From nobody Sat May 18 17:15:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+74926+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+74926+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1620683598; cv=none; d=zohomail.com; s=zohoarc; b=h4vCAZprRxU/pKt5duYYdluCphZnGht6ij8PRPeI0bS4nT18cW1Mvay24aLegGqi5xh0IT1NjJL8pWc2AKuJE+jkssg9NF346qonuFzfntlzUMZvPVSmiWuGW9O9SXopLVj1Ywj+nNOKCFhmNQfIqITkODZTBbAvjW+mGIpr1Ys= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1620683598; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=QrHcYdNqTYdsnGr2PlZuDEZuN15L8w5wAw25cihoMmY=; b=Q6ifKpdva2Ri7bvBW0UvU5/b7C7IEjn9kHToUy68STYHxIfmNNqGNzQ9+vTp9bBFziEhYA6SGS/QcNKCS1tc5ZrSEHGQ4fbh2+h+yz7crmaPmHSIruHt05t0FH5oMJxjYxa/WFBAZcYx8+qtmHk4TT8+l+C3+lIxvKW3mz0WkIg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+74926+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1620683598059687.2235178703902; Mon, 10 May 2021 14:53:18 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id gdn7YY1788612x3yephYgkQw; Mon, 10 May 2021 14:53:17 -0700 X-Received: from mail-io1-f46.google.com (mail-io1-f46.google.com [209.85.166.46]) by mx.groups.io with SMTP id smtpd.web12.4171.1620683596992928767 for ; Mon, 10 May 2021 14:53:17 -0700 X-Received: by mail-io1-f46.google.com with SMTP id d24so6387533ios.2 for ; Mon, 10 May 2021 14:53:16 -0700 (PDT) X-Gm-Message-State: kfiHH3BfhZaD1uFCnSfpz8Tkx1787277AA= X-Google-Smtp-Source: ABdhPJxapz1HHge9v4AsJKKaalMc74uMsDaFcCE+13+bdR/httVI0oN4Zb/Ct5PUb3QjhSN+oPGl9w== X-Received: by 2002:a05:6638:4a:: with SMTP id a10mr23692846jap.142.1620683595629; Mon, 10 May 2021 14:53:15 -0700 (PDT) X-Received: from cube.nuviainc.com (c-174-52-16-57.hsd1.ut.comcast.net. [174.52.16.57]) by smtp.gmail.com with ESMTPSA id s6sm6707320iob.45.2021.05.10.14.53.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 10 May 2021 14:53:15 -0700 (PDT) From: "Rebecca Cran" To: devel@edk2.groups.io, Jiewen Yao , Jian J Wang , Michael D Kinney , Liming Gao , Zhiguang Liu , Ard Biesheuvel , Sami Mujawar Cc: Rebecca Cran Subject: [edk2-devel] [PATCH v3 1/2] MdePkg/BaseRngLib: Add support for ARMv8.5 RNG instructions Date: Mon, 10 May 2021 15:53:07 -0600 Message-Id: <20210510215308.28745-2-rebecca@nuviainc.com> In-Reply-To: <20210510215308.28745-1-rebecca@nuviainc.com> References: <20210510215308.28745-1-rebecca@nuviainc.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,rebecca@nuviainc.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1620683597; bh=dDbl+Iv49gi4oIBIN/WqTmPgeYJrIgc2z4jE1pgAEcc=; h=Cc:Date:From:Reply-To:Subject:To; b=fv8kP85xe+glRe1q9orWdkc1bC4Q5nhkY5VKtv+LLnWN9aLQmCcR5Zas1CrwgaezcCu YlvJxMI/FIQnyfzyyy4+GjlVXzf25mDXpSiGSQXptCGMkb3g4EL1J/rg6Vx0HcC76e1aE JtKcnpT8DnxeVfywuidLXa65Abzh0lr00+Q= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" Make BaseRngLib more generic by moving x86-specific functionality into 'Rand' and adding files under 'AArch64' to support the optional ARMv8.5 RNG instruction RNDR that is a part of FEAT_RNG. Signed-off-by: Rebecca Cran Reviewed-by: Liming Gao Reviewed-by: Sami Mujawar --- MdePkg/MdePkg.dec | 9 +- MdePkg/MdePkg.dsc | 4 +- MdePkg/Library/BaseRngLib/BaseRngLib.inf | 23 +++- MdePkg/Library/BaseRngLib/AArch64/ArmRng.h | 43 ++++++ MdePkg/Library/BaseRngLib/BaseRngLibInternals.h | 78 +++++++++++ MdePkg/Library/BaseRngLib/AArch64/Rndr.c | 139 +++++++++++++++= +++++ MdePkg/Library/BaseRngLib/BaseRng.c | 87 ++++++------ MdePkg/Library/BaseRngLib/Rand/RdRand.c | 131 +++++++++++++++= +++ MdePkg/Library/BaseRngLib/AArch64/ArmReadIdIsar0.S | 31 +++++ MdePkg/Library/BaseRngLib/AArch64/ArmReadIdIsar0.asm | 30 +++++ MdePkg/Library/BaseRngLib/AArch64/ArmRng.S | 37 ++++++ MdePkg/Library/BaseRngLib/AArch64/ArmRng.asm | 39 ++++++ MdePkg/Library/BaseRngLib/BaseRngLib.uni | 6 +- 13 files changed, 603 insertions(+), 54 deletions(-) diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index 8965e903e093..b49f88d8e18f 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -267,6 +267,11 @@ [LibraryClasses] # RegisterFilterLib|Include/Library/RegisterFilterLib.h =20 +[LibraryClasses.IA32, LibraryClasses.X64, LibraryClasses.AARCH64] + ## @libraryclass Provides services to generate random number. + # + RngLib|Include/Library/RngLib.h + [LibraryClasses.IA32, LibraryClasses.X64] ## @libraryclass Abstracts both S/W SMI generation and detection. ## @@ -288,10 +293,6 @@ [LibraryClasses.IA32, LibraryClasses.X64] # SmmPeriodicSmiLib|Include/Library/SmmPeriodicSmiLib.h =20 - ## @libraryclass Provides services to generate random number. - # - RngLib|Include/Library/RngLib.h - ## @libraryclass Provides services to log the SMI handler registration. SmiHandlerProfileLib|Include/Library/SmiHandlerProfileLib.h =20 diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc index d363419006ea..a94959169b2f 100644 --- a/MdePkg/MdePkg.dsc +++ b/MdePkg/MdePkg.dsc @@ -145,6 +145,9 @@ [Components.IA32, Components.X64, Components.ARM, Compo= nents.AARCH64] MdePkg/Test/UnitTest/Library/BaseSafeIntLib/TestBaseSafeIntLibSmm.inf MdePkg/Test/UnitTest/Library/BaseSafeIntLib/TestBaseSafeIntLibUefiShell.= inf =20 +[Components.IA32, Components.X64, Components.AARCH64] + MdePkg/Library/BaseRngLib/BaseRngLib.inf + [Components.IA32, Components.X64] MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf @@ -168,7 +171,6 @@ [Components.IA32, Components.X64] MdePkg/Library/BaseS3StallLib/BaseS3StallLib.inf MdePkg/Library/SmmMemLib/SmmMemLib.inf MdePkg/Library/SmmIoLib/SmmIoLib.inf - MdePkg/Library/BaseRngLib/BaseRngLib.inf MdePkg/Library/SmmPciExpressLib/SmmPciExpressLib.inf MdePkg/Library/SmiHandlerProfileLibNull/SmiHandlerProfileLibNull.inf MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf diff --git a/MdePkg/Library/BaseRngLib/BaseRngLib.inf b/MdePkg/Library/Base= RngLib/BaseRngLib.inf index 31740751c69c..1fcceb941495 100644 --- a/MdePkg/Library/BaseRngLib/BaseRngLib.inf +++ b/MdePkg/Library/BaseRngLib/BaseRngLib.inf @@ -1,9 +1,10 @@ ## @file # Instance of RNG (Random Number Generator) Library. # -# BaseRng Library that uses CPU RdRand instruction access to provide -# high-quality random numbers. +# BaseRng Library that uses CPU RNG instructions (e.g. RdRand) to +# provide random numbers. # +# Copyright (c) 2021, NUVIA Inc. All rights reserved.
# Copyright (c) 2015, Intel Corporation. All rights reserved.
# # SPDX-License-Identifier: BSD-2-Clause-Patent @@ -22,11 +23,25 @@ [Defines] CONSTRUCTOR =3D BaseRngLibConstructor =20 # -# VALID_ARCHITECTURES =3D IA32 X64 +# VALID_ARCHITECTURES =3D IA32 X64 AARCH64 # =20 -[Sources.Ia32, Sources.X64] +[Sources] BaseRng.c + BaseRngLibInternals.h + +[Sources.Ia32, Sources.X64] + Rand/RdRand.c + +[Sources.AARCH64] + AArch64/Rndr.c + AArch64/ArmRng.h + + AArch64/ArmReadIdIsar0.S | GCC + AArch64/ArmRng.S | GCC + + AArch64/ArmReadIdIsar0.asm | MSFT + AArch64/ArmRng.asm | MSFT =20 [Packages] MdePkg/MdePkg.dec diff --git a/MdePkg/Library/BaseRngLib/AArch64/ArmRng.h b/MdePkg/Library/Ba= seRngLib/AArch64/ArmRng.h new file mode 100644 index 000000000000..a597e98bf0d5 --- /dev/null +++ b/MdePkg/Library/BaseRngLib/AArch64/ArmRng.h @@ -0,0 +1,43 @@ +/** @file + Random number generator service that uses the RNDR instruction + to provide pseudorandom numbers. + + Copyright (c) 2021, NUVIA Inc. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef ARM_RNG_H_ +#define ARM_RNG_H_ + +/** + Generates a random number using RNDR. + Returns TRUE on success; FALSE on failure. + + @param[out] Rand Buffer pointer to store the 64-bit random value. + + @retval TRUE Random number generated successfully. + @retval FALSE Failed to generate the random number. + +**/ +BOOLEAN +EFIAPI +ArmRndr ( + OUT UINT64 *Rand + ); + +/** + Reads the ID_AA64ISAR0 Register. + + @return The contents of the ID_AA64ISAR0 register. + +**/ +UINT64 +EFIAPI +ArmReadIdIsar0 ( + VOID + ); + +#endif /* ARM_RNG_H_ */ + diff --git a/MdePkg/Library/BaseRngLib/BaseRngLibInternals.h b/MdePkg/Libra= ry/BaseRngLib/BaseRngLibInternals.h new file mode 100644 index 000000000000..b6b4e9eef227 --- /dev/null +++ b/MdePkg/Library/BaseRngLib/BaseRngLibInternals.h @@ -0,0 +1,78 @@ +/** @file + + Architecture specific interface to RNG functionality. + +Copyright (c) 2021, NUVIA Inc. All rights reserved.
+ +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef BASE_RNGLIB_INTERNALS_H_ + +/** + Generates a 16-bit random number. + + @param[out] Rand Buffer pointer to store the 16-bit random value. + + @retval TRUE Random number generated successfully. + @retval FALSE Failed to generate the random number. + +**/ +BOOLEAN +EFIAPI +ArchGetRandomNumber16 ( + OUT UINT16 *Rand + ); + +/** + Generates a 32-bit random number. + + @param[out] Rand Buffer pointer to store the 32-bit random value. + + @retval TRUE Random number generated successfully. + @retval FALSE Failed to generate the random number. + +**/ +BOOLEAN +EFIAPI +ArchGetRandomNumber32 ( + OUT UINT32 *Rand + ); + +/** + Generates a 64-bit random number. + + @param[out] Rand Buffer pointer to store the 64-bit random value. + + @retval TRUE Random number generated successfully. + @retval FALSE Failed to generate the random number. + +**/ +BOOLEAN +EFIAPI +ArchGetRandomNumber64 ( + OUT UINT64 *Rand + ); + +/** + Checks whether the RNG instruction is supported. + + @retval TRUE RNG instruction is supported. + @retval FALSE RNG instruction is not supported. + +**/ +BOOLEAN +EFIAPI +ArchIsRngSupported ( + VOID + ); + +#if defined (MDE_CPU_AARCH64) + +// RNDR, Random Number +#define RNDR S3_3_C2_C4_0 + +#endif + +#endif // BASE_RNGLIB_INTERNALS_H_ diff --git a/MdePkg/Library/BaseRngLib/AArch64/Rndr.c b/MdePkg/Library/Base= RngLib/AArch64/Rndr.c new file mode 100644 index 000000000000..c9f8c813ed35 --- /dev/null +++ b/MdePkg/Library/BaseRngLib/AArch64/Rndr.c @@ -0,0 +1,139 @@ +/** @file + Random number generator service that uses the RNDR instruction + to provide pseudorandom numbers. + + Copyright (c) 2021, NUVIA Inc. All rights reserved.
+ Copyright (c) 2015, Intel Corporation. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include + +#include "ArmRng.h" +#include "BaseRngLibInternals.h" + +STATIC BOOLEAN mRndrSupported; + +// +// Bit mask used to determine if RNDR instruction is supported. +// +#define RNDR_MASK ((UINT64)MAX_UINT16 << 60U) + +/** + The constructor function checks whether or not RNDR instruction is suppo= rted + by the host hardware. + + The constructor function checks whether or not RNDR instruction is suppo= rted. + It will ASSERT() if RNDR instruction is not supported. + It will always return EFI_SUCCESS. + + @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS. + +**/ +EFI_STATUS +EFIAPI +BaseRngLibConstructor ( + VOID + ) +{ + UINT64 Isar0; + // + // Determine RNDR support by examining bits 63:60 of the ISAR0 register = returned by + // MSR. A non-zero value indicates that the processor supports the RNDR = instruction. + // + Isar0 =3D ArmReadIdIsar0 (); + ASSERT ((Isar0 & RNDR_MASK) !=3D 0); + + mRndrSupported =3D ((Isar0 & RNDR_MASK) !=3D 0); + + return EFI_SUCCESS; +} + +/** + Generates a 16-bit random number. + + @param[out] Rand Buffer pointer to store the 16-bit random value. + + @retval TRUE Random number generated successfully. + @retval FALSE Failed to generate the random number. + +**/ +BOOLEAN +EFIAPI +ArchGetRandomNumber16 ( + OUT UINT16 *Rand + ) +{ + UINT64 Rand64; + + if (ArchGetRandomNumber64 (&Rand64)) { + *Rand =3D Rand64 & MAX_UINT16; + return TRUE; + } + + return FALSE; +} + +/** + Generates a 32-bit random number. + + @param[out] Rand Buffer pointer to store the 32-bit random value. + + @retval TRUE Random number generated successfully. + @retval FALSE Failed to generate the random number. + +**/ +BOOLEAN +EFIAPI +ArchGetRandomNumber32 ( + OUT UINT32 *Rand + ) +{ + UINT64 Rand64; + + if (ArchGetRandomNumber64 (&Rand64)) { + *Rand =3D Rand64 & MAX_UINT32; + return TRUE; + } + + return FALSE; +} + +/** + Generates a 64-bit random number. + + @param[out] Rand Buffer pointer to store the 64-bit random value. + + @retval TRUE Random number generated successfully. + @retval FALSE Failed to generate the random number. + +**/ +BOOLEAN +EFIAPI +ArchGetRandomNumber64 ( + OUT UINT64 *Rand + ) +{ + return ArmRndr (Rand); +} + +/** + Checks whether RNDR is supported. + + @retval TRUE RNDR is supported. + @retval FALSE RNDR is not supported. + +**/ +BOOLEAN +EFIAPI +ArchIsRngSupported ( + VOID + ) +{ + return mRndrSupported; +} diff --git a/MdePkg/Library/BaseRngLib/BaseRng.c b/MdePkg/Library/BaseRngLi= b/BaseRng.c index 7ad7aec9d38f..5b63d8f7146b 100644 --- a/MdePkg/Library/BaseRngLib/BaseRng.c +++ b/MdePkg/Library/BaseRngLib/BaseRng.c @@ -1,8 +1,10 @@ /** @file - Random number generator services that uses RdRand instruction access - to provide high-quality random numbers. + Random number generator services that uses CPU RNG instructions to + provide random numbers. =20 +Copyright (c) 2021, NUVIA Inc. All rights reserved.
Copyright (c) 2015, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -10,46 +12,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include =20 -// -// Bit mask used to determine if RdRand instruction is supported. -// -#define RDRAND_MASK BIT30 +#include "BaseRngLibInternals.h" =20 // // Limited retry number when valid random data is returned. // Uses the recommended value defined in Section 7.3.17 of "Intel 64 and I= A-32 -// Architectures Software Developer's Mannual". +// Architectures Software Developer's Manual". // -#define RDRAND_RETRY_LIMIT 10 +#define GETRANDOM_RETRY_LIMIT 10 =20 -/** - The constructor function checks whether or not RDRAND instruction is sup= ported - by the host hardware. - - The constructor function checks whether or not RDRAND instruction is sup= ported. - It will ASSERT() if RDRAND instruction is not supported. - It will always return RETURN_SUCCESS. - - @retval RETURN_SUCCESS The constructor always returns EFI_SUCCESS. - -**/ -RETURN_STATUS -EFIAPI -BaseRngLibConstructor ( - VOID - ) -{ - UINT32 RegEcx; - - // - // Determine RDRAND support by examining bit 30 of the ECX register retu= rned by - // CPUID. A value of 1 indicates that processor support RDRAND instructi= on. - // - AsmCpuid (1, 0, 0, &RegEcx, 0); - ASSERT ((RegEcx & RDRAND_MASK) =3D=3D RDRAND_MASK); - - return RETURN_SUCCESS; -} =20 /** Generates a 16-bit random number. @@ -72,11 +43,19 @@ GetRandomNumber16 ( =20 ASSERT (Rand !=3D NULL); =20 + if (Rand =3D=3D NULL) { + return FALSE; + } + + if (!ArchIsRngSupported ()) { + return FALSE; + } + // // A loop to fetch a 16 bit random value with a retry count limit. // - for (Index =3D 0; Index < RDRAND_RETRY_LIMIT; Index++) { - if (AsmRdRand16 (Rand)) { + for (Index =3D 0; Index < GETRANDOM_RETRY_LIMIT; Index++) { + if (ArchGetRandomNumber16 (Rand)) { return TRUE; } } @@ -105,11 +84,19 @@ GetRandomNumber32 ( =20 ASSERT (Rand !=3D NULL); =20 + if (Rand =3D=3D NULL) { + return FALSE; + } + + if (!ArchIsRngSupported ()) { + return FALSE; + } + // // A loop to fetch a 32 bit random value with a retry count limit. // - for (Index =3D 0; Index < RDRAND_RETRY_LIMIT; Index++) { - if (AsmRdRand32 (Rand)) { + for (Index =3D 0; Index < GETRANDOM_RETRY_LIMIT; Index++) { + if (ArchGetRandomNumber32 (Rand)) { return TRUE; } } @@ -138,11 +125,19 @@ GetRandomNumber64 ( =20 ASSERT (Rand !=3D NULL); =20 + if (Rand =3D=3D NULL) { + return FALSE; + } + + if (!ArchIsRngSupported ()) { + return FALSE; + } + // // A loop to fetch a 64 bit random value with a retry count limit. // - for (Index =3D 0; Index < RDRAND_RETRY_LIMIT; Index++) { - if (AsmRdRand64 (Rand)) { + for (Index =3D 0; Index < GETRANDOM_RETRY_LIMIT; Index++) { + if (ArchGetRandomNumber64 (Rand)) { return TRUE; } } @@ -169,6 +164,14 @@ GetRandomNumber128 ( { ASSERT (Rand !=3D NULL); =20 + if (Rand =3D=3D NULL) { + return FALSE; + } + + if (!ArchIsRngSupported ()) { + return FALSE; + } + // // Read first 64 bits // diff --git a/MdePkg/Library/BaseRngLib/Rand/RdRand.c b/MdePkg/Library/BaseR= ngLib/Rand/RdRand.c new file mode 100644 index 000000000000..09fb875ac3f9 --- /dev/null +++ b/MdePkg/Library/BaseRngLib/Rand/RdRand.c @@ -0,0 +1,131 @@ +/** @file + Random number generator services that uses RdRand instruction access + to provide high-quality random numbers. + +Copyright (c) 2021, NUVIA Inc. All rights reserved.
+Copyright (c) 2015, Intel Corporation. All rights reserved.
+ +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include + +#include "BaseRngLibInternals.h" + +// +// Bit mask used to determine if RdRand instruction is supported. +// +#define RDRAND_MASK BIT30 + + +STATIC BOOLEAN mRdRandSupported; + +/** + The constructor function checks whether or not RDRAND instruction is sup= ported + by the host hardware. + + The constructor function checks whether or not RDRAND instruction is sup= ported. + It will ASSERT() if RDRAND instruction is not supported. + It will always return EFI_SUCCESS. + + @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS. + +**/ +EFI_STATUS +EFIAPI +BaseRngLibConstructor ( + VOID + ) +{ + UINT32 RegEcx; + + // + // Determine RDRAND support by examining bit 30 of the ECX register retu= rned by + // CPUID. A value of 1 indicates that processor support RDRAND instructi= on. + // + AsmCpuid (1, 0, 0, &RegEcx, 0); + ASSERT ((RegEcx & RDRAND_MASK) =3D=3D RDRAND_MASK); + + mRdRandSupported =3D ((RegEcx & RDRAND_MASK) =3D=3D RDRAND_MASK); + + return EFI_SUCCESS; +} + +/** + Generates a 16-bit random number. + + @param[out] Rand Buffer pointer to store the 16-bit random value. + + @retval TRUE Random number generated successfully. + @retval FALSE Failed to generate the random number. + +**/ +BOOLEAN +EFIAPI +ArchGetRandomNumber16 ( + OUT UINT16 *Rand + ) +{ + return AsmRdRand16 (Rand); +} + +/** + Generates a 32-bit random number. + + @param[out] Rand Buffer pointer to store the 32-bit random value. + + @retval TRUE Random number generated successfully. + @retval FALSE Failed to generate the random number. + +**/ +BOOLEAN +EFIAPI +ArchGetRandomNumber32 ( + OUT UINT32 *Rand + ) +{ + return AsmRdRand32 (Rand); +} + +/** + Generates a 64-bit random number. + + @param[out] Rand Buffer pointer to store the 64-bit random value. + + @retval TRUE Random number generated successfully. + @retval FALSE Failed to generate the random number. + +**/ +BOOLEAN +EFIAPI +ArchGetRandomNumber64 ( + OUT UINT64 *Rand + ) +{ + return AsmRdRand64 (Rand); +} + +/** + Checks whether RDRAND is supported. + + @retval TRUE RDRAND is supported. + @retval FALSE RDRAND is not supported. + +**/ +BOOLEAN +EFIAPI +ArchIsRngSupported ( + VOID + ) +{ + /* + Existing software depends on this always returning TRUE, so for + now hard-code it. + + return mRdRandSupported; + */ + return TRUE; +} diff --git a/MdePkg/Library/BaseRngLib/AArch64/ArmReadIdIsar0.S b/MdePkg/Li= brary/BaseRngLib/AArch64/ArmReadIdIsar0.S new file mode 100644 index 000000000000..82a00d362212 --- /dev/null +++ b/MdePkg/Library/BaseRngLib/AArch64/ArmReadIdIsar0.S @@ -0,0 +1,31 @@ +#-------------------------------------------------------------------------= ----- +# +# ArmReadIdIsar0() for AArch64 +# +# Copyright (c) 2021, NUVIA Inc. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +#-------------------------------------------------------------------------= ----- + +.text +.p2align 2 +GCC_ASM_EXPORT(ArmReadIdIsar0) + +#/** +# Reads the ID_AA64ISAR0 Register. +# +# @return The contents of the ID_AA64ISAR0 register. +# +#**/ +#UINT64 +#EFIAPI +#ArmReadIdIsar0 ( +# VOID +# ); +# +ASM_PFX(ArmReadIdIsar0): + mrs x0, id_aa64isar0_el1 // Read ID_AA64ISAR0 Register + ret + + diff --git a/MdePkg/Library/BaseRngLib/AArch64/ArmReadIdIsar0.asm b/MdePkg/= Library/BaseRngLib/AArch64/ArmReadIdIsar0.asm new file mode 100644 index 000000000000..1d9f9a808c0c --- /dev/null +++ b/MdePkg/Library/BaseRngLib/AArch64/ArmReadIdIsar0.asm @@ -0,0 +1,30 @@ +;-------------------------------------------------------------------------= ----- +; +; ArmReadIdIsar0() for AArch64 +; +; Copyright (c) 2021, NUVIA Inc. All rights reserved.
+; +; SPDX-License-Identifier: BSD-2-Clause-Patent +; +;-------------------------------------------------------------------------= ----- + + EXPORT ArmReadIdIsar0 + AREA BaseLib_LowLevel, CODE, READONLY + +;/** +; Reads the ID_AA64ISAR0 Register. +; +; @return The contents of the ID_AA64ISAR0 register. +; +;**/ +;UINT64 +;EFIAPI +;ArmReadIdIsar0 ( +; VOID +; ); +; +ArmReadIdIsar0 + mrs x0, id_aa64isar0_el1 // Read ID_AA64ISAR0 Register + ret + + END diff --git a/MdePkg/Library/BaseRngLib/AArch64/ArmRng.S b/MdePkg/Library/Ba= seRngLib/AArch64/ArmRng.S new file mode 100644 index 000000000000..5159f467e3a6 --- /dev/null +++ b/MdePkg/Library/BaseRngLib/AArch64/ArmRng.S @@ -0,0 +1,37 @@ +#-------------------------------------------------------------------------= ----- +# +# ArmRndr() for AArch64 +# +# Copyright (c) 2021, NUVIA Inc. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +#-------------------------------------------------------------------------= ----- + +#include "BaseRngLibInternals.h" + +.text +.p2align 2 +GCC_ASM_EXPORT(ArmRndr) + +#/** +# Generates a random number using RNDR. +# Returns TRUE on success; FALSE on failure. +# +# @param[out] Rand Buffer pointer to store the 64-bit random value. +# +# @retval TRUE Random number generated successfully. +# @retval FALSE Failed to generate the random number. +# +#**/ +#BOOLEAN +#EFIAPI +#ArmRndr ( +# OUT UINT64 *Rand +# ); +# +ASM_PFX(ArmRndr): + mrs x1, RNDR + str x1, [x0] + cset x0, ne // RNDR sets NZCV to 0b0100 on failure + ret diff --git a/MdePkg/Library/BaseRngLib/AArch64/ArmRng.asm b/MdePkg/Library/= BaseRngLib/AArch64/ArmRng.asm new file mode 100644 index 000000000000..33144196cb54 --- /dev/null +++ b/MdePkg/Library/BaseRngLib/AArch64/ArmRng.asm @@ -0,0 +1,39 @@ +;-------------------------------------------------------------------------= ----- +; +; ArmRndr() for AArch64 +; +; Copyright (c) 2021, NUVIA Inc. All rights reserved.
+; +; SPDX-License-Identifier: BSD-2-Clause-Patent +; +;-------------------------------------------------------------------------= ----- + +#include "BaseRngLibInternals.h" + + EXPORT ArmRndr + AREA BaseLib_LowLevel, CODE, READONLY + + +;/** +; Generates a random number using RNDR. +; Returns TRUE on success; FALSE on failure. +; +; @param[out] Rand Buffer pointer to store the 64-bit random value. +; +; @retval TRUE Random number generated successfully. +; @retval FALSE Failed to generate the random number. +; +;**/ +;BOOLEAN +;EFIAPI +;ArmRndr ( +; OUT UINT64 *Rand +; ); +; +ArmRndr + mrs x1, RNDR + str x1, [x0] + cset x0, ne // RNDR sets NZCV to 0b0100 on failure + ret + + END diff --git a/MdePkg/Library/BaseRngLib/BaseRngLib.uni b/MdePkg/Library/Base= RngLib/BaseRngLib.uni index f3ed954c5209..de5d4f9dd869 100644 --- a/MdePkg/Library/BaseRngLib/BaseRngLib.uni +++ b/MdePkg/Library/BaseRngLib/BaseRngLib.uni @@ -1,8 +1,8 @@ // /** @file // Instance of RNG (Random Number Generator) Library. // -// BaseRng Library that uses CPU RdRand instruction access to provide -// high-quality random numbers. +// BaseRng Library that uses CPU RNG instructions to provide +// random numbers. // // Copyright (c) 2015, Intel Corporation. All rights reserved.
// @@ -13,5 +13,5 @@ =20 #string STR_MODULE_ABSTRACT #language en-US "Instance of RNG L= ibrary" =20 -#string STR_MODULE_DESCRIPTION #language en-US "BaseRng Library t= hat uses CPU RdRand instruction access to provide high-quality random numbe= rs" +#string STR_MODULE_DESCRIPTION #language en-US "BaseRng Library t= hat uses CPU RNG instructions to provide random numbers" =20 --=20 2.26.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#74926): https://edk2.groups.io/g/devel/message/74926 Mute This Topic: https://groups.io/mt/82732211/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 17:15:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+74927+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+74927+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1620683600; cv=none; d=zohomail.com; s=zohoarc; b=aaG1eg7S1E5hFs15qGuqoRgdY0irh/jHTvZr6aDmxkQrCPiKFE7PRQwUQ5ao1MktSAwtvrnZDrgrpQZ0VsADxdGN31dsphUkqmp6kDYvksu6Dx9rF1lIDB0iKATQLGbwnQRGxpQheQ3TcYUeijWYmxef+5cJk3g0WG2SQoBCEnk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1620683600; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=L+TwOzBJHx1glDMshGp9B7gCfpgkwLx/YRzTk+Tmo0c=; b=nYdQljDHNh1whWAxLzXRK1yvcbi0FMuV7elkZeEqpbWEIevdmudRA0rU6046CE5wRAHFUyfueP+XfJGpKyg9FlAoh83ww6m5GED6kIwKr6eXSvCawkC1l9Hml3WTdAYgGWo68zsW01y8nYXogiAtBkCEM9sdmV0Tx9r6oMihNcY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+74927+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1620683600836296.3322737888162; Mon, 10 May 2021 14:53:20 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id X1v5YY1788612xqCi8ZERQHL; Mon, 10 May 2021 14:53:20 -0700 X-Received: from mail-io1-f51.google.com (mail-io1-f51.google.com [209.85.166.51]) by mx.groups.io with SMTP id smtpd.web08.4296.1620683599593191034 for ; Mon, 10 May 2021 14:53:19 -0700 X-Received: by mail-io1-f51.google.com with SMTP id z24so16273378ioi.3 for ; Mon, 10 May 2021 14:53:19 -0700 (PDT) X-Gm-Message-State: 0WrZAYtOA0cmWet91ZX4c4VJx1787277AA= X-Google-Smtp-Source: ABdhPJyAukFifzKUc1GqRbjbce2qHKJGpg6v/AZaONyScFQCX4ylW5c8Zj/tt97pWP3YNHCTC3z66A== X-Received: by 2002:a02:83c2:: with SMTP id j2mr15290877jah.6.1620683598270; Mon, 10 May 2021 14:53:18 -0700 (PDT) X-Received: from cube.nuviainc.com (c-174-52-16-57.hsd1.ut.comcast.net. [174.52.16.57]) by smtp.gmail.com with ESMTPSA id s6sm6707320iob.45.2021.05.10.14.53.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 10 May 2021 14:53:17 -0700 (PDT) From: "Rebecca Cran" To: devel@edk2.groups.io, Jiewen Yao , Jian J Wang , Michael D Kinney , Liming Gao , Zhiguang Liu , Ard Biesheuvel , Sami Mujawar Cc: Rebecca Cran Subject: [edk2-devel] [PATCH v3 2/2] SecurityPkg: Add support for RngDxe on AARCH64 Date: Mon, 10 May 2021 15:53:08 -0600 Message-Id: <20210510215308.28745-3-rebecca@nuviainc.com> In-Reply-To: <20210510215308.28745-1-rebecca@nuviainc.com> References: <20210510215308.28745-1-rebecca@nuviainc.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,rebecca@nuviainc.