Skip to content

Add support NXP S32 HSE CRYPTO driver for S32Z270 #79351

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Add support NXP S32 HSE CRYPTO driver for S32Z270 #79351

wants to merge 2 commits into from
+827 −5

Conversation

haduongquang
Copy link
Contributor

@haduongquang haduongquang commented Oct 3, 2024
edited by Dat-NguyenDuy
Loading

This PR introduces NXP S32 HSE CRYTO driver for SoC NXP S32Z27 and enables its usage for board s32z270dc2.
Supports cryptographic operations, including hashing and symmetric ciphers, with capabilities for ECB, CBC, and CTR modes using RAM-based key catalogs with 128-bit key lengths.

tests\crypto\crypto_hash:

SUITE PASS - 100.00% [crypto_hash]: pass = 1, fail = 0, skip = 0, total = 1 duration = 0.001 seconds
 PASS - [crypto_hash.test_hash] duration = 0.001 seconds

samples\drivers\crypto:

I: Cipher Sample
I: ECB Mode
I: Output length (encryption): 0
I: ECB mode ENCRYPT - Match
I: Output length (decryption): 0
I: ECB mode DECRYPT - Match
I: CBC Mode
I: Output length (encryption): 80
I: CBC mode ENCRYPT - Match
I: Output length (decryption): 0
I: CBC mode DECRYPT - Match
I: CTR Mode
I: Output length (encryption): 0
I: CTR mode ENCRYPT - Match
I: Output length (decryption): 0
I: CTR mode DECRYPT - Match

@zephyrbot
Copy link
Collaborator

zephyrbot commented Oct 3, 2024
edited by github-actions bot
Loading

The following west manifest projects have changed revision in this Pull Request:

Name Old Revision New Revision Diff
hal_nxp zephyrproject-rtos/hal_nxp@6b11d19 zephyrproject-rtos/hal_nxp#443 zephyrproject-rtos/hal_nxp#443/files

DNM label due to: 1 project with PR revision

Note: This message is automatically posted and updated by the Manifest GitHub Action.

@zephyrbot zephyrbot added manifest manifest-hal_nxp DNM This PR should not be merged (Do Not Merge) labels Oct 3, 2024
@haduongquang haduongquang changed the title Add support for NXP S32 HSE CRYPTO driver for S32Z270 Add support NXP S32 HSE CRYPTO driver for S32Z270 Oct 3, 2024
@decsny decsny removed their request for review October 3, 2024 05:26
@haduongquang haduongquang force-pushed the support-hse-driver-for-s32z270 branch 3 times, most recently from dc8d870 to 2ba0f4f Compare October 3, 2024 08:01
@haduongquang
Copy link
Contributor Author

Fixed compliance, clang and build fail.

@haduongquang
Copy link
Contributor Author

@haduongquang I'd suggest you to look at how the HSE was integrated into Linux in regards to devicetree. I think it's a cleaner approach than the current one proposed on this pr because it clearly shows that the MU's are coupled with the HSE, and there's also explicit description of the RAM reserved to communicate between the CPU host and the HSE.

For the first point, I have updated the device tree.
For the second point, regarding RAM reserved. Some other platforms require the descriptor to be put in a dedicated RAM region in order to communicate with HSE, this is not the case for S32Z so a RAM reserved is not needed.

manuargue
manuargue requested changes Oct 17, 2024
View reviewed changes
drivers/crypto/crypto_nxp_s32_hse.c Outdated
struct crypto_nxp_s32_hse_data *data = dev->data;
struct crypto_nxp_s32_hse_session *session;

if (Hse_Ip_Init(data->mu_instance, &data->mu_state) != HSE_IP_STATUS_SUCCESS) {
Copy link
Member

@manuargue manuargue Oct 17, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's not enough to just call this initialiation but also the MUs that are not active by default must be activated through a request to HSE. As it is right now implemented, if the user tries to use the Zephyr Crypto API on a HSE-MU device that is not active, it will fail. In general, the device init function should ensure that all needed resources are allocated and ready in order for the driver to operate after exiting this function.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The driver assumes that the HSE Firmware has already been installed and configured (including the activation of MU and configuration of key catalogs, etc.). Therefore, simply initializing MU is enough.

@haduongquang haduongquang force-pushed the support-hse-driver-for-s32z270 branch from 8fd4348 to 949dba0 Compare October 28, 2024 02:30
@github-actions GitHub Actions
Copy link

This pull request has been marked as stale because it has been open (more than) 60 days with no activity. Remove the stale label or add a comment saying that you would like to have the label removed otherwise this pull request will automatically be closed in 14 days. Note, that you can always re-open a closed pull request at any time.

@github-actions github-actions bot added the Stale label Dec 28, 2024
@manuargue
Copy link
Member

@mmahadevan108 mmahadevan108 requested review from manuargue and Dat-NguyenDuy 8 hours ago

There are blocking comments not addressed.. awaiting for author to address them

@fabiobaltieri fabiobaltieri added DNM (manifest) This PR should not be merged (controlled by action-manifest) and removed DNM This PR should not be merged (Do Not Merge) labels Feb 4, 2025
@haduongquang haduongquang force-pushed the support-hse-driver-for-s32z270 branch 2 times, most recently from 9ad4285 to b4111c0 Compare February 13, 2025 02:34
@haduongquang
Copy link
Contributor Author

@mmahadevan108 mmahadevan108 requested review from manuargue and Dat-NguyenDuy 8 hours ago

There are blocking comments not addressed.. awaiting for author to address them

Hi, I have addressed the comment and fixed the conflict also.

@haduongquang haduongquang force-pushed the support-hse-driver-for-s32z270 branch 2 times, most recently from 3b0cc82 to c7533d3 Compare April 1, 2025 02:15
@haduongquang
Copy link
Contributor Author

I updated the copyright and improved and beautified the code. Fixed the typo in the commit message as well.

@haduongquang haduongquang force-pushed the support-hse-driver-for-s32z270 branch 3 times, most recently from 0ce725f to 91c0eea Compare April 8, 2025 08:24
@haduongquang
Copy link
Contributor Author

Rebased and fixed the CI fail.

Dat-NguyenDuy
Dat-NguyenDuy requested changes Apr 9, 2025
View reviewed changes
drivers/crypto/crypto_nxp_s32_hse.c

static inline void free_session(struct crypto_nxp_s32_hse_session *session)
{
session->in_use = false;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be protected by global mutex

manuargue
manuargue reviewed Apr 10, 2025
View reviewed changes
@haduongquang haduongquang force-pushed the support-hse-driver-for-s32z270 branch from 91c0eea to 639cedc Compare April 15, 2025 02:30
@manuargue
Copy link
Member

@haduongquang pls fix the twister failures

@haduongquang
driver: crypto: add NXP S32 CRYPTO HSE driver
88f2cc9 
Add device tree node for MU instances that will be used by HSE and RTU
for s32z270.

Add support hash crypto for NXP S32 with Algo 2:
SHA224, SHA256, SHA384 and SHA512.

Add support cipher crypto with ECB, CBC and CTR mode by using ram key
catalog.

Add support 128/256 bits ram key length.

Signed-off-by: Ha Duong Quang <[email protected]>
@haduongquang
boards: enables support for s32z270 hse crypto
1f24a4b 
Enable test for s32z270 hash crypto.

Enable samples for cipher cryptoEndable samples for EBC, CBC,
CTR mode of cipher crypto.

Signed-off-by: Ha Duong Quang <[email protected]>
@haduongquang haduongquang force-pushed the support-hse-driver-for-s32z270 branch from 639cedc to 1f24a4b Compare April 28, 2025 08:00
@manuargue
Copy link
Member

All my comments on this PR were addressed, but we have a blocker on the hal_nxp side that we are resolving internally at NXP. Once that's clarified, I will remove my block on this PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@manuargue manuargue manuargue requested changes

@Dat-NguyenDuy Dat-NguyenDuy Dat-NguyenDuy requested changes

@mmahadevan108 mmahadevan108 Awaiting requested review from mmahadevan108

@dleach02 dleach02 Awaiting requested review from dleach02

@bperseghetti bperseghetti Awaiting requested review from bperseghetti

@carlocaione carlocaione Awaiting requested review from carlocaione

@ceolin ceolin Awaiting requested review from ceolin

@danieldegrasse danieldegrasse Awaiting requested review from danieldegrasse

@dbaluta dbaluta Awaiting requested review from dbaluta

@kartben kartben Awaiting requested review from kartben

@MarkWangChinese MarkWangChinese Awaiting requested review from MarkWangChinese

@nashif nashif Awaiting requested review from nashif

@PetervdPerk-NXP PetervdPerk-NXP Awaiting requested review from PetervdPerk-NXP

@valeriosetti valeriosetti Awaiting requested review from valeriosetti

Requested changes must be addressed to merge this pull request.

Assignees

@ceolin ceolin

Labels
area: Crypto / RNG area: mbox area: Samples Samples DNM (manifest) This PR should not be merged (controlled by action-manifest) manifest manifest-hal_nxp platform: NXP Drivers NXP Semiconductors, drivers platform: NXP S32 NXP Semiconductors, S32
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@haduongquang @zephyrbot @manuargue @ceolin @Dat-NguyenDuy @fabiobaltieri