From ea53756d831a1a5db3ca00a12747365e2fcb4bd8 Mon Sep 17 00:00:00 2001 From: Andrey Smirnov Date: Thu, 19 Mar 2020 09:12:33 -0700 Subject: crypto: caam - limit single JD RNG output to maximum of 16 bytes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In order to follow recommendation in SP800-90C (section "9.4 The Oversampling-NRBG Construction") limit the output of "generate" JD submitted to CAAM. See https://lore.kernel.org/linux-crypto/VI1PR0402MB3485EF10976A4A69F90E5B0F98580@VI1PR0402MB3485.eurprd04.prod.outlook.com/ for more details. This change should make CAAM's hwrng driver good enough to have 1024 quality rating. Signed-off-by: Andrey Smirnov Reviewed-by: Horia Geantă Cc: Chris Healy Cc: Lucas Stach Cc: Horia Geantă Cc: Herbert Xu Cc: Iuliana Prodan Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: linux-imx@nxp.com Signed-off-by: Herbert Xu --- drivers/crypto/caam/caamrng.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) (limited to 'drivers/crypto/caam') diff --git a/drivers/crypto/caam/caamrng.c b/drivers/crypto/caam/caamrng.c index 988bfddbadc6..77d048dfe5d0 100644 --- a/drivers/crypto/caam/caamrng.c +++ b/drivers/crypto/caam/caamrng.c @@ -22,9 +22,7 @@ #include "jr.h" #include "error.h" -#define CAAM_RNG_MAX_FIFO_STORE_SIZE U16_MAX - -#define CAAM_RNG_FIFO_LEN SZ_32K /* Must be a multiple of 2 */ +#define CAAM_RNG_MAX_FIFO_STORE_SIZE 16 /* * Length of used descriptors, see caam_init_desc() @@ -65,14 +63,15 @@ static void caam_rng_done(struct device *jrdev, u32 *desc, u32 err, complete(jctx->done); } -static u32 *caam_init_desc(u32 *desc, dma_addr_t dst_dma, int len) +static u32 *caam_init_desc(u32 *desc, dma_addr_t dst_dma) { init_job_desc(desc, 0); /* + 1 cmd_sz */ /* Generate random bytes: + 1 cmd_sz */ append_operation(desc, OP_ALG_ALGSEL_RNG | OP_TYPE_CLASS1_ALG | OP_ALG_PR_ON); /* Store bytes: + 1 cmd_sz + caam_ptr_sz */ - append_fifo_store(desc, dst_dma, len, FIFOST_TYPE_RNGSTORE); + append_fifo_store(desc, dst_dma, + CAAM_RNG_MAX_FIFO_STORE_SIZE, FIFOST_TYPE_RNGSTORE); print_hex_dump_debug("rng job desc@: ", DUMP_PREFIX_ADDRESS, 16, 4, desc, desc_bytes(desc), 1); @@ -92,7 +91,7 @@ static int caam_rng_read_one(struct device *jrdev, .err = &ret, }; - len = min_t(int, len, CAAM_RNG_MAX_FIFO_STORE_SIZE); + len = CAAM_RNG_MAX_FIFO_STORE_SIZE; dst_dma = dma_map_single(jrdev, dst, len, DMA_FROM_DEVICE); if (dma_mapping_error(jrdev, dst_dma)) { @@ -102,7 +101,7 @@ static int caam_rng_read_one(struct device *jrdev, init_completion(done); err = caam_jr_enqueue(jrdev, - caam_init_desc(desc, dst_dma, len), + caam_init_desc(desc, dst_dma), caam_rng_done, &jctx); if (err == -EINPROGRESS) { wait_for_completion(done); @@ -122,7 +121,7 @@ static void caam_rng_fill_async(struct caam_rng_ctx *ctx) sg_init_table(sg, ARRAY_SIZE(sg)); nents = kfifo_dma_in_prepare(&ctx->fifo, sg, ARRAY_SIZE(sg), - CAAM_RNG_FIFO_LEN); + CAAM_RNG_MAX_FIFO_STORE_SIZE); if (!nents) return; @@ -156,7 +155,7 @@ static int caam_read(struct hwrng *rng, void *dst, size_t max, bool wait) } out = kfifo_out(&ctx->fifo, dst, max); - if (kfifo_len(&ctx->fifo) <= CAAM_RNG_FIFO_LEN / 2) + if (kfifo_is_empty(&ctx->fifo)) schedule_work(&ctx->worker); return out; @@ -186,7 +185,8 @@ static int caam_init(struct hwrng *rng) if (!ctx->desc_async) return -ENOMEM; - if (kfifo_alloc(&ctx->fifo, CAAM_RNG_FIFO_LEN, GFP_DMA | GFP_KERNEL)) + if (kfifo_alloc(&ctx->fifo, CAAM_RNG_MAX_FIFO_STORE_SIZE, + GFP_DMA | GFP_KERNEL)) return -ENOMEM; INIT_WORK(&ctx->worker, caam_rng_worker); @@ -246,6 +246,7 @@ int caam_rng_init(struct device *ctrldev) ctx->rng.cleanup = caam_cleanup; ctx->rng.read = caam_read; ctx->rng.priv = (unsigned long)ctx; + ctx->rng.quality = 1024; dev_info(ctrldev, "registering rng-caam\n"); -- cgit v1.2.3-59-g8ed1b