prng: move old implementation to be weak default

The patch replaces the original entropy scheme using system time with
the new api plat_prng_add_jitter_entropy().

The old scheme aimed to get 64 bits of entropy from the current time
expressed in 64 bits in ms each time.  Most of this was in fact zeros or
unchanging for >256s.  If you call it twice with 1ms, it actually
provides 0 bits of entropy.

The replacement scheme aims to get 2 bits of entropy from the counter,
which typically operates faster than 1MHz, greater than a thousand times
more precision than the old way, each time.

For backwards compatibility, the old scheme is retained as the default
or arches or platforms that did not provide an override to collect
jitter in a better way.

Signed-off-by: Andy Green <andy@warmcat.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org>

1 files changed, 8 insertions, 2 deletions

diff --git a/core/tee/tee_cryp_utl.c b/core/tee/tee_cryp_utl.c
index 8f82a504..fa011619 100644
--- a/core/tee/tee_cryp_utl.c
+++ b/core/tee/tee_cryp_utl.c
@@ -31,6 +31,7 @@
 #include <utee_defines.h>
 #include <tee/tee_cryp_utl.h>
 #include <tee/tee_cryp_provider.h>
+#include <kernel/tee_time.h>
 #include <rng_support.h>
 #include <initcall.h>
 
@@ -379,11 +380,16 @@ TEE_Result tee_prng_add_entropy(const uint8_t *in, size_t len)
 }
 
 /*
- * override this in your platform code to feed the PRNG
- * platform-specific jitter entropy.
+ * Override this in your platform code to feed the PRNG platform-specific
+ * jitter entropy. This implementation does not efficiently deliver entropy
+ * and is here for backwards-compatibility.
  */
 __weak void plat_prng_add_jitter_entropy(void)
 {
+	TEE_Time current;
+
+	if (tee_time_get_sys_time(&current) == TEE_SUCCESS)
+		tee_prng_add_entropy((uint8_t *)&current, sizeof(current));
 }
 
 static TEE_Result tee_cryp_init(void)