[RFC 1/1] rng: Provide a RNG based on the RISC-V Zkr ISA extension

Heinrich Schuchardt heinrich.schuchardt at canonical.com
Sun Oct 29 08:52:17 CET 2023 

On 10/29/23 06:39, Chanho Park wrote:
> Hi,
> 
>> -----Original Message-----
>> From: U-Boot <u-boot-bounces at lists.denx.de> On Behalf Of Heinrich
>> Schuchardt
>> Sent: Sunday, October 29, 2023 8:26 AM
>> To: Rick Chen <rick at andestech.com>; Leo <ycliang at andestech.com>
>> Cc: Sughosh Ganu <sughosh.ganu at linaro.org>; u-boot at lists.denx.de; Heinrich
>> Schuchardt <heinrich.schuchardt at canonical.com>
>> Subject: [RFC 1/1] rng: Provide a RNG based on the RISC-V Zkr ISA
>> extension
>>
>> The Zkr ISA extension (ratified Nov 2021) introduced the seed CSR. It
>> provides an interface to a physical entropy source.
>>
>> A RNG driver based on the seed CSR is provided. It depends on
>> mseccfg.sseed being set in the SBI firmware.
>>
>> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
> 
> This works fine on my qemu risv with your opensbi patch and KASLR has been
> tested as well.
> Feel free to add my reviewed/tested-by tag.
> 
> Reviewed-by: Chanho Park <chanho61.park at samsung.com>
> Tested-by: Chanho Park <chanho61.park at samsung.com>
> 
> Best Regards,
> Chanho Park

Thanks for reviewing.

I am currently looking into detecting if the seed register is readable 
to avoid a possible exception if the sseed flag is not set or the Zkr 
exception is not available.

Best regards

Heinrich

> 
>> ---
>>   drivers/rng/Kconfig         |  11 ++++
>>   drivers/rng/Makefile        |   1 +
>>   drivers/rng/riscv_zkr_rng.c | 102 ++++++++++++++++++++++++++++++++++++
>>   3 files changed, 114 insertions(+)
>>   create mode 100644 drivers/rng/riscv_zkr_rng.c
>>
>> diff --git a/drivers/rng/Kconfig b/drivers/rng/Kconfig
>> index 994cc35b27..f8f1d91ed2 100644
>> --- a/drivers/rng/Kconfig
>> +++ b/drivers/rng/Kconfig
>> @@ -48,6 +48,17 @@ config RNG_OPTEE
>>   	  accessible to normal world but reserved and used by the OP-TEE
>>   	  to avoid the weakness of a software PRNG.
>>
>> +config RNG_RISCV_ZKR
>> +	bool "RISC-V Zkr random number generator"
>> +	depends on RISCV_SMODE
>> +	help
>> +	  This driver provides a Random Number Generator based on the
>> +	  Zkr RISC-V ISA extension which provides an interface to an
>> +	  NIST SP 800-90B or BSI AIS-31 compliant physical entropy source.
>> +
>> +	  Using this driver will lead to an exception if the M-mode
>> firmware
>> +	  has not set mseccfg.sseed=1.
>> +
>>   config RNG_STM32
>>   	bool "Enable random number generator for STM32"
>>   	depends on ARCH_STM32 || ARCH_STM32MP
>> diff --git a/drivers/rng/Makefile b/drivers/rng/Makefile
>> index 47b323e61e..a5d3ca4130 100644
>> --- a/drivers/rng/Makefile
>> +++ b/drivers/rng/Makefile
>> @@ -10,6 +10,7 @@ obj-$(CONFIG_RNG_MSM) += msm_rng.o
>>   obj-$(CONFIG_RNG_NPCM) += npcm_rng.o
>>   obj-$(CONFIG_RNG_OPTEE) += optee_rng.o
>>   obj-$(CONFIG_RNG_STM32) += stm32_rng.o
>> +obj-$(CONFIG_RNG_RISCV_ZKR) += riscv_zkr_rng.o
>>   obj-$(CONFIG_RNG_ROCKCHIP) += rockchip_rng.o
>>   obj-$(CONFIG_RNG_IPROC200) += iproc_rng200.o
>>   obj-$(CONFIG_RNG_SMCCC_TRNG) += smccc_trng.o
>> diff --git a/drivers/rng/riscv_zkr_rng.c b/drivers/rng/riscv_zkr_rng.c
>> new file mode 100644
>> index 0000000000..f48ae35410
>> --- /dev/null
>> +++ b/drivers/rng/riscv_zkr_rng.c
>> @@ -0,0 +1,102 @@
>> +// SPDX-License-Identifier: GPL-2.0-or-later
>> +/*
>> + * The RISC-V Zkr extension provides CSR seed which provides access to a
>> + * random number generator.
>> + */
>> +
>> +#define LOG_CATEGORY UCLASS_RNG
>> +
>> +#include <common.h>
>> +#include <dm.h>
>> +#include <rng.h>
>> +
>> +#define DRIVER_NAME "riscv_zkr"
>> +
>> +enum opst {
>> +	/** @BIST: built in self test running */
>> +	BIST = 0b00,
>> +	/** @WAIT: sufficient amount of entropy is not yet available */
>> +	WAIT = 0b01,
>> +	/** @ES16: 16bits of entropy available */
>> +	ES16 = 0b10,
>> +	/** @DEAD: unrecoverable self-test error */
>> +	DEAD = 0b11,
>> +};
>> +
>> +static unsigned long read_seed(void)
>> +{
>> +	unsigned long ret;
>> +
>> +	__asm__ __volatile__("csrrw %0, seed, x0" : "=r" (ret) : :
>> "memory");
>> +
>> +	return ret;
>> +}
>> +
>> +static int riscv_zkr_read(struct udevice *dev, void *data, size_t len)
>> +{
>> +	u8 *ptr = data;
>> +
>> +	while (len) {
>> +		u32 val;
>> +
>> +		val = read_seed();
>> +
>> +		switch (val >> 30) {
>> +		case BIST:
>> +			continue;
>> +		case WAIT:
>> +			continue;
>> +		case ES16:
>> +			*ptr++ = val & 0xff;
>> +			if (--len) {
>> +				*ptr++ = val >> 8;
>> +				--len;
>> +			}
>> +			break;
>> +		case DEAD:
>> +			return -ENODEV;
>> +		}
>> +	}
>> +
>> +	return 0;
>> +}
>> +
>> +/**
>> + * riscv_zkr_probe() - check if the seed register is available
>> + *
>> + * If the SBI software has not set mseccfg.sseed=1 or the Zkr
>> + * extension is not available this probe function will result
>> + * in an exception. Currently we cannot recover from this.
>> + *
>> + * @dev:	RNG device
>> + * Return:	0 if successfully probed
>> + */
>> +static int riscv_zkr_probe(struct udevice *dev)
>> +{
>> +	u32 val;
>> +
>> +	do {
>> +		val = read_seed();
>> +		val >>= 30;
>> +	} while (val == BIST || val == WAIT);
>> +
>> +	if (val == DEAD)
>> +		return -ENODEV;
>> +
>> +	return 0;
>> +}
>> +
>> +static const struct dm_rng_ops riscv_zkr_ops = {
>> +	.read = riscv_zkr_read,
>> +};
>> +
>> +U_BOOT_DRIVER(riscv_zkr) = {
>> +	.name = DRIVER_NAME,
>> +	.id = UCLASS_RNG,
>> +	.ops = &riscv_zkr_ops,
>> +	.probe = riscv_zkr_probe,
>> +};
>> +
>> +U_BOOT_DRVINFO(cpu_riscv_zkr) = {
>> +	.name = DRIVER_NAME,
>> +};
>> --
>> 2.40.1
> 
>

More information about the U-Boot mailing list