starlight-apk/tiny_computer
1
0
Fork 0
mirror of https://github.com/Cateners/tiny_computer.git synced 2026-05-20 16:35:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update code to v1.0.14 (10)

Browse Source
This commit is contained in:
Caten
2024-02-29 19:35:00 +08:00
parent c2ee3b694c
commit a956d26f6d
3188 changed files with 2317293 additions and 146 deletions
Download Patch File Download Diff File Expand all files Collapse all files

169
android/extern/wolfssl/linuxkm/Kbuild vendored Normal file
View File

@@ -0,0 +1,169 @@
# Linux kernel-native Makefile ("Kbuild") for libwolfssl.ko
#
# Copyright (C) 2006-2022 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
SHELL=/bin/bash
ifeq "$(WOLFSSL_OBJ_FILES)" ""
$(error $$WOLFSSL_OBJ_FILES is unset.)
endif
ifeq "$(WOLFSSL_CFLAGS)" ""
$(error $$WOLFSSL_CFLAGS is unset.)
endif
WOLFSSL_CFLAGS += -ffreestanding -Wframe-larger-than=$(MAX_STACK_FRAME_SIZE) -isystem $(shell $(CC) -print-file-name=include)
ifeq "$(KERNEL_ARCH)" "x86"
WOLFSSL_CFLAGS += -mpreferred-stack-boundary=4
endif
obj-m := libwolfssl.o
WOLFSSL_OBJ_TARGETS := $(patsubst %, $(obj)/%, $(WOLFSSL_OBJ_FILES))
ifeq "$(ENABLED_LINUXKM_PIE)" "yes"
WOLFCRYPT_PIE_FILES := $(patsubst %, $(obj)/%, $(WOLFCRYPT_PIE_FILES))
endif
$(obj)/linuxkm/module_exports.o: $(WOLFSSL_OBJ_TARGETS)
# this mechanism only works in kernel 5.x+ (fallback to hardcoded value)
hostprogs := linuxkm/get_thread_size
always-y := $(hostprogs)
# "-mindirect-branch=keep -mfunction-return=keep" to avoid "undefined reference
# to `__x86_return_thunk'" on CONFIG_RETHUNK kernels (5.19.0-rc7)
HOST_EXTRACFLAGS += $(NOSTDINC_FLAGS) $(LINUXINCLUDE) $(KBUILD_CFLAGS) -static -fno-omit-frame-pointer -mindirect-branch=keep -mfunction-return=keep
# this rule is needed to get build to succeed in 4.x (get_thread_size still doesn't get built)
$(obj)/linuxkm/get_thread_size: $(src)/linuxkm/get_thread_size.c
$(WOLFSSL_OBJ_TARGETS): | $(obj)/linuxkm/get_thread_size
KERNEL_THREAD_STACK_SIZE=$(shell test -x $(obj)/linuxkm/get_thread_size && $(obj)/linuxkm/get_thread_size || echo 16384)
MAX_STACK_FRAME_SIZE=$(shell echo $$(( $(KERNEL_THREAD_STACK_SIZE) / 4)))
libwolfssl-y := $(WOLFSSL_OBJ_FILES) linuxkm/module_hooks.o linuxkm/module_exports.o
WOLFSSL_CFLAGS_NO_VECTOR_INSNS := $(CFLAGS_SIMD_DISABLE) $(CFLAGS_FPU_DISABLE)
ifeq "$(ENABLED_ASM)" "yes"
WOLFSSL_CFLAGS_YES_VECTOR_INSNS := $(CFLAGS_SIMD_ENABLE) $(CFLAGS_FPU_DISABLE) $(CFLAGS_AUTO_VECTORIZE_DISABLE)
else
WOLFSSL_CFLAGS_YES_VECTOR_INSNS := $(WOLFSSL_CFLAGS_NO_VECTOR_INSNS)
endif
ccflags-y := $(WOLFSSL_CFLAGS) $(WOLFSSL_CFLAGS_NO_VECTOR_INSNS)
$(obj)/libwolfssl.mod.o: ccflags-y :=
$(obj)/wolfcrypt/test/test.o: ccflags-y += -DNO_MAIN_DRIVER
$(obj)/wolfcrypt/src/aes.o: ccflags-y = $(WOLFSSL_CFLAGS) $(WOLFSSL_CFLAGS_YES_VECTOR_INSNS)
ifeq "$(ENABLED_LINUXKM_PIE)" "yes"
PIE_FLAGS := -fPIE -fno-stack-protector -fno-toplevel-reorder
PIE_SUPPORT_FLAGS := -DUSE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE
ifeq "$(KERNEL_ARCH)" "x86"
PIE_FLAGS += -mcmodel=small -mindirect-branch=keep -mfunction-return=keep
endif
ifeq "$(KERNEL_ARCH)" "mips"
PIE_FLAGS += -mabicalls
endif
$(WOLFCRYPT_PIE_FILES): ccflags-y += $(PIE_SUPPORT_FLAGS) $(PIE_FLAGS)
$(WOLFCRYPT_PIE_FILES): ccflags-remove-y += -pg
# disabling retpoline generation leads to profuse warnings without this:
$(WOLFCRYPT_PIE_FILES): OBJECT_FILES_NON_STANDARD := y
$(obj)/linuxkm/module_hooks.o: ccflags-y += $(PIE_SUPPORT_FLAGS)
endif
asflags-y := $(WOLFSSL_ASFLAGS) $(ASFLAGS_FPUSIMD_DISABLE)
# vectorized implementations that are kernel-safe are listed here.
# these are known kernel-compatible, but they still irritate objtool.
$(obj)/wolfcrypt/src/aes_asm.o: asflags-y = $(WOLFSSL_ASFLAGS) $(ASFLAGS_FPU_DISABLE_SIMD_ENABLE)
$(obj)/wolfcrypt/src/aes_asm.o: OBJECT_FILES_NON_STANDARD := y
$(obj)/wolfcrypt/src/aes_gcm_asm.o: asflags-y = $(WOLFSSL_ASFLAGS) $(ASFLAGS_FPU_DISABLE_SIMD_ENABLE)
$(obj)/wolfcrypt/src/aes_gcm_asm.o: OBJECT_FILES_NON_STANDARD := y
$(obj)/wolfcrypt/src/sp_x86_64_asm.o: asflags-y = $(WOLFSSL_ASFLAGS) $(ASFLAGS_FPU_DISABLE_SIMD_ENABLE)
$(obj)/wolfcrypt/src/sp_x86_64_asm.o: OBJECT_FILES_NON_STANDARD := y
ifeq "$(ENABLED_LINUXKM_PIE)" "yes"
rename-pie-text-and-data-sections: $(WOLFSSL_OBJ_TARGETS)
ifndef NM
NM := nm
endif
ifndef READELF
READELF := readelf
endif
ifndef OBJCOPY
OBJCOPY := objcopy
endif
.PHONY: rename-pie-text-and-data-sections
rename-pie-text-and-data-sections:
ifneq "$(quiet)" "silent_"
@echo -n ' Checking wolfCrypt for unresolved symbols and forbidden relocations... '
endif
@cd "$(obj)" || exit $$?; \
$(LD) -relocatable -o wolfcrypt_test_link.o $(WOLFCRYPT_PIE_FILES) || exit $$?; \
undefined=$$($(NM) --undefined-only wolfcrypt_test_link.o) || exit $$?; \
GOT_relocs=$$($(READELF) --relocs --wide wolfcrypt_test_link.o | egrep '^[^ ]+ +[^ ]+ +[^ ]*GOT[^ ]* ') || [ $$? = 1 ] || exit 2; \
rm wolfcrypt_test_link.o; \
if [ -n "$$undefined" ]; then \
echo "wolfCrypt container has unresolved symbols:" 1>&2; \
echo "$$undefined" 1>&2; \
exit 1; \
fi; \
if [ -n "$$GOT_relocs" ]; then \
echo "wolfCrypt container has GOT relocations (non-local function address used as operand?):" 1>&2; \
echo "$$GOT_relocs" 1>&2; \
exit 1; \
fi
ifneq "$(quiet)" "silent_"
@echo 'OK.'
endif
@cd "$(obj)" || exit $$?; \
for file in $(WOLFCRYPT_PIE_FILES); do \
$(OBJCOPY) --rename-section .text=.text.wolfcrypt --rename-section .data=.data.wolfcrypt "$$file" || exit $$?; \
done
ifneq "$(quiet)" "silent_"
@echo ' wolfCrypt .{text,data} sections containerized to .{text,data}.wolfcrypt'
endif
$(src)/linuxkm/module_exports.c: rename-pie-text-and-data-sections
endif
# auto-generate the exported symbol list, leveraging the WOLFSSL_API visibility tags.
# exclude symbols that don't match wc_* or wolf*.
$(src)/linuxkm/module_exports.c: $(src)/linuxkm/module_exports.c.template $(WOLFSSL_OBJ_TARGETS)
@cp $< $@
@readelf --symbols --wide $(WOLFSSL_OBJ_TARGETS) | \
awk '/^ *[0-9]+: / { \
if ($$8 !~ /^(wc_|wolf|WOLF|TLSX_)/){next;} \
if (($$4 == "FUNC") && ($$5 == "GLOBAL") && ($$6 == "DEFAULT")) { \
print "EXPORT_SYMBOL_NS_GPL(" $$8 ", WOLFSSL);"; \
} \
}' >> $@
@echo -e '#ifndef NO_CRYPT_TEST\nEXPORT_SYMBOL_NS_GPL(wolfcrypt_test, WOLFSSL);\n#endif' >> $@
clean-files := module_exports.c linuxkm src wolfcrypt/src wolfcrypt/test wolfcrypt

121
android/extern/wolfssl/linuxkm/Makefile vendored Normal file
View File

@@ -0,0 +1,121 @@
# libwolfssl Linux kernel module Makefile (wraps Kbuild-native makefile)
#
# Copyright (C) 2006-2022 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
SHELL=/bin/bash
all: libwolfssl.ko libwolfssl.ko.signed
.PHONY: libwolfssl.ko
ifndef MODULE_TOP
MODULE_TOP=$(CURDIR)
endif
ifndef SRC_TOP
SRC_TOP=$(shell dirname $(MODULE_TOP))
endif
WOLFSSL_CFLAGS=-DHAVE_CONFIG_H -I$(SRC_TOP) -DBUILDING_WOLFSSL $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -Wno-declaration-after-statement -Wno-redundant-decls -DLIBWOLFSSL_GLOBAL_EXTRA_CFLAGS="\" $(KERNEL_EXTRA_CFLAGS)\""
ifdef KERNEL_EXTRA_CFLAGS
WOLFSSL_CFLAGS += $(KERNEL_EXTRA_CFLAGS)
endif
WOLFSSL_ASFLAGS=-DHAVE_CONFIG_H -I$(SRC_TOP) -DBUILDING_WOLFSSL $(AM_CCASFLAGS) $(CCASFLAGS)
WOLFSSL_OBJ_FILES=$(patsubst %.lo, %.o, $(patsubst src/src_libwolfssl_la-%, src/%, $(patsubst src/libwolfssl_la-%, src/%, $(patsubst wolfcrypt/src/src_libwolfssl_la-%, wolfcrypt/src/%, $(src_libwolfssl_la_OBJECTS)))))
ifeq "$(ENABLED_CRYPT_TESTS)" "yes"
WOLFSSL_OBJ_FILES+=wolfcrypt/test/test.o
else
WOLFSSL_CFLAGS+=-DNO_CRYPT_TEST
endif
ifeq "$(ENABLED_LINUXKM_PIE)" "yes"
WOLFCRYPT_PIE_FILES := linuxkm/pie_first.o $(filter wolfcrypt/src/%,$(WOLFSSL_OBJ_FILES)) linuxkm/pie_redirect_table.o linuxkm/pie_last.o
WOLFSSL_OBJ_FILES := $(WOLFCRYPT_PIE_FILES) $(filter-out $(WOLFCRYPT_PIE_FILES),$(WOLFSSL_OBJ_FILES))
endif
export WOLFSSL_CFLAGS WOLFSSL_ASFLAGS WOLFSSL_OBJ_FILES WOLFCRYPT_PIE_FILES
libwolfssl.ko:
@if test -z "$(KERNEL_ROOT)"; then echo '$$KERNEL_ROOT is unset' >&2; exit 1; fi
@if test -z "$(AM_CFLAGS)$(CFLAGS)"; then echo '$$AM_CFLAGS and $$CFLAGS are both unset.' >&2; exit 1; fi
@if test -z "$(src_libwolfssl_la_OBJECTS)"; then echo '$$src_libwolfssl_la_OBJECTS is unset.' >&2; exit 1; fi
@mkdir -p linuxkm src wolfcrypt/src wolfcrypt/test
@if test ! -h $(SRC_TOP)/Kbuild; then ln -s $(MODULE_TOP)/Kbuild $(SRC_TOP)/Kbuild; fi
ifeq "$(ENABLED_LINUXKM_PIE)" "yes"
+$(MAKE) -C $(KERNEL_ROOT) M=$(MODULE_TOP) src=$(SRC_TOP) $(KBUILD_EXTRA_FLAGS) CC_FLAGS_FTRACE=
else
+$(MAKE) -C $(KERNEL_ROOT) M=$(MODULE_TOP) src=$(SRC_TOP) $(KBUILD_EXTRA_FLAGS)
endif
libwolfssl.ko.signed: libwolfssl.ko
@cd '$(KERNEL_ROOT)' || exit $$?; \
while read configline; do \
case "$$configline" in \
CONFIG_MODULE_SIG*=*) \
declare "$${configline%=*}"="$${configline#*=}" \
;; \
esac; \
done < .config || exit $$?; \
if [[ "$${CONFIG_MODULE_SIG}" = "y" && -n "$${CONFIG_MODULE_SIG_KEY}" && \
-n "$${CONFIG_MODULE_SIG_HASH}" && ( ! -f '$(MODULE_TOP)/$@' || \
'$(MODULE_TOP)/$<' -nt '$(MODULE_TOP)/$@' ) ]]; then \
CONFIG_MODULE_SIG_KEY="$${CONFIG_MODULE_SIG_KEY#\"}"; \
CONFIG_MODULE_SIG_KEY="$${CONFIG_MODULE_SIG_KEY%\"}"; \
CONFIG_MODULE_SIG_HASH="$${CONFIG_MODULE_SIG_HASH#\"}"; \
CONFIG_MODULE_SIG_HASH="$${CONFIG_MODULE_SIG_HASH%\"}"; \
cp -p '$(MODULE_TOP)/$<' '$(MODULE_TOP)/$@' || exit $$?; \
./scripts/sign-file "$${CONFIG_MODULE_SIG_HASH}" \
"$${CONFIG_MODULE_SIG_KEY}" \
"$${CONFIG_MODULE_SIG_KEY/%.pem/.x509}" \
'$(MODULE_TOP)/$@'; \
sign_file_exitval=$$?; \
if [[ $$sign_file_exitval != 0 ]]; then \
$(RM) -f '$(MODULE_TOP)/$@'; \
exit $$sign_file_exitval; \
fi; \
if [[ "$(quiet)" != "silent_" ]]; then \
echo " Module $@ signed by $${CONFIG_MODULE_SIG_KEY}."; \
fi \
fi
.PHONY: install modules_install
install modules_install:
+$(MAKE) -C $(KERNEL_ROOT) M=$(MODULE_TOP) src=$(SRC_TOP) INSTALL_MOD_DIR=wolfssl modules_install
.PHONY: clean
# note, must supply $(MODULE_TOP) as the src value for clean so that Kbuild is included, else
# the top Makefile (which is not for the kernel build) would be included here.
clean:
+$(MAKE) -C $(KERNEL_ROOT) M=$(MODULE_TOP) src=$(MODULE_TOP) clean
.PHONY: check
check:
.PHONY: distclean
distclean: clean
.PHONY: dist
dist:
.PHONY: distdir
distdir:

35
android/extern/wolfssl/linuxkm/get_thread_size.c vendored Normal file
View File

@@ -0,0 +1,35 @@
/* get_thread_size.c -- trivial program to determine stack frame size
* for a Linux kernel thread, given a configured source tree.
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef __KERNEL__
#define __KERNEL__
#endif
#include <linux/kconfig.h>
#include <linux/kernel.h>
#include <linux/kthread.h>
extern int dprintf(int fd, const char *format, ...);
int main(__maybe_unused int argc, __maybe_unused char **argv) {
dprintf(1, "%lu\n",THREAD_SIZE);
return 0;
}

15
android/extern/wolfssl/linuxkm/include.am vendored Normal file
View File

@@ -0,0 +1,15 @@
# vim:ft=automake
# included from Top Level Makefile.am
# All paths should be given relative to the root
EXTRA_DIST += m4/ax_linuxkm.m4 \
linuxkm/Kbuild \
linuxkm/Makefile \
linuxkm/get_thread_size.c \
linuxkm/module_hooks.c \
linuxkm/module_exports.c.template \
linuxkm/pie_first.c \
linuxkm/pie_redirect_table.c \
linuxkm/pie_last.c \
linuxkm/linuxkm_memory.c \
linuxkm/linuxkm_wc_port.h

323
android/extern/wolfssl/linuxkm/linuxkm_memory.c vendored Normal file
View File

@@ -0,0 +1,323 @@
/* linuxkm_memory.c
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* included by wolfcrypt/src/memory.c */
#if defined(WOLFSSL_LINUXKM_SIMD_X86)
#ifdef LINUXKM_SIMD_IRQ
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
static union fpregs_state **wolfcrypt_linuxkm_fpu_states = NULL;
#else
static struct fpstate **wolfcrypt_linuxkm_fpu_states = NULL;
#endif
#else
static unsigned int *wolfcrypt_linuxkm_fpu_states = NULL;
#endif
static WARN_UNUSED_RESULT inline int am_in_hard_interrupt_handler(void)
{
return (preempt_count() & (NMI_MASK | HARDIRQ_MASK)) != 0;
}
WARN_UNUSED_RESULT int allocate_wolfcrypt_linuxkm_fpu_states(void)
{
#ifdef LINUXKM_SIMD_IRQ
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
wolfcrypt_linuxkm_fpu_states =
(union fpregs_state **)kzalloc(nr_cpu_ids
* sizeof(struct fpu_state *),
GFP_KERNEL);
#else
wolfcrypt_linuxkm_fpu_states =
(struct fpstate **)kzalloc(nr_cpu_ids
* sizeof(struct fpstate *),
GFP_KERNEL);
#endif
#else
wolfcrypt_linuxkm_fpu_states =
(unsigned int *)kzalloc(nr_cpu_ids * sizeof(unsigned int),
GFP_KERNEL);
#endif
if (! wolfcrypt_linuxkm_fpu_states) {
pr_err("warning, allocation of %lu bytes for "
"wolfcrypt_linuxkm_fpu_states failed.\n",
nr_cpu_ids * sizeof(struct fpu_state *));
return MEMORY_E;
}
#ifdef LINUXKM_SIMD_IRQ
{
typeof(nr_cpu_ids) i;
for (i=0; i<nr_cpu_ids; ++i) {
_Static_assert(sizeof(union fpregs_state) <= PAGE_SIZE,
"union fpregs_state is larger than expected.");
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
wolfcrypt_linuxkm_fpu_states[i] =
(union fpregs_state *)kzalloc(PAGE_SIZE
/* sizeof(union fpregs_state) */,
GFP_KERNEL);
#else
wolfcrypt_linuxkm_fpu_states[i] =
(struct fpstate *)kzalloc(PAGE_SIZE
/* sizeof(struct fpstate) */,
GFP_KERNEL);
#endif
if (! wolfcrypt_linuxkm_fpu_states[i])
break;
/* double-check that the allocation is 64-byte-aligned as needed
* for xsave.
*/
if ((unsigned long)wolfcrypt_linuxkm_fpu_states[i] & 63UL) {
pr_err("warning, allocation for wolfcrypt_linuxkm_fpu_states "
"was not properly aligned (%px).\n",
wolfcrypt_linuxkm_fpu_states[i]);
kfree(wolfcrypt_linuxkm_fpu_states[i]);
wolfcrypt_linuxkm_fpu_states[i] = 0;
break;
}
}
if (i < nr_cpu_ids) {
pr_err("warning, only %u/%u allocations succeeded for "
"wolfcrypt_linuxkm_fpu_states.\n",
i, nr_cpu_ids);
return MEMORY_E;
}
}
#endif /* LINUXKM_SIMD_IRQ */
return 0;
}
void free_wolfcrypt_linuxkm_fpu_states(void)
{
if (wolfcrypt_linuxkm_fpu_states) {
#ifdef LINUXKM_SIMD_IRQ
typeof(nr_cpu_ids) i;
for (i=0; i<nr_cpu_ids; ++i) {
if (wolfcrypt_linuxkm_fpu_states[i])
kfree(wolfcrypt_linuxkm_fpu_states[i]);
}
#endif /* LINUXKM_SIMD_IRQ */
kfree(wolfcrypt_linuxkm_fpu_states);
wolfcrypt_linuxkm_fpu_states = 0;
}
}
WARN_UNUSED_RESULT int save_vector_registers_x86(void)
{
int processor_id;
preempt_disable();
processor_id = smp_processor_id();
{
static int _warned_on_null = -1;
if ((wolfcrypt_linuxkm_fpu_states == NULL)
#ifdef LINUXKM_SIMD_IRQ
|| (wolfcrypt_linuxkm_fpu_states[processor_id] == NULL)
#endif
)
{
preempt_enable();
if (_warned_on_null < processor_id) {
_warned_on_null = processor_id;
pr_err("save_vector_registers_x86 called for cpu id %d "
"with null context buffer.\n", processor_id);
}
return BAD_STATE_E;
}
}
if (! irq_fpu_usable()) {
#ifdef LINUXKM_SIMD_IRQ
if (am_in_hard_interrupt_handler()) {
/* allow for nested calls */
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] != 0) {
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] == 255) {
preempt_enable();
pr_err("save_vector_registers_x86 recursion register overflow for "
"cpu id %d.\n", processor_id);
return BAD_STATE_E;
} else {
++((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1];
return 0;
}
}
/* note, fpregs_lock() is not needed here, because
* interrupts/preemptions are already disabled here.
*/
{
/* save_fpregs_to_fpstate() only accesses fpu->state, which
* has stringent alignment requirements (64 byte cache
* line), but takes a pointer to the parent struct. work
* around this.
*/
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
struct fpu *fake_fpu_pointer =
(struct fpu *)(((char *)wolfcrypt_linuxkm_fpu_states[processor_id])
- offsetof(struct fpu, state));
copy_fpregs_to_fpstate(fake_fpu_pointer);
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
struct fpu *fake_fpu_pointer =
(struct fpu *)(((char *)wolfcrypt_linuxkm_fpu_states[processor_id])
- offsetof(struct fpu, state));
save_fpregs_to_fpstate(fake_fpu_pointer);
#else
struct fpu *fake_fpu_pointer =
(struct fpu *)(((char *)wolfcrypt_linuxkm_fpu_states[processor_id])
- offsetof(struct fpu, fpstate));
save_fpregs_to_fpstate(fake_fpu_pointer);
#endif
}
/* mark the slot as used. */
((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] = 1;
/* note, not preempt_enable()ing, mirroring kernel_fpu_begin()
* semantics, even though routine will have been entered already
* non-preemptable.
*/
return 0;
} else
#endif /* LINUXKM_SIMD_IRQ */
{
preempt_enable();
return BAD_STATE_E;
}
} else {
/* allow for nested calls */
#ifdef LINUXKM_SIMD_IRQ
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] != 0) {
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] == 255) {
preempt_enable();
pr_err("save_vector_registers_x86 recursion register overflow for "
"cpu id %d.\n", processor_id);
return BAD_STATE_E;
} else {
++((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1];
return 0;
}
}
kernel_fpu_begin();
preempt_enable(); /* kernel_fpu_begin() does its own
* preempt_disable(). decrement ours.
*/
((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] = 1;
#else /* !LINUXKM_SIMD_IRQ */
if (wolfcrypt_linuxkm_fpu_states[processor_id] != 0) {
if (wolfcrypt_linuxkm_fpu_states[processor_id] == ~0U) {
preempt_enable();
pr_err("save_vector_registers_x86 recursion register overflow for "
"cpu id %d.\n", processor_id);
return BAD_STATE_E;
} else {
++wolfcrypt_linuxkm_fpu_states[processor_id];
return 0;
}
}
kernel_fpu_begin();
preempt_enable(); /* kernel_fpu_begin() does its own
* preempt_disable(). decrement ours.
*/
wolfcrypt_linuxkm_fpu_states[processor_id] = 1;
#endif /* !LINUXKM_SIMD_IRQ */
return 0;
}
}
void restore_vector_registers_x86(void)
{
int processor_id = smp_processor_id();
if ((wolfcrypt_linuxkm_fpu_states == NULL)
#ifdef LINUXKM_SIMD_IRQ
|| (wolfcrypt_linuxkm_fpu_states[processor_id] == NULL)
#endif
)
{
pr_err("restore_vector_registers_x86 called for cpu id %d "
"with null context buffer.\n", processor_id);
return;
}
#ifdef LINUXKM_SIMD_IRQ
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] == 0)
{
pr_err("restore_vector_registers_x86 called for cpu id %d "
"without saved context.\n", processor_id);
return;
}
if (--((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] > 0) {
preempt_enable(); /* preempt_disable count will still be nonzero after this decrement. */
return;
}
if (am_in_hard_interrupt_handler()) {
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
copy_kernel_to_fpregs(wolfcrypt_linuxkm_fpu_states[processor_id]);
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
__restore_fpregs_from_fpstate(wolfcrypt_linuxkm_fpu_states[processor_id],
xfeatures_mask_all);
#else
restore_fpregs_from_fpstate(wolfcrypt_linuxkm_fpu_states[processor_id],
fpu_kernel_cfg.max_features);
#endif
preempt_enable();
} else {
kernel_fpu_end();
}
#else /* !LINUXKM_SIMD_IRQ */
if (wolfcrypt_linuxkm_fpu_states[processor_id] == 0)
{
pr_err("restore_vector_registers_x86 called for cpu id %d "
"without saved context.\n", processor_id);
return;
}
if (--wolfcrypt_linuxkm_fpu_states[processor_id] > 0) {
preempt_enable(); /* preempt_disable count will still be nonzero after this decrement. */
return;
}
kernel_fpu_end();
#endif /* !LINUXKM_SIMD_IRQ */
return;
}
#endif /* WOLFSSL_LINUXKM_SIMD_X86 && WOLFSSL_LINUXKM_SIMD_X86_IRQ_ALLOWED */
#if defined(__PIE__) && (LINUX_VERSION_CODE >= KERNEL_VERSION(6, 1, 0))
/* needed in 6.1+ because show_free_areas() static definition in mm.h calls
* __show_free_areas(), which isn't exported (neither was show_free_areas()).
*/
void my__show_free_areas(
unsigned int flags,
nodemask_t *nodemask,
int max_zone_idx)
{
(void)flags;
(void)nodemask;
(void)max_zone_idx;
return;
}
#endif

664
android/extern/wolfssl/linuxkm/linuxkm_wc_port.h vendored Normal file
View File

@@ -0,0 +1,664 @@
/* linuxkm_wc_port.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* included by wolfssl/wolfcrypt/wc_port.h */
#ifndef LINUXKM_WC_PORT_H
#define LINUXKM_WC_PORT_H
#ifdef HAVE_CONFIG_H
#ifndef PACKAGE_NAME
#error wc_port.h included before config.h
#endif
/* config.h is autogenerated without gating, and is subject to repeat
* inclusions, so gate it out here to keep autodetection masking
* intact:
*/
#undef HAVE_CONFIG_H
#endif
/* suppress inclusion of stdint-gcc.h to avoid conflicts with Linux native
* include/linux/types.h:
*/
#define _GCC_STDINT_H
#define WC_PTR_TYPE uintptr_t
/* needed to suppress inclusion of stdio.h in wolfssl/wolfcrypt/types.h */
#define XSNPRINTF snprintf
/* the rigmarole around kstrtoll() here is to accommodate its
* warn-unused-result attribute.
*
* also needed to suppress inclusion of stdlib.h in
* wolfssl/wolfcrypt/types.h.
*/
#define XATOI(s) ({ \
long long _xatoi_res = 0; \
int _xatoi_ret = kstrtoll(s, 10, &_xatoi_res); \
if (_xatoi_ret != 0) { \
_xatoi_res = 0; \
} \
(int)_xatoi_res; \
})
#ifdef BUILDING_WOLFSSL
#if defined(CONFIG_MIPS) && defined(HAVE_LINUXKM_PIE_SUPPORT)
/* __ZBOOT__ disables some unhelpful macros around the mem*() funcs in
* legacy arch/mips/include/asm/string.h
*/
#define __ZBOOT__
#define memcmp __builtin_memcmp
#define __ARCH_MEMCMP_NO_REDIRECT
#define __ARCH_MEMCPY_NO_REDIRECT
#define __builtin_memcpy memcpy
extern void *memcpy(void *dest, const void *src, unsigned int n);
#define __ARCH_MEMCPY_NO_REDIRECT
#define __builtin_memset memset
extern void *memset(void *dest, int c, unsigned int n);
#endif
_Pragma("GCC diagnostic push");
/* we include all the needed kernel headers with these masked out. else
* there are profuse warnings.
*/
_Pragma("GCC diagnostic ignored \"-Wunused-parameter\"");
_Pragma("GCC diagnostic ignored \"-Wpointer-arith\"");
_Pragma("GCC diagnostic ignored \"-Wshadow\"");
_Pragma("GCC diagnostic ignored \"-Wnested-externs\"");
_Pragma("GCC diagnostic ignored \"-Wredundant-decls\"");
_Pragma("GCC diagnostic ignored \"-Wsign-compare\"");
_Pragma("GCC diagnostic ignored \"-Wpointer-sign\"");
_Pragma("GCC diagnostic ignored \"-Wbad-function-cast\"");
_Pragma("GCC diagnostic ignored \"-Wdiscarded-qualifiers\"");
_Pragma("GCC diagnostic ignored \"-Wtype-limits\"");
_Pragma("GCC diagnostic ignored \"-Wswitch-enum\"");
#include <linux/kconfig.h>
#include <linux/kernel.h>
#include <linux/version.h>
#include <linux/ctype.h>
#include <linux/init.h>
#include <linux/module.h>
#ifdef __PIE__
/* without this, mm.h brings in static, but not inline, pmd_to_page(),
* with direct references to global vmem variables.
*/
#undef USE_SPLIT_PMD_PTLOCKS
#define USE_SPLIT_PMD_PTLOCKS 0
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 1, 0)
/* without this, static show_free_areas() mm.h brings in direct
* reference to unexported __show_free_areas().
*/
#define __show_free_areas my__show_free_areas
#endif
#endif
#include <linux/mm.h>
#ifndef SINGLE_THREADED
#include <linux/kthread.h>
#endif
#include <linux/net.h>
#include <linux/slab.h>
#if defined(WOLFSSL_AESNI) || defined(USE_INTEL_SPEEDUP) || defined(WOLFSSL_SP_X86_64_ASM)
#ifndef CONFIG_X86
#error X86 SIMD extensions requested, but CONFIG_X86 is not set.
#endif
#define WOLFSSL_LINUXKM_SIMD
#define WOLFSSL_LINUXKM_SIMD_X86
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
#include <asm/i387.h>
#else
#include <asm/simd.h>
#endif
#ifdef LINUXKM_SIMD_IRQ
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 0, 0)
#include <asm/fpu/internal.h>
#endif
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 16, 0)
#error LINUXKM_SIMD_IRQ is unavailable on linux >= 5.16 (missing exports around fpregs)
/*
* #include <asm/fpu/sched.h>
* #include <asm/fpu/signal.h>
*/
#endif
#endif
#ifndef SAVE_VECTOR_REGISTERS
#define SAVE_VECTOR_REGISTERS(fail_clause) { int _svr_ret = save_vector_registers_x86(); if (_svr_ret != 0) { fail_clause } }
#endif
#ifndef RESTORE_VECTOR_REGISTERS
#define RESTORE_VECTOR_REGISTERS() restore_vector_registers_x86()
#endif
#elif defined(WOLFSSL_ARMASM) || defined(WOLFSSL_SP_ARM32_ASM) || \
defined(WOLFSSL_SP_ARM64_ASM) || defined(WOLFSSL_SP_ARM_THUMB_ASM) ||\
defined(WOLFSSL_SP_ARM_CORTEX_M_ASM)
#if !defined(CONFIG_ARM) && !defined(CONFIG_ARM64)
#error ARM SIMD extensions requested, but CONFIG_ARM* is not set.
#endif
#define WOLFSSL_LINUXKM_SIMD
#define WOLFSSL_LINUXKM_SIMD_ARM
#include <asm/fpsimd.h>
#ifndef SAVE_VECTOR_REGISTERS
#define SAVE_VECTOR_REGISTERS(fail_clause) { int _svr_ret = save_vector_registers_arm(); if (_svr_ret != 0) { fail_clause } }
#endif
#ifndef RESTORE_VECTOR_REGISTERS
#define RESTORE_VECTOR_REGISTERS() restore_vector_registers_arm()
#endif
#ifdef LINUXKM_SIMD_IRQ
#error LINUXKM_SIMD_IRQ is unavailable on ARM (not implemented)
#endif
#else
#ifndef WOLFSSL_NO_ASM
#define WOLFSSL_NO_ASM
#endif
#endif
_Pragma("GCC diagnostic pop");
/* the kernel uses -std=c89, but not -pedantic, and makes full use of anon
* structs/unions, so we should too.
*/
#define HAVE_ANONYMOUS_INLINE_AGGREGATES 1
#define NO_THREAD_LS
#define NO_ATTRIBUTE_CONSTRUCTOR
/* kvmalloc()/kvfree() and friends added in linux commit a7c3e901 */
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0)
#define HAVE_KVMALLOC
#endif
#ifdef HAVE_FIPS
extern int wolfCrypt_FIPS_first(void);
extern int wolfCrypt_FIPS_last(void);
#endif
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS)
/* work around backward dependency of asn.c on ssl.c. */
struct Signer;
struct Signer *GetCA(void *signers, unsigned char *hash);
#ifndef NO_SKID
struct Signer *GetCAByName(void* signers, unsigned char *hash);
#endif
#endif
#if defined(__PIE__) && !defined(USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE)
#error "compiling -fPIE without PIE support."
#endif
#if defined(HAVE_FIPS) && !defined(HAVE_LINUXKM_PIE_SUPPORT)
#error "FIPS build requires PIE support."
#endif
#ifdef USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE
#ifdef CONFIG_MIPS
#undef __ARCH_MEMCMP_NO_REDIRECT
#undef memcmp
extern int memcmp(const void *s1, const void *s2, size_t n);
#endif
struct wolfssl_linuxkm_pie_redirect_table {
#ifndef __ARCH_MEMCMP_NO_REDIRECT
typeof(memcmp) *memcmp;
#endif
#ifndef __ARCH_MEMCPY_NO_REDIRECT
typeof(memcpy) *memcpy;
#endif
#ifndef __ARCH_MEMSET_NO_REDIRECT
typeof(memset) *memset;
#endif
#ifndef __ARCH_MEMMOVE_NO_REDIRECT
typeof(memmove) *memmove;
#endif
#ifndef __ARCH_STRCMP_NO_REDIRECT
typeof(strcmp) *strcmp;
#endif
#ifndef __ARCH_STRNCMP_NO_REDIRECT
typeof(strncmp) *strncmp;
#endif
#ifndef __ARCH_STRCASECMP_NO_REDIRECT
typeof(strcasecmp) *strcasecmp;
#endif
#ifndef __ARCH_STRNCASECMP_NO_REDIRECT
typeof(strncasecmp) *strncasecmp;
#endif
#ifndef __ARCH_STRLEN_NO_REDIRECT
typeof(strlen) *strlen;
#endif
#ifndef __ARCH_STRSTR_NO_REDIRECT
typeof(strstr) *strstr;
#endif
#ifndef __ARCH_STRNCPY_NO_REDIRECT
typeof(strncpy) *strncpy;
#endif
#ifndef __ARCH_STRNCAT_NO_REDIRECT
typeof(strncat) *strncat;
#endif
typeof(kstrtoll) *kstrtoll;
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 15, 0)
typeof(_printk) *_printk;
#else
typeof(printk) *printk;
#endif
typeof(snprintf) *snprintf;
const unsigned char *_ctype;
typeof(kmalloc) *kmalloc;
typeof(kfree) *kfree;
typeof(ksize) *ksize;
typeof(krealloc) *krealloc;
#ifdef HAVE_KVMALLOC
typeof(kvmalloc_node) *kvmalloc_node;
typeof(kvfree) *kvfree;
#endif
typeof(is_vmalloc_addr) *is_vmalloc_addr;
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 1, 0)
typeof(kmalloc_trace) *kmalloc_trace;
#else
typeof(kmem_cache_alloc_trace) *kmem_cache_alloc_trace;
typeof(kmalloc_order_trace) *kmalloc_order_trace;
#endif
typeof(get_random_bytes) *get_random_bytes;
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
typeof(getnstimeofday) *getnstimeofday;
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0)
typeof(current_kernel_time64) *current_kernel_time64;
#else
typeof(ktime_get_coarse_real_ts64) *ktime_get_coarse_real_ts64;
#endif
struct task_struct *(*get_current)(void);
int (*preempt_count)(void);
#ifdef WOLFSSL_LINUXKM_SIMD_X86
typeof(irq_fpu_usable) *irq_fpu_usable;
/* kernel_fpu_begin() replaced by kernel_fpu_begin_mask() in commit e4512289,
* released in kernel 5.11, backported to 5.4.93
*/
#ifdef kernel_fpu_begin
typeof(kernel_fpu_begin_mask) *kernel_fpu_begin_mask;
#else
typeof(kernel_fpu_begin) *kernel_fpu_begin;
#endif
typeof(kernel_fpu_end) *kernel_fpu_end;
#ifdef LINUXKM_SIMD_IRQ
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
typeof(copy_fpregs_to_fpstate) *copy_fpregs_to_fpstate;
typeof(copy_kernel_to_fpregs) *copy_kernel_to_fpregs;
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
typeof(save_fpregs_to_fpstate) *save_fpregs_to_fpstate;
typeof(__restore_fpregs_from_fpstate) *__restore_fpregs_from_fpstate;
typeof(xfeatures_mask_all) *xfeatures_mask_all;
/*
* #else
* typeof(save_fpregs_to_fpstate) *save_fpregs_to_fpstate;
* typeof(restore_fpregs_from_fpstate) *restore_fpregs_from_fpstate;
* typeof(fpu_kernel_cfg) *fpu_kernel_cfg;
*/
#endif
#endif
typeof(cpu_number) *cpu_number;
typeof(nr_cpu_ids) *nr_cpu_ids;
#endif /* WOLFSSL_LINUXKM_SIMD_X86 */
typeof(__mutex_init) *__mutex_init;
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
typeof(mutex_lock_nested) *mutex_lock_nested;
#else
typeof(mutex_lock) *mutex_lock;
#endif
typeof(mutex_unlock) *mutex_unlock;
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
typeof(mutex_destroy) *mutex_destroy;
#endif
#ifdef HAVE_FIPS
typeof(wolfCrypt_FIPS_first) *wolfCrypt_FIPS_first;
typeof(wolfCrypt_FIPS_last) *wolfCrypt_FIPS_last;
#endif
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS)
typeof(GetCA) *GetCA;
#ifndef NO_SKID
typeof(GetCAByName) *GetCAByName;
#endif
#endif
const void *_last_slot;
};
extern const struct wolfssl_linuxkm_pie_redirect_table *wolfssl_linuxkm_get_pie_redirect_table(void);
#ifdef __PIE__
#ifndef __ARCH_MEMCMP_NO_REDIRECT
#define memcmp (wolfssl_linuxkm_get_pie_redirect_table()->memcmp)
#endif
#ifndef __ARCH_MEMCPY_NO_REDIRECT
#define memcpy (wolfssl_linuxkm_get_pie_redirect_table()->memcpy)
#endif
#ifndef __ARCH_MEMSET_NO_REDIRECT
#define memset (wolfssl_linuxkm_get_pie_redirect_table()->memset)
#endif
#ifndef __ARCH_MEMMOVE_NO_REDIRECT
#define memmove (wolfssl_linuxkm_get_pie_redirect_table()->memmove)
#endif
#ifndef __ARCH_STRCMP_NO_REDIRECT
#define strcmp (wolfssl_linuxkm_get_pie_redirect_table()->strcmp)
#endif
#ifndef __ARCH_STRNCMP_NO_REDIRECT
#define strncmp (wolfssl_linuxkm_get_pie_redirect_table()->strncmp)
#endif
#ifndef __ARCH_STRCASECMP_NO_REDIRECT
#define strcasecmp (wolfssl_linuxkm_get_pie_redirect_table()->strcasecmp)
#endif
#ifndef __ARCH_STRNCASECMP_NO_REDIRECT
#define strncasecmp (wolfssl_linuxkm_get_pie_redirect_table()->strncasecmp)
#endif
#ifndef __ARCH_STRLEN_NO_REDIRECT
#define strlen (wolfssl_linuxkm_get_pie_redirect_table()->strlen)
#endif
#ifndef __ARCH_STRSTR_NO_REDIRECT
#define strstr (wolfssl_linuxkm_get_pie_redirect_table()->strstr)
#endif
#ifndef __ARCH_STRNCPY_NO_REDIRECT
#define strncpy (wolfssl_linuxkm_get_pie_redirect_table()->strncpy)
#endif
#ifndef __ARCH_STRNCAT_NO_REDIRECT
#define strncat (wolfssl_linuxkm_get_pie_redirect_table()->strncat)
#endif
#define kstrtoll (wolfssl_linuxkm_get_pie_redirect_table()->kstrtoll)
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 15, 0)
#define _printk (wolfssl_linuxkm_get_pie_redirect_table()->_printk)
#else
#define printk (wolfssl_linuxkm_get_pie_redirect_table()->printk)
#endif
#define snprintf (wolfssl_linuxkm_get_pie_redirect_table()->snprintf)
#define _ctype (wolfssl_linuxkm_get_pie_redirect_table()->_ctype)
#define kmalloc (wolfssl_linuxkm_get_pie_redirect_table()->kmalloc)
#define kfree (wolfssl_linuxkm_get_pie_redirect_table()->kfree)
#define ksize (wolfssl_linuxkm_get_pie_redirect_table()->ksize)
#define krealloc (wolfssl_linuxkm_get_pie_redirect_table()->krealloc)
#define kzalloc(size, flags) kmalloc(size, (flags) | __GFP_ZERO)
#ifdef HAVE_KVMALLOC
#define kvmalloc_node (wolfssl_linuxkm_get_pie_redirect_table()->kvmalloc_node)
#define kvfree (wolfssl_linuxkm_get_pie_redirect_table()->kvfree)
#endif
#define is_vmalloc_addr (wolfssl_linuxkm_get_pie_redirect_table()->is_vmalloc_addr)
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 1, 0)
#define kmalloc_trace (wolfssl_linuxkm_get_pie_redirect_table()->kmalloc_trace)
#else
#define kmem_cache_alloc_trace (wolfssl_linuxkm_get_pie_redirect_table()->kmem_cache_alloc_trace)
#define kmalloc_order_trace (wolfssl_linuxkm_get_pie_redirect_table()->kmalloc_order_trace)
#endif
#define get_random_bytes (wolfssl_linuxkm_get_pie_redirect_table()->get_random_bytes)
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
#define getnstimeofday (wolfssl_linuxkm_get_pie_redirect_table()->getnstimeofday)
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0)
#define current_kernel_time64 (wolfssl_linuxkm_get_pie_redirect_table()->current_kernel_time64)
#else
#define ktime_get_coarse_real_ts64 (wolfssl_linuxkm_get_pie_redirect_table()->ktime_get_coarse_real_ts64)
#endif
#undef get_current
#define get_current (wolfssl_linuxkm_get_pie_redirect_table()->get_current)
#undef preempt_count
#define preempt_count (wolfssl_linuxkm_get_pie_redirect_table()->preempt_count)
#ifdef WOLFSSL_LINUXKM_SIMD_X86
#define irq_fpu_usable (wolfssl_linuxkm_get_pie_redirect_table()->irq_fpu_usable)
#ifdef kernel_fpu_begin
#define kernel_fpu_begin_mask (wolfssl_linuxkm_get_pie_redirect_table()->kernel_fpu_begin_mask)
#else
#define kernel_fpu_begin (wolfssl_linuxkm_get_pie_redirect_table()->kernel_fpu_begin)
#endif
#define kernel_fpu_end (wolfssl_linuxkm_get_pie_redirect_table()->kernel_fpu_end)
#ifdef LINUXKM_SIMD_IRQ
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
#define copy_fpregs_to_fpstate (wolfssl_linuxkm_get_pie_redirect_table()->copy_fpregs_to_fpstate)
#define copy_kernel_to_fpregs (wolfssl_linuxkm_get_pie_redirect_table()->copy_kernel_to_fpregs)
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
#define save_fpregs_to_fpstate (wolfssl_linuxkm_get_pie_redirect_table()->save_fpregs_to_fpstate)
#define __restore_fpregs_from_fpstate (wolfssl_linuxkm_get_pie_redirect_table()->__restore_fpregs_from_fpstate)
#define xfeatures_mask_all (*(wolfssl_linuxkm_get_pie_redirect_table()->xfeatures_mask_all))
/*
* #else
* #define save_fpregs_to_fpstate (wolfssl_linuxkm_get_pie_redirect_table()->save_fpregs_to_fpstate)
* #define restore_fpregs_from_fpstate (wolfssl_linuxkm_get_pie_redirect_table()->restore_fpregs_from_fpstate)
* #define fpu_kernel_cfg (*(wolfssl_linuxkm_get_pie_redirect_table()->fpu_kernel_cfg))
*/
#endif
#endif
#define cpu_number (*(wolfssl_linuxkm_get_pie_redirect_table()->cpu_number))
#define nr_cpu_ids (*(wolfssl_linuxkm_get_pie_redirect_table()->nr_cpu_ids))
#endif
#define __mutex_init (wolfssl_linuxkm_get_pie_redirect_table()->__mutex_init)
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
#define mutex_lock_nested (wolfssl_linuxkm_get_pie_redirect_table()->mutex_lock_nested)
#else
#define mutex_lock (wolfssl_linuxkm_get_pie_redirect_table()->mutex_lock)
#endif
#define mutex_unlock (wolfssl_linuxkm_get_pie_redirect_table()->mutex_unlock)
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
#define mutex_destroy (wolfssl_linuxkm_get_pie_redirect_table()->mutex_destroy)
#endif
/* per linux/ctype.h, tolower() and toupper() are macros bound to static inlines
* that use macros that bring in the _ctype global. for __PIE__, this needs to
* be masked out.
*/
#undef tolower
#undef toupper
#define tolower(c) (islower(c) ? (c) : ((c) + ('a'-'A')))
#define toupper(c) (isupper(c) ? (c) : ((c) - ('a'-'A')))
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS)
#define GetCA (wolfssl_linuxkm_get_pie_redirect_table()->GetCA)
#ifndef NO_SKID
#define GetCAByName (wolfssl_linuxkm_get_pie_redirect_table()->GetCAByName)
#endif
#endif
#endif /* __PIE__ */
#endif /* USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE */
#ifdef WOLFSSL_LINUXKM_SIMD
#ifdef WOLFSSL_LINUXKM_SIMD_X86
extern __must_check int allocate_wolfcrypt_linuxkm_fpu_states(void);
extern void free_wolfcrypt_linuxkm_fpu_states(void);
extern __must_check int save_vector_registers_x86(void);
extern void restore_vector_registers_x86(void);
#elif defined(CONFIG_ARM) || defined(CONFIG_ARM64)
#error kernel module ARM SIMD is not yet tested or usable.
static WARN_UNUSED_RESULT inline int save_vector_registers_arm(void)
{
preempt_disable();
if (! may_use_simd()) {
preempt_enable();
return BAD_STATE_E;
} else {
fpsimd_preserve_current_state();
return 0;
}
}
static inline void restore_vector_registers_arm(void)
{
fpsimd_restore_current_state();
preempt_enable();
}
#endif
#endif /* WOLFSSL_LINUXKM_SIMD */
/* remove this multifariously conflicting macro, picked up from
* Linux arch/<arch>/include/asm/current.h.
*/
#ifndef WOLFSSL_NEED_LINUX_CURRENT
#undef current
#endif
/* prevent gcc's mm_malloc.h from being included, since it unconditionally
* includes stdlib.h, which is kernel-incompatible.
*/
#define _MM_MALLOC_H_INCLUDED
#ifdef HAVE_KVMALLOC
#define malloc(x) kvmalloc_node(x, GFP_KERNEL, NUMA_NO_NODE)
#define free(x) kvfree(x)
void *lkm_realloc(void *ptr, size_t newsize);
#define realloc(x, y) lkm_realloc(x, y)
#else
#define malloc(x) kmalloc(x, GFP_KERNEL)
#define free(x) kfree(x)
#define realloc(x,y) krealloc(x, y, GFP_KERNEL)
#endif
/* min() and max() in linux/kernel.h over-aggressively type-check, producing
* myriad spurious -Werrors throughout the codebase.
*/
#undef min
#undef max
/* work around namespace conflict between wolfssl/internal.h (enum HandShakeType)
* and linux/key.h (extern int()).
*/
#define key_update wc_key_update
#define lkm_printf(format, args...) printk(KERN_INFO "wolfssl: %s(): " format, __func__, ## args)
#define printf(...) lkm_printf(__VA_ARGS__)
#ifdef HAVE_FIPS
extern void fipsEntry(void);
#endif
/* suppress false-positive "writing 1 byte into a region of size 0" warnings
* building old kernels with new gcc:
*/
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
_Pragma("GCC diagnostic ignored \"-Wstringop-overflow\"");
#endif
/* includes are all above, with incompatible warnings masked out. */
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 5, 0)
typedef __kernel_time_t time_t;
#else
typedef __kernel_time64_t time_t;
#endif
extern time_t time(time_t * timer);
#define XTIME time
#define WOLFSSL_GMTIME
#define XGMTIME(c, t) gmtime(c)
#define NO_TIMEVAL 1
#endif /* BUILDING_WOLFSSL */
/* if BUILDING_WOLFSSL, mutex.h will have already been included recursively
* above, with the bevy of warnings suppressed, and the below include will
* be a redundant no-op.
*/
#include <linux/mutex.h>
typedef struct mutex wolfSSL_Mutex;
#define XMALLOC(s, h, t) ({(void)(h); (void)(t); kmalloc(s, GFP_KERNEL);})
#define XFREE(p, h, t) ({void* _xp; (void)(h); _xp = (p); if(_xp) kfree(_xp);})
#define XREALLOC(p, n, h, t) ({(void)(h); (void)(t); krealloc((p), (n), GFP_KERNEL);})
#include <linux/limits.h>
/* Linux headers define these using C expressions, but we need
* them to be evaluable by the preprocessor, for use in sp_int.h.
*/
#if BITS_PER_LONG == 64
_Static_assert(sizeof(ULONG_MAX) == 8,
"BITS_PER_LONG is 64, but ULONG_MAX is not.");
#undef UCHAR_MAX
#define UCHAR_MAX 255
#undef USHRT_MAX
#define USHRT_MAX 65535
#undef UINT_MAX
#define UINT_MAX 4294967295U
#undef ULONG_MAX
#define ULONG_MAX 18446744073709551615UL
#undef ULLONG_MAX
#define ULLONG_MAX ULONG_MAX
#undef INT_MAX
#define INT_MAX 2147483647
#undef LONG_MAX
#define LONG_MAX 9223372036854775807L
#undef LLONG_MAX
#define LLONG_MAX LONG_MAX
#elif BITS_PER_LONG == 32
_Static_assert(sizeof(ULONG_MAX) == 4,
"BITS_PER_LONG is 32, but ULONG_MAX is not.");
#undef UCHAR_MAX
#define UCHAR_MAX 255
#undef USHRT_MAX
#define USHRT_MAX 65535
#undef UINT_MAX
#define UINT_MAX 4294967295U
#undef ULONG_MAX
#define ULONG_MAX 4294967295UL
#undef INT_MAX
#define INT_MAX 2147483647
#undef LONG_MAX
#define LONG_MAX 2147483647L
#undef ULLONG_MAX
#undef LLONG_MAX
#if BITS_PER_LONG_LONG == 64
#define ULLONG_MAX 18446744073709551615UL
#define LLONG_MAX 9223372036854775807L
#else
#undef NO_64BIT
#define NO_64BIT
#define ULLONG_MAX ULONG_MAX
#define LLONG_MAX LONG_MAX
#endif
#else
#error unexpected BITS_PER_LONG value.
#endif
#endif /* LINUXKM_WC_PORT_H */

