1 /*
2 * Copyright (c) 2023 Renesas Electronics Corporation
3 *
4 * SPDX-License-Identifier: Apache-2.0
5 */
6
7 #include <zephyr/drivers/entropy.h>
8 #include <zephyr/kernel.h>
9 #include <soc.h>
10 #include <zephyr/irq.h>
11 #include <zephyr/sys/barrier.h>
12 #include <DA1469xAB.h>
13 #include <zephyr/pm/device.h>
14 #include <zephyr/pm/policy.h>
15 #include <zephyr/sys/util.h>
16
17 #include <zephyr/logging/log.h>
18 LOG_MODULE_REGISTER(smartbond_entropy, CONFIG_ENTROPY_LOG_LEVEL);
19
20 #define DT_DRV_COMPAT renesas_smartbond_trng
21
22 #define IRQN DT_INST_IRQN(0)
23 #define IRQ_PRIO DT_INST_IRQ(0, priority)
24
25 struct rng_pool {
26 uint8_t first_alloc;
27 uint8_t first_read;
28 uint8_t last;
29 uint8_t mask;
30 uint8_t threshold;
31 FLEXIBLE_ARRAY_DECLARE(uint8_t, buffer);
32 };
33
34 #define RNG_POOL_DEFINE(name, len) uint8_t name[sizeof(struct rng_pool) + (len)]
35
36 BUILD_ASSERT((CONFIG_ENTROPY_SMARTBOND_ISR_POOL_SIZE &
37 (CONFIG_ENTROPY_SMARTBOND_ISR_POOL_SIZE - 1)) == 0,
38 "The CONFIG_ENTROPY_SMARTBOND_ISR_POOL_SIZE must be a power of 2!");
39
40 BUILD_ASSERT((CONFIG_ENTROPY_SMARTBOND_THR_POOL_SIZE &
41 (CONFIG_ENTROPY_SMARTBOND_THR_POOL_SIZE - 1)) == 0,
42 "The CONFIG_ENTROPY_SMARTBOND_THR_POOL_SIZE must be a power of 2!");
43
44 struct entropy_smartbond_dev_data {
45 struct k_sem sem_lock;
46 struct k_sem sem_sync;
47
48 RNG_POOL_DEFINE(isr, CONFIG_ENTROPY_SMARTBOND_ISR_POOL_SIZE);
49 RNG_POOL_DEFINE(thr, CONFIG_ENTROPY_SMARTBOND_THR_POOL_SIZE);
50 };
51
52 static struct entropy_smartbond_dev_data entropy_smartbond_data;
53
54 /* TRNG FIFO definitions are not in DA1469x.h */
55 #define DA1469X_TRNG_FIFO_SIZE (32 * sizeof(uint32_t))
56 #define DA1469X_TRNG_FIFO_ADDR (0x30050000UL)
57
58 #define FIFO_COUNT_MASK \
59 (TRNG_TRNG_FIFOLVL_REG_TRNG_FIFOFULL_Msk | TRNG_TRNG_FIFOLVL_REG_TRNG_FIFOLVL_Msk)
60
entropy_smartbond_pm_policy_state_lock_get(void)61 static inline void entropy_smartbond_pm_policy_state_lock_get(void)
62 {
63 #if defined(CONFIG_PM_DEVICE)
64 /*
65 * Prevent the SoC from etering the normal sleep state as PDC does not support
66 * waking up the application core following TRNG events.
67 */
68 pm_policy_state_lock_get(PM_STATE_STANDBY, PM_ALL_SUBSTATES);
69 #endif
70 }
71
entropy_smartbond_pm_policy_state_lock_put(void)72 static inline void entropy_smartbond_pm_policy_state_lock_put(void)
73 {
74 #if defined(CONFIG_PM_DEVICE)
75 /* Allow the SoC to enter the nornmal sleep state once TRNG is inactive */
76 pm_policy_state_lock_put(PM_STATE_STANDBY, PM_ALL_SUBSTATES);
77 #endif
78 }
79
trng_enable(bool enable)80 static void trng_enable(bool enable)
81 {
82 unsigned int key;
83
84 key = irq_lock();
85 if (enable) {
86 CRG_TOP->CLK_AMBA_REG |= CRG_TOP_CLK_AMBA_REG_TRNG_CLK_ENABLE_Msk;
87 TRNG->TRNG_CTRL_REG = TRNG_TRNG_CTRL_REG_TRNG_ENABLE_Msk;
88
89 /*
90 * Sleep is not allowed as long as the ISR and thread SW FIFOs
91 * are being filled with random numbers.
92 */
93 entropy_smartbond_pm_policy_state_lock_get();
94 } else {
95 CRG_TOP->CLK_AMBA_REG &= ~CRG_TOP_CLK_AMBA_REG_TRNG_CLK_ENABLE_Msk;
96 TRNG->TRNG_CTRL_REG = 0;
97 NVIC_ClearPendingIRQ(IRQN);
98
99 entropy_smartbond_pm_policy_state_lock_put();
100 }
101 irq_unlock(key);
102 }
103
trng_available(void)104 static int trng_available(void)
105 {
106 return TRNG->TRNG_FIFOLVL_REG & FIFO_COUNT_MASK;
107 }
108
trng_fifo_read(void)109 static inline uint32_t trng_fifo_read(void)
110 {
111 return *(uint32_t *)DA1469X_TRNG_FIFO_ADDR;
112 }
113
random_word_get(uint8_t buf[4])114 static int random_word_get(uint8_t buf[4])
115 {
116 uint32_t word = 0;
117 int retval = -EAGAIN;
118 unsigned int key;
119
120 key = irq_lock();
121
122 if (trng_available()) {
123 word = trng_fifo_read();
124 retval = 0;
125 }
126
127 irq_unlock(key);
128
129 buf[0] = (uint8_t)word;
130 buf[1] = (uint8_t)(word >> 8);
131 buf[2] = (uint8_t)(word >> 16);
132 buf[3] = (uint8_t)(word >> 24);
133
134 return retval;
135 }
136
rng_pool_get(struct rng_pool * rngp,uint8_t * buf,uint16_t len)137 static uint16_t rng_pool_get(struct rng_pool *rngp, uint8_t *buf, uint16_t len)
138 {
139 uint32_t last = rngp->last;
140 uint32_t mask = rngp->mask;
141 uint8_t *dst = buf;
142 uint32_t first, available;
143 uint32_t other_read_in_progress;
144 unsigned int key;
145
146 key = irq_lock();
147 first = rngp->first_alloc;
148
149 /*
150 * The other_read_in_progress is non-zero if rngp->first_read != first,
151 * which means that lower-priority code (which was interrupted by this
152 * call) already allocated area for read.
153 */
154 other_read_in_progress = (rngp->first_read ^ first);
155
156 available = (last - first) & mask;
157 if (available < len) {
158 len = available;
159 }
160
161 /*
162 * Move alloc index forward to signal, that part of the buffer is
163 * now reserved for this call.
164 */
165 rngp->first_alloc = (first + len) & mask;
166 irq_unlock(key);
167
168 while (likely(len--)) {
169 *dst++ = rngp->buffer[first];
170 first = (first + 1) & mask;
171 }
172
173 /*
174 * If this call is the last one accessing the pool, move read index
175 * to signal that all allocated regions are now read and could be
176 * overwritten.
177 */
178 if (likely(!other_read_in_progress)) {
179 key = irq_lock();
180 rngp->first_read = rngp->first_alloc;
181 irq_unlock(key);
182 }
183
184 len = dst - buf;
185 available = available - len;
186 if (available <= rngp->threshold) {
187 trng_enable(true);
188 }
189
190 return len;
191 }
192
rng_pool_put(struct rng_pool * rngp,uint8_t byte)193 static int rng_pool_put(struct rng_pool *rngp, uint8_t byte)
194 {
195 uint8_t first = rngp->first_read;
196 uint8_t last = rngp->last;
197 uint8_t mask = rngp->mask;
198
199 /* Signal error if the pool is full. */
200 if (((last - first) & mask) == mask) {
201 return -ENOBUFS;
202 }
203
204 rngp->buffer[last] = byte;
205 rngp->last = (last + 1) & mask;
206
207 return 0;
208 }
209
rng_pool_put_bytes(struct rng_pool * rngp,const uint8_t * bytes,const uint8_t * limit)210 static const uint8_t *rng_pool_put_bytes(struct rng_pool *rngp, const uint8_t *bytes,
211 const uint8_t *limit)
212 {
213 unsigned int key;
214
215 key = irq_lock();
216 for (; bytes < limit; ++bytes) {
217 if (rng_pool_put(rngp, *bytes) < 0) {
218 break;
219 }
220 }
221 irq_unlock(key);
222
223 return bytes;
224 }
225
rng_pool_init(struct rng_pool * rngp,uint16_t size,uint8_t threshold)226 static void rng_pool_init(struct rng_pool *rngp, uint16_t size, uint8_t threshold)
227 {
228 rngp->first_alloc = 0U;
229 rngp->first_read = 0U;
230 rngp->last = 0U;
231 rngp->mask = size - 1;
232 rngp->threshold = threshold;
233 }
234
smartbond_trng_isr(const void * arg)235 static void smartbond_trng_isr(const void *arg)
236 {
237 uint8_t word[4];
238 const uint8_t *const limit = word + 4;
239 const uint8_t *ptr;
240 bool thread_signaled = false;
241
242 ARG_UNUSED(arg);
243
244 while (true) {
245 if (random_word_get(word) < 0) {
246 /* Nothing in FIFO -> nothing to do */
247 break;
248 }
249 ptr = word;
250
251 /* Put bytes in ISR FIFO first */
252 ptr = rng_pool_put_bytes((struct rng_pool *)(entropy_smartbond_data.isr), ptr,
253 limit);
254 if (ptr < limit) {
255 /* Put leftovers in thread FIFO */
256 if (!thread_signaled) {
257 thread_signaled = true;
258 k_sem_give(&entropy_smartbond_data.sem_sync);
259 }
260 ptr = rng_pool_put_bytes((struct rng_pool *)(entropy_smartbond_data.thr),
261 ptr, limit);
262 }
263 /* Bytes did not fit in isr nor thread FIFO, disable TRNG for now */
264 if (ptr < limit) {
265 trng_enable(false);
266 break;
267 }
268 }
269 }
270
entropy_smartbond_get_entropy(const struct device * dev,uint8_t * buf,uint16_t len)271 static int entropy_smartbond_get_entropy(const struct device *dev, uint8_t *buf, uint16_t len)
272 {
273 ARG_UNUSED(dev);
274 /* Check if this API is called on correct driver instance. */
275 __ASSERT_NO_MSG(&entropy_smartbond_data == dev->data);
276
277 while (len) {
278 uint16_t bytes;
279
280 k_sem_take(&entropy_smartbond_data.sem_lock, K_FOREVER);
281 bytes = rng_pool_get((struct rng_pool *)(entropy_smartbond_data.thr), buf, len);
282 k_sem_give(&entropy_smartbond_data.sem_lock);
283
284 if (bytes == 0U) {
285 /* Pool is empty: Sleep until next interrupt. */
286 k_sem_take(&entropy_smartbond_data.sem_sync, K_FOREVER);
287 continue;
288 }
289
290 len -= bytes;
291 buf += bytes;
292 }
293
294 return 0;
295 }
296
entropy_smartbond_get_entropy_isr(const struct device * dev,uint8_t * buf,uint16_t len,uint32_t flags)297 static int entropy_smartbond_get_entropy_isr(const struct device *dev, uint8_t *buf, uint16_t len,
298 uint32_t flags)
299 {
300 ARG_UNUSED(dev);
301 uint16_t cnt = len;
302
303 /* Check if this API is called on correct driver instance. */
304 __ASSERT_NO_MSG(&entropy_smartbond_data == dev->data);
305
306 if (likely((flags & ENTROPY_BUSYWAIT) == 0U)) {
307 return rng_pool_get((struct rng_pool *)(entropy_smartbond_data.isr), buf, len);
308 }
309
310 if (len) {
311 unsigned int key;
312 int irq_enabled;
313
314 key = irq_lock();
315 irq_enabled = irq_is_enabled(IRQN);
316 irq_disable(IRQN);
317 irq_unlock(key);
318
319 trng_enable(true);
320
321 /* Clear NVIC pending bit. This ensures that a subsequent
322 * RNG event will set the Cortex-M single-bit event register
323 * to 1 (the bit is set when NVIC pending IRQ status is
324 * changed from 0 to 1)
325 */
326 NVIC_ClearPendingIRQ(IRQN);
327
328 do {
329 uint8_t bytes[4];
330 const uint8_t *ptr = bytes;
331 const uint8_t *const limit = bytes + 4;
332
333 while (!trng_available()) {
334 /*
335 * To guarantee waking up from the event, the
336 * SEV-On-Pend feature must be enabled (enabled
337 * during ARCH initialization).
338 *
339 * DSB is recommended by spec before WFE (to
340 * guarantee completion of memory transactions)
341 */
342 barrier_dsync_fence_full();
343 __WFE();
344 __SEV();
345 __WFE();
346 }
347
348 NVIC_ClearPendingIRQ(IRQN);
349 if (random_word_get(bytes) != 0) {
350 continue;
351 }
352
353 while (ptr < limit && len) {
354 buf[--len] = *ptr++;
355 }
356 /* Store remaining data for later use */
357 if (unlikely(ptr < limit)) {
358 rng_pool_put_bytes((struct rng_pool *)(entropy_smartbond_data.isr),
359 ptr, limit);
360 }
361 } while (len);
362
363 if (irq_enabled) {
364 irq_enable(IRQN);
365 }
366 }
367
368 return cnt;
369 }
370
371 #if defined(CONFIG_PM_DEVICE)
entropy_smartbond_pm_action(const struct device * dev,enum pm_device_action action)372 static int entropy_smartbond_pm_action(const struct device *dev, enum pm_device_action action)
373 {
374 int ret = 0;
375
376 switch (action) {
377 case PM_DEVICE_ACTION_RESUME:
378 /*
379 * No need to turn on TRNG. It should be done when we the space in the FIFOs
380 * are below the defined ISR and thread FIFO's thresholds.
381 *
382 * \sa CONFIG_ENTROPY_SMARTBOND_THR_THRESHOLD
383 * \sa CONFIG_ENTROPY_SMARTBOND_ISR_THRESHOLD
384 *
385 */
386 break;
387 case PM_DEVICE_ACTION_SUSPEND:
388 /* At this point TRNG should be disabled; no need to turn it off. */
389 break;
390 default:
391 ret = -ENOTSUP;
392 }
393
394 return ret;
395 }
396 #endif
397
398 static DEVICE_API(entropy, entropy_smartbond_api_funcs) = {
399 .get_entropy = entropy_smartbond_get_entropy,
400 .get_entropy_isr = entropy_smartbond_get_entropy_isr};
401
entropy_smartbond_init(const struct device * dev)402 static int entropy_smartbond_init(const struct device *dev)
403 {
404 /* Check if this API is called on correct driver instance. */
405 __ASSERT_NO_MSG(&entropy_smartbond_data == dev->data);
406
407 /* Locking semaphore initialized to 1 (unlocked) */
408 k_sem_init(&entropy_smartbond_data.sem_lock, 1, 1);
409
410 /* Syncing semaphore */
411 k_sem_init(&entropy_smartbond_data.sem_sync, 0, 1);
412
413 rng_pool_init((struct rng_pool *)(entropy_smartbond_data.thr),
414 CONFIG_ENTROPY_SMARTBOND_THR_POOL_SIZE,
415 CONFIG_ENTROPY_SMARTBOND_THR_THRESHOLD);
416 rng_pool_init((struct rng_pool *)(entropy_smartbond_data.isr),
417 CONFIG_ENTROPY_SMARTBOND_ISR_POOL_SIZE,
418 CONFIG_ENTROPY_SMARTBOND_ISR_THRESHOLD);
419
420 IRQ_CONNECT(IRQN, IRQ_PRIO, smartbond_trng_isr, &entropy_smartbond_data, 0);
421 irq_enable(IRQN);
422
423 trng_enable(true);
424
425 return 0;
426 }
427
428 PM_DEVICE_DT_INST_DEFINE(0, entropy_smartbond_pm_action);
429
430 DEVICE_DT_INST_DEFINE(0, entropy_smartbond_init, PM_DEVICE_DT_INST_GET(0),
431 &entropy_smartbond_data, NULL, PRE_KERNEL_1,
432 CONFIG_ENTROPY_INIT_PRIORITY, &entropy_smartbond_api_funcs);
433
