public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Laszlo Ersek" <lersek@redhat.com>
To: devel@edk2.groups.io, Jason@zx2c4.com, Ard Biesheuvel <ardb@kernel.org>
Cc: Liming Gao <gaoliming@byosoft.com.cn>,
	Rebecca Cran <rebecca@bsdio.com>,
	Pierre Gondois <pierre.gondois@arm.com>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Gerd Hoffmann <kraxel@redhat.com>,
	pedro.falcato@gmail.com
Subject: Re: [edk2-devel] [PATCH 0/3] OVMF: support EFI_RNG_PROTOCOL without virtio-rng
Date: Wed, 11 Jan 2023 16:23:03 +0100	[thread overview]
Message-ID: <b0a48383-9aa0-f13f-e5e8-93fbd648c48a@redhat.com> (raw)
In-Reply-To: <CAHmME9qyefdY52AHV2kNHuEUKJ-_SexA7K8pXa3__68jBCjE8Q@mail.gmail.com>

On 1/10/23 19:19, Jason A. Donenfeld via groups.io wrote:
> Could we get this merged?

Sorry to barge in -- I have *zero* complaints regarding this particular
series, so whatever I'm about to say regards *further* BDS
customizations. Please feel free to go ahead with merging this one, as
far as I'm concerned.

So, picking up the thread at
<https://listman.redhat.com/archives/edk2-devel-archive/2022-November/055607.html>.
The argument in that thread was made that "RDRAND-based protocol is
better than nothing". However, the most recent idea, favoring the
RDRAND-based protocol implementation over the virtio-rng-based one,
seems to enable a degradation too, of EFI-time randomness.

Most commonly, virtio-rng is fed on the host side from /dev/urandom,
which *I think* means that the EFI_RNG_PROTOCOL from VirtioRngDxe will
expose all the "good quality entropy", pre-boot, that the host-side
Linux kernel collects from *multiple* sources. If the consumer of
EFI_RNG_PROTOCOL in the guest doesn't do its own mixing, it sill gets
the good stuff. That could potentially be degraded by relying on RDRAND
only, in the guest.

I can't propose any particular priority ordering mechanism for the
platform firmware to produce exactly one EFI_RNG_PROTOCOL.

Normally I'd suggest any viable mechanism for the platform to block or
to delay "SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf" --
introducing a new dynamic PCD for early exit, adding a new protocol
dependency to its DEPEX, postponing its protocol installation to an
event group notification function or a protocol installation
notification. Note that RngDxe.inf is a DXE_DRIVER, so it produces its
protocol in its entry point function, so for blocking it or
short-circuiting it, one of these measures would be needed. It could
even be turned into a UEFI_DRIVER, one that would bind a synthetic VenHw
device path.

But, I'm not proposing any of those right now, because I imagine there
are advantages to having EFI_RNG_PROTOCOL in the DXE phase, that is,
*before* the BDS phase.

VirtioRngDxe is a UEFI_DRIVER module that follows the UEFI driver model;
in other words, it won't do anything beyond exposing the
EFI_DRIVER_BINDING_PROTOCOL until BDS connects it. I think that should
be sufficient for most cases, even (for example) possibly providing
randomness for TLS in UEFI HTTPS Boot. But I vaguely remember we had
wished for randomness being available earlier than BDS.
"SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf" can fill that
role, VirtioRngDxe can't.

So best would be if both could coexist, and VirtioRngDxe took effect
*whenever* it were available. Of course the UEFI spec allows for a
client to collect all instances of EFI_RNG_PROTOCOL, and then to call
GetInfo() on each, but that's hardly enough for a client to pick the one
it thinks is "more secure". So one way or another we might want to
control this still at the platform level, where we can form ideas about
both protocol providers, *and* perhaps even determine if we *actually
need* pre-BDS randomness.

BDS could try connecting the virtio-rng device. If that failed, it could
try "unblocking" RngDxe. If RngDxe were a UEFI driver following the UEFI
driver model (see the VenHw option above), this would not be hard to do,
with a "fallback" gBS->ConnectController() call.

(Regarding VenHw vs. VenMedia vs. VenMsg -- RngDxe uses an RNG that's
built into the processor, wich is arguably "inside the resource domain"
of the system. So VenHw seems the right choice.)

RngDxe could perhaps be restructured for the addition of a new entry
point (new INF file and new entry point C file), so that it remain
compatible with existent platforms that already consume it (and want it
to remain a DXE_DRIVER).

BDS could also signal an event group or install a synthetic protocol, so
that the notification function in RngDxe expose EFI_RNG_PROTOCOL in
response.

Unblocking a DXE_DRIVER's DEPEX from BDS seems more cumbersome, by
installing a dependend-upon synthetic protocol; I believe we might have
to call gDS->Dispatch() manually then.

And if a dynamic PCD caused RngDxe to exit early, we couldn't undo that
from BDS at all.

Thanks for considering,
Laszlo


  parent reply	other threads:[~2023-01-11 15:23 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-11-10 13:47 [PATCH 0/3] OVMF: support EFI_RNG_PROTOCOL without virtio-rng Ard Biesheuvel
2022-11-10 13:47 ` [PATCH 1/3] ArmPkg/ArmTrngLib: Fix incorrect GUID reference in DEBUG() output Ard Biesheuvel
2022-11-10 14:39   ` Sami Mujawar
2022-11-10 13:47 ` [PATCH 2/3] ArmVirtPkg/ArmVirtQemu: Expose TRNG hypercall via RngDxe if implemented Ard Biesheuvel
2022-11-18 16:48   ` PierreGondois
2023-01-11 16:49     ` [edk2-devel] " Ard Biesheuvel
2023-01-11 17:38       ` PierreGondois
2023-01-11 17:45         ` Ard Biesheuvel
2022-11-10 13:47 ` [PATCH 3/3] OvmfPkg/OvmfX86: Enable RDRAND based EFI_RNG_PROTOCOL implementation Ard Biesheuvel
2022-11-22 11:35   ` [edk2-devel] " Pedro Falcato
2022-11-22 12:20     ` Jason A. Donenfeld
2022-11-22 12:45       ` Pedro Falcato
2022-11-22 13:10         ` Jason A. Donenfeld
2022-11-22 14:17           ` Pedro Falcato
2022-11-22 14:21             ` Jason A. Donenfeld
2022-11-22 12:29     ` Jason A. Donenfeld
2022-11-11  0:41 ` 回复: [PATCH 0/3] OVMF: support EFI_RNG_PROTOCOL without virtio-rng gaoliming
2022-11-11  2:41 ` Jason A. Donenfeld
2022-11-11  7:47   ` Ard Biesheuvel
2022-11-11 17:03     ` Jason A. Donenfeld
     [not found] ` <172660F4A69E435E.25609@groups.io>
2022-11-11  3:53   ` 回复: [edk2-devel] 回复: " gaoliming
2022-11-11  7:34     ` Ard Biesheuvel
2022-11-11  8:14 ` [edk2-devel] " Gerd Hoffmann
2023-01-10 18:19 ` Jason A. Donenfeld
2023-01-11 11:41   ` Ard Biesheuvel
2023-01-11 15:23   ` Laszlo Ersek [this message]
2023-01-11 16:03     ` [edk2-devel] " Ard Biesheuvel
2023-01-11 16:05       ` Ard Biesheuvel
2023-01-12  9:27         ` Laszlo Ersek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=b0a48383-9aa0-f13f-e5e8-93fbd648c48a@redhat.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox