Module Name: src
Committed By: tls
Date: Sat Feb 27 00:09:45 UTC 2016
Modified Files:
src/sys/arch/amd64/include: Makefile types.h
src/sys/arch/i386/include: Makefile types.h
src/sys/arch/x86/conf: files.x86
src/sys/arch/x86/include: Makefile
src/sys/kern: kern_rndq.c
Added Files:
src/sys/arch/amd64/include: cpu_rng.h
src/sys/arch/i386/include: cpu_rng.h
src/sys/arch/x86/include: cpu_rng.h
src/sys/arch/x86/x86: cpu_rng.c
Log Message:
Add cpu_rng, a framework for simple on-CPU random number generators.
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 src/sys/arch/amd64/include/Makefile
cvs rdiff -u -r0 -r1.1 src/sys/arch/amd64/include/cpu_rng.h
cvs rdiff -u -r1.50 -r1.51 src/sys/arch/amd64/include/types.h
cvs rdiff -u -r1.43 -r1.44 src/sys/arch/i386/include/Makefile
cvs rdiff -u -r0 -r1.1 src/sys/arch/i386/include/cpu_rng.h
cvs rdiff -u -r1.86 -r1.87 src/sys/arch/i386/include/types.h
cvs rdiff -u -r1.86 -r1.87 src/sys/arch/x86/conf/files.x86
cvs rdiff -u -r1.19 -r1.20 src/sys/arch/x86/include/Makefile
cvs rdiff -u -r0 -r1.1 src/sys/arch/x86/include/cpu_rng.h
cvs rdiff -u -r0 -r1.1 src/sys/arch/x86/x86/cpu_rng.c
cvs rdiff -u -r1.81 -r1.82 src/sys/kern/kern_rndq.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/amd64/include/Makefile
diff -u src/sys/arch/amd64/include/Makefile:1.18 src/sys/arch/amd64/include/Makefile:1.19
--- src/sys/arch/amd64/include/Makefile:1.18 Wed Jul 23 18:19:43 2014
+++ src/sys/arch/amd64/include/Makefile Sat Feb 27 00:09:44 2016
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.18 2014/07/23 18:19:43 alnsn Exp $
+# $NetBSD: Makefile,v 1.19 2016/02/27 00:09:44 tls Exp $
INCSDIR= /usr/include/amd64
INCS= ansi.h aout_machdep.h asm.h \
bootinfo.h bswap.h byte_swap.h \
- cdefs.h cpu.h \
+ cdefs.h cpu.h cpu_rng.h\
disklabel.h \
elf_machdep.h endian.h endian_machdep.h \
float.h fpu.h frame.h frame_regs.h \
Index: src/sys/arch/amd64/include/types.h
diff -u src/sys/arch/amd64/include/types.h:1.50 src/sys/arch/amd64/include/types.h:1.51
--- src/sys/arch/amd64/include/types.h:1.50 Sat Jan 23 22:31:19 2016
+++ src/sys/arch/amd64/include/types.h Sat Feb 27 00:09:45 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: types.h,v 1.50 2016/01/23 22:31:19 christos Exp $ */
+/* $NetBSD: types.h,v 1.51 2016/02/27 00:09:45 tls Exp $ */
/*-
* Copyright (c) 1990 The Regents of the University of California.
@@ -94,6 +94,7 @@ typedef unsigned char __cpu_simple_lock
#define __HAVE_TLS_VARIANT_II
#define __HAVE_COMMON___TLS_GET_ADDR
#define __HAVE_INTR_CONTROL
+#define __HAVE_CPU_RNG
#ifdef _KERNEL_OPT
#define __HAVE_RAS
Index: src/sys/arch/i386/include/Makefile
diff -u src/sys/arch/i386/include/Makefile:1.43 src/sys/arch/i386/include/Makefile:1.44
--- src/sys/arch/i386/include/Makefile:1.43 Wed Jul 23 18:19:44 2014
+++ src/sys/arch/i386/include/Makefile Sat Feb 27 00:09:45 2016
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.43 2014/07/23 18:19:44 alnsn Exp $
+# $NetBSD: Makefile,v 1.44 2016/02/27 00:09:45 tls Exp $
INCSDIR= /usr/include/i386
INCS= ansi.h aout_machdep.h apmvar.h asm.h \
bioscall.h bootinfo.h bswap.h byte_swap.h \
- cdefs.h cpu.h cputypes.h \
+ cdefs.h cpu.h cpu_rng.h cputypes.h \
disklabel.h \
elf_machdep.h endian.h endian_machdep.h \
fenv.h float.h frame.h freebsd_machdep.h \
Index: src/sys/arch/i386/include/types.h
diff -u src/sys/arch/i386/include/types.h:1.86 src/sys/arch/i386/include/types.h:1.87
--- src/sys/arch/i386/include/types.h:1.86 Sun Jan 24 18:21:50 2016
+++ src/sys/arch/i386/include/types.h Sat Feb 27 00:09:45 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: types.h,v 1.86 2016/01/24 18:21:50 christos Exp $ */
+/* $NetBSD: types.h,v 1.87 2016/02/27 00:09:45 tls Exp $ */
/*-
* Copyright (c) 1990 The Regents of the University of California.
@@ -112,6 +112,8 @@ typedef __register_t register_t;
#define __HAVE_SYSCALL_INTERN
#define __HAVE_MINIMAL_EMUL
#define __HAVE_OLD_DISKLABEL
+#define __HAVE_CPU_RNG
+
#if defined(_KERNEL)
/*
* Processors < i586 do not have cmpxchg8b, and we compile for i486
Index: src/sys/arch/x86/conf/files.x86
diff -u src/sys/arch/x86/conf/files.x86:1.86 src/sys/arch/x86/conf/files.x86:1.87
--- src/sys/arch/x86/conf/files.x86:1.86 Thu Jan 28 01:09:56 2016
+++ src/sys/arch/x86/conf/files.x86 Sat Feb 27 00:09:45 2016
@@ -1,4 +1,4 @@
-# $NetBSD: files.x86,v 1.86 2016/01/28 01:09:56 christos Exp $
+# $NetBSD: files.x86,v 1.87 2016/02/27 00:09:45 tls Exp $
# options for MP configuration through the MP spec
defflag opt_mpbios.h MPBIOS MPVERBOSE MPDEBUG MPBIOS_SCANPCI
@@ -27,6 +27,7 @@ define ipmibus {}
device cpu: cpufeaturebus
attach cpu at cpubus
file arch/x86/x86/cpu.c cpu
+file arch/x86/x86/cpu_rng.c cpu
device acpicpu: acpi
attach acpicpu at cpufeaturebus
Index: src/sys/arch/x86/include/Makefile
diff -u src/sys/arch/x86/include/Makefile:1.19 src/sys/arch/x86/include/Makefile:1.20
--- src/sys/arch/x86/include/Makefile:1.19 Tue Feb 11 20:17:16 2014
+++ src/sys/arch/x86/include/Makefile Sat Feb 27 00:09:45 2016
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.19 2014/02/11 20:17:16 dsl Exp $
+# $NetBSD: Makefile,v 1.20 2016/02/27 00:09:45 tls Exp $
INCSDIR=/usr/include/x86
@@ -7,6 +7,7 @@ INCS= aout_machdep.h \
cacheinfo.h \
cpu.h \
cpu_extended_state.h \
+ cpu_rng.h \
cpu_ucode.h \
cputypes.h \
cpuvar.h \
Index: src/sys/kern/kern_rndq.c
diff -u src/sys/kern/kern_rndq.c:1.81 src/sys/kern/kern_rndq.c:1.82
--- src/sys/kern/kern_rndq.c:1.81 Wed Feb 17 19:44:40 2016
+++ src/sys/kern/kern_rndq.c Sat Feb 27 00:09:45 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_rndq.c,v 1.81 2016/02/17 19:44:40 riastradh Exp $ */
+/* $NetBSD: kern_rndq.c,v 1.82 2016/02/27 00:09:45 tls Exp $ */
/*-
* Copyright (c) 1997-2013 The NetBSD Foundation, Inc.
