* in USE_WINDOWS_API wc_GenerateSeed(), recognize HAVE_AMD_RDSEED, and properly enforce FORCE_FAILURE_RDSEED when CPU support is missing;
* in WOLFSSL_LINUXKM wc_GenerateSeed(), initialize ret to RNG_FAILURE_E, and properly enforce FORCE_FAILURE_RDSEED when CPU support is missing;
* in WOLFSSL_BSDKM wc_GenerateSeed(), properly enforce FORCE_FAILURE_RDSEED when CPU support is missing;
fix F-3291: Copy-paste error in linuxkm_test_aesgcm error message uses WOLFKM_AESCBC_DRIVER
fix F-1431: AES-GCM RFC4106 SetKey Uses memcpy Instead of XMEMCPY for Nonce Copy
(note, for F-1431, changed all relevant memset() and memcpy() calls in linuxkm/ to XMEMSET() and XMEMCPY() respectively.)
in AesGcmCrypt_1() and AesCcmCrypt_1(), check for overflow on assoclen+cryptlen in both encrypt and decrypt modes;
in linuxkm_test_kpp_driver(), return MEMORY_E, not -ENOMEM;
in km_direct_rsa_dec(), only update req->dst_len for -EOVERFLOW, not for -EINVAL.
also ForceZeros various other potentially sensitive allocations before freeing them, and uses unconditional free() per current libwolfssl best practice.
wolfcrypt/src/aes.c: enforce AES-XTS K1!=K2 constraint in wc_AesXtsSetKeyNoInit() unless WC_AES_XTS_ALLOW_DUPLICATE_KEYS and !HAVE_FIPS:
tests/api/test_aes.c: add negative tests to test_wc_AesXtsSetKey() for K1==K2;
wolfcrypt/test/test.c: fix keys in aes_xts_128_inplace_test() and aes_xts_192_inplace_test() so that K1!=K2, update test vectors, and remove associated !HAVE_FIPS gating;
linuxkm/lkcapi_aes_glue.c: synchronize aes_xts_128_test() test of ciphertext stealing in-place with wolfcrypt/test/test.c.
wrapper/rust/wolfssl-wolfcrypt/src/aes.rs: synchronize XTS streaming test with wolfcrypt/test/test.c.
linuxkm/: refactor self-test sensing with version-gated setup in linuxkm_wc_port.h and refactored gates in lkcapi_glue.c.
F-2554 Missing wc_ecc_free Before free in km_ecdh_init When wc_ecc_set_rng Fails
F-2555 Missing wc_FreeDhKey Before free in km_ffdhe_init When wc_DhSetNamedKey Fails
* add WOLFSSL_API attribute to wc_linuxkm_sig_ignore_begin(), wc_linuxkm_sig_ignore_end(), wc_linuxkm_check_for_intr_signals(), and wc_linuxkm_relax_long_loop().
* fix WC_CONTAINERIZE_THIS macro wrappers for wc_linuxkm_sig_ignore_begin() and wc_linuxkm_sig_ignore_end() (stray semicolons).
linuxkm/linuxkm_wc_port.h, linuxkm/lkcapi_sha_glue.c, linuxkm/module_hooks.c: add wc_linuxkm_can_block(), and refactor ad hoc `preempt_count() != 0` checks for sleep safety as calls to wc_linuxkm_can_block().
linuxkm/module_hooks.c: fix wc_linuxkm_malloc_usable_size() implementation for kvmalloc() compatibility.
wolfssl/wolfcrypt/settings.h: add WC_NO_GLOBAL_OBJECT_POINTERS implicitly in WC_SYM_RELOC_TABLES section of WOLFSSL_LINUXKM setup.
wolfssl/wolfcrypt/wolfmath.h, wolfcrypt/src/wolfmath.c, wolfcrypt/src/sp_int.c, wolfcrypt/src/sakke.c: when WC_NO_GLOBAL_OBJECT_POINTERS, use static local wc_off_on_addr rather than global in wolfmath.c.
wolfcrypt/src/sakke.c:
* in wc_DeriveSakkeSSV(), initialize a[] with explicit XMEMSET() rather than " = {0}", to avoid unmaskable implicit memset() emitted by compiler.
* remove all vector register provisions (SAVE_VECTOR_REGISTERS(), RESTORE_VECTOR_REGISTERS(), ASSERT_SAVED_VECTOR_REGISTERS()).
linuxkm/module_exports.c.template: add includes for eccsi.h and sakke.h.
configure.ac:
* tweak enable-all-crypto setup to make enable_eccsi unconditional alongside enable_fpecc;
* move enable_sakke to be conditional only on !FIPS.
* notably this activates ECCSI and SAKKE on kernel all-crypto builds.
wolfcrypt/test/test.c: WC_*_VAR*() refactors for eccsi_test() and sakke_test().