[PATCH v2 0/2] Add support for architectural random number generator

From: H. Peter Anvin
Date: Sat Jul 30 2011 - 18:34:22 EST

Next message: H. Peter Anvin: "[PATCH v2 1/2] random: Add support for architectural random hooks"
Previous message: Linus Walleij: "Re: [PATCH 04/18] dmaengine/amba-pl08x: Remove redundant comment andrewrite original"
In reply to: Linus Torvalds: "Re: [RFD] Direct support for the x86 RDRAND instruction"
Next in thread: H. Peter Anvin: "[PATCH v2 1/2] random: Add support for architectural random hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Updated version of the previous patchset, implementing the "single
long" interface, adding get_random_int() enabling, and fixing a few bugs.

Git tree also available:

git://git.kernel.org/pub/scm/linux/kernel/git/hpa/linux-rdrand.git rdrand-2

This is a proposed patchset to enable the new x86 RDRAND instruction,
labelled "Bull Mountain Technology" by Intel. It is a different beast
than any other hardware random number generator that I have personally
encountered: it is not just a random number source, but contains a
high bandwidth random number generator, an AES cryptographic whitener,
and integrity monitoring all in hardware.

For technical documentation see:

http://software.intel.com/en-us/articles/download-the-latest-bull-mountain-software-implementation-guide/

This proposed patchset enables RDRAND bypass for current users of the
nonblocking random pool (that is, for /dev/urandom and its equvalent
in-kernel users) but not for the blocking pool (/dev/random). This is
because RDRAND, although reseeded way more frequently than what is
practical to do in software, is technically a nonblocking source that
can behave as a PRNG. It can be used as a source for randomness for
/dev/random, but that is not addressed by this patchset.

Changes in version 2:
- Have a single hook per pool (blocking, nonblocking) that returns an
unsigned long. The loops to fill an arbitrary buffer has moved to
generic code.
- Invoke the nonblocking hook to service get_random_int() if it is
available. (Note: we could in theory do this for random32() as
well, however, I have made the assumption that random32() is used
when speed is the only thing that matters, and the current
random32() implementation is extremely fast.)
- Correct the use of the nonblocking hook to preinitialize the pool
data buffers. Version 1 would incorrectly initialize the input pool
three times.

This version still retains the indirect function call. In the
particular case of x86 RDRAND, there is some machinery that we need
around the instruction which makes it slighly awkward to inline, and
the function call doesn't seem to add enough overhead that it is worth
making the interface uglier.

Total changes:

Documentation/kernel-parameters.txt | 5 ++
arch/x86/Kconfig | 9 +++
arch/x86/kernel/Makefile | 2 +
arch/x86/kernel/rdrand.c | 65 +++++++++++++++++
arch/x86/kernel/rdrand_asm.S | 57 +++++++++++++++
drivers/char/random.c | 134 ++++++++++++++++++++++++++++++++++-
include/linux/random.h | 14 ++++
7 files changed, 285 insertions(+), 1 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: H. Peter Anvin: "[PATCH v2 1/2] random: Add support for architectural random hooks"
Previous message: Linus Walleij: "Re: [PATCH 04/18] dmaengine/amba-pl08x: Remove redundant comment andrewrite original"
In reply to: Linus Torvalds: "Re: [RFD] Direct support for the x86 RDRAND instruction"
Next in thread: H. Peter Anvin: "[PATCH v2 1/2] random: Add support for architectural random hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]