From 7711f25852c8372ade16accfca50115af64e1951 Mon Sep 17 00:00:00 2001 From: FreeArtMan Date: Fri, 23 Sep 2016 00:09:35 +0100 Subject: Kernel /dev/hwrng driver: added new note --- md/writeup.md | 1 + md/writeup/kernel_dev_hwrng.md | 287 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 288 insertions(+) create mode 100644 md/writeup/kernel_dev_hwrng.md (limited to 'md') diff --git a/md/writeup.md b/md/writeup.md index 038d2f4..3c7ad39 100644 --- a/md/writeup.md +++ b/md/writeup.md @@ -14,6 +14,7 @@ [Compile Linux Kernel](writeup/compile_linux_kernel.md) [Kernel:Hello World](writeup/kernel_hello_world.md) [Kernel:Debug messages](writeup/kernel_debug_messages.md) +[Kernel:/dev/hwrng](writeup/kernel_dev_hwrng.md) ## Projects diff --git a/md/writeup/kernel_dev_hwrng.md b/md/writeup/kernel_dev_hwrng.md new file mode 100644 index 0000000..9812d0f --- /dev/null +++ b/md/writeup/kernel_dev_hwrng.md @@ -0,0 +1,287 @@ +# /dev/hwrng + +## Intro + +/* Could be not random at all */ + +## Switching hardware rng + +Hardware random generator have own entry inside sysfs lets check +_/sys/class/misc/hw_random/ + +``` +$ls /sys/class/misc/hw_random/ +dev power rng_available rng_current subsystem uevent +``` +Check avaliable hwrng modules + +``` +$cat /sys/class/misc/hw_random/rng_available +zero-rng +``` + +Check currently running hwrng module + +``` +$cat /sys/class/misc/hw_random/rng_current +zero-rng +``` + +## Testing /dev/hwrng + +/* Say basic usage of rng-tools */ +There couple of ways how you can test if data is "random" enought. There +is standarts like FIPS 140-2 with have criterias to check if data source is +pseudo-random. And there is couple of implementations of it. You can get +tool like rng-tools and test data. Lets imagine that you have installed it +allready in your favorite way. + +_Output every 5 seconds pseudo random tests results_ +```sh +$cat /dev/urandom | rngtest -t 5 +``` + +_Program output_ +``` +rngtest: starting FIPS tests... +rngtest: bits received from input: 462500032 +rngtest: FIPS 140-2 successes: 23108 +rngtest: FIPS 140-2 failures: 17 +rngtest: FIPS 140-2(2001-10-10) Monobit: 1 +rngtest: FIPS 140-2(2001-10-10) Poker: 2 +rngtest: FIPS 140-2(2001-10-10) Runs: 8 +rngtest: FIPS 140-2(2001-10-10) Long run: 6 +rngtest: FIPS 140-2(2001-10-10) Continuous run: 0 +rngtest: input channel speed: (min=2.166; avg=216.912; max=19073.486)Mibits/s +rngtest: FIPS tests speed: (min=56.598; avg=148.791; max=178.257)Mibits/s +rngtest: Program run time: 5016745 microseconds +``` + +## Example driver + +Create files _Makefile_ and _zero_hwrng.c_ and copy code. + +__Makefile__ +```Makefile +obj-m += zero_hwrng.o + +all: + make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules + +clean: + make -C /lib/modules/$(shell uname -r)/build M=$(PWD) clean + +load: + insmod zero_hwrng.ko +unload: + rmmod zero_hwrng +``` + +__zero_hwrng.c__ +```c +#include +#include +#include +#include +#include +#include +#include + +#define PRINTK printk +#define PRN(format, args ... ) PRINTK("DBG FUN:%s LINE:%d " format,__FUNCTION__,__LINE__, ##args); +#define PNL() PRINTK("%s:%d\n",__FUNCTION__,__LINE__); + +static int zero_rng_read(struct hwrng *rng, void *data, size_t max, bool wait) +{ + int i; + u8 *buf; + + PNL(); + + buf = data; + + for (i=0;i /sys/class/misc/hw_random/rng_current +``` + +check if its current module used + +``` +$ cat /sys/class/misc/hw_random/rng_current +intel-rng +``` + +Well everything looks fine and test are passsed if you goint to try test it +with rng-tools. + +## Links + +1. [Documentation/hw_random.txt](https://www.kernel.org/doc/Documentation/hw_random.txt) +2. [295_linux_really_using_hardware_random_number_generators.html](http://blog.coldtobi.de/1_coldtobis_blog/archive/295_linux_really_using_hardware_random_number_generators.html) +3. [rng-tools](https://www.archlinux.org/packages/community/x86_64/rng-tools/) +4. [include/linux/hw_random.h](https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/include/linux/hw_random.h?id=refs/tags/v4.7.4) +5. [/writeup/gcc_inline_assembly.md#toc-12](/writeup/gcc_inline_assembly.md#toc-12) -- cgit v1.2.3