ANDROID: fips140: eliminate crypto-fips.a build step

To trick the build system into compiling some source files as built-in
code despite their actual destination being fips140.ko, a layer of
indirection was being used where the files were first built into a
static library crypto-fips.a, and then that static library was linked
into fips140.o before the final link of fips140.ko.

The problem with that approach is that it is incompatible with the usual
behavior of linking, where linking to a static library incorporates only
the needed parts of the library, not the whole library.  The only reason
that it happened to work anyway is due to the dependency of the fips140
module on LTO, combined with a peculiarity of the way that the kernel
build system built LTO modules: the build system actually created
${modname}.o as a static library (despite the .o suffix), and used the
--whole-archive linker flag when linking ${modname}.ko.

commit c25e1c55822f ("kbuild: do not create *.prelink.o for Clang LTO or
IBT") in Linux v5.19 changed that.  Now, ${modname}.o is an object file,
and the --whole-archive flag isn't used when linking ${modname}.ko.
Therefore, the crypto-fips.a hack no longer works, as things from this
static library (such as the initcalls) get lost during linking.

Replace it with a different hack that eliminates the dependency on LTO
and should be less fragile: undefine MODULE in fips140-defs.h, and
re-define it in the one file where it is needed.  (For consistency, also
move the definition of __DISABLE_EXPORTS into fips140-defs.h.)

Bug: 188620248
Change-Id: I4a6a5f68381a7540bf37ba610216442dae0d2a7a
Signed-off-by: Eric Biggers <ebiggers@google.com>

crypto/Makefile

@@ -203,17 +203,18 @@ obj-$(CONFIG_CRYPTO_SIMD) += crypto_simd.o
 
 ifneq ($(CONFIG_CRYPTO_FIPS140_MOD),)
 
-FIPS140_CFLAGS := -D__DISABLE_EXPORTS -DBUILD_FIPS140_KO \
-		  -include $(srctree)/crypto/fips140-defs.h
+FIPS140_CFLAGS := -DBUILD_FIPS140_KO -include $(srctree)/crypto/fips140-defs.h
 
 CFLAGS_jitterentropy-fips.o := -O0
 KASAN_SANITIZE_jitterentropy-fips.o = n
 UBSAN_SANITIZE_jitterentropy-fips.o = n
 
+# Compile an extra copy of various crypto algorithms into the fips140 module.
 #
-# Create a separate FIPS archive containing a duplicate of each builtin generic
-# module that is in scope for FIPS 140-2 certification
-#
+# Note: the module will still work if some files are removed from here.
+# However, it may affect FIPS certifiability.  Don't remove files from here
+# without considering impact on FIPS certifiability.
+
 crypto-fips-objs := drbg.o ecb.o cbc.o ctr.o cts.o gcm.o xts.o hmac.o cmac.o \
 		    gf128mul.o aes_generic.o lib-crypto-aes.o \
 		    jitterentropy.o jitterentropy-kcapi.o \
@@ -224,8 +225,6 @@ crypto-fips-objs := $(foreach o,$(crypto-fips-objs),$(o:.o=-fips.o))
 # get the arch to add its objects to $(crypto-fips-objs)
 include $(srctree)/arch/$(ARCH)/crypto/Kbuild.fips140
 
-extra-$(CONFIG_CRYPTO_FIPS140_MOD) += crypto-fips.a
-
 $(obj)/%-fips.o: KBUILD_CFLAGS += $(FIPS140_CFLAGS)
 $(obj)/%-fips.o: $(src)/%.c FORCE
 	$(call if_changed_rule,cc_o_c)
@@ -234,15 +233,12 @@ $(obj)/lib-%-fips.o: $(srctree)/lib/%.c FORCE
 $(obj)/lib-crypto-%-fips.o: $(srctree)/lib/crypto/%.c FORCE
 	$(call if_changed_rule,cc_o_c)
 
-$(obj)/crypto-fips.a: $(addprefix $(obj)/,$(crypto-fips-objs)) FORCE
-	$(call if_changed,ar_and_symver)
-
 fips140-objs := \
 	fips140-alg-registration.o \
 	fips140-module.o \
 	fips140-refs.o \
 	fips140-selftests.o \
-	crypto-fips.a
+	$(crypto-fips-objs)
 fips140-$(CONFIG_CRYPTO_FIPS140_MOD_EVAL_TESTING) += \
 	fips140-eval-testing.o
 obj-m += fips140.o

crypto/fips140-defs.h

@@ -3,10 +3,43 @@
  * Copyright 2021 Google LLC
  *
  * This file is automatically included by all files built into fips140.ko, via
- * the "-include" compiler flag.  It redirects all calls to algorithm
- * registration functions to the wrapper functions defined within the module.
+ * the "-include" compiler flag.
  */
 
+/*
+ * fips140.ko is built from various unmodified or minimally modified kernel
+ * source files, many of which are normally meant to be buildable into different
+ * modules themselves.  That results in conflicting instances of module_init()
+ * and related macros such as MODULE_LICENSE().
+ *
+ * To solve that, we undefine MODULE to trick the kernel headers into thinking
+ * the code is being compiled as built-in.  That causes module_init() and
+ * related macros to be expanded as they would be for built-in code; e.g.,
+ * module_init() adds the function to the .initcalls section of the binary.
+ *
+ * The .c file that contains the real module_init() for fips140.ko is then
+ * responsible for redefining MODULE, and the real module_init() is responsible
+ * for executing all the initcalls that were collected into .initcalls.
+ */
+#undef MODULE
+
+/*
+ * Defining KBUILD_MODFILE is also required, since the kernel headers expect it
+ * to be defined when code that can be a module is compiled as built-in.
+ */
+#define KBUILD_MODFILE "crypto/fips140"
+
+/*
+ * Disable symbol exports by default.  fips140.ko includes various files that
+ * use EXPORT_SYMBOL*(), but it's unwanted to export any symbols from fips140.ko
+ * except where explicitly needed for FIPS certification reasons.
+ */
+#define __DISABLE_EXPORTS
+
+/*
+ * Redirect all calls to algorithm registration functions to the wrapper
+ * functions defined within the module.
+ */
 #define aead_register_instance		fips140_aead_register_instance
 #define ahash_register_instance		fips140_ahash_register_instance
 #define crypto_register_aead		fips140_crypto_register_aead

crypto/fips140-module.c

@@ -14,6 +14,12 @@
  * don't need to meet these requirements.
  */
 
+/*
+ * Since this .c file is the real entry point of fips140.ko, it needs to be
+ * compiled normally, so undo the hacks that were done in fips140-defs.h.
+ */
+#define MODULE
+#undef KBUILD_MODFILE
 #undef __DISABLE_EXPORTS
 
 #include <linux/ctype.h>