From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wm1-f46.google.com (mail-wm1-f46.google.com [209.85.128.46]) by mx.groups.io with SMTP id smtpd.web12.3030.1573824522301345573 for ; Fri, 15 Nov 2019 05:28:42 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@linaro.org header.s=google header.b=jNOsWAPo; spf=pass (domain: linaro.org, ip: 209.85.128.46, mailfrom: ard.biesheuvel@linaro.org) Received: by mail-wm1-f46.google.com with SMTP id z19so10424027wmk.3 for ; Fri, 15 Nov 2019 05:28:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Hspnhv95OCUyLFA/us7uOo1yFYGX5UuHVaTINRrhzO8=; b=jNOsWAPoCj9X5tkBxKHBtFVbKmTjGnX5oC5lU1kwmTii0XhT2+I9Fg8DHhAJS2diMl Sq21X+Iy7uLidk1OERO7HeiqRWKPCQsw+IjOgPFCkIcSqPsREIqa9RvHSX3NcwR6vHls wl4GJczO64SA8oomzSaHHndK64LhGxuBeKxomMd91Hj5yk+M8aHERVi5IitxbhPvCywV 7Z5li9eQm+Svct3X2qXI8/FIGR0uehnrNCV2V5E3ONqjd2TPjmsD4c60+9X/kSSQpZCV +zbyItaLQ0c8e1h1LSt76qPB1YioB2MOzE6cOlgTl8PMA1GqJi7ppJsS2PBUmSfFtdwc awJw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Hspnhv95OCUyLFA/us7uOo1yFYGX5UuHVaTINRrhzO8=; b=Lz/nrN2gd8JZxODmnGdAT+FW4I45+Flb0SHPIRZm31Fpm0koKHdWIRekwbMSh/rl5n xRUVDa81JexBqXdqeoYAlttlScSHt9xRGBh2ASW06PEUxz1DUc80KZFDDZpdlqzTUEoM Gw7ILQitZ/lf+Ww9QMfc0tWQjl08xxuLbR0axwRZvC7m7gVUC79gX7Yfeb4OEJHDLhGb nXYLXMdfM1Ov6WV4uD6JyNHffuyaApC2qKvH5zJP28mgN5oIC4t1quYfTnict0bkZe1G /I+Pj7ebTq709rtXWfjnNhYsCBQChB2fF6x0CMo9WvdePHxU96q/Qat8M04Fq3XGJfzn tdEg== X-Gm-Message-State: APjAAAU/gRU/NgskD3mQMQ5qF6Miyaz9ibVfdz2qCVMkTJ5rtwqhoDPo Ooj9a7v2AddK07Pdo2U6uIBHaJrfhsiF9yK+lYCjz1//gjnxWNZV X-Google-Smtp-Source: APXvYqzOauY7mWq5gC9qbpzc+EL7OzOgcC2Z99Gss0YhyJbFzQym2GPwfVTBbphiFKPd0lkbX7rNCMKFDL1use3/lUo= X-Received: by 2002:a1c:3d08:: with SMTP id k8mr13832879wma.119.1573824520318; Fri, 15 Nov 2019 05:28:40 -0800 (PST) MIME-Version: 1.0 References: <20191114021743.3876-1-jian.j.wang@intel.com> <20191114021743.3876-6-jian.j.wang@intel.com> In-Reply-To: From: "Ard Biesheuvel" Date: Fri, 15 Nov 2019 13:28:32 +0000 Message-ID: Subject: Re: [edk2-devel] [PATCH 05/11] SecurityPkg/RngLibRdSeed: add an instance of RngLib to make use rdseed To: edk2-devel-groups-io , Jian J Wang Cc: "Kinney, Michael D" , "Yao, Jiewen" , "Zhang, Chao B" , "Gao, Liming" , "Ni, Ray" Content-Type: text/plain; charset="UTF-8" On Thu, 14 Nov 2019 at 04:39, Wang, Jian J wrote: > > Mike, > > I figured that rdseed is only needed in cases demanding highest entropy, > like seeding other pseudo-RNG. It's not for general purpose randomness. > Then I put it in SecurityPkg. But I'm ok to put it into MdePkg. I have no > strong opinion for this. > I think it is a bad idea to use the same library abstraction [RngLib] for exposing a) entropy sources used for seeding deterministic random number generators b) deterministic random number generators themselves c) low entropy pseudo-RNGs based on timestamp counters, etc given that the use cases don't usually overlap. I.e., only a DRBG implementation requires a), and exports RngLib itself based on that. Use cases that can tolerate c) [like IV generators for block encryption] are