On Mon, Nov 18, 2019 at 7:50 AM Lucas Stach <l.stach@xxxxxxxxxxxxxx> wrote: > > On Mo, 2019-11-18 at 07:38 -0800, Andrey Smirnov wrote: > > In order to give CAAM-generated random data highest quarlity > > raiting (999), replace current code that uses DRNG with code that > > fetches data straight out of TRNG used to seed aforementioned DRNG. > > > > Signed-off-by: Andrey Smirnov <andrew.smirnov@xxxxxxxxx> > > Cc: Chris Healy <cphealy@xxxxxxxxx> > > Cc: Lucas Stach <l.stach@xxxxxxxxxxxxxx> > > Cc: Horia Geantă <horia.geanta@xxxxxxx> > > Cc: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> > > Cc: Iuliana Prodan <iuliana.prodan@xxxxxxx> > > Cc: linux-imx@xxxxxxx > > Cc: linux-crypto@xxxxxxxxxxxxxxx > > Cc: linux-kernel@xxxxxxxxxxxxxxx > > --- > [...] > > diff --git a/drivers/crypto/caam/trng.c b/drivers/crypto/caam/trng.c > > new file mode 100644 > > index 000000000000..ab2af786543e > > --- /dev/null > > +++ b/drivers/crypto/caam/trng.c > > @@ -0,0 +1,85 @@ > > +// SPDX-License-Identifier: GPL-2.0+ > > +/* > > + * hw_random interface for TRNG generator in CAAM RNG block > > + * > > + * Copyright 2019 Zoidac Inflight Innovations > ^ Zodiac > Ugh, thanks for catching this, will fix in v3 > > + * > > + */ > > + > > +#include <linux/hw_random.h> > > + > > +#include "compat.h" > > +#include "regs.h" > > +#include "intern.h" > > + > > +struct caam_trng_ctx { > > + struct rng4tst __iomem *r4tst; > > + struct hwrng rng; > > +}; > > + > > +static bool caam_trng_busy(struct caam_trng_ctx *ctx) > > +{ > > + return !(rd_reg32(&ctx->r4tst->rtmctl) & RTMCTL_ENT_VAL); > > +} > > + > > +static int caam_trng_read(struct hwrng *rng, void *data, size_t max, bool wait) > > +{ > > + struct caam_trng_ctx *ctx = (void *)rng->priv; > > + u32 rtent[ARRAY_SIZE(ctx->r4tst->rtent)]; > > + size_t residue = max; > > + > > + clrsetbits_32(&ctx->r4tst->rtmctl, 0, RTMCTL_ACC); > > + > > + do { > > + const size_t chunk = min(residue, sizeof(rtent)); > > + unsigned int i; > > + > > + while (caam_trng_busy(ctx)) { > > The CAAM needs quite a bit of time to gather the 384bits of raw > entropy, in my testing it was almost 60ms. A busy loop (even with a > cpu_relax) for such an extended amount of time is probably not > appropriate, better sleep for some time here. > Good point, will fix in v3. > Also in the !wait case we are almost guaranteed to leave this function > without any entropy gathered. Maybe we should just bail out on !wait > without even trying to enable the TRNG access? > Yeah, I think you're right. Will change in v3. Thanks, Andrey Smirnov