Merge pull request #9590 from philljj/fips_bsdkm

Fips bsdkm

Author: douzzer

bsdkm/Makefile

@@ -5,8 +5,14 @@ WOLFSSL_DIR=../
 
 CFLAGS+=-I${WOLFSSL_DIR}
 CFLAGS+=-DWOLFSSL_IGNORE_FILE_WARN -DHAVE_CONFIG_H -DNO_MAIN_DRIVER
-# debug printing
-# CFLAGS+=-DWOLFSSL_BSDKM_VERBOSE_DEBUG
+#
+# debug options
+#   verbose printing:
+#   CFLAGS+=-DWOLFSSL_BSDKM_VERBOSE_DEBUG
+#
+#   print memory mallocs / frees:
+#   CFLAGS+=-DWOLFSSL_BSDKM_MEMORY_DEBUG
+#
 CFLAGS+=$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS)
 
 # FreeBSD make does not support GNU make's patsubst and related. Filter

bsdkm/README.md

@@ -0,0 +1,102 @@
+# wolfSSL bsdkm (bsd kernel module)
+
+libwolfssl supports building as a FreeBSD kernel module (`libwolfssl.ko`).
+When loaded, wolfCrypt is made available to the rest of the kernel, allowing
+other loadable modules to link to wolfCrypt.
+
+Supported features:
+- wolfCrypt in kernel.
+- FIPS-wolfcrypt.
+
+Planned features:
+- crypto acceleration: AES-NI, AVX, etc.
+- kernel opencrypto driver registration.
+- full wolfSSL in kernel (kernel TLS).
+
+## Building and Installing
+
+Build bsdkm with:
+
+```sh
+./configure --enable-freebsdkm --enable-cryptonly && make
+```
+
+The default freebsdkm build assumes kernel source tree root at `/usr/src/sys/`.
+Use `--with-kernel-source=PATH` to configure a different path.
+
+Assuming you are targeting your native system, install with:
+
+```sh
+sudo kldload bsdkm/libwolfssl.ko
+```
+
+You should see it now:
+```sh
+kldstat -m libwolfssl
+Id  Refs Name
+509    1 libwolfssl
+```
+
+Unload with:
+```sh
+sudo kldunload libwolfssl
+```
+
+### options
+
+| freebsdkm option                 | description                              |
+| :------------------------------- | :--------------------------------------- |
+| --with-bsd-export-syms=LIST      | Export list of symbols as global. <br>. Options are 'all', 'none', or <br> comma separated list of symbols. |
+| --with-kernel-source=PATH        | Path to kernel tree root (default `/usr/src/sys`) |
+
+### FIPS
+
+Building with FIPS is largely the same, with the additional step of
+configuring a fips hash.
+
+1. Build bsdkm (the `fips_hash` here is a placeholder):
+
+```sh
+fips_hash=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
+./configure --enable-freebsdkm --enable-cryptonly --enable-fips=v6 \
+  CFLAGS="-DWOLFCRYPT_FIPS_CORE_HASH_VALUE=$fips_hash" && make
+```
+
+2. Attempt first install. This is expected to fail, because the hash was a
+placeholder.
+```sh
+$ sudo kldload bsdkm/libwolfssl.ko
+kldload: an error occurred while loading module bsdkm/libwolfssl.ko. Please check dmesg(8) for more details.
+```
+
+3. Check dmesg output for the updated hash value (yours will be different).
+```sh
+$ dmesg | tail -n5
+In-core integrity hash check failure.
+Rebuild with "WOLFCRYPT_FIPS_CORE_HASH_VALUE=3B144A08F291DBA536324646BBD127447B8F222D29A135780E330351E0DF9F0F".
+error: wc_RunAllCast_fips failed at shutdown with return value 19
+info: libwolfssl unloaded
+module_register_init: MOD_LOAD (libwolfssl_fips, 0xffffffff842c28d0, 0) error 85
+```
+
+4. Repeat steps 1-2 with the new hash value. The load should succeed now.
+
+```
+$ kldstat -m libwolfssl_fips
+Id  Refs Name
+523    1 libwolfssl_fips
+```
+
+Unload with
+```
+sudo kldunload libwolfssl
+```
+
+On unload, the FIPS self-test will run a final time and print its status
+to system message buffer:
+
+```
+info: wolfCrypt FIPS re-self-test succeeded at unload: all algorithms re-verified.
+info: libwolfssl unloaded
+```
+

bsdkm/bsdkm_wc_port.h

@@ -37,11 +37,16 @@
     #include <sys/limits.h>
 #endif /* !CHAR_BIT*/
 
+#define NO_THREAD_LS
+#define NO_ATTRIBUTE_CONSTRUCTOR
+
 /* needed to prevent wolfcrypt/src/asn.c version shadowing
  * extern global version from /usr/src/sys/sys/systm.h */
 #define version wc_version
 
