linuxkm/lkcapi_dh_glue.c: never install DH/FFDHE on kernel <5.18 -- DH secrets have a different format before that version, and FFDHE (CONFIG_CRYPTO_DH_RFC7919_GROUPS) was introduced in 5.18 and is the only FIPS-allowed DH variant.

2025-05-14 15:37:12 -05:00 · 2025-05-14 15:37:12 -05:00 · f0f4084f94
parent 49d9bfa160
commit f0f4084f94
2 changed files with 17 additions and 2 deletions
--- a/.wolfssl_known_macro_extras
+++ b/.wolfssl_known_macro_extras
@ -56,6 +56,7 @@ CONFIG_CRYPTO_AES
 CONFIG_CRYPTO_CBC
 CONFIG_CRYPTO_CTR
 CONFIG_CRYPTO_DH
+CONFIG_CRYPTO_DH_RFC7919_GROUPS
 CONFIG_CRYPTO_ECB
 CONFIG_CRYPTO_ECDH
 CONFIG_CRYPTO_ECDSA
--- a/linuxkm/lkcapi_dh_glue.c
+++ b/linuxkm/lkcapi_dh_glue.c
@ -56,10 +56,24 @@
    #undef LINUXKM_LKCAPI_REGISTER_DH
 #endif

+#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 18, 0)
+    /* Support for FFDHE was added in kernel 5.18, and generic DH support
+     * pre-5.18 used a different binary format for the secret (an additional
+     * slot for q).
+     *
+     * LTS backports of FFDHE go as far back as 4.14.236, using the pre-5.18
+     * binary layout, but other backports, e.g. RHEL 9.5 on kernel
+     * 5.14.0-503.40.1, have the 5.18+ layout.  Best to disable on all pre-5.18
+     * and triage as/if necessary.
+     */
+    #undef LINUXKM_LKCAPI_REGISTER_DH
+#endif
+
 #if defined(LINUXKM_LKCAPI_REGISTER_ALL_KCONFIG) && \
-    defined(CONFIG_CRYPTO_DH) && \
+    (defined(CONFIG_CRYPTO_DH) || defined(CONFIG_CRYPTO_DH_RFC7919_GROUPS)) && \
    !defined(LINUXKM_LKCAPI_REGISTER_DH)
-    #error Config conflict: target kernel has CONFIG_CRYPTO_DH, but module is missing LINUXKM_LKCAPI_REGISTER_DH.
+    #error Config conflict: target kernel has CONFIG_CRYPTO_DH and/or \
+        _DH_RFC7919_GROUPS, but module is missing LINUXKM_LKCAPI_REGISTER_DH.
 #endif

 #if defined(LINUXKM_LKCAPI_REGISTER_DH)