Hi Ahmad, > -----Original Message----- > From: Ahmad Fatoum <a.fat...@pengutronix.de> > Sent: Tuesday, April 9, 2024 10:58 PM > To: Kshitiz Varshney <kshitiz.varsh...@nxp.com>; David Gstir > <da...@sigma-star.at>; Mimi Zohar <zo...@linux.ibm.com>; James > Bottomley <j...@linux.ibm.com>; Jarkko Sakkinen <jar...@kernel.org>; > Herbert Xu <herb...@gondor.apana.org.au>; David S. Miller > <da...@davemloft.net> > Cc: linux-...@vger.kernel.org; Gaurav Jain <gaurav.j...@nxp.com>; Catalin > Marinas <catalin.mari...@arm.com>; David Howells > <dhowe...@redhat.com>; keyri...@vger.kernel.org; Fabio Estevam > <feste...@gmail.com>; Paul Moore <p...@paul-moore.com>; Jonathan > Corbet <cor...@lwn.net>; Richard Weinberger <rich...@nod.at>; Rafael J. > Wysocki <rafael.j.wyso...@intel.com>; James Morris <jmor...@namei.org>; > dl-linux-imx <linux-...@nxp.com>; Serge E. Hallyn <se...@hallyn.com>; > Paul E. McKenney <paul...@kernel.org>; Sascha Hauer > <s.ha...@pengutronix.de>; Pankaj Gupta <pankaj.gu...@nxp.com>; sigma > star Kernel Team <upstream+...@sigma-star.at>; Steven Rostedt (Google) > <rost...@goodmis.org>; David Oberhollenzer <david.oberhollenzer@sigma- > star.at>; linux-arm-ker...@lists.infradead.org; linuxppc-...@lists.ozlabs.org; > Randy Dunlap <rdun...@infradead.org>; linux-ker...@vger.kernel.org; Li > Yang <leoyang...@nxp.com>; linux-security-mod...@vger.kernel.org; linux- > cry...@vger.kernel.org; Pengutronix Kernel Team <ker...@pengutronix.de>; > Tejun Heo <t...@kernel.org>; linux-integr...@vger.kernel.org; Shawn Guo > <shawn...@kernel.org>; Varun Sethi <v.se...@nxp.com> > Subject: Re: [EXT] [PATCH v8 3/6] KEYS: trusted: Introduce NXP DCP-backed > trusted keys > > Caution: This is an external email. Please take care when clicking links or > opening attachments. When in doubt, report the message using the 'Report > this email' button > > > Hello Kshitiz, > > On 09.04.24 12:54, Kshitiz Varshney wrote: > > Hi David, > >> + b->fmt_version = DCP_BLOB_VERSION; > >> + get_random_bytes(b->nonce, AES_KEYSIZE_128); > >> + get_random_bytes(b->blob_key, AES_KEYSIZE_128); > > > > We can use HWRNG instead of using kernel RNG. Please refer > > drivers/char/hw_random/imx-rngc.c > > imx-rngc can be enabled and used to seed the kernel entropy pool. Adding > direct calls into imx-rngc here only introduces duplicated code at no extra > benefit. > > Cheers, > Ahmad > > -- > Pengutronix e.K. | | > Steuerwalder Str. 21 | > https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww. > pengutronix.de%2F&data=05%7C02%7Ckshitiz.varshney%40nxp.com%7Ce9 > 97f259d34548ad1a9808dc58ba63a8%7C686ea1d3bc2b4c6fa92cd99c5c30 > 1635%7C0%7C0%7C638482804763047266%7CUnknown%7CTWFpbGZsb3 > d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0 > %3D%7C0%7C%7C%7C&sdata=UZgE9MXqAqCwqVnWty67YLh8QnIwpuq%2 > F7%2BQeDLQhF8I%3D&reserved=0 | > 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | > Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
Understood. Regards, Kshitiz
