From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mx.groups.io with SMTP id smtpd.web10.32931.1683639971307674451 for ; Tue, 09 May 2023 06:46:11 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=IqEbB32I; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1683639971; x=1715175971; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=7qdy2ZHKc5P4ecj2a0i1sIr7tqxhD8w8clTfInY5zvw=; b=IqEbB32I7ELqZRtqwZuH8RodYSM6vnhsR9LEXjvTBvOw9my0wlC0hWwS TDGzL5b6BYmUN5EmeMT+ML3DJvJ9ojR+0jQJ3KAja91DN/EyJPT5JPakd yIBUh8aDzjz+bzKQVzCXXYKX7hz0QxwJWNU0cZyxReQD40RHWduk8bB+c g04CwJ/sKqiLYTsUFXjKyFCaZk9Pp5fvWMKj0Lgu92RrSXxmWtI4nhwwA OB5Aci8kO/OzLBustNaz5xSHZMP+aqblRQyIpxFvClqffNQoi7zZKHXGV N7TjP3d5HiZBJHiZefNO+gOtFk96fVuvIjtAdO+IviQp/fSaBWyfczPh6 g==; X-IronPort-AV: E=McAfee;i="6600,9927,10705"; a="436245333" X-IronPort-AV: E=Sophos;i="5.99,262,1677571200"; d="scan'208";a="436245333" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 May 2023 06:45:57 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10705"; a="693000375" X-IronPort-AV: E=Sophos;i="5.99,262,1677571200"; d="scan'208";a="693000375" Received: from orsmsx603.amr.corp.intel.com ([10.22.229.16]) by orsmga007.jf.intel.com with ESMTP; 09 May 2023 06:45:57 -0700 Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by ORSMSX603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Tue, 9 May 2023 06:45:56 -0700 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Tue, 9 May 2023 06:45:56 -0700 Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23 via Frontend Transport; Tue, 9 May 2023 06:45:56 -0700 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (104.47.55.100) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.23; Tue, 9 May 2023 06:45:56 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OufYT9KCCfFDEFjOhptpv+AN07h261tPrq2fWS6X5s/E9rwJ0/t2MYT4oPpNX+jZAgZUThU4RoBRbsnGHgh+OCwkr6iOP3Mcthy7Lmn5fnYRrUEl0eIW0/EsGs6usu+Rm8DGzQExqiYNZaMNIfJwzYSwrWRhP7fHkHhJuiA0qvTVVC+bDZ+zIN8Xcyn4iGB4ZQZOM7qAZGcoOVJw4yWUu3WSOF0nwezEdgSG5GIvRAtNHc5Z1Uhxcu5mh7fk8fQmAl7NGjmbQSGOQLdT8LcBGuZu5lD0bUVN2JwKb4bhk/QXzhl04qQOnRc5r9sMHso4ScdHDDwS/OI7j2nvUO3IFA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=APsxebnKG1TYJZpsCUxvsTnuFc6J8k0H9kZX8fkMbBQ=; b=fwzN3fJb0gKHEAP3cbBzA3likXadRlwhsOOf/gUMy8iHyfzfqxHchQRYdrYjUvdY2dxF0u7MP/y9DUrEZgNx4TfA4B59bT7jMKL+yYWMkG376NkP+YriOpHZSTYi3cO0w+XYc0vWTOA9eZSy0ajBUtP1uvPzAxE070HIQFPGdj5DE35FZuxGf8h7S2ECNGLbBetEmmLBjIFtF+/Jmcs4WizvhnAXz7WLmjz8FNLPrr9YNY0+iRTby1uzaqwagJH/GpY7rR1zmonoJdu2xW6DPD6iAajT/mEiXv/t2SPQjOaAAjjHs7mDU2uv5X0skQpsuvuTOPZbsl0phhDBzns/oQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by PH0PR11MB7424.namprd11.prod.outlook.com (2603:10b6:510:287::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6363.32; Tue, 9 May 2023 13:45:53 +0000 Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::48e9:aeb0:c365:388]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::48e9:aeb0:c365:388%6]) with mapi id 15.20.6363.033; Tue, 9 May 2023 13:45:53 +0000 From: "Yao, Jiewen" To: "pierre.gondois@arm.com" , "devel@edk2.groups.io" CC: "Kinney, Michael D" , "Gao, Liming" , "Liu, Zhiguang" , "Wang, Jian J" , Ard Biesheuvel , Sami Mujawar , Jose Marinho , Samer El-Haj-Mahmoud Subject: Re: [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng algorithms Thread-Topic: [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng algorithms Thread-Index: AQHZgkndhCQSt6OGaUCKYw7EK6+uha9R9HRg Date: Tue, 9 May 2023 13:45:52 +0000 Message-ID: References: <20230509074042.1523428-1-pierre.gondois@arm.com> <20230509074042.1523428-5-pierre.gondois@arm.com> In-Reply-To: <20230509074042.1523428-5-pierre.gondois@arm.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MW4PR11MB5872:EE_|PH0PR11MB7424:EE_ x-ms-office365-filtering-correlation-id: e62e168b-0ecb-4ef5-257a-08db5093b502 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: eCcGk05dNj9cbNFGjoAL4T6vJLxjwEXjYv73Mhs9eN46x8tGDKBVMn3LLjuFuraHcU6CS6WQ46jyOkawC+S8qpMMswHuzsTJ1eqwM40ezrAgEf5LARYiV20t6IIiMedvZnP8g37vXr2RTrOGlCyIqan8tu4w1Ik0VvzZDpoB1VGq4UOS1rk98he/6bwUDFx2cR2u0Nx+E7M85Cc2i9sAkVC3CdcxGfORYajDajCjNghckTW98WLzkwcR363TkJLSn2GJCGrCZWaloNK9GmD4+rfqIYWswSUdaxnqk6zk8+jGWQkqvRiCF1I386XcJTSfDlKVU9K4XdWw8icK/8rreLMtf9o+AdSWrtTU8Oe7VrztVp4Wea6AWH8AyLNy23GTfZR8Is4cLmPHboa/bVie4MoLUP79GU0Fsy+AyqdDoeqmQl7EnfZN7ZDQYGh5/b8jLLMXxKEaOiwgzqeg3H9RZ5ogbcbr/1GhyCXwGJ67Lsn8VDWO0xn1TDpZnxgP5NTSoqcRPvOV1mrpPitrjne7Z51i8MUlwU/0zKpWkAZglJ+EWv83vC/acZS4n4mrKfHK4y6CKL/A+l8CWk9KvS8TuXl0UM8PpLt/GG7oUHxA/uU= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5872.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(136003)(346002)(39860400002)(366004)(376002)(396003)(451199021)(316002)(54906003)(110136005)(478600001)(52536014)(8676002)(8936002)(41300700001)(71200400001)(19627235002)(76116006)(2906002)(4326008)(66476007)(5660300002)(64756008)(66946007)(66446008)(66556008)(966005)(53546011)(9686003)(6506007)(26005)(186003)(82960400001)(7696005)(83380400001)(55016003)(38070700005)(33656002)(38100700002)(86362001)(122000001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?/0XvH3nYmK/Ahx0BOa/5IW/WaOZ9N9PBZO+AyWBBgkw9DivoCFAQubpB2Ywt?= =?us-ascii?Q?gvWDOFrJi8htbtI43C6aSIXjaE/puUtsyfdqdK1xRb+KUxp0oTZhWGx++T3l?= =?us-ascii?Q?1CilRSfeta9Dm/hcdyhQUQUgf+cNhwCOJN+TPQdhk0hvrtpXlXr5Zh86O11r?= =?us-ascii?Q?B73g189d/8adsBqthQQp6Zd4MZujpBkO0bFcxXpkR2IxIv/r9Q7A7iqAQOl5?= =?us-ascii?Q?iCcQuiIsnrhBrFwbBcDkV36qJTEy+u1ZHRdAzJp8WGMTBfTmnw47hD5IxLx9?= =?us-ascii?Q?33BWST+nGkO9Qp8P4DuauLL0VNpjbSIXlLJrNwh+wBVrDLy+SBF30tY89Jr9?= =?us-ascii?Q?AkB1CXVrq0PzZ/FQtm8z/dN5sXPjDNRB3C41MZdqNBkjBrmGX8Vv3mzhicrn?= =?us-ascii?Q?21VRxTiqkn9cGjEW6PPi6466grRwT9i/PMMCDVvmSlFIjb2FcRRqJ3q0twZ1?= =?us-ascii?Q?Xli5e1Sn6PGHcUjSYuzres9H5IMZk0ejjGkaDZ4M+hYkWMy4s8r8VEjgHfTN?