From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 89D9CD8108C for ; Mon, 13 May 2024 17:24:33 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=VFvZtgmmtlU4TDUzhxnGjivRzNt9IB80GTmHpuu6Sl8=; c=relaxed/simple; d=groups.io; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject:To:Cc:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type; s=20240206; t=1715621072; v=1; b=oG/bDjvDUXNHTAnGT34Hs70FyFI8OPuEzY835EHGgFsPnOOkm2sxwwc0w44IfqM88ih8ogVP yneqU0jNb/cYwOZ21GTxBEYlQp7na2JFLDr4WefxWhtKxiQVdhMYengudi/0DuQb2ir6V9+r28G 8jQig5A6eQPSQEVDRV0rFWZl2wsvncSnymWi1QFpcpU9LngFYpX2PFcq+sJ9hwWvFdPY0EuJTZs bgfe17Lf49UB+xDF6F8/PTXUfANU2DIZeBRyspNJix0t1xV35YUCod7mYdQLhgSLs4jA9AYp8T8 KQybsNXnkkTrWiX4ERPnOtDZWiw7sNphjdWBJ+j+5BbjA== X-Received: by 127.0.0.2 with SMTP id CJlVYY7687511xQRN3oqnetj; Mon, 13 May 2024 10:24:32 -0700 X-Received: from sin.source.kernel.org (sin.source.kernel.org [145.40.73.55]) by mx.groups.io with SMTP id smtpd.web11.67023.1715621070452029933 for ; Mon, 13 May 2024 10:24:31 -0700 X-Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by sin.source.kernel.org (Postfix) with ESMTP id A2D83CE0F93 for ; Mon, 13 May 2024 17:24:27 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9F9ACC4AF09 for ; Mon, 13 May 2024 17:24:26 +0000 (UTC) X-Received: by mail-lf1-f52.google.com with SMTP id 2adb3069b0e04-51fdc9af005so7448884e87.3 for ; Mon, 13 May 2024 10:24:26 -0700 (PDT) X-Gm-Message-State: oIjGebqJOnZXjkVg00YGvW87x7686176AA= X-Google-Smtp-Source: AGHT+IH8Uzkmy+HF4cJFDN2qUznMDLD3I7f+NWSgzksUVTDNRBMnyozESMLjXYwYzUlJb+gROZvRWlNjqJ5N1E3LRE4= X-Received: by 2002:a05:6512:510:b0:51d:3256:5327 with SMTP id 2adb3069b0e04-5220fe7a296mr8128397e87.35.1715621064879; Mon, 13 May 2024 10:24:24 -0700 (PDT) MIME-Version: 1.0 References: <004001daa274$8de608e0$a9b21aa0$@byosoft.com.cn> <32021.1715361185999490629@groups.io> In-Reply-To: From: "Ard Biesheuvel" Date: Mon, 13 May 2024 19:24:13 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: =?UTF-8?B?UmU6IFtlZGsyLWRldmVsXSDlm57lpI06IFtlZGsyLWRldmVsXSBbUEFUQ0ggdjIgMDMvMTNdIE92bWZQa2c6UGxhdGZvcm1DSTogU3VwcG9ydCB2aXJ0aW8tcm5nLXBjaQ==?= To: devel@edk2.groups.io, kraxel@redhat.com, Pierre , Leif Lindholm , Sami Mujawar Cc: dougflick@microsoft.com, gaoliming Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Mon, 13 May 2024 10:24:31 -0700 Resent-From: ardb@kernel.org Reply-To: devel@edk2.groups.io,ardb@kernel.org List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Type: text/plain; charset="UTF-8" X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b="oG/bDjvD"; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=kernel.org (policy=none) (cc some ARM folks) On Mon, 13 May 2024 at 11:23, Gerd Hoffmann wrote: > > On Sat, May 11, 2024 at 10:40:23AM GMT, Ard Biesheuvel wrote: > > As I pointed out before, on the ARM side there are a few intersecting > > issues with these changes. (On x86, this is mostly avoided due to the > > fact that RDRAND is universally supported) > > Well, it's not that easy on x86 either. > > Current state of affairs is that the time based LibRng is used, all > OvmfPkg / ArmVirtPkg have this: > > RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf > > So, this is what will be used if something uses LibRng. > > On x64 RngDxe will just use call LibRng too. So adding RngDxe will > effectively make BaseRngLibTimerLib available via EFI_RNG_PROTOCOL. > > In case '-device virtio-rng-pci' is present we now have *two* drivers > providing EFI_RNG_PROTOCOL. What will happen in this case? What we > surely not want is RngDxe being used in case we have a virtio-rng > device ... > On ARM, we can actually do better than this: I have taken Doug's v2 and applied some changes on top to make it work with ArmVirtQemu. https://github.com/ardbiesheuvel/edk2/tree/doug-v2 The ARM version of RngLib can be backed by either RNDR or TRNG, and exposes gEfiRngAlgorithmArmRndr, gEfiRngAlgorithmRaw, or both. If neither are supported, RngDxe will not be dispatched. Given that RNDR is implemented by the hardware, and TRNG by the hypervisor, and neither depend on the UEFI driver model (like virtio-rng), which is backed by the VMM, I think that in this case, there is no issue with dispatching both, even if that results in two implementations of the EFI_RNG_PROTOCOL, and no guarantees regarding which one you get when you locate the protocol. (Confidential VMs may want to avoid virtio-rng as it is provided by the host but let's disregard that for the time being) The upshot is that existing ARM deployments that do not use the 'max' CPU in TCG mode, or are on a fairly old version of KVM will lose network support unless they enable the virtio-rng-pci device. This is a situation I can live with, but it does require the changes I am proposing on the branch above. On x86, we should avoid BaseRngLibTimerLib as well - it is a bit ugly to expose two EFI_RNG_PROTOCOL instances, but we could at least ensure that it doesn't matter which one you grab. I intend to look more deeply into this in the future, and maybe compare notes with Pierre, as this has been a rather complicated delivery IIRC. Perhaps it would be better for RngDxe to consume a raw entropy source and implement the DRBG directly rather than expose the raw protocol (which I think should not have been introduced in the first place) -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118872): https://edk2.groups.io/g/devel/message/118872 Mute This Topic: https://groups.io/mt/106013302/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-