What is it ?

The Security System (SS for short) is a hardware cryptographic accelerator that supports AES/MD5/SHA1/DES/3DES/PRNG algorithms.
For later SoCs, the device was renamed to Crypto Engine (CE for short).
It could be found on Allwinner SoCs and could be split in three groups: See the Support overview for more details

I handle lot of other crypto driver, you could find them in https://kernel.montjoie.ovh/

News

15/08/2022

Added D1 in status matrix. Added the HMAC-sha1 being handled by sun8i-ss.

18/12/2020

Both sun8i-ss and sun8i-ce was merged for 5.5. Support for RNGs are added in 5.10. Support for RSA is on good way.

09/11/2016

I have updated a bit the status matrix with some (bad) news.
Due to lack of documentation, support of RSA acceleration is stalled. Worstly, H5 CryptoEngine is the same as H3/A64 witout RSA. Does they find it buggy ?
The TRNG is not random at all, user manual give some prerequisite for A83T but not for other platform, so TRNG does not work for the moment.
Anyway, the sun8i-ce driver progress and work (but with some crap). You can find it on my github.

19/05/2016

The work on the H3 Crypto Engine is progressing well. Since A64 have the same IP block, it will be supported soon.
The only bad news is the removal of all RSA in the last H3 usermanual for an unknown reason.

16/09/2015

The sun4i-ss driver has reached the 4.3 release.
Edit: due to external patch added in the rc process, the sun4i-ss in current 4.3 will fail to load with "Failed to load md5".
The patch solving the problem could be found at https://lkml.org/lkml/2015/11/16/46

20/07/2015

The sun4i-ss driver has been accepted for mainline, reaching probably the 4.3 stable release.
Now it is time to work on the DMA.

Status

The sun4i-ss driver has been accepted for mainline, reaching the 4.3 stable release.
The sun8i-ss driver has been accepted for mainline, reaching the 5.5.
The sun8i-ce driver has been accepted for mainline, reaching the 5.5.
For the other drivers, you can find the latest develoment patchs here: Allwinner Security System dev patchs

PRNG and TRNG status

The sun4i-ss PRNG will be present on 4.14. You need libkcapi to use it via kcapi-rng tool.
The sun8i-ss PRNG is working and will be mainlined with the whole sun8i-ss driver. The sun8i-ce PRNG is not working due to the hardware.

The only TRNG which work is the h6's one. Other are simply not enough random.

sun4i-ss DMA

The sun4i-ss support both DMA and PIO mode.
For the moment only PIO mode is working since DMA engine driver was not ready at the beginning of developement
But now, the DMA engine driver is in mainline since 4.3 and the DMA support is being written.
The SS DMA support is availlable on my Linux repository.
But the performance drop dramaticaly with it. (expect a division by 10)

Support overview

Driver sun4i-ss sun8i-ss sun8i-ce
Category Name A20 A10 A10s A31 A33 A80 A83T H3 R40 A64 H5 H6 D1 Note
AES/DES/3DES CBC 4.3 4.3 NT 4.3 4.3 5.5 5.5 5.5 5.5 5.5 5.5 5.5 6.x
ECB 4.3 4.3 NT 4.3 4.3 5.5 5.5 5.5 5.5 5.5 5.5 5.5 6.x
CTS NO (1)(2) NO NO NO NO NT WIP OK OK OK OK WIP WIP (1)(2)
CTR NO (1)(3) NO NO NO NO NT WIP OK OK OK OK WIP WIP (1)(3)
OFB WIP WIP WIP
CFB WIP WIP WIP
CBC-MAC WIP WIP WIP
XTS OK
HASH MD5 4.3 4.3 NT 4.3 4.3 NT 5.10 5.10 5.10 5.10 5.10 5.10 6.x
SHA1 4.3 4.3 NT 4.3 4.3 NT 5.10 5.10 5.10 5.10 5.10 5.10 6.x
RNG PRNG 4.14 4.14 4.14 4.14 4.14 NT 5.10 5.10 5.10 5.10 5.10 5.10 6.x (8)
TRNG NO ??(10) ??(10) ??(10) ??(10) ??(10) 5.10 6.x
RSA 512 WIP SNW (9) OK OK OK WIP WIP
1024 WIP SNW (9) OK OK OK WIP WIP
2048 NO WIP SNW (9) OK OK OK WIP WIP
3072 WIP SNW (9) SNW WIP
4096 SNW (9) SNW WIP
ECC 160 WIP
224 WIP
256 WIP
384 WIP
521 WIP
HASH SHA224 NT 5.10 5.10 5.10 5.10 5.10 5.10 6.x
SHA256 NT 5.10 5.10 5.10 5.10 5.10 5.10 6.x
SHA384 5.10 5.10 6.x
SHA512 5.10 5.10 6.x
HMAC-SHA1 5.19 WIP WIP WIP WIP WIP
HMAC-SHA256 WIP WIP WIP
CRC CRC32 WIP
Note (7) (5) (6)
Legend:
4.3 support is available since Linux x
OKSupport is written and will be soon be sent for mainline
OKsupport is written but work/cleaning is needed to made it mainlinable
WIPsupport is being written
NTNeed hardware for testing
SNWUnsupported according to datasheet, but work. (Need extended testing)
NOsupport is not written
5.xsupport is done via some software fallback (like HMAC using only hw hash)
Read the datahseet for more details.
Note:

Using the hardware accelerator

Testing

First you need to be sure that the driver is loaded
You can check its presence by checking:
cat /proc/crypto
...[snip]...
name : cbc(des3_ede)
driver : cbc-des3-sunxi-ss
module : sunxi_ss
priority : 400
refcnt : 1
selftest : passed
type : ablkcipher
async : yes
blocksize : 8
min keysize : 24
max keysize : 24
ivsize : 8
geniv : <default>
...[snip]...
For each algorithm, you must see it in the list (driver xxx-sunxi-ss)


You can check that everything is working with the tcrypt module.
The tcrypt module always exits with an error.
You need to dig dmesg for finding if algorithms handled by the Security System work
modprobe tcrypt
modprobe: ERROR: could not insert 'tcrypt': Unknown error 156
dmesg |grep -iE 'cbc(aes)|md5|sha1'

cryptodev

The cryptodev module could be found at http://cryptodev-linux.org/
It creates a /dev/crypto which could be used by user space applications
See my bencher for an example of how to use it

AF_ALG

The AF_ALG is already in mainline kernel
You need the following options in you .config
CONFIG_CRYPTO_USER_API
CONFIG_CRYPTO_USER_API_HASH
CONFIG_CRYPTO_USER_API_SKCIPHER
See my bencher for an example of how to use it

Openssl engine

you need to use an engine that supports AF_ALG or cryptodev.

Openssl cryptodev engine

The engine is already included in openssl releases.
Warning: I hit a bug that makes sshd impossible. See my bug report

Openssl AF_ALG engine

The engine could be found here openssl AF_ALG engine

Bench

Hash benchs

WARNING: The following bench are only for sun4i-ss. And they are old.

SHA1

cryptodevAF_ALG
request sizeGenericwith SSpercent gain Genericwith SSpercent gain
1611534,19238311775,846682,0951124186
3211212,57714812042,8994147,4052758348
6410893,46386711760,0019537,9546606716
12810849,07226611671,6210947,5817434692
25610588,6279311489,4902348,5078284926
51210149,61132811127,2675789,6324501344
10249322,80566410475,89257812,3684538277
20487978,5546889399,70312517,8121037277
40966232,2475597830,92089825,6516340833
81924292,5815435803,83789135,206235056
163842644,9597173851,31494145,6095877849
327681515,6541752316,66821352,8493934311
65536818,9682621290,1839657,537723971
131072426,400452682,47174160,0541786011
262144217,336731351,43621861,7012533422
524288110,03344178,39421162,1272687648
104857655,53303589,90512861,8948577185
209715227,83872445,07799561,9255070742

MD5

request sizeGenericwith SSpercent gain
1612198,15722712076,533203-0,9970688337
3212163,47265611529,570312-5,2115243889
6412063,03222711389,09375-5,586808228
12811929,52050811271,333984-5,5172923636
25611676,33691411109,584961-4,8538506312
51211295,49609410807,859375-4,317089882
102410529,98535210278,543945-2,387860938
20489287,4042979351,8369140,6937634557
40967526,5532237902,2421884,9915140951
81925405,4589845944,5688489,9734336269
163843458,6813964020,38647516,2404400605
327682039,6271972461,08081120,6632670235
655361119,2608641390,03735424,192437948
131072589,458008740,42987125,6119793015
262144302,136932383,03384426,7749167454
524288153,233093194,94590827,2218058014
104857677,27454498,33279427,2512122491
209715238,81207749,45899627,4319743311

Cipher Benchs

AES

CBC 128

cryptodev AF_ALG
request size GenericSSgain SS with DMAgain Genericwith SSgain SS with DMAgain
1693942.4975686.47-19.445945.97-93.68 5986.376284.604.983046.07-49.12
3287545.7472785.50-16.878582.14-90.20 6432.356711.404.333895.02-39.45
6475886.3567811.78-10.658127.22-89.30 6330.036758.036.763797.35-40.02
12861437.1358713.69-4.447624.93-87.59 6246.056626.596.093677.93-41.12
25644907.4947301.455.337199.11-83.97 6018.046431.076.863545.20-41.10
51229311.7533659.8314.836516.44-77.77 5620.596107.018.652968.84-47.18
102417160.3121352.4624.425632.50-67.18 4921.625490.1011.553149.22-36.02
20489414.3312371.3331.404401.97-53.25 3975.934600.5115.702154.77-45.81
40964728.226310.1033.452170.19-54.11 2724.883409.9325.141402.05-48.55
81922436.203299.5735.431414.79-41.93 1720.892243.9030.391113.95-35.27
163841239.121691.9136.54830.46-32.98 986.411344.7736.32689.55-30.10
32768624.45856.4037.14457.24-26.78 537.32690.8328.56406.44-24.36
65536313.52430.6937.37236.97-24.42 280.16381.7736.27217.17-22.49
131072157.21218.3638.89117.20-25.46 131.51195.6948.80116.08-11.74
26214478.67109.9139.7160.80-22.72 72.61100.0337.7658.35-19.63
52428838.5354.4241.2030.98-19.61 36.6350.6838.3629.97-18.19
104857619.4327.4941.4515.20-21.80 18.2125.5740.3615.57-14.50

CBC 192

request sizeGenericwith SSpercent gain
1654887,2187553323,664062-2,8486680936
3252201,91406251708,300781-0,9455846397
6447370,36718849170,3867193,7998851135
12839986,16796944686,33593811,7544846324
25631598,92968837700,76562519,3102614463
51221817,05468828847,30664132,2236527961
102413611,48242219746,65820345,0735312348
20487748,07812512116,36523456,3789760316
40963973,5588386630,54785266,8667338858
81922073,6047363498,94848668,7374852716
163841062,7318121800,67700269,4385151237
32768539,011353914,34991569,6346301262
65536271,474457460,41973969,5996537162
131072136,22583230,65808169,3203711807
26214467,679237115,217470,2403944063
52428833,96234958,15013971,219425959
104857616,97757529,19668471,9720513678

CBC 256

request sizeGenericwith SSpercent gain
1653299,76171978896,49218848,024099252
3250552,88281275414,38281249,1791933854
6445627,07421969111,25781251,4698432783
12838222,89453160228,26562557,5711791689
25629589,50976647436,48437560,3152088363
51220271,42578133738,64453166,4344920554
102412366,28320321317,17968872,3814612529
20486969,4687512329,61035276,9088978554
40963510,1416026561,36474686,9259274971
81921819,7652593425,54174888,2408585975
16384927,6478271751,53930788,8151145316
32768468,39566885,72454889,0975138412
65536235,436951444,85458488,9484985728
131072118,082893222,67735388,5771489355
26214459,484013111,32801887,1561994313
52428829,89003955,35524785,1963023534
104857614,94591327,65775585,0522948983

DES

3DES

Bench tools

I use two bench tools, one for benching MD5 and SHA1 through AF_ALG, and one for benching ciphers (AES, DES, 3DES) througth cryptodev.
You can find both tools on my cryptotest github

Contacts

You could find me on Freenode, montjoie on #linux-sunxi. My email is easy to find too.

Other sunxi works

H3/A64/A83T EMAC(Ethernet) driver

I am working on the H3 EMAC driver which was accepted in mainline.

Hwmon

Apart from that I have also worked on getting temperature on A20 based boards.
Cubieboard2 has two sources of temperature, one in the TouchScreen controller embeded in the SoC and one in the AXP209 chip.

My original work for 3.4.x Allwinner based kernel can be found here for AXP209 sensor and here for A20 Embeded sensor
It is reported to still compile and work on 3.4.203
But seriously, stop using old kernel

In mainline the sun4i-ts (drivers/input/touchscreen) already gives sensors output
For getting AXP209 temperature you need the following patchs:
mfd-axp20x-Rename-ADC-register-name-IPSOUT-to-APS.patch
hwmon-AXP20x-Add-support-for-basic-voltage-current-t.patch


cubieboard # sensors
sun4i_ts-isa-0000
Adapter: ISA adapter
SoC temperature: +40.6°C

axp209-isa-0000
Adapter: ISA adapter
ACIN: +5.13 V
VBUS: +0.01 V
BATT: +0.00 V
APS: +4.97 V
CHIP: +23.5°C
BATT: 0.00 W
ACIN: +0.16 A
VBUS: +0.00 A
BATT_CHRG: +0.00 A
BATT_DISCHRG: +0.00 A