From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by mx.groups.io with SMTP id smtpd.web09.880.1573697989317502936 for ; Wed, 13 Nov 2019 18:19:49 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.120, mailfrom: jian.j.wang@intel.com) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Nov 2019 18:19:48 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.68,302,1569308400"; d="scan'208";a="202925561" Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202]) by fmsmga008.fm.intel.com with ESMTP; 13 Nov 2019 18:19:48 -0800 Received: from fmsmsx603.amr.corp.intel.com (10.18.126.83) by fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS) id 14.3.439.0; Wed, 13 Nov 2019 18:19:48 -0800 Received: from fmsmsx603.amr.corp.intel.com (10.18.126.83) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Wed, 13 Nov 2019 18:19:48 -0800 Received: from shsmsx151.ccr.corp.intel.com (10.239.6.50) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1713.5 via Frontend Transport; Wed, 13 Nov 2019 18:19:48 -0800 Received: from shsmsx107.ccr.corp.intel.com ([169.254.9.63]) by SHSMSX151.ccr.corp.intel.com ([169.254.3.149]) with mapi id 14.03.0439.000; Thu, 14 Nov 2019 10:19:46 +0800 From: "Wang, Jian J" To: "devel@edk2.groups.io" , "Wang, Jian J" CC: Ard Biesheuvel , Bret Barkelew , "Zhang, Chao B" , "Wu, Jiaxin" , "Yao, Jiewen" , "Justen, Jordan L" , Laszlo Ersek , "Leif Lindholm" , "Gao, Liming" , "Rabeda, Maciej" , Matthew Carlson , "Kinney, Michael D" , "Ni, Ray" , Sean Brogan , "Fu, Siyuan" , "Lu, XiaoyuX" Subject: Re: [edk2-devel] [PATCH 00/11] Use proper entropy sources Thread-Topic: [edk2-devel] [PATCH 00/11] Use proper entropy sources Thread-Index: AQHVmpG8hddZq5CCkk2bLzAAZZt5VqeJ7qzg Date: Thu, 14 Nov 2019 02:19:45 +0000 Message-ID: References: <15D6E5DF9619E96C.9269@groups.io> In-Reply-To: <15D6E5DF9619E96C.9269@groups.io> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiZTUxOTlmMzgtZjg1Mi00NGRmLTg4Y2YtZDMxMTI0Nzk1YmY4IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiaEF0UGNETHVibzV0RzA3cEpZMjlheU14a2QyejVCK3VjYmZoSmdkamRmY05KUVh0QjI1WWtOZ2ZwOGcyeXpSQiJ9 x-ctpclassification: CTP_NT dlp-product: dlpe-windows dlp-version: 11.2.0.6 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Return-Path: jian.j.wang@intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable The patches can also be found at in my fork in github https://github.com/jwang36/edk2/tree/fix-bz1871-use-proper-entropy-sources= -v1 Regards, Jian > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Wang, Jia= n > J > Sent: Thursday, November 14, 2019 10:18 AM > To: devel@edk2.groups.io > Cc: Ard Biesheuvel ; Bret Barkelew > ; Zhang, Chao B ; > Wu, Jiaxin ; Yao, Jiewen ; Ju= sten, > Jordan L ; Laszlo Ersek ; = Leif > Lindholm ; Gao, Liming ; > Rabeda, Maciej ; Matthew Carlson > ; Kinney, Michael D ; = Ni, > Ray ; Sean Brogan ; Fu, > Siyuan ; Lu, XiaoyuX > Subject: [edk2-devel] [PATCH 00/11] Use proper entropy sources >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1871 >=20 > Patch series summary: > - Add BaseRngLibNull to package dsc > - Add DxeRngLibRngProtocol to make use EFI_RNG_PROTOCOL > - Add RdSeed interface and RngLibRdSeed for IA32/X64 arch > - Remove following files > rand_pool_noise.h > rand_pool_noise_tsc.c > rand_pool_noise.c > - Update rand_pool.c to use RngLib interface directly > and the drop the TimerLib depenency from OpensslLib > - Update OVMF platform dsc to use DxeRngLibRngProtocol > when necessary >=20 > Cc: Ard Biesheuvel > Cc: Bret Barkelew > Cc: Chao Zhang > Cc: Jiaxin Wu > Cc: Jiewen Yao > Cc: Jordan Justen > Cc: Laszlo Ersek > Cc: Leif Lindholm > Cc: Liming Gao > Cc: Maciej Rabeda > Cc: Matthew Carlson > Cc: Michael D Kinney > Cc: Ray Ni > Cc: Sean Brogan > Cc: Siyuan Fu > Cc: Xiaoyu Lu >=20 > Jian J Wang (11): > NetworkPkg/NetworkPkg.dsc: specify RngLib instance for build > SignedCapsulePkg/SignedCapsulePkg.dsc: specify RngLib instances > FmpDevicePkg/FmpDevicePkg.dsc: specify RngLib instances in dsc files > MdePkg/BaseLib: add interface to wrap rdseed IA instruction > SecurityPkg/RngLibRdSeed: add an instance of RngLib to make use rdseed > SecurityPkg/DxeRngLibRngProtocol: add RNG protocol version of RngLib > SecurityPkg/SecurityPkg.dsc: add new RngLib instances for build > OvmfPkg: specify RngLib instances in dsc files > ArmVirtPkg/ArmVirt.dsc.inc: specify RngLib instances in dsc files > CryptoPkg/OpensslLib: use RngLib to get high quality random entropy > FmpDevicePkg/FmpDevicePkg.dsc: remove TimerLib instance >=20 > ArmVirtPkg/ArmVirt.dsc.inc | 2 + > CryptoPkg/CryptoPkg.dsc | 1 + > CryptoPkg/Library/OpensslLib/OpensslLib.inf | 15 +- > .../Library/OpensslLib/OpensslLibCrypto.inf | 15 +- > CryptoPkg/Library/OpensslLib/rand_pool.c | 253 ++---------------- > .../Library/OpensslLib/rand_pool_noise.c | 29 -- > .../Library/OpensslLib/rand_pool_noise.h | 29 -- > .../Library/OpensslLib/rand_pool_noise_tsc.c | 43 --- > FmpDevicePkg/FmpDevicePkg.dsc | 2 +- > MdePkg/Include/Library/BaseLib.h | 51 ++++ > MdePkg/Library/BaseLib/BaseLib.inf | 4 + > MdePkg/Library/BaseLib/BaseLibInternals.h | 46 ++++ > MdePkg/Library/BaseLib/Ia32/RdSeed.nasm | 87 ++++++ > MdePkg/Library/BaseLib/X64/RdSeed.nasm | 80 ++++++ > MdePkg/Library/BaseLib/X86RdSeed.c | 73 +++++ > NetworkPkg/NetworkPkg.dsc | 1 + > OvmfPkg/OvmfPkgIa32.dsc | 5 + > OvmfPkg/OvmfPkgIa32X64.dsc | 5 + > OvmfPkg/OvmfPkgX64.dsc | 5 + > OvmfPkg/OvmfXen.dsc | 5 + > .../DxeRngLibRngProtocol.c | 200 ++++++++++++++ > .../DxeRngLibRngProtocol.inf | 42 +++ > .../DxeRngLibRngProtocol.uni | 14 + > .../RngLibRdSeed/RngLibRdSeed.inf | 37 +++ > .../RngLibRdSeed/RngLibRdSeed.uni | 18 ++ > .../RngLibRdSeed/RngRdSeed.c | 189 +++++++++++++ > SecurityPkg/SecurityPkg.dsc | 6 + > SignedCapsulePkg/SignedCapsulePkg.dsc | 6 + > 28 files changed, 909 insertions(+), 354 deletions(-) > delete mode 100644 CryptoPkg/Library/OpensslLib/rand_pool_noise.c > delete mode 100644 CryptoPkg/Library/OpensslLib/rand_pool_noise.h > delete mode 100644 CryptoPkg/Library/OpensslLib/rand_pool_noise_tsc.c > create mode 100644 MdePkg/Library/BaseLib/Ia32/RdSeed.nasm > create mode 100644 MdePkg/Library/BaseLib/X64/RdSeed.nasm > create mode 100644 MdePkg/Library/BaseLib/X86RdSeed.c > create mode 100644 > SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRngLibRngPr > otocol.c > create mode 100644 > SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRngLibRngPr > otocol.inf > create mode 100644 > SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRngLibRngPr > otocol.uni > create mode 100644 > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRdSeed.inf > create mode 100644 > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRdSeed.uni > create mode 100644 > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngRdSeed.c >=20 > -- > 2.17.1.windows.2 >=20 >=20 >=20