From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+120006+7686176+12367111@groups.io>
Received: from mail05.groups.io (mail05.groups.io [45.79.224.7])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 728E2D801DE
	for <rebecca@openfw.io>; Mon, 22 Jul 2024 15:13:17 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=/uobzmjQ1DSjj0n4e+hAo93yFMNOkXAQZkG3QllD0NY=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20240206; t=1721661197; v=1;
 b=lomEgdwEetDLxu/ucZVn77e7MZPYFsNhpV2shPuqzLZNEQDtEhOtfJ7rxQ/4hVlqcuWLrMSF
 8fts1RGwzdAIULfX2aS1KsigLbpdDaIW9cG4QT93qDHC5XEMayw/w8q5qotVjfFInQPY2/fSo0T
 bOYJmLAOfNoNVMjd8ZqwbxI8j92Aw0SZa/i0OkZBZawBwUI8yWTFYQfKmSi4qogKDphMFKbDExy
 n838SFPlEZSn+SUkOceW31usZFpjmz5OpbzapJsMVVu7E6zwO7obRuaKKvGnDw84SxcC4rYxxKm
 X3fqoN+mbwYxFcTvpbPeMBrGApFZ10hvTbKFagAzLZ1CQ==
X-Received: by 127.0.0.2 with SMTP id ZR0GYY7687511xfBTqBMu5E6; Mon, 22 Jul 2024 08:13:15 -0700
X-Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mx.groups.io with SMTP id smtpd.web10.20560.1721661195268596510
 for <devel@edk2.groups.io>;
 Mon, 22 Jul 2024 08:13:15 -0700
X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id C8F14FEC;
	Mon, 22 Jul 2024 08:13:39 -0700 (PDT)
X-Received: from e129823.cambridge.arm.com (e129823.arm.com [10.1.197.6])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 50C743F836;
	Mon, 22 Jul 2024 08:13:13 -0700 (PDT)
From: "levi.yun" <yeoreum.yun@arm.com>
To: devel@edk2.groups.io
Cc: yeoreum.yun@arm.com,
	sami.mujawar@arm.com,
	pierre.gondois@arm.com,
	nd@arm.com,
	thomas.abraham@arm.com
Subject: [edk2-devel] [PATCH edk2-platform v1 2/2] ARM/JunoPkg: Use ArmTrngLib in NetworkPkg
Date: Mon, 22 Jul 2024 16:13:12 +0100
Message-Id: <20240722151312.937594-1-yeoreum.yun@arm.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Resent-Date: Mon, 22 Jul 2024 08:13:15 -0700
Resent-From: yeoreum.yun@arm.com
Reply-To: devel@edk2.groups.io,yeoreum.yun@arm.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: IcAaXneT6bpKGkYsgo7b28TPx7686176AA=
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20240206 header.b=lomEgdwE;
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=arm.com (policy=none)

From: "levi.yun" <yeoreum.yun@arm.com>

edk2's commit:4c4ceb2ceb80 ("NetworkPkg: SECURITY PATCH CVE-2023-45237")
solved CVE-2023-45237 about usage of a weak pseudoRandom number generator
and this modification add dependency for DxeNetLib with RngDxe driver.

Because of new dependency, Juno failed to load Newtork related packages
(i.e VlanConfigDxe, MnpDxe, ArpDxe, Dhcp4Dxe, Ip4Dxe and etc) like

...
Driver E4F61863-FE2C-4B56-A8F4-08519BC439DF was discovered but not loaded!!
Driver 025BBFC7-E6A9-4B8B-82AD-6815A1AEAF4A was discovered but not loaded!!
Driver 529D3F93-E8E9-4E73-B1E1-BDF6A9D50113 was discovered but not loaded!!
...

Unfortunately for proper usage of RngDxe, Platform should support
- RngLib with Rndr.
- Trng.

In case of Juno, it supports Trng feature. To use NetworkPkg properly,
add usage of ArmTrngLib

Signed-off-by: Levi Yun <yeoreum.yun@arm.com>
Change-Id: I1f0c72bdbb46d0226e7e6ddd921d513c8d5943c2
---
 Platform/ARM/JunoPkg/ArmJuno.dsc | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/Platform/ARM/JunoPkg/ArmJuno.dsc b/Platform/ARM/JunoPkg/ArmJun=
o.dsc
index 93ec9f12997203c0c8515af31f342910702a6a99..609470a5aab6329e765a6659d4c=
b3d4c0105cb9a 100644
--- a/Platform/ARM/JunoPkg/ArmJuno.dsc
+++ b/Platform/ARM/JunoPkg/ArmJuno.dsc
@@ -39,6 +39,11 @@ [LibraryClasses.common]
   ArmMmuLib|ArmPkg/Library/ArmMmuLib/ArmMmuBaseLib.inf=0D
   ArmPlatformLib|Platform/ARM/JunoPkg/Library/ArmJunoLib/ArmJunoLib.inf=0D
   ArmSmcLib|ArmPkg/Library/ArmSmcLib/ArmSmcLib.inf=0D
+  ArmHvcLib|ArmPkg/Library/ArmHvcLib/ArmHvcLib.inf=0D
+=0D
+  # Trng Supports.=0D
+  ArmMonitorLib|ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.inf=0D
+  ArmTrngLib|ArmPkg/Library/ArmTrngLib/ArmTrngLib.inf=0D
 =0D
   NorFlashDeviceLib|Platform/ARM/Library/P30NorFlashDeviceLib/P30NorFlashD=
eviceLib.inf=0D
   NorFlashPlatformLib|Platform/ARM/JunoPkg/Library/NorFlashJunoLib/NorFlas=
hJunoLib.inf=0D
@@ -211,6 +216,11 @@ [PcdsFixedAtBuild.common]
   gEdkiiDynamicTablesPkgTokenSpaceGuid.PcdDevelopmentPlatformRelaxations|0=
x1=0D
 !endif=0D
 =0D
+  #=0D
+  # Juno Support Trng. Override PcdEnforceSecureRngAlgorithms.=0D
+  #=0D
+  gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|TRUE=0D
+=0D
 [PcdsPatchableInModule]=0D
   # Console Resolution (Full HD)=0D
   gEfiMdeModulePkgTokenSpaceGuid.PcdVideoHorizontalResolution|1920=0D
--
Guid("CE165669-3EF3-493F-B85D-6190EE5B9759")



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#120006): https://edk2.groups.io/g/devel/message/120006
Mute This Topic: https://groups.io/mt/107486843/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-