From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 54458740034 for ; Wed, 8 May 2024 21:19:53 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=Tu5ctu3YihEjh+ANtiNQxsjwD5g7GYipKglCgTuEYtk=; c=relaxed/simple; d=groups.io; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject:To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; s=20240206; t=1715203191; v=1; b=1SXpdFlsZDH44qu6KJJ+RidaZY3TBXPF7u5JeN2K0WtQ55k5n7t76Jcsn47KzRfoUUyEbrmF qFnX8zuxTRtVS6bKwTzrAYyPrsGr1phGHYYXp6XeOF560O6DsQYVgCezLmdf8W8IZLstIFuxFh7 I99aW4wEgCevhsxgRsUd+XEFjzwfg5Z2wkVyMSw6gZkMZA4x6M+336+NBKUcJuQyIq0W3Hsrnny 8gpZMJXUzgskLPL7N9G2JC8g0WMesOyChWE2ou76etZizvJCSP3I0ZjDzxNFELXSCEwBULLdo8s Dc5/1hkS+jLTb3aNfS7hs300kf1wNKRhg5zem0Ch/gyOg== X-Received: by 127.0.0.2 with SMTP id XNNJYY7687511x74Av5MCyCT; Wed, 08 May 2024 14:19:51 -0700 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web11.537.1715203190887412038 for ; Wed, 08 May 2024 14:19:51 -0700 X-Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 4F8806177A for ; Wed, 8 May 2024 21:19:50 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 05A13C2BD11 for ; Wed, 8 May 2024 21:19:50 +0000 (UTC) X-Received: by mail-lf1-f42.google.com with SMTP id 2adb3069b0e04-51f3a49ff7dso174155e87.2 for ; Wed, 08 May 2024 14:19:49 -0700 (PDT) X-Gm-Message-State: 8gaOXThnIC9MA38xNjcD17f7x7686176AA= X-Google-Smtp-Source: AGHT+IHnxEHgT17eQc/jn01ER8WgjnwwIuCqIsIbrlHQHvAKPwGLCcv1JPpAMAVfzV06YyoEuy/xAuf9SmF0KttOORg= X-Received: by 2002:a05:6512:3c86:b0:521:533d:6367 with SMTP id 2adb3069b0e04-5217ce46cc6mr2731997e87.63.1715203188205; Wed, 08 May 2024 14:19:48 -0700 (PDT) MIME-Version: 1.0 References: <1400.1715191538135525592@groups.io> <1400.1715200811925539906@groups.io> In-Reply-To: <1400.1715200811925539906@groups.io> From: "Ard Biesheuvel" Date: Wed, 8 May 2024 23:19:36 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [edk2-devel] [PATCH v1 07/14] NetworkPkg:: SECURITY PATCH CVE-2023-45237 To: devel@edk2.groups.io, dougflick@microsoft.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Wed, 08 May 2024 14:19:51 -0700 Resent-From: ardb@kernel.org Reply-To: devel@edk2.groups.io,ardb@kernel.org List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=1SXpdFls; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=kernel.org (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io I've always found that logic rather bizarre - there is no way the implementation of the raw protocol can ensure that the caller uses it correctly, and so enforcing a minimum read size is pointless and arbitrary. And as you note, it has no basis in the UEFI spec either. So this should just be removed imo. On Wed, 8 May 2024 at 22:40, Doug Flick via groups.io wrote: > > Ard, > > I went ahead an added your suggestion to use gEfiRngAlgorithmRaw. This ho= wever led me to discover a difference in behavior in x86 based platforms an= d Arm based platforms and I'm usure which is the correct behavior. > > On x86 based platforms, if the RngValueLength being requested is less tha= n 32 (256bits). Then it returns EFI_INVALID_PARAMETER (despite the function= header not indicating that's possible) https://github.com/tianocore/edk2/b= lob/b82c9631da39ca5a1f0702185a46fea60446dd0a/SecurityPkg/RandomNumberGenera= tor/RngDxe/Rand/RngDxe.c#L123 > > and it assumes that "When a Deterministic Random Bit Generator (DRBG) is = used on the output of a (raw) entropy source, its security level must be at= least 256 bits." means it shouldn't support requests smaller than 32 bytes= . https://uefi.org/specs/UEFI/2.10/37_Secure_Technologies.html#random-numbe= r-generator-protocol > > On Arm based Platforms it doesn't make this assumption and behaves accord= ing to the specification. https://github.com/tianocore/edk2/blob/b82c9631da= 39ca5a1f0702185a46fea60446dd0a/SecurityPkg/RandomNumberGenerator/RngDxe/Arm= RngDxe.c#L106C35-L106C54 > > Right now my thought is that x86 machines are making an incorrect assumpt= ion where the seed to a DRNG needs to be at least 256 bits by nist recommen= dations but a caller should be free to request values smaller than 32 bytes= . > > Would you assume the same before I make a change to the x86 code to remov= e that check? > >=20 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118704): https://edk2.groups.io/g/devel/message/118704 Mute This Topic: https://groups.io/mt/105983246/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-