Access to AGX TRNG from user space

I found https://docs.nvidia.com/drive/drive_os_5.1.6.1L/nvvib_docs/index.html#page/DRIVE_OS_Linux_SDK_Development_Guide/System%20Programming/sys_components_crypto_interface.html# but rng1_trng is not present in my kernel, despite setting CONFIG_CRYPTO_DEV_TEGRA_VIRTUAL_SE_INTERFACE=y .

Will the following command fetch randomness from the onboard TRNG, assuming the necessary kernel options are enabled:

kcapi-rng --name trng_elp-tegra --bytes 16 --hex

If this will not access the TRNG, what steps am I probably missing to enable rng1_trng ?

The doc you listed is for DRIVE AGX platform, it can’t be applied to Jetson AGX Xavier platform.

We have the secure boot package which contains tools and README for burning fuses, see
Jetson AGX Xavier Series Fuse Programming Application Note

Thank you but this is not related to burning fuses, it’s related to how to use the true random number generator.,

hello sarah.newman,

please download public release sources, for example, L4T Driver Package (BSP) Sources.
you may see the CA sample, hwkey-app.c, that can query random numbers from the TA;
the TA sample is rng_srv.c, it’s a service to provide a channel for the non-secure CA to get random numbers.

in addition,
you may also looking for tegra_se_rng1.h, it’s se_rng1_get_random() to get random bytes from the SE RNG1 module.
thanks

There is no way to access the TRNG via Linux only, despite there being a tegra RNG source that has “trng” in the name? The TEE is required?

hello sarah.newman,

may I know what’s the actual use-case, you should be able to get random bytes from the SE RNG1 module.

For security reasons we would like to mix in entropy from the TRNG to the entropy pool.

hello sarah.newman,

here’s documentation for your reference,
https://docs.nvidia.com/jetson/archives/l4t-multimedia-archived/l4t-multimedia-3271/group__random__number__group.html