Hi Ahmad, > -----Original Message----- > From: Ahmad Fatoum <a.fatoum@xxxxxxxxxxxxxx> > Sent: Tuesday, April 9, 2024 10:58 PM > To: Kshitiz Varshney <kshitiz.varshney@xxxxxxx>; David Gstir > <david@xxxxxxxxxxxxx>; Mimi Zohar <zohar@xxxxxxxxxxxxx>; James > Bottomley <jejb@xxxxxxxxxxxxx>; Jarkko Sakkinen <jarkko@xxxxxxxxxx>; > Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>; David S. Miller > <davem@xxxxxxxxxxxxx> > Cc: linux-doc@xxxxxxxxxxxxxxx; Gaurav Jain <gaurav.jain@xxxxxxx>; Catalin > Marinas <catalin.marinas@xxxxxxx>; David Howells > <dhowells@xxxxxxxxxx>; keyrings@xxxxxxxxxxxxxxx; Fabio Estevam > <festevam@xxxxxxxxx>; Paul Moore <paul@xxxxxxxxxxxxxx>; Jonathan > Corbet <corbet@xxxxxxx>; Richard Weinberger <richard@xxxxxx>; Rafael J. > Wysocki <rafael.j.wysocki@xxxxxxxxx>; James Morris <jmorris@xxxxxxxxx>; > dl-linux-imx <linux-imx@xxxxxxx>; Serge E. Hallyn <serge@xxxxxxxxxx>; > Paul E. McKenney <paulmck@xxxxxxxxxx>; Sascha Hauer > <s.hauer@xxxxxxxxxxxxxx>; Pankaj Gupta <pankaj.gupta@xxxxxxx>; sigma > star Kernel Team <upstream+dcp@xxxxxxxxxxxxx>; Steven Rostedt (Google) > <rostedt@xxxxxxxxxxx>; David Oberhollenzer <david.oberhollenzer@sigma- > star.at>; linux-arm-kernel@xxxxxxxxxxxxxxxxxxx; linuxppc-dev@xxxxxxxxxxxxxxxx; > Randy Dunlap <rdunlap@xxxxxxxxxxxxx>; linux-kernel@xxxxxxxxxxxxxxx; Li > Yang <leoyang.li@xxxxxxx>; linux-security-module@xxxxxxxxxxxxxxx; linux- > crypto@xxxxxxxxxxxxxxx; Pengutronix Kernel Team <kernel@xxxxxxxxxxxxxx>; > Tejun Heo <tj@xxxxxxxxxx>; linux-integrity@xxxxxxxxxxxxxxx; Shawn Guo > <shawnguo@xxxxxxxxxx>; Varun Sethi <V.Sethi@xxxxxxx> > Subject: Re: [EXT] [PATCH v8 3/6] KEYS: trusted: Introduce NXP DCP-backed > trusted keys > > Caution: This is an external email. Please take care when clicking links or > opening attachments. When in doubt, report the message using the 'Report > this email' button > > > Hello Kshitiz, > > On 09.04.24 12:54, Kshitiz Varshney wrote: > > Hi David, > >> + b->fmt_version = DCP_BLOB_VERSION; > >> + get_random_bytes(b->nonce, AES_KEYSIZE_128); > >> + get_random_bytes(b->blob_key, AES_KEYSIZE_128); > > > > We can use HWRNG instead of using kernel RNG. Please refer > > drivers/char/hw_random/imx-rngc.c > > imx-rngc can be enabled and used to seed the kernel entropy pool. Adding > direct calls into imx-rngc here only introduces duplicated code at no extra > benefit. > > Cheers, > Ahmad > > -- > Pengutronix e.K. | | > Steuerwalder Str. 21 | > https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww. > pengutronix.de%2F&data=05%7C02%7Ckshitiz.varshney%40nxp.com%7Ce9 > 97f259d34548ad1a9808dc58ba63a8%7C686ea1d3bc2b4c6fa92cd99c5c30 > 1635%7C0%7C0%7C638482804763047266%7CUnknown%7CTWFpbGZsb3 > d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0 > %3D%7C0%7C%7C%7C&sdata=UZgE9MXqAqCwqVnWty67YLh8QnIwpuq%2 > F7%2BQeDLQhF8I%3D&reserved=0 | > 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | > Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | Understood. Regards, Kshitiz
