20251230-persistent-drbg #9616
Merged
20251230-persistent-drbg #9616
+1,643
−592
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
philljj
requested changes
Jan 6, 2026
Contributor
philljj
left a comment
philljj
left a comment
There was a problem hiding this comment.
I think all-c89-clang-tidy and all-c89-cppcheck CI had errors.
philljj
previously requested changes
Jan 6, 2026
Contributor
philljj
left a comment
philljj
left a comment
There was a problem hiding this comment.
Looks good so far, just have some suggestions.
…efFree() and wolfSSL_RefWithMutexFree(), zero the refcount (valid refcount objects are initialized to count of 1); add wolfSSL_RefCur().
* add FIPS_VERSION_NE(); * move more generic setup code from WOLFSSL_LINUXKM/WOLFSSL_BSDKM to kernel-generic WOLFSSL_KERNEL_MODE; fix WOLFSSL_OLD_PRIME_CHECK setup to exclude FIPS.
…DEBUG_BACKTRACE_ERROR_CODES gate around setup for wolfssl_linuxkm_pie_redirect_table.dump_stack. linuxkm/module_hooks.c: in wc_linuxkm_relax_long_loop(), use cpu_relax() as a fallback when non-preemptible.
…, don't render warning of call while non-preemptible if WC_SVR_FLAG_INHIBIT was passed in.
…NG_BANK_SUPPORT: * add WC_DRBG_BANKREF status code; * add `struct wc_rng_bank *bankref` to struct WC_RNG, and move status slot out from HAVE_HASHDRBG gate; * add WC_DRBG_MAX_SALT_SZ, and add saltSz and salt slots to struct DRBG_internal; * add salt handling to Hash_df(), Hash_DRBG_Instantiate(), and _InitRng(); * add types: * enum wc_rng_bank_flags * struct wc_rng_bank * add implementations: * wc_rng_bank_init() * wc_rng_bank_set_affinity_handlers() * wc_rng_bank_fini() * wc_rng_bank_checkout() * wc_rng_bank_checkin() * wc_rng_bank_inst_reinit() * wc_rng_bank_seed() * wc_rng_bank_reseed() * wc_InitRng_BankRef() * wc_rng_new_bankref() * WC_RNG_BANK_INST_TO_RNG() * in wc_RNG_GenerateBlock() and wc_FreeRng(), add WC_RNG_BANK_SUPPORT sections; wolfcrypt/src/random.c: in WC_VERBOSE_RNG messages, add "ERROR: " prefixes to text to assure pickup by autotesting. also fixed line lengths.
* refactor to use new wc_rng_bank facility: * wc_linuxkm_drbg_init_tfm() * wc_linuxkm_drbg_exit_tfm() * get_drbg() (renamed to linuxkm_get_drbg()) * put_drbg() (renamed to linuxkm_put_drbg()) * wc_linuxkm_drbg_generate() * wc_linuxkm_drbg_seed() * wc_mix_pool_bytes() * wc_crng_reseed() * add: * linuxkm_affinity_lock() * linuxkm_affinity_get_id() * linuxkm_affinity_unlock() * linuxkm_InitRng_DefaultRef() * remove: * get_drbg_n() * drbg_init_from() * fork_default_rng() * LKCAPI_INITRNG_FOR_SELFTEST. * when LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT, define LKCAPI_INITRNG to linuxkm_InitRng_DefaultRef, else define it to wc_InitRng().
…LKCAPI_INITRNG() rather than wc_InitRng(), and remove calls to LKCAPI_INITRNG_FOR_SELFTEST(). also, in km_rsa_ctx_init_rng(), recognize WC_DRBG_BANKREF as a usable RNG status.
…ll-crypto feature set.
…/wc_port.h, linuxkm/lkcapi_sha_glue.c: fixes from autotesting: * refactor to eliminate recursion in wc_RNG_GenerateBlock(); * refactor enum wc_rng_bank_flags as word32 and macros; * fix -Wconversions, -Wunused, and stray EINVAL in wc_rng_bank_init(); * make struct wc_rng_bank_inst a top-level definition for C++ compat; * fix several bugprone-macro-parentheses.
…_AGGREGATES by default.
… HAVE_ANONYMOUS_INLINE_AGGREGATES`, not `#if HAVE_ANONYMOUS_INLINE_AGGREGATES`.
…nd wolfssl/wolfcrypt/random.h to new files wolfcrypt/src/rng_bank.c and wolfssl/wolfcrypt/rng_bank.h; wolfcrypt/src/rng_bank.c: * add wc_local_rng_bank_checkout_for_bankref, wc_BankRef_Release(), wc_rng_bank_new(), and wc_rng_bank_free(); * in wc_rng_bank_checkin(), take a struct wc_rng_bank_inst **rng_inst and NULL it before return; * in wc_rng_bank_init(), add a devId arg, and handle devId in wc_rng_bank_inst_reinit(); * add WC_RNG_BANK_INST_LOCK_* and use them in wc_rng_bank_checkout() and wc_rng_bank_checkin(); * fix order of operations in wc_rng_bank_checkout() re DISABLE_VECTOR_REGISTERS(); wolfcrypt/src/random.c: * refactor per-instance salting for wc_rng_bank_inst: remove changes in Hash_df(), Hash_DRBG_Instantiate(), and _InitRng(), and in wc_rng_bank_init() and wc_rng_bank_inst_reinit(), use wc_InitRngNonce_ex() and pass the wc_rng_bank_inst pointer as the nonce; * simplify the WC_RNG_BANK_SUPPORT variant of wc_RNG_GenerateBlock() -- delegate to wc_local_rng_bank_checkout_for_bankref() and remove supplementary error checking; * in wc_FreeRng(), call wc_BankRef_Release() when WC_DRBG_BANKREF, and in wc_BankRef_Release(), fix refcount flub (not wolfSSL_RefFree, rather wolfSSL_RefDec); * streamline the WOLFSSL_LINUXKM wc_GenerateSeed(); wolfcrypt/test/test.c: add random_bank_test(); linuxkm/lkcapi_sha_glue.c: use WC_RNG_BANK_INST_TO_RNG() opportunistically; configure.ac: add --enable-amdrdseed as a synonym for --enable-amdrand; linuxkm/linuxkm_wc_port.h: when LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT, don't include get_random_bytes() in struct wolfssl_linuxkm_pie_redirect_table; add various comments for clarity.
douzzer
force-pushed
the
20251230-persistent-drbg
branch
from
ef6793d to
0059f16
Compare
Contributor
Author
|
retest this please |
dgarske
approved these changes
Jan 8, 2026
Contributor
dgarske
left a comment
dgarske
left a comment
There was a problem hiding this comment.
The PR review and testing is fine, but I’d really like some more documentation for --enable-rng-bank and WC_RNG_BANK_SUPPORT. Eventually the new rng_bank.c file will need added to CMake and VS project.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
wolfcrypt/src/random.candwolfssl/wolfcrypt/random.h: implementWC_RNG_BANK_SUPPORT:WC_DRBG_BANKREFstatus code;struct wc_rng_bank *bankreftostruct WC_RNG, and movestatusslot out fromHAVE_HASHDRBGgate;WC_DRBG_MAX_SALT_SZ, and addsaltSzandsaltslots tostruct DRBG_internal;Hash_df(),Hash_DRBG_Instantiate(), and_InitRng();enum wc_rng_bank_flagsstruct wc_rng_bankstruct wc_rng_bank_instwc_rng_bank_init()wc_rng_bank_set_affinity_handlers()wc_rng_bank_fini()wc_rng_bank_checkout()wc_rng_bank_checkin()wc_rng_bank_inst_reinit()wc_rng_bank_seed()wc_rng_bank_reseed()wc_InitRng_BankRef()wc_rng_new_bankref()WC_RNG_BANK_INST_TO_RNG()wc_RNG_GenerateBlock()andwc_FreeRng(), addWC_RNG_BANK_SUPPORTsections;wolfcrypt/src/random.c: inWC_VERBOSE_RNGmessages, add "ERROR: " prefixes to text to assure pickup by autotesting. also fixed line lengths.linuxkm/lkcapi_sha_glue.c:wc_rng_bankfacility:wc_linuxkm_drbg_init_tfm()wc_linuxkm_drbg_exit_tfm()get_drbg() (renamed to linuxkm_get_drbg())put_drbg() (renamed to linuxkm_put_drbg())wc_linuxkm_drbg_generate()wc_linuxkm_drbg_seed()wc_mix_pool_bytes()wc_crng_reseed()linuxkm_affinity_lock()linuxkm_affinity_get_id()linuxkm_affinity_unlock()linuxkm_InitRng_DefaultRef()get_drbg_n()drbg_init_from()fork_default_rng()LKCAPI_INITRNG_FOR_SELFTESTLINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT, defineLKCAPI_INITRNGtolinuxkm_InitRng_DefaultRef, else define it towc_InitRng().linuxkm/{lkcapi_dh_glue.c,lkcapi_ecdh_glue.c,lkcapi_rsa_glue.c}: useLKCAPI_INITRNG()rather thanwc_InitRng(), and remove calls toLKCAPI_INITRNG_FOR_SELFTEST(). also, inkm_rsa_ctx_init_rng(), recognizeWC_DRBG_BANKREFas a usable RNG status.configure.ac: add handling for--enable-rng-bank, and add it to theall-cryptofeature set.wolfcrypt/src/error.c,wolfssl/wolfcrypt/error-crypt.h: addBUSY_EandALREADY_E.wolfcrypt/src/wc_port.candwolfssl/wolfcrypt/wc_port.h: inwolfSSL_RefFree()andwolfSSL_RefWithMutexFree(), zero the refcount (valid refcount objects are initialized to count of 1); addwolfSSL_RefCur().wolfssl/wolfcrypt/settings.h:FIPS_VERSION_NE();WOLFSSL_LINUXKM/WOLFSSL_BSDKMsections to kernel-genericWOLFSSL_KERNEL_MODEsection; fixWOLFSSL_OLD_PRIME_CHECKsetup to exclude FIPS.linuxkm/linuxkm_wc_port.handlinuxkm/module_hooks.c: removeWOLFSSL_DEBUG_BACKTRACE_ERROR_CODESgate around setup forwolfssl_linuxkm_pie_redirect_table.dump_stack.linuxkm/module_hooks.c: inwc_linuxkm_relax_long_loop(), usecpu_relax()as a fallback when non-preemptible.linuxkm/x86_vector_register_glue.c: inwc_save_vector_registers_x86(), don't render warning of call while non-preemptible ifWC_SVR_FLAG_INHIBITwas passed in.