* add wc_linuxkm_drbg_ctx.n_rngs, and in wc_linuxkm_drbg_init_tfm(), set it to max(4, nr_cpu_ids), to avoid stalling on unicore targets;
* add explanatory comments re architecture to get_drbg() and get_drbg_n();
* add opportunistic cond_sched() to get_drbg_n();
* add runtime asserts in get_drbg(), wc_linuxkm_drbg_seed(), and get_default_drbg_ctx(), checking that we have the right tfm with an allocated DRBG array;
* wc_linuxkm_drbg_startup(): return failure if registering the random_bytes handlers fails;
linuxkm/patches/6.1.73/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-6v1v73.patch: fix flub.
linuxkm/lkcapi_sha_glue.c:
* in wc_linuxkm_drbg_init_tfm(), sleep if it's safe, and observe a wc_linuxkm_drbg_init_tfm_disable_vector_registers flag;
* in wc_crng_reseed(), preemptively execute the reseed if it's safe to sleep;
* in wc_linuxkm_drbg_startup(), in LINUXKM_DRBG_GET_RANDOM_BYTES section, add reseed test sequence if defined(DEBUG_DRBG_RESEEDS).
wolfssl/wolfcrypt/settings.h: if WOLFSSL_LINUXKM && LINUXKM_LKCAPI_REGISTER && WORD64_AVAILABLE, set default WC_RESEED_INTERVAL to max allowed (2^48);
linuxkm/lkcapi_sha_glue.c: handle NO_LINUXKM_DRBG_GET_RANDOM_BYTES, for build-time override control of LINUXKM_DRBG_GET_RANDOM_BYTES, and handle WOLFSSL_LINUXKM_USE_GET_RANDOM_USER_KRETPROBE, for separate opt-in control of the buggy wc_get_random_bytes_user_kretprobe_enter().
* implement interception of _get_random_bytes() and get_random_bytes_user() (implicitly intercepts /dev/random and /dev/urandom):
* get_crypto_default_rng()
* get_default_drbg_ctx()
* wc__get_random_bytes()
* wc_get_random_bytes_user()
* wc_extract_crng_user()
* wc_mix_pool_bytes()
* wc_crng_reseed()
* wc_get_random_bytes_by_kprobe()
* wc_get_random_bytes_user_kretprobe_enter()
* wc_get_random_bytes_user_kretprobe_exit()
* add LINUXKM_DRBG_GET_RANDOM_BYTES sections to wc_linuxkm_drbg_startup() and wc_linuxkm_drbg_cleanup()
* add linuxkm/patches/*/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-*.patch, initially for versions:
* 5.10.17
* 5.10.236
* 5.15
* 5.17
* 6.1.73
* 6.12
* 6.15
* remove "*.patch" from .gitignore.
* add linuxkm/patches/regen-patches.sh.
* in wc_linuxkm_drbg_ctx_clear(), check lock count before freeing.
* in get_drbg() and put_drbg(), use migrate_disable(), not DISABLE_VECTOR_REGISTERS().
* in wc_linuxkm_drbg_generate(), explicitly DISABLE_VECTOR_REGISTERS() for the crypto_default_rng.
* in wc_linuxkm_drbg_generate(), add DRBG reinitialization code to handle RNG_FAILURE_E. This handles the situation where a DRBG was instantiated in a vector-ops-allowed context, caching a vectorized SHA256 ethod, but later used in a no-vector-ops-allowed context.
* in wc_linuxkm_drbg_seed(), add DISABLE_VECTOR_REGISTERS() wrapper around wc_RNG_DRBG_Reseed() for crypto_default_rng.
linuxkm/x86_vector_register_glue.c:
* add crash recovery logic to wc_linuxkm_fpu_state_assoc_unlikely()
* in wc_linuxkm_fpu_state_assoc(), when wc_linuxkm_fpu_states is null, don't call wc_linuxkm_fpu_state_assoc_unlikely() if !assume_fpu_began.
* in can_save_vector_registers_x86(), save_vector_registers_x86(), and restore_vector_registers_x86(), check for hard interrupt context first, to return early failure if current->pid is unusable.
* in save_vector_registers_x86(), tweak logic around WC_FPU_INHIBITED_FLAG, adding local_bh_disable()...local_bh_enable() to provide for safe recursion.
wolfcrypt/src/random.c: optimization: in Hash_df(), for WOLFSSL_LINUXKM, don't put digest[WC_SHA256_DIGEST_SIZE] in the heap, keep it on the stack.
wolfssl/wolfcrypt/types.h: add WOLFSSL_NO_ASM no-op definitions for DISABLE_VECTOR_REGISTERS() and REENABLE_VECTOR_REGISTERS().
configure.ac:
* move --enable-linuxkm and --enable-linuxkm-defaults initial detection early, so that HMAC_COPY_DEFAULT picks it up.
* add ENABLED_ENTROPY_MEMUSE_DEFAULT, and enable it by default when ENABLED_LINUXKM_DEFAULTS.
* update linuxkm-lkcapi-register help message.
linuxkm/linuxkm_wc_port.h:
* add my_kallsyms_lookup_name().
* add preempt_count, _raw_spin_lock_irqsave, _raw_spin_trylock, _raw_spin_unlock_irqrestore, and _cond_resched, to wolfssl_linuxkm_pie_redirect_table, and add spin_unlock_irqrestore() macro to mask native inline.
* move linuxkm mutex wrappers from wolfcrypt/src/wc_port.c to linuxkm_wc_port.h, make them inlines, and add new default spinlock-based implementation, with old method now gated on WOLFSSL_LINUXKM_USE_MUTEXES.
* change malloc() and realloc() wrappers from GFP_KERNEL to GFP_ATOMIC.
linuxkm/lkcapi_glue.c: make misc.h/misc.c inclusion unconditional, and trim now-redundant inclusions out of lkcapi_dh_glue.c and lkcapi_ecdh_glue.c.
linuxkm/x86_vector_register_glue.c: implement support for WC_FPU_INHIBITED_FLAG, and an `int inhibit_p` argument to save_vector_registers_x86();
wolfcrypt/src/random.c: implement linuxkm support for RDSEED and HAVE_ENTROPY_MEMUSE;
wolfssl/wolfcrypt/error-crypt.h and wolfcrypt/src/error.c: add WC_ACCEL_INHIBIT_E "Crypto acceleration is currently inhibited";
linuxkm/module_hooks.c and linuxkm/x86_vector_register_glue.c: remove broken and bit-rotten WOLFSSL_COMMERCIAL_LICENSE and LINUXKM_FPU_STATES_FOLLOW_THREADS code paths.
wolfcrypt/src/random.c: in Hash_DRBG_Generate(), always put digest[] on the stack even in WOLFSSL_SMALL_STACK configuration (it's only 32 bytes);
configure.ac: default smallstackcache on when linuxkm-defaults.
adding WOLFSSL_NO_DH_GEN_PUB in the unlikely event it needs to be disabled;
configure.ac: in --enable-linuxkm-lkcapi-register section, remove special-case
handling for -DWOLFSSL_DH_GEN_PUB, and add support for
--enable-linuxkm-lkcapi-register=all-kconfig, which disables registration of
any algs that are disabled in the target kernel, and #errors if any algs or
registrations are disabled or incompatible in libwolfssl but enabled in the
target kernel (note, it does not #error for algorithms we don't currently
shim/implement);
linuxkm/lkcapi_glue.c: change default WOLFSSL_LINUXKM_LKCAPI_PRIORITY from 10000
to INT_MAX to make masking impossible;
linuxkm/lkcapi*glue.c: move all remaining algorithm-specific gate setup into the
respective algorithm family files, and in each family file, add
LINUXKM_LKCAPI_REGISTER_ALL_KCONFIG logic to activate shims only if the
corresponding algorithm is activated in the target kernel.
linuxkm/lkcapi_sha_glue.c: fix -Wunuseds in
wc_linuxkm_drbg_default_instance_registered() and wc_linuxkm_drbg_cleanup()
when !LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT.
in lkcapi_sha_glue.c:
in linuxkm_hmac_setkey_common(), ignore keylength even in FIPS modules (use
wc_HmacSetKey_ex(..., 1)) on kernel < 6.0 to work around crypto manager bug;
in wc_linuxkm_drbg_startup(), add rng workout routine using handle from
crypto_alloc_rng();
in lkcapi_*_glue.c: fix test routines to return valid wolfCrypt error codes
consistently;
in module_hooks.c, implement
* linuxkm_lkcapi_sysfs_install_node(),
* linuxkm_lkcapi_sysfs_deinstall_node(),
* FIPS_rerun_self_test_handler()
and add corresponding setup/teardown in wolfssl_init() and wolfssl_exit();
in lkcapi_glue.c:
refactor linuxkm_lkcapi_sysfs_install and linuxkm_lkcapi_sysfs_deinstall to
use the new helpers;
harden the REGISTER_ALG() and UNREGISTER_ALG() macros and the
linuxkm_lkcapi_register() and linuxkm_lkcapi_unregister() functions, and add
informational messages about number of algs registered/deregistered;
in x86_vector_register_glue.c: fix gate for irq_fpu_usable() workaround to
reflect backporting of fix in >=5.10.180 in 5.10-LTS and >=5.15.39 in 5.15-LTS
linuxkm/lkcapi_glue.c: move WOLFSSL_DEBUG_TRACE_ERROR_CODES coverage for
EINVAL/ENOMEM/EBADMSG to module_hooks.c.
* Implement --enable-linuxkm-lkcapi-register=stdrng and =stdrng-default,
LINUXKM_LKCAPI_REGISTER_HASH_DRBG, and
LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT. With "_DEFAULT", the DRBG is
installed as the systemwide default stdrng, necessitating
deregister-on-command, described below. Note that get_random_bytes() and the
associated /dev/random and /dev/urandom do not use the default stdrng, and
their back end cannot currently be replaced by a module.
* Add control nodes /sys/module/libwolfssl/install_algs and
/sys/module/libwolfssl/deinstall_algs.
* Add configure option --enable-linuxkm-lkcapi-register=sysfs-nodes-only, and
macro LINUXKM_LKCAPI_REGISTER_ONLY_ON_COMMAND, to inhibit registration at
module load time.
In configure.ac ENABLED_LINUXKM_LKCAPI_REGISTER setup, don't define
WOLFSSL_DH_GEN_PUB in old FIPS, but do define it for =all.
