Building and Compiling Linux Crypto Driver

Driver

Create a<span>demo</span> directory under <span>linux/drivers/crypto</span>. Create the following files:

$ tree demo
├── demo_crypto_core.c
├── demo_crypto_core.h
├── demo_crypto_hash.c
├── Kconfig
└── Makefile

The content of the <span>Makefile</span> is as follows:

# SPDX-License-Identifier: GPL-2.0-only

# Enable debugging
ccflags-y := -DDEBUG

obj-$(CONFIG_CRYPTO_DEV_DEMO) += demo_crypto.o
demo_crypto-objs := demo_crypto_core.o \
  demo_crypto_hash.o

The contents of the other files will be introduced in detail later.

Modify the <span>linux/drivers/crypto/Makefile</span> file to add the <span>demo</span> device driver to the compilation:

obj-$(CONFIG_CRYPTO_DEV_DEMO) += demo/

Also modify the <span>linux/drivers/crypto/Kconfig</span> file to add the configuration:

config CRYPTO_DEV_DEMO
	tristate "Demo Cryptographic Engine driver"
	select CRYPTO_ECB
	select CRYPTO_CBC
	select CRYPTO_CTR
	select CRYPTO_AES
	select CRYPTO_ENGINE
	select CRYPTO_SHA256
	select CRYPTO_HASH
	select CRYPTO_SKCIPHER

	help
	  This driver interfaces with the hardware crypto accelerator.
source "drivers/crypto/demo/Kconfig"

Device Tree

Add the crypto device node in the device tree as follows:

demo: crypto@53050000 {
    compatible = "demo,crypto";
    reg = <0x00 0x53050000 0x00 0x1000>;
    interrupts = <0x30 IRQ_TYPE_LEVEL_HIGH>;
    interrupt-parent = <&plic>;               
};

Configuration

For easier debugging, compile the <span>demo-crypto</span> driver as a module.

$ make menuconfig
#  │     -> Cryptographic API (CRYPTO [=y])                                                                                                                                                                                                                                   │  
#  │       -> Hardware crypto devices (CRYPTO_HW [=y])                                                                                                                                                                                                                       │  
#  │         -> Demo Cryptographic Engine driver (CRYPTO_DEV_DEMO [=m])

The crypto framework supports enabling self-tests at the time of algorithm registration, which is disabled by default. Here we need to verify that the adapted crypto algorithms are correct, so we need to enable the configuration, noting that it is necessary to check <span>CRYPTO_MANAGER_DISABLE_TESTS</span>:

$ make menuconfig
#  │     -> Cryptographic API (CRYPTO [=y])                                                                                                                                                                                                                                   │  
#  │       -> Crypto core or helper                                                                                                                                                                                                                                           │  
#  │         -> Disable run-time self tests (CRYPTO_MANAGER_DISABLE_TESTS [=n])

Additionally, the Linux kernel also provides a testing module <span>tcrypt</span>, which offers self-check and performance benchmarking capabilities. We will also enable and compile it as a module:

$ make menuconfig
#  │     -> Cryptographic API (CRYPTO [=y])                                                                                                                                                                                                                                   │  
#  │       -> Crypto core or helper                                                                                                                                                                                                                                           │  
#  │         -> Testing module (CRYPTO_TEST [=m])

Finally, we need to enable the configuration for the corresponding algorithms, such as <span>SHA256</span>, <span>AES</span>, and <span>RSA</span>, etc. The final configuration will look similar to the following:

CONFIG_CRYPTO_USER=y
# CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
CONFIG_CRYPTO_TEST=m
CONFIG_CRYPTO_RSA=y
CONFIG_CRYPTO_AES=y
CONFIG_CRYPTO_DES=y
CONFIG_CRYPTO_CBC=y
CONFIG_CRYPTO_CTR=y
CONFIG_CRYPTO_ECB=y
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_SHA1=y
CONFIG_CRYPTO_SHA256=y
CONFIG_CRYPTO_USER_API_HASH=y
CONFIG_CRYPTO_USER_API_SKCIPHER=y
CONFIG_CRYPTO_DEV_DEMO=m

Compilation

Recompile the kernel and boot the system.

If only the driver files are modified later, you can compile just the module as follows:

$ make modules

Successful compilation will generate the engine KO file <span>crypto_engine.ko</span> and the self-test module KO file <span>tcrypt.ko</span> in the <span>linux/crypto/</span> directory; the driver KO file <span>demo_crypto.ko</span> will be generated in the <span>linux/drivers/crypto/demo</span> directory.

After the system successfully boots, you can check the default supported cryptographic algorithms with the following command:

$ cat /proc/crypto
name         : crc32c
driver       : crc32c-generic
module       : kernel
priority     : 100
refcnt       : 2
selftest     : passed
internal     : no
type         : shash
blocksize    : 1
digestsize   : 4

name         : aes
driver       : aes-generic
module       : kernel
priority     : 100
refcnt       : 1
selftest     : passed
internal     : no
type         : cipher
blocksize    : 16
min keysize  : 16
max keysize  : 32

name         : des3_ede
driver       : des3_ede-generic
module       : kernel
priority     : 100
refcnt       : 1
selftest     : passed
internal     : no
type         : cipher
blocksize    : 8
min keysize  : 24
max keysize  : 24
......

We can use <span>tcrypt</span> to test the sha256 algorithm:

$ insmod tcrypt.ko mode=6
[ 1047.539609] tcrypt: testing sha256
[ 1047.545702] tcrypt: all tests passed
[ 1047.793394] tcrypt: testing sha256
[ 1047.799363] tcrypt: all tests passed
insmod: can't insert 'tcrypt.ko': Resource temporarily unavailable

Thus, the basic compilation and testing environment for the driver has been set up. Next, I will explain in detail how to adapt hash, symmetric encryption, and asymmetric encryption drivers.

Related posts

  1. Installing MySQL on Linux and Configuring Master-Slave Replication
  2. Detailed Explanation of Memory Management in Linux
  3. Power Sum Numbers in C++: A Comprehensive Guide
  4. Should We Be Worried as Robots Become More Powerful?
  5. Are Smart Home Appliance Products and Elevator Installations/Upgrades in Old Communities Subject to Mandatory Bidding?
  6. Vulnerability-Free Attacks on Drones: The Huge Potential of Electromagnetic Fault Injection Attacks
  7. Compiling OpenCV with MinGW-GCC and Developing in VSCode on Windows
  8. Principles of FreeRTOS Task Priority Configuration
  9. Initial Thoughts on the Localization of Assembly Language (A Direct Challenge to English Encoding!)
  10. Why the Linux Kernel is So Versatile in the Face of Ever-Changing Devices
  11. CMake Lesson 1: What Is CMake and Why You Need It?
  12. Easily Porting the ThreadX Ecosystem Using STM32CubeMX
  13. ThreadX: Summary of Application Layer APIs
  14. Analysis of Checkpoint 16.2 Answers in Assembly Language
  15. FFmpeg Assembly Language Tutorial: Systematic Learning of Low-Level Computer Operations | Open Source Daily No. 697
  16. Making Arm Development as Easy as Drinking Coffee
  17. Why Do We Sometimes Write LL in C++?
  18. Troubleshooting Code: Solutions for Removing Fault Code P24AEFD from Particle Sensor (PMsensor)
  19. Detailed Explanation and Example Guide of Common GCC Compilation Options

Leave a Comment