[rng] Add RTC-based entropy source

The RTC-based entropy source uses the nanosecond-scale CPU TSC to
measure the time between two 1kHz interrupts generated by the CMOS
RTC.  In a physical machine these clocks are driven from independent
crystals, resulting in some observable clock drift.  In a virtual
machine, the CMOS RTC is typically emulated using host-OS
constructions such as SIGALRM.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

src/arch/i386/include/bits/entropy.h

@@ -9,4 +9,6 @@
 
 FILE_LICENCE ( GPL2_OR_LATER );
 
+#include <ipxe/rtc_entropy.h>
+
 #endif /* _BITS_ENTROPY_H */

src/arch/i386/include/ipxe/rtc_entropy.h

@@ -0,0 +1,62 @@
+#ifndef _IPXE_RTC_ENTROPY_H
+#define _IPXE_RTC_ENTROPY_H
+
+/** @file
+ *
+ * RTC-based entropy source
+ *
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER );
+
+#include <stdint.h>
+
+#ifdef ENTROPY_RTC
+#define ENTROPY_PREFIX_rtc
+#else
+#define ENTROPY_PREFIX_rtc __rtc_
+#endif
+
+/**
+ * min-entropy per sample
+ *
+ * @ret min_entropy	min-entropy of each sample
+ */
+static inline __always_inline double
+ENTROPY_INLINE ( rtc, min_entropy_per_sample ) ( void ) {
+
+	/* The min-entropy has been measured on several platforms
+	 * using the entropy_sample test code.  Modelling the samples
+	 * as independent, and using a confidence level of 99.99%, the
+	 * measurements were as follows:
+	 *
+	 *    qemu-kvm		: 7.38 bits
+	 *    VMware		: 7.46 bits
+	 *    Physical hardware	: 2.67 bits
+	 *
+	 * We choose the lowest of these (2.67 bits) and apply a 50%
+	 * safety margin to allow for some potential non-independence
+	 * of samples.
+	 */
+	return 1.3;
+}
+
+extern uint8_t rtc_sample ( void );
+
+/**
+ * Get noise sample
+ *
+ * @ret noise		Noise sample
+ * @ret rc		Return status code
+ */
+static inline __always_inline int
+ENTROPY_INLINE ( rtc, get_noise ) ( noise_sample_t *noise ) {
+
+	/* Get sample */
+	*noise = rtc_sample();
+
+	/* Always successful */
+	return 0;
+}
+
+#endif /* _IPXE_RTC_ENTROPY_H */

src/arch/i386/interface/pcbios/rtc_entropy.c

@@ -0,0 +1,233 @@
+/*
+ * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER );
+
+/** @file
+ *
+ * RTC-based entropy source
+ *
+ * The CMOS/RTC registers are documented (with varying degrees of
+ * accuracy and consistency) at
+ *
+ *    http://www.nondot.org/sabre/os/files/MiscHW/RealtimeClockFAQ.txt
+ *    http://wiki.osdev.org/RTC
+ *    http://wiki.osdev.org/CMOS
+ */
+
+#include <stdint.h>
+#include <string.h>
+#include <biosint.h>
+#include <pic8259.h>
+#include <ipxe/entropy.h>
+
+/** RTC IRQ */
+#define RTC_IRQ 8
+
+/** RTC interrupt vector */
+#define RTC_INT IRQ_INT ( RTC_IRQ )
+
+/** CMOS/RTC address (and NMI) register */
+#define CMOS_ADDRESS 0x70
+
+/** NMI disable bit */
+#define CMOS_DISABLE_NMI 0x80
+
+/** CMOS/RTC data register */
+#define CMOS_DATA 0x71
+
+/** RTC status register A */
+#define RTC_STATUS_A 0x0a
+
+/** RTC status register B */
+#define RTC_STATUS_B 0x0b
+
+/** RTC Periodic Interrupt Enabled bit */
+#define RTC_STATUS_B_PIE 0x40
+
+/** RTC status register C */
+#define RTC_STATUS_C 0x0c
+
+/** RTC status register D */
+#define RTC_STATUS_D 0x0d
+
+/** CMOS default address */
+#define CMOS_DEFAULT_ADDRESS RTC_STATUS_D
+
+/** RTC "interrupt triggered" flag */
+static uint8_t __text16 ( rtc_flag );
+#define rtc_flag __use_text16 ( rtc_flag )
+
+/** RTC interrupt handler */
+extern void rtc_isr ( void );
+
+/** Previous RTC interrupt handler */
+static struct segoff rtc_old_handler;
+
+/**
+ * Hook RTC interrupt handler
+ *
+ */
+static void rtc_hook_isr ( void ) {
+
+	/* RTC interrupt handler */
+	__asm__ __volatile__ (
+		TEXT16_CODE ( "\nrtc_isr:\n\t"
+			      /* Preserve registers */
+			      "pushw %%ax\n\t"
+			      /* Set "interrupt triggered" flag */
+			      "cs movb $0x01, %c0\n\t"
+			      /* Read RTC status register C to
+			       * acknowledge interrupt
+			       */
+			      "movb %3, %%al\n\t"
+			      "outb %%al, %1\n\t"
+			      "inb %2\n\t"
+			      /* Send EOI */
+			      "movb $0x20, %%al\n\t"
+			      "outb %%al, $0xa0\n\t"
+			      "outb %%al, $0x20\n\t"
+			      /* Restore registers and return */
+			      "popw %%ax\n\t"
+			      "iret\n\t" )
+		:
+		: "p" ( __from_text16 ( &rtc_flag ) ),
+		  "i" ( CMOS_ADDRESS ), "i" ( CMOS_DATA ),
+		  "i" ( RTC_STATUS_C ) );
+
+	hook_bios_interrupt ( RTC_INT, ( unsigned int ) rtc_isr,
+			      &rtc_old_handler );
+}
+
+/**
+ * Unhook RTC interrupt handler
+ *
+ */
+static void rtc_unhook_isr ( void ) {
+	int rc;
+
+	rc = unhook_bios_interrupt ( RTC_INT, ( unsigned int ) rtc_isr,
+				     &rtc_old_handler );
+	assert ( rc == 0 ); /* Should always be able to unhook */
+}
+
+/**
+ * Enable RTC interrupts
+ *
+ */
+static void rtc_enable_int ( void ) {
+	uint8_t status_b;
+
+	/* Set Periodic Interrupt Enable bit in status register B */
+	outb ( ( RTC_STATUS_B | CMOS_DISABLE_NMI ), CMOS_ADDRESS );
+	status_b = inb ( CMOS_DATA );
+	outb ( ( RTC_STATUS_B | CMOS_DISABLE_NMI ), CMOS_ADDRESS );
+	outb ( ( status_b | RTC_STATUS_B_PIE ), CMOS_DATA );
+
+	/* Re-enable NMI and reset to default address */
+	outb ( CMOS_DEFAULT_ADDRESS, CMOS_ADDRESS );
+	inb ( CMOS_DATA ); /* Discard; may be needed on some platforms */
+}
+
+/**
+ * Disable RTC interrupts
+ *
+ */
+static void rtc_disable_int ( void ) {
+	uint8_t status_b;
+
+	/* Clear Periodic Interrupt Enable bit in status register B */
+	outb ( ( RTC_STATUS_B | CMOS_DISABLE_NMI ), CMOS_ADDRESS );
+	status_b = inb ( CMOS_DATA );
+	outb ( ( RTC_STATUS_B | CMOS_DISABLE_NMI ), CMOS_ADDRESS );
+	outb ( ( status_b & ~RTC_STATUS_B_PIE ), CMOS_DATA );
+
+	/* Re-enable NMI and reset to default address */
+	outb ( CMOS_DEFAULT_ADDRESS, CMOS_ADDRESS );
+	inb ( CMOS_DATA ); /* Discard; may be needed on some platforms */
+}
+
+/**
+ * Enable entropy gathering
+ *
+ */
+static void rtc_entropy_enable ( void ) {
+
+	rtc_hook_isr();
+	enable_irq ( RTC_IRQ );
+	rtc_enable_int();
+}
+
+/**
+ * Disable entropy gathering
+ *
+ */
+static void rtc_entropy_disable ( void ) {
+
+	rtc_disable_int();
+	disable_irq ( RTC_IRQ );
+	rtc_unhook_isr();
+}
+
+/**
+ * Measure a single RTC tick
+ *
+ * @ret delta		Length of RTC tick (in TSC units)
+ */
+uint8_t rtc_sample ( void ) {
+	uint32_t before;
+	uint32_t after;
+	uint32_t temp;
+
+	__asm__ __volatile__ (
+		REAL_CODE ( /* Enable interrupts */
+			    "sti\n\t"
+			    /* Wait for RTC interrupt */
+			    "cs movb %b2, %c4\n\t"
+			    "\n1:\n\t"
+			    "cs xchgb %b2, %c4\n\t" /* Serialize */
+			    "testb %b2, %b2\n\t"
+			    "jz 1b\n\t"
+			    /* Read "before" TSC */
+			    "rdtsc\n\t"
+			    /* Store "before" TSC on stack */
+			    "pushl %0\n\t"
+			    /* Wait for another RTC interrupt */
+			    "xorb %b2, %b2\n\t"
+			    "cs movb %b2, %c4\n\t"
+			    "\n1:\n\t"
+			    "cs xchgb %b2, %c4\n\t" /* Serialize */
+			    "testb %b2, %b2\n\t"
+			    "jz 1b\n\t"
+			    /* Read "after" TSC */
+			    "rdtsc\n\t"
+			    /* Retrieve "before" TSC on stack */
+			    "popl %1\n\t"
+			    /* Disable interrupts */
+			    "cli\n\t"
+			    )
+		: "=a" ( after ), "=d" ( before ), "=q" ( temp )
+		: "2" ( 0 ), "p" ( __from_text16 ( &rtc_flag ) ) );
+
+	return ( after - before );
+}
+
+PROVIDE_ENTROPY_INLINE ( rtc, min_entropy_per_sample );
+PROVIDE_ENTROPY ( rtc, entropy_enable, rtc_entropy_enable );
+PROVIDE_ENTROPY ( rtc, entropy_disable, rtc_entropy_disable );
+PROVIDE_ENTROPY_INLINE ( rtc, get_noise );

src/config/defaults/pcbios.h

@@ -18,7 +18,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
 #define UMALLOC_MEMTOP
 #define SMBIOS_PCBIOS
 #define SANBOOT_PCBIOS
-#define ENTROPY_NULL
+#define ENTROPY_RTC
 
 #define	IMAGE_ELF		/* ELF image support */
 #define	IMAGE_MULTIBOOT		/* MultiBoot image support */