Djam/u-boot
1
0
Fork 0
mirror of https://github.com/u-boot/u-boot.git synced 2025-04-24 06:24:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
u-boot/drivers/rng/stm32_rng.c
Gatien Chevallier 6032292534 rng: stm32: add error concealment sequence 
Seed errors can occur when using the hardware RNG. Implement the
sequences to handle them. This avoids irrecoverable RNG state.

Try to conceal seed errors when possible. If, despite the error
concealing tries, a seed error is still present, then return an error.

A clock error does not compromise the hardware block and data can
still be read from RNG_DR. Just warn that the RNG clock is too slow
and clear RNG_SR.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2023-10-04 13:26:03 +02:00

360 lines
8.6 KiB
C
Raw Blame History

// SPDX-License-Identifier: GPL-2.0-or-later
/*
* Copyright (c) 2019, Linaro Limited
*/
#define LOG_CATEGORY UCLASS_RNG
#include <common.h>
#include <clk.h>
#include <dm.h>
#include <log.h>
#include <reset.h>
#include <rng.h>
#include <linux/bitops.h>
#include <linux/delay.h>
#include <asm/io.h>
#include <linux/iopoll.h>
#include <linux/kernel.h>
#define RNG_CR 0x00
#define RNG_CR_RNGEN BIT(2)
#define RNG_CR_CED BIT(5)
#define RNG_CR_CLKDIV_SHIFT 16
#define RNG_CR_CONDRST BIT(30)
#define RNG_SR 0x04
#define RNG_SR_SEIS BIT(6)
#define RNG_SR_CEIS BIT(5)
#define RNG_SR_SECS BIT(2)
#define RNG_SR_DRDY BIT(0)
#define RNG_DR 0x08
#define RNG_NB_RECOVER_TRIES 3
/*
* struct stm32_rng_data - RNG compat data
*
* @max_clock_rate: Max RNG clock frequency, in Hertz
* @has_cond_reset: True if conditionnal reset is supported
*
*/
struct stm32_rng_data {
uint max_clock_rate;
bool has_cond_reset;
};
struct stm32_rng_plat {
fdt_addr_t base;
struct clk clk;
struct reset_ctl rst;
const struct stm32_rng_data *data;
bool ced;
};
/*
* Extracts from the STM32 RNG specification when RNG supports CONDRST.
*
* When a noise source (or seed) error occurs, the RNG stops generating
* random numbers and sets to “1” both SEIS and SECS bits to indicate
* that a seed error occurred. (...)
*
* 1. Software reset by writing CONDRST at 1 and at 0 (see bitfield
* description for details). This step is needed only if SECS is set.
* Indeed, when SEIS is set and SECS is cleared it means RNG performed
* the reset automatically (auto-reset).
* 2. If SECS was set in step 1 (no auto-reset) wait for CONDRST
* to be cleared in the RNG_CR register, then confirm that SEIS is
* cleared in the RNG_SR register. Otherwise just clear SEIS bit in
* the RNG_SR register.
* 3. If SECS was set in step 1 (no auto-reset) wait for SECS to be
* cleared by RNG. The random number generation is now back to normal.
*/
static int stm32_rng_conceal_seed_error_cond_reset(struct stm32_rng_plat *pdata)
{
u32 sr = readl_relaxed(pdata->base + RNG_SR);
u32 cr = readl_relaxed(pdata->base + RNG_CR);
int err;
if (sr & RNG_SR_SECS) {
/* Conceal by resetting the subsystem (step 1.) */
writel_relaxed(cr | RNG_CR_CONDRST, pdata->base + RNG_CR);
writel_relaxed(cr & ~RNG_CR_CONDRST, pdata->base + RNG_CR);
} else {
/* RNG auto-reset (step 2.) */
writel_relaxed(sr & ~RNG_SR_SEIS, pdata->base + RNG_SR);
return 0;
}
err = readl_relaxed_poll_timeout(pdata->base + RNG_SR, sr, !(sr & RNG_CR_CONDRST), 100000);
if (err) {
log_err("%s: timeout %x\n", __func__, sr);
return err;
}
/* Check SEIS is cleared (step 2.) */
if (readl_relaxed(pdata->base + RNG_SR) & RNG_SR_SEIS)
return -EINVAL;
err = readl_relaxed_poll_timeout(pdata->base + RNG_SR, sr, !(sr & RNG_SR_SECS), 100000);
if (err) {
log_err("%s: timeout %x\n", __func__, sr);
return err;
}
return 0;
}
/*
* Extracts from the STM32 RNG specification, when CONDRST is not supported
*
* When a noise source (or seed) error occurs, the RNG stops generating
* random numbers and sets to “1” both SEIS and SECS bits to indicate
* that a seed error occurred. (...)
