[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <8734z6hb5i.fsf@kamlesh.i-did-not-set--mail-host-address--so-tickle-me>
Date: Fri, 22 Sep 2023 13:50:25 +0530
From: Kamlesh Gurudasani <kamlesh@...com>
To: Gatien Chevallier <gatien.chevallier@...s.st.com>,
Olivia Mackall <olivia@...enic.com>,
Herbert Xu <herbert@...dor.apana.org.au>,
"Rob Herring" <robh+dt@...nel.org>,
Krzysztof Kozlowski <krzysztof.kozlowski+dt@...aro.org>,
Maxime Coquelin <mcoquelin.stm32@...il.com>,
Alexandre Torgue <alexandre.torgue@...s.st.com>
CC: Lionel Debieve <lionel.debieve@...s.st.com>,
<linux-crypto@...r.kernel.org>, <devicetree@...r.kernel.org>,
<linux-stm32@...md-mailman.stormreply.com>,
<linux-arm-kernel@...ts.infradead.org>,
<linux-kernel@...r.kernel.org>,
"Gatien Chevallier" <gatien.chevallier@...s.st.com>
Subject: Re: [EXTERNAL] [PATCH v3 9/9] ARM: dts: stm32: add RNG node for
STM32MP13x platforms
Gatien Chevallier <gatien.chevallier@...s.st.com> writes:
> The RNG on STM32MP13 offers upgrades like customization of its
> configuration and the conditional reset.
>
> The hardware RNG should be managed in the secure world for but it
> is supported on Linux. Therefore, is it not default enabled.
Just curious, will there be concurrent access? If yes, how do you manage
the entropy in that case?
If you allow access to RNG from normal world, can attacker change the
setting to generate more predicatable numbers leading this to secure
world as well.
I understand that you're leaving the enablement part to customer but
you still have to allow RNG access to normal world for that.
-Kamlesh
Powered by blists - more mailing lists