With the z14 machine there came also a CPACF hardware extension
which provides a True Random Number Generator. This TRNG can
be accessed with a new subfunction code within the CPACF prno
instruction and provides random data with very high entropy.
So if there is a TRNG available, let's use it for initial seeding
and reseeding instead of the current implementation which tries
to generate entropy based on stckf (store clock fast) jitters.
For details about the amount of data needed and pulled for
seeding and reseeding there can be explaining comments in the
code found.
Signed-off-by: Harald Freudenberger <email address hidden>
Signed-off-by: Martin Schwidefsky <email address hidden>
$ rmadison --arch=s390x linux-generic | grep eoan-proposed 61c59de3559375e c7e961a424
linux-generic | 5.2.0.8.9 | eoan-proposed | s390x
$ git tag --contains 769f020b6c
Ubuntu-5.2.0-8.9
v5.2
$ git show 769f020b6c
commit 769f020b6c9283d
Author: Harald Freudenberger <email address hidden>
Date: Tue Apr 16 13:41:26 2019 +0200
s390/crypto: use TRNG for seeding/reseeding
With the z14 machine there came also a CPACF hardware extension
which provides a True Random Number Generator. This TRNG can
be accessed with a new subfunction code within the CPACF prno
instruction and provides random data with very high entropy.
So if there is a TRNG available, let's use it for initial seeding
and reseeding instead of the current implementation which tries
to generate entropy based on stckf (store clock fast) jitters.
For details about the amount of data needed and pulled for
seeding and reseeding there can be explaining comments in the
code found.
Signed-off-by: Harald Freudenberger <email address hidden>
Signed-off-by: Martin Schwidefsky <email address hidden>
With that changing status to Fix Committed.