Thanks Daniel. On 1/7/20 4:58 PM, Daniel Schwierzeck wrote: > On Tue, Jan 7, 2020 at 3:30 PM Mauro Condarelli <mc5...@mclink.it> wrote: > ... >> I also have problems with entropy pool in Linux, do you happen to know >> if (and how) MT7628 supports HWRNG? > what problems exactly? Currently it takes a LOT of time to fill-up the entropy pool (over half an hour) and on first startup, when it has to generate ssh keys and other stuff system is virtually dead for that long. > > On a embedded device you usually can only add randomness from > interrupts sources to the entropy pool > due to lack of disk or input devices. On a router the most interrupts > are typically generated by drivers > for ethernet and SPI/NAND/MMC controllers. You could use user-space > daemons like haveged [1] > to add more randomness from hardware events. I tried that and it helps. I also found *traces* pointing in the direction of hardware support for RNG in my SoC; I have ca opy of the (badly incomplete) "MT7628 PROGRAMMING GUIDE" and it reports in "PWM1 Control register" an "interesting" field: RESV1 Select Random Generator mode. This males a lot of sense because this SoC is meant to implement Wireless routers, so crypto and random acceleration would be very useful. Unfortunately I don't have more precise information, hence the question.
> Also have a look at the documentation in Linux's drivers/char/random.c > for more information, especially > the paragraph "Ensuring unpredictability at system startup". > > PS: In my day job (embedded router devices) I use a hash like SHA256 > over the U-Boot MTD partition > where also some device specific information like MAC addresses and > serial numbers are stored to generate > the initial seed for the entropy pool on first boot. Afterwards I > manage the random seed over reboots as > described in drivers/char/random.c. > > [1] https://linux.die.net/man/8/haveged >
