[PATCH 0/5] HWRNG: add support for HW Random Number Generators

[PATCH 0/5] HWRNG: add support for HW Random Number Generators

[Steffen Trumtrar]

Hi!

This series adds support for registering a /dev/hwrng like in a
linux system.

Tested with the i.MX25 RNG, that is also added.

Regards,
Steffen

Steffen Trumtrar (5):
  drivers: add simple hw_random implementation
  lib: random: get_random_bytes from HWRNG if present
  ARM: imx25: clk: add rngb clock
  ARM: i.MX25: dtsi: add rng node
  hw_random: add driver for Freescale RNGC

 arch/arm/dts/imx25.dtsi       |  11 ++
 arch/arm/mach-imx/clk-imx25.c |   5 +-
 drivers/Kconfig               |   1 +
 drivers/Makefile              |   1 +
 drivers/hw_random/Kconfig     |  17 +++
 drivers/hw_random/Makefile    |   2 +
 drivers/hw_random/core.c      | 110 +++++++++++++++
 drivers/hw_random/mxc-rngc.c  | 311 ++++++++++++++++++++++++++++++++++++++++++
 include/linux/hw_random.h     |  44 ++++++
 lib/random.c                  |  19 +++
 10 files changed, 519 insertions(+), 2 deletions(-)
 create mode 100644 drivers/hw_random/Kconfig
 create mode 100644 drivers/hw_random/Makefile
 create mode 100644 drivers/hw_random/core.c
 create mode 100644 drivers/hw_random/mxc-rngc.c
 create mode 100644 include/linux/hw_random.h

-- 
2.7.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 1/5] drivers: add simple hw_random implementation

[Steffen Trumtrar]

Add a simple hw_random implementation based on code from
Linux v4.5-rc5.

All the entropypool initialization stuff is left out and
the obsolete data_read/data_present calls are omitted.

Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
---
 drivers/Kconfig            |   1 +
 drivers/Makefile           |   1 +
 drivers/hw_random/Kconfig  |   6 +++
 drivers/hw_random/Makefile |   1 +
 drivers/hw_random/core.c   | 110 +++++++++++++++++++++++++++++++++++++++++++++
 include/linux/hw_random.h  |  44 ++++++++++++++++++
 6 files changed, 163 insertions(+)
 create mode 100644 drivers/hw_random/Kconfig
 create mode 100644 drivers/hw_random/Makefile
 create mode 100644 drivers/hw_random/core.c
 create mode 100644 include/linux/hw_random.h

diff --git a/drivers/Kconfig b/drivers/Kconfig
index 5984ccca2c95..ab07f22e99c0 100644
--- a/drivers/Kconfig
+++ b/drivers/Kconfig
@@ -31,5 +31,6 @@ source "drivers/pci/Kconfig"
 source "drivers/rtc/Kconfig"
 source "drivers/firmware/Kconfig"
 source "drivers/phy/Kconfig"
+source "drivers/hw_random/Kconfig"
 
 endmenu
diff --git a/drivers/Makefile b/drivers/Makefile
index 3afbb61b2d3b..ee99a8fca2a2 100644
--- a/drivers/Makefile
+++ b/drivers/Makefile
@@ -31,3 +31,4 @@ obj-y += rtc/
 obj-$(CONFIG_FIRMWARE) += firmware/
 obj-$(CONFIG_GENERIC_PHY) += phy/
 obj-$(CONFIG_HABV4) += habv4/
+obj-$(CONFIG_HWRNG) += hw_random/
diff --git a/drivers/hw_random/Kconfig b/drivers/hw_random/Kconfig
new file mode 100644
index 000000000000..807fcadd31f7
--- /dev/null
+++ b/drivers/hw_random/Kconfig
@@ -0,0 +1,6 @@
+menuconfig HWRNG
+	bool "HWRNG Support"
+	help
+	  Support for HWRNG(Hardware Random Number Generator) devices.
+
+	  If unsure, say no.
diff --git a/drivers/hw_random/Makefile b/drivers/hw_random/Makefile
new file mode 100644
index 000000000000..15307b100f29
--- /dev/null
+++ b/drivers/hw_random/Makefile
@@ -0,0 +1 @@
+obj-$(CONFIG_HWRNG)		+= core.o
diff --git a/drivers/hw_random/core.c b/drivers/hw_random/core.c
new file mode 100644
index 000000000000..69856972980e
--- /dev/null
+++ b/drivers/hw_random/core.c
@@ -0,0 +1,110 @@
+/*
+ * Copyright (c) 2016 Pengutronix, Steffen Trumtrar <kernel@pengutronix.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * derived from Linux kernel drivers/char/hw_random/core.c
+ */
+
+#include <common.h>
+#include <linux/hw_random.h>
+
+static LIST_HEAD(hwrngs);
+
+#define RNG_BUFFER_SIZE		32
+
+int hwrng_get_data(struct hwrng *rng, u8 *buffer, size_t size, int wait)
+{
+	if (rng->read)
+		return rng->read(rng, buffer, size, wait);
+
+	return 0;
+}
+
+static int hwrng_init(struct hwrng *rng)
+{
+	int ret = 0;
+
+	if (rng->init)
+		ret = rng->init(rng);
+
+	list_add_tail(&rng->list, &hwrngs);
+
+	return ret;
+}
+
+static ssize_t rng_dev_read(struct cdev *cdev, void *buf, size_t size,
+			    loff_t offset, unsigned long flags)
+{
+	struct hwrng *rng = container_of(cdev, struct hwrng, cdev);
+	ssize_t cur = 0;
+	int err = 0;
+	int len;
+	size_t count = size;
+
+	memset(buf, 0, size);
+
+	while (count) {
+		len = hwrng_get_data(rng, rng->buf, RNG_BUFFER_SIZE, true);
+		if (len < 0) {
+			err = len;
+			break;
+		}
+
+		if (len > count)
+			len = count;
+
+		memcpy(buf + cur, rng->buf, len);
+
+		count -= len;
+		cur += len;
+	}
+
+	return cur ? : err;
+}
+
+
+static struct file_operations rng_chrdev_ops = {
+	.read  = rng_dev_read,
+	.lseek = dev_lseek_default,
+};
+
+static int hwrng_register_cdev(struct hwrng *rng)
+{
+	rng->cdev.name = "hwrng";
+	rng->cdev.flags = DEVFS_IS_CHARACTER_DEV;
+	rng->cdev.ops = &rng_chrdev_ops;
+	rng->cdev.dev = rng->dev;
+
+	return devfs_create(&rng->cdev);
+}
+
+struct hwrng *hwrng_get_first(void)
+{
+	if (!list_empty(&hwrngs))
+		return list_first_entry(&hwrngs, struct hwrng, list);
+	else
+		return ERR_PTR(-ENODEV);
+}
+
+int hwrng_register(struct device_d *dev, struct hwrng *rng)
+{
+	int err;
+
+	if (rng->name == NULL || rng->read == NULL)
+		return -EINVAL;
+
+	rng->buf = xzalloc(RNG_BUFFER_SIZE);
+
+	err = hwrng_init(rng);
+	if (err)
+		return err;
+
+	rng->dev = dev;
+
+	err = hwrng_register_cdev(rng);
+
+	return err;
+}
diff --git a/include/linux/hw_random.h b/include/linux/hw_random.h
new file mode 100644
index 000000000000..ccec1d55b105
--- /dev/null
+++ b/include/linux/hw_random.h
@@ -0,0 +1,44 @@
+/*
+	Hardware Random Number Generator
+
+	Please read Documentation/hw_random.txt for details on use.
+
+	----------------------------------------------------------
+	This software may be used and distributed according to the terms
+        of the GNU General Public License, incorporated herein by reference.
+
+ */
+
+#ifndef LINUX_HWRANDOM_H_
+#define LINUX_HWRANDOM_H_
+
+#include <linux/list.h>
+
+/**
+ * struct hwrng - Hardware Random Number Generator driver
+ * @name:		Unique RNG name.
+ * @init:		Initialization callback (can be NULL).
+ * @read:		New API. drivers can fill up to max bytes of data
+ *			into the buffer. The buffer is aligned for any type.
+ * @priv:		Private data, for use by the RNG driver.
+ */
+struct hwrng {
+	const char *name;
+	int (*init)(struct hwrng *rng);
+	int (*read)(struct hwrng *rng, void *data, size_t max, bool wait);
+	unsigned long priv;
+
+	struct list_head list;
+
+	struct cdev cdev;
+	struct device_d *dev;
+	u8 *buf;
+};
+
+/** Register a new Hardware Random Number Generator driver. */
+extern int hwrng_register(struct device_d *dev, struct hwrng *rng);
+extern struct hwrng *hwrng_get_first(void);
+extern int hwrng_get_data(struct hwrng *rng, u8 *buffer, size_t size,
+			  int wait);
+
+#endif /* LINUX_HWRANDOM_H_ */
-- 
2.7.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 2/5] lib: random: get_random_bytes from HWRNG if present

[Steffen Trumtrar]

Instead of generating pseudo random numbers, get random bytes
from an optional HW generator, if enabled and registered.

Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
---
 lib/random.c | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/lib/random.c b/lib/random.c
index 210fea99466e..ff82dd1bed85 100644
--- a/lib/random.c
+++ b/lib/random.c
@@ -1,5 +1,6 @@
 #include <common.h>
 #include <stdlib.h>
+#include <linux/hw_random.h>
 
 static unsigned int random_seed;
 
@@ -22,6 +23,24 @@ void get_random_bytes(void *_buf, int len)
 {
 	char *buf = _buf;
 
+	if (IS_ENABLED(CONFIG_HWRNG)) {
+		struct hwrng *rng;
+		int bytes;
+
+		rng = hwrng_get_first();
+		if (!PTR_ERR(rng)) {
+			while (len) {
+				bytes = hwrng_get_data(rng, _buf, len, 0);
+				if (!bytes)
+					goto sw_fallback;
+				len -= bytes;
+			}
+
+			return;
+		}
+	}
+
+sw_fallback:
 	while (len--)
 		*buf++ = rand() % 256;
 }
-- 
2.7.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 3/5] ARM: imx25: clk: add rngb clock

[Steffen Trumtrar]

Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
---
 arch/arm/mach-imx/clk-imx25.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/arch/arm/mach-imx/clk-imx25.c b/arch/arm/mach-imx/clk-imx25.c
index 7d100783763c..8fe60e354af9 100644
--- a/arch/arm/mach-imx/clk-imx25.c
+++ b/arch/arm/mach-imx/clk-imx25.c
@@ -101,8 +101,8 @@ static int imx25_ccm_probe(struct device_d *dev)
 			(1 << 26) | (1 << 31),
 			base + CCM_CGCR1);
 
-	writel((1 << 0) | (1 << 1) | (1 << 2) | (1 << 10) | (1 << 13) | (1 << 14) |
-			(1 << 15) | (1 << 16) | (1 << 17) | (1 << 18),
+	writel((1 << 0) | (1 << 1) | (1 << 2) | (1 << 3) | (1 << 10) | (1 << 13) |
+			(1 << 14) | (1 << 15) | (1 << 16) | (1 << 17) | (1 << 18),
 			base + CCM_CGCR2);
 
 	clks[dummy] = clk_fixed("dummy", 0);
@@ -150,6 +150,7 @@ static int imx25_ccm_probe(struct device_d *dev)
 	clks[lcdc_ahb] = imx_clk_gate("lcdc_ahb", "ahb", base + CCM_CGCR0, 24);
 	clks[lcdc_ipg] = imx_clk_gate("lcdc_ipg", "ipg", base + CCM_CGCR1, 29);
 	clks[lcdc_ipg_per] = imx_clk_gate("lcdc_ipg_per", "per7", base + CCM_CGCR0, 7);
+	clks[rngb_ipg] = imx_clk_gate("rngb_ipg", "ipg", base + CCM_CGCR2, 3);
 
 	clkdev_add_physbase(clks[per15], MX25_UART1_BASE_ADDR, NULL);
 	clkdev_add_physbase(clks[per15], MX25_UART2_BASE_ADDR, NULL);
-- 
2.7.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 4/5] ARM: i.MX25: dtsi: add rng node

[Steffen Trumtrar]

Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
---
 arch/arm/dts/imx25.dtsi | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/arch/arm/dts/imx25.dtsi b/arch/arm/dts/imx25.dtsi
index 13fbcc4f8da6..612b6c99d226 100644
--- a/arch/arm/dts/imx25.dtsi
+++ b/arch/arm/dts/imx25.dtsi
@@ -23,6 +23,17 @@
 			compatible = "mmio-sram";
 			reg = <0x78000000 0x20000>;
 		};
+
+		aips@53f00000 {
+			rng: rng@53fb0000 {
+				compatible = "fsl,imx25-rng";
+				reg = <0x53fb0000 0x4000>;
+				clocks = <&clks 109>;
+				clock-names = "ipg";
+				interrupts = <22>;
+				interrupt-names = "rng";
+			};
+		};
 	};
 };
 
-- 
2.7.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 5/5] hw_random: add driver for Freescale RNGC

[Steffen Trumtrar]

The driver is ported from Freescales Linux git and can be
found in the

	vendor/freescale/imx_2.6.35_maintain

branch.

According to that code, the RNGC is found on Freescales i.MX3/5 SoCs.
The i.MX2x actually has an RNGB, which has no driver implementation
in Freescales kernel. However as it turns out, the driver for the RNGC
works fine on the (at least) i.MX25. So, they seem to be somewhat
compatible.

Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
---
 drivers/hw_random/Kconfig    |  11 ++
 drivers/hw_random/Makefile   |   1 +
 drivers/hw_random/mxc-rngc.c | 311 +++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 323 insertions(+)
 create mode 100644 drivers/hw_random/mxc-rngc.c

diff --git a/drivers/hw_random/Kconfig b/drivers/hw_random/Kconfig
index 807fcadd31f7..a67d2d6f32f5 100644
--- a/drivers/hw_random/Kconfig
+++ b/drivers/hw_random/Kconfig
@@ -4,3 +4,14 @@ menuconfig HWRNG
 	  Support for HWRNG(Hardware Random Number Generator) devices.
 
 	  If unsure, say no.
+
+if HWRNG
+
+config HWRNG_MXC_RNGC
+       tristate "Freescale i.MX RNGC Random Number Generator"
+       depends on ARCH_IMX25 || ARCH_IMX35 || ARCH_IMX53
+       help
+	 This driver provides kernel-side support for the Random Number
+	 Generator hardware found on some Freescale i.MX processors.
+
+endif
diff --git a/drivers/hw_random/Makefile b/drivers/hw_random/Makefile
index 15307b100f29..79c238c48d60 100644
--- a/drivers/hw_random/Makefile
+++ b/drivers/hw_random/Makefile
@@ -1 +1,2 @@
 obj-$(CONFIG_HWRNG)		+= core.o
+obj-$(CONFIG_HWRNG_MXC_RNGC) += mxc-rngc.o
diff --git a/drivers/hw_random/mxc-rngc.c b/drivers/hw_random/mxc-rngc.c
new file mode 100644
index 000000000000..63f9ff867aab
--- /dev/null
+++ b/drivers/hw_random/mxc-rngc.c
@@ -0,0 +1,311 @@
+/*
+ * RNG driver for Freescale RNGC
+ *
+ * Copyright (C) 2008-2012 Freescale Semiconductor, Inc.
+ */
+
+/*
+ * The code contained herein is licensed under the GNU General Public
+ * License. You may obtain a copy of the GNU General Public License
+ * Version 2 or later at the following locations:
+ *
+ * http://www.opensource.org/licenses/gpl-license.html
+ * http://www.gnu.org/copyleft/gpl.html
+ */
+
+/*
+ * Hardware driver for the Intel/AMD/VIA Random Number Generators (RNG)
+ * (c) Copyright 2003 Red Hat Inc <jgarzik@redhat.com>
+ *
+ * derived from
+ *
+ * Hardware driver for the AMD 768 Random Number Generator (RNG)
+ * (c) Copyright 2001 Red Hat Inc <alan@redhat.com>
+ *
+ * derived from
+ *
+ * Hardware driver for Intel i810 Random Number Generator (RNG)
+ * Copyright 2000,2001 Jeff Garzik <jgarzik@pobox.com>
+ * Copyright 2000,2001 Philipp Rumpf <prumpf@mandrakesoft.com>
+ *
+ * This file is licensed under  the terms of the GNU General Public
+ * License version 2. This program is licensed "as is" without any
+ * warranty of any kind, whether express or implied.
+ */
+
+#include <common.h>
+#include <clock.h>
+#include <driver.h>
+#include <init.h>
+#include <io.h>
+#include <linux/clk.h>
+#include <linux/hw_random.h>
+
+#define RNGC_VERSION_MAJOR3 3
+
+#define RNGC_VERSION_ID				0x0000
+#define RNGC_COMMAND				0x0004
+#define RNGC_CONTROL				0x0008
+#define RNGC_STATUS				0x000C
+#define RNGC_ERROR				0x0010
+#define RNGC_FIFO				0x0014
+#define RNGC_VERIF_CTRL				0x0020
+#define RNGC_OSC_CTRL_COUNT			0x0028
+#define RNGC_OSC_COUNT				0x002C
+#define RNGC_OSC_COUNT_STATUS			0x0030
+
+#define RNGC_VERID_ZEROS_MASK			0x0f000000
+#define RNGC_VERID_RNG_TYPE_MASK		0xf0000000
+#define RNGC_VERID_RNG_TYPE_SHIFT		28
+#define RNGC_VERID_CHIP_VERSION_MASK		0x00ff0000
+#define RNGC_VERID_CHIP_VERSION_SHIFT		16
+#define RNGC_VERID_VERSION_MAJOR_MASK		0x0000ff00
+#define RNGC_VERID_VERSION_MAJOR_SHIFT		8
+#define RNGC_VERID_VERSION_MINOR_MASK		0x000000ff
+#define RNGC_VERID_VERSION_MINOR_SHIFT		0
+
+#define RNGC_CMD_ZEROS_MASK			0xffffff8c
+#define RNGC_CMD_SW_RST				0x00000040
+#define RNGC_CMD_CLR_ERR			0x00000020
+#define RNGC_CMD_CLR_INT			0x00000010
+#define RNGC_CMD_SEED				0x00000002
+#define RNGC_CMD_SELF_TEST			0x00000001
+
+#define RNGC_CTRL_ZEROS_MASK			0xfffffc8c
+#define RNGC_CTRL_CTL_ACC			0x00000200
+#define RNGC_CTRL_VERIF_MODE			0x00000100
+#define RNGC_CTRL_MASK_ERROR			0x00000040
+
+#define RNGC_CTRL_MASK_DONE			0x00000020
+#define RNGC_CTRL_AUTO_SEED			0x00000010
+#define RNGC_CTRL_FIFO_UFLOW_MASK		0x00000003
+#define RNGC_CTRL_FIFO_UFLOW_SHIFT		0
+
+#define RNGC_CTRL_FIFO_UFLOW_ZEROS_ERROR	0
+#define RNGC_CTRL_FIFO_UFLOW_ZEROS_ERROR2	1
+#define RNGC_CTRL_FIFO_UFLOW_BUS_XFR		2
+#define RNGC_CTRL_FIFO_UFLOW_ZEROS_INTR		3
+
+#define RNGC_STATUS_ST_PF_MASK			0x00c00000
+#define RNGC_STATUS_ST_PF_SHIFT			22
+#define RNGC_STATUS_ST_PF_TRNG			0x00800000
+#define RNGC_STATUS_ST_PF_PRNG			0x00400000
+#define RNGC_STATUS_ERROR			0x00010000
+#define RNGC_STATUS_FIFO_SIZE_MASK		0x0000f000
+#define RNGC_STATUS_FIFO_SIZE_SHIFT		12
+#define RNGC_STATUS_FIFO_LEVEL_MASK		0x00000f00
+#define RNGC_STATUS_FIFO_LEVEL_SHIFT		8
+#define RNGC_STATUS_NEXT_SEED_DONE		0x00000040
+#define RNGC_STATUS_SEED_DONE			0x00000020
+#define RNGC_STATUS_ST_DONE			0x00000010
+#define RNGC_STATUS_RESEED			0x00000008
+#define RNGC_STATUS_SLEEP			0x00000004
+#define RNGC_STATUS_BUSY			0x00000002
+#define RNGC_STATUS_SEC_STATE			0x00000001
+
+#define RNGC_ERROR_STATUS_ZEROS_MASK		0xffffffc0
+#define RNGC_ERROR_STATUS_BAD_KEY		0x00000040
+#define RNGC_ERROR_STATUS_RAND_ERR		0x00000020
+#define RNGC_ERROR_STATUS_FIFO_ERR		0x00000010
+#define RNGC_ERROR_STATUS_STAT_ERR		0x00000008
+#define RNGC_ERROR_STATUS_ST_ERR		0x00000004
+#define RNGC_ERROR_STATUS_OSC_ERR		0x00000002
+#define RNGC_ERROR_STATUS_LFSR_ERR		0x00000001
+
+#define RNG_ADDR_RANGE				0x34
+
+struct mxc_rngc {
+	struct device_d		*dev;
+	struct clk		*clk;
+	void __iomem		*base;
+};
+
+static int mxc_rngc_data_present(struct hwrng *rng)
+{
+	struct mxc_rngc *rngc = (struct mxc_rngc *)rng->priv;
+	int level;
+
+	/* how many random numbers are in FIFO? [0-16] */
+	level = (readl(rngc->base + RNGC_STATUS) &
+		 RNGC_STATUS_FIFO_LEVEL_MASK) >> RNGC_STATUS_FIFO_LEVEL_SHIFT;
+
+	return level;
+}
+
+static int mxc_rngc_read(struct hwrng *rng, void *buf, size_t max, bool wait)
+{
+	struct mxc_rngc *rngc = (struct mxc_rngc *)rng->priv;
+	int count = 0;
+	u32 *data = buf;
+	int err;
+
+	while (mxc_rngc_data_present(rng) && max) {
+		/* retrieve a random number from FIFO */
+		*(data+count) = readl(rngc->base + RNGC_FIFO);
+
+		/* is there some error while reading this random number? */
+		err = readl(rngc->base + RNGC_STATUS) & RNGC_STATUS_ERROR;
+		if (err)
+			break;
+
+		count += 1;
+		max -= 4;
+	}
+
+	/* if error happened doesn't return random number */
+	return err ? 0 : count * 4;
+}
+
+static int mxc_rngc_init(struct hwrng *rng)
+{
+	struct mxc_rngc *rngc = (struct mxc_rngc *)rng->priv;
+	uint64_t start;
+	u32 cmd;
+	u32 ctrl;
+	u32 osc;
+	int err;
+
+	err = readl(rngc->base + RNGC_STATUS) & RNGC_STATUS_ERROR;
+	if (err) {
+		/* is this a bad keys error ? */
+		if (readl(rngc->base + RNGC_ERROR) &
+		    RNGC_ERROR_STATUS_BAD_KEY) {
+			dev_err(rngc->dev, "Can't start, Bad Keys.\n");
+			return -EIO;
+		}
+	}
+
+	/* mask all interrupts, will be unmasked soon */
+	ctrl = readl(rngc->base + RNGC_CONTROL);
+	writel(ctrl | RNGC_CTRL_MASK_DONE | RNGC_CTRL_MASK_ERROR,
+	       rngc->base + RNGC_CONTROL);
+
+	/* verify if oscillator is working */
+	osc = readl(rngc->base + RNGC_ERROR);
+	if (osc & RNGC_ERROR_STATUS_OSC_ERR) {
+		dev_err(rngc->dev, "RNGC Oscillator is dead!\n");
+		return -EIO;
+	}
+
+	/* do self test, repeat until get success */
+	do {
+		/* clear error */
+		cmd = readl(rngc->base + RNGC_COMMAND);
+		writel(cmd | RNGC_CMD_CLR_ERR, rngc->base + RNGC_COMMAND);
+
+		/* unmask all interrupt */
+		ctrl = readl(rngc->base + RNGC_CONTROL);
+		writel(ctrl & ~(RNGC_CTRL_MASK_DONE | RNGC_CTRL_MASK_ERROR),
+		       rngc->base + RNGC_CONTROL);
+
+		/* run self test */
+		cmd = readl(rngc->base + RNGC_COMMAND);
+		writel(cmd | RNGC_CMD_SELF_TEST, rngc->base + RNGC_COMMAND);
+
+		start = get_time_ns();
+		while (!(readl(rngc->base + RNGC_STATUS) &
+			 RNGC_STATUS_ST_DONE)) {
+			if (is_timeout(start, 100 * MSECOND)) {
+				dev_err(rng->dev, "Timedout while seeding\n");
+				return -ETIMEDOUT;
+			}
+		}
+		writel(RNGC_CMD_CLR_INT | RNGC_CMD_CLR_ERR,
+		       rngc->base + RNGC_COMMAND);
+	} while (readl(rngc->base + RNGC_ERROR) & RNGC_ERROR_STATUS_ST_ERR);
+
+	/* clear interrupt. Is it really necessary here? */
+	writel(RNGC_CMD_CLR_INT | RNGC_CMD_CLR_ERR, rngc->base + RNGC_COMMAND);
+
+	start = get_time_ns();
+	/* create seed, repeat while there is some statistical error */
+	do {
+		/* clear error */
+		cmd = readl(rngc->base + RNGC_COMMAND);
+		writel(cmd | RNGC_CMD_CLR_ERR, rngc->base + RNGC_COMMAND);
+
+		/* seed creation */
+		cmd = readl(rngc->base + RNGC_COMMAND);
+		writel(cmd | RNGC_CMD_SEED, rngc->base + RNGC_COMMAND);
+
+		while (!(readl(rngc->base + RNGC_STATUS) &
+			 RNGC_STATUS_SEED_DONE)) {
+			if (is_timeout(start, 100 * MSECOND)) {
+				dev_err(rng->dev, "Timedout while seeding\n");
+				return -ETIMEDOUT;
+			}
+		}
+		writel(RNGC_CMD_CLR_INT | RNGC_CMD_CLR_ERR,
+			     rngc->base + RNGC_COMMAND);
+	} while (readl(rngc->base + RNGC_ERROR) &
+		 RNGC_ERROR_STATUS_STAT_ERR);
+
+	err = readl(rngc->base + RNGC_ERROR) &
+		(RNGC_ERROR_STATUS_STAT_ERR |
+		 RNGC_ERROR_STATUS_RAND_ERR |
+		 RNGC_ERROR_STATUS_FIFO_ERR |
+		 RNGC_ERROR_STATUS_ST_ERR |
+		 RNGC_ERROR_STATUS_OSC_ERR |
+		 RNGC_ERROR_STATUS_LFSR_ERR);
+
+	if (err) {
+		dev_err(rngc->dev, "FSL RNGC appears inoperable.\n");
+		return -EIO;
+	}
+
+	return 0;
+}
+
+static struct hwrng mxc_rngc_ops = {
+	.read	= mxc_rngc_read,
+	.init	= mxc_rngc_init,
+};
+
+static int mxc_rngc_probe(struct device_d *dev)
+{
+	struct mxc_rngc *rngc;
+	int ret;
+
+	rngc = xzalloc(sizeof(*rngc));
+
+	rngc->base = dev_request_mem_region(dev, 0);
+	if (IS_ERR(rngc->base))
+		return PTR_ERR(rngc->base);
+
+	rngc->clk = clk_get(dev, "ipg");
+	if (IS_ERR(rngc->clk)) {
+		dev_err(dev, "Can not get rng_clk\n");
+		return PTR_ERR(rngc->clk);
+	}
+
+	ret = clk_enable(rngc->clk);
+	if (ret)
+		return ret;
+
+	mxc_rngc_ops.name = dev->name;
+	mxc_rngc_ops.priv = (unsigned long)rngc;
+
+	ret = hwrng_register(dev, &mxc_rngc_ops);
+	if (ret) {
+		dev_err(dev, "FSL RNGC registering failed (%d)\n", ret);
+		clk_disable(rngc->clk);
+
+		return ret;
+	}
+
+	dev_info(dev, "Freescale RNGC Registered.\n");
+
+	return 0;
+}
+
+static const struct of_device_id mxc_rngc_dt_ids[] = {
+	{ .compatible = "fsl,imx25-rng" },
+	{ /* sentinel */ }
+};
+
+static struct driver_d mxc_rngc_driver = {
+	.name = "mxc_rngc",
+	.probe = mxc_rngc_probe,
+	.of_compatible = mxc_rngc_dt_ids,
+};
+device_platform_driver(mxc_rngc_driver);
-- 
2.7.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: [PATCH 2/5] lib: random: get_random_bytes from HWRNG if present

