random: add RDSEED as a provably unique entropy source
AcceptedPublic
Actions

Authored by obrien on Fri, Oct 17, 5:48 AM.

Details

Reviewers

Group Reviewers

Summary

NIST SP800-90B allows for only a single entropy source to be claimed
in a FIPS-140-3 certifiate. In addition, only hardware sources that
have a NIST Entropy Source Validation (ESV) certificate, backed by
a SP800-90B Entropy Assessment Report, are usable. Intel has obtained
ESV certificates for several of their processors, so RDSEED is a FIPS-140-3
suitable entropy source.

However, RDRAND is conditioned to the point one cannot do the required
statisical anayslsis on it in order to obtain an ESV (and Intel has not
bothered trying). So we need to know down in the CSPRNG-subsystem which
source the entropy came from.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 67848
Build 64731: arc lint + arc unit

Event Timeline

obrien created this revision.Fri, Oct 17, 5:48 AM

Herald added a subscriber: imp. · View Herald TranscriptFri, Oct 17, 5:48 AM

obrien requested review of this revision.Fri, Oct 17, 5:48 AM

Harbormaster completed remote builds in B67846: Diff 164367.Fri, Oct 17, 5:48 AM

tags

Harbormaster completed remote builds in B67847: Diff 164368.Fri, Oct 17, 5:50 AM

modules

Harbormaster completed remote builds in B67848: Diff 164369.Fri, Oct 17, 6:01 AM

obrien added a reviewer: csprng.Sat, Oct 18, 12:07 AM

Unobjectionable. Mechanical changes LGTM.

sys/dev/random/ivy.c
2	Might be nice to rename "ivy" to "rdrand" while you're at it.
103–118	I think you can kill the IFUNC in both, given each module only has one happy path now. You'd need to move the cpu feature checks somewhere else; modevent() is probably fine.
sys/dev/random/random_harvestq.c
669	Also ABI breaking, for whatever that's worth
sys/dev/random/rdseed.c
89–98	Ditto