Commit Graph

45 Commits

Author SHA1 Message Date
Daniel Pouzzner 7c0d64ade5 linuxkm/lkcapi_sha_glue.c and linuxkm/linuxkm_wc_port.h: add wc_linux_kernel_rng_is_wolfcrypt(), and remove incorrect crypto_put_default_rng() in get_crypto_default_rng(). 2026-03-17 17:44:45 -05:00
Daniel Pouzzner 10ba02fe40 linuxkm/lkcapi_sha_glue.c: add -wolfentropy and/or -rdseed to WOLFKM_STDRNG_DRIVER to advertise the seed source. 2026-02-20 15:44:54 -06:00
JacobBarthelmeh a156ed7bc7 update Copyright year 2026-02-18 09:52:21 -07:00
Daniel Pouzzner 0364a348b5 linuxkm/lkcapi_sha_glue.c and linuxkm/linuxkm_wc_port.h: when LINUXKM_DRBG_GET_RANDOM_BYTES, add "-with-global-replace" to the DRBG driver name, to advertise that /dev/[u]random and getrandom() are FIPS PRNGs; when NO_LINUXKM_DRBG_GET_RANDOM_BYTES, don't implicitly define LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT. 2026-02-04 14:30:08 -06:00
Daniel Pouzzner 0059f1647e move WC_RNG_BANK_SUPPORT implementation from wolfcrypt/src/random.c and wolfssl/wolfcrypt/random.h to new files wolfcrypt/src/rng_bank.c and wolfssl/wolfcrypt/rng_bank.h;
wolfcrypt/src/rng_bank.c:

  * add wc_local_rng_bank_checkout_for_bankref, wc_BankRef_Release(), wc_rng_bank_new(), and wc_rng_bank_free();

  * in wc_rng_bank_checkin(), take a struct wc_rng_bank_inst **rng_inst and NULL it before return;

  * in wc_rng_bank_init(), add a devId arg, and handle devId in wc_rng_bank_inst_reinit();

  * add WC_RNG_BANK_INST_LOCK_* and use them in wc_rng_bank_checkout() and wc_rng_bank_checkin();

  * fix order of operations in wc_rng_bank_checkout() re DISABLE_VECTOR_REGISTERS();

wolfcrypt/src/random.c:

  * refactor per-instance salting for wc_rng_bank_inst: remove changes in Hash_df(), Hash_DRBG_Instantiate(), and _InitRng(), and in wc_rng_bank_init() and wc_rng_bank_inst_reinit(), use wc_InitRngNonce_ex() and pass the wc_rng_bank_inst pointer as the nonce;

  * simplify the WC_RNG_BANK_SUPPORT variant of wc_RNG_GenerateBlock() -- delegate to wc_local_rng_bank_checkout_for_bankref() and remove supplementary error checking;

  * in wc_FreeRng(), call wc_BankRef_Release() when WC_DRBG_BANKREF, and in wc_BankRef_Release(), fix refcount flub (not wolfSSL_RefFree, rather wolfSSL_RefDec);

  * streamline the WOLFSSL_LINUXKM wc_GenerateSeed();

wolfcrypt/test/test.c: add random_bank_test();

linuxkm/lkcapi_sha_glue.c: use WC_RNG_BANK_INST_TO_RNG() opportunistically;

configure.ac: add --enable-amdrdseed as a synonym for --enable-amdrand;

linuxkm/linuxkm_wc_port.h: when LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT, don't include get_random_bytes() in struct wolfssl_linuxkm_pie_redirect_table;

add various comments for clarity.
2026-01-07 22:54:07 -06:00
Daniel Pouzzner c1d2828daf wolfcrypt/src/random.c, wolfssl/wolfcrypt/random.h, wolfssl/wolfcrypt/wc_port.h, linuxkm/lkcapi_sha_glue.c: fixes from autotesting:
* refactor to eliminate recursion in wc_RNG_GenerateBlock();
* refactor enum wc_rng_bank_flags as word32 and macros;
* fix -Wconversions, -Wunused, and stray EINVAL in wc_rng_bank_init();
* make struct wc_rng_bank_inst a top-level definition for C++ compat;
* fix several bugprone-macro-parentheses.
2026-01-07 22:54:07 -06:00
Daniel Pouzzner 1c6ef8b621 linuxkm/lkcapi_sha_glue.c:
* refactor to use new wc_rng_bank facility:
  * wc_linuxkm_drbg_init_tfm()
  * wc_linuxkm_drbg_exit_tfm()
  * get_drbg() (renamed to linuxkm_get_drbg())
  * put_drbg() (renamed to linuxkm_put_drbg())
  * wc_linuxkm_drbg_generate()
  * wc_linuxkm_drbg_seed()
  * wc_mix_pool_bytes()
  * wc_crng_reseed()
* add:
  * linuxkm_affinity_lock()
  * linuxkm_affinity_get_id()
  * linuxkm_affinity_unlock()
  * linuxkm_InitRng_DefaultRef()
* remove:
  * get_drbg_n()
  * drbg_init_from()
  * fork_default_rng()
  * LKCAPI_INITRNG_FOR_SELFTEST.
* when LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT, define LKCAPI_INITRNG to linuxkm_InitRng_DefaultRef, else define it to wc_InitRng().
2026-01-07 22:54:07 -06:00
Daniel Pouzzner 299ca1cfef fixes from peer review: added comments for clarity, and remove errant condition added in _InitRng(). 2025-12-30 12:13:15 -06:00
Daniel Pouzzner d504baaf3a linuxkm/lkcapi_sha_glue.c and .wolfssl_known_macro_extras: fixes from check-source-text. 2025-12-29 20:55:36 -06:00
Daniel Pouzzner fecc1cffe7 linuxkm/lkcapi_sha_glue.c: add retry loop around wc_InitRng(), and allow interrupt in preemptible threads, in wc_linuxkm_drbg_init_tfm(). 2025-12-29 20:55:36 -06:00
Daniel Pouzzner 283792c207 linuxkm/lkcapi_sha_glue.c: in wc_linuxkm_drbg_startup(), deinstall the callbacks and stdrng first before checking refcnt. 2025-12-26 16:41:43 -06:00
Daniel Pouzzner b66f1b78a7 peer/Devin review:
* in get_crypto_default_rng() (linuxkm/lkcapi_sha_glue.c), sanity check that crypto_default_rng isn't null;
* in wc_InitRsaKey_ex(), remove frivolous NULL/zero assignments (XMEMSET clears them implicitly);
* in wc_CheckRsaKey(), check ret from wc_InitRng() and short circuit return if failed.
2025-12-23 13:05:40 -06:00
Daniel Pouzzner b087533fdf linuxkm/lkcapi_sha_glue.c:
* add drbg_init_from() and fork_default_rng(), and
* use the latter to define LKCAPI_INITRNG_FOR_SELFTEST() opportunistically (with fallback to plain wc_InitRng());

linuxkm/lkcapi_rsa_glue.c:
* add km_rsa_ctx_init_rng(),
* remove wc_InitRng() from km_rsa_ctx_init(),
* remove the WC_RSA_BLINDING gates around calls to wc_RsaSetRNG(), and
* call km_rsa_ctx_init_rng() before each call that needs an initialized RNG;

linuxkm/lkcapi_dh_glue.c and linuxkm/lkcapi_ecdh_glue.c: in km_ffdhe_init() and km_ecdh_init(), if linuxkm_lkcapi_registering_now, use LKCAPI_INITRNG_FOR_SELFTEST() to initialize ctx->rng;

linuxkm/lkcapi_glue.c: add notes that lkcapi_sha_glue inclusion and registrations must precede PK, and move declaration of linuxkm_lkcapi_registering_now to precede lkcapi glue inclusions.
2025-12-22 22:58:29 -06:00
Daniel Pouzzner 38b675ef68 linuxkm/lkcapi_sha_glue.c:
* as for other glue families, when LINUXKM_LKCAPI_REGISTER_ALL_KCONFIG, don't "#error Config conflict" if explicit LINUXKM_LKCAPI_DONT_REGISTER_foo is defined for the missing algorithm;
  * in km_hmac_init(), use wc_HmacCopy() to copy p_ctx->wc_hmac to t_ctx->wc_hmac;
  * in get_drbg(), when tfm == crypto_default_rng, only migrate_disable() and local_bh_disable() if preempt_count() == 0, i.e. if not in already in an uninterruptible context;
  * add can_spin argument to get_drbg_n() -- wc_linuxkm_drbg_seed() can_spin, wc_mix_pool_bytes() !can_spin, and wc_crng_reseed() can_spin;
  * add compile-time assert that WOLFSSL_SMALL_STACK_CACHE is defined if LINUXKM_DRBG_GET_RANDOM_BYTES;

.wolfssl_known_macro_extras: add CONFIG_CRYPTO_DRBG.
2025-12-17 11:01:10 -06:00
Daniel Pouzzner fe33bb9bd9 linuxkm/lkcapi_sha_glue.c:
* in get_drbg(), call local_bh_disable() for the crypto_default_rng, and in put_drbg(), call local_bh_enable() if needed.
* re-gate migrate_disable() and migrate_enable() so they're called for any SMP kernel >= 5.7, regardless of CONFIG_PREEMPT_COUNT.
* in get_drbg_n(), if the caller can't sleep, return immediately if the requested DRBG is busy, to avoid priority inversions and deadlocks.
2025-12-10 20:33:48 -06:00
Daniel Pouzzner 64ebc342a1 linuxkm/lkcapi_sha_glue.c: in wc_linuxkm_drbg_generate(), generate randomness in batches that fit in RNG_MAX_BLOCK_LEN. 2025-12-04 09:34:22 -06:00
kaleb-himes eeb2b09b23 Address linuxkm builds and the new header 2025-11-20 09:38:13 -07:00
Daniel Pouzzner 30487ad236 linuxkm/: fixes for ARMv7, and miscellaneous fixes for Makefile and FIPS logic. 2025-11-19 17:21:29 -06:00
Daniel Pouzzner aa96c352d4 add !WC_SKIP_INCLUDED_C_FILES gates in indirectly compiled files in linuxkm/, to avoid false positive unknownMacro reports from cppcheck-force-source. 2025-08-30 14:15:55 -05:00
Daniel Pouzzner 7df8ee4081 linuxkm/linuxkm_wc_port.h: add default setup for LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT, to make visibility in random.c;
linuxkm/lkcapi_sha_glue.c: revert f7c7ac275a (get_drbg() DISABLE_VECTOR_REGISTERS() for crypto_default_rng) -- compiler/inlining bug makes it break on at least one target, so caller needs to retain responsibility;

linuxkm/x86_vector_register_glue.c: in wc_save_vector_registers_x86(), always return WC_ACCEL_INHIBIT_E if already fpu_state & WC_FPU_INHIBITED_FLAG, for safe+correct dynamics on recursive calls.
2025-08-30 12:08:57 -05:00
Daniel Pouzzner f7c7ac275a linuxkm/linuxkm_wc_port.h and linuxkm/x86_vector_register_glue.c: refactor
wc_save_vector_registers_x86() and wc_restore_vector_registers_x86() to allow
  recursive WC_SVR_FLAG_INHIBIT while already in a vector save context;

linuxkm/lkcapi_sha_glue.c: in get_drbg() and put_drbg(),
  DISABLE_VECTOR_REGISTERS()...REENABLE_VECTOR_REGISTERS() if tfm ==
  crypto_default_rng.
2025-08-28 11:02:45 -05:00
Daniel Pouzzner e0383b496a linuxkm/module_hooks.c: implement wc_linuxkm_GenerateSeed_IntelRD, gated on WC_LINUXKM_RDSEED_IN_GLUE_LAYER;
add WC_GENERATE_SEED_DEFAULT, which defaults to wc_GenerateSeed if not overridden, and replace wc_GenerateSeed with WC_GENERATE_SEED_DEFAULT in various calls to wc_SetSeed_Cb();

linuxkm/linuxkm_wc_port.h: if FIPS <v6 and RDSEED, define WC_LINUXKM_RDSEED_IN_GLUE_LAYER and define WC_GENERATE_SEED_DEFAULT wc_linuxkm_GenerateSeed_IntelRD;

wolfcrypt/test/test.c: update rng_seed_test() with gating and vectors for FIPS v5 with HAVE_AMD_RDSEED or HAVE_INTEL_RDSEED;

wolfssl/wolfcrypt/types.h: add WC_HAVE_VECTOR_SPEEDUPS helper macro, and enlarge fallthrough definition coverage for DISABLE_VECTOR_REGISTERS.
2025-08-22 21:58:00 -05:00
Daniel Pouzzner c353052e54 linuxkm/linuxkm_wc_port.h:
* move enum wc_svr_flags out of BUILDING_WOLFSSL guard;
* add DISABLE_VECTOR_REGISTERS() and REENABLE_VECTOR_REGISTERS() definitions for !BUILDING_WOLFSSL;
* add #include <linux/spinlock.h> to !WOLFSSL_LINUXKM_USE_MUTEXES implementation to fix compilation (and add usability) to caller code;

linuxkm/lkcapi_sha_glue.c: in wc_linuxkm_drbg_ctx_clear(), fix error-path deallocation of locked object;

wolfcrypt/benchmark/benchmark.c:

* in FIPS v6+ builds, and FIPS linuxkm v5+, check retval from wc_AesEncryptDirect() and wc_AesDecryptDirect();
* add WC_RELAX_LONG_LOOP() in bench_stats_sym_finish() and bench_stats_asym_finish_ex();

wolfcrypt/test/test.c: fix rng_seed_test() with correct test vectors for the relevant combinations of features, and gate the test out if there are user override defines for ENTROPY_SCALE_FACTOR or SEED_BLOCK_SZ.
2025-07-30 22:15:05 -05:00
Daniel Pouzzner 01313cc0c8 linuxkm/x86_vector_register_glue.c:
* refactor the save_vector_registers_x86() algorithm to depend directly on preempt_count(), and use local_bh_enable() and preempt_disable() directly, to mitigate glitchiness around irq_fpu_usable() and crypto_simd_usable();

* eliminate the WC_FPU_ALREADY_FLAG kludge.

* improve the error and warning messages, and add some additional checks and messages for unexpected states; add VRG_PR_ERR_X and VRG_PR_WARN_X for pr_*_once() semantics on regular builds, but unlimited messages when WOLFSSL_LINUXKM_VERBOSE_DEBUG.

linuxkm/linuxkm_wc_port.h and linuxkm/module_hooks.c:

* move the spinlock-based implementation of wc_LockMutex() from linuxkm_wc_port.h to module_hooks.c, due to numerous stuboorn direct external symbol references;

* extensively refactor the kernel header #include strategy, keeping many more superfluous headers out of __PIE__ objects, and fixing unavoidable static header functions with grafted __always_inline attributes;

* add version exceptions for RHEL 9.5.

linuxkm/Kbuild:

* on x86 with CONFIG_MITIGATION_{RETPOLINE,RETHUNK}, use inline rethunks rather than none;

* refactor check for "Error: section(s) missed by containerization." using `readelf --sections --syms`, for 100% coverage, more informative error output, and suppression of false positives on printk-related cruft;

configure.ac and linuxkm/lkcapi_sha_glue.c: use LINUXKM_LKCAPI_[DONT_]REGISTER_{SHA,HMAC}_ALL to represent --enable-linuxkm-lkcapi-register=[-]all-{sha,hmac}, which allows alg families (notably SHA1) to be masked out piecemeal;

linuxkm/lkcapi_rsa_glue.c: in linuxkm_test_pkcs1pad_driver(), mitigate unused args when LINUXKM_AKCIPHER_NO_SIGNVERIFY.
2025-07-16 13:09:03 -05:00
JacobBarthelmeh 629c5b4cf6 updating license from GPLv2 to GPLv3 2025-07-10 16:11:36 -06:00
Daniel Pouzzner b4137fe2f8 linuxkm/lkcapi_sha_glue.c: add interruptibility and additional relaxation where possible, and fix a leaked lock scenario, in get_drbg_n(), wc_linuxkm_drbg_seed(), wc_mix_pool_bytes(), and wc_crng_reseed();
wolfcrypt/src/asn.c: add a couple static attributes missed on the previous round of fixups.
2025-07-10 10:59:57 -05:00
Daniel Pouzzner 478bfafea3 linuxkm/lkcapi_sha_glue.c:
* add wc_linuxkm_drbg_ctx.n_rngs, and in wc_linuxkm_drbg_init_tfm(), set it to max(4, nr_cpu_ids), to avoid stalling on unicore targets;

* add explanatory comments re architecture to get_drbg() and get_drbg_n();

* add opportunistic cond_sched() to get_drbg_n();

* add runtime asserts in get_drbg(), wc_linuxkm_drbg_seed(), and get_default_drbg_ctx(), checking that we have the right tfm with an allocated DRBG array;

* wc_linuxkm_drbg_startup(): return failure if registering the random_bytes handlers fails;

linuxkm/patches/6.1.73/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-6v1v73.patch: fix flub.
2025-07-03 17:35:37 -05:00
Daniel Pouzzner dd69d56e33 linuxkm/linuxkm_wc_port.h: in malloc/realloc, use GFP_KERNEL if it's safe to sleep;
linuxkm/lkcapi_sha_glue.c:

* in wc_linuxkm_drbg_init_tfm(), sleep if it's safe, and observe a wc_linuxkm_drbg_init_tfm_disable_vector_registers flag;

* in wc_crng_reseed(), preemptively execute the reseed if it's safe to sleep;

* in wc_linuxkm_drbg_startup(), in LINUXKM_DRBG_GET_RANDOM_BYTES section, add reseed test sequence if defined(DEBUG_DRBG_RESEEDS).
2025-07-02 16:46:27 -05:00
Daniel Pouzzner 0160af0a0d linuxkm/patches/: update patches to reseed the wolfCrypt DRBG array only on explicit RNDRESEEDCRNG ioctl;
linuxkm/lkcapi_sha_glue.c: add error msg in wc_linuxkm_drbg_generate() if wc_InitRng() fails, and add "libwolfssl: " prefixes in pr_info() messages.
2025-07-02 14:25:05 -05:00
Daniel Pouzzner dc05c4c01b wolfcrypt/src/random.c and wolfssl/wolfcrypt/random.h: refactor DRBG_internal.reseedCtr as a word64 if WORD64_AVAILABLE, to accommodate max reseed count per NIST SP 800-90A Rev. 1;
wolfssl/wolfcrypt/settings.h: if WOLFSSL_LINUXKM && LINUXKM_LKCAPI_REGISTER && WORD64_AVAILABLE, set default WC_RESEED_INTERVAL to max allowed (2^48);

linuxkm/lkcapi_sha_glue.c: handle NO_LINUXKM_DRBG_GET_RANDOM_BYTES, for build-time override control of LINUXKM_DRBG_GET_RANDOM_BYTES, and handle WOLFSSL_LINUXKM_USE_GET_RANDOM_USER_KRETPROBE, for separate opt-in control of the buggy wc_get_random_bytes_user_kretprobe_enter().
2025-07-02 14:25:05 -05:00
Daniel Pouzzner b3944a73c2 linuxkm/lkcapi_sha_glue.c:
* implement interception of _get_random_bytes() and get_random_bytes_user() (implicitly intercepts /dev/random and /dev/urandom):

    * get_crypto_default_rng()
    * get_default_drbg_ctx()
    * wc__get_random_bytes()
    * wc_get_random_bytes_user()
    * wc_extract_crng_user()
    * wc_mix_pool_bytes()
    * wc_crng_reseed()
    * wc_get_random_bytes_by_kprobe()
    * wc_get_random_bytes_user_kretprobe_enter()
    * wc_get_random_bytes_user_kretprobe_exit()

    * add LINUXKM_DRBG_GET_RANDOM_BYTES sections to wc_linuxkm_drbg_startup() and wc_linuxkm_drbg_cleanup()

    * add linuxkm/patches/*/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-*.patch, initially for versions:
      * 5.10.17
      * 5.10.236
      * 5.15
      * 5.17
      * 6.1.73
      * 6.12
      * 6.15

    * remove "*.patch" from .gitignore.

    * add linuxkm/patches/regen-patches.sh.

  * in wc_linuxkm_drbg_ctx_clear(), check lock count before freeing.

  * in get_drbg() and put_drbg(), use migrate_disable(), not DISABLE_VECTOR_REGISTERS().

  * in wc_linuxkm_drbg_generate(), explicitly DISABLE_VECTOR_REGISTERS() for the crypto_default_rng.

  * in wc_linuxkm_drbg_generate(), add DRBG reinitialization code to handle RNG_FAILURE_E.  This handles the situation where a DRBG was instantiated in a vector-ops-allowed context, caching a vectorized SHA256 ethod, but later used in a no-vector-ops-allowed context.

  * in wc_linuxkm_drbg_seed(), add DISABLE_VECTOR_REGISTERS() wrapper around wc_RNG_DRBG_Reseed() for crypto_default_rng.

linuxkm/x86_vector_register_glue.c:

  * add crash recovery logic to wc_linuxkm_fpu_state_assoc_unlikely()

  * in wc_linuxkm_fpu_state_assoc(), when wc_linuxkm_fpu_states is null, don't call wc_linuxkm_fpu_state_assoc_unlikely() if !assume_fpu_began.

  * in can_save_vector_registers_x86(), save_vector_registers_x86(), and restore_vector_registers_x86(), check for hard interrupt context first, to return early failure if current->pid is unusable.

  * in save_vector_registers_x86(), tweak logic around WC_FPU_INHIBITED_FLAG, adding local_bh_disable()...local_bh_enable() to provide for safe recursion.

wolfcrypt/src/random.c: optimization: in Hash_df(), for WOLFSSL_LINUXKM, don't put digest[WC_SHA256_DIGEST_SIZE] in the heap, keep it on the stack.

wolfssl/wolfcrypt/types.h: add WOLFSSL_NO_ASM no-op definitions for DISABLE_VECTOR_REGISTERS() and REENABLE_VECTOR_REGISTERS().

configure.ac:

* move --enable-linuxkm and --enable-linuxkm-defaults initial detection early, so that HMAC_COPY_DEFAULT picks it up.

* add ENABLED_ENTROPY_MEMUSE_DEFAULT, and enable it by default when ENABLED_LINUXKM_DEFAULTS.

* update linuxkm-lkcapi-register help message.

linuxkm/linuxkm_wc_port.h:

* add my_kallsyms_lookup_name().

* add preempt_count, _raw_spin_lock_irqsave, _raw_spin_trylock, _raw_spin_unlock_irqrestore, and _cond_resched, to wolfssl_linuxkm_pie_redirect_table, and add spin_unlock_irqrestore() macro to mask native inline.

* move linuxkm mutex wrappers from wolfcrypt/src/wc_port.c to linuxkm_wc_port.h, make them inlines, and add new default spinlock-based implementation, with old method now gated on WOLFSSL_LINUXKM_USE_MUTEXES.

