cmd/compile, cmd/link: add FIPS verification support

For FIPS init-time code+data verification, we need to arrange to
put the FIPS symbols into contiguous regions of the executable
and then record those sections along with the expected checksum.

The cmd/internal/obj changes identify the FIPS symbols and give
them distinguished types, which the linker then places in contiguous
regions. The linker also writes out information to use at run time
to find the FIPS sections, along with the expected hash.

See cmd/internal/obj/fips.go and cmd/link/internal/ld/fips.go
for more details.

The code is disabled in this commit.
CL 625998 and 625999 adds tests.
CL 626000 enables the code.

For #69536.

Change-Id: I48da6db94bc0bea7428c43d4abcf999527bccfcd
Reviewed-on: https://go-review.googlesource.com/c/go/+/625997
Auto-Submit: Russ Cox <rsc@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

src/cmd/link/internal/loader/loader.go

@@ -2339,6 +2339,8 @@ var blockedLinknames = map[string][]string{
 	// weak references
 	"internal/weak.runtime_registerWeakPointer": {"internal/weak"},
 	"internal/weak.runtime_makeStrongFromWeak":  {"internal/weak"},
+	// fips info
+	"go:fipsinfo": {"crypto/internal/fips/check"},
 }
 
 // check if a linkname reference to symbol s from pkg is allowed