| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | /* $NetBSD: cpu_rng.c,v 1.18 2020/07/25 22:10:34 riastradh Exp $ */ | | 1 | /* $NetBSD: cpu_rng.c,v 1.19 2020/07/30 17:26:23 riastradh Exp $ */ |
2 | | | 2 | |
3 | /*- | | 3 | /*- |
4 | * Copyright (c) 2015 The NetBSD Foundation, Inc. | | 4 | * Copyright (c) 2015 The NetBSD Foundation, Inc. |
5 | * All rights reserved. | | 5 | * All rights reserved. |
6 | * | | 6 | * |
7 | * This code is derived from software contributed to The NetBSD Foundation | | 7 | * This code is derived from software contributed to The NetBSD Foundation |
8 | * by Thor Lancelot Simon. | | 8 | * by Thor Lancelot Simon. |
9 | * | | 9 | * |
10 | * Redistribution and use in source and binary forms, with or without | | 10 | * Redistribution and use in source and binary forms, with or without |
11 | * modification, are permitted provided that the following conditions | | 11 | * modification, are permitted provided that the following conditions |
12 | * are met: | | 12 | * are met: |
13 | * 1. Redistributions of source code must retain the above copyright | | 13 | * 1. Redistributions of source code must retain the above copyright |
14 | * notice, this list of conditions and the following disclaimer. | | 14 | * notice, this list of conditions and the following disclaimer. |
| @@ -218,26 +218,31 @@ cpu_rng_via(uint64_t *out) | | | @@ -218,26 +218,31 @@ cpu_rng_via(uint64_t *out) |
218 | : "memory"); | | 218 | : "memory"); |
219 | | | 219 | |
220 | /* Restore CR0 and interrupts. */ | | 220 | /* Restore CR0 and interrupts. */ |
221 | lcr0(cr0); | | 221 | lcr0(cr0); |
222 | x86_write_psl(psl); | | 222 | x86_write_psl(psl); |
223 | | | 223 | |
224 | /* Get the number of bytes stored. (Should always be 8 or 0.) */ | | 224 | /* Get the number of bytes stored. (Should always be 8 or 0.) */ |
225 | nbytes = __SHIFTOUT(status, VIA_RNG_STATUS_NBYTES); | | 225 | nbytes = __SHIFTOUT(status, VIA_RNG_STATUS_NBYTES); |
226 | | | 226 | |
227 | /* | | 227 | /* |
228 | * The Cryptography Research paper on the VIA RNG estimates | | 228 | * The Cryptography Research paper on the VIA RNG estimates |
229 | * 0.75 bits of entropy per output bit and advises users to | | 229 | * 0.75 bits of entropy per output bit and advises users to |
230 | * be "even more conservative". | | 230 | * be "even more conservative". |
| | | 231 | * |
| | | 232 | * `Evaluation of VIA C3 Nehemiah Random Number |
| | | 233 | * Generator', Cryptography Research, Inc., February 27, |
| | | 234 | * 2003. |
| | | 235 | * https://www.rambus.com/wp-content/uploads/2015/08/VIA_rng.pdf |
231 | */ | | 236 | */ |
232 | return nbytes * NBBY/2; | | 237 | return nbytes * NBBY/2; |
233 | } | | 238 | } |
234 | | | 239 | |
235 | static size_t | | 240 | static size_t |
236 | cpu_rng(enum cpu_rng_mode mode, uint64_t *out) | | 241 | cpu_rng(enum cpu_rng_mode mode, uint64_t *out) |
237 | { | | 242 | { |
238 | | | 243 | |
239 | switch (mode) { | | 244 | switch (mode) { |
240 | case CPU_RNG_NONE: | | 245 | case CPU_RNG_NONE: |
241 | return 0; | | 246 | return 0; |
242 | case CPU_RNG_RDSEED: | | 247 | case CPU_RNG_RDSEED: |
243 | return cpu_rng_rdseed(out); | | 248 | return cpu_rng_rdseed(out); |