[edk2-devel] [PATCH 00/11] Use proper entropy sources

Wang, Jian J posted 11 patches 4 years, 4 months ago
Failed in applying to current master (apply log)
ArmVirtPkg/ArmVirt.dsc.inc                    |   2 +
CryptoPkg/CryptoPkg.dsc                       |   1 +
CryptoPkg/Library/OpensslLib/OpensslLib.inf   |  15 +-
.../Library/OpensslLib/OpensslLibCrypto.inf   |  15 +-
CryptoPkg/Library/OpensslLib/rand_pool.c      | 253 ++----------------
.../Library/OpensslLib/rand_pool_noise.c      |  29 --
.../Library/OpensslLib/rand_pool_noise.h      |  29 --
.../Library/OpensslLib/rand_pool_noise_tsc.c  |  43 ---
FmpDevicePkg/FmpDevicePkg.dsc                 |   2 +-
MdePkg/Include/Library/BaseLib.h              |  51 ++++
MdePkg/Library/BaseLib/BaseLib.inf            |   4 +
MdePkg/Library/BaseLib/BaseLibInternals.h     |  46 ++++
MdePkg/Library/BaseLib/Ia32/RdSeed.nasm       |  87 ++++++
MdePkg/Library/BaseLib/X64/RdSeed.nasm        |  80 ++++++
MdePkg/Library/BaseLib/X86RdSeed.c            |  73 +++++
NetworkPkg/NetworkPkg.dsc                     |   1 +
OvmfPkg/OvmfPkgIa32.dsc                       |   5 +
OvmfPkg/OvmfPkgIa32X64.dsc                    |   5 +
OvmfPkg/OvmfPkgX64.dsc                        |   5 +
OvmfPkg/OvmfXen.dsc                           |   5 +
.../DxeRngLibRngProtocol.c                    | 200 ++++++++++++++
.../DxeRngLibRngProtocol.inf                  |  42 +++
.../DxeRngLibRngProtocol.uni                  |  14 +
.../RngLibRdSeed/RngLibRdSeed.inf             |  37 +++
.../RngLibRdSeed/RngLibRdSeed.uni             |  18 ++
.../RngLibRdSeed/RngRdSeed.c                  | 189 +++++++++++++
SecurityPkg/SecurityPkg.dsc                   |   6 +
SignedCapsulePkg/SignedCapsulePkg.dsc         |   6 +
28 files changed, 909 insertions(+), 354 deletions(-)
delete mode 100644 CryptoPkg/Library/OpensslLib/rand_pool_noise.c
delete mode 100644 CryptoPkg/Library/OpensslLib/rand_pool_noise.h
delete mode 100644 CryptoPkg/Library/OpensslLib/rand_pool_noise_tsc.c
create mode 100644 MdePkg/Library/BaseLib/Ia32/RdSeed.nasm
create mode 100644 MdePkg/Library/BaseLib/X64/RdSeed.nasm
create mode 100644 MdePkg/Library/BaseLib/X86RdSeed.c
create mode 100644 SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRngLibRngProtocol.c
create mode 100644 SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRngLibRngProtocol.inf
create mode 100644 SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRngLibRngProtocol.uni
create mode 100644 SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRdSeed.inf
create mode 100644 SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRdSeed.uni
create mode 100644 SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngRdSeed.c
[edk2-devel] [PATCH 00/11] Use proper entropy sources
Posted by Wang, Jian J 4 years, 4 months ago
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1871

Patch series summary:
 - Add BaseRngLibNull to package dsc
 - Add DxeRngLibRngProtocol to make use EFI_RNG_PROTOCOL
 - Add RdSeed interface and RngLibRdSeed for IA32/X64 arch
 - Remove following files
    rand_pool_noise.h
    rand_pool_noise_tsc.c
    rand_pool_noise.c
 - Update rand_pool.c to use RngLib interface directly
   and the drop the TimerLib depenency from OpensslLib
 - Update OVMF platform dsc to use DxeRngLibRngProtocol
   when necessary

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Bret Barkelew <bret.barkelew@microsoft.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Maciej Rabeda <maciej.rabeda@intel.com>
Cc: Matthew Carlson <macarl@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>

