diff --git a/.codespellexcludelines b/.codespellexcludelines index f55aca32cc..3539a60743 100644 --- a/.codespellexcludelines +++ b/.codespellexcludelines @@ -16,3 +16,5 @@ rsource "Kconfig.tls-generic" \pagenumbering{alph} DES3_KEY_SIZE = 24, /* 3 des ede */ /* functions added to support above needed, removed TOOM and KARATSUBA */ +#include + * extern global version from /usr/src/sys/sys/systm.h */ diff --git a/.gitignore b/.gitignore index 2b91e077ed..e360baa56e 100644 --- a/.gitignore +++ b/.gitignore @@ -249,6 +249,12 @@ linuxkm/linuxkm linuxkm/src linuxkm/patches/src *.nds +bsdkm/export_syms +bsdkm/i386 +bsdkm/libwolfssl.ko +bsdkm/machine +bsdkm/opt_global.h +bsdkm/x86 # autotools generated scripts/unit.test diff --git a/.wolfssl_known_macro_extras b/.wolfssl_known_macro_extras index 1c7ed51d21..d551906e20 100644 --- a/.wolfssl_known_macro_extras +++ b/.wolfssl_known_macro_extras @@ -35,6 +35,7 @@ BASE64_NO_TABLE BLAKE2B_SELFTEST BLAKE2S_SELFTEST BLOCKING +BSDKM_EXPORT_SYMS BSP_DEFAULT_IO_CHANNEL_DEFINED BSP_LED_0 BSP_LED_1 @@ -305,6 +306,7 @@ INTIMEVER IOTSAFE_NO_GETDATA IOTSAFE_SIG_8BIT_LENGTH KCAPI_USE_XMALLOC +KERNEL_ROOT K_SERIES LIBWOLFSSL_VERSION_GIT_BRANCH LIBWOLFSSL_VERSION_GIT_HASH diff --git a/Makefile.am b/Makefile.am index 3fa8367598..6fb1ac054b 100644 --- a/Makefile.am +++ b/Makefile.am @@ -179,6 +179,7 @@ include sslSniffer/sslSnifferTest/include.am include debian/include.am include rpm/include.am include linuxkm/include.am +include bsdkm/include.am include zephyr/include.am include RTOS/nuttx/include.am @@ -220,7 +221,7 @@ if BUILD_LINUXKM CFLAGS_FPU_DISABLE CFLAGS_FPU_ENABLE CFLAGS_SIMD_DISABLE CFLAGS_SIMD_ENABLE \ CFLAGS_AUTO_VECTORIZE_DISABLE CFLAGS_AUTO_VECTORIZE_ENABLE \ ASFLAGS_FPU_DISABLE_SIMD_ENABLE ASFLAGS_FPU_ENABLE_SIMD_DISABLE \ - ASFLAGS_FPUSIMD_DISABLE ASFLAGS_FPUSIMD_ENABLE ENABLED_LINUXKM_BENCHMARKS + ASFLAGS_FPUSIMD_DISABLE ASFLAGS_FPUSIMD_ENABLE ENABLED_KERNEL_BENCHMARKS module: +$(MAKE) -C linuxkm libwolfssl.ko @@ -236,6 +237,20 @@ install_module modules_install: endif +if BUILD_BSDKM + SUBDIRS_OPT += bsdkm + DIST_SUBDIRS_OPT += bsdkm + +.MAKE.EXPORTED = build_triplet host_triplet CC AS LD \ + KERNEL_ROOT BSDKM_EXPORT_SYMS KERNEL_EXTRA_CFLAGS \ + EXTRA_CFLAGS EXTRA_CPPFLAGS EXTRA_CCASFLAGS EXTRA_LDFLAGS \ + AM_CPPFLAGS CPPFLAGS AM_CFLAGS CFLAGS \ + AM_CCASFLAGS CCASFLAGS \ + src_libwolfssl_la_OBJECTS ENABLED_CRYPT_TESTS + +endif + + if USE_VALGRIND TESTS_ENVIRONMENT=./valgrind-error.sh endif diff --git a/bsdkm/Makefile b/bsdkm/Makefile new file mode 100644 index 0000000000..46ff5ea392 --- /dev/null +++ b/bsdkm/Makefile @@ -0,0 +1,50 @@ +# wolfssl kernel module name and source, and root dir. +KMOD=libwolfssl +SRCS=wolfkmod.c +WOLFSSL_DIR=../ + +CFLAGS+=-I${WOLFSSL_DIR} +CFLAGS+=-DWOLFSSL_IGNORE_FILE_WARN -DHAVE_CONFIG_H -DNO_MAIN_DRIVER +# debug printing +# CFLAGS+=-DWOLFSSL_BSDKM_VERBOSE_DEBUG +CFLAGS+=$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) + +# FreeBSD make does not support GNU make's patsubst and related. Filter +# through sed instead. +WOLFSSL_OBJS != echo ${src_libwolfssl_la_OBJECTS} | \ + sed 's|src_libwolfssl_la-||g' | sed 's|\.lo|.o|g' | \ + sed 's|wolfcrypt/src/|${WOLFSSL_DIR}/wolfcrypt/src/|g' + +.if ${ENABLED_CRYPT_TESTS} == "yes" + WOLFSSL_OBJS += ${WOLFSSL_DIR}/wolfcrypt/test/test.o +.else + CFLAGS+=-DNO_CRYPT_TEST +.endif + +OBJS += ${WOLFSSL_OBJS} + +# Export no public symbols by default. +.if !defined(BSDKM_EXPORT_SYMS) + EXPORT_SYMS=NO +.else + EXPORT_SYMS=${BSDKM_EXPORT_SYMS} +.endif + +# Default to live kernel src tree makefile at +# /usr/src/sys/conf/kmod.mk +.if !defined(KERNEL_ROOT) + SYSDIR?= /usr/src/sys +.else + SYSDIR?= ${KERNEL_ROOT} +.endif +.include "${SYSDIR}/conf/kmod.mk" + +# Smooth out a few inconsistencies between FreeBSD default compiler flags +# in /usr/src/sys/conf/kern.mk, vs wolfssl harden flags in +# m4/ax_harden_compiler_flags.m4. E.g. some FreeBSD header files shorten +# 64 to 32 bit, and some wolfcrypt functions cast away const. +CFLAGS+= -Wno-unused-function +CFLAGS+= -Wno-cast-qual +CFLAGS+= -Wno-error=cast-qual +CFLAGS+= -Wno-shorten-64-to-32 +CFLAGS+= -DLIBWOLFSSL_GLOBAL_EXTRA_CFLAGS="\" $(KERNEL_EXTRA_CFLAGS)\"" diff --git a/bsdkm/bsdkm_wc_port.h b/bsdkm/bsdkm_wc_port.h new file mode 100644 index 0000000000..ead4a4c975 --- /dev/null +++ b/bsdkm/bsdkm_wc_port.h @@ -0,0 +1,118 @@ +/* bsdkm_wc_port.h + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +/* included by wolfssl/wolfcrypt/wc_port.h */ + +#ifndef BSDKM_WC_PORT_H +#define BSDKM_WC_PORT_H + +#ifdef WOLFSSL_BSDKM + +#include +#include +#include +#include +#if !defined(SINGLE_THREADED) + #include +#endif /* !SINGLE_THREADED */ +#ifndef CHAR_BIT + #include +#endif /* !CHAR_BIT*/ + +/* needed to prevent wolfcrypt/src/asn.c version shadowing + * extern global version from /usr/src/sys/sys/systm.h */ +#define version wc_version + +#define wc_km_printf printf + +/* str and char utility functions */ +#define XATOI(s) ({ \ + char * endptr = NULL; \ + long _xatoi_ret = strtol(s, &endptr, 10); \ + if ((s) == endptr || *endptr != '\0') { \ + _xatoi_ret = 0; \ + } \ + (int)_xatoi_ret; \ + }) + +#if !defined(XMALLOC_OVERRIDE) + #error bsdkm requires XMALLOC_OVERRIDE +#endif /* !XMALLOC_OVERRIDE */ + +/* use malloc and free from /usr/include/sys/malloc.h */ +extern struct malloc_type M_WOLFSSL[1]; + +#define XMALLOC(s, h, t) \ + ({(void)(h); (void)(t); malloc(s, M_WOLFSSL, M_WAITOK | M_ZERO);}) + +#ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK + #define XFREE(p, h, t) \ + ({(void)(h); (void)(t); free(p, M_WOLFSSL);}) +#else + #define XFREE(p, h, t) \ + ({void* _xp; (void)(h); (void)(t); _xp = (p); \ + if(_xp) free(_xp, M_WOLFSSL);}) +#endif + +#if !defined(SINGLE_THREADED) + #define WC_MUTEX_OPS_INLINE + + typedef struct wolfSSL_Mutex { + struct mtx lock; + } wolfSSL_Mutex; + + static __always_inline int wc_InitMutex(wolfSSL_Mutex * m) + { + mtx_init(&m->lock, "wolfssl spinlock", NULL, MTX_SPIN); + return 0; + } + + static __always_inline int wc_FreeMutex(wolfSSL_Mutex * m) + { + mtx_destroy(&m->lock); + return 0; + } + + static __always_inline int wc_LockMutex(wolfSSL_Mutex *m) + { + mtx_lock_spin(&m->lock); + return 0; + } + + static __always_inline int wc_UnLockMutex(wolfSSL_Mutex* m) + { + mtx_unlock_spin(&m->lock); + return 0; + } +#endif /* !SINGLE_THREADED */ + +#if defined(WOLFSSL_HAVE_ATOMIC_H) && !defined(WOLFSSL_NO_ATOMICS) + #include + typedef volatile int wolfSSL_Atomic_Int; + typedef volatile unsigned int wolfSSL_Atomic_Uint; + #define WOLFSSL_ATOMIC_INITIALIZER(x) (x) + #define WOLFSSL_ATOMIC_LOAD(x) (int)atomic_load_acq_int(&(x)) + #define WOLFSSL_ATOMIC_STORE(x, v) atomic_store_rel_int(&(x), (v)) + #define WOLFSSL_ATOMIC_OPS +#endif /* WOLFSSL_HAVE_ATOMIC_H && !WOLFSSL_NO_ATOMICS */ + +#endif /* WOLFSSL_BSDKM */ +#endif /* BSDKM_WC_PORT_H */ diff --git a/bsdkm/include.am b/bsdkm/include.am new file mode 100644 index 0000000000..4dfc4a6364 --- /dev/null +++ b/bsdkm/include.am @@ -0,0 +1,8 @@ +# vim:ft=automake +# included from Top Level Makefile.am +# All paths should be given relative to the root + +EXTRA_DIST += m4/ax_bsdkm.m4 \ + bsdkm/Makefile \ + bsdkm/wolfkmod.c \ + bsdkm/bsdkm_wc_port.h diff --git a/bsdkm/wolfkmod.c b/bsdkm/wolfkmod.c new file mode 100644 index 0000000000..1a22f3328f --- /dev/null +++ b/bsdkm/wolfkmod.c @@ -0,0 +1,186 @@ +/* wolfkmod.c -- wolfssl FreeBSD kernel module. + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#ifdef WOLFSSL_BSDKM + +/* freebsd system includes */ +#include +#include +#include + +/* wolf includes */ +#include +#ifdef WOLFCRYPT_ONLY + #include +#else + #include +#endif +#if !defined(NO_CRYPT_TEST) + #include +#endif + +MALLOC_DEFINE(M_WOLFSSL, "libwolfssl", "wolfSSL kernel memory"); + +static int wolfkmod_init(void); +static int wolfkmod_cleanup(void); +static int wolfkmod_load(void); +static int wolfkmod_unload(void); + +static int wolfkmod_init(void) +{ + int ret = 0; + + #ifdef WOLFCRYPT_ONLY + ret = wolfCrypt_Init(); + if (ret != 0) { + printf("error: wolfCrypt_Init failed: %s\n", wc_GetErrorString(ret)); + return -ECANCELED; + } + #else + ret = wolfSSL_Init(); + if (ret != WOLFSSL_SUCCESS) { + printf("error: wolfSSL_Init failed: %s\n", wc_GetErrorString(ret)); + return -ECANCELED; + } + #endif + + return ret; +} + +static int wolfkmod_cleanup(void) +{ + int ret = 0; + + #ifdef WOLFCRYPT_ONLY + ret = wolfCrypt_Cleanup(); + if (ret != 0) { + printf("error: wolfCrypt_Cleanup failed: %s\n", wc_GetErrorString(ret)); + } + else { + #if defined(WOLFSSL_BSDKM_VERBOSE_DEBUG) + printf("info: wolfCrypt " LIBWOLFSSL_VERSION_STRING " cleanup complete.\n"); + #endif /* WOLFSSL_BSDKM_VERBOSE_DEBUG */ + } + #else + ret = wolfSSL_Cleanup(); + if (ret != WOLFSSL_SUCCESS) { + printf("error: wolfSSL_Cleanup failed: %s\n", wc_GetErrorString(ret)); + } + else { + #if defined(WOLFSSL_BSDKM_VERBOSE_DEBUG) + printf("info: wolfSSL " LIBWOLFSSL_VERSION_STRING " cleanup complete.\n"); + #endif /* WOLFSSL_BSDKM_VERBOSE_DEBUG */ + } + #endif + + return ret; +} + +static int wolfkmod_load(void) +{ + int ret = 0; + + ret = wolfkmod_init(); + if (ret != 0) { + return -ECANCELED; + } + + #ifndef NO_CRYPT_TEST + ret = wolfcrypt_test(NULL); + if (ret != 0) { + printf("error: wolfcrypt test failed with return code: %d\n", ret); + (void)wolfkmod_cleanup(); + return -ECANCELED; + } + else { + #if defined(WOLFSSL_BSDKM_VERBOSE_DEBUG) + printf("wolfCrypt self-test passed.\n"); + #endif /* WOLFSSL_BSDKM_VERBOSE_DEBUG */ + } + #endif /* NO_CRYPT_TEST */ + + /** + * todo: register wolfcrypt algs here with crypto_get_driverid + * and related. + * */ + + if (ret == 0) { + printf("info: libwolfssl loaded\n"); + } + + return ret; +} + +static int wolfkmod_unload(void) +{ + int ret = 0; + + ret = wolfkmod_cleanup(); + + /** + * todo: unregister wolfcrypt algs here with crypto_unregister_all + * and related. + * */ + + if (ret == 0) { + printf("info: libwolfssl unloaded\n"); + } + + return ret; +} + +/* see /usr/include/sys/module.h for more info. */ +static int +wolfkmod_event(struct module * m, int what, void * arg) +{ + int ret = 0; + + switch (what) { + case MOD_LOAD: + ret = wolfkmod_load(); + break; + case MOD_UNLOAD: + ret = wolfkmod_unload(); + break; + case MOD_SHUTDOWN: + case MOD_QUIESCE: + default: + #if defined(WOLFSSL_BSDKM_VERBOSE_DEBUG) + printf("info: not implemented: %d\n", what); + #endif /* WOLFSSL_BSDKM_VERBOSE_DEBUG */ + ret = EOPNOTSUPP; + } + + (void)m; + (void)arg; + + return ret; +} + +static moduledata_t libwolfmod = { + "libwolfssl", /* module name */ + wolfkmod_event, /* module event handler */ + NULL /* extra data, unused */ +}; + +MODULE_VERSION(libwolfssl, 1); +DECLARE_MODULE(libwolfssl, libwolfmod, SI_SUB_DRIVERS, SI_ORDER_MIDDLE); +#endif /* WOLFSSL_BSDKM */ diff --git a/configure.ac b/configure.ac index 5b1f8368e1..f0cb03d04b 100644 --- a/configure.ac +++ b/configure.ac @@ -134,16 +134,28 @@ AC_ARG_ENABLE([linuxkm], AC_ARG_ENABLE([linuxkm-defaults], [AS_HELP_STRING([--enable-linuxkm-defaults],[Enable feature defaults for Linux Kernel Module (default: disabled)])], - [ENABLED_LINUXKM_DEFAULTS=$enableval], - [ENABLED_LINUXKM_DEFAULTS=$ENABLED_LINUXKM] + [KERNEL_MODE_DEFAULTS=$enableval], + [KERNEL_MODE_DEFAULTS=$ENABLED_LINUXKM] ) +# FreeBSD Kernel Module +AC_ARG_ENABLE([freebsdkm], + [AS_HELP_STRING([--enable-freebsdkm],[Enable FreeBSD Kernel Module (default: disabled)])], + [ENABLED_BSDKM=$enableval], + [ENABLED_BSDKM=no] + ) AC_CHECK_HEADERS([arpa/inet.h fcntl.h limits.h netdb.h netinet/in.h stddef.h time.h sys/ioctl.h sys/socket.h sys/time.h errno.h sys/un.h ctype.h sys/random.h]) AC_CHECK_LIB([network],[socket]) AC_C_BIGENDIAN AC_C___ATOMIC -AC_CHECK_HEADER(stdatomic.h, [AM_CPPFLAGS="$AM_CPPFLAGS -DWOLFSSL_HAVE_ATOMIC_H"],[]) +if test "x$ENABLED_BSDKM" = "xyes"; then + # The header should not be included in freebsd kernel build. + # Look for instead. + AC_CHECK_HEADER(machine/atomic.h, [AM_CPPFLAGS="$AM_CPPFLAGS -DWOLFSSL_HAVE_ATOMIC_H"],[]) +else + AC_CHECK_HEADER(stdatomic.h, [AM_CPPFLAGS="$AM_CPPFLAGS -DWOLFSSL_HAVE_ATOMIC_H"],[]) +fi AC_CHECK_HEADER(assert.h, [AM_CPPFLAGS="$AM_CPPFLAGS -DWOLFSSL_HAVE_ASSERT_H"],[]) # check if functions of interest are linkable, but also check if @@ -705,16 +717,16 @@ AC_SUBST([ENABLED_LINUXKM_PIE]) AC_ARG_ENABLE([linuxkm-benchmarks], [AS_HELP_STRING([--enable-linuxkm-benchmarks],[Enable crypto benchmarking autorun at module load time for Linux kernel module (default: disabled)])], - [ENABLED_LINUXKM_BENCHMARKS=$enableval], - [ENABLED_LINUXKM_BENCHMARKS=no] + [ENABLED_KERNEL_BENCHMARKS=$enableval], + [ENABLED_KERNEL_BENCHMARKS=no] ) -if test "$ENABLED_LINUXKM_BENCHMARKS" = "yes" +if test "$ENABLED_KERNEL_BENCHMARKS" = "yes" then AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LINUXKM_BENCHMARKS" fi -AC_SUBST([ENABLED_LINUXKM_BENCHMARKS]) +AC_SUBST([ENABLED_KERNEL_BENCHMARKS]) -if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" +if test "$ENABLED_LINUXKM" = "yes" && test "$KERNEL_MODE_DEFAULTS" = "yes" then AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DH_CONST -DWOLFSSL_SP_MOD_WORD_RP -DWOLFSSL_SP_DIV_64 -DWOLFSSL_SP_DIV_WORD_HALF -DWOLFSSL_SMALL_STACK_STATIC -DWC_SHA3_NO_ASM" if test "$ENABLED_LINUXKM_PIE" = "yes"; then @@ -727,10 +739,20 @@ then DEF_FAST_MATH="no" fi +# +# kernel mode variables. Shared by linuxkm, freebsdkm. +KERNEL_ROOT="" +HAVE_KERNEL_MODE=no + +# Kernel root source tree. +AC_ARG_WITH([kernel-source], + [AS_HELP_STRING([--with-kernel-source=PATH],[PATH to root of kernel build tree])], + [KERNEL_ROOT=$withval]) + +# For backwards compatibility. AC_ARG_WITH([linux-source], [AS_HELP_STRING([--with-linux-source=PATH],[PATH to root of Linux kernel build tree])], - [KERNEL_ROOT=$withval], - [KERNEL_ROOT=""]) + [KERNEL_ROOT=$withval]) AC_ARG_WITH([linux-arch], [AS_HELP_STRING([--with-linux-arch=arch],[built arch (SRCARCH) of Linux kernel build