[src-draft/trunk]: src/sys/arch/aarch64/aarch64 Add support for the ARMv8.5-R...

[Taylor R Campbell <riastradh%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src-all/rev/44fc0e080b32
branches:  trunk
changeset: 932523:44fc0e080b32
user:      Taylor R Campbell <riastradh%NetBSD.org@localhost>
date:      Sun May 10 20:21:53 2020 +0000

description:
Add support for the ARMv8.5-RNG CPU random number generator.

We use the RNDRRS system register.  I made the following two
wild-arse guesses about the architecture of real implementations,
which might not exist yet:

1. There's only one physical source per CPU package, so not worth
   attaching one per core.

2. Like other CPU RNGs -- RDSEED, VIA C3 -- this probably gives about
   half a bit of entropy per bit of data.

Tested in qemu as well as I can, using `-cpu max' (which doesn't get
to userland for unrelated reasons).

diffstat:

 sys/arch/aarch64/aarch64/cpu.c |  55 ++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 55 insertions(+), 0 deletions(-)

diffs (86 lines):

diff -r 3f36d295f032 -r 44fc0e080b32 sys/arch/aarch64/aarch64/cpu.c
--- a/sys/arch/aarch64/aarch64/cpu.c    Sun May 10 20:15:30 2020 +0000
+++ b/sys/arch/aarch64/aarch64/cpu.c    Sun May 10 20:21:53 2020 +0000
@@ -40,6 +40,7 @@
 #include <sys/device.h>
 #include <sys/kmem.h>
 #include <sys/reboot.h>
+#include <sys/rndsource.h>
 #include <sys/sysctl.h>
 #include <sys/systm.h>
 
@@ -68,6 +69,7 @@
 static void cpu_init_counter(struct cpu_info *);
 static void cpu_setup_id(struct cpu_info *);
 static void cpu_setup_sysctl(device_t, struct cpu_info *);
+static void cpu_setup_rng(device_t, struct cpu_info *);
 
 #ifdef MULTIPROCESSOR
 #define NCPUINFO       MAXCPUS
@@ -153,6 +155,7 @@
        cpu_init_counter(ci);
 
        cpu_setup_sysctl(dv, ci);
+       cpu_setup_rng(dv, ci);
 }
 
 struct cpuidtab {
@@ -502,6 +505,58 @@
                       CTL_CREATE, CTL_EOL);
 }
 
+static struct krndsource rndrrs_source;
+
+static void
+rndrrs_get(size_t nbytes, void *cookie)
+{
+       /* Entropy bits per data byte, wild-arse guess.  */
+       const unsigned bpb = 4;
+       uint64_t x;
+       int ok;
+
+       while (nbytes) {
+               /*
+                * x := random 64-bit sample
+                * ok := true if Z bit is clear, meaning sample is good
+                */
+               __asm __volatile(".arch armv8.5-a+rng\n"
+                   "mrs        %0, rndrrs\n"
+                   "cset       %1, ne"
+                   : "=r"(x), "=r"(ok));
+               if (!ok)
+                       break;
+               rnd_add_data(&rndrrs_source, &x, sizeof x, bpb*sizeof x);
+               nbytes -= howmany(bpb*sizeof x, NBBY);
+       }
+}
+
+/*
+ * setup the RNDRRS entropy source
+ */
+static void
+cpu_setup_rng(device_t dv, struct cpu_info *ci)
+{
+       struct aarch64_sysctl_cpu_id *id = &ci->ci_id;
+
+       /* Probably shared between cores.  */
+       if (!CPU_IS_PRIMARY(ci))
+               return;
+
+       /* Verify that it is supported.  */
+       switch (__SHIFTOUT(id->ac_aa64isar0, ID_AA64ISAR0_EL1_RNDR)) {
+       case ID_AA64ISAR0_EL1_RNDR_RNDRRS:
+               break;
+       default:
+               return;
+       }
+
+       /* Attach it.  */
+       rndsource_setcb(&rndrrs_source, rndrrs_get, NULL);
+       rnd_attach_source(&rndrrs_source, "rndrrs", RND_TYPE_RNG,
+           RND_FLAG_DEFAULT|RND_FLAG_HASCB);
+}
+
 #ifdef MULTIPROCESSOR
 void
 cpu_hatch(struct cpu_info *ci)