@@ -64,6 +64,7 @@

 #include <crypto/scatterwalk.h>

 #include <crypto/sha1_base.h>

 #include <crypto/sha512_base.h>

+#include <crypto/sha3.h>

 static __ro_after_init bool alg_request_report = false;

@@ -481,4 +482,7 @@ EXPORT_SYMBOL(sha224_update);

 EXPORT_SYMBOL(sha256_final);

 EXPORT_SYMBOL(sha224_final);

 EXPORT_SYMBOL(sha256);

-/* End of Exports */

\ No newline at end of file

+EXPORT_SYMBOL(crypto_sha3_init);

+EXPORT_SYMBOL(crypto_sha3_update);

+EXPORT_SYMBOL(crypto_sha3_final);

+/* End of Exports */

@@ -1,7 +1,7 @@

 From f39f08830588a6fc9beb9f14217aed41dbbc888d Mon Sep 17 00:00:00 2001

 From: Alexey Makhalov <amakhalov@vmware.com>

 Date: Mon, 25 Jan 2021 19:34:10 -0800

-Subject: [PATCH 2/3] FIPS canister creation

+Subject: [PATCH 2/8] FIPS canister creation

 Canister creation patch.

  - Makefile changes to generate canister binary (fips_canister.o)

@@ -323,7 +323,7 @@ index a5b0cb3ef..10420b2aa 100644

  		err = skcipher_walk_done(&walk, 0);

  	}

 diff --git a/crypto/Makefile b/crypto/Makefile

-index 9a8372781..688a58b30 100644

+index c2ac25a65..cf8043262 100644

 --- a/crypto/Makefile

 +++ b/crypto/Makefile

 @@ -40,6 +40,13 @@ rsa_generic-y += rsaprivkey.asn1.o

@@ -340,7 +340,7 @@ index 9a8372781..688a58b30 100644

  $(obj)/sm2signature.asn1.o: $(obj)/sm2signature.asn1.c $(obj)/sm2signature.asn1.h

  $(obj)/sm2.o: $(obj)/sm2signature.asn1.h

-@@ -53,22 +60,38 @@ $(obj)/ecdsasignature.asn1.o: $(obj)/ecdsasignature.asn1.c $(obj)/ecdsasignature

+@@ -53,22 +60,40 @@ $(obj)/ecdsasignature.asn1.o: $(obj)/ecdsasignature.asn1.c $(obj)/ecdsasignature

  $(obj)/ecdsa.o: $(obj)/ecdsasignature.asn1.h

  ecdsa_generic-y += ecdsa.o

  ecdsa_generic-y += ecdsasignature.asn1.o

@@ -373,13 +373,15 @@ index 9a8372781..688a58b30 100644

 +canister += sha1_generic.o

 +canister += sha256_generic.o

 +canister += sha512_generic.o

++canister += sha3_generic.o

 +CFLAGS_REMOVE_sha1_generic.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call

 +CFLAGS_REMOVE_sha256_generic.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call

 +CFLAGS_REMOVE_sha512_generic.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call

- obj-$(CONFIG_CRYPTO_SHA3) += sha3_generic.o

++CFLAGS_REMOVE_sha3_generic.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call

  obj-$(CONFIG_CRYPTO_SM3) += sm3.o

  obj-$(CONFIG_CRYPTO_SM3_GENERIC) += sm3_generic.o

-@@ -78,13 +101,29 @@ CFLAGS_wp512.o := $(call cc-option,-fno-schedule-insns)  # https://gcc.gnu.org/b

+ obj-$(CONFIG_CRYPTO_STREEBOG) += streebog_generic.o

+@@ -77,13 +102,29 @@ CFLAGS_wp512.o := $(call cc-option,-fno-schedule-insns)  # https://gcc.gnu.org/b

  obj-$(CONFIG_CRYPTO_BLAKE2B) += blake2b_generic.o

  CFLAGS_blake2b_generic.o := -Wframe-larger-than=4096 #  https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105930

  obj-$(CONFIG_CRYPTO_GF128MUL) += gf128mul.o

@@ -409,7 +411,7 @@ index 9a8372781..688a58b30 100644

  obj-$(CONFIG_CRYPTO_CHACHA20POLY1305) += chacha20poly1305.o

  obj-$(CONFIG_CRYPTO_AEGIS128) += aegis128.o

  aegis128-y := aegis128-core.o

-@@ -111,6 +150,8 @@ CFLAGS_aegis128-neon-inner.o += -isystem $(shell $(CC) -print-file-name=include)

+@@ -110,6 +151,8 @@ CFLAGS_aegis128-neon-inner.o += -isystem $(shell $(CC) -print-file-name=include)

  obj-$(CONFIG_CRYPTO_PCRYPT) += pcrypt.o

  obj-$(CONFIG_CRYPTO_CRYPTD) += cryptd.o

@@ -418,7 +420,7 @@ index 9a8372781..688a58b30 100644

  obj-$(CONFIG_CRYPTO_FCRYPT) += fcrypt.o

  obj-$(CONFIG_CRYPTO_BLOWFISH) += blowfish_generic.o

  obj-$(CONFIG_CRYPTO_BLOWFISH_COMMON) += blowfish_common.o

-@@ -118,7 +159,9 @@ obj-$(CONFIG_CRYPTO_TWOFISH) += twofish_generic.o

+@@ -117,7 +160,9 @@ obj-$(CONFIG_CRYPTO_TWOFISH) += twofish_generic.o

  obj-$(CONFIG_CRYPTO_TWOFISH_COMMON) += twofish_common.o

  obj-$(CONFIG_CRYPTO_SERPENT) += serpent_generic.o

  CFLAGS_serpent_generic.o := $(call cc-option,-fsched-pressure)  # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79149

