From: "Wang, Jian J" <jian.j.wang@intel.com>
To: "Kinney, Michael D" <michael.d.kinney@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Bret Barkelew <bret.barkelew@microsoft.com>,
"Zhang, Chao B" <chao.b.zhang@intel.com>,
"Wu, Jiaxin" <jiaxin.wu@intel.com>,
"Yao, Jiewen" <jiewen.yao@intel.com>,
"Justen, Jordan L" <jordan.l.justen@intel.com>,
Laszlo Ersek <lersek@redhat.com>,
"Leif Lindholm" <leif.lindholm@linaro.org>,
"Gao, Liming" <liming.gao@intel.com>,
"Rabeda, Maciej" <maciej.rabeda@intel.com>,
Matthew Carlson <macarl@microsoft.com>,
"Ni, Ray" <ray.ni@intel.com>,
Sean Brogan <sean.brogan@microsoft.com>,
"Fu, Siyuan" <siyuan.fu@intel.com>,
"Lu, XiaoyuX" <xiaoyux.lu@intel.com>
Subject: Re: [edk2-devel] [PATCH 00/11] Use proper entropy sources
Date: Thu, 14 Nov 2019 05:15:06 +0000 [thread overview]
Message-ID: <D827630B58408649ACB04F44C5100036259AFB6E@SHSMSX107.ccr.corp.intel.com> (raw)
In-Reply-To: <E92EE9817A31E24EB0585FDF735412F5B9E1D1AC@ORSMSX113.amr.corp.intel.com>
Hi Mike,
Here're some suggestions:
- If OpensslLib library is used, RngLib instance must be specified along
with it.
- For package dsc, BaseLibRngNull can be used because their main
purpose is just for build.
- For platforms which don't need random number at all, BaseLibRngNull
is recommended.
- If drivers HddPasswordDxe/TlsDxe (TlsLib) and/or crypto algorithm like
AES/RSA-OAEP/RSA-PK1 are used in a platform, BaseLibRngNull must
*not* be used. This rule might change due to the future code base
change.
- For IA32/X64 platforms, BaseLibRng is recommended as the default
library instance to avoid unknown uses of RNG. But the users can
choose
- RngLibRdSeed, if rdseed is supported for sure and high quality
of entropy source is needed; or
- DxeRngLibRngProtocol, if EFI_RNG_PROTOCOL is implemented in
the platform and only DXE drivers or applications use RNG, or
arch independent is more important.
- For OVMF, there's already a driver implemented EFI_RNG_PROTOCOL.
DxeRngLibRngProtocol is always recommended.
- For other ARCH platforms, I don't see implementation of RngLib nor
EFI_RNG_PROTOCOL. They have to use BaseRngLibNull or implement
their own version of RngLib. There's an ARCH independent solution
called CPU Jitter RNG, which has been adopted by Linux. But there's
concern that it won't work well in BIOS environment.
(see https://www.chronox.de/jent/doc/CPU-Jitter-NPTRNG.html)
- If BaseLibRngNull ASSERTs at boot time, there must be some use cases
missed. Use a full implementation of RngLib instead.
Regards,
Jian
> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@intel.com>
> Sent: Thursday, November 14, 2019 12:21 PM
> To: devel@edk2.groups.io; Wang, Jian J <jian.j.wang@intel.com>; Kinney,
> Michael D <michael.d.kinney@intel.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Bret Barkelew
> <bret.barkelew@microsoft.com>; Zhang, Chao B <chao.b.zhang@intel.com>;
> Wu, Jiaxin <jiaxin.wu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Justen,
> Jordan L <jordan.l.justen@intel.com>; Laszlo Ersek <lersek@redhat.com>; Leif
> Lindholm <leif.lindholm@linaro.org>; Gao, Liming <liming.gao@intel.com>;
> Rabeda, Maciej <maciej.rabeda@intel.com>; Matthew Carlson
> <macarl@microsoft.com>; Ni, Ray <ray.ni@intel.com>; Sean Brogan
> <sean.brogan@microsoft.com>; Fu, Siyuan <siyuan.fu@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 00/11] Use proper entropy sources
>
> Jian,
>
> In this patch series I see mixed use of different RngLib instances.
>
> How does a platform developer working on their DSC file know if the
> BaseCryptLib services they are using require a Null or a complete
> implementation of the RngLib? How does a platform developer know
> if they made the wrong choice.
>
> Thanks,
>
> Mike
>
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On
> > Behalf Of Wang, Jian J
> > Sent: Wednesday, November 13, 2019 6:18 PM
> > To: devel@edk2.groups.io
> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Bret
> > Barkelew <bret.barkelew@microsoft.com>; Zhang, Chao B
> > <chao.b.zhang@intel.com>; Wu, Jiaxin
> > <jiaxin.wu@intel.com>; Yao, Jiewen
> > <jiewen.yao@intel.com>; Justen, Jordan L
> > <jordan.l.justen@intel.com>; Laszlo Ersek
> > <lersek@redhat.com>; Leif Lindholm
> > <leif.lindholm@linaro.org>; Gao, Liming
> > <liming.gao@intel.com>; Rabeda, Maciej
> > <maciej.rabeda@intel.com>; Matthew Carlson
> > <macarl@microsoft.com>; Kinney, Michael D
> > <michael.d.kinney@intel.com>; Ni, Ray
> > <ray.ni@intel.com>; Sean Brogan
> > <sean.brogan@microsoft.com>; Fu, Siyuan
> > <siyuan.fu@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>
> > Subject: [edk2-devel] [PATCH 00/11] Use proper entropy
> > sources
> >
> > REF:
> > https://bugzilla.tianocore.org/show_bug.cgi?id=1871
> >
> > Patch series summary:
> > - Add BaseRngLibNull to package dsc
> > - Add DxeRngLibRngProtocol to make use
> > EFI_RNG_PROTOCOL
> > - Add RdSeed interface and RngLibRdSeed for IA32/X64
> > arch
> > - Remove following files
> > rand_pool_noise.h
> > rand_pool_noise_tsc.c
> > rand_pool_noise.c
> > - Update rand_pool.c to use RngLib interface directly
> > and the drop the TimerLib depenency from OpensslLib
> > - Update OVMF platform dsc to use DxeRngLibRngProtocol
> > when necessary
> >
> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > Cc: Bret Barkelew <bret.barkelew@microsoft.com>
> > Cc: Chao Zhang <chao.b.zhang@intel.com>
> > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Jordan Justen <jordan.l.justen@intel.com>
> > Cc: Laszlo Ersek <lersek@redhat.com>
> > Cc: Leif Lindholm <leif.lindholm@linaro.org>
> > Cc: Liming Gao <liming.gao@intel.com>
> > Cc: Maciej Rabeda <maciej.rabeda@intel.com>
> > Cc: Matthew Carlson <macarl@microsoft.com>
> > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > Cc: Ray Ni <ray.ni@intel.com>
> > Cc: Sean Brogan <sean.brogan@microsoft.com>
> > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> >
> > Jian J Wang (11):
> > NetworkPkg/NetworkPkg.dsc: specify RngLib instance
> > for build
> > SignedCapsulePkg/SignedCapsulePkg.dsc: specify RngLib
> > instances
> > FmpDevicePkg/FmpDevicePkg.dsc: specify RngLib
> > instances in dsc files
> > MdePkg/BaseLib: add interface to wrap rdseed IA
> > instruction
> > SecurityPkg/RngLibRdSeed: add an instance of RngLib
> > to make use rdseed
> > SecurityPkg/DxeRngLibRngProtocol: add RNG protocol
> > version of RngLib
> > SecurityPkg/SecurityPkg.dsc: add new RngLib instances
> > for build
> > OvmfPkg: specify RngLib instances in dsc files
> > ArmVirtPkg/ArmVirt.dsc.inc: specify RngLib instances
> > in dsc files
> > CryptoPkg/OpensslLib: use RngLib to get high quality
> > random entropy
> > FmpDevicePkg/FmpDevicePkg.dsc: remove TimerLib
> > instance
> >
> > ArmVirtPkg/ArmVirt.dsc.inc | 2 +
> > CryptoPkg/CryptoPkg.dsc | 1 +
> > CryptoPkg/Library/OpensslLib/OpensslLib.inf | 15 +-
> > .../Library/OpensslLib/OpensslLibCrypto.inf | 15 +-
> > CryptoPkg/Library/OpensslLib/rand_pool.c | 253
> > ++----------------
> > .../Library/OpensslLib/rand_pool_noise.c | 29 --
> > .../Library/OpensslLib/rand_pool_noise.h | 29 --
> > .../Library/OpensslLib/rand_pool_noise_tsc.c | 43 --
> > -
> > FmpDevicePkg/FmpDevicePkg.dsc | 2 +-
> > MdePkg/Include/Library/BaseLib.h | 51
> > ++++
> > MdePkg/Library/BaseLib/BaseLib.inf | 4 +
> > MdePkg/Library/BaseLib/BaseLibInternals.h | 46
> > ++++
> > MdePkg/Library/BaseLib/Ia32/RdSeed.nasm | 87
> > ++++++
> > MdePkg/Library/BaseLib/X64/RdSeed.nasm | 80
> > ++++++
> > MdePkg/Library/BaseLib/X86RdSeed.c | 73
> > +++++
> > NetworkPkg/NetworkPkg.dsc | 1 +
> > OvmfPkg/OvmfPkgIa32.dsc | 5 +
> > OvmfPkg/OvmfPkgIa32X64.dsc | 5 +
> > OvmfPkg/OvmfPkgX64.dsc | 5 +
> > OvmfPkg/OvmfXen.dsc | 5 +
> > .../DxeRngLibRngProtocol.c | 200
> > ++++++++++++++
> > .../DxeRngLibRngProtocol.inf | 42
> > +++
> > .../DxeRngLibRngProtocol.uni | 14 +
> > .../RngLibRdSeed/RngLibRdSeed.inf | 37
> > +++
> > .../RngLibRdSeed/RngLibRdSeed.uni | 18 ++
> > .../RngLibRdSeed/RngRdSeed.c | 189
> > +++++++++++++
> > SecurityPkg/SecurityPkg.dsc | 6 +
> > SignedCapsulePkg/SignedCapsulePkg.dsc | 6 +
> > 28 files changed, 909 insertions(+), 354 deletions(-)
> > delete mode 100644
> > CryptoPkg/Library/OpensslLib/rand_pool_noise.c
> > delete mode 100644
> > CryptoPkg/Library/OpensslLib/rand_pool_noise.h
> > delete mode 100644
> > CryptoPkg/Library/OpensslLib/rand_pool_noise_tsc.c
> > create mode 100644
> > MdePkg/Library/BaseLib/Ia32/RdSeed.nasm
> > create mode 100644
> > MdePkg/Library/BaseLib/X64/RdSeed.nasm
> > create mode 100644 MdePkg/Library/BaseLib/X86RdSeed.c
> > create mode 100644
> > SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/
> > DxeRngLibRngProtocol.c
> > create mode 100644
> > SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/
> > DxeRngLibRngProtocol.inf
> > create mode 100644
> > SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/
> > DxeRngLibRngProtocol.uni
> > create mode 100644
> > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRd
> > Seed.inf
> > create mode 100644
> > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRd
> > Seed.uni
> > create mode 100644
> > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngRdSee
> > d.c
> >
> > --
> > 2.17.1.windows.2
> >
> >
> >
next prev parent reply other threads:[~2019-11-14 5:15 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-14 2:17 [PATCH 00/11] Use proper entropy sources Wang, Jian J
2019-11-14 2:17 ` [PATCH 01/11] NetworkPkg/NetworkPkg.dsc: specify RngLib instance for build Wang, Jian J
2019-11-14 2:17 ` [PATCH 02/11] SignedCapsulePkg/SignedCapsulePkg.dsc: specify RngLib instances Wang, Jian J
2019-11-14 2:17 ` [PATCH 03/11] FmpDevicePkg/FmpDevicePkg.dsc: specify RngLib instances in dsc files Wang, Jian J
2019-11-14 2:17 ` [PATCH 04/11] MdePkg/BaseLib: add interface to wrap rdseed IA instruction Wang, Jian J
2019-11-14 4:17 ` [edk2-devel] " Michael D Kinney
2019-11-14 4:40 ` Wang, Jian J
2019-11-14 2:17 ` [PATCH 05/11] SecurityPkg/RngLibRdSeed: add an instance of RngLib to make use rdseed Wang, Jian J
2019-11-14 4:24 ` [edk2-devel] " Michael D Kinney
2019-11-14 4:38 ` Wang, Jian J
2019-11-15 13:28 ` Ard Biesheuvel
2019-11-15 17:21 ` Michael D Kinney
2019-11-15 17:35 ` Ard Biesheuvel
2019-11-16 2:17 ` Wang, Jian J
2019-11-15 22:19 ` Laszlo Ersek
2019-11-14 2:17 ` [PATCH 06/11] SecurityPkg/DxeRngLibRngProtocol: add RNG protocol version of RngLib Wang, Jian J
2019-11-14 11:15 ` [edk2-devel] " Laszlo Ersek
2019-11-14 14:52 ` Wang, Jian J
2019-11-14 2:17 ` [PATCH 07/11] SecurityPkg/SecurityPkg.dsc: add new RngLib instances for build Wang, Jian J
2019-11-14 2:17 ` [PATCH 08/11] OvmfPkg: specify RngLib instances in dsc files Wang, Jian J
2019-11-14 11:07 ` [edk2-devel] " Laszlo Ersek
2019-11-14 14:40 ` Wang, Jian J
2019-11-14 14:51 ` Laszlo Ersek
2019-11-14 14:55 ` Wang, Jian J
2019-11-14 2:17 ` [PATCH 09/11] ArmVirtPkg/ArmVirt.dsc.inc: " Wang, Jian J
2019-11-14 7:41 ` [edk2-devel] " Ard Biesheuvel
2019-11-14 8:03 ` Wang, Jian J
2019-11-14 8:14 ` Ard Biesheuvel
2019-11-14 8:31 ` Wang, Jian J
2019-11-14 10:36 ` Laszlo Ersek
2019-11-14 14:26 ` Wang, Jian J
2019-11-14 2:17 ` [PATCH 10/11] CryptoPkg/OpensslLib: use RngLib to get high quality random entropy Wang, Jian J
2019-11-14 7:42 ` Ard Biesheuvel
2019-11-14 2:17 ` [PATCH 11/11] FmpDevicePkg/FmpDevicePkg.dsc: remove TimerLib instance Wang, Jian J
2019-11-14 4:21 ` [edk2-devel] [PATCH 00/11] Use proper entropy sources Michael D Kinney
2019-11-14 5:15 ` Wang, Jian J [this message]
[not found] <15D6E5DF9619E96C.9269@groups.io>
2019-11-14 2:19 ` Wang, Jian J
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=D827630B58408649ACB04F44C5100036259AFB6E@SHSMSX107.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox