Module Name: src
Committed By: riastradh
Date: Sun Jun 9 20:07:33 UTC 2024
Modified Files:
src/sys/arch/x86/x86: cpu_rng.c
Log Message:
x86/cpu_rng: Fix false alarm rate of CPU RNG health test.
Lower it from 1/2^32 (about one in four billion) to 1/2^256
(approximately not gonna happen squared).
PR port-amd64/58122
To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 src/sys/arch/x86/x86/cpu_rng.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/x86/x86/cpu_rng.c
diff -u src/sys/arch/x86/x86/cpu_rng.c:1.20 src/sys/arch/x86/x86/cpu_rng.c:1.21
--- src/sys/arch/x86/x86/cpu_rng.c:1.20 Thu Oct 7 12:52:27 2021
+++ src/sys/arch/x86/x86/cpu_rng.c Sun Jun 9 20:07:33 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: cpu_rng.c,v 1.20 2021/10/07 12:52:27 msaitoh Exp $ */
+/* $NetBSD: cpu_rng.c,v 1.21 2024/06/09 20:07:33 riastradh Exp $ */
/*-
* Copyright (c) 2015 The NetBSD Foundation, Inc.
@@ -260,8 +260,12 @@ cpu_rng(enum cpu_rng_mode mode, uint64_t
static void
cpu_rng_get(size_t nbytes, void *cookie)
{
-#define N howmany(256, 64)
- uint64_t buf[2*N];
+ enum {
+ NBITS = 256,
+ NBYTES = howmany(NBITS, 8),
+ NWORDS = howmany(NBITS, 64),
+ };
+ uint64_t buf[2*NWORDS];
unsigned i, nbits = 0;
while (nbytes) {
@@ -273,7 +277,7 @@ cpu_rng_get(size_t nbytes, void *cookie)
*/
for (i = 0; i < __arraycount(buf); i++)
nbits += cpu_rng(cpu_rng_mode, &buf[i]);
- if (consttime_memequal(buf, buf + N, N)) {
+ if (consttime_memequal(buf, buf + NWORDS, NBYTES)) {
printf("cpu_rng %s: failed repetition test\n",
cpu_rng_name[cpu_rng_mode]);
nbits = 0;
@@ -281,7 +285,6 @@ cpu_rng_get(size_t nbytes, void *cookie)
rnd_add_data_sync(&cpu_rng_source, buf, sizeof buf, nbits);
nbytes -= MIN(MIN(nbytes, sizeof buf), MAX(1, 8*nbits));
}
-#undef N
}
void