[Jason Cooper]

Hi Steffen,

On Fri, Feb 26, 2016 at 01:04:44PM +0100, Steffen Trumtrar wrote:
> Instead of generating pseudo random numbers, get random bytes
> from an optional HW generator, if enabled and registered.
> 
> Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
> ---
>  lib/random.c | 19 +++++++++++++++++++
>  1 file changed, 19 insertions(+)

I have a long interest in KASLR on arm/arm64, so I'm glad to see this
series!  :-)

> diff --git a/lib/random.c b/lib/random.c
> index 210fea99466e..ff82dd1bed85 100644
> --- a/lib/random.c
> +++ b/lib/random.c
> @@ -1,5 +1,6 @@
>  #include <common.h>
>  #include <stdlib.h>
> +#include <linux/hw_random.h>
>  
>  static unsigned int random_seed;
>  
> @@ -22,6 +23,24 @@ void get_random_bytes(void *_buf, int len)
>  {
>  	char *buf = _buf;
>  
> +	if (IS_ENABLED(CONFIG_HWRNG)) {
> +		struct hwrng *rng;
> +		int bytes;
> +
> +		rng = hwrng_get_first();
> +		if (!PTR_ERR(rng)) {
> +			while (len) {
> +				bytes = hwrng_get_data(rng, _buf, len, 0);
> +				if (!bytes)
> +					goto sw_fallback;
> +				len -= bytes;
> +			}
> +
> +			return;
> +		}
> +	}
> +
> +sw_fallback:
>  	while (len--)
>  		*buf++ = rand() % 256;
>  }

However, I disagree with this approach.  One of the main problems we've
had over the years with random number generation is not being clear
about *how* the numbers were generated.  Something designed for placing
characters in a game is not suitable for creating long-term crypto keys,
stack canaries, and ASLR offsets.  See the paper on iOS bootloader and
KASLR [1].

With that in mind, I'd like to suggest that we preserve the current
functionality of get_random_bytes() as a non-strong source of entropy.
After all, all current calls to srand() feed in a time...

We can then add get_hwrng_bytes() which makes it clear where the bytes
are coming from.  Users down the line can more easily make an assessment
of whether the SoC hwrng is trusted or not for their usecase.

My goal here is to have the bootloader grab some strong random numbers
to hand off to the kernel.  The decompressor would consume a bit of it
to initialize KASLR, and the rest would be consumed seeding the kernel's
entropy pools.

A second goal is to have the OS write a seed file somewhere the
bootloader can access.  Then, on reboot, the bootloader can read it in
and hand it off to the kernel for KASLR, etc.  But that is orthogonal to
this patch series...

thx,

Jason.

[1] http://mista.nu/research/early_random-paper.pdf

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: [PATCH 1/5] drivers: add simple hw_random implementation

[Sascha Hauer]

On Fri, Feb 26, 2016 at 01:04:43PM +0100, Steffen Trumtrar wrote:
> Add a simple hw_random implementation based on code from
> Linux v4.5-rc5.
> 
> All the entropypool initialization stuff is left out and
> the obsolete data_read/data_present calls are omitted.
> 
> Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
> ---
> +#include <common.h>
> +#include <linux/hw_random.h>
> +
> +static LIST_HEAD(hwrngs);
> +
> +#define RNG_BUFFER_SIZE		32
> +
> +int hwrng_get_data(struct hwrng *rng, u8 *buffer, size_t size, int wait)
> +{
> +	if (rng->read)
> +		return rng->read(rng, buffer, size, wait);

When rng->read is NULL you already fail in the registration, no need to
check here.

> +
> +	return 0;
> +}
> +
> +static int hwrng_init(struct hwrng *rng)
> +{
> +	int ret = 0;
> +
> +	if (rng->init)
> +		ret = rng->init(rng);
> +
> +	list_add_tail(&rng->list, &hwrngs);

When rng->init fails you probably don't want to add it to the list.

> +
> +	return ret;
> +}
> +
> +static ssize_t rng_dev_read(struct cdev *cdev, void *buf, size_t size,
> +			    loff_t offset, unsigned long flags)
> +{
> +	struct hwrng *rng = container_of(cdev, struct hwrng, cdev);
> +	ssize_t cur = 0;
> +	int err = 0;
> +	int len;
> +	size_t count = size;
> +
> +	memset(buf, 0, size);
> +
> +	while (count) {

You can initialize a variable with the minimum of count and
RNG_BUFFER_SIZE here,

> +		len = hwrng_get_data(rng, rng->buf, RNG_BUFFER_SIZE, true);

Use it here instead of RNG_BUFFER_SIZE

> +		if (len < 0) {
> +			err = len;
> +			break;
> +		}
> +
> +		if (len > count)
> +			len = count;

and drop this check.

> +
> +		memcpy(buf + cur, rng->buf, len);
> +
> +		count -= len;
> +		cur += len;
> +	}
> +
> +	return cur ? : err;

When you get an error in the second loop iteration then cur is true and
you return it instead of the error. Is that what you want?

> +}
> +
> +
> +static struct file_operations rng_chrdev_ops = {
> +	.read  = rng_dev_read,
> +	.lseek = dev_lseek_default,
> +};
> +
> +static int hwrng_register_cdev(struct hwrng *rng)
> +{
> +	rng->cdev.name = "hwrng";
> +	rng->cdev.flags = DEVFS_IS_CHARACTER_DEV;
> +	rng->cdev.ops = &rng_chrdev_ops;
> +	rng->cdev.dev = rng->dev;
> +
> +	return devfs_create(&rng->cdev);
> +}
> +
> +struct hwrng *hwrng_get_first(void)
> +{
> +	if (!list_empty(&hwrngs))
> +		return list_first_entry(&hwrngs, struct hwrng, list);
> +	else
> +		return ERR_PTR(-ENODEV);

Please use positive logic, it's usually easier to read.

> +}
> +
> +int hwrng_register(struct device_d *dev, struct hwrng *rng)
> +{
> +	int err;
> +
> +	if (rng->name == NULL || rng->read == NULL)
> +		return -EINVAL;
> +
> +	rng->buf = xzalloc(RNG_BUFFER_SIZE);

Please make sure you do not loose memory in infrastructure code.

> +
> +	err = hwrng_init(rng);
> +	if (err)
> +		return err;
> +
> +	rng->dev = dev;
> +
> +	err = hwrng_register_cdev(rng);
> +
> +	return err;
> +}
> +        of the GNU General Public License, incorporated herein by reference.
> +
> + */
> +
> +#ifndef LINUX_HWRANDOM_H_
> +#define LINUX_HWRANDOM_H_
> +
> +#include <linux/list.h>
> +
> +/**
> + * struct hwrng - Hardware Random Number Generator driver
> + * @name:		Unique RNG name.
> + * @init:		Initialization callback (can be NULL).
> + * @read:		New API. drivers can fill up to max bytes of data
> + *			into the buffer. The buffer is aligned for any type.
> + * @priv:		Private data, for use by the RNG driver.
> + */
> +struct hwrng {
> +	const char *name;
> +	int (*init)(struct hwrng *rng);
> +	int (*read)(struct hwrng *rng, void *data, size_t max, bool wait);
> +	unsigned long priv;

This is unused, no?

