From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by mx.groups.io with SMTP id smtpd.web09.4994.1619692515895205698 for ; Thu, 29 Apr 2021 03:35:16 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=g4AVLOw2; spf=pass (domain: kernel.org, ip: 198.145.29.99, mailfrom: ardb@kernel.org) Received: by mail.kernel.org (Postfix) with ESMTPSA id 879F261460 for ; Thu, 29 Apr 2021 10:35:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1619692514; bh=Bf9XIxNAdE458hCG5XnGXT2yh5lkXSErE/kL/J7b2cc=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=g4AVLOw2YnEqZo2/5M0HDNhZtMQA1qvrEwyxenTSiutspwL7/8DQ38vWuLGYicVEg miqmHZbZTw92pMWTMsiwx+CwfzNHuXKDHgshGp3qxEeV0q3Pkh+fZpl++FSuACSqQF Kz2HR2e6SZBawCZLAfbK5Kbsc9g2MySdKq1u5eeeJ/XfUH0JlMRyeQyU8OmyntjgbW ZyARfush+qDjsdvumBNVu6SPnSjU+l9nPwZtBOZ2woNX41rUfl7Thy5uYN5MuTrnBl l6jHzv25kacelg9uTZ90ewGpZYzYoHg94uGxnIKd6dqQLZYrMg7JPCx+qHY77tq5TW hTQ5qtAHQbUpw== Received: by mail-ot1-f54.google.com with SMTP id f75-20020a9d03d10000b0290280def9ab76so55858437otf.12 for ; Thu, 29 Apr 2021 03:35:14 -0700 (PDT) X-Gm-Message-State: AOAM530oGQKIp1u+0c0elJ1T/LGO3Bcj01LEIWUj38x/vMFZijc7pXDB EE3f/rIlS3kqAkFSPz9LeeSU4B5IRSxhJF7QpMY= X-Google-Smtp-Source: ABdhPJxChG2ZHjFi/ahIycvuFI7Hvqmc3oiNWmu8zYsEukF/QFml9Dk2H5K38W/t5TfoSbvr+k0b5GKDTOROJ96Z90s= X-Received: by 2002:a9d:311:: with SMTP id 17mr27336659otv.77.1619692513424; Thu, 29 Apr 2021 03:35:13 -0700 (PDT) MIME-Version: 1.0 References: <20210428204415.25454-1-rebecca@nuviainc.com> <20210428204415.25454-4-rebecca@nuviainc.com> In-Reply-To: <20210428204415.25454-4-rebecca@nuviainc.com> From: "Ard Biesheuvel" Date: Thu, 29 Apr 2021 12:35:01 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 3/3] SecurityPkg: Add support for RngDxe on AARCH64 To: Rebecca Cran Cc: edk2-devel-groups-io , Jiewen Yao , Jian J Wang , Michael D Kinney , Liming Gao , Zhiguang Liu , Ard Biesheuvel , Sami Mujawar Content-Type: text/plain; charset="UTF-8" On Wed, 28 Apr 2021 at 22:44, Rebecca Cran wrote: > > AARCH64 support has been added to BaseRngLib via the optional > ARMv8.5 FEAT_RNG. > > Refactor RngDxe to support AARCH64, note support for it in the > VALID_ARCHITECTURES line of RngDxe.inf and enable it in SecurityPkg.dsc. > > Signed-off-by: Rebecca Cran > --- > SecurityPkg/SecurityPkg.dsc | 11 +- > SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf | 19 +++- > SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.h | 37 ++++++ > SecurityPkg/RandomNumberGenerator/RngDxe/{ => Rand}/AesCore.h | 0 > SecurityPkg/RandomNumberGenerator/RngDxe/{ => Rand}/RdRand.h | 0 > SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h | 88 ++++++++++++++ > SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.c | 54 +++++++++ > SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c | 108 ++++++++++++++++++ > SecurityPkg/RandomNumberGenerator/RngDxe/{ => Rand}/AesCore.c | 0 > SecurityPkg/RandomNumberGenerator/RngDxe/{ => Rand}/RdRand.c | 0 > SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c | 120 ++++++++++++++++++++ > SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c | 117 ++++--------------- > 12 files changed, 450 insertions(+), 104 deletions(-) > > diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc > index 12ccd1634941..bd4b810bce61 100644 > --- a/SecurityPkg/SecurityPkg.dsc > +++ b/SecurityPkg/SecurityPkg.dsc > @@ -259,6 +259,12 @@ [Components] > [Components.IA32, Components.X64, Components.ARM, Components.AARCH64] > SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf > > +[Components.IA32, Components.X64, Components.AARCH64] > + # > + # Random Number Generator > + # > + SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf > + > [Components.IA32, Components.X64] > SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf > > @@ -334,11 +340,6 @@ [Components.IA32, Components.X64] > SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf > SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/StandaloneMmTcg2PhysicalPresenceLib.inf > > - # > - # Random Number Generator > - # > - SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf > - > # > # Opal Password solution > # > diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf > index 99d6f6b35fc2..c188b6076c00 100644 > --- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf > +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf > @@ -26,15 +26,24 @@ [Defines] > # > # The following information is for reference only and not required by the build tools. > # > -# VALID_ARCHITECTURES = IA32 X64 > +# VALID_ARCHITECTURES = IA32 X64 AARCH64 > # > > [Sources.common] > RngDxe.c > - RdRand.c > - RdRand.h > - AesCore.c > - AesCore.h > + RngDxeInternals.h > + > +[Sources.IA32, Sources.X64] > + Rand/RngDxe.c > + Rand/RdRand.c > + Rand/RdRand.h > + Rand/AesCore.c > + Rand/AesCore.h > + > +[Sources.AARCH64] > + AArch64/RngDxe.c > + AArch64/Rndr.c > + AArch64/Rndr.h > > [Packages] > MdePkg/MdePkg.dec > diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.h b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.h > new file mode 100644 > index 000000000000..458faa834a3d > --- /dev/null > +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.h > @@ -0,0 +1,37 @@ > +/** @file > + Header for the RNDR APIs used by RNG DXE driver. > + > + Support API definitions for RNDR instruction access. > + > + > + Copyright (c) 2013, Intel Corporation. All rights reserved.
> + (C) Copyright 2015 Hewlett Packard Enterprise Development LP
> + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#ifndef RNDR_H_ > +#define RNDR_H_ > + > +#include > +#include > + > +/** > + Calls RNDR to fill a buffer of arbitrary size with random bytes. > + > + @param[in] Length Size of the buffer, in bytes, to fill with. > + @param[out] RandBuffer Pointer to the buffer to store the random result. > + > + @retval EFI_SUCCESS Random bytes generation succeeded. > + @retval EFI_NOT_READY Failed to request random bytes. > + > +**/ > +EFI_STATUS > +EFIAPI > +RndrGetBytes ( > + IN UINTN Length, > + OUT UINT8 *RandBuffer > + ); > + > +#endif // RNDR_H_ > diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/AesCore.h > similarity index 100% > rename from SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h > rename to SecurityPkg/RandomNumberGenerator/RngDxe/Rand/AesCore.h > diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.h b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RdRand.h > similarity index 100% > rename from SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.h > rename to SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RdRand.h > diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h > new file mode 100644 > index 000000000000..7e38fc2564f6 > --- /dev/null > +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h > @@ -0,0 +1,88 @@ > +/** @file > + Function prototypes for UEFI Random Number Generator protocol support. > + > + Copyright (c) 2021, NUVIA Inc. All rights reserved.
> + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#ifndef RNGDXE_INTERNALS_H_ > +#define RNGDXE_INTERNALS_H_ > + > +extern EFI_RNG_ALGORITHM *mSUpportedRngAlgorithms; > + > +/** > + Returns information about the random number generation implementation. > + > + @param[in] This A pointer to the EFI_RNG_PROTOCOL instance. > + @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList. > + On output with a return code of EFI_SUCCESS, the size > + in bytes of the data returned in RNGAlgorithmList. On output > + with a return code of EFI_BUFFER_TOO_SMALL, > + the size of RNGAlgorithmList required to obtain the list. > + @param[out] RNGAlgorithmList A caller-allocated memory buffer filled by the driver > + with one EFI_RNG_ALGORITHM element for each supported > + RNG algorithm. The list must not change across multiple > + calls to the same driver. The first algorithm in the list > + is the default algorithm for the driver. > + > + @retval EFI_SUCCESS The RNG algorithm list was returned successfully. > + @retval EFI_UNSUPPORTED The services is not supported by this driver. > + @retval EFI_DEVICE_ERROR The list of algorithms could not be retrieved due to a > + hardware or firmware error. > + @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect. > + @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result. > + > +**/ > +EFI_STATUS > +EFIAPI > +RngGetInfo ( > + IN EFI_RNG_PROTOCOL *This, > + IN OUT UINTN *RNGAlgorithmListSize, > + OUT EFI_RNG_ALGORITHM *RNGAlgorithmList > + ); > + > +/** > + Produces and returns an RNG value using either the default or specified RNG algorithm. > + > + @param[in] This A pointer to the EFI_RNG_PROTOCOL instance. > + @param[in] RNGAlgorithm A pointer to the EFI_RNG_ALGORITHM that identifies the RNG > + algorithm to use. May be NULL in which case the function will > + use its default RNG algorithm. > + @param[in] RNGValueLength The length in bytes of the memory buffer pointed to by > + RNGValue. The driver shall return exactly this numbers of bytes. > + @param[out] RNGValue A caller-allocated memory buffer filled by the driver with the > + resulting RNG value. > + > + @retval EFI_SUCCESS The RNG value was returned successfully. > + @retval EFI_UNSUPPORTED The algorithm specified by RNGAlgorithm is not supported by > + this driver. > + @retval EFI_DEVICE_ERROR An RNG value could not be retrieved due to a hardware or > + firmware error. > + @retval EFI_NOT_READY There is not enough random data available to satisfy the length > + requested by RNGValueLength. > + @retval EFI_INVALID_PARAMETER RNGValue is NULL or RNGValueLength is zero. > + > +**/ > +EFI_STATUS > +EFIAPI > +RngGetRNG ( > + IN EFI_RNG_PROTOCOL *This, > + IN EFI_RNG_ALGORITHM *RNGAlgorithm, OPTIONAL > + IN UINTN RNGValueLength, > + OUT UINT8 *RNGValue > + ); > + > +/** > + Returns the size of the RNG algorithms structure. > + > + @return Size of the EFI_RNG_ALGORITHM list. > +**/ > +UINTN > +EFIAPI > +ArchGetSupportedRngAlgorithmsSize ( > + VOID > + ); > + > +#endif // RNGDXE_INTERNALS_H_ > diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.c > new file mode 100644 > index 000000000000..36166a9cbc13 > --- /dev/null > +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/Rndr.c > @@ -0,0 +1,54 @@ > +/** @file > + Support routines for RNDR instruction access. > + > + Copyright (c) 2021, NUVIA Inc. All rights reserved.
> + Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
> + (C) Copyright 2015 Hewlett Packard Enterprise Development LP
> + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#include > +#include > + > +#include "Rndr.h" > + > +/** > + Calls RNDR to fill a buffer of arbitrary size with random bytes. > + > + @param[in] Length Size of the buffer, in bytes, to fill with. > + @param[out] RandBuffer Pointer to the buffer to store the random result. > + > + @retval EFI_SUCCESS Random bytes generation succeeded. > + @retval EFI_NOT_READY Failed to request random bytes. > + > +**/ > +EFI_STATUS > +EFIAPI > +RndrGetBytes ( > + IN UINTN Length, > + OUT UINT8 *RandBuffer > + ) > +{ > + BOOLEAN IsRandom; > + UINT64 TempRand; > + > + while (Length > 0) { > + IsRandom = GetRandomNumber64 (&TempRand); > + if (!IsRandom) { > + return EFI_NOT_READY; > + } > + if (Length >= sizeof (TempRand)) { > + WriteUnaligned64 ((UINT64*)RandBuffer, TempRand); > + RandBuffer += sizeof (UINT64); > + Length -= sizeof (TempRand); > + } else { > + CopyMem (RandBuffer, &TempRand, Length); > + Length = 0; > + } > + } > + > + return EFI_SUCCESS; > +} > + > diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c > new file mode 100644 > index 000000000000..18cca825e72d > --- /dev/null > +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c > @@ -0,0 +1,108 @@ > +/** @file > + RNG Driver to produce the UEFI Random Number Generator protocol. > + > + The driver will use the new RNDR instruction to produce high-quality, high-performance > + entropy and random number. > + > + RNG Algorithms defined in UEFI 2.4: > + - EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID - Unsupported > + - EFI_RNG_ALGORITHM_RAW - Supported > + - EFI_RNG_ALGORITHM_SP800_90_HMAC_256_GUID - Unsupported > + - EFI_RNG_ALGORITHM_SP800_90_HASH_256_GUID - Unsupported > + - EFI_RNG_ALGORITHM_X9_31_3DES_GUID - Unsupported > + - EFI_RNG_ALGORITHM_X9_31_AES_GUID - Unsupported > + > + Copyright (c) 2021, NUVIA Inc. All rights reserved.
> + Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
> + (C) Copyright 2015 Hewlett Packard Enterprise Development LP
> + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#include > +#include > +#include > +#include > +#include > + > +#include "Rndr.h" > + > +// > +// Supported RNG Algorithms list by this driver. > +// > +EFI_RNG_ALGORITHM mSupportedRngAlgorithms[] = { > + EFI_RNG_ALGORITHM_RAW This is incorrect. Both flavors of RNDR return the output of a DRBG, the only difference is how often they are reseeded. We might need a PCD here to define which exact DRBG implementation is used in the hardware, and set this accordingly. We could use a VOID* PTR PCD type to carry the GUID itself, in which case we could reuse the same code for x86 as well, if I am not mistaken. -- Ard.