Hi!
I've done some testing with hardware acceleration of hash functions
and noticed that, when using the synchronous message digest API (shash),
some drivers are not usable. In my case the CAAM driver for SHA256.
Using the asynchronous interface (ahash), everything works as expected.
Looking at the driver source, the CAAM driver only implements the ahash
interface.
I'm wondering if there a way to use an ahash driver through the shash interface?
I've seen that it does actually work the other way around, since
crypto_init_shash_ops_async() in crypto/shash.c takes care of translating calls
from ahash to shash and that's how the *-generic drivers are usable through the
ahash API.
Thanks!
David
Am Mittwoch, 29. Mai 2019, 16:04:47 CEST schrieb David Gstir:
Hi David,
> Hi!
>
> I've done some testing with hardware acceleration of hash functions
> and noticed that, when using the synchronous message digest API (shash),
> some drivers are not usable. In my case the CAAM driver for SHA256.
> Using the asynchronous interface (ahash), everything works as expected.
> Looking at the driver source, the CAAM driver only implements the ahash
> interface.
>
> I'm wondering if there a way to use an ahash driver through the shash
> interface?
Short: no.
>
> I've seen that it does actually work the other way around, since
> crypto_init_shash_ops_async() in crypto/shash.c takes care of translating
> calls from ahash to shash and that's how the *-generic drivers are usable
> through the ahash API.
The crypto_alloc_shash will only identify cipher implementations that were
registered with the CRYPTO_ALG_TYPE_SHASH flag. That flag is set when a cipher
is registered using crypto_register_shash.
Thus, ciphers registered with crypto_register_ahash will not bear this flag
and thus will not be found by the allocation function.
Ciao
Stephan
Stephan,
----- Ursprüngliche Mail -----
>> I've seen that it does actually work the other way around, since
>> crypto_init_shash_ops_async() in crypto/shash.c takes care of translating
>> calls from ahash to shash and that's how the *-generic drivers are usable
>> through the ahash API.
>
> The crypto_alloc_shash will only identify cipher implementations that were
> registered with the CRYPTO_ALG_TYPE_SHASH flag. That flag is set when a cipher
> is registered using crypto_register_shash.
>
> Thus, ciphers registered with crypto_register_ahash will not bear this flag
> and thus will not be found by the allocation function.
is there a reason why we don't emulate the synchronous functionality
in the crypto API layer if a driver implements only the async interface?
Or is it just a matter of -ENOPATCH? :)
Thanks,
//richard
Am Mittwoch, 29. Mai 2019, 22:21:50 CEST schrieb Richard Weinberger:
Hi Richard,
> Stephan,
>
> ----- Urspr?ngliche Mail -----
>
> >> I've seen that it does actually work the other way around, since
> >> crypto_init_shash_ops_async() in crypto/shash.c takes care of translating
> >> calls from ahash to shash and that's how the *-generic drivers are usable
> >> through the ahash API.
> >
> > The crypto_alloc_shash will only identify cipher implementations that were
> > registered with the CRYPTO_ALG_TYPE_SHASH flag. That flag is set when a
> > cipher is registered using crypto_register_shash.
> >
> > Thus, ciphers registered with crypto_register_ahash will not bear this
> > flag
> > and thus will not be found by the allocation function.
>
> is there a reason why we don't emulate the synchronous functionality
> in the crypto API layer if a driver implements only the async interface?
>
> Or is it just a matter of -ENOPATCH? :)
How can that be done in the first place? SHASH is intended and is used with
stack variables. An AHASH will have to be expected to sleep inbetween. Thus,
it cannot be used as SHASH.
Ciao
Stephan
> >
> > The crypto_alloc_shash will only identify cipher implementations that
> were
> > registered with the CRYPTO_ALG_TYPE_SHASH flag. That flag is set when a
> cipher
> > is registered using crypto_register_shash.
> >
> > Thus, ciphers registered with crypto_register_ahash will not bear this
> flag
> > and thus will not be found by the allocation function.
>
> is there a reason why we don't emulate the synchronous functionality
> in the crypto API layer if a driver implements only the async interface?
>
> Or is it just a matter of -ENOPATCH? :)
>
Well, one reason might be that asynchronous implementations are usually
hardware accelerators that rely on many operations being batch queued in
order to actually usefully accelerate anything (due to large latencies).
Which you can't do from the synchronous interface, so you'd get a slow down,
not a speed up.
(But some people - Ad :-) - might argue that using the accelerator may still
be useful to offload the CPU, reduce power consumption, etc.)
In any case, I didn't really know this but I'm quite happy with it. If you
want *performance*, you shouldn't end up at a h/w accelerator with a
synchronous API. If you do want the h/w acceleration, you can always use
the asynchronous API, so nothing lost there, you do have a choice.
Regards,
Pascal van Leeuwen
Silicon IP Architect, Multi-Protocol Engines @ Inside Secure
http://www.insidesecure.com