On 4/13/2018 3:12 AM, Fabio Estevam wrote:
> Hi Horia,
>
> On Thu, Apr 12, 2018 at 4:12 AM, Horia Geantă wrote:
>
>> Yes, driver needs to strip off leading zeros from input data before feeding
>> it
>> to the accelerator.
>> I am working at a fix.
>
> I was able to to strip off the leading zer
Am Freitag, 13. April 2018, 03:30:42 CEST schrieb Theodore Ts'o:
Hi Theodore,
> The crng_init variable has three states:
>
> 0: The CRNG is not initialized at all
> 1: The CRNG has a small amount of entropy, hopefully good enough for
>early-boot, non-cryptographical use cases
> 2: The CRNG i
The crng_init variable has three states:
0: The CRNG is not initialized at all
1: The CRNG has a small amount of entropy, hopefully good enough for
early-boot, non-cryptographical use cases
2: The CRNG is fully initialized and we are sure it is safe for
cryptographic use cases.
The crng_rea
add_device_randomness() use of crng_fast_load() was highly
problematic. Some callers of add_device_randomness() can pass in a
large amount of static information. This would immediately promote
the crng_init state from 0 to 1, without really doing much to
initialize the primary_crng's internal sta
Reported-by: Jann Horn
Fixes: 1e7f583af67b ("random: make /dev/urandom scalable for silly...")
Cc: sta...@kernel.org # 4.8+
Signed-off-by: Theodore Ts'o
Reviewed-by: Jann Horn
---
drivers/char/random.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/char/random.c
Until the primary_crng is fully initialized, don't initialize the NUMA
crng nodes. Otherwise users of /dev/urandom on NUMA systems before
the CRNG is fully initialized can get very bad quality randomness. Of
course everyone should move to getrandom(2) where this won't be an
issue, but there's a l
Add a new ioctl which forces the the crng to be reseeded.
Signed-off-by: Theodore Ts'o
Cc: sta...@kernel.org
---
drivers/char/random.c | 13 -
include/uapi/linux/random.h | 3 +++
2 files changed, 15 insertions(+), 1 deletion(-)
diff --git a/drivers/char/random.c b/drivers/ch
Hi Horia,
On Thu, Apr 12, 2018 at 4:12 AM, Horia Geantă wrote:
> Yes, driver needs to strip off leading zeros from input data before feeding it
> to the accelerator.
> I am working at a fix.
I was able to to strip off the leading zeros from input data as you suggested.
My changes are like this
Hi Fabio,
2018-04-11 9:45 GMT-03:00 Fabio Estevam :
> From: Fabio Estevam
>
> The 'era' information can be retrieved from CAAM registers, so
> introduce a caam_get_era_from_hw() function that gets it via register
> reads in case the 'fsl,sec-era' property is not passed in the device
> tree.
>
> T
Hi,
The Linux kernel exports a network interface of type AF_ALG to allow user
space to utilize the kernel crypto API. libkcapi uses this network interface
and exports an easy to use API so that a developer does not need to consider
the low-level network interface handling.
The library does no
On 4/11/2018 8:26 PM, Fabio Estevam wrote:
> Hi Horia,
>
> On Wed, Apr 11, 2018 at 7:15 AM, Horia Geantă wrote:
>
>> You'd want to make sure rsa is offloaded to caam in this case - check in
>> /proc/crypto.
>> IIRC there are some i.mx parts that don't have support for Public Key
>> acceleration
11 matches
Mail list logo
