On Thu, Jul 24, 2014 at 01:04:55PM +0200, Corentin LABBE wrote: > Le 24/07/2014 08:00, Herbert Xu a écrit : > > On Sat, Jul 12, 2014 at 02:59:13PM +0200, LABBE Corentin wrote: > >> > >> +/* sunxi_hash_init: initialize request context > >> + * Activate the SS, and configure it for MD5 or SHA1 > >> + */ > >> +int sunxi_hash_init(struct ahash_request *areq) > >> +{ > >> + const char *hash_type; > >> + struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq); > >> + struct sunxi_req_ctx *op = crypto_ahash_ctx(tfm); > >> + > >> + mutex_lock(&ss->lock); > >> + > >> + hash_type = crypto_tfm_alg_name(areq->base.tfm); > >> + > >> + op->byte_count = 0; > >> + op->nbwait = 0; > >> + op->waitbuf = 0; > >> + > >> + /* Enable and configure SS for MD5 or SHA1 */ > >> + if (strcmp(hash_type, "sha1") == 0) > >> + op->mode = SS_OP_SHA1; > >> + else > >> + op->mode = SS_OP_MD5; > >> + > >> + writel(op->mode | SS_ENABLED, ss->base + SS_CTL); > >> + return 0; > > > > The hash driver is completely broken. You are modifying tfm > > ctx data which is shared by all users of a single tfm. So > > if two users conduct hashes in parallel they will step all > > over each other. > > So where can I store data for each request ? Well, first of all you need to stop storing state in the hardware. After each operation the hardware may be used by some other user for a completely different hash request. So leaving the hash state in the hardware is a no-no. If your hardware supports exporting the hash state then you just have to export it after each operation and reimporting before the next one. If your hardware is incapable of exporting partial hash state then you will have to use a software fallback for init/update. If your hardware is incapable of importing partial hash state then you will also have to do finup/final using a software fallback. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html