From nobody Mon Jun 8 07:21:44 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-alma10-1.taild15c8.ts.net [100.103.45.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C26232D9787; Sun, 31 May 2026 19:23:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=100.103.45.18 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780255382; cv=none; b=e96t/fcChB7d1Q56D772aqkZv4XFPUfuPhz1P+TcqZtJ+nDz37CNXOX+HuPdlr2nDG3osU+TxM84JDAgvIQ3AyXXtoJuUbKIrvP3CD6vLzJxdtRPXgbgLRBUjOgpwOBBE/ZY6DJAD8gBDzkPWsdO6vaD5ErrIQTIOljRljHB6I4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780255382; c=relaxed/simple; bh=9OXEHWFXi3dedFvMeMJywRaN68mE/fALy7lIctbYxjc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=okZSbqJiDjcS8u52UQAhBPEbNNza8yCJikqSDMIp5w2gnnkNp8ABkRCmnUPqhH/7iAAKSZojlSdJyOikJwzclr60yt3kmPglHb4TC+VuZ0Tc6uvS5mEeiQ+6tx95uHRpZF1CM0aTjC1oaFnlqDJMs4kh1O59N7UTqfX/qGmGq3Y= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=lf1+BpJJ; arc=none smtp.client-ip=100.103.45.18 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="lf1+BpJJ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 669511F00899; Sun, 31 May 2026 19:23:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel.org; s=k20260515; t=1780255381; bh=PtE9W6YDGCs/tmCEdA/v//PZCwP2DZ4Ut/SmazPBmMI=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=lf1+BpJJetBlzxhsWVzuilb3Nd3BeVKnK7YHF21V+2KTIiS2BiqV/Rjl+9c7mw7Dh cbM+dJuibiV/qBPhNudfbR9pmMK76p9I4xPwC6EaH44YjquJlAs0s56PLzggb6OTp1 utOLGRYxluyMk3RKikW1cnhTOaiwb1/0izvp5aVAkjVszSYlqaZ9MXFDNnDaTWbbtL 2JdVWOYnObNwsp08NXBoLIskUx4tWepT5/omfym72zLPk+N5V9HnZWDWV2I8J15gvB A9m7hn2bLRpm83sCsQJjMmD25IEtw2xX7LFZdhnkUOnZoq5U9fZjB9u/Kh8D0F5zJ1 4SdpqkC0s2qlw== From: Eric Biggers To: linux-crypto@vger.kernel.org, Herbert Xu Cc: linux-kernel@vger.kernel.org, Mounika Botcha , Harsh Jain , Olivia Mackall , Michal Simek , linux-arm-kernel@lists.infradead.org, Eric Biggers , stable@vger.kernel.org Subject: [PATCH 1/4] crypto: xilinx-trng - Remove crypto_rng interface Date: Sun, 31 May 2026 12:17:35 -0700 Message-ID: <20260531191738.55843-2-ebiggers@kernel.org> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260531191738.55843-1-ebiggers@kernel.org> References: <20260531191738.55843-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Implementing the crypto_rng interface has no purpose, as it isn't used in practice. It's being removed from other drivers too. Just remove it. This leaves hwrng, which is actually used. Tagging with 'Cc stable' due to the bugs that this removes: - xtrng_trng_generate() sometimes returned success even when it didn't fill in all the bytes. - It was possible for xtrng_trng_generate() and xtrng_hwrng_trng_read() to run concurrently and interfere with each other, as the locking code in xtrng_hwrng_trng_read() was broken. Fixes: 8979744aca80 ("crypto: xilinx - Add TRNG driver for Versal") Cc: stable@vger.kernel.org Signed-off-by: Eric Biggers --- drivers/crypto/Kconfig | 1 - drivers/crypto/xilinx/xilinx-trng.c | 85 ++--------------------------- 2 files changed, 4 insertions(+), 82 deletions(-) diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 07f0fa3341fc..26194c33cb32 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -708,11 +708,10 @@ config CRYPTO_DEV_TEGRA =20 config CRYPTO_DEV_XILINX_TRNG tristate "Support for Xilinx True Random Generator" depends on ZYNQMP_FIRMWARE || COMPILE_TEST select CRYPTO_DF80090A - select CRYPTO_RNG select HW_RANDOM help Xilinx Versal SoC driver provides kernel-side support for True Random N= umber Generator and Pseudo random Number in CTR_DRBG mode as defined in NIST = SP800-90A. =20 diff --git a/drivers/crypto/xilinx/xilinx-trng.c b/drivers/crypto/xilinx/xi= linx-trng.c index 43a4832f07e7..a35643baa489 100644 --- a/drivers/crypto/xilinx/xilinx-trng.c +++ b/drivers/crypto/xilinx/xilinx-trng.c @@ -4,25 +4,22 @@ * Copyright (c) 2024 - 2025 Advanced Micro Devices, Inc. */ =20 #include #include -#include #include #include #include #include #include #include #include -#include #include #include #include #include #include -#include =20 /* TRNG Registers Offsets */ #define TRNG_STATUS_OFFSET 0x4U #define TRNG_CTRL_OFFSET 0x8U #define TRNG_EXT_SEED_OFFSET 0x40U @@ -58,20 +55,13 @@ struct xilinx_rng { void __iomem *rng_base; struct device *dev; unsigned char *scratchpadbuf; struct aes_enckey *aeskey; - struct mutex lock; /* Protect access to TRNG device */ struct hwrng trng; }; =20 -struct xilinx_rng_ctx { - struct xilinx_rng *rng; -}; - -static