Re: regarding the changes to kernel entropy gathering

[Taylor R Campbell <riastradh%NetBSD.org@localhost>]

> Date: Sun, 4 Apr 2021 11:14:31 -0700
> From: John Nemeth <jnemeth%cue.bc.ca@localhost>
> 
>      I understand the need for good random sources, and won't argue
> it.  My question is, how can we tell what random sources a system
> actually has, i.e. is there some flag that cpuctl identify shows
> when a system has RDRAND/RDSEED?

# cpuctl identify 0 | grep -e RDRAND -e RDSEED
cpu0: features1 0x7fbae3bf<DEADLINE,AES,XSAVE,OSXSAVE,AVX,F16C,RDRAND>

>                                   Are there other sources that can
> be positively identified as providing randomness?

`rndctl -l' will tell you whether any sources you have on your system
have provided any entropy.  The system generally tries to read from
HWRNGs as soon as possible at boot, so unless something is wrong you
will see such sources listed next to nonzero bits of entropy in
`rndctl -l' as soon as you can run that.

You can grep the code for rnd_add_data and rnd_add_data_sync to find
the drivers that pass nonzero values as the last argument, which is
the number of bits of entropy in the process that generated the sample
being fed in.

Lots of SoCs have on-board RNGs these days; there are Intel and ARM
CPU instructions (no ARMv8.5 hardware yet that I know of, but we're
ready for its RNG!); some crypto decelerators like tpm(4), ubsec(4),
and hifn(4) have RNGs; and there are some dedicated RNG devices like
ualea(4).