From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sin.source.kernel.org (sin.source.kernel.org [145.40.73.55]) by mx.groups.io with SMTP id smtpd.web12.897.1668453164087102950 for ; Mon, 14 Nov 2022 11:12:44 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=UAKsmr4i; spf=pass (domain: kernel.org, ip: 145.40.73.55, mailfrom: ardb@kernel.org) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sin.source.kernel.org (Postfix) with ESMTPS id 1C373CE12A1 for ; Mon, 14 Nov 2022 19:12:40 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4301CC433C1 for ; Mon, 14 Nov 2022 19:12:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1668453158; bh=vcR4MHBZBeuSEbdRPA2raQWRR58OpB7lKh/32cy98Fw=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=UAKsmr4iRzzm2t6KXFuaNaAb7+vuczEWuHXMzOZ3l/pLDALWwPgtcQ7B4YoLbpMaK JtneiWgnEVFmdqY8jDcoAgXOud1DMFK1dD9UApPw0wOyA6c6qbERTHsf3bdcAuBt6l cxhgpgv3QCu3XspdelV/bfjZHA9arxkSGSzMZqdlGQTfGQEjH/cQ/dVWn43KPSPan4 lPRgRFwq7Em99d7AOQPBkr+EDpmYP4ZjnAoi9w7hRDgWL9QBpePXK6eu+TIHsdQnUG ln/FmS3QcxKJeTJEF/9UaCvN4QiM6fWAT9zdktda/kOj8jyQD3yrfQQKa1y8/pGmuZ noaJRRJB+eakw== Received: by mail-lj1-f175.google.com with SMTP id z24so14556307ljn.4 for ; Mon, 14 Nov 2022 11:12:38 -0800 (PST) X-Gm-Message-State: ANoB5pke9JPXcHnAmrYQwf4dcUznlIfyefH8qR2pFuN4IzD3/OzPOoTN RWFsZHJv77uMbGgtxn+dzhZ+fGbFtXhxfeY9kS0= X-Google-Smtp-Source: AA0mqf4lLWV9ENPUTIw7n7qO8Sqnug2aXxKa22Wv/ESGI281QWIZs3dzLRdlqHqYYROud0pRHP+N/EKpLbWHqQ68ytQ= X-Received: by 2002:a2e:2d09:0:b0:277:72a:41a5 with SMTP id t9-20020a2e2d09000000b00277072a41a5mr5192635ljt.352.1668453156281; Mon, 14 Nov 2022 11:12:36 -0800 (PST) MIME-Version: 1.0 References: <20221114181351.1813748-1-Pierre.Gondois@arm.com> In-Reply-To: <20221114181351.1813748-1-Pierre.Gondois@arm.com> From: "Ard Biesheuvel" Date: Mon, 14 Nov 2022 20:12:24 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [edk2-devel] [PATCH 1/1][edk2-stable202211] SecurityPkg/RngDxe: Fix Rng algo selection for Arm To: devel@edk2.groups.io, pierre.gondois@arm.com Cc: Sami Mujawar , Ard Biesheuvel , Liming Gao , Jiewen Yao , Jian J Wang Content-Type: text/plain; charset="UTF-8" On Mon, 14 Nov 2022 at 19:14, PierreGondois wrote: > > From: Pierre Gondois > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4151 > > PcdCpuRngSupportedAlgorithm is set to the Zero Guid for KvmTool > since it is not possible to predict which algorithm will be > implemented for Arm's FEAT_RNG in the host. Current handling is: > - skipping the Zero Guid, which should not happen to handle > KvmTool's case, > - triggering an ASSERT if no algorithm was found. However having > no Rng algorithm is a valid case, > > Correctly handle the Zero Guid case and replace the ASSERT by a > warning message when no Rng algorithm is found. > Also simplify the selection of the Rng algorithm when the default > one is selected by just picking up the first element of > mAvailableAlgoArray. > Can you explain a bit more please What is supposed to happen? What happens instead? Why is this patch the correct way to address this issue? > Reported-by: Sami Mujawar > Signed-off-by: Pierre Gondois > --- > .../RandomNumberGenerator/RngDxe/ArmRngDxe.c | 15 +++------------ > SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c | 8 +++++++- > 2 files changed, 10 insertions(+), 13 deletions(-) > > diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c > index 5ba319899ce9..722d53386373 100644 > --- a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c > +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c > @@ -76,7 +76,6 @@ RngGetRNG ( > ) > { > EFI_STATUS Status; > - UINTN Index; > > if ((This == NULL) || (RNGValueLength == 0) || (RNGValue == NULL)) { > return EFI_INVALID_PARAMETER; > @@ -86,21 +85,13 @@ RngGetRNG ( > // > // Use the default RNG algorithm if RNGAlgorithm is NULL. > // > - for (Index = 0; Index < mAvailableAlgoArrayCount; Index++) { > - if (!IsZeroGuid (&mAvailableAlgoArray[Index])) { > - RNGAlgorithm = &mAvailableAlgoArray[Index]; > - goto FoundAlgo; > - } > - } > - > - if (Index == mAvailableAlgoArrayCount) { > - // No algorithm available. > - ASSERT (Index != mAvailableAlgoArrayCount); > + if (mAvailableAlgoArrayCount != 0) { > + RNGAlgorithm = &mAvailableAlgoArray[0]; > + } else { > return EFI_DEVICE_ERROR; > } > } > > -FoundAlgo: > if (CompareGuid (RNGAlgorithm, PcdGetPtr (PcdCpuRngSupportedAlgorithm))) { > Status = RngGetBytes (RNGValueLength, RNGValue); > return Status; > diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c > index 421abb52b8bf..403b31b73609 100644 > --- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c > +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c > @@ -21,6 +21,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent > > #include > #include > +#include > #include > #include > #include > @@ -80,7 +81,12 @@ RngDriverEntry ( > // > // Get the list of available algorithm. > // > - return GetAvailableAlgorithms (); > + Status = GetAvailableAlgorithms (); > + if (mAvailableAlgoArrayCount == 0) { > + DEBUG ((DEBUG_WARN, "No Rng algorithm found in RngDxe.\n")); > + } > + > + return Status; > } > > /** > -- > 2.25.1 > > > > ------------ > Groups.io Links: You receive all messages sent to this group. > View/Reply Online (#96356): https://edk2.groups.io/g/devel/message/96356 > Mute This Topic: https://groups.io/mt/95025606/5717338 > Group Owner: devel+owner@edk2.groups.io > Unsubscribe: https://edk2.groups.io/g/devel/unsub [ardb+tianocore@kernel.org] > ------------ > >