struct xilinx_rng *xilinx_rng_dev; - static void xtrng_readwrite32(void __iomem *addr, u32 mask, u8 value) { u32 val; =20 val =3D ioread32(addr); @@ -243,74 +233,25 @@ static int xtrng_random_bytes_generate(struct xilinx_= rng *rng, u8 *rand_buf_ptr, } =20 return nbytes; } =20 -static int xtrng_trng_generate(struct crypto_rng *tfm, const u8 *src, u32 = slen, - u8 *dst, u32 dlen) -{ - struct xilinx_rng_ctx *ctx =3D crypto_rng_ctx(tfm); - int ret; - - mutex_lock(&ctx->rng->lock); - ret =3D xtrng_random_bytes_generate(ctx->rng, dst, dlen, true); - mutex_unlock(&ctx->rng->lock); - - return ret < 0 ? ret : 0; -} - -static int xtrng_trng_seed(struct crypto_rng *tfm, const u8 *seed, unsigne= d int slen) -{ - return 0; -} - -static int xtrng_trng_init(struct crypto_tfm *rtfm) -{ - struct xilinx_rng_ctx *ctx =3D crypto_tfm_ctx(rtfm); - - ctx->rng =3D xilinx_rng_dev; - - return 0; -} - -static struct rng_alg xtrng_trng_alg =3D { - .generate =3D xtrng_trng_generate, - .seed =3D xtrng_trng_seed, - .seedsize =3D 0, - .base =3D { - .cra_name =3D "stdrng", - .cra_driver_name =3D "xilinx-trng", - .cra_priority =3D 300, - .cra_ctxsize =3D sizeof(struct xilinx_rng_ctx), - .cra_module =3D THIS_MODULE, - .cra_init =3D xtrng_trng_init, - }, -}; - static int xtrng_hwrng_trng_read(struct hwrng *hwrng, void *data, size_t m= ax, bool wait) { u8 buf[TRNG_SEC_STRENGTH_BYTES]; struct xilinx_rng *rng; int ret =3D -EINVAL, i =3D 0; =20 rng =3D container_of(hwrng, struct xilinx_rng, trng); - /* Return in case wait not set and lock not available. */ - if (!mutex_trylock(&rng->lock) && !wait) - return 0; - else if (!mutex_is_locked(&rng->lock) && wait) - mutex_lock(&rng->lock); - while (i < max) { ret =3D xtrng_random_bytes_generate(rng, buf, TRNG_SEC_STRENGTH_BYTES, w= ait); if (ret < 0) break; =20 memcpy(data + i, buf, min_t(int, ret, (max - i))); i +=3D min_t(int, ret, (max - i)); } - mutex_unlock(&rng->lock); - return ret; } =20 static int xtrng_hwrng_register(struct hwrng *trng) { @@ -352,60 +293,42 @@ static int xtrng_probe(struct platform_device *pdev) if (!rng->aeskey) return -ENOMEM; =20 sb_size =3D crypto_drbg_ctr_df_datalen(TRNG_SEED_LEN_BYTES, AES_BLOCK_SIZ= E); rng->scratchpadbuf =3D devm_kzalloc(&pdev->dev, sb_size, GFP_KERNEL); - if (!rng->scratchpadbuf) { - ret =3D -ENOMEM; - goto end; - } + if (!rng->scratchpadbuf) + return -ENOMEM; =20 xtrng_trng_reset(rng->rng_base); ret =3D xtrng_reseed_internal(rng); if (ret) { dev_err(&pdev->dev, "TRNG Seed fail\n"); - goto end; - } - - xilinx_rng_dev =3D rng; - mutex_init(&rng->lock); - ret =3D crypto_register_rng(&xtrng_trng_alg); - if (ret) { - dev_err(&pdev->dev, "Crypto Random device registration failed: %d\n", re= t); - goto end; + return ret; } =20 ret =3D xtrng_hwrng_register(&rng->trng); if (ret) { dev_err(&pdev->dev, "HWRNG device registration failed: %d\n", ret); - goto crypto_rng_free; + return ret; } platform_set_drvdata(pdev, rng); =20 return 0; - -crypto_rng_free: - crypto_unregister_rng(&xtrng_trng_alg); - -end: - return ret; } =20 static void xtrng_remove(struct platform_device *pdev) { struct xilinx_rng *rng; u32 zero[TRNG_NUM_INIT_REGS] =3D { }; =20 rng =3D platform_get_drvdata(pdev); xtrng_hwrng_unregister(&rng->trng); - crypto_unregister_rng(&xtrng_trng_alg); xtrng_write_multiple_registers(rng->rng_base + TRNG_EXT_SEED_OFFSET, zero, TRNG_NUM_INIT_REGS); xtrng_write_multiple_registers(rng->rng_base + TRNG_PER_STRNG_OFFSET, zer= o, TRNG_NUM_INIT_REGS); xtrng_hold_reset(rng->rng_base); - xilinx_rng_dev =3D NULL; } =20 static const struct of_device_id xtrng_of_match[] =3D { { .compatible =3D "xlnx,versal-trng", }, {}, --=20 2.54.0 From nobody Mon Jun 8 07:21:44 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-alma10-1.taild15c8.ts.net [100.103.45.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 51B842DA765; Sun, 31 May 2026 19:23:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=100.103.45.18 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780255383; cv=none; b=dnJtqr4uq/sE+SK7c4G4ZikH4kRNt0YyRPGcuqjR0/Pl0ywTWjq5LSjjhM12GS9kkcz9PBc8hSnXriHA7NDXlxoc/toJOEJ3Wp6kCdHAMEnWZ0Sb2HxxOby8CXFH9MZkJHd1OVakw0cqyLwlgFfox7zR4T/E6om8FSyit8d7YXU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780255383; c=relaxed/simple; bh=qvn/gXsoTTq4QWX5QXXeQZOdby6RxSxxTycPzPhsUf8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=J/kesaOw8Xyrl31SK1LMim2LvwfRgbm0naSLpK2V3v1VuTRqhJCB3rbOv4IjgInogHJbl6gUgTVKoYqtORYdDwYOzqPRSb9Zz7T1yRxC03rwGMYN+jH3MNYubWA/gOjX398nGAm0OWBdIMW2IlLlnAdF7D1SnNsMGaMQVRDaAPc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=ltmEov7K; arc=none smtp.client-ip=100.103.45.18 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="ltmEov7K" Received: by smtp.kernel.org (Postfix) with ESMTPSA id CBAD41F0089A; Sun, 31 May 2026 19:23:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel.org; s=k20260515; t=1780255382; bh=/mY3enrm8GFK36qU/nkkjB0lXkdJWeRdwxvRsf3AZR8=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=ltmEov7KkF/Do5u+UnehUfhpQB0vhC4ehOVE26KxpoRda66YHqhEZ/IFdLqcYvSYe hYsIgbcO32GH0dYftrVPDh/cndTBRy+foG+1Tc9JyaYFUdF3c+hcE+hr+9rsn5fCg6 kWSv0HqoiMo+hLwJmvo9HenJkZJcqPbaOIVFZS/uz45ElS3PQxPJnR6Z7zGxeeE3su gIR1X2ZEI6RceK6E3UDl+OYRy38hgo6cwnPEJNcwFiHnCTDUUKqAnwTmtLr9WHZkUp r8R8eqm2KXURnTBGBfVOHT+yIhoYszGGGXK8AWpPxZlkNosieru1r0xdH0PGMyjtVk OjvNgE08seixQ== From: Eric Biggers To: linux-crypto@vger.kernel.org, Herbert Xu Cc: linux-kernel@vger.kernel.org, Mounika Botcha , Harsh Jain , Olivia Mackall , Michal Simek , linux-arm-kernel@lists.infradead.org, Eric Biggers , stable@vger.kernel.org Subject: [PATCH 2/4] crypto: xilinx-trng - Fix return value of xtrng_hwrng_trng_read() Date: Sun, 31 May 2026 12:17:36 -0700 Message-ID: <20260531191738.55843-3-ebiggers@kernel.org> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260531191738.55843-1-ebiggers@kernel.org> References: <20260531191738.55843-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Implementations of hwrng::read are expected to return the number of bytes generated. Update xtrng_hwrng_trng_read() to match that. Fixes: 8979744aca80 ("crypto: xilinx - Add TRNG driver for Versal") Cc: stable@vger.kernel.org Signed-off-by: Eric Biggers --- drivers/crypto/xilinx/xilinx-trng.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/drivers/crypto/xilinx/xilinx-trng.c b/drivers/crypto/xilinx/xi= linx-trng.c index a35643baa489..a30b0b3b3685 100644 --- a/drivers/crypto/xilinx/xilinx-trng.c +++ b/drivers/crypto/xilinx/xilinx-trng.c @@ -237,22 +237,25 @@ static int xtrng_random_bytes_generate(struct xilinx_= rng *rng, u8 *rand_buf_ptr, =20 static int xtrng_hwrng_trng_read(struct hwrng *hwrng, void *data, size_t m= ax, bool wait) { u8 buf[TRNG_SEC_STRENGTH_BYTES]; struct xilinx_rng *rng; - int ret =3D -EINVAL, i =3D 0; + int ret =3D 0, i =3D 0; =20 rng =3D container_of(hwrng, struct xilinx_rng, trng); while (i < max) { ret =3D xtrng_random_bytes_generate(rng, buf, TRNG_SEC_STRENGTH_BYTES, w= ait); - if (ret < 0) + if (ret < 0) { + if (i =3D=3D 0) + return ret; break; + } =20 memcpy(data + i, buf, min_t(int, ret, (max - i))); i +=3D min_t(int, ret, (max - i)); } - return ret; + return i; } =20 static int xtrng_hwrng_register(struct hwrng *trng) { int ret; --=20 2.54.0 From nobody Mon Jun 8 07:21:44 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-alma10-1.taild15c8.ts.net [100.103.45.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 97497324B33; Sun, 31 May 2026 19:23:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=100.103.45.18 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780255384; cv=none; b=myvmdHF7EGxI7Tk1EwdQO0ChKKoWpf7BvXhtQY0waLq0lBwXRmiKDJp9qrSZQQXmLdl+X34n0/CVydrdWHioF85eZgXRMklP7J8sFn9JJg4BFRF80e/jAxychpFjgAsPQc/EOCk+agSVlg3wbBt3kB1Wds/GewXHQikNSLbyvT4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780255384; c=relaxed/simple; bh=IfNvRfWhN9cRwDxPoic3doQ5MhK69KshNi0akBgXXKo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=jHsgxbSqZnX78bgHYEiGH2K7q0djzMtt3jgkX3ixWomU3bt4mzSnpqu5D5OlKVkb2EkMhlmU7ADm6bB5c+oco7y/JSWfAcuUwnTnHZlLwBHfME96rsd5OGhVAR4aCkarZvlYizXZhzXJRdEwjGhl3ktbxMx6zDIzH+59sxzTYHs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=WGKpzsFi; arc=none smtp.client-ip=100.103.45.18 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="WGKpzsFi" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3C8161F0089B; Sun, 31 May 2026 19:23:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel.org; s=k20260515; t=1780255382; bh=XmQepHfFgXjA+0v6SDJzJHGoPhtl4ztS6ylVSm5VPQ0=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=WGKpzsFiPHS37JqBXlpwFj5adiE9aTBDi+GXXb9XQ7FfOMAruz4HO7Spmi7OYPcZf +Oce7PXvihA/jHiUBuFXoDkQWSgNZZOQZjY/xCZIIHaaHvVBg/+lEomKuaVRI/itWf 8IIgXY10MA+6A0qY1v9xkLsDiWYzfFMsmxrpHZUvDbCbQ4gV4MDxMlXB1b9vfbJ7d6 Z5mr8yJZDDnHEuh9w9uUHe7MfuKwXGzHbIopglr8/QaFQhtlUTzxQdFHyEZC960i78 ESV81k7uXQ5Iq8jtl7exEKlYEN5MjJCc3wiJI/uQAhHw0num6sssmScwgKS4RU2P5k XsAXAjKmiQROQ== From: Eric Biggers To: linux-crypto@vger.kernel.org, Herbert Xu Cc: linux-kernel@vger.kernel.org, Mounika Botcha , Harsh Jain , Olivia Mackall , Michal Simek , linux-arm-kernel@lists.infradead.org, Eric Biggers Subject: [PATCH 3/4] crypto: xilinx-trng - Replace crypto_drbg_ctr_df() with HMAC-SHA512 Date: Sun, 31 May 2026 12:17:37 -0700 Message-ID: <20260531191738.55843-4-ebiggers@kernel.org> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260531191738.55843-1-ebiggers@kernel.org> References: <20260531191738.55843-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This code is just trying to condition 48 bytes of random data. This can be done easily using HKDF-SHA512-Extract, saving 300 lines of code. This commit also fixes forward security (in this particular case) by clearing the entropy from memory after it's used. Signed-off-by: Eric Biggers --- crypto/Kconfig | 5 - crypto/Makefile | 2 - crypto/df_sp80090a.c | 222 ---------------------------- drivers/crypto/Kconfig | 2 +- drivers/crypto/xilinx/xilinx-trng.c | 44 ++---- include/crypto/df_sp80090a.h | 53 ------- 6 files changed, 16 insertions(+), 312 deletions(-) delete mode 100644 crypto/df_sp80090a.c delete mode 100644 include/crypto/df_sp80090a.h diff --git a/crypto/Kconfig b/crypto/Kconfig index b5c5a1e04435..c3d7a20d5cb1 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -1244,15 +1244,10 @@ endif # if CRYPTO_JITTERENTROPY config CRYPTO_KDF800108_CTR tristate select CRYPTO_HMAC select CRYPTO_SHA256 =20 -config CRYPTO_DF80090A - tristate - select CRYPTO_AES - select CRYPTO_CTR - endmenu menu "Userspace interface (deprecated)" =20 config CRYPTO_USER_API tristate diff --git a/crypto/Makefile b/crypto/Makefile index c73f4d51d036..f98f57c7a49f 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -206,8 +206,6 @@ obj-$(CONFIG_CRYPTO_SIMD) +=3D crypto_simd.o # # Key derivation function # obj-$(CONFIG_CRYPTO_KDF800108_CTR) +=3D kdf_sp800108.o =20 -obj-$(CONFIG_CRYPTO_DF80090A) +=3D df_sp80090a.o - obj-$(CONFIG_CRYPTO_KRB5) +=3D krb5/ diff --git a/crypto/df_sp80090a.c b/crypto/df_sp80090a.c deleted file mode 100644 index 90e1973ee40c..000000000000 --- a/crypto/df_sp80090a.c +++ /dev/null @@ -1,222 +0,0 @@ -// SPDX-License-Identifier: GPL-2.0 - -/* - * NIST SP800-90A DRBG derivation function - * - * Copyright (C) 2014, Stephan Mueller - */ - -#include -#include -#include -#include -#include -#include -#include - -static void drbg_kcapi_sym(struct aes_enckey *aeskey, unsigned char *outva= l, - const struct drbg_string *in, u8 blocklen_bytes) -{ - /* there is only component in *in */ - BUG_ON(in->len < blocklen_bytes); - aes_encrypt(aeskey, outval, in->buf); -} - -/* BCC function for CTR DRBG as defined in 10.4.3 */ - -static void drbg_ctr_bcc(struct aes_enckey *aeskey, - unsigned char *out, const unsigned char *key, - struct list_head *in, - u8 blocklen_bytes, - u8 keylen) -{ - struct drbg_string *curr =3D NULL; - struct drbg_string data; - short cnt =3D 0; - - drbg_string_fill(&data, out, blocklen_bytes); - - /* 10.4.3 step 2 / 4 */ - aes_prepareenckey(aeskey, key, keylen); - list_for_each_entry(curr, in, list) { - const unsigned char *pos =3D curr->buf; - size_t len =3D curr->len; - /* 10.4.3 step 4.1 */ - while (len) { - /* 10.4.3 step 4.2 */ - if (blocklen_bytes =3D=3D cnt) { - cnt =3D 0; - drbg_kcapi_sym(aeskey, out, &data, blocklen_bytes); - } - out[cnt] ^=3D *pos; - pos++; - cnt++; - len--; - } - } - /* 10.4.3 step 4.2 for last block */ - if (cnt) - drbg_kcapi_sym(aeskey, out, &data, blocklen_bytes); -} - -/* - * scratchpad usage: drbg_ctr_update is interlinked with crypto_drbg_ctr_df - * (and drbg_ctr_bcc, but this function does not need any temporary buffer= s), - * the scratchpad is used as follows: - * drbg_ctr_update: - * temp - * start: drbg->scratchpad - * length: drbg_statelen(drbg) + drbg_blocklen(drbg) - * note: the cipher writing into this variable works - * blocklen-wise. Now, when the statelen is not a multiple - * of blocklen, the generateion loop below "spills over" - * by at most blocklen. Thus, we need to give sufficient - * memory. - * df_data - * start: drbg->scratchpad + - * drbg_statelen(drbg) + drbg_blocklen(drbg) - * length: drbg_statelen(drbg) - * - * crypto_drbg_ctr_df: - * pad - * start: df_data + drbg_statelen(drbg) - * length: drbg_blocklen(drbg) - * iv - * start: pad + drbg_blocklen(drbg) - * length: drbg_blocklen(drbg) - * temp - * start: iv + drbg_blocklen(drbg) - * length: drbg_satelen(drbg) + drbg_blocklen(drbg) - * note: temp is the buffer that the BCC function operates - * on. BCC operates blockwise. drbg_statelen(drbg) - * is sufficient when the DRBG state length is a multiple - * of the block size. For AES192 (and maybe other ciphers) - * this is not correct and the length for temp is - * insufficient (yes, that also means for such ciphers, - * the final output of all BCC rounds are truncated). - * Therefore, add drbg_blocklen(drbg) to cover all - * possibilities. - * refer to crypto_drbg_ctr_df_datalen() to get required length - */ - -/* Derivation Function for CTR DRBG as defined in 10.4.2 */ -int crypto_drbg_ctr_df(struct aes_enckey *aeskey, - unsigned char *df_data, size_t bytes_to_return, - struct list_head *seedlist, - u8 blocklen_bytes, - u8 statelen) -{ - unsigned char L_N[8]; - /* S3 is input */ - struct drbg_string S1, S2, S4, cipherin; - LIST_HEAD(bcc_list); - unsigned char *pad =3D df_data + statelen; - unsigned char *iv =3D pad + blocklen_bytes; - unsigned char *temp =3D iv + blocklen_bytes; - size_t padlen =3D 0; - unsigned int templen =3D 0; - /* 10.4.2 step 7 */ - unsigned int i =3D 0; - /* 10.4.2 step 8 */ - const unsigned char *K =3D (unsigned char *) - "\x00\x01\x02\x03\x04\x05\x06\x07" - "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" - "\x10\x11\x12\x13\x14\x15\x16\x17" - "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"; - unsigned char *X; - size_t generated_len =3D 0; - size_t inputlen =3D 0; - struct drbg_string *seed =3D NULL; - u8 keylen; - - memset(pad, 0, blocklen_bytes); - memset(iv, 0, blocklen_bytes); - keylen =3D statelen - blocklen_bytes; - /* 10.4.2 step 1 is implicit as we work byte-wise */ - - /* 10.4.2 step 2 */ - if ((512 / 8) < bytes_to_return) - return -EINVAL; - - /* 10.4.2 step 2 -- calculate the entire length of all input data */ - list_for_each_entry(seed, seedlist, list) - inputlen +=3D seed->len; - put_unaligned_be32(inputlen, &L_N[0]); - - /* 10.4.2 step 3 */ - put_unaligned_be32(bytes_to_return, &L_N[4]); - - /* 10.4.2 step 5: length is L_N, input_string, one byte, padding */ - padlen =3D (inputlen + sizeof(L_N) + 1) % (blocklen_bytes); - /* wrap the padlen appropriately */ - if (padlen) - padlen =3D blocklen_bytes - padlen; - /* - * pad / padlen contains the 0x80 byte and the following zero bytes. - * As the calculated padlen value only covers the number of zero - * bytes, this value has to be incremented by one for the 0x80 byte. - */ - padlen++; - pad[0] =3D 0x80; - - /* 10.4.2 step 4 -- first fill the linked list and then order it */ - drbg_string_fill(&S1, iv, blocklen_bytes); - list_add_tail(&S1.list, &bcc_list); - drbg_string_fill(&S2, L_N, sizeof(L_N)); - list_add_tail(&S2.list, &bcc_list); - list_splice_tail(seedlist, &bcc_list); - drbg_string_fill(&S4, pad, padlen); - list_add_tail(&S4.list, &bcc_list); - - /* 10.4.2 step 9 */ - while (templen < (keylen + (blocklen_bytes))) { - /* - * 10.4.2 step 9.1 - the padding is implicit as the buffer - * holds zeros after allocation -- even the increment of i - * is irrelevant as the increment remains within length of i - */ - put_unaligned_be32(i, iv); - /* 10.4.2 step 9.2 -- BCC and concatenation with temp */ - drbg_ctr_bcc(aeskey, temp + templen, K, &bcc_list, - blocklen_bytes, keylen); - /* 10.4.2 step 9.3 */ - i++; - templen +=3D blocklen_bytes; - } - - /* 10.4.2 step 11 */ - X =3D temp + (keylen); - drbg_string_fill(&cipherin, X, blocklen_bytes); - - /* 10.4.2 step 12: overwriting of outval is implemented in next step */ - - /* 10.4.2 step 13 */ - aes_prepareenckey(aeskey, temp, keylen); - while (generated_len < bytes_to_return) { - short blocklen =3D 0; - /* - * 10.4.2 step 13.1: the truncation of the key length is - * implicit as the key is only drbg_blocklen in size based on - * the implementation of the cipher function callback - */ - drbg_kcapi_sym(aeskey, X, &cipherin, blocklen_bytes); - blocklen =3D (blocklen_bytes < - (bytes_to_return - generated_len)) ? - blocklen_bytes : - (bytes_to_return - generated_len); - /* 10.4.2 step 13.2 and 14 */ - memcpy(df_data + generated_len, X, blocklen); - generated_len +=3D blocklen; - } - - memset(iv, 0, blocklen_bytes); - memset(temp, 0, statelen + blocklen_bytes); - memset(pad, 0, blocklen_bytes); - return 0; -} -EXPORT_SYMBOL_GPL(crypto_drbg_ctr_df); - -MODULE_IMPORT_NS("CRYPTO_INTERNAL"); -MODULE_LICENSE("GPL v2"); -MODULE_AUTHOR("Stephan Mueller "); -MODULE_DESCRIPTION("Derivation Function conformant to SP800-90A"); diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 