| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250819065844.3337101-1-t-pratham@ti.com>
Date: Tue, 19 Aug 2025 11:42:43 +0530
From: T Pratham <t-pratham@...com>
To: Herbert Xu <herbert@...dor.apana.org.au>,
"David S . Miller"
<davem@...emloft.net>,
Rob Herring <robh@...nel.org>,
Krzysztof Kozlowski
<krzk+dt@...nel.org>,
Conor Dooley <conor+dt@...nel.org>
CC: T Pratham <t-pratham@...com>, <linux-crypto@...r.kernel.org>,
<devicetree@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
Kamlesh
Gurudasani <kamlesh@...com>,
Manorit Chawdhry <m-chawdhry@...com>,
Vignesh
Raghavendra <vigneshr@...com>,
Praneeth Bajjuri <praneeth@...com>, Vishal
Mahaveer <vishalm@...com>,
Kavitha Malarvizhi <k-malarvizhi@...com>
Subject: [PATCH v6 0/2] Add support for Texas Instruments DTHEv2 Crypto Engine
Data Transform and Hashing Engine (DTHE) v2 is a new cryptography engine
introduced i TI AM62L SoC. DTHEv2 consists of multiple crypto IPs[1] (such
as AES Engine, hashing engine, TRNG, etc.) which can be used for
offloading cryptographic operations off of the CPU. The primary benefit
of DTHEv2 is enhanced side-channel attack resistance, with AES and PKE
engine being DPA and EMA resistant. These side-channel resistances are
the underlying requirement for various certifications like SESIP, PSA,
and IEC62443 (lvl 3+). Thus, DTHEv2 provides critical security benefits
for embedded systems that require protection against passive physical
attacks.
The AES Engine of DTHEv2 supports multiple AES modes (ECB, CBC, CTR,
CFB, f8), several protocols (GCM, CCM, XTS) and authentication modes
(CBC-MAC and f9). The hashing engine supports MD5, SHA1, and SHA2 (224,
256, 384, 512) algorithms along with HMAC. This patch series introduces
basic driver support for DTHEv2 engine, beginning with suporting AES-ECB
and AES-CBC algorithms. Other algorithms are planned to be added
gradually in phases after initial suppport is added.
The driver is tested using full kernel crypto selftests (CRYPTO_SELFTESTS)
which all pass successfully [2].
Signed-off-by: T Pratham <t-pratham@...com>
---
[1]: Section 14.6.3 (DMA Control Registers -> DMASS_DTHE)
Link: https://www.ti.com/lit/ug/sprujb4/sprujb4.pdf
[2]: DTHEv2 AES-ECB and AES-CBC kernel self-tests logs
Link: https://gist.github.com/Pratham-T/aaa499cf50d20310cb27266a645bfd60
Change log:
v6:
- Reworded the cover letter and commit messages to name DTHEv2 as a
crypto engine instead of crypto accelerator.
- Reworded the cover letter completely to emphasise more on the utility
of DTHEv2 as better resistance against physical attacks
- Reworded DTHEv2 description (help text) in KConfig
- Added dma_terminate_sync calls to ensure DMA requests are removed in
case when completion times-out.
- Some rearrangement of fields between dthe_tfm_ctx and dthe_aes_req_ctx
struct, so that per tfm members are correctly placed in tfm_ctx and per
request members are in req_ctx. Subsequently setkey, encrypt and
decrypt functions are also changed.
- Removed exit_tfm function which was useless and not required.
- Removed unnecessary zeroing of tfm_ctx object in init_tfm.
- Corrected return value in dthe_aes_run function.
- Reduced cra_priority of DTHEv2 algorithms.
v5:
- Simplified tfm ctx struct
- Set cra_reqsize instead of using crypto_skcipher_set_reqsize()
- Move setting sysconfig and irqenable registers to dthe_aes_run
v4:
- Corrected dt-bindings example indentation
- Simplified dt-bindings example, removing the node surrounding crypto
- Fixed typo in dthev2-common.h header guard
- Removed unused ctx field in dev_data struct
- Moved per-op data into request context
v3:
- Corrected dt-bindings reg length is too long error
- Converted AES driver code to use crypto_engine APIs for using
internal crypto queue instead of mutex.
- Removed calls to skcipher_request_complete in paths not returning
-EINPROGRESS before.
- Added missing KConfig import, which was accidentally removed in v2.
v2:
- Corrected dt-bindings syntax errors and other review comments in v1.
- Completely changed driver code structure, splitting code into
multiple files
Link to previous versions:
v5: https://lore.kernel.org/all/20250603124217.957116-1-t-pratham@ti.com/
v4: https://lore.kernel.org/all/20250508101723.846210-2-t-pratham@ti.com/
v3: https://lore.kernel.org/all/20250502121253.456974-2-t-pratham@ti.com/
v2: https://lore.kernel.org/all/20250411091321.2925308-1-t-pratham@ti.com/
v1: https://lore.kernel.org/all/20250206-dthe-v2-aes-v1-0-1e86cf683928@ti.com/
---
T Pratham (2):
dt-bindings: crypto: Add binding for TI DTHE V2
crypto: ti: Add driver for DTHE V2 AES Engine (ECB, CBC)
.../bindings/crypto/ti,am62l-dthev2.yaml | 50 +++
MAINTAINERS | 7 +
drivers/crypto/Kconfig | 1 +
drivers/crypto/Makefile | 1 +
drivers/crypto/ti/Kconfig | 14 +
drivers/crypto/ti/Makefile | 3 +
drivers/crypto/ti/dthev2-aes.c | 411 ++++++++++++++++++
drivers/crypto/ti/dthev2-common.c | 220 ++++++++++
drivers/crypto/ti/dthev2-common.h | 101 +++++
9 files changed, 808 insertions(+)
create mode 100644 Documentation/devicetree/bindings/crypto/ti,am62l-dthev2.yaml
create mode 100644 drivers/crypto/ti/Kconfig
create mode 100644 drivers/crypto/ti/Makefile
create mode 100644 drivers/crypto/ti/dthev2-aes.c
create mode 100644 drivers/crypto/ti/dthev2-common.c
create mode 100644 drivers/crypto/ti/dthev2-common.h
--
2.43.0
Powered by blists - more mailing lists