[PATCH] Define HW-feature flags per architecture
Jussi Kivilinna
jussi.kivilinna at iki.fi
Thu Jan 21 21:30:15 CET 2021
* random/rand-internal.h (_gcry_rndhw_poll_slow): Add requested length
parameter.
* random/rndhw.c (_gcry_rndhw_poll_slow): Limit accounted bytes to 50%
(or 25% for RDRAND) - this code is moved from caller side.
* random/rndlinux.c (_gcry_rndlinux_gather_random): Move
HWF_INTEL_RDRAND check to _gcry_rndhw_poll_slow.
* src/g10lib.h (HWF_PADLOCK_*, HWF_INTEL_*): Define only if
HAVE_CPU_ARCH_X86.
(HWF_ARM_*): Define only if HAVE_CPU_ARCH_ARM.
(HWF_PPC_*): Define only if HAVE_CPU_ARCH_PPC.
(HWF_S390X_*): Define only if HAVE_CPU_ARCH_S390X.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
---
random/rand-internal.h | 2 +-
random/rndhw.c | 15 ++++++++++++---
random/rndlinux.c | 17 ++++-------------
src/g10lib.h | 34 ++++++++++++++++++++++------------
4 files changed, 39 insertions(+), 29 deletions(-)
diff --git a/random/rand-internal.h b/random/rand-internal.h
index d99c6671..34221569 100644
--- a/random/rand-internal.h
+++ b/random/rand-internal.h
@@ -141,7 +141,7 @@ void _gcry_rndhw_poll_fast (void (*add)(const void*, size_t,
enum random_origins origin);
size_t _gcry_rndhw_poll_slow (void (*add)(const void*, size_t,
enum random_origins),
- enum random_origins origin);
+ enum random_origins origin, size_t req_length);
diff --git a/random/rndhw.c b/random/rndhw.c
index 2829382c..3cf9acc3 100644
--- a/random/rndhw.c
+++ b/random/rndhw.c
@@ -198,24 +198,33 @@ _gcry_rndhw_poll_fast (void (*add)(const void*, size_t, enum random_origins),
/* Read 64 bytes from a hardware RNG and return the number of bytes
- actually read. */
+ actually read. However hardware source is let account only
+ for up to 50% (or 25% for RDRAND) of the requested bytes. */
size_t
_gcry_rndhw_poll_slow (void (*add)(const void*, size_t, enum random_origins),
- enum random_origins origin)
+ enum random_origins origin, size_t req_length)
{
size_t nbytes = 0;
(void)add;
(void)origin;
+ req_length /= 2; /* Up to 50%. */
+
#ifdef USE_DRNG
if ((_gcry_get_hw_features () & HWF_INTEL_RDRAND))
- nbytes += poll_drng (add, origin, 0);
+ {
+ req_length /= 2; /* Up to 25%. */
+ nbytes += poll_drng (add, origin, 0);
+ }
#endif
#ifdef USE_PADLOCK
if ((_gcry_get_hw_features () & HWF_PADLOCK_RNG))
nbytes += poll_padlock (add, origin, 0);
#endif
+ if (nbytes > req_length)
+ nbytes = req_length;
+
return nbytes;
}
diff --git a/random/rndlinux.c b/random/rndlinux.c
index 04e2a464..7cbf6ac2 100644
--- a/random/rndlinux.c
+++ b/random/rndlinux.c
@@ -186,19 +186,10 @@ _gcry_rndlinux_gather_random (void (*add)(const void*, size_t,
}
- /* First read from a hardware source. However let it account only
- for up to 50% (or 25% for RDRAND) of the requested bytes. */
- n_hw = _gcry_rndhw_poll_slow (add, origin);
- if ((_gcry_get_hw_features () & HWF_INTEL_RDRAND))
- {
- if (n_hw > length/4)
- n_hw = length/4;
- }
- else
- {
- if (n_hw > length/2)
- n_hw = length/2;
- }
+ /* First read from a hardware source. Note that _gcry_rndhw_poll_slow lets
+ it account only for up to 50% (or 25% for RDRAND) of the requested
+ bytes. */
+ n_hw = _gcry_rndhw_poll_slow (add, origin, length);
if (length > 1)
length -= n_hw;
diff --git a/src/g10lib.h b/src/g10lib.h
index cba2e237..243997eb 100644
--- a/src/g10lib.h
+++ b/src/g10lib.h
@@ -217,6 +217,8 @@ char **_gcry_strtokenize (const char *string, const char *delim);
/*-- src/hwfeatures.c --*/
+#if defined(HAVE_CPU_ARCH_X86)
+
#define HWF_PADLOCK_RNG (1 << 0)
#define HWF_PADLOCK_AES (1 << 1)
#define HWF_PADLOCK_SHA (1 << 2)
@@ -236,20 +238,28 @@ char **_gcry_strtokenize (const char *string, const char *delim);
#define HWF_INTEL_RDTSC (1 << 15)
#define HWF_INTEL_SHAEXT (1 << 16)
-#define HWF_ARM_NEON (1 << 17)
-#define HWF_ARM_AES (1 << 18)
-#define HWF_ARM_SHA1 (1 << 19)
-#define HWF_ARM_SHA2 (1 << 20)
-#define HWF_ARM_PMULL (1 << 21)
+#elif defined(HAVE_CPU_ARCH_ARM)
+
+#define HWF_ARM_NEON (1 << 0)
+#define HWF_ARM_AES (1 << 1)
+#define HWF_ARM_SHA1 (1 << 2)
+#define HWF_ARM_SHA2 (1 << 3)
+#define HWF_ARM_PMULL (1 << 4)
+
+#elif defined(HAVE_CPU_ARCH_PPC)
-#define HWF_PPC_VCRYPTO (1 << 22)
-#define HWF_PPC_ARCH_3_00 (1 << 23)
-#define HWF_PPC_ARCH_2_07 (1 << 24)
+#define HWF_PPC_VCRYPTO (1 << 0)
+#define HWF_PPC_ARCH_3_00 (1 << 1)
+#define HWF_PPC_ARCH_2_07 (1 << 2)
-#define HWF_S390X_MSA (1 << 25)
-#define HWF_S390X_MSA_4 (1 << 26)
-#define HWF_S390X_MSA_8 (1 << 27)
-#define HWF_S390X_VX (1 << 28)
+#elif defined(HAVE_CPU_ARCH_S390X)
+
+#define HWF_S390X_MSA (1 << 0)
+#define HWF_S390X_MSA_4 (1 << 1)
+#define HWF_S390X_MSA_8 (1 << 2)
+#define HWF_S390X_VX (1 << 3)
+
+#endif
gpg_err_code_t _gcry_disable_hw_feature (const char *name);
void _gcry_detect_hw_features (void);
--
2.27.0
More information about the Gcrypt-devel
mailing list