From 9cf5a6f08932cf497aaca17122a5477883297a0b Mon Sep 17 00:00:00 2001
From: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
Date: Wed, 17 Jul 2024 11:34:05 +0200
Subject: [PATCH] add intel documentation link explaining why trying 10x for
 RDRAND is fine

---
 mbedtls/src/rng/rdrand.rs | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/mbedtls/src/rng/rdrand.rs b/mbedtls/src/rng/rdrand.rs
index 0b7270b17..1e2092946 100644
--- a/mbedtls/src/rng/rdrand.rs
+++ b/mbedtls/src/rng/rdrand.rs
@@ -18,6 +18,8 @@ use core::arch::x86_64::{_rdrand64_step as _rdrand_step, _rdseed64_step as _rdse
 
 // Intel documentation claims that if hardware is working RDRAND will produce
 // output after at most 10 attempts
+// https://www.intel.com/content/www/us/en/developer/articles/guide/intel-digital-random-number-generator-drng-software-implementation-guide.html
+// section 5.2.1
 const RDRAND_READ_ATTEMPTS: usize = 10;
 
 // Intel does not document the number of times RDSEED might consecutively fail,