From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169])
 by mx.groups.io with SMTP id smtpd.web10.1106.1687984442915616404
 for <devel@edk2.groups.io>;
 Wed, 28 Jun 2023 13:34:02 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20221208 header.b=DrUdPIDl;
 spf=pass (domain: gmail.com, ip: 209.85.210.169, mailfrom: kuqin12@gmail.com)
Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-666e3b15370so166871b3a.0
        for <devel@edk2.groups.io>; Wed, 28 Jun 2023 13:34:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20221208; t=1687984442; x=1690576442;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:from:to:cc:subject:date:message-id:reply-to;
        bh=eMLyGqBlHF4WdoeEfH063b6CQYoVkd+x7OjsoI6riF8=;
        b=DrUdPIDlqWzabAADw08/ktB+TZXQnS1lKhM3KaNMav3c4RRosrf3xsNRtmmrm61O35
         L7/fZ3PciSc+L/2TwWtbyhqYDZ5XzJjyf6Y7MbKZCMNZxQ/F3ScJfpQh3T4bLf3Imcyu
         +XvaiLqcqjBGqsSnftskFIaaTno+AtkjdG7naZSVwG9518KHUuX9jnroduP4Yy4lM3H5
         TULlWLkWnLAqfEnu1Of84SPkUDb1ZFuOqByqVvDq/mKqPCzy1zwALuYktCzemGq9nsRf
         yXnSYqij5NBh70T7xzqnLqr2vysW9W0oWVsgyKYOWcEINItTxSX+dJxB1UHh5ohKD88v
         jM2Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1687984442; x=1690576442;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=eMLyGqBlHF4WdoeEfH063b6CQYoVkd+x7OjsoI6riF8=;
        b=OJes47eCgz2tACyrt6PUQywZAGgvtDpBQPmtIr2MCzwNvv+i08jglMn6EcfNyBlAk7
         IcZTzV91eO1/blP/ly7sJ8w9gS4oKK3R/pJQdcDxN/v8LSg7OItx4T6cHf4X9jOOdV6B
         aM7ptk2GuhUnSK9N3fBCBfQfff70CKBdXv/+ovn9k4n+0NJLO8+B4+WWuc0JjKt1XGFN
         gQ57YxXTnsiIrcWcy3JJgkoCZuye5a6jvvXmwym8uSUi3aR5ksIJ4Q1xyy9DfgJs75Cp
         Arku2sAVxBMAvXG7lhNMoRkarQMdrZVce1PAEDZYBP7VnUG+nWFmfU64tjHjbKVxEGYp
         VKEg==
X-Gm-Message-State: AC+VfDwQb7RkKIY7aPmkR8J4i9KrW+3gDysi+NMzWwS0KEf9B7k87piR
	HB1avGiowf0Ti42zGQ3PpnXJLyoykgI=
X-Google-Smtp-Source: ACHHUZ5vaMpEz6O7uw4nhFzhKRpljfHN2iF1TQHh6wzquRqEgIZmZ3HegQiRdFoAlyfUtJa+vkUTDA==
X-Received: by 2002:a05:6a00:b48:b0:67e:18c6:d2db with SMTP id p8-20020a056a000b4800b0067e18c6d2dbmr5914786pfo.28.1687984442066;
        Wed, 28 Jun 2023 13:34:02 -0700 (PDT)
Return-Path: <kuqin12@gmail.com>
Received: from MININT-0U7P5GU.redmond.corp.microsoft.com ([2001:4898:80e8:36:c4fd:c6b3:a2ad:4140])
        by smtp.gmail.com with ESMTPSA id x19-20020aa793b3000000b0064d681c753csm6064157pff.40.2023.06.28.13.34.01
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 28 Jun 2023 13:34:01 -0700 (PDT)
From: "Kun Qin" <kuqin12@gmail.com>
To: devel@edk2.groups.io
Cc: Jiewen Yao <jiewen.yao@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Sami Mujawar <Sami.Mujawar@arm.com>,
	Pierre Gondois <pierre.gondois@arm.com>
Subject: [PATCH v1 0/2] Fixing RngDxe error for ARM/AARCH64
Date: Wed, 28 Jun 2023 13:33:54 -0700
Message-ID: <20230628203357.2001-1-kuqin12@gmail.com>
X-Mailer: git-send-email 2.41.0.windows.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4491

On an ARM system that does not support firmware TRNG, the current logic
from RngDxe will cause the system to assert at the below line:
`ASSERT (Index != mAvailableAlgoArrayCount);`

The reason seems to be:
1. When initializing the number of `mAvailableAlgoArrayCount`, the logic
will only treat the zero guid of "PcdCpuRngSupportedAlgorithm" as a
warning and still increment the counter because "RngGetBytes" might still
succeed:
https://github.com/tianocore/edk2/blob/1a39bdf2c53858ebb39e6de1362203c65c163c63/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c#L51C3-L51C3.
2. This will cause the main entry to publish the RNG protocol and accept
further usage.
3. However, during usage, the zero guid is always filtered out: 
https://github.com/tianocore/edk2/blob/1a39bdf2c53858ebb39e6de1362203c65c163c63/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c#L91.
Thus, this will cause the system to always not able to find the algorithm
and fail the boot with an assert.

The suggestion is to at least make the logic of initializing
"mAvailableAlgoArrayCount" consistent and filtering algorithm consistent.

In addition, the usage of `mAvailableAlgoArray` will always trigger a
data abortion error, which is caused by buffer allocated is
`RNG_AVAILABLE_ALGO_MAX` number of bytes, which should be
`RNG_AVAILABLE_ALGO_MAX` nubmer of EFI_RNG_ALGORITHM.

This patch fixed the 2 issues above. The change is verified on QEMU
virtual platform and proprietary physical platform.

Patch v1 branch: https://github.com/kuqin12/edk2/tree/fix_rng_edk2_v1

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Sami Mujawar <Sami.Mujawar@arm.com>
Cc: Pierre Gondois <pierre.gondois@arm.com>

Kun Qin (2):
  SecurityPkg: RngDxe: Unify handling of zero guid
  SecurityPkg: RngDxe: Fixing mAvailableAlgoArray allocator

 SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c | 9 +++++----
 SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c         | 2 +-
 2 files changed, 6 insertions(+), 5 deletions(-)

-- 
2.41.0.windows.1