Sascha

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: [PATCH 5/5] hw_random: add driver for Freescale RNGC

[Sascha Hauer]

On Fri, Feb 26, 2016 at 01:04:47PM +0100, Steffen Trumtrar wrote:
> The driver is ported from Freescales Linux git and can be
> found in the
> 
> 	vendor/freescale/imx_2.6.35_maintain
> 
> branch.
> 
> According to that code, the RNGC is found on Freescales i.MX3/5 SoCs.
> The i.MX2x actually has an RNGB, which has no driver implementation
> in Freescales kernel. However as it turns out, the driver for the RNGC
> works fine on the (at least) i.MX25. So, they seem to be somewhat
> compatible.
> 
> Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
> ---
>  drivers/hw_random/Kconfig    |  11 ++
>  drivers/hw_random/Makefile   |   1 +
>  drivers/hw_random/mxc-rngc.c | 311 +++++++++++++++++++++++++++++++++++++++++++
>  3 files changed, 323 insertions(+)
>  create mode 100644 drivers/hw_random/mxc-rngc.c
> 
> diff --git a/drivers/hw_random/Kconfig b/drivers/hw_random/Kconfig
> index 807fcadd31f7..a67d2d6f32f5 100644
> --- a/drivers/hw_random/Kconfig
> +++ b/drivers/hw_random/Kconfig
> @@ -4,3 +4,14 @@ menuconfig HWRNG
>  	  Support for HWRNG(Hardware Random Number Generator) devices.
>  
>  	  If unsure, say no.
> +
> +if HWRNG
> +
> +config HWRNG_MXC_RNGC
> +       tristate "Freescale i.MX RNGC Random Number Generator"
> +       depends on ARCH_IMX25 || ARCH_IMX35 || ARCH_IMX53
> +       help

Indention should be tabs.

> +	 This driver provides kernel-side support for the Random Number
> +	 Generator hardware found on some Freescale i.MX processors.
> +
> +endif
> diff --git a/drivers/hw_random/Makefile b/drivers/hw_random/Makefile
> index 15307b100f29..79c238c48d60 100644
> --- a/drivers/hw_random/Makefile
> +++ b/drivers/hw_random/Makefile
> @@ -1 +1,2 @@
>  obj-$(CONFIG_HWRNG)		+= core.o
> +obj-$(CONFIG_HWRNG_MXC_RNGC) += mxc-rngc.o
> diff --git a/drivers/hw_random/mxc-rngc.c b/drivers/hw_random/mxc-rngc.c
> new file mode 100644
> index 000000000000..63f9ff867aab
> --- /dev/null
> +++ b/drivers/hw_random/mxc-rngc.c
> @@ -0,0 +1,311 @@
> +/*
> + * RNG driver for Freescale RNGC
> + *
> + * Copyright (C) 2008-2012 Freescale Semiconductor, Inc.
> + */
> +
> +/*
> + * The code contained herein is licensed under the GNU General Public
> + * License. You may obtain a copy of the GNU General Public License
> + * Version 2 or later at the following locations:
> + *
> + * http://www.opensource.org/licenses/gpl-license.html
> + * http://www.gnu.org/copyleft/gpl.html
> + */
> +
> +/*
> + * Hardware driver for the Intel/AMD/VIA Random Number Generators (RNG)
> + * (c) Copyright 2003 Red Hat Inc <jgarzik@redhat.com>
> + *
> + * derived from
> + *
> + * Hardware driver for the AMD 768 Random Number Generator (RNG)
> + * (c) Copyright 2001 Red Hat Inc <alan@redhat.com>
> + *
> + * derived from
> + *
> + * Hardware driver for Intel i810 Random Number Generator (RNG)
> + * Copyright 2000,2001 Jeff Garzik <jgarzik@pobox.com>
> + * Copyright 2000,2001 Philipp Rumpf <prumpf@mandrakesoft.com>
> + *
> + * This file is licensed under  the terms of the GNU General Public
> + * License version 2. This program is licensed "as is" without any
> + * warranty of any kind, whether express or implied.
> + */
> +
> +#include <common.h>
> +#include <clock.h>
> +#include <driver.h>
> +#include <init.h>
> +#include <io.h>
> +#include <linux/clk.h>
> +#include <linux/hw_random.h>
> +
> +#define RNGC_VERSION_MAJOR3 3
> +
> +#define RNGC_VERSION_ID				0x0000
> +#define RNGC_COMMAND				0x0004
> +#define RNGC_CONTROL				0x0008
> +#define RNGC_STATUS				0x000C
> +#define RNGC_ERROR				0x0010
> +#define RNGC_FIFO				0x0014
> +#define RNGC_VERIF_CTRL				0x0020
> +#define RNGC_OSC_CTRL_COUNT			0x0028
> +#define RNGC_OSC_COUNT				0x002C
> +#define RNGC_OSC_COUNT_STATUS			0x0030
> +
> +#define RNGC_VERID_ZEROS_MASK			0x0f000000
> +#define RNGC_VERID_RNG_TYPE_MASK		0xf0000000
> +#define RNGC_VERID_RNG_TYPE_SHIFT		28
> +#define RNGC_VERID_CHIP_VERSION_MASK		0x00ff0000
> +#define RNGC_VERID_CHIP_VERSION_SHIFT		16
> +#define RNGC_VERID_VERSION_MAJOR_MASK		0x0000ff00
> +#define RNGC_VERID_VERSION_MAJOR_SHIFT		8
> +#define RNGC_VERID_VERSION_MINOR_MASK		0x000000ff
> +#define RNGC_VERID_VERSION_MINOR_SHIFT		0
> +
> +#define RNGC_CMD_ZEROS_MASK			0xffffff8c
> +#define RNGC_CMD_SW_RST				0x00000040
> +#define RNGC_CMD_CLR_ERR			0x00000020
> +#define RNGC_CMD_CLR_INT			0x00000010
> +#define RNGC_CMD_SEED				0x00000002
> +#define RNGC_CMD_SELF_TEST			0x00000001
> +
> +#define RNGC_CTRL_ZEROS_MASK			0xfffffc8c
> +#define RNGC_CTRL_CTL_ACC			0x00000200
> +#define RNGC_CTRL_VERIF_MODE			0x00000100
> +#define RNGC_CTRL_MASK_ERROR			0x00000040
> +
> +#define RNGC_CTRL_MASK_DONE			0x00000020
> +#define RNGC_CTRL_AUTO_SEED			0x00000010
> +#define RNGC_CTRL_FIFO_UFLOW_MASK		0x00000003
> +#define RNGC_CTRL_FIFO_UFLOW_SHIFT		0
> +
> +#define RNGC_CTRL_FIFO_UFLOW_ZEROS_ERROR	0
> +#define RNGC_CTRL_FIFO_UFLOW_ZEROS_ERROR2	1
> +#define RNGC_CTRL_FIFO_UFLOW_BUS_XFR		2
> +#define RNGC_CTRL_FIFO_UFLOW_ZEROS_INTR		3
> +
> +#define RNGC_STATUS_ST_PF_MASK			0x00c00000
> +#define RNGC_STATUS_ST_PF_SHIFT			22
> +#define RNGC_STATUS_ST_PF_TRNG			0x00800000
> +#define RNGC_STATUS_ST_PF_PRNG			0x00400000
> +#define RNGC_STATUS_ERROR			0x00010000
> +#define RNGC_STATUS_FIFO_SIZE_MASK		0x0000f000
> +#define RNGC_STATUS_FIFO_SIZE_SHIFT		12
> +#define RNGC_STATUS_FIFO_LEVEL_MASK		0x00000f00
> +#define RNGC_STATUS_FIFO_LEVEL_SHIFT		8
> +#define RNGC_STATUS_NEXT_SEED_DONE		0x00000040
> +#define RNGC_STATUS_SEED_DONE			0x00000020
> +#define RNGC_STATUS_ST_DONE			0x00000010
> +#define RNGC_STATUS_RESEED			0x00000008
> +#define RNGC_STATUS_SLEEP			0x00000004
> +#define RNGC_STATUS_BUSY			0x00000002
> +#define RNGC_STATUS_SEC_STATE			0x00000001
> +
> +#define RNGC_ERROR_STATUS_ZEROS_MASK		0xffffffc0
> +#define RNGC_ERROR_STATUS_BAD_KEY		0x00000040
> +#define RNGC_ERROR_STATUS_RAND_ERR		0x00000020
> +#define RNGC_ERROR_STATUS_FIFO_ERR		0x00000010
> +#define RNGC_ERROR_STATUS_STAT_ERR		0x00000008
> +#define RNGC_ERROR_STATUS_ST_ERR		0x00000004
> +#define RNGC_ERROR_STATUS_OSC_ERR		0x00000002
> +#define RNGC_ERROR_STATUS_LFSR_ERR		0x00000001
> +
> +#define RNG_ADDR_RANGE				0x34
> +
> +struct mxc_rngc {
> +	struct device_d		*dev;
> +	struct clk		*clk;
> +	void __iomem		*base;
> +};
> +
> +static int mxc_rngc_data_present(struct hwrng *rng)
> +{
> +	struct mxc_rngc *rngc = (struct mxc_rngc *)rng->priv;
> +	int level;
> +
> +	/* how many random numbers are in FIFO? [0-16] */
> +	level = (readl(rngc->base + RNGC_STATUS) &
> +		 RNGC_STATUS_FIFO_LEVEL_MASK) >> RNGC_STATUS_FIFO_LEVEL_SHIFT;
> +
> +	return level;

unnecessary variable.

> +}
> +
> +static int mxc_rngc_read(struct hwrng *rng, void *buf, size_t max, bool wait)
> +{
> +	struct mxc_rngc *rngc = (struct mxc_rngc *)rng->priv;
> +	int count = 0;
> +	u32 *data = buf;
> +	int err;
> +
> +	while (mxc_rngc_data_present(rng) && max) {
> +		/* retrieve a random number from FIFO */
> +		*(data+count) = readl(rngc->base + RNGC_FIFO);
> +
> +		/* is there some error while reading this random number? */
> +		err = readl(rngc->base + RNGC_STATUS) & RNGC_STATUS_ERROR;
> +		if (err)
> +			break;
> +
> +		count += 1;
> +		max -= 4;

What happens when max % 4 != 0?

> +	}
> +
> +	/* if error happened doesn't return random number */
> +	return err ? 0 : count * 4;

What does this RNGC_STATUS_ERROR mean? Does it mean that there's a real
error or does it just mean that there's just no data available at the
moment? I am asking because when this bit is set then you'll never leave
the outer loop calling this function.

> +}
> +
> +static int mxc_rngc_init(struct hwrng *rng)
> +{
> +	struct mxc_rngc *rngc = (struct mxc_rngc *)rng->priv;
> +	uint64_t start;
> +	u32 cmd;
> +	u32 ctrl;
> +	u32 osc;
> +	int err;
> +
> +	err = readl(rngc->base + RNGC_STATUS) & RNGC_STATUS_ERROR;

The return value of readl shouldn't be assigned to a signed variable.

> +	if (err) {
> +		/* is this a bad keys error ? */
> +		if (readl(rngc->base + RNGC_ERROR) &
> +		    RNGC_ERROR_STATUS_BAD_KEY) {
> +			dev_err(rngc->dev, "Can't start, Bad Keys.\n");
> +			return -EIO;
> +		}
> +	}
> +
> +	/* mask all interrupts, will be unmasked soon */
> +	ctrl = readl(rngc->base + RNGC_CONTROL);
> +	writel(ctrl | RNGC_CTRL_MASK_DONE | RNGC_CTRL_MASK_ERROR,
> +	       rngc->base + RNGC_CONTROL);
> +
> +	/* verify if oscillator is working */
> +	osc = readl(rngc->base + RNGC_ERROR);
> +	if (osc & RNGC_ERROR_STATUS_OSC_ERR) {
> +		dev_err(rngc->dev, "RNGC Oscillator is dead!\n");
> +		return -EIO;
> +	}
> +
> +	/* do self test, repeat until get success */
> +	do {
> +		/* clear error */
> +		cmd = readl(rngc->base + RNGC_COMMAND);
> +		writel(cmd | RNGC_CMD_CLR_ERR, rngc->base + RNGC_COMMAND);
> +
> +		/* unmask all interrupt */
> +		ctrl = readl(rngc->base + RNGC_CONTROL);
> +		writel(ctrl & ~(RNGC_CTRL_MASK_DONE | RNGC_CTRL_MASK_ERROR),
> +		       rngc->base + RNGC_CONTROL);
> +
> +		/* run self test */
> +		cmd = readl(rngc->base + RNGC_COMMAND);
> +		writel(cmd | RNGC_CMD_SELF_TEST, rngc->base + RNGC_COMMAND);
> +
> +		start = get_time_ns();
> +		while (!(readl(rngc->base + RNGC_STATUS) &
> +			 RNGC_STATUS_ST_DONE)) {
> +			if (is_timeout(start, 100 * MSECOND)) {
> +				dev_err(rng->dev, "Timedout while seeding\n");
> +				return -ETIMEDOUT;
> +			}
> +		}
> +		writel(RNGC_CMD_CLR_INT | RNGC_CMD_CLR_ERR,
> +		       rngc->base + RNGC_COMMAND);
> +	} while (readl(rngc->base + RNGC_ERROR) & RNGC_ERROR_STATUS_ST_ERR);
> +
> +	/* clear interrupt. Is it really necessary here? */
> +	writel(RNGC_CMD_CLR_INT | RNGC_CMD_CLR_ERR, rngc->base + RNGC_COMMAND);
> +
> +	start = get_time_ns();
> +	/* create seed, repeat while there is some statistical error */
> +	do {
> +		/* clear error */
> +		cmd = readl(rngc->base + RNGC_COMMAND);
> +		writel(cmd | RNGC_CMD_CLR_ERR, rngc->base + RNGC_COMMAND);
> +
> +		/* seed creation */
> +		cmd = readl(rngc->base + RNGC_COMMAND);
> +		writel(cmd | RNGC_CMD_SEED, rngc->base + RNGC_COMMAND);
> +
> +		while (!(readl(rngc->base + RNGC_STATUS) &
> +			 RNGC_STATUS_SEED_DONE)) {
> +			if (is_timeout(start, 100 * MSECOND)) {
> +				dev_err(rng->dev, "Timedout while seeding\n");
> +				return -ETIMEDOUT;
> +			}
> +		}
> +		writel(RNGC_CMD_CLR_INT | RNGC_CMD_CLR_ERR,
> +			     rngc->base + RNGC_COMMAND);
> +	} while (readl(rngc->base + RNGC_ERROR) &
> +		 RNGC_ERROR_STATUS_STAT_ERR);
> +
> +	err = readl(rngc->base + RNGC_ERROR) &
> +		(RNGC_ERROR_STATUS_STAT_ERR |
> +		 RNGC_ERROR_STATUS_RAND_ERR |
> +		 RNGC_ERROR_STATUS_FIFO_ERR |
> +		 RNGC_ERROR_STATUS_ST_ERR |
> +		 RNGC_ERROR_STATUS_OSC_ERR |
> +		 RNGC_ERROR_STATUS_LFSR_ERR);
> +
> +	if (err) {
> +		dev_err(rngc->dev, "FSL RNGC appears inoperable.\n");
> +		return -EIO;
> +	}
> +
> +	return 0;
> +}
> +
> +static struct hwrng mxc_rngc_ops = {
> +	.read	= mxc_rngc_read,
> +	.init	= mxc_rngc_init,
> +};

These are no ops, instead it's a hwrng object. It should be embedded in
your private data struct as it's per driver instance.

> +
> +static int mxc_rngc_probe(struct device_d *dev)
> +{
> +	struct mxc_rngc *rngc;
> +	int ret;
> +
> +	rngc = xzalloc(sizeof(*rngc));
> +
> +	rngc->base = dev_request_mem_region(dev, 0);
> +	if (IS_ERR(rngc->base))
> +		return PTR_ERR(rngc->base);
> +
> +	rngc->clk = clk_get(dev, "ipg");
> +	if (IS_ERR(rngc->clk)) {
> +		dev_err(dev, "Can not get rng_clk\n");
> +		return PTR_ERR(rngc->clk);
> +	}
> +
> +	ret = clk_enable(rngc->clk);
> +	if (ret)
> +		return ret;
> +
> +	mxc_rngc_ops.name = dev->name;
> +	mxc_rngc_ops.priv = (unsigned long)rngc;

When you embed hwrng in your private data struct you can use
container_of() to access your private data.

> +
> +	ret = hwrng_register(dev, &mxc_rngc_ops);
> +	if (ret) {
> +		dev_err(dev, "FSL RNGC registering failed (%d)\n", ret);
> +		clk_disable(rngc->clk);
> +
> +		return ret;
> +	}
> +
> +	dev_info(dev, "Freescale RNGC Registered.\n");
> +
> +	return 0;
> +}
> +
> +static const struct of_device_id mxc_rngc_dt_ids[] = {
> +	{ .compatible = "fsl,imx25-rng" },
> +	{ /* sentinel */ }
> +};
> +
> +static struct driver_d mxc_rngc_driver = {
> +	.name = "mxc_rngc",
> +	.probe = mxc_rngc_probe,
> +	.of_compatible = mxc_rngc_dt_ids,
> +};
> +device_platform_driver(mxc_rngc_driver);
> -- 
> 2.7.0
> 
> 
> _______________________________________________
> barebox mailing list
> barebox@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/barebox
> 

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: [PATCH 2/5] lib: random: get_random_bytes from HWRNG if present

[Steffen Trumtrar]

Hi!

On Fri, Feb 26, 2016 at 08:28:32PM +0000, Jason Cooper wrote:
> Hi Steffen,
> 
> On Fri, Feb 26, 2016 at 01:04:44PM +0100, Steffen Trumtrar wrote:
> > Instead of generating pseudo random numbers, get random bytes
> > from an optional HW generator, if enabled and registered.
> > 
> > Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
> > ---
> >  lib/random.c | 19 +++++++++++++++++++
> >  1 file changed, 19 insertions(+)
> 
> I have a long interest in KASLR on arm/arm64, so I'm glad to see this
> series!  :-)
> 

That is not what I had in mind when writing this ;-)

> > diff --git a/lib/random.c b/lib/random.c
> > index 210fea99466e..ff82dd1bed85 100644
> > --- a/lib/random.c
> > +++ b/lib/random.c
> > @@ -1,5 +1,6 @@
> >  #include <common.h>
> >  #include <stdlib.h>
> > +#include <linux/hw_random.h>
> >  
> >  static unsigned int random_seed;
> >  
> > @@ -22,6 +23,24 @@ void get_random_bytes(void *_buf, int len)
> >  {
> >  	char *buf = _buf;
> >  
> > +	if (IS_ENABLED(CONFIG_HWRNG)) {
> > +		struct hwrng *rng;
> > +		int bytes;
> > +
> > +		rng = hwrng_get_first();
> > +		if (!PTR_ERR(rng)) {
> > +			while (len) {
> > +				bytes = hwrng_get_data(rng, _buf, len, 0);
> > +				if (!bytes)
> > +					goto sw_fallback;
> > +				len -= bytes;
> > +			}
> > +
> > +			return;
> > +		}
> > +	}
> > +
> > +sw_fallback:
> >  	while (len--)
> >  		*buf++ = rand() % 256;
> >  }
> 
> However, I disagree with this approach.  One of the main problems we've
> had over the years with random number generation is not being clear
> about *how* the numbers were generated.  Something designed for placing
> characters in a game is not suitable for creating long-term crypto keys,
> stack canaries, and ASLR offsets.  See the paper on iOS bootloader and
> KASLR [1].
> 
> With that in mind, I'd like to suggest that we preserve the current
> functionality of get_random_bytes() as a non-strong source of entropy.
> After all, all current calls to srand() feed in a time...
> 
> We can then add get_hwrng_bytes() which makes it clear where the bytes
> are coming from.  Users down the line can more easily make an assessment
> of whether the SoC hwrng is trusted or not for their usecase.
> 

I see your point. So, is get_random_bytes() in the kernel always a
non-strong source? I was under the assumption, that the hwrng fills the
same pool that get_random_bytes() sources. The kernel however has
get_random_bytes_arch(). Shouldn't we also use this nomenclature here then?

As long as a user is not left under the assumption, that enabling HWRNG
somehow makes the randomness stronger, I think it may be a good idea to
make the code clearer via a different function call. No problem for me.

> My goal here is to have the bootloader grab some strong random numbers
> to hand off to the kernel.  The decompressor would consume a bit of it
> to initialize KASLR, and the rest would be consumed seeding the kernel's
> entropy pools.
> 
> A second goal is to have the OS write a seed file somewhere the
> bootloader can access.  Then, on reboot, the bootloader can read it in
> and hand it off to the kernel for KASLR, etc.  But that is orthogonal to
> this patch series...
> 

This is out of my comfort zone, so: send patches :-)

Thanks,
Steffen

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox