Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp694086ybz; Fri, 24 Apr 2020 07:45:07 -0700 (PDT) X-Google-Smtp-Source: APiQypLpiCIMjGmw1ZnsNbomP5N7XKqYeZXUqPypAGSQhh1quu6Z/NLRN8GWSitghe3rBYZi47EB X-Received: by 2002:a05:6402:759:: with SMTP id p25mr7888355edy.102.1587739507381; Fri, 24 Apr 2020 07:45:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1587739507; cv=none; d=google.com; s=arc-20160816; b=End6ds/YKGw07ewQk5AzrCZlf/6eKo+luWTf/kQhWtKgmlsv5mlLJzZuOpIQZu5JKy 7iJ+imcMIsiDZwLRznd4GNWr5wkz59va078cwsk/zxtocy18D9SYxoY9uT2fNLq7zJta PfmlVZXSa932tTEEZIJ7Xi1TeqICbrNO8LyyCMIRPJx36sWNaZ379Xcj/53XNS7ZSWRQ W3hkOwk5HBCZOTOXp3/sN6h1QHJA190H5Fek+V1ewQXaPNje/YkLKUub76Mo2SvLF6z8 TGr5iAe+WtX0BYh+KPVUuyC8EGNZ12vQxA29VqhX4R0QHD/OkltiV8fAlcJyCVtoXv7L L/fg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:organization:message-id:date:subject:cc:to :from; bh=Hcf4XOaWlmsfgjMlkOIAszVLpe8s/NEEGQHqoc53NkI=; b=z83Bdyogv6QnGyc7jDSJqEQFu3WMN0Sqjl2WAFmzGupgAr5TMdoBZjn/15jwluxaZA 6y7jRd8BFMPhLwMTVg9vRx68w1D+3aBF93CUmAYYXMqLb01hGiGlJS3iN41dDFtFgOU9 SLzE+M22YUSAEqQ979pvOW7Yf3krVnHXuZB2wk6kNOvNeNORn4C7iOfsgFyqF431lPf6 T6WM+WnMR5dpHqnnxljv6Ts4x6gvue1jgCdLc6QDfoYTBJ8Celxc+cdobByFaA3CCt44 yARJ6GOG3gYTU9aZn86nMfk2b7ZrEGBh7TBOWHzEq6hAjws5+te8V3AtzG2EC7JEPwuE JQQg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q7si2968428eds.494.2020.04.24.07.44.41; Fri, 24 Apr 2020 07:45:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726813AbgDXOoi convert rfc822-to-8bit (ORCPT + 99 others); Fri, 24 Apr 2020 10:44:38 -0400 Received: from mail1.atsec.com ([138.201.47.228]:8158 "EHLO mail1.atsec.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726791AbgDXOoi (ORCPT ); Fri, 24 Apr 2020 10:44:38 -0400 Received: from localhost (localhost [127.0.0.1]) by mail1.atsec.com (Postfix) with ESMTP id C42C4F6; Fri, 24 Apr 2020 16:34:43 +0200 (CEST) Received: from mail1.atsec.com ([127.0.0.1]) by localhost (mail1.atsec.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id mfuv5h487Rlz; Fri, 24 Apr 2020 16:34:41 +0200 (CEST) From: Stephan Mueller To: Corentin Labbe Cc: davem@davemloft.net, herbert@gondor.apana.org.au, mripard@kernel.org, wens@csie.org, linux-arm-kernel@lists.infradead.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, linux-sunxi@googlegroups.com Subject: Re: [PATCH v2 14/14] crypto: sun8i-ce: Add support for the TRNG Date: Fri, 24 Apr 2020 16:34:40 +0200 Message-ID: <3693153.CBanSm0cUG@tauon.chronox.de> Organization: atsec information security GmbH In-Reply-To: <1587736934-22801-15-git-send-email-clabbe@baylibre.com> References: <1587736934-22801-1-git-send-email-clabbe@baylibre.com> <1587736934-22801-15-git-send-email-clabbe@baylibre.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8BIT Content-Type: text/plain; charset="iso-8859-1" Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Am Freitag, 24. April 2020, 16:02:14 CEST schrieb Corentin Labbe: Hi Corentin, > This patch had support for the TRNG present in the CE. > Note that according to the algorithm ID, 2 version of the TRNG exists, > the first present in H3/H5/R40/A64 and the second present in H6. > This patch adds support for both, but only the second is working > reliabily accoridng to rngtest. > > Signed-off-by: Corentin Labbe > --- > drivers/crypto/allwinner/Kconfig | 8 ++ > drivers/crypto/allwinner/sun8i-ce/Makefile | 1 + > .../crypto/allwinner/sun8i-ce/sun8i-ce-core.c | 18 +++ > .../crypto/allwinner/sun8i-ce/sun8i-ce-trng.c | 123 ++++++++++++++++++ > drivers/crypto/allwinner/sun8i-ce/sun8i-ce.h | 18 +++ > 5 files changed, 168 insertions(+) > create mode 100644 drivers/crypto/allwinner/sun8i-ce/sun8i-ce-trng.c > > diff --git a/drivers/crypto/allwinner/Kconfig > b/drivers/crypto/allwinner/Kconfig index 223a5823867c..6aec31f7d2be 100644 > --- a/drivers/crypto/allwinner/Kconfig > +++ b/drivers/crypto/allwinner/Kconfig > @@ -87,6 +87,14 @@ config CRYPTO_DEV_SUN8I_CE_PRNG > Select this option if you want to provide kernel-side support for > the Pseudo-Random Number Generator found in the Crypto Engine. > > +config CRYPTO_DEV_SUN8I_CE_TRNG > + bool "Support for Allwinner Crypto Engine TRNG" > + depends on CRYPTO_DEV_SUN8I_CE > + select HW_RANDOM > + help > + Select this option if you want to provide kernel-side support for > + the True Random Number Generator found in the Crypto Engine. > + > config CRYPTO_DEV_SUN8I_SS > tristate "Support for Allwinner Security System cryptographic offloader" > select CRYPTO_SKCIPHER > diff --git a/drivers/crypto/allwinner/sun8i-ce/Makefile > b/drivers/crypto/allwinner/sun8i-ce/Makefile index > c0ea81da2c7d..0842eb2d9408 100644 > --- a/drivers/crypto/allwinner/sun8i-ce/Makefile > +++ b/drivers/crypto/allwinner/sun8i-ce/Makefile > @@ -2,3 +2,4 @@ obj-$(CONFIG_CRYPTO_DEV_SUN8I_CE) += sun8i-ce.o > sun8i-ce-y += sun8i-ce-core.o sun8i-ce-cipher.o > sun8i-ce-$(CONFIG_CRYPTO_DEV_SUN8I_CE_HASH) += sun8i-ce-hash.o > sun8i-ce-$(CONFIG_CRYPTO_DEV_SUN8I_CE_PRNG) += sun8i-ce-prng.o > +sun8i-ce-$(CONFIG_CRYPTO_DEV_SUN8I_CE_TRNG) += sun8i-ce-trng.o > diff --git a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-core.c > b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-core.c index > 23b9fc67d7ea..86d75789811f 100644 > --- a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-core.c > +++ b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-core.c > @@ -47,6 +47,7 @@ static const struct ce_variant ce_h3_variant = { > }, > .esr = ESR_H3, > .prng = CE_ALG_PRNG, > + .trng = CE_ID_NOTSUPP, > }; > > static const struct ce_variant ce_h5_variant = { > @@ -63,6 +64,7 @@ static const struct ce_variant ce_h5_variant = { > }, > .esr = ESR_H5, > .prng = CE_ALG_PRNG, > + .trng = CE_ID_NOTSUPP, > }; > > static const struct ce_variant ce_h6_variant = { > @@ -76,6 +78,7 @@ static const struct ce_variant ce_h6_variant = { > .cipher_t_dlen_in_bytes = true, > .hash_t_dlen_in_bits = true, > .prng_t_dlen_in_bytes = true, > + .trng_t_dlen_in_bytes = true, > .ce_clks = { > { "bus", 0, 200000000 }, > { "mod", 300000000, 0 }, > @@ -83,6 +86,7 @@ static const struct ce_variant ce_h6_variant = { > }, > .esr = ESR_H6, > .prng = CE_ALG_PRNG_V2, > + .trng = CE_ALG_TRNG_V2, > }; > > static const struct ce_variant ce_a64_variant = { > @@ -99,6 +103,7 @@ static const struct ce_variant ce_a64_variant = { > }, > .esr = ESR_A64, > .prng = CE_ALG_PRNG, > + .trng = CE_ID_NOTSUPP, > }; > > static const struct ce_variant ce_r40_variant = { > @@ -115,6 +120,7 @@ static const struct ce_variant ce_r40_variant = { > }, > .esr = ESR_R40, > .prng = CE_ALG_PRNG, > + .trng = CE_ID_NOTSUPP, > }; > > /* > @@ -579,6 +585,10 @@ static int sun8i_ce_dbgfs_read(struct seq_file *seq, > void *v) break; > } > } > +#ifdef