Skip to content

Commit c9e4b13

Browse files
authored
Merge pull request #10829 from douzzer/20260630-various-fixes
20260630-various-fixes
2 parents 323027d + ed4fb32 commit c9e4b13

4 files changed

Lines changed: 117 additions & 21 deletions

File tree

.wolfssl_known_macro_extras

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -130,6 +130,7 @@ CONFIG_IDF_TARGET_ESP32S3
130130
CONFIG_IDF_TARGET_ESP8266
131131
CONFIG_IDF_TARGET_ESP8684
132132
CONFIG_KASAN
133+
CONFIG_KMSAN
133134
CONFIG_KPROBES
134135
CONFIG_MAIN_TASK_STACK_SIZE
135136
CONFIG_MBEDTLS_CERTIFICATE_BUNDLE

linuxkm/linuxkm_wc_port.h

Lines changed: 40 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -349,14 +349,34 @@
349349
_Pragma("clang diagnostic ignored \"-Wshorten-64-to-32\"");
350350
_Pragma("clang diagnostic ignored \"-Wframe-address\"");
351351
#endif
352+
#if defined(__GNUC__) && (__GNUC__ >= 17)
353+
_Pragma("GCC diagnostic ignored \"-Wconstant-logical-operand\"");
354+
#endif
352355

353-
#ifdef CONFIG_KASAN
356+
/* KASAN and KMSAN are mutually exclusive, so we need to consider at most
357+
* one of them here.
358+
*/
359+
#if defined(CONFIG_KASAN)
354360
#ifndef WC_SANITIZE_DISABLE
355361
#define WC_SANITIZE_DISABLE() kasan_disable_current()
356362
#endif
357363
#ifndef WC_SANITIZE_ENABLE
358364
#define WC_SANITIZE_ENABLE() kasan_enable_current()
359365
#endif
366+
#elif defined(CONFIG_KMSAN)
367+
#ifndef WC_SANITIZE_DISABLE
368+
#define WC_SANITIZE_DISABLE() kmsan_disable_current()
369+
#endif
370+
#ifndef WC_SANITIZE_ENABLE
371+
#define WC_SANITIZE_ENABLE() kmsan_enable_current()
372+
#endif
373+
#else
374+
#ifndef WC_SANITIZE_DISABLE
375+
#define WC_SANITIZE_DISABLE() do {} while (0)
376+
#endif
377+
#ifndef WC_SANITIZE_ENABLE
378+
#define WC_SANITIZE_ENABLE() do {} while (0)
379+
#endif
360380
#endif
361381

362382
#if defined(CONFIG_FORTIFY_SOURCE) && \
@@ -1725,12 +1745,12 @@
17251745
pr_err("ERROR: bottom of stack is not STACK_END_MAGIC.\n");
17261746

17271747
local_irq_save(flags);
1728-
kasan_disable_current();
1748+
WC_SANITIZE_DISABLE();
17291749
z = wc_linuxkm_stack_left();
17301750
if (z > WC_KERNEL_STACK_MARGIN_BOTTOM + WC_KERNEL_STACK_MARGIN_TOP)
17311751
memset((void *)(s + WC_KERNEL_STACK_MARGIN_BOTTOM), sentinel,
17321752
z - (WC_KERNEL_STACK_MARGIN_BOTTOM + WC_KERNEL_STACK_MARGIN_TOP));
1733-
kasan_enable_current();
1753+
WC_SANITIZE_ENABLE();
17341754
local_irq_restore(flags);
17351755
if (z <= WC_KERNEL_STACK_MARGIN_BOTTOM + WC_KERNEL_STACK_MARGIN_TOP)
17361756
pr_err("ERROR: wc_linuxkm_stack_hwm_prepare() called with only %lu bytes of stack left, "
@@ -1742,11 +1762,11 @@
17421762
unsigned char *i;
17431763
if (z <= WC_KERNEL_STACK_MARGIN_BOTTOM + WC_KERNEL_STACK_MARGIN_TOP)
17441764
return (unsigned long)-1;
1745-
kasan_disable_current();
1765+
WC_SANITIZE_DISABLE();
17461766
for (i = (unsigned char *)s + WC_KERNEL_STACK_MARGIN_BOTTOM;
17471767
i < ((unsigned char *)s + z) && (*i == sentinel);
17481768
++i);
1749-
kasan_enable_current();
1769+
WC_SANITIZE_ENABLE();
17501770
return z - ((unsigned long)i - s);
17511771
}
17521772
static __always_inline unsigned long wc_linuxkm_stack_hwm_measure_total(unsigned char sentinel) {
@@ -1809,6 +1829,21 @@
18091829
#define XGMTIME(c, t) gmtime(c)
18101830
#define NO_TIMEVAL 1
18111831

1832+
/* MSAN needs to intercept these string functions to properly instrument
1833+
* them, but we build with -ffreestanding, which inhibits the interception.
1834+
* Fix that with explicit mappings here.
1835+
*/
1836+
#ifdef CONFIG_KMSAN
1837+
#define memcpy(d, s, l) __builtin_memcpy(d, s, l)
1838+
#define memset(d, v, l) __builtin_memset(d, v, l)
1839+
#define memmove(d, s, l) __builtin_memmove(d, s, l)
1840+
#define strcpy(d, s) __builtin_strcpy(d, s)
1841+
#if LINUX_VERSION_CODE < KERNEL_VERSION(7, 2, 0)
1842+
#define strncpy(d, s, l) __builtin_strncpy(d, s, l)
1843+
#endif
1844+
#define strncat(d, s, l) __builtin_strncat(d, s, l)
1845+
#endif
1846+
18121847
#endif /* BUILDING_WOLFSSL */
18131848

18141849
#if LINUX_VERSION_CODE >= KERNEL_VERSION(7, 2, 0)

wolfcrypt/src/aes.c

Lines changed: 58 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -907,7 +907,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
907907
/* Pick the widest available implementation at runtime. Callers must
908908
* already be inside a VECTOR_REGISTERS_PUSH / SAVE_VECTOR_REGISTERS
909909
* region (all bulk AES-NI call sites are). */
910-
static WC_INLINE void AesEcbEncryptBlocks(const unsigned char* in,
910+
static WC_MAYBE_UNUSED WC_INLINE void AesEcbEncryptBlocks(const unsigned char* in,
911911
unsigned char* out, word32 sz, const unsigned char* key, int nr)
912912
{
913913
#ifdef HAVE_INTEL_AVX512
@@ -936,7 +936,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
936936
}
937937

938938
#ifdef HAVE_AES_DECRYPT
939-
static WC_INLINE void AesEcbDecryptBlocks(const unsigned char* in,
939+
static WC_MAYBE_UNUSED WC_INLINE void AesEcbDecryptBlocks(const unsigned char* in,
940940
unsigned char* out, word32 sz, const unsigned char* key, int nr)
941941
{
942942
#ifdef HAVE_INTEL_AVX512
@@ -966,7 +966,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
966966
#endif
967967

968968
#ifdef HAVE_AES_CBC
969-
static WC_INLINE void AesCbcEncryptBlocks(const unsigned char* in,
969+
static WC_MAYBE_UNUSED WC_INLINE void AesCbcEncryptBlocks(const unsigned char* in,
970970
unsigned char* out, unsigned char* iv, word32 sz,
971971
const unsigned char* key, int nr)
972972
{
@@ -997,7 +997,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
997997
#endif /* HAVE_AES_CBC */
998998

999999
#ifdef HAVE_AES_DECRYPT
1000-
static WC_INLINE void AesCbcDecryptBlocks(const unsigned char* in,
1000+
static WC_MAYBE_UNUSED WC_INLINE void AesCbcDecryptBlocks(const unsigned char* in,
10011001
unsigned char* out, unsigned char* iv, word32 sz,
10021002
const unsigned char* key, int nr)
10031003
{
@@ -1027,7 +1027,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
10271027
}
10281028
#endif /* HAVE_AES_DECRYPT */
10291029

1030-
static WC_INLINE void AesCtrEncryptBlocks(const unsigned char* in,
1030+
static WC_MAYBE_UNUSED WC_INLINE void AesCtrEncryptBlocks(const unsigned char* in,
10311031
unsigned char* out, word32 sz, const unsigned char* key, int nr,
10321032
unsigned char* ctr)
10331033
{
@@ -5928,6 +5928,14 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
59285928
} \
59295929
WC_DO_NOTHING
59305930

