From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by mx.groups.io with SMTP id smtpd.web11.277.1611189737378479469 for ; Wed, 20 Jan 2021 16:42:17 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=OklBouvx; spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: maurice.ma@intel.com) IronPort-SDR: eVNHL/Bi+5uL0TSKhngqvYxKK+D2er1Gi4GQy2RhBAHs2vaW/8MlnPm0GFU9bF7Fclcu75orJO 8gq4QGaUDHuQ== X-IronPort-AV: E=McAfee;i="6000,8403,9870"; a="166861494" X-IronPort-AV: E=Sophos;i="5.79,362,1602572400"; d="scan'208";a="166861494" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Jan 2021 16:42:15 -0800 IronPort-SDR: 3Tfuoe/19CSeqmuPGT3SU7BoR9n51WuDG0qTk7jVve0x2aHbgSCW4/B63XR16lDJ9x3lFGGmZk ku5gr8LVj/wg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.79,362,1602572400"; d="scan'208";a="391737816" Received: from fmsmsx604.amr.corp.intel.com ([10.18.126.84]) by orsmga007.jf.intel.com with ESMTP; 20 Jan 2021 16:42:15 -0800 Received: from fmsmsx609.amr.corp.intel.com (10.18.126.89) by fmsmsx604.amr.corp.intel.com (10.18.126.84) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Wed, 20 Jan 2021 16:42:15 -0800 Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by fmsmsx609.amr.corp.intel.com (10.18.126.89) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5 via Frontend Transport; Wed, 20 Jan 2021 16:42:15 -0800 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (104.47.66.46) by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.1713.5; Wed, 20 Jan 2021 16:42:09 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=km++CwXpfb5iECHlADS68C497W46PWRe5BJpiFtVwYNKvPzT2JRI1FESTImg5602lngFZpOidkCTIPZpW62O+7zrUgyLWkQWWKMpKpWB7dCp2o6LM4DP/m7IqtJsjWjVzrRE3psbk2RSl0qFlNMHgmQTOBDcZTYsbqyxXWtS/Wvz4c5QcSpeLvOit1nZSt5Y0/GS9tXE/UwPbKKquqSQbb7DobtVGZyFle8OxP6y6asU5uwnokB+HXr5YGfNwqYBUw9uqSftiZopALJwZr1JsIj5Of8zKZMUj9QxPe7ARFZgig3v4Jkvw58I2fP18ylGgbTVlwx21s4MR5Z2zTXiSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uIxJO4Aplor/ER2FniIVEPvqbmQevYfsaMFQK3axF/I=; b=UMbJLbEWRMLcpQzu7+PM9HyeXutCy5xI+OypJQNFOJhBcFslu3IJfMS3sctdSUhPisS4J+ULmf05Zg9bUmyLS9zSUqOSqnEtfEF+WPa91VJG99ob9WUyChyXVsmtbg6fP9shio2W/2c1HT0uR/2AmKZHzxbTTONpdBcgOw6gmtG2z2n93qowaiHZbSkqmF/ti5uWX6eL54SkqglFEog6kAeEYD/BrKpprQ2wtJEkna8xYPkczSFyl3rOqjU3D4xM95NPRPKn+I0TxEHnIa71ZC/G6mOtfliNVHr14iqnNHadtLM3XgVrZmEE2HnokfYOc2kyxGTa4TM9Y+nc0fz8BA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uIxJO4Aplor/ER2FniIVEPvqbmQevYfsaMFQK3axF/I=; b=OklBouvxGrZ7QmXEYmCzah/1qi/ccqturBydmRNMvnlt8FvbdOMO8L3I9do9yTmAd5FBv/5Lz8hAnCUBg3I4iH8708icSq7bHu9a11+RgY+oJDy6KU4Sk/vwAlnfUS84E2NXG/i5NULoa3NQI7c98Vj9TRh57a99o/r7xW2MXKM= Received: from DM6PR11MB2793.namprd11.prod.outlook.com (2603:10b6:5:c0::29) by DM5PR11MB1321.namprd11.prod.outlook.com (2603:10b6:3:9::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.11; Thu, 21 Jan 2021 00:42:09 +0000 Received: from DM6PR11MB2793.namprd11.prod.outlook.com ([fe80::19ca:d5c5:d1d4:a22f]) by DM6PR11MB2793.namprd11.prod.outlook.com ([fe80::19ca:d5c5:d1d4:a22f%6]) with mapi id 15.20.3763.014; Thu, 21 Jan 2021 00:42:09 +0000 From: "Ma, Maurice" To: Patrick Rudolph , "devel@edk2.groups.io" CC: "Dong, Guo" , "You, Benjamin" Subject: Re: [PATCH] UefiPayloadPkg: Add RNG support Thread-Topic: [PATCH] UefiPayloadPkg: Add RNG support Thread-Index: AQHW70Q5b0a2sAJn9UedyAxiO/tzUaoxPQFg Date: Thu, 21 Jan 2021 00:42:08 +0000 Message-ID: References: <20210120155203.3342035-1-patrick.rudolph@9elements.com> In-Reply-To: <20210120155203.3342035-1-patrick.rudolph@9elements.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.5.1.3 dlp-reaction: no-action authentication-results: 9elements.com; dkim=none (message not signed) header.d=none;9elements.com; dmarc=none action=none header.from=intel.com; x-originating-ip: [104.153.200.60] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: b8cb3652-b5b6-43ed-2409-08d8bda56267 x-ms-traffictypediagnostic: DM5PR11MB1321: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: ASpuwpYA/+ZKKLH4fo+T+Pq/tsSBc1+GvMA4QX4WxjJHJAFogYkPXHEr9NkGpgwFA0bTE/JXj5ysdgTeXuwzlxyHJqi5jXfB6W9c6DpkWf04KlVbIiw1rEwPiUDPmUabnrubPWWynKqV3Se0lB6ODHw2WrIsnl5mB+jU9xr/XNCnytlAZTvSZ4XsvTPy9MLXklZKiYFgQ3gs2nWuTUWcIq7LEU9j3xGsKegu6fuUsNWCd5js56EqrYXvCJehySOszLaQ7lx7is9sUVZmN7koMfYlX/dg4LuKRlFy31Xsyi+Pz4WrIdlQTh5G4GBIfJUhpfc4yao7D4kKOP98XL152J/HJ+pZOhNDgS8ngMCJ9YmBCCA/w88M8syLHRyUr+LEK9GC+TnVsos+aeUdNkVq/3CjBXPeSPPtfxbQhTOH5qQuva3GCwDkayYZTYGhLzeRe2+qzuMH62TVFEEhtvqO7WZ/i7LIxezq3VTjKDwpZyPzIdcDvBK3pu2Y6IEEo4F57ORCXsDoKEwna9piJLyIiw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR11MB2793.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39860400002)(396003)(366004)(376002)(346002)(136003)(66556008)(8676002)(54906003)(4326008)(26005)(53546011)(76116006)(8936002)(2906002)(83380400001)(107886003)(64756008)(33656002)(478600001)(86362001)(66446008)(7696005)(66946007)(66476007)(110136005)(55016002)(9686003)(71200400001)(186003)(52536014)(316002)(6506007)(5660300002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: =?us-ascii?Q?vxcu6Q49cWpF7+nBv3WdAlLgPswlfF9QNTxXfp8ZDg9fK4flwrPkPZALPlSB?= =?us-ascii?Q?tT7stfnMvpPuLxI7Bag6BnuH0aOOZx5it62+EjS8tzQ0OkfxGhoCASuEQQIG?= =?us-ascii?Q?A6L5yUR53tdeZclm40+EgnBbe3VnwXJ1uf3y1i1zFWDr7rpI7IHOyDqfoDPK?= =?us-ascii?Q?ZDln9yHwEPvtOFKbQm8wUliIcV0QP/C0UgSghtuK5k12NiYHdJZyw3Ruais/?= =?us-ascii?Q?yef40FfxT0JwotTJ7rNDAXoduapT2NR0YprVbX/8qhCJAmBrY5qZHFx5G0Cm?= =?us-ascii?Q?n32WpWdZpQLHz5dSY0ZqIxED5xuhYJkI3n6BuL7jbSZh3L90woYxaB29wJ8A?= =?us-ascii?Q?GTXSO4z2cPt377pzCyzrmEAxUM5L785BPq96FpAIZfjA/h7sW9uyHVsPUedX?= =?us-ascii?Q?sg9SjBzqWKg3p/U3Az1o0o/vUOK8TpMN5UxfWiEo05N8vnDx1F2Ngv5dzmBa?= =?us-ascii?Q?HKsPqlnwa7LMeL3SH2xEk3OFpb5FFwj9JEn+nqBO/evDQwTKoKzDu4sOOSIC?= =?us-ascii?Q?zshW3UNhVKBacBLWBf4r2OyLtyd9VxzOml2uRHsZJizGgiOLNekj3wvdukbO?= =?us-ascii?Q?YNLMs+0jCz3AwOjGNu14Tjv7fkISPFMu9j96yctmYbBOP2oOgy+JJEgOmcVz?= =?us-ascii?Q?Jskg3EapLBYxyaQNc8yo5+Eeu3ErdAFDSUHqcH57P64HCuLwKvwbb84jJzB3?= =?us-ascii?Q?yEJkLJYjRlOGB1OWbYjj84S/9EaOYKgM9ByQUAU9CnKJEhE6hJRker74EYhj?= =?us-ascii?Q?M/PWXlY5rv/HBn2jkv12zEBvvt6ah6HY+hHetixyDn0cmcQEovOLgckLXYuy?= =?us-ascii?Q?CMh/OMN3C4KXDbeEeAPEv1b4jxWN6g3bcUDT0j7+07QKjbYXq9jeNntcUmfj?= =?us-ascii?Q?YRpd0uh0TvBNCGgdHg+cES2L0lgydnKf4vnhgeOd9+tuJ0pqx7FP6xYSRFMo?= =?us-ascii?Q?RICny1ZoOwdgt0Ao405b3+FWruRiMtqkI597wpTF2BM=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB2793.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: b8cb3652-b5b6-43ed-2409-08d8bda56267 X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Jan 2021 00:42:09.0135 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: ONuoXqp4itH26K99pQioaXv1AWR+LXSLXIGD15ueQYKlaawhcOoDBZaUJPx7H1/Zf4rqhColYVWKeytHLGkxbw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR11MB1321 Return-Path: maurice.ma@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi, Patrick There is a BaseRngLib in MdePkg package already. I am wondering why a new = instance was created under UefiPayloadPkg in the patch. Could we just reuse the same library in MdePkg? =20 If not, what is the reason? Can we try to enhance the library in MdePkg t= o address it if required? Thanks Maurice > -----Original Message----- > From: Patrick Rudolph > Sent: Wednesday, January 20, 2021 7:52 > To: devel@edk2.groups.io > Cc: Ma, Maurice ; Dong, Guo ; > You, Benjamin > Subject: [PATCH] UefiPayloadPkg: Add RNG support >=20 > Uses the RDRAND instruction if available and install EfiRngProtocol. > The protocol may be used by iPXE or the Linux kernel to gather entropy. >=20 > Signed-off-by: Patrick Rudolph > --- > UefiPayloadPkg/Library/BaseRngLib/BaseRng.c | 199 > ++++++++++++++++++++ > UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf | 32 ++++ > UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.uni | 17 ++ > UefiPayloadPkg/UefiPayloadPkg.dsc | 8 + > UefiPayloadPkg/UefiPayloadPkg.fdf | 4 + > 5 files changed, 260 insertions(+) >=20 > diff --git a/UefiPayloadPkg/Library/BaseRngLib/BaseRng.c > b/UefiPayloadPkg/Library/BaseRngLib/BaseRng.c > new file mode 100644 > index 0000000000..1fe9e1dbe0 > --- /dev/null > +++ b/UefiPayloadPkg/Library/BaseRngLib/BaseRng.c > @@ -0,0 +1,199 @@ > +/** @file+ Random number generator services that uses RdRand instructio= n > access+ to provide high-quality random numbers.++Copyright (c) 2015, Int= el > Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clau= se- > Patent++**/++#include +#include > +#include ++STATIC BOOLEAN > mHasRdRand;++//+// Bit mask used to determine if RdRand instruction is > supported.+//+#define RDRAND_MASK BIT30++//+// Limited r= etry > number when valid random data is returned.+// Uses the recommended value > defined in Section 7.3.17 of "Intel 64 and IA-32+// Architectures Softwar= e > Developer's Mannual".+//+#define RDRAND_RETRY_LIMIT 10++/**+ T= he > constructor function checks whether or not RDRAND instruction is supporte= d+ > by the host hardware.++ The constructor function checks whether or not > RDRAND instruction is supported.+ It will always return RETURN_SUCCESS.+= + > @retval RETURN_SUCCESS The constructor always returns > EFI_SUCCESS.++**/+RETURN_STATUS+EFIAPI+BaseRngLibConstructor (+ > VOID+ )+{+ UINT32 RegEax;+ UINT32 RegEcx;++ AsmCpuid > (CPUID_SIGNATURE, &RegEax, NULL, NULL, NULL);+ if (RegEax < 1) {+ > mHasRdRand =3D FALSE;+ return RETURN_SUCCESS;+ }++ //+ // Determine > RDRAND support by examining bit 30 of the ECX register returned by+ // C= PUID. > A value of 1 indicates that processor support RDRAND instruction.+ //+ > AsmCpuid (CPUID_VERSION_INFO, 0, 0, &RegEcx, 0);++ mHasRdRand =3D > ((RegEcx & RDRAND_MASK) =3D=3D RDRAND_MASK);++ return > RETURN_SUCCESS;+}++/**+ Generates a 16-bit random number.++ if Rand is > NULL, then ASSERT().++ @param[out] Rand Buffer pointer to store the = 16-bit > random value.++ @retval TRUE Random number generated successfull= y.+ > @retval FALSE Failed to generate the random > number.++**/+BOOLEAN+EFIAPI+GetRandomNumber16 (+ OUT UINT16 > *Rand+ )+{+ UINT32 Index;++ ASSERT (Rand !=3D NULL);++ if (mHasRdRan= d) {+ > //+ // A loop to fetch a 16 bit random value with a retry count limit.= + //+ > for (Index =3D 0; Index < RDRAND_RETRY_LIMIT; Index++) {+ if (AsmRdR= and16 > (Rand)) {+ return TRUE;+ }+ }+ }++ return FALSE;+}++/**+= Generates a > 32-bit random number.++ if Rand is NULL, then ASSERT().++ @param[out] > Rand Buffer pointer to store the 32-bit random value.++ @retval TRUE > Random number generated successfully.+ @retval FALSE Failed to ge= nerate > the random number.++**/+BOOLEAN+EFIAPI+GetRandomNumber32 (+ OUT > UINT32 *Rand+ )+{+ UINT32 Index;++ ASSERT (Rand != =3D NULL);++ if > (mHasRdRand) {+ //+ // A loop to fetch a 32 bit random value with a= retry > count limit.+ //+ for (Index =3D 0; Index < RDRAND_RETRY_LIMIT; Ind= ex++) {+ > if (AsmRdRand32 (Rand)) {+ return TRUE;+ }+ }+ }++ retur= n > FALSE;+}++/**+ Generates a 64-bit random number.++ if Rand is NULL, the= n > ASSERT().++ @param[out] Rand Buffer pointer to store the 64-bit rand= om > value.++ @retval TRUE Random number generated successfully.+ @r= etval > FALSE Failed to generate the random > number.++**/+BOOLEAN+EFIAPI+GetRandomNumber64 (+ OUT UINT64 > *Rand+ )+{+ UINT32 Index;++ ASSERT (Rand !=3D NULL);++ if (mHasRdRan= d) {+ > //+ // A loop to fetch a 64 bit random value with a retry count limit.= + //+ > for (Index =3D 0; Index < RDRAND_RETRY_LIMIT; Index++) {+ if (AsmRdR= and64 > (Rand)) {+ return TRUE;+ }+ }+ }++ return FALSE;+}++/**+= Generates a > 128-bit random number.++ if Rand is NULL, then ASSERT().++ @param[out] > Rand Buffer pointer to store the 128-bit random value.++ @retval TRU= E > Random number generated successfully.+ @retval FALSE Failed to ge= nerate > the random number.++**/+BOOLEAN+EFIAPI+GetRandomNumber128 (+ OUT > UINT64 *Rand+ )+{+ ASSERT (Rand !=3D NULL);++ //+ = // Read first 64 > bits+ //+ if (!GetRandomNumber64 (Rand)) {+ return FALSE;+ }++ //+= // > Read second 64 bits+ //+ return GetRandomNumber64 (++Rand);+}diff --git > a/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf > b/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf > new file mode 100644 > index 0000000000..67a91ccfff > --- /dev/null > +++ b/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf > @@ -0,0 +1,32 @@ > +## @file+# Instance of RNG (Random Number Generator) Library.+#+# > Copyright (c) 2020 9elements Agency GmbH.
+#+# SPDX-License-Identifie= r: > BSD-2-Clause-Patent+#+##++[Defines]+ INF_VERSION =3D > 0x00010005+ BASE_NAME =3D BaseRngLib+ MODULE_UNI_F= ILE > =3D BaseRngLib.uni+ FILE_GUID =3D 05C48431-DE18-455= 0-931A- > 3350E8551498+ MODULE_TYPE =3D BASE+ VERSION_STRING > =3D 1.0+ LIBRARY_CLASS =3D RngLib+ CONSTRUCTOR = =3D > BaseRngLibConstructor++#+# VALID_ARCHITECTURES =3D IA32 > X64+#++[Sources.Ia32, Sources.X64]+ BaseRng.c++[Packages]+ > MdePkg/MdePkg.dec++[LibraryClasses]+ BaseLib+ DebugLibdiff --git > a/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.uni > b/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.uni > new file mode 100644 > index 0000000000..f3ed954c52 > --- /dev/null > +++ b/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.uni > @@ -0,0 +1,17 @@ > +// /** @file+// Instance of RNG (Random Number Generator) Library.+//+// > BaseRng Library that uses CPU RdRand instruction access to provide+// hig= h- > quality random numbers.+//+// Copyright (c) 2015, Intel Corporation. All = rights > reserved.
+//+// SPDX-License-Identifier: BSD-2-Clause-Patent+//+// > **/+++#string STR_MODULE_ABSTRACT #language en-US "Instance o= f > RNG Library"++#string STR_MODULE_DESCRIPTION #language en-US > "BaseRng Library that uses CPU RdRand instruction access to provide high- > quality random numbers"+diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc > b/UefiPayloadPkg/UefiPayloadPkg.dsc > index ae62a9c4d6..78a475ea02 100644 > --- a/UefiPayloadPkg/UefiPayloadPkg.dsc > +++ b/UefiPayloadPkg/UefiPayloadPkg.dsc > @@ -494,6 +494,14 @@ > !endif UefiPayloadPkg/GraphicsOutputDxe/GraphicsOutputDxe.inf + #+ # > Random Number Generator+ #+ > SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf {+ > + > RngLib|UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf+ }+ #---------= -------- > ------------- # Build the shell #------------------------------diff = --git > a/UefiPayloadPkg/UefiPayloadPkg.fdf b/UefiPayloadPkg/UefiPayloadPkg.fdf > index a97ace7395..57c06c8621 100644 > --- a/UefiPayloadPkg/UefiPayloadPkg.fdf > +++ b/UefiPayloadPkg/UefiPayloadPkg.fdf > @@ -169,6 +169,10 @@ INF > MdeModulePkg/Bus/Usb/UsbBusDxe/UsbBusDxe.inf > INF MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf INF > MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf +#+# > Random Number Generator+#+INF > SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf # # Shell-- > 2.26.2