From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.5 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 127D8C433E3 for ; Wed, 20 May 2020 09:18:56 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id DB3F0207F9 for ; Wed, 20 May 2020 09:18:55 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=chronox.de header.i=@chronox.de header.b="opcHvNIS" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726718AbgETJSz (ORCPT ); Wed, 20 May 2020 05:18:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35794 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726224AbgETJSy (ORCPT ); Wed, 20 May 2020 05:18:54 -0400 Received: from mo6-p01-ob.smtp.rzone.de (mo6-p01-ob.smtp.rzone.de [IPv6:2a01:238:20a:202:5301::7]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1FCB2C061A0E; Wed, 20 May 2020 02:18:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1589966330; s=strato-dkim-0002; d=chronox.de; h=References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: X-RZG-CLASS-ID:X-RZG-AUTH:From:Subject:Sender; bh=jnu5hWhBP4JZRIy4PRG4U6miSmGbRgsPoOIk1eFJ53E=; b=opcHvNIS2wUmw7Z8RZ1xMShDtJeCEMF2S+IkoH4VGplXLFVF9y22JJ9TZPnZYh4Rdy i6wkhmgcfBQHzF3VxqKfXAYptX9H3/FG4YiJzCo7GANAEzeC5iX7PR6O6bqmmNE/LCIh WIfpu0IqwbVzf03B/9hBW21168BNxHJhesyFKjkfTFwMJrnTQgAuPlxdYYDOLhpofFfu 3pFRffsvVKBBAuqt9hWkvXkegriOQohGq0xA9sWTgWaV4LL36r3bgjvYc8Rb/D9WXOda mOEU5gHHrOtFZ211MbFl5AQ2tx8jf7k9NxcVwaRbDujt+miqvgtZnXZHdP+l+Eov+uzf frvQ== X-RZG-AUTH: ":P2ERcEykfu11Y98lp/T7+hdri+uKZK8TKWEqNyiHySGSa9k9zmgLKehaO2hZDSTWbg/LOA==" X-RZG-CLASS-ID: mo00 Received: from tauon.chronox.de by smtp.strato.de (RZmta 46.7.0 AUTH) with ESMTPSA id k09005w4K9IZ4DL (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256 bits)) (Client did not present a certificate); Wed, 20 May 2020 11:18:35 +0200 (CEST) From: Stephan Mueller To: Lukasz Stelmach Cc: Matt Mackall , Herbert Xu , Arnd Bergmann , Greg Kroah-Hartman , Ray Jui , Scott Branden , bcm-kernel-feedback-list@broadcom.com, Kukjin Kim , Krzysztof Kozlowski , Florian Fainelli , Markus Elfring , Matthias Brugger , Stefan Wahren , linux-crypto@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linux-samsung-soc@vger.kernel.org, Bartlomiej Zolnierkiewicz Subject: Re: [PATCH v2 1/2] hwrng: iproc-rng200 - Set the quality value Date: Wed, 20 May 2020 11:18:32 +0200 Message-ID: <15745285.MnsZKaK4VV@tauon.chronox.de> In-Reply-To: References: <1748331.j7eDFAdTc1@tauon.chronox.de> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8" Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Am Mittwoch, 20. Mai 2020, 11:10:32 CEST schrieb Lukasz Stelmach: Hi Lukasz, > It was <2020-05-20 =C5=9Bro 08:23>, when Stephan Mueller wrote: > > Am Dienstag, 19. Mai 2020, 23:25:51 CEST schrieb =C5=81ukasz Stelmach: > >> The value was estimaded with ea_iid[1] using on 10485760 bytes read fr= om > >> the RNG via /dev/hwrng. The min-entropy value calculated using the most > >> common value estimate (NIST SP 800-90P[2], section 6.3.1) was 7.964464. > >=20 > > I am