4 files changed, 319 insertions, 16 deletions
diff --git a/chip/npcx/build.mk b/chip/npcx/build.mk
index 9e046be7ec..11155af9bb 100644
--- a/chip/npcx/build.mk
+++ b/chip/npcx/build.mk
@@ -40,6 +40,7 @@ chip-$(CONFIG_CEC)+=cec.o
 # pwm functions are implemented with the fan functions
 chip-$(CONFIG_PWM)+=pwm.o
 chip-$(CONFIG_SPI)+=spi.o
+chip-$(CONFIG_RNG)+=trng.o
 chip-$(CONFIG_WATCHDOG)+=watchdog.o
 ifndef CONFIG_KEYBOARD_DISCRETE
 chip-$(HAS_TASK_KEYSCAN)+=keyboard_raw.o
diff --git a/chip/npcx/gpio-npcx9.c b/chip/npcx/gpio-npcx9.c
index 5de8ea3b0a..3a7378083c 100644
--- a/chip/npcx/gpio-npcx9.c
+++ b/chip/npcx/gpio-npcx9.c
@@ -181,21 +181,22 @@ GPIO_IRQ_FUNC(__gpio_wk1e_interrupt, WUI_INT(MIWU_TABLE_1, MIWU_GROUP_5));
 GPIO_IRQ_FUNC(__gpio_wk1f_interrupt, WUI_INT(MIWU_TABLE_1, MIWU_GROUP_6));
 GPIO_IRQ_FUNC(__gpio_wk1g_interrupt, WUI_INT(MIWU_TABLE_1, MIWU_GROUP_7));
 
-DECLARE_IRQ(NPCX_IRQ_CR_SIN2_WKINTA_0, __gpio_cr_sin2_interrupt, 3);
-DECLARE_IRQ(NPCX_IRQ_TWD_WKINTB_0, __gpio_wk0b_interrupt, 3);
-DECLARE_IRQ(NPCX_IRQ_WKINTC_0, __gpio_wk0c_interrupt, 3);
-DECLARE_IRQ(NPCX_IRQ_MTC_WKINTD_0, __gpio_rtc_interrupt, 3);
-DECLARE_IRQ(NPCX_IRQ_WKINTE_0, __gpio_host_interrupt, 3);
-DECLARE_IRQ(NPCX_IRQ_WKINTF_0, __gpio_wk0f_interrupt, 3);
-DECLARE_IRQ(NPCX_IRQ_WKINTG_0, __gpio_wk0g_interrupt, 3);
-DECLARE_IRQ(NPCX_IRQ_WKINTH_0, __gpio_wk0h_interrupt, 3);
-DECLARE_IRQ(NPCX_IRQ_WKINTA_1, __gpio_wk1a_interrupt, 3);
-DECLARE_IRQ(NPCX_IRQ_WKINTB_1, __gpio_wk1b_interrupt, 3);
+DECLARE_IRQ(NPCX_IRQ_CR_SIN2_WKINTA_0, __gpio_cr_sin2_interrupt,
+	    NPCX_MIWU0_GROUP_A);
+DECLARE_IRQ(NPCX_IRQ_TWD_WKINTB_0, __gpio_wk0b_interrupt, NPCX_MIWU0_GROUP_B);
+DECLARE_IRQ(NPCX_IRQ_WKINTC_0, __gpio_wk0c_interrupt, NPCX_MIWU0_GROUP_C);
+DECLARE_IRQ(NPCX_IRQ_MTC_WKINTD_0, __gpio_rtc_interrupt, NPCX_MIWU0_GROUP_D);
+DECLARE_IRQ(NPCX_IRQ_WKINTE_0, __gpio_host_interrupt, NPCX_MIWU0_GROUP_E);
+DECLARE_IRQ(NPCX_IRQ_WKINTF_0, __gpio_wk0f_interrupt, NPCX_MIWU0_GROUP_F);
+DECLARE_IRQ(NPCX_IRQ_WKINTG_0, __gpio_wk0g_interrupt, NPCX_MIWU0_GROUP_G);
+DECLARE_IRQ(NPCX_IRQ_WKINTH_0, __gpio_wk0h_interrupt, NPCX_MIWU0_GROUP_H);
+DECLARE_IRQ(NPCX_IRQ_WKINTA_1, __gpio_wk1a_interrupt, NPCX_MIWU1_GROUP_A);
+DECLARE_IRQ(NPCX_IRQ_WKINTB_1, __gpio_wk1b_interrupt, NPCX_MIWU1_GROUP_B);
 #ifdef NPCX_SELECT_KSI_TO_GPIO
-DECLARE_IRQ(NPCX_IRQ_KSI_WKINTC_1, __gpio_wk1c_interrupt, 3);
+DECLARE_IRQ(NPCX_IRQ_KSI_WKINTC_1, __gpio_wk1c_interrupt, NPCX_MIWU1_GROUP_C);
 #endif
-DECLARE_IRQ(NPCX_IRQ_WKINTD_1, __gpio_wk1d_interrupt, 3);
-DECLARE_IRQ(NPCX_IRQ_WKINTE_1, __gpio_wk1e_interrupt, 3);
+DECLARE_IRQ(NPCX_IRQ_WKINTD_1, __gpio_wk1d_interrupt, NPCX_MIWU1_GROUP_D);
+DECLARE_IRQ(NPCX_IRQ_WKINTE_1, __gpio_wk1e_interrupt, NPCX_MIWU1_GROUP_E);
 #ifdef CONFIG_HOST_INTERFACE_SHI
 /*
  * HACK: Make CS GPIO P2 to improve SHI reliability.
@@ -204,10 +205,10 @@ DECLARE_IRQ(NPCX_IRQ_WKINTE_1, __gpio_wk1e_interrupt, 3);
  */
 DECLARE_IRQ(NPCX_IRQ_WKINTF_1, __gpio_wk1f_interrupt, 2);
 #else
-DECLARE_IRQ(NPCX_IRQ_WKINTF_1, __gpio_wk1f_interrupt, 3);
+DECLARE_IRQ(NPCX_IRQ_WKINTF_1, __gpio_wk1f_interrupt, NPCX_MIWU1_GROUP_F);
 #endif
-DECLARE_IRQ(NPCX_IRQ_WKINTG_1, __gpio_wk1g_interrupt, 3);
-DECLARE_IRQ(NPCX_IRQ_WKINTH_1, __gpio_wk1h_interrupt, 3);
+DECLARE_IRQ(NPCX_IRQ_WKINTG_1, __gpio_wk1g_interrupt, NPCX_MIWU1_GROUP_G);
+DECLARE_IRQ(NPCX_IRQ_WKINTH_1, __gpio_wk1h_interrupt, NPCX_MIWU1_GROUP_H);
 DECLARE_IRQ(NPCX_IRQ_LCT_WKINTF_2, __gpio_lct_interrupt, 3);
 
 #undef GPIO_IRQ_FUNC
diff --git a/chip/npcx/registers.h b/chip/npcx/registers.h
index a583fb1c64..c99fb76bf3 100644
--- a/chip/npcx/registers.h
+++ b/chip/npcx/registers.h
@@ -275,6 +275,56 @@ enum {
 	MIWU_EDGE_ANYING,
 };
 
+#define NPCX_MIWU_DEFAULT_PRIORITY 3
+#ifndef NPCX_MIWU0_GROUP_A
+#define NPCX_MIWU0_GROUP_A NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU0_GROUP_B
+#define NPCX_MIWU0_GROUP_B NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU0_GROUP_C
+#define NPCX_MIWU0_GROUP_C NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU0_GROUP_D
+#define NPCX_MIWU0_GROUP_D NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU0_GROUP_E
+#define NPCX_MIWU0_GROUP_E NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU0_GROUP_F
+#define NPCX_MIWU0_GROUP_F NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU0_GROUP_G
+#define NPCX_MIWU0_GROUP_G NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU0_GROUP_H
+#define NPCX_MIWU0_GROUP_H NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU1_GROUP_A
+#define NPCX_MIWU1_GROUP_A NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU1_GROUP_B
+#define NPCX_MIWU1_GROUP_B NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU1_GROUP_C
+#define NPCX_MIWU1_GROUP_C NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU1_GROUP_D
+#define NPCX_MIWU1_GROUP_D NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU1_GROUP_E
+#define NPCX_MIWU1_GROUP_E NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU1_GROUP_F
