Re: (none)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Mittwoch, 1. Juni 2016, 12:59:43 schrieb Herbert Xu:

Hi Herbert,

> Jeffrey Walton <noloader@xxxxxxxxx> wrote:
> > Please forgive my ignorance here...
> > 
> > I have test system with a VIA C7-M processor and PM-400 chipset. This
> > is one of those Thin Client/Internet of Things processor and chipsets
> > I test security libraries on (like OpenSSL, Cryptlib and Crypto++).
> > 
> > The processor includes the Padlock extensions. Padlock is similar to
> > Intel's RDRAND, RDSEED and AES-NI, and it predates Intel's
> > instructions by about a decade.
> > 
> > The Padlock Security Engine can produce a stream of random numbers at
> > megabits per socond, so I've been kind of surprised it has been
> > 
> > suffering entropy depletion. Here's what the audit trail looks like:
> >    Testing operating system provided blocking random number generator...
> >    FAILED:  it took 74 seconds to generate 5 bytes
> >    passed:  5 generated bytes compressed to 7 bytes by DEFLATE
> > 
> > Above, the blocking RNG is drained. Then, 16 bytes are requested. It
> > appears to take over one minute to gather five bytes when effectively
> > an endless stream is available.
> > 
> > My question is, is this system expected to suffer entropy depletion
> > out of the box? Or are users expected to do something special so the
> > system does not fail?
> 
> I don't think anybody has written either an hwrng driver or a rdrand
> hook for padlock.  Patches are welcome.

I thought via-rng.c covers the VIA Padlock RNG?

Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux