ENABLE_MPMM_FCONF \
SIMICS_BUILD \
FEATURE_DETECTION \
+ TRNG_SUPPORT \
)))
$(eval $(call assert_numerics,\
- title: DRTM
scope: drtm
+ - title: TRNG
+ scope: trng
+
- title: Libraries
subsections:
hardware will limit the effective VL to the maximum physically supported
VL.
+- ``TRNG_SUPPORT``: Setting this to ``1`` enables support for True
+ Random Number Generator Interface to BL31 image. This defaults to ``0``.
+
- ``TRUSTED_BOARD_BOOT``: Boolean flag to include support for the Trusted Board
Boot feature. When set to '1', BL1 and BL2 images include support to load
and verify the certificates and images in a FIP, and BL1 includes support
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This value must be defined to the UUID of the TRNG backend that is specific to
-the hardware after ``plat_trng_setup`` function is called. This value must
+the hardware after ``plat_entropy_setup`` function is called. This value must
conform to the SMCCC calling convention; The most significant 32 bits of the
UUID must not equal ``0xffffffff`` or the signed integer ``-1`` as this value in
w0 indicates failure to get a TRNG source.
#if ENABLE_RME
#include <services/rmm_core_manifest.h>
#endif
+#include <drivers/fwu/fwu_metadata.h>
#if TRNG_SUPPORT
#include "plat_trng.h"
-#endif
-#include <drivers/fwu/fwu_metadata.h>
+#endif /* TRNG_SUPPORT */
#if DRTM_SUPPORT
#include "plat_drtm.h"
#endif /* DRTM_SUPPORT */
/*
- * Copyright (c) 2021, ARM Limited. All rights reserved.
+ * Copyright (c) 2021-2022, ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#define ARM_TRNG_FEATURES U(0x84000051)
#define ARM_TRNG_GET_UUID U(0x84000052)
#define ARM_TRNG_RND32 U(0x84000053)
-#define ARM_TRNG_RND64 U(0xc4000053)
+#define ARM_TRNG_RND64 U(0xC4000053)
/* TRNG version numbers */
#define TRNG_VERSION_MAJOR (0x1)
#define TRNG_E_NO_ENTROPY (-3)
#define TRNG_E_NOT_IMPLEMENTED (-4)
-#if TRNG_SUPPORT
+/* TRNG Entropy Bit Numbers */
+#define TRNG_RND32_ENTROPY_MAXBITS (96U)
+#define TRNG_RND64_ENTROPY_MAXBITS (192U)
+
+/* Public API to perform the initial TRNG entropy setup */
void trng_setup(void);
+
+/* Public API to verify function id is part of TRNG */
bool is_trng_fid(uint32_t smc_fid);
-#else
-static inline void trng_setup(void)
-{
-}
-
-static inline bool is_trng_fid(uint32_t smc_fid)
-{
- return false;
-}
-#endif
+
+/* Handler to be called to handle TRNG smc calls */
uintptr_t trng_smc_handler(
uint32_t smc_fid,
u_register_t x1,
# Software Delegated Exception support
SDEI_SUPPORT := 0
-# True Random Number firmware Interface
+# True Random Number firmware Interface support
TRNG_SUPPORT := 0
# SMCCC PCI support
sdei_init();
#endif
+#if TRNG_SUPPORT
+ /* TRNG initialisation */
trng_setup();
+#endif /* TRNG_SUPPORT */
#if DRTM_SUPPORT
if (drtm_setup() != 0) {
return trng_smc_handler(smc_fid, x1, x2, x3, x4, cookie, handle,
flags);
}
-#endif
+#endif /* TRNG_SUPPORT */
+
#if ENABLE_RME
if (is_rmmd_el3_fid(smc_fid)) {
/*
- * Copyright (c) 2021, ARM Limited. All rights reserved.
+ * Copyright (c) 2021-2022, ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
* 192 bits of entropy, we don't have to throw out the leftover 1-63 bits of
* entropy.
*/
-#define WORDS_IN_POOL (4)
+#define WORDS_IN_POOL (4)
static uint64_t entropy[WORDS_IN_POOL];
/* index in bits of the first bit of usable entropy */
static uint32_t entropy_bit_index;
static spinlock_t trng_pool_lock;
-#define BITS_PER_WORD (sizeof(entropy[0]) * 8)
-#define BITS_IN_POOL (WORDS_IN_POOL * BITS_PER_WORD)
-#define ENTROPY_MIN_WORD (entropy_bit_index / BITS_PER_WORD)
-#define ENTROPY_FREE_BIT (entropy_bit_size + entropy_bit_index)
-#define _ENTROPY_FREE_WORD (ENTROPY_FREE_BIT / BITS_PER_WORD)
-#define ENTROPY_FREE_INDEX (_ENTROPY_FREE_WORD % WORDS_IN_POOL)
+#define BITS_PER_WORD (sizeof(entropy[0]) * 8)
+#define BITS_IN_POOL (WORDS_IN_POOL * BITS_PER_WORD)
+#define ENTROPY_MIN_WORD (entropy_bit_index / BITS_PER_WORD)
+#define ENTROPY_FREE_BIT (entropy_bit_size + entropy_bit_index)
+#define _ENTROPY_FREE_WORD (ENTROPY_FREE_BIT / BITS_PER_WORD)
+#define ENTROPY_FREE_INDEX (_ENTROPY_FREE_WORD % WORDS_IN_POOL)
/* ENTROPY_WORD_INDEX(0) includes leftover bits in the lower bits */
-#define ENTROPY_WORD_INDEX(i) ((ENTROPY_MIN_WORD + i) % WORDS_IN_POOL)
+#define ENTROPY_WORD_INDEX(i) ((ENTROPY_MIN_WORD + i) % WORDS_IN_POOL)
/*
* Fill the entropy pool until we have at least as many bits as requested.
*/
bool trng_pack_entropy(uint32_t nbits, uint64_t *out)
{
- bool success = true;
+ bool ret = true;
spin_lock(&trng_pool_lock);
if (!trng_fill_entropy(nbits)) {
- success = false;
+ ret = false;
goto out;
}
for (word_i = 0; word_i < to_fill; word_i++) {
/*
* Repack the entropy from the pool into the passed in out
- * buffer. This takes the lower bits from the valid upper bits
- * of word_i and the upper bits from the lower bits of
- * (word_i + 1).
+ * buffer. This takes lesser bits from the valid upper bits
+ * of word_i and more bits from the lower bits of (word_i + 1).
*
* I found the following diagram useful. note: `e` represents
* valid entropy, ` ` represents invalid bits (not entropy) and
out:
spin_unlock(&trng_pool_lock);
- return success;
+ return ret;
}
void trng_entropy_pool_setup(void)
/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
static uintptr_t trng_rnd32(uint32_t nbits, void *handle)
{
uint32_t mask = ~0U;
- uint64_t ent[2];
+ uint64_t ent[2] = {0};
- if (nbits == 0U || nbits > 96U) {
+ if (nbits == 0U || nbits > TRNG_RND32_ENTROPY_MAXBITS) {
SMC_RET1(handle, TRNG_E_INVALID_PARAMS);
}
static uintptr_t trng_rnd64(uint32_t nbits, void *handle)
{
uint64_t mask = ~0ULL;
- uint64_t ent[3];
+ uint64_t ent[3] = {0};
- if (nbits == 0U || nbits > 192U) {
+ if (nbits == 0U || nbits > TRNG_RND64_ENTROPY_MAXBITS) {
SMC_RET1(handle, TRNG_E_INVALID_PARAMS);
}
switch (smc_fid) {
case ARM_TRNG_VERSION:
SMC_RET1(handle, MAKE_SMCCC_VERSION(
- TRNG_VERSION_MAJOR, TRNG_VERSION_MINOR
- ));
+ TRNG_VERSION_MAJOR, TRNG_VERSION_MINOR));
break; /* unreachable */
+
case ARM_TRNG_FEATURES:
if (is_trng_fid((uint32_t)x1)) {
SMC_RET1(handle, TRNG_E_SUCCESS);
SMC_RET1(handle, TRNG_E_NOT_SUPPORTED);
}
break; /* unreachable */
+
case ARM_TRNG_GET_UUID:
SMC_UUID_RET(handle, plat_trng_uuid);
break; /* unreachable */
+
case ARM_TRNG_RND32:
return trng_rnd32((uint32_t)x1, handle);
+
case ARM_TRNG_RND64:
return trng_rnd64((uint32_t)x1, handle);
+
default:
- WARN("Unimplemented TRNG Service Call: 0x%x\n",
- smc_fid);
+ WARN("Unimplemented TRNG Service Call: 0x%x\n", smc_fid);
SMC_RET1(handle, TRNG_E_NOT_IMPLEMENTED);
break; /* unreachable */
}
projects / arm-tf.git / commitdiff