* [PATCH 0/4] Atmel crypto engine fixes
@ 2023-03-28 19:56 Ryan.Wanner
2023-03-28 19:56 ` [PATCH 1/4] crypto: atmel-sha: Add zero length message digest support for hmac Ryan.Wanner
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: Ryan.Wanner @ 2023-03-28 19:56 UTC (permalink / raw)
To: herbert, davem, nicolas.ferre, alexandre.belloni, claudiu.beznea
Cc: linux-crypto, linux-arm-kernel, linux-kernel, Ryan Wanner
From: Ryan Wanner <Ryan.Wanner@microchip.com>
I made changes to the crypto engines to fix the errors in the crypto
manager tests. Mainly having to do with in-place tests with two
scatter lists. These are built and tested in 6.2.7 kernel, the
devices that are used for testing is the sam9x60, sama7g5, and
sama5d27_som1_ek.
Adding support for zero-length messages for hmac-sha operations. Using
the atmel_sha_fill_padding() function to padd the empty message manualy
then disabling auto padding. This is built and tested on kernel 6.2.7
using sam9x60, sama7g5, and sama5d27_som1_ek.
Ryan Wanner (4):
crypto: atmel-sha: Add zero length message digest support for hmac
crypto: atmel-tdes - Detecting in-place operations with two sg lists
crypto: atmel-aes - Detecting in-place operations two sg lists
crypto: atmel-aes - Match cfb block size with generic implementation
drivers/crypto/atmel-aes.c | 16 +++++-----------
drivers/crypto/atmel-sha.c | 34 ++++++++++++++++++++++++++++++----
drivers/crypto/atmel-tdes.c | 15 +++++----------
3 files changed, 40 insertions(+), 25 deletions(-)
--
2.37.2
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 1/4] crypto: atmel-sha: Add zero length message digest support for hmac
2023-03-28 19:56 [PATCH 0/4] Atmel crypto engine fixes Ryan.Wanner
@ 2023-03-28 19:56 ` Ryan.Wanner
2023-03-28 19:56 ` [PATCH 2/4] crypto: atmel-tdes - Detecting in-place operations with two sg lists Ryan.Wanner
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Ryan.Wanner @ 2023-03-28 19:56 UTC (permalink / raw)
To: herbert, davem, nicolas.ferre, alexandre.belloni, claudiu.beznea
Cc: linux-crypto, linux-arm-kernel, linux-kernel, Ryan Wanner
From: Ryan Wanner <Ryan.Wanner@microchip.com>
Add softare padding to hmac-sha digest for zero length messages.
Using the atmel_sha_fill_padding() to fill the buffer with a padded
empty message with a length of the block size.
Create a temporary scatter list from the padded buffer to pass into the
data processing functions.
Signed-off-by: Ryan Wanner <Ryan.Wanner@microchip.com>
---
drivers/crypto/atmel-sha.c | 34 ++++++++++++++++++++++++++++++----
1 file changed, 30 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/atmel-sha.c b/drivers/crypto/atmel-sha.c
index 00be792e605c..b42e3a0b8cb5 100644
--- a/drivers/crypto/atmel-sha.c
+++ b/drivers/crypto/atmel-sha.c
@@ -1948,14 +1948,32 @@ static int atmel_sha_hmac_digest2(struct atmel_sha_dev *dd)
struct atmel_sha_reqctx *ctx = ahash_request_ctx(req);
struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
struct atmel_sha_hmac_ctx *hmac = crypto_ahash_ctx(tfm);
+ struct scatterlist *sgbuf;
size_t hs = ctx->hash_size;
size_t i, num_words = hs / sizeof(u32);
bool use_dma = false;
u32 mr;
/* Special case for empty message. */
- if (!req->nbytes)
- return atmel_sha_complete(dd, -EINVAL); // TODO:
+ if (!req->nbytes) {
+ req->nbytes = 0;
+ ctx->bufcnt = 0;
+ ctx->digcnt[0] = 0;
+ ctx->digcnt[1] = 0;
+ switch (ctx->flags & SHA_FLAGS_ALGO_MASK) {
+ case SHA_FLAGS_SHA1:
+ case SHA_FLAGS_SHA224:
+ case SHA_FLAGS_SHA256:
+ atmel_sha_fill_padding(ctx, 64);
+ break;
+
+ case SHA_FLAGS_SHA384:
+ case SHA_FLAGS_SHA512:
+ atmel_sha_fill_padding(ctx, 128);
+ break;
+ }
+ sg_init_one(&dd->tmp, ctx->buffer, ctx->bufcnt);
+ }
/* Check DMA threshold and alignment. */
if (req->nbytes > ATMEL_SHA_DMA_THRESHOLD &&
@@ -1985,12 +2003,20 @@ static int atmel_sha_hmac_digest2(struct atmel_sha_dev *dd)
atmel_sha_write(dd, SHA_CR, SHA_CR_FIRST);
+ /* Special case for empty message. */
+ if (!req->nbytes) {
+ sgbuf = &dd->tmp;
+ req->nbytes = ctx->bufcnt;
+ } else {
+ sgbuf = req->src;
+ }
+
/* Process data. */
if (use_dma)
- return atmel_sha_dma_start(dd, req->src, req->nbytes,
+ return atmel_sha_dma_start(dd, sgbuf, req->nbytes,
atmel_sha_hmac_final_done);
- return atmel_sha_cpu_start(dd, req->src, req->nbytes, false, true,
+ return atmel_sha_cpu_start(dd, sgbuf, req->nbytes, false, true,
atmel_sha_hmac_final_done);
}
--
2.37.2
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 2/4] crypto: atmel-tdes - Detecting in-place operations with two sg lists
2023-03-28 19:56 [PATCH 0/4] Atmel crypto engine fixes Ryan.Wanner
2023-03-28 19:56 ` [PATCH 1/4] crypto: atmel-sha: Add zero length message digest support for hmac Ryan.Wanner
@ 2023-03-28 19:56 ` Ryan.Wanner
2023-03-28 19:56 ` [PATCH 3/4] crypto: atmel-aes - Detecting in-place operations " Ryan.Wanner
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Ryan.Wanner @ 2023-03-28 19:56 UTC (permalink / raw)
To: herbert, davem, nicolas.ferre, alexandre.belloni, claudiu.beznea
Cc: linux-crypto, linux-arm-kernel, linux-kernel, Ryan Wanner
From: Ryan Wanner <Ryan.Wanner@microchip.com>
Avoiding detecting finely in-place operations with different
scatter lists. Copying the source data for decryption into rctx->lastc
regardless if the operation is in-place or not. This allows in-place
operations with different scatter lists without affecting other
operations.
This approach takes less resources than parsing both scatter lists to
check if they are equal.
Signed-off-by: Ryan Wanner <Ryan.Wanner@microchip.com>
---
drivers/crypto/atmel-tdes.c | 15 +++++----------
1 file changed, 5 insertions(+), 10 deletions(-)
diff --git a/drivers/crypto/atmel-tdes.c b/drivers/crypto/atmel-tdes.c
index 8b7bc1076e0d..edf18073516e 100644
--- a/drivers/crypto/atmel-tdes.c
+++ b/drivers/crypto/atmel-tdes.c
@@ -565,17 +565,12 @@ atmel_tdes_set_iv_as_last_ciphertext_block(struct atmel_tdes_dev *dd)
if (req->cryptlen < ivsize)
return;
- if (rctx->mode & TDES_FLAGS_ENCRYPT) {
+ if (rctx->mode & TDES_FLAGS_ENCRYPT)
scatterwalk_map_and_copy(req->iv, req->dst,
req->cryptlen - ivsize, ivsize, 0);
- } else {
- if (req->src == req->dst)
- memcpy(req->iv, rctx->lastc, ivsize);
- else
- scatterwalk_map_and_copy(req->iv, req->src,
- req->cryptlen - ivsize,
- ivsize, 0);
- }
+ else
+ memcpy(req->iv, rctx->lastc, ivsize);
+
}
static void atmel_tdes_finish_req(struct atmel_tdes_dev *dd, int err)
@@ -722,7 +717,7 @@ static int atmel_tdes_crypt(struct skcipher_request *req, unsigned long mode)
rctx->mode = mode;
if ((mode & TDES_FLAGS_OPMODE_MASK) != TDES_FLAGS_ECB &&
- !(mode & TDES_FLAGS_ENCRYPT) && req->src == req->dst) {
+ !(mode & TDES_FLAGS_ENCRYPT)) {
unsigned int ivsize = crypto_skcipher_ivsize(skcipher);
if (req->cryptlen >= ivsize)
--
2.37.2
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 3/4] crypto: atmel-aes - Detecting in-place operations two sg lists
2023-03-28 19:56 [PATCH 0/4] Atmel crypto engine fixes Ryan.Wanner
2023-03-28 19:56 ` [PATCH 1/4] crypto: atmel-sha: Add zero length message digest support for hmac Ryan.Wanner
2023-03-28 19:56 ` [PATCH 2/4] crypto: atmel-tdes - Detecting in-place operations with two sg lists Ryan.Wanner
@ 2023-03-28 19:56 ` Ryan.Wanner
2023-03-28 19:56 ` [PATCH 4/4] crypto: atmel-aes - Match cfb block size with generic implementation Ryan.Wanner
2023-04-06 8:50 ` [PATCH 0/4] Atmel crypto engine fixes Herbert Xu
4 siblings, 0 replies; 6+ messages in thread
From: Ryan.Wanner @ 2023-03-28 19:56 UTC (permalink / raw)
To: herbert, davem, nicolas.ferre, alexandre.belloni, claudiu.beznea
Cc: linux-crypto, linux-arm-kernel, linux-kernel, Ryan Wanner
From: Ryan Wanner <Ryan.Wanner@microchip.com>
Avoiding detecting finely in-place operations with different
scatter lists. Copying the source data for decryption into rctx->lastc
regardless if the operation is in-place or not. This allows in-place
operations with different scatter lists.
This approach takes less resources than parsing both scatter lists to
check if they are equal.
Signed-off-by: Ryan Wanner <Ryan.Wanner@microchip.com>
---
drivers/crypto/atmel-aes.c | 14 ++++----------
1 file changed, 4 insertions(+), 10 deletions(-)
diff --git a/drivers/crypto/atmel-aes.c b/drivers/crypto/atmel-aes.c
index 063394cfa874..08a923c2a0eb 100644
--- a/drivers/crypto/atmel-aes.c
+++ b/drivers/crypto/atmel-aes.c
@@ -493,17 +493,11 @@ static void atmel_aes_set_iv_as_last_ciphertext_block(struct atmel_aes_dev *dd)
if (req->cryptlen < ivsize)
return;
- if (rctx->mode & AES_FLAGS_ENCRYPT) {
+ if (rctx->mode & AES_FLAGS_ENCRYPT)
scatterwalk_map_and_copy(req->iv, req->dst,
req->cryptlen - ivsize, ivsize, 0);
- } else {
- if (req->src == req->dst)
- memcpy(req->iv, rctx->lastc, ivsize);
- else
- scatterwalk_map_and_copy(req->iv, req->src,
- req->cryptlen - ivsize,
- ivsize, 0);
- }
+ else
+ memcpy(req->iv, rctx->lastc, ivsize);
}
static inline struct atmel_aes_ctr_ctx *
@@ -1146,7 +1140,7 @@ static int atmel_aes_crypt(struct skcipher_request *req, unsigned long mode)
rctx->mode = mode;
if (opmode != AES_FLAGS_ECB &&
- !(mode & AES_FLAGS_ENCRYPT) && req->src == req->dst) {
+ !(mode & AES_FLAGS_ENCRYPT)) {
unsigned int ivsize = crypto_skcipher_ivsize(skcipher);
if (req->cryptlen >= ivsize)
--
2.37.2
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 4/4] crypto: atmel-aes - Match cfb block size with generic implementation
2023-03-28 19:56 [PATCH 0/4] Atmel crypto engine fixes Ryan.Wanner
` (2 preceding siblings ...)
2023-03-28 19:56 ` [PATCH 3/4] crypto: atmel-aes - Detecting in-place operations " Ryan.Wanner
@ 2023-03-28 19:56 ` Ryan.Wanner
2023-04-06 8:50 ` [PATCH 0/4] Atmel crypto engine fixes Herbert Xu
4 siblings, 0 replies; 6+ messages in thread
From: Ryan.Wanner @ 2023-03-28 19:56 UTC (permalink / raw)
To: herbert, davem, nicolas.ferre, alexandre.belloni, claudiu.beznea
Cc: linux-crypto, linux-arm-kernel, linux-kernel, Ryan Wanner
From: Ryan Wanner <Ryan.Wanner@microchip.com>
Change blocksize to match the cfb(aes) generic implementation.
Signed-off-by: Ryan Wanner <Ryan.Wanner@microchip.com>
---
drivers/crypto/atmel-aes.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/atmel-aes.c b/drivers/crypto/atmel-aes.c
index 08a923c2a0eb..012cdf60d9d2 100644
--- a/drivers/crypto/atmel-aes.c
+++ b/drivers/crypto/atmel-aes.c
@@ -1335,7 +1335,7 @@ static struct skcipher_alg aes_algs[] = {
{
.base.cra_name = "cfb(aes)",
.base.cra_driver_name = "atmel-cfb-aes",
- .base.cra_blocksize = AES_BLOCK_SIZE,
+ .base.cra_blocksize = 1,
.base.cra_ctxsize = sizeof(struct atmel_aes_ctx),
.init = atmel_aes_init_tfm,
--
2.37.2
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 0/4] Atmel crypto engine fixes
2023-03-28 19:56 [PATCH 0/4] Atmel crypto engine fixes Ryan.Wanner
` (3 preceding siblings ...)
2023-03-28 19:56 ` [PATCH 4/4] crypto: atmel-aes - Match cfb block size with generic implementation Ryan.Wanner
@ 2023-04-06 8:50 ` Herbert Xu
4 siblings, 0 replies; 6+ messages in thread
From: Herbert Xu @ 2023-04-06 8:50 UTC (permalink / raw)
To: Ryan.Wanner
Cc: davem, nicolas.ferre, alexandre.belloni, claudiu.beznea,
linux-crypto, linux-arm-kernel, linux-kernel
On Tue, Mar 28, 2023 at 12:56:25PM -0700, Ryan.Wanner@microchip.com wrote:
> From: Ryan Wanner <Ryan.Wanner@microchip.com>
>
> I made changes to the crypto engines to fix the errors in the crypto
> manager tests. Mainly having to do with in-place tests with two
> scatter lists. These are built and tested in 6.2.7 kernel, the
> devices that are used for testing is the sam9x60, sama7g5, and
> sama5d27_som1_ek.
>
> Adding support for zero-length messages for hmac-sha operations. Using
> the atmel_sha_fill_padding() function to padd the empty message manualy
> then disabling auto padding. This is built and tested on kernel 6.2.7
> using sam9x60, sama7g5, and sama5d27_som1_ek.
>
>
> Ryan Wanner (4):
> crypto: atmel-sha: Add zero length message digest support for hmac
> crypto: atmel-tdes - Detecting in-place operations with two sg lists
> crypto: atmel-aes - Detecting in-place operations two sg lists
> crypto: atmel-aes - Match cfb block size with generic implementation
>
> drivers/crypto/atmel-aes.c | 16 +++++-----------
> drivers/crypto/atmel-sha.c | 34 ++++++++++++++++++++++++++++++----
> drivers/crypto/atmel-tdes.c | 15 +++++----------
> 3 files changed, 40 insertions(+), 25 deletions(-)
>
> --
> 2.37.2
All applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2023-04-06 8:51 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-03-28 19:56 [PATCH 0/4] Atmel crypto engine fixes Ryan.Wanner
2023-03-28 19:56 ` [PATCH 1/4] crypto: atmel-sha: Add zero length message digest support for hmac Ryan.Wanner
2023-03-28 19:56 ` [PATCH 2/4] crypto: atmel-tdes - Detecting in-place operations with two sg lists Ryan.Wanner
2023-03-28 19:56 ` [PATCH 3/4] crypto: atmel-aes - Detecting in-place operations " Ryan.Wanner
2023-03-28 19:56 ` [PATCH 4/4] crypto: atmel-aes - Match cfb block size with generic implementation Ryan.Wanner
2023-04-06 8:50 ` [PATCH 0/4] Atmel crypto engine fixes Herbert Xu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).