[SOLVED]How to use hardware ciphers with cryptsetup on STM32MP153C ?
I have problem with partition encryption on STM32MP153C with hardware ciphers. I use custom initramfs with installed: coreutils keyutils lvm2 e2fsprogs-mke2fs util-linux cryptsetup
cryptodev-module cryptodev-tests
I was also configure all crypto modules:
In kernel defconfig:
CONFIG_CRYPTO_DEV_STM32_CRC=m
CONFIG_CRYPTO_DEV_STM32_HASH=m
CONFIG_CRYPTO_DEV_STM32_CRYP=m
And device tree:
&hash1 {
status = "okay";
};
&cryp1 {
status = "okay";
};
&crc1 {
status = "okay";
};
All drivers are visible:
grep -B1 -A2 stm32 /proc/crypto|grep -v kernel
name : xts(aes)
driver : xts(stm32-ecb-aes)
module : xts
priority : 200
--
name : crc32c
driver : stm32-crc32
priority : 200
--
name : crc32
driver : stm32-crc32
priority : 200
--
name : ccm(aes)
driver : stm32-ccm-aes
priority : 200
--
name : gcm(aes)
driver : stm32-gcm-aes
priority : 200
--
name : cbc(des3_ede)
driver : stm32-cbc-des3
priority : 200
--
name : ecb(des3_ede)
driver : stm32-ecb-des3
priority : 200
--
name : cbc(des)
driver : stm32-cbc-des
priority : 200
--
name : ecb(des)
driver : stm32-ecb-des
priority : 200
--
name : ctr(aes)
driver : stm32-ctr-aes
priority : 200
--
name : cbc(aes)
driver : stm32-cbc-aes
priority : 200
--
name : ecb(aes)
driver : stm32-ecb-aes
priority : 200
I encrypted partition with command:
cryptsetup luksFormat /dev/mmcblk0p6 , but with default cipher
It isn't a problem to open, copy image, and mount, but it is not hardware cipher, and system is very slow.
How to use hardware accelerators?
I tried:
cryptsetup --type luks2 --cipher "ecb(aes)" --hash sha256 --iter-time 2000 --key-size 256 --pbkdf argon2id --use-urandom --verify-passphrase luksFormat /dev/mmcblk0p6
But with error:
error adding target to table
device-mapper: reload ioctl on failed: Invalid argument
Failed to setup dm-crypt key mapping for device /dev/mmcblk0p6.
Check that kernel supports ecb(aes)-cbc-plain cipher (check syslog for more info).
How to use hardware ciphers?