lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20250204-rk3588-trng-submission-v2-0-608172b6fd91@collabora.com>
Date: Tue, 04 Feb 2025 16:35:45 +0100
From: Nicolas Frattaroli <nicolas.frattaroli@...labora.com>
To: Philipp Zabel <p.zabel@...gutronix.de>, Rob Herring <robh@...nel.org>, 
 Krzysztof Kozlowski <krzk+dt@...nel.org>, 
 Conor Dooley <conor+dt@...nel.org>, Heiko Stuebner <heiko@...ech.de>, 
 Olivia Mackall <olivia@...enic.com>, 
 Herbert Xu <herbert@...dor.apana.org.au>, 
 Daniel Golle <daniel@...rotopia.org>, Aurelien Jarno <aurelien@...el32.net>
Cc: Sebastian Reichel <sebastian.reichel@...labora.com>, 
 kernel@...labora.com, devicetree@...r.kernel.org, 
 linux-arm-kernel@...ts.infradead.org, linux-rockchip@...ts.infradead.org, 
 linux-kernel@...r.kernel.org, linux-crypto@...r.kernel.org, 
 Nicolas Frattaroli <nicolas.frattaroli@...labora.com>, 
 XiaoDong Huang <derrick.huang@...k-chips.com>, 
 Conor Dooley <conor.dooley@...rochip.com>, 
 Lin Jinhan <troy.lin@...k-chips.com>
Subject: [PATCH v2 0/7] RK3588 Hardware Random Number Generator Driver

This series adds support for the Rockchip RK3588's standalone hardware
random number generator to the existing mainline rockchip-rng driver.

The RK3588 has several hardware random number generators, one in each
the secure-world and non-secure-world crypto accelerator, and one
standalone one in each the secure-world and non-secure-world, so 4
hwrngs in total. This series adds support for the standalone hwrng,
which is an entirely new IP on this SoC and distinct from the one in the
Crypto IP.

The decision to integrate this into the existing rockchip-rng driver was
made based on a few factors:

1. The driver is fairly small.
2. While not much code is shared, some code is, specifically relating to
   power management, the hwrng interface and the probe function.
3. I don't want users to figure out why "CONFIG_HW_RANDOM_ROCKCHIP"
   doesn't enable the RK3588 one, and I really don't see a reason to
   build without both of them considering the other RK3588 TRNG (for
   which there is not yet a driver iirc) *does* share code with the
   existing rockchip-rng driver.

Here are the rngtest5 results from this new driver on my board:

  user@...ian-rockchip-rock5b-rk3588:~$ cat /sys/class/misc/hw_random/rng_current 
  rockchip-rng
  user@...ian-rockchip-rock5b-rk3588:~$ sudo cat /dev/hwrng | rngtest -c 10000 
  [...]
  rngtest: bits received from input: 200000032
  rngtest: FIPS 140-2 successes: 9990
  rngtest: FIPS 140-2 failures: 10
  rngtest: FIPS 140-2(2001-10-10) Monobit: 1
  rngtest: FIPS 140-2(2001-10-10) Poker: 0
  rngtest: FIPS 140-2(2001-10-10) Runs: 5
  rngtest: FIPS 140-2(2001-10-10) Long run: 4
  rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
  rngtest: input channel speed: (min=212.255; avg=29089.272; max=19531250.000)Kibits/s
  rngtest: FIPS tests speed: (min=64.005; avg=102.494; max=153.818)Mibits/s
  rngtest: Program run time: 11292340 microseconds

As you can see, the quality of the entropy is quite good, and the
throughput is an acceptable 29 Mibit/s.

The series starts out with two patches for the bindings. The bindings
are separate from the rockchip,rk3568-rng bindings, as the required
properties differ. The SCMI reset ID numbers are needed because mainline
uses a different reset numbering scheme, but TF-A uses the downstream
numbering scheme as far as I know. The TRNG must be reset through SCMI.

Next up are two cleanup patches for the existing driver. Even if a
decision is made to split the drivers for whatever reason, these two
patches should be used in the rk3568-rng driver as they get rid of small
peculiarities in the code without meaningfully changing how the driver
works.

Next up is the main driver patch that adds support for the new TRNG. As
the driver was developed by reading the downstream vendor code for this
particular device and reworking it, I've included the downstream vendor
developer who wrote the driver as a Co-developed-by tag with their
existing downstream sign-off.

The penultimate patch adds the node to the rk3588-base.dtsi, and
enables it.

The final patch adds myself to the MAINTAINERS of this driver and these
bindings.

Signed-off-by: Nicolas Frattaroli <nicolas.frattaroli@...labora.com>
---
Changes in v2:
- Drop mailmap patch
- driver: restore the OF matching to how it was, and change soc_data to
  const
- dts: get rid of the board specific DTS enablement and instead enable
  it in rk3588-base
- bindings: drop the change of adding myself to maintainers from the
  bindings patch, make it a separate patch
- bindings: get rid of the comments
- bindings: set status = "okay" in the example
- bindings: make interrupts property required
- Add a patch to add me to the MAINTAINERS for this driver/binding
- Link to v1: https://lore.kernel.org/r/20250130-rk3588-trng-submission-v1-0-97ff76568e49@collabora.com

---
Nicolas Frattaroli (7):
      dt-bindings: reset: Add SCMI reset IDs for RK3588
      dt-bindings: rng: add binding for Rockchip RK3588 RNG
      hwrng: rockchip: store dev pointer in driver struct
      hwrng: rockchip: eliminate some unnecessary dereferences
      hwrng: rockchip: add support for rk3588's standalone TRNG
      arm64: dts: rockchip: Add rng node to RK3588
      MAINTAINERS: add Nicolas Frattaroli to rockchip-rng maintainers

 .../bindings/rng/rockchip,rk3588-rng.yaml          |  60 +++++
 MAINTAINERS                                        |   2 +
 arch/arm64/boot/dts/rockchip/rk3588-base.dtsi      |   9 +
 drivers/char/hw_random/Kconfig                     |   3 +-
 drivers/char/hw_random/rockchip-rng.c              | 250 ++++++++++++++++++---
 include/dt-bindings/reset/rockchip,rk3588-cru.h    |  41 +++-
 6 files changed, 335 insertions(+), 30 deletions(-)
---
base-commit: 72deda0abee6e705ae71a93f69f55e33be5bca5c
change-id: 20250130-rk3588-trng-submission-055255c96689

Best regards,
-- 
Nicolas Frattaroli <nicolas.frattaroli@...labora.com>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