Jian J Wang (11):
  NetworkPkg/NetworkPkg.dsc: specify RngLib instance for build
  SignedCapsulePkg/SignedCapsulePkg.dsc: specify RngLib instances
  FmpDevicePkg/FmpDevicePkg.dsc: specify RngLib instances in dsc files
  MdePkg/BaseLib: add interface to wrap rdseed IA instruction
  SecurityPkg/RngLibRdSeed: add an instance of RngLib to make use rdseed
  SecurityPkg/DxeRngLibRngProtocol: add RNG protocol version of RngLib
  SecurityPkg/SecurityPkg.dsc: add new RngLib instances for build
  OvmfPkg: specify RngLib instances in dsc files
  ArmVirtPkg/ArmVirt.dsc.inc: specify RngLib instances in dsc files
  CryptoPkg/OpensslLib: use RngLib to get high quality random entropy
  FmpDevicePkg/FmpDevicePkg.dsc: remove TimerLib instance

 ArmVirtPkg/ArmVirt.dsc.inc                    |   2 +
 CryptoPkg/CryptoPkg.dsc                       |   1 +
 CryptoPkg/Library/OpensslLib/OpensslLib.inf   |  15 +-
 .../Library/OpensslLib/OpensslLibCrypto.inf   |  15 +-
 CryptoPkg/Library/OpensslLib/rand_pool.c      | 253 ++----------------
 .../Library/OpensslLib/rand_pool_noise.c      |  29 --
 .../Library/OpensslLib/rand_pool_noise.h      |  29 --
 .../Library/OpensslLib/rand_pool_noise_tsc.c  |  43 ---
 FmpDevicePkg/FmpDevicePkg.dsc                 |   2 +-
 MdePkg/Include/Library/BaseLib.h              |  51 ++++
 MdePkg/Library/BaseLib/BaseLib.inf            |   4 +
 MdePkg/Library/BaseLib/BaseLibInternals.h     |  46 ++++
 MdePkg/Library/BaseLib/Ia32/RdSeed.nasm       |  87 ++++++
 MdePkg/Library/BaseLib/X64/RdSeed.nasm        |  80 ++++++
 MdePkg/Library/BaseLib/X86RdSeed.c            |  73 +++++
 NetworkPkg/NetworkPkg.dsc                     |   1 +
 OvmfPkg/OvmfPkgIa32.dsc                       |   5 +
 OvmfPkg/OvmfPkgIa32X64.dsc                    |   5 +
 OvmfPkg/OvmfPkgX64.dsc                        |   5 +
 OvmfPkg/OvmfXen.dsc                           |   5 +
 .../DxeRngLibRngProtocol.c                    | 200 ++++++++++++++
 .../DxeRngLibRngProtocol.inf                  |  42 +++
 .../DxeRngLibRngProtocol.uni                  |  14 +
 .../RngLibRdSeed/RngLibRdSeed.inf             |  37 +++
 .../RngLibRdSeed/RngLibRdSeed.uni             |  18 ++
 .../RngLibRdSeed/RngRdSeed.c                  | 189 +++++++++++++
 SecurityPkg/SecurityPkg.dsc                   |   6 +
 SignedCapsulePkg/SignedCapsulePkg.dsc         |   6 +
 28 files changed, 909 insertions(+), 354 deletions(-)
 delete mode 100644 CryptoPkg/Library/OpensslLib/rand_pool_noise.c
 delete mode 100644 CryptoPkg/Library/OpensslLib/rand_pool_noise.h
 delete mode 100644 CryptoPkg/Library/OpensslLib/rand_pool_noise_tsc.c
 create mode 100644 MdePkg/Library/BaseLib/Ia32/RdSeed.nasm
 create mode 100644 MdePkg/Library/BaseLib/X64/RdSeed.nasm
 create mode 100644 MdePkg/Library/BaseLib/X86RdSeed.c
 create mode 100644 SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRngLibRngProtocol.c
 create mode 100644 SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRngLibRngProtocol.inf
 create mode 100644 SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRngLibRngProtocol.uni
 create mode 100644 SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRdSeed.inf
 create mode 100644 SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRdSeed.uni
 create mode 100644 SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngRdSeed.c

-- 
2.17.1.windows.2


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#50606): https://edk2.groups.io/g/devel/message/50606
Mute This Topic: https://groups.io/mt/56714011/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 00/11] Use proper entropy sources
Posted by Michael D Kinney 4 years, 4 months ago
Jian,

In this patch series I see mixed use of different RngLib instances.

How does a platform developer working on their DSC file know if the
BaseCryptLib services they are using require a Null or a complete
implementation of the RngLib?  How does a platform developer know
if they made the wrong choice.

Thanks,

Mike

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On
> Behalf Of Wang, Jian J
> Sent: Wednesday, November 13, 2019 6:18 PM
> To: devel@edk2.groups.io
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Bret
> Barkelew <bret.barkelew@microsoft.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>; Yao, Jiewen
> <jiewen.yao@intel.com>; Justen, Jordan L
> <jordan.l.justen@intel.com>; Laszlo Ersek
> <lersek@redhat.com>; Leif Lindholm
> <leif.lindholm@linaro.org>; Gao, Liming
> <liming.gao@intel.com>; Rabeda, Maciej
> <maciej.rabeda@intel.com>; Matthew Carlson
> <macarl@microsoft.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>; Ni, Ray
> <ray.ni@intel.com>; Sean Brogan
> <sean.brogan@microsoft.com>; Fu, Siyuan
> <siyuan.fu@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>
> Subject: [edk2-devel] [PATCH 00/11] Use proper entropy
> sources
> 
> REF:
> https://bugzilla.tianocore.org/show_bug.cgi?id=1871
> 
> Patch series summary:
>  - Add BaseRngLibNull to package dsc
>  - Add DxeRngLibRngProtocol to make use
> EFI_RNG_PROTOCOL
>  - Add RdSeed interface and RngLibRdSeed for IA32/X64
> arch
>  - Remove following files
>     rand_pool_noise.h
>     rand_pool_noise_tsc.c
>     rand_pool_noise.c
>  - Update rand_pool.c to use RngLib interface directly
>    and the drop the TimerLib depenency from OpensslLib
>  - Update OVMF platform dsc to use DxeRngLibRngProtocol
>    when necessary
> 
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Bret Barkelew <bret.barkelew@microsoft.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Leif Lindholm <leif.lindholm@linaro.org>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Maciej Rabeda <maciej.rabeda@intel.com>
> Cc: Matthew Carlson <macarl@microsoft.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Sean Brogan <sean.brogan@microsoft.com>
> Cc: Siyuan Fu <siyuan.fu@intel.com>
> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> 
> Jian J Wang (11):
>   NetworkPkg/NetworkPkg.dsc: specify RngLib instance
> for build
>   SignedCapsulePkg/SignedCapsulePkg.dsc: specify RngLib
> instances
>   FmpDevicePkg/FmpDevicePkg.dsc: specify RngLib
> instances in dsc files
>   MdePkg/BaseLib: add interface to wrap rdseed IA
> instruction
>   SecurityPkg/RngLibRdSeed: add an instance of RngLib
> to make use rdseed
>   SecurityPkg/DxeRngLibRngProtocol: add RNG protocol
> version of RngLib
>   SecurityPkg/SecurityPkg.dsc: add new RngLib instances
> for build
>   OvmfPkg: specify RngLib instances in dsc files
>   ArmVirtPkg/ArmVirt.dsc.inc: specify RngLib instances
> in dsc files
>   CryptoPkg/OpensslLib: use RngLib to get high quality
> random entropy
>   FmpDevicePkg/FmpDevicePkg.dsc: remove TimerLib
> instance
> 
>  ArmVirtPkg/ArmVirt.dsc.inc                    |   2 +
>  CryptoPkg/CryptoPkg.dsc                       |   1 +
>  CryptoPkg/Library/OpensslLib/OpensslLib.inf   |  15 +-
>  .../Library/OpensslLib/OpensslLibCrypto.inf   |  15 +-
>  CryptoPkg/Library/OpensslLib/rand_pool.c      | 253
> ++----------------
>  .../Library/OpensslLib/rand_pool_noise.c      |  29 --
>  .../Library/OpensslLib/rand_pool_noise.h      |  29 --
>  .../Library/OpensslLib/rand_pool_noise_tsc.c  |  43 --
> -
>  FmpDevicePkg/FmpDevicePkg.dsc                 |   2 +-
>  MdePkg/Include/Library/BaseLib.h              |  51
> ++++
>  MdePkg/Library/BaseLib/BaseLib.inf            |   4 +
>  MdePkg/Library/BaseLib/BaseLibInternals.h     |  46
> ++++
>  MdePkg/Library/BaseLib/Ia32/RdSeed.nasm       |  87
> ++++++
>  MdePkg/Library/BaseLib/X64/RdSeed.nasm        |  80
> ++++++
>  MdePkg/Library/BaseLib/X86RdSeed.c            |  73
> +++++
>  NetworkPkg/NetworkPkg.dsc                     |   1 +
>  OvmfPkg/OvmfPkgIa32.dsc                       |   5 +
>  OvmfPkg/OvmfPkgIa32X64.dsc                    |   5 +
>  OvmfPkg/OvmfPkgX64.dsc                        |   5 +
>  OvmfPkg/OvmfXen.dsc                           |   5 +
>  .../DxeRngLibRngProtocol.c                    | 200
> ++++++++++++++
>  .../DxeRngLibRngProtocol.inf                  |  42
> +++
>  .../DxeRngLibRngProtocol.uni                  |  14 +
>  .../RngLibRdSeed/RngLibRdSeed.inf             |  37
> +++
>  .../RngLibRdSeed/RngLibRdSeed.uni             |  18 ++
>  .../RngLibRdSeed/RngRdSeed.c                  | 189
> +++++++++++++
>  SecurityPkg/SecurityPkg.dsc                   |   6 +
>  SignedCapsulePkg/SignedCapsulePkg.dsc         |   6 +
>  28 files changed, 909 insertions(+), 354 deletions(-)
> delete mode 100644
> CryptoPkg/Library/OpensslLib/rand_pool_noise.c
>  delete mode 100644
> CryptoPkg/Library/OpensslLib/rand_pool_noise.h
>  delete mode 100644
> CryptoPkg/Library/OpensslLib/rand_pool_noise_tsc.c
>  create mode 100644
> MdePkg/Library/BaseLib/Ia32/RdSeed.nasm
>  create mode 100644
> MdePkg/Library/BaseLib/X64/RdSeed.nasm
>  create mode 100644 MdePkg/Library/BaseLib/X86RdSeed.c
>  create mode 100644
> SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/
> DxeRngLibRngProtocol.c
>  create mode 100644
> SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/
> DxeRngLibRngProtocol.inf
>  create mode 100644
> SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/
> DxeRngLibRngProtocol.uni
>  create mode 100644
> SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRd
> Seed.inf
>  create mode 100644
> SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRd
> Seed.uni
>  create mode 100644
> SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngRdSee
> d.c
> 
> --
> 2.17.1.windows.2
> 
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#50621): https://edk2.groups.io/g/devel/message/50621
Mute This Topic: https://groups.io/mt/56714011/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 00/11] Use proper entropy sources
Posted by Wang, Jian J 4 years, 4 months ago
Hi Mike,

Here're some suggestions:
  - If OpensslLib library is used, RngLib instance must be specified along
    with it.
  - For package dsc, BaseLibRngNull can be used because their main
    purpose is just for build.
  - For platforms which don't need random number at all, BaseLibRngNull
    is recommended.
  - If drivers HddPasswordDxe/TlsDxe (TlsLib) and/or crypto algorithm like
    AES/RSA-OAEP/RSA-PK1 are used in a platform, BaseLibRngNull must
    *not* be used. This rule might change due to the future code base
    change.
  - For IA32/X64 platforms, BaseLibRng is recommended as the default
    library instance to avoid unknown uses of RNG. But the users can
    choose
      - RngLibRdSeed, if rdseed is supported for sure and high quality
        of entropy source is needed; or
      - DxeRngLibRngProtocol, if EFI_RNG_PROTOCOL is implemented in
        the platform and only DXE drivers or applications use RNG, or
        arch independent is more important.
  - For OVMF, there's already a driver implemented EFI_RNG_PROTOCOL.
    DxeRngLibRngProtocol is always recommended.
  - For other ARCH platforms, I don't see implementation of RngLib nor
    EFI_RNG_PROTOCOL. They have to use BaseRngLibNull or implement
    their own version of RngLib. There's an ARCH independent solution
    called CPU Jitter RNG, which has been adopted by Linux. But there's
    concern that it won't work well in BIOS environment.
    (see https://www.chronox.de/jent/doc/CPU-Jitter-NPTRNG.html)
  - If BaseLibRngNull ASSERTs at boot time, there must be some use cases
    missed. Use a full implementation of RngLib instead.

Regards,
Jian

> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@intel.com>
> Sent: Thursday, November 14, 2019 12:21 PM
> To: devel@edk2.groups.io; Wang, Jian J <jian.j.wang@intel.com>; Kinney,
> Michael D <michael.d.kinney@intel.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Bret Barkelew
> <bret.barkelew@microsoft.com>; Zhang, Chao B <chao.b.zhang@intel.com>;
> Wu, Jiaxin <jiaxin.wu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Justen,
> Jordan L <jordan.l.justen@intel.com>; Laszlo Ersek <lersek@redhat.com>; Leif
> Lindholm <leif.lindholm@linaro.org>; Gao, Liming <liming.gao@intel.com>;
> Rabeda, Maciej <maciej.rabeda@intel.com>; Matthew Carlson
> <macarl@microsoft.com>; Ni, Ray <ray.ni@intel.com>; Sean Brogan
> <sean.brogan@microsoft.com>; Fu, Siyuan <siyuan.fu@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 00/11] Use proper entropy sources
> 
> Jian,
> 
> In this patch series I see mixed use of different RngLib instances.
> 
> How does a platform developer working on their DSC file know if the
> BaseCryptLib services they are using require a Null or a complete
> implementation of the RngLib?  How does a platform developer know
> if they made the wrong choice.
> 
> Thanks,
> 
> Mike
> 
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On
> > Behalf Of Wang, Jian J
> > Sent: Wednesday, November 13, 2019 6:18 PM
> > To: devel@edk2.groups.io
> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Bret
> > Barkelew <bret.barkelew@microsoft.com>; Zhang, Chao B
> > <chao.b.zhang@intel.com>; Wu, Jiaxin
> > <jiaxin.wu@intel.com>; Yao, Jiewen
> > <jiewen.yao@intel.com>; Justen, Jordan L
> > <jordan.l.justen@intel.com>; Laszlo Ersek
> > <lersek@redhat.com>; Leif Lindholm
> > <leif.lindholm@linaro.org>; Gao, Liming
> > <liming.gao@intel.com>; Rabeda, Maciej
> > <maciej.rabeda@intel.com>; Matthew Carlson
> > <macarl@microsoft.com>; Kinney, Michael D
> > <michael.d.kinney@intel.com>; Ni, Ray
> > <ray.ni@intel.com>; Sean Brogan
> > <sean.brogan@microsoft.com>; Fu, Siyuan
> > <siyuan.fu@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>
> > Subject: [edk2-devel] [PATCH 00/11] Use proper entropy
> > sources
> >
> > REF:
> > https://bugzilla.tianocore.org/show_bug.cgi?id=1871
> >
> > Patch series summary:
> >  - Add BaseRngLibNull to package dsc
> >  - Add DxeRngLibRngProtocol to make use
> > EFI_RNG_PROTOCOL
> >  - Add RdSeed interface and RngLibRdSeed for IA32/X64
> > arch
> >  - Remove following files
> >     rand_pool_noise.h
> >     rand_pool_noise_tsc.c
> >     rand_pool_noise.c
> >  - Update rand_pool.c to use RngLib interface directly
> >    and the drop the TimerLib depenency from OpensslLib
> >  - Update OVMF platform dsc to use DxeRngLibRngProtocol
> >    when necessary
> >
> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > Cc: Bret Barkelew <bret.barkelew@microsoft.com>
> > Cc: Chao Zhang <chao.b.zhang@intel.com>
> > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Jordan Justen <jordan.l.justen@intel.com>
> > Cc: Laszlo Ersek <lersek@redhat.com>
> > Cc: Leif Lindholm <leif.lindholm@linaro.org>
> > Cc: Liming Gao <liming.gao@intel.com>
> > Cc: Maciej Rabeda <maciej.rabeda@intel.com>
> > Cc: Matthew Carlson <macarl@microsoft.com>
> > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > Cc: Ray Ni <ray.ni@intel.com>
> > Cc: Sean Brogan <sean.brogan@microsoft.com>
> > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> >
> > Jian J Wang (11):
> >   NetworkPkg/NetworkPkg.dsc: specify RngLib instance
> > for build
> >   SignedCapsulePkg/SignedCapsulePkg.dsc: specify RngLib
> > instances
> >   FmpDevicePkg/FmpDevicePkg.dsc: specify RngLib
> > instances in dsc files
> >   MdePkg/BaseLib: add interface to wrap rdseed IA
> > instruction
> >   SecurityPkg/RngLibRdSeed: add an instance of RngLib
> > to make use rdseed
> >   SecurityPkg/DxeRngLibRngProtocol: add RNG protocol
> > version of RngLib
> >   SecurityPkg/SecurityPkg.dsc: add new RngLib instances
> > for build
> >   OvmfPkg: specify RngLib instances in dsc files
> >   ArmVirtPkg/ArmVirt.dsc.inc: specify RngLib instances
> > in dsc files
> >   CryptoPkg/OpensslLib: use RngLib to get high quality
> > random entropy
> >   FmpDevicePkg/FmpDevicePkg.dsc: remove TimerLib
> > instance
> >
> >  ArmVirtPkg/ArmVirt.dsc.inc                    |   2 +
> >  CryptoPkg/CryptoPkg.dsc                       |   1 +
> >  CryptoPkg/Library/OpensslLib/OpensslLib.inf   |  15 +-
> >  .../Library/OpensslLib/OpensslLibCrypto.inf   |  15 +-
> >  CryptoPkg/Library/OpensslLib/rand_pool.c      | 253
> > ++----------------
> >  .../Library/OpensslLib/rand_pool_noise.c      |  29 --
> >  .../Library/OpensslLib/rand_pool_noise.h      |  29 --
> >  .../Library/OpensslLib/rand_pool_noise_tsc.c  |  43 --
> > -
> >  FmpDevicePkg/FmpDevicePkg.dsc                 |   2 +-
> >  MdePkg/Include/Library/BaseLib.h              |  51
> > ++++
> >  MdePkg/Library/BaseLib/BaseLib.inf            |   4 +
> >  MdePkg/Library/BaseLib/BaseLibInternals.h     |  46
> > ++++
> >  MdePkg/Library/BaseLib/Ia32/RdSeed.nasm       |  87
> > ++++++
> >  MdePkg/Library/BaseLib/X64/RdSeed.nasm        |  80
> > ++++++
> >  MdePkg/Library/BaseLib/X86RdSeed.c            |  73
> > +++++
> >  NetworkPkg/NetworkPkg.dsc                     |   1 +
> >  OvmfPkg/OvmfPkgIa32.dsc                       |   5 +
> >  OvmfPkg/OvmfPkgIa32X64.dsc                    |   5 +
> >  OvmfPkg/OvmfPkgX64.dsc                        |   5 +
> >  OvmfPkg/OvmfXen.dsc                           |   5 +
> >  .../DxeRngLibRngProtocol.c                    | 200
> > ++++++++++++++
> >  .../DxeRngLibRngProtocol.inf                  |  42
> > +++
> >  .../DxeRngLibRngProtocol.uni                  |  14 +
> >  .../RngLibRdSeed/RngLibRdSeed.inf             |  37
> > +++
> >  .../RngLibRdSeed/RngLibRdSeed.uni             |  18 ++
> >  .../RngLibRdSeed/RngRdSeed.c                  | 189
> > +++++++++++++
> >  SecurityPkg/SecurityPkg.dsc                   |   6 +
> >  SignedCapsulePkg/SignedCapsulePkg.dsc         |   6 +
> >  28 files changed, 909 insertions(+), 354 deletions(-)
> > delete mode 100644
> > CryptoPkg/Library/OpensslLib/rand_pool_noise.c
> >  delete mode 100644
> > CryptoPkg/Library/OpensslLib/rand_pool_noise.h
> >  delete mode 100644
> > CryptoPkg/Library/OpensslLib/rand_pool_noise_tsc.c
> >  create mode 100644
> > MdePkg/Library/BaseLib/Ia32/RdSeed.nasm
> >  create mode 100644
> > MdePkg/Library/BaseLib/X64/RdSeed.nasm
> >  create mode 100644 MdePkg/Library/BaseLib/X86RdSeed.c
> >  create mode 100644
> > SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/
> > DxeRngLibRngProtocol.c
> >  create mode 100644
> > SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/
> > DxeRngLibRngProtocol.inf
> >  create mode 100644
> > SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/
> > DxeRngLibRngProtocol.uni
> >  create mode 100644
> > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRd
> > Seed.inf
> >  create mode 100644
> > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngLibRd
> > Seed.uni
> >  create mode 100644
> > SecurityPkg/RandomNumberGenerator/RngLibRdSeed/RngRdSee
> > d.c
> >
> > --
> > 2.17.1.windows.2
> >
> >
> > 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#50626): https://edk2.groups.io/g/devel/message/50626
Mute This Topic: https://groups.io/mt/56714011/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-