rewrite mdrandom() in C. previously this XOR'd against rdrand if available,

and alternatively XOR'd against TSC.  now always run both sequences, and
also support rdseed as a third procedure.
ok kettenis naddy

10 files changed, 77 insertions, 234 deletions

diff --git a/sys/arch/amd64/stand/boot/Makefile b/sys/arch/amd64/stand/boot/Makefile
index 00a9e19d429..3735f8d626d 100644
--- a/sys/arch/amd64/stand/boot/Makefile
+++ b/sys/arch/amd64/stand/boot/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.45 2020/03/05 16:36:30 otto Exp $
+#	$OpenBSD: Makefile,v 1.46 2020/06/14 16:00:08 deraadt Exp $
 
 COPTS?=
 MAN?=	boot.8
@@ -24,7 +24,7 @@ LDFLAGS+=-melf_i386 -L/usr/libdata
 SRCS+=	boot.c bootarg.c cmd.c vars.c
 
 .PATH:	${SADIR}/libsa
-SRCS+=	gidt.S random_i386.S run_amd64.S
+SRCS+=	gidt.S mdrandom.c run_amd64.S
 SRCS+=	cmd_i386.c dev_i386.c exec_i386.c gateA20.c machdep.c
 SRCS+=	bioscons.c biosdev.c diskprobe.c memprobe.c time.c
 .if ${SOFTRAID:L} == "yes"
diff --git a/sys/arch/amd64/stand/cdboot/Makefile b/sys/arch/amd64/stand/cdboot/Makefile
index 63f995e4bfc..696556d8f98 100644
--- a/sys/arch/amd64/stand/cdboot/Makefile
+++ b/sys/arch/amd64/stand/cdboot/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.40 2020/03/05 16:36:30 otto Exp $
+#	$OpenBSD: Makefile,v 1.41 2020/06/14 16:00:11 deraadt Exp $
 
 MAN=	cdboot.8
 
@@ -17,7 +17,7 @@ BINMODE=644
 
 .PATH:	${SADIR}/libsa
 SRCS+=	machdep.c dev_i386.c exec_i386.c cmd_i386.c
-SRCS+=	gidt.S random_i386.S biosdev.c bioscons.c gateA20.c \
+SRCS+=	gidt.S mdrandom.c biosdev.c bioscons.c gateA20.c \
 	memprobe.c diskprobe.c time.c run_amd64.S
 SRCS+=	softraid_amd64.c
 
diff --git a/sys/arch/amd64/stand/efi32/bootia32/Makefile b/sys/arch/amd64/stand/efi32/bootia32/Makefile
index 4186e53b1fc..15fed1dfcc8 100644
--- a/sys/arch/amd64/stand/efi32/bootia32/Makefile
+++ b/sys/arch/amd64/stand/efi32/bootia32/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.1 2019/05/11 02:33:34 mlarkin Exp $
+#	$OpenBSD: Makefile,v 1.2 2020/06/14 16:00:11 deraadt Exp $
 
 .include <bsd.own.mk>
 
@@ -6,7 +6,7 @@ PROG=		BOOTIA32.EFI
 NOMAN=		#
 OBJFMT=		efi-app-ia32
 SOFTRAID=	yes
-SRCS+=		start_i386.S random_i386.S
+SRCS+=		start_i386.S mdrandom.c
 LDSCRIPT=	ldscript.i386
 
 COPTS=		-I${EFIDIR}/include/i386
diff --git a/sys/arch/amd64/stand/efi64/bootx64/Makefile b/sys/arch/amd64/stand/efi64/bootx64/Makefile
index 4166a56f830..0222168b753 100644
--- a/sys/arch/amd64/stand/efi64/bootx64/Makefile
+++ b/sys/arch/amd64/stand/efi64/bootx64/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.1 2019/05/11 02:36:10 mlarkin Exp $
+#	$OpenBSD: Makefile,v 1.2 2020/06/14 16:00:11 deraadt Exp $
 
 .include <bsd.own.mk>
 
@@ -7,7 +7,7 @@ NOMAN=		#
 OBJFMT=		efi-app-x86_64
 SOFTRAID=	yes
 COPTS+=		-I${EFIDIR}/include/amd64
-SRCS+=		start_amd64.S run_i386.S random_amd64.S eficall.S
+SRCS+=		start_amd64.S run_i386.S mdrandom.c eficall.S
 LDSCRIPT=	ldscript.amd64
 
 .include "${.CURDIR}/../Makefile.common"
diff --git a/sys/arch/amd64/stand/efiboot/bootia32/Makefile b/sys/arch/amd64/stand/efiboot/bootia32/Makefile
index a1a7b438f75..28183467a98 100644
--- a/sys/arch/amd64/stand/efiboot/bootia32/Makefile
+++ b/sys/arch/amd64/stand/efiboot/bootia32/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.3 2018/10/13 19:56:56 kettenis Exp $
+#	$OpenBSD: Makefile,v 1.4 2020/06/14 16:00:11 deraadt Exp $
 
 .include <bsd.own.mk>
 
@@ -6,7 +6,7 @@ PROG=		BOOTIA32.EFI
 NOMAN=		#
 OBJFMT=		efi-app-ia32
 SOFTRAID=	yes
-SRCS+=		start_i386.S random_i386.S
+SRCS+=		start_i386.S mdrandom.c
 LDSCRIPT=	ldscript.i386
 
 COPTS=		-I${EFIDIR}/include/i386
diff --git a/sys/arch/amd64/stand/efiboot/bootx64/Makefile b/sys/arch/amd64/stand/efiboot/bootx64/Makefile
index 6c58149369f..c9bb38760f4 100644
--- a/sys/arch/amd64/stand/efiboot/bootx64/Makefile
+++ b/sys/arch/amd64/stand/efiboot/bootx64/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.2 2015/12/02 11:51:22 yasuoka Exp $
+#	$OpenBSD: Makefile,v 1.3 2020/06/14 16:00:11 deraadt Exp $
 
 .include <bsd.own.mk>
 
@@ -7,7 +7,7 @@ NOMAN=		#
 OBJFMT=		efi-app-x86_64
 SOFTRAID=	yes
 COPTS+=		-I${EFIDIR}/include/amd64
-SRCS+=		start_amd64.S run_i386.S random_amd64.S eficall.S
+SRCS+=		start_amd64.S run_i386.S mdrandom.c eficall.S
 LDSCRIPT=	ldscript.amd64
 
 .include "${.CURDIR}/../Makefile.common"
diff --git a/sys/arch/amd64/stand/libsa/mdrandom.c b/sys/arch/amd64/stand/libsa/mdrandom.c
new file mode 100644
index 00000000000..80634bde2a6
--- /dev/null
+++ b/sys/arch/amd64/stand/libsa/mdrandom.c
@@ -0,0 +1,63 @@
+/*	$OpenBSD: mdrandom.c,v 1.1 2020/06/14 16:00:11 deraadt Exp $	*/
+
+/*
+ * Copyright (c) 2020 Theo de Raadt 
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <sys/param.h>
+#include <machine/psl.h>
+#include <machine/specialreg.h>
+
+#include "libsa.h"
+
+int
+mdrandom(char *buf, size_t buflen)
+{
+	u_int eax, ebx, ecx, edx;
+	uint32_t hi, lo;
+	int i;
+
+	for (i = 0; i < buflen; i++) {
+		__asm volatile("rdtsc" : "=d" (hi), "=a" (lo));
+		hi ^= (hi >> 8) ^ (hi >> 16) ^ (hi >> 24);
+		lo ^= (lo >> 8) ^ (lo >> 16) ^ (lo >> 24);
+		buf[i] ^= hi;
+		buf[i] ^= lo;
+	}
+
+	CPUID(1, eax, ebx, ecx, edx);
+	if (ecx & CPUIDECX_RDRAND) {
+		unsigned long rand;
+
+		for (i = 0; i < buflen / sizeof(rand); i++) {
+			__asm volatile("rdrand	%0\n" : "=r" (rand));
+			((unsigned long *)buf)[i] ^= rand;
+		}
+	}
+
+	CPUID(0, eax, ebx, ecx, edx);
+	if (eax >= 7) {
+		CPUID_LEAF(7, 0, eax, ebx, ecx, edx);
+		if (ebx & SEFF0EBX_RDSEED) {
+			unsigned long rand;
+
+			for (i = 0; i < buflen / sizeof(rand); i++) {
+				__asm volatile("rdseed	%0\n" : "=r" (rand));
+				((unsigned long *)buf)[i] ^= rand;
+			}
+		}
+	}
+	return (0);
+}
diff --git a/sys/arch/amd64/stand/libsa/random_amd64.S b/sys/arch/amd64/stand/libsa/random_amd64.S
index 7c12659ae55..e69de29bb2d 100644
--- a/sys/arch/amd64/stand/libsa/random_amd64.S
+++ b/sys/arch/amd64/stand/libsa/random_amd64.S
@@ -1,110 +0,0 @@
-/*	$OpenBSD: random_amd64.S,v 1.6 2020/05/25 14:58:01 deraadt Exp $	*/
-
-/*
- * Copyright (c) 2013 Joel Sing <jsing@openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <machine/param.h>
-#include <machine/asm.h>
-#include <machine/psl.h>
-#include <machine/specialreg.h>
-
-/*
- * Random data is xored into the buffer in 8-byte blocks. If the buffer size
- * is not a multiple of 8, the remaining bytes may be left untouched.
- */
-ENTRY(mdrandom)
-	pushq   %rbx
-
-	// See if we have CPU identification.
-	pushf
-	pop	%rax
-	mov	%eax, %ecx
-	or	$PSL_ID, %eax
-	push	%rax
-	popf
-	pushf
-	pop	%rax
-	push	%rcx
-	popf
-	and	$PSL_ID, %eax
-	movq	$-1, %rax
-	jz	done
-
-	// CPUID leaf = 1, subleaf = 0
-	mov	$1, %eax
-	mov	$0, %ecx
-	cpuid
-	mov	%edx, %eax
-
-	movq	%rdi, %rbx
-	movq	%rsi, %rdx
-	xorq	%rdi, %rdi
-
-	and	$CPUIDECX_RDRAND, %ecx	// See if we have rdrand.
-	jnz	userand
-
-	mov	%edx, %ecx
-	and	$CPUID_TSC, %eax	// See if we have rdtsc.
-	jnz	usetsc
-
-	movq	$-1, %rax
-	jmp	done
-
-userand:
-	shrq	$3, %rdx		// 8 bytes at a time
-1:
-	rdrand	%rax
-	xorq	%rax, (%rbx, %rdi, 8)
-	incq	%rdi
-	cmpq	%rdi, %rdx
-	jne	1b
-	movq	$0, %rax
-	jmp	done
-
-usetsc:
-	rdtsc				// Populates edx:eax.
-
-	/*
-	 *   Cope with high=0
-	 * high = (high << 1) | 1;		
-	 *   Spread bits
-	 * bits = low * high;
-	 *   Accumulate spread bits into a byte
-	 * bits = bits ^ (bits>>8) ^ (bits>>16) ^ (bits>>24);
-	 * buf[i] ^= (u_char) bits;
-	 */
-	shlq	$1, %rdx
-	orq	$1, %rdx
-	mull	%edx
-	movq	%rax, %rdx
-	shrq	$8, %rdx
-	xorq	%rdx, %rax
-	shrq	$8, %rdx
-	xorq	%rdx, %rax
-	shrq	$8, %rdx
-	xorq	%rdx, %rax
-
-	xorb	%al, (%rbx,%rdi)
-
-	incq	%rdi
-	cmpq	%rdi, %rcx
-	jne	usetsc
-	movq	$0, %rax
-	jmp	done
-
-done:
-	popq	%rbx
-	retq
diff --git a/sys/arch/amd64/stand/libsa/random_i386.S b/sys/arch/amd64/stand/libsa/random_i386.S
index 36bf82e34bc..e69de29bb2d 100644
--- a/sys/arch/amd64/stand/libsa/random_i386.S
+++ b/sys/arch/amd64/stand/libsa/random_i386.S
@@ -1,110 +0,0 @@
-/*	$OpenBSD: random_i386.S,v 1.11 2020/05/25 14:58:01 deraadt Exp $	*/
-
-/*
- * Copyright (c) 2013 Joel Sing <jsing@openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <machine/param.h>
-#include <machine/asm.h>
-#include <machine/psl.h>
-#include <machine/specialreg.h>
-
-/*
- * Random data is xored into the buffer in 4 byte blocks. If the buffer size
- * is not a multiple of 4, the remaining bytes may be left untouched.
- */
-ENTRY(mdrandom)
-	pushal
-
-	// See if we have CPU identification.
-	pushfl
-	popl	%eax
-	movl	%eax, %ecx
-	orl	$PSL_ID, %eax
-	pushl	%eax
-	popfl
-	pushfl
-	popl	%eax
-	pushl	%ecx
-	popfl
-	andl	$PSL_ID, %eax
-	movl	$-1, %eax
-	jz	done
-
-	// CPUID leaf = 1, subleaf = 0
-	movl	$1, %eax
-	movl	$0, %ecx
-	cpuid
-	movl	%edx, %eax
-
-	movl	36(%esp), %ebx
-	movl	40(%esp), %edx
-	xorl	%edi, %edi
-
-	andl	$CPUIDECX_RDRAND, %ecx	// See if we have rdrand.
-	jnz	userand
-
-	movl	%edx, %ecx
-	andl	$CPUID_TSC, %eax	// See if we have rdtsc.
-	jnz	usetsc
-
-	movl	$-1, %eax
-	jmp	done
-
-userand:
-	shrl	$2, %edx		// 4 bytes at a time
-1:
-	rdrand	%eax
-	xorl	%eax, (%ebx,%edi,4)
-	incl	%edi
-	cmpl	%edi, %edx
-	jne	1b
-	movl	$0, %eax
-	jmp	done
-
-usetsc:
-	rdtsc				// Populates edx:eax.
-
-	/*
-	 *   Cope with high=0
-	 * high = (high << 1) | 1;		
-	 *   Spread bits
-	 * bits = low * high;
-	 *   Accumulate spread bits into a byte
-	 * bits = bits ^ (bits>>8) ^ (bits>>16) ^ (bits>>24);
-	 * buf[i] ^= (u_char) bits;
-	 */
-	shll	$1, %edx
-	orl	$1, %edx
-	mull	%edx
-	movl	%eax, %edx
-	shrl	$8, %edx
-	xorl	%edx, %eax
-	shrl	$8, %edx
-	xorl	%edx, %eax
-	shrl	$8, %edx
-	xorl	%edx, %eax
-
-	xorb	%al, (%ebx,%edi)
-
-	incl	%edi
-	cmpl	%edi, %ecx
-	jne	usetsc
-	movl	$0, %eax
-	jmp	done
-
-done:
-	popal
-	ret
diff --git a/sys/arch/amd64/stand/pxeboot/Makefile b/sys/arch/amd64/stand/pxeboot/Makefile
index c863661d867..5478916df1a 100644
--- a/sys/arch/amd64/stand/pxeboot/Makefile
+++ b/sys/arch/amd64/stand/pxeboot/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.38 2020/03/05 16:36:30 otto Exp $
+#	$OpenBSD: Makefile,v 1.39 2020/06/14 16:00:11 deraadt Exp $
 
 MAN=	pxeboot.8
 
@@ -18,7 +18,7 @@ BINMODE=644
 .PATH:	${SADIR}/libsa
 # i386 stuff (so, it will possibly load in the same 64k)
 SRCS+=	machdep.c exec_i386.c cmd_i386.c run_amd64.S
-SRCS+=	gidt.S random_i386.S biosdev.c bioscons.c gateA20.c \
+SRCS+=	gidt.S mdrandom.c biosdev.c bioscons.c gateA20.c \
 	memprobe.c diskprobe.c time.c ## biosprobe.c
 SRCS+=	pxe.c pxe_call.S pxe_net.c pxe_udp.c
 SRCS+=	softraid_amd64.c