rng: Provide a RNG based on the RISC-V Zkr ISA extension

The Zkr ISA extension (ratified Nov 2021) introduced the seed CSR. It provides an interface to a physical entropy source. A RNG driver based on the seed CSR is provided. It depends on mseccfg.sseed being set in the SBI firmware. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Leo Yu-Chi Liang <ycliang@andestech.com>
2024-11-24 13:43:28 +00:00 · 2023-10-31 14:55:52 +02:00 · 2023-10-31 14:55:52 +02:00 · ceec977ba1
commit ceec977ba1
parent 9757cae991
3 changed files with 125 additions and 0 deletions
--- a/drivers/rng/Kconfig
+++ b/drivers/rng/Kconfig
@ -48,6 +48,14 @@ config RNG_OPTEE
 	  accessible to normal world but reserved and used by the OP-TEE
 	  to avoid the weakness of a software PRNG.

+config RNG_RISCV_ZKR
+	bool "RISC-V Zkr random number generator"
+	depends on RISCV_SMODE
+	help
+	  This driver provides a Random Number Generator based on the
+	  Zkr RISC-V ISA extension which provides an interface to an
+	  NIST SP 800-90B or BSI AIS-31 compliant physical entropy source.
+
 config RNG_STM32
 	bool "Enable random number generator for STM32"
 	depends on ARCH_STM32 || ARCH_STM32MP
--- a/drivers/rng/Makefile
+++ b/drivers/rng/Makefile
@ -10,6 +10,7 @@ obj-$(CONFIG_RNG_MSM) += msm_rng.o
 obj-$(CONFIG_RNG_NPCM) += npcm_rng.o
 obj-$(CONFIG_RNG_OPTEE) += optee_rng.o
 obj-$(CONFIG_RNG_STM32) += stm32_rng.o
+obj-$(CONFIG_RNG_RISCV_ZKR) += riscv_zkr_rng.o
 obj-$(CONFIG_RNG_ROCKCHIP) += rockchip_rng.o
 obj-$(CONFIG_RNG_IPROC200) += iproc_rng200.o
 obj-$(CONFIG_RNG_SMCCC_TRNG) += smccc_trng.o
--- a/drivers/rng/riscv_zkr_rng.c
+++ b/drivers/rng/riscv_zkr_rng.c
@ -0,0 +1,116 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * The RISC-V Zkr extension provides CSR seed which provides access to a
+ * random number generator.
+ */
+
+#define LOG_CATEGORY UCLASS_RNG
+
+#include <dm.h>
+#include <interrupt.h>
+#include <log.h>
+#include <rng.h>
+
+#define DRIVER_NAME "riscv_zkr"
+
+enum opst {
+	/** @BIST: built in self test running */
+	BIST = 0b00,
+	/** @WAIT: sufficient amount of entropy is not yet available */
+	WAIT = 0b01,
+	/** @ES16: 16bits of entropy available */
+	ES16 = 0b10,
+	/** @DEAD: unrecoverable self-test error */
+	DEAD = 0b11,
+};
+
+static unsigned long read_seed(void)
+{
+	unsigned long ret;
+
+	__asm__ __volatile__("csrrw %0, seed, x0" : "=r" (ret) : : "memory");
+
+	return ret;
+}
+
+static int riscv_zkr_read(struct udevice *dev, void *data, size_t len)
+{
+	u8 *ptr = data;
+
+	while (len) {
+		u32 val;
+
+		val = read_seed();
+
+		switch (val >> 30) {
+		case BIST:
+			continue;
+		case WAIT:
+			continue;
+		case ES16:
+			*ptr++ = val & 0xff;
+			if (--len) {
+				*ptr++ = val >> 8;
+				--len;
+			}
+			break;
+		case DEAD:
+			return -ENODEV;
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * riscv_zkr_probe() - check if the seed register is available
+ *
+ * If the SBI software has not set mseccfg.sseed=1 or the Zkr
+ * extension is not available this probe function will result
+ * in an exception. Currently we cannot recover from this.
+ *
+ * @dev:	RNG device
+ * Return:	0 if successfully probed
+ */
+static int riscv_zkr_probe(struct udevice *dev)
+{
+	struct resume_data resume;
+	int ret;
+	u32 val;
+
+	/* Check if reading seed leads to interrupt */
+	set_resume(&resume);
+	ret = setjmp(resume.jump);
+	if (ret)
+		log_debug("Exception %ld reading seed CSR\n", resume.code);
+	else
+		val = read_seed();
+	set_resume(NULL);
+	if (ret)
+		return -ENODEV;
+
+	do {
+		val = read_seed();
+		val >>= 30;
+	} while (val == BIST || val == WAIT);
+
+	if (val == DEAD)
+		return -ENODEV;
+
+	return 0;
+}
+
+static const struct dm_rng_ops riscv_zkr_ops = {
+	.read = riscv_zkr_read,
+};
+
+U_BOOT_DRIVER(riscv_zkr) = {
+	.name = DRIVER_NAME,
+	.id = UCLASS_RNG,
+	.ops = &riscv_zkr_ops,
+	.probe = riscv_zkr_probe,
+};
+
+U_BOOT_DRVINFO(cpu_riscv_zkr) = {
+	.name = DRIVER_NAME,
+};