From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mx.groups.io with SMTP id smtpd.web10.33196.1683640557808828402 for ; Tue, 09 May 2023 06:55:57 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=nzBW7w7f; spf=pass (domain: intel.com, ip: 192.55.52.93, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1683640557; x=1715176557; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=fnzDFzKZV6M+gT23S1eVdB54OZF+LHChqg+N0/Ry04I=; b=nzBW7w7fhVKBg21zArl+oStpfd/KfT3i38zljScelIqaQQi4xehRwlYx CBBoxv15uURbkXwSQj7NsnQPtpIYhs2QS+acmeKN9wMPw+W1qd98PERJl 2xOSdNnXKiaX2h9wNr55Eq/hsnA3NQPXpczHFUNGFoGNJmB+WlukABJQK EOpznIKb5qzzNt0gxDdDZU54Nsejof/5JoG9UU3zn4Qn/O0E6p2OcUdNC Ufdj5Wwj2NeUbarF5moJwqW5St1xPeudY5hBhQL8/s94rT6lnoH4hzK3P fPdm3xchitzFE/5SXkbsiQBmc35hTJBC7NrBhNgMY8PROo0hVBHiv1rYH Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10705"; a="347393577" X-IronPort-AV: E=Sophos;i="5.99,262,1677571200"; d="scan'208";a="347393577" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 May 2023 06:55:57 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10705"; a="649336118" X-IronPort-AV: E=Sophos;i="5.99,262,1677571200"; d="scan'208";a="649336118" Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14]) by orsmga003.jf.intel.com with ESMTP; 09 May 2023 06:55:57 -0700 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Tue, 9 May 2023 06:55:56 -0700 Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23 via Frontend Transport; Tue, 9 May 2023 06:55:56 -0700 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (104.47.73.169) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.23; Tue, 9 May 2023 06:55:55 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Y51ZYba3SDnF506aj7duqKo6uEhMCppMK9SvzBuOmC6xWyhKzvApFTpdGh1MQdi3A4c/yB91gcOag5KBKjxCsecioBP5kObglRITEEYR5+ujwwvIqLmsVg/oy9u7c7vizn3eDO/WbFP1yf0RMe9j88nILfwK8m/kVNH0RMRyOu50Rby2OHTJeVxWuIU7qq7BgE8YnAvTOpSBDUzFi/7VsRww89sAaZvgNpIBn7yYpcMg3X9+UnEagt6btKtiBCmZc2YAbpLyeI0Ntnkvy3t+MUKUutAtgvws+jiatmFaIv3McMvQK6nJ49n+GPObrFK1m203qkqSD83211ikFrvY0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Z9OKRJ9nIdyKPayENguvW+Seq2B0ohD7a24UM0Vle8k=; b=RRooN9imbgEeIIHIuMNALEsnMwAQEqKvf1OQOMkq+45dJuVf15Ti0VlKt4GCf7J9y6eGxgjf+T+E2apRXNYfGNnW9EN/vAMv8ifAKW8ybVdEjbMPOe/qHpKhSdejDx8OF8JqeehArp8z/O/JLVSuzISfhJH3pOdd/Jzff30toXR337QMew/98c2KlNJJPFVVcfUSSbW8UXM6zMrC8afggP8Ks6z3/I1mlHiD2U2+C3ArFOyUHrAxhai6jG84FttPyJhvF4u+GwVEaRzUAomr+ugfPFdwnJcpOceGODMw75mP5VmmwnVmyO1ASgakDZvCyCrX1G+hbNpxuDWjYJ0t7Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by DS7PR11MB7859.namprd11.prod.outlook.com (2603:10b6:8:da::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6363.32; Tue, 9 May 2023 13:55:47 +0000 Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::48e9:aeb0:c365:388]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::48e9:aeb0:c365:388%6]) with mapi id 15.20.6363.033; Tue, 9 May 2023 13:55:47 +0000 From: "Yao, Jiewen" To: Samer El-Haj-Mahmoud , Pierre Gondois , "devel@edk2.groups.io" CC: "Kinney, Michael D" , "Gao, Liming" , "Liu, Zhiguang" , "Wang, Jian J" , Ard Biesheuvel , Sami Mujawar , Jose Marinho Subject: Re: [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng algorithms Thread-Topic: [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng algorithms Thread-Index: AQHZgkndhCQSt6OGaUCKYw7EK6+uha9R9HRggAABYgCAAAFU8A== Date: Tue, 9 May 2023 13:55:47 +0000 Message-ID: References: <20230509074042.1523428-1-pierre.gondois@arm.com> <20230509074042.1523428-5-pierre.gondois@arm.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MW4PR11MB5872:EE_|DS7PR11MB7859:EE_ x-ms-office365-filtering-correlation-id: 3d2947e3-5066-44df-f3d5-08db50951732 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 5wkbepRdpV1U1F6tQE79nyMAC3Nkr+BswV6l4oTqIjJfkAZyy5P7ArpqR1gopPDF2FLqzlTJEOzzD0HTaZk5hcHFlwcsHRWXyUfGUkhwYxk1Pu9qtcVerOPG40GBZbmPEntC9Ee41S1qdT7e3urTAWHZS4HfCOFa1sR4BKEInUXop+r8mnbJ7jb81K+ybHfiAqvxl49HUwhkM0bs4tlEuHzGqZoa74vFlVmqiJhXUZYw5TfrAFX3lh4aoVo2EPUFFY9nvP1T0zCPuGAFPyRjuboYwRLQdajwdGAYdJI32wXDjsDFSLgot+UiSEZyfjmAzMOhj3cXcDerwlLSeaHHirbSBo15SqdTuaC9E8N/zuEyme8j0/KwteDKn8PHxjT7iaBa6/sfCgVdjZV7Nx5+B79suwn8V5ILGa6cU6kU2vlnShiO486gWVvjP4G4+IlUDrPAeEmRrLHaMwuAibXkg8EFR4VHi4dp1gjHQuGpXLf2kp+4yJxhTFROchbYD7F8+p3Z0ZEDA89ucocTJpkH7/C7FaizqIvevxoz/js5Z8INs2earZdpoRvMSd7nyPI0nL9OlcxHNOwkf6p8kXvA/QbP1i6q2HaQ5nPVx9TZBxY= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5872.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(366004)(39860400002)(346002)(376002)(136003)(396003)(451199021)(53546011)(6506007)(26005)(9686003)(86362001)(478600001)(186003)(83380400001)(71200400001)(966005)(2906002)(38070700005)(7696005)(82960400001)(55016003)(33656002)(5660300002)(110136005)(52536014)(8936002)(54906003)(8676002)(122000001)(64756008)(38100700002)(66556008)(4326008)(19627235002)(66476007)(66446008)(41300700001)(316002)(76116006)(66946007);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?9w/aW/9RZI+j/v6eomUjA0Zeet+82nOc4iB8mIN2IwYPr9htzEkPMCd/84BI?= =?us-ascii?Q?n0GuNGVRGz15D9JCR97oeEhp9JGQ+NNQxwtJ99TvTvL+RQk7ZkYPE8fQg0Ef?= =?us-ascii?Q?nwnW1L3Y7t+HRQxhPCcG7g4rHD/weO6NK3Oou4ryI4glpdNWJ3tb2BJ1eNQ4?= =?us-ascii?Q?xUsMAoaz1132L/9soafYvsShIFIQwM5psDLAdY60n5OsINHpXOEZzCQ+uRXR?= =?us-ascii?Q?zvEy1WdzfTL2cC1ZI7QbVt5ufudriR2C1s0NbytlBzChGrUrJXIC/b/vq3JR?= =?us-ascii?Q?kUcEExFtTQVwFPcbfRdik9cFAHjUfd0fnJMgV6CYLqxbzqHUO7JTowB2yH1i?= =?us-ascii?Q?LZIcn5j4Il8BSLXO451MzR3BTNo4soWkR0Q/dxoqYXYXoXdZIIrKuPeZuROw?= =?us-ascii?Q?U6CCFkTxQVXNwAQaEQ1Ye8pnKomJ2bTLfa6fRUXldEHKayuVhC0WJacCzOr+?= =?us-ascii?Q?jO2IvNrKETzL+cReNAFF39uz+XsTTbB3Y0vpsGiJfY+ABrz/XkX67jcE6X8f?= =?us-ascii?Q?Np6CQVkIBV5E8XuDOyzR1d0DWA4AAqS2hdFHqHokcaCP3sBGuXFvN00VoXBJ?= =?us-ascii?Q?G53RcbPsiFYh3UqdBUcnKGH6RluCDmocmUdIz6ewLlRYGQ+vn1kdJq68BFt2?= =?us-ascii?Q?hAul2rSoTNVpeaFqMkeTirYI9tZw/GV/yNXEcc9G08UC16h1dr/5Dsl+06dP?= =?us-ascii?Q?7fXJyF3PqF4d8E+0reQsgykR3TRoExVXVbej73oqVNzrt5PtsBkIGDMb5uzL?= =?us-ascii?Q?WLivWAMP+PladiPptkNcKfYRQgAMu4eIxn6IeMIB3JA9ufIYkuQNbIKEMsNB?= =?us-ascii?Q?7KWzcXoA7Og5Sn9BlWNF9vNXfT9xF08ER2ZNL3LRZG2V8S3VW9rNcF74PbiB?= =?us-ascii?Q?OAgTBEqIxYr+vAfzs/5veyIGQi8m2kfF/3efKYQFcpJg+SFpecZsWx50StrH?= =?us-ascii?Q?yuSFXGuWbVzgzLg6hWdMN6e2uXTmr2LFJ/dLhRg4gi6Rize8JC7NrtGhgQ1G?= =?us-ascii?Q?V6Bn4RITy1dlY3guWAnqIoTBQMh8T7NPkswnzlEEzWQbFuRiYbOfSn5OVZ7D?= =?us-ascii?Q?qU6ojTfRtSScgDtOWIijmbebg/UiQoZiEmX0FBl2ts85Zg4+x10LCNs/JVDP?= =?us-ascii?Q?QwDZib83ECFXlFPGJWfxuqEPfEpzuLVDwjL8BomOQBEJ2VPYE6fV7ju9Tqm3?= =?us-ascii?Q?cNCg9Qn1u6smPRgJ28lCDGSWMDrqlMac4OTBCpMNcKPrthPfpiNlx/HuNz0e?= =?us-ascii?Q?ciQJ1vt9udIfKVLOX0jbEjwmOSCEoCchKGwd0PMO+2FXBnr2KN29B751nO0D?= =?us-ascii?Q?DkCoWZqLA6NmCGHEzcc9QKVfTHnGx60P8h+vpPSToLI/cXFCfNTLq7It9lYe?= =?us-ascii?Q?FvhEI8YrESVQsIB07ZUJkqUalaJZg4PyGg/7W+pY8o6aKb3UzAoiktwhvUl+?= =?us-ascii?Q?+XtVNp0xBe6+NaYQf7LM33nTrxhtfdvGQhkxQSAO+6WPTsuaY4+s3Z6PWLsP?= =?us-ascii?Q?8NEUPDcNiWWugZNVM3cSMKHHdiAszyBVk64xZpIdp+URhHydgl1sXNgR+/i6?= =?us-ascii?Q?qQPd8R3V7rbYgy4j5QwescSRpA6Daku1zX7u6nlI?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3d2947e3-5066-44df-f3d5-08db50951732 X-MS-Exchange-CrossTenant-originalarrivaltime: 09 May 2023 13:55:47.2276 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: bg/unQktIBib0rz8fOGFlIsHeIex7cUMgpN9Zdap+i05czZ+VfrBE+H5/zeTquMsch7D9eW1rOR57VSk4OIdvA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR11MB7859 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Got it. Before that, I believe you can add the extension in MdeModulePkg or= SecurityPkg. > -----Original Message----- > From: Samer El-Haj-Mahmoud > Sent: Tuesday, May 9, 2023 9:50 PM > To: Yao, Jiewen ; Pierre Gondois > ; devel@edk2.groups.io > Cc: Kinney, Michael D ; Gao, Liming > ; Liu, Zhiguang ; > Wang, Jian J ; Ard Biesheuvel > ; Sami Mujawar ; > Jose Marinho ; Samer El-Haj-Mahmoud > > Subject: RE: [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng > algorithms >=20 > Hi Jiewen, >=20 > There is an open ECR for UEFI spec review: > https://bugzilla.tianocore.org/show_bug.cgi?id=3D4441. These patches can > wait on the list until the ECR is reviewed by UEFI Forum and the decision= is > documented in the BZ. If approved, then the code patches should be able t= o > proceed. >=20 > Thanks, > --Samer >=20 >=20 >=20 > > -----Original Message----- > > From: Yao, Jiewen > > Sent: Tuesday, May 9, 2023 9:46 AM > > To: Pierre Gondois ; devel@edk2.groups.io > > Cc: Kinney, Michael D ; Gao, Liming > > ; Liu, Zhiguang ; > Wang, > > Jian J ; Ard Biesheuvel > ; > > Sami Mujawar ; Jose Marinho > > ; Samer El-Haj-Mahmoud > Mahmoud@arm.com> > > Subject: RE: [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng > algorithms > > > > Is this defined in UEFI spec? or approved in future UEFI spec? > > > > > -----Original Message----- > > > From: pierre.gondois@arm.com > > > Sent: Tuesday, May 9, 2023 3:41 PM > > > To: devel@edk2.groups.io > > > Cc: Kinney, Michael D ; Gao, Liming > > > ; Liu, Zhiguang ; > Yao, > > > Jiewen ; Wang, Jian J ; > Ard > > > Biesheuvel ; Sami Mujawar > > > ; Jose Marinho ; > > > Samer El-Haj-Mahmoud > > > Subject: [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng > algorithms > > > > > > From: Pierre Gondois > > > > > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4441 > > > > > > The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has multiple > > > implementations, some of them are unsafe (e.g. BaseRngLibTimerLib). > > > To allow the RngDxe to detect when such implementation is used, > > > a GetRngGuid() function is added in a following patch. > > > > > > Prepare GetRngGuid() return values and add GUIDs describing > > > Rng algorithms: > > > - gEfiRngAlgorithmArmRndr > > > to describe a Rng algorithm accessed through Arm's RNDR instruction. > > > [1] states that the implementation of this algorithm should be > > > compliant to NIST SP900-80. The compliance is not guaranteed. > > > - gEfiRngAlgorithmUnSafe > > > to describe an unsafe implementation, cf. the BaseRngLibTimerLib. > > > > > > [1] Arm Architecture Reference Manual Armv8, for A-profile architectu= re > > > sK12.1 'Properties of the generated random number' > > > > > > Signed-off-by: Pierre Gondois > > > --- > > > MdePkg/Include/Protocol/Rng.h | 20 ++++++++++++++++++++ > > > MdePkg/MdePkg.dec | 2 ++ > > > 2 files changed, 22 insertions(+) > > > > > > diff --git a/MdePkg/Include/Protocol/Rng.h > > > b/MdePkg/Include/Protocol/Rng.h > > > index baf425587b3c..dfdaf36e41dc 100644 > > > --- a/MdePkg/Include/Protocol/Rng.h > > > +++ b/MdePkg/Include/Protocol/Rng.h > > > @@ -67,6 +67,24 @@ typedef EFI_GUID EFI_RNG_ALGORITHM; > > > { \ > > > 0xe43176d7, 0xb6e8, 0x4827, {0xb7, 0x84, 0x7f, 0xfd, 0xc4, 0xb6, > 0x85, > > > 0x61 } \ > > > } > > > +/// > > > +/// The Arm Architecture states the RNDR that the DRBG algorithm > should > > > be compliant > > > +/// with NIST SP800-90A, while not mandating a particular algorithm,= so > as > > > to be > > > +/// inclusive of different geographies. > > > +/// > > > +#define EFI_RNG_ALGORITHM_ARM_RNDR \ > > > + { \ > > > + 0x43d2fde3, 0x9d4e, 0x4d79, {0x02, 0x96, 0xa8, 0x9b, 0xca, 0x78= , > 0x08, > > > 0x41} \ > > > + } > > > +/// > > > +/// The implementation of a Random Number Generator might be > unsafe, > > > when using > > > +/// a dummy implementation for instance. Allow identifying such > > > implementation > > > +/// with this GUID. > > > +/// > > > +#define EFI_RNG_ALGORITHM_UNSAFE \ > > > + { \ > > > + 0x869f728c, 0x409d, 0x4ab4, {0xac, 0x03, 0x71, 0xd3, 0x09, 0xc1, > 0xb3, > > > 0xf4 } \ > > > + } > > > > > > /** > > > Returns information about the random number generation > implementation. > > > @@ -146,5 +164,7 @@ extern EFI_GUID > > > gEfiRngAlgorithmSp80090Ctr256Guid; > > > extern EFI_GUID gEfiRngAlgorithmX9313DesGuid; > > > extern EFI_GUID gEfiRngAlgorithmX931AesGuid; > > > extern EFI_GUID gEfiRngAlgorithmRaw; > > > +extern EFI_GUID gEfiRngAlgorithmArmRndr; > > > +extern EFI_GUID gEfiRngAlgorithmUnSafe; > > > > > > #endif > > > diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec > > > index 0ecfad5795e4..754085eaa55b 100644 > > > --- a/MdePkg/MdePkg.dec > > > +++ b/MdePkg/MdePkg.dec > > > @@ -633,6 +633,8 @@ [Guids] > > > gEfiRngAlgorithmX9313DesGuid =3D { 0x63c4785a, 0xca34, 0x401= 2, > {0xa3, > > > 0xc8, 0x0b, 0x6a, 0x32, 0x4f, 0x55, 0x46 }} > > > gEfiRngAlgorithmX931AesGuid =3D { 0xacd03321, 0x777e, 0x4d3= d, > {0xb1, > > > 0xc8, 0x20, 0xcf, 0xd8, 0x88, 0x20, 0xc9 }} > > > gEfiRngAlgorithmRaw =3D { 0xe43176d7, 0xb6e8, 0x482= 7, {0xb7, > > > 0x84, 0x7f, 0xfd, 0xc4, 0xb6, 0x85, 0x61 }} > > > + gEfiRngAlgorithmArmRndr =3D { 0x43d2fde3, 0x9d4e, 0x4d7= 9, > {0x02, > > > 0x96, 0xa8, 0x9b, 0xca, 0x78, 0x08, 0x41 }} > > > + gEfiRngAlgorithmUnSafe =3D { 0x869f728c, 0x409d, 0x4ab= 4, {0xac, > > > 0x03, 0x71, 0xd3, 0x09, 0xc1, 0xb3, 0xf4 }} > > > > > > ## Include/Protocol/AdapterInformation.h > > > gEfiAdapterInfoMediaStateGuid =3D { 0xD7C74207, 0xA831, 0x4A= 26, > > > {0xB1, 0xF5, 0xD1, 0x93, 0x06, 0x5C, 0xE8, 0xB6 }} > > > -- > > > 2.25.1 >=20 > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended reci= pient, > please notify the sender immediately and do not disclose the contents to = any > other person, use it for any purpose, or store or copy the information in= any > medium. Thank you.