[PATCH 0/7] arm: crypto: sha256: fix generation of thumb2 assembly

[PATCH 0/7] arm: crypto: sha256: fix generation of thumb2 assembly

[Stefan Kerkmann]

The checked in `sha256-core.S_shipped` assembly file has a thumb2
specific workaround applied[1]. This fix wasn't backported to the perl
script `sha256-armv4.pl` used to generate the assembly, thus when the
script is run it would regenerate the buggy code.

In-tree builds were not affected as the assembly file already exists in
the source tree. However in the context of an out-of-tree build (make
O=xyz) the file isn't present from the pov of make - triggering a
regeneration. This happens by default during Yocto builds - leading to a
broken sha256 sum function on ARMv7 compiled with Thumb2 support. The
bug expresses itself not in crashes but wrong sha256 sums.

The mentioned problem in[1] was fixed and explained further in upstream
commit[2]. Thus this series updates the script and generated assembly to
the most recent Kernel commit[3].

To better catch regressions in the future the existing digest tests now
exercise the optimized implementations for ARMv5/v6/v7/v8 and the ARMv7
test binaries are compiled in thumb2 mode.

[1]: b73bc6e303 (arm: crypto: fix SHA256 shipped assembler code, 2018-10-05)
[2]: 69216a545cf8 (crypto: sha256/arm - fix crash bug in Thumb2 build, 2019-02-16)
[3]: 54781938ec34 (crypto: arm/sha256-neon - avoid ADRL pseudo instruction, 2020-09-16)

Signed-off-by: Stefan Kerkmann <s.kerkmann@pengutronix.de>
---
Stefan Kerkmann (7):
      arm: crypto: sha256: fix generation of thumb2 assembly
      arm: configs: multi_v5_v6_defconfig: move rpi1 armv6 targets
      arm: configs: multi_v5_v6_defconfig: enable arm optimized sha1/sha256 digest
      arm: configs: multi_v7_defconfig: compile for thumb2
      arm: configs: multi_v7_defconfig: enable arm optimized sha256 digest
      arm: configs: multi_v8_defconfig: enable arm optimized sha1/sha256 digest
      test: arm: rpi: run tests against multi_v5_v6_defconfig

 .github/workflows/test-labgrid-pytest.yml          |  4 ++
 arch/arm/configs/multi_v5_v6_defconfig             |  6 ++-
 arch/arm/configs/multi_v7_defconfig                |  7 +--
 arch/arm/configs/multi_v8_defconfig                |  5 +-
 arch/arm/crypto/sha256-armv4.pl                    | 25 ++++++----
 arch/arm/crypto/sha256-core.S_shipped              | 55 ++++++++++++++++++----
 ...yaml => qemu-raspi0@multi_v5_v6_defconfig.yaml} |  0
 ...ml => qemu-raspi1ap@multi_v5_v6_defconfig.yaml} |  0
 8 files changed, 74 insertions(+), 28 deletions(-)
---
base-commit: d9f7f6d930069df35e28fedb35719bfd12fbd6e4
change-id: 20241106-fix-sha256-assembly-ad3d25bf5a9f

Best regards,
-- 
Stefan Kerkmann <s.kerkmann@pengutronix.de>

[PATCH 1/7] arm: crypto: sha256: fix generation of thumb2 assembly

[Stefan Kerkmann]

The checked in `sha256-core.S_shipped` assembly file has a thumb2
specific workaround applied[1]. This fix wasn't backported to the perl
script `sha256-armv4.pl` used to generate the assembly, thus when the
script is run it would regenerate the buggy code.

In-tree builds were not affected as the assembly file already exists in
the source tree. However in the context of an out-of-tree build (make
O=xyz) the file isn't present from the pov of make - triggering a
regeneration. This happens by default during Yocto builds - leading to a
broken sha256 sum function on ARMv7 compiled with Thumb2 support. The
bug expresses itself not in crashes but wrong sha256 sums.

The mentioned problem in[1] was fixed and explained further in upstream
commit[2]. Thus this commit updates the script and generated assembly to
the most recent Kernel commit[3].

[1]: b73bc6e303 (arm: crypto: fix SHA256 shipped assembler code,
2018-10-05)
[2]: 69216a545cf8 (crypto: sha256/arm - fix crash bug in Thumb2 build,
2019-02-16)
[3]: 54781938ec34 (crypto: arm/sha256-neon - avoid ADRL pseudo
instruction, 2020-09-16)

Signed-off-by: Stefan Kerkmann <s.kerkmann@pengutronix.de>
---
 arch/arm/crypto/sha256-armv4.pl       | 25 ++++++++++------
 arch/arm/crypto/sha256-core.S_shipped | 55 +++++++++++++++++++++++++++++------
 2 files changed, 62 insertions(+), 18 deletions(-)

diff --git a/arch/arm/crypto/sha256-armv4.pl b/arch/arm/crypto/sha256-armv4.pl
index 2b186a034ed11295a09e55ce56fc5c1b54be3832..f3a2b54efd4ee39fbeaefc87ffd850e97915233b 100644
--- a/arch/arm/crypto/sha256-armv4.pl
+++ b/arch/arm/crypto/sha256-armv4.pl
@@ -1,12 +1,19 @@
 #!/usr/bin/env perl
+# SPDX-License-Identifier: GPL-2.0
+
+# This code is taken from the OpenSSL project but the author (Andy Polyakov)
+# has relicensed it under the GPLv2. Therefore this program is free software;
+# you can redistribute it and/or modify it under the terms of the GNU General
+# Public License version 2 as published by the Free Software Foundation.
+#
+# The original headers, including the original license headers, are
+# included below for completeness.
 
 # ====================================================================
 # Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
 # project. The module is, however, dual licensed under OpenSSL and
 # CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-#
-# Permission to use under GPL terms is granted.
+# details see https://www.openssl.org/~appro/cryptogams/.
 # ====================================================================
 
 # SHA256 block procedure for ARMv4. May 2007.
@@ -73,7 +80,9 @@ $code.=<<___ if ($i<16);
 	eor	$t0,$e,$e,ror#`$Sigma1[1]-$Sigma1[0]`
 	add	$a,$a,$t2			@ h+=Maj(a,b,c) from the past
 	eor	$t0,$t0,$e,ror#`$Sigma1[2]-$Sigma1[0]`	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	$t1,$t1
+# endif
 #else
 	@ ldrb	$t1,[$inp,#3]			@ $i
 	add	$a,$a,$t2			@ h+=Maj(a,b,c) from the past
@@ -172,10 +181,6 @@ $code=<<___;
 # endif
 #endif
 
