Bluetooth: Replace custom rand driver with standard entropy

[carlescufi]

No description provided.

[carlescufi]

CC @durub

[cvinayak]

bump copyright year

[cvinayak]

this is done.

[cvinayak]

Isnt 3 level of priority available now in Zephyr CM0? and 5 in CM4?

[carlescufi]

Not in CM4, but you are correct about CM0

[cvinayak]

Let keep this all the way to the lowest

[carlescufi]

OK

[cvinayak]

Have these as Kconfig options, and checked by controller Kconfig?

[carlescufi]

OK

[cvinayak]

drop nrf5

[carlescufi]

Then I would have to include it in the API and I want to avoid this at this point.

[cvinayak]

Will wait for @galak

[codecov-io]

Codecov Report

Merging #6294 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master    #6294   +/-   ##
=======================================
  Coverage   53.51%   53.51%           
=======================================
  Files         437      437           
  Lines       41420    41420           
  Branches     7935     7935           
=======================================
  Hits        22164    22164           
  Misses      16039    16039           
  Partials     3217     3217

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 570be1b...df4390f. Read the comment docs.

[carlescufi]

@GiulianoFranchetto this would solve the issues in #6049

[cvinayak]

we need two more.... CONFIG_ENTROPY_NRF5_THR/ISR_SIZE, these have the "range CONFIG_ENTROPY_NRF5_THR/ISR_THRESHOLD 255"

and use (CONFIG_ENTROPY_NRF5_THR/ISR_SIZE + 1) as the context-safe ring buffer size.

[cvinayak]

this is done.

[cvinayak]

check if these additional parameter passing has ISR overheads.

[carlescufi]

@cvinayak addressed all your comments, including the generic API instead of an nrf5 one

[galak]

Some changes to consider.

[galak]

Can this either use the entropy handle from the radio, or is there somewhere we can initialize this once, so we don't have to call device_get_binding on every call to bt_rand()

[carlescufi]

I plan to change bt_rand later anyway, and this is only used by the BLE Host sparingly.

[galak]

How about we have _isr at the end of the function as the naming convention, I think that will be cleaner going forward (entropy_get_entropy_isr)

[carlescufi]

Agreed, will change

[galak]

I wonder if we should do something like:

if (api->isr_get_entropy) {
   return ...
} else {
   return -ENOTSUP;
}

Since not every driver might support this.

[carlescufi]

Agreed, will change

[cvinayak]

this is one additional branching in ISR.

[carlescufi]

Only with kernel asserts enabled (CONFIG_DEBUG)

[carlescufi]

@cvinayak Sorry, I misread. @galak on second thought this is an ISR call, so usually critical. I'd rather __ASSERT() than return an error here.

[cvinayak]

redundant line.

[cvinayak]

redundant line?

[cvinayak]

redundant line

[cvinayak]

redundant line

[carlescufi]

@galak @cvinayak addressed your comments

[nvlsianpu]

I'm analyzing the algorithm. I will put opinion soon.

[nvlsianpu]

Why this call is made? Is this for flush random value in case of the race condition occurrence?

[nvlsianpu]

^^I mean the second param value - -ENOBUFS might be returned in two cases.

[cvinayak]

-ENOBUFS is returned to convey that a new rng value has not been put into ring buffer due to the ISR ring buffer being full (or no ISR ring buffer initialized). Hence, conveyed as "store" param to the next ring buffer (thread).

Same pattern of nested if-clause can be used to scale to any number of ring buffer population.

[nvlsianpu]

Thanks. Then i understood this properly. Everything is right here.

[nvlsianpu]

		u8_t *d, *s;
 		u8_t avail;
 		d = &rand[octets];
 		s = &rng->rand[first];

Put before if statement - this are code duplication.

[cvinayak]

Agree.

[carlescufi]

@nvlsianpu I didn't write the driver, just ported it, so I will let @cvinayak speak about the implementation details.

[nvlsianpu]

can we have a comment here? - like fetch bytes form upper part of random buffer.

[nvlsianpu]

can we have a comment here? - like fetch bytes form lower part of random buffer.

[nvlsianpu]

It is possible to reorganize get algorithm to two if statement:

if (last < first) {
  //  fetch bytes from upper rng buffer
  // update first, last, octets
}

if (octets && (first <= last)
{
  //  fetch bytes from lower rng buffer
}

I don't see a big sense in do so - so I just I signal this.

[cvinayak]

Your suggestion translates to:
1 compare and 1 branch
plus
1 branch, 1 compare and 1 branch

whereas my top level if-clause translates to just 1 compare and 1 branch (my understanding).

[nvlsianpu]

Yes, something like this. Code would be more compact, but cons is increased execution time.
so keep as is.

[cvinayak]

Your suggestion translates to:
1 compare and 1 branch
plus
1 branch, 1 compare and 1 branch

whereas my top level if-clause translates to just 1 compare and 1 branch (my understanding).

[cvinayak]

Agree.

[cvinayak]

-ENOBUFS is returned to convey that a new rng value has not been put into ring buffer due to the ISR ring buffer being full (or no ISR ring buffer initialized). Hence, conveyed as "store" param to the next ring buffer (thread).

Same pattern of nested if-clause can be used to scale to any number of ring buffer population.

[carlescufi]

@cvinayak pushed a fix for the crash. The issue was the wrong pointer passed to IRQ_CONNECT()

[carlescufi]

@nvlsianpu @galak this should be ready now

[carlescufi]

@cvinayak I'm happy with your changes but can't approve because I submitted the PR. Can you approve instead?
@galak can you take one last look at this? we've reworked this a bit

[galak]

Since you are using these outside of the driver, should have a bit more comment/api docs.

[carlescufi]

Agreed, fixed

[galak]

Why aren't we adding these APIs entropy_get_entropy_isr & entropy_get_entropy_thr to include/entropy.h?

If they are not going to be added there, they should have an nrf namespace.

[carlescufi]

Why aren't we adding these APIs entropy_get_entropy_isr & entropy_get_entropy_thr to include/entropy.h?

Because the issue is removing the device* parameter so that the call is faster.

[galak]

Because the issue is removing the device* parameter so that the call is faster.

How much faster? Faster that what other implementation? One in which we pass a pointer to the entropy device?

[carlescufi]

How much faster? Faster that what other implementation? One in which we pass a pointer to the entropy device?

The issue here is that we want to be able to use a standard entropy driver for the Link Layer, which has strict timing requirements. What @cvinayak has observed is that if we don't remove the parameter from the function call, as well as optimizing with -Ofast, the ISR does not have time to complete. We are trying to reach a compromise where we use a standard driver instead of having a BLE-specific one in subsys/bluetooth/controller/hal, but at the same time we can still perform fast encryption on an nRF51.

[carlescufi]

@cvinayak do we really need this one? In thread mode we could use the standard one really

[carlescufi]

@cvinayak @galak updated after lengthy discussion

[cvinayak]

duplicated

[carlescufi]

fixed

[cvinayak]

you dont need this here

[carlescufi]

fixed

[cvinayak]

redundant change

[carlescufi]

fixed

[cvinayak]

LGTM

[carlescufi]

@galak we leave this out of 1.11, ready for 1.12. That said, it still needs your approval, I think all of your initial objections have been addressed.

[durub]

LGTM.

Thanks, @carlescufi! I was just needing this yesterday, having this ready for 1.12 is great news -- good job.

[cvinayak]

LGTM