Merged
Conversation
philljj
reviewed
Jul 9, 2025
philljj
reviewed
Jul 9, 2025
philljj
requested changes
Jul 9, 2025
…wolfCrypt_FIPS_*_sanity() references matching those in fips_test.c.
…olfcrypt sections together; linuxkm/Kbuild: add linker script flag, containerize several more previously-missed ELF sections, and add a test verifying no sections were missed; linuxkm/linuxkm_memory.c: remove obsolete lkm_realloc() shim and unneeded my__show_free_areas() wrapper; linuxkm/linuxkm_wc_port.h: add new mapping from realloc() to native kvrealloc(), and gate out a slew of headers when __PIE__ to avoid polluting wolfCrypt objects with various unneeded header-implemented functions with associated awkward symbols references; linuxkm/lkcapi_glue.c: harmonize gate for REGISTER_ALG_OPTIONAL(); linuxkm/module_hooks.c: add "ERROR:" prefixes on pr_err()s; add wc_RunAllCast_fips() at shutdown to send confidence verification to the kernel log; remove section bounds checks now that layout is unreliable; wolfssl/wolfcrypt/settings.h: for WOLFSSL_LINUXKM && HAVE_LINUXKM_PIE_SUPPORT, #define WOLFSSL_ECC_CURVE_STATIC and WOLFSSL_NAMES_STATIC; wolfssl/wolfcrypt/types.h: refactor the typedef for wcchar from a pointer to a char[]; wolfcrypt/src/wc_xmss.c and wolfssl/wolfcrypt/wc_lms.h: add WOLFSSL_NAMES_STATIC code paths for struct wc_XmssString and struct wc_LmsParamsMap; wolfcrypt/src/asn.c: add WOLFSSL_NAMES_STATIC code paths for struct CertNameData, and add static attribute to a slew of wcchars not used or declared outside asn.c.
… #undef HAVE_PUBLIC_FFDHE to WOLFSSL_LINUXKM setup to avoid .data.rel.ro.local functions in dh.c; linuxkm/linuxkm_wc_port.h: only use kvrealloc() on kernel >=6.11 -- the version in 5.15-6.10 is incompatible (oldsize arg). also, restore use of kvmalloc on 4.12+, but with XREALLOC undefined, suitable for cryptonly modules; add #include <linux/sched.h> even on __PIE__ objects to make cond_sched() available; wolfcrypt/src/asn.c: harmonize gate around definitions of BEGIN_DSA_PRIV and END_DSA_PRIV; wolfcrypt/src/asn.c: in EccSpecifiedECDomainDecode(), work around "const char[]" types in WOLFSSL_ECC_CURVE_STATIC struct ecc_set_type on FIPS <6; wolfcrypt/src/asn.c, wolfcrypt/src/wc_xmss.c, wolfssl/wolfcrypt/wc_lms.h: add comments to new WOLFSSL_NAMES_STATIC slots explaining where the size comes from.
douzzer
force-pushed
the
20250706-linuxkm-fixes
branch
from
31f5ae8 to
01e8815
Compare
Contributor
Author
|
retest this please |
…ess KERNEL_ARCH_X86; linuxkm/linuxkm_wc_port.h: fixes for legacy kernels, particularly: when building TLS stack (!WOLFCRYPT_ONLY), use the best heap with a functioning realloc(), else use kvmalloc() and friends if available, even if kvrealloc() is unavailable. also, provide for XMALLOC_USER and XMALLOC_OVERRIDE; linuxkm/lkcapi_glue.c: recognize the new CONFIG_CRYPTO_SELFTESTS_FULL alongside the old CONFIG_CRYPTO_MANAGER_EXTRA_TESTS; linuxkm/linuxkm_memory.c: restore my__show_free_areas() in case it's still needed.
Contributor
Author
|
retest this please |
Contributor
Author
|
multi-test |
philljj
approved these changes
Jul 10, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
add
linuxkm/wolfcrypt.ldsmodule linker script, explicitly grouping wolfcrypt sections together;linuxkm/Kbuild: add linker script flag, containerize several more previously-missed ELF sections, and add a test verifying no sections were missed;linuxkm/linuxkm_memory.c: remove obsoletelkm_realloc()shim and unneededmy__show_free_areas()wrapper;linuxkm/linuxkm_wc_port.h: add new mapping fromrealloc()to nativekvrealloc(), and gate out a slew of headers when__PIE__to avoid polluting wolfCrypt objects with various unneeded header-implemented functions with associated awkward symbols references.linuxkm/lkcapi_glue.c: harmonize gate forREGISTER_ALG_OPTIONAL().linuxkm/module_hooks.c: add "ERROR:" prefixes onpr_err()s; addwc_RunAllCast_fips()at shutdown to send confidence verification to the kernel log; remove section bounds checks now that layout is unreliable;wolfssl/wolfcrypt/settings.h: forWOLFSSL_LINUXKM&&HAVE_LINUXKM_PIE_SUPPORT,#define WOLFSSL_ECC_CURVE_STATICandWOLFSSL_NAMES_STATIC;wolfssl/wolfcrypt/types.h: refactor thetypedefforwccharfrom a pointer to achar[];wolfcrypt/src/wc_xmss.candwolfssl/wolfcrypt/wc_lms.h: addWOLFSSL_NAMES_STATICcode paths forstruct wc_XmssStringandstruct wc_LmsParamsMap;wolfcrypt/src/asn.c: addWOLFSSL_NAMES_STATICcode paths forstruct CertNameData, and addstaticattribute to a slew ofwcchars not used or declared outsideasn.c.linuxkm/{linuxkm_wc_port.h,module_hooks.c}: add feature gates aroundwolfCrypt_FIPS_*_sanity()references matching those infips_test.c.