-#ifdef __thumb__
-#define adrl adr
-#endif
-
 .type	K256,%object
 .align	5
 K256:
@@ -206,10 +211,11 @@ K256:
 .global	sha256_block_data_order
 .type	sha256_block_data_order,%function
 sha256_block_data_order:
+.Lsha256_block_data_order:
 #if __ARM_ARCH__<7
 	sub	r3,pc,#8		@ sha256_block_data_order
 #else
-	adr	r3,sha256_block_data_order
+	adr	r3,.Lsha256_block_data_order
 #endif
 #if __ARM_MAX_ARCH__>=7 && !defined(__KERNEL__)
 	ldr	r12,.LOPENSSL_armcap
@@ -464,7 +470,8 @@ sha256_block_data_order_neon:
 	stmdb	sp!,{r4-r12,lr}
 
 	sub	$H,sp,#16*4+16
-	adrl	$Ktbl,K256
+	adr	$Ktbl,.Lsha256_block_data_order
+	sub	$Ktbl,$Ktbl,#.Lsha256_block_data_order-K256
 	bic	$H,$H,#15		@ align for 128-bit stores
 	mov	$t2,sp
 	mov	sp,$H			@ alloca
diff --git a/arch/arm/crypto/sha256-core.S_shipped b/arch/arm/crypto/sha256-core.S_shipped
index 4f9cf833b94b8c7ff07a7e58d0e648c5ef357959..6363014a50d799c0001c71f53b4c2e31949e2ce6 100644
--- a/arch/arm/crypto/sha256-core.S_shipped
+++ b/arch/arm/crypto/sha256-core.S_shipped
@@ -1,11 +1,18 @@
+@ SPDX-License-Identifier: GPL-2.0
+
+@ This code is taken from the OpenSSL project but the author (Andy Polyakov)
+@ has relicensed it under the GPLv2. Therefore this program is free software;
+@ you can redistribute it and/or modify it under the terms of the GNU General
+@ Public License version 2 as published by the Free Software Foundation.
+@
+@ The original headers, including the original license headers, are
+@ included below for completeness.
 
 @ ====================================================================
 @ Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
 @ project. The module is, however, dual licensed under OpenSSL and
 @ CRYPTOGAMS licenses depending on where you obtain it. For further
-@ details see http://www.openssl.org/~appro/cryptogams/.
-@
-@ Permission to use under GPL terms is granted.
+@ details see https://www.openssl.org/~appro/cryptogams/.
 @ ====================================================================
 
 @ SHA256 block procedure for ARMv4. May 2007.
@@ -55,10 +62,6 @@
 # endif
 #endif
 
-#ifdef __thumb__
-#define adrl adr
-#endif
-
 .type	K256,%object
 .align	5
 K256:
@@ -89,10 +92,11 @@ K256:
 .global	sha256_block_data_order
 .type	sha256_block_data_order,%function
 sha256_block_data_order:
+.Lsha256_block_data_order:
 #if __ARM_ARCH__<7
 	sub	r3,pc,#8		@ sha256_block_data_order
 #else
-	adr	r3,.
+	adr	r3,.Lsha256_block_data_order
 #endif
 #if __ARM_MAX_ARCH__>=7 && !defined(__KERNEL__)
 	ldr	r12,.LOPENSSL_armcap
@@ -123,7 +127,9 @@ sha256_block_data_order:
 	eor	r0,r8,r8,ror#5
 	add	r4,r4,r12			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r8,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 0
 	add	r4,r4,r12			@ h+=Maj(a,b,c) from the past
@@ -179,7 +185,9 @@ sha256_block_data_order:
 	eor	r0,r7,r7,ror#5
 	add	r11,r11,r3			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r7,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 1
 	add	r11,r11,r3			@ h+=Maj(a,b,c) from the past
@@ -235,7 +243,9 @@ sha256_block_data_order:
 	eor	r0,r6,r6,ror#5
 	add	r10,r10,r12			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r6,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 2
 	add	r10,r10,r12			@ h+=Maj(a,b,c) from the past
@@ -291,7 +301,9 @@ sha256_block_data_order:
 	eor	r0,r5,r5,ror#5
 	add	r9,r9,r3			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r5,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 3
 	add	r9,r9,r3			@ h+=Maj(a,b,c) from the past
@@ -347,7 +359,9 @@ sha256_block_data_order:
 	eor	r0,r4,r4,ror#5
 	add	r8,r8,r12			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r4,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 4
 	add	r8,r8,r12			@ h+=Maj(a,b,c) from the past
@@ -403,7 +417,9 @@ sha256_block_data_order:
 	eor	r0,r11,r11,ror#5
 	add	r7,r7,r3			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r11,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 5
 	add	r7,r7,r3			@ h+=Maj(a,b,c) from the past
@@ -459,7 +475,9 @@ sha256_block_data_order:
 	eor	r0,r10,r10,ror#5
 	add	r6,r6,r12			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r10,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 6
 	add	r6,r6,r12			@ h+=Maj(a,b,c) from the past
@@ -515,7 +533,9 @@ sha256_block_data_order:
 	eor	r0,r9,r9,ror#5
 	add	r5,r5,r3			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r9,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 7
 	add	r5,r5,r3			@ h+=Maj(a,b,c) from the past
@@ -571,7 +591,9 @@ sha256_block_data_order:
 	eor	r0,r8,r8,ror#5
 	add	r4,r4,r12			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r8,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 8
 	add	r4,r4,r12			@ h+=Maj(a,b,c) from the past
@@ -627,7 +649,9 @@ sha256_block_data_order:
 	eor	r0,r7,r7,ror#5
 	add	r11,r11,r3			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r7,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 9
 	add	r11,r11,r3			@ h+=Maj(a,b,c) from the past
@@ -683,7 +707,9 @@ sha256_block_data_order:
 	eor	r0,r6,r6,ror#5
 	add	r10,r10,r12			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r6,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 10
 	add	r10,r10,r12			@ h+=Maj(a,b,c) from the past
@@ -739,7 +765,9 @@ sha256_block_data_order:
 	eor	r0,r5,r5,ror#5
 	add	r9,r9,r3			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r5,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 11
 	add	r9,r9,r3			@ h+=Maj(a,b,c) from the past
@@ -795,7 +823,9 @@ sha256_block_data_order:
 	eor	r0,r4,r4,ror#5
 	add	r8,r8,r12			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r4,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 12
 	add	r8,r8,r12			@ h+=Maj(a,b,c) from the past
@@ -851,7 +881,9 @@ sha256_block_data_order:
 	eor	r0,r11,r11,ror#5
 	add	r7,r7,r3			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r11,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 13
 	add	r7,r7,r3			@ h+=Maj(a,b,c) from the past
@@ -907,7 +939,9 @@ sha256_block_data_order:
 	eor	r0,r10,r10,ror#5
 	add	r6,r6,r12			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r10,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 14
 	add	r6,r6,r12			@ h+=Maj(a,b,c) from the past
@@ -963,7 +997,9 @@ sha256_block_data_order:
 	eor	r0,r9,r9,ror#5
 	add	r5,r5,r3			@ h+=Maj(a,b,c) from the past
 	eor	r0,r0,r9,ror#19	@ Sigma1(e)
+# ifndef __ARMEB__
 	rev	r2,r2
+# endif
 #else
 	@ ldrb	r2,[r1,#3]			@ 15
 	add	r5,r5,r3			@ h+=Maj(a,b,c) from the past
@@ -1848,7 +1884,8 @@ sha256_block_data_order_neon:
 	stmdb	sp!,{r4-r12,lr}
 
