Commit | Line | Data |
---|---|---|
440e4f6d MCC |
1 | ========================================================== |
2 | Linux support for random number generator in i8xx chipsets | |
3 | ========================================================== | |
4 | ||
5 | Introduction | |
6 | ============ | |
7 | ||
8 | The hw_random framework is software that makes use of a | |
9 | special hardware feature on your CPU or motherboard, | |
10 | a Random Number Generator (RNG). The software has two parts: | |
11 | a core providing the /dev/hwrng character device and its | |
12 | sysfs support, plus a hardware-specific driver that plugs | |
13 | into that core. | |
14 | ||
15 | To make the most effective use of these mechanisms, you | |
16 | should download the support software as well. Download the | |
17 | latest version of the "rng-tools" package from the | |
18 | hw_random driver's official Web site: | |
19 | ||
20 | http://sourceforge.net/projects/gkernel/ | |
21 | ||
22 | Those tools use /dev/hwrng to fill the kernel entropy pool, | |
23 | which is used internally and exported by the /dev/urandom and | |
24 | /dev/random special files. | |
25 | ||
26 | Theory of operation | |
27 | =================== | |
28 | ||
29 | CHARACTER DEVICE. Using the standard open() | |
30 | and read() system calls, you can read random data from | |
31 | the hardware RNG device. This data is NOT CHECKED by any | |
32 | fitness tests, and could potentially be bogus (if the | |
33 | hardware is faulty or has been tampered with). Data is only | |
34 | output if the hardware "has-data" flag is set, but nevertheless | |
35 | a security-conscious person would run fitness tests on the | |
36 | data before assuming it is truly random. | |
37 | ||
38 | The rng-tools package uses such tests in "rngd", and lets you | |
39 | run them by hand with a "rngtest" utility. | |
40 | ||
41 | /dev/hwrng is char device major 10, minor 183. | |
42 | ||
43 | CLASS DEVICE. There is a /sys/class/misc/hw_random node with | |
44 | two unique attributes, "rng_available" and "rng_current". The | |
45 | "rng_available" attribute lists the hardware-specific drivers | |
46 | available, while "rng_current" lists the one which is currently | |
47 | connected to /dev/hwrng. If your system has more than one | |
48 | RNG available, you may change the one used by writing a name from | |
49 | the list in "rng_available" into "rng_current". | |
537878d2 DB |
50 | |
51 | ========================================================================== | |
52 | ||
537878d2 | 53 | |
440e4f6d MCC |
54 | Hardware driver for Intel/AMD/VIA Random Number Generators (RNG) |
55 | - Copyright 2000,2001 Jeff Garzik <jgarzik@pobox.com> | |
56 | - Copyright 2000,2001 Philipp Rumpf <prumpf@mandrakesoft.com> | |
537878d2 | 57 | |
537878d2 | 58 | |
440e4f6d MCC |
59 | About the Intel RNG hardware, from the firmware hub datasheet |
60 | ============================================================= | |
1da177e4 | 61 | |
440e4f6d MCC |
62 | The Firmware Hub integrates a Random Number Generator (RNG) |
63 | using thermal noise generated from inherently random quantum | |
64 | mechanical properties of silicon. When not generating new random | |
65 | bits the RNG circuitry will enter a low power state. Intel will | |
66 | provide a binary software driver to give third party software | |
67 | access to our RNG for use as a security feature. At this time, | |
68 | the RNG is only to be used with a system in an OS-present state. | |
1da177e4 | 69 | |
440e4f6d MCC |
70 | Intel RNG Driver notes |
71 | ====================== | |
1da177e4 | 72 | |
440e4f6d MCC |
73 | FIXME: support poll(2) |
74 | ||
75 | .. note:: | |
76 | ||
77 | request_mem_region was removed, for three reasons: | |
78 | ||
79 | 1) Only one RNG is supported by this driver; | |
80 | 2) The location used by the RNG is a fixed location in | |
81 | MMIO-addressable memory; | |
1da177e4 | 82 | 3) users with properly working BIOS e820 handling will always |
440e4f6d MCC |
83 | have the region in which the RNG is located reserved, so |
84 | request_mem_region calls always fail for proper setups. | |
85 | However, for people who use mem=XX, BIOS e820 information is | |
86 | **not** in /proc/iomem, and request_mem_region(RNG_ADDR) can | |
87 | succeed. | |
1da177e4 | 88 | |
440e4f6d MCC |
89 | Driver details |
90 | ============== | |
1da177e4 | 91 | |
440e4f6d | 92 | Based on: |
1da177e4 | 93 | Intel 82802AB/82802AC Firmware Hub (FWH) Datasheet |
440e4f6d | 94 | May 1999 Order Number: 290658-002 R |
1da177e4 | 95 | |
440e4f6d MCC |
96 | Intel 82802 Firmware Hub: |
97 | Random Number Generator | |
1da177e4 | 98 | Programmer's Reference Manual |
440e4f6d | 99 | December 1999 Order Number: 298029-001 R |
1da177e4 | 100 | |
440e4f6d | 101 | Intel 82802 Firmware HUB Random Number Generator Driver |
1da177e4 LT |
102 | Copyright (c) 2000 Matt Sottek <msottek@quiknet.com> |
103 | ||
440e4f6d MCC |
104 | Special thanks to Matt Sottek. I did the "guts", he |
105 | did the "brains" and all the testing. |