A20 SoC
AbandonedPublic
Actions

Authored by ganbold on Sep 13 2016, 11:30 AM.

Details

Reviewers

manu
jmcneill
jmg
markm

Group Reviewers

secteam

Summary

Allwinner A10/A20 Security System (SS) is an encryption/decryption, hashing and PRNG hardware accelerator.
It supports following features:

EBC, CBC, CNT modes for AES, DES and 3DES
SHA1, MD5
128 bits, 192 bits and 256 bits key size for AES
160 bits PRNG with 192-bits seed
32-words RX and TX FIFO
CPU mode and DMA mode
Interrupt signaling

This driver currently supports PRNG only.

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 5645
Build 5924: CI src build	Jenkins

Event Timeline

ganbold updated this revision to Diff 20300.Sep 13 2016, 11:30 AM

ganbold retitled this revision from to Add Security System/Crypto (PRNG) driver for Allwinner A10/A20 SoC.

ganbold updated this object.

ganbold edited the test plan for this revision. (Show Details)

ganbold added reviewers: jmcneill, manu.

ganbold set the repository for this revision to rS FreeBSD src repository - subversion.

Herald added a reviewer: jmg. · View Herald TranscriptSep 13 2016, 11:30 AM

Herald added subscribers: andrew, imp. · View Herald Transcript

andrew added a reviewer: markm.Sep 13 2016, 11:40 AM

andrew added a reviewer: secteam.Sep 13 2016, 11:47 AM

jmcneill added inline comments.Sep 13 2016, 12:32 PM

sys/arm/allwinner/a10_crypto.c
53	space after 1
165	The sun4i-ss binding defines an optional reset named "ahb". Here is an example node from sun6i-a31.dtsi: crypto: crypto-engine@01c15000 { compatible = "allwinner,sun4i-a10-crypto"; reg = <0x01c15000 0x1000>; interrupts = <GIC_SPI 80 IRQ_TYPE_LEVEL_HIGH>; clocks = <&ahb1_gates 5>, <&ss_clk>; clock-names = "ahb", "mod"; resets = <&ahb1_rst 5>; reset-names = "ahb"; }; Pull in sys/dev/extres/hwreset/hwreset.h use hwreset_get_by_ofw_name and hwreset_deassert before enabling clocks.
169	goto error;
174	goto error;
212	You'll need to initialize clk_gate and clk_ss to NULL with the "goto error;" changes above
sys/arm/allwinner/a10_crypto.h
31	Not required

Updated the changes according to jmcneill's review

Herald edited edge metadata. · View Herald TranscriptSep 13 2016, 12:58 PM

Made changes accordingly

manu added inline comments.Oct 18 2016, 4:52 PM

sys/dev/random/random_harvestq.c
283	Was this changed intended ?

Updated according to manu@'s comment

Herald edited edge metadata. · View Herald TranscriptOct 18 2016, 5:14 PM

Updated accordingly.

Fine with me, I think we just need secteam@ to approve now.

This revision is now accepted and ready to land.Oct 20 2016, 5:45 PM

ganbold accepted this revision.Apr 19 2017, 2:42 AM

ganbold resigned from this revision.Apr 19 2017, 3:30 AM

ganbold removed a reviewer: ganbold.

jmcneill accepted this revision.Apr 19 2017, 1:23 PM

If this is truly a PRNG which it appears it is, It is not an effective source of entropy and should not be added. I'd be happy to review more information on the PRNG if you have it.

Only TRNG's are effective to seed the entropy pool, otherwise this code is 100% predictable, except for adding another timing source of entropy via the callout. You'd get just as unpredictable data by eliminating the PRNG entirely, and keeping the callout.

Googling turned up http://sunxi.montjoie.ovh/ with Linux status, which claims:

The sun4i-ss PRNG will be present on 4.14. You need libkcapi to use it via kcapi-rng tool.
The sun8i-ce PRNG is working and will be mainlined with the whole sun8i-ce driver.

The TRNG does not work for the moment. It misses the activation of an external clock which is well documented only in A83T.

ganbold abandoned this revision.May 5 2019, 4:13 AM