Crypto-safexcel H/W accelerator

systemcrash · November 10, 2024, 5:53pm

With specific reference to the crypto-safexcel hardware which is present in some SoC, how does software take advantage of this?

I don't see any /dev/crypto available when the module is loaded. And the documentation that refers to this device seems to imply software that is specifically compiled or enabled to utilise it.

The crypto-safexcel seems exclusively for AES, so basically IPsec and perhaps some TLS usage.

# cat /proc/crypto

...

name         : rfc4309(ccm(aes))
driver       : safexcel-rfc4309-ccm-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 1
ivsize       : 8
maxauthsize  : 16
geniv        : <none>

name         : rfc4543(gcm(aes))
driver       : safexcel-rfc4543-gcm-aes
module       : kernel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 1
ivsize       : 8
maxauthsize  : 16
geniv        : <none>

name         : rfc4106(gcm(aes))
driver       : safexcel-rfc4106-gcm-aes
module       : kernel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 1
ivsize       : 8
maxauthsize  : 16
geniv        : <none>

name         : authenc(hmac(sha384),cbc(des))
driver       : safexcel-authenc-hmac-sha384-cbc-des
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 48
geniv        : <none>

name         : authenc(hmac(sha512),cbc(des))
driver       : safexcel-authenc-hmac-sha512-cbc-des
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 64
geniv        : <none>

name         : authenc(hmac(sha224),cbc(des))
driver       : safexcel-authenc-hmac-sha224-cbc-des
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 28
geniv        : <none>

name         : authenc(hmac(sha256),cbc(des))
driver       : safexcel-authenc-hmac-sha256-cbc-des
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 32
geniv        : <none>

name         : authenc(hmac(sha384),cbc(des3_ede))
driver       : safexcel-authenc-hmac-sha384-cbc-des3_ede
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 48
geniv        : <none>

name         : authenc(hmac(sha512),cbc(des3_ede))
driver       : safexcel-authenc-hmac-sha512-cbc-des3_ede
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 64
geniv        : <none>

name         : authenc(hmac(sha224),cbc(des3_ede))
driver       : safexcel-authenc-hmac-sha224-cbc-des3_ede
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 28
geniv        : <none>

name         : authenc(hmac(sha256),cbc(des3_ede))
driver       : safexcel-authenc-hmac-sha256-cbc-des3_ede
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 32
geniv        : <none>

name         : authenc(hmac(sha1),cbc(des))
driver       : safexcel-authenc-hmac-sha1-cbc-des
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 20
geniv        : <none>

name         : cmac(aes)
driver       : safexcel-cmac-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 16
digestsize   : 16

name         : xcbc(aes)
driver       : safexcel-xcbc-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 16
digestsize   : 16

name         : cbcmac(aes)
driver       : safexcel-cbcmac-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 1
digestsize   : 16

name         : crc32
driver       : safexcel-crc32
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 1
digestsize   : 4

name         : ccm(aes)
driver       : safexcel-ccm-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 1
ivsize       : 16
maxauthsize  : 16
geniv        : <none>

name         : gcm(aes)
driver       : safexcel-gcm-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 1
ivsize       : 12
maxauthsize  : 16
geniv        : <none>

name         : authenc(hmac(sha512),rfc3686(ctr(aes)))
driver       : safexcel-authenc-hmac-sha512-ctr-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 1
ivsize       : 8
maxauthsize  : 64
geniv        : <none>

name         : authenc(hmac(sha384),rfc3686(ctr(aes)))
driver       : safexcel-authenc-hmac-sha384-ctr-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 1
ivsize       : 8
maxauthsize  : 48
geniv        : <none>

name         : authenc(hmac(sha256),rfc3686(ctr(aes)))
driver       : safexcel-authenc-hmac-sha256-ctr-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 1
ivsize       : 8
maxauthsize  : 32
geniv        : <none>

name         : authenc(hmac(sha224),rfc3686(ctr(aes)))
driver       : safexcel-authenc-hmac-sha224-ctr-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 1
ivsize       : 8
maxauthsize  : 28
geniv        : <none>

name         : authenc(hmac(sha1),rfc3686(ctr(aes)))
driver       : safexcel-authenc-hmac-sha1-ctr-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 1
ivsize       : 8
maxauthsize  : 20
geniv        : <none>

name         : authenc(hmac(sha1),cbc(des3_ede))
driver       : safexcel-authenc-hmac-sha1-cbc-des3_ede
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 20
geniv        : <none>

name         : authenc(hmac(sha512),cbc(aes))
driver       : safexcel-authenc-hmac-sha512-cbc-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 16
ivsize       : 16
maxauthsize  : 64
geniv        : <none>

name         : authenc(hmac(sha384),cbc(aes))
driver       : safexcel-authenc-hmac-sha384-cbc-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 16
ivsize       : 16
maxauthsize  : 48
geniv        : <none>

name         : authenc(hmac(sha256),cbc(aes))
driver       : safexcel-authenc-hmac-sha256-cbc-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 16
ivsize       : 16
maxauthsize  : 32
geniv        : <none>

name         : authenc(hmac(sha224),cbc(aes))
driver       : safexcel-authenc-hmac-sha224-cbc-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 16
ivsize       : 16
maxauthsize  : 28
geniv        : <none>

name         : authenc(hmac(sha1),cbc(aes))
driver       : safexcel-authenc-hmac-sha1-cbc-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 16
ivsize       : 16
maxauthsize  : 20
geniv        : <none>

name         : hmac(sha512)
driver       : safexcel-hmac-sha512
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 128
digestsize   : 64

name         : hmac(sha384)
driver       : safexcel-hmac-sha384
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 128
digestsize   : 48

name         : hmac(sha256)
driver       : safexcel-hmac-sha256
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 64
digestsize   : 32

name         : hmac(sha224)
driver       : safexcel-hmac-sha224
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 64
digestsize   : 28

name         : hmac(sha1)
driver       : safexcel-hmac-sha1
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 64
digestsize   : 20

name         : hmac(md5)
driver       : safexcel-hmac-md5
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 64
digestsize   : 16

name         : sha512
driver       : safexcel-sha512
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 128
digestsize   : 64

name         : sha384
driver       : safexcel-sha384
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 128
digestsize   : 48

name         : sha256
driver       : safexcel-sha256
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 64
digestsize   : 32

name         : sha224
driver       : safexcel-sha224
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 64
digestsize   : 28

name         : sha1
driver       : safexcel-sha1
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 64
digestsize   : 20

name         : md5
driver       : safexcel-md5
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : ahash
async        : yes
blocksize    : 64
digestsize   : 16

name         : rfc3686(ctr(aes))
driver       : safexcel-ctr-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : skcipher
async        : yes
blocksize    : 1
min keysize  : 20
max keysize  : 36
ivsize       : 8
chunksize    : 1
walksize     : 1

name         : ofb(aes)
driver       : safexcel-ofb-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : skcipher
async        : yes
blocksize    : 1
min keysize  : 16
max keysize  : 32
ivsize       : 16
chunksize    : 1
walksize     : 1

name         : cfb(aes)
driver       : safexcel-cfb-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : skcipher
async        : yes
blocksize    : 1
min keysize  : 16
max keysize  : 32
ivsize       : 16
chunksize    : 1
walksize     : 1

name         : cbc(aes)
driver       : safexcel-cbc-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : skcipher
async        : yes
blocksize    : 16
min keysize  : 16
max keysize  : 32
ivsize       : 16
chunksize    : 16
walksize     : 16

name         : ecb(aes)
driver       : safexcel-ecb-aes
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : skcipher
async        : yes
blocksize    : 16
min keysize  : 16
max keysize  : 32
ivsize       : 0
chunksize    : 16
walksize     : 16

name         : cbc(des3_ede)
driver       : safexcel-cbc-des3_ede
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : skcipher
async        : yes
blocksize    : 8
min keysize  : 24
max keysize  : 24
ivsize       : 8
chunksize    : 8
walksize     : 8

name         : ecb(des3_ede)
driver       : safexcel-ecb-des3_ede
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : skcipher
async        : yes
blocksize    : 8
min keysize  : 24
max keysize  : 24
ivsize       : 0
chunksize    : 8
walksize     : 8

name         : cbc(des)
driver       : safexcel-cbc-des
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : skcipher
async        : yes
blocksize    : 8
min keysize  : 8
max keysize  : 8
ivsize       : 8
chunksize    : 8
walksize     : 8

name         : ecb(des)
driver       : safexcel-ecb-des
module       : crypto_safexcel
priority     : 300
refcnt       : 1
selftest     : passed
internal     : no
type         : skcipher
async        : yes
blocksize    : 8
min keysize  : 8
max keysize  : 8
ivsize       : 0
chunksize    : 8
walksize     : 8

Are the standard crypto libraries built to utilise these engines automatically?

Found this discussion but could not infer an answer from it.

brada4 · November 10, 2024, 6:15pm

Only openssl and you need to install dev/crypto engine. Otherwise algos are for kernel like openvpn only.

rmandrad · November 10, 2024, 6:34pm

github.com/openwrt/openwrt

mediatek/filogic: crypto/safexcel add support

openwrt:main ← rmandrad:eip197

opened 01:18PM - 07 Oct 24 UTC

rmandrad

+69 -0

The filogic banana-rpi4 has a crypto module that makes use of safexcel/eip197 to… date the module doesn't load. Refactored 5.4 patch from Mediatek - https://git01.mediatek.com/plugins/gitiles/openwrt/feeds/mtk-openwrt-feeds/+/refs/heads/master/21.02/files/target/linux/mediatek/patches-5.4/999-2706-crypto-add-eip197-inside-secure-support.patch Changes to base driver code . Release Firmware Loop: ``` + for (j = 0; j < i; j++) + release_firmware(fw[j]); ``` After writing firmware, the added loop releases the allocated firmware resources. This addition helps in reducing memory usage and potential resource leaks by ensuring that firmware that is no longer needed is freed properly . AXI Burst Size and Cache Settings: ``` + /* Clear axi_burst_size and rx_burst_size */ + val &= 0xffffff00; + /* Set axi_burst_size = 3, rx_burst_size = 3 */ + val |= EIP197_MST_CTRL_RD_CACHE(3); + val |= EIP197_MST_CTRL_WD_CACHE(3); ``` The added lines clear existing burst size settings and then set both axi_burst_size and rx_burst_size to 3. This change aims to optimize data transactions by configuring suitable burst sizes, potentially improving performance (tbc) . Clock Forcing Mechanism: ``` + /* Allow clocks to be forced on for EIP197 */ + if (priv->flags & SAFEXCEL_HW_EIP197) { + writel(0xffffffff, EIP197_HIA_GEN_CFG(priv) + EIP197_FORCE_CLOCK_ON); + writel(0xffffffff, EIP197_HIA_GEN_CFG(priv) + EIP197_FORCE_CLOCK_ON2); + } ``` Forcing clocks on for the EIP197 is introduced. This ensures that the clocks remain active, likely improving stability and reliability in certain hardware environments where clock gating might have caused issues. . Resource Acquisition and Mapping: ``` + struct resource *res; ... + res = platform_get_resource(pdev, IORESOURCE_MEM, 0); + if (!res) + return -EINVAL; + priv->base = devm_ioremap(dev, res->start, resource_size(res)); - priv->base = devm_platform_ioremap_resource(pdev, 0); ``` The previous resource mapping (devm_platform_ioremap_resource) is replaced with manual acquisition (platform_get_resource) and mapping (devm_ioremap). This provides finer control over the resource, allowing for better error handling and making it possible to check the validity of the resource before proceeding. New Macros for Clock Control: ``` + #define EIP197_FORCE_CLOCK_ON2 0xffd8 + #define EIP197_FORCE_CLOCK_ON 0xffe8 ``` Two new macro definitions, EIP197_FORCE_CLOCK_ON and EIP197_FORCE_CLOCK_ON2, are introduced. These are used to address the corresponding registers that manage the forced clocking mechanism. Tested on the banana rpi4 Signed-off-by: Rudy Andram <rmandrad@gmail.com>

systemcrash · November 10, 2024, 8:54pm

I followed @cotequeiroz efforts, but those went quiet here, and we don't yet know for certain whether apk will resolve lib choice problems, until maybe tomorrow

Question (since safexcel doesn't do this): are there e.g. consumer usb(3) pluggable accelerator modules for the WireGuard cryptos ( Chacha20-poly1305 ) ? I am thinking about older devices which could do with a speed bump up. Given that a whole new router probably wouldn't cost that much more, I hadn't thought about such upgrades before now.

[1] https://forum.netgate.com/topic/177909/chacha20-poly1305-hardware-assist-offload
[2] https://cerberus-laboratories.com/products/oceanus_chacha20poly1305/

Can't see anything concrete.

brada4 · November 10, 2024, 9:18pm

Something like libopenssl-afalg, then openssl engine and so on.