Skip to content

20260410-linuxkm-aes-ccm#10194

Open
douzzer wants to merge 1 commit intowolfSSL:masterfrom
douzzer:20260410-linuxkm-aes-ccm
Open

20260410-linuxkm-aes-ccm#10194
douzzer wants to merge 1 commit intowolfSSL:masterfrom
douzzer:20260410-linuxkm-aes-ccm

Conversation

@douzzer
Copy link
Copy Markdown
Contributor

@douzzer douzzer commented Apr 11, 2026

linuxkm: implement LKCAPI shims for wolfCrypt-native AES-CCM.

also, minor fixes:

linuxkm/lkcapi_aes_glue.c: in linuxkm_test_aescfb(), call the appropriate aes_cfb_test(), not aes_cfb_test().
linuxkm/lkcapi_glue.c: fix bugprone-macro-parentheses in REGISTER_ALG_OPTIONAL().
linuxkm/module_hooks.c: in updateFipsHash(), add suppression for clang-diagnostic-cast-function-type-strict warnings around actually-safe function pointer casts in call to wc_fips_generate_hash().

tested with

wolfssl-multi-test.sh ...
check-source-text
quantum-safe-wolfssl-all-crypto-only-noasm-linuxkm-mainline-insmod-clang-tidy
linuxkm-6.15-all-cryptonly-quantum-safe-fips-dev-intelasm-insmod-crypto-fuzzer-ksan
linuxkm-6.12-all-cryptonly-intelasm-fips-dev-dyn-hash-LKCAPI-insmod
linuxkm-cryptonly-fips-v5-dyn-hash-LKCAPI-yes-twc-insmod-kmemleak
linuxkm-cryptonly-fips-v5-dyn-hash-LKCAPI-yes-twc-insmod-ksanitizer
linuxkm-cryptonly-intelasm-fips-v6-dyn-hash-LKCAPI-yes-twc-insmod-ksanitizer
linuxkm-cryptonly-intelasm-fips-v6-dyn-hash-LKCAPI-yes-twc-insmod-kmemleak
linuxkm-cryptonly-intelasm-fips-dev-dyn-hash-LKCAPI-yes-twc-insmod-ksanitizer
linuxkm-cryptonly-fips-dev-dyn-hash-LKCAPI-yes-twc-insmod-ksanitizer
linuxkm-cryptonly-intelasm-fips-dev-dyn-hash-LKCAPI-yes-twc-insmod-kmemleak
'.*cust-kernel.*'

@douzzer
linuxkm: implement LKCAPI shims for wolfCrypt-native AES-CCM.
fc4ce8b 
also, minor fixes:

linuxkm/lkcapi_aes_glue.c: in linuxkm_test_aescfb(), call the appropriate aes_cfb_test(), not aes_cfb_test().
linuxkm/lkcapi_glue.c: fix bugprone-macro-parentheses in REGISTER_ALG_OPTIONAL().
linuxkm/module_hooks.c: in updateFipsHash(), add suppression for clang-diagnostic-cast-function-type-strict warnings around actually-safe function pointer casts in call to wc_fips_generate_hash().
wolfSSL-Fenrir-bot
wolfSSL-Fenrir-bot reviewed Apr 11, 2026
View reviewed changes
Copy link
Copy Markdown

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #10194

Scan targets checked: linuxkm-bugs, linuxkm-src

No new issues found in the changed files. ✅

@douzzer
Copy link
Copy Markdown
Contributor Author

douzzer commented Apr 11, 2026

retest this please
(cavp sefl-test "FAIL: scripts/resume.test")

@sameehj
Copy link
Copy Markdown
Contributor

sameehj commented Apr 13, 2026

+1, I’d prefer a follow-up that extends linuxkm_test_aesccm / linuxkm_test_aesccm_rfc4309 with the same kind of end-to-end crypto_aead exercise linuxkm_test_aesgcm already does (wolfCrypt vectors plus crypto_alloc_aead / crypto_aead_encrypt / crypto_aead_decrypt), since aesccm_test() alone does not drive the shim the way the kernel does.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left review comments

@sameehj sameehj Awaiting requested review from sameehj

@wolfSSL-Bot wolfSSL-Bot Awaiting requested review from wolfSSL-Bot

@philljj philljj Awaiting requested review from philljj

At least 1 approving review is required to merge this pull request.

Assignees

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@douzzer @sameehj @wolfSSL-Fenrir-bot @wolfSSL-Bot