On 10/29/23 06:39, Chanho Park wrote:
Hi,
-----Original Message----- From: U-Boot u-boot-bounces@lists.denx.de On Behalf Of Heinrich Schuchardt Sent: Sunday, October 29, 2023 8:26 AM To: Rick Chen rick@andestech.com; Leo ycliang@andestech.com Cc: Sughosh Ganu sughosh.ganu@linaro.org; u-boot@lists.denx.de; Heinrich Schuchardt heinrich.schuchardt@canonical.com Subject: [RFC 1/1] rng: Provide a RNG based on the RISC-V Zkr ISA extension
The Zkr ISA extension (ratified Nov 2021) introduced the seed CSR. It provides an interface to a physical entropy source.
A RNG driver based on the seed CSR is provided. It depends on mseccfg.sseed being set in the SBI firmware.
Signed-off-by: Heinrich Schuchardt heinrich.schuchardt@canonical.com
This works fine on my qemu risv with your opensbi patch and KASLR has been tested as well. Feel free to add my reviewed/tested-by tag.
Reviewed-by: Chanho Park chanho61.park@samsung.com Tested-by: Chanho Park chanho61.park@samsung.com
Best Regards, Chanho Park
Thanks for reviewing.
I am currently looking into detecting if the seed register is readable to avoid a possible exception if the sseed flag is not set or the Zkr exception is not available.
Best regards
Heinrich
drivers/rng/Kconfig | 11 ++++ drivers/rng/Makefile | 1 + drivers/rng/riscv_zkr_rng.c | 102 ++++++++++++++++++++++++++++++++++++ 3 files changed, 114 insertions(+) create mode 100644 drivers/rng/riscv_zkr_rng.c
diff --git a/drivers/rng/Kconfig b/drivers/rng/Kconfig index 994cc35b27..f8f1d91ed2 100644 --- a/drivers/rng/Kconfig +++ b/drivers/rng/Kconfig @@ -48,6 +48,17 @@ config RNG_OPTEE accessible to normal world but reserved and used by the OP-TEE to avoid the weakness of a software PRNG.
+config RNG_RISCV_ZKR
- bool "RISC-V Zkr random number generator"
- depends on RISCV_SMODE
- help
This driver provides a Random Number Generator based on theZkr RISC-V ISA extension which provides an interface to anNIST SP 800-90B or BSI AIS-31 compliant physical entropy source.Using this driver will lead to an exception if the M-modefirmware
has not set mseccfg.sseed=1.- config RNG_STM32 bool "Enable random number generator for STM32" depends on ARCH_STM32 || ARCH_STM32MP
diff --git a/drivers/rng/Makefile b/drivers/rng/Makefile index 47b323e61e..a5d3ca4130 100644 --- a/drivers/rng/Makefile +++ b/drivers/rng/Makefile @@ -10,6 +10,7 @@ obj-$(CONFIG_RNG_MSM) += msm_rng.o obj-$(CONFIG_RNG_NPCM) += npcm_rng.o obj-$(CONFIG_RNG_OPTEE) += optee_rng.o obj-$(CONFIG_RNG_STM32) += stm32_rng.o +obj-$(CONFIG_RNG_RISCV_ZKR) += riscv_zkr_rng.o obj-$(CONFIG_RNG_ROCKCHIP) += rockchip_rng.o obj-$(CONFIG_RNG_IPROC200) += iproc_rng200.o obj-$(CONFIG_RNG_SMCCC_TRNG) += smccc_trng.o diff --git a/drivers/rng/riscv_zkr_rng.c b/drivers/rng/riscv_zkr_rng.c new file mode 100644 index 0000000000..f48ae35410 --- /dev/null +++ b/drivers/rng/riscv_zkr_rng.c @@ -0,0 +1,102 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/*
- The RISC-V Zkr extension provides CSR seed which provides access to a
- random number generator.
- */
+#define LOG_CATEGORY UCLASS_RNG
+#include <common.h> +#include <dm.h> +#include <rng.h>
+#define DRIVER_NAME "riscv_zkr"
+enum opst {
- /** @BIST: built in self test running */
- BIST = 0b00,
- /** @WAIT: sufficient amount of entropy is not yet available */
- WAIT = 0b01,
- /** @ES16: 16bits of entropy available */
- ES16 = 0b10,
- /** @DEAD: unrecoverable self-test error */
- DEAD = 0b11,
+};
+static unsigned long read_seed(void) +{
- unsigned long ret;
- __asm__ __volatile__("csrrw %0, seed, x0" : "=r" (ret) : :
"memory");
- return ret;
+}
+static int riscv_zkr_read(struct udevice *dev, void *data, size_t len) +{
- u8 *ptr = data;
- while (len) {
u32 val;val = read_seed();switch (val >> 30) {case BIST:continue;case WAIT:continue;case ES16:*ptr++ = val & 0xff;if (--len) {*ptr++ = val >> 8;--len;}break;case DEAD:return -ENODEV;}- }
- return 0;
+}
+/**
- riscv_zkr_probe() - check if the seed register is available
- If the SBI software has not set mseccfg.sseed=1 or the Zkr
- extension is not available this probe function will result
- in an exception. Currently we cannot recover from this.
- @dev: RNG device
- Return: 0 if successfully probed
- */
+static int riscv_zkr_probe(struct udevice *dev) +{
- u32 val;
- do {
val = read_seed();val >>= 30;- } while (val == BIST || val == WAIT);
- if (val == DEAD)
return -ENODEV;- return 0;
+}
+static const struct dm_rng_ops riscv_zkr_ops = {
- .read = riscv_zkr_read,
+};
+U_BOOT_DRIVER(riscv_zkr) = {
- .name = DRIVER_NAME,
- .id = UCLASS_RNG,
- .ops = &riscv_zkr_ops,
- .probe = riscv_zkr_probe,
+};
+U_BOOT_DRVINFO(cpu_riscv_zkr) = {
- .name = DRIVER_NAME,
+};
2.40.1