 	sub	r11,sp,#16*4+16
-	adrl	r14,K256
+	adr	r14,.Lsha256_block_data_order
+	sub	r14,r14,#.Lsha256_block_data_order-K256
 	bic	r11,r11,#15		@ align for 128-bit stores
 	mov	r12,sp
 	mov	sp,r11			@ alloca

-- 
2.39.5

[PATCH 2/7] arm: configs: multi_v5_v6_defconfig: move rpi1 armv6 targets

[Stefan Kerkmann]

MACH_RPI Boards (Raspberry Pi 1, Zero and Zero W) all use the Broadcom
BCM2835 SoC which is ARMv6. Thus it is moved to the correct defconfig.

Signed-off-by: Stefan Kerkmann <s.kerkmann@pengutronix.de>
---
 arch/arm/configs/multi_v5_v6_defconfig | 4 ++--
 arch/arm/configs/multi_v7_defconfig    | 4 ----
 2 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/arch/arm/configs/multi_v5_v6_defconfig b/arch/arm/configs/multi_v5_v6_defconfig
index 0ff8597fdea968b027490bb24ec0871277ab7ece..d6bfa90529a05b57ca58f7b50314549094134c02 100644
--- a/arch/arm/configs/multi_v5_v6_defconfig
+++ b/arch/arm/configs/multi_v5_v6_defconfig
@@ -1,5 +1,7 @@
+CONFIG_ARCH_BCM283X=y
 CONFIG_ARCH_IMX=y
 CONFIG_ARCH_VERSATILE=y
+CONFIG_MACH_RPI=y
 CONFIG_MACH_SCB9328=y
 CONFIG_MACH_TX25=y
 CONFIG_MACH_PCA100=y
@@ -74,7 +76,6 @@ CONFIG_CMD_OFTREE=y
 CONFIG_CMD_TIME=y
 CONFIG_NET=y
 CONFIG_NET_NETCONSOLE=y
-CONFIG_OFDEVICE=y
 CONFIG_OF_BAREBOX_DRIVERS=y
 CONFIG_SERIAL_AMBA_PL011=y
 CONFIG_DRIVER_NET_FEC_IMX=y
@@ -114,6 +115,5 @@ CONFIG_FS_TFTP=y
 CONFIG_FS_NFS=y
 CONFIG_FS_FAT=y
 CONFIG_FS_FAT_WRITE=y
-CONFIG_FS_FAT_LFN=y
 CONFIG_FS_UBIFS=y
 CONFIG_FS_UBIFS_COMPRESSION_LZO=y
diff --git a/arch/arm/configs/multi_v7_defconfig b/arch/arm/configs/multi_v7_defconfig
index 97b01fd81278f1841c3f037b33bc53969020a160..8a9617c116d741c9bc5b6586e707c1c244cd18c6 100644
--- a/arch/arm/configs/multi_v7_defconfig
+++ b/arch/arm/configs/multi_v7_defconfig
@@ -5,7 +5,6 @@ CONFIG_ARCH_ROCKCHIP=y
 CONFIG_ARCH_STM32MP=y
 CONFIG_ARCH_VEXPRESS=y
 CONFIG_CACHE_L2X0=y
-CONFIG_MACH_RPI=y
 CONFIG_MACH_RPI2=y
 CONFIG_MACH_RPI3=y
 CONFIG_MACH_RPI_CM3=y
@@ -197,7 +196,6 @@ CONFIG_CMD_OF_FIXUP_STATUS=y
 CONFIG_CMD_OF_OVERLAY=y
 CONFIG_CMD_OFTREE=y
 CONFIG_CMD_TIME=y
-CONFIG_CMD_STATE=y
 CONFIG_NET=y
 CONFIG_NET_NFS=y
 CONFIG_NET_NETCONSOLE=y
@@ -294,7 +292,6 @@ CONFIG_MFD_MC9SDZ60=y
 CONFIG_MFD_STMPE=y
 CONFIG_MFD_STPMIC1=y
 CONFIG_MFD_STM32_TIMERS=y
-CONFIG_STATE_DRV=y
 CONFIG_LED=y
 CONFIG_LED_GPIO=y
 CONFIG_LED_PWM=y
@@ -348,7 +345,6 @@ CONFIG_FS_TFTP_MAX_WINDOW_SIZE=8
 CONFIG_FS_NFS=y
 CONFIG_FS_FAT=y
 CONFIG_FS_FAT_WRITE=y
-CONFIG_FS_FAT_LFN=y
 CONFIG_FS_UBIFS=y
 CONFIG_FS_UBIFS_COMPRESSION_LZO=y
 CONFIG_FS_UBIFS_COMPRESSION_ZLIB=y

-- 
2.39.5

[PATCH 3/7] arm: configs: multi_v5_v6_defconfig: enable arm optimized sha1/sha256 digest

[Stefan Kerkmann]

This is a common configuration used in production systems as it provides
a faster implementation of the digest.

Signed-off-by: Stefan Kerkmann <s.kerkmann@pengutronix.de>
---
 arch/arm/configs/multi_v5_v6_defconfig | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/arm/configs/multi_v5_v6_defconfig b/arch/arm/configs/multi_v5_v6_defconfig
index d6bfa90529a05b57ca58f7b50314549094134c02..d668ad6a8c22db36819b6ea93f81a5d4a461a96f 100644
--- a/arch/arm/configs/multi_v5_v6_defconfig
+++ b/arch/arm/configs/multi_v5_v6_defconfig
@@ -117,3 +117,5 @@ CONFIG_FS_FAT=y
 CONFIG_FS_FAT_WRITE=y
 CONFIG_FS_UBIFS=y
 CONFIG_FS_UBIFS_COMPRESSION_LZO=y
+CONFIG_DIGEST_SHA1_ARM=y
+CONFIG_DIGEST_SHA256_ARM=y

-- 
2.39.5

[PATCH 4/7] arm: configs: multi_v7_defconfig: compile for thumb2

[Stefan Kerkmann]

This is a common configuration used in production systems as it results
in smaller binaries and possibly faster startup times.

Signed-off-by: Stefan Kerkmann <s.kerkmann@pengutronix.de>
---
 arch/arm/configs/multi_v7_defconfig | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm/configs/multi_v7_defconfig b/arch/arm/configs/multi_v7_defconfig
index 8a9617c116d741c9bc5b6586e707c1c244cd18c6..f64005308516fadd22d02294a2bc58c02b113b4e 100644
--- a/arch/arm/configs/multi_v7_defconfig
+++ b/arch/arm/configs/multi_v7_defconfig
@@ -85,7 +85,7 @@ CONFIG_MACH_PROTONIC_STM32MP1=y
 CONFIG_MACH_PHYTEC_PHYCORE_STM32MP1=y
 CONFIG_MACH_VEXPRESS=y
 CONFIG_MACH_VIRT=y
-CONFIG_AEABI=y
+CONFIG_THUMB2_BAREBOX=y
 CONFIG_ARM_OPTIMZED_STRING_FUNCTIONS=y
 CONFIG_ARM_UNWIND=y
 CONFIG_ARM_PSCI=y

-- 
2.39.5

[PATCH 5/7] arm: configs: multi_v7_defconfig: enable arm optimized sha256 digest

[Stefan Kerkmann]

This is a common configuration used in production systems as it provides
a faster implementation of the digest.

Signed-off-by: Stefan Kerkmann <s.kerkmann@pengutronix.de>
---
 arch/arm/configs/multi_v7_defconfig | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/arm/configs/multi_v7_defconfig b/arch/arm/configs/multi_v7_defconfig
index f64005308516fadd22d02294a2bc58c02b113b4e..e1b05c1c8e63b3f31ae7937213ebea3206ed1a9e 100644
--- a/arch/arm/configs/multi_v7_defconfig
+++ b/arch/arm/configs/multi_v7_defconfig
@@ -358,3 +358,4 @@ CONFIG_FS_SQUASHFS=y
 CONFIG_FS_RATP=y
 CONFIG_PNG=y
 CONFIG_DIGEST_SHA1_ARM=y
+CONFIG_DIGEST_SHA256_ARM=y

-- 
2.39.5

[PATCH 6/7] arm: configs: multi_v8_defconfig: enable arm optimized sha1/sha256 digest

[Stefan Kerkmann]

This is a common configuration used in production systems as it provides
a faster implementation of the digest.

Signed-off-by: Stefan Kerkmann <s.kerkmann@pengutronix.de>
---
 arch/arm/configs/multi_v8_defconfig | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/arch/arm/configs/multi_v8_defconfig b/arch/arm/configs/multi_v8_defconfig
index 39d5dd3fc1678f6a7a719f6ebcabc16b3d02f7ee..280a7bdb0367dd9897769273c07497e19a2db5ff 100644
--- a/arch/arm/configs/multi_v8_defconfig
+++ b/arch/arm/configs/multi_v8_defconfig
@@ -176,10 +176,8 @@ CONFIG_NET_USB_RTL8152=y
 CONFIG_DRIVER_SPI_FSL_QUADSPI=y
 CONFIG_DRIVER_SPI_IMX=y
 CONFIG_SPI_NXP_FLEXSPI=y
-CONFIG_I2C=y
 CONFIG_I2C_GPIO=y
 CONFIG_I2C_IMX=y
-CONFIG_I2C_IMX_LPI2C=y
 CONFIG_I2C_RK3X=y
 CONFIG_I2C_MUX=y
 CONFIG_I2C_MUX_PCA954x=y
@@ -248,7 +246,6 @@ CONFIG_RTC_CLASS=y
 CONFIG_RTC_DRV_DS1307=y
 CONFIG_FIRMWARE_ZYNQMP_FPGA=y
 CONFIG_ARM_SCMI_PROTOCOL=y
-CONFIG_TI_SCI_PROTOCOL=y
 CONFIG_GENERIC_PHY=y
 CONFIG_USB_NOP_XCEIV=y
 CONFIG_PHY_ROCKCHIP_INNO_USB2=y
@@ -271,4 +268,6 @@ CONFIG_FS_PSTORE=y
 CONFIG_FS_PSTORE_CONSOLE=y
 CONFIG_FS_RATP=y
 CONFIG_LZO_DECOMPRESS=y
+CONFIG_DIGEST_SHA1_ARM64_CE=y
+CONFIG_DIGEST_SHA256_ARM64_CE=y
 # CONFIG_MISSING_FIRMWARE_ERROR is not set

-- 
2.39.5

[PATCH 7/7] test: arm: rpi: run tests against multi_v5_v6_defconfig

[Stefan Kerkmann]

MACH_RPI Boards (Raspberry Pi 1, Zero and Zero W) all use the
BroadcomBCM2835 SoC which is ARMv6. Thus test against the correct
defconfig.

Signed-off-by: Stefan Kerkmann <s.kerkmann@pengutronix.de>
---
 .github/workflows/test-labgrid-pytest.yml                             | 4 ++++
 ...multi_v7_defconfig.yaml => qemu-raspi0@multi_v5_v6_defconfig.yaml} | 0
 ...lti_v7_defconfig.yaml => qemu-raspi1ap@multi_v5_v6_defconfig.yaml} | 0
 3 files changed, 4 insertions(+)

diff --git a/.github/workflows/test-labgrid-pytest.yml b/.github/workflows/test-labgrid-pytest.yml
index 7d51a4d84d3a8d81ee4fc86fc42750a8d2cd1bff..5cf726854b6ecf0dc09627888751ae953d82e73d 100644
--- a/.github/workflows/test-labgrid-pytest.yml
+++ b/.github/workflows/test-labgrid-pytest.yml
@@ -15,6 +15,10 @@ jobs:
       matrix:
 
         include:
+          - ARCH: arm
+            lgenv: 'test/arm/*@multi_v5_v6_defconfig.yaml'
+            defconfig: multi_v5_v6_defconfig
+
           - ARCH: arm
             lgenv: 'test/arm/*@multi_v7_defconfig.yaml'
             defconfig: multi_v7_defconfig
diff --git a/test/arm/qemu-raspi0@multi_v7_defconfig.yaml b/test/arm/qemu-raspi0@multi_v5_v6_defconfig.yaml
similarity index 100%
rename from test/arm/qemu-raspi0@multi_v7_defconfig.yaml
rename to test/arm/qemu-raspi0@multi_v5_v6_defconfig.yaml
diff --git a/test/arm/qemu-raspi1ap@multi_v7_defconfig.yaml b/test/arm/qemu-raspi1ap@multi_v5_v6_defconfig.yaml
similarity index 100%
rename from test/arm/qemu-raspi1ap@multi_v7_defconfig.yaml
rename to test/arm/qemu-raspi1ap@multi_v5_v6_defconfig.yaml

-- 
2.39.5

Re: [PATCH 0/7] arm: crypto: sha256: fix generation of thumb2 assembly

[Stefan Kerkmann]

Hi Sascha,

On 06.11.24 17:34, Stefan Kerkmann wrote:
> The checked in `sha256-core.S_shipped` assembly file has a thumb2
> specific workaround applied[1]. This fix wasn't backported to the perl
> script `sha256-armv4.pl` used to generate the assembly, thus when the
> script is run it would regenerate the buggy code.
> 
> In-tree builds were not affected as the assembly file already exists in
> the source tree. However in the context of an out-of-tree build (make
> O=xyz) the file isn't present from the pov of make - triggering a
> regeneration. This happens by default during Yocto builds - leading to a
> broken sha256 sum function on ARMv7 compiled with Thumb2 support. The
> bug expresses itself not in crashes but wrong sha256 sums.

