| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <20171205123558.31087-4-l.stelmach@samsung.com>
Date: Tue, 05 Dec 2017 13:35:58 +0100
From: Łukasz Stelmach <l.stelmach@...sung.com>
To: Krzysztof Kozlowski <krzk@...nel.org>, robh+dt@...nel.org,
Stephan Mueller <smueller@...onox.de>,
Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>,
Kukjin Kim <kgene@...nel.org>, linux-crypto@...r.kernel.org,
linux-samsung-soc@...r.kernel.org, linux-kernel@...r.kernel.org
Cc: Łukasz Stelmach <l.stelmach@...sung.com>,
m.szyprowski@...sung.com, b.zolnierkie@...sung.com
Subject: [PATCH 3/3] crypto: exynos - Reseed PRNG after generating 2^16
random bytes
Reseed PRNG after reading 65 kB of randomness. Although this may reduce
performance, in most casese the loss is not noticable.
Signed-off-by: Łukasz Stelmach <l.stelmach@...sung.com>
---
drivers/crypto/exynos-rng.c | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/exynos-rng.c b/drivers/crypto/exynos-rng.c
index 002e9d2a83cc..0bf07a655813 100644
--- a/drivers/crypto/exynos-rng.c
+++ b/drivers/crypto/exynos-rng.c
@@ -54,12 +54,15 @@ enum exynos_prng_type {
};
/*
- * Driver re-seeds itself with generated random numbers to increase
- * the randomness.
+ * Driver re-seeds itself with generated random numbers to hinder
+ * backtracking of the original seed.
*
* Time for next re-seed in ms.
*/
-#define EXYNOS_RNG_RESEED_TIME 100
+#define EXYNOS_RNG_RESEED_TIME 1000
+#define EXYNOS_RNG_RESEED_BYTES 65536
+
+
/*
* In polling mode, do not wait infinitely for the engine to finish the work.
*/
@@ -81,6 +84,8 @@ struct exynos_rng_dev {
unsigned int seed_save_len;
/* Time of last seeding in jiffies */
unsigned long last_seeding;
+ /* Bytes generated since last seeding */
+ unsigned long bytes_seeding;
};
static struct exynos_rng_dev *exynos_rng_dev;
@@ -125,6 +130,7 @@ static int exynos_rng_set_seed(struct exynos_rng_dev *rng,
}
rng->last_seeding = jiffies;
+ rng->bytes_seeding = 0;
return 0;
}
@@ -166,6 +172,8 @@ static int exynos_rng_get_random(struct exynos_rng_dev *rng,
memcpy_fromio(dst, rng->mem + EXYNOS_RNG_OUT_BASE, *read);
return 0;
+
+
}
/* Re-seed itself from time to time */
@@ -177,7 +185,8 @@ static void exynos_rng_reseed(struct exynos_rng_dev *rng)
unsigned int read = 0;
u8 seed[EXYNOS_RNG_SEED_SIZE];
- if (time_before(now, next_seeding))
+ if (time_before(now, next_seeding) &&
+ rng->bytes_seeding < EXYNOS_RNG_RESEED_BYTES)
return;
if (exynos_rng_get_random(rng, seed, sizeof(seed), &read))
@@ -206,6 +215,7 @@ static int exynos_rng_generate(struct crypto_rng *tfm,
dlen -= read;
dst += read;
+ rng->bytes_seeding += read;
exynos_rng_reseed(rng);
} while (dlen > 0);
--
2.11.0
Powered by blists - more mailing lists