1 /*
2 * Exynos4210 Pseudo Random Number Generator Emulation
3 *
4 * Copyright (c) 2017 Krzysztof Kozlowski <krzk@kernel.org>
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "qemu/osdep.h"
21 #include "hw/sysbus.h"
22 #include "migration/vmstate.h"
23 #include "qapi/error.h"
24 #include "qemu/log.h"
25 #include "qemu/guest-random.h"
26 #include "qemu/module.h"
27 #include "qom/object.h"
28
29 #define DEBUG_EXYNOS_RNG 0
30
31 #define DPRINTF(fmt, ...) \
32 do { \
33 if (DEBUG_EXYNOS_RNG) { \
34 printf("exynos4210_rng: " fmt, ## __VA_ARGS__); \
35 } \
36 } while (0)
37
38 #define TYPE_EXYNOS4210_RNG "exynos4210.rng"
39 OBJECT_DECLARE_SIMPLE_TYPE(Exynos4210RngState, EXYNOS4210_RNG)
40
41 /*
42 * Exynos4220, PRNG, only polling mode is supported.
43 */
44
45 /* RNG_CONTROL_1 register bitfields, reset value: 0x0 */
46 #define EXYNOS4210_RNG_CONTROL_1_PRNG 0x8
47 #define EXYNOS4210_RNG_CONTROL_1_START_INIT BIT(4)
48 /* RNG_STATUS register bitfields, reset value: 0x1 */
49 #define EXYNOS4210_RNG_STATUS_PRNG_ERROR BIT(7)
50 #define EXYNOS4210_RNG_STATUS_PRNG_DONE BIT(5)
51 #define EXYNOS4210_RNG_STATUS_MSG_DONE BIT(4)
52 #define EXYNOS4210_RNG_STATUS_PARTIAL_DONE BIT(3)
53 #define EXYNOS4210_RNG_STATUS_PRNG_BUSY BIT(2)
54 #define EXYNOS4210_RNG_STATUS_SEED_SETTING_DONE BIT(1)
55 #define EXYNOS4210_RNG_STATUS_BUFFER_READY BIT(0)
56 #define EXYNOS4210_RNG_STATUS_WRITE_MASK (EXYNOS4210_RNG_STATUS_PRNG_DONE \
57 | EXYNOS4210_RNG_STATUS_MSG_DONE \
58 | EXYNOS4210_RNG_STATUS_PARTIAL_DONE)
59
60 #define EXYNOS4210_RNG_CONTROL_1 0x0
61 #define EXYNOS4210_RNG_STATUS 0x10
62 #define EXYNOS4210_RNG_SEED_IN 0x140
63 #define EXYNOS4210_RNG_SEED_IN_OFFSET(n) (EXYNOS4210_RNG_SEED_IN + (n * 0x4))
64 #define EXYNOS4210_RNG_PRNG 0x160
65 #define EXYNOS4210_RNG_PRNG_OFFSET(n) (EXYNOS4210_RNG_PRNG + (n * 0x4))
66
67 #define EXYNOS4210_RNG_PRNG_NUM 5
68
69 #define EXYNOS4210_RNG_REGS_MEM_SIZE 0x200
70
71 struct Exynos4210RngState {
72 SysBusDevice parent_obj;
73 MemoryRegion iomem;
74
75 int32_t randr_value[EXYNOS4210_RNG_PRNG_NUM];
76 /* bits from 0 to EXYNOS4210_RNG_PRNG_NUM if given seed register was set */
77 uint32_t seed_set;
78
79 /* Register values */
80 uint32_t reg_control;
81 uint32_t reg_status;
82 };
83
exynos4210_rng_seed_ready(const Exynos4210RngState * s)84 static bool exynos4210_rng_seed_ready(const Exynos4210RngState *s)
85 {
86 uint32_t mask = MAKE_64BIT_MASK(0, EXYNOS4210_RNG_PRNG_NUM);
87
88 /* Return true if all the seed-set bits are set. */
89 return (s->seed_set & mask) == mask;
90 }
91
exynos4210_rng_set_seed(Exynos4210RngState * s,unsigned int i,uint64_t val)92 static void exynos4210_rng_set_seed(Exynos4210RngState *s, unsigned int i,
93 uint64_t val)
94 {
95 /*
96 * We actually ignore the seed and always generate true random numbers.
97 * Theoretically this should not match the device as Exynos has
98 * a Pseudo Random Number Generator but testing shown that it always
99 * generates random numbers regardless of the seed value.
100 */
101 s->seed_set |= BIT(i);
102
103 /* If all seeds were written, update the status to reflect it */
104 if (exynos4210_rng_seed_ready(s)) {
105 s->reg_status |= EXYNOS4210_RNG_STATUS_SEED_SETTING_DONE;
106 } else {
107 s->reg_status &= ~EXYNOS4210_RNG_STATUS_SEED_SETTING_DONE;
108 }
109 }
110
exynos4210_rng_run_engine(Exynos4210RngState * s)111 static void exynos4210_rng_run_engine(Exynos4210RngState *s)
112 {
113 Error *err = NULL;
114
115 /* Seed set? */
116 if ((s->reg_status & EXYNOS4210_RNG_STATUS_SEED_SETTING_DONE) == 0) {
117 goto out;
118 }
119
120 /* PRNG engine chosen? */
121 if ((s->reg_control & EXYNOS4210_RNG_CONTROL_1_PRNG) == 0) {
122 goto out;
123 }
124
125 /* PRNG engine started? */
126 if ((s->reg_control & EXYNOS4210_RNG_CONTROL_1_START_INIT) == 0) {
127 goto out;
128 }
129
130 /* Get randoms */
131 if (qemu_guest_getrandom(s->randr_value, sizeof(s->randr_value), &err)) {
132 error_report_err(err);
133 } else {
134 /* Notify that PRNG is ready */
135 s->reg_status |= EXYNOS4210_RNG_STATUS_PRNG_DONE;
136 }
137
138 out:
139 /* Always clear start engine bit */
140 s->reg_control &= ~EXYNOS4210_RNG_CONTROL_1_START_INIT;
141 }
142
exynos4210_rng_read(void * opaque,hwaddr offset,unsigned size)143 static uint64_t exynos4210_rng_read(void *opaque, hwaddr offset,
144 unsigned size)
145 {
146 Exynos4210RngState *s = (Exynos4210RngState *)opaque;
147 uint32_t val = 0;
148
149 assert(size == 4);
150
151 switch (offset) {
152 case EXYNOS4210_RNG_CONTROL_1:
153 val = s->reg_control;
154 break;
155
156 case EXYNOS4210_RNG_STATUS:
157 val = s->reg_status;
158 break;
159
160 case EXYNOS4210_RNG_PRNG_OFFSET(0):
161 case EXYNOS4210_RNG_PRNG_OFFSET(1):
162 case EXYNOS4210_RNG_PRNG_OFFSET(2):
163 case EXYNOS4210_RNG_PRNG_OFFSET(3):
164 case EXYNOS4210_RNG_PRNG_OFFSET(4):
165 val = s->randr_value[(offset - EXYNOS4210_RNG_PRNG_OFFSET(0)) / 4];
166 DPRINTF("returning random @0x%" HWADDR_PRIx ": 0x%" PRIx32 "\n",
167 offset, val);
168 break;
169
170 default:
171 qemu_log_mask(LOG_GUEST_ERROR,
172 "%s: bad read offset 0x%" HWADDR_PRIx "\n",
173 __func__, offset);
174 }
175
176 return val;
177 }
178
exynos4210_rng_write(void * opaque,hwaddr offset,uint64_t val,unsigned size)179 static void exynos4210_rng_write(void *opaque, hwaddr offset,
180 uint64_t val, unsigned size)
181 {
182 Exynos4210RngState *s = (Exynos4210RngState *)opaque;
183
184 assert(size == 4);
185
186 switch (offset) {
187 case EXYNOS4210_RNG_CONTROL_1:
188 DPRINTF("RNG_CONTROL_1 = 0x%" PRIx64 "\n", val);
189 s->reg_control = val;
190 exynos4210_rng_run_engine(s);
191 break;
192
193 case EXYNOS4210_RNG_STATUS:
194 /* For clearing status fields */
195 s->reg_status &= ~EXYNOS4210_RNG_STATUS_WRITE_MASK;
196 s->reg_status |= val & EXYNOS4210_RNG_STATUS_WRITE_MASK;
197 break;
198
199 case EXYNOS4210_RNG_SEED_IN_OFFSET(0):
200 case EXYNOS4210_RNG_SEED_IN_OFFSET(1):
201 case EXYNOS4210_RNG_SEED_IN_OFFSET(2):
202 case EXYNOS4210_RNG_SEED_IN_OFFSET(3):
203 case EXYNOS4210_RNG_SEED_IN_OFFSET(4):
204 exynos4210_rng_set_seed(s,
205 (offset - EXYNOS4210_RNG_SEED_IN_OFFSET(0)) / 4,
206 val);
207 break;
208
209 default:
210 qemu_log_mask(LOG_GUEST_ERROR,
211 "%s: bad write offset 0x%" HWADDR_PRIx "\n",
212 __func__, offset);
213 }
214 }
215
216 static const MemoryRegionOps exynos4210_rng_ops = {
217 .read = exynos4210_rng_read,
218 .write = exynos4210_rng_write,
219 .endianness = DEVICE_NATIVE_ENDIAN,
220 .valid.min_access_size = 4,
221 .valid.max_access_size = 4,
222 };
223
exynos4210_rng_reset(DeviceState * dev)224 static void exynos4210_rng_reset(DeviceState *dev)
225 {
226 Exynos4210RngState *s = EXYNOS4210_RNG(dev);
227
228 s->reg_control = 0;
229 s->reg_status = EXYNOS4210_RNG_STATUS_BUFFER_READY;
230 memset(s->randr_value, 0, sizeof(s->randr_value));
231 s->seed_set = 0;
232 }
233
exynos4210_rng_init(Object * obj)234 static void exynos4210_rng_init(Object *obj)
235 {
236 Exynos4210RngState *s = EXYNOS4210_RNG(obj);
237 SysBusDevice *dev = SYS_BUS_DEVICE(obj);
238
239 memory_region_init_io(&s->iomem, obj, &exynos4210_rng_ops, s,
240 TYPE_EXYNOS4210_RNG, EXYNOS4210_RNG_REGS_MEM_SIZE);
241 sysbus_init_mmio(dev, &s->iomem);
242 }
243
244 static const VMStateDescription exynos4210_rng_vmstate = {
245 .name = TYPE_EXYNOS4210_RNG,
246 .version_id = 1,
247 .minimum_version_id = 1,
248 .fields = (const VMStateField[]) {
249 VMSTATE_INT32_ARRAY(randr_value, Exynos4210RngState,
250 EXYNOS4210_RNG_PRNG_NUM),
251 VMSTATE_UINT32(seed_set, Exynos4210RngState),
252 VMSTATE_UINT32(reg_status, Exynos4210RngState),
253 VMSTATE_UINT32(reg_control, Exynos4210RngState),
254 VMSTATE_END_OF_LIST()
255 }
256 };
257
exynos4210_rng_class_init(ObjectClass * klass,void * data)258 static void exynos4210_rng_class_init(ObjectClass *klass, void *data)
259 {
260 DeviceClass *dc = DEVICE_CLASS(klass);
261
262 device_class_set_legacy_reset(dc, exynos4210_rng_reset);
263 dc->vmsd = &exynos4210_rng_vmstate;
264 }
265
266 static const TypeInfo exynos4210_rng_info = {
267 .name = TYPE_EXYNOS4210_RNG,
268 .parent = TYPE_SYS_BUS_DEVICE,
269 .instance_size = sizeof(Exynos4210RngState),
270 .instance_init = exynos4210_rng_init,
271 .class_init = exynos4210_rng_class_init,
272 };
273
exynos4210_rng_register(void)274 static void exynos4210_rng_register(void)
275 {
276 type_register_static(&exynos4210_rng_info);
277 }
278
279 type_init(exynos4210_rng_register)
280