Add support for new Intel on-CPU Bull Mountain random number

generator, found on IvyBridge and supposedly later CPUs, accessible with RDRAND instruction. From the Intel whitepapers and articles about Bull Mountain, it seems that we do not need to perform post-processing of RDRAND results, like AES-encryption of the data with random IV and keys, which was done for Padlock. Intel claims that sanitization is performed in hardware. Make both Padlock and Bull Mountain random generators support code covered by kernel config options, for the benefit of people who prefer minimal kernels. Also add the tunables to disable hardware generator even if detected. Reviewed by: markm, secteam (simon) Tested by: bapt, Michael Moll <kvedulv@kvedulv.de> MFC after: 3 weeks
author: kib <kib@FreeBSD.org> 2012-09-05 13:18:51 +0000
committer: kib <kib@FreeBSD.org> 2012-09-05 13:18:51 +0000
commit: dac91f5998c1d33695196e636176f5634af60f74 (patch)
tree: 4e5e06d435f26a7ff60ca89f3247cc53bec9401b /sys/conf/options.i386
parent: 71dbd73468d207cc6328627d0f16d719bad326c8 (diff)
download: FreeBSD-src-dac91f5998c1d33695196e636176f5634af60f74.zip
FreeBSD-src-dac91f5998c1d33695196e636176f5634af60f74.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/sys/conf/options.i386 b/sys/conf/options.i386
index 3638266..9ce7b8c 100644
--- a/sys/conf/options.i386
+++ b/sys/conf/options.i386
@@ -123,3 +123,7 @@ XENHVM			opt_global.h
 
 # options for the Intel C600 SAS driver (isci)
 ISCI_LOGGING	opt_isci.h
+
+# hw random number generators for random(4)
+PADLOCK_RNG		opt_cpu.h
+IVY_RNG			opt_cpu.h
author	kib <kib@FreeBSD.org>	2012-09-05 13:18:51 +0000
committer	kib <kib@FreeBSD.org>	2012-09-05 13:18:51 +0000
commit	dac91f5998c1d33695196e636176f5634af60f74 (patch)
tree	4e5e06d435f26a7ff60ca89f3247cc53bec9401b /sys/conf/options.i386
parent	71dbd73468d207cc6328627d0f16d719bad326c8 (diff)
download	FreeBSD-src-dac91f5998c1d33695196e636176f5634af60f74.zip FreeBSD-src-dac91f5998c1d33695196e636176f5634af60f74.tar.gz