Module Name: src
Committed By: riastradh
Date: Tue Mar 21 22:07:29 UTC 2023
Modified Files:
src/sys/arch/mips/cavium/dev: octeon_rnm.c
Log Message:
octrnm(4): Raise delay on startup.
According to CN50XX-HRM-V0.99E and CN78XX-HM-0.99E:
The entropy is provided by the jitter of 125 of 128 free-running
oscillators XORed into a 128-bit LFSR. The LFSR accumulates entropy
over 81 cycles, after which it is fed into a SHA-1 engine.
[...]
The SHA-1 engine runs once every 81 cycles.
[...]
The hardware produces new 64-bit random number every 81 cycles.
The last sentence means that we only need to wait 81 cycles _between_
consecutive SHA-1 outputs (which isn't relevant anyway because we
reconfigure it into raw mode later), but the first two quotes might
mean that we need to wait 81+81 cycles for the _first_ output to be
produced on boot when running the self-test.
Now, in this case, the self-test is run with the LFSR unhooked, by
clearing the RNM_CTL_STATUS[ENT_EN] bit, so that SHA-1 is computed
from a known input -- this is really just paranoia to make sure that
_some_ functions of the device (which is conjured out of thin air at
a fixed virtual address, with no firmware bindings to guide us)
behave as we expect.
And it's not clear if it really does take 81+81 cycles for the first
SHA-1 output to appear when the LFSR isn't feeding into it anyway.
But experimentally, delay of 81+81 cycles seems to work whereas a
delay of only 81 cycles crashes.
PR kern/57280
XXX pullup-10
XXX pullup-9
To generate a diff of this commit:
cvs rdiff -u -r1.15 -r1.16 src/sys/arch/mips/cavium/dev/octeon_rnm.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/mips/cavium/dev/octeon_rnm.c
diff -u src/sys/arch/mips/cavium/dev/octeon_rnm.c:1.15 src/sys/arch/mips/cavium/dev/octeon_rnm.c:1.16
--- src/sys/arch/mips/cavium/dev/octeon_rnm.c:1.15 Sat Mar 19 11:55:03 2022
+++ src/sys/arch/mips/cavium/dev/octeon_rnm.c Tue Mar 21 22:07:29 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: octeon_rnm.c,v 1.15 2022/03/19 11:55:03 riastradh Exp $ */
+/* $NetBSD: octeon_rnm.c,v 1.16 2023/03/21 22:07:29 riastradh Exp $ */
/*
* Copyright (c) 2007 Internet Initiative Japan, Inc.
@@ -99,7 +99,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: octeon_rnm.c,v 1.15 2022/03/19 11:55:03 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: octeon_rnm.c,v 1.16 2023/03/21 22:07:29 riastradh Exp $");
#include <sys/param.h>
#include <sys/device.h>
@@ -119,7 +119,8 @@ __KERNEL_RCSID(0, "$NetBSD: octeon_rnm.c
//#define OCTRNM_DEBUG
#define ENT_DELAY_CLOCK 8 /* cycles for each 64-bit RO sample batch */
-#define RNG_DELAY_CLOCK 81 /* cycles for each SHA-1 output */
+#define LFSR_DELAY_CLOCK 81 /* cycles to fill LFSR buffer */
+#define SHA1_DELAY_CLOCK 81 /* cycles to compute SHA-1 output */
#define NROGROUPS 16
#define RNG_FIFO_WORDS (512/sizeof(uint64_t))
@@ -193,7 +194,7 @@ octrnm_attach(device_t parent, device_t
*/
octrnm_reset(sc);
octrnm_conditioned_deterministic(sc);
- octrnm_delay(RNG_DELAY_CLOCK*1);
+ octrnm_delay(LFSR_DELAY_CLOCK + SHA1_DELAY_CLOCK);
sample = octrnm_load(sc);
if (sample != expected)
aprint_error_dev(self, "self-test: read %016"PRIx64","
