1// SPDX-License-Identifier: GPL-2.0
2/*
3 * chaoskey - driver for ChaosKey device from Altus Metrum.
4 *
5 * This device provides true random numbers using a noise source based
6 * on a reverse-biased p-n junction in avalanche breakdown. More
7 * details can be found at http://chaoskey.org
8 *
9 * The driver connects to the kernel hardware RNG interface to provide
10 * entropy for /dev/random and other kernel activities. It also offers
11 * a separate /dev/ entry to allow for direct access to the random
12 * bit stream.
13 *
14 * Copyright © 2015 Keith Packard <keithp@keithp.com>
15 */
16
17#include <linux/module.h>
18#include <linux/slab.h>
19#include <linux/usb.h>
20#include <linux/wait.h>
21#include <linux/hw_random.h>
22#include <linux/mutex.h>
23#include <linux/uaccess.h>
24
25static struct usb_driver chaoskey_driver;
26static struct usb_class_driver chaoskey_class;
27static int chaoskey_rng_read(struct hwrng *rng, void *data,
28 size_t max, bool wait);
29
30#define usb_dbg(usb_if, format, arg...) \
31 dev_dbg(&(usb_if)->dev, format, ## arg)
32
33#define usb_err(usb_if, format, arg...) \
34 dev_err(&(usb_if)->dev, format, ## arg)
35
36/* Version Information */
37#define DRIVER_AUTHOR "Keith Packard, keithp@keithp.com"
38#define DRIVER_DESC "Altus Metrum ChaosKey driver"
39#define DRIVER_SHORT "chaoskey"
40
41MODULE_AUTHOR(DRIVER_AUTHOR);
42MODULE_DESCRIPTION(DRIVER_DESC);
43MODULE_LICENSE("GPL");
44
45#define CHAOSKEY_VENDOR_ID 0x1d50 /* OpenMoko */
46#define CHAOSKEY_PRODUCT_ID 0x60c6 /* ChaosKey */
47
48#define ALEA_VENDOR_ID 0x12d8 /* Araneus */
49#define ALEA_PRODUCT_ID 0x0001 /* Alea I */
50
51#define CHAOSKEY_BUF_LEN 64 /* max size of USB full speed packet */
52
53#define NAK_TIMEOUT (HZ) /* normal stall/wait timeout */
54#define ALEA_FIRST_TIMEOUT (HZ*3) /* first stall/wait timeout for Alea */
55
56#ifdef CONFIG_USB_DYNAMIC_MINORS
57#define USB_CHAOSKEY_MINOR_BASE 0
58#else
59
60/* IOWARRIOR_MINOR_BASE + 16, not official yet */
61#define USB_CHAOSKEY_MINOR_BASE 224
62#endif
63
64static const struct usb_device_id chaoskey_table[] = {
65 { USB_DEVICE(CHAOSKEY_VENDOR_ID, CHAOSKEY_PRODUCT_ID) },
66 { USB_DEVICE(ALEA_VENDOR_ID, ALEA_PRODUCT_ID) },
67 { },
68};
69MODULE_DEVICE_TABLE(usb, chaoskey_table);
70
71static void chaos_read_callback(struct urb *urb);
72
73/* Driver-local specific stuff */
74struct chaoskey {
75 struct usb_interface *interface;
76 char in_ep;
77 struct mutex lock;
78 struct mutex rng_lock;
79 int open; /* open count */
80 bool present; /* device not disconnected */
81 bool reading; /* ongoing IO */
82 bool reads_started; /* track first read for Alea */
83 int size; /* size of buf */
84 int valid; /* bytes of buf read */
85 int used; /* bytes of buf consumed */
86 char *name; /* product + serial */
87 struct hwrng hwrng; /* Embedded struct for hwrng */
88 int hwrng_registered; /* registered with hwrng API */
89 wait_queue_head_t wait_q; /* for timeouts */
90 struct urb *urb; /* for performing IO */
91 char *buf;
92};
93
94static void chaoskey_free(struct chaoskey *dev)
95{
96 if (dev) {
97 usb_dbg(dev->interface, "free");
98 usb_free_urb(urb: dev->urb);
99 kfree(objp: dev->name);
100 kfree(objp: dev->buf);
101 usb_put_intf(intf: dev->interface);
102 kfree(objp: dev);
103 }
104}
105
106static int chaoskey_probe(struct usb_interface *interface,
107 const struct usb_device_id *id)
108{
109 struct usb_device *udev = interface_to_usbdev(interface);
110 struct usb_host_interface *altsetting = interface->cur_altsetting;
111 struct usb_endpoint_descriptor *epd;
112 int in_ep;
113 struct chaoskey *dev;
114 int result = -ENOMEM;
115 int size;
116 int res;
117
118 usb_dbg(interface, "probe %s-%s", udev->product, udev->serial);
119
120 /* Find the first bulk IN endpoint and its packet size */
121 res = usb_find_bulk_in_endpoint(alt: altsetting, bulk_in: &epd);
122 if (res) {
123 usb_dbg(interface, "no IN endpoint found");
124 return res;
125 }
126
127 in_ep = usb_endpoint_num(epd);
128 size = usb_endpoint_maxp(epd);
129
130 /* Validate endpoint and size */
131 if (size <= 0) {
132 usb_dbg(interface, "invalid size (%d)", size);
133 return -ENODEV;
134 }
135
136 if (size > CHAOSKEY_BUF_LEN) {
137 usb_dbg(interface, "size reduced from %d to %d\n",
138 size, CHAOSKEY_BUF_LEN);
139 size = CHAOSKEY_BUF_LEN;
140 }
141
142 /* Looks good, allocate and initialize */
143
144 dev = kzalloc(size: sizeof(struct chaoskey), GFP_KERNEL);
145
146 if (dev == NULL)
147 goto out;
148
149 dev->interface = usb_get_intf(intf: interface);
150
151 dev->buf = kmalloc(size, GFP_KERNEL);
152
153 if (dev->buf == NULL)
154 goto out;
155
156 dev->urb = usb_alloc_urb(iso_packets: 0, GFP_KERNEL);
157
158 if (!dev->urb)
159 goto out;
160
161 usb_fill_bulk_urb(urb: dev->urb,
162 dev: udev,
163 usb_rcvbulkpipe(udev, in_ep),
164 transfer_buffer: dev->buf,
165 buffer_length: size,
166 complete_fn: chaos_read_callback,
167 context: dev);
168
169 /* Construct a name using the product and serial values. Each
170 * device needs a unique name for the hwrng code
171 */
172
173 if (udev->product && udev->serial) {
174 dev->name = kasprintf(GFP_KERNEL, fmt: "%s-%s", udev->product,
175 udev->serial);
176 if (dev->name == NULL)
177 goto out;
178 }
179
180 dev->in_ep = in_ep;
181
182 if (le16_to_cpu(udev->descriptor.idVendor) != ALEA_VENDOR_ID)
183 dev->reads_started = true;
184
185 dev->size = size;
186 dev->present = true;
187
188 init_waitqueue_head(&dev->wait_q);
189
190 mutex_init(&dev->lock);
191 mutex_init(&dev->rng_lock);
192
193 usb_set_intfdata(intf: interface, data: dev);
194
195 result = usb_register_dev(intf: interface, class_driver: &chaoskey_class);
196 if (result) {
197 usb_err(interface, "Unable to allocate minor number.");
198 goto out;
199 }
200
201 dev->hwrng.name = dev->name ? dev->name : chaoskey_driver.name;
202 dev->hwrng.read = chaoskey_rng_read;
203
204 dev->hwrng_registered = (hwrng_register(rng: &dev->hwrng) == 0);
205 if (!dev->hwrng_registered)
206 usb_err(interface, "Unable to register with hwrng");
207
208 usb_enable_autosuspend(udev);
209
210 usb_dbg(interface, "chaoskey probe success, size %d", dev->size);
211 return 0;
212
213out:
214 usb_set_intfdata(intf: interface, NULL);
215 chaoskey_free(dev);
216 return result;
217}
218
219static void chaoskey_disconnect(struct usb_interface *interface)
220{
221 struct chaoskey *dev;
222
223 usb_dbg(interface, "disconnect");
224 dev = usb_get_intfdata(intf: interface);
225 if (!dev) {
226 usb_dbg(interface, "disconnect failed - no dev");
227 return;
228 }
229
230 if (dev->hwrng_registered)
231 hwrng_unregister(rng: &dev->hwrng);
232
233 usb_deregister_dev(intf: interface, class_driver: &chaoskey_class);
234
235 usb_set_intfdata(intf: interface, NULL);
236 mutex_lock(&dev->lock);
237
238 dev->present = false;
239 usb_poison_urb(urb: dev->urb);
240
241 if (!dev->open) {
242 mutex_unlock(lock: &dev->lock);
243 chaoskey_free(dev);
244 } else
245 mutex_unlock(lock: &dev->lock);
246
247 usb_dbg(interface, "disconnect done");
248}
249
250static int chaoskey_open(struct inode *inode, struct file *file)
251{
252 struct chaoskey *dev;
253 struct usb_interface *interface;
254
255 /* get the interface from minor number and driver information */
256 interface = usb_find_interface(drv: &chaoskey_driver, minor: iminor(inode));
257 if (!interface)
258 return -ENODEV;
259
260 usb_dbg(interface, "open");
261
262 dev = usb_get_intfdata(intf: interface);
263 if (!dev) {
264 usb_dbg(interface, "open (dev)");
265 return -ENODEV;
266 }
267
268 file->private_data = dev;
269 mutex_lock(&dev->lock);
270 ++dev->open;
271 mutex_unlock(lock: &dev->lock);
272
273 usb_dbg(interface, "open success");
274 return 0;
275}
276
277static int chaoskey_release(struct inode *inode, struct file *file)
278{
279 struct chaoskey *dev = file->private_data;
280 struct usb_interface *interface;
281
282 if (dev == NULL)
283 return -ENODEV;
284
285 interface = dev->interface;
286
287 usb_dbg(interface, "release");
288
289 mutex_lock(&dev->lock);
290
291 usb_dbg(interface, "open count at release is %d", dev->open);
292
293 if (dev->open <= 0) {
294 usb_dbg(interface, "invalid open count (%d)", dev->open);
295 mutex_unlock(lock: &dev->lock);
296 return -ENODEV;
297 }
298
299 --dev->open;
300
301 if (!dev->present) {
302 if (dev->open == 0) {
303 mutex_unlock(lock: &dev->lock);
304 chaoskey_free(dev);
305 } else
306 mutex_unlock(lock: &dev->lock);
307 } else
308 mutex_unlock(lock: &dev->lock);
309
310 usb_dbg(interface, "release success");
311 return 0;
312}
313
314static void chaos_read_callback(struct urb *urb)
315{
316 struct chaoskey *dev = urb->context;
317 int status = urb->status;
318
319 usb_dbg(dev->interface, "callback status (%d)", status);
320
321 if (status == 0)
322 dev->valid = urb->actual_length;
323 else
324 dev->valid = 0;
325
326 dev->used = 0;
327
328 /* must be seen first before validity is announced */
329 smp_wmb();
330
331 dev->reading = false;
332 wake_up(&dev->wait_q);
333}
334
335/* Fill the buffer. Called with dev->lock held
336 */
337static int _chaoskey_fill(struct chaoskey *dev)
338{
339 DEFINE_WAIT(wait);
340 int result;
341 bool started;
342
343 usb_dbg(dev->interface, "fill");
344
345 /* Return immediately if someone called before the buffer was
346 * empty */
347 if (dev->valid != dev->used) {
348 usb_dbg(dev->interface, "not empty yet (valid %d used %d)",
349 dev->valid, dev->used);
350 return 0;
351 }
352
353 /* Bail if the device has been removed */
354 if (!dev->present) {
355 usb_dbg(dev->interface, "device not present");
356 return -ENODEV;
357 }
358
359 /* Make sure the device is awake */
360 result = usb_autopm_get_interface(intf: dev->interface);
361 if (result) {
362 usb_dbg(dev->interface, "wakeup failed (result %d)", result);
363 return result;
364 }
365
366 dev->reading = true;
367 result = usb_submit_urb(urb: dev->urb, GFP_KERNEL);
368 if (result < 0) {
369 result = usb_translate_errors(error_code: result);
370 dev->reading = false;
371 goto out;
372 }
373
374 /* The first read on the Alea takes a little under 2 seconds.
375 * Reads after the first read take only a few microseconds
376 * though. Presumably the entropy-generating circuit needs
377 * time to ramp up. So, we wait longer on the first read.
378 */
379 started = dev->reads_started;
380 dev->reads_started = true;
381 result = wait_event_interruptible_timeout(
382 dev->wait_q,
383 !dev->reading,
384 (started ? NAK_TIMEOUT : ALEA_FIRST_TIMEOUT) );
385
386 if (result < 0) {
387 usb_kill_urb(urb: dev->urb);
388 goto out;
389 }
390
391 if (result == 0) {
392 result = -ETIMEDOUT;
393 usb_kill_urb(urb: dev->urb);
394 } else {
395 result = dev->valid;
396 }
397out:
398 /* Let the device go back to sleep eventually */
399 usb_autopm_put_interface(intf: dev->interface);
400
401 usb_dbg(dev->interface, "read %d bytes", dev->valid);
402
403 return result;
404}
405
406static ssize_t chaoskey_read(struct file *file,
407 char __user *buffer,
408 size_t count,
409 loff_t *ppos)
410{
411 struct chaoskey *dev;
412 ssize_t read_count = 0;
413 int this_time;
414 int result = 0;
415 unsigned long remain;
416
417 dev = file->private_data;
418
419 if (dev == NULL || !dev->present)
420 return -ENODEV;
421
422 usb_dbg(dev->interface, "read %zu", count);
423
424 while (count > 0) {
425
426 /* Grab the rng_lock briefly to ensure that the hwrng interface
427 * gets priority over other user access
428 */
429 result = mutex_lock_interruptible(&dev->rng_lock);
430 if (result)
431 goto bail;
432 mutex_unlock(lock: &dev->rng_lock);
433
434 result = mutex_lock_interruptible(&dev->lock);
435 if (result)
436 goto bail;
437 if (dev->valid == dev->used) {
438 result = _chaoskey_fill(dev);
439 if (result < 0) {
440 mutex_unlock(lock: &dev->lock);
441 goto bail;
442 }
443 }
444
445 this_time = dev->valid - dev->used;
446 if (this_time > count)
447 this_time = count;
448
449 remain = copy_to_user(to: buffer, from: dev->buf + dev->used, n: this_time);
450 if (remain) {
451 result = -EFAULT;
452
453 /* Consume the bytes that were copied so we don't leak
454 * data to user space
455 */
456 dev->used += this_time - remain;
457 mutex_unlock(lock: &dev->lock);
458 goto bail;
459 }
460
461 count -= this_time;
462 read_count += this_time;
463 buffer += this_time;
464 dev->used += this_time;
465 mutex_unlock(lock: &dev->lock);
466 }
467bail:
468 if (read_count) {
469 usb_dbg(dev->interface, "read %zu bytes", read_count);
470 return read_count;
471 }
472 usb_dbg(dev->interface, "empty read, result %d", result);
473 if (result == -ETIMEDOUT)
474 result = -EAGAIN;
475 return result;
476}
477
478static int chaoskey_rng_read(struct hwrng *rng, void *data,
479 size_t max, bool wait)
480{
481 struct chaoskey *dev = container_of(rng, struct chaoskey, hwrng);
482 int this_time;
483
484 usb_dbg(dev->interface, "rng_read max %zu wait %d", max, wait);
485
486 if (!dev->present) {
487 usb_dbg(dev->interface, "device not present");
488 return 0;
489 }
490
491 /* Hold the rng_lock until we acquire the device lock so that
492 * this operation gets priority over other user access to the
493 * device
494 */
495 mutex_lock(&dev->rng_lock);
496
497 mutex_lock(&dev->lock);
498
499 mutex_unlock(lock: &dev->rng_lock);
500
501 /* Try to fill the buffer if empty. It doesn't actually matter
502 * if _chaoskey_fill works; we'll just return zero bytes as
503 * the buffer will still be empty
504 */
505 if (dev->valid == dev->used)
506 (void) _chaoskey_fill(dev);
507
508 this_time = dev->valid - dev->used;
509 if (this_time > max)
510 this_time = max;
511
512 memcpy(data, dev->buf + dev->used, this_time);
513
514 dev->used += this_time;
515
516 mutex_unlock(lock: &dev->lock);
517
518 usb_dbg(dev->interface, "rng_read this_time %d\n", this_time);
519 return this_time;
520}
521
522#ifdef CONFIG_PM
523static int chaoskey_suspend(struct usb_interface *interface,
524 pm_message_t message)
525{
526 usb_dbg(interface, "suspend");
527 return 0;
528}
529
530static int chaoskey_resume(struct usb_interface *interface)
531{
532 struct chaoskey *dev;
533 struct usb_device *udev = interface_to_usbdev(interface);
534
535 usb_dbg(interface, "resume");
536 dev = usb_get_intfdata(intf: interface);
537
538 /*
539 * We may have lost power.
540 * In that case the device that needs a long time
541 * for the first requests needs an extended timeout
542 * again
543 */
544 if (le16_to_cpu(udev->descriptor.idVendor) == ALEA_VENDOR_ID)
545 dev->reads_started = false;
546
547 return 0;
548}
549#else
550#define chaoskey_suspend NULL
551#define chaoskey_resume NULL
552#endif
553
554/* file operation pointers */
555static const struct file_operations chaoskey_fops = {
556 .owner = THIS_MODULE,
557 .read = chaoskey_read,
558 .open = chaoskey_open,
559 .release = chaoskey_release,
560 .llseek = default_llseek,
561};
562
563/* class driver information */
564static struct usb_class_driver chaoskey_class = {
565 .name = "chaoskey%d",
566 .fops = &chaoskey_fops,
567 .minor_base = USB_CHAOSKEY_MINOR_BASE,
568};
569
570/* usb specific object needed to register this driver with the usb subsystem */
571static struct usb_driver chaoskey_driver = {
572 .name = DRIVER_SHORT,
573 .probe = chaoskey_probe,
574 .disconnect = chaoskey_disconnect,
575 .suspend = chaoskey_suspend,
576 .resume = chaoskey_resume,
577 .reset_resume = chaoskey_resume,
578 .id_table = chaoskey_table,
579 .supports_autosuspend = 1,
580};
581
582module_usb_driver(chaoskey_driver);
583
584

source code of linux/drivers/usb/misc/chaoskey.c