Utility for using the RDRAND instruction

On some x86_64 hardware the RDRAND instruction returns 64bits of entropy
from an on-chip random number generator. RDRAND is not recommended as an
exclusive source of entropy for cryptographic applications.

https://en.wikipedia.org/wiki/RdRand

include/spec/x86_64/world/rdrand.h

@@ -0,0 +1,56 @@
+/*
+ * \brief   Utility for reading hardware RNG
+ * \date    2019-02-05
+ * \author  Emery Hemingway
+ */
+
+/*
+ * Copyright (C) 2019 Genode Labs GmbH
+ *
+ * This file is part of the Genode OS framework, which is distributed
+ * under the terms of the GNU Affero General Public License version 3.
+ */
+
+#ifndef _INCLUDE__SPEC__X86_64__OS__RDRAND_H_
+#define _INCLUDE__SPEC__X86_64__OS__RDRAND_H_
+
+#include <base/stdint.h>
+#include <base/log.h>
+
+namespace Genode { namespace Rdrand {
+
+	bool supported()
+	{
+		unsigned int info[4] = {0, 0, 0, 0};
+
+		asm volatile("cpuid":"=a"(info[0]),"=b"(info[1]),"=c"(info[2]),"=d"(info[3]):"a"(1),"c"(0));
+
+		enum { RDRAND_MASK = 0x40000000 };
+		return (info[2] & RDRAND_MASK);
+	}
+
+#	define _rdrand_step(x) \
+	({ \
+		unsigned char err; \
+		asm volatile("rdrand %0; setc %1":"=r"(x), "=qm"(err)); \
+		err; \
+	}) \
+
+	uint64_t random64()
+	{
+		uint64_t result = 0;
+
+		enum { RETRIES = 8 };
+		for (int i = 0; i < RETRIES; i++)
+			if (_rdrand_step(result))
+				return result;
+
+		error("RDRAND failure");
+		throw Exception();
+	}
+
+#	undef _rdrand_step
+
+} }
+
+#endif /* _INCLUDE__SPEC__X86_64__OS__RDRAND_H_ */

include/world/rdrand.h

@@ -0,0 +1,33 @@
+/*
+ * \brief   Utility for reading hardware RNG
+ * \date    2019-02-05
+ * \author  Emery Hemingway
+ */
+
+/*
+ * Copyright (C) 2019 Genode Labs GmbH
+ *
+ * This file is part of the Genode OS framework, which is distributed
+ * under the terms of the GNU Affero General Public License version 3.
+ */
+
+#ifndef _INCLUDE__OS__RDRAND_H_
+#define _INCLUDE__OS__RDRAND_H_
+
+#include <base/stdint.h>
+#include <base/log.h>
+
+namespace Genode { namespace Rdrand {
+
+	constexpr
+	bool supported() { return false; }
+
+	uint64_t random64()
+	{
+		error("RDRAND not available on this architecture");
+		throw Exception();
+	}
+
+} }
+
+#endif /* _INCLUDE__OS__RDRAND_H_ */

recipes/pkg/test-rdrand/README

@@ -0,0 +1 @@
+Test for the RDRAND utility.

recipes/pkg/test-rdrand/archives

@@ -0,0 +1 @@
+_/src/test-rdrand

recipes/pkg/test-rdrand/hash

@@ -0,0 +1 @@
+2019-02-05-b c847249e6a9161857212672d571d51e9ab537081

recipes/pkg/test-rdrand/runtime

@@ -0,0 +1,16 @@
+<runtime ram="1M" caps="64" binary="test-rdrand">
+
+	<events>
+		<timeout meaning="failed" sec="20" />
+		<log     meaning="succeeded">--- RDRAND test finished ---</log>
+		<log     meaning="failed"   >Error: </log>
+	</events>
+
+	<content>
+		<rom label="ld.lib.so"/>
+		<rom label="test-rdrand"/>
+	</content>
+
+	<config/>
+
+</runtime>

recipes/src/test-rdrand/content.mk

@@ -0,0 +1,7 @@
+SRC_DIR = src/test/rdrand
+include $(GENODE_DIR)/repos/base/recipes/src/content.inc
+
+content: include/spec/x86_64/os/rdrand.h
+
+include/spec/x86_64/os/rdrand.h:
+	$(mirror_from_rep_dir)

recipes/src/test-rdrand/hash

@@ -0,0 +1 @@
+2019-02-05-b 31ff420db86cb7010d3ffefa98ffbb6d1c1adc5c

recipes/src/test-rdrand/used_apis

@@ -0,0 +1 @@
+base

src/test/rdrand/main.cc

@@ -0,0 +1,43 @@
+/*
+ * \brief  RDRAND test
+ * \author Emery Hemingway
+ * \date   2019-02-05
+ */
+
+/*
+ * Copyright (C) 2019 Genode Labs GmbH
+ *
+ * This file is part of the Genode OS framework, which is distributed
+ * under the terms of the GNU Affero General Public License version 3.
+ */
+
+#include <os/rdrand.h>
+#include <base/component.h>
+#include <base/log.h>
+
+using namespace Genode;
+
+void Component::construct(Genode::Env &env)
+{
+	log("--- RDRAND test started ---");
+
+	if (!Rdrand::supported()) {
+		log("RDRAND instruction not supported");
+	} else {
+		uint64_t accumulator = 0;
+
+		for (int i = 0; i < 32; i++) {
+			auto random = Rdrand::random64();
+			log("RDRAND ", (Hex)random);
+			accumulator |= random;
+		}
+
+		if (accumulator < (uint64_t(1)<<32)) {
+			error("RDRAND returned only 32 bits of entropy");
+			env.parent().exit(~0);
+		}
+	}
+
+	log("--- RDRAND test finished ---");
+	env.parent().exit(0);
+}

src/test/rdrand/target.mk

@@ -0,0 +1,3 @@
+TARGET = test-rdrand
+SRC_CC = main.cc
+LIBS   = base