CAAM activation problem on I.MX6

cancel
Showing results for 
Search instead for 
Did you mean: 

CAAM activation problem on I.MX6

Jump to solution
1,491 Views
Aymen_IRT
Contributor III

Hi all,

 

I am trying to activate CAAM on I.MX6 (Nitrogen6x). I am using an Ubuntu (Linaro) image which I downloaded from the following link: http://boundarydevices.com/imx6-builds/, kernel version is 3.0.35. I compile CAAM driver as a loadable module.

When I load caam.ko with insmod, dmesg ouputs the following messages: 

caam caam.0: device ID = 0x0a16010000000000

caam caam.0: job rings = 2, qi = 0

alg: No test for authenc(hmac(md5),cbc(aes)) (authenc-hmac-md5-cbc-aes-caam)

caam caam.0: authenc-hmac-md5-cbc-aes-caam

...

In addition, /proc/crypto is updated with algorithms related to CAAM with a priority of 3000. Here is the example of SHA256 entry in /proc/crypto:

name     : sha256
driver   : sha256-caam
module   : kernel
priority : 3000
refcnt   : 1
selftest : passed
type     : ahash
async    : yes
blocksize: 64
digestsize: 32

 

  

In order to be sure that CAAM driver is well installed, I removed the kernel default SHA256 module so that the unique entry corresponding to SHA256, and kept in /proc/crypto, is the one with driver = sha256-caam.  Then, I coded a simple module using linux crypto API to compute a hash with SHA256. Here is my module init function (all the test module code is in attachment):

int init_module(void)

{

int nents = 0;

uint8_t *in, *h;

struct hash_desc desc;

struct crypto_hash *tfm;

struct scatterlist *sg;

int hashlen =  32;

int inlen = 1000;

        MODULE_LICENSE("GPL");

        MODULE_DESCRIPTION("Scatterlist crypto API: hash test");

        MODULE_AUTHOR("Aymen");

        MODULE_ALIAS("hash_test");

        printk(KERN_INFO "\n**Scatterlist crypto API: sha256 test start**\n");

        printk(KERN_INFO "**Build date: " BUILD_DATE "**\n\n");

          in = kmalloc(inlen * sizeof(uint8_t), GFP_KERNEL);

        if (IS_ERR(in)) {

            printk("\n*error::input allocation failure\n");

            return 0;

        }

        get_random_bytes(in, inlen);

        nents = sg_init(inlen, in, &sg);

            tfm = crypto_alloc_hash("sha256", 0, CRYPTO_ALG_ASYNC);

        if (IS_ERR(tfm)) {

            printk("\n*error::failed to load sha256-caam transform\n");

        }

        else {

            desc.tfm = tfm;

            desc.flags = 0;

           

            h = kmalloc(hashlen * sizeof(uint8_t), GFP_KERNEL);

            if (IS_ERR(h)) {

                printk("\n*error::output allocation failure\n");

                return 0;   

            }

            memset(h, 0, hashlen);

            crypto_hash_digest(&desc, sg, inlen, h);

            khexdump(hashlen, h);

 

            crypto_free_hash(tfm);

            kfree(h);

        }

        sg_free(sg, nents);   

        kfree(in);

return 0;

}

My problem is that after loading this SHA256 test module, I get as output the following error:  "failed to load sha256-caam transform". That is, crypto_alloc_hash() was not able to return a transform corresponding to the CAAM based SHA256.

However, when I load the kernel default SHA256 module (default sha256.ko) and then re-insert my test module (sha256_test.ko), I get a good SHA256 output. That is, kernel SHA256 (priority = 0) is executed instead of CAAM-SHA256 (priority = 3000).

Note that I took SHA256 as an example but CAAM is not working for any crypto algorithm.


I would be grateful for any hint about the origin of this problem. 

 

Best regards,

Aymen

Original Attachment has been moved to: sha256_test.tar

Labels (1)
1 Solution
206 Views
Aymen_IRT
Contributor III

Hi all,

The problem was that we need to use the asynchronous interface of the kernel crypto API in order to use CAAM or any hardware based crypto. That is, for the SHA256 example presented in the previous message, I have to rely on a crypto_ahash transform not a crypto_hash transform. The same thing stands for block ciphers where we use crypto_ablkcipher instead of crypto_blkcipher.

Best regards,

Aymen 

View solution in original post

1 Reply
207 Views
Aymen_IRT
Contributor III

Hi all,

The problem was that we need to use the asynchronous interface of the kernel crypto API in order to use CAAM or any hardware based crypto. That is, for the SHA256 example presented in the previous message, I have to rely on a crypto_ahash transform not a crypto_hash transform. The same thing stands for block ciphers where we use crypto_ablkcipher instead of crypto_blkcipher.

Best regards,

Aymen 

View solution in original post