tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SecurityPkg/RngDxe: Use GetRngGuid() when probing RngLib 

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4151

The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has multiple
implementations, some of them are unsafe (e.g. BaseRngLibTimerLib).
To allow the RngDxe to detect when such implementation is used,
a GetRngGuid() function was added in a previous patch.

The EFI_RNG_PROTOCOL can advertise multiple algorithms through
Guids. The PcdCpuRngSupportedAlgorithm is currently used to
advertise the RngLib in the Arm implementation.

The issues of doing that are:
- the RngLib implementation might not use CPU instructions,
  cf. the BaseRngLibTimerLib
- most platforms don't set PcdCpuRngSupportedAlgorithm

A GetRngGuid() was added to the RngLib in a previous patch,
allowing to identify the algorithm implemented by the RngLib.
Make use of this function and place the unsage algorithm
at the last position in the mAvailableAlgoArray.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Tested-by: Kun Qin <kun.qin@microsoft.com>
This commit is contained in:
Pierre Gondois 2023-08-11 16:33:09 +02:00 committed by mergify[bot]
parent 5443c2dc31
commit 19438cff97
3 changed files with 44 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c
View File

@ -10,6 +10,8 @@
#include <Library/DebugLib.h> #include <Library/DebugLib.h>
#include <Library/MemoryAllocationLib.h> #include <Library/MemoryAllocationLib.h>
#include <Library/ArmTrngLib.h> #include <Library/ArmTrngLib.h>
#include <Library/RngLib.h>
#include <Guid/RngAlgorithm.h>
#include "RngDxeInternals.h" #include "RngDxeInternals.h"
@ -28,9 +30,13 @@ GetAvailableAlgorithms (
VOID VOID
) )
{ {
UINT64 DummyRand; EFI_STATUS Status;
UINT16 MajorRevision; UINT16 MajorRevision;
UINT16 MinorRevision; UINT16 MinorRevision;
GUID RngGuid;
BOOLEAN UnSafeAlgo;
UnSafeAlgo = FALSE;
// Rng algorithms 2 times, one for the allocation, one to populate. // Rng algorithms 2 times, one for the allocation, one to populate.
mAvailableAlgoArray = AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX); mAvailableAlgoArray = AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX);
@ -38,24 +44,29 @@ GetAvailableAlgorithms (
return EFI_OUT_OF_RESOURCES; return EFI_OUT_OF_RESOURCES;
} }
// Check RngGetBytes() before advertising PcdCpuRngSupportedAlgorithm. // Identify RngLib algorithm.
if (!EFI_ERROR (RngGetBytes (sizeof (DummyRand), (UINT8 *)&DummyRand))) { Status = GetRngGuid (&RngGuid);
CopyMem ( if (!EFI_ERROR (Status)) {
&mAvailableAlgoArray[mAvailableAlgoArrayCount], if (IsZeroGuid (&RngGuid) ||
PcdGetPtr (PcdCpuRngSupportedAlgorithm), CompareGuid (&RngGuid, &gEdkiiRngAlgorithmUnSafe))
sizeof (EFI_RNG_ALGORITHM) {
); // Treat zero GUID as an unsafe algorithm
mAvailableAlgoArrayCount++;
DEBUG_CODE_BEGIN ();
if (IsZeroGuid (PcdGetPtr (PcdCpuRngSupportedAlgorithm))) {
DEBUG (( DEBUG ((
DEBUG_WARN, DEBUG_WARN,
"PcdCpuRngSupportedAlgorithm should be a non-zero GUID\n" "RngLib uses an Unsafe algorithm and "
"must not be used for production builds.\n"
)); ));
// Set the UnSafeAlgo flag to indicate an unsafe algorithm was found
// so that it can be added at the end of the algorithm list.
UnSafeAlgo = TRUE;
} else {
CopyMem (
&mAvailableAlgoArray[mAvailableAlgoArrayCount],
&RngGuid,
sizeof (RngGuid)
);
mAvailableAlgoArrayCount++;
} }
DEBUG_CODE_END ();
} }
// Raw algorithm (Trng) // Raw algorithm (Trng)
@ -68,5 +79,15 @@ GetAvailableAlgorithms (
mAvailableAlgoArrayCount++; mAvailableAlgoArrayCount++;
} }
// Add unsafe algorithm at the end of the list.
if (UnSafeAlgo) {
CopyMem (
&mAvailableAlgoArray[mAvailableAlgoArrayCount],
&gEdkiiRngAlgorithmUnSafe,
sizeof (EFI_RNG_ALGORITHM)
);
mAvailableAlgoArrayCount++;
}
return EFI_SUCCESS; return EFI_SUCCESS;
} }

6
SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c
View File

@ -78,6 +78,7 @@ RngGetRNG (
{ {
EFI_STATUS Status; EFI_STATUS Status;
UINTN Index; UINTN Index;
GUID RngGuid;
if ((This == NULL) || (RNGValueLength == 0) || (RNGValue == NULL)) { if ((This == NULL) || (RNGValueLength == 0) || (RNGValue == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
@ -102,7 +103,10 @@ RngGetRNG (
} }
FoundAlgo: FoundAlgo:
if (CompareGuid (RNGAlgorithm, PcdGetPtr (PcdCpuRngSupportedAlgorithm))) { Status = GetRngGuid (&RngGuid);
if (!EFI_ERROR (Status) &&
CompareGuid (RNGAlgorithm, &RngGuid))
{
Status = RngGetBytes (RNGValueLength, RNGValue); Status = RngGetBytes (RNGValueLength, RNGValue);
return Status; return Status;
} }

4
SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
View File

@ -75,13 +75,11 @@
gEfiRngAlgorithmX9313DesGuid ## SOMETIMES_PRODUCES ## GUID # Unique ID of the algorithm for RNG gEfiRngAlgorithmX9313DesGuid ## SOMETIMES_PRODUCES ## GUID # Unique ID of the algorithm for RNG
gEfiRngAlgorithmX931AesGuid ## SOMETIMES_PRODUCES ## GUID # Unique ID of the algorithm for RNG gEfiRngAlgorithmX931AesGuid ## SOMETIMES_PRODUCES ## GUID # Unique ID of the algorithm for RNG
gEfiRngAlgorithmRaw ## SOMETIMES_PRODUCES ## GUID # Unique ID of the algorithm for RNG gEfiRngAlgorithmRaw ## SOMETIMES_PRODUCES ## GUID # Unique ID of the algorithm for RNG
gEdkiiRngAlgorithmUnSafe ## SOMETIMES_PRODUCES ## GUID # Unique ID of the algorithm for RNG
[Protocols] [Protocols]
gEfiRngProtocolGuid ## PRODUCES gEfiRngProtocolGuid ## PRODUCES
[Pcd.AARCH64]
gEfiMdePkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm ## CONSUMES
[Depex] [Depex]
TRUE TRUE