[PATCH 00/13] uadk: sync some bugfix and cleancode

List overview All Threads
Download

newer

older

2024/12/25 AccLIb SIG 双周例会 11:00 -...

[PATCH v3 00/10] uadk_prov: add...

Qi Tao

24 Dec 2024 24 Dec '24

3:12 p.m.

*** BLURB HERE ***

Chenghai Huang (1): uadk - fix the log frequency limit function

Qi Tao (2): uadk: add compilation options uadk_tool: fix error in saving the aead dst data

Wenkai Lin (7): uadk: fix for set hashagg session state uadk/v1: support the hmac(sm3)-cbc(sm4) algorithm uadk: fix for the algorithm name of the aead cbc mode uadk/v1: Add stream mode for AES-GCM and SM4-GCM uadk/v1: add assoc bytes check uadk/v1: set aead msg state for the hardware v2 uadk/v1: fix input length check for aead stream mode.

Zhiqi Song (3): uadk/hpre: modify privkey transform method of ecc v1/hpre: modify privkey transform method of ecc uadk/v1: cleanup key format transform function

-- 2.33.0

Show replies by date

Qi Tao

24 Dec 24 Dec

3:12 p.m.

New subject: [PATCH 01/13] uadk - fix the log frequency limit function

From: Chenghai Huang huangchenghai2@huawei.com

The log frequency limit function iuses the alarm function. If users use the alarm function, the log frequency limiting function may be affected. Therefore, the log frequency limiting function is changed to timer_settime.

Fixes: 4b6009c60311 ("uadk - reduce the print rating of specific logs") Signed-off-by: Chenghai Huang huangchenghai2@huawei.com --- Makefile.am | 2 +- v1/drv/hisi_zip_udrv.c | 26 +++++++++++++++++--------- 2 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/Makefile.am b/Makefile.am index d671d09d..5717af3d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -144,7 +144,7 @@ UADK_COMP_SYMBOL= -Wl,--version-script,$(top_srcdir)/libwd_comp.map UADK_V1_SYMBOL= -Wl,--version-script,$(top_srcdir)/v1/libwd.map

libwd_la_LDFLAGS=$(UADK_VERSION) $(UADK_WD_SYMBOL) $(UADK_V1_SYMBOL) -libwd_la_LIBADD= -ldl -lnuma +libwd_la_LIBADD= -ldl -lnuma -lrt

libwd_comp_la_LIBADD= -lwd -ldl -lnuma libwd_comp_la_LDFLAGS=$(UADK_VERSION) $(UADK_COMP_SYMBOL) -lpthread diff --git a/v1/drv/hisi_zip_udrv.c b/v1/drv/hisi_zip_udrv.c index 8497ebc5..fba6eca7 100644 --- a/v1/drv/hisi_zip_udrv.c +++ b/v1/drv/hisi_zip_udrv.c @@ -28,6 +28,7 @@ #include <sys/eventfd.h> #include <sys/wait.h> #include <sys/types.h> +#include <time.h> #include "v1/wd_util.h" #include "v1/wd_comp.h" #include "v1/wd_cipher.h" @@ -100,21 +101,27 @@ struct zip_fill_sqe_ops { void (*fill_sqe_hw_info)(void *ssqe, struct wcrypto_comp_msg *msg); };

-static unsigned int g_err_print_enable = 1; +static timer_t g_timerid; +static sig_atomic_t g_err_print_enable = 1;

-static void zip_err_print_alarm_end(int sig) +static void zip_err_print_alarm_end(union sigval sv) { - if (sig == SIGALRM) { - g_err_print_enable = 1; - alarm(0); - } + timer_delete(g_timerid); + g_err_print_enable = 1; }

static void zip_err_print_time_start(void) { - g_err_print_enable = 0; - signal(SIGALRM, zip_err_print_alarm_end); - alarm(PRINT_TIME_INTERVAL); + struct itimerspec its = {0}; + struct sigevent sev = {0}; + + sev.sigev_notify = SIGEV_THREAD; + sev.sigev_notify_function = zip_err_print_alarm_end; + sev.sigev_value.sival_ptr = &g_timerid; + timer_create(CLOCK_REALTIME, &sev, &g_timerid); + + its.it_value.tv_sec = PRINT_TIME_INTERVAL; + timer_settime(g_timerid, 0, &its, NULL); }

static void zip_err_bd_print(__u16 ctx_st, __u32 status, __u32 type) @@ -123,6 +130,7 @@ static void zip_err_bd_print(__u16 ctx_st, __u32 status, __u32 type) WD_ERR("bad status(ctx_st=0x%x, s=0x%x, t=%u)\n", ctx_st, status, type); } else if (g_err_print_enable == 1) { + g_err_print_enable = 0; WD_ERR("bad status(ctx_st=0x%x, s=0x%x, t=%u)\n", ctx_st, status, type); zip_err_print_time_start();

-- 2.33.0

Qi Tao

3:12 p.m.

New subject: [PATCH 02/13] uadk: fix for set hashagg session state

From: Wenkai Lin linwenkai6@hisilicon.com

When the weak parameter of __atomic_compare_exchange_n is set to true, the session state may fails to be set, so we used the strong variation here, also, we set the success_memmodel parameter to acquire to enhance stability.

On the other hand, we need to check the session state after the exchange and return an error directly if it is not required by the input or output task.

Signed-off-by: Wenkai Lin linwenkai6@hisilicon.com --- wd_agg.c | 31 +++++++++++++++---------------- 1 file changed, 15 insertions(+), 16 deletions(-)

diff --git a/wd_agg.c b/wd_agg.c index b536efe5..c4f0da68 100644 --- a/wd_agg.c +++ b/wd_agg.c @@ -495,7 +495,7 @@ static int wd_agg_check_sess_state(struct wd_agg_sess *sess, enum wd_agg_sess_st }

ret = __atomic_compare_exchange_n(&sess->state, expected, next, - true, __ATOMIC_RELAXED, __ATOMIC_RELAXED); + false, __ATOMIC_ACQUIRE, __ATOMIC_RELAXED); if (!ret) { WD_ERR("invalid: agg sess state is %d!\n", *expected); return -WD_EINVAL; @@ -1107,14 +1107,13 @@ static int wd_agg_sync_job(struct wd_agg_sess *sess, struct wd_agg_req *req,

static int wd_agg_input_try_init(struct wd_agg_sess *sess, enum wd_agg_sess_state *expected) { + enum wd_agg_sess_state state; + (void)__atomic_compare_exchange_n(&sess->state, expected, WD_AGG_SESS_INPUT, - true, __ATOMIC_RELAXED, __ATOMIC_RELAXED); - switch (*expected) { - case WD_AGG_SESS_INIT: - case WD_AGG_SESS_INPUT: - break; - default: - WD_ERR("invalid: agg input sess state is %d!\n", *expected); + false, __ATOMIC_ACQUIRE, __ATOMIC_RELAXED); + state = __atomic_load_n(&sess->state, __ATOMIC_RELAXED); + if (unlikely(state != WD_AGG_SESS_INPUT)) { + WD_ERR("failed to set agg input sess state: %d!\n", state); return -WD_EINVAL; }

@@ -1246,16 +1245,16 @@ int wd_agg_add_input_async(handle_t h_sess, struct wd_agg_req *req)

static int wd_agg_output_try_init(struct wd_agg_sess *sess, enum wd_agg_sess_state *expected) { + enum wd_agg_sess_state state; + (void)__atomic_compare_exchange_n(&sess->state, expected, WD_AGG_SESS_OUTPUT, - true, __ATOMIC_RELAXED, __ATOMIC_RELAXED); - switch (*expected) { - case WD_AGG_SESS_OUTPUT: - case WD_AGG_SESS_INPUT: - break; - default: - WD_ERR("invalid: agg output sess state is %d!\n", *expected); + false, __ATOMIC_ACQUIRE, __ATOMIC_RELAXED); + state = __atomic_load_n(&sess->state, __ATOMIC_RELAXED); + if (unlikely(state != WD_AGG_SESS_OUTPUT)) { + WD_ERR("failed to set agg output sess state: %d!\n", state); return -WD_EINVAL; } + return WD_SUCCESS; }

@@ -1458,7 +1457,7 @@ static int wd_agg_rehash_try_init(struct wd_agg_sess *sess, enum wd_agg_sess_sta int ret;

ret = __atomic_compare_exchange_n(&sess->state, expected, WD_AGG_SESS_REHASH, - true, __ATOMIC_RELAXED, __ATOMIC_RELAXED); + false, __ATOMIC_ACQUIRE, __ATOMIC_RELAXED); if (!ret) { WD_ERR("invalid: agg rehash sess state is %d!\n", *expected); return -WD_EINVAL;

-- 2.33.0

Qi Tao

3:12 p.m.

New subject: [PATCH 03/13] uadk: fix compilation warnings

1. Switch missing default case [-Wswitch-default]; 2. Initialization discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]; 3. The format specifier does not match the actual argument type [-Wformat=].

diff --git a/drv/hash_mb/hash_mb.c b/drv/hash_mb/hash_mb.c index 9ad36b81..f0f27b59 100644 --- a/drv/hash_mb/hash_mb.c +++ b/drv/hash_mb/hash_mb.c @@ -427,6 +427,8 @@ static int hash_do_partial(struct hash_mb_poll_queue *poll_queue, total_len += HASH_BLOCK_SIZE; hash_signle_block_process(d_msg, job, total_len); break; + default: + break; }

return ret; @@ -481,6 +483,8 @@ static void hash_mb_init_iv(struct hash_mb_poll_queue *poll_queue, memcpy(job->result_digest, poll_queue->ops->iv_data, poll_queue->ops->iv_bytes); poll_queue->ops->asimd_x1(job, 1); break; + default: + break; } }

diff --git a/drv/hisi_comp.c b/drv/hisi_comp.c index 07d87548..71e859f5 100644 --- a/drv/hisi_comp.c +++ b/drv/hisi_comp.c @@ -194,7 +194,7 @@ struct hisi_zip_ctx { static void dump_zip_msg(struct wd_comp_msg *msg) { WD_ERR("dump zip message after a task error occurs.\n"); - WD_ERR("avali_out:%u in_cons:%u produced:%u data_fmt:%d.\n", + WD_ERR("avali_out:%u in_cons:%u produced:%u data_fmt:%u.\n", msg->avail_out, msg->in_cons, msg->produced, msg->data_fmt); }

@@ -653,7 +653,7 @@ static int fill_comp_level_lz77_zstd(struct hisi_zip_sqe *sqe, enum wd_comp_leve sqe->dw9 = val; break; default: - WD_ERR("invalid: comp_lv(%d) is unsupport!\n", comp_lv); + WD_ERR("invalid: comp_lv(%u) is unsupport!\n", comp_lv); return -WD_EINVAL; }

@@ -870,7 +870,7 @@ static int fill_zip_comp_sqe(struct hisi_qp *qp, struct wd_comp_msg *msg,

if (unlikely((hw_type <= HISI_QM_API_VER2_BASE && alg_type > WD_GZIP) || (hw_type >= HISI_QM_API_VER3_BASE && alg_type >= WD_COMP_ALG_MAX))) { - WD_ERR("invalid: algorithm type is %d!\n", alg_type); + WD_ERR("invalid: algorithm type is %u!\n", alg_type); return -WD_EINVAL; }

diff --git a/drv/hisi_dae.c b/drv/hisi_dae.c index 864d21ba..b9f6ee07 100644 --- a/drv/hisi_dae.c +++ b/drv/hisi_dae.c @@ -303,6 +303,8 @@ static void fill_hashagg_task_type(struct wd_agg_msg *msg, struct dae_sqe *sqe) case WD_AGG_REHASH_OUTPUT: sqe->task_type_ext = DAE_HASHAGG_OUTPUT; break; + default: + break; } }

@@ -352,6 +354,8 @@ static void fill_hashagg_table_data(struct dae_sqe *sqe, struct dae_addr_list *a hw_table = &addr_list->src_table; table_data = &agg_ctx->rehash_table; break; + default: + break; }

sqe->table_row_size = agg_ctx->row_size; @@ -473,6 +477,8 @@ static void fill_hashagg_input_data(struct dae_sqe *sqe, struct dae_ext_sqe *ext agg_col_num = cols_data->output_num; fill_hashagg_normal_info(sqe, ext_sqe, cols_data, cols_data->input_num); break; + default: + break; }

for (i = 0; i < agg_col_num; i++) { @@ -640,7 +646,7 @@ static void fill_hashagg_msg_task_err(struct dae_sqe *sqe, struct wd_agg_msg *ms break; default: WD_ERR("failed to do hashagg task! done_flag=0x%x, etype=0x%x, ext_type = 0x%x!\n", - sqe->done_flag, sqe->err_type, sqe->ext_err_type); + (__u32)sqe->done_flag, (__u32)sqe->err_type, (__u32)sqe->ext_err_type); msg->result = WD_AGG_PARSE_ERROR; break; } @@ -751,7 +757,7 @@ static int agg_get_output_num(enum wd_dae_data_type type, (*size16)++; break; default: - WD_ERR("invalid: output data type %d not support!\n", type); + WD_ERR("invalid: output data type %u not support!\n", type); return -WD_EINVAL; }

@@ -808,7 +814,7 @@ static int hashagg_init_param_check(struct wd_agg_sess_setup *setup) }

if (setup->is_count_all && setup->count_all_data_type != WD_DAE_LONG) { - WD_ERR("invalid: count all output data type %d error, only support long!\n", + WD_ERR("invalid: count all output data type %u error, only support long!\n", setup->count_all_data_type); return -WD_EINVAL; } @@ -834,6 +840,8 @@ static __u32 hashagg_get_data_type_size(enum dae_data_type type, __u16 data_info return ALIGN(data_info, DAE_CHAR_ALIGN_SIZE); case DAE_VCHAR: return data_info; + default: + break; }

return 0; @@ -873,7 +881,7 @@ static int transfer_key_col_info(struct wd_key_col_info *key_cols, key_data[i].hw_type = DAE_SINT32; break; default: - WD_ERR("invalid: unsupport key col %u data type %d!\n", + WD_ERR("invalid: unsupport key col %u data type %u!\n", i, key_cols[i].input_data_type); return -WD_EINVAL; } @@ -948,7 +956,7 @@ static int hashagg_check_sum_info(struct wd_agg_col_info *agg_col, switch (agg_col->input_data_type) { case WD_DAE_LONG: if (agg_col->output_data_types[index] != WD_DAE_LONG) { - WD_ERR("invalid: long type do sum output data type %d error!\n", + WD_ERR("invalid: long type do sum output data type %u error!\n", agg_col->output_data_types[index]); return -WD_EINVAL; } @@ -971,7 +979,7 @@ static int hashagg_check_sum_info(struct wd_agg_col_info *agg_col, user_input_data->sum_outtype = DECIMAL64_TO_DECIMAL128; user_output_data->hw_type = DAE_DECIMAL128; } else { - WD_ERR("invalid: short decimal do sum output data type %d error!\n", + WD_ERR("invalid: short decimal do sum output data type %u error!\n", agg_col->output_data_types[index]); return -WD_EINVAL; } @@ -979,7 +987,7 @@ static int hashagg_check_sum_info(struct wd_agg_col_info *agg_col, break; case WD_DAE_LONG_DECIMAL: if (agg_col->output_data_types[index] != WD_DAE_LONG_DECIMAL) { - WD_ERR("invalid: long decimal do sum output data type %d error!\n", + WD_ERR("invalid: long decimal do sum output data type %u error!\n", agg_col->output_data_types[index]); return -WD_EINVAL; } @@ -990,7 +998,7 @@ static int hashagg_check_sum_info(struct wd_agg_col_info *agg_col, user_output_data->hw_type = DAE_DECIMAL128; break; default: - WD_ERR("invalid: device not support col data type %d do sum!\n", + WD_ERR("invalid: device not support col data type %u do sum!\n", agg_col->input_data_type); return -WD_EINVAL; } @@ -1002,12 +1010,12 @@ static int hashagg_check_count_info(enum wd_dae_data_type input_type, enum wd_dae_data_type output_type) { if (input_type > WD_DAE_VARCHAR) { - WD_ERR("invalid: device not support agg col data type %d do count!\n", input_type); + WD_ERR("invalid: device not support agg col data type %u do count!\n", input_type); return -WD_EINVAL; }

if (output_type != WD_DAE_LONG) { - WD_ERR("invalid: input data type %d do count output data type %d error!\n", + WD_ERR("invalid: input data type %u do count output data type %u error!\n", input_type, output_type); return -WD_EINVAL; } @@ -1039,7 +1047,7 @@ static int hashagg_check_input_data(struct wd_agg_col_info *agg_col, user_output_data->optype = DAE_COUNT; break; default: - WD_ERR("invalid: device not support alg %d!\n", agg_col->output_col_algs[index]); + WD_ERR("invalid: device not support alg %u!\n", agg_col->output_col_algs[index]); return -WD_EINVAL; } user_output_data->data_info = agg_col->col_data_info; @@ -1487,7 +1495,7 @@ static int dae_std_table_init(struct hash_table_data *hw_table, return -WD_EINVAL; }

- hw_table->table_width = log2(row_num); + hw_table->table_width = (__u32)log2(row_num); if (hw_table->table_width < HASH_TABLE_MIN_WIDTH || hw_table->table_width > HASH_TABLE_MAX_WIDTH) { WD_ERR("invalid: standard table width %u is out of device support range %d~%d!\n", @@ -1495,7 +1503,7 @@ static int dae_std_table_init(struct hash_table_data *hw_table, return -WD_EINVAL; }

- row_num = pow(HASH_TABLE_WITDH_POWER, hw_table->table_width); + row_num = (__u64)pow(HASH_TABLE_WITDH_POWER, hw_table->table_width); hw_table->std_table_size = row_num * row_size; memset(hw_table->std_table, 0, hw_table->std_table_size);

diff --git a/drv/hisi_hpre.c b/drv/hisi_hpre.c index 313cdcc8..637c3bf5 100644 --- a/drv/hisi_hpre.c +++ b/drv/hisi_hpre.c @@ -646,10 +646,10 @@ static void hpre_result_check(struct hisi_hpre_sqe *hw_msg, if (hw_msg->done != HPRE_HW_TASK_DONE || hw_msg->etype || hw_msg->etype1) { WD_ERR("failed to do hpre task! done=0x%x, etype=0x%x, etype1=0x%x!\n", - hw_msg->done, hw_msg->etype, hw_msg->etype1); + (__u32)hw_msg->done, (__u32)hw_msg->etype, (__u32)hw_msg->etype1); if (hw_msg->etype1 & HPRE_HW_SVA_ERROR) WD_ERR("failed to SVA prefetch: status=%u!\n", - hw_msg->sva_status); + (__u32)hw_msg->sva_status); if (hw_msg->done == HPRE_HW_TASK_INIT) *result = WD_EINVAL; else @@ -2032,7 +2032,7 @@ static int ecc_out_transfer(struct wd_ecc_msg *msg, hw_msg->alg == HPRE_ALG_X_DH_MULTIPLY) ret = ecdh_out_transfer(msg, hw_msg); else - WD_ERR("invalid: algorithm type %u is error!\n", hw_msg->alg); + WD_ERR("invalid: algorithm type %u is error!\n", (__u32)hw_msg->alg);

return ret; } diff --git a/drv/hisi_sec.c b/drv/hisi_sec.c index 10db124b..9ad2eb2b 100644 --- a/drv/hisi_sec.c +++ b/drv/hisi_sec.c @@ -2518,7 +2518,7 @@ static int fill_aead_bd2(struct wd_aead_msg *msg, struct hisi_sec_sqe *sqe) return 0; }

-int aead_msg_state_check(struct wd_aead_msg *msg) +static int aead_msg_state_check(struct wd_aead_msg *msg) { if (msg->cmode == WD_CIPHER_GCM) { if (unlikely(msg->msg_state >= AEAD_MSG_INVALID)) { diff --git a/include/wd_rsa.h b/include/wd_rsa.h index 733d0b74..2f4e589e 100644 --- a/include/wd_rsa.h +++ b/include/wd_rsa.h @@ -161,8 +161,6 @@ handle_t wd_rsa_alloc_sess(struct wd_rsa_sess_setup *setup); */ void wd_rsa_free_sess(handle_t sess);

-int wd_do_rsa_async(handle_t sess, struct wd_rsa_req *req); - int wd_rsa_poll(__u32 expt, __u32 *count);

/** diff --git a/include/wd_util.h b/include/wd_util.h index dc1e41fa..1040f19b 100644 --- a/include/wd_util.h +++ b/include/wd_util.h @@ -98,12 +98,12 @@ struct wd_env_config {

struct wd_config_variable { const char *name; - char *def_val; + const char *def_val; int (*parse_fn)(struct wd_env_config *, const char *); };

struct wd_alg_ops { - char *alg_name; + const char *alg_name; __u8 op_type_num; int (*alg_init)(struct wd_ctx_config *, struct wd_sched *); void (*alg_uninit)(void); @@ -124,7 +124,7 @@ struct wd_msg_handle {

struct wd_init_attrs { __u32 sched_type; - char *alg; + const char *alg; struct wd_alg_driver *driver; struct wd_sched *sched; struct wd_ctx_params *ctx_params; @@ -476,7 +476,7 @@ void wd_alg_attrs_uninit(struct wd_init_attrs *attrs); * * Return device driver if succeed and other NULL if fail. */ -struct wd_alg_driver *wd_alg_drv_bind(int task_type, char *alg_name); +struct wd_alg_driver *wd_alg_drv_bind(int task_type, const char *alg_name); void wd_alg_drv_unbind(struct wd_alg_driver *drv);

/** @@ -506,7 +506,7 @@ void wd_dlclose_drv(void *dlh_list); * @lib_path: the found dynamic library file path. * @is_dir: Specify whether to query the file dir or the file path. */ -int wd_get_lib_file_path(char *lib_file, char *lib_path, bool is_dir); +int wd_get_lib_file_path(const char *lib_file, char *lib_path, bool is_dir);

/** * wd_dfx_msg_cnt() - Message counter interface for ctx diff --git a/v1/drv/hisi_hpre_udrv.c b/v1/drv/hisi_hpre_udrv.c index 05518abc..9a1c5ee6 100644 --- a/v1/drv/hisi_hpre_udrv.c +++ b/v1/drv/hisi_hpre_udrv.c @@ -533,7 +533,7 @@ int qm_parse_rsa_sqe(void *msg, const struct qm_queue_info *info, kbytes = rsa_msg->key_bytes; if (hw_msg->done != HPRE_HW_TASK_DONE || hw_msg->etype) { WD_ERR("HPRE do %s fail!done=0x%x, etype=0x%x\n", "rsa", - hw_msg->done, hw_msg->etype); + (__u32)hw_msg->done, (__u32)hw_msg->etype); if (hw_msg->done == HPRE_HW_TASK_INIT) { rsa_msg->result = WD_EINVAL; } else { /* Need to identify which hw err happened */ @@ -740,7 +740,7 @@ int qm_parse_dh_sqe(void *msg, const struct qm_queue_info *info, return 0; if (hw_msg->done != HPRE_HW_TASK_DONE || hw_msg->etype) { WD_ERR("HPRE do %s fail!done=0x%x, etype=0x%x\n", "dh", - hw_msg->done, hw_msg->etype); + (__u32)hw_msg->done, (__u32)hw_msg->etype); if (hw_msg->done == HPRE_HW_TASK_INIT) { dh_msg->result = WD_EINVAL; ret = -WD_EINVAL; @@ -1639,7 +1639,7 @@ static int qm_ecc_out_transfer(struct wcrypto_ecc_msg *msg, else if (hw_msg->alg == HPRE_ALG_SM2_KEY_GEN) ret = sm2_kg_out_transfer(msg, hw_msg); else - WD_ERR("ecc out trans fail alg %u error!\n", hw_msg->alg); + WD_ERR("ecc out trans fail alg %u error!\n", (__u32)hw_msg->alg);

return ret; } @@ -2032,7 +2032,7 @@ static int qm_parse_ecc_sqe_general(void *msg, const struct qm_queue_info *info, if (hw_msg->done != HPRE_HW_TASK_DONE || hw_msg->etype || hw_msg->etype1) { WD_ERR("HPRE do ecc fail!done=0x%x, etype=0x%x, etype1=0x%x\n", - hw_msg->done, hw_msg->etype, hw_msg->etype1); + (__u32)hw_msg->done, (__u32)hw_msg->etype, (__u32)hw_msg->etype1);

if (hw_msg->done == HPRE_HW_TASK_INIT) ecc_msg->result = WD_EINVAL; diff --git a/v1/drv/hisi_qm_udrv.c b/v1/drv/hisi_qm_udrv.c index 1d4f1d87..c711a497 100644 --- a/v1/drv/hisi_qm_udrv.c +++ b/v1/drv/hisi_qm_udrv.c @@ -41,7 +41,7 @@ * a sge size: 1B ~ 8M; * data in little-endian in sgl; */ -int qm_hw_sgl_info(struct hw_sgl_info *sgl_info) +static int qm_hw_sgl_info(struct hw_sgl_info *sgl_info) { sgl_info->sge_sz = sizeof(struct hisi_sge); sgl_info->sge_align_sz = HISI_SGL_SGE_ALIGN_SZ; @@ -75,7 +75,7 @@ static int qm_hw_sgl_sge_init(struct wd_sgl *sgl, struct hisi_sgl *hisi_sgl, }

/* 'num' starts from 1 */ -void qm_hw_sgl_sge_uninit(struct wd_sgl *sgl, struct hisi_sgl *hisi_sgl, +static void qm_hw_sgl_sge_uninit(struct wd_sgl *sgl, struct hisi_sgl *hisi_sgl, int num, struct wd_mm_br *br, __u32 buf_sz) { void *buf; @@ -88,7 +88,7 @@ void qm_hw_sgl_sge_uninit(struct wd_sgl *sgl, struct hisi_sgl *hisi_sgl, buf, buf_sz); }

-int qm_hw_sgl_init(void *pool, struct wd_sgl *sgl) +static int qm_hw_sgl_init(void *pool, struct wd_sgl *sgl) { int buf_num = wd_get_sgl_buf_num(sgl); int sge_num = wd_get_sgl_sge_num(sgl); @@ -148,7 +148,7 @@ sgl_sge_init_err: return ret; }

-void qm_hw_sgl_uninit(void *pool, struct wd_sgl *sgl) +static void qm_hw_sgl_uninit(void *pool, struct wd_sgl *sgl) { struct hisi_sgl *hisi_sgl = drv_get_sgl_pri(sgl); int buf_num = wd_get_sgl_buf_num(sgl); @@ -181,7 +181,7 @@ void qm_hw_sgl_uninit(void *pool, struct wd_sgl *sgl) br->free(br->usr, hisi_sgl); }

-int qm_hw_sgl_merge(void *pool, struct wd_sgl *dst_sgl, struct wd_sgl *src_sgl) +static int qm_hw_sgl_merge(void *pool, struct wd_sgl *dst_sgl, struct wd_sgl *src_sgl) { struct hisi_sgl *d = drv_get_sgl_pri(dst_sgl); struct hisi_sgl *s = drv_get_sgl_pri(src_sgl); @@ -201,7 +201,7 @@ int qm_hw_sgl_merge(void *pool, struct wd_sgl *dst_sgl, struct wd_sgl *src_sgl) return WD_SUCCESS; }

-int qm_db_v1(struct qm_queue_info *q, __u8 cmd, +static int qm_db_v1(struct qm_queue_info *q, __u8 cmd, __u16 idx, __u8 priority) { void *base = q->doorbell_base; diff --git a/v1/drv/hisi_sec_udrv.c b/v1/drv/hisi_sec_udrv.c index 2c7ca201..a4ca0d47 100644 --- a/v1/drv/hisi_sec_udrv.c +++ b/v1/drv/hisi_sec_udrv.c @@ -1797,7 +1797,7 @@ static void parse_cipher_bd1(struct wd_queue *q, struct hisi_sec_sqe *sqe,

if (sqe->type1.done != SEC_HW_TASK_DONE || sqe->type1.error_type) { WD_ERR("SEC BD1 %s fail!done=0x%x, etype=0x%x\n", "cipher", - sqe->type1.done, sqe->type1.error_type); + (__u32)sqe->type1.done, (__u32)sqe->type1.error_type); cipher_msg->result = WD_IN_EPARA; } else { if (sqe->type1.dif_check == DIF_VERIFY_FAIL) @@ -1868,7 +1868,7 @@ static void parse_cipher_bd2(struct wd_queue *q, struct hisi_sec_sqe *sqe,

if (sqe->type2.done != SEC_HW_TASK_DONE || sqe->type2.error_type) { WD_ERR("SEC BD2 %s fail!done=0x%x, etype=0x%x\n", "cipher", - sqe->type2.done, sqe->type2.error_type); + (__u32)sqe->type2.done, (__u32)sqe->type2.error_type); cipher_msg->result = WD_IN_EPARA; } else cipher_msg->result = WD_SUCCESS; @@ -1908,7 +1908,7 @@ static void parse_cipher_bd3(struct wd_queue *q, struct hisi_sec_bd3_sqe *sqe,

if (sqe->done != SEC_HW_TASK_DONE || sqe->error_type) { WD_ERR("Fail to parse SEC BD3 %s, done=0x%x, etype=0x%x\n", "cipher", - sqe->done, sqe->error_type); + (__u32)sqe->done, (__u32)sqe->error_type); cipher_msg->result = WD_IN_EPARA; } else { cipher_msg->result = WD_SUCCESS; @@ -2021,7 +2021,7 @@ static void parse_digest_bd1(struct wd_queue *q, struct hisi_sec_sqe *sqe, if (sqe->type1.done != SEC_HW_TASK_DONE || sqe->type1.error_type) { WD_ERR("SEC BD1 %s fail!done=0x%x, etype=0x%x\n", "digest", - sqe->type1.done, sqe->type1.error_type); + (__u32)sqe->type1.done, (__u32)sqe->type1.error_type); digest_msg->result = WD_IN_EPARA; } else { if (sqe->type1.dif_check == DIF_VERIFY_FAIL) @@ -2047,7 +2047,7 @@ static void parse_digest_bd2(struct wd_queue *q, struct hisi_sec_sqe *sqe, if (sqe->type2.done != SEC_HW_TASK_DONE || sqe->type2.error_type) { WD_ERR("SEC BD2 %s fail!done=0x%x, etype=0x%x\n", "digest", - sqe->type2.done, sqe->type2.error_type); + (__u32)sqe->type2.done, (__u32)sqe->type2.error_type); digest_msg->result = WD_IN_EPARA; } else digest_msg->result = WD_SUCCESS; @@ -2574,7 +2574,7 @@ static void parse_aead_bd3(struct wd_queue *q, struct hisi_sec_bd3_sqe *sqe3, if (sqe3->done != SEC_HW_TASK_DONE || sqe3->error_type || sqe3->icv == SEC_HW_ICV_ERR) { WD_ERR("SEC BD3 aead fail! done=0x%x, etype=0x%x, icv=0x%x\n", - sqe3->done, sqe3->error_type, sqe3->icv); + (__u32)sqe3->done, (__u32)sqe3->error_type, (__u32)sqe3->icv); msg->result = WD_IN_EPARA; } else { msg->result = WD_SUCCESS; @@ -2658,7 +2658,7 @@ static void parse_digest_bd3(struct wd_queue *q, struct hisi_sec_bd3_sqe *sqe,

if (sqe->done != SEC_HW_TASK_DONE || sqe->error_type) { WD_ERR("SEC BD3 %s fail!done=0x%x, etype=0x%x\n", "digest", - sqe->done, sqe->error_type); + (__u32)sqe->done, (__u32)sqe->error_type); digest_msg->result = WD_IN_EPARA; } else { digest_msg->result = WD_SUCCESS; @@ -3163,7 +3163,7 @@ static void parse_aead_bd2(struct wd_queue *q, struct hisi_sec_sqe *sqe, if (sqe->type2.done != SEC_HW_TASK_DONE || sqe->type2.error_type || sqe->type2.icv == SEC_HW_ICV_ERR) { WD_ERR("SEC BD2 aead fail! done=0x%x, etype=0x%x, icv=0x%x\n", - sqe->type2.done, sqe->type2.error_type, sqe->type2.icv); + (__u32)sqe->type2.done, (__u32)sqe->type2.error_type, (__u32)sqe->type2.icv); msg->result = WD_IN_EPARA; } else { msg->result = WD_SUCCESS; diff --git a/v1/test/hisi_sec_test/test_hisi_sec.c b/v1/test/hisi_sec_test/test_hisi_sec.c index 7d943323..3c389737 100644 --- a/v1/test/hisi_sec_test/test_hisi_sec.c +++ b/v1/test/hisi_sec_test/test_hisi_sec.c @@ -163,7 +163,7 @@ static bool is_exit(struct test_sec_pthread_dt *pdata) return false; }

-void hexdump(char *buf, int num) +void hexdump(const char *buf, int num) { int i;

@@ -1053,7 +1053,7 @@ static int sec_cipher_sync_test(int thread_num, __u64 lcore_mask, setup.block_num = MAX_BLOCK_NM; setup.align_size = SQE_SIZE;

- SEC_TST_PRT("create pool memory: %d\n", MAX_BLOCK_NM * setup.block_size); + SEC_TST_PRT("create pool memory: %u\n", MAX_BLOCK_NM * setup.block_size); pool[j] = wd_blkpool_create(&q[j], &setup); if (!pool[j]) { SEC_TST_PRT("%s(): create %dth pool fail!\n", __func__, j); diff --git a/v1/wd_adapter.c b/v1/wd_adapter.c index b053264d..07fe6591 100644 --- a/v1/wd_adapter.c +++ b/v1/wd_adapter.c @@ -150,7 +150,7 @@ void drv_free_slice(struct wd_queue *q) } }

-void drv_add_slice(struct wd_queue *q, struct wd_ss_region *rgn) +static void drv_add_slice(struct wd_queue *q, struct wd_ss_region *rgn) { struct q_info *qinfo = q->qinfo; struct wd_ss_region *rg; @@ -167,7 +167,7 @@ void drv_add_slice(struct wd_queue *q, struct wd_ss_region *rgn) TAILQ_INSERT_TAIL(&qinfo->ss_list, rgn, next); }

-void drv_show_ss_slices(struct wd_queue *q) +static void drv_show_ss_slices(struct wd_queue *q) { struct q_info *qinfo = q->qinfo; struct wd_ss_region *rgn; diff --git a/v1/wd_adapter.h b/v1/wd_adapter.h index bcceff2d..144a76aa 100644 --- a/v1/wd_adapter.h +++ b/v1/wd_adapter.h @@ -37,7 +37,7 @@ struct hw_sgl_info {

struct wd_drv_dio_if { /* vendor tag which is used to select right vendor driver */ - char *hw_type; + const char *hw_type; /* user space WD queue initialize */ int (*open)(struct wd_queue *q); /* user space WD queue uninitialize */ diff --git a/v1/wd_cipher.c b/v1/wd_cipher.c index 33dc0149..57f10091 100644 --- a/v1/wd_cipher.c +++ b/v1/wd_cipher.c @@ -297,7 +297,7 @@ static int cipher_key_len_check(struct wcrypto_cipher_ctx_setup *setup, ret = -WD_EINVAL; break; default: - WD_ERR("cipher input alg err, alg is %d.\n", setup->alg); + WD_ERR("cipher input alg err, alg is %u.\n", setup->alg); return -WD_EINVAL; }

diff --git a/v1/wd_digest.c b/v1/wd_digest.c index 0146ef7e..3d05688d 100644 --- a/v1/wd_digest.c +++ b/v1/wd_digest.c @@ -106,13 +106,13 @@ static int create_ctx_para_check(struct wd_queue *q, }

if (setup->alg >= WCRYPTO_MAX_DIGEST_TYPE) { - WD_ERR("invalid: the alg %d does not support!\n", setup->alg); + WD_ERR("invalid: the alg %u does not support!\n", setup->alg); return -WD_EINVAL; }

if (setup->mode == WCRYPTO_DIGEST_NORMAL && setup->alg >= WCRYPTO_AES_XCBC_MAC_96) { - WD_ERR("invalid: the alg %d does not support normal mode!\n", setup->alg); + WD_ERR("invalid: the alg %u does not support normal mode!\n", setup->alg); return -WD_EINVAL; }

@@ -292,7 +292,7 @@ static int digest_hmac_key_check(enum wcrypto_digest_alg alg, __u16 key_len) } break; default: - WD_ERR("failed to check digest key bytes, invalid alg type = %d\n", alg); + WD_ERR("failed to check digest key bytes, invalid alg type = %u\n", alg); return -WD_EINVAL; }

diff --git a/v1/wd_ecc.c b/v1/wd_ecc.c index 3da55d2e..8bb58792 100644 --- a/v1/wd_ecc.c +++ b/v1/wd_ecc.c @@ -78,7 +78,7 @@ struct wcrypto_ecc_ctx {

struct wcrypto_ecc_curve_list { __u32 id; - char *name; + const char *name; __u32 key_bits; __u8 data[MAX_CURVE_SIZE]; }; @@ -1318,7 +1318,7 @@ int wcrypto_get_ecc_pubkey(struct wcrypto_ecc_key *ecc_key, return WD_SUCCESS; }

-int wcrypto_get_ecc_curve(struct wcrypto_ecc_key *ecc_key, +static int wcrypto_get_ecc_curve(struct wcrypto_ecc_key *ecc_key, struct wcrypto_ecc_curve **cv) { if (unlikely(!ecc_key || !cv || !ecc_key->cv)) { @@ -1670,7 +1670,7 @@ int wcrypto_do_ecxdh(void *ctx, struct wcrypto_ecc_op_data *opdata, void *tag)

if (unlikely(opdata->op_type != WCRYPTO_ECXDH_GEN_KEY && opdata->op_type != WCRYPTO_ECXDH_COMPUTE_KEY)) { - WD_ERR("do ecxdh: op_type = %d error!\n", opdata->op_type); + WD_ERR("do ecxdh: op_type = %u error!\n", opdata->op_type); return -WD_EINVAL; }

@@ -2189,7 +2189,7 @@ int wcrypto_do_ecdsa(void *ctx, struct wcrypto_ecc_op_data *opdata, void *tag)

if (unlikely(opdata->op_type != WCRYPTO_ECDSA_SIGN && opdata->op_type != WCRYPTO_ECDSA_VERIFY)) { - WD_ERR("do ecdsa: op_type = %d error!\n", opdata->op_type); + WD_ERR("do ecdsa: op_type = %u error!\n", opdata->op_type); return -WD_EINVAL; }

@@ -2479,7 +2479,7 @@ int wcrypto_do_sm2(void *ctx, struct wcrypto_ecc_op_data *opdata, void *tag) opdata->op_type != WCRYPTO_SM2_KG && opdata->op_type != WCRYPTO_SM2_ENCRYPT && opdata->op_type != WCRYPTO_SM2_DECRYPT)) { - WD_ERR("do sm2: op_type = %d error!\n", opdata->op_type); + WD_ERR("do sm2: op_type = %u error!\n", opdata->op_type); return -WD_EINVAL; }

diff --git a/wd.c b/wd.c index 6d01158d..2f8bbbe0 100644 --- a/wd.c +++ b/wd.c @@ -504,7 +504,7 @@ void *wd_ctx_mmap_qfr(handle_t h_ctx, enum uacce_qfrt qfrt)

addr = mmap(0, size, PROT_READ | PROT_WRITE, MAP_SHARED, ctx->fd, off); if (addr == MAP_FAILED) { - WD_ERR("failed to mmap, qfrt = %d, err = %d!\n", qfrt, -errno); + WD_ERR("failed to mmap, qfrt = %u, err = %d!\n", qfrt, -errno); return NULL; }

diff --git a/wd_aead.c b/wd_aead.c index 608f0e6d..061e768e 100644 --- a/wd_aead.c +++ b/wd_aead.c @@ -21,7 +21,7 @@ static int g_aead_mac_len[WD_DIGEST_TYPE_MAX] = { };

/* These algs's name need correct match with alg/mode type */ -static char *wd_aead_alg_name[WD_CIPHER_ALG_TYPE_MAX][WD_CIPHER_MODE_TYPE_MAX] = { +static const char *wd_aead_alg_name[WD_CIPHER_ALG_TYPE_MAX][WD_CIPHER_MODE_TYPE_MAX] = { {"", "authenc(hmac(sha256),cbc(sm4))", "", "", "", "", "", "", "", "ccm(sm4)", "gcm(sm4)"}, {"", "authenc(hmac(sha256),cbc(aes))", "", "", "", "", "", "", "", @@ -39,7 +39,7 @@ struct wd_aead_setting { } wd_aead_setting;

struct wd_aead_sess { - char *alg_name; + const char *alg_name; enum wd_cipher_alg calg; enum wd_cipher_mode cmode; enum wd_digest_type dalg; @@ -155,7 +155,7 @@ static int cipher_key_len_check(enum wd_cipher_alg alg, __u16 length) ret = aes_key_len_check(length); break; default: - WD_ERR("failed to set the cipher alg, alg = %d\n", alg); + WD_ERR("failed to set the cipher alg, alg = %u\n", alg); return -WD_EINVAL; }

diff --git a/wd_agg.c b/wd_agg.c index c4f0da68..efb25f6d 100644 --- a/wd_agg.c +++ b/wd_agg.c @@ -55,7 +55,7 @@ struct wd_agg_sess_agg_conf { };

struct wd_agg_sess { - char *alg_name; + const char *alg_name; wd_dev_mask_t *dev_mask; struct wd_alg_agg *drv; void *priv; @@ -69,7 +69,7 @@ struct wd_agg_sess { struct wd_dae_hash_table rehash_table; };

-static char *wd_agg_alg_name = "hashagg"; +static const char *wd_agg_alg_name = "hashagg"; static struct wd_init_attrs wd_agg_init_attrs; static int wd_agg_poll_ctx(__u32 idx, __u32 expt, __u32 *count);

@@ -155,7 +155,7 @@ static int check_col_data_info(enum wd_dae_data_type type, __u16 col_data_info) } break; default: - WD_ERR("invalid: agg data type is %d!\n", type); + WD_ERR("invalid: agg data type is %u!\n", type); return -WD_EINVAL; }

@@ -240,7 +240,7 @@ static int check_agg_cols_info(struct wd_agg_sess_setup *setup, __u32 *out_agg_c } alg = info[i].output_col_algs[j]; if (alg >= WD_AGG_ALG_TYPE_MAX || alg_cnt[alg]) { - WD_ERR("invalid agg output col alg type: %d, col idx: %u\n", + WD_ERR("invalid agg output col alg type: %u, col idx: %u\n", alg, i); return -WD_EINVAL; } @@ -497,7 +497,7 @@ static int wd_agg_check_sess_state(struct wd_agg_sess *sess, enum wd_agg_sess_st ret = __atomic_compare_exchange_n(&sess->state, expected, next, false, __ATOMIC_ACQUIRE, __ATOMIC_RELAXED); if (!ret) { - WD_ERR("invalid: agg sess state is %d!\n", *expected); + WD_ERR("invalid: agg sess state is %u!\n", *expected); return -WD_EINVAL; }

@@ -1113,7 +1113,7 @@ static int wd_agg_input_try_init(struct wd_agg_sess *sess, enum wd_agg_sess_stat false, __ATOMIC_ACQUIRE, __ATOMIC_RELAXED); state = __atomic_load_n(&sess->state, __ATOMIC_RELAXED); if (unlikely(state != WD_AGG_SESS_INPUT)) { - WD_ERR("failed to set agg input sess state: %d!\n", state); + WD_ERR("failed to set agg input sess state: %u!\n", state); return -WD_EINVAL; }

@@ -1251,7 +1251,7 @@ static int wd_agg_output_try_init(struct wd_agg_sess *sess, enum wd_agg_sess_sta false, __ATOMIC_ACQUIRE, __ATOMIC_RELAXED); state = __atomic_load_n(&sess->state, __ATOMIC_RELAXED); if (unlikely(state != WD_AGG_SESS_OUTPUT)) { - WD_ERR("failed to set agg output sess state: %d!\n", state); + WD_ERR("failed to set agg output sess state: %u!\n", state); return -WD_EINVAL; }

@@ -1459,7 +1459,7 @@ static int wd_agg_rehash_try_init(struct wd_agg_sess *sess, enum wd_agg_sess_sta ret = __atomic_compare_exchange_n(&sess->state, expected, WD_AGG_SESS_REHASH, false, __ATOMIC_ACQUIRE, __ATOMIC_RELAXED); if (!ret) { - WD_ERR("invalid: agg rehash sess state is %d!\n", *expected); + WD_ERR("invalid: agg rehash sess state is %u!\n", *expected); return -WD_EINVAL; }

diff --git a/wd_alg.c b/wd_alg.c index 3d014e18..a33f5d66 100644 --- a/wd_alg.c +++ b/wd_alg.c @@ -141,6 +141,8 @@ static bool wd_alg_check_available(int calc_type, const char *dev_name) case UADK_ALG_HW: ret = wd_check_accel_dev(dev_name); break; + default: + break; }

return ret; diff --git a/wd_cipher.c b/wd_cipher.c index ec6fb156..59992170 100644 --- a/wd_cipher.c +++ b/wd_cipher.c @@ -37,7 +37,7 @@ static const unsigned char des_weak_keys[DES_WEAK_KEY_NUM][DES_KEY_SIZE] = { {0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1} };

-static char *wd_cipher_alg_name[WD_CIPHER_ALG_TYPE_MAX][WD_CIPHER_MODE_TYPE_MAX] = { +static const char *wd_cipher_alg_name[WD_CIPHER_ALG_TYPE_MAX][WD_CIPHER_MODE_TYPE_MAX] = { {"ecb(sm4)", "cbc(sm4)", "ctr(sm4)", "xts(sm4)", "ofb(sm4)", "cfb(sm4)", "cbc-cs1(sm4)", "cbc-cs2(sm4)", "cbc-cs3(sm4)", "", "", "xts(sm4)"}, @@ -58,7 +58,7 @@ struct wd_cipher_setting { } wd_cipher_setting;

struct wd_cipher_sess { - char *alg_name; + const char *alg_name; enum wd_cipher_alg alg; enum wd_cipher_mode mode; wd_dev_mask_t *dev_mask; @@ -199,7 +199,7 @@ static int cipher_key_len_check(struct wd_cipher_sess *sess, __u32 length) ret = -WD_EINVAL; break; default: - WD_ERR("cipher input alg err, alg = %d\n", sess->alg); + WD_ERR("cipher input alg err, alg = %u\n", sess->alg); return -WD_EINVAL; }

diff --git a/wd_comp.c b/wd_comp.c index 0fa5f926..4768642a 100644 --- a/wd_comp.c +++ b/wd_comp.c @@ -26,7 +26,7 @@

#define cpu_to_be32(x) swap_byte(x)

-static char *wd_comp_alg_name[WD_COMP_ALG_MAX] = { +static const char *wd_comp_alg_name[WD_COMP_ALG_MAX] = { "zlib", "gzip", "deflate", "lz77_zstd" };

@@ -409,12 +409,12 @@ int wd_comp_poll_ctx(__u32 idx, __u32 expt, __u32 *count) static int wd_comp_check_sess_params(struct wd_comp_sess_setup *setup) { if (setup->alg_type >= WD_COMP_ALG_MAX) { - WD_ERR("invalid: alg_type is %d!\n", setup->alg_type); + WD_ERR("invalid: alg_type is %u!\n", setup->alg_type); return -WD_EINVAL; }

if (setup->op_type >= WD_DIR_MAX) { - WD_ERR("invalid: op_type is %d!\n", setup->op_type); + WD_ERR("invalid: op_type is %u!\n", setup->op_type); return -WD_EINVAL; }

@@ -422,12 +422,12 @@ static int wd_comp_check_sess_params(struct wd_comp_sess_setup *setup) return WD_SUCCESS;

if (setup->comp_lv > WD_COMP_L15) { - WD_ERR("invalid: comp_lv is %d!\n", setup->comp_lv); + WD_ERR("invalid: comp_lv is %u!\n", setup->comp_lv); return -WD_EINVAL; }

if (setup->win_sz > WD_COMP_WS_32K) { - WD_ERR("invalid: win_sz is %d!\n", setup->win_sz); + WD_ERR("invalid: win_sz is %u!\n", setup->win_sz); return -WD_EINVAL; }

@@ -554,7 +554,7 @@ static int wd_comp_check_params(struct wd_comp_sess *sess, }

if (unlikely(req->data_fmt > WD_SGL_BUF)) { - WD_ERR("invalid: data_fmt is %d!\n", req->data_fmt); + WD_ERR("invalid: data_fmt is %u!\n", req->data_fmt); return -WD_EINVAL; }

@@ -564,7 +564,7 @@ static int wd_comp_check_params(struct wd_comp_sess *sess,

if (unlikely(req->op_type != WD_DIR_COMPRESS && req->op_type != WD_DIR_DECOMPRESS)) { - WD_ERR("invalid: op_type is %d!\n", req->op_type); + WD_ERR("invalid: op_type is %u!\n", req->op_type); return -WD_EINVAL; }

@@ -793,7 +793,7 @@ int wd_do_comp_strm(handle_t h_sess, struct wd_comp_req *req) return ret;

if (unlikely(req->data_fmt > WD_FLAT_BUF)) { - WD_ERR("invalid: data_fmt is %d!\n", req->data_fmt); + WD_ERR("invalid: data_fmt is %u!\n", req->data_fmt); return -WD_EINVAL; }

diff --git a/wd_digest.c b/wd_digest.c index 58f621af..4709a1c9 100644 --- a/wd_digest.c +++ b/wd_digest.c @@ -30,7 +30,7 @@ static __u32 g_digest_mac_full_len[WD_DIGEST_TYPE_MAX] = { };

/* These algs's name need correct match with digest alg type */ -static char *wd_digest_alg_name[WD_DIGEST_TYPE_MAX] = { +static const char *wd_digest_alg_name[WD_DIGEST_TYPE_MAX] = { "sm3", "md5", "sha1", "sha256", "sha224", "sha384", "sha512", "sha512-224", "sha512-256", "xcbc-mac-96(aes)", "xcbc-prf-128(aes)", "cmac(aes)", "gmac(aes)" @@ -60,7 +60,7 @@ struct wd_digest_stream_data { };

struct wd_digest_sess { - char *alg_name; + const char *alg_name; enum wd_digest_type alg; enum wd_digest_mode mode; void *priv; @@ -471,7 +471,7 @@ static int wd_aes_hmac_length_check(struct wd_digest_sess *sess, case WD_DIGEST_AES_XCBC_PRF_128: case WD_DIGEST_AES_CMAC: if (!req->in_bytes) { - WD_ERR("failed to check 0 packet length, alg = %d\n", + WD_ERR("failed to check 0 packet length, alg = %u\n", sess->alg); return -WD_EINVAL; } @@ -487,7 +487,7 @@ static int wd_mac_length_check(struct wd_digest_sess *sess, struct wd_digest_req *req) { if (unlikely(req->out_bytes == 0)) { - WD_ERR("invalid: digest alg:%d mac length is 0.\n", sess->alg); + WD_ERR("invalid: digest alg:%u mac length is 0.\n", sess->alg); return -WD_EINVAL; }

@@ -495,7 +495,7 @@ static int wd_mac_length_check(struct wd_digest_sess *sess, case WD_DIGEST_END: case WD_DIGEST_STREAM_END: if (unlikely(req->out_bytes > g_digest_mac_len[sess->alg])) { - WD_ERR("invalid: digest mac length, alg = %d, out_bytes = %u\n", + WD_ERR("invalid: digest mac length, alg = %u, out_bytes = %u\n", sess->alg, req->out_bytes); return -WD_EINVAL; } @@ -504,7 +504,7 @@ static int wd_mac_length_check(struct wd_digest_sess *sess, case WD_DIGEST_STREAM_DOING: /* User need to input full mac buffer in first and middle hash */ if (unlikely(req->out_bytes != g_digest_mac_full_len[sess->alg])) { - WD_ERR("invalid: digest mac full length, alg = %d, out_bytes = %u\n", + WD_ERR("invalid: digest mac full length, alg = %u, out_bytes = %u\n", sess->alg, req->out_bytes); return -WD_EINVAL; } @@ -533,7 +533,7 @@ static int wd_digest_param_check(struct wd_digest_sess *sess, }

if (unlikely(sess->alg >= WD_DIGEST_TYPE_MAX)) { - WD_ERR("invalid: check digest type, alg = %d\n", sess->alg); + WD_ERR("invalid: check digest type, alg = %u\n", sess->alg); return -WD_EINVAL; }

diff --git a/wd_ecc.c b/wd_ecc.c index 292338a6..4e6a9c57 100644 --- a/wd_ecc.c +++ b/wd_ecc.c @@ -1324,19 +1324,6 @@ int wd_ecc_get_pubkey(struct wd_ecc_key *ecc_key, return WD_SUCCESS; }

-int wd_ecc_get_curve(struct wd_ecc_key *ecc_key, - struct wd_ecc_curve **cv) -{ - if (!ecc_key || !cv) { - WD_ERR("invalid: get ecc pubkey parameter err!\n"); - return -WD_EINVAL; - } - - *cv = ecc_key->cv; - - return WD_SUCCESS; -} - void wd_ecc_get_prikey_params(struct wd_ecc_key *key, struct wd_dtb **p, struct wd_dtb **a, struct wd_dtb **b, struct wd_dtb **n, diff --git a/wd_mempool.c b/wd_mempool.c index 22db843b..2f497642 100644 --- a/wd_mempool.c +++ b/wd_mempool.c @@ -893,7 +893,7 @@ handle_t wd_mempool_create(size_t size, int node) int ret;

if (!tmp || node < 0 || node > numa_max_node()) { - WD_ERR("invalid: numa node is %d, size is %ld!\n", node, tmp); + WD_ERR("invalid: numa node is %d, size is %zu!\n", node, tmp); return (handle_t)(-WD_EINVAL); }

diff --git a/wd_rsa.c b/wd_rsa.c index 366e7660..f0dfb567 100644 --- a/wd_rsa.c +++ b/wd_rsa.c @@ -1128,22 +1128,20 @@ static int rsa_prikey2_param_set(struct wd_rsa_prikey2 *pkey2, case WD_CRT_PRIKEY_DQ: ret = rsa_set_param(&pkey2->dq, param); break; - case WD_CRT_PRIKEY_DP: ret = rsa_set_param(&pkey2->dp, param); break; - case WD_CRT_PRIKEY_QINV: ret = rsa_set_param(&pkey2->qinv, param); break; - case WD_CRT_PRIKEY_P: ret = rsa_set_param(&pkey2->p, param); break; - case WD_CRT_PRIKEY_Q: ret = rsa_set_param(&pkey2->q, param); break; + default: + break; }

return ret; diff --git a/wd_util.c b/wd_util.c index e908dcb4..b25e79f4 100644 --- a/wd_util.c +++ b/wd_util.c @@ -92,8 +92,8 @@ struct drv_lib_list { };

struct acc_alg_item { - char *name; - char *algtype; + const char *name; + const char *algtype; };

struct wd_ce_ctx { @@ -2181,7 +2181,7 @@ static void dladdr_empty(void) { }

-int wd_get_lib_file_path(char *lib_file, char *lib_path, bool is_dir) +int wd_get_lib_file_path(const char *lib_file, char *lib_path, bool is_dir) { char file_path[PATH_MAX] = {0}; char path[PATH_MAX] = {0}; @@ -2300,7 +2300,7 @@ free_list: return NULL; }

-struct wd_alg_driver *wd_alg_drv_bind(int task_type, char *alg_name) +struct wd_alg_driver *wd_alg_drv_bind(int task_type, const char *alg_name) { struct wd_alg_driver *set_driver = NULL; struct wd_alg_driver *drv; @@ -2395,7 +2395,7 @@ static __u32 wd_get_ctx_numbers(struct wd_ctx_params ctx_params, int end) return count; }

-struct uacce_dev_list *wd_get_usable_list(struct uacce_dev_list *list, struct bitmask *bmp) +static struct uacce_dev_list *wd_get_usable_list(struct uacce_dev_list *list, struct bitmask *bmp) { struct uacce_dev_list *p, *node, *result = NULL; struct uacce_dev *dev; @@ -2736,7 +2736,7 @@ int wd_alg_attrs_init(struct wd_init_attrs *attrs) struct wd_sched *alg_sched = NULL; char alg_type[CRYPTO_MAX_ALG_NAME]; int driver_type = UADK_ALG_HW; - char *alg = attrs->alg; + const char *alg = attrs->alg; int ret = -WD_EINVAL;

if (!attrs->ctx_params)

-- 2.33.0

Qi Tao

3:12 p.m.

New subject: [PATCH 04/13] uadk_tool: fix error in saving the aead dst data

When testing the async encryption performance of the AEAD algorithm, the same bd_pool may not be processed completely and is sent as a new request in the next loop. As a result, incorrect encrypted data is stored in the dst. When the incorrect encrypted data is stored for decryption, a decryption error occurs.

This problem can be solved by restricting the sending times of the first bd_pool only once and saving the dst data in the first bd_pool to a file for decryption.

Signed-off-by: Qi Tao taoqi10@huawei.com --- uadk_tool/benchmark/sec_uadk_benchmark.c | 6 ++++++ 1 file changed, 6 insertions(+)

diff --git a/uadk_tool/benchmark/sec_uadk_benchmark.c b/uadk_tool/benchmark/sec_uadk_benchmark.c index 411d0c47..469ef8b3 100644 --- a/uadk_tool/benchmark/sec_uadk_benchmark.c +++ b/uadk_tool/benchmark/sec_uadk_benchmark.c @@ -1356,6 +1356,12 @@ static void *sec_uadk_aead_async(void *arg) break; try_cnt = 0; i = count % MAX_POOL_LENTH; + + if (i == 0 && count > 0) { + count++; + continue; + } + areq.src = uadk_pool->bds[i].src; areq.dst = uadk_pool->bds[i].dst; areq.mac = uadk_pool->bds[i].mac;

-- 2.33.0

Qi Tao

3:12 p.m.

New subject: [PATCH 05/13] uadk/hpre: modify privkey transform method of ecc

From: Zhiqi Song songzhiqi1@huawei.com

The key data sent by the user may be non-byte aligned and the low-order byte is 0x00. Use original 'dsize' will make the key data be truncated after being transformed. Therefore, 'dsize' should be changned after the key format is transformed.

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- drv/hisi_hpre.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/drv/hisi_hpre.c b/drv/hisi_hpre.c index 637c3bf5..7c652d10 100644 --- a/drv/hisi_hpre.c +++ b/drv/hisi_hpre.c @@ -967,7 +967,7 @@ static int ecc_prepare_prikey(struct wd_ecc_key *key, void **data, int id) struct wd_dtb *b = NULL; struct wd_dtb *n = NULL; struct wd_dtb *d = NULL; - char bsize, dsize; + __u32 bsize, dsize; char *dat; int ret;

@@ -981,6 +981,10 @@ static int ecc_prepare_prikey(struct wd_ecc_key *key, void **data, int id) if (ret) return ret;

+ /* X448 will do specific offset */ + if (id != WD_X448) + d->dsize = d->bsize; + /* * This is a pretreatment of X25519/X448, as described in RFC 7748: * For X25519, in order to decode 32 random bytes as an integer @@ -1010,12 +1014,6 @@ static int ecc_prepare_prikey(struct wd_ecc_key *key, void **data, int id) return -WD_EINVAL; }

- if (id != WD_X25519 && id != WD_X448 && - !less_than_latter(d, n)) { - WD_ERR("failed to prepare ecc prikey: d >= n!\n"); - return -WD_EINVAL; - } - *data = p->data;

return WD_SUCCESS;

-- 2.33.0

Qi Tao

3:12 p.m.

New subject: [PATCH 06/13] v1/hpre: modify privkey transform method of ecc

From: Zhiqi Song songzhiqi1@huawei.com

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- v1/drv/hisi_hpre_udrv.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/v1/drv/hisi_hpre_udrv.c b/v1/drv/hisi_hpre_udrv.c index 9a1c5ee6..4cd030f4 100644 --- a/v1/drv/hisi_hpre_udrv.c +++ b/v1/drv/hisi_hpre_udrv.c @@ -889,7 +889,7 @@ static int ecc_prepare_prikey(struct wcrypto_ecc_key *key, void **data, int id) struct wd_dtb *b = NULL; struct wd_dtb *n = NULL; struct wd_dtb *d = NULL; - char bsize, dsize; + __u32 bsize, dsize; char *dat; int ret;

@@ -903,6 +903,10 @@ static int ecc_prepare_prikey(struct wcrypto_ecc_key *key, void **data, int id) if (unlikely(ret)) return ret;

+ /* X448 will do specific offset */ + if (id != WCRYPTO_X448) + d->dsize = d->bsize; + dat = d->data; bsize = d->bsize; dsize = d->dsize; @@ -928,12 +932,6 @@ static int ecc_prepare_prikey(struct wcrypto_ecc_key *key, void **data, int id) dat[0 + bsize - dsize] |= 128; }

- if (id != WCRYPTO_X25519 && id != WCRYPTO_X448 && - !less_than_latter(d, n)) { - WD_ERR("failed to prepare ecc prikey: d >= n!\n"); - return -WD_EINVAL; - } - *data = p->data;

return 0;

-- 2.33.0

Qi Tao

3:12 p.m.

New subject: [PATCH 07/13] uadk/v1: cleanup key format transform function

From: Zhiqi Song songzhiqi1@huawei.com

Remove redundant variable definition of key format transform function.

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- v1/drv/hisi_hpre_udrv.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/v1/drv/hisi_hpre_udrv.c b/v1/drv/hisi_hpre_udrv.c index 4cd030f4..7873191d 100644 --- a/v1/drv/hisi_hpre_udrv.c +++ b/v1/drv/hisi_hpre_udrv.c @@ -854,14 +854,8 @@ static int trans_cv_param_to_hpre_bin(struct wd_dtb *p, struct wd_dtb *a,

static int trans_d_to_hpre_bin(struct wd_dtb *d) { - int ret; - - ret = qm_crypto_bin_to_hpre_bin(d->data, (const char *)d->data, + return qm_crypto_bin_to_hpre_bin(d->data, (const char *)d->data, d->bsize, d->dsize, "ecc d"); - if (unlikely(ret)) - return ret; - - return 0; }

static bool less_than_latter(struct wd_dtb *d, struct wd_dtb *n)

-- 2.33.0

Qi Tao

3:12 p.m.

New subject: [PATCH 08/13] uadk/v1: support the hmac(sm3)-cbc(sm4) algorithm

From: Wenkai Lin linwenkai6@hisilicon.com

Add the algorithm hmac(sm3)-cbc(sm4) to the nosva scene, the following fileds of the session setup need to be set, the calg(WCRYPTO_CIPHER_SM4), the cmode(WCRYPTO_CIPHER_CBC), the dalg(WCRYPTO_SM3) and the dmode(WCRYPTO_DIGEST_HMAC).

Signed-off-by: Wenkai Lin linwenkai6@hisilicon.com --- v1/drv/hisi_sec_udrv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/v1/drv/hisi_sec_udrv.c b/v1/drv/hisi_sec_udrv.c index a4ca0d47..c7919e3c 100644 --- a/v1/drv/hisi_sec_udrv.c +++ b/v1/drv/hisi_sec_udrv.c @@ -2132,7 +2132,7 @@ static int fill_aead_bd3_alg(struct wcrypto_aead_msg *msg, sqe->a_key_len = msg->akey_bytes / SEC_SQE_LEN_RATE;

if (msg->dalg == WCRYPTO_SHA1 || msg->dalg == WCRYPTO_SHA256 || - msg->dalg == WCRYPTO_SHA512) { + msg->dalg == WCRYPTO_SHA512 || msg->dalg == WCRYPTO_SM3) { sqe->a_alg = g_hmac_a_alg[msg->dalg]; } else { WD_ERR("Invalid digest type!\n");

-- 2.33.0

Qi Tao

3:12 p.m.

New subject: [PATCH 09/13] uadk: fix for the algorithm name of the aead cbc mode

From: Wenkai Lin linwenkai6@hisilicon.com

Currently, the algorithm name of the aead cbc mode is designed only for sha256, but it is not suitable any more when other algorithms are added, such as hmac(sm3)-cbc(aes). Now a common name is used, authenc(generic,cbc(aes)), the actual algorithm and mode are still specified by dalg and dmode in the session setup.

diff --git a/drv/hisi_sec.c b/drv/hisi_sec.c index 9ad2eb2b..473d4b1a 100644 --- a/drv/hisi_sec.c +++ b/drv/hisi_sec.c @@ -661,7 +661,8 @@ static struct wd_alg_driver digest_alg_driver[] = { static struct wd_alg_driver aead_alg_driver[] = { GEN_SEC_ALG_DRIVER("ccm(aes)", aead), GEN_SEC_ALG_DRIVER("gcm(aes)", aead), - GEN_SEC_ALG_DRIVER("authenc(hmac(sha256),cbc(aes))", aead), + GEN_SEC_ALG_DRIVER("authenc(generic,cbc(aes))", aead), + GEN_SEC_ALG_DRIVER("authenc(generic,cbc(sm4))", aead), GEN_SEC_ALG_DRIVER("ccm(sm4)", aead), GEN_SEC_ALG_DRIVER("gcm(sm4)", aead), }; @@ -2755,6 +2756,9 @@ static int fill_aead_bd3_alg(struct wd_aead_msg *msg, case WD_DIGEST_SHA512: d_alg = A_ALG_HMAC_SHA512 << SEC_AUTH_ALG_OFFSET_V3; break; + case WD_DIGEST_SM3: + d_alg = A_ALG_HMAC_SM3 << SEC_AUTH_ALG_OFFSET_V3; + break; default: WD_ERR("failed to check aead dalg type, dalg = %u\n", msg->dalg); diff --git a/uadk_tool/benchmark/uadk_benchmark.c b/uadk_tool/benchmark/uadk_benchmark.c index 0f01fdf5..dd2b22da 100644 --- a/uadk_tool/benchmark/uadk_benchmark.c +++ b/uadk_tool/benchmark/uadk_benchmark.c @@ -139,9 +139,9 @@ static struct acc_alg_item alg_options[] = { {"gcm(aes)", "aes-128-gcm", AES_128_GCM}, {"gcm(aes)", "aes-192-gcm", AES_192_GCM}, {"gcm(aes)", "aes-256-gcm", AES_256_GCM}, - {"authenc(hmac(sha256),cbc(aes))", "aes-128-cbc-sha256-hmac", AES_128_CBC_SHA256_HMAC}, - {"authenc(hmac(sha256),cbc(aes))", "aes-192-cbc-sha256-hmac", AES_192_CBC_SHA256_HMAC}, - {"authenc(hmac(sha256),cbc(aes))", "aes-256-cbc-sha256-hmac", AES_256_CBC_SHA256_HMAC}, + {"authenc(generic,cbc(aes))", "aes-128-cbc-sha256-hmac", AES_128_CBC_SHA256_HMAC}, + {"authenc(generic,cbc(aes))", "aes-192-cbc-sha256-hmac", AES_192_CBC_SHA256_HMAC}, + {"authenc(generic,cbc(aes))", "aes-256-cbc-sha256-hmac", AES_256_CBC_SHA256_HMAC}, {"ccm(sm4)", "sm4-128-ccm", SM4_128_CCM}, {"gcm(sm4)", "sm4-128-gcm", SM4_128_GCM}, {"sm3", "sm3", SM3_ALG}, diff --git a/uadk_tool/test/test_sec.c b/uadk_tool/test/test_sec.c index 87fc7184..462ba7a5 100644 --- a/uadk_tool/test/test_sec.c +++ b/uadk_tool/test/test_sec.c @@ -110,10 +110,10 @@ char *digest_names[MAX_ALGO_PER_TYPE] = { char *aead_names[MAX_ALGO_PER_TYPE] = { "ccm(aes)", "gcm(aes)", - "authenc(hmac(sha256),cbc(aes))", + "authenc(generic,cbc(aes))", "ccm(sm4)", "gcm(sm4)", - "authenc(hmac(sha256),cbc(sm4))", + "authenc(generic,cbc(sm4))", "sm3", /*--aead 6: for error alg test */ "authenc(hmac(sha3),cbc(aes))", /* --aead 7: for error alg test */ }; diff --git a/wd_aead.c b/wd_aead.c index 061e768e..11fee5a6 100644 --- a/wd_aead.c +++ b/wd_aead.c @@ -22,9 +22,9 @@ static int g_aead_mac_len[WD_DIGEST_TYPE_MAX] = {

/* These algs's name need correct match with alg/mode type */ static const char *wd_aead_alg_name[WD_CIPHER_ALG_TYPE_MAX][WD_CIPHER_MODE_TYPE_MAX] = { - {"", "authenc(hmac(sha256),cbc(sm4))", "", "", "", "", "", "", "", + {"", "authenc(generic,cbc(sm4))", "", "", "", "", "", "", "", "ccm(sm4)", "gcm(sm4)"}, - {"", "authenc(hmac(sha256),cbc(aes))", "", "", "", "", "", "", "", + {"", "authenc(generic,cbc(aes))", "", "", "", "", "", "", "", "ccm(aes)", "gcm(aes)"} };

diff --git a/wd_util.c b/wd_util.c index b25e79f4..93249a3f 100644 --- a/wd_util.c +++ b/wd_util.c @@ -143,8 +143,8 @@ static struct acc_alg_item alg_options[] = { {"gcm(aes)", "aead"}, {"ccm(sm4)", "aead"}, {"gcm(sm4)", "aead"}, - {"authenc(hmac(sha256),cbc(aes))", "aead"}, - {"authenc(hmac(sha256),cbc(sm4))", "aead"}, + {"authenc(generic,cbc(aes))", "aead"}, + {"authenc(generic,cbc(sm4))", "aead"},

{"sm3", "digest"}, {"md5", "digest"},

-- 2.33.0

Qi Tao

3:12 p.m.

New subject: [PATCH 10/13] uadk/v1: Add stream mode for AES-GCM and SM4-GCM

From: Wenkai Lin linwenkai6@hisilicon.com

In stream processing encryption mode, a long file needs to be encrypted. When the accelerator is invoked, the encryption result of each block is assembled. The assembled result is the same as the result of encrypting the entire file at a time. For hisi_sec, the AAD is filled to the first message, plaintext are done with the middle and the end message. In an encrypted stream, the first and the end message are unique and must be delivered to hardware.

Signed-off-by: Wenkai Lin linwenkai6@hisilicon.com --- Makefile.am | 6 +- include/crypto/sm4.h | 18 +++ lib/crypto/sm4.c | 176 ++++++++++++++++++++++++++++ v1/drv/hisi_sec_udrv.c | 259 +++++++++++++++++++++++++++++++++++++++++ v1/drv/hisi_sec_udrv.h | 9 +- v1/wd_aead.c | 67 ++++++++++- v1/wd_aead.h | 12 ++ 7 files changed, 539 insertions(+), 8 deletions(-) create mode 100644 include/crypto/sm4.h create mode 100644 lib/crypto/sm4.c

diff --git a/Makefile.am b/Makefile.am index 77b369a9..6b4c6cbc 100644 --- a/Makefile.am +++ b/Makefile.am @@ -69,6 +69,8 @@ libwd_la_SOURCES=wd.c wd_mempool.c wd.h wd_alg.c wd_alg.h \ v1/wd_bmm.c v1/wd_bmm.h \ v1/wd_ecc.c v1/wd_ecc.h \ v1/wd_sgl.c v1/wd_sgl.h \ + aes.h sm4.h galois.h \ + lib/crypto/aes.c lib/crypto/sm4.c lib/crypto/galois.c \ v1/drv/hisi_qm_udrv.c v1/drv/hisi_qm_udrv.h \ v1/drv/hisi_zip_udrv.c v1/drv/hisi_zip_udrv.h \ v1/drv/hisi_hpre_udrv.c v1/drv/hisi_hpre_udrv.h \ @@ -95,8 +97,8 @@ libwd_crypto_la_SOURCES=wd_cipher.c wd_cipher.h wd_cipher_drv.h \ wd.c wd.h

libhisi_sec_la_SOURCES=drv/hisi_sec.c drv/hisi_qm_udrv.c \ - lib/crypto/aes.c lib/crypto/galois.c \ - hisi_qm_udrv.h wd_cipher_drv.h wd_aead_drv.h aes.h galois.h + lib/crypto/aes.c lib/crypto/sm4.c lib/crypto/galois.c \ + hisi_qm_udrv.h wd_cipher_drv.h wd_aead_drv.h aes.h sm4.h galois.h

libhisi_hpre_la_SOURCES=drv/hisi_hpre.c drv/hisi_qm_udrv.c \ hisi_qm_udrv.h diff --git a/include/crypto/sm4.h b/include/crypto/sm4.h new file mode 100644 index 00000000..e242b3a9 --- /dev/null +++ b/include/crypto/sm4.h @@ -0,0 +1,18 @@ +/* SPDX-License-Identifier: Apache-2.0 */ +/* Copyright 2024 Huawei Technologies Co.,Ltd. All rights reserved. */ + +#ifndef __WD_SM4_H__ +#define __WD_SM4_H__ + +#include <linux/types.h> + +#ifdef __cplusplus +extern "C" { +#endif + +void sm4_encrypt(__u8 *key, __u32 key_len, __u8 *input, __u8 *output); +#ifdef __cplusplus +} +#endif + +#endif diff --git a/lib/crypto/sm4.c b/lib/crypto/sm4.c new file mode 100644 index 00000000..97c0fb2b --- /dev/null +++ b/lib/crypto/sm4.c @@ -0,0 +1,176 @@ +// SPDX-License-Identifier: Apache-2.0 +/* Copyright 2024 Huawei Technologies Co.,Ltd. All rights reserved. */ + +#include <string.h> +#include <stdint.h> +#include "crypto/sm4.h" + +#define AES_BLOCK_SIZE 16 +#define U32_BYTES 4 +#define BYTE_TO_BIT 8 +#define U32_BITS 32 +#define FIRST_KEY_STEP 13 +#define SECOND_KEY_STEP 23 + +#define FIRST_DATA_STEP 2 +#define SECOND_DATA_STEP 10 +#define THIRD_DATA_STEP 18 +#define FOURTH_DATA_STEP 24 +#define TOTAL_ROUND 36 +#define F_ROUND 32 +#define BUF_LEN 128 + +const __u32 TBL_SYS_PARAMS[4] = { + 0xa3b1bac6, 0x56aa3350, 0x677d9197, 0xb27022dc +}; + +const __u32 TBL_FIX_PARAMS[32] = { + 0x00070e15, 0x1c232a31, 0x383f464d, 0x545b6269, + 0x70777e85, 0x8c939aa1, 0xa8afb6bd, 0xc4cbd2d9, + 0xe0e7eef5, 0xfc030a11, 0x181f262d, 0x343b4249, + 0x50575e65, 0x6c737a81, 0x888f969d, 0xa4abb2b9, + 0xc0c7ced5, 0xdce3eaf1, 0xf8ff060d, 0x141b2229, + 0x30373e45, 0x4c535a61, 0x686f767d, 0x848b9299, + 0xa0a7aeb5, 0xbcc3cad1, 0xd8dfe6ed, 0xf4fb0209, + 0x10171e25, 0x2c333a41, 0x484f565d, 0x646b7279 +}; + +const __u8 TBL_SBOX[256] = { + 0xd6, 0x90, 0xe9, 0xfe, 0xcc, 0xe1, 0x3d, 0xb7, + 0x16, 0xb6, 0x14, 0xc2, 0x28, 0xfb, 0x2c, 0x05, + 0x2b, 0x67, 0x9a, 0x76, 0x2a, 0xbe, 0x04, 0xc3, + 0xaa, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99, + 0x9c, 0x42, 0x50, 0xf4, 0x91, 0xef, 0x98, 0x7a, + 0x33, 0x54, 0x0b, 0x43, 0xed, 0xcf, 0xac, 0x62, + 0xe4, 0xb3, 0x1c, 0xa9, 0xc9, 0x08, 0xe8, 0x95, + 0x80, 0xdf, 0x94, 0xfa, 0x75, 0x8f, 0x3f, 0xa6, + 0x47, 0x07, 0xa7, 0xfc, 0xf3, 0x73, 0x17, 0xba, + 0x83, 0x59, 0x3c, 0x19, 0xe6, 0x85, 0x4f, 0xa8, + 0x68, 0x6b, 0x81, 0xb2, 0x71, 0x64, 0xda, 0x8b, + 0xf8, 0xeb, 0x0f, 0x4b, 0x70, 0x56, 0x9d, 0x35, + 0x1e, 0x24, 0x0e, 0x5e, 0x63, 0x58, 0xd1, 0xa2, + 0x25, 0x22, 0x7c, 0x3b, 0x01, 0x21, 0x78, 0x87, + 0xd4, 0x00, 0x46, 0x57, 0x9f, 0xd3, 0x27, 0x52, + 0x4c, 0x36, 0x02, 0xe7, 0xa0, 0xc4, 0xc8, 0x9e, + 0xea, 0xbf, 0x8a, 0xd2, 0x40, 0xc7, 0x38, 0xb5, + 0xa3, 0xf7, 0xf2, 0xce, 0xf9, 0x61, 0x15, 0xa1, + 0xe0, 0xae, 0x5d, 0xa4, 0x9b, 0x34, 0x1a, 0x55, + 0xad, 0x93, 0x32, 0x30, 0xf5, 0x8c, 0xb1, 0xe3, + 0x1d, 0xf6, 0xe2, 0x2e, 0x82, 0x66, 0xca, 0x60, + 0xc0, 0x29, 0x23, 0xab, 0x0d, 0x53, 0x4e, 0x6f, + 0xd5, 0xdb, 0x37, 0x45, 0xde, 0xfd, 0x8e, 0x2f, + 0x03, 0xff, 0x6a, 0x72, 0x6d, 0x6c, 0x5b, 0x51, + 0x8d, 0x1b, 0xaf, 0x92, 0xbb, 0xdd, 0xbc, 0x7f, + 0x11, 0xd9, 0x5c, 0x41, 0x1f, 0x10, 0x5a, 0xd8, + 0x0a, 0xc1, 0x31, 0x88, 0xa5, 0xcd, 0x7b, 0xbd, + 0x2d, 0x74, 0xd0, 0x12, 0xb8, 0xe5, 0xb4, 0xb0, + 0x89, 0x69, 0x97, 0x4a, 0x0c, 0x96, 0x77, 0x7e, + 0x65, 0xb9, 0xf1, 0x09, 0xc5, 0x6e, 0xc6, 0x84, + 0x18, 0xf0, 0x7d, 0xec, 0x3a, 0xdc, 0x4d, 0x20, + 0x79, 0xee, 0x5f, 0x3e, 0xd7, 0xcb, 0x39, 0x48 +}; + +static void get_u32(__u8 *in, __u32 *out) +{ + __u32 i = 0; + + *out = 0; + for (i = 0; i < U32_BYTES; i++) + *out = ((__u32)in[i] << ((U32_BYTES - 1 - i) * BYTE_TO_BIT)) ^ *out; +} + +static void put_u32(__u32 in, __u8 *out) +{ + __u32 i = 0; + + for (i = 0; i < U32_BYTES; i++) + *(out + i) = (__u32)(in >> ((U32_BYTES - 1 - i) * BYTE_TO_BIT)); +} + +static __u32 move(__u32 data, __u32 length) +{ + __u32 result = 0; + + result = (data << length) ^ (data >> (U32_BITS - length)); + + return result; +} + +static __u32 func_key(__u32 input) +{ + __u8 ucSboxValueList[U32_BYTES] = { 0 }; + __u8 ucIndexList[U32_BYTES] = { 0 }; + __u32 i, ulTmp; + + put_u32(input, ucIndexList); + for (i = 0; i < U32_BYTES; i++) + ucSboxValueList[i] = TBL_SBOX[ucIndexList[i]]; + + get_u32(ucSboxValueList, &ulTmp); + ulTmp = ulTmp ^ move(ulTmp, FIRST_KEY_STEP) ^ + move(ulTmp, SECOND_KEY_STEP); + + return ulTmp; +} + +static __u32 func_data(__u32 input) +{ + __u8 ucSboxValueList[4] = { 0 }; + __u8 ucIndexList[4] = { 0 }; + __u32 i, ulTmp; + + put_u32(input, ucIndexList); + for (i = 0; i < U32_BYTES; i++) + ucSboxValueList[i] = TBL_SBOX[ucIndexList[i]]; + + get_u32(ucSboxValueList, &ulTmp); + ulTmp = ulTmp ^ move(ulTmp, FIRST_DATA_STEP) ^ + move(ulTmp, SECOND_DATA_STEP) ^ + move(ulTmp, THIRD_DATA_STEP) ^ + move(ulTmp, FOURTH_DATA_STEP); + + return ulTmp; +} + +void sm4_encrypt(__u8 *key, __u32 key_len, __u8 *input, __u8 *output) +{ + __u32 tmp_keys[U32_BYTES] = { 0 }; + __u32 keys[TOTAL_ROUND] = { 0 }; + __u32 data[TOTAL_ROUND] = { 0 }; + __u32 i, j, k, in_len; + __u8 p[BUF_LEN]; + + if (key_len < AES_BLOCK_SIZE) + return; + + for (i = 0; i < U32_BYTES; i++) { + get_u32(key + U32_BYTES * i, &tmp_keys[i]); + keys[i] = tmp_keys[i] ^ TBL_SYS_PARAMS[i]; + } + + for (i = 0; i < F_ROUND; i++) + keys[i + 0x4] = keys[i] ^ func_key(keys[i + 0x1] ^ keys[i + 0x2] ^ + keys[i + 0x3] ^ TBL_FIX_PARAMS[i]); + + in_len = AES_BLOCK_SIZE; + for (i = 0; i < in_len; i++) + *(p + i) = *(input + i); + + k = AES_BLOCK_SIZE - (in_len % AES_BLOCK_SIZE); + for (i = 0; i < k; i++) + *(p + in_len + i) = 0; + + k = in_len / AES_BLOCK_SIZE + ((in_len % AES_BLOCK_SIZE) ? 1 : 0); + for (j = 0; j < k; j++) { + for (i = 0; i < TOTAL_ROUND - F_ROUND; i++) + get_u32(p + AES_BLOCK_SIZE * j + U32_BYTES * i, &data[i]); + + for (i = 0; i < F_ROUND; i++) + data[i + 0x4] = data[i] ^ func_data(data[i + 0x1] ^ data[i + 0x2] ^ + data[i + 0x3] ^ keys[i + 0x4]); + + for (i = 0; i < TOTAL_ROUND - F_ROUND; i++) + put_u32(data[TOTAL_ROUND - i - 1], + output + AES_BLOCK_SIZE * j + U32_BYTES * i); + } +} diff --git a/v1/drv/hisi_sec_udrv.c b/v1/drv/hisi_sec_udrv.c index c7919e3c..5dd2a696 100644 --- a/v1/drv/hisi_sec_udrv.c +++ b/v1/drv/hisi_sec_udrv.c @@ -24,6 +24,9 @@ #include <sys/eventfd.h> #include <sys/types.h>

+#include "crypto/aes.h" +#include "crypto/sm4.h" +#include "crypto/galois.h" #include "hisi_sec_udrv.h"

#define SEC_HW_TASK_DONE 1 @@ -43,6 +46,18 @@ #define AEAD_IV_MAX_BYTES 64 #define MAX_CCM_AAD_LEN 65279 #define SEC_GMAC_IV_LEN 16 +#define MAC_LEN 4 +#define GCM_FINAL_COUNTER 0x1000000 +#define GCM_FINAL_COUNTER_LEN 4 +#define GCM_STREAM_MAC_OFFSET 32 +#define GCM_FULL_MAC_LEN 16 +#define LONG_AUTH_DATA_OFFSET 24 +#define GCM_IV_SIZE 12 +#define AIV_STREAM_LEN 64 +#define AKEY_LEN(c_key_len) (2 * (c_key_len) + 0x4) +#define SM4_AKEY_LEN 4 +#define GCM_AUTH_MAC_OFFSET 47 +#define GCM_BLOCK_OFFSET (AES_BLOCK_SIZE - 1)

static int g_digest_a_alg[WCRYPTO_MAX_DIGEST_TYPE] = { A_ALG_SM3, A_ALG_MD5, A_ALG_SHA1, A_ALG_SHA256, A_ALG_SHA224, @@ -2259,6 +2274,9 @@ static int fill_aead_bd3_addr_src(struct wd_queue *q, sqe->data_src_addr_l = (__u32)(phy1 & QM_L32BITS_MASK); sqe->data_src_addr_h = HI_U32(phy1);

+ if (msg->msg_state != WCRYPTO_AEAD_MSG_BLOCK) + return WD_SUCCESS; + if (msg->op_type == WCRYPTO_CIPHER_DECRYPTION_DIGEST && msg->data_fmt == WD_FLAT_BUF) { phy2 = phy1 + msg->assoc_bytes + msg->in_bytes; @@ -2282,6 +2300,9 @@ static int fill_aead_bd3_addr_dst(struct wd_queue *q, sqe->data_dst_addr_l = (__u32)(phy1 & QM_L32BITS_MASK); sqe->data_dst_addr_h = HI_U32(phy1);

+ if (msg->msg_state != WCRYPTO_AEAD_MSG_BLOCK) + return WD_SUCCESS; + if (msg->op_type == WCRYPTO_CIPHER_ENCRYPTION_DIGEST && msg->data_fmt == WD_FLAT_BUF) { phy2 = phy1 + msg->out_bytes - msg->auth_bytes; @@ -2394,6 +2415,9 @@ static int fill_aead_bd3_addr(struct wd_queue *q, if (unlikely(ret)) goto map_civ_error;

+ if (msg->msg_state != WCRYPTO_AEAD_MSG_BLOCK) + return WD_SUCCESS; + /* CCM/GCM should init a_iv */ set_aead_auth_iv(msg); ret = map_addr(q, msg->aiv, msg->iv_bytes, &sqe->auth_key_iv.a_ivin_addr_l, @@ -2425,6 +2449,225 @@ map_out_error: return -WD_ENOMEM; }

+static void fill_gcm_akey_len(struct wcrypto_aead_msg *msg, struct hisi_sec_bd3_sqe *sqe) +{ + __u8 c_key_len = 0; + + if (msg->calg == WCRYPTO_CIPHER_AES) { + sqe->a_alg = A_ALG_AES_GMAC; + get_aes_c_key_len(msg->cmode, msg->ckey_bytes, &c_key_len); + sqe->a_key_len = AKEY_LEN(c_key_len); + } else if (msg->calg == WCRYPTO_CIPHER_SM4) { + sqe->a_alg = A_ALG_SM4_GMAC; + sqe->a_key_len = SM4_AKEY_LEN; + } +} + +static void fill_gcm_first_bd3(struct wcrypto_aead_msg *msg, struct hisi_sec_bd3_sqe *sqe) +{ + sqe->ai_gen = AI_GEN_INNER; + sqe->stream_scene.auth_pad = AUTHPAD_NOPAD; + sqe->cipher = NO_CIPHER; + sqe->auth = AUTH_MAC_CALCULATE; + sqe->mac_len = MAC_LEN; + fill_gcm_akey_len(msg, sqe); + sqe->c_len = 0; + sqe->auth_ivin_offset = 0; + sqe->auth_key_iv.a_ivin_addr_h = 0; + sqe->auth_key_iv.a_ivin_addr_l = 0; + sqe->auth_src_offset = 0; + sqe->a_len = msg->assoc_bytes; + sqe->stream_scene.c_ivin_addr_l = sqe->ipsec_scene.c_ivin_addr_l; + sqe->stream_scene.c_ivin_addr_h = sqe->ipsec_scene.c_ivin_addr_h; + sqe->auth_key_iv.a_key_addr_l = sqe->c_key_addr_l; + sqe->auth_key_iv.a_key_addr_h = sqe->c_key_addr_h; +} + +static void fill_gcm_middle_bd3(struct wd_queue *q, struct wcrypto_aead_msg *msg, + struct hisi_sec_bd3_sqe *sqe) +{ + sqe->ai_gen = AI_GEN_IVIN_ADDR; + sqe->stream_scene.auth_pad = AUTHPAD_NOPAD; + sqe->auth = NO_AUTH; + sqe->cipher_src_offset = 0; + sqe->auth_src_offset = 0; + fill_gcm_akey_len(msg, sqe); + sqe->a_len = 0; + sqe->stream_scene.c_ivin_addr_l = sqe->ipsec_scene.c_ivin_addr_l; + sqe->stream_scene.c_ivin_addr_h = sqe->ipsec_scene.c_ivin_addr_h; + sqe->auth_key_iv.a_key_addr_l = sqe->c_key_addr_l; + sqe->auth_key_iv.a_key_addr_h = sqe->c_key_addr_h; + + sqe->auth_key_iv.a_ivin_addr_l = sqe->mac_addr_l; + sqe->auth_key_iv.a_ivin_addr_h = sqe->mac_addr_h; +} + +static void get_galois_vector_s(struct wcrypto_aead_msg *msg, __u8 *s) +{ + __u8 a_c[AES_BLOCK_SIZE] = {0}; + __u64 cipher_len, aad_len; + __u32 i; + + aad_len = msg->assoc_bytes * BYTE_BITS; + memcpy(&a_c[BYTE_BITS], &aad_len, sizeof(__u64)); + + cipher_len = msg->long_data_len * BYTE_BITS; + memcpy(&a_c[0], &cipher_len, sizeof(__u64)); + + /* Based the little-endian operation */ + for (i = 0; i < AES_BLOCK_SIZE; i++) + s[i] = a_c[i] ^ msg->aiv[(__u8)(GCM_AUTH_MAC_OFFSET - i)]; +} + +static int gcm_do_soft_mac(struct wcrypto_aead_msg *msg) +{ + typedef void (*enc_ops)(__u8 *, __u32, __u8 *, __u8 *); + __u8 ctr_r[AES_BLOCK_SIZE] = {0}; + __u8 data[AES_BLOCK_SIZE] = {0}; + __u8 H[AES_BLOCK_SIZE] = {0}; + __u8 K[AES_BLOCK_SIZE] = {0}; + __u8 S[AES_BLOCK_SIZE] = {0}; + __u8 g[AES_BLOCK_SIZE] = {0}; + __u8 G[AES_BLOCK_SIZE] = {0}; + __u32 i, len, block, offset; + enc_ops enc_func; + __u8 *out; + int ret; + + if (msg->calg == WCRYPTO_CIPHER_AES) + enc_func = aes_encrypt; + else if (msg->calg == WCRYPTO_CIPHER_SM4) + enc_func = sm4_encrypt; + else + return -WD_EINVAL; + + enc_func(msg->ckey, msg->ckey_bytes, data, H); + + len = msg->in_bytes; + offset = 0; + while (len) { + memset(data, 0, AES_BLOCK_SIZE); + block = len >= AES_BLOCK_SIZE ? AES_BLOCK_SIZE : len; + memcpy(data, msg->in + offset, block); + ctr_iv_inc(msg->iv, AES_BLOCK_SIZE >> CTR_MODE_LEN_SHIFT, msg->data_fmt); + enc_func(msg->ckey, msg->ckey_bytes, msg->iv, K); + out = msg->out + offset; + for (i = 0; i < block; i++) + out[i] = K[i] ^ data[i]; + + if (msg->op_type == WCRYPTO_CIPHER_ENCRYPTION_DIGEST) + memcpy(data, out, block); + + /* + * Mac and data is based on big-endian, the first argument of galois_compute + * must be converted to little-endian. + */ + for (i = 0; i < AES_BLOCK_SIZE; i++) + G[i] = data[GCM_BLOCK_OFFSET - i] ^ + msg->aiv[(__u8)(GCM_AUTH_MAC_OFFSET - i)]; + + galois_compute(G, H, msg->aiv + GCM_STREAM_MAC_OFFSET, AES_BLOCK_SIZE); + len -= block; + offset += block; + } + + get_galois_vector_s(msg, S); + + galois_compute(S, H, g, AES_BLOCK_SIZE); + enc_func(msg->ckey, msg->ckey_bytes, msg->aiv, ctr_r); + + /* Get the GMAC tag final */ + for (i = 0; i < AES_BLOCK_SIZE; i++) + msg->mac[i] = g[i] ^ ctr_r[i]; + + if (msg->op_type == WCRYPTO_CIPHER_DECRYPTION_DIGEST) { + ret = memcmp(msg->mac, msg->in + msg->in_bytes, msg->auth_bytes); + if (ret) { + msg->result = WD_IN_EPARA; + WD_ERR("failed to do the gcm authentication!\n"); + return -WD_EINVAL; + } + } + + msg->result = WD_SUCCESS; + + return 0; +} + +static void gcm_auth_ivin(struct wcrypto_aead_msg *msg) +{ + __u32 final_counter = GCM_FINAL_COUNTER; + + /* auth_ivin = {cipher_ivin(16B), null(16B), auth_mac(16B), null(16B)} */ + memset(msg->aiv, 0, AIV_STREAM_LEN); + + memcpy(msg->aiv, msg->iv, GCM_IV_SIZE); + /* The last 4 bytes of c_ivin are counters */ + memcpy(msg->aiv + GCM_IV_SIZE, &final_counter, GCM_FINAL_COUNTER_LEN); + + /* Fill auth_ivin with the mac of last MIDDLE BD */ + memcpy(msg->aiv + GCM_STREAM_MAC_OFFSET, msg->mac, GCM_FULL_MAC_LEN); + + /* Use the user's origin mac for decrypt icv check */ + if (msg->op_type == WCRYPTO_CIPHER_DECRYPTION_DIGEST) + memcpy(msg->mac, msg->in + msg->in_bytes, msg->auth_bytes); +} + +static int fill_aead_stream_bd3(struct wd_queue *q, struct wcrypto_aead_msg *msg, + struct hisi_sec_bd3_sqe *sqe) +{ + int ret; + + if (msg->msg_state != WCRYPTO_AEAD_MSG_BLOCK) { + sqe->scene = SCENE_STREAM; + if (msg->data_fmt == WD_SGL_BUF) { + WD_ERR("invalid data format for aead stream mode!\n"); + return -WD_EINVAL; + } + ret = map_addr(q, msg->mac, msg->auth_bytes, &sqe->mac_addr_l, + &sqe->mac_addr_h, msg->data_fmt); + if (unlikely(ret)) { + WD_ERR("fail to get aead mac dma address!\n"); + return -WD_EINVAL; + } + } + + switch (msg->msg_state) { + case WCRYPTO_AEAD_MSG_FIRST: + if (msg->cmode == WCRYPTO_CIPHER_GCM) + fill_gcm_first_bd3(msg, sqe); + break; + case WCRYPTO_AEAD_MSG_MIDDLE: + if (msg->cmode == WCRYPTO_CIPHER_GCM) + fill_gcm_middle_bd3(q, msg, sqe); + break; + case WCRYPTO_AEAD_MSG_END: + if (msg->cmode == WCRYPTO_CIPHER_GCM) { + gcm_auth_ivin(msg); + ret = gcm_do_soft_mac(msg); + if (unlikely(ret)) + goto out; + /* + * Avoids recalculation of data and ensure that + * the message sending and receiving process is + * compatible with the framework. + */ + sqe->invalid = 1; + } + break; + default: + /* Do nothing for the block messages. */ + break; + } + + return 0; + +out: + unmap_addr(q, msg->mac, msg->auth_bytes, sqe->mac_addr_l, + sqe->mac_addr_h, msg->data_fmt); + return ret; +} + static int fill_aead_bd3(struct wd_queue *q, struct hisi_sec_bd3_sqe *sqe, struct wcrypto_aead_msg *msg, struct wcrypto_aead_tag *tag) { @@ -2455,6 +2698,10 @@ static int fill_aead_bd3(struct wd_queue *q, struct hisi_sec_bd3_sqe *sqe, return ret; }

+ ret = fill_aead_stream_bd3(q, msg, sqe); + if (unlikely(ret)) + return ret; + if (tag) sqe->tag_l = tag->wcrypto_tag.ctx_id;

@@ -2599,6 +2846,15 @@ static void parse_aead_bd3(struct wd_queue *q, struct hisi_sec_bd3_sqe *sqe3, return; }

+ if (msg->msg_state == WCRYPTO_AEAD_MSG_FIRST) + msg->iv[AES_BLOCK_SIZE - 1] = 0x1; + else if (msg->msg_state == WCRYPTO_AEAD_MSG_MIDDLE) + ctr_iv_inc(msg->iv, msg->in_bytes >> CTR_MODE_LEN_SHIFT, msg->data_fmt); + + if (msg->op_type == WCRYPTO_CIPHER_ENCRYPTION_DIGEST && + msg->msg_state == WCRYPTO_AEAD_MSG_END) + memcpy(msg->out + msg->in_bytes, msg->mac, msg->auth_bytes); + dma_addr = DMA_ADDR(sqe3->data_src_addr_h, sqe3->data_src_addr_l); drv_iova_unmap(q, msg->in, (void *)(uintptr_t)dma_addr, msg->in_bytes); dma_addr = DMA_ADDR(sqe3->data_dst_addr_h, sqe3->data_dst_addr_l); @@ -2611,6 +2867,9 @@ static void parse_aead_bd3(struct wd_queue *q, struct hisi_sec_bd3_sqe *sqe3, sqe3->ipsec_scene.c_ivin_addr_h, msg->data_fmt); unmap_addr(q, msg->aiv, msg->iv_bytes, sqe3->auth_key_iv.a_ivin_addr_l, sqe3->auth_key_iv.a_ivin_addr_h, msg->data_fmt); + if (msg->msg_state != WCRYPTO_AEAD_MSG_BLOCK) + unmap_addr(q, msg->mac, msg->auth_bytes, sqe3->mac_addr_l, + sqe3->mac_addr_h, msg->data_fmt); }

/* diff --git a/v1/drv/hisi_sec_udrv.h b/v1/drv/hisi_sec_udrv.h index c266e960..250fd369 100644 --- a/v1/drv/hisi_sec_udrv.h +++ b/v1/drv/hisi_sec_udrv.h @@ -37,7 +37,7 @@ struct hisi_sec_sqe_type1 { __u32 c_key_type:2; __u32 a_key_type:2; __u32 rsvd0:10; - __u32 inveld:1; + __u32 invalid:1; __u32 mac_len:5; __u32 a_key_len:6; __u32 a_alg:6; @@ -116,7 +116,7 @@ struct hisi_sec_sqe_type2 { __u32 cal_iv_addr_en:1; __u32 tls_up:1; __u32 rsvd0:5; - __u32 inveld:1; + __u32 invalid:1; __u32 mac_len:5; __u32 a_key_len:6; __u32 a_alg:6; @@ -328,7 +328,7 @@ struct bd3_tls_type_back { /* the hw v2 sence */ struct hisi_sec_bd3_sqe { __u32 type:4; - __u32 inveld:1; + __u32 invalid:1; __u32 scene:4; __u32 de:2; __u32 src_addr_type:3; @@ -445,7 +445,8 @@ enum A_ALG { A_ALG_AES_CMAC = 0x21, A_ALG_AES_GMAC = 0x22, A_ALG_SM3 = 0x25, - A_ALG_HMAC_SM3 = 0x26 + A_ALG_HMAC_SM3 = 0x26, + A_ALG_SM4_GMAC = 0x31, };

enum C_MODE { diff --git a/v1/wd_aead.c b/v1/wd_aead.c index 884c6c71..3ebe1899 100644 --- a/v1/wd_aead.c +++ b/v1/wd_aead.c @@ -52,6 +52,9 @@ struct wcrypto_aead_ctx { __u16 iv_blk_size; struct wd_queue *q; struct wcrypto_aead_ctx_setup setup; + __u64 long_data_len; + __u8 *civ; + __u8 *mac; };

static void del_ctx_key(struct wcrypto_aead_ctx *ctx) @@ -83,6 +86,10 @@ static void del_ctx_key(struct wcrypto_aead_ctx *ctx) br->free(br->usr, ctx->ckey); if (ctx->akey) br->free(br->usr, ctx->akey); + if (ctx->civ) + br->free(br->usr, ctx->civ); + if (ctx->mac) + br->free(br->usr, ctx->mac); } }

@@ -228,17 +235,30 @@ void *wcrypto_create_aead_ctx(struct wd_queue *q, ctx->akey = setup->br.alloc(setup->br.usr, MAX_AEAD_KEY_SIZE); if (!ctx->akey) { WD_ERR("fail to alloc authenticate ctx key!\n"); - setup->br.free(setup->br.usr, ctx->ckey); goto free_ctx_ckey; } + ctx->civ = setup->br.alloc(setup->br.usr, AES_BLOCK_SIZE); + if (!ctx->civ) { + WD_ERR("fail to alloc civ for aead ctx!\n"); + goto free_ctx_akey; + } + ctx->mac = setup->br.alloc(setup->br.usr, MAX_AEAD_AUTH_SIZE); + if (!ctx->mac) { + WD_ERR("fail to alloc mac for aead ctx!\n"); + goto free_ctx_civ; + }

ctx->iv_blk_size = get_iv_block_size(setup->cmode); ret = init_aead_cookie(ctx, setup); if (ret) - goto free_ctx_akey; + goto free_ctx_mac;

return ctx;

+free_ctx_mac: + setup->br.free(setup->br.usr, ctx->mac); +free_ctx_civ: + setup->br.free(setup->br.usr, ctx->civ); free_ctx_akey: setup->br.free(setup->br.usr, ctx->akey); free_ctx_ckey: @@ -430,10 +450,51 @@ static int check_op_data(struct wcrypto_aead_op_data **op, return -WD_EINVAL; } } + if (unlikely(op[idx]->state >= WCRYPTO_AEAD_MSG_INVALID)) { + WD_ERR("fail to check message state: %d, idx: %u!\n", + op[idx]->state, idx); + return -WD_EINVAL; + } else if (idx && op[idx]->state != WCRYPTO_AEAD_MSG_BLOCK) { + WD_ERR("fail to send multiple messages for stream mode!\n"); + return -WD_EINVAL; + }

return 0; }

+static void fill_stream_msg(struct wcrypto_aead_msg *req, + struct wcrypto_aead_op_data *op, + struct wcrypto_aead_ctx *ctx) +{ + req->msg_state = op->state; + req->mac = ctx->mac; + switch (op->state) { + case WCRYPTO_AEAD_MSG_FIRST: + if (req->cmode == WCRYPTO_CIPHER_GCM) { + req->iv = ctx->civ; + memset(ctx->civ, 0, WCRYPTO_CCM_GCM_LEN); + memcpy(ctx->civ, op->iv, op->iv_bytes); + } + break; + case WCRYPTO_AEAD_MSG_MIDDLE: + if (req->cmode == WCRYPTO_CIPHER_GCM) { + req->iv = ctx->civ; + ctx->long_data_len += op->in_bytes; + req->long_data_len = ctx->long_data_len; + } + break; + case WCRYPTO_AEAD_MSG_END: + if (req->cmode == WCRYPTO_CIPHER_GCM) { + req->iv = ctx->civ; + req->long_data_len = ctx->long_data_len + op->in_bytes; + ctx->long_data_len = 0; + } + break; + default: + return; + } +} + static int aead_requests_init(struct wcrypto_aead_msg **req, struct wcrypto_aead_op_data **op, struct wcrypto_aead_ctx *ctx, __u32 num) @@ -473,6 +534,8 @@ static int aead_requests_init(struct wcrypto_aead_msg **req, } }

+ fill_stream_msg(req[0], op[0], ctx); + return WD_SUCCESS;

err_uninit_requests: diff --git a/v1/wd_aead.h b/v1/wd_aead.h index ae5697b4..5b0c417a 100644 --- a/v1/wd_aead.h +++ b/v1/wd_aead.h @@ -28,6 +28,14 @@ extern "C" { #endif

+enum wcrypto_aead_msg_state { + WCRYPTO_AEAD_MSG_BLOCK = 0x0, + WCRYPTO_AEAD_MSG_FIRST, + WCRYPTO_AEAD_MSG_MIDDLE, + WCRYPTO_AEAD_MSG_END, + WCRYPTO_AEAD_MSG_INVALID, +}; + enum wcrypto_aead_op_type { WCRYPTO_CIPHER_ENCRYPTION_DIGEST, WCRYPTO_CIPHER_DECRYPTION_DIGEST, @@ -98,6 +106,7 @@ struct wcrypto_aead_op_data { __u16 iv_bytes; __u16 assoc_size; void *priv; + enum wcrypto_aead_msg_state state; };

/* AEAD message format of Warpdrive */ @@ -126,6 +135,9 @@ struct wcrypto_aead_msg { __u8 *in; /* Input data VA pointer, should be DMA buffer */ __u8 *out; /* Output data VA pointer, should be DMA buffer */ __u64 usr_data; /* user identifier: struct wcrypto_cb_tag */ + __u8 *mac; + __u64 long_data_len; + enum wcrypto_aead_msg_state msg_state; };

/**

-- 2.33.0

Qi Tao

3:12 p.m.

New subject: [PATCH 11/13] uadk/v1: add assoc bytes check

From: Wenkai Lin linwenkai6@hisilicon.com

For the gcm stream mode, assoc bytes should not be 0, check it to avoid hardware error.

Signed-off-by: Wenkai Lin linwenkai6@hisilicon.com --- v1/drv/hisi_sec_udrv.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/v1/drv/hisi_sec_udrv.c b/v1/drv/hisi_sec_udrv.c index 5dd2a696..605f3d04 100644 --- a/v1/drv/hisi_sec_udrv.c +++ b/v1/drv/hisi_sec_udrv.c @@ -2634,8 +2634,13 @@ static int fill_aead_stream_bd3(struct wd_queue *q, struct wcrypto_aead_msg *msg

switch (msg->msg_state) { case WCRYPTO_AEAD_MSG_FIRST: - if (msg->cmode == WCRYPTO_CIPHER_GCM) + if (msg->cmode == WCRYPTO_CIPHER_GCM) { + if (unlikely(!msg->assoc_bytes)) { + WD_ERR("invalid: first bd assoc bytes is 0!\n"); + return -WD_EINVAL; + } fill_gcm_first_bd3(msg, sqe); + } break; case WCRYPTO_AEAD_MSG_MIDDLE: if (msg->cmode == WCRYPTO_CIPHER_GCM)

-- 2.33.0

Qi Tao

3:12 p.m.

New subject: [PATCH 12/13] uadk/v1: set aead msg state for the hardware v2

From: Wenkai Lin linwenkai6@hisilicon.com

The hardware only uses the block mode, so set the aead message state to the block mode first.

Signed-off-by: Wenkai Lin linwenkai6@hisilicon.com --- v1/drv/hisi_sec_udrv.c | 3 +++ 1 file changed, 3 insertions(+)

diff --git a/v1/drv/hisi_sec_udrv.c b/v1/drv/hisi_sec_udrv.c index 605f3d04..7cabc57b 100644 --- a/v1/drv/hisi_sec_udrv.c +++ b/v1/drv/hisi_sec_udrv.c @@ -3388,6 +3388,9 @@ int qm_fill_aead_sqe(void *message, struct qm_queue_info *info, __u16 i) uintptr_t temp; int ret;

+ /* The hardware only uses the block mode. */ + msg->msg_state = WCRYPTO_AEAD_MSG_BLOCK; + ret = aead_comb_param_check(msg); if (ret) { WD_ERR("Invalid aead cipher alg = %hhu and mode = %hhu combination\n",

-- 2.33.0

Qi Tao

3:12 p.m.

New subject: [PATCH 13/13] uadk/v1: fix input length check for aead stream mode.

From: Wenkai Lin linwenkai6@hisilicon.com

The hardware supports only 16-byte alignment for the aead middle messages, the invalid length check is added now.

Signed-off-by: Wenkai Lin linwenkai6@hisilicon.com --- v1/drv/hisi_sec_udrv.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/v1/drv/hisi_sec_udrv.c b/v1/drv/hisi_sec_udrv.c index 7cabc57b..b8ba55b4 100644 --- a/v1/drv/hisi_sec_udrv.c +++ b/v1/drv/hisi_sec_udrv.c @@ -2715,9 +2715,18 @@ static int fill_aead_bd3(struct wd_queue *q, struct hisi_sec_bd3_sqe *sqe,

static int aead_comb_param_check(struct wcrypto_aead_msg *msg) { + __u64 total; int ret;

- if (unlikely(msg->in_bytes + msg->assoc_bytes > MAX_CIPHER_LENGTH)) { + if (msg->msg_state == WCRYPTO_AEAD_MSG_MIDDLE) { + if (!msg->in_bytes || (msg->in_bytes & (AES_BLOCK_SIZE - 1))) { + WD_ERR("invalid: middle bd input size is 0 or not 16 bytes aligned!\n"); + return -WD_EINVAL; + } + } + + total = msg->in_bytes + msg->assoc_bytes; + if (unlikely(total > MAX_CIPHER_LENGTH)) { WD_ERR("fail to check input data length!\n"); return -WD_EINVAL; }

-- 2.33.0

Age (days ago)

Last active (days ago)

acc@openeuler.org

13 comments

1 participants

tags (0)

participants (1)

Qi Tao