diff options
author | David Cross <davidmcross@google.com> | 2023-05-04 14:29:02 -0700 |
---|---|---|
committer | Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2023-05-15 19:59:06 +0000 |
commit | 322687ee44e3a4d5fec5cdf0c240c655e1b7f47c (patch) | |
tree | 4a7e496f2eedea312463290d0d8d13a073e376d6 | |
parent | 42167827fbbc9d0100f151c2980d15a46e61957b (diff) | |
download | chrome-ec-322687ee44e3a4d5fec5cdf0c240c655e1b7f47c.tar.gz |
chip: add support for npcx trng
BUG=b:280889889
TEST=add CONFIG_RNG to NPCX based board.h file (e.g. npcx9_evb)
Change-Id: I93b3a7742c3b7d614cc1218104cd642b3339f8b3
Signed-off-by: David Cross <davidmcross@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4507895
Reviewed-by: Bobby Casey <bobbycasey@google.com>
-rw-r--r-- | chip/npcx/build.mk | 1 | ||||
-rw-r--r-- | chip/npcx/trng.c | 251 |
2 files changed, 252 insertions, 0 deletions
diff --git a/chip/npcx/build.mk b/chip/npcx/build.mk index 9e046be7ec..11155af9bb 100644 --- a/chip/npcx/build.mk +++ b/chip/npcx/build.mk @@ -40,6 +40,7 @@ chip-$(CONFIG_CEC)+=cec.o # pwm functions are implemented with the fan functions chip-$(CONFIG_PWM)+=pwm.o chip-$(CONFIG_SPI)+=spi.o +chip-$(CONFIG_RNG)+=trng.o chip-$(CONFIG_WATCHDOG)+=watchdog.o ifndef CONFIG_KEYBOARD_DISCRETE chip-$(HAS_TASK_KEYSCAN)+=keyboard_raw.o diff --git a/chip/npcx/trng.c b/chip/npcx/trng.c new file mode 100644 index 0000000000..a2d7920c14 --- /dev/null +++ b/chip/npcx/trng.c @@ -0,0 +1,251 @@ +/* Copyright 2023 The ChromiumOS Authors + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ + +/* Hardware Random Number Generator */ + +#include "common.h" +#include "console.h" +#include "host_command.h" +#include "panic.h" +#include "printf.h" +#include "registers.h" +#include "system.h" +#include "task.h" +#include "trng.h" +#include "util.h" + +#define DRBG_CONTEXT_SIZE 240 + +struct drbg_ctx { + union { + uint8_t buffer[DRBG_CONTEXT_SIZE]; + uint32_t buffer32[DRBG_CONTEXT_SIZE / 4]; + uint64_t buffer64[DRBG_CONTEXT_SIZE / 8]; + }; +} __aligned(16); + +struct drbg_ctx ctx; +struct drbg_ctx *ctx_p = &ctx; + +enum ncl_status { + NCL_STATUS_OK = 0xA5A5, + NCL_STATUS_FAIL = 0x5A5A, + NCL_STATUS_INVALID_PARAM = 0x02, + NCL_STATUS_PARAM_NOT_SUPPORTED, + NCL_STATUS_SYSTEM_BUSY, + NCL_STATUS_AUTHENTICATION_FAIL, + NCL_STATUS_NO_RESPONSE, + NCL_STATUS_HARDWARE_ERROR, +}; + +/* + * This enum defines the security strengths supported by this DRBG mechanism. + * The internally generated entropy and nonce sizes are derived from these + * values. The supported actual sizes: + * Security strength (bits) 112 128 192 256 128_Test 256_Test + * + * Entropy size (Bytes) 32 48 64 96 111 128 + * Nonce size (Bytes) 16 16 24 32 16 0 + */ +enum ncl_drbg_security_strength { + NCL_DRBG_SECURITY_STRENGTH_112b = 0, + NCL_DRBG_SECURITY_STRENGTH_128b, + NCL_DRBG_SECURITY_STRENGTH_192b, + NCL_DRBG_SECURITY_STRENGTH_256b, + NCL_DRBG_SECURITY_STRENGTH_128b_TEST, + NCL_DRBG_SECURITY_STRENGTH_256b_TEST, + NCL_DRBG_MAX_SECURITY_STRENGTH +}; + +/* The actual base address is 13C but we only need the SHA power function */ +#define NCL_SHA_BASE_ADDR 0x0000015CUL +struct ncl_sha { + /* Power on/off SHA module. */ + enum ncl_status (*power)(void *ctx, uint8_t on); +}; +#define NCL_SHA ((const struct ncl_sha *)NCL_SHA_BASE_ADDR) + +/* + * The base address of the table that holds the function pointer for each + * DRBG API in ROM. + */ +#define NCL_DRBG_BASE_ADDR 0x00000110UL +struct ncl_drbg { + /* Get the DRBG context size required by DRBG APIs. */ + uint32_t (*get_context_size)(void); + /* Initialize DRBG context. */ + enum ncl_status (*init_context)(void *ctx); + /* Power on/off DRBG module. */ + enum ncl_status (*power)(void *ctx, uint8_t on); + /* Finalize DRBG context. */ + enum ncl_status (*finalize_context)(void *ctx); + /* Initialize the DRBG hardware module and enable interrupts. */ + enum ncl_status (*init)(void *ctx, bool int_enable); + /* + * Configure DRBG, pres_resistance enables/disables (1/0) prediction + * resistance + */ + enum ncl_status (*config)(void *ctx, uint32_t reseed_interval, + uint8_t pred_resistance); + /* + * This routine creates a first instantiation of the DRBG mechanism + * parameters. The routine pulls an initial seed from the HW RNG module + * and resets the reseed counter. DRBG and SHA modules should be + * activated prior to the this operation. + */ + enum ncl_status (*instantiate)( + void *ctx, enum ncl_drbg_security_strength sec_strength, + const uint8_t *pers_string, uint32_t pers_string_len); + /* Uninstantiate DRBG module */ + enum ncl_status (*uninstantiate)(void *ctx); + /* Reseeds the internal state of the given instantce */ + enum ncl_status (*reseed)(void *ctc, uint8_t *add_data, + uint32_t add_data_len); + /* Generates a random number from the current internal state. */ + enum ncl_status (*generate)(void *ctx, const uint8_t *add_data, + uint32_t add_data_len, uint8_t *out_buff, + uint32_t out_buff_len); + /* Clear all DRBG SSPs (Sensitive Security Parameters) in HW & driver */ + enum ncl_status (*clear)(void *ctx); +}; +#define NCL_DRBG ((const struct ncl_drbg *)NCL_DRBG_BASE_ADDR) + +struct npcx_trng_state { + enum ncl_status trng_init; +}; +struct npcx_trng_state trng_state; +struct npcx_trng_state *state_p = &trng_state; + +test_mockable void trng_init(void) +{ +#ifndef CHIP_VARIANT_NPCX9M8S +#error "Please add support for CONFIG_RNG on this chip family." +#endif + + uint32_t context_size = 0; + + state_p->trng_init = NCL_STATUS_FAIL; + + context_size = NCL_DRBG->get_context_size(); + if (context_size != DRBG_CONTEXT_SIZE) + ccprintf("ERROR! Unexpected NCL DRBG context_size = %d\n", + context_size); + + state_p->trng_init = NCL_DRBG->power(ctx_p, true); + if (state_p->trng_init != NCL_STATUS_OK) { + ccprintf("ERROR! DRBG power returned %x\n", state_p->trng_init); + return; + } + + state_p->trng_init = NCL_SHA->power(ctx_p, true); + if (state_p->trng_init != NCL_STATUS_OK) { + ccprintf("ERROR! SHA power returned %x\n", state_p->trng_init); + return; + } + + state_p->trng_init = NCL_DRBG->init_context(ctx_p); + if (state_p->trng_init != NCL_STATUS_OK) { + ccprintf("ERROR! DRBG init_context returned %x\r", + state_p->trng_init); + return; + } + + state_p->trng_init = NCL_DRBG->init(ctx_p, 0); + if (state_p->trng_init != NCL_STATUS_OK) { + ccprintf("ERROR! DRBG init returned %x\r", state_p->trng_init); + return; + } + + state_p->trng_init = NCL_DRBG->config(ctx_p, 100, false); + if (state_p->trng_init != NCL_STATUS_OK) { + ccprintf("ERROR! DRBG config returned %x\r", + state_p->trng_init); + return; + } + + state_p->trng_init = NCL_DRBG->instantiate( + ctx_p, NCL_DRBG_SECURITY_STRENGTH_128b, NULL, 0); + if (state_p->trng_init != NCL_STATUS_OK) { + ccprintf("ERROR! DRBG instantiate returned %x\r", + state_p->trng_init); + return; + } + + state_p->trng_init = NCL_DRBG->power(ctx_p, false); + if (state_p->trng_init != NCL_STATUS_OK) { + ccprintf("ERROR! DRBG power returned %x\n", state_p->trng_init); + return; + } + + state_p->trng_init = NCL_SHA->power(ctx_p, false); + if (state_p->trng_init != NCL_STATUS_OK) { + ccprintf("ERROR! SHA power returned %x\n", state_p->trng_init); + return; + } +} + +uint32_t trng_rand(void) +{ + uint32_t return_value; + enum ncl_status status = NCL_STATUS_FAIL; + + /* Don't attempt generate and panic if initialization failed */ + if (state_p->trng_init != NCL_STATUS_OK) + software_panic(PANIC_SW_BAD_RNG, task_get_current()); + + status = NCL_DRBG->power(ctx_p, true); + if (status != NCL_STATUS_OK) { + ccprintf("ERROR! DRBG power returned %x\n", status); + software_panic(PANIC_SW_BAD_RNG, task_get_current()); + } + + status = NCL_SHA->power(ctx_p, true); + if (status != NCL_STATUS_OK) { + ccprintf("ERROR! SHA power returned %x\n", status); + software_panic(PANIC_SW_BAD_RNG, task_get_current()); + } + + status = NCL_DRBG->generate(NULL, NULL, 0, (uint8_t *)&return_value, 4); + if (status != NCL_STATUS_OK) { + ccprintf("ERROR! DRBG generate returned %x\r", status); + software_panic(PANIC_SW_BAD_RNG, task_get_current()); + } + + /* + * Failing to turn off the blocks has power implications but wouldn't + * result in feeding the caller a bad result, hence no panics enabled + * for failing to turn off the hardware + */ + status = NCL_DRBG->power(ctx_p, false); + if (status != NCL_STATUS_OK) + ccprintf("ERROR! DRBG power returned %x\n", status); + + status = NCL_SHA->power(ctx_p, false); + if (status != NCL_STATUS_OK) + ccprintf("ERROR! SHA power returned %x\n", status); + + return return_value; +} + +test_mockable void trng_exit(void) +{ + enum ncl_status status = NCL_STATUS_FAIL; + + status = NCL_DRBG->clear(ctx_p); + if (status != NCL_STATUS_OK) + ccprintf("ERROR! DRBG clear returned %x\r", status); + + status = NCL_DRBG->uninstantiate(ctx_p); + if (status != NCL_STATUS_OK) + ccprintf("ERROR! DRBG uninstantiate returned %x\r", status); + + status = NCL_DRBG->power(ctx_p, false); + if (status != NCL_STATUS_OK) + ccprintf("ERROR! DRBG power returned %x\n", status); + + status = NCL_SHA->power(ctx_p, false); + if (status != NCL_STATUS_OK) + ccprintf("ERROR! SHA power returned %x\n", status); +} |