1 // SPDX-License-Identifier: BSD-3-Clause 2 /* 3 * Copyright (c) 2018-2023, STMicroelectronics 4 */ 5 6 #include <assert.h> 7 #include <drivers/clk.h> 8 #include <drivers/clk_dt.h> 9 #include <drivers/rstctrl.h> 10 #include <io.h> 11 #include <kernel/boot.h> 12 #include <kernel/delay.h> 13 #include <kernel/dt.h> 14 #include <kernel/dt_driver.h> 15 #include <kernel/panic.h> 16 #include <kernel/pm.h> 17 #include <kernel/thread.h> 18 #include <libfdt.h> 19 #include <mm/core_memprot.h> 20 #include <rng_support.h> 21 #include <stdbool.h> 22 #include <stm32_util.h> 23 #include <string.h> 24 #include <tee/tee_cryp_utl.h> 25 #include <util.h> 26 27 #define RNG_CR U(0x00) 28 #define RNG_SR U(0x04) 29 #define RNG_DR U(0x08) 30 #define RNG_NSCR U(0x0C) 31 #define RNG_HTCR U(0x10) 32 #define RNG_VERR U(0x3F4) 33 34 #define RNG_CR_RNGEN BIT(2) 35 #define RNG_CR_IE BIT(3) 36 #define RNG_CR_CED BIT(5) 37 #define RNG_CR_CONFIG1 GENMASK_32(11, 8) 38 #define RNG_CR_NISTC BIT(12) 39 #define RNG_CR_POWER_OPTIM BIT(13) 40 #define RNG_CR_CONFIG2 GENMASK_32(15, 13) 41 #define RNG_CR_CLKDIV GENMASK_32(19, 16) 42 #define RNG_CR_CLKDIV_SHIFT U(16) 43 #define RNG_CR_CONFIG3 GENMASK_32(25, 20) 44 #define RNG_CR_CONDRST BIT(30) 45 #define RNG_CR_ENTROPY_SRC_MASK (RNG_CR_CONFIG1 | RNG_CR_NISTC | \ 46 RNG_CR_CONFIG2 | RNG_CR_CONFIG3) 47 48 #define RNG_SR_DRDY BIT(0) 49 #define RNG_SR_CECS BIT(1) 50 #define RNG_SR_SECS BIT(2) 51 #define RNG_SR_CEIS BIT(5) 52 #define RNG_SR_SEIS BIT(6) 53 54 #define RNG_NSCR_MASK GENMASK_32(17, 0) 55 56 #define RNG_VERR_MINOR_MASK GENMASK_32(3, 0) 57 #define RNG_VERR_MAJOR_MASK GENMASK_32(7, 4) 58 #define RNG_VERR_MAJOR_SHIFT U(4) 59 60 #if TRACE_LEVEL > TRACE_DEBUG 61 #define RNG_READY_TIMEOUT_US U(100000) 62 #else 63 #define RNG_READY_TIMEOUT_US U(10000) 64 #endif 65 #define RNG_RESET_TIMEOUT_US U(1000) 66 67 #define RNG_FIFO_BYTE_DEPTH U(16) 68 69 #define RNG_CONFIG_MASK (RNG_CR_ENTROPY_SRC_MASK | RNG_CR_CED | \ 70 RNG_CR_CLKDIV) 71 72 struct stm32_rng_driver_data { 73 unsigned long max_noise_clk_freq; 74 unsigned long nb_clock; 75 uint32_t cr; 76 uint32_t nscr; 77 uint32_t htcr; 78 bool has_power_optim; 79 bool has_cond_reset; 80 }; 81 82 struct stm32_rng_instance { 83 struct io_pa_va base; 84 struct clk *clock; 85 struct clk *bus_clock; 86 struct rstctrl *rstctrl; 87 const struct stm32_rng_driver_data *ddata; 88 unsigned int lock; 89 uint64_t error_to_ref; 90 uint32_t pm_cr; 91 uint32_t pm_health; 92 uint32_t pm_noise_ctrl; 93 uint32_t health_test_conf; 94 uint32_t noise_ctrl_conf; 95 uint32_t rng_config; 96 bool release_post_boot; 97 bool clock_error; 98 bool error_conceal; 99 }; 100 101 /* Expect at most a single RNG instance */ 102 static struct stm32_rng_instance *stm32_rng; 103 104 static vaddr_t get_base(void) 105 { 106 assert(stm32_rng); 107 108 return io_pa_or_va(&stm32_rng->base, 1); 109 } 110 111 /* 112 * Extracts from the STM32 RNG specification when RNG supports CONDRST. 113 * 114 * When a noise source (or seed) error occurs, the RNG stops generating 115 * random numbers and sets to “1” both SEIS and SECS bits to indicate 116 * that a seed error occurred. (...) 117 * 118 * 1. Software reset by writing CONDRST at 1 and at 0 (see bitfield 119 * description for details). This step is needed only if SECS is set. 120 * Indeed, when SEIS is set and SECS is cleared it means RNG performed 121 * the reset automatically (auto-reset). 122 * 2. If SECS was set in step 1 (no auto-reset) wait for CONDRST 123 * to be cleared in the RNG_CR register, then confirm that SEIS is 124 * cleared in the RNG_SR register. Otherwise just clear SEIS bit in 125 * the RNG_SR register. 126 * 3. If SECS was set in step 1 (no auto-reset) wait for SECS to be 127 * cleared by RNG. The random number generation is now back to normal. 128 */ 129 static void conceal_seed_error_cond_reset(void) 130 { 131 struct stm32_rng_instance *dev = stm32_rng; 132 vaddr_t rng_base = get_base(); 133 134 if (!dev->error_conceal) { 135 uint32_t sr = io_read32(rng_base + RNG_SR); 136 137 if (sr & RNG_SR_SECS) { 138 /* Conceal by resetting the subsystem (step 1.) */ 139 io_setbits32(rng_base + RNG_CR, RNG_CR_CONDRST); 140 io_clrbits32(rng_base + RNG_CR, RNG_CR_CONDRST); 141 142 /* Arm timeout for error_conceal sequence */ 143 dev->error_to_ref = 144 timeout_init_us(RNG_READY_TIMEOUT_US); 145 dev->error_conceal = true; 146 } else { 147 /* RNG auto-reset (step 2.) */ 148 io_clrbits32(rng_base + RNG_SR, RNG_SR_SEIS); 149 } 150 } else { 151 /* Measure time before possible reschedule */ 152 bool timed_out = timeout_elapsed(dev->error_to_ref); 153 154 /* Wait CONDRST is cleared (step 2.) */ 155 if (io_read32(rng_base + RNG_CR) & RNG_CR_CONDRST) { 156 if (timed_out) 157 panic(); 158 159 /* Wait subsystem reset cycle completes */ 160 return; 161 } 162 163 /* Check SEIS is cleared (step 2.) */ 164 if (io_read32(rng_base + RNG_SR) & RNG_SR_SEIS) 165 panic(); 166 167 /* Wait SECS is cleared (step 3.) */ 168 if (io_read32(rng_base + RNG_SR) & RNG_SR_SECS) { 169 if (timed_out) 170 panic(); 171 172 /* Wait subsystem reset cycle completes */ 173 return; 174 } 175 176 dev->error_conceal = false; 177 } 178 } 179 180 /* 181 * Extracts from the STM32 RNG specification, when CONDRST is not supported 182 * 183 * When a noise source (or seed) error occurs, the RNG stops generating 184 * random numbers and sets to “1” both SEIS and SECS bits to indicate 185 * that a seed error occurred. (...) 186 * 187 * The following sequence shall be used to fully recover from a seed 188 * error after the RNG initialization: 189 * 1. Clear the SEIS bit by writing it to “0”. 190 * 2. Read out 12 words from the RNG_DR register, and discard each of 191 * them in order to clean the pipeline. 192 * 3. Confirm that SEIS is still cleared. Random number generation is 193 * back to normal. 