Thanks Daniel.
On 1/7/20 4:58 PM, Daniel Schwierzeck wrote:
On Tue, Jan 7, 2020 at 3:30 PM Mauro Condarelli mc5686@mclink.it wrote: ...
I also have problems with entropy pool in Linux, do you happen to know if (and how) MT7628 supports HWRNG?
what problems exactly?
Currently it takes a LOT of time to fill-up the entropy pool (over half an hour) and on first startup, when it has to generate ssh keys and other stuff system is virtually dead for that long.
On a embedded device you usually can only add randomness from interrupts sources to the entropy pool due to lack of disk or input devices. On a router the most interrupts are typically generated by drivers for ethernet and SPI/NAND/MMC controllers. You could use user-space daemons like haveged [1] to add more randomness from hardware events.
I tried that and it helps. I also found *traces* pointing in the direction of hardware support for RNG in my SoC; I have ca opy of the (badly incomplete) "MT7628 PROGRAMMING GUIDE" and it reports in "PWM1 Control register" an "interesting" field: RESV1 Select Random Generator mode. This males a lot of sense because this SoC is meant to implement Wireless routers, so crypto and random acceleration would be very useful. Unfortunately I don't have more precise information, hence the question.
Also have a look at the documentation in Linux's drivers/char/random.c for more information, especially the paragraph "Ensuring unpredictability at system startup".
PS: In my day job (embedded router devices) I use a hash like SHA256 over the U-Boot MTD partition where also some device specific information like MAC addresses and serial numbers are stored to generate the initial seed for the entropy pool on first boot. Afterwards I manage the random seed over reboots as described in drivers/char/random.c.