From: "Łukasz Stelmach" <l.stelmach@samsung.com>
To: Krzysztof Kozlowski <krzk@kernel.org>,
robh+dt@kernel.org, Stephan Mueller <smueller@chronox.de>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S . Miller" <davem@davemloft.net>,
Kukjin Kim <kgene@kernel.org>,
linux-crypto@vger.kernel.org, linux-samsung-soc@vger.kernel.org,
linux-kernel@vger.kernel.org
Cc: "Łukasz Stelmach" <l.stelmach@samsung.com>,
"Marek Szyprowski" <m.szyprowski@samsung.com>,
"Bartlomiej Zolnierkiewicz" <b.zolnierkie@samsung.com>
Subject: [PATCH v3 3/4] crypto: exynos - Reseed PRNG after generating 2^16 random bytes
Date: Tue, 12 Dec 2017 17:36:06 +0100 [thread overview]
Message-ID: <20171212163607.2985-4-l.stelmach@samsung.com> (raw)
In-Reply-To: <20171212163607.2985-1-l.stelmach@samsung.com>
In-Reply-To: <20171211140623.7673-1-l.stelmach@samsung.com>
Reseed PRNG after reading 65 kB of randomness. Although this may reduce
performance, in most cases the loss is not noticeable. Also the time
based threshold for reseeding is changed to one second. Reseeding is
performed whenever either limit is exceeded.
Reseeding of a PRNG does not increase entropy, but it helps preventing
backtracking the internal state of the device from its output sequence,
and hence, prevents potential attacker from predicting numbers to be
generated.
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Reviewed-by: Stephan Mueller <smueller@chronox.de>
---
drivers/crypto/exynos-rng.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/exynos-rng.c b/drivers/crypto/exynos-rng.c
index dcdd444d0b3b..825ed7bfd881 100644
--- a/drivers/crypto/exynos-rng.c
+++ b/drivers/crypto/exynos-rng.c
@@ -55,12 +55,14 @@ enum exynos_prng_type {
};
/*
- * Driver re-seeds itself with generated random numbers to increase
- * the randomness.
+ * Driver re-seeds itself with generated random numbers to hinder
+ * backtracking of the original seed.
*
* Time for next re-seed in ms.
*/
-#define EXYNOS_RNG_RESEED_TIME 100
+#define EXYNOS_RNG_RESEED_TIME 1000
+#define EXYNOS_RNG_RESEED_BYTES 65536
+
/*
* In polling mode, do not wait infinitely for the engine to finish the work.
*/
@@ -82,6 +84,8 @@ struct exynos_rng_dev {
unsigned int seed_save_len;
/* Time of last seeding in jiffies */
unsigned long last_seeding;
+ /* Bytes generated since last seeding */
+ unsigned long bytes_seeding;
};
static struct exynos_rng_dev *exynos_rng_dev;
@@ -126,6 +130,7 @@ static int exynos_rng_set_seed(struct exynos_rng_dev *rng,
}
rng->last_seeding = jiffies;
+ rng->bytes_seeding = 0;
return 0;
}
@@ -164,6 +169,7 @@ static int exynos_rng_get_random(struct exynos_rng_dev *rng,
EXYNOS_RNG_STATUS);
*read = min_t(size_t, dlen, EXYNOS_RNG_SEED_SIZE);
memcpy_fromio(dst, rng->mem + EXYNOS_RNG_OUT_BASE, *read);
+ rng->bytes_seeding += *read;
return 0;
}
@@ -177,7 +183,8 @@ static void exynos_rng_reseed(struct exynos_rng_dev *rng)
unsigned int read = 0;
u8 seed[EXYNOS_RNG_SEED_SIZE];
- if (time_before(now, next_seeding))
+ if (time_before(now, next_seeding) &&
+ rng->bytes_seeding < EXYNOS_RNG_RESEED_BYTES)
return;
if (exynos_rng_get_random(rng, seed, sizeof(seed), &read))
--
2.11.0
next prev parent reply other threads:[~2017-12-12 16:36 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CGME20171205123601eucas1p2ef1a2fdce84dce8dc4b54c419ce566a7@eucas1p2.samsung.com>
2017-12-05 12:35 ` [PATCH 0/3] Assorted changes for Exynos PRNG driver Łukasz Stelmach
[not found] ` <CGME20171205123602eucas1p2d3ee1e53adc35df7c52917d43bcdebfd@eucas1p2.samsung.com>
2017-12-05 12:35 ` [PATCH 1/3] crypto: exynos - Support Exynos5250+ SoCs Łukasz Stelmach
2017-12-05 13:34 ` Krzysztof Kozlowski
[not found] ` <CGME20171206134305eucas1p218c38b977c14cae58763586458c3e78d@eucas1p2.samsung.com>
2017-12-06 13:42 ` Łukasz Stelmach
2017-12-06 14:05 ` Krzysztof Kozlowski
[not found] ` <CGME20171206145312eucas1p226d52f60f15e45456aefd6270cc88e07@eucas1p2.samsung.com>
2017-12-06 14:53 ` Łukasz Stelmach
2017-12-06 15:28 ` Krzysztof Kozlowski
[not found] ` <CGME20171207092032eucas1p296f7cbc547d159c52561182cc6461504@eucas1p2.samsung.com>
2017-12-07 9:20 ` Łukasz Stelmach
2017-12-06 17:56 ` Joe Perches
[not found] ` <CGME20171205123603eucas1p177cceb022e3a5c0a9d13ca437c05b669@eucas1p1.samsung.com>
2017-12-05 12:35 ` [PATCH 2/3] crypto: exynos - Improve performance of PRNG Łukasz Stelmach
2017-12-05 13:49 ` Krzysztof Kozlowski
2017-12-05 13:54 ` Stephan Mueller
[not found] ` <CGME20171205164319eucas1p1e79b9798d655851762cc83a6737b73b4@eucas1p1.samsung.com>
2017-12-05 16:43 ` Łukasz Stelmach
2017-12-05 17:53 ` Krzysztof Kozlowski
2017-12-05 18:06 ` Krzysztof Kozlowski
[not found] ` <CGME20171206113301eucas1p23da9decc34cc646b0bf4eb88953ef94a@eucas1p2.samsung.com>
2017-12-06 11:32 ` Łukasz Stelmach
2017-12-06 11:37 ` Krzysztof Kozlowski
[not found] ` <CGME20171206130651eucas1p22b5d0799f2a128d3d9efcc799fc3cfdc@eucas1p2.samsung.com>
2017-12-06 13:06 ` Łukasz Stelmach
[not found] ` <CGME20171205123604eucas1p2a6a2738e3cf1f9c300e8d128362429ed@eucas1p2.samsung.com>
2017-12-05 12:35 ` [PATCH 3/3] crypto: exynos - Reseed PRNG after generating 2^16 random bytes Łukasz Stelmach
2017-12-05 13:52 ` Stephan Mueller
2017-12-05 13:55 ` Krzysztof Kozlowski
[not found] ` <CGME20171211140635eucas1p22ab5dac69623926c583779a6b93872ce@eucas1p2.samsung.com>
2017-12-11 14:06 ` [PATCH v2 0/4] Assorted changes for Exynos PRNG driver Łukasz Stelmach
[not found] ` <CGME20171212163609eucas1p2aaee0a21276b66f4cb492a4502f66756@eucas1p2.samsung.com>
2017-12-12 16:36 ` [PATCH v3 " Łukasz Stelmach
2017-12-22 9:09 ` Herbert Xu
2017-12-12 16:36 ` [PATCH v3 1/4] crypto: exynos - Support Exynos5250+ SoCs Łukasz Stelmach
2017-12-13 8:06 ` Krzysztof Kozlowski
2017-12-12 16:36 ` [PATCH v3 2/4] crypto: exynos - Improve performance of PRNG Łukasz Stelmach
2017-12-13 8:07 ` Krzysztof Kozlowski
2017-12-12 16:36 ` Łukasz Stelmach [this message]
2017-12-13 8:12 ` [PATCH v3 3/4] crypto: exynos - Reseed PRNG after generating 2^16 random bytes Krzysztof Kozlowski
2017-12-12 16:36 ` [PATCH v3 4/4] crypto: exynos - Introduce mutex to prevent concurrent access to hardware Łukasz Stelmach
2017-12-11 14:06 ` [PATCH v2 1/4] crypto: exynos - Support Exynos5250+ SoCs Łukasz Stelmach
2017-12-11 14:36 ` Krzysztof Kozlowski
2017-12-11 14:06 ` [PATCH v2 2/4] crypto: exynos - Improve performance of PRNG Łukasz Stelmach
2017-12-11 14:54 ` Krzysztof Kozlowski
[not found] ` <CGME20171212144953eucas1p2079156cb46dc72e2a73868ca2d88ba05@eucas1p2.samsung.com>
2017-12-12 14:49 ` Łukasz Stelmach
2017-12-11 14:06 ` [PATCH v2 3/4] crypto: exynos - Reseed PRNG after generating 2^16 random bytes Łukasz Stelmach
2017-12-11 14:57 ` Krzysztof Kozlowski
2017-12-11 14:06 ` [PATCH v2 4/4] crypto: exynos - Introduce mutex to prevent concurrent access to hardware Łukasz Stelmach
2017-12-11 15:03 ` Krzysztof Kozlowski
[not found] ` <CGME20171212103021eucas1p19a2a24930cadde55eac2f822a6a9f80c@eucas1p1.samsung.com>
2017-12-12 10:30 ` Łukasz Stelmach
2017-12-12 11:09 ` Krzysztof Kozlowski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171212163607.2985-4-l.stelmach@samsung.com \
--to=l.stelmach@samsung.com \
--cc=b.zolnierkie@samsung.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=kgene@kernel.org \
--cc=krzk@kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-samsung-soc@vger.kernel.org \
--cc=m.szyprowski@samsung.com \
--cc=robh+dt@kernel.org \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.