185
android/extern/wolfssl/linuxkm/module_exports.c.template vendored Normal file
View File

@@ -0,0 +1,185 @@
/* module_exports.c.template -- static preamble for dynamically generated
* module_exports.c (see Kbuild)
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#ifdef HAVE_FIPS
#define FIPS_NO_WRAPPERS
#endif
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifndef WOLFCRYPT_ONLY
#include <wolfssl/ssl.h>
#include <wolfssl/internal.h>
#endif
#ifndef NO_CRYPT_TEST
#include <wolfcrypt/test/test.h>
#include <linux/delay.h>
#endif
#ifndef EXPORT_SYMBOL_NS
#define EXPORT_SYMBOL_NS(sym, ns) EXPORT_SYMBOL(sym)
#endif
#ifndef EXPORT_SYMBOL_NS_GPL
#define EXPORT_SYMBOL_NS_GPL(sym, ns) EXPORT_SYMBOL_GPL(sym)
#endif
#include <wolfssl/wolfcrypt/memory.h>
#include <wolfssl/wolfcrypt/wc_port.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/wolfcrypt/asn.h>
#include <wolfssl/wolfcrypt/md2.h>
#include <wolfssl/wolfcrypt/md5.h>
#include <wolfssl/wolfcrypt/md4.h>
#include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/sha256.h>
#include <wolfssl/wolfcrypt/sha512.h>
#ifdef WOLFSSL_SIPHASH
#include <wolfssl/wolfcrypt/siphash.h>
#endif
#include <wolfssl/wolfcrypt/arc4.h>
#if defined(WC_NO_RNG)
#include <wolfssl/wolfcrypt/integer.h>
#else
#include <wolfssl/wolfcrypt/random.h>
#endif
#include <wolfssl/wolfcrypt/coding.h>
#include <wolfssl/wolfcrypt/signature.h>
#include <wolfssl/wolfcrypt/rsa.h>
#include <wolfssl/wolfcrypt/des3.h>
#include <wolfssl/wolfcrypt/aes.h>
#include <wolfssl/wolfcrypt/wc_encrypt.h>
#include <wolfssl/wolfcrypt/cmac.h>
#include <wolfssl/wolfcrypt/poly1305.h>
#include <wolfssl/wolfcrypt/camellia.h>
#include <wolfssl/wolfcrypt/hmac.h>
#include <wolfssl/wolfcrypt/dh.h>
#include <wolfssl/wolfcrypt/dsa.h>
#include <wolfssl/wolfcrypt/srp.h>
#include <wolfssl/wolfcrypt/chacha.h>
#include <wolfssl/wolfcrypt/chacha20_poly1305.h>
#include <wolfssl/wolfcrypt/pwdbased.h>
#include <wolfssl/wolfcrypt/ripemd.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifdef HAVE_ECC
#include <wolfssl/wolfcrypt/ecc.h>
#endif
#ifdef HAVE_CURVE25519
#include <wolfssl/wolfcrypt/curve25519.h>
#endif
#ifdef HAVE_ED25519
#include <wolfssl/wolfcrypt/ed25519.h>
#endif
#ifdef HAVE_CURVE448
#include <wolfssl/wolfcrypt/curve448.h>
#endif
#ifdef HAVE_ED448
#include <wolfssl/wolfcrypt/ed448.h>
#endif
#if defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S)
#include <wolfssl/wolfcrypt/blake2.h>
#endif
#ifdef WOLFSSL_SHA3
#include <wolfssl/wolfcrypt/sha3.h>
#endif
#ifdef HAVE_LIBZ
#include <wolfssl/wolfcrypt/compress.h>
#endif
#ifdef HAVE_PKCS7
#include <wolfssl/wolfcrypt/pkcs7.h>
#endif
#ifdef HAVE_PKCS12
#include <wolfssl/wolfcrypt/pkcs12.h>
#endif
#ifdef HAVE_FIPS
#include <wolfssl/wolfcrypt/fips.h>
#include <wolfssl/wolfcrypt/fips_test.h>
#endif
#ifdef HAVE_SELFTEST
#include <wolfssl/wolfcrypt/selftest.h>
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
#include <wolfssl/wolfcrypt/logging.h>
#endif
#ifdef WOLFSSL_IMX6_CAAM_BLOB
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
#endif
#ifdef WOLF_CRYPTO_CB
#include <wolfssl/wolfcrypt/cryptocb.h>
#ifdef HAVE_INTEL_QA_SYNC
#include <wolfssl/wolfcrypt/port/intel/quickassist_sync.h>
#endif
#ifdef HAVE_CAVIUM_OCTEON_SYNC
#include <wolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h>
#endif
#endif
#ifndef NO_KDF
#include <wolfssl/wolfcrypt/kdf.h>
#endif
#ifdef OPENSSL_EXTRA
#ifndef WOLFCRYPT_ONLY
#include <wolfssl/openssl/evp.h>
#endif
#include <wolfssl/openssl/rand.h>
#include <wolfssl/openssl/hmac.h>
#include <wolfssl/openssl/aes.h>
#include <wolfssl/openssl/des.h>
#endif
#if defined(NO_FILESYSTEM)
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \
!defined(USE_CERT_BUFFERS_3072) && !defined(USE_CERT_BUFFERS_4096)
#define USE_CERT_BUFFERS_2048
#endif
#if !defined(USE_CERT_BUFFERS_256)
#define USE_CERT_BUFFERS_256
#endif
#endif
#if defined(WOLFSSL_CERT_GEN) && (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES))
#define ENABLE_ECC384_CERT_GEN_TEST
#endif
#include <wolfssl/certs_test.h>
#ifdef OPENSSL_EXTRA
#include <wolfssl/openssl/x509_vfy.h>
#include <wolfssl/openssl/buffer.h>
#include <wolfssl/openssl/ec25519.h>
#include <wolfssl/openssl/ed25519.h>
#include <wolfssl/openssl/ec448.h>
#include <wolfssl/openssl/ed448.h>
#include <wolfssl/openssl/ecdsa.h>
#include <wolfssl/openssl/ecdh.h>
#include <wolfssl/openssl/pem.h>
#endif

702
android/extern/wolfssl/linuxkm/module_hooks.c vendored Normal file
View File

@@ -0,0 +1,702 @@
/* module_hooks.c -- module load/unload hooks for libwolfssl.ko
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_LICENSE
#define WOLFSSL_LICENSE "GPL v2"
#endif
#define FIPS_NO_WRAPPERS
#define WOLFSSL_NEED_LINUX_CURRENT
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifdef WOLFCRYPT_ONLY
#include <wolfssl/version.h>
#else
#include <wolfssl/ssl.h>
#endif
#ifdef HAVE_FIPS
#include <wolfssl/wolfcrypt/fips_test.h>
#endif
#ifndef NO_CRYPT_TEST
#include <wolfcrypt/test/test.h>
#include <linux/delay.h>
#endif
static int libwolfssl_cleanup(void) {
int ret;
#ifdef WOLFCRYPT_ONLY
ret = wolfCrypt_Cleanup();
if (ret != 0)
pr_err("wolfCrypt_Cleanup() failed: %s\n", wc_GetErrorString(ret));
else
pr_info("wolfCrypt " LIBWOLFSSL_VERSION_STRING " cleanup complete.\n");
#else
ret = wolfSSL_Cleanup();
if (ret != WOLFSSL_SUCCESS)
pr_err("wolfSSL_Cleanup() failed: %s\n", wc_GetErrorString(ret));
else
pr_info("wolfSSL " LIBWOLFSSL_VERSION_STRING " cleanup complete.\n");
#endif
return ret;
}
#ifdef HAVE_LINUXKM_PIE_SUPPORT
extern int wolfCrypt_PIE_first_function(void);
extern int wolfCrypt_PIE_last_function(void);
extern const unsigned int wolfCrypt_PIE_rodata_start[];
extern const unsigned int wolfCrypt_PIE_rodata_end[];
/* cheap portable ad-hoc hash function to confirm bitwise stability of the PIE
* binary image.
*/
static unsigned int hash_span(char *start, char *end) {
unsigned int sum = 1;
while (start < end) {
unsigned int rotate_by;
sum ^= *start++;
rotate_by = (sum ^ (sum >> 5)) & 31;
sum = (sum << rotate_by) | (sum >> (32 - rotate_by));
}
return sum;
}
#ifdef USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE
extern struct wolfssl_linuxkm_pie_redirect_table wolfssl_linuxkm_pie_redirect_table;
static int set_up_wolfssl_linuxkm_pie_redirect_table(void);
#endif /* USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE */
#endif /* HAVE_LINUXKM_PIE_SUPPORT */
#ifdef HAVE_FIPS
static void lkmFipsCb(int ok, int err, const char* hash)
{
if ((! ok) || (err != 0))
pr_err("libwolfssl FIPS error: %s\n", wc_GetErrorString(err));
if (err == IN_CORE_FIPS_E) {
pr_err("In-core integrity hash check failure.\n"
"Update verifyCore[] in fips_test.c with new hash \"%s\" and rebuild.\n",
hash ? hash : "<null>");
}
}
#endif
#ifdef WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE
#ifndef CONFIG_MODULE_SIG
#error WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE requires a CONFIG_MODULE_SIG kernel.
#endif
static int updateFipsHash(void);
#endif
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 0, 0)
static int __init wolfssl_init(void)
#else
static int wolfssl_init(void)
#endif
{
int ret;
#ifdef WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE
if (THIS_MODULE->sig_ok == false) {
pr_err("wolfSSL module load aborted -- bad or missing module signature with FIPS dynamic hash.\n");
return -ECANCELED;
}
ret = updateFipsHash();
if (ret < 0) {
pr_err("wolfSSL module load aborted -- updateFipsHash: %s\n",wc_GetErrorString(ret));
return -ECANCELED;
}
#endif
#ifdef USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE
ret = set_up_wolfssl_linuxkm_pie_redirect_table();
if (ret < 0)
return ret;
#endif
#ifdef HAVE_LINUXKM_PIE_SUPPORT
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 5, 0)
#define THIS_MODULE_BASE (THIS_MODULE->core_layout.base)
#define THIS_MODULE_TEXT_SIZE (THIS_MODULE->core_layout.text_size)
#define THIS_MODULE_RO_SIZE (THIS_MODULE->core_layout.ro_size)
#else
#define THIS_MODULE_BASE (THIS_MODULE->module_core)
#define THIS_MODULE_TEXT_SIZE (THIS_MODULE->core_text_size)
#define THIS_MODULE_RO_SIZE (THIS_MODULE->core_ro_size)
#endif
{
char *pie_text_start = (char *)wolfCrypt_PIE_first_function;
char *pie_text_end = (char *)wolfCrypt_PIE_last_function;
char *pie_rodata_start = (char *)wolfCrypt_PIE_rodata_start;
char *pie_rodata_end = (char *)wolfCrypt_PIE_rodata_end;
unsigned int text_hash, rodata_hash;
if ((pie_text_start < pie_text_end) &&
(pie_text_start >= (char *)THIS_MODULE_BASE) &&
(pie_text_end - (char *)THIS_MODULE_BASE <= THIS_MODULE_TEXT_SIZE))
{
text_hash = hash_span(pie_text_start, pie_text_end);
} else {
pr_info("out-of-bounds PIE fenceposts! pie_text_start=%px pie_text_end=%px (span=%lu)"
" core_layout.base=%px text_end=%px\n",
pie_text_start,
pie_text_end,
pie_text_end-pie_text_start,
THIS_MODULE_BASE,
(char *)THIS_MODULE_BASE + THIS_MODULE_TEXT_SIZE);
text_hash = 0;
}
if ((pie_rodata_start < pie_rodata_end) && // cppcheck-suppress comparePointers
(pie_rodata_start >= (char *)THIS_MODULE_BASE + THIS_MODULE_TEXT_SIZE) &&
(pie_rodata_end - (char *)THIS_MODULE_BASE <= THIS_MODULE_RO_SIZE))
{
rodata_hash = hash_span(pie_rodata_start, pie_rodata_end);
} else {
pr_info("out-of-bounds PIE fenceposts! pie_rodata_start=%px pie_rodata_end=%px (span=%lu)"
" core_layout.base+core_layout.text_size=%px rodata_end=%px\n",
pie_rodata_start,
pie_rodata_end,
pie_rodata_end-pie_rodata_start,
(char *)THIS_MODULE_BASE + THIS_MODULE_TEXT_SIZE,
(char *)THIS_MODULE_BASE + THIS_MODULE_RO_SIZE);
rodata_hash = 0;
}
/* note, "%pK" conceals the actual layout information. "%px" exposes
* the true module start address, which is potentially useful to an
* attacker.
*/
pr_info("wolfCrypt container hashes (spans): %x (%lu) %x (%lu), module base %pK\n",
text_hash, pie_text_end-pie_text_start,
rodata_hash, pie_rodata_end-pie_rodata_start,
THIS_MODULE_BASE);
}
#endif /* HAVE_LINUXKM_PIE_SUPPORT */
#ifdef HAVE_FIPS
ret = wolfCrypt_SetCb_fips(lkmFipsCb);
if (ret != 0) {
pr_err("wolfCrypt_SetCb_fips() failed: %s\n", wc_GetErrorString(ret));
return -ECANCELED;
}
fipsEntry();
ret = wolfCrypt_GetStatus_fips();
if (ret != 0) {
pr_err("wolfCrypt_GetStatus_fips() failed: %s\n", wc_GetErrorString(ret));
if (ret == IN_CORE_FIPS_E) {
const char *newhash = wolfCrypt_GetCoreHash_fips();
pr_err("Update verifyCore[] in fips_test.c with new hash \"%s\" and rebuild.\n",
newhash ? newhash : "<null>");
}
return -ECANCELED;
}
pr_info("wolfCrypt FIPS ["
#if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION == 3)
"ready"
#elif defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION == 2) \
&& defined(WOLFCRYPT_FIPS_RAND)
"140-2 rand"
#elif defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION == 2)
"140-2"
#else
"140"
#endif
"] POST succeeded.\n");
#endif /* HAVE_FIPS */
#ifdef WOLFCRYPT_ONLY
ret = wolfCrypt_Init();
if (ret != 0) {
pr_err("wolfCrypt_Init() failed: %s\n", wc_GetErrorString(ret));
return -ECANCELED;
}
#else
ret = wolfSSL_Init();
if (ret != WOLFSSL_SUCCESS) {
pr_err("wolfSSL_Init() failed: %s\n", wc_GetErrorString(ret));
return -ECANCELED;
}
#endif
#ifndef NO_CRYPT_TEST
#ifdef WC_RNG_SEED_CB
ret = wc_SetSeed_Cb(wc_GenerateSeed);
if (ret == 0)
#endif
{
ret = wolfcrypt_test(NULL);
}
if (ret < 0) {
pr_err("wolfcrypt self-test failed with return code %d.\n", ret);
(void)libwolfssl_cleanup();
msleep(10);
return -ECANCELED;
}
pr_info("wolfCrypt self-test passed.\n");
#endif
#ifdef WOLFCRYPT_ONLY
pr_info("wolfCrypt " LIBWOLFSSL_VERSION_STRING " loaded%s"
".\nSee https://www.wolfssl.com/ for more information.\n"
"wolfCrypt Copyright (C) 2006-present wolfSSL Inc. Licensed under " WOLFSSL_LICENSE ".\n",
#ifdef CONFIG_MODULE_SIG
THIS_MODULE->sig_ok ? " with valid module signature" : " without valid module signature"
#else
""
#endif
);
#else
pr_info("wolfSSL " LIBWOLFSSL_VERSION_STRING " loaded%s"
".\nSee https://www.wolfssl.com/ for more information.\n"
"wolfSSL Copyright (C) 2006-present wolfSSL Inc. Licensed under " WOLFSSL_LICENSE ".\n",
#ifdef CONFIG_MODULE_SIG
THIS_MODULE->sig_ok ? " with valid module signature" : " without valid module signature"
#else
""
#endif
);
#endif
return 0;
}
module_init(wolfssl_init);
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 0, 0)
static void __exit wolfssl_exit(void)
#else
static void wolfssl_exit(void)
#endif
{
(void)libwolfssl_cleanup();
return;
}
module_exit(wolfssl_exit);
MODULE_LICENSE(WOLFSSL_LICENSE);
MODULE_AUTHOR("https://www.wolfssl.com/");
MODULE_DESCRIPTION("libwolfssl cryptographic and protocol facilities");
MODULE_VERSION(LIBWOLFSSL_VERSION_STRING);
#ifdef USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE
/* get_current() is an inline or macro, depending on the target -- sidestep the whole issue with a wrapper func. */
static struct task_struct *my_get_current_thread(void) {
return get_current();
}
/* ditto for preempt_count(). */
static int my_preempt_count(void) {
return preempt_count();
}
#if defined(WOLFSSL_LINUXKM_SIMD_X86) && (LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0))
static int my_copy_fpregs_to_fpstate(struct fpu *fpu) {
return copy_fpregs_to_fpstate(fpu);
}
static void my_copy_kernel_to_fpregs(union fpregs_state *fpstate) {
copy_kernel_to_fpregs(fpstate);
}
#endif
static int set_up_wolfssl_linuxkm_pie_redirect_table(void) {
memset(
&wolfssl_linuxkm_pie_redirect_table,
0,
sizeof wolfssl_linuxkm_pie_redirect_table);
#ifndef __ARCH_MEMCMP_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.memcmp = memcmp;
#endif
#ifndef __ARCH_MEMCPY_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.memcpy = memcpy;
#endif
#ifndef __ARCH_MEMSET_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.memset = memset;
#endif
#ifndef __ARCH_MEMMOVE_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.memmove = memmove;
#endif
#ifndef __ARCH_STRCMP_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.strcmp = strcmp;
#endif
#ifndef __ARCH_STRNCMP_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.strncmp = strncmp;
#endif
#ifndef __ARCH_STRCASECMP_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.strcasecmp = strcasecmp;
#endif
#ifndef __ARCH_STRNCASECMP_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.strncasecmp = strncasecmp;
#endif
#ifndef __ARCH_STRLEN_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.strlen = strlen;
#endif
#ifndef __ARCH_STRSTR_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.strstr = strstr;
#endif
#ifndef __ARCH_STRNCPY_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.strncpy = strncpy;
#endif
#ifndef __ARCH_STRNCAT_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.strncat = strncat;
#endif
wolfssl_linuxkm_pie_redirect_table.kstrtoll = kstrtoll;
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 15, 0)
wolfssl_linuxkm_pie_redirect_table._printk = _printk;
#else
wolfssl_linuxkm_pie_redirect_table.printk = printk;
#endif
wolfssl_linuxkm_pie_redirect_table.snprintf = snprintf;
wolfssl_linuxkm_pie_redirect_table._ctype = _ctype;
wolfssl_linuxkm_pie_redirect_table.kmalloc = kmalloc;
wolfssl_linuxkm_pie_redirect_table.kfree = kfree;
wolfssl_linuxkm_pie_redirect_table.ksize = ksize;
wolfssl_linuxkm_pie_redirect_table.krealloc = krealloc;
#ifdef HAVE_KVMALLOC
wolfssl_linuxkm_pie_redirect_table.kvmalloc_node = kvmalloc_node;
wolfssl_linuxkm_pie_redirect_table.kvfree = kvfree;
#endif
wolfssl_linuxkm_pie_redirect_table.is_vmalloc_addr = is_vmalloc_addr;
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 1, 0)
wolfssl_linuxkm_pie_redirect_table.kmalloc_trace =
kmalloc_trace;
#else
wolfssl_linuxkm_pie_redirect_table.kmem_cache_alloc_trace =
kmem_cache_alloc_trace;
wolfssl_linuxkm_pie_redirect_table.kmalloc_order_trace =
kmalloc_order_trace;
#endif
wolfssl_linuxkm_pie_redirect_table.get_random_bytes = get_random_bytes;
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
wolfssl_linuxkm_pie_redirect_table.getnstimeofday =
getnstimeofday;
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0)
wolfssl_linuxkm_pie_redirect_table.current_kernel_time64 =
current_kernel_time64;
#else
wolfssl_linuxkm_pie_redirect_table.ktime_get_coarse_real_ts64 =
ktime_get_coarse_real_ts64;
#endif
wolfssl_linuxkm_pie_redirect_table.get_current = my_get_current_thread;
wolfssl_linuxkm_pie_redirect_table.preempt_count = my_preempt_count;
#ifdef WOLFSSL_LINUXKM_SIMD_X86
wolfssl_linuxkm_pie_redirect_table.irq_fpu_usable = irq_fpu_usable;
#ifdef kernel_fpu_begin
wolfssl_linuxkm_pie_redirect_table.kernel_fpu_begin_mask =
kernel_fpu_begin_mask;
#else
wolfssl_linuxkm_pie_redirect_table.kernel_fpu_begin =
kernel_fpu_begin;
#endif
wolfssl_linuxkm_pie_redirect_table.kernel_fpu_end = kernel_fpu_end;
#ifdef LINUXKM_SIMD_IRQ
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
wolfssl_linuxkm_pie_redirect_table.copy_fpregs_to_fpstate = my_copy_fpregs_to_fpstate;
wolfssl_linuxkm_pie_redirect_table.copy_kernel_to_fpregs = my_copy_kernel_to_fpregs;
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
wolfssl_linuxkm_pie_redirect_table.save_fpregs_to_fpstate = save_fpregs_to_fpstate;
wolfssl_linuxkm_pie_redirect_table.__restore_fpregs_from_fpstate = __restore_fpregs_from_fpstate;
wolfssl_linuxkm_pie_redirect_table.xfeatures_mask_all = &xfeatures_mask_all;
/*
* #else
* wolfssl_linuxkm_pie_redirect_table.save_fpregs_to_fpstate = save_fpregs_to_fpstate;
* wolfssl_linuxkm_pie_redirect_table.restore_fpregs_from_fpstate = restore_fpregs_from_fpstate;
* wolfssl_linuxkm_pie_redirect_table.fpu_kernel_cfg = &fpu_kernel_cfg;
*/
#endif
#endif
wolfssl_linuxkm_pie_redirect_table.cpu_number = &cpu_number;
wolfssl_linuxkm_pie_redirect_table.nr_cpu_ids = &nr_cpu_ids;
#endif
wolfssl_linuxkm_pie_redirect_table.__mutex_init = __mutex_init;
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
wolfssl_linuxkm_pie_redirect_table.mutex_lock_nested = mutex_lock_nested;
#else
wolfssl_linuxkm_pie_redirect_table.mutex_lock = mutex_lock;
#endif
wolfssl_linuxkm_pie_redirect_table.mutex_unlock = mutex_unlock;
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
wolfssl_linuxkm_pie_redirect_table.mutex_destroy = mutex_destroy;
#endif
#ifdef HAVE_FIPS
wolfssl_linuxkm_pie_redirect_table.wolfCrypt_FIPS_first =
wolfCrypt_FIPS_first;
wolfssl_linuxkm_pie_redirect_table.wolfCrypt_FIPS_last =
wolfCrypt_FIPS_last;
#endif
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS)
wolfssl_linuxkm_pie_redirect_table.GetCA = GetCA;
#ifndef NO_SKID
wolfssl_linuxkm_pie_redirect_table.GetCAByName = GetCAByName;
#endif
#endif
/* runtime assert that the table has no null slots after initialization. */
{
unsigned long *i;
for (i = (unsigned long *)&wolfssl_linuxkm_pie_redirect_table;
i < (unsigned long *)&wolfssl_linuxkm_pie_redirect_table._last_slot;
++i)
if (*i == 0) {
pr_err("wolfCrypt container redirect table initialization was incomplete.\n");
return -EFAULT;
}
}
return 0;
}
#endif /* USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE */
#ifdef WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE
#include <wolfssl/wolfcrypt/coding.h>
PRAGMA_GCC_DIAG_PUSH;
PRAGMA_GCC("GCC diagnostic ignored \"-Wnested-externs\"");
PRAGMA_GCC("GCC diagnostic ignored \"-Wpointer-arith\"");
#include <crypto/hash.h>
PRAGMA_GCC_DIAG_POP;
extern char verifyCore[WC_SHA256_DIGEST_SIZE*2 + 1];
extern const char coreKey[WC_SHA256_DIGEST_SIZE*2 + 1];
extern const unsigned int wolfCrypt_FIPS_ro_start[];
extern const unsigned int wolfCrypt_FIPS_ro_end[];
#define FIPS_IN_CORE_KEY_SZ 32
#define FIPS_IN_CORE_VERIFY_SZ FIPS_IN_CORE_KEY_SZ
typedef int (*fips_address_function)(void);
#define MAX_FIPS_DATA_SZ 100000
#define MAX_FIPS_CODE_SZ 1000000
extern int GenBase16_Hash(const byte* in, int length, char* out, int outSz);
static int updateFipsHash(void)
{
struct crypto_shash *tfm = NULL;
struct shash_desc *desc = NULL;
word32 verifySz = FIPS_IN_CORE_VERIFY_SZ;
word32 binCoreSz = FIPS_IN_CORE_KEY_SZ;
int ret;
byte *hash = NULL;
char *base16_hash = NULL;
byte *binCoreKey = NULL;
byte *binVerify = NULL;
fips_address_function first = wolfCrypt_FIPS_first;
fips_address_function last = wolfCrypt_FIPS_last;
char* start = (char*)wolfCrypt_FIPS_ro_start;
char* end = (char*)wolfCrypt_FIPS_ro_end;
unsigned long code_sz = (unsigned long)last - (unsigned long)first;
unsigned long data_sz = (unsigned long)end - (unsigned long)start;
if (data_sz == 0 || data_sz > MAX_FIPS_DATA_SZ)
return BAD_FUNC_ARG; /* bad fips data size */
if (code_sz == 0 || code_sz > MAX_FIPS_CODE_SZ)
return BAD_FUNC_ARG; /* bad fips code size */
hash = XMALLOC(WC_SHA256_DIGEST_SIZE, 0, DYNAMIC_TYPE_TMP_BUFFER);
if (hash == NULL) {
ret = MEMORY_E;
goto out;
}
base16_hash = XMALLOC(WC_SHA256_DIGEST_SIZE*2 + 1, 0, DYNAMIC_TYPE_TMP_BUFFER);
if (base16_hash == NULL) {
ret = MEMORY_E;
goto out;
}
binCoreKey = XMALLOC(binCoreSz, 0, DYNAMIC_TYPE_TMP_BUFFER);
if (binCoreKey == NULL) {
ret = MEMORY_E;
goto out;
}
binVerify = XMALLOC(verifySz, 0, DYNAMIC_TYPE_TMP_BUFFER);
if (binVerify == NULL) {
ret = MEMORY_E;
goto out;
}
{
word32 base16_out_len = binCoreSz;
ret = Base16_Decode((const byte *)coreKey, sizeof coreKey - 1, binCoreKey, &base16_out_len);
if (ret != 0) {
pr_err("Base16_Decode for coreKey: %s\n", wc_GetErrorString(ret));
goto out;
}
if (base16_out_len != binCoreSz) {
pr_err("unexpected output length %u for coreKey from Base16_Decode.\n",base16_out_len);
ret = BAD_STATE_E;
goto out;
}
}
tfm = crypto_alloc_shash("hmac(sha256)", 0, 0);
if (IS_ERR(tfm)) {
if (PTR_ERR(tfm) == -ENOMEM) {
pr_err("crypto_alloc_shash failed: out of memory\n");
ret = MEMORY_E;
} else if (PTR_ERR(tfm) == -ENOENT) {
pr_err("crypto_alloc_shash failed: kernel is missing hmac(sha256) implementation\n");
pr_err("check for CONFIG_CRYPTO_SHA256 and CONFIG_CRYPTO_HMAC.\n");
ret = NOT_COMPILED_IN;
} else {
pr_err("crypto_alloc_shash failed with ret %ld\n",PTR_ERR(tfm));
ret = HASH_TYPE_E;
}
tfm = NULL;
goto out;
}
{
size_t desc_size = crypto_shash_descsize(tfm) + sizeof *desc;
desc = XMALLOC(desc_size, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (desc == NULL) {
pr_err("failed allocating desc.");
ret = MEMORY_E;
goto out;
}
XMEMSET(desc, 0, desc_size);
}
ret = crypto_shash_setkey(tfm, binCoreKey, binCoreSz);
if (ret) {
pr_err("crypto_ahash_setkey failed: err %d\n", ret);
ret = BAD_STATE_E;
goto out;
}
desc->tfm = tfm;
ret = crypto_shash_init(desc);
if (ret) {
pr_err("crypto_shash_init failed: err %d\n", ret);
ret = BAD_STATE_E;
goto out;
}
ret = crypto_shash_update(desc, (byte *)(wc_ptr_t)first, (word32)code_sz);
if (ret) {
pr_err("crypto_shash_update failed: err %d\n", ret);
ret = BAD_STATE_E;
goto out;
}
/* don't hash verifyCore or changing verifyCore will change hash */
if (verifyCore >= start && verifyCore < end) {
data_sz = (unsigned long)verifyCore - (unsigned long)start;
ret = crypto_shash_update(desc, (byte*)start, (word32)data_sz);
if (ret) {
pr_err("crypto_shash_update failed: err %d\n", ret);
ret = BAD_STATE_E;
goto out;
}
start = (char*)verifyCore + sizeof(verifyCore);
data_sz = (unsigned long)end - (unsigned long)start;
}
ret = crypto_shash_update(desc, (byte*)start, (word32)data_sz);
if (ret) {
pr_err("crypto_shash_update failed: err %d\n", ret);
ret = BAD_STATE_E;
goto out;
}
ret = crypto_shash_final(desc, hash);
if (ret) {
pr_err("crypto_shash_final failed: err %d\n", ret);
ret = BAD_STATE_E;
goto out;
}
ret = GenBase16_Hash(hash, WC_SHA256_DIGEST_SIZE, base16_hash, WC_SHA256_DIGEST_SIZE*2 + 1);
if (ret != 0) {
pr_err("GenBase16_Hash failed: %s\n", wc_GetErrorString(ret));
goto out;
}
{
word32 base16_out_len = verifySz;
ret = Base16_Decode((const byte *)verifyCore, sizeof verifyCore - 1, binVerify, &base16_out_len);
if (ret != 0) {
pr_err("Base16_Decode for verifyCore: %s\n", wc_GetErrorString(ret));
goto out;
}
if (base16_out_len != binCoreSz) {
pr_err("unexpected output length %u for verifyCore from Base16_Decode.\n",base16_out_len);
ret = BAD_STATE_E;
goto out;
}
}
if (XMEMCMP(hash, binVerify, WC_SHA256_DIGEST_SIZE) == 0)
pr_info("updateFipsHash: verifyCore already matches.\n");
else {
XMEMCPY(verifyCore, base16_hash, WC_SHA256_DIGEST_SIZE*2 + 1);
pr_info("updateFipsHash: verifyCore updated.\n");
}
ret = 0;
out:
if (tfm != NULL)
crypto_free_shash(tfm);
if (desc != NULL)
XFREE(desc, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (hash != NULL)
XFREE(hash, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (base16_hash != NULL)
XFREE(base16_hash, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (binCoreKey != NULL)
XFREE(binCoreKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (binVerify != NULL)
XFREE(binVerify, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
#endif /* WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE */

42
android/extern/wolfssl/linuxkm/pie_first.c vendored Normal file
View File

@@ -0,0 +1,42 @@
/* linuxkm/pie_first.c -- memory fenceposts for checking binary image stability
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef __PIE__
#error pie_first.c must be compiled -fPIE.
#endif
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/ssl.h>
int wolfCrypt_PIE_first_function(void);
int wolfCrypt_PIE_first_function(void) {
return 0;
}
const unsigned int wolfCrypt_PIE_rodata_start[];
const unsigned int wolfCrypt_PIE_rodata_start[] =
/* random values, analogous to wolfCrypt_FIPS_ro_{start,end} */
{ 0x8208f9ca, 0x9daf4ac9 };

42
android/extern/wolfssl/linuxkm/pie_last.c vendored Normal file
View File

@@ -0,0 +1,42 @@
/* linuxkm/pie_last.c -- memory fenceposts for checking binary image stability
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef __PIE__
#error pie_last.c must be compiled -fPIE.
#endif
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/ssl.h>
int wolfCrypt_PIE_last_function(void);
int wolfCrypt_PIE_last_function(void) {
return 1;
}
const unsigned int wolfCrypt_PIE_rodata_end[];
const unsigned int wolfCrypt_PIE_rodata_end[] =
/* random values, analogous to wolfCrypt_FIPS_ro_{start,end} */
{ 0xa4aaaf71, 0x55c4b7d0 };

76
android/extern/wolfssl/linuxkm/pie_redirect_table.c vendored Normal file
View File

@@ -0,0 +1,76 @@
/* pie_redirect_table.c -- module load/unload hooks for libwolfssl.ko
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef __PIE__
#error pie_redirect_table.c must be compiled -fPIE.
#endif
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/ssl.h>
/* compiling -fPIE results in references to the GOT or equivalent thereof, which remain after linking
* even if all other symbols are resolved by the link. naturally there is no
* GOT in the kernel, and the wolfssl Kbuild script explicitly checks that no
* GOT relocations occur in the PIE objects, but we still need to include a
* dummy value here, scoped to the module, to eliminate the otherwise unresolved
* symbol.
*/
#if defined(CONFIG_X86)
extern void * const _GLOBAL_OFFSET_TABLE_;
void * const _GLOBAL_OFFSET_TABLE_ = 0;
#elif defined(CONFIG_MIPS)
extern void * const _gp_disp;
void * const _gp_disp = 0;
#endif
struct wolfssl_linuxkm_pie_redirect_table wolfssl_linuxkm_pie_redirect_table;
const struct wolfssl_linuxkm_pie_redirect_table
*wolfssl_linuxkm_get_pie_redirect_table(void) {
return &wolfssl_linuxkm_pie_redirect_table;
}
/* placeholder implementations for missing functions. */
#if defined(CONFIG_MIPS)
#undef memcpy
void *memcpy(void *dest, const void *src, size_t n) {
char *dest_i = (char *)dest;
char *dest_end = dest_i + n;
char *src_i = (char *)src;
while (dest_i < dest_end)
*dest_i++ = *src_i++;
return dest;
}
#undef memset
void *memset(void *dest, int c, size_t n) {
char *dest_i = (char *)dest;
char *dest_end = dest_i + n;
while (dest_i < dest_end)
*dest_i++ = c;
return dest;
}
#endif