From: Sascha Hauer <s.hauer@pengutronix.de>
To: Barebox List <barebox@lists.infradead.org>
Subject: [PATCH] crypto: caam - Always do rng selftest
Date: Mon, 5 Aug 2019 16:09:27 +0200 [thread overview]
Message-ID: <20190805140927.14941-1-s.hauer@pengutronix.de> (raw)
The caam rng selftest is known to be broken in several i.MX
incarnations. To be on the safe side just unconditionally execute
it rather than trying to guess from HAB failure events if this is
necessary.
We can only do the selftest once per boot though, doing it a second time
yields an error:
rng_self_test: Job Error:
2101000.jr0@1000.of: 20001953: CCB: desc idx 25: RNG: Instantiate
so only do the test when rng is not yet initialized as tested with the
RDSTA_IFx status bits.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
drivers/crypto/caam/Kconfig | 23 -----------------------
drivers/crypto/caam/Makefile | 2 +-
drivers/crypto/caam/ctrl.c | 2 +-
drivers/crypto/caam/rng_self_test.c | 15 +++++++++++++++
drivers/hab/habv4.c | 13 -------------
include/hab.h | 5 -----
6 files changed, 17 insertions(+), 43 deletions(-)
diff --git a/drivers/crypto/caam/Kconfig b/drivers/crypto/caam/Kconfig
index 56b90700b8..6bb8278d69 100644
--- a/drivers/crypto/caam/Kconfig
+++ b/drivers/crypto/caam/Kconfig
@@ -34,26 +34,3 @@ config CRYPTO_DEV_FSL_CAAM_RNG
help
Selecting this will register the SEC4 hardware rng.
-if CRYPTO_DEV_FSL_CAAM_RNG
-
-config CRYPTO_DEV_FSL_CAAM_RNG_SELF_TEST
- bool "Run RNG software self-test on impacted chips"
- depends on ARCH_IMX6
- depends on HABV4
- default y
- help
- Some chips with HAB >= 4.2.3 have an incorrect implementation of the
- RNG self-test in ROM code. In this case, a software self-test should
- be run to ensure correctness of the RNG. By enabling this config
- option, the software self-test is run automatically when this case
- is detected.
-
- Currently known impacted chips:
- * i.MX6DQ+ silicon revision 1.1
- * i.MX6DQ silicon revision 1.6
- * i.MX6DLS silicon revision 1.4
- * i.MX6SX silicon revision 1.4
- * i.MX6UL silicon revision 1.2
- * i.MX67SD silicon revision 1.3
-
-endif
diff --git a/drivers/crypto/caam/Makefile b/drivers/crypto/caam/Makefile
index 933b9c0592..718e25c41a 100644
--- a/drivers/crypto/caam/Makefile
+++ b/drivers/crypto/caam/Makefile
@@ -3,5 +3,5 @@
#
obj-$(CONFIG_CRYPTO_DEV_FSL_CAAM) += ctrl.o error.o jr.o
obj-$(CONFIG_CRYPTO_DEV_FSL_CAAM_RNG) += caamrng.o
-obj-$(CONFIG_CRYPTO_DEV_FSL_CAAM_RNG_SELF_TEST) += rng_self_test.o
+obj-$(CONFIG_CRYPTO_DEV_FSL_CAAM) += rng_self_test.o
obj-$(CONFIG_BLOBGEN) += caam-blobgen.o
diff --git a/drivers/crypto/caam/ctrl.c b/drivers/crypto/caam/ctrl.c
index 06b075e74a..53526f53cf 100644
--- a/drivers/crypto/caam/ctrl.c
+++ b/drivers/crypto/caam/ctrl.c
@@ -573,7 +573,7 @@ static int caam_probe(struct device_d *dev)
cha_vid_ls = rd_reg32(&ctrl->perfmon.cha_id_ls);
/* habv4_need_rng_software_self_test is determined by habv4_get_status() */
- if (caam_need_rng_software_selftest()) {
+ if (!(rd_reg32(&ctrl->r4tst[0].rdsta) & RDSTA_IFMASK)) {
u8 caam_era;
u8 rngvid;
u8 rngrev;
diff --git a/drivers/crypto/caam/rng_self_test.c b/drivers/crypto/caam/rng_self_test.c
index 7816cd152c..ed3017d828 100644
--- a/drivers/crypto/caam/rng_self_test.c
+++ b/drivers/crypto/caam/rng_self_test.c
@@ -129,6 +129,21 @@ static void rng_self_test_done(struct device_d *dev, u32 *desc, u32 err, void *a
/*
* caam_rng_self_test() - Perform RNG self test
* Returns zero on success, and negative on error.
