1*4882a593Smuzhiyun========================================================== 2*4882a593SmuzhiyunLinux support for random number generator in i8xx chipsets 3*4882a593Smuzhiyun========================================================== 4*4882a593Smuzhiyun 5*4882a593SmuzhiyunIntroduction 6*4882a593Smuzhiyun============ 7*4882a593Smuzhiyun 8*4882a593SmuzhiyunThe hw_random framework is software that makes use of a 9*4882a593Smuzhiyunspecial hardware feature on your CPU or motherboard, 10*4882a593Smuzhiyuna Random Number Generator (RNG). The software has two parts: 11*4882a593Smuzhiyuna core providing the /dev/hwrng character device and its 12*4882a593Smuzhiyunsysfs support, plus a hardware-specific driver that plugs 13*4882a593Smuzhiyuninto that core. 14*4882a593Smuzhiyun 15*4882a593SmuzhiyunTo make the most effective use of these mechanisms, you 16*4882a593Smuzhiyunshould download the support software as well. Download the 17*4882a593Smuzhiyunlatest version of the "rng-tools" package from the 18*4882a593Smuzhiyunhw_random driver's official Web site: 19*4882a593Smuzhiyun 20*4882a593Smuzhiyun http://sourceforge.net/projects/gkernel/ 21*4882a593Smuzhiyun 22*4882a593SmuzhiyunThose tools use /dev/hwrng to fill the kernel entropy pool, 23*4882a593Smuzhiyunwhich is used internally and exported by the /dev/urandom and 24*4882a593Smuzhiyun/dev/random special files. 25*4882a593Smuzhiyun 26*4882a593SmuzhiyunTheory of operation 27*4882a593Smuzhiyun=================== 28*4882a593Smuzhiyun 29*4882a593SmuzhiyunCHARACTER DEVICE. Using the standard open() 30*4882a593Smuzhiyunand read() system calls, you can read random data from 31*4882a593Smuzhiyunthe hardware RNG device. This data is NOT CHECKED by any 32*4882a593Smuzhiyunfitness tests, and could potentially be bogus (if the 33*4882a593Smuzhiyunhardware is faulty or has been tampered with). Data is only 34*4882a593Smuzhiyunoutput if the hardware "has-data" flag is set, but nevertheless 35*4882a593Smuzhiyuna security-conscious person would run fitness tests on the 36*4882a593Smuzhiyundata before assuming it is truly random. 37*4882a593Smuzhiyun 38*4882a593SmuzhiyunThe rng-tools package uses such tests in "rngd", and lets you 39*4882a593Smuzhiyunrun them by hand with a "rngtest" utility. 40*4882a593Smuzhiyun 41*4882a593Smuzhiyun/dev/hwrng is char device major 10, minor 183. 42*4882a593Smuzhiyun 43*4882a593SmuzhiyunCLASS DEVICE. There is a /sys/class/misc/hw_random node with 44*4882a593Smuzhiyuntwo unique attributes, "rng_available" and "rng_current". The 45*4882a593Smuzhiyun"rng_available" attribute lists the hardware-specific drivers 46*4882a593Smuzhiyunavailable, while "rng_current" lists the one which is currently 47*4882a593Smuzhiyunconnected to /dev/hwrng. If your system has more than one 48*4882a593SmuzhiyunRNG available, you may change the one used by writing a name from 49*4882a593Smuzhiyunthe list in "rng_available" into "rng_current". 50*4882a593Smuzhiyun 51*4882a593Smuzhiyun========================================================================== 52*4882a593Smuzhiyun 53*4882a593Smuzhiyun 54*4882a593SmuzhiyunHardware driver for Intel/AMD/VIA Random Number Generators (RNG) 55*4882a593Smuzhiyun - Copyright 2000,2001 Jeff Garzik <jgarzik@pobox.com> 56*4882a593Smuzhiyun - Copyright 2000,2001 Philipp Rumpf <prumpf@mandrakesoft.com> 57*4882a593Smuzhiyun 58*4882a593Smuzhiyun 59*4882a593SmuzhiyunAbout the Intel RNG hardware, from the firmware hub datasheet 60*4882a593Smuzhiyun============================================================= 61*4882a593Smuzhiyun 62*4882a593SmuzhiyunThe Firmware Hub integrates a Random Number Generator (RNG) 63*4882a593Smuzhiyunusing thermal noise generated from inherently random quantum 64*4882a593Smuzhiyunmechanical properties of silicon. When not generating new random 65*4882a593Smuzhiyunbits the RNG circuitry will enter a low power state. Intel will 66*4882a593Smuzhiyunprovide a binary software driver to give third party software 67*4882a593Smuzhiyunaccess to our RNG for use as a security feature. At this time, 68*4882a593Smuzhiyunthe RNG is only to be used with a system in an OS-present state. 69*4882a593Smuzhiyun 70*4882a593SmuzhiyunIntel RNG Driver notes 71*4882a593Smuzhiyun====================== 72*4882a593Smuzhiyun 73*4882a593SmuzhiyunFIXME: support poll(2) 74*4882a593Smuzhiyun 75*4882a593Smuzhiyun.. note:: 76*4882a593Smuzhiyun 77*4882a593Smuzhiyun request_mem_region was removed, for three reasons: 78*4882a593Smuzhiyun 79*4882a593Smuzhiyun 1) Only one RNG is supported by this driver; 80*4882a593Smuzhiyun 2) The location used by the RNG is a fixed location in 81*4882a593Smuzhiyun MMIO-addressable memory; 82*4882a593Smuzhiyun 3) users with properly working BIOS e820 handling will always 83*4882a593Smuzhiyun have the region in which the RNG is located reserved, so 84*4882a593Smuzhiyun request_mem_region calls always fail for proper setups. 85*4882a593Smuzhiyun However, for people who use mem=XX, BIOS e820 information is 86*4882a593Smuzhiyun **not** in /proc/iomem, and request_mem_region(RNG_ADDR) can 87*4882a593Smuzhiyun succeed. 88*4882a593Smuzhiyun 89*4882a593SmuzhiyunDriver details 90*4882a593Smuzhiyun============== 91*4882a593Smuzhiyun 92*4882a593SmuzhiyunBased on: 93*4882a593Smuzhiyun Intel 82802AB/82802AC Firmware Hub (FWH) Datasheet 94*4882a593Smuzhiyun May 1999 Order Number: 290658-002 R 95*4882a593Smuzhiyun 96*4882a593SmuzhiyunIntel 82802 Firmware Hub: 97*4882a593Smuzhiyun Random Number Generator 98*4882a593Smuzhiyun Programmer's Reference Manual 99*4882a593Smuzhiyun December 1999 Order Number: 298029-001 R 100*4882a593Smuzhiyun 101*4882a593SmuzhiyunIntel 82802 Firmware HUB Random Number Generator Driver 102*4882a593Smuzhiyun Copyright (c) 2000 Matt Sottek <msottek@quiknet.com> 103*4882a593Smuzhiyun 104*4882a593SmuzhiyunSpecial thanks to Matt Sottek. I did the "guts", he 105*4882a593Smuzhiyundid the "brains" and all the testing. 106