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_rndq.c,v 1.81 2016/02/17 19:44:40 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_rndq.c,v 1.82 2016/02/27 00:09:45 tls Exp $");
#include <sys/param.h>
#include <sys/atomic.h>
@@ -59,6 +59,10 @@ __KERNEL_RCSID(0, "$NetBSD: kern_rndq.c,
#include <compat/sys/rnd.h>
#endif
+#if defined(__HAVE_CPU_RNG)
+#include <machine/cpu_rng.h>
+#endif
+
#if defined(__HAVE_CPU_COUNTER)
#include <machine/cpu_counter.h>
#endif
@@ -185,17 +189,6 @@ rnd_printf(const char *fmt, ...)
rnd_printing = 0;
}
-void
-rnd_init_softint(void)
-{
-
- rnd_process = softint_establish(SOFTINT_SERIAL|SOFTINT_MPSAFE,
- rnd_intr, NULL);
- rnd_wakeup = softint_establish(SOFTINT_CLOCK|SOFTINT_MPSAFE,
- rnd_wake, NULL);
- rnd_schedule_process();
-}
-
/*
* Generate a 32-bit counter.
*/
@@ -412,6 +405,38 @@ rnd_dv_estimate(krndsource_t *rs, uint32
return ret;
}
+#if defined(__HAVE_CPU_RNG)
+static struct {
+ kmutex_t lock; /* unfortunately, must protect krndsource */
+ krndsource_t source;
+} rnd_cpu __cacheline_aligned;
+
+static void
+rnd_cpu_get(size_t bytes, void *priv)
+{
+ krndsource_t *cpusrcp = priv;
+ KASSERT(cpusrcp == &rnd_cpu.source);
+
+ if (RND_ENABLED(cpusrcp)) {
+ cpu_rng_t buf[2 * RND_ENTROPY_THRESHOLD / sizeof(cpu_rng_t)];
+ cpu_rng_t *bufp;
+ size_t cnt = howmany(sizeof(buf), sizeof(cpu_rng_t));
+ size_t entropy = 0;
+
+ for (bufp = buf; bufp < buf + cnt; bufp++) {
+ entropy += cpu_rng(bufp);
+ }
+ if (__predict_true(entropy)) {
+ mutex_spin_enter(&rnd_cpu.lock);
+ rnd_add_data_sync(cpusrcp, buf, sizeof(buf), entropy);
+ explicit_memset(buf, 0, sizeof(buf));
+ mutex_spin_exit(&rnd_cpu.lock);
+ }
+ }
+}
+
+#endif
+
#if defined(__HAVE_CPU_COUNTER)
static struct {
kmutex_t lock;
@@ -471,6 +496,17 @@ rnd_skew_intr(void *arg)
}
#endif
+void
+rnd_init_softint(void)
+{
+
+ rnd_process = softint_establish(SOFTINT_SERIAL|SOFTINT_MPSAFE,
+ rnd_intr, NULL);
+ rnd_wakeup = softint_establish(SOFTINT_CLOCK|SOFTINT_MPSAFE,
+ rnd_wake, NULL);
+ rnd_schedule_process();
+}
+
/*
* Entropy was just added to the pool. If we crossed the threshold for
* the first time, set rnd_initial_entropy = 1.
@@ -550,6 +586,21 @@ rnd_init(void)
}
/*
+ * Attach CPU RNG if available.
+ */
+#if defined(__HAVE_CPU_RNG)
+ if (cpu_rng_init()) {
+ /* IPL_VM because taken while rnd_global.lock is held. */
+ mutex_init(&rnd_cpu.lock, MUTEX_DEFAULT, IPL_VM);
+ rndsource_setcb(&rnd_cpu.source, rnd_cpu_get, &rnd_cpu.source);
+ rnd_attach_source(&rnd_cpu.source, "cpurng",
+ RND_TYPE_RNG, RND_FLAG_COLLECT_VALUE|
+ RND_FLAG_HASCB|RND_FLAG_HASENABLE);
+ rnd_cpu_get(RND_ENTROPY_THRESHOLD, &rnd_cpu.source);
+ }
+#endif
+
+ /*
* If we have a cycle counter, take its error with respect
* to the callout mechanism as a source of entropy, ala
* TrueRand.
@@ -1217,7 +1268,7 @@ rnd_extract_data(void *p, uint32_t len,
explicit_memset(&rnd_rt, 0, sizeof(rnd_rt));
rndpool_add_data(&rnd_global.pool, rnd_testbits,
sizeof(rnd_testbits), entropy_count);
- memset(rnd_testbits, 0, sizeof(rnd_testbits));
+ explicit_memset(rnd_testbits, 0, sizeof(rnd_testbits));
rnd_printf_verbose("rnd: statistical RNG test done,"
" entropy = %d.\n",
rndpool_get_entropy_count(&rnd_global.pool));
Added files:
Index: src/sys/arch/amd64/include/cpu_rng.h
diff -u /dev/null src/sys/arch/amd64/include/cpu_rng.h:1.1
--- /dev/null Sat Feb 27 00:09:45 2016
+++ src/sys/arch/amd64/include/cpu_rng.h Sat Feb 27 00:09:45 2016
@@ -0,0 +1,8 @@
+/* $NetBSD: cpu_rng.h,v 1.1 2016/02/27 00:09:45 tls Exp $ */
+
+#ifndef _AMD64_CPU_RNG_H_
+#define _AMD64_CPU_RNG_H_
+
+#include <x86/cpu_rng.h>
+
+#endif
Index: src/sys/arch/i386/include/cpu_rng.h
diff -u /dev/null src/sys/arch/i386/include/cpu_rng.h:1.1
--- /dev/null Sat Feb 27 00:09:45 2016
+++ src/sys/arch/i386/include/cpu_rng.h Sat Feb 27 00:09:45 2016
@@ -0,0 +1,8 @@
+/* $NetBSD: cpu_rng.h,v 1.1 2016/02/27 00:09:45 tls Exp $ */
+
+#ifndef _I386_CPU_RNG_H_
+#define _I386_CPU_RNG_H_
+
+#include <x86/cpu_rng.h>
+
+#endif
Index: src/sys/arch/x86/include/cpu_rng.h
diff -u /dev/null src/sys/arch/x86/include/cpu_rng.h:1.1
--- /dev/null Sat Feb 27 00:09:45 2016
+++ src/sys/arch/x86/include/cpu_rng.h Sat Feb 27 00:09:45 2016
@@ -0,0 +1,42 @@
+/* $NetBSD: cpu_rng.h,v 1.1 2016/02/27 00:09:45 tls Exp $ */
+
+#ifndef _X86_CPU_RNG_H_
+#define _X86_CPU_RNG_H_
+
+/*-
+ * Copyright (c) 2015 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Thor Lancelot Simon.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/types.h>
+
+typedef uint64_t cpu_rng_t;
+
+bool cpu_rng_init(void);
+size_t cpu_rng(cpu_rng_t *);
+
+#endif /* _X86_CPU_RNG_H_ */
Index: src/sys/arch/x86/x86/cpu_rng.c
diff -u /dev/null src/sys/arch/x86/x86/cpu_rng.c:1.1
--- /dev/null Sat Feb 27 00:09:45 2016
+++ src/sys/arch/x86/x86/cpu_rng.c Sat Feb 27 00:09:45 2016
@@ -0,0 +1,66 @@
+/* $NetBSD: cpu_rng.c,v 1.1 2016/02/27 00:09:45 tls Exp $ */
+
+/*-
+ * Copyright (c) 2015 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Thor Lancelot Simon.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/param.h>
+#include <sys/systm.h>
+#include <sys/cpu.h>
+
+#include <x86/specialreg.h>
+
+#include <machine/cpufunc.h>
+#include <machine/cpuvar.h>
+#include <machine/cpu_rng.h>
+
+static enum {
+ CPU_RNG_NONE = 0,
+ CPU_RNG_RDRAND,
+ CPU_RNG_RDSEED,
+ CPU_RNG_VIA } cpu_rng_mode __read_mostly = CPU_RNG_NONE;
+
+bool
+cpu_rng_init(void)
+{
+ return false;
+}
+
+size_t
+cpu_rng(cpu_rng_t *out)
+{
+ switch (cpu_rng_mode) {
+ case CPU_RNG_NONE:
+ case CPU_RNG_RDSEED:
+ case CPU_RNG_RDRAND:
+ case CPU_RNG_VIA:
+ return 0;
+ default:
+ panic("cpu_rng: unknown mode %d", (int)cpu_rng_mode);
+ }
+}
