From patchwork Thu Jun 22 13:36:55 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gilad Ben-Yossef X-Patchwork-Id: 106211 Delivered-To: patch@linaro.org Received: by 10.140.91.2 with SMTP id y2csp123661qgd; Thu, 22 Jun 2017 06:37:59 -0700 (PDT) X-Received: by 10.98.18.16 with SMTP id a16mr2636644pfj.91.1498138678927; Thu, 22 Jun 2017 06:37:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1498138678; cv=none; d=google.com; s=arc-20160816; b=QhhNxjEst0ugJfBqkMZYBrmVk6mTF01h/PqZtmNvzo0/zGbKTK4qeb8qQKlL4uuQhM 5It/pc9dK4tek2uw0KHmgqG0a70PUnry6pMnRGe8Vc99i+3Zp6h/gfdkmsI1ialxIlbp YyQS5FzHOtw7izctPTByagEwF/GZblITKlbyDiEjm6pEIw5zoqk6eu4VIcwue4t5L8Ko Shb8TKmsdR0q1u1NVCAcwHDxmvi088TBq5xJgUVIopyyXSgeSxb3qor8bjaMxjz98LT/ s5mNw2whh3GBjGga9bcgbptM1x5DDV2O/HI23YzGMnTevUifqoLmWObgI3N4qa8UVfOZ NprA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:arc-authentication-results; bh=/n3X8e/TBvvAtUOYS8YpxOEA9N2lsEPmnbYoJHw3WVA=; b=h6ur82WXCgwsNZyHdiPsK3XtowBtxOqSPFi/ZRoEriVVrWLhfuPlox/rcoPJGAPtU6 Cb0fysWv7sHOx2YCs30MQOTqomnQsTHchVLiH0NM79iGxkBsK0SJVMOIcBMVBnF3fMZi YxB0x4jeixcmEzKhvxIKkdlWEf3g5ZGxJzffiilkaTKeHhm2o24lerSfCMToYAfesI7K en/r0pvOKcT5WqM6qMGt9coZiiMiQSKhl+/zKEpJSzQu3MhBQxvZqXaKUI0gwAuHBFJ1 QaC9n/w2DvEIMHsdTT8ev2+kk1rd/5Ff9lq6b/YxJ4UrI5CKX8pJEdvqIZDEOXM5R3Dp HBZA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w34si302268pla.379.2017.06.22.06.37.58; Thu, 22 Jun 2017 06:37:58 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753503AbdFVNhh (ORCPT + 25 others); Thu, 22 Jun 2017 09:37:37 -0400 Received: from foss.arm.com ([217.140.101.70]:38304 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751866AbdFVNhf (ORCPT ); Thu, 22 Jun 2017 09:37:35 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9156E15AD; Thu, 22 Jun 2017 06:37:29 -0700 (PDT) Received: from gby.kfn.arm.com (unknown [10.45.48.178]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id CDD883F3E1; Thu, 22 Jun 2017 06:37:27 -0700 (PDT) From: Gilad Ben-Yossef To: Greg Kroah-Hartman , linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org, driverdev-devel@linuxdriverproject.org, devel@driverdev.osuosl.org Cc: Ofir Drang , Dan Carpenter Subject: [PATCH v2 1/7] staging: ccree: fix hash import/export Date: Thu, 22 Jun 2017 16:36:55 +0300 Message-Id: <1498138623-6126-2-git-send-email-gilad@benyossef.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1498138623-6126-1-git-send-email-gilad@benyossef.com> References: <1498138623-6126-1-git-send-email-gilad@benyossef.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hash import and export was saving and restoring the wrong context and therefore disabled. Fix it by restoring intermediate digest and additional state needed. The hash and mac transform now pass testmgr partial hash tests. Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/ssi_hash.c | 140 +++++++++++++++++++++++++++------------ drivers/staging/ccree/ssi_hash.h | 2 + 2 files changed, 98 insertions(+), 44 deletions(-) -- 2.1.4 diff --git a/drivers/staging/ccree/ssi_hash.c b/drivers/staging/ccree/ssi_hash.c index ed1c672..c39e3be 100644 --- a/drivers/staging/ccree/ssi_hash.c +++ b/drivers/staging/ccree/ssi_hash.c @@ -976,22 +976,6 @@ static int ssi_hash_init(struct ahash_req_ctx *state, struct ssi_hash_ctx *ctx) return 0; } -#ifdef EXPORT_FIXED -static int ssi_hash_export(struct ssi_hash_ctx *ctx, void *out) -{ - CHECK_AND_RETURN_UPON_FIPS_ERROR(); - memcpy(out, ctx, sizeof(struct ssi_hash_ctx)); - return 0; -} - -static int ssi_hash_import(struct ssi_hash_ctx *ctx, const void *in) -{ - CHECK_AND_RETURN_UPON_FIPS_ERROR(); - memcpy(ctx, in, sizeof(struct ssi_hash_ctx)); - return 0; -} -#endif - static int ssi_hash_setkey(void *hash, const u8 *key, unsigned int keylen, @@ -1782,23 +1766,104 @@ static int ssi_ahash_init(struct ahash_request *req) return ssi_hash_init(state, ctx); } -#ifdef EXPORT_FIXED static int ssi_ahash_export(struct ahash_request *req, void *out) { struct crypto_ahash *ahash = crypto_ahash_reqtfm(req); struct ssi_hash_ctx *ctx = crypto_ahash_ctx(ahash); + struct device *dev = &ctx->drvdata->plat_dev->dev; + struct ahash_req_ctx *state = ahash_request_ctx(req); + u8 *curr_buff = state->buff_index ? state->buff1 : state->buff0; + u32 curr_buff_cnt = state->buff_index ? state->buff1_cnt : + state->buff0_cnt; + const u32 tmp = CC_EXPORT_MAGIC; + + CHECK_AND_RETURN_UPON_FIPS_ERROR(); - return ssi_hash_export(ctx, out); + memcpy(out, &tmp, sizeof(u32)); + out += sizeof(u32); + + dma_sync_single_for_cpu(dev, state->digest_buff_dma_addr, + ctx->inter_digestsize, DMA_BIDIRECTIONAL); + memcpy(out, state->digest_buff, ctx->inter_digestsize); + out += ctx->inter_digestsize; + + if (state->digest_bytes_len_dma_addr) { + dma_sync_single_for_cpu(dev, state->digest_bytes_len_dma_addr, + HASH_LEN_SIZE, DMA_BIDIRECTIONAL); + memcpy(out, state->digest_bytes_len, HASH_LEN_SIZE); + } + out += HASH_LEN_SIZE; + + memcpy(out, &curr_buff_cnt, sizeof(u32)); + out += sizeof(u32); + + memcpy(out, curr_buff, curr_buff_cnt); + + /* No sync for device ineeded since we did not change the data, + * we only copy it + */ + + return 0; } static int ssi_ahash_import(struct ahash_request *req, const void *in) { struct crypto_ahash *ahash = crypto_ahash_reqtfm(req); struct ssi_hash_ctx *ctx = crypto_ahash_ctx(ahash); + struct device *dev = &ctx->drvdata->plat_dev->dev; + struct ahash_req_ctx *state = ahash_request_ctx(req); + u32 tmp; + int rc; + + CHECK_AND_RETURN_UPON_FIPS_ERROR(); - return ssi_hash_import(ctx, in); + memcpy(&tmp, in, sizeof(u32)); + if (tmp != CC_EXPORT_MAGIC) { + rc = -EINVAL; + goto out; + } + in += sizeof(u32); + + rc = ssi_hash_init(state, ctx); + if (rc) + goto out; + + dma_sync_single_for_cpu(dev, state->digest_buff_dma_addr, + ctx->inter_digestsize, DMA_BIDIRECTIONAL); + memcpy(state->digest_buff, in, ctx->inter_digestsize); + in += ctx->inter_digestsize; + + if (state->digest_bytes_len_dma_addr) { + dma_sync_single_for_cpu(dev, state->digest_bytes_len_dma_addr, + HASH_LEN_SIZE, DMA_BIDIRECTIONAL); + memcpy(state->digest_bytes_len, in, HASH_LEN_SIZE); + } + in += HASH_LEN_SIZE; + + dma_sync_single_for_device(dev, state->digest_buff_dma_addr, + ctx->inter_digestsize, DMA_BIDIRECTIONAL); + + if (state->digest_bytes_len_dma_addr) + dma_sync_single_for_device(dev, + state->digest_bytes_len_dma_addr, + HASH_LEN_SIZE, DMA_BIDIRECTIONAL); + + state->buff_index = 0; + + /* Sanity check the data as much as possible */ + memcpy(&tmp, in, sizeof(u32)); + if (tmp > SSI_MAX_HASH_BLCK_SIZE) { + rc = -EINVAL; + goto out; + } + in += sizeof(u32); + + state->buff0_cnt = tmp; + memcpy(state->buff0, in, state->buff0_cnt); + +out: + return rc; } -#endif static int ssi_ahash_setkey(struct crypto_ahash *ahash, const u8 *key, unsigned int keylen) @@ -1820,6 +1885,9 @@ struct ssi_hash_template { struct ssi_drvdata *drvdata; }; +#define CC_STATE_SIZE(_x) \ + ((_x) + HASH_LEN_SIZE + SSI_MAX_HASH_BLCK_SIZE + (2 * sizeof(u32))) + /* hash descriptors */ static struct ssi_hash_template driver_hash[] = { //Asynchronize hash template @@ -1836,14 +1904,12 @@ static struct ssi_hash_template driver_hash[] = { .final = ssi_ahash_final, .finup = ssi_ahash_finup, .digest = ssi_ahash_digest, -#ifdef EXPORT_FIXED .export = ssi_ahash_export, .import = ssi_ahash_import, -#endif .setkey = ssi_ahash_setkey, .halg = { .digestsize = SHA1_DIGEST_SIZE, - .statesize = sizeof(struct sha1_state), + .statesize = CC_STATE_SIZE(SHA1_DIGEST_SIZE), }, }, .hash_mode = DRV_HASH_SHA1, @@ -1862,14 +1928,12 @@ static struct ssi_hash_template driver_hash[] = { .final = ssi_ahash_final, .finup = ssi_ahash_finup, .digest = ssi_ahash_digest, -#ifdef EXPORT_FIXED .export = ssi_ahash_export, .import = ssi_ahash_import, -#endif .setkey = ssi_ahash_setkey, .halg = { .digestsize = SHA256_DIGEST_SIZE, - .statesize = sizeof(struct sha256_state), + .statesize = CC_STATE_SIZE(SHA256_DIGEST_SIZE) }, }, .hash_mode = DRV_HASH_SHA256, @@ -1888,14 +1952,12 @@ static struct ssi_hash_template driver_hash[] = { .final = ssi_ahash_final, .finup = ssi_ahash_finup, .digest = ssi_ahash_digest, -#ifdef EXPORT_FIXED .export = ssi_ahash_export, .import = ssi_ahash_import, -#endif .setkey = ssi_ahash_setkey, .halg = { .digestsize = SHA224_DIGEST_SIZE, - .statesize = sizeof(struct sha256_state), + .statesize = CC_STATE_SIZE(SHA224_DIGEST_SIZE), }, }, .hash_mode = DRV_HASH_SHA224, @@ -1915,14 +1977,12 @@ static struct ssi_hash_template driver_hash[] = { .final = ssi_ahash_final, .finup = ssi_ahash_finup, .digest = ssi_ahash_digest, -#ifdef EXPORT_FIXED .export = ssi_ahash_export, .import = ssi_ahash_import, -#endif .setkey = ssi_ahash_setkey, .halg = { .digestsize = SHA384_DIGEST_SIZE, - .statesize = sizeof(struct sha512_state), + .statesize = CC_STATE_SIZE(SHA384_DIGEST_SIZE), }, }, .hash_mode = DRV_HASH_SHA384, @@ -1941,14 +2001,12 @@ static struct ssi_hash_template driver_hash[] = { .final = ssi_ahash_final, .finup = ssi_ahash_finup, .digest = ssi_ahash_digest, -#ifdef EXPORT_FIXED .export = ssi_ahash_export, .import = ssi_ahash_import, -#endif .setkey = ssi_ahash_setkey, .halg = { .digestsize = SHA512_DIGEST_SIZE, - .statesize = sizeof(struct sha512_state), + .statesize = CC_STATE_SIZE(SHA512_DIGEST_SIZE), }, }, .hash_mode = DRV_HASH_SHA512, @@ -1968,14 +2026,12 @@ static struct ssi_hash_template driver_hash[] = { .final = ssi_ahash_final, .finup = ssi_ahash_finup, .digest = ssi_ahash_digest, -#ifdef EXPORT_FIXED .export = ssi_ahash_export, .import = ssi_ahash_import, -#endif .setkey = ssi_ahash_setkey, .halg = { .digestsize = MD5_DIGEST_SIZE, - .statesize = sizeof(struct md5_state), + .statesize = CC_STATE_SIZE(MD5_DIGEST_SIZE), }, }, .hash_mode = DRV_HASH_MD5, @@ -1993,13 +2049,11 @@ static struct ssi_hash_template driver_hash[] = { .finup = ssi_mac_finup, .digest = ssi_mac_digest, .setkey = ssi_xcbc_setkey, -#ifdef EXPORT_FIXED .export = ssi_ahash_export, .import = ssi_ahash_import, -#endif .halg = { .digestsize = AES_BLOCK_SIZE, - .statesize = sizeof(struct aeshash_state), + .statesize = CC_STATE_SIZE(AES_BLOCK_SIZE), }, }, .hash_mode = DRV_HASH_NULL, @@ -2018,13 +2072,11 @@ static struct ssi_hash_template driver_hash[] = { .finup = ssi_mac_finup, .digest = ssi_mac_digest, .setkey = ssi_cmac_setkey, -#ifdef EXPORT_FIXED .export = ssi_ahash_export, .import = ssi_ahash_import, -#endif .halg = { .digestsize = AES_BLOCK_SIZE, - .statesize = sizeof(struct aeshash_state), + .statesize = CC_STATE_SIZE(AES_BLOCK_SIZE), }, }, .hash_mode = DRV_HASH_NULL, diff --git a/drivers/staging/ccree/ssi_hash.h b/drivers/staging/ccree/ssi_hash.h index 7c94661..0bb99cb 100644 --- a/drivers/staging/ccree/ssi_hash.h +++ b/drivers/staging/ccree/ssi_hash.h @@ -39,6 +39,8 @@ #define XCBC_MAC_K2_OFFSET 16 #define XCBC_MAC_K3_OFFSET 32 +#define CC_EXPORT_MAGIC 0xC2EE1070U + // this struct was taken from drivers/crypto/nx/nx-aes-xcbc.c and it is used for xcbc/cmac statesize struct aeshash_state { u8 state[AES_BLOCK_SIZE];