From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 70EB7AC0B16 for ; Sat, 11 May 2024 08:26:48 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=tGlCCidSyAQA3FBAt0t4jPjuLS5cXxZQ3zXGgNSsiEo=; c=relaxed/simple; d=groups.io; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject:To:Cc:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type; s=20240206; t=1715416007; v=1; b=Awn2UeULhs9ursBPs4IEFn39xJhQAmLFq8Qs+R9nViBhTYKRsvzOiPXV6Y5bZIJGg0Gj9uuV rVENpHADNPINjiZLcpSww53/+NEQB2qd0QmyoQlrAsC00gZ1Pp96BzwtDKQ0VUOcylJNEMFA1JS leEnfIdi2nl9s+NiJDpASHmY9Q1jS/nkg7X2txna94wyqGV2g4gA0/D9yAPdf3gW1+z4T5T8zxs BizQGxzFnHO8t7b3SA+nzLmTesW4DUtTZrV7pqX1zwdCcysAnzYIpduaTutOFqYsqY1rQDqxzHK 2sDWAgnHANDCzX1sQplrkUdvMTtszDlHD5mfIg5eKXS+Q== X-Received: by 127.0.0.2 with SMTP id Jl59YY7687511xtNmZSRXSm7; Sat, 11 May 2024 01:26:47 -0700 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web11.10822.1715416006049619434 for ; Sat, 11 May 2024 01:26:46 -0700 X-Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 82AFB601C6 for ; Sat, 11 May 2024 08:26:45 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id EDB0EC32783 for ; Sat, 11 May 2024 08:26:44 +0000 (UTC) X-Received: by mail-lj1-f181.google.com with SMTP id 38308e7fff4ca-2e1fa824504so35947621fa.0 for ; Sat, 11 May 2024 01:26:44 -0700 (PDT) X-Gm-Message-State: EsZMXJqKwB5kIPltgV2kYZmXx7686176AA= X-Google-Smtp-Source: AGHT+IHhVkJyej8ARIoZ+FTbpetYP28vMR61ofodbpC7T/qiuqkI0wbMIPqRj6yNvzahqvVzG3R3P2NsEtO2zshKhZg= X-Received: by 2002:ac2:58c5:0:b0:520:7a44:3f30 with SMTP id 2adb3069b0e04-5220fb6ab92mr3122987e87.16.1715416003132; Sat, 11 May 2024 01:26:43 -0700 (PDT) MIME-Version: 1.0 References: <20240509055633.828642-1-doug.edk2@gmail.com> <20240509055633.828642-8-doug.edk2@gmail.com> In-Reply-To: <20240509055633.828642-8-doug.edk2@gmail.com> From: "Ard Biesheuvel" Date: Sat, 11 May 2024 10:26:31 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [edk2-devel] [PATCH v2 07/13] SecurityPkg: RngDxe: Remove incorrect limitation on GetRng To: devel@edk2.groups.io, dougflick@microsoft.com Cc: Jiewen Yao Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Sat, 11 May 2024 01:26:46 -0700 Resent-From: ardb@kernel.org Reply-To: devel@edk2.groups.io,ardb@kernel.org List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Type: text/plain; charset="UTF-8" X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=Awn2UeUL; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=kernel.org (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io On Thu, 9 May 2024 at 07:56, Doug Flick via groups.io wrote: > > Removed from gEfiRngAlgorithmRaw an incorrect assumption that > Raw cannot return less than 256 bits. The DRNG Algorithms > should always use a 256 bit seed as per nist standards > however a caller is free to request less than 256 bits. > > > > // > > // When a DRBG is used on the output of a entropy source, > > // its security level must be at least 256 bits according to UEFI Spec. > > // > > if (RNGValueLength < 32) { > > return EFI_INVALID_PARAMETER; > > } > > > > AARCH64 platforms do not have this limitation and this brings both > implementations into alignment with each other and the spec. > > Cc: Jiewen Yao > > Signed-off-by: Doug Flick [MSFT] Reviewed-by: Ard Biesheuvel As I commented in the other thread, it is not the job of the raw EFI_RNG_PROTOCOL to ensure that its callers never do anything silly. Refusing requests for less than 32 bytes is pointless and arbitrary, as only avoids one very particular potential mistake. > --- > SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c | 8 -------- > 1 file changed, 8 deletions(-) > > diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c > index 7e06e16e4be5..5723ed695747 100644 > --- a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c > +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c > @@ -116,14 +116,6 @@ RngGetRNG ( > // The "raw" algorithm is intended to provide entropy directly > // > if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmRaw)) { > - // > - // When a DRBG is used on the output of a entropy source, > - // its security level must be at least 256 bits according to UEFI Spec. > - // > - if (RNGValueLength < 32) { > - return EFI_INVALID_PARAMETER; > - } > - > Status = GenerateEntropy (RNGValueLength, RNGValue); > return Status; > } > -- > 2.34.1 > > > > ------------ > Groups.io Links: You receive all messages sent to this group. > View/Reply Online (#118722): https://edk2.groups.io/g/devel/message/118722 > Mute This Topic: https://groups.io/mt/105996584/1131722 > Group Owner: devel+owner@edk2.groups.io > Unsubscribe: https://edk2.groups.io/g/devel/unsub [ardb@kernel.org] > ------------ > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118830): https://edk2.groups.io/g/devel/message/118830 Mute This Topic: https://groups.io/mt/105996584/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-