Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp5660209rwb; Tue, 22 Nov 2022 03:14:35 -0800 (PST) X-Google-Smtp-Source: AA0mqf5wDJyUZR+pZ81Kqqj1dJcBzCidM57bp3Rra8nNvkchBE/6asJcKMVgxAvYocNyKBkXLnUE X-Received: by 2002:a05:6402:5513:b0:467:7026:515e with SMTP id fi19-20020a056402551300b004677026515emr20883077edb.26.1669115675523; Tue, 22 Nov 2022 03:14:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669115675; cv=none; d=google.com; s=arc-20160816; b=QEKKdL2eHNB55G7w+0yS+i7w6+dIOuwcDTGPg/A4haAlXvgGu19mNk9Es2yNB4Mau8 Gn9WgjOYNpcrj+QdlkOczHjpeoYPbIdO9Z8dqgrGSjtrWNOMog7V8+x0n0s9JxM+Sqy9 X956OQe7ZhDsNvz5MxM3nEiTWy9vPiKq5teT+VK44wTnt2z0TSAAU8rG1Z9MH7QHF/tp HPims/GMSIRx7oGpPRiaZcBXgiDrI9ZSLlFpFY3/s5pHM+x7te/qCc6U5ppj67a93Yqt 6dNBYl0kuIKdCXmcLtDa5LGKQOgcbHv97RyVNPdJpQ3zxyyqkvvhOC7G8bEzXQT4CRvf HOZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to :organization:from:references:cc:to:content-language:subject :user-agent:mime-version:date:message-id:dkim-signature; bh=F6j8QezwvPeIc1whJXpov585qrC9mDPddo8yNb+CIw4=; b=vtKL1U3Y0uQQM8B4j1J/BlokFtf0p3S1yPLD7MIEK/iqX1xPUqW4Z4eGrvCiFEJFDV tdPxssKbn8x+EQmeOe146nDLobtyVDI+rOU3j15zpBWoeNwIqDslRDVcakXWgfraUuM1 iSZoJTf9MElrDHNgpTRQtJg9gHOyoxTwnE0C+VVfhVQ3q/TGpPXJM+EuehhMoI5nJJo0 AYC4D3k9SkCaMNqW41L9BEt8i1n1MKxkihh2SSqUx5aW29BLonWJ4ZhFIp7sTtubBCPT UyugCWPg/VQ8FB2UqUuoHD2z92lywdTgFvm558pnA/uGYFyqOjiS5O9ewfD2n1Yr4V5l 29jQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@collabora.co.uk header.s=mail header.b="q0QZXbv/"; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=collabora.co.uk Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d30-20020a056402401e00b00458e87a1d83si11322852eda.54.2022.11.22.03.14.10; Tue, 22 Nov 2022 03:14:35 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=fail header.i=@collabora.co.uk header.s=mail header.b="q0QZXbv/"; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=collabora.co.uk Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232565AbiKVKzz (ORCPT + 99 others); Tue, 22 Nov 2022 05:55:55 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49252 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231998AbiKVKzy (ORCPT ); Tue, 22 Nov 2022 05:55:54 -0500 Received: from madras.collabora.co.uk (madras.collabora.co.uk [46.235.227.172]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 047802AC71 for ; Tue, 22 Nov 2022 02:55:52 -0800 (PST) Received: from [192.168.1.23] (unknown [94.229.32.126]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: andrewsh) by madras.collabora.co.uk (Postfix) with ESMTPSA id 245466602A81; Tue, 22 Nov 2022 10:55:51 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=collabora.co.uk; s=mail; t=1669114551; bh=+1vAo0LerH8wsSi//WtJnv0ojvgK+Hdwpy7A1HfsRAk=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=q0QZXbv/ZEQcZqNjJv+869sA4cHbkcsFhQ7rDQWcbgrojTzrh0wSnWWnvYZLEFBpA yeqeQuck5I6CDSXbnGiBMtW2VWoVa5gh6mLaOQfR9EvsWgtt1DM9UTDctrX7wTx/jM OpeH2nbgiRtfWcn9kvoKIKSabRfryp+3YM9C7M8qP0CsrZSOp9tRRD/K3UAafVACv3 03iUT0z6Jck7b8x+o+DFwfoe5J1okqOodfCZCn5bQXiZfzP6BJoNvu0UzQ/D8pHV1u TgunhTq4fLIfQqwwdpEDTPcVivLltceo+88ebxeR9gfVho3CDDRo9d/3K4Uh3sX17l dvLOZ1/b3hBcw== Message-ID: <2b70efb3-08ef-8de0-d222-4bc29288dde8@collabora.co.uk> Date: Tue, 22 Nov 2022 11:55:47 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.1.1 Subject: Re: [PATCH] hwrng: u2fzero - account for high quality RNG Content-Language: en-GB To: "Jason A. Donenfeld" , herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org Cc: Jiri Kosina References: <20221119134259.2969204-1-Jason@zx2c4.com> From: Andrej Shadura Organization: Collabora In-Reply-To: <20221119134259.2969204-1-Jason@zx2c4.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 19/11/2022 14:42, Jason A. Donenfeld wrote: > The U2F zero apparently has a real TRNG in it with maximum quality, not > one with quality of "1", which was likely a misinterpretation of the > field as a boolean. So remove the assignment entirely, so that we get > the default quality setting. > > In the u2f-zero firmware, the 0x21 RNG command used by this driver is > handled as such [1]: > So it seems rather plain that the ATECC RNG is considered to provide > good random numbers. Thanks — at the time when it was written, there was a general concern about whether we should trust the hardware RNG of this device or not, so the safer option was not to :) > Cc: Andrej Shadura > Cc: Jiri Kosina > Cc: Herbert Xu > Signed-off-by: Jason A. Donenfeld Probably too late, but still: Acked-by: Andrej Shadura -- Cheers, Andrej