rpms
/
edk2
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c8'
${ noResults }
edk2/SOURCES/edk2-SecurityPkg-RngDxe-Rem...

259 lines
11 KiB
Raw Permalink Normal View History Unescape

import edk2-20220126gitbb1bba3d77-13.el8_10.2
1 month ago
From df912b4c93cd848991d9a9439d3aba441bae1d67 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Tue, 25 Jun 2024 22:21:09 -0400
Subject: [PATCH 06/31] SecurityPkg/RngDxe: Remove
ArchGetSupportedRngAlgorithms()
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
RH-Acked-by: Gerd Hoffmann <None>
RH-Commit: [6/31] 4066cb1503b5c5a29b6d45a4b671d0829f2671ae
JIRA: https://issues.redhat.com/browse/RHEL-21856
CVE: CVE-2022-45237
Upstream: Merged
commit 922bf317f1731554b3e77a0a48033a38fdc75a77
Author: Pierre Gondois <Pierre.Gondois@arm.com>
Date: Fri Oct 28 17:32:52 2022 +0200
SecurityPkg/RngDxe: Remove ArchGetSupportedRngAlgorithms()
RngGetInfo() is one of the 2 functions of the EFI_RNG_PROTOCOL.
RngGetInfo() is currently a mere wrapper around
ArchGetSupportedRngAlgorithms() which is implemented differently
depending on the architecture used.
RngGetInfo() does nothing more than calling
ArchGetSupportedRngAlgorithms(). So remove it, and let RngGetInfo()
be implemented differently according to the architecture.
This follows the implementation of the other function of the
EFI_RNG_PROTOCOL, RngGetRNG().
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
---
.../RngDxe/AArch64/RngDxe.c | 19 +++++--
.../RngDxe/Rand/RngDxe.c | 24 ++++++---
.../RandomNumberGenerator/RngDxe/RngDxe.c | 49 -------------------
.../RngDxe/RngDxeInternals.h | 25 ----------
4 files changed, 33 insertions(+), 84 deletions(-)
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c
index 1cdc842966..f6a0bf7b2b 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c
@@ -14,6 +14,7 @@
Copyright (c) 2021, NUVIA Inc. All rights reserved.<BR>
Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
+ Copyright (c) 2021 - 2022, Arm Limited. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -85,6 +86,7 @@ RngGetRNG (
/**
Returns information about the random number generation implementation.
+ @param[in] This A pointer to the EFI_RNG_PROTOCOL instance.
@param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.
On output with a return code of EFI_SUCCESS, the size
in bytes of the data returned in RNGAlgorithmList. On output
@@ -97,14 +99,19 @@ RngGetRNG (
is the default algorithm for the driver.
@retval EFI_SUCCESS The RNG algorithm list was returned successfully.
+ @retval EFI_UNSUPPORTED The services is not supported by this driver.
+ @retval EFI_DEVICE_ERROR The list of algorithms could not be retrieved due to a
+ hardware or firmware error.
+ @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
@retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result.
**/
-UINTN
+EFI_STATUS
EFIAPI
-ArchGetSupportedRngAlgorithms (
- IN OUT UINTN *RNGAlgorithmListSize,
- OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
+RngGetInfo (
+ IN EFI_RNG_PROTOCOL *This,
+ IN OUT UINTN *RNGAlgorithmListSize,
+ OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
)
{
UINTN RequiredSize;
@@ -112,6 +119,10 @@ ArchGetSupportedRngAlgorithms (
RequiredSize = sizeof (EFI_RNG_ALGORITHM);
+ if ((This == NULL) || (RNGAlgorithmListSize == NULL)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
if (*RNGAlgorithmListSize < RequiredSize) {
*RNGAlgorithmListSize = RequiredSize;
return EFI_BUFFER_TOO_SMALL;
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
index 19755b3bfd..5a649ecf24 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
@@ -104,6 +104,7 @@ RngGetRNG (
/**
Returns information about the random number generation implementation.
+ @param[in] This A pointer to the EFI_RNG_PROTOCOL instance.
@param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.
On output with a return code of EFI_SUCCESS, the size
in bytes of the data returned in RNGAlgorithmList. On output
@@ -116,19 +117,28 @@ RngGetRNG (
is the default algorithm for the driver.
@retval EFI_SUCCESS The RNG algorithm list was returned successfully.
+ @retval EFI_UNSUPPORTED No supported algorithms found.
+ @retval EFI_DEVICE_ERROR The list of algorithms could not be retrieved due to a
+ hardware or firmware error.
+ @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
@retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result.
**/
-UINTN
+EFI_STATUS
EFIAPI
-ArchGetSupportedRngAlgorithms (
- IN OUT UINTN *RNGAlgorithmListSize,
- OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
+RngGetInfo (
+ IN EFI_RNG_PROTOCOL *This,
+ IN OUT UINTN *RNGAlgorithmListSize,
+ OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
)
{
UINTN RequiredSize;
EFI_RNG_ALGORITHM *CpuRngSupportedAlgorithm;
+ if ((This == NULL) || (RNGAlgorithmListSize == NULL)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
RequiredSize = 2 * sizeof (EFI_RNG_ALGORITHM);
if (*RNGAlgorithmListSize < RequiredSize) {
@@ -136,9 +146,11 @@ ArchGetSupportedRngAlgorithms (
return EFI_BUFFER_TOO_SMALL;
}
- CpuRngSupportedAlgorithm = PcdGetPtr (PcdCpuRngSupportedAlgorithm);
+ if (RNGAlgorithmList == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
- CopyMem(&RNGAlgorithmList[0], CpuRngSupportedAlgorithm, sizeof (EFI_RNG_ALGORITHM));
+ CopyMem (&RNGAlgorithmList[0], &gEfiRngAlgorithmSp80090Ctr256Guid, sizeof (EFI_RNG_ALGORITHM));
// x86 platforms also support EFI_RNG_ALGORITHM_RAW via RDSEED
CopyMem(&RNGAlgorithmList[1], &gEfiRngAlgorithmRaw, sizeof (EFI_RNG_ALGORITHM));
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c
index b959c70536..7b8ecfc70d 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c
@@ -28,55 +28,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "RngDxeInternals.h"
-/**
- Returns information about the random number generation implementation.
-
- @param[in] This A pointer to the EFI_RNG_PROTOCOL instance.
- @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.
- On output with a return code of EFI_SUCCESS, the size
- in bytes of the data returned in RNGAlgorithmList. On output
- with a return code of EFI_BUFFER_TOO_SMALL,
- the size of RNGAlgorithmList required to obtain the list.
- @param[out] RNGAlgorithmList A caller-allocated memory buffer filled by the driver
- with one EFI_RNG_ALGORITHM element for each supported
- RNG algorithm. The list must not change across multiple
- calls to the same driver. The first algorithm in the list
- is the default algorithm for the driver.
-
- @retval EFI_SUCCESS The RNG algorithm list was returned successfully.
- @retval EFI_UNSUPPORTED The services is not supported by this driver.
- @retval EFI_DEVICE_ERROR The list of algorithms could not be retrieved due to a
- hardware or firmware error.
- @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
- @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result.
-
-**/
-EFI_STATUS
-EFIAPI
-RngGetInfo (
- IN EFI_RNG_PROTOCOL *This,
- IN OUT UINTN *RNGAlgorithmListSize,
- OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
- )
-{
- EFI_STATUS Status;
-
- if ((This == NULL) || (RNGAlgorithmListSize == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Return algorithm list supported by driver.
- //
- if (RNGAlgorithmList != NULL) {
- Status = ArchGetSupportedRngAlgorithms (RNGAlgorithmListSize, RNGAlgorithmList);
- } else {
- Status = EFI_INVALID_PARAMETER;
- }
-
- return Status;
-}
-
//
// The Random Number Generator (RNG) protocol
//
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h
index fcb8b69153..f17adb83fb 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h
@@ -74,31 +74,6 @@ RngGetRNG (
OUT UINT8 *RNGValue
);
-/**
- Returns information about the random number generation implementation.
-
- @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.
- On output with a return code of EFI_SUCCESS, the size
- in bytes of the data returned in RNGAlgorithmList. On output
- with a return code of EFI_BUFFER_TOO_SMALL,
- the size of RNGAlgorithmList required to obtain the list.
- @param[out] RNGAlgorithmList A caller-allocated memory buffer filled by the driver
- with one EFI_RNG_ALGORITHM element for each supported
- RNG algorithm. The list must not change across multiple
- calls to the same driver. The first algorithm in the list
- is the default algorithm for the driver.
-
- @retval EFI_SUCCESS The RNG algorithm list was returned successfully.
- @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result.
-
-**/
-UINTN
-EFIAPI
-ArchGetSupportedRngAlgorithms (
- IN OUT UINTN *RNGAlgorithmListSize,
- OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
- );
-
/**
Runs CPU RNG instruction to fill a buffer of arbitrary size with random bytes.
--
2.39.3