[PATCH] D132141: [X86] Emulate _rdrand64_step with two rdrand32 if it is 32bit

Simon Pilgrim via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Mon Aug 22 07:07:03 PDT 2022


RKSimon added inline comments.


================
Comment at: clang/lib/Headers/immintrin.h:301
+  unsigned long long tmp;
+  if (__builtin_ia32_rdrand32_step((unsigned int *)&tmp) &
+      __builtin_ia32_rdrand32_step(((unsigned int *)&tmp) + 1)) {
----------------
yubing wrote:
> RKSimon wrote:
> > RKSimon wrote:
> > > craig.topper wrote:
> > > > craig.topper wrote:
> > > > > Should `&` be `&&`?
> > > > Can we avoid the pointer cast here? Use two unsigned ints and manually concatenate them to a 64-bit value.
> > > +1
> > > ```
> > > unsigned int lo, hi;
> > > if (__builtin_ia32_rdrand32_step(&lo) &&
> > >     __builtin_ia32_rdrand32_step(&hi)) {
> > >   *p = ((unsigned long)hi << 32) | lo;
> > >   return 1;
> > > }
> > > ```
> > Are there any sideeffects that we might encounter by not always performing both __builtin_ia32_rdrand32_step calls?
> > ```
> >   unsigned int __lo, __hi;
> >   int __res_lo = __builtin_ia32_rdrand32_step(&__lo);
> >   int __res_hi = __builtin_ia32_rdrand32_step(&__hi);
> >   if (__res_lo && __res_hi) {
> >     *__p = ((unsigned long long)__hi << 32) | (unsigned long long)__lo;
> >     return 1;
> >   } else {
> >     *__p = 0;
> >     return 0;
> >   }
> > ```
> however, if the first rdrand32 failed, then we don't need to execute the second one.
I understand that - but given randomizers are often used for sensitive applications (crypto) - my question was whether not always calling this twice was going to affect things.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D132141/new/

https://reviews.llvm.org/D132141



More information about the cfe-commits mailing list