Re: (none)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jeffrey Walton <noloader@xxxxxxxxx> wrote:
> Please forgive my ignorance here...
> 
> I have test system with a VIA C7-M processor and PM-400 chipset. This
> is one of those Thin Client/Internet of Things processor and chipsets
> I test security libraries on (like OpenSSL, Cryptlib and Crypto++).
> 
> The processor includes the Padlock extensions. Padlock is similar to
> Intel's RDRAND, RDSEED and AES-NI, and it predates Intel's
> instructions by about a decade.
> 
> The Padlock Security Engine can produce a stream of random numbers at
> megabits per socond, so I've been kind of surprised it has been
> suffering entropy depletion. Here's what the audit trail looks like:
> 
>    Testing operating system provided blocking random number generator...
>    FAILED:  it took 74 seconds to generate 5 bytes
>    passed:  5 generated bytes compressed to 7 bytes by DEFLATE
> 
> Above, the blocking RNG is drained. Then, 16 bytes are requested. It
> appears to take over one minute to gather five bytes when effectively
> an endless stream is available.
> 
> My question is, is this system expected to suffer entropy depletion
> out of the box? Or are users expected to do something special so the
> system does not fail?

I don't think anybody has written either an hwrng driver or a rdrand
hook for padlock.  Patches are welcome.

Cheers,
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux