Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp527971pxb; Thu, 5 Nov 2020 06:32:14 -0800 (PST) X-Google-Smtp-Source: ABdhPJx1f1ORWoRXmHjkMly1qF8u8cp84Jmy01wGPXKmApU1arxXlfBMU2lY+XBq7RWC78SycQNl X-Received: by 2002:a17:906:4e41:: with SMTP id g1mr2654932ejw.47.1604586734300; Thu, 05 Nov 2020 06:32:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1604586734; cv=none; d=google.com; s=arc-20160816; b=Q17qH+8wCJuuCLc0kuGGpqpYQxXZkQYsXCAxLJh8zC/d8CvaiiRtaFGwXiAqSc4eo/ 7YyLUoWxCETI+WqzZvv2+ulpX2/gqLEbPwLoh2m/BRy70bA0QDLLOlsky+AZl8AM8//S yO6KisVVo/wC0kt+Cfoh5wSRuKqfsNEByuc7QDHdEqgaR2WgYb7FpMGkWYqq8jx+wiQw Re+k9lzfI2YUOKMVhcU1yf6I2gZgSBh+lOIWYIsMGoOJbaiyk5lFwCkUmCv4HFNdPnPd yBAWPWwPz+DHHzvwuHYhzL9WSs68ymwUlTjlGIC1LdhTc0zUH0lYNqAEND03wSZ22PMW fo6Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=2yqoqshf2ind+w6B21Z9EeAci/7Z29K0eT7crsww6yk=; b=sgv8O/X6X6Wu1+VRTaXC4WmJZkrgKqSlTuPSdvOPFP2HDzuHmhj8gbj6iFVPC78Zkc YlD4ZzwRbkaZurrFSvZOfXmoL07xU41k2yZJmVk88nosXx3BVTUaI9upy9RR22juvKT9 mikIGPI2NemTgNHRAlJGOzD6Fku5At5F8S798mWXUzn1IRCYglVBt5+1u4jj2iaRVzQm XKsn9389IrXosOQxoHfq/zSbX66eskfCKS762v0AmhqzfNgQ4Do2Sa5M/GQbRqzYj7WK gN7mCC/Op5C3WMGyBg1svUjee+QiAec/VNxeszRtB84oHspZCgSOCTTxXOpwHsAhBhKa G7kA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=AyqaZINU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v9si1239805edb.48.2020.11.05.06.31.46; Thu, 05 Nov 2020 06:32:14 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=AyqaZINU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731050AbgKEOaC (ORCPT + 99 others); Thu, 5 Nov 2020 09:30:02 -0500 Received: from mail.kernel.org ([198.145.29.99]:44594 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726874AbgKEOaC (ORCPT ); Thu, 5 Nov 2020 09:30:02 -0500 Received: from localhost (fw-tnat.cambridge.arm.com [217.140.96.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id A5F992078E; Thu, 5 Nov 2020 14:30:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1604586601; bh=7Cpc7oTk9waps+0sn1Z129Z3jSrH4E4ebAchcTAYVZo=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=AyqaZINUxyFkyzMBgavBB8W7enAKYN679T/uskcZreZ/usqQGL/BnUfmhSVI7ngY8 vS2fVGjT5idF2Pk1fQPKPzqMz4p+9gZncgpg8W0iR6e1ilgbn2By0Cb9x0JqK2QlBx ABz21xTbYfH9fTLS7WIui1kyeav9pBNyVBeeNHQA= Date: Thu, 5 Nov 2020 14:29:49 +0000 From: Mark Brown To: Mark Rutland Cc: Andre Przywara , Will Deacon , Catalin Marinas , Ard Biesheuvel , Russell King , linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org, Sudeep Holla , Lorenzo Pieralisi , Linus Walleij Subject: Re: [PATCH v2 4/5] arm64: Add support for SMCCC TRNG entropy source Message-ID: <20201105142949.GB4856@sirena.org.uk> References: <20201105125656.25259-1-andre.przywara@arm.com> <20201105125656.25259-5-andre.przywara@arm.com> <20201105134142.GA4856@sirena.org.uk> <20201105140322.GH82102@C02TD0UTHF1T.local> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="TRYliJ5NKNqkz5bu" Content-Disposition: inline In-Reply-To: <20201105140322.GH82102@C02TD0UTHF1T.local> X-Cookie: It's the thought, if any, that counts! User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --TRYliJ5NKNqkz5bu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Thu, Nov 05, 2020 at 02:03:22PM +0000, Mark Rutland wrote: > On Thu, Nov 05, 2020 at 01:41:42PM +0000, Mark Brown wrote: > > It isn't obvious to me why we don't fall through to trying the SMCCC > > TRNG here if for some reason the v8.5-RNG didn't give us something. > > Definitely an obscure possibility but still... > I think it's better to assume that if we have a HW RNG and it's not > giving us entropy, it's not worthwhile trapping to the host, which might > encounter the exact same issue. There's definitely a good argument for that, but OTOH it's possible the SMCCC implementation is doing something else (it'd be an interesting implementation decision but...). That said I don't really mind, I think my comment was more that if we're doing this the code should be explicit about what the intent is since right now it isn't obvious. Either a comment or having an explicit "what method are we choosing" thing. > That said, I'm not sure it's great to plumb this under the > arch_get_random*() interfaces, e.g. given this measn that > add_interrupt_randomness() will end up trapping to the host all the time > when it calls arch_get_random_seed_long(). > Is there an existing interface for "slow" runtime entropy that we can > plumb this into instead? Yeah, I was wondering about this myself - it seems like a better fit for hwrng rather than the arch interfaces but that's not used until userspace comes up, the arch stuff is all expected to be quick. I suppose we could implement the SMCCC stuff for the early variants of the API you added so it gets used for bootstrapping purposes and then we rely on userspace keeping things topped up by fetching entropy through hwrng or otherwise but that feels confused so I have a hard time getting enthusiastic about it. --TRYliJ5NKNqkz5bu Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAl+kDFwACgkQJNaLcl1U h9ApKAf+L+RsRcER02kUvtZaA3aURIv7gEO9F8JuiH9/H3k1obk5bhnah70SMZfH 7DAuojVb0QQPx47KtqF//t8Zf0NBRcbzOH8tdcT9dra1LeCyeFWX/aTR5jjxPECj qHsdK0a8Cp73kXJpz83zbCuZcxzDVXIJkQZs+9OAAFVH/l5kriIcsT2DDXbA/gJN 45gX+XnMHGRoDoiMu5LfRGA4YFqWYqiJtTau2Njm203qFQL1de4sD5VGpaLM+IXk bOVcl9wuMwxWRy7b7JRaJ1m5lE7kXVG/RKYeZUoCekZtDAqYdcU5t7n7QrNKJAJW xIIvhhLZjhtp/RhDtiI0lL4B0ENuhg== =hyQv -----END PGP SIGNATURE----- --TRYliJ5NKNqkz5bu--