diff options
| author | kib <kib@FreeBSD.org> | 2012-09-05 13:18:51 +0000 |
|---|---|---|
| committer | kib <kib@FreeBSD.org> | 2012-09-05 13:18:51 +0000 |
| commit | dac91f5998c1d33695196e636176f5634af60f74 (patch) | |
| tree | 4e5e06d435f26a7ff60ca89f3247cc53bec9401b /sys/dev/random/nehemiah.c | |
| parent | 71dbd73468d207cc6328627d0f16d719bad326c8 (diff) | |
| download | FreeBSD-src-dac91f5998c1d33695196e636176f5634af60f74.zip FreeBSD-src-dac91f5998c1d33695196e636176f5634af60f74.tar.gz | |
Add support for new Intel on-CPU Bull Mountain random number
generator, found on IvyBridge and supposedly later CPUs, accessible
with RDRAND instruction.
From the Intel whitepapers and articles about Bull Mountain, it seems
that we do not need to perform post-processing of RDRAND results, like
AES-encryption of the data with random IV and keys, which was done for
Padlock. Intel claims that sanitization is performed in hardware.
Make both Padlock and Bull Mountain random generators support code
covered by kernel config options, for the benefit of people who prefer
minimal kernels. Also add the tunables to disable hardware generator
even if detected.
Reviewed by: markm, secteam (simon)
Tested by: bapt, Michael Moll <kvedulv@kvedulv.de>
MFC after: 3 weeks
Diffstat (limited to 'sys/dev/random/nehemiah.c')
| -rw-r--r-- | sys/dev/random/nehemiah.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/sys/dev/random/nehemiah.c b/sys/dev/random/nehemiah.c index b9f52e7..f3afa89 100644 --- a/sys/dev/random/nehemiah.c +++ b/sys/dev/random/nehemiah.c @@ -28,6 +28,10 @@ #include <sys/cdefs.h> __FBSDID("$FreeBSD$"); +#include "opt_cpu.h" + +#ifdef PADLOCK_RNG + #include <sys/param.h> #include <sys/time.h> #include <sys/lock.h> @@ -203,3 +207,5 @@ random_nehemiah_read(void *buf, int c) mtx_unlock(&random_nehemiah_mtx); return (c); } + +#endif |
