From patchwork Tue Dec 12 16:36:06 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Lukasz Stelmach X-Patchwork-Id: 10107859 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 4A757602B3 for ; Tue, 12 Dec 2017 16:37:23 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3CDF52947F for ; Tue, 12 Dec 2017 16:37:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 30E8D294E6; Tue, 12 Dec 2017 16:37:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5CD442947F for ; Tue, 12 Dec 2017 16:37:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751274AbdLLQhV (ORCPT ); Tue, 12 Dec 2017 11:37:21 -0500 Received: from mailout1.w1.samsung.com ([210.118.77.11]:57961 "EHLO mailout1.w1.samsung.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752134AbdLLQgP (ORCPT ); Tue, 12 Dec 2017 11:36:15 -0500 Received: from eucas1p1.samsung.com (unknown [182.198.249.206]) by mailout1.w1.samsung.com (KnoxPortal) with ESMTP id 20171212163613euoutp01f0409c4aeb21cad8540704779165acea~-mVExAPZv1999419994euoutp01i; Tue, 12 Dec 2017 16:36:13 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 mailout1.w1.samsung.com 20171212163613euoutp01f0409c4aeb21cad8540704779165acea~-mVExAPZv1999419994euoutp01i DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=samsung.com; s=mail20170921; t=1513096573; bh=Wavys/T9o2xDmdoenzT2SZSDVkRfYdOpEVnXQkZT/dY=; h=From:To:Cc:Subject:Date:In-reply-to:In-reply-to:References:From; b=tnU7f0sOA7QUotlNS4h/8KWWqukzJSva76QvBCn6Rq1ZzLkWF9aGmVAsCOf8WtNyW x0FaDk5AUTAdXMeYlanKpG+ef7H9dLPc4Ybn3LuxRxt4cbdK/BmGf0UsCGZY9pqyHd rKyYBJZox4LlzZjD90pQ90IiU1ID1FELqWXWWRiY= Received: from eusmges1.samsung.com (unknown [203.254.199.239]) by eucas1p2.samsung.com (KnoxPortal) with ESMTP id 20171212163613eucas1p29967a294969035327ef295ca8b6405e0~-mVEF8FA32507925079eucas1p2D; Tue, 12 Dec 2017 16:36:13 +0000 (GMT) Received: from eucas1p1.samsung.com ( [182.198.249.206]) by eusmges1.samsung.com (EUCPMTA) with SMTP id 6E.B1.12576.C75003A5; Tue, 12 Dec 2017 16:36:12 +0000 (GMT) Received: from eusmgms1.samsung.com (unknown [182.198.249.179]) by eucas1p2.samsung.com (KnoxPortal) with ESMTP id 20171212163612eucas1p2a16e3bb7cb36a50ec2c5c88a185c529a~-mVDXJuxV2508725087eucas1p25; Tue, 12 Dec 2017 16:36:12 +0000 (GMT) X-AuditID: cbfec7ef-f79ee6d000003120-25-5a30057c6ad4 Received: from eusync2.samsung.com ( [203.254.199.212]) by eusmgms1.samsung.com (EUCPMTA) with SMTP id E2.ED.18832.C75003A5; Tue, 12 Dec 2017 16:36:12 +0000 (GMT) MIME-version: 1.0 Content-transfer-encoding: 8BIT Content-type: text/plain; charset="UTF-8" Received: from localhost ([106.116.147.110]) by eusync2.samsung.com (Oracle Communications Messaging Server 7.0.5.31.0 64bit (built May 5 2014)) with ESMTPA id <0P0U00CQ8WSCAC30@eusync2.samsung.com>; Tue, 12 Dec 2017 16:36:12 +0000 (GMT) From: =?UTF-8?q?=C5=81ukasz=20Stelmach?= To: Krzysztof Kozlowski , robh+dt@kernel.org, Stephan Mueller , Herbert Xu , "David S . Miller" , Kukjin Kim , linux-crypto@vger.kernel.org, linux-samsung-soc@vger.kernel.org, linux-kernel@vger.kernel.org Cc: =?UTF-8?q?=C5=81ukasz=20Stelmach?= , Marek Szyprowski , Bartlomiej Zolnierkiewicz Subject: [PATCH v3 3/4] crypto: exynos - Reseed PRNG after generating 2^16 random bytes Date: Tue, 12 Dec 2017 17:36:06 +0100 Message-id: <20171212163607.2985-4-l.stelmach@samsung.com> X-Mailer: git-send-email 2.11.0 In-reply-to: <20171212163607.2985-1-l.stelmach@samsung.com> In-reply-to: <20171211140623.7673-1-l.stelmach@samsung.com> Organization: Samsung R&D Institute Poland X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrBKsWRmVeSWpSXmKPExsWy7djPc7o1rAZRBq8+GlpsnLGe1WLO+RYW i+5XMhb9j18zW5w/v4Hd4uahFYwW9+/9ZLK4vGsOm8WM8/uYLNYeuctu0br3CLvF1NNrWRx4 PD5ducLksWXlTSaPbQdUPTat6mTz6NuyitHj8ya5ALYoLpuU1JzMstQifbsErowZzVuYC44K V6y/3c7WwPiZv4uRk0NCwETi5ZN3TBC2mMSFe+vZuhi5OIQEljFK/F57iwXC+cwoce/QBDaY ju6JG5jgqq7+OcsIkuAVEJT4MfkeUAcHB7OAvMSRS9kgYWYBTYmtu9ezg9hCAl8YJV6fsQSx 2QQcJfqXnmAFmSMisI9J4vHEqYwgDjPI0IPbTrKBDBIWiJTYPosFpIFFQFXiaesdZohdVhJ9 p3YxQxwkL7Gr7SIriM0pYC3x5d86Jhi783g72NH8AloSa5qug30jIdDPLjGn4xIjRLOLxMYP R6E+E5Z4dXwLO4QtI9HZcZAJqoFR4vD871CJKYwSixc6QNjWEn9WTWSDeJNPYtK26cwgR0sI 8Ep0tAlBmB4Sd36lQVQ7SjxbcJgREnB9jBLvJl5lmcCoMAsp7GYhwm4WUtgtYGRexSiSWlqc m55abKhXnJhbXJqXrpecn7uJEZieTv87/n4H49PmkEOMAhyMSjy8Dx7oRwmxJpYVV+YeYpTg YFYS4e1uAgrxpiRWVqUW5ccXleakFh9ilOZgURLntY1qixQSSE8sSc1OTS1ILYLJMnFwSjUw FtU72HdOVjcMnFx0+g6DoJm3UnGela8lo7f90idmbZPN5G1Xz5ptF6TzJHRBNHN8u+Py5iWL XplkXmQuq3shO+d7gg6nZ863N17cDB+Xb7p5wXR3fX18xWGBZq+DJSE/eAMnbVmyJb9wy/Jc udXftLZHe0dXWOzqL1gptnjSt03uncu6IycrsRRnJBpqMRcVJwIASuL9UksDAAA= X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprFIsWRmVeSWpSXmKPExsVy+t/xK7o1rAZRBtP7BC02zljPajHnfAuL RfcrGYv+x6+ZLc6f38BucfPQCkaL+/d+Mllc3jWHzWLG+X1MFmuP3GW3aN17hN1i6um1LA48 Hp+uXGHy2LLyJpPHtgOqHptWdbJ59G1ZxejxeZNcAFsUl01Kak5mWWqRvl0CV8aM5i3MBUeF K9bfbmdrYPzM38XIySEhYCLRPXEDE4QtJnHh3nq2LkYuDiGBJYwSS3+8BUvwCghK/Jh8j6WL kYODWUBe4silbJAws4C6xKR5i5gh6r8xShx9spQFJMEm4CjRv/QEK0hCROAAk0RDzxKwqcwC yxgl/vS0soFMEhaIlNg+C6yBRUBV4mnrHWaIZVYSfad2MUNcJC+xq+0iK4jNKWAt8eXfOrCD hIBq/pz4yw4T7zzezgYTX/97HVicX0BLYk3TdZYJjMKzkPwwC+GHWUh+WMDIvIpRJLW0ODc9 t9hQrzgxt7g0L10vOT93EyMwxrYd+7l5B+OljcGHGAU4GJV4eB880I8SYk0sK67MPcQowcGs JMLb3QQU4k1JrKxKLcqPLyrNSS0+xCjNwaIkztu7Z3WkkEB6YklqdmpqQWoRTJaJg1OqgVGq MCslYM9UwcC/k8veSyzVmeuZlRSsr7jyhvNqO4eHH2r8/Od9ylAK6jUNUz7y4d9prdVxgmxX H647ffa4+saSNBFpEXnv0k16+3YftNkwTe1i2YaZTnuWzzc2YmKcMOdi6XSbbQsLaq76Ruxy TzH8vPOiTX2AuJXxn0l5v+JYrnMdMfs4YYMSS3FGoqEWc1FxIgD27XrrrQIAAA== X-CMS-MailID: 20171212163612eucas1p2a16e3bb7cb36a50ec2c5c88a185c529a X-Msg-Generator: CA CMS-TYPE: 201P X-CMS-RootMailID: 20171212163612eucas1p2a16e3bb7cb36a50ec2c5c88a185c529a X-RootMTR: 20171212163612eucas1p2a16e3bb7cb36a50ec2c5c88a185c529a References: <20171212163607.2985-1-l.stelmach@samsung.com> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Reseed PRNG after reading 65 kB of randomness. Although this may reduce performance, in most cases the loss is not noticeable. Also the time based threshold for reseeding is changed to one second. Reseeding is performed whenever either limit is exceeded. Reseeding of a PRNG does not increase entropy, but it helps preventing backtracking the internal state of the device from its output sequence, and hence, prevents potential attacker from predicting numbers to be generated. Signed-off-by: Ɓukasz Stelmach Reviewed-by: Stephan Mueller Reviewed-by: Krzysztof Kozlowski --- drivers/crypto/exynos-rng.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/drivers/crypto/exynos-rng.c b/drivers/crypto/exynos-rng.c index dcdd444d0b3b..825ed7bfd881 100644 --- a/drivers/crypto/exynos-rng.c +++ b/drivers/crypto/exynos-rng.c @@ -55,12 +55,14 @@ enum exynos_prng_type { }; /* - * Driver re-seeds itself with generated random numbers to increase - * the randomness. + * Driver re-seeds itself with generated random numbers to hinder + * backtracking of the original seed. * * Time for next re-seed in ms. */ -#define EXYNOS_RNG_RESEED_TIME 100 +#define EXYNOS_RNG_RESEED_TIME 1000 +#define EXYNOS_RNG_RESEED_BYTES 65536 + /* * In polling mode, do not wait infinitely for the engine to finish the work. */ @@ -82,6 +84,8 @@ struct exynos_rng_dev { unsigned int seed_save_len; /* Time of last seeding in jiffies */ unsigned long last_seeding; + /* Bytes generated since last seeding */ + unsigned long bytes_seeding; }; static struct exynos_rng_dev *exynos_rng_dev; @@ -126,6 +130,7 @@ static int exynos_rng_set_seed(struct exynos_rng_dev *rng, } rng->last_seeding = jiffies; + rng->bytes_seeding = 0; return 0; } @@ -164,6 +169,7 @@ static int exynos_rng_get_random(struct exynos_rng_dev *rng, EXYNOS_RNG_STATUS); *read = min_t(size_t, dlen, EXYNOS_RNG_SEED_SIZE); memcpy_fromio(dst, rng->mem + EXYNOS_RNG_OUT_BASE, *read); + rng->bytes_seeding += *read; return 0; } @@ -177,7 +183,8 @@ static void exynos_rng_reseed(struct exynos_rng_dev *rng) unsigned int read = 0; u8 seed[EXYNOS_RNG_SEED_SIZE]; - if (time_before(now, next_seeding)) + if (time_before(now, next_seeding) && + rng->bytes_seeding < EXYNOS_RNG_RESEED_BYTES) return; if (exynos_rng_get_random(rng, seed, sizeof(seed), &read))