From: Corentin Labbe <clabbe@baylibre.com> To: davem@davemloft.net, herbert@gondor.apana.org.au, jernej.skrabec@gmail.com, mripard@kernel.org, wens@csie.org Cc: linux-arm-kernel@lists.infradead.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, linux-sunxi@lists.linux.dev, linux-sunxi@googlegroups.com, Corentin Labbe <clabbe@baylibre.com> Subject: [PATCH 8/8] crypto: sun8i-ss: handle requests if last block is not modulo 64 Date: Wed, 26 Jan 2022 21:04:41 +0000 [thread overview] Message-ID: <20220126210441.3661782-9-clabbe@baylibre.com> (raw) In-Reply-To: <20220126210441.3661782-1-clabbe@baylibre.com> The current sun8i-ss handle only requests with all SG length being modulo 64. But the last SG could be always handled by copying it on the pad buffer. Signed-off-by: Corentin Labbe <clabbe@baylibre.com> --- .../crypto/allwinner/sun8i-ss/sun8i-ss-core.c | 2 +- .../crypto/allwinner/sun8i-ss/sun8i-ss-hash.c | 35 ++++++++++++++----- drivers/crypto/allwinner/sun8i-ss/sun8i-ss.h | 2 ++ 3 files changed, 29 insertions(+), 10 deletions(-) diff --git a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-core.c b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-core.c index 084261d7899c..c8c079f3b466 100644 --- a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-core.c +++ b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-core.c @@ -475,7 +475,7 @@ static int allocate_flows(struct sun8i_ss_dev *ss) init_completion(&ss->flows[i].complete); /* the padding could be up to two block. */ - ss->flows[i].pad = devm_kmalloc(ss->dev, SHA256_BLOCK_SIZE * 2, + ss->flows[i].pad = devm_kmalloc(ss->dev, MAX_PAD_SIZE, GFP_KERNEL | GFP_DMA); if (!ss->flows[i].pad) goto error_engine; diff --git a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-hash.c b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-hash.c index 1aae36d541d8..dd5e4f0fd5ab 100644 --- a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-hash.c +++ b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-hash.c @@ -13,6 +13,7 @@ #include <linux/pm_runtime.h> #include <linux/scatterlist.h> #include <crypto/internal/hash.h> +#include <crypto/scatterwalk.h> #include <crypto/sha1.h> #include <crypto/sha2.h> #include <crypto/md5.h> @@ -261,6 +262,9 @@ static bool sun8i_ss_hash_need_fallback(struct ahash_request *areq) if (areq->nbytes == 0) return true; + if (areq->nbytes >= MAX_PAD_SIZE - 64) + return true; + /* we need to reserve one SG for the padding one */ if (sg_nents(areq->src) > MAX_SG - 1) return true; @@ -269,10 +273,13 @@ static bool sun8i_ss_hash_need_fallback(struct ahash_request *areq) /* SS can operate hash only on full block size * since SS support only MD5,sha1,sha224 and sha256, blocksize * is always 64 - * TODO: handle request if last SG is not len%64 - * but this will need to copy data on a new SG of size=64 */ - if (sg->length % 64 || !IS_ALIGNED(sg->offset, sizeof(u32))) + /* Only the last block could be bounced to the pad buffer */ + if (sg->length % 64 && sg_next(sg)) + return true; + if (!IS_ALIGNED(sg->offset, sizeof(u32))) + return true; + if (sg->length % 4) return true; sg = sg_next(sg); } @@ -360,6 +367,7 @@ int sun8i_ss_hash_run(struct crypto_engine *engine, void *breq) goto theend; } + j = 0; len = areq->nbytes; sg = areq->src; i = 0; @@ -368,12 +376,19 @@ int sun8i_ss_hash_run(struct crypto_engine *engine, void *breq) sg = sg_next(sg); continue; } - rctx->t_src[i].addr = sg_dma_address(sg); todo = min(len, sg_dma_len(sg)); - rctx->t_src[i].len = todo / 4; - len -= todo; - rctx->t_dst[i].addr = addr_res; - rctx->t_dst[i].len = digestsize / 4; + /* only the last SG could be with a size not modulo64 */ + if (todo % 64 == 0) { + rctx->t_src[i].addr = sg_dma_address(sg); + rctx->t_src[i].len = todo / 4; + rctx->t_dst[i].addr = addr_res; + rctx->t_dst[i].len = digestsize / 4; + len -= todo; + } else { + scatterwalk_map_and_copy(bf, sg, 0, todo, 0); + j += todo / 4; + len -= todo; + } sg = sg_next(sg); i++; } @@ -383,8 +398,10 @@ int sun8i_ss_hash_run(struct crypto_engine *engine, void *breq) goto theend; } + if (j > 0) + i--; + byte_count = areq->nbytes; - j = 0; bf[j++] = cpu_to_le32(0x80); fill = 64 - (byte_count % 64); diff --git a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss.h b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss.h index f9f089ede934..8c9649bab88c 100644 --- a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss.h +++ b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss.h @@ -82,6 +82,8 @@ #define PRNG_DATA_SIZE (160 / 8) #define PRNG_SEED_SIZE DIV_ROUND_UP(175, 8) +#define MAX_PAD_SIZE 4096 + /* * struct ss_clock - Describe clocks used by sun8i-ss * @name: Name of clock needed by this variant -- 2.34.1
WARNING: multiple messages have this Message-ID (diff)
From: Corentin Labbe <clabbe@baylibre.com> To: davem@davemloft.net, herbert@gondor.apana.org.au, jernej.skrabec@gmail.com, mripard@kernel.org, wens@csie.org Cc: linux-arm-kernel@lists.infradead.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, linux-sunxi@lists.linux.dev, linux-sunxi@googlegroups.com, Corentin Labbe <clabbe@baylibre.com> Subject: [PATCH 8/8] crypto: sun8i-ss: handle requests if last block is not modulo 64 Date: Wed, 26 Jan 2022 21:04:41 +0000 [thread overview] Message-ID: <20220126210441.3661782-9-clabbe@baylibre.com> (raw) In-Reply-To: <20220126210441.3661782-1-clabbe@baylibre.com> The current sun8i-ss handle only requests with all SG length being modulo 64. But the last SG could be always handled by copying it on the pad buffer. Signed-off-by: Corentin Labbe <clabbe@baylibre.com> --- .../crypto/allwinner/sun8i-ss/sun8i-ss-core.c | 2 +- .../crypto/allwinner/sun8i-ss/sun8i-ss-hash.c | 35 ++++++++++++++----- drivers/crypto/allwinner/sun8i-ss/sun8i-ss.h | 2 ++ 3 files changed, 29 insertions(+), 10 deletions(-) diff --git a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-core.c b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-core.c index 084261d7899c..c8c079f3b466 100644 --- a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-core.c +++ b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-core.c @@ -475,7 +475,7 @@ static int allocate_flows(struct sun8i_ss_dev *ss) init_completion(&ss->flows[i].complete); /* the padding could be up to two block. */ - ss->flows[i].pad = devm_kmalloc(ss->dev, SHA256_BLOCK_SIZE * 2, + ss->flows[i].pad = devm_kmalloc(ss->dev, MAX_PAD_SIZE, GFP_KERNEL | GFP_DMA); if (!ss->flows[i].pad) goto error_engine; diff --git a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-hash.c b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-hash.c index 1aae36d541d8..dd5e4f0fd5ab 100644 --- a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-hash.c +++ b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-hash.c @@ -13,6 +13,7 @@ #include <linux/pm_runtime.h> #include <linux/scatterlist.h> #include <crypto/internal/hash.h> +#include <crypto/scatterwalk.h> #include <crypto/sha1.h> #include <crypto/sha2.h> #include <crypto/md5.h> @@ -261,6 +262,9 @@ static bool sun8i_ss_hash_need_fallback(struct ahash_request *areq) if (areq->nbytes == 0) return true; + if (areq->nbytes >= MAX_PAD_SIZE - 64) + return true; + /* we need to reserve one SG for the padding one */ if (sg_nents(areq->src) > MAX_SG - 1) return true; @@ -269,10 +273,13 @@ static bool sun8i_ss_hash_need_fallback(struct ahash_request *areq) /* SS can operate hash only on full block size * since SS support only MD5,sha1,sha224 and sha256, blocksize * is always 64 - * TODO: handle request if last SG is not len%64 - * but this will need to copy data on a new SG of size=64 */ - if (sg->length % 64 || !IS_ALIGNED(sg->offset, sizeof(u32))) + /* Only the last block could be bounced to the pad buffer */ + if (sg->length % 64 && sg_next(sg)) + return true; + if (!IS_ALIGNED(sg->offset, sizeof(u32))) + return true; + if (sg->length % 4) return true; sg = sg_next(sg); } @@ -360,6 +367,7 @@ int sun8i_ss_hash_run(struct crypto_engine *engine, void *breq) goto theend; } + j = 0; len = areq->nbytes; sg = areq->src; i = 0; @@ -368,12 +376,19 @@ int sun8i_ss_hash_run(struct crypto_engine *engine, void *breq) sg = sg_next(sg); continue; } - rctx->t_src[i].addr = sg_dma_address(sg); todo = min(len, sg_dma_len(sg)); - rctx->t_src[i].len = todo / 4; - len -= todo; - rctx->t_dst[i].addr = addr_res; - rctx->t_dst[i].len = digestsize / 4; + /* only the last SG could be with a size not modulo64 */ + if (todo % 64 == 0) { + rctx->t_src[i].addr = sg_dma_address(sg); + rctx->t_src[i].len = todo / 4; + rctx->t_dst[i].addr = addr_res; + rctx->t_dst[i].len = digestsize / 4; + len -= todo; + } else { + scatterwalk_map_and_copy(bf, sg, 0, todo, 0); + j += todo / 4; + len -= todo; + } sg = sg_next(sg); i++; } @@ -383,8 +398,10 @@ int sun8i_ss_hash_run(struct crypto_engine *engine, void *breq) goto theend; } + if (j > 0) + i--; + byte_count = areq->nbytes; - j = 0; bf[j++] = cpu_to_le32(0x80); fill = 64 - (byte_count % 64); diff --git a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss.h b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss.h index f9f089ede934..8c9649bab88c 100644 --- a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss.h +++ b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss.h @@ -82,6 +82,8 @@ #define PRNG_DATA_SIZE (160 / 8) #define PRNG_SEED_SIZE DIV_ROUND_UP(175, 8) +#define MAX_PAD_SIZE 4096 + /* * struct ss_clock - Describe clocks used by sun8i-ss * @name: Name of clock needed by this variant -- 2.34.1 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2022-01-26 21:04 UTC|newest] Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-01-26 21:04 [PATCH 0/8] crypto: allwinner: various improvments Corentin Labbe 2022-01-26 21:04 ` Corentin Labbe 2022-01-26 21:04 ` [PATCH 1/8] crypto: sun8i-ce: do not allocate memory when handling requests Corentin Labbe 2022-01-26 21:04 ` Corentin Labbe 2022-01-27 4:17 ` kernel test robot 2022-01-27 4:17 ` kernel test robot 2022-01-27 4:17 ` kernel test robot 2022-01-26 21:04 ` [PATCH 2/8] crypto: sun4i-ss: do not allocate backup IV on requests Corentin Labbe 2022-01-26 21:04 ` Corentin Labbe 2022-01-26 21:04 ` [PATCH 3/8] crypto: sun8i-ss: handle zero sized sg Corentin Labbe 2022-01-26 21:04 ` Corentin Labbe 2022-01-26 21:04 ` [PATCH 4/8] crypto: sun8i-ss: do not allocate memory when handling hash requests Corentin Labbe 2022-01-26 21:04 ` Corentin Labbe 2022-01-26 21:04 ` [PATCH 5/8] crypto: sun8i-ss: do not zeroize all pad Corentin Labbe 2022-01-26 21:04 ` Corentin Labbe 2022-01-26 21:04 ` [PATCH 6/8] crypto: sun8i-ss: remove redundant test Corentin Labbe 2022-01-26 21:04 ` Corentin Labbe 2022-01-26 21:04 ` [PATCH 7/8] crypto: sun8i-ss: test error before assigning Corentin Labbe 2022-01-26 21:04 ` Corentin Labbe 2022-01-26 21:04 ` Corentin Labbe [this message] 2022-01-26 21:04 ` [PATCH 8/8] crypto: sun8i-ss: handle requests if last block is not modulo 64 Corentin Labbe
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20220126210441.3661782-9-clabbe@baylibre.com \ --to=clabbe@baylibre.com \ --cc=davem@davemloft.net \ --cc=herbert@gondor.apana.org.au \ --cc=jernej.skrabec@gmail.com \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-crypto@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-sunxi@googlegroups.com \ --cc=linux-sunxi@lists.linux.dev \ --cc=mripard@kernel.org \ --cc=wens@csie.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.