* change malloc() and realloc() wrappers from GFP_KERNEL to GFP_ATOMIC.

linuxkm/lkcapi_glue.c: make misc.h/misc.c inclusion unconditional, and trim now-redundant inclusions out of lkcapi_dh_glue.c and lkcapi_ecdh_glue.c.
2025-07-02 14:25:05 -05:00
Daniel Pouzzner b25d484a4e linuxkm/lkcapi_sha_glue.c: implement mutex-free sync mechanism for wc_linuxkm_drbg_ctx in new get_drbg(), get_drbg_n(), and put_drbg();
linuxkm/x86_vector_register_glue.c: implement support for WC_FPU_INHIBITED_FLAG, and an `int inhibit_p` argument to save_vector_registers_x86();

wolfcrypt/src/random.c: implement linuxkm support for RDSEED and HAVE_ENTROPY_MEMUSE;

wolfssl/wolfcrypt/error-crypt.h and wolfcrypt/src/error.c: add WC_ACCEL_INHIBIT_E "Crypto acceleration is currently inhibited";

linuxkm/module_hooks.c and linuxkm/x86_vector_register_glue.c: remove broken and bit-rotten WOLFSSL_COMMERCIAL_LICENSE and LINUXKM_FPU_STATES_FOLLOW_THREADS code paths.
2025-07-02 14:25:05 -05:00
Daniel Pouzzner 3e5e470005 Merge pull request #8876 from philljj/small_drbg_cleanup
linuxkm drbg: refactor drbg_ctx clear.
2025-06-16 16:33:57 -05:00
Daniel Pouzzner d5ce9744a4 linuxkm/lkcapi_sha_glue.c: explicitly free hash state in wrappers. 2025-06-15 14:40:42 -05:00
jordan 41965750c8 linuxkm drbg: refactor drbg_ctx clear. 2025-06-12 19:59:19 -05:00
Daniel Pouzzner ae15693fa8 linuxkm/lkcapi_sha_glue.c: in wc_linuxkm_drbg_generate() and wc_linuxkm_drbg_seed(), check retval from wc_LockMutex().
wolfcrypt/src/random.c: in Hash_DRBG_Generate(), restore smallstack path for digest[], but use non-smallstack path for WOLFSSL_LINUXKM.
2025-06-07 07:07:20 +04:00
Daniel Pouzzner dbc34352c7 linuxkm/lkcapi_sha_glue.c: in wc_linuxkm_drbg_seed(), prefix the supplied seed with the CPU ID of each DRBG, to avoid duplicate states;
wolfcrypt/src/random.c: in Hash_DRBG_Generate(), always put digest[] on the stack even in WOLFSSL_SMALL_STACK configuration (it's only 32 bytes);

configure.ac: default smallstackcache on when linuxkm-defaults.
2025-06-05 16:31:46 +04:00
Daniel Pouzzner 29cf3eb84e linuxkm/lkcapi_sha_glue.c: refactor DRBG wrapper to instantiate one DRBG per core, to relieve contention. 2025-06-05 09:18:18 +04:00
Daniel Pouzzner b9b66042d7 wolfssl/wolfcrypt/dh.h: gate in wc_DhGeneratePublic() with WOLFSSL_DH_EXTRA,
adding WOLFSSL_NO_DH_GEN_PUB in the unlikely event it needs to be disabled;

configure.ac: in --enable-linuxkm-lkcapi-register section, remove special-case
  handling for -DWOLFSSL_DH_GEN_PUB, and add support for
  --enable-linuxkm-lkcapi-register=all-kconfig, which disables registration of
  any algs that are disabled in the target kernel, and #errors if any algs or
  registrations are disabled or incompatible in libwolfssl but enabled in the
  target kernel (note, it does not #error for algorithms we don't currently
  shim/implement);

linuxkm/lkcapi_glue.c: change default WOLFSSL_LINUXKM_LKCAPI_PRIORITY from 10000
  to INT_MAX to make masking impossible;

linuxkm/lkcapi*glue.c: move all remaining algorithm-specific gate setup into the
  respective algorithm family files, and in each family file, add
  LINUXKM_LKCAPI_REGISTER_ALL_KCONFIG logic to activate shims only if the
  corresponding algorithm is activated in the target kernel.

linuxkm/lkcapi_sha_glue.c: fix -Wunuseds in
  wc_linuxkm_drbg_default_instance_registered() and wc_linuxkm_drbg_cleanup()
  when !LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT.
2025-05-05 13:17:06 -05:00
Daniel Pouzzner 5633a2fa76 linuxkm: in configure.ac, fix feature dependency test for --enable-linuxkm-lkcapi-register=stdrng*, and in linuxkm/lkcapi_sha_glue.c, fix PRNG quality test in wc_linuxkm_drbg_startup(). 2025-05-01 13:07:23 -05:00
Daniel Pouzzner 1b59bc25d1 linuxkm:
in lkcapi_sha_glue.c:

    in linuxkm_hmac_setkey_common(), ignore keylength even in FIPS modules (use
    wc_HmacSetKey_ex(..., 1)) on kernel < 6.0 to work around crypto manager bug;

    in wc_linuxkm_drbg_startup(), add rng workout routine using handle from
    crypto_alloc_rng();

  in lkcapi_*_glue.c: fix test routines to return valid wolfCrypt error codes
  consistently;

  in module_hooks.c, implement
    * linuxkm_lkcapi_sysfs_install_node(),
    * linuxkm_lkcapi_sysfs_deinstall_node(),
    * FIPS_rerun_self_test_handler()
  and add corresponding setup/teardown in wolfssl_init() and wolfssl_exit();

  in lkcapi_glue.c:

    refactor linuxkm_lkcapi_sysfs_install and linuxkm_lkcapi_sysfs_deinstall to
    use the new helpers;

    harden the REGISTER_ALG() and UNREGISTER_ALG() macros and the
    linuxkm_lkcapi_register() and linuxkm_lkcapi_unregister() functions, and add
    informational messages about number of algs registered/deregistered;

  in x86_vector_register_glue.c: fix gate for irq_fpu_usable() workaround to
  reflect backporting of fix in >=5.10.180 in 5.10-LTS and >=5.15.39 in 5.15-LTS
  linuxkm/lkcapi_glue.c: move WOLFSSL_DEBUG_TRACE_ERROR_CODES coverage for
  EINVAL/ENOMEM/EBADMSG to module_hooks.c.
2025-05-01 00:08:32 -05:00
Daniel Pouzzner 273b7fc0da linuxkm: support DRBG in LKCAPI shim set:
* Implement --enable-linuxkm-lkcapi-register=stdrng and =stdrng-default,
  LINUXKM_LKCAPI_REGISTER_HASH_DRBG, and
  LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT.  With "_DEFAULT", the DRBG is
  installed as the systemwide default stdrng, necessitating
  deregister-on-command, described below.  Note that get_random_bytes() and the
  associated /dev/random and /dev/urandom do not use the default stdrng, and
  their back end cannot currently be replaced by a module.

* Add control nodes /sys/module/libwolfssl/install_algs and
  /sys/module/libwolfssl/deinstall_algs.

* Add configure option --enable-linuxkm-lkcapi-register=sysfs-nodes-only, and
  macro LINUXKM_LKCAPI_REGISTER_ONLY_ON_COMMAND, to inhibit registration at
  module load time.

In configure.ac ENABLED_LINUXKM_LKCAPI_REGISTER setup, don't define
  WOLFSSL_DH_GEN_PUB in old FIPS, but do define it for =all.
2025-04-29 00:42:15 -05:00
Daniel Pouzzner fe244fb41b linuxkm: clean up LKCAPI glue:
typography fixes;

static attr on const byte arrays;

refactor km_ecdsa_verify() to use a single heap allocation;

fix linuxkm_test_ecdsa_nist_driver() to copy sig and hash to a heap allocation before passing to sg_set_buf() (avoids unmapping of rodata);

in linuxkm_test_pkcs1_driver() move hash from stack to heap;

add LINUX_VERSION_CODE >= 5.4 assertion in linuxkm/lkcapi_glue.c;

streamline macro logic in linuxkm/lkcapi_sha_glue.c.
2025-04-18 18:21:57 -05:00
Daniel Pouzzner 0430d25cfb linuxkm shims for all SHA and SHA-HMAC flavors. 2025-04-18 11:57:29 -05:00
Daniel Pouzzner f7407e4065 20250411-linuxkm-SHA checkpoint 2025-04-18 11:57:29 -05:00