Fix client *Dma address translation (KeyExport / NvmAdd / NvmRead) and KeyCacheDma use-after-free

[Frauschi]

Background

A few client *Dma APIs wrote the raw client pointer straight into the wire message instead of routing it through the DMA address-translation callback like the rest of the family.

This is invisible on flat-memory ports (the POSIX SHM reference, where client and server share an address space), so it survived CI. It breaks on a real split-address-space port — found during DMA bring-up on one of the new hardware platforms for wolfHSM, where the server runs on a separate security CPU with no view of host RAM, so it bounds-checks the untranslated pointer and rejects the request (WH_ERROR_BADARGS).

What this fixes

• Missing translation in KeyExportDma, KeyExportPublicDma, NvmAddObjectDma, NvmReadDma. Each now runs *_PRE translation before sending and the matching *_POST on the response, mirroring RngGenerateDma.
• Use-after-free in KeyCacheDmaRequest, which ran its POST inside the request — releasing/recycling the scratch before the server read the buffer (benign on POSIX, a real UAF on any port whose callback allocates). It now defers the POST to KeyCacheDmaResponse.

Notable implementation details

• The per-call-site async-DMA structs are consolidated into a single whClientDmaAsyncBuf (carrying the POST direction) plus a two-buffer nvmAdd variant, with a shared wh_Client_DmaAsyncPost() helper that returns the POST status (a failed unmap/copy-back is surfaced, not swallowed).
• Each request clears its mapping slot(s) before the PRE, so a path that leaves a slot unpopulated (e.g. metadata-only NvmAddObjectDma) can't make the response POST stale union memory; data_hostaddr is 0 when there is no data buffer, so a raw client pointer is never forwarded.
• Requests fail fast with WH_ERROR_REQUEST_PENDING on a busy transport (no mapping acquired then leaked).
• wh_{Client,Server}_DmaRegisterAllowList() now accept NULL to unregister, symmetric with DmaRegisterCb(NULL).

Tests

The reason these bugs survived CI is that no POSIX test ever registered a non-identity DMA callback — a missing translation looked identical to a correct call. This PR adds a shared bounce-pool harness (test/wh_test_dma.c) that models a split-address-space port: the client callback bounces each buffer through a dedicated pool and hands the server a pool address; the server callback rejects any untranslated address. Freed slots are poisoned (so a premature POST corrupts the data) and a POST matching no live slot is recorded as a stray/double free.

• wh_test_clientserver.c drives the keystore/NVM *Dma APIs end-to-end — including metadata-only and injected PRE-failure cases — in the single-thread pump harness, where ordering makes the use-after-free deterministic.
• wh_test_crypto.c registers the same callback on the threaded harness, so the entire crypto/cert *Dma suite (AES/SHA/CMAC/RNG/Ed25519/ML-DSA/ML-KEM/cert, plus KeyExportPublicDma) runs through translation automatically.
• Also fixes a pre-existing bug the new coverage surfaced: _testDma left a stack-local allow list registered after returning (a dangling pointer ASAN flags once a later test uses server DMA).

Runs under make DMA=1 (already set by every CI job).

Validation

• make DMA=1 ASAN=1: passes, 0 ASAN findings.
• Default non-DMA build: passes.
• Each fix was confirmed to be caught by the new tests (regressions re-introduced → tests fail).