1
0
mirror of https://github.com/golang/go synced 2024-11-25 09:57:57 -07:00

all: enable FIPS verification code

Previous CLs committed changes to cmd/compile, cmd/link,
and crypto/internal/fips/check behind boolean flags.
Turn those flags on, to enable the CLs.

This is a separate, trivial CL for easier rollback.

For #69536.

Change-Id: I68206bae0b7d7ad5c8758267d1a2e68853b63644
Reviewed-on: https://go-review.googlesource.com/c/go/+/626000
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
This commit is contained in:
Russ Cox 2024-11-06 11:30:25 -05:00
parent 2eac154b1c
commit 6c841e4640
4 changed files with 10 additions and 4 deletions

View File

@ -144,7 +144,7 @@ import (
"strings"
)
const enableFIPS = false
const enableFIPS = true
// IsFIPS reports whether we are compiling one of the crypto/internal/fips/... packages.
func (ctxt *Link) IsFIPS() bool {
@ -201,6 +201,11 @@ func EnableFIPS() bool {
}
}
// AIX doesn't just work, and it's not worth fixing.
if buildcfg.GOOS == "aix" {
return false
}
return enableFIPS
}

View File

@ -115,7 +115,7 @@ import (
"os"
)
const enableFIPS = false
const enableFIPS = true
// fipsSyms are the special FIPS section bracketing symbols.
var fipsSyms = []struct {

View File

@ -39,7 +39,8 @@ func supported() bool {
case runtime.GOARCH == "wasm",
runtime.GOOS == "windows" && runtime.GOARCH == "386",
runtime.GOOS == "windows" && runtime.GOARCH == "arm",
runtime.GOOS == "windows" && runtime.GOARCH == "arm64":
runtime.GOOS == "windows" && runtime.GOARCH == "arm64",
runtime.GOOS == "aix":
return false
}
return true

View File

@ -18,7 +18,7 @@ import (
"unsafe"
)
const enableFIPSTest = false
const enableFIPSTest = true
func TestVerify(t *testing.T) {
if *Verified {