n2rng.h revision 6c1891ea28c10049521d8647a32ef85d9449a8cb
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
*/
#ifndef _SYS_N2RNG_H
#define _SYS_N2RNG_H
/* skip following stuff when included in n2rng_hcall.s */
#ifndef _ASM
#include <sys/types.h>
#include <sys/mutex.h>
#include <sys/ksynch.h>
#include <sys/sunddi.h>
#include <sys/param.h>
#include <sys/crypto/common.h>
#include <sys/crypto/spi.h>
#include <sys/mdesc.h>
#endif /* !_ASM */
#ifdef __cplusplus
extern "C" {
#endif
#define HV_RNG_GET_DIAG_CONTROL 0x130
#define HV_RNG_CTL_READ 0x131
#define HV_RNG_CTL_WRITE 0x132
#define HV_RNG_DATA_READ_DIAG 0x133
#define HV_RNG_DATA_READ 0x134
#define CTL_STATE_UNCONFIGURED 0
#define CTL_STATE_CONFIGURED 1
#define CTL_STATE_HEALTHCHECK 2
#define CTL_STATE_ERROR 3
#define NRNGCTL 4
#define N2RNG_MAX_READ (128 * 1024) /* 128K bytes */
#define DRIVER "n2rng"
#define N2RNG_MANUFACTURER_ID "SUNWn2rng"
#define N2RNG_BINDNAME_N2 "SUNW,n2-rng"
#define N2RNG_BINDNAME_VF "SUNW,vf-rng"
#define N2RNG_BINDNAME_KT "SUNW,kt-rng"
#define N2RNG_MAX_RNGS 4
#define N2RNG_INVALID_ID (-1)
#ifndef _ASM
typedef enum {
N2RNG_CPU_UNKNOWN,
N2RNG_CPU_N2,
N2RNG_CPU_VF,
N2RNG_CPU_KT
} n2rng_binding_t;
typedef union n2rngctl {
uint64_t word;
struct {
uint64_t rnc_res : 39;
uint64_t rnc_cnt : 16;
uint64_t rnc_bypass : 1;
uint64_t rnc_vcoctl : 2;
uint64_t rnc_anlg_sel : 2;
uint64_t rnc_mode : 1;
uint64_t rnc_selbits : 3;
} fields;
} n2rng_ctl_t;
typedef struct {
n2rng_ctl_t ctlwds[NRNGCTL];
} n2rng_setup_t;
#if defined(_KERNEL)
/*
* Our contiguous memory alignment requirement is
* only for 8 bytes, however contig mem allocation
* routines requirement minimum of 64.
*/
#define CONTIG_ALIGNMENT 64
/*
* Returns 1 only if the address range of a variable of type type at
* ptr falls entirely on one page. Based on page size of 4K. May
* give some false negatives on larger page sizes.
*/
#define CONTIGUOUS(ptr, type) \
(((((uint64_t)(ptr)) ^ ((uint64_t)(ptr) + sizeof (type) -1)) \
& PAGEMASK) == 0)
/*
* The RNG hardware can send certain internal analog signals to an
* external pin on the chip. Setting the rnc_anlg_sel bit to
* N2RNG_NOANALOGOUT deselects all analog signals (perhaps selects
* ground). Choosing any other value would aid an attacker with
* physical access to the chip.
*/
#define N2RNG_NOANALOGOUT 0x2
/*
* There can only be N2_RNG_FIPS_INSTANCES concurrent RNG requsts from
* the framework. Making this value large helps benchmarks. It
* should probably come from a conf file, but for now it is hard
* coded. The code computes i % N2RNG_FIPS_INSTANCES, which is more
* efficient when N2RNG_FIPS_INSTANCES is a power of 2.
*/
#define N2RNG_FIPS_INSTANCES 8
typedef struct fipsrandomstruct fipsrandomstruct_t;
struct fipsrandomstruct {
kmutex_t mtx;
uint64_t entropyhunger; /* RNGs generated with no entropy */
uint32_t XKEY[6]; /* one extra word for getentropy */
uint32_t x_jminus1[5]; /* store the last output */
};
typedef struct {
/*
* volatile, since it is not protected by a mutex. (That is
* okay since it is operated on and accessed via atomic ops.)
*/
volatile unsigned int fips_round_robin_j;
fipsrandomstruct_t fipsarray[N2RNG_FIPS_INSTANCES];
} fips_ensemble_t;
/*
* Device flags (n2rng_t.n_flags)
*/
#define N2RNG_CONTROL 0x00000001
#define N2RNG_FAILED 0x00000002
#define N2RNG_CONFIGURED 0x00000004
#define N2RNG_INITIALIZED 0x00000008
#define N2RNG_REGISTERED 0x00000010
#define n2rng_setcontrol(n2rng) ((n2rng)->n_flags |= N2RNG_CONTROL)
#define n2rng_clrcontrol(n2rng) ((n2rng)->n_flags &= ~N2RNG_CONTROL)
#define n2rng_iscontrol(n2rng) ((n2rng)->n_flags & N2RNG_CONTROL)
#define n2rng_setfailed(n2rng) ((n2rng)->n_flags |= N2RNG_FAILED)
#define n2rng_clrfailed(n2rng) ((n2rng)->n_flags &= ~N2RNG_FAILED)
#define n2rng_isfailed(n2rng) ((n2rng)->n_flags & N2RNG_FAILED)
#define n2rng_setconfigured(n2rng) ((n2rng)->n_flags |= N2RNG_CONFIGURED)
#define n2rng_clrconfigured(n2rng) ((n2rng)->n_flags &= ~N2RNG_CONFIGURED)
#define n2rng_isconfigured(n2rng) ((n2rng)->n_flags & N2RNG_CONFIGURED)
#define n2rng_setinitialized(n2rng) ((n2rng)->n_flags |= N2RNG_INITIALIZED)
#define n2rng_clrinitialized(n2rng) ((n2rng)->n_flags &= ~N2RNG_INITIALIZED)
#define n2rng_isinitialized(n2rng) ((n2rng)->n_flags & N2RNG_INITIALIZED)
#define n2rng_setregistered(n2rng) ((n2rng)->n_flags |= N2RNG_REGISTERED)
#define n2rng_clrregistered(n2rng) ((n2rng)->n_flags &= ~N2RNG_REGISTERED)
#define n2rng_isregistered(n2rng) ((n2rng)->n_flags & N2RNG_REGISTERED)
#define DS_RNGBYTES 0
#define DS_RNGJOBS 1
#define DS_RNGHEALTHCHECKS 2
#define DS_MAX 3
#define N2RNG_NOSC 3
#define N2RNG_BIASBITS 2
#define N2RNG_NBIASES (1 << N2RNG_BIASBITS)
#define N2RNG_CTLOPS (N2RNG_OSC + 1)
#define N2RNG_PROP_NUM_UNITS "rng-#units"
#define SECOND 1000000 /* micro seconds */
typedef struct {
uint64_t numvals;
uint64_t H1; /* in bits per bit << LOG_VAL_SCALE */
uint64_t H2;
uint64_t Hinf;
} n2rng_osc_perf_t;
typedef n2rng_osc_perf_t n2rng_osc_perf_table_t[N2RNG_NOSC][N2RNG_NBIASES];
typedef struct {
uint64_t bias;
uint64_t entropy;
} n2rng_bias_info_t;
typedef struct {
n2rng_bias_info_t n_bias_info[N2RNG_NOSC];
n2rng_osc_perf_table_t n_perftable;
n2rng_setup_t n_preferred_config;
uint64_t n_rng_state; /* as last known in this drvr. */
} rng_entry_t;
typedef struct {
int n_num_rngs;
int n_num_rngs_online;
rng_entry_t *n_rngs;
clock_t n_hc_secs;
uint64_t n_watchdog_cycles;
uint64_t n_accumulate_cycles;
} rng_ctl_data_t;
typedef struct n2rng {
kmutex_t n_lock;
dev_info_t *n_dip;
unsigned n_flags; /* dev state flags */
uint_t n_hvapi_major_version;
uint_t n_hvapi_minor_version;
