aarch64_cpu/asm/
random.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
// SPDX-License-Identifier: Apache-2.0 OR MIT
//
// Copyright (c) 2022-2023 Amazon.com, Inc. or its affiliates.
//
// Author(s):
//   - Ali Saidi <alisaidi@amazon.com>

#[cfg(target_arch = "aarch64")]
use core::arch::asm;

/// Implement an interface for accessing Arm v8.5 RNG instructions.
///
/// An empty struct is used to confirm that the system has the instructions available.
///
/// # Example
///
/// ```no_run
/// use aarch64_cpu::asm::random::ArmRng;
/// if let Some(rng) = ArmRng::new() {
///     let rand_num = rng.rndr();
/// }
/// ```
#[derive(Copy, Clone, Debug)]
pub struct ArmRng;

impl ArmRng {
    /// Return an empty object that is used to gate calling rndr and rndrss on discovery of the
    /// feature so each call doesn't need to confirm it.
    #[cfg(target_arch = "aarch64")]
    #[inline]
    pub fn new() -> Option<Self> {
        use crate::registers::ID_AA64ISAR0_EL1;
        use tock_registers::interfaces::Readable;

        if ID_AA64ISAR0_EL1.is_set(ID_AA64ISAR0_EL1::RNDR) {
            Some(ArmRng)
        } else {
            None
        }
    }

    #[cfg(not(target_arch = "aarch64"))]
    pub fn new() -> Option<Self> {
        None
    }

    /// Return an random number from the Arm v8.5 RNG.
    ///
    /// This returns an option because the instruction can fail (e.g. the entropy is exhausted or
    /// the RNG has failed.)
    #[cfg(target_arch = "aarch64")]
    #[inline]
    pub fn rndr(&self) -> Option<u64> {
        let mut flags: u64;
        let mut data: u64;

        unsafe {
            asm!(
                "mrs {o}, s3_3_c2_c4_0",
                "mrs {f}, nzcv",
                o = out(reg) data,
                f = out(reg) flags,
                options(nomem, nostack));
        }

        if flags != 0 {
            None
        } else {
            Some(data)
        }
    }

    #[cfg(not(target_arch = "aarch64"))]
    pub fn rndr(&self) -> Option<u64> {
        None
    }

    /// Return a random number from the Arm v8.5 RNG after reseeding it.
    ///
    /// This returns an option because the instruction can fail (e.g. the entropy is exhausted or
    /// the RNG has failed.)
    #[cfg(target_arch = "aarch64")]
    #[inline]
    pub fn rndrss(&self) -> Option<u64> {
        let mut flags: u64;
        let mut data: u64;

        unsafe {
            asm!(
                "mrs {o}, s3_3_c2_c4_1",
                "mrs {f}, nzcv",
                o = out(reg) data,
                f = out(reg) flags,
                options(nomem, nostack));
        }

        if flags != 0 {
            None
        } else {
            Some(data)
        }
    }

    #[cfg(not(target_arch = "aarch64"))]
    pub fn rndrss(&self) -> Option<u64> {
        None
    }
}

#[cfg(all(test, target_os = "linux"))]
mod tests {
    use super::*;

    #[test]
    pub fn test_rndr() {
        // This works on Linux from userspace since Linux emulatates the Arm ID registers on the
        // userspace undef.
        if let Some(rand) = ArmRng::new() {
            assert!(rand.rndr().unwrap() != 0);
            assert!(rand.rndrss().unwrap() != 0);
        }
    }
}