summaryrefslogtreecommitdiffstats
path: root/kernel/Documentation/hw_random.txt
diff options
context:
space:
mode:
Diffstat (limited to 'kernel/Documentation/hw_random.txt')
-rw-r--r--kernel/Documentation/hw_random.txt90
1 files changed, 90 insertions, 0 deletions
diff --git a/kernel/Documentation/hw_random.txt b/kernel/Documentation/hw_random.txt
new file mode 100644
index 000000000..026e237bb
--- /dev/null
+++ b/kernel/Documentation/hw_random.txt
@@ -0,0 +1,90 @@
+Introduction:
+
+ The hw_random framework is software that makes use of a
+ special hardware feature on your CPU or motherboard,
+ a Random Number Generator (RNG). The software has two parts:
+ a core providing the /dev/hw_random character device and its
+ sysfs support, plus a hardware-specific driver that plugs
+ into that core.
+
+ To make the most effective use of these mechanisms, you
+ should download the support software as well. Download the
+ latest version of the "rng-tools" package from the
+ hw_random driver's official Web site:
+
+ http://sourceforge.net/projects/gkernel/
+
+ Those tools use /dev/hw_random to fill the kernel entropy pool,
+ which is used internally and exported by the /dev/urandom and
+ /dev/random special files.
+
+Theory of operation:
+
+ CHARACTER DEVICE. Using the standard open()
+ and read() system calls, you can read random data from
+ the hardware RNG device. This data is NOT CHECKED by any
+ fitness tests, and could potentially be bogus (if the
+ hardware is faulty or has been tampered with). Data is only
+ output if the hardware "has-data" flag is set, but nevertheless
+ a security-conscious person would run fitness tests on the
+ data before assuming it is truly random.
+
+ The rng-tools package uses such tests in "rngd", and lets you
+ run them by hand with a "rngtest" utility.
+
+ /dev/hw_random is char device major 10, minor 183.
+
+ CLASS DEVICE. There is a /sys/class/misc/hw_random node with
+ two unique attributes, "rng_available" and "rng_current". The
+ "rng_available" attribute lists the hardware-specific drivers
+ available, while "rng_current" lists the one which is currently
+ connected to /dev/hw_random. If your system has more than one
+ RNG available, you may change the one used by writing a name from
+ the list in "rng_available" into "rng_current".
+
+==========================================================================
+
+ Hardware driver for Intel/AMD/VIA Random Number Generators (RNG)
+ Copyright 2000,2001 Jeff Garzik <jgarzik@pobox.com>
+ Copyright 2000,2001 Philipp Rumpf <prumpf@mandrakesoft.com>
+
+
+About the Intel RNG hardware, from the firmware hub datasheet:
+
+ The Firmware Hub integrates a Random Number Generator (RNG)
+ using thermal noise generated from inherently random quantum
+ mechanical properties of silicon. When not generating new random
+ bits the RNG circuitry will enter a low power state. Intel will
+ provide a binary software driver to give third party software
+ access to our RNG for use as a security feature. At this time,
+ the RNG is only to be used with a system in an OS-present state.
+
+Intel RNG Driver notes:
+
+ * FIXME: support poll(2)
+
+ NOTE: request_mem_region was removed, for three reasons:
+ 1) Only one RNG is supported by this driver, 2) The location
+ used by the RNG is a fixed location in MMIO-addressable memory,
+ 3) users with properly working BIOS e820 handling will always
+ have the region in which the RNG is located reserved, so
+ request_mem_region calls always fail for proper setups.
+ However, for people who use mem=XX, BIOS e820 information is
+ -not- in /proc/iomem, and request_mem_region(RNG_ADDR) can
+ succeed.
+
+Driver details:
+
+ Based on:
+ Intel 82802AB/82802AC Firmware Hub (FWH) Datasheet
+ May 1999 Order Number: 290658-002 R
+
+ Intel 82802 Firmware Hub: Random Number Generator
+ Programmer's Reference Manual
+ December 1999 Order Number: 298029-001 R
+
+ Intel 82802 Firmware HUB Random Number Generator Driver
+ Copyright (c) 2000 Matt Sottek <msottek@quiknet.com>
+
+ Special thanks to Matt Sottek. I did the "guts", he
+ did the "brains" and all the testing.