From: "Ard Biesheuvel" <ardb@kernel.org>
To: devel@edk2.groups.io, dougflick@microsoft.com
Subject: Re: [edk2-devel] [PATCH v1 07/14] NetworkPkg:: SECURITY PATCH CVE-2023-45237
Date: Wed, 8 May 2024 23:19:36 +0200 [thread overview]
Message-ID: <CAMj1kXHEknMENkh77dYNOT98rmGrw5VHKSZKen6MONQnH9qGfA@mail.gmail.com> (raw)
In-Reply-To: <1400.1715200811925539906@groups.io>
I've always found that logic rather bizarre - there is no way the
implementation of the raw protocol can ensure that the caller uses it
correctly, and so enforcing a minimum read size is pointless and
arbitrary. And as you note, it has no basis in the UEFI spec either.
So this should just be removed imo.
On Wed, 8 May 2024 at 22:40, Doug Flick via groups.io
<dougflick=microsoft.com@groups.io> wrote:
>
> Ard,
>
> I went ahead an added your suggestion to use gEfiRngAlgorithmRaw. This however led me to discover a difference in behavior in x86 based platforms and Arm based platforms and I'm usure which is the correct behavior.
>
> On x86 based platforms, if the RngValueLength being requested is less than 32 (256bits). Then it returns EFI_INVALID_PARAMETER (despite the function header not indicating that's possible) https://github.com/tianocore/edk2/blob/b82c9631da39ca5a1f0702185a46fea60446dd0a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c#L123
>
> and it assumes that "When a Deterministic Random Bit Generator (DRBG) is used on the output of a (raw) entropy source, its security level must be at least 256 bits." means it shouldn't support requests smaller than 32 bytes. https://uefi.org/specs/UEFI/2.10/37_Secure_Technologies.html#random-number-generator-protocol
>
> On Arm based Platforms it doesn't make this assumption and behaves according to the specification. https://github.com/tianocore/edk2/blob/b82c9631da39ca5a1f0702185a46fea60446dd0a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c#L106C35-L106C54
>
> Right now my thought is that x86 machines are making an incorrect assumption where the seed to a DRNG needs to be at least 256 bits by nist recommendations but a caller should be free to request values smaller than 32 bytes.
>
> Would you assume the same before I make a change to the x86 code to remove that check?
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118704): https://edk2.groups.io/g/devel/message/118704
Mute This Topic: https://groups.io/mt/105983246/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2024-05-08 21:19 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-08 15:29 [edk2-devel] [PATCH v1 00/14] NetworkPkg: CVE-2023-45236 and CVE-2023-45237 Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 01/14] EmulatorPkg: : Add RngDxe to EmulatorPkg Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 02/14] EmulatorPkg: : Add Hash2DxeCrypto " Doug Flick via groups.io
2024-05-10 3:10 ` Ni, Ray
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 03/14] OvmfPkg:PlatformCI: Support virtio-rng-pci Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 04/14] OvmfPkg: : Add Hash2DxeCrypto to OvmfPkg Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 05/14] ArmVirtPkg:PlatformCI: Support virtio-rng-pci Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 06/14] ArmVirtPkg: : Add Hash2DxeCrypto to ArmVirtPkg Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 07/14] NetworkPkg:: SECURITY PATCH CVE-2023-45237 Doug Flick via groups.io
2024-05-08 16:20 ` Ard Biesheuvel
2024-05-08 16:47 ` Doug Flick via groups.io
2024-05-08 16:58 ` Ard Biesheuvel
2024-05-08 18:05 ` Doug Flick via groups.io
2024-05-08 20:40 ` Doug Flick via groups.io
2024-05-08 21:19 ` Ard Biesheuvel [this message]
2024-05-08 22:52 ` Michael Brown
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 08/14] NetworkPkg: TcpDxe: SECURITY PATCH CVE-2023-45236 Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 09/14] OvmfPkg: Disable NIST Algorithms NetworkPkg Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 10/14] ArmVirtPkg: : Disables NIST algorithms NetworkPkg Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 11/14] MdePkg: : Add MockUefiBootServicesTableLib Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 12/14] MdePkg: : Adds Protocol for MockRng Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 13/14] MdePkg: Add MockHash2 Protocol for testing Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 14/14] NetworkPkg: Update the PxeBcDhcp6GoogleTest due to underlying changes Doug Flick via groups.io
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAMj1kXHEknMENkh77dYNOT98rmGrw5VHKSZKen6MONQnH9qGfA@mail.gmail.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox