lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAMuHMdWujabV8dr=EojXFBVD0TcUuZ2kCGjjo93u=PE-AmzVHA@mail.gmail.com>
Date:   Tue, 21 Apr 2020 15:34:01 +0200
From:   Geert Uytterhoeven <geert@...ux-m68k.org>
To:     Hadar Gat <Hadar.Gat@....com>
Cc:     Matt Mackall <mpm@...enic.com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        Rob Herring <robh+dt@...nel.org>,
        Mark Rutland <Mark.Rutland@....com>,
        Arnd Bergmann <arnd@...db.de>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Krzysztof Kozlowski <krzk@...nel.org>,
        Florian Fainelli <f.fainelli@...il.com>,
        Alexander Sverdlin <alexander.sverdlin@...ia.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Tomer Maimon <tmaimon77@...il.com>,
        Randy Dunlap <rdunlap@...radead.org>,
        Zaibo Xu <xuzaibo@...wei.com>,
        Daniel Thompson <daniel.thompson@...aro.org>,
        Mauro Carvalho Chehab <mchehab+samsung@...nel.org>,
        "David S. Miller" <davem@...emloft.net>,
        Jonathan Cameron <Jonathan.Cameron@...wei.com>,
        Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
        "open list:OPEN FIRMWARE AND FLATTENED DEVICE TREE BINDINGS" 
        <devicetree@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Gilad Ben-Yossef <gilad@...yossef.com>,
        Ofir Drang <Ofir.Drang@....com>, nd <nd@....com>
Subject: Re: [PATCH v7 2/3] hw_random: cctrng: introduce Arm CryptoCell driver

Hi Hadar,

On Tue, Apr 21, 2020 at 3:16 PM Hadar Gat <Hadar.Gat@....com> wrote:
> > -----Original Message-----
> > From: Geert Uytterhoeven <geert@...ux-m68k.org>
> > Sent: Monday, 20 April 2020 16:45
> >
> > On Fri, Mar 27, 2020 at 7:11 AM Hadar Gat <hadar.gat@....com> wrote:
> > > Introduce low level Arm CryptoCell TRNG HW support.
> > >
> > > Signed-off-by: Hadar Gat <hadar.gat@....com>
> >
> > Thanks for your patch!
> >
> > > --- /dev/null
> > > +++ b/drivers/char/hw_random/cctrng.c
> >
> > > +static int cctrng_probe(struct platform_device *pdev) {
> > > +       struct resource *req_mem_cc_regs = NULL;
> > > +       struct cctrng_drvdata *drvdata;
> > > +       struct device *dev = &pdev->dev;
> > > +       int rc = 0;
> > > +       u32 val;
> > > +       int irq;
> > > +
> > > +       drvdata = devm_kzalloc(dev, sizeof(*drvdata), GFP_KERNEL);
> > > +       if (!drvdata)
> > > +               return -ENOMEM;
> > > +
> > > +       drvdata->rng.name = devm_kstrdup(dev, dev_name(dev),
> > GFP_KERNEL);
> > > +       if (!drvdata->rng.name)
> > > +               return -ENOMEM;
> > > +
> > > +       drvdata->rng.read = cctrng_read;
> > > +       drvdata->rng.priv = (unsigned long)drvdata;
> > > +       drvdata->rng.quality = CC_TRNG_QUALITY;
> > > +
> > > +       platform_set_drvdata(pdev, drvdata);
> > > +       drvdata->pdev = pdev;
> > > +
> > > +       drvdata->circ.buf = (char *)drvdata->data_buf;
> > > +
> > > +       /* Get device resources */
> > > +       /* First CC registers space */
> > > +       req_mem_cc_regs = platform_get_resource(pdev,
> > IORESOURCE_MEM, 0);
> > > +       /* Map registers space */
> > > +       drvdata->cc_base = devm_ioremap_resource(dev,
> > req_mem_cc_regs);
> > > +       if (IS_ERR(drvdata->cc_base)) {
> > > +               dev_err(dev, "Failed to ioremap registers");
> > > +               return PTR_ERR(drvdata->cc_base);
> > > +       }
> > > +
> > > +       dev_dbg(dev, "Got MEM resource (%s): %pR\n", req_mem_cc_regs-
> > >name,
> > > +               req_mem_cc_regs);
> > > +       dev_dbg(dev, "CC registers mapped from %pa to 0x%p\n",
> > > +               &req_mem_cc_regs->start, drvdata->cc_base);
> > > +
> > > +       /* Then IRQ */
> > > +       irq = platform_get_irq(pdev, 0);
> > > +       if (irq < 0) {
> > > +               dev_err(dev, "Failed getting IRQ resource\n");
> > > +               return irq;
> > > +       }
> > > +
> > > +       /* parse sampling rate from device tree */
> > > +       rc = cc_trng_parse_sampling_ratio(drvdata);
> > > +       if (rc) {
> > > +               dev_err(dev, "Failed to get legal sampling ratio for rosc\n");
> > > +               return rc;
> > > +       }
> > > +
> > > +       rc = cc_trng_clk_init(drvdata);
> > > +       if (rc) {
> > > +               dev_err(dev, "cc_trng_clk_init failed\n");
> > > +               return rc;
> > > +       }
> > > +
> > > +       INIT_WORK(&drvdata->compwork, cc_trng_compwork_handler);
> > > +       INIT_WORK(&drvdata->startwork, cc_trng_startwork_handler);
> > > +       spin_lock_init(&drvdata->read_lock);
> > > +
> > > +       /* register the driver isr function */
> > > +       rc = devm_request_irq(dev, irq, cc_isr, IRQF_SHARED, "cctrng",
> > > + drvdata);
> >
> > Shoudn't this be done after clearing the pending interrupts below?
>
> I'm not sure what do you mean in your question...
> I assume you're suggesting that the registration of the driver ISR function should be done only after clearing the pending interrupts?!

Indeed.

> Anyway, any pending interrupt that might exist is irrelevant to the current cctrng driver which just started (we're in the probe function)

If there is a pending interrupt, your interrupt handler (which returns
IRQ_NONE in this case) will be called repeatedly, until the driver gets
to clearing the pending interrupts below, or until the interrupt core
decides to give up, and disable it for good.

> > > +       if (rc) {
> > > +               dev_err(dev, "Could not register to interrupt %d\n", irq);
> > > +               goto post_clk_err;
> > > +       }
> > > +       dev_dbg(dev, "Registered to IRQ: %d\n", irq);
> > > +
> > > +       /* Clear all pending interrupts */
> > > +       val = cc_ioread(drvdata, CC_HOST_RGF_IRR_REG_OFFSET);
> > > +       dev_dbg(dev, "IRR=0x%08X\n", val);
> > > +       cc_iowrite(drvdata, CC_HOST_RGF_ICR_REG_OFFSET, val);
> >
> > The above accesses the engine's registers...
>
> That is right.
>
> > > +
> > > +       /* unmask HOST RNG interrupt */
> > > +       cc_iowrite(drvdata, CC_HOST_RGF_IMR_REG_OFFSET,
> > > +                  cc_ioread(drvdata, CC_HOST_RGF_IMR_REG_OFFSET) &
> > > +                  ~CC_HOST_RNG_IRQ_MASK);
> > > +
> > > +       /* init PM */
> > > +       rc = cc_trng_pm_init(drvdata);
> > > +       if (rc) {
> > > +               dev_err(dev, "cc_trng_pm_init failed\n");
> > > +               goto post_clk_err;
> > > +       }
> >
> > > +
> > > +       /* increment device's usage counter */
> > > +       rc = cc_trng_pm_get(dev);
> >
> > ... but only here is Runtime PM initialized, and the device guaranteed to be
> > powered.  If a device is accessed while powered down, this may lead to an
> > asynchronous external abort, or a plain lockup.
>
> It is assumed that when the driver is probed it is already powered. Only then, the driver initializes and enables the runtime PM to allow power down of the HW when it is not in use.

Who guarantees it is powered up? Your driver has indeed enabled the
(optional) clock above, but if the hardware block is part of a power
domain, it may still be powered down. The only way to make sure a
hardware block in a power domain is powered, is by enabling Runtime
PM and calling pm_runtime_get_sync().

Gr{oetje,eeting}s,

                        Geert

-- 
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@...ux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