fixes for fips#379 and related:

linuxkm/Makefile, linuxkm/linuxkm-fips-hash-wrapper.sh, linuxkm/linuxkm_memory.c: refactor coreKey extraction to use ELF tools rather than WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE and user_settings.h.

linuxkm/module_hooks.c: add stack measurement for wc_RunAllCast_fips().

tests/api/test_slhdsa.c: frivolous initialization to work around a false positive -Wmaybe-uninitialized in slhdsa_der_roundtrip_one().

wolfcrypt/src/wc_slhdsa.c,  wolfssl/wolfcrypt/wc_slhdsa.h:
* refactor lifecycle management for SHA-2 objects to fix a leak via wc_SlhDsaKey_CheckKey().
* add support for WC_SLHDSA_NO_ASM.
* add WOLFSSL_SLHDSA_VERIFY_ONLY gates around prototypes, to get compile-time failures for misuse.

wolfcrypt/test/test.c:
* clean up myFipsCb() and restore usability of TEST_ALWAYS_RUN_TO_END with bad FIPS hash (useful test coverage).
* add wc_RunAllCast_fips() to wolfcrypt_test().
* when WOLFSSL_KERNEL_MODE or BENCH_EMBEDDED, force on WOLFSSL_SLHDSA_VERIFY_ONLY unless WOLFSSL_SLHDSA_FORCE_FULL_TESTS is defined.

wolfssl/wolfcrypt/settings.h:
* add WC_MLKEM_NO_ASM to WOLFSSL_LINUXKM section to work around asm bug.
* remove clause in WOLFSSL_KERNEL_MODE section that forced on WOLFSSL_SLHDSA_VERIFY_ONLY.

Author: douzzer

.wolfssl_known_macro_extras

@@ -656,6 +656,7 @@ WC_FORCE_LINUXKM_FORTIFY_SOURCE
 WC_HASH_CUSTOM_MAX_BLOCK_SIZE
 WC_HASH_CUSTOM_MAX_DIGEST_SIZE
 WC_HASH_CUSTOM_MIN_DIGEST_SIZE
+WC_MLKEM_KERNEL_ASM
 WC_NO_ASYNC_SLEEP
 WC_NO_RNG_SIMPLE
 WC_NO_STATIC_ASSERT
@@ -671,6 +672,8 @@ WC_RSA_NONBLOCK_TIME
 WC_RSA_NO_FERMAT_CHECK
 WC_RWLOCK_OPS_INLINE
 WC_SKIP_INCLUDED_C_FILES
+WC_SLHDSA_KERNEL_ASM
+WC_SLHDSA_NO_ASM
 WC_SLHDSA_VERBOSE_DEBUG
 WC_SSIZE_TYPE
 WC_STRICT_SIG

linuxkm/Makefile

@@ -401,15 +401,11 @@ $(MODULE_TOP)/libwolfssl-user-build/src/.libs/libwolfssl.so: $(LIBWOLFSSL_NAME).
 	@    for file in "$${srcfiles[@]}"; do if [[ ! -e "$$file" ]]; then mkdir -p "$$(dirname "$$file")" && cp --no-dereference --symbolic-link --no-clobber '$(SRC_TOP)'/"$$file" "$$file"; fi; done
 	@    echo ' done.'
 	@fi
-	@if [[ ! -f user_settings.h ]]; then
-	@    echo '__attribute__ ((visibility("default"))) extern const char coreKey[];' > user_settings.h
-	@    echo > user_settings_asm.h
-	@fi
 	@if [[ -f Makefile ]]; then
 	@    echo 'Using existing Makefile for libwolfssl.so.'
 	@else
 	@    echo -n 'Configuring user libwolfssl.so...'
-	@    $(FRESH_ENV) ./configure $(QFLAG) $(VFLAG) --disable-jobserver --enable-cryptonly --enable-fips="$$FIPS_FLAVOR" CFLAGS='-DWC_SYM_RELOC_TABLES_SUPPORT -DWOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE -DWOLFSSL_USER_SETTINGS -DWOLFSSL_USER_SETTINGS_ASM -DDEBUG_LINUXKM_PIE_SUPPORT' $(if $(HOSTCC),CC='$(HOSTCC)')
+	@    $(FRESH_ENV) ./configure $(QFLAG) $(VFLAG) --disable-jobserver --enable-cryptonly --enable-fips="$$FIPS_FLAVOR" CFLAGS='-DWC_SYM_RELOC_TABLES_SUPPORT -DDEBUG_LINUXKM_PIE_SUPPORT -DWOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE_SUPPORT' $(if $(HOSTCC),CC='$(HOSTCC)')
 	@    echo ' done.'
 	@fi
 	@echo -n 'Building user libwolfssl.so...'

linuxkm/linuxkm-fips-hash-wrapper.sh

@@ -45,6 +45,25 @@ if ! "$AWK" --version 2>&1 | grep -F -q 'GNU Awk'; then
     exit 1
 fi
 
+if [[ ! -v COREKEY ]]; then
+    if [[ ! -v LIBWOLFSSL ]]; then
+	LIBWOLFSSL=./libwolfssl-user-build/src/.libs/libwolfssl.so
+    fi
+    read -a coreKey_a < <("${READELF-readelf}" --symbols --wide "$LIBWOLFSSL" | grep --max-count=1 -E -e '[[:space:]]coreKey$') || exit $?
+    if [[ ${#coreKey_a[@]} != 8 || "${coreKey_a[2]}" != "65" ]]; then
+	echo "unexpected readelf output: \"${coreKey_a[*]}\" (${#coreKey_a[@]})" >&2
+	exit 1
+    fi
+    coreKey_offset=$((0x${coreKey_a[1]}))
+    COREKEY=$(dd if="$LIBWOLFSSL" bs=64 iflag=skip_bytes,count_bytes skip="$coreKey_offset" count=64 status=none) || exit $?
+    if [[ "$COREKEY" =~ ^[0-9A-Fa-f]{64}$ ]]; then
+	:
+    else
+	echo "unexpected value for coreKey \"${COREKEY}\"." >&2
+	exit 1
+    fi
+fi
+
 # shellcheck disable=SC2016 # using $AWK instead of awk confuses shellcheck.
 readarray -t fenceposts < <(readelf --wide --sections --symbols "$mod_path" | "$AWK" '
 BEGIN {
@@ -110,4 +129,4 @@ BEGIN {
     }
 }')
 
-./linuxkm-fips-hash "${fenceposts[@]}" --mod-path "$mod_path" --in-place "$@"
+./linuxkm-fips-hash "${fenceposts[@]}" --mod-path "$mod_path" --in-place --core-key="$COREKEY" "$@"

linuxkm/linuxkm_memory.c

@@ -505,7 +505,8 @@ ssize_t wc_reloc_normalize_segment(
 
 #ifdef HAVE_FIPS
 
-#ifdef WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE
+#if defined(WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE) || \
+    defined(WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE_SUPPORT)
 
 #include <wolfssl/wolfcrypt/fips_test.h>
 #ifndef MAX_FIPS_DATA_SZ
@@ -969,6 +970,7 @@ int wc_fips_generate_hash(
     return ret;
 }
 
-#endif /* WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE */
+#endif /* WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE ||      */
+       /* WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE_SUPPORT */
 
 #endif /* HAVE_FIPS */

linuxkm/module_hooks.c

@@ -882,7 +882,25 @@ static int wolfssl_init(void)
 #endif
 
 #if defined(HAVE_FIPS) && FIPS_VERSION3_GT(5,2,0)
+
+    #ifdef WC_LINUXKM_HAVE_STACK_DEBUG
+    {
+        unsigned long stack_usage;
+        stack_usage = wc_linuxkm_stack_current();
+        pr_info("STACK INFO: usage at call to wc_RunAllCast_fips(): %lu of %lu total\n", stack_usage, THREAD_SIZE);
+        wc_linuxkm_stack_hwm_prepare(0xee);
+    #endif
+
     ret = wc_RunAllCast_fips();
+
+#ifdef WC_LINUXKM_HAVE_STACK_DEBUG
+        stack_usage = wc_linuxkm_stack_hwm_measure_rel(0xee);
+        pr_info("STACK INFO: rel usage by wc_RunAllCast_fips(): %lu\n", stack_usage);
+        /* shush up false stack HWM reading by kernel: */
+        wc_linuxkm_stack_hwm_prepare(0);
+    }
+#endif
+
     if (ret != 0) {
         pr_err("ERROR: wc_RunAllCast_fips() failed with return value %d\n", ret);
         return -ECANCELED;

tests/api/test_slhdsa.c

@@ -1351,7 +1351,7 @@ static int slhdsa_der_roundtrip_one(enum SlhDsaParam param)
     byte* derBuf = NULL;
     byte* sig = NULL;
     const word32 derBufSz = 16 * 1024;
-    word32 derLen;
+    word32 derLen = 0; /* initialize to suppress false -Wmaybe-uninitialized */
     word32 idx;
     word32 sigLen;
     enum SlhDsaParam placeholder = param;