xilinx-trng.c 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430
  1. // SPDX-License-Identifier: GPL-2.0
  2. /*
  3. * AMD Versal True Random Number Generator driver
  4. * Copyright (c) 2024 - 2025 Advanced Micro Devices, Inc.
  5. */
  6. #include <linux/bitfield.h>
  7. #include <linux/clk.h>
  8. #include <linux/crypto.h>
  9. #include <linux/delay.h>
  10. #include <linux/firmware/xlnx-zynqmp.h>
  11. #include <linux/hw_random.h>
  12. #include <linux/io.h>
  13. #include <linux/iopoll.h>
  14. #include <linux/kernel.h>
  15. #include <linux/module.h>
  16. #include <linux/mutex.h>
  17. #include <linux/mod_devicetable.h>
  18. #include <linux/platform_device.h>
  19. #include <crypto/aes.h>
  20. #include <crypto/df_sp80090a.h>
  21. #include <crypto/internal/drbg.h>
  22. #include <crypto/internal/cipher.h>
  23. #include <crypto/internal/rng.h>
  24. /* TRNG Registers Offsets */
  25. #define TRNG_STATUS_OFFSET 0x4U
  26. #define TRNG_CTRL_OFFSET 0x8U
  27. #define TRNG_EXT_SEED_OFFSET 0x40U
  28. #define TRNG_PER_STRNG_OFFSET 0x80U
  29. #define TRNG_CORE_OUTPUT_OFFSET 0xC0U
  30. #define TRNG_RESET_OFFSET 0xD0U
  31. #define TRNG_OSC_EN_OFFSET 0xD4U
  32. /* Mask values */
  33. #define TRNG_RESET_VAL_MASK BIT(0)
  34. #define TRNG_OSC_EN_VAL_MASK BIT(0)
  35. #define TRNG_CTRL_PRNGSRST_MASK BIT(0)
  36. #define TRNG_CTRL_EUMODE_MASK BIT(8)
  37. #define TRNG_CTRL_TRSSEN_MASK BIT(2)
  38. #define TRNG_CTRL_PRNGSTART_MASK BIT(5)
  39. #define TRNG_CTRL_PRNGXS_MASK BIT(3)
  40. #define TRNG_CTRL_PRNGMODE_MASK BIT(7)
  41. #define TRNG_STATUS_DONE_MASK BIT(0)
  42. #define TRNG_STATUS_QCNT_MASK GENMASK(11, 9)
  43. #define TRNG_STATUS_QCNT_16_BYTES 0x800
  44. /* Sizes in bytes */
  45. #define TRNG_SEED_LEN_BYTES 48U
  46. #define TRNG_ENTROPY_SEED_LEN_BYTES 64U
  47. #define TRNG_SEC_STRENGTH_SHIFT 5U
  48. #define TRNG_SEC_STRENGTH_BYTES BIT(TRNG_SEC_STRENGTH_SHIFT)
  49. #define TRNG_BYTES_PER_REG 4U
  50. #define TRNG_RESET_DELAY 10
  51. #define TRNG_NUM_INIT_REGS 12U
  52. #define TRNG_READ_4_WORD 4
  53. #define TRNG_DATA_READ_DELAY 8000
  54. struct xilinx_rng {
  55. void __iomem *rng_base;
  56. struct device *dev;
  57. unsigned char *scratchpadbuf;
  58. struct aes_enckey *aeskey;
  59. struct mutex lock; /* Protect access to TRNG device */
  60. struct hwrng trng;
  61. };
  62. struct xilinx_rng_ctx {
  63. struct xilinx_rng *rng;
  64. };
  65. static struct xilinx_rng *xilinx_rng_dev;
  66. static void xtrng_readwrite32(void __iomem *addr, u32 mask, u8 value)
  67. {
  68. u32 val;
  69. val = ioread32(addr);
  70. val = (val & (~mask)) | (mask & value);
  71. iowrite32(val, addr);
  72. }
  73. static void xtrng_trng_reset(void __iomem *addr)
  74. {
  75. xtrng_readwrite32(addr + TRNG_RESET_OFFSET, TRNG_RESET_VAL_MASK, TRNG_RESET_VAL_MASK);
  76. udelay(TRNG_RESET_DELAY);
  77. xtrng_readwrite32(addr + TRNG_RESET_OFFSET, TRNG_RESET_VAL_MASK, 0);
  78. }
  79. static void xtrng_hold_reset(void __iomem *addr)
  80. {
  81. xtrng_readwrite32(addr + TRNG_CTRL_OFFSET, TRNG_CTRL_PRNGSRST_MASK,
  82. TRNG_CTRL_PRNGSRST_MASK);
  83. iowrite32(TRNG_RESET_VAL_MASK, addr + TRNG_RESET_OFFSET);
  84. udelay(TRNG_RESET_DELAY);
  85. }
  86. static void xtrng_softreset(struct xilinx_rng *rng)
  87. {
  88. xtrng_readwrite32(rng->rng_base + TRNG_CTRL_OFFSET, TRNG_CTRL_PRNGSRST_MASK,
  89. TRNG_CTRL_PRNGSRST_MASK);
  90. udelay(TRNG_RESET_DELAY);
  91. xtrng_readwrite32(rng->rng_base + TRNG_CTRL_OFFSET, TRNG_CTRL_PRNGSRST_MASK, 0);
  92. }
  93. /* Return no. of bytes read */
  94. static size_t xtrng_readblock32(void __iomem *rng_base, __be32 *buf, int blocks32, bool wait)
  95. {
  96. int read = 0, ret;
  97. int timeout = 1;
  98. int i, idx;
  99. u32 val;
  100. if (wait)
  101. timeout = TRNG_DATA_READ_DELAY;
  102. for (i = 0; i < (blocks32 * 2); i++) {
  103. /* TRNG core generate data in 16 bytes. Read twice to complete 32 bytes read */
  104. ret = readl_poll_timeout(rng_base + TRNG_STATUS_OFFSET, val,
  105. (val & TRNG_STATUS_QCNT_MASK) ==
  106. TRNG_STATUS_QCNT_16_BYTES, !!wait, timeout);
  107. if (ret)
  108. break;
  109. for (idx = 0; idx < TRNG_READ_4_WORD; idx++) {
  110. *(buf + read) = cpu_to_be32(ioread32(rng_base + TRNG_CORE_OUTPUT_OFFSET));
  111. read += 1;
  112. }
  113. }
  114. return read * 4;
  115. }
  116. static int xtrng_collect_random_data(struct xilinx_rng *rng, u8 *rand_gen_buf,
  117. int no_of_random_bytes, bool wait)
  118. {
  119. u8 randbuf[TRNG_SEC_STRENGTH_BYTES];
  120. int byteleft, blocks, count = 0;
  121. int ret;
  122. byteleft = no_of_random_bytes & (TRNG_SEC_STRENGTH_BYTES - 1);
  123. blocks = no_of_random_bytes >> TRNG_SEC_STRENGTH_SHIFT;
  124. xtrng_readwrite32(rng->rng_base + TRNG_CTRL_OFFSET, TRNG_CTRL_PRNGSTART_MASK,
  125. TRNG_CTRL_PRNGSTART_MASK);
  126. if (blocks) {
  127. ret = xtrng_readblock32(rng->rng_base, (__be32 *)rand_gen_buf, blocks, wait);
  128. if (!ret)
  129. return 0;
  130. count += ret;
  131. }
  132. if (byteleft) {
  133. ret = xtrng_readblock32(rng->rng_base, (__be32 *)randbuf, 1, wait);
  134. if (!ret)
  135. return count;
  136. memcpy(rand_gen_buf + (blocks * TRNG_SEC_STRENGTH_BYTES), randbuf, byteleft);
  137. count += byteleft;
  138. }
  139. xtrng_readwrite32(rng->rng_base + TRNG_CTRL_OFFSET,
  140. TRNG_CTRL_PRNGMODE_MASK | TRNG_CTRL_PRNGSTART_MASK, 0U);
  141. return count;
  142. }
  143. static void xtrng_write_multiple_registers(void __iomem *base_addr, u32 *values, size_t n)
  144. {
  145. void __iomem *reg_addr;
  146. size_t i;
  147. /* Write seed value into EXTERNAL_SEED Registers in big endian format */
  148. for (i = 0; i < n; i++) {
  149. reg_addr = (base_addr + ((n - 1 - i) * TRNG_BYTES_PER_REG));
  150. iowrite32((u32 __force)(cpu_to_be32(values[i])), reg_addr);
  151. }
  152. }
  153. static void xtrng_enable_entropy(struct xilinx_rng *rng)
  154. {
  155. iowrite32(TRNG_OSC_EN_VAL_MASK, rng->rng_base + TRNG_OSC_EN_OFFSET);
  156. xtrng_softreset(rng);
  157. iowrite32(TRNG_CTRL_EUMODE_MASK | TRNG_CTRL_TRSSEN_MASK, rng->rng_base + TRNG_CTRL_OFFSET);
  158. }
  159. static int xtrng_reseed_internal(struct xilinx_rng *rng)
  160. {
  161. u8 entropy[TRNG_ENTROPY_SEED_LEN_BYTES];
  162. struct drbg_string data;
  163. LIST_HEAD(seedlist);
  164. u32 val;
  165. int ret;
  166. drbg_string_fill(&data, entropy, TRNG_SEED_LEN_BYTES);
  167. list_add_tail(&data.list, &seedlist);
  168. memset(entropy, 0, sizeof(entropy));
  169. xtrng_enable_entropy(rng);
  170. /* collect random data to use it as entropy (input for DF) */
  171. ret = xtrng_collect_random_data(rng, entropy, TRNG_SEED_LEN_BYTES, true);
  172. if (ret != TRNG_SEED_LEN_BYTES)
  173. return -EINVAL;
  174. ret = crypto_drbg_ctr_df(rng->aeskey, rng->scratchpadbuf,
  175. TRNG_SEED_LEN_BYTES, &seedlist, AES_BLOCK_SIZE,
  176. TRNG_SEED_LEN_BYTES);
  177. if (ret)
  178. return ret;
  179. xtrng_write_multiple_registers(rng->rng_base + TRNG_EXT_SEED_OFFSET,
  180. (u32 *)rng->scratchpadbuf, TRNG_NUM_INIT_REGS);
  181. /* select reseed operation */
  182. iowrite32(TRNG_CTRL_PRNGXS_MASK, rng->rng_base + TRNG_CTRL_OFFSET);
  183. /* Start the reseed operation with above configuration and wait for STATUS.Done bit to be
  184. * set. Monitor STATUS.CERTF bit, if set indicates SP800-90B entropy health test has failed.
  185. */
  186. xtrng_readwrite32(rng->rng_base + TRNG_CTRL_OFFSET, TRNG_CTRL_PRNGSTART_MASK,
  187. TRNG_CTRL_PRNGSTART_MASK);
  188. ret = readl_poll_timeout(rng->rng_base + TRNG_STATUS_OFFSET, val,
  189. (val & TRNG_STATUS_DONE_MASK) == TRNG_STATUS_DONE_MASK,
  190. 1U, 15000U);
  191. if (ret)
  192. return ret;
  193. xtrng_readwrite32(rng->rng_base + TRNG_CTRL_OFFSET, TRNG_CTRL_PRNGSTART_MASK, 0U);
  194. return 0;
  195. }
  196. static int xtrng_random_bytes_generate(struct xilinx_rng *rng, u8 *rand_buf_ptr,
  197. u32 rand_buf_size, int wait)
  198. {
  199. int nbytes;
  200. int ret;
  201. xtrng_readwrite32(rng->rng_base + TRNG_CTRL_OFFSET,
  202. TRNG_CTRL_PRNGMODE_MASK | TRNG_CTRL_PRNGXS_MASK,
  203. TRNG_CTRL_PRNGMODE_MASK | TRNG_CTRL_PRNGXS_MASK);
  204. nbytes = xtrng_collect_random_data(rng, rand_buf_ptr, rand_buf_size, wait);
  205. ret = xtrng_reseed_internal(rng);
  206. if (ret) {
  207. dev_err(rng->dev, "Re-seed fail\n");
  208. return ret;
  209. }
  210. return nbytes;
  211. }
  212. static int xtrng_trng_generate(struct crypto_rng *tfm, const u8 *src, u32 slen,
  213. u8 *dst, u32 dlen)
  214. {
  215. struct xilinx_rng_ctx *ctx = crypto_rng_ctx(tfm);
  216. int ret;
  217. mutex_lock(&ctx->rng->lock);
  218. ret = xtrng_random_bytes_generate(ctx->rng, dst, dlen, true);
  219. mutex_unlock(&ctx->rng->lock);
  220. return ret < 0 ? ret : 0;
  221. }
  222. static int xtrng_trng_seed(struct crypto_rng *tfm, const u8 *seed, unsigned int slen)
  223. {
  224. return 0;
  225. }
  226. static int xtrng_trng_init(struct crypto_tfm *rtfm)
  227. {
  228. struct xilinx_rng_ctx *ctx = crypto_tfm_ctx(rtfm);
  229. ctx->rng = xilinx_rng_dev;
  230. return 0;
  231. }
  232. static struct rng_alg xtrng_trng_alg = {
  233. .generate = xtrng_trng_generate,
  234. .seed = xtrng_trng_seed,
  235. .seedsize = 0,
  236. .base = {
  237. .cra_name = "stdrng",
  238. .cra_driver_name = "xilinx-trng",
  239. .cra_priority = 300,
  240. .cra_ctxsize = sizeof(struct xilinx_rng_ctx),
  241. .cra_module = THIS_MODULE,
  242. .cra_init = xtrng_trng_init,
  243. },
  244. };
  245. static int xtrng_hwrng_trng_read(struct hwrng *hwrng, void *data, size_t max, bool wait)
  246. {
  247. u8 buf[TRNG_SEC_STRENGTH_BYTES];
  248. struct xilinx_rng *rng;
  249. int ret = -EINVAL, i = 0;
  250. rng = container_of(hwrng, struct xilinx_rng, trng);
  251. /* Return in case wait not set and lock not available. */
  252. if (!mutex_trylock(&rng->lock) && !wait)
  253. return 0;
  254. else if (!mutex_is_locked(&rng->lock) && wait)
  255. mutex_lock(&rng->lock);
  256. while (i < max) {
  257. ret = xtrng_random_bytes_generate(rng, buf, TRNG_SEC_STRENGTH_BYTES, wait);
  258. if (ret < 0)
  259. break;
  260. memcpy(data + i, buf, min_t(int, ret, (max - i)));
  261. i += min_t(int, ret, (max - i));
  262. }
  263. mutex_unlock(&rng->lock);
  264. return ret;
  265. }
  266. static int xtrng_hwrng_register(struct hwrng *trng)
  267. {
  268. int ret;
  269. trng->name = "Xilinx Versal Crypto Engine TRNG";
  270. trng->read = xtrng_hwrng_trng_read;
  271. ret = hwrng_register(trng);
  272. if (ret)
  273. pr_err("Fail to register the TRNG\n");
  274. return ret;
  275. }
  276. static void xtrng_hwrng_unregister(struct hwrng *trng)
  277. {
  278. hwrng_unregister(trng);
  279. }
  280. static int xtrng_probe(struct platform_device *pdev)
  281. {
  282. struct xilinx_rng *rng;
  283. size_t sb_size;
  284. int ret;
  285. rng = devm_kzalloc(&pdev->dev, sizeof(*rng), GFP_KERNEL);
  286. if (!rng)
  287. return -ENOMEM;
  288. rng->dev = &pdev->dev;
  289. rng->rng_base = devm_platform_ioremap_resource(pdev, 0);
  290. if (IS_ERR(rng->rng_base)) {
  291. dev_err(&pdev->dev, "Failed to map resource %pe\n", rng->rng_base);
  292. return PTR_ERR(rng->rng_base);
  293. }
  294. rng->aeskey = devm_kzalloc(&pdev->dev, sizeof(*rng->aeskey), GFP_KERNEL);
  295. if (!rng->aeskey)
  296. return -ENOMEM;
  297. sb_size = crypto_drbg_ctr_df_datalen(TRNG_SEED_LEN_BYTES, AES_BLOCK_SIZE);
  298. rng->scratchpadbuf = devm_kzalloc(&pdev->dev, sb_size, GFP_KERNEL);
  299. if (!rng->scratchpadbuf) {
  300. ret = -ENOMEM;
  301. goto end;
  302. }
  303. xtrng_trng_reset(rng->rng_base);
  304. ret = xtrng_reseed_internal(rng);
  305. if (ret) {
  306. dev_err(&pdev->dev, "TRNG Seed fail\n");
  307. goto end;
  308. }
  309. xilinx_rng_dev = rng;
  310. mutex_init(&rng->lock);
  311. ret = crypto_register_rng(&xtrng_trng_alg);
  312. if (ret) {
  313. dev_err(&pdev->dev, "Crypto Random device registration failed: %d\n", ret);
  314. goto end;
  315. }
  316. ret = xtrng_hwrng_register(&rng->trng);
  317. if (ret) {
  318. dev_err(&pdev->dev, "HWRNG device registration failed: %d\n", ret);
  319. goto crypto_rng_free;
  320. }
  321. platform_set_drvdata(pdev, rng);
  322. return 0;
  323. crypto_rng_free:
  324. crypto_unregister_rng(&xtrng_trng_alg);
  325. end:
  326. return ret;
  327. }
  328. static void xtrng_remove(struct platform_device *pdev)
  329. {
  330. struct xilinx_rng *rng;
  331. u32 zero[TRNG_NUM_INIT_REGS] = { };
  332. rng = platform_get_drvdata(pdev);
  333. xtrng_hwrng_unregister(&rng->trng);
  334. crypto_unregister_rng(&xtrng_trng_alg);
  335. xtrng_write_multiple_registers(rng->rng_base + TRNG_EXT_SEED_OFFSET, zero,
  336. TRNG_NUM_INIT_REGS);
  337. xtrng_write_multiple_registers(rng->rng_base + TRNG_PER_STRNG_OFFSET, zero,
  338. TRNG_NUM_INIT_REGS);
  339. xtrng_hold_reset(rng->rng_base);
  340. xilinx_rng_dev = NULL;
  341. }
  342. static const struct of_device_id xtrng_of_match[] = {
  343. { .compatible = "xlnx,versal-trng", },
  344. {},
  345. };
  346. MODULE_DEVICE_TABLE(of, xtrng_of_match);
  347. static struct platform_driver xtrng_driver = {
  348. .driver = {
  349. .name = "xlnx,versal-trng",
  350. .of_match_table = xtrng_of_match,
  351. },
  352. .probe = xtrng_probe,
  353. .remove = xtrng_remove,
  354. };
  355. module_platform_driver(xtrng_driver);
  356. MODULE_LICENSE("GPL");
  357. MODULE_AUTHOR("Harsh Jain <h.jain@amd.com>");
  358. MODULE_AUTHOR("Mounika Botcha <mounika.botcha@amd.com>");
  359. MODULE_DESCRIPTION("True Random Number Generator Driver");