sorry, but I think I did not make myself clear: testing random > > numbers > > post-processing with the statistical tools does NOT give any idea about > > the > > entropy rate. Thus, all that was calculated is the proper implementation > > of > > the post-processing operation and not the actual noise source. > >=20 > > What needs to happen is that we need access to raw, unconditioned data > > from > > the noise source that is analyzed with the statistical methods. >=20 > I did understand you and I assure you the data I tested were obtained > directly from RNGs. As I pointed before[1], that is how /dev/hwrng > works[2]. I understand that /dev/hwrng pulls the data straight from the hardware. But= =20 the data from the hardware usually is not obtained straight from the noise= =20 source. Typically you have a noise source (e.g. a ring oscillator) whose data is=20 digitized then fed into a compression function like an LFSR or a hash. Then= a=20 cryptographic operation like a CBC-MAC, hash or even a DRBG is applied to t= hat=20 data when the caller wants to have random numbers. In order to estimate entropy, we need the raw unconditioned data from the,= =20 say, ring oscillator and not from the (cryptographic) output operation. That said, the illustrated example is typical for hardware RNGs. Yet it is= =20 never guaranteed to work that way. Thus, if you can point to architecture=20 documentation of your specific hardware RNGs showing that the data read fro= m=20 the hardware is pure unconditioned noise data, then I have no objections to= =20 the patch. >=20 > If I am wrong, do show me the code that processes the data from a HW RNG > before copying them to user provided buffer[3]. I am not talking about any software post-processing. I am talking about pos= t- processing within the hardware. >=20 > [1] https://lkml.org/lkml/2020/5/15/252 > [2] > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/D= oc > umentation/admin-guide/hw_random.rst?h=3Dv5.6 [3] > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/d= ri > vers/char/hw_random/core.c?h=3Dv5.6#n251 >=20 > Kind regards, Ciao Stephan From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.8 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C0BF1C433E0 for ; Wed, 20 May 2020 09:18:54 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 66CBE2070A for ; Wed, 20 May 2020 09:18:54 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="O2hkfQIs"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=chronox.de header.i=@chronox.de header.b="pbzI3cWQ" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 66CBE2070A Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=chronox.de Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=XtAl6tIiBg0LDFgysCwDuYL9vsaekdQXb6RUuP9rRQc=; b=O2hkfQIsIKXvlG gl3g/p6A0KHZswIyUgEWEUAK5a9leIrbX6Am088QSNTfCmw7byhuOkzZUpU94QwqbY1rdk2EnzE8Q DBTLsx+aNNdIutzzQZHooY69E71+rhNpp18whS0WgOwHXd22a4QyIS4ySVFY3ZdrsURyi01aZWbfj PKfi7AlfQwcJfL5D2vYrztisJBd6pFqNCiaiZpCWbe1Io/WQk5eNc53yi2W8894KjXBGTLY24gp1g vSFFy5jfTmPD/nJc250FqyiX8Y6q+p5DBc5wfRrskC2QR9bzNOZ6+CeSZyRd3lqqudR/H8p07IetO FObeKTSUhMZJ1LLW9BFQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1jbKsG-0004zz-D3; Wed, 20 May 2020 09:18:52 +0000 Received: from mo6-p01-ob.smtp.rzone.de ([2a01:238:20a:202:5301::1]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1jbKsC-0004zL-KO for linux-arm-kernel@lists.infradead.org; Wed, 20 May 2020 09:18:50 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1589966324; s=strato-dkim-0002; d=chronox.de; h=References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: X-RZG-CLASS-ID:X-RZG-AUTH:From:Subject:Sender; bh=jnu5hWhBP4JZRIy4PRG4U6miSmGbRgsPoOIk1eFJ53E=; b=pbzI3cWQS37lelUQlFZp1ZpbR9RupgTFDNNlGGvCMRYOoVEih6pjPvhLenF+0x544C vJbEHfsMsISjH0d0I955cHNqaw2imLuFY1dcEXuODiQzATZO4dxiv8z8AsbjB1VvvAQt JnL+0cHEiiMOsdIVOqIi+EYka6ZJBBtItB07V7F88vcYs87cMEkOGt6gB+a5k0WLF65x g5FaebTYkVaqglfZTxNwKmmJCwgFofN3paUUsQ2igI870tUiidlwSAVuOclRjPIVBTtS qgIWucsj5rEH2bAvPB5qzvFzUeqaDNv0ppql6fz04xbEI5xOyfF+5LehMbprvtl/Zm8c VfmA== X-RZG-AUTH: ":P2ERcEykfu11Y98lp/T7+hdri+uKZK8TKWEqNyiHySGSa9k9zmgLKehaO2hZDSTWbg/LOA==" X-RZG-CLASS-ID: mo00 Received: from tauon.chronox.de by smtp.strato.de (RZmta 46.7.0 AUTH) with ESMTPSA id k09005w4K9IZ4DL (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256 bits)) (Client did not present a certificate); Wed, 20 May 2020 11:18:35 +0200 (CEST) From: Stephan Mueller To: Lukasz Stelmach Subject: Re: [PATCH v2 1/2] hwrng: iproc-rng200 - Set the quality value Date: Wed, 20 May 2020 11:18:32 +0200 Message-ID: <15745285.MnsZKaK4VV@tauon.chronox.de> In-Reply-To: References: <1748331.j7eDFAdTc1@tauon.chronox.de> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200520_021849_269482_67E07F89 X-CRM114-Status: GOOD ( 16.81 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Florian Fainelli , Herbert Xu , Scott Branden , Matthias Brugger , Greg Kroah-Hartman , Matt Mackall , linux-kernel@vger.kernel.org, Krzysztof Kozlowski , linux-samsung-soc@vger.kernel.org, Bartlomiej Zolnierkiewicz , Kukjin Kim , Arnd Bergmann , Stefan Wahren , Ray Jui , bcm-kernel-feedback-list@broadcom.com, Markus Elfring , linux-arm-kernel@lists.infradead.org, linux-crypto@vger.kernel.org Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org QW0gTWl0dHdvY2gsIDIwLiBNYWkgMjAyMCwgMTE6MTA6MzIgQ0VTVCBzY2hyaWViIEx1a2FzeiBT dGVsbWFjaDoKCkhpIEx1a2FzeiwKCj4gSXQgd2FzIDwyMDIwLTA1LTIwIMWbcm8gMDg6MjM+LCB3 aGVuIFN0ZXBoYW4gTXVlbGxlciB3cm90ZToKPiA+IEFtIERpZW5zdGFnLCAxOS4gTWFpIDIwMjAs IDIzOjI1OjUxIENFU1Qgc2NocmllYiDFgXVrYXN6IFN0ZWxtYWNoOgo+ID4+IFRoZSB2YWx1ZSB3 YXMgZXN0aW1hZGVkIHdpdGggZWFfaWlkWzFdIHVzaW5nIG9uIDEwNDg1NzYwIGJ5dGVzIHJlYWQg ZnJvbQo+ID4+IHRoZSBSTkcgdmlhIC9kZXYvaHdybmcuIFRoZSBtaW4tZW50cm9weSB2YWx1ZSBj YWxjdWxhdGVkIHVzaW5nIHRoZSBtb3N0Cj4gPj4gY29tbW9uIHZhbHVlIGVzdGltYXRlIChOSVNU IFNQIDgwMC05MFBbMl0sIHNlY3Rpb24gNi4zLjEpIHdhcyA3Ljk2NDQ2NC4KPiA+IAo+ID4gSSBh bSBzb3JyeSwgYnV0IEkgdGhpbmsgSSBkaWQgbm90IG1ha2UgbXlzZWxmIGNsZWFyOiB0ZXN0aW5n IHJhbmRvbQo+ID4gbnVtYmVycwo+ID4gcG9zdC1wcm9jZXNzaW5nIHdpdGggdGhlIHN0YXRpc3Rp Y2FsIHRvb2xzIGRvZXMgTk9UIGdpdmUgYW55IGlkZWEgYWJvdXQKPiA+IHRoZQo+ID4gZW50cm9w eSByYXRlLiBUaHVzLCBhbGwgdGhhdCB3YXMgY2FsY3VsYXRlZCBpcyB0aGUgcHJvcGVyIGltcGxl bWVudGF0aW9uCj4gPiBvZgo+ID4gdGhlIHBvc3QtcHJvY2Vzc2luZyBvcGVyYXRpb24gYW5kIG5v dCB0aGUgYWN0dWFsIG5vaXNlIHNvdXJjZS4KPiA+IAo+ID4gV2hhdCBuZWVkcyB0byBoYXBwZW4g aXMgdGhhdCB3ZSBuZWVkIGFjY2VzcyB0byByYXcsIHVuY29uZGl0aW9uZWQgZGF0YQo+ID4gZnJv bQo+ID4gdGhlIG5vaXNlIHNvdXJjZSB0aGF0IGlzIGFuYWx5emVkIHdpdGggdGhlIHN0YXRpc3Rp Y2FsIG1ldGhvZHMuCj4gCj4gSSBkaWQgdW5kZXJzdGFuZCB5b3UgYW5kIEkgYXNzdXJlIHlvdSB0 aGUgZGF0YSBJIHRlc3RlZCB3ZXJlIG9idGFpbmVkCj4gZGlyZWN0bHkgZnJvbSBSTkdzLiBBcyBJ IHBvaW50ZWQgYmVmb3JlWzFdLCB0aGF0IGlzIGhvdyAvZGV2L2h3cm5nCj4gd29ya3NbMl0uCgpJ IHVuZGVyc3RhbmQgdGhhdCAvZGV2L2h3cm5nIHB1bGxzIHRoZSBkYXRhIHN0cmFpZ2h0IGZyb20g dGhlIGhhcmR3YXJlLiBCdXQgCnRoZSBkYXRhIGZyb20gdGhlIGhhcmR3YXJlIHVzdWFsbHkgaXMg bm90IG9idGFpbmVkIHN0cmFpZ2h0IGZyb20gdGhlIG5vaXNlIApzb3VyY2UuCgpUeXBpY2FsbHkg eW91IGhhdmUgYSBub2lzZSBzb3VyY2UgKGUuZy4gYSByaW5nIG9zY2lsbGF0b3IpIHdob3NlIGRh dGEgaXMgCmRpZ2l0aXplZCB0aGVuIGZlZCBpbnRvIGEgY29tcHJlc3Npb24gZnVuY3Rpb24gbGlr ZSBhbiBMRlNSIG9yIGEgaGFzaC4gVGhlbiBhIApjcnlwdG9ncmFwaGljIG9wZXJhdGlvbiBsaWtl IGEgQ0JDLU1BQywgaGFzaCBvciBldmVuIGEgRFJCRyBpcyBhcHBsaWVkIHRvIHRoYXQgCmRhdGEg d2hlbiB0aGUgY2FsbGVyIHdhbnRzIHRvIGhhdmUgcmFuZG9tIG51bWJlcnMuCgpJbiBvcmRlciB0 byBlc3RpbWF0ZSBlbnRyb3B5LCB3ZSBuZWVkIHRoZSByYXcgdW5jb25kaXRpb25lZCBkYXRhIGZy b20gdGhlLCAKc2F5LCByaW5nIG9zY2lsbGF0b3IgYW5kIG5vdCBmcm9tIHRoZSAoY3J5cHRvZ3Jh cGhpYykgb3V0cHV0IG9wZXJhdGlvbi4KClRoYXQgc2FpZCwgdGhlIGlsbHVzdHJhdGVkIGV4YW1w bGUgaXMgdHlwaWNhbCBmb3IgaGFyZHdhcmUgUk5Hcy4gWWV0IGl0IGlzIApuZXZlciBndWFyYW50 ZWVkIHRvIHdvcmsgdGhhdCB3YXkuIFRodXMsIGlmIHlvdSBjYW4gcG9pbnQgdG8gYXJjaGl0ZWN0 dXJlIApkb2N1bWVudGF0aW9uIG9mIHlvdXIgc3BlY2lmaWMgaGFyZHdhcmUgUk5HcyBzaG93aW5n IHRoYXQgdGhlIGRhdGEgcmVhZCBmcm9tIAp0aGUgaGFyZHdhcmUgaXMgcHVyZSB1bmNvbmRpdGlv bmVkIG5vaXNlIGRhdGEsIHRoZW4gSSBoYXZlIG5vIG9iamVjdGlvbnMgdG8gCnRoZSBwYXRjaC4K PiAKPiBJZiBJIGFtIHdyb25nLCBkbyBzaG93IG1lIHRoZSBjb2RlIHRoYXQgcHJvY2Vzc2VzIHRo ZSBkYXRhIGZyb20gYSBIVyBSTkcKPiBiZWZvcmUgY29weWluZyB0aGVtIHRvIHVzZXIgcHJvdmlk ZWQgYnVmZmVyWzNdLgoKSSBhbSBub3QgdGFsa2luZyBhYm91dCBhbnkgc29mdHdhcmUgcG9zdC1w cm9jZXNzaW5nLiBJIGFtIHRhbGtpbmcgYWJvdXQgcG9zdC0KcHJvY2Vzc2luZyB3aXRoaW4gdGhl IGhhcmR3YXJlLgo+IAo+IFsxXSBodHRwczovL2xrbWwub3JnL2xrbWwvMjAyMC81LzE1LzI1Mgo+ IFsyXQo+IGh0dHBzOi8vZ2l0Lmtlcm5lbC5vcmcvcHViL3NjbS9saW51eC9rZXJuZWwvZ2l0L3Rv cnZhbGRzL2xpbnV4LmdpdC90cmVlL0RvYwo+IHVtZW50YXRpb24vYWRtaW4tZ3VpZGUvaHdfcmFu ZG9tLnJzdD9oPXY1LjYgWzNdCj4gaHR0cHM6Ly9naXQua2VybmVsLm9yZy9wdWIvc2NtL2xpbnV4 L2tlcm5lbC9naXQvdG9ydmFsZHMvbGludXguZ2l0L3RyZWUvZHJpCj4gdmVycy9jaGFyL2h3X3Jh bmRvbS9jb3JlLmM/aD12NS42I24yNTEKPiAKPiBLaW5kIHJlZ2FyZHMsCgoKQ2lhbwpTdGVwaGFu CgoKCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCmxpbnV4 LWFybS1rZXJuZWwgbWFpbGluZyBsaXN0CmxpbnV4LWFybS1rZXJuZWxAbGlzdHMuaW5mcmFkZWFk Lm9yZwpodHRwOi8vbGlzdHMuaW5mcmFkZWFkLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2xpbnV4LWFy bS1rZXJuZWwK