[PATCH] ARM: ep93xx: toss the device ID into the entropy pool

Michael van der Westhuizen michael.vanderwesthuizen at smart-africa.com
Tue Jun 23 23:14:58 PDT 2015


On 23 June 2015 at 22:39, Arnd Bergmann <arnd at arndb.de> wrote:
> On Thursday 18 June 2015 16:47:39 Linus Walleij wrote:
>> @@ -862,6 +863,12 @@ static const char __init *ep93xx_get_soc_id(void)
>>         if (id != id2)
>>                 return "invalid";
>>
>> +       /* Toss the unique ID into the entropy pool */
>> +       add_device_randomness(&id2, 4);
>> +       add_device_randomness(&id3, 4);
>> +       add_device_randomness(&id4, 4);
>> +       add_device_randomness(&id5, 4);
>> +
>>
>
> A stupid question from someone who does not understand computer
> security: Is there any concern about being able to identify a
> particular machine based on the random numbers generated at
> runtime afterwards?

No, not in this case.  The reason for this pattern (where any SoC specific
data that is not visible out of the SoC is mixed in to the initial entropy pool)
is to avoid class attacks against device families due to similarity of initial
random numbers affecting this quality of early ephemeral keys.

A general guideline is that any data that cannot be determined unless
you're actually running within the SoC can be mixed into the entropy pool.

Of course, nothing beats a half-decent hardware RNG as an initial entropy
source.

Michael



More information about the linux-arm-kernel mailing list