[PATCH v5] rng: Add Turris Mox rTWM RNG driver
A RNG driver for Armada 3720 boards running the Turris Mox rWTM firmware
from CZ.NIC in the secure processor.
Signed-off-by: Max Resch
---
Changes in v5:
- check return code turris_rwtm_rng_fill_entropy
- remove empty line
Changes in v4:
- wrongful/missing git rebase
Changes in v3:
- More meaningful variable names in accordance with review
Changes in v2:
- Removed ring buffer implementation
drivers/rng/Kconfig | 8 +++
drivers/rng/Makefile | 1 +
drivers/rng/turris_rwtm_rng.c | 123 ++
3 files changed, 132 insertions(+)
create mode 100644 drivers/rng/turris_rwtm_rng.c
diff --git a/drivers/rng/Kconfig b/drivers/rng/Kconfig
index a89c899568..cd72852a47 100644
--- a/drivers/rng/Kconfig
+++ b/drivers/rng/Kconfig
@@ -105,4 +105,12 @@ config RNG_JH7110
help
Enable True Random Number Generator in StarFive JH7110 SoCs.
+config RNG_TURRIS_RWTM
+ bool "Turris Mox TRNG in Secure Processor"
+ depends on DM_RNG && ARMADA_3700
+ help
+ Use TRNG in Turris Mox Secure Processor Firmware. Can be used
+ on other Armada-3700 devices (like EspressoBin) if Secure
+ Firmware from CZ.NIC is used.
+
endif
diff --git a/drivers/rng/Makefile b/drivers/rng/Makefile
index 7e64c4cdfc..ecae1a3da3 100644
--- a/drivers/rng/Makefile
+++ b/drivers/rng/Makefile
@@ -17,3 +17,4 @@ obj-$(CONFIG_RNG_SMCCC_TRNG) += smccc_trng.o
obj-$(CONFIG_RNG_ARM_RNDR) += arm_rndr.o
obj-$(CONFIG_TPM_RNG) += tpm_rng.o
obj-$(CONFIG_RNG_JH7110) += jh7110_rng.o
+obj-$(CONFIG_RNG_TURRIS_RWTM) += turris_rwtm_rng.o
diff --git a/drivers/rng/turris_rwtm_rng.c b/drivers/rng/turris_rwtm_rng.c
new file mode 100644
index 00..ca808c4579
--- /dev/null
+++ b/drivers/rng/turris_rwtm_rng.c
@@ -0,0 +1,123 @@
+// SPDX-License-Identifier: GPL-2.0-or-later OR BSD-3-Clause
+/*
+ * Copyright (c) 2024, Max Resch
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+
+/* size of entropy buffer */
+#define RNG_BUFFER_SIZE128U
+
+struct turris_rwtm_rng_priv {
+ phys_addr_t buffer;
+};
+
+static int turris_rwtm_rng_fill_entropy(phys_addr_t entropy, size_t size)
+{
+ u32 args[3] = { 1, (u32)entropy, size };
+ int ret;
+
+ /* flush data cache */
+ flush_dcache_range(entropy, entropy + size);
+
+ /*
+* get entropy
+* args[0] = 1 copies BYTES array in args[1] of length args[2]
+*/
+ ret = mbox_do_cmd(MBOX_CMD_GET_RANDOM, args, 3, NULL, 0);
+ if (ret < 0)
+ return ret;
+
+ /* invalidate data cache */
+ invalidate_dcache_range(entropy, entropy + size);
+
+ return 0;
+}
+
+static int turris_rwtm_rng_random_read(struct udevice *dev, void *data, size_t
count)
+{
+ struct turris_rwtm_rng_priv *priv = dev_get_priv(dev);
+ phys_addr_t phys;
+ size_t size;
+ int ret;
+
+ phys = priv->buffer;
+