n2rng_binding_t n_binding;
char *n_binding_name;
rng_ctl_data_t *n_ctl_data; /* Only valid in ctl domain */
kstat_t *n_ksp;
uint64_t n_stats[DS_MAX];
crypto_kcf_provider_handle_t n_prov;
fips_ensemble_t n_frs;
timeout_id_t n_timeout_id;
md_t *n_mdp;
uint64_t n_sticks_per_usec;
ddi_taskq_t *n_taskq;
} n2rng_t;
typedef kstat_named_t n2rng_kstat_bias_t[N2RNG_MAX_RNGS][N2RNG_NOSC];
typedef struct n2rng_stat n2rng_stat_t;
struct n2rng_stat {
kstat_named_t ns_status;
kstat_named_t ns_algs[DS_MAX];
kstat_named_t ns_rngstate[N2RNG_MAX_RNGS];
n2rng_kstat_bias_t ns_rngbias;
n2rng_kstat_bias_t ns_rngentropy;
};
#define RNG_MODE_NORMAL 1
#define RNG_MODE_DIAGNOSTIC 0
#define RNG_DIAG_CHUNK_SIZE (N2RNG_MAX_READ / 8) /* as words */
#define RNG_MAX_DATA_READ_ATTEMPTS 100
#define RNG_RETRY_HLCHK_USECS 100000 /* retry every .1 seconds */
#define RNG_MAX_LOGIC_TEST_ATTEMPTS 3
#define RNG_MAX_BUSY_ATTEMPTS 100
#define RNG_MAX_BLOCK_ATTEMPTS 50000
#define RNG_RETRY_BUSY_DELAY 1
#define RNG_DEFAULT_ACCUMULATE_CYCLES 2048
#define RNG_CFG_RETRY_SECS 60 /* seconds between cfg retries */
#define RNG_DEFAULT_HC_SECS 0 /* seconds between health checks */
#define RNG_EXTRA_WATCHDOG_SECS 60 /* added to hc time for watchdog */
#define LOG_ARG_SCALE 49
#define LOG_VAL_SCALE 32
void n2rng_sort(uint64_t *data, int log2_size);
int n2rng_noise_gen_preferred(n2rng_t *n2rng, int rngid);
int n2rng_config_test(n2rng_t *n2rng);
int n2rng_collect_diag_bits(n2rng_t *n2rng, int rngid,
n2rng_setup_t *collect_setupp, void *buffer, int numbytes,
n2rng_setup_t *exit_setupp, uint64_t exitstate);
int n2rng_getentropy(n2rng_t *n2rng, void *buffer, size_t size);
int n2rng_fips_random_init(n2rng_t *n2rng, fipsrandomstruct_t *frsp);
void n2rng_fips_random_fini(fipsrandomstruct_t *frsp);
int n2rng_do_health_check(n2rng_t *n2rng, int rngid);
void n2rng_renyi_entropy(uint64_t *buffer, int log2samples,
n2rng_osc_perf_t *metricp);
uint64_t n2rng_read_ctl(n2rng_t *n2rng, int rngid, uint64_t ctlregs_pa,
uint64_t *state, uint64_t *tdelta, uint64_t *wdelta);
uint64_t n2rng_ctl_wait(n2rng_t *n2rng, int rngid);
uint64_t n2rng_ctl_write(n2rng_t *n2rng, int rngid, uint64_t ctlregs_pa,
uint64_t newstate, uint64_t wtimeout, uint64_t *tdelta);
uint64_t n2rng_data_read_diag(n2rng_t *n2rng, int rngid, uint64_t data_pa,
size_t datalen, uint64_t *tdelta);
uint64_t n2rng_check_ctl_access(n2rng_t *n2rng);
void n2rng_config_retry(n2rng_t *n2rng, clock_t seconds);
#if defined(DEBUG)
#define DWARN 0x00000001
#define DMA_ARGS 0x00000002
#define DMA_LDST 0x00000004
#define DNCS_QTAIL 0x00000008
#define DATTACH 0x00000010
#define DCFG 0x00000020
#define DMOD 0x00000040 /* _init/_fini/_info/attach/detach */
#define DENTRY 0x00000080 /* crypto routine entry/exit points */
#define DHEALTH 0x00000100
#define DCHATTY 0x00000200
#define DKCF 0x00000400
#define DALL 0xFFFFFFFF
#define DBG0 n2rng_dprintf
#define DBG1 n2rng_dprintf
#define DBG2 n2rng_dprintf
#define DBG3 n2rng_dprintf
#define DBG4 n2rng_dprintf
#define DBG5 n2rng_dprintf
#define DBG6 n2rng_dprintf
#define DBGCALL(flag, func) { if (n2rng_dflagset(flag)) (void) func; }
void n2rng_dprintf(n2rng_t *, int, const char *, ...);
void n2rng_dumphex(void *, int);
int n2rng_dflagset(int);
#else /* !defined(DEBUG) */
#define DBG0(vca, lvl, fmt)
#define DBG1(vca, lvl, fmt, arg1)
#define DBG2(vca, lvl, fmt, arg1, arg2)
#define DBG3(vca, lvl, fmt, arg1, arg2, arg3)
#define DBG4(vca, lvl, fmt, arg1, arg2, arg3, arg4)
#define DBG5(vca, lvl, fmt, arg1, arg2, arg3, arg4, arg5)
#define DBG6(vca, lvl, fmt, arg1, arg2, arg3, arg4, arg5, arg6)
#define DBGCALL(flag, func)
#endif /* !defined(DEBUG) */
/*
* n2rng_kcf.c
*/
int n2rng_herr2kerr(uint64_t);
int n2rng_logic_test(n2rng_t *, int);
int n2rng_noise_gen_test_set(void);
int n2rng_init(n2rng_t *n2rng);
int n2rng_uninit(n2rng_t *n2rng);
int n2rng_register_provider(n2rng_t *n2rng);
int n2rng_unregister_provider(n2rng_t *n2rng);
void n2rng_failure(n2rng_t *n2rng);
void n2rng_unconfigured(n2rng_t *n2rng);
/*
* n2rng_debug.c
*/
void n2rng_error(n2rng_t *, const char *, ...);
void n2rng_diperror(dev_info_t *, const char *, ...);
void n2rng_dipverror(dev_info_t *, const char *, va_list);
uint64_t hv_rng_get_diag_control(void);
uint64_t hv_rng_ctl_read(uint64_t ctlregs_pa, uint64_t *state,
uint64_t *tdelta);
uint64_t hv_rng_ctl_read_v2(uint64_t ctlregs_pa, uint64_t rngid,
uint64_t *state, uint64_t *tdelta, uint64_t *wdelta, uint64_t *wstate);
uint64_t hv_rng_ctl_write(uint64_t ctlregs_pa,
uint64_t newstate, uint64_t wtimeout, uint64_t *tdelta);
uint64_t hv_rng_ctl_write_v2(uint64_t ctlregs_pa,
uint64_t newstate, uint64_t wtimeout, uint64_t rngid);
uint64_t hv_rng_data_read_diag(uint64_t data_pa,
size_t datalen, uint64_t *tdelta);
uint64_t hv_rng_data_read_diag_v2(uint64_t data_pa,
size_t datalen, uint64_t rngid, uint64_t *tdelta);
uint64_t hv_rng_data_read(uint64_t data_pa, uint64_t *tdelta);
/*
* n2rng_post.c
*/
int n2rng_fips_rng_post(void);
#endif /* _KERNEL */
#endif /* !_ASM */
#ifdef __cplusplus
}
#endif
#endif /* _SYS_N2RNG_H */