From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 30533 invoked by alias); 12 Aug 2014 14:11:46 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 30253 invoked by uid 89); 12 Aug 2014 14:11:40 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_50,UNSUBSCRIBE_BODY,URIBL_BLACK autolearn=no version=3.3.2 X-HELO: calimero.vinschen.de Received: from aquarius.hirmke.de (HELO calimero.vinschen.de) (217.91.18.234) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Tue, 12 Aug 2014 14:11:38 +0000 Received: by calimero.vinschen.de (Postfix, from userid 500) id 924CF8E0773; Tue, 12 Aug 2014 16:11:35 +0200 (CEST) Date: Tue, 12 Aug 2014 14:11:00 -0000 From: Corinna Vinschen To: cygwin@cygwin.com Subject: Re: [ANNOUNCEMENT] New package: rng-tools-5-1 Message-ID: <20140812141135.GA30002@calimero.vinschen.de> Reply-To: cygwin@cygwin.com Mail-Followup-To: cygwin@cygwin.com References: <53EA16B9.5020402@lysator.liu.se> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="IpbVkmxF4tDyP/Kb" Content-Disposition: inline In-Reply-To: <53EA16B9.5020402@lysator.liu.se> User-Agent: Mutt/1.5.23 (2014-03-12) X-SW-Source: 2014-08/txt/msg00230.txt.bz2 --IpbVkmxF4tDyP/Kb Content-Type: multipart/mixed; boundary="QKdGvSO+nmPlgiQ/" Content-Disposition: inline --QKdGvSO+nmPlgiQ/ Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-length: 3296 Hi Peter, On Aug 12 15:29, Peter Rosin wrote: > On 2014-08-09 16:37, Corinna Vinschen wrote: > > I just uploaded rng-tools-5-1. > >=20 > > The Cygwin release only comes with the rngtest tool for now. > >=20 > > The rngd daemon requires porting assembler code to COFF and the > > Microsoft calling convention. Any help porting this code would > > be greatly appreciated. >=20 > Ok, I took a stab at it. The problems I identified in the assembly > are ELF debug info, different register use for the x86-64 calls and > a missing underscore prefix for the i686 symbols. >=20 > I'm unsure if used registers (and which) have to be saved in the > MS x86-64 ABI, but that shouldn't be too hard to fix if that's the > case. >=20 > I also moved up the AC_SEARCH_LIBS hunk in configure.ac since > the existing AC_CHECK_LIB is buried inside some other construct > (AC_CHECK_HEADER is possibly the culprit) which causes this: >=20 > checking for library containing argp_parse... /usr/src/rng-tools-5-1.src/= rng-tools-5-1.i686/src/rng-tools-5/configure: line 4335: ac_fn_c_try_link: = command not found > /usr/src/rng-tools-5-1.src/rng-tools-5-1.i686/src/rng-tools-5/configure: = line 4335: ac_fn_c_try_link: command not found > no >=20 > Anyway, with the attached patch instead of the one included in the > src package, it builds for both arches, but my cpu appears to lack > the rdrand instruction, so I have a hard time taking this any > further. Bummer. Thanks for your efforts! Over the weekend I tried my own port. I opted for creating a new file, rdrand_win_asm.S (attached for reference) to keep the code a bit cleaner. I have a machine which supports the rdrand call, but you need at least an Ivy Bridge CPU, For rdseed you need at least Haswell. Ultimately I gave up on rngd for now, for four reasons: - rngd uses poll(2) on /dev/random to wait until /dev/random becomes writable. /dev/random on Cygwin is always writable (we're not controlling the entropy pool, the OS does, and the RtlGenRandom call never blocks). This results in 100% CPU usage. - Even then, using rngd on /dev/random gave *worse* results when testing /dev/random with rngtest :-P I'm not sure why. - Cygwin does not support any of the other three hardware entropy sources /dev/hwrng or /dev/tpm0. For Intel/AMD hwrng you'd need access to the PCI bus and certain chipsets. For tpm0 you'd need a TPM chip and a description how to access the chip for producing random numbers. The chip is supposedly available as cryptographic provider under Windows, but on the only machine=20 in our home with a TPM chip *and* a functional Windows driver, there was no matching cryptographic provider returned by the call to CryptEnumProviders. - Given that, and given the hardware constraints for the rdrand and rdseed calls, I decided that it's not worth to follow through with this stuff. Still, thanks a lot for working on that. I appreciate it. If you have any idea how Cygwin could provide /dev/hwrng or /dev/tpm0 to have at least two HW entropy sources, please feel free to discuss=20 this on the cygwin-developer's list. Thanks, Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --QKdGvSO+nmPlgiQ/ Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename="rdrand_win_asm.S" Content-Transfer-Encoding: quoted-printable Content-length: 6725 /* * Copyright (c) 2011-2014, Intel Corporation * Authors: Fenghua Yu , * H. Peter Anvin * * This program is free software; you can redistribute it and/or modify it * under the terms and conditions of the GNU General Public License, * version 2, as published by the Free Software Foundation. * * This program is distributed in the hope it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for * more details. * * You should have received a copy of the GNU General Public License along = with * this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA. * */ /* * This is the Windows version of the file. It's equivalent to the original * code from Intel, just replacing ELF with COFF pseudo code expressions * where necessary and using Windows ABI rather than System V ABI on x86_64. * Additionally it utilizes the fact that recent versions of gas know the * rdrand, rdseed, and aes opcodes to avoid opaque .byte expression. */ #if defined(__i386__) || defined(__x86_64__) #ifdef __x86_64__ #define LBL(x) x #else #define LBL(x) _##x #endif #define ENTRY(x) \ .align 8 ; \ .globl LBL(x) ; \ .def LBL(x) ; \ .scl 2 ; \ .type 32 ; \ .endef ; \ LBL(x): #define ENDPROC(x) #define RDRAND_RETRY_LIMIT 10 #ifdef __x86_64__ ENTRY(x86_rdrand_bytes) mov %edx, %eax 1: mov $RDRAND_RETRY_LIMIT, %r9d 2: rdrand %r10 jnc 3f mov %r10, (%rcx) add $8, %rcx sub $8, %edx ja 1b 4: sub %edx, %eax ret 3: dec %r9d rep;nop jnz 2b jmp 4b ENDPROC(x86_rdrand_bytes) ENTRY(x86_rdseed_or_rdrand_bytes) push %r12 push %r13 mov (%rdx), %r12d /* RDSEED count */ mov (%r9), %r13d /* RDRAND count */ 1: mov $RDRAND_RETRY_LIMIT, %r10d 2: rdrand %rax jnc 3f mov %rax, (%rcx) add $8, %rcx sub $8, %r12d ja 1b 4: sub %r12d, (%rdx) sub %r13d, (%r9) pop %r13 pop %r12 ret 3: rdrand %rax jnc 5f mov %rax, (%r8) add $8, %r8 sub $8, %r13d ja 1b jmp 4b 5: dec %r10d rep;nop jnz 2b jmp 4b ENDPROC(x86_rdseed_or_rdrand_bytes) #define SETPTR(var,ptr) leaq var(%rip),ptr #define PTR0 %rcx #define PTR1 %rdx #define PTR2 %r9 #define CTR3 %eax #define NPTR2 1 /* %rcx =3D %r1, only 0-7 valid here */ #elif defined(__i386__) ENTRY(x86_rdrand_bytes) push %ebp mov %esp, %ebp push %edi push %esi movl 8(%ebp), %edi movl 12(%ebp), %esi mov %esi, %eax 1: mov $RDRAND_RETRY_LIMIT, %ecx 2: rdrand %edx jnc 3f mov %edx, (%edi) add $4, %edi sub $4, %esi ja 1b 4: sub %esi, %eax pop %esi pop %edi pop %ebp ret 3: dec %ecx rep;nop jnz 2b jmp 4b ENDPROC(x86_rdrand_bytes) ENTRY(x86_rdseed_or_rdrand_bytes) push %ebp mov %esp, %ebp push %edi push %esi push %ebx mov 12(%ebp), %ebx mov 20(%ebp), %esi mov 8(%ebp), %edi /* RDSEED pointer */ mov 16(%ebp), %edx /* RDRAND pointer */ mov (%ebx), %ebx /* RDSEED count */ mov (%esi), %esi /* RDRAND count */ 1: mov $RDRAND_RETRY_LIMIT, %ecx 2: rdseed %eax jnc 3f mov %eax, (%edi) add $4, %edi sub $4, %ebx ja 1b 4: mov 12(%ebp), %edx mov 20(%ebp), %eax sub %ebx, (%edx) /* RDSEED count */ sub %esi, (%eax) /* RDRAND count */ pop %ebx pop %esi pop %edi pop %ebp ret 3: rdrand %eax jnc 5f mov %eax, (%edx) add $4, %edx sub $4, %esi jnz 1b ja 4b 5: dec %ecx rep;nop jnz 2b jmp 4b ENDPROC(x86_rdseed_or_rdrand_bytes) #define SETPTR(var,ptr) movl $(var),ptr #define PTR0 %eax #define PTR1 %edx #define PTR2 %ecx #define CTR3 %esi #define NPTR2 1 /* %rcx =3D %r1 */ #endif ENTRY(x86_aes_mangle) #ifdef __i386__ push %ebp mov %esp, %ebp movl 8(%ebp), %eax movl 12(%ebp), %edx push %esi #endif movl $512, CTR3 /* Number of rounds */ =09 movdqa (0*16)(PTR1), %xmm0 movdqa (1*16)(PTR1), %xmm1 movdqa (2*16)(PTR1), %xmm2 movdqa (3*16)(PTR1), %xmm3 movdqa (4*16)(PTR1), %xmm4 movdqa (5*16)(PTR1), %xmm5 movdqa (6*16)(PTR1), %xmm6 movdqa (7*16)(PTR1), %xmm7 #ifdef __x86_64__ SETPTR(aes_round_keys, PTR2) 1: #else 1: SETPTR(aes_round_keys, PTR2) #endif /* 8192 =3D 512 (rounds) * 16 (bytes) */ pxor (0*8192)(PTR0), %xmm0 pxor (1*8192)(PTR0), %xmm1 pxor (2*8192)(PTR0), %xmm2 pxor (3*8192)(PTR0), %xmm3 pxor (4*8192)(PTR0), %xmm4 pxor (5*8192)(PTR0), %xmm5 pxor (6*8192)(PTR0), %xmm6 pxor (7*8192)(PTR0), %xmm7 add $16, PTR0 offset =3D 0 .rept 10 #ifdef __x86_64__ movdqa offset(PTR2), %xmm8 offset =3D offset + 16 aesenc %xmm8, %xmm0 aesenc %xmm8, %xmm1 aesenc %xmm8, %xmm2 aesenc %xmm8, %xmm3 aesenc %xmm8, %xmm4 aesenc %xmm8, %xmm5 aesenc %xmm8, %xmm6 aesenc %xmm8, %xmm7 #else aesenc (PTR2), %xmm0 aesenc (PTR2), %xmm1 aesenc (PTR2), %xmm2 aesenc (PTR2), %xmm3 aesenc (PTR2), %xmm4 aesenc (PTR2), %xmm5 aesenc (PTR2), %xmm6 aesenc (PTR2), %xmm7 add $16, PTR2 #endif .endr #ifdef __x86_64__ movdqa offset(PTR2), %xmm8 aesenclast %xmm8, %xmm0 aesenclast %xmm8, %xmm1 aesenclast %xmm8, %xmm2 aesenclast %xmm8, %xmm3 aesenclast %xmm8, %xmm4 aesenclast %xmm8, %xmm5 aesenclast %xmm8, %xmm6 aesenclast %xmm8, %xmm7 #else aesenclast (PTR2), %xmm0 aesenclast (PTR2), %xmm1 aesenclast (PTR2), %xmm2 aesenclast (PTR2), %xmm3 aesenclast (PTR2), %xmm4 aesenclast (PTR2), %xmm5 aesenclast (PTR2), %xmm6 aesenclast (PTR2), %xmm7 #endif sub $1, CTR3 jnz 1b =09 movdqa %xmm0, (0*16)(PTR1) movdqa %xmm1, (1*16)(PTR1) movdqa %xmm2, (2*16)(PTR1) movdqa %xmm3, (3*16)(PTR1) movdqa %xmm4, (4*16)(PTR1) movdqa %xmm5, (5*16)(PTR1) movdqa %xmm6, (6*16)(PTR1) movdqa %xmm7, (7*16)(PTR1) #ifdef __i386__ pop %esi pop %ebp #endif ret ENDPROC(x86_aes_mangle) ENTRY(x86_aes_expand_key) #ifdef __i386__ push %ebp mov %esp, %ebp movl 8(%ebp), %eax #endif SETPTR(aes_round_keys, PTR1) movdqu (PTR0), %xmm0 movdqa %xmm0, (PTR1) /* First slot =3D the plain key */ add $16, PTR1 aeskeygenassist $0x01,%xmm0,%xmm1 call 1f aeskeygenassist $0x02,%xmm0,%xmm1 call 1f aeskeygenassist $0x04,%xmm0,%xmm1 call 1f aeskeygenassist $0x08,%xmm0,%xmm1 call 1f aeskeygenassist $0x10,%xmm0,%xmm1 call 1f aeskeygenassist $0x20,%xmm0,%xmm1 call 1f aeskeygenassist $0x40,%xmm0,%xmm1 call 1f aeskeygenassist $0x80,%xmm0,%xmm1 call 1f aeskeygenassist $0x1b,%xmm0,%xmm1 call 1f aeskeygenassist $0x36,%xmm0,%xmm1 call 1f #ifdef __i386__ pop %ebp #endif ret 1: pshufd $0xff, %xmm1, %xmm1 movdqa %xmm0, %xmm2 pslldq $4, %xmm2 pxor %xmm2, %xmm0 pslldq $4, %xmm2 pxor %xmm2, %xmm0 pslldq $4, %xmm2 pxor %xmm2, %xmm0 pxor %xmm1, %xmm0 movdqa %xmm0, (PTR1) add $16, PTR1 ret ENDPROC(x86_aes_expand_key) .bss .balign 64 aes_round_keys: .space 11*16 #endif /* i386 or x86_64 */ --QKdGvSO+nmPlgiQ/-- --IpbVkmxF4tDyP/Kb Content-Type: application/pgp-signature Content-length: 819 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJT6iCXAAoJEPU2Bp2uRE+gzSkQAIPV+nz+O8IzgXOEqgkayIjH HRYRT809DiTP/kLwXOkKHWhyo6/Hbqk9SRQSy8wvIO91EuLVq1Eh/Soo4jKNxiAI LxXL4Mg3/EILvEJA6qXGVd1C1L9itGCbllwhnP8WHesBlZ9Kwz8ogY5e/qbn2Stf SHGBxlL9jEgSzwCS9/NS6kk6T7VTplcKxNlCoeucGToPmfsRm1aq9IQg5NuYea9r Hz98JOYTai9zibiYPzC+qlTJLxMBEj9cWRRWMqqtrT/KdyTZUmCU4IycYASNCeAI /u5G0tWDTgtCxAmBDKA/MfEgWwdMFUlRrgymYtlH+gRGLFU1Vp1M7QoNKvL+Vdrz KDNAr5uM3j5TAe6xgR81PUwl1dowqouZ9hkImJIZk3rxpRA+Rhp/L9IfCifirayp 6kYHxawfu6jY/ildzHw+BWmBYWgMpKfL28lmPSDsAaT8JGojT/HgiK9UAK9kvxnR zF++wp2CcZ/6uyNZqZRxurpEWrdQpbRsBUhe6sVGE7wMBK9LE6XTUBKr2M7eJsVj 5OW0AAgstBNFTcTNidckDwiIeOO000LZXpxvyYj+G65kFCTrvh9EjPagcBe+c20q 0hfGcIGQPwtzQeBalbm7l6BDo9xR9V1cb7t0dOEL89XH3yCPBDn22nDeq+Py/Nvk p30inUtR9dBDYBkMJGHg =PQFC -----END PGP SIGNATURE----- --IpbVkmxF4tDyP/Kb--