RNDR/SS vs. SMCCC
Benjamin Herrenschmidt
benh at kernel.crashing.org
Wed Jun 2 18:41:47 PDT 2021
On Thu, 2021-06-03 at 01:19 +0100, Andre Przywara wrote:
>
> You mean like this?
> https://gitlab.arm.com/linux-arm/linux-ap/-/commit/87e3722f437f9c3f09397e0e9812e6509c94786a
Yes. We have a similar one in Amazon Linux which I think Ali submitted
a while back but never went upstream.
> This is not reviewed nor widely tested, but I used it for assessing the
> quality of the SMCCC provided numbers on the Juno board using rngtest.
> I think one problem was that this opens the SMCCC to userland, so the
> entropy could be depleted from there (again under the assumption that
> this is really a problem in practice).
IMHO, userland can always adjust permission to /dev/hwrng if it wishes
to do so...
> I would be interested to hear opinions on this.
The issue is with things like FIPS certification (and other such
horrors) where I believe /dev/random is much harder to deal with since
it mixes multiple entropy sources.
Cheers,
Ben.
More information about the linux-arm-kernel
mailing list