From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from EUR01-VE1-obe.outbound.protection.outlook.com (EUR01-VE1-obe.outbound.protection.outlook.com [40.107.14.89]) by mx.groups.io with SMTP id smtpd.web11.83467.1682438717349846200 for ; Tue, 25 Apr 2023 09:05:17 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=PzLCt3qn; spf=pass (domain: arm.com, ip: 40.107.14.89, mailfrom: sami.mujawar@arm.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=B6BW4DLITQBE+qf/EJbQmQZamV0fpzUlCNUKDINAM3Q=; b=PzLCt3qnAAISfdW3AB3boL+bZ6NScDEvf5sA6mM1qdebSeri39fdK6jTENBMZrUOsy4BQ4rBlbJm5/c6CngvnKoNzee6Fg4S0wMLLHCdDJ5cgAxk70t4th6aELszTvCccE3wu/xuzfVjLmOPLf+HQkpT2WY2ZRRIyGNBhuZJcMY= Received: from AS8PR04CA0159.eurprd04.prod.outlook.com (2603:10a6:20b:331::14) by AS8PR08MB10099.eurprd08.prod.outlook.com (2603:10a6:20b:628::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.33; Tue, 25 Apr 2023 16:05:14 +0000 Received: from AM7EUR03FT057.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:331:cafe::8f) by AS8PR04CA0159.outlook.office365.com (2603:10a6:20b:331::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.34 via Frontend Transport; Tue, 25 Apr 2023 16:05:14 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM7EUR03FT057.mail.protection.outlook.com (100.127.140.117) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6340.21 via Frontend Transport; Tue, 25 Apr 2023 16:05:13 +0000 Received: ("Tessian outbound 945aec65ec65:v136"); Tue, 25 Apr 2023 16:05:13 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 2c961156b0ee9ee4 X-CR-MTA-TID: 64aa7808 Received: from 0fd47ba6f48c.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id C5AA35FA-ED8C-49EC-9709-59BB20063A52.1; Tue, 25 Apr 2023 16:05:06 +0000 Received: from EUR02-AM0-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 0fd47ba6f48c.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Tue, 25 Apr 2023 16:05:06 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Qgvt6jCOqoEAKUkuPOS3tS3s+24OxRJx2F9mVTA4LNbVYHcJvJ6sgKR9wJt++/FY8aCONY0ZY2G9sqqizNxdorT8ILpEE+75MPOkh9F+jDFFz2XNWBf5l+D+4U09iNZ8D6fkBrDQ3P779lHa3KZuSAvTxM67LsUbPU25XpnTyUtWKYqKuege5wQeS/oNcvjRgSxNxjT2fIgLjxSGGpgpWBVxBHWBZEBCdcwOcyYd7+uY1MFmSTvDG+JEqpsRQzA1fXsJsdQv8nVhtoJ7ihzDdsgCSWXHRDhc8tvV2LRa4wgpvkdTuN8prZwULtkmTDifL2wiLfeq1j9ZlDaF02uQ/w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=B6BW4DLITQBE+qf/EJbQmQZamV0fpzUlCNUKDINAM3Q=; b=lLdfVn2rNlsmsFhWqI5NIwSBwUjr3dRqBqt827Y091b+lcMdT2sXC/b/7039Ygv/vW7c93AD9hgaWnsi+vCtDZyTvdEsjsZrVkEP4HkCvtQu5OChrZhUy0v+2VEXYuQK8ZY4WbQvV9k8g0QqvbzgX0PsREkC/iT/rGlgFuyAyzIdT8GFo4NfyiYDPiliuFv65ilfIwASVphI7BLelD46XqWizr/e/o6/GSYivo7dA2Ap5RavpWTnwXefxh3DjzJ/xkIyAJM4DuMlsH5IgTTtTbR0SOrAiUzkXljAbpFLWyIhGFIlR3g91L5yUvucAgrGvEpfS4Tt6v3YEQZ5gwrbAA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 40.67.248.234) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=B6BW4DLITQBE+qf/EJbQmQZamV0fpzUlCNUKDINAM3Q=; b=PzLCt3qnAAISfdW3AB3boL+bZ6NScDEvf5sA6mM1qdebSeri39fdK6jTENBMZrUOsy4BQ4rBlbJm5/c6CngvnKoNzee6Fg4S0wMLLHCdDJ5cgAxk70t4th6aELszTvCccE3wu/xuzfVjLmOPLf+HQkpT2WY2ZRRIyGNBhuZJcMY= Received: from DUZPR01CA0011.eurprd01.prod.exchangelabs.com (2603:10a6:10:3c3::19) by GV2PR08MB8582.eurprd08.prod.outlook.com (2603:10a6:150:b5::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.34; Tue, 25 Apr 2023 16:05:03 +0000 Received: from DBAEUR03FT004.eop-EUR03.prod.protection.outlook.com (2603:10a6:10:3c3:cafe::38) by DUZPR01CA0011.outlook.office365.com (2603:10a6:10:3c3::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.34 via Frontend Transport; Tue, 25 Apr 2023 16:05:03 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 40.67.248.234 as permitted sender) receiver=protection.outlook.com; client-ip=40.67.248.234; helo=nebula.arm.com; pr=C Received: from nebula.arm.com (40.67.248.234) by DBAEUR03FT004.mail.protection.outlook.com (100.127.142.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6340.20 via Frontend Transport; Tue, 25 Apr 2023 16:05:03 +0000 Received: from AZ-NEU-EX04.Arm.com (10.251.24.32) by AZ-NEU-EX04.Arm.com (10.251.24.32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Tue, 25 Apr 2023 16:05:00 +0000 Received: from E114225.Arm.com (10.1.196.36) by mail.arm.com (10.251.24.32) with Microsoft SMTP Server id 15.1.2507.23 via Frontend Transport; Tue, 25 Apr 2023 16:05:00 +0000 From: "Sami Mujawar" To: CC: Sami Mujawar , , , , , , , , , , Subject: [RFC PATCH v1 30/30] ArmVirtPkg: Kvmtool: Switch to use BaseRng for AArch64 Date: Tue, 25 Apr 2023 17:04:28 +0100 Message-ID: <20230425160428.27980-31-sami.mujawar@arm.com> X-Mailer: git-send-email 2.16.2.windows.1 In-Reply-To: <20230425160428.27980-1-sami.mujawar@arm.com> References: <20230425160428.27980-1-sami.mujawar@arm.com> MIME-Version: 1.0 X-EOPAttributedMessage: 1 X-MS-TrafficTypeDiagnostic: DBAEUR03FT004:EE_|GV2PR08MB8582:EE_|AM7EUR03FT057:EE_|AS8PR08MB10099:EE_ X-MS-Office365-Filtering-Correlation-Id: c9ca6ea9-e94e-4418-7133-08db45a6dac2 x-checkrecipientrouted: true NoDisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: DEjrrNby/NYijJopYBHwgM6/lGSrqt8mTy/DMMhxZ5L+gK4To5isdWu+R8UwoOlPUs/7ydpQps5ahBHEb8ja2D8NTFQLkjErxD5yos2U0UdRbJLHQGaYdMztfnKnmOeGWZKiP8V5Ps235189G+jWiUnzj2S2Ry38PyTfQK+lqeR+Tgo7xDNvgyhHV9pTqsvCDsFfS3QsAtscO/TwsdG29VAgB+uN6pBaFSPClBq7hA4GuLWisM9BLxN2ggor630DY4PQ+jfJd5p6N047RTpZwcqiEbm/VijDXIox8fpkjJFa8S9JEHGspWwngja9I3DyZOiaGn9CtVUGLgmYuF/6Sdap+ToHRxJNCeYzi2VSTtYPVGoJS3Aj28A6kjzuFzO6i6x5y8WcK2Uic5BvwbbhyX9BGFvACtWdIOlW0myDvQqgP6um3F7K212Ve+7F7J8w/gMDcuZXqz7kinXOLcWOZxZwKRq80mkyfX83n6NBYQzP3KwnZrbmXgqgz602rALIYAUnuOKTp0JvDhlL6qcgvCkHdQ+RwoZ+ZIU9jTm/loq2kAgg3BdMgTP95ZIhtCfVf/Ilq9Gvxia7u7EaFpJxBeAWoF1emBr0JvKhaQ2olTGacOWAhW39d3cnjWvV9JRz28Gdt+K3JTGq8RJvsSwChVrHAfOPeVz0E8J4XlXqst/UzibZ5gVbe3pALWhLkByipFuK5gqjKdkMVbpYg6oaKCmCUSmAjicIKkumvRY9YZs= X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:nebula.arm.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230028)(4636009)(39860400002)(396003)(376002)(346002)(136003)(451199021)(36840700001)(46966006)(34070700002)(54906003)(478600001)(5660300002)(8936002)(8676002)(36756003)(2906002)(86362001)(82310400005)(44832011)(40480700001)(6916009)(4326008)(82740400003)(316002)(70206006)(70586007)(356005)(41300700001)(81166007)(426003)(336012)(186003)(2616005)(1076003)(26005)(36860700001)(83380400001)(7696005)(47076005)(6666004)(36900700001);DIR:OUT;SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV2PR08MB8582 Return-Path: Sami.Mujawar@arm.com X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM7EUR03FT057.eop-EUR03.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: be2ccbc8-2170-4862-0de5-08db45a6d439 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: a8YJHbAsK6VY0iH8Oy3xWisdN4bi6+nDs0z6Ud2niuZ8jgZPYVusN0skmGNfau3egtC/pgou+/BFqPmES7yU6597FWdrE0I8pPZ8t4JoL/j50TRAfs0yX/Z+tjStaWtTfohx/yVNStyDEpVl8VDbdNkZTakh1wKKGjWGXtmLdJ5ChXdtPEbtglrizCDe3A/KT9uDs8bAeadV9Cu+2SPWiCChbAb1DMMfSLk7BRyNHNYmuzrMpV11fdbmhI6XtcFmz8djE0Q47ZmWIroKtGaPGWiR6TcKfo6j8A8hBPLaaZK3zfpXskEyPNhtJ1gxWhOzJbx6IPK+nJwFkEFYSJO8ipFTif0popsRffzkzIaqLNkELjWmGxq9l2SVR9UAJ/uTQ4m3iM5ywee25F0InLcPPZrWS+ZFI7kHQ2Uh4Ea8COno3h2MwgeGgx9hJkw/LH1L4b2OAIp23N3FXUwMjrSUETj9EJ6E7jykmc53a0AsYuvzBwXwuDftJwiTKm9EWonylMmAgumaSlTIY2M+cy+sWWCTTWOzZDdPFUhoIzlBlc6+hU54bBWshbryYlMaa+LNEgH1DiDWnqlW+MwnhXtZrJYWqw7z1Bhwf5BjmTQKZg+k9C3tdOrRyhSR/S7qOqITrOU40J3BGnK6A/Qw9ypB9czY/9QHwvcf0IDKKmmHUWpZHV+U959Y1nQcmZZoZuXzVCva+TuGG9UPkB25q6S0D+b+vx6ltaU8EUa576bDK+4= X-Forefront-Antispam-Report: CIP:63.35.35.123;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:64aa7808-outbound-1.mta.getcheckrecipient.com;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;CAT:NONE;SFS:(13230028)(4636009)(396003)(346002)(136003)(39860400002)(376002)(451199021)(46966006)(36840700001)(40470700004)(7696005)(2906002)(2616005)(6666004)(186003)(40480700001)(1076003)(70206006)(70586007)(8936002)(8676002)(41300700001)(6916009)(4326008)(316002)(26005)(478600001)(44832011)(5660300002)(54906003)(82740400003)(81166007)(82310400005)(36756003)(86362001)(40460700003)(36860700001)(47076005)(336012)(426003)(83380400001)(34070700002);DIR:OUT;SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Apr 2023 16:05:13.9652 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c9ca6ea9-e94e-4418-7133-08db45a6dac2 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: AM7EUR03FT057.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8PR08MB10099 Content-Type: text/plain The kvmtool guest firmware is using the default RNG library defined in ArmVirtPkg.dsc.inc which is BaseRngLibTimerLib. BaseRngLibTimerLib is only present to use for test purposes on platforms that do not have a suitable RNG source and must not be used for production purposes. Armv8.5 introduces random number instructions (e.g., RNDR) which return a 64-bit random number. Although, this feature is optional, it can be assumed that most modern platforms will implement this support. This feature i.e. FEAT_RNG can be discovered by examining the processor feature registers. It is therefore desirable to use the RNDR instructions instead of using the default BaseRngLibTimerLib which is unsafe. The BaseRngLib in MdePkg already implements the RNG support using RNDR. However, it is worth noting that FEAT_RNG is supported in AArch64 state only. Therefore, switch to using the BaseRngLib instance for AArch64 firmware builds. The AArch32 firmware builds will continue to use BaseRngLibTimerLib. Note: The guest firmware already supports Virtio RNG. So, should the processor not implement FEAT_RNG, the guest firmware can fall back to use Virtio RNG. Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirtKvmTool.dsc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/ArmVirtPkg/ArmVirtKvmTool.dsc b/ArmVirtPkg/ArmVirtKvmTool.dsc index d9dd7a67307ffed5da16837301f18e7715187450..829a378a8dcfdbb5045db3610104a0f5c43431dc 100644 --- a/ArmVirtPkg/ArmVirtKvmTool.dsc +++ b/ArmVirtPkg/ArmVirtKvmTool.dsc @@ -89,6 +89,7 @@ [LibraryClasses.common] [LibraryClasses.AARCH64] ArmCcaLib|ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.inf ArmCcaRsiLib|ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.inf + RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf [LibraryClasses.common.SEC, LibraryClasses.common.PEI_CORE, LibraryClasses.common.PEIM] PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf @@ -170,6 +171,10 @@ [PcdsFixedAtBuild.common] gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800 !endif + # Define a UUID that represents the CPU based RNG algorithm implemented by RNDR + # {BABE3B70-6474-4C0C-AFD8-3B8A32482C40} + gEfiSecurityPkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm|{ 0xba, 0xbe, 0x3b, 0x70, 0x64, 0x74, 0x4c, 0x0c, 0xaf, 0xd8, 0x3b, 0x8a, 0x32, 0x48, 0x2c, 0x40} + [PcdsPatchableInModule.common] # # This will be overridden in the code -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'