Hi, the current implementation of the DRBG generates a shadow copy of its DRBG state for each incoming request. The idea is that only a short term lock is needed to spawn the shadow copy. The drawback is that if multiple parallel requests come in, the generated DRBG shadow states only differ by a high-resolution timer that was mixed in during the shadow state generation. This patch now removes this shadow state and introduces a mutex to serialize all requests to one DRBG instance. The patch was fully CAVS tested and demonstrates that the DRBG still complies with the standard. Stephan Mueller (4): cryoto: drbg - clear all temporary memory crypto: drbg - do not create shadow copy crypto: drbg - replace spinlock with mutex crypto: drbg - leave cipher handles operational crypto/drbg.c | 154 +++++++++----------------------------------------- include/crypto/drbg.h | 4 +- 2 files changed, 30 insertions(+), 128 deletions(-) -- 2.1.0 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
