From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id B14E9D80696 for ; Wed, 19 Jul 2023 05:15:27 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=Sd6cxVrr7cpGFDKC49H1n+JDelkEspR9xXXZInjq92Q=; c=relaxed/simple; d=groups.io; h=X-Received:X-Received:X-Received:X-Received:X-Received:X-Received:X-WM-Sender:X-Originating-IP:X-WM-AuthFlag:X-WM-AuthUser:From:To:Cc:References:In-Reply-To:Subject:Date:Message-ID:MIME-Version:Thread-Index:Precedence:List-Unsubscribe:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:X-Gm-Message-State:Content-Type:Content-Transfer-Encoding:Content-Language; s=20140610; t=1689743726; v=1; b=WFX3Zdhc5+nBjoC5zfaYdMrzD7/9s8gBP6hwjWA569iKCdMGfMnVdGTszK3fKqCKBXXktTPJ Y4u6v+Nb5X/USyHnYwf4CaM041DZFR6rNw0We/Zi/r/+Lfy3tbI4Eu7N4fDwmjObi5UKgSaEiig NCHmMGQBPFE9IYvQoMptn/xE= X-Received: by 127.0.0.2 with SMTP id mzJOYY7687511xkA8JJ3FKLQ; Tue, 18 Jul 2023 22:15:26 -0700 X-Received: from zrleap.intel-email.com (zrleap.intel-email.com [114.80.218.36]) by mx.groups.io with SMTP id smtpd.web11.7433.1689743724535638138 for ; Tue, 18 Jul 2023 22:15:25 -0700 X-Received: from zrleap.intel-email.com (localhost [127.0.0.1]) by zrleap.intel-email.com (Postfix) with ESMTP id C5469A32E052 for ; Wed, 19 Jul 2023 13:15:21 +0800 (CST) X-Received: from localhost (localhost [127.0.0.1]) by zrleap.intel-email.com (Postfix) with ESMTP id A65DBA32DFFB for ; Wed, 19 Jul 2023 13:15:21 +0800 (CST) X-Received: from mail.byosoft.com.cn (mail.byosoft.com.cn [58.240.74.242]) by zrleap.intel-email.com (Postfix) with SMTP id A96EEA32DFC4 for ; Wed, 19 Jul 2023 13:15:18 +0800 (CST) X-Received: from DESKTOPS6D0PVI ([58.246.60.130]) (envelope-sender ) by 192.168.6.13 with ESMTP for ; Wed, 19 Jul 2023 13:15:14 +0800 X-WM-Sender: gaoliming@byosoft.com.cn X-Originating-IP: 58.246.60.130 X-WM-AuthFlag: YES X-WM-AuthUser: gaoliming@byosoft.com.cn From: "gaoliming via groups.io" To: , Cc: "'Michael D Kinney'" , "'Zhiguang Liu'" , "'Jiewen Yao'" , "'Jian J Wang'" , "'Ard Biesheuvel'" , "'Sami Mujawar'" , "'Jose Marinho'" , "'Kun Qin'" References: <20230718115156.1224842-1-pierre.gondois@arm.com> In-Reply-To: <20230718115156.1224842-1-pierre.gondois@arm.com> Subject: =?UTF-8?B?5Zue5aSNOiBbZWRrMi1kZXZlbF0gW1BBVENIIHY1IDAvOV0gU2VjdXJpdHlQa2cvTWRlUGtnOiBVcGRhdGUgUm5nTGliIEdVSUQgaWRlbnRpZmljYXRpb24=?= Date: Wed, 19 Jul 2023 13:15:13 +0800 Message-ID: <000001d9b9ff$ffb98e50$ff2caaf0$@byosoft.com.cn> MIME-Version: 1.0 Thread-Index: AQMAKQWkrWYf0eGM0+VDyb2EBDsf+q1zrZOw Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,gaoliming@byosoft.com.cn X-Gm-Message-State: R91CCgtUXZ8xa6SFbyE12HMix7686176AA= Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Content-Language: zh-cn X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=WFX3Zdhc; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=none Pierre: Thanks for your update. For the changes in MdePkg, Reviewed-by: Liming Ga= o Thanks Liming > -----=D3=CA=BC=FE=D4=AD=BC=FE----- > =B7=A2=BC=FE=C8=CB: devel@edk2.groups.io =B4=FA=B1= =ED > PierreGondois > =B7=A2=CB=CD=CA=B1=BC=E4: 2023=C4=EA7=D4=C218=C8=D5 19:52 > =CA=D5=BC=FE=C8=CB: devel@edk2.groups.io > =B3=AD=CB=CD: Michael D Kinney ; Liming Gao > ; Zhiguang Liu ; Jiewen > Yao ; Jian J Wang ; Ard > Biesheuvel ; Sami Mujawar > ; Jose Marinho ; Kun > Qin > =D6=F7=CC=E2: [edk2-devel] [PATCH v5 0/9] SecurityPkg/MdePkg: Update RngL= ib GUID > identification >=20 > From: Pierre Gondois >=20 > v5: > - Let an implementation of BaseRngLibTimer in MdePkg to give some > time to platform owners to use the MdeModulePkg implementation. [4] > - New patch: > - [2/8] MdePkg: Add deprecated warning to BaseRngLibTimer >=20 > v4: > - New patches: > - [1/8] MdePkg: Move BaseRngLibTimerLib to MdeModulePkg > - [5/8] MdeModulePkg/Rng: Add GUID to describe unsafe Rng algorithms > - This patch-set now requires to be accepted along an edk-platforms patch > moving the BaseRngLibTimerLib to MdeModulePkg >=20 > v3: > - As the unsafe algorithm GUID will not be added to the UEFI > specification, rename: > - gEfiRngAlgorithmUnSafe to gEdkiiRngAlgorithmUnSafe > - EFI_RNG_ALGORITHM_UNSAFE to EDKII_RNG_ALGORITHM_UNSAFE >=20 > v2: > [1/8] MdePkg/ArmTrngLib: Remove ASSERTs in Null implementation > - Dropped > [2/8] MdePkg/MdePkg.dec: Move PcdCpuRngSupportedAlgorithm to MdePkg > - Change gEfiMdePkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm > token number > - Rename to SecurityPkg/SecurityPkg.dec: Move > PcdCpuRngSupportedAlgorithm to MdePkg > [5/8] MdePkg/Rng: Add GetRngGuid() to RngLib > - Remove gEfiRngAlgorithmUnSafe from inf file > - Split Guids definitions in arch specific sections > [6/8] SecurityPkg/RngDxe: Use GetRngGuid() when probing RngLib > - Remove RngFindDefaultAlgo() and change logic accordingly. > [7/8] SecurityPkg/RngDxe: Select safe default Rng algorithm > - Dropped due to changes in [6/8] >=20 > This patch also requires the following patch on top of the serie: > - https://edk2.groups.io/g/devel/message/106546 >=20 > This patchset follows the 'code first' approach and relates to [1]. > This patchset follows the thread at [3] that aims to solve [2]. > [1] and [2] are bound and this patchset aims to solve both. >=20 > In this patchset: > a- > The RngDxe can rely on the RngLib. However the RngLib has no > interface allowing to describe which Rng algorithm is implemented. > The RngDxe must advertise the algorithm that are available through > the RngGetInfo() callback. > Add a GetRngGuid() for interface to the RngLib. >=20 > b- > The Arm Architecture states the RNDR that the DRBG algorithm should > be compliant with NIST SP800-90A, while not mandating a particular > algorithm, so as to be inclusive of different geographies. > The RngLib can rely on this Arm RNDR instruction. In order to > accurately describe the implementation using the RNDR instruction, > add a EFI_RNG_ALGORITHM_ARM_RNDR GUID [1]. >=20 > c- > For the same reason as a/b, add a GUID describing unsafe RNG > algorithms, allowing to accurately describe the BaseRngLibTimerLib. >=20 > d- > Use a/b/c mechanisms/GUIDs to select a safe Rng algorithm in the > Arm implementation of the RngDxe. >=20 > [1] BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4441 > [2] BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4151 > [3] https://edk2.groups.io/g/devel/message/100806 > [4] BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4504 >=20 > Pierre Gondois (9): > MdeModulePkg: Duplicate BaseRngLibTimerLib to MdeModulePkg > MdePkg: Add deprecated warning to BaseRngLibTimer > SecurityPkg/SecurityPkg.dec: Move PcdCpuRngSupportedAlgorithm to > MdePkg > MdePkg/DxeRngLib: Request raw algorithm instead of default > MdePkg/Rng: Add GUID to describe Arm Rndr Rng algorithms > MdeModulePkg/Rng: Add GUID to describe unsafe Rng algorithms > MdePkg/Rng: Add GetRngGuid() to RngLib > SecurityPkg/RngDxe: Use GetRngGuid() when probing RngLib > SecurityPkg/RngDxe: Simplify Rng algorithm selection for Arm >=20 > ArmVirtPkg/ArmVirt.dsc.inc | 2 +- > EmulatorPkg/EmulatorPkg.dsc | 2 +- > MdeModulePkg/Include/Guid/RngAlgorithm.h | 23 ++++++++ > .../BaseRngLibTimerLib/BaseRngLibTimerLib.inf | 6 +- > .../BaseRngLibTimerLib/BaseRngLibTimerLib.uni | 15 +++++ > .../Library/BaseRngLibTimerLib/RngLibTimer.c | 28 ++++++++++ > MdeModulePkg/MdeModulePkg.dec | 3 + > MdeModulePkg/MdeModulePkg.dsc | 1 + > MdePkg/Include/Library/RngLib.h | 17 ++++++ > MdePkg/Include/Protocol/Rng.h | 10 ++++ > MdePkg/Library/BaseRngLib/AArch64/Rndr.c | 42 ++++++++++++++ > MdePkg/Library/BaseRngLib/BaseRngLib.inf | 10 ++++ > MdePkg/Library/BaseRngLib/Rand/RdRand.c | 26 +++++++++ > .../Library/BaseRngLibNull/BaseRngLibNull.c | 22 ++++++++ > .../BaseRngLibTimerLib/BaseRngLibTimerLib.inf | 1 + > .../Library/BaseRngLibTimerLib/RngLibTimer.c | 45 +++++++++++++++ > MdePkg/Library/DxeRngLib/DxeRngLib.c | 36 +++++++++++- > MdePkg/MdePkg.dec | 6 ++ > NetworkPkg/NetworkPkg.dsc | 4 +- > OvmfPkg/AmdSev/AmdSevX64.dsc | 2 +- > OvmfPkg/Bhyve/BhyveX64.dsc | 2 +- > OvmfPkg/CloudHv/CloudHvX64.dsc | 2 +- > OvmfPkg/IntelTdx/IntelTdxX64.dsc | 2 +- > OvmfPkg/Microvm/MicrovmX64.dsc | 2 +- > OvmfPkg/OvmfPkgIa32.dsc | 2 +- > OvmfPkg/OvmfPkgIa32X64.dsc | 2 +- > OvmfPkg/OvmfPkgX64.dsc | 2 +- > OvmfPkg/OvmfXen.dsc | 2 +- > OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc | 2 +- > .../RngDxe/AArch64/AArch64Algo.c | 55 > +++++++++++++------ > .../RandomNumberGenerator/RngDxe/ArmRngDxe.c | 23 +++----- > .../RandomNumberGenerator/RngDxe/RngDxe.inf | 5 +- > SecurityPkg/SecurityPkg.dec | 2 - > SecurityPkg/SecurityPkg.dsc | 4 +- > SignedCapsulePkg/SignedCapsulePkg.dsc | 4 +- > 35 files changed, 356 insertions(+), 56 deletions(-) > create mode 100644 MdeModulePkg/Include/Guid/RngAlgorithm.h > copy {MdePkg =3D> > MdeModulePkg}/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf (85%) > create mode 100644 > MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.uni > copy {MdePkg =3D> > MdeModulePkg}/Library/BaseRngLibTimerLib/RngLibTimer.c (83%) >=20 > -- > 2.25.1 >=20 >=20 >=20 > -=3D-=3D-=3D-=3D-=3D-=3D > Groups.io Links: You receive all messages sent to this group. > View/Reply Online (#107007): > https://edk2.groups.io/g/devel/message/107007 > Mute This Topic: https://groups.io/mt/100213727/4905953 > Group Owner: devel+owner@edk2.groups.io > Unsubscribe: https://edk2.groups.io/g/devel/unsub > [gaoliming@byosoft.com.cn] > -=3D-=3D-=3D-=3D-=3D-=3D >=20 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#107035): https://edk2.groups.io/g/devel/message/107035 Mute This Topic: https://groups.io/mt/100230427/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-