Re: [edk2-devel] [PATCH v8 06/19] MdePkg/TrngLib: Definition for TRNG library class interface

["Leif Lindholm" <quic_llindhol@quicinc.com>]

Hi Jiewen,

There could be an argument for moving it to MdeModulePkg, but there is
no argument for it moving to ArmPkg.

ArmPkg does not have any reason to exist other than that it has not
yet been properly integrated in the core packages. Which clearly is
becoming more urgent, as I seem to be raising this point even more
frequently these days.

Best Regards,

Leif

On Wed, Oct 26, 2022 at 13:25:54 +0000, Yao, Jiewen wrote:
> Hi 
> This API is very ARM platform specific.
> 
> I don't see any interface like GetVersion or GetUUID is defined in 800-90A/90B/90C. 
> What it is following is "Arm True Random Number Generator Firmware, Interface 1.0". As such, I feel uncomfortable to define TrngLib in MdePkg.
> 
> I have raised my concern before. My recommend is to move ArmPkg, for example ArmTrngLib.
> 
> 
> 
> Thank you
> Yao Jiewen
> 
> 
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of
> > PierreGondois
> > Sent: Tuesday, October 18, 2022 9:21 PM
> > To: devel@edk2.groups.io
> > Cc: Sami Mujawar <sami.mujawar@arm.com>; Leif Lindholm
> > <quic_llindhol@quicinc.com>; Ard Biesheuvel
> > <ardb+tianocore@kernel.org>; Rebecca Cran <rebecca@bsdio.com>; Kinney,
> > Michael D <michael.d.kinney@intel.com>; Gao, Liming
> > <gaoliming@byosoft.com.cn>; Yao, Jiewen <jiewen.yao@intel.com>; Wang,
> > Jian J <jian.j.wang@intel.com>
> > Subject: [edk2-devel] [PATCH v8 06/19] MdePkg/TrngLib: Definition for
> > TRNG library class interface
> > 
> > From: Sami Mujawar <sami.mujawar@arm.com>
> > 
> > Bugzilla: 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3668)
> > 
> > The NIST Special Publications 800-90A, 800-90B and 800-90C
> > provide recommendations for random number generation. The
> > NIST 800-90C, Recommendation for Random Bit Generator (RBG)
> > Constructions, defines the GetEntropy() interface that is
> > used to access the entropy source. The GetEntropy() interface
> > is further used by Deterministic Random Bit Generators (DRBG)
> > to generate random numbers.
> > 
> > The True Random Number Generator (TRNG) library defines an
> > interface to access the entropy source on a platform. Some
> > platforms/architectures may provide access to the entropy
> > using a firmware interface. In such cases the TRNG library
> > shall be used to provide an abstraction.
> > 
> > Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
> > ---
> >  MdePkg/Include/Library/TrngLib.h | 103
> > +++++++++++++++++++++++++++++++
> >  MdePkg/MdePkg.dec                |   5 ++
> >  2 files changed, 108 insertions(+)
> >  create mode 100644 MdePkg/Include/Library/TrngLib.h
> > 
> > diff --git a/MdePkg/Include/Library/TrngLib.h
> > b/MdePkg/Include/Library/TrngLib.h
> > new file mode 100644
> > index 000000000000..535fd53f4305
> > --- /dev/null
> > +++ b/MdePkg/Include/Library/TrngLib.h
> > @@ -0,0 +1,103 @@
> > +/** @file
> > +  TRNG interface library definitions.
> > +
> > +  Copyright (c) 2021 - 2022, Arm Limited. All rights reserved.<BR>
> > +
> > +  SPDX-License-Identifier: BSD-2-Clause-Patent
> > +
> > +  @par Reference(s):
> > +  - [1] NIST Special Publication 800-90B, Recommendation for the Entropy
> > +        Sources Used for Random Bit Generation.
> > +        (https://csrc.nist.gov/publications/detail/sp/800-90b/final)
> > +
> > +  @par Glossary:
> > +    - TRNG - True Random Number Generator
> > +**/
> > +
> > +#ifndef TRNG_LIB_H_
> > +#define TRNG_LIB_H_
> > +
> > +/** Get the version of the TRNG backend.
> > +
> > +  A TRNG may be implemented by the system firmware, in which case this
> > +  function shall return the version of the TRNG backend.
> > +  The implementation must return NOT_SUPPORTED if a Back end is not
> > present.
> > +
> > +  @param [out]  MajorRevision     Major revision.
> > +  @param [out]  MinorRevision     Minor revision.
> > +
> > +  @retval  RETURN_SUCCESS            The function completed successfully.
> > +  @retval  RETURN_INVALID_PARAMETER  Invalid parameter.
> > +  @retval  RETURN_UNSUPPORTED        Backend not present.
> > +**/
> > +RETURN_STATUS
> > +EFIAPI
> > +GetTrngVersion (
> > +  OUT UINT16  *MajorRevision,
> > +  OUT UINT16  *MinorRevision
> > +  );
> > +
> > +/** Get the UUID of the TRNG backend.
> > +
> > +  A TRNG may be implemented by the system firmware, in which case this
> > +  function shall return the UUID of the TRNG backend.
> > +  Returning the TRNG UUID is optional and if not implemented,
> > RETURN_UNSUPPORTED
> > +  shall be returned.
> > +
> > +  Note: The caller must not rely on the returned UUID as a trustworthy
> > TRNG
> > +        Back end identity
> > +
> > +  @param [out]  Guid              UUID of the TRNG backend.
> > +
> > +  @retval  RETURN_SUCCESS            The function completed successfully.
> > +  @retval  RETURN_INVALID_PARAMETER  Invalid parameter.
> > +  @retval  RETURN_UNSUPPORTED        Function not implemented.
> > +**/
> > +RETURN_STATUS
> > +EFIAPI
> > +GetTrngUuid (
> > +  OUT GUID  *Guid
> > +  );
> > +
> > +/** Returns maximum number of entropy bits that can be returned in a
> > single
> > +    call.
> > +
> > +  @return Returns the maximum number of Entropy bits that can be
> > returned
> > +          in a single call to GetTrngEntropy().
> > +**/
> > +UINTN
> > +EFIAPI
> > +GetTrngMaxSupportedEntropyBits (
> > +  VOID
> > +  );
> > +
> > +/** Returns N bits of conditioned entropy.
> > +
> > +  See [1] Section 2.3.1 GetEntropy: An Interface to the Entropy Source
> > +    GetEntropy
> > +      Input:
> > +        bits_of_entropy: the requested amount of entropy
> > +      Output:
> > +        entropy_bitstring: The string that provides the requested entropy.
> > +      status: A Boolean value that is TRUE if the request has been satisfied,
> > +              and is FALSE otherwise.
> > +
> > +  @param  [in]   EntropyBits  Number of entropy bits requested.
> > +  @param  [in]   BufferSize   Size of the Buffer in bytes.
> > +  @param  [out]  Buffer       Buffer to return the entropy bits.
> > +
> > +  @retval  RETURN_SUCCESS            The function completed successfully.
> > +  @retval  RETURN_INVALID_PARAMETER  Invalid parameter.
> > +  @retval  RETURN_UNSUPPORTED        Function not implemented.
> > +  @retval  RETURN_BAD_BUFFER_SIZE    Buffer size is too small.
> > +  @retval  RETURN_NOT_READY          No Entropy available.
> > +**/
> > +RETURN_STATUS
> > +EFIAPI
> > +GetTrngEntropy (
> > +  IN  UINTN  EntropyBits,
> > +  IN  UINTN  BufferSize,
> > +  OUT UINT8  *Buffer
> > +  );
> > +
> > +#endif // TRNG_LIB_H_
> > diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
> > index 4c81cbd75ab2..0a7859fc1d3f 100644
> > --- a/MdePkg/MdePkg.dec
> > +++ b/MdePkg/MdePkg.dec
> > @@ -8,6 +8,7 @@
> >  # Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
> >  # (C) Copyright 2016 - 2021 Hewlett Packard Enterprise Development
> > LP<BR>
> >  # Copyright (c) 2022, Loongson Technology Corporation Limited. All rights
> > reserved.<BR>
> > +# Copyright (c) 2021 - 2022, Arm Limited. All rights reserved.<BR>
> >  #
> >  # SPDX-License-Identifier: BSD-2-Clause-Patent
> >  #
> > @@ -279,6 +280,10 @@ [LibraryClasses]
> >    ## @libraryclass  Provides function for SMM CPU Rendezvous Library.
> >    SmmCpuRendezvousLib|Include/Library/SmmCpuRendezvousLib.h
> > 
> > +  ##  @libraryclass  Provides services to generate Entropy using a TRNG.
> > +  #
> > +  TrngLib|Include/Library/TrngLib.h
> > +
> >  [LibraryClasses.IA32, LibraryClasses.X64, LibraryClasses.AARCH64]
> >    ##  @libraryclass  Provides services to generate random number.
> >    #
> > --
> > 2.25.1
> > 
> > 
> > 
> > -=-=-=-=-=-=
> > Groups.io Links: You receive all messages sent to this group.
> > View/Reply Online (#95322):
> > https://edk2.groups.io/g/devel/message/95322
> > Mute This Topic: https://groups.io/mt/94407745/1772286
> > Group Owner: devel+owner@edk2.groups.io
> > Unsubscribe: https://edk2.groups.io/g/devel/unsub [jiewen.yao@intel.com]
> > -=-=-=-=-=-=
> > 
>