RE: [PATCH] crypto: inside-secure - Fix corruption on not fully coherent systems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> -----Original Message-----
> From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> Sent: Friday, September 18, 2020 8:58 AM
> To: Van Leeuwen, Pascal <pvanleeuwen@xxxxxxxxxx>
> Cc: linux-crypto@xxxxxxxxxxxxxxx; antoine.tenart@xxxxxxxxxxx; davem@xxxxxxxxxxxxx
> Subject: Re: [PATCH] crypto: inside-secure - Fix corruption on not fully coherent systems
>
> <<< External Email >>>
> On Mon, Sep 07, 2020 at 10:19:44AM +0200, Pascal van Leeuwen wrote:
> >
> > @@ -921,9 +943,20 @@ static int safexcel_ahash_cra_init(struct crypto_tfm *tfm)
> >  ctx->base.send = safexcel_ahash_send;
> >  ctx->base.handle_result = safexcel_handle_result;
> >  ctx->fb_do_setkey = false;
> > +ctx->req_align = cache_line_size() - 1;
>
> So the alignment is just L1_CACHE_BYTES, which is a constant.
> Why don't you just put that into the struct and then simply align
> the whole struct? To get the aligned ctx, you can make a wrapper
> around ahash_request_ctx that does the aligning for you.
>
Actually, that is what we did as a _quick hack_ initially, but:

First of all, it's not only about the L1 cacheline size. It's about the worst case cache
line size in the path all the way from the CPU to the actual memory interface.

Second, cache line sizes may differ from system to system. So it's not actually
a constant at all (unless you compile the driver specifically for 1 target system).

> Have a look at drivers/crypto/padlock-aes.c which does something
> similar for the tfm ctx.
>
> Cheers,
> --
> Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Regards,
Pascal van Leeuwen
Silicon IP Architect Multi-Protocol Engines, Rambus Security
Rambus ROTW Holding BV
+31-73 6581953

Note: The Inside Secure/Verimatrix Silicon IP team was recently acquired by Rambus.
Please be so kind to update your e-mail address book with my new e-mail address.


** This message and any attachments are for the sole use of the intended recipient(s). It may contain information that is confidential and privileged. If you are not the intended recipient of this message, you are prohibited from printing, copying, forwarding or saving it. Please delete the message and attachments and notify the sender immediately. **

Rambus Inc.<http://www.rambus.com>




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux