[PATCH v6 0/5] ARM: arm64: Add SMCCC TRNG entropy service
Hi, a fix to v5, now *really* fixing the wrong priority of SMCCC vs. RNDR in arch_get_random_seed_long_early(). Apologies for messing this up in v5 and thanks to broonie for being on the watch! Will, Catalin: it would be much appreciated if you could consider taking patch 1/5. This contains the common definitions, and is a prerequisite for every other patch, although they are somewhat independent and likely will need to go through different subsystems. Cheers, Andre == The ARM architected TRNG firmware interface, described in ARM spec DEN0098[1], defines an ARM SMCCC based interface to a true random number generator, provided by firmware. This series collects all the patches implementing this in various places: as a user feeding into the ARCH_RANDOM pool, both for ARM and arm64, and as a service provider for KVM guests. Patch 1 introduces the interface definition used by all three entities. Patch 2 prepares the Arm SMCCC firmware driver to probe for the interface. This patch is needed to avoid a later dependency on *two* patches (there might be a better solution to this problem). Patch 3 implements the ARM part, patch 4 is the arm64 version. The final patch 5 adds support to provide random numbers to KVM guests. This was tested on: - QEMU -kernel (no SMCCC, regression test) - Juno w/ prototype of the h/w Trusted RNG support - mainline KVM (SMCCC, but no TRNG: regression test) - ARM and arm64 KVM guests, using the KVM service in patch 5/5 Based on v5.11-rc2, please let me know if I should rebase it on something else. A git repo is accessible at: https://gitlab.arm.com/linux-arm/linux-ap/-/commits/smccc-trng/v6/ Cheers, Andre [1] https://developer.arm.com/documentation/den0098/latest/ Changelog v5 ... v6: - *really* fixing order of SMCCC vs. RNDR call in the *_early() version Changelog v4 ... v5: - change order of SMCCC call vs. RNDR call in arch_get_random_seed_long_early - adding Sudeep's R-b: tags Changelog v3 ... v4: - include cache.h to always have __ro_after_init defined - change order of SMCCC call vs. RNDR call in arm64's archrandom.h - adding LinusW's R-b: tags Changelog v2 ... v3: - ARM: fix compilation with randconfig - arm64: use SMCCC call also in arch_get_random_seed_long_early() - KVM: comment on return value usage - KVM: use more interesting UUID (enjoy, Marc!) - KVM: use bitmaps instead of open coded long arrays - KVM: drop direct usage of arch_get_random() interface Changelog "v1" ... v2: - trigger ARCH_RANDOM initialisation from the SMCCC firmware driver - use a single bool in smccc.c to hold the initialisation state for arm64 - handle endianess correctly in the KVM provider Andre Przywara (2): firmware: smccc: Introduce SMCCC TRNG framework arm64: Add support for SMCCC TRNG entropy source Ard Biesheuvel (3): firmware: smccc: Add SMCCC TRNG function call IDs ARM: implement support for SMCCC TRNG entropy source KVM: arm64: implement the TRNG hypervisor call arch/arm/Kconfig| 4 ++ arch/arm/include/asm/archrandom.h | 74 + arch/arm64/include/asm/archrandom.h | 82 arch/arm64/include/asm/kvm_host.h | 2 + arch/arm64/kvm/Makefile | 2 +- arch/arm64/kvm/hypercalls.c | 6 ++ arch/arm64/kvm/trng.c | 85 + drivers/firmware/smccc/smccc.c | 6 ++ include/linux/arm-smccc.h | 31 +++ 9 files changed, 281 insertions(+), 11 deletions(-) create mode 100644 arch/arm/include/asm/archrandom.h create mode 100644 arch/arm64/kvm/trng.c -- 2.17.1 *** BLURB HERE *** Andre Przywara (2): firmware: smccc: Introduce SMCCC TRNG framework arm64: Add support for SMCCC TRNG entropy source Ard Biesheuvel (3): firmware: smccc: Add SMCCC TRNG function call IDs ARM: implement support for SMCCC TRNG entropy source KVM: arm64: implement the TRNG hypervisor call arch/arm/Kconfig| 4 ++ arch/arm/include/asm/archrandom.h | 74 + arch/arm64/include/asm/archrandom.h | 82 arch/arm64/include/asm/kvm_host.h | 2 + arch/arm64/kvm/Makefile | 2 +- arch/arm64/kvm/hypercalls.c | 6 ++ arch/arm64/kvm/trng.c | 85 + drivers/firmware/smccc/smccc.c | 6 ++ include/linux/arm-smccc.h | 31 +++ 9 files changed, 281 insertions(+), 11 deletions(-) create mode 100644 arch/arm/include/asm/archrandom.h create mode 100644 arch/arm64/kvm/trng.c -- 2.17.1 ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH v6 0/5] ARM: arm64: Add SMCCC TRNG entropy service
On Wed, 6 Jan 2021 10:34:48 +, Andre Przywara wrote: > a fix to v5, now *really* fixing the wrong priority of SMCCC vs. RNDR > in arch_get_random_seed_long_early(). Apologies for messing this up > in v5 and thanks to broonie for being on the watch! > > Will, Catalin: it would be much appreciated if you could consider taking > patch 1/5. This contains the common definitions, and is a prerequisite > for every other patch, although they are somewhat independent and likely > will need to go through different subsystems. > > [...] Applied the first patch only to arm64 (for-next/rng), thanks! [1/5] firmware: smccc: Add SMCCC TRNG function call IDs https://git.kernel.org/arm64/c/67c6bb56b649 What's the plan for the rest of the series, and I think the related change over at [1]? Cheers, -- Will [1] https://lore.kernel.org/linux-arm-kernel/20201105152944.16953-1-a...@kernel.org/ https://fixes.arm64.dev https://next.arm64.dev https://will.arm64.dev ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH v6 0/5] ARM: arm64: Add SMCCC TRNG entropy service
On Wed, 20 Jan 2021 at 14:01, Will Deacon wrote: > > On Wed, 6 Jan 2021 10:34:48 +, Andre Przywara wrote: > > a fix to v5, now *really* fixing the wrong priority of SMCCC vs. RNDR > > in arch_get_random_seed_long_early(). Apologies for messing this up > > in v5 and thanks to broonie for being on the watch! > > > > Will, Catalin: it would be much appreciated if you could consider taking > > patch 1/5. This contains the common definitions, and is a prerequisite > > for every other patch, although they are somewhat independent and likely > > will need to go through different subsystems. > > > > [...] > > Applied the first patch only to arm64 (for-next/rng), thanks! > > [1/5] firmware: smccc: Add SMCCC TRNG function call IDs > https://git.kernel.org/arm64/c/67c6bb56b649 > > What's the plan for the rest of the series, and I think the related > change over at [1]? > Given that Ted seems to have lost interest in /dev/random patches, I was hoping [1] could be taken via the arm64 tree instead. Without this patch, I don't think we should expose the SMCCC RNG interface via arch_get_random_seed(), given how insanely often it will be called in that case. Note that the KVM patch implements the opposite end of this interface, and is not affected by [1] at all, so that can be taken at any time. ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH v6 0/5] ARM: arm64: Add SMCCC TRNG entropy service
On 2021-01-20 13:01, Will Deacon wrote: On Wed, 6 Jan 2021 10:34:48 +, Andre Przywara wrote: a fix to v5, now *really* fixing the wrong priority of SMCCC vs. RNDR in arch_get_random_seed_long_early(). Apologies for messing this up in v5 and thanks to broonie for being on the watch! Will, Catalin: it would be much appreciated if you could consider taking patch 1/5. This contains the common definitions, and is a prerequisite for every other patch, although they are somewhat independent and likely will need to go through different subsystems. [...] Applied the first patch only to arm64 (for-next/rng), thanks! [1/5] firmware: smccc: Add SMCCC TRNG function call IDs https://git.kernel.org/arm64/c/67c6bb56b649 I can't see how the rest of the patches can go via any other tree if all the definitions are in the first one. Andre, can you explain what your plan is? Thanks, M. -- Jazz is not dead. It just smells funny... ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH v6 0/5] ARM: arm64: Add SMCCC TRNG entropy service
On Wed, 20 Jan 2021 13:26:26 + Marc Zyngier wrote: Hi, > On 2021-01-20 13:01, Will Deacon wrote: > > On Wed, 6 Jan 2021 10:34:48 +, Andre Przywara wrote: > >> a fix to v5, now *really* fixing the wrong priority of SMCCC vs. > >> RNDR in arch_get_random_seed_long_early(). Apologies for messing > >> this up in v5 and thanks to broonie for being on the watch! > >> > >> Will, Catalin: it would be much appreciated if you could consider > >> taking > >> patch 1/5. This contains the common definitions, and is a > >> prerequisite for every other patch, although they are somewhat > >> independent and likely > >> will need to go through different subsystems. > >> > >> [...] > > > > Applied the first patch only to arm64 (for-next/rng), thanks! > > > > [1/5] firmware: smccc: Add SMCCC TRNG function call IDs > > https://git.kernel.org/arm64/c/67c6bb56b649 > > I can't see how the rest of the patches can go via any other tree > if all the definitions are in the first one. > > Andre, can you explain what your plan is? Well, I don't really have a great solution for that, other than hoping that 1/5 makes it into Linus' master at some point. I see that it's a stretch, but pulling 1/5 into 5.11 now would prepare the stage for the others to go via any tree, into 5.12-rc1? Or you could maybe take both 1/5 and 5/5 into your kvm-arm tree, and would hope that a git rebase later would sort this out for you? But I think you are much more experienced in those kind of issues, so happy to hear about any other solutions. Thanks, Andre ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH v6 0/5] ARM: arm64: Add SMCCC TRNG entropy service
On Wed, Jan 20, 2021 at 01:45:24PM +, Andre Przywara wrote: > On Wed, 20 Jan 2021 13:26:26 + > Marc Zyngier wrote: > > Hi, > > > On 2021-01-20 13:01, Will Deacon wrote: > > > On Wed, 6 Jan 2021 10:34:48 +, Andre Przywara wrote: > > >> a fix to v5, now *really* fixing the wrong priority of SMCCC vs. > > >> RNDR in arch_get_random_seed_long_early(). Apologies for messing > > >> this up in v5 and thanks to broonie for being on the watch! > > >> > > >> Will, Catalin: it would be much appreciated if you could consider > > >> taking > > >> patch 1/5. This contains the common definitions, and is a > > >> prerequisite for every other patch, although they are somewhat > > >> independent and likely > > >> will need to go through different subsystems. > > >> > > >> [...] > > > > > > Applied the first patch only to arm64 (for-next/rng), thanks! > > > > > > [1/5] firmware: smccc: Add SMCCC TRNG function call IDs > > > https://git.kernel.org/arm64/c/67c6bb56b649 > > > > I can't see how the rest of the patches can go via any other tree > > if all the definitions are in the first one. > > > > Andre, can you explain what your plan is? > > Well, I don't really have a great solution for that, other than hoping > that 1/5 makes it into Linus' master at some point. > > I see that it's a stretch, but pulling 1/5 into 5.11 now would > prepare the stage for the others to go via any tree, into 5.12-rc1? > > Or you could maybe take both 1/5 and 5/5 into your kvm-arm tree, and > would hope that a git rebase later would sort this out for you? > > But I think you are much more experienced in those kind of issues, so > happy to hear about any other solutions. for-next/rng is a stable branch, so anybody who wants the first patch can just pull it (without anything I queue on top). Will ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH v6 0/5] ARM: arm64: Add SMCCC TRNG entropy service
