Re: [edk2-devel] [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng algorithms

Tue, 06 Jun 2023 09:10:11 -0700 

Hello,
The mantis ticket (created by Jose Marinho) is available at:
https://mantis.uefi.org/mantis/view.php?id=2386

Also, are there any comments on the patch-set ?

Regards,
Pierre

On 5/9/23 15:50, Samer El-Haj-Mahmoud wrote:

Hi Jiewen,

There is an open ECR for UEFI spec review: 
https://bugzilla.tianocore.org/show_bug.cgi?id=4441. These patches can wait on 
the list until the ECR is reviewed by UEFI Forum and the decision is documented 
in the BZ. If approved, then the code patches should be able to proceed.

Thanks,
--Samer




-----Original Message-----
From: Yao, Jiewen <jiewen....@intel.com>
Sent: Tuesday, May 9, 2023 9:46 AM
To: Pierre Gondois <pierre.gond...@arm.com>; devel@edk2.groups.io
Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Gao, Liming
<gaolim...@byosoft.com.cn>; Liu, Zhiguang <zhiguang....@intel.com>; Wang,
Jian J <jian.j.w...@intel.com>; Ard Biesheuvel <ardb+tianoc...@kernel.org>;
Sami Mujawar <sami.muja...@arm.com>; Jose Marinho
<jose.mari...@arm.com>; Samer El-Haj-Mahmoud <Samer.El-Haj-
mahm...@arm.com>
Subject: RE: [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng algorithms

Is this defined in UEFI spec? or approved in future UEFI spec?


-----Original Message-----
From: pierre.gond...@arm.com <pierre.gond...@arm.com>
Sent: Tuesday, May 9, 2023 3:41 PM
To: devel@edk2.groups.io
Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Gao, Liming
<gaolim...@byosoft.com.cn>; Liu, Zhiguang <zhiguang....@intel.com>; Yao,
Jiewen <jiewen....@intel.com>; Wang, Jian J <jian.j.w...@intel.com>; Ard
Biesheuvel <ardb+tianoc...@kernel.org>; Sami Mujawar
<sami.muja...@arm.com>; Jose Marinho <jose.mari...@arm.com>;
Samer El-Haj-Mahmoud <samer.el-haj-mahm...@arm.com>
Subject: [PATCH v1 4/8] MdePkg/Rng: Add GUIDs to describe Rng algorithms

From: Pierre Gondois <pierre.gond...@arm.com>

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4441

The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has multiple
implementations, some of them are unsafe (e.g. BaseRngLibTimerLib).
To allow the RngDxe to detect when such implementation is used,
a GetRngGuid() function is added in a following patch.

Prepare GetRngGuid() return values and add GUIDs describing
Rng algorithms:
- gEfiRngAlgorithmArmRndr
to describe a Rng algorithm accessed through Arm's RNDR instruction.
[1] states that the implementation of this algorithm should be
compliant to NIST SP900-80. The compliance is not guaranteed.
- gEfiRngAlgorithmUnSafe
to describe an unsafe implementation, cf. the BaseRngLibTimerLib.

[1] Arm Architecture Reference Manual Armv8, for A-profile architecture
sK12.1 'Properties of the generated random number'

Signed-off-by: Pierre Gondois <pierre.gond...@arm.com>
---
  MdePkg/Include/Protocol/Rng.h | 20 ++++++++++++++++++++
  MdePkg/MdePkg.dec             |  2 ++
  2 files changed, 22 insertions(+)

diff --git a/MdePkg/Include/Protocol/Rng.h
b/MdePkg/Include/Protocol/Rng.h
index baf425587b3c..dfdaf36e41dc 100644
--- a/MdePkg/Include/Protocol/Rng.h
+++ b/MdePkg/Include/Protocol/Rng.h
@@ -67,6 +67,24 @@ typedef EFI_GUID EFI_RNG_ALGORITHM;
    { \
      0xe43176d7, 0xb6e8, 0x4827, {0xb7, 0x84, 0x7f, 0xfd, 0xc4, 0xb6, 0x85,
0x61 } \
    }
+///
+/// The Arm Architecture states the RNDR that the DRBG algorithm should
be compliant
+/// with NIST SP800-90A, while not mandating a particular algorithm, so as
to be
+/// inclusive of different geographies.
+///
+#define EFI_RNG_ALGORITHM_ARM_RNDR \
+  { \
+    0x43d2fde3, 0x9d4e, 0x4d79,  {0x02, 0x96, 0xa8, 0x9b, 0xca, 0x78, 0x08,
0x41} \
+  }
+///
+/// The implementation of a Random Number Generator might be unsafe,
when using
+/// a dummy implementation for instance. Allow identifying such
implementation
+/// with this GUID.
+///
+#define EFI_RNG_ALGORITHM_UNSAFE \
+  { \
+    0x869f728c, 0x409d, 0x4ab4, {0xac, 0x03, 0x71, 0xd3, 0x09, 0xc1, 0xb3,
0xf4 } \
+  }

  /**
    Returns information about the random number generation implementation.
@@ -146,5 +164,7 @@ extern EFI_GUID
gEfiRngAlgorithmSp80090Ctr256Guid;
  extern EFI_GUID  gEfiRngAlgorithmX9313DesGuid;
  extern EFI_GUID  gEfiRngAlgorithmX931AesGuid;
  extern EFI_GUID  gEfiRngAlgorithmRaw;
+extern EFI_GUID  gEfiRngAlgorithmArmRndr;
+extern EFI_GUID  gEfiRngAlgorithmUnSafe;

  #endif
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index 0ecfad5795e4..754085eaa55b 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -633,6 +633,8 @@ [Guids]
    gEfiRngAlgorithmX9313DesGuid       = { 0x63c4785a, 0xca34, 0x4012, {0xa3,
0xc8, 0x0b, 0x6a, 0x32, 0x4f, 0x55, 0x46 }}
    gEfiRngAlgorithmX931AesGuid        = { 0xacd03321, 0x777e, 0x4d3d, {0xb1,
0xc8, 0x20, 0xcf, 0xd8, 0x88, 0x20, 0xc9 }}
    gEfiRngAlgorithmRaw                = { 0xe43176d7, 0xb6e8, 0x4827, {0xb7,
0x84, 0x7f, 0xfd, 0xc4, 0xb6, 0x85, 0x61 }}
+  gEfiRngAlgorithmArmRndr            = { 0x43d2fde3, 0x9d4e, 0x4d79, {0x02,
0x96, 0xa8, 0x9b, 0xca, 0x78, 0x08, 0x41 }}
+  gEfiRngAlgorithmUnSafe             = { 0x869f728c, 0x409d, 0x4ab4, {0xac,
0x03, 0x71, 0xd3, 0x09, 0xc1, 0xb3, 0xf4 }}

    ## Include/Protocol/AdapterInformation.h
    gEfiAdapterInfoMediaStateGuid       = { 0xD7C74207, 0xA831, 0x4A26,
{0xB1, 0xF5, 0xD1, 0x93, 0x06, 0x5C, 0xE8, 0xB6 }}
--
2.25.1





-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#105806): https://edk2.groups.io/g/devel/message/105806
Mute This Topic: https://groups.io/mt/98779041/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to