Re: [PATCH] crypto: sun4i-ss: support the Security System PRNG

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Corentin Labbe <clabbe.montjoie@gmail.com>
To: Stephan Mueller <smueller@chronox.de>
Cc: herbert@gondor.apana.org.au, davem@davemloft.net,
	maxime.ripard@free-electrons.com, wens@csie.org,
	linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org,
	linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH] crypto: sun4i-ss: support the Security System PRNG
Date: Thu, 17 Nov 2016 09:07:48 +0100	[thread overview]
Message-ID: <20161117080748.GB25394@Red> (raw)
In-Reply-To: <1722218.eZlGktOxfL@tauon.atsec.com>

On Tue, Oct 18, 2016 at 04:24:22PM +0200, Stephan Mueller wrote:
> Am Dienstag, 18. Oktober 2016, 14:34:27 CEST schrieb Corentin Labbe:
> 
> Hi Corentin,
> 
> > diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-hwrng.c
> > b/drivers/crypto/sunxi-ss/sun4i-ss-hwrng.c new file mode 100644
> > index 0000000..95fadb7
> > --- /dev/null
> > +++ b/drivers/crypto/sunxi-ss/sun4i-ss-hwrng.c
> > @@ -0,0 +1,70 @@
> > +#include "sun4i-ss.h"
> > +
> > +static int sun4i_ss_hwrng_init(struct hwrng *hwrng)
> > +{
> > +	struct sun4i_ss_ctx *ss;
> > +
> > +	ss = container_of(hwrng, struct sun4i_ss_ctx, hwrng);
> > +	get_random_bytes(ss->seed, SS_SEED_LEN);
> 
> Is it wise to call get_random_bytes once in the init function and never 
> thereafter?
> 
> This init function may be called during boot time of the kernel at which the 
> input_pool may not yet have received sufficient amounts of entropy.
> 
> What about registering a callback with add_random_ready_callback and seed 
> again when sufficient entropy was collected?
> 

Seed again, or just do not seed (and so return -EAGAIN for read() function) until ready_callback ?

Thanks

Corentin Labbe

WARNING: multiple messages have this Message-ID (diff)

From: clabbe.montjoie@gmail.com (Corentin Labbe)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH] crypto: sun4i-ss: support the Security System PRNG
Date: Thu, 17 Nov 2016 09:07:48 +0100	[thread overview]
Message-ID: <20161117080748.GB25394@Red> (raw)
In-Reply-To: <1722218.eZlGktOxfL@tauon.atsec.com>

On Tue, Oct 18, 2016 at 04:24:22PM +0200, Stephan Mueller wrote:
> Am Dienstag, 18. Oktober 2016, 14:34:27 CEST schrieb Corentin Labbe:
> 
> Hi Corentin,
> 
> > diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-hwrng.c
> > b/drivers/crypto/sunxi-ss/sun4i-ss-hwrng.c new file mode 100644
> > index 0000000..95fadb7
> > --- /dev/null
> > +++ b/drivers/crypto/sunxi-ss/sun4i-ss-hwrng.c
> > @@ -0,0 +1,70 @@
> > +#include "sun4i-ss.h"
> > +
> > +static int sun4i_ss_hwrng_init(struct hwrng *hwrng)
> > +{
> > +	struct sun4i_ss_ctx *ss;
> > +
> > +	ss = container_of(hwrng, struct sun4i_ss_ctx, hwrng);
> > +	get_random_bytes(ss->seed, SS_SEED_LEN);
> 
> Is it wise to call get_random_bytes once in the init function and never 
> thereafter?
> 
> This init function may be called during boot time of the kernel at which the 
> input_pool may not yet have received sufficient amounts of entropy.
> 
> What about registering a callback with add_random_ready_callback and seed 
> again when sufficient entropy was collected?
> 

Seed again, or just do not seed (and so return -EAGAIN for read() function) until ready_callback ?

Thanks

Corentin Labbe

next prev parent reply	other threads:[~2016-11-17  8:07 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-10-18 12:34 [PATCH] crypto: sun4i-ss: support the Security System PRNG Corentin Labbe
2016-10-18 12:34 ` Corentin Labbe
2016-10-18 14:24 ` Stephan Mueller
2016-10-18 14:24   ` Stephan Mueller
2016-11-17  8:07   ` Corentin Labbe [this message]
2016-11-17  8:07     ` Corentin Labbe
2016-11-17  8:18     ` Stephan Mueller
2016-11-17  8:18       ` Stephan Mueller
2016-10-18 16:09 ` PrasannaKumar Muralidharan
2016-10-18 16:09   ` PrasannaKumar Muralidharan
2016-11-17  8:05   ` Corentin Labbe
2016-11-17  8:05     ` Corentin Labbe
2016-11-18  1:07 ` Sandy Harris
2016-11-18  1:07   ` Sandy Harris
2016-11-18  7:55   ` Corentin Labbe
2016-11-18  7:55     ` Corentin Labbe
  -- strict thread matches above, loose matches on Subject: below --
2017-06-20  8:58 Corentin Labbe
2017-06-20  8:58 ` Corentin Labbe
2017-06-20  8:58 ` Corentin Labbe
2017-06-20  9:59 ` Maxime Ripard
2017-06-20  9:59   ` Maxime Ripard
2017-06-20 11:45   ` Corentin Labbe
2017-06-20 11:45     ` Corentin Labbe
2017-06-21  6:48     ` Maxime Ripard
2017-06-21  6:48       ` Maxime Ripard
2017-06-21 23:47       ` Herbert Xu
2017-06-21 23:47         ` Herbert Xu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20161117080748.GB25394@Red \
    --to=clabbe.montjoie@gmail.com \
    --cc=davem@davemloft.net \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=maxime.ripard@free-electrons.com \
    --cc=smueller@chronox.de \
    --cc=wens@csie.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.