linuxkm/: when logging PTR_ERR(), cast it to int, and use "%d" as the format. Globally, `#define PTR_ERR(x) ((int)PTR_ERR(x))` in linuxkm_wc_port.h to fix clang warnings on kernel headers.
linuxkm/lkcapi_aes_glue.c: add casts in linuxkm_test_aesgcm() to mollify clang.
linuxkm/linuxkm_wc_port.h, linuxkm/module_hooks.c:
* add __clang__ compat code to allow including clang stdatomic.h while masking out kernel-incompatible __CLANG_STDINT_H.
* add clang-specific suppressions for kernel headers (-Wshorten-64-to-32, -Wframe-address).
linuxkm/lkcapi_sha_glue.c:
* in wc__get_random_bytes(), add bounds-checking for len.
* in wc_extract_crng_user(), fix type conflicts.
wolfssl/wolfcrypt/wc_port.h and wolfssl/wolfcrypt/types.h:
* move the old-FIPS compatibility mapping from INLINE to WC_INLINE from types.h to wc_port.h.
* activate stdatomic.h for clang kernel module builds.
linuxkm/Kbuild:
* add clang-specific flags.
* add gcc gate around gcc-specific flags.
* allow override value for MAX_STACK_FRAME_SIZE.
wolfcrypt/src/asn.c: add casts in GetFormattedTime_ex() to mollify clang build of linuxkm.
fix F-3291: Copy-paste error in linuxkm_test_aesgcm error message uses WOLFKM_AESCBC_DRIVER
fix F-1431: AES-GCM RFC4106 SetKey Uses memcpy Instead of XMEMCPY for Nonce Copy
(note, for F-1431, changed all relevant memset() and memcpy() calls in linuxkm/ to XMEMSET() and XMEMCPY() respectively.)
wolfcrypt/src/sp_x86_64.c:
* fix ASSERT_SAVED_VECTOR_REGISTERS() in C wrappers: add where missing for implementations that use AVX2, and remove frivolous checks for ones that don't.
* refactor vector save-restore with a single locally tracked save in sp_RsaPublic_#(), sp_RsaPrivate_#(), sp_ecc_mulmod_add_#(), sp_ecc_mulmod_base_add_#(), sp_ecc_make_key_#(), and sp_#_calc_s_#().
* fix feature test in sp_ModExp_Fp_star_1024(), sp_Pairing_1024(), and sp_Pairing_gen_precomp_1024(), to properly gate on IS_INTEL_AVX2(cpuid_flags) and SAVE_VECTOR_REGISTERS2() == 0.
wolfcrypt/src/{dh.c,dsa.c,ecc.c,eccsi.c,rsa.c,sp_int.c}:
* remove all vector register provisions (SAVE_VECTOR_REGISTERS(), RESTORE_VECTOR_REGISTERS(), ASSERT_SAVED_VECTOR_REGISTERS());
* add explicit WC_CHECK_FOR_INTR_SIGNALS() and WC_RELAX_LONG_LOOP() to the lengthy loops in wc_DhGenerateParams(), wc_MakeDsaParameters(), ecc_sign_hash_sw(), and wc_MakeRsaKey().
wolfssl/wolfcrypt/{error-crypt.h,logging.h,memory.h}:
* make wc_backtrace_render() and wc_backtrace_set_fp() available whenever defined(WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES);
* add support for DEBUG_VECTOR_REGISTERS_BACKTRACE_ON_FAIL, activating backtraces on vector register errors.
* also improve the debugging format from the DEBUG_VECTOR_REGISTER_ACCESS variants of SAVE_VECTOR_REGISTERS() and friends.
linuxkm/lkcapi_{dh,ecdh,ecdsa,rsa}_glue.c: harmonize PK driver names with AES, SHA, and DRBG, notably adding AVX2 annotation when enabled.
wolfcrypt/src/{sp_x86_64_asm.S,sp_x86_64_asm.asm}: synchronize with wolfssl/scripts#581 (removes SSE2 implementations of sp_#_get_from_table_#(), which no longer have users).
adding WOLFSSL_NO_DH_GEN_PUB in the unlikely event it needs to be disabled;
configure.ac: in --enable-linuxkm-lkcapi-register section, remove special-case
handling for -DWOLFSSL_DH_GEN_PUB, and add support for
--enable-linuxkm-lkcapi-register=all-kconfig, which disables registration of
any algs that are disabled in the target kernel, and #errors if any algs or
registrations are disabled or incompatible in libwolfssl but enabled in the
target kernel (note, it does not #error for algorithms we don't currently
shim/implement);
linuxkm/lkcapi_glue.c: change default WOLFSSL_LINUXKM_LKCAPI_PRIORITY from 10000
to INT_MAX to make masking impossible;
linuxkm/lkcapi*glue.c: move all remaining algorithm-specific gate setup into the
respective algorithm family files, and in each family file, add
LINUXKM_LKCAPI_REGISTER_ALL_KCONFIG logic to activate shims only if the
corresponding algorithm is activated in the target kernel.
linuxkm/lkcapi_sha_glue.c: fix -Wunuseds in
wc_linuxkm_drbg_default_instance_registered() and wc_linuxkm_drbg_cleanup()
when !LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT.
in lkcapi_sha_glue.c:
in linuxkm_hmac_setkey_common(), ignore keylength even in FIPS modules (use
wc_HmacSetKey_ex(..., 1)) on kernel < 6.0 to work around crypto manager bug;
in wc_linuxkm_drbg_startup(), add rng workout routine using handle from
crypto_alloc_rng();
in lkcapi_*_glue.c: fix test routines to return valid wolfCrypt error codes
consistently;
in module_hooks.c, implement
* linuxkm_lkcapi_sysfs_install_node(),
* linuxkm_lkcapi_sysfs_deinstall_node(),
* FIPS_rerun_self_test_handler()
and add corresponding setup/teardown in wolfssl_init() and wolfssl_exit();
in lkcapi_glue.c:
refactor linuxkm_lkcapi_sysfs_install and linuxkm_lkcapi_sysfs_deinstall to
use the new helpers;
harden the REGISTER_ALG() and UNREGISTER_ALG() macros and the
linuxkm_lkcapi_register() and linuxkm_lkcapi_unregister() functions, and add
informational messages about number of algs registered/deregistered;
in x86_vector_register_glue.c: fix gate for irq_fpu_usable() workaround to
reflect backporting of fix in >=5.10.180 in 5.10-LTS and >=5.15.39 in 5.15-LTS
linuxkm/lkcapi_glue.c: move WOLFSSL_DEBUG_TRACE_ERROR_CODES coverage for
EINVAL/ENOMEM/EBADMSG to module_hooks.c.
typography fixes;
static attr on const byte arrays;
refactor km_ecdsa_verify() to use a single heap allocation;
fix linuxkm_test_ecdsa_nist_driver() to copy sig and hash to a heap allocation before passing to sg_set_buf() (avoids unmapping of rodata);
in linuxkm_test_pkcs1_driver() move hash from stack to heap;
add LINUX_VERSION_CODE >= 5.4 assertion in linuxkm/lkcapi_glue.c;
streamline macro logic in linuxkm/lkcapi_sha_glue.c.