xref: /optee_os/core/drivers/stm32_rng.c (revision cd451498e30df76745c0024ed461df80ed89deaa) 
1f3c22059SEtienne Carriere // SPDX-License-Identifier: BSD-3-Clause
2f3c22059SEtienne Carriere /*
3f3c22059SEtienne Carriere  * Copyright (c) 2018-2019, STMicroelectronics
4f3c22059SEtienne Carriere  */
5f3c22059SEtienne Carriere 
6f3c22059SEtienne Carriere #include <assert.h>
7d7a1a7d2SEtienne Carriere #include <drivers/clk.h>
8d7a1a7d2SEtienne Carriere #include <drivers/clk_dt.h>
9f3c22059SEtienne Carriere #include <drivers/stm32_rng.h>
10f3c22059SEtienne Carriere #include <io.h>
11f3c22059SEtienne Carriere #include <kernel/delay.h>
12a2fc83d1SJerome Forissier #include <kernel/dt.h>
1365401337SJens Wiklander #include <kernel/boot.h>
14f3c22059SEtienne Carriere #include <kernel/panic.h>
1565b5ada4SMarouene Boubakri #include <kernel/thread.h>
16a2fc83d1SJerome Forissier #include <libfdt.h>
17f3c22059SEtienne Carriere #include <mm/core_memprot.h>
18097f329aSEtienne Carriere #include <rng_support.h>
19f3c22059SEtienne Carriere #include <stdbool.h>
20f3c22059SEtienne Carriere #include <stm32_util.h>
21f3c22059SEtienne Carriere #include <string.h>
22*cd451498SEtienne Carriere #include <tee/tee_cryp_utl.h>
23f3c22059SEtienne Carriere 
24f3c22059SEtienne Carriere #define DT_RNG_COMPAT		"st,stm32-rng"
25f3c22059SEtienne Carriere #define RNG_CR			0x00U
26f3c22059SEtienne Carriere #define RNG_SR			0x04U
27f3c22059SEtienne Carriere #define RNG_DR			0x08U
28f3c22059SEtienne Carriere 
29f3c22059SEtienne Carriere #define RNG_CR_RNGEN		BIT(2)
30f3c22059SEtienne Carriere #define RNG_CR_IE		BIT(3)
31f3c22059SEtienne Carriere #define RNG_CR_CED		BIT(5)
32f3c22059SEtienne Carriere 
33f3c22059SEtienne Carriere #define RNG_SR_DRDY		BIT(0)
34f3c22059SEtienne Carriere #define RNG_SR_CECS		BIT(1)
35f3c22059SEtienne Carriere #define RNG_SR_SECS		BIT(2)
36f3c22059SEtienne Carriere #define RNG_SR_CEIS		BIT(5)
37f3c22059SEtienne Carriere #define RNG_SR_SEIS		BIT(6)
38f3c22059SEtienne Carriere 
39c99311c8SEtienne Carriere #define RNG_TIMEOUT_US		U(100000)
40f3c22059SEtienne Carriere 
41f3c22059SEtienne Carriere struct stm32_rng_instance {
42f3c22059SEtienne Carriere 	struct io_pa_va base;
43d7a1a7d2SEtienne Carriere 	struct clk *clock;
44f3c22059SEtienne Carriere 	unsigned int lock;
45f3c22059SEtienne Carriere 	unsigned int refcount;
46d8682c4cSEtienne Carriere 	bool release_post_boot;
47f3c22059SEtienne Carriere };
48f3c22059SEtienne Carriere 
49f3c22059SEtienne Carriere static struct stm32_rng_instance *stm32_rng;
50f3c22059SEtienne Carriere 
51f3c22059SEtienne Carriere /*
52f3c22059SEtienne Carriere  * Extracts from the STM32 RNG specification:
53f3c22059SEtienne Carriere  *
54f3c22059SEtienne Carriere  * When a noise source (or seed) error occurs, the RNG stops generating
55f3c22059SEtienne Carriere  * random numbers and sets to “1” both SEIS and SECS bits to indicate
56f3c22059SEtienne Carriere  * that a seed error occurred. (...)
57f3c22059SEtienne Carriere 
58f3c22059SEtienne Carriere  * The following sequence shall be used to fully recover from a seed
59f3c22059SEtienne Carriere  * error after the RNG initialization:
60f3c22059SEtienne Carriere  * 1. Clear the SEIS bit by writing it to “0”.
