search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Portability cleanup as required by Linus.
[linux-2.6/linux-mips.git] / drivers / char / i810_rng.c
blob905d8e8cde945d2647b753dfebf7c2d14bac1cde
1 /*
2
3 Hardware driver for Intel i810 Random Number Generator (RNG)
4 Copyright 2000 Jeff Garzik <jgarzik@mandrakesoft.com>
5
6 Driver Web site: http://gtf.org/garzik/drivers/i810_rng/
7
8
9
10 Based on:
11 Intel 82802AB/82802AC Firmware Hub (FWH) Datasheet
12 May 1999 Order Number: 290658-002 R
13
14 Intel 82802 Firmware Hub: Random Number Generator
15 Programmer's Reference Manual
16 December 1999 Order Number: 298029-001 R
17
18 Intel 82802 Firmware HUB Random Number Generator Driver
19 Copyright (c) 2000 Matt Sottek <msottek@quiknet.com>
20
21 Special thanks to Matt Sottek. I did the "guts", he
22 did the "brains" and all the testing. (Anybody wanna send
23 me an i810 or i820?)
24
25 ----------------------------------------------------------
26
27 This software may be used and distributed according to the terms
28 of the GNU Public License, incorporated herein by reference.
29
30 ----------------------------------------------------------
31
32 From the firmware hub datasheet:
33
34 The Firmware Hub integrates a Random Number Generator (RNG)
35 using thermal noise generated from inherently random quantum
36 mechanical properties of silicon. When not generating new random
37 bits the RNG circuitry will enter a low power state. Intel will
38 provide a binary software driver to give third party software
39 access to our RNG for use as a security feature. At this time,
40 the RNG is only to be used with a system in an OS-present state.
41
42 ----------------------------------------------------------
43
44 Theory of operation:
45
46 This driver has TWO modes of operation:
47
48 Mode 1
49 ------
50 Character driver. Using the standard open()
51 and read() system calls, you can read random data from
52 the i810 RNG device. This data is NOT CHECKED by any
53 fitness tests, and could potentially be bogus (if the
54 hardware is faulty or has been tampered with).
55
56 /dev/intel_rng is char device major 10, minor 183.
57
58
59 Mode 2
60 ------
61 Injection of entropy into the kernel entropy pool via a
62 timer function.
63
64 A timer is run at rng_timer_len intervals, reading 8 bits
65 of data from the RNG. If the RNG has previously passed a
66 FIPS test, then the data will be added to the /dev/random
67 entropy pool. Then, those 8 bits are added to an internal
68 test data pool. When that pool is full, a FIPS test is
69 run to verify that the last N bytes read are decently random.
70
71 Thus, the RNG will never be enabled until it passes a
72 FIPS test. And, data will stop flowing into the system
73 entropy pool if the data is determined to be non-random.
74
75 Finally, note that the timer defaults to OFF. This ensures
76 that the system entropy pool will not be polluted with
77 RNG-originated data unless a conscious decision is made
78 by the user.
79
80 HOWEVER NOTE THAT UP TO 2499 BYTES OF DATA CAN BE BOGUS
81 BEFORE THE SYSTEM WILL NOTICE VIA THE FIPS TEST.
82
83 ----------------------------------------------------------
84
85 Driver notes:
86
87 * You may enable and disable the RNG timer via sysctl:
88
89 # disable RNG
90 echo 0 > /proc/sys/dev/i810_rng_timer
91
92 # enable RNG
93 echo 1 > /proc/sys/dev/i810_rng_timer
94
95 * The default number of entropy bits added by default is
96 the full 8 bits. If you wish to reduce this value for
97 paranoia's sake, you can do so via sysctl as well:
98
99 # Add only 4 bits of entropy to /dev/random
100 echo 4 > /proc/sys/dev/i810_rng_entropy
101
102 * The default number of entropy bits can also be set via
103 a module parameter "rng_entropy" at module load time.
