From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: None (no SPF record) identity=mailfrom; client-ip=2607:f8b0:4001:c06::22e; helo=mail-io0-x22e.google.com; envelope-from=mw@semihalf.com; receiver=edk2-devel@lists.01.org Received: from mail-io0-x22e.google.com (mail-io0-x22e.google.com [IPv6:2607:f8b0:4001:c06::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D0F9720945BA7 for ; Wed, 11 Oct 2017 21:36:17 -0700 (PDT) Received: by mail-io0-x22e.google.com with SMTP id 97so4146854iok.7 for ; Wed, 11 Oct 2017 21:39:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=semihalf-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=bPq0kSrtYUJHYdthso7ZGuDlL1wI7hprqS5hCS3J4sM=; b=2L3hrTkr1/XniApTr5U0C7Qj92uyLcbGBKRs5rvIQtzw9wmyoyMFYRWgjmefq7AR79 xSUOsy0/Enmr10cjGXy2aodp86lKDdTEjZZ1Tw0NSpYKbVYAWBsm3fXNBWH/wvv5azpv Aud+tO5/mnU2RbvtdIyXoQkEgtnobi53JvxU2nBjgSU5PoHkjjYRGbXb2xriixOLpOdX pD8QnFVs8VCVSOYs/UV+VoD60RxW4fC7oBhUSwbgRbdomo/KinzycyZlrOv+5/wItDA5 KNa7AZqaw40CvYxPvatWxggierHrrVLbST7OwKRXh7pfgmlLI97MH2ZwVnStKE3sxE8S MC+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=bPq0kSrtYUJHYdthso7ZGuDlL1wI7hprqS5hCS3J4sM=; b=H9kSyOQKHHsmD2DqlPnPSPdgVRTfBg+J1KcrLfHdvLpSNKptGsi4PzEdkDMUgAiHwm YzobuQJXsVv9JYNEvvkHrcZDgUqibpuNYx5V819NKZKlab1dE3i1X8WdYvKf29iA43N0 kJ0E1ST0o9TG9kCRzEm2ZWz+pQLaGwJN5v1KCqPCKm4uOPJN8BadNTMel3GpbVnxz/d8 eFcnagLfSGNJwQOBGMJYRGxa/+aXksvcj6vLNUx6DJBZgBj4UvKtuDh9LZqLhEUkAI88 1JFfrvYZQyWcOzMCg21TeHl4hDY16HNQIlpH8/Xyuv1SBW+2scTpT3Be6sgjyiWTjCN9 XNJA== X-Gm-Message-State: AMCzsaWQHLT35gzP/3tVKeLHwmflVneNuL9zCl2cNYuDFNZiHAR78quF QhR7ymQW6HfabUQP5W4iSqXhjrtMPBjnEFSvKCnsyg== X-Google-Smtp-Source: AOwi7QCSC6LUYjqaCUCXna6O7IsT5x3hQ/xmPTw/iCcYe103W8b8esOt2RCjAXvjfBRcBwakvOxWV8+gb5ZO/CVPfbc= X-Received: by 10.107.56.130 with SMTP id f124mr1762919ioa.33.1507783187177; Wed, 11 Oct 2017 21:39:47 -0700 (PDT) MIME-Version: 1.0 Received: by 10.107.157.141 with HTTP; Wed, 11 Oct 2017 21:39:46 -0700 (PDT) In-Reply-To: References: <1507736449-6073-1-git-send-email-mw@semihalf.com> <1507736449-6073-2-git-send-email-mw@semihalf.com> <20171011164713.qgkiekieolvjiyk5@bivouac.eciton.net> From: Marcin Wojtas Date: Thu, 12 Oct 2017 06:39:46 +0200 Message-ID: To: Leif Lindholm Cc: Ard Biesheuvel , "edk2-devel@lists.01.org" , Nadav Haklai , Neta Zur Hershkovits , Kostya Porotchkin , Hua Jing , =?UTF-8?B?SmFuIETEhWJyb8Wb?= Subject: Re: [platforms: PATCH 1/8] Marvell/Armada: Implement EFI_RNG_PROTOCOL driver for EIP76 TRNG X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Oct 2017 04:36:18 -0000 Content-Type: text/plain; charset="UTF-8" 2017-10-11 20:15 GMT+02:00 Ard Biesheuvel : > On 11 October 2017 at 17:47, Leif Lindholm wrote: >> On Wed, Oct 11, 2017 at 05:40:42PM +0200, Marcin Wojtas wrote: >>> From: Ard Biesheuvel >>> >>> Add an implementation of EFI_RNG_PROTOCOL so that the OS loader has >>> access to entropy for KASLR and other purposes (i.e., seeding the OS's >>> entropy pool very early on). >>> >>> Contributed-under: TianoCore Contribution Agreement 1.1 >>> Signed-off-by: Ard Biesheuvel >>> Signed-off-by: Marcin Wojtas >>> --- >>> Platform/Marvell/Armada/Armada.dsc.inc | 4 + >>> Platform/Marvell/Armada/Armada70x0.fdf | 1 + >>> Platform/Marvell/Armada/Drivers/Armada70x0RngDxe/Armada70x0RngDxe.c | 254 ++++++++++++++++++++ >>> Platform/Marvell/Armada/Drivers/Armada70x0RngDxe/Armada70x0RngDxe.inf | 47 ++++ >>> Platform/Marvell/Marvell.dec | 3 + >>> 5 files changed, 309 insertions(+) >>> >>> diff --git a/Platform/Marvell/Armada/Armada.dsc.inc b/Platform/Marvell/Armada/Armada.dsc.inc >>> index 1aa485c..ec24d76 100644 >>> --- a/Platform/Marvell/Armada/Armada.dsc.inc >>> +++ b/Platform/Marvell/Armada/Armada.dsc.inc >>> @@ -364,6 +364,9 @@ >>> gArmTokenSpaceGuid.PcdSystemMemorySize|0x40000000 >>> gArmTokenSpaceGuid.PcdArmScr|0x531 >>> >>> + # TRNG >>> + gMarvellTokenSpaceGuid.PcdEip76TrngBaseAddress|0xF2760000 >>> + >>> ################################################################################ >>> # >>> # Components Section - list of all EDK II Modules needed by this Platform >>> @@ -400,6 +403,7 @@ >>> Platform/Marvell/Drivers/I2c/Devices/MvEeprom/MvEeprom.inf >>> Platform/Marvell/Drivers/Spi/MvSpiDxe.inf >>> Platform/Marvell/Drivers/Spi/Devices/MvSpiFlash.inf >>> + Platform/Marvell/Armada/Drivers/Armada70x0RngDxe/Armada70x0RngDxe.inf >>> >>> # Network support >>> MdeModulePkg/Universal/Network/SnpDxe/SnpDxe.inf >>> diff --git a/Platform/Marvell/Armada/Armada70x0.fdf b/Platform/Marvell/Armada/Armada70x0.fdf >>> index 933c3ed..a94a9ff 100644 >>> --- a/Platform/Marvell/Armada/Armada70x0.fdf >>> +++ b/Platform/Marvell/Armada/Armada70x0.fdf >>> @@ -113,6 +113,7 @@ FvNameGuid = 5eda4200-2c5f-43cb-9da3-0baf74b1b30c >>> INF Platform/Marvell/Drivers/I2c/Devices/MvEeprom/MvEeprom.inf >>> INF Platform/Marvell/Drivers/Spi/MvSpiDxe.inf >>> INF Platform/Marvell/Drivers/Spi/Devices/MvSpiFlash.inf >>> + INF Platform/Marvell/Armada/Drivers/Armada70x0RngDxe/Armada70x0RngDxe.inf >>> >>> # Network support >>> INF MdeModulePkg/Universal/Network/SnpDxe/SnpDxe.inf >>> diff --git a/Platform/Marvell/Armada/Drivers/Armada70x0RngDxe/Armada70x0RngDxe.c b/Platform/Marvell/Armada/Drivers/Armada70x0RngDxe/Armada70x0RngDxe.c >>> new file mode 100644 >>> index 0000000..dca6dcc >>> --- /dev/null >>> +++ b/Platform/Marvell/Armada/Drivers/Armada70x0RngDxe/Armada70x0RngDxe.c >>> @@ -0,0 +1,254 @@ >>> +/** @file >>> + >>> + This driver produces an EFI_RNG_PROTOCOL instance for the Armada 70x0 TRNG >>> + >>> + Copyright (C) 2017, Linaro Ltd. All rights reserved.
>>> + >>> + This program and the accompanying materials are licensed and made available >>> + under the terms and conditions of the BSD License which accompanies this >>> + distribution. The full text of the license may be found at >>> + http://opensource.org/licenses/bsd-license.php >>> + >>> + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT >>> + WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. >>> + >>> +**/ >>> + >>> +#include >>> +#include >>> +#include >>> +#include >>> + >>> +#include >>> + >>> +#define TRNG_OUTPUT_REG mTrngBaseAddress >>> +#define TRNG_OUTPUT_SIZE 0x10 >>> + >>> +#define TRNG_STATUS_REG (mTrngBaseAddress + 0x10) >>> +#define TRNG_STATUS_READY BIT0 >>> + >>> +#define TRNG_INTACK_REG (mTrngBaseAddress + 0x10) >>> +#define TRNG_INTACK_READY BIT0 >>> + >>> +#define TRNG_CONTROL_REG (mTrngBaseAddress + 0x14) >>> +#define TRNG_CONTROL_REG_ENABLE BIT10 >>> + >>> +#define TRNG_CONFIG_REG (mTrngBaseAddress + 0x18) >>> +#define __MIN_REFILL_SHIFT 0 >>> +#define __MAX_REFILL_SHIFT 16 >>> +#define TRNG_CONFIG_MIN_REFILL_CYCLES (0x05 << __MIN_REFILL_SHIFT) >>> +#define TRNG_CONFIG_MAX_REFILL_CYCLES (0x22 << __MAX_REFILL_SHIFT) >>> + >>> +#define TRNG_FRODETUNE_REG (mTrngBaseAddress + 0x24) >>> +#define TRNG_FRODETUNE_MASK 0x0 >>> + >>> +#define TRNG_FROENABLE_REG (mTrngBaseAddress + 0x20) >>> +#define TRNG_FROENABLE_MASK 0xffffff >>> + >>> +#define TRNG_MAX_RETRIES 20 >>> + >>> +STATIC EFI_PHYSICAL_ADDRESS mTrngBaseAddress; >>> + >>> +/** >>> + Returns information about the random number generation implementation. >>> + >>> + @param[in] This A pointer to the EFI_RNG_PROTOCOL >>> + instance. >>> + @param[in,out] RNGAlgorithmListSize On input, the size in bytes of >>> + RNGAlgorithmList. >>> + On output with a return code of >>> + EFI_SUCCESS, the size in bytes of the >>> + data returned in RNGAlgorithmList. On >>> + output with a return code of >>> + EFI_BUFFER_TOO_SMALL, the size of >>> + RNGAlgorithmList required to obtain the >>> + list. >>> + @param[out] RNGAlgorithmList A caller-allocated memory buffer filled >>> + by the driver with one EFI_RNG_ALGORITHM >>> + element for each supported RNG algorithm. >>> + The list must not change across multiple >>> + calls to the same driver. The first >>> + algorithm in the list is the default >>> + algorithm for the driver. >>> + >>> + @retval EFI_SUCCESS The RNG algorithm list was returned >>> + successfully. >>> + @retval EFI_UNSUPPORTED The services is not supported by this >>> + driver. >>> + @retval EFI_DEVICE_ERROR The list of algorithms could not be >>> + retrieved due to a hardware or firmware >>> + error. >>> + @retval EFI_INVALID_PARAMETER One or more of the parameters are >>> + incorrect. >>> + @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small >>> + to hold the result. >>> + >>> +**/ >>> +STATIC >>> +EFI_STATUS >>> +EFIAPI >>> +Armada70x0RngGetInfo ( >>> + IN EFI_RNG_PROTOCOL *This, >>> + IN OUT UINTN *RNGAlgorithmListSize, >>> + OUT EFI_RNG_ALGORITHM *RNGAlgorithmList >>> + ) >>> +{ >>> + if (This == NULL || RNGAlgorithmListSize == NULL) { >>> + return EFI_INVALID_PARAMETER; >>> + } >>> + >>> + if (*RNGAlgorithmListSize < sizeof (EFI_RNG_ALGORITHM)) { >>> + *RNGAlgorithmListSize = sizeof (EFI_RNG_ALGORITHM); >>> + return EFI_BUFFER_TOO_SMALL; >>> + } >>> + >>> + if (RNGAlgorithmList == NULL) { >>> + return EFI_INVALID_PARAMETER; >>> + } >>> + >>> + *RNGAlgorithmListSize = sizeof (EFI_RNG_ALGORITHM); >>> + CopyGuid (RNGAlgorithmList, &gEfiRngAlgorithmRaw); >>> + >>> + return EFI_SUCCESS; >>> +} >>> + >>> +STATIC >>> +EFI_STATUS >>> +GetTrngData ( >>> + IN UINTN Length, >>> + OUT UINT8 *Bits >>> + ) >>> +{ >>> + UINTN Tries; >>> + UINT32 Buf[TRNG_OUTPUT_SIZE / sizeof (UINT32)]; >>> + UINTN Index; >>> + >>> + for (Tries = 0; Tries < TRNG_MAX_RETRIES; Tries++) { >>> + if (MmioRead32 (TRNG_STATUS_REG) & TRNG_STATUS_READY) { >>> + for (Index = 0; Index < ARRAY_SIZE (Buf); Index++) { >>> + Buf[Index] = MmioRead32 (TRNG_OUTPUT_REG + Index * sizeof (UINT32)); >>> + } >>> + CopyMem (Bits, Buf, Length); >>> + MmioWrite32 (TRNG_INTACK_REG, TRNG_INTACK_READY); >>> + >>> + return EFI_SUCCESS; >>> + } >>> + gBS->Stall (10); >> >> Why? Why 10? Please add a comment. >> >> No other comments on this patch. >> > > I don't remember the details, and I think the 1 ms delay was chosen > arbitrarily, but the purpose of the delay is to allow the hardware to > assume the 'ready' state. > I don't have EIP150 docs, but how about a comment: // Polling interval for obtaining TRNG data is 10us gBS->Stall (10); I know it's not perfect, but would you accept it?:) Best regards, Marcin