From: "Ard Biesheuvel" <ardb@kernel.org>
To: Rebecca Cran <rebecca@nuviainc.com>
Cc: edk2-devel-groups-io <devel@edk2.groups.io>,
Jiewen Yao <jiewen.yao@intel.com>,
Jian J Wang <jian.j.wang@intel.com>,
Michael D Kinney <michael.d.kinney@intel.com>,
Liming Gao <gaoliming@byosoft.com.cn>,
Zhiguang Liu <zhiguang.liu@intel.com>,
Ard Biesheuvel <ardb+tianocore@kernel.org>,
Sami Mujawar <Sami.Mujawar@arm.com>
Subject: Re: [PATCH 3/3] SecurityPkg: Add support for RngDxe on AARCH64
Date: Thu, 29 Apr 2021 12:35:01 +0200 [thread overview]
Message-ID: <CAMj1kXHb7wuUYbdpjYzPpX+jjDfO_95Q5kM1WMcwTP6Zm5UH4g@mail.gmail.com> (raw)
In-Reply-To: <20210428204415.25454-4-rebecca@nuviainc.com>
On Wed, 28 Apr 2021 at 22:44, Rebecca Cran <rebecca@nuviainc.com> wrote:
>
> AARCH64 support has been added to BaseRngLib via the optional
> ARMv8.5 FEAT_RNG.
>
> Refactor RngDxe to support AARCH64, note support for it in the
> VALID_ARCHITECTURES line of RngDxe.inf and enable it in SecurityPkg.dsc.
>
> Signed-off-by: Rebecca Cran <rebecca@nuviainc.com>
> ---
> SecurityPkg/SecurityPkg.dsc | 11 +-
> SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf | 19 +++-
> SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.h | 37 ++++++
> SecurityPkg/RandomNumberGenerator/RngDxe/{ => Rand}/AesCore.h | 0
> SecurityPkg/RandomNumberGenerator/RngDxe/{ => Rand}/RdRand.h | 0
> SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h | 88 ++++++++++++++
> SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.c | 54 +++++++++
> SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c | 108 ++++++++++++++++++
> SecurityPkg/RandomNumberGenerator/RngDxe/{ => Rand}/AesCore.c | 0
> SecurityPkg/RandomNumberGenerator/RngDxe/{ => Rand}/RdRand.c | 0
> SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c | 120 ++++++++++++++++++++
> SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c | 117 ++++---------------
> 12 files changed, 450 insertions(+), 104 deletions(-)
>
> diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
> index 12ccd1634941..bd4b810bce61 100644
> --- a/SecurityPkg/SecurityPkg.dsc
> +++ b/SecurityPkg/SecurityPkg.dsc
> @@ -259,6 +259,12 @@ [Components]
> [Components.IA32, Components.X64, Components.ARM, Components.AARCH64]
> SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
>
> +[Components.IA32, Components.X64, Components.AARCH64]
> + #
> + # Random Number Generator
> + #
> + SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
> +
> [Components.IA32, Components.X64]
> SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
>
> @@ -334,11 +340,6 @@ [Components.IA32, Components.X64]
> SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf
> SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/StandaloneMmTcg2PhysicalPresenceLib.inf
>
> - #
> - # Random Number Generator
> - #
> - SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
> -
> #
> # Opal Password solution
> #
> diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
> index 99d6f6b35fc2..c188b6076c00 100644
> --- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
> +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
> @@ -26,15 +26,24 @@ [Defines]
> #
> # The following information is for reference only and not required by the build tools.
> #
> -# VALID_ARCHITECTURES = IA32 X64
> +# VALID_ARCHITECTURES = IA32 X64 AARCH64
> #
>
> [Sources.common]
> RngDxe.c
> - RdRand.c
> - RdRand.h
> - AesCore.c
> - AesCore.h
> + RngDxeInternals.h
> +
> +[Sources.IA32, Sources.X64]
> + Rand/RngDxe.c
> + Rand/RdRand.c
> + Rand/RdRand.h
> + Rand/AesCore.c
> + Rand/AesCore.h
> +
> +[Sources.AARCH64]
> + AArch64/RngDxe.c
> + AArch64/Rndr.c
> + AArch64/Rndr.h
>
> [Packages]
> MdePkg/MdePkg.dec
> diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.h b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.h
> new file mode 100644
> index 000000000000..458faa834a3d
> --- /dev/null
> +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.h
> @@ -0,0 +1,37 @@
> +/** @file
> + Header for the RNDR APIs used by RNG DXE driver.
> +
> + Support API definitions for RNDR instruction access.
