tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MdeModulePkg: Duplicate BaseRngLibTimerLib to MdeModulePkg 

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4504

The BaseRngLibTimerLib allows to generate number based on a timer.
This mechanism allows to have a basic non-secure implementation
for non-production platforms.
To bind and identify Random Number Generators implementations with
a GUID, an unsafe GUID should be added. This GUID cannot be added
to the MdePkg unless it is also added to a specification.

To keep the MdePkg self-contained, copy the BaseRngLibTimerLib to
the MdeModulePkg. This will allow to define an unsafe Rng GUID
in a later patch in the MdeModulePkg.

The MdePkg implementation will be removed later. This allows to give
some time to platform owners to switch to the MdeModulePkg
implementation.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Tested-by: Kun Qin <kun.qin@microsoft.com>
This commit is contained in:
Pierre Gondois 2023-08-11 16:33:02 +02:00 committed by mergify[bot]
parent 2ce5ae43c2
commit 2f981bddcb
19 changed files with 262 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ArmVirtPkg/ArmVirt.dsc.inc
View File

@ -154,7 +154,7 @@
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
!endif
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
#
# Secure Boot dependencies

2
EmulatorPkg/EmulatorPkg.dsc
View File

@ -128,7 +128,7 @@
FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
PlatformSecureLib|SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf

36
MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf Normal file
View File

@ -0,0 +1,36 @@
## @file
# Instance of RNG (Random Number Generator) Library.
#
# BaseRng Library that uses the TimerLib to provide reasonably random numbers.
# Do NOT use this on a production system as this uses the system performance
# counter rather than a true source of random in addition to having a weak
# random algorithm. This is provided primarily as a source of entropy for
# OpenSSL for platforms that do not have a good built in RngLib as this
# emulates what was done before (though it isn't perfect).
#
# Copyright (c) Microsoft Corporation. All rights reserved.<BR>
#
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
#
##
[Defines]
INF_VERSION = 1.27
BASE_NAME = BaseRngLibTimerLib
MODULE_UNI_FILE = BaseRngLibTimerLib.uni
FILE_GUID = 74950C45-10FC-4AB5-B114-49C87C17409B
MODULE_TYPE = BASE
VERSION_STRING = 1.0
LIBRARY_CLASS = RngLib
[Sources]
RngLibTimer.c
[Packages]
MdePkg/MdePkg.dec
[LibraryClasses]
BaseLib
DebugLib
TimerLib

15
MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.uni Normal file
View File

@ -0,0 +1,15 @@
// @file
// Instance of RNG (Random Number Generator) Library.
//
// RngLib that uses TimerLib's performance counter to provide random numbers.
//
// Copyright (c) Microsoft Corporation.
//
// SPDX-License-Identifier: BSD-2-Clause-Patent
//
#string STR_MODULE_ABSTRACT #language en-US "Instance of RNG Library"
#string STR_MODULE_DESCRIPTION #language en-US "BaseRng Library that uses the TimerLib to provide low-entropy random numbers"

192
MdeModulePkg/Library/BaseRngLibTimerLib/RngLibTimer.c Normal file
View File

@ -0,0 +1,192 @@
/** @file
BaseRng Library that uses the TimerLib to provide reasonably random numbers.
Do not use this on a production system.
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <Base.h>
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#include <Library/TimerLib.h>
#define DEFAULT_DELAY_TIME_IN_MICROSECONDS 10
/**
Using the TimerLib GetPerformanceCounterProperties() we delay
for enough time for the PerformanceCounter to increment.
If the return value from GetPerformanceCounterProperties (TimerLib)
is zero, this function will return 10 and attempt to assert.
**/
STATIC
UINT32
CalculateMinimumDecentDelayInMicroseconds (
VOID
)
{
UINT64 CounterHz;
// Get the counter properties
CounterHz = GetPerformanceCounterProperties (NULL, NULL);
// Make sure we won't divide by zero
if (CounterHz == 0) {
ASSERT (CounterHz != 0); // Assert so the developer knows something is wrong
return DEFAULT_DELAY_TIME_IN_MICROSECONDS;
}
// Calculate the minimum delay based on 1.5 microseconds divided by the hertz.
// We calculate the length of a cycle (1/CounterHz) and multiply it by 1.5 microseconds
// This ensures that the performance counter has increased by at least one
return (UINT32)(MAX (DivU64x64Remainder (1500000, CounterHz, NULL), 1));
}
/**
Generates a 16-bit random number.
if Rand is NULL, then ASSERT().
@param[out] Rand Buffer pointer to store the 16-bit random value.
@retval TRUE Random number generated successfully.
@retval FALSE Failed to generate the random number.
**/
BOOLEAN
EFIAPI
GetRandomNumber16 (
OUT UINT16 *Rand
)
{
UINT32 Index;
UINT8 *RandPtr;
UINT32 DelayInMicroSeconds;
ASSERT (Rand != NULL);
if (Rand == NULL) {
return FALSE;
}
DelayInMicroSeconds = CalculateMinimumDecentDelayInMicroseconds ();
RandPtr = (UINT8 *)Rand;
// Get 2 bytes of random ish data
for (Index = 0; Index < sizeof (UINT16); Index++) {
*RandPtr = (UINT8)(GetPerformanceCounter () & 0xFF);
// Delay to give the performance counter a chance to change
MicroSecondDelay (DelayInMicroSeconds);
RandPtr++;
}
return TRUE;
}
/**
Generates a 32-bit random number.
if Rand is NULL, then ASSERT().
@param[out] Rand Buffer pointer to store the 32-bit random value.
@retval TRUE Random number generated successfully.
@retval FALSE Failed to generate the random number.
**/
BOOLEAN
EFIAPI
GetRandomNumber32 (
OUT UINT32 *Rand
)
{
UINT32 Index;
UINT8 *RandPtr;
UINT32 DelayInMicroSeconds;
ASSERT (Rand != NULL);
if (NULL == Rand) {
return FALSE;
}
RandPtr = (UINT8 *)Rand;
DelayInMicroSeconds = CalculateMinimumDecentDelayInMicroseconds ();
// Get 4 bytes of random ish data
for (Index = 0; Index < sizeof (UINT32); Index++) {
*RandPtr = (UINT8)(GetPerformanceCounter () & 0xFF);
// Delay to give the performance counter a chance to change
MicroSecondDelay (DelayInMicroSeconds);
RandPtr++;
}
return TRUE;
}
/**
Generates a 64-bit random number.
if Rand is NULL, then ASSERT().
@param[out] Rand Buffer pointer to store the 64-bit random value.
@retval TRUE Random number generated successfully.
@retval FALSE Failed to generate the random number.
**/
BOOLEAN
EFIAPI
GetRandomNumber64 (
OUT UINT64 *Rand
)
{
UINT32 Index;
UINT8 *RandPtr;
UINT32 DelayInMicroSeconds;
ASSERT (Rand != NULL);
if (NULL == Rand) {
return FALSE;
}
RandPtr = (UINT8 *)Rand;
DelayInMicroSeconds = CalculateMinimumDecentDelayInMicroseconds ();
// Get 8 bytes of random ish data
for (Index = 0; Index < sizeof (UINT64); Index++) {
*RandPtr = (UINT8)(GetPerformanceCounter () & 0xFF);
// Delay to give the performance counter a chance to change
MicroSecondDelay (DelayInMicroSeconds);
RandPtr++;
}
return TRUE;
}
/**
Generates a 128-bit random number.
if Rand is NULL, then ASSERT().
@param[out] Rand Buffer pointer to store the 128-bit random value.
@retval TRUE Random number generated successfully.
@retval FALSE Failed to generate the random number.
**/
BOOLEAN
EFIAPI
GetRandomNumber128 (
OUT UINT64 *Rand
)
{
ASSERT (Rand != NULL);
// This should take around 80ms
// Read first 64 bits
if (!GetRandomNumber64 (Rand)) {
return FALSE;
}
// Read second 64 bits
return GetRandomNumber64 (++Rand);
}

1
MdeModulePkg/MdeModulePkg.dsc
View File

@ -345,6 +345,7 @@
MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf
MdeModulePkg/Library/DisplayUpdateProgressLibGraphics/DisplayUpdateProgressLibGraphics.inf
MdeModulePkg/Library/DisplayUpdateProgressLibText/DisplayUpdateProgressLibText.inf
MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuApp.inf

4
NetworkPkg/NetworkPkg.dsc
View File

@ -82,10 +82,10 @@
ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf
[LibraryClasses.ARM]
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
[LibraryClasses.RISCV64]
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
[PcdsFeatureFlag]
gEfiMdePkgTokenSpaceGuid.PcdComponentName2Disable|TRUE

2
OvmfPkg/AmdSev/AmdSevX64.dsc
View File

@ -185,7 +185,7 @@
IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf

2
OvmfPkg/Bhyve/BhyveX64.dsc
View File

@ -196,7 +196,7 @@
!else
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
!endif
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf

2
OvmfPkg/CloudHv/CloudHvX64.dsc
View File

@ -206,7 +206,7 @@
!else
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
!endif
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf

2
OvmfPkg/IntelTdx/IntelTdxX64.dsc
View File

@ -184,7 +184,7 @@
IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf

2
OvmfPkg/Microvm/MicrovmX64.dsc
View File

@ -203,7 +203,7 @@
!else
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
!endif
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf

2
OvmfPkg/OvmfPkgIa32.dsc
View File

@ -210,7 +210,7 @@
!else
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
!endif
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf

2
OvmfPkg/OvmfPkgIa32X64.dsc
View File

@ -215,7 +215,7 @@
!else
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
!endif
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf

2
OvmfPkg/OvmfPkgX64.dsc
View File

@ -231,7 +231,7 @@
!else
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
!endif
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf

2
OvmfPkg/OvmfXen.dsc
View File

@ -194,7 +194,7 @@
!else
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
!endif
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf

2
OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc
View File

@ -118,7 +118,7 @@
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
!endif
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
#
# Secure Boot dependencies

4
SecurityPkg/SecurityPkg.dsc
View File

@ -92,10 +92,10 @@
ArmTrngLib|MdePkg/Library/BaseArmTrngLibNull/BaseArmTrngLibNull.inf
[LibraryClasses.ARM]
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
[LibraryClasses.RISCV64]
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
[LibraryClasses.X64.SEC]
HashLib|SecurityPkg/Library/HashLibTdx/HashLibTdx.inf

4
SignedCapsulePkg/SignedCapsulePkg.dsc
View File

@ -110,10 +110,10 @@
NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf
[LibraryClasses.ARM]
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
[LibraryClasses.RISCV64]
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
[LibraryClasses.common.PEI_CORE]
HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf