Showing content from http://sunxi.montjoie.ovh/ below:
Security System/Crypto Engine driver status
What is it ? The Security System (SS for short) is a hardware cryptographic accelerator that supports AES/MD5/SHA1/DES/3DES/PRNG algorithms.
For later SoCs, the device was renamed to Crypto Engine (CE for short).
It could be found on Allwinner SoCs and could be split in three groups:
- A20, A10, A10s, A13, A31, A33 are handled by the first driver sun4i-ss.
It is the first generation of SS and support both DMA and PIO mode. The driver support only PIO mode, since DMA is too slow (speed/10).
- A80, A83T are the second generation of SS. It is a two stream Crypto Accelerator with mode functions then 1st SS (SHA224/SHA256/RSA) There are handled by the sun8i-ss driver.
- H3, H5, H6, R40 and A64 have the third generation of SS (renamed to CE). It is a 4 stream Crypto Accelerator with more functions (SHA384/SHA512/RSA4096/ECC) There are handled by the sun8i-ce driver.
- D1 even if it is RISCV, use the same IP than H6 and is handled by the sun8i-ce driver.
See the Support overview for more details
I handle lot of other crypto driver, you could find them in https://kernel.montjoie.ovh/
News 15/08/2022 Added D1 in status matrix. Added the HMAC-sha1 being handled by sun8i-ss. 18/12/2020 Both sun8i-ss and sun8i-ce was merged for 5.5. Support for RNGs are added in 5.10. Support for RSA is on good way. 09/11/2016 I have updated a bit the status matrix with some (bad) news.
Due to lack of documentation, support of RSA acceleration is stalled. Worstly, H5 CryptoEngine is the same as H3/A64 witout RSA. Does they find it buggy ?
The TRNG is not random at all, user manual give some prerequisite for A83T but not for other platform, so TRNG does not work for the moment.
Anyway, the sun8i-ce driver progress and work (but with some crap). You can find it on my github. 19/05/2016 The work on the H3 Crypto Engine is progressing well. Since A64 have the same IP block, it will be supported soon.
The only bad news is the removal of all RSA in the last H3 usermanual for an unknown reason. 16/09/2015 The sun4i-ss driver has reached the 4.3 release.
Edit: due to external patch added in the rc process, the sun4i-ss in current 4.3 will fail to load with "Failed to load md5".
The patch solving the problem could be found at https://lkml.org/lkml/2015/11/16/46 20/07/2015 The sun4i-ss driver has been accepted for mainline, reaching probably the 4.3 stable release.
Now it is time to work on the DMA.
Status
The sun4i-ss driver has been accepted for mainline, reaching the 4.3 stable release.
The sun8i-ss driver has been accepted for mainline, reaching the 5.5.
The sun8i-ce driver has been accepted for mainline, reaching the 5.5.
For the other drivers, you can find the latest develoment patchs here: Allwinner Security System dev patchs
PRNG and TRNG status The sun4i-ss PRNG will be present on 4.14. You need libkcapi to use it via kcapi-rng tool.
The sun8i-ss PRNG is working and will be mainlined with the whole sun8i-ss driver. The sun8i-ce PRNG is not working due to the hardware.
The only TRNG which work is the h6's one. Other are simply not enough random.
sun4i-ss DMA The sun4i-ss support both DMA and PIO mode.
For the moment only PIO mode is working since DMA engine driver was not ready at the beginning of developement
But now, the DMA engine driver is in mainline since 4.3 and the DMA support is being written.
The SS DMA support is availlable on my Linux repository.