-#define wc_km_printf printf
+/* printf and logging defines */
+#define wc_km_printf            printf
+#define WOLFSSL_DEBUG_PRINTF_FN printf
 
 /* str and char utility functions */
 #define XATOI(s) ({                                         \
@@ -51,7 +56,7 @@
         _xatoi_ret = 0;                                     \
       }                                                     \
       (int)_xatoi_ret;                                      \
-    })
+})
 
 #if !defined(XMALLOC_OVERRIDE)
     #error bsdkm requires XMALLOC_OVERRIDE
@@ -60,21 +65,45 @@
 /* use malloc and free from /usr/include/sys/malloc.h */
 extern struct malloc_type M_WOLFSSL[1];
 
-#define XMALLOC(s, h, t) \
-    ({(void)(h); (void)(t); malloc(s, M_WOLFSSL, M_WAITOK | M_ZERO);})
+#if defined(WOLFSSL_BSDKM_MEMORY_DEBUG)
+    #define XMALLOC(s, h, t) ({                                              \
+        (void)(h); (void)(t);                                                \
+        void * _ptr = malloc(s, M_WOLFSSL, M_WAITOK | M_ZERO);               \
+        printf("info: malloc: %p, M_WOLFSSL, %zu\n", _ptr, (size_t) s);      \
+        (void *)_ptr;                                                        \
+    })
 
-#ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
-    #define XFREE(p, h, t) \
-        ({(void)(h); (void)(t); free(p, M_WOLFSSL);})
+    #define XFREE(p, h, t) ({                                                \
+        void* _xp; (void)(h); (void)(t); _xp = (p);                          \
+        printf("info: free: %p, M_WOLFSSL\n", p);                            \
+        if(_xp) free(_xp, M_WOLFSSL);                                        \
+    })
 #else
-    #define XFREE(p, h, t) \
-        ({void* _xp; (void)(h); (void)(t); _xp = (p); \
-         if(_xp) free(_xp, M_WOLFSSL);})
-#endif
+    #define XMALLOC(s, h, t) ({                                              \
+        (void)(h); (void)(t);                                                \
+        void * _ptr = malloc(s, M_WOLFSSL, M_WAITOK | M_ZERO);               \
+        (void *)_ptr;                                                        \
+    })
+
+    #define XFREE(p, h, t) ({                                                \
+        void* _xp; (void)(h); (void)(t); _xp = (p);                          \
+        if(_xp) free(_xp, M_WOLFSSL);                                        \
+    })
+#endif /* WOLFSSL_BSDKM_DEBUG_MEMORY */
 
 #if !defined(SINGLE_THREADED)
     #define WC_MUTEX_OPS_INLINE
 
+    /* Copied from wc_port.h */
+    #if defined(HAVE_FIPS) && !defined(WOLFSSL_API_PREFIX_MAP)
+        /* For FIPS keep the function names the same */
+        #define wc_InitMutex   InitMutex
+        #define wc_FreeMutex   FreeMutex
+        #define wc_LockMutex   LockMutex
+        #define wc_UnLockMutex UnLockMutex
+        #define NO_THREAD_LS
+    #endif /* HAVE_FIPS */
+
     typedef struct wolfSSL_Mutex {
         struct mtx lock;
     } wolfSSL_Mutex;
@@ -106,12 +135,18 @@ extern struct malloc_type M_WOLFSSL[1];
 
 #if defined(WOLFSSL_HAVE_ATOMIC_H) && !defined(WOLFSSL_NO_ATOMICS)
     #include <machine/atomic.h>
-    typedef volatile int wolfSSL_Atomic_Int;
+    typedef volatile int          wolfSSL_Atomic_Int;
     typedef volatile unsigned int wolfSSL_Atomic_Uint;
     #define WOLFSSL_ATOMIC_INITIALIZER(x) (x)
     #define WOLFSSL_ATOMIC_LOAD(x)  (int)atomic_load_acq_int(&(x))
     #define WOLFSSL_ATOMIC_STORE(x, v)  atomic_store_rel_int(&(x), (v))
     #define WOLFSSL_ATOMIC_OPS
+
+    #if defined(HAVE_FIPS)
+        /* There is no corresponding ATOMIC_INIT macro in FreeBSD.
+         * The FreeBSD equivalent is just an integer initialization. */
+        #define ATOMIC_INIT(x) (x)
+    #endif
 #endif /* WOLFSSL_HAVE_ATOMIC_H && !WOLFSSL_NO_ATOMICS */
 
 #endif /* WOLFSSL_BSDKM */

bsdkm/include.am

@@ -4,5 +4,6 @@
 
 EXTRA_DIST += m4/ax_bsdkm.m4 \
 	      bsdkm/Makefile \
+	      bsdkm/README.md \
 	      bsdkm/wolfkmod.c \
 	      bsdkm/bsdkm_wc_port.h