linuxkm/: null out pointers with PTR_ERR()-encoded values before jumping to cleanup;

linuxkm/lkcapi_rsa_glue.c: in km_rsa_init(), implement error-path cleanup; linuxkm/module_hooks.c: nix CONFIG_MODULE_SIG requirement in WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE builds; wolfssl/wolfcrypt/settings.h: in WOLFSSL_LINUXKM setup, define WOLFSSL_ASN_INT_LEAD_0_ANY if LINUXKM_LKCAPI_REGISTER (required for kernel 5.10 crypto manager); wolfcrypt/src/memory.c: add WC_NO_ERR_TRACE() to mock error returns in SAVE_VECTOR_REGISTERS2_fuzzer().
2025-04-22 16:44:07 -05:00
parent 25cd009a42
commit d4fc8c3791
8 changed files with 72 additions and 15 deletions
--- a/linuxkm/module_hooks.c
+++ b/linuxkm/module_hooks.c
@@ -110,9 +110,6 @@ static void lkmFipsCb(int ok, int err, const char* hash)
 #endif

 #ifdef WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE
-#ifndef CONFIG_MODULE_SIG
-#error WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE requires a CONFIG_MODULE_SIG kernel.
-#endif
 static int updateFipsHash(void);
 #endif

@@ -137,10 +134,12 @@ static int wolfssl_init(void)
    int ret;

 #ifdef WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE
+#ifdef CONFIG_MODULE_SIG
    if (THIS_MODULE->sig_ok == false) {
        pr_err("wolfSSL module load aborted -- bad or missing module signature with FIPS dynamic hash.\n");
        return -ECANCELED;
    }
+#endif
    ret = updateFipsHash();
    if (ret < 0) {
        pr_err("wolfSSL module load aborted -- updateFipsHash: %s\n",wc_GetErrorString(ret));