rename WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS to WOLFSSL_USE_SAVE_VECTOR_REGISTERS, and wherever appropriate, replace defined(WOLFSSL_LINUXKM) with defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS).
rename WC_WANT_FLAG_DONT_USE_AESNI to WC_WANT_FLAG_DONT_USE_VECTOR_OPS.
rename lkm_printf() to wc_km_printf().
replace WOLFSSL_LINUXKM gates on kernel-incompatible includes with header-specific gates NO_STRING_H, NO_STDINT_H, NO_LIMITS_H, NO_CTYPE_H, NO_STDLIB_H
remove low level threading setup section of wolfssl/internal.h, which duplicated existing logic in wc_port.h, except for off-topic WOLFSSL_APACHE_MYNEWT TLS-layer setup, which is preserved, and a defined(__NT__) clause, which is now merged into the existing section in wc_port.h.
The `ACVP_VECTOR_TESTING` blocks the clearing of the output when an auth
tag check fails. This causes a test for that scenario to fail, so don't
do that test whcn `ACVP_VECTOR_TESTING` is defined.
add WC_GENERATE_SEED_DEFAULT, which defaults to wc_GenerateSeed if not overridden, and replace wc_GenerateSeed with WC_GENERATE_SEED_DEFAULT in various calls to wc_SetSeed_Cb();
linuxkm/linuxkm_wc_port.h: if FIPS <v6 and RDSEED, define WC_LINUXKM_RDSEED_IN_GLUE_LAYER and define WC_GENERATE_SEED_DEFAULT wc_linuxkm_GenerateSeed_IntelRD;
wolfcrypt/test/test.c: update rng_seed_test() with gating and vectors for FIPS v5 with HAVE_AMD_RDSEED or HAVE_INTEL_RDSEED;
wolfssl/wolfcrypt/types.h: add WC_HAVE_VECTOR_SPEEDUPS helper macro, and enlarge fallthrough definition coverage for DISABLE_VECTOR_REGISTERS.
refactor all static flag initializations to use cpuid_get_flags_ex() for race-free dynamics;
refactor cpuid_set_flags() to be race-free;
wolfssl/wolfcrypt/wc_port.h and wolfcrypt/src/wc_port.c: add
* WOLFSSL_ATOMIC_COERCE_INT()
* WOLFSSL_ATOMIC_COERCE_UINT()
* wolfSSL_Atomic_Uint
* wolfSSL_Atomic_Uint_Init()
* wolfSSL_Atomic_Int_AddFetch()
* wolfSSL_Atomic_Int_SubFetch()
* wolfSSL_Atomic_Int_CompareExchange()
* wolfSSL_Atomic_Uint_FetchAdd()
* wolfSSL_Atomic_Uint_FetchSub()
* wolfSSL_Atomic_Uint_AddFetch()
* wolfSSL_Atomic_Uint_SubFetch()
* wolfSSL_Atomic_Uint_CompareExchange()
wolfcrypt/test/test.c: add to memory_test() tests for all atomic macros and APIs;
.github/workflows/pq-all.yml: don't use -Wpedantic for CC=c++ scenario.
* move enum wc_svr_flags out of BUILDING_WOLFSSL guard;
* add DISABLE_VECTOR_REGISTERS() and REENABLE_VECTOR_REGISTERS() definitions for !BUILDING_WOLFSSL;
* add #include <linux/spinlock.h> to !WOLFSSL_LINUXKM_USE_MUTEXES implementation to fix compilation (and add usability) to caller code;
linuxkm/lkcapi_sha_glue.c: in wc_linuxkm_drbg_ctx_clear(), fix error-path deallocation of locked object;
wolfcrypt/benchmark/benchmark.c:
* in FIPS v6+ builds, and FIPS linuxkm v5+, check retval from wc_AesEncryptDirect() and wc_AesDecryptDirect();
* add WC_RELAX_LONG_LOOP() in bench_stats_sym_finish() and bench_stats_asym_finish_ex();
wolfcrypt/test/test.c: fix rng_seed_test() with correct test vectors for the relevant combinations of features, and gate the test out if there are user override defines for ENTROPY_SCALE_FACTOR or SEED_BLOCK_SZ.
Fixes to get WOLFSSL_PUBLIC_MP testing passing.
Fix DH constant time agreement:
- implement constant time encoding to big-endian byte array in TFM
- only force x to be zero for SP math as others implementations ensure
unused words are zero
- exponentiate in constant time to the smallest number of words
possible
- no need to encode into separate buffer anymore as encoding is
constant time and front padded
- make requested_sz be the maximum size for the parameters and check
against agreeSz
- update agreeSz to be the maximum valid size instead of filling all
the buffer which may be many times too big
- fix SP result to front pad when doing constant time