+#define NPCX_MIWU1_GROUP_F NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU1_GROUP_G
+#define NPCX_MIWU1_GROUP_G NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+#ifndef NPCX_MIWU1_GROUP_H
+#define NPCX_MIWU1_GROUP_H NPCX_MIWU_DEFAULT_PRIORITY
+#endif
+
 /* MIWU utilities */
 #define MIWU_TABLE_WKKEY MIWU_TABLE_1
 #define MIWU_GROUP_WKKEY MIWU_GROUP_3
diff --git a/chip/npcx/trng.c b/chip/npcx/trng.c
new file mode 100644
index 0000000000..a2d7920c14
--- /dev/null
+++ b/chip/npcx/trng.c
@@ -0,0 +1,251 @@
+/* Copyright 2023 The ChromiumOS Authors
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+/* Hardware Random Number Generator */
+
+#include "common.h"
+#include "console.h"
+#include "host_command.h"
+#include "panic.h"
+#include "printf.h"
+#include "registers.h"
+#include "system.h"
+#include "task.h"
+#include "trng.h"
+#include "util.h"
+
+#define DRBG_CONTEXT_SIZE 240
+
+struct drbg_ctx {
+	union {
+		uint8_t buffer[DRBG_CONTEXT_SIZE];
+		uint32_t buffer32[DRBG_CONTEXT_SIZE / 4];
+		uint64_t buffer64[DRBG_CONTEXT_SIZE / 8];
+	};
+} __aligned(16);
+
+struct drbg_ctx ctx;
+struct drbg_ctx *ctx_p = &ctx;
+
+enum ncl_status {
+	NCL_STATUS_OK = 0xA5A5,
+	NCL_STATUS_FAIL = 0x5A5A,
+	NCL_STATUS_INVALID_PARAM = 0x02,
+	NCL_STATUS_PARAM_NOT_SUPPORTED,
+	NCL_STATUS_SYSTEM_BUSY,
+	NCL_STATUS_AUTHENTICATION_FAIL,
+	NCL_STATUS_NO_RESPONSE,
+	NCL_STATUS_HARDWARE_ERROR,
+};
+
+/*
+ * This enum defines the security strengths supported by this DRBG mechanism.
+ * The internally generated entropy and nonce sizes are derived from these
+ * values. The supported actual sizes:
+ *       Security strength (bits)    112 128 192 256 128_Test 256_Test
+ *
+ *       Entropy size (Bytes)        32  48  64  96  111      128
+ *       Nonce size (Bytes)          16  16  24  32  16       0
+ */
+enum ncl_drbg_security_strength {
+	NCL_DRBG_SECURITY_STRENGTH_112b = 0,
+	NCL_DRBG_SECURITY_STRENGTH_128b,
+	NCL_DRBG_SECURITY_STRENGTH_192b,
+	NCL_DRBG_SECURITY_STRENGTH_256b,
+	NCL_DRBG_SECURITY_STRENGTH_128b_TEST,
+	NCL_DRBG_SECURITY_STRENGTH_256b_TEST,
+	NCL_DRBG_MAX_SECURITY_STRENGTH
+};
+
+/* The actual base address is 13C but we only need the SHA power function */
+#define NCL_SHA_BASE_ADDR 0x0000015CUL
+struct ncl_sha {
+	/* Power on/off SHA module. */
+	enum ncl_status (*power)(void *ctx, uint8_t on);
+};
+#define NCL_SHA ((const struct ncl_sha *)NCL_SHA_BASE_ADDR)
+
+/*
+ * The base address of the table that holds the function pointer for each
+ * DRBG API in ROM.
+ */
+#define NCL_DRBG_BASE_ADDR 0x00000110UL
+struct ncl_drbg {
+	/* Get the DRBG context size required by DRBG APIs. */
+	uint32_t (*get_context_size)(void);
+	/* Initialize DRBG context. */
+	enum ncl_status (*init_context)(void *ctx);
+	/* Power on/off DRBG module. */
+	enum ncl_status (*power)(void *ctx, uint8_t on);
+	/* Finalize DRBG context. */
+	enum ncl_status (*finalize_context)(void *ctx);
+	/* Initialize the DRBG hardware module and enable interrupts. */
+	enum ncl_status (*init)(void *ctx, bool int_enable);
+	/*
+	 * Configure DRBG, pres_resistance enables/disables (1/0) prediction
+	 * resistance
+	 */
+	enum ncl_status (*config)(void *ctx, uint32_t reseed_interval,
+				  uint8_t pred_resistance);
+	/*
+	 * This routine creates a first instantiation of the DRBG mechanism
+	 * parameters. The routine pulls an initial seed from the HW RNG module
+	 * and resets the reseed counter. DRBG and SHA modules should be
+	 * activated prior to the this operation.
+	 */
+	enum ncl_status (*instantiate)(
+		void *ctx, enum ncl_drbg_security_strength sec_strength,
+		const uint8_t *pers_string, uint32_t pers_string_len);
+	/* Uninstantiate DRBG module */
+	enum ncl_status (*uninstantiate)(void *ctx);
+	/* Reseeds the internal state of the given instantce */
+	enum ncl_status (*reseed)(void *ctc, uint8_t *add_data,
+				  uint32_t add_data_len);
+	/* Generates a random number from the current internal state. */
+	enum ncl_status (*generate)(void *ctx, const uint8_t *add_data,
+				    uint32_t add_data_len, uint8_t *out_buff,
+				    uint32_t out_buff_len);
+	/* Clear all DRBG SSPs (Sensitive Security Parameters) in HW & driver */
+	enum ncl_status (*clear)(void *ctx);
+};
+#define NCL_DRBG ((const struct ncl_drbg *)NCL_DRBG_BASE_ADDR)
+
+struct npcx_trng_state {
+	enum ncl_status trng_init;
+};
+struct npcx_trng_state trng_state;
+struct npcx_trng_state *state_p = &trng_state;
+
+test_mockable void trng_init(void)
+{
+#ifndef CHIP_VARIANT_NPCX9M8S
+#error "Please add support for CONFIG_RNG on this chip family."
+#endif
+
+	uint32_t context_size = 0;
+
+	state_p->trng_init = NCL_STATUS_FAIL;
+
+	context_size = NCL_DRBG->get_context_size();
+	if (context_size != DRBG_CONTEXT_SIZE)
+		ccprintf("ERROR! Unexpected NCL DRBG context_size = %d\n",
+			 context_size);
+
+	state_p->trng_init = NCL_DRBG->power(ctx_p, true);
+	if (state_p->trng_init != NCL_STATUS_OK) {
+		ccprintf("ERROR! DRBG power returned %x\n", state_p->trng_init);
+		return;
+	}
+
+	state_p->trng_init = NCL_SHA->power(ctx_p, true);
+	if (state_p->trng_init != NCL_STATUS_OK) {
+		ccprintf("ERROR! SHA power returned %x\n", state_p->trng_init);
+		return;
+	}
+
+	state_p->trng_init = NCL_DRBG->init_context(ctx_p);
+	if (state_p->trng_init != NCL_STATUS_OK) {
+		ccprintf("ERROR! DRBG init_context returned %x\r",
+			 state_p->trng_init);
+		return;
+	}
+
+	state_p->trng_init = NCL_DRBG->init(ctx_p, 0);
+	if (state_p->trng_init != NCL_STATUS_OK) {
+		ccprintf("ERROR! DRBG init returned %x\r", state_p->trng_init);
+		return;
+	}
+
+	state_p->trng_init = NCL_DRBG->config(ctx_p, 100, false);
+	if (state_p->trng_init != NCL_STATUS_OK) {
+		ccprintf("ERROR! DRBG config returned %x\r",
+			 state_p->trng_init);
+		return;
+	}
+
+	state_p->trng_init = NCL_DRBG->instantiate(
+		ctx_p, NCL_DRBG_SECURITY_STRENGTH_128b, NULL, 0);
+	if (state_p->trng_init != NCL_STATUS_OK) {
+		ccprintf("ERROR! DRBG instantiate returned %x\r",
+			 state_p->trng_init);
+		return;
+	}
+
+	state_p->trng_init = NCL_DRBG->power(ctx_p, false);
+	if (state_p->trng_init != NCL_STATUS_OK) {
+		ccprintf("ERROR! DRBG power returned %x\n", state_p->trng_init);
+		return;
+	}
+
+	state_p->trng_init = NCL_SHA->power(ctx_p, false);
+	if (state_p->trng_init != NCL_STATUS_OK) {
+		ccprintf("ERROR! SHA power returned %x\n", state_p->trng_init);
+		return;
+	}
+}
+
+uint32_t trng_rand(void)
+{
+	uint32_t return_value;
+	enum ncl_status status = NCL_STATUS_FAIL;
+
+	/* Don't attempt generate and panic if initialization failed */
+	if (state_p->trng_init != NCL_STATUS_OK)
+		software_panic(PANIC_SW_BAD_RNG, task_get_current());
+
+	status = NCL_DRBG->power(ctx_p, true);
+	if (status != NCL_STATUS_OK) {
+		ccprintf("ERROR! DRBG power returned %x\n", status);
+		software_panic(PANIC_SW_BAD_RNG, task_get_current());
+	}
+
+	status = NCL_SHA->power(ctx_p, true);
+	if (status != NCL_STATUS_OK) {
+		ccprintf("ERROR! SHA power returned %x\n", status);
+		software_panic(PANIC_SW_BAD_RNG, task_get_current());
+	}
+
+	status = NCL_DRBG->generate(NULL, NULL, 0, (uint8_t *)&return_value, 4);
+	if (status != NCL_STATUS_OK) {
+		ccprintf("ERROR! DRBG generate returned %x\r", status);
+		software_panic(PANIC_SW_BAD_RNG, task_get_current());
+	}
+
+	/*
+	 * Failing to turn off the blocks has power implications but wouldn't
+	 * result in feeding the caller a bad result, hence no panics enabled
+	 * for failing to turn off the hardware
+	 */
+	status = NCL_DRBG->power(ctx_p, false);
+	if (status != NCL_STATUS_OK)
+		ccprintf("ERROR! DRBG power returned %x\n", status);
+
+	status = NCL_SHA->power(ctx_p, false);
+	if (status != NCL_STATUS_OK)
+		ccprintf("ERROR! SHA power returned %x\n", status);
+
+	return return_value;
+}
+
+test_mockable void trng_exit(void)
+{
+	enum ncl_status status = NCL_STATUS_FAIL;
+
+	status = NCL_DRBG->clear(ctx_p);
+	if (status != NCL_STATUS_OK)
+		ccprintf("ERROR! DRBG clear returned %x\r", status);
+
+	status = NCL_DRBG->uninstantiate(ctx_p);
+	if (status != NCL_STATUS_OK)
+		ccprintf("ERROR! DRBG uninstantiate returned %x\r", status);
+
+	status = NCL_DRBG->power(ctx_p, false);
+	if (status != NCL_STATUS_OK)
+		ccprintf("ERROR! DRBG power returned %x\n", status);
+
+	status = NCL_SHA->power(ctx_p, false);
+	if (status != NCL_STATUS_OK)
+		ccprintf("ERROR! SHA power returned %x\n", status);
+}