+ while (count) {
+ size = min_t(size_t, RNG_BUFFER_SIZE, count);
+
+ ret = turris_rwtm_rng_fill_entropy(phys, size);
+ if (ret < 0)
+ return ret;
+
+ memcpy(data, (void *)phys, size);
+ count -= size;
+ data = (u8 *)data + size;
+ }
+
+ return 0;
+}
+
+static int turris_rwtm_rng_probe(struct udevice *dev)
+{
+ struct turris_rwtm_rng_priv *priv = dev_get_priv(dev);
+ u32 args[] = { 0 };
+ int ret;
+
+ /*
+* check if the random command is supported
+* args[0] = 0 would copy 16 DWORDS entropy to out but we ignore them
+*/
+ ret = mbox_do_cmd(MBOX_CMD_GET_RANDOM, args, ARRAY_SIZE(args), NULL, 0);
+ if (ret < 0)
+ return ret;
+
+ /* entropy buffer */
+ priv->buffer = 0;
+
+ /* buffer address need to be aligned */
+ dma_alloc_coherent(RNG_BUFFER_SIZE, (unsigned long *)>buffer);
+ if (!priv->buffer)
+ return -ENOMEM;
+
+ return 0;
+}
+
+static int turris_rwtm_rng_remove(struct udevice *dev)
+{
+ struct turris_rwtm_rng_priv *priv = dev_get_priv(dev);
+ phys_addr_t phys = priv->buffer;
+
+ dma_free_coherent((void *)phys);
+
+ return 0;
+}
+
+static const struct dm_rng_ops turris_rwtm_rng_ops = {
+ .read = turris_rwtm_rng_random_read,
+};
+
+/*
+ * only Turris MOX firmware has the RNG but allow all probable devices to be
+ * probed the default firmware will just reject the probe
+ */
+static const struct udevice_id turris_rwtm_rng_match[] = {
+ { .compatible = "cznic,turris-mox-rwtm" },
+ { .compatible = "marvell,armada-3700-rwtm-firmware" },
+ {},
+};
+
+U_BOOT_DRIVER(turris_rwtm_rng) = {
+ .name = "turris-rwtm-rng",
+ .id = UCLASS_RNG,
+ .of_match = turris_rwtm_rng_match,
+ .ops= _rwtm_rng_ops,
+ .probe = turris_rwtm
[PATCH v4] rng: Add Turris Mox rTWM RNG driver
A RNG driver for Armada 3720 boards running the Turris Mox rWTM firmware
from CZ.NIC in the secure processor.
Signed-off-by: Max Resch
---
Changes in v4:
- wrongful/missing git rebase
Changes in v3:
- More meaningful variable names in accordance with review
Changes in v2:
- Removed ring buffer implementation
drivers/rng/Kconfig | 8 +++
drivers/rng/Makefile | 1 +
drivers/rng/turris_rwtm_rng.c | 122 ++
3 files changed, 131 insertions(+)
create mode 100644 drivers/rng/turris_rwtm_rng.c
diff --git a/drivers/rng/Kconfig b/drivers/rng/Kconfig
index a89c899568..cd72852a47 100644
--- a/drivers/rng/Kconfig
+++ b/drivers/rng/Kconfig
@@ -105,4 +105,12 @@ config RNG_JH7110
help
Enable True Random Number Generator in StarFive JH7110 SoCs.
+config RNG_TURRIS_RWTM
+ bool "Turris Mox TRNG in Secure Processor"
+ depends on DM_RNG && ARMADA_3700
+ help
+ Use TRNG in Turris Mox Secure Processor Firmware. Can be used
+ on other Armada-3700 devices (like EspressoBin) if Secure
+ Firmware from CZ.NIC is used.
+
endif
diff --git a/drivers/rng/Makefile b/drivers/rng/Makefile
index 7e64c4cdfc..ecae1a3da3 100644
--- a/drivers/rng/Makefile
+++ b/drivers/rng/Makefile
@@ -17,3 +17,4 @@ obj-$(CONFIG_RNG_SMCCC_TRNG) += smccc_trng.o
obj-$(CONFIG_RNG_ARM_RNDR) += arm_rndr.o
obj-$(CONFIG_TPM_RNG) += tpm_rng.o
obj-$(CONFIG_RNG_JH7110) += jh7110_rng.o
+obj-$(CONFIG_RNG_TURRIS_RWTM) += turris_rwtm_rng.o
diff --git a/drivers/rng/turris_rwtm_rng.c b/drivers/rng/turris_rwtm_rng.c
new file mode 100644
index 00..ec2cb0bca3
--- /dev/null
+++ b/drivers/rng/turris_rwtm_rng.c
@@ -0,0 +1,122 @@
+// SPDX-License-Identifier: GPL-2.0-or-later OR BSD-3-Clause
+/*
+ * Copyright (c) 2024, Max Resch
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+
+/* size of entropy buffer */
+#define RNG_BUFFER_SIZE128U
+
+struct turris_rwtm_rng_priv {
+ phys_addr_t buffer;
+};
+
+static int turris_rwtm_rng_fill_entropy(phys_addr_t entropy, size_t size)
+{
+ u32 args[3] = { 1, (u32)entropy, size };
+ int ret;
+
+ /* flush data cache */
+ flush_dcache_range(entropy, entropy + size);
+
+ /*
+* get entropy
+* args[0] = 1 copies BYTES array in args[1] of length args[2]
+*/
+ ret = mbox_do_cmd(MBOX_CMD_GET_RANDOM, args, 3, NULL, 0);
+ if (ret < 0)
+ return ret;
+
+ /* invalidate data cache */
+ invalidate_dcache_range(entropy, entropy + size);
+
+ return 0;
+}
+
+static int turris_rwtm_rng_random_read(struct udevice *dev, void *data, size_t
count)
+{
+ struct turris_rwtm_rng_priv *priv = dev_get_priv(dev);
+ phys_addr_t phys;
+ size_t size;
+ int ret;
+
+ phys = priv->buffer;
+
+ while (count) {
+ size = min_t(size_t, RNG_BUFFER_SIZE, count);
+
+ ret = turris_rwtm_rng_fill_entropy(phys, size);
+
+ memcpy(data, (void *)phys, size);
+ count -= size;
+ data = (u8 *)data + size;
+ }
+
+ return 0;
+}
+
+static int turris_rwtm_rng_probe(struct udevice *dev)
+{
+ struct turris_rwtm_rng_priv *priv = dev_get_priv(dev);
+ u32 args[] = { 0 };
+ int ret;
+
+ /*
+* check if the random command is supported
+* args[0] = 0 would copy 16 DWORDS entropy to out but we ignore them
+*/
+ ret = mbox_do_cmd(MBOX_CMD_GET_RANDOM, args, ARRAY_SIZE(args), NULL, 0);
+
+ if (ret < 0)
+ return ret;
+
+ /* entropy buffer */
+ priv->buffer = 0;
+
+ /* buffer address need to be aligned */
+ dma_alloc_coherent(RNG_BUFFER_SIZE, (unsigned long *)>buffer);
+ if (!priv->buffer)
+ return -ENOMEM;
+
+ return 0;
+}
+
+static int turris_rwtm_rng_remove(struct udevice *dev)
+{
+ struct turris_rwtm_rng_priv *priv = dev_get_priv(dev);
+ phys_addr_t phys = priv->buffer;
+
+ dma_free_coherent((void *)phys);
+
+ return 0;
+}
+
+static const struct dm_rng_ops turris_rwtm_rng_ops = {
+ .read = turris_rwtm_rng_random_read,
+};
+
+/*
+ * only Turris MOX firmware has the RNG but allow all probable devices to be
+ * probed the default firmware will just reject the probe
+ */
+static const struct udevice_id turris_rwtm_rng_match[] = {
+ { .compatible = "cznic,turris-mox-rwtm" },
+ { .compatible = "marvell,armada-3700-rwtm-firmware" },
+ {},
+};
+
+U_BOOT_DRIVER(turris_rwtm_rng) = {
+ .name = "turris-rwtm-rng",
+ .id = UCLASS_RNG,
+ .of_match = turris_rwtm_rng_match,
+ .ops= _rwtm_rng_ops,
+ .probe = turris_rwtm_rng_probe,
+ .remove = turris_rwtm_rng_remove,
+ .priv_auto = sizeof(struct turris_rwtm_rng_priv),
+};
--
2.43.0
[PATCH v3] rng: Add Turris Mox rTWM RNG driver
A RNG driver for Armada 3720 boards running the Turris Mox rWTM firmware
from CZ.NIC in the secure processor.
Signed-off-by: Max Resch
---
Changes in v3:
- More meaningful variable names in accordance with review
Changes in v2:
- Removed ring buffer implementation
drivers/rng/turris_rwtm_rng.c | 18 +-
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/drivers/rng/turris_rwtm_rng.c b/drivers/rng/turris_rwtm_rng.c
index 143fe0b47f..ec2cb0bca3 100644
--- a/drivers/rng/turris_rwtm_rng.c
+++ b/drivers/rng/turris_rwtm_rng.c
@@ -41,18 +41,19 @@ static int turris_rwtm_rng_fill_entropy(phys_addr_t
entropy, size_t size)
static int turris_rwtm_rng_random_read(struct udevice *dev, void *data, size_t
count)
{
- phys_addr_t p;
+ struct turris_rwtm_rng_priv *priv = dev_get_priv(dev);
+ phys_addr_t phys;
size_t size;
int ret;
- p = ((struct turris_rwtm_rng_priv *)dev_get_priv(dev))->buffer;
+ phys = priv->buffer;
while (count) {
size = min_t(size_t, RNG_BUFFER_SIZE, count);
- ret = turris_rwtm_rng_fill_entropy(p, size);
+ ret = turris_rwtm_rng_fill_entropy(phys, size);
- memcpy(data, (void *)p, size);
+ memcpy(data, (void *)phys, size);
count -= size;
data = (u8 *)data + size;
}
@@ -62,7 +63,7 @@ static int turris_rwtm_rng_random_read(struct udevice *dev,
void *data, size_t c
static int turris_rwtm_rng_probe(struct udevice *dev)
{
- struct turris_rwtm_rng_priv *priv;
+ struct turris_rwtm_rng_priv *priv = dev_get_priv(dev);
u32 args[] = { 0 };
int ret;
@@ -76,7 +77,6 @@ static int turris_rwtm_rng_probe(struct udevice *dev)
return ret;
/* entropy buffer */
- priv = (struct turris_rwtm_rng_priv *)dev_get_priv(dev);
priv->buffer = 0;
/* buffer address need to be aligned */
@@ -89,10 +89,10 @@ static int turris_rwtm_rng_probe(struct udevice *dev)
static int turris_rwtm_rng_remove(struct udevice *dev)
{
- phys_addr_t p;
+ struct turris_rwtm_rng_priv *priv = dev_get_priv(dev);
+ phys_addr_t phys = priv->buffer;
- p = ((struct turris_rwtm_rng_priv *)dev_get_priv(dev))->buffer;
- dma_free_coherent((void *)p);
+ dma_free_coherent((void *)phys);
return 0;
}
--
2.43.0
Re: [PATCH v2] rng: Add Turris Mox rWTM RNG driver
Hi there Marek,
Am 05/02/2024 um 12.40 schrieb Marek BehĂșn:
Hello Max,
Out of curiousity, what is your use case for having these random
numbers on this platform in U-Boot?
I use 2 EspressoBin (Armada 3720) as routers, both of them use the
TurrisMox firmware. RNG enables the EFI RNG protocol which inturn allows
systemd-boot to populate the Linux RNG EFI seed config table which
enables ealy initialization of the kernel prng.
The kernel also then allows the use of KASLR. When the kernel is booted
up a module is available to interface with the Firmware to use the RNG
directly.
Also, I'm not sure if this should be part of the patch, this could be
enabled on some default configurations for the Armada 3700.
-- Max
Below are a few more things to change and then you I'll give my
Reviewed-by tag.
On Sun, 21 Jan 2024 21:17:16 +0100
Max Resch wrote:
A RNG driver for Armada 3720 boards running the Turris Mox rWTM firmware
from CZ.NIC in the secure processor.
Signed-off-by: Max Resch
---
Changes in v2:
- Removed ring buffer implementation
drivers/rng/Kconfig | 8 +++
drivers/rng/Makefile | 1 +
drivers/rng/turris_rwtm_rng.c | 122 ++
3 files changed, 131 insertions(+)
create mode 100644 drivers/rng/turris_rwtm_rng.c
diff --git a/drivers/rng/Kconfig b/drivers/rng/Kconfig
index a89c899568..cd72852a47 100644
--- a/drivers/rng/Kconfig
+++ b/drivers/rng/Kconfig
@@ -105,4 +105,12 @@ config RNG_JH7110
help
Enable True Random Number Generator in StarFive JH7110 SoCs.
+config RNG_TURRIS_RWTM
+ bool "Turris Mox TRNG in Secure Processor"
+ depends on DM_RNG && ARMADA_3700
+ help
+ Use TRNG in Turris Mox Secure Processor Firmware. Can be used
+ on other Armada-3700 devices (like EspressoBin) if Secure
+ Firmware from CZ.NIC is used.
+
endif
diff --git a/drivers/rng/Makefile b/drivers/rng/Makefile
index 7e64c4cdfc..ecae1a3da3 100644
--- a/drivers/rng/Makefile
+++ b/drivers/rng/Makefile
@@ -17,3 +17,4 @@ obj-$(CONFIG_RNG_SMCCC_TRNG) += smccc_trng.o
obj-$(CONFIG_RNG_ARM_RNDR) += arm_rndr.o
obj-$(CONFIG_TPM_RNG) += tpm_rng.o
obj-$(CONFIG_RNG_JH7110) += jh7110_rng.o
+obj-$(CONFIG_RNG_TURRIS_RWTM) += turris_rwtm_rng.o
diff --git a/drivers/rng/turris_rwtm_rng.c b/drivers/rng/turris_rwtm_rng.c
new file mode 100644
index 00..143fe0b47f
--- /dev/null
+++ b/drivers/rng/turris_rwtm_rng.c
@@ -0,0 +1,122 @@
+// SPDX-License-Identifier: GPL-2.0-or-later OR BSD-3-Clause
+/*
+ * Copyright (c) 2024, Max Resch
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+
+/* size of entropy buffer */
+#define RNG_BUFFER_SIZE128U
+
+struct turris_rwtm_rng_priv {
+ phys_addr_t buffer;
+};
+
+static int turris_rwtm_rng_fill_entropy(phys_addr_t entropy, size_t size)
+{
+ u32 args[3] = { 1, (u32)entropy, size };
+ int ret;
+
+ /* flush data cache */
+ flush_dcache_range(entropy, entropy + size);
+
+ /*
+* get entropy
+* args[0] = 1 copies BYTES array in args[1] of length args[2]
+*/
+ ret = mbox_do_cmd(MBOX_CMD_GET_RANDOM, args, 3, NULL, 0);
+ if (ret < 0)
+ return ret;
+
+ /* invalidate data cache */
+ invalidate_dcache_range(entropy, entropy + size);
+
+ return 0;
+}
+
+static int turris_rwtm_rng_random_read(struct udevice *dev, void *data, size_t
count)
+{
+ phys_addr_t p;
+ size_t size;
+ int ret;
+
+ p = ((struct turris_rwtm_rng_priv *)dev_get_priv(dev))->buffer;
Please declare
struct turris_rwtm_rng_priv *priv = dev_get_priv(dev);
phys_addr_t phys;
size_t size;
int ret;
and then do
phys = priv->buffer;
+ while (count) {
+ size = min_t(size_t, RNG_BUFFER_SIZE, count);
+
+ ret = turris_rwtm_rng_fill_entropy(p, size);
+
+ memcpy(data, (void *)p, size);
+ count -= size;
+ data = (u8 *)data + size;
+ }
+
+ return 0;
+}
+
+static int turris_rwtm_rng_probe(struct udevice *dev)
+{
+ struct turris_rwtm_rng_priv *priv;
= dev_get_priv(dev);
+ u32 args[] = { 0 };
+ int ret;
+
+ /*
+* check if the random command is supported
+* args[0] = 0 would copy 16 DWORDS entropy to out but we ignore them
+*/
+ ret = mbox_do_cmd(MBOX_CMD_GET_RANDOM, args, ARRAY_SIZE(args), NULL, 0);
+
+ if (ret < 0)
+ return ret;
+
+ /* entropy buffer */
+ priv = (struct turris_rwtm_rng_priv *)dev_get_priv(dev);
no need here, do it at the beginning
+ priv->buffer = 0;
+
+ /* buffer address need to be aligned */
+ dma_alloc_coherent(RNG_BUFFER_SIZE, (unsigned long *)>buffer);
+ if (!priv->buffer)
+ return -ENOMEM;
+
+ return 0;
+}
+
+static int turris_rwtm_rng_remove(struct udevice
[PATCH v2] rng: Add Turris Mox rWTM RNG driver
A RNG driver for Armada 3720 boards running the Turris Mox rWTM firmware
from CZ.NIC in the secure processor.
Signed-off-by: Max Resch
---
Changes in v2:
- Removed ring buffer implementation
drivers/rng/Kconfig | 8 +++
drivers/rng/Makefile | 1 +
drivers/rng/turris_rwtm_rng.c | 122 ++
3 files changed, 131 insertions(+)
create mode 100644 drivers/rng/turris_rwtm_rng.c
diff --git a/drivers/rng/Kconfig b/drivers/rng/Kconfig
index a89c899568..cd72852a47 100644
--- a/drivers/rng/Kconfig
+++ b/drivers/rng/Kconfig
@@ -105,4 +105,12 @@ config RNG_JH7110
help
Enable True Random Number Generator in StarFive JH7110 SoCs.
+config RNG_TURRIS_RWTM
+ bool "Turris Mox TRNG in Secure Processor"
+ depends on DM_RNG && ARMADA_3700
+ help
+ Use TRNG in Turris Mox Secure Processor Firmware. Can be used
+ on other Armada-3700 devices (like EspressoBin) if Secure
+ Firmware from CZ.NIC is used.
+
endif
diff --git a/drivers/rng/Makefile b/drivers/rng/Makefile
index 7e64c4cdfc..ecae1a3da3 100644
--- a/drivers/rng/Makefile
+++ b/drivers/rng/Makefile
@@ -17,3 +17,4 @@ obj-$(CONFIG_RNG_SMCCC_TRNG) += smccc_trng.o
obj-$(CONFIG_RNG_ARM_RNDR) += arm_rndr.o
obj-$(CONFIG_TPM_RNG) += tpm_rng.o
obj-$(CONFIG_RNG_JH7110) += jh7110_rng.o
+obj-$(CONFIG_RNG_TURRIS_RWTM) += turris_rwtm_rng.o
diff --git a/drivers/rng/turris_rwtm_rng.c b/drivers/rng/turris_rwtm_rng.c
new file mode 100644
index 00..143fe0b47f
--- /dev/null
+++ b/drivers/rng/turris_rwtm_rng.c
@@ -0,0 +1,122 @@
+// SPDX-License-Identifier: GPL-2.0-or-later OR BSD-3-Clause
+/*
+ * Copyright (c) 2024, Max Resch
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+
+/* size of entropy buffer */
+#define RNG_BUFFER_SIZE128U
+
+struct turris_rwtm_rng_priv {
+ phys_addr_t buffer;
+};
+
+static int turris_rwtm_rng_fill_entropy(phys_addr_t entropy, size_t size)
+{
+ u32 args[3] = { 1, (u32)entropy, size };
+ int ret;
+
+ /* flush data cache */
+ flush_dcache_range(entropy, entropy + size);
+
+ /*
+* get entropy
+* args[0] = 1 copies BYTES array in args[1] of length args[2]
+*/
+ ret = mbox_do_cmd(MBOX_CMD_GET_RANDOM, args, 3, NULL, 0);
+ if (ret < 0)
+ return ret;
+
+ /* invalidate data cache */
+ invalidate_dcache_range(entropy, entropy + size);
+
+ return 0;
+}
+
+static int turris_rwtm_rng_random_read(struct udevice *dev, void *data, size_t
count)
+{
+ phys_addr_t p;
+ size_t size;
+ int ret;
+
+ p = ((struct turris_rwtm_rng_priv *)dev_get_priv(dev))->buffer;
+
+ while (count) {
+ size = min_t(size_t, RNG_BUFFER_SIZE, count);
+
+ ret = turris_rwtm_rng_fill_entropy(p, size);
+
+ memcpy(data, (void *)p, size);
+ count -= size;
+ data = (u8 *)data + size;
+ }
+
+ return 0;
+}
+
+static int turris_rwtm_rng_probe(struct udevice *dev)
+{
+ struct turris_rwtm_rng_priv *priv;
+ u32 args[] = { 0 };
+ int ret;
+
+ /*
+* check if the random command is supported
+* args[0] = 0 would copy 16 DWORDS entropy to out but we ignore them
+*/
+ ret = mbox_do_cmd(MBOX_CMD_GET_RANDOM, args, ARRAY_SIZE(args), NULL, 0);
+
+ if (ret < 0)
+ return ret;
+
+ /* entropy buffer */
+ priv = (struct turris_rwtm_rng_priv *)dev_get_priv(dev);
+ priv->buffer = 0;
+
+ /* buffer address need to be aligned */
+ dma_alloc_coherent(RNG_BUFFER_SIZE, (unsigned long *)>buffer);
+ if (!priv->buffer)
+ return -ENOMEM;
+
+ return 0;
+}
+
+static int turris_rwtm_rng_remove(struct udevice *dev)
+{
+ phys_addr_t p;
+
+ p = ((struct turris_rwtm_rng_priv *)dev_get_priv(dev))->buffer;
+ dma_free_coherent((void *)p);
+
+ return 0;
+}
+
+static const struct dm_rng_ops turris_rwtm_rng_ops = {
+ .read = turris_rwtm_rng_random_read,
+};
+
+/*
+ * only Turris MOX firmware has the RNG but allow all probable devices to be
+ * probed the default firmware will just reject the probe
+ */
+static const struct udevice_id turris_rwtm_rng_match[] = {
+ { .compatible = "cznic,turris-mox-rwtm" },
+ { .compatible = "marvell,armada-3700-rwtm-firmware" },
+ {},
+};
+
+U_BOOT_DRIVER(turris_rwtm_rng) = {
+ .name = "turris-rwtm-rng",
+ .id = UCLASS_RNG,
+ .of_match = turris_rwtm_rng_match,
+ .ops= _rwtm_rng_ops,
+ .probe = turris_rwtm_rng_probe,
+ .remove = turris_rwtm_rng_remove,
+ .priv_auto = sizeof(struct turris_rwtm_rng_priv),
+};
--
2.43.0
[PATCH 1/1] add turris-rwtm-rng from CZ.NIC rWTM Firmware
usable on all armada3700 devices with CZ.NIC firmware
compatible with devices with default firmware (does nothing)
based on Linux turris-mox-rwtm module
Signed-off-by: Max Resch
---
drivers/rng/Kconfig | 8 ++
drivers/rng/Makefile | 1 +
drivers/rng/turris_rwtm_rng.c | 143 ++
3 files changed, 152 insertions(+)
create mode 100644 drivers/rng/turris_rwtm_rng.c
diff --git a/drivers/rng/Kconfig b/drivers/rng/Kconfig
index a89c899568..f5984a9ca0 100644
--- a/drivers/rng/Kconfig
+++ b/drivers/rng/Kconfig
@@ -105,4 +105,12 @@ config RNG_JH7110
help
Enable True Random Number Generator in StarFive JH7110 SoCs.
+config RNG_TURRIS_RWTM
+ bool "Turris Mox TRNG in Secure Processor"
+ depends on DM_RNG && ARCH_MVEBU
+ help
+ Use TRNG in Turris Mox Secure Processor Firmware. Can be used
+ on other Armada-3700 devices (like EspressoBin) if Secure
+ Firmware from CZ.NIC is used.
+
endif
diff --git a/drivers/rng/Makefile b/drivers/rng/Makefile
index 7e64c4cdfc..ecae1a3da3 100644
--- a/drivers/rng/Makefile
+++ b/drivers/rng/Makefile
@@ -17,3 +17,4 @@ obj-$(CONFIG_RNG_SMCCC_TRNG) += smccc_trng.o
obj-$(CONFIG_RNG_ARM_RNDR) += arm_rndr.o
obj-$(CONFIG_TPM_RNG) += tpm_rng.o
obj-$(CONFIG_RNG_JH7110) += jh7110_rng.o
+obj-$(CONFIG_RNG_TURRIS_RWTM) += turris_rwtm_rng.o
diff --git a/drivers/rng/turris_rwtm_rng.c b/drivers/rng/turris_rwtm_rng.c
new file mode 100644
index 00..03e4fdfcaf
--- /dev/null
+++ b/drivers/rng/turris_rwtm_rng.c
@@ -0,0 +1,143 @@
+// SPDX-License-Identifier: GPL-2.0-or-later OR BSD-3-Clause
+/*
+ * Copyright (c) 2024, Max Resch
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+
+#define DRIVER_NAME"turris-rwtm-rng"
+
+/* size of enthropy ring buffer */
+#define RNG_BUFFER_SIZE4096U
+
+struct turris_rwtm_rng_priv {
+ phys_addr_t buffer;
+ u16 pos;
+};
+
+static int turris_rwtm_rng_fill_enthropy(phys_addr_t enthropy, size_t size)
+{
+ int ret;
+ u32 args[] = { 1, (u32)enthropy, size };
+
+ /* flush data cache */
+ flush_dcache_range(enthropy, enthropy + size);
+
+ /*
+* get enthropy
+* args[0] = 1 copies BYTES array in args[1] of length args[2]
+*/
+ ret = mbox_do_cmd(MBOX_CMD_GET_RANDOM, args, 3, NULL, 0);
+ if (ret < 0)
+ return ret;
+
+ /* invalidate data cache */
+ invalidate_dcache_range(enthropy, enthropy + size);
+
+ return 0;
+}
+
+static int turris_rwtm_rng_random_read(struct udevice *dev, void *data, size_t
count)
+{
+ int ret;
+ struct turris_rwtm_rng_priv *priv;
+ phys_addr_t p;
+ size_t size, copied;
+
+ priv = (struct turris_rwtm_rng_priv *)dev_get_priv(dev);
+ p = priv->buffer;
+
+ /* copy to ring buffer, optimize RWTM access */
+ size = min_t(size_t, RNG_BUFFER_SIZE - priv->pos, count);
+ copied = 0;
+
+ while (count) {
+ memcpy(((u8 *)data) + copied, (void *)(p + priv->pos), size);
+ count -= size;
+ copied += size;
+ priv->pos += size;
+
+ if (priv->pos == RNG_BUFFER_SIZE) {
+ ret = turris_rwtm_rng_fill_enthropy(p, RNG_BUFFER_SIZE);
+ if (ret < 0)
+ return ret;
+ priv->pos = 0;
+ }
+ }
+
+ return 0;
+}
+
+static int turris_rwtm_rng_probe(struct udevice *dev)
+{
+ int ret;
+ struct turris_rwtm_rng_priv *priv;
+ u32 args[] = { 0 };
+
+ /*
+* check if the random command is supported
+* args[0] = 0 would copy 16 DWORDS to out but we ignore them
+*/
+ ret = mbox_do_cmd(MBOX_CMD_GET_RANDOM, args, 1, NULL, 0);
+
+ if (ret < 0)
+ return ret;
+
+ /* allocate ring buffer */
+ priv = dev_get_priv(dev);
+ priv->buffer = 0;
+
+ /* address need to be aligned */
+ dma_alloc_coherent(RNG_BUFFER_SIZE, (unsigned long *)>buffer);
+ if (!priv->buffer)
+ return -ENOMEM;
+
+ priv->pos = 0;
+ memset((void *)priv->buffer, 0, RNG_BUFFER_SIZE);
+
+ /* fill ring buffer with enthroy */
+ return turris_rwtm_rng_fill_enthropy(priv->buffer, RNG_BUFFER_SIZE);
+}
+
+static int turris_rwtm_rng_remove(struct udevice *dev)
+{
+ struct turris_rwtm_rng_priv *priv;
+
+ priv = dev_get_priv(dev);
+ if (!priv->buffer)
+ return 0;
+
+ dma_free_coherent((void *)priv->buffer);
+ priv->buffer = 0;
+
+ return 0;
+}
+
+static const struct dm_rng_ops turris_rwtm_rng_ops = {
+ .read = turris_rwtm_rng_random_read,
+};
+
+/*
+ * only Turris MOX firmware has the RNG but allow all probable devices to be
+ * probed the default firmware wil
[PATCH 0/1] This patch adds support for the entropy generator present in
the Armada3700 Secure Processor. This rng is onlt accessible to the rWTM firmware. Currently the CZ.NIC Turris Mox firmware exposes this. For the Linux kernel a driver called turris-mox-rwtm exists that makes use of this feature. This RNG driver for U-Boot tries to do the same. For efficiency I chose to cache 4k of enthropy in a ringbuffer. Max Resch (1): add turris-rwtm-rng from CZ.NIC rWTM Firmware drivers/rng/Kconfig | 8 ++ drivers/rng/Makefile | 1 + drivers/rng/turris_rwtm_rng.c | 143 ++ 3 files changed, 152 insertions(+) create mode 100644 drivers/rng/turris_rwtm_rng.c -- 2.43.0