61f3c22059SEtienne Carriere  * 2. Read out 12 words from the RNG_DR register, and discard each of
62f3c22059SEtienne Carriere  * them in order to clean the pipeline.
63f3c22059SEtienne Carriere  * 3. Confirm that SEIS is still cleared. Random number generation is
64f3c22059SEtienne Carriere  * back to normal.
65f3c22059SEtienne Carriere  */
66f3c22059SEtienne Carriere static void conceal_seed_error(vaddr_t rng_base)
67f3c22059SEtienne Carriere {
68f3c22059SEtienne Carriere 	if (io_read32(rng_base + RNG_SR) & (RNG_SR_SECS | RNG_SR_SEIS)) {
69f3c22059SEtienne Carriere 		size_t i = 0;
70f3c22059SEtienne Carriere 
71f3c22059SEtienne Carriere 		io_mask32(rng_base + RNG_SR, 0, RNG_SR_SEIS);
72f3c22059SEtienne Carriere 
73f3c22059SEtienne Carriere 		for (i = 12; i != 0; i--)
74f3c22059SEtienne Carriere 			(void)io_read32(rng_base + RNG_DR);
75f3c22059SEtienne Carriere 
76f3c22059SEtienne Carriere 		if (io_read32(rng_base + RNG_SR) & RNG_SR_SEIS)
77f3c22059SEtienne Carriere 			panic("RNG noise");
78f3c22059SEtienne Carriere 	}
79f3c22059SEtienne Carriere }
80f3c22059SEtienne Carriere 
81f3c22059SEtienne Carriere #define RNG_FIFO_BYTE_DEPTH		16u
82f3c22059SEtienne Carriere 
83c99311c8SEtienne Carriere static TEE_Result read_available(vaddr_t rng_base, uint8_t *out, size_t *size)
84f3c22059SEtienne Carriere {
85c99311c8SEtienne Carriere 	uint8_t *buf = NULL;
86c99311c8SEtienne Carriere 	size_t req_size = 0;
87c99311c8SEtienne Carriere 	size_t len = 0;
88f3c22059SEtienne Carriere 
89f3c22059SEtienne Carriere 	conceal_seed_error(rng_base);
90f3c22059SEtienne Carriere 
9123123473SEtienne Carriere 	if (!(io_read32(rng_base + RNG_SR) & RNG_SR_DRDY)) {
9223123473SEtienne Carriere 		FMSG("RNG not ready");
93c99311c8SEtienne Carriere 		return TEE_ERROR_NO_DATA;
9423123473SEtienne Carriere 	}
95f3c22059SEtienne Carriere 
9623123473SEtienne Carriere 	if (io_read32(rng_base + RNG_SR) & RNG_SR_SEIS) {
9723123473SEtienne Carriere 		FMSG("RNG noise error");
98c99311c8SEtienne Carriere 		return TEE_ERROR_NO_DATA;
9923123473SEtienne Carriere 	}
100c99311c8SEtienne Carriere 
101c99311c8SEtienne Carriere 	buf = out;
102c99311c8SEtienne Carriere 	req_size = MIN(RNG_FIFO_BYTE_DEPTH, *size);
103c99311c8SEtienne Carriere 	len = req_size;
104f3c22059SEtienne Carriere 
105f3c22059SEtienne Carriere 	/* RNG is ready: read up to 4 32bit words */
106f3c22059SEtienne Carriere 	while (len) {
107f3c22059SEtienne Carriere 		uint32_t data32 = io_read32(rng_base + RNG_DR);
108f3c22059SEtienne Carriere 		size_t sz = MIN(len, sizeof(uint32_t));
109f3c22059SEtienne Carriere 
110f3c22059SEtienne Carriere 		memcpy(buf, &data32, sz);
111f3c22059SEtienne Carriere 		buf += sz;
112f3c22059SEtienne Carriere 		len -= sz;
113f3c22059SEtienne Carriere 	}
114c99311c8SEtienne Carriere 
115f3c22059SEtienne Carriere 	*size = req_size;
116f3c22059SEtienne Carriere 
117c99311c8SEtienne Carriere 	return TEE_SUCCESS;
118f3c22059SEtienne Carriere }
119f3c22059SEtienne Carriere 
120f3c22059SEtienne Carriere static void gate_rng(bool enable, struct stm32_rng_instance *dev)
121f3c22059SEtienne Carriere {
122c2e4eb43SAnton Rybakov 	vaddr_t rng_cr = io_pa_or_va(&dev->base, 1) + RNG_CR;
123f3c22059SEtienne Carriere 	uint32_t exceptions = may_spin_lock(&dev->lock);
124f3c22059SEtienne Carriere 
125f3c22059SEtienne Carriere 	if (enable) {
126f3c22059SEtienne Carriere 		/* incr_refcnt return non zero if resource shall be enabled */
127f3c22059SEtienne Carriere 		if (incr_refcnt(&dev->refcount)) {
12823123473SEtienne Carriere 			FMSG("enable RNG");
129d7a1a7d2SEtienne Carriere 			clk_enable(dev->clock);
130f3c22059SEtienne Carriere 			io_write32(rng_cr, 0);
131f3c22059SEtienne Carriere 			io_write32(rng_cr, RNG_CR_RNGEN | RNG_CR_CED);
132f3c22059SEtienne Carriere 		}
133f3c22059SEtienne Carriere 	} else {
134f3c22059SEtienne Carriere 		/* decr_refcnt return non zero if resource shall be disabled */
135f3c22059SEtienne Carriere 		if (decr_refcnt(&dev->refcount)) {
13623123473SEtienne Carriere 			FMSG("disable RNG");
137f3c22059SEtienne Carriere 			io_write32(rng_cr, 0);
138d7a1a7d2SEtienne Carriere 			clk_disable(dev->clock);
139f3c22059SEtienne Carriere 		}
140f3c22059SEtienne Carriere 	}
141f3c22059SEtienne Carriere 
142f3c22059SEtienne Carriere 	may_spin_unlock(&dev->lock, exceptions);
143f3c22059SEtienne Carriere }
144f3c22059SEtienne Carriere 
145f3c22059SEtienne Carriere TEE_Result stm32_rng_read(uint8_t *out, size_t size)
146f3c22059SEtienne Carriere {
147c99311c8SEtienne Carriere 	TEE_Result rc = TEE_ERROR_GENERIC;
148c99311c8SEtienne Carriere 	bool burst_timeout = false;
149c99311c8SEtienne Carriere 	uint64_t timeout_ref = 0;
150f3c22059SEtienne Carriere 	uint32_t exceptions = 0;
151f3c22059SEtienne Carriere 	uint8_t *out_ptr = out;
152c99311c8SEtienne Carriere 	vaddr_t rng_base = 0;
153f3c22059SEtienne Carriere 	size_t out_size = 0;
154f3c22059SEtienne Carriere 
155f3c22059SEtienne Carriere 	if (!stm32_rng) {
156f3c22059SEtienne Carriere 		DMSG("No RNG");
157f3c22059SEtienne Carriere 		return TEE_ERROR_NOT_SUPPORTED;
158f3c22059SEtienne Carriere 	}
159f3c22059SEtienne Carriere 
160f3c22059SEtienne Carriere 	gate_rng(true, stm32_rng);
161c99311c8SEtienne Carriere 	rng_base = io_pa_or_va(&stm32_rng->base, 1);
162c99311c8SEtienne Carriere 
163c99311c8SEtienne Carriere 	/* Arm timeout */
164c99311c8SEtienne Carriere 	timeout_ref = timeout_init_us(RNG_TIMEOUT_US);
165c99311c8SEtienne Carriere 	burst_timeout = false;
166f3c22059SEtienne Carriere 
167f3c22059SEtienne Carriere 	while (out_size < size) {
168f3c22059SEtienne Carriere 		/* Read by chunks of the size the RNG FIFO depth */
169f3c22059SEtienne Carriere 		size_t sz = size - out_size;
170f3c22059SEtienne Carriere 
171f3c22059SEtienne Carriere 		exceptions = may_spin_lock(&stm32_rng->lock);
172f3c22059SEtienne Carriere 
173c99311c8SEtienne Carriere 		rc = read_available(rng_base, out_ptr, &sz);
174c99311c8SEtienne Carriere 
175c99311c8SEtienne Carriere 		/* Raise timeout only if we failed to get some samples */
176c99311c8SEtienne Carriere 		assert(!rc || rc == TEE_ERROR_NO_DATA);
177c99311c8SEtienne Carriere 		if (rc)
178c99311c8SEtienne Carriere 			burst_timeout = timeout_elapsed(timeout_ref);