= =?us-ascii?Q?3ommTTnHswJGgX/cFKSiiGydV5II4vIUkip0HBz/nMmTJm6D3tirTgFbeyE1?= =?us-ascii?Q?V62biOH+CE9fl74LHLIfFTPjrkPUn+KgwSfyf/tsO4FVdUdWclhh0vNZvh3A?= =?us-ascii?Q?4zUoeeTbTJsZUAdbHkg9vR6F47MZs2MGS4n3WQhNTDkyWIE5wccbb9HI0jhE?= =?us-ascii?Q?REMaMwJpeP3DBBqT+D1HMFyj6z/NtNDgrz/CC+75P7xMskAexYKi3CwhEUQI?= =?us-ascii?Q?D2MALsyDuf0TldgjARbNJdP6vGJB1lHa54UoDFT7wyN8akJXWFyuyKPEDrbc?= =?us-ascii?Q?KaAeOMDgbbbjF8uGmzhDC/e7Gub+EvPWPtU5mD5qekEpgj0pkgkDhsIuo/Ar?= =?us-ascii?Q?8nYV7dNkBaWRsJM7xRQYFrdfPeBqGLb90Pe7PX4MwEkkD2jY88TM2CIQWApq?= =?us-ascii?Q?IMZ1NqjpM3bmAlszWAnMC4fuDnSrTAiayORtxdy1F//G19RNmpx+qDiVq/vs?= =?us-ascii?Q?S++q/EBJ9wVHcuJ/EB5d4+zvouPj4Dd4pDo4RLJGRRTmvgFv0MNzwVSAjKhL?= =?us-ascii?Q?DGspKtqDrDwCESh3/OrQ3S4POdH5tq+kwlr9FGnZknjmXGczU4wuOaOB0jBS?= =?us-ascii?Q?pddT+WTLcA28k5Bg3H+OK4qtQsTo295yalBt9Dj2b7TQmTo9q9Nu+iJaXKk7?= =?us-ascii?Q?MsxchymZlQeOSwdQQQ39+SDFyuNxkthw7Ex7NbbmwXuiWEB96I8GRGoMUp4Z?= =?us-ascii?Q?zO4YHcqMPoD6FZQ3a8krEavI/blS3jneigXeQPeQ8RebADyi2xlsil5NJZrU?= =?us-ascii?Q?dkILd1YJXNfRE+XBGybIY3RDwGSASywgGZN2JSvf3ijULQJjrthof4Q8XZFr?= =?us-ascii?Q?0JjKQtVU6cuGT4njAng/xRi4jD5VtAMEAme8y8RO13lSmQUcI/09AyhvyvqT?= =?us-ascii?Q?vt1dyyDUX4JNpGxSnlatQof5EJ5OUV0xezaZLotYXN3gPJyBJmaFtz5nZE1+?= =?us-ascii?Q?CT5YPWVn4cYaOHuBBU3MsPng7+TcqcU6pO2Y6c2zvBlFqj/QqqZJdtpCMLGT?= =?us-ascii?Q?9mUBiCBLT8NqnWy8zq3gjMOar/f5hcWt56biPj0i?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: e62e168b-0ecb-4ef5-257a-08db5093b502 X-MS-Exchange-CrossTenant-originalarrivaltime: 09 May 2023 13:45:53.0143 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: vAZRVixUi2OnJtw4C4LVrf3q3Agai4n55SRMFQQgRlo+un8u1q5lAdVyx5WgEtxonoWGuBNyRxjRqB+M5gFXfQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB7424 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Is this defined in UEFI spec? or approved in future UEFI spec? > -----Original Message----- > From: pierre.gondois@arm.com > Sent: Tuesday, May 9, 2023 3:41 PM > To: devel@edk2.groups.io > Cc: Kinney, Michael D ; Gao, Liming > ; Liu, Zhiguang ; Yao, > Jiewen ; Wang, Jian J ; Ard > Biesheuvel ; Sami Mujawar > ; Jose Marinho ; > Samer El-Haj-Mahmoud > Subject: [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng algorithms >=20 > From: Pierre Gondois >=20 > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4441 >=20 > The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has multiple > implementations, some of them are unsafe (e.g. BaseRngLibTimerLib). > To allow the RngDxe to detect when such implementation is used, > a GetRngGuid() function is added in a following patch. >=20 > Prepare GetRngGuid() return values and add GUIDs describing > Rng algorithms: > - gEfiRngAlgorithmArmRndr > to describe a Rng algorithm accessed through Arm's RNDR instruction. > [1] states that the implementation of this algorithm should be > compliant to NIST SP900-80. The compliance is not guaranteed. > - gEfiRngAlgorithmUnSafe > to describe an unsafe implementation, cf. the BaseRngLibTimerLib. >=20 > [1] Arm Architecture Reference Manual Armv8, for A-profile architecture > sK12.1 'Properties of the generated random number' >=20 > Signed-off-by: Pierre Gondois > --- > MdePkg/Include/Protocol/Rng.h | 20 ++++++++++++++++++++ > MdePkg/MdePkg.dec | 2 ++ > 2 files changed, 22 insertions(+) >=20 > diff --git a/MdePkg/Include/Protocol/Rng.h > b/MdePkg/Include/Protocol/Rng.h > index baf425587b3c..dfdaf36e41dc 100644 > --- a/MdePkg/Include/Protocol/Rng.h > +++ b/MdePkg/Include/Protocol/Rng.h > @@ -67,6 +67,24 @@ typedef EFI_GUID EFI_RNG_ALGORITHM; > { \ > 0xe43176d7, 0xb6e8, 0x4827, {0xb7, 0x84, 0x7f, 0xfd, 0xc4, 0xb6, 0x8= 5, > 0x61 } \ > } > +/// > +/// The Arm Architecture states the RNDR that the DRBG algorithm should > be compliant > +/// with NIST SP800-90A, while not mandating a particular algorithm, so = as > to be > +/// inclusive of different geographies. > +/// > +#define EFI_RNG_ALGORITHM_ARM_RNDR \ > + { \ > + 0x43d2fde3, 0x9d4e, 0x4d79, {0x02, 0x96, 0xa8, 0x9b, 0xca, 0x78, 0x= 08, > 0x41} \ > + } > +/// > +/// The implementation of a Random Number Generator might be unsafe, > when using > +/// a dummy implementation for instance. Allow identifying such > implementation > +/// with this GUID. > +/// > +#define EFI_RNG_ALGORITHM_UNSAFE \ > + { \ > + 0x869f728c, 0x409d, 0x4ab4, {0xac, 0x03, 0x71, 0xd3, 0x09, 0xc1, 0xb= 3, > 0xf4 } \ > + } >=20 > /** > Returns information about the random number generation implementation. > @@ -146,5 +164,7 @@ extern EFI_GUID > gEfiRngAlgorithmSp80090Ctr256Guid; > extern EFI_GUID gEfiRngAlgorithmX9313DesGuid; > extern EFI_GUID gEfiRngAlgorithmX931AesGuid; > extern EFI_GUID gEfiRngAlgorithmRaw; > +extern EFI_GUID gEfiRngAlgorithmArmRndr; > +extern EFI_GUID gEfiRngAlgorithmUnSafe; >=20 > #endif > diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec > index 0ecfad5795e4..754085eaa55b 100644 > --- a/MdePkg/MdePkg.dec > +++ b/MdePkg/MdePkg.dec > @@ -633,6 +633,8 @@ [Guids] > gEfiRngAlgorithmX9313DesGuid =3D { 0x63c4785a, 0xca34, 0x4012, {= 0xa3, > 0xc8, 0x0b, 0x6a, 0x32, 0x4f, 0x55, 0x46 }} > gEfiRngAlgorithmX931AesGuid =3D { 0xacd03321, 0x777e, 0x4d3d, {= 0xb1, > 0xc8, 0x20, 0xcf, 0xd8, 0x88, 0x20, 0xc9 }} > gEfiRngAlgorithmRaw =3D { 0xe43176d7, 0xb6e8, 0x4827, {= 0xb7, > 0x84, 0x7f, 0xfd, 0xc4, 0xb6, 0x85, 0x61 }} > + gEfiRngAlgorithmArmRndr =3D { 0x43d2fde3, 0x9d4e, 0x4d79, {= 0x02, > 0x96, 0xa8, 0x9b, 0xca, 0x78, 0x08, 0x41 }} > + gEfiRngAlgorithmUnSafe =3D { 0x869f728c, 0x409d, 0x4ab4, {= 0xac, > 0x03, 0x71, 0xd3, 0x09, 0xc1, 0xb3, 0xf4 }} >=20 > ## Include/Protocol/AdapterInformation.h > gEfiAdapterInfoMediaStateGuid =3D { 0xD7C74207, 0xA831, 0x4A26, > {0xB1, 0xF5, 0xD1, 0x93, 0x06, 0x5C, 0xE8, 0xB6 }} > -- > 2.25.1