194 */ 195 static void conceal_seed_error_sw_reset(void) 196 { 197 vaddr_t rng_base = get_base(); 198 size_t i = 0; 199 200 io_clrbits32(rng_base + RNG_SR, RNG_SR_SEIS); 201 202 for (i = 12; i != 0; i--) 203 (void)io_read32(rng_base + RNG_DR); 204 205 if (io_read32(rng_base + RNG_SR) & RNG_SR_SEIS) 206 panic("RNG noise"); 207 } 208 209 static void conceal_seed_error(void) 210 { 211 if (stm32_rng->ddata->has_cond_reset) 212 conceal_seed_error_cond_reset(); 213 else 214 conceal_seed_error_sw_reset(); 215 } 216 217 static TEE_Result read_available(vaddr_t rng_base, uint8_t *out, size_t *size) 218 { 219 struct stm32_rng_instance *dev = stm32_rng; 220 uint8_t *buf = NULL; 221 size_t req_size = 0; 222 size_t len = 0; 223 224 if (dev->error_conceal || io_read32(rng_base + RNG_SR) & RNG_SR_SEIS) 225 conceal_seed_error(); 226 227 if (!(io_read32(rng_base + RNG_SR) & RNG_SR_DRDY)) { 228 FMSG("RNG not ready"); 229 return TEE_ERROR_NO_DATA; 230 } 231 232 if (io_read32(rng_base + RNG_SR) & RNG_SR_SEIS) { 233 FMSG("RNG noise error"); 234 return TEE_ERROR_NO_DATA; 235 } 236 237 buf = out; 238 req_size = MIN(RNG_FIFO_BYTE_DEPTH, *size); 239 len = req_size; 240 241 /* RNG is ready: read up to 4 32bit words */ 242 while (len) { 243 uint32_t data32 = 0; 244 size_t sz = MIN(len, sizeof(uint32_t)); 245 246 if (!(io_read32(rng_base + RNG_SR) & RNG_SR_DRDY)) 247 break; 248 data32 = io_read32(rng_base + RNG_DR); 249 250 /* Late seed error case: DR being 0 is an error status */ 251 if (!data32) { 252 conceal_seed_error(); 253 return TEE_ERROR_NO_DATA; 254 } 255 256 memcpy(buf, &data32, sz); 257 buf += sz; 258 len -= sz; 259 } 260 261 *size = req_size - len; 262 263 return TEE_SUCCESS; 264 } 265 266 static uint32_t stm32_rng_clock_freq_restrain(void) 267 { 268 struct stm32_rng_instance *dev = stm32_rng; 269 unsigned long clock_rate = 0; 270 uint32_t clock_div = 0; 271 272 clock_rate = clk_get_rate(dev->clock); 273 274 /* 275 * Get the exponent to apply on the CLKDIV field in RNG_CR register 276 * No need to handle the case when clock-div > 0xF as it is physically 277 * impossible 278 */ 279 while ((clock_rate >> clock_div) > dev->ddata->max_noise_clk_freq) 280 clock_div++; 281 282 DMSG("RNG clk rate : %lu", clk_get_rate(dev->clock) >> clock_div); 283 284 return clock_div; 285 } 286 287 static TEE_Result init_rng(void) 288 { 289 vaddr_t rng_base = get_base(); 290 uint32_t cr_ced_mask = 0; 291 uint32_t value = 0; 292 293 if (!stm32_rng->clock_error) 294 cr_ced_mask = RNG_CR_CED; 295 296 /* Clean error indications */ 297 io_write32(rng_base + RNG_SR, 0); 298 299 if (stm32_rng->ddata->has_cond_reset) { 300 uint32_t clock_div = stm32_rng_clock_freq_restrain(); 301 302 /* 303 * Keep default RNG configuration if none was specified. 304 * 0 is an invalid value as it disables all entropy sources. 305 */ 306 if (!stm32_rng->rng_config) 307 stm32_rng->rng_config = io_read32(rng_base + RNG_CR) & 308 RNG_CR_ENTROPY_SRC_MASK; 309 310 /* 311 * Configuration must be set in the same access that sets 312 * RNG_CR_CONDRST bit. Otherwise, the configuration setting is 313 * not taken into account. CONFIGLOCK bit is always cleared at 314 * this stage. 315 */ 316 io_clrsetbits32(rng_base + RNG_CR, RNG_CONFIG_MASK, 317 stm32_rng->rng_config | RNG_CR_CONDRST | 318 cr_ced_mask | 319 SHIFT_U32(clock_div, RNG_CR_CLKDIV_SHIFT)); 320 321 /* 322 * Write health test and noise source control configuration 323 * according to current RNG entropy source configuration 324 */ 325 if (stm32_rng->noise_ctrl_conf) 326 io_write32(rng_base + RNG_NSCR, 327 stm32_rng->noise_ctrl_conf); 328 329 if (stm32_rng->health_test_conf) 330 io_write32(rng_base + RNG_HTCR, 331 stm32_rng->health_test_conf); 332 333 io_clrsetbits32(rng_base + RNG_CR, RNG_CR_CONDRST, 334 RNG_CR_RNGEN); 335 336 if (IO_READ32_POLL_TIMEOUT(rng_base + RNG_CR, value, 337 !(value & RNG_CR_CONDRST), 0, 338 RNG_READY_TIMEOUT_US)) 339 panic(); 340 341 DMSG("RNG control register %#"PRIx32, 342 io_read32(rng_base + RNG_CR)); 343 DMSG("RNG noise source control register %#"PRIx32, 344 io_read32(rng_base + RNG_NSCR)); 345 DMSG("RNG health test register %#"PRIx32, 346 io_read32(rng_base + RNG_HTCR)); 347 } else { 348 io_setbits32(rng_base + RNG_CR, RNG_CR_RNGEN | cr_ced_mask); 349 } 350 351 if (IO_READ32_POLL_TIMEOUT(rng_base + RNG_SR, value, 352 value & RNG_SR_DRDY, 0, 353 RNG_READY_TIMEOUT_US)) 354 return TEE_ERROR_GENERIC; 355 356 return TEE_SUCCESS; 357 } 358 359 static TEE_Result stm32_rng_read(uint8_t *out, size_t size) 360 { 361 TEE_Result rc = TEE_ERROR_GENERIC; 362 bool burst_timeout = false; 363 uint64_t timeout_ref = 0; 364 uint32_t exceptions = 0; 365 uint8_t *out_ptr = out; 366 vaddr_t rng_base = 0; 367 size_t out_size = 0; 368 369 if (!stm32_rng) { 370 DMSG("No RNG"); 371 return TEE_ERROR_NOT_SUPPORTED; 372 } 373 374 rc = clk_enable(stm32_rng->clock); 375 if (rc) 376 return rc; 377 378 if (stm32_rng->bus_clock) { 379 rc = clk_enable(stm32_rng->bus_clock); 380 if (rc) { 381 clk_disable(stm32_rng->clock); 382 return rc; 383 } 384 } 385 386 rng_base = get_base(); 387 388 /* Arm timeout */ 389 timeout_ref = timeout_init_us(RNG_READY_TIMEOUT_US); 390 burst_timeout = false; 391 392 while (out_size < size) { 393 /* Read by chunks of the size the RNG FIFO depth */ 394 size_t sz = size - out_size; 395 396 exceptions = may_spin_lock(&stm32_rng->lock); 397 398 rc = read_available(rng_base, out_ptr, &sz); 399 400 /* Raise timeout only if we failed to get some samples */ 401 assert(!rc || rc == TEE_ERROR_NO_DATA); 402 if (rc) 403 burst_timeout = timeout_elapsed(timeout_ref); 404 405 may_spin_unlock(&stm32_rng->lock, exceptions); 406 407 if (burst_timeout) { 408 rc = TEE_ERROR_GENERIC; 409 goto out; 410 } 411 412 if (!rc) { 413 out_size += sz; 414 out_ptr += sz; 415 /* Re-arm timeout */ 416 timeout_ref = timeout_init_us(RNG_READY_TIMEOUT_US); 417 burst_timeout = false; 418 } 419 } 420 421 out: 422 assert(!rc || rc == TEE_ERROR_GENERIC); 423 clk_disable(stm32_rng->clock); 424 if (stm32_rng->bus_clock) 425 clk_disable(stm32_rng->bus_clock); 426 427 return rc; 428 } 429 430 #ifdef CFG_WITH_SOFTWARE_PRNG 431 /* Override weak plat_rng_init with platform handler to seed PRNG */ 432 void plat_rng_init(void) 433 { 434 uint8_t seed[RNG_FIFO_BYTE_DEPTH] = { }; 435 436 if (stm32_rng_read(seed, sizeof(seed))) 437 panic(); 438 439 if (crypto_rng_init(seed, sizeof(seed))) 440 panic(); 441 442 DMSG("PRNG seeded with RNG"); 443 } 444 #else 445 TEE_Result hw_get_random_bytes(void *out, size_t size) 446 { 447 return stm32_rng_read(out, size); 448 } 449 450 void plat_rng_init(void) 451 { 452 } 453 #endif 454 455 static TEE_Result stm32_rng_pm_resume(void) 456 { 457 vaddr_t base = get_base(); 458 459 /* Clean error indications */ 460 io_write32(base + RNG_SR, 0); 461 462 if (stm32_rng->ddata->has_cond_reset) { 463 uint64_t timeout_ref = 0; 464 465 /* 466 * Configuration must be set in the same access that sets 467 * RNG_CR_CONDRST bit. Otherwise, the configuration setting is 468 * not taken into account. CONFIGLOCK bit is always cleared in 469 * this configuration. 470 */ 471 io_write32(base + RNG_CR, stm32_rng->pm_cr | RNG_CR_CONDRST); 472 473 /* Restore health test and noise control configuration */ 474 io_write32(base + RNG_NSCR, stm32_rng->pm_noise_ctrl); 475 io_write32(base + RNG_HTCR, stm32_rng->pm_health); 476 477 io_clrsetbits32(base + RNG_CR, RNG_CR_CONDRST, RNG_CR_RNGEN); 478 479 timeout_ref = timeout_init_us(RNG_READY_TIMEOUT_US); 480 while (io_read32(base + RNG_CR) & RNG_CR_CONDRST) 481 if (timeout_elapsed(timeout_ref)) 482 break; 483 if (io_read32(base + RNG_CR) & RNG_CR_CONDRST) 484 panic(); 485 } else { 486 io_write32(base + RNG_CR, RNG_CR_RNGEN | stm32_rng->pm_cr); 487 } 488 489 return TEE_SUCCESS; 490 } 491 492 static TEE_Result stm32_rng_pm_suspend(void) 493 { 494 vaddr_t rng_base = get_base(); 495 496 stm32_rng->pm_cr = io_read32(rng_base + RNG_CR); 497 498 if (stm32_rng->ddata->has_cond_reset) { 499 stm32_rng->pm_health = io_read32(rng_base + RNG_HTCR); 500 stm32_rng->pm_noise_ctrl = io_read32(rng_base + RNG_NSCR); 501 } 502 503 if (stm32_rng->ddata->has_power_optim) { 504 uint64_t timeout_ref = 0; 505 506 /* 507 * As per reference manual, it is recommended to set 508 * RNG_CONFIG2[bit0] when RNG power consumption is critical. 509 */ 510 io_setbits32(rng_base + RNG_CR, RNG_CR_POWER_OPTIM | 511 RNG_CR_CONDRST); 512 io_clrbits32(rng_base + RNG_CR, RNG_CR_CONDRST); 513 514 timeout_ref = timeout_init_us(RNG_READY_TIMEOUT_US); 515 while (io_read32(rng_base + RNG_CR) & RNG_CR_CONDRST) 516 if (timeout_elapsed(timeout_ref)) 517 break; 518 if (io_read32(rng_base + RNG_CR) & RNG_CR_CONDRST) 519 panic(); 520 } else { 521 io_clrbits32(rng_base + RNG_CR, RNG_CR_RNGEN); 522 } 523 524 return TEE_SUCCESS; 525 } 526 527 static TEE_Result 528 stm32_rng_pm(enum pm_op op, unsigned int pm_hint __unused, 529 const struct pm_callback_handle *pm_handle __unused) 530 { 531 TEE_Result res = TEE_ERROR_GENERIC; 532 533 assert(stm32_rng && (op == PM_OP_SUSPEND || op == PM_OP_RESUME)); 534 535 res = clk_enable(stm32_rng->clock); 536 if (res) 537 return res; 538 539 if (stm32_rng->bus_clock) { 540 res = clk_enable(stm32_rng->bus_clock); 541 if (res) { 542 clk_disable(stm32_rng->clock); 543 return res; 544 } 545 } 546 547 if (op == PM_OP_RESUME) 548 res = stm32_rng_pm_resume(); 549 else 550 res = stm32_rng_pm_suspend(); 551 552 clk_disable(stm32_rng->clock); 553 if (stm32_rng->bus_clock) 554 clk_disable(stm32_rng->bus_clock); 555 556 return res; 557 } 558 DECLARE_KEEP_PAGER(stm32_rng_pm); 559 560 static TEE_Result stm32_rng_parse_fdt(const void *fdt, int node) 561 { 562 TEE_Result res = TEE_ERROR_GENERIC; 563 struct dt_node_info dt_rng = { }; 564 565 fdt_fill_device_info(fdt, &dt_rng, node); 566 if (dt_rng.reg == DT_INFO_INVALID_REG) 567 return TEE_ERROR_BAD_PARAMETERS; 568 569 stm32_rng->base.pa = dt_rng.reg; 570 stm32_rng->base.va = io_pa_or_va_secure(&stm32_rng->base, 571 dt_rng.reg_size); 572 assert(stm32_rng->base.va); 573 574 res = rstctrl_dt_get_by_index(fdt, node, 0, &stm32_rng->rstctrl); 575 if (res != TEE_SUCCESS && res != TEE_ERROR_ITEM_NOT_FOUND) 576 return res; 577 578 if (stm32_rng->ddata->nb_clock > 1) { 579 res = clk_dt_get_by_name(fdt, node, "rng_clk", 580 &stm32_rng->clock); 581 if (res) 582 return res; 583 584 res = clk_dt_get_by_name(fdt, node, "rng_hclk", 585 &stm32_rng->bus_clock); 586 if (res) 587 return res; 588 } else { 589 res = clk_dt_get_by_index(fdt, node, 0, &stm32_rng->clock); 590 if (res) 591 return res; 592 } 593 594 if (fdt_getprop(fdt, node, "clock-error-detect", NULL)) 595 stm32_rng->clock_error = true; 596 597 /* Release device if not used at runtime or for pm transitions */ 598 stm32_rng->release_post_boot = IS_ENABLED(CFG_WITH_SOFTWARE_PRNG) && 599 !IS_ENABLED(CFG_PM); 600 601 stm32_rng->rng_config = stm32_rng->ddata->cr; 602 if (stm32_rng->rng_config & ~RNG_CR_ENTROPY_SRC_MASK) 603 panic("Incorrect entropy source configuration"); 604 stm32_rng->health_test_conf = stm32_rng->ddata->htcr; 605 stm32_rng->noise_ctrl_conf = stm32_rng->ddata->nscr; 606 if (stm32_rng->noise_ctrl_conf & ~RNG_NSCR_MASK) 607 panic("Incorrect noise source control configuration"); 608 609 return TEE_SUCCESS; 610 } 611 612 static TEE_Result stm32_rng_probe(const void *fdt, int offs, 613 const void *compat_data) 614 { 615 TEE_Result res = TEE_ERROR_GENERIC; 616 unsigned int __maybe_unused version = 0; 617 618 /* Expect a single RNG instance */ 619 assert(!stm32_rng); 620 621 stm32_rng = calloc(1, sizeof(*stm32_rng)); 622 if (!stm32_rng) 623 panic(); 624 625 stm32_rng->ddata = compat_data; 626 assert(stm32_rng->ddata); 627 628 res = stm32_rng_parse_fdt(fdt, offs); 629 if (res) 630 goto err; 631 632 res = clk_enable(stm32_rng->clock); 633 if (res) 634 goto err; 635 636 if (stm32_rng->bus_clock) { 637 res = clk_enable(stm32_rng->bus_clock); 638 if (res) { 639 clk_disable(stm32_rng->clock); 640 goto err; 641 } 642 } 643 644 version = io_read32(get_base() + RNG_VERR); 645 DMSG("RNG version Major %u, Minor %u", 646 (version & RNG_VERR_MAJOR_MASK) >> RNG_VERR_MAJOR_SHIFT, 647 version & RNG_VERR_MINOR_MASK); 648 649 if (stm32_rng->rstctrl && 650 rstctrl_assert_to(stm32_rng->rstctrl, RNG_RESET_TIMEOUT_US)) { 651 res = TEE_ERROR_GENERIC; 652 goto err_clk; 653 } 654 655 if (stm32_rng->rstctrl && 656 rstctrl_deassert_to(stm32_rng->rstctrl, RNG_RESET_TIMEOUT_US)) { 657 res = TEE_ERROR_GENERIC; 658 goto err_clk; 659 } 660 661 res = init_rng(); 662 if (res) 663 goto err_clk; 664 665 clk_disable(stm32_rng->clock); 666 if (stm32_rng->bus_clock) 667 clk_disable(stm32_rng->bus_clock); 668 669 if (stm32_rng->release_post_boot) 670 stm32mp_register_non_secure_periph_iomem(stm32_rng->base.pa); 671 else 672 stm32mp_register_secure_periph_iomem(stm32_rng->base.pa); 673 674 /* Power management implementation expects both or none are set */ 675 assert(stm32_rng->ddata->has_power_optim == 676 stm32_rng->ddata->has_cond_reset); 677 678 register_pm_core_service_cb(stm32_rng_pm, &stm32_rng, "rng-service"); 679 680 return TEE_SUCCESS; 681 682 err_clk: 683 clk_disable(stm32_rng->clock); 684 if (stm32_rng->bus_clock) 685 clk_disable(stm32_rng->bus_clock); 686 err: 687 free(stm32_rng); 688 stm32_rng = NULL; 689 690 return res; 691 } 692 693 static const struct stm32_rng_driver_data mp13_data[] = { 694 { 695 .max_noise_clk_freq = U(48000000), 696 .nb_clock = 1, 697 .has_cond_reset = true, 698 .has_power_optim = true, 699 .cr = 0x00F00D00, 700 .nscr = 0x2B5BB, 701 .htcr = 0x969D, 702 }, 703 }; 704 705 static const struct stm32_rng_driver_data mp15_data[] = { 706 { 707 .max_noise_clk_freq = U(48000000), 708 .nb_clock = 1, 709 .has_cond_reset = false, 710 .has_power_optim = false, 711 }, 712 }; 713 DECLARE_KEEP_PAGER(mp15_data); 714 715 static const struct stm32_rng_driver_data mp25_data[] = { 716 { 717 .max_noise_clk_freq = U(48000000), 718 .nb_clock = 2, 719 .has_cond_reset = true, 720 .has_power_optim = true, 721 .cr = 0x00F00D00, 722 .nscr = 0x2B5BB, 723 .htcr = 0x969D, 724 }, 725 }; 726 727 static const struct dt_device_match rng_match_table[] = { 728 { .compatible = "st,stm32-rng", .compat_data = &mp15_data }, 729 { .compatible = "st,stm32mp13-rng", .compat_data = &mp13_data }, 730 { .compatible = "st,stm32mp25-rng", .compat_data = &mp25_data }, 731 { } 732 }; 733 734 DEFINE_DT_DRIVER(stm32_rng_dt_driver) = { 735 .name = "stm32_rng", 736 .match_table = rng_match_table, 737 .probe = stm32_rng_probe, 738 }; 739 740 static TEE_Result stm32_rng_release(void) 741 { 742 if (stm32_rng && stm32_rng->release_post_boot) { 743 DMSG("Release RNG driver"); 744 free(stm32_rng); 745 stm32_rng = NULL; 746 } 747 748 return TEE_SUCCESS; 749 } 750 751 release_init_resource(stm32_rng_release); 752