[PATCH] Define HW-feature flags per architecture

Jussi Kivilinna jussi.kivilinna at iki.fi
Sun Feb 2 18:50:27 CET 2020


* random/rand-internal.h (_gcry_rndhw_poll_slow): Add requested length
parameter.
* random/rndhw.c (_gcry_rndhw_poll_slow): Limit accounted bytes to 50%
(or 25% for RDRAND) - this code is moved from caller side.
* random/rndlinux.c (_gcry_rndlinux_gather_random): Move
HWF_INTEL_RDRAND check to _gcry_rndhw_poll_slow.
* src/g10lib.h (HWF_PADLOCK_*, HWF_INTEL_*): Define only if
HAVE_CPU_ARCH_X86.
(HWF_ARM_*): Define only if HAVE_CPU_ARCH_ARM.
(HWF_PPC_*): Define only if HAVE_CPU_ARCH_PPC.
--

Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
---
 0 files changed

diff --git a/random/rand-internal.h b/random/rand-internal.h
index d99c66714..342215695 100644
--- a/random/rand-internal.h
+++ b/random/rand-internal.h
@@ -141,7 +141,7 @@ void _gcry_rndhw_poll_fast (void (*add)(const void*, size_t,
                             enum random_origins origin);
 size_t _gcry_rndhw_poll_slow (void (*add)(const void*, size_t,
                                           enum random_origins),
-                              enum random_origins origin);
+                              enum random_origins origin, size_t req_length);
 
 
 
diff --git a/random/rndhw.c b/random/rndhw.c
index 2829382c6..3cf9acc3a 100644
--- a/random/rndhw.c
+++ b/random/rndhw.c
@@ -198,24 +198,33 @@ _gcry_rndhw_poll_fast (void (*add)(const void*, size_t, enum random_origins),
 
 
 /* Read 64 bytes from a hardware RNG and return the number of bytes
-   actually read.  */
+   actually read.  However hardware source is let account only
+   for up to 50% (or 25% for RDRAND) of the requested bytes.  */
 size_t
 _gcry_rndhw_poll_slow (void (*add)(const void*, size_t, enum random_origins),
-                       enum random_origins origin)
+                       enum random_origins origin, size_t req_length)
 {
   size_t nbytes = 0;
 
   (void)add;
   (void)origin;
 
+  req_length /= 2; /* Up to 50%. */
+
 #ifdef USE_DRNG
   if ((_gcry_get_hw_features () & HWF_INTEL_RDRAND))
-    nbytes += poll_drng (add, origin, 0);
+    {
+      req_length /= 2; /* Up to 25%. */
+      nbytes += poll_drng (add, origin, 0);
+    }
 #endif
 #ifdef USE_PADLOCK
   if ((_gcry_get_hw_features () & HWF_PADLOCK_RNG))
     nbytes += poll_padlock (add, origin, 0);
 #endif
 
+  if (nbytes > req_length)
+    nbytes = req_length;
+
   return nbytes;
 }
diff --git a/random/rndlinux.c b/random/rndlinux.c
index 04e2a464c..7cbf6ac21 100644
--- a/random/rndlinux.c
+++ b/random/rndlinux.c
@@ -186,19 +186,10 @@ _gcry_rndlinux_gather_random (void (*add)(const void*, size_t,
     }
 
 
-  /* First read from a hardware source.  However let it account only
-     for up to 50% (or 25% for RDRAND) of the requested bytes.  */
-  n_hw = _gcry_rndhw_poll_slow (add, origin);
-  if ((_gcry_get_hw_features () & HWF_INTEL_RDRAND))
-    {
-      if (n_hw > length/4)
-        n_hw = length/4;
-    }
-  else
-    {
-      if (n_hw > length/2)
-        n_hw = length/2;
-    }
+  /* First read from a hardware source.  Note that _gcry_rndhw_poll_slow lets
+     it account only for up to 50% (or 25% for RDRAND) of the requested
+     bytes.  */
+  n_hw = _gcry_rndhw_poll_slow (add, origin, length);
   if (length > 1)
     length -= n_hw;
 
diff --git a/src/g10lib.h b/src/g10lib.h
index c85e66492..36cf85c13 100644
--- a/src/g10lib.h
+++ b/src/g10lib.h
@@ -211,6 +211,8 @@ char **_gcry_strtokenize (const char *string, const char *delim);
 
 
 /*-- src/hwfeatures.c --*/
+#if defined(HAVE_CPU_ARCH_X86)
+
 #define HWF_PADLOCK_RNG         (1 << 0)
 #define HWF_PADLOCK_AES         (1 << 1)
 #define HWF_PADLOCK_SHA         (1 << 2)
@@ -230,15 +232,21 @@ char **_gcry_strtokenize (const char *string, const char *delim);
 #define HWF_INTEL_RDTSC         (1 << 15)
 #define HWF_INTEL_SHAEXT        (1 << 16)
 
-#define HWF_ARM_NEON            (1 << 17)
-#define HWF_ARM_AES             (1 << 18)
-#define HWF_ARM_SHA1            (1 << 19)
-#define HWF_ARM_SHA2            (1 << 20)
-#define HWF_ARM_PMULL           (1 << 21)
+#elif defined(HAVE_CPU_ARCH_ARM)
+
+#define HWF_ARM_NEON            (1 << 0)
+#define HWF_ARM_AES             (1 << 1)
+#define HWF_ARM_SHA1            (1 << 2)
+#define HWF_ARM_SHA2            (1 << 3)
+#define HWF_ARM_PMULL           (1 << 4)
+
+#elif defined(HAVE_CPU_ARCH_PPC)
 
-#define HWF_PPC_VCRYPTO         (1 << 22)
-#define HWF_PPC_ARCH_3_00       (1 << 23)
-#define HWF_PPC_ARCH_2_07       (1 << 24)
+#define HWF_PPC_VCRYPTO         (1 << 0)
+#define HWF_PPC_ARCH_3_00       (1 << 1)
+#define HWF_PPC_ARCH_2_07       (1 << 2)
+
+#endif
 
 gpg_err_code_t _gcry_disable_hw_feature (const char *name);
 void _gcry_detect_hw_features (void);




More information about the Gcrypt-devel mailing list