DPDK patches and discussions
 help / color / mirror / Atom feed
From: Stephen Hemminger <stephen@networkplumber.org>
To: "Mattias Rönnblom" <hofors@lysator.liu.se>
Cc: "Shunzhi Wen" <shunzhi.wen@arm.com>,
	"Thomas Monjalon" <thomas@monjalon.net>,
	"Mattias Rönnblom" <mattias.ronnblom@ericsson.com>,
	"Ruifeng Wang" <ruifeng.wang@arm.com>,
	"Bruce Richardson" <bruce.richardson@intel.com>,
	"Tyler Retzlaff" <roretzla@linux.microsoft.com>,
	"Min Zhou" <zhoumin@loongson.cn>,
	"David Christensen" <drc@linux.ibm.com>,
	"Stanislaw Kardach" <stanislaw.kardach@gmail.com>,
	"Konstantin Ananyev" <konstantin.v.ananyev@yandex.ru>,
	dev@dpdk.org, nd@arm.com,
	"Wathsala Vithanage" <wathsala.vithanage@arm.com>,
	"Jack Bond-Preston" <jack.bond-preston@arm.com>,
	"Dhruv Tripathi" <dhruv.tripathi@arm.com>
Subject: Re: [PATCH] eal: add support for TRNG with Arm RNG feature
Date: Wed, 24 Jul 2024 07:35:01 -0700	[thread overview]
Message-ID: <20240724073501.70d86435@hermes.local> (raw)
In-Reply-To: <536d1325-ee15-4630-9ae9-00cef9411d34@lysator.liu.se>

On Wed, 24 Jul 2024 08:40:39 +0200
Mattias Rönnblom <hofors@lysator.liu.se> wrote:

> On 2024-07-23 23:27, Shunzhi Wen wrote:> True Random Number Generator 
> (TRNG) is capable of
>  > generating random numbers from a physical entropy source.
>  > TRNG is enabled when compiled on Arm arch that supports
>  > FEAT_RNG introduced in Armv8.5-A flagged by __ARM_FEATURE_RNG.
>  >  
> 
> I'm missing a rationale here. Why is this useful?
> 
>  > Signed-off-by: Shunzhi Wen <shunzhi.wen@arm.com>
>  > Reviewed-by: Wathsala Vithanage <wathsala.vithanage@arm.com>
>  > Reviewed-by: Jack Bond-Preston <jack.bond-preston@arm.com>
>  > Reviewed-by: Dhruv Tripathi <dhruv.tripathi@arm.com>
>  > ---
>  >   .mailmap                                      |  2 ++
>  >   app/test/test_rand_perf.c                     | 25 +++++++++++++++++--
>  >   config/arm/meson.build                        |  2 +-
>  >   lib/eal/arm/include/rte_cpuflags_64.h         |  3 +++
>  >   lib/eal/arm/meson.build                       |  1 +
>  >   lib/eal/arm/rte_cpuflags.c                    |  1 +
>  >   lib/eal/arm/rte_random.c                      | 20 +++++++++++++++
>  >   .../{rte_random.c => eal_common_random.c}     |  0
>  >   lib/eal/common/meson.build                    |  2 +-
>  >   lib/eal/include/rte_random.h                  | 17 +++++++++++++
>  >   lib/eal/loongarch/meson.build                 |  1 +
>  >   lib/eal/loongarch/rte_random.c                | 14 +++++++++++
>  >   lib/eal/ppc/meson.build                       |  1 +
>  >   lib/eal/ppc/rte_random.c                      | 14 +++++++++++
>  >   lib/eal/riscv/meson.build                     |  1 +
>  >   lib/eal/riscv/rte_random.c                    | 14 +++++++++++
>  >   lib/eal/version.map                           |  1 +
>  >   lib/eal/x86/meson.build                       |  1 +
>  >   lib/eal/x86/rte_random.c                      | 14 +++++++++++
>  >   19 files changed, 130 insertions(+), 4 deletions(-)
>  >   create mode 100644 lib/eal/arm/rte_random.c
>  >   rename lib/eal/common/{rte_random.c => eal_common_random.c} (100%)
>  >   create mode 100644 lib/eal/loongarch/rte_random.c
>  >   create mode 100644 lib/eal/ppc/rte_random.c
>  >   create mode 100644 lib/eal/riscv/rte_random.c
>  >   create mode 100644 lib/eal/x86/rte_random.c
>  >
>  > diff --git a/.mailmap b/.mailmap
>  > index ac06962e82..23209edfd2 100644
>  > --- a/.mailmap
>  > +++ b/.mailmap
>  > @@ -338,6 +338,7 @@ Dexia Li <dexia.li@jaguarmicro.com>
>  >   Dexuan Cui <decui@microsoft.com>