CONFIG_CRYPTO_DEV_SUN8I_CE_TRNG > + seq_printf(seq, "HWRNG %lu %lu\n", > + ce->hwrng_stat_req, ce->hwrng_stat_bytes); > +#endif > return 0; > } > > @@ -928,6 +938,10 @@ static int sun8i_ce_probe(struct platform_device *pdev) > if (err < 0) > goto error_alg; > > +#ifdef CONFIG_CRYPTO_DEV_SUN8I_CE_TRNG > + sun8i_ce_hwrng_register(ce); > +#endif > + > v = readl(ce->base + CE_CTR); > v >>= CE_DIE_ID_SHIFT; > v &= CE_DIE_ID_MASK; > @@ -957,6 +971,10 @@ static int sun8i_ce_remove(struct platform_device > *pdev) { > struct sun8i_ce_dev *ce = platform_get_drvdata(pdev); > > +#ifdef CONFIG_CRYPTO_DEV_SUN8I_CE_TRNG > + sun8i_ce_hwrng_unregister(ce); > +#endif > + > sun8i_ce_unregister_algs(ce); > > #ifdef CONFIG_CRYPTO_DEV_SUN8I_CE_DEBUG > diff --git a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-trng.c > b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-trng.c new file mode 100644 > index 000000000000..5e4effe29ed3 > --- /dev/null > +++ b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-trng.c > @@ -0,0 +1,123 @@ > +// SPDX-License-Identifier: GPL-2.0 > +/* > + * sun8i-ce-trng.c - hardware cryptographic offloader for > + * Allwinner H3/A64/H5/H2+/H6/R40 SoC > + * > + * Copyright (C) 2015-2020 Corentin Labbe > + * > + * This file handle the TRNG > + * > + * You could find a link for the datasheet in > Documentation/arm/sunxi/README + */ > +#include "sun8i-ce.h" > +#include > +#include > +/* > + * Note that according to the algorithm ID, 2 versions of the TRNG exists, > + * The first present in H3/H5/R40/A64 and the second present in H6. > + * This file adds support for both, but only the second is working > + * reliabily according to rngtest. > + **/ > + > +int sun8i_ce_trng_read(struct hwrng *rng, void *data, size_t max, bool > wait) +{ > + struct sun8i_ce_dev *ce; > + dma_addr_t dma_dst; > + int err = 0; > + int flow = 3; > + unsigned int todo; > + struct sun8i_ce_flow *chan; > + struct ce_task *cet; > + u32 common; > + void *d; > + > + ce = container_of(rng, struct sun8i_ce_dev, trng); > + > + todo = max + 32; > + todo -= todo % 32; > + > + d = kzalloc(todo, GFP_KERNEL | GFP_DMA); > + if (!d) > + return -ENOMEM; > + > +#ifdef CONFIG_CRYPTO_DEV_SUN8I_CE_DEBUG > + ce->hwrng_stat_req++; > + ce->hwrng_stat_bytes += todo; > +#endif > + > + dma_dst = dma_map_single(ce->dev, d, todo, DMA_FROM_DEVICE); > + if (dma_mapping_error(ce->dev, dma_dst)) { > + dev_err(ce->dev, "Cannot DMA MAP DST\n"); > + err = -EFAULT; > + goto err_dst; > + } > + > + err = pm_runtime_get_sync(ce->dev); > + if (err < 0) > + goto err_pm; > + > + mutex_lock(&ce->rnglock); > + chan = &ce->chanlist[flow]; > + > + cet = &chan->tl[0]; > + memset(cet, 0, sizeof(struct ce_task)); > + > + cet->t_id = cpu_to_le32(flow); > + common = ce->variant->trng | CE_COMM_INT; > + cet->t_common_ctl = cpu_to_le32(common); > + > + /* recent CE (H6) need length in bytes, in word otherwise */ > + if (ce->variant->trng_t_dlen_in_bytes) > + cet->t_dlen = cpu_to_le32(todo); > + else > + cet->t_dlen = cpu_to_le32(todo / 4); > + > + cet->t_sym_ctl = 0; > + cet->t_asym_ctl = 0; > + > + cet->t_dst[0].addr = cpu_to_le32(dma_dst); > + cet->t_dst[0].len = cpu_to_le32(todo / 4); > + ce->chanlist[flow].timeout = 2000; > + > + err = sun8i_ce_run_task(ce, 3, "TRNG"); > + mutex_unlock(&ce->rnglock); > + > + pm_runtime_put(ce->dev); > + > +err_pm: > + dma_unmap_single(ce->dev, dma_dst, todo, DMA_FROM_DEVICE); > + > + if (!err) { > + memcpy(data, d, max); > + err = max; > + } > + > +err_dst: > + kfree(d); kzfree? I would assume d contains sensitive data, no? > + return err; > +} > + > +int sun8i_ce_hwrng_register(struct sun8i_ce_dev *ce) > +{ > + int ret; > + > + if (ce->variant->trng == CE_ID_NOTSUPP) { > + dev_info(ce->dev, "TRNG not supported\n"); > + return 0; > + } > + ce->trng.name = "sun8i Crypto Engine TRNG"; > + ce->trng.read = sun8i_ce_trng_read; > + ce->trng.quality = 1000; > + > + ret = hwrng_register(&ce->trng); > + if (ret) > + dev_err(ce->dev, "Fail to register the TRNG\n"); > + return ret; > +} > + > +void sun8i_ce_hwrng_unregister(struct sun8i_ce_dev *ce) > +{ > + if (ce->variant->trng == CE_ID_NOTSUPP) > + return; > + hwrng_unregister(&ce->trng); > +} > diff --git a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce.h > b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce.h index > 2ef0c3814367..746e56c254d4 100644 > --- a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce.h > +++ b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce.h > @@ -12,6 +12,7 @@ > #include > #include > #include > +#include > #include > #include > #include > @@ -55,7 +56,9 @@ > #define CE_ALG_SHA256 19 > #define CE_ALG_SHA384 20 > #define CE_ALG_SHA512 21 > +#define CE_ALG_TRNG 48 > #define CE_ALG_PRNG 49 > +#define CE_ALG_TRNG_V2 0x1c > #define CE_ALG_PRNG_V2 0x1d > > /* Used in ce_variant */ > @@ -129,9 +132,12 @@ struct ce_clock { > * bits or words > * @prng_t_dlen_in_bytes: Does the request size for PRNG is in > * bytes or words > + * @trng_t_dlen_in_bytes: Does the request size for TRNG is in > + * bytes or words > * @ce_clks: list of clocks needed by this variant > * @esr: The type of error register > * @prng: The CE_ALG_XXX value for the PRNG > + * @trng: The CE_ALG_XXX value for the TRNG > */ > struct ce_variant { > char alg_cipher[CE_ID_CIPHER_MAX]; > @@ -140,9 +146,11 @@ struct ce_variant { > bool cipher_t_dlen_in_bytes; > bool hash_t_dlen_in_bits; > bool prng_t_dlen_in_bytes; > + bool trng_t_dlen_in_bytes; > struct ce_clock ce_clks[CE_MAX_CLOCKS]; > int esr; > char prng; > + char trng; > }; > > struct sginfo { > @@ -218,6 +226,13 @@ struct sun8i_ce_dev { > struct dentry *dbgfs_dir; > struct dentry *dbgfs_stats; > #endif > +#ifdef CONFIG_CRYPTO_DEV_SUN8I_CE_TRNG > + struct hwrng trng; > +#ifdef CONFIG_CRYPTO_DEV_SUN8I_CE_DEBUG > + unsigned long hwrng_stat_req; > + unsigned long hwrng_stat_bytes; > +#endif > +#endif > }; > > /* > @@ -349,3 +364,6 @@ int sun8i_ce_prng_generate(struct crypto_rng *tfm, const > u8 *src, int sun8i_ce_prng_seed(struct crypto_rng *tfm, const u8 *seed, > unsigned int slen); void sun8i_ce_prng_exit(struct crypto_tfm *tfm); > int sun8i_ce_prng_init(struct crypto_tfm *tfm); > + > +int sun8i_ce_hwrng_register(struct sun8i_ce_dev *ce); > +void sun8i_ce_hwrng_unregister(struct sun8i_ce_dev *ce); Ciao Stephan -- atsec information security GmbH, Steinstra?e 70, 81667 M?nchen, Germany Phone: +49 89 442 49 830 - Fax: +49 89 442 49 831 Mobile DE: +49 172 216 55 78 - Mobile US: +1 737 346 1613 HRB: 129439 (Amtsgericht M?nchen) GF: Salvatore la Pietra, Staffan Persson, Manuela Gambarotto atsec it security news blog - atsec-information-security.blogspot.com