*
* The following sequence shall be used to fully recover from a seed
* error after the RNG initialization:
* 1. Clear the SEIS bit by writing it to “0”.
* 2. Read out 12 words from the RNG_DR register, and discard each of
* them in order to clean the pipeline.
* 3. Confirm that SEIS is still cleared. Random number generation is
* back to normal.
*/
static int stm32_rng_conceal_seed_error_sw_reset(struct stm32_rng_plat *pdata)
{
uint i = 0;
u32 sr = readl_relaxed(pdata->base + RNG_SR);
writel_relaxed(sr & ~RNG_SR_SEIS, pdata->base + RNG_SR);
for (i = 12; i != 0; i--)
(void)readl_relaxed(pdata->base + RNG_DR);
if (readl_relaxed(pdata->base + RNG_SR) & RNG_SR_SEIS)
return -EINVAL;
return 0;
}
static int stm32_rng_conceal_seed_error(struct stm32_rng_plat *pdata)
{
log_debug("Concealing RNG seed error\n");
if (pdata->data->has_cond_reset)
return stm32_rng_conceal_seed_error_cond_reset(pdata);
else
return stm32_rng_conceal_seed_error_sw_reset(pdata);
};
static int stm32_rng_read(struct udevice *dev, void *data, size_t len)
{
int retval;
u32 sr, reg;
size_t increment;
struct stm32_rng_plat *pdata = dev_get_plat(dev);
uint tries = 0;
while (len > 0) {
retval = readl_poll_timeout(pdata->base + RNG_SR, sr,
sr, 10000);
if (retval) {
log_err("%s: Timeout RNG no data", __func__);
return retval;
}
if (sr != RNG_SR_DRDY) {
if (sr & RNG_SR_SEIS) {
retval = stm32_rng_conceal_seed_error(pdata);
tries++;
if (retval || tries > RNG_NB_RECOVER_TRIES) {
log_err("%s: Couldn't recover from seed error", __func__);
return -ENOTRECOVERABLE;
}
/* Start again */
continue;
}
if (sr & RNG_SR_CEIS) {
log_info("RNG clock too slow");
writel_relaxed(0, pdata->base + RNG_SR);
}
}
/*
* Once the DRDY bit is set, the RNG_DR register can
* be read up to four consecutive times.
*/
reg = readl(pdata->base + RNG_DR);
/* Late seed error case: DR being 0 is an error status */
if (!reg) {
retval = stm32_rng_conceal_seed_error(pdata);
tries++;
if (retval || tries > RNG_NB_RECOVER_TRIES) {
log_err("%s: Couldn't recover from seed error", __func__);
return -ENOTRECOVERABLE;
}
/* Start again */
continue;
}
increment = min(len, sizeof(u32));
memcpy(data, &reg, increment);
data += increment;
len -= increment;
tries = 0;
}
return 0;
}
static uint stm32_rng_clock_freq_restrain(struct stm32_rng_plat *pdata)
{
ulong clock_rate = 0;
uint clock_div = 0;
clock_rate = clk_get_rate(&pdata->clk);
/*
* Get the exponent to apply on the CLKDIV field in RNG_CR register.
* No need to handle the case when clock-div > 0xF as it is physically
* impossible.
*/
while ((clock_rate >> clock_div) > pdata->data->max_clock_rate)
clock_div++;
log_debug("RNG clk rate : %lu\n", clk_get_rate(&pdata->clk) >> clock_div);
return clock_div;
}
static int stm32_rng_init(struct stm32_rng_plat *pdata)
{
int err;
u32 cr, sr;
err = clk_enable(&pdata->clk);
if (err)
return err;
cr = readl(pdata->base + RNG_CR);
if (pdata->data->has_cond_reset) {
uint clock_div = stm32_rng_clock_freq_restrain(pdata);
cr |= RNG_CR_CONDRST | (clock_div << RNG_CR_CLKDIV_SHIFT);
if (pdata->ced)
cr &= ~RNG_CR_CED;
else
cr |= RNG_CR_CED;
writel(cr, pdata->base + RNG_CR);
cr &= ~RNG_CR_CONDRST;
cr |= RNG_CR_RNGEN;
writel(cr, pdata->base + RNG_CR);
err = readl_poll_timeout(pdata->base + RNG_CR, cr,
(!(cr & RNG_CR_CONDRST)), 10000);
if (err)
return err;
} else {
if (pdata->ced)
cr &= ~RNG_CR_CED;
else
cr |= RNG_CR_CED;
cr |= RNG_CR_RNGEN;
writel(cr, pdata->base + RNG_CR);
}
/* clear error indicators */
writel(0, pdata->base + RNG_SR);
err = readl_poll_timeout(pdata->base + RNG_SR, sr,
sr & RNG_SR_DRDY, 10000);
return err;
}
static int stm32_rng_cleanup(struct stm32_rng_plat *pdata)
{
writel(0, pdata->base + RNG_CR);
return clk_disable(&pdata->clk);
}
static int stm32_rng_probe(struct udevice *dev)
{
struct stm32_rng_plat *pdata = dev_get_plat(dev);
pdata->data = (struct stm32_rng_data *)dev_get_driver_data(dev);
reset_assert(&pdata->rst);
udelay(20);
reset_deassert(&pdata->rst);
return stm32_rng_init(pdata);
}
static int stm32_rng_remove(struct udevice *dev)
{
struct stm32_rng_plat *pdata = dev_get_plat(dev);
return stm32_rng_cleanup(pdata);
}
static int stm32_rng_of_to_plat(struct udevice *dev)
{
struct stm32_rng_plat *pdata = dev_get_plat(dev);
int err;
pdata->base = dev_read_addr(dev);
if (!pdata->base)
return -ENOMEM;
err = clk_get_by_index(dev, 0, &pdata->clk);
if (err)
return err;
err = reset_get_by_index(dev, 0, &pdata->rst);
if (err)
return err;
pdata->ced = dev_read_bool(dev, "clock-error-detect");
return 0;
}
static const struct dm_rng_ops stm32_rng_ops = {
.read = stm32_rng_read,
};
static const struct stm32_rng_data stm32mp13_rng_data = {
.has_cond_reset = true,
.max_clock_rate = 48000000,
};
static const struct stm32_rng_data stm32_rng_data = {
.has_cond_reset = false,
.max_clock_rate = 3000000,
};
static const struct udevice_id stm32_rng_match[] = {
{.compatible = "st,stm32mp13-rng", .data = (ulong)&stm32mp13_rng_data},
{.compatible = "st,stm32-rng", .data = (ulong)&stm32_rng_data},
{},
};
U_BOOT_DRIVER(stm32_rng) = {
.name = "stm32-rng",
.id = UCLASS_RNG,
.of_match = stm32_rng_match,
.ops = &stm32_rng_ops,
.probe = stm32_rng_probe,
.remove = stm32_rng_remove,
.plat_auto = sizeof(struct stm32_rng_plat),
.of_to_plat = stm32_rng_of_to_plat,
};
Reference in a new issue View git blame Copy permalink