  and add corresponding setup/teardown in wolfssl_init() and wolfssl_exit();

  in lkcapi_glue.c:

    refactor linuxkm_lkcapi_sysfs_install and linuxkm_lkcapi_sysfs_deinstall to
    use the new helpers;

    harden the REGISTER_ALG() and UNREGISTER_ALG() macros and the
    linuxkm_lkcapi_register() and linuxkm_lkcapi_unregister() functions, and add
    informational messages about number of algs registered/deregistered;

  in x86_vector_register_glue.c: fix gate for irq_fpu_usable() workaround to
  reflect backporting of fix in >=5.10.180 in 5.10-LTS and >=5.15.39 in 5.15-LTS
  linuxkm/lkcapi_glue.c: move WOLFSSL_DEBUG_TRACE_ERROR_CODES coverage for
  EINVAL/ENOMEM/EBADMSG to module_hooks.c.
2025-05-01 00:08:32 -05:00
Daniel Pouzzner d4fc8c3791 linuxkm/: null out pointers with PTR_ERR()-encoded values before jumping to cleanup;
linuxkm/lkcapi_rsa_glue.c: in km_rsa_init(), implement error-path cleanup;

linuxkm/module_hooks.c: nix CONFIG_MODULE_SIG requirement in WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE builds;

wolfssl/wolfcrypt/settings.h: in WOLFSSL_LINUXKM setup, define WOLFSSL_ASN_INT_LEAD_0_ANY if LINUXKM_LKCAPI_REGISTER (required for kernel 5.10 crypto manager);

wolfcrypt/src/memory.c: add WC_NO_ERR_TRACE() to mock error returns in SAVE_VECTOR_REGISTERS2_fuzzer().
2025-04-22 16:44:07 -05:00
Daniel Pouzzner fe244fb41b linuxkm: clean up LKCAPI glue:
typography fixes;

static attr on const byte arrays;

refactor km_ecdsa_verify() to use a single heap allocation;

fix linuxkm_test_ecdsa_nist_driver() to copy sig and hash to a heap allocation before passing to sg_set_buf() (avoids unmapping of rodata);

in linuxkm_test_pkcs1_driver() move hash from stack to heap;

add LINUX_VERSION_CODE >= 5.4 assertion in linuxkm/lkcapi_glue.c;

streamline macro logic in linuxkm/lkcapi_sha_glue.c.
2025-04-18 18:21:57 -05:00
Daniel Pouzzner 44adc4a71d linuxkm/lkcapi_rsa_glue.c: gate LINUXKM_DIRECT_RSA directly on WC_RSA_NO_PADDING;
configure.ac: always pass -DWC_RSA_NO_PADDING for --enable-linuxkm-lkcapi-register=rsa or =all.
2025-04-17 10:38:45 -05:00
jordan ff93e6d5d4 linuxkm: register rsa. 2025-04-16 09:50:06 -05:00