[PATCH] eal: add support for TRNG with Arm RNG feature

[Stephen Hemminger]

On Thu, 25 Jul 2024 06:48:47 +0200
Mattias Rönnblom <hofors at lysator.liu.se> wrote:

> >>
> >> The above benchmark (rand_perf_autotest with rte_rand() implemented with
> >> getentropy()) was run on Linux 5.15 and glibc 2.35, so a regular system
> >> call was used.
> >>
> >> (getentropy() delegates to getrandom(), so the performance is the same.)  
> > 
> > I would trust the upstream kernel support for secure random more than
> > anything DPDK could develop. As soon as we get deeper into crypto it
> > opens up a whole new security domain and attack surface.
> >   
> 
> I much agree here.
> 
> What potentially would be useful is an EAL-level OS wrapper. So 
> getrandom() for UNIX-like OSes, and something else for Windows. In 
> addition, you could make larger getrandom() calls to shave off some 
> cycles on the average (at least for the non-vDSO case).
> 
> It seems to me we should defer the introduction of anything like that 
> until a) it's needed by a DPDK library, or b) someone on the application 
> side is asking for it.

Agreed. It doesn't make sense for DPDK to become a crypto library.
The community doesn't have the expertise and the infrastructure is missing
and there are several other projects that handle that OpenSSL etc.