diff options
author | Pierre Gondois <pierre.gondois@arm.com> | 2023-08-11 16:33:09 +0200 |
---|---|---|
committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2023-09-08 09:48:55 +0000 |
commit | 19438cff973bfb35a1ef12fab45fabb28b63fe64 (patch) | |
tree | 75b8e37749bb19c1ad2c7459669600b898ec5bdb /SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c | |
parent | 5443c2dc310d2c8eb15fb8eefd5057342e78cd0d (diff) | |
download | edk2-19438cff973bfb35a1ef12fab45fabb28b63fe64.tar.gz edk2-19438cff973bfb35a1ef12fab45fabb28b63fe64.tar.bz2 edk2-19438cff973bfb35a1ef12fab45fabb28b63fe64.zip |
SecurityPkg/RngDxe: Use GetRngGuid() when probing RngLib
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4151
The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has multiple
implementations, some of them are unsafe (e.g. BaseRngLibTimerLib).
To allow the RngDxe to detect when such implementation is used,
a GetRngGuid() function was added in a previous patch.
The EFI_RNG_PROTOCOL can advertise multiple algorithms through
Guids. The PcdCpuRngSupportedAlgorithm is currently used to
advertise the RngLib in the Arm implementation.
The issues of doing that are:
- the RngLib implementation might not use CPU instructions,
cf. the BaseRngLibTimerLib
- most platforms don't set PcdCpuRngSupportedAlgorithm
A GetRngGuid() was added to the RngLib in a previous patch,
allowing to identify the algorithm implemented by the RngLib.
Make use of this function and place the unsage algorithm
at the last position in the mAvailableAlgoArray.
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Tested-by: Kun Qin <kun.qin@microsoft.com>
Diffstat (limited to 'SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c')
-rw-r--r-- | SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c index ce49ff7ae6..78a18c5e11 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c @@ -78,6 +78,7 @@ RngGetRNG ( {
EFI_STATUS Status;
UINTN Index;
+ GUID RngGuid;
if ((This == NULL) || (RNGValueLength == 0) || (RNGValue == NULL)) {
return EFI_INVALID_PARAMETER;
@@ -102,7 +103,10 @@ RngGetRNG ( }
FoundAlgo:
- if (CompareGuid (RNGAlgorithm, PcdGetPtr (PcdCpuRngSupportedAlgorithm))) {
+ Status = GetRngGuid (&RngGuid);
+ if (!EFI_ERROR (Status) &&
+ CompareGuid (RNGAlgorithm, &RngGuid))
+ {
Status = RngGetBytes (RNGValueLength, RNGValue);
return Status;
}
|