From: herbert@gondor.apana.org.au (Herbert Xu)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH v4 3/3] crypto: Add Allwinner Security System crypto accelerator
Date: Thu, 24 Jul 2014 21:38:23 +0800 [thread overview]
Message-ID: <20140724133823.GA9638@gondor.apana.org.au> (raw)
In-Reply-To: <53D0E857.8000405@gmail.com>
On Thu, Jul 24, 2014 at 01:04:55PM +0200, Corentin LABBE wrote:
> Le 24/07/2014 08:00, Herbert Xu a ?crit :
> > On Sat, Jul 12, 2014 at 02:59:13PM +0200, LABBE Corentin wrote:
> >>
> >> +/* sunxi_hash_init: initialize request context
> >> + * Activate the SS, and configure it for MD5 or SHA1
> >> + */
> >> +int sunxi_hash_init(struct ahash_request *areq)
> >> +{
> >> + const char *hash_type;
> >> + struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
> >> + struct sunxi_req_ctx *op = crypto_ahash_ctx(tfm);
> >> +
> >> + mutex_lock(&ss->lock);
> >> +
> >> + hash_type = crypto_tfm_alg_name(areq->base.tfm);
> >> +
> >> + op->byte_count = 0;
> >> + op->nbwait = 0;
> >> + op->waitbuf = 0;
> >> +
> >> + /* Enable and configure SS for MD5 or SHA1 */
> >> + if (strcmp(hash_type, "sha1") == 0)
> >> + op->mode = SS_OP_SHA1;
> >> + else
> >> + op->mode = SS_OP_MD5;
> >> +
> >> + writel(op->mode | SS_ENABLED, ss->base + SS_CTL);
> >> + return 0;
> >
> > The hash driver is completely broken. You are modifying tfm
> > ctx data which is shared by all users of a single tfm. So
> > if two users conduct hashes in parallel they will step all
> > over each other.
>
> So where can I store data for each request ?
Well, first of all you need to stop storing state in the hardware.
After each operation the hardware may be used by some other user
for a completely different hash request. So leaving the hash state
in the hardware is a no-no.
If your hardware supports exporting the hash state then you just
have to export it after each operation and reimporting before the
next one.
If your hardware is incapable of exporting partial hash state then
you will have to use a software fallback for init/update. If your
hardware is incapable of importing partial hash state then you will
also have to do finup/final using a software fallback.
Cheers,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
next prev parent reply other threads:[~2014-07-24 13:38 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-12 12:59 [PATCH v4] crypto: Add Allwinner Security System crypto accelerator LABBE Corentin
2014-07-12 12:59 ` [PATCH v4 1/3] ARM: sun7i: dt: Add Security System to A20 SoC DTS LABBE Corentin
2014-07-12 12:59 ` [PATCH v4 2/3] ARM: sunxi: dt: Add DT bindings documentation for SUNXI Security System LABBE Corentin
2014-07-25 10:10 ` Maxime Ripard
2014-07-12 12:59 ` [PATCH v4 3/3] crypto: Add Allwinner Security System crypto accelerator LABBE Corentin
2014-07-23 13:16 ` Herbert Xu
2014-07-23 13:48 ` Maxime Ripard
2014-07-23 13:54 ` Herbert Xu
2014-07-24 6:00 ` Herbert Xu
2014-07-24 11:04 ` Corentin LABBE
2014-07-24 13:38 ` Herbert Xu [this message]
2014-07-26 14:01 ` Corentin LABBE
2014-07-27 14:52 ` Herbert Xu
2014-07-25 11:36 ` Maxime Ripard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140724133823.GA9638@gondor.apana.org.au \
--to=herbert@gondor.apana.org.au \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).