| Message ID | 704b9d1dff075d2afbe08743492b303ac24d2ca1.1537558970.git.leonard.crestez@nxp.com (mailing list archive) |
|---|---|
| State | RFC |
| Delegated to: | Herbert Xu |
| Headers | show |
| Series | [RFC] crypto: mxs-dcp - Implement sha import/export | expand |
Hi Leonard, On Fri, Sep 21, 2018 at 5:13 PM, Leonard Crestez <leonard.crestez@nxp.com> wrote: > The mxs-dcp driver fails to probe if sha1/sha256 are supported: > > [ 2.455404] mxs-dcp 80028000.dcp: Failed to register sha1 hash! > [ 2.464042] mxs-dcp: probe of 80028000.dcp failed with error -22 > > This happens because since commit 8996eafdcbad ("crypto: ahash - ensure > statesize is non-zero") import/export is mandatory and ahash_prepare_alg > fails on statesize == 0. > > A set of dummy import/export functions were implemented in commit > 9190b6fd5db9 ("crypto: mxs-dcp - Add empty hash export and import") but > statesize is still zero and the driver fails to probe. That change was > apparently part of some unrelated refactoring. > > Fix by actually implementing import/export. > > Signed-off-by: Dan Douglass <dan.douglass@nxp.com> > Signed-off-by: Leonard Crestez <leonard.crestez@nxp.com> > > --- > drivers/crypto/mxs-dcp.c | 41 ++++++++++++++++++++++++++++++++-------- > 1 file changed, 33 insertions(+), 8 deletions(-) > > Patch is from NXP internal tree with minor adaptations, I can't vouch > for correctness. This only fixes probing, *TESTS DO NOT PASS* without > additional fixes dealing with HW limitations. > > A branch that gets tcrypt to pass can be found here: > https://github.com/cdleonard/linux/commits/crypto_mxsdcp > > I don't know if patches that make crypto drivers half-work are > acceptable, it can be argued that it's better to fail on probe and > fallback to software than to give incorrect results. What about submitting a patch series that makes the mxs-dcp driver functional? Thanks
On Fri, 2018-09-21 at 19:09 -0300, Fabio Estevam wrote: > On Fri, Sep 21, 2018 at 5:13 PM, Leonard Crestez > <leonard.crestez@nxp.com> wrote: > > The mxs-dcp driver fails to probe if sha1/sha256 are supported: > > > > [ 2.455404] mxs-dcp 80028000.dcp: Failed to register sha1 hash! > > [ 2.464042] mxs-dcp: probe of 80028000.dcp failed with error -22 > > > > This happens because since commit 8996eafdcbad ("crypto: ahash - ensure > > statesize is non-zero") import/export is mandatory and ahash_prepare_alg > > fails on statesize == 0. > > > > A set of dummy import/export functions were implemented in commit > > 9190b6fd5db9 ("crypto: mxs-dcp - Add empty hash export and import") but > > statesize is still zero and the driver fails to probe. That change was > > apparently part of some unrelated refactoring. > > > > Fix by actually implementing import/export. > > > > Signed-off-by: Dan Douglass <dan.douglass@nxp.com> > > Signed-off-by: Leonard Crestez <leonard.crestez@nxp.com> > > > > --- > > drivers/crypto/mxs-dcp.c | 41 ++++++++++++++++++++++++++++++++-------- > > 1 file changed, 33 insertions(+), 8 deletions(-) > > > > Patch is from NXP internal tree with minor adaptations, I can't vouch > > for correctness. This only fixes probing, *TESTS DO NOT PASS* without > > additional fixes dealing with HW limitations. > > > > A branch that gets tcrypt to pass can be found here: > > https://github.com/cdleonard/linux/commits/crypto_mxsdcp > > I don't know if patches that make crypto drivers half-work are > > acceptable, it can be argued that it's better to fail on probe and > > fallback to software than to give incorrect results. > > What about submitting a patch series that makes the mxs-dcp driver functional? That's not very easy since I don't know much about crypto api and don't understand the patches. From what I do know some of them look a bit dubious, I'm not sure those issues can't be fixed more nicely by increasing cra_alignmask and using fallbacks. I guess I could post the entire thing as RFC? I mostly just ported those patches to validate that "[PATCH] crypto: mxs-dcp - Fix wait logic on chan threads" works. -- Regards, Leonard
Hi Leonard, On Wed, Sep 26, 2018 at 7:31 AM, Leonard Crestez <leonard.crestez@nxp.com> wrote: > That's not very easy since I don't know much about crypto api and don't > understand the patches. From what I do know some of them look a bit I am in the same position too :-) > dubious, I'm not sure those issues can't be fixed more nicely by > increasing cra_alignmask and using fallbacks. I guess I could post the > entire thing as RFC? Yes, that will be helpful. Hopefully some crypto folks could provide feedback to your RFC series, so that we can turn this driver into functional state. Thanks
diff --git a/drivers/crypto/mxs-dcp.c b/drivers/crypto/mxs-dcp.c index 3768f6fb92d5..5555b284a59d 100644 --- a/drivers/crypto/mxs-dcp.c +++ b/drivers/crypto/mxs-dcp.c @@ -99,10 +99,15 @@ struct dcp_aes_req_ctx { struct dcp_sha_req_ctx { unsigned int init:1; unsigned int fini:1; }; +struct dcp_export_state { + struct dcp_sha_req_ctx req_ctx; + struct dcp_async_ctx async_ctx; +}; + /* * There can even be only one instance of the MXS DCP due to the * design of Linux Crypto API. */ static struct dcp *global_sdcp; @@ -759,18 +764,36 @@ static int dcp_sha_digest(struct ahash_request *req) return ret; return dcp_sha_finup(req); } -static int dcp_sha_noimport(struct ahash_request *req, const void *in) +static int dcp_sha_import(struct ahash_request *req, const void *in) { - return -ENOSYS; + struct dcp_sha_req_ctx *rctx = ahash_request_ctx(req); + struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); + struct dcp_async_ctx *actx = crypto_ahash_ctx(tfm); + const struct dcp_export_state *export = in; + + memset(rctx, 0, sizeof(struct dcp_sha_req_ctx)); + memset(actx, 0, sizeof(struct dcp_async_ctx)); + memcpy(rctx, &export->req_ctx, sizeof(struct dcp_sha_req_ctx)); + memcpy(actx, &export->async_ctx, sizeof(struct dcp_async_ctx)); + + return 0; } -static int dcp_sha_noexport(struct ahash_request *req, void *out) +static int dcp_sha_export(struct ahash_request *req, void *out) { - return -ENOSYS; + struct dcp_sha_req_ctx *rctx_state = ahash_request_ctx(req); + struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); + struct dcp_async_ctx *actx_state = crypto_ahash_ctx(tfm); + struct dcp_export_state *export = out; + + memcpy(&export->req_ctx, rctx_state, sizeof(struct dcp_sha_req_ctx)); + memcpy(&export->async_ctx, actx_state, sizeof(struct dcp_async_ctx)); + + return 0; } static int dcp_sha_cra_init(struct crypto_tfm *tfm) { crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm), @@ -839,14 +862,15 @@ static struct ahash_alg dcp_sha1_alg = { .init = dcp_sha_init, .update = dcp_sha_update, .final = dcp_sha_final, .finup = dcp_sha_finup, .digest = dcp_sha_digest, - .import = dcp_sha_noimport, - .export = dcp_sha_noexport, + .import = dcp_sha_import, + .export = dcp_sha_export, .halg = { .digestsize = SHA1_DIGEST_SIZE, + .statesize = sizeof(struct dcp_export_state), .base = { .cra_name = "sha1", .cra_driver_name = "sha1-dcp", .cra_priority = 400, .cra_alignmask = 63, @@ -865,14 +889,15 @@ static struct ahash_alg dcp_sha256_alg = { .init = dcp_sha_init, .update = dcp_sha_update, .final = dcp_sha_final, .finup = dcp_sha_finup, .digest = dcp_sha_digest, - .import = dcp_sha_noimport, - .export = dcp_sha_noexport, + .import = dcp_sha_import, + .export = dcp_sha_export, .halg = { .digestsize = SHA256_DIGEST_SIZE, + .statesize = sizeof(struct dcp_export_state), .base = { .cra_name = "sha256", .cra_driver_name = "sha256-dcp", .cra_priority = 400, .cra_alignmask = 63,
The mxs-dcp driver fails to probe if sha1/sha256 are supported: [ 2.455404] mxs-dcp 80028000.dcp: Failed to register sha1 hash! [ 2.464042] mxs-dcp: probe of 80028000.dcp failed with error -22 This happens because since commit 8996eafdcbad ("crypto: ahash - ensure statesize is non-zero") import/export is mandatory and ahash_prepare_alg fails on statesize == 0. A set of dummy import/export functions were implemented in commit 9190b6fd5db9 ("crypto: mxs-dcp - Add empty hash export and import") but statesize is still zero and the driver fails to probe. That change was apparently part of some unrelated refactoring. Fix by actually implementing import/export. Signed-off-by: Dan Douglass <dan.douglass@nxp.com> Signed-off-by: Leonard Crestez <leonard.crestez@nxp.com> --- drivers/crypto/mxs-dcp.c | 41 ++++++++++++++++++++++++++++++++-------- 1 file changed, 33 insertions(+), 8 deletions(-) Patch is from NXP internal tree with minor adaptations, I can't vouch for correctness. This only fixes probing, *TESTS DO NOT PASS* without additional fixes dealing with HW limitations. A branch that gets tcrypt to pass can be found here: https://github.com/cdleonard/linux/commits/crypto_mxsdcp I don't know if patches that make crypto drivers half-work are acceptable, it can be argued that it's better to fail on probe and fallback to software than to give incorrect results. I'm posting this mostly because it was requested by Fabio.