* drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: sparse: incorrect type in assignment (different base types)
@ 2020-09-06 8:52 kernel test robot
2020-09-07 6:24 ` [PATCH] crypto: sun4i-ss - Fix SHA1 hash on A33-variant with BE CPU Herbert Xu
0 siblings, 1 reply; 14+ messages in thread
From: kernel test robot @ 2020-09-06 8:52 UTC (permalink / raw)
To: Corentin Labbe; +Cc: kbuild-all, linux-kernel, Herbert Xu
[-- Attachment #1: Type: text/plain, Size: 15747 bytes --]
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: dd9fb9bb3340c791a2be106fdc895db75f177343
commit: 1e02e6fbdadb3a0cb56294ff37eeeb8109e1f493 crypto: sun4i-ss - add the A33 variant of SS
date: 9 months ago
config: arm64-randconfig-s031-20200906 (attached as .config)
compiler: aarch64-linux-gcc (GCC) 9.3.0
reproduce:
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# apt-get install sparse
# sparse version: v0.6.2-191-g10164920-dirty
git checkout 1e02e6fbdadb3a0cb56294ff37eeeb8109e1f493
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-9.3.0 make.cross C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' ARCH=arm64
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
sparse warnings: (new ones prefixed by >>)
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:412:28: sparse: sparse: invalid assignment: &=
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:412:28: sparse: left side has type restricted __le32
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:412:28: sparse: right side has type unsigned long
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:419:12: sparse: sparse: invalid assignment: |=
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:419:12: sparse: left side has type restricted __le32
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:419:12: sparse: right side has type int
>> drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: sparse: incorrect type in assignment (different base types) @@ expected unsigned int [assigned] [usertype] v @@ got restricted __le32 [usertype] @@
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: expected unsigned int [assigned] [usertype] v
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: got restricted __le32 [usertype]
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:485:35: sparse: sparse: incorrect type in assignment (different base types) @@ expected unsigned int [assigned] [usertype] v @@ got restricted __be32 [usertype] @@
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:485:35: sparse: expected unsigned int [assigned] [usertype] v
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:485:35: sparse: got restricted __be32 [usertype]
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:490:27: sparse: sparse: incorrect type in assignment (different base types) @@ expected unsigned int [addressable] [assigned] [usertype] v @@ got restricted __le32 [usertype] @@
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:490:27: sparse: expected unsigned int [addressable] [assigned] [usertype] v
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:490:27: sparse: got restricted __le32 [usertype]
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1e02e6fbdadb3a0cb56294ff37eeeb8109e1f493
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 1e02e6fbdadb3a0cb56294ff37eeeb8109e1f493
vim +483 drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
148
149 /*
150 * sun4i_hash_update: update hash engine
151 *
152 * Could be used for both SHA1 and MD5
153 * Write data by step of 32bits and put then in the SS.
154 *
155 * Since we cannot leave partial data and hash state in the engine,
156 * we need to get the hash state at the end of this function.
157 * We can get the hash state every 64 bytes
158 *
159 * So the first work is to get the number of bytes to write to SS modulo 64
160 * The extra bytes will go to a temporary buffer op->buf storing op->len bytes
161 *
162 * So at the begin of update()
163 * if op->len + areq->nbytes < 64
164 * => all data will be written to wait buffer (op->buf) and end=0
165 * if not, write all data from op->buf to the device and position end to
166 * complete to 64bytes
167 *
168 * example 1:
169 * update1 60o => op->len=60
170 * update2 60o => need one more word to have 64 bytes
171 * end=4
172 * so write all data from op->buf and one word of SGs
173 * write remaining data in op->buf
174 * final state op->len=56
175 */
176 static int sun4i_hash(struct ahash_request *areq)
177 {
178 /*
179 * i is the total bytes read from SGs, to be compared to areq->nbytes
180 * i is important because we cannot rely on SG length since the sum of
181 * SG->length could be greater than areq->nbytes
182 *
183 * end is the position when we need to stop writing to the device,
184 * to be compared to i
185 *
186 * in_i: advancement in the current SG
187 */
188 unsigned int i = 0, end, fill, min_fill, nwait, nbw = 0, j = 0, todo;
189 unsigned int in_i = 0;
190 u32 spaces, rx_cnt = SS_RX_DEFAULT, bf[32] = {0}, v, ivmode = 0;
191 struct sun4i_req_ctx *op = ahash_request_ctx(areq);
192 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
193 struct sun4i_tfm_ctx *tfmctx = crypto_ahash_ctx(tfm);
194 struct sun4i_ss_ctx *ss = tfmctx->ss;
195 struct scatterlist *in_sg = areq->src;
196 struct sg_mapping_iter mi;
197 int in_r, err = 0;
198 size_t copied = 0;
199 __le32 wb = 0;
200
201 dev_dbg(ss->dev, "%s %s bc=%llu len=%u mode=%x wl=%u h0=%0x",
202 __func__, crypto_tfm_alg_name(areq->base.tfm),
203 op->byte_count, areq->nbytes, op->mode,
204 op->len, op->hash[0]);
205
206 if (unlikely(!areq->nbytes) && !(op->flags & SS_HASH_FINAL))
207 return 0;
208
209 /* protect against overflow */
210 if (unlikely(areq->nbytes > UINT_MAX - op->len)) {
211 dev_err(ss->dev, "Cannot process too large request\n");
212 return -EINVAL;
213 }
214
215 if (op->len + areq->nbytes < 64 && !(op->flags & SS_HASH_FINAL)) {
216 /* linearize data to op->buf */
217 copied = sg_pcopy_to_buffer(areq->src, sg_nents(areq->src),
218 op->buf + op->len, areq->nbytes, 0);
219 op->len += copied;
220 return 0;
221 }
222
223 spin_lock_bh(&ss->slock);
224
225 /*
226 * if some data have been processed before,
227 * we need to restore the partial hash state
228 */
229 if (op->byte_count) {
230 ivmode = SS_IV_ARBITRARY;
231 for (i = 0; i < crypto_ahash_digestsize(tfm) / 4; i++)
232 writel(op->hash[i], ss->base + SS_IV0 + i * 4);
233 }
234 /* Enable the device */
235 writel(op->mode | SS_ENABLED | ivmode, ss->base + SS_CTL);
236
237 if (!(op->flags & SS_HASH_UPDATE))
238 goto hash_final;
239
240 /* start of handling data */
241 if (!(op->flags & SS_HASH_FINAL)) {
242 end = ((areq->nbytes + op->len) / 64) * 64 - op->len;
243
244 if (end > areq->nbytes || areq->nbytes - end > 63) {
245 dev_err(ss->dev, "ERROR: Bound error %u %u\n",
246 end, areq->nbytes);
247 err = -EINVAL;
248 goto release_ss;
249 }
250 } else {
251 /* Since we have the flag final, we can go up to modulo 4 */
252 if (areq->nbytes < 4)
253 end = 0;
254 else
255 end = ((areq->nbytes + op->len) / 4) * 4 - op->len;
256 }
257
258 /* TODO if SGlen % 4 and !op->len then DMA */
259 i = 1;
260 while (in_sg && i == 1) {
261 if (in_sg->length % 4)
262 i = 0;
263 in_sg = sg_next(in_sg);
264 }
265 if (i == 1 && !op->len && areq->nbytes)
266 dev_dbg(ss->dev, "We can DMA\n");
267
268 i = 0;
269 sg_miter_start(&mi, areq->src, sg_nents(areq->src),
270 SG_MITER_FROM_SG | SG_MITER_ATOMIC);
271 sg_miter_next(&mi);
272 in_i = 0;
273
274 do {
275 /*
276 * we need to linearize in two case:
277 * - the buffer is already used
278 * - the SG does not have enough byte remaining ( < 4)
279 */
280 if (op->len || (mi.length - in_i) < 4) {
281 /*
282 * if we have entered here we have two reason to stop
283 * - the buffer is full
284 * - reach the end
285 */
286 while (op->len < 64 && i < end) {
287 /* how many bytes we can read from current SG */
288 in_r = min(end - i, 64 - op->len);
289 in_r = min_t(size_t, mi.length - in_i, in_r);
290 memcpy(op->buf + op->len, mi.addr + in_i, in_r);
291 op->len += in_r;
292 i += in_r;
293 in_i += in_r;
294 if (in_i == mi.length) {
295 sg_miter_next(&mi);
296 in_i = 0;
297 }
298 }
299 if (op->len > 3 && !(op->len % 4)) {
300 /* write buf to the device */
301 writesl(ss->base + SS_RXFIFO, op->buf,
302 op->len / 4);
303 op->byte_count += op->len;
304 op->len = 0;
305 }
306 }
307 if (mi.length - in_i > 3 && i < end) {
308 /* how many bytes we can read from current SG */
309 in_r = min_t(size_t, mi.length - in_i, areq->nbytes - i);
310 in_r = min_t(size_t, ((mi.length - in_i) / 4) * 4, in_r);
311 /* how many bytes we can write in the device*/
312 todo = min3((u32)(end - i) / 4, rx_cnt, (u32)in_r / 4);
313 writesl(ss->base + SS_RXFIFO, mi.addr + in_i, todo);
314 op->byte_count += todo * 4;
315 i += todo * 4;
316 in_i += todo * 4;
317 rx_cnt -= todo;
318 if (!rx_cnt) {
319 spaces = readl(ss->base + SS_FCSR);
320 rx_cnt = SS_RXFIFO_SPACES(spaces);
321 }
322 if (in_i == mi.length) {
323 sg_miter_next(&mi);
324 in_i = 0;
325 }
326 }
327 } while (i < end);
328
329 /*
330 * Now we have written to the device all that we can,
331 * store the remaining bytes in op->buf
332 */
333 if ((areq->nbytes - i) < 64) {
334 while (i < areq->nbytes && in_i < mi.length && op->len < 64) {
335 /* how many bytes we can read from current SG */
336 in_r = min(areq->nbytes - i, 64 - op->len);
337 in_r = min_t(size_t, mi.length - in_i, in_r);
338 memcpy(op->buf + op->len, mi.addr + in_i, in_r);
339 op->len += in_r;
340 i += in_r;
341 in_i += in_r;
342 if (in_i == mi.length) {
343 sg_miter_next(&mi);
344 in_i = 0;
345 }
346 }
347 }
348
349 sg_miter_stop(&mi);
350
351 /*
352 * End of data process
353 * Now if we have the flag final go to finalize part
354 * If not, store the partial hash
355 */
356 if (op->flags & SS_HASH_FINAL)
357 goto hash_final;
358
359 writel(op->mode | SS_ENABLED | SS_DATA_END, ss->base + SS_CTL);
360 i = 0;
361 do {
362 v = readl(ss->base + SS_CTL);
363 i++;
364 } while (i < SS_TIMEOUT && (v & SS_DATA_END));
365 if (unlikely(i >= SS_TIMEOUT)) {
366 dev_err_ratelimited(ss->dev,
367 "ERROR: hash end timeout %d>%d ctl=%x len=%u\n",
368 i, SS_TIMEOUT, v, areq->nbytes);
369 err = -EIO;
370 goto release_ss;
371 }
372
373 /*
374 * The datasheet isn't very clear about when to retrieve the digest. The
375 * bit SS_DATA_END is cleared when the engine has processed the data and
376 * when the digest is computed *but* it doesn't mean the digest is
377 * available in the digest registers. Hence the delay to be sure we can
378 * read it.
379 */
380 ndelay(1);
381
382 for (i = 0; i < crypto_ahash_digestsize(tfm) / 4; i++)
383 op->hash[i] = readl(ss->base + SS_MD0 + i * 4);
384
385 goto release_ss;
386
387 /*
388 * hash_final: finalize hashing operation
389 *
390 * If we have some remaining bytes, we write them.
391 * Then ask the SS for finalizing the hashing operation
392 *
393 * I do not check RX FIFO size in this function since the size is 32
394 * after each enabling and this function neither write more than 32 words.
395 * If we come from the update part, we cannot have more than
396 * 3 remaining bytes to write and SS is fast enough to not care about it.
397 */
398
399 hash_final:
400
401 /* write the remaining words of the wait buffer */
402 if (op->len) {
403 nwait = op->len / 4;
404 if (nwait) {
405 writesl(ss->base + SS_RXFIFO, op->buf, nwait);
406 op->byte_count += 4 * nwait;
407 }
408
409 nbw = op->len - 4 * nwait;
410 if (nbw) {
411 wb = cpu_to_le32(*(u32 *)(op->buf + nwait * 4));
412 wb &= GENMASK((nbw * 8) - 1, 0);
413
414 op->byte_count += nbw;
415 }
416 }
417
418 /* write the remaining bytes of the nbw buffer */
419 wb |= ((1 << 7) << (nbw * 8));
420 bf[j++] = le32_to_cpu(wb);
421
422 /*
423 * number of space to pad to obtain 64o minus 8(size) minus 4 (final 1)
424 * I take the operations from other MD5/SHA1 implementations
425 */
426
427 /* last block size */
428 fill = 64 - (op->byte_count % 64);
429 min_fill = 2 * sizeof(u32) + (nbw ? 0 : sizeof(u32));
430
431 /* if we can't fill all data, jump to the next 64 block */
432 if (fill < min_fill)
433 fill += 64;
434
435 j += (fill - min_fill) / sizeof(u32);
436
437 /* write the length of data */
438 if (op->mode == SS_OP_SHA1) {
439 __be64 *bits = (__be64 *)&bf[j];
440 *bits = cpu_to_be64(op->byte_count << 3);
441 j += 2;
442 } else {
443 __le64 *bits = (__le64 *)&bf[j];
444 *bits = cpu_to_le64(op->byte_count << 3);
445 j += 2;
446 }
447 writesl(ss->base + SS_RXFIFO, bf, j);
448
449 /* Tell the SS to stop the hashing */
450 writel(op->mode | SS_ENABLED | SS_DATA_END, ss->base + SS_CTL);
451
452 /*
453 * Wait for SS to finish the hash.
454 * The timeout could happen only in case of bad overclocking
455 * or driver bug.
456 */
457 i = 0;
458 do {
459 v = readl(ss->base + SS_CTL);
460 i++;
461 } while (i < SS_TIMEOUT && (v & SS_DATA_END));
462 if (unlikely(i >= SS_TIMEOUT)) {
463 dev_err_ratelimited(ss->dev,
464 "ERROR: hash end timeout %d>%d ctl=%x len=%u\n",
465 i, SS_TIMEOUT, v, areq->nbytes);
466 err = -EIO;
467 goto release_ss;
468 }
469
470 /*
471 * The datasheet isn't very clear about when to retrieve the digest. The
472 * bit SS_DATA_END is cleared when the engine has processed the data and
473 * when the digest is computed *but* it doesn't mean the digest is
474 * available in the digest registers. Hence the delay to be sure we can
475 * read it.
476 */
477 ndelay(1);
478
479 /* Get the hash from the device */
480 if (op->mode == SS_OP_SHA1) {
481 for (i = 0; i < 5; i++) {
482 if (ss->variant->sha1_in_be)
> 483 v = cpu_to_le32(readl(ss->base + SS_MD0 + i * 4));
484 else
485 v = cpu_to_be32(readl(ss->base + SS_MD0 + i * 4));
486 memcpy(areq->result + i * 4, &v, 4);
487 }
488 } else {
489 for (i = 0; i < 4; i++) {
490 v = cpu_to_le32(readl(ss->base + SS_MD0 + i * 4));
491 memcpy(areq->result + i * 4, &v, 4);
492 }
493 }
494
495 release_ss:
496 writel(0, ss->base + SS_CTL);
497 spin_unlock_bh(&ss->slock);
498 return err;
499 }
500
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 43366 bytes --]
^ permalink raw reply [flat|nested] 14+ messages in thread
* [PATCH] crypto: sun4i-ss - Fix SHA1 hash on A33-variant with BE CPU
2020-09-06 8:52 drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: sparse: incorrect type in assignment (different base types) kernel test robot
@ 2020-09-07 6:24 ` Herbert Xu
2020-09-07 14:55 ` Corentin Labbe
2020-09-07 16:00 ` Corentin Labbe
0 siblings, 2 replies; 14+ messages in thread
From: Herbert Xu @ 2020-09-07 6:24 UTC (permalink / raw)
To: kernel test robot
Cc: Corentin Labbe, kbuild-all, linux-kernel, Linux Crypto Mailing List
On Sun, Sep 06, 2020 at 04:52:24PM +0800, kernel test robot wrote:
>
> >> drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: sparse: incorrect type in assignment (different base types) @@ expected unsigned int [assigned] [usertype] v @@ got restricted __le32 [usertype] @@
> drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: expected unsigned int [assigned] [usertype] v
> drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: got restricted __le32 [usertype]
> drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:485:35: sparse: sparse: incorrect type in assignment (different base types) @@ expected unsigned int [assigned] [usertype] v @@ got restricted __be32 [usertype] @@
> drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:485:35: sparse: expected unsigned int [assigned] [usertype] v
> drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:485:35: sparse: got restricted __be32 [usertype]
> drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:490:27: sparse: sparse: incorrect type in assignment (different base types) @@ expected unsigned int [addressable] [assigned] [usertype] v @@ got restricted __le32 [usertype] @@
> drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:490:27: sparse: expected unsigned int [addressable] [assigned] [usertype] v
> drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:490:27: sparse: got restricted __le32 [usertype]
This appears to be a genuine bug, on big-endian CPUs at least.
---8<---
When the hash is written out on the A33 variant, it is incorrectly
swabbed on big-endian CPUs, when it should simply be written out as
is because it's already in the right format. This was caught by
sparse warnings.
Instead of using cpu_to_Xe32 followed by a memcpy, this patch
converts the final hash write to use put_unaligned instead. This
simplifies the code and makes the A33 variant handling a lot clearer.
This patch also fixes the incorrect endianness marking on wb,
although this should have no effect in the genereated code.
Fixes: 1e02e6fbdadb ("crypto: sun4i-ss - add the A33 variant of SS")
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
diff --git a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
index dc35edd90034..84f7921de577 100644
--- a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
+++ b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
@@ -9,6 +9,7 @@
* You could find the datasheet in Documentation/arm/sunxi.rst
*/
#include "sun4i-ss.h"
+#include <asm/unaligned.h>
#include <linux/scatterlist.h>
/* This is a totally arbitrary value */
@@ -196,7 +197,7 @@ static int sun4i_hash(struct ahash_request *areq)
struct sg_mapping_iter mi;
int in_r, err = 0;
size_t copied = 0;
- __le32 wb = 0;
+ u32 wb = 0;
dev_dbg(ss->dev, "%s %s bc=%llu len=%u mode=%x wl=%u h0=%0x",
__func__, crypto_tfm_alg_name(areq->base.tfm),
@@ -408,7 +409,7 @@ static int sun4i_hash(struct ahash_request *areq)
nbw = op->len - 4 * nwait;
if (nbw) {
- wb = cpu_to_le32(*(u32 *)(op->buf + nwait * 4));
+ wb = le32_to_cpup((__le32 *)(op->buf + nwait * 4));
wb &= GENMASK((nbw * 8) - 1, 0);
op->byte_count += nbw;
@@ -417,7 +418,7 @@ static int sun4i_hash(struct ahash_request *areq)
/* write the remaining bytes of the nbw buffer */
wb |= ((1 << 7) << (nbw * 8));
- bf[j++] = le32_to_cpu(wb);
+ ((__le32 *)bf)[j++] = cpu_to_le32(wb);
/*
* number of space to pad to obtain 64o minus 8(size) minus 4 (final 1)
@@ -479,16 +480,16 @@ static int sun4i_hash(struct ahash_request *areq)
/* Get the hash from the device */
if (op->mode == SS_OP_SHA1) {
for (i = 0; i < 5; i++) {
+ v = readl(ss->base + SS_MD0 + i * 4);
if (ss->variant->sha1_in_be)
- v = cpu_to_le32(readl(ss->base + SS_MD0 + i * 4));
+ put_unaligned(v, areq->result + i * 4);
else
- v = cpu_to_be32(readl(ss->base + SS_MD0 + i * 4));
- memcpy(areq->result + i * 4, &v, 4);
+ put_unaligned_be32(v, areq->result + i * 4);
}
} else {
for (i = 0; i < 4; i++) {
- v = cpu_to_le32(readl(ss->base + SS_MD0 + i * 4));
- memcpy(areq->result + i * 4, &v, 4);
+ v = readl(ss->base + SS_MD0 + i * 4);
+ put_unaligned_le32(v, areq->result + i * 4);
}
}
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply related [flat|nested] 14+ messages in thread
* Re: [PATCH] crypto: sun4i-ss - Fix SHA1 hash on A33-variant with BE CPU
2020-09-07 6:24 ` [PATCH] crypto: sun4i-ss - Fix SHA1 hash on A33-variant with BE CPU Herbert Xu
@ 2020-09-07 14:55 ` Corentin Labbe
2020-09-07 16:00 ` Corentin Labbe
1 sibling, 0 replies; 14+ messages in thread
From: Corentin Labbe @ 2020-09-07 14:55 UTC (permalink / raw)
To: Herbert Xu
Cc: kernel test robot, kbuild-all, linux-kernel, Linux Crypto Mailing List
On Mon, Sep 07, 2020 at 04:24:00PM +1000, Herbert Xu wrote:
> On Sun, Sep 06, 2020 at 04:52:24PM +0800, kernel test robot wrote:
> >
> > >> drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: sparse: incorrect type in assignment (different base types) @@ expected unsigned int [assigned] [usertype] v @@ got restricted __le32 [usertype] @@
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: expected unsigned int [assigned] [usertype] v
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: got restricted __le32 [usertype]
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:485:35: sparse: sparse: incorrect type in assignment (different base types) @@ expected unsigned int [assigned] [usertype] v @@ got restricted __be32 [usertype] @@
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:485:35: sparse: expected unsigned int [assigned] [usertype] v
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:485:35: sparse: got restricted __be32 [usertype]
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:490:27: sparse: sparse: incorrect type in assignment (different base types) @@ expected unsigned int [addressable] [assigned] [usertype] v @@ got restricted __le32 [usertype] @@
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:490:27: sparse: expected unsigned int [addressable] [assigned] [usertype] v
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:490:27: sparse: got restricted __le32 [usertype]
>
> This appears to be a genuine bug, on big-endian CPUs at least.
>
> ---8<---
> When the hash is written out on the A33 variant, it is incorrectly
> swabbed on big-endian CPUs, when it should simply be written out as
> is because it's already in the right format. This was caught by
> sparse warnings.
>
> Instead of using cpu_to_Xe32 followed by a memcpy, this patch
> converts the final hash write to use put_unaligned instead. This
> simplifies the code and makes the A33 variant handling a lot clearer.
>
> This patch also fixes the incorrect endianness marking on wb,
> although this should have no effect in the genereated code.
>
> Fixes: 1e02e6fbdadb ("crypto: sun4i-ss - add the A33 variant of SS")
> Reported-by: kernel test robot <lkp@intel.com>
> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
>
> diff --git a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
> index dc35edd90034..84f7921de577 100644
> --- a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
> +++ b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
> @@ -9,6 +9,7 @@
> * You could find the datasheet in Documentation/arm/sunxi.rst
> */
> #include "sun4i-ss.h"
> +#include <asm/unaligned.h>
> #include <linux/scatterlist.h>
>
> /* This is a totally arbitrary value */
> @@ -196,7 +197,7 @@ static int sun4i_hash(struct ahash_request *areq)
> struct sg_mapping_iter mi;
> int in_r, err = 0;
> size_t copied = 0;
> - __le32 wb = 0;
> + u32 wb = 0;
>
> dev_dbg(ss->dev, "%s %s bc=%llu len=%u mode=%x wl=%u h0=%0x",
> __func__, crypto_tfm_alg_name(areq->base.tfm),
> @@ -408,7 +409,7 @@ static int sun4i_hash(struct ahash_request *areq)
>
> nbw = op->len - 4 * nwait;
> if (nbw) {
> - wb = cpu_to_le32(*(u32 *)(op->buf + nwait * 4));
> + wb = le32_to_cpup((__le32 *)(op->buf + nwait * 4));
> wb &= GENMASK((nbw * 8) - 1, 0);
>
> op->byte_count += nbw;
> @@ -417,7 +418,7 @@ static int sun4i_hash(struct ahash_request *areq)
>
> /* write the remaining bytes of the nbw buffer */
> wb |= ((1 << 7) << (nbw * 8));
> - bf[j++] = le32_to_cpu(wb);
> + ((__le32 *)bf)[j++] = cpu_to_le32(wb);
>
> /*
> * number of space to pad to obtain 64o minus 8(size) minus 4 (final 1)
> @@ -479,16 +480,16 @@ static int sun4i_hash(struct ahash_request *areq)
> /* Get the hash from the device */
> if (op->mode == SS_OP_SHA1) {
> for (i = 0; i < 5; i++) {
> + v = readl(ss->base + SS_MD0 + i * 4);
> if (ss->variant->sha1_in_be)
> - v = cpu_to_le32(readl(ss->base + SS_MD0 + i * 4));
> + put_unaligned(v, areq->result + i * 4);
> else
> - v = cpu_to_be32(readl(ss->base + SS_MD0 + i * 4));
> - memcpy(areq->result + i * 4, &v, 4);
> + put_unaligned_be32(v, areq->result + i * 4);
> }
> } else {
> for (i = 0; i < 4; i++) {
> - v = cpu_to_le32(readl(ss->base + SS_MD0 + i * 4));
> - memcpy(areq->result + i * 4, &v, 4);
> + v = readl(ss->base + SS_MD0 + i * 4);
> + put_unaligned_le32(v, areq->result + i * 4);
> }
> }
>
modprobe tcrypt on BE+next-20200828 fail with this patch on A33:
alg: ahash: sha1-sun4i-ss test failed (wrong result) on test vector 0, cfg=\"init+update+final aligned buffer\"
I will try to debug it.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH] crypto: sun4i-ss - Fix SHA1 hash on A33-variant with BE CPU
2020-09-07 6:24 ` [PATCH] crypto: sun4i-ss - Fix SHA1 hash on A33-variant with BE CPU Herbert Xu
2020-09-07 14:55 ` Corentin Labbe
@ 2020-09-07 16:00 ` Corentin Labbe
2020-09-08 5:00 ` [v2 PATCH] crypto: sun4i-ss - Fix sparse endianness markers Herbert Xu
1 sibling, 1 reply; 14+ messages in thread
From: Corentin Labbe @ 2020-09-07 16:00 UTC (permalink / raw)
To: Herbert Xu
Cc: kernel test robot, kbuild-all, linux-kernel, Linux Crypto Mailing List
On Mon, Sep 07, 2020 at 04:24:00PM +1000, Herbert Xu wrote:
> On Sun, Sep 06, 2020 at 04:52:24PM +0800, kernel test robot wrote:
> >
> > >> drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: sparse: incorrect type in assignment (different base types) @@ expected unsigned int [assigned] [usertype] v @@ got restricted __le32 [usertype] @@
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: expected unsigned int [assigned] [usertype] v
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: got restricted __le32 [usertype]
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:485:35: sparse: sparse: incorrect type in assignment (different base types) @@ expected unsigned int [assigned] [usertype] v @@ got restricted __be32 [usertype] @@
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:485:35: sparse: expected unsigned int [assigned] [usertype] v
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:485:35: sparse: got restricted __be32 [usertype]
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:490:27: sparse: sparse: incorrect type in assignment (different base types) @@ expected unsigned int [addressable] [assigned] [usertype] v @@ got restricted __le32 [usertype] @@
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:490:27: sparse: expected unsigned int [addressable] [assigned] [usertype] v
> > drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:490:27: sparse: got restricted __le32 [usertype]
>
> This appears to be a genuine bug, on big-endian CPUs at least.
>
> ---8<---
> When the hash is written out on the A33 variant, it is incorrectly
> swabbed on big-endian CPUs, when it should simply be written out as
> is because it's already in the right format. This was caught by
> sparse warnings.
>
> Instead of using cpu_to_Xe32 followed by a memcpy, this patch
> converts the final hash write to use put_unaligned instead. This
> simplifies the code and makes the A33 variant handling a lot clearer.
>
> This patch also fixes the incorrect endianness marking on wb,
> although this should have no effect in the genereated code.
>
> Fixes: 1e02e6fbdadb ("crypto: sun4i-ss - add the A33 variant of SS")
> Reported-by: kernel test robot <lkp@intel.com>
> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
>
> diff --git a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
> index dc35edd90034..84f7921de577 100644
> --- a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
> +++ b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
> @@ -9,6 +9,7 @@
> * You could find the datasheet in Documentation/arm/sunxi.rst
> */
> #include "sun4i-ss.h"
> +#include <asm/unaligned.h>
> #include <linux/scatterlist.h>
>
> /* This is a totally arbitrary value */
> @@ -196,7 +197,7 @@ static int sun4i_hash(struct ahash_request *areq)
> struct sg_mapping_iter mi;
> int in_r, err = 0;
> size_t copied = 0;
> - __le32 wb = 0;
> + u32 wb = 0;
>
> dev_dbg(ss->dev, "%s %s bc=%llu len=%u mode=%x wl=%u h0=%0x",
> __func__, crypto_tfm_alg_name(areq->base.tfm),
> @@ -408,7 +409,7 @@ static int sun4i_hash(struct ahash_request *areq)
>
> nbw = op->len - 4 * nwait;
> if (nbw) {
> - wb = cpu_to_le32(*(u32 *)(op->buf + nwait * 4));
> + wb = le32_to_cpup((__le32 *)(op->buf + nwait * 4));
> wb &= GENMASK((nbw * 8) - 1, 0);
>
> op->byte_count += nbw;
> @@ -417,7 +418,7 @@ static int sun4i_hash(struct ahash_request *areq)
>
> /* write the remaining bytes of the nbw buffer */
> wb |= ((1 << 7) << (nbw * 8));
> - bf[j++] = le32_to_cpu(wb);
> + ((__le32 *)bf)[j++] = cpu_to_le32(wb);
>
> /*
> * number of space to pad to obtain 64o minus 8(size) minus 4 (final 1)
> @@ -479,16 +480,16 @@ static int sun4i_hash(struct ahash_request *areq)
> /* Get the hash from the device */
> if (op->mode == SS_OP_SHA1) {
> for (i = 0; i < 5; i++) {
> + v = readl(ss->base + SS_MD0 + i * 4);
> if (ss->variant->sha1_in_be)
> - v = cpu_to_le32(readl(ss->base + SS_MD0 + i * 4));
> + put_unaligned(v, areq->result + i * 4);
The put_unaligned should be _le32.
This fix the modprobe tcrypt fail.
^ permalink raw reply [flat|nested] 14+ messages in thread
* [v2 PATCH] crypto: sun4i-ss - Fix sparse endianness markers
2020-09-07 16:00 ` Corentin Labbe
@ 2020-09-08 5:00 ` Herbert Xu
2020-09-10 12:22 ` Corentin Labbe
0 siblings, 1 reply; 14+ messages in thread
From: Herbert Xu @ 2020-09-08 5:00 UTC (permalink / raw)
To: Corentin Labbe
Cc: kernel test robot, kbuild-all, linux-kernel, Linux Crypto Mailing List
On Mon, Sep 07, 2020 at 06:00:29PM +0200, Corentin Labbe wrote:
>
> The put_unaligned should be _le32.
>
> This fix the modprobe tcrypt fail.
Thanks. Yes the original code was correct.
---8<---
This patch also fixes the incorrect endianness markings in the
sun4i-ss driver. It should have no effect in the genereated code.
Instead of using cpu_to_Xe32 followed by a memcpy, this patch
converts the final hash write to use put_unaligned_X instead.
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
diff --git a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
index dc35edd90034..1dff48558f53 100644
--- a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
+++ b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
@@ -9,6 +9,7 @@
* You could find the datasheet in Documentation/arm/sunxi.rst
*/
#include "sun4i-ss.h"
+#include <asm/unaligned.h>
#include <linux/scatterlist.h>
/* This is a totally arbitrary value */
@@ -196,7 +197,7 @@ static int sun4i_hash(struct ahash_request *areq)
struct sg_mapping_iter mi;
int in_r, err = 0;
size_t copied = 0;
- __le32 wb = 0;
+ u32 wb = 0;
dev_dbg(ss->dev, "%s %s bc=%llu len=%u mode=%x wl=%u h0=%0x",
__func__, crypto_tfm_alg_name(areq->base.tfm),
@@ -408,7 +409,7 @@ static int sun4i_hash(struct ahash_request *areq)
nbw = op->len - 4 * nwait;
if (nbw) {
- wb = cpu_to_le32(*(u32 *)(op->buf + nwait * 4));
+ wb = le32_to_cpup((__le32 *)(op->buf + nwait * 4));
wb &= GENMASK((nbw * 8) - 1, 0);
op->byte_count += nbw;
@@ -417,7 +418,7 @@ static int sun4i_hash(struct ahash_request *areq)
/* write the remaining bytes of the nbw buffer */
wb |= ((1 << 7) << (nbw * 8));
- bf[j++] = le32_to_cpu(wb);
+ ((__le32 *)bf)[j++] = cpu_to_le32(wb);
/*
* number of space to pad to obtain 64o minus 8(size) minus 4 (final 1)
@@ -479,16 +480,16 @@ static int sun4i_hash(struct ahash_request *areq)
/* Get the hash from the device */
if (op->mode == SS_OP_SHA1) {
for (i = 0; i < 5; i++) {
+ v = readl(ss->base + SS_MD0 + i * 4);
if (ss->variant->sha1_in_be)
- v = cpu_to_le32(readl(ss->base + SS_MD0 + i * 4));
+ put_unaligned_le32(v, areq->result + i * 4);
else
- v = cpu_to_be32(readl(ss->base + SS_MD0 + i * 4));
- memcpy(areq->result + i * 4, &v, 4);
+ put_unaligned_be32(v, areq->result + i * 4);
}
} else {
for (i = 0; i < 4; i++) {
- v = cpu_to_le32(readl(ss->base + SS_MD0 + i * 4));
- memcpy(areq->result + i * 4, &v, 4);
+ v = readl(ss->base + SS_MD0 + i * 4);
+ put_unaligned_le32(v, areq->result + i * 4);
}
}
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply related [flat|nested] 14+ messages in thread
* Re: [v2 PATCH] crypto: sun4i-ss - Fix sparse endianness markers
2020-09-08 5:00 ` [v2 PATCH] crypto: sun4i-ss - Fix sparse endianness markers Herbert Xu
@ 2020-09-10 12:22 ` Corentin Labbe
2020-09-11 4:13 ` Herbert Xu
0 siblings, 1 reply; 14+ messages in thread
From: Corentin Labbe @ 2020-09-10 12:22 UTC (permalink / raw)
To: Herbert Xu
Cc: kernel test robot, kbuild-all, linux-kernel, Linux Crypto Mailing List
On Tue, Sep 08, 2020 at 03:00:36PM +1000, Herbert Xu wrote:
> On Mon, Sep 07, 2020 at 06:00:29PM +0200, Corentin Labbe wrote:
> >
> > The put_unaligned should be _le32.
> >
> > This fix the modprobe tcrypt fail.
>
> Thanks. Yes the original code was correct.
>
> ---8<---
> This patch also fixes the incorrect endianness markings in the
> sun4i-ss driver. It should have no effect in the genereated code.
>
> Instead of using cpu_to_Xe32 followed by a memcpy, this patch
> converts the final hash write to use put_unaligned_X instead.
>
> Reported-by: kernel test robot <lkp@intel.com>
> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
>
> diff --git a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
> index dc35edd90034..1dff48558f53 100644
> --- a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
> +++ b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c
> @@ -9,6 +9,7 @@
> * You could find the datasheet in Documentation/arm/sunxi.rst
> */
> #include "sun4i-ss.h"
> +#include <asm/unaligned.h>
> #include <linux/scatterlist.h>
>
> /* This is a totally arbitrary value */
> @@ -196,7 +197,7 @@ static int sun4i_hash(struct ahash_request *areq)
> struct sg_mapping_iter mi;
> int in_r, err = 0;
> size_t copied = 0;
> - __le32 wb = 0;
> + u32 wb = 0;
>
> dev_dbg(ss->dev, "%s %s bc=%llu len=%u mode=%x wl=%u h0=%0x",
> __func__, crypto_tfm_alg_name(areq->base.tfm),
> @@ -408,7 +409,7 @@ static int sun4i_hash(struct ahash_request *areq)
>
> nbw = op->len - 4 * nwait;
> if (nbw) {
> - wb = cpu_to_le32(*(u32 *)(op->buf + nwait * 4));
> + wb = le32_to_cpup((__le32 *)(op->buf + nwait * 4));
> wb &= GENMASK((nbw * 8) - 1, 0);
>
> op->byte_count += nbw;
> @@ -417,7 +418,7 @@ static int sun4i_hash(struct ahash_request *areq)
>
> /* write the remaining bytes of the nbw buffer */
> wb |= ((1 << 7) << (nbw * 8));
> - bf[j++] = le32_to_cpu(wb);
> + ((__le32 *)bf)[j++] = cpu_to_le32(wb);
>
> /*
> * number of space to pad to obtain 64o minus 8(size) minus 4 (final 1)
> @@ -479,16 +480,16 @@ static int sun4i_hash(struct ahash_request *areq)
> /* Get the hash from the device */
> if (op->mode == SS_OP_SHA1) {
> for (i = 0; i < 5; i++) {
> + v = readl(ss->base + SS_MD0 + i * 4);
> if (ss->variant->sha1_in_be)
> - v = cpu_to_le32(readl(ss->base + SS_MD0 + i * 4));
> + put_unaligned_le32(v, areq->result + i * 4);
> else
> - v = cpu_to_be32(readl(ss->base + SS_MD0 + i * 4));
> - memcpy(areq->result + i * 4, &v, 4);
> + put_unaligned_be32(v, areq->result + i * 4);
> }
> } else {
> for (i = 0; i < 4; i++) {
> - v = cpu_to_le32(readl(ss->base + SS_MD0 + i * 4));
> - memcpy(areq->result + i * 4, &v, 4);
> + v = readl(ss->base + SS_MD0 + i * 4);
> + put_unaligned_le32(v, areq->result + i * 4);
> }
> }
>
I get some md5 error on both A20+BE:
alg: ahash: md5 test failed (wrong result) on test vector \"random: psize=129 ksize=0\", cfg=\"random: inplace use_finup nosimd src_divs=[<reimport,nosimd>85.99%@+3999, 5.85%@+30, <reimport>0.96%@+25, <reimport,nosimd>5.9%@+2263, <flush,nosimd>2.11%@+1950] iv_offset=2 key_offset=43\"
and A33+BE:
[ 84.469045] alg: ahash: md5 test failed (wrong result) on test vector \"random: psize=322 ksize=0\", cfg=\"random: inplace may_sleep use_finup src_divs=[<reimport>99.1%@+2668, <reimport>0.88%@alignmask+3630, 0.11%@+3403] iv_offset=33\"
+[ 84.469074] need:35966fc8 b31ea266 2bf064e9 f20f40ad
+[ 84.469084] have:e29e4491 f3b6effc fa366691 00e04bd9
Thoses errors are random. (1 boot out of 2)
The ahash-md5-sun4i-ss is set as "selftest: passed" and I didnt see any failling/absent test in /proc/crypto
So what is this md5 which fail ?
I am still investigating and will try on more platform.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [v2 PATCH] crypto: sun4i-ss - Fix sparse endianness markers
2020-09-10 12:22 ` Corentin Labbe
@ 2020-09-11 4:13 ` Herbert Xu
2020-09-14 7:45 ` Corentin Labbe
2020-09-14 10:40 ` Corentin Labbe
0 siblings, 2 replies; 14+ messages in thread
From: Herbert Xu @ 2020-09-11 4:13 UTC (permalink / raw)
To: Corentin Labbe
Cc: kernel test robot, kbuild-all, linux-kernel, Linux Crypto Mailing List
On Thu, Sep 10, 2020 at 02:22:48PM +0200, Corentin Labbe wrote:
>
> I get some md5 error on both A20+BE:
> alg: ahash: md5 test failed (wrong result) on test vector \"random: psize=129 ksize=0\", cfg=\"random: inplace use_finup nosimd src_divs=[<reimport,nosimd>85.99%@+3999, 5.85%@+30, <reimport>0.96%@+25, <reimport,nosimd>5.9%@+2263, <flush,nosimd>2.11%@+1950] iv_offset=2 key_offset=43\"
> and A33+BE:
> [ 84.469045] alg: ahash: md5 test failed (wrong result) on test vector \"random: psize=322 ksize=0\", cfg=\"random: inplace may_sleep use_finup src_divs=[<reimport>99.1%@+2668, <reimport>0.88%@alignmask+3630, 0.11%@+3403] iv_offset=33\"
> +[ 84.469074] need:35966fc8 b31ea266 2bf064e9 f20f40ad
> +[ 84.469084] have:e29e4491 f3b6effc fa366691 00e04bd9
>
> Thoses errors are random. (1 boot out of 2)
Do these really go away without this patch applied? AFAICS the
generated code should be identical.
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [v2 PATCH] crypto: sun4i-ss - Fix sparse endianness markers
2020-09-11 4:13 ` Herbert Xu
@ 2020-09-14 7:45 ` Corentin Labbe
2020-09-14 10:40 ` Corentin Labbe
1 sibling, 0 replies; 14+ messages in thread
From: Corentin Labbe @ 2020-09-14 7:45 UTC (permalink / raw)
To: Herbert Xu
Cc: kernel test robot, kbuild-all, linux-kernel, Linux Crypto Mailing List
On Fri, Sep 11, 2020 at 02:13:55PM +1000, Herbert Xu wrote:
> On Thu, Sep 10, 2020 at 02:22:48PM +0200, Corentin Labbe wrote:
> >
> > I get some md5 error on both A20+BE:
> > alg: ahash: md5 test failed (wrong result) on test vector \"random: psize=129 ksize=0\", cfg=\"random: inplace use_finup nosimd src_divs=[<reimport,nosimd>85.99%@+3999, 5.85%@+30, <reimport>0.96%@+25, <reimport,nosimd>5.9%@+2263, <flush,nosimd>2.11%@+1950] iv_offset=2 key_offset=43\"
> > and A33+BE:
> > [ 84.469045] alg: ahash: md5 test failed (wrong result) on test vector \"random: psize=322 ksize=0\", cfg=\"random: inplace may_sleep use_finup src_divs=[<reimport>99.1%@+2668, <reimport>0.88%@alignmask+3630, 0.11%@+3403] iv_offset=33\"
> > +[ 84.469074] need:35966fc8 b31ea266 2bf064e9 f20f40ad
> > +[ 84.469084] have:e29e4491 f3b6effc fa366691 00e04bd9
> >
> > Thoses errors are random. (1 boot out of 2)
>
> Do these really go away without this patch applied? AFAICS the
> generated code should be identical.
>
It happens without your patch, so your patch is unrelated to this issue.
You can add:
Tested-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Acked-by: Corentin Labbe <clabbe.montjoie@gmail.com>
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [v2 PATCH] crypto: sun4i-ss - Fix sparse endianness markers
2020-09-11 4:13 ` Herbert Xu
2020-09-14 7:45 ` Corentin Labbe
@ 2020-09-14 10:40 ` Corentin Labbe
2020-09-24 3:08 ` Herbert Xu
1 sibling, 1 reply; 14+ messages in thread
From: Corentin Labbe @ 2020-09-14 10:40 UTC (permalink / raw)
To: Herbert Xu
Cc: kernel test robot, kbuild-all, linux-kernel, Linux Crypto Mailing List
On Fri, Sep 11, 2020 at 02:13:55PM +1000, Herbert Xu wrote:
> On Thu, Sep 10, 2020 at 02:22:48PM +0200, Corentin Labbe wrote:
> >
> > I get some md5 error on both A20+BE:
> > alg: ahash: md5 test failed (wrong result) on test vector \"random: psize=129 ksize=0\", cfg=\"random: inplace use_finup nosimd src_divs=[<reimport,nosimd>85.99%@+3999, 5.85%@+30, <reimport>0.96%@+25, <reimport,nosimd>5.9%@+2263, <flush,nosimd>2.11%@+1950] iv_offset=2 key_offset=43\"
> > and A33+BE:
> > [ 84.469045] alg: ahash: md5 test failed (wrong result) on test vector \"random: psize=322 ksize=0\", cfg=\"random: inplace may_sleep use_finup src_divs=[<reimport>99.1%@+2668, <reimport>0.88%@alignmask+3630, 0.11%@+3403] iv_offset=33\"
> > +[ 84.469074] need:35966fc8 b31ea266 2bf064e9 f20f40ad
> > +[ 84.469084] have:e29e4491 f3b6effc fa366691 00e04bd9
> >
> > Thoses errors are random. (1 boot out of 2)
>
> Do these really go away without this patch applied? AFAICS the
> generated code should be identical.
>
I got this on next-20200910/multi_v7_defconfig BigEndian
[ 12.137856] alg: hash: skipping comparison tests for md5-sun4i-ss because md5-generic is unavailable
md5-sun4i-ss md5 reqs=763
[ 98.286632] alg: ahash: md5 test failed (wrong result) on test vector \"random: psize=65 ksize=0\", cfg=\"random: use_finup src_divs=[95.28%@+1052, <reimport>0.61%@+4046, 0.87%@+24, <reimport,nosimd>3.24%@+542] key_offset=54\"
So sun4i-ss is not involved.
Strangely /proc/crypto show:
name : md5
driver : md5-generic
module : md5
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 16
and I didnt see anything failed/unknow in /proc/crypto
Why the failed algorithm is not visible ?
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [v2 PATCH] crypto: sun4i-ss - Fix sparse endianness markers
2020-09-14 10:40 ` Corentin Labbe
@ 2020-09-24 3:08 ` Herbert Xu
2020-09-24 13:27 ` Corentin Labbe
0 siblings, 1 reply; 14+ messages in thread
From: Herbert Xu @ 2020-09-24 3:08 UTC (permalink / raw)
To: Corentin Labbe
Cc: kernel test robot, kbuild-all, linux-kernel,
Linux Crypto Mailing List, Eric Biggers
On Mon, Sep 14, 2020 at 12:40:58PM +0200, Corentin Labbe wrote:
>
> I got this on next-20200910/multi_v7_defconfig BigEndian
> [ 12.137856] alg: hash: skipping comparison tests for md5-sun4i-ss because md5-generic is unavailable
> md5-sun4i-ss md5 reqs=763
> [ 98.286632] alg: ahash: md5 test failed (wrong result) on test vector \"random: psize=65 ksize=0\", cfg=\"random: use_finup src_divs=[95.28%@+1052, <reimport>0.61%@+4046, 0.87%@+24, <reimport,nosimd>3.24%@+542] key_offset=54\"
>
> So sun4i-ss is not involved.
> Strangely /proc/crypto show:
> name : md5
> driver : md5-generic
> module : md5
> priority : 0
> refcnt : 1
> selftest : passed
> internal : no
> type : shash
> blocksize : 64
> digestsize : 16
>
> and I didnt see anything failed/unknow in /proc/crypto
>
> Why the failed algorithm is not visible ?
Please include the complete /proc/crypto after you get the error.
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [v2 PATCH] crypto: sun4i-ss - Fix sparse endianness markers
2020-09-24 3:08 ` Herbert Xu
@ 2020-09-24 13:27 ` Corentin Labbe
2020-10-08 5:52 ` Herbert Xu
0 siblings, 1 reply; 14+ messages in thread
From: Corentin Labbe @ 2020-09-24 13:27 UTC (permalink / raw)
To: Herbert Xu
Cc: kernel test robot, kbuild-all, linux-kernel,
Linux Crypto Mailing List, Eric Biggers
On Thu, Sep 24, 2020 at 01:08:59PM +1000, Herbert Xu wrote:
> On Mon, Sep 14, 2020 at 12:40:58PM +0200, Corentin Labbe wrote:
> >
> > I got this on next-20200910/multi_v7_defconfig BigEndian
> > [ 12.137856] alg: hash: skipping comparison tests for md5-sun4i-ss because md5-generic is unavailable
> > md5-sun4i-ss md5 reqs=763
> > [ 98.286632] alg: ahash: md5 test failed (wrong result) on test vector \"random: psize=65 ksize=0\", cfg=\"random: use_finup src_divs=[95.28%@+1052, <reimport>0.61%@+4046, 0.87%@+24, <reimport,nosimd>3.24%@+542] key_offset=54\"
> >
> > So sun4i-ss is not involved.
> > Strangely /proc/crypto show:
> > name : md5
> > driver : md5-generic
> > module : md5
> > priority : 0
> > refcnt : 1
> > selftest : passed
> > internal : no
> > type : shash
> > blocksize : 64
> > digestsize : 16
> >
> > and I didnt see anything failed/unknow in /proc/crypto
> >
> > Why the failed algorithm is not visible ?
>
> Please include the complete /proc/crypto after you get the error.
>
Hello
This is an example on next-20200923+BigEndian
alg: ahash: sha1 test failed (wrong result) on test vector \"random: psize=194 ksize=0\", cfg=\"random: inplace may_sleep use_finup src_divs=[98.25%@+1124, <flush>1.75%@+5] iv_offset=18\"
=== DUMP /proc/crypto ===
name : ctr(sm4)
driver : ctr(sm4-generic)
module : ctr
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 16
max keysize : 16
ivsize : 16
chunksize : 16
walksize : 16
name : cbc(sm4)
driver : cbc(sm4-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 16
ivsize : 16
chunksize : 16
walksize : 16
name : ecb(sm4)
driver : ecb(sm4-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 16
ivsize : 0
chunksize : 16
walksize : 16
name : sm4
driver : sm4-generic
module : sm4_generic
priority : 100
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 16
min keysize : 16
max keysize : 16
name : authenc(hmac(sha512),cbc(des3_ede))
driver : authenc(hmac(sha512-generic),cbc(des3_ede-generic))
module : authenc
priority : 1100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 64
geniv : <none>
name : authenc(hmac(sha512),cbc(des3_ede))
driver : authenc(hmac(sha512-generic),cbc-des3-sun4i-ss)
module : authenc
priority : 3100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 64
geniv : <none>
name : authenc(hmac(sha512),cbc(des))
driver : authenc(hmac(sha512-generic),cbc(des-generic))
module : authenc
priority : 1100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 64
geniv : <none>
name : authenc(hmac(sha512),cbc(des))
driver : authenc(hmac(sha512-generic),cbc-des-sun4i-ss)
module : authenc
priority : 3100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 64
geniv : <none>
name : authenc(hmac(sha384),cbc(des3_ede))
driver : authenc(hmac(sha384-generic),cbc(des3_ede-generic))
module : authenc
priority : 1100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 48
geniv : <none>
name : authenc(hmac(sha384),cbc(des3_ede))
driver : authenc(hmac(sha384-generic),cbc-des3-sun4i-ss)
module : authenc
priority : 3100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 48
geniv : <none>
name : authenc(hmac(sha384),cbc(des))
driver : authenc(hmac(sha384-generic),cbc(des-generic))
module : authenc
priority : 1100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 48
geniv : <none>
name : authenc(hmac(sha384),cbc(des))
driver : authenc(hmac(sha384-generic),cbc-des-sun4i-ss)
module : authenc
priority : 3100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 48
geniv : <none>
name : authenc(hmac(sha256),cbc(des3_ede))
driver : authenc(hmac(sha256-generic),cbc(des3_ede-generic))
module : authenc
priority : 1100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 32
geniv : <none>
name : authenc(hmac(sha256),cbc(des3_ede))
driver : authenc(hmac(sha256-generic),cbc-des3-sun4i-ss)
module : authenc
priority : 3100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 32
geniv : <none>
name : authenc(hmac(sha256),cbc(des))
driver : authenc(hmac(sha256-generic),cbc(des-generic))
module : authenc
priority : 1100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 32
geniv : <none>
name : authenc(hmac(sha256),cbc(des))
driver : authenc(hmac(sha256-generic),cbc-des-sun4i-ss)
module : authenc
priority : 3100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 32
geniv : <none>
name : authenc(hmac(sha224),cbc(des3_ede))
driver : authenc(hmac(sha224-generic),cbc(des3_ede-generic))
module : authenc
priority : 1100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 28
geniv : <none>
name : authenc(hmac(sha224),cbc(des3_ede))
driver : authenc(hmac(sha224-generic),cbc-des3-sun4i-ss)
module : authenc
priority : 3100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 28
geniv : <none>
name : authenc(hmac(sha224),cbc(des))
driver : authenc(hmac(sha224-generic),cbc(des-generic))
module : authenc
priority : 1100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 28
geniv : <none>
name : authenc(hmac(sha224),cbc(des))
driver : authenc(hmac(sha224-generic),cbc-des-sun4i-ss)
module : authenc
priority : 3100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 28
geniv : <none>
name : authenc(hmac(sha1),cbc(des3_ede))
driver : authenc(hmac(sha1-generic),cbc(des3_ede-generic))
module : authenc
priority : 1100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 20
geniv : <none>
name : authenc(hmac(sha1),cbc(des3_ede))
driver : authenc(hmac(sha1-generic),cbc-des3-sun4i-ss)
module : authenc
priority : 3100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 20
geniv : <none>
name : authenc(hmac(sha1),cbc(des))
driver : authenc(hmac(sha1-generic),cbc(des-generic))
module : authenc
priority : 1100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 20
geniv : <none>
name : authenc(hmac(sha1),cbc(des))
driver : authenc(hmac(sha1-generic),cbc-des-sun4i-ss)
module : authenc
priority : 3100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 8
ivsize : 8
maxauthsize : 20
geniv : <none>
name : authenc(hmac(sha1),ecb(cipher_null))
driver : authenc(hmac(sha1-generic),ecb(cipher_null-generic))
module : authenc
priority : 100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 1
ivsize : 0
maxauthsize : 20
geniv : <none>
name : authenc(hmac(sha1),ecb(cipher_null))
driver : authenc(hmac(sha1-generic),ecb-cipher_null)
module : authenc
priority : 1100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 1
ivsize : 0
maxauthsize : 20
geniv : <none>
name : authenc(hmac(md5),ecb(cipher_null))
driver : authenc(hmac(md5-generic),ecb(cipher_null-generic))
module : authenc
priority : 0
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 1
ivsize : 0
maxauthsize : 16
geniv : <none>
name : ecb(cipher_null)
driver : ecb(cipher_null-generic)
module : kernel
priority : 0
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 0
max keysize : 0
ivsize : 0
chunksize : 1
walksize : 1
name : authenc(hmac(md5),ecb(cipher_null))
driver : authenc(hmac(md5-generic),ecb-cipher_null)
module : authenc
priority : 1000
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 1
ivsize : 0
maxauthsize : 16
geniv : <none>
name : authenc(hmac(sha1),cbc(aes))
driver : authenc(hmac(sha1-generic),cbc(aes-generic))
module : authenc
priority : 1100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 16
ivsize : 16
maxauthsize : 20
geniv : <none>
name : authenc(hmac(sha1),cbc(aes))
driver : authenc(hmac(sha1-generic),cbc-aes-sun4i-ss)
module : authenc
priority : 3100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 16
ivsize : 16
maxauthsize : 20
geniv : <none>
name : cmac(des3_ede)
driver : cmac(des3_ede-generic)
module : cmac
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 8
digestsize : 8
name : cmac(aes)
driver : cmac(aes-generic)
module : cmac
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 16
digestsize : 16
name : rfc4543(gcm(aes))
driver : rfc4543(gcm_base(ctr(aes-generic),ghash-generic))
module : gcm
priority : 100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 1
ivsize : 8
maxauthsize : 16
geniv : <none>
name : rfc4106(gcm(aes))
driver : rfc4106(gcm_base(ctr(aes-generic),ghash-generic))
module : gcm
priority : 100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 1
ivsize : 8
maxauthsize : 16
geniv : <none>
name : hmac(streebog512)
driver : hmac(streebog512-generic)
module : hmac
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 64
name : hmac(streebog256)
driver : hmac(streebog256-generic)
module : hmac
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 32
name : hmac(sha3-512)
driver : hmac(sha3-512-generic)
module : hmac
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 72
digestsize : 64
name : hmac(sha3-384)
driver : hmac(sha3-384-generic)
module : hmac
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 104
digestsize : 48
name : hmac(sha3-256)
driver : hmac(sha3-256-generic)
module : hmac
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 136
digestsize : 32
name : hmac(sha3-224)
driver : hmac(sha3-224-generic)
module : hmac
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 144
digestsize : 28
name : vmac64(aes)
driver : vmac64(aes-generic)
module : vmac
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 16
digestsize : 8
name : hmac(rmd160)
driver : hmac(rmd160-generic)
module : hmac
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 20
name : hmac(rmd128)
driver : hmac(rmd128-generic)
module : hmac
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 16
name : xcbc(aes)
driver : xcbc(aes-generic)
module : xcbc
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 16
digestsize : 16
name : hmac(sha224)
driver : hmac(sha224-generic)
module : hmac
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 28
name : hmac(sha512)
driver : hmac(sha512-generic)
module : hmac
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 128
digestsize : 64
name : hmac(sha384)
driver : hmac(sha384-generic)
module : hmac
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 128
digestsize : 48
name : hmac(sha256)
driver : hmac(sha256-generic)
module : hmac
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 32
name : hmac(sha1)
driver : hmac(sha1-generic)
module : hmac
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 20
name : hmac(md5)
driver : hmac(md5-generic)
module : hmac
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 16
name : streebog512
driver : streebog512-generic
module : streebog_generic
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 64
name : streebog256
driver : streebog256-generic
module : streebog_generic
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 32
name : sm3
driver : sm3-generic
module : sm3_generic
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 32
name : sha3-512
driver : sha3-512-generic
module : sha3_generic
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 72
digestsize : 64
name : sha3-384
driver : sha3-384-generic
module : sha3_generic
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 104
digestsize : 48
name : sha3-256
driver : sha3-256-generic
module : sha3_generic
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 136
digestsize : 32
name : sha3-224
driver : sha3-224-generic
module : sha3_generic
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 144
digestsize : 28
name : crct10dif
driver : crct10dif-generic
module : crct10dif_generic
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 1
digestsize : 2
name : rfc4309(ccm(aes))
driver : rfc4309(ccm_base(ctr(aes-generic),cbcmac(aes-generic)))
module : ccm
priority : 100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 1
ivsize : 8
maxauthsize : 16
geniv : <none>
name : ecb(seed)
driver : ecb(seed-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 16
ivsize : 0
chunksize : 16
walksize : 16
name : seed
driver : seed-generic
module : seed
priority : 100
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 16
min keysize : 16
max keysize : 16
name : rmd320
driver : rmd320-generic
module : rmd320
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 40
name : rmd256
driver : rmd256-generic
module : rmd256
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 32
name : rmd160
driver : rmd160-generic
module : rmd160
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 20
name : rmd128
driver : rmd128-generic
module : rmd128
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 16
name : cts(cbc(aes))
driver : cts(cbc(aes-generic))
module : cts
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : cts(cbc(aes))
driver : cts(cbc-aes-sun4i-ss)
module : cts
priority : 300
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : ccm(aes)
driver : ccm_base(ctr(aes-generic),cbcmac(aes-generic))
module : ccm
priority : 100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 1
ivsize : 16
maxauthsize : 16
geniv : <none>
name : cbcmac(aes)
driver : cbcmac(aes-generic)
module : ccm
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 1
digestsize : 16
name : lzo
driver : lzo-scomp
module : lzo
priority : 0
refcnt : 1
selftest : passed
internal : no
type : scomp
name : lzo
driver : lzo-generic
module : lzo
priority : 0
refcnt : 1
selftest : passed
internal : no
type : compression
name : gcm(aes)
driver : gcm_base(ctr(aes-generic),ghash-generic)
module : gcm
priority : 100
refcnt : 1
selftest : passed
internal : no
type : aead
async : no
blocksize : 1
ivsize : 12
maxauthsize : 16
geniv : <none>
name : ghash
driver : ghash-generic
module : ghash_generic
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 16
digestsize : 16
name : salsa20
driver : salsa20-generic
module : salsa20_generic
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 16
max keysize : 32
ivsize : 8
chunksize : 64
walksize : 64
name : xts(camellia)
driver : xts(ecb(camellia-generic))
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 32
max keysize : 64
ivsize : 16
chunksize : 16
walksize : 16
name : lrw(camellia)
driver : lrw(ecb(camellia-generic))
module : lrw
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 32
max keysize : 48
ivsize : 16
chunksize : 16
walksize : 16
name : ctr(camellia)
driver : ctr(camellia-generic)
module : ctr
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 16
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : cbc(camellia)
driver : cbc(camellia-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : ecb(camellia)
driver : ecb(camellia-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 0
chunksize : 16
walksize : 16
name : camellia
driver : camellia-generic
module : camellia_generic
priority : 100
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 16
min keysize : 16
max keysize : 32
name : pcbc(fcrypt)
driver : pcbc(fcrypt-generic)
module : pcbc
priority : 0
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 8
max keysize : 8
ivsize : 8
chunksize : 8
walksize : 8
name : fcrypt
driver : fcrypt-generic
module : fcrypt
priority : 0
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 8
min keysize : 8
max keysize : 8
name : ecb(xeta)
driver : ecb(xeta-generic)
module : kernel
priority : 0
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 16
max keysize : 16
ivsize : 0
chunksize : 8
walksize : 8
name : tgr128
driver : tgr128-generic
module : tgr192
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 16
name : tgr160
driver : tgr160-generic
module : tgr192
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 20
name : tgr192
driver : tgr192-generic
module : tgr192
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 24
name : cbc(anubis)
driver : cbc(anubis-generic)
module : kernel
priority : 0
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 40
ivsize : 16
chunksize : 16
walksize : 16
name : ecb(anubis)
driver : ecb(anubis-generic)
module : kernel
priority : 0
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 40
ivsize : 0
chunksize : 16
walksize : 16
name : anubis
driver : anubis-generic
module : anubis
priority : 0
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 16
min keysize : 16
max keysize : 40
name : ecb(tnepres)
driver : ecb(tnepres-generic)
module : kernel
priority : 0
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 0
max keysize : 32
ivsize : 0
chunksize : 16
walksize : 16
name : wp256
driver : wp256-generic
module : wp512
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 32
name : wp384
driver : wp384-generic
module : wp512
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 48
name : wp512
driver : wp512-generic
module : wp512
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 64
name : ecb(khazad)
driver : ecb(khazad-generic)
module : kernel
priority : 0
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 16
max keysize : 16
ivsize : 0
chunksize : 8
walksize : 8
name : khazad
driver : khazad-generic
module : khazad
priority : 0
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 8
min keysize : 16
max keysize : 16
name : ecb(xtea)
driver : ecb(xtea-generic)
module : kernel
priority : 0
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 16
max keysize : 16
ivsize : 0
chunksize : 8
walksize : 8
name : ecb(tea)
driver : ecb(tea-generic)
module : kernel
priority : 0
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 16
max keysize : 16
ivsize : 0
chunksize : 8
walksize : 8
name : xeta
driver : xeta-generic
module : tea
priority : 0
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 8
min keysize : 16
max keysize : 16
name : xtea
driver : xtea-generic
module : tea
priority : 0
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 8
min keysize : 16
max keysize : 16
name : tea
driver : tea-generic
module : tea
priority : 0
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 8
min keysize : 16
max keysize : 16
name : michael_mic
driver : michael_mic-generic
module : michael_mic
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 8
digestsize : 8
name : ecb(arc4)
driver : ecb(arc4)-generic
module : arc4
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 1
max keysize : 256
ivsize : 0
chunksize : 1
walksize : 1
name : xts(cast6)
driver : xts(ecb(cast6-generic))
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 32
max keysize : 64
ivsize : 16
chunksize : 16
walksize : 16
name : lrw(cast6)
driver : lrw(ecb(cast6-generic))
module : lrw
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 32
max keysize : 48
ivsize : 16
chunksize : 16
walksize : 16
name : ctr(cast6)
driver : ctr(cast6-generic)
module : ctr
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 16
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : cbc(cast6)
driver : cbc(cast6-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : ecb(cast6)
driver : ecb(cast6-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 0
chunksize : 16
walksize : 16
name : cast6
driver : cast6-generic
module : cast6_generic
priority : 100
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 16
min keysize : 16
max keysize : 32
name : ctr(cast5)
driver : ctr(cast5-generic)
module : ctr
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 5
max keysize : 16
ivsize : 8
chunksize : 8
walksize : 8
name : cbc(cast5)
driver : cbc(cast5-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 5
max keysize : 16
ivsize : 8
chunksize : 8
walksize : 8
name : ecb(cast5)
driver : ecb(cast5-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 5
max keysize : 16
ivsize : 0
chunksize : 8
walksize : 8
name : cast5
driver : cast5-generic
module : cast5_generic
priority : 100
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 8
min keysize : 5
max keysize : 16
name : zlib-deflate
driver : zlib-deflate-scomp
module : deflate
priority : 0
refcnt : 1
selftest : passed
internal : no
type : scomp
name : deflate
driver : deflate-scomp
module : deflate
priority : 0
refcnt : 1
selftest : passed
internal : no
type : scomp
name : deflate
driver : deflate-generic
module : deflate
priority : 0
refcnt : 1
selftest : passed
internal : no
type : compression
name : sha384
driver : sha384-generic
module : sha512_generic
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 128
digestsize : 48
name : sha512
driver : sha512-generic
module : sha512_generic
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 128
digestsize : 64
name : cfb(aes)
driver : cfb(aes-generic)
module : cfb
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 16
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : ofb(aes)
driver : ofb(aes-generic)
module : ofb
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 16
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : rfc3686(ctr(aes))
driver : rfc3686(ctr(aes-generic))
module : ctr
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 20
max keysize : 36
ivsize : 8
chunksize : 16
walksize : 16
name : ctr(aes)
driver : ctr(aes-generic)
module : ctr
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 16
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : xts(aes)
driver : xts(ecb(aes-generic))
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 32
max keysize : 64
ivsize : 16
chunksize : 16
walksize : 16
name : xts(aes)
driver : xts(ecb-aes-sun4i-ss)
module : kernel
priority : 300
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 32
max keysize : 64
ivsize : 16
chunksize : 16
walksize : 16
name : lrw(aes)
driver : lrw(ecb(aes-generic))
module : lrw
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 32
max keysize : 48
ivsize : 16
chunksize : 16
walksize : 16
name : lrw(aes)
driver : lrw(ecb-aes-sun4i-ss)
module : lrw
priority : 300
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 32
max keysize : 48
ivsize : 16
chunksize : 16
walksize : 16
name : xts(serpent)
driver : xts(ecb(serpent-generic))
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 0
max keysize : 64
ivsize : 16
chunksize : 16
walksize : 16
name : lrw(serpent)
driver : lrw(ecb(serpent-generic))
module : lrw
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 48
ivsize : 16
chunksize : 16
walksize : 16
name : ctr(serpent)
driver : ctr(serpent-generic)
module : ctr
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 0
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : cbc(serpent)
driver : cbc(serpent-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 0
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : ecb(serpent)
driver : ecb(serpent-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 0
max keysize : 32
ivsize : 0
chunksize : 16
walksize : 16
name : tnepres
driver : tnepres-generic
module : serpent_generic
priority : 0
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 16
min keysize : 0
max keysize : 32
name : serpent
driver : serpent-generic
module : serpent_generic
priority : 100
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 16
min keysize : 0
max keysize : 32
name : xts(twofish)
driver : xts(ecb(twofish-generic))
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 32
max keysize : 64
ivsize : 16
chunksize : 16
walksize : 16
name : lrw(twofish)
driver : lrw(ecb(twofish-generic))
module : lrw
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 32
max keysize : 48
ivsize : 16
chunksize : 16
walksize : 16
name : ctr(twofish)
driver : ctr(twofish-generic)
module : ctr
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 16
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : cbc(twofish)
driver : cbc(twofish-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : ecb(twofish)
driver : ecb(twofish-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 0
chunksize : 16
walksize : 16
name : twofish
driver : twofish-generic
module : twofish_generic
priority : 100
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 16
min keysize : 16
max keysize : 32
name : ctr(blowfish)
driver : ctr(blowfish-generic)
module : ctr
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 4
max keysize : 56
ivsize : 8
chunksize : 8
walksize : 8
name : cbc(blowfish)
driver : cbc(blowfish-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 4
max keysize : 56
ivsize : 8
chunksize : 8
walksize : 8
name : ecb(blowfish)
driver : ecb(blowfish-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 4
max keysize : 56
ivsize : 0
chunksize : 8
walksize : 8
name : blowfish
driver : blowfish-generic
module : blowfish_generic
priority : 100
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 8
min keysize : 4
max keysize : 56
name : sha224
driver : sha224-generic
module : sha256_generic
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 28
name : sha256
driver : sha256-generic
module : sha256_generic
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 32
name : md4
driver : md4-generic
module : md4
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 16
name : ctr(des3_ede)
driver : ctr(des3_ede-generic)
module : ctr
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 24
max keysize : 24
ivsize : 8
chunksize : 8
walksize : 8
name : ctr(des)
driver : ctr(des-generic)
module : ctr
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 8
max keysize : 8
ivsize : 8
chunksize : 8
walksize : 8
name : stdrng
driver : sun4i_ss_rng
module : kernel
priority : 300
refcnt : 1
selftest : passed
internal : no
type : rng
seedsize : 24
name : ecb(des3_ede)
driver : ecb(des3_ede-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 24
max keysize : 24
ivsize : 0
chunksize : 8
walksize : 8
name : ecb(des3_ede)
driver : ecb-des3-sun4i-ss
module : kernel
priority : 300
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 24
max keysize : 24
ivsize : 0
chunksize : 8
walksize : 8
name : cbc(des3_ede)
driver : cbc(des3_ede-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 24
max keysize : 24
ivsize : 8
chunksize : 8
walksize : 8
name : cbc(des3_ede)
driver : cbc-des3-sun4i-ss
module : kernel
priority : 300
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 24
max keysize : 24
ivsize : 8
chunksize : 8
walksize : 8
name : ecb(des)
driver : ecb(des-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 8
max keysize : 8
ivsize : 0
chunksize : 8
walksize : 8
name : ecb(des)
driver : ecb-des-sun4i-ss
module : kernel
priority : 300
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 8
max keysize : 8
ivsize : 0
chunksize : 8
walksize : 8
name : cbc(des)
driver : cbc(des-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 8
max keysize : 8
ivsize : 8
chunksize : 8
walksize : 8
name : cbc(des)
driver : cbc-des-sun4i-ss
module : kernel
priority : 300
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 8
min keysize : 8
max keysize : 8
ivsize : 8
chunksize : 8
walksize : 8
name : ecb(aes)
driver : ecb(aes-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 0
chunksize : 16
walksize : 16
name : ecb(aes)
driver : ecb-aes-sun4i-ss
module : kernel
priority : 300
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 0
chunksize : 16
walksize : 16
name : cbc(aes)
driver : cbc(aes-generic)
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : cbc(aes)
driver : cbc-aes-sun4i-ss
module : kernel
priority : 300
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 16
chunksize : 16
walksize : 16
name : sha1
driver : sha1-sun4i-ss
module : kernel
priority : 300
refcnt : 1
selftest : passed
internal : no
type : ahash
async : no
blocksize : 64
digestsize : 20
name : md5
driver : md5-sun4i-ss
module : kernel
priority : 300
refcnt : 1
selftest : passed
internal : no
type : ahash
async : no
blocksize : 64
digestsize : 16
name : stdrng
driver : ansi_cprng
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : rng
seedsize : 48
name : crc32c
driver : crc32c-generic
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 1
digestsize : 4
name : aes
driver : aes-generic
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 16
min keysize : 16
max keysize : 32
name : des3_ede
driver : des3_ede-generic
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 8
min keysize : 24
max keysize : 24
name : des
driver : des-generic
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 8
min keysize : 8
max keysize : 8
name : sha1
driver : sha1-generic
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 20
name : md5
driver : md5-generic
module : kernel
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 64
digestsize : 16
name : ecb(cipher_null)
driver : ecb-cipher_null
module : kernel
priority : 100
refcnt : 1
selftest : passed
internal : no
type : skcipher
async : no
blocksize : 1
min keysize : 0
max keysize : 0
ivsize : 0
chunksize : 1
walksize : 1
name : digest_null
driver : digest_null-generic
module : kernel
priority : 0
refcnt : 1
selftest : passed
internal : no
type : shash
blocksize : 1
digestsize : 0
name : compress_null
driver : compress_null-generic
module : kernel
priority : 0
refcnt : 1
selftest : passed
internal : no
type : compression
name : cipher_null
driver : cipher_null-generic
module : kernel
priority : 0
refcnt : 1
selftest : passed
internal : no
type : cipher
blocksize : 1
min keysize : 0
max keysize : 0
=== END DUMP ===
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [v2 PATCH] crypto: sun4i-ss - Fix sparse endianness markers
2020-09-24 13:27 ` Corentin Labbe
@ 2020-10-08 5:52 ` Herbert Xu
2020-10-08 6:36 ` Corentin Labbe
0 siblings, 1 reply; 14+ messages in thread
From: Herbert Xu @ 2020-10-08 5:52 UTC (permalink / raw)
To: Corentin Labbe
Cc: kernel test robot, kbuild-all, linux-kernel,
Linux Crypto Mailing List, Eric Biggers
On Thu, Sep 24, 2020 at 03:27:38PM +0200, Corentin Labbe wrote:
>
> This is an example on next-20200923+BigEndian
> alg: ahash: sha1 test failed (wrong result) on test vector \"random: psize=194 ksize=0\", cfg=\"random: inplace may_sleep use_finup src_divs=[98.25%@+1124, <flush>1.75%@+5] iv_offset=18\"
Hmm, the only way I can see this happening is if it was triggered
by tcrypt. Were you using tcrypt by any chance?
Ccing Eric in case he has any insight.
> === DUMP /proc/crypto ===
> name : sha1
> driver : sha1-sun4i-ss
> module : kernel
> priority : 300
> refcnt : 1
> selftest : passed
> internal : no
> type : ahash
> async : no
> blocksize : 64
> digestsize : 20
...
> name : sha1
> driver : sha1-generic
> module : kernel
> priority : 100
> refcnt : 1
> selftest : passed
> internal : no
> type : shash
> blocksize : 64
> digestsize : 20
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [v2 PATCH] crypto: sun4i-ss - Fix sparse endianness markers
2020-10-08 5:52 ` Herbert Xu
@ 2020-10-08 6:36 ` Corentin Labbe
2020-10-08 23:35 ` Eric Biggers
0 siblings, 1 reply; 14+ messages in thread
From: Corentin Labbe @ 2020-10-08 6:36 UTC (permalink / raw)
To: Herbert Xu
Cc: kernel test robot, kbuild-all, linux-kernel,
Linux Crypto Mailing List, Eric Biggers
On Thu, Oct 08, 2020 at 04:52:38PM +1100, Herbert Xu wrote:
> On Thu, Sep 24, 2020 at 03:27:38PM +0200, Corentin Labbe wrote:
> >
> > This is an example on next-20200923+BigEndian
> > alg: ahash: sha1 test failed (wrong result) on test vector \"random: psize=194 ksize=0\", cfg=\"random: inplace may_sleep use_finup src_divs=[98.25%@+1124, <flush>1.75%@+5] iv_offset=18\"
>
> Hmm, the only way I can see this happening is if it was triggered
> by tcrypt. Were you using tcrypt by any chance?
>
> Ccing Eric in case he has any insight.
>
> > === DUMP /proc/crypto ===
> > name : sha1
> > driver : sha1-sun4i-ss
> > module : kernel
> > priority : 300
> > refcnt : 1
> > selftest : passed
> > internal : no
> > type : ahash
> > async : no
> > blocksize : 64
> > digestsize : 20
>
> ...
>
> > name : sha1
> > driver : sha1-generic
> > module : kernel
> > priority : 100
> > refcnt : 1
> > selftest : passed
> > internal : no
> > type : shash
> > blocksize : 64
> > digestsize : 20
>
> Thanks,
Yes I use tcrypt to force all algos to be tested.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [v2 PATCH] crypto: sun4i-ss - Fix sparse endianness markers
2020-10-08 6:36 ` Corentin Labbe
@ 2020-10-08 23:35 ` Eric Biggers
0 siblings, 0 replies; 14+ messages in thread
From: Eric Biggers @ 2020-10-08 23:35 UTC (permalink / raw)
To: Corentin Labbe
Cc: Herbert Xu, kernel test robot, kbuild-all, linux-kernel,
Linux Crypto Mailing List
On Thu, Oct 08, 2020 at 08:36:23AM +0200, Corentin Labbe wrote:
> On Thu, Oct 08, 2020 at 04:52:38PM +1100, Herbert Xu wrote:
> > On Thu, Sep 24, 2020 at 03:27:38PM +0200, Corentin Labbe wrote:
> > >
> > > This is an example on next-20200923+BigEndian
> > > alg: ahash: sha1 test failed (wrong result) on test vector \"random: psize=194 ksize=0\", cfg=\"random: inplace may_sleep use_finup src_divs=[98.25%@+1124, <flush>1.75%@+5] iv_offset=18\"
This failure is in one of the randomly generated test cases. If it doesn't
reproduce reliably, you can set cryptomgr.fuzz_iterations=1000 on the kernel
command line (increased from the default 100).
It is confusing that it says just "sha1". This seems to be a quirk specific to
how tcrypt calls alg_test(). It's probably really testing "sha1-sun4i-ss".
I guess that testmgr.c should be using the actual cra_driver_name in the log
messages, not the 'driver' string that was passed into alg_test().
- Eric
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2020-10-08 23:35 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-06 8:52 drivers/crypto/allwinner/sun4i-ss/sun4i-ss-hash.c:483:35: sparse: sparse: incorrect type in assignment (different base types) kernel test robot
2020-09-07 6:24 ` [PATCH] crypto: sun4i-ss - Fix SHA1 hash on A33-variant with BE CPU Herbert Xu
2020-09-07 14:55 ` Corentin Labbe
2020-09-07 16:00 ` Corentin Labbe
2020-09-08 5:00 ` [v2 PATCH] crypto: sun4i-ss - Fix sparse endianness markers Herbert Xu
2020-09-10 12:22 ` Corentin Labbe
2020-09-11 4:13 ` Herbert Xu
2020-09-14 7:45 ` Corentin Labbe
2020-09-14 10:40 ` Corentin Labbe
2020-09-24 3:08 ` Herbert Xu
2020-09-24 13:27 ` Corentin Labbe
2020-10-08 5:52 ` Herbert Xu
2020-10-08 6:36 ` Corentin Labbe
2020-10-08 23:35 ` Eric Biggers
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).