20240126-LINUXKM_LKCAPI_REGISTER#7180
Merged
dgarske merged 16 commits intowolfSSL:masterfrom Feb 2, 2024
Merged
Conversation
…crypto_register_skcipher/crypto_register_aead, start 2022-12-26, end 2023-01-14.
split XtsAes.aes in two, XtsAes.aes_encrypt and XtsAes.aes_decrypt, and add AES_ENCRYPTION_AND_DECRYPTION option constant, to accommodate Linux kernel crypto API model. in wc_AesXtsSetKeyNoInit(), add FIPS check that main and tweak keys differ, and allow setting encrypt and decrypt keys simultaneously using AES_ENCRYPTION_AND_DECRYPTION. in wc_AesXtsEncrypt() and wc_AesXtsDecrypt(), error if the required subkey has not been set.
…BC, AES-CFB, AES-GCM, and AES-XTS:
linuxkm/lkcapi_glue.c (added in earlier commit):
implement linuxkm_lkcapi_register() and linuxkm_lkcapi_unregister() with idempotency.
add AES-XTS algorithm glue and self-test implementations.
add per-algorithm gating: LINUXKM_LKCAPI_REGISTER_AESCBC, _AESCFB, _AESGCM, and _AESXTS.
carry forward philljj's implementations for AES-CBC, AES-CFB, and AES-GCM, with various cleanups.
linuxkm/module_hooks.c:
print the "wolfCrypt container hashes" message only if DEBUG_LINUXKM_PIE_SUPPORT is set.
render the FIPS version for the self-test success message using the HAVE_FIPS_VERSION* macros.
add a "skipping full wolfcrypt_test() ..." message for --disable-crypttests builds.
add CONFIG_FORTIFY_SOURCE gates.
configure.ac:
add support for --enable-linuxkm-lkcapi-register;
add AES-XTS to output config summary;
rename --enable-xts to --enable-aesxts (retaining old option for backward compatibility).
linuxkm/linuxkm_wc_port.h: add support for CONFIG_FORTIFY_SOURCE.
linuxkm/linuxkm_memory.c:
fix retvals in save_vector_registers_x86() (wc-style MEMORY_E, not sys-style ENOMEM).
add __my_fortify_panic() implementation.
linuxkm/Kbuild: for ENABLED_LINUXKM_PIE in rename-pie-text-and-data-sections recipe, create an .rodata.wolfcrypt section.
linuxkm/include.am: add linuxkm/lkcapi_glue.c to EXTRA_DIST.
wolfcrypt/test/test.c:
when defined(HAVE_FIPS_VERSION), inhibit a test clause in aes_xts_128_test() disallowed by FIPS ("FIPS AES-XTS main and tweak keys must differ").
fix out-of-order user message in ecc_test().
…sXts.aes_decrypt.
…lfssl/wolfcrypt/settings.h.
…emmove() (CONFIG_FORTIFY_SOURCE workarounds) with copy-by-words codepaths.
…ound struct km_AesCtx with separate aes_encrypt and aes_decrypt Aes pointers, and no cached key, to avoid AesSetKey operations at encrypt/decrypt time.
SparkiDev
requested changes
Jan 28, 2024
* support AES_ENCRYPTION_AND_DECRYPTION only if WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS is defined, and define it in linuxkm_wc_port.h if LINUXKM_LKCAPI_REGISTER. * fix a typo in km_AesInitCommon(). * remove #if 0 code in lkcapi_glue.c.
douzzer
force-pushed
the
20240126-LINUXKM_LKCAPI_REGISTER
branch
from
ffce1a5 to
1fc6718
Compare
Contributor
Author
|
retest this please. |
dgarske
requested changes
Jan 29, 2024
| } | ||
|
|
||
| if ((ret = wc_AesSetKey(&aes->aes, key, keySz, NULL, dir)) == 0) { | ||
| #ifdef HAVE_FIPS_VERSION |
Member
There was a problem hiding this comment.
Is it better to gate on HAVE_FIPS?
Contributor
Author
There was a problem hiding this comment.
yeah might be. I'll check the codebase and do whatever's consistent.
Contributor
Author
There was a problem hiding this comment.
fixed. defined(HAVE_FIPS) was definitely the right idea.
…armonize error catching, reporting, and error codes; further address peer review feedback.
Contributor
Author
|
retest this please. |
Contributor
Author
|
retest this please. |
dgarske
requested changes
Jan 30, 2024
| 0x77, 0x8a, 0xe8, 0xb4, 0x3c, 0xb9, 0x8d, 0x5a | ||
| }; | ||
|
|
||
| #ifndef HAVE_FIPS_VERSION /* FIPS requires different keys for main and tweak. */ |
Member
There was a problem hiding this comment.
Should it be #ifndef HAVE_FIPS?
Contributor
Author
There was a problem hiding this comment.
fixed. also fixed this in 8 other places.
Contributor
Author
|
retest this please. |
Contributor
Author
|
retest this please.... |
… "failed:" to error messages in km_AesGcmEncrypt() and km_AesGcmDecrypt().
Contributor
Author
|
retest this please... |
* configure.ac: in linuxkm-lkcapi-register section, force ENABLED_AESGCM_STREAM=yes if ENABLED_AESGCM is yes and there is asm or FIPS in the picture. * linuxkm/module_hooks.c: in updateFipsHash(), if DEBUG_LINUXKM_PIE_SUPPORT || WOLFSSL_LINUXKM_VERBOSE_DEBUG, print the base16 hash to the kernel log. * linuxkm/lkcapi_glue.c: * implement KATs for AES-CBC, AES-CFB, and AES-GCM. * clean out extraneous code and macro usage inherited from test/test.c. * add post-registration crypto_tfm_alg_driver_name() tests for AES-CBC, AES-CFB, and AES-GCM.
SparkiDev
approved these changes
Feb 2, 2024
dgarske
approved these changes
Feb 2, 2024
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
linuxkm: completion and stabilization of LKCAPI integration for AES-CBC, AES-CFB, AES-GCM, and AES-XTS:
AES-XTS:
split
XtsAes.aesin two,XtsAes.aes_encryptandXtsAes.aes_decrypt, and addAES_ENCRYPTION_AND_DECRYPTIONoption constant, to accommodate Linux kernel crypto API model.in
wc_AesXtsSetKeyNoInit(), add FIPS check that main and tweak keys differ, and allow setting encrypt and decrypt keys simultaneously usingAES_ENCRYPTION_AND_DECRYPTION.in
wc_AesXtsEncrypt()andwc_AesXtsDecrypt(), error if the required subkey has not been set.add
DEBUG_VECTOR_REGISTER_ACCESS_FUZZING&& !DEBUG_VECTOR_REGISTER_ACCESS, with a kernel-compatible implementation ofSAVE_VECTOR_REGISTERS2_fuzzer().squash of philljj's POC work integrating
libwolfssl.kowithcrypto_register_skcipher/crypto_register_aead, start 2022-12-26, end 2023-01-14.linuxkm/lkcapi_glue.c:implement
linuxkm_lkcapi_register()andlinuxkm_lkcapi_unregister()with idempotency.add AES-XTS algorithm glue and self-test implementations.
add per-algorithm gating:
LINUXKM_LKCAPI_REGISTER_AESCBC,_AESCFB,_AESGCM, and_AESXTS.carry forward philljj's implementations for AES-CBC, AES-CFB, and AES-GCM, with various cleanups.
linuxkm/module_hooks.c:print the "wolfCrypt container hashes" message only if
DEBUG_LINUXKM_PIE_SUPPORTis set.render the FIPS version for the self-test success message using the
HAVE_FIPS_VERSION*macros.add a "skipping full wolfcrypt_test() ..." message for
--disable-crypttestsbuilds.add
CONFIG_FORTIFY_SOURCEgates.configure.ac:add support for
--enable-linuxkm-lkcapi-register;add AES-XTS to output config summary;
rename
--enable-xtsto--enable-aesxts(retaining old option for backward compatibility).linuxkm/linuxkm_wc_port.h: add support forCONFIG_FORTIFY_SOURCE.linuxkm/linuxkm_memory.c:fix retvals in
save_vector_registers_x86()(wc-styleMEMORY_E, not sys-styleENOMEM).add
__my_fortify_panic()implementation.linuxkm/Kbuild: forENABLED_LINUXKM_PIEinrename-pie-text-and-data-sectionsrecipe, create an.rodata.wolfcryptsection.linuxkm/include.am: addlinuxkm/lkcapi_glue.ctoEXTRA_DIST.wolfcrypt/test/test.c:when
defined(HAVE_FIPS_VERSION), inhibit a test clause inaes_xts_128_test()disallowed by FIPS ("FIPS AES-XTS main and tweak keys must differ").fix out-of-order user message in
ecc_test().tested with
wolfssl-multi-test.sh ... super-quick-checkplus a slew (2 dozen) of LKCAPI scenarios with live module loads, including various combinations of AESNI, FIPS,CONFIG_FORTIFY_SOURCE, kernel sanitizers,--enable-crypttestsand--disable-crypttests.