On Fri, 15 Nov 2019 at 17:21, Kinney, Michael D <michael.d.kin...@intel.com> wrote: > > Hi Ard, > > What would you recommend as way to provide these different > types of services? Some more new lib classes and instances? >
Basically, yes. RngLib could be backed by RDRAND, or by a fully generic DRBG implementation which depends on EntropySourceLib. EntropySourceLib could be backed by RDSEED, by another arch-specific method, or [assuming we can prove it works] a generic jitter entropy library. BlockEncryptionIvLib could be implemented using a counter and a CRC library, or backed by RngLib, depending on the execution context. For DXE phase, I think it would actually make sense to have a single driver consuming EntropySourceLib and implementing the DRBG, and then expose that via a EDK2 specific protocol that is consumed by DxeRngLib. For the x86 implementation of EFI_RNG_PROTOCOL, which currently has some dreadful code to harvest entropy from RDRAND, we could actually instantiate in different ways (and expose varying subsets of the GUIDed DRBG flavours) depending on whether it has a working RngLib only, or has a working EntropySourceLib as well. > > -----Original Message----- > > From: Ard Biesheuvel <ard.biesheu...@linaro.org> > > Sent: Friday, November 15, 2019 5:29 AM > > To: edk2-devel-groups-io <devel@edk2.groups.io>; Wang, > > Jian J <jian.j.w...@intel.com> > > Cc: Kinney, Michael D <michael.d.kin...@intel.com>; > > Yao, Jiewen <jiewen....@intel.com>; Zhang, Chao B > > <chao.b.zh...@intel.com>; Gao, Liming > > <liming....@intel.com>; Ni, Ray <ray...@intel.com> > > Subject: Re: [edk2-devel] [PATCH 05/11] > > SecurityPkg/RngLibRdSeed: add an instance of RngLib to > > make use rdseed > > > > On Thu, 14 Nov 2019 at 04:39, Wang, Jian J > > <jian.j.w...@intel.com> wrote: > > > > > > Mike, > > > > > > I figured that rdseed is only needed in cases > > demanding highest > > > entropy, like seeding other pseudo-RNG. It's not for > > general purpose randomness. > > > Then I put it in SecurityPkg. But I'm ok to put it > > into MdePkg. I have > > > no strong opinion for this. > > > > > > > I think it is a bad idea to use the same library > > abstraction [RngLib] for exposing > > a) entropy sources used for seeding deterministic > > random number generators > > b) deterministic random number generators themselves > > c) low entropy pseudo-RNGs based on timestamp counters, > > etc > > > > given that the use cases don't usually overlap. I.e., > > only a DRBG implementation requires a), and exports > > RngLib itself based on that. > > Use cases that can tolerate c) [like IV generators for > > block encryption] are typically disjoint from ones that > > require b) [for key generation]. The idea that you can > > use RngLib for all of them, and plug arbitrary > > instantiations of it into each is misguided IMHO. > > > > > > > > > > -----Original Message----- > > > > From: Kinney, Michael D > > <michael.d.kin...@intel.com> > > > > Sent: Thursday, November 14, 2019 12:25 PM > > > > To: devel@edk2.groups.io; Wang, Jian J > > <jian.j.w...@intel.com>; > > > > Kinney, Michael D <michael.d.kin...@intel.com> > > > > Cc: Yao, Jiewen <jiewen....@intel.com>; Zhang, Chao > > B > > > > <chao.b.zh...@intel.com>; Gao, Liming > > <liming....@intel.com>; Ni, > > > > Ray <ray...@intel.com> > > > > Subject: RE: [edk2-devel] [PATCH 05/11] > > SecurityPkg/RngLibRdSeed: > > > > add an instance of RngLib to make use rdseed > > > > > > > > Jian, > > > > > > > > Why is this lib instance in the SecurityPkg? It > > only depends on the > > > > MdePkg. Can't non security feature related modules > > that want to a > > > > random number use this lib without using the > > SecurityPkg? Could > > > > this lib instance be added to MdePkg? > > > > > > > > Thanks, > > > > > > > > Mike > > > > > > > > > -----Original Message----- > > > > > From: devel@edk2.groups.io <devel@edk2.groups.io> > > On Behalf Of > > > > > Wang, Jian J > > > > > Sent: Wednesday, November 13, 2019 6:18 PM > > > > > To: devel@edk2.groups.io > > > > > Cc: Yao, Jiewen <jiewen....