Sorry but I think that relying on Intel RNG is a _Terrible_ idea regarding the security and not sure you should be pursuing it. If you really want a hardware RNG that is also secure, why not take a look at some USB dongles like FST-01 or Librem key? Here is a ( sadly deleted recently! ) Wikipedia comparison page - https://web.archive.org/web/20180812092012/https://en.wikipedia.org/wiki/Comparison_of_hardware_random_number_generators - You can check it to find the best price/performance USB TRNG dongle which is also open hardware
Best regards, Ivan Ivanov вт, 27 нояб. 2018 г. в 22:50, Grant Grundler <[email protected]>: > > On Tue, Nov 27, 2018 at 4:10 AM Nico Huber <[email protected]> wrote: > > > > Hi Grant, > > > > I don't know how it is supposed to work on Haswell, but can give you > > some pointers anyway. > > > > tl;dr I don't think you are looking for a PCI device. > > If intel-rng support is required, a PCI device will be advertised > because of how the linux kernel binds PCI devices to drivers. See > "alias" field of "modinfo intel-rng" as an example. > > One of the search results pointed at a response that said "load > intel-rng driver" as the solution to this problem... that's the only > reason I'm exploring this path. > > > Am 27.11.18 um 08:11 schrieb Grant Grundler: > > > Asus Chromebox (Panther) with Celeron 2995U processor is supposed to > > > have a HW Random Number Generator: > > > > > > https://ark.intel.com/products/75608/Intel-Celeron-Processor-2955U-2M-Cache-1-40-GHz- > > > > > > (Intel calls it Secure Key) > > > > > > But "modprobe intel-rng" is failing with "No such device" (Debian > > > 4.18.0-2-amd64 kernel). > > > > This driver is for very old Firmware Hub (FWH) hardware which would > > be controlled through the LPC PCI device. You have such a PCI device > > (00:1f.0) but there's no FWH to be expect with Haswell. > > Hrm. OK. But that would explain why intel-rng driver only binds with > PCI devices. > > > What you are probably looking for is the RDRAND instruction. I don't > > know if it can be controlled by the firmware, but would check first if > > your OS is prepared to make use of it. > > Linux kernel has supported RDRAND for a long time. There is even a > public debate about *excluding* RDRAND use since some people were > hypothesizing that RDRAND was "compromised" by Intel so "goverment > agencies" could break encrypted traffic which used RDRAND exclusively > to generate encryption keys. Linux kernel does NOT exclusively use > RDRAND and Ted Tyso made compelling arguments that RDRAND would still > add "entropy" to key generation. > > What I don't know is how linux figures out it can or should use > RDRAND. RDRAND appears to be a "CPU feature": > > arch/x86/include/asm/cpufeatures.h:#define X86_FEATURE_RDRAND > ( 4*32+30) /* RDRAND instruction */ > > And as notedin original email, Intel says this CPU (Celeron 2995U) > supports "Secure Key" which is the new marketing name for HW RNG > support (could be only via RDRAND now). > > > > > Why do I care about HW RNG? > > > Because of this: > > > ... > > > [ 8.560270] r8169 0000:01:00.0 enp1s0: link up > > > [ 8.560287] IPv6: ADDRCONF(NETDEV_CHANGE): enp1s0: link becomes ready > > > [19039.712644] random: crng init done > > > [19039.712649] random: 7 urandom warning(s) missed due to ratelimiting > > > [19044.485625] wlp2s0: authenticate with ... > > > ... > > > > > > Yes, several *hours* until the crng was initialized and then > > > wpa_supplicant could start talking on WIFI. :( > > > > > > The length of the delay varies...shortest was 7 minutes. > > > > Well, even without a hardware rng, I wouldn't expect that. > > Exactly. I didn't either. My NUC5 completes typically in 3 second from > the time the kernel is loaded. But this is a different CPU (Intel Core > i5 6260) and completely different firmware (If Coreboot was available > for this, I'd prefer Coreboot). > > > With antennas > > available, I would say after 10s for the paranoid there should be enough > > entropy available. But that's probably just how I'd do OS development > > (and depends on what the wifi driver can do). > > I don't know if the kernel has access to any radios (or antennas) > until the 80211 link is brought up... which in turn won't happen until > wpa_supplicant is running. So something else is wrong here. My > suspicion is still on Coreboot not providing something that tells the > linux kernel a quick method to generate random numbers. > > I saw Matt DeVillier's response as well and I'll follow up once I've > updated the SeaBIOS firmware, installed rng-tools5, and determined > which CPU features are advertised by both Panther and NUC CPUs. For > some reason my "phone home" (SSH) is getting rejected right now. :( > > cheers, > grant > > > Nico > > -- > coreboot mailing list: [email protected] > https://mail.coreboot.org/mailman/listinfo/coreboot -- coreboot mailing list: [email protected] https://mail.coreboot.org/mailman/listinfo/coreboot
