From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>,
"Ma, Maurice" <maurice.ma@intel.com>,
"Kinney, Michael D" <michael.d.kinney@intel.com>,
"Gao, Liming" <liming.gao@intel.com>,
"patrick.rudolph@9elements.com" <patrick.rudolph@9elements.com>
Cc: "Dong, Guo" <guo.dong@intel.com>,
"You, Benjamin" <benjamin.you@intel.com>,
"Liu, Zhiguang" <zhiguang.liu@intel.com>
Subject: Re: [edk2-devel] [PATCH] UefiPayloadPkg: Add RNG support
Date: Thu, 21 Jan 2021 23:32:14 +0000 [thread overview]
Message-ID: <BY5PR11MB41662BE5DEE63E679C6EFAE18CA10@BY5PR11MB4166.namprd11.prod.outlook.com> (raw)
In-Reply-To: <DM6PR11MB2793E4B2F6EC6ADB689A9D7489A10@DM6PR11MB2793.namprd11.prod.outlook.com>
Duplicating code is not the best idea.
I recommend we just add support to MdePkg.
Thank you
Yao Jiewen
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Ma,
> Maurice
> Sent: Thursday, January 21, 2021 11:39 PM
> To: Kinney, Michael D <michael.d.kinney@intel.com>; Gao, Liming
> <liming.gao@intel.com>; patrick.rudolph@9elements.com
> Cc: Dong, Guo <guo.dong@intel.com>; You, Benjamin
> <benjamin.you@intel.com>; devel@edk2.groups.io; Liu, Zhiguang
> <zhiguang.liu@intel.com>
> Subject: Re: [edk2-devel] [PATCH] UefiPayloadPkg: Add RNG support
>
> Hi, Patrick
> Let us add MdePkg maintainers into the discussion to see what could be the best
> approach for this.
>
> Hi, Mike and Liming,
> Any recommendation from your side ?
>
> Thanks
> Maurice
>
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Patrick
> > Rudolph
> > Sent: Thursday, January 21, 2021 1:05
> > To: Ma, Maurice <maurice.ma@intel.com>
> > Cc: devel@edk2.groups.io; Dong, Guo <guo.dong@intel.com>; You, Benjamin
> > <benjamin.you@intel.com>
> > Subject: Re: [edk2-devel] [PATCH] UefiPayloadPkg: Add RNG support
> >
> > Hi Maurice,
> > it's a copy of the MdeModulePkg's BaseRngLib with runtime detection support.
> >
> > Are the MdeModulePkg maintainers OK with adding runtime detection support?
> > I had the impression that it should only be used on platforms supporting rdrand
> > for sure, and therefore must not be used on platforms not supporting rdrand.
> >
> > Kind Regards,
> > Patrick Rudolph
> >
> > On Thu, Jan 21, 2021 at 1:42 AM Ma, Maurice <maurice.ma@intel.com> wrote:
> > >
> > > Hi, Patrick
> > >
> > > There is a BaseRngLib in MdePkg package already. I am wondering why a
> new
> > instance was created under UefiPayloadPkg in the patch.
> > > Could we just reuse the same library in MdePkg?
> > > If not, what is the reason? Can we try to enhance the library in MdePkg to
> > address it if required?
> > >
> > > Thanks
> > > Maurice
> > > > -----Original Message-----
> > > > From: Patrick Rudolph <patrick.rudolph@9elements.com>
> > > > Sent: Wednesday, January 20, 2021 7:52
> > > > To: devel@edk2.groups.io
> > > > Cc: Ma, Maurice <maurice.ma@intel.com>; Dong, Guo
> > > > <guo.dong@intel.com>; You, Benjamin <benjamin.you@intel.com>
> > > > Subject: [PATCH] UefiPayloadPkg: Add RNG support
> > > >
> > > > Uses the RDRAND instruction if available and install EfiRngProtocol.
> > > > The protocol may be used by iPXE or the Linux kernel to gather entropy.
> > > >
> > > > Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
> > > > ---
> > > > UefiPayloadPkg/Library/BaseRngLib/BaseRng.c | 199
> > > > ++++++++++++++++++++
> > > > UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf | 32 ++++
> > > > UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.uni | 17 ++
> > > > UefiPayloadPkg/UefiPayloadPkg.dsc | 8 +
> > > > UefiPayloadPkg/UefiPayloadPkg.fdf | 4 +
> > > > 5 files changed, 260 insertions(+)
> > > >
> > > > diff --git a/UefiPayloadPkg/Library/BaseRngLib/BaseRng.c
> > > > b/UefiPayloadPkg/Library/BaseRngLib/BaseRng.c
> > > > new file mode 100644
> > > > index 0000000000..1fe9e1dbe0
> > > > --- /dev/null
> > > > +++ b/UefiPayloadPkg/Library/BaseRngLib/BaseRng.c
> > > > @@ -0,0 +1,199 @@
> > > > +/** @file+ Random number generator services that uses RdRand
> > > > +instruction
> > > > access+ to provide high-quality random numbers.++Copyright (c)
> > > > access+ 2015, Intel
> > > > Corporation. All rights reserved.<BR>+SPDX-License-Identifier:
> > > > BSD-2-Clause-
> > > > Patent++**/++#include <Library/BaseLib.h>+#include
> > > > <Library/DebugLib.h>+#include <Register/Intel/Cpuid.h>++STATIC
> > > > BOOLEAN mHasRdRand;++//+// Bit mask used to determine if RdRand
> > instruction is
> > > > supported.+//+#define RDRAND_MASK BIT30++//+// Limited
> retry
> > > > number when valid random data is returned.+// Uses the recommended
> > > > value defined in Section 7.3.17 of "Intel 64 and IA-32+// Architectures
> > Software
> > > > Developer's Mannual".+//+#define RDRAND_RETRY_LIMIT 10++/**+
> > The
> > > > constructor function checks whether or not RDRAND instruction is
> > > > supported+ by the host hardware.++ The constructor function checks
> > > > whether or not RDRAND instruction is supported.+ It will always return
> > RETURN_SUCCESS.++
> > > > @retval RETURN_SUCCESS The constructor always returns
> > > > EFI_SUCCESS.++**/+RETURN_STATUS+EFIAPI+BaseRngLibConstructor (+
> > > > VOID+ )+{+ UINT32 RegEax;+ UINT32 RegEcx;++ AsmCpuid
> > > > (CPUID_SIGNATURE, &RegEax, NULL, NULL, NULL);+ if (RegEax < 1) {+
> > > > mHasRdRand = FALSE;+ return RETURN_SUCCESS;+ }++ //+ //
> Determine
> > > > RDRAND support by examining bit 30 of the ECX register returned by+ //
> > CPUID.
> > > > A value of 1 indicates that processor support RDRAND instruction.+
> > > > //+ AsmCpuid (CPUID_VERSION_INFO, 0, 0, &RegEcx, 0);++ mHasRdRand
> =
> > > > ((RegEcx & RDRAND_MASK) == RDRAND_MASK);++ return
> > > > RETURN_SUCCESS;+}++/**+ Generates a 16-bit random number.++ if
> Rand
> > is
> > > > NULL, then ASSERT().++ @param[out] Rand Buffer pointer to store the
> > 16-bit
> > > > random value.++ @retval TRUE Random number generated
> > successfully.+
> > > > @retval FALSE Failed to generate the random
> > > > number.++**/+BOOLEAN+EFIAPI+GetRandomNumber16 (+ OUT UINT16
> > > > *Rand+ )+{+ UINT32 Index;++ ASSERT (Rand != NULL);++ if
> (mHasRdRand)
> > {+
> > > > //+ // A loop to fetch a 16 bit random value with a retry count limit.+
> //+
> > > > for (Index = 0; Index < RDRAND_RETRY_LIMIT; Index++) {+ if
> > (AsmRdRand16
> > > > (Rand)) {+ return TRUE;+ }+ }+ }++ return FALSE;+}++/**+
> > Generates a
> > > > 32-bit random number.++ if Rand is NULL, then ASSERT().++ @param[out]
> > > > Rand Buffer pointer to store the 32-bit random value.++ @retval TRUE
> > > > Random number generated successfully.+ @retval FALSE Failed to
> > generate
> > > > the random number.++**/+BOOLEAN+EFIAPI+GetRandomNumber32 (+
> > OUT
> > > > UINT32 *Rand+ )+{+ UINT32 Index;++ ASSERT (Rand !=
> > NULL);++ if
> > > > (mHasRdRand) {+ //+ // A loop to fetch a 32 bit random value with a
> retry
> > > > count limit.+ //+ for (Index = 0; Index < RDRAND_RETRY_LIMIT; Index++)
> > {+
> > > > if (AsmRdRand32 (Rand)) {+ return TRUE;+ }+ }+ }++ return
> > > > FALSE;+}++/**+ Generates a 64-bit random number.++ if Rand is NULL,
> > then
> > > > ASSERT().++ @param[out] Rand Buffer pointer to store the 64-bit
> > random
> > > > value.++ @retval TRUE Random number generated successfully.+
> > @retval
> > > > FALSE Failed to generate the random
> > > > number.++**/+BOOLEAN+EFIAPI+GetRandomNumber64 (+ OUT UINT64
> > > > *Rand+ )+{+ UINT32 Index;++ ASSERT (Rand != NULL);++ if
> (mHasRdRand)
> > {+
> > > > //+ // A loop to fetch a 64 bit random value with a retry count limit.+
> //+
> > > > for (Index = 0; Index < RDRAND_RETRY_LIMIT; Index++) {+ if
> > (AsmRdRand64
> > > > (Rand)) {+ return TRUE;+ }+ }+ }++ return FALSE;+}++/**+
> > Generates a
> > > > 128-bit random number.++ if Rand is NULL, then ASSERT().++ @param[out]
> > > > Rand Buffer pointer to store the 128-bit random value.++ @retval TRUE
> > > > Random number generated successfully.+ @retval FALSE Failed to
> > generate
> > > > the random number.++**/+BOOLEAN+EFIAPI+GetRandomNumber128 (+
> > OUT
> > > > UINT64 *Rand+ )+{+ ASSERT (Rand != NULL);++ //+ // Read
> first
> > 64
> > > > bits+ //+ if (!GetRandomNumber64 (Rand)) {+ return FALSE;+ }++ //+ //
> > > > Read second 64 bits+ //+ return GetRandomNumber64 (++Rand);+}diff
> > > > --git a/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf
> > > > b/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf
> > > > new file mode 100644
> > > > index 0000000000..67a91ccfff
> > > > --- /dev/null
> > > > +++ b/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf
> > > > @@ -0,0 +1,32 @@
> > > > +## @file+# Instance of RNG (Random Number Generator) Library.+#+#
> > > > Copyright (c) 2020 9elements Agency GmbH.<BR>+#+# SPDX-License-
> > Identifier:
> > > > BSD-2-Clause-Patent+#+##++[Defines]+ INF_VERSION =
> > > > 0x00010005+ BASE_NAME = BaseRngLib+ MODULE_UNI_FILE
> > > > = BaseRngLib.uni+ FILE_GUID = 05C48431-DE18-4550-931A-
> > > > 3350E8551498+ MODULE_TYPE = BASE+ VERSION_STRING
> > > > = 1.0+ LIBRARY_CLASS = RngLib+ CONSTRUCTOR =
> > > > BaseRngLibConstructor++#+# VALID_ARCHITECTURES = IA32
> > > > X64+#++[Sources.Ia32, Sources.X64]+ BaseRng.c++[Packages]+
> > > > MdePkg/MdePkg.dec++[LibraryClasses]+ BaseLib+ DebugLibdiff --git
> > > > a/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.uni
> > > > b/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.uni
> > > > new file mode 100644
> > > > index 0000000000..f3ed954c52
> > > > --- /dev/null
> > > > +++ b/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.uni
> > > > @@ -0,0 +1,17 @@
> > > > +// /** @file+// Instance of RNG (Random Number Generator)
> > > > +Library.+//+//
> > > > BaseRng Library that uses CPU RdRand instruction access to
> > > > provide+// high- quality random numbers.+//+// Copyright (c) 2015,
> > > > Intel Corporation. All rights reserved.<BR>+//+// SPDX-License-Identifier:
> > BSD-2-Clause-Patent+//+//
> > > > **/+++#string STR_MODULE_ABSTRACT #language en-US "Instance
> > of
> > > > RNG Library"++#string STR_MODULE_DESCRIPTION #language en-US
> > > > "BaseRng Library that uses CPU RdRand instruction access to provide
> > > > high- quality random numbers"+diff --git
> > > > a/UefiPayloadPkg/UefiPayloadPkg.dsc
> > > > b/UefiPayloadPkg/UefiPayloadPkg.dsc
> > > > index ae62a9c4d6..78a475ea02 100644
> > > > --- a/UefiPayloadPkg/UefiPayloadPkg.dsc
> > > > +++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
> > > > @@ -494,6 +494,14 @@
> > > > !endif UefiPayloadPkg/GraphicsOutputDxe/GraphicsOutputDxe.inf + #+
> #
> > > > Random Number Generator+ #+
> > > > SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf {+
> > > > <LibraryClasses>+
> > > > RngLib|UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf+ }+ #----------
> --
> > -----
> > > > ------------- # Build the shell #------------------------------diff --git
> > > > a/UefiPayloadPkg/UefiPayloadPkg.fdf
> > > > b/UefiPayloadPkg/UefiPayloadPkg.fdf
> > > > index a97ace7395..57c06c8621 100644
> > > > --- a/UefiPayloadPkg/UefiPayloadPkg.fdf
> > > > +++ b/UefiPayloadPkg/UefiPayloadPkg.fdf
> > > > @@ -169,6 +169,10 @@ INF
> > > > MdeModulePkg/Bus/Usb/UsbBusDxe/UsbBusDxe.inf
> > > > INF MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf INF
> > > > MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
> > +#+#
> > > > Random Number Generator+#+INF
> > > > SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf # # Shell--
> > > > 2.26.2
> > >
> >
> >
> >
> >
>
>
>
>
>
next prev parent reply other threads:[~2021-01-21 23:32 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-20 15:52 [PATCH] UefiPayloadPkg: Add RNG support Patrick Rudolph
2021-01-21 0:42 ` Ma, Maurice
2021-01-21 9:05 ` Patrick Rudolph
2021-01-21 15:38 ` [edk2-devel] " Ma, Maurice
2021-01-21 23:32 ` Yao, Jiewen [this message]
2021-01-22 5:15 ` 回复: " gaoliming
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=BY5PR11MB41662BE5DEE63E679C6EFAE18CA10@BY5PR11MB4166.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox