Page MenuHomeFreeBSD

Add Security System/Crypto (PRNG) driver for Allwinner A10/A20 SoC
AbandonedPublic

Authored by ganbold on Sep 13 2016, 11:30 AM.
Tags
None
Referenced Files
Unknown Object (File)
Dec 22 2023, 9:42 PM
Unknown Object (File)
Dec 4 2023, 2:07 PM
Unknown Object (File)
Dec 4 2023, 10:09 AM
Unknown Object (File)
Nov 14 2023, 3:35 PM
Unknown Object (File)
Nov 10 2023, 6:34 PM
Unknown Object (File)
Nov 9 2023, 2:12 AM
Unknown Object (File)
Nov 8 2023, 6:36 PM
Unknown Object (File)
Nov 5 2023, 9:40 PM
Subscribers

Details

Reviewers
manu
jmcneill
jmg
markm
Group Reviewers
secteam
Summary

Allwinner A10/A20 Security System (SS) is an encryption/decryption, hashing and PRNG hardware accelerator.
It supports following features:

  • EBC, CBC, CNT modes for AES, DES and 3DES
  • SHA1, MD5
  • 128 bits, 192 bits and 256 bits key size for AES
  • 160 bits PRNG with 192-bits seed
  • 32-words RX and TX FIFO
  • CPU mode and DMA mode
  • Interrupt signaling

This driver currently supports PRNG only.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 5645
Build 5924: CI src buildJenkins

Event Timeline

ganbold retitled this revision from to Add Security System/Crypto (PRNG) driver for Allwinner A10/A20 SoC.
ganbold updated this object.
ganbold edited the test plan for this revision. (Show Details)
ganbold added reviewers: jmcneill, manu.
ganbold set the repository for this revision to rS FreeBSD src repository - subversion.
sys/arm/allwinner/a10_crypto.c
53

space after 1

165

The sun4i-ss binding defines an optional reset named "ahb". Here is an example node from sun6i-a31.dtsi:

crypto: crypto-engine@01c15000 {
    compatible = "allwinner,sun4i-a10-crypto";
    reg = <0x01c15000 0x1000>;
    interrupts = <GIC_SPI 80 IRQ_TYPE_LEVEL_HIGH>;
    clocks = <&ahb1_gates 5>, <&ss_clk>;
    clock-names = "ahb", "mod";
    resets = <&ahb1_rst 5>;
    reset-names = "ahb";
};

Pull in sys/dev/extres/hwreset/hwreset.h use hwreset_get_by_ofw_name and hwreset_deassert before enabling clocks.

169

goto error;

174

goto error;

212

You'll need to initialize clk_gate and clk_ss to NULL with the "goto error;" changes above

sys/arm/allwinner/a10_crypto.h
31

Not required

ganbold edited edge metadata.

Updated the changes according to jmcneill's review

Made changes accordingly

sys/dev/random/random_harvestq.c
283

Was this changed intended ?

ganbold edited edge metadata.

Updated according to manu@'s comment

Updated accordingly.

manu edited edge metadata.

Fine with me, I think we just need secteam@ to approve now.

This revision is now accepted and ready to land.Oct 20 2016, 5:45 PM
ganbold removed a reviewer: ganbold.

If this is truly a PRNG which it appears it is, It is not an effective source of entropy and should not be added. I'd be happy to review more information on the PRNG if you have it.

Only TRNG's are effective to seed the entropy pool, otherwise this code is 100% predictable, except for adding another timing source of entropy via the callout. You'd get just as unpredictable data by eliminating the PRNG entirely, and keeping the callout.

Googling turned up http://sunxi.montjoie.ovh/ with Linux status, which claims:

The sun4i-ss PRNG will be present on 4.14. You need libkcapi to use it via kcapi-rng tool.
The sun8i-ce PRNG is working and will be mainlined with the whole sun8i-ce driver.

The TRNG does not work for the moment. It misses the activation of an external clock which is well documented only in A83T.