Hi John,
As Yuri has mentioned above the i.MX 6 Security reference manual contains all the information on CAAM and it's capabilities. This is a moderated document but should not require an NDA. Please contact your local Freescale FAE to obtain access to this document.
At a high level the CAAM is a DMA master supporting the following capabilities:
Secure memory feature with HW enforced access control
Cryptographic authentication
* Hashing algorithms
* MD5
* SHA-1
* SHA-224
* SHA-256
* Message authentication codes (MAC)
* HMAC-all hashing algorithms
* AES-CMAC
* AES-XCBC-MAC
* Auto padding
* ICV checking
Authenticated encryption algorithms
* AES-CCM (counter with CBC-MAC)
Symmetric key block ciphers
* AES (128-bit, 192-bit or 256-bit keys)
* DES (64-bit keys, including key parity)
* 3DES (128-bit or 192-bit keys, including key parity)
Cipher modes
* ECB, CBC, CFB, OFB for all block ciphers
* CTR for AES
Symmetric key stream ciphers
* ArcFour (alleged RC4 with 40 - 128 bit keys)
* Random-number generation
* Entropy is generated via an independent free running ring oscillator
* Oscillator is off when not generating entropy; for lower-power consumption
* NIST-compliant, pseudo random-number generator seeded using hardware generated entropy
The Freescale Linux BSP contains a CAAM driver to make use of the above features. The use of CAAM is via the Linux CryptoAPI. The driver itself is integrated with the Crypto API kernel service in which the algorithms supported by CAAM can replace the native SW implementations.
Regards,
-Rod
Thank you Yuri and everyone else for very useful thread,
I managed to use AF_ALG on my nitrogen6q to make OpenSSL work with CAAM drivers. but the result is not stable, when running the openssl test randomly cause "Internal error: Oops: 17" anyone got any idea what might be the problem? please help
Example:
# openssl speed -evp md5
Doing md5 for 3s on 16 size blocks: 26876 md5's in 0.17s
Doing md5 for 3s on 64 size blocks: 15716 md5's in 0.22s
Doing md5 for 3s on 256 size blocks: 15474 md5's in 0.14s
Doing md5 for 3s on 1024 size blocks: 13861 md5's in 0.09s
Doing md5 for 3s on 8192 size blocks: 7063 md5's in 0.15s
OpenSSL 1.0.1i 6 Aug 2014
built on: Thu Sep 10 16:02:35 IDT 2015
options:bn(64,32) rc4(ptr,char) des(idx,cisc,16,long) aes(partial) blowfish(ptr)
compiler: /buildroot-2014.08/output/host/usr/bin/arm-buildroot-linux-gnueabi-gcc -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLM
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
md5 2529.51k 4571.93k 28295.31k 157707.38k 385733.97k
#
#
# openssl speed -evp md5
Doing md5 for 3s on 16 size block[ 1992.291028] Unable to handle kernel NULL pointer dereference at virtual address 00000e90
s: [ 1992.301706] pgd = dc76c000
[ 1992.304645] [00000e90] *pgd=2ca14831, *pte=00000000, *ppte=00000000
[ 1992.310985] Internal error: Oops: 17 [#17] SMP ARM
[ 1992.315779] Modules linked in: algif_hash algif_skcipher af_alg
[ 1992.321759] CPU: 3 PID: 3003 Comm: openssl Tainted: G D 3.10.17+ #3
[ 1992.328898] task: dc7ae580 ti: dc5ee000 task.ti: dc5ee000
[ 1992.334310] PC is at memcpy+0x80/0x330
[ 1992.338071] LR is at ahash_update_first+0x7f8/0x8ec
[ 1992.342953] pc : [<c024a340>] lr : [<c04bbc50>] psr: 000f0013
[ 1992.342953] sp : dc5efd14 ip : 00000010 fp : dc5efd9c
[ 1992.354431] r10: 000000d0 r9 : dc526680 r8 : 00000000
[ 1992.359658] r7 : 00000000 r6 : dc526400 r5 : 00000010 r4 : dc526600
[ 1992.366186] r3 : c04b8a9c r2 : fffffff0 r1 : 00000e90 r0 : dc526600
[ 1992.372717] Flags: nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user
[ 1992.379854] Control: 10c5387d Table: 2c76c04a DAC: 00000015
[ 1992.385601] Process openssl (pid: 3003, stack limit = 0xdc5ee238)
[ 1992.391697] Stack: (0xdc5efd14 to 0xdc5f0000)
[ 1992.396057] fd00: 00000010 dc526400 00000000
[ 1992.404240] fd20: 00000000 dc526600 dc526600 c04bbc50 c004b90c c0251e44 dc5efd84 dc5efd48
[ 1992.412421] fd40: c00a48c0 c004b908 00000000 00000000 dc526500 00000000 2c64c928 dc5efd88
[ 1992.420603] fd60: dc526600 00000000 dc64c840 c0259fec dc5efd88 00000010 01703ea0 00000010
[ 1992.428786] fd80: 00010000 dc526400 dc5ee000 00000010 dc5efdac dc5efda0 c04b5e94 c04bb464
[ 1992.436968] fda0: dc5efdf4 dc5efdb0 bf00b2b0 c04b5e8c dc5efecc 00000001 dc5efecc dc571000
[ 1992.445149] fdc0: dc526544 dc526580 dc64c800 00000001 00000010 dc5efecc dc7ae580 01703e90
[ 1992.453330] fde0: dc5ee000 00008000 dc5efeb4 dc5efdf8 c050800c bf00b1f8 00000001 00000000
[ 1992.461512] fe00: dc5efe1c 00000010 da169e00 00000000 00000000 dc5efecc dc5efe54 dc5efe28
[ 1992.469695] fe20: c00c8fd4 c05dfc60 000003d0 00000010 dc571000 dc5710a0 00000001 00000000
[ 1992.477875] fe40: 00000000 00000000 00000000 dc7ae580 00000000 00000000 00000000 00000000
[ 1992.486056] fe60: dc5efdf8 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 1992.494237] fe80: 00000000 00000000 00000000 00000000 00000000 00000000 da169e00 00000010
[ 1992.502418] fea0: 00000000 00000000 dc5eff8c dc5efeb8 c0509e8c c0507f98 dc5efed4 fffffff7
[ 1992.510600] fec0: 00000000 01703e90 00000010 00000000 00000000 dc5efec4 00000001 00000000
[ 1992.518781] fee0: 00000000 00008000 0000011a c000f104 dc5effa4 dc5eff00 c05099b4 bf000350
[ 1992.526962] ff00: 00000000 00000000 61680026 00006873 00000000 00000000 00000000 00000000
[ 1992.535144] ff20: 0035646d 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 1992.543324] ff40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 1992.551506] ff60: c00e880c c00e878c 00000010 00000000 bec0b484 00000121 c000f104 00000000
[ 1992.559687] ff80: dc5effa4 dc5eff90 c0509ed0 c0509de0 00000000 00000000 00000000 dc5effa8
[ 1992.567869] ffa0: c000ef80 c0509ebc 00000010 00000000 00000004 01703e90 00000010 00008000
[ 1992.576050] ffc0: 00000010 00000000 bec0b484 00000121 01703e90 00000000 0006842c 0007773c
[ 1992.584231] ffe0: 00000000 bec0b284 b6cc6ac0 b6da1a7c 600f0010 00000004 ebff5a13 e51f15bc
[ 1992.592407] Backtrace:
[ 1992.594879] [<c04bb458>] (ahash_update_first+0x0/0x8ec) from [<c04b5e94>] (ahash_update+0x14/0x18)
[ 1992.603848] [<c04b5e80>] (ahash_update+0x0/0x18) from [<bf00b2b0>] (hash_sendmsg+0xc4/0x1d0 [algif_hash])
[ 1992.613430] [<bf00b1ec>] (hash_sendmsg+0x0/0x1d0 [algif_hash]) from [<c050800c>] (sock_sendmsg+0x80/0xa0)
[ 1992.623007] [<c0507f8c>] (sock_sendmsg+0x0/0xa0) from [<c0509e8c>] (SyS_sendto+0xb8/0xdc)
[ 1992.631184] r7:00000000 r6:00000000 r5:00000010 r4:da169e00
[ 1992.636906] [<c0509dd4>] (SyS_sendto+0x0/0xdc) from [<c0509ed0>] (SyS_send+0x20/0x28)
[ 1992.644749] [<c0509eb0>] (SyS_send+0x0/0x28) from [<c000ef80>] (ret_fast_syscall+0x0/0x30)
[ 1992.653018] Code: e320f000 e4913004 e4914004 e4915004 (e4916004)
