From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mx.groups.io with SMTP id smtpd.web10.13526.1688739912418423935
 for <devel@edk2.groups.io>;
 Fri, 07 Jul 2023 07:25:12 -0700
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: pierre.gondois@arm.com)
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id E74FDD75;
	Fri,  7 Jul 2023 07:25:53 -0700 (PDT)
Received: from [10.34.100.101] (e126645.nice.arm.com [10.34.100.101])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 782AF3F73F;
	Fri,  7 Jul 2023 07:25:10 -0700 (PDT)
Message-ID: <03d09427-a2da-4ab8-ed9e-0955158b2b9b@arm.com>
Date: Fri, 7 Jul 2023 16:25:06 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.11.0
Subject: Re: [edk2-devel] [PATCH v3 3/6] MdePkg/Rng: Add GUIDs to describe Rng algorithms
To: "Yao, Jiewen" <jiewen.yao@intel.com>,
 "devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: "Kinney, Michael D" <michael.d.kinney@intel.com>,
 "Gao, Liming" <gaoliming@byosoft.com.cn>,
 "Liu, Zhiguang" <zhiguang.liu@intel.com>,
 "Wang, Jian J" <jian.j.wang@intel.com>,
 Ard Biesheuvel <ardb+tianocore@kernel.org>,
 Sami Mujawar <sami.mujawar@arm.com>, Jose Marinho <Jose.Marinho@arm.com>,
 Kun Qin <kuqin12@gmail.com>
References: <20230706085159.626374-1-pierre.gondois@arm.com>
 <20230706085159.626374-4-pierre.gondois@arm.com>
 <MW4PR11MB58724376D44DB52B0A9F5E7F8C2DA@MW4PR11MB5872.namprd11.prod.outlook.com>
 <08f90a96-e053-cb5d-abeb-cb63b85f14cc@arm.com>
 <176F972B57840483.2683@groups.io>
 <MW4PR11MB58721F05514A4821FDBF79508C2DA@MW4PR11MB5872.namprd11.prod.outlook.com>
From: "PierreGondois" <pierre.gondois@arm.com>
In-Reply-To: <MW4PR11MB58721F05514A4821FDBF79508C2DA@MW4PR11MB5872.namprd11.prod.outlook.com>
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable

Hello Jiewen,

We have the following dependency issue:
- the BaseRngTimerLib is in the MdePkg
- we need a GUID to describe the BaseRngTimerLib algorithm
- we cannot add the gEdkiiRngAlgorithmUnSafe in the MdePkg, and the gZeroGu=
id is also not in the MdePkg
- the MdePkg should not have dependencies over other packages

As the BaseRngTimerLib is not really standard and should not be used in pro=
duction builds,
would you agree if it was moved to the MdeModulePkg or to the SecurityPkg (=
with the gEdkiiRngAlgorithmUnSafe definition) ?

Regards,
Pierre


The issue we have

On 7/7/23 15:05, Yao, Jiewen wrote:
> FYI: I filed https://bugzilla.tianocore.org/show_bug.cgi?id=3D4497 to tra=
ck the gEdkiiMemoryAcceptProtocolGuid issue.
>=20
> Thank you
> Yao, Jiewen
>=20
>=20
>> -----Original Message-----
>> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao, Jiew=
en
>> Sent: Friday, July 7, 2023 8:57 PM
>> To: Pierre Gondois <pierre.gondois@arm.com>; devel@edk2.groups.io
>> Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Gao, Liming
>> <gaoliming@byosoft.com.cn>; Liu, Zhiguang <zhiguang.liu@intel.com>; Wang=
,
>> Jian J <jian.j.wang@intel.com>; Ard Biesheuvel <ardb+tianocore@kernel.or=
g>;
>> Sami Mujawar <sami.mujawar@arm.com>; Jose Marinho
>> <Jose.Marinho@arm.com>; Kun Qin <kuqin12@gmail.com>
>> Subject: Re: [edk2-devel] [PATCH v3 3/6] MdePkg/Rng: Add GUIDs to descri=
be
>> Rng algorithms
>>
>> I don=E2=80=99t think MdePkg should have Edkii- style protocol.
>>
>> I am not sure why gEdkiiMemoryAcceptProtocolGuid is in MdePkg.
>> It should be in MdeModulePkg, IMHO.
>>
>> Thank you
>> Yao, Jiewen
>>
>>> -----Original Message-----
>>> From: Pierre Gondois <pierre.gondois@arm.com>
>>> Sent: Friday, July 7, 2023 8:49 PM
>>> To: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>
>>> Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Gao, Liming
>>> <gaoliming@byosoft.com.cn>; Liu, Zhiguang <zhiguang.liu@intel.com>; Wan=
g,
>>> Jian J <jian.j.wang@intel.com>; Ard Biesheuvel <ardb+tianocore@kernel.o=
rg>;
>>> Sami Mujawar <sami.mujawar@arm.com>; Jose Marinho
>>> <Jose.Marinho@arm.com>; Kun Qin <kuqin12@gmail.com>
>>> Subject: Re: [edk2-devel] [PATCH v3 3/6] MdePkg/Rng: Add GUIDs to descr=
ibe
>>> Rng algorithms
>>>
>>> Hello Jiewen,
>>>
>>> The gEfiRngAlgorithmArmRndr GUID is to be added to the UEFI spec with:
>>> - https://bugzilla.tianocore.org/show_bug.cgi?id=3D4441
>>> - https://mantis.uefi.org/mantis/view.php?id=3D2386
>>>
>>> the gEdkiiMemoryAcceptProtocolGuid GUID should not be in the UEFI spec,
>>> so I used the 'gEdkii' prefix as already used in MdePkg.dec for:
>>> - gEdkiiMemoryAcceptProtocolGuid
>>>
>>> Regards,
>>> Pierre
>>>
>>> On 7/7/23 11:14, Yao, Jiewen via groups.io wrote:
>>>> MdePkg can only add UEFI defined API.
>>>>
>>>> Is below defined by UEFI?
>>>>
>>>> Thank you
>>>> Yao, Jiewen
>>>>
>>>>
>>>>
>>>>> -----Original Message-----
>>>>> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of
>>>>> PierreGondois
>>>>> Sent: Thursday, July 6, 2023 4:52 PM
>>>>> To: devel@edk2.groups.io
>>>>> Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Gao, Liming
>>>>> <gaoliming@byosoft.com.cn>; Liu, Zhiguang <zhiguang.liu@intel.com>;
>> Yao,
>>>>> Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>;
>> Ard
>>>>> Biesheuvel <ardb+tianocore@kernel.org>; Sami Mujawar
>>>>> <sami.mujawar@arm.com>; Jose Marinho <Jose.Marinho@arm.com>; Kun
>>> Qin
>>>>> <kuqin12@gmail.com>
>>>>> Subject: [edk2-devel] [PATCH v3 3/6] MdePkg/Rng: Add GUIDs to describ=
e
>>> Rng
>>>>> algorithms
>>>>>
>>>>> From: Pierre Gondois <pierre.gondois@arm.com>
>>>>>
>>>>> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4441
>>>>>
>>>>> The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has multiple
>>>>> implementations, some of them are unsafe (e.g. BaseRngLibTimerLib).
>>>>> To allow the RngDxe to detect when such implementation is used,
>>>>> a GetRngGuid() function is added in a following patch.
>>>>>
>>>>> Prepare GetRngGuid() return values and add GUIDs describing
>>>>> Rng algorithms:
>>>>> - gEfiRngAlgorithmArmRndr
>>>>> to describe a Rng algorithm accessed through Arm's RNDR instruction.
>>>>> [1] states that the implementation of this algorithm should be
>>>>> compliant to NIST SP900-80. The compliance is not guaranteed.
>>>>> - gEdkiiRngAlgorithmUnSafe
>>>>> to describe an unsafe implementation, cf. the BaseRngLibTimerLib.
>>>>>
>>>>> [1] Arm Architecture Reference Manual Armv8, for A-profile architectu=
re
>>>>> sK12.1 'Properties of the generated random number'
>>>>>
>>>>> Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
>>>>> Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
>>>>> ---
>>>>>    MdePkg/Include/Protocol/Rng.h | 20 ++++++++++++++++++++
>>>>>    MdePkg/MdePkg.dec             |  2 ++
>>>>>    2 files changed, 22 insertions(+)
>>>>>
>>>>> diff --git a/MdePkg/Include/Protocol/Rng.h
>>> b/MdePkg/Include/Protocol/Rng.h
>>>>> index baf425587b3c..ceae77ba9c73 100644
>>>>> --- a/MdePkg/Include/Protocol/Rng.h
>>>>> +++ b/MdePkg/Include/Protocol/Rng.h
>>>>> @@ -67,6 +67,24 @@ typedef EFI_GUID EFI_RNG_ALGORITHM;
>>>>>      { \
>>>>>        0xe43176d7, 0xb6e8, 0x4827, {0xb7, 0x84, 0x7f, 0xfd, 0xc4, 0xb=
6, 0x85,
>>> 0x61 }
>>>>> \
>>>>>      }
>>>>> +///
>>>>> +/// The Arm Architecture states the RNDR that the DRBG algorithm sho=
uld
>>> be
>>>>> compliant
>>>>> +/// with NIST SP800-90A, while not mandating a particular algorithm,=
 so as
>>> to
>>>>> be
>>>>> +/// inclusive of different geographies.
>>>>> +///
>>>>> +#define EFI_RNG_ALGORITHM_ARM_RNDR \
>>>>> +  { \
>>>>> +    0x43d2fde3, 0x9d4e, 0x4d79,  {0x02, 0x96, 0xa8, 0x9b, 0xca, 0x78=
, 0x08,
>>>>> 0x41} \
>>>>> +  }
>>>>> +///
>>>>> +/// The implementation of a Random Number Generator might be unsafe,
>>>>> when using
>>>>> +/// a dummy implementation for instance. Allow identifying such
>>>>> implementation
>>>>> +/// with this GUID.
>>>>> +///
>>>>> +#define EDKII_RNG_ALGORITHM_UNSAFE \
>>>>> +  { \
>>>>> +    0x869f728c, 0x409d, 0x4ab4, {0xac, 0x03, 0x71, 0xd3, 0x09, 0xc1,=
 0xb3,
>>>>> 0xf4 } \
>>>>> +  }
>>>>>
>>>>>    /**
>>>>>      Returns information about the random number generation
>> implementation.
>>>>> @@ -146,5 +164,7 @@ extern EFI_GUID
>>> gEfiRngAlgorithmSp80090Ctr256Guid;
>>>>>    extern EFI_GUID  gEfiRngAlgorithmX9313DesGuid;
>>>>>    extern EFI_GUID  gEfiRngAlgorithmX931AesGuid;
>>>>>    extern EFI_GUID  gEfiRngAlgorithmRaw;
>>>>> +extern EFI_GUID  gEfiRngAlgorithmArmRndr;
>>>>> +extern EFI_GUID  gEdkiiRngAlgorithmUnSafe;
>>>>>
>>>>>    #endif
>>>>> diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
>>>>> index 5b8477f4cb8f..2c8f985f253e 100644
>>>>> --- a/MdePkg/MdePkg.dec
>>>>> +++ b/MdePkg/MdePkg.dec
>>>>> @@ -643,6 +643,8 @@ [Guids]
>>>>>      gEfiRngAlgorithmX9313DesGuid       =3D { 0x63c4785a, 0xca34, 0x4=
012,
>> {0xa3,
>>>>> 0xc8, 0x0b, 0x6a, 0x32, 0x4f, 0x55, 0x46 }}
>>>>>      gEfiRngAlgorithmX931AesGuid        =3D { 0xacd03321, 0x777e, 0x4=
d3d,
>> {0xb1,
>>>>> 0xc8, 0x20, 0xcf, 0xd8, 0x88, 0x20, 0xc9 }}
>>>>>      gEfiRngAlgorithmRaw                =3D { 0xe43176d7, 0xb6e8, 0x4=
827, {0xb7,
>>> 0x84,
>>>>> 0x7f, 0xfd, 0xc4, 0xb6, 0x85, 0x61 }}
>>>>> +  gEfiRngAlgorithmArmRndr            =3D { 0x43d2fde3, 0x9d4e, 0x4d7=
9, {0x02,
>>> 0x96,
>>>>> 0xa8, 0x9b, 0xca, 0x78, 0x08, 0x41 }}
>>>>> +  gEdkiiRngAlgorithmUnSafe           =3D { 0x869f728c, 0x409d, 0x4ab=
4, {0xac,
>>> 0x03,
>>>>> 0x71, 0xd3, 0x09, 0xc1, 0xb3, 0xf4 }}
>>>>>
>>>>>      ## Include/Protocol/AdapterInformation.h
>>>>>      gEfiAdapterInfoMediaStateGuid       =3D { 0xD7C74207, 0xA831, 0x=
4A26,
>>> {0xB1,
>>>>> 0xF5, 0xD1, 0x93, 0x06, 0x5C, 0xE8, 0xB6 }}
>>>>> --
>>>>> 2.25.1
>>>>>
>>>>>
>>>>>
>>>>> -=3D-=3D-=3D-=3D-=3D-=3D
>>>>> Groups.io Links: You receive all messages sent to this group.
>>>>> View/Reply Online (#106688):
>>> https://edk2.groups.io/g/devel/message/106688
>>>>> Mute This Topic: https://groups.io/mt/99981855/1772286
>>>>> Group Owner: devel+owner@edk2.groups.io
>>>>> Unsubscribe: https://edk2.groups.io/g/devel/unsub [jiewen.yao@intel.c=
om]
>>>>> -=3D-=3D-=3D-=3D-=3D-=3D
>>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>
>>
>>=20
>>
>=20