Pierre: Another option is to define two PCD for Rng algorithm in MdePkg. One PCD value is ArmRndr GUID, another is UnSafe GUID. This way can also resolve the package dependency.
Thanks Liming > -----邮件原件----- > 发件人: devel@edk2.groups.io <devel@edk2.groups.io> 代表 Yao, Jiewen > 发送时间: 2023年7月7日 22:34 > 收件人: devel@edk2.groups.io; Yao, Jiewen <jiewen....@intel.com>; Pierre > Gondois <pierre.gond...@arm.com> > 抄送: Kinney, Michael D <michael.d.kin...@intel.com>; Gao, Liming > <gaolim...@byosoft.com.cn>; Liu, Zhiguang <zhiguang....@intel.com>; Wang, > Jian J <jian.j.w...@intel.com>; Ard Biesheuvel <ardb+tianoc...@kernel.org>; > Sami Mujawar <sami.muja...@arm.com>; Jose Marinho > <jose.mari...@arm.com>; Kun Qin <kuqi...@gmail.com> > 主题: Re: [edk2-devel] [PATCH v3 3/6] MdePkg/Rng: Add GUIDs to describe > Rng algorithms > > I think a better way is to define a new library instance in other package with > the new ARM APIs. > The old one can be kept as is. > > That will limit the impact to existing platform. > > > > > -----Original Message----- > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao, > Jiewen > > Sent: Friday, July 7, 2023 10:28 PM > > To: Pierre Gondois <pierre.gond...@arm.com>; devel@edk2.groups.io > > Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Gao, Liming > > <gaolim...@byosoft.com.cn>; Liu, Zhiguang <zhiguang....@intel.com>; > Wang, > > Jian J <jian.j.w...@intel.com>; Ard Biesheuvel > <ardb+tianoc...@kernel.org>; > > Sami Mujawar <sami.muja...@arm.com>; Jose Marinho > > <jose.mari...@arm.com>; Kun Qin <kuqi...@gmail.com> > > Subject: Re: [edk2-devel] [PATCH v3 3/6] MdePkg/Rng: Add GUIDs to > describe > > Rng algorithms > > > > Thanks Pierre. > > Yes, I agree to move it to other package to resolve dependency issue. > > > > > -----Original Message----- > > > From: Pierre Gondois <pierre.gond...@arm.com> > > > Sent: Friday, July 7, 2023 10:25 PM > > > To: Yao, Jiewen <jiewen....@intel.com>; devel@edk2.groups.io > > > Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Gao, Liming > > > <gaolim...@byosoft.com.cn>; Liu, Zhiguang <zhiguang....@intel.com>; > Wang, > > > Jian J <jian.j.w...@intel.com>; Ard Biesheuvel > <ardb+tianoc...@kernel.org>; > > > Sami Mujawar <sami.muja...@arm.com>; Jose Marinho > > > <jose.mari...@arm.com>; Kun Qin <kuqi...@gmail.com> > > > Subject: Re: [edk2-devel] [PATCH v3 3/6] MdePkg/Rng: Add GUIDs to > describe > > > Rng algorithms > > > > > > Hello Jiewen, > > > > > > We have the following dependency issue: > > > - the BaseRngTimerLib is in the MdePkg > > > - we need a GUID to describe the BaseRngTimerLib algorithm > > > - we cannot add the gEdkiiRngAlgorithmUnSafe in the MdePkg, and the > > > gZeroGuid is also not in the MdePkg > > > - the MdePkg should not have dependencies over other packages > > > > > > As the BaseRngTimerLib is not really standard and should not be used in > > > production builds, > > > would you agree if it was moved to the MdeModulePkg or to the > SecurityPkg > > > (with the gEdkiiRngAlgorithmUnSafe definition) ? > > > > > > Regards, > > > Pierre > > > > > > > > > The issue we have > > > > > > On 7/7/23 15:05, Yao, Jiewen wrote: > > > > FYI: I filed https://bugzilla.tianocore.org/show_bug.cgi?id=4497 to > > > > track > the > > > gEdkiiMemoryAcceptProtocolGuid issue. > > > > > > > > Thank you > > > > Yao, Jiewen > > > > > > > > > > > >> -----Original Message----- > > > >> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of > Yao, > > > Jiewen > > > >> Sent: Friday, July 7, 2023 8:57 PM > > > >> To: Pierre Gondois <pierre.gond...@arm.com>; devel@edk2.groups.io > > > >> Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Gao, Liming > > > >> <gaolim...@byosoft.com.cn>; Liu, Zhiguang <zhiguang....@intel.com>; > > > Wang, > > > >> Jian J <jian.j.w...@intel.com>; Ard Biesheuvel > > > <ardb+tianoc...@kernel.org>; > > > >> Sami Mujawar <sami.muja...@arm.com>; Jose Marinho > > > >> <jose.mari...@arm.com>; Kun Qin <kuqi...@gmail.com> > > > >> Subject: Re: [edk2-devel] [PATCH v3 3/6] MdePkg/Rng: Add GUIDs to > > > describe > > > >> Rng algorithms > > > >> > > > >> I don’t think MdePkg should have Edkii- style protocol. > > > >> > > > >> I am not sure why gEdkiiMemoryAcceptProtocolGuid is in MdePkg. > > > >> It should be in MdeModulePkg, IMHO. > > > >> > > > >> Thank you > > > >> Yao, Jiewen > > > >> > > > >>> -----Original Message----- > > > >>> From: Pierre Gondois <pierre.gond...@arm.com> > > > >>> Sent: Friday, July 7, 2023 8:49 PM > > > >>> To: devel@edk2.groups.io; Yao, Jiewen <jiewen....@intel.com> > > > >>> Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Gao, Liming > > > >>> <gaolim...@byosoft.com.cn>; Liu, Zhiguang > <zhiguang....@intel.com>; > > > Wang, > > > >>> Jian J <jian.j.w...@intel.com>; Ard Biesheuvel > > > <ardb+tianoc...@kernel.org>; > > > >>> Sami Mujawar <sami.muja...@arm.com>; Jose Marinho > > > >>> <jose.mari...@arm.com>; Kun Qin <kuqi...@gmail.com> > > > >>> Subject: Re: [edk2-devel] [PATCH v3 3/6] MdePkg/Rng: Add GUIDs to > > > describe > > > >>> Rng algorithms > > > >>> > > > >>> Hello Jiewen, > > > >>> > > > >>> The gEfiRngAlgorithmArmRndr GUID is to be added to the UEFI spec > with: > > > >>> - https://bugzilla.tianocore.org/show_bug.cgi?id=4441 > > > >>> - https://mantis.uefi.org/mantis/view.php?id=2386 > > > >>> > > > >>> the gEdkiiMemoryAcceptProtocolGuid GUID should not be in the UEFI > > spec, > > > >>> so I used the 'gEdkii' prefix as already used in MdePkg.dec for: > > > >>> - gEdkiiMemoryAcceptProtocolGuid > > > >>> > > > >>> Regards, > > > >>> Pierre > > > >>> > > > >>> On 7/7/23 11:14, Yao, Jiewen via groups.io wrote: > > > >>>> MdePkg can only add UEFI defined API. > > > >>>> > > > >>>> Is below defined by UEFI? > > > >>>> > > > >>>> Thank you > > > >>>> Yao, Jiewen > > > >>>> > > > >>>> > > > >>>> > > > >>>>> -----Original Message----- > > > >>>>> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of > > > >>>>> PierreGondois > > > >>>>> Sent: Thursday, July 6, 2023 4:52 PM > > > >>>>> To: devel@edk2.groups.io > > > >>>>> Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Gao, Liming > > > >>>>> <gaolim...@byosoft.com.cn>; Liu, Zhiguang > <zhiguang....@intel.com>; > > > >> Yao, > > > >>>>> Jiewen <jiewen....@intel.com>; Wang, Jian J > <jian.j.w...@intel.com>; > > > >> Ard > > > >>>>> Biesheuvel <ardb+tianoc...@kernel.org>; Sami Mujawar > > > >>>>> <sami.muja...@arm.com>; Jose Marinho > <jose.mari...@arm.com>; > > > Kun > > > >>> Qin > > > >>>>> <kuqi...@gmail.com> > > > >>>>> Subject: [edk2-devel] [PATCH v3 3/6] MdePkg/Rng: Add GUIDs to > > describe > > > >>> Rng > > > >>>>> algorithms > > > >>>>> > > > >>>>> From: Pierre Gondois <pierre.gond...@arm.com> > > > >>>>> > > > >>>>> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4441 > > > >>>>> > > > >>>>> The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has > > multiple > > > >>>>> implementations, some of them are unsafe (e.g. > BaseRngLibTimerLib). > > > >>>>> To allow the RngDxe to detect when such implementation is used, > > > >>>>> a GetRngGuid() function is added in a following patch. > > > >>>>> > > > >>>>> Prepare GetRngGuid() return values and add GUIDs describing > > > >>>>> Rng algorithms: > > > >>>>> - gEfiRngAlgorithmArmRndr > > > >>>>> to describe a Rng algorithm accessed through Arm's RNDR > instruction. > > > >>>>> [1] states that the implementation of this algorithm should be > > > >>>>> compliant to NIST SP900-80. The compliance is not guaranteed. > > > >>>>> - gEdkiiRngAlgorithmUnSafe > > > >>>>> to describe an unsafe implementation, cf. the BaseRngLibTimerLib. > > > >>>>> > > > >>>>> [1] Arm Architecture Reference Manual Armv8, for A-profile > > architecture > > > >>>>> sK12.1 'Properties of the generated random number' > > > >>>>> > > > >>>>> Signed-off-by: Pierre Gondois <pierre.gond...@arm.com> > > > >>>>> Reviewed-by: Sami Mujawar <sami.muja...@arm.com> > > > >>>>> --- > > > >>>>> MdePkg/Include/Protocol/Rng.h | 20 ++++++++++++++++++++ > > > >>>>> MdePkg/MdePkg.dec | 2 ++ > > > >>>>> 2 files changed, 22 insertions(+) > > > >>>>> > > > >>>>> diff --git a/MdePkg/Include/Protocol/Rng.h > > > >>> b/MdePkg/Include/Protocol/Rng.h > > > >>>>> index baf425587b3c..ceae77ba9c73 100644 > > > >>>>> --- a/MdePkg/Include/Protocol/Rng.h > > > >>>>> +++ b/MdePkg/Include/Protocol/Rng.h > > > >>>>> @@ -67,6 +67,24 @@ typedef EFI_GUID EFI_RNG_ALGORITHM; > > > >>>>> { \ > > > >>>>> 0xe43176d7, 0xb6e8, 0x4827, {0xb7, 0x84, 0x7f, 0xfd, > 0xc4, 0xb6, > > > 0x85, > > > >>> 0x61 } > > > >>>>> \ > > > >>>>> } > > > >>>>> +/// > > > >>>>> +/// The Arm Architecture states the RNDR that the DRBG > algorithm > > > should > > > >>> be > > > >>>>> compliant > > > >>>>> +/// with NIST SP800-90A, while not mandating a particular > algorithm, > > so > > > as > > > >>> to > > > >>>>> be > > > >>>>> +/// inclusive of different geographies. > > > >>>>> +/// > > > >>>>> +#define EFI_RNG_ALGORITHM_ARM_RNDR \ > > > >>>>> + { \ > > > >>>>> + 0x43d2fde3, 0x9d4e, 0x4d79, {0x02, 0x96, 0xa8, 0x9b, 0xca, > 0x78, > > > 0x08, > > > >>>>> 0x41} \ > > > >>>>> + } > > > >>>>> +/// > > > >>>>> +/// The implementation of a Random Number Generator might be > > > unsafe, > > > >>>>> when using > > > >>>>> +/// a dummy implementation for instance. Allow identifying such > > > >>>>> implementation > > > >>>>> +/// with this GUID. > > > >>>>> +/// > > > >>>>> +#define EDKII_RNG_ALGORITHM_UNSAFE \ > > > >>>>> + { \ > > > >>>>> + 0x869f728c, 0x409d, 0x4ab4, {0xac, 0x03, 0x71, 0xd3, 0x09, > 0xc1, > > > 0xb3, > > > >>>>> 0xf4 } \ > > > >>>>> + } > > > >>>>> > > > >>>>> /** > > > >>>>> Returns information about the random number generation > > > >> implementation. > > > >>>>> @@ -146,5 +164,7 @@ extern EFI_GUID > > > >>> gEfiRngAlgorithmSp80090Ctr256Guid; > > > >>>>> extern EFI_GUID gEfiRngAlgorithmX9313DesGuid; > > > >>>>> extern EFI_GUID gEfiRngAlgorithmX931AesGuid; > > > >>>>> extern EFI_GUID gEfiRngAlgorithmRaw; > > > >>>>> +extern EFI_GUID gEfiRngAlgorithmArmRndr; > > > >>>>> +extern EFI_GUID gEdkiiRngAlgorithmUnSafe; > > > >>>>> > > > >>>>> #endif > > > >>>>> diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec > > > >>>>> index 5b8477f4cb8f..2c8f985f253e 100644 > > > >>>>> --- a/MdePkg/MdePkg.dec > > > >>>>> +++ b/MdePkg/MdePkg.dec > > > >>>>> @@ -643,6 +643,8 @@ [Guids] > > > >>>>> gEfiRngAlgorithmX9313DesGuid = { 0x63c4785a, > 0xca34, 0x4012, > > > >> {0xa3, > > > >>>>> 0xc8, 0x0b, 0x6a, 0x32, 0x4f, 0x55, 0x46 }} > > > >>>>> gEfiRngAlgorithmX931AesGuid = { 0xacd03321, > 0x777e, 0x4d3d, > > > >> {0xb1, > > > >>>>> 0xc8, 0x20, 0xcf, 0xd8, 0x88, 0x20, 0xc9 }} > > > >>>>> gEfiRngAlgorithmRaw = { 0xe43176d7, > 0xb6e8, 0x4827, > > {0xb7, > > > >>> 0x84, > > > >>>>> 0x7f, 0xfd, 0xc4, 0xb6, 0x85, 0x61 }} > > > >>>>> + gEfiRngAlgorithmArmRndr = { 0x43d2fde3, > 0x9d4e, 0x4d79, > > > {0x02, > > > >>> 0x96, > > > >>>>> 0xa8, 0x9b, 0xca, 0x78, 0x08, 0x41 }} > > > >>>>> + gEdkiiRngAlgorithmUnSafe = { 0x869f728c, 0x409d, > 0x4ab4, > > {0xac, > > > >>> 0x03, > > > >>>>> 0x71, 0xd3, 0x09, 0xc1, 0xb3, 0xf4 }} > > > >>>>> > > > >>>>> ## Include/Protocol/AdapterInformation.h > > > >>>>> gEfiAdapterInfoMediaStateGuid = { 0xD7C74207, > 0xA831, 0x4A26, > > > >>> {0xB1, > > > >>>>> 0xF5, 0xD1, 0x93, 0x06, 0x5C, 0xE8, 0xB6 }} > > > >>>>> -- > > > >>>>> 2.25.1 > > > >>>>> > > > >>>>> > > > >>>>> > > > >>>>> -=-=-=-=-=-= > > > >>>>> Groups.io Links: You receive all messages sent to this group. > > > >>>>> View/Reply Online (#106688): > > > >>> https://edk2.groups.io/g/devel/message/106688 > > > >>>>> Mute This Topic: https://groups.io/mt/99981855/1772286 > > > >>>>> Group Owner: devel+ow...@edk2.groups.io > > > >>>>> Unsubscribe: https://edk2.groups.io/g/devel/unsub > > > [jiewen....@intel.com] > > > >>>>> -=-=-=-=-=-= > > > >>>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >> > > > >> > > > >> > > > >> > > > > > > > > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#106751): https://edk2.groups.io/g/devel/message/106751 Mute This Topic: https://groups.io/mt/100050641/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
