Jitter entropy RNG disable on non-x86?
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	jukivili
	Jun 3 2020, 10:18 PM

Description

Jitter entropy RNG appears to be disabled on all non-x86 architectures. Is this intentional?

In configure.ac, we have:

# Reset non applicable feature flags.
if test "$mpi_cpu_arch" != "x86" ; then
  ....
  jentsupport="n/a"
  ....
fi

Details

Version: master

Revisions and Commits

rC libgcrypt
	rC01b441308838 random/jitterentropy: fix USE_JENT == JENT_USES_GETTIME code path
	rC886120f33bd3 Enable jitter entropy also on non-x86 architectures
	rC4ed9b9494854 random/jitterentropy: fix USE_JENT == JENT_USES_GETTIME code path

Related Objects

Mentioned In: T4294: Release Libgcrypt 1.9.0
T5113: Release Libgcrypt 1.8.7

Event Timeline

jukivili created this task.Jun 3 2020, 10:18 PM

AFAIK, Stephan evaluated it only for x86, let me ask him ...

Please see [1] appendix F - I tested it more or less on all major CPUs, small
and large, old and new:

Intel / AMD x86

MIPS

POWER

SPARC

IBM Z Systems Mainframe

Itanium

[1] https://chronox.de/jent/doc/CPU-Jitter-NPTRNG.pdf

Thanks for the info. So I guess me added that restrictions to be on the safe side regarding the VS-Nfd evaluation. For 1.9 we can and should lift that.

Ok. This was just something that I noticed while going through configure.ac. Should I make patch for this or do you want to?

Yes please.

jukivili added a commit: rC4ed9b9494854: random/jitterentropy: fix USE_JENT == JENT_USES_GETTIME code path.Aug 3 2020, 10:23 PM

jukivili added a commit: rC886120f33bd3: Enable jitter entropy also on non-x86 architectures.