Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp1701622rwb; Mon, 7 Nov 2022 04:57:41 -0800 (PST) X-Google-Smtp-Source: AMsMyM622rPilqXdmHmzO+8uMekmuQBrmKDNzg76igqjCzLsep4Ns8zYWMg/82DNdy4W7UcoVs58 X-Received: by 2002:a17:906:9bec:b0:7a9:cf4a:7028 with SMTP id de44-20020a1709069bec00b007a9cf4a7028mr756619ejc.672.1667825860897; Mon, 07 Nov 2022 04:57:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1667825860; cv=none; d=google.com; s=arc-20160816; b=kyQMbEoc8fbSJJClj+MU4jWU50R+Dwu+ielgDcb7OYeWj/Iz0AYv1NvdhZOQ1Dr/vT 2TGGh5u8A8OTZqzqUX23vZJ28tX1yODdNKnAlMjcNnDlXwmzcZv7DkVPs0z4kLNTSlda ymyPmJJicONvta4SfeuU7srUwEGpby8Zgj043J0TK8oDP0i4cfVqDMDtsZW9+6ql5LrM F292ox6HMZKNvcS33J1RmqBdJLKvqByVz7TUID8FJuUsxJkZ5dInoR5Rpv/6t6sdCL9r 0G8BWDzRGgdJ5D9ahXf6zLmrV/RMRFvc2GMlm52cpkt9cxazfq2aixSYAacfXeVyo1Y3 Zi3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=zw47bG29OWSTvIw3X4RGHuaNACvOWb2yyb49HlVxqJw=; b=rxlom6x93c0e1OrxtxePymChqI1SnZATg5Hf74aidMNN3/IdliReFGAmBd9H+rt1nY kbuEie8TSGhzv8DeTF65J1XRVkSEuGnDzK7C1Nk1ZL0y/aSemC3ieidU2nytmzKFtpCf n6L4Tt8qhhMCaB+AzQ3yxlD5p1EJ/Ooe19JPSzDtOFpCUyacPGXxYyrJ6gaHPBlKbeHb BlaSD+td3EWcZ60TnNrSgptCqSNrM9Pu8m4AlD9LlyZ7Fkvqw0ekCGLXiRJoEuLOW+SS wsqZ+jWrGXS0OD8wTZVOb+9klW0P1G7QWT1NqmlhImgg+I51/G2ej2lgb10ODqDlzLDe pquA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o21-20020a170906975500b00797670441desi11193050ejy.911.2022.11.07.04.57.09; Mon, 07 Nov 2022 04:57:40 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231720AbiKGMoj (ORCPT + 99 others); Mon, 7 Nov 2022 07:44:39 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36108 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231355AbiKGMoi (ORCPT ); Mon, 7 Nov 2022 07:44:38 -0500 Received: from isilmar-4.linta.de (isilmar-4.linta.de [136.243.71.142]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 37B0C1B7AE for ; Mon, 7 Nov 2022 04:44:37 -0800 (PST) Received: by isilmar-4.linta.de (Postfix, from userid 1000) id 84E0320142B; Mon, 7 Nov 2022 12:44:34 +0000 (UTC) Date: Mon, 7 Nov 2022 13:44:34 +0100 From: Dominik Brodowski To: "Jason A. Donenfeld" Cc: herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, Ard Biesheuvel Subject: Re: [PATCH v2] hw_random: treat default_quality as a maximum and default to 1024 Message-ID: <20221107124434.GA9166@isilmar-4.linta.de> References: <20221107122455.6169-1-Jason@zx2c4.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20221107122455.6169-1-Jason@zx2c4.com> User-Agent: Mutt/1.10.1 (2018-07-13) X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Mon, Nov 07, 2022 at 01:24:55PM +0100, Jason A. Donenfeld wrote: > Most hw_random devices return entropy which is assumed to be of full > quality, but driver authors don't bother setting the quality knob. Some > hw_random devices return less than full quality entropy, and then driver > authors set the quality knob. Therefore, the entropy crediting should be > opt-out rather than opt-in per-driver, to reflect the actual reality on > the ground. > > For example, the two Raspberry Pi RNG drivers produce full entropy > randomness, and both EDK2 and U-Boot's drivers for these treat them as > such. The result is that EFI then uses these numbers and passes the to > Linux, and Linux credits them as boot, thereby initializing the RNG. > Yet, in Linux, the quality knob was never set to anything, and so on the > chance that Linux is booted without EFI, nothing is ever credited. > That's annoying. > > The same pattern appears to repeat itself throughout various drivers. In > fact, very very few drivers have bothered setting quality=1024. > > Looking at the git history of existing drivers and corresponding mailing > list discussion, this conclusion tracks. There's been a decent amount of > discussion about drivers that set quality < 1024 -- somebody read and > interepreted a datasheet, or made some back of the envelope calculation > somehow. But there's been very little, if any, discussion about most > drivers where the quality is just set to 1024 or unset (or set to 1000 > when the authors misunderstood the API and assumed it was base-10 rather > than base-2); in both cases the intent was fairly clear of, "this is a > hardware random device; it's fine." > > So let's invert this logic. A hw_random struct's quality knob now > controls the maximum quality a driver can produce, or 0 to specify 1024. > Then, the module-wide switch called "default_quality" is changed to > represent the maximum quality of any driver. By default it's 1024, and > the quality of any particular driver is then given by: > > min(default_quality, rng->quality ?: 1024); > > This way, the user can still turn this off for weird reasons (and we can > replace whatever driver-specific disabling hacks existed in the past), > yet we get proper crediting for relevant RNGs. > > Cc: Dominik Brodowski > Cc: Ard Biesheuvel > Cc: Herbert Xu > Signed-off-by: Jason A. Donenfeld Thanks for the additional explanation! Reviewed-by: Dominik Brodowski Thanks, Dominik