1 /* 2 * nRF51 Random Number Generator 3 * 4 * Reference Manual: http://infocenter.nordicsemi.com/pdf/nRF51_RM_v3.0.1.pdf 5 * 6 * Copyright 2018 Steffen Görtz <contrib@steffen-goertz.de> 7 * 8 * This code is licensed under the GPL version 2 or later. See 9 * the COPYING file in the top-level directory. 10 */ 11 12 #include "qemu/osdep.h" 13 #include "qemu/log.h" 14 #include "qemu/module.h" 15 #include "qapi/error.h" 16 #include "hw/arm/nrf51.h" 17 #include "hw/irq.h" 18 #include "hw/misc/nrf51_rng.h" 19 #include "migration/vmstate.h" 20 #include "qemu/guest-random.h" 21 22 static void update_irq(NRF51RNGState *s) 23 { 24 bool irq = s->interrupt_enabled && s->event_valrdy; 25 qemu_set_irq(s->irq, irq); 26 } 27 28 static uint64_t rng_read(void *opaque, hwaddr offset, unsigned int size) 29 { 30 NRF51RNGState *s = NRF51_RNG(opaque); 31 uint64_t r = 0; 32 33 switch (offset) { 34 case NRF51_RNG_EVENT_VALRDY: 35 r = s->event_valrdy; 36 break; 37 case NRF51_RNG_REG_SHORTS: 38 r = s->shortcut_stop_on_valrdy; 39 break; 40 case NRF51_RNG_REG_INTEN: 41 case NRF51_RNG_REG_INTENSET: 42 case NRF51_RNG_REG_INTENCLR: 43 r = s->interrupt_enabled; 44 break; 45 case NRF51_RNG_REG_CONFIG: 46 r = s->filter_enabled; 47 break; 48 case NRF51_RNG_REG_VALUE: 49 r = s->value; 50 break; 51 52 default: 53 qemu_log_mask(LOG_GUEST_ERROR, 54 "%s: bad read offset 0x%" HWADDR_PRIx "\n", 55 __func__, offset); 56 } 57 58 return r; 59 } 60 61 static int64_t calc_next_timeout(NRF51RNGState *s) 62 { 63 int64_t timeout = qemu_clock_get_us(QEMU_CLOCK_VIRTUAL); 64 if (s->filter_enabled) { 65 timeout += s->period_filtered_us; 66 } else { 67 timeout += s->period_unfiltered_us; 68 } 69 70 return timeout; 71 } 72 73 74 static void rng_update_timer(NRF51RNGState *s) 75 { 76 if (s->active) { 77 timer_mod(&s->timer, calc_next_timeout(s)); 78 } else { 79 timer_del(&s->timer); 80 } 81 } 82 83 84 static void rng_write(void *opaque, hwaddr offset, 85 uint64_t value, unsigned int size) 86 { 87 NRF51RNGState *s = NRF51_RNG(opaque); 88 89 switch (offset) { 90 case NRF51_RNG_TASK_START: 91 if (value == NRF51_TRIGGER_TASK) { 92 s->active = 1; 93 rng_update_timer(s); 94 } 95 break; 96 case NRF51_RNG_TASK_STOP: 97 if (value == NRF51_TRIGGER_TASK) { 98 s->active = 0; 99 rng_update_timer(s); 100 } 101 break; 102 case NRF51_RNG_EVENT_VALRDY: 103 if (value == NRF51_EVENT_CLEAR) { 104 s->event_valrdy = 0; 105 } 106 break; 107 case NRF51_RNG_REG_SHORTS: 108 s->shortcut_stop_on_valrdy = 109 (value & BIT_MASK(NRF51_RNG_REG_SHORTS_VALRDY_STOP)) ? 1 : 0; 110 break; 111 case NRF51_RNG_REG_INTEN: 112 s->interrupt_enabled = 113 (value & BIT_MASK(NRF51_RNG_REG_INTEN_VALRDY)) ? 1 : 0; 114 break; 115 case NRF51_RNG_REG_INTENSET: 116 if (value & BIT_MASK(NRF51_RNG_REG_INTEN_VALRDY)) { 117 s->interrupt_enabled = 1; 118 } 119 break; 120 case NRF51_RNG_REG_INTENCLR: 121 if (value & BIT_MASK(NRF51_RNG_REG_INTEN_VALRDY)) { 122 s->interrupt_enabled = 0; 123 } 124 break; 125 case NRF51_RNG_REG_CONFIG: 126 s->filter_enabled = 127 (value & BIT_MASK(NRF51_RNG_REG_CONFIG_DECEN)) ? 1 : 0; 128 break; 129 130 default: 131 qemu_log_mask(LOG_GUEST_ERROR, 132 "%s: bad write offset 0x%" HWADDR_PRIx "\n", 133 __func__, offset); 134 } 135 136 update_irq(s); 137 } 138 139 static const MemoryRegionOps rng_ops = { 140 .read = rng_read, 141 .write = rng_write, 142 .endianness = DEVICE_LITTLE_ENDIAN, 143 .impl.min_access_size = 4, 144 .impl.max_access_size = 4 145 }; 146 147 static void nrf51_rng_timer_expire(void *opaque) 148 { 149 NRF51RNGState *s = NRF51_RNG(opaque); 150 151 qemu_guest_getrandom_nofail(&s->value, 1); 152 153 s->event_valrdy = 1; 154 qemu_set_irq(s->eep_valrdy, 1); 155 156 if (s->shortcut_stop_on_valrdy) { 157 s->active = 0; 158 } 159 160 rng_update_timer(s); 161 update_irq(s); 162 } 163 164 static void nrf51_rng_tep_start(void *opaque, int n, int level) 165 { 166 NRF51RNGState *s = NRF51_RNG(opaque); 167 168 if (level) { 169 s->active = 1; 170 rng_update_timer(s); 171 } 172 } 173 174 static void nrf51_rng_tep_stop(void *opaque, int n, int level) 175 { 176 NRF51RNGState *s = NRF51_RNG(opaque); 177 178 if (level) { 179 s->active = 0; 180 rng_update_timer(s); 181 } 182 } 183 184 185 static void nrf51_rng_init(Object *obj) 186 { 187 NRF51RNGState *s = NRF51_RNG(obj); 188 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 189 190 memory_region_init_io(&s->mmio, obj, &rng_ops, s, 191 TYPE_NRF51_RNG, NRF51_RNG_SIZE); 192 sysbus_init_mmio(sbd, &s->mmio); 193 194 timer_init_us(&s->timer, QEMU_CLOCK_VIRTUAL, nrf51_rng_timer_expire, s); 195 196 sysbus_init_irq(sbd, &s->irq); 197 198 /* Tasks */ 199 qdev_init_gpio_in_named(DEVICE(s), nrf51_rng_tep_start, "tep_start", 1); 200 qdev_init_gpio_in_named(DEVICE(s), nrf51_rng_tep_stop, "tep_stop", 1); 201 202 /* Events */ 203 qdev_init_gpio_out_named(DEVICE(s), &s->eep_valrdy, "eep_valrdy", 1); 204 } 205 206 static void nrf51_rng_reset(DeviceState *dev) 207 { 208 NRF51RNGState *s = NRF51_RNG(dev); 209 210 s->value = 0; 211 s->active = 0; 212 s->event_valrdy = 0; 213 s->shortcut_stop_on_valrdy = 0; 214 s->interrupt_enabled = 0; 215 s->filter_enabled = 0; 216 217 rng_update_timer(s); 218 } 219 220 221 static Property nrf51_rng_properties[] = { 222 DEFINE_PROP_UINT16("period_unfiltered_us", NRF51RNGState, 223 period_unfiltered_us, 167), 224 DEFINE_PROP_UINT16("period_filtered_us", NRF51RNGState, 225 period_filtered_us, 660), 226 DEFINE_PROP_END_OF_LIST(), 227 }; 228 229 static const VMStateDescription vmstate_rng = { 230 .name = "nrf51_soc.rng", 231 .version_id = 1, 232 .minimum_version_id = 1, 233 .fields = (VMStateField[]) { 234 VMSTATE_UINT32(active, NRF51RNGState), 235 VMSTATE_UINT32(event_valrdy, NRF51RNGState), 236 VMSTATE_UINT32(shortcut_stop_on_valrdy, NRF51RNGState), 237 VMSTATE_UINT32(interrupt_enabled, NRF51RNGState), 238 VMSTATE_UINT32(filter_enabled, NRF51RNGState), 239 VMSTATE_END_OF_LIST() 240 } 241 }; 242 243 static void nrf51_rng_class_init(ObjectClass *klass, void *data) 244 { 245 DeviceClass *dc = DEVICE_CLASS(klass); 246 247 dc->props = nrf51_rng_properties; 248 dc->vmsd = &vmstate_rng; 249 dc->reset = nrf51_rng_reset; 250 } 251 252 static const TypeInfo nrf51_rng_info = { 253 .name = TYPE_NRF51_RNG, 254 .parent = TYPE_SYS_BUS_DEVICE, 255 .instance_size = sizeof(NRF51RNGState), 256 .instance_init = nrf51_rng_init, 257 .class_init = nrf51_rng_class_init 258 }; 259 260 static void nrf51_rng_register_types(void) 261 { 262 type_register_static(&nrf51_rng_info); 263 } 264 265 type_init(nrf51_rng_register_types) 266