Skip to content

20251210-linuxkm-get_drbg-local_bh_disable #9519

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ColtonWilley merged 1 commit into from
Dec 11, 2025
Merged

20251210-linuxkm-get_drbg-local_bh_disable #9519

ColtonWilley merged 1 commit into from
Dec 11, 2025

Conversation

@douzzer
Copy link
Contributor

@douzzer douzzer commented Dec 11, 2025

linuxkm/lkcapi_sha_glue.c:

  • in get_drbg(), call local_bh_disable() for the crypto_default_rng, and in put_drbg(), call local_bh_enable() if needed.
  • re-gate migrate_disable() and migrate_enable() so they're called for any SMP kernel >= 5.7, regardless of CONFIG_PREEMPT_COUNT.
  • in get_drbg_n(), if the caller can't sleep, return immediately if the requested DRBG is busy, to avoid priority inversions and deadlocks.

tested with FORCE_BOOT_LOOP_FOREVER=1 wolfssl-multi-test.sh ... linuxkm-fips-v5-strict-dist-insmod-cust-kernel-2 for 101 iterations with dd if=/dev/urandom of=/dev/zero bs=1M count=1200 added to the exercise.

also tested with quantum-safe-wolfssl-all-crypto-only-intelasm-fips-dev-linuxkm-next-insmod and 'linuxkm-legacy-[56].*-insmod' for portability verification.

explanation of the bug fix:

The root cause of the bug was that on non-intelasm modules, the DRBG generator could be interrupted by a softirq that tries to stir entropy into the very same DRBG, resulting in a deadlock as the kthread holding the lock tried to get the lock. With the fixes in this PR, the generator wrapper now always explicitly disables softirqs before locking the DRBG, and the entropy stir-in point of entry fails gracefully if the caller has interrupts disabled and the DRBG can't be locked on the first try.

@douzzer
linuxkm/lkcapi_sha_glue.c:
fe33bb9 
* in get_drbg(), call local_bh_disable() for the crypto_default_rng, and in put_drbg(), call local_bh_enable() if needed.
* re-gate migrate_disable() and migrate_enable() so they're called for any SMP kernel >= 5.7, regardless of CONFIG_PREEMPT_COUNT.
* in get_drbg_n(), if the caller can't sleep, return immediately if the requested DRBG is busy, to avoid priority inversions and deadlocks.
@douzzer douzzer requested a review from sameehj December 11, 2025 04:53
@douzzer
Copy link
Contributor Author

douzzer commented Dec 11, 2025

retest this please

Found unhandled hudson.remoting.RequestAbortedException exception:
java.io.StreamCorruptedException: invalid stream header: 636F7272
	hudson.remoting.Request.abort(Request.java:358)
	hudson.remoting.Channel.terminate(Channel.java:1189)
	hudson.remoting.SynchronousCommandTransport$ReaderThread.run(SynchronousCommandTransport.java:95)

sameehj
sameehj approved these changes Dec 11, 2025
View reviewed changes
Copy link
Contributor

@sameehj sameehj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good overall
The lock values with magic numbers better use define but that maybe be done in a different commit.

@ColtonWilley ColtonWilley merged commit 2d9d399 into wolfSSL:master Dec 11, 2025
424 of 425 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sameehj sameehj sameehj approved these changes

@ColtonWilley ColtonWilley ColtonWilley approved these changes

@philljj philljj Awaiting requested review from philljj

Assignees

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@douzzer @sameehj @ColtonWilley @wolfSSL-Bot