Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp2803716pxu; Mon, 14 Dec 2020 11:14:19 -0800 (PST) X-Google-Smtp-Source: ABdhPJxRs1SdObCjKxR+fJ898MfIYTwh4oBXlnIG+lfcCS/7XsxYCxPGtr45Vp3rM6cYolqVpNZu X-Received: by 2002:a17:906:3813:: with SMTP id v19mr23966511ejc.462.1607973259328; Mon, 14 Dec 2020 11:14:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1607973259; cv=none; d=google.com; s=arc-20160816; b=D5C8iMv5gjtlAiBcHhImSaguREVvR7lh/AssSeZKRYpmTJrIPD1OaAFHS31RXy1mVd Btt4teavvpuwpvEqpPSg7mQQ2KggWMTI3fFjLIIIjEy9k3Lj0TcRlbjTJt1DPOo2YKz2 BSetdl+uNdv0EzLxQMMZLPVMe3h+zPKGkE8FClT20IkQfqDAEi+svMNrk4gDybWEztS1 sUjEuntUHNwlu04WmzgDMMb0shX1Gmv3yCzOW/EiVJ/+89bfPEoHN/4V1jpp6Azy5AK8 xAwxvJzlbUz+E7RcMcSNo97HpPrThKst6t4LIloQdCz0yAID8qQIjj+CbWMx3TxGhojk 49jQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:date:cc:to:from:subject:message-id; bh=+0Hhs6k+dJ1SBkfcJZVzq28uB8JawTNES4aZeWjO0fc=; b=LUy2KOgVt3cyTD1lNnkZkF+DHP/EqXifjXmZFAogQeEb4BkMKBcJJuYCfMwiHrd7TE af/EMvy7Ar9d5gn4c857fGAg71AS5jPQnuRNuqzx6mlJBSQXKkpsKuWhXZESa3ovfcwh 9cN8OOCjnwwRIvgnSlYZeZcJdr82BwpRNCHDH4caY3UGEfusO+iuTieRzq+vtFAhXga0 cQa7yW2aFf7sZ416UNuh22S0AZshyOtFS40+hlxwe3kPVfveEKoQoK6gGWlPAEa1dxHq AUr2qzU+8813u0JiNbUkl8r4lLoogRtehdJwPsfjy7URSmOfLEaW2VHQbf0YyWkkMiKh h5Xg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id e4si10362167ejq.356.2020.12.14.11.13.46; Mon, 14 Dec 2020 11:14:19 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2502297AbgLNTBS (ORCPT + 99 others); Mon, 14 Dec 2020 14:01:18 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58988 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2502254AbgLNTBI (ORCPT ); Mon, 14 Dec 2020 14:01:08 -0500 Received: from metis.ext.pengutronix.de (metis.ext.pengutronix.de [IPv6:2001:67c:670:201:290:27ff:fe1d:cc33]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 89582C0613D6 for ; Mon, 14 Dec 2020 11:00:28 -0800 (PST) Received: from gallifrey.ext.pengutronix.de ([2001:67c:670:201:5054:ff:fe8d:eefb] helo=[IPv6:::1]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1kot57-0007WT-Ky; Mon, 14 Dec 2020 20:00:25 +0100 Message-ID: Subject: CAAM RNG trouble From: Lucas Stach To: Horia =?UTF-8?Q?Geant=C4=83?= , Aymen Sghaier , Alexandru Porosanu Cc: linux-crypto@vger.kernel.org, kernel@pengutronix.de Date: Mon, 14 Dec 2020 20:00:24 +0100 Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.38.1 (3.38.1-1.fc33) MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-SA-Exim-Connect-IP: 2001:67c:670:201:5054:ff:fe8d:eefb X-SA-Exim-Mail-From: l.stach@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: linux-crypto@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hi all, I've been looking into a CAAM RNG issue for a while, where I could need some input from people knowing the CAAM hardware better than I do. Basically the issue is that on some i.MX6 units the RNG functionality sometimes fails with this error: caam_jr 2101000.jr0: 20003c5b: CCB: desc idx 60: RNG: Hardware error. I can tell that it is related to the entropy delay. On all failing units the RNG4 gets instantiated with the default entropy delay of 3200. If I dial up the delay to 3600 or 4000 the RNG works reliably. As a negative test I changed the initial delay to 400. With this change all units are able to successfully instantiate the RNG handles at an entropy delay of 2000 or 2400, but then reliably fail at getting random data with the error shown above. I guess the issue is related to prediction resistance on the handles, which causes the PRNG to be re- seeded from the TRNG fairly often. Now I don't have a good idea on how to arrive at a reliably working entropy delay setting, as apparently the simple "are we able to instantiate the handle" check is not enough to actually guarantee a working RNG setup. Any suggestions? Regards, Lucas