104
105 * When the RNG timer is enabled, the driver reads 1 byte
106 from the hardware RNG every N jiffies. By default, every
107 half-second. If you would like to change the timer interval,
108 do so via another sysctl:
109
110 echo 200 > /proc/sys/dev/i810_rng_interval
111
112 NOTE THIS VALUE IS IN JIFFIES, NOT SECONDS OR MILLISECONDS.
113 Minimum interval is 1 jiffy, maximum interval is 24 hours.
114
115 * In order to unload the i810_rng module, you must first
116 disable the hardware via sysctl i810_hw_enabled, as shown above,
117 and make sure all users of the character device have closed
118
119 * The timer and the character device may be used simultaneously,
120 if desired.
121
122 * FIXME: Currently only one open() of the character device is allowed.
123 If another user tries to open() the device, they will get an
124 -EBUSY error. Instead, this really should either support
125 multiple simultaneous users of the character device (not hard),
126 or simply block open() until the current user of the chrdev
127 calls close().
128
129 * FIXME: support poll()
130
131 * FIXME: should we be crazy and support mmap()?
132
133 * FIXME: It is possible for the timer function to read,
134 and shove into the kernel entropy pool, 2499 bytes of data
135 before the internal FIPS test notices that the data is bad.
136 The kernel should handle this (I think???), but we should use a
137 2500-byte array, and re-run the FIPS test for every byte read.
138 This will slow things down but guarantee that bad data is
139 never passed upstream.
140
141 ----------------------------------------------------------
142
143 Change history:
144
145 0.6.2:
146 * Clean up spinlocks. Since we don't have any interrupts
147 to worry about, but we do have a timer to worry about,
148 we use spin_lock_bh everywhere except the timer function
149 itself.
150 * Fix module load/unload.
151 * Fix timer function and h/w enable/disable logic
152 * New timer interval sysctl
153 * Clean up sysctl names
154
155 */
156
157
158 #include <linux/module.h>
159 #include <linux/kernel.h>
160 #include <linux/fs.h>
161 #include <linux/init.h>
162 #include <linux/pci.h>
163 #include <linux/interrupt.h>
164 #include <linux/spinlock.h>
165 #include <linux/random.h>
166 #include <linux/sysctl.h>
167 #include <linux/miscdevice.h>
168
169 #include <asm/io.h>
170 #include <asm/uaccess.h>
171
172
173 /*
174 * core module and version information
175 */
176 #define RNG_VERSION "0.6.2"
177 #define RNG_MODULE_NAME "i810_rng"
178 #define RNG_DRIVER_NAME RNG_MODULE_NAME " hardware driver " RNG_VERSION
179 #define PFX RNG_MODULE_NAME ": "
180
181
182 /*
183 * debugging macros
184 */
185 #undef RNG_DEBUG /* define to 1 to enable copious debugging info */
186
187 #ifdef RNG_DEBUG
188 /* note: prints function name for you */
189 #define DPRINTK(fmt, args...) printk(KERN_DEBUG "%s: " fmt, __FUNCTION__ , ## args)
190 #else
191 #define DPRINTK(fmt, args...)
192 #endif
193
194 #define RNG_NDEBUG 0 /* define to 1 to disable lightweight runtime checks */
195 #if RNG_NDEBUG
196 #define assert(expr)
197 #else
198 #define assert(expr) \
199 if(!(expr)) { \
200 printk( "Assertion failed! %s,%s,%s,line=%d\n", \
201 #expr,__FILE__,__FUNCTION__,__LINE__); \
202 }
203 #endif
204
205
206 /*
207 * misc helper macros
208 */
209 #define arraysize(x) (sizeof(x)/sizeof(*(x)))
210
211 /*
212 * prototypes
213 */
214 static void rng_fips_test_store (int rng_data);
215 static void rng_run_fips_test (void);
216
217
218 /*
219 * RNG registers (offsets from rng_mem)
220 */
221 #define RNG_HW_STATUS 0
222 #define RNG_PRESENT 0x40
223 #define RNG_ENABLED 0x01
224 #define RNG_STATUS 1
225 #define RNG_DATA_PRESENT 0x01
226 #define RNG_DATA 2
227
228 #define RNG_ADDR 0xFFBC015F
229 #define RNG_ADDR_LEN 3
230
231 #define RNG_MAX_ENTROPY 8 /* max entropy h/w is capable of */
232
233 #define RNG_MISCDEV_MINOR 183 /* official */
234
235
236 /*
237 * Frequency that data is added to kernel entropy pool
238 * HZ>>1 == every half-second
239 */
240 #define RNG_DEF_TIMER_LEN (HZ >> 1)
241
242
243 /*
244 * number of bytes required for a FIPS test.