I just (re-)tested this part without the patch applied, and I'm unable to
reproduce it in a cleanly checked out state of my BSP. The full chain of events
and conditions that lead to the regeneration of the file is thus not fully
understood (yet) — but it clearly happened for me.

Here is the output of a CI[1] run with the assembly file (forcefully) generated
from the script, that shoes the errors I ran into:

  test_digests_sha12:153: mismatch calculating sha224-asm(zeroes7):
  	got: c56f57826fa8cc1cae10a3450b90162677ba55cdbaa3d2a72810853e
  	but: fbf6df85218ac5632461a8a17c6f294e6f35264cbfc0a9774a4f665b expected
  test_digests_sha12:153: mismatch calculating sha224-asm(one32):
  	got: 3a81d42a638cf434f5b002ead1252be963880bd3eec627a8b3278bb4
  	but: 343cb3950305e6e6331e294b0a4925739d09ecbd2b43a2fc87c09941 expected
  test_digests_sha12:153: mismatch calculating sha224-asm(inc4097):
  	got: 2e6565a91ff0e4f0d316067ad66eaa3b76d71317171adfd0ec6bbcd4
  	but: 6596b5dcfbd857f4246d6b94508b8a1a5b715a4f644a0c1e7d54c4f7 expected
  test_digests_sha12:164: mismatch calculating sha256-asm(zeroes7):
  	got: 71ab8ff93158c3b8863460dac03e9049bd5d3ec1a2ec4a1ba6e434d0fd33eb5f
  	but: 837885c8f8091aeaeb9ec3c3f85a6ff470a415e610b8ba3e49f9b33c9cf9d619 expected
  test_digests_sha12:164: mismatch calculating sha256-asm(one32):
  	got: bcbd77ba0128aed7df96f75788fefa5e8da2501bfd3e0fe14753d4b5c27b1564
  	but: 01d0fabd251fcbbe2b93b4b927b26ad2a1a99077152e45ded1e678afa45dbec5 expected
  test_digests_sha12:164: mismatch calculating sha256-asm(inc4097):
  	got: 4dd697b3bf8f7f0630b583356d48dcc7a1c345e62fe189c1d4843a38cd7d59a9
  	but: 1e973d029df2b2c66cb42a942c5edb45966f02abaff29fe99410e44d271d0efc expected
  test_digests_sha12:153: mismatch calculating sha224(zeroes7):
  	got: c56f57826fa8cc1cae10a3450b90162677ba55cdbaa3d2a72810853e
  	but: fbf6df85218ac5632461a8a17c6f294e6f35264cbfc0a9774a4f665b expected
  test_digests_sha12:153: mismatch calculating sha224(one32):
  	got: 3a81d42a638cf434f5b002ead1252be963880bd3eec627a8b3278bb4
  	but: 343cb3950305e6e6331e294b0a4925739d09ecbd2b43a2fc87c09941 expected
  test_digests_sha12:153: mismatch calculating sha224(inc4097):
  	got: 2e6565a91ff0e4f0d316067ad66eaa3b76d71317171adfd0ec6bbcd4
  	but: 6596b5dcfbd857f4246d6b94508b8a1a5b715a4f644a0c1e7d54c4f7 expected
  test_digests_sha12:164: mismatch calculating sha256(zeroes7):
  	got: 71ab8ff93158c3b8863460dac03e9049bd5d3ec1a2ec4a1ba6e434d0fd33eb5f
  	but: 837885c8f8091aeaeb9ec3c3f85a6ff470a415e610b8ba3e49f9b33c9cf9d619 expected
  test_digests_sha12:164: mismatch calculating sha256(one32):
  	got: bcbd77ba0128aed7df96f75788fefa5e8da2501bfd3e0fe14753d4b5c27b1564
  	but: 01d0fabd251fcbbe2b93b4b927b26ad2a1a99077152e45ded1e678afa45dbec5 expected
  test_digests_sha12:164: mismatch calculating sha256(inc4097):
  	got: 4dd697b3bf8f7f0630b583356d48dcc7a1c345e62fe189c1d4843a38cd7d59a9
  	but: 1e973d029df2b2c66cb42a942c5edb45966f02abaff29fe99410e44d271d0efc expected
  ERROR: digest: failed 12 out of 45 tests

[1]: https://github.com/KarlK90/barebox/actions/runs/11704376345/job/32596699159


So the patch is still valid, but this paragraph should be replaced with:

Under rare circumstances, in my case it was a Yocto build of barebox from an
external source tree, the assembly file was regenerated. Leading to a broken
sha256 sum function on ARMv7 compiled with Thumb2 support. The bug expressed
itself not in crashes but wrong sha256 sums.

Should I send a v2 for the updated message?

> The mentioned problem in[1] was fixed and explained further in upstream
> commit[2]. Thus this series updates the script and generated assembly to
> the most recent Kernel commit[3].
> 
> To better catch regressions in the future the existing digest tests now
> exercise the optimized implementations for ARMv5/v6/v7/v8 and the ARMv7
> test binaries are compiled in thumb2 mode.
> 
> [1]: b73bc6e303 (arm: crypto: fix SHA256 shipped assembler code, 2018-10-05)
> [2]: 69216a545cf8 (crypto: sha256/arm - fix crash bug in Thumb2 build, 2019-02-16)
> [3]: 54781938ec34 (crypto: arm/sha256-neon - avoid ADRL pseudo instruction, 2020-09-16)
> 
> Signed-off-by: Stefan Kerkmann <s.kerkmann@pengutronix.de>
> ---
> Stefan Kerkmann (7):
>       arm: crypto: sha256: fix generation of thumb2 assembly
>       arm: configs: multi_v5_v6_defconfig: move rpi1 armv6 targets
>       arm: configs: multi_v5_v6_defconfig: enable arm optimized sha1/sha256 digest
>       arm: configs: multi_v7_defconfig: compile for thumb2
>       arm: configs: multi_v7_defconfig: enable arm optimized sha256 digest
>       arm: configs: multi_v8_defconfig: enable arm optimized sha1/sha256 digest
>       test: arm: rpi: run tests against multi_v5_v6_defconfig
> 
>  .github/workflows/test-labgrid-pytest.yml          |  4 ++
>  arch/arm/configs/multi_v5_v6_defconfig             |  6 ++-
>  arch/arm/configs/multi_v7_defconfig                |  7 +--
>  arch/arm/configs/multi_v8_defconfig                |  5 +-
>  arch/arm/crypto/sha256-armv4.pl                    | 25 ++++++----
>  arch/arm/crypto/sha256-core.S_shipped              | 55 ++++++++++++++++++----
>  ...yaml => qemu-raspi0@multi_v5_v6_defconfig.yaml} |  0
>  ...ml => qemu-raspi1ap@multi_v5_v6_defconfig.yaml} |  0
>  8 files changed, 74 insertions(+), 28 deletions(-)
> ---
> base-commit: d9f7f6d930069df35e28fedb35719bfd12fbd6e4
> change-id: 20241106-fix-sha256-assembly-ad3d25bf5a9f
> 
> Best regards,

Cheers,
Stefan

-- 
Pengutronix e.K.                       | Stefan Kerkmann             |
Steuerwalder Str. 21                   | https://www.pengutronix.de/ |
31137 Hildesheim, Germany              | Phone: +49-5121-206917-128  |
Amtsgericht Hildesheim, HRA 2686       | Fax:   +49-5121-206917-9    |

Re: [PATCH 0/7] arm: crypto: sha256: fix generation of thumb2 assembly

[Ahmad Fatoum]

Hello Stefan,

On 07.11.24 10:12, Stefan Kerkmann wrote:
> Hi Sascha,
> 
> On 06.11.24 17:34, Stefan Kerkmann wrote:
>> The checked in `sha256-core.S_shipped` assembly file has a thumb2
>> specific workaround applied[1]. This fix wasn't backported to the perl
>> script `sha256-armv4.pl` used to generate the assembly, thus when the
>> script is run it would regenerate the buggy code.
>>
>> In-tree builds were not affected as the assembly file already exists in
>> the source tree. However in the context of an out-of-tree build (make
>> O=xyz) the file isn't present from the pov of make - triggering a
>> regeneration. This happens by default during Yocto builds - leading to a
>> broken sha256 sum function on ARMv7 compiled with Thumb2 support. The
>> bug expresses itself not in crashes but wrong sha256 sums.
> 
> I just (re-)tested this part without the patch applied, and I'm unable to
> reproduce it in a cleanly checked out state of my BSP. The full chain of events
> and conditions that lead to the regeneration of the file is thus not fully
> understood (yet) — but it clearly happened for me.

Try manually touching arch/arch/crypto/sha256-armv4.pl, so it's more
recent than sha256-core.S_shipped. The modification timestamps after a
git checkout order are non-deterministic and that's probably what bites you.

The kernel used to consult an environment variable to determine whether
to rebuild the shipped files exactly to avoid this.

In recent kernel versions, this has been replaced by unconditionally
running the Perl script. I don't know what's the reason behind that.

Cheers,
Ahmad

> 
> Here is the output of a CI[1] run with the assembly file (forcefully) generated
> from the script, that shoes the errors I ran into:
> 
>   test_digests_sha12:153: mismatch calculating sha224-asm(zeroes7):
>   	got: c56f57826fa8cc1cae10a3450b90162677ba55cdbaa3d2a72810853e
>   	but: fbf6df85218ac5632461a8a17c6f294e6f35264cbfc0a9774a4f665b expected
>   test_digests_sha12:153: mismatch calculating sha224-asm(one32):
>   	got: 3a81d42a638cf434f5b002ead1252be963880bd3eec627a8b3278bb4
>   	but: 343cb3950305e6e6331e294b0a4925739d09ecbd2b43a2fc87c09941 expected
>   test_digests_sha12:153: mismatch calculating sha224-asm(inc4097):
>   	got: 2e6565a91ff0e4f0d316067ad66eaa3b76d71317171adfd0ec6bbcd4
>   	but: 6596b5dcfbd857f4246d6b94508b8a1a5b715a4f644a0c1e7d54c4f7 expected
>   test_digests_sha12:164: mismatch calculating sha256-asm(zeroes7):
>   	got: 71ab8ff93158c3b8863460dac03e9049bd5d3ec1a2ec4a1ba6e434d0fd33eb5f
>   	but: 837885c8f8091aeaeb9ec3c3f85a6ff470a415e610b8ba3e49f9b33c9cf9d619 expected
>   test_digests_sha12:164: mismatch calculating sha256-asm(one32):
>   	got: bcbd77ba0128aed7df96f75788fefa5e8da2501bfd3e0fe14753d4b5c27b1564
>   	but: 01d0fabd251fcbbe2b93b4b927b26ad2a1a99077152e45ded1e678afa45dbec5 expected
>   test_digests_sha12:164: mismatch calculating sha256-asm(inc4097):
>   	got: 4dd697b3bf8f7f0630b583356d48dcc7a1c345e62fe189c1d4843a38cd7d59a9
>   	but: 1e973d029df2b2c66cb42a942c5edb45966f02abaff29fe99410e44d271d0efc expected
>   test_digests_sha12:153: mismatch calculating sha224(zeroes7):
>   	got: c56f57826fa8cc1cae10a3450b90162677ba55cdbaa3d2a72810853e
>   	but: fbf6df85218ac5632461a8a17c6f294e6f35264cbfc0a9774a4f665b expected
>   test_digests_sha12:153: mismatch calculating sha224(one32):
>   	got: 3a81d42a638cf434f5b002ead1252be963880bd3eec627a8b3278bb4
>   	but: 343cb3950305e6e6331e294b0a4925739d09ecbd2b43a2fc87c09941 expected
>   test_digests_sha12:153: mismatch calculating sha224(inc4097):
>   	got: 2e6565a91ff0e4f0d316067ad66eaa3b76d71317171adfd0ec6bbcd4
>   	but: 6596b5dcfbd857f4246d6b94508b8a1a5b715a4f644a0c1e7d54c4f7 expected
>   test_digests_sha12:164: mismatch calculating sha256(zeroes7):
>   	got: 71ab8ff93158c3b8863460dac03e9049bd5d3ec1a2ec4a1ba6e434d0fd33eb5f
>   	but: 837885c8f8091aeaeb9ec3c3f85a6ff470a415e610b8ba3e49f9b33c9cf9d619 expected
>   test_digests_sha12:164: mismatch calculating sha256(one32):
>   	got: bcbd77ba0128aed7df96f75788fefa5e8da2501bfd3e0fe14753d4b5c27b1564
>   	but: 01d0fabd251fcbbe2b93b4b927b26ad2a1a99077152e45ded1e678afa45dbec5 expected
>   test_digests_sha12:164: mismatch calculating sha256(inc4097):
>   	got: 4dd697b3bf8f7f0630b583356d48dcc7a1c345e62fe189c1d4843a38cd7d59a9
>   	but: 1e973d029df2b2c66cb42a942c5edb45966f02abaff29fe99410e44d271d0efc expected
>   ERROR: digest: failed 12 out of 45 tests
> 
> [1]: https://github.com/KarlK90/barebox/actions/runs/11704376345/job/32596699159
> 
> 
> So the patch is still valid, but this paragraph should be replaced with:
> 
> Under rare circumstances, in my case it was a Yocto build of barebox from an
> external source tree, the assembly file was regenerated. Leading to a broken
> sha256 sum function on ARMv7 compiled with Thumb2 support. The bug expressed
> itself not in crashes but wrong sha256 sums.
> 
> Should I send a v2 for the updated message?
> 
>> The mentioned problem in[1] was fixed and explained further in upstream
>> commit[2]. Thus this series updates the script and generated assembly to
>> the most recent Kernel commit[3].
>>
>> To better catch regressions in the future the existing digest tests now
>> exercise the optimized implementations for ARMv5/v6/v7/v8 and the ARMv7
>> test binaries are compiled in thumb2 mode.
>>
>> [1]: b73bc6e303 (arm: crypto: fix SHA256 shipped assembler code, 2018-10-05)
>> [2]: 69216a545cf8 (crypto: sha256/arm - fix crash bug in Thumb2 build, 2019-02-16)
>> [3]: 54781938ec34 (crypto: arm/sha256-neon - avoid ADRL pseudo instruction, 2020-09-16)
>>
>> Signed-off-by: Stefan Kerkmann <s.kerkmann@pengutronix.de>
>> ---
>> Stefan Kerkmann (7):
>>       arm: crypto: sha256: fix generation of thumb2 assembly
>>       arm: configs: multi_v5_v6_defconfig: move rpi1 armv6 targets
>>       arm: configs: multi_v5_v6_defconfig: enable arm optimized sha1/sha256 digest
>>       arm: configs: multi_v7_defconfig: compile for thumb2
>>       arm: configs: multi_v7_defconfig: enable arm optimized sha256 digest
>>       arm: configs: multi_v8_defconfig: enable arm optimized sha1/sha256 digest
>>       test: arm: rpi: run tests against multi_v5_v6_defconfig
>>
>>  .github/workflows/test-labgrid-pytest.yml          |  4 ++
>>  arch/arm/configs/multi_v5_v6_defconfig             |  6 ++-
>>  arch/arm/configs/multi_v7_defconfig                |  7 +--
>>  arch/arm/configs/multi_v8_defconfig                |  5 +-
>>  arch/arm/crypto/sha256-armv4.pl                    | 25 ++++++----
>>  arch/arm/crypto/sha256-core.S_shipped              | 55 ++++++++++++++++++----
>>  ...yaml => qemu-raspi0@multi_v5_v6_defconfig.yaml} |  0
>>  ...ml => qemu-raspi1ap@multi_v5_v6_defconfig.yaml} |  0
>>  8 files changed, 74 insertions(+), 28 deletions(-)
>> ---
>> base-commit: d9f7f6d930069df35e28fedb35719bfd12fbd6e4
>> change-id: 20241106-fix-sha256-assembly-ad3d25bf5a9f
>>
>> Best regards,
> 
> Cheers,
> Stefan
> 


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

Re: [PATCH 0/7] arm: crypto: sha256: fix generation of thumb2 assembly

[Stefan Kerkmann]

Hi Ahmad,

On 07.11.24 10:19, Ahmad Fatoum wrote:
> Hello Stefan,
> 
> On 07.11.24 10:12, Stefan Kerkmann wrote:
>> Hi Sascha,
>>
>> On 06.11.24 17:34, Stefan Kerkmann wrote:
>>> The checked in `sha256-core.S_shipped` assembly file has a thumb2
>>> specific workaround applied[1]. This fix wasn't backported to the perl
>>> script `sha256-armv4.pl` used to generate the assembly, thus when the
>>> script is run it would regenerate the buggy code.
>>>
>>> In-tree builds were not affected as the assembly file already exists in
>>> the source tree. However in the context of an out-of-tree build (make
>>> O=xyz) the file isn't present from the pov of make - triggering a
>>> regeneration. This happens by default during Yocto builds - leading to a
>>> broken sha256 sum function on ARMv7 compiled with Thumb2 support. The
>>> bug expresses itself not in crashes but wrong sha256 sums.
>>
>> I just (re-)tested this part without the patch applied, and I'm unable to
>> reproduce it in a cleanly checked out state of my BSP. The full chain of events
>> and conditions that lead to the regeneration of the file is thus not fully
>> understood (yet) — but it clearly happened for me.
> 
> Try manually touching arch/arch/crypto/sha256-armv4.pl, so it's more
> recent than sha256-core.S_shipped. The modification timestamps after a
> git checkout order are non-deterministic and that's probably what bites you.
> 

That did the trick! I updated the commit messages in the v2 series. Thanks for
the insight :-).

> The kernel used to consult an environment variable to determine whether
> to rebuild the shipped files exactly to avoid this.
> 
> In recent kernel versions, this has been replaced by unconditionally
> running the Perl script. I don't know what's the reason behind that.
> 
> Cheers,
> Ahmad
> 

