CVS commit: [netbsd-9] src/sys/arch

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: [netbsd-9] src/sys/arch
From: "Martin Husemann" <martin%netbsd.org@localhost>
Date: Mon, 18 May 2020 18:45:40 +0000

Module Name:    src
Committed By:   martin
Date:           Mon May 18 18:45:40 UTC 2020

Modified Files:
        src/sys/arch/arm/dts [netbsd-9]: sun50i-a64.dtsi
        src/sys/arch/arm/sunxi [netbsd-9]: files.sunxi sun50i_a64_ccu.c
        src/sys/arch/evbarm/conf [netbsd-9]: GENERIC64
Added Files:
        src/sys/arch/arm/sunxi [netbsd-9]: sun8i_crypto.c sun8i_crypto.h

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #912):

        sys/arch/arm/dts/sun50i-a64.dtsi: revision 1.14
        sys/arch/evbarm/conf/GENERIC64: revision 1.116
        sys/arch/evbarm/conf/GENERIC64: revision 1.131
        sys/arch/arm/sunxi/sun50i_a64_ccu.c: revision 1.21
        sys/arch/arm/sunxi/sun50i_a64_ccu.c: revision 1.22
        sys/arch/arm/sunxi/sun8i_crypto.c: revision 1.10
        sys/arch/arm/sunxi/sun8i_crypto.c: revision 1.11
        sys/arch/arm/sunxi/sun8i_crypto.c: revision 1.12
        sys/arch/arm/sunxi/sun8i_crypto.c: revision 1.1
        sys/arch/arm/sunxi/sun8i_crypto.c: revision 1.2
        sys/arch/arm/sunxi/sun8i_crypto.c: revision 1.3
        sys/arch/arm/sunxi/sun8i_crypto.h: revision 1.1
        sys/arch/arm/sunxi/sun8i_crypto.c: revision 1.4
        sys/arch/arm/sunxi/sun8i_crypto.c: revision 1.5
        sys/arch/arm/sunxi/sun8i_crypto.c: revision 1.6
        sys/arch/arm/sunxi/sun8i_crypto.c: revision 1.7
        sys/arch/arm/sunxi/sun8i_crypto.c: revision 1.8
        sys/arch/arm/sunxi/sun8i_crypto.c: revision 1.9
        sys/arch/arm/sunxi/files.sunxi: revision 1.67

Add crypto engine clock

Add SUNXI_CCU_NM_ROUND_DOWN to CE clock, fix pll parents to use 2X outputs

Add crypto engine block.

Draft driver for Allwinner Crypto Engine.
Found on, e.g., the Pinebook.

Only used for TRNG at the moment, but hooking it up to opencrypto(9)
shouldn't be too hard if anyone still cares about that these days.

The distribution of the alleged TRNG is very nonuniform distributed
seems to alternate between toward runs with exceptionally high
fractions of 0 bits and runs with exceptionally high fractions of 1
bits -- initially all my samples were mostly 0's, and then all my
samples were mostly 1's, and now I'm seeing more oscillation between
these runs.

So I've wired it up as RND_TYPE_UNKNOWN, not RND_TYPE_RNG (it will
immediately flunk our rngtest and be disabled), and I estimated it to
provide at most one bit of entropy per byte of data -- which may
still be optimistic.  I also added a sysctl node hw.sun8icryptoN.rng
to read out 1024-byte samples for analysis, and I left the driver
commented out in GENERIC64 for now.
(If anyone has contacts at Allwinner who can tell us about how the
alleged TRNG is supposed to work, please let me know!)

Reduce some duplicated bus_dma clutter.

Factor out some of the self-test logic used for debugging.

Add missing bus_dmamap_sync(POSTWRITE) while here.

Make sure ERESTART doesn't come flying out to userland.
I picked ERESTART to mean `all channels are occupied' because that's
what opencrypto(9) uses to decide whether to queue a request, but
it's not appropriate for sysctl(2) to return that.

Avoid a race between interruption and reacquisition of lock.
Otherwise, we would have leaked the memory in this case.

Tidy up comments.

Oops -- forgot to kmem_free.

Fix typo -- acknowledge interrupts _and_ errors.

Reduce entropy estimate for sun8icrypto TRNG.

NIST's SP800-90B entropy estimation tools put it at no more than .08
bits of entropy per byte of data(!), so estimate 100 bits of data per
bit of entropy.  This is probably not conservative enough -- the NIST
tools were written without knowledge of how this alleged TRNG works!
Knowledge of the physics of how the TRNG is supposed to work could
probably enable a better job at predicting the outputs.
While here, bump the size of data we can sample directly with sysctl
to 4096 bytes.

Enable sun8icrypto in GENERIC64.

But set its entropy estimate to zero until we have a better idea of
how it works.  Can't really hurt this way unless sun8icrypto is
maliciously dependent on all other inputs to the entropy pool, which
seems unlikely.

Fix (presently harmless) psato.

Don't overwrite cy_root_node; use cy_trng_node as intended.

Fix previous brainfart.

Don't use the uninitialized trng node as the root node -- derp.
Instead, use the root node as the root node, and initialize the trng
node here.


To generate a diff of this commit:
cvs rdiff -u -r1.11.2.2 -r1.11.2.3 src/sys/arch/arm/dts/sun50i-a64.dtsi
cvs rdiff -u -r1.65 -r1.65.2.1 src/sys/arch/arm/sunxi/files.sunxi
cvs rdiff -u -r1.13.2.3 -r1.13.2.4 src/sys/arch/arm/sunxi/sun50i_a64_ccu.c
cvs rdiff -u -r0 -r1.14.2.2 src/sys/arch/arm/sunxi/sun8i_crypto.c
cvs rdiff -u -r0 -r1.1.10.2 src/sys/arch/arm/sunxi/sun8i_crypto.h
cvs rdiff -u -r1.103.2.10 -r1.103.2.11 src/sys/arch/evbarm/conf/GENERIC64

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: [netbsd-9] src/sys
Next by Date: CVS commit: [netbsd-9] src/sys/arch
Previous by Thread: CVS commit: [netbsd-9] src/sys
Next by Thread: CVS commit: [netbsd-9] src/sys/arch
Indexes:

Home | Main Index | Thread Index | Old Index