diff options
| author | Michael Brown | 2012-02-19 23:24:42 +0100 |
|---|---|---|
| committer | Michael Brown | 2012-02-28 12:18:48 +0100 |
| commit | 05719804b9e06eabf152ccf59059fc39fd1cc08c (patch) | |
| tree | c56e56107ef10f59c53a069fb8bd17eeb54903bd /src/arch/i386/include | |
| parent | [rng] Add entropy sample generator (diff) | |
| download | ipxe-05719804b9e06eabf152ccf59059fc39fd1cc08c.tar.gz ipxe-05719804b9e06eabf152ccf59059fc39fd1cc08c.tar.xz ipxe-05719804b9e06eabf152ccf59059fc39fd1cc08c.zip | |
[rng] Add RTC-based entropy source
The RTC-based entropy source uses the nanosecond-scale CPU TSC to
measure the time between two 1kHz interrupts generated by the CMOS
RTC. In a physical machine these clocks are driven from independent
crystals, resulting in some observable clock drift. In a virtual
machine, the CMOS RTC is typically emulated using host-OS
constructions such as SIGALRM.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/arch/i386/include')
| -rw-r--r-- | src/arch/i386/include/bits/entropy.h | 2 | ||||
| -rw-r--r-- | src/arch/i386/include/ipxe/rtc_entropy.h | 62 |
2 files changed, 64 insertions, 0 deletions
diff --git a/src/arch/i386/include/bits/entropy.h b/src/arch/i386/include/bits/entropy.h index db8ba18e0..6dcceec6d 100644 --- a/src/arch/i386/include/bits/entropy.h +++ b/src/arch/i386/include/bits/entropy.h @@ -9,4 +9,6 @@ FILE_LICENCE ( GPL2_OR_LATER ); +#include <ipxe/rtc_entropy.h> + #endif /* _BITS_ENTROPY_H */ diff --git a/src/arch/i386/include/ipxe/rtc_entropy.h b/src/arch/i386/include/ipxe/rtc_entropy.h new file mode 100644 index 000000000..6c3cf2104 --- /dev/null +++ b/src/arch/i386/include/ipxe/rtc_entropy.h @@ -0,0 +1,62 @@ +#ifndef _IPXE_RTC_ENTROPY_H +#define _IPXE_RTC_ENTROPY_H + +/** @file + * + * RTC-based entropy source + * + */ + +FILE_LICENCE ( GPL2_OR_LATER ); + +#include <stdint.h> + +#ifdef ENTROPY_RTC +#define ENTROPY_PREFIX_rtc +#else +#define ENTROPY_PREFIX_rtc __rtc_ +#endif + +/** + * min-entropy per sample + * + * @ret min_entropy min-entropy of each sample + */ +static inline __always_inline double +ENTROPY_INLINE ( rtc, min_entropy_per_sample ) ( void ) { + + /* The min-entropy has been measured on several platforms + * using the entropy_sample test code. Modelling the samples + * as independent, and using a confidence level of 99.99%, the + * measurements were as follows: + * + * qemu-kvm : 7.38 bits + * VMware : 7.46 bits + * Physical hardware : 2.67 bits + * + * We choose the lowest of these (2.67 bits) and apply a 50% + * safety margin to allow for some potential non-independence + * of samples. + */ + return 1.3; +} + +extern uint8_t rtc_sample ( void ); + +/** + * Get noise sample + * + * @ret noise Noise sample + * @ret rc Return status code + */ +static inline __always_inline int +ENTROPY_INLINE ( rtc, get_noise ) ( noise_sample_t *noise ) { + + /* Get sample */ + *noise = rtc_sample(); + + /* Always successful */ + return 0; +} + +#endif /* _IPXE_RTC_ENTROPY_H */ |