From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.765.1664553981576445183 for ; Fri, 30 Sep 2022 09:06:21 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: pierre.gondois@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 028EA1424; Fri, 30 Sep 2022 09:06:28 -0700 (PDT) Received: from pierre123.nice.arm.com (pierre123.nice.arm.com [10.34.100.116]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id E1A193F792; Fri, 30 Sep 2022 09:06:19 -0700 (PDT) From: "PierreGondois" To: devel@edk2.groups.io Cc: Sami Mujawar , Leif Lindholm , Ard Biesheuvel , Rebecca Cran , Michael D Kinney , Liming Gao , Jiewen Yao , Jian J Wang Subject: [PATCH v6 18/19] SecurityPkg/RngDxe: Add Arm support of RngDxe Date: Fri, 30 Sep 2022 18:05:31 +0200 Message-Id: <20220930160532.2921381-19-Pierre.Gondois@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220930160532.2921381-1-Pierre.Gondois@arm.com> References: <20220930160532.2921381-1-Pierre.Gondois@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Pierre Gondois Bugzilla: 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3D3668) Add RngDxe support for Arm. This implementation uses the TrngLib to support the RawAlgorithm and doens't support the RNDR instruction. To re-use the RngGetRNG(), RngGetInfo() and FreeAvailableAlgorithms() functions, create Arm/AArch64 files which implement the arch specific function GetAvailableAlgorithms(). Indeed, FEAT_RNG instruction is not supported on Arm. Signed-off-by: Pierre Gondois --- .../RngDxe/AArch64/AArch64Algo.c | 72 +++++++++++++++++++ .../RngDxe/Arm/ArmAlgo.c | 51 +++++++++++++ .../RandomNumberGenerator/RngDxe/ArmRngDxe.c | 60 ---------------- .../RandomNumberGenerator/RngDxe/RngDxe.inf | 12 +++- SecurityPkg/SecurityPkg.dsc | 2 +- 5 files changed, 133 insertions(+), 64 deletions(-) create mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArc= h64Algo.c create mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.= c diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo= .c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c new file mode 100644 index 000000000000..d7e80a0d0d0d --- /dev/null +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c @@ -0,0 +1,72 @@ +/** @file + Aarch64 specific code. + + Copyright (c) 2022, Arm Limited. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include +#include +#include +#include + +#include "RngDxeInternals.h" + +// Maximum number of Rng algorithms. +#define RNG_AVAILABLE_ALGO_MAX 2 + +/** Allocate and initialize mAvailableAlgoArray with the available + Rng algorithms. Also update mAvailableAlgoArrayCount. + + @retval EFI_SUCCESS The function completed successfully. + @retval EFI_OUT_OF_RESOURCES Could not allocate memory. +**/ +EFI_STATUS +EFIAPI +GetAvailableAlgorithms ( + VOID + ) +{ + UINT64 DummyRand; + UINT16 MajorRevision; + UINT16 MinorRevision; + + // Rng algorithms 2 times, one for the allocation, one to populate. + mAvailableAlgoArray =3D AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX); + if (mAvailableAlgoArray =3D=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } + + // Check RngGetBytes() before advertising PcdCpuRngSupportedAlgorithm. + if (!EFI_ERROR (RngGetBytes (sizeof (DummyRand), (UINT8 *)&DummyRand))= ) { + CopyMem ( + &mAvailableAlgoArray[mAvailableAlgoArrayCount], + PcdGetPtr (PcdCpuRngSupportedAlgorithm), + sizeof (EFI_RNG_ALGORITHM) + ); + mAvailableAlgoArrayCount++; + + DEBUG_CODE_BEGIN (); + if (IsZeroGuid (PcdGetPtr (PcdCpuRngSupportedAlgorithm))) { + DEBUG (( + DEBUG_WARN, + "PcdCpuRngSupportedAlgorithm should be a non-zero GUID\n" + )); + } + + DEBUG_CODE_END (); + } + + // Raw algorithm (Trng) + if (!EFI_ERROR (GetTrngVersion (&MajorRevision, &MinorRevision))) { + CopyMem ( + &mAvailableAlgoArray[mAvailableAlgoArrayCount], + &gEfiRngAlgorithmRaw, + sizeof (EFI_RNG_ALGORITHM) + ); + mAvailableAlgoArrayCount++; + } + + return EFI_SUCCESS; +} diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c b/Sec= urityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c new file mode 100644 index 000000000000..5acef91fe3b2 --- /dev/null +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c @@ -0,0 +1,51 @@ +/** @file + Arm specific code. + + Copyright (c) 2022, Arm Limited. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include +#include +#include +#include + +#include "RngDxeInternals.h" + +// Maximum number of Rng algorithms. +#define RNG_AVAILABLE_ALGO_MAX 1 + +/** Allocate and initialize mAvailableAlgoArray with the available + Rng algorithms. Also update mAvailableAlgoArrayCount. + + @retval EFI_SUCCESS The function completed successfully. + @retval EFI_OUT_OF_RESOURCES Could not allocate memory. +**/ +EFI_STATUS +EFIAPI +GetAvailableAlgorithms ( + VOID + ) +{ + UINT16 MajorRevision; + UINT16 MinorRevision; + + // Rng algorithms 2 times, one for the allocation, one to populate. + mAvailableAlgoArray =3D AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX); + if (mAvailableAlgoArray =3D=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } + + // Raw algorithm (Trng) + if (!EFI_ERROR (GetTrngVersion (&MajorRevision, &MinorRevision))) { + CopyMem ( + &mAvailableAlgoArray[mAvailableAlgoArrayCount], + &gEfiRngAlgorithmRaw, + sizeof (EFI_RNG_ALGORITHM) + ); + mAvailableAlgoArrayCount++; + } + + return EFI_SUCCESS; +} diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c b/Secur= ityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c index 0d853720ecb1..5ba319899ce9 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c @@ -28,70 +28,10 @@ #include #include #include -#include -#include #include =20 #include "RngDxeInternals.h" =20 -// Maximum number of Rng algorithms. -#define RNG_AVAILABLE_ALGO_MAX 2 - -/** Allocate and initialize mAvailableAlgoArray with the available - Rng algorithms. Also update mAvailableAlgoArrayCount. - - @retval EFI_SUCCESS The function completed successfully. - @retval EFI_OUT_OF_RESOURCES Could not allocate memory. -**/ -EFI_STATUS -EFIAPI -GetAvailableAlgorithms ( - VOID - ) -{ - UINT64 DummyRand; - UINT16 MajorRevision; - UINT16 MinorRevision; - - // Rng algorithms 2 times, one for the allocation, one to populate. - mAvailableAlgoArray =3D AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX); - if (mAvailableAlgoArray =3D=3D NULL) { - return EFI_OUT_OF_RESOURCES; - } - - // Check RngGetBytes() before advertising PcdCpuRngSupportedAlgorithm. - if (!EFI_ERROR (RngGetBytes (sizeof (DummyRand), (UINT8 *)&DummyRand))= ) { - CopyMem ( - &mAvailableAlgoArray[mAvailableAlgoArrayCount], - PcdGetPtr (PcdCpuRngSupportedAlgorithm), - sizeof (EFI_RNG_ALGORITHM) - ); - mAvailableAlgoArrayCount++; - - DEBUG_CODE_BEGIN (); - if (IsZeroGuid (PcdGetPtr (PcdCpuRngSupportedAlgorithm))) { - DEBUG (( - DEBUG_WARN, - "PcdCpuRngSupportedAlgorithm should be a non-zero GUID\n" - )); - } - - DEBUG_CODE_END (); - } - - // Raw algorithm (Trng) - if (!EFI_ERROR (GetTrngVersion (&MajorRevision, &MinorRevision))) { - CopyMem ( - &mAvailableAlgoArray[mAvailableAlgoArrayCount], - &gEfiRngAlgorithmRaw, - sizeof (EFI_RNG_ALGORITHM) - ); - mAvailableAlgoArrayCount++; - } - - return EFI_SUCCESS; -} - /** Free mAvailableAlgoArray. **/ VOID diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf b/Securi= tyPkg/RandomNumberGenerator/RngDxe/RngDxe.inf index 337becf5224f..9f1630161032 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf @@ -28,7 +28,7 @@ [Defines] # # The following information is for reference only and not required by th= e build tools. # -# VALID_ARCHITECTURES =3D IA32 X64 AARCH64 +# VALID_ARCHITECTURES =3D IA32 X64 AARCH64 ARM # =20 [Sources.common] @@ -41,10 +41,16 @@ [Sources.IA32, Sources.X64] Rand/AesCore.c Rand/AesCore.h =20 -[Sources.AARCH64] +[Sources.AARCH64, Sources.ARM] ArmRngDxe.c ArmTrng.c =20 +[Sources.AARCH64] + AArch64/AArch64Algo.c + +[Sources.ARM] + Arm/ArmAlgo.c + [Packages] MdeModulePkg/MdeModulePkg.dec MdePkg/MdePkg.dec @@ -59,7 +65,7 @@ [LibraryClasses] TimerLib RngLib =20 -[LibraryClasses.AARCH64] +[LibraryClasses.AARCH64, LibraryClasses.ARM] TrngLib =20 [Guids] diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index 690a45e89728..55d17e64efd8 100644 --- a/SecurityPkg/SecurityPkg.dsc +++ b/SecurityPkg/SecurityPkg.dsc @@ -290,7 +290,7 @@ [Components.IA32, Components.X64, Components.ARM, Com= ponents.AARCH64] SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootD= efaultKeysDxe.inf =20 -[Components.IA32, Components.X64, Components.AARCH64] +[Components.IA32, Components.X64, Components.AARCH64, Components.ARM] # # Random Number Generator # --=20 2.25.1