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1620683600; bh=dokyDpjsnHANESSFBsY6ZAfZUD+jyv1liXSN5bA1Wkg=; h=Cc:Date:From:Reply-To:Subject:To; b=mkUJ4I98bNtT/SGwo8BAKNbQLnpUyJDNv0E5dIbjWdFWgdzbEO4JX/RaESlS3EOg9vI fLzSCBMaEjdErx5TFLQnYWJKqWg26BXFtom5UQMp3re1PjVgfNO905MhpnscyoDH7l0Vr Lq4dNBFcoavU5tWTixmddq8TANTkQIRotfU= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" AARCH64 support has been added to BaseRngLib via the optional ARMv8.5 FEAT_RNG. Refactor RngDxe to support AARCH64, note support for it in the VALID_ARCHITECTURES line of RngDxe.inf and enable it in SecurityPkg.dsc. Signed-off-by: Rebecca Cran Acked-by: Jiewen Yao Reviewed-by: Liming Gao Reviewed-by: Sami Mujawar --- SecurityPkg/SecurityPkg.dec | 2 + SecurityPkg/SecurityPkg.dsc | 11 +- SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf | 24 ++- SecurityPkg/RandomNumberGenerator/RngDxe/{ =3D> Rand}/AesCore.h | 0 SecurityPkg/RandomNumberGenerator/RngDxe/{ =3D> Rand}/RdRand.h | 17 -- SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h | 117 ++++++= ++++++++ SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c | 127 ++++++= +++++++++ SecurityPkg/RandomNumberGenerator/RngDxe/{ =3D> Rand}/AesCore.c | 0 SecurityPkg/RandomNumberGenerator/RngDxe/{ =3D> Rand}/RdRand.c | 45 +---= -- SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c | 146 ++++++= +++++++++++ SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c | 170 ++++++= ++------------ 11 files changed, 483 insertions(+), 176 deletions(-) diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index dfbbb0365a2b..4001650fa28e 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -297,6 +297,8 @@ [PcdsFixedAtBuild, PcdsPatchableInModule] gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeFvVerificationPass|0x0303100A= |UINT32|0x00010030 gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeFvVerificationFail|0x0303100B= |UINT32|0x00010031 =20 + gEfiSecurityPkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm|{0x00,0x00,0x0= 0,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}|VOID*|0= x00010032 + [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] ## Image verification policy for OptionRom. Only following values are va= lid:

# NOTE: Do NOT use 0x5 and 0x2 since it violates the UEFI specification= and has been removed.
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index 12ccd1634941..bd4b810bce61 100644 --- a/SecurityPkg/SecurityPkg.dsc +++ b/SecurityPkg/SecurityPkg.dsc @@ -259,6 +259,12 @@ [Components] [Components.IA32, Components.X64, Components.ARM, Components.AARCH64] SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf =20 +[Components.IA32, Components.X64, Components.AARCH64] + # + # Random Number Generator + # + SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf + [Components.IA32, Components.X64] SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDx= e.inf =20 @@ -334,11 +340,6 @@ [Components.IA32, Components.X64] SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLi= b.inf SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/StandaloneMmTcg2PhysicalP= resenceLib.inf =20 - # - # Random Number Generator - # - SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf - # # Opal Password solution # diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf b/Security= Pkg/RandomNumberGenerator/RngDxe/RngDxe.inf index 99d6f6b35fc2..f3300971993f 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf @@ -26,15 +26,22 @@ [Defines] # # The following information is for reference only and not required by the = build tools. # -# VALID_ARCHITECTURES =3D IA32 X64 +# VALID_ARCHITECTURES =3D IA32 X64 AARCH64 # =20 [Sources.common] RngDxe.c - RdRand.c - RdRand.h - AesCore.c - AesCore.h + RngDxeInternals.h + +[Sources.IA32, Sources.X64] + Rand/RngDxe.c + Rand/RdRand.c + Rand/RdRand.h + Rand/AesCore.c + Rand/AesCore.h + +[Sources.AARCH64] + AArch64/RngDxe.c =20 [Packages] MdePkg/MdePkg.dec @@ -50,12 +57,19 @@ [LibraryClasses] RngLib =20 [Guids] + gEfiRngAlgorithmSp80090Hash256Guid ## SOMETIMES_PRODUCES ## GUID = # Unique ID of the algorithm for RNG + gEfiRngAlgorithmSp80090Hmac256Guid ## SOMETIMES_PRODUCES ## GUID = # Unique ID of the algorithm for RNG gEfiRngAlgorithmSp80090Ctr256Guid ## SOMETIMES_PRODUCES ## GUID = # Unique ID of the algorithm for RNG + gEfiRngAlgorithmX9313DesGuid ## SOMETIMES_PRODUCES ## GUID = # Unique ID of the algorithm for RNG + gEfiRngAlgorithmX931AesGuid ## SOMETIMES_PRODUCES ## GUID = # Unique ID of the algorithm for RNG gEfiRngAlgorithmRaw ## SOMETIMES_PRODUCES ## GUID = # Unique ID of the algorithm for RNG =20 [Protocols] gEfiRngProtocolGuid ## PRODUCES =20 +[Pcd] + gEfiSecurityPkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm ## CONSUM= ES + [Depex] TRUE =20 diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h b/SecurityP= kg/RandomNumberGenerator/RngDxe/Rand/AesCore.h similarity index 100% rename from SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h rename to SecurityPkg/RandomNumberGenerator/RngDxe/Rand/AesCore.h diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.h b/SecurityPk= g/RandomNumberGenerator/RngDxe/Rand/RdRand.h similarity index 72% rename from SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.h rename to SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RdRand.h index 12ab1f34ec6d..072378e062e7 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.h +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RdRand.h @@ -23,23 +23,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include =20 -/** - Calls RDRAND to fill a buffer of arbitrary size with random bytes. - - @param[in] Length Size of the buffer, in bytes, to fill with. - @param[out] RandBuffer Pointer to the buffer to store the random res= ult. - - @retval EFI_SUCCESS Random bytes generation succeeded. - @retval EFI_NOT_READY Failed to request random bytes. - -**/ -EFI_STATUS -EFIAPI -RdRandGetBytes ( - IN UINTN Length, - OUT UINT8 *RandBuffer - ); - /** Generate high-quality entropy source through RDRAND. =20 diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h b/S= ecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h new file mode 100644 index 000000000000..2660ed5875e0 --- /dev/null +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h @@ -0,0 +1,117 @@ +/** @file + Function prototypes for UEFI Random Number Generator protocol support. + + Copyright (c) 2021, NUVIA Inc. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef RNGDXE_INTERNALS_H_ +#define RNGDXE_INTERNALS_H_ + +/** + Returns information about the random number generation implementation. + + @param[in] This A pointer to the EFI_RNG_PROTOCOL in= stance. + @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAl= gorithmList. + On output with a return code of EFI_= SUCCESS, the size + in bytes of the data returned in RNG= AlgorithmList. On output + with a return code of EFI_BUFFER_TOO= _SMALL, + the size of RNGAlgorithmList require= d to obtain the list. + @param[out] RNGAlgorithmList A caller-allocated memory buffer fil= led by the driver + with one EFI_RNG_ALGORITHM element f= or each supported + RNG algorithm. The list must not cha= nge across multiple + calls to the same driver. The first = algorithm in the list + is the default algorithm for the dri= ver. + + @retval EFI_SUCCESS The RNG algorithm list was returned = successfully. + @retval EFI_UNSUPPORTED The services is not supported by thi= s driver. + @retval EFI_DEVICE_ERROR The list of algorithms could not be = retrieved due to a + hardware or firmware error. + @retval EFI_INVALID_PARAMETER One or more of the parameters are in= correct. + @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too s= mall to hold the result. + +**/ +EFI_STATUS +EFIAPI +RngGetInfo ( + IN EFI_RNG_PROTOCOL *This, + IN OUT UINTN *RNGAlgorithmListSize, + OUT EFI_RNG_ALGORITHM *RNGAlgorithmList + ); + +/** + Produces and returns an RNG value using either the default or specified = RNG algorithm. + + @param[in] This A pointer to the EFI_RNG_PROTOCOL in= stance. + @param[in] RNGAlgorithm A pointer to the EFI_RNG_ALGORITHM t= hat identifies the RNG + algorithm to use. May be NULL in whi= ch case the function will + use its default RNG algorithm. + @param[in] RNGValueLength The length in bytes of the memory bu= ffer pointed to by + RNGValue. The driver shall return ex= actly this numbers of bytes. + @param[out] RNGValue A caller-allocated memory buffer fil= led by the driver with the + resulting RNG value. + + @retval EFI_SUCCESS The RNG value was returned successfu= lly. + @retval EFI_UNSUPPORTED The algorithm specified by RNGAlgori= thm is not supported by + this driver. + @retval EFI_DEVICE_ERROR An RNG value could not be retrieved = due to a hardware or + firmware error. + @retval EFI_NOT_READY There is not enough random data avai= lable to satisfy the length + requested by RNGValueLength. + @retval EFI_INVALID_PARAMETER RNGValue is NULL or RNGValueLength i= s zero. + +**/ +EFI_STATUS +EFIAPI +RngGetRNG ( + IN EFI_RNG_PROTOCOL *This, + IN EFI_RNG_ALGORITHM *RNGAlgorithm, OPTIONAL + IN UINTN RNGValueLength, + OUT UINT8 *RNGValue + ); + +/** + Returns information about the random number generation implementation. + + @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAl= gorithmList. + On output with a return code of EFI_= SUCCESS, the size + in bytes of the data returned in RNG= AlgorithmList. On output + with a return code of EFI_BUFFER_TOO= _SMALL, + the size of RNGAlgorithmList require= d to obtain the list. + @param[out] RNGAlgorithmList A caller-allocated memory buffer fil= led by the driver + with one EFI_RNG_ALGORITHM element f= or each supported + RNG algorithm. The list must not cha= nge across multiple + calls to the same driver. The first = algorithm in the list + is the default algorithm for the dri= ver. + + @retval EFI_SUCCESS The RNG algorithm list was returned = successfully. + @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too s= mall to hold the result. + +**/ +UINTN +EFIAPI +ArchGetSupportedRngAlgorithms ( + IN OUT UINTN *RNGAlgorithmListSize, + OUT EFI_RNG_ALGORITHM *RNGAlgorithmList + ); + +/** + Runs CPU RNG instruction to fill a buffer of arbitrary size with random = bytes. + + @param[in] Length Size of the buffer, in bytes, to fill with. + @param[out] RandBuffer Pointer to the buffer to store the random res= ult. + + @retval EFI_SUCCESS Random bytes generation succeeded. + @retval EFI_NOT_READY Failed to request random bytes. + +**/ +EFI_STATUS +EFIAPI +RngGetBytes ( + IN UINTN Length, + OUT UINT8 *RandBuffer + ); + +#endif // RNGDXE_INTERNALS_H_ diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c b/Se= curityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c new file mode 100644 index 000000000000..2810a9eb94ad --- /dev/null +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c @@ -0,0 +1,127 @@ +/** @file + RNG Driver to produce the UEFI Random Number Generator protocol. + + The driver will use the RNDR instruction to produce random numbers. + + RNG Algorithms defined in UEFI 2.4: + - EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID + - EFI_RNG_ALGORITHM_RAW - Unsupported + - EFI_RNG_ALGORITHM_SP800_90_HMAC_256_GUID + - EFI_RNG_ALGORITHM_SP800_90_HASH_256_GUID + - EFI_RNG_ALGORITHM_X9_31_3DES_GUID - Unsupported + - EFI_RNG_ALGORITHM_X9_31_AES_GUID - Unsupported + + Copyright (c) 2021, NUVIA Inc. All rights reserved.
+ Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+ (C) Copyright 2015 Hewlett Packard Enterprise Development LP
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include + +#include "RngDxeInternals.h" + +/** + Produces and returns an RNG value using either the default or specified = RNG algorithm. + + @param[in] This A pointer to the EFI_RNG_PROTOCOL in= stance. + @param[in] RNGAlgorithm A pointer to the EFI_RNG_ALGORITHM t= hat identifies the RNG + algorithm to use. May be NULL in whi= ch case the function will + use its default RNG algorithm. + @param[in] RNGValueLength The length in bytes of the memory bu= ffer pointed to by + RNGValue. The driver shall return ex= actly this numbers of bytes. + @param[out] RNGValue A caller-allocated memory buffer fil= led by the driver with the + resulting RNG value. + + @retval EFI_SUCCESS The RNG value was returned successfu= lly. + @retval EFI_UNSUPPORTED The algorithm specified by RNGAlgori= thm is not supported by + this driver. + @retval EFI_DEVICE_ERROR An RNG value could not be retrieved = due to a hardware or + firmware error. + @retval EFI_NOT_READY There is not enough random data avai= lable to satisfy the length + requested by RNGValueLength. + @retval EFI_INVALID_PARAMETER RNGValue is NULL or RNGValueLength i= s zero. + +**/ +EFI_STATUS +EFIAPI +RngGetRNG ( + IN EFI_RNG_PROTOCOL *This, + IN EFI_RNG_ALGORITHM *RNGAlgorithm, OPTIONAL + IN UINTN RNGValueLength, + OUT UINT8 *RNGValue + ) +{ + EFI_STATUS Status; + + if ((RNGValueLength =3D=3D 0) || (RNGValue =3D=3D NULL)) { + return EFI_INVALID_PARAMETER; + } + + if (RNGAlgorithm =3D=3D NULL) { + // + // Use the default RNG algorithm if RNGAlgorithm is NULL. + // + RNGAlgorithm =3D PcdGetPtr (PcdCpuRngSupportedAlgorithm); + } + + if (CompareGuid (RNGAlgorithm, PcdGetPtr (PcdCpuRngSupportedAlgorithm)))= { + Status =3D RngGetBytes (RNGValueLength, RNGValue); + return Status; + } + + // + // Other algorithms are unsupported by this driver. + // + return EFI_UNSUPPORTED; +} + +/** + Returns information about the random number generation implementation. + + @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAl= gorithmList. + On output with a return code of EFI_= SUCCESS, the size + in bytes of the data returned in RNG= AlgorithmList. On output + with a return code of EFI_BUFFER_TOO= _SMALL, + the size of RNGAlgorithmList require= d to obtain the list. + @param[out] RNGAlgorithmList A caller-allocated memory buffer fil= led by the driver + with one EFI_RNG_ALGORITHM element f= or each supported + RNG algorithm. The list must not cha= nge across multiple + calls to the same driver. The first = algorithm in the list + is the default algorithm for the dri= ver. + + @retval EFI_SUCCESS The RNG algorithm list was returned = successfully. + @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too s= mall to hold the result. + +**/ +UINTN +EFIAPI +ArchGetSupportedRngAlgorithms ( + IN OUT UINTN *RNGAlgorithmListSize, + OUT EFI_RNG_ALGORITHM *RNGAlgorithmList + ) +{ + UINTN RequiredSize; + EFI_RNG_ALGORITHM *CpuRngSupportedAlgorithm; + + RequiredSize =3D sizeof (EFI_RNG_ALGORITHM); + + if (*RNGAlgorithmListSize < RequiredSize) { + *RNGAlgorithmListSize =3D RequiredSize; + return EFI_BUFFER_TOO_SMALL; + } + + CpuRngSupportedAlgorithm =3D PcdGetPtr (PcdCpuRngSupportedAlgorithm); + + CopyMem(&RNGAlgorithmList[0], CpuRngSupportedAlgorithm, sizeof (EFI_RNG_= ALGORITHM)); + + *RNGAlgorithmListSize =3D RequiredSize; + return EFI_SUCCESS; +} + diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c b/SecurityP= kg/RandomNumberGenerator/RngDxe/Rand/AesCore.c similarity index 100% rename from SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c rename to SecurityPkg/RandomNumberGenerator/RngDxe/Rand/AesCore.c diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.c b/SecurityPk= g/RandomNumberGenerator/RngDxe/Rand/RdRand.c similarity index 71% rename from SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.c rename to SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RdRand.c index e7dd5ab18111..83025a47d43d 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RdRand.c @@ -8,48 +8,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/ #include =20 -#include "RdRand.h" #include "AesCore.h" - -/** - Calls RDRAND to fill a buffer of arbitrary size with random bytes. - - @param[in] Length Size of the buffer, in bytes, to fill with. - @param[out] RandBuffer Pointer to the buffer to store the random res= ult. - - @retval EFI_SUCCESS Random bytes generation succeeded. - @retval EFI_NOT_READY Failed to request random bytes. - -**/ -EFI_STATUS -EFIAPI -RdRandGetBytes ( - IN UINTN Length, - OUT UINT8 *RandBuffer - ) -{ - BOOLEAN IsRandom; - UINT64 TempRand[2]; - - while (Length > 0) { - IsRandom =3D GetRandomNumber128 (TempRand); - if (!IsRandom) { - return EFI_NOT_READY; - } - if (Length >=3D sizeof (TempRand)) { - WriteUnaligned64 ((UINT64*)RandBuffer, TempRand[0]); - RandBuffer +=3D sizeof (UINT64); - WriteUnaligned64 ((UINT64*)RandBuffer, TempRand[1]); - RandBuffer +=3D sizeof (UINT64); - Length -=3D sizeof (TempRand); - } else { - CopyMem (RandBuffer, TempRand, Length); - Length =3D 0; - } - } - - return EFI_SUCCESS; -} +#include "RdRand.h" +#include "RngDxeInternals.h" =20 /** Creates a 128bit random value that is fully forward and backward predict= ion resistant, @@ -92,7 +53,7 @@ RdRandGetSeed128 ( // for (Index =3D 0; Index < 32; Index++) { MicroSecondDelay (10); - Status =3D RdRandGetBytes (16, RandByte); + Status =3D RngGetBytes (16, RandByte); if (EFI_ERROR (Status)) { return Status; } diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c b/Secur= ityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c new file mode 100644 index 000000000000..6b628a9f8bc6 --- /dev/null +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c @@ -0,0 +1,146 @@ +/** @file + RNG Driver to produce the UEFI Random Number Generator protocol. + + The driver will use the new RDRAND instruction to produce high-quality, = high-performance + entropy and random number. + + RNG Algorithms defined in UEFI 2.4: + - EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID - Supported + (RDRAND implements a hardware NIST SP800-90 AES-CTR-256 based DRBG) + - EFI_RNG_ALGORITHM_RAW - Supported + (Structuring RDRAND invocation can be guaranteed as high-quality entr= opy source) + - EFI_RNG_ALGORITHM_SP800_90_HMAC_256_GUID - Unsupported + - EFI_RNG_ALGORITHM_SP800_90_HASH_256_GUID - Unsupported + - EFI_RNG_ALGORITHM_X9_31_3DES_GUID - Unsupported + - EFI_RNG_ALGORITHM_X9_31_AES_GUID - Unsupported + + Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+ (C) Copyright 2015 Hewlett Packard Enterprise Development LP
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "RdRand.h" +#include "RngDxeInternals.h" + +/** + Produces and returns an RNG value using either the default or specified = RNG algorithm. + + @param[in] This A pointer to the EFI_RNG_PROTOCOL in= stance. + @param[in] RNGAlgorithm A pointer to the EFI_RNG_ALGORITHM t= hat identifies the RNG + algorithm to use. May be NULL in whi= ch case the function will + use its default RNG algorithm. + @param[in] RNGValueLength The length in bytes of the memory bu= ffer pointed to by + RNGValue. The driver shall return ex= actly this numbers of bytes. + @param[out] RNGValue A caller-allocated memory buffer fil= led by the driver with the + resulting RNG value. + + @retval EFI_SUCCESS The RNG value was returned successfu= lly. + @retval EFI_UNSUPPORTED The algorithm specified by RNGAlgori= thm is not supported by + this driver. + @retval EFI_DEVICE_ERROR An RNG value could not be retrieved = due to a hardware or + firmware error. + @retval EFI_NOT_READY There is not enough random data avai= lable to satisfy the length + requested by RNGValueLength. + @retval EFI_INVALID_PARAMETER RNGValue is NULL or RNGValueLength i= s zero. + +**/ +EFI_STATUS +EFIAPI +RngGetRNG ( + IN EFI_RNG_PROTOCOL *This, + IN EFI_RNG_ALGORITHM *RNGAlgorithm, OPTIONAL + IN UINTN RNGValueLength, + OUT UINT8 *RNGValue + ) +{ + EFI_STATUS Status; + + if ((RNGValueLength =3D=3D 0) || (RNGValue =3D=3D NULL)) { + return EFI_INVALID_PARAMETER; + } + + Status =3D EFI_UNSUPPORTED; + if (RNGAlgorithm =3D=3D NULL) { + // + // Use the default RNG algorithm if RNGAlgorithm is NULL. + // + RNGAlgorithm =3D &gEfiRngAlgorithmSp80090Ctr256Guid; + } + + // + // NIST SP800-90-AES-CTR-256 supported by RDRAND + // + if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmSp80090Ctr256Guid)) { + Status =3D RngGetBytes (RNGValueLength, RNGValue); + return Status; + } + + // + // The "raw" algorithm is intended to provide entropy directly + // + if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmRaw)) { + // + // When a DRBG is used on the output of a entropy source, + // its security level must be at least 256 bits according to UEFI Spec. + // + if (RNGValueLength < 32) { + return EFI_INVALID_PARAMETER; + } + + Status =3D RdRandGenerateEntropy (RNGValueLength, RNGValue); + return Status; + } + + // + // Other algorithms were unsupported by this driver. + // + return Status; +} + +/** + Returns information about the random number generation implementation. + + @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAl= gorithmList. + On output with a return code of EFI_= SUCCESS, the size + in bytes of the data returned in RNG= AlgorithmList. On output + with a return code of EFI_BUFFER_TOO= _SMALL, + the size of RNGAlgorithmList require= d to obtain the list. + @param[out] RNGAlgorithmList A caller-allocated memory buffer fil= led by the driver + with one EFI_RNG_ALGORITHM element f= or each supported + RNG algorithm. The list must not cha= nge across multiple + calls to the same driver. The first = algorithm in the list + is the default algorithm for the dri= ver. + + @retval EFI_SUCCESS The RNG algorithm list was returned = successfully. + @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too s= mall to hold the result. + +**/ +UINTN +EFIAPI +ArchGetSupportedRngAlgorithms ( + IN OUT UINTN *RNGAlgorithmListSize, + OUT EFI_RNG_ALGORITHM *RNGAlgorithmList + ) +{ + UINTN RequiredSize; + EFI_RNG_ALGORITHM *CpuRngSupportedAlgorithm; + + RequiredSize =3D 2 * sizeof (EFI_RNG_ALGORITHM); + + if (*RNGAlgorithmListSize < RequiredSize) { + *RNGAlgorithmListSize =3D RequiredSize; + return EFI_BUFFER_TOO_SMALL; + } + + CpuRngSupportedAlgorithm =3D PcdGetPtr (PcdCpuRngSupportedAlgorithm); + + CopyMem(&RNGAlgorithmList[0], CpuRngSupportedAlgorithm, sizeof (EFI_RNG_= ALGORITHM)); + + // x86 platforms also support EFI_RNG_ALGORITHM_RAW via RDSEED + CopyMem(&RNGAlgorithmList[1], &gEfiRngAlgorithmRaw, sizeof (EFI_RNG_ALGO= RITHM)); + + *RNGAlgorithmListSize =3D RequiredSize; + return EFI_SUCCESS; +} + diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c b/SecurityPk= g/RandomNumberGenerator/RngDxe/RngDxe.c index 13d3dbd0bfbe..b959c70536ea 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c @@ -1,34 +1,32 @@ /** @file RNG Driver to produce the UEFI Random Number Generator protocol. =20 - The driver will use the new RDRAND instruction to produce high-quality, = high-performance - entropy and random number. + The driver uses CPU RNG instructions to produce high-quality, + high-performance entropy and random number. =20 RNG Algorithms defined in UEFI 2.4: - - EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID - Supported - (RDRAND implements a hardware NIST SP800-90 AES-CTR-256 based DRBG) - - EFI_RNG_ALGORITHM_RAW - Supported - (Structuring RDRAND invocation can be guaranteed as high-quality entr= opy source) - - EFI_RNG_ALGORITHM_SP800_90_HMAC_256_GUID - Unsupported - - EFI_RNG_ALGORITHM_SP800_90_HASH_256_GUID - Unsupported - - EFI_RNG_ALGORITHM_X9_31_3DES_GUID - Unsupported - - EFI_RNG_ALGORITHM_X9_31_AES_GUID - Unsupported + - EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID + - EFI_RNG_ALGORITHM_RAW + - EFI_RNG_ALGORITHM_SP800_90_HMAC_256_GUID + - EFI_RNG_ALGORITHM_SP800_90_HASH_256_GUID + - EFI_RNG_ALGORITHM_X9_31_3DES_GUID + - EFI_RNG_ALGORITHM_X9_31_AES_GUID =20 Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
(C) Copyright 2015 Hewlett Packard Enterprise Development LP
+ SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ =20 -#include "RdRand.h" +#include +#include +#include +#include +#include +#include =20 -// -// Supported RNG Algorithms list by this driver. -// -EFI_RNG_ALGORITHM mSupportedRngAlgorithms[] =3D { - EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID, - EFI_RNG_ALGORITHM_RAW -}; +#include "RngDxeInternals.h" =20 /** Returns information about the random number generation implementation. @@ -62,106 +60,23 @@ RngGetInfo ( ) { EFI_STATUS Status; - UINTN RequiredSize; =20 if ((This =3D=3D NULL) || (RNGAlgorithmListSize =3D=3D NULL)) { return EFI_INVALID_PARAMETER; } =20 - RequiredSize =3D sizeof (mSupportedRngAlgorithms); - if (*RNGAlgorithmListSize < RequiredSize) { - Status =3D EFI_BUFFER_TOO_SMALL; + // + // Return algorithm list supported by driver. + // + if (RNGAlgorithmList !=3D NULL) { + Status =3D ArchGetSupportedRngAlgorithms (RNGAlgorithmListSize, RNGAlg= orithmList); } else { - // - // Return algorithm list supported by driver. - // - if (RNGAlgorithmList !=3D NULL) { - CopyMem (RNGAlgorithmList, mSupportedRngAlgorithms, RequiredSize); - Status =3D EFI_SUCCESS; - } else { - Status =3D EFI_INVALID_PARAMETER; - } + Status =3D EFI_INVALID_PARAMETER; } - *RNGAlgorithmListSize =3D RequiredSize; =20 return Status; } =20 -/** - Produces and returns an RNG value using either the default or specified = RNG algorithm. - - @param[in] This A pointer to the EFI_RNG_PROTOCOL in= stance. - @param[in] RNGAlgorithm A pointer to the EFI_RNG_ALGORITHM t= hat identifies the RNG - algorithm to use. May be NULL in whi= ch case the function will - use its default RNG algorithm. - @param[in] RNGValueLength The length in bytes of the memory bu= ffer pointed to by - RNGValue. The driver shall return ex= actly this numbers of bytes. - @param[out] RNGValue A caller-allocated memory buffer fil= led by the driver with the - resulting RNG value. - - @retval EFI_SUCCESS The RNG value was returned successfu= lly. - @retval EFI_UNSUPPORTED The algorithm specified by RNGAlgori= thm is not supported by - this driver. - @retval EFI_DEVICE_ERROR An RNG value could not be retrieved = due to a hardware or - firmware error. - @retval EFI_NOT_READY There is not enough random data avai= lable to satisfy the length - requested by RNGValueLength. - @retval EFI_INVALID_PARAMETER RNGValue is NULL or RNGValueLength i= s zero. - -**/ -EFI_STATUS -EFIAPI -RngGetRNG ( - IN EFI_RNG_PROTOCOL *This, - IN EFI_RNG_ALGORITHM *RNGAlgorithm, OPTIONAL - IN UINTN RNGValueLength, - OUT UINT8 *RNGValue - ) -{ - EFI_STATUS Status; - - if ((RNGValueLength =3D=3D 0) || (RNGValue =3D=3D NULL)) { - return EFI_INVALID_PARAMETER; - } - - Status =3D EFI_UNSUPPORTED; - if (RNGAlgorithm =3D=3D NULL) { - // - // Use the default RNG algorithm if RNGAlgorithm is NULL. - // - RNGAlgorithm =3D &gEfiRngAlgorithmSp80090Ctr256Guid; - } - - // - // NIST SP800-90-AES-CTR-256 supported by RDRAND - // - if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmSp80090Ctr256Guid)) { - Status =3D RdRandGetBytes (RNGValueLength, RNGValue); - return Status; - } - - // - // The "raw" algorithm is intended to provide entropy directly - // - if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmRaw)) { - // - // When a DRBG is used on the output of a entropy source, - // its security level must be at least 256 bits according to UEFI Spec. - // - if (RNGValueLength < 32) { - return EFI_INVALID_PARAMETER; - } - - Status =3D RdRandGenerateEntropy (RNGValueLength, RNGValue); - return Status; - } - - // - // Other algorithms were unsupported by this driver. - // - return Status; -} - // // The Random Number Generator (RNG) protocol // @@ -204,3 +119,44 @@ RngDriverEntry ( =20 return Status; } + + +/** + Calls RDRAND to fill a buffer of arbitrary size with random bytes. + + @param[in] Length Size of the buffer, in bytes, to fill with. + @param[out] RandBuffer Pointer to the buffer to store the random res= ult. + + @retval EFI_SUCCESS Random bytes generation succeeded. + @retval EFI_NOT_READY Failed to request random bytes. + +**/ +EFI_STATUS +EFIAPI +RngGetBytes ( + IN UINTN Length, + OUT UINT8 *RandBuffer + ) +{ + BOOLEAN IsRandom; + UINT64 TempRand[2]; + + while (Length > 0) { + IsRandom =3D GetRandomNumber128 (TempRand); + if (!IsRandom) { + return EFI_NOT_READY; + } + if (Length >=3D sizeof (TempRand)) { + WriteUnaligned64 ((UINT64*)RandBuffer, TempRand[0]); + RandBuffer +=3D sizeof (UINT64); + WriteUnaligned64 ((UINT64*)RandBuffer, TempRand[1]); + RandBuffer +=3D sizeof (UINT64); + Length -=3D sizeof (TempRand); + } else { + CopyMem (RandBuffer, TempRand, Length); + Length =3D 0; + } + } + + return EFI_SUCCESS; +} --=20 2.26.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#74927): https://edk2.groups.io/g/devel/message/74927 Mute This Topic: https://groups.io/mt/82732213/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-