* [RFC v2 0/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension
@ 2023-10-29 8:45 Heinrich Schuchardt
2023-10-29 8:45 ` [RFC v2 1/2] riscv: allow resume after exception Heinrich Schuchardt
2023-10-29 8:45 ` [RFC v2 2/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension Heinrich Schuchardt
0 siblings, 2 replies; 12+ messages in thread
From: Heinrich Schuchardt @ 2023-10-29 8:45 UTC (permalink / raw)
To: Rick Chen, Leo
Cc: Sughosh Ganu, Anup Patel, Kautuk Consul, Chanho Park, u-boot,
Heinrich Schuchardt
The Zkr ISA extension (ratified Nov 2021) introduced the seed CSR. It
provides an interface to a physical entropy source.
A RNG driver based on the seed CSR is provided. It depends on
mseccfg.sseed being set in the SBI firmware.
If the seed CSR readable, is not determinable by S-mode without risking
an exception. For safe driver probing allow to resume via a longjmp
after an exception.
As the driver depends on mseccfg.sseed=1 we should wait with merging the
driver until a decision has been taken in the RISC-V PRS TG on prescribing
this.
Heinrich Schuchardt (2):
riscv: allow resume after exception
rng: Provide a RNG based on the RISC-V Zkr ISA extension
arch/riscv/lib/interrupts.c | 13 ++++
drivers/rng/Kconfig | 8 +++
drivers/rng/Makefile | 1 +
drivers/rng/riscv_zkr_rng.c | 116 ++++++++++++++++++++++++++++++++++++
include/interrupt.h | 22 +++++++
5 files changed, 160 insertions(+)
create mode 100644 drivers/rng/riscv_zkr_rng.c
create mode 100644 include/interrupt.h
--
2.40.1
^ permalink raw reply [flat|nested] 12+ messages in thread
* [RFC v2 1/2] riscv: allow resume after exception
2023-10-29 8:45 [RFC v2 0/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension Heinrich Schuchardt
@ 2023-10-29 8:45 ` Heinrich Schuchardt
2023-10-30 8:24 ` Leo Liang
2023-10-31 7:53 ` Xiang W
2023-10-29 8:45 ` [RFC v2 2/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension Heinrich Schuchardt
1 sibling, 2 replies; 12+ messages in thread
From: Heinrich Schuchardt @ 2023-10-29 8:45 UTC (permalink / raw)
To: Rick Chen, Leo
Cc: Sughosh Ganu, Anup Patel, Kautuk Consul, Chanho Park, u-boot,
Heinrich Schuchardt
If CSRs like seed are readable by S-mode, may not be determinable by
S-mode. For safe driver probing allow to resume via a longjmp after an
exception.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
---
v2:
new patch
---
arch/riscv/lib/interrupts.c | 13 +++++++++++++
include/interrupt.h | 22 ++++++++++++++++++++++
2 files changed, 35 insertions(+)
create mode 100644 include/interrupt.h
diff --git a/arch/riscv/lib/interrupts.c b/arch/riscv/lib/interrupts.c
index 02dbcfd423..a26ccc721f 100644
--- a/arch/riscv/lib/interrupts.c
+++ b/arch/riscv/lib/interrupts.c
@@ -12,6 +12,7 @@
#include <linux/compat.h>
#include <efi_loader.h>
#include <hang.h>
+#include <interrupt.h>
#include <irq_func.h>
#include <asm/global_data.h>
#include <asm/ptrace.h>
@@ -21,6 +22,13 @@
DECLARE_GLOBAL_DATA_PTR;
+static struct resume_data *resume;
+
+void set_resume(struct resume_data *data)
+{
+ resume = data;
+}
+
static void show_efi_loaded_images(uintptr_t epc)
{
efi_print_image_infos((void *)epc);
@@ -105,6 +113,11 @@ static void _exit_trap(ulong code, ulong epc, ulong tval, struct pt_regs *regs)
"Store/AMO page fault",
};
+ if (resume) {
+ resume->code = code;
+ longjmp(resume->jump, 1);
+ }
+
if (code < ARRAY_SIZE(exception_code))
printf("Unhandled exception: %s\n", exception_code[code]);
else
diff --git a/include/interrupt.h b/include/interrupt.h
new file mode 100644
index 0000000000..1baa60bcf2
--- /dev/null
+++ b/include/interrupt.h
@@ -0,0 +1,22 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+
+#include <asm/setjmp.h>
+
+/**
+ * struct resume_data - data for resume after interrupt
+ */
+struct resume_data {
+ /** @jump: longjmp buffer */
+ jmp_buf jump;
+ /** @code: exception code */
+ ulong code;
+};
+
+/**
+ * set_resume() - set longjmp buffer for resuming after interrupt
+ *
+ * When resuming the exception code will be returned in @data->code.
+ *
+ * @data: pointer to structure with longjmp address
+ */
+void set_resume(struct resume_data *data);
--
2.40.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [RFC v2 2/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension
2023-10-29 8:45 [RFC v2 0/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension Heinrich Schuchardt
2023-10-29 8:45 ` [RFC v2 1/2] riscv: allow resume after exception Heinrich Schuchardt
@ 2023-10-29 8:45 ` Heinrich Schuchardt
2023-10-30 8:25 ` Leo Liang
2023-10-31 6:16 ` merle w
1 sibling, 2 replies; 12+ messages in thread
From: Heinrich Schuchardt @ 2023-10-29 8:45 UTC (permalink / raw)
To: Rick Chen, Leo
Cc: Sughosh Ganu, Anup Patel, Kautuk Consul, Chanho Park, u-boot,
Heinrich Schuchardt
The Zkr ISA extension (ratified Nov 2021) introduced the seed CSR. It
provides an interface to a physical entropy source.
A RNG driver based on the seed CSR is provided. It depends on
mseccfg.sseed being set in the SBI firmware.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
---
v2:
Resume after exception if seed CSR cannot be read.
---
drivers/rng/Kconfig | 8 +++
drivers/rng/Makefile | 1 +
drivers/rng/riscv_zkr_rng.c | 116 ++++++++++++++++++++++++++++++++++++
3 files changed, 125 insertions(+)
create mode 100644 drivers/rng/riscv_zkr_rng.c
diff --git a/drivers/rng/Kconfig b/drivers/rng/Kconfig
index 994cc35b27..4f6e367169 100644
--- a/drivers/rng/Kconfig
+++ b/drivers/rng/Kconfig
@@ -48,6 +48,14 @@ config RNG_OPTEE
accessible to normal world but reserved and used by the OP-TEE
to avoid the weakness of a software PRNG.
+config RNG_RISCV_ZKR
+ bool "RISC-V Zkr random number generator"
+ depends on RISCV_SMODE
+ help
+ This driver provides a Random Number Generator based on the
+ Zkr RISC-V ISA extension which provides an interface to an
+ NIST SP 800-90B or BSI AIS-31 compliant physical entropy source.
+
config RNG_STM32
bool "Enable random number generator for STM32"
depends on ARCH_STM32 || ARCH_STM32MP
diff --git a/drivers/rng/Makefile b/drivers/rng/Makefile
index 47b323e61e..a5d3ca4130 100644
--- a/drivers/rng/Makefile
+++ b/drivers/rng/Makefile
@@ -10,6 +10,7 @@ obj-$(CONFIG_RNG_MSM) += msm_rng.o
obj-$(CONFIG_RNG_NPCM) += npcm_rng.o
obj-$(CONFIG_RNG_OPTEE) += optee_rng.o
obj-$(CONFIG_RNG_STM32) += stm32_rng.o
+obj-$(CONFIG_RNG_RISCV_ZKR) += riscv_zkr_rng.o
obj-$(CONFIG_RNG_ROCKCHIP) += rockchip_rng.o
obj-$(CONFIG_RNG_IPROC200) += iproc_rng200.o
obj-$(CONFIG_RNG_SMCCC_TRNG) += smccc_trng.o
diff --git a/drivers/rng/riscv_zkr_rng.c b/drivers/rng/riscv_zkr_rng.c
new file mode 100644
index 0000000000..8c9e111e2e
--- /dev/null
+++ b/drivers/rng/riscv_zkr_rng.c
@@ -0,0 +1,116 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * The RISC-V Zkr extension provides CSR seed which provides access to a
+ * random number generator.
+ */
+
+#define LOG_CATEGORY UCLASS_RNG
+
+#include <dm.h>
+#include <interrupt.h>
+#include <log.h>
+#include <rng.h>
+
+#define DRIVER_NAME "riscv_zkr"
+
+enum opst {
+ /** @BIST: built in self test running */
+ BIST = 0b00,
+ /** @WAIT: sufficient amount of entropy is not yet available */
+ WAIT = 0b01,
+ /** @ES16: 16bits of entropy available */
+ ES16 = 0b10,
+ /** @DEAD: unrecoverable self-test error */
+ DEAD = 0b11,
+};
+
+static unsigned long read_seed(void)
+{
+ unsigned long ret;
+
+ __asm__ __volatile__("csrrw %0, seed, x0" : "=r" (ret) : : "memory");
+
+ return ret;
+}
+
+static int riscv_zkr_read(struct udevice *dev, void *data, size_t len)
+{
+ u8 *ptr = data;
+
+ while (len) {
+ u32 val;
+
+ val = read_seed();
+
+ switch (val >> 30) {
+ case BIST:
+ continue;
+ case WAIT:
+ continue;
+ case ES16:
+ *ptr++ = val & 0xff;
+ if (--len) {
+ *ptr++ = val >> 8;
+ --len;
+ }
+ break;
+ case DEAD:
+ return -ENODEV;
+ }
+ }
+
+ return 0;
+}
+
+/**
+ * riscv_zkr_probe() - check if the seed register is available
+ *
+ * If the SBI software has not set mseccfg.sseed=1 or the Zkr
+ * extension is not available this probe function will result
+ * in an exception. Currently we cannot recover from this.
+ *
+ * @dev: RNG device
+ * Return: 0 if successfully probed
+ */
+static int riscv_zkr_probe(struct udevice *dev)
+{
+ struct resume_data resume;
+ int ret;
+ u32 val;
+
+ /* Check if reading seed leads to interrupt */
+ set_resume(&resume);
+ ret = setjmp(resume.jump);
+ if (ret)
+ log_debug("Exception %ld reading seed CSR\n", resume.code);
+ else
+ val = read_seed();
+ set_resume(NULL);
+ if (ret)
+ return -ENODEV;
+
+ do {
+ val = read_seed();
+ val >>= 30;
+ } while (val == BIST || val == WAIT);
+
+ if (val == DEAD)
+ return -ENODEV;
+
+ return 0;
+}
+
+static const struct dm_rng_ops riscv_zkr_ops = {
+ .read = riscv_zkr_read,
+};
+
+U_BOOT_DRIVER(riscv_zkr) = {
+ .name = DRIVER_NAME,
+ .id = UCLASS_RNG,
+ .ops = &riscv_zkr_ops,
+ .probe = riscv_zkr_probe,
+};
+
+U_BOOT_DRVINFO(cpu_riscv_zkr) = {
+ .name = DRIVER_NAME,
+};
--
2.40.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [RFC v2 1/2] riscv: allow resume after exception
2023-10-29 8:45 ` [RFC v2 1/2] riscv: allow resume after exception Heinrich Schuchardt
@ 2023-10-30 8:24 ` Leo Liang
2023-10-31 7:53 ` Xiang W
1 sibling, 0 replies; 12+ messages in thread
From: Leo Liang @ 2023-10-30 8:24 UTC (permalink / raw)
To: Heinrich Schuchardt
Cc: Rick Chen, Sughosh Ganu, Anup Patel, Kautuk Consul, Chanho Park,
u-boot
On Sun, Oct 29, 2023 at 09:45:32AM +0100, Heinrich Schuchardt wrote:
> If CSRs like seed are readable by S-mode, may not be determinable by
> S-mode. For safe driver probing allow to resume via a longjmp after an
> exception.
>
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> ---
> v2:
> new patch
> ---
> arch/riscv/lib/interrupts.c | 13 +++++++++++++
> include/interrupt.h | 22 ++++++++++++++++++++++
> 2 files changed, 35 insertions(+)
> create mode 100644 include/interrupt.h
Reviewed-by: Leo Yu-Chi Liang <ycliang@andestech.com>
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC v2 2/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension
2023-10-29 8:45 ` [RFC v2 2/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension Heinrich Schuchardt
@ 2023-10-30 8:25 ` Leo Liang
2023-10-31 6:16 ` merle w
1 sibling, 0 replies; 12+ messages in thread
From: Leo Liang @ 2023-10-30 8:25 UTC (permalink / raw)
To: Heinrich Schuchardt
Cc: Rick Chen, Sughosh Ganu, Anup Patel, Kautuk Consul, Chanho Park,
u-boot
On Sun, Oct 29, 2023 at 09:45:33AM +0100, Heinrich Schuchardt wrote:
> The Zkr ISA extension (ratified Nov 2021) introduced the seed CSR. It
> provides an interface to a physical entropy source.
>
> A RNG driver based on the seed CSR is provided. It depends on
> mseccfg.sseed being set in the SBI firmware.
>
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> ---
> v2:
> Resume after exception if seed CSR cannot be read.
> ---
> drivers/rng/Kconfig | 8 +++
> drivers/rng/Makefile | 1 +
> drivers/rng/riscv_zkr_rng.c | 116 ++++++++++++++++++++++++++++++++++++
> 3 files changed, 125 insertions(+)
> create mode 100644 drivers/rng/riscv_zkr_rng.c
Reviewed-by: Leo Yu-Chi Liang <ycliang@andestech.com>
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC v2 2/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension
2023-10-29 8:45 ` [RFC v2 2/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension Heinrich Schuchardt
2023-10-30 8:25 ` Leo Liang
@ 2023-10-31 6:16 ` merle w
2023-10-31 6:38 ` Heinrich Schuchardt
2023-10-31 6:43 ` Leo Liang
1 sibling, 2 replies; 12+ messages in thread
From: merle w @ 2023-10-31 6:16 UTC (permalink / raw)
To: Heinrich Schuchardt
Cc: Rick Chen, Leo, Sughosh Ganu, Anup Patel, Kautuk Consul,
Chanho Park, u-boot
drivers/rng/riscv_zkr_rng.c:10:10: fatal error: interrupt.h: No such
file or directory
10 | #include <interrupt.h>
| ^~~~~~~~~~~~~
compilation terminated.
Where is this interrupt.h?
Regards,
Xiang W
Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 于2023年10月29日周日 16:46写道:
>
> The Zkr ISA extension (ratified Nov 2021) introduced the seed CSR. It
> provides an interface to a physical entropy source.
>
> A RNG driver based on the seed CSR is provided. It depends on
> mseccfg.sseed being set in the SBI firmware.
>
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> ---
> v2:
> Resume after exception if seed CSR cannot be read.
> ---
> drivers/rng/Kconfig | 8 +++
> drivers/rng/Makefile | 1 +
> drivers/rng/riscv_zkr_rng.c | 116 ++++++++++++++++++++++++++++++++++++
> 3 files changed, 125 insertions(+)
> create mode 100644 drivers/rng/riscv_zkr_rng.c
>
> diff --git a/drivers/rng/Kconfig b/drivers/rng/Kconfig
> index 994cc35b27..4f6e367169 100644
> --- a/drivers/rng/Kconfig
> +++ b/drivers/rng/Kconfig
> @@ -48,6 +48,14 @@ config RNG_OPTEE
> accessible to normal world but reserved and used by the OP-TEE
> to avoid the weakness of a software PRNG.
>
> +config RNG_RISCV_ZKR
> + bool "RISC-V Zkr random number generator"
> + depends on RISCV_SMODE
> + help
> + This driver provides a Random Number Generator based on the
> + Zkr RISC-V ISA extension which provides an interface to an
> + NIST SP 800-90B or BSI AIS-31 compliant physical entropy source.
> +
> config RNG_STM32
> bool "Enable random number generator for STM32"
> depends on ARCH_STM32 || ARCH_STM32MP
> diff --git a/drivers/rng/Makefile b/drivers/rng/Makefile
> index 47b323e61e..a5d3ca4130 100644
> --- a/drivers/rng/Makefile
> +++ b/drivers/rng/Makefile
> @@ -10,6 +10,7 @@ obj-$(CONFIG_RNG_MSM) += msm_rng.o
> obj-$(CONFIG_RNG_NPCM) += npcm_rng.o
> obj-$(CONFIG_RNG_OPTEE) += optee_rng.o
> obj-$(CONFIG_RNG_STM32) += stm32_rng.o
> +obj-$(CONFIG_RNG_RISCV_ZKR) += riscv_zkr_rng.o
> obj-$(CONFIG_RNG_ROCKCHIP) += rockchip_rng.o
> obj-$(CONFIG_RNG_IPROC200) += iproc_rng200.o
> obj-$(CONFIG_RNG_SMCCC_TRNG) += smccc_trng.o
> diff --git a/drivers/rng/riscv_zkr_rng.c b/drivers/rng/riscv_zkr_rng.c
> new file mode 100644
> index 0000000000..8c9e111e2e
> --- /dev/null
> +++ b/drivers/rng/riscv_zkr_rng.c
> @@ -0,0 +1,116 @@
> +// SPDX-License-Identifier: GPL-2.0-or-later
> +/*
> + * The RISC-V Zkr extension provides CSR seed which provides access to a
> + * random number generator.
> + */
> +
> +#define LOG_CATEGORY UCLASS_RNG
> +
> +#include <dm.h>
> +#include <interrupt.h>
> +#include <log.h>
> +#include <rng.h>
> +
> +#define DRIVER_NAME "riscv_zkr"
> +
> +enum opst {
> + /** @BIST: built in self test running */
> + BIST = 0b00,
> + /** @WAIT: sufficient amount of entropy is not yet available */
> + WAIT = 0b01,
> + /** @ES16: 16bits of entropy available */
> + ES16 = 0b10,
> + /** @DEAD: unrecoverable self-test error */
> + DEAD = 0b11,
> +};
> +
> +static unsigned long read_seed(void)
> +{
> + unsigned long ret;
> +
> + __asm__ __volatile__("csrrw %0, seed, x0" : "=r" (ret) : : "memory");
> +
> + return ret;
> +}
> +
> +static int riscv_zkr_read(struct udevice *dev, void *data, size_t len)
> +{
> + u8 *ptr = data;
> +
> + while (len) {
> + u32 val;
> +
> + val = read_seed();
> +
> + switch (val >> 30) {
> + case BIST:
> + continue;
> + case WAIT:
> + continue;
> + case ES16:
> + *ptr++ = val & 0xff;
> + if (--len) {
> + *ptr++ = val >> 8;
> + --len;
> + }
> + break;
> + case DEAD:
> + return -ENODEV;
> + }
> + }
> +
> + return 0;
> +}
> +
> +/**
> + * riscv_zkr_probe() - check if the seed register is available
> + *
> + * If the SBI software has not set mseccfg.sseed=1 or the Zkr
> + * extension is not available this probe function will result
> + * in an exception. Currently we cannot recover from this.
> + *
> + * @dev: RNG device
> + * Return: 0 if successfully probed
> + */
> +static int riscv_zkr_probe(struct udevice *dev)
> +{
> + struct resume_data resume;
> + int ret;
> + u32 val;
> +
> + /* Check if reading seed leads to interrupt */
> + set_resume(&resume);
> + ret = setjmp(resume.jump);
> + if (ret)
> + log_debug("Exception %ld reading seed CSR\n", resume.code);
> + else
> + val = read_seed();
> + set_resume(NULL);
> + if (ret)
> + return -ENODEV;
> +
> + do {
> + val = read_seed();
> + val >>= 30;
> + } while (val == BIST || val == WAIT);
> +
> + if (val == DEAD)
> + return -ENODEV;
> +
> + return 0;
> +}
> +
> +static const struct dm_rng_ops riscv_zkr_ops = {
> + .read = riscv_zkr_read,
> +};
> +
> +U_BOOT_DRIVER(riscv_zkr) = {
> + .name = DRIVER_NAME,
> + .id = UCLASS_RNG,
> + .ops = &riscv_zkr_ops,
> + .probe = riscv_zkr_probe,
> +};
> +
> +U_BOOT_DRVINFO(cpu_riscv_zkr) = {
> + .name = DRIVER_NAME,
> +};
> --
> 2.40.1
>
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC v2 2/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension
2023-10-31 6:16 ` merle w
@ 2023-10-31 6:38 ` Heinrich Schuchardt
2023-10-31 6:43 ` Leo Liang
1 sibling, 0 replies; 12+ messages in thread
From: Heinrich Schuchardt @ 2023-10-31 6:38 UTC (permalink / raw)
To: merle w
Cc: Rick Chen, Leo, Sughosh Ganu, Anup Patel, Kautuk Consul,
Chanho Park, U-Boot Mailing List
merle w <merlew4n6@gmail.com> schrieb am Di., 31. Okt. 2023, 08:16:
> drivers/rng/riscv_zkr_rng.c:10:10: fatal error: interrupt.h: No such
> file or directory
> 10 | #include <interrupt.h>
> | ^~~~~~~~~~~~~
> compilation terminated.
>
> Where is this interrupt.h?
>
Please, see patch 1/2.
Best regards
Heinrich
> Regards,
> Xiang W
>
> Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 于2023年10月29日周日
> 16:46写道:
> >
> > The Zkr ISA extension (ratified Nov 2021) introduced the seed CSR. It
> > provides an interface to a physical entropy source.
> >
> > A RNG driver based on the seed CSR is provided. It depends on
> > mseccfg.sseed being set in the SBI firmware.
> >
> > Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> > ---
> > v2:
> > Resume after exception if seed CSR cannot be read.
> > ---
> > drivers/rng/Kconfig | 8 +++
> > drivers/rng/Makefile | 1 +
> > drivers/rng/riscv_zkr_rng.c | 116 ++++++++++++++++++++++++++++++++++++
> > 3 files changed, 125 insertions(+)
> > create mode 100644 drivers/rng/riscv_zkr_rng.c
> >
> > diff --git a/drivers/rng/Kconfig b/drivers/rng/Kconfig
> > index 994cc35b27..4f6e367169 100644
> > --- a/drivers/rng/Kconfig
> > +++ b/drivers/rng/Kconfig
> > @@ -48,6 +48,14 @@ config RNG_OPTEE
> > accessible to normal world but reserved and used by the OP-TEE
> > to avoid the weakness of a software PRNG.
> >
> > +config RNG_RISCV_ZKR
> > + bool "RISC-V Zkr random number generator"
> > + depends on RISCV_SMODE
> > + help
> > + This driver provides a Random Number Generator based on the
> > + Zkr RISC-V ISA extension which provides an interface to an
> > + NIST SP 800-90B or BSI AIS-31 compliant physical entropy
> source.
> > +
> > config RNG_STM32
> > bool "Enable random number generator for STM32"
> > depends on ARCH_STM32 || ARCH_STM32MP
> > diff --git a/drivers/rng/Makefile b/drivers/rng/Makefile
> > index 47b323e61e..a5d3ca4130 100644
> > --- a/drivers/rng/Makefile
> > +++ b/drivers/rng/Makefile
> > @@ -10,6 +10,7 @@ obj-$(CONFIG_RNG_MSM) += msm_rng.o
> > obj-$(CONFIG_RNG_NPCM) += npcm_rng.o
> > obj-$(CONFIG_RNG_OPTEE) += optee_rng.o
> > obj-$(CONFIG_RNG_STM32) += stm32_rng.o
> > +obj-$(CONFIG_RNG_RISCV_ZKR) += riscv_zkr_rng.o
> > obj-$(CONFIG_RNG_ROCKCHIP) += rockchip_rng.o
> > obj-$(CONFIG_RNG_IPROC200) += iproc_rng200.o
> > obj-$(CONFIG_RNG_SMCCC_TRNG) += smccc_trng.o
> > diff --git a/drivers/rng/riscv_zkr_rng.c b/drivers/rng/riscv_zkr_rng.c
> > new file mode 100644
> > index 0000000000..8c9e111e2e
> > --- /dev/null
> > +++ b/drivers/rng/riscv_zkr_rng.c
> > @@ -0,0 +1,116 @@
> > +// SPDX-License-Identifier: GPL-2.0-or-later
> > +/*
> > + * The RISC-V Zkr extension provides CSR seed which provides access to a
> > + * random number generator.
> > + */
> > +
> > +#define LOG_CATEGORY UCLASS_RNG
> > +
> > +#include <dm.h>
> > +#include <interrupt.h>
> > +#include <log.h>
> > +#include <rng.h>
> > +
> > +#define DRIVER_NAME "riscv_zkr"
> > +
> > +enum opst {
> > + /** @BIST: built in self test running */
> > + BIST = 0b00,
> > + /** @WAIT: sufficient amount of entropy is not yet available */
> > + WAIT = 0b01,
> > + /** @ES16: 16bits of entropy available */
> > + ES16 = 0b10,
> > + /** @DEAD: unrecoverable self-test error */
> > + DEAD = 0b11,
> > +};
> > +
> > +static unsigned long read_seed(void)
> > +{
> > + unsigned long ret;
> > +
> > + __asm__ __volatile__("csrrw %0, seed, x0" : "=r" (ret) : :
> "memory");
> > +
> > + return ret;
> > +}
> > +
> > +static int riscv_zkr_read(struct udevice *dev, void *data, size_t len)
> > +{
> > + u8 *ptr = data;
> > +
> > + while (len) {
> > + u32 val;
> > +
> > + val = read_seed();
> > +
> > + switch (val >> 30) {
> > + case BIST:
> > + continue;
> > + case WAIT:
> > + continue;
> > + case ES16:
> > + *ptr++ = val & 0xff;
> > + if (--len) {
> > + *ptr++ = val >> 8;
> > + --len;
> > + }
> > + break;
> > + case DEAD:
> > + return -ENODEV;
> > + }
> > + }
> > +
> > + return 0;
> > +}
> > +
> > +/**
> > + * riscv_zkr_probe() - check if the seed register is available
> > + *
> > + * If the SBI software has not set mseccfg.sseed=1 or the Zkr
> > + * extension is not available this probe function will result
> > + * in an exception. Currently we cannot recover from this.
> > + *
> > + * @dev: RNG device
> > + * Return: 0 if successfully probed
> > + */
> > +static int riscv_zkr_probe(struct udevice *dev)
> > +{
> > + struct resume_data resume;
> > + int ret;
> > + u32 val;
> > +
> > + /* Check if reading seed leads to interrupt */
> > + set_resume(&resume);
> > + ret = setjmp(resume.jump);
> > + if (ret)
> > + log_debug("Exception %ld reading seed CSR\n",
> resume.code);
> > + else
> > + val = read_seed();
> > + set_resume(NULL);
> > + if (ret)
> > + return -ENODEV;
> > +
> > + do {
> > + val = read_seed();
> > + val >>= 30;
> > + } while (val == BIST || val == WAIT);
> > +
> > + if (val == DEAD)
> > + return -ENODEV;
> > +
> > + return 0;
> > +}
> > +
> > +static const struct dm_rng_ops riscv_zkr_ops = {
> > + .read = riscv_zkr_read,
> > +};
> > +
> > +U_BOOT_DRIVER(riscv_zkr) = {
> > + .name = DRIVER_NAME,
> > + .id = UCLASS_RNG,
> > + .ops = &riscv_zkr_ops,
> > + .probe = riscv_zkr_probe,
> > +};
> > +
> > +U_BOOT_DRVINFO(cpu_riscv_zkr) = {
> > + .name = DRIVER_NAME,
> > +};
> > --
> > 2.40.1
> >
>
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC v2 2/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension
2023-10-31 6:16 ` merle w
2023-10-31 6:38 ` Heinrich Schuchardt
@ 2023-10-31 6:43 ` Leo Liang
2023-10-31 7:55 ` Xiang W
1 sibling, 1 reply; 12+ messages in thread
From: Leo Liang @ 2023-10-31 6:43 UTC (permalink / raw)
To: merle w
Cc: Heinrich Schuchardt, Rick Chen, Sughosh Ganu, Anup Patel,
Kautuk Consul, Chanho Park, u-boot
Hi Xiang,
On Tue, Oct 31, 2023 at 02:16:22PM +0800, merle w wrote:
> drivers/rng/riscv_zkr_rng.c:10:10: fatal error: interrupt.h: No such
> file or directory
> 10 | #include <interrupt.h>
> | ^~~~~~~~~~~~~
> compilation terminated.
>
> Where is this interrupt.h?
I think this file is created by the first patch of this patchset.
"[RFC,v2,1/2] riscv: allow resume after exception"
Could you try to apply this patch and then test again?
It should compile without error.
Best regards,
Leo
>
> Regards,
> Xiang W
>
> Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 于2023年10月29日周日 16:46写道:
> >
> > The Zkr ISA extension (ratified Nov 2021) introduced the seed CSR. It
> > provides an interface to a physical entropy source.
> >
> > A RNG driver based on the seed CSR is provided. It depends on
> > mseccfg.sseed being set in the SBI firmware.
> >
> > Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> > ---
> > v2:
> > Resume after exception if seed CSR cannot be read.
> > ---
> > drivers/rng/Kconfig | 8 +++
> > drivers/rng/Makefile | 1 +
> > drivers/rng/riscv_zkr_rng.c | 116 ++++++++++++++++++++++++++++++++++++
> > 3 files changed, 125 insertions(+)
> > create mode 100644 drivers/rng/riscv_zkr_rng.c
> >
> > diff --git a/drivers/rng/Kconfig b/drivers/rng/Kconfig
> > index 994cc35b27..4f6e367169 100644
> > --- a/drivers/rng/Kconfig
> > +++ b/drivers/rng/Kconfig
> > @@ -48,6 +48,14 @@ config RNG_OPTEE
> > accessible to normal world but reserved and used by the OP-TEE
> > to avoid the weakness of a software PRNG.
> >
> > +config RNG_RISCV_ZKR
> > + bool "RISC-V Zkr random number generator"
> > + depends on RISCV_SMODE
> > + help
> > + This driver provides a Random Number Generator based on the
> > + Zkr RISC-V ISA extension which provides an interface to an
> > + NIST SP 800-90B or BSI AIS-31 compliant physical entropy source.
> > +
> > config RNG_STM32
> > bool "Enable random number generator for STM32"
> > depends on ARCH_STM32 || ARCH_STM32MP
> > diff --git a/drivers/rng/Makefile b/drivers/rng/Makefile
> > index 47b323e61e..a5d3ca4130 100644
> > --- a/drivers/rng/Makefile
> > +++ b/drivers/rng/Makefile
> > @@ -10,6 +10,7 @@ obj-$(CONFIG_RNG_MSM) += msm_rng.o
> > obj-$(CONFIG_RNG_NPCM) += npcm_rng.o
> > obj-$(CONFIG_RNG_OPTEE) += optee_rng.o
> > obj-$(CONFIG_RNG_STM32) += stm32_rng.o
> > +obj-$(CONFIG_RNG_RISCV_ZKR) += riscv_zkr_rng.o
> > obj-$(CONFIG_RNG_ROCKCHIP) += rockchip_rng.o
> > obj-$(CONFIG_RNG_IPROC200) += iproc_rng200.o
> > obj-$(CONFIG_RNG_SMCCC_TRNG) += smccc_trng.o
> > diff --git a/drivers/rng/riscv_zkr_rng.c b/drivers/rng/riscv_zkr_rng.c
> > new file mode 100644
> > index 0000000000..8c9e111e2e
> > --- /dev/null
> > +++ b/drivers/rng/riscv_zkr_rng.c
> > @@ -0,0 +1,116 @@
> > +// SPDX-License-Identifier: GPL-2.0-or-later
> > +/*
> > + * The RISC-V Zkr extension provides CSR seed which provides access to a
> > + * random number generator.
> > + */
> > +
> > +#define LOG_CATEGORY UCLASS_RNG
> > +
> > +#include <dm.h>
> > +#include <interrupt.h>
> > +#include <log.h>
> > +#include <rng.h>
> > +
> > +#define DRIVER_NAME "riscv_zkr"
> > +
> > +enum opst {
> > + /** @BIST: built in self test running */
> > + BIST = 0b00,
> > + /** @WAIT: sufficient amount of entropy is not yet available */
> > + WAIT = 0b01,
> > + /** @ES16: 16bits of entropy available */
> > + ES16 = 0b10,
> > + /** @DEAD: unrecoverable self-test error */
> > + DEAD = 0b11,
> > +};
> > +
> > +static unsigned long read_seed(void)
> > +{
> > + unsigned long ret;
> > +
> > + __asm__ __volatile__("csrrw %0, seed, x0" : "=r" (ret) : : "memory");
> > +
> > + return ret;
> > +}
> > +
> > +static int riscv_zkr_read(struct udevice *dev, void *data, size_t len)
> > +{
> > + u8 *ptr = data;
> > +
> > + while (len) {
> > + u32 val;
> > +
> > + val = read_seed();
> > +
> > + switch (val >> 30) {
> > + case BIST:
> > + continue;
> > + case WAIT:
> > + continue;
> > + case ES16:
> > + *ptr++ = val & 0xff;
> > + if (--len) {
> > + *ptr++ = val >> 8;
> > + --len;
> > + }
> > + break;
> > + case DEAD:
> > + return -ENODEV;
> > + }
> > + }
> > +
> > + return 0;
> > +}
> > +
> > +/**
> > + * riscv_zkr_probe() - check if the seed register is available
> > + *
> > + * If the SBI software has not set mseccfg.sseed=1 or the Zkr
> > + * extension is not available this probe function will result
> > + * in an exception. Currently we cannot recover from this.
> > + *
> > + * @dev: RNG device
> > + * Return: 0 if successfully probed
> > + */
> > +static int riscv_zkr_probe(struct udevice *dev)
> > +{
> > + struct resume_data resume;
> > + int ret;
> > + u32 val;
> > +
> > + /* Check if reading seed leads to interrupt */
> > + set_resume(&resume);
> > + ret = setjmp(resume.jump);
> > + if (ret)
> > + log_debug("Exception %ld reading seed CSR\n", resume.code);
> > + else
> > + val = read_seed();
> > + set_resume(NULL);
> > + if (ret)
> > + return -ENODEV;
> > +
> > + do {
> > + val = read_seed();
> > + val >>= 30;
> > + } while (val == BIST || val == WAIT);
> > +
> > + if (val == DEAD)
> > + return -ENODEV;
> > +
> > + return 0;
> > +}
> > +
> > +static const struct dm_rng_ops riscv_zkr_ops = {
> > + .read = riscv_zkr_read,
> > +};
> > +
> > +U_BOOT_DRIVER(riscv_zkr) = {
> > + .name = DRIVER_NAME,
> > + .id = UCLASS_RNG,
> > + .ops = &riscv_zkr_ops,
> > + .probe = riscv_zkr_probe,
> > +};
> > +
> > +U_BOOT_DRVINFO(cpu_riscv_zkr) = {
> > + .name = DRIVER_NAME,
> > +};
> > --
> > 2.40.1
> >
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC v2 1/2] riscv: allow resume after exception
2023-10-29 8:45 ` [RFC v2 1/2] riscv: allow resume after exception Heinrich Schuchardt
2023-10-30 8:24 ` Leo Liang
@ 2023-10-31 7:53 ` Xiang W
2023-10-31 12:09 ` Heinrich Schuchardt
1 sibling, 1 reply; 12+ messages in thread
From: Xiang W @ 2023-10-31 7:53 UTC (permalink / raw)
To: Heinrich Schuchardt
Cc: Rick Chen, Leo, Sughosh Ganu, Anup Patel, Kautuk Consul,
Chanho Park, u-boot
setjmp can be called in set_resume.
Regards,
Xiang W
Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 于2023年10月29日周日 16:56写道:
>
> If CSRs like seed are readable by S-mode, may not be determinable by
> S-mode. For safe driver probing allow to resume via a longjmp after an
> exception.
>
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> ---
> v2:
> new patch
> ---
> arch/riscv/lib/interrupts.c | 13 +++++++++++++
> include/interrupt.h | 22 ++++++++++++++++++++++
> 2 files changed, 35 insertions(+)
> create mode 100644 include/interrupt.h
>
> diff --git a/arch/riscv/lib/interrupts.c b/arch/riscv/lib/interrupts.c
> index 02dbcfd423..a26ccc721f 100644
> --- a/arch/riscv/lib/interrupts.c
> +++ b/arch/riscv/lib/interrupts.c
> @@ -12,6 +12,7 @@
> #include <linux/compat.h>
> #include <efi_loader.h>
> #include <hang.h>
> +#include <interrupt.h>
> #include <irq_func.h>
> #include <asm/global_data.h>
> #include <asm/ptrace.h>
> @@ -21,6 +22,13 @@
>
> DECLARE_GLOBAL_DATA_PTR;
>
> +static struct resume_data *resume;
> +
> +void set_resume(struct resume_data *data)
> +{
> + resume = data;
> +}
> +
> static void show_efi_loaded_images(uintptr_t epc)
> {
> efi_print_image_infos((void *)epc);
> @@ -105,6 +113,11 @@ static void _exit_trap(ulong code, ulong epc, ulong tval, struct pt_regs *regs)
> "Store/AMO page fault",
> };
>
> + if (resume) {
> + resume->code = code;
> + longjmp(resume->jump, 1);
> + }
> +
> if (code < ARRAY_SIZE(exception_code))
> printf("Unhandled exception: %s\n", exception_code[code]);
> else
> diff --git a/include/interrupt.h b/include/interrupt.h
> new file mode 100644
> index 0000000000..1baa60bcf2
> --- /dev/null
> +++ b/include/interrupt.h
> @@ -0,0 +1,22 @@
> +/* SPDX-License-Identifier: GPL-2.0-or-later */
> +
> +#include <asm/setjmp.h>
> +
> +/**
> + * struct resume_data - data for resume after interrupt
> + */
> +struct resume_data {
> + /** @jump: longjmp buffer */
> + jmp_buf jump;
> + /** @code: exception code */
> + ulong code;
> +};
> +
> +/**
> + * set_resume() - set longjmp buffer for resuming after interrupt
> + *
> + * When resuming the exception code will be returned in @data->code.
> + *
> + * @data: pointer to structure with longjmp address
> + */
> +void set_resume(struct resume_data *data);
> --
> 2.40.1
>
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC v2 2/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension
2023-10-31 6:43 ` Leo Liang
@ 2023-10-31 7:55 ` Xiang W
0 siblings, 0 replies; 12+ messages in thread
From: Xiang W @ 2023-10-31 7:55 UTC (permalink / raw)
To: Leo Liang
Cc: Heinrich Schuchardt, Rick Chen, Sughosh Ganu, Anup Patel,
Kautuk Consul, Chanho Park, u-boot
Sorry! I missed it.
Regards,
Xiang W
Leo Liang <ycliang@andestech.com> 于2023年10月31日周二 14:47写道:
>
> Hi Xiang,
> On Tue, Oct 31, 2023 at 02:16:22PM +0800, merle w wrote:
> > drivers/rng/riscv_zkr_rng.c:10:10: fatal error: interrupt.h: No such
> > file or directory
> > 10 | #include <interrupt.h>
> > | ^~~~~~~~~~~~~
> > compilation terminated.
> >
> > Where is this interrupt.h?
>
> I think this file is created by the first patch of this patchset.
> "[RFC,v2,1/2] riscv: allow resume after exception"
>
> Could you try to apply this patch and then test again?
> It should compile without error.
>
> Best regards,
> Leo
>
> >
> > Regards,
> > Xiang W
> >
> > Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 于2023年10月29日周日 16:46写道:
> > >
> > > The Zkr ISA extension (ratified Nov 2021) introduced the seed CSR. It
> > > provides an interface to a physical entropy source.
> > >
> > > A RNG driver based on the seed CSR is provided. It depends on
> > > mseccfg.sseed being set in the SBI firmware.
> > >
> > > Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> > > ---
> > > v2:
> > > Resume after exception if seed CSR cannot be read.
> > > ---
> > > drivers/rng/Kconfig | 8 +++
> > > drivers/rng/Makefile | 1 +
> > > drivers/rng/riscv_zkr_rng.c | 116 ++++++++++++++++++++++++++++++++++++
> > > 3 files changed, 125 insertions(+)
> > > create mode 100644 drivers/rng/riscv_zkr_rng.c
> > >
> > > diff --git a/drivers/rng/Kconfig b/drivers/rng/Kconfig
> > > index 994cc35b27..4f6e367169 100644
> > > --- a/drivers/rng/Kconfig
> > > +++ b/drivers/rng/Kconfig
> > > @@ -48,6 +48,14 @@ config RNG_OPTEE
> > > accessible to normal world but reserved and used by the OP-TEE
> > > to avoid the weakness of a software PRNG.
> > >
> > > +config RNG_RISCV_ZKR
> > > + bool "RISC-V Zkr random number generator"
> > > + depends on RISCV_SMODE
> > > + help
> > > + This driver provides a Random Number Generator based on the
> > > + Zkr RISC-V ISA extension which provides an interface to an
> > > + NIST SP 800-90B or BSI AIS-31 compliant physical entropy source.
> > > +
> > > config RNG_STM32
> > > bool "Enable random number generator for STM32"
> > > depends on ARCH_STM32 || ARCH_STM32MP
> > > diff --git a/drivers/rng/Makefile b/drivers/rng/Makefile
> > > index 47b323e61e..a5d3ca4130 100644
> > > --- a/drivers/rng/Makefile
> > > +++ b/drivers/rng/Makefile
> > > @@ -10,6 +10,7 @@ obj-$(CONFIG_RNG_MSM) += msm_rng.o
> > > obj-$(CONFIG_RNG_NPCM) += npcm_rng.o
> > > obj-$(CONFIG_RNG_OPTEE) += optee_rng.o
> > > obj-$(CONFIG_RNG_STM32) += stm32_rng.o
> > > +obj-$(CONFIG_RNG_RISCV_ZKR) += riscv_zkr_rng.o
> > > obj-$(CONFIG_RNG_ROCKCHIP) += rockchip_rng.o
> > > obj-$(CONFIG_RNG_IPROC200) += iproc_rng200.o
> > > obj-$(CONFIG_RNG_SMCCC_TRNG) += smccc_trng.o
> > > diff --git a/drivers/rng/riscv_zkr_rng.c b/drivers/rng/riscv_zkr_rng.c
> > > new file mode 100644
> > > index 0000000000..8c9e111e2e
> > > --- /dev/null
> > > +++ b/drivers/rng/riscv_zkr_rng.c
> > > @@ -0,0 +1,116 @@
> > > +// SPDX-License-Identifier: GPL-2.0-or-later
> > > +/*
> > > + * The RISC-V Zkr extension provides CSR seed which provides access to a
> > > + * random number generator.
> > > + */
> > > +
> > > +#define LOG_CATEGORY UCLASS_RNG
> > > +
> > > +#include <dm.h>
> > > +#include <interrupt.h>
> > > +#include <log.h>
> > > +#include <rng.h>
> > > +
> > > +#define DRIVER_NAME "riscv_zkr"
> > > +
> > > +enum opst {
> > > + /** @BIST: built in self test running */
> > > + BIST = 0b00,
> > > + /** @WAIT: sufficient amount of entropy is not yet available */
> > > + WAIT = 0b01,
> > > + /** @ES16: 16bits of entropy available */
> > > + ES16 = 0b10,
> > > + /** @DEAD: unrecoverable self-test error */
> > > + DEAD = 0b11,
> > > +};
> > > +
> > > +static unsigned long read_seed(void)
> > > +{
> > > + unsigned long ret;
> > > +
> > > + __asm__ __volatile__("csrrw %0, seed, x0" : "=r" (ret) : : "memory");
> > > +
> > > + return ret;
> > > +}
> > > +
> > > +static int riscv_zkr_read(struct udevice *dev, void *data, size_t len)
> > > +{
> > > + u8 *ptr = data;
> > > +
> > > + while (len) {
> > > + u32 val;
> > > +
> > > + val = read_seed();
> > > +
> > > + switch (val >> 30) {
> > > + case BIST:
> > > + continue;
> > > + case WAIT:
> > > + continue;
> > > + case ES16:
> > > + *ptr++ = val & 0xff;
> > > + if (--len) {
> > > + *ptr++ = val >> 8;
> > > + --len;
> > > + }
> > > + break;
> > > + case DEAD:
> > > + return -ENODEV;
> > > + }
> > > + }
> > > +
> > > + return 0;
> > > +}
> > > +
> > > +/**
> > > + * riscv_zkr_probe() - check if the seed register is available
> > > + *
> > > + * If the SBI software has not set mseccfg.sseed=1 or the Zkr
> > > + * extension is not available this probe function will result
> > > + * in an exception. Currently we cannot recover from this.
> > > + *
> > > + * @dev: RNG device
> > > + * Return: 0 if successfully probed
> > > + */
> > > +static int riscv_zkr_probe(struct udevice *dev)
> > > +{
> > > + struct resume_data resume;
> > > + int ret;
> > > + u32 val;
> > > +
> > > + /* Check if reading seed leads to interrupt */
> > > + set_resume(&resume);
> > > + ret = setjmp(resume.jump);
> > > + if (ret)
> > > + log_debug("Exception %ld reading seed CSR\n", resume.code);
> > > + else
> > > + val = read_seed();
> > > + set_resume(NULL);
> > > + if (ret)
> > > + return -ENODEV;
> > > +
> > > + do {
> > > + val = read_seed();
> > > + val >>= 30;
> > > + } while (val == BIST || val == WAIT);
> > > +
> > > + if (val == DEAD)
> > > + return -ENODEV;
> > > +
> > > + return 0;
> > > +}
> > > +
> > > +static const struct dm_rng_ops riscv_zkr_ops = {
> > > + .read = riscv_zkr_read,
> > > +};
> > > +
> > > +U_BOOT_DRIVER(riscv_zkr) = {
> > > + .name = DRIVER_NAME,
> > > + .id = UCLASS_RNG,
> > > + .ops = &riscv_zkr_ops,
> > > + .probe = riscv_zkr_probe,
> > > +};
> > > +
> > > +U_BOOT_DRVINFO(cpu_riscv_zkr) = {
> > > + .name = DRIVER_NAME,
> > > +};
> > > --
> > > 2.40.1
> > >
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC v2 1/2] riscv: allow resume after exception
2023-10-31 7:53 ` Xiang W
@ 2023-10-31 12:09 ` Heinrich Schuchardt
2023-10-31 15:19 ` Xiang W
0 siblings, 1 reply; 12+ messages in thread
From: Heinrich Schuchardt @ 2023-10-31 12:09 UTC (permalink / raw)
To: Xiang W
Cc: Rick Chen, Leo, Sughosh Ganu, Anup Patel, Kautuk Consul,
Chanho Park, u-boot
On 10/31/23 09:53, Xiang W wrote:
> setjmp can be called in set_resume.
Unfortunately this is not possible. A longjmp buffer only stores
register values and not the stack content.
Let's assume that setjmp() is moved into set_resume():
Let a function call set_resume(). The caller's address will be on the
stack. Once the set_resume returns and the caller invokes another
function the original stack content will be overwritten. When an
exception occurs the longjmp will reenter set_resume() with the original
stack pointer value pointing to a stack that does not match the original
call to set_resume and set_resume will return to a random address.
Best regards
Heinrich
>
> Regards,
> Xiang W
>
> Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 于2023年10月29日周日 16:56写道:
>>
>> If CSRs like seed are readable by S-mode, may not be determinable by
>> S-mode. For safe driver probing allow to resume via a longjmp after an
>> exception.
>>
>> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
>> ---
>> v2:
>> new patch
>> ---
>> arch/riscv/lib/interrupts.c | 13 +++++++++++++
>> include/interrupt.h | 22 ++++++++++++++++++++++
>> 2 files changed, 35 insertions(+)
>> create mode 100644 include/interrupt.h
>>
>> diff --git a/arch/riscv/lib/interrupts.c b/arch/riscv/lib/interrupts.c
>> index 02dbcfd423..a26ccc721f 100644
>> --- a/arch/riscv/lib/interrupts.c
>> +++ b/arch/riscv/lib/interrupts.c
>> @@ -12,6 +12,7 @@
>> #include <linux/compat.h>
>> #include <efi_loader.h>
>> #include <hang.h>
>> +#include <interrupt.h>
>> #include <irq_func.h>
>> #include <asm/global_data.h>
>> #include <asm/ptrace.h>
>> @@ -21,6 +22,13 @@
>>
>> DECLARE_GLOBAL_DATA_PTR;
>>
>> +static struct resume_data *resume;
>> +
>> +void set_resume(struct resume_data *data)
>> +{
>> + resume = data;
>> +}
>> +
>> static void show_efi_loaded_images(uintptr_t epc)
>> {
>> efi_print_image_infos((void *)epc);
>> @@ -105,6 +113,11 @@ static void _exit_trap(ulong code, ulong epc, ulong tval, struct pt_regs *regs)
>> "Store/AMO page fault",
>> };
>>
>> + if (resume) {
>> + resume->code = code;
>> + longjmp(resume->jump, 1);
>> + }
>> +
>> if (code < ARRAY_SIZE(exception_code))
>> printf("Unhandled exception: %s\n", exception_code[code]);
>> else
>> diff --git a/include/interrupt.h b/include/interrupt.h
>> new file mode 100644
>> index 0000000000..1baa60bcf2
>> --- /dev/null
>> +++ b/include/interrupt.h
>> @@ -0,0 +1,22 @@
>> +/* SPDX-License-Identifier: GPL-2.0-or-later */
>> +
>> +#include <asm/setjmp.h>
>> +
>> +/**
>> + * struct resume_data - data for resume after interrupt
>> + */
>> +struct resume_data {
>> + /** @jump: longjmp buffer */
>> + jmp_buf jump;
>> + /** @code: exception code */
>> + ulong code;
>> +};
>> +
>> +/**
>> + * set_resume() - set longjmp buffer for resuming after interrupt
>> + *
>> + * When resuming the exception code will be returned in @data->code.
>> + *
>> + * @data: pointer to structure with longjmp address
>> + */
>> +void set_resume(struct resume_data *data);
>> --
>> 2.40.1
>>
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC v2 1/2] riscv: allow resume after exception
2023-10-31 12:09 ` Heinrich Schuchardt
@ 2023-10-31 15:19 ` Xiang W
0 siblings, 0 replies; 12+ messages in thread
From: Xiang W @ 2023-10-31 15:19 UTC (permalink / raw)
To: Heinrich Schuchardt
Cc: Rick Chen, Leo, Sughosh Ganu, Anup Patel, Kautuk Consul,
Chanho Park, u-boot
Thank you, I understand.
Regards,
Xiang W
Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 于2023年10月31日周二 20:09写道:
>
> On 10/31/23 09:53, Xiang W wrote:
> > setjmp can be called in set_resume.
>
> Unfortunately this is not possible. A longjmp buffer only stores
> register values and not the stack content.
>
> Let's assume that setjmp() is moved into set_resume():
>
> Let a function call set_resume(). The caller's address will be on the
> stack. Once the set_resume returns and the caller invokes another
> function the original stack content will be overwritten. When an
> exception occurs the longjmp will reenter set_resume() with the original
> stack pointer value pointing to a stack that does not match the original
> call to set_resume and set_resume will return to a random address.
>
> Best regards
>
> Heinrich
>
> >
> > Regards,
> > Xiang W
> >
> > Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 于2023年10月29日周日 16:56写道:
> >>
> >> If CSRs like seed are readable by S-mode, may not be determinable by
> >> S-mode. For safe driver probing allow to resume via a longjmp after an
> >> exception.
> >>
> >> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> >> ---
> >> v2:
> >> new patch
> >> ---
> >> arch/riscv/lib/interrupts.c | 13 +++++++++++++
> >> include/interrupt.h | 22 ++++++++++++++++++++++
> >> 2 files changed, 35 insertions(+)
> >> create mode 100644 include/interrupt.h
> >>
> >> diff --git a/arch/riscv/lib/interrupts.c b/arch/riscv/lib/interrupts.c
> >> index 02dbcfd423..a26ccc721f 100644
> >> --- a/arch/riscv/lib/interrupts.c
> >> +++ b/arch/riscv/lib/interrupts.c
> >> @@ -12,6 +12,7 @@
> >> #include <linux/compat.h>
> >> #include <efi_loader.h>
> >> #include <hang.h>
> >> +#include <interrupt.h>
> >> #include <irq_func.h>
> >> #include <asm/global_data.h>
> >> #include <asm/ptrace.h>
> >> @@ -21,6 +22,13 @@
> >>
> >> DECLARE_GLOBAL_DATA_PTR;
> >>
> >> +static struct resume_data *resume;
> >> +
> >> +void set_resume(struct resume_data *data)
> >> +{
> >> + resume = data;
> >> +}
> >> +
> >> static void show_efi_loaded_images(uintptr_t epc)
> >> {
> >> efi_print_image_infos((void *)epc);
> >> @@ -105,6 +113,11 @@ static void _exit_trap(ulong code, ulong epc, ulong tval, struct pt_regs *regs)
> >> "Store/AMO page fault",
> >> };
> >>
> >> + if (resume) {
> >> + resume->code = code;
> >> + longjmp(resume->jump, 1);
> >> + }
> >> +
> >> if (code < ARRAY_SIZE(exception_code))
> >> printf("Unhandled exception: %s\n", exception_code[code]);
> >> else
> >> diff --git a/include/interrupt.h b/include/interrupt.h
> >> new file mode 100644
> >> index 0000000000..1baa60bcf2
> >> --- /dev/null
> >> +++ b/include/interrupt.h
> >> @@ -0,0 +1,22 @@
> >> +/* SPDX-License-Identifier: GPL-2.0-or-later */
> >> +
> >> +#include <asm/setjmp.h>
> >> +
> >> +/**
> >> + * struct resume_data - data for resume after interrupt
> >> + */
> >> +struct resume_data {
> >> + /** @jump: longjmp buffer */
> >> + jmp_buf jump;
> >> + /** @code: exception code */
> >> + ulong code;
> >> +};
> >> +
> >> +/**
> >> + * set_resume() - set longjmp buffer for resuming after interrupt
> >> + *
> >> + * When resuming the exception code will be returned in @data->code.
> >> + *
> >> + * @data: pointer to structure with longjmp address
> >> + */
> >> +void set_resume(struct resume_data *data);
> >> --
> >> 2.40.1
> >>
>
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2023-10-31 15:20 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-10-29 8:45 [RFC v2 0/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension Heinrich Schuchardt
2023-10-29 8:45 ` [RFC v2 1/2] riscv: allow resume after exception Heinrich Schuchardt
2023-10-30 8:24 ` Leo Liang
2023-10-31 7:53 ` Xiang W
2023-10-31 12:09 ` Heinrich Schuchardt
2023-10-31 15:19 ` Xiang W
2023-10-29 8:45 ` [RFC v2 2/2] rng: Provide a RNG based on the RISC-V Zkr ISA extension Heinrich Schuchardt
2023-10-30 8:25 ` Leo Liang
2023-10-31 6:16 ` merle w
2023-10-31 6:38 ` Heinrich Schuchardt
2023-10-31 6:43 ` Leo Liang
2023-10-31 7:55 ` Xiang W
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox