diff options
author | H. Peter Anvin <hpa@zytor.com> | 2011-07-31 13:59:29 -0700 |
---|---|---|
committer | H. Peter Anvin <hpa@zytor.com> | 2011-07-31 13:59:29 -0700 |
commit | 628c6246d47b85f5357298601df2444d7f4dd3fd (patch) | |
tree | 624f2b90cdfefcd5f7d1a8cd26c548cbfc289f8e /arch/x86/Kbuild | |
parent | 63d77173266c1791f1553e9e8ccea65dc87c4485 (diff) |
x86, random: Architectural inlines to get random integers with RDRAND
Architectural inlines to get random ints and longs using the RDRAND
instruction.
Intel has introduced a new RDRAND instruction, a Digital Random Number
Generator (DRNG), which is functionally an high bandwidth entropy
source, cryptographic whitener, and integrity monitor all built into
hardware. This enables RDRAND to be used directly, bypassing the
kernel random number pool.
For technical documentation, see:
http://software.intel.com/en-us/articles/download-the-latest-bull-mountain-software-implementation-guide/
In this patch, this is *only* used for the nonblocking random number
pool. RDRAND is a nonblocking source, similar to our /dev/urandom,
and is therefore not a direct replacement for /dev/random. The
architectural hooks presented in the previous patch only feed the
kernel internal users, which only use the nonblocking pool, and so
this is not a problem.
Since this instruction is available in userspace, there is no reason
to have a /dev/hw_rng device driver for the purpose of feeding rngd.
This is especially so since RDRAND is a nonblocking source, and needs
additional whitening and reduction (see the above technical
documentation for details) in order to be of "pure entropy source"
quality.
The CONFIG_EXPERT compile-time option can be used to disable this use
of RDRAND.
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Originally-by: Fenghua Yu <fenghua.yu@intel.com>
Cc: Matt Mackall <mpm@selenic.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "Theodore Ts'o" <tytso@mit.edu>
Diffstat (limited to 'arch/x86/Kbuild')
0 files changed, 0 insertions, 0 deletions