| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 20 Jun 2024 16:39:07 -0500
From: Sam Protsenko <semen.protsenko@...aro.org>
To: Lukasz Stelmach <l.stelmach@...sung.com>
Cc: Krzysztof Kozlowski <krzk+dt@...nel.org>, Rob Herring <robh@...nel.org>,
Conor Dooley <conor+dt@...nel.org>, Anand Moon <linux.amoon@...il.com>,
Olivia Mackall <olivia@...enic.com>, Herbert Xu <herbert@...dor.apana.org.au>,
Alim Akhtar <alim.akhtar@...sung.com>, linux-samsung-soc@...r.kernel.org,
linux-crypto@...r.kernel.org, devicetree@...r.kernel.org,
linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 5/7] hwrng: exynos: Add SMC based TRNG operation
On Thu, Jun 20, 2024 at 8:46 AM Lukasz Stelmach <l.stelmach@...sung.com> wrote:
>
> It was <2024-06-18 wto 15:45>, when Sam Protsenko wrote:
> > On some Exynos chips like Exynos850 the access to Security Sub System
> > (SSS) registers is protected with TrustZone, and therefore only possible
> > from EL3 monitor software. The Linux kernel is running in EL1, so the
> > only way for the driver to obtain TRNG data is via SMC calls to EL3
> > monitor. Implement such SMC operation and use it when EXYNOS_SMC flag is
> > set in the corresponding chip driver data.
> >
> > Signed-off-by: Sam Protsenko <semen.protsenko@...aro.org>
> > Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>
> > ---
> > Changes in v2:
> > - Used the "reversed Christmas tree" style in the variable declaration
> > block in exynos_trng_do_read_smc()
> > - Renamed .quirks to .flags in the driver structure
> > - Added Krzysztof's R-b tag
> >
> > drivers/char/hw_random/exynos-trng.c | 133 +++++++++++++++++++++++++--
> > 1 file changed, 123 insertions(+), 10 deletions(-)
> >
> > diff --git a/drivers/char/hw_random/exynos-trng.c b/drivers/char/hw_random/exynos-trng.c
> > index 99a0b271ffb7..497d6018c6ba 100644
> > --- a/drivers/char/hw_random/exynos-trng.c
> > +++ b/drivers/char/hw_random/exynos-trng.c
> > @@ -10,6 +10,7 @@
> > * Krzysztof Kozłowski <krzk@...nel.org>
> > */
>
> [...]
>
> > +static int exynos_trng_init_smc(struct hwrng *rng)
> > +{
> > + struct arm_smccc_res res;
> > +
> > + arm_smccc_smc(SMC_CMD_RANDOM, HWRNG_INIT, 0, 0, 0, 0, 0, 0, &res);
> > + if (res.a0 != HWRNG_RET_OK)
> > + return -EIO;
> > +
> > + return 0;
> > +}
> > +
>
> Does this driver requiers some vendor-specifig bootloading code?
> I am testing the code on a WinLink E850-96 board booted with the
> upstream u-boot and it fails during init (res0.a is -1).
>
This series was only tested (and works fine) with LittleKernel based
bootloader [1]. It's officially recommended and the only feature
complete bootloader at the moment. And you are right, the reason why
TRNG probe fails when you boot the kernel from U-Boot is that the LDFW
(Loadable Firmware) loading is not implemented in U-Boot right now,
which makes HWRNG_INIT SMC command fail and return -1. In fact, I'm
adding LDFW loading in U-Boot right now and expect it to be ready in 1
week or so. For now, can you please check with LK [1] instead? I'm
happy to help if you have any related questions.
> [ 1.883413] exynos-trng 12081400.rng: Could not register hwrng device
> [ 1.893394] exynos-trng 12081400.rng: probe with driver exynos-trng failed with error -5
>
> If an additional code outside the kernel is required for this to run,
> then maybe the error message should reflect that.
>
Good idea! Will send v3 soon, with proper error message added.
Thanks!
[1] https://gitlab.com/Linaro/96boards/e850-96/lk
> Kind regards,
> --
> Łukasz Stelmach
> Samsung R&D Institute Poland
> Samsung Electronics
Powered by blists - more mailing lists