Re: [PATCH 0/3] Add support for qcrypto on shikra

From: Eric Biggers

Date: Mon May 25 2026 - 11:27:42 EST


On Mon, May 25, 2026 at 09:28:43AM -0500, Eric Biggers wrote:
> ARMv8 Crypto Extensions are "hardware" as well, just in the CPU. They
> provide constant-time execution, for example.
>
> Granted, they don't protect from power analysis and electromagnetic
> emanation attacks. Does QCE actually provide those protections, though?
>
> Either way, it doesn't really matter in this case. There are multiple
> aspects to security, and before even considering these advanced
> protections, the basics of security need to be absolutely solid. That
> is, the driver needs to always compute the crypto algorithms correctly,
> and it needs to be completely robust when fuzzed by unprivileged
> userspace (because it can accessed in that way).

Looks like these protections are not even present either. From
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp5077.pdf :

> The Qualcomm Crypto Engine Core does not support any non-invasive
> security techniques. Therefore, this section is not applicable.
[...]
> The Qualcomm Crypto Engine Core does not implement security
> mechanisms to mitigate other attacks.

- Eric