Gilles Peskine fd0e168fab Extend PSA RNG fork protection to NV-seed-only configurations ...

In builds with only a nonvolatile seed but no actual entropy source, the
naive protection against fork() by reseeding in the child doesn't work:
every child forked from the same RNG state gets the same RNG state. To make
the child's RNG state unique in that case, use a public but unique
personalization string.

The personalization string includes the time. Use `mbedtls_ms_time()` if
available. Fall back to the classic (but obsolescent) `gettimeofday()`
otherwise.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

2026-03-16 17:50:06 +01:00

6.5 KiB

Raw Permalink Blame History

View Raw