Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp413604imm;
        Thu, 28 Jun 2018 23:24:16 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKKzRzO6YlWVGt4Safp4p0ygHv58nxS6TO0JPOVCgvYeTzCckKdvRsG7w+0HIn+qU16eppaL
X-Received: by 2002:a65:65ca:: with SMTP id y10-v6mr11497553pgv.359.1530253456450;
        Thu, 28 Jun 2018 23:24:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1530253456; cv=none;
        d=google.com; s=arc-20160816;
        b=tDpjPjP8D0VQGmZdeMBd6FLViCybeBZUhLgiAsRZ6CNDOPDuG0wDTdg/0JoSsSzAJ3
         z04YISZ98rbmdktAc/m1hvPzl9dgbIfYWvlbLJmX5JUu+5brS5Q6/bI2ZztjGvpAInqe
         oF72CXm6bzqqRSyU3kq0Vpbb11ZhL9H4PUSss7GYUs8/kbTk1/pbf5hAIm0wsVnBeqDP
         TMRzRZKvsuaPjiDn6sJ6gNHpdXhl9J0p2AfJ9222RPiZEJ3BFo54XV3JNiB4zMLVscnu
         pBDTGDFPMx/N+z8y2Y98UTAeUr57btlvuf5q0wV9RBE4OBUgiUBH6rB9oTk/kB2X5CcT
         CHbQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=TdpjneEO5OiRRTcq3sBFXuRYNcV+WRfxZ6V5IGxv3IM=;
        b=zX+hyPUTONTKWcYO3Nk7PF9vUv8/CL9wgNkm5MHcFxgZ6X0ZPaO4uxFXtCzYxTeQF2
         i1j5a5mrnadsRO7apM3dgIyqeuSIjRFt+EDSuMn8pFCi7OyE2h7ij+3QMfK04dOKEgBk
         zL1qOekE2CWiH4v/4chIDRYfmM2uTvzGlYtvtFQJawzE4TiyJvcHZx+mlLwO8N3lyjXj
         DGQ8fzbh1+vfmFvgGKHkRZ8lVletDXTe17Qiz6fzR/JyM/oFD0w6A6NvCheZ/O+AoSHG
         Mi9N/937/xVye5Pps/NY/XD/xPfHqSkel6kbetD4M849rar/hcczF5sIL1E0n0Yq+ARv
         KAwQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=lGHb0UlW;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id x62-v6si2405322pfd.124.2018.06.28.23.24.02;
        Thu, 28 Jun 2018 23:24:16 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=lGHb0UlW;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S967242AbeF1WEf (ORCPT <rfc822;mailist1go@gmail.com> + 99 others);
        Thu, 28 Jun 2018 18:04:35 -0400
Received: from mail.kernel.org ([198.145.29.99]:39048 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S966628AbeF1WEc (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 28 Jun 2018 18:04:32 -0400
Received: from mail-oi0-f43.google.com (mail-oi0-f43.google.com [209.85.218.43])
        (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 1396C27A0D;
        Thu, 28 Jun 2018 22:04:32 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1530223472;
        bh=Mmeqw3YH4GYdWX05xs9GyVXvUOckmUYVOJfxBhmi/8w=;
        h=In-Reply-To:References:From:Date:Subject:To:Cc:From;
        b=lGHb0UlW7TWNWvDBu3x4zos/nj2A3tN2N3SrVpSKVY+ipQkPBUpJjaITXwl4ZPypG
         R1GuOymsBIxUdWosFa38LZP9j1qJQyaTE1iP+m+qZLqq8cxqCWRHGgVe5/25pMx1td
         oQQp90HyHCRszUA0RPF1wc9oKkDDtUs1dHGfR88M=
Received: by mail-oi0-f43.google.com with SMTP id c2-v6so6666058oic.1;
        Thu, 28 Jun 2018 15:04:32 -0700 (PDT)
X-Gm-Message-State: APt69E2lwBIlEWlBp0XondiKaL6/wrg3EpeI3Qj5DAxsl5SohoSgRZS9
        e8/G2xBO02ZdEC0BsVEqBQpxqg5JJCV+zeS0mLI=
X-Received: by 2002:aca:c42:: with SMTP id i2-v6mr6964097oiy.309.1530223471370;
 Thu, 28 Jun 2018 15:04:31 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a9d:4b11:0:0:0:0:0 with HTTP; Thu, 28 Jun 2018 15:04:30
 -0700 (PDT)
In-Reply-To: <20180621115312.rfmbitrhqi44wu5w@gondor.apana.org.au>
References: <20180618141259.23141-1-vkoul@kernel.org> <20180618141259.23141-4-vkoul@kernel.org>
 <20180619142853.wgi5easw4zv6ttrb@gondor.apana.org.au> <966e9cd4-70a3-8d54-df0f-16df3df45fb5@linaro.org>
 <20180621101506.rnklbtapvfdev4xb@gondor.apana.org.au> <e39deb02-8fa4-84ac-b33e-d692402189a1@linaro.org>
 <20180621115312.rfmbitrhqi44wu5w@gondor.apana.org.au>
From:   Timur Tabi <timur@kernel.org>
Date:   Thu, 28 Jun 2018 17:04:30 -0500
X-Gmail-Original-Message-ID: <CAOZdJXVO-0JDvX4OdJMNCmY_BXrEenXpoWBf=Ww5uFBtXKN86A@mail.gmail.com>
Message-ID: <CAOZdJXVO-0JDvX4OdJMNCmY_BXrEenXpoWBf=Ww5uFBtXKN86A@mail.gmail.com>
Subject: Re: [PATCH 3/3] hwrng: msm - Add support for prng v2
To:     Herbert Xu <herbert@gondor.apana.org.au>
Cc:     Stanimir Varbanov <stanimir.varbanov@linaro.org>,
        Vinod Koul <vinod.koul@linaro.org>,
        linux-crypto@vger.kernel.org, lkml <linux-kernel@vger.kernel.org>,
        Matt Mackall <mpm@selenic.com>, Arnd Bergmann <arnd@arndb.de>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        linux-arm-msm@vger.kernel.org, Vinod Koul <vkoul@kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Jun 21, 2018 at 6:53 AM, Herbert Xu <herbert@gondor.apana.org.au> wrote:
> On Thu, Jun 21, 2018 at 02:27:10PM +0300, Stanimir Varbanov wrote:

> So does it generate one bit of output for each bit of hardware-
> generated entropy like /dev/random? Or does it use a hardware-
> generated seed to power a PRNG?

I have some information to answer this question, although I'm not sure
I can give a strict "yes/no" answer.

There are a couple relevant documents:

https://www.qualcomm.com/news/onq/2014/11/07/cryptographic-module-snapdragon-805-fips-140-2-certified
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2944.pdf

I also got response from a Qualcomm employee:

"The Qualcomm random number generator used in Snapdragon chips
consists of an entropy source coupled with the HASH-DRBG deterministic
random bit generator from NIST Special Publication 800-90A, using
SHA-256 as the hash function.

The entropy source is based on sampled ring oscillators.  Four ring
oscillators are used to provide high assurance of adequate entropy.
The entropy from the ring oscillators is conditioned using the
'derivation function' specified by NIST Special Publication 800-90A.
The conditioned entropy is essentially perfect fully entropic data.
It is used both to seed and to periodically reseed the DRGB."

My understanding is that the PRNG is a real entropy source with some
logic used to normalize the values.  To quote: "No RNG uses data
directly from the entropy source; bits in the output are likely
correlated and unlikely to occur with 50% probability. The entropy
post-processing is designed to turn dirty data in clean data."

Based on the above, it seems to me that the Qualcomm PRNG qualifies as
a real hardware RNG and porting to algif_rng is not the correct path.