From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web11.20127.1669126762403836707 for ; Tue, 22 Nov 2022 06:19:22 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=BSB9XJ5H; spf=pass (domain: kernel.org, ip: 139.178.84.217, mailfrom: srs0=2rl2=3w=zx2c4.com=jason@kernel.org) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 8FB736170B; Tue, 22 Nov 2022 14:19:21 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 44A74C433D6; Tue, 22 Nov 2022 14:19:20 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="BSB9XJ5H" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1669126757; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=osVa8gHO96GEYDMJ1O5xfHguYqHGXF6uCCA2XDAzArg=; b=BSB9XJ5HA9jh55TsNjaalmdfg/wBwrptOIT4+wzQDD4qTHRPzje1LmjRiTrH9gmxIfwg5T grIKjpZWYY6T3ys4im7JtTzVyjZEJ7guFGCCg6f8y516cqLF2wGIo9jVUmqeRBlkjYWHBx vXN/9uLtEgPKbcJ+LHffH77dc3epUr4= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 6d62ba90 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Tue, 22 Nov 2022 14:19:17 +0000 (UTC) Date: Tue, 22 Nov 2022 15:19:14 +0100 From: "Jason A. Donenfeld" To: Pedro Falcato Cc: devel@edk2.groups.io, Michael D Kinney , Liming Gao , Zhiguang Liu Subject: Re: [PATCH 1/1] MdePkg/BaseRngLib: Add a smoketest for RDRAND and check CPUID Message-ID: References: <20221122140121.550740-1-pedro.falcato@gmail.com> MIME-Version: 1.0 In-Reply-To: <20221122140121.550740-1-pedro.falcato@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Hi, On Tue, Nov 22, 2022 at 02:01:21PM +0000, Pedro Falcato wrote: > RDRAND has notoriously been broken many times over its lifespan. > Add a smoketest to RDRAND, in order to better sniff out potential > security concerns. > > Also add a proper CPUID test in order to support older CPUs which may > not have it; it was previously being tested but then promptly ignored. > > Signed-off-by: Pedro Falcato > Cc: Michael D Kinney > Cc: Liming Gao > Cc: Zhiguang Liu Considering our discussion an hour ago, I would have appreciated you CC'ing me. I'm not subscribed to this list, and it's not on lore, so this is a bit of a PITA to subscribe to. > +STATIC > +BOOLEAN > +TestRdRand ( > + VOID > + ) > +{ > + // > + // Test for notoriously broken rdrand implementations that always return the same > + // value, like the Zen 3 uarch (all-1s) or other several AMD families on suspend/resume (also all-1s). > + // Note that this should be expanded to extensively test for other sorts of > + // possible errata. This testing is quite naive. > + // The test that the kernel does is more robust. Maybe try doing that instead? void x86_init_rdrand(struct cpuinfo_x86 *c) { enum { SAMPLES = 8, MIN_CHANGE = 5 }; unsigned long sample, prev; bool failure = false; size_t i, changed; if (!cpu_has(c, X86_FEATURE_RDRAND)) return; for (changed = 0, i = 0; i < SAMPLES; ++i) { if (!rdrand_long(&sample)) { failure = true; break; } changed += i && sample != prev; prev = sample; } if (changed < MIN_CHANGE) failure = true; if (failure) { clear_cpu_cap(c, X86_FEATURE_RDRAND); clear_cpu_cap(c, X86_FEATURE_RDSEED); pr_emerg("RDRAND is not reliable on this platform; disabling.\n"); } } Just copy and paste that and convert the Linuxisms to EDK2isms. Jason