179f3c22059SEtienne Carriere 
180f3c22059SEtienne Carriere 		may_spin_unlock(&stm32_rng->lock, exceptions);
181f3c22059SEtienne Carriere 
182c99311c8SEtienne Carriere 		if (burst_timeout) {
183c99311c8SEtienne Carriere 			rc = TEE_ERROR_GENERIC;
184c99311c8SEtienne Carriere 			goto out;
185f3c22059SEtienne Carriere 		}
186f3c22059SEtienne Carriere 
187c99311c8SEtienne Carriere 		if (!rc) {
188c99311c8SEtienne Carriere 			out_size += sz;
189c99311c8SEtienne Carriere 			out_ptr += sz;
190c99311c8SEtienne Carriere 			/* Re-arm timeout */
191c99311c8SEtienne Carriere 			timeout_ref = timeout_init_us(RNG_TIMEOUT_US);
192c99311c8SEtienne Carriere 			burst_timeout = false;
193c99311c8SEtienne Carriere 		}
194c99311c8SEtienne Carriere 	}
195c99311c8SEtienne Carriere 
196c99311c8SEtienne Carriere out:
197c99311c8SEtienne Carriere 	assert(!rc || rc == TEE_ERROR_GENERIC);
198f3c22059SEtienne Carriere 	gate_rng(false, stm32_rng);
199f3c22059SEtienne Carriere 
200f3c22059SEtienne Carriere 	return rc;
201f3c22059SEtienne Carriere }
202f3c22059SEtienne Carriere 
203*cd451498SEtienne Carriere #ifdef CFG_WITH_SOFTWARE_PRNG
204*cd451498SEtienne Carriere /* Override weak plat_rng_init with platform handler to seed PRNG */
205*cd451498SEtienne Carriere void plat_rng_init(void)
206*cd451498SEtienne Carriere {
207*cd451498SEtienne Carriere 	uint8_t seed[RNG_FIFO_BYTE_DEPTH] = { };
208*cd451498SEtienne Carriere 
209*cd451498SEtienne Carriere 	if (stm32_rng_read(seed, sizeof(seed)))
210*cd451498SEtienne Carriere 		panic();
211*cd451498SEtienne Carriere 
212*cd451498SEtienne Carriere 	if (crypto_rng_init(seed, sizeof(seed)))
213*cd451498SEtienne Carriere 		panic();
214*cd451498SEtienne Carriere 
215*cd451498SEtienne Carriere 	DMSG("PRNG seeded with RNG");
216*cd451498SEtienne Carriere }
217*cd451498SEtienne Carriere #else
218097f329aSEtienne Carriere TEE_Result crypto_rng_read(void *out, size_t size)
219097f329aSEtienne Carriere {
220097f329aSEtienne Carriere 	return stm32_rng_read(out, size);
221097f329aSEtienne Carriere }
222097f329aSEtienne Carriere 
223097f329aSEtienne Carriere uint8_t hw_get_random_byte(void)
224097f329aSEtienne Carriere {
225097f329aSEtienne Carriere 	uint8_t byte = 0;
226097f329aSEtienne Carriere 
227097f329aSEtienne Carriere 	if (stm32_rng_read(&byte, sizeof(byte)))
228097f329aSEtienne Carriere 		panic();
229097f329aSEtienne Carriere 
230097f329aSEtienne Carriere 	return byte;
231097f329aSEtienne Carriere }
232097f329aSEtienne Carriere #endif
233097f329aSEtienne Carriere 
234f3c22059SEtienne Carriere #ifdef CFG_EMBED_DTB
235f3c22059SEtienne Carriere static TEE_Result stm32_rng_init(void)
236f3c22059SEtienne Carriere {
237f3c22059SEtienne Carriere 	void *fdt = NULL;
238f3c22059SEtienne Carriere 	int node = -1;
239f3c22059SEtienne Carriere 	struct dt_node_info dt_info;
240d7a1a7d2SEtienne Carriere 	TEE_Result res = TEE_ERROR_GENERIC;
241f3c22059SEtienne Carriere 
242f3c22059SEtienne Carriere 	memset(&dt_info, 0, sizeof(dt_info));
243f3c22059SEtienne Carriere 
244f3c22059SEtienne Carriere 	fdt = get_embedded_dt();
245f3c22059SEtienne Carriere 	if (!fdt)
246f3c22059SEtienne Carriere 		panic();
247f3c22059SEtienne Carriere 
248f3c22059SEtienne Carriere 	while (true) {
249f3c22059SEtienne Carriere 		node = fdt_node_offset_by_compatible(fdt, node, DT_RNG_COMPAT);
250f3c22059SEtienne Carriere 		if (node < 0)
251f3c22059SEtienne Carriere 			break;
252f3c22059SEtienne Carriere 
253f3c22059SEtienne Carriere 		_fdt_fill_device_info(fdt, &dt_info, node);
254f3c22059SEtienne Carriere 
255f3c22059SEtienne Carriere 		if (!(dt_info.status & DT_STATUS_OK_SEC))
256f3c22059SEtienne Carriere 			continue;
257f3c22059SEtienne Carriere 
258f3c22059SEtienne Carriere 		if (stm32_rng)
259f3c22059SEtienne Carriere 			panic();
260f3c22059SEtienne Carriere 
261f3c22059SEtienne Carriere 		stm32_rng = calloc(1, sizeof(*stm32_rng));
262f3c22059SEtienne Carriere 		if (!stm32_rng)
263f3c22059SEtienne Carriere 			panic();
264f3c22059SEtienne Carriere 
265f3c22059SEtienne Carriere 		assert(dt_info.clock != DT_INFO_INVALID_CLOCK &&
266aabd492eSLionel Debieve 		       dt_info.reg != DT_INFO_INVALID_REG &&
267aabd492eSLionel Debieve 		       dt_info.reg_size != DT_INFO_INVALID_REG_SIZE);
268f3c22059SEtienne Carriere 
26928f25d8dSEtienne Carriere 		if (dt_info.status & DT_STATUS_OK_NSEC) {
27028f25d8dSEtienne Carriere 			stm32mp_register_non_secure_periph_iomem(dt_info.reg);
271d8682c4cSEtienne Carriere 			stm32_rng->release_post_boot = true;
27228f25d8dSEtienne Carriere 		} else {
27328f25d8dSEtienne Carriere 			stm32mp_register_secure_periph_iomem(dt_info.reg);
27428f25d8dSEtienne Carriere 		}
27528f25d8dSEtienne Carriere 
276f3c22059SEtienne Carriere 		stm32_rng->base.pa = dt_info.reg;
277d8682c4cSEtienne Carriere 		if (!io_pa_or_va_secure(&stm32_rng->base, dt_info.reg_size))
278d8682c4cSEtienne Carriere 			panic();
27968c4a16bSEtienne Carriere 
280d7a1a7d2SEtienne Carriere 		res = clk_dt_get_by_index(fdt, node, 0, &stm32_rng->clock);
281d7a1a7d2SEtienne Carriere 		if (res)
282d7a1a7d2SEtienne Carriere 			return res;
283d7a1a7d2SEtienne Carriere 
284d7a1a7d2SEtienne Carriere 		assert(stm32_rng->clock);
285f3c22059SEtienne Carriere 
286f3c22059SEtienne Carriere 		DMSG("RNG init");
287f3c22059SEtienne Carriere 	}
288f3c22059SEtienne Carriere 
289f3c22059SEtienne Carriere 	return TEE_SUCCESS;
290f3c22059SEtienne Carriere }
291f3c22059SEtienne Carriere 
292d8682c4cSEtienne Carriere early_init_late(stm32_rng_init);
293d8682c4cSEtienne Carriere 
294d8682c4cSEtienne Carriere static TEE_Result stm32_rng_release(void)
295d8682c4cSEtienne Carriere {
296d8682c4cSEtienne Carriere 	if (stm32_rng && stm32_rng->release_post_boot) {
297d8682c4cSEtienne Carriere 		DMSG("Release RNG driver");
298d8682c4cSEtienne Carriere 		assert(!stm32_rng->refcount);
299d8682c4cSEtienne Carriere 		free(stm32_rng);
300d8682c4cSEtienne Carriere 		stm32_rng = NULL;
301d8682c4cSEtienne Carriere 	}
302d8682c4cSEtienne Carriere 
303d8682c4cSEtienne Carriere 	return TEE_SUCCESS;
304d8682c4cSEtienne Carriere }
305d8682c4cSEtienne Carriere 
306d8682c4cSEtienne Carriere release_init_resource(stm32_rng_release);
307f3c22059SEtienne Carriere #endif /*CFG_EMBED_DTB*/
308