Add a build option to allow changing the initial state used
in the timer based random generator and by the kernel in the
early random number generator.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
The old random timer test was not random-looking
enough on some platforms.
Replace with new test which is psuedo-xoshiro.
The generator is still deterministic
and does not depend on entropy at all,
but should look more random for testing.
Change name of generator tree-wide also.
Signed-off-by: Declan Snyder <declan.snyder@nxp.com>
The `TEST_RANDOM_GENERATOR` Kconfig symbol indicates that a non-random
number generator (i.e. a random number generator that is not truly
random) is _allowed_ to be used for testing purposes, and not
necessarily that a non-random number generator is _selected_ -- that is
indicated by the `RNG_GENERATOR_CHOICE` choices that depend on
`TEST_RANDOM_GENERATOR` (i.e. only `TIMER_RANDOM_GENERATOR` as of now).
This commit updates the `TEST_RANDOM_GENERATOR` Kconfig symbol
description to reflect and clarify that.
It also removes the `TEST_RANDOM_GENERATOR`'s dependency on
`ENTROPY_HAS_DRIVER` because the act of _allowing_ a non-random number
generator to be used does not depend on the availability of an entropy
driver -- when an entropy driver is available, by default, the
`ENTROPY_DEVICE_RANDOM_GENERATOR` will be selected; otherwise,
`TIMER_RANDOM_GENERATOR`, a non-random generator, will be selected.
Signed-off-by: Stephanos Ioannidis <stephanos.ioannidis@nordicsemi.no>
Deprecate the xoroshiro128+ PRNG algorithm in favour of xoshiro128++.
xoshiro128++ is a drop-in replacement which is invisible from the user
perspective.
xoroshiro128+ is unsuitable because it is explicitly a floating-point
PRNG, not a general-purpose PRNG. This means that the lower 4 bits of
the output are actually linear, not random (from the designers,
https://prng.di.unimi.it/). This means 1/8th of the generated data is
not random.
Additionally, xoroshiro128+ is not a 32bit algorithm, it operates on
64bit numbers. For the vast majority of Zephyr devices, this makes the
PRNG slower than it needs to be. The replacement (xoshiro128++) is
32bit, with no loss in state space (still 128 bit).
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
Adds an implementation of xoshiro128++ as a pseudo random number
generator from https://prng.di.unimi.it/ that operates on 32bit words.
The algorithm postfix signifies the main operation in the generation
function. Therefore xoshiro++ is chosen over xoshiro** as we would
prefer to do 2 additions isntead of 2 multiplications on embedded
hardware. The quality of the generators appears to be the same in all
other respects.
xoshiro+ is not chosen despite being faster as it generates random
floating-point values, not general purpose random values (The lower 4
bits are linear).
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
This is a copy of rand32_timer.c that uses
z_do_read_cpu_timestamp32() instead of k_cycle_get_32(),
with some logic to ensure different values when called in
rapid succession missing.
Like the other driver, its reported values are not random,
it's a testing generator only.
This appears to have no advantages over rand32_timer.c,
just remove it. In QEMU emulation, the reported TSC values
tend to have the lowest five bits zeroed.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
1) Add cryptographically secure random functions to provide
FIPS 140-2 compliant random functions.
2) Add name to random function choice selectors to ease
selection in SOC .defconfig files
3) Add bulk fill random functions.
Signed-off-by: David Leach <david.leach@nxp.com>
Use this short header style in all Kconfig files:
# <description>
# <copyright>
# <license>
...
Also change all <description>s from
# Kconfig[.extension] - Foo-related options
to just
# Foo-related options
It's clear enough that it's about Kconfig.
The <description> cleanup was done with this command, along with some
manual cleanup (big letter at the start, etc.)
git ls-files '*Kconfig*' | \
xargs sed -i -E '1 s/#\s*Kconfig[\w.-]*\s*-\s*/# /'
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Bool symbols implicitly default to 'n'.
A 'default n' can make sense e.g. in a Kconfig.defconfig file, if you
want to override a 'default y' on the base definition of the symbol. It
isn't used like that on any of these symbols though.
Remove some 'default ""' properties on string symbols too.
Also make definitions more consistent by converting some
config FOO
<type>
prompt "foo"
definitions to a shorter form:
config FOO
<type> "foo"
This shorthand works for int/hex/string symbols too, not just for bool
symbols.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
This adds an implementation of Xoroshiro128+ PRNG, based on the
original implementation at [1]. This pseudorandom number generator
will use the entropy driver to obtain the seed.
While it uses only 128 bits of state, it's pretty robust for non-crypto
safe applications.
[1] http://vigna.di.unimi.it/xorshift/xoroshiro128plus.c
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Instead of every hardware number generator driver providing an
implementation of this function, use the random device API to
centralize the implementation of this function.
This is a very simplistic function that can be seen as a stepping stone
to refactor the random number generation in Zephyr.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
This should clear up some of the confusion with random number
generators and drivers that obtain entropy from the hardware. Also,
many hardware number generators have limited bandwidth, so it's natural
for their output to be only used for seeding a random number generator.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Some "random" drivers are not drivers at all: they just implement the
function `sys_rand32_get()`. Move those to a random subsystem in
preparation for a reorganization.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Flavio Ceolin