Commit Graph

436 Commits

Author SHA1 Message Date
Daniel Pouzzner c9cc79f9ae cleanup inspired by false positive F-675: AES-CTR and AES-OFB Modes Bypass WC_C_DYNAMIC_FALLBACK Selection Logic 2026-06-10 17:28:05 -05:00
Daniel Pouzzner da1b7fe236 fixes for F-674: Non-Constant-Time memcmp in RSA PKCS#1 v1.5 Signature Verification 2026-06-10 17:28:05 -05:00
Daniel Pouzzner ad98438baa fixes for
F-5335: ECDH overflow paths do not report the required output length
F-5336: RSA PKCS#1 overflow paths do not report the required output length
2026-06-10 17:28:05 -05:00
Daniel Pouzzner 67c1d65ef7 fixes for
F-2554 Missing wc_ecc_free Before free in km_ecdh_init When wc_ecc_set_rng Fails
F-2555 Missing wc_FreeDhKey Before free in km_ffdhe_init When wc_DhSetNamedKey Fails
2026-06-10 17:28:05 -05:00
Daniel Pouzzner 05fc258ca2 fix F-1423: AES-XTS Encrypt/Decrypt Missing skcipher_walk Cleanup on 6 Early-Return Error Paths 2026-06-10 17:28:05 -05:00
Daniel Pouzzner 19a9670aaa fix F-1234: IS_ERR Used on NULL-Returning Kernel Crypto Request Allocation Functions. 2026-06-10 17:28:05 -05:00
Daniel Pouzzner a7b0b3ebc2 linuxkm/module_hooks.c: tweak wc_linuxkm_malloc_usable_size() and my_kallsyms_lookup_name(), moving wc_linuxkm_can_block() to where it's really needed in my_kallsyms_lookup_name(). 2026-06-04 14:18:34 -05:00
philljj 1f0f29cf30 Merge pull request #10590 from douzzer/20260603-linuxkm-fixes
20260603-linuxkm-fixes
2026-06-04 11:14:35 -05:00
Daniel Pouzzner 396e83a48b linuxkm/linuxkm_wc_port.h:
* add WOLFSSL_API attribute to wc_linuxkm_sig_ignore_begin(), wc_linuxkm_sig_ignore_end(), wc_linuxkm_check_for_intr_signals(), and wc_linuxkm_relax_long_loop().
* fix WC_CONTAINERIZE_THIS macro wrappers for wc_linuxkm_sig_ignore_begin() and wc_linuxkm_sig_ignore_end() (stray semicolons).

linuxkm/linuxkm_wc_port.h, linuxkm/lkcapi_sha_glue.c, linuxkm/module_hooks.c: add wc_linuxkm_can_block(), and refactor ad hoc `preempt_count() != 0` checks for sleep safety as calls to wc_linuxkm_can_block().

linuxkm/module_hooks.c: fix wc_linuxkm_malloc_usable_size() implementation for kvmalloc() compatibility.
2026-06-03 18:18:31 -05:00
Daniel Pouzzner df9f3e4cf9 Merge pull request #10377 from jackctj117/DTLS13-Kernel
docs(linuxkm): document DTLS 1.3 configure flags
2026-06-03 17:58:25 -05:00
Daniel Pouzzner 3a4c2cded0 activate ECCSI and SAKKE in linuxkm:
wolfssl/wolfcrypt/settings.h: add WC_NO_GLOBAL_OBJECT_POINTERS implicitly in WC_SYM_RELOC_TABLES section of WOLFSSL_LINUXKM setup.

wolfssl/wolfcrypt/wolfmath.h, wolfcrypt/src/wolfmath.c, wolfcrypt/src/sp_int.c, wolfcrypt/src/sakke.c: when WC_NO_GLOBAL_OBJECT_POINTERS, use static local wc_off_on_addr rather than global in wolfmath.c.

wolfcrypt/src/sakke.c:
* in wc_DeriveSakkeSSV(), initialize a[] with explicit XMEMSET() rather than " = {0}", to avoid unmaskable implicit memset() emitted by compiler.
* remove all vector register provisions (SAVE_VECTOR_REGISTERS(), RESTORE_VECTOR_REGISTERS(), ASSERT_SAVED_VECTOR_REGISTERS()).

linuxkm/module_exports.c.template: add includes for eccsi.h and sakke.h.

configure.ac:

* tweak enable-all-crypto setup to make enable_eccsi unconditional alongside enable_fpecc;

* move enable_sakke to be conditional only on !FIPS.

* notably this activates ECCSI and SAKKE on kernel all-crypto builds.

wolfcrypt/test/test.c: WC_*_VAR*() refactors for eccsi_test() and sakke_test().
2026-05-30 15:11:36 -05:00
Daniel Pouzzner 3121c55e4e linuxkm on x86: global refactor across PK implementations of sp-asm vector register preservation, including removal of all residual can't-fail vector paths in PK algs.
wolfcrypt/src/sp_x86_64.c:

* fix ASSERT_SAVED_VECTOR_REGISTERS() in C wrappers: add where missing for implementations that use AVX2, and remove frivolous checks for ones that don't.

* refactor vector save-restore with a single locally tracked save in sp_RsaPublic_#(), sp_RsaPrivate_#(), sp_ecc_mulmod_add_#(), sp_ecc_mulmod_base_add_#(), sp_ecc_make_key_#(), and sp_#_calc_s_#().

* fix feature test in sp_ModExp_Fp_star_1024(), sp_Pairing_1024(), and sp_Pairing_gen_precomp_1024(), to properly gate on IS_INTEL_AVX2(cpuid_flags) and SAVE_VECTOR_REGISTERS2() == 0.

wolfcrypt/src/{dh.c,dsa.c,ecc.c,eccsi.c,rsa.c,sp_int.c}:

* remove all vector register provisions (SAVE_VECTOR_REGISTERS(), RESTORE_VECTOR_REGISTERS(), ASSERT_SAVED_VECTOR_REGISTERS());

* add explicit WC_CHECK_FOR_INTR_SIGNALS() and WC_RELAX_LONG_LOOP() to the lengthy loops in wc_DhGenerateParams(), wc_MakeDsaParameters(), ecc_sign_hash_sw(), and wc_MakeRsaKey().

wolfssl/wolfcrypt/{error-crypt.h,logging.h,memory.h}:

* make wc_backtrace_render() and wc_backtrace_set_fp() available whenever defined(WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES);

* add support for DEBUG_VECTOR_REGISTERS_BACKTRACE_ON_FAIL, activating backtraces on vector register errors.

* also improve the debugging format from the DEBUG_VECTOR_REGISTER_ACCESS variants of SAVE_VECTOR_REGISTERS() and friends.

linuxkm/lkcapi_{dh,ecdh,ecdsa,rsa}_glue.c: harmonize PK driver names with AES, SHA, and DRBG, notably adding AVX2 annotation when enabled.

wolfcrypt/src/{sp_x86_64_asm.S,sp_x86_64_asm.asm}: synchronize with wolfssl/scripts#581 (removes SSE2 implementations of sp_#_get_from_table_#(), which no longer have users).
2026-05-30 15:11:15 -05:00
Sean Parkinson eaadfb12ed Merge pull request #10508 from JacobBarthelmeh/static_analysis_3
devcrypto fixes, forcezero on memory after use, RX64 GetHash port fix, blake2 stor64 alignment
2026-05-28 09:24:56 +10:00
Daniel Pouzzner 7164d75cb7 linuxkm: add WC_LINUXKM_USE_HEAP_WRAPPERS and implementations wc_linuxkm_malloc(), wc_linuxkm_free(), wc_linuxkm_realloc(), and wc_linuxkm_malloc_usable_size(), to insulate from API drift in kernel heap (required on 7.2+, implicit on 7.1+). 2026-05-21 17:21:12 +00:00
JacobBarthelmeh 3c8bdaafc3 use ENOMEM return instead of MEMORY_E 2026-05-20 01:33:52 -07:00
Daniel Pouzzner fcf23dcd04 Merge pull request #10357 from sameehj/km-fixes
Km fixes
2026-05-07 14:54:48 -05:00
Daniel Pouzzner d93a5ee194 linuxkm/linuxkm-fips-hash-wrapper.sh: fix whitespace. 2026-05-05 11:02:13 -05:00
Daniel Pouzzner 610b109241 fixes for fips#379 and related:
linuxkm/Makefile, linuxkm/linuxkm-fips-hash-wrapper.sh, linuxkm/linuxkm_memory.c: refactor coreKey extraction to use ELF tools rather than WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE and user_settings.h.

linuxkm/module_hooks.c: add stack measurement for wc_RunAllCast_fips().

tests/api/test_slhdsa.c: frivolous initialization to work around a false positive -Wmaybe-uninitialized in slhdsa_der_roundtrip_one().

wolfcrypt/src/wc_slhdsa.c,  wolfssl/wolfcrypt/wc_slhdsa.h:
* refactor lifecycle management for SHA-2 objects to fix a leak via wc_SlhDsaKey_CheckKey().
* add support for WC_SLHDSA_NO_ASM.
* add WOLFSSL_SLHDSA_VERIFY_ONLY gates around prototypes, to get compile-time failures for misuse.

wolfcrypt/test/test.c:
* clean up myFipsCb() and restore usability of TEST_ALWAYS_RUN_TO_END with bad FIPS hash (useful test coverage).
* add wc_RunAllCast_fips() to wolfcrypt_test().
* when WOLFSSL_KERNEL_MODE or BENCH_EMBEDDED, force on WOLFSSL_SLHDSA_VERIFY_ONLY unless WOLFSSL_SLHDSA_FORCE_FULL_TESTS is defined.

wolfssl/wolfcrypt/settings.h:
* add WC_MLKEM_NO_ASM to WOLFSSL_LINUXKM section to work around asm bug.
* remove clause in WOLFSSL_KERNEL_MODE section that forced on WOLFSSL_SLHDSA_VERIFY_ONLY.
2026-05-05 11:02:13 -05:00
jackctj117 0870e86d82 docs(linuxkm): document DTLS 1.3 configure flags 2026-05-01 13:01:23 -06:00
lealem47 d00a137de0 Merge pull request #10344 from douzzer/20260416-linuxkm-fips-rodata-canonify
20260416-linuxkm-fips-rodata-canonify
2026-04-30 10:19:43 -06:00
Daniel Pouzzner a057975347 Merge pull request #10293 from Frauschi/liboqs_removal
Remove liboqs for ML-KEM and ML-DSA, update for Falcon
2026-04-30 09:04:11 -05:00
Tobias Frauenschläger 7a2cf5b655 Remove liboqs for ML-KEM and ML-DSA, update for Falcon 2026-04-30 11:03:06 +02:00
Sameeh Jubran 75dc3e13fd linuxkm/x86_vector_register_glue.c: fix struct pid refcount leak from find_get_pid() in wc_linuxkm_fpu_state_assoc_unlikely().
find_get_pid() returns a struct pid * with the refcount bumped via
get_pid(); callers must release it with put_pid().  The probe here is
purely a liveness check on the slot's previous owner, and the returned
pointer was discarded -- leaking one struct pid reference every time
the unlikely contested-slot path was hit with a still-live owner.

Capture the pointer and put_pid() it on the live-owner branch;
behavior on the orphaned-slot branch is unchanged.

