lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sun, 23 Jun 2024 19:40:58 +0530
From: Anand Moon <linux.amoon@...il.com>
To: Krzysztof Kozlowski <krzk@...nel.org>, Daniel Golle <daniel@...rotopia.org>, 
	Olivia Mackall <olivia@...enic.com>, Herbert Xu <herbert@...dor.apana.org.au>, 
	Rob Herring <robh@...nel.org>, Krzysztof Kozlowski <krzk+dt@...nel.org>, Conor Dooley <conor+dt@...nel.org>, 
	Heiko Stuebner <heiko@...ech.de>, Philipp Zabel <p.zabel@...gutronix.de>, 
	Uwe Kleine-König <ukleinek@...ian.org>, 
	Sebastian Reichel <sebastian.reichel@...labora.com>, Sascha Hauer <s.hauer@...gutronix.de>, 
	Dragan Simic <dsimic@...jaro.org>, Martin Kaiser <martin@...ser.cx>, Ard Biesheuvel <ardb@...nel.org>, 
	linux-crypto@...r.kernel.org, devicetree@...r.kernel.org, 
	linux-arm-kernel@...ts.infradead.org, linux-rockchip@...ts.infradead.org, 
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v4 2/3] hwrng: add Rockchip SoC hwrng driver

Hi,

On Sun, 23 Jun 2024 at 16:13, Aurelien Jarno <aurelien@...el32.net> wrote:
>
> Hi,
>
> On 2024-06-23 09:00, Krzysztof Kozlowski wrote:
> > On 23/06/2024 05:33, Daniel Golle wrote:
> > > +
> > > +   rk_rng->rng.name = dev_driver_string(dev);
> > > +#ifndef CONFIG_PM
> > > +   rk_rng->rng.init = rk_rng_init;
> > > +   rk_rng->rng.cleanup = rk_rng_cleanup;
> > > +#endif
> > > +   rk_rng->rng.read = rk_rng_read;
> > > +   rk_rng->rng.priv = (unsigned long) dev;
> > > +   rk_rng->rng.quality = 900;
> >
> > I doubt in this value. Usually SoC vendors do not provide datasheet with
> > any reliable and verifiable (so one which could be proven by 3rd party)
> > information. Can you provide a source? (and vendor downstream tree does
> > not really count)
>
> As the original author of the patch, I am the one who have chosen the
> value. I did it as explained in the commit message:
>
> | The TRNG device does not seem to have a signal conditionner and the FIPS
> | 140-2 test returns a lot of failures. They can be reduced by increasing
> | RK_RNG_SAMPLE_CNT, in a tradeoff between quality and speed. This value
> | has been adjusted to get ~90% of successes and the quality value has
> | been set accordingly.
>
> It is also explained, admittedly more briefly, above the
> RK_RNG_SAMPLE_CNT #define, as the commit messages are not really
> relevant anymore once the patches are accepted:
>
> | * TRNG collects osc ring output bit every RK_RNG_SAMPLE_CNT time. The value is
> | * a tradeoff between speed and quality and has been adjusted to get a quality
> | * of ~900 (~90% of FIPS 140-2 successes).
> | */
>
> The decision to adjust RK_RNG_SAMPLE_CNT to reach ~90% of FIPS 140-2
> successes was based on the quality chosen by most hw_random drivers
> currently in the kernel sources. The FIPS 140-2 tests were performed
> using rngtest from the rng-tools project.
>
> All that said, I am not an expert in that domain, so feel free to point
> to the documentation or provide the correct method to determine the
> quality.
>
> Regards
> Aurelien
>
> [1] https://git.kernel.org/pub/scm/utils/kernel/rng-tools/rng-tools.git/

This is an old repository, the latest can be found below
[1] https://github.com/nhorman/rng-tools

However, I could not find the support from ARM and ARM64 in the repository below
because all the assembly is written for the X86 arch.

Thanks

-Anand

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