Hello Jiewen,
We have the following dependency issue:
- the BaseRngTimerLib is in the MdePkg
- we need a GUID to describe the BaseRngTimerLib algorithm
- we cannot add the gEdkiiRngAlgorithmUnSafe in the MdePkg, and the gZeroGuid
is also not in the MdePkg
- the MdePkg should not have dependencies over other packages
As the BaseRngTimerLib is not really standard and should not be used in
production builds,
would you agree if it was moved to the MdeModulePkg or to the SecurityPkg (with
the gEdkiiRngAlgorithmUnSafe definition) ?
Regards,
Pierre
The issue we have
On 7/7/23 15:05, Yao, Jiewen wrote:
FYI: I filed https://bugzilla.tianocore.org/show_bug.cgi?id=4497 to track the
gEdkiiMemoryAcceptProtocolGuid issue.
Thank you
Yao, Jiewen
-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao, Jiewen
Sent: Friday, July 7, 2023 8:57 PM
To: Pierre Gondois <pierre.gond...@arm.com>; devel@edk2.groups.io
Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Gao, Liming
<gaolim...@byosoft.com.cn>; Liu, Zhiguang <zhiguang....@intel.com>; Wang,
Jian J <jian.j.w...@intel.com>; Ard Biesheuvel <ardb+tianoc...@kernel.org>;
Sami Mujawar <sami.muja...@arm.com>; Jose Marinho
<jose.mari...@arm.com>; Kun Qin <kuqi...@gmail.com>
Subject: Re: [edk2-devel] [PATCH v3 3/6] MdePkg/Rng: Add GUIDs to describe
Rng algorithms
I don’t think MdePkg should have Edkii- style protocol.
I am not sure why gEdkiiMemoryAcceptProtocolGuid is in MdePkg.
It should be in MdeModulePkg, IMHO.
Thank you
Yao, Jiewen
-----Original Message-----
From: Pierre Gondois <pierre.gond...@arm.com>
Sent: Friday, July 7, 2023 8:49 PM
To: devel@edk2.groups.io; Yao, Jiewen <jiewen....@intel.com>
Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Gao, Liming
<gaolim...@byosoft.com.cn>; Liu, Zhiguang <zhiguang....@intel.com>; Wang,
Jian J <jian.j.w...@intel.com>; Ard Biesheuvel <ardb+tianoc...@kernel.org>;
Sami Mujawar <sami.muja...@arm.com>; Jose Marinho
<jose.mari...@arm.com>; Kun Qin <kuqi...@gmail.com>
Subject: Re: [edk2-devel] [PATCH v3 3/6] MdePkg/Rng: Add GUIDs to describe
Rng algorithms
Hello Jiewen,
The gEfiRngAlgorithmArmRndr GUID is to be added to the UEFI spec with:
- https://bugzilla.tianocore.org/show_bug.cgi?id=4441
- https://mantis.uefi.org/mantis/view.php?id=2386
the gEdkiiMemoryAcceptProtocolGuid GUID should not be in the UEFI spec,
so I used the 'gEdkii' prefix as already used in MdePkg.dec for:
- gEdkiiMemoryAcceptProtocolGuid
Regards,
Pierre
On 7/7/23 11:14, Yao, Jiewen via groups.io wrote:
MdePkg can only add UEFI defined API.
Is below defined by UEFI?
Thank you
Yao, Jiewen
-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of
PierreGondois
Sent: Thursday, July 6, 2023 4:52 PM
To: devel@edk2.groups.io
Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Gao, Liming
<gaolim...@byosoft.com.cn>; Liu, Zhiguang <zhiguang....@intel.com>;
Yao,
Jiewen <jiewen....@intel.com>; Wang, Jian J <jian.j.w...@intel.com>;
Ard
Biesheuvel <ardb+tianoc...@kernel.org>; Sami Mujawar
<sami.muja...@arm.com>; Jose Marinho <jose.mari...@arm.com>; Kun
Qin
<kuqi...@gmail.com>
Subject: [edk2-devel] [PATCH v3 3/6] MdePkg/Rng: Add GUIDs to describe
Rng
algorithms
From: Pierre Gondois <pierre.gond...@arm.com>
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4441
The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has multiple
implementations, some of them are unsafe (e.g. BaseRngLibTimerLib).
To allow the RngDxe to detect when such implementation is used,
a GetRngGuid() function is added in a following patch.
Prepare GetRngGuid() return values and add GUIDs describing
Rng algorithms:
- gEfiRngAlgorithmArmRndr
to describe a Rng algorithm accessed through Arm's RNDR instruction.
[1] states that the implementation of this algorithm should be
compliant to NIST SP900-80. The compliance is not guaranteed.
- gEdkiiRngAlgorithmUnSafe
to describe an unsafe implementation, cf. the BaseRngLibTimerLib.
[1] Arm Architecture Reference Manual Armv8, for A-profile architecture
sK12.1 'Properties of the generated random number'
Signed-off-by: Pierre Gondois <pierre.gond...@arm.com>
Reviewed-by: Sami Mujawar <sami.muja...@arm.com>
---
MdePkg/Include/Protocol/Rng.h | 20 ++++++++++++++++++++
MdePkg/MdePkg.dec | 2 ++
2 files changed, 22 insertions(+)
diff --git a/MdePkg/Include/Protocol/Rng.h
b/MdePkg/Include/Protocol/Rng.h
index baf425587b3c..ceae77ba9c73 100644
--- a/MdePkg/Include/Protocol/Rng.h
+++ b/MdePkg/Include/Protocol/Rng.h
@@ -67,6 +67,24 @@ typedef EFI_GUID EFI_RNG_ALGORITHM;
{ \
0xe43176d7, 0xb6e8, 0x4827, {0xb7, 0x84, 0x7f, 0xfd, 0xc4, 0xb6, 0x85,
0x61 }
\
}
+///
+/// The Arm Architecture states the RNDR that the DRBG algorithm should
be
compliant
+/// with NIST SP800-90A, while not mandating a particular algorithm, so as
to
be
+/// inclusive of different geographies.
+///
+#define EFI_RNG_ALGORITHM_ARM_RNDR \
+ { \
+ 0x43d2fde3, 0x9d4e, 0x4d79, {0x02, 0x96, 0xa8, 0x9b, 0xca, 0x78, 0x08,
0x41} \
+ }
+///
+/// The implementation of a Random Number Generator might be unsafe,
when using
+/// a dummy implementation for instance. Allow identifying such
implementation
+/// with this GUID.
+///
+#define EDKII_RNG_ALGORITHM_UNSAFE \
+ { \
+ 0x869f728c, 0x409d, 0x4ab4, {0xac, 0x03, 0x71, 0xd3, 0x09, 0xc1, 0xb3,
0xf4 } \
+ }
/**
Returns information about the random number generation
implementation.
@@ -146,5 +164,7 @@ extern EFI_GUID
gEfiRngAlgorithmSp80090Ctr256Guid;
extern EFI_GUID gEfiRngAlgorithmX9313DesGuid;
extern EFI_GUID gEfiRngAlgorithmX931AesGuid;
extern EFI_GUID gEfiRngAlgorithmRaw;
+extern EFI_GUID gEfiRngAlgorithmArmRndr;
+extern EFI_GUID gEdkiiRngAlgorithmUnSafe;
#endif
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index 5b8477f4cb8f..2c8f985f253e 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -643,6 +643,8 @@ [Guids]
gEfiRngAlgorithmX9313DesGuid = { 0x63c4785a, 0xca34, 0x4012,
{0xa3,
0xc8, 0x0b, 0x6a, 0x32, 0x4f, 0x55, 0x46 }}
gEfiRngAlgorithmX931AesGuid = { 0xacd03321, 0x777e, 0x4d3d,
{0xb1,
0xc8, 0x20, 0xcf, 0xd8, 0x88, 0x20, 0xc9 }}
gEfiRngAlgorithmRaw = { 0xe43176d7, 0xb6e8, 0x4827, {0xb7,
0x84,
0x7f, 0xfd, 0xc4, 0xb6, 0x85, 0x61 }}
+ gEfiRngAlgorithmArmRndr = { 0x43d2fde3, 0x9d4e, 0x4d79, {0x02,
0x96,
0xa8, 0x9b, 0xca, 0x78, 0x08, 0x41 }}
+ gEdkiiRngAlgorithmUnSafe = { 0x869f728c, 0x409d, 0x4ab4, {0xac,
0x03,
0x71, 0xd3, 0x09, 0xc1, 0xb3, 0xf4 }}
## Include/Protocol/AdapterInformation.h
gEfiAdapterInfoMediaStateGuid = { 0xD7C74207, 0xA831, 0x4A26,
{0xB1,
0xF5, 0xD1, 0x93, 0x06, 0x5C, 0xE8, 0xB6 }}
--
2.25.1
-=-=-=-=-=-=
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#106688):
https://edk2.groups.io/g/devel/message/106688
Mute This Topic: https://groups.io/mt/99981855/1772286
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [jiewen....@intel.com]
-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#106737): https://edk2.groups.io/g/devel/message/106737
Mute This Topic: https://groups.io/mt/99981855/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
