From: Andy Chiu <andy.chiu@sifive.com>
To: Heiko Stuebner <heiko@sntech.de>
Cc: palmer@dabbelt.com, paul.walmsley@sifive.com,
aou@eecs.berkeley.edu, herbert@gondor.apana.org.au,
davem@davemloft.net, conor.dooley@microchip.com,
linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org,
linux-crypto@vger.kernel.org, christoph.muellner@vrull.eu,
ebiggers@kernel.org, Heiko Stuebner <heiko.stuebner@vrull.eu>
Subject: Re: [PATCH v4 06/12] RISC-V: crypto: add Zvbb+Zvbc accelerated GCM GHASH implementation
Date: Thu, 10 Aug 2023 09:57:16 +0000 [thread overview]
Message-ID: <20230810095715.GA6929@hsinchu26> (raw)
In-Reply-To: <20230711153743.1970625-7-heiko@sntech.de>
On Tue, Jul 11, 2023 at 05:37:37PM +0200, Heiko Stuebner wrote:
Hi Heiko,
> From: Heiko Stuebner <heiko.stuebner@vrull.eu>
>
> Add a gcm hash implementation using the Zvbb+Zvbc crypto extensions.
> It gets possibly registered alongside the Zbc-based variant, with a higher
> priority so that the crypto subsystem will be able to select the most
> performant variant, but the algorithm itself will still be part of the
> crypto selftests that run during registration.
>
All newly added crypto algorithms are passing on my side, except for
this one. I was testing on a QEMU and toolchain that support the
frozen spec.
It seems like it was failing on a small 16-Byte input. Here are the
input, expected digest and the (mismatched-)result.
(gdb) x/2gx vec->key
0xffffffff8163cc38: 0x03db81ed4dbfa6df 0x61f030f895ffcaff
(gdb) x/2gx vec->plaintext
0xffffffff8163cc50: 0xc04a60a5562a2b95 0xb6405ba056662bb3
(gdb) x/2gx vec->digest
0xffffffff8163cc68: 0xb65bc5d20aeb53da 0x60dafec32c80c44f
(gdb) x/2gx result
0xff20000000943bb8: 0x0000000000000000 0xb18de0d5e7abcf10
And here is the bootlog, do you have any idea?
[ 5.007043] alg: shash: riscv64_zvbb_zvbc_ghash test failed (wrong result) on test vector 0, cfg="init+update+final aligned buffer"
[ 5.008164] alg: self-tests for ghash using riscv64_zvbb_zvbc_ghash failed (rc=-22)
[ 5.008450] ------------[ cut here ]------------
[ 5.009226] alg: self-tests for ghash using riscv64_zvbb_zvbc_ghash failed (rc=-22)
[ 5.010678] WARNING: CPU: 1 PID: 87 at crypto/testmgr.c:5867 alg_test+0x3e2/0x41e
[ 5.011792] Modules linked in:
[ 5.013314] CPU: 1 PID: 87 Comm: cryptomgr_test Not tainted 6.2.2-02529-g4b0fb43edd0f-dirty #37
[ 5.014037] Hardware name: riscv-virtio,qemu (DT)
[ 5.014582] epc : alg_test+0x3e2/0x41e
[ 5.014938] ra : alg_test+0x3e2/0x41e
[ 5.015256] epc : ffffffff80677744 ra : ffffffff80677744 sp : ff2000000095bd70
[ 5.015718] gp : ffffffff81c896b8 tp : ff6000000464d280 t0 : ffffffff81a2c970
[ 5.016171] t1 : ffffffffffffffff t2 : 2d2d2d2d2d2d2d2d s0 : ff2000000095be80
[ 5.016616] s1 : ffffffffffffffea a0 : 0000000000000047 a1 : ffffffff81a97c70
[ 5.017078] a2 : 0000000000000010 a3 : fffffffffffffffe a4 : 0000000000000000
[ 5.017582] a5 : 0000000000000000 a6 : 0000000000000000 a7 : 0000000000000000
[ 5.018079] s2 : 000000000000000e s3 : ff60000002adf200 s4 : ff60000002adf280
[ 5.018576] s5 : 0000000000000171 s6 : 00000000000000b8 s7 : 0000000000000088
[ 5.019083] s8 : ffffffffffffffff s9 : 00000000000000b8 s10: 0000000000002e00
[ 5.019584] s11: ffffffff8127fd78 t3 : ffffffff81ca0f17 t4 : ffffffff81ca0f17
[ 5.020074] t5 : ffffffff81ca0f18 t6 : ff2000000095bb88
[ 5.020455] status: 0000000200000120 badaddr: 0000000000000000 cause: 0000000000000003
[ 5.021234] [<ffffffff80677744>] alg_test+0x3e2/0x41e
[ 5.021906] [<ffffffff8067490e>] cryptomgr_test+0x28/0x4a
[ 5.022306] [<ffffffff80055ba0>] kthread+0xe0/0xf6
[ 5.022710] [<ffffffff80003edc>] ret_from_exception+0x0/0x16
[ 5.023755] ---[ end trace 0000000000000000 ]---
Thanks,
Andy
WARNING: multiple messages have this Message-ID (diff)
From: Andy Chiu <andy.chiu@sifive.com>
To: Heiko Stuebner <heiko@sntech.de>
Cc: palmer@dabbelt.com, paul.walmsley@sifive.com,
aou@eecs.berkeley.edu, herbert@gondor.apana.org.au,
davem@davemloft.net, conor.dooley@microchip.com,
linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org,
linux-crypto@vger.kernel.org, christoph.muellner@vrull.eu,
ebiggers@kernel.org, Heiko Stuebner <heiko.stuebner@vrull.eu>
Subject: Re: [PATCH v4 06/12] RISC-V: crypto: add Zvbb+Zvbc accelerated GCM GHASH implementation
Date: Thu, 10 Aug 2023 09:57:16 +0000 [thread overview]
Message-ID: <20230810095715.GA6929@hsinchu26> (raw)
In-Reply-To: <20230711153743.1970625-7-heiko@sntech.de>
On Tue, Jul 11, 2023 at 05:37:37PM +0200, Heiko Stuebner wrote:
Hi Heiko,
> From: Heiko Stuebner <heiko.stuebner@vrull.eu>
>
> Add a gcm hash implementation using the Zvbb+Zvbc crypto extensions.
> It gets possibly registered alongside the Zbc-based variant, with a higher
> priority so that the crypto subsystem will be able to select the most
> performant variant, but the algorithm itself will still be part of the
> crypto selftests that run during registration.
>
All newly added crypto algorithms are passing on my side, except for
this one. I was testing on a QEMU and toolchain that support the
frozen spec.
It seems like it was failing on a small 16-Byte input. Here are the
input, expected digest and the (mismatched-)result.
(gdb) x/2gx vec->key
0xffffffff8163cc38: 0x03db81ed4dbfa6df 0x61f030f895ffcaff
(gdb) x/2gx vec->plaintext
0xffffffff8163cc50: 0xc04a60a5562a2b95 0xb6405ba056662bb3
(gdb) x/2gx vec->digest
0xffffffff8163cc68: 0xb65bc5d20aeb53da 0x60dafec32c80c44f
(gdb) x/2gx result
0xff20000000943bb8: 0x0000000000000000 0xb18de0d5e7abcf10
And here is the bootlog, do you have any idea?
[ 5.007043] alg: shash: riscv64_zvbb_zvbc_ghash test failed (wrong result) on test vector 0, cfg="init+update+final aligned buffer"
[ 5.008164] alg: self-tests for ghash using riscv64_zvbb_zvbc_ghash failed (rc=-22)
[ 5.008450] ------------[ cut here ]------------
[ 5.009226] alg: self-tests for ghash using riscv64_zvbb_zvbc_ghash failed (rc=-22)
[ 5.010678] WARNING: CPU: 1 PID: 87 at crypto/testmgr.c:5867 alg_test+0x3e2/0x41e
[ 5.011792] Modules linked in:
[ 5.013314] CPU: 1 PID: 87 Comm: cryptomgr_test Not tainted 6.2.2-02529-g4b0fb43edd0f-dirty #37
[ 5.014037] Hardware name: riscv-virtio,qemu (DT)
[ 5.014582] epc : alg_test+0x3e2/0x41e
[ 5.014938] ra : alg_test+0x3e2/0x41e
[ 5.015256] epc : ffffffff80677744 ra : ffffffff80677744 sp : ff2000000095bd70
[ 5.015718] gp : ffffffff81c896b8 tp : ff6000000464d280 t0 : ffffffff81a2c970
[ 5.016171] t1 : ffffffffffffffff t2 : 2d2d2d2d2d2d2d2d s0 : ff2000000095be80
[ 5.016616] s1 : ffffffffffffffea a0 : 0000000000000047 a1 : ffffffff81a97c70
[ 5.017078] a2 : 0000000000000010 a3 : fffffffffffffffe a4 : 0000000000000000
[ 5.017582] a5 : 0000000000000000 a6 : 0000000000000000 a7 : 0000000000000000
[ 5.018079] s2 : 000000000000000e s3 : ff60000002adf200 s4 : ff60000002adf280
[ 5.018576] s5 : 0000000000000171 s6 : 00000000000000b8 s7 : 0000000000000088
[ 5.019083] s8 : ffffffffffffffff s9 : 00000000000000b8 s10: 0000000000002e00
[ 5.019584] s11: ffffffff8127fd78 t3 : ffffffff81ca0f17 t4 : ffffffff81ca0f17
[ 5.020074] t5 : ffffffff81ca0f18 t6 : ff2000000095bb88
[ 5.020455] status: 0000000200000120 badaddr: 0000000000000000 cause: 0000000000000003
[ 5.021234] [<ffffffff80677744>] alg_test+0x3e2/0x41e
[ 5.021906] [<ffffffff8067490e>] cryptomgr_test+0x28/0x4a
[ 5.022306] [<ffffffff80055ba0>] kthread+0xe0/0xf6
[ 5.022710] [<ffffffff80003edc>] ret_from_exception+0x0/0x16
[ 5.023755] ---[ end trace 0000000000000000 ]---
Thanks,
Andy
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2023-08-10 9:57 UTC|newest]
Thread overview: 100+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-11 15:37 [PATCH v4 00/12] RISC-V: support some cryptography accelerations Heiko Stuebner
2023-07-11 15:37 ` Heiko Stuebner
2023-07-11 15:37 ` [PATCH v4 01/12] riscv: Add support for kernel mode vector Heiko Stuebner
2023-07-11 15:37 ` Heiko Stuebner
2023-07-11 17:11 ` Rémi Denis-Courmont
2023-07-11 17:11 ` Rémi Denis-Courmont
2023-07-13 17:19 ` Andy Chiu
2023-07-13 17:19 ` Andy Chiu
2023-07-11 15:37 ` [PATCH v4 02/12] riscv: Add vector extension XOR implementation Heiko Stuebner
2023-07-11 15:37 ` Heiko Stuebner
2023-07-11 17:33 ` Rémi Denis-Courmont
2023-07-11 17:33 ` Rémi Denis-Courmont
2023-07-11 15:37 ` [PATCH v4 03/12] RISC-V: add helper function to read the vector VLEN Heiko Stuebner
2023-07-11 15:37 ` Heiko Stuebner
2023-07-11 18:06 ` Rémi Denis-Courmont
2023-07-11 18:06 ` Rémi Denis-Courmont
2023-07-11 15:37 ` [PATCH v4 04/12] RISC-V: add vector crypto extension detection Heiko Stuebner
2023-07-11 15:37 ` Heiko Stuebner
2023-07-12 10:40 ` Anup Patel
2023-07-12 10:40 ` Anup Patel
2023-07-18 14:55 ` Conor Dooley
2023-07-18 14:55 ` Conor Dooley
2023-07-21 5:48 ` Eric Biggers
2023-07-21 5:48 ` Eric Biggers
2023-07-11 15:37 ` [PATCH v4 05/12] RISC-V: crypto: update perl include with helpers for vector (crypto) instructions Heiko Stuebner
2023-07-11 15:37 ` Heiko Stuebner
2023-07-11 18:04 ` Rémi Denis-Courmont
2023-07-11 18:04 ` Rémi Denis-Courmont
2023-07-11 15:37 ` [PATCH v4 06/12] RISC-V: crypto: add Zvbb+Zvbc accelerated GCM GHASH implementation Heiko Stuebner
2023-07-11 15:37 ` Heiko Stuebner
2023-08-10 9:57 ` Andy Chiu [this message]
2023-08-10 9:57 ` Andy Chiu
2023-07-11 15:37 ` [PATCH v4 07/12] RISC-V: crypto: add Zvkg " Heiko Stuebner
