drivers: crypto: Add initial support for rpi_pico sha256 accelerator

soburi · soburi · commit 6f8efb282e81 · 2025-03-11T07:41:54.000+09:00
Add basic support for RaspberryPi Pico's SHA256 hardware accelerator.

Signed-off-by: TOKITA Hiroshi &lt;tokita.hiroshi@gmail.com&gt;
diff --git a/drivers/crypto/CMakeLists.txt b/drivers/crypto/CMakeLists.txt
@@ -1,18 +1,23 @@
 # SPDX-License-Identifier: Apache-2.0
 
 zephyr_library()
-zephyr_library_sources_ifdef(CONFIG_CRYPTO_TINYCRYPT_SHIM	crypto_tc_shim.c)
-zephyr_library_sources_ifdef(CONFIG_CRYPTO_ATAES132A		crypto_ataes132a.c)
-zephyr_library_sources_ifdef(CONFIG_CRYPTO_MBEDTLS_SHIM		crypto_mtls_shim.c)
-zephyr_library_sources_ifdef(CONFIG_CRYPTO_STM32			crypto_stm32.c)
-zephyr_library_sources_ifdef(CONFIG_CRYPTO_SMARTBOND        crypto_smartbond.c)
-zephyr_library_sources_ifdef(CONFIG_CRYPTO_NRF_ECB		crypto_nrf_ecb.c)
-zephyr_library_sources_ifdef(CONFIG_CRYPTO_INTEL_SHA		crypto_intel_sha.c)
-zephyr_library_sources_ifdef(CONFIG_CRYPTO_NPCX_SHA		crypto_npcx_sha.c)
-zephyr_library_sources_ifdef(CONFIG_CRYPTO_MCHP_XEC_SYMCR	crypto_mchp_xec_symcr.c)
-zephyr_library_sources_ifdef(CONFIG_CRYPTO_IT8XXX2_SHA		crypto_it8xxx2_sha.c)
-zephyr_library_sources_ifdef(CONFIG_CRYPTO_IT8XXX2_SHA_V2	crypto_it8xxx2_sha_v2.c)
-zephyr_library_sources_ifdef(CONFIG_CRYPTO_MCUX_DCP		crypto_mcux_dcp.c)
-zephyr_library_sources_ifdef(CONFIG_CRYPTO_SI32 		crypto_si32.c)
-zephyr_library_sources_ifdef(CONFIG_CRYPTO_CC23X0		crypto_cc23x0.c)
+
+# zephyr-keep-sorted-start
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_ATAES132A            crypto_ataes132a.c)
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_CC23X0               crypto_cc23x0.c)
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_INTEL_SHA            crypto_intel_sha.c)
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_IT8XXX2_SHA          crypto_it8xxx2_sha.c)
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_IT8XXX2_SHA_V2       crypto_it8xxx2_sha_v2.c)
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_MBEDTLS_SHIM         crypto_mtls_shim.c)
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_MCHP_XEC_SYMCR       crypto_mchp_xec_symcr.c)
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_MCUX_DCP             crypto_mcux_dcp.c)
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_NPCX_SHA             crypto_npcx_sha.c)
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_NRF_ECB              crypto_nrf_ecb.c)
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_RPI_PICO_SHA256      crypto_rpi_pico_sha256.c)
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_SI32                 crypto_si32.c)
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_SMARTBOND            crypto_smartbond.c)
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_STM32                crypto_stm32.c)
+zephyr_library_sources_ifdef(CONFIG_CRYPTO_TINYCRYPT_SHIM       crypto_tc_shim.c)
+# zephyr-keep-sorted-stop
+
 zephyr_library_link_libraries_ifdef(CONFIG_MBEDTLS mbedTLS)
diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
@@ -74,16 +74,19 @@ config CRYPTO_MBEDTLS_SHIM_MAX_SESSION
 	  This can be used to tweak the amount of sessions the driver
 	  can handle in parallel.
 
+# zephyr-keep-sorted-start
 source "drivers/crypto/Kconfig.ataes132a"
-source "drivers/crypto/Kconfig.stm32"
-source "drivers/crypto/Kconfig.nrf_ecb"
+source "drivers/crypto/Kconfig.cc23x0"
 source "drivers/crypto/Kconfig.intel"
-source "drivers/crypto/Kconfig.npcx"
-source "drivers/crypto/Kconfig.xec"
 source "drivers/crypto/Kconfig.it8xxx2"
 source "drivers/crypto/Kconfig.mcux_dcp"
+source "drivers/crypto/Kconfig.npcx"
+source "drivers/crypto/Kconfig.nrf_ecb"
+source "drivers/crypto/Kconfig.rpi_pico"
 source "drivers/crypto/Kconfig.si32"
 source "drivers/crypto/Kconfig.smartbond"
-source "drivers/crypto/Kconfig.cc23x0"
+source "drivers/crypto/Kconfig.stm32"
+source "drivers/crypto/Kconfig.xec"
+# zephyr-keep-sorted-stop
 
 endif # CRYPTO
diff --git a/drivers/crypto/Kconfig.rpi_pico b/drivers/crypto/Kconfig.rpi_pico
@@ -0,0 +1,9 @@
+# Copyright (c) 2025 TOKITA Hiroshi
+# SPDX-License-Identifier: Apache-2.0
+
+config CRYPTO_RPI_PICO_SHA256
+	bool "RasberryPi Pico SHA256 Accelerator driver"
+	default y
+	depends on DT_HAS_RASPBERRYPI_PICO_SHA256_ENABLED
+	help
+	  RaspberryPi Pico SHA256 accelarator driver.
diff --git a/drivers/crypto/crypto_rpi_pico_sha256.c b/drivers/crypto/crypto_rpi_pico_sha256.c
@@ -0,0 +1,201 @@
+/*
+ * Copyright (c) 2025 TOKITA Hiroshi
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#define DT_DRV_COMPAT raspberrypi_pico_sha256
+
+#include <zephyr/crypto/crypto.h>
+#include <zephyr/sys/byteorder.h>
+
+#include <hardware/sha256.h>
+#include <pico/bootrom/lock.h>
+
+#include <zephyr/logging/log.h>
+LOG_MODULE_REGISTER(sha_rpi_pico_sha256, CONFIG_CRYPTO_LOG_LEVEL);
+
+/*
+ * This is based on the pico_sha256 implementation in the Pico-SDK.
+ */
+
+/* We add one 0x80 byte, then 8 bytes for the size */
+#define SHA256_PADDING_DATA_BYTES 9
+#define SHA256_BLOCK_SIZE_BYTES   64
+
+struct rpi_pico_sha256_data {
+	bool locked;
+	uint8_t cache_used;
+	union {
+		uint32_t word;
+		uint8_t bytes[4];
+	} cache;
+	size_t total_data_size;
+};
+
+static void write_to_hardware(struct rpi_pico_sha256_data *state, const uint8_t *data,
+			      size_t data_size_bytes)
+{
+	if (!state->cache_used && !(((uintptr_t)data) & 3u)) {
+		/* aligned writes */
+		while (data_size_bytes >= 4) {
+			/* write a whole word */
+			sha256_wait_ready_blocking();
+			sha256_put_word(*(const uint32_t *)data);
+			data += 4;
+			data_size_bytes -= 4;
+		}
+	}
+
+	while (data_size_bytes--) {
+		state->cache.bytes[state->cache_used++] = *data++;
+		if (state->cache_used == 4) {
+			state->cache_used = 0;
+			sha256_wait_ready_blocking();
+			sha256_put_word(state->cache.word);
+		}
+	}
+}
+
+static inline size_t bytes_to_write(struct rpi_pico_sha256_data *state, size_t data_size_bytes)
+{
+	return ROUND_UP(state->total_data_size, SHA256_BLOCK_SIZE_BYTES) - state->total_data_size;
+}
+
+static void update_internal(struct rpi_pico_sha256_data *state, const uint8_t *data,
+			    size_t data_size_bytes)
+{
+	/* must finish off the last 64 byte block first or else sha256_err_not_ready will be true */
+	const size_t bytes_left = MIN(bytes_to_write(state, data_size_bytes), data_size_bytes);
+
+	if (bytes_left > 0) {
+		write_to_hardware(state, data, bytes_left);
+		state->total_data_size += bytes_left;
+		data_size_bytes -= bytes_left;
+		data += bytes_left;
+	}
+
+	/* Write the rest of the data */
+	if (data_size_bytes > 0) {
+		write_to_hardware(state, data, data_size_bytes);
+		state->total_data_size += data_size_bytes;
+	}
+}
+
+static void add_zero_bytes(struct rpi_pico_sha256_data *state, size_t data_size_bytes)
+{
+	const uint8_t zero[] = {0, 0, 0, 0};
+
+	while ((int32_t)data_size_bytes > 0) {
+		update_internal(state, zero, MIN(4, data_size_bytes));
+		data_size_bytes -= 4;
+	}
+}
+
+static void write_padding(struct rpi_pico_sha256_data *state)
+{
+	/* Has to be a multiple of 64 bytes */
+
+	uint64_t size = ROUND_UP(state->total_data_size + SHA256_PADDING_DATA_BYTES,
+				 SHA256_BLOCK_SIZE_BYTES);
+	const size_t user_data_size = state->total_data_size;
+	const size_t padding_size_bytes = size - state->total_data_size;
+	const uint8_t one_bit = 0x80;
+
+	/* append a single '1' bit */
+	update_internal(state, &one_bit, 1);
+
+	/* Zero unused padding */
+	add_zero_bytes(state, padding_size_bytes - SHA256_PADDING_DATA_BYTES);
+
+	/* Add size in bits, big endian */
+	size = BSWAP_64((uint64_t)(user_data_size * 8));
+	update_internal(state, (uint8_t *)&size, sizeof(uint64_t)); /* last write */
+}
+
+static int rpi_pico_sha256_hash_handler(struct hash_ctx *ctx, struct hash_pkt *pkt, bool finish)
+{
+	struct rpi_pico_sha256_data *data = ctx->device->data;
+
+	assert(data->locked);
+
+	data->cache_used = 0;
+	data->cache.word = 0;
+	data->total_data_size = 0;
+
+	sha256_err_not_ready_clear();
+	sha256_set_bswap(true);
+	sha256_start();
+
+	update_internal(data, pkt->in_buf, pkt->in_len);
+
+	if (!finish) {
+		return 0;
+	}
+
+	write_padding(data);
+	sha256_wait_valid_blocking();
+
+	for (uint i = 0; i < 8; i++) {
+		((uint32_t *)pkt->out_buf)[i] = BSWAP_32((uint32_t)sha256_hw->sum[i]);
+	}
+
+	return 0;
+}
+
+static int rpi_pico_sha256_query_hw_caps(const struct device *dev)
+{
+	return (CAP_SEPARATE_IO_BUFS | CAP_SYNC_OPS);
+}
+
+static int rpi_pico_sha256_hash_begin_session(const struct device *dev, struct hash_ctx *ctx,
+					      enum hash_algo algo)
+{
+	struct rpi_pico_sha256_data *data = dev->data;
+
+	assert(!data->locked);
+
+	if (algo != CRYPTO_HASH_ALGO_SHA256) {
+		LOG_ERR("Unsupported algo");
+		return -EINVAL;
+	}
+
+	if (ctx->flags & ~(rpi_pico_sha256_query_hw_caps(dev))) {
+		LOG_ERR("Unsupported flag");
+		return -EINVAL;
+	}
+
+	if (!bootrom_try_acquire_lock(BOOTROM_LOCK_SHA_256)) {
+		return -EBUSY;
+	}
+
+	data->locked = true;
+	ctx->hash_hndlr = rpi_pico_sha256_hash_handler;
+
+	return 0;
+}
+
+static int rpi_pico_sha256_hash_session_free(const struct device *dev, struct hash_ctx *ctx)
+{
+	struct rpi_pico_sha256_data *data = dev->data;
+
+	assert(data->locked);
+
+	bootrom_release_lock(BOOTROM_LOCK_SHA_256);
+	data->locked = false;
+
+	return 0;
+}
+
+static DEVICE_API(crypto, rpi_pico_sha256_crypto_api) = {
+	.query_hw_caps = rpi_pico_sha256_query_hw_caps,
+	.hash_begin_session = rpi_pico_sha256_hash_begin_session,
+	.hash_free_session = rpi_pico_sha256_hash_session_free,
+};
+
+#define RPI_PICO_SHA256_INIT(idx)                                                                  \
+	static struct rpi_pico_sha256_data rpi_pico_sha256_##idx##_data;                           \
+	DEVICE_DT_INST_DEFINE(idx, NULL, NULL, &rpi_pico_sha256_##idx##_data, NULL, POST_KERNEL,   \
+			      CONFIG_CRYPTO_INIT_PRIORITY, &rpi_pico_sha256_crypto_api);
+
+DT_INST_FOREACH_STATUS_OKAY(RPI_PICO_SHA256_INIT)
diff --git a/dts/arm/raspberrypi/rpi_pico/rp2350.dtsi b/dts/arm/raspberrypi/rpi_pico/rp2350.dtsi
@@ -375,6 +375,12 @@
 			status = "disabled";
 		};
 
+		sha256: sha256@400f8000 {
+			compatible = "raspberrypi,pico-sha256";
+			reg = <0x400f8000 0x200>;
+			status = "disabled";
+		};
+
 		dma: dma@50000000 {
 			compatible = "raspberrypi,pico-dma";
 			reg = <0x50000000 DT_SIZE_K(64)>;
diff --git a/dts/bindings/crypto/raspberrypi,pico-sha256.yaml b/dts/bindings/crypto/raspberrypi,pico-sha256.yaml
@@ -0,0 +1,8 @@
+# Copyright (c) 2025 TOKITA Hiroshi
+# SPDX-License-Identifier: Apache-2.0
+
+description: RaspberryPi Pico SHA256 accelerator
+
+compatible: "raspberrypi,pico-sha256"
+
+include: base.yaml
