* [PATCH 2/7] crypto: sun4i-ss: checking sg length is not sufficient
[not found] <1600367758-28589-1-git-send-email-clabbe@baylibre.com>
@ 2020-09-17 18:35 ` Corentin Labbe
2020-09-21 12:54 ` Sasha Levin
2020-09-17 18:35 ` [PATCH 3/7] crypto: sun4i-ss: IV register does not work on A10 and A13 Corentin Labbe
` (2 subsequent siblings)
3 siblings, 1 reply; 9+ messages in thread
From: Corentin Labbe @ 2020-09-17 18:35 UTC (permalink / raw)
To: arnd, davem, herbert, mripard, wens
Cc: linux-arm-kernel, linux-crypto, linux-kernel, linux-sunxi,
Corentin Labbe, stable
The optimized cipher function need length multiple of 4 bytes.
But it get sometimes odd length.
This is due to SG data could be stored with an offset.
So the fix is to check also if the offset is aligned with 4 bytes.
Fixes: 6298e948215f2 ("crypto: sunxi-ss - Add Allwinner Security System crypto accelerator")
Cc: <stable@vger.kernel.org>
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
---
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c
index b92d175b5d2a..2614640231dc 100644
--- a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c
+++ b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c
@@ -188,12 +188,12 @@ static int sun4i_ss_cipher_poll(struct skcipher_request *areq)
* we can use the SS optimized function
*/
while (in_sg && no_chunk == 1) {
- if (in_sg->length % 4)
+ if (in_sg->length % 4 || !IS_ALIGNED(in_sg->offset, sizeof(u32)))
no_chunk = 0;
in_sg = sg_next(in_sg);
}
while (out_sg && no_chunk == 1) {
- if (out_sg->length % 4)
+ if (out_sg->length % 4 || !IS_ALIGNED(out_sg->offset, sizeof(u32)))
no_chunk = 0;
out_sg = sg_next(out_sg);
}
--
2.26.2
^ permalink raw reply related [flat|nested] 9+ messages in thread* Re: [PATCH 2/7] crypto: sun4i-ss: checking sg length is not sufficient
2020-09-17 18:35 ` [PATCH 2/7] crypto: sun4i-ss: checking sg length is not sufficient Corentin Labbe
@ 2020-09-21 12:54 ` Sasha Levin
0 siblings, 0 replies; 9+ messages in thread
From: Sasha Levin @ 2020-09-21 12:54 UTC (permalink / raw)
To: Sasha Levin, Corentin Labbe, arnd, davem, herbert
Cc: linux-arm-kernel, linux-crypto, stable, stable
Hi
[This is an automated email]
This commit has been processed because it contains a "Fixes:" tag
fixing commit: 6298e948215f ("crypto: sunxi-ss - Add Allwinner Security System crypto accelerator").
The bot has tested the following trees: v5.8.10, v5.4.66, v4.19.146, v4.14.198, v4.9.236, v4.4.236.
v5.8.10: Build OK!
v5.4.66: Build OK!
v4.19.146: Build OK!
v4.14.198: Build OK!
v4.9.236: Failed to apply! Possible dependencies:
a595e60a70c0 ("crypto: sun4i-ss - remove conditional checks against 0")
v4.4.236: Failed to apply! Possible dependencies:
477d9b2e591b ("crypto: sun4i-ss - unify update/final function")
a595e60a70c0 ("crypto: sun4i-ss - remove conditional checks against 0")
bfb2892018ca ("crypto: sunxi - don't print confusing data")
NOTE: The patch will not be queued to stable trees until it is upstream.
How should we proceed with this patch?
