From ae6151720c4f1e4901c957128dbc7e59bbcd220b Mon Sep 17 00:00:00 2001 From: Vadim Sukhomlinov Date: Wed, 29 Dec 2021 11:32:48 -0800 Subject: cr50: update TRNG resets It seems we have relatively high number of devices with slow TRNG, mostly Octopus and Grunt platforms. To mitigate potential issues increased TRNG reset counts from 8 to 16 to give a chance to recover, and updated recording of TRNG stall to record only first occurrence of stall per 32-bit. BUG=b:211648605 TEST=test/tpm_test/nist_entropy.sh - loads TRNG Signed-off-by: Vadim Sukhomlinov Change-Id: I11d0e9ca2955894b2ed95dbfbf71ad8ff153c53e Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3358466 Reviewed-by: Vadim Sukhomlinov Tested-by: Vadim Sukhomlinov Reviewed-by: Andrey Pronin Commit-Queue: Vadim Sukhomlinov --- board/cr50/dcrypto/trng.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/board/cr50/dcrypto/trng.c b/board/cr50/dcrypto/trng.c index 31ea4e6ba3..53b448499b 100644 --- a/board/cr50/dcrypto/trng.c +++ b/board/cr50/dcrypto/trng.c @@ -43,7 +43,7 @@ static volatile struct trng_reg *reg_trng = (void *)(GC_TRNG_BASE_ADDR); /** * Number of attempts to reset TRNG after stall is detected. */ -#define TRNG_RESET_COUNT 8 +#define TRNG_RESET_COUNT 16 void fips_init_trng(void) { @@ -127,13 +127,19 @@ uint64_t read_rand(void) empty_count > TRNG_EMPTY_COUNT) { /* TRNG timed out, restart */ reg_trng->stop_work = 1; -#ifdef CONFIG_FLASH_LOG - fips_vtable->flash_log_add_event(FE_LOG_TRNG_STALL, 0, - NULL); -#endif - reg_trng->go_event = 1; empty_count = 0; reset_count++; + reg_trng->go_event = 1; +#ifdef CONFIG_FLASH_LOG + /** + * Log stall only first time. Placing it after TRNG + * go_event increase a chance to get random in case + * of slow TRNG. + */ + if (reset_count == 1) + fips_vtable->flash_log_add_event( + FE_LOG_TRNG_STALL, 0, NULL); +#endif } empty_count++; } -- cgit v1.2.1