From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from zrleap.intel-email.com (zrleap.intel-email.com [114.80.218.36]) by mx.groups.io with SMTP id smtpd.web11.5737.1687662805860011291 for ; Sat, 24 Jun 2023 20:13:27 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@byosoft.com.cn header.s=cloud-union header.b=dPFgzHno; spf=pass (domain: byosoft.com.cn, ip: 114.80.218.36, mailfrom: gaoliming@byosoft.com.cn) Received: from zrleap.intel-email.com (localhost [127.0.0.1]) by zrleap.intel-email.com (Postfix) with ESMTP id 0C14BA32E046 for ; Sun, 25 Jun 2023 11:13:09 +0800 (CST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=byosoft.com.cn; s=cloud-union; t=1687662789; bh=9o6R0i91CD9Bb72Jz5uy3xDiMNg7zLQfzeKTWsh69Xs=; h=From:To:Cc:References:In-Reply-To:Subject:Date; b=dPFgzHnocwO2zKJXjD2ty6RfXgjVsgsO/UsInHGAlLENSO8JOV0SYKpTBaOk5lgVY szQMVVOxw8e6Y0GlM0MgEmoPHz8czOKy9nqPhACQpjWCDLL6aY1dz6Ww1s4W5SgGAN GDSiowbIm4iz70Ci9zs9OOuwtdm9b1njtavzuzr0= Received: from localhost (localhost [127.0.0.1]) by zrleap.intel-email.com (Postfix) with ESMTP id DB8CDA32E053 for ; Sun, 25 Jun 2023 11:13:08 +0800 (CST) Received: from zrleap.intel-email.com (localhost [127.0.0.1]) by zrleap.intel-email.com (Postfix) with ESMTP id 511D7A32E035 for ; Sun, 25 Jun 2023 11:13:08 +0800 (CST) Authentication-Results: zrleap.intel-email.com; none Received: from mail.byosoft.com.cn (mail.byosoft.com.cn [58.240.74.242]) by zrleap.intel-email.com (Postfix) with SMTP id C6867A32E052 for ; Sun, 25 Jun 2023 11:13:05 +0800 (CST) Received: from DESKTOPS6D0PVI ([58.246.60.130]) (envelope-sender ) by 192.168.6.13 with ESMTP for ; Sun, 25 Jun 2023 11:13:00 +0800 X-WM-Sender: gaoliming@byosoft.com.cn X-Originating-IP: 58.246.60.130 X-WM-AuthFlag: YES X-WM-AuthUser: gaoliming@byosoft.com.cn From: "gaoliming" To: "'Pierre Gondois'" , Cc: "'Michael D Kinney'" , "'Zhiguang Liu'" , "'Jiewen Yao'" , "'Jian J Wang'" , "'Ard Biesheuvel'" , "'Sami Mujawar'" , "'Jose Marinho'" , "'Samer El-Haj-Mahmoud'" References: <175D69C984B78702.26836@groups.io> <7cff1caa-2f34-446f-8bf9-028efc361cdd@arm.com> In-Reply-To: <7cff1caa-2f34-446f-8bf9-028efc361cdd@arm.com> Subject: =?UTF-8?B?5Zue5aSNOiBbZWRrMi1kZXZlbF0gW1BBVENIIHYxIDAvOF0gU2VjdXJpdHlQa2cvTWRlUGtnOiBSbmdMaWIgR1VJRA==?= Date: Sun, 25 Jun 2023 11:13:01 +0800 Message-ID: <03e401d9a712$f31b68d0$d9523a70$@byosoft.com.cn> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AQIqftaJrWZ5lOIbzGrhSoAy+S8tfgJxrmrOruWaTOA= Sender: "gaoliming" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Content-Language: zh-cn Pierre: This patch set moves PCD from = gEfiSecurityPkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm to MdePkg. It = may impact the platform those set this PCD in their DSC. Have you = evaluated its impact? Thanks Liming > -----=E9=82=AE=E4=BB=B6=E5=8E=9F=E4=BB=B6----- > =E5=8F=91=E4=BB=B6=E4=BA=BA: Pierre Gondois > =E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: = 2023=E5=B9=B46=E6=9C=8823=E6=97=A5 17:02 > =E6=94=B6=E4=BB=B6=E4=BA=BA: devel@edk2.groups.io > =E6=8A=84=E9=80=81: Michael D Kinney ; = Liming Gao > ; Zhiguang Liu ; = Jiewen > Yao ; Jian J Wang ; Ard > Biesheuvel ; Sami Mujawar > ; Jose Marinho ; Samer > El-Haj-Mahmoud > =E4=B8=BB=E9=A2=98: Re: [edk2-devel] [PATCH v1 0/8] = SecurityPkg/MdePkg: RngLib GUID >=20 > Hello, > Just a ping for the patch-set, >=20 > Regards, > Pierre >=20 > On 5/9/23 09:40, PierreGondois via groups.io wrote: > > From: Pierre Gondois > > > > This patchset follows the 'code first' approach and relies on [1]. > > This patchset follows the thread at [3] that aims to solve [2]. > > [1] and [2] are bound and this patchset aims to solve both. > > > > In this patchset: > > a- > > The RngDxe can rely on the RngLib. However the RngLib has no > > interface allowing to describe which Rng algorithm is implemented. > > The RngDxe must advertise the algorithm that are available through > > the RngGetInfo() callback. > > Add a GetRngGuid() for interface to the RngLib. > > > > b- > > The Arm Architecture states the RNDR that the DRBG algorithm should > > be compliant with NIST SP800-90A, while not mandating a particular > > algorithm, so as to be inclusive of different geographies. > > The RngLib can rely on this Arm RNDR instruction. In order to > > accurately describe the implementation using the RNDR instruction, > > add a EFI_RNG_ALGORITHM_ARM_RNDR GUID [1]. > > > > c- > > For the same reason as a/b, add a GUID describing unsafe RNG > > algorithms, allowing to accurately describe the BaseRngLibTimerLib. > > > > d- > > Use a/b/c mechanisms/GUIDs to select a safe Rng algorithm in the > > Arm implementation of the RngDxe. > > > > [1] BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4441 > > [2] BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4151 > > [3] https://edk2.groups.io/g/devel/message/100806 > > > > Pierre Gondois (8): > > MdePkg/ArmTrngLib: Remove ASSERTs in Null implementation > > MdePkg/MdePkg.dec: Move PcdCpuRngSupportedAlgorithm to MdePkg > > MdePkg/DxeRngLib: Request raw algorithm instead of default > > MdePkg/Rng: Add GUIDs to describe Rng algorithms > > MdePkg/Rng: Add GetRngGuid() to RngLib > > SecurityPkg/RngDxe: Use GetRngGuid() when probing RngLib > > SecurityPkg/RngDxe: Select safe default Rng algorithm > > SecurityPkg/RngDxe: Simplify Rng algorithm selection for Arm > > > > MdePkg/Include/Library/RngLib.h | 17 +++++ > > MdePkg/Include/Protocol/Rng.h | 20 ++++++ > > .../BaseArmTrngLibNull/BaseArmTrngLibNull.c | 4 -- > > MdePkg/Library/BaseRngLib/AArch64/Rndr.c | 42 +++++++++++ > > MdePkg/Library/BaseRngLib/BaseRngLib.inf | 9 +++ > > MdePkg/Library/BaseRngLib/Rand/RdRand.c | 26 +++++++ > > .../Library/BaseRngLibNull/BaseRngLibNull.c | 22 ++++++ > > .../BaseRngLibTimerLib/BaseRngLibTimerLib.inf | 3 + > > .../Library/BaseRngLibTimerLib/RngLibTimer.c | 28 ++++++++ > > MdePkg/Library/DxeRngLib/DxeRngLib.c | 36 +++++++++- > > MdePkg/MdePkg.dec | 7 ++ > > .../RngDxe/AArch64/AArch64Algo.c | 70 > +++++++++++++++---- > > .../RandomNumberGenerator/RngDxe/ArmRngDxe.c | 23 +++--- > > .../RandomNumberGenerator/RngDxe/RngDxe.inf | 5 +- > > SecurityPkg/SecurityPkg.dec | 2 - > > 15 files changed, 278 insertions(+), 36 deletions(-) > >