26194c33cb32..ad6427f08d4f 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -707,11 +707,11 @@ config CRYPTO_DEV_TEGRA AES encryption/decryption and HASH algorithms. =20 config CRYPTO_DEV_XILINX_TRNG tristate "Support for Xilinx True Random Generator" depends on ZYNQMP_FIRMWARE || COMPILE_TEST - select CRYPTO_DF80090A + select CRYPTO_LIB_SHA512 select HW_RANDOM help Xilinx Versal SoC driver provides kernel-side support for True Random N= umber Generator and Pseudo random Number in CTR_DRBG mode as defined in NIST = SP800-90A. =20 diff --git a/drivers/crypto/xilinx/xilinx-trng.c b/drivers/crypto/xilinx/xi= linx-trng.c index a30b0b3b3685..f615d5adddde 100644 --- a/drivers/crypto/xilinx/xilinx-trng.c +++ b/drivers/crypto/xilinx/xilinx-trng.c @@ -2,10 +2,11 @@ /* * AMD Versal True Random Number Generator driver * Copyright (c) 2024 - 2025 Advanced Micro Devices, Inc. */ =20 +#include #include #include #include #include #include @@ -13,13 +14,10 @@ #include #include #include #include #include -#include -#include -#include =20 /* TRNG Registers Offsets */ #define TRNG_STATUS_OFFSET 0x4U #define TRNG_CTRL_OFFSET 0x8U #define TRNG_EXT_SEED_OFFSET 0x40U @@ -41,11 +39,10 @@ #define TRNG_STATUS_QCNT_MASK GENMASK(11, 9) #define TRNG_STATUS_QCNT_16_BYTES 0x800 =20 /* Sizes in bytes */ #define TRNG_SEED_LEN_BYTES 48U -#define TRNG_ENTROPY_SEED_LEN_BYTES 64U #define TRNG_SEC_STRENGTH_SHIFT 5U #define TRNG_SEC_STRENGTH_BYTES BIT(TRNG_SEC_STRENGTH_SHIFT) #define TRNG_BYTES_PER_REG 4U #define TRNG_RESET_DELAY 10 #define TRNG_NUM_INIT_REGS 12U @@ -53,12 +50,10 @@ #define TRNG_DATA_READ_DELAY 8000 =20 struct xilinx_rng { void __iomem *rng_base; struct device *dev; - unsigned char *scratchpadbuf; - struct aes_enckey *aeskey; struct hwrng trng; }; =20 static void xtrng_readwrite32(void __iomem *addr, u32 mask, u8 value) { @@ -170,33 +165,34 @@ static void xtrng_enable_entropy(struct xilinx_rng *r= ng) iowrite32(TRNG_CTRL_EUMODE_MASK | TRNG_CTRL_TRSSEN_MASK, rng->rng_base + = TRNG_CTRL_OFFSET); } =20 static int xtrng_reseed_internal(struct xilinx_rng *rng) { - u8 entropy[TRNG_ENTROPY_SEED_LEN_BYTES]; - struct drbg_string data; - LIST_HEAD(seedlist); + static const u8 default_salt[SHA512_DIGEST_SIZE]; + u8 entropy[SHA512_DIGEST_SIZE] __aligned(4); u32 val; int ret; =20 - drbg_string_fill(&data, entropy, TRNG_SEED_LEN_BYTES); - list_add_tail(&data.list, &seedlist); - memset(entropy, 0, sizeof(entropy)); xtrng_enable_entropy(rng); =20 - /* collect random data to use it as entropy (input for DF) */ + /* Collect some output from the TRNG. */ + static_assert(sizeof(entropy) >=3D TRNG_SEED_LEN_BYTES); ret =3D xtrng_collect_random_data(rng, entropy, TRNG_SEED_LEN_BYTES, true= ); if (ret !=3D TRNG_SEED_LEN_BYTES) return -EINVAL; - ret =3D crypto_drbg_ctr_df(rng->aeskey, rng->scratchpadbuf, - TRNG_SEED_LEN_BYTES, &seedlist, AES_BLOCK_SIZE, - TRNG_SEED_LEN_BYTES); - if (ret) - return ret; =20 + /* Extract entropy from the TRNG output using HKDF-SHA512-Extract. */ + hmac_sha512_usingrawkey(default_salt, sizeof(default_salt), entropy, + TRNG_SEED_LEN_BYTES, entropy); + + /* Write the extracted entropy to the hardware. */ xtrng_write_multiple_registers(rng->rng_base + TRNG_EXT_SEED_OFFSET, - (u32 *)rng->scratchpadbuf, TRNG_NUM_INIT_REGS); + (u32 *)entropy, TRNG_NUM_INIT_REGS); + + /* Clear the entropy from the stack. */ + memzero_explicit(entropy, sizeof(entropy)); + /* select reseed operation */ iowrite32(TRNG_CTRL_PRNGXS_MASK, rng->rng_base + TRNG_CTRL_OFFSET); =20 /* Start the reseed operation with above configuration and wait for STATU= S.Done bit to be * set. Monitor STATUS.CERTF bit, if set indicates SP800-90B entropy heal= th test has failed. @@ -276,11 +272,10 @@ static void xtrng_hwrng_unregister(struct hwrng *trng) } =20 static int xtrng_probe(struct platform_device *pdev) { struct xilinx_rng *rng; - size_t sb_size; int ret; =20 rng =3D devm_kzalloc(&pdev->dev, sizeof(*rng), GFP_KERNEL); if (!rng) return -ENOMEM; @@ -290,19 +285,10 @@ static int xtrng_probe(struct platform_device *pdev) if (IS_ERR(rng->rng_base)) { dev_err(&pdev->dev, "Failed to map resource %pe\n", rng->rng_base); return PTR_ERR(rng->rng_base); } =20 - rng->aeskey =3D devm_kzalloc(&pdev->dev, sizeof(*rng->aeskey), GFP_KERNEL= ); - if (!rng->aeskey) - return -ENOMEM; - - sb_size =3D crypto_drbg_ctr_df_datalen(TRNG_SEED_LEN_BYTES, AES_BLOCK_SIZ= E); - rng->scratchpadbuf =3D devm_kzalloc(&pdev->dev, sb_size, GFP_KERNEL); - if (!rng->scratchpadbuf) - return -ENOMEM; - xtrng_trng_reset(rng->rng_base); ret =3D xtrng_reseed_internal(rng); if (ret) { dev_err(&pdev->dev, "TRNG Seed fail\n"); return ret; diff --git a/include/crypto/df_sp80090a.h b/include/crypto/df_sp80090a.h deleted file mode 100644 index e594fb718eb8..000000000000 --- a/include/crypto/df_sp80090a.h +++ /dev/null @@ -1,53 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0 */ - -/* - * Copyright Stephan Mueller , 2014 - */ - -#ifndef _CRYPTO_DF80090A_H -#define _CRYPTO_DF80090A_H - -#include -#include -#include - -/* - * Concatenation Helper and string operation helper - * - * SP800-90A requires the concatenation of different data. To avoid copying - * buffers around or allocate additional memory, the following data struct= ure - * is used to point to the original memory with its size. In addition, it - * is used to build a linked list. The linked list defines the concatenati= on - * of individual buffers. The order of memory block referenced in that - * linked list determines the order of concatenation. - */ -struct drbg_string { - const unsigned char *buf; - size_t len; - struct list_head list; -}; - -static inline void drbg_string_fill(struct drbg_string *string, - const unsigned char *buf, size_t len) -{ - string->buf =3D buf; - string->len =3D len; - INIT_LIST_HEAD(&string->list); -} - -static inline int crypto_drbg_ctr_df_datalen(u8 statelen, u8 blocklen) -{ - return statelen + /* df_data */ - blocklen + /* pad */ - blocklen + /* iv */ - statelen + blocklen; /* temp */ -} - -int crypto_drbg_ctr_df(struct aes_enckey *aes, - unsigned char *df_data, - size_t bytes_to_return, - struct list_head *seedlist, - u8 blocklen_bytes, - u8 statelen); - -#endif /* _CRYPTO_DF80090A_H */ --=20 2.54.0 From nobody Mon Jun 8 07:21:44 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-alma10-1.taild15c8.ts.net [100.103.45.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2CDC133B6F4; Sun, 31 May 2026 19:23:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=100.103.45.18 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780255384; cv=none; b=jlfqwXJFe1ksbxNtUtwSRiq0QHpJY3UpHx68RV71/u4ju0cMgaxFSQGHzCMKOVZp6uSfHnFhLbPNsf0l/qg4FBT7QU63JSDd2QbiCC3ZJEAt6fsuZig3Kv3SeSY/mAx7FIqEKGIdwe/4+XPIv47rZm6trh2gup02i7uB9clDKqw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780255384; c=relaxed/simple; bh=5pCrWYczduBsQ/ALL2REyauU8QXHUfWLO1WwZnLzokQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=rq4Ysn0k9H7Heb1gG46HzXThggcfqVdd9KZJpwzXhWHE4s9tHiYBLKr9V72hJ5dAhqGY7v+iB4GaAVgPn4/e6DymFp4z00qP01Adz2o4xQJdIssr1K5gdkbA92QA2imzoJSO/Pu8sRWASu6lRaUMjhZHzGNEBWTrEyhcZNSp3xw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=ko/tba3H; arc=none smtp.client-ip=100.103.45.18 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="ko/tba3H" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9B6F61F00893; Sun, 31 May 2026 19:23:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel.org; s=k20260515; t=1780255382; bh=drqfjg2nZ2DWxQu7emk2SfhIy7vMmsaoIWRnmhbe+wg=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=ko/tba3HLKucRJKVb3n0g3z/DuDY3BwGUbsgQq5qmDji6k2rtknzK3v1XdF/n1ncS KkLOlk1cBZV+gTSjYpH+VKue3FcrF8L5ehR4iWlPd2UFnyXlupEcQmCUIWBRfdZXpv O72ubfn8Is/ge2oVoCQq3Z3qWroJcyMGYXfKivzsadsM2pnTWCh6DvUKVUKhVNRY8J gqVdaHtXv/vRrzrqpBSpBP7Hc2gm2OOHfxjeKhR2wPlckbbjrtD1vWjs9NN7Cksj/p vUH1W+E0f71DQNyNey/AjnAk7obXtDpgLEdXF8T74+bNJGE2WszX6UBRCt7WLPU7h6 oEg2cxsT681IA== From: Eric Biggers To: linux-crypto@vger.kernel.org, Herbert Xu Cc: linux-kernel@vger.kernel.org, Mounika Botcha , Harsh Jain , Olivia Mackall , Michal Simek , linux-arm-kernel@lists.infradead.org, Eric Biggers Subject: [PATCH 4/4] hwrng: xilinx - Move xilinx-rng into drivers/char/hw_random/ Date: Sun, 31 May 2026 12:17:38 -0700 Message-ID: <20260531191738.55843-5-ebiggers@kernel.org> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260531191738.55843-1-ebiggers@kernel.org> References: <20260531191738.55843-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Since this file just implements a hwrng driver, move it into drivers/char/hw_random/. Rename the kconfig option accordingly as well. Signed-off-by: Eric Biggers --- MAINTAINERS | 2 +- arch/arm64/configs/defconfig | 2 +- drivers/char/hw_random/Kconfig | 11 +++++++++++ drivers/char/hw_random/Makefile | 1 + .../{crypto/xilinx =3D> char/hw_random}/xilinx-trng.c | 0 drivers/crypto/Kconfig | 12 ------------ drivers/crypto/xilinx/Makefile | 1 - 7 files changed, 14 insertions(+), 15 deletions(-) rename drivers/{crypto/xilinx =3D> char/hw_random}/xilinx-trng.c (100%) diff --git a/MAINTAINERS b/MAINTAINERS index 882214b0e7db..a593e78c30fc 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -29218,11 +29218,11 @@ F: include/uapi/misc/xilinx_sdfec.h =20 XILINX TRNG DRIVER M: Mounika Botcha M: Harsh Jain S: Maintained -F: drivers/crypto/xilinx/xilinx-trng.c +F: drivers/char/hw_random/xilinx-trng.c =20 XILINX UARTLITE SERIAL DRIVER M: Peter Korsgaard L: linux-serial@vger.kernel.org S: Maintained diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig index bb930cce7233..d8fb11e4c36d 100644 --- a/arch/arm64/configs/defconfig +++ b/arch/arm64/configs/defconfig @@ -549,10 +549,11 @@ CONFIG_IPMI_HANDLER=3Dm CONFIG_IPMI_DEVICE_INTERFACE=3Dm CONFIG_IPMI_SI=3Dm CONFIG_HW_RANDOM=3Dy CONFIG_HW_RANDOM_VIRTIO=3Dy CONFIG_HW_RANDOM_QCOM=3Dm +CONFIG_HW_RANDOM_XILINX=3Dm CONFIG_TCG_TPM=3Dy CONFIG_TCG_TIS=3Dm CONFIG_TCG_TIS_SPI=3Dm CONFIG_TCG_TIS_SPI_CR50=3Dy CONFIG_TCG_TIS_I2C_CR50=3Dm @@ -1953,11 +1954,10 @@ CONFIG_CRYPTO_AES_ARM64_CE_CCM=3Dy CONFIG_CRYPTO_DEV_SUN8I_CE=3Dm CONFIG_CRYPTO_DEV_FSL_CAAM=3Dm CONFIG_CRYPTO_DEV_FSL_DPAA2_CAAM=3Dm CONFIG_CRYPTO_DEV_QCE=3Dm CONFIG_CRYPTO_DEV_TEGRA=3Dm -CONFIG_CRYPTO_DEV_XILINX_TRNG=3Dm CONFIG_CRYPTO_DEV_ZYNQMP_AES=3Dm CONFIG_CRYPTO_DEV_ZYNQMP_SHA3=3Dm CONFIG_CRYPTO_DEV_CCREE=3Dm CONFIG_CRYPTO_DEV_HISI_SEC2=3Dm CONFIG_CRYPTO_DEV_HISI_ZIP=3Dm diff --git a/drivers/char/hw_random/Kconfig b/drivers/char/hw_random/Kconfig index 7102e03dcf0a..e0a53ba558a0 100644 --- a/drivers/char/hw_random/Kconfig +++ b/drivers/char/hw_random/Kconfig @@ -624,10 +624,21 @@ config HW_RANDOM_QCOM Generator hardware found on some Qualcomm SoCs. =20 To compile this driver as a module, choose M here. The module will be called qcom-rng. If unsure, say N. =20 +config HW_RANDOM_XILINX + tristate "Support for Xilinx True Random Generator" + depends on ZYNQMP_FIRMWARE || COMPILE_TEST + select CRYPTO_LIB_SHA512 + help + Xilinx Versal SoC driver provides kernel-side support for True Random N= umber + Generator and Pseudo random Number in CTR_DRBG mode as defined in NIST = SP800-90A. + + To compile this driver as a module, choose M here: the module + will be called xilinx-trng. + endif # HW_RANDOM =20 config UML_RANDOM depends on UML select HW_RANDOM diff --git a/drivers/char/hw_random/Makefile b/drivers/char/hw_random/Makef= ile index 605ba8df5a8f..470004ad841a 100644 --- a/drivers/char/hw_random/Makefile +++ b/drivers/char/hw_random/Makefile @@ -51,5 +51,6 @@ obj-$(CONFIG_HW_RANDOM_ARM_SMCCC_TRNG) +=3D arm_smccc_trn= g.o obj-$(CONFIG_HW_RANDOM_CN10K) +=3D cn10k-rng.o obj-$(CONFIG_HW_RANDOM_POLARFIRE_SOC) +=3D mpfs-rng.o obj-$(CONFIG_HW_RANDOM_ROCKCHIP) +=3D rockchip-rng.o obj-$(CONFIG_HW_RANDOM_JH7110) +=3D jh7110-trng.o obj-$(CONFIG_HW_RANDOM_QCOM) +=3D qcom-rng.o +obj-$(CONFIG_HW_RANDOM_XILINX) +=3D xilinx-trng.o diff --git a/drivers/crypto/xilinx/xilinx-trng.c b/drivers/char/hw_random/x= ilinx-trng.c similarity index 100% rename from drivers/crypto/xilinx/xilinx-trng.c rename to drivers/char/hw_random/xilinx-trng.c diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index ad6427f08d4f..451d61b33143 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -704,22 +704,10 @@ config CRYPTO_DEV_TEGRA =20 help Select this to enable Tegra Security Engine which accelerates various AES encryption/decryption and HASH algorithms. =20 -config CRYPTO_DEV_XILINX_TRNG - tristate "Support for Xilinx True Random Generator" - depends on ZYNQMP_FIRMWARE || COMPILE_TEST - select CRYPTO_LIB_SHA512 - select HW_RANDOM - help - Xilinx Versal SoC driver provides kernel-side support for True Random N= umber - Generator and Pseudo random Number in CTR_DRBG mode as defined in NIST = SP800-90A. - - To compile this driver as a module, choose M here: the module - will be called xilinx-trng. - config CRYPTO_DEV_ZYNQMP_AES tristate "Support for Xilinx ZynqMP AES hw accelerator" depends on ZYNQMP_FIRMWARE || COMPILE_TEST select CRYPTO_AES select CRYPTO_ENGINE diff --git a/drivers/crypto/xilinx/Makefile b/drivers/crypto/xilinx/Makefile index 9b51636ef75e..730feff5b5f2 100644 --- a/drivers/crypto/xilinx/Makefile +++ b/drivers/crypto/xilinx/Makefile @@ -1,4 +1,3 @@ # SPDX-License-Identifier: GPL-2.0-only -obj-$(CONFIG_CRYPTO_DEV_XILINX_TRNG) +=3D xilinx-trng.o obj-$(CONFIG_CRYPTO_DEV_ZYNQMP_AES) +=3D zynqmp-aes-gcm.o obj-$(CONFIG_CRYPTO_DEV_ZYNQMP_SHA3) +=3D zynqmp-sha.o --=20 2.54.0