Re: git: d1ca01059d5d - main - padlock(4)/nehemiah: move i386-only entropy source to MD files

In reply to: David E. O'Brien: "git: d1ca01059d5d - main - padlock(4)/nehemiah: move i386-only entropy source to MD files"
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Konstantin Belousov <kostikbel_at_gmail.com>
Date: Fri, 24 Oct 2025 08:17:52 UTC
On Thu, Oct 23, 2025 at 11:17:26PM +0000, David E. O'Brien wrote:
> The branch main has been updated by obrien:
> 
> URL: https://cgit.FreeBSD.org/src/commit/?id=d1ca01059d5d756a4aef09d955e98aa59a284344
> 
> commit d1ca01059d5d756a4aef09d955e98aa59a284344
> Author:     David E. O'Brien <obrien@FreeBSD.org>
> AuthorDate: 2025-10-23 22:27:06 +0000
> Commit:     David E. O'Brien <obrien@FreeBSD.org>
> CommitDate: 2025-10-23 23:17:19 +0000
> 
>     padlock(4)/nehemiah: move i386-only entropy source to MD files
Why do you think that padlock was implemented on 32bit only VIA CPUs?
I believe that VIA NANO supported both x86-64 and padlock.
And wikipedia (sorry) seems to confirm this
https://en.wikipedia.org/wiki/VIA_Nano

>     
>     Reviewed by: khng
>     Differential Revision:  https://reviews.freebsd.org/D53309
> ---
>  sys/amd64/conf/GENERIC | 1 -
>  sys/amd64/conf/MINIMAL | 1 -
>  sys/conf/files.i386    | 1 +
>  sys/conf/files.x86     | 1 -
>  sys/i386/conf/NOTES    | 7 +++++++
>  sys/modules/Makefile   | 4 +++-
>  sys/x86/conf/NOTES     | 1 -
>  7 files changed, 11 insertions(+), 5 deletions(-)
> 
> diff --git a/sys/amd64/conf/GENERIC b/sys/amd64/conf/GENERIC
> index 2e41ed26403a..fb8473505128 100644
> --- a/sys/amd64/conf/GENERIC
> +++ b/sys/amd64/conf/GENERIC
> @@ -309,7 +309,6 @@ device		wpi			# Intel 3945ABG wireless NICs.
>  device		crypto			# core crypto support
>  device		aesni			# AES-NI OpenCrypto module
>  device		loop			# Network loopback
> -device		padlock_rng		# VIA Padlock RNG
>  device		rdrand_rng		# Intel Bull Mountain RNG
>  device		ether			# Ethernet support
>  device		vlan			# 802.1Q VLAN support
> diff --git a/sys/amd64/conf/MINIMAL b/sys/amd64/conf/MINIMAL
> index 0baf6d6431de..61c713c609a4 100644
> --- a/sys/amd64/conf/MINIMAL
> +++ b/sys/amd64/conf/MINIMAL
> @@ -113,7 +113,6 @@ device		uart			# Generic UART driver
>  
>  # Pseudo devices.
>  device		loop			# Network loopback
> -device		padlock_rng		# VIA Padlock RNG
>  device		rdrand_rng		# Intel Bull Mountain RNG
>  device		ether			# Ethernet support
>  
> diff --git a/sys/conf/files.i386 b/sys/conf/files.i386
> index 41c51a7aa9c5..e6c2089e2c1e 100644
> --- a/sys/conf/files.i386
> +++ b/sys/conf/files.i386
> @@ -33,6 +33,7 @@ dev/hyperv/vmbus/i386/hyperv_machdep.c			optional	hyperv
>  dev/le/if_le_isa.c		optional le isa
>  dev/ofw/ofw_pcib.c		optional fdt pci
>  dev/pcf/pcf_isa.c		optional pcf
> +dev/random/nehemiah.c		optional padlock_rng !random_loadable
>  dev/sbni/if_sbni.c		optional sbni
>  dev/sbni/if_sbni_isa.c		optional sbni isa
>  dev/sbni/if_sbni_pci.c		optional sbni pci
> diff --git a/sys/conf/files.x86 b/sys/conf/files.x86
> index 21a1b8046f12..31b8e88a6951 100644
> --- a/sys/conf/files.x86
> +++ b/sys/conf/files.x86
> @@ -310,7 +310,6 @@ dev/ntb/ntb_hw/ntb_hw_plx.c	optional	ntb_hw_plx | ntb_hw
>  dev/ntb/test/ntb_tool.c		optional	ntb_tool
>  dev/nvram/nvram.c		optional	nvram isa
>  dev/random/ivy.c		optional	rdrand_rng !random_loadable
> -dev/random/nehemiah.c		optional	padlock_rng !random_loadable
>  dev/random/rdseed.c		optional	rdrand_rng !random_loadable
>  dev/qat_c2xxx/qat.c		optional	qat_c2xxx
>  dev/qat_c2xxx/qat_ae.c		optional	qat_c2xxx
> diff --git a/sys/i386/conf/NOTES b/sys/i386/conf/NOTES
> index 93dc00634cc0..fbcea76527db 100644
> --- a/sys/i386/conf/NOTES
> +++ b/sys/i386/conf/NOTES
> @@ -302,6 +302,13 @@ envvar		hint.pcf.0.irq="5"
>  #
>  device		glxsb		# AMD Geode LX Security Block
>  
> +#
> +# padlock is a driver for the cryptographic functions and RNG in
> +# VIA C3, C7, and Eden processors.
> +# Requires 'device crypto'.
> +#
> +device		padlock_rng	# VIA Padlock RNG
> +
>  #####################################################################
>  # ABI Emulation
>  
> diff --git a/sys/modules/Makefile b/sys/modules/Makefile
> index 9bc743c0c6d1..cde4c1c0e9ac 100644
> --- a/sys/modules/Makefile
> +++ b/sys/modules/Makefile
> @@ -819,7 +819,6 @@ _nfe=		nfe
>  _nvram=		nvram
>  .if ${MK_CRYPT} != "no" || defined(ALL_MODULES)
>  _padlock=	padlock
> -_padlock_rng=	padlock_rng
>  _rdrand_rng=	rdrand_rng
>  _rdseed_rng=	rdseed_rng
>  .endif
> @@ -892,6 +891,9 @@ _glxsb=		glxsb
>  _pcfclock=	pcfclock
>  _pst=		pst
>  _sbni=		sbni
> +.if ${MK_CRYPT} != "no" || defined(ALL_MODULES)
> +_padlock_rng=	padlock_rng
> +.endif
>  .endif
>  
>  .if ${MACHINE_ARCH} == "armv7"
> diff --git a/sys/x86/conf/NOTES b/sys/x86/conf/NOTES
> index 3b3439b519d7..fadaf90d508f 100644
> --- a/sys/x86/conf/NOTES
> +++ b/sys/x86/conf/NOTES
> @@ -541,7 +541,6 @@ device		smbios
>  device		vpd
>  device		asmc
>  device		tpm
> -device		padlock_rng	# VIA Padlock RNG
>  device		rdrand_rng	# Intel Bull Mountain RNG
>  device		aesni		# AES-NI OpenCrypto module
>  device		ossl		# OpenSSL OpenCrypto module