Re: [RFC] crypto: exynos - Icrease the priority of the driver

From: Stephan Mueller
Date: Tue Dec 05 2017 - 08:48:46 EST

Next message: Krzysztof Kozlowski: "Re: [PATCH 2/3] crypto: exynos - Improve performance of PRNG"
Previous message: Ding Tianhong: "[PATCH] fs/sync: fix the signed integer overflow warning"
In reply to: Åukasz Stelmach: "[RFC] crypto: exynos - Icrease the priority of the driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am Dienstag, 5. Dezember 2017, 13:42:14 CET schrieb Åukasz Stelmach:

Hi Åukasz,

> exynos-rng is one of many implementations of stdrng. With priority as
> low as 100 it isn't selected, if software implementations (DRBG) are
> available.

What about using 300? The reason is the following: in the normal case, the
software PRNGs have 100 (X9.31) and 200 (SP800-90A DRBG). Thus, in normal
case, the hardware takes precedence.

In FIPS mode, the DRBG prio is increased by 200. As in FIPS mode you must have
a DRBG and assuming that the hardware does not implement a DRBG, the software
DRBG should be used as otherwise you have a FIPS-problem.

Ciao
Stephan

Next message: Krzysztof Kozlowski: "Re: [PATCH 2/3] crypto: exynos - Improve performance of PRNG"
Previous message: Ding Tianhong: "[PATCH] fs/sync: fix the signed integer overflow warning"
In reply to: Åukasz Stelmach: "[RFC] crypto: exynos - Icrease the priority of the driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]