From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from EUR05-DB8-obe.outbound.protection.outlook.com (EUR05-DB8-obe.outbound.protection.outlook.com [40.107.20.60]) by mx.groups.io with SMTP id smtpd.web11.33039.1683640245310052806 for ; Tue, 09 May 2023 06:50:45 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=y1fUEFVb; spf=pass (domain: arm.com, ip: 40.107.20.60, mailfrom: samer.el-haj-mahmoud@arm.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZqcPNMapaG9vXgaZ/Vq4gpsx7/Zg8PnH2mrgglLCCEA=; b=y1fUEFVb0M2CSbmjWCZjMH0lvqcooGzhXp6+hS2FlEKtjf1UV+4JtFmWrAvf8bBhaTtDEedVIrxcai2SIqoew8UrGcbjQdS1mUGv6W3u32XPzxpKzxoyxRBEoCNe8/45lfhh48gEkGIwdifdaUAu/lWg28Jm2T8xhEnRSqbkMkY= Received: from DB6PR0201CA0004.eurprd02.prod.outlook.com (2603:10a6:4:3f::14) by DB9PR08MB6745.eurprd08.prod.outlook.com (2603:10a6:10:2a2::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6363.33; Tue, 9 May 2023 13:50:36 +0000 Received: from DBAEUR03FT036.eop-EUR03.prod.protection.outlook.com (2603:10a6:4:3f:cafe::3b) by DB6PR0201CA0004.outlook.office365.com (2603:10a6:4:3f::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6363.33 via Frontend Transport; Tue, 9 May 2023 13:50:36 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DBAEUR03FT036.mail.protection.outlook.com (100.127.142.193) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6387.18 via Frontend Transport; Tue, 9 May 2023 13:50:36 +0000 Received: ("Tessian outbound 3a01b65b5aad:v136"); Tue, 09 May 2023 13:50:35 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 16d107c8cb88d2fa X-CR-MTA-TID: 64aa7808 Received: from 04da2c0399e9.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 17FFCE89-0A89-4B30-9E9C-68BF642C7691.1; Tue, 09 May 2023 13:50:28 +0000 Received: from EUR05-DB8-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 04da2c0399e9.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Tue, 09 May 2023 13:50:28 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=foeqNT/VtfvxsmX/bNtnFijeI/bF014qBk8EShfYiKb5vfcs9i9aE8CTuPbG5bu52I7FrS8sLwX90ic5KZS+mMFXHNl6kdTYZCvKRw6o/60D98JiDtgL9dUoLBqRz0ck6GAziXoyW/Dw3yoXg2urHCqpUNgt2egmfVPF4GA3o7HZ4e/el9Kh26ruOySHYvH/DT9vcNAFhTC7N0kIruoeO+QlNN8WBpnLCeKk2CCcZHfLva+GrIqleux/FVWYCb8LSjvrnyKeDCAy+voMDh2RcR9WnGmXeZ3CliHNCq5edXU8zXZoarnYV1SMkUde5CR/0bVfkXwguW+ovcZEj7xHvw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ZqcPNMapaG9vXgaZ/Vq4gpsx7/Zg8PnH2mrgglLCCEA=; b=TLa9oDvSXiQjtYG55s7KQRm1c0eD91vJbVdlgCrtmgZJAH1RWMgIzHUhYd4wX5ovZQTbNs/hTPGw7HM2ukZ9HuMMz9mVzm9fuxjYolILa9+YLBblnfqmZ7M7UuIEYLGbJ5MLJFv2FBOPPeOz7ltzyvmLForRPXyz6F6pw6gpK1CxhdLkN3gGpMaxbjVHWW/fAudUk4Q1orgiiO8VqLUdn+1f0KfAAqKXxJPyZBwhC/ApOnxuT936PmsfrWhOOPvnS7nsd6OG08AjIZNHyLRiHs9QZ9baxr3XZVkN+Jnk20ORo5ZGwBrgaU4V+ddY0I3EfGeN3GZBshViFJq9Z9hBPg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZqcPNMapaG9vXgaZ/Vq4gpsx7/Zg8PnH2mrgglLCCEA=; b=y1fUEFVb0M2CSbmjWCZjMH0lvqcooGzhXp6+hS2FlEKtjf1UV+4JtFmWrAvf8bBhaTtDEedVIrxcai2SIqoew8UrGcbjQdS1mUGv6W3u32XPzxpKzxoyxRBEoCNe8/45lfhh48gEkGIwdifdaUAu/lWg28Jm2T8xhEnRSqbkMkY= Received: from VI1PR08MB5312.eurprd08.prod.outlook.com (2603:10a6:803:139::24) by AM9PR08MB6211.eurprd08.prod.outlook.com (2603:10a6:20b:2de::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6363.33; Tue, 9 May 2023 13:50:26 +0000 Received: from VI1PR08MB5312.eurprd08.prod.outlook.com ([fe80::404b:caa4:2f3f:f0e9]) by VI1PR08MB5312.eurprd08.prod.outlook.com ([fe80::404b:caa4:2f3f:f0e9%3]) with mapi id 15.20.6363.032; Tue, 9 May 2023 13:50:26 +0000 From: "Samer El-Haj-Mahmoud" To: "Yao, Jiewen" , Pierre Gondois , "devel@edk2.groups.io" CC: "Kinney, Michael D" , "Gao, Liming" , "Liu, Zhiguang" , "Wang, Jian J" , Ard Biesheuvel , Sami Mujawar , Jose Marinho , Samer El-Haj-Mahmoud Subject: Re: [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng algorithms Thread-Topic: [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng algorithms Thread-Index: AQHZgknXX8W06LNkNkmXYPng1oZCSK9R9JAAgAAA48A= Date: Tue, 9 May 2023 13:50:26 +0000 Message-ID: References: <20230509074042.1523428-1-pierre.gondois@arm.com> <20230509074042.1523428-5-pierre.gondois@arm.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ts-tracking-id: 791D654EE764D54B9579D94682FFD22F.0 Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com; x-ms-traffictypediagnostic: VI1PR08MB5312:EE_|AM9PR08MB6211:EE_|DBAEUR03FT036:EE_|DB9PR08MB6745:EE_ X-MS-Office365-Filtering-Correlation-Id: 0d91695f-4c0f-43b5-8d35-08db50945dc0 x-checkrecipientrouted: true nodisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: mKv1JbD02FpyO94+Ss54/YJscdIFhBqynf53Rc+mHRmHgPCzpCivJU99NhwMqJO1lvEkirDD9XKKQJ74qFnkgzpDmvObQMLAkjWm/gTEZZckAxNlT5LVw8ziFjVMswqoROJyH7/vafgcrNgUYihXswFH5E1+cfYNCVPrsqYncjJrWmura9wrAvJ812nOG4A+y1ByCmod6KWjb0bHSc6nIfT7UcU3lJVtTxmZiy65Zwm5MsJhVMZe2K+fdOOkNWYfq9Fk5jyj1PFroDz+kuMa7EWBI0pb3PHV+0oXXkzcHUdMTrxGgPhnTAAi0qqXiX6EknNmcxc0dwesTB7Ss7ymADJczG2uPj167QnSCBmPZylJIwpO946G0GlWuyF9m3+O00vtLXPXsDzt8hRH5o6Tzot+j39dRO+Rn64FTQVtvQMSGYtOXDNAzxLa51Q0H1ix9D7kJ7BeVhq2Nwg7aKWJhExBFZUFDdvxYyJetn88J8dO0fjXY3431ZRFkl08DOovyabeamLJYQPAte1GJHQ/iy7zVl+xEpqHPp7ogMEJZ4ah4PwbMXJQlrGPMKSwchOEnaNAXrYYzU2b3s2Rzkj6kg+sXZ8eICG05jr/K5vgeyo= X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VI1PR08MB5312.eurprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(4636009)(366004)(39860400002)(136003)(396003)(376002)(346002)(451199021)(966005)(76116006)(66556008)(64756008)(478600001)(66446008)(66476007)(66946007)(7696005)(4326008)(19627235002)(316002)(54906003)(110136005)(86362001)(33656002)(71200400001)(83380400001)(6506007)(53546011)(26005)(9686003)(2906002)(5660300002)(8936002)(52536014)(8676002)(55016003)(41300700001)(38100700002)(122000001)(186003)(38070700005);DIR:OUT;SFP:1101; MIME-Version: 1.0 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR08MB6211 Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com; Return-Path: Samer.El-Haj-Mahmoud@arm.com X-EOPAttributedMessage: 0 X-MS-Exchange-Transport-CrossTenantHeadersStripped: DBAEUR03FT036.eop-EUR03.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: cd9117ad-df28-4a91-28e5-08db509457fc X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: F5PL15bYWSTrPIn7EkOWVWtoLgn0UqORFCBQfmBCbDmwuqjHMukcCTOsZ7QPCGTlKPQ8w3fLKB+TiZFknLM90MvzBS0PtFMqJzW5WVBCrvcOq/dc7xQrr8KFutRGGpgJosj27IauSLeT3Bj2ODq3FubVasxQ5/xhTvh67toBgKCabvZfFsu+u1q8UbhyD3dh3bhT5re0L2eXw0sZKThm9WBZvsMuxXsupxTwfroYhcUEKtMPPteI7o6SO3vyCUJqgVd+1eIjwUrZ9gbxH3XGt9+rdQSEPZnw1kAt7XR708sKrYSQFBNdCNhKd0I9ALqqFeVO2VxgSIKnLNtwD+YIdPSrhPzZC8ywi6wyTlDJPfwUhXMBbcQBNVB6atRHnRzBJViOUdYFklYnz30fgHVNDNB8ERjzlVSBYMq43+giAASvIZFNwMId7MfSoY02ljFav/Vy7jurxM+btRZOGmJVUFBY0djBAU2hTJWXw79PUaNH/v2s8vM4jTfutBIIhdFk4K/Zzl/+Z0FRaJbrX4RFUEDlkWc+AFRaWQqtSONRWW4k28ZvspfJE4sxwuQFWGDpjCUi7ZE5qqYLIkPmfJYwQ+itHKlBQalZXGbTDDem4dfNjRZrpVt85rLmeTFfFLMvnezRKAD9xxvLpwvpUk7gU5IJqlQBMU4JwfzuDipspTmvY+o4kRDTgI4jKeNotG7n X-Forefront-Antispam-Report: CIP:63.35.35.123;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:64aa7808-outbound-1.mta.getcheckrecipient.com;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;CAT:NONE;SFS:(13230028)(4636009)(39860400002)(346002)(376002)(396003)(136003)(451199021)(36840700001)(40470700004)(46966006)(7696005)(9686003)(26005)(53546011)(6506007)(966005)(83380400001)(336012)(55016003)(47076005)(36860700001)(33656002)(81166007)(86362001)(40480700001)(82310400005)(356005)(82740400003)(186003)(40460700003)(19627235002)(54906003)(110136005)(2906002)(4326008)(5660300002)(316002)(8676002)(8936002)(41300700001)(478600001)(70586007)(70206006)(52536014);DIR:OUT;SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 May 2023 13:50:36.1182 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0d91695f-4c0f-43b5-8d35-08db50945dc0 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: DBAEUR03FT036.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR08MB6745 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Jiewen, There is an open ECR for UEFI spec review: https://bugzilla.tianocore.org/s= how_bug.cgi?id=3D4441. These patches can wait on the list until the ECR is = reviewed by UEFI Forum and the decision is documented in the BZ. If approve= d, then the code patches should be able to proceed. Thanks, --Samer > -----Original Message----- > From: Yao, Jiewen > Sent: Tuesday, May 9, 2023 9:46 AM > To: Pierre Gondois ; devel@edk2.groups.io > Cc: Kinney, Michael D ; Gao, Liming > ; Liu, Zhiguang ; Wang, > Jian J ; Ard Biesheuvel ; > Sami Mujawar ; Jose Marinho > ; Samer El-Haj-Mahmoud Mahmoud@arm.com> > Subject: RE: [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng algorit= hms > > Is this defined in UEFI spec? or approved in future UEFI spec? > > > -----Original Message----- > > From: pierre.gondois@arm.com > > Sent: Tuesday, May 9, 2023 3:41 PM > > To: devel@edk2.groups.io > > Cc: Kinney, Michael D ; Gao, Liming > > ; Liu, Zhiguang ; Yao= , > > Jiewen ; Wang, Jian J ; Ar= d > > Biesheuvel ; Sami Mujawar > > ; Jose Marinho ; > > Samer El-Haj-Mahmoud > > Subject: [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng algorithm= s > > > > From: Pierre Gondois > > > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4441 > > > > The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has multiple > > implementations, some of them are unsafe (e.g. BaseRngLibTimerLib). > > To allow the RngDxe to detect when such implementation is used, > > a GetRngGuid() function is added in a following patch. > > > > Prepare GetRngGuid() return values and add GUIDs describing > > Rng algorithms: > > - gEfiRngAlgorithmArmRndr > > to describe a Rng algorithm accessed through Arm's RNDR instruction. > > [1] states that the implementation of this algorithm should be > > compliant to NIST SP900-80. The compliance is not guaranteed. > > - gEfiRngAlgorithmUnSafe > > to describe an unsafe implementation, cf. the BaseRngLibTimerLib. > > > > [1] Arm Architecture Reference Manual Armv8, for A-profile architecture > > sK12.1 'Properties of the generated random number' > > > > Signed-off-by: Pierre Gondois > > --- > > MdePkg/Include/Protocol/Rng.h | 20 ++++++++++++++++++++ > > MdePkg/MdePkg.dec | 2 ++ > > 2 files changed, 22 insertions(+) > > > > diff --git a/MdePkg/Include/Protocol/Rng.h > > b/MdePkg/Include/Protocol/Rng.h > > index baf425587b3c..dfdaf36e41dc 100644 > > --- a/MdePkg/Include/Protocol/Rng.h > > +++ b/MdePkg/Include/Protocol/Rng.h > > @@ -67,6 +67,24 @@ typedef EFI_GUID EFI_RNG_ALGORITHM; > > { \ > > 0xe43176d7, 0xb6e8, 0x4827, {0xb7, 0x84, 0x7f, 0xfd, 0xc4, 0xb6, 0= x85, > > 0x61 } \ > > } > > +/// > > +/// The Arm Architecture states the RNDR that the DRBG algorithm shoul= d > > be compliant > > +/// with NIST SP800-90A, while not mandating a particular algorithm, s= o as > > to be > > +/// inclusive of different geographies. > > +/// > > +#define EFI_RNG_ALGORITHM_ARM_RNDR \ > > + { \ > > + 0x43d2fde3, 0x9d4e, 0x4d79, {0x02, 0x96, 0xa8, 0x9b, 0xca, 0x78, = 0x08, > > 0x41} \ > > + } > > +/// > > +/// The implementation of a Random Number Generator might be unsafe, > > when using > > +/// a dummy implementation for instance. Allow identifying such > > implementation > > +/// with this GUID. > > +/// > > +#define EFI_RNG_ALGORITHM_UNSAFE \ > > + { \ > > + 0x869f728c, 0x409d, 0x4ab4, {0xac, 0x03, 0x71, 0xd3, 0x09, 0xc1, 0= xb3, > > 0xf4 } \ > > + } > > > > /** > > Returns information about the random number generation implementatio= n. > > @@ -146,5 +164,7 @@ extern EFI_GUID > > gEfiRngAlgorithmSp80090Ctr256Guid; > > extern EFI_GUID gEfiRngAlgorithmX9313DesGuid; > > extern EFI_GUID gEfiRngAlgorithmX931AesGuid; > > extern EFI_GUID gEfiRngAlgorithmRaw; > > +extern EFI_GUID gEfiRngAlgorithmArmRndr; > > +extern EFI_GUID gEfiRngAlgorithmUnSafe; > > > > #endif > > diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec > > index 0ecfad5795e4..754085eaa55b 100644 > > --- a/MdePkg/MdePkg.dec > > +++ b/MdePkg/MdePkg.dec > > @@ -633,6 +633,8 @@ [Guids] > > gEfiRngAlgorithmX9313DesGuid =3D { 0x63c4785a, 0xca34, 0x4012,= {0xa3, > > 0xc8, 0x0b, 0x6a, 0x32, 0x4f, 0x55, 0x46 }} > > gEfiRngAlgorithmX931AesGuid =3D { 0xacd03321, 0x777e, 0x4d3d,= {0xb1, > > 0xc8, 0x20, 0xcf, 0xd8, 0x88, 0x20, 0xc9 }} > > gEfiRngAlgorithmRaw =3D { 0xe43176d7, 0xb6e8, 0x4827,= {0xb7, > > 0x84, 0x7f, 0xfd, 0xc4, 0xb6, 0x85, 0x61 }} > > + gEfiRngAlgorithmArmRndr =3D { 0x43d2fde3, 0x9d4e, 0x4d79,= {0x02, > > 0x96, 0xa8, 0x9b, 0xca, 0x78, 0x08, 0x41 }} > > + gEfiRngAlgorithmUnSafe =3D { 0x869f728c, 0x409d, 0x4ab4,= {0xac, > > 0x03, 0x71, 0xd3, 0x09, 0xc1, 0xb3, 0xf4 }} > > > > ## Include/Protocol/AdapterInformation.h > > gEfiAdapterInfoMediaStateGuid =3D { 0xD7C74207, 0xA831, 0x4A26= , > > {0xB1, 0xF5, 0xD1, 0x93, 0x06, 0x5C, 0xE8, 0xB6 }} > > -- > > 2.25.1 IMPORTANT NOTICE: The contents of this email and any attachments are confid= ential and may also be privileged. If you are not the intended recipient, p= lease notify the sender immediately and do not disclose the contents to any= other person, use it for any purpose, or store or copy the information in = any medium. Thank you.