Skip to content

Adding CC310 entropy driver utilizing nrf_cc310_platform library #1268

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Oct 29, 2019
Merged

Adding CC310 entropy driver utilizing nrf_cc310_platform library #1268

merged 5 commits into from
Oct 29, 2019

Conversation

@frkv
Copy link
Contributor

@frkv frkv commented Oct 9, 2019
edited by tejlmand
Loading

-Adding hw_cc310 driver with RTOS mutex/abort support
-Changing entropy_cc310 driver to use nrf_cc310_platform library
-Changing entropy_cc310 driver to support non-secure application

Added description for:

  • cc310 entropy driver
  • cc310 hw initialization

Signed-off-by: Frank Audun Kvamtrø [email protected]
Signed-off-by: Torsten Rasmussen [email protected]

@frkv frkv requested a review from anangl as a code owner October 9, 2019 16:17
@NordicBuilder
Copy link
Contributor

NordicBuilder commented Oct 9, 2019
edited
Loading

All checks are passing now.

Tip: The bot edits this comment instead of posting a new one, so you can check the comment's history to see earlier messages.

@frkv frkv force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch from d257bdc to 43ac50a Compare October 14, 2019 10:47
@frkv frkv force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch from 43ac50a to 1bc448d Compare October 14, 2019 12:54
@tejlmand tejlmand force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch from 1bc448d to 955efe6 Compare October 24, 2019 05:59
@frkv frkv requested a review from ru-fu as a code owner October 24, 2019 05:59
@tejlmand tejlmand mentioned this pull request Oct 24, 2019
Closed
@tejlmand tejlmand added this to the 1.1.0 milestone Oct 24, 2019
@tejlmand tejlmand force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch 3 times, most recently from d877ee9 to a1d5a53 Compare October 24, 2019 06:37
@tejlmand tejlmand added the DNM label Oct 24, 2019
@tejlmand tejlmand force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch from a1d5a53 to 8adb309 Compare October 24, 2019 06:50
@ru-fu ru-fu requested review from b-gent and removed request for ru-fu October 24, 2019 06:51
@tejlmand tejlmand force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch 5 times, most recently from bf3573b to 7fd88cc Compare October 25, 2019 14:56
frkv and others added 3 commits October 25, 2019 18:13
@frkv @tejlmand
nrf_cc310: Adding CC310 entropy driver utilizing nrf_cc310_platform lib
f3a2543 
-Adding hw_cc310 driver with RTOS mutex/abort support
-Changing entropy_cc310 driver to use nrf_cc310_platform library
-Changing entropy_cc310 driver to support non-secure application

Signed-off-by: Frank Audun Kvamtrø <[email protected]>
Signed-off-by: Torsten Rasmussen <[email protected]>
@tejlmand
drivers: entropy: add dependency of BT_LL_SW_LEGACY not set
334b959 
The Kconfig in zephyr/subsys/bluetooth/controller/Kconfig selects
ENTROPY_NRF5_RNG when building for an nRF SoC.
This collides with the alternative cc310 entropy driver causing
conflicts.

Therefore the cc310 entropy driver will be dependent on BT_LL_SW_LEGACY
not being set.

Signed-off-by: Torsten Rasmussen <[email protected]>
@tejlmand
drivers: hw_cc310: Driver will default be deselected when using mcuboot
d722bbb 
When building multi image including mcuboot then mcuboot is compiled
with hard float, however the flags CONFIG_FLOAT and CONFIG_FP_HARDABI
are not set which causes wrong linking.
Therefore hw cc310 will default to yes in mcuboot until this has been
corrected.
This is possible, as cc310 is currently not required in mcuboot.

Signed-off-by: Torsten Rasmussen <[email protected]>
@tejlmand tejlmand force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch from 7fd88cc to 25f7eb2 Compare October 25, 2019 16:13
@frkv frkv requested review from lemrey and rlubos as code owners October 25, 2019 18:06
@tejlmand tejlmand force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch from 5d8ab6a to e4ecdef Compare October 25, 2019 18:58
@tejlmand tejlmand force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch 2 times, most recently from 73ddacc to 9dfdea6 Compare October 28, 2019 08:22
@frkv frkv requested a review from pdunaj as a code owner October 28, 2019 08:22
@pdunaj
Copy link
Contributor

pdunaj commented Oct 28, 2019

Hi @frkv , can you tell why it is disabled for desktop? Is there any reason we would like to have it enabled?

@tejlmand
Copy link
Contributor

tejlmand commented Oct 28, 2019

Hi @frkv , can you tell why it is disabled for desktop? Is there any reason we would like to have it enabled?

When enabling cc310 on nrf desktop, we face the following issue:

Found 12 asserts!
desktop52_base_test Line:223  Assert raised, [00000003] <err> os: ***** MPU FAULT *****
desktop52_base_test Line:223  Assert raised, [00000003] <err> os:   Stacking error (context area might be not valid)
desktop52_base_test Line:223  Assert raised, [00000003] <err> os:   Data Access Violation
desktop52_base_test Line:223  Assert raised, [00000003] <err> os:   MMFAR Address: 0x2000829c
desktop52_base_test Line:223  Assert raised, [00000004] <err> os: r0/a1:  0x00000000  r1/a2:  0x0002be03  r2/a3:  0x00000000
desktop52_base_test Line:223  Assert raised, [00000004] <err> os: r3/a4:  0x0002be03 r12/ip:  0x0004134a r14/lr:  0x01000000
desktop52_base_test Line:223  Assert raised, [00000004] <err> os:  xpsr:  0x20001cbc
desktop52_base_test Line:223  Assert raised, [00000004] <err> os: Faulting instruction address (r15/pc): 0x2000cd38
desktop52_base_test Line:223  Assert raised, [00000004] <err> os: >>> ZEPHYR FATAL ERROR 2: Stack overflow
desktop52_base_test Line:223  Assert raised, [00000004] <err> os: >>> ZEPHYR FATAL ERROR 2: Stack overflow
desktop52_base_test Line:223  Assert raised, [00000005] <err> os: Current thread: 0x20005734 (unknown)
desktop52_base_test Line:223  Assert raised, [00328145] <err> os: Halting system

which indicates that MPU must be configured differently.

But as first step, the cc310 is disabled in nrf desktop, as this should be identical to how nrf desktop is working without this PR.
Then it allows time to look into the MPU configuration aftwerwards.

@pdunaj
Copy link
Contributor

pdunaj commented Oct 28, 2019
edited
Loading

Hi @tejlmand , nrf_desktop uses the default MPU configuration from Zephyr. What we use however in the debug build is stack guard (CONFIG_MPU_STACK_GUARD). Note that this may be something that others will use as well so it would be good if changes introduced are compatible with this feature. Or if the feature is not compatible it would be good to set your config to depend on !MPU_STACK_GUARD.

Pinging @ioannisg .

@tejlmand tejlmand force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch from 9dfdea6 to 69dd0c1 Compare October 28, 2019 10:58
@tejlmand
Copy link
Contributor

tejlmand commented Oct 28, 2019

Hi @tejlmand , nrf_desktop uses the default MPU configuration from Zephyr. What we use however in the debug build is stack guard (CONFIG_MPU_STACK_GUARD). Note that this may be something that others will use as well so it would be good if changes introduced are compatible with this feature. Or if the feature is not compatible it would be good to set your config to depend on !MPU_STACK_GUARD.

Thanks for info.
Has changed to MPU_STACK_GUARD dependency.
Of course this must work with the MPU in future, but this allows for introducing the entropy driver through SPM as a first step.

@pdunaj
Copy link
Contributor

pdunaj commented Oct 28, 2019

Hi @tejlmand , nrf_desktop uses the default MPU configuration from Zephyr. What we use however in the debug build is stack guard (CONFIG_MPU_STACK_GUARD). Note that this may be something that others will use as well so it would be good if changes introduced are compatible with this feature. Or if the feature is not compatible it would be good to set your config to depend on !MPU_STACK_GUARD.

Thanks for info.
Has changed to MPU_STACK_GUARD dependency.
Of course this must work with the MPU in future, but this allows for introducing the entropy driver through SPM as a first step.

Thanks. Also is it possible that the feature would not be enabled by default? This is to make sure that currently working configurations will be fine. Apps/samples that need it can enabled it in the config. Multiple things are not enabled by default, Bluetooth included.

@tejlmand
Copy link
Contributor

tejlmand commented Oct 28, 2019

Hi @tejlmand , nrf_desktop uses the default MPU configuration from Zephyr. What we use however in the debug build is stack guard (CONFIG_MPU_STACK_GUARD). Note that this may be something that others will use as well so it would be good if changes introduced are compatible with this feature. Or if the feature is not compatible it would be good to set your config to depend on !MPU_STACK_GUARD.

Thanks for info.
Has changed to MPU_STACK_GUARD dependency.
Of course this must work with the MPU in future, but this allows for introducing the entropy driver through SPM as a first step.

Thanks. Also is it possible that the feature would not be enabled by default? This is to make sure that currently working configurations will be fine. Apps/samples that need it can enabled it in the config. Multiple things are not enabled by default, Bluetooth included.

If a sample requires entropy, then I would argue that we should aim for most secure way of obtaning that, and that would be to use the cc310 when it is available.
Just as you use the nrf5 rng today, because there were no driver for the cc310 entropy.
Note, only samples that sets ENTROPY_GENERATOR will use the cc310 entropy if available, so cc310 entropy is not enabled everyewhere.

@tejlmand tejlmand force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch from 69dd0c1 to fd6acdb Compare October 28, 2019 13:02
@tejlmand tejlmand removed the DNM label Oct 28, 2019
@tejlmand tejlmand changed the title [DNM] Adding CC310 entropy driver utilizing nrf_cc310_platform library Adding CC310 entropy driver utilizing nrf_cc310_platform library Oct 28, 2019
lemrey
lemrey approved these changes Oct 28, 2019
View reviewed changes
Copy link
Contributor

@lemrey lemrey left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1 for lwm2m_carrier changes.

rlubos
rlubos reviewed Oct 28, 2019
View reviewed changes
samples/nrf9160/lwm2m_carrier/prj.conf Outdated
Copy link
Contributor

@rlubos rlubos Oct 28, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are two overlay-carrier.conf files that should be updated as well in mqtt and coap samples.

Copy link
Contributor

@tejlmand tejlmand Oct 28, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

@tejlmand tejlmand force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch from fd6acdb to c12f03b Compare October 28, 2019 15:15
@rlubos
Copy link
Contributor

rlubos commented Oct 29, 2019

@b-gent Could have a look at docs in this PR?

@tejlmand tejlmand force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch from c12f03b to 0b1530f Compare October 29, 2019 08:55
@b-gent
Copy link
Contributor

b-gent commented Oct 29, 2019

If the CI is green, let us merge now and I will start reviewing the docs on my own branch today.

@b-gent
Copy link
Contributor

b-gent commented Oct 29, 2019

nrf/rst/doc/nrf/drivers.rst:10: WARNING: toctree glob pattern '../../doc/drivers/*' didn't match any documents

@tejlmand

@tejlmand
Copy link
Contributor

tejlmand commented Oct 29, 2019

ivers.rst:10: WARNING:

strange, that worked locally
looking at it.

@tejlmand tejlmand force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch from 0b1530f to 6dd78a9 Compare October 29, 2019 10:03
@tejlmand
sample: lwm2m carrier entropy dependency
83e634f 
Added dependency to ensure a true entropy driver is available

Signed-off-by: Torsten Rasmussen <[email protected]>
@tejlmand
entropy: cc310 dependency to mpu settings introduced
47b6a10 
Disable cc310 entropy driver for MPU enabled applications.

Signed-off-by: Torsten Rasmussen <[email protected]>
@tejlmand tejlmand force-pushed the entropy-for-nrf_cc310_mbedcrypto-v0.9.0 branch from 6dd78a9 to 47b6a10 Compare October 29, 2019 10:23
@tejlmand
Copy link
Contributor

tejlmand commented Oct 29, 2019

dox commit dropped, as not needed for this PR.
Will make separate PR with dox content when this is merged

@rlubos rlubos merged commit cdb864f into nrfconnect:master Oct 29, 2019
@tejlmand tejlmand mentioned this pull request Oct 29, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tejlmand tejlmand tejlmand approved these changes

@rlubos rlubos rlubos left review comments

@lemrey lemrey lemrey approved these changes

@b-gent b-gent b-gent approved these changes

@anangl anangl Awaiting requested review from anangl

@carlescufi carlescufi Awaiting requested review from carlescufi

@ioannisg ioannisg Awaiting requested review from ioannisg

@pdunaj pdunaj Awaiting requested review from pdunaj

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

1.1.0

Development

Successfully merging this pull request may close these issues.

7 participants

@frkv @NordicBuilder @tejlmand @pdunaj @rlubos @b-gent @lemrey