typically disjoint from ones that require b) [for key generation]. The idea that you can use RngLib for all of them, and plug arbitrary instantiations of it into each is misguided IMHO. > > -----Original Message----- > > From: Kinney, Michael D > > Sent: Thursday, November 14, 2019 12:25 PM > > To: devel@edk2.groups.io; Wang, Jian J ; Kinney, > > Michael D > > Cc: Yao, Jiewen ; Zhang, Chao B > > ; Gao, Liming ; Ni, Ray > > > > Subject: RE: [edk2-devel] [PATCH 05/11] SecurityPkg/RngLibRdSeed: add an > > instance of RngLib to make use rdseed > > > > Jian, > > > > Why is this lib instance in the SecurityPkg? It only depends > > on the MdePkg. Can't non security feature related modules > > that want to a random number use this lib without using the > > SecurityPkg? Could this lib instance be added to MdePkg? > > > > Thanks, > > > > Mike > > > > > -----Original Message----- > > > From: devel@edk2.groups.io On > > > Behalf Of Wang, Jian J > > > Sent: Wednesday, November 13, 2019 6:18 PM > > > To: devel@edk2.groups.io > > > Cc: Yao, Jiewen ; Zhang, Chao B > > > ; Kinney, Michael D > > > ; Gao, Liming > > > ; Ni, Ray > > > Subject: [edk2-devel] [PATCH 05/11] > > > SecurityPkg/RngLibRdSeed: add an instance of RngLib to > > > make use rdseed > > > > > > This version of RngLib makes use of AsmRdSeed to get > > > non-deterministic random number, which can be used for > > > seeding other software DRNG like rand interface in > > > openssl. It can be used only on IA32/X64 processors > > > which supports rdseed instruction. > > > > > > Ref: > > > https://bugzilla.tianocore.org/show_bug.cgi?id=1871 > > > Cc: Jiewen Yao > > > Cc: Chao Zhang > > > Cc: Michael D Kinney > > > Cc: Liming Gao > > > Cc: Ray Ni > > > Signed-off-by: Jian J Wang > > > --- > > > .../RngLibRdSeed/RngLibRdSeed.inf | 37 > > > ++++ > > > .../RngLibRdSeed/RngLibRdSeed.uni | 18 ++ > > > .../RngLibRdSeed/RngRdSeed.c | 189 > > > ++++++++++++++++++ > > > 3 files changed, 244 insertions(+) > > > create mode 100644 > > > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRd > > > Seed.inf > > > create mode 100644 > > > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRd > > > Seed.uni > > > create mode 100644 > > > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngRdSee > > > d.c > > > > > > diff --git > > > a/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLib > > > RdSeed.inf > > > b/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLib > > > RdSeed.inf > > > new file mode 100644 > > > index 0000000000..8162408775 > > > --- /dev/null > > > +++ > > > b/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLib > > > RdSeed.inf > > > @@ -0,0 +1,37 @@ > > > +## @file > > > +# Instance of RNG (Random Number Generator) Library. > > > +# > > > +# Rng RdSeed Library that uses CPU RdSeed instruction > > > access to > > > +provide # non-deterministic random number which can > > > be used as seed > > > +for other # software deterministic RNGs. > > > +# > > > +# Copyright (c) 2019, Intel Corporation. All rights > > > reserved.
# # > > > +SPDX-License-Identifier: BSD-2-Clause-Patent # # ## > > > + > > > +[Defines] > > > + INF_VERSION = 0x00010029 > > > + BASE_NAME = RngLibRdSeed > > > + MODULE_UNI_FILE = RngLibRdSeed.uni > > > + FILE_GUID = 8B613B2E-B944-40F9- > > > B979-1B60D7CAA73C > > > + MODULE_TYPE = BASE > > > + VERSION_STRING = 1.0 > > > + LIBRARY_CLASS = RngLib > > > + CONSTRUCTOR = > > > RngLibRdSeedConstructor > > > + > > > +# > > > +# VALID_ARCHITECTURES = IA32 X64 > > > +# > > > + > > > +[Sources.Ia32, Sources.X64] > > > + RngRdSeed.c > > > + > > > +[Packages] > > > + MdePkg/MdePkg.dec > > > + > > > +[LibraryClasses] > > > + BaseLib > > > + DebugLib > > > diff --git > > > a/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLib > > > RdSeed.uni > > > b/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLib > > > RdSeed.uni > > > new file mode 100644 > > > index 0000000000..051a3019bc > > > --- /dev/null > > > +++ > > > b/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLib > > > RdSeed.uni > > > @@ -0,0 +1,18 @@ > > > +// /** @file > > > +// Instance of RNG (Random Number Generator) Library. > > > +// > > > +// Rng RdSeed Library that uses CPU RdSeed instruction > > > access to > > > +provide // non-deterministic random number which can > > > be used as seed > > > +for other // software deterministic RNGs. > > > +// > > > +// Copyright (c) 2019, Intel Corporation. All rights > > > reserved.
// > > > +// SPDX-License-Identifier: BSD-2-Clause-Patent // // > > > **/ > > > + > > > + > > > +#string STR_MODULE_ABSTRACT #language en- > > > US "Instance of RNG Library" > > > + > > > +#string STR_MODULE_DESCRIPTION #language en- > > > US "RngRdSeed Library that uses CPU RdSeed instruction > > > access to provide non-deterministic random numbers." > > > + > > > diff --git > > > a/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngRdS > > > eed.c > > > b/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngRdS > > > eed.c > > > new file mode 100644 > > > index 0000000000..0036faa050 > > > --- /dev/null > > > +++ > > > b/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngRdS > > > eed.c > > > @@ -0,0 +1,189 @@ > > > +/** @file > > > + Random number generator services that uses RdSeed > > > instruction access > > > + to provide non-deterministic random numbers, which > > > are usually used > > > + for seeding other pseudo-random number generators. > > > + > > > +Copyright (c) 2019, Intel Corporation. All rights > > > reserved.
> > > +SPDX-License-Identifier: BSD-2-Clause-Patent > > > + > > > +**/ > > > + > > > +#include > > > +#include > > > +#include > > > + > > > +// > > > +// Bit mask used to determine if RdSeed instruction is > > > supported. > > > +// > > > +#define RDSEED_MASK BIT18 > > > + > > > +// > > > +// Limited retry number when valid random data is > > > returned. > > > +// It varies between 1 and 100 according to "Intel(R) > > > DRGN Software > > > +Implementation // Guide". Let's use the same value as > > > RDRAND in BaseRngLib. > > > +// > > > +#define RDSEED_RETRY_LIMIT 10 > > > + > > > +/** > > > + The constructor function checks whether or not > > > RDSEED instruction is > > > +supported > > > + by the host hardware. > > > + > > > + The constructor function checks whether or not > > > RDSEED instruction is supported. > > > + It will ASSERT() if RDSEED instruction is not > > > supported. > > > + > > > + @retval RETURN_SUCCESS The processor supports > > > RDSEED instruction. > > > + @retval RETURN_UNSUPPORTED RDSEED instruction is > > > not supported. > > > + > > > +**/ > > > +RETURN_STATUS > > > +EFIAPI > > > +RngLibRdSeedConstructor ( > > > + VOID > > > + ) > > > +{ > > > + UINT32 RegEbx; > > > + > > > + // > > > + // Determine RDSEED support by examining bit 18 of > > > the EBX register > > > + returned by // CPUID(EAX=7, ECX=0). BIT18 of EBX > > > indicates that > > > + processor support RDSEED // instruction. > > > + // > > > + AsmCpuidEx (7, 0, NULL, &RegEbx, NULL, NULL); if > > > ((RegEbx & > > > + RDSEED_MASK) != RDSEED_MASK) { > > > + ASSERT ((RegEbx & RDSEED_MASK) == RDSEED_MASK); > > > + return RETURN_UNSUPPORTED; > > > + } > > > + > > > + return RETURN_SUCCESS; > > > +} > > > + > > > +/** > > > + Generates a 16-bit random number. > > > + > > > + if Rand is NULL, then ASSERT(). > > > + > > > + @param[out] Rand Buffer pointer to store the 16- > > > bit random value. > > > + > > > + @retval TRUE Random number generated > > > successfully. > > > + @retval FALSE Failed to generate the random > > > number. > > > + > > > +**/ > > > +BOOLEAN > > > +EFIAPI > > > +GetRandomNumber16 ( > > > + OUT UINT16 *Rand > > > + ) > > > +{ > > > + UINT32 Index; > > > + > > > + ASSERT (Rand != NULL); > > > + > > > + // > > > + // A loop to fetch a 16 bit random value with a > > > retry count limit. > > > + // > > > + for (Index = 0; Index < RDSEED_RETRY_LIMIT; Index++) > > > { > > > + if (AsmRdSeed16 (Rand)) { > > > + return TRUE; > > > + } > > > + } > > > + > > > + return FALSE; > > > +} > > > + > > > +/** > > > + Generates a 32-bit random number. > > > + > > > + if Rand is NULL, then ASSERT(). > > > + > > > + @param[out] Rand Buffer pointer to store the 32- > > > bit random value. > > > + > > > + @retval TRUE Random number generated > > > successfully. > > > + @retval FALSE Failed to generate the random > > > number. > > > + > > > +**/ > > > +BOOLEAN > > > +EFIAPI > > > +GetRandomNumber32 ( > > > + OUT UINT32 *Rand > > > + ) > > > +{ > > > + UINT32 Index; > > > + > > > + ASSERT (Rand != NULL); > > > + > > > + // > > > + // A loop to fetch a 32 bit random value with a > > > retry count limit. > > > + // > > > + for (Index = 0; Index < RDSEED_RETRY_LIMIT; Index++) > > > { > > > + if (AsmRdSeed32 (Rand)) { > > > + return TRUE; > > > + } > > > + } > > > + > > > + return FALSE; > > > +} > > > + > > > +/** > > > + Generates a 64-bit random number. > > > + > > > + if Rand is NULL, then ASSERT(). > > > + > > > + @param[out] Rand Buffer pointer to store the 64- > > > bit random value. > > > + > > > + @retval TRUE Random number generated > > > successfully. > > > + @retval FALSE Failed to generate the random > > > number. > > > + > > > +**/ > > > +BOOLEAN > > > +EFIAPI > > > +GetRandomNumber64 ( > > > + OUT UINT64 *Rand > > > + ) > > > +{ > > > + UINT32 Index; > > > + > > > + ASSERT (Rand != NULL); > > > + > > > + // > > > + // A loop to fetch a 64 bit random value with a > > > retry count limit. > > > + // > > > + for (Index = 0; Index < RDSEED_RETRY_LIMIT; Index++) > > > { > > > + if (AsmRdSeed64 (Rand)) { > > > + return TRUE; > > > + } > > > + } > > > + > > > + return FALSE; > > > +} > > > + > > > +/** > > > + Generates a 128-bit random number. > > > + > > > + if Rand is NULL, then ASSERT(). > > > + > > > + @param[out] Rand Buffer pointer to store the > > > 128-bit random value. > > > + > > > + @retval TRUE Random number generated > > > successfully. > > > + @retval FALSE Failed to generate the random > > > number. > > > + > > > +**/ > > > +BOOLEAN > > > +EFIAPI > > > +GetRandomNumber128 ( > > > + OUT UINT64 *Rand > > > + ) > > > +{ > > > + ASSERT (Rand != NULL); > > > + > > > + // > > > + // Read first 64 bits > > > + // > > > + if (!GetRandomNumber64 (Rand)) { > > > + return FALSE; > > > + } > > > + > > > + // > > > + // Read second 64 bits > > > + // > > > + return GetRandomNumber64 (++Rand); > > > +} > > > -- > > > 2.17.1.windows.2 > > > > > > > > > > > > >