245 * do not alter unless you really, I mean
246 * REALLY know what you are doing.
247 */
248 #define RNG_FIPS_TEST_THRESHOLD 2500
249
250
251 /*
252 * various RNG status variables. they are globals
253 * as we only support a single RNG device
254 */
255 static int rng_allocated; /* is someone using the RNG region? */
256 static int rng_hw_enabled; /* is the RNG h/w enabled? */
257 static int rng_timer_enabled; /* is the RNG timer enabled? */
258 static int rng_use_count; /* number of times RNG has been enabled */
259 static int rng_trusted; /* does FIPS trust out data? */
260 static int rng_enabled_sysctl; /* sysctl for enabling/disabling RNG */
261 static int rng_entropy = 8; /* number of entropy bits we submit to /dev/random */
262 static int rng_entropy_sysctl; /* sysctl for changing entropy bits */
263 static int rng_interval_sysctl; /* sysctl for changing timer interval */
264 static int rng_have_mem_region; /* did we grab RNG region via request_mem_region? */
265 static int rng_fips_counter; /* size of internal FIPS test data pool */
266 static int rng_timer_len = RNG_DEF_TIMER_LEN; /* timer interval, in jiffies */
267 static void *rng_mem; /* token to our ioremap'd RNG register area */
268 static spinlock_t rng_lock = SPIN_LOCK_UNLOCKED; /* hardware lock */
269 static struct timer_list rng_timer; /* kernel timer for RNG hardware reads and tests */
270 static int rng_open; /* boolean, 0 (false) if chrdev is closed, 1 (true) if open */
271
272 /*
273 * inlined helper functions for accessing RNG registers
274 */
275 static inline u8 rng_hwstatus (void)
276 {
277 assert (rng_mem != NULL);
278 return readb (rng_mem + RNG_HW_STATUS);
279 }
280
281
282 static inline void rng_hwstatus_set (u8 hw_status)
283 {
284 assert (rng_mem != NULL);
285 writeb (hw_status, rng_mem + RNG_HW_STATUS);
286 }
287
288
289 static inline int rng_data_present (void)
290 {
291 assert (rng_mem != NULL);
292 assert (rng_hw_enabled == 1);
293
294 return (readb (rng_mem + RNG_STATUS) & RNG_DATA_PRESENT) ? 1 : 0;
295 }
296
297
298 static inline int rng_data_read (void)
299 {
300 assert (rng_mem != NULL);
301 assert (rng_hw_enabled == 1);
302
303 return readb (rng_mem + RNG_DATA);
304 }
305
306
307 /*
308 * rng_timer_ticker - executes every rng_timer_len jiffies,
309 * adds a single byte to system entropy
310 * and internal FIPS test pools
311 */
312 static void rng_timer_tick (unsigned long data)
313 {
314 int rng_data;
315
316 spin_lock (&rng_lock);
317
318 if (rng_data_present ()) {
319 /* gimme some thermal noise, baby */
320 rng_data = rng_data_read ();
321
322 /*
323 * if RNG has been verified in the past, add
324 * data just read to the /dev/random pool,
325 * with the entropy specified by the user
326 * via sysctl (defaults to 8 bits)
327 */
328 if (rng_trusted)
329 batch_entropy_store (rng_data, jiffies, rng_entropy);
330
331 /* fitness testing via FIPS, if we have enough data */
332 rng_fips_test_store (rng_data);
333 if (rng_fips_counter > RNG_FIPS_TEST_THRESHOLD)
334 rng_run_fips_test ();
335 }
336
337 /* run the timer again, if enabled */
338 if (rng_timer_enabled) {
339 rng_timer.expires = jiffies + rng_timer_len;
340 add_timer (&rng_timer);
341 }
342
343 spin_unlock (&rng_lock);
344
345 }
346
347
348 /*
349 * rng_enable - enable or disable the RNG and internal timer
350 */
351 static int rng_enable (int enable)
352 {
353 int rc = 0;
354 u8 hw_status;
355
356 DPRINTK ("ENTER\n");
357
358 spin_lock_bh (&rng_lock);
359
360 hw_status = rng_hwstatus ();
361
362 if (enable) {
363 rng_hw_enabled = 1;
364 rng_use_count++;
365 MOD_INC_USE_COUNT;
366 } else {
367 rng_use_count--;
368 if (rng_use_count == 0)
369 rng_hw_enabled = 0;
370 MOD_DEC_USE_COUNT;
371 }
372
373 if (rng_hw_enabled && ((hw_status & RNG_ENABLED) == 0)) {
374 rng_hwstatus_set (hw_status | RNG_ENABLED);
375 printk (KERN_INFO PFX "RNG h/w enabled\n");
376 }
377
378 else if (!rng_hw_enabled && (hw_status & RNG_ENABLED)) {
379 rng_hwstatus_set (hw_status & ~RNG_ENABLED);
380 printk (KERN_INFO PFX "RNG h/w disabled\n");
381 }
382
383 spin_unlock_bh (&rng_lock);
384
385 if ((!!enable) != (!!(rng_hwstatus () & RNG_ENABLED))) {
386 printk (KERN_ERR PFX "Unable to %sable the RNG\n",
387 enable ? "en" : "dis");
388 rc = -EIO;
389 }
390
391 DPRINTK ("EXIT, returning %d\n", rc);
392 return rc;
393 }
394
395
396 /*
397 * rng_handle_sysctl_enable - handle a read or write of our enable/disable sysctl
398 */
399
400 static int rng_handle_sysctl_enable (ctl_table * table, int write, struct file *filp,
401 void *buffer, size_t * lenp)
402 {
403 int enabled_save, rc;
404
405 DPRINTK ("ENTER\n");
406
407 spin_lock_bh (&rng_lock);
408
409 rng_enabled_sysctl = enabled_save = rng_timer_enabled;
410
411 rc = proc_dointvec (table, write, filp, buffer, lenp);
412 if (rc) {
413 spin_unlock_bh (&rng_lock);
414 return rc;
415 }
416
417 if (enabled_save != rng_enabled_sysctl) {
418 rng_timer_enabled = rng_enabled_sysctl;
419 spin_unlock_bh (&rng_lock);
420
421 /* enable/disable hardware */
422 rng_enable (rng_enabled_sysctl);
423
424 /* enable/disable timer */
425 if (rng_enabled_sysctl) {
426 rng_timer.expires = jiffies + rng_timer_len;
427 add_timer (&rng_timer);
428 } else {
429 del_timer_sync (&rng_timer);
430 }
431 } else {
432 spin_unlock_bh (&rng_lock);
433 }
434
435 DPRINTK ("EXIT, returning 0\n");
436 return 0;
437 }
438
439
440 /*
441 * rng_handle_sysctl_entropy - handle a read or write of our entropy bits sysctl
442 */
443
444 static int rng_handle_sysctl_entropy (ctl_table * table, int write, struct file *filp,
445 void *buffer, size_t * lenp)
446 {
447 int entropy_bits_save, rc;
448
449 DPRINTK ("ENTER\n");
450
451 spin_lock_bh (&rng_lock);
452 rng_entropy_sysctl = entropy_bits_save = rng_entropy;
453 spin_unlock_bh (&rng_lock);
454
455 rc = proc_dointvec (table, write, filp, buffer, lenp);
456 if (rc)
457 return rc;
458
459 if (entropy_bits_save == rng_entropy_sysctl)
460 goto out;
461
462 if ((rng_entropy_sysctl >= 0) &&
463 (rng_entropy_sysctl <= 8)) {
464 spin_lock_bh (&rng_lock);
465 rng_entropy = rng_entropy_sysctl;
466 spin_unlock_bh (&rng_lock);
467
468 printk (KERN_INFO PFX "entropy bits now %d\n", rng_entropy_sysctl);
469 } else {
470 printk (KERN_INFO PFX "ignoring invalid entropy setting (%d)\n",
471 rng_entropy_sysctl);
472 }
473
474 out:
475 DPRINTK ("EXIT, returning 0\n");
476 return 0;
477 }
478
479 /*
480 * rng_handle_sysctl_interval - handle a read or write of our timer interval len sysctl
481 */
482
483 static int rng_handle_sysctl_interval (ctl_table * table, int write, struct file *filp,
484 void *buffer, size_t * lenp)
485 {
486 int timer_len_save, rc;
487
488 DPRINTK ("ENTER\n");
489
490 spin_lock_bh (&rng_lock);
491 rng_interval_sysctl = timer_len_save = rng_timer_len;
492 spin_unlock_bh (&rng_lock);
493
494 rc = proc_dointvec (table, write, filp, buffer, lenp);
495 if (rc)
496 return rc;
497
498 if (timer_len_save == rng_interval_sysctl)
499 goto out;
500
501 if ((rng_interval_sysctl > 0) &&
502 (rng_interval_sysctl < (HZ*86400))) {
503 spin_lock_bh (&rng_lock);
504 rng_timer_len = rng_interval_sysctl;
505 spin_unlock_bh (&rng_lock);
506
507 printk (KERN_INFO PFX "timer interval now %d\n", rng_interval_sysctl);
508 } else {
509 printk (KERN_INFO PFX "ignoring invalid timer interval (%d)\n",
510 rng_interval_sysctl);
511 }
512
513 out:
514 DPRINTK ("EXIT, returning 0\n");
515 return 0;
516 }
517
518
519 /*
520 * rng_sysctl - add or remove the rng sysctl
521 */
522 static void rng_sysctl (int add)
523 {
524 #define DEV_I810_TIMER 1
525 #define DEV_I810_ENTROPY 2
526 #define DEV_I810_INTERVAL 3
527
528 /* Definition of the sysctl */
529 /* FIXME: use new field:value style of struct initialization */
530 static ctl_table rng_sysctls[] = {
531 {DEV_I810_TIMER, /* ID */
532 RNG_MODULE_NAME "_timer", /* name in /proc */
533 &rng_enabled_sysctl,
534 sizeof (rng_enabled_sysctl), /* data ptr, data size */
535 0644, /* mode */
536 0, /* child */
537 rng_handle_sysctl_enable, /* proc handler */
538 0, /* strategy */
539 0, /* proc control block */
540 0, 0}
541 ,
542 {DEV_I810_ENTROPY, /* ID */
543 RNG_MODULE_NAME "_entropy", /* name in /proc */
544 &rng_entropy_sysctl,
545 sizeof (rng_entropy_sysctl), /* data ptr, data size */
546 0644, /* mode */
547 0, /* child */
548 rng_handle_sysctl_entropy, /* proc handler */
549 0, /* strategy */
550 0, /* proc control block */
551 0, 0}
552 ,
553 {DEV_I810_INTERVAL, /* ID */
554 RNG_MODULE_NAME "_interval", /* name in /proc */
555 &rng_interval_sysctl,
556 sizeof (rng_interval_sysctl), /* data ptr, data size */
557 0644, /* mode */
558 0, /* child */
559 rng_handle_sysctl_interval, /* proc handler */
560 0, /* strategy */
561 0, /* proc control block */
562 0, 0}
563 ,
564 {0}
565 };
566
567 /* Define the parent file : /proc/sys/dev */
568 static ctl_table sysctls_root[] = {
569 {CTL_DEV,
570 "dev",
571 NULL, 0,
572 0555,
573 rng_sysctls},
574 {0}
575 };
576 static struct ctl_table_header *sysctls_root_header = NULL;
577
578 if (add) {
579 if (!sysctls_root_header)
580 sysctls_root_header = register_sysctl_table (sysctls_root, 0);
581 } else if (sysctls_root_header) {
582 unregister_sysctl_table (sysctls_root_header);
583 sysctls_root_header = NULL;
584 }
585 }
586
587
588 static int rng_dev_open (struct inode *inode, struct file *filp)
589 {
590 int rc = -EINVAL;
591
592 if ((filp->f_mode & FMODE_READ) == 0)
593 goto err_out;
594 if (filp->f_mode & FMODE_WRITE)
595 goto err_out;
596
597 spin_lock_bh (&rng_lock);
598
599 /* only allow one open of this device, exit with -EBUSY if already open */
600 /* FIXME: we should sleep on a semaphore here, unless O_NONBLOCK */
601 if (rng_open) {
602 spin_unlock_bh (&rng_lock);
603 rc = -EBUSY;
604 goto err_out;
605 }
606
