Home
last modified time | relevance | path

Searched hist:"391 a38544bcf9f4989b96cc5cfd47e557893394f" (Results 1 – 3 of 3) sorted by relevance

/optee_os/core/include/
H A Drng_support.h391a38544bcf9f4989b96cc5cfd47e557893394f Fri Apr 29 14:16:18 UTC 2022 Andrew Davis <afd@ti.com> core: Add hw_get_random_bytes()

Currently there are two options for supporting hardware RNG, implementing
hw_get_random_byte() or overriding crypto_rng_read().

crypto_rng_read() is provided by either a software PRNG or by a hardware
RNG through a weak function in rng_hw.c. This weak function repeatedly
calls hw_get_random_byte(). This can be an unneeded slowdown for
platforms that fetch more than one byte of randomness per call to their
HW RNG (all of them). The usual pattern is to store these extra bytes
in a FIFO and feed them out one at a time. But since the only two callers
of hw_get_random_byte() are themselves users of more than one byte this
indirection is unnecessary. To get around this some platforms have also
started overriding crypto_rng_read() which makes the API flow a bit less
intuitive than it could be.

Plan here is that platforms only need to implement hw_get_random_bytes().
This can be called with length = 1 if we only need a single byte. But in
the more common case we get a performance boost and simplify the RNG call
flow.

To start we keep hw_get_random_byte() and have the new
hw_get_random_bytes() use it to get platform HW RNG byte at a time.
When we finish moving all plats over to hw_get_random_bytes() then
hw_get_random_byte() can be removed.

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
/optee_os/core/crypto/
H A Drng_hw.c391a38544bcf9f4989b96cc5cfd47e557893394f Fri Apr 29 14:16:18 UTC 2022 Andrew Davis <afd@ti.com> core: Add hw_get_random_bytes()

Currently there are two options for supporting hardware RNG, implementing
hw_get_random_byte() or overriding crypto_rng_read().

crypto_rng_read() is provided by either a software PRNG or by a hardware
RNG through a weak function in rng_hw.c. This weak function repeatedly
calls hw_get_random_byte(). This can be an unneeded slowdown for
platforms that fetch more than one byte of randomness per call to their
HW RNG (all of them). The usual pattern is to store these extra bytes
in a FIFO and feed them out one at a time. But since the only two callers
of hw_get_random_byte() are themselves users of more than one byte this
indirection is unnecessary. To get around this some platforms have also
started overriding crypto_rng_read() which makes the API flow a bit less
intuitive than it could be.

Plan here is that platforms only need to implement hw_get_random_bytes().
This can be called with length = 1 if we only need a single byte. But in
the more common case we get a performance boost and simplify the RNG call
flow.

To start we keep hw_get_random_byte() and have the new
hw_get_random_bytes() use it to get platform HW RNG byte at a time.
When we finish moving all plats over to hw_get_random_bytes() then
hw_get_random_byte() can be removed.

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
/optee_os/mk/
H A Dconfig.mk391a38544bcf9f4989b96cc5cfd47e557893394f Fri Apr 29 14:16:18 UTC 2022 Andrew Davis <afd@ti.com> core: Add hw_get_random_bytes()

Currently there are two options for supporting hardware RNG, implementing
hw_get_random_byte() or overriding crypto_rng_read().

crypto_rng_read() is provided by either a software PRNG or by a hardware
RNG through a weak function in rng_hw.c. This weak function repeatedly
calls hw_get_random_byte(). This can be an unneeded slowdown for
platforms that fetch more than one byte of randomness per call to their
HW RNG (all of them). The usual pattern is to store these extra bytes
in a FIFO and feed them out one at a time. But since the only two callers
of hw_get_random_byte() are themselves users of more than one byte this
indirection is unnecessary. To get around this some platforms have also
started overriding crypto_rng_read() which makes the API flow a bit less
intuitive than it could be.

Plan here is that platforms only need to implement hw_get_random_bytes().
This can be called with length = 1 if we only need a single byte. But in
the more common case we get a performance boost and simplify the RNG call
flow.

To start we keep hw_get_random_byte() and have the new
hw_get_random_bytes() use it to get platform HW RNG byte at a time.
When we finish moving all plats over to hw_get_random_bytes() then
hw_get_random_byte() can be removed.

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>