[PATCH] crypto/rng: double the entropy delay interval for retry
Peng Fan
peng.fan at oss.nxp.com
Mon Sep 29 04:42:05 CEST 2025
On Fri, Sep 26, 2025 at 10:36:23AM +0000, Gaurav Jain wrote:
>
>
>> -----Original Message-----
>> From: Peng Fan (OSS) <peng.fan at oss.nxp.com>
>> Sent: Tuesday, September 23, 2025 2:43 PM
>> To: Gaurav Jain <gaurav.jain at nxp.com>
>> Cc: Horia Geanta <horia.geanta at nxp.com>; Pankaj Gupta
>> <pankaj.gupta at nxp.com>; Varun Sethi <V.Sethi at nxp.com>; Silvano Di Ninno
>> <silvano.dininno at nxp.com>; Meenakshi Aggarwal
>> <meenakshi.aggarwal at nxp.com>; Tom Rini <trini at konsulko.com>; Fabio
>> Estevam <festevam at gmail.com>; Peng Fan <peng.fan at nxp.com>; Simon Glass
>> <sjg at chromium.org>; Baehring, Olaf <olaf.baehring at draeger.com>; Heinrich
>> Schuchardt <xypron.glpk at gmx.de>; u-boot at lists.denx.de
>> Subject: Re: [PATCH] crypto/rng: double the entropy delay interval for retry
>>
>> Hi Gaurav,
>>
>> On Fri, Sep 05, 2025 at 03:03:48PM +0530, Gaurav Jain wrote:
>> >during entropy evaluation, if the generated samples fail any
>> >statistical test, then, all of the bits will be discarded, and a second
>> >set of samples will be generated and tested.
>> >
>> >the entropy delay interval should be doubled before performing retry.
>> >
>> >Signed-off-by: Gaurav Jain <gaurav.jain at nxp.com>
>> >---
>> > drivers/crypto/fsl/jr.c | 2 +-
>> > 1 file changed, 1 insertion(+), 1 deletion(-)
>> >
>> >diff --git a/drivers/crypto/fsl/jr.c b/drivers/crypto/fsl/jr.c index
>> >8f7a821ebf3..07d336c074a 100644
>> >--- a/drivers/crypto/fsl/jr.c
>> >+++ b/drivers/crypto/fsl/jr.c
>> >@@ -642,7 +642,7 @@ static int rng_init(uint8_t sec_idx, ccsr_sec_t *sec)
>> > */
>> > if (!inst_handles) {
>> > kick_trng(ent_delay, sec);
>> >- ent_delay += 400;
>> >+ ent_delay = ent_delay * 2;
>>
>> I not get the point on why need to double, would you please update the commit
>> why not 500, 800 or else. What make ent_delay * 2 the best choice?
>
>The typical reason a re-try is required when the entropy delay value is set too low.
>Therefore, when the re-try is attempted the entropy delay is doubled, thus giving twice as long to generate each bit of entropy.
>This is done to prevent having too many failures.
ok. I would say "double the ent_delay to give more chance to pass", I will
update the commit, no need resend.
Thanks,
Peng
>
>Regards
>Gaurav Jain
>>
>> Thanks,
>> Peng
>>
>> > }
>> > /*
>> > * if instantiate_rng(...) fails, the loop will rerun
>> >--
>> >2.25.1
>> >
More information about the U-Boot
mailing list