On 2021-01-20 13:49, Will Deacon wrote: On Wed, Jan 20, 2021 at 01:45:24PM +, Andre Przywara wrote: On Wed, 20 Jan 2021 13:26:26 + Marc Zyngier wrote: Hi, > On 2021-01-20 13:01, Will Deacon wrote: > > On Wed, 6 Jan 2021 10:34:48 +, Andre Przywara wrote: > >> a fix to v5, now *really* fixing the wrong priority of SMCCC vs. > >> RNDR in arch_get_random_seed_long_early(). Apologies for messing > >> this up in v5 and thanks to broonie for being on the watch! > >> > >> Will, Catalin: it would be much appreciated if you could consider > >> taking > >> patch 1/5. This contains the common definitions, and is a > >> prerequisite for every other patch, although they are somewhat > >> independent and likely > >> will need to go through different subsystems. > >> > >> [...] > > > > Applied the first patch only to arm64 (for-next/rng), thanks! > > > > [1/5] firmware: smccc: Add SMCCC TRNG function call IDs > > https://git.kernel.org/arm64/c/67c6bb56b649 > > I can't see how the rest of the patches can go via any other tree > if all the definitions are in the first one. > > Andre, can you explain what your plan is? Well, I don't really have a great solution for that, other than hoping that 1/5 makes it into Linus' master at some point. I see that it's a stretch, but pulling 1/5 into 5.11 now would prepare the stage for the others to go via any tree, into 5.12-rc1? Or you could maybe take both 1/5 and 5/5 into your kvm-arm tree, and would hope that a git rebase later would sort this out for you? But I think you are much more experienced in those kind of issues, so happy to hear about any other solutions. for-next/rng is a stable branch, so anybody who wants the first patch can just pull it (without anything I queue on top). OK. I'll pull that branch and stash the KVM stuff on top. Thanks, M. -- Jazz is not dead. It just smells funny... ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH v6 0/5] ARM: arm64: Add SMCCC TRNG entropy service
On Wed, Jan 20, 2021 at 02:15:59PM +0100, Ard Biesheuvel wrote: > On Wed, 20 Jan 2021 at 14:01, Will Deacon wrote: > > > > On Wed, 6 Jan 2021 10:34:48 +, Andre Przywara wrote: > > > a fix to v5, now *really* fixing the wrong priority of SMCCC vs. RNDR > > > in arch_get_random_seed_long_early(). Apologies for messing this up > > > in v5 and thanks to broonie for being on the watch! > > > > > > Will, Catalin: it would be much appreciated if you could consider taking > > > patch 1/5. This contains the common definitions, and is a prerequisite > > > for every other patch, although they are somewhat independent and likely > > > will need to go through different subsystems. > > > > > > [...] > > > > Applied the first patch only to arm64 (for-next/rng), thanks! > > > > [1/5] firmware: smccc: Add SMCCC TRNG function call IDs > > https://git.kernel.org/arm64/c/67c6bb56b649 > > > > What's the plan for the rest of the series, and I think the related > > change over at [1]? > > > > Given that Ted seems to have lost interest in /dev/random patches, I > was hoping [1] could be taken via the arm64 tree instead. Without this > patch, I don't think we should expose the SMCCC RNG interface via > arch_get_random_seed(), given how insanely often it will be called in > that case. Ok, let's give that a shot -- I'll additionally pick patches 2 and 4 out of this series, and merge in the /dev/random change on its own branch in case there are any late objections. Will ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: (subset) [PATCH v6 0/5] ARM: arm64: Add SMCCC TRNG entropy service
On Wed, 6 Jan 2021 10:34:48 +, Andre Przywara wrote: > a fix to v5, now *really* fixing the wrong priority of SMCCC vs. RNDR > in arch_get_random_seed_long_early(). Apologies for messing this up > in v5 and thanks to broonie for being on the watch! > > Will, Catalin: it would be much appreciated if you could consider taking > patch 1/5. This contains the common definitions, and is a prerequisite > for every other patch, although they are somewhat independent and likely > will need to go through different subsystems. > > [...] Applied to kvm-arm64/rng-5.12, thanks! [5/5] KVM: arm64: implement the TRNG hypervisor call commit: a8e190cdae1bf8e9e490776b8179babc1962bb25 Cheers, M. -- Without deviation from the norm, progress is not possible. ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
