Re: [PATCH v2 4/5] lib: sha256: Add support for hardware specific sha256_process

[Simon Glass <sjg@chromium.org>]

Hi Loic,

On Mon, 6 Feb 2023 at 15:12, Loic Poulain <loic.poulain@linaro.org> wrote:
>
> Hi Simon,
>
> Le lun. 6 févr. 2023 à 18:12, Simon Glass <sjg@chromium.org> a écrit :
>>
>> Hi Loic,
>>
>> On Wed, 1 Jun 2022 at 12:27, Loic Poulain <loic.poulain@linaro.org> wrote:
>> >
>> > Mark sha256_process as weak to allow hardware specific implementation.
>> > Add parameter for supporting multiple blocks processing.
>> >
>> > Signed-off-by: Loic Poulain <loic.poulain@linaro.org>
>> > ---
>> >  lib/sha256.c | 26 +++++++++++++++++++-------
>> >  1 file changed, 19 insertions(+), 7 deletions(-)
>> >
>> > diff --git a/lib/sha256.c b/lib/sha256.c
>> > index c1fe93d..50b0b51 100644
>> > --- a/lib/sha256.c
>> > +++ b/lib/sha256.c
>> > @@ -14,6 +14,8 @@
>> >  #include <watchdog.h>
>> >  #include <u-boot/sha256.h>
>> >
>> > +#include <linux/compiler_attributes.h>
>> > +
>> >  const uint8_t sha256_der_prefix[SHA256_DER_LEN] = {
>> >         0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
>> >         0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05,
>> > @@ -55,7 +57,7 @@ void sha256_starts(sha256_context * ctx)
>> >         ctx->state[7] = 0x5BE0CD19;
>> >  }
>> >
>> > -static void sha256_process(sha256_context *ctx, const uint8_t data[64])
>> > +static void sha256_process_one(sha256_context *ctx, const uint8_t data[64])
>> >  {
>> >         uint32_t temp1, temp2;
>> >         uint32_t W[64];
>> > @@ -186,6 +188,18 @@ static void sha256_process(sha256_context *ctx, const uint8_t data[64])
>> >         ctx->state[7] += H;
>> >  }
>> >
>> > +__weak void sha256_process(sha256_context *ctx, const unsigned char *data,
>> > +                          unsigned int blocks)
>> > +{
>> > +       if (!blocks)
>> > +               return;
>> > +
>> > +       while (blocks--) {
>> > +               sha256_process_one(ctx, data);
>> > +               data += 64;
>> > +       }
>> > +}
>> > +
>> >  void sha256_update(sha256_context *ctx, const uint8_t *input, uint32_t length)
>> >  {
>> >         uint32_t left, fill;
>> > @@ -204,17 +218,15 @@ void sha256_update(sha256_context *ctx, const uint8_t *input, uint32_t length)
>> >
>> >         if (left && length >= fill) {
>> >                 memcpy((void *) (ctx->buffer + left), (void *) input, fill);
>> > -               sha256_process(ctx, ctx->buffer);
>> > +               sha256_process(ctx, ctx->buffer, 1);
>> >                 length -= fill;
>> >                 input += fill;
>> >                 left = 0;
>> >         }
>> >
>> > -       while (length >= 64) {
>> > -               sha256_process(ctx, input);
>> > -               length -= 64;
>> > -               input += 64;
>> > -       }
>> > +       sha256_process(ctx, input, length / 64);
>> > +       input += length / 64 * 64;
>> > +       length = length % 64;
>> >
>> >         if (length)
>> >                 memcpy((void *) (ctx->buffer + left), (void *) input, length);
>> > --
>> > 2.7.4
>> >
>>
>> I just came across this patch as it broke minnowmax.
>
>
> Ok, is it a build time or runtime break?

Build, but you need the binary blobs to see it :-(

>
>>
>>
>> This should be using driver model, not weak functions. Please can you
>> take a look?
>
>
> Yes I can look at it in the next few days. I have used weak function because it’s an architecture feature offered by armv8 instructions, It’s not strictly speaking an internal device/IP.

Thanks.

Right, same as hardware-accelerated hashing hardware in my book.

See hash.c which has become a mess. We have been trying to make do
with a list of algos, but given all the updates I think needs a new
UCLASS_HASH with the same operations as in hash.h

Regards,
Simon