1. Patchew
  2. EDK2
  3. [edk2-devel] [PATCH 0/3] OVMF: support EFI_RNG_PROTOCOL without virtio-rng
  4. View patch

[edk2-devel] [PATCH 2/3] ArmVirtPkg/ArmVirtQemu: Expose TRNG hypercall via RngDxe if implemented

Ard Biesheuvel posted 3 patches 3 years, 1 month ago
[edk2-devel] [PATCH 2/3] ArmVirtPkg/ArmVirtQemu: Expose TRNG hypercall via RngDxe if implemented
Posted by Ard Biesheuvel 3 years, 1 month ago 
Currently, we only expose the EFI_RNG_PROTOCOL in ArmVirtQemu if QEMU
provides a virtio-rng device, and it doesn't do so by default.

Given that KVM exposes the ARM architected TRNG service (and has done so
for a while now), let's incorporate the RngDxe driver which has recently
grown support for the ARM firmware/hypervisor service.

If both the service and the virtio device are available, two
implementations of the RNG protocol will be exposed, but this is fine:
callers that don't care about the distinction will grab the first one
available.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 ArmVirtPkg/ArmVirtQemu.dsc           | 11 +++++++++++
 ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc |  5 +++++
 ArmVirtPkg/ArmVirtQemuKernel.dsc     | 11 +++++++++++
 3 files changed, 27 insertions(+)

diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index f77443229e8e..1771ad562225 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -140,6 +140,8 @@ [PcdsFeatureFlag.common]
 
   gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE)
 
+  gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE
+
 [PcdsFixedAtBuild.common]
 !if $(ARCH) == AARCH64
   gArmTokenSpaceGuid.PcdVFPEnabled|1
@@ -442,6 +444,15 @@ [Components.common]
   OvmfPkg/VirtioNetDxe/VirtioNet.inf
   OvmfPkg/VirtioRngDxe/VirtioRng.inf
 
+  #
+  # Rng Support
+  #
+  SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf {
+    <LibraryClasses>
+      ArmMonitorLib|ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.inf
+      ArmTrngLib|ArmPkg/Library/ArmTrngLib/ArmTrngLib.inf
+  }
+
   #
   # FAT filesystem + GPT/MBR partitioning + UDF filesystem + virtio-fs
   #
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
index e06ca7424476..75c75a2d9a17 100644
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
@@ -99,6 +99,11 @@ [FV.FvMain]
   INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
   INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
 
+  #
+  # Rng Support
+  #
+  INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
+
   INF ShellPkg/Application/Shell/Shell.inf
   INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
   INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
index f5db3ac432f3..abe0cbab8295 100644
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
@@ -114,6 +114,8 @@ [PcdsFeatureFlag.common]
 
   gEfiMdeModulePkgTokenSpaceGuid.PcdTurnOffUsbLegacySupport|TRUE
 
+  gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE
+
 [PcdsFixedAtBuild.common]
 !if $(ARCH) == AARCH64
   gArmTokenSpaceGuid.PcdVFPEnabled|1
@@ -350,6 +352,15 @@ [Components.common]
   OvmfPkg/VirtioNetDxe/VirtioNet.inf
   OvmfPkg/VirtioRngDxe/VirtioRng.inf
 
+  #
+  # Rng Support
+  #
+  SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf {
+    <LibraryClasses>
+      ArmMonitorLib|ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.inf
+      ArmTrngLib|ArmPkg/Library/ArmTrngLib/ArmTrngLib.inf
+  }
+
   #
   # FAT filesystem + GPT/MBR partitioning + UDF filesystem + virtio-fs
   #
-- 
2.35.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96190): https://edk2.groups.io/g/devel/message/96190
Mute This Topic: https://groups.io/mt/94935841/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 2/3] ArmVirtPkg/ArmVirtQemu: Expose TRNG hypercall via RngDxe if implemented
Posted by PierreGondois 3 years, 1 month ago 
Hello Ard,

On 11/10/22 14:47, Ard Biesheuvel wrote:
> Currently, we only expose the EFI_RNG_PROTOCOL in ArmVirtQemu if QEMU
> provides a virtio-rng device, and it doesn't do so by default.
> 
> Given that KVM exposes the ARM architected TRNG service (and has done so
> for a while now), let's incorporate the RngDxe driver which has recently
> grown support for the ARM firmware/hypervisor service.
> 
> If both the service and the virtio device are available, two
> implementations of the RNG protocol will be exposed, but this is fine:
> callers that don't care about the distinction will grab the first one
> available.
> 
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> ---
>   ArmVirtPkg/ArmVirtQemu.dsc           | 11 +++++++++++
>   ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc |  5 +++++
>   ArmVirtPkg/ArmVirtQemuKernel.dsc     | 11 +++++++++++
>   3 files changed, 27 insertions(+)
> 
> diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
> index f77443229e8e..1771ad562225 100644
> --- a/ArmVirtPkg/ArmVirtQemu.dsc
> +++ b/ArmVirtPkg/ArmVirtQemu.dsc
> @@ -140,6 +140,8 @@ [PcdsFeatureFlag.common]
>   
>     gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE)
>   
> +  gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE
> +

It seems that the PSCI conduit needs to be dynamically set.
The psci conduit that should be used is configured by qemu depending on the
virtualization=[on|off] parameter. When off, HVC must be used (SMC otherwise).
Cf:
https://github.com/qemu/qemu/blob/master/hw/arm/virt.c#L2052

If using the wrong conduit, qemu traps the instruction and stops.
For KvmTool, the conduit is always HVC.

Command used:
[PATH_TO]/qemu/build/qemu-system-aarch64 \
	-serial stdio -M virt,highmem=on,virtualization=off \
	-cpu cortex-a57 -smp 4 -m 4096 \
	-drive file=pflash0.img,format=raw,if=pflash,readonly=on \
	-drive file=pflash1.img,format=raw,if=pflash

Regards,
Pierre


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96499): https://edk2.groups.io/g/devel/message/96499
Mute This Topic: https://groups.io/mt/94935841/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 2/3] ArmVirtPkg/ArmVirtQemu: Expose TRNG hypercall via RngDxe if implemented
Posted by Ard Biesheuvel 2 years, 11 months ago 
On Fri, 18 Nov 2022 at 17:48, PierreGondois <pierre.gondois@arm.com> wrote:
>
> Hello Ard,
>
> On 11/10/22 14:47, Ard Biesheuvel wrote:
> > Currently, we only expose the EFI_RNG_PROTOCOL in ArmVirtQemu if QEMU
> > provides a virtio-rng device, and it doesn't do so by default.
> >
> > Given that KVM exposes the ARM architected TRNG service (and has done so
> > for a while now), let's incorporate the RngDxe driver which has recently
> > grown support for the ARM firmware/hypervisor service.
> >
> > If both the service and the virtio device are available, two
> > implementations of the RNG protocol will be exposed, but this is fine:
> > callers that don't care about the distinction will grab the first one
> > available.
> >
> > Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> > ---
> >   ArmVirtPkg/ArmVirtQemu.dsc           | 11 +++++++++++
> >   ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc |  5 +++++
> >   ArmVirtPkg/ArmVirtQemuKernel.dsc     | 11 +++++++++++
> >   3 files changed, 27 insertions(+)
> >
> > diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
> > index f77443229e8e..1771ad562225 100644
> > --- a/ArmVirtPkg/ArmVirtQemu.dsc
> > +++ b/ArmVirtPkg/ArmVirtQemu.dsc
> > @@ -140,6 +140,8 @@ [PcdsFeatureFlag.common]
> >
> >     gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE)
> >
> > +  gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE
> > +
>
> It seems that the PSCI conduit needs to be dynamically set.

Why? And how is this different from PSCI for resetting the system?

Note that ArmVIrtQemu was never intended to run at EL2, even if it
seems to work to some extent.


> The psci conduit that should be used is configured by qemu depending on the
> virtualization=[on|off] parameter. When off, HVC must be used (SMC otherwise).
> Cf:
> https://github.com/qemu/qemu/blob/master/hw/arm/virt.c#L2052
>
> If using the wrong conduit, qemu traps the instruction and stops.
> For KvmTool, the conduit is always HVC.
>
> Command used:
> [PATH_TO]/qemu/build/qemu-system-aarch64 \
>         -serial stdio -M virt,highmem=on,virtualization=off \
>         -cpu cortex-a57 -smp 4 -m 4096 \
>         -drive file=pflash0.img,format=raw,if=pflash,readonly=on \
>         -drive file=pflash1.img,format=raw,if=pflash
>
> Regards,
> Pierre
>
>
> 
>
>


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#98303): https://edk2.groups.io/g/devel/message/98303
Mute This Topic: https://groups.io/mt/94935841/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 2/3] ArmVirtPkg/ArmVirtQemu: Expose TRNG hypercall via RngDxe if implemented
Posted by PierreGondois 2 years, 11 months ago 

On 1/11/23 17:49, Ard Biesheuvel wrote:
> On Fri, 18 Nov 2022 at 17:48, PierreGondois <pierre.gondois@arm.com> wrote:
>>
>> Hello Ard,
>>
>> On 11/10/22 14:47, Ard Biesheuvel wrote:
>>> Currently, we only expose the EFI_RNG_PROTOCOL in ArmVirtQemu if QEMU
>>> provides a virtio-rng device, and it doesn't do so by default.
>>>
>>> Given that KVM exposes the ARM architected TRNG service (and has done so
>>> for a while now), let's incorporate the RngDxe driver which has recently
>>> grown support for the ARM firmware/hypervisor service.
>>>
>>> If both the service and the virtio device are available, two
>>> implementations of the RNG protocol will be exposed, but this is fine:
>>> callers that don't care about the distinction will grab the first one
>>> available.
>>>
>>> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
>>> ---
>>>    ArmVirtPkg/ArmVirtQemu.dsc           | 11 +++++++++++
>>>    ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc |  5 +++++
>>>    ArmVirtPkg/ArmVirtQemuKernel.dsc     | 11 +++++++++++
>>>    3 files changed, 27 insertions(+)
>>>
>>> diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
>>> index f77443229e8e..1771ad562225 100644
>>> --- a/ArmVirtPkg/ArmVirtQemu.dsc
>>> +++ b/ArmVirtPkg/ArmVirtQemu.dsc
>>> @@ -140,6 +140,8 @@ [PcdsFeatureFlag.common]
>>>
>>>      gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE)
>>>
>>> +  gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE
>>> +
>>
>> It seems that the PSCI conduit needs to be dynamically set.
> 
> Why? And how is this different from PSCI for resetting the system?

The PSCI implementation used for ArmVirtQemu is parsing the conduit
to use, so it can handle both cases:
https://github.com/tianocore/edk2/blob/fe405f08a09e9f2306c72aa23d8edfbcfaa23bff/ArmVirtPkg/Library/ArmVirtPsciResetSystemLib/ArmVirtPsciResetSystemLib.c#L49

> 
> Note that ArmVIrtQemu was never intended to run at EL2, even if it
> seems to work to some extent.

Ok understood.

> 
> 
>> The psci conduit that should be used is configured by qemu depending on the
>> virtualization=[on|off] parameter. When off, HVC must be used (SMC otherwise).
>> Cf:
>> https://github.com/qemu/qemu/blob/master/hw/arm/virt.c#L2052

(replacing with a permanent link)
https://github.com/qemu/qemu/blob/aa96ab7c9df59c615ca82b49c9062819e0a1c287/hw/arm/virt.c#L2080

>>
>> If using the wrong conduit, qemu traps the instruction and stops.
>> For KvmTool, the conduit is always HVC.
>>
>> Command used:
>> [PATH_TO]/qemu/build/qemu-system-aarch64 \
>>          -serial stdio -M virt,highmem=on,virtualization=off \
>>          -cpu cortex-a57 -smp 4 -m 4096 \
>>          -drive file=pflash0.img,format=raw,if=pflash,readonly=on \
>>          -drive file=pflash1.img,format=raw,if=pflash
>>
>> Regards,
>> Pierre
>>
>>
>> 
>>
>>


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#98306): https://edk2.groups.io/g/devel/message/98306
Mute This Topic: https://groups.io/mt/94935841/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 2/3] ArmVirtPkg/ArmVirtQemu: Expose TRNG hypercall via RngDxe if implemented
Posted by Ard Biesheuvel 2 years, 11 months ago 
On Wed, 11 Jan 2023 at 18:38, PierreGondois <pierre.gondois@arm.com> wrote:
>
>
>
> On 1/11/23 17:49, Ard Biesheuvel wrote:
> > On Fri, 18 Nov 2022 at 17:48, PierreGondois <pierre.gondois@arm.com> wrote:
> >>
> >> Hello Ard,
> >>
> >> On 11/10/22 14:47, Ard Biesheuvel wrote:
> >>> Currently, we only expose the EFI_RNG_PROTOCOL in ArmVirtQemu if QEMU
> >>> provides a virtio-rng device, and it doesn't do so by default.
> >>>
> >>> Given that KVM exposes the ARM architected TRNG service (and has done so
> >>> for a while now), let's incorporate the RngDxe driver which has recently
> >>> grown support for the ARM firmware/hypervisor service.
> >>>
> >>> If both the service and the virtio device are available, two
> >>> implementations of the RNG protocol will be exposed, but this is fine:
> >>> callers that don't care about the distinction will grab the first one
> >>> available.
> >>>
> >>> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> >>> ---
> >>>    ArmVirtPkg/ArmVirtQemu.dsc           | 11 +++++++++++
> >>>    ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc |  5 +++++
> >>>    ArmVirtPkg/ArmVirtQemuKernel.dsc     | 11 +++++++++++
> >>>    3 files changed, 27 insertions(+)
> >>>
> >>> diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
> >>> index f77443229e8e..1771ad562225 100644
> >>> --- a/ArmVirtPkg/ArmVirtQemu.dsc
> >>> +++ b/ArmVirtPkg/ArmVirtQemu.dsc
> >>> @@ -140,6 +140,8 @@ [PcdsFeatureFlag.common]
> >>>
> >>>      gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE)
> >>>
> >>> +  gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE
> >>> +
> >>
> >> It seems that the PSCI conduit needs to be dynamically set.
> >
> > Why? And how is this different from PSCI for resetting the system?
>
> The PSCI implementation used for ArmVirtQemu is parsing the conduit
> to use, so it can handle both cases:
> https://github.com/tianocore/edk2/blob/fe405f08a09e9f2306c72aa23d8edfbcfaa23bff/ArmVirtPkg/Library/ArmVirtPsciResetSystemLib/ArmVirtPsciResetSystemLib.c#L49
>

Hmm, that is a fair point.

I wonder if we should simply detect whether we are executing at EL1 or
EL2, and use HVC or SVC respectively.


> >
> > Note that ArmVIrtQemu was never intended to run at EL2, even if it
> > seems to work to some extent.
>
> Ok understood.
>
> >
> >
> >> The psci conduit that should be used is configured by qemu depending on the
> >> virtualization=[on|off] parameter. When off, HVC must be used (SMC otherwise).
> >> Cf:
> >> https://github.com/qemu/qemu/blob/master/hw/arm/virt.c#L2052
>
> (replacing with a permanent link)
> https://github.com/qemu/qemu/blob/aa96ab7c9df59c615ca82b49c9062819e0a1c287/hw/arm/virt.c#L2080
>
> >>
> >> If using the wrong conduit, qemu traps the instruction and stops.
> >> For KvmTool, the conduit is always HVC.
> >>
> >> Command used:
> >> [PATH_TO]/qemu/build/qemu-system-aarch64 \
> >>          -serial stdio -M virt,highmem=on,virtualization=off \
> >>          -cpu cortex-a57 -smp 4 -m 4096 \
> >>          -drive file=pflash0.img,format=raw,if=pflash,readonly=on \
> >>          -drive file=pflash1.img,format=raw,if=pflash
> >>
> >> Regards,
> >> Pierre
> >>
> >>
> >>
> >>
> >>
>
>
> 
>
>


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#98307): https://edk2.groups.io/g/devel/message/98307
Mute This Topic: https://groups.io/mt/94935841/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.