mirror of
https://github.com/Telecominfraproject/OpenCellular.git
synced 2026-01-09 00:51:29 +00:00
a8cf9d9213
This change configures the SHA engine to a) enable random stalls at 12% during regular operation through SHA API's, and b) enables random stalls at 25% when doing key-ladder operations. TCG tests continue to complete in ~20 minutes (i.e. no noticeable slowdown). BRANCH=none BUG=b:38315169 TEST=TCG tests pass Change-Id: Id4b541cdd3d51c57979a93f71a6291cca8eb1844 Signed-off-by: nagendra modadugu <ngm@google.com> Reviewed-on: https://chromium-review.googlesource.com/508172 Commit-Ready: Nagendra Modadugu <ngm@google.com> Tested-by: Nagendra Modadugu <ngm@google.com> Reviewed-by: Marius Schilder <mschilder@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
196 lines
4.4 KiB
C
196 lines
4.4 KiB
C
/* Copyright 2015 The Chromium OS Authors. All rights reserved.
|
|
* Use of this source code is governed by a BSD-style license that can be
|
|
* found in the LICENSE file.
|
|
*/
|
|
|
|
#include "dcrypto.h"
|
|
#include "internal.h"
|
|
#include "registers.h"
|
|
#include "util.h"
|
|
|
|
#include "cryptoc/sha256.h"
|
|
|
|
static void dcrypto_sha256_init(LITE_SHA256_CTX *ctx);
|
|
static const uint8_t *dcrypto_sha256_final(LITE_SHA256_CTX *ctx);
|
|
|
|
#ifdef SECTION_IS_RO
|
|
/* RO is single threaded. */
|
|
#define mutex_lock(x)
|
|
#define mutex_unlock(x)
|
|
static inline int dcrypto_grab_sha_hw(void)
|
|
{
|
|
return 1;
|
|
}
|
|
static inline void dcrypto_release_sha_hw(void)
|
|
{
|
|
}
|
|
#else
|
|
#include "task.h"
|
|
static struct mutex hw_busy_mutex;
|
|
|
|
static int hw_busy;
|
|
|
|
int dcrypto_grab_sha_hw(void)
|
|
{
|
|
int rv = 0;
|
|
|
|
mutex_lock(&hw_busy_mutex);
|
|
if (!hw_busy) {
|
|
rv = 1;
|
|
hw_busy = 1;
|
|
}
|
|
mutex_unlock(&hw_busy_mutex);
|
|
|
|
return rv;
|
|
}
|
|
|
|
void dcrypto_release_sha_hw(void)
|
|
{
|
|
mutex_lock(&hw_busy_mutex);
|
|
hw_busy = 0;
|
|
mutex_unlock(&hw_busy_mutex);
|
|
}
|
|
|
|
#endif /* ! SECTION_IS_RO */
|
|
|
|
void dcrypto_sha_wait(enum sha_mode mode, uint32_t *digest)
|
|
{
|
|
int i;
|
|
const int digest_len = (mode == SHA1_MODE) ?
|
|
SHA_DIGEST_SIZE :
|
|
SHA256_DIGEST_SIZE;
|
|
|
|
/* Stop LIVESTREAM mode. */
|
|
GREG32(KEYMGR, SHA_TRIG) = GC_KEYMGR_SHA_TRIG_TRIG_STOP_MASK;
|
|
|
|
/* Wait for SHA DONE interrupt. */
|
|
while (!GREG32(KEYMGR, SHA_ITOP))
|
|
;
|
|
|
|
/* Read out final digest. */
|
|
for (i = 0; i < digest_len / 4; ++i)
|
|
*digest++ = GR_KEYMGR_SHA_HASH(i);
|
|
dcrypto_release_sha_hw();
|
|
}
|
|
|
|
/* Hardware SHA implementation. */
|
|
static const HASH_VTAB HW_SHA256_VTAB = {
|
|
dcrypto_sha256_init,
|
|
dcrypto_sha_update,
|
|
dcrypto_sha256_final,
|
|
DCRYPTO_SHA256_hash,
|
|
SHA256_DIGEST_SIZE
|
|
};
|
|
|
|
void dcrypto_sha_hash(enum sha_mode mode, const uint8_t *data, uint32_t n,
|
|
uint8_t *digest)
|
|
{
|
|
dcrypto_sha_init(mode);
|
|
dcrypto_sha_update(NULL, data, n);
|
|
dcrypto_sha_wait(mode, (uint32_t *) digest);
|
|
}
|
|
|
|
void dcrypto_sha_update(struct HASH_CTX *unused,
|
|
const void *data, uint32_t n)
|
|
{
|
|
const uint8_t *bp = (const uint8_t *) data;
|
|
const uint32_t *wp;
|
|
|
|
/* Feed unaligned start bytes. */
|
|
while (n != 0 && ((uint32_t)bp & 3)) {
|
|
GREG8(KEYMGR, SHA_INPUT_FIFO) = *bp++;
|
|
n -= 1;
|
|
}
|
|
|
|
/* Feed groups of aligned words. */
|
|
wp = (uint32_t *)bp;
|
|
while (n >= 8*4) {
|
|
GREG32(KEYMGR, SHA_INPUT_FIFO) = *wp++;
|
|
GREG32(KEYMGR, SHA_INPUT_FIFO) = *wp++;
|
|
GREG32(KEYMGR, SHA_INPUT_FIFO) = *wp++;
|
|
GREG32(KEYMGR, SHA_INPUT_FIFO) = *wp++;
|
|
GREG32(KEYMGR, SHA_INPUT_FIFO) = *wp++;
|
|
GREG32(KEYMGR, SHA_INPUT_FIFO) = *wp++;
|
|
GREG32(KEYMGR, SHA_INPUT_FIFO) = *wp++;
|
|
GREG32(KEYMGR, SHA_INPUT_FIFO) = *wp++;
|
|
n -= 8*4;
|
|
}
|
|
/* Feed individual aligned words. */
|
|
while (n >= 4) {
|
|
GREG32(KEYMGR, SHA_INPUT_FIFO) = *wp++;
|
|
n -= 4;
|
|
}
|
|
|
|
/* Feed remaing bytes. */
|
|
bp = (uint8_t *) wp;
|
|
while (n != 0) {
|
|
GREG8(KEYMGR, SHA_INPUT_FIFO) = *bp++;
|
|
n -= 1;
|
|
}
|
|
}
|
|
|
|
void dcrypto_sha_init(enum sha_mode mode)
|
|
{
|
|
int val;
|
|
|
|
/* Stop LIVESTREAM mode, in case final() was not called. */
|
|
GREG32(KEYMGR, SHA_TRIG) = GC_KEYMGR_SHA_TRIG_TRIG_STOP_MASK;
|
|
/* Clear interrupt status. */
|
|
GREG32(KEYMGR, SHA_ITOP) = 0;
|
|
|
|
/* Enable streaming mode. */
|
|
val = GC_KEYMGR_SHA_CFG_EN_LIVESTREAM_MASK;
|
|
/* Enable SHA DONE interrupt. */
|
|
val |= GC_KEYMGR_SHA_CFG_EN_INT_EN_DONE_MASK;
|
|
/* Select SHA mode. */
|
|
if (mode == SHA1_MODE)
|
|
val |= GC_KEYMGR_SHA_CFG_EN_SHA1_MASK;
|
|
GREG32(KEYMGR, SHA_CFG_EN) = val;
|
|
|
|
/* Turn off random nops (which are enabled by default). */
|
|
GWRITE_FIELD(KEYMGR, SHA_RAND_STALL_CTL, STALL_EN, 0);
|
|
/* Configure random nop percentage at 12%. */
|
|
GWRITE_FIELD(KEYMGR, SHA_RAND_STALL_CTL, FREQ, 2);
|
|
/* Now turn on random nops. */
|
|
GWRITE_FIELD(KEYMGR, SHA_RAND_STALL_CTL, STALL_EN, 1);
|
|
|
|
/* Start SHA engine. */
|
|
GREG32(KEYMGR, SHA_TRIG) = GC_KEYMGR_SHA_TRIG_TRIG_GO_MASK;
|
|
}
|
|
|
|
static void dcrypto_sha256_init(LITE_SHA256_CTX *ctx)
|
|
{
|
|
ctx->f = &HW_SHA256_VTAB;
|
|
dcrypto_sha_init(SHA256_MODE);
|
|
}
|
|
|
|
/* Requires dcrypto_grab_sha_hw() to be called first. */
|
|
void DCRYPTO_SHA256_init(LITE_SHA256_CTX *ctx, uint32_t sw_required)
|
|
{
|
|
if (!sw_required && dcrypto_grab_sha_hw())
|
|
dcrypto_sha256_init(ctx);
|
|
#ifndef SECTION_IS_RO
|
|
else
|
|
SHA256_init(ctx);
|
|
#endif
|
|
}
|
|
|
|
static const uint8_t *dcrypto_sha256_final(LITE_SHA256_CTX *ctx)
|
|
{
|
|
dcrypto_sha_wait(SHA256_MODE, (uint32_t *) ctx->buf);
|
|
return ctx->buf;
|
|
}
|
|
|
|
const uint8_t *DCRYPTO_SHA256_hash(const void *data, uint32_t n,
|
|
uint8_t *digest)
|
|
{
|
|
if (dcrypto_grab_sha_hw())
|
|
/* dcrypto_sha_wait() will release the hw. */
|
|
dcrypto_sha_hash(SHA256_MODE, data, n, digest);
|
|
#ifndef SECTION_IS_RO
|
|
else
|
|
SHA256_hash(data, n, digest);
|
|
#endif
|
|
return digest;
|
|
}
|