From 245042a342447b8f8f7f50a330d8fe864c332674 Mon Sep 17 00:00:00 2001
From: Daniel Pouzzner <douzzer@wolfssl.com>
Date: Thu, 29 May 2025 16:21:34 -0500
Subject: [PATCH] add WC_SHA3_NO_ASM, mainly for the benefit of
 linuxkm-defaults and KASAN compatibility.

---
 configure.ac             | 8 +++++++-
 wolfcrypt/src/sha3.c     | 6 ++++++
 wolfssl/wolfcrypt/sha3.h | 4 +++-
 3 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index 1032b85a0..2a8e2f44f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -692,7 +692,7 @@ AC_SUBST([ENABLED_LINUXKM_BENCHMARKS])
 
 if test "$ENABLED_LINUXKM_DEFAULTS" = "yes"
 then
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DH_CONST -DWOLFSSL_SP_MOD_WORD_RP -DWOLFSSL_SP_DIV_64 -DWOLFSSL_SP_DIV_WORD_HALF -DWOLFSSL_SMALL_STACK_STATIC"
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DH_CONST -DWOLFSSL_SP_MOD_WORD_RP -DWOLFSSL_SP_DIV_64 -DWOLFSSL_SP_DIV_WORD_HALF -DWOLFSSL_SMALL_STACK_STATIC -DWC_SHA3_NO_ASM"
     if test "$ENABLED_LINUXKM_PIE" = "yes"; then
         AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_OCSP_ISSUER_CHECK"
     fi
@@ -4046,6 +4046,12 @@ then
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA3_SMALL"
 fi
 
+if test "$ENABLED_SHA3" = "noasm"
+then
+    ENABLED_SHA3=yes
+    AM_CFLAGS="$AM_CFLAGS -DWC_SHA3_NO_ASM"
+fi
+
 # SHAKE128
 AC_ARG_ENABLE([shake128],
     [AS_HELP_STRING([--enable-shake128],[Enable wolfSSL SHAKE128 support (default: disabled)])],
diff --git a/wolfcrypt/src/sha3.c b/wolfcrypt/src/sha3.c
index a9795ff9a..672210fc4 100644
--- a/wolfcrypt/src/sha3.c
+++ b/wolfcrypt/src/sha3.c
@@ -21,6 +21,12 @@
 
 #include <wolfssl/wolfcrypt/libwolfssl_sources.h>
 
+#ifdef WC_SHA3_NO_ASM
+    #undef USE_INTEL_SPEEDUP
+    #undef WOLFSSL_ARMASM
+    #undef WOLFSSL_RISCV_ASM
+#endif
+
 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_XILINX_CRYPT) && \
    !defined(WOLFSSL_AFALG_XILINX_SHA3)
 
diff --git a/wolfssl/wolfcrypt/sha3.h b/wolfssl/wolfcrypt/sha3.h
index 724719a66..cd93e2c7a 100644
--- a/wolfssl/wolfcrypt/sha3.h
+++ b/wolfssl/wolfcrypt/sha3.h
@@ -220,7 +220,9 @@ WOLFSSL_API int wc_Shake256_Copy(wc_Shake* src, wc_Sha3* dst);
     WOLFSSL_API int wc_Sha3_GetFlags(wc_Sha3* sha3, word32* flags);
 #endif
 
-#ifdef USE_INTEL_SPEEDUP
+#ifdef WC_SHA3_NO_ASM
+/* asm speedups disabled */
+#elif defined(USE_INTEL_SPEEDUP)
 WOLFSSL_LOCAL void sha3_block_n_bmi2(word64* s, const byte* data, word32 n,
     word64 c);
 WOLFSSL_LOCAL void sha3_block_bmi2(word64* s);