607 rng_open = 1;
608
609 spin_unlock_bh (&rng_lock);
610
611 if (rng_enable(1) != 0) {
612 spin_lock_bh (&rng_lock);
613 rng_open = 0;
614 spin_unlock_bh (&rng_lock);
615 rc = -EIO;
616 goto err_out;
617 }
618
619 return 0;
620
621 err_out:
622 return rc;
623 }
624
625
626 static int rng_dev_release (struct inode *inode, struct file *filp)
627 {
628
629 if (rng_enable(0) != 0)
630 return -EIO;
631
632 spin_lock_bh (&rng_lock);
633 rng_open = 0;
634 spin_unlock_bh (&rng_lock);
635
636 return 0;
637 }
638
639
640 static ssize_t rng_dev_read (struct file *filp, char * buf, size_t size,
641 loff_t *offp)
642 {
643 int have_data, copied = 0;
644 u8 data=0;
645 u8 *page;
646
647 if (size < 1)
648 return 0;
649
650 page = (unsigned char *) get_free_page (GFP_KERNEL);
651 if (!page)
652 return -ENOMEM;
653
654 read_loop:
655 /* using the fact that read() can return >0 but
656 * less than the requested amount, we simply
657 * read up to PAGE_SIZE or buffer size, whichever
658 * is smaller, and return that data.
659 */
660 if ((copied == size) || (copied == PAGE_SIZE)) {
661 size_t tmpsize = (copied == size) ? size : PAGE_SIZE;
662 int rc = copy_to_user (buf, page, tmpsize);
663 free_page ((long)page);
664 if (rc) return rc;
665 return tmpsize;
666 }
667
668 spin_lock_bh (&rng_lock);
669
670 have_data = 0;
671 if (rng_data_present ()) {
672 data = rng_data_read ();
673 have_data = 1;
674 }
675
676 spin_unlock_bh (&rng_lock);
677
678 if (have_data) {
679 page[copied] = data;
680 copied++;
681 } else {
682 if (filp->f_flags & O_NONBLOCK) {
683 free_page ((long)page);
684 return -EAGAIN;
685 }
686 }
687
688 if (current->need_resched)
689 schedule ();
690
691 if (signal_pending (current)) {
692 free_page ((long)page);
693 return -ERESTARTSYS;
694 }
695
696 goto read_loop;
697 }
698
699
700 /*
701 * rng_init_one - look for and attempt to init a single RNG
702 */
703 static int __init rng_init_one (struct pci_dev *dev,
704 const struct pci_device_id *id)
705 {
706 int rc;
707 u8 hw_status;
708
709 DPRINTK ("ENTER\n");
710
711 if (rng_allocated) {
712 printk (KERN_ERR PFX "this driver only supports one RNG\n");
713 DPRINTK ("EXIT, returning -EBUSY\n");
714 return -EBUSY;
715 }
716
717 /* XXX currently fails, investigate who has our mem region */
718 if (request_mem_region (RNG_ADDR, RNG_ADDR_LEN, RNG_MODULE_NAME))
719 rng_have_mem_region = 1;
720
721 rng_mem = ioremap (RNG_ADDR, RNG_ADDR_LEN);
722 if (rng_mem == NULL) {
723 printk (KERN_ERR PFX "cannot ioremap RNG Memory\n");
724 DPRINTK ("EXIT, returning -EBUSY\n");
725 rc = -EBUSY;
726 goto err_out;
727 }
728
729 /* Check for Intel 82802 */
730 hw_status = rng_hwstatus ();
731 if ((hw_status & RNG_PRESENT) == 0) {
732 printk (KERN_ERR PFX "RNG not detected\n");
733 DPRINTK ("EXIT, returning -ENODEV\n");
734 rc = -ENODEV;
735 goto err_out;
736 }
737
738 rng_allocated = 1;
739
740 if (rng_entropy < 0 || rng_entropy > RNG_MAX_ENTROPY)
741 rng_entropy = RNG_MAX_ENTROPY;
742
743 /* init core RNG timer, but do not add it */
744 init_timer (&rng_timer);
745 rng_timer.function = rng_timer_tick;
746
747 rc = rng_enable (0);
748 if (rc) {
749 printk (KERN_ERR PFX "cannot disable RNG, aborting\n");
750 goto err_out;
751 }
752
753 /* add sysctls */
754 rng_sysctl (1);
