Re: [PATCH v2] armv8: crypto: SHA-512 using ARMv8 Crypto Extensions

12 Feb 2024

On 2/12/24 11:45, Igor Opaniuk wrote:
...
From: Igor Opaniuk igor.opaniuk@gmail.com
Add support for the SHA-512 Secure Hash Algorithm which uses ARMv8 Crypto
Extensions. The CPU should support ARMv8.2 instruction set and implement
SHA512H, SHA512H2, SHA512SU0, and SHA512SU1 instructions.
This information can be obtained from ID_AA64ISAR0_EL1 (AArch64 Instruction
Set Attribute Register 0), bits [15:12] should be 0b0010 [1], that
indicates support for SHA512* instructions in AArch64 state. As not all
ARMv8-base SoCs support that, ARMV8_CE_SHA512 is left disabled by
default for now.
Validated in QEMU for ARMv8 with compiled-in SHA-2 support (because of
absence of hw with ARMv8.2-A ready SoC at hand):
=> hash sha512 0x40200000 0x2000000
sha512 for 40200000 ... 421fffff ==> 1aeae269f4eb7c37...
The implementation is based on original implementation from Ard Biesheuvel in
Linux kernel [2]
[1] https://developer.arm.com/documentation/ddi0601/2023-12/AArch64-Registers/ID...
[2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch...
CC: Ard Biesheuvel ardb@kernel.org>
CC: Loic Poulain loic.poulain@linaro.org
Signed-off-by: Igor Opaniuk igor.opaniuk@gmail.com

Changes in v2:

Dropped "Default n" in Kconfig as Michal Simek suggested

Adjusted commit message about QEMU validation
arch/arm/cpu/armv8/Kconfig          |   4 +
arch/arm/cpu/armv8/Makefile         |   1 +
arch/arm/cpu/armv8/sha512_ce_core.S | 210 ++++++++++++++++++++++++++++
arch/arm/cpu/armv8/sha512_ce_glue.c |  20 +++
lib/sha512.c                        |   6 +-
5 files changed, 239 insertions(+), 2 deletions(-)
create mode 100644 arch/arm/cpu/armv8/sha512_ce_core.S
create mode 100644 arch/arm/cpu/armv8/sha512_ce_glue.c

diff --git a/arch/arm/cpu/armv8/Kconfig b/arch/arm/cpu/armv8/Kconfig
index 9f0fb369f7..37b8b60914 100644
--- a/arch/arm/cpu/armv8/Kconfig
+++ b/arch/arm/cpu/armv8/Kconfig
@@ -204,6 +204,10 @@ config ARMV8_CE_SHA256
   bool "SHA-256 digest algorithm (ARMv8 Crypto Extensions)"
   default y if SHA256
+config ARMV8_CE_SHA512

bool "SHA-512 digest algorithm (ARMv8 Crypto Extensions)"

depends on SHA512

endif
endif


diff --git a/arch/arm/cpu/armv8/Makefile b/arch/arm/cpu/armv8/Makefile
index bba4f570db..3894f2bb2a 100644
--- a/arch/arm/cpu/armv8/Makefile
+++ b/arch/arm/cpu/armv8/Makefile
@@ -45,3 +45,4 @@ obj-$(CONFIG_TARGET_BCMNS3) += bcmns3/
  obj-$(CONFIG_XEN) += xen/
  obj-$(CONFIG_ARMV8_CE_SHA1) += sha1_ce_glue.o sha1_ce_core.o
  obj-$(CONFIG_ARMV8_CE_SHA256) += sha256_ce_glue.o sha256_ce_core.o
+obj-$(CONFIG_ARMV8_CE_SHA512) += sha512_ce_glue.o sha512_ce_core.o
\ No newline at end of file
Add that newline here.
M

    