[PATCH v4 0/3] MediaTek Security random number generator support

[PATCH v4 0/3] MediaTek Security random number generator support

[Neal Liu]

These patch series introduce a generic rng driver for Trustzone
based kernel driver which would like to communicate with ATF
SIP services.

Patch #1 initials SMC fid table for Mediatek SIP interfaces and
adds HWRNG related SMC call.

Patch #2..3 adds mtk-sec-rng kernel driver for Trustzone based SoCs.
For MediaTek SoCs on ARMv8 with TrustZone enabled, peripherals like
entropy sources is not accessible from normal world (linux) and
rather accessible from secure world (ATF/TEE) only. This driver aims
to provide a generic interface to ATF rng service.


changes since v1:
- rename mt67xx-rng to mtk-sec-rng since all MediaTek ARMv8 SoCs
can reuse this driver.
- refine coding style and unnecessary check.

changes since v2:
- remove unused comments.
- remove redundant variable.

changes since v3:
- add dt-bindings for MediaTek rng with TrustZone enabled
- revise HWRNG SMC call fid


Neal Liu (3):
  soc: mediatek: add SMC fid table for SIP interface
  dt-bindings: rng: add bindings for MediaTek ARMv8 SoCs
  hwrng: add mtk-sec-rng driver

 .../devicetree/bindings/rng/mtk-sec-rng.txt   | 10 ++
 drivers/char/hw_random/Kconfig                | 16 +++
 drivers/char/hw_random/Makefile               |  1 +
 drivers/char/hw_random/mtk-sec-rng.c          | 97 +++++++++++++++++++
 include/linux/soc/mediatek/mtk_sip_svc.h      | 33 +++++++
 5 files changed, 157 insertions(+)
 create mode 100644 Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
 create mode 100644 drivers/char/hw_random/mtk-sec-rng.c
 create mode 100644 include/linux/soc/mediatek/mtk_sip_svc.h

-- 
2.18.0

[PATCH v4 1/3] soc: mediatek: add SMC fid table for SIP interface

[Neal Liu]

1. Add a header file to provide SIP interface to ATF
2. Add hwrng SMC fid

Signed-off-by: Neal Liu <neal.liu@mediatek.com>
---
 include/linux/soc/mediatek/mtk_sip_svc.h |   33 ++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 include/linux/soc/mediatek/mtk_sip_svc.h

diff --git a/include/linux/soc/mediatek/mtk_sip_svc.h b/include/linux/soc/mediatek/mtk_sip_svc.h
new file mode 100644
index 0000000..8cc8b5c
--- /dev/null
+++ b/include/linux/soc/mediatek/mtk_sip_svc.h
@@ -0,0 +1,33 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (c) 2019 MediaTek Inc.
+ */
+
+#ifndef _MTK_SECURE_API_H_
+#define _MTK_SECURE_API_H_
+
+#include <linux/kernel.h>
+
+/* Error Code */
+#define SIP_SVC_E_SUCCESS		0
+#define SIP_SVC_E_NOT_SUPPORTED		-1
+#define SIP_SVC_E_INVALID_PARAMS	-2
+#define SIP_SVC_E_INVALID_RANGE		-3
+#define SIP_SVC_E_PERMISSION_DENY	-4
+
+#ifdef CONFIG_ARM64
+#define MTK_SIP_SMC_AARCH_BIT		BIT(30)
+#else
+#define MTK_SIP_SMC_AARCH_BIT		0
+#endif
+
+/*******************************************************************************
+ * Defines for Mediatek runtime services func ids
+ ******************************************************************************/
+
+/* Security related SMC call */
+/* HWRNG */
+#define MTK_SIP_KERNEL_GET_RND \
+	(0x8200026A | MTK_SIP_SMC_AARCH_BIT)
+
+#endif /* _MTK_SECURE_API_H_ */
-- 
1.7.9.5

[PATCH v4 2/3] dt-bindings: rng: add bindings for MediaTek ARMv8 SoCs

[Neal Liu]

Document the binding used by the MediaTek ARMv8 SoCs random
number generator with TrustZone enabled.

Signed-off-by: Neal Liu <neal.liu@mediatek.com>
---
 .../devicetree/bindings/rng/mtk-sec-rng.txt        |   10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 Documentation/devicetree/bindings/rng/mtk-sec-rng.txt

diff --git a/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
new file mode 100644
index 0000000..c04ce15
--- /dev/null
+++ b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
@@ -0,0 +1,10 @@
+MediaTek random number generator with TrustZone enabled
+
+Required properties:
+- compatible : Should be "mediatek,mtk-sec-rng"
+
+Example:
+
+hwrng: hwrng {
+	compatible = "mediatek,mtk-sec-rng";
+}
-- 
1.7.9.5

[PATCH v4 3/3] hwrng: add mtk-sec-rng driver

[Neal Liu]

For MediaTek SoCs on ARMv8 with TrustZone enabled, peripherals like
entropy sources is not accessible from normal world (linux) and
rather accessible from secure world (ATF/TEE) only. This driver aims
to provide a generic interface to ATF rng service.

Signed-off-by: Neal Liu <neal.liu@mediatek.com>
---
 drivers/char/hw_random/Kconfig       |   16 ++++++
 drivers/char/hw_random/Makefile      |    1 +
 drivers/char/hw_random/mtk-sec-rng.c |   97 ++++++++++++++++++++++++++++++++++
 3 files changed, 114 insertions(+)
 create mode 100644 drivers/char/hw_random/mtk-sec-rng.c

diff --git a/drivers/char/hw_random/Kconfig b/drivers/char/hw_random/Kconfig
index 25a7d8f..6c82a3b 100644
--- a/drivers/char/hw_random/Kconfig
+++ b/drivers/char/hw_random/Kconfig
@@ -398,6 +398,22 @@ config HW_RANDOM_MTK
 
 	  If unsure, say Y.
 
+config HW_RANDOM_MTK_SEC
+	tristate "MediaTek Security Random Number Generator support"
+	depends on HW_RANDOM
+	depends on ARCH_MEDIATEK || COMPILE_TEST
+	default HW_RANDOM
+	help
+	  This driver provides kernel-side support for the Random Number
+	  Generator hardware found on MediaTek SoCs. The difference with
+	  mtk-rng is the Random Number Generator hardware is secure
+	  access only.
+
+	  To compile this driver as a module, choose M here. the
+	  module will be called mtk-sec-rng.
+
+	  If unsure, say Y.
+
 config HW_RANDOM_S390
 	tristate "S390 True Random Number Generator support"
 	depends on S390
diff --git a/drivers/char/hw_random/Makefile b/drivers/char/hw_random/Makefile
index 7c9ef4a..0ae4993 100644
--- a/drivers/char/hw_random/Makefile
+++ b/drivers/char/hw_random/Makefile
@@ -36,6 +36,7 @@ obj-$(CONFIG_HW_RANDOM_PIC32) += pic32-rng.o
 obj-$(CONFIG_HW_RANDOM_MESON) += meson-rng.o
 obj-$(CONFIG_HW_RANDOM_CAVIUM) += cavium-rng.o cavium-rng-vf.o
 obj-$(CONFIG_HW_RANDOM_MTK)	+= mtk-rng.o
+obj-$(CONFIG_HW_RANDOM_MTK_SEC) += mtk-sec-rng.o
 obj-$(CONFIG_HW_RANDOM_S390) += s390-trng.o
 obj-$(CONFIG_HW_RANDOM_KEYSTONE) += ks-sa-rng.o
 obj-$(CONFIG_HW_RANDOM_OPTEE) += optee-rng.o
diff --git a/drivers/char/hw_random/mtk-sec-rng.c b/drivers/char/hw_random/mtk-sec-rng.c
new file mode 100644
index 0000000..ecd2e29
--- /dev/null
+++ b/drivers/char/hw_random/mtk-sec-rng.c
@@ -0,0 +1,97 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) 2019 MediaTek Inc.
+ */
+
+#include <linux/arm-smccc.h>
+#include <linux/hw_random.h>
+#include <linux/module.h>
+#include <linux/of.h>
+#include <linux/platform_device.h>
+#include <linux/soc/mediatek/mtk_sip_svc.h>
+
+#define MT67XX_RNG_MAGIC	0x74726e67
+#define SMC_RET_NUM		4
+#define MTK_SEC_RND_SIZE	(sizeof(u32) * SMC_RET_NUM)
+
+struct mtk_sec_rng_priv {
+	struct hwrng rng;
+};
+
+static void mtk_sec_get_rnd(uint32_t *val)
+{
+	struct arm_smccc_res res;
+
+	arm_smccc_smc(MTK_SIP_KERNEL_GET_RND,
+		      MT67XX_RNG_MAGIC, 0, 0, 0, 0, 0, 0, &res);
+
+	val[0] = res.a0;
+	val[1] = res.a1;
+	val[2] = res.a2;
+	val[3] = res.a3;
+}
+
+static int mtk_sec_rng_read(struct hwrng *rng, void *buf, size_t max, bool wait)
+{
+	u32 val[4] = {0};
+	int retval = 0;
+	int i;
+
+	while (max >= MTK_SEC_RND_SIZE) {
+		mtk_sec_get_rnd(val);
+
+		for (i = 0; i < SMC_RET_NUM; i++) {
+			*(u32 *)buf = val[i];
+			buf += sizeof(u32);
+		}
+
+		retval += MTK_SEC_RND_SIZE;
+		max -= MTK_SEC_RND_SIZE;
+	}
+
+	return retval;
+}
+
+static int mtk_sec_rng_probe(struct platform_device *pdev)
+{
+	struct mtk_sec_rng_priv *priv;
+	int ret;
+
+	priv = devm_kzalloc(&pdev->dev, sizeof(*priv), GFP_KERNEL);
+	if (!priv)
+		return -ENOMEM;
+
+	priv->rng.name = pdev->name;
+	priv->rng.read = mtk_sec_rng_read;
+	priv->rng.priv = (unsigned long)&pdev->dev;
+	priv->rng.quality = 900;
+
+	ret = devm_hwrng_register(&pdev->dev, &priv->rng);
+	if (ret) {
+		dev_err(&pdev->dev, "failed to register rng device: %d\n", ret);
+		return ret;
+	}
+
+	return 0;
+}
+
+static const struct of_device_id mtk_sec_rng_match[] = {
+	{ .compatible = "mediatek,mtk-sec-rng", },
+	{}
+};
+MODULE_DEVICE_TABLE(of, mtk_sec_rng_match);
+
+static struct platform_driver mtk_sec_rng_driver = {
+	.probe = mtk_sec_rng_probe,
+	.driver = {
+		.name = KBUILD_MODNAME,
+		.owner = THIS_MODULE,
+		.of_match_table = mtk_sec_rng_match,
+	},
+};
+
+module_platform_driver(mtk_sec_rng_driver);
+
+MODULE_DESCRIPTION("MediaTek Security Random Number Generator Driver");
+MODULE_AUTHOR("Neal Liu <neal.liu@mediatek.com>");
+MODULE_LICENSE("GPL");
-- 
1.7.9.5

Re: [PATCH v4 0/3] MediaTek Security random number generator support

[Neal Liu]

Dear Matthias, Rob, Mark,
	Just gentle ping.
	Thanks


On Mon, 2019-06-24 at 15:24 +0800, Neal Liu wrote:
> These patch series introduce a generic rng driver for Trustzone
> based kernel driver which would like to communicate with ATF
> SIP services.
> 
> Patch #1 initials SMC fid table for Mediatek SIP interfaces and
> adds HWRNG related SMC call.
> 
> Patch #2..3 adds mtk-sec-rng kernel driver for Trustzone based SoCs.
> For MediaTek SoCs on ARMv8 with TrustZone enabled, peripherals like
> entropy sources is not accessible from normal world (linux) and
> rather accessible from secure world (ATF/TEE) only. This driver aims
> to provide a generic interface to ATF rng service.
> 
> 
> changes since v1:
> - rename mt67xx-rng to mtk-sec-rng since all MediaTek ARMv8 SoCs
> can reuse this driver.
> - refine coding style and unnecessary check.
> 
> changes since v2:
> - remove unused comments.
> - remove redundant variable.
> 
> changes since v3:
> - add dt-bindings for MediaTek rng with TrustZone enabled
> - revise HWRNG SMC call fid
> 
> 
> Neal Liu (3):
>   soc: mediatek: add SMC fid table for SIP interface
>   dt-bindings: rng: add bindings for MediaTek ARMv8 SoCs
>   hwrng: add mtk-sec-rng driver
> 
>  .../devicetree/bindings/rng/mtk-sec-rng.txt   | 10 ++
>  drivers/char/hw_random/Kconfig                | 16 +++
>  drivers/char/hw_random/Makefile               |  1 +
>  drivers/char/hw_random/mtk-sec-rng.c          | 97 +++++++++++++++++++
>  include/linux/soc/mediatek/mtk_sip_svc.h      | 33 +++++++
>  5 files changed, 157 insertions(+)
>  create mode 100644 Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
>  create mode 100644 drivers/char/hw_random/mtk-sec-rng.c
>  create mode 100644 include/linux/soc/mediatek/mtk_sip_svc.h
> 

Re: [PATCH v4 2/3] dt-bindings: rng: add bindings for MediaTek ARMv8 SoCs

[Rob Herring]

On Mon, Jun 24, 2019 at 03:24:11PM +0800, Neal Liu wrote:
> Document the binding used by the MediaTek ARMv8 SoCs random
> number generator with TrustZone enabled.
> 
> Signed-off-by: Neal Liu <neal.liu@mediatek.com>
> ---
>  .../devicetree/bindings/rng/mtk-sec-rng.txt        |   10 ++++++++++
>  1 file changed, 10 insertions(+)
>  create mode 100644 Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> 
> diff --git a/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> new file mode 100644
> index 0000000..c04ce15
> --- /dev/null
> +++ b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> @@ -0,0 +1,10 @@
> +MediaTek random number generator with TrustZone enabled
> +
> +Required properties:
> +- compatible : Should be "mediatek,mtk-sec-rng"

What's the interface to access this? 

A node with a 'compatible' and nothing else is a sign of something that 
a parent device should instantiate and doesn't need to be in DT. IOW, 
what do complete bindings for firmware functions look like?

> +
> +Example:
> +
> +hwrng: hwrng {
> +	compatible = "mediatek,mtk-sec-rng";
> +}
> -- 
> 1.7.9.5
> 

Re: [PATCH v4 2/3] dt-bindings: rng: add bindings for MediaTek ARMv8 SoCs

[Neal Liu]

Dear Rob,
	You can check my driver for detail:
	http://patchwork.kernel.org/patch/11012475/ or patchset 3/3

	This driver is registered as hardware random number generator, and
combines with rng-core.
	We want to add one rng hw based on the dts. Is this proper or do you
have other suggestion to meet this requirement?

	Thanks


On Tue, 2019-07-23 at 01:13 +0800, Rob Herring wrote:
> On Mon, Jun 24, 2019 at 03:24:11PM +0800, Neal Liu wrote:
> > Document the binding used by the MediaTek ARMv8 SoCs random
> > number generator with TrustZone enabled.
> > 
> > Signed-off-by: Neal Liu <neal.liu@mediatek.com>
> > ---
> >  .../devicetree/bindings/rng/mtk-sec-rng.txt        |   10 ++++++++++
> >  1 file changed, 10 insertions(+)
> >  create mode 100644 Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > 
> > diff --git a/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > new file mode 100644
> > index 0000000..c04ce15
> > --- /dev/null
> > +++ b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > @@ -0,0 +1,10 @@
> > +MediaTek random number generator with TrustZone enabled
> > +
> > +Required properties:
> > +- compatible : Should be "mediatek,mtk-sec-rng"
> 
> What's the interface to access this? 
> 
> A node with a 'compatible' and nothing else is a sign of something that 
> a parent device should instantiate and doesn't need to be in DT. IOW, 
> what do complete bindings for firmware functions look like?
> 
> > +
> > +Example:
> > +
> > +hwrng: hwrng {
> > +	compatible = "mediatek,mtk-sec-rng";
> > +}
> > -- 
> > 1.7.9.5
> > 
> 
> _______________________________________________
> Linux-mediatek mailing list
> Linux-mediatek@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-mediatek

Re: [PATCH v4 2/3] dt-bindings: rng: add bindings for MediaTek ARMv8 SoCs

[Rob Herring]

On Mon, Jul 22, 2019 at 8:21 PM Neal Liu <neal.liu@mediatek.com> wrote:
>

Please don't top post to lists.

> Dear Rob,
>         You can check my driver for detail:
>         http://patchwork.kernel.org/patch/11012475/ or patchset 3/3

I could, or you could just answer my question.

>
>         This driver is registered as hardware random number generator, and
> combines with rng-core.
>         We want to add one rng hw based on the dts. Is this proper or do you
> have other suggestion to meet this requirement?

It depends. There doesn't appear to be any resource configuration, so
why does it need to be in DT. DT is not the only way instantiate
drivers.

