Hi Pierre, Thank you for this patch. I think we should treat algorithms that have a zero GUID as unsafe. I have made some suggestions on those lines marked inline as [SAMI]. Regards, Sami Mujawar On 09/05/2023 08:40 am, pierre.gondois@arm.com wrote: > From: Pierre Gondois > > BZ:https://bugzilla.tianocore.org/show_bug.cgi?id=4151 > > The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has multiple > implementations, some of them are unsafe (e.g. BaseRngLibTimerLib). > To allow the RngDxe to detect when such implementation is used, > a GetRngGuid() function was added in a previous patch. > > The EFI_RNG_PROTOCOL can advertise multiple algorithms through > Guids. The PcdCpuRngSupportedAlgorithm is currently used to > advertise the RngLib in the Arm implementation. > > The issues of doing that are: > - the RngLib implementation might not use CPU instructions, > cf. the BaseRngLibTimerLib > - most platforms don't set PcdCpuRngSupportedAlgorithm > > A GetRngGuid() was added to the RngLib in a previous patch, > allowing to identify the algorithm implemented by the RngLib. > Make use of this function. > > Signed-off-by: Pierre Gondois > --- > .../RngDxe/AArch64/AArch64Algo.c | 24 +++++++++---------- > .../RandomNumberGenerator/RngDxe/ArmRngDxe.c | 6 ++++- > .../RandomNumberGenerator/RngDxe/RngDxe.inf | 5 ++-- > 3 files changed, 19 insertions(+), 16 deletions(-) > > diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c > index e8be217f8a8c..a1ff7bd58fda 100644 > --- a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c > +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c > @@ -10,6 +10,7 @@ > #include > #include > #include > +#include > > #include "RngDxeInternals.h" > > @@ -28,9 +29,10 @@ GetAvailableAlgorithms ( > VOID > ) > { > - UINT64 DummyRand; > - UINT16 MajorRevision; > - UINT16 MinorRevision; > + EFI_STATUS Status; > + UINT16 MajorRevision; > + UINT16 MinorRevision; > + GUID RngGuid; > > // Rng algorithms 2 times, one for the allocation, one to populate. > mAvailableAlgoArray = AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX); > @@ -38,24 +40,22 @@ GetAvailableAlgorithms ( > return EFI_OUT_OF_RESOURCES; > } > > - // Check RngGetBytes() before advertising PcdCpuRngSupportedAlgorithm. > - if (!EFI_ERROR (RngGetBytes (sizeof (DummyRand), (UINT8 *)&DummyRand))) { > + // Identify RngLib algorithm. > + Status = GetRngGuid (&RngGuid); > + if (!EFI_ERROR (Status)) { > CopyMem ( > &mAvailableAlgoArray[mAvailableAlgoArrayCount], > - PcdGetPtr (PcdCpuRngSupportedAlgorithm), > - sizeof (EFI_RNG_ALGORITHM) > + RngGuid, > + sizeof (RngGuid) > ); > mAvailableAlgoArrayCount++; > > - DEBUG_CODE_BEGIN (); > - if (IsZeroGuid (PcdGetPtr (PcdCpuRngSupportedAlgorithm))) { > + if (IsZeroGuid (&RngGuid)) { > DEBUG (( > DEBUG_WARN, > - "PcdCpuRngSupportedAlgorithm should be a non-zero GUID\n" > + "RngLib should have a non-zero GUID\n" > )); > } > - > - DEBUG_CODE_END (); > } > > // Raw algorithm (Trng) ... [SAMI] I think this code should do the following: ---   BOOLEAN UnSafeAlgo = FALSE;   mAvailableAlgoArrayCount = 0; // Identify RngLib algorithm.   Status = GetRngGuid (&RngGuid); if(!EFI_ERROR (Status)) { if((IsZeroGuid (&RngGuid)) ||         (CompareGuid (&RngGuid, &gEfiRngAlgorithmUnSafe))) { // Treat zero GUID as an unsafe algorithm       DEBUG ((         DEBUG_WARN, "RngLib uses an Unsafe algorithm and " "must not be used for production builds.\n"         )); // Set the UnSafeAlgo flag to indicate an unsafe algorithm was found // so that it can be added at the end of the algorithm list.       UnSafeAlgo = TRUE;     } else{       CopyMem (         &mAvailableAlgoArray[mAvailableAlgoArrayCount],         &RngGuid, sizeof(RngGuid)         );       mAvailableAlgoArrayCount++;     }   } // Raw algorithm (Trng) if(!EFI_ERROR (GetArmTrngVersion (&MajorRevision, &MinorRevision))) {     CopyMem (       &mAvailableAlgoArray[mAvailableAlgoArrayCount],       &gEfiRngAlgorithmRaw, sizeof(EFI_RNG_ALGORITHM)       );     mAvailableAlgoArrayCount++;   } // Add unsafe algorithms at the end of the list. if(UnSafeAlgo) {     CopyMem (       &mAvailableAlgoArray[mAvailableAlgoArrayCount],       &gEfiRngAlgorithmUnSafe, sizeof(EFI_RNG_ALGORITHM)       );     mAvailableAlgoArrayCount++;   } --- Doing this will not need the call to RngFindDefaultAlgo () introduced in the next patch "[PATCH v1 7/8] SecurityPkg/RngDxe: Select safe default Rng algorithm", which can be dropped. [SAMI] > diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c > index ce49ff7ae661..78a18c5e1177 100644 > --- a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c > +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c > @@ -78,6 +78,7 @@ RngGetRNG ( > { > EFI_STATUS Status; > UINTN Index; > + GUID RngGuid; > > if ((This == NULL) || (RNGValueLength == 0) || (RNGValue == NULL)) { > return EFI_INVALID_PARAMETER; > @@ -102,7 +103,10 @@ RngGetRNG ( > } > > FoundAlgo: > - if (CompareGuid (RNGAlgorithm, PcdGetPtr (PcdCpuRngSupportedAlgorithm))) { > + Status = GetRngGuid (&RngGuid); > + if (!EFI_ERROR (Status) && > + CompareGuid (RNGAlgorithm, &RngGuid)) > + { > Status = RngGetBytes (RNGValueLength, RNGValue); > return Status; > } > diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf > index d6c2d30195bf..aa5743387ed9 100644 > --- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf > +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf > @@ -75,13 +75,12 @@ [Guids] > gEfiRngAlgorithmX9313DesGuid ## SOMETIMES_PRODUCES ## GUID # Unique ID of the algorithm for RNG > gEfiRngAlgorithmX931AesGuid ## SOMETIMES_PRODUCES ## GUID # Unique ID of the algorithm for RNG > gEfiRngAlgorithmRaw ## SOMETIMES_PRODUCES ## GUID # Unique ID of the algorithm for RNG > + gEfiRngAlgorithmArmRndr ## SOMETIMES_PRODUCES ## GUID # Unique ID of the algorithm for RNG [SAMI] Can the [Guids] section be split to relect the usage across architectures, please? > + gEfiRngAlgorithmUnSafe ## SOMETIMES_PRODUCES ## GUID # Unique ID of the algorithm for RNG > > [Protocols] > gEfiRngProtocolGuid ## PRODUCES > > -[Pcd.AARCH64] > - gEfiMdePkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm ## CONSUMES > - > [Depex] > TRUE >