From: "Mattias Rönnblom" <hofors@lysator.liu.se>
To: "Shunzhi Wen" <Shunzhi.Wen@arm.com>,
"thomas@monjalon.net" <thomas@monjalon.net>,
"Mattias Rönnblom" <mattias.ronnblom@ericsson.com>,
"Ruifeng Wang" <Ruifeng.Wang@arm.com>,
"Bruce Richardson" <bruce.richardson@intel.com>,
"Tyler Retzlaff" <roretzla@linux.microsoft.com>,
"Min Zhou" <zhoumin@loongson.cn>,
"David Christensen" <drc@linux.ibm.com>,
"Stanislaw Kardach" <stanislaw.kardach@gmail.com>,
"Konstantin Ananyev" <konstantin.v.ananyev@yandex.ru>
Cc: "dev@dpdk.org" <dev@dpdk.org>, nd <nd@arm.com>,
Wathsala Wathawana Vithanage <wathsala.vithanage@arm.com>,
Jack Bond-Preston <Jack.Bond-Preston@arm.com>,
Dhruv Tripathi <Dhruv.Tripathi@arm.com>
Subject: Re: [PATCH] eal: add support for TRNG with Arm RNG feature
Date: Sat, 27 Jul 2024 00:33:08 +0200 [thread overview]
Message-ID: <2d28f42f-480b-4070-8ba2-1353a742b46d@lysator.liu.se> (raw)
In-Reply-To: <DB5PR08MB10139059B83D4B29A9F380AAFE2B42@DB5PR08MB10139.eurprd08.prod.outlook.com>
On 2024-07-26 20:34, Shunzhi Wen wrote:
>> I'm missing a rationale here. Why is this useful?
>>
> This creates an API for HW that supports cryptographically secure random number generation.
>
>> If you want to extend <rte_random.h> with a cryptographically secure
>> random number generator, that's fine.
>>
>> To have an API that's only available on certain ARM CPUs is not.
>>
>> NAK
>>
> The primary goal of this patch is to provide a direct interface to HW,
> instead of letting kernel handle it. This is not an API just for Arm
> CPUs, as other vendors also have similar HW features. For instance,
> Intel and AMD has support for x86 RDRAND and RDSEED instructions, thus
> can easily implement this API.
>
No DPDK library (or PMD) currently needs this functionality, and no
application, to my knowledge, has asked for this. If an app or a DPDK
library would require cryptographically secure random numbers, it would
most likely require it on all CPU/OS platforms (and with all DPDK -march
flags).
RDRAND is only available on certain x86_64 CPUs, and is incredibly slow
- slower than getting entropy via the kernel, even with non-vDSO syscalls.
Agner Fog lists the RDRAND latency as ~3700 cc for Zen 2. Later
generations of both AMD and Intel CPUs have much shorter latencies, but
a reciprocal throughput so low that one have to wait thousands of clock
cycles before issuing another RDRAND, or risk stalling the core.
My Raptor Lake seems to require ~1000 cc retire RDRAND, which is ~11x
slower than getting entropy (in bulk) via getentropy().
What is the latency for the ARM equivalent? Does it also have a
reciprocal throughput issue?
>> A new function should be called something with "secure", rather than "true"
>> (which is a bit silly, since we might well live in a completely deterministic
>> universe). "secure" would more clearly communicate the intent, and also
>> doesn't imply any particular implementation.
>>
> Regarding the terminology, “cryptographically secure random number”
> is a more accurate and meaningful term than “true random number.”
> This change will be made in the description, and the function name will
> be replaced with rte_csrand.
>
> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
next prev parent reply other threads:[~2024-07-26 22:33 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-23 21:27 Shunzhi Wen
2024-07-24 6:40 ` Mattias Rönnblom
2024-07-24 14:35 ` Stephen Hemminger
2024-07-24 15:07 ` Mattias Rönnblom
2024-07-24 16:16 ` Stephen Hemminger
2024-07-24 19:14 ` Mattias Rönnblom
2024-07-24 20:02 ` Stephen Hemminger
2024-07-25 4:48 ` Mattias Rönnblom
2024-07-25 14:56 ` Stephen Hemminger
2024-07-26 18:34 ` Shunzhi Wen
2024-07-26 19:00 ` Stephen Hemminger
2024-07-26 20:12 ` Wathsala Wathawana Vithanage
2024-07-26 22:33 ` Mattias Rönnblom [this message]
2024-07-27 15:45 ` Wathsala Wathawana Vithanage
2024-07-27 15:54 ` Stephen Hemminger
2024-07-27 22:27 ` Wathsala Wathawana Vithanage
2024-07-27 23:55 ` Stephen Hemminger
2024-07-28 6:46 ` Mattias Rönnblom
2024-07-29 4:48 ` Wathsala Wathawana Vithanage
2024-07-27 17:07 ` Mattias Rönnblom
2024-07-27 22:45 ` Wathsala Wathawana Vithanage
2024-07-28 6:42 ` Mattias Rönnblom
2024-07-28 15:52 ` Stephen Hemminger
2024-07-29 4:34 ` Wathsala Wathawana Vithanage
2024-07-29 6:34 ` Wathsala Wathawana Vithanage
2024-07-29 6:47 ` Mattias Rönnblom
2024-07-29 18:16 ` Wathsala Wathawana Vithanage
2024-07-29 18:31 ` Stephen Hemminger
2024-07-29 19:11 ` Mattias Rönnblom
2024-07-29 19:30 ` Morten Brørup
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2d28f42f-480b-4070-8ba2-1353a742b46d@lysator.liu.se \
--to=hofors@lysator.liu.se \
--cc=Dhruv.Tripathi@arm.com \
--cc=Jack.Bond-Preston@arm.com \
--cc=Ruifeng.Wang@arm.com \
--cc=Shunzhi.Wen@arm.com \
--cc=bruce.richardson@intel.com \
--cc=dev@dpdk.org \
--cc=drc@linux.ibm.com \
--cc=konstantin.v.ananyev@yandex.ru \
--cc=mattias.ronnblom@ericsson.com \
--cc=nd@arm.com \
--cc=roretzla@linux.microsoft.com \
--cc=stanislaw.kardach@gmail.com \
--cc=thomas@monjalon.net \
--cc=wathsala.vithanage@arm.com \
--cc=zhoumin@loongson.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).