CVS commit: src/sys/arch/arm/sunxi

Fri, 18 Mar 2022 16:36:48 -0700 

Module Name:    src
Committed By:   riastradh
Date:           Fri Mar 18 23:36:42 UTC 2022

Modified Files:
        src/sys/arch/arm/sunxi: sun8i_crypto.c

Log Message:
sun8icrypto(4): Attach rndsource as RND_TYPE_RNG.

Previously this was attached as RND_TYPE_UNKNOWN, at a time when the
kernel assumed _any_ RNG-type rndsource produced independent uniform
random bits and subjected it to automatic tests that would fail with
high probability for many other distributions.  But sun8icrypto(4) is
very nonuniform (probably yields consecutive samples of a ring
oscillator, which are very much not independent).

Now the kernel no longer makes this assumption, so it is valid to
label this as what it is -- a hardware RNG.  We should ideally still
have better information from the vendor about what's going on under
the hood before enabling nonzero entropy for it.  But at least we can
label its type accurately.


To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.28 src/sys/arch/arm/sunxi/sun8i_crypto.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/arch/arm/sunxi/sun8i_crypto.c
diff -u src/sys/arch/arm/sunxi/sun8i_crypto.c:1.27 src/sys/arch/arm/sunxi/sun8i_crypto.c:1.28
--- src/sys/arch/arm/sunxi/sun8i_crypto.c:1.27	Fri Mar 18 23:35:48 2022
+++ src/sys/arch/arm/sunxi/sun8i_crypto.c	Fri Mar 18 23:36:42 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: sun8i_crypto.c,v 1.27 2022/03/18 23:35:48 riastradh Exp $	*/
+/*	$NetBSD: sun8i_crypto.c,v 1.28 2022/03/18 23:36:42 riastradh Exp $	*/
 
 /*-
  * Copyright (c) 2019 The NetBSD Foundation, Inc.
@@ -43,7 +43,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(1, "$NetBSD: sun8i_crypto.c,v 1.27 2022/03/18 23:35:48 riastradh Exp $");
+__KERNEL_RCSID(1, "$NetBSD: sun8i_crypto.c,v 1.28 2022/03/18 23:36:42 riastradh Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -1284,14 +1284,12 @@ sun8i_crypto_rng_attach(struct sun8i_cry
 	}
 
 	/*
-	 * Attach the rndsource.  This is _not_ marked as RND_TYPE_RNG
-	 * because the output is not uniformly distributed.  The bits
-	 * are heavily weighted toward 0 or 1, at different times, and
-	 * I haven't scienced a satisfactory story out of it yet.
+	 * Attach the rndsource.  This will trigger an initial call to
+	 * it since we have RND_FLAG_HASCB.
 	 */
 	rndsource_setcb(&rng->cr_rndsource, sun8i_crypto_rng_get, sc);
 	rnd_attach_source(&rng->cr_rndsource, device_xname(self),
-	    RND_TYPE_UNKNOWN,
+	    RND_TYPE_RNG,
 	    RND_FLAG_COLLECT_VALUE|RND_FLAG_ESTIMATE_VALUE|RND_FLAG_HASCB);
 
 	/* Success!  */

Reply via email to