public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [edk2-devel] [PATCH v6 0/9] SecurityPkg/MdePkg: Update RngLib GUID identification
@ 2023-08-11 14:33 PierreGondois
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 1/9] MdeModulePkg: Duplicate BaseRngLibTimerLib to MdeModulePkg PierreGondois
                   ` (8 more replies)
  0 siblings, 9 replies; 10+ messages in thread
From: PierreGondois @ 2023-08-11 14:33 UTC (permalink / raw)
  To: devel
  Cc: Michael D Kinney, Liming Gao, Zhiguang Liu, Jiewen Yao,
	Jian J Wang, Ard Biesheuvel, Sami Mujawar, Kun Qin

From: Pierre Gondois <pierre.gondois@arm.com>

v6:
- Added Tested/Reviewed-by
- [8/9] SecurityPkg/RngDxe: Use GetRngGuid() when probing RngLib
  - Remove unused gEfiRngAlgorithmArmRndr definition in 

v5:
- Let an implementation of BaseRngLibTimer in MdePkg to give some
  time to platform owners to use the MdeModulePkg implementation. [4]
- New patch:
  - [2/8] MdePkg: Add deprecated warning to BaseRngLibTimer

v4:
- New patches:
  - [1/8] MdePkg: Move BaseRngLibTimerLib to MdeModulePkg
  - [5/8] MdeModulePkg/Rng: Add GUID to describe unsafe Rng algorithms
- This patch-set now requires to be accepted along an edk-platforms patch
  moving the BaseRngLibTimerLib to MdeModulePkg

v3:
- As the unsafe algorithm GUID will not be added to the UEFI
  specification, rename:
  - gEfiRngAlgorithmUnSafe to gEdkiiRngAlgorithmUnSafe
  - EFI_RNG_ALGORITHM_UNSAFE to EDKII_RNG_ALGORITHM_UNSAFE

v2:
[1/8] MdePkg/ArmTrngLib: Remove ASSERTs in Null implementation
- Dropped
[2/8] MdePkg/MdePkg.dec: Move PcdCpuRngSupportedAlgorithm to MdePkg
- Change gEfiMdePkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm
  token number
- Rename to SecurityPkg/SecurityPkg.dec: Move
  PcdCpuRngSupportedAlgorithm to MdePkg
[5/8] MdePkg/Rng: Add GetRngGuid() to RngLib
- Remove gEfiRngAlgorithmUnSafe from inf file
- Split Guids definitions in arch specific sections
[6/8] SecurityPkg/RngDxe: Use GetRngGuid() when probing RngLib
- Remove RngFindDefaultAlgo() and change logic accordingly.
[7/8] SecurityPkg/RngDxe: Select safe default Rng algorithm
- Dropped due to changes in [6/8]

This patch also requires the following patch on top of the serie:
- https://edk2.groups.io/g/devel/message/106546

This patchset follows the 'code first' approach and relates to [1].
This patchset follows the thread at [3] that aims to solve [2].
[1] and [2] are bound and this patchset aims to solve both.

In this patchset:
a-
The RngDxe can rely on the RngLib. However the RngLib has no
interface allowing to describe which Rng algorithm is implemented.
The RngDxe must advertise the algorithm that are available through
the RngGetInfo() callback.
Add a GetRngGuid() for interface to the RngLib.

b-
The Arm Architecture states the RNDR that the DRBG algorithm should
be compliant with NIST SP800-90A, while not mandating a particular
algorithm, so as to be inclusive of different geographies.
The RngLib can rely on this Arm RNDR instruction. In order to
accurately describe the implementation using the RNDR instruction,
add a EFI_RNG_ALGORITHM_ARM_RNDR GUID [1].

c-
For the same reason as a/b, add a GUID describing unsafe RNG
algorithms, allowing to accurately describe the BaseRngLibTimerLib.

d-
Use a/b/c mechanisms/GUIDs to select a safe Rng algorithm in the
Arm implementation of the RngDxe.

[1] BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4441
[2] BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4151
[3] https://edk2.groups.io/g/devel/message/100806
[4] BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4504

Pierre Gondois (9):
  MdeModulePkg: Duplicate BaseRngLibTimerLib to MdeModulePkg
  MdePkg: Add deprecated warning to BaseRngLibTimer
  SecurityPkg/SecurityPkg.dec: Move PcdCpuRngSupportedAlgorithm to
    MdePkg
  MdePkg/DxeRngLib: Request raw algorithm instead of default
  MdePkg/Rng: Add GUID to describe Arm Rndr Rng algorithms
  MdeModulePkg/Rng: Add GUID to describe unsafe Rng algorithms
  MdePkg/Rng: Add GetRngGuid() to RngLib
  SecurityPkg/RngDxe: Use GetRngGuid() when probing RngLib
  SecurityPkg/RngDxe: Simplify Rng algorithm selection for Arm

 ArmVirtPkg/ArmVirt.dsc.inc                    |  2 +-
 EmulatorPkg/EmulatorPkg.dsc                   |  2 +-
 MdeModulePkg/Include/Guid/RngAlgorithm.h      | 23 ++++++++
 .../BaseRngLibTimerLib/BaseRngLibTimerLib.inf |  6 +-
 .../BaseRngLibTimerLib/BaseRngLibTimerLib.uni | 15 +++++
 .../Library/BaseRngLibTimerLib/RngLibTimer.c  | 28 ++++++++++
 MdeModulePkg/MdeModulePkg.dec                 |  3 +
 MdeModulePkg/MdeModulePkg.dsc                 |  1 +
 MdePkg/Include/Library/RngLib.h               | 17 ++++++
 MdePkg/Include/Protocol/Rng.h                 | 10 ++++
 MdePkg/Library/BaseRngLib/AArch64/Rndr.c      | 42 ++++++++++++++
 MdePkg/Library/BaseRngLib/BaseRngLib.inf      | 10 ++++
 MdePkg/Library/BaseRngLib/Rand/RdRand.c       | 26 +++++++++
 .../Library/BaseRngLibNull/BaseRngLibNull.c   | 22 ++++++++
 .../BaseRngLibTimerLib/BaseRngLibTimerLib.inf |  1 +
 .../Library/BaseRngLibTimerLib/RngLibTimer.c  | 45 +++++++++++++++
 MdePkg/Library/DxeRngLib/DxeRngLib.c          | 36 +++++++++++-
 MdePkg/MdePkg.dec                             |  6 ++
 NetworkPkg/NetworkPkg.dsc                     |  4 +-
 OvmfPkg/AmdSev/AmdSevX64.dsc                  |  2 +-
 OvmfPkg/Bhyve/BhyveX64.dsc                    |  2 +-
 OvmfPkg/CloudHv/CloudHvX64.dsc                |  2 +-
 OvmfPkg/IntelTdx/IntelTdxX64.dsc              |  2 +-
 OvmfPkg/Microvm/MicrovmX64.dsc                |  2 +-
 OvmfPkg/OvmfPkgIa32.dsc                       |  2 +-
 OvmfPkg/OvmfPkgIa32X64.dsc                    |  2 +-
 OvmfPkg/OvmfPkgX64.dsc                        |  2 +-
 OvmfPkg/OvmfXen.dsc                           |  2 +-
 OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc           |  2 +-
 .../RngDxe/AArch64/AArch64Algo.c              | 55 +++++++++++++------
 .../RandomNumberGenerator/RngDxe/ArmRngDxe.c  | 23 +++-----
 .../RandomNumberGenerator/RngDxe/RngDxe.inf   |  4 +-
 SecurityPkg/SecurityPkg.dec                   |  2 -
 SecurityPkg/SecurityPkg.dsc                   |  4 +-
 SignedCapsulePkg/SignedCapsulePkg.dsc         |  4 +-
 35 files changed, 355 insertions(+), 56 deletions(-)
 create mode 100644 MdeModulePkg/Include/Guid/RngAlgorithm.h
 copy {MdePkg => MdeModulePkg}/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf (85%)
 create mode 100644 MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.uni
 copy {MdePkg => MdeModulePkg}/Library/BaseRngLibTimerLib/RngLibTimer.c (83%)

-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107709): https://edk2.groups.io/g/devel/message/107709
Mute This Topic: https://groups.io/mt/100684678/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 10+ messages in thread

* [edk2-devel] [PATCH v6 1/9] MdeModulePkg: Duplicate BaseRngLibTimerLib to MdeModulePkg
  2023-08-11 14:33 [edk2-devel] [PATCH v6 0/9] SecurityPkg/MdePkg: Update RngLib GUID identification PierreGondois
@ 2023-08-11 14:33 ` PierreGondois
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 2/9] MdePkg: Add deprecated warning to BaseRngLibTimer PierreGondois
                   ` (7 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: PierreGondois @ 2023-08-11 14:33 UTC (permalink / raw)
  To: devel
  Cc: Michael D Kinney, Liming Gao, Zhiguang Liu, Jiewen Yao,
	Jian J Wang, Ard Biesheuvel, Sami Mujawar, Kun Qin

From: Pierre Gondois <pierre.gondois@arm.com>

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4504

The BaseRngLibTimerLib allows to generate number based on a timer.
This mechanism allows to have a basic non-secure implementation
for non-production platforms.
To bind and identify Random Number Generators implementations with
a GUID, an unsafe GUID should be added. This GUID cannot be added
to the MdePkg unless it is also added to a specification.

To keep the MdePkg self-contained, copy the BaseRngLibTimerLib to
the MdeModulePkg. This will allow to define an unsafe Rng GUID
in a later patch in the MdeModulePkg.

The MdePkg implementation will be removed later. This allows to give
some time to platform owners to switch to the MdeModulePkg
implementation.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Tested-by: Kun Qin <kun.qin@microsoft.com>
---
 ArmVirtPkg/ArmVirt.dsc.inc                    |   2 +-
 EmulatorPkg/EmulatorPkg.dsc                   |   2 +-
 .../BaseRngLibTimerLib/BaseRngLibTimerLib.inf |  36 ++++
 .../BaseRngLibTimerLib/BaseRngLibTimerLib.uni |  15 ++
 .../Library/BaseRngLibTimerLib/RngLibTimer.c  | 192 ++++++++++++++++++
 MdeModulePkg/MdeModulePkg.dsc                 |   1 +
 NetworkPkg/NetworkPkg.dsc                     |   4 +-
 OvmfPkg/AmdSev/AmdSevX64.dsc                  |   2 +-
 OvmfPkg/Bhyve/BhyveX64.dsc                    |   2 +-
 OvmfPkg/CloudHv/CloudHvX64.dsc                |   2 +-
 OvmfPkg/IntelTdx/IntelTdxX64.dsc              |   2 +-
 OvmfPkg/Microvm/MicrovmX64.dsc                |   2 +-
 OvmfPkg/OvmfPkgIa32.dsc                       |   2 +-
 OvmfPkg/OvmfPkgIa32X64.dsc                    |   2 +-
 OvmfPkg/OvmfPkgX64.dsc                        |   2 +-
 OvmfPkg/OvmfXen.dsc                           |   2 +-
 OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc           |   2 +-
 SecurityPkg/SecurityPkg.dsc                   |   4 +-
 SignedCapsulePkg/SignedCapsulePkg.dsc         |   4 +-
 19 files changed, 262 insertions(+), 18 deletions(-)
 create mode 100644 MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 create mode 100644 MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.uni
 create mode 100644 MdeModulePkg/Library/BaseRngLibTimerLib/RngLibTimer.c

diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
index 2443e8351c99..3f7bac6bf33a 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -154,7 +154,7 @@ [LibraryClasses.common]
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
 !endif
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
   #
   # Secure Boot dependencies
diff --git a/EmulatorPkg/EmulatorPkg.dsc b/EmulatorPkg/EmulatorPkg.dsc
index b44435d7e6ee..b14654739b54 100644
--- a/EmulatorPkg/EmulatorPkg.dsc
+++ b/EmulatorPkg/EmulatorPkg.dsc
@@ -128,7 +128,7 @@ [LibraryClasses]
   FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
 
 !if $(SECURE_BOOT_ENABLE) == TRUE
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
   IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
   PlatformSecureLib|SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf
diff --git a/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf b/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
new file mode 100644
index 000000000000..f857290e823b
--- /dev/null
+++ b/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
@@ -0,0 +1,36 @@
+## @file
+#  Instance of RNG (Random Number Generator) Library.
+#
+#  BaseRng Library that uses the TimerLib to provide reasonably random numbers.
+#  Do NOT use this on a production system as this uses the system performance
+#  counter rather than a true source of random in addition to having a weak
+#  random algorithm. This is provided primarily as a source of entropy for
+#  OpenSSL for platforms that do not have a good built in RngLib as this
+#  emulates what was done before (though it isn't perfect).
+#
+#  Copyright (c) Microsoft Corporation. All rights reserved.<BR>
+#
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+#
+##
+
+[Defines]
+  INF_VERSION                    = 1.27
+  BASE_NAME                      = BaseRngLibTimerLib
+  MODULE_UNI_FILE                = BaseRngLibTimerLib.uni
+  FILE_GUID                      = 74950C45-10FC-4AB5-B114-49C87C17409B
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = RngLib
+
+[Sources]
+  RngLibTimer.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+
+[LibraryClasses]
+  BaseLib
+  DebugLib
+  TimerLib
diff --git a/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.uni b/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.uni
new file mode 100644
index 000000000000..fde24b9f0107
--- /dev/null
+++ b/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.uni
@@ -0,0 +1,15 @@
+// @file
+// Instance of RNG (Random Number Generator) Library.
+//
+// RngLib that uses TimerLib's performance counter to provide random numbers.
+//
+// Copyright (c) Microsoft Corporation.
+//
+// SPDX-License-Identifier: BSD-2-Clause-Patent
+//
+
+
+#string STR_MODULE_ABSTRACT     #language en-US "Instance of RNG Library"
+
+#string STR_MODULE_DESCRIPTION  #language en-US "BaseRng Library that uses the TimerLib to provide low-entropy random numbers"
+
diff --git a/MdeModulePkg/Library/BaseRngLibTimerLib/RngLibTimer.c b/MdeModulePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
new file mode 100644
index 000000000000..980854d67b72
--- /dev/null
+++ b/MdeModulePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
@@ -0,0 +1,192 @@
+/** @file
+  BaseRng Library that uses the TimerLib to provide reasonably random numbers.
+  Do not use this on a production system.
+
+  Copyright (c) Microsoft Corporation.
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#include <Base.h>
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/TimerLib.h>
+
+#define DEFAULT_DELAY_TIME_IN_MICROSECONDS  10
+
+/**
+ Using the TimerLib GetPerformanceCounterProperties() we delay
+ for enough time for the PerformanceCounter to increment.
+
+ If the return value from GetPerformanceCounterProperties (TimerLib)
+ is zero, this function will return 10 and attempt to assert.
+ **/
+STATIC
+UINT32
+CalculateMinimumDecentDelayInMicroseconds (
+  VOID
+  )
+{
+  UINT64  CounterHz;
+
+  // Get the counter properties
+  CounterHz = GetPerformanceCounterProperties (NULL, NULL);
+  // Make sure we won't divide by zero
+  if (CounterHz == 0) {
+    ASSERT (CounterHz != 0); // Assert so the developer knows something is wrong
+    return DEFAULT_DELAY_TIME_IN_MICROSECONDS;
+  }
+
+  // Calculate the minimum delay based on 1.5 microseconds divided by the hertz.
+  // We calculate the length of a cycle (1/CounterHz) and multiply it by 1.5 microseconds
+  // This ensures that the performance counter has increased by at least one
+  return (UINT32)(MAX (DivU64x64Remainder (1500000, CounterHz, NULL), 1));
+}
+
+/**
+  Generates a 16-bit random number.
+
+  if Rand is NULL, then ASSERT().
+
+  @param[out] Rand     Buffer pointer to store the 16-bit random value.
+
+  @retval TRUE         Random number generated successfully.
+  @retval FALSE        Failed to generate the random number.
+
+**/
+BOOLEAN
+EFIAPI
+GetRandomNumber16 (
+  OUT     UINT16  *Rand
+  )
+{
+  UINT32  Index;
+  UINT8   *RandPtr;
+  UINT32  DelayInMicroSeconds;
+
+  ASSERT (Rand != NULL);
+
+  if (Rand == NULL) {
+    return FALSE;
+  }
+
+  DelayInMicroSeconds = CalculateMinimumDecentDelayInMicroseconds ();
+  RandPtr             = (UINT8 *)Rand;
+  // Get 2 bytes of random ish data
+  for (Index = 0; Index < sizeof (UINT16); Index++) {
+    *RandPtr = (UINT8)(GetPerformanceCounter () & 0xFF);
+    // Delay to give the performance counter a chance to change
+    MicroSecondDelay (DelayInMicroSeconds);
+    RandPtr++;
+  }
+
+  return TRUE;
+}
+
+/**
+  Generates a 32-bit random number.
+
+  if Rand is NULL, then ASSERT().
+
+  @param[out] Rand     Buffer pointer to store the 32-bit random value.
+
+  @retval TRUE         Random number generated successfully.
+  @retval FALSE        Failed to generate the random number.
+
+**/
+BOOLEAN
+EFIAPI
+GetRandomNumber32 (
+  OUT     UINT32  *Rand
+  )
+{
+  UINT32  Index;
+  UINT8   *RandPtr;
+  UINT32  DelayInMicroSeconds;
+
+  ASSERT (Rand != NULL);
+
+  if (NULL == Rand) {
+    return FALSE;
+  }
+
+  RandPtr             = (UINT8 *)Rand;
+  DelayInMicroSeconds = CalculateMinimumDecentDelayInMicroseconds ();
+  // Get 4 bytes of random ish data
+  for (Index = 0; Index < sizeof (UINT32); Index++) {
+    *RandPtr = (UINT8)(GetPerformanceCounter () & 0xFF);
+    // Delay to give the performance counter a chance to change
+    MicroSecondDelay (DelayInMicroSeconds);
+    RandPtr++;
+  }
+
+  return TRUE;
+}
+
+/**
+  Generates a 64-bit random number.
+
+  if Rand is NULL, then ASSERT().
+
+  @param[out] Rand     Buffer pointer to store the 64-bit random value.
+
+  @retval TRUE         Random number generated successfully.
+  @retval FALSE        Failed to generate the random number.
+
+**/
+BOOLEAN
+EFIAPI
+GetRandomNumber64 (
+  OUT     UINT64  *Rand
+  )
+{
+  UINT32  Index;
+  UINT8   *RandPtr;
+  UINT32  DelayInMicroSeconds;
+
+  ASSERT (Rand != NULL);
+
+  if (NULL == Rand) {
+    return FALSE;
+  }
+
+  RandPtr             = (UINT8 *)Rand;
+  DelayInMicroSeconds = CalculateMinimumDecentDelayInMicroseconds ();
+  // Get 8 bytes of random ish data
+  for (Index = 0; Index < sizeof (UINT64); Index++) {
+    *RandPtr = (UINT8)(GetPerformanceCounter () & 0xFF);
+    // Delay to give the performance counter a chance to change
+    MicroSecondDelay (DelayInMicroSeconds);
+    RandPtr++;
+  }
+
+  return TRUE;
+}
+
+/**
+  Generates a 128-bit random number.
+
+  if Rand is NULL, then ASSERT().
+
+  @param[out] Rand     Buffer pointer to store the 128-bit random value.
+
+  @retval TRUE         Random number generated successfully.
+  @retval FALSE        Failed to generate the random number.
+
+**/
+BOOLEAN
+EFIAPI
+GetRandomNumber128 (
+  OUT     UINT64  *Rand
+  )
+{
+  ASSERT (Rand != NULL);
+  // This should take around 80ms
+
+  // Read first 64 bits
+  if (!GetRandomNumber64 (Rand)) {
+    return FALSE;
+  }
+
+  // Read second 64 bits
+  return GetRandomNumber64 (++Rand);
+}
diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc
index db3b5af53795..c7af921782ee 100644
--- a/MdeModulePkg/MdeModulePkg.dsc
+++ b/MdeModulePkg/MdeModulePkg.dsc
@@ -345,6 +345,7 @@ [Components]
   MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf
   MdeModulePkg/Library/DisplayUpdateProgressLibGraphics/DisplayUpdateProgressLibGraphics.inf
   MdeModulePkg/Library/DisplayUpdateProgressLibText/DisplayUpdateProgressLibText.inf
+  MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
   MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
   MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuApp.inf
diff --git a/NetworkPkg/NetworkPkg.dsc b/NetworkPkg/NetworkPkg.dsc
index 6c231c97b544..808c6bffce2c 100644
--- a/NetworkPkg/NetworkPkg.dsc
+++ b/NetworkPkg/NetworkPkg.dsc
@@ -82,10 +82,10 @@ [LibraryClasses.ARM, LibraryClasses.AARCH64]
   ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf
 
 [LibraryClasses.ARM]
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
 [LibraryClasses.RISCV64]
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
 [PcdsFeatureFlag]
   gEfiMdePkgTokenSpaceGuid.PcdComponentName2Disable|TRUE
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 2c6ed7c9745f..022104dfdce6 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -185,7 +185,7 @@ [LibraryClasses]
 
   IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
   AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
   VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc
index 82c60ace1bbd..6693342c5f6e 100644
--- a/OvmfPkg/Bhyve/BhyveX64.dsc
+++ b/OvmfPkg/Bhyve/BhyveX64.dsc
@@ -196,7 +196,7 @@ [LibraryClasses]
 !else
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
 !endif
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
 !if $(SECURE_BOOT_ENABLE) == TRUE
   PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
index e000deed9e4d..35942e02df93 100644
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
@@ -206,7 +206,7 @@ [LibraryClasses]
 !else
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
 !endif
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
 !if $(SECURE_BOOT_ENABLE) == TRUE
   PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
index 193657ff2d61..bbf218488127 100644
--- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
@@ -184,7 +184,7 @@ [LibraryClasses]
 
   IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
 !if $(SECURE_BOOT_ENABLE) == TRUE
   PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc
index 2f7585639374..d5c1a2fe3a91 100644
--- a/OvmfPkg/Microvm/MicrovmX64.dsc
+++ b/OvmfPkg/Microvm/MicrovmX64.dsc
@@ -203,7 +203,7 @@ [LibraryClasses]
 !else
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
 !endif
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
 !if $(SECURE_BOOT_ENABLE) == TRUE
   PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index ed36935770f3..c1f1733a483d 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -210,7 +210,7 @@ [LibraryClasses]
 !else
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
 !endif
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
 !if $(SECURE_BOOT_ENABLE) == TRUE
   PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 919315e4cb33..bdd6c3bc96ae 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -215,7 +215,7 @@ [LibraryClasses]
 !else
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
 !endif
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
 !if $(SECURE_BOOT_ENABLE) == TRUE
   PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 823de0d0f9e0..a54e17dd087d 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -231,7 +231,7 @@ [LibraryClasses]
 !else
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
 !endif
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
 !if $(SECURE_BOOT_ENABLE) == TRUE
   PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc
index 210578c1d74d..26d2a6963de5 100644
--- a/OvmfPkg/OvmfXen.dsc
+++ b/OvmfPkg/OvmfXen.dsc
@@ -194,7 +194,7 @@ [LibraryClasses]
 !else
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
 !endif
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
   AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
   VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
diff --git a/OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc b/OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc
index bc204ba5fe52..fe320525153f 100644
--- a/OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc
+++ b/OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc
@@ -118,7 +118,7 @@ [LibraryClasses.common]
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
 !endif
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
   #
   # Secure Boot dependencies
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index 3c62205162ce..7682066cd9fe 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -92,10 +92,10 @@ [LibraryClasses.ARM, LibraryClasses.AARCH64]
   ArmTrngLib|MdePkg/Library/BaseArmTrngLibNull/BaseArmTrngLibNull.inf
 
 [LibraryClasses.ARM]
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
 [LibraryClasses.RISCV64]
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
 [LibraryClasses.X64.SEC]
   HashLib|SecurityPkg/Library/HashLibTdx/HashLibTdx.inf
diff --git a/SignedCapsulePkg/SignedCapsulePkg.dsc b/SignedCapsulePkg/SignedCapsulePkg.dsc
index 8a27207a6f20..4c656666e981 100644
--- a/SignedCapsulePkg/SignedCapsulePkg.dsc
+++ b/SignedCapsulePkg/SignedCapsulePkg.dsc
@@ -110,10 +110,10 @@ [LibraryClasses.AARCH64, LibraryClasses.ARM]
   NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf
 
 [LibraryClasses.ARM]
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
 [LibraryClasses.RISCV64]
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
 
 [LibraryClasses.common.PEI_CORE]
   HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107710): https://edk2.groups.io/g/devel/message/107710
Mute This Topic: https://groups.io/mt/100684681/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 10+ messages in thread

* [edk2-devel] [PATCH v6 2/9] MdePkg: Add deprecated warning to BaseRngLibTimer
  2023-08-11 14:33 [edk2-devel] [PATCH v6 0/9] SecurityPkg/MdePkg: Update RngLib GUID identification PierreGondois
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 1/9] MdeModulePkg: Duplicate BaseRngLibTimerLib to MdeModulePkg PierreGondois
@ 2023-08-11 14:33 ` PierreGondois
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 3/9] SecurityPkg/SecurityPkg.dec: Move PcdCpuRngSupportedAlgorithm to MdePkg PierreGondois
                   ` (6 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: PierreGondois @ 2023-08-11 14:33 UTC (permalink / raw)
  To: devel
  Cc: Michael D Kinney, Liming Gao, Zhiguang Liu, Jiewen Yao,
	Jian J Wang, Ard Biesheuvel, Sami Mujawar, Kun Qin

From: Pierre Gondois <pierre.gondois@arm.com>

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4504

To keep the MdePkg self-contained and avoid dependencies on GUIDs
defined in other packages, the BaseRngLibTimer was moved to the
MdePkg.
Add a constructor to warn and request to use the MdeModulePkg
implementation.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Tested-by: Kun Qin <kun.qin@microsoft.com>
---
 .../BaseRngLibTimerLib/BaseRngLibTimerLib.inf |  1 +
 .../Library/BaseRngLibTimerLib/RngLibTimer.c  | 22 +++++++++++++++++++
 2 files changed, 23 insertions(+)

diff --git a/MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf b/MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
index f857290e823b..96c90db63f6f 100644
--- a/MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+++ b/MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
@@ -23,6 +23,7 @@ [Defines]
   MODULE_TYPE                    = BASE
   VERSION_STRING                 = 1.0
   LIBRARY_CLASS                  = RngLib
+  CONSTRUCTOR                    = BaseRngLibTimerConstructor
 
 [Sources]
   RngLibTimer.c
diff --git a/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c b/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
index 980854d67b72..c4fdd1df68d3 100644
--- a/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
+++ b/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
@@ -13,6 +13,28 @@
 
 #define DEFAULT_DELAY_TIME_IN_MICROSECONDS  10
 
+/**
+  This implementation is to be replaced by its MdeModulePkg copy.
+  The cause being that some GUIDs (gEdkiiRngAlgorithmUnSafe) cannot
+  be defined in the MdePkg.
+
+  @retval EFI_SUCCESS   The constructor always returns EFI_SUCCESS.
+**/
+RETURN_STATUS
+EFIAPI
+BaseRngLibTimerConstructor (
+  VOID
+  )
+{
+  DEBUG ((
+    DEBUG_WARN,
+    "Warning: This BaseRngTimerLib implementation will be deprecated. "
+    "Please use the MdeModulePkg implementation equivalent.\n"
+    ));
+
+  return RETURN_SUCCESS;
+}
+
 /**
  Using the TimerLib GetPerformanceCounterProperties() we delay
  for enough time for the PerformanceCounter to increment.
-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107711): https://edk2.groups.io/g/devel/message/107711
Mute This Topic: https://groups.io/mt/100684683/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 10+ messages in thread

* [edk2-devel] [PATCH v6 3/9] SecurityPkg/SecurityPkg.dec: Move PcdCpuRngSupportedAlgorithm to MdePkg
  2023-08-11 14:33 [edk2-devel] [PATCH v6 0/9] SecurityPkg/MdePkg: Update RngLib GUID identification PierreGondois
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 1/9] MdeModulePkg: Duplicate BaseRngLibTimerLib to MdeModulePkg PierreGondois
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 2/9] MdePkg: Add deprecated warning to BaseRngLibTimer PierreGondois
@ 2023-08-11 14:33 ` PierreGondois
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 4/9] MdePkg/DxeRngLib: Request raw algorithm instead of default PierreGondois
                   ` (5 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: PierreGondois @ 2023-08-11 14:33 UTC (permalink / raw)
  To: devel
  Cc: Michael D Kinney, Liming Gao, Zhiguang Liu, Jiewen Yao,
	Jian J Wang, Ard Biesheuvel, Sami Mujawar, Kun Qin

From: Pierre Gondois <pierre.gondois@arm.com>

In order to use PcdCpuRngSupportedAlgorithm in the MdePkg in a
following patch and to avoid making the MdePkg dependent on another
package, move PcdCpuRngSupportedAlgorithm to the MdePkg.

As the Pcd is only used for AARCH64, place it in an AARCH64
specific sections.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Tested-by: Kun Qin <kun.qin@microsoft.com>
---
 .../Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf        | 2 +-
 MdePkg/MdePkg.dec                                            | 5 +++++
 SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf          | 4 ++--
 SecurityPkg/SecurityPkg.dec                                  | 2 --
 4 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf b/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
index f857290e823b..f7290010604f 100644
--- a/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+++ b/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
@@ -19,7 +19,7 @@ [Defines]
   INF_VERSION                    = 1.27
   BASE_NAME                      = BaseRngLibTimerLib
   MODULE_UNI_FILE                = BaseRngLibTimerLib.uni
-  FILE_GUID                      = 74950C45-10FC-4AB5-B114-49C87C17409B
+  FILE_GUID                      = B3E66B05-D218-4B9A-AC33-EF0F83D6A513
   MODULE_TYPE                    = BASE
   VERSION_STRING                 = 1.0
   LIBRARY_CLASS                  = RngLib
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index b85614992b94..5b8477f4cb8f 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -2393,6 +2393,11 @@ [PcdsFixedAtBuild,PcdsPatchableInModule]
   # @Prompt Time-out for a response, internal
   gEfiMdePkgTokenSpaceGuid.PcdIpmiSsifResponseRetryIntervalMicrosecond|60000|UINT32|0x00000036
 
+[PcdsFixedAtBuild.AARCH64, PcdsPatchableInModule.AARCH64]
+  ## GUID identifying the Rng algorithm implemented by CPU instruction.
+  # @Prompt CPU Rng algorithm's GUID.
+  gEfiMdePkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm|{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}|VOID*|0x00000037
+
 [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
   ## This value is used to set the base address of PCI express hierarchy.
   # @Prompt PCI Express Base Address.
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
index c8e0ee4ae5d9..d6c2d30195bf 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
@@ -79,8 +79,8 @@ [Guids]
 [Protocols]
   gEfiRngProtocolGuid                ## PRODUCES
 
-[Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm      ## CONSUMES
+[Pcd.AARCH64]
+  gEfiMdePkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm      ## CONSUMES
 
 [Depex]
   TRUE
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index 53aa7ec43557..00c4ebdbed59 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -325,8 +325,6 @@ [PcdsFixedAtBuild, PcdsPatchableInModule]
   gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeFvVerificationPass|0x0303100A|UINT32|0x00010030
   gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeFvVerificationFail|0x0303100B|UINT32|0x00010031
 
-  gEfiSecurityPkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm|{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}|VOID*|0x00010032
-
 [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
   ## Image verification policy for OptionRom. Only following values are valid:<BR><BR>
   #  NOTE: Do NOT use 0x5 and 0x2 since it violates the UEFI specification and has been removed.<BR>
-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107712): https://edk2.groups.io/g/devel/message/107712
Mute This Topic: https://groups.io/mt/100684685/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 10+ messages in thread

* [edk2-devel] [PATCH v6 4/9] MdePkg/DxeRngLib: Request raw algorithm instead of default
  2023-08-11 14:33 [edk2-devel] [PATCH v6 0/9] SecurityPkg/MdePkg: Update RngLib GUID identification PierreGondois
                   ` (2 preceding siblings ...)
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 3/9] SecurityPkg/SecurityPkg.dec: Move PcdCpuRngSupportedAlgorithm to MdePkg PierreGondois
@ 2023-08-11 14:33 ` PierreGondois
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 5/9] MdePkg/Rng: Add GUID to describe Arm Rndr Rng algorithms PierreGondois
                   ` (4 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: PierreGondois @ 2023-08-11 14:33 UTC (permalink / raw)
  To: devel
  Cc: Michael D Kinney, Liming Gao, Zhiguang Liu, Jiewen Yao,
	Jian J Wang, Ard Biesheuvel, Sami Mujawar, Kun Qin

From: Pierre Gondois <pierre.gondois@arm.com>

The DxeRngLib tries to generate a random number using the 3 NIST
SP 800-90 compliant DRBG algorithms, i.e. 256-bits CTR, HASH and HMAC.
If none of the call is successful, the fallback option is the default
RNG algorithm of the EFI_RNG_PROTOCOL. This default algorithm might
be an unsafe implementation.

Try requesting the Raw algorithm before requesting the default one.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Tested-by: Kun Qin <kun.qin@microsoft.com>
---
 MdePkg/Library/DxeRngLib/DxeRngLib.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/MdePkg/Library/DxeRngLib/DxeRngLib.c b/MdePkg/Library/DxeRngLib/DxeRngLib.c
index 46aea515924f..a01b66ad7d20 100644
--- a/MdePkg/Library/DxeRngLib/DxeRngLib.c
+++ b/MdePkg/Library/DxeRngLib/DxeRngLib.c
@@ -65,9 +65,15 @@ GenerateRandomNumberViaNist800Algorithm (
     return Status;
   }
 
+  Status = RngProtocol->GetRNG (RngProtocol, &gEfiRngAlgorithmRaw, BufferSize, Buffer);
+  DEBUG ((DEBUG_INFO, "%a: GetRNG algorithm Raw - Status = %r\n", __func__, Status));
+  if (!EFI_ERROR (Status)) {
+    return Status;
+  }
+
   // If all the other methods have failed, use the default method from the RngProtocol
   Status = RngProtocol->GetRNG (RngProtocol, NULL, BufferSize, Buffer);
-  DEBUG ((DEBUG_INFO, "%a: GetRNG algorithm Hash-256 - Status = %r\n", __func__, Status));
+  DEBUG ((DEBUG_INFO, "%a: GetRNG algorithm default - Status = %r\n", __func__, Status));
   if (!EFI_ERROR (Status)) {
     return Status;
   }
-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107713): https://edk2.groups.io/g/devel/message/107713
Mute This Topic: https://groups.io/mt/100684687/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 10+ messages in thread

* [edk2-devel] [PATCH v6 5/9] MdePkg/Rng: Add GUID to describe Arm Rndr Rng algorithms
  2023-08-11 14:33 [edk2-devel] [PATCH v6 0/9] SecurityPkg/MdePkg: Update RngLib GUID identification PierreGondois
                   ` (3 preceding siblings ...)
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 4/9] MdePkg/DxeRngLib: Request raw algorithm instead of default PierreGondois
@ 2023-08-11 14:33 ` PierreGondois
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 6/9] MdeModulePkg/Rng: Add GUID to describe unsafe " PierreGondois
                   ` (3 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: PierreGondois @ 2023-08-11 14:33 UTC (permalink / raw)
  To: devel
  Cc: Michael D Kinney, Liming Gao, Zhiguang Liu, Jiewen Yao,
	Jian J Wang, Ard Biesheuvel, Sami Mujawar, Kun Qin

From: Pierre Gondois <pierre.gondois@arm.com>

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4441

The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has multiple
implementations, some of them are unsafe (e.g. BaseRngLibTimerLib).
To allow the RngDxe to detect when such implementation is used,
a GetRngGuid() function is added in a following patch.

Prepare GetRngGuid() return values and add a gEfiRngAlgorithmArmRndr
to describe a Rng algorithm accessed through Arm's RNDR instruction.
[1] states that the implementation of this algorithm should be
compliant to NIST SP900-80. The compliance is not guaranteed.

[1] Arm Architecture Reference Manual Armv8, for A-profile architecture
sK12.1 'Properties of the generated random number'

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Tested-by: Kun Qin <kun.qin@microsoft.com>
---
 MdePkg/Include/Protocol/Rng.h | 10 ++++++++++
 MdePkg/MdePkg.dec             |  1 +
 2 files changed, 11 insertions(+)

diff --git a/MdePkg/Include/Protocol/Rng.h b/MdePkg/Include/Protocol/Rng.h
index baf425587b3c..38bde53240d1 100644
--- a/MdePkg/Include/Protocol/Rng.h
+++ b/MdePkg/Include/Protocol/Rng.h
@@ -67,6 +67,15 @@ typedef EFI_GUID EFI_RNG_ALGORITHM;
   { \
     0xe43176d7, 0xb6e8, 0x4827, {0xb7, 0x84, 0x7f, 0xfd, 0xc4, 0xb6, 0x85, 0x61 } \
   }
+///
+/// The Arm Architecture states the RNDR that the DRBG algorithm should be compliant
+/// with NIST SP800-90A, while not mandating a particular algorithm, so as to be
+/// inclusive of different geographies.
+///
+#define EFI_RNG_ALGORITHM_ARM_RNDR \
+  { \
+    0x43d2fde3, 0x9d4e, 0x4d79,  {0x02, 0x96, 0xa8, 0x9b, 0xca, 0x78, 0x08, 0x41} \
+  }
 
 /**
   Returns information about the random number generation implementation.
@@ -146,5 +155,6 @@ extern EFI_GUID  gEfiRngAlgorithmSp80090Ctr256Guid;
 extern EFI_GUID  gEfiRngAlgorithmX9313DesGuid;
 extern EFI_GUID  gEfiRngAlgorithmX931AesGuid;
 extern EFI_GUID  gEfiRngAlgorithmRaw;
+extern EFI_GUID  gEfiRngAlgorithmArmRndr;
 
 #endif
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index 5b8477f4cb8f..ac54338089e8 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -643,6 +643,7 @@ [Guids]
   gEfiRngAlgorithmX9313DesGuid       = { 0x63c4785a, 0xca34, 0x4012, {0xa3, 0xc8, 0x0b, 0x6a, 0x32, 0x4f, 0x55, 0x46 }}
   gEfiRngAlgorithmX931AesGuid        = { 0xacd03321, 0x777e, 0x4d3d, {0xb1, 0xc8, 0x20, 0xcf, 0xd8, 0x88, 0x20, 0xc9 }}
   gEfiRngAlgorithmRaw                = { 0xe43176d7, 0xb6e8, 0x4827, {0xb7, 0x84, 0x7f, 0xfd, 0xc4, 0xb6, 0x85, 0x61 }}
+  gEfiRngAlgorithmArmRndr            = { 0x43d2fde3, 0x9d4e, 0x4d79, {0x02, 0x96, 0xa8, 0x9b, 0xca, 0x78, 0x08, 0x41 }}
 
   ## Include/Protocol/AdapterInformation.h
   gEfiAdapterInfoMediaStateGuid       = { 0xD7C74207, 0xA831, 0x4A26, {0xB1, 0xF5, 0xD1, 0x93, 0x06, 0x5C, 0xE8, 0xB6 }}
-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107714): https://edk2.groups.io/g/devel/message/107714
Mute This Topic: https://groups.io/mt/100684690/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 10+ messages in thread

* [edk2-devel] [PATCH v6 6/9] MdeModulePkg/Rng: Add GUID to describe unsafe Rng algorithms
  2023-08-11 14:33 [edk2-devel] [PATCH v6 0/9] SecurityPkg/MdePkg: Update RngLib GUID identification PierreGondois
                   ` (4 preceding siblings ...)
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 5/9] MdePkg/Rng: Add GUID to describe Arm Rndr Rng algorithms PierreGondois
@ 2023-08-11 14:33 ` PierreGondois
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 7/9] MdePkg/Rng: Add GetRngGuid() to RngLib PierreGondois
                   ` (2 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: PierreGondois @ 2023-08-11 14:33 UTC (permalink / raw)
  To: devel
  Cc: Michael D Kinney, Liming Gao, Zhiguang Liu, Jiewen Yao,
	Jian J Wang, Ard Biesheuvel, Sami Mujawar, Kun Qin

From: Pierre Gondois <pierre.gondois@arm.com>

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4441

The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has multiple
implementations, some of them are unsafe (e.g. BaseRngLibTimerLib).
To allow the RngDxe to detect when such implementation is used,
a GetRngGuid() function is added in a following patch.

Prepare GetRngGuid() return values and add a gEdkiiRngAlgorithmUnSafe
to describe an unsafe implementation, cf. the BaseRngLibTimerLib.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Tested-by: Kun Qin <kun.qin@microsoft.com>
---
 MdeModulePkg/Include/Guid/RngAlgorithm.h | 23 +++++++++++++++++++++++
 MdeModulePkg/MdeModulePkg.dec            |  3 +++
 2 files changed, 26 insertions(+)
 create mode 100644 MdeModulePkg/Include/Guid/RngAlgorithm.h

diff --git a/MdeModulePkg/Include/Guid/RngAlgorithm.h b/MdeModulePkg/Include/Guid/RngAlgorithm.h
new file mode 100644
index 000000000000..e2ac2ba3e5c6
--- /dev/null
+++ b/MdeModulePkg/Include/Guid/RngAlgorithm.h
@@ -0,0 +1,23 @@
+/** @file
+  Rng Algorithm
+
+  Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#ifndef RNG_ALGORITHM_GUID_H_
+#define RNG_ALGORITHM_GUID_H_
+
+///
+/// The implementation of a Random Number Generator might be unsafe, when using
+/// a dummy implementation for instance. Allow identifying such implementation
+/// with this GUID.
+///
+#define EDKII_RNG_ALGORITHM_UNSAFE \
+  { \
+    0x869f728c, 0x409d, 0x4ab4, {0xac, 0x03, 0x71, 0xd3, 0x09, 0xc1, 0xb3, 0xf4 } \
+  }
+
+extern EFI_GUID  gEdkiiRngAlgorithmUnSafe;
+
+#endif // #ifndef RNG_ALGORITHM_GUID_H_
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index 0ff058b0a9da..dd182c02fdf6 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -418,6 +418,9 @@ [Guids]
   ## Include/Guid/MigratedFvInfo.h
   gEdkiiMigratedFvInfoGuid = { 0xc1ab12f7, 0x74aa, 0x408d, { 0xa2, 0xf4, 0xc6, 0xce, 0xfd, 0x17, 0x98, 0x71 } }
 
+  ## Include/Guid/RngAlgorithm.h
+  gEdkiiRngAlgorithmUnSafe = { 0x869f728c, 0x409d, 0x4ab4, {0xac, 0x03, 0x71, 0xd3, 0x09, 0xc1, 0xb3, 0xf4 }}
+
   #
   # GUID defined in UniversalPayload
   #
-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107715): https://edk2.groups.io/g/devel/message/107715
Mute This Topic: https://groups.io/mt/100684692/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 10+ messages in thread

* [edk2-devel] [PATCH v6 7/9] MdePkg/Rng: Add GetRngGuid() to RngLib
  2023-08-11 14:33 [edk2-devel] [PATCH v6 0/9] SecurityPkg/MdePkg: Update RngLib GUID identification PierreGondois
                   ` (5 preceding siblings ...)
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 6/9] MdeModulePkg/Rng: Add GUID to describe unsafe " PierreGondois
@ 2023-08-11 14:33 ` PierreGondois
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 8/9] SecurityPkg/RngDxe: Use GetRngGuid() when probing RngLib PierreGondois
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 9/9] SecurityPkg/RngDxe: Simplify Rng algorithm selection for Arm PierreGondois
  8 siblings, 0 replies; 10+ messages in thread
From: PierreGondois @ 2023-08-11 14:33 UTC (permalink / raw)
  To: devel
  Cc: Michael D Kinney, Liming Gao, Zhiguang Liu, Jiewen Yao,
	Jian J Wang, Ard Biesheuvel, Sami Mujawar, Kun Qin

From: Pierre Gondois <pierre.gondois@arm.com>

The EFI_RNG_PROTOCOL can use the RngLib. The RngLib has multiple
implementations, some of them are unsafe (e.g. BaseRngLibTimerLib).
To allow the RngDxe to detect when such implementation is used,
add a GetRngGuid() function to the RngLib.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Tested-by: Kun Qin <kun.qin@microsoft.com>
---
 .../BaseRngLibTimerLib/BaseRngLibTimerLib.inf |  4 ++
 .../Library/BaseRngLibTimerLib/RngLibTimer.c  | 28 +++++++++++++
 MdePkg/Include/Library/RngLib.h               | 17 ++++++++
 MdePkg/Library/BaseRngLib/AArch64/Rndr.c      | 42 +++++++++++++++++++
 MdePkg/Library/BaseRngLib/BaseRngLib.inf      | 10 +++++
 MdePkg/Library/BaseRngLib/Rand/RdRand.c       | 26 ++++++++++++
 .../Library/BaseRngLibNull/BaseRngLibNull.c   | 22 ++++++++++
 .../Library/BaseRngLibTimerLib/RngLibTimer.c  | 23 ++++++++++
 MdePkg/Library/DxeRngLib/DxeRngLib.c          | 28 +++++++++++++
 9 files changed, 200 insertions(+)

diff --git a/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf b/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
index f7290010604f..8461260cc812 100644
--- a/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+++ b/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
@@ -29,6 +29,10 @@ [Sources]
 
 [Packages]
   MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+
+[Guids]
+  gEdkiiRngAlgorithmUnSafe
 
 [LibraryClasses]
   BaseLib
diff --git a/MdeModulePkg/Library/BaseRngLibTimerLib/RngLibTimer.c b/MdeModulePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
index 980854d67b72..28ff46c71fa2 100644
--- a/MdeModulePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
+++ b/MdeModulePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
@@ -2,14 +2,18 @@
   BaseRng Library that uses the TimerLib to provide reasonably random numbers.
   Do not use this on a production system.
 
+  Copyright (c) 2023, Arm Limited. All rights reserved.
   Copyright (c) Microsoft Corporation.
   SPDX-License-Identifier: BSD-2-Clause-Patent
 **/
 
 #include <Base.h>
+#include <Uefi.h>
 #include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
 #include <Library/DebugLib.h>
 #include <Library/TimerLib.h>
+#include <Guid/RngAlgorithm.h>
 
 #define DEFAULT_DELAY_TIME_IN_MICROSECONDS  10
 
@@ -190,3 +194,27 @@ GetRandomNumber128 (
   // Read second 64 bits
   return GetRandomNumber64 (++Rand);
 }
+
+/**
+  Get a GUID identifying the RNG algorithm implementation.
+
+  @param [out] RngGuid  If success, contains the GUID identifying
+                        the RNG algorithm implementation.
+
+  @retval EFI_SUCCESS             Success.
+  @retval EFI_UNSUPPORTED         Not supported.
+  @retval EFI_INVALID_PARAMETER   Invalid parameter.
+**/
+EFI_STATUS
+EFIAPI
+GetRngGuid (
+  GUID  *RngGuid
+  )
+{
+  if (RngGuid == NULL) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  CopyMem (RngGuid, &gEdkiiRngAlgorithmUnSafe, sizeof (*RngGuid));
+  return EFI_SUCCESS;
+}
diff --git a/MdePkg/Include/Library/RngLib.h b/MdePkg/Include/Library/RngLib.h
index 429ed19e287e..945482cd5e56 100644
--- a/MdePkg/Include/Library/RngLib.h
+++ b/MdePkg/Include/Library/RngLib.h
@@ -1,6 +1,7 @@
 /** @file
   Provides random number generator services.
 
+Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
 Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -77,4 +78,20 @@ GetRandomNumber128 (
   OUT     UINT64  *Rand
   );
 
+/**
+  Get a GUID identifying the RNG algorithm implementation.
+
+  @param [out] RngGuid  If success, contains the GUID identifying
+                        the RNG algorithm implementation.
+
+  @retval EFI_SUCCESS             Success.
+  @retval EFI_UNSUPPORTED         Not supported.
+  @retval EFI_INVALID_PARAMETER   Invalid parameter.
+**/
+EFI_STATUS
+EFIAPI
+GetRngGuid (
+  GUID  *RngGuid
+  );
+
 #endif // __RNG_LIB_H__
diff --git a/MdePkg/Library/BaseRngLib/AArch64/Rndr.c b/MdePkg/Library/BaseRngLib/AArch64/Rndr.c
index 20811bf3ebf3..d39db62153ee 100644
--- a/MdePkg/Library/BaseRngLib/AArch64/Rndr.c
+++ b/MdePkg/Library/BaseRngLib/AArch64/Rndr.c
@@ -2,6 +2,7 @@
   Random number generator service that uses the RNDR instruction
   to provide pseudorandom numbers.
 
+  Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
   Copyright (c) 2021, NUVIA Inc. All rights reserved.<BR>
   Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
 
@@ -11,6 +12,7 @@
 
 #include <Uefi.h>
 #include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
 #include <Library/DebugLib.h>
 #include <Library/RngLib.h>
 
@@ -138,3 +140,43 @@ ArchIsRngSupported (
 {
   return mRndrSupported;
 }
+
+/**
+  Get a GUID identifying the RNG algorithm implementation.
+
+  @param [out] RngGuid  If success, contains the GUID identifying
+                        the RNG algorithm implementation.
+
+  @retval EFI_SUCCESS             Success.
+  @retval EFI_UNSUPPORTED         Not supported.
+  @retval EFI_INVALID_PARAMETER   Invalid parameter.
+**/
+EFI_STATUS
+EFIAPI
+GetRngGuid (
+  GUID  *RngGuid
+  )
+{
+  GUID  *RngLibGuid;
+
+  if (RngGuid == NULL) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  if (!mRndrSupported) {
+    return EFI_UNSUPPORTED;
+  }
+
+  //
+  // If the platform advertises the algorithm behind RNDR instruction,
+  // use it. Otherwise use gEfiRngAlgorithmArmRndr.
+  //
+  RngLibGuid = PcdGetPtr (PcdCpuRngSupportedAlgorithm);
+  if (!IsZeroGuid (RngLibGuid)) {
+    CopyMem (RngGuid, RngLibGuid, sizeof (*RngGuid));
+  } else {
+    CopyMem (RngGuid, &gEfiRngAlgorithmArmRndr, sizeof (*RngGuid));
+  }
+
+  return EFI_SUCCESS;
+}
diff --git a/MdePkg/Library/BaseRngLib/BaseRngLib.inf b/MdePkg/Library/BaseRngLib/BaseRngLib.inf
index 1fcceb941495..49503b139be9 100644
--- a/MdePkg/Library/BaseRngLib/BaseRngLib.inf
+++ b/MdePkg/Library/BaseRngLib/BaseRngLib.inf
@@ -4,6 +4,7 @@
 #  BaseRng Library that uses CPU RNG instructions (e.g. RdRand) to
 #  provide random numbers.
 #
+#  Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
 #  Copyright (c) 2021, NUVIA Inc. All rights reserved.<BR>
 #  Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
 #
@@ -43,9 +44,18 @@ [Sources.AARCH64]
   AArch64/ArmReadIdIsar0.asm | MSFT
   AArch64/ArmRng.asm         | MSFT
 
+[Guids.AARCH64]
+  gEfiRngAlgorithmArmRndr
+
+[Guids.Ia32, Guids.X64]
+  gEfiRngAlgorithmSp80090Ctr256Guid
+
 [Packages]
   MdePkg/MdePkg.dec
 
+[Pcd.AARCH64]
+  gEfiMdePkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm
+
 [LibraryClasses]
   BaseLib
   DebugLib
diff --git a/MdePkg/Library/BaseRngLib/Rand/RdRand.c b/MdePkg/Library/BaseRngLib/Rand/RdRand.c
index 070d41e2555f..9bd68352f9f7 100644
--- a/MdePkg/Library/BaseRngLib/Rand/RdRand.c
+++ b/MdePkg/Library/BaseRngLib/Rand/RdRand.c
@@ -2,6 +2,7 @@
   Random number generator services that uses RdRand instruction access
   to provide high-quality random numbers.
 
+Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
 Copyright (c) 2021, NUVIA Inc. All rights reserved.<BR>
 Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
 
@@ -11,6 +12,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 #include <Uefi.h>
 #include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
 #include <Library/DebugLib.h>
 
 #include "BaseRngLibInternals.h"
@@ -128,3 +130,27 @@ ArchIsRngSupported (
   */
   return TRUE;
 }
+
+/**
+  Get a GUID identifying the RNG algorithm implementation.
+
+  @param [out] RngGuid  If success, contains the GUID identifying
+                        the RNG algorithm implementation.
+
+  @retval EFI_SUCCESS             Success.
+  @retval EFI_UNSUPPORTED         Not supported.
+  @retval EFI_INVALID_PARAMETER   Invalid parameter.
+**/
+EFI_STATUS
+EFIAPI
+GetRngGuid (
+  GUID  *RngGuid
+  )
+{
+  if (RngGuid == NULL) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  CopyMem (RngGuid, &gEfiRngAlgorithmSp80090Ctr256Guid, sizeof (*RngGuid));
+  return EFI_SUCCESS;
+}
diff --git a/MdePkg/Library/BaseRngLibNull/BaseRngLibNull.c b/MdePkg/Library/BaseRngLibNull/BaseRngLibNull.c
index efba5c851ead..af5e8eb8f72a 100644
--- a/MdePkg/Library/BaseRngLibNull/BaseRngLibNull.c
+++ b/MdePkg/Library/BaseRngLibNull/BaseRngLibNull.c
@@ -1,13 +1,16 @@
 /** @file
   Null version of Random number generator services.
 
+Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
 Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
+#include <Uefi.h>
 #include <Library/DebugLib.h>
 #include <Library/RngLib.h>
+#include <Protocol/Rng.h>
 
 /**
   Generates a 16-bit random number.
@@ -92,3 +95,22 @@ GetRandomNumber128 (
   ASSERT (FALSE);
   return FALSE;
 }
+
+/**
+  Get a GUID identifying the RNG algorithm implementation.
+
+  @param [out] RngGuid  If success, contains the GUID identifying
+                        the RNG algorithm implementation.
+
+  @retval EFI_SUCCESS             Success.
+  @retval EFI_UNSUPPORTED         Not supported.
+  @retval EFI_INVALID_PARAMETER   Invalid parameter.
+**/
+EFI_STATUS
+EFIAPI
+GetRngGuid (
+  GUID  *RngGuid
+  )
+{
+  return EFI_UNSUPPORTED;
+}
diff --git a/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c b/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
index c4fdd1df68d3..4a7cae78f85c 100644
--- a/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
+++ b/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
@@ -212,3 +212,26 @@ GetRandomNumber128 (
   // Read second 64 bits
   return GetRandomNumber64 (++Rand);
 }
+
+/**
+  Get a GUID identifying the RNG algorithm implementation.
+
+  @param [out] RngGuid  If success, contains the GUID identifying
+                        the RNG algorithm implementation.
+
+  @retval EFI_SUCCESS             Success.
+  @retval EFI_UNSUPPORTED         Not supported.
+  @retval EFI_INVALID_PARAMETER   Invalid parameter.
+**/
+RETURN_STATUS
+EFIAPI
+GetRngGuid (
+  GUID  *RngGuid
+  )
+{
+  /* This implementation is to be replaced by its MdeModulePkg copy.
+   * The cause being that some GUIDs (gEdkiiRngAlgorithmUnSafe) cannot
+   * be defined in the MdePkg.
+   */
+  return RETURN_UNSUPPORTED;
+}
diff --git a/MdePkg/Library/DxeRngLib/DxeRngLib.c b/MdePkg/Library/DxeRngLib/DxeRngLib.c
index a01b66ad7d20..05c795759b9a 100644
--- a/MdePkg/Library/DxeRngLib/DxeRngLib.c
+++ b/MdePkg/Library/DxeRngLib/DxeRngLib.c
@@ -1,6 +1,7 @@
 /** @file
  Provides an implementation of the library class RngLib that uses the Rng protocol.
 
+ Copyright (c) 2023, Arm Limited. All rights reserved.
  Copyright (c) Microsoft Corporation. All rights reserved.
  SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -207,3 +208,30 @@ GetRandomNumber128 (
 
   return TRUE;
 }
+
+/**
+  Get a GUID identifying the RNG algorithm implementation.
+
+  @param [out] RngGuid  If success, contains the GUID identifying
+                        the RNG algorithm implementation.
+
+  @retval EFI_SUCCESS             Success.
+  @retval EFI_UNSUPPORTED         Not supported.
+  @retval EFI_INVALID_PARAMETER   Invalid parameter.
+**/
+EFI_STATUS
+EFIAPI
+GetRngGuid (
+  GUID  *RngGuid
+  )
+{
+  /* It is not possible to know beforehand which Rng algorithm will
+   * be used by this library.
+   * This API is mainly used by RngDxe. RngDxe relies on the RngLib.
+   * The RngLib|DxeRngLib.inf implementation locates and uses an installed
+   * EFI_RNG_PROTOCOL.
+   * It is thus not possible to have both RngDxe and RngLib|DxeRngLib.inf.
+   * and it is ok not to support this API.
+   */
+  return EFI_UNSUPPORTED;
+}
-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107716): https://edk2.groups.io/g/devel/message/107716
Mute This Topic: https://groups.io/mt/100684695/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 10+ messages in thread

* [edk2-devel] [PATCH v6 8/9] SecurityPkg/RngDxe: Use GetRngGuid() when probing RngLib
  2023-08-11 14:33 [edk2-devel] [PATCH v6 0/9] SecurityPkg/MdePkg: Update RngLib GUID identification PierreGondois
                   ` (6 preceding siblings ...)
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 7/9] MdePkg/Rng: Add GetRngGuid() to RngLib PierreGondois
@ 2023-08-11 14:33 ` PierreGondois
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 9/9] SecurityPkg/RngDxe: Simplify Rng algorithm selection for Arm PierreGondois
  8 siblings, 0 replies; 10+ messages in thread
From: PierreGondois @ 2023-08-11 14:33 UTC (permalink / raw)
  To: devel
  Cc: Michael D Kinney, Liming Gao, Zhiguang Liu, Jiewen Yao,
	Jian J Wang, Ard Biesheuvel, Sami Mujawar, Kun Qin

From: Pierre Gondois <pierre.gondois@arm.com>

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4151

The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has multiple
implementations, some of them are unsafe (e.g. BaseRngLibTimerLib).
To allow the RngDxe to detect when such implementation is used,
a GetRngGuid() function was added in a previous patch.

The EFI_RNG_PROTOCOL can advertise multiple algorithms through
Guids. The PcdCpuRngSupportedAlgorithm is currently used to
advertise the RngLib in the Arm implementation.

The issues of doing that are:
- the RngLib implementation might not use CPU instructions,
  cf. the BaseRngLibTimerLib
- most platforms don't set PcdCpuRngSupportedAlgorithm

A GetRngGuid() was added to the RngLib in a previous patch,
allowing to identify the algorithm implemented by the RngLib.
Make use of this function and place the unsage algorithm
at the last position in the mAvailableAlgoArray.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Tested-by: Kun Qin <kun.qin@microsoft.com>
---
 .../RngDxe/AArch64/AArch64Algo.c              | 55 +++++++++++++------
 .../RandomNumberGenerator/RngDxe/ArmRngDxe.c  |  6 +-
 .../RandomNumberGenerator/RngDxe/RngDxe.inf   |  4 +-
 3 files changed, 44 insertions(+), 21 deletions(-)

diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c
index e8be217f8a8c..a270441ebba0 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c
@@ -10,6 +10,8 @@
 #include <Library/DebugLib.h>
 #include <Library/MemoryAllocationLib.h>
 #include <Library/ArmTrngLib.h>
+#include <Library/RngLib.h>
+#include <Guid/RngAlgorithm.h>
 
 #include "RngDxeInternals.h"
 
@@ -28,9 +30,13 @@ GetAvailableAlgorithms (
   VOID
   )
 {
-  UINT64  DummyRand;
-  UINT16  MajorRevision;
-  UINT16  MinorRevision;
+  EFI_STATUS  Status;
+  UINT16      MajorRevision;
+  UINT16      MinorRevision;
+  GUID        RngGuid;
+  BOOLEAN     UnSafeAlgo;
+
+  UnSafeAlgo = FALSE;
 
   // Rng algorithms 2 times, one for the allocation, one to populate.
   mAvailableAlgoArray = AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX);
@@ -38,24 +44,29 @@ GetAvailableAlgorithms (
     return EFI_OUT_OF_RESOURCES;
   }
 
-  // Check RngGetBytes() before advertising PcdCpuRngSupportedAlgorithm.
-  if (!EFI_ERROR (RngGetBytes (sizeof (DummyRand), (UINT8 *)&DummyRand))) {
-    CopyMem (
-      &mAvailableAlgoArray[mAvailableAlgoArrayCount],
-      PcdGetPtr (PcdCpuRngSupportedAlgorithm),
-      sizeof (EFI_RNG_ALGORITHM)
-      );
-    mAvailableAlgoArrayCount++;
-
-    DEBUG_CODE_BEGIN ();
-    if (IsZeroGuid (PcdGetPtr (PcdCpuRngSupportedAlgorithm))) {
+  // Identify RngLib algorithm.
+  Status = GetRngGuid (&RngGuid);
+  if (!EFI_ERROR (Status)) {
+    if (IsZeroGuid (&RngGuid) ||
+        CompareGuid (&RngGuid, &gEdkiiRngAlgorithmUnSafe))
+    {
+      // Treat zero GUID as an unsafe algorithm
       DEBUG ((
         DEBUG_WARN,
-        "PcdCpuRngSupportedAlgorithm should be a non-zero GUID\n"
+        "RngLib uses an Unsafe algorithm and "
+        "must not be used for production builds.\n"
         ));
+      // Set the UnSafeAlgo flag to indicate an unsafe algorithm was found
+      // so that it can be added at the end of the algorithm list.
+      UnSafeAlgo = TRUE;
+    } else {
+      CopyMem (
+        &mAvailableAlgoArray[mAvailableAlgoArrayCount],
+        &RngGuid,
+        sizeof (RngGuid)
+        );
+      mAvailableAlgoArrayCount++;
     }
-
-    DEBUG_CODE_END ();
   }
 
   // Raw algorithm (Trng)
@@ -68,5 +79,15 @@ GetAvailableAlgorithms (
     mAvailableAlgoArrayCount++;
   }
 
+  // Add unsafe algorithm at the end of the list.
+  if (UnSafeAlgo) {
+    CopyMem (
+      &mAvailableAlgoArray[mAvailableAlgoArrayCount],
+      &gEdkiiRngAlgorithmUnSafe,
+      sizeof (EFI_RNG_ALGORITHM)
+      );
+    mAvailableAlgoArrayCount++;
+  }
+
   return EFI_SUCCESS;
 }
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c
index ce49ff7ae661..78a18c5e1177 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c
@@ -78,6 +78,7 @@ RngGetRNG (
 {
   EFI_STATUS  Status;
   UINTN       Index;
+  GUID        RngGuid;
 
   if ((This == NULL) || (RNGValueLength == 0) || (RNGValue == NULL)) {
     return EFI_INVALID_PARAMETER;
@@ -102,7 +103,10 @@ RngGetRNG (
   }
 
 FoundAlgo:
-  if (CompareGuid (RNGAlgorithm, PcdGetPtr (PcdCpuRngSupportedAlgorithm))) {
+  Status = GetRngGuid (&RngGuid);
+  if (!EFI_ERROR (Status) &&
+      CompareGuid (RNGAlgorithm, &RngGuid))
+  {
     Status = RngGetBytes (RNGValueLength, RNGValue);
     return Status;
   }
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
index d6c2d30195bf..8704a644414f 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
@@ -75,13 +75,11 @@ [Guids]
   gEfiRngAlgorithmX9313DesGuid        ## SOMETIMES_PRODUCES    ## GUID        # Unique ID of the algorithm for RNG
   gEfiRngAlgorithmX931AesGuid         ## SOMETIMES_PRODUCES    ## GUID        # Unique ID of the algorithm for RNG
   gEfiRngAlgorithmRaw                 ## SOMETIMES_PRODUCES    ## GUID        # Unique ID of the algorithm for RNG
+  gEdkiiRngAlgorithmUnSafe            ## SOMETIMES_PRODUCES    ## GUID        # Unique ID of the algorithm for RNG
 
 [Protocols]
   gEfiRngProtocolGuid                ## PRODUCES
 
-[Pcd.AARCH64]
-  gEfiMdePkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm      ## CONSUMES
-
 [Depex]
   TRUE
 
-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107717): https://edk2.groups.io/g/devel/message/107717
Mute This Topic: https://groups.io/mt/100684696/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 10+ messages in thread

* [edk2-devel] [PATCH v6 9/9] SecurityPkg/RngDxe: Simplify Rng algorithm selection for Arm
  2023-08-11 14:33 [edk2-devel] [PATCH v6 0/9] SecurityPkg/MdePkg: Update RngLib GUID identification PierreGondois
                   ` (7 preceding siblings ...)
  2023-08-11 14:33 ` [edk2-devel] [PATCH v6 8/9] SecurityPkg/RngDxe: Use GetRngGuid() when probing RngLib PierreGondois
@ 2023-08-11 14:33 ` PierreGondois
  8 siblings, 0 replies; 10+ messages in thread
From: PierreGondois @ 2023-08-11 14:33 UTC (permalink / raw)
  To: devel
  Cc: Michael D Kinney, Liming Gao, Zhiguang Liu, Jiewen Yao,
	Jian J Wang, Ard Biesheuvel, Sami Mujawar, Kun Qin

From: Pierre Gondois <pierre.gondois@arm.com>

The first element of mAvailableAlgoArray is defined as the default
Rng algorithm to use. Don't go through the array at each RngGetRNG()
call and just return the first element of the array.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Tested-by: Kun Qin <kun.qin@microsoft.com>
---
 .../RandomNumberGenerator/RngDxe/ArmRngDxe.c    | 17 ++++-------------
 1 file changed, 4 insertions(+), 13 deletions(-)

diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c
index 78a18c5e1177..7a42e3cbe3d2 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c
@@ -77,7 +77,6 @@ RngGetRNG (
   )
 {
   EFI_STATUS  Status;
-  UINTN       Index;
   GUID        RngGuid;
 
   if ((This == NULL) || (RNGValueLength == 0) || (RNGValue == NULL)) {
@@ -88,21 +87,13 @@ RngGetRNG (
     //
     // Use the default RNG algorithm if RNGAlgorithm is NULL.
     //
-    for (Index = 0; Index < mAvailableAlgoArrayCount; Index++) {
-      if (!IsZeroGuid (&mAvailableAlgoArray[Index])) {
-        RNGAlgorithm = &mAvailableAlgoArray[Index];
-        goto FoundAlgo;
-      }
-    }
-
-    if (Index == mAvailableAlgoArrayCount) {
-      // No algorithm available.
-      ASSERT (Index != mAvailableAlgoArrayCount);
-      return EFI_DEVICE_ERROR;
+    if (mAvailableAlgoArrayCount != 0) {
+      RNGAlgorithm = &mAvailableAlgoArray[0];
+    } else {
+      return EFI_UNSUPPORTED;
     }
   }
 
-FoundAlgo:
   Status = GetRngGuid (&RngGuid);
   if (!EFI_ERROR (Status) &&
       CompareGuid (RNGAlgorithm, &RngGuid))
-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107718): https://edk2.groups.io/g/devel/message/107718
Mute This Topic: https://groups.io/mt/100684698/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 10+ messages in thread

end of thread, other threads:[~2023-08-11 14:33 UTC | newest]

Thread overview: 10+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-08-11 14:33 [edk2-devel] [PATCH v6 0/9] SecurityPkg/MdePkg: Update RngLib GUID identification PierreGondois
2023-08-11 14:33 ` [edk2-devel] [PATCH v6 1/9] MdeModulePkg: Duplicate BaseRngLibTimerLib to MdeModulePkg PierreGondois
2023-08-11 14:33 ` [edk2-devel] [PATCH v6 2/9] MdePkg: Add deprecated warning to BaseRngLibTimer PierreGondois
2023-08-11 14:33 ` [edk2-devel] [PATCH v6 3/9] SecurityPkg/SecurityPkg.dec: Move PcdCpuRngSupportedAlgorithm to MdePkg PierreGondois
2023-08-11 14:33 ` [edk2-devel] [PATCH v6 4/9] MdePkg/DxeRngLib: Request raw algorithm instead of default PierreGondois
2023-08-11 14:33 ` [edk2-devel] [PATCH v6 5/9] MdePkg/Rng: Add GUID to describe Arm Rndr Rng algorithms PierreGondois
2023-08-11 14:33 ` [edk2-devel] [PATCH v6 6/9] MdeModulePkg/Rng: Add GUID to describe unsafe " PierreGondois
2023-08-11 14:33 ` [edk2-devel] [PATCH v6 7/9] MdePkg/Rng: Add GetRngGuid() to RngLib PierreGondois
2023-08-11 14:33 ` [edk2-devel] [PATCH v6 8/9] SecurityPkg/RngDxe: Use GetRngGuid() when probing RngLib PierreGondois
2023-08-11 14:33 ` [edk2-devel] [PATCH v6 9/9] SecurityPkg/RngDxe: Simplify Rng algorithm selection for Arm PierreGondois

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox