tpm: tpm_tis_spi_cr50: Add default RNG quality
To allow this device to fill the kernel's entropy pool at boot, setup a default quality for the hwrng found in Cr50. After some testing with rngtest and dieharder it was, in short, discovered that the RNG produces fair quality randomness, giving around 99.93% successes in rngtest FIPS140-2. Notably, though, when testing with dieharder it was noticed that we get 3 WEAK results over 114, which isn't optimal, and also the p-values distribution wasn't uniform in all the cases, so a conservative quality value was chosen by applying an arbitrary penalty to the calculated values. For reference, this is how the values were calculated: The dieharder results were averaged, then normalized (0-1000) and re-averaged with the rngtest result (where the result was given a score of 99.93% of 1000, so 999.3), then aggregated together and averaged again. An arbitrary penalty of -100 was applied due to the retrieved value, which brings us finally to 700. Signed-off-by: AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
This commit is contained in:
parent
f04510f26f
commit
d2704808f2
@ -36,6 +36,9 @@
|
|||||||
#define TPM_CR50_FW_VER(l) (0x0f90 | ((l) << 12))
|
#define TPM_CR50_FW_VER(l) (0x0f90 | ((l) << 12))
|
||||||
#define TPM_CR50_MAX_FW_VER_LEN 64
|
#define TPM_CR50_MAX_FW_VER_LEN 64
|
||||||
|
|
||||||
|
/* Default quality for hwrng. */
|
||||||
|
#define TPM_CR50_DEFAULT_RNG_QUALITY 700
|
||||||
|
|
||||||
struct cr50_spi_phy {
|
struct cr50_spi_phy {
|
||||||
struct tpm_tis_spi_phy spi_phy;
|
struct tpm_tis_spi_phy spi_phy;
|
||||||
|
|
||||||
@ -264,6 +267,7 @@ int cr50_spi_probe(struct spi_device *spi)
|
|||||||
phy = &cr50_phy->spi_phy;
|
phy = &cr50_phy->spi_phy;
|
||||||
phy->flow_control = cr50_spi_flow_control;
|
phy->flow_control = cr50_spi_flow_control;
|
||||||
phy->wake_after = jiffies;
|
phy->wake_after = jiffies;
|
||||||
|
phy->priv.rng_quality = TPM_CR50_DEFAULT_RNG_QUALITY;
|
||||||
init_completion(&phy->ready);
|
init_completion(&phy->ready);
|
||||||
|
|
||||||
cr50_phy->access_delay = CR50_NOIRQ_ACCESS_DELAY;
|
cr50_phy->access_delay = CR50_NOIRQ_ACCESS_DELAY;
|
||||||
|
Loading…
Reference in New Issue
Block a user