Signed-off-by: Sameeh Jubran <sameeh@wolfssl.com>
2026-04-30 10:57:34 +03:00
Sameeh Jubran 2f660a3f7b linuxkm/linuxkm_wc_port.h: in my_memmove(), early-return when n == 0 to avoid size_t underflow
The backward-copy branches compute (n - 1) as size_t, which wraps to SIZE_MAX for n == 0 and, with src below dest, drives the loop backward through kernel memory until it oopses; matches glibc / musl / kernel memmove().

Signed-off-by: Sameeh Jubran <sameeh@wolfssl.com>
2026-04-30 10:57:27 +03:00
Daniel Pouzzner 5dbf2e7382 linuxkm/linuxkm_memory.c: in wc_fips_generate_hash(), fix handling of failed hmac_update() in text segment loop;
linuxkm/module_hooks.c: in wolfssl_init() DEBUG_LINUXKM_PIE_SUPPORT section, render stabilized_rodata_hash;

in my_kallsyms_lookup_name(), gate kprobe failure messages behind WOLFSSL_LINUXKM_VERBOSE_DEBUG.
2026-04-29 17:35:11 -05:00
Tobias Frauenschläger e1fefcca4f Remove deprecated liblms and libxmss 2026-04-29 19:52:09 +02:00
Daniel Pouzzner 1d21858be1 linuxkm/module_hooks.c: in wolfssl_init() DEBUG_LINUXKM_PIE_SUPPORT hash_span() loops, reset cur_reloc_index before each loop (Fenrir review). 2026-04-28 18:12:25 -05:00
Daniel Pouzzner 559b207506 linuxkm/lkcapi_*.c and linuxkm/module_hooks.c: add missing linefeed characters in format args to pr_*(), for proper line flushing. 2026-04-28 17:38:22 -05:00
Daniel Pouzzner 29c5b02046 linuxkm/: finish support for stabilization of .rodata_wolfcrypt segment in WC_SYM_RELOC_TABLES (FIPS) kernel module builds:
linuxkm/Makefile: update the GENERATE_RELOC_TAB recipe to generate both wc_linuxkm_pie_text_reloc_tab[] and wc_linuxkm_pie_rodata_reloc_tab.

linuxkm/linuxkm-fips-hash-wrapper.sh: add handling for wc_linuxkm_pie_rodata_reloc_tab.

linuxkm/linuxkm-fips-hash.c: add handling for rodata_reloc_tab.*.

linuxkm/linuxkm_memory.c:
* refactor find_reloc_tab_offset() to be segment-agnostic and tolerate empty reloc tabs.
* refactor wc_reloc_normalize_segment():
  * to be segment-agnostic,
  * identify the src segment dynamically,
  * return BAD_FUNC_ARG where previously returning literal -1,
  * use seg_in_out_len arg to accommodate size skew between input and output (not currently used), and
  * rename working vars for better mnemonicitude.
* update wc_fips_generate_hash() to
  * handle seg_map->rodata_reloc_tab,
  * use new calling convention for wc_reloc_normalize_segment(), and
  * add wc_reloc_normalize_segment() loop for .rodata_wolfcrypt.

linuxkm/linuxkm_memory.h and linuxkm/linuxkm_wc_port.h: rename WOLFSSL_TEXT_SEGMENT_CANONICALIZER* to WOLFSSL_SEGMENT_CANONICALIZER*, with backward-compat provisions.

linuxkm/module_hooks.c:
* add wc_linuxkm_normalize_relocations_noresize() backward-compat wrapper.
* wolfssl_init(): add .rodata_wolfcrypt relocation handling alongside existing .text_wolfcrypt handling, and update for new wc_reloc_normalize_segment() calling convention.
* add seg_map.rodata_reloc_tab initialization.
* update wc_linuxkm_normalize_relocations() to be segment-agnostic and use new wc_reloc_normalize_segment() calling convention.
2026-04-28 12:58:32 -05:00
Daniel Pouzzner 8b98f7f8ea linuxkm/: refactor wc_reloc_table_segments.reloc_tab_* as wc_reloc_table_segments.text_reloc_tab.* (using the new struct wc_reloc_table_fenceposts and WC_RELOC_TABLE_FENCEPOSTS_INITIALIZER), and add wc_reloc_table_segments.rodata_reloc_tab (allocated but not yet implemented). 2026-04-28 12:58:32 -05:00
Daniel Pouzzner 00b65a9e00 linuxkm/Kbuild: define NO_PIE_FLAG to 1, not empty, to satisfy gnu make criteria for ifdef. 2026-04-28 12:58:31 -05:00
Daniel Pouzzner b79221acd3 wolfcrypt/test/test.c: in random_bank_test(), accommodate WOLFSSL_DRBG_SHA512 in the WC_RNG_BANK_FLAG_NO_VECTOR_OPS test;
linuxkm/lkcapi_sha_glue.c: in wc_mix_pool_bytes(), accommodate WOLFSSL_DRBG_SHA512.
2026-04-25 11:47:25 -05:00
Daniel Pouzzner 6c9e0ea5a7 linuxkm/lkcapi_ecdsa_glue.c: in km_ecdsa_verify(), add checks on hash_len following pattern of #10131, before calling wc_ecc_verify_hash(), for defense-in-depth. 2026-04-25 11:47:24 -05:00
Daniel Pouzzner 8c3d471ce1 linuxkm/module_hooks.c: in wolfssl_init() FIPS_OPTEST_FULL_RUN_AT_MODULE_INIT code path (currently unused), add missing declaration for i. 2026-04-20 10:19:33 -05:00
Daniel Pouzzner fc4ce8b256 linuxkm: implement LKCAPI shims for wolfCrypt-native AES-CCM.
also, minor fixes:

linuxkm/lkcapi_aes_glue.c: in linuxkm_test_aescfb(), call the appropriate aes_cfb_test(), not aes_cfb_test().
linuxkm/lkcapi_glue.c: fix bugprone-macro-parentheses in REGISTER_ALG_OPTIONAL().
linuxkm/module_hooks.c: in updateFipsHash(), add suppression for clang-diagnostic-cast-function-type-strict warnings around actually-safe function pointer casts in call to wc_fips_generate_hash().
2026-04-10 22:19:35 -05:00
Daniel Pouzzner 60d1e222b2 globally fix all "BLAKE2" references (implicit BLAKE2B) to explicit "BLAKE2B":
* implement legacy compatibility in settings.h and configure.ac (adds --enable-blake2b while retaining --enable-blake2);
* fix incorrect Blake2 gates in wolfcrypt/src/hash.c wc_HashGetDigestSize() and wc_HashGetBlockSize();
* in wolfcrypt/test/test.c hash_test(), backfill missing Blake2 test coverage and separate blake2b from blake2s in typesHashBad[];
* in tests/api/test_hash.c, separate blake2b from blake2s in notCompiledHash[], sizeSupportedHash[], and sizeNotCompiledHash[].
2026-04-07 13:18:53 -05:00
philljj b5874a6d9e Merge pull request #10132 from douzzer/20260404-default_rng_bank
20260404-default_rng_bank
2026-04-06 22:54:20 -05:00
Daniel Pouzzner 31d0fcef81 wolfcrypt/src/rng_bank.c and wolfssl/wolfcrypt/rng_bank.h: add new wc_rng_bank_default facility:
* wc_rng_bank_default_set()
  * wc_rng_bank_default_checkout()
  * wc_rng_bank_default_checkin()
  * wc_rng_bank_default_clear()

  * Added additional argument error checking to existing APIs, with a new
    rng_inst_matches_bank() helper function.

  * Implemented feature gates WC_RNG_BANK_DEFAULT_SUPPORT and
    WC_RNG_BANK_NO_DEFAULT_SUPPORT.  When WC_RNG_BANK_DEFAULT_SUPPORT, the new
    APIs are available, and a NULL bank passed to APIs implicitly refers to the
    default bank.

wolfcrypt/test/test.c: in random_bank_test() add comprehensive smoke test coverage of new APIs and argument checking.

wolfssl/wolfcrypt/wc_port.h and wolfcrypt/src/wc_port.c:

  * Add wolfSSL_RefInc2(), wolfSSL_RefDec2(), wolfSSL_RefWithMutexInc2(), and
    wolfSSL_RefWithMutexDec2(), returning the atomically determined new count in
    the second arg;

  * Fix type of second arg in the fallback definition of
    wolfSSL_Atomic_Ptr_CompareExchange().

linuxkm/lkcapi_sha_glue.c:

  Refactor the _REGISTER_HASH_DRBG / _REGISTER_HASH_DRBG_DEFAULT facility around
  the new wc_rng_bank_default facility, eliminating post-init use of
  kernel-native crypto_default_rng, crypto_get_default_rng(), and
  crypto_put_default_rng(), and eliminating all use on kernel 7.1+ (where these
  will become unexported kernel-native statics).  With the refactor, the
  LINUXKM_DRBG_GET_RANDOM_BYTES facility uses only direct native wolfCrypt
  objects and calls to fulfill requests.

wolfssl/wolfcrypt/error-crypt.h, wolfcrypt/src/error.c, wolfcrypt/test/test.c, tests/api.c: add WC_SUCCESS = 0 "wolfCrypt generic success".
2026-04-06 14:06:20 -05:00
Daniel Pouzzner abce5be989 wolfcrypt: add additional enforcement of correct digest sizes in signature gen and verify ops:
* add WC_FIPS_186_4, WC_FIPS_186_4_PLUS, WC_FIPS_186_5, and WC_FIPS_186_5_PLUS feature macros.
* add support for WC_HASH_CUSTOM_MIN_DIGEST_SIZE, WC_HASH_CUSTOM_MAX_DIGEST_SIZE, and
  WC_HASH_CUSTOM_MAX_BLOCK_SIZE, for use with custom digest algorithms.
* add SigOidMatchesKeyOid() helper function and WC_MIN_DIGEST_SIZE macro.
* add additional size and OID agreement checks for sig gen and verify ops.
* update ecc_test_vector() with FIPS 186-5 vectors.

Co-authored-by: Tobias Frauenschläger <tobias@wolfssl.com>
2026-04-06 00:53:57 -05:00
Daniel Pouzzner 52d5d0a940 linuxkm/, wolfcrypt/src/dh.c, wolfcrypt/test/test.c, wolfcrypt/test/test.h, wolfssl/wolfcrypt/wc_port.h:
fixes and workarounds for clang-tidy complaints:
  * clang-diagnostic-unknown-warning-option
  * bugprone-sizeof-expression
  * clang-diagnostic-error "address argument to atomic operation must be a pointer to a trivially-copyable type"
  * bugprone-macro-parentheses
  * clang-diagnostic-unused-but-set-variable
  * readability-redundant-declaration
2026-03-26 15:41:47 -05:00
Daniel Pouzzner 1fc7949225 linuxkm/lkcapi_aes_glue.c: don't log wc_AesSetKey failures for invalid keylens, to avoid log noise on expected-failure kernel native crypto self-test. 2026-03-20 14:53:05 -05:00
Daniel Pouzzner b6f481070f Merge pull request #9996 from sameehj/linuxkm-fix
linuxkm/lkcapi_aes_glue.c: fix scatterwalk_map error handling in AesG…
2026-03-19 12:35:32 -05:00
Daniel Pouzzner 7c0d64ade5 linuxkm/lkcapi_sha_glue.c and linuxkm/linuxkm_wc_port.h: add wc_linux_kernel_rng_is_wolfcrypt(), and remove incorrect crypto_put_default_rng() in get_crypto_default_rng(). 2026-03-17 17:44:45 -05:00
Sameeh Jubran e96dc3690f linuxkm/lkcapi_aes_glue.c: fix scatterwalk_map error handling in AesGcmCrypt_1
When scatterwalk_map fails in either the stream or non-stream path, the
code jumped to cleanup without setting err, causing the function to
return 0 (success) despite the failure. This could cause the kernel
crypto layer to treat uninitialized data as valid ciphertext/plaintext.

- Capture the error code (PTR_ERR) into err before goto out
- Fix PTR_ERR arguments that incorrectly used assoc instead of
  in_map/out_map (assoc was NULL or pointed to the wrong mapping)
- Make in_map/out_map NULL assignments unconditional (previously
  gated behind < 6.15, but the cleanup at out: checks these
  pointers on all kernel versions)
- Remove bogus scatterwalk_unmap of a failed walk in the stream
  path on >= 6.15

Signed-off-by: Sameeh Jubran <sameeh@wolfssl.com>
2026-03-17 14:01:50 +02:00
JacobBarthelmeh b97b3da81b use ENOMEM instead of MEMORY_E with aes glue returns f-669 2026-03-13 14:08:03 -06:00
Daniel Pouzzner 23f62bceb5 linuxkm/module_exports.c.template: add wolfssl/wolfcrypt/wc_slhdsa.h.
wolfcrypt/src/wc_slhdsa.c:

  * refactor SAVE_VECTOR_REGISTERS2() in slhdsakey_fors_sign() as
    CAN_SAVE_VECTOR_REGISTERS(), with local save-restore wrappers around the
    rest of the vector calls deeper in the call stack, to avoid failing
    GFP_ATOMIC allocations and long spans with interrupts disabled.

  * fix numerous bugprone-macro-parentheses and bugprone-signed-char-misuses.

  * use readUnalignedWord64() in SHAKE256_SET_SEED_HA_X4_*() and
    slhdsakey_shake256_set_seed_ha_x4() to avoid benign unaligned access warnings
    from sanitizers.

wolfcrypt/test/test.c:

  * in TestDumpData(), use WOLFSSL_DEBUG_PRINTF(), not fprintf(stderr, ...), for
    portability.

  * in slhdsa_test_param() and slhdsa_test(), use WC_DECLARE_VAR() and friends
    for SlhDsaKey allocations, and use ERROR_OUT() and single-return-point
    refactors to fix error path memory leaks.
2026-03-09 23:08:42 -05:00
Daniel Pouzzner 67bcaff4b8 linuxkm/module_hooks.c: fix syntax error in wolfssl_init(). 2026-03-04 16:13:09 -06:00
Daniel Pouzzner fe93ec87b1 linuxkm/module_hooks.c: in dump_to_file(), accommodate mis-prototyped kernel_write() in kernels 3.9-4.13. 2026-03-04 13:14:07 -06:00
Daniel Pouzzner f67c29ae51 linuxkm/Kbuild:
* for aarch64/arm64, only add -mno-outline-atomics if the compiler supports it.
* in ENABLED_LINUXKM_PIE setup, avoid -fPIE on arm32 <5.11 (missing reloc support).

linuxkm/linuxkm_wc_port.h, linuxkm/module_hooks.c, and wolfcrypt/src/wc_port.c: gate interception of alt_cb_patch_nops() on kernel >= 6.1.

linuxkm/linuxkm_wc_port.h: define WC_LINUXKM_SUPPORT_DUMP_TO_FILE implicitly when WC_SYM_RELOC_TABLES && DEBUG_LINUXKM_PIE_SUPPORT.

linuxkm/module_hooks.c: fixes for text_dump_path and rodata_dump_path handler code.
2026-03-04 13:14:07 -06:00
Daniel Pouzzner f1b65be0ca linuxkm/Makefile: fix misplaced quotes in configure call in libwolfssl-user-build recipe. 2026-02-28 14:07:00 -06:00