Last edited 2 months ago

RNG internal peripheral: Difference between revisions

Visual
Registered User
mNo edit summary
Registered User
mNo edit summary
Tag: 2017 source edit
 
(15 intermediate revisions by 6 users not shown)
Line 1: Line 1:
<noinclude>{{ApplicableFor
{{ApplicableFor
|MPUs list=STM32MP13x, STM32MP15x, STM32MP25x
|MPUs list=STM32MP13x, STM32MP15x, STM32MP21x, STM32MP23x, STM32MP25x
|MPUs checklist=STM32MP13x,STM32MP15x, STM32MP25x
|MPUs checklist=STM32MP13x, STM32MP15x, STM32MP21x, STM32MP23x, STM32MP25x
}}</noinclude>
}}
 
==Article purpose==
==Article purpose==
The purpose of this article is to:
The purpose of this article is to:
* Briefly introduce the RNG peripheral and its main features,
* Briefly introduce the RNG peripheral and its main features.
* Indicate the peripheral instances assignment at boot time and their assignment at runtime (including whether instances can be allocated to secure contexts),
* List the software frameworks and drivers managing the peripheral.
* List the software frameworks and drivers managing the peripheral,
* Explain how to configure the peripheral.
* Explain how to configure the peripheral.


Line 15: Line 13:


Refer to the [[STM32 MPU resources#Reference manuals|STM32 MPU reference manuals]] for the complete list of features, and to the software frameworks and drivers, introduced below, to see which features are implemented.
Refer to the [[STM32 MPU resources#Reference manuals|STM32 MPU reference manuals]] for the complete list of features, and to the software frameworks and drivers, introduced below, to see which features are implemented.
The '''RNG''' can be assigned to non-secure or secure world (default behavior). If the '''RNG''' is assigned to the secure world then the non-secure world can request random numbers through the OP-TEE RNG PTA. More information about this mechanism can be found in OP-TEE documentation <ref name=optee.readthedocs>https://optee.readthedocs.io/</ref>. Else, the software component uses its '''RNG''' driver directly.
''What is applicable for the Linux Kernel is applicable for U-Boot.''
<div class="res-img">
[[File:RNG overview.png|center|caption|RNG implementations overview]]
</div>


==Peripheral usage==
==Peripheral usage==
This chapter is applicable in the scope of the '''OpenSTLinux BSP''' running on the Arm<sup>&reg;</sup> Cortex<sup>&reg;</sup>-A processor(s), and the '''STM32CubeMPU Package''' running on the Arm<sup>&reg;</sup> Cortex<sup>&reg;</sup>-M processor.
This chapter is applicable in the scope of the '''OpenSTLinux BSP''' running on the Arm<sup>&reg;</sup> Cortex<sup>&reg;</sup>-A processor, and the '''STM32CubeMPU Package''' running on the Arm<sup>&reg;</sup> Cortex<sup>&reg;</sup>-M processor.
 
The hardware RNG peripheral for Arm<sup>&reg;</sup> Cortex<sup>&reg;</sup>-A processor is default assigned to OP-TEE. This is the default and recommended setup.
 
It is possible to assign the RNG to the Linux Kernel, but it is necessary to deactivate it in OP-TEE device tree and activate it in the Linux kernel device tree, declare it as a firewall exception in the {{CodeSource | OP-TEE_OS | core/drivers/firewall/stm32_firewall.c | OP-TEE firewall driver}} and declare your board in the flavorlist-no_rng in the {{CodeSource | OP-TEE_OS | core/arch/arm/plat-stm32mp1/conf.mk | OP-TEE board configuration makefile}}.


Refer to the wiki article [[Hardware random overview]] to learn more on the possible usages of this peripheral.
===Boot time assignment===
===Boot time assignment===
====On {{MicroprocessorDevice | device=13}}====
====On {{MicroprocessorDevice | device=13}}====
Line 60: Line 47:
|}
|}


====On {{MicroprocessorDevice | device=2}}====
====On {{MicroprocessorDevice | device=21}}====
 
{{#lst:STM32MP2_internal_peripherals_assignment_table_template|stm32mp2_a35_boottime}}
<section begin=stm32mp21_a35_boottime />
| rowspan="2" | Security
| rowspan="2" | [[RNG internal peripheral | RNG]]
| RNG1
| <span title="system peripheral" style="font-size:21px">✓</span>
| <span title="assigned peripheral" style="font-size:21px">☑</span>
| <span title="assignable peripheral but not supported" style="font-size:21px">⬚</span>
|
|-
| RNG2
| <span title="system peripheral" style="font-size:21px">✓</span>
| <span title="assignable peripheral" style="font-size:21px">☐</span>
| <span title="assignable peripheral but not supported" style="font-size:21px">⬚</span>
|
|-
<section end=stm32mp21_a35_boottime />
|}
 
====On {{MicroprocessorDevice | device=23}}====
 
{{#lst:STM32MP2_internal_peripherals_assignment_table_template|stm32mp2_a35_boottime}}
<section begin=stm32mp23_a35_boottime />
| rowspan="1" | Security
| rowspan="1" | [[RNG internal peripheral | RNG]]
| RNG
| <span title="system peripheral" style="font-size:21px">✓</span>
| <span title="assigned peripheral" style="font-size:21px">☑</span>
| <span title="assignable peripheral but not supported" style="font-size:21px">⬚</span>
|
|-
<section end=stm32mp23_a35_boottime />
|}
 
====On {{MicroprocessorDevice | device=25}}====
 
{{#lst:STM32MP2_internal_peripherals_assignment_table_template|stm32mp2_a35_boottime}}
{{#lst:STM32MP2_internal_peripherals_assignment_table_template|stm32mp2_a35_boottime}}
<section begin=stm32mp25_a35_boottime />
<section begin=stm32mp25_a35_boottime />
Line 68: Line 92:
| <span title="system peripheral" style="font-size:21px">✓</span>
| <span title="system peripheral" style="font-size:21px">✓</span>
| <span title="assigned peripheral" style="font-size:21px">☑</span>
| <span title="assigned peripheral" style="font-size:21px">☑</span>
| <span title="assignable peripheral but not supported" style="font-size:21px"></span>
| <span title="assignable peripheral but not supported" style="font-size:21px"></span>
|  
|  
|-
|-
Line 76: Line 100:
===Runtime assignment===
===Runtime assignment===


If the Arm<sup>&reg;</sup> Cortex<sup>&reg;</sup>-A processor hardware RNG peripheral is assigned to OP-TEE, then the Linux Kernel can request random numbers through the [[Hardware random overview|hardware random framework]] which is interfaced with the {{CodeSource | Linux kernel | drivers/char/hw_random/optee-rng.c | OP-TEE RNG Linux driver}}.
If the Arm<sup>&reg;</sup> Cortex<sup>&reg;</sup>-A processor hardware RNG peripheral is assigned to OP-TEE, then the Linux kernel can request random numbers through the [[Hardware random overview|hardware random framework]], which is interfaced with the {{CodeSource | Linux kernel | drivers/char/hw_random/optee-rng.c | OP-TEE RNG Linux driver}}.


If the Arm<sup>&reg;</sup> Cortex<sup>&reg;</sup>-A processor hardware RNG peripheral is assigned to the Linux Kernel, then the Linux Kernel can access it through the [[Hardware random overview|hardware random framework]] which is interfaced with the {{CodeSource | Linux kernel | drivers/char/hw_random/stm32-rng.c | Linux RNG driver}}.
If the Arm<sup>&reg;</sup> Cortex<sup>&reg;</sup>-A processor hardware RNG peripheral is assigned to the Linux kernel, then the Linux kernel can access it through the [[Hardware random overview|hardware random framework]], which is interfaced with the {{CodeSource | Linux kernel | drivers/char/hw_random/stm32-rng.c | Linux RNG driver}}.


====On {{MicroprocessorDevice | device=13}}====
====On {{MicroprocessorDevice | device=13}}====
Line 111: Line 135:
  |-
  |-
<section end=stm32mp15_runtime />
<section end=stm32mp15_runtime />
|}
====On {{MicroprocessorDevice | device=21}}====
{{#lst:STM32MP2_internal_peripherals_assignment_table_template|stm32mp21_runtime}}
<section begin=stm32mp21_a35_runtime />
| rowspan="2" | Security
| rowspan="2" | [[RNG internal peripheral | RNG]]
| RNG1
| <span title="assigned peripheral" style="font-size:21px">☑</span><sup>OP-TEE</sup>
| <span title="assignable peripheral but not supported" style="font-size:21px">⬚</span>
| <span title="assignable peripheral" style="font-size:21px">☐</span>
| <span title="assignable peripheral but not supported" style="font-size:21px">⬚</span>
|
|-
| RNG2
| <span title="assignable peripheral" style="font-size:21px">☐</span><sup>OP-TEE</sup>
| <span title="assignable peripheral but not supported" style="font-size:21px">⬚</span>
| <span title="assignable peripheral" style="font-size:21px">☐</span>
| <span title="assignable peripheral but not supported" style="font-size:21px">⬚</span>
|
|-
<section end=stm32mp21_a35_runtime />
|}
====On {{MicroprocessorDevice | device=23}}====
{{#lst:STM32MP2_internal_peripherals_assignment_table_template|stm32mp23_runtime}}
<section begin=stm32mp23_a35_runtime />
| rowspan="1" | Security
| rowspan="1" | [[RNG internal peripheral | RNG]]
| RNG
| <span title="assigned peripheral" style="font-size:21px">☑</span><sup>OP-TEE</sup>
| <span title="assignable peripheral but not supported" style="font-size:21px">⬚</span>
| <span title="assignable peripheral" style="font-size:21px">☐</span>
| <span title="assignable peripheral but not supported" style="font-size:21px">⬚</span>
|
|-
<section end=stm32mp23_a35_runtime />
|}
|}


Line 120: Line 181:
| RNG
| RNG
| <span title="assigned peripheral" style="font-size:21px">☑</span><sup>OP-TEE</sup>
| <span title="assigned peripheral" style="font-size:21px">☑</span><sup>OP-TEE</sup>
| <span title="assignable peripheral but not supported" style="font-size:21px"></span>
| <span title="assignable peripheral but not supported" style="font-size:21px"></span>
| <span title="assignable peripheral" style="font-size:21px">☐</span>
| <span title="assignable peripheral" style="font-size:21px">☐</span>
| <span title="assignable peripheral but not supported" style="font-size:21px">⬚</span>
| <span title="assignable peripheral but not supported" style="font-size:21px">⬚</span>
Line 132: Line 193:
Below are listed the software frameworks and drivers managing the '''RNG''' peripheral for the embedded software components listed in the above tables.
Below are listed the software frameworks and drivers managing the '''RNG''' peripheral for the embedded software components listed in the above tables.


* '''Linux<sup>&reg;</sup>''': [[Hardware random overview|hardware random framework]], {{CodeSource | Linux kernel | drivers/char/hw_random/stm32-rng.c | Linux RNG driver}} and {{CodeSource | Linux kernel | drivers/char/hw_random/optee-rng.c | OP-TEE RNG Linux driver }} when random number generation is managed by OP-TEE (default behaviour)
* '''Linux<sup>&reg;</sup>''': [[Hardware random overview|hardware random framework]], {{CodeSource | Linux kernel | drivers/char/hw_random/stm32-rng.c | Linux RNG driver}}, and {{CodeSource | Linux kernel | drivers/char/hw_random/optee-rng.c | OP-TEE RNG Linux driver }} when random number generation is managed by OP-TEE (default behavior)
* '''U-Boot''': {{CodeSource | U-Boot | drivers/rng/stm32_rng.c | U-Boot RNG driver }} and {{CodeSource | U-Boot | drivers/rng/optee_rng.c | OP-TEE RNG U-Boot driver }}
* '''U-Boot''': {{CodeSource | U-Boot | drivers/rng/stm32_rng.c | U-Boot RNG driver }} and {{CodeSource | U-Boot | drivers/rng/optee_rng.c | OP-TEE RNG U-Boot driver }}
* '''OP-TEE''': {{CodeSource | OP-TEE_OS | core/drivers/stm32_rng.c | OP-TEE RNG driver }} and {{CodeSource | OP-TEE_OS| core/pta/hwrng.c | RNG PTA }}
* '''OP-TEE''': {{CodeSource | OP-TEE_OS | core/drivers/stm32_rng.c | OP-TEE RNG driver }} and {{CodeSource | OP-TEE_OS| core/pta/hwrng.c | RNG PTA }}
* '''STM32Cube''': [[STM32CubeMP1 architecture|RNG HAL driver]] and {{CodeSource | STM32CubeMP1 | Drivers/STM32MP1xx_HAL_Driver/Inc/stm32mp1xx_hal_rng.h | header file of RNG HAL module}}
* '''STM32Cube''': [[STM32CubeMP15 Package architecture|RNG HAL driver]] and {{CodeSource | STM32CubeMP1 | Drivers/STM32MP1xx_HAL_Driver/Inc/stm32mp1xx_hal_rng.h | header file of RNG HAL module}}


==How to assign and configure the peripheral==
==How to assign and configure the peripheral==
The peripheral assignment can be done via the [[STM32CubeMX]] graphical tool (and manually completed if needed).<br />
The peripheral assignment can be done via the [[STM32CubeMX]] graphical tool (and manually completed if needed).<br />
This tool also helps to configure the peripheral:
This tool also helps to configure the peripheral:
* partial device trees (pin control and clock tree) generation for the OpenSTLinux software components,
* Partial device trees (pin control and clock tree) generation for the OpenSTLinux software components.
* HAL initialization code generation for the STM32CubeMPU Package.
* HAL initialization code generation for the STM32CubeMPU Package.
The configuration is applied by the firmware running in the context in which the peripheral is assigned.
The configuration is applied by the firmware running in the context in which the peripheral is assigned.


This configuration is done in [[OP-TEE_overview|OP-TEE]], through device tree. <br> Refer to [[RNG device tree configuration]].
This configuration is done in [[STM32 MPU OP-TEE_overview|OP-TEE]] through the device tree. <br>For more information, refer to the wiki article [[RNG device tree configuration]].


==References==
==References==
<references/>
<references/>
{{ReviewsComments|-- [[User:Gatien Chevallier|Gatien Chevallier]] ([[User talk:Gatien Chevallier|talk]]) 11:55, 11 December 2023 (CET)<br />[[ToBeReviewedByTW]]}}


<noinclude>
<noinclude>
{{ArticleBasedOnModel| Compatibility master article model}}
{{ArticleBasedOnModel| Internal peripheral article model}}
[[Category:Security peripherals]]
[[Category:Security peripherals]]
{{PublicationRequestId | 24653 | 2022-09-26 | }}
{{PublicationRequestId | 31421 | 2024-06-17 | previous PR: 24653  }}


</noinclude>
</noinclude>

Latest revision as of 12:09, 8 January 2025

Applicable for STM32MP13x lines, STM32MP15x lines, Unknown MPU, Unknown MPU, STM32MP25x lines

1. Article purpose

The purpose of this article is to:

  • Briefly introduce the RNG peripheral and its main features.
  • List the software frameworks and drivers managing the peripheral.
  • Explain how to configure the peripheral.

2. Peripheral overview

The RNG peripheral is used to provide 32-bit random numbers.

Refer to the STM32 MPU reference manuals for the complete list of features, and to the software frameworks and drivers, introduced below, to see which features are implemented.

3. Peripheral usage

This chapter is applicable in the scope of the OpenSTLinux BSP running on the Arm® Cortex®-A processor, and the STM32CubeMPU Package running on the Arm® Cortex®-M processor.

Refer to the wiki article Hardware random overview to learn more on the possible usages of this peripheral.

3.1. Boot time assignment

3.1.1. On STM32MP13x lines More info.png

Click on How to.png to expand or collapse the legend...

Domain Peripheral Boot time allocation Comment How to.png
Instance Cortex-A7
secure
(ROM code) 		Cortex-A7
secure
(TF-A BL2) 		Cortex-A7
non-secure
(U-Boot)
Security RNG RNG Required for DPA peripheral protection

3.1.2. On STM32MP15x lines More info.png

Click on How to.png to expand or collapse the legend...

Domain Peripheral Boot time allocation Comment How to.png
Instance Cortex-A7
secure
(ROM code) 		Cortex-A7
secure
(TF-A BL2) 		Cortex-A7
non-secure
(U-Boot)
Security RNG RNG1

3.1.3. On STM32MP21 unknown microprocessor device

Click on How to.png to expand or collapse the legend...

Domain Peripheral Boot time allocation Comment How to.png
Instance Cortex-A35
secure
(ROM code) 		Cortex-A35
secure
(TF-A BL2) 		Cortex-A35
non-secure
(U-Boot)
Security RNG RNG1
RNG2

3.1.4. On STM32MP23 unknown microprocessor device

Click on How to.png to expand or collapse the legend...

Domain Peripheral Boot time allocation Comment How to.png
Instance Cortex-A35
secure
(ROM code) 		Cortex-A35
secure
(TF-A BL2) 		Cortex-A35
non-secure
(U-Boot)
Security RNG RNG

3.1.5. On STM32MP25x lines More info.png

Click on How to.png to expand or collapse the legend...

Domain Peripheral Boot time allocation Comment How to.png
Instance Cortex-A35
secure
(ROM code) 		Cortex-A35
secure
(TF-A BL2) 		Cortex-A35
non-secure
(U-Boot)
Security RNG RNG

3.2. Runtime assignment

If the Arm® Cortex®-A processor hardware RNG peripheral is assigned to OP-TEE, then the Linux kernel can request random numbers through the hardware random framework, which is interfaced with the OP-TEE RNG Linux driver .

If the Arm® Cortex®-A processor hardware RNG peripheral is assigned to the Linux kernel, then the Linux kernel can access it through the hardware random framework, which is interfaced with the Linux RNG driver .

3.2.1. On STM32MP13x lines More info.png

Click on How to.png to expand or collapse the legend...

Domain Peripheral Runtime allocation Comment How to.png
Instance Cortex-A7
secure
(OP-TEE) 		Cortex-A7
non-secure
(Linux)
Security RNG RNG Assignment (single choice)

3.2.2. On STM32MP15x lines More info.png

Click on How to.png to expand or collapse the legend...

Domain Peripheral Runtime allocation Comment How to.png
Instance Cortex-A7
secure
(OP-TEE) 		Cortex-A7
non-secure
(Linux) 		Cortex-M4

(STM32Cube)
Security RNG RNG1 Assignment (single choice)
RNG2

3.2.3. On STM32MP21 unknown microprocessor device

| rowspan="2" | Security | rowspan="2" | RNG | RNG1 | OP-TEE | | | | |- | RNG2 | OP-TEE | | | | |-

|}

3.2.4. On STM32MP23 unknown microprocessor device

| rowspan="1" | Security | rowspan="1" | RNG | RNG | OP-TEE | | | | |-

|}

3.2.5. On STM32MP25x lines More info.png

Click on How to.png to expand or collapse the legend...

Domain Peripheral Runtime allocation Comment How to.png
Instance Cortex-A35
secure
(OP-TEE /
TF-A BL31) 		Cortex-A35
non-secure
(Linux) 		Cortex-M33
secure
(TF-M) 		Cortex-M33
non-secure
(STM32Cube) 		Cortex-M0+
Warning.png
(STM32Cube)
Security RNG RNG OP-TEE

4. Software frameworks and drivers

Below are listed the software frameworks and drivers managing the RNG peripheral for the embedded software components listed in the above tables.

5. How to assign and configure the peripheral

The peripheral assignment can be done via the STM32CubeMX graphical tool (and manually completed if needed).
This tool also helps to configure the peripheral:

  • Partial device trees (pin control and clock tree) generation for the OpenSTLinux software components.
  • HAL initialization code generation for the STM32CubeMPU Package.

The configuration is applied by the firmware running in the context in which the peripheral is assigned.

This configuration is done in OP-TEE through the device tree.
For more information, refer to the wiki article RNG device tree configuration.

6. References




Retrieved from "https://wiki.stmicroelectronics.cn/stm32mpu/index.php?title=RNG_internal_peripheral&oldid=114390"