+ *
+ * Some chips with HAB >= 4.2.3 have an incorrect implementation of the
+ * RNG self-test in ROM code. In this case, a software self-test should
+ * be run to ensure correctness of the RNG. By enabling this config
+ * option, the software self-test is run automatically when this case
+ * is detected.
+ *
+ * Currently known impacted chips:
+ * * i.MX6DQ+ silicon revision 1.1
+ * * i.MX6DQ silicon revision 1.6
+ * * i.MX6DLS silicon revision 1.4
+ * * i.MX6SX silicon revision 1.4
+ * * i.MX6UL silicon revision 1.2
+ * * i.MX67SD silicon revision 1.3
+ *
*/
int caam_rng_self_test(struct device_d *dev, const u8 caam_era, const u8 rngvid, const u8 rngrev)
{
diff --git a/drivers/hab/habv4.c b/drivers/hab/habv4.c
index 6a60be6853..a53e40ad23 100644
--- a/drivers/hab/habv4.c
+++ b/drivers/hab/habv4.c
@@ -388,18 +388,6 @@ static void habv4_display_event(uint8_t *data, uint32_t len)
habv4_display_event_record((struct hab_event_record *)data);
}
-/* Some chips with HAB >= 4.2.3 have an incorrect implementation of the RNG
- * self-test in ROM code. In this case, an HAB event is generated, and a
- * software self-test should be run. This variable is set to @c true by
- * habv4_get_status() when this occurs. */
-static bool habv4_need_rng_software_self_test;
-
-bool caam_need_rng_software_selftest(void)
-{
- return IS_ENABLED(CONFIG_CRYPTO_DEV_FSL_CAAM_RNG_SELF_TEST) &&
- habv4_need_rng_software_self_test;
-}
-
#define RNG_FAIL_EVENT_SIZE 36
static uint8_t habv4_known_rng_fail_events[][RNG_FAIL_EVENT_SIZE] = {
{ 0xdb, 0x00, 0x24, 0x42, 0x69, 0x30, 0xe1, 0x1d,
@@ -457,7 +445,6 @@ static int habv4_get_status(const struct habv4_rvt *rvt)
if (IS_ENABLED(CONFIG_CRYPTO_DEV_FSL_CAAM_RNG_SELF_TEST) &&
is_known_rng_fail_event(data, len)) {
pr_debug("RNG self-test failure detected, will run software self-test\n");
- habv4_need_rng_software_self_test = true;
} else {
pr_err("-------- HAB warning Event %d --------\n", index);
pr_err("event data:\n");
diff --git a/include/hab.h b/include/hab.h
index a74b7dafce..78c2b865ba 100644
--- a/include/hab.h
+++ b/include/hab.h
@@ -23,7 +23,6 @@
#ifdef CONFIG_HABV4
int imx28_hab_get_status(void);
int imx6_hab_get_status(void);
-bool caam_need_rng_software_selftest(void);
#else
static inline int imx28_hab_get_status(void)
{
@@ -33,10 +32,6 @@ static inline int imx6_hab_get_status(void)
{
return -EPERM;
}
-static inline bool caam_need_rng_software_selftest(void)
-{
- return false;
-}
#endif
#ifdef CONFIG_HABV3
--
2.20.1
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
next reply other threads:[~2019-08-05 14:09 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-05 14:09 Sascha Hauer [this message]
2019-08-05 14:24 ` Roland Hieber
2019-08-05 15:22 ` Rouven Czerwinski
2019-08-06 7:19 ` Sascha Hauer
2020-07-08 11:18 ` Roland Hieber
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190805140927.14941-1-s.hauer@pengutronix.de \
--to=s.hauer@pengutronix.de \
--cc=barebox@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox