Received: by 2002:a25:23cc:0:0:0:0:0 with SMTP id j195csp1583292ybj; Fri, 8 May 2020 04:58:49 -0700 (PDT) X-Google-Smtp-Source: APiQypICNfwxKIEqGW4Gr7c6d/eA2ow2ahWZDICi8c+mE5pcBtEZbdfkgiSksqw/bA63LRYiyvzH X-Received: by 2002:a17:906:c281:: with SMTP id r1mr1599130ejz.310.1588939129064; Fri, 08 May 2020 04:58:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1588939129; cv=none; d=google.com; s=arc-20160816; b=ga/h2oc6lr8VzprNIoSmxLSrHHasJbf4a5mKHbPbx/EplCuUIfYegFfQ/GxvzJc2Yy lmdv4UKuoJfD9YMYGYYIHNDZRXEtW8L8sb88KiRCgO8a3zn8QmHSxFGJoZxTIRBocbgq huBP/2Q7NDWY+vFXqlbIQtaCkVS8YSUelQ50fdFI2IzNiJmdTjjl/LftkNb9HzLqljbb /U4KaK6Nccp2wA4D185y5e84euOEZ0vuyZhL+4oRNP7Ch+GhsL9Pa56BX7RJiD2Bdnny wXL2TnskcCPAUvWWhSYQZVFh7ZvyrplNJBlgzm1ly1CAFLSmhUsYH5TKxVcch7MnO8a1 xGjA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=1WvgYZUW5x/0YOd5gnSZKgQfiNACcYxxlqxwNW+uRf8=; b=ZtbEBBGu/9lnoWQGWF7D/T460sqh4uZf41uq4NeQK1TUyo0mLjwMdcMbyoXkSyUHcq 9TNYiJD44ryVkOFAA8k7Qr8atSRfr0Mvzr1RCdC0+s+K/I+97K1WkSVFkkqPaTIIaGKH hvtHVJnxrOqbVkSPcwR3rF8MSnbxyucbFfvwBvkC9e3IeDZU5WNjEAmXJIatttdnDzTv GjNvzF1Jd/qkJvcHEyt3lWUgVbsS1ftGW7UySAt9/da4uV53V8CYUyMANtin4/GscdX6 MVruq3fm9J/OC4YX/jBph2HUuMckUJIQ9aYR5w2itML6L1v1QfHVDOrIaESkEtDRhAEe Z2sA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@chronox.de header.s=strato-dkim-0002 header.b=IcwoMrj0; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id c15si884786ejr.343.2020.05.08.04.58.24; Fri, 08 May 2020 04:58:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=fail header.i=@chronox.de header.s=strato-dkim-0002 header.b=IcwoMrj0; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726776AbgEHL6T (ORCPT + 99 others); Fri, 8 May 2020 07:58:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52492 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S1726636AbgEHL6T (ORCPT ); Fri, 8 May 2020 07:58:19 -0400 Received: from mo6-p00-ob.smtp.rzone.de (mo6-p00-ob.smtp.rzone.de [IPv6:2a01:238:20a:202:5300::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B7208C05BD43 for ; Fri, 8 May 2020 04:58:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1588939094; s=strato-dkim-0002; d=chronox.de; h=References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: X-RZG-CLASS-ID:X-RZG-AUTH:From:Subject:Sender; bh=1WvgYZUW5x/0YOd5gnSZKgQfiNACcYxxlqxwNW+uRf8=; b=IcwoMrj0DA4sAABiBuZruzETgE1OWTbSof+KZTahu8Px8vE1wdzzz9aXgliQAq9HS9 C3PEdTnKdFcjmd6+mOdbTRkj0+Gc8UrF87S806P/ZZzX9htVNG7goWxba9LutxBydclb 9xHD1aNrMjmkFLpuy/20BscJR4Ruw3DvjOaipZbpKT1874IUO0WEL8CzACYh/dedup3A wczHdIMNAiX1lOHyS9YA4WFnX8COR35tZhEMnBvmMMC0pxPcubVioZCcpcPYR8xD+2iP OkBa7yyEXt4vlBSSiFcUFajma1XkUWQ7fjDVHmuTzZjNpIa00HFLNMK9XDRNc1w0cw7w b3dg== X-RZG-AUTH: ":P2ERcEykfu11Y98lp/T7+hdri+uKZK8TKWEqNyiHySGSa9k9xmwdNnzGHXPaJfSfJdtJ" X-RZG-CLASS-ID: mo00 Received: from tauon.chronox.de by smtp.strato.de (RZmta 46.6.2 DYNA|AUTH) with ESMTPSA id u08bf3w48BwEQWm (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256 bits)) (Client did not present a certificate); Fri, 8 May 2020 13:58:14 +0200 (CEST) From: Stephan Mueller To: Alexander Dahl Cc: linux-crypto@vger.kernel.org Subject: Re: jitterentropy_rng on armv5 embedded target Date: Fri, 08 May 2020 13:58:14 +0200 Message-ID: <6309135.Bj5FvMsAKG@tauon.chronox.de> In-Reply-To: <2567555.LKkejuagh6@ada> References: <2567555.LKkejuagh6@ada> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="iso-8859-1" Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Am Freitag, 8. Mai 2020, 13:40:08 CEST schrieb Alexander Dahl: Hi Alexander, > Hello, >=20 > after upgrading OpenSSL to 1.1.1g on an armv5 based embedded target I had= a > deeper look into entropy generation for that device and stumbled over the= in > kernel 'jitterentropy_rng' module. >=20 > As far as I understood it's supposed to do the same as the well known > 'haveged' or the userspace daemon 'jitterentropy-rngd' by Stephan M=FCller > [1], right? Yes, precisely. In fact, it is the identical code base of the core=20 functionality that both the kernel and the jitterentropy-rngd uses. See the= =20 comment at the top of the kernel source code. > (Although those daemons would solve my problem, I currently try > to avoid them, because memory on my platform is very restricted and every > additional running userspace process costs at least around 1 MB.) If you compile it and you also have AF_ALG for RNGs compiled, you can use i= t=20 through the AF_ALG interface (see [1] for a library). But IMHO if you are=20 space-constrained, you do not want that code. Rather use the jitterentropy-library from [2] and link it straight from you= r=20 application. >=20 > If so, then how is it supposed to be set up?=20 It is intended for in-kernel purposes (namely to seed its DRBG). > I built it for 4.9.x LTS, but > after loading it with 'modprobe' I see nothing in the kernel log and ther= e's > no significant change in /proc/sys/kernel/random/entropy_avail (stays well > below 100 most of the time). Isn't that module supposed to gather entropy > from cpu timing jitter? >=20 > Puzzled > Alex >=20 > [1] https://www.chronox.de/jent.html [1] https://www.chronox.de/libkcapi.html [2] https://github.com/smuellerDD/jitterentropy-library Ciao Stephan