* [9front] [patch] via padlock xstore rng for pc/pc64
@ 2022-10-01 16:52 Arne Meyer
0 siblings, 0 replies; only message in thread
From: Arne Meyer @ 2022-10-01 16:52 UTC (permalink / raw)
To: 9front
[-- Attachment #1: Type: text/plain, Size: 1024 bytes --]
this patch adds via padlock rng support to pc and pc64. *Warning* I've got no clue about cryptography. I ported https://www.fourmilab.ch/random/ to plan9 here: https://github.com/armeye/ent_random_sequence_tester and wrote a test here: https://github.com/armeye/9front_xstore. the results look right to me...
Tested on my VIA C7 Thinclient, looks good ¯\_(ツ)_/¯
I'm looking for comments about the patch:
* this adds a new line to archctl to show which hwrng is in use, if any
* the via.c is for via c7 specific code, I've got a patch for the cputemp msr in my repository.
I would like to share the file between architectures but don't know how.
* The xstorebuf function is stupid, but it works. Can this be done better?
* the xstore instruction is very cpu heavy with the maximum whiteout. This patch has the best value for randomness but
it eats cpu cycles like it's nothing. I thing we can go down to even the lowest quality because the random data
gets encrypted anyway, right?
Greetings,
Arne
[-- Attachment #2: xstore.patch --]
[-- Type: application/octet-stream, Size: 4477 bytes --]
diff --git a/sys/src/9/pc/devarch.c b/sys/src/9/pc/devarch.c
index 928837848..ae053ab5c 100644
--- a/sys/src/9/pc/devarch.c
+++ b/sys/src/9/pc/devarch.c
@@ -644,10 +644,24 @@ cpuidentify(void)
if((m->cpuiddx & Mtrr) != 0 && getconf("*nomtrr") == nil)
mtrrsync();
+ hwrandbuf = nil;
+
if(strcmp(m->cpuidid, "GenuineIntel") == 0 && (m->cpuidcx & Rdrnd) != 0)
hwrandbuf = rdrandbuf;
- else
- hwrandbuf = nil;
+ else if(strcmp(m->cpuidid, "CentaurHauls") == 0 && (model >= 10)){
+ cpuid(0xC0000000, 0, regs);
+ if(regs[0] >= 0xC0000001){
+ cpuid(0xC0000001, 0, regs);
+ if(regs[3] & 4){
+ vlong cap;
+ rdmsr(0x110b, &cap);
+ cap |= 0x40;
+ wrmsr(0x110b, cap);
+
+ hwrandbuf = xstorebuf;
+ }
+ }
+ }
if(sizeof(uintptr) == 8) {
/* 8-byte watchpoints are supported in Long Mode */
@@ -725,6 +739,13 @@ archctlread(Chan*, void *a, long nn, vlong offset)
p = seprint(p, ep, "cmpswap486\n");
else
p = seprint(p, ep, "0x%p\n", cmpswap);
+ p = seprint(p, ep, "hwrand ");
+ if(hwrandbuf == rdrandbuf)
+ p = seprint(p, ep, "rdrand\n");
+ else if(hwrandbuf == xstorebuf)
+ p = seprint(p, ep, "xstore\n");
+ else
+ p = seprint(p, ep, "none\n");
p = seprint(p, ep, "arch %s\n", arch->id);
n = p - buf;
n += mtrrprint(p, ep - p);
diff --git a/sys/src/9/pc/fns.h b/sys/src/9/pc/fns.h
index 994362489..4d2f71339 100644
--- a/sys/src/9/pc/fns.h
+++ b/sys/src/9/pc/fns.h
@@ -173,6 +173,8 @@ void writeconf(void);
int wrmsr(int, vlong);
int xchgw(ushort*, int);
void rdrandbuf(void*, ulong);
+void repxstore(void*, ulong);
+void xstorebuf(void*, ulong);
#define userureg(ur) (((ur)->cs & 3) == 3)
#define KADDR(a) kaddr(a)
diff --git a/sys/src/9/pc/l.s b/sys/src/9/pc/l.s
index ede492af8..7a874b235 100644
--- a/sys/src/9/pc/l.s
+++ b/sys/src/9/pc/l.s
@@ -852,6 +852,13 @@ _rndbytes:
_rnddone:
RET
+TEXT repxstore(SB), $-4
+ MOVL $3, DX
+ MOVL buf+0(FP), DI
+ MOVL count+4(FP), CX
+ BYTE $0xF3; BYTE $0x0F; BYTE $0xA7; BYTE $0xC0
+ RET
+
/* debug register access */
TEXT putdr(SB), $0
diff --git a/sys/src/9/pc/mkfile b/sys/src/9/pc/mkfile
index 3bc3d5fca..d70cfda81 100644
--- a/sys/src/9/pc/mkfile
+++ b/sys/src/9/pc/mkfile
@@ -57,6 +57,7 @@ OBJ=\
mmu.$O\
irq.$O\
trap.$O\
+ via.$O\
bootargs.$O\
$CONF.root.$O\
$CONF.rootc.$O\
diff --git a/sys/src/9/pc/via.c b/sys/src/9/pc/via.c
new file mode 100644
index 000000000..7a4e608cc
--- /dev/null
+++ b/sys/src/9/pc/via.c
@@ -0,0 +1,21 @@
+#include "u.h"
+#include "../port/lib.h"
+
+extern void repxstore(void*, ulong);
+
+void
+xstorebuf(void *b1, ulong l)
+{
+ ulong i;
+ static char buf[8+8];
+ char *b = b1;
+
+ for(i = 0; i < l>>3; i++){
+ repxstore(buf, 8);
+ memmove(b, buf, 8);
+ b+=8;
+ }
+
+ repxstore(buf, 8);
+ memmove(b, buf, l&7);
+}
diff --git a/sys/src/9/pc64/fns.h b/sys/src/9/pc64/fns.h
index 687ec50af..e188e7a0e 100644
--- a/sys/src/9/pc64/fns.h
+++ b/sys/src/9/pc64/fns.h
@@ -175,6 +175,7 @@ void writeconf(void);
int wrmsr(int, vlong);
int xchgw(ushort*, int);
void rdrandbuf(void*, ulong);
+void xstorebuf(void*, ulong);
#define userureg(ur) (((ur)->cs & 3) == 3)
#define KADDR(a) kaddr(a)
diff --git a/sys/src/9/pc64/l.s b/sys/src/9/pc64/l.s
index 423fad623..6934f9576 100644
--- a/sys/src/9/pc64/l.s
+++ b/sys/src/9/pc64/l.s
@@ -703,6 +703,14 @@ loop32:
JCC loop32
RET
+TEXT repxstore(SB), $-4
+ MOVL $3, DX
+ MOVL buf+0(FP), DI
+ MOVL count+4(FP), CX
+ BYTE $0xF3; BYTE $0x0F; BYTE $0xA7; BYTE $0xC0
+ RET
+
+
TEXT rdrand64(SB), $-4
loop64:
RDRAND64AX
diff --git a/sys/src/9/pc64/mkfile b/sys/src/9/pc64/mkfile
index 083ab92f9..b1131ebb9 100644
--- a/sys/src/9/pc64/mkfile
+++ b/sys/src/9/pc64/mkfile
@@ -55,6 +55,7 @@ OBJ=\
mmu.$O\
irq.$O\
trap.$O\
+ via.$O\
bootargs.$O\
$CONF.root.$O\
$CONF.rootc.$O\
diff --git a/sys/src/9/pc64/via.c b/sys/src/9/pc64/via.c
new file mode 100644
index 000000000..7a4e608cc
--- /dev/null
+++ b/sys/src/9/pc64/via.c
@@ -0,0 +1,21 @@
+#include "u.h"
+#include "../port/lib.h"
+
+extern void repxstore(void*, ulong);
+
+void
+xstorebuf(void *b1, ulong l)
+{
+ ulong i;
+ static char buf[8+8];
+ char *b = b1;
+
+ for(i = 0; i < l>>3; i++){
+ repxstore(buf, 8);
+ memmove(b, buf, 8);
+ b+=8;
+ }
+
+ repxstore(buf, 8);
+ memmove(b, buf, l&7);
+}
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-10-01 16:54 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-10-01 16:52 [9front] [patch] via padlock xstore rng for pc/pc64 Arne Meyer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).