Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/arch/arm/rockchip rkv1crypto(4): Fix units in RNG repeat...



details:   https://anonhg.NetBSD.org/src/rev/bca6ace8648b
branches:  trunk
changeset: 366068:bca6ace8648b
user:      riastradh <riastradh%NetBSD.org@localhost>
date:      Fri May 13 09:49:44 2022 +0000

description:
rkv1crypto(4): Fix units in RNG repeated-output health test.

This code was intended to check whether the two 4-word halves of an
8-word, 32-byte, 256-bit sample were repeated.

Instead, it accidentally checked whether the first 4 _bytes_ of the
two halves were repeated.

The effect was a false alarm rate of 1/2^32, instead of a false alarm
rate of 1/2^128, with no change on the true alarm rate in the event
of an RNG wedged producing all-zero or all-one bits.  1/2^128 is an
acceptable false alarm rate; 1/2^32, not so much.

(The false alarm right might be higher if the samples are not
perfectly uniformly distributed, which they most likey aren't,
although the documentation doesn't give any details other than
suggesting it's a ring oscillator under the hood, which provides
entropy from jitter induced by thermal noise.  This driver records
half a bit of entropy per bit of sample to be reasonably
conservative.)

diffstat:

 sys/arch/arm/rockchip/rk_v1crypto.c |  6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diffs (27 lines):

diff -r 5c9d048ff42d -r bca6ace8648b sys/arch/arm/rockchip/rk_v1crypto.c
--- a/sys/arch/arm/rockchip/rk_v1crypto.c       Fri May 13 09:40:25 2022 +0000
+++ b/sys/arch/arm/rockchip/rk_v1crypto.c       Fri May 13 09:49:44 2022 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: rk_v1crypto.c,v 1.9 2022/04/08 23:14:21 riastradh Exp $        */
+/*     $NetBSD: rk_v1crypto.c,v 1.10 2022/05/13 09:49:44 riastradh Exp $       */
 
 /*-
  * Copyright (c) 2020 The NetBSD Foundation, Inc.
@@ -36,7 +36,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(1, "$NetBSD: rk_v1crypto.c,v 1.9 2022/04/08 23:14:21 riastradh Exp $");
+__KERNEL_RCSID(1, "$NetBSD: rk_v1crypto.c,v 1.10 2022/05/13 09:49:44 riastradh Exp $");
 
 #include <sys/types.h>
 
@@ -268,7 +268,7 @@
                        device_printf(self, "timed out\n");
                        break;
                }
-               if (consttime_memequal(buf, buf + n/2, n/2)) {
+               if (consttime_memequal(buf, buf + n/2, sizeof(buf[0]) * n/2)) {
                        device_printf(self, "failed repeated output test\n");
                        break;
                }



Home | Main Index | Thread Index | Old Index