random: add new get_random_bytes_arch() function

commit c2557a303ab6712bb6e09447df828c557c710ac9 upstream. Create a new function, get_random_bytes_arch() which will use the architecture-specific hardware random number generator if it is present. Change get_random_bytes() to not use the HW RNG, even if it is avaiable. The reason for this is that the hw random number generator is fast (if it is present), but it requires that we trust the hardware manufacturer to have not put in a back door. (For example, an increasing counter encrypted by an AES key known to the NSA.) It's unlikely that Intel (for example) was paid off by the US Government to do this, but it's impossible for them to prove otherwise
author: Theodore Ts'o <tytso@mit.edu> 2012-07-05 10:35:23 -0400
committer: Ben Hutchings <ben@decadent.org.uk> 2012-08-10 00:24:46 +0100
commit: 7f5d5266f8a1f7f54707c15e028f220d329726f4 (patch)
tree: c171b6c421218935a60b0357862df84186432f37 /include
parent: 060bc1d0cb527cf8b77f049ff6a595ddb68a41c8 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/random.h b/include/linux/random.h
index e14b4387354a..29e217a7e6d0 100644
--- a/include/linux/random.h
+++ b/include/linux/random.h
@@ -56,6 +56,7 @@ extern void add_input_randomness(unsigned int type, unsigned int code,
 extern void add_interrupt_randomness(int irq, int irq_flags);
 
 extern void get_random_bytes(void *buf, int nbytes);
+extern void get_random_bytes_arch(void *buf, int nbytes);
 void generate_random_uuid(unsigned char uuid_out[16]);
 
 #ifndef MODULE
author	Theodore Ts'o <tytso@mit.edu>	2012-07-05 10:35:23 -0400
committer	Ben Hutchings <ben@decadent.org.uk>	2012-08-10 00:24:46 +0100
commit	7f5d5266f8a1f7f54707c15e028f220d329726f4 (patch)
tree	c171b6c421218935a60b0357862df84186432f37 /include
parent	060bc1d0cb527cf8b77f049ff6a595ddb68a41c8 (diff)