all: enable FIPS verification code

Previous CLs committed changes to cmd/compile, cmd/link,
and crypto/internal/fips/check behind boolean flags.
Turn those flags on, to enable the CLs.

This is a separate, trivial CL for easier rollback.

For #69536.

Change-Id: I68206bae0b7d7ad5c8758267d1a2e68853b63644
Reviewed-on: https://go-review.googlesource.com/c/go/+/626000
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>

src/cmd/internal/obj/fips.go

@@ -144,7 +144,7 @@ import (
 	"strings"
 )
 
-const enableFIPS = false
+const enableFIPS = true
 
 // IsFIPS reports whether we are compiling one of the crypto/internal/fips/... packages.
 func (ctxt *Link) IsFIPS() bool {
@@ -201,6 +201,11 @@ func EnableFIPS() bool {
 		}
 	}
 
+	// AIX doesn't just work, and it's not worth fixing.
+	if buildcfg.GOOS == "aix" {
+		return false
+	}
+
 	return enableFIPS
 }
 

src/cmd/link/internal/ld/fips.go

@@ -115,7 +115,7 @@ import (
 	"os"
 )
 
-const enableFIPS = false
+const enableFIPS = true
 
 // fipsSyms are the special FIPS section bracketing symbols.
 var fipsSyms = []struct {

src/crypto/internal/fips/check/check.go

@@ -39,7 +39,8 @@ func supported() bool {
 	case runtime.GOARCH == "wasm",
 		runtime.GOOS == "windows" && runtime.GOARCH == "386",
 		runtime.GOOS == "windows" && runtime.GOARCH == "arm",
-		runtime.GOOS == "windows" && runtime.GOARCH == "arm64":
+		runtime.GOOS == "windows" && runtime.GOARCH == "arm64",
+		runtime.GOOS == "aix":
 		return false
 	}
 	return true

src/crypto/internal/fips/check/check_test.go

@@ -18,7 +18,7 @@ import (
 	"unsafe"
 )
 
-const enableFIPSTest = false
+const enableFIPSTest = true
 
 func TestVerify(t *testing.T) {
 	if *Verified {