[ 1992.659153] ---[ end trace dd17fad707916035 ]---
Segmentation fault
# [ 1992.989147] rtc-isl12022 0-006f: voltage dropped below 85%, date and time is not reliable.
I tried using CAAM with ipsec and it seems like the kernel caam driver crashes. I'm on LTIB kernel 3.0.35-2310 version:
<8004a688>] (dma_sync_sg_for_device+0x18/0x4c) from [<803b290c>] (dma_map_sg_chained+0x48/0xa4)
[<803b290c>] (dma_map_sg_chained+0x48/0xa4) from [<803b4bfc>] (ablkcipher_edesc_alloc.constprop.27+0x3ac/0x3c8)
[<803b4bfc>] (ablkcipher_edesc_alloc.constprop.27+0x3ac/0x3c8) from [<803b4c34>] (ablkcipher_encrypt+0x1c/0x94)
[<803b4c34>] (ablkcipher_encrypt+0x1c/0x94) from [<8020b2bc>] (eseqiv_givencrypt+0x2c8/0x3d0)
[<8020b2bc>] (eseqiv_givencrypt+0x2c8/0x3d0) from [<8021ccc4>] (crypto_authenc_givencrypt+0x64/0x84)
[<8021ccc4>] (crypto_authenc_givencrypt+0x64/0x84) from [<8046daf8>] (esp_output+0x324/0x4bc)
[<8046daf8>] (esp_output+0x324/0x4bc) from [<8047a10c>] (xfrm_output_resume+0x188/0x278)
[<8047a10c>] (xfrm_output_resume+0x188/0x278) from [<80472034>] (xfrm4_output+0x20/0x24)
[<80472034>] (xfrm4_output+0x20/0x24) from [<80434f94>] (ip_local_out+0x28/0x2c)
[<80434f94>] (ip_local_out+0x28/0x2c) from [<8043610c>] (ip_send_skb+0xc/0xd8)
[<8043610c>] (ip_send_skb+0xc/0xd8) from [<80454560>] (udp_send_skb+0xf0/0x3c8)
[<80454560>] (udp_send_skb+0xf0/0x3c8) from [<80456008>] (udp_sendmsg+0x254/0x7f8)
[<80456008>] (udp_sendmsg+0x254/0x7f8) from [<8045d8e8>] (inet_sendmsg+0x94/0xb8)
[<8045d8e8>] (inet_sendmsg+0x94/0xb8) from [<803feb84>] (sock_aio_write+0x114/0x13c)
[<803feb84>] (sock_aio_write+0x114/0x13c) from [<800eff30>] (do_sync_write+0xa4/0xe4)
[<800eff30>] (do_sync_write+0xa4/0xe4) from [<800f06bc>] (vfs_write+0x130/0x138)
[<800f06bc>] (vfs_write+0x130/0x138) from [<800f08a4>] (sys_write+0x40/0x6c)
[<800f08a4>] (sys_write+0x40/0x6c) from [<80040f80>] (ret_fast_syscall+0x0/0x30)
Code: e1a07003 d8bd80f8 e1a04001 e3a05000 (e5940000)
---[ end trace 9693d9778bad1379 ]---
I'm just trying to see what type of improvement to expect from the CAAM driver. I expect the CPU should not be so busy with HW CAAM engine. Any idea how much faster the CAAM engine is compared to plain software implementation?
Thanks,
-Ben
The patches are available on Freescales public GIT server at the following link:
http://git.freescale.com/git/cgit.cgi/imx/linux-2.6-imx.git/log/?h=imx_3.0.35_4.0.0
Direct link to the patches:
Freescale has shared with me some patches that address the CAAM driver crash. I can now pump traffic through ipsec tunnel setup with CAAM. These patches will hopefully be included in the next BSP update.
> Do I need to ask my FAE for special access to this "secret" data?
Yes, one way - to apply to FFAE.
Another way - just create SR (say, for me ) - I think I can provide the performance data under SR.
I've been asking around for similar information. I have yet to meet anyone here from Freescale with crypto knowledge, until now. Original question is SR# 1-1062109201. Also a forum posting here. Ideally after a benchmark of AES-GCM running on the i.MX6 (which, of course, can't be fully supported by the CAAM on this chip), but any performance metrics would be very useful in our selection process.
I don't fully understand, right now, if I use an OpenSSL function for AES encryption for instance, will it take advantage of CAAM or not ? Or should I code everything with Job Descriptor and so on ?