1 /* 2 * chaoskey - driver for ChaosKey device from Altus Metrum. 3 * 4 * This device provides true random numbers using a noise source based 5 * on a reverse-biased p-n junction in avalanche breakdown. More 6 * details can be found at http://chaoskey.org 7 * 8 * The driver connects to the kernel hardware RNG interface to provide 9 * entropy for /dev/random and other kernel activities. It also offers 10 * a separate /dev/ entry to allow for direct access to the random 11 * bit stream. 12 * 13 * Copyright © 2015 Keith Packard <keithp@keithp.com> 14 * 15 * This program is free software; you can redistribute it and/or modify 16 * it under the terms of the GNU General Public License as published by 17 * the Free Software Foundation; version 2 of the License. 18 * 19 * This program is distributed in the hope that it will be useful, but 20 * WITHOUT ANY WARRANTY; without even the implied warranty of 21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 22 * General Public License for more details. 23 */ 24 25 #include <linux/module.h> 26 #include <linux/slab.h> 27 #include <linux/usb.h> 28 #include <linux/wait.h> 29 #include <linux/hw_random.h> 30 #include <linux/mutex.h> 31 #include <linux/uaccess.h> 32 33 static struct usb_driver chaoskey_driver; 34 static struct usb_class_driver chaoskey_class; 35 static int chaoskey_rng_read(struct hwrng *rng, void *data, 36 size_t max, bool wait); 37 38 #define usb_dbg(usb_if, format, arg...) \ 39 dev_dbg(&(usb_if)->dev, format, ## arg) 40 41 #define usb_err(usb_if, format, arg...) \ 42 dev_err(&(usb_if)->dev, format, ## arg) 43 44 /* Version Information */ 45 #define DRIVER_VERSION "v0.1" 46 #define DRIVER_AUTHOR "Keith Packard, keithp@keithp.com" 47 #define DRIVER_DESC "Altus Metrum ChaosKey driver" 48 #define DRIVER_SHORT "chaoskey" 49 50 MODULE_VERSION(DRIVER_VERSION); 51 MODULE_AUTHOR(DRIVER_AUTHOR); 52 MODULE_DESCRIPTION(DRIVER_DESC); 53 MODULE_LICENSE("GPL"); 54 55 #define CHAOSKEY_VENDOR_ID 0x1d50 /* OpenMoko */ 56 #define CHAOSKEY_PRODUCT_ID 0x60c6 /* ChaosKey */ 57 58 #define ALEA_VENDOR_ID 0x12d8 /* Araneus */ 59 #define ALEA_PRODUCT_ID 0x0001 /* Alea I */ 60 61 #define CHAOSKEY_BUF_LEN 64 /* max size of USB full speed packet */ 62 63 #define NAK_TIMEOUT (HZ) /* normal stall/wait timeout */ 64 #define ALEA_FIRST_TIMEOUT (HZ*3) /* first stall/wait timeout for Alea */ 65 66 #ifdef CONFIG_USB_DYNAMIC_MINORS 67 #define USB_CHAOSKEY_MINOR_BASE 0 68 #else 69 70 /* IOWARRIOR_MINOR_BASE + 16, not official yet */ 71 #define USB_CHAOSKEY_MINOR_BASE 224 72 #endif 73 74 static const struct usb_device_id chaoskey_table[] = { 75 { USB_DEVICE(CHAOSKEY_VENDOR_ID, CHAOSKEY_PRODUCT_ID) }, 76 { USB_DEVICE(ALEA_VENDOR_ID, ALEA_PRODUCT_ID) }, 77 { }, 78 }; 79 MODULE_DEVICE_TABLE(usb, chaoskey_table); 80 81 static void chaos_read_callback(struct urb *urb); 82 83 /* Driver-local specific stuff */ 84 struct chaoskey { 85 struct usb_interface *interface; 86 char in_ep; 87 struct mutex lock; 88 struct mutex rng_lock; 89 int open; /* open count */ 90 bool present; /* device not disconnected */ 91 bool reading; /* ongoing IO */ 92 bool reads_started; /* track first read for Alea */ 93 int size; /* size of buf */ 94 int valid; /* bytes of buf read */ 95 int used; /* bytes of buf consumed */ 96 char *name; /* product + serial */ 97 struct hwrng hwrng; /* Embedded struct for hwrng */ 98 int hwrng_registered; /* registered with hwrng API */ 99 wait_queue_head_t wait_q; /* for timeouts */ 100 struct urb *urb; /* for performing IO */ 101 char *buf; 102 }; 103 104 static void chaoskey_free(struct chaoskey *dev) 105 { 106 if (dev) { 107 usb_dbg(dev->interface, "free"); 108 usb_free_urb(dev->urb); 109 kfree(dev->name); 110 kfree(dev->buf); 111 kfree(dev); 112 } 113 } 114 115 static int chaoskey_probe(struct usb_interface *interface, 116 const struct usb_device_id *id) 117 { 118 struct usb_device *udev = interface_to_usbdev(interface); 119 struct usb_host_interface *altsetting = interface->cur_altsetting; 120 int i; 121 int in_ep = -1; 122 struct chaoskey *dev; 123 int result = -ENOMEM; 124 int size; 125 126 usb_dbg(interface, "probe %s-%s", udev->product, udev->serial); 127 128 /* Find the first bulk IN endpoint and its packet size */ 129 for (i = 0; i < altsetting->desc.bNumEndpoints; i++) { 130 if (usb_endpoint_is_bulk_in(&altsetting->endpoint[i].desc)) { 131 in_ep = usb_endpoint_num(&altsetting->endpoint[i].desc); 132 size = usb_endpoint_maxp(&altsetting->endpoint[i].desc); 133 break; 134 } 135 } 136 137 /* Validate endpoint and size */ 138 if (in_ep == -1) { 139 usb_dbg(interface, "no IN endpoint found"); 140 return -ENODEV; 141 } 142 if (size <= 0) { 143 usb_dbg(interface, "invalid size (%d)", size); 144 return -ENODEV; 145 } 146 147 if (size > CHAOSKEY_BUF_LEN) { 148 usb_dbg(interface, "size reduced from %d to %d\n", 149 size, CHAOSKEY_BUF_LEN); 150 size = CHAOSKEY_BUF_LEN; 151 } 152 153 /* Looks good, allocate and initialize */ 154 155 dev = kzalloc(sizeof(struct chaoskey), GFP_KERNEL); 156 157 if (dev == NULL) 158 goto out; 159 160 dev->buf = kmalloc(size, GFP_KERNEL); 161 162 if (dev->buf == NULL) 163 goto out; 164 165 dev->urb = usb_alloc_urb(0, GFP_KERNEL); 166 167 if (!dev->urb) 168 goto out; 169 170 usb_fill_bulk_urb(dev->urb, 171 udev, 172 usb_rcvbulkpipe(udev, in_ep), 173 dev->buf, 174 size, 175 chaos_read_callback, 176 dev); 177 178 /* Construct a name using the product and serial values. Each 179 * device needs a unique name for the hwrng code 180 */ 181 182 if (udev->product && udev->serial) { 183 dev->name = kmalloc(strlen(udev->product) + 1 + 184 strlen(udev->serial) + 1, GFP_KERNEL); 185 if (dev->name == NULL) 186 goto out; 187 188 strcpy(dev->name, udev->product); 189 strcat(dev->name, "-"); 190 strcat(dev->name, udev->serial); 191 } 192 193 dev->interface = interface; 194 195 dev->in_ep = in_ep; 196 197 if (udev->descriptor.idVendor != ALEA_VENDOR_ID) 198 dev->reads_started = 1; 199 200 dev->size = size; 201 dev->present = 1; 202 203 init_waitqueue_head(&dev->wait_q); 204 205 mutex_init(&dev->lock); 206 mutex_init(&dev->rng_lock); 207 208 usb_set_intfdata(interface, dev); 209 210 result = usb_register_dev(interface, &chaoskey_class); 211 if (result) { 212 usb_err(interface, "Unable to allocate minor number."); 213 goto out; 214 } 215 216 dev->hwrng.name = dev->name ? dev->name : chaoskey_driver.name; 217 dev->hwrng.read = chaoskey_rng_read; 218 dev->hwrng.quality = 1024; 219 220 dev->hwrng_registered = (hwrng_register(&dev->hwrng) == 0); 221 if (!dev->hwrng_registered) 222 usb_err(interface, "Unable to register with hwrng"); 223 224 usb_enable_autosuspend(udev); 225 226 usb_dbg(interface, "chaoskey probe success, size %d", dev->size); 227 return 0; 228 229 out: 230 usb_set_intfdata(interface, NULL); 231 chaoskey_free(dev); 232 return result; 233 } 234 235 static void chaoskey_disconnect(struct usb_interface *interface) 236 { 237 struct chaoskey *dev; 238 239 usb_dbg(interface, "disconnect"); 240 dev = usb_get_intfdata(interface); 241 if (!dev) { 242 usb_dbg(interface, "disconnect failed - no dev"); 243 return; 244 } 245 246 if (dev->hwrng_registered) 247 hwrng_unregister(&dev->hwrng); 248 249 usb_deregister_dev(interface, &chaoskey_class); 250 251 usb_set_intfdata(interface, NULL); 252 mutex_lock(&dev->lock); 253 254 dev->present = 0; 255 usb_poison_urb(dev->urb); 256 257 if (!dev->open) { 258 mutex_unlock(&dev->lock); 259 chaoskey_free(dev); 260 } else 261 mutex_unlock(&dev->lock); 262 263 usb_dbg(interface, "disconnect done"); 264 } 265 266 static int chaoskey_open(struct inode *inode, struct file *file) 267 { 268 struct chaoskey *dev; 269 struct usb_interface *interface; 270 271 /* get the interface from minor number and driver information */ 272 interface = usb_find_interface(&chaoskey_driver, iminor(inode)); 273 if (!interface) 274 return -ENODEV; 275 276 usb_dbg(interface, "open"); 277 278 dev = usb_get_intfdata(interface); 279 if (!dev) { 280 usb_dbg(interface, "open (dev)"); 281 return -ENODEV; 282 } 283 284 file->private_data = dev; 285 mutex_lock(&dev->lock); 286 ++dev->open; 287 mutex_unlock(&dev->lock); 288 289 usb_dbg(interface, "open success"); 290 return 0; 291 } 292 293 static int chaoskey_release(struct inode *inode, struct file *file) 294 { 295 struct chaoskey *dev = file->private_data; 296 struct usb_interface *interface; 297 298 if (dev == NULL) 299 return -ENODEV; 300 301 interface = dev->interface; 302 303 usb_dbg(interface, "release"); 304 305 mutex_lock(&dev->lock); 306 307 usb_dbg(interface, "open count at release is %d", dev->open); 308 309 if (dev->open <= 0) { 310 usb_dbg(interface, "invalid open count (%d)", dev->open); 311 mutex_unlock(&dev->lock); 312 return -ENODEV; 313 } 314 315 --dev->open; 316 317 if (!dev->present) { 318 if (dev->open == 0) { 319 mutex_unlock(&dev->lock); 320 chaoskey_free(dev); 321 } else 322 mutex_unlock(&dev->lock); 323 } else 324 mutex_unlock(&dev->lock); 325 326 usb_dbg(interface, "release success"); 327 return 0; 328 } 329 330 static void chaos_read_callback(struct urb *urb) 331 { 332 struct chaoskey *dev = urb->context; 333 int status = urb->status; 334 335 usb_dbg(dev->interface, "callback status (%d)", status); 336 337 if (status == 0) 338 dev->valid = urb->actual_length; 339 else 340 dev->valid = 0; 341 342 dev->used = 0; 343 344 /* must be seen first before validity is announced */ 345 smp_wmb(); 346 347 dev->reading = false; 348 wake_up(&dev->wait_q); 349 } 350 351 /* Fill the buffer. Called with dev->lock held 352 */ 353 static int _chaoskey_fill(struct chaoskey *dev) 354 { 355 DEFINE_WAIT(wait); 356 int result; 357 bool started; 358 359 usb_dbg(dev->interface, "fill"); 360 361 /* Return immediately if someone called before the buffer was 362 * empty */ 363 if (dev->valid != dev->used) { 364 usb_dbg(dev->interface, "not empty yet (valid %d used %d)", 365 dev->valid, dev->used); 366 return 0; 367 } 368 369 /* Bail if the device has been removed */ 370 if (!dev->present) { 371 usb_dbg(dev->interface, "device not present"); 372 return -ENODEV; 373 } 374 375 /* Make sure the device is awake */ 376 result = usb_autopm_get_interface(dev->interface); 377 if (result) { 378 usb_dbg(dev->interface, "wakeup failed (result %d)", result); 379 return result; 380 } 381 382 dev->reading = true; 383 result = usb_submit_urb(dev->urb, GFP_KERNEL); 384 if (result < 0) { 385 result = usb_translate_errors(result); 386 dev->reading = false; 387 goto out; 388 } 389 390 /* The first read on the Alea takes a little under 2 seconds. 391 * Reads after the first read take only a few microseconds 392 * though. Presumably the entropy-generating circuit needs 393 * time to ramp up. So, we wait longer on the first read. 394 */ 395 started = dev->reads_started; 396 dev->reads_started = true; 397 result = wait_event_interruptible_timeout( 398 dev->wait_q, 399 !dev->reading, 400 (started ? NAK_TIMEOUT : ALEA_FIRST_TIMEOUT) ); 401 402 if (result < 0) 403 goto out; 404 405 if (result == 0) 406 result = -ETIMEDOUT; 407 else 408 result = dev->valid; 409 out: 410 /* Let the device go back to sleep eventually */ 411 usb_autopm_put_interface(dev->interface); 412 413 usb_dbg(dev->interface, "read %d bytes", dev->valid); 414 415 return result; 416 } 417 418 static ssize_t chaoskey_read(struct file *file, 419 char __user *buffer, 420 size_t count, 421 loff_t *ppos) 422 { 423 struct chaoskey *dev; 424 ssize_t read_count = 0; 425 int this_time; 426 int result = 0; 427 unsigned long remain; 428 429 dev = file->private_data; 430 431 if (dev == NULL || !dev->present) 432 return -ENODEV; 433 434 usb_dbg(dev->interface, "read %zu", count); 435 436 while (count > 0) { 437 438 /* Grab the rng_lock briefly to ensure that the hwrng interface 439 * gets priority over other user access 440 */ 441 result = mutex_lock_interruptible(&dev->rng_lock); 442 if (result) 443 goto bail; 444 mutex_unlock(&dev->rng_lock); 445 446 result = mutex_lock_interruptible(&dev->lock); 447 if (result) 448 goto bail; 449 if (dev->valid == dev->used) { 450 result = _chaoskey_fill(dev); 451 if (result < 0) { 452 mutex_unlock(&dev->lock); 453 goto bail; 454 } 455 } 456 457 this_time = dev->valid - dev->used; 458 if (this_time > count) 459 this_time = count; 460 461 remain = copy_to_user(buffer, dev->buf + dev->used, this_time); 462 if (remain) { 463 result = -EFAULT; 464 465 /* Consume the bytes that were copied so we don't leak 466 * data to user space 467 */ 468 dev->used += this_time - remain; 469 mutex_unlock(&dev->lock); 470 goto bail; 471 } 472 473 count -= this_time; 474 read_count += this_time; 475 buffer += this_time; 476 dev->used += this_time; 477 mutex_unlock(&dev->lock); 478 } 479 bail: 480 if (read_count) { 481 usb_dbg(dev->interface, "read %zu bytes", read_count); 482 return read_count; 483 } 484 usb_dbg(dev->interface, "empty read, result %d", result); 485 if (result == -ETIMEDOUT) 486 result = -EAGAIN; 487 return result; 488 } 489 490 static int chaoskey_rng_read(struct hwrng *rng, void *data, 491 size_t max, bool wait) 492 { 493 struct chaoskey *dev = container_of(rng, struct chaoskey, hwrng); 494 int this_time; 495 496 usb_dbg(dev->interface, "rng_read max %zu wait %d", max, wait); 497 498 if (!dev->present) { 499 usb_dbg(dev->interface, "device not present"); 500 return 0; 501 } 502 503 /* Hold the rng_lock until we acquire the device lock so that 504 * this operation gets priority over other user access to the 505 * device 506 */ 507 mutex_lock(&dev->rng_lock); 508 509 mutex_lock(&dev->lock); 510 511 mutex_unlock(&dev->rng_lock); 512 513 /* Try to fill the buffer if empty. It doesn't actually matter 514 * if _chaoskey_fill works; we'll just return zero bytes as 515 * the buffer will still be empty 516 */ 517 if (dev->valid == dev->used) 518 (void) _chaoskey_fill(dev); 519 520 this_time = dev->valid - dev->used; 521 if (this_time > max) 522 this_time = max; 523 524 memcpy(data, dev->buf + dev->used, this_time); 525 526 dev->used += this_time; 527 528 mutex_unlock(&dev->lock); 529 530 usb_dbg(dev->interface, "rng_read this_time %d\n", this_time); 531 return this_time; 532 } 533 534 #ifdef CONFIG_PM 535 static int chaoskey_suspend(struct usb_interface *interface, 536 pm_message_t message) 537 { 538 usb_dbg(interface, "suspend"); 539 return 0; 540 } 541 542 static int chaoskey_resume(struct usb_interface *interface) 543 { 544 usb_dbg(interface, "resume"); 545 return 0; 546 } 547 #else 548 #define chaoskey_suspend NULL 549 #define chaoskey_resume NULL 550 #endif 551 552 /* file operation pointers */ 553 static const struct file_operations chaoskey_fops = { 554 .owner = THIS_MODULE, 555 .read = chaoskey_read, 556 .open = chaoskey_open, 557 .release = chaoskey_release, 558 .llseek = default_llseek, 559 }; 560 561 /* class driver information */ 562 static struct usb_class_driver chaoskey_class = { 563 .name = "chaoskey%d", 564 .fops = &chaoskey_fops, 565 .minor_base = USB_CHAOSKEY_MINOR_BASE, 566 }; 567 568 /* usb specific object needed to register this driver with the usb subsystem */ 569 static struct usb_driver chaoskey_driver = { 570 .name = DRIVER_SHORT, 571 .probe = chaoskey_probe, 572 .disconnect = chaoskey_disconnect, 573 .suspend = chaoskey_suspend, 574 .resume = chaoskey_resume, 575 .reset_resume = chaoskey_resume, 576 .id_table = chaoskey_table, 577 .supports_autosuspend = 1, 578 }; 579 580 module_usb_driver(chaoskey_driver); 581 582