2021-02-20 17:49:05

by Álvaro Fernández Rojas

[permalink] [raw]
Subject: [PATCH] hwrng: bcm2835: set quality to 1000

This allows devices without a high precission timer to reduce boot from >100s
to <30s.

Signed-off-by: Álvaro Fernández Rojas <[email protected]>
---
drivers/char/hw_random/bcm2835-rng.c | 1 +
1 file changed, 1 insertion(+)

diff --git a/drivers/char/hw_random/bcm2835-rng.c b/drivers/char/hw_random/bcm2835-rng.c
index 1a7c43b43c6b..4b48cb7176b0 100644
--- a/drivers/char/hw_random/bcm2835-rng.c
+++ b/drivers/char/hw_random/bcm2835-rng.c
@@ -163,6 +163,7 @@ static int bcm2835_rng_probe(struct platform_device *pdev)
priv->rng.init = bcm2835_rng_init;
priv->rng.read = bcm2835_rng_read;
priv->rng.cleanup = bcm2835_rng_cleanup;
+ priv->rng.quality = 1000;

if (dev_of_node(dev)) {
rng_id = of_match_node(bcm2835_rng_of_match, dev->of_node);
--
2.20.1


2021-02-20 19:15:53

by Álvaro Fernández Rojas

[permalink] [raw]
Subject: Re: [PATCH] hwrng: bcm2835: set quality to 1000

Hi Andrew,

I ran rngtest and this is what I got:
[email protected]:/# cat /dev/hwrng | rngtest -c 1000
rngtest 6.10
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions. There is
NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 20000032
rngtest: FIPS 140-2 successes: 996
rngtest: FIPS 140-2 failures: 4
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 1
rngtest: FIPS 140-2(2001-10-10) Long run: 3
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=146.002; avg=349.394;
max=1302083.333)Kibits/s
rngtest: FIPS tests speed: (min=12.126; avg=22.750; max=23.432)Mibits/s
rngtest: Program run time: 56826982 microseconds

996 successes and 4 failures -> 99.6% success rate
1024 * 99.6% = 1019 (rounded down to 1000)

I'm not sure if I can rely on rngtest for that...

Best regards,
Álvaro.

El 20/02/2021 a las 20:09, Andrew Lunn escribió:
> On Sat, Feb 20, 2021 at 06:47:40PM +0100, Álvaro Fernández Rojas wrote:
>> This allows devices without a high precission timer to reduce boot from >100s
>> to <30s.
>> diff --git a/drivers/char/hw_random/bcm2835-rng.c b/drivers/char/hw_random/bcm2835-rng.c
>> index 1a7c43b43c6b..4b48cb7176b0 100644
>> --- a/drivers/char/hw_random/bcm2835-rng.c
>> +++ b/drivers/char/hw_random/bcm2835-rng.c
>> @@ -163,6 +163,7 @@ static int bcm2835_rng_probe(struct platform_device *pdev)
>> priv->rng.init = bcm2835_rng_init;
>> priv->rng.read = bcm2835_rng_read;
>> priv->rng.cleanup = bcm2835_rng_cleanup;
>> + priv->rng.quality = 1000;
>
> Hi Alvero
>
> * @quality: Estimation of true entropy in RNG's bitstream
> * (in bits of entropy per 1024 bits of input;
> * valid values: 1 to 1024, or 0 for unknown).
>
> How did you determine this device produces 1000 bits of true entropy
> per 1024?
>
> Andrew
>

2021-02-20 19:42:05

by Andrew Lunn

[permalink] [raw]
Subject: Re: [PATCH] hwrng: bcm2835: set quality to 1000

On Sat, Feb 20, 2021 at 08:12:45PM +0100, ?lvaro Fern?ndez Rojas wrote:
> Hi Andrew,
>
> I ran rngtest and this is what I got:
> [email protected]:/# cat /dev/hwrng | rngtest -c 1000
> rngtest 6.10
> Copyright (c) 2004 by Henrique de Moraes Holschuh
> This is free software; see the source for copying conditions. There is NO
> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
>
> rngtest: starting FIPS tests...
> rngtest: bits received from input: 20000032
> rngtest: FIPS 140-2 successes: 996
> rngtest: FIPS 140-2 failures: 4
> rngtest: FIPS 140-2(2001-10-10) Monobit: 0
> rngtest: FIPS 140-2(2001-10-10) Poker: 0
> rngtest: FIPS 140-2(2001-10-10) Runs: 1
> rngtest: FIPS 140-2(2001-10-10) Long run: 3
> rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
> rngtest: input channel speed: (min=146.002; avg=349.394;
> max=1302083.333)Kibits/s
> rngtest: FIPS tests speed: (min=12.126; avg=22.750; max=23.432)Mibits/s
> rngtest: Program run time: 56826982 microseconds
>
> 996 successes and 4 failures -> 99.6% success rate
> 1024 * 99.6% = 1019 (rounded down to 1000)
>
> I'm not sure if I can rely on rngtest for that...

Hi ?lvaro

You need some sort of justification for setting the quality
value. Please include what you have written above in the commit
message. It then becomes possible for reviewers to say if this
justification is valid or not.

Andrew

2021-02-20 19:59:06

by Álvaro Fernández Rojas

[permalink] [raw]
Subject: [PATCH v2] hwrng: bcm2835: set quality to 1000

This allows devices without a high precission timer to speed up boot from
more 100 s to lest than 30s.

Justification:
[email protected]:/# cat /dev/hwrng | rngtest -c 1000
rngtest 6.10
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 20000032
rngtest: FIPS 140-2 successes: 996
rngtest: FIPS 140-2 failures: 4
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 1
rngtest: FIPS 140-2(2001-10-10) Long run: 3
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=146.002; avg=349.394;
max=1302083.333)Kibits/s
rngtest: FIPS tests speed: (min=12.126; avg=22.750; max=23.432)Mibits/s
rngtest: Program run time: 56826982 microseconds

996 successes and 4 failures -> 99.6% success rate
1024 * 99.6% = 1019 (rounded down to 1000)

Signed-off-by: Álvaro Fernández Rojas <[email protected]>
---
v2: add jusftification

drivers/char/hw_random/bcm2835-rng.c | 1 +
1 file changed, 1 insertion(+)

diff --git a/drivers/char/hw_random/bcm2835-rng.c b/drivers/char/hw_random/bcm2835-rng.c
index 1a7c43b43c6b..4b48cb7176b0 100644
--- a/drivers/char/hw_random/bcm2835-rng.c
+++ b/drivers/char/hw_random/bcm2835-rng.c
@@ -163,6 +163,7 @@ static int bcm2835_rng_probe(struct platform_device *pdev)
priv->rng.init = bcm2835_rng_init;
priv->rng.read = bcm2835_rng_read;
priv->rng.cleanup = bcm2835_rng_cleanup;
+ priv->rng.quality = 1000;

if (dev_of_node(dev)) {
rng_id = of_match_node(bcm2835_rng_of_match, dev->of_node);
--
2.20.1

2021-02-22 19:51:57

by Álvaro Fernández Rojas

[permalink] [raw]
Subject: [PATCH v3] hwrng: bcm2835: set quality

This allows devices without a high precission timer to speed up boot from
more than 100s to lest than 30s.

BCM2835 rngtest:
[email protected]:/# cat /dev/hwrng | rngtest -c 1000
rngtest 6.10
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 20000032
rngtest: FIPS 140-2 successes: 996
rngtest: FIPS 140-2 failures: 4
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 1
rngtest: FIPS 140-2(2001-10-10) Long run: 3
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=146.002; avg=349.394;
max=1302083.333)Kibits/s
rngtest: FIPS tests speed: (min=12.126; avg=22.750; max=23.432)Mibits/s
rngtest: Program run time: 56826982 microseconds

996 successes and 4 failures -> 99.6% success rate
1024 * 99.6% = 1019 (rounded down to 1000)

BCM6368 rngtest:
[email protected]:/# [email protected]:/# cat /dev/hwrng | rngtest -c 1000
rngtest 6.10
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 20000032
rngtest: FIPS 140-2 successes: 751
rngtest: FIPS 140-2 failures: 249
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 34
rngtest: FIPS 140-2(2001-10-10) Runs: 245
rngtest: FIPS 140-2(2001-10-10) Long run: 0
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=1.202; avg=16.434; max=1003.868)Mibits/s
rngtest: FIPS tests speed: (min=761.155; avg=8343.383; max=15662.590)Kibits/s
rngtest: Program run time: 3539183 microseconds
cat: write error: Broken pipe

Signed-off-by: Álvaro Fernández Rojas <[email protected]>
---
v3: set different qualities for each SoC
v2: add jusftification

drivers/char/hw_random/bcm2835-rng.c | 17 ++++++++++++++---
1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/drivers/char/hw_random/bcm2835-rng.c b/drivers/char/hw_random/bcm2835-rng.c
index 1a7c43b43c6b..a6121a04f624 100644
--- a/drivers/char/hw_random/bcm2835-rng.c
+++ b/drivers/char/hw_random/bcm2835-rng.c
@@ -121,6 +121,15 @@ static void bcm2835_rng_cleanup(struct hwrng *rng)

struct bcm2835_rng_of_data {
bool mask_interrupts;
+ unsigned short quality;
+};
+
+static const struct bcm2835_rng_of_data bcm283x_rng_of_data = {
+ .quality = 1000,
+};
+
+static const struct bcm2835_rng_of_data bcm6368_rng_of_data = {
+ .quality = 700,
};

static const struct bcm2835_rng_of_data nsp_rng_of_data = {
@@ -128,10 +137,10 @@ static const struct bcm2835_rng_of_data nsp_rng_of_data = {
};

static const struct of_device_id bcm2835_rng_of_match[] = {
- { .compatible = "brcm,bcm2835-rng"},
+ { .compatible = "brcm,bcm2835-rng", .data = &bcm283x_rng_of_data },
{ .compatible = "brcm,bcm-nsp-rng", .data = &nsp_rng_of_data },
{ .compatible = "brcm,bcm5301x-rng", .data = &nsp_rng_of_data },
- { .compatible = "brcm,bcm6368-rng"},
+ { .compatible = "brcm,bcm6368-rng", .data = &bcm6368_rng_of_data },
{},
};

@@ -171,8 +180,10 @@ static int bcm2835_rng_probe(struct platform_device *pdev)

/* Check for rng init function, execute it */
of_data = rng_id->data;
- if (of_data)
+ if (of_data) {
priv->mask_interrupts = of_data->mask_interrupts;
+ priv->rng.quality = of_data->quality;
+ }
}

/* register driver */
--
2.20.1

2021-03-04 13:09:00

by Herbert Xu

[permalink] [raw]
Subject: Re: [PATCH] hwrng: bcm2835: set quality to 1000

On Sat, Feb 20, 2021 at 08:12:45PM +0100, ?lvaro Fern?ndez Rojas wrote:
>
> I ran rngtest and this is what I got:

This is meaningless except for sources that have not been whitened.

Your justification needs to be based on what the hardware does or
is documented to do.

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2021-03-04 17:53:39

by Nicolas Saenz Julienne

[permalink] [raw]
Subject: Re: [PATCH] hwrng: bcm2835: set quality to 1000

On Wed, 2021-03-03 at 10:29 +0100, Álvaro Fernández Rojas wrote:
> Hi Herbert,
>
> > El 3 mar 2021, a las 10:20, Herbert Xu <[email protected]> escribió:
> >
> > On Sat, Feb 20, 2021 at 08:12:45PM +0100, Álvaro Fernández Rojas wrote:
> > >
> > > I ran rngtest and this is what I got:
> >
> > This is meaningless except for sources that have not been whitened.
> >
> > Your justification needs to be based on what the hardware does or
> > is documented to do.
>
> Ok, so I guess that we’re never setting that value to anything since there’s
> no public documentation about that ¯\_(ツ)_/¯.

@Florian, is there a way you might be able to get the official value?

Regards,
Nicolas



Attachments:
signature.asc (499.00 B)
This is a digitally signed message part

2021-03-05 01:00:22

by Florian Fainelli

[permalink] [raw]
Subject: Re: [PATCH] hwrng: bcm2835: set quality to 1000

On 3/4/21 7:11 AM, Nicolas Saenz Julienne wrote:
> On Wed, 2021-03-03 at 10:29 +0100, Álvaro Fernández Rojas wrote:
>> Hi Herbert,
>>
>>> El 3 mar 2021, a las 10:20, Herbert Xu <[email protected]> escribió:
>>>
>>> On Sat, Feb 20, 2021 at 08:12:45PM +0100, Álvaro Fernández Rojas wrote:
>>>>
>>>> I ran rngtest and this is what I got:
>>>
>>> This is meaningless except for sources that have not been whitened.
>>>
>>> Your justification needs to be based on what the hardware does or
>>> is documented to do.
>>
>> Ok, so I guess that we’re never setting that value to anything since there’s
>> no public documentation about that ¯\_(ツ)_/¯.
>
> @Florian, is there a way you might be able to get the official value?

I will be looking into the documentation this weekend and let you know
whether we can change the driver's quality accordingly.
--
Florian