I have been doing some tooling around in illumos trying to use rdrand/rdseed to help feed the os rng pool. For curiosity's sake I was trying to figure out/find documentation on how the entropy source underlying these instructions related to numa. Documents like this pdf talk about how the entropy source works, but dont help with the thingWhile QAT is far from receiving universal support, it is a multi-generational Intel accelerator technology that is popular in the embedded systems market. AMD does not have a compatible accelerator platform at this time but Intel offers QAT on PCIe cards or via chips if that is absolutely required.
i was trying to figure out.
The first lines of the introduction to that pdf do say something interesting.
I cant find much public information about this co-processor other then press releases announcing its existence and that it will have a linux driver. Well we have that driver now.This document describes the Random Number Generator (RNG) design used in the Cryptographic Co-Processor (CCP) 5.0 hardware included in the AMD RYZEN and EPYC processors.
torvalds/linux
The driver code/comments and git history start to tell us some more useful things, like a list of supported algorithms.
- sha 1/224/256/384/512
- aes 128/192/256
- des3
- rsa
We also have mentions of AMDs Platform Security Processor(PSP), with grammar implying that it is a sub-component of the CCP. The driver also exposes an api for controlling the secure virtualization/encrypted memory feature.
My searching has revealed no openssl engine supporting the CCP, or other support outside of the linux kernel crypto api at thing time. With one exception, freebsd has a vary experimental/broken CCP driver.