> +
> +
> + Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
> + (C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
> +
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#ifndef RNDR_H_
> +#define RNDR_H_
> +
> +#include <Library/BaseLib.h>
> +#include <Protocol/Rng.h>
> +
> +/**
> + Calls RNDR to fill a buffer of arbitrary size with random bytes.
> +
> + @param[in] Length Size of the buffer, in bytes, to fill with.
> + @param[out] RandBuffer Pointer to the buffer to store the random result.
> +
> + @retval EFI_SUCCESS Random bytes generation succeeded.
> + @retval EFI_NOT_READY Failed to request random bytes.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +RndrGetBytes (
> + IN UINTN Length,
> + OUT UINT8 *RandBuffer
> + );
> +
> +#endif // RNDR_H_
> diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/AesCore.h
> similarity index 100%
> rename from SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h
> rename to SecurityPkg/RandomNumberGenerator/RngDxe/Rand/AesCore.h
> diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.h b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RdRand.h
> similarity index 100%
> rename from SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.h
> rename to SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RdRand.h
> diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h
> new file mode 100644
> index 000000000000..7e38fc2564f6
> --- /dev/null
> +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h
> @@ -0,0 +1,88 @@
> +/** @file
> + Function prototypes for UEFI Random Number Generator protocol support.
> +
> + Copyright (c) 2021, NUVIA Inc. All rights reserved.<BR>
> +
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#ifndef RNGDXE_INTERNALS_H_
> +#define RNGDXE_INTERNALS_H_
> +
> +extern EFI_RNG_ALGORITHM *mSUpportedRngAlgorithms;
> +
> +/**
> + Returns information about the random number generation implementation.
> +
> + @param[in] This A pointer to the EFI_RNG_PROTOCOL instance.
> + @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.
> + On output with a return code of EFI_SUCCESS, the size
> + in bytes of the data returned in RNGAlgorithmList. On output
> + with a return code of EFI_BUFFER_TOO_SMALL,
> + the size of RNGAlgorithmList required to obtain the list.
> + @param[out] RNGAlgorithmList A caller-allocated memory buffer filled by the driver
> + with one EFI_RNG_ALGORITHM element for each supported
> + RNG algorithm. The list must not change across multiple
> + calls to the same driver. The first algorithm in the list
> + is the default algorithm for the driver.
> +
> + @retval EFI_SUCCESS The RNG algorithm list was returned successfully.
> + @retval EFI_UNSUPPORTED The services is not supported by this driver.
> + @retval EFI_DEVICE_ERROR The list of algorithms could not be retrieved due to a
> + hardware or firmware error.
> + @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
> + @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +RngGetInfo (
> + IN EFI_RNG_PROTOCOL *This,
> + IN OUT UINTN *RNGAlgorithmListSize,
> + OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
> + );
> +
> +/**
> + Produces and returns an RNG value using either the default or specified RNG algorithm.
> +
> + @param[in] This A pointer to the EFI_RNG_PROTOCOL instance.
> + @param[in] RNGAlgorithm A pointer to the EFI_RNG_ALGORITHM that identifies the RNG
> + algorithm to use. May be NULL in which case the function will
> + use its default RNG algorithm.
> + @param[in] RNGValueLength The length in bytes of the memory buffer pointed to by
> + RNGValue. The driver shall return exactly this numbers of bytes.
> + @param[out] RNGValue A caller-allocated memory buffer filled by the driver with the
> + resulting RNG value.
> +
> + @retval EFI_SUCCESS The RNG value was returned successfully.
> + @retval EFI_UNSUPPORTED The algorithm specified by RNGAlgorithm is not supported by
> + this driver.
> + @retval EFI_DEVICE_ERROR An RNG value could not be retrieved due to a hardware or
> + firmware error.
> + @retval EFI_NOT_READY There is not enough random data available to satisfy the length
> + requested by RNGValueLength.
> + @retval EFI_INVALID_PARAMETER RNGValue is NULL or RNGValueLength is zero.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +RngGetRNG (
> + IN EFI_RNG_PROTOCOL *This,
> + IN EFI_RNG_ALGORITHM *RNGAlgorithm, OPTIONAL
> + IN UINTN RNGValueLength,
> + OUT UINT8 *RNGValue
> + );
> +
> +/**
> + Returns the size of the RNG algorithms structure.
> +
> + @return Size of the EFI_RNG_ALGORITHM list.
> +**/
> +UINTN
> +EFIAPI
> +ArchGetSupportedRngAlgorithmsSize (
> + VOID
> + );
> +
> +#endif // RNGDXE_INTERNALS_H_
> diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.c
> new file mode 100644
> index 000000000000..36166a9cbc13
> --- /dev/null
> +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.c
> @@ -0,0 +1,54 @@
> +/** @file
> + Support routines for RNDR instruction access.
> +
> + Copyright (c) 2021, NUVIA Inc. All rights reserved.<BR>
> + Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
> + (C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
> +
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/RngLib.h>
> +
> +#include "Rndr.h"
> +
> +/**
> + Calls RNDR to fill a buffer of arbitrary size with random bytes.
> +
> + @param[in] Length Size of the buffer, in bytes, to fill with.
> + @param[out] RandBuffer Pointer to the buffer to store the random result.
> +
> + @retval EFI_SUCCESS Random bytes generation succeeded.
> + @retval EFI_NOT_READY Failed to request random bytes.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +RndrGetBytes (
> + IN UINTN Length,
> + OUT UINT8 *RandBuffer
> + )
> +{
> + BOOLEAN IsRandom;
> + UINT64 TempRand;
> +
> + while (Length > 0) {
> + IsRandom = GetRandomNumber64 (&TempRand);
> + if (!IsRandom) {
> + return EFI_NOT_READY;
> + }
> + if (Length >= sizeof (TempRand)) {
> + WriteUnaligned64 ((UINT64*)RandBuffer, TempRand);
> + RandBuffer += sizeof (UINT64);
> + Length -= sizeof (TempRand);
> + } else {
> + CopyMem (RandBuffer, &TempRand, Length);
> + Length = 0;
> + }
> + }
> +
> + return EFI_SUCCESS;
> +}
> +
> diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c
> new file mode 100644
> index 000000000000..18cca825e72d
> --- /dev/null
> +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c
> @@ -0,0 +1,108 @@
> +/** @file
> + RNG Driver to produce the UEFI Random Number Generator protocol.
> +
> + The driver will use the new RNDR instruction to produce high-quality, high-performance
> + entropy and random number.
> +
> + RNG Algorithms defined in UEFI 2.4:
> + - EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID - Unsupported
> + - EFI_RNG_ALGORITHM_RAW - Supported
> + - EFI_RNG_ALGORITHM_SP800_90_HMAC_256_GUID - Unsupported
> + - EFI_RNG_ALGORITHM_SP800_90_HASH_256_GUID - Unsupported
> + - EFI_RNG_ALGORITHM_X9_31_3DES_GUID - Unsupported
> + - EFI_RNG_ALGORITHM_X9_31_AES_GUID - Unsupported
> +
> + Copyright (c) 2021, NUVIA Inc. All rights reserved.<BR>
> + Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
> + (C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
> +
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include <Library/BaseLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/TimerLib.h>
> +#include <Protocol/Rng.h>
> +
> +#include "Rndr.h"
> +
> +//
> +// Supported RNG Algorithms list by this driver.
> +//
> +EFI_RNG_ALGORITHM mSupportedRngAlgorithms[] = {
> + EFI_RNG_ALGORITHM_RAW
This is incorrect. Both flavors of RNDR return the output of a DRBG,
the only difference is how often they are reseeded.
We might need a PCD here to define which exact DRBG implementation is
used in the hardware, and set this accordingly. We could use a VOID*
PTR PCD type to carry the GUID itself, in which case we could reuse
the same code for x86 as well, if I am not mistaken.
--
Ard.
prev parent reply other threads:[~2021-04-29 10:35 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-28 20:44 [PATCH 0/3] MdePkg,SecurityPkg: Update BaseRngLib and RngDxe to support ARMv8.5 FEAT_RNG Rebecca Cran
2021-04-28 20:44 ` [PATCH 1/3] MdePkg/BaseLib: Add support for ARMv8.5 RNG instructions Rebecca Cran
2021-04-29 1:08 ` 回复: " gaoliming
2021-05-05 21:02 ` [edk2-devel] " Rebecca Cran
2021-05-04 21:06 ` Sami Mujawar
2021-05-04 21:42 ` Rebecca Cran
2021-04-28 20:44 ` [PATCH 2/3] MdePkg: Refactor BaseRngLib to support AARCH64 in addition to X86 Rebecca Cran
2021-04-29 1:10 ` 回复: " gaoliming
2021-04-29 3:01 ` [edk2-devel] " Rebecca Cran
2021-05-04 21:09 ` Sami Mujawar
2021-05-05 19:27 ` [edk2-devel] " Rebecca Cran
2021-05-06 21:47 ` Rebecca Cran
2021-04-28 20:44 ` [PATCH 3/3] SecurityPkg: Add support for RngDxe on AARCH64 Rebecca Cran
2021-04-29 1:13 ` 回复: " gaoliming
2021-04-29 15:50 ` [edk2-devel] " Rebecca Cran
2021-04-29 10:35 ` Ard Biesheuvel [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAMj1kXHb7wuUYbdpjYzPpX+jjDfO_95Q5kM1WMcwTP6Zm5UH4g@mail.gmail.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox