Re: [EXT] [PATCH v8 3/6] KEYS: trusted: Introduce NXP DCP-backed trusted keys

From: Ahmad Fatoum
Date: Tue Apr 09 2024 - 13:28:41 EST

Next message: Greg Kroah-Hartman: "[PATCH 5.15 000/696] 5.15.154-rc2 review"
Previous message: Shuah Khan: "Re: [PATCH v4 RESEND 0/7] Handle faults in KUnit tests"
In reply to: Kshitiz Varshney: "RE: [EXT] [PATCH v8 3/6] KEYS: trusted: Introduce NXP DCP-backed trusted keys"
Next in thread: Kshitiz Varshney: "RE: [EXT] [PATCH v8 3/6] KEYS: trusted: Introduce NXP DCP-backed trusted keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello Kshitiz,

On 09.04.24 12:54, Kshitiz Varshney wrote:
> Hi David,
>> + b->fmt_version = DCP_BLOB_VERSION;
>> + get_random_bytes(b->nonce, AES_KEYSIZE_128);
>> + get_random_bytes(b->blob_key, AES_KEYSIZE_128);
>
> We can use HWRNG instead of using kernel RNG. Please refer drivers/char/hw_random/imx-rngc.c

imx-rngc can be enabled and used to seed the kernel entropy pool. Adding
direct calls into imx-rngc here only introduces duplicated code at no extra
benefit.

Cheers,
Ahmad

--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |

Next message: Greg Kroah-Hartman: "[PATCH 5.15 000/696] 5.15.154-rc2 review"
Previous message: Shuah Khan: "Re: [PATCH v4 RESEND 0/7] Handle faults in KUnit tests"
In reply to: Kshitiz Varshney: "RE: [EXT] [PATCH v8 3/6] KEYS: trusted: Introduce NXP DCP-backed trusted keys"
Next in thread: Kshitiz Varshney: "RE: [EXT] [PATCH v8 3/6] KEYS: trusted: Introduce NXP DCP-backed trusted keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]