1 /*
2 * Copyright 2021 NXP
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8 #include <stdbool.h>
9 #include <stdint.h>
10 #include <stdio.h>
11 #include <stdlib.h>
12
13 #include <arch_helpers.h>
14 #include "caam.h"
15 #include <common/debug.h>
16 #include "jobdesc.h"
17 #include "sec_hw_specific.h"
18
19
20 /* Callback function after Instantiation descriptor is submitted to SEC */
rng_done(uint32_t * desc,uint32_t status,void * arg,void * job_ring)21 static void rng_done(uint32_t *desc, uint32_t status, void *arg,
22 void *job_ring)
23 {
24 INFO("RNG Desc SUCCESS with status %x\n", status);
25 }
26
27 /* Is the HW RNG instantiated?
28 * Return code:
29 * 0 - Not in the instantiated state
30 * 1 - In the instantiated state
31 * state_handle - 0 for SH0, 1 for SH1
32 */
is_hw_rng_instantiated(uint32_t * state_handle)33 static int is_hw_rng_instantiated(uint32_t *state_handle)
34 {
35 int ret_code = 0;
36 uint32_t rdsta;
37
38 rdsta = sec_in32(get_caam_addr() + RNG_REG_RDSTA_OFFSET);
39
40 /*Check if either of the two state handles has been instantiated */
41 if (rdsta & RNG_STATE0_HANDLE_INSTANTIATED) {
42 *state_handle = 0;
43 ret_code = 1;
44 } else if (rdsta & RNG_STATE0_HANDLE_INSTANTIATED) {
45 *state_handle = 1;
46 ret_code = 1;
47 }
48
49 return ret_code;
50 }
51
52 /* @brief Kick the TRNG block of the RNG HW Engine
53 * @param [in] ent_delay Entropy delay to be used
54 * By default, the TRNG runs for 200 clocks per sample;
55 * 1200 clocks per sample generates better entropy.
56 * @retval 0 on success
57 * @retval -1 on error
58 */
kick_trng(int ent_delay)59 static void kick_trng(int ent_delay)
60 {
61 uint32_t val;
62
63 /* put RNG4 into program mode */
64 val = sec_in32(get_caam_addr() + RNG_REG_RTMCTL_OFFSET);
65 val = val | RTMCTL_PRGM;
66 sec_out32(get_caam_addr() + RNG_REG_RTMCTL_OFFSET, val);
67
68 /* rtsdctl bits 0-15 contain "Entropy Delay, which defines the
69 * length (in system clocks) of each Entropy sample taken
70 */
71 val = sec_in32(get_caam_addr() + RNG_REG_RTSDCTL_OFFSET);
72 val = (val & ~RTSDCTL_ENT_DLY_MASK) |
73 (ent_delay << RTSDCTL_ENT_DLY_SHIFT);
74 sec_out32(get_caam_addr() + RNG_REG_RTSDCTL_OFFSET, val);
75 /* min. freq. count, equal to 1/4 of the entropy sample length */
76 sec_out32(get_caam_addr() + RNG_REG_RTFRQMIN_OFFSET, ent_delay >> 2);
77 /* disable maximum frequency count */
78 sec_out32(get_caam_addr() + RNG_REG_RTFRQMAX_OFFSET, RTFRQMAX_DISABLE);
79
80 /* select raw sampling in both entropy shifter
81 * and statistical checker
82 */
83 val = sec_in32(get_caam_addr() + RNG_REG_RTMCTL_OFFSET);
84 val = val | RTMCTL_SAMP_MODE_RAW_ES_SC;
85 sec_out32(get_caam_addr() + RNG_REG_RTMCTL_OFFSET, val);
86
87 /* put RNG4 into run mode */
88 val = sec_in32(get_caam_addr() + RNG_REG_RTMCTL_OFFSET);
89 val = val & ~RTMCTL_PRGM;
90 sec_out32(get_caam_addr() + RNG_REG_RTMCTL_OFFSET, val);
91 }
92
93 /* @brief Submit descriptor to instantiate the RNG
94 * @retval 0 on success
95 * @retval -1 on error
96 */
instantiate_rng(void)97 static int instantiate_rng(void)
98 {
99 int ret = 0;
100 struct job_descriptor desc __aligned(CACHE_WRITEBACK_GRANULE);
101 struct job_descriptor *jobdesc = &desc;
102
103 jobdesc->arg = NULL;
104 jobdesc->callback = rng_done;
105
106 /* create the hw_rng descriptor */
107 cnstr_rng_instantiate_jobdesc(jobdesc->desc);
108
109 /* Finally, generate the requested random data bytes */
110 ret = run_descriptor_jr(jobdesc);
111 if (ret != 0) {
112 ERROR("Error in running descriptor\n");
113 ret = -1;
114 }
115 return ret;
116 }
117
118 /* Generate Random Data using HW RNG
119 * Parameters:
120 * uint8_t* add_input - user specified optional input byte array
121 * uint32_t add_input_len - number of bytes of additional input
122 * uint8_t* out - user specified output byte array
123 * uint32_t out_len - number of bytes to store in output byte array
124 * Return code:
125 * 0 - SUCCESS
126 * -1 - ERROR
127 */
128 static int
hw_rng_generate(uint32_t * add_input,uint32_t add_input_len,uint8_t * out,uint32_t out_len,uint32_t state_handle)129 hw_rng_generate(uint32_t *add_input, uint32_t add_input_len,
130 uint8_t *out, uint32_t out_len, uint32_t state_handle)
131 {
132 int ret = 0;
133 struct job_descriptor desc __aligned(CACHE_WRITEBACK_GRANULE);
134 struct job_descriptor *jobdesc = &desc;
135
136 jobdesc->arg = NULL;
137 jobdesc->callback = rng_done;
138
139 #if defined(SEC_MEM_NON_COHERENT) && defined(IMAGE_BL2)
140 inv_dcache_range((uintptr_t)out, out_len);
141 dmbsy();
142 #endif
143
144 /* create the hw_rng descriptor */
145 ret = cnstr_rng_jobdesc(jobdesc->desc, state_handle,
146 add_input, add_input_len, out, out_len);
147 if (ret != 0) {
148 ERROR("Descriptor construction failed\n");
149 ret = -1;
150 goto out;
151 }
152 /* Finally, generate the requested random data bytes */
153 ret = run_descriptor_jr(jobdesc);
154 if (ret != 0) {
155 ERROR("Error in running descriptor\n");
156 ret = -1;
157 }
158
159 out:
160 return ret;
161 }
162
163 /* this function instantiates the rng
164 *
165 * Return code:
166 * 0 - All is well
167 * <0 - Error occurred somewhere
168 */
hw_rng_instantiate(void)169 int hw_rng_instantiate(void)
170 {
171 int ret = 0;
172 int ent_delay = RTSDCTL_ENT_DLY_MIN;
173 uint32_t state_handle;
174
175 ret = is_hw_rng_instantiated(&state_handle);
176 if (ret != 0) {
177 NOTICE("RNG already instantiated\n");
178 return 0;
179 }
180 do {
181 kick_trng(ent_delay);
182 ent_delay += 400;
183 /*if instantiate_rng(...) fails, the loop will rerun
184 *and the kick_trng(...) function will modify the
185 *upper and lower limits of the entropy sampling
186 *interval, leading to a successful initialization of
187 */
188 ret = instantiate_rng();
189 } while ((ret == -1) && (ent_delay < RTSDCTL_ENT_DLY_MAX));
190 if (ret != 0) {
191 ERROR("RNG: Failed to instantiate RNG\n");
192 return ret;
193 }
194
195 NOTICE("RNG: INSTANTIATED\n");
196
197 /* Enable RDB bit so that RNG works faster */
198 // sec_setbits32(&sec->scfgr, SEC_SCFGR_RDBENABLE);
199
200 return ret;
201 }
202
203 /* Generate random bytes, and stuff them into the bytes buffer
204 *
205 * If the HW RNG has not already been instantiated,
206 * it will be instantiated before data is generated.
207 *
208 * Parameters:
209 * uint8_t* bytes - byte buffer large enough to hold the requested random date
210 * int byte_len - number of random bytes to generate
211 *
212 * Return code:
213 * 0 - All is well
214 * ~0 - Error occurred somewhere
215 */
get_rand_bytes_hw(uint8_t * bytes,int byte_len)216 int get_rand_bytes_hw(uint8_t *bytes, int byte_len)
217 {
218 int ret_code = 0;
219 uint32_t state_handle;
220
221 /* If this is the first time this routine is called,
222 * then the hash_drbg will not already be instantiated.
223 * Therefore, before generating data, instantiate the hash_drbg
224 */
225 ret_code = is_hw_rng_instantiated(&state_handle);
226 if (ret_code == 0) {
227 INFO("Instantiating the HW RNG\n");
228
229 /* Instantiate the hw RNG */
230 ret_code = hw_rng_instantiate();
231 if (ret_code != 0) {
232 ERROR("HW RNG Instantiate failed\n");
233 return ret_code;
234 }
235 }
236 /* If HW RNG is still not instantiated, something must have gone wrong,
237 * it must be in the error state, we will not generate any random data
238 */
239 if (is_hw_rng_instantiated(&state_handle) == 0) {
240 ERROR("HW RNG is in an Error state, and cannot be used\n");
241 return -1;
242 }
243 /* Generate a random 256-bit value, as 32 bytes */
244 ret_code = hw_rng_generate(0, 0, bytes, byte_len, state_handle);
245 if (ret_code != 0) {
246 ERROR("HW RNG Generate failed\n");
247 return ret_code;
248 }
249
250 return ret_code;
251 }
252