On Sat, Apr 18, 2015 at 07:35:11PM +0200, Stephan Mueller wrote: > Hi, > > the current implementation of the DRBG generates a shadow copy of its > DRBG state for each incoming request. The idea is that only a short > term lock is needed to spawn the shadow copy. The drawback is that > if multiple parallel requests come in, the generated DRBG shadow > states only differ by a high-resolution timer that was mixed in during > the shadow state generation. > > This patch now removes this shadow state and introduces a mutex > to serialize all requests to one DRBG instance. > > The patch was fully CAVS tested and demonstrates that the DRBG still > complies with the standard. All applied. -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