5931+
#define VECTOR_REGISTERS_PUSH2(fail_clause) { \
5932+
int orig_use_aesni = aes->use_aesni; \
5933+
if (aes->use_aesni && (SAVE_VECTOR_REGISTERS2() != 0)) { \
5934+
aes->use_aesni = 0; \
5935+
} \
5936+
WC_DO_NOTHING
5937+
5938+
59315939
#define VECTOR_REGISTERS_POP \
59325940
if (aes->use_aesni) \
59335941
RESTORE_VECTOR_REGISTERS(); \
@@ -5941,14 +5949,24 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
59415949
#define VECTOR_REGISTERS_PUSH { \
59425950
WC_DO_NOTHING
59435951

5952+
#define VECTOR_REGISTERS_PUSH2(fail_clause) { \
5953+
WC_DO_NOTHING
5954+
59445955
#define VECTOR_REGISTERS_POP \
59455956
} \
59465957
WC_DO_NOTHING
59475958

59485959
#else
59495960

5950-
#define VECTOR_REGISTERS_PUSH { \
5961+
#define VECTOR_REGISTERS_PUSH { \
5962+
if (aes->use_aesni && ((ret = SAVE_VECTOR_REGISTERS2()) != 0)) { \
5963+
return ret; \
5964+
} \
5965+
WC_DO_NOTHING
5966+
5967+
#define VECTOR_REGISTERS_PUSH2(fail_clause) { \
59515968
if (aes->use_aesni && ((ret = SAVE_VECTOR_REGISTERS2()) != 0)) { \
5969+
{ fail_clause } \
59525970
return ret; \
59535971
} \
59545972
WC_DO_NOTHING
@@ -5965,6 +5983,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
59655983
#else /* !WOLFSSL_AESNI */
59665984

59675985
#define VECTOR_REGISTERS_PUSH WC_DO_NOTHING
5986+
#define VECTOR_REGISTERS_PUSH2(fail_clause) WC_DO_NOTHING
59685987
#define VECTOR_REGISTERS_POP WC_DO_NOTHING
59695988

59705989
#endif /* !WOLFSSL_AESNI */
@@ -15511,6 +15530,14 @@ static WARN_UNUSED_RESULT int AesCfbDecrypt_C(Aes* aes, byte* out,
1551115530
#ifdef WC_AES_HAVE_PREFETCH_ARG
1551215531
int did_prefetches = 0;
1551315532
#endif
15533+
#ifndef WC_AES_CFB_DEC_BUF_BLOCKS
15534+
#define WC_AES_CFB_DEC_BUF_BLOCKS 32
15535+
#elif WC_AES_CFB_DEC_BUF_BLOCKS < 2
15536+
#error Invalid WC_AES_CFB_DEC_BUF_BLOCKS
15537+
#endif
15538+
#ifdef WOLFSSL_SMALL_STACK
15539+
byte *tmp = NULL;
15540+
#endif
1551415541

1551515542
(void)mode;
1551615543

@@ -15534,18 +15561,32 @@ static WARN_UNUSED_RESULT int AesCfbDecrypt_C(Aes* aes, byte* out,
1553415561
sz -= processed;
1553515562
}
1553615563

15564+
#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_AES_ECB) && \
15565+
!defined(WOLFSSL_PIC32MZ_CRYPT) && \
15566+
(defined(USE_INTEL_SPEEDUP) || defined(WOLFSSL_ARMASM))
15567+
/* Only suffer the heap overhead if sz is enough to warrant it.
15568+
*
15569+
* Allocate the working buffer before suspending interrupts, so that we can
15570+
* allocate with regular GFP_KERNEL.
15571+
*/
15572+
if (sz >= WC_AES_CFB_DEC_BUF_BLOCKS * WC_AES_BLOCK_SIZE)
15573+
tmp = (byte *)XMALLOC(WC_AES_CFB_DEC_BUF_BLOCKS * WC_AES_BLOCK_SIZE, NULL, DYNAMIC_TYPE_AES);
15574+
15575+
VECTOR_REGISTERS_PUSH2(XFREE(tmp, NULL, DYNAMIC_TYPE_AES););
15576+
#else
1553715577
VECTOR_REGISTERS_PUSH;
15578+
#endif
1553815579

15539-
#if !defined(WOLFSSL_SMALL_STACK) && defined(HAVE_AES_ECB) && \
15580+
#if defined(HAVE_AES_ECB) && \
1554015581
!defined(WOLFSSL_PIC32MZ_CRYPT) && \
1554115582
(defined(USE_INTEL_SPEEDUP) || defined(WOLFSSL_ARMASM))
15583+
#ifdef WOLFSSL_SMALL_STACK
15584+
if (tmp != NULL)
15585+
#endif
1554215586
{
15543-
#ifndef WC_AES_CFB_DEC_BUF_BLOCKS
15544-
#define WC_AES_CFB_DEC_BUF_BLOCKS 32
15545-
#elif WC_AES_CFB_DEC_BUF_BLOCKS < 2
15546-
#error Invalid WC_AES_CFB_DEC_BUF_BLOCKS
15547-
#endif
15587+
#ifndef WOLFSSL_SMALL_STACK
1554815588
ALIGN16 byte tmp[WC_AES_CFB_DEC_BUF_BLOCKS * WC_AES_BLOCK_SIZE];
15589+
#endif
1554915590
while (sz >= 2 * WC_AES_BLOCK_SIZE) {
1555015591
word32 blocks = sz / WC_AES_BLOCK_SIZE;
1555115592
word32 nbytes;
@@ -15592,6 +15633,11 @@ static WARN_UNUSED_RESULT int AesCfbDecrypt_C(Aes* aes, byte* out,
1559215633

1559315634
VECTOR_REGISTERS_POP;
1559415635

15636+
#ifdef WOLFSSL_SMALL_STACK
15637+
/* Free tmp after restoring interrupts, so that GFP_KERNEL is usable. */
15638+
XFREE(tmp, NULL, DYNAMIC_TYPE_AES);
15639+
#endif
15640+
1559515641
return ret;
1559615642
}
1559715643
#endif /* HAVE_AES_DECRYPT */

wolfcrypt/src/port/kcapi/kcapi_aes.c

Lines changed: 18 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -240,14 +240,21 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
240240
ret = BAD_FUNC_ARG;
241241
}
242242

243-
if ((ret == 0) && ((ivSz != WC_SYSTEM_AESGCM_IV) ||
244-
(authTagSz > WOLFSSL_MAX_AUTH_TAG_SZ))) {
243+
if ((ret == 0) && ((ivSz != WC_SYSTEM_AESGCM_IV)
244+
#if defined(HAVE_FIPS) && FIPS_VERSION3_LT(7,0,0)
245+
|| (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ)
246+
|| (authTagSz > WOLFSSL_MAX_AUTH_TAG_SZ)
247+
#endif
248+
))
249+
{
245250
WOLFSSL_MSG("IV/AAD size not supported on system");
246251
ret = BAD_FUNC_ARG;
247252
}
248253

254+
#if !defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0)
249255
if (ret == 0)
250256
ret = wc_local_AesGcmCheckTagSz(authTagSz);
257+
#endif
251258

252259
if (ret == 0) {
253260
ret = kcapi_aead_init(&aes->handle, WC_NAME_AESGCM, 0);
@@ -353,14 +360,21 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
353360
ret = BAD_FUNC_ARG;
354361
}
355362

356-
if ((ret == 0) && ((ivSz != WC_SYSTEM_AESGCM_IV) ||
357-
(authTagSz > WOLFSSL_MAX_AUTH_TAG_SZ))) {
363+
if ((ret == 0) && ((ivSz != WC_SYSTEM_AESGCM_IV)
364+
#if defined(HAVE_FIPS) && FIPS_VERSION3_LT(7,0,0)
365+
|| (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ)
366+
|| (authTagSz > WOLFSSL_MAX_AUTH_TAG_SZ)
367+
#endif
368+
))
369+
{
358370
WOLFSSL_MSG("IV/AAD size not supported on system");
359371
ret = BAD_FUNC_ARG;
360372
}
361373

374+
#if !defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0)
362375
if (ret == 0)
363376
ret = wc_local_AesGcmCheckTagSz(authTagSz);
377+
#endif
364378

365379
if (ret == 0) {
366380
ret = kcapi_aead_init(&aes->handle, WC_NAME_AESGCM, 0);

0 commit comments

Comments
 (0)