>  >   Dharmik Thakkar <dharmikjayesh.thakkar@arm.com>   
> <dharmik.thakkar@arm.com>
>  >   Dheemanth Mallikarjun <dheemanthm@vmware.com>
>  > +Dhruv Tripathi <dhruv.tripathi@arm.com>
>  >   Diana Wang <na.wang@corigine.com>
>  >   Didier Pallard <didier.pallard@6wind.com>
>  >   Dilshod Urazov <dilshod.urazov@oktetlabs.ru>
>  > @@ -1353,6 +1354,7 @@ Shuki Katzenelson <shuki@lightbitslabs.com>
>  >   Shun Hao <shunh@nvidia.com>
>  >   Shu Shen <shu.shen@radisys.com>
>  >   Shujing Dong <shujing.dong@corigine.com>
>  > +Shunzhi Wen <shunzhi.wen@arm.com>
>  >   Shweta Choudaha <shweta.choudaha@att.com>
>  >   Shyam Kumar Shrivastav <shrivastav.shyam@gmail.com>
>  >   Shy Shyman <shys@nvidia.com> <shys@mellanox.com>
>  > diff --git a/app/test/test_rand_perf.c b/app/test/test_rand_perf.c
>  > index 30204e12c0..b61cc75014 100644
>  > --- a/app/test/test_rand_perf.c
>  > +++ b/app/test/test_rand_perf.c
>  > @@ -20,6 +20,7 @@ static volatile uint64_t vsum;
>  >
>  >   enum rand_type {
>  >   	rand_type_64,
>  > +	rand_type_true_rand_64,
>  >   	rand_type_float,
>  >   	rand_type_bounded_best_case,
>  >   	rand_type_bounded_worst_case
>  > @@ -31,6 +32,8 @@ rand_type_desc(enum rand_type rand_type)
>  >   	switch (rand_type) {
>  >   	case rand_type_64:
>  >   		return "Full 64-bit [rte_rand()]";
>  > +	case rand_type_true_rand_64:
>  > +		return "Full 64-bit True Random [rte_trand()]";
>  >   	case rand_type_float:
>  >   		return "Floating point [rte_drand()]";
>  >   	case rand_type_bounded_best_case:
>  > @@ -50,6 +53,9 @@ test_rand_perf_type(enum rand_type rand_type)
>  >   	uint64_t end;
>  >   	uint64_t sum = 0;
>  >   	uint64_t op_latency;
>  > +	int ret;
>  > +	uint64_t val;
>  > +	uint32_t fail_count = 0;
>  >
>  >   	start = rte_rdtsc();
>  >
>  > @@ -58,6 +64,13 @@ test_rand_perf_type(enum rand_type rand_type)
>  >   		case rand_type_64:
>  >   			sum += rte_rand();
>  >   			break;
>  > +		case rand_type_true_rand_64:
>  > +			ret = rte_trand(&val);
>  > +			if (ret == 0)
>  > +				sum += val;
>  > +			else
>  > +				fail_count++;
>  > +			break;
>  >   		case rand_type_float:
>  >   			sum += 1000. * rte_drand();
>  >   			break;
>  > @@ -77,8 +90,15 @@ test_rand_perf_type(enum rand_type rand_type)
>  >
>  >   	op_latency = (end - start) / ITERATIONS;
>  >
>  > -	printf("%s: %"PRId64" TSC cycles/op\n", rand_type_desc(rand_type),
>  > -	       op_latency);
>  > +	if (!fail_count)
>  > +		printf("%s: %"PRId64" TSC cycles/op\n",
>  > +		       rand_type_desc(rand_type),
>  > +		       op_latency);
>  > +	else
>  > +		printf("%s: %"PRId64" TSC cycles/op (failed %d time(s))\n",
>  > +		       rand_type_desc(rand_type),
>  > +		       op_latency,
>  > +			   fail_count);
>  >   }
>  >
>  >   static int
>  > @@ -89,6 +109,7 @@ test_rand_perf(void)
>  >   	printf("Pseudo-random number generation latencies:\n");
>  >
>  >   	test_rand_perf_type(rand_type_64);
>  > +	test_rand_perf_type(rand_type_true_rand_64);
>  >   	test_rand_perf_type(rand_type_float);
>  >   	test_rand_perf_type(rand_type_bounded_best_case);
>  >   	test_rand_perf_type(rand_type_bounded_worst_case);
>  > diff --git a/config/arm/meson.build b/config/arm/meson.build
>  > index 012935d5d7..13be94254e 100644
>  > --- a/config/arm/meson.build
>  > +++ b/config/arm/meson.build
>  > @@ -95,7 +95,7 @@ part_number_config_arm = {
>  >       },
>  >       '0xd49': {
>  >           'march': 'armv9-a',
>  > -        'march_features': ['sve2'],
>  > +        'march_features': ['sve2', 'rng'],
>  >           'fallback_march': 'armv8.5-a',
>  >           'mcpu': 'neoverse-n2',
>  >           'flags': [
>  > diff --git a/lib/eal/arm/include/rte_cpuflags_64.h   
> b/lib/eal/arm/include/rte_cpuflags_64.h
>  > index afe70209c3..6aa067339f 100644
>  > --- a/lib/eal/arm/include/rte_cpuflags_64.h
>  > +++ b/lib/eal/arm/include/rte_cpuflags_64.h
>  > @@ -36,6 +36,9 @@ enum rte_cpu_flag_t {
>  >   	RTE_CPUFLAG_SVEF64MM,
>  >   	RTE_CPUFLAG_SVEBF16,
>  >   	RTE_CPUFLAG_AARCH64,
>  > +
>  > +	/* RNDR, RNDRRS instructions */
>  > +	RTE_CPUFLAG_RNG,
>  >   };
>  >
>  >   #include "generic/rte_cpuflags.h"
>  > diff --git a/lib/eal/arm/meson.build b/lib/eal/arm/meson.build
>  > index 6fba3d6ba7..e9e468cbf0 100644
>  > --- a/lib/eal/arm/meson.build
>  > +++ b/lib/eal/arm/meson.build
>  > @@ -9,4 +9,5 @@ sources += files(
>  >           'rte_hypervisor.c',
>  >           'rte_mmu.c',
>  >           'rte_power_intrinsics.c',
>  > +        'rte_random.c',
>  >   )
>  > diff --git a/lib/eal/arm/rte_cpuflags.c b/lib/eal/arm/rte_cpuflags.c
>  > index 7ba4f8ba97..56074f0c6a 100644
>  > --- a/lib/eal/arm/rte_cpuflags.c
>  > +++ b/lib/eal/arm/rte_cpuflags.c
>  > @@ -116,6 +116,7 @@ const struct feature_entry   
> rte_cpu_feature_table[] = {
>  >   	FEAT_DEF(SVEF64MM,	REG_HWCAP2,   11)
>  >   	FEAT_DEF(SVEBF16,	REG_HWCAP2,   12)
>  >   	FEAT_DEF(AARCH64,	REG_PLATFORM,  0)
>  > +	FEAT_DEF(RNG,		REG_HWCAP2,   16)
>  >   };
>  >   #endif /* RTE_ARCH */
>  >
>  > diff --git a/lib/eal/arm/rte_random.c b/lib/eal/arm/rte_random.c
>  > new file mode 100644
>  > index 0000000000..74c8fa733b
>  > --- /dev/null
>  > +++ b/lib/eal/arm/rte_random.c
>  > @@ -0,0 +1,20 @@
>  > +/* SPDX-License-Identifier: BSD-3-Clause
>  > + * Copyright(c) 2024 Arm Limited
>  > + */
>  > +
>  > +#include "arm_acle.h"
>  > +#include "rte_common.h"
>  > +#include "rte_random.h"
>  > +#include <errno.h>
>  > +
>  > +int
>  > +rte_trand(uint64_t *val)
>  > +{
>  > +#if defined __ARM_FEATURE_RNG
>  > +	int ret = __rndr(val);
>  > +	return (ret == 0) ? 0 : -ENODATA;
>  > +#else
>  > +	RTE_SET_USED(val);
>  > +	return -ENOTSUP;
>  > +#endif
>  > +}
>  > diff --git a/lib/eal/common/rte_random.c   
> b/lib/eal/common/eal_common_random.c
>  > similarity index 100%
>  > rename from lib/eal/common/rte_random.c
>  > rename to lib/eal/common/eal_common_random.c
>  > diff --git a/lib/eal/common/meson.build b/lib/eal/common/meson.build
>  > index 22a626ba6f..c4405aa48b 100644
>  > --- a/lib/eal/common/meson.build
>  > +++ b/lib/eal/common/meson.build
>  > @@ -32,7 +32,6 @@ sources += files(
>  >           'malloc_elem.c',
>  >           'malloc_heap.c',
>  >           'rte_malloc.c',
>  > -        'rte_random.c',
>  >           'rte_reciprocal.c',
>  >           'rte_service.c',
>  >           'rte_version.c',
>  > @@ -48,6 +47,7 @@ if not is_windows
>  >               'eal_common_trace.c',
>  >               'eal_common_trace_ctf.c',
>  >               'eal_common_trace_utils.c',
>  > +            'eal_common_random.c',
>  >               'hotplug_mp.c',
>  >               'malloc_mp.c',
>  >               'rte_keepalive.c',
>  > diff --git a/lib/eal/include/rte_random.h b/lib/eal/include/rte_random.h
>  > index 5031c6fe5f..e6b5ac46ed 100644
>  > --- a/lib/eal/include/rte_random.h
>  > +++ b/lib/eal/include/rte_random.h
>  > @@ -15,6 +15,7 @@
>  >   extern "C" {
>  >   #endif
>  >
>  > +#include <rte_compat.h>
>  >   #include <stdint.h>
>  >
>  >   /**
>  > @@ -84,6 +85,22 @@ rte_rand_max(uint64_t upper_bound);
>  >    */
>  >   double rte_drand(void);
>  >
>  > +/**
>  > + * Get a true random value.
>  > + *
>  > + * The generator is cryptographically secure.  
> 
> If you want to extend <rte_random.h> with a cryptographically secure 
> random number generator, that's fine.
> 
> To have an API that's only available on certain ARM CPUs is not.
> 
> NAK
> 
> A new function should be called something with "secure", rather than 
> "true" (which is a bit silly, since we might well live in a completely 
> deterministic universe). "secure" would more clearly communicate the 
> intent, and also doesn't imply any particular implementation.

Agree, with Mattias. What constitutes a secure random number generator
is a matter of much debate. Most of the HW random generators are taking
diode (Schottky noise) and doing transforms on it to get something uniform.

If a key generation type API was added, why not just use existing and more
researched kernel get_random()?


  reply	other threads:[~2024-07-24 14:35 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-07-23 21:27 Shunzhi Wen
2024-07-24  6:40 ` Mattias Rönnblom
2024-07-24 14:35   ` Stephen Hemminger [this message]
2024-07-24 15:07     ` Mattias Rönnblom
2024-07-24 16:16       ` Stephen Hemminger
2024-07-24 19:14         ` Mattias Rönnblom
2024-07-24 20:02           ` Stephen Hemminger
2024-07-25  4:48             ` Mattias Rönnblom
2024-07-25 14:56               ` Stephen Hemminger
2024-07-26 18:34   ` Shunzhi Wen
2024-07-26 19:00     ` Stephen Hemminger
2024-07-26 20:12       ` Wathsala Wathawana Vithanage
2024-07-26 22:33     ` Mattias Rönnblom
2024-07-27 15:45       ` Wathsala Wathawana Vithanage
2024-07-27 15:54         ` Stephen Hemminger
2024-07-27 22:27           ` Wathsala Wathawana Vithanage
2024-07-27 23:55             ` Stephen Hemminger
2024-07-28  6:46               ` Mattias Rönnblom
2024-07-29  4:48               ` Wathsala Wathawana Vithanage
2024-07-27 17:07         ` Mattias Rönnblom
2024-07-27 22:45           ` Wathsala Wathawana Vithanage
2024-07-28  6:42             ` Mattias Rönnblom
2024-07-28 15:52               ` Stephen Hemminger
2024-07-29  4:34                 ` Wathsala Wathawana Vithanage
2024-07-29  6:34               ` Wathsala Wathawana Vithanage
2024-07-29  6:47                 ` Mattias Rönnblom
2024-07-29 18:16                   ` Wathsala Wathawana Vithanage
2024-07-29 18:31                     ` Stephen Hemminger
2024-07-29 19:11                     ` Mattias Rönnblom
2024-07-29 19:30                       ` Morten Brørup

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240724073501.70d86435@hermes.local \
    --to=stephen@networkplumber.org \
    --cc=bruce.richardson@intel.com \
    --cc=dev@dpdk.org \
    --cc=dhruv.tripathi@arm.com \
    --cc=drc@linux.ibm.com \
    --cc=hofors@lysator.liu.se \
    --cc=jack.bond-preston@arm.com \
    --cc=konstantin.v.ananyev@yandex.ru \
    --cc=mattias.ronnblom@ericsson.com \
    --cc=nd@arm.com \
    --cc=roretzla@linux.microsoft.com \
    --cc=ruifeng.wang@arm.com \
    --cc=shunzhi.wen@arm.com \
    --cc=stanislaw.kardach@gmail.com \
    --cc=thomas@monjalon.net \
    --cc=wathsala.vithanage@arm.com \
    --cc=zhoumin@loongson.cn \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).