00582563be
Summary: This follows the addition of `GetRandom` with D34412. We remove our `/dev/urandom` code and use the new function. Additionally, change the PRNG for a slightly faster version. One of the issues with the old code is that we have 64 full bits of randomness per "next", using only 8 of those for the Salt and discarding the rest. So we add a cached u64 in the PRNG that can serve up to 8 u8 before having to call the "next" function again. During some integration work, I also realized that some very early processes (like `init`) do not benefit from `/dev/urandom` yet. So if there is no `getrandom` syscall as well, we have to fallback to some sort of initialization of the PRNG. Now a few words on why XoRoShiRo and not something else. I have played a while with various PRNGs on 32 & 64 bit platforms. Some results are below. LCG 32 & 64 are usually faster but produce respectively 15 & 31 bits of entropy, meaning that to get a full 64-bit, you would need to call them several times. The simple XorShift is fast, produces 32 bits but is mediocre with regard to PRNG test suites, PCG is slower overall, and XoRoShiRo is faster than XorShift128+ and produces full 64 bits. %%% root@tulip-chiphd:/data # ./randtest.arm [+] starting xs32... [?] xs32 duration: 22431833053ns [+] starting lcg32... [?] lcg32 duration: 14941402090ns [+] starting pcg32... [?] pcg32 duration: 44941973771ns [+] starting xs128p... [?] xs128p duration: 48889786981ns [+] starting lcg64... [?] lcg64 duration: 33831042391ns [+] starting xos128p... [?] xos128p duration: 44850878605ns root@tulip-chiphd:/data # ./randtest.aarch64 [+] starting xs32... [?] xs32 duration: 22425151678ns [+] starting lcg32... [?] lcg32 duration: 14954255257ns [+] starting pcg32... [?] pcg32 duration: 37346265726ns [+] starting xs128p... [?] xs128p duration: 22523807219ns [+] starting lcg64... [?] lcg64 duration: 26141304679ns [+] starting xos128p... [?] xos128p duration: 14937033215ns %%% Reviewers: alekseyshl Reviewed By: alekseyshl Subscribers: aemerson, kristof.beyls, llvm-commits Differential Revision: https://reviews.llvm.org/D35221 llvm-svn: 307798
127 lines
3.3 KiB
C++
127 lines
3.3 KiB
C++
//===-- scudo_utils.cpp -----------------------------------------*- C++ -*-===//
|
|
//
|
|
// The LLVM Compiler Infrastructure
|
|
//
|
|
// This file is distributed under the University of Illinois Open Source
|
|
// License. See LICENSE.TXT for details.
|
|
//
|
|
//===----------------------------------------------------------------------===//
|
|
///
|
|
/// Platform specific utility functions.
|
|
///
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
#include "scudo_utils.h"
|
|
|
|
#include <errno.h>
|
|
#include <fcntl.h>
|
|
#include <stdarg.h>
|
|
#include <unistd.h>
|
|
#if defined(__x86_64__) || defined(__i386__)
|
|
# include <cpuid.h>
|
|
#endif
|
|
#if defined(__arm__) || defined(__aarch64__)
|
|
# include <sys/auxv.h>
|
|
#endif
|
|
|
|
// TODO(kostyak): remove __sanitizer *Printf uses in favor for our own less
|
|
// complicated string formatting code. The following is a
|
|
// temporary workaround to be able to use __sanitizer::VSNPrintf.
|
|
namespace __sanitizer {
|
|
|
|
extern int VSNPrintf(char *buff, int buff_length, const char *format,
|
|
va_list args);
|
|
|
|
} // namespace __sanitizer
|
|
|
|
namespace __scudo {
|
|
|
|
FORMAT(1, 2)
|
|
void NORETURN dieWithMessage(const char *Format, ...) {
|
|
// Our messages are tiny, 256 characters is more than enough.
|
|
char Message[256];
|
|
va_list Args;
|
|
va_start(Args, Format);
|
|
__sanitizer::VSNPrintf(Message, sizeof(Message), Format, Args);
|
|
va_end(Args);
|
|
RawWrite(Message);
|
|
Die();
|
|
}
|
|
|
|
#if defined(__x86_64__) || defined(__i386__)
|
|
// i386 and x86_64 specific code to detect CRC32 hardware support via CPUID.
|
|
// CRC32 requires the SSE 4.2 instruction set.
|
|
typedef struct {
|
|
u32 Eax;
|
|
u32 Ebx;
|
|
u32 Ecx;
|
|
u32 Edx;
|
|
} CPUIDRegs;
|
|
|
|
static void getCPUID(CPUIDRegs *Regs, u32 Level)
|
|
{
|
|
__get_cpuid(Level, &Regs->Eax, &Regs->Ebx, &Regs->Ecx, &Regs->Edx);
|
|
}
|
|
|
|
CPUIDRegs getCPUFeatures() {
|
|
CPUIDRegs VendorRegs = {};
|
|
getCPUID(&VendorRegs, 0);
|
|
bool IsIntel =
|
|
(VendorRegs.Ebx == signature_INTEL_ebx) &&
|
|
(VendorRegs.Edx == signature_INTEL_edx) &&
|
|
(VendorRegs.Ecx == signature_INTEL_ecx);
|
|
bool IsAMD =
|
|
(VendorRegs.Ebx == signature_AMD_ebx) &&
|
|
(VendorRegs.Edx == signature_AMD_edx) &&
|
|
(VendorRegs.Ecx == signature_AMD_ecx);
|
|
// Default to an empty feature set if not on a supported CPU.
|
|
CPUIDRegs FeaturesRegs = {};
|
|
if (IsIntel || IsAMD) {
|
|
getCPUID(&FeaturesRegs, 1);
|
|
}
|
|
return FeaturesRegs;
|
|
}
|
|
|
|
#ifndef bit_SSE4_2
|
|
# define bit_SSE4_2 bit_SSE42 // clang and gcc have different defines.
|
|
#endif
|
|
|
|
bool testCPUFeature(CPUFeature Feature)
|
|
{
|
|
CPUIDRegs FeaturesRegs = getCPUFeatures();
|
|
|
|
switch (Feature) {
|
|
case CRC32CPUFeature: // CRC32 is provided by SSE 4.2.
|
|
return !!(FeaturesRegs.Ecx & bit_SSE4_2);
|
|
default:
|
|
break;
|
|
}
|
|
return false;
|
|
}
|
|
#elif defined(__arm__) || defined(__aarch64__)
|
|
// For ARM and AArch64, hardware CRC32 support is indicated in the
|
|
// AT_HWVAL auxiliary vector.
|
|
|
|
#ifndef HWCAP_CRC32
|
|
# define HWCAP_CRC32 (1<<7) // HWCAP_CRC32 is missing on older platforms.
|
|
#endif
|
|
|
|
bool testCPUFeature(CPUFeature Feature) {
|
|
uptr HWCap = getauxval(AT_HWCAP);
|
|
|
|
switch (Feature) {
|
|
case CRC32CPUFeature:
|
|
return !!(HWCap & HWCAP_CRC32);
|
|
default:
|
|
break;
|
|
}
|
|
return false;
|
|
}
|
|
#else
|
|
bool testCPUFeature(CPUFeature Feature) {
|
|
return false;
|
|
}
|
|
#endif // defined(__x86_64__) || defined(__i386__)
|
|
|
|
} // namespace __scudo
|