Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pkg/driver_cryptocell_310: allow data to be in ROM on hash update #21214

Merged
merged 1 commit into from
Feb 24, 2025
Merged

pkg/driver_cryptocell_310: allow data to be in ROM on hash update #21214

merged 1 commit into from
Feb 24, 2025

Conversation

Lukas-Luger
Copy link

Contribution description

Removal of PSA_ERROR_DATA_INVALID when passing data from ROM into cryptocell_310_common_hash_update.
This is achieved by sequentially copying data from ROM into a buffer and calling a new "continue" function.

Testing procedure

examples/advanced_examples/psa_crypto and tests/sys/psa_crypto_hashes should now work with const messages, as provided in the commit. Tested it with feather-nrf52840-sense and nrf52840dk successfully.

Issues/PRs references

The PSA_ERROR_DATA_INVALID was introduced in #21138.

@github-actions github-actions bot added Area: tests Area: tests and testing framework Area: pkg Area: External package ports Area: examples Area: Example Applications labels Feb 14, 2025
@Lukas-Luger Lukas-Luger changed the title allow data to be in ROM on hash update pkg/driver_cryptocell_310: allow data to be in ROM on hash update Feb 14, 2025
@benpicco benpicco requested a review from Einhornhool February 14, 2025 14:22
@Lukas-Luger Lukas-Luger force-pushed the pr/psa-hash-cc310-allow-rom-data branch from 2d8942c to 20c441b Compare February 14, 2025 14:32
Einhornhool
Einhornhool reviewed Feb 14, 2025
View reviewed changes
Copy link
Contributor

@Einhornhool Einhornhool left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why exactly is this being removed again? We only recently introduced this, because hash operations with inputs longer than 64 bytes failed, because read operations from ROM took too long for the accelerator.

Also, as Mikolai wrote in his PR, CryptoCell officially only supports DMA from RAM.

@mguetschow
Copy link
Contributor

Thanks for pinging @Einhornhool.

#21138 is one slightly hacky solution to the problem, by simply disallowing data to be ROM.

This PR uses a different approach, which is possible for all cryptographic operations that allow multi-part operation: It copies the content of the ROM buffer chunk-wise into a buffer on the stack (in RAM) and passes these chunks individually to the hardware. I think that's an elegant solution (as long as the buffer is not too large for the stack).

@Einhornhool
Copy link
Contributor

Ah, I see. Then it looks good to me :)

mguetschow
mguetschow requested changes Feb 17, 2025
View reviewed changes
Copy link
Contributor

@mguetschow mguetschow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, thanks! Some nits below.

@mguetschow mguetschow added the CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR label Feb 20, 2025
mguetschow
mguetschow approved these changes Feb 20, 2025
View reviewed changes
Copy link
Contributor

@mguetschow mguetschow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good then, please squash!

@riot-ci
Copy link

riot-ci commented Feb 20, 2025
edited
Loading

Murdock results

✔️ PASSED

daf814e pkg/driver_cryptocell_310: allow data to be in ROM on hash update

Success Failures Total Runtime
10271 0 10271 08m:16s

Artifacts

@Lukas-Luger Lukas-Luger force-pushed the pr/psa-hash-cc310-allow-rom-data branch from 55a3aa4 to 0ff9fd5 Compare February 21, 2025 08:09
@mguetschow
Copy link
Contributor

Could you please rebase on current master (which has the example's directory renamed again) and reformat the commit message according to RIOT's Contributing Guide?

@Lukas-Luger Lukas-Luger force-pushed the pr/psa-hash-cc310-allow-rom-data branch from 0ff9fd5 to daf814e Compare February 24, 2025 12:33
mguetschow
mguetschow approved these changes Feb 24, 2025
View reviewed changes
Copy link
Contributor

@mguetschow mguetschow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@mguetschow mguetschow enabled auto-merge February 24, 2025 12:49
@mguetschow mguetschow added this pull request to the merge queue Feb 24, 2025
Merged via the queue into RIOT-OS:master with commit 1aec7f1 Feb 24, 2025
26 checks passed
@Lukas-Luger Lukas-Luger deleted the pr/psa-hash-cc310-allow-rom-data branch February 24, 2025 15:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Einhornhool Einhornhool Einhornhool approved these changes

@mguetschow mguetschow mguetschow approved these changes

@leandrolanzieri leandrolanzieri Awaiting requested review from leandrolanzieri leandrolanzieri is a code owner

@aabadie aabadie Awaiting requested review from aabadie aabadie is a code owner

@MichelRottleuthner MichelRottleuthner Awaiting requested review from MichelRottleuthner MichelRottleuthner is a code owner

Assignees
No one assigned
Labels
Area: examples Area: Example Applications Area: pkg Area: External package ports Area: tests Area: tests and testing framework CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Lukas-Luger @mguetschow @Einhornhool @riot-ci