@@ -428,7 +430,7 @@ index 9a8372781..688a58b30 100644

  obj-$(CONFIG_CRYPTO_SM4) += sm4.o

  obj-$(CONFIG_CRYPTO_SM4_GENERIC) += sm4_generic.o

  obj-$(CONFIG_CRYPTO_AES_TI) += aes_ti.o

-@@ -148,10 +191,15 @@ obj-$(CONFIG_CRYPTO_XXHASH) += xxhash_generic.o

+@@ -147,10 +192,15 @@ obj-$(CONFIG_CRYPTO_XXHASH) += xxhash_generic.o

  obj-$(CONFIG_CRYPTO_842) += 842.o

  obj-$(CONFIG_CRYPTO_RNG2) += rng.o

  obj-$(CONFIG_CRYPTO_ANSI_CPRNG) += ansi_cprng.o

@@ -444,7 +446,7 @@ index 9a8372781..688a58b30 100644

  obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o

  obj-$(CONFIG_CRYPTO_GHASH) += ghash-generic.o

  obj-$(CONFIG_CRYPTO_POLYVAL) += polyval-generic.o

-@@ -162,11 +210,16 @@ obj-$(CONFIG_CRYPTO_USER_API_RNG) += algif_rng.o

+@@ -161,11 +211,16 @@ obj-$(CONFIG_CRYPTO_USER_API_RNG) += algif_rng.o

  obj-$(CONFIG_CRYPTO_USER_API_AEAD) += algif_aead.o

  obj-$(CONFIG_CRYPTO_ZSTD) += zstd.o

  obj-$(CONFIG_CRYPTO_OFB) += ofb.o

@@ -461,10 +463,11 @@ index 9a8372781..688a58b30 100644

  $(obj)/ecrdsa_params.asn1.o: $(obj)/ecrdsa_params.asn1.c $(obj)/ecrdsa_params.asn1.h

  $(obj)/ecrdsa_pub_key.asn1.o: $(obj)/ecrdsa_pub_key.asn1.c $(obj)/ecrdsa_pub_key.asn1.h

-@@ -191,6 +244,60 @@ obj-$(CONFIG_CRYPTO_SIMD) += crypto_simd.o

+@@ -189,6 +244,61 @@ obj-$(CONFIG_CRYPTO_SIMD) += crypto_simd.o

+ # Key derivation function

  #

  obj-$(CONFIG_CRYPTO_KDF800108_CTR) += kdf_sp800108.o

- 

++

 +aesni-intel-y := aesni-intel_asm.o aesni-intel_glue.o

 +aesni-intel-$(CONFIG_64BIT) += aesni-intel_avx-x86_64.o aes_ctrby8_avx-x86_64.o

 +OBJECT_FILES_NON_STANDARD_x86-aesni-intel_avx-x86_64.o := y

@@ -1558,4 +1561,5 @@ index af5ad51d3..f3e132d6f 100644

  	unsigned char *Vbuf;

  	/* hash: static value 10.1.1.1 1b) hmac / ctr: key */

 -- 

-2.40.0

+2.19.0

+

@@ -1,7 +1,7 @@

 From 6dca4744eec08e19aaf344399833d9f482924267 Mon Sep 17 00:00:00 2001

 From: Keerthana K <keerthanak@vmware.com>

 Date: Wed, 29 Mar 2023 10:40:59 +0000

-Subject: [PATCH] aesni_intel: Remove static call

+Subject: [PATCH 3/8] aesni_intel: Remove static call

 Signed-off-by: Keerthana K <keerthanak@vmware.com>

 ---

@@ -1,16 +1,15 @@

 From 8661a32500fadfb5e0247b6f37a249952010d5d5 Mon Sep 17 00:00:00 2001

 From: Keerthana K <keerthanak@vmware.com>

 Date: Wed, 17 May 2023 15:35:53 +0000

-Subject: [PATCH 1/2] Disable retpoline_sites and return_sites sections in

- canister

+Subject: [PATCH 4/8] Disable retpoline_sites and return_sites sections in canister

 Signed-off-by: Keerthana K <keerthanak@vmware.com>

 ---

  arch/x86/crypto/aes_ctrby8_avx-x86_64.S  |  1 +

  arch/x86/crypto/aesni-intel_asm.S        |  1 +

  arch/x86/crypto/aesni-intel_avx-x86_64.S |  1 +

- crypto/Makefile                          | 82 ++++++++++++------------

- 4 files changed, 44 insertions(+), 41 deletions(-)

+ crypto/Makefile                          | 91 +++++++++++++-----------

+ 4 files changed, 52 insertions(+), 42 deletions(-)

 diff --git a/arch/x86/crypto/aes_ctrby8_avx-x86_64.S b/arch/x86/crypto/aes_ctrby8_avx-x86_64.S

 index 2402b9418..d81759263 100644

@@ -49,7 +48,7 @@ index 0852ab573..8bef0e67c 100644

  # constants in mergeable sections, linker can reorder and merge

  .section	.rodata.cst16.POLY, "aM", @progbits, 16

 diff --git a/crypto/Makefile b/crypto/Makefile

-index 688a58b30..f2b8ffec2 100644

+index cf8043262..0395dff4c 100644

 --- a/crypto/Makefile

 +++ b/crypto/Makefile

 @@ -42,11 +42,11 @@ rsa_generic-y += rsa_helper.o

@@ -101,20 +100,22 @@ index 688a58b30..f2b8ffec2 100644

  obj-$(CONFIG_CRYPTO_VMAC) += vmac.o

  obj-$(CONFIG_CRYPTO_XCBC) += xcbc.o

  obj-$(CONFIG_CRYPTO_NULL2) += crypto_null.o

-@@ -89,9 +89,9 @@ obj-$(CONFIG_CRYPTO_RMD160) += rmd160.o

- canister += sha1_generic.o

+@@ -90,10 +90,10 @@ canister += sha1_generic.o

  canister += sha256_generic.o

  canister += sha512_generic.o

+ canister += sha3_generic.o

 -CFLAGS_REMOVE_sha1_generic.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call

 -CFLAGS_REMOVE_sha256_generic.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call

 -CFLAGS_REMOVE_sha512_generic.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call

+-CFLAGS_REMOVE_sha3_generic.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call

 +CFLAGS_REMOVE_sha1_generic.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call $(RETPOLINE_CFLAGS) $(RETHUNK_CFLAGS)

 +CFLAGS_REMOVE_sha256_generic.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call $(RETPOLINE_CFLAGS) $(RETHUNK_CFLAGS)

 +CFLAGS_REMOVE_sha512_generic.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call $(RETPOLINE_CFLAGS) $(RETHUNK_CFLAGS)

- obj-$(CONFIG_CRYPTO_SHA3) += sha3_generic.o

++CFLAGS_REMOVE_sha3_generic.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call $(RETPOLINE_CFLAGS) $(RETHUNK_CFLAGS)

  obj-$(CONFIG_CRYPTO_SM3) += sm3.o

  obj-$(CONFIG_CRYPTO_SM3_GENERIC) += sm3_generic.o

-@@ -103,18 +103,18 @@ CFLAGS_blake2b_generic.o := -Wframe-larger-than=4096 #  https://gcc.gnu.org/bugz

+ obj-$(CONFIG_CRYPTO_STREEBOG) += streebog_generic.o

+@@ -104,18 +104,18 @@ CFLAGS_blake2b_generic.o := -Wframe-larger-than=4096 #  https://gcc.gnu.org/bugz

  obj-$(CONFIG_CRYPTO_GF128MUL) += gf128mul.o

  canister += ecb.o

  canister += cbc.o

@@ -139,7 +140,7 @@ index 688a58b30..f2b8ffec2 100644

  obj-$(CONFIG_CRYPTO_XCTR) += xctr.o

  obj-$(CONFIG_CRYPTO_HCTR2) += hctr2.o

  obj-$(CONFIG_CRYPTO_KEYWRAP) += keywrap.o

-@@ -122,8 +122,8 @@ obj-$(CONFIG_CRYPTO_ADIANTUM) += adiantum.o

+@@ -123,8 +123,8 @@ obj-$(CONFIG_CRYPTO_ADIANTUM) += adiantum.o

  obj-$(CONFIG_CRYPTO_NHPOLY1305) += nhpoly1305.o

  canister += gcm.o

  canister += ccm.o

@@ -150,7 +151,7 @@ index 688a58b30..f2b8ffec2 100644

  obj-$(CONFIG_CRYPTO_CHACHA20POLY1305) += chacha20poly1305.o

  obj-$(CONFIG_CRYPTO_AEGIS128) += aegis128.o

  aegis128-y := aegis128-core.o

-@@ -151,7 +151,7 @@ CFLAGS_aegis128-neon-inner.o += -isystem $(shell $(CC) -print-file-name=include)

+@@ -152,7 +152,7 @@ CFLAGS_aegis128-neon-inner.o += -isystem $(shell $(CC) -print-file-name=include)

  obj-$(CONFIG_CRYPTO_PCRYPT) += pcrypt.o

  obj-$(CONFIG_CRYPTO_CRYPTD) += cryptd.o

  canister += des_generic.o

@@ -159,7 +160,7 @@ index 688a58b30..f2b8ffec2 100644

  obj-$(CONFIG_CRYPTO_FCRYPT) += fcrypt.o

  obj-$(CONFIG_CRYPTO_BLOWFISH) += blowfish_generic.o

  obj-$(CONFIG_CRYPTO_BLOWFISH_COMMON) += blowfish_common.o

-@@ -161,7 +161,7 @@ obj-$(CONFIG_CRYPTO_SERPENT) += serpent_generic.o

+@@ -162,7 +162,7 @@ obj-$(CONFIG_CRYPTO_SERPENT) += serpent_generic.o

  CFLAGS_serpent_generic.o := $(call cc-option,-fsched-pressure)  # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79149

  canister += aes_generic.o

  CFLAGS_aes_generic.o := $(call cc-option,-fno-code-hoisting) # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=83356

@@ -168,7 +169,7 @@ index 688a58b30..f2b8ffec2 100644

  obj-$(CONFIG_CRYPTO_SM4) += sm4.o

  obj-$(CONFIG_CRYPTO_SM4_GENERIC) += sm4_generic.o

  obj-$(CONFIG_CRYPTO_AES_TI) += aes_ti.o

-@@ -192,14 +192,14 @@ obj-$(CONFIG_CRYPTO_842) += 842.o

+@@ -193,14 +193,14 @@ obj-$(CONFIG_CRYPTO_842) += 842.o

  obj-$(CONFIG_CRYPTO_RNG2) += rng.o

  obj-$(CONFIG_CRYPTO_ANSI_CPRNG) += ansi_cprng.o

  canister += drbg.o

@@ -186,7 +187,7 @@ index 688a58b30..f2b8ffec2 100644

  obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o

  obj-$(CONFIG_CRYPTO_GHASH) += ghash-generic.o

  obj-$(CONFIG_CRYPTO_POLYVAL) += polyval-generic.o

-@@ -211,15 +211,15 @@ obj-$(CONFIG_CRYPTO_USER_API_AEAD) += algif_aead.o

+@@ -212,15 +212,15 @@ obj-$(CONFIG_CRYPTO_USER_API_AEAD) += algif_aead.o

  obj-$(CONFIG_CRYPTO_ZSTD) += zstd.o

  obj-$(CONFIG_CRYPTO_OFB) += ofb.o

  canister += ecc.o

@@ -205,7 +206,7 @@ index 688a58b30..f2b8ffec2 100644

  $(obj)/ecrdsa_params.asn1.o: $(obj)/ecrdsa_params.asn1.c $(obj)/ecrdsa_params.asn1.h

  $(obj)/ecrdsa_pub_key.asn1.o: $(obj)/ecrdsa_pub_key.asn1.c $(obj)/ecrdsa_pub_key.asn1.h

-@@ -247,30 +247,30 @@ obj-$(CONFIG_CRYPTO_KDF800108_CTR) += kdf_sp800108.o

+@@ -248,30 +248,37 @@ obj-$(CONFIG_CRYPTO_KDF800108_CTR) += kdf_sp800108.o

  aesni-intel-y := aesni-intel_asm.o aesni-intel_glue.o

  aesni-intel-$(CONFIG_64BIT) += aesni-intel_avx-x86_64.o aes_ctrby8_avx-x86_64.o

  OBJECT_FILES_NON_STANDARD_x86-aesni-intel_avx-x86_64.o := y

@@ -213,6 +214,7 @@ index 688a58b30..f2b8ffec2 100644

 +CFLAGS_REMOVE_x86-aesni-intel_glue.o = -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call $(RETPOLINE_CFLAGS) $(RETHUNK_CFLAGS)

 -crypto/x86-%.o: arch/x86/crypto/%.c $(recordmcount_source) $(objtool_dep)

++

 +crypto/x86-%.o: arch/x86/crypto/%.c $(recordmcount_source) $(objtool_dep) FORCE

  	$(call cmd,force_checksrc)

  	$(call if_changed_rule,cc_o_c)

@@ -228,9 +230,13 @@ index 688a58b30..f2b8ffec2 100644

 -CFLAGS_REMOVE_lib-crypto-sha1.o = -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call

 -crypto/lib-crypto-%.o: lib/crypto/%.c $(recordmcount_source) $(objtool_dep)

 +CFLAGS_REMOVE_lib-crypto-aes.o = -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call $(RETPOLINE_CFLAGS) $(RETHUNK_CFLAGS)

++

 +CFLAGS_REMOVE_lib-crypto-des.o = -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call $(RETPOLINE_CFLAGS) $(RETHUNK_CFLAGS)

++

 +CFLAGS_REMOVE_lib-crypto-sha256.o = -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call $(RETPOLINE_CFLAGS) $(RETHUNK_CFLAGS)

++

 +CFLAGS_REMOVE_lib-crypto-sha1.o = -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call $(RETPOLINE_CFLAGS) $(RETHUNK_CFLAGS)

++

 +crypto/lib-crypto-%.o: lib/crypto/%.c $(recordmcount_source) $(objtool_dep) FORCE

  	$(call cmd,force_checksrc)

  	$(call if_changed_rule,cc_o_c)

@@ -239,14 +245,16 @@ index 688a58b30..f2b8ffec2 100644

  CFLAGS_crypto_self_test.o += -DFIPS_NOT_ALLOWED=fcw_fips_not_allowed_alg

 -CFLAGS_REMOVE_crypto_self_test.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call

 +CFLAGS_REMOVE_crypto_self_test.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call $(RETPOLINE_CFLAGS) $(RETHUNK_CFLAGS)

++

  canister += fips_integrity.o

 -CFLAGS_REMOVE_fips_integrity.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call

 +CFLAGS_REMOVE_fips_integrity.o += -DLATENT_ENTROPY_PLUGIN -fplugin=./scripts/gcc-plugins/latent_entropy_plugin.so -fplugin-arg-rap_plugin-check=call $(RETPOLINE_CFLAGS) $(RETHUNK_CFLAGS)

++

  extra-y += $(canister)

  $(obj)/canister.o: $(addprefix crypto/x86-,$(aesni-intel-y)) $(addprefix crypto/lib-crypto-,$(lib-crypto-y)) $(addprefix $(obj)/,$(canister))

-@@ -287,7 +287,7 @@ $(src)/canister_relocs.c: $(obj)/canister.o $(obj)/gen_canister_relocs FORCE

+@@ -288,7 +295,7 @@ $(src)/canister_relocs.c: $(obj)/canister.o $(obj)/gen_canister_relocs FORCE

  clean-files += canister_relocs.c

  clean-files += fips_canister-kallsyms

  targets += canister_relocs.o

@@ -1,7 +1,7 @@

 From 426a6da48e195c99d2b217611cf99da054d917b2 Mon Sep 17 00:00:00 2001

 From: Keerthana K <keerthanak@vmware.com>

 Date: Wed, 17 May 2023 16:11:40 +0000

-Subject: [PATCH 2/2] Move __bug_table section to fips_canister_wrapper

+Subject: [PATCH 5/8] Move __bug_table section to fips_canister_wrapper

 Signed-off-by: Keerthana K <keerthanak@vmware.com>

 ---

@@ -29,13 +29,13 @@ Signed-off-by: Keerthana K <keerthanak@vmware.com>

  crypto/testmgr.c                   | 110 ++++++++++++++---------------

  crypto/xts.c                       |   2 +-

  lib/crypto/sha256.c                |   6 +-

- 27 files changed, 182 insertions(+), 174 deletions(-)

+ 24 files changed, 182 insertions(+), 174 deletions(-)

 diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c

-index a6da1abb9..1b89d3c78 100644

+index 0628c2bca..6a4378bac 100644

 --- a/arch/x86/crypto/aesni-intel_glue.c

 +++ b/arch/x86/crypto/aesni-intel_glue.c

-@@ -37,6 +37,10 @@

+@@ -38,6 +38,10 @@

  void fcw_kernel_fpu_begin(void);

  void fcw_kernel_fpu_end(void);

@@ -46,7 +46,7 @@ index a6da1abb9..1b89d3c78 100644

  #define AESNI_ALIGN	16

  #define AESNI_ALIGN_ATTR __attribute__ ((__aligned__(AESNI_ALIGN)))

-@@ -608,7 +612,7 @@ static int xctr_crypt(struct skcipher_request *req)

+@@ -590,7 +594,7 @@ static int xctr_crypt(struct skcipher_request *req)

  		byte_ctr += walk.nbytes - nbytes;

  		if (walk.nbytes == walk.total && nbytes > 0) {

@@ -55,7 +55,7 @@ index a6da1abb9..1b89d3c78 100644

  			block[0] ^= cpu_to_le32(1 + byte_ctr / AES_BLOCK_SIZE);

  			aesni_enc(ctx, keystream, (u8 *)block);

  			crypto_xor_cpy(walk.dst.virt.addr + walk.nbytes -

-@@ -654,7 +658,7 @@ static int common_rfc4106_set_key(struct crypto_aead *aead, const u8 *key,

+@@ -636,7 +640,7 @@ static int common_rfc4106_set_key(struct crypto_aead *aead, const u8 *key,

  	/*Account for 4 byte nonce at the end.*/

  	key_len -= 4;

@@ -64,7 +64,7 @@ index a6da1abb9..1b89d3c78 100644

  	return aes_set_key_common(crypto_aead_tfm(aead),

  				  &ctx->aes_key_expanded, key, key_len) ?:

-@@ -697,8 +701,6 @@ static int generic_gcmaes_set_authsize(struct crypto_aead *tfm,

+@@ -679,8 +683,6 @@ static int generic_gcmaes_set_authsize(struct crypto_aead *tfm,

  	return 0;

  }

@@ -73,7 +73,7 @@ index a6da1abb9..1b89d3c78 100644

  static int gcmaes_crypt_by_sg(bool enc, struct aead_request *req,

  			      unsigned int assoclen, u8 *hash_subkey,

  			      u8 *iv, void *aes_ctx, u8 *auth_tag,

-@@ -725,7 +727,7 @@ static int gcmaes_crypt_by_sg(bool enc, struct aead_request *req,

+@@ -705,7 +707,7 @@ static int gcmaes_crypt_by_sg(bool enc, struct aead_request *req,

  	/* Linearize assoc, if not already linear */

  	if (req->src->length >= assoclen && req->src->length) {

  		scatterwalk_start(&assoc_sg_walk, req->src);

@@ -82,7 +82,7 @@ index a6da1abb9..1b89d3c78 100644

  	} else {

  		gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?

  			      GFP_KERNEL : GFP_ATOMIC;

-@@ -1157,7 +1159,7 @@ static int generic_gcmaes_encrypt(struct aead_request *req)

+@@ -1177,7 +1179,7 @@ static int generic_gcmaes_encrypt(struct aead_request *req)

  	u8 *iv = PTR_ALIGN(&ivbuf[0], AESNI_ALIGN);

  	__be32 counter = cpu_to_be32(1);

@@ -91,7 +91,7 @@ index a6da1abb9..1b89d3c78 100644

  	*((__be32 *)(iv+12)) = counter;

  	return gcmaes_encrypt(req, req->assoclen, ctx->hash_subkey, iv,

-@@ -1173,7 +1175,7 @@ static int generic_gcmaes_decrypt(struct aead_request *req)

+@@ -1193,7 +1195,7 @@ static int generic_gcmaes_decrypt(struct aead_request *req)

  	u8 ivbuf[16 + (AESNI_ALIGN - 8)] __aligned(8);

  	u8 *iv = PTR_ALIGN(&ivbuf[0], AESNI_ALIGN);

@@ -673,7 +673,7 @@ index 04624249a..e294af604 100644

  	alg->base.cra_priority = priority;

 diff --git a/crypto/ecc.c b/crypto/ecc.c

-index 016f785b8..714ff4e6d 100644

+index 016f785b8..ff9a0f156 100644

 --- a/crypto/ecc.c

 +++ b/crypto/ecc.c

 @@ -210,10 +210,7 @@ EXPORT_SYMBOL(vli_from_le64);

@@ -881,7 +881,7 @@ index 56e8a80aa..381b82530 100644

  /*

 diff --git a/crypto/rsa-pkcs1pad.c b/crypto/rsa-pkcs1pad.c

-index 826dd0833..88039140f 100644

+index 826dd0833..f15e2bff2 100644

 --- a/crypto/rsa-pkcs1pad.c

 +++ b/crypto/rsa-pkcs1pad.c

 @@ -166,7 +166,7 @@ static void pkcs1pad_sg_set_buf(struct scatterlist *sg, void *buf, size_t len,

@@ -1054,7 +1054,7 @@ index 3f98fab3f..0105e631a 100644

  			iv_len = crypto_skcipher_ivsize(tfm);

 diff --git a/crypto/testmgr.c b/crypto/testmgr.c

-index 98422b8da..592ce69c3 100644

+index 98422b8da..65fcb40b4 100644

 --- a/crypto/testmgr.c

 +++ b/crypto/testmgr.c

 @@ -587,7 +587,7 @@ static int build_test_sglist(struct test_sglist *tsgl,

new file mode 100644

@@ -0,0 +1,57 @@

+From 06e988b1547114c603a337f10c8a6f944b911f24 Mon Sep 17 00:00:00 2001

+From: Vamsi Krishna Brahmajosyula <vbrahmajosyula@vmware.com>

+Date: Sun, 5 Mar 2023 18:43:14 +0530

+Subject: [PATCH 7/8] crypto: Add prandom, module_kthread_exit to canister

+ wrapper

+

+prandom_u32_max is a static inline function whose definition changed

+across versions.

+

+module_put_and_kthread_exit is not available in older kernels,

+module_put_and_exit was used earlier, added specific implementation

+in wrapper.

+

+Signed-off-by: Keerthana K <keerthanak@vmware.com>

+---

+ crypto/algboss.c      | 4 ++--

+ crypto/rsa-pkcs1pad.c | 2 +-

+ 2 files changed, 3 insertions(+), 3 deletions(-)

+

+diff --git a/crypto/algboss.c b/crypto/algboss.c

+index 328e000e6..757e5222f 100644

+--- a/crypto/algboss.c

+@@ -68,7 +68,7 @@ static int cryptomgr_probe(void *data)

+ 	complete_all(&param->larval->completion);

+ 	crypto_alg_put(&param->larval->alg);

+ 	kfree(param);

+-	module_put_and_kthread_exit(0);

++	fcw_module_put_and_kthread_exit(0);

+ }

+ 

+ static int cryptomgr_schedule_probe(struct crypto_larval *larval)

+@@ -191,7 +191,7 @@ static int cryptomgr_test(void *data)

+ 	crypto_alg_tested(param->driver, err);

+ 

+ 	kfree(param);

+-	module_put_and_kthread_exit(0);

++	fcw_module_put_and_kthread_exit(0);

+ }

+ 

+ static int cryptomgr_schedule_test(struct crypto_alg *alg)

+diff --git a/crypto/rsa-pkcs1pad.c b/crypto/rsa-pkcs1pad.c

+index f15e2bff2..979472edf 100644

+--- a/crypto/rsa-pkcs1pad.c

+@@ -254,7 +254,7 @@ static int pkcs1pad_encrypt(struct akcipher_request *req)

+ 	ps_end = ctx->key_size - req->src_len - 2;

+ 	req_ctx->in_buf[0] = 0x02;

+ 	for (i = 1; i < ps_end; i++)

+-		req_ctx->in_buf[i] = 1 + prandom_u32_max(255);

++		req_ctx->in_buf[i] = 1 + fcw_prandom_u32_max(255);

+ 	req_ctx->in_buf[ps_end] = 0x00;

+ 

+ 	pkcs1pad_sg_set_buf(req_ctx->in_sg, req_ctx->in_buf,

+-- 

+2.19.0

+

new file mode 100644

@@ -0,0 +1,565 @@

+From 45555b8e8ae2d97bf2e7f9425491e6bb83aa8b57 Mon Sep 17 00:00:00 2001

+From: Vamsi Krishna Brahmajosyula <vbrahmajosyula@vmware.com>

+Date: Mon, 22 May 2023 13:27:58 +0530

+Subject: [PATCH 8/8] crypto: Remove EXPORT_SYMBOL, EXPORT_SYMBOL_GPL from

+ canister

+

+Signed-off-by: Keerthana K <keerthanak@vmware.com

+---

+ crypto/aes_generic.c    |  5 -----

+ crypto/ecc.c            | 20 --------------------

+ crypto/ecdh_helper.c    |  5 +----

+ crypto/rsa_helper.c     |  2 --

+ crypto/sha1_generic.c   |  3 ---

+ crypto/sha256_generic.c |  4 ----

+ crypto/sha3_generic.c   |  8 +++-----

+ crypto/sha512_generic.c |  4 ----

+ crypto/testmgr.c        |  2 --

+ lib/crypto/aes.c        |  6 ------

+ lib/crypto/des.c        |  6 ------

+ lib/crypto/sha1.c       |  2 --

+ lib/crypto/sha256.c     |  5 -----

+ 13 files changed, 4 insertions(+), 68 deletions(-)

+

+diff --git a/crypto/aes_generic.c b/crypto/aes_generic.c

+index 27ab27931..f73022bed 100644

+--- a/crypto/aes_generic.c

+@@ -1118,9 +1118,6 @@ static const u32 crypto_il_tab[4][256] ____cacheline_aligned = {

+ 	}

+ };

+ 

+-EXPORT_SYMBOL_GPL(crypto_ft_tab);

+-EXPORT_SYMBOL_GPL(crypto_it_tab);

+-

+ /**

+  * crypto_aes_set_key - Set the AES key.

+  * @tfm:	The %crypto_tfm that is used in the context.