tree])], @@ -739,6 +761,7 @@ AC_ARG_WITH([linux-arch], if test "x$ENABLED_LINUXKM" = "xyes" then + HAVE_KERNEL_MODE=yes # Currently DWARF 5 is the default debug format, but it results in # "Unsupported DW_TAG_atomic_type(0x47): type: 0x1eefc" in some # kernel module builds. @@ -777,6 +800,40 @@ then AM_CFLAGS="$AM_CFLAGS -DNO_DEV_RANDOM -DNO_WRITEV -DNO_STDIO_FILESYSTEM -DWOLFSSL_NO_SOCK -DWOLFSSL_USER_IO" fi +# +# FreeBSD +AC_ARG_WITH([bsd-export-syms], + [AS_HELP_STRING([--with-bsd-export-syms=LIST],[Sets FreeBSD kernel module EXPORT_SYMS. Allowed values: YES, NO, or LIST of symbols to export (default NO).])], + [BSDKM_EXPORT_SYMS=$withval], + [BSDKM_EXPORT_SYMS="NO"]) + +if test "x$ENABLED_BSDKM" = "xyes" +then + # wolfcrypt only, no-asm supported for now. + HAVE_KERNEL_MODE=yes + KERNEL_MODE_DEFAULTS=yes + ENABLED_NO_LIBRARY=yes + ENABLED_BENCHMARK=no + ENABLED_ASM=no + + output_objdir="$(realpath "$output_objdir")/bsdkm" + + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_BSDKM -DWC_SIPHASH_NO_ASM" + AM_CFLAGS="$AM_CFLAGS -DTFM_NO_ASM -DWOLFSSL_NO_ASM" + AM_CFLAGS="$AM_CFLAGS -DNO_DEV_RANDOM -DNO_WRITEV -DNO_STDIO_FILESYSTEM" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_SOCK -DWOLFSSL_USER_IO" + AM_CFLAGS="$AM_CFLAGS -DXMALLOC_OVERRIDE -DWOLFCRYPT_ONLY" + AM_CFLAGS="$AM_CFLAGS -DNO_ASN_TIME" + + if test "$KERNEL_ROOT" = ""; then + AC_PATH_DEFAULT_BSDKM_SOURCE + KERNEL_ROOT="$DEFAULT_BSDKM_ROOT" + fi + AC_SUBST([KERNEL_ROOT]) + AC_SUBST([BSDKM_EXPORT_SYMS]) + +fi +# end FreeBSD configure # MATH LIBRARY SELECTION @@ -805,7 +862,7 @@ AC_ARG_ENABLE([sp-math-all], ) # Single Precision maths (acceleration for common key sizes and curves) -if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" && test "$ENABLED_SP" != "no" && test "$ENABLED_SP_MATH_ALL" = "no" +if test "$KERNEL_MODE_DEFAULTS" = "yes" && test "$ENABLED_SP" != "no" && test "$ENABLED_SP_MATH_ALL" = "no" then ENABLED_SP_MATH_DEFAULT=yes else @@ -835,7 +892,7 @@ fi # enable SP math assembly support automatically for x86_64 and aarch64 (except Linux kernel module) SP_ASM_DEFAULT=no -if test "$ENABLED_SP_MATH" = "yes" && test "$ENABLED_LINUXKM_DEFAULTS" = "no" +if test "$ENABLED_SP_MATH" = "yes" && test "$KERNEL_MODE_DEFAULTS" = "no" then if test "$host_cpu" = "x86_64" || test "$host_cpu" = "aarch64" || test "$host_cpu" = "amd64" then @@ -1058,7 +1115,7 @@ if test "$ENABLED_ALL" = "yes" then test "$enable_all_crypto" = "" && enable_all_crypto=yes - test "$enable_all_osp" = "" && test "$ENABLED_LINUXKM_DEFAULTS" != "yes" && enable_all_osp=yes + test "$enable_all_osp" = "" && test "$KERNEL_MODE_DEFAULTS" != "yes" && enable_all_osp=yes test "$enable_dtls" = "" && enable_dtls=yes test "$enable_dtls_mtu" = "" && enable_dtls_mtu=yes @@ -1085,7 +1142,7 @@ then test "$enable_earlydata" = "" && enable_earlydata=yes test "$enable_rpk" = "" && enable_rpk=yes - if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" + if test "$KERNEL_MODE_DEFAULTS" != "yes" then # Disable QUIC with JNI since incompatible with WOLFSSL_TLS13_MIDDLEBOX_COMPAT test "$enable_quic" = "" && test "$enable_cryptonly" != "yes" && test "$enable_jni" != "yes" && enable_quic=yes @@ -1095,7 +1152,7 @@ then if test "$ENABLED_SP_MATH" != "yes" then # linuxkm is incompatible with opensslextra and its dependents. - if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" + if test "$KERNEL_MODE_DEFAULTS" != "yes" then test "$enable_opensslextra" = "" && enable_opensslextra=yes test "$enable_opensslall" = "" && enable_opensslall=yes @@ -1138,7 +1195,7 @@ AC_ARG_ENABLE([all-osp], if test "$ENABLED_ALL_OSP" = "yes" then - if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" + if test "$KERNEL_MODE_DEFAULTS" = "yes" then AC_MSG_ERROR([--enable-all-osp is incompatible with --enable-linuxkm-defaults]) fi @@ -1202,7 +1259,7 @@ then fi if test "$enable_all_crypto" = "yes" && - test "$ENABLED_LINUXKM_DEFAULTS" = "no" && + test "$KERNEL_MODE_DEFAULTS" = "no" && test "$ENABLED_ASM" != "no" && test "$HAVE_GNUC" = "yes" && test "$enable_sp_asm" != "no" && @@ -1405,7 +1462,7 @@ then test "$enable_aessiv" = "" && enable_aessiv=yes test "$enable_aeseax" = "" && enable_aeseax=yes - if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" + if test "$KERNEL_MODE_DEFAULTS" != "yes" then test "$enable_cryptocb" = "" && enable_cryptocb=yes test "$enable_pkcallbacks" = "" && enable_pkcallbacks=yes @@ -3815,7 +3872,7 @@ then if test "$ENABLED_AESNI" = "yes" || test "$ENABLED_INTELASM" = "yes" then AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AESNI" - if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" + if test "$KERNEL_MODE_DEFAULTS" = "yes" then AM_CFLAGS="$AM_CFLAGS -DWC_C_DYNAMIC_FALLBACK" fi @@ -5760,7 +5817,7 @@ AC_ARG_ENABLE([pwdbased], # MemUse Entropy # wolfEntropy Software Jitter SP800-90B certifiable entropy source -if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" && \ +if test "$KERNEL_MODE_DEFAULTS" = "yes" && \ test "$ENABLED_AMDRDSEED" != "yes" && \ test "$ENABLED_INTELRDRAND" != "yes" && \ test "$ENABLED_INTELRDSEED" != "yes" && \ @@ -6736,7 +6793,7 @@ fi # Filesystem Build -if test "$ENABLED_LINUXKM" = "yes" +if test "$HAVE_KERNEL_MODE" = "yes" then ENABLED_FILESYSTEM_DEFAULT=no else @@ -7443,7 +7500,7 @@ then fi # Small Stack - Cache on object -if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" && (test "$ENABLED_FIPS" = "no" || test "$HAVE_FIPS_VERSION" -ge 6) +if test "$KERNEL_MODE_DEFAULTS" = "yes" && (test "$ENABLED_FIPS" = "no" || test "$HAVE_FIPS_VERSION" -ge 6) then ENABLED_SMALL_STACK_CACHE_DEFAULT=yes else @@ -7461,7 +7518,7 @@ then fi # Small Stack -if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" +if test "$KERNEL_MODE_DEFAULTS" = "yes" then ENABLED_SMALL_STACK_DEFAULT=yes else @@ -8559,7 +8616,7 @@ fi # Enable Examples, used to disable examples -if test "$ENABLED_LINUXKM" = "yes" +if test "$HAVE_KERNEL_MODE" = "yes" then ENABLED_EXAMPLES_DEFAULT=no else @@ -8576,7 +8633,7 @@ AS_IF([test "x$ENABLED_CRYPTONLY" = "xyes"], [ENABLED_EXAMPLES="no"]) # Enable wolfCrypt test and benchmark -if test "$ENABLED_LINUXKM" = "yes" +if test "$HAVE_KERNEL_MODE" = "yes" then ENABLED_CRYPT_TESTS_DEFAULT=no else @@ -10182,12 +10239,12 @@ then ENABLED_OPENSSLEXTRA="yes" fi -if test "$ENABLED_CURVE25519" != "no" && test "$ENABLED_CURVE25519" != "asm" && test "$ENABLED_LINUXKM_DEFAULTS" = "yes" +if test "$ENABLED_CURVE25519" != "no" && test "$ENABLED_CURVE25519" != "asm" && test "$KERNEL_MODE_DEFAULTS" = "yes" then ENABLED_CURVE25519=noasm fi -if test "$ENABLED_ED25519" != "no" && test "$ENABLED_ED25519" != "asm" && test "$ENABLED_LINUXKM_DEFAULTS" = "yes" +if test "$ENABLED_ED25519" != "no" && test "$ENABLED_ED25519" != "asm" && test "$KERNEL_MODE_DEFAULTS" = "yes" then ENABLED_ED25519=noasm fi @@ -11058,6 +11115,8 @@ AM_CONDITIONAL([BUILD_PKCS7],[test "x$ENABLED_PKCS7" = "xyes" || test "x$ENABLED AM_CONDITIONAL([BUILD_SMIME],[test "x$ENABLED_SMIME" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"]) AM_CONDITIONAL([BUILD_HASHFLAGS],[test "x$ENABLED_HASHFLAGS" = "xyes"]) AM_CONDITIONAL([BUILD_LINUXKM],[test "$ENABLED_LINUXKM" = "yes"]) +AM_CONDITIONAL([BUILD_BSDKM],[test "$ENABLED_BSDKM" = "yes"]) +AM_CONDITIONAL([BUILD_KERNEL_MODULE],[test "$ENABLED_BSDKM" = "yes" || test "$ENABLED_LINUXKM" = "yes"]) AM_CONDITIONAL([BUILD_NO_LIBRARY],[test "$ENABLED_NO_LIBRARY" = "yes"]) AM_CONDITIONAL([BUILD_BENCHMARK],[test "$ENABLED_BENCHMARK" = "yes"]) AM_CONDITIONAL([BUILD_RC2],[test "x$ENABLED_RC2" = "xyes"]) @@ -11314,6 +11373,10 @@ echo " * LD Flags: $LDFLAGS" echo " * LIB Flags: $LIB" echo " * Library Suffix: $LIBSUFFIX" +test "$HAVE_KERNEL_MODE" = "yes" && \ +echo " * Kernel mode: $HAVE_KERNEL_MODE" && \ +echo " * Kernel mode defaults: $KERNEL_MODE_DEFAULTS" && \ + test "$ENABLED_LINUXKM" = "yes" && \ echo " * Linux Kernel Build Root: $KERNEL_ROOT" && \ echo " * Linux Kernel Build Arch: $KERNEL_ARCH" && \ @@ -11329,6 +11392,9 @@ echo " * SIMD+FPU disable as flags: $ASFLAGS_FPUSIMD_DISABLE" && \ echo " * SIMD+FPU enable as flags: $ASFLAGS_FPUSIMD_ENABLE" && \ echo " * Linux kernel module PIE: $ENABLED_LINUXKM_PIE" +test "$ENABLED_BSDKM" = "yes" && \ +echo " * FreeBSD Kernel Build Root: $KERNEL_ROOT" + echo " * Debug enabled: $ax_enable_debug" echo " * Coverage enabled: $ax_enable_coverage" echo " * Warnings as failure: $ac_cv_warnings_as_errors" @@ -11563,7 +11629,7 @@ echo " * Small Stack: $ENABLED_SMALL_STACK" echo " * Linux Kernel Module: $ENABLED_LINUXKM" test "$ENABLED_LINUXKM" = "yes" && \ -echo " * Linux kernel module bench: $ENABLED_LINUXKM_BENCHMARKS" && \ +echo " * Linux kernel module bench: $ENABLED_KERNEL_BENCHMARKS" && \ echo " * Linux kernel alg register: $ENABLED_LINUXKM_LKCAPI_REGISTER" echo " * valgrind unit tests: $ENABLED_VALGRIND" diff --git a/linuxkm/Makefile b/linuxkm/Makefile index bc6f5e3b4d..089702ca1a 100644 --- a/linuxkm/Makefile +++ b/linuxkm/Makefile @@ -51,7 +51,7 @@ else WOLFSSL_CFLAGS+=-DNO_CRYPT_TEST endif -ifeq "$(ENABLED_LINUXKM_BENCHMARKS)" "yes" +ifeq "$(ENABLED_KERNEL_BENCHMARKS)" "yes" WOLFSSL_OBJ_FILES+=wolfcrypt/benchmark/benchmark.o endif diff --git a/m4/ax_bsdkm.m4 b/m4/ax_bsdkm.m4 new file mode 100644 index 0000000000..94392e3926 --- /dev/null +++ b/m4/ax_bsdkm.m4 @@ -0,0 +1,31 @@ +# ax_bsdkm.m4 -- macros for getting attributes of default configured kernel +# +# Copyright (C) 2006-2025 wolfSSL Inc. +# +# This file is part of wolfSSL. +# +# wolfSSL is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# wolfSSL is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + +AC_DEFUN([AC_PATH_DEFAULT_BSDKM_SOURCE], +[ +AC_MSG_CHECKING([for default kernel FreeBSD build root]) +if test -d /usr/src/sys/; then + DEFAULT_BSDKM_ROOT=/usr/src/sys/ + AC_MSG_RESULT([$DEFAULT_BSDKM_ROOT]) +else + AC_MSG_RESULT([no default configured kernel found]) +fi +]) + diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index 9a8a939fb8..680c3bc7b2 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -3832,6 +3832,41 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) #endif /* !(HAVE_*_RDSEED && LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT) */ +#elif defined(WOLFSSL_BSDKM) + #include + int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) + { + (void)os; + int ret; + + #ifdef HAVE_ENTROPY_MEMUSE + ret = wc_Entropy_Get(MAX_ENTROPY_BITS, output, sz); + if (ret == 0) { + return 0; + } + #ifdef ENTROPY_MEMUSE_FORCE_FAILURE + /* Don't fallback to /dev/urandom. */ + return ret; + #endif + #endif + + #if defined(HAVE_INTEL_RDSEED) || defined(HAVE_AMD_RDSEED) + if (IS_INTEL_RDSEED(intel_flags)) { + ret = wc_GenerateSeed_IntelRD(NULL, output, sz); + #ifndef FORCE_FAILURE_RDSEED + if (ret == 0) + #endif + { + return ret; + } + } + #endif /* HAVE_INTEL_RDSEED || HAVE_AMD_RDSEED */ + + (void)ret; + + arc4random_buf(output, sz); + return 0; + } #elif defined(WOLFSSL_RENESAS_TSIP) int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c index ce3b1150e3..d37be23705 100644 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -1277,6 +1277,96 @@ char* wc_strdup_ex(const char *src, int memType) { #elif defined(SINGLE_THREADED) +#elif defined(WOLFSSL_BSDKM) +/* Note: using compiler built-ins like __atomic_fetch_add will technically + * build in FreeBSD kernel, but are not commonly used in FreeBSD kernel and + * might not be safe or portable. + * */ +void wolfSSL_Atomic_Int_Init(wolfSSL_Atomic_Int* c, int i) +{ + *c = i; +} + +void wolfSSL_Atomic_Uint_Init(wolfSSL_Atomic_Uint* c, unsigned int i) +{ + *c = i; +} + +int wolfSSL_Atomic_Int_FetchAdd(wolfSSL_Atomic_Int* c, int i) +{ + return atomic_fetchadd_int(c, i); +} + +int wolfSSL_Atomic_Int_FetchSub(wolfSSL_Atomic_Int* c, int i) +{ + return atomic_fetchadd_int(c, -i); +} + +int wolfSSL_Atomic_Int_AddFetch(wolfSSL_Atomic_Int* c, int i) +{ + int val = atomic_fetchadd_int(c, i); + return val + i; +} + +int wolfSSL_Atomic_Int_SubFetch(wolfSSL_Atomic_Int* c, int i) +{ + int val = atomic_fetchadd_int(c, -i); + return val - i; +} + +unsigned int wolfSSL_Atomic_Uint_FetchAdd(wolfSSL_Atomic_Uint* c, + unsigned int i) +{ + return atomic_fetchadd_int(c, i); +} + +unsigned int wolfSSL_Atomic_Uint_FetchSub(wolfSSL_Atomic_Uint* c, + unsigned int i) +{ + return atomic_fetchadd_int(c, -i); +} + +unsigned int wolfSSL_Atomic_Uint_AddFetch(wolfSSL_Atomic_Uint* c, + unsigned int i) +{ + unsigned int val = atomic_fetchadd_int(c, i); + return val + i; +} + +unsigned int wolfSSL_Atomic_Uint_SubFetch(wolfSSL_Atomic_Uint* c, + unsigned int i) +{ + unsigned int val = atomic_fetchadd_int(c, -i); + return val - i; +} + +int wolfSSL_Atomic_Int_CompareExchange(wolfSSL_Atomic_Int* c, int *expected_i, + int new_i) +{ + u_int exp = (u_int) *expected_i; + int ret = atomic_fcmpset_int(c, &exp, new_i); + *expected_i = (int)exp; + return ret; +} + +int wolfSSL_Atomic_Uint_CompareExchange( + wolfSSL_Atomic_Uint* c, unsigned int *expected_i, unsigned int new_i) +{ + u_int exp = (u_int)*expected_i; + int ret = atomic_fcmpset_int(c, &exp, new_i); + *expected_i = (unsigned int)exp; + return ret; +} + +int wolfSSL_Atomic_Ptr_CompareExchange( + void **c, void **expected_ptr, void *new_ptr) +{ + uintptr_t exp = (uintptr_t)*expected_ptr; + int ret = atomic_fcmpset_ptr((uintptr_t *)c, &exp, (uintptr_t)new_ptr); + *expected_ptr = (void *)exp; + return ret; +} + #elif defined(HAVE_C___ATOMIC) && defined(WOLFSSL_HAVE_ATOMIC_H) && \ !defined(__cplusplus) diff --git a/wolfcrypt/test/include.am b/wolfcrypt/test/include.am index 4e059dfa62..8f13876a21 100644 --- a/wolfcrypt/test/include.am +++ b/wolfcrypt/test/include.am @@ -2,7 +2,7 @@ # All paths should be given relative to the root if BUILD_WOLFCRYPT_TESTS -if !BUILD_LINUXKM +if !BUILD_KERNEL_MODULE noinst_PROGRAMS+= wolfcrypt/test/testwolfcrypt if BUILD_CRYPTONLY diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 44581a64dd..ab67d8c1a7 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -302,7 +302,7 @@ static const byte const_byte_array[] = "A+Gd\0\0\0"; #ifdef XPRINTF #undef printf #define printf XPRINTF - #elif !defined(printf) + #elif !defined(printf) && !defined(NO_STDIO_FILESYSTEM) /* arrange for printf() to flush after every message -- this assures * redirected output (to a log file) records progress right up to the * moment of a crash/abort(); otherwise anything queued in stdout would @@ -10439,9 +10439,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des3_test(void) } #endif /* NO_DES3 */ -static const int fiducial1 = WC_TEST_RET_LN; /* source code reference point -- - * see print_fiducials() below. - */ + /* source code reference point -- see print_fiducials() below. */ +static WC_MAYBE_UNUSED const int fiducial1 = WC_TEST_RET_LN; #ifndef NO_AES @@ -20062,6 +20061,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memory_test(void) #endif int int_expected; unsigned int uint_expected; + void * a_ptr = NULL; + void * ptr_expected = NULL; if (WOLFSSL_ATOMIC_LOAD(a_int) != -2) return WC_TEST_RET_ENC_NC; @@ -20132,6 +20133,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memory_test(void) return WC_TEST_RET_ENC_NC; if (WOLFSSL_ATOMIC_LOAD(a_uint) != 7) return WC_TEST_RET_ENC_NC; + + a_ptr = NULL; + ptr_expected = NULL; + if (! wolfSSL_Atomic_Ptr_CompareExchange(&a_ptr, &ptr_expected, &ret)) + return WC_TEST_RET_ENC_NC; + if (a_ptr != &ret) + return WC_TEST_RET_ENC_NC; } return ret; @@ -30100,9 +30108,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t tls13_kdf_test(void) #endif /* WOLFSSL_TLS13 && !NO_HMAC */ -static const int fiducial2 = WC_TEST_RET_LN; /* source code reference point -- - * see print_fiducials() below. - */ + /* source code reference point -- see print_fiducials() below. */ +static WC_MAYBE_UNUSED const int fiducial2 = WC_TEST_RET_LN; #if defined(HAVE_ECC) && defined(HAVE_X963_KDF) @@ -49880,9 +49887,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t lms_test_verify_only(void) #endif #endif /* if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_SMALL_STACK) */ -static const int fiducial3 = WC_TEST_RET_LN; /* source code reference point -- - * see print_fiducials() below. - */ + /* source code reference point -- see print_fiducials() below. */ +static WC_MAYBE_UNUSED const int fiducial3 = WC_TEST_RET_LN; #ifdef WOLFCRYPT_HAVE_ECCSI static wc_test_ret_t eccsi_api_test(WC_RNG* rng, EccsiKey* key, mp_int* ssk, @@ -62831,7 +62837,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_siv_test(void) #undef ERROR_OUT -static const int fiducial4 = WC_TEST_RET_LN; +static WC_MAYBE_UNUSED const int fiducial4 = WC_TEST_RET_LN; /* print the fiducial line numbers assigned above, allowing confirmation of * source code version match when in doubt. diff --git a/wolfssl/wolfcrypt/logging.h b/wolfssl/wolfcrypt/logging.h index fe5adad66c..2738d92565 100644 --- a/wolfssl/wolfcrypt/logging.h +++ b/wolfssl/wolfcrypt/logging.h @@ -480,6 +480,8 @@ WOLFSSL_API void wolfSSL_SetLoggingPrefix(const char* prefix); /* the requisite linux/kernel.h is included in linuxkm_wc_port.h, with * incompatible warnings masked out. */ +#elif defined(WOLFSSL_BSDKM) + /* see bsdkm/bsdkm_wc_port.h for includes and defines. */ #elif defined(FUSION_RTOS) #include #define fprintf FCL_FPRINTF diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 4b2e4e42c7..38e02f00ca 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -3833,6 +3833,108 @@ extern void uITRON4_free(void *p) ; #endif #endif +/* FreeBSD Kernel Module */ +#ifdef WOLFSSL_BSDKM + #define WOLFSSL_KERNEL_MODE + #define WC_TEST_EXPORT_SUBTESTS + #ifdef WOLFSSL_BSDKM_VERBOSE_DEBUG + #define WOLFSSL_KERNEL_VERBOSE_DEBUG + #endif + #ifdef HAVE_CONFIG_H + #include + #undef HAVE_CONFIG_H + #endif + #ifndef NO_ASN_TIME + #define NO_ASN_TIME + #endif + #ifndef NO_DEV_RANDOM + #define NO_DEV_RANDOM + #endif + #ifndef NO_WRITEV + #define NO_WRITEV + #endif + #ifndef NO_FILESYSTEM + #define NO_FILESYSTEM + #endif + #ifndef NO_STDIO_FILESYSTEM + #define NO_STDIO_FILESYSTEM + #endif + #ifndef WOLFSSL_NO_SOCK + #define WOLFSSL_NO_SOCK + #endif + #ifndef WOLFSSL_DH_CONST + #define WOLFSSL_DH_CONST + #endif + #ifndef WOLFSSL_USER_IO + #define WOLFSSL_USER_IO + #endif + #ifndef USE_WOLF_STRTOK + #define USE_WOLF_STRTOK + #endif + #ifndef WOLFSSL_OLD_PRIME_CHECK + #define WOLFSSL_OLD_PRIME_CHECK + #endif + #ifndef WOLFSSL_TEST_SUBROUTINE + #ifndef NO_CRYPT_TEST + #define WOLFSSL_TEST_SUBROUTINE + #else + #define WOLFSSL_TEST_SUBROUTINE static + #endif + #endif + /* bsdkm uses kernel headers, included in bsdkm_wc_port.h. */ + #undef HAVE_PTHREAD + #undef HAVE_STRINGS_H + #undef HAVE_LIMITS_H + #define NO_STRING_H + #define NO_LIMITS_H + #define NO_STDLIB_H + #define NO_STDINT_H + #define NO_CTYPE_H + #undef HAVE_ERRNO_H + #undef HAVE_THREAD_LS + #undef HAVE_ATEXIT + #undef WOLFSSL_HAVE_ASSERT_H + #define WOLFSSL_NO_ASSERT_H + #ifndef WOLFSSL_NO_GETPID + #define WOLFSSL_NO_GETPID + #endif /* WOLFSSL_NO_GETPID */ + #ifndef SIZEOF_LONG + #define SIZEOF_LONG 8 + #endif + #ifndef SIZEOF_LONG_LONG + #define SIZEOF_LONG_LONG 8 + #endif + #ifndef WOLFSSL_SP_DIV_64 + #define WOLFSSL_SP_DIV_64 + #endif + #ifndef WOLFSSL_SP_DIV_WORD_HALF + #define WOLFSSL_SP_DIV_WORD_HALF + #endif + + #ifndef NO_OLD_WC_NAMES + #define NO_OLD_WC_NAMES + #endif + #ifndef NO_OLD_SHA_NAMES + #define NO_OLD_SHA_NAMES + #endif + #ifndef NO_OLD_MD5_NAME + #define NO_OLD_MD5_NAME + #endif + #ifndef OPENSSL_COEXIST + #define OPENSSL_COEXIST + #endif + #ifndef NO_OLD_SSL_NAMES + #define NO_OLD_SSL_NAMES + #endif + + /* FreeBSD kernel defines its own min, max functions in sys/libkern.h */ + #undef WOLFSSL_HAVE_MIN + #define WOLFSSL_HAVE_MIN + + #undef WOLFSSL_HAVE_MAX + #define WOLFSSL_HAVE_MAX +#endif + /* Place any other flags or defines here */ #if defined(WOLFSSL_MYSQL_COMPATIBLE) && defined(_WIN32) \ diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 5eb29d9008..19d8d8b86d 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -727,6 +727,10 @@ enum { /* definitions are in linuxkm/linuxkm_wc_port.h */ +#elif defined(WOLFSSL_BSDKM) + + /* definitions are in bsdkm/bsdkm_wc_port.h */ + #elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \ && !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \ && !defined(FREESCALE_KSDK_MQX) && !defined(FREESCALE_FREE_RTOS) \ @@ -1829,7 +1833,7 @@ WOLFSSL_API word32 CheckRunTimeSettings(void); #define WOLFSSL_THREAD #define INFINITE TX_WAIT_FOREVER #define WAIT_OBJECT_0 TX_NO_WAIT -#elif defined(WOLFSSL_LINUXKM) +#elif defined(WOLFSSL_LINUXKM) || defined(WOLFSSL_BSDKM) typedef unsigned int THREAD_RETURN; typedef size_t THREAD_TYPE; #define WOLFSSL_THREAD diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h index a54d59be7d..3d3d482397 100644 --- a/wolfssl/wolfcrypt/wc_port.h +++ b/wolfssl/wolfcrypt/wc_port.h @@ -60,6 +60,8 @@ #ifdef WOLFSSL_LINUXKM #include "../../linuxkm/linuxkm_wc_port.h" +#elif defined(WOLFSSL_BSDKM) + #include "../../bsdkm/bsdkm_wc_port.h" #endif /* WOLFSSL_LINUXKM */ #ifndef WARN_UNUSED_RESULT @@ -330,8 +332,10 @@ #else #ifndef SINGLE_THREADED #ifndef WOLFSSL_USER_MUTEX - #ifdef WOLFSSL_LINUXKM + #if defined(WOLFSSL_LINUXKM) /* definitions are in linuxkm/linuxkm_wc_port.h */ + #elif defined(WOLFSSL_BSDKM) + /* definitions are in bsdkm/bsdkm_wc_port.h */ #else #define WOLFSSL_PTHREADS #include @@ -453,6 +457,8 @@ /* typedef User_Mutex wolfSSL_Mutex; */ #elif defined(WOLFSSL_LINUXKM) /* definitions are in linuxkm/linuxkm_wc_port.h */ + #elif defined(WOLFSSL_BSDKM) + /* definitions are in bsdkm/bsdkm_wc_port.h */ #elif defined(__WATCOMC__) /* OS/2 */ typedef ULONG wolfSSL_Mutex; @@ -494,6 +500,11 @@ #define WOLFSSL_ATOMIC_LOAD(x) (x) #define WOLFSSL_ATOMIC_STORE(x, val) (x) = (val) #define WOLFSSL_ATOMIC_OPS + #elif defined(WOLFSSL_BSDKM) + /* Note: can be safely included in both linux kernel and + * userspace builds. In FreeBSD kernel however it does nothing and + * should not be included. Use FreeBSD instead. + * definitions are in bsdkm/bsdkm_wc_port.h */ #elif defined(HAVE_C___ATOMIC) && defined(WOLFSSL_HAVE_ATOMIC_H) && \ !defined(__cplusplus) /* Default C Implementation */ @@ -533,7 +544,7 @@ #ifndef WOLFSSL_ATOMIC_OPS #define WOLFSSL_NO_ATOMICS #endif -#endif +#endif /* !WOLFSSL_NO_ATOMICS */ #ifdef WOLFSSL_NO_ATOMICS #define WOLFSSL_ATOMIC_INITIALIZER(x) (x) @@ -1496,11 +1507,14 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void); #define WOLFSSL_GMTIME #define USE_WOLF_TM - #elif defined(WOLFSSL_LINUXKM) /* definitions are in linuxkm/linuxkm_wc_port.h */ +#elif defined(WOLFSSL_BSDKM) + + /* definitions are in bsdkm/bsdkm_wc_port.h */ + #elif defined(HAL_RTC_MODULE_ENABLED) #include WOLFSSL_LOCAL time_t stm32_hal_time(time_t* t1); diff --git a/wolfssl/wolfio.h b/wolfssl/wolfio.h index 7352bab7d8..5931d7b3fa 100644 --- a/wolfssl/wolfio.h +++ b/wolfssl/wolfio.h @@ -143,7 +143,10 @@ #include #include #elif defined(WOLFSSL_LINUXKM) - /* the requisite linux/net.h is included in wc_port.h, with incompatible warnings masked out. */ + /* the requisite linux/net.h is included in wc_port.h, + * with incompatible warnings masked out. */ + #elif defined(WOLFSSL_BSDKM) + /* definitions are in bsdkm/bsdkm_wc_port.h */ #elif defined(WOLFSSL_ATMEL) #include "socket/include/socket.h" #elif defined(INTIME_RTOS)