But the performance drop dramaticaly with it. (expect a division by 10)
Support overview Driver sun4i-ss sun8i-ss sun8i-ce Category Name A20 A10 A10s A31 A33 A80 A83T H3 R40 A64 H5 H6 D1 Note AES/DES/3DES CBC 4.3 4.3 NT 4.3 4.3 5.5 5.5 5.5 5.5 5.5 5.5 5.5 6.x ECB 4.3 4.3 NT 4.3 4.3 5.5 5.5 5.5 5.5 5.5 5.5 5.5 6.x CTS NO (1)(2) NO NO NO NO NT WIP OK OK OK OK WIP WIP (1)(2) CTR NO (1)(3) NO NO NO NO NT WIP OK OK OK OK WIP WIP (1)(3) OFB WIP WIP WIP CFB WIP WIP WIP CBC-MAC WIP WIP WIP XTS OK HASH MD5 4.3 4.3 NT 4.3 4.3 NT 5.10 5.10 5.10 5.10 5.10 5.10 6.x SHA1 4.3 4.3 NT 4.3 4.3 NT 5.10 5.10 5.10 5.10 5.10 5.10 6.x RNG PRNG 4.14 4.14 4.14 4.14 4.14 NT 5.10 5.10 5.10 5.10 5.10 5.10 6.x (8) TRNG NO ??(10) ??(10) ??(10) ??(10) ??(10) 5.10 6.x RSA 512 WIP SNW (9) OK OK OK WIP WIP 1024 WIP SNW (9) OK OK OK WIP WIP 2048 NO WIP SNW (9) OK OK OK WIP WIP 3072 WIP SNW (9) SNW WIP 4096 SNW (9) SNW WIP ECC 160 WIP 224 WIP 256 WIP 384 WIP 521 WIP HASH SHA224 NT 5.10 5.10 5.10 5.10 5.10 5.10 6.x SHA256 NT 5.10 5.10 5.10 5.10 5.10 5.10 6.x SHA384 5.10 5.10 6.x SHA512 5.10 5.10 6.x HMAC-SHA1 5.19 WIP WIP WIP WIP WIP HMAC-SHA256 WIP WIP WIP CRC CRC32 WIP Note (7) (5) (6) Legend: 4.3 support is available since Linux x OK Support is written and will be soon be sent for mainline OK support is written but work/cleaning is needed to made it mainlinable WIP support is being written NT Need hardware for testing SNW Unsupported according to datasheet, but work. (Need extended testing) NO support is not written 5.x support is done via some software fallback (like HMAC using only hw hash) Read the datahseet for more details.
Note:
- (1): CTR and CTS are not available due to hardware bug see this answer on linux-crypto
- (2): CTS block mode is not available for DES/3DES according to datasheet
- (3): CTR mode is referenced as CNT mode in the datasheet
- (7): The PRNG does not seem to work on A10 for the moment
- (8): See the PRNG section
- (9): Allwinner have removed all RSA documentation from the H3 user manual 1.2
- (10): The TRNG is not really random due do lack of documentation
Using the hardware accelerator Testing First you need to be sure that the driver is loaded
You can check its presence by checking:
cat /proc/crypto
...[snip]...
name : cbc(des3_ede)
driver : cbc-des3-sunxi-ss
module : sunxi_ss
priority : 400
refcnt : 1
selftest : passed
type : ablkcipher
async : yes
blocksize : 8
min keysize : 24
max keysize : 24
ivsize : 8
geniv : <default>
...[snip]...
For each algorithm, you must see it in the list (driver xxx-sunxi-ss)
You can check that everything is working with the tcrypt module.
The tcrypt module always exits with an error.
You need to dig dmesg for finding if algorithms handled by the Security System work
modprobe tcrypt
modprobe: ERROR: could not insert 'tcrypt': Unknown error 156
dmesg |grep -iE 'cbc(aes)|md5|sha1'
cryptodev The cryptodev module could be found at http://cryptodev-linux.org/
It creates a /dev/crypto which could be used by user space applications
See my bencher for an example of how to use it
AF_ALG The AF_ALG is already in mainline kernel
You need the following options in you .config
CONFIG_CRYPTO_USER_API
CONFIG_CRYPTO_USER_API_HASH
CONFIG_CRYPTO_USER_API_SKCIPHER
See my bencher for an example of how to use it
Openssl engine you need to use an engine that supports AF_ALG or cryptodev.
Openssl cryptodev engine The engine is already included in openssl releases.
Warning: I hit a bug that makes sshd impossible. See my bug report
Openssl AF_ALG engine The engine could be found here openssl AF_ALG engine Bench
- For each bench, 50000 requests are made
- Request size is in bytes
- The number given for generic implementations and SS driver are in requests per second.
Hash benchsWARNING: The following bench are only for sun4i-ss. And they are old. SHA1 cryptodev AF_ALG request size Generic with SS percent gain Generic with SS percent gain 16 11534,192383 11775,84668 2,0951124186 32 11212,577148 12042,899414 7,4052758348 64 10893,463867 11760,001953 7,9546606716 128 10849,072266 11671,621094 7,5817434692 256 10588,62793 11489,490234 8,5078284926 512 10149,611328 11127,267578 9,6324501344 1024 9322,805664 10475,892578 12,3684538277 2048 7978,554688 9399,703125 17,8121037277 4096 6232,247559 7830,920898 25,6516340833 8192 4292,581543 5803,837891 35,206235056 16384 2644,959717 3851,314941 45,6095877849 32768 1515,654175 2316,668213 52,8493934311 65536 818,968262 1290,18396 57,537723971 131072 426,400452 682,471741 60,0541786011 262144 217,336731 351,436218 61,7012533422 524288 110,03344 178,394211 62,1272687648 1048576 55,533035 89,905128 61,8948577185 2097152 27,838724 45,077995 61,9255070742 MD5 request size Generic with SS percent gain 16 12198,157227 12076,533203 -0,9970688337 32 12163,472656 11529,570312 -5,2115243889 64 12063,032227 11389,09375 -5,586808228 128 11929,520508 11271,333984 -5,5172923636 256 11676,336914 11109,584961 -4,8538506312 512 11295,496094 10807,859375 -4,317089882 1024 10529,985352 10278,543945 -2,387860938 2048 9287,404297 9351,836914 0,6937634557 4096 7526,553223 7902,242188 4,9915140951 8192 5405,458984 5944,568848 9,9734336269 16384 3458,681396 4020,386475 16,2404400605 32768 2039,627197 2461,080811 20,6632670235 65536 1119,260864 1390,037354 24,192437948 131072 589,458008 740,429871 25,6119793015 262144 302,136932 383,033844 26,7749167454 524288 153,233093 194,945908 27,2218058014 1048576 77,274544 98,332794 27,2512122491 2097152 38,812077 49,458996 27,4319743311 Cipher Benchs AES CBC 128 cryptodev AF_ALG request size Generic SS gain SS with DMA gain Generic with SS gain SS with DMA gain 16 93942.49 75686.47 -19.44 5945.97 -93.68 5986.37 6284.60 4.98 3046.07 -49.12 32 87545.74 72785.50 -16.87 8582.14 -90.20 6432.35 6711.40 4.33 3895.02 -39.45 64 75886.35 67811.78 -10.65 8127.22 -89.30 6330.03 6758.03 6.76 3797.35 -40.02 128 61437.13 58713.69 -4.44 7624.93 -87.59 6246.05 6626.59 6.09 3677.93 -41.12 256 44907.49 47301.45 5.33 7199.11 -83.97 6018.04 6431.07 6.86 3545.20 -41.10 512 29311.75 33659.83 14.83 6516.44 -77.77 5620.59 6107.01 8.65 2968.84 -47.18 1024 17160.31 21352.46 24.42 5632.50 -67.18 4921.62 5490.10 11.55 3149.22 -36.02 2048 9414.33 12371.33 31.40 4401.97 -53.25 3975.93 4600.51 15.70 2154.77 -45.81 4096 4728.22 6310.10 33.45 2170.19 -54.11 2724.88 3409.93 25.14 1402.05 -48.55 8192 2436.20 3299.57 35.43 1414.79 -41.93 1720.89 2243.90 30.39 1113.95 -35.27 16384 1239.12 1691.91 36.54 830.46 -32.98 986.41 1344.77 36.32 689.55 -30.10 32768 624.45 856.40 37.14 457.24 -26.78 537.32 690.83 28.56 406.44 -24.36 65536 313.52 430.69 37.37 236.97 -24.42 280.16 381.77 36.27 217.17 -22.49 131072 157.21 218.36 38.89 117.20 -25.46 131.51 195.69 48.80 116.08 -11.74 262144 78.67 109.91 39.71 60.80 -22.72 72.61 100.03 37.76 58.35 -19.63 524288 38.53 54.42 41.20 30.98 -19.61 36.63 50.68 38.36 29.97 -18.19 1048576 19.43 27.49 41.45 15.20 -21.80 18.21 25.57 40.36 15.57 -14.50 CBC 192 request size Generic with SS percent gain 16 54887,21875 53323,664062 -2,8486680936 32 52201,914062 51708,300781 -0,9455846397 64 47370,367188 49170,386719 3,7998851135 128 39986,167969 44686,335938 11,7544846324 256 31598,929688 37700,765625 19,3102614463 512 21817,054688 28847,306641 32,2236527961 1024 13611,482422 19746,658203 45,0735312348 2048 7748,078125 12116,365234 56,3789760316 4096 3973,558838 6630,547852 66,8667338858 8192 2073,604736 3498,948486 68,7374852716 16384 1062,731812 1800,677002 69,4385151237 32768 539,011353 914,349915 69,6346301262 65536 271,474457 460,419739 69,5996537162 131072 136,22583 230,658081 69,3203711807 262144 67,679237 115,2174 70,2403944063 524288 33,962349 58,150139 71,219425959 1048576 16,977575 29,196684 71,9720513678 CBC 256 request size Generic with SS percent gain 16 53299,761719 78896,492188 48,024099252 32 50552,882812 75414,382812 49,1791933854 64 45627,074219 69111,257812 51,4698432783 128 38222,894531 60228,265625 57,5711791689 256 29589,509766 47436,484375 60,3152088363 512 20271,425781 33738,644531 66,4344920554 1024 12366,283203 21317,179688 72,3814612529 2048 6969,46875 12329,610352 76,9088978554 4096 3510,141602 6561,364746 86,9259274971 8192 1819,765259 3425,541748 88,2408585975 16384 927,647827 1751,539307 88,8151145316 32768 468,39566 885,724548 89,0975138412 65536 235,436951 444,854584 88,9484985728 131072 118,082893 222,677353 88,5771489355 262144 59,484013 111,328018 87,1561994313 524288 29,890039 55,355247 85,1963023534 1048576 14,945913 27,657755 85,0522948983 DES 3DES Bench tools I use two bench tools, one for benching MD5 and SHA1 through AF_ALG, and one for benching ciphers (AES, DES, 3DES) througth cryptodev.
You can find both tools on my cryptotest github Contacts You could find me on Freenode, montjoie on #linux-sunxi. My email is easy to find too. Other sunxi works H3/A64/A83T EMAC(Ethernet) driver I am working on the H3 EMAC driver which was accepted in mainline. Hwmon Apart from that I have also worked on getting temperature on A20 based boards.
Cubieboard2 has two sources of temperature, one in the TouchScreen controller embeded in the SoC and one in the AXP209 chip.
My original work for 3.4.x Allwinner based kernel can be found here for AXP209 sensor and here for A20 Embeded sensor
It is reported to still compile and work on 3.4.203
But seriously, stop using old kernel
In mainline the sun4i-ts (drivers/input/touchscreen) already gives sensors output
For getting AXP209 temperature you need the following patchs:
mfd-axp20x-Rename-ADC-register-name-IPSOUT-to-APS.patch
hwmon-AXP20x-Add-support-for-basic-voltage-current-t.patch
cubieboard # sensors
sun4i_ts-isa-0000
Adapter: ISA adapter
SoC temperature: +40.6°C
axp209-isa-0000
Adapter: ISA adapter
ACIN: +5.13 V
VBUS: +0.01 V
BATT: +0.00 V
APS: +4.97 V
CHIP: +23.5°C
BATT: 0.00 W
ACIN: +0.16 A
VBUS: +0.00 A
BATT_CHRG: +0.00 A
BATT_DISCHRG: +0.00 A
RetroSearch is an open source project built by @garambo
| Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.3