+@@ -1140,8 +1137,6 @@ int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,

+ 

+ 	return aes_expandkey(ctx, in_key, key_len);

+ }

+-EXPORT_SYMBOL_GPL(crypto_aes_set_key);

+-

+ /* encrypt a block of text */

+ 

+ #define f_rn(bo, bi, n, k)	do {				\

+diff --git a/crypto/ecc.c b/crypto/ecc.c

+index ff9a0f156..f220aaac0 100644

+--- a/crypto/ecc.c

+@@ -50,7 +50,6 @@ const struct ecc_curve *ecc_get_curve25519(void)

+ {

+ 	return &ecc_25519;

+ }

+-EXPORT_SYMBOL(ecc_get_curve25519);

+ 

+ const struct ecc_curve *ecc_get_curve(unsigned int curve_id)

+ {

+@@ -66,7 +65,6 @@ const struct ecc_curve *ecc_get_curve(unsigned int curve_id)

+ 		return NULL;

+ 	}

+ }

+-EXPORT_SYMBOL(ecc_get_curve);

+ 

+ static u64 *ecc_alloc_digits_space(unsigned int ndigits)

+ {

+@@ -108,7 +106,6 @@ struct ecc_point *ecc_alloc_point(unsigned int ndigits)

+ 	kfree(p);

+ 	return NULL;

+ }

+-EXPORT_SYMBOL(ecc_alloc_point);

+ 

+ void ecc_free_point(struct ecc_point *p)

+ {

+@@ -119,7 +116,6 @@ void ecc_free_point(struct ecc_point *p)

+ 	kfree_sensitive(p->y);

+ 	kfree_sensitive(p);

+ }

+-EXPORT_SYMBOL(ecc_free_point);

+ 

+ static void vli_clear(u64 *vli, unsigned int ndigits)

+ {

+@@ -141,7 +137,6 @@ bool vli_is_zero(const u64 *vli, unsigned int ndigits)

+ 

+ 	return true;

+ }

+-EXPORT_SYMBOL(vli_is_zero);

+ 

+ /* Returns nonzero if bit of vli is set. */

+ static u64 vli_test_bit(const u64 *vli, unsigned int bit)

+@@ -184,7 +179,6 @@ unsigned int vli_num_bits(const u64 *vli, unsigned int ndigits)

+ 

+ 	return ((num_digits - 1) * 64 + i);

+ }

+-EXPORT_SYMBOL(vli_num_bits);

+ 

+ /* Set dest from unaligned bit string src. */

+ void vli_from_be64(u64 *dest, const void *src, unsigned int ndigits)

+@@ -195,7 +189,6 @@ void vli_from_be64(u64 *dest, const void *src, unsigned int ndigits)

+ 	for (i = 0; i < ndigits; i++)

+ 		dest[i] = get_unaligned_be64(&from[ndigits - 1 - i]);

+ }

+-EXPORT_SYMBOL(vli_from_be64);

+ 

+ void vli_from_le64(u64 *dest, const void *src, unsigned int ndigits)

+ {

+@@ -205,7 +198,6 @@ void vli_from_le64(u64 *dest, const void *src, unsigned int ndigits)

+ 	for (i = 0; i < ndigits; i++)

+ 		dest[i] = get_unaligned_le64(&from[i]);

+ }

+-EXPORT_SYMBOL(vli_from_le64);

+ 

+ /* Sets dest = src. */

+ static void vli_set(u64 *dest, const u64 *src, unsigned int ndigits)

+@@ -227,7 +219,6 @@ int vli_cmp(const u64 *left, const u64 *right, unsigned int ndigits)

+ 

+ 	return 0;

+ }

+-EXPORT_SYMBOL(vli_cmp);

+ 

+ /* Computes result = in << c, returning carry. Can modify in place

+  * (if result == in). 0 < shift < 64.

+@@ -324,7 +315,6 @@ u64 vli_sub(u64 *result, const u64 *left, const u64 *right,

+ 

+ 	return borrow;

+ }

+-EXPORT_SYMBOL(vli_sub);

+ 

+ /* Computes result = left - right, returning borrow. Can modify in place. */

+ static u64 vli_usub(u64 *result, const u64 *left, u64 right,

+@@ -959,7 +949,6 @@ void vli_mod_mult_slow(u64 *result, const u64 *left, const u64 *right,

+ 	vli_mult(product, left, right, ndigits);

+ 	vli_mmod_slow(result, product, mod, ndigits);

+ }

+-EXPORT_SYMBOL(vli_mod_mult_slow);

+ 

+ /* Computes result = (left * right) % curve_prime. */

+ static void vli_mod_mult_fast(u64 *result, const u64 *left, const u64 *right,

+@@ -1059,7 +1048,6 @@ void vli_mod_inv(u64 *result, const u64 *input, const u64 *mod,

+ 

+ 	vli_set(result, u, ndigits);

+ }

+-EXPORT_SYMBOL(vli_mod_inv);

+ 

+ /* ------ Point operations ------ */

+ 

+@@ -1069,7 +1057,6 @@ bool ecc_point_is_zero(const struct ecc_point *point)

+ 	return (vli_is_zero(point->x, point->ndigits) &&

+ 		vli_is_zero(point->y, point->ndigits));

+ }

+-EXPORT_SYMBOL(ecc_point_is_zero);

+ 

+ /* Point multiplication algorithm using Montgomery's ladder with co-Z

+  * coordinates. From https://eprint.iacr.org/2011/338.pdf

+@@ -1411,7 +1398,6 @@ void ecc_point_mult_shamir(const struct ecc_point *result,

+ 	vli_mod_inv(z, z, curve->p, ndigits);

+ 	apply_z(rx, ry, z, curve);

+ }

+-EXPORT_SYMBOL(ecc_point_mult_shamir);

+ 

+ static int __ecc_is_key_valid(const struct ecc_curve *curve,

+ 			      const u64 *private_key, unsigned int ndigits)

+@@ -1449,7 +1435,6 @@ int ecc_is_key_valid(unsigned int curve_id, unsigned int ndigits,

+ 

+ 	return __ecc_is_key_valid(curve, private_key, ndigits);

+ }

+-EXPORT_SYMBOL(ecc_is_key_valid);

+ 

+ /*

+  * ECC private keys are generated using the method of extra random bits,

+@@ -1502,7 +1487,6 @@ int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, u64 *privkey)

+ 

+ 	return 0;

+ }

+-EXPORT_SYMBOL(ecc_gen_privkey);

+ 

+ int ecc_make_pub_key(unsigned int curve_id, unsigned int ndigits,

+ 		     const u64 *private_key, u64 *public_key)

+@@ -1541,7 +1525,6 @@ int ecc_make_pub_key(unsigned int curve_id, unsigned int ndigits,

+ out:

+ 	return ret;

+ }

+-EXPORT_SYMBOL(ecc_make_pub_key);

+ 

+ /* SP800-56A section 5.6.2.3.4 partial verification: ephemeral keys only */

+ int ecc_is_pubkey_valid_partial(const struct ecc_curve *curve,

+@@ -1574,7 +1557,6 @@ int ecc_is_pubkey_valid_partial(const struct ecc_curve *curve,

+ 

+ 	return 0;

+ }

+-EXPORT_SYMBOL(ecc_is_pubkey_valid_partial);

+ 

+ /* SP800-56A section 5.6.2.3.3 full verification */

+ int ecc_is_pubkey_valid_full(const struct ecc_curve *curve,

+@@ -1601,7 +1583,6 @@ int ecc_is_pubkey_valid_full(const struct ecc_curve *curve,

+ 

+ 	return ret;

+ }

+-EXPORT_SYMBOL(ecc_is_pubkey_valid_full);

+ 

+ static int get_jitter_ent_random_bytes(u64 *buf, unsigned int len)

+ {

+@@ -1685,6 +1666,5 @@ int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits,

+ out:

+ 	return ret;

+ }

+-EXPORT_SYMBOL(crypto_ecdh_shared_secret);

+ 

+ MODULE_LICENSE("Dual BSD/GPL");

+diff --git a/crypto/ecdh_helper.c b/crypto/ecdh_helper.c

+index 5dac6b348..78cd5252f 100644

+--- a/crypto/ecdh_helper.c

+@@ -29,7 +29,6 @@ unsigned int crypto_ecdh_key_len(const struct ecdh *params)

+ {

+ 	return ECDH_KPP_SECRET_MIN_SIZE + params->key_size;

+ }

+-EXPORT_SYMBOL_GPL(crypto_ecdh_key_len);

+ 

+ int crypto_ecdh_encode_key(char *buf, unsigned int len,

+ 			   const struct ecdh *params)

+@@ -52,7 +51,6 @@ int crypto_ecdh_encode_key(char *buf, unsigned int len,

+ 

+ 	return 0;

+ }

+-EXPORT_SYMBOL_GPL(crypto_ecdh_encode_key);

+ 

+ int crypto_ecdh_decode_key(const char *buf, unsigned int len,

+ 			   struct ecdh *params)

+@@ -80,5 +78,4 @@ int crypto_ecdh_decode_key(const char *buf, unsigned int len,

+ 	params->key = (void *)ptr;

+ 

+ 	return 0;

+-}

+-EXPORT_SYMBOL_GPL(crypto_ecdh_decode_key);

++}

+\ No newline at end of file

+diff --git a/crypto/rsa_helper.c b/crypto/rsa_helper.c

+index 94266f290..9deb71e13 100644

+--- a/crypto/rsa_helper.c

+@@ -164,7 +164,6 @@ int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,

+ {

+ 	return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);

+ }

+-EXPORT_SYMBOL_GPL(rsa_parse_pub_key);

+ 

+ /**

+  * rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the

+@@ -183,4 +182,3 @@ int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key,

+ {

+ 	return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);

+ }

+-EXPORT_SYMBOL_GPL(rsa_parse_priv_key);

+diff --git a/crypto/sha1_generic.c b/crypto/sha1_generic.c

+index 193345133..c5efc0a3a 100644

+--- a/crypto/sha1_generic.c

+@@ -26,7 +26,6 @@ const u8 sha1_zero_message_hash[SHA1_DIGEST_SIZE] = {

+ 	0x32, 0x55, 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90,

+ 	0xaf, 0xd8, 0x07, 0x09

+ };

+-EXPORT_SYMBOL_GPL(sha1_zero_message_hash);

+ 

+ static void sha1_generic_block_fn(struct sha1_state *sst, u8 const *src,

+ 				  int blocks)

+@@ -45,7 +44,6 @@ int crypto_sha1_update(struct shash_desc *desc, const u8 *data,

+ {

+ 	return fcw_sha1_base_do_update(desc, data, len, sha1_generic_block_fn);

+ }

+-EXPORT_SYMBOL(crypto_sha1_update);

+ 

+ static int sha1_final(struct shash_desc *desc, u8 *out)

+ {

+@@ -59,7 +57,6 @@ int crypto_sha1_finup(struct shash_desc *desc, const u8 *data,

+ 	fcw_sha1_base_do_update(desc, data, len, sha1_generic_block_fn);

+ 	return sha1_final(desc, out);

+ }

+-EXPORT_SYMBOL(crypto_sha1_finup);

+ 

+ static struct shash_alg alg = {

+ 	.digestsize	=	SHA1_DIGEST_SIZE,

+diff --git a/crypto/sha256_generic.c b/crypto/sha256_generic.c

+index bf147b01e..c1147386d 100644

+--- a/crypto/sha256_generic.c

+@@ -23,7 +23,6 @@ const u8 sha224_zero_message_hash[SHA224_DIGEST_SIZE] = {

+ 	0xb0, 0x1f, 0x82, 0x8e, 0xa6, 0x2a, 0xc5, 0xb3, 0xe4,

+ 	0x2f

+ };

+-EXPORT_SYMBOL_GPL(sha224_zero_message_hash);

+ 

+ const u8 sha256_zero_message_hash[SHA256_DIGEST_SIZE] = {

+ 	0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14,

+@@ -31,7 +30,6 @@ const u8 sha256_zero_message_hash[SHA256_DIGEST_SIZE] = {

+ 	0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,

+ 	0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55

+ };

+-EXPORT_SYMBOL_GPL(sha256_zero_message_hash);

+ 

+ int crypto_sha256_update(struct shash_desc *desc, const u8 *data,

+ 			  unsigned int len)

+@@ -39,7 +37,6 @@ int crypto_sha256_update(struct shash_desc *desc, const u8 *data,

+ 	sha256_update(shash_desc_ctx(desc), data, len);

+ 	return 0;

+ }

+-EXPORT_SYMBOL(crypto_sha256_update);

+ 

+ static int crypto_sha256_final(struct shash_desc *desc, u8 *out)

+ {

+@@ -56,7 +53,6 @@ int crypto_sha256_finup(struct shash_desc *desc, const u8 *data,

+ 	sha256_update(shash_desc_ctx(desc), data, len);

+ 	return crypto_sha256_final(desc, hash);

+ }

+-EXPORT_SYMBOL(crypto_sha256_finup);

+ 

+ static struct shash_alg sha256_algs[2] = { {

+ 	.digestsize	=	SHA256_DIGEST_SIZE,

+diff --git a/crypto/sha3_generic.c b/crypto/sha3_generic.c

+index 3e4069935..7d107460b 100644

+--- a/crypto/sha3_generic.c

+@@ -14,6 +14,7 @@

+ #include <linux/types.h>

+ #include <crypto/sha3.h>

+ #include <asm/unaligned.h>

++#include "fips_canister_wrapper.h"

+ 

+ /*

+  * On some 32-bit architectures (h8300), GCC ends up using

+@@ -170,7 +171,6 @@ int crypto_sha3_init(struct shash_desc *desc)

+ 	memset(sctx->st, 0, sizeof(sctx->st));

+ 	return 0;

+ }

+-EXPORT_SYMBOL(crypto_sha3_init);

+ 

+ int crypto_sha3_update(struct shash_desc *desc, const u8 *data,

+ 		       unsigned int len)

+@@ -185,7 +185,7 @@ int crypto_sha3_update(struct shash_desc *desc, const u8 *data,

+ 	if ((sctx->partial + len) > (sctx->rsiz - 1)) {

+ 		if (sctx->partial) {

+ 			done = -sctx->partial;

+-			memcpy(sctx->buf + sctx->partial, data,

++			fcw_memcpy(sctx->buf + sctx->partial, data,

+ 			       done + sctx->rsiz);

+ 			src = sctx->buf;

+ 		}

+@@ -203,12 +203,11 @@ int crypto_sha3_update(struct shash_desc *desc, const u8 *data,

+ 

+ 		sctx->partial = 0;

+ 	}

+-	memcpy(sctx->buf + sctx->partial, src, len - done);

++	fcw_memcpy(sctx->buf + sctx->partial, src, len - done);

+ 	sctx->partial += (len - done);

+ 

+ 	return 0;

+ }

+-EXPORT_SYMBOL(crypto_sha3_update);

+ 

+ int crypto_sha3_final(struct shash_desc *desc, u8 *out)

+ {

+@@ -235,7 +234,6 @@ int crypto_sha3_final(struct shash_desc *desc, u8 *out)

+ 	memset(sctx, 0, sizeof(*sctx));

+ 	return 0;

+ }

+-EXPORT_SYMBOL(crypto_sha3_final);

+ 

+ static struct shash_alg algs[] = { {

+ 	.digestsize		= SHA3_224_DIGEST_SIZE,

+diff --git a/crypto/sha512_generic.c b/crypto/sha512_generic.c

+index 07e27910c..32ff5a0b1 100644

+--- a/crypto/sha512_generic.c

+@@ -27,7 +27,6 @@ const u8 sha384_zero_message_hash[SHA384_DIGEST_SIZE] = {

+ 	0x27, 0x4e, 0xde, 0xbf, 0xe7, 0x6f, 0x65, 0xfb,

+ 	0xd5, 0x1a, 0xd2, 0xf1, 0x48, 0x98, 0xb9, 0x5b

+ };

+-EXPORT_SYMBOL_GPL(sha384_zero_message_hash);

+ 

+ const u8 sha512_zero_message_hash[SHA512_DIGEST_SIZE] = {

+ 	0xcf, 0x83, 0xe1, 0x35, 0x7e, 0xef, 0xb8, 0xbd,

+@@ -39,7 +38,6 @@ const u8 sha512_zero_message_hash[SHA512_DIGEST_SIZE] = {

+ 	0x63, 0xb9, 0x31, 0xbd, 0x47, 0x41, 0x7a, 0x81,

+ 	0xa5, 0x38, 0x32, 0x7a, 0xf9, 0x27, 0xda, 0x3e

+ };

+-EXPORT_SYMBOL_GPL(sha512_zero_message_hash);

+ 

+ static inline u64 Ch(u64 x, u64 y, u64 z)

+ {

+@@ -160,7 +158,6 @@ int crypto_sha512_update(struct shash_desc *desc, const u8 *data,

+ {

+ 	return fcw_sha512_base_do_update(desc, data, len, sha512_generic_block_fn);

+ }

+-EXPORT_SYMBOL(crypto_sha512_update);

+ 

+ static int sha512_final(struct shash_desc *desc, u8 *hash)

+ {

+@@ -174,7 +171,6 @@ int crypto_sha512_finup(struct shash_desc *desc, const u8 *data,

+ 	fcw_sha512_base_do_update(desc, data, len, sha512_generic_block_fn);

+ 	return sha512_final(desc, hash);

+ }

+-EXPORT_SYMBOL(crypto_sha512_finup);

+ 

+ static struct shash_alg sha512_algs[2] = { {

+ 	.digestsize	=	SHA512_DIGEST_SIZE,

+diff --git a/crypto/testmgr.c b/crypto/testmgr.c

+index 65fcb40b4..b8d9fe797 100644

+--- a/crypto/testmgr.c

+@@ -5904,5 +5904,3 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask)

+ }

+ 

+ #endif /* CONFIG_CRYPTO_MANAGER_DISABLE_TESTS */

+-

+-EXPORT_SYMBOL_GPL(alg_test);

+diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c

+index 827fe8992..30a61e0d4 100644

+--- a/lib/crypto/aes.c

+@@ -85,9 +85,6 @@ static volatile const u8 __cacheline_aligned aes_inv_sbox[] = {

+ extern const u8 crypto_aes_sbox[256] __alias(aes_sbox);

+ extern const u8 crypto_aes_inv_sbox[256] __alias(aes_inv_sbox);

+ 

+-EXPORT_SYMBOL(crypto_aes_sbox);

+-EXPORT_SYMBOL(crypto_aes_inv_sbox);

+-

+ static u32 mul_by_x(u32 w)

+ {

+ 	u32 x = w & 0x7f7f7f7f;

+@@ -247,7 +244,6 @@ int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key,

+ 

+ 	return 0;

+ }

+-EXPORT_SYMBOL(aes_expandkey);

+ 

+ /**

+  * aes_encrypt - Encrypt a single AES block

+@@ -298,7 +294,6 @@ void aes_encrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)

+ 	put_unaligned_le32(subshift(st1, 2) ^ rkp[6], out + 8);

+ 	put_unaligned_le32(subshift(st1, 3) ^ rkp[7], out + 12);

+ }

+-EXPORT_SYMBOL(aes_encrypt);

+ 

+ /**

+  * aes_decrypt - Decrypt a single AES block

+@@ -349,7 +344,6 @@ void aes_decrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)

+ 	put_unaligned_le32(inv_subshift(st1, 2) ^ rkp[6], out + 8);

+ 	put_unaligned_le32(inv_subshift(st1, 3) ^ rkp[7], out + 12);

+ }