From nobody Wed Feb 11 04:06:11 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+90865+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+90865+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=arm.com
ARC-Seal: i=1; a=rsa-sha256; t=1656515082; cv=none;
	d=zohomail.com; s=zohoarc;
	b=JP10eQMcqhxfG9Edh0rbTaVuIKXz+Vyj7rxMN1RcicypX/yazdueB1SQGhsH05+HULIhNNHxG0l0/dbDouk1IzV4WonPUjRopCguR7SXNDCMl/x+IDMUINAefwWDYGMLczDh3kzRerVs1zgtsKViNFlJIm7cJblHGRFTaHwRYzU=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1656515082;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=Ht/gblqa0xQVp5AZupe5Mf2f6ynpaSBmSsU+do4RhK4=;
	b=Fip2lo04HF6OuAZ74R/hzCGyZWbXEtwuKMbwXeNzgbULYXMYYoeQ9r8lDmKR247Li3cTMnk0nY8UVKE9gEuUfs3Q9csBnwR8bLeIQJQ51qA27QslQzR2iPD1lab6ZwVW9v4dPZsKJ6DlffTGFJRLh+/v60S8OwI+QRaWDBOmOXI=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+90865+1787277+3901457@groups.io;
	dmarc=fail header.from=<pierre.gondois@arm.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1656515082928678.1253766614013;
 Wed, 29 Jun 2022 08:04:42 -0700 (PDT)
Return-Path: <bounce+27952+90865+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id ZcKMYY1788612xtBhUPOxX70;
 Wed, 29 Jun 2022 08:04:42 -0700
X-Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mx.groups.io with SMTP id smtpd.web08.12647.1656515081832624494
 for <devel@edk2.groups.io>;
 Wed, 29 Jun 2022 08:04:42 -0700
X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id C385D1763;
	Wed, 29 Jun 2022 08:04:41 -0700 (PDT)
X-Received: from pierre123.arm.com (unknown [10.57.42.208])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 5385D3F792;
	Wed, 29 Jun 2022 08:04:39 -0700 (PDT)
From: "PierreGondois" <pierre.gondois@arm.com>
To: devel@edk2.groups.io
Cc: Sami Mujawar <sami.mujawar@arm.com>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Rebecca Cran <rebecca@bsdio.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>
Subject: [edk2-devel] [PATCH v3 16/21] SecurityPkg/RngDxe: Check before
 advertising Cpu Rng algo
Date: Wed, 29 Jun 2022 17:02:29 +0200
Message-Id: <20220629150241.2597898-21-Pierre.Gondois@arm.com>
In-Reply-To: <20220629150241.2597898-1-Pierre.Gondois@arm.com>
References: <20220629150241.2597898-1-Pierre.Gondois@arm.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,pierre.gondois@arm.com
X-Gm-Message-State: s44LEJH7Fr3cBQwUE1lqMKXVx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1656515082;
 bh=x8ZwvfPiR/7iPkBW40JjJ1/txb5q7MKifrOd861q6OI=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=ul8orgN62gdjE+8udMJ/MTEedgd2x5aRvk9DDPDLAJbxrbXdTw0vtCJUeKgfaXtBtWx
 oFHMbJ4U6/On128NIqK9+/gOghV+6M1x0jDNWjlQtfDmYPQ9AbYJa4n4BFxBswWpRaUOw
 bP4oI1yldPCxrSG+Zg9QAMIHT74Kt6xwvQs=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1656515083575100017
Content-Type: text/plain; charset="utf-8"

From: Pierre Gondois <pierre.gondois@arm.com>

RngGetBytes() relies on the RngLib. The RngLib might use the RNDR
instruction if the FEAT_RNG feature is present. Check RngGetBytes() is
working before advertising it via RngGetInfo().

To only check this one time, create a static array that is shared
between RngGetInfo and RngGetRNG. This array contains GUIDs.
The Rng algorithm with the lowest GUID and that has been checked
will be the default Rng algorithm.

This patch also prevents from having PcdCpuRngSupportedAlgorithm
let to a zero GUID, but let the possibility to have no valid Rng
algorithm in such case.

Signed-off-by: Pierre Gondois <Pierre.Gondois@arm.com>
---
 .../RngDxe/AArch64/RngDxe.c                   | 77 +++++++++++++++++--
 1 file changed, 69 insertions(+), 8 deletions(-)

diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c b/Se=
curityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c
index f9c740d761ff..d8b696bbea5f 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c
@@ -23,10 +23,44 @@
 #include <Library/BaseLib.h>
 #include <Library/BaseMemoryLib.h>
 #include <Library/UefiBootServicesTableLib.h>
+#include <Library/RngLib.h>
 #include <Protocol/Rng.h>
=20
 #include "RngDxeInternals.h"
=20
+//
+// Static array containing the validated Rng algorithm.
+// This array is used by RngGetInfo and RngGetRNG and needs to be
+// populated only once.
+// The valid entry with the lowest index will be the default algorithm.
+//
+#define RNG_AVAILABLE_ALGO_MAX  1
+STATIC BOOLEAN            mAvailableAlgoArrayInit =3D FALSE;
+STATIC UINTN              mAvailableAlgoArrayCount;
+STATIC EFI_RNG_ALGORITHM  mAvailableAlgoArray[RNG_AVAILABLE_ALGO_MAX];
+
+/** Initialize mAvailableAlgoArray with the available Rng algorithms.
+**/
+STATIC
+VOID
+EFIAPI
+RngInitAvailableAlgoArray (
+  VOID
+  )
+{
+  // Check RngGetBytes() before advertising PcdCpuRngSupportedAlgorithm.
+  if (!EFI_ERROR (RngGetBytes (sizeof (Rand), (UINT8 *)&Rand))) {
+    CopyMem (
+      &mAvailableAlgoArray[mAvailableAlgoArrayCount],
+      PcdGetPtr (PcdCpuRngSupportedAlgorithm),
+      sizeof (EFI_RNG_ALGORITHM)
+      );
+    mAvailableAlgoArrayCount++;
+  }
+
+  mAvailableAlgoArrayInit =3D TRUE;
+}
+
 /**
   Produces and returns an RNG value using either the default or specified =
RNG algorithm.
=20
@@ -59,18 +93,35 @@ RngGetRNG (
   )
 {
   EFI_STATUS  Status;
+  UINTN       Index;
=20
   if ((This =3D=3D NULL) || (RNGValueLength =3D=3D 0) || (RNGValue =3D=3D =
NULL)) {
     return EFI_INVALID_PARAMETER;
   }
=20
+  if (!mAvailableAlgoArrayInit) {
+    RngInitAvailableAlgoArray ();
+  }
+
   if (RNGAlgorithm =3D=3D NULL) {
     //
     // Use the default RNG algorithm if RNGAlgorithm is NULL.
     //
-    RNGAlgorithm =3D PcdGetPtr (PcdCpuRngSupportedAlgorithm);
+    for (Index =3D 0; Index < RNG_AVAILABLE_ALGO_MAX; Index++) {
+      if (!IsZeroGuid (&mAvailableAlgoArray[Index])) {
+        RNGAlgorithm =3D &mAvailableAlgoArray[Index];
+        goto FoundAlgo;
+      }
+    }
+
+    if (Index =3D=3D RNG_AVAILABLE_ALGO_MAX) {
+      // No algorithm available.
+      ASSERT (Index !=3D RNG_AVAILABLE_ALGO_MAX);
+      return EFI_DEVICE_ERROR;
+    }
   }
=20
+FoundAlgo:
   if (CompareGuid (RNGAlgorithm, PcdGetPtr (PcdCpuRngSupportedAlgorithm)))=
 {
     Status =3D RngGetBytes (RNGValueLength, RNGValue);
     return Status;
@@ -113,24 +164,34 @@ RngGetInfo (
   OUT EFI_RNG_ALGORITHM  *RNGAlgorithmList
   )
 {
-  UINTN              RequiredSize;
-  EFI_RNG_ALGORITHM  *CpuRngSupportedAlgorithm;
-
-  RequiredSize =3D sizeof (EFI_RNG_ALGORITHM);
+  UINTN  RequiredSize;
=20
   if ((This =3D=3D NULL) || (RNGAlgorithmListSize =3D=3D NULL)) {
     return EFI_INVALID_PARAMETER;
   }
=20
+  if (!mAvailableAlgoArrayInit) {
+    RngInitAvailableAlgoArray ();
+  }
+
+  RequiredSize =3D mAvailableAlgoArrayCount * sizeof (EFI_RNG_ALGORITHM);
+
+  if (RequiredSize =3D=3D 0) {
+    // No supported algorithms found.
+    return EFI_UNSUPPORTED;
+  }
+
   if (*RNGAlgorithmListSize < RequiredSize) {
     *RNGAlgorithmListSize =3D RequiredSize;
     return EFI_BUFFER_TOO_SMALL;
   }
=20
-  CpuRngSupportedAlgorithm =3D PcdGetPtr (PcdCpuRngSupportedAlgorithm);
-
-  CopyMem (&RNGAlgorithmList[0], CpuRngSupportedAlgorithm, sizeof (EFI_RNG=
_ALGORITHM));
+  if (RNGAlgorithmList =3D=3D NULL) {
+    return EFI_INVALID_PARAMETER;
+  }
=20
+  // There is no gap in the array, so copy the block.
+  CopyMem (RNGAlgorithmList, mAvailableAlgoArray, RequiredSize);
   *RNGAlgorithmListSize =3D RequiredSize;
   return EFI_SUCCESS;
 }
--=20
2.25.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#90865): https://edk2.groups.io/g/devel/message/90865
Mute This Topic: https://groups.io/mt/92066750/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-