1 // SPDX-License-Identifier: BSD-3-Clause 2 /* 3 * Copyright (c) 2018-2024, STMicroelectronics 4 */ 5 6 #include <assert.h> 7 #include <drivers/clk.h> 8 #include <drivers/clk_dt.h> 9 #include <drivers/rstctrl.h> 10 #if defined(CFG_STM32MP15) 11 #include <drivers/stm32_etzpc.h> 12 #include <dt-bindings/firewall/stm32mp15-etzpc.h> 13 #endif /* defined(CFG_STM32MP15) */ 14 #include <io.h> 15 #include <kernel/delay.h> 16 #include <kernel/dt.h> 17 #include <kernel/dt_driver.h> 18 #include <kernel/boot.h> 19 #include <kernel/panic.h> 20 #include <kernel/pm.h> 21 #include <kernel/thread.h> 22 #include <libfdt.h> 23 #include <mm/core_memprot.h> 24 #include <rng_support.h> 25 #include <stdbool.h> 26 #include <stm32_util.h> 27 #include <string.h> 28 #include <tee/tee_cryp_utl.h> 29 30 #define RNG_CR U(0x00) 31 #define RNG_SR U(0x04) 32 #define RNG_DR U(0x08) 33 #define RNG_NSCR U(0x0C) 34 #define RNG_HTCR U(0x10) 35 #define RNG_VERR U(0x3F4) 36 37 #define RNG_CR_RNGEN BIT(2) 38 #define RNG_CR_IE BIT(3) 39 #define RNG_CR_CED BIT(5) 40 #define RNG_CR_CONFIG1 GENMASK_32(11, 8) 41 #define RNG_CR_NISTC BIT(12) 42 #define RNG_CR_POWER_OPTIM BIT(13) 43 #define RNG_CR_CONFIG2 GENMASK_32(15, 13) 44 #define RNG_CR_CLKDIV GENMASK_32(19, 16) 45 #define RNG_CR_CLKDIV_SHIFT U(16) 46 #define RNG_CR_CONFIG3 GENMASK_32(25, 20) 47 #define RNG_CR_CONDRST BIT(30) 48 #define RNG_CR_ENTROPY_SRC_MASK (RNG_CR_CONFIG1 | RNG_CR_NISTC | \ 49 RNG_CR_CONFIG2 | RNG_CR_CONFIG3) 50 51 #define RNG_SR_DRDY BIT(0) 52 #define RNG_SR_CECS BIT(1) 53 #define RNG_SR_SECS BIT(2) 54 #define RNG_SR_CEIS BIT(5) 55 #define RNG_SR_SEIS BIT(6) 56 57 #define RNG_NSCR_MASK GENMASK_32(17, 0) 58 59 #define RNG_VERR_MINOR_MASK GENMASK_32(3, 0) 60 #define RNG_VERR_MAJOR_MASK GENMASK_32(7, 4) 61 #define RNG_VERR_MAJOR_SHIFT U(4) 62 63 #if TRACE_LEVEL > TRACE_DEBUG 64 #define RNG_READY_TIMEOUT_US U(100000) 65 #else 66 #define RNG_READY_TIMEOUT_US U(10000) 67 #endif 68 #define RNG_RESET_TIMEOUT_US U(1000) 69 70 #define RNG_FIFO_BYTE_DEPTH U(16) 71 72 #define RNG_CONFIG_MASK (RNG_CR_ENTROPY_SRC_MASK | RNG_CR_CED | \ 73 RNG_CR_CLKDIV) 74 75 struct stm32_rng_driver_data { 76 unsigned long max_noise_clk_freq; 77 unsigned long nb_clock; 78 uint32_t cr; 79 uint32_t nscr; 80 uint32_t htcr; 81 bool has_power_optim; 82 bool has_cond_reset; 83 }; 84 85 struct stm32_rng_instance { 86 struct io_pa_va base; 87 struct clk *clock; 88 struct clk *bus_clock; 89 struct rstctrl *rstctrl; 90 const struct stm32_rng_driver_data *ddata; 91 unsigned int lock; 92 uint64_t error_to_ref; 93 uint32_t pm_cr; 94 uint32_t pm_health; 95 uint32_t pm_noise_ctrl; 96 uint32_t health_test_conf; 97 uint32_t noise_ctrl_conf; 98 uint32_t rng_config; 99 bool clock_error; 100 bool error_conceal; 101 }; 102 103 /* Expect at most a single RNG instance */ 104 static struct stm32_rng_instance *stm32_rng; 105 106 static vaddr_t get_base(void) 107 { 108 assert(stm32_rng); 109 110 return io_pa_or_va(&stm32_rng->base, 1); 111 } 112 113 /* 114 * Extracts from the STM32 RNG specification when RNG supports CONDRST. 115 * 116 * When a noise source (or seed) error occurs, the RNG stops generating 117 * random numbers and sets to “1” both SEIS and SECS bits to indicate 118 * that a seed error occurred. (...) 119 * 120 * 1. Software reset by writing CONDRST at 1 and at 0 (see bitfield 121 * description for details). This step is needed only if SECS is set. 122 * Indeed, when SEIS is set and SECS is cleared it means RNG performed 123 * the reset automatically (auto-reset). 124 * 2. If SECS was set in step 1 (no auto-reset) wait for CONDRST 125 * to be cleared in the RNG_CR register, then confirm that SEIS is 126 * cleared in the RNG_SR register. Otherwise just clear SEIS bit in 127 * the RNG_SR register. 128 * 3. If SECS was set in step 1 (no auto-reset) wait for SECS to be 129 * cleared by RNG. The random number generation is now back to normal. 130 */ 131 static void conceal_seed_error_cond_reset(void) 132 { 133 struct stm32_rng_instance *dev = stm32_rng; 134 vaddr_t rng_base = get_base(); 135 136 if (!dev->error_conceal) { 137 uint32_t sr = io_read32(rng_base + RNG_SR); 138 139 if (sr & RNG_SR_SECS) { 140 /* Conceal by resetting the subsystem (step 1.) */ 141 io_setbits32(rng_base + RNG_CR, RNG_CR_CONDRST); 142 io_clrbits32(rng_base + RNG_CR, RNG_CR_CONDRST); 143 144 /* Arm timeout for error_conceal sequence */ 145 dev->error_to_ref = 146 timeout_init_us(RNG_READY_TIMEOUT_US); 147 dev->error_conceal = true; 148 } else { 149 /* RNG auto-reset (step 2.) */ 150 io_clrbits32(rng_base + RNG_SR, RNG_SR_SEIS); 151 } 152 } else { 153 /* Measure time before possible reschedule */ 154 bool timed_out = timeout_elapsed(dev->error_to_ref); 155 156 /* Wait CONDRST is cleared (step 2.) */ 157 if (io_read32(rng_base + RNG_CR) & RNG_CR_CONDRST) { 158 if (timed_out) 159 panic(); 160 161 /* Wait subsystem reset cycle completes */ 162 return; 163 } 164 165 /* Check SEIS is cleared (step 2.) */ 166 if (io_read32(rng_base + RNG_SR) & RNG_SR_SEIS) 167 panic(); 168 169 /* Wait SECS is cleared (step 3.) */ 170 if (io_read32(rng_base + RNG_SR) & RNG_SR_SECS) { 171 if (timed_out) 172 panic(); 173 174 /* Wait subsystem reset cycle completes */ 175 return; 176 } 177 178 dev->error_conceal = false; 179 } 180 } 181 182 /* 183 * Extracts from the STM32 RNG specification, when CONDRST is not supported 184 * 185 * When a noise source (or seed) error occurs, the RNG stops generating 186 * random numbers and sets to “1” both SEIS and SECS bits to indicate 187 * that a seed error occurred. (...) 188 * 189 * The following sequence shall be used to fully recover from a seed 190 * error after the RNG initialization: 191 * 1. Clear the SEIS bit by writing it to “0”. 192 * 2. Read out 12 words from the RNG_DR register, and discard each of 193 * them in order to clean the pipeline. 194 * 3. Confirm that SEIS is still cleared. Random number generation is 195 * back to normal. 196 */ 197 static void conceal_seed_error_sw_reset(void) 198 { 199 vaddr_t rng_base = get_base(); 200 size_t i = 0; 201 202 io_clrbits32(rng_base + RNG_SR, RNG_SR_SEIS); 203 204 for (i = 12; i != 0; i--) 205 (void)io_read32(rng_base + RNG_DR); 206 207 if (io_read32(rng_base + RNG_SR) & RNG_SR_SEIS) 208 panic("RNG noise"); 209 } 210 211 static void conceal_seed_error(void) 212 { 213 if (stm32_rng->ddata->has_cond_reset) 214 conceal_seed_error_cond_reset(); 215 else 216 conceal_seed_error_sw_reset(); 217 } 218 219 static TEE_Result read_available(vaddr_t rng_base, uint8_t *out, size_t *size) 220 { 221 struct stm32_rng_instance *dev = stm32_rng; 222 uint8_t *buf = NULL; 223 size_t req_size = 0; 224 size_t len = 0; 225 226 if (dev->error_conceal || io_read32(rng_base + RNG_SR) & RNG_SR_SEIS) 227 conceal_seed_error(); 228 229 if (!(io_read32(rng_base + RNG_SR) & RNG_SR_DRDY)) { 230 FMSG("RNG not ready"); 231 return TEE_ERROR_NO_DATA; 232 } 233 234 if (io_read32(rng_base + RNG_SR) & RNG_SR_SEIS) { 235 FMSG("RNG noise error"); 236 return TEE_ERROR_NO_DATA; 237 } 238 239 buf = out; 240 req_size = MIN(RNG_FIFO_BYTE_DEPTH, *size); 241 len = req_size; 242 243 /* RNG is ready: read up to 4 32bit words */ 244 while (len) { 245 uint32_t data32 = 0; 246 size_t sz = MIN(len, sizeof(uint32_t)); 247 248 if (!(io_read32(rng_base + RNG_SR) & RNG_SR_DRDY)) 249 break; 250 data32 = io_read32(rng_base + RNG_DR); 251 252 /* Late seed error case: DR being 0 is an error status */ 253 if (!data32) { 254 conceal_seed_error(); 255 return TEE_ERROR_NO_DATA; 256 } 257 258 memcpy(buf, &data32, sz); 259 buf += sz; 260 len -= sz; 261 } 262 263 *size = req_size - len; 264 265 return TEE_SUCCESS; 266 } 267 268 static uint32_t stm32_rng_clock_freq_restrain(void) 269 { 270 struct stm32_rng_instance *dev = stm32_rng; 271 unsigned long clock_rate = 0; 272 uint32_t clock_div = 0; 273 274 clock_rate = clk_get_rate(dev->clock); 275 276 /* 277 * Get the exponent to apply on the CLKDIV field in RNG_CR register 278 * No need to handle the case when clock-div > 0xF as it is physically 279 * impossible 280 */ 281 while ((clock_rate >> clock_div) > dev->ddata->max_noise_clk_freq) 282 clock_div++; 283 284 DMSG("RNG clk rate : %lu", clk_get_rate(dev->clock) >> clock_div); 285 286 return clock_div; 287 } 288 289 static TEE_Result enable_rng_clock(void) 290 { 291 TEE_Result res = clk_enable(stm32_rng->clock); 292 293 if (!res && stm32_rng->bus_clock) { 294 res = clk_enable(stm32_rng->bus_clock); 295 if (res) 296 clk_disable(stm32_rng->clock); 297 } 298 299 return res; 300 } 301 302 static void disable_rng_clock(void) 303 { 304 clk_disable(stm32_rng->clock); 305 if (stm32_rng->bus_clock) 306 clk_disable(stm32_rng->bus_clock); 307 } 308 309 static TEE_Result stm32_rng_init(void) 310 { 311 TEE_Result res = TEE_ERROR_GENERIC; 312 vaddr_t rng_base = get_base(); 313 uint32_t cr_ced_mask = 0; 314 uint32_t value = 0; 315 316 res = enable_rng_clock(); 317 if (res) 318 return res; 319 320 if (stm32_rng->rstctrl && 321 rstctrl_assert_to(stm32_rng->rstctrl, RNG_RESET_TIMEOUT_US)) { 322 res = TEE_ERROR_GENERIC; 323 goto out; 324 } 325 326 if (stm32_rng->rstctrl && 327 rstctrl_deassert_to(stm32_rng->rstctrl, RNG_RESET_TIMEOUT_US)) { 328 res = TEE_ERROR_GENERIC; 329 goto out; 330 } 331 332 if (!stm32_rng->clock_error) 333 cr_ced_mask = RNG_CR_CED; 334 335 /* Clean error indications */ 336 io_write32(rng_base + RNG_SR, 0); 337 338 if (stm32_rng->ddata->has_cond_reset) { 339 uint32_t clock_div = stm32_rng_clock_freq_restrain(); 340 341 /* 342 * Keep default RNG configuration if none was specified. 343 * 0 is an invalid value as it disables all entropy sources. 344 */ 345 if (!stm32_rng->rng_config) 346 stm32_rng->rng_config = io_read32(rng_base + RNG_CR) & 347 RNG_CR_ENTROPY_SRC_MASK; 348 349 /* 350 * Configuration must be set in the same access that sets 351 * RNG_CR_CONDRST bit. Otherwise, the configuration setting is 352 * not taken into account. CONFIGLOCK bit is always cleared at 353 * this stage. 354 */ 355 io_clrsetbits32(rng_base + RNG_CR, RNG_CONFIG_MASK, 356 stm32_rng->rng_config | RNG_CR_CONDRST | 357 cr_ced_mask | 358 SHIFT_U32(clock_div, RNG_CR_CLKDIV_SHIFT)); 359 360 /* 361 * Write health test and noise source control configuration 362 * according to current RNG entropy source configuration 363 */ 364 if (stm32_rng->noise_ctrl_conf) 365 io_write32(rng_base + RNG_NSCR, 366 stm32_rng->noise_ctrl_conf); 367 368 if (stm32_rng->health_test_conf) 369 io_write32(rng_base + RNG_HTCR, 370 stm32_rng->health_test_conf); 371 372 io_clrsetbits32(rng_base + RNG_CR, RNG_CR_CONDRST, 373 RNG_CR_RNGEN); 374 375 if (IO_READ32_POLL_TIMEOUT(rng_base + RNG_CR, value, 376 !(value & RNG_CR_CONDRST), 0, 377 RNG_READY_TIMEOUT_US)) 378 panic(); 379 380 DMSG("RNG control register %#"PRIx32, 381 io_read32(rng_base + RNG_CR)); 382 DMSG("RNG noise source control register %#"PRIx32, 383 io_read32(rng_base + RNG_NSCR)); 384 DMSG("RNG health test register %#"PRIx32, 385 io_read32(rng_base + RNG_HTCR)); 386 } else { 387 io_setbits32(rng_base + RNG_CR, RNG_CR_RNGEN | cr_ced_mask); 388 } 389 390 if (IO_READ32_POLL_TIMEOUT(rng_base + RNG_SR, value, 391 value & RNG_SR_DRDY, 0, 392 RNG_READY_TIMEOUT_US)) 393 return TEE_ERROR_GENERIC; 394 395 res = TEE_SUCCESS; 396 397 out: 398 disable_rng_clock(); 399 400 return res; 401 } 402 403 static TEE_Result stm32_rng_read(uint8_t *out, size_t size) 404 { 405 TEE_Result rc = TEE_ERROR_GENERIC; 406 bool burst_timeout = false; 407 uint64_t timeout_ref = 0; 408 uint32_t exceptions = 0; 409 uint8_t *out_ptr = out; 410 vaddr_t rng_base = 0; 411 size_t out_size = 0; 412 413 if (!stm32_rng) { 414 DMSG("No RNG"); 415 return TEE_ERROR_NOT_SUPPORTED; 416 } 417 418 rc = enable_rng_clock(); 419 if (rc) 420 return rc; 421 422 rng_base = get_base(); 423 424 /* Arm timeout */ 425 timeout_ref = timeout_init_us(RNG_READY_TIMEOUT_US); 426 burst_timeout = false; 427 428 while (out_size < size) { 429 /* Read by chunks of the size the RNG FIFO depth */ 430 size_t sz = size - out_size; 431 432 exceptions = may_spin_lock(&stm32_rng->lock); 433 434 rc = read_available(rng_base, out_ptr, &sz); 435 436 /* Raise timeout only if we failed to get some samples */ 437 assert(!rc || rc == TEE_ERROR_NO_DATA); 438 if (rc) 439 burst_timeout = timeout_elapsed(timeout_ref); 440 441 may_spin_unlock(&stm32_rng->lock, exceptions); 442 443 if (burst_timeout) { 444 rc = TEE_ERROR_GENERIC; 445 goto out; 446 } 447 448 if (!rc) { 449 out_size += sz; 450 out_ptr += sz; 451 /* Re-arm timeout */ 452 timeout_ref = timeout_init_us(RNG_READY_TIMEOUT_US); 453 burst_timeout = false; 454 } 455 } 456 457 out: 458 assert(!rc || rc == TEE_ERROR_GENERIC); 459 disable_rng_clock(); 460 461 return rc; 462 } 463 464 #ifdef CFG_WITH_SOFTWARE_PRNG 465 /* Override weak plat_rng_init with platform handler to attempt to seed PRNG */ 466 void plat_rng_init(void) 467 { 468 uint8_t seed[RNG_FIFO_BYTE_DEPTH] = { }; 469 470 if (!stm32_rng) { 471 __plat_rng_init(); 472 DMSG("PRNG seeded without RNG"); 473 return; 474 } 475 476 if (stm32_rng_read(seed, sizeof(seed))) 477 panic(); 478 479 if (crypto_rng_init(seed, sizeof(seed))) 480 panic(); 481 482 DMSG("PRNG seeded with RNG"); 483 } 484 #else 485 TEE_Result hw_get_random_bytes(void *out, size_t size) 486 { 487 return stm32_rng_read(out, size); 488 } 489 490 void plat_rng_init(void) 491 { 492 } 493 #endif 494 495 static TEE_Result stm32_rng_pm_resume(void) 496 { 497 vaddr_t base = get_base(); 498 499 /* Clean error indications */ 500 io_write32(base + RNG_SR, 0); 501 502 if (stm32_rng->ddata->has_cond_reset) { 503 uint64_t timeout_ref = 0; 504 505 /* 506 * Configuration must be set in the same access that sets 507 * RNG_CR_CONDRST bit. Otherwise, the configuration setting is 508 * not taken into account. CONFIGLOCK bit is always cleared in 509 * this configuration. 510 */ 511 io_write32(base + RNG_CR, stm32_rng->pm_cr | RNG_CR_CONDRST); 512 513 /* Restore health test and noise control configuration */ 514 io_write32(base + RNG_NSCR, stm32_rng->pm_noise_ctrl); 515 io_write32(base + RNG_HTCR, stm32_rng->pm_health); 516 517 io_clrsetbits32(base + RNG_CR, RNG_CR_CONDRST, RNG_CR_RNGEN); 518 519 timeout_ref = timeout_init_us(RNG_READY_TIMEOUT_US); 520 while (io_read32(base + RNG_CR) & RNG_CR_CONDRST) 521 if (timeout_elapsed(timeout_ref)) 522 break; 523 if (io_read32(base + RNG_CR) & RNG_CR_CONDRST) 524 panic(); 525 } else { 526 io_write32(base + RNG_CR, RNG_CR_RNGEN | stm32_rng->pm_cr); 527 } 528 529 return TEE_SUCCESS; 530 } 531 532 static TEE_Result stm32_rng_pm_suspend(void) 533 { 534 vaddr_t rng_base = get_base(); 535 536 stm32_rng->pm_cr = io_read32(rng_base + RNG_CR); 537 538 if (stm32_rng->ddata->has_cond_reset) { 539 stm32_rng->pm_health = io_read32(rng_base + RNG_HTCR); 540 stm32_rng->pm_noise_ctrl = io_read32(rng_base + RNG_NSCR); 541 } 542 543 if (stm32_rng->ddata->has_power_optim) { 544 uint64_t timeout_ref = 0; 545 546 /* 547 * As per reference manual, it is recommended to set 548 * RNG_CONFIG2[bit0] when RNG power consumption is critical. 549 */ 550 io_setbits32(rng_base + RNG_CR, RNG_CR_POWER_OPTIM | 551 RNG_CR_CONDRST); 552 io_clrbits32(rng_base + RNG_CR, RNG_CR_CONDRST); 553 554 timeout_ref = timeout_init_us(RNG_READY_TIMEOUT_US); 555 while (io_read32(rng_base + RNG_CR) & RNG_CR_CONDRST) 556 if (timeout_elapsed(timeout_ref)) 557 break; 558 if (io_read32(rng_base + RNG_CR) & RNG_CR_CONDRST) 559 panic(); 560 } else { 561 io_clrbits32(rng_base + RNG_CR, RNG_CR_RNGEN); 562 } 563 564 return TEE_SUCCESS; 565 } 566 567 static TEE_Result 568 stm32_rng_pm(enum pm_op op, unsigned int pm_hint __unused, 569 const struct pm_callback_handle *pm_handle __unused) 570 { 571 TEE_Result res = TEE_ERROR_GENERIC; 572 573 assert(stm32_rng && (op == PM_OP_SUSPEND || op == PM_OP_RESUME)); 574 575 res = enable_rng_clock(); 576 if (res) 577 return res; 578 579 if (op == PM_OP_RESUME) 580 res = stm32_rng_pm_resume(); 581 else 582 res = stm32_rng_pm_suspend(); 583 584 disable_rng_clock(); 585 586 return res; 587 } 588 DECLARE_KEEP_PAGER(stm32_rng_pm); 589 590 static TEE_Result stm32_rng_parse_fdt(const void *fdt, int node) 591 { 592 TEE_Result res = TEE_ERROR_GENERIC; 593 struct dt_node_info dt_rng = { }; 594 595 fdt_fill_device_info(fdt, &dt_rng, node); 596 if (dt_rng.reg == DT_INFO_INVALID_REG) 597 return TEE_ERROR_BAD_PARAMETERS; 598 599 stm32_rng->base.pa = dt_rng.reg; 600 stm32_rng->base.va = io_pa_or_va_secure(&stm32_rng->base, 601 dt_rng.reg_size); 602 assert(stm32_rng->base.va); 603 604 res = rstctrl_dt_get_by_index(fdt, node, 0, &stm32_rng->rstctrl); 605 if (res != TEE_SUCCESS && res != TEE_ERROR_ITEM_NOT_FOUND) 606 return res; 607 608 if (stm32_rng->ddata->nb_clock > 1) { 609 res = clk_dt_get_by_name(fdt, node, "rng_clk", 610 &stm32_rng->clock); 611 if (res) 612 return res; 613 614 res = clk_dt_get_by_name(fdt, node, "rng_hclk", 615 &stm32_rng->bus_clock); 616 if (res) 617 return res; 618 } else { 619 res = clk_dt_get_by_index(fdt, node, 0, &stm32_rng->clock); 620 if (res) 621 return res; 622 } 623 624 if (fdt_getprop(fdt, node, "clock-error-detect", NULL)) 625 stm32_rng->clock_error = true; 626 627 stm32_rng->rng_config = stm32_rng->ddata->cr; 628 if (stm32_rng->rng_config & ~RNG_CR_ENTROPY_SRC_MASK) 629 panic("Incorrect entropy source configuration"); 630 stm32_rng->health_test_conf = stm32_rng->ddata->htcr; 631 stm32_rng->noise_ctrl_conf = stm32_rng->ddata->nscr; 632 if (stm32_rng->noise_ctrl_conf & ~RNG_NSCR_MASK) 633 panic("Incorrect noise source control configuration"); 634 635 return TEE_SUCCESS; 636 } 637 638 static TEE_Result stm32_rng_probe(const void *fdt, int offs, 639 const void *compat_data) 640 { 641 unsigned int __maybe_unused version = 0; 642 TEE_Result res = TEE_ERROR_GENERIC; 