What is it ?

The Security System (SS for short) is a hardware cryptographic accelerator that supports AES/MD5/SHA1/DES/3DES/PRNG algorithms.
For later SoC, the device was renamed to Crypto Engine.
It could be found on Allwinner SoC and could be split in three groups: See the Support overview for more details

News

09/11/2016

I have updated a bit the status matrix with some (bad) news.
Due to lack of documentation, support of RSA acceleration is stalled. Worstly, H5 CryptoEngine is the same as H3/A64 witout RSA. Does they find it buggy ?
The TRNG is not random at all, user manual give some prerequisite for A83T but not for other platform, so TRNG does not work for the moment.
Anyway, the sun8i-ce driver progress and work (but with some crap). You can find it on my github.

19/05/2016

The work on the H3 Crypto Engine is progressing well. Since A64 have the same IP block, it will be supported soon.
The only bad news is the removal of all RSA in the last H3 usermanual for an unknown reason.

16/09/2015

The sun4i-ss driver has reached the 4.3 release.
Edit: due to external patch added in the rc process, the sun4i-ss in current 4.3 will fail to load with "Failed to load md5".
The patch solving the problem could be found at https://lkml.org/lkml/2015/11/16/46

20/07/2015

The sun4i-ss driver has been accepted for mainline, reaching probably the 4.3 stable release.
Now it is time to work on the DMA.

Status

The sun4i driver has been accepted for mainline, reaching the 4.3 stable release.
The sun8i-ce driver is still in development but usable.
For the other drivers and sun4i PRNG, you can find the latest develoment patchs here: Allwinner Security System dev patchs

PRNG

The PRNG support was dropped during development, you could find why on this thread.
A reworked version could be found here
The patch adds the PRNG as an HWRNG
You could test it with rngtest
~ # cat /dev/hwrng | rngtest
rngtest 5
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
^Crngtest: entropy source drained
rngtest: bits received from input: 192937984
rngtest: FIPS 140-2 successes: 9638
rngtest: FIPS 140-2 failures: 8
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 1
rngtest: FIPS 140-2(2001-10-10) Runs: 4
rngtest: FIPS 140-2(2001-10-10) Long run: 3
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=642.496; avg=24991.555; max=3906250.000)Kibits/s
rngtest: FIPS tests speed: (min=1.806; avg=35.818; max=36.400)Mibits/s
rngtest: Program run time: 12743797 microseconds

sun4i-ss DMA

The sun4i-ss support both DMA and PIO mode.
For the moment only PIO mode is working since DMA engine driver was not ready at the beginning of developement
But now, the DMA engine driver is in mainline since 4.3 and the DMA support is being written.
The SS DMA support is availlable on my Linux repository.
But the performance drop dramaticaly with it.

Support overview

Driver sun4i-ss sun8i-ce
Category Name A20 A10 A10s A31 A33 A80 A83T H3 A64 H5 Note
AES/DES/3DES CBC 4.3 4.3 NT 4.3 4.3 WIP WIP OK WIP WIP
ECB 4.3 4.3 NT 4.3 4.3 NO NO NO NO NO
CTS NO (1)(2) NO NO NO NO NO NO NO NO NO (1)(2)
CTR NO (1)(3) NO NO NO NO NO NO NO NO NO (1)(3)
HASH MD5 4.3 4.3 NT 4.3 4.3 WIP WIP OK WIP WIP
SHA1 4.3 4.3 NT 4.3 4.3 WIP WIP OK WIP WIP
RNG PRNG OOT WIP OOT OOT OOT WIP WIP OK OK WIP (8)
TRNG NO ??(10) ??(10) ??(10) ??(10)
RSA NO WIP ??(9) WIP
HASH SHA224 NO NO OK WIP WIP
SHA256 NO NO OK WIP WIP
SHA384 OK WIP
SHA512 OK WIP
Note (7) (5) (6)
Legend:
4.3 support is available since Linux x
OOT support is available via an out of source patch
NOsupport is not written
WIPsupport is being written
NTNeed hardware for testing
Read the datahseet for more details.
Note:

Using the hardware accelerator

Testing

First you need to be sure that the driver is loaded
You can check its presence by checking:
cat /proc/crypto
...[snip]...
name : cbc(des3_ede)
driver : cbc-des3-sunxi-ss
module : sunxi_ss
priority : 400
refcnt : 1
selftest : passed
type : ablkcipher
async : yes
blocksize : 8
min keysize : 24
max keysize : 24
ivsize : 8
geniv : <default>
...[snip]...
For each algorithm, you must see it in the list (driver xxx-sunxi-ss)


You can check that everything is working with the tcrypt module.
The tcrypt module always exits with an error.
You need to dig dmesg for finding if algorithms handled by the Security System work
modprobe tcrypt
modprobe: ERROR: could not insert 'tcrypt': Unknown error 156
dmesg |grep -iE 'cbc(aes)|md5|sha1'

cryptodev

The cryptodev module could be found at http://cryptodev-linux.org/
It creates a /dev/crypto which could be used by user space applications
See my bencher for an example of how to use it

AF_ALG

The AF_ALG is already in mainline kernel
You need the following options in you .config
CONFIG_CRYPTO_USER_API
CONFIG_CRYPTO_USER_API_HASH
CONFIG_CRYPTO_USER_API_SKCIPHER
See my bencher for an example of how to use it

Openssl engine

you need to use an engine that supports AF_ALG or cryptodev.

Openssl cryptodev engine

The engine is already included in openssl releases.
Warning: I hit a bug that makes sshd impossible. See my bug report

Openssl AF_ALG engine

The engine could be found here openssl AF_ALG engine

Bench

Hash benchs

SHA1

cryptodevAF_ALG
request sizeGenericwith SSpercent gain Genericwith SSpercent gain
1611534,19238311775,846682,0951124186
3211212,57714812042,8994147,4052758348
6410893,46386711760,0019537,9546606716
12810849,07226611671,6210947,5817434692
25610588,6279311489,4902348,5078284926
51210149,61132811127,2675789,6324501344
10249322,80566410475,89257812,3684538277
20487978,5546889399,70312517,8121037277
40966232,2475597830,92089825,6516340833
81924292,5815435803,83789135,206235056
163842644,9597173851,31494145,6095877849
327681515,6541752316,66821352,8493934311
65536818,9682621290,1839657,537723971
131072426,400452682,47174160,0541786011
262144217,336731351,43621861,7012533422
524288110,03344178,39421162,1272687648
104857655,53303589,90512861,8948577185
209715227,83872445,07799561,9255070742

MD5

request sizeGenericwith SSpercent gain
1612198,15722712076,533203-0,9970688337
3212163,47265611529,570312-5,2115243889
6412063,03222711389,09375-5,586808228
12811929,52050811271,333984-5,5172923636
25611676,33691411109,584961-4,8538506312
51211295,49609410807,859375-4,317089882
102410529,98535210278,543945-2,387860938
20489287,4042979351,8369140,6937634557
40967526,5532237902,2421884,9915140951
81925405,4589845944,5688489,9734336269
163843458,6813964020,38647516,2404400605
327682039,6271972461,08081120,6632670235
655361119,2608641390,03735424,192437948
131072589,458008740,42987125,6119793015
262144302,136932383,03384426,7749167454
524288153,233093194,94590827,2218058014
104857677,27454498,33279427,2512122491
209715238,81207749,45899627,4319743311

Cipher Benchs

AES

CBC 128

cryptodev AF_ALG
request size GenericSSgain SS with DMAgain Genericwith SSgain SS with DMAgain
1693942.4975686.47-19.445945.97-93.68 5986.376284.604.983046.07-49.12
3287545.7472785.50-16.878582.14-90.20 6432.356711.404.333895.02-39.45
6475886.3567811.78-10.658127.22-89.30 6330.036758.036.763797.35-40.02
12861437.1358713.69-4.447624.93-87.59 6246.056626.596.093677.93-41.12
25644907.4947301.455.337199.11-83.97 6018.046431.076.863545.20-41.10
51229311.7533659.8314.836516.44-77.77 5620.596107.018.652968.84-47.18
102417160.3121352.4624.425632.50-67.18 4921.625490.1011.553149.22-36.02
20489414.3312371.3331.404401.97-53.25 3975.934600.5115.702154.77-45.81
40964728.226310.1033.452170.19-54.11 2724.883409.9325.141402.05-48.55
81922436.203299.5735.431414.79-41.93 1720.892243.9030.391113.95-35.27
163841239.121691.9136.54830.46-32.98 986.411344.7736.32689.55-30.10
32768624.45856.4037.14457.24-26.78 537.32690.8328.56406.44-24.36
65536313.52430.6937.37236.97-24.42 280.16381.7736.27217.17-22.49
131072157.21218.3638.89117.20-25.46 131.51195.6948.80116.08-11.74
26214478.67109.9139.7160.80-22.72 72.61100.0337.7658.35-19.63
52428838.5354.4241.2030.98-19.61 36.6350.6838.3629.97-18.19
104857619.4327.4941.4515.20-21.80 18.2125.5740.3615.57-14.50

CBC 192

request sizeGenericwith SSpercent gain
1654887,2187553323,664062-2,8486680936
3252201,91406251708,300781-0,9455846397
6447370,36718849170,3867193,7998851135
12839986,16796944686,33593811,7544846324
25631598,92968837700,76562519,3102614463
51221817,05468828847,30664132,2236527961
102413611,48242219746,65820345,0735312348
20487748,07812512116,36523456,3789760316
40963973,5588386630,54785266,8667338858
81922073,6047363498,94848668,7374852716
163841062,7318121800,67700269,4385151237
32768539,011353914,34991569,6346301262
65536271,474457460,41973969,5996537162
131072136,22583230,65808169,3203711807
26214467,679237115,217470,2403944063
52428833,96234958,15013971,219425959
104857616,97757529,19668471,9720513678

CBC 256

request sizeGenericwith SSpercent gain
1653299,76171978896,49218848,024099252
3250552,88281275414,38281249,1791933854
6445627,07421969111,25781251,4698432783
12838222,89453160228,26562557,5711791689
25629589,50976647436,48437560,3152088363
51220271,42578133738,64453166,4344920554
102412366,28320321317,17968872,3814612529
20486969,4687512329,61035276,9088978554
40963510,1416026561,36474686,9259274971
81921819,7652593425,54174888,2408585975
16384927,6478271751,53930788,8151145316
32768468,39566885,72454889,0975138412
65536235,436951444,85458488,9484985728
131072118,082893222,67735388,5771489355
26214459,484013111,32801887,1561994313
52428829,89003955,35524785,1963023534
104857614,94591327,65775585,0522948983

DES

3DES

Bench tools

I use two bench tools, one for benching MD5 and SHA1 through AF_ALG, and one for benching ciphers (AES, DES, 3DES) througth cryptodev.
You can find both tools on my cryptotest github

Contacts

You could find me on Freenode, montjoie on #linux-sunxi. My email is easy to find too.

Other sunxi works

H3/A64 EMAC(Ethernet) driver

I am working on the H3 EMAC driver which seems to be present also in the A64 SoC. The driver is close to be finished.

Hwmon

Apart from that I have also worked on getting temperature on A20 based boards.
Cubieboard2 has two sources of temperature, one in the TouchScreen controller embeded in the SoC and one in the AXP209 chip.

My original work for 3.4.x Allwinner based kernel can be found here for AXP209 sensor and here for A20 Embeded sensor
It is reported to still compile and work on 3.4.203
But seriously, stop using old kernel

In mainline the sun4i-ts (drivers/input/touchscreen) already gives sensors output
For getting AXP209 temperature you need the following patchs:
mfd-axp20x-Rename-ADC-register-name-IPSOUT-to-APS.patch
hwmon-AXP20x-Add-support-for-basic-voltage-current-t.patch


cubieboard # sensors
sun4i_ts-isa-0000
Adapter: ISA adapter
SoC temperature: +40.6°C

axp209-isa-0000
Adapter: ISA adapter
ACIN: +5.13 V
VBUS: +0.01 V
BATT: +0.00 V
APS: +4.97 V
CHIP: +23.5°C
BATT: 0.00 W
ACIN: +0.16 A
VBUS: +0.00 A
BATT_CHRG: +0.00 A
BATT_DISCHRG: +0.00 A