--
Thanks
Sasha
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 3/7] crypto: sun4i-ss: IV register does not work on A10 and A13
[not found] <1600367758-28589-1-git-send-email-clabbe@baylibre.com>
2020-09-17 18:35 ` [PATCH 2/7] crypto: sun4i-ss: checking sg length is not sufficient Corentin Labbe
@ 2020-09-17 18:35 ` Corentin Labbe
2020-09-17 18:35 ` [PATCH 4/7] crypto: sun4i-ss: handle BigEndian for cipher Corentin Labbe
2020-09-17 18:35 ` [PATCH 5/7] crypto: sun4i-ss: initialize need_fallback Corentin Labbe
3 siblings, 0 replies; 9+ messages in thread
From: Corentin Labbe @ 2020-09-17 18:35 UTC (permalink / raw)
To: arnd, davem, herbert, mripard, wens
Cc: linux-arm-kernel, linux-crypto, linux-kernel, linux-sunxi,
Corentin Labbe, stable
Allwinner A10 and A13 SoC have a version of the SS which produce
invalid IV in IVx register.
Instead of adding a variant for those, let's convert SS to produce IV
directly from data.
Fixes: 6298e948215f2 ("crypto: sunxi-ss - Add Allwinner Security System crypto accelerator")
Cc: <stable@vger.kernel.org>
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
---
.../allwinner/sun4i-ss/sun4i-ss-cipher.c | 34 +++++++++++++++----
1 file changed, 28 insertions(+), 6 deletions(-)
diff --git a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c
index 2614640231dc..c6c25204780d 100644
--- a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c
+++ b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c
@@ -20,6 +20,7 @@ static int noinline_for_stack sun4i_ss_opti_poll(struct skcipher_request *areq)
unsigned int ivsize = crypto_skcipher_ivsize(tfm);
struct sun4i_cipher_req_ctx *ctx = skcipher_request_ctx(areq);
u32 mode = ctx->mode;
+ void *backup_iv = NULL;
/* when activating SS, the default FIFO space is SS_RX_DEFAULT(32) */
u32 rx_cnt = SS_RX_DEFAULT;
u32 tx_cnt = 0;
@@ -42,6 +43,13 @@ static int noinline_for_stack sun4i_ss_opti_poll(struct skcipher_request *areq)
return -EINVAL;
}
+ if (areq->iv && ivsize > 0 && mode & SS_DECRYPTION) {
+ backup_iv = kzalloc(ivsize, GFP_KERNEL);
+ if (!backup_iv)
+ return -ENOMEM;
+ scatterwalk_map_and_copy(backup_iv, areq->src, areq->cryptlen - ivsize, ivsize, 0);
+ }
+
spin_lock_irqsave(&ss->slock, flags);
for (i = 0; i < op->keylen; i += 4)
@@ -102,9 +110,12 @@ static int noinline_for_stack sun4i_ss_opti_poll(struct skcipher_request *areq)
} while (oleft);
if (areq->iv) {
- for (i = 0; i < 4 && i < ivsize / 4; i++) {
- v = readl(ss->base + SS_IV0 + i * 4);
- *(u32 *)(areq->iv + i * 4) = v;
+ if (mode & SS_DECRYPTION) {
+ memcpy(areq->iv, backup_iv, ivsize);
+ kfree_sensitive(backup_iv);
+ } else {
+ scatterwalk_map_and_copy(areq->iv, areq->dst, areq->cryptlen - ivsize,
+ ivsize, 0);
}
}
@@ -161,6 +172,7 @@ static int sun4i_ss_cipher_poll(struct skcipher_request *areq)
unsigned int ileft = areq->cryptlen;
unsigned int oleft = areq->cryptlen;
unsigned int todo;
+ void *backup_iv = NULL;
struct sg_mapping_iter mi, mo;
unsigned int oi, oo; /* offset for in and out */
char buf[4 * SS_RX_MAX];/* buffer for linearize SG src */
@@ -204,6 +216,13 @@ static int sun4i_ss_cipher_poll(struct skcipher_request *areq)
if (need_fallback)
return sun4i_ss_cipher_poll_fallback(areq);
+ if (areq->iv && ivsize > 0 && mode & SS_DECRYPTION) {
+ backup_iv = kzalloc(ivsize, GFP_KERNEL);
+ if (!backup_iv)
+ return -ENOMEM;
+ scatterwalk_map_and_copy(backup_iv, areq->src, areq->cryptlen - ivsize, ivsize, 0);
+ }
+
spin_lock_irqsave(&ss->slock, flags);
for (i = 0; i < op->keylen; i += 4)
@@ -324,9 +343,12 @@ static int sun4i_ss_cipher_poll(struct skcipher_request *areq)
}
}
if (areq->iv) {
- for (i = 0; i < 4 && i < ivsize / 4; i++) {
- v = readl(ss->base + SS_IV0 + i * 4);
- *(u32 *)(areq->iv + i * 4) = v;
+ if (mode & SS_DECRYPTION) {
+ memcpy(areq->iv, backup_iv, ivsize);
+ kfree_sensitive(backup_iv);
+ } else {
+ scatterwalk_map_and_copy(areq->iv, areq->dst, areq->cryptlen - ivsize,
+ ivsize, 0);
}
}
--
2.26.2
^ permalink raw reply related [flat|nested] 9+ messages in thread* [PATCH 4/7] crypto: sun4i-ss: handle BigEndian for cipher
[not found] <1600367758-28589-1-git-send-email-clabbe@baylibre.com>
2020-09-17 18:35 ` [PATCH 2/7] crypto: sun4i-ss: checking sg length is not sufficient Corentin Labbe
2020-09-17 18:35 ` [PATCH 3/7] crypto: sun4i-ss: IV register does not work on A10 and A13 Corentin Labbe
@ 2020-09-17 18:35 ` Corentin Labbe
2020-09-18 7:31 ` Herbert Xu
2020-09-17 18:35 ` [PATCH 5/7] crypto: sun4i-ss: initialize need_fallback Corentin Labbe
3 siblings, 1 reply; 9+ messages in thread
From: Corentin Labbe @ 2020-09-17 18:35 UTC (permalink / raw)
To: arnd, davem, herbert, mripard, wens
Cc: linux-arm-kernel, linux-crypto, linux-kernel, linux-sunxi,
Corentin Labbe, stable
Ciphers produce invalid results on BE.
Key and IV need to be written in LE.
Furthermore, the non-optimized function is too complicated to convert,
let's simply fallback on BE for the moment.
Fixes: 6298e948215f2 ("crypto: sunxi-ss - Add Allwinner Security System crypto accelerator")
Cc: <stable@vger.kernel.org>
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
---
.../crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c | 17 +++++++++++------
1 file changed, 11 insertions(+), 6 deletions(-)
diff --git a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c
index c6c25204780d..d66bb9cf657c 100644
--- a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c
+++ b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c
@@ -52,13 +52,13 @@ static int noinline_for_stack sun4i_ss_opti_poll(struct skcipher_request *areq)
spin_lock_irqsave(&ss->slock, flags);
- for (i = 0; i < op->keylen; i += 4)
- writel(*(op->key + i / 4), ss->base + SS_KEY0 + i);
+ for (i = 0; i < op->keylen / 4; i++)
+ writel(cpu_to_le32(op->key[i]), ss->base + SS_KEY0 + i * 4);
if (areq->iv) {
for (i = 0; i < 4 && i < ivsize / 4; i++) {
v = *(u32 *)(areq->iv + i * 4);
- writel(v, ss->base + SS_IV0 + i * 4);
+ writel(cpu_to_le32(v), ss->base + SS_IV0 + i * 4);
}
}
writel(mode, ss->base + SS_CTL);
@@ -213,6 +213,11 @@ static int sun4i_ss_cipher_poll(struct skcipher_request *areq)
if (no_chunk == 1 && !need_fallback)
return sun4i_ss_opti_poll(areq);
+/* The non aligned function does not work on BE. Probably due to buf/bufo handling.*/
+#ifdef CONFIG_CPU_BIG_ENDIAN
+ need_fallback = true;
+#endif
+
if (need_fallback)
return sun4i_ss_cipher_poll_fallback(areq);
@@ -225,13 +230,13 @@ static int sun4i_ss_cipher_poll(struct skcipher_request *areq)
