Date: Tue, 30 Jul 2013 16:27:13 +0200 From: "O. Hartmann" <ohartman@zedat.fu-berlin.de> To: Julian Stecklina <jsteckli@os.inf.tu-dresden.de> Cc: freebsd-current@freebsd.org Subject: Re: CURRENT: Ivy Bridge CPU (i3-3220) and Intel Bull Mountain RNG (options RDRAND_RNG) Message-ID: <20130730162713.00ddab52@thor.walstatt.dyndns.org> In-Reply-To: <51F7C8B4.7070809@os.inf.tu-dresden.de> References: <20130730134635.3b6d7b31@thor.walstatt.dyndns.org> <51F7C8B4.7070809@os.inf.tu-dresden.de>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_/NsIlu4vMflE/gdpJDry9yo6 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Tue, 30 Jul 2013 16:07:48 +0200 Julian Stecklina <jsteckli@os.inf.tu-dresden.de> wrote: > On 07/30/2013 01:46 PM, O. Hartmann wrote: > >=20 > > I tried the new option "options RDRAND_RNG" on my SOHO server, > > equipted with a Intel i3-3220 "Ivy Brdige" CPU, which is supposed > > to have the Bull Mountain random number generator as a piece of > > hardware in its uncore. > > > > Enabling the kernel option doesn't reveal any presence of such a > > hardware number generator. "sysct kern.random" always reports=20 > >=20 > > kern.random.adaptors: yarrow > >=20 > > By intentionally disallowing yarrow via commenting out options > > YARROW_RNG, the box reports "no adaptors loaded". So, either this > > Ivy Bridge has been castrated and ripped off by Intel of its RNG or > > FreeBSD isn't capable of detecting it properly or I'm incapable of > > properly configure the kernel. >=20 > This might be Erratum BV54: >=20 > Problem: > On processors that support the RDRAND instruction, that capability > should be reported via the setting of CPUID.01H:ECX.RDRAND[bit 30]. > Due to this erratum, that bit will not be set, and the execution of > the RDRAND instruction will result in a #UD exception. >=20 > Implication: > Software will not be able to utilize the RDRAND instruction >=20 > http://www.intel.de/content/dam/www/public/us/en/documents/specification-= updates/3rd-gen-core-desktop-specification-update.pdf >=20 > Julian Hello Julian, thanks for this insight. This sounds like I bought something which isn't functional. Well done, Intel! On the other hand, some places I read that the entropy generated by the RDRAND generator is put to AES for number generating. could it be that with no AESNI, there is implicitely no RDRAND? Just an idea.=20 Oliver --Sig_/NsIlu4vMflE/gdpJDry9yo6 Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (FreeBSD) iQEcBAEBAgAGBQJR981GAAoJEOgBcD7A/5N812UH/3DU/nntUpO8v5nCizaXirdl nwjw1q3QKxeGsUsh9IWb2ECFHPy9bBimia7sw/d0/IcCq/1dejMWa6cMYbjGXl7m Af5FimR/ni++i0ZaeN65Av7l2NLPp2uuva485PdKaMdcIGuUVkGK59nHQE4JvwPz BVrh53D2N+tzxn39lw8LqOMCSgxPxDDDxTV7/ZhZQn4kvcxRIpatbV19CnLme8ma K+ft2sagiQNi3Z5L+EEbMdAdvzR8xkEzrl/W6IYbRVgn7Ir2g6e2H75CpA3o6Wqh N1PnvaqCQlvtElO77mmOhZ5FHKZu8mA24b4aknXPGW7SR5Qq0Z49kGPf/P/q1a8= =ABJS -----END PGP SIGNATURE----- --Sig_/NsIlu4vMflE/gdpJDry9yo6--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130730162713.00ddab52>