Skip to content

pkg/driver_cryptocell_310: allow data to be in ROM on hash update#21214

Merged
mguetschow merged 1 commit intoRIOT-OS:masterfrom
Lukas-Luger:pr/psa-hash-cc310-allow-rom-data
Feb 24, 2025
Merged

pkg/driver_cryptocell_310: allow data to be in ROM on hash update#21214
mguetschow merged 1 commit intoRIOT-OS:masterfrom
Lukas-Luger:pr/psa-hash-cc310-allow-rom-data

Conversation

@Lukas-Luger
Copy link
Copy Markdown
Contributor

@Lukas-Luger Lukas-Luger commented Feb 14, 2025

Contribution description

Removal of PSA_ERROR_DATA_INVALID when passing data from ROM into cryptocell_310_common_hash_update.
This is achieved by sequentially copying data from ROM into a buffer and calling a new "continue" function.

Testing procedure

examples/advanced_examples/psa_crypto and tests/sys/psa_crypto_hashes should now work with const messages, as provided in the commit. Tested it with feather-nrf52840-sense and nrf52840dk successfully.

Issues/PRs references

The PSA_ERROR_DATA_INVALID was introduced in #21138.

@github-actions github-actions bot added Area: tests Area: tests and testing framework Area: pkg Area: External package ports Area: examples Area: Example Applications labels Feb 14, 2025
@Lukas-Luger Lukas-Luger changed the title allow data to be in ROM on hash update pkg/driver_cryptocell_310: allow data to be in ROM on hash update Feb 14, 2025
@benpicco benpicco requested a review from Einhornhool February 14, 2025 14:22
@Lukas-Luger Lukas-Luger force-pushed the pr/psa-hash-cc310-allow-rom-data branch from 2d8942c to 20c441b Compare February 14, 2025 14:32
Einhornhool
Einhornhool reviewed Feb 14, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@Einhornhool Einhornhool left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why exactly is this being removed again? We only recently introduced this, because hash operations with inputs longer than 64 bytes failed, because read operations from ROM took too long for the accelerator.

Also, as Mikolai wrote in his PR, CryptoCell officially only supports DMA from RAM.

@mguetschow
Copy link
Copy Markdown
Contributor

mguetschow commented Feb 14, 2025

Thanks for pinging @Einhornhool.

#21138 is one slightly hacky solution to the problem, by simply disallowing data to be ROM.

This PR uses a different approach, which is possible for all cryptographic operations that allow multi-part operation: It copies the content of the ROM buffer chunk-wise into a buffer on the stack (in RAM) and passes these chunks individually to the hardware. I think that's an elegant solution (as long as the buffer is not too large for the stack).

@Einhornhool
Copy link
Copy Markdown
Contributor

Einhornhool commented Feb 15, 2025

Ah, I see. Then it looks good to me :)

mguetschow
mguetschow requested changes Feb 17, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@mguetschow mguetschow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, thanks! Some nits below.

@mguetschow mguetschow added the CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR label Feb 20, 2025
mguetschow
mguetschow approved these changes Feb 20, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@mguetschow mguetschow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good then, please squash!

@riot-ci
Copy link
Copy Markdown

riot-ci commented Feb 20, 2025
edited
Loading

Murdock results

✔️ PASSED

daf814e pkg/driver_cryptocell_310: allow data to be in ROM on hash update

Success Failures Total Runtime
10271 0 10271 08m:16s

Artifacts

@Lukas-Luger Lukas-Luger force-pushed the pr/psa-hash-cc310-allow-rom-data branch from 55a3aa4 to 0ff9fd5 Compare February 21, 2025 08:09
@mguetschow
Copy link
Copy Markdown
Contributor

mguetschow commented Feb 24, 2025

Could you please rebase on current master (which has the example's directory renamed again) and reformat the commit message according to RIOT's Contributing Guide?

@Lukas-Luger Lukas-Luger force-pushed the pr/psa-hash-cc310-allow-rom-data branch from 0ff9fd5 to daf814e Compare February 24, 2025 12:33
mguetschow
mguetschow approved these changes Feb 24, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@mguetschow mguetschow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@mguetschow mguetschow enabled auto-merge February 24, 2025 12:49
@mguetschow mguetschow added this pull request to the merge queue Feb 24, 2025
Merged via the queue into RIOT-OS:master with commit 1aec7f1 Feb 24, 2025
26 checks passed
@Lukas-Luger Lukas-Luger deleted the pr/psa-hash-cc310-allow-rom-data branch February 24, 2025 15:20
@mguetschow mguetschow added this to the Release 2025.04 milestone Apr 8, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mguetschow mguetschow mguetschow approved these changes

@leandrolanzieri leandrolanzieri Awaiting requested review from leandrolanzieri leandrolanzieri is a code owner

@aabadie aabadie Awaiting requested review from aabadie aabadie is a code owner

@MichelRottleuthner MichelRottleuthner Awaiting requested review from MichelRottleuthner MichelRottleuthner is a code owner

+1 more reviewer

@Einhornhool Einhornhool Einhornhool approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Area: examples Area: Example Applications Area: pkg Area: External package ports Area: tests Area: tests and testing framework CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR

Projects

None yet

Milestone

Release 2025.04

Development

Successfully merging this pull request may close these issues.

4 participants

@Lukas-Luger @mguetschow @Einhornhool @riot-ci