@intel.com>; Zhang, > > Chao B > > > > > <chao.b.zh...@intel.com>; Kinney, Michael D > > > > > <michael.d.kin...@intel.com>; Gao, Liming > > <liming....@intel.com>; > > > > > Ni, Ray <ray...@intel.com> > > > > > Subject: [edk2-devel] [PATCH 05/11] > > > > > SecurityPkg/RngLibRdSeed: add an instance of > > RngLib to make use > > > > > rdseed > > > > > > > > > > This version of RngLib makes use of AsmRdSeed to > > get > > > > > non-deterministic random number, which can be > > used for seeding > > > > > other software DRNG like rand interface in > > openssl. It can be used > > > > > only on IA32/X64 processors which supports rdseed > > instruction. > > > > > > > > > > Ref: > > > > > > > https://bugzilla.tianocore.org/show_bug.cgi?id=1871 > > > > > Cc: Jiewen Yao <jiewen....@intel.com> > > > > > Cc: Chao Zhang <chao.b.zh...@intel.com> > > > > > Cc: Michael D Kinney <michael.d.kin...@intel.com> > > > > > Cc: Liming Gao <liming....@intel.com> > > > > > Cc: Ray Ni <ray...@intel.com> > > > > > Signed-off-by: Jian J Wang > > <jian.j.w...@intel.com> > > > > > --- > > > > > .../RngLibRdSeed/RngLibRdSeed.inf | > > 37 > > > > > ++++ > > > > > .../RngLibRdSeed/RngLibRdSeed.uni | > > 18 ++ > > > > > .../RngLibRdSeed/RngRdSeed.c | > > 189 > > > > > ++++++++++++++++++ > > > > > 3 files changed, 244 insertions(+) create mode > > 100644 > > > > > > > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRd > > > > > Seed.inf > > > > > create mode 100644 > > > > > > > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRd > > > > > Seed.uni > > > > > create mode 100644 > > > > > > > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngRdSee > > > > > d.c > > > > > > > > > > diff --git > > > > > > > a/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLib > > > > > RdSeed.inf > > > > > > > b/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLib > > > > > RdSeed.inf > > > > > new file mode 100644 > > > > > index 0000000000..8162408775 > > > > > --- /dev/null > > > > > +++ > > > > > > > b/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLib > > > > > RdSeed.inf > > > > > @@ -0,0 +1,37 @@ > > > > > +## @file > > > > > +# Instance of RNG (Random Number Generator) > > Library. > > > > > +# > > > > > +# Rng RdSeed Library that uses CPU RdSeed > > instruction > > > > > access to > > > > > +provide # non-deterministic random number which > > can > > > > > be used as seed > > > > > +for other # software deterministic RNGs. > > > > > +# > > > > > +# Copyright (c) 2019, Intel Corporation. All > > rights > > > > > reserved.<BR> # # > > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent # # > > ## > > > > > + > > > > > +[Defines] > > > > > + INF_VERSION = 0x00010029 > > > > > + BASE_NAME = RngLibRdSeed > > > > > + MODULE_UNI_FILE = > > RngLibRdSeed.uni > > > > > + FILE_GUID = 8B613B2E- > > B944-40F9- > > > > > B979-1B60D7CAA73C > > > > > + MODULE_TYPE = BASE > > > > > + VERSION_STRING = 1.0 > > > > > + LIBRARY_CLASS = RngLib > > > > > + CONSTRUCTOR = > > > > > RngLibRdSeedConstructor > > > > > + > > > > > +# > > > > > +# VALID_ARCHITECTURES = IA32 X64 > > > > > +# > > > > > + > > > > > +[Sources.Ia32, Sources.X64] > > > > > + RngRdSeed.c > > > > > + > > > > > +[Packages] > > > > > + MdePkg/MdePkg.dec > > > > > + > > > > > +[LibraryClasses] > > > > > + BaseLib > > > > > + DebugLib > > > > > diff --git > > > > > > > a/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLib > > > > > RdSeed.uni > > > > > > > b/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLib > > > > > RdSeed.uni > > > > > new file mode 100644 > > > > > index 0000000000..051a3019bc > > > > > --- /dev/null > > > > > +++ > > > > > > > b/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLib > > > > > RdSeed.uni > > > > > @@ -0,0 +1,18 @@ > > > > > +// /** @file > > > > > +// Instance of RNG (Random Number Generator) > > Library. > > > > > +// > > > > > +// Rng RdSeed Library that uses CPU RdSeed > > instruction > > > > > access to > > > > > +provide // non-deterministic random number which > > can > > > > > be used as seed > > > > > +for other // software deterministic RNGs. > > > > > +// > > > > > +// Copyright (c) 2019, Intel Corporation. All > > rights > > > > > reserved.<BR> // > > > > > +// SPDX-License-Identifier: BSD-2-Clause-Patent > > // // > > > > > **/ > > > > > + > > > > > + > > > > > +#string STR_MODULE_ABSTRACT > > #language en- > > > > > US "Instance of RNG Library" > > > > > + > > > > > +#string STR_MODULE_DESCRIPTION > > #language en- > > > > > US "RngRdSeed Library that uses CPU RdSeed > > instruction access to > > > > > provide non-deterministic random numbers." > > > > > + > > > > > diff --git > > > > > > > a/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngRdS > > > > > eed.c > > > > > > > b/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngRdS > > > > > eed.c > > > > > new file mode 100644 > > > > > index 0000000000..0036faa050 > > > > > --- /dev/null > > > > > +++ > > > > > > > b/SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngRdS > > > > > eed.c > > > > > @@ -0,0 +1,189 @@ > > > > > +/** @file > > > > > + Random number generator services that uses > > RdSeed > > > > > instruction access > > > > > + to provide non-deterministic random numbers, > > which > > > > > are usually used > > > > > + for seeding other pseudo-random number > > generators. > > > > > + > > > > > +Copyright (c) 2019, Intel Corporation. All > > rights > > > > > reserved.<BR> > > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent > > > > > + > > > > > +**/ > > > > > + > > > > > +#include <Library/BaseLib.h> > > > > > +#include <Library/DebugLib.h> > > > > > +#include <Library/RngLib.h> > > > > > + > > > > > +// > > > > > +// Bit mask used to determine if RdSeed > > instruction is > > > > > supported. > > > > > +// > > > > > +#define RDSEED_MASK BIT18 > > > > > + > > > > > +// > > > > > +// Limited retry number when valid random data > > is > > > > > returned. > > > > > +// It varies between 1 and 100 according to > > "Intel(R) > > > > > DRGN Software > > > > > +Implementation // Guide". Let's use the same > > value as > > > > > RDRAND in BaseRngLib. > > > > > +// > > > > > +#define RDSEED_RETRY_LIMIT 10 > > > > > + > > > > > +/** > > > > > + The constructor function checks whether or not > > > > > RDSEED instruction is > > > > > +supported > > > > > + by the host hardware. > > > > > + > > > > > + The constructor function checks whether or not > > > > > RDSEED instruction is supported. > > > > > + It will ASSERT() if RDSEED instruction is not > > > > > supported. > > > > > + > > > > > + @retval RETURN_SUCCESS The processor > > supports > > > > > RDSEED instruction. > > > > > + @retval RETURN_UNSUPPORTED RDSEED instruction > > is > > > > > not supported. > > > > > + > > > > > +**/ > > > > > +RETURN_STATUS > > > > > +EFIAPI > > > > > +RngLibRdSeedConstructor ( > > > > > + VOID > > > > > + ) > > > > > +{ > > > > > + UINT32 RegEbx; > > > > > + > > > > > + // > > > > > + // Determine RDSEED support by examining bit > > 18 of > > > > > the EBX register > > > > > + returned by // CPUID(EAX=7, ECX=0). BIT18 of > > EBX > > > > > indicates that > > > > > + processor support RDSEED // instruction. > > > > > + // > > > > > + AsmCpuidEx (7, 0, NULL, &RegEbx, NULL, NULL); > > if > > > > > ((RegEbx & > > > > > + RDSEED_MASK) != RDSEED_MASK) { > > > > > + ASSERT ((RegEbx & RDSEED_MASK) == > > RDSEED_MASK); > > > > > + return RETURN_UNSUPPORTED; > > > > > + } > > > > > + > > > > > + return RETURN_SUCCESS; > > > > > +} > > > > > + > > > > > +/** > > > > > + Generates a 16-bit random number. > > > > > + > > > > > + if Rand is NULL, then ASSERT(). > > > > > + > > > > > + @param[out] Rand Buffer pointer to store > > the 16- > > > > > bit random value. > > > > > + > > > > > + @retval TRUE Random number generated > > > > > successfully. > > > > > + @retval FALSE Failed to generate the > > random > > > > > number. > > > > > + > > > > > +**/ > > > > > +BOOLEAN > > > > > +EFIAPI > > > > > +GetRandomNumber16 ( > > > > > + OUT UINT16 *Rand > > > > > + ) > > > > > +{ > > > > > + UINT32 Index; > > > > > + > > > > > + ASSERT (Rand != NULL); > > > > > + > > > > > + // > > > > > + // A loop to fetch a 16 bit random value with > > a > > > > > retry count limit. > > > > > + // > > > > > + for (Index = 0; Index < RDSEED_RETRY_LIMIT; > > Index++) > > > > > { > > > > > + if (AsmRdSeed16 (Rand)) { > > > > > + return TRUE; > > > > > + } > > > > > + } > > > > > + > > > > > + return FALSE; > > > > > +} > > > > > + > > > > > +/** > > > > > + Generates a 32-bit random number. > > > > > + > > > > > + if Rand is NULL, then ASSERT(). > > > > > + > > > > > + @param[out] Rand Buffer pointer to store > > the 32- > > > > > bit random value. > > > > > + > > > > > + @retval TRUE Random number generated > > > > > successfully. > > > > > + @retval FALSE Failed to generate the > > random > > > > > number. > > > > > + > > > > > +**/ > > > > > +BOOLEAN > > > > > +EFIAPI > > > > > +GetRandomNumber32 ( > > > > > + OUT UINT32 *Rand > > > > > + ) > > > > > +{ > > > > > + UINT32 Index; > > > > > + > > > > > + ASSERT (Rand != NULL); > > > > > + > > > > > + // > > > > > + // A loop to fetch a 32 bit random value with > > a > > > > > retry count limit. > > > > > + // > > > > > + for (Index = 0; Index < RDSEED_RETRY_LIMIT; > > Index++) > > > > > { > > > > > + if (AsmRdSeed32 (Rand)) { > > > > > + return TRUE; > > > > > + } > > > > > + } > > > > > + > > > > > + return FALSE; > > > > > +} > > > > > + > > > > > +/** > > > > > + Generates a 64-bit random number. > > > > > + > > > > > + if Rand is NULL, then ASSERT(). > > > > > + > > > > > + @param[out] Rand Buffer pointer to store > > the 64- > > > > > bit random value. > > > > > + > > > > > + @retval TRUE Random number generated > > > > > successfully. > > > > > + @retval FALSE Failed to generate the > > random > > > > > number. > > > > > + > > > > > +**/ > > > > > +BOOLEAN > > > > > +EFIAPI > > > > > +GetRandomNumber64 ( > > > > > + OUT UINT64 *Rand > > > > > + ) > > > > > +{ > > > > > + UINT32 Index; > > > > > + > > > > > + ASSERT (Rand != NULL); > > > > > + > > > > > + // > > > > > + // A loop to fetch a 64 bit random value with > > a > > > > > retry count limit. > > > > > + // > > > > > + for (Index = 0; Index < RDSEED_RETRY_LIMIT; > > Index++) > > > > > { > > > > > + if (AsmRdSeed64 (Rand)) { > > > > > + return TRUE; > > > > > + } > > > > > + } > > > > > + > > > > > + return FALSE; > > > > > +} > > > > > + > > > > > +/** > > > > > + Generates a 128-bit random number. > > > > > + > > > > > + if Rand is NULL, then ASSERT(). > > > > > + > > > > > + @param[out] Rand Buffer pointer to store > > the > > > > > 128-bit random value. > > > > > + > > > > > + @retval TRUE Random number generated > > > > > successfully. > > > > > + @retval FALSE Failed to generate the > > random > > > > > number. > > > > > + > > > > > +**/ > > > > > +BOOLEAN > > > > > +EFIAPI > > > > > +GetRandomNumber128 ( > > > > > + OUT UINT64 *Rand > > > > > + ) > > > > > +{ > > > > > + ASSERT (Rand != NULL); > > > > > + > > > > > + // > > > > > + // Read first 64 bits > > > > > + // > > > > > + if (!GetRandomNumber64 (Rand)) { > > > > > + return FALSE; > > > > > + } > > > > > + > > > > > + // > > > > > + // Read second 64 bits > > > > > + // > > > > > + return GetRandomNumber64 (++Rand); } > > > > > -- > > > > > 2.17.1.windows.2 > > > > > > > > > > > > > > > > > > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#50728): https://edk2.groups.io/g/devel/message/50728 Mute This Topic: https://groups.io/mt/56714084/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