643 644 /* Expect a single RNG instance */ 645 assert(!stm32_rng); 646 647 stm32_rng = calloc(1, sizeof(*stm32_rng)); 648 if (!stm32_rng) 649 panic(); 650 651 stm32_rng->ddata = compat_data; 652 assert(stm32_rng->ddata); 653 654 res = stm32_rng_parse_fdt(fdt, offs); 655 if (res) 656 goto err; 657 658 res = enable_rng_clock(); 659 if (res) 660 goto err; 661 662 version = io_read32(get_base() + RNG_VERR); 663 DMSG("RNG version Major %u, Minor %u", 664 (version & RNG_VERR_MAJOR_MASK) >> RNG_VERR_MAJOR_SHIFT, 665 version & RNG_VERR_MINOR_MASK); 666 667 disable_rng_clock(); 668 669 res = stm32_rng_init(); 670 if (res) 671 goto err; 672 673 #if defined(CFG_STM32MP15) && defined(CFG_STM32_ETZPC) 674 /* Only STM32MP15 requires a software registering of RNG secure state */ 675 if (etzpc_get_decprot(STM32MP1_ETZPC_RNG1_ID) == ETZPC_DECPROT_NS_RW) 676 stm32mp_register_non_secure_periph_iomem(stm32_rng->base.pa); 677 else 678 stm32mp_register_secure_periph_iomem(stm32_rng->base.pa); 679 #endif /* defined(CFG_STM32MP15) && defined(CFG_STM32_ETZPC) */ 680 681 /* Power management implementation expects both or none are set */ 682 assert(stm32_rng->ddata->has_power_optim == 683 stm32_rng->ddata->has_cond_reset); 684 685 if (!IS_ENABLED(CFG_WITH_SOFTWARE_PRNG)) 686 register_pm_core_service_cb(stm32_rng_pm, &stm32_rng, 687 "rng-service"); 688 689 return TEE_SUCCESS; 690 691 err: 692 free(stm32_rng); 693 stm32_rng = NULL; 694 695 return res; 696 } 697 698 static const struct stm32_rng_driver_data mp13_data[] = { 699 { 700 .max_noise_clk_freq = U(48000000), 701 .nb_clock = 1, 702 .has_cond_reset = true, 703 .has_power_optim = true, 704 .cr = 0x00F00D00, 705 .nscr = 0x2B5BB, 706 .htcr = 0x969D, 707 }, 708 }; 709 710 static const struct stm32_rng_driver_data mp15_data[] = { 711 { 712 .max_noise_clk_freq = U(48000000), 713 .nb_clock = 1, 714 .has_cond_reset = false, 715 .has_power_optim = false, 716 }, 717 }; 718 DECLARE_KEEP_PAGER(mp15_data); 719 720 static const struct stm32_rng_driver_data mp25_data[] = { 721 { 722 .max_noise_clk_freq = U(48000000), 723 .nb_clock = 2, 724 .has_cond_reset = true, 725 .has_power_optim = true, 726 .cr = 0x00F00D00, 727 .nscr = 0x2B5BB, 728 .htcr = 0x969D, 729 }, 730 }; 731 732 static const struct dt_device_match rng_match_table[] = { 733 { .compatible = "st,stm32-rng", .compat_data = &mp15_data }, 734 { .compatible = "st,stm32mp13-rng", .compat_data = &mp13_data }, 735 { .compatible = "st,stm32mp25-rng", .compat_data = &mp25_data }, 736 { } 737 }; 738 739 DEFINE_DT_DRIVER(stm32_rng_dt_driver) = { 740 .name = "stm32_rng", 741 .match_table = rng_match_table, 742 .probe = stm32_rng_probe, 743 }; 744 745 static TEE_Result stm32_rng_release(void) 746 { 747 if (stm32_rng && IS_ENABLED(CFG_WITH_SOFTWARE_PRNG)) { 748 DMSG("Release RNG driver"); 749 free(stm32_rng); 750 stm32_rng = NULL; 751 } 752 753 return TEE_SUCCESS; 754 } 755 756 release_init_resource(stm32_rng_release); 757