Merge pull request #9319 from douzzer/20251018-linuxkm-gdwarf-4-g1

20251018-linuxkm-gdwarf-4-g1

Author: philljj

configure.ac

@@ -740,6 +740,14 @@ then
     # "Unsupported DW_TAG_atomic_type(0x47): type: 0x1eefc" in some
     # kernel module builds.
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LINUXKM -DWC_SIPHASH_NO_ASM -gdwarf-4"
+    AS_IF([test "$ax_enable_debug" = "yes"],
+          [AM_CFLAGS="$AM_CFLAGS -g3"],
+          [AM_CFLAGS="$AM_CFLAGS -g1"])
+    AM_CCASFLAGS="$AM_CFLAGS -DWOLFSSL_LINUXKM -DWC_SIPHASH_NO_ASM -gdwarf-4"
+    AS_IF([test "$ax_enable_debug" = "yes"],
+          [AM_CCASFLAGS="$AM_CFLAGS -g3"],
+          [AM_CCASFLAGS="$AM_CFLAGS -g1"])
+
     ENABLED_NO_LIBRARY=yes
     ENABLED_BENCHMARK=no
     output_objdir="$(realpath "$output_objdir")/linuxkm"

linuxkm/Kbuild

@@ -214,19 +214,16 @@ RENAME_PIE_TEXT_AND_DATA_SECTIONS := \
 	    echo 'OK.'; \
 	fi; \
 	cd "$(obj)" || exit $$?; \
-	for file in $(WOLFCRYPT_PIE_FILES); do			\
-	    $(OBJCOPY) --rename-section .text=.text.wolfcrypt	\
-	    --rename-section .text.unlikely=.text.wolfcrypt	\
-	    --rename-section .rodata=.rodata.wolfcrypt		\
-	    --rename-section .rodata.str1.1=.rodata.wolfcrypt	\
-	    --rename-section .rodata.str1.8=.rodata.wolfcrypt	\
-	    --rename-section .rodata.cst16=.rodata.wolfcrypt	\
-	    --rename-section .rodata.cst32=.rodata.wolfcrypt	\
-	    --rename-section .data=.data.wolfcrypt		\
-	    --rename-section .data.rel.local=.data.wolfcrypt    \
-	    --rename-section .bss=.bss.wolfcrypt "$$file" || exit $$?; \
-	done; \
-	[ "$(KERNEL_ARCH_X86)" != "yes" ] ||			\
+	for file in $(WOLFCRYPT_PIE_FILES); do				\
+	    $(OBJCOPY) $$($(READELF) --sections --wide "$$file"	|	\
+	      $(AWK) ' 							\
+	      {								\
+	          if (match($$0, "^ *\\[ *[0-9]+\\] +\\.(text|rodata|data|bss)(\\.[^ ]+)? ", a)) { \
+		      printf("--rename-section .%s%s=.%s_wolfcrypt ", a[1], a[2], a[1]); \
+		  }							\
+	      }') "$$file" || exit $$?;					\
+	done; 								\
+	[ "$(KERNEL_ARCH_X86)" != "yes" ] ||				\
 	{ $(READELF) --sections --syms --wide $(WOLFCRYPT_PIE_FILES) |	\
 	$(AWK) -v obj="$(obj)" '					\
 	    /^File:/ {							\
@@ -253,12 +250,12 @@ RENAME_PIE_TEXT_AND_DATA_SECTIONS := \
 		if (phase == 1) {					\
 		    if (match($$0, "^ *\\[ *([0-9]+)\\] +([^ ]+) ", a)) {\
 			switch (a[2]) {					\
-			case ".text.wolfcrypt":				\
+			case ".text_wolfcrypt":				\
 			{						\
 			    wolfcrypt_text_sections[a[1]] = a[2];	\
 			    next;					\
 			}						\
-			case /^\.(data|rodata|bss)\.wolfcrypt$$/:	\
+			case /^\.(data|rodata|bss)_wolfcrypt$$/:	\
 			{						\
 			    wolfcrypt_data_sections[a[1]] = a[2];	\
 			    next;					\
@@ -301,7 +298,7 @@ RENAME_PIE_TEXT_AND_DATA_SECTIONS := \
 	    }}'; } || \
 	{ echo 'Error: symbol(s) missed by containerization.' >&2; exit 1; }; \
 	if [[ "$(quiet)" != "silent_" ]]; then \
-	    echo '  wolfCrypt .{text,data,rodata} sections containerized to .{text,data,rodata}.wolfcrypt'; \
+	    echo '  wolfCrypt .{text,data,rodata,bss} sections containerized to .{text,data,rodata}_wolfcrypt'; \
 	fi
 endif
 

linuxkm/Makefile

@@ -107,7 +107,7 @@ GENERATE_RELOC_TAB := $(READELF) --wide -r libwolfssl.ko |				\
 	    printf("%s\n    ",								\
 	        "const unsigned int wc_linuxkm_pie_reloc_tab[] = { ");			\
 	}										\
-	/^Relocation section '\''\.rela\.text\.wolfcrypt'\''/ {				\
+	/^Relocation section '\''\.rela\.text_wolfcrypt'\''/ {				\
 	    p=1;									\
 	    next;									\
 	}										\
@@ -171,7 +171,7 @@ module-update-fips-hash: libwolfssl.ko
 	@if test -z '$(FIPS_HASH)'; then echo '  $$FIPS_HASH is unset' >&2; exit 1; fi
 	@if [[ ! '$(FIPS_HASH)' =~ [0-9a-fA-F]{64} ]]; then echo '  $$FIPS_HASH is malformed' >&2; exit 1; fi
 	@readarray -t rodata_segment < <($(READELF) --wide --sections libwolfssl.ko | \
-	    sed -E -n 's/^[[:space:]]*\[[[:space:]]*([0-9]+)\][[:space:]]+\.rodata\.wolfcrypt[[:space:]]+PROGBITS[[:space:]]+[0-9a-fA-F]+[[:space:]]+([0-9a-fA-F]+)[[:space:]].*$$/\1\n\2/p'); \
+	    sed -E -n 's/^[[:space:]]*\[[[:space:]]*([0-9]+)\][[:space:]]+\.rodata_wolfcrypt[[:space:]]+PROGBITS[[:space:]]+[0-9a-fA-F]+[[:space:]]+([0-9a-fA-F]+)[[:space:]].*$$/\1\n\2/p'); \
 	if [[ $${#rodata_segment[@]} != 2 ]]; then echo '  unexpected rodata_segment.' >&2; exit 1; fi; \
 	readarray -t verifyCore_attrs < <($(READELF) --wide --symbols libwolfssl.ko | \
 	    sed -E -n 's/^[[:space:]]*[0-9]+: ([0-9a-fA-F]+)[[:space:]]+([0-9]+)[[:space:]]+OBJECT[[:space:]]+[A-Z]+[[:space:]]+[A-Z]+[[:space:]]+'"$${rodata_segment[0]}"'[[:space:]]+verifyCore$$/\1\n\2/p'); \

linuxkm/wolfcrypt.lds

@@ -1,29 +1,29 @@
 SECTIONS {
     . = ALIGN(4096);
-    .text.wolfcrypt : {
+    .text_wolfcrypt : {
         __wc_text_start = .;
-        *(.text.wolfcrypt)
+        *(.text_wolfcrypt)
 	. = ALIGN(4096);
         __wc_text_end = .;
     }
     . = ALIGN(4096);
-    .rodata.wolfcrypt : {
+    .rodata_wolfcrypt : {
         __wc_rodata_start = .;
-        *(.rodata.wolfcrypt)
+        *(.rodata_wolfcrypt)
         . = ALIGN(4096);
         __wc_rodata_end = .;
     }
     . = ALIGN(4096);
-    .data.wolfcrypt : {
+    .data_wolfcrypt : {
         __wc_rwdata_start = .;
-        *(.data.wolfcrypt)
+        *(.data_wolfcrypt)
         . = ALIGN(4096);
         __wc_rwdata_end = .;
     }
     . = ALIGN(4096);
-    .bss.wolfcrypt : {
+    .bss_wolfcrypt : {
         __wc_bss_start = .;
-        *(.bss.wolfcrypt)
+        *(.bss_wolfcrypt)
         . = ALIGN(4096);
         __wc_bss_end = .;
     }

wolfcrypt/test/test.c

@@ -621,7 +621,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  tls12_kdf_test(void);
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  prf_test(void);
 #endif
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  sshkdf_test(void);
-#ifdef WOLFSSL_TLS13
+#if defined(WOLFSSL_TLS13) && !defined(NO_HMAC)
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  tls13_kdf_test(void);
 #endif
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  x963kdf_test(void);
@@ -1944,14 +1944,14 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
 #endif /* WOLFSSL_HAVE_PRF && HAVE_HKDF && !NO_HMAC && */
        /* WOLFSSL_BASE16 && !WOLFSSL_NO_TLS12 */
 
-#ifdef WOLFSSL_TLS13
+#if defined(WOLFSSL_TLS13) && !defined(NO_HMAC)
     PRIVATE_KEY_UNLOCK();
     if ( (ret = tls13_kdf_test()) != 0)
         TEST_FAIL("TLSv1.3 KDF test failed!\n", ret);
     else
         TEST_PASS("TLSv1.3 KDF test passed!\n");
     PRIVATE_KEY_LOCK();
-#endif /* WOLFSSL_TLS13 */
+#endif /* WOLFSSL_TLS13 && !NO_HMAC */
 
 #if defined(HAVE_X963_KDF) && defined(HAVE_ECC)
     if ( (ret = x963kdf_test()) != 0)
@@ -20769,7 +20769,9 @@ static wc_test_ret_t rsa_decode_test(RsaKey* keyPub)
 }
 #endif
 
-#if defined(WC_RSA_PSS) && !defined(HAVE_FIPS_VERSION) /* not supported with FIPSv1 */
+#if defined(WC_RSA_PSS) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,0)) && \
+    !defined(WC_NO_RNG)
 /* Need to create known good signatures to test with this. */
 #if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
 !defined(WOLF_CRYPTO_CB_ONLY_RSA)
@@ -21131,7 +21133,8 @@ static wc_test_ret_t rsa_pss_test(WC_RNG* rng, RsaKey* key)
     return ret;
 }
 #endif /* !WOLFSSL_RSA_VERIFY_ONLY && !WOLFSSL_RSA_PUBLIC_ONLY */
-#endif
+#endif /* WC_RSA_PSS && (!HAVE_FIPS || FIPS_VERSION_GE(5,0)) && !WC_NO_RNG */
+
 
 #ifdef WC_RSA_NO_PADDING
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_no_pad_test(void)
@@ -23176,7 +23179,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void)
 #endif /* WOLFSSL_CERT_REQ */
 #endif /* WOLFSSL_CERT_GEN */
 
-#if defined(WC_RSA_PSS) && !defined(HAVE_FIPS_VERSION) /* not supported with FIPSv1 */
+#if defined(WC_RSA_PSS) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,0)) && \
+    !defined(WC_NO_RNG)
 /* Need to create known good signatures to test with this. */
 #if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
     !defined(WOLF_CRYPTO_CB_ONLY_RSA)
@@ -28431,7 +28436,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t tls12_kdf_test(void)
 #endif /* WOLFSSL_HAVE_PRF && HAVE_HKDF && !NO_HMAC && */
        /* WOLFSSL_BASE16 && !WOLFSSL_NO_TLS12 */
 
-#ifdef WOLFSSL_TLS13
+#if defined(WOLFSSL_TLS13) && !defined(NO_HMAC)
 
 #define TLSV13_PSK_DHE_SZ 40
 typedef struct {
@@ -29127,7 +29132,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t tls13_kdf_test(void)
     return ret;
 }
 
-#endif /* WOLFSSL_TLS13 */
+#endif /* WOLFSSL_TLS13 && !NO_HMAC */
 
 static const int fiducial2 = WC_TEST_RET_LN; /* source code reference point --
                                               * see print_fiducials() below.