spin_lock_irqsave(&ss->slock, flags);
- for (i = 0; i < op->keylen; i += 4)
- writel(*(op->key + i / 4), ss->base + SS_KEY0 + i);
+ for (i = 0; i < op->keylen / 4; i++)
+ writel(cpu_to_le32(op->key[i]), ss->base + SS_KEY0 + i * 4);
if (areq->iv) {
for (i = 0; i < 4 && i < ivsize / 4; i++) {
v = *(u32 *)(areq->iv + i * 4);
- writel(v, ss->base + SS_IV0 + i * 4);
+ writel(cpu_to_le32(v), ss->base + SS_IV0 + i * 4);
}
}
writel(mode, ss->base + SS_CTL);
--
2.26.2
^ permalink raw reply related [flat|nested] 9+ messages in thread* Re: [PATCH 4/7] crypto: sun4i-ss: handle BigEndian for cipher
2020-09-17 18:35 ` [PATCH 4/7] crypto: sun4i-ss: handle BigEndian for cipher Corentin Labbe
@ 2020-09-18 7:31 ` Herbert Xu
2020-09-18 8:06 ` LABBE Corentin
0 siblings, 1 reply; 9+ messages in thread
From: Herbert Xu @ 2020-09-18 7:31 UTC (permalink / raw)
To: Corentin Labbe
Cc: arnd, davem, mripard, wens, linux-arm-kernel, linux-crypto,
linux-kernel, linux-sunxi, stable
On Thu, Sep 17, 2020 at 06:35:55PM +0000, Corentin Labbe wrote:
> Ciphers produce invalid results on BE.
> Key and IV need to be written in LE.
> Furthermore, the non-optimized function is too complicated to convert,
> let's simply fallback on BE for the moment.
>
> Fixes: 6298e948215f2 ("crypto: sunxi-ss - Add Allwinner Security System crypto accelerator")
> Cc: <stable@vger.kernel.org>
> Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
> ---
> .../crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c | 17 +++++++++++------
> 1 file changed, 11 insertions(+), 6 deletions(-)
Does the BE failure get caught by the selftest?
If so please just leave it enabled so that it can be fixed properly.
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 9+ messages in thread* Re: [PATCH 4/7] crypto: sun4i-ss: handle BigEndian for cipher
2020-09-18 7:31 ` Herbert Xu
@ 2020-09-18 8:06 ` LABBE Corentin
2020-09-18 8:09 ` Herbert Xu
0 siblings, 1 reply; 9+ messages in thread
From: LABBE Corentin @ 2020-09-18 8:06 UTC (permalink / raw)
To: Herbert Xu
Cc: arnd, davem, mripard, wens, linux-arm-kernel, linux-crypto,
linux-kernel, linux-sunxi, stable
On Fri, Sep 18, 2020 at 05:31:28PM +1000, Herbert Xu wrote:
> On Thu, Sep 17, 2020 at 06:35:55PM +0000, Corentin Labbe wrote:
> > Ciphers produce invalid results on BE.
> > Key and IV need to be written in LE.
> > Furthermore, the non-optimized function is too complicated to convert,
> > let's simply fallback on BE for the moment.
> >
> > Fixes: 6298e948215f2 ("crypto: sunxi-ss - Add Allwinner Security System crypto accelerator")
> > Cc: <stable@vger.kernel.org>
> > Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
> > ---
> > .../crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c | 17 +++++++++++------
> > 1 file changed, 11 insertions(+), 6 deletions(-)
>
> Does the BE failure get caught by the selftest?
>
Yes, selftest found it.
> If so please just leave it enabled so that it can be fixed properly.
Not sure to leave it enabled is a good idea.
A least, leaving it failing probably will not annoy any user (according to my readings of #linux-sunxi, nobody use BE).
But I think only me will see it and since I already have this on my TODO list, I dont see any interest to leave it failing.
