cr50: update TRNG resets

It seems we have relatively high number of devices with slow TRNG,
mostly Octopus and Grunt platforms. To mitigate potential issues
increased TRNG reset counts from 8 to 16 to give a chance to recover,
and updated recording of TRNG stall to record only first occurrence
of stall per 32-bit.

BUG=b:211648605
TEST=test/tpm_test/nist_entropy.sh - loads TRNG

Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I11d0e9ca2955894b2ed95dbfbf71ad8ff153c53e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3358466
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>

1 files changed, 12 insertions, 6 deletions

diff --git a/board/cr50/dcrypto/trng.c b/board/cr50/dcrypto/trng.c
index 31ea4e6ba3..53b448499b 100644
--- a/board/cr50/dcrypto/trng.c
+++ b/board/cr50/dcrypto/trng.c
@@ -43,7 +43,7 @@ static volatile struct trng_reg *reg_trng = (void *)(GC_TRNG_BASE_ADDR);
 /**
  * Number of attempts to reset TRNG after stall is detected.
  */
-#define TRNG_RESET_COUNT 8
+#define TRNG_RESET_COUNT 16
 
 void fips_init_trng(void)
 {
@@ -127,13 +127,19 @@ uint64_t read_rand(void)
 		    empty_count > TRNG_EMPTY_COUNT) {
 			/* TRNG timed out, restart */
 			reg_trng->stop_work = 1;
-#ifdef CONFIG_FLASH_LOG
-			fips_vtable->flash_log_add_event(FE_LOG_TRNG_STALL, 0,
-							 NULL);
-#endif
-			reg_trng->go_event = 1;
 			empty_count = 0;
 			reset_count++;
+			reg_trng->go_event = 1;
+#ifdef CONFIG_FLASH_LOG
+			/**
+			 * Log stall only first time. Placing it after TRNG
+			 * go_event increase a chance to get random in case
+			 * of slow TRNG.
+			 */
+			if (reset_count == 1)
+				fips_vtable->flash_log_add_event(
+					FE_LOG_TRNG_STALL, 0, NULL);
+#endif
 		}
 		empty_count++;
 	}