755
756 DPRINTK ("EXIT, returning 0\n");
757 return 0;
758
759 err_out:
760 if (rng_mem)
761 iounmap (rng_mem);
762 if (rng_have_mem_region)
763 release_mem_region (RNG_ADDR, RNG_ADDR_LEN);
764 return rc;
765 }
766
767
768 /*
769 * Data for PCI driver interface
770 */
771 const static struct pci_device_id rng_pci_tbl[] __initdata = {
772 { 0x8086, 0x2418, PCI_ANY_ID, PCI_ANY_ID, },
773 { 0x8086, 0x2428, PCI_ANY_ID, PCI_ANY_ID, },
774 { 0, },
775 };
776 MODULE_DEVICE_TABLE (pci, rng_pci_tbl);
777
778 static struct pci_driver rng_driver = {
779 name: RNG_MODULE_NAME,
780 id_table: rng_pci_tbl,
781 probe: rng_init_one,
782 };
783
784 MODULE_AUTHOR("Jeff Garzik, Matt Sottek");
785 MODULE_DESCRIPTION("Intel i8xx chipset Random Number Generator (RNG) driver");
786 MODULE_PARM(rng_entropy, "1i");
787 MODULE_PARM_DESC(rng_entropy, "Bits of entropy to add to random pool per RNG byte (range: 0-8, default 8)");
788
789
790 static struct file_operations rng_chrdev_ops = {
791 owner: THIS_MODULE,
792 open: rng_dev_open,
793 release: rng_dev_release,
794 read: rng_dev_read,
795 };
796
797
798 static struct miscdevice rng_miscdev = {
799 RNG_MISCDEV_MINOR,
800 RNG_MODULE_NAME,
801 &rng_chrdev_ops,
802 };
803
804
805 /*
806 * rng_init - initialize RNG module
807 */
808 static int __init rng_init (void)
809 {
810 int rc;
811
812 DPRINTK ("ENTER\n");
813
814 if (pci_register_driver (&rng_driver) < 1) {
815 DPRINTK ("EXIT, returning -ENODEV\n");
816 return -ENODEV;
817 }
818
819 rc = misc_register (&rng_miscdev);
820 if (rc) {
821 pci_unregister_driver (&rng_driver);
822 DPRINTK ("EXIT, returning %d\n", rc);
823 return rc;
824 }
825
826 printk (KERN_INFO RNG_DRIVER_NAME " loaded\n");
827
828 DPRINTK ("EXIT, returning 0\n");
829 return 0;
830 }
831
832
833 /*
834 * rng_init - shutdown RNG module
835 */
836 static void __exit rng_cleanup (void)
837 {
838 DPRINTK ("ENTER\n");
839
840 del_timer_sync (&rng_timer);
841
842 rng_sysctl (0);
843 pci_unregister_driver (&rng_driver);
844
845 if (rng_have_mem_region)
846 release_mem_region (RNG_ADDR, RNG_ADDR_LEN);
847
848 rng_hwstatus_set (rng_hwstatus() & ~RNG_ENABLED);
849
850 misc_deregister (&rng_miscdev);
851
852 DPRINTK ("EXIT\n");
853 }
854
855
856 module_init (rng_init);
857 module_exit (rng_cleanup);
858
859
860
861
862 /* These are the startup tests suggested by the FIPS 140-1 spec section
863 * 4.11.1 (http://csrc.nist.gov/fips/fips1401.htm)
864 * The Monobit, Poker, Runs, and Long Runs tests are implemented below.
865 * This test is run at periodic intervals to verify
866 * data is sufficently random. If the tests are failed the RNG module
867 * will no longer submit data to the entropy pool, but the tests will
868 * continue to run at the given interval. If at a later time the RNG
869 * passes all tests it will be re-enabled for the next period.
870 * The reason for this is that it is not unlikely that at some time
871 * during normal operation one of the tests will fail. This does not
872 * necessarily mean the RNG is not operating properly, it is just a
873 * statistically rare event. In that case we don't want to forever
874 * disable the RNG, we will just leave it disabled for the period of
875 * time until the tests are rerun and passed.