Rob

>
>         Thanks
>
>
> On Tue, 2019-07-23 at 01:13 +0800, Rob Herring wrote:
> > On Mon, Jun 24, 2019 at 03:24:11PM +0800, Neal Liu wrote:
> > > Document the binding used by the MediaTek ARMv8 SoCs random
> > > number generator with TrustZone enabled.
> > >
> > > Signed-off-by: Neal Liu <neal.liu@mediatek.com>
> > > ---
> > >  .../devicetree/bindings/rng/mtk-sec-rng.txt        |   10 ++++++++++
> > >  1 file changed, 10 insertions(+)
> > >  create mode 100644 Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > >
> > > diff --git a/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > > new file mode 100644
> > > index 0000000..c04ce15
> > > --- /dev/null
> > > +++ b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > > @@ -0,0 +1,10 @@
> > > +MediaTek random number generator with TrustZone enabled
> > > +
> > > +Required properties:
> > > +- compatible : Should be "mediatek,mtk-sec-rng"
> >
> > What's the interface to access this?
> >
> > A node with a 'compatible' and nothing else is a sign of something that
> > a parent device should instantiate and doesn't need to be in DT. IOW,
> > what do complete bindings for firmware functions look like?
> >
> > > +
> > > +Example:
> > > +
> > > +hwrng: hwrng {
> > > +   compatible = "mediatek,mtk-sec-rng";
> > > +}
> > > --
> > > 1.7.9.5
> > >
> >
> > _______________________________________________
> > Linux-mediatek mailing list
> > Linux-mediatek@lists.infradead.org
> > http://lists.infradead.org/mailman/listinfo/linux-mediatek
>
>

Re: [PATCH v4 2/3] dt-bindings: rng: add bindings for MediaTek ARMv8 SoCs

[Neal Liu]

On Tue, 2019-07-23 at 08:35 -0600, Rob Herring wrote:
> On Mon, Jul 22, 2019 at 8:21 PM Neal Liu <neal.liu@mediatek.com> wrote:
> >
> 
> Please don't top post to lists.
> 
> > Dear Rob,
> >         You can check my driver for detail:
> >         http://patchwork.kernel.org/patch/11012475/ or patchset 3/3
> 
> I could, or you could just answer my question.
> 
> >
> >         This driver is registered as hardware random number generator, and
> > combines with rng-core.
> >         We want to add one rng hw based on the dts. Is this proper or do you
> > have other suggestion to meet this requirement?
> 
> It depends. There doesn't appear to be any resource configuration, so
> why does it need to be in DT. DT is not the only way instantiate
> drivers.
> 
> Rob

This hwrng is only supported on some chipsets. It needs DT to identify
which platform is supported or not. Is there any better idea to meet
this requirement?

Neal

> >
> >         Thanks
> >
> >
> > On Tue, 2019-07-23 at 01:13 +0800, Rob Herring wrote:
> > > On Mon, Jun 24, 2019 at 03:24:11PM +0800, Neal Liu wrote:
> > > > Document the binding used by the MediaTek ARMv8 SoCs random
> > > > number generator with TrustZone enabled.
> > > >
> > > > Signed-off-by: Neal Liu <neal.liu@mediatek.com>
> > > > ---
> > > >  .../devicetree/bindings/rng/mtk-sec-rng.txt        |   10 ++++++++++
> > > >  1 file changed, 10 insertions(+)
> > > >  create mode 100644 Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > > >
> > > > diff --git a/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > > > new file mode 100644
> > > > index 0000000..c04ce15
> > > > --- /dev/null
> > > > +++ b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > > > @@ -0,0 +1,10 @@
> > > > +MediaTek random number generator with TrustZone enabled
> > > > +
> > > > +Required properties:
> > > > +- compatible : Should be "mediatek,mtk-sec-rng"
> > >
> > > What's the interface to access this?
> > >
> > > A node with a 'compatible' and nothing else is a sign of something that
> > > a parent device should instantiate and doesn't need to be in DT. IOW,
> > > what do complete bindings for firmware functions look like?
> > >
> > > > +
> > > > +Example:
> > > > +
> > > > +hwrng: hwrng {
> > > > +   compatible = "mediatek,mtk-sec-rng";
> > > > +}
> > > > --
> > > > 1.7.9.5
> > > >
> > >
> > > _______________________________________________
> > > Linux-mediatek mailing list
> > > Linux-mediatek@lists.infradead.org
> > > http://lists.infradead.org/mailman/listinfo/linux-mediatek
> >
> >

Re: [PATCH v4 0/3] MediaTek Security random number generator support

[Neal Liu]

Dear Matthias, Rob, Mark,
	Just gentle ping.
	Thanks


> On Mon, 2019-06-24 at 15:24 +0800, Neal Liu wrote:
> > These patch series introduce a generic rng driver for Trustzone
> > based kernel driver which would like to communicate with ATF
> > SIP services.
> > 
> > Patch #1 initials SMC fid table for Mediatek SIP interfaces and
> > adds HWRNG related SMC call.
> > 
> > Patch #2..3 adds mtk-sec-rng kernel driver for Trustzone based SoCs.
> > For MediaTek SoCs on ARMv8 with TrustZone enabled, peripherals like
> > entropy sources is not accessible from normal world (linux) and
> > rather accessible from secure world (ATF/TEE) only. This driver aims
> > to provide a generic interface to ATF rng service.
> > 
> > 
> > changes since v1:
> > - rename mt67xx-rng to mtk-sec-rng since all MediaTek ARMv8 SoCs
> > can reuse this driver.
> > - refine coding style and unnecessary check.
> > 
> > changes since v2:
> > - remove unused comments.
> > - remove redundant variable.
> > 
> > changes since v3:
> > - add dt-bindings for MediaTek rng with TrustZone enabled
> > - revise HWRNG SMC call fid
> > 
> > 
> > Neal Liu (3):
> >   soc: mediatek: add SMC fid table for SIP interface
> >   dt-bindings: rng: add bindings for MediaTek ARMv8 SoCs
> >   hwrng: add mtk-sec-rng driver
> > 
> >  .../devicetree/bindings/rng/mtk-sec-rng.txt   | 10 ++
> >  drivers/char/hw_random/Kconfig                | 16 +++
> >  drivers/char/hw_random/Makefile               |  1 +
> >  drivers/char/hw_random/mtk-sec-rng.c          | 97 +++++++++++++++++++
> >  include/linux/soc/mediatek/mtk_sip_svc.h      | 33 +++++++
> >  5 files changed, 157 insertions(+)
> >  create mode 100644 Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> >  create mode 100644 drivers/char/hw_random/mtk-sec-rng.c
> >  create mode 100644 include/linux/soc/mediatek/mtk_sip_svc.h
> > 
> 

Re: [PATCH v4 2/3] dt-bindings: rng: add bindings for MediaTek ARMv8 SoCs

[Neal Liu]

On Tue, 2019-07-23 at 22:35 +0800, Rob Herring wrote:
> On Mon, Jul 22, 2019 at 8:21 PM Neal Liu <neal.liu@mediatek.com> wrote:
> >
> 
> Please don't top post to lists.
> 
> > Dear Rob,
> >         You can check my driver for detail:
> >         http://patchwork.kernel.org/patch/11012475/ or patchset 3/3
> 
> I could, or you could just answer my question.
> 
> >
> >         This driver is registered as hardware random number generator, and
> > combines with rng-core.
> >         We want to add one rng hw based on the dts. Is this proper or do you
> > have other suggestion to meet this requirement?
> 
> It depends. There doesn't appear to be any resource configuration, so
> why does it need to be in DT. DT is not the only way instantiate
> drivers.
> 
> Rob
> 

We would like to consult more about this patch.
We cannot figure out what method should be used instead of DT.
The interface to access firmware is "smc" and firmware function only
exists on certain platforms.
Some DT has similar way, like:
http://github.com/torvalds/linux/blob/master/arch/arm64/boot/dts/hisilicon/hi6220-hikey.dts#L470

	firmware {
		optee {
			compatible = "linaro,optee-tz";
			method = "smc";
		};
	};

Is there any way to instantiate driver on certain platforms without DT?
Could you give us some examples?
Thanks

> >
> >         Thanks
> >
> >
> > On Tue, 2019-07-23 at 01:13 +0800, Rob Herring wrote:
> > > On Mon, Jun 24, 2019 at 03:24:11PM +0800, Neal Liu wrote:
> > > > Document the binding used by the MediaTek ARMv8 SoCs random
> > > > number generator with TrustZone enabled.
> > > >
> > > > Signed-off-by: Neal Liu <neal.liu@mediatek.com>
> > > > ---
> > > >  .../devicetree/bindings/rng/mtk-sec-rng.txt        |   10 ++++++++++
> > > >  1 file changed, 10 insertions(+)
> > > >  create mode 100644 Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > > >
> > > > diff --git a/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > > > new file mode 100644
> > > > index 0000000..c04ce15
> > > > --- /dev/null
> > > > +++ b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > > > @@ -0,0 +1,10 @@
> > > > +MediaTek random number generator with TrustZone enabled
> > > > +
> > > > +Required properties:
> > > > +- compatible : Should be "mediatek,mtk-sec-rng"
> > >
> > > What's the interface to access this?
> > >
> > > A node with a 'compatible' and nothing else is a sign of something that
> > > a parent device should instantiate and doesn't need to be in DT. IOW,
> > > what do complete bindings for firmware functions look like?
> > >
> > > > +
> > > > +Example:
> > > > +
> > > > +hwrng: hwrng {
> > > > +   compatible = "mediatek,mtk-sec-rng";
> > > > +}
> > > > --
> > > > 1.7.9.5
> > > >
> > >
> > > _______________________________________________
> > > Linux-mediatek mailing list
> > > Linux-mediatek@lists.infradead.org
> > > http://lists.infradead.org/mailman/listinfo/linux-mediatek
> >
> >

Re: [PATCH v4 2/3] dt-bindings: rng: add bindings for MediaTek ARMv8 SoCs

[Neal Liu]

Dear Rob,

Just a gentle ping.

Neal

On Wed, 2019-09-18 at 09:44 +0800, Neal Liu wrote:
> On Tue, 2019-07-23 at 22:35 +0800, Rob Herring wrote:
> > On Mon, Jul 22, 2019 at 8:21 PM Neal Liu <neal.liu@mediatek.com> wrote:
> > >
> > 
> > Please don't top post to lists.
> > 
> > > Dear Rob,
> > >         You can check my driver for detail:
> > >         http://patchwork.kernel.org/patch/11012475/ or patchset 3/3
> > 
> > I could, or you could just answer my question.
> > 
> > >
> > >         This driver is registered as hardware random number generator, and
> > > combines with rng-core.
> > >         We want to add one rng hw based on the dts. Is this proper or do you
> > > have other suggestion to meet this requirement?
> > 
> > It depends. There doesn't appear to be any resource configuration, so
> > why does it need to be in DT. DT is not the only way instantiate
> > drivers.
> > 
> > Rob
> > 
> 
> We would like to consult more about this patch.
> We cannot figure out what method should be used instead of DT.
> The interface to access firmware is "smc" and firmware function only
> exists on certain platforms.
> Some DT has similar way, like:
> http://github.com/torvalds/linux/blob/master/arch/arm64/boot/dts/hisilicon/hi6220-hikey.dts#L470
> 
> 	firmware {
> 		optee {
> 			compatible = "linaro,optee-tz";
> 			method = "smc";
> 		};
> 	};
> 
> Is there any way to instantiate driver on certain platforms without DT?
> Could you give us some examples?
> Thanks
> 
> > >
> > >         Thanks
> > >
> > >
> > > On Tue, 2019-07-23 at 01:13 +0800, Rob Herring wrote:
> > > > On Mon, Jun 24, 2019 at 03:24:11PM +0800, Neal Liu wrote:
> > > > > Document the binding used by the MediaTek ARMv8 SoCs random
> > > > > number generator with TrustZone enabled.
> > > > >
> > > > > Signed-off-by: Neal Liu <neal.liu@mediatek.com>
> > > > > ---
> > > > >  .../devicetree/bindings/rng/mtk-sec-rng.txt        |   10 ++++++++++
> > > > >  1 file changed, 10 insertions(+)
> > > > >  create mode 100644 Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > > > >
> > > > > diff --git a/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > > > > new file mode 100644
> > > > > index 0000000..c04ce15
> > > > > --- /dev/null
> > > > > +++ b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > > > > @@ -0,0 +1,10 @@
> > > > > +MediaTek random number generator with TrustZone enabled
> > > > > +
> > > > > +Required properties:
> > > > > +- compatible : Should be "mediatek,mtk-sec-rng"
> > > >
> > > > What's the interface to access this?
> > > >
> > > > A node with a 'compatible' and nothing else is a sign of something that
> > > > a parent device should instantiate and doesn't need to be in DT. IOW,
> > > > what do complete bindings for firmware functions look like?
> > > >
> > > > > +
> > > > > +Example:
> > > > > +
> > > > > +hwrng: hwrng {
> > > > > +   compatible = "mediatek,mtk-sec-rng";
> > > > > +}
> > > > > --
> > > > > 1.7.9.5
> > > > >
> > > >
> > > > _______________________________________________
> > > > Linux-mediatek mailing list
> > > > Linux-mediatek@lists.infradead.org
> > > > http://lists.infradead.org/mailman/listinfo/linux-mediatek
> > >
> > >
> 

Re: [PATCH v4 2/3] dt-bindings: rng: add bindings for MediaTek ARMv8 SoCs

[Neal Liu]

On Wed, 2019-10-02 at 21:47 +0800, Neal Liu wrote:
> Dear Rob,
> 
> Just a gentle ping.
> 
> Neal
> 
> On Wed, 2019-09-18 at 09:44 +0800, Neal Liu wrote:
> > On Tue, 2019-07-23 at 22:35 +0800, Rob Herring wrote:
> > > On Mon, Jul 22, 2019 at 8:21 PM Neal Liu <neal.liu@mediatek.com> wrote:
> > > >
> > > 
> > > Please don't top post to lists.
> > > 
> > > > Dear Rob,
> > > >         You can check my driver for detail:
> > > >         http://patchwork.kernel.org/patch/11012475/ or patchset 3/3
> > > 
> > > I could, or you could just answer my question.
> > > 
> > > >
> > > >         This driver is registered as hardware random number generator, and
> > > > combines with rng-core.
> > > >         We want to add one rng hw based on the dts. Is this proper or do you
> > > > have other suggestion to meet this requirement?
> > > 
> > > It depends. There doesn't appear to be any resource configuration, so
> > > why does it need to be in DT. DT is not the only way instantiate
> > > drivers.
> > > 
> > > Rob
> > > 
> > 
> > We would like to consult more about this patch.
> > We cannot figure out what method should be used instead of DT.
> > The interface to access firmware is "smc" and firmware function only
> > exists on certain platforms.
> > Some DT has similar way, like:
> > http://github.com/torvalds/linux/blob/master/arch/arm64/boot/dts/hisilicon/hi6220-hikey.dts#L470
> > 
> > 	firmware {
> > 		optee {
> > 			compatible = "linaro,optee-tz";
> > 			method = "smc";
> > 		};
> > 	};
> > 
> > Is there any way to instantiate driver on certain platforms without DT?
> > Could you give us some examples?
> > Thanks
> > 
> > > >
> > > >         Thanks
> > > >
> > > >
> > > > On Tue, 2019-07-23 at 01:13 +0800, Rob Herring wrote:
> > > > > On Mon, Jun 24, 2019 at 03:24:11PM +0800, Neal Liu wrote:
> > > > > > Document the binding used by the MediaTek ARMv8 SoCs random
> > > > > > number generator with TrustZone enabled.
> > > > > >
> > > > > > Signed-off-by: Neal Liu <neal.liu@mediatek.com>
> > > > > > ---
> > > > > >  .../devicetree/bindings/rng/mtk-sec-rng.txt        |   10 ++++++++++
> > > > > >  1 file changed, 10 insertions(+)
> > > > > >  create mode 100644 Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > > > > >
> > > > > > diff --git a/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > > > > > new file mode 100644
> > > > > > index 0000000..c04ce15
> > > > > > --- /dev/null
> > > > > > +++ b/Documentation/devicetree/bindings/rng/mtk-sec-rng.txt
> > > > > > @@ -0,0 +1,10 @@
> > > > > > +MediaTek random number generator with TrustZone enabled
> > > > > > +
> > > > > > +Required properties:
> > > > > > +- compatible : Should be "mediatek,mtk-sec-rng"
> > > > >
> > > > > What's the interface to access this?
> > > > >
> > > > > A node with a 'compatible' and nothing else is a sign of something that
> > > > > a parent device should instantiate and doesn't need to be in DT. IOW,
> > > > > what do complete bindings for firmware functions look like?
> > > > >

We would like to revise our DT node as below:

firmware {
	hwrng {
		compatible = "mediatek,mtk-sec-rng";
		method = "smc";
	};
};

And dt-bindings path would be changed because it's base on ARM TrustZone
Firmware.
From "Documentation/devicetree/bindings/rng/mtk-sec-rng.txt"
To
"Documentation/devicetree/bindings/arm/firmware/mediatek,mtk-sec-rng.txt"

We found some similar examples which also provide an interface to trap
to Secure State through SMC instruction.
Example 1: Documentation/devicetree/bindings/arm/firmware/xxx.txt
Example 2: Documentation/devicetree/bindings/arm/psci.txt

Is that okay for you?

Neal

> > > > > > +
> > > > > > +Example:
> > > > > > +
> > > > > > +hwrng: hwrng {
> > > > > > +   compatible = "mediatek,mtk-sec-rng";
> > > > > > +}
> > > > > > --
> > > > > > 1.7.9.5
> > > > > >
> > > > >
> > > > > _______________________________________________
> > > > > Linux-mediatek mailing list
> > > > > Linux-mediatek@lists.infradead.org
> > > > > http://lists.infradead.org/mailman/listinfo/linux-mediatek
> > > >
> > > >
> > 
>