mirror of https://github.com/acidanthera/audk.git
240 lines
5.4 KiB
C
240 lines
5.4 KiB
C
/** @file
|
|
Random number generator services that uses RdRand instruction access
|
|
to provide high-quality random numbers.
|
|
|
|
Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
|
|
Copyright (c) 2022, Pedro Falcato. All rights reserved.<BR>
|
|
Copyright (c) 2021, NUVIA Inc. All rights reserved.<BR>
|
|
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
|
|
|
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
|
**/
|
|
|
|
#include <Uefi.h>
|
|
#include <Library/BaseLib.h>
|
|
#include <Library/BaseMemoryLib.h>
|
|
#include <Library/DebugLib.h>
|
|
|
|
#include "BaseRngLibInternals.h"
|
|
|
|
//
|
|
// Bit mask used to determine if RdRand instruction is supported.
|
|
//
|
|
#define RDRAND_MASK BIT30
|
|
|
|
STATIC BOOLEAN mRdRandSupported;
|
|
|
|
//
|
|
// Intel SDM says 10 tries is good enough for reliable RDRAND usage.
|
|
//
|
|
#define RDRAND_RETRIES 10
|
|
|
|
#define RDRAND_TEST_SAMPLES 8
|
|
|
|
#define RDRAND_MIN_CHANGE 5
|
|
|
|
//
|
|
// Add a define for native-word RDRAND, just for the test.
|
|
//
|
|
#ifdef MDE_CPU_X64
|
|
#define ASM_RDRAND AsmRdRand64
|
|
#else
|
|
#define ASM_RDRAND AsmRdRand32
|
|
#endif
|
|
|
|
/**
|
|
Tests RDRAND for broken implementations.
|
|
|
|
@retval TRUE RDRAND is reliable (and hopefully safe).
|
|
@retval FALSE RDRAND is unreliable and should be disabled, despite CPUID.
|
|
|
|
**/
|
|
STATIC
|
|
BOOLEAN
|
|
TestRdRand (
|
|
VOID
|
|
)
|
|
{
|
|
//
|
|
// Test for notoriously broken rdrand implementations that always return the same
|
|
// value, like the Zen 3 uarch (all-1s) or other several AMD families on suspend/resume (also all-1s).
|
|
// Note that this should be expanded to extensively test for other sorts of possible errata.
|
|
//
|
|
|
|
//
|
|
// Our algorithm samples rdrand $RDRAND_TEST_SAMPLES times and expects
|
|
// a different result $RDRAND_MIN_CHANGE times for reliable RDRAND usage.
|
|
//
|
|
UINTN Prev;
|
|
UINT8 Idx;
|
|
UINT8 TestIteration;
|
|
UINT32 Changed;
|
|
|
|
Changed = 0;
|
|
|
|
for (TestIteration = 0; TestIteration < RDRAND_TEST_SAMPLES; TestIteration++) {
|
|
UINTN Sample;
|
|
//
|
|
// Note: We use a retry loop for rdrand. Normal users get this in BaseRng.c
|
|
// Any failure to get a random number will assume RDRAND does not work.
|
|
//
|
|
for (Idx = 0; Idx < RDRAND_RETRIES; Idx++) {
|
|
if (ASM_RDRAND (&Sample)) {
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (Idx == RDRAND_RETRIES) {
|
|
DEBUG ((DEBUG_ERROR, "BaseRngLib/x86: CPU BUG: Failed to get an RDRAND random number - disabling\n"));
|
|
return FALSE;
|
|
}
|
|
|
|
if (TestIteration != 0) {
|
|
Changed += Sample != Prev;
|
|
}
|
|
|
|
Prev = Sample;
|
|
}
|
|
|
|
if (Changed < RDRAND_MIN_CHANGE) {
|
|
DEBUG ((DEBUG_ERROR, "BaseRngLib/x86: CPU BUG: RDRAND not reliable - disabling\n"));
|
|
return FALSE;
|
|
}
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
#undef ASM_RDRAND
|
|
|
|
/**
|
|
The constructor function checks whether or not RDRAND instruction is supported
|
|
by the host hardware.
|
|
|
|
The constructor function checks whether or not RDRAND instruction is supported.
|
|
It will ASSERT() if RDRAND instruction is not supported.
|
|
It will always return EFI_SUCCESS.
|
|
|
|
@retval EFI_SUCCESS The constructor always returns EFI_SUCCESS.
|
|
|
|
**/
|
|
EFI_STATUS
|
|
EFIAPI
|
|
BaseRngLibConstructor (
|
|
VOID
|
|
)
|
|
{
|
|
UINT32 RegEcx;
|
|
|
|
//
|
|
// Determine RDRAND support by examining bit 30 of the ECX register returned by
|
|
// CPUID. A value of 1 indicates that processor support RDRAND instruction.
|
|
//
|
|
AsmCpuid (1, 0, 0, &RegEcx, 0);
|
|
|
|
mRdRandSupported = ((RegEcx & RDRAND_MASK) == RDRAND_MASK);
|
|
|
|
if (mRdRandSupported) {
|
|
mRdRandSupported = TestRdRand ();
|
|
}
|
|
|
|
return EFI_SUCCESS;
|
|
}
|
|
|
|
/**
|
|
Generates a 16-bit random number.
|
|
|
|
@param[out] Rand Buffer pointer to store the 16-bit random value.
|
|
|
|
@retval TRUE Random number generated successfully.
|
|
@retval FALSE Failed to generate the random number.
|
|
|
|
**/
|
|
BOOLEAN
|
|
EFIAPI
|
|
ArchGetRandomNumber16 (
|
|
OUT UINT16 *Rand
|
|
)
|
|
{
|
|
ASSERT (mRdRandSupported);
|
|
return AsmRdRand16 (Rand);
|
|
}
|
|
|
|
/**
|
|
Generates a 32-bit random number.
|
|
|
|
@param[out] Rand Buffer pointer to store the 32-bit random value.
|
|
|
|
@retval TRUE Random number generated successfully.
|
|
@retval FALSE Failed to generate the random number.
|
|
|
|
**/
|
|
BOOLEAN
|
|
EFIAPI
|
|
ArchGetRandomNumber32 (
|
|
OUT UINT32 *Rand
|
|
)
|
|
{
|
|
ASSERT (mRdRandSupported);
|
|
return AsmRdRand32 (Rand);
|
|
}
|
|
|
|
/**
|
|
Generates a 64-bit random number.
|
|
|
|
@param[out] Rand Buffer pointer to store the 64-bit random value.
|
|
|
|
@retval TRUE Random number generated successfully.
|
|
@retval FALSE Failed to generate the random number.
|
|
|
|
**/
|
|
BOOLEAN
|
|
EFIAPI
|
|
ArchGetRandomNumber64 (
|
|
OUT UINT64 *Rand
|
|
)
|
|
{
|
|
ASSERT (mRdRandSupported);
|
|
return AsmRdRand64 (Rand);
|
|
}
|
|
|
|
/**
|
|
Checks whether RDRAND is supported.
|
|
|
|
@retval TRUE RDRAND is supported.
|
|
@retval FALSE RDRAND is not supported.
|
|
|
|
**/
|
|
BOOLEAN
|
|
EFIAPI
|
|
ArchIsRngSupported (
|
|
VOID
|
|
)
|
|
{
|
|
return mRdRandSupported;
|
|
}
|
|
|
|
/**
|
|
Get a GUID identifying the RNG algorithm implementation.
|
|
|
|
@param [out] RngGuid If success, contains the GUID identifying
|
|
the RNG algorithm implementation.
|
|
|
|
@retval EFI_SUCCESS Success.
|
|
@retval EFI_UNSUPPORTED Not supported.
|
|
@retval EFI_INVALID_PARAMETER Invalid parameter.
|
|
**/
|
|
EFI_STATUS
|
|
EFIAPI
|
|
GetRngGuid (
|
|
GUID *RngGuid
|
|
)
|
|
{
|
|
if (RngGuid == NULL) {
|
|
return EFI_INVALID_PARAMETER;
|
|
}
|
|
|
|
CopyMem (RngGuid, &gEfiRngAlgorithmSp80090Ctr256Guid, sizeof (*RngGuid));
|
|
return EFI_SUCCESS;
|
|
}
|