From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.26224.1683618161647445005 for ; Tue, 09 May 2023 00:42:41 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: pierre.gondois@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id BA2F71576; Tue, 9 May 2023 00:43:25 -0700 (PDT) Received: from e126645.arm.com (e126645.nice.arm.com [10.34.100.110]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id BEA6B3F5A1; Tue, 9 May 2023 00:42:39 -0700 (PDT) From: "PierreGondois" To: devel@edk2.groups.io Cc: Michael D Kinney , Liming Gao , Zhiguang Liu , Jiewen Yao , Jian J Wang , Ard Biesheuvel , Sami Mujawar , Jose Marinho , Samer El-Haj-Mahmoud Subject: [PATCH v1 7/8] SecurityPkg/RngDxe: Select safe default Rng algorithm Date: Tue, 9 May 2023 09:40:41 +0200 Message-Id: <20230509074042.1523428-8-pierre.gondois@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230509074042.1523428-1-pierre.gondois@arm.com> References: <20230509074042.1523428-1-pierre.gondois@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Pierre Gondois The first element of mAvailableAlgoArray should be the default algorithm to avoid going through a selection process at each RngGetRNG() call. Once all the available Rng algorithms have been probed, place a safe Rng algorithm at the first position of mAvailableAlgoArray. Signed-off-by: Pierre Gondois --- .../RngDxe/AArch64/AArch64Algo.c | 48 ++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo= .c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c index a1ff7bd58fda..ed236b2e8141 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c @@ -17,6 +17,50 @@ // Maximum number of Rng algorithms. #define RNG_AVAILABLE_ALGO_MAX 2 =20 +/** mAvailableAlgoArray[0] should contain the default Rng algorithm. + The Rng algorithm at the first index might be unsafe. + If a safe algorithm is available, choose it as the default one. +**/ +VOID +EFIAPI +RngFindDefaultAlgo ( + VOID + ) +{ + EFI_RNG_ALGORITHM *CurAlgo; + EFI_RNG_ALGORITHM TmpGuid; + UINTN Index; + + CurAlgo =3D &mAvailableAlgoArray[0]; + + if (IsZeroGuid (CurAlgo) || + !CompareGuid (CurAlgo, &gEfiRngAlgorithmUnSafe)) + { + // mAvailableAlgoArray[0] is a valid Rng algorithm. + return; + } + + for (Index =3D 1; Index < mAvailableAlgoArrayCount; Index++) { + CurAlgo =3D &mAvailableAlgoArray[Index]; + if (!IsZeroGuid (CurAlgo) || + CompareGuid (CurAlgo, &gEfiRngAlgorithmUnSafe)) + { + break; + } + } + + if (Index =3D=3D mAvailableAlgoArrayCount) { + // No valid Rng algorithm available. + return; + } + + CopyMem (&TmpGuid, CurAlgo, sizeof (EFI_RNG_ALGORITHM)); + CopyMem (CurAlgo, &mAvailableAlgoArray[0], sizeof (EFI_RNG_ALGORITHM))= ; + CopyMem (&mAvailableAlgoArray[0], &TmpGuid, sizeof (EFI_RNG_ALGORITHM)= ); + + return; +} + /** Allocate and initialize mAvailableAlgoArray with the available Rng algorithms. Also update mAvailableAlgoArrayCount. =20 @@ -45,7 +89,7 @@ GetAvailableAlgorithms ( if (!EFI_ERROR (Status)) { CopyMem ( &mAvailableAlgoArray[mAvailableAlgoArrayCount], - RngGuid, + &RngGuid, sizeof (RngGuid) ); mAvailableAlgoArrayCount++; @@ -68,5 +112,7 @@ GetAvailableAlgorithms ( mAvailableAlgoArrayCount++; } =20 + RngFindDefaultAlgo (); + return EFI_SUCCESS; } --=20 2.25.1