Furthermore, having a clean BE boot will permit to enable BE boots for thoses SoCs on kernelCI.
Regards
^ permalink raw reply [flat|nested] 9+ messages in thread* Re: [PATCH 4/7] crypto: sun4i-ss: handle BigEndian for cipher
2020-09-18 8:06 ` LABBE Corentin
@ 2020-09-18 8:09 ` Herbert Xu
2020-09-19 19:05 ` LABBE Corentin
0 siblings, 1 reply; 9+ messages in thread
From: Herbert Xu @ 2020-09-18 8:09 UTC (permalink / raw)
To: LABBE Corentin
Cc: arnd, davem, mripard, wens, linux-arm-kernel, linux-crypto,
linux-kernel, linux-sunxi, stable
On Fri, Sep 18, 2020 at 10:06:58AM +0200, LABBE Corentin wrote:
>
> But I think only me will see it and since I already have this on my TODO list, I dont see any interest to leave it failing.
> Furthermore, having a clean BE boot will permit to enable BE boots for thoses SoCs on kernelCI.
I'll happily accept patches that fix the actual bug but not ones
just papering over it.
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 4/7] crypto: sun4i-ss: handle BigEndian for cipher
2020-09-18 8:09 ` Herbert Xu
@ 2020-09-19 19:05 ` LABBE Corentin
0 siblings, 0 replies; 9+ messages in thread
From: LABBE Corentin @ 2020-09-19 19:05 UTC (permalink / raw)
To: Herbert Xu
Cc: arnd, davem, mripard, wens, linux-arm-kernel, linux-crypto,
linux-kernel, linux-sunxi, stable
On Fri, Sep 18, 2020 at 06:09:15PM +1000, Herbert Xu wrote:
> On Fri, Sep 18, 2020 at 10:06:58AM +0200, LABBE Corentin wrote:
> >
> > But I think only me will see it and since I already have this on my TODO list, I dont see any interest to leave it failing.
> > Furthermore, having a clean BE boot will permit to enable BE boots for thoses SoCs on kernelCI.
>
> I'll happily accept patches that fix the actual bug but not ones
> just papering over it.
>
I am sorry, you are right.
Furthermore, while respining to fix it, it seems that the current fix is enough.
I have rerun a clean rebuild and test on A10/A13/A20/A33 with BE and sun4i-ss is working fine.
I will sent a clean v2.
Regards
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 5/7] crypto: sun4i-ss: initialize need_fallback
[not found] <1600367758-28589-1-git-send-email-clabbe@baylibre.com>
` (2 preceding siblings ...)
2020-09-17 18:35 ` [PATCH 4/7] crypto: sun4i-ss: handle BigEndian for cipher Corentin Labbe
@ 2020-09-17 18:35 ` Corentin Labbe
3 siblings, 0 replies; 9+ messages in thread
From: Corentin Labbe @ 2020-09-17 18:35 UTC (permalink / raw)
To: arnd, davem, herbert, mripard, wens
Cc: linux-arm-kernel, linux-crypto, linux-kernel, linux-sunxi,
Corentin Labbe, stable
The need_fallback is never initialized and seem to be always true at runtime.
So all hardware operations are always bypassed.
Fixes: 0ae1f46c55f87 ("crypto: sun4i-ss - fallback when length is not multiple of blocksize")
Cc: <stable@vger.kernel.org>
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
---
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c
index d66bb9cf657c..c21a1a0a8b16 100644
--- a/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c
+++ b/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-cipher.c
@@ -181,7 +181,7 @@ static int sun4i_ss_cipher_poll(struct skcipher_request *areq)
unsigned int obo = 0; /* offset in bufo*/
unsigned int obl = 0; /* length of data in bufo */
unsigned long flags;
- bool need_fallback;
+ bool need_fallback = false;
if (!areq->cryptlen)
return 0;
--
2.26.2
^ permalink raw reply related [flat|nested] 9+ messages in thread