From: Stephen Hemminger <stephen@networkplumber.org>
To: "Mattias Rönnblom" <hofors@lysator.liu.se>
Cc: "Shunzhi Wen" <shunzhi.wen@arm.com>,
"Thomas Monjalon" <thomas@monjalon.net>,
"Mattias Rönnblom" <mattias.ronnblom@ericsson.com>,
"Ruifeng Wang" <ruifeng.wang@arm.com>,
"Bruce Richardson" <bruce.richardson@intel.com>,
"Tyler Retzlaff" <roretzla@linux.microsoft.com>,
"Min Zhou" <zhoumin@loongson.cn>,
"David Christensen" <drc@linux.ibm.com>,
"Stanislaw Kardach" <stanislaw.kardach@gmail.com>,
"Konstantin Ananyev" <konstantin.v.ananyev@yandex.ru>,
dev@dpdk.org, nd@arm.com,
"Wathsala Vithanage" <wathsala.vithanage@arm.com>,
"Jack Bond-Preston" <jack.bond-preston@arm.com>,
"Dhruv Tripathi" <dhruv.tripathi@arm.com>
Subject: Re: [PATCH] eal: add support for TRNG with Arm RNG feature
Date: Wed, 24 Jul 2024 09:16:20 -0700 [thread overview]
Message-ID: <20240724091620.11ce8c38@hermes.local> (raw)
In-Reply-To: <18c67157-8753-4a95-9ab5-f4f1d4a32010@lysator.liu.se>
On Wed, 24 Jul 2024 17:07:49 +0200
Mattias Rönnblom <hofors@lysator.liu.se> wrote:
> On 2024-07-24 16:35, Stephen Hemminger wrote:
> > On Wed, 24 Jul 2024 08:40:39 +0200
> > Mattias Rönnblom <hofors@lysator.liu.se> wrote:
> >
> >> On 2024-07-23 23:27, Shunzhi Wen wrote:> True Random Number Generator
> >> (TRNG) is capable of
> >> > generating random numbers from a physical entropy source.
> >> > TRNG is enabled when compiled on Arm arch that supports
> >> > FEAT_RNG introduced in Armv8.5-A flagged by __ARM_FEATURE_RNG.
> >> >
> >>
> >> I'm missing a rationale here. Why is this useful?
> >>
> >> > Signed-off-by: Shunzhi Wen <shunzhi.wen@arm.com>
> >> > Reviewed-by: Wathsala Vithanage <wathsala.vithanage@arm.com>
> >> > Reviewed-by: Jack Bond-Preston <jack.bond-preston@arm.com>
> >> > Reviewed-by: Dhruv Tripathi <dhruv.tripathi@arm.com>
> >> > ---
> >> > .mailmap | 2 ++
> >> > app/test/test_rand_perf.c | 25 +++++++++++++++++--
> >> > config/arm/meson.build | 2 +-
> >> > lib/eal/arm/include/rte_cpuflags_64.h | 3 +++
> >> > lib/eal/arm/meson.build | 1 +
> >> > lib/eal/arm/rte_cpuflags.c | 1 +
> >> > lib/eal/arm/rte_random.c | 20 +++++++++++++++
> >> > .../{rte_random.c => eal_common_random.c} | 0
> >> > lib/eal/common/meson.build | 2 +-
> >> > lib/eal/include/rte_random.h | 17 +++++++++++++
> >> > lib/eal/loongarch/meson.build | 1 +
> >> > lib/eal/loongarch/rte_random.c | 14 +++++++++++
> >> > lib/eal/ppc/meson.build | 1 +
> >> > lib/eal/ppc/rte_random.c | 14 +++++++++++
> >> > lib/eal/riscv/meson.build | 1 +
> >> > lib/eal/riscv/rte_random.c | 14 +++++++++++
> >> > lib/eal/version.map | 1 +
> >> > lib/eal/x86/meson.build | 1 +
> >> > lib/eal/x86/rte_random.c | 14 +++++++++++
> >> > 19 files changed, 130 insertions(+), 4 deletions(-)
> >> > create mode 100644 lib/eal/arm/rte_random.c
> >> > rename lib/eal/common/{rte_random.c => eal_common_random.c} (100%)
> >> > create mode 100644 lib/eal/loongarch/rte_random.c
> >> > create mode 100644 lib/eal/ppc/rte_random.c
> >> > create mode 100644 lib/eal/riscv/rte_random.c
> >> > create mode 100644 lib/eal/x86/rte_random.c
> >> >
> >> > diff --git a/.mailmap b/.mailmap
> >> > index ac06962e82..23209edfd2 100644
> >> > --- a/.mailmap
> >> > +++ b/.mailmap
> >> > @@ -338,6 +338,7 @@ Dexia Li <dexia.li@jaguarmicro.com>
> >> > Dexuan Cui <decui@microsoft.com>
> >> > Dharmik Thakkar <dharmikjayesh.thakkar@arm.com>
> >> <dharmik.thakkar@arm.com>
> >> > Dheemanth Mallikarjun <dheemanthm@vmware.com>
> >> > +Dhruv Tripathi <dhruv.tripathi@arm.com>
> >> > Diana Wang <na.wang@corigine.com>
> >> > Didier Pallard <didier.pallard@6wind.com>
> >> > Dilshod Urazov <dilshod.urazov@oktetlabs.ru>
> >> > @@ -1353,6 +1354,7 @@ Shuki Katzenelson <shuki@lightbitslabs.com>
> >> > Shun Hao <shunh@nvidia.com>
> >> > Shu Shen <shu.shen@radisys.com>
> >> > Shujing Dong <shujing.dong@corigine.com>
> >> > +Shunzhi Wen <shunzhi.wen@arm.com>
> >> > Shweta Choudaha <shweta.choudaha@att.com>
> >> > Shyam Kumar Shrivastav <shrivastav.shyam@gmail.com>
> >> > Shy Shyman <shys@nvidia.com> <shys@mellanox.com>
> >> > diff --git a/app/test/test_rand_perf.c b/app/test/test_rand_perf.c
> >> > index 30204e12c0..b61cc75014 100644
> >> > --- a/app/test/test_rand_perf.c
> >> > +++ b/app/test/test_rand_perf.c
> >> > @@ -20,6 +20,7 @@ static volatile uint64_t vsum;
> >> >
> >> > enum rand_type {
> >> > rand_type_64,
> >> > + rand_type_true_rand_64,
> >> > rand_type_float,
> >> > rand_type_bounded_best_case,
> >> > rand_type_bounded_worst_case
> >> > @@ -31,6 +32,8 @@ rand_type_desc(enum rand_type rand_type)
> >> > switch (rand_type) {
> >> > case rand_type_64:
> >> > return "Full 64-bit [rte_rand()]";
> >> > + case rand_type_true_rand_64:
> >> > + return "Full 64-bit True Random [rte_trand()]";
> >> > case rand_type_float:
> >> > return "Floating point [rte_drand()]";
> >> > case rand_type_bounded_best_case:
> >> > @@ -50,6 +53,9 @@ test_rand_perf_type(enum rand_type rand_type)
> >> > uint64_t end;
> >> > uint64_t sum = 0;
> >> > uint64_t op_latency;
> >> > + int ret;
> >> > + uint64_t val;
> >> > + uint32_t fail_count = 0;
> >> >
> >> > start = rte_rdtsc();
> >> >
> >> > @@ -58,6 +64,13 @@ test_rand_perf_type(enum rand_type rand_type)
> >> > case rand_type_64:
> >> > sum += rte_rand();
> >> > break;
> >> > + case rand_type_true_rand_64:
> >> > + ret = rte_trand(&val);
> >> > + if (ret == 0)
> >> > + sum += val;
> >> > + else
> >> > + fail_count++;
> >> > + break;
> >> > case rand_type_float:
> >> > sum += 1000. * rte_drand();
> >> > break;
> >> > @@ -77,8 +90,15 @@ test_rand_perf_type(enum rand_type rand_type)
> >> >
> >> > op_latency = (end - start) / ITERATIONS;
> >> >
> >> > - printf("%s: %"PRId64" TSC cycles/op\n", rand_type_desc(rand_type),
> >> > - op_latency);
> >> > + if (!fail_count)
> >> > + printf("%s: %"PRId64" TSC cycles/op\n",
> >> > + rand_type_desc(rand_type),
> >> > + op_latency);
> >> > + else
> >> > + printf("%s: %"PRId64" TSC cycles/op (failed %d time(s))\n",
> >> > + rand_type_desc(rand_type),
> >> > + op_latency,
> >> > + fail_count);
> >> > }
> >> >
> >> > static int
> >> > @@ -89,6 +109,7 @@ test_rand_perf(void)
> >> > printf("Pseudo-random number generation latencies:\n");
> >> >
> >> > test_rand_perf_type(rand_type_64);
> >> > + test_rand_perf_type(rand_type_true_rand_64);
> >> > test_rand_perf_type(rand_type_float);
> >> > test_rand_perf_type(rand_type_bounded_best_case);
> >> > test_rand_perf_type(rand_type_bounded_worst_case);
> >> > diff --git a/config/arm/meson.build b/config/arm/meson.build
> >> > index 012935d5d7..13be94254e 100644
> >> > --- a/config/arm/meson.build
> >> > +++ b/config/arm/meson.build
> >> > @@ -95,7 +95,7 @@ part_number_config_arm = {
> >> > },
> >> > '0xd49': {
> >> > 'march': 'armv9-a',
> >> > - 'march_features': ['sve2'],
> >> > + 'march_features': ['sve2', 'rng'],
> >> > 'fallback_march': 'armv8.5-a',
> >> > 'mcpu': 'neoverse-n2',
> >> > 'flags': [
> >> > diff --git a/lib/eal/arm/include/rte_cpuflags_64.h
> >> b/lib/eal/arm/include/rte_cpuflags_64.h
> >> > index afe70209c3..6aa067339f 100644
> >> > --- a/lib/eal/arm/include/rte_cpuflags_64.h
> >> > +++ b/lib/eal/arm/include/rte_cpuflags_64.h
> >> > @@ -36,6 +36,9 @@ enum rte_cpu_flag_t {
> >> > RTE_CPUFLAG_SVEF64MM,
> >> > RTE_CPUFLAG_SVEBF16,
> >> > RTE_CPUFLAG_AARCH64,
> >> > +
> >> > + /* RNDR, RNDRRS instructions */
> >> > + RTE_CPUFLAG_RNG,
> >> > };
> >> >
> >> > #include "generic/rte_cpuflags.h"
> >> > diff --git a/lib/eal/arm/meson.build b/lib/eal/arm/meson.build
> >> > index 6fba3d6ba7..e9e468cbf0 100644
> >> > --- a/lib/eal/arm/meson.build
> >> > +++ b/lib/eal/arm/meson.build
> >> > @@ -9,4 +9,5 @@ sources += files(
> >> > 'rte_hypervisor.c',
> >> > 'rte_mmu.c',
> >> > 'rte_power_intrinsics.c',
> >> > + 'rte_random.c',
> >> > )
> >> > diff --git a/lib/eal/arm/rte_cpuflags.c b/lib/eal/arm/rte_cpuflags.c
> >> > index 7ba4f8ba97..56074f0c6a 100644
> >> > --- a/lib/eal/arm/rte_cpuflags.c
> >> > +++ b/lib/eal/arm/rte_cpuflags.c
> >> > @@ -116,6 +116,7 @@ const struct feature_entry
> >> rte_cpu_feature_table[] = {
> >> > FEAT_DEF(SVEF64MM, REG_HWCAP2, 11)
> >> > FEAT_DEF(SVEBF16, REG_HWCAP2, 12)
> >> > FEAT_DEF(AARCH64, REG_PLATFORM, 0)
> >> > + FEAT_DEF(RNG, REG_HWCAP2, 16)
> >> > };
> >> > #endif /* RTE_ARCH */
> >> >
> >> > diff --git a/lib/eal/arm/rte_random.c b/lib/eal/arm/rte_random.c
> >> > new file mode 100644
> >> > index 0000000000..74c8fa733b
> >> > --- /dev/null
> >> > +++ b/lib/eal/arm/rte_random.c
> >> > @@ -0,0 +1,20 @@
> >> > +/* SPDX-License-Identifier: BSD-3-Clause
> >> > + * Copyright(c) 2024 Arm Limited
> >> > + */
> >> > +
> >> > +#include "arm_acle.h"
> >> > +#include "rte_common.h"
> >> > +#include "rte_random.h"
> >> > +#include <errno.h>
> >> > +
> >> > +int
> >> > +rte_trand(uint64_t *val)
> >> > +{
> >> > +#if defined __ARM_FEATURE_RNG
> >> > + int ret = __rndr(val);
> >> > + return (ret == 0) ? 0 : -ENODATA;
> >> > +#else
> >> > + RTE_SET_USED(val);
> >> > + return -ENOTSUP;
> >> > +#endif
> >> > +}
> >> > diff --git a/lib/eal/common/rte_random.c
> >> b/lib/eal/common/eal_common_random.c
> >> > similarity index 100%
> >> > rename from lib/eal/common/rte_random.c
> >> > rename to lib/eal/common/eal_common_random.c
> >> > diff --git a/lib/eal/common/meson.build b/lib/eal/common/meson.build
> >> > index 22a626ba6f..c4405aa48b 100644
> >> > --- a/lib/eal/common/meson.build
> >> > +++ b/lib/eal/common/meson.build
> >> > @@ -32,7 +32,6 @@ sources += files(
> >> > 'malloc_elem.c',
> >> > 'malloc_heap.c',
> >> > 'rte_malloc.c',
> >> > - 'rte_random.c',
> >> > 'rte_reciprocal.c',
> >> > 'rte_service.c',
> >> > 'rte_version.c',
> >> > @@ -48,6 +47,7 @@ if not is_windows
> >> > 'eal_common_trace.c',
> >> > 'eal_common_trace_ctf.c',
> >> > 'eal_common_trace_utils.c',
> >> > + 'eal_common_random.c',
> >> > 'hotplug_mp.c',
> >> > 'malloc_mp.c',
> >> > 'rte_keepalive.c',
> >> > diff --git a/lib/eal/include/rte_random.h b/lib/eal/include/rte_random.h
> >> > index 5031c6fe5f..e6b5ac46ed 100644
> >> > --- a/lib/eal/include/rte_random.h
> >> > +++ b/lib/eal/include/rte_random.h
> >> > @@ -15,6 +15,7 @@
> >> > extern "C" {
> >> > #endif
> >> >
> >> > +#include <rte_compat.h>
> >> > #include <stdint.h>
> >> >
> >> > /**
> >> > @@ -84,6 +85,22 @@ rte_rand_max(uint64_t upper_bound);
> >> > */
> >> > double rte_drand(void);
> >> >
> >> > +/**
> >> > + * Get a true random value.
> >> > + *
> >> > + * The generator is cryptographically secure.
> >>
> >> If you want to extend <rte_random.h> with a cryptographically secure
> >> random number generator, that's fine.
> >>
> >> To have an API that's only available on certain ARM CPUs is not.
> >>
> >> NAK
> >>
> >> A new function should be called something with "secure", rather than
> >> "true" (which is a bit silly, since we might well live in a completely
> >> deterministic universe). "secure" would more clearly communicate the
> >> intent, and also doesn't imply any particular implementation.
> >
> > Agree, with Mattias. What constitutes a secure random number generator
> > is a matter of much debate. Most of the HW random generators are taking
> > diode (Schottky noise) and doing transforms on it to get something uniform.
> >
> > If a key generation type API was added, why not just use existing and more
> > researched kernel get_random()?
> >
>
> Ideally, you want to avoid system calls on lcore workers doing packet
> processing. If you have to do system calls (which I believe is the case
> here), it's better to a simple call, not so often.
>
> getentropy() seems to need about 800 core clock cycles on my x86_64, on
> average. (rte_rand() needs ~11 cc/call.) 800 cc is not too horrible, but
> system calls tend to have some pretty bad tail latencies.
>
> To improve efficiency, one could do a getentropy() on a relatively large
> buffer, and cache the result on a per-lcore basis, amortizing the system
> call overhead over many calls.
>
> You still have the tail latency issue to deal with. We could have a
> control thread providing entropy for the lcores, but that seems like
> massive overkill.
Getrandom is a vsyscall on current kernels, and it manages use of entropy across
multiple sources. If you are doing lots of key generation, you don't want to
hit the hardware every time.
https://lwn.net/Articles/974468/
next prev parent reply other threads:[~2024-07-24 16:16 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-23 21:27 Shunzhi Wen
2024-07-24 6:40 ` Mattias Rönnblom
2024-07-24 14:35 ` Stephen Hemminger
2024-07-24 15:07 ` Mattias Rönnblom
2024-07-24 16:16 ` Stephen Hemminger [this message]
2024-07-24 19:14 ` Mattias Rönnblom
2024-07-24 20:02 ` Stephen Hemminger
2024-07-25 4:48 ` Mattias Rönnblom
2024-07-25 14:56 ` Stephen Hemminger
2024-07-26 18:34 ` Shunzhi Wen
2024-07-26 19:00 ` Stephen Hemminger
2024-07-26 20:12 ` Wathsala Wathawana Vithanage
2024-07-26 22:33 ` Mattias Rönnblom
2024-07-27 15:45 ` Wathsala Wathawana Vithanage
2024-07-27 15:54 ` Stephen Hemminger
2024-07-27 22:27 ` Wathsala Wathawana Vithanage
2024-07-27 23:55 ` Stephen Hemminger
2024-07-28 6:46 ` Mattias Rönnblom
2024-07-29 4:48 ` Wathsala Wathawana Vithanage
2024-07-27 17:07 ` Mattias Rönnblom
2024-07-27 22:45 ` Wathsala Wathawana Vithanage
2024-07-28 6:42 ` Mattias Rönnblom
2024-07-28 15:52 ` Stephen Hemminger
2024-07-29 4:34 ` Wathsala Wathawana Vithanage
2024-07-29 6:34 ` Wathsala Wathawana Vithanage
2024-07-29 6:47 ` Mattias Rönnblom
2024-07-29 18:16 ` Wathsala Wathawana Vithanage
2024-07-29 18:31 ` Stephen Hemminger
2024-07-29 19:11 ` Mattias Rönnblom
2024-07-29 19:30 ` Morten Brørup
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240724091620.11ce8c38@hermes.local \
--to=stephen@networkplumber.org \
--cc=bruce.richardson@intel.com \
--cc=dev@dpdk.org \
--cc=dhruv.tripathi@arm.com \
--cc=drc@linux.ibm.com \
--cc=hofors@lysator.liu.se \
--cc=jack.bond-preston@arm.com \
--cc=konstantin.v.ananyev@yandex.ru \
--cc=mattias.ronnblom@ericsson.com \
--cc=nd@arm.com \
--cc=roretzla@linux.microsoft.com \
--cc=ruifeng.wang@arm.com \
--cc=shunzhi.wen@arm.com \
--cc=stanislaw.kardach@gmail.com \
--cc=thomas@monjalon.net \
--cc=wathsala.vithanage@arm.com \
--cc=zhoumin@loongson.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).