drivers: crypto: Add initial support for rpi_pico sha256 accelerator

[soburi]

Add basic support for RaspberryPi Pico's SHA256 hardware accelerator.

[soburi]

@ceolin @valeriosetti @ThreeEights

Could you take a look if you have a bit of a while?

[valeriosetti]

The PR looks OK to me. I cannot test it locally because I don't have a board at hand, but at least the test that was extended builds correctly. I only left one minor non-blocking question/comment.

[ThreeEights]

Sorting - good idea!

[ajf58]

nit: I'd prefer it if the sorting is one commit, and the addition is a separate commit. The end result is the same, but it's easier to to see the two orthogonal things going on.

[valeriosetti]

Thanks for addressing previous comment. However reviewing the PR again I found a couple of new ones that I missed before. Sorry

[soburi]

@ceolin @ThreeEights @ajf58

Could you take a look at it?

[ajf58]

The change looks functionally good, but I am concerned about the outright copy and paste of BSD code, then relabeling it as Apache 2.

I feel like someone else needs to comment on this.

[ajf58]

nit: I'd prefer it if the sorting is one commit, and the addition is a separate commit. The end result is the same, but it's easier to to see the two orthogonal things going on.

[ajf58]

Original code is a https://github.com/raspberrypi/pico-sdk/blob/2.1.0/src/rp2_common/pico_sha256/sha256.c , it's 3-Clause BSD (BSD-3-Clause).

I feel like this file has lifted-and-shifted too much for someone to ignore (many lines of code are the same, just formatted to meet the Zephyr Project's coding style).

I'd be happy if this file had a BSD-3-Clause on it. Zephyr must be compatible with this, we link against BSD-3-Clause all over the place. It's not easy t osee examples of that, however.

Alternatively, we could modify the version of the source code in the hal_rpi_pico. This is something I prefer to avoid, but that feels better at ensuring the software licence is upheld.

[soburi]

The codes derived from pico-sdk were separated into crypto_rpi_pico_sha256.h, and the license changed to BSD-3.

[soburi]

nit: I'd prefer it if the sorting is one commit, and the addition is a separate commit. The end result is the same, but it's easier to to see the two orthogonal things going on.

Addressed.

[soburi]

This PR contains BSD-3 derived code. (drivers/crypto/crypto_rpi_pico_sha256.h)
I added the label because I wanted to get TSC approval.

[ajf58]

This PR contains BSD-3 derived code. (drivers/crypto/crypto_rpi_pico_sha256.h) I added the label because I wanted to get TSC approval.

I think, based on the conversation at #81183 (comment) that this won't be a viable solution.

My suggestion is

1. Change (extend) https://github.com/zephyrproject-rtos/hal_rpi_pico/blob/zephyr/src/rp2_common/pico_sha256/sha256.c in a PR. This already is BSD-3-Clause, nothing would change there.
2. Update the west manifest for Zephyr to bring in the new HAL.
3. Make use of the new code from here.

I know that this may feel contradictory to an earlier stance I have of "don't change the Pico SDK unless you have to." I feel like this is one of those times.

That said, I also hope we can do this in a way that makes wiring up the DMA engine to the SHA256 accelerator easy: it's a prime example of where one wants to offload this whilst the CPUs do something more useful.

[soburi]

@ajf58

That said, I also hope we can do this in a way that makes wiring up the DMA engine to the SHA256 accelerator easy: it's a prime example of where one wants to offload this whilst the CPUs do something more useful.

DMA processing must be based on Zephyr's API, and I have determined that this part cannot be used. This is the main reason why I forked this file.

[ajf58]

@ajf58

That said, I also hope we can do this in a way that makes wiring up the DMA engine to the SHA256 accelerator easy: it's a prime example of where one wants to offload this whilst the CPUs do something more useful.

DMA processing must be based on Zephyr's API, and I have determined that this part cannot be used. This is the main reason why I forked this file.

Yes, I understand what problem you found. The approach you took was to breach the terms of the licence, which is not cool. "fork"ing a file is not a thing.

My suggestion is written out above as 3 steps. If you don't understand the steps as written, please ask specific clarifying questions.

[soburi]

@ajf58

Yes, I understand what problem you found. The approach you took was to breach the terms of the licence, which is not cool. "fork"ing a file is not a thing.

I've never heard of the BSD 3 clause license code can't forking.

[ajf58]

@ajf58

Yes, I understand what problem you found. The approach you took was to breach the terms of the licence, which is not cool. "fork"ing a file is not a thing.

I've never heard of the BSD 3 clause license code can't forking.

Your original approach was to:

1. Remove the original copyright notice. Copyright (c) 2024 Raspberry Pi (Trading) Ltd.
2. Add your own name as the Copyright holder
3. Reissue the code under the Apache 2.0 license

This, to me, is a concerning behaviour. It should not require other people to check/monitor/flag that you are breaching other licence terms, you should do this yourself.

After I flagged this you have subsequently corrected this by putting back the original copyright notice, and license. From a technical perspective I don't like how this has been achieved, but that is not the concern I am raising here.

[soburi]

@ajf58

Your original approach was to:

1. Remove the original copyright notice. [Copyright (c) 2024 Raspberry Pi (Trading) Ltd.](https://github.com/raspberrypi/pico-sdk/blob/2.1.0/src/rp2_common/pico_sha256/sha256.c#L2)

2. Add your own name as the Copyright holder

3. Reissue the code under the Apache 2.0 license

This, to me, is a concerning behaviour. It should not require other people to check/monitor/flag that you are breaching other licence terms, you should do this yourself.

After I flagged this you have subsequently corrected this by putting back the original copyright notice, and license. From a technical perspective I don't like how this has been achieved, but that is not the concern I am raising here.

This is exactly as you pointed out.
I had mentioned that I was using it, but I had not properly addressed the license.
Thank you for pointing that out.