876 *
877 * For argument sake I tested /proc/urandom with these tests and it
878 * took 142,095 tries before I got a failure, and urandom isn't as
879 * random as random :)
880 */
881
882 static int poker[16] = { 0, }, runs[12] = { 0, };
883 static int ones = 0, rlength = -1, current_bit = 0, rng_test = 0;
884
885
886 /*
887 * rng_fips_test_store - store 8 bits of entropy in FIPS
888 * internal test data pool
889 */
890 static void rng_fips_test_store (int rng_data)
891 {
892 int j;
893 static int last_bit = 0;
894
895 DPRINTK ("ENTER, rng_data = %d\n", rng_data & 0xFF);
896
897 poker[rng_data >> 4]++;
898 poker[rng_data & 15]++;
899
900 /* Note in the loop below rlength is always one less than the actual
901 run length. This makes things easier. */
902 last_bit = (rng_data & 128) >> 7;
903 for (j = 7; j >= 0; j--) {
904 ones += current_bit = (rng_data & 1 << j) >> j;
905 if (current_bit != last_bit) {
906 /* If runlength is 1-6 count it in correct bucket. 0's go in
907 runs[0-5] 1's go in runs[6-11] hence the 6*current_bit below */
908 if (rlength < 5) {
909 runs[rlength +
910 (6 * current_bit)]++;
911 } else {
912 runs[5 + (6 * current_bit)]++;
913 }
914
915 /* Check if we just failed longrun test */
916 if (rlength >= 33)
917 rng_test &= 8;
918 rlength = 0;
919 /* flip the current run type */
920 last_bit = current_bit;
921 } else {
922 rlength++;
923 }
924 }
925
926 DPRINTK ("EXIT\n");
927 }
928
929
930 /*
931 * now that we have some data, run a FIPS test
932 */
933 static void rng_run_fips_test (void)
934 {
935 int j, i;
936
937 DPRINTK ("ENTER\n");
938
939 /* add in the last (possibly incomplete) run */
940 if (rlength < 5)
941 runs[rlength + (6 * current_bit)]++;
942 else {
943 runs[5 + (6 * current_bit)]++;
944 if (rlength >= 33)
945 rng_test &= 8;
946 }
947 /* Ones test */
948 if ((ones >= 10346) || (ones <= 9654))
949 rng_test &= 1;
950 /* Poker calcs */
951 for (i = 0, j = 0; i < 16; i++)
952 j += poker[i] * poker[i];
953 if ((j >= 1580457) || (j <= 1562821))
954 rng_test &= 2;
955 if ((runs[0] < 2267) || (runs[0] > 2733) ||
956 (runs[1] < 1079) || (runs[1] > 1421) ||
957 (runs[2] < 502) || (runs[2] > 748) ||
958 (runs[3] < 223) || (runs[3] > 402) ||
959 (runs[4] < 90) || (runs[4] > 223) ||
960 (runs[5] < 90) || (runs[5] > 223) ||
961 (runs[6] < 2267) || (runs[6] > 2733) ||
962 (runs[7] < 1079) || (runs[7] > 1421) ||
963 (runs[8] < 502) || (runs[8] > 748) ||
964 (runs[9] < 223) || (runs[9] > 402) ||
965 (runs[10] < 90) || (runs[10] > 223) ||
966 (runs[11] < 90) || (runs[11] > 223)) {
967 rng_test &= 4;
968 }
969
970 rng_test = !rng_test;
971 DPRINTK ("FIPS test %sed\n", rng_test ? "pass" : "fail");
972
973 /* enable/disable RNG with results of the tests */
974 if (rng_test && !rng_trusted)
975 printk (KERN_WARNING PFX "FIPS test passed, enabling RNG\n");
976 else if (!rng_test && rng_trusted)
977 printk (KERN_WARNING PFX "FIPS test failed, disabling RNG\n");
978
979 rng_trusted = rng_test;
980
981 /* finally, clear out FIPS variables for start of next run */
982 memset (&poker, 0, sizeof (poker));
983 memset (&runs, 0, sizeof (runs));
984 ones = 0;
985 rlength = -1;
986 current_bit = 0;
987 rng_test = 0;
988
989 DPRINTK ("EXIT\n");
990 }
991
Mirror of the linux-mips.org kernel tree