crypto ahash error handling

linux-crypto.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* crypto ahash error handling
@ 2010-11-08  8:48 Dmitry Kasatkin
  2010-11-10 12:27 ` Herbert Xu
  0 siblings, 1 reply; 7+ messages in thread
From: Dmitry Kasatkin @ 2010-11-08  8:48 UTC (permalink / raw)
  To: linux-crypto@vger.kernel.org

Hello,

When using crypto ahash API, is it necessary/mandatory to call
crypto_ahash_final() if crypto_ahash_update() returns error...

Basically it might happen after several calls while calculating hash if
HW error happens.
It is not possible to continue hash calculation. it is necessary to
reset HW and start whole hash again..

Any comments?

Thanks,
Dmitry

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: crypto ahash error handling
  2010-11-08  8:48 crypto ahash error handling Dmitry Kasatkin
@ 2010-11-10 12:27 ` Herbert Xu
  2010-11-10 14:54   ` Dmitry Kasatkin
  0 siblings, 1 reply; 7+ messages in thread
From: Herbert Xu @ 2010-11-10 12:27 UTC (permalink / raw)
  To: Dmitry Kasatkin; +Cc: linux-crypto

Dmitry Kasatkin <dmitry.kasatkin@nokia.com> wrote:
> Hello,
> 
> When using crypto ahash API, is it necessary/mandatory to call
> crypto_ahash_final() if crypto_ahash_update() returns error...
> 
> Basically it might happen after several calls while calculating hash if
> HW error happens.
> It is not possible to continue hash calculation. it is necessary to
> reset HW and start whole hash again..
> 
> Any comments?

>From the driver's perspective you cannot expect that the user
will call crypto_ahash_final in this case, or for that matter in
any other case as the user is always free to leave a hash in
an unfinalised state.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: crypto ahash error handling
  2010-11-10 12:27 ` Herbert Xu
@ 2010-11-10 14:54   ` Dmitry Kasatkin
  2010-11-11 16:17     ` Herbert Xu
  0 siblings, 1 reply; 7+ messages in thread
From: Dmitry Kasatkin @ 2010-11-10 14:54 UTC (permalink / raw)
  To: ext Herbert Xu; +Cc: linux-crypto@vger.kernel.org

This is not good.

Driver might allocate some resources, which needs to be released.
crypto_ahash_final() should do some kind of "cleanup" task.

- Dmitry

On 10/11/10 14:27, ext Herbert Xu wrote:
> Dmitry Kasatkin <dmitry.kasatkin@nokia.com> wrote:
>   
>> Hello,
>>
>> When using crypto ahash API, is it necessary/mandatory to call
>> crypto_ahash_final() if crypto_ahash_update() returns error...
>>
>> Basically it might happen after several calls while calculating hash if
>> HW error happens.
>> It is not possible to continue hash calculation. it is necessary to
>> reset HW and start whole hash again..
>>
>> Any comments?
>>     
> From the driver's perspective you cannot expect that the user
> will call crypto_ahash_final in this case, or for that matter in
> any other case as the user is always free to leave a hash in
> an unfinalised state.
>
> Cheers,
>   

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: crypto ahash error handling
  2010-11-10 14:54   ` Dmitry Kasatkin
@ 2010-11-11 16:17     ` Herbert Xu
  2010-11-11 18:11       ` Dmitry Kasatkin
  0 siblings, 1 reply; 7+ messages in thread
From: Herbert Xu @ 2010-11-11 16:17 UTC (permalink / raw)
  To: Dmitry Kasatkin; +Cc: linux-crypto@vger.kernel.org

On Wed, Nov 10, 2010 at 04:54:51PM +0200, Dmitry Kasatkin wrote:
> This is not good.
> 
> Driver might allocate some resources, which needs to be released.
> crypto_ahash_final() should do some kind of "cleanup" task.

Then your driver is broken.  The whole hash API is designed around
the fact that each update operation completely stores all output
state in the memory provided, leaving no state behind in the
hardware.

Is your hardware capable of producing unfinalised hashes? If not
then you shouldn't even be implementing an update operation in
hardware.  You should instead use a software fallback.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: crypto ahash error handling
  2010-11-11 16:17     ` Herbert Xu
@ 2010-11-11 18:11       ` Dmitry Kasatkin
  2010-11-12  0:05         ` Herbert Xu
  0 siblings, 1 reply; 7+ messages in thread
From: Dmitry Kasatkin @ 2010-11-11 18:11 UTC (permalink / raw)
  To: ext Herbert Xu; +Cc: linux-crypto@vger.kernel.org

Hi,

Yes. Our HW is capable of producing unfinalised hashes.
Everything is fine.

No. It is not broken.. It cleans up if error...

- Dmitry


On 11/11/10 18:17, ext Herbert Xu wrote:
> On Wed, Nov 10, 2010 at 04:54:51PM +0200, Dmitry Kasatkin wrote:
>   
>> This is not good.
>>
>> Driver might allocate some resources, which needs to be released.
>> crypto_ahash_final() should do some kind of "cleanup" task.
>>     
> Then your driver is broken.  The whole hash API is designed around
> the fact that each update operation completely stores all output
> state in the memory provided, leaving no state behind in the
> hardware.
>
> Is your hardware capable of producing unfinalised hashes? If not
> then you shouldn't even be implementing an update operation in
> hardware.  You should instead use a software fallback.
>
> Cheers,
>   

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: crypto ahash error handling
  2010-11-11 18:11       ` Dmitry Kasatkin
@ 2010-11-12  0:05         ` Herbert Xu
  2010-11-12 11:30           ` Dmitry Kasatkin
  0 siblings, 1 reply; 7+ messages in thread
From: Herbert Xu @ 2010-11-12  0:05 UTC (permalink / raw)
  To: Dmitry Kasatkin; +Cc: linux-crypto@vger.kernel.org

On Thu, Nov 11, 2010 at 08:11:21PM +0200, Dmitry Kasatkin wrote:
> Hi,
> 
> Yes. Our HW is capable of producing unfinalised hashes.
> Everything is fine.

OK then you should be fine even if the user never makes the "final"
call, right?

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: crypto ahash error handling
  2010-11-12  0:05         ` Herbert Xu
@ 2010-11-12 11:30           ` Dmitry Kasatkin
  0 siblings, 0 replies; 7+ messages in thread
From: Dmitry Kasatkin @ 2010-11-12 11:30 UTC (permalink / raw)
  To: ext Herbert Xu; +Cc: linux-crypto@vger.kernel.org

Well.. That was not the case before.
I made a new patch set.

I will send updates for SHA and AES soon after some more testing.

- Dmitry


On 12/11/10 02:05, ext Herbert Xu wrote:
> On Thu, Nov 11, 2010 at 08:11:21PM +0200, Dmitry Kasatkin wrote:
>   
>> Hi,
>>
>> Yes. Our HW is capable of producing unfinalised hashes.
>> Everything is fine.
>>     
> OK then you should be fine even if the user never makes the "final"
> call, right?
>
> Cheers,
>   

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2010-11-12 11:31 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-11-08  8:48 crypto ahash error handling Dmitry Kasatkin
2010-11-10 12:27 ` Herbert Xu
2010-11-10 14:54   ` Dmitry Kasatkin
2010-11-11 16:17     ` Herbert Xu
2010-11-11 18:11       ` Dmitry Kasatkin
2010-11-12  0:05         ` Herbert Xu
2010-11-12 11:30           ` Dmitry Kasatkin

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).