From: =?iso-8859-2?Q?Horia_Geant=E3?= Subject: Re: [PATCH v1] crypto: caam - set hwrng quality level Date: Thu, 3 Aug 2017 07:48:51 +0000 Message-ID: References: <20170719074458.9247-1-o.rempel@pengutronix.de> <20170719163248.sn7mvnq2s3fm2hvh@pengutronix.de> <20170719181303.rj4fyjj7qplatrzk@pengutronix.de> <4e42d639-9f83-dcbb-9a2a-91686656c7dd@linux.vnet.ibm.com> <20170803031652.GA10515@gondor.apana.org.au> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: quoted-printable Cc: Harald Freudenberger , Oleksij Rempel , "linux-kernel@vger.kernel.org" , Oleksij Rempel , "Dan Douglass" , "linux-crypto@vger.kernel.org" , "kernel@pengutronix.de" , Martin Schwidefsky , "David S. Miller" To: Herbert Xu Return-path: Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org List-Id: linux-crypto.vger.kernel.org On 8/3/2017 6:17 AM, Herbert Xu wrote:=0A= > On Wed, Aug 02, 2017 at 02:03:14PM +0000, Horia Geant=E3 wrote:=0A= >>=0A= >> Take CAAM's engine HWRNG: it can work both as a TRNG and as a=0A= >> TRNG-seeded DRBG (that's how it's currently configured).=0A= >> IIUC, both setups are fit as source for the entropy pool.=0A= > =0A= > So which is it? If it's a DRBG then it should not be exposed through=0A= > the hwrng interface. Only TRNG should go through hwrng. DRBGs=0A= > can use the crypto rng API.=0A= =0A= Right now it's configured as a DRBG.=0A= If I read correctly, it doesn't matter it's using the internal TRNG for=0A= (automated) seeding, it still shouldn't use hwrng.=0A= This means it's broken since the very beginning:=0A= e24f7c9e87d4 crypto: caam - hwrng support=0A= =0A= Thanks,=0A= Horia=0A=