From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+120490+7686176+12367111@groups.io>
Received: from mail05.groups.io (mail05.groups.io [45.79.224.7])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 496EDAC10C1
	for <rebecca@openfw.io>; Wed,  4 Sep 2024 11:39:40 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=dvfm/0MNcqaqpgCH3hL1HHL0gABwDG05FOf3O0LQN6M=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20240830; t=1725449980; v=1; x=1725709178;
 b=nBby/bdPpf4fcvABs2PgIpgxDEBcVEAoWl1AH5nArYvyslbDWZbOg61V4Y5mbwbj2rnZ8zCT
 srM16Y3s+yb2kpAEfJuqo+qc/vUdjqlwKaIy5D143BOjHkOe9ha/chWGdx0jtHyxamx8RT4lsQ4
 XtV5z5s6k7SFqzeU2CUWykFqHPANztyoNEYBuiYBz4sdrq/PGw/aBcjuMSzgaDdXGBISuOfXI+w
 oB3HjrP1ANCL3yJBq+8lKSTEV2rlFDNXDCnKGtKHkDTNQDhAu5zY8kAviAREB6D8gH05IiMr6Jg
 D4TxVGGR3u4U0MEJ+zJGJ5cMmjYTTRYP8NdAHW0pehjXA==
X-Received: by 127.0.0.2 with SMTP id 3YHkYY7687511xoxR9a5IJln; Wed, 04 Sep 2024 04:39:38 -0700
X-Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mx.groups.io with SMTP id smtpd.web10.47866.1725449972690913630
 for <devel@edk2.groups.io>;
 Wed, 04 Sep 2024 04:39:33 -0700
X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 8917BFEC;
	Wed,  4 Sep 2024 04:39:58 -0700 (PDT)
X-Received: from e126645.arm.com (unknown [10.57.75.149])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id C54B03F73F;
	Wed,  4 Sep 2024 04:39:30 -0700 (PDT)
From: "PierreGondois" <pierre.gondois@arm.com>
To: devel@edk2.groups.io
Cc: ardb+tianocore@kernel.org,
	sami.mujawar@arm.com,
	Thomas Abraham <thomas.abraham@arm.com>,
	Pierre Gondois <pierre.gondois@arm.com>
Subject: [edk2-devel] [PATCH 0/3] Platform/ARM/Juno: Use RngDxeLib
Date: Wed,  4 Sep 2024 13:39:02 +0200
Message-Id: <20240904113905.1736428-1-Pierre.Gondois@arm.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Resent-Date: Wed, 04 Sep 2024 04:39:33 -0700
Resent-From: pierre.gondois@arm.com
Reply-To: devel@edk2.groups.io,pierre.gondois@arm.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: 9PZTZYpLmGEeivwab3vF7QSox7686176AA=
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20240830 header.b="nBby/bdP";
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=arm.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io

From: Pierre Gondois <pierre.gondois@arm.com>

Juno's RngLib implementation is:

- BaseRngLib.inf if a secure RngLib is enforced
- BaseRngLibTimerLib.inf if a non-secure RngLib is tolerated

BaseRngLib.inf relies on the Arm's RNDR instruction. The instruction
returns a DRBG-generated random number. The DRBG used is considered
as secure.
The RNDR instruction is available if FEAT_RNG is set. The Juno doesn't
support it.

When security is enforced (i.e. ENABLE_UNSAFE_RNGLIB is not set),
the Juno cannot generate secure random numbers through the RngLib.
Secure random numbers could be generated by using the Juno's TRNG.
This can be done by:

- using the RngDxeLib implementation of the RngLib
- RngDxeLib relies on the RngDxe
- the RngDxe has access to the TRNG

Pierre Gondois (3):
  Platform/ARM: Place MdeLibs.dsc.inc as the first include
  Platform/ARM: Move PcdEnforceSecureRngAlgorithms to MdePkg
  Platform/ARM/Juno: Use DxeRngLib.inf as default RngLib implementation

 Platform/ARM/JunoPkg/ArmJuno.dsc              | 19 +++++++++++++++++--
 Platform/ARM/Morello/MorelloPlatformFvp.dsc   |  6 +++---
 Platform/ARM/N1Sdp/N1SdpPlatform.dsc          |  2 +-
 Platform/ARM/SgiPkg/RdE1Edge/RdE1Edge.dsc     |  6 +++---
 Platform/ARM/SgiPkg/RdN1Edge/RdN1Edge.dsc     |  6 +++---
 Platform/ARM/SgiPkg/RdN1EdgeX2/RdN1EdgeX2.dsc |  6 +++---
 Platform/ARM/SgiPkg/RdN2/RdN2.dsc             |  6 +++---
 Platform/ARM/SgiPkg/RdN2Cfg1/RdN2Cfg1.dsc     |  6 +++---
 Platform/ARM/SgiPkg/RdN2Cfg2/RdN2Cfg2.dsc     |  6 +++---
 Platform/ARM/SgiPkg/RdN2Cfg3/RdN2Cfg3.dsc     |  6 +++---
 Platform/ARM/SgiPkg/RdV1/RdV1.dsc             |  6 +++---
 Platform/ARM/SgiPkg/RdV1Mc/RdV1Mc.dsc         |  6 +++---
 Platform/ARM/SgiPkg/RdV3/RdV3.dsc             |  6 +++---
 Platform/ARM/SgiPkg/Sgi575/Sgi575.dsc         |  6 +++---
 .../VExpressPkg/ArmVExpress-FVP-AArch64.dsc   |  2 +-
 Platform/ARM/VExpressPkg/ArmVExpress.dsc.inc  |  2 +-
 16 files changed, 56 insertions(+), 41 deletions(-)

--=20
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#120490): https://edk2.groups.io/g/devel/message/120490
Mute This Topic: https://groups.io/mt/108262991/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-