2023-07-11 15:37 ` Heiko Stuebner
2023-07-11 15:37 ` [PATCH v4 08/12] RISC-V: crypto: add a vector-crypto-accelerated SHA256 implementation Heiko Stuebner
2023-07-11 15:37 ` Heiko Stuebner
2023-07-21 4:42 ` Eric Biggers
2023-07-21 4:42 ` Eric Biggers
2023-07-11 15:37 ` [PATCH v4 09/12] RISC-V: crypto: add a vector-crypto-accelerated SHA512 implementation Heiko Stuebner
2023-07-11 15:37 ` Heiko Stuebner
2023-07-11 15:37 ` [PATCH v4 10/12] RISC-V: crypto: add Zvkned accelerated AES encryption implementation Heiko Stuebner
2023-07-11 15:37 ` Heiko Stuebner
2023-07-21 5:40 ` Eric Biggers
2023-07-21 5:40 ` Eric Biggers
2023-07-21 11:39 ` Ard Biesheuvel
2023-07-21 11:39 ` Ard Biesheuvel
2023-07-21 14:23 ` Ard Biesheuvel
2023-07-21 14:23 ` Ard Biesheuvel
2023-09-11 13:06 ` Jerry Shih
2023-09-11 13:06 ` Jerry Shih
2023-09-12 7:04 ` Ard Biesheuvel
2023-09-12 7:04 ` Ard Biesheuvel
2023-09-12 7:15 ` Jerry Shih
2023-09-12 7:15 ` Jerry Shih
2023-09-15 1:28 ` He-Jie Shih
2023-09-15 1:28 ` He-Jie Shih
2023-07-11 15:37 ` [PATCH v4 11/12] RISC-V: crypto: add Zvksed accelerated SM4 " Heiko Stuebner
2023-07-11 15:37 ` Heiko Stuebner
2023-07-11 15:37 ` [PATCH v4 12/12] RISC-V: crypto: add Zvksh accelerated SM3 hash implementation Heiko Stuebner
2023-07-11 15:37 ` Heiko Stuebner
2023-07-13 7:40 ` [PATCH v4 00/12] RISC-V: support some cryptography accelerations Eric Biggers
2023-07-13 7:40 ` Eric Biggers
2023-07-14 6:27 ` Eric Biggers
2023-07-14 6:27 ` Eric Biggers
2023-07-14 7:02 ` Heiko Stuebner
2023-07-14 7:02 ` Heiko Stuebner
2023-07-21 5:12 ` Eric Biggers
2023-07-21 5:12 ` Eric Biggers
2023-09-14 0:11 ` Eric Biggers
2023-09-14 0:11 ` Eric Biggers
2023-09-14 1:10 ` Charlie Jenkins
2023-09-14 1:10 ` Charlie Jenkins
2023-09-15 1:48 ` He-Jie Shih
2023-09-15 1:48 ` He-Jie Shih
2023-09-15 3:21 ` Jerry Shih
2023-09-15 3:21 ` Jerry Shih
2023-10-06 19:47 ` Eric Biggers
2023-10-06 19:47 ` Eric Biggers
2023-10-06 21:01 ` He-Jie Shih
2023-10-06 21:01 ` He-Jie Shih
2023-10-06 23:33 ` Ard Biesheuvel
2023-10-06 23:33 ` Ard Biesheuvel
2023-10-07 22:16 ` Eric Biggers
2023-10-07 22:16 ` Eric Biggers
2023-10-07 21:30 ` Eric Biggers
2023-10-07 21:30 ` Eric Biggers
2023-10-31 2:17 ` Jerry Shih
2023-10-31 2:17 ` Jerry Shih
2023-11-02 4:03 ` Eric Biggers
2023-11-02 4:03 ` Eric Biggers
2023-11-21 23:51 ` Eric Biggers
2023-11-21 23:51 ` Eric Biggers
2023-11-22 7:58 ` Jerry Shih
2023-11-22 7:58 ` Jerry Shih
2023-11-22 23:42 ` Eric Biggers
2023-11-22 23:42 ` Eric Biggers
2023-11-23 0:36 ` Christoph Müllner
2023-11-23 0:36 ` Christoph Müllner
2023-11-28 20:19 ` Eric Biggers
2023-11-28 20:19 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230810095715.GA6929@hsinchu26 \
--to=andy.chiu@sifive.com \
--cc=aou@eecs.berkeley.edu \
--cc=christoph.muellner@vrull.eu \
--cc=conor.dooley@microchip.com \
--cc=davem@davemloft.net \
--cc=ebiggers@kernel.org \
--cc=heiko.stuebner@vrull.eu \
--cc=heiko@sntech.de \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=palmer@dabbelt.com \
--cc=paul.walmsley@sifive.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.