1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2013, Bryan Venteicher <bryanv@FreeBSD.org> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice unmodified, this list of conditions, and the following 12 * disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 /* Driver for VirtIO entropy device. */ 30 31 #include <sys/cdefs.h> 32 __FBSDID("$FreeBSD$"); 33 34 #include <sys/param.h> 35 #include <sys/kernel.h> 36 #include <sys/malloc.h> 37 #include <sys/module.h> 38 #include <sys/sglist.h> 39 #include <sys/callout.h> 40 #include <sys/random.h> 41 #include <sys/stdatomic.h> 42 43 #include <machine/bus.h> 44 #include <machine/resource.h> 45 #include <sys/bus.h> 46 47 #include <dev/random/randomdev.h> 48 #include <dev/random/random_harvestq.h> 49 #include <dev/virtio/virtio.h> 50 #include <dev/virtio/virtqueue.h> 51 52 struct vtrnd_softc { 53 uint64_t vtrnd_features; 54 struct virtqueue *vtrnd_vq; 55 }; 56 57 static int vtrnd_modevent(module_t, int, void *); 58 59 static int vtrnd_probe(device_t); 60 static int vtrnd_attach(device_t); 61 static int vtrnd_detach(device_t); 62 63 static void vtrnd_negotiate_features(device_t); 64 static int vtrnd_alloc_virtqueue(device_t); 65 static int vtrnd_harvest(struct vtrnd_softc *, void *, size_t *); 66 static unsigned vtrnd_read(void *, unsigned); 67 68 #define VTRND_FEATURES 0 69 70 static struct virtio_feature_desc vtrnd_feature_desc[] = { 71 { 0, NULL } 72 }; 73 74 static struct random_source random_vtrnd = { 75 .rs_ident = "VirtIO Entropy Adapter", 76 .rs_source = RANDOM_PURE_VIRTIO, 77 .rs_read = vtrnd_read, 78 }; 79 80 /* Kludge for API limitations of random(4). */ 81 static _Atomic(struct vtrnd_softc *) g_vtrnd_softc; 82 83 static device_method_t vtrnd_methods[] = { 84 /* Device methods. */ 85 DEVMETHOD(device_probe, vtrnd_probe), 86 DEVMETHOD(device_attach, vtrnd_attach), 87 DEVMETHOD(device_detach, vtrnd_detach), 88 89 DEVMETHOD_END 90 }; 91 92 static driver_t vtrnd_driver = { 93 "vtrnd", 94 vtrnd_methods, 95 sizeof(struct vtrnd_softc) 96 }; 97 static devclass_t vtrnd_devclass; 98 99 DRIVER_MODULE(virtio_random, virtio_pci, vtrnd_driver, vtrnd_devclass, 100 vtrnd_modevent, 0); 101 MODULE_VERSION(virtio_random, 1); 102 MODULE_DEPEND(virtio_random, virtio, 1, 1, 1); 103 MODULE_DEPEND(virtio_random, random_device, 1, 1, 1); 104 105 VIRTIO_SIMPLE_PNPTABLE(virtio_random, VIRTIO_ID_ENTROPY, 106 "VirtIO Entropy Adapter"); 107 VIRTIO_SIMPLE_PNPINFO(virtio_pci, virtio_random); 108 109 static int 110 vtrnd_modevent(module_t mod, int type, void *unused) 111 { 112 int error; 113 114 switch (type) { 115 case MOD_LOAD: 116 case MOD_QUIESCE: 117 case MOD_UNLOAD: 118 case MOD_SHUTDOWN: 119 error = 0; 120 break; 121 default: 122 error = EOPNOTSUPP; 123 break; 124 } 125 126 return (error); 127 } 128 129 static int 130 vtrnd_probe(device_t dev) 131 { 132 return (VIRTIO_SIMPLE_PROBE(dev, virtio_random)); 133 } 134 135 static int 136 vtrnd_attach(device_t dev) 137 { 138 struct vtrnd_softc *sc, *exp; 139 int error; 140 141 sc = device_get_softc(dev); 142 143 virtio_set_feature_desc(dev, vtrnd_feature_desc); 144 vtrnd_negotiate_features(dev); 145 146 error = vtrnd_alloc_virtqueue(dev); 147 if (error) { 148 device_printf(dev, "cannot allocate virtqueue\n"); 149 goto fail; 150 } 151 152 exp = NULL; 153 if (!atomic_compare_exchange_strong_explicit(&g_vtrnd_softc, &exp, sc, 154 memory_order_release, memory_order_acquire)) { 155 error = EEXIST; 156 goto fail; 157 } 158 random_source_register(&random_vtrnd); 159 160 fail: 161 if (error) 162 vtrnd_detach(dev); 163 164 return (error); 165 } 166 167 static int 168 vtrnd_detach(device_t dev) 169 { 170 struct vtrnd_softc *sc; 171 172 sc = device_get_softc(dev); 173 KASSERT( 174 atomic_load_explicit(&g_vtrnd_softc, memory_order_acquire) == sc, 175 ("only one global instance at a time")); 176 177 random_source_deregister(&random_vtrnd); 178 atomic_store_explicit(&g_vtrnd_softc, NULL, memory_order_release); 179 180 /* 181 * Unfortunately, deregister does not guarantee our source callback 182 * will not be invoked after it returns. Use a kludge to prevent some, 183 * but not all, possible races. 184 */ 185 tsleep_sbt(&g_vtrnd_softc, 0, "vtrnddet", mstosbt(50), 0, C_HARDCLOCK); 186 187 return (0); 188 } 189 190 static void 191 vtrnd_negotiate_features(device_t dev) 192 { 193 struct vtrnd_softc *sc; 194 195 sc = device_get_softc(dev); 196 sc->vtrnd_features = virtio_negotiate_features(dev, VTRND_FEATURES); 197 } 198 199 static int 200 vtrnd_alloc_virtqueue(device_t dev) 201 { 202 struct vtrnd_softc *sc; 203 struct vq_alloc_info vq_info; 204 205 sc = device_get_softc(dev); 206 207 VQ_ALLOC_INFO_INIT(&vq_info, 0, NULL, sc, &sc->vtrnd_vq, 208 "%s request", device_get_nameunit(dev)); 209 210 return (virtio_alloc_virtqueues(dev, 0, 1, &vq_info)); 211 } 212 213 static int 214 vtrnd_harvest(struct vtrnd_softc *sc, void *buf, size_t *sz) 215 { 216 struct sglist_seg segs[1]; 217 struct sglist sg; 218 struct virtqueue *vq; 219 uint32_t value[HARVESTSIZE] __aligned(sizeof(uint32_t) * HARVESTSIZE); 220 uint32_t rdlen; 221 int error; 222 223 _Static_assert(sizeof(value) < PAGE_SIZE, "sglist assumption"); 224 225 sglist_init(&sg, 1, segs); 226 error = sglist_append(&sg, value, *sz); 227 if (error != 0) 228 panic("%s: sglist_append error=%d", __func__, error); 229 230 vq = sc->vtrnd_vq; 231 KASSERT(virtqueue_empty(vq), ("%s: non-empty queue", __func__)); 232 233 error = virtqueue_enqueue(vq, buf, &sg, 0, 1); 234 if (error != 0) 235 return (error); 236 237 /* 238 * Poll for the response, but the command is likely already 239 * done when we return from the notify. 240 */ 241 virtqueue_notify(vq); 242 virtqueue_poll(vq, &rdlen); 243 244 if (rdlen > *sz) 245 panic("%s: random device wrote %zu bytes beyond end of provided" 246 " buffer %p:%zu", __func__, (size_t)rdlen - *sz, 247 (void *)value, *sz); 248 else if (rdlen == 0) 249 return (EAGAIN); 250 *sz = MIN(rdlen, *sz); 251 memcpy(buf, value, *sz); 252 explicit_bzero(value, *sz); 253 return (0); 254 } 255 256 static unsigned 257 vtrnd_read(void *buf, unsigned usz) 258 { 259 struct vtrnd_softc *sc; 260 size_t sz; 261 int error; 262 263 sc = g_vtrnd_softc; 264 if (sc == NULL) 265 return (0); 266 267 sz = usz; 268 error = vtrnd_harvest(sc, buf, &sz); 269 if (error != 0) 270 return (0); 271 272 return (sz); 273 } 274