Cheers,
Stefan

>>
>> Here is the output of a CI[1] run with the assembly file (forcefully) generated
>> from the script, that shoes the errors I ran into:
>>
>>   test_digests_sha12:153: mismatch calculating sha224-asm(zeroes7):
>>   	got: c56f57826fa8cc1cae10a3450b90162677ba55cdbaa3d2a72810853e
>>   	but: fbf6df85218ac5632461a8a17c6f294e6f35264cbfc0a9774a4f665b expected
>>   test_digests_sha12:153: mismatch calculating sha224-asm(one32):
>>   	got: 3a81d42a638cf434f5b002ead1252be963880bd3eec627a8b3278bb4
>>   	but: 343cb3950305e6e6331e294b0a4925739d09ecbd2b43a2fc87c09941 expected
>>   test_digests_sha12:153: mismatch calculating sha224-asm(inc4097):
>>   	got: 2e6565a91ff0e4f0d316067ad66eaa3b76d71317171adfd0ec6bbcd4
>>   	but: 6596b5dcfbd857f4246d6b94508b8a1a5b715a4f644a0c1e7d54c4f7 expected
>>   test_digests_sha12:164: mismatch calculating sha256-asm(zeroes7):
>>   	got: 71ab8ff93158c3b8863460dac03e9049bd5d3ec1a2ec4a1ba6e434d0fd33eb5f
>>   	but: 837885c8f8091aeaeb9ec3c3f85a6ff470a415e610b8ba3e49f9b33c9cf9d619 expected
>>   test_digests_sha12:164: mismatch calculating sha256-asm(one32):
>>   	got: bcbd77ba0128aed7df96f75788fefa5e8da2501bfd3e0fe14753d4b5c27b1564
>>   	but: 01d0fabd251fcbbe2b93b4b927b26ad2a1a99077152e45ded1e678afa45dbec5 expected
>>   test_digests_sha12:164: mismatch calculating sha256-asm(inc4097):
>>   	got: 4dd697b3bf8f7f0630b583356d48dcc7a1c345e62fe189c1d4843a38cd7d59a9
>>   	but: 1e973d029df2b2c66cb42a942c5edb45966f02abaff29fe99410e44d271d0efc expected
>>   test_digests_sha12:153: mismatch calculating sha224(zeroes7):
>>   	got: c56f57826fa8cc1cae10a3450b90162677ba55cdbaa3d2a72810853e
>>   	but: fbf6df85218ac5632461a8a17c6f294e6f35264cbfc0a9774a4f665b expected
>>   test_digests_sha12:153: mismatch calculating sha224(one32):
>>   	got: 3a81d42a638cf434f5b002ead1252be963880bd3eec627a8b3278bb4
>>   	but: 343cb3950305e6e6331e294b0a4925739d09ecbd2b43a2fc87c09941 expected
>>   test_digests_sha12:153: mismatch calculating sha224(inc4097):
>>   	got: 2e6565a91ff0e4f0d316067ad66eaa3b76d71317171adfd0ec6bbcd4
>>   	but: 6596b5dcfbd857f4246d6b94508b8a1a5b715a4f644a0c1e7d54c4f7 expected
>>   test_digests_sha12:164: mismatch calculating sha256(zeroes7):
>>   	got: 71ab8ff93158c3b8863460dac03e9049bd5d3ec1a2ec4a1ba6e434d0fd33eb5f
>>   	but: 837885c8f8091aeaeb9ec3c3f85a6ff470a415e610b8ba3e49f9b33c9cf9d619 expected
>>   test_digests_sha12:164: mismatch calculating sha256(one32):
>>   	got: bcbd77ba0128aed7df96f75788fefa5e8da2501bfd3e0fe14753d4b5c27b1564
>>   	but: 01d0fabd251fcbbe2b93b4b927b26ad2a1a99077152e45ded1e678afa45dbec5 expected
>>   test_digests_sha12:164: mismatch calculating sha256(inc4097):
>>   	got: 4dd697b3bf8f7f0630b583356d48dcc7a1c345e62fe189c1d4843a38cd7d59a9
>>   	but: 1e973d029df2b2c66cb42a942c5edb45966f02abaff29fe99410e44d271d0efc expected
>>   ERROR: digest: failed 12 out of 45 tests
>>
>> [1]: https://github.com/KarlK90/barebox/actions/runs/11704376345/job/32596699159
>>
>>
>> So the patch is still valid, but this paragraph should be replaced with:
>>
>> Under rare circumstances, in my case it was a Yocto build of barebox from an
>> external source tree, the assembly file was regenerated. Leading to a broken
>> sha256 sum function on ARMv7 compiled with Thumb2 support. The bug expressed
>> itself not in crashes but wrong sha256 sums.
>>
>> Should I send a v2 for the updated message?
>>
>>> The mentioned problem in[1] was fixed and explained further in upstream
>>> commit[2]. Thus this series updates the script and generated assembly to
>>> the most recent Kernel commit[3].
>>>
>>> To better catch regressions in the future the existing digest tests now
>>> exercise the optimized implementations for ARMv5/v6/v7/v8 and the ARMv7
>>> test binaries are compiled in thumb2 mode.
>>>
>>> [1]: b73bc6e303 (arm: crypto: fix SHA256 shipped assembler code, 2018-10-05)
>>> [2]: 69216a545cf8 (crypto: sha256/arm - fix crash bug in Thumb2 build, 2019-02-16)
>>> [3]: 54781938ec34 (crypto: arm/sha256-neon - avoid ADRL pseudo instruction, 2020-09-16)
>>>
>>> Signed-off-by: Stefan Kerkmann <s.kerkmann@pengutronix.de>
>>> ---
>>> Stefan Kerkmann (7):
>>>       arm: crypto: sha256: fix generation of thumb2 assembly
>>>       arm: configs: multi_v5_v6_defconfig: move rpi1 armv6 targets
>>>       arm: configs: multi_v5_v6_defconfig: enable arm optimized sha1/sha256 digest
>>>       arm: configs: multi_v7_defconfig: compile for thumb2
>>>       arm: configs: multi_v7_defconfig: enable arm optimized sha256 digest
>>>       arm: configs: multi_v8_defconfig: enable arm optimized sha1/sha256 digest
>>>       test: arm: rpi: run tests against multi_v5_v6_defconfig
>>>
>>>  .github/workflows/test-labgrid-pytest.yml          |  4 ++
>>>  arch/arm/configs/multi_v5_v6_defconfig             |  6 ++-
>>>  arch/arm/configs/multi_v7_defconfig                |  7 +--
>>>  arch/arm/configs/multi_v8_defconfig                |  5 +-
>>>  arch/arm/crypto/sha256-armv4.pl                    | 25 ++++++----
>>>  arch/arm/crypto/sha256-core.S_shipped              | 55 ++++++++++++++++++----
>>>  ...yaml => qemu-raspi0@multi_v5_v6_defconfig.yaml} |  0
>>>  ...ml => qemu-raspi1ap@multi_v5_v6_defconfig.yaml} |  0
>>>  8 files changed, 74 insertions(+), 28 deletions(-)
>>> ---
>>> base-commit: d9f7f6d930069df35e28fedb35719bfd12fbd6e4
>>> change-id: 20241106-fix-sha256-assembly-ad3d25bf5a9f
>>>
>>> Best regards,
>>
>> Cheers,
>> Stefan
>>
> 
> 

-- 
Pengutronix e.K.                       | Stefan Kerkmann             |
Steuerwalder Str. 21                   | https://www.pengutronix.de/ |
31137 Hildesheim, Germany              | Phone: +49-5121-206917-128  |
Amtsgericht Hildesheim, HRA 2686       | Fax:   +49-5121-206917-9    |