rpms
/
edk2
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c8'
${ noResults }
edk2/SOURCES/edk2-SecurityPkg-RngDxe-Ren...

177 lines
5.9 KiB
Raw Permalink Blame History

From 2a5e4e144cbea46784fde638765a9c9068ed2869 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Tue, 25 Jun 2024 22:19:10 -0400
Subject: [PATCH 05/31] SecurityPkg/RngDxe: Rename RdRandGenerateEntropy to
generic name
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
RH-Acked-by: Gerd Hoffmann <None>
RH-Commit: [5/31] 12b8646964435f1a70def57afb9f4565b11c5dc8
JIRA: https://issues.redhat.com/browse/RHEL-21856
CVE: CVE-2022-45237
Upstream: Merged
commit 8a89747844a5061791e55a25daedcf895180a794
Author: Sami Mujawar <sami.mujawar@arm.com>
Date: Fri Oct 28 17:32:50 2022 +0200
SecurityPkg/RngDxe: Rename RdRandGenerateEntropy to generic name
Bugzilla: 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3668)
Rename RdRandGenerateEntropy() to GenerateEntropy() to provide a
common interface to generate entropy on other architectures.
GenerateEntropy() is intended to generate high quality entropy.
Also move the definition to RngDxeInternals.h
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
---
.../RngDxe/Rand/RdRand.c | 20 ++++++++++++-----
.../RngDxe/Rand/RngDxe.c | 7 ++++--
.../RandomNumberGenerator/RngDxe/RngDxe.inf | 2 +-
.../RngDxe/RngDxeInternals.h | 22 ++++++++++++++++++-
4 files changed, 41 insertions(+), 10 deletions(-)
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RdRand.c b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RdRand.c
index 83025a47d4..853bf43148 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RdRand.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RdRand.c
@@ -1,15 +1,23 @@
/** @file
- Support routines for RDRAND instruction access.
-
+ Support routines for RDRAND instruction access, which will leverage
+ Intel Secure Key technology to provide high-quality random numbers for use
+ in applications, or entropy for seeding other random number generators.
+ Refer to http://software.intel.com/en-us/articles/intel-digital-random-number
+ -generator-drng-software-implementation-guide/ for more information about Intel
+ Secure Key technology.
+
+Copyright (c) 2021 - 2022, Arm Limited. All rights reserved.<BR>
Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
#include <Library/RngLib.h>
+#include <Library/TimerLib.h>
#include "AesCore.h"
-#include "RdRand.h"
#include "RngDxeInternals.h"
/**
@@ -87,9 +95,9 @@ RdRandGetSeed128 (
**/
EFI_STATUS
EFIAPI
-RdRandGenerateEntropy (
- IN UINTN Length,
- OUT UINT8 *Entropy
+GenerateEntropy (
+ IN UINTN Length,
+ OUT UINT8 *Entropy
)
{
EFI_STATUS Status;
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
index 834123b945..19755b3bfd 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
@@ -14,13 +14,16 @@
- EFI_RNG_ALGORITHM_X9_31_3DES_GUID - Unsupported
- EFI_RNG_ALGORITHM_X9_31_AES_GUID - Unsupported
+ Copyright (c) 2021 - 2022, Arm Limited. All rights reserved.<BR>
Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
-#include "RdRand.h"
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+
#include "RngDxeInternals.h"
/**
@@ -88,7 +91,7 @@ RngGetRNG (
return EFI_INVALID_PARAMETER;
}
- Status = RdRandGenerateEntropy (RNGValueLength, RNGValue);
+ Status = GenerateEntropy (RNGValueLength, RNGValue);
return Status;
}
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
index f330097199..60efb5562e 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
@@ -10,6 +10,7 @@
#
# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
# (C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
+# Copyright (c) 2021 - 2022, Arm Limited. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -36,7 +37,6 @@
[Sources.IA32, Sources.X64]
Rand/RngDxe.c
Rand/RdRand.c
- Rand/RdRand.h
Rand/AesCore.c
Rand/AesCore.h
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h
index 25cccbe92c..fcb8b69153 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h
@@ -10,6 +10,8 @@
#ifndef RNGDXE_INTERNALS_H_
#define RNGDXE_INTERNALS_H_
+#include <Protocol/Rng.h>
+
/**
Returns information about the random number generation implementation.
@@ -114,4 +116,22 @@ RngGetBytes (
OUT UINT8 *RandBuffer
);
-#endif // RNGDXE_INTERNALS_H_
+/**
+ Generate high-quality entropy source using a TRNG or through RDRAND.
+
+ @param[in] Length Size of the buffer, in bytes, to fill with.
+ @param[out] Entropy Pointer to the buffer to store the entropy data.
+
+ @retval EFI_SUCCESS Entropy generation succeeded.
+ @retval EFI_NOT_READY Failed to request random data.
+
+**/
+EFI_STATUS
+EFIAPI
+GenerateEntropy (
+ IN UINTN Length,
+ OUT UINT8 *Entropy
+ );
+
+#endif // RNGDXE_INTERNALS_H_
+
--
2.39.3
Reference in new issue View Git Blame Copy Permalink