Am Dienstag, 5. September 2017, 15:54:02 CEST schrieb Peter Huewe:
Hi Peter,
> Hi,
>
> while reading through the analysis of the Linux RNG by the BSI [1][2],
> I was suprised by the lack of reflecting on the usage of HWRNGs except
> RDRAND/RDSEED.
Sure, the study is about assessing entropy. How can one assess entropy when no
access to noise sources is possible?
>
> In the paper it was mentioned that if the quality attribute of a regular
> hwrng is not set (or specified via the module parameter default_quality for
> all hwrng) the HWRNG is not used at all. Only very few set this attribute
> explictly, and the default is 0,
> so even if we enable these HWRNGs in the kernel config, they are not used?
Yes, see drivers/char/hw_random/core.c:
if (current_quality == 0 && hwrng_fill)
kthread_stop(hwrng_fill);
if (current_quality > 0 && !hwrng_fill)
start_khwrngd();
>
> I read through the hw_random code and came to the same conclusion - but is
> this correct and desired?
If the quality is marked as 0, it is considered to provide no entropy. Thus,
it will not change the blocking behavior of /dev/random.
As the in-kernel path in core.c with add_hwgenerator_randomness shall
eliminate the need for rngd for those hardware RNGs, the current approach
makes sense.
Though, the current implementation cannnot be used to simply mix the
input_pool with a hardware RNG that is assumed to provide no entropy.
>
> Specifically since you can set the 'default value' only for every hwrng but
> not overwrite the quality for a specific device. e.g. the quite good tpm
> hwrng of my ifx tpm would not be used and
> if I set the default_quality to something other than 0, other devices would
> be used, which I would not want to.
>
> Is this understanding correct?
>
>
> Thanks,
> Peter
> (tpm maintainer)
>
>
>
> [1] https://www.bsi.bund.de/DE/Publikationen/Studien/LinuxRNG/index_htm.html
> [2]
> https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Studien/L
> inuxRNG/LinuxRNG_EN.pdf?__blob=publicationFile&v=5
Ciao
Stephan
