Re: [edk2-devel] [PATCH v3 00/11] Add more crypt APIs based on Mbedtls
For this patch set: Looks good to me. Reviewed-by: Yi Li -Original Message- From: Hou, Wenxing Sent: Thursday, May 9, 2024 2:27 PM To: devel@edk2.groups.io Cc: Yao, Jiewen ; Li, Yi1 Subject: [PATCH v3 00/11] Add more crypt APIs based on Mbedtls REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Add AeadAesGcm/Pem(only RSA)/X509(only RSA)/More RSA/PKCS5/pKCS7/Authenticode/Timestamp implementation based on Mbedtls. The patch has passed the EDKII CI check: https://github.com/tianocore/edk2/pull/5552 And the patch has passed unit_test in EDKII and integration test for platform. And the patch hass passed the fuzz test: https://github.com/tianocore/edk2-staging/commit/4f19398053c92e4f7791d468a184530b6ab89128 v2 changes: - Fix format variable name/hardcode number issue; - Fix Pkcs7 memory leak; v3 changes: - Fix some issues form reviewer; - Add SHA3/SM3 implementation; - Update *.inf files; Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou Wenxing Hou (11): CryptoPkg: Add AeadAesGcm based on Mbedtls CryptoPkg: Add rand function for BaseCryptLibMbedTls CryptoPkg: Add Pem APIs based on Mbedtls CryptoPkg: Add X509 functions based on Mbedtls CryptoPkg: Add Pkcs7 related functions based on Mbedtls CryptoPkg: Add Pkcs5 functions based on Mbedtls CryptoPkg: Add more RSA related functions based on Mbedtls CryptoPkg: Add AuthenticodeVerify based on Mbedtls CryptoPkg: Add ImageTimestampVerify based on Mbedtls CryptoPkg: Update *.inf in BaseCryptLibMbedTls Add SHA3/SM3 functions with openssl for Mbedtls CryptoPkg/Include/Library/BaseCryptLib.h |4 + .../BaseCryptLibMbedTls/BaseCryptLib.inf | 47 +- .../Cipher/CryptAeadAesGcm.c | 227 ++ .../BaseCryptLibMbedTls/InternalCryptLib.h| 49 + .../BaseCryptLibMbedTls/PeiCryptLib.inf | 27 +- .../BaseCryptLibMbedTls/Pem/CryptPem.c| 138 ++ .../Pk/CryptAuthenticode.c| 214 ++ .../BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c | 278 +++ .../BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c | 100 + .../Pk/CryptPkcs7Internal.h | 29 +- .../BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c | 635 ++ .../Pk/CryptPkcs7VerifyBase.c | 113 + .../Pk/CryptPkcs7VerifyCommon.c | 1354 .../Pk/CryptPkcs7VerifyEku.c | 689 ++ .../BaseCryptLibMbedTls/Pk/CryptRsaExt.c | 352 +++ .../BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c | 140 ++ .../Library/BaseCryptLibMbedTls/Pk/CryptTs.c | 381 .../BaseCryptLibMbedTls/Pk/CryptX509.c| 1940 + .../BaseCryptLibMbedTls/Rand/CryptRand.c | 114 + .../BaseCryptLibMbedTls/Rand/CryptRandTsc.c | 114 + .../BaseCryptLibMbedTls/RuntimeCryptLib.inf | 26 +- .../BaseCryptLibMbedTls/SmmCryptLib.inf | 36 +- .../BaseCryptLibMbedTls/TestBaseCryptLib.inf | 39 +- CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf |6 + .../Library/MbedTlsLib/MbedTlsLibFull.inf |6 + 25 files changed, 6973 insertions(+), 85 deletions(-) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcm.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPem.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyBase.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyCommon.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyEku.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExt.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTs.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c -- 2.26.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118743): https://edk2.groups.io/g/devel/message/118743 Mute This Topic: https://groups.io/mt/105996826/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v3 11/11] Add SHA3/SM3 functions with openssl for Mbedtls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Because the Mbedlts 3.3.0 doesn't have SHA3 and Sm3, the SHA3 and Sm3 implementaion based on Openssl. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Library/BaseCryptLibMbedTls/BaseCryptLib.inf | 11 +++ CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf | 9 +++-- .../Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf | 3 ++- CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf | 9 +++-- .../Library/BaseCryptLibMbedTls/TestBaseCryptLib.inf | 3 ++- CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf | 6 ++ CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf | 6 ++ 7 files changed, 37 insertions(+), 10 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf index cb282fe648..f015d5afbd 100644 --- a/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf @@ -18,6 +18,7 @@ MODULE_TYPE= DXE_DRIVER VERSION_STRING = 1.0 LIBRARY_CLASS = BaseCryptLib|DXE_DRIVER DXE_CORE UEFI_APPLICATION UEFI_DRIVER + DEFINE BASE_CRYPT_PATH = ../BaseCryptLib # # The following information is for reference only and not required by the build tools. @@ -31,10 +32,12 @@ Hash/CryptSha1.c Hash/CryptSha256.c Hash/CryptSha512.c - Hash/CryptSm3Null.c - - Hash/CryptParallelHashNull.c - + $(BASE_CRYPT_PATH)/Hash/CryptCShake256.c + $(BASE_CRYPT_PATH)/Hash/CryptDispatchApDxe.c + $(BASE_CRYPT_PATH)/Hash/CryptParallelHash.c + $(BASE_CRYPT_PATH)/Hash/CryptSha3.c + $(BASE_CRYPT_PATH)/Hash/CryptSm3.c + $(BASE_CRYPT_PATH)/Hash/CryptXkcp.c Hmac/CryptHmac.c Kdf/CryptHkdf.c Cipher/CryptAes.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf index 660e11a96e..479bb2f87d 100644 --- a/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf @@ -26,6 +26,7 @@ MODULE_TYPE= PEIM VERSION_STRING = 1.0 LIBRARY_CLASS = BaseCryptLib|PEIM PEI_CORE + DEFINE BASE_CRYPT_PATH = ../BaseCryptLib # # The following information is for reference only and not required by the build tools. @@ -38,9 +39,13 @@ Hash/CryptMd5.c Hash/CryptSha1.c Hash/CryptSha256.c - Hash/CryptSm3Null.c Hash/CryptSha512.c - Hash/CryptParallelHashNull.c + $(BASE_CRYPT_PATH)/Hash/CryptCShake256.c + $(BASE_CRYPT_PATH)/Hash/CryptDispatchApPei.c + $(BASE_CRYPT_PATH)/Hash/CryptParallelHash.c + $(BASE_CRYPT_PATH)/Hash/CryptSha3.c + $(BASE_CRYPT_PATH)/Hash/CryptSm3.c + $(BASE_CRYPT_PATH)/Hash/CryptXkcp.c Hmac/CryptHmac.c Kdf/CryptHkdf.c Cipher/CryptAes.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf index 280b1a9c29..0179640e03 100644 --- a/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf @@ -25,6 +25,7 @@ VERSION_STRING = 1.0 LIBRARY_CLASS = BaseCryptLib|DXE_RUNTIME_DRIVER CONSTRUCTOR= RuntimeCryptLibConstructor + DEFINE BASE_CRYPT_PATH = ../BaseCryptLib # # The following information is for reference only and not required by the build tools. @@ -37,9 +38,9 @@ Hash/CryptMd5.c Hash/CryptSha1.c Hash/CryptSha256.c - Hash/CryptSm3Null.c Hash/CryptSha512.c Hash/CryptParallelHashNull.c + $(BASE_CRYPT_PATH)/Hash/CryptSm3.c Hmac/CryptHmac.c Kdf/CryptHkdf.c Cipher/CryptAes.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf index 4a519b06ee..92013bd514 100644 --- a/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf @@ -24,6 +24,7 @@ VERSION_STRING = 1.0 PI_SPECIFICATION_VERSION = 0x0001000A LIBRARY_CLASS = BaseCryptLib|DXE_SMM_DRIVER SMM_CORE MM_STANDALONE + DEFINE BASE_CRYPT_PATH = ../BaseCryptLib # # The following information is for reference only and not required by the build tools. @@ -36,9 +37,13 @@ Hash/CryptMd5.c Hash/CryptSha1.c Hash/CryptSha256.c - Hash/CryptSm3Null.c Hash/CryptSha512.c - Hash/CryptParallelHashNull.c + $(BASE_CRYPT_PATH)/Hash/CryptCShake256.c + $(BASE_CRYPT_PATH)/Hash/CryptDispatchApMm.c + $(BASE_CRYPT_PATH)/Hash/CryptParallelHash.c + $(BASE_CRYPT_PATH)/Hash/CryptSha3.c + $(BASE_CRYPT_PATH)/Hash/CryptSm3.c + $(BASE_CRYPT_PATH)/Hash/CryptXkcp.c Hmac/CryptHmac.c Kdf/CryptHkdf.c Cipher/CryptAes.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/TestBaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLibMbedTls/TestBaseCryp
[edk2-devel] [PATCH v3 07/11] CryptoPkg: Add more RSA related functions based on Mbedtls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Implement more RSA functions such as RsaPkcs1Sign based Mbedlts. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c | 278 ++ .../BaseCryptLibMbedTls/Pk/CryptRsaExt.c | 352 ++ .../BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c | 140 +++ 3 files changed, 770 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExt.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c new file mode 100644 index 00..61ccdd78e6 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c @@ -0,0 +1,278 @@ +/** @file + This file contains UEFI wrapper functions for RSA PKCS1v2 OAEP encryption routines. + + SPDX-License-Identifier: BSD-2-Clause-Patent + + Copyright (c) 2024, Intel Corporation. All rights reserved. + +**/ + +#include "InternalCryptLib.h" +#include +#include +#include + +/** + Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the + encrypted message in a newly allocated buffer. + + Things that can cause a failure include: + - X509 key size does not match any known key size. + - Fail to parse X509 certificate. + - Fail to allocate an intermediate buffer. + - Null pointer provided for a non-optional parameter. + - Data size is too large for the provided key size (max size is a function of key size +and hash digest size). + + @param[in] PublicKey A pointer to the DER-encoded X509 certificate that + will be used to encrypt the data. + @param[in] PublicKeySize Size of the X509 cert buffer. + @param[in] InData Data to be encrypted. + @param[in] InDataSize Size of the data buffer. + @param[in] PrngSeed[Optional] If provided, a pointer to a random seed buffer + to be used when initializing the PRNG. NULL otherwise. + @param[in] PrngSeedSize[Optional] If provided, size of the random seed buffer. + 0 otherwise. + @param[out] EncryptedData Pointer to an allocated buffer containing the encrypted + message. + @param[out] EncryptedDataSize Size of the encrypted message buffer. + + @retval TRUEEncryption was successful. + @retval FALSE Encryption failed. + +**/ +BOOLEAN +EFIAPI +Pkcs1v2Encrypt ( + IN CONST UINT8 *PublicKey, + IN UINTNPublicKeySize, + IN UINT8*InData, + IN UINTNInDataSize, + IN CONST UINT8 *PrngSeed OPTIONAL, + IN UINTNPrngSeedSize OPTIONAL, + OUT UINT8 **EncryptedData, + OUT UINTN *EncryptedDataSize + ) +{ + BOOLEAN Result; + UINT32 Ret; + UINT8*OutData; + mbedtls_x509_crt CertContext; + mbedtls_rsa_context RsaContext; + + // + // Check input parameters. + // + if ((PublicKey == NULL) || (InData == NULL) || + (EncryptedData == NULL) || (EncryptedDataSize == NULL)) + { +return FALSE; + } + + // + // Check public key size. + // + if (PublicKeySize > UINT_MAX) { +// +// Public key size is too large for implementation. +// +return FALSE; + } + + *EncryptedData = NULL; + *EncryptedDataSize = 0; + Result = FALSE; + OutData= NULL; + + mbedtls_x509_crt_init (&CertContext); + + if (mbedtls_x509_crt_parse_der (&CertContext, PublicKey, (UINT32)PublicKeySize) != 0) { +goto _Exit; + } + + if (mbedtls_pk_get_type (&CertContext.pk) != MBEDTLS_PK_RSA) { +goto _Exit; + } + + mbedtls_rsa_init (&RsaContext); + if (mbedtls_rsa_set_padding (&RsaContext, MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_NONE) != 0) { +goto _Exit; + } + + Ret = mbedtls_rsa_copy (&RsaContext, mbedtls_pk_rsa (CertContext.pk)); + if (Ret != 0) { +goto _Exit; + } + + *EncryptedDataSize = RsaContext.len; + + // + // Allocate a buffer for the output data. + // + OutData = AllocateZeroPool (*EncryptedDataSize); + if (OutData == NULL) { +// +// Fail to allocate the output buffer. +// +goto _Exit; + } + + Ret = mbedtls_rsa_pkcs1_encrypt ( + &RsaContext, + MbedtlsRand, + NULL, + InDataSize, + InData, + OutData + ); + if (Ret != 0) { +FreePool (OutData); +OutData = NULL; +goto _Exit; + } + + *EncryptedData = OutData; + Result = TRUE; + +_Exit: + // + // Release Resources + // + if (&CertContext != NULL) { +mbedtls_x509_crt_free (&CertContext); + } + + if (&RsaContext != NULL) { +mbedtls_rsa_free (&RsaContext); + } + + return
[edk2-devel] [PATCH v3 10/11] CryptoPkg: Update *.inf in BaseCryptLibMbedTls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Update all *.inf in BaseCryptLibMbedTls based on new implementation. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/BaseCryptLib.inf | 42 ++- .../BaseCryptLibMbedTls/PeiCryptLib.inf | 18 .../BaseCryptLibMbedTls/RuntimeCryptLib.inf | 23 +- .../BaseCryptLibMbedTls/SmmCryptLib.inf | 27 ++-- .../BaseCryptLibMbedTls/TestBaseCryptLib.inf | 36 5 files changed, 80 insertions(+), 66 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf index 16def792c5..cb282fe648 100644 --- a/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf @@ -27,33 +27,37 @@ [Sources] InternalCryptLib.h - Cipher/CryptAeadAesGcmNull.c - Cipher/CryptAes.c + Hash/CryptMd5.c + Hash/CryptSha1.c Hash/CryptSha256.c Hash/CryptSha512.c - Hash/CryptParallelHashNull.c Hash/CryptSm3Null.c - Hash/CryptMd5.c - Hash/CryptSha1.c + + Hash/CryptParallelHashNull.c + Hmac/CryptHmac.c Kdf/CryptHkdf.c + Cipher/CryptAes.c + Cipher/CryptAeadAesGcm.c Pk/CryptRsaBasic.c - Pk/CryptRsaExtNull.c - Pk/CryptRsaPss.c - Pk/CryptRsaPssSignNull.c - Bn/CryptBnNull.c - Pem/CryptPemNull.c + Pk/CryptRsaExt.c + Pk/CryptPkcs1Oaep.c + Pk/CryptPkcs5Pbkdf2.c + Pk/CryptPkcs7Sign.c + Pk/CryptPkcs7VerifyCommon.c + Pk/CryptPkcs7VerifyBase.c + Pk/CryptPkcs7VerifyEku.c Pk/CryptDhNull.c + Pk/CryptX509.c + Pk/CryptAuthenticode.c + Pk/CryptTs.c + Pk/CryptRsaPss.c + Pk/CryptRsaPssSign.c Pk/CryptEcNull.c - Pk/CryptPkcs1OaepNull.c - Pk/CryptPkcs5Pbkdf2Null.c - Pk/CryptPkcs7SignNull.c - Pk/CryptPkcs7VerifyNull.c - Pk/CryptPkcs7VerifyEkuNull.c - Pk/CryptX509Null.c - Pk/CryptAuthenticodeNull.c - Pk/CryptTsNull.c - Rand/CryptRandNull.c + Pem/CryptPem.c + Bn/CryptBnNull.c + Rand/CryptRand.c + SysCall/CrtWrapper.c SysCall/TimerWrapper.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf index 72b22a24e8..660e11a96e 100644 --- a/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf @@ -47,21 +47,23 @@ Cipher/CryptAeadAesGcmNull.c Pk/CryptRsaBasic.c Pk/CryptRsaExtNull.c - Pk/CryptRsaPss.c - Pk/CryptRsaPssSignNull.c - Bn/CryptBnNull.c - Pem/CryptPemNull.c - Pk/CryptDhNull.c - Pk/CryptEcNull.c Pk/CryptPkcs1OaepNull.c Pk/CryptPkcs5Pbkdf2Null.c Pk/CryptPkcs7SignNull.c - Pk/CryptPkcs7VerifyNull.c - Pk/CryptPkcs7VerifyEkuNull.c + Pk/CryptPkcs7VerifyCommon.c + Pk/CryptPkcs7VerifyBase.c + Pk/CryptPkcs7VerifyEku.c + Pk/CryptDhNull.c Pk/CryptX509Null.c Pk/CryptAuthenticodeNull.c Pk/CryptTsNull.c + Pk/CryptRsaPss.c + Pk/CryptRsaPssSignNull.c + Pk/CryptEcNull.c + Pem/CryptPemNull.c Rand/CryptRandNull.c + Bn/CryptBnNull.c + SysCall/CrtWrapper.c SysCall/ConstantTimeClock.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf index 9f17ef00bf..280b1a9c29 100644 --- a/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf @@ -46,21 +46,23 @@ Cipher/CryptAeadAesGcmNull.c Pk/CryptRsaBasic.c Pk/CryptRsaExtNull.c - Pk/CryptRsaPssNull.c - Pk/CryptRsaPssSignNull.c - Bn/CryptBnNull.c - Pem/CryptPemNull.c - Pk/CryptDhNull.c - Pk/CryptEcNull.c Pk/CryptPkcs1OaepNull.c Pk/CryptPkcs5Pbkdf2Null.c Pk/CryptPkcs7SignNull.c - Pk/CryptPkcs7VerifyNull.c - Pk/CryptPkcs7VerifyEkuNull.c - Pk/CryptX509Null.c + Pk/CryptPkcs7VerifyCommon.c + Pk/CryptPkcs7VerifyRuntime.c + Pk/CryptPkcs7VerifyEkuRuntime.c + Pk/CryptDhNull.c + Pk/CryptX509.c Pk/CryptAuthenticodeNull.c Pk/CryptTsNull.c - Rand/CryptRandNull.c + Pk/CryptRsaPssNull.c + Pk/CryptRsaPssSignNull.c + Pk/CryptEcNull.c + Pem/CryptPem.c + Bn/CryptBnNull.c + Rand/CryptRand.c + SysCall/CrtWrapper.c SysCall/TimerWrapper.c SysCall/RuntimeMemAllocation.c @@ -77,6 +79,7 @@ MbedTlsLib IntrinsicLib PrintLib + RngLib # # Remove these [BuildOptions] after this library is cleaned up diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf index 40c56d1b7d..4a519b06ee 100644 --- a/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf @@ -45,21 +45,23 @@ Cipher/CryptAeadAesGcmNull.c Pk/CryptRsaBasic.c Pk/CryptRsaExtNull.c - Pk/CryptRsaPss.c - Pk/CryptRsaPssSignNull.c - Bn/CryptBnNull.c - Pem/CryptPemNull.c - Pk/CryptDhNull.c - Pk/CryptEcNull.c - Pk/CryptPkcs1OaepNull.c - Pk/CryptPkcs5Pbkdf2Null.c + Pk/CryptPkcs1Oaep.c + Pk/CryptPkcs5Pbkdf2.c Pk/CryptPkcs7SignNull.c -
[edk2-devel] [PATCH v3 09/11] CryptoPkg: Add ImageTimestampVerify based on Mbedtls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Timestamp Countersignature Verification implementaion based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Library/BaseCryptLibMbedTls/Pk/CryptTs.c | 381 ++ 1 file changed, 381 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTs.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTs.c b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTs.c new file mode 100644 index 00..d3fa205f9c --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTs.c @@ -0,0 +1,381 @@ +/** @file + RFC3161 Timestamp Countersignature Verification Wrapper Implementation which does + not provide real capabilities. + +Copyright (c) 2024, Intel Corporation. All rights reserved. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include + +// +// OID ASN.1 Value for SPC_RFC3161_OBJID ("1.3.6.1.4.1.311.3.3.1") +// +GLOBAL_REMOVE_IF_UNREFERENCED const UINT8 mSpcRFC3161OidValue[] = { + 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x03, 0x03, 0x01 +}; + +/** + Convert ASN.1 GeneralizedTime to EFI Time. + + @param[in] Ptr Pointer to the ASN.1 GeneralizedTime to be converted. + @param[out] EfiTime Return the corresponding EFI Time. + + @retval TRUE The time conversion succeeds. + @retval FALSE Invalid parameters. + +**/ +STATIC +BOOLEAN +ConvertAsn1TimeToEfiTime ( + IN UINT8 *Ptr, + OUT EFI_TIME *EfiTime + ) +{ + CONST CHAR8 *Str; + UINTNIndex; + + if ((Ptr == NULL) || (EfiTime == NULL)) { +return FALSE; + } + + Str = (CONST CHAR8 *)Ptr; + SetMem (EfiTime, sizeof (EFI_TIME), 0); + + Index = 0; + + /* four digit year */ + EfiTime->Year = (Str[Index++] - '0') * 1000; + EfiTime->Year += (Str[Index++] - '0') * 100; + EfiTime->Year += (Str[Index++] - '0') * 10; + EfiTime->Year += (Str[Index++] - '0'); + if ((EfiTime->Year < 1900) || (EfiTime->Year > )) { +return FALSE; + } + + EfiTime->Month = (Str[Index++] - '0') * 10; + EfiTime->Month += (Str[Index++] - '0'); + if ((EfiTime->Month < 1) || (EfiTime->Month > 12)) { +return FALSE; + } + + EfiTime->Day = (Str[Index++] - '0') * 10; + EfiTime->Day += (Str[Index++] - '0'); + if ((EfiTime->Day < 1) || (EfiTime->Day > 31)) { +return FALSE; + } + + EfiTime->Hour = (Str[Index++] - '0') * 10; + EfiTime->Hour += (Str[Index++] - '0'); + if (EfiTime->Hour > 23) { +return FALSE; + } + + EfiTime->Minute = (Str[Index++] - '0') * 10; + EfiTime->Minute += (Str[Index++] - '0'); + if (EfiTime->Minute > 59) { +return FALSE; + } + + EfiTime->Second = (Str[Index++] - '0') * 10; + EfiTime->Second += (Str[Index++] - '0'); + if (EfiTime->Second > 59) { +return FALSE; + } + + /* Note: we did not adjust the time based on time zone information */ + + return TRUE; +} + +/** + Verifies the validity of a RFC3161 Timestamp CounterSignature embedded in PE/COFF Authenticode + signature. + + Return FALSE to indicate this interface is not supported. + + @param[in] AuthData Pointer to the Authenticode Signature retrieved from signed + PE/COFF image to be verified. + @param[in] DataSize Size of the Authenticode Signature in bytes. + @param[in] TsaCert Pointer to a trusted/root TSA certificate encoded in DER, which + is used for TSA certificate chain verification. + @param[in] CertSize Size of the trusted certificate in bytes. + @param[out] SigningTime Return the time of timestamp generation time if the timestamp + signature is valid. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +ImageTimestampVerify ( + IN CONST UINT8 *AuthData, + IN UINTNDataSize, + IN CONST UINT8 *TsaCert, + IN UINTNCertSize, + OUT EFI_TIME *SigningTime + ) +{ + BOOLEAN Status; + UINT8*Ptr; + UINT8*End; + INT32Len; + UINTNObjLen; + UINT8*TempPtr; + + // + // Initializations + // + if (SigningTime != NULL) { +SetMem (SigningTime, sizeof (EFI_TIME), 0); + } + + // + // Input Parameters Checking. + // + if ((AuthData == NULL) || (TsaCert == NULL)) { +return FALSE; + } + + if ((DataSize > INT_MAX) || (CertSize > INT_MAX)) { +return FALSE; + } + + Ptr = (UINT8 *)(UINTN)AuthData; + Len = (UINT32)DataSize; + End = Ptr + Len; + + // ContentInfo + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) != 0) { +return FALSE; + } + + // ContentType + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_OID) != 0) { +return FALSE; + } + + Ptr += ObjLen; + // content + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC) != 0) { +return FALSE; + } + + End = Ptr + ObjLen; + // signedData + if (mbedtls_asn1_get_tag (&Ptr
[edk2-devel] [PATCH v3 08/11] CryptoPkg: Add AuthenticodeVerify based on Mbedtls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Implement AuthenticodeVerify based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Pk/CryptAuthenticode.c| 214 ++ 1 file changed, 214 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c new file mode 100644 index 00..9d8301b2c0 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c @@ -0,0 +1,214 @@ +/** @file + Authenticode Portable Executable Signature Verification which does not provide + real capabilities. + +Copyright (c) 2024, Intel Corporation. All rights reserved. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include + +// +// OID ASN.1 Value for SPC_INDIRECT_DATA_OBJID +// +GLOBAL_REMOVE_IF_UNREFERENCED const UINT8 mSpcIndirectOidValue[] = { + 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x04 +}; + +/** + Verifies the validity of a PE/COFF Authenticode Signature as described in "Windows + Authenticode Portable Executable Signature Format". + + Return FALSE to indicate this interface is not supported. + + @param[in] AuthData Pointer to the Authenticode Signature retrieved from signed + PE/COFF image to be verified. + @param[in] DataSize Size of the Authenticode Signature in bytes. + @param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which + is used for certificate chain verification. + @param[in] CertSize Size of the trusted certificate in bytes. + @param[in] ImageHashPointer to the original image file hash value. The procedure + for calculating the image hash value is described in Authenticode + specification. + @param[in] HashSize Size of Image hash value in bytes. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +AuthenticodeVerify ( + IN CONST UINT8 *AuthData, + IN UINTNDataSize, + IN CONST UINT8 *TrustedCert, + IN UINTNCertSize, + IN CONST UINT8 *ImageHash, + IN UINTNHashSize + ) +{ + BOOLEAN Status; + CONST UINT8 *OrigAuthData; + UINT8*SpcIndirectDataContent; + UINT8Asn1Byte; + UINTNContentSize; + CONST UINT8 *SpcIndirectDataOid; + UINT8*Ptr; + UINT8*End; + INT32Len; + UINTNObjLen; + + OrigAuthData = AuthData; + + // + // Check input parameters. + // + if ((AuthData == NULL) || (TrustedCert == NULL) || (ImageHash == NULL)) { +return FALSE; + } + + if ((DataSize > INT_MAX) || (CertSize > INT_MAX) || (HashSize > INT_MAX)) { +return FALSE; + } + + if (DataSize <= HashSize) { +return FALSE; + } + + Ptr = (UINT8 *)(UINTN)AuthData; + Len = (UINT32)DataSize; + End = Ptr + Len; + + // ContentInfo + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) != 0) { +return FALSE; + } + + // ContentType + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_OID) != 0) { +return FALSE; + } + + Ptr += ObjLen; + // content + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC) != 0) { +return FALSE; + } + + End = Ptr + ObjLen; + // signedData + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) != 0) { +return FALSE; + } + + // version + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_INTEGER) != 0) { +return FALSE; + } + + Ptr += ObjLen; + // digestAlgo + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET) != 0) { +return FALSE; + } + + Ptr += ObjLen; + + // encapContentInfo + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) != 0) { +return FALSE; + } + + End = Ptr + ObjLen; + // eContentType + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_OID) != 0) { +return FALSE; + } + + Status = FALSE; + + SpcIndirectDataOid = Ptr; + if ((ObjLen != sizeof (mSpcIndirectOidValue)) || + (CompareMem ( + SpcIndirectDataOid, + mSpcIndirectOidValue, + sizeof (mSpcIndirectOidValue) + ) != 0)) + { +// +// Un-matched SPC_INDIRECT_DATA_OBJID. +// +goto _Exit; + } + + Ptr += ObjLen; + // eContent + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC) != 0) { +return FALSE; + } + + SpcIndirectDataContent = Ptr; + + // + // Retrieve the SEQUENCE data size from ASN.1-encoded SpcIndirectDataContent. + // + Asn1Byte = *(SpcIndirectDataContent + 1); + + if ((Asn1Byte & 0x80) == 0) { +/
[edk2-devel] [PATCH v3 04/11] CryptoPkg: Add X509 functions based on Mbedtls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 X.509 Certificate Handler Wrapper Implementation over MbedTLS. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pk/CryptX509.c| 1940 + 1 file changed, 1940 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509.c new file mode 100644 index 00..84b67c8f0a --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509.c @@ -0,0 +1,1940 @@ +/** @file + X.509 Certificate Handler Wrapper Implementation over MbedTLS. + +Copyright (c) 2024, Intel Corporation. All rights reserved. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include +#include +#include +#include +#include +#include + +/// +/// OID +/// +STATIC CONST UINT8 OID_commonName[] = { + 0x55, 0x04, 0x03 +}; +STATIC CONST UINT8 OID_organizationName[] = { + 0x55, 0x04, 0x0A +}; +STATIC CONST UINT8 OID_extKeyUsage[] = { + 0x55, 0x1D, 0x25 +}; +STATIC CONST UINT8 OID_BasicConstraints[] = { + 0x55, 0x1D, 0x13 +}; + +/* Profile for backward compatibility. Allows RSA 1024, unlike the default + profile. */ +STATIC mbedtls_x509_crt_profile gCompatProfile = +{ + /* Hashes from SHA-256 and above. Note that this selection + * should be aligned with ssl_preset_default_hashes in ssl_tls.c. */ + MBEDTLS_X509_ID_FLAG (MBEDTLS_MD_SHA256) | + MBEDTLS_X509_ID_FLAG (MBEDTLS_MD_SHA384) | + MBEDTLS_X509_ID_FLAG (MBEDTLS_MD_SHA512), + 0xFFF, /* Any PK alg*/ + + /* Curves at or above 128-bit security level. Note that this selection + * should be aligned with ssl_preset_default_curves in ssl_tls.c. */ + MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_SECP256R1) | + MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_SECP384R1) | + MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_SECP521R1) | + MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_BP256R1) | + MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_BP384R1) | + MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_BP512R1) | + 0, + 1024, +}; + +/** + Construct a X509 object from DER-encoded certificate data. + + If Cert is NULL, then return FALSE. + If SingleX509Cert is NULL, then return FALSE. + + @param[in] CertPointer to the DER-encoded certificate data. + @param[in] CertSizeThe size of certificate data in bytes. + @param[out] SingleX509Cert The generated X509 object. + + @retval TRUEThe X509 object generation succeeded. + @retval FALSE The operation failed. + +**/ +BOOLEAN +EFIAPI +X509ConstructCertificate ( + IN CONST UINT8 *Cert, + IN UINTNCertSize, + OUT UINT8 **SingleX509Cert + ) +{ + mbedtls_x509_crt *MbedTlsCert; + INT32 Ret; + + if ((Cert == NULL) || (SingleX509Cert == NULL) || (CertSize == 0)) { +return FALSE; + } + + MbedTlsCert = AllocateZeroPool (sizeof (mbedtls_x509_crt)); + if (MbedTlsCert == NULL) { +return FALSE; + } + + mbedtls_x509_crt_init (MbedTlsCert); + + *SingleX509Cert = (UINT8 *)(VOID *)MbedTlsCert; + Ret = mbedtls_x509_crt_parse_der (MbedTlsCert, Cert, CertSize); + if (Ret == 0) { +return TRUE; + } else { +mbedtls_x509_crt_free (MbedTlsCert); +FreePool (MbedTlsCert); +return FALSE; + } +} + +/** + Construct a X509 stack object from a list of DER-encoded certificate data. + + If X509Stack is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] X509Stack On input, pointer to an existing or NULL X509 stack object. + On output, pointer to the X509 stack object with new + inserted X509 certificate. + @param[in] Args VA_LIST marker for the variable argument list. + A list of DER-encoded single certificate data followed + by certificate size. A NULL terminates the list. The + pairs are the arguments to X509ConstructCertificate(). + + @retval TRUEThe X509 stack construction succeeded. + @retval FALSE The construction operation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +X509ConstructCertificateStackV ( + IN OUT UINT8 **X509Stack, + IN VA_LISTArgs + ) +{ + UINT8 *Cert; + UINTN CertSize; + INT32 Index; + INT32 Ret; + mbedtls_x509_crt *Crt; + + if (X509Stack == NULL) { +return FALSE; + } + + Ret = 0; + Crt = NULL; + if (*X509Stack == NULL) { +Crt = AllocateZeroPool (sizeof (mbedtls_x509_crt)); +if (Crt == NULL) { + return FALSE; +} + +mbedtls_x509_crt_init (Crt); +*X509Stack = (UINT8 *)Crt; + } + + for (Index = 0; ; Index++) { +// +// If Cert is NULL, then it is the end of
[edk2-devel] [PATCH v3 06/11] CryptoPkg: Add Pkcs5 functions based on Mbedtls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 PBKDF2 Key Derivation Function Wrapper Implementation over MbedTLS. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c | 100 ++ 1 file changed, 100 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c new file mode 100644 index 00..94f1fcfa3b --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c @@ -0,0 +1,100 @@ +/** @file + PBKDF2 Key Derivation Function Wrapper Implementation over MbedTLS. + +Copyright (c) 2024, Intel Corporation. All rights reserved. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include + +/** + Derives a key from a password using a salt and iteration count, based on PKCS#5 v2.0 + password based encryption key derivation function PBKDF2, as specified in RFC 2898. + + If Password or Salt or OutKey is NULL, then return FALSE. + If the hash algorithm could not be determined, then return FALSE. + + @param[in] PasswordLength Length of input password in bytes. + @param[in] PasswordPointer to the array for the password. + @param[in] SaltLength Size of the Salt in bytes. + @param[in] SaltPointer to the Salt. + @param[in] IterationCount Number of iterations to perform. Its value should be + greater than or equal to 1. + @param[in] DigestSize Size of the message digest to be used (eg. SHA256_DIGEST_SIZE). + NOTE: DigestSize will be used to determine the hash algorithm. +Only SHA1_DIGEST_SIZE or SHA256_DIGEST_SIZE is supported. + @param[in] KeyLength Size of the derived key buffer in bytes. + @param[out] OutKey Pointer to the output derived key buffer. + + @retval TRUE A key was derived successfully. + @retval FALSE One of the pointers was NULL or one of the sizes was too large. + @retval FALSE The hash algorithm could not be determined from the digest size. + @retval FALSE The key derivation operation failed. + +**/ +BOOLEAN +EFIAPI +Pkcs5HashPassword ( + IN UINTNPasswordLength, + IN CONST CHAR8 *Password, + IN UINTNSaltLength, + IN CONST UINT8 *Salt, + IN UINTNIterationCount, + IN UINTNDigestSize, + IN UINTNKeyLength, + OUT UINT8 *OutKey + ) +{ + mbedtls_md_type_t HashAlg; + + // + // Parameter Checking. + // + if ((Password == NULL) || (Salt == NULL) || (OutKey == NULL)) { +return FALSE; + } + + if ((PasswordLength == 0) || (PasswordLength > INT_MAX) || + (SaltLength == 0) || (SaltLength > INT_MAX) || + (KeyLength == 0) || (KeyLength > INT_MAX) || + (IterationCount < 1) || (IterationCount > INT_MAX)) + { +return FALSE; + } + + // + // Make sure the digest algorithm is supported. + // + switch (DigestSize) { +case SHA1_DIGEST_SIZE: + HashAlg = MBEDTLS_MD_SHA1; + break; +case SHA256_DIGEST_SIZE: + HashAlg = MBEDTLS_MD_SHA256; + break; +default: + return FALSE; + break; + } + + // + // Perform password-based key derivation routines. + // + if (mbedtls_pkcs5_pbkdf2_hmac_ext ( +HashAlg, +(CONST UINT8 *)Password, +(int)PasswordLength, +(CONST UINT8 *)Salt, +(int)SaltLength, +(int)IterationCount, +(int)KeyLength, +(UINT8 *)OutKey +) != 0) + { +return FALSE; + } else { +return TRUE; + } +} -- 2.26.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118737): https://edk2.groups.io/g/devel/message/118737 Mute This Topic: https://groups.io/mt/105996832/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v3 05/11] CryptoPkg: Add Pkcs7 related functions based on Mbedtls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Because the current Mbedlts pkcs7 library doesn't support authenticatedAttributes: Mbed-TLS/mbedtls@bb82ab7 and only support 0 or 1 certificates in Signed data: tianocore/edk2-staging@9c5b26b The patch implement Pkcs7 by low Mbedtls Api. And the implementation has pass unit_tes and integration test. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- CryptoPkg/Include/Library/BaseCryptLib.h |2 + .../BaseCryptLibMbedTls/InternalCryptLib.h| 33 + .../Pk/CryptPkcs7Internal.h | 29 +- .../BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c | 635 .../Pk/CryptPkcs7VerifyBase.c | 113 ++ .../Pk/CryptPkcs7VerifyCommon.c | 1354 + .../Pk/CryptPkcs7VerifyEku.c | 689 + 7 files changed, 2843 insertions(+), 12 deletions(-) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyBase.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyCommon.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyEku.c diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h index 111df8e78b..ac5841f1d9 100644 --- a/CryptoPkg/Include/Library/BaseCryptLib.h +++ b/CryptoPkg/Include/Library/BaseCryptLib.h @@ -2351,6 +2351,8 @@ Pkcs7FreeSigners ( unchained to the signer's certificates. The input signed data could be wrapped in a ContentInfo structure. + Pkcs7GetCertificatesList has not been implemented in BaseCryptoLibMbedTls. + @param[in] P7DataPointer to the PKCS#7 message. @param[in] P7Length Length of the PKCS#7 message in bytes. @param[out] SignerChainCerts Pointer to the certificates list chained to signer's diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h index a30666cef4..c9f19dd0cd 100644 --- a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h @@ -38,4 +38,37 @@ MbedtlsRand ( UINT8 *Output, UINTN Len ); + +/** + Check input P7Data is a wrapped ContentInfo structure or not. If not construct + a new structure to wrap P7Data. + + Caution: This function may receive untrusted input. + UEFI Authenticated Variable is external input, so this function will do basic + check for PKCS#7 data structure. + + @param[in] P7Data Pointer to the PKCS#7 message to verify. + @param[in] P7Length Length of the PKCS#7 message in bytes. + @param[out] WrapFlag If TRUE P7Data is a ContentInfo structure, otherwise + return FALSE. + @param[out] WrapData If return status of this function is TRUE: + 1) when WrapFlag is TRUE, pointer to P7Data. + 2) when WrapFlag is FALSE, pointer to a new ContentInfo + structure. It's caller's responsibility to free this + buffer. + @param[out] WrapDataSize Length of ContentInfo structure in bytes. + + @retval TRUE The operation is finished successfully. + @retval FALSEThe operation is failed due to lack of resources. + +**/ +BOOLEAN +WrapPkcs7Data ( + IN CONST UINT8 *P7Data, + IN UINTNP7Length, + OUT BOOLEAN *WrapFlag, + OUT UINT8**WrapData, + OUT UINTN*WrapDataSize + ); + #endif diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Internal.h b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Internal.h index 207f493cbb..cbdd1dc530 100644 --- a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Internal.h +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Internal.h @@ -4,7 +4,7 @@ RFC 2315 - PKCS #7: Cryptographic Message Syntax Version 1.5 -Copyright (c) 2023, Intel Corporation. All rights reserved. +Copyright (c) 2023-2024, Intel Corporation. All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -31,10 +31,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #define MBEDTLS_OID_PKCS7_DIGESTED_DATA MBEDTLS_OID_PKCS7 "\x05" #define MBEDTLS_OID_PKCS7_ENCRYPTED_DATA MBEDTLS_OID_PKCS7 "\x06" -typedef mbedtls_asn1_buf MBEDTLSPKCS7BUF; -typedef mbedtls_asn1_named_data MBEDTLSPKCS7NAME; -typedef mbedtls_asn1_sequenceMBEDTLSPKCS7SEQUENCE; - /// /// PKCS7 SignerInfo type /// https://tools.ietf.org/html/rfc2315#section-9.2 @@ -48,8 +44,8 @@ typedef struct MbedtlsPkcs7SignerInfo { mbedtls_x509_buf SigAlgIdentifier; mbedtls_x509_buf AuthAttr; mbedtls_x509_buf Sig; - struct MBEDTLSPKCS7SIGNERINFO*Next; -} MBEDTLSPKCS7SIGNERINFO; + struct MbedtlsPkcs7SignerInfo*Next; +} MbedtlsPkcs7SignerInfo;
[edk2-devel] [PATCH v3 03/11] CryptoPkg: Add Pem APIs based on Mbedtls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Implement Pem API based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pem/CryptPem.c| 138 ++ 1 file changed, 138 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPem.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPem.c b/CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPem.c new file mode 100644 index 00..56411174dd --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPem.c @@ -0,0 +1,138 @@ +/** @file + PEM (Privacy Enhanced Mail) Format Handler Wrapper Implementation over MbedTLS. + +Copyright (c) 2024, Intel Corporation. All rights reserved. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include +#include +#include +#include +#include +#include + +/** + Retrieve the RSA Private Key from the password-protected PEM key data. + + @param[in] PemData Pointer to the PEM-encoded key data to be retrieved. + @param[in] PemSize Size of the PEM key data in bytes. + @param[in] Password NULL-terminated passphrase used for encrypted PEM key data. + @param[out] RsaContext Pointer to new-generated RSA context which contain the retrieved + RSA private key component. Use RsaFree() function to free the + resource. + + If PemData is NULL, then return FALSE. + If RsaContext is NULL, then return FALSE. + + @retval TRUE RSA Private Key was retrieved successfully. + @retval FALSE Invalid PEM key data or incorrect password. + +**/ +BOOLEAN +EFIAPI +RsaGetPrivateKeyFromPem ( + IN CONST UINT8 *PemData, + IN UINTNPemSize, + IN CONST CHAR8 *Password, + OUT VOID **RsaContext + ) +{ + INT32Ret; + mbedtls_pk_context Pk; + mbedtls_rsa_context *Rsa; + UINT8*NewPemData; + UINTNPasswordLen; + + if ((PemData == NULL) || (RsaContext == NULL) || (PemSize > INT_MAX)) { +return FALSE; + } + + NewPemData = NULL; + if (PemData[PemSize - 1] != 0) { +NewPemData = AllocateZeroPool (PemSize + 1); +if (NewPemData == NULL) { + return FALSE; +} + +CopyMem (NewPemData, PemData, PemSize + 1); +NewPemData[PemSize] = 0; +PemData = NewPemData; +PemSize+= 1; + } + + mbedtls_pk_init (&Pk); + + if (Password != NULL) { +PasswordLen = AsciiStrLen (Password); + } else { +PasswordLen = 0; + } + + Ret = mbedtls_pk_parse_key (&Pk, PemData, PemSize, (CONST UINT8 *)Password, PasswordLen, NULL, NULL); + + if (NewPemData != NULL) { +FreePool (NewPemData); +NewPemData = NULL; + } + + if (Ret != 0) { +mbedtls_pk_free (&Pk); +return FALSE; + } + + if (mbedtls_pk_get_type (&Pk) != MBEDTLS_PK_RSA) { +mbedtls_pk_free (&Pk); +return FALSE; + } + + Rsa = RsaNew (); + if (Rsa == NULL) { +mbedtls_pk_free (&Pk); +return FALSE; + } + + Ret = mbedtls_rsa_copy (Rsa, mbedtls_pk_rsa (Pk)); + if (Ret != 0) { +RsaFree (Rsa); +mbedtls_pk_free (&Pk); +return FALSE; + } + + mbedtls_pk_free (&Pk); + + *RsaContext = Rsa; + return TRUE; +} + +/** + Retrieve the EC Private Key from the password-protected PEM key data. + + @param[in] PemData Pointer to the PEM-encoded key data to be retrieved. + @param[in] PemSize Size of the PEM key data in bytes. + @param[in] Password NULL-terminated passphrase used for encrypted PEM key data. + @param[out] EcContextPointer to new-generated EC DSA context which contain the retrieved + EC private key component. Use EcFree() function to free the + resource. + + If PemData is NULL, then return FALSE. + If EcContext is NULL, then return FALSE. + + @retval TRUE EC Private Key was retrieved successfully. + @retval FALSE Invalid PEM key data or incorrect password. + +**/ +BOOLEAN +EFIAPI +EcGetPrivateKeyFromPem ( + IN CONST UINT8 *PemData, + IN UINTNPemSize, + IN CONST CHAR8 *Password, + OUT VOID **EcContext + ) +{ + ASSERT (FALSE); + return FALSE; +} -- 2.26.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118734): https://edk2.groups.io/g/devel/message/118734 Mute This Topic: https://groups.io/mt/105996829/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v3 02/11] CryptoPkg: Add rand function for BaseCryptLibMbedTls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Add rand function for BaseCryptLibMbedTls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- CryptoPkg/Include/Library/BaseCryptLib.h | 2 + .../BaseCryptLibMbedTls/InternalCryptLib.h| 16 +++ .../BaseCryptLibMbedTls/Rand/CryptRand.c | 114 ++ .../BaseCryptLibMbedTls/Rand/CryptRandTsc.c | 114 ++ 4 files changed, 246 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h index 86f784a1d2..111df8e78b 100644 --- a/CryptoPkg/Include/Library/BaseCryptLib.h +++ b/CryptoPkg/Include/Library/BaseCryptLib.h @@ -3139,6 +3139,8 @@ DhComputeKey ( If Seed is NULL, then default seed is used. If this interface is not supported, then return FALSE. + RandomSeed has not been implemented in BaseCryptoLibMbedTls. + @param[in] Seed Pointer to seed value. If NULL, default seed is used. @param[in] SeedSize Size of seed value. diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h index 039aa32028..a30666cef4 100644 --- a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h @@ -22,4 +22,20 @@ SPDX-License-Identifier: BSD-2-Clause-Patent // #include +/** + The MbedTLS function f_rng, which MbedtlsRand implements. + + @param[in] RngState Not used, just for compatibility with mbedlts. + @param[out] Output Pointer to buffer to receive random value. + @param[in] LenSize of random bytes to generate. + + @retval 0 Pseudorandom byte stream generated successfully. + @retval Non-0 Pseudorandom number generator fails to generate due to lack of entropy. +**/ +INT32 +MbedtlsRand ( + VOID *RngState, + UINT8 *Output, + UINTN Len + ); #endif diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c new file mode 100644 index 00..e01aabc0de --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c @@ -0,0 +1,114 @@ +/** @file + Pseudorandom Number Generator Wrapper Implementation over MbedTLS. + +Copyright (c) 2024, Intel Corporation. All rights reserved. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include + +/** + Sets up the seed value for the pseudorandom number generator. + + This function sets up the seed value for the pseudorandom number generator. + If Seed is not NULL, then the seed passed in is used. + If Seed is NULL, then default seed is used. + + @param[in] Seed Pointer to seed value. +If NULL, default seed is used. + @param[in] SeedSize Size of seed value. +If Seed is NULL, this parameter is ignored. + + @retval TRUE Pseudorandom number generator has enough entropy for random generation. + @retval FALSE Pseudorandom number generator does not have enough entropy for random generation. + +**/ +BOOLEAN +EFIAPI +RandomSeed ( + IN CONST UINT8 *Seed OPTIONAL, + IN UINTN SeedSize + ) +{ + return TRUE; +} + +/** + Generates a pseudorandom byte stream of the specified size. + + If Output is NULL, then return FALSE. + + @param[out] Output Pointer to buffer to receive random value. + @param[in] SizeSize of random bytes to generate. + + @retval TRUE Pseudorandom byte stream generated successfully. + @retval FALSE Pseudorandom number generator fails to generate due to lack of entropy. + +**/ +BOOLEAN +EFIAPI +RandomBytes ( + OUT UINT8 *Output, + IN UINTN Size + ) +{ + BOOLEAN Ret; + volatile UINT64 TempRand; + + // + // Check input parameters. + // + if ((Output == NULL) || (Size > INT_MAX)) { +return FALSE; + } + + Ret = FALSE; + + while (Size > 0) { +// Use RngLib to get random number +Ret = GetRandomNumber64 ((UINT64 *)&TempRand); + +if (!Ret) { + TempRand = 0; + return Ret; +} + +if (Size >= sizeof (TempRand)) { + *((UINT64 *)Output) = TempRand; + Output += sizeof (UINT64); + Size -= sizeof (TempRand); +} else { + CopyMem (Output, (VOID *)&TempRand, Size); + Size = 0; +} + } + + TempRand = 0; + return Ret; +} + +/** + The MbedTLS function f_rng, which MbedtlsRand implements. + + @param[in] RngState Not used, just for compatibility with mbedlts. + @param[out] Output Pointer to buffer to receive random value. + @param[in] LenSize of random bytes to generate. + + @retval 0 Pseudorandom byte stream generated successfully. + @retval Non-0 Pseudorandom number generator fails to generate due to lack of entropy. +**/ +INT
[edk2-devel] [PATCH v3 01/11] CryptoPkg: Add AeadAesGcm based on Mbedtls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 AeadAesGcm implementation based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Cipher/CryptAeadAesGcm.c | 227 ++ 1 file changed, 227 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcm.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcm.c b/CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcm.c new file mode 100644 index 00..b49d6f9f87 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcm.c @@ -0,0 +1,227 @@ +/** @file + AEAD (AES-GCM) Wrapper Implementation over MbedTLS. + + RFC 5116 - An Interface and Algorithms for Authenticated Encryption + NIST SP800-38d - Cipher Modes of Operation: Galois / Counter Mode(GCM) and GMAC + +Copyright (c) 2024, Intel Corporation. All rights reserved. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include + +/** + Performs AEAD AES-GCM authenticated encryption on a data buffer and additional authenticated data (AAD). + + IvSize must be 12, otherwise FALSE is returned. + KeySize must be 16, 24 or 32, otherwise FALSE is returned. + TagSize must be 12, 13, 14, 15, 16, otherwise FALSE is returned. + + @param[in] Key Pointer to the encryption key. + @param[in] KeySize Size of the encryption key in bytes. + @param[in] Iv Pointer to the IV value. + @param[in] IvSize Size of the IV value in bytes. + @param[in] AData Pointer to the additional authenticated data (AAD). + @param[in] ADataSize Size of the additional authenticated data (AAD) in bytes. + @param[in] DataIn Pointer to the input data buffer to be encrypted. + @param[in] DataInSize Size of the input data buffer in bytes. + @param[out] TagOut Pointer to a buffer that receives the authentication tag output. + @param[in] TagSize Size of the authentication tag in bytes. + @param[out] DataOut Pointer to a buffer that receives the encryption output. + @param[out] DataOutSize Size of the output data buffer in bytes. + + @retval TRUE AEAD AES-GCM authenticated encryption succeeded. + @retval FALSE AEAD AES-GCM authenticated encryption failed. + +**/ +BOOLEAN +EFIAPI +AeadAesGcmEncrypt ( + IN CONST UINT8 *Key, + IN UINTNKeySize, + IN CONST UINT8 *Iv, + IN UINTNIvSize, + IN CONST UINT8 *AData, + IN UINTNADataSize, + IN CONST UINT8 *DataIn, + IN UINTNDataInSize, + OUT UINT8*TagOut, + IN UINTNTagSize, + OUT UINT8*DataOut, + OUT UINTN*DataOutSize + ) +{ + mbedtls_gcm_context Ctx; + INT32Ret; + + if (DataInSize > INT_MAX) { +return FALSE; + } + + if (ADataSize > INT_MAX) { +return FALSE; + } + + if (IvSize != 12) { +return FALSE; + } + + switch (KeySize) { +case 16: +case 24: +case 32: + break; +default: + return FALSE; + } + + if ((TagSize != 12) && (TagSize != 13) && (TagSize != 14) && (TagSize != 15) && (TagSize != 16)) { +return FALSE; + } + + if (DataOutSize != NULL) { +if ((*DataOutSize > INT_MAX) || (*DataOutSize < DataInSize)) { + return FALSE; +} + } + + mbedtls_gcm_init (&Ctx); + + Ret = mbedtls_gcm_setkey (&Ctx, MBEDTLS_CIPHER_ID_AES, Key, (UINT32)(KeySize * 8)); + if (Ret != 0) { +return FALSE; + } + + Ret = mbedtls_gcm_crypt_and_tag ( + &Ctx, + MBEDTLS_GCM_ENCRYPT, + (UINT32)DataInSize, + Iv, + (UINT32)IvSize, + AData, + (UINT32)ADataSize, + DataIn, + DataOut, + TagSize, + TagOut + ); + mbedtls_gcm_free (&Ctx); + if (Ret != 0) { +return FALSE; + } + + if (DataOutSize != NULL) { +*DataOutSize = DataInSize; + } + + return TRUE; +} + +/** + Performs AEAD AES-GCM authenticated decryption on a data buffer and additional authenticated data (AAD). + + IvSize must be 12, otherwise FALSE is returned. + KeySize must be 16, 24 or 32, otherwise FALSE is returned. + TagSize must be 12, 13, 14, 15, 16, otherwise FALSE is returned. + If additional authenticated data verification fails, FALSE is returned. + + @param[in] Key Pointer to the encryption key. + @param[in] KeySize Size of the encryption key in bytes. + @param[in] Iv Pointer to the IV value. + @param[in] IvSize Size of the IV value in bytes. + @param[in] AData Pointer to the additional authenticated data (AAD). + @param[in] ADataSize Size of the additional authenticated data (AAD) in bytes. + @param[in] DataIn Pointer to the input data buffer to be decrypted. + @param[in] DataInSize Size of the input data buffer in bytes. + @param[in] Tag Pointer to a buffer that contains the authentication tag. + @param[in]
[edk2-devel] [PATCH v3 00/11] Add more crypt APIs based on Mbedtls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Add AeadAesGcm/Pem(only RSA)/X509(only RSA)/More RSA/PKCS5/pKCS7/Authenticode/Timestamp implementation based on Mbedtls. The patch has passed the EDKII CI check: https://github.com/tianocore/edk2/pull/5552 And the patch has passed unit_test in EDKII and integration test for platform. And the patch hass passed the fuzz test: https://github.com/tianocore/edk2-staging/commit/4f19398053c92e4f7791d468a184530b6ab89128 v2 changes: - Fix format variable name/hardcode number issue; - Fix Pkcs7 memory leak; v3 changes: - Fix some issues form reviewer; - Add SHA3/SM3 implementation; - Update *.inf files; Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou Wenxing Hou (11): CryptoPkg: Add AeadAesGcm based on Mbedtls CryptoPkg: Add rand function for BaseCryptLibMbedTls CryptoPkg: Add Pem APIs based on Mbedtls CryptoPkg: Add X509 functions based on Mbedtls CryptoPkg: Add Pkcs7 related functions based on Mbedtls CryptoPkg: Add Pkcs5 functions based on Mbedtls CryptoPkg: Add more RSA related functions based on Mbedtls CryptoPkg: Add AuthenticodeVerify based on Mbedtls CryptoPkg: Add ImageTimestampVerify based on Mbedtls CryptoPkg: Update *.inf in BaseCryptLibMbedTls Add SHA3/SM3 functions with openssl for Mbedtls CryptoPkg/Include/Library/BaseCryptLib.h |4 + .../BaseCryptLibMbedTls/BaseCryptLib.inf | 47 +- .../Cipher/CryptAeadAesGcm.c | 227 ++ .../BaseCryptLibMbedTls/InternalCryptLib.h| 49 + .../BaseCryptLibMbedTls/PeiCryptLib.inf | 27 +- .../BaseCryptLibMbedTls/Pem/CryptPem.c| 138 ++ .../Pk/CryptAuthenticode.c| 214 ++ .../BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c | 278 +++ .../BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c | 100 + .../Pk/CryptPkcs7Internal.h | 29 +- .../BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c | 635 ++ .../Pk/CryptPkcs7VerifyBase.c | 113 + .../Pk/CryptPkcs7VerifyCommon.c | 1354 .../Pk/CryptPkcs7VerifyEku.c | 689 ++ .../BaseCryptLibMbedTls/Pk/CryptRsaExt.c | 352 +++ .../BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c | 140 ++ .../Library/BaseCryptLibMbedTls/Pk/CryptTs.c | 381 .../BaseCryptLibMbedTls/Pk/CryptX509.c| 1940 + .../BaseCryptLibMbedTls/Rand/CryptRand.c | 114 + .../BaseCryptLibMbedTls/Rand/CryptRandTsc.c | 114 + .../BaseCryptLibMbedTls/RuntimeCryptLib.inf | 26 +- .../BaseCryptLibMbedTls/SmmCryptLib.inf | 36 +- .../BaseCryptLibMbedTls/TestBaseCryptLib.inf | 39 +- CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf |6 + .../Library/MbedTlsLib/MbedTlsLibFull.inf |6 + 25 files changed, 6973 insertions(+), 85 deletions(-) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcm.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPem.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyBase.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyCommon.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyEku.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExt.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTs.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c -- 2.26.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118731): https://edk2.groups.io/g/devel/message/118731 Mute This Topic: https://groups.io/mt/105996826/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH RESEND edk2-platforms][PATCH V2 12/14] Platform/ARM: Add CadenceQspiNorFlashDeviceLib for NorFlashDxe
Hi Pierre, Thanks for reviewing the patchset. Please find my comment inline below. On Thu, 2 May 2024 at 18:47, PierreGondois via groups.io wrote: > > Hello Sahil, > > On 4/23/24 07:56, Sahil Kaushal via groups.io wrote: > > From: sahil > > > > In N1Sdp platform, the SoC is connected to IOFPGA which has a > > Cadence Quad SPI (QSPI) controller. This QSPI controller manages > > the flash chip device via QSPI bus. > > > > This patch adds CadenceQspiNorFlashDeviceLib which is used to > > manage and access the above configuration. > > > > Signed-off-by: sahil > > --- > > Platform/ARM/Library/CadenceQspiNorFlashDeviceLib/CadenceQspiNorFlashDeviceLib.inf | 32 + > > Platform/ARM/Library/CadenceQspiNorFlashDeviceLib/CadenceQspiNorFlashDeviceLib.h | 44 + > > Platform/ARM/Library/CadenceQspiNorFlashDeviceLib/CadenceQspiNorFlashDeviceLib.c | 1011 > > 3 files changed, 1087 insertions(+) > > > > [snip] > > > + > > +/** > > + Converts milliseconds into number of ticks of the performance counter. > > + > > + @param[in] Milliseconds Milliseconds to convert into ticks. > > + > > + @retval Milliseconds expressed as number of ticks. > > + > > +**/ > > +STATIC > > +UINT64 > > +MilliSecondsToTicks ( > > + IN UINTN Milliseconds > > + ) > > +{ > > + CONST UINT64 NanoSecondsPerTick = GetTimeInNanoSecond (1); > > + > > + return (Milliseconds * 100) / NanoSecondsPerTick; > > Should use DivU64x64Remainder() here: > { >UINT64 NanoSecondsPerTick; >UINT64 NanoSeconds; > >NanoSecondsPerTick = GetTimeInNanoSecond (1); >NanoSeconds = MultU64x32 (Milliseconds, 100); > >return DivU64x64Remainder (NanoSeconds, NanoSecondsPerTick, NULL); > } > > > +} > > + > > +/** > > + Poll Status register for NOR flash erase/write completion. > > + > > + @param[in] Instance NOR flash Instance. > > + > > + @retval EFI_SUCCESSRequest is executed successfully. > > + @retval EFI_TIMEOUTOperation timed out. > > + @retval EFI_DEVICE_ERROR Controller operartion failed. > > operartion -> typo > (same at another place I think) > > [snip] > > > + > > +/** > > + Read from nor flash. > > + > > + @param[in] Instance NOR flash Instance of variable store region. > > + @param[in] LbaThe starting logical block index to read from. > > + @param[in] Offset Offset into the block at which to begin reading. > > + @param[in] BufferSizeInBytes The number of bytes to read. > > + @param[out]Buffer The pointer to a caller-allocated buffer that > > +should copied with read data. > > + > > + @retvalEFI_SUCCESSThe read is completed. > > + @retvalEFI_INVALID_PARAMETER Invalid parameters passed. > > +**/ > > +EFI_STATUS > > +NorFlashRead ( > > + IN NOR_FLASH_INSTANCE *Instance, > > + IN EFI_LBA Lba, > > + IN UINTN Offset, > > + IN UINTN BufferSizeInBytes, > > + OUT VOID *Buffer > > + ) > > +{ > > + UINTN StartAddress; > > + > > + // The buffer must be valid > > + if (Buffer == NULL) { > > +return EFI_INVALID_PARAMETER; > > + } > > + > > + // Return if we do not have any byte to read > > + if (BufferSizeInBytes == 0) { > > +return EFI_SUCCESS; > > + } > > + > > + if (((Lba * Instance->Media.BlockSize) + Offset + BufferSizeInBytes) > > > + Instance->Size) > > + { > > +DEBUG (( > > + DEBUG_ERROR, > > + "NorFlashRead: ERROR - Read will exceed device size.\n" > > + )); > > +return EFI_INVALID_PARAMETER; > > + } > > + > > + // Get the address to start reading from > > + StartAddress = GET_NOR_BLOCK_ADDRESS ( > > + Instance->RegionBaseAddress, > > + Lba, > > + Instance->Media.BlockSize > > + ); > > + > > + // Readout the data > > + CopyMem (Buffer, (UINTN *)(StartAddress + Offset), BufferSizeInBytes); > > The original code at: >Platform/ARM/Library/P30NorFlashDeviceLib/P30NorFlashDeviceLib.c > > implements and uses AlignedCopyMem()/NorFlashWriteBuffer() which seems > to be more efficient. > Just to be sure I understand correctly, is the maximal read/write size > of 4 bytes ? Meaning that these functions are not needed ? > > --- > > NorFlashWriteBuffer() is not implemented here IIUC won't be implemtned as not > needed. Maybe in an additional patch, the function could be removed from the > library interface at: >Platform/ARM/Include/Library/NorFlashDeviceLib.h > and made static in: >Platform/ARM/Library/P30NorFlashDeviceLib/P30NorFlashDeviceLib.c > CopyMem() and AlignedCopyMem() have nearly identical implementations, therefore I think we can continue using CopyMem() here. For NorFlashWriteBuffer(), in the P30 spec, it looks like buffered programming is one of the features of the IP whereas there is no suc
[edk2-devel] [PATCH v2 02/13] EmulatorPkg: : Add Hash2DxeCrypto to EmulatorPkg
From: Doug Flick This patch adds Hash2DxeCrypto to EmulatorPkg. The Hash2DxeCrypto is used to provide the hashing protocol services. Cc: Andrew Fish Cc: Ray Ni Signed-off-by: Doug Flick [MSFT] --- EmulatorPkg/EmulatorPkg.dsc | 9 +++-- EmulatorPkg/EmulatorPkg.fdf | 5 + 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/EmulatorPkg/EmulatorPkg.dsc b/EmulatorPkg/EmulatorPkg.dsc index 0a66294cb768..1c356bc8c732 100644 --- a/EmulatorPkg/EmulatorPkg.dsc +++ b/EmulatorPkg/EmulatorPkg.dsc @@ -128,10 +128,11 @@ [LibraryClasses] FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf ImagePropertiesRecordLib|MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.inf RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf - -!if $(SECURE_BOOT_ENABLE) == TRUE IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + +!if $(SECURE_BOOT_ENABLE) == TRUE PlatformSecureLib|SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf @@ -402,6 +403,10 @@ [Components] # Rng Protocol producer # SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf !if $(SECURE_BOOT_ENABLE) == TRUE SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf diff --git a/EmulatorPkg/EmulatorPkg.fdf b/EmulatorPkg/EmulatorPkg.fdf index d756c144d94d..73d5b0068d3f 100644 --- a/EmulatorPkg/EmulatorPkg.fdf +++ b/EmulatorPkg/EmulatorPkg.fdf @@ -198,6 +198,11 @@ [FV.FvRecovery] # INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Secure Boot Key Enroll # -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118729): https://edk2.groups.io/g/devel/message/118729 Mute This Topic: https://groups.io/mt/105996594/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 13/13] NetworkPkg: Update the PxeBcDhcp6GoogleTest due to underlying changes
From: Doug Flick This patch updates the PxeBcDhcp6GoogleTest due to the changes in the underlying code. The changes are as follows: - Random now comes from the RngLib Protocol - The TCP ISN is now generated by the hash function Cc: Saloni Kasbekar Cc: Zachary Clark-williams Signed-off-by: Doug Flick [MSFT] --- NetworkPkg/Test/NetworkPkgHostTest.dsc| 1 + NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf | 3 +- NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp | 102 +++- 3 files changed, 100 insertions(+), 6 deletions(-) diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc index fa301a7a52ab..1772afb05815 100644 --- a/NetworkPkg/Test/NetworkPkgHostTest.dsc +++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc @@ -30,6 +30,7 @@ [Components] NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf { UefiRuntimeServicesTableLib|MdePkg/Test/Mock/Library/GoogleTest/MockUefiRuntimeServicesTableLib/MockUefiRuntimeServicesTableLib.inf + UefiBootServicesTableLib|MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf } # Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests. diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf index 301dcdf61109..8b092d9291d4 100644 --- a/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf +++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf @@ -14,7 +14,7 @@ [Defines] # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 +# VALID_ARCHITECTURES = IA32 X64 AARCH64 # [Sources] @@ -23,6 +23,7 @@ [Sources] PxeBcDhcp6GoogleTest.h ../PxeBcDhcp6.c ../PxeBcSupport.c + ../../../MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockRng.cpp [Packages] MdePkg/MdePkg.dec diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp index bd423ebadfce..61736ff79e83 100644 --- a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp +++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp @@ -7,6 +7,8 @@ #include #include #include +#include +#include extern "C" { #include @@ -165,7 +167,7 @@ protected: // Note: // Testing PxeBcHandleDhcp6Offer() is difficult because it depends on a // properly setup Private structure. Attempting to properly test this function -// without a signficant refactor is a fools errand. Instead, we will test +// without a significant refactor is a fools errand. Instead, we will test // that we can prevent an overflow in the function. TEST_F (PxeBcHandleDhcp6OfferTest, BasicUsageTest) { PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL; @@ -238,6 +240,7 @@ TEST_F (PxeBcCacheDnsServerAddressesTest, BasicUsageTest) { FreePool (Option); } } + // Test Description // Test that we can prevent an overflow in the function TEST_F (PxeBcCacheDnsServerAddressesTest, AttemptOverflowTest) { @@ -470,10 +473,15 @@ TEST_F (PxeBcRequestBootServiceTest, AttemptRequestOverFlowExpectFailure) { class PxeBcDhcp6DiscoverTest : public ::testing::Test { public: PXEBC_PRIVATE_DATA Private = { 0 }; + // create a mock md5 hash + UINT8 Md5Hash[16] = { 0 }; + EFI_UDP6_PROTOCOL Udp6Read; protected: MockUefiRuntimeServicesTableLib RtServicesMock; + MockUefiBootServicesTableLib BsMock; + MockRng RngMock; // Add any setup code if needed virtual void @@ -527,8 +535,21 @@ TEST_F (PxeBcDhcp6DiscoverTest, BasicOverflowTest) { Private.Dhcp6Request->Length = (UINT16)(Cursor - (UINT8 *)Private.Dhcp6Request); - EXPECT_CALL (RtServicesMock, gRT_GetTime) -.WillOnce (::testing::Return (0)); + EXPECT_CALL (BsMock, gBS_LocateProtocol) +.WillOnce ( + ::testing::DoAll ( +::testing::SetArgPointee<2> (::testing::ByRef (gRngProtocol)), +::testing::Return (EFI_SUCCESS) +) + ); + + EXPECT_CALL (RngMock, GetRng) +.WillOnce ( + ::testing::DoAll ( +::testing::SetArgPointee<3> (::testing::ByRef (Md5Hash[0])), +::testing::Return (EFI_SUCCESS) +) + ); ASSERT_EQ ( PxeBcDhcp6Discover ( @@ -558,8 +579,21 @@ TEST_F (PxeBcDhcp6DiscoverTest, BasicUsageTest) { Private.Dhcp6Request->Length = (UINT16)(Cursor - (UINT8 *)Private.Dhcp6Request); - EXPECT_CALL (RtServicesMock, gRT_GetTime) -.WillOnce (::testing::Return (0)); + EXPECT_CALL (BsMock, gBS_LocateProtocol) +.WillOnce ( + ::testing::DoAll ( +::testing::SetArgPointee<2> (::testing::ByRef (gRngProtocol)), +::testing::Return (EFI_SUCCESS) +
[edk2-devel] [PATCH v2 12/13] MdePkg: Add MockHash2 Protocol for testing
From: Doug Flick This commit adds a new MockHash2 protocol to the MdePkg. This protocol is used to test Hash2 protocol consumers. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Signed-off-by: Doug Flick [MSFT] --- MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockHash2.h | 67 MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockHash2.cpp | 27 2 files changed, 94 insertions(+) diff --git a/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockHash2.h b/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockHash2.h new file mode 100644 index ..b44d341332dc --- /dev/null +++ b/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockHash2.h @@ -0,0 +1,67 @@ +/** @file + This file declares a mock of Hash2 Protocol. + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef MOCK_HASH2_H_ +#define MOCK_HASH2_H_ + +#include +#include + +extern "C" { + #include + #include +} + +struct MockHash2 { + MOCK_INTERFACE_DECLARATION (MockHash2); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +GetHashSize, +(IN CONST EFI_HASH2_PROTOCOL *This, + IN CONST EFI_GUID*HashAlgorithm, + OUT UINTN*HashSize) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +Hash, +(IN CONST EFI_HASH2_PROTOCOL *This, + IN CONST EFI_GUID*HashAlgorithm, + IN CONST UINT8 *Message, + IN UINTN MessageSize, + IN OUT EFI_HASH2_OUTPUT *Hash) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +HashInit, +(IN CONST EFI_HASH2_PROTOCOL *This, + IN CONST EFI_GUID*HashAlgorithm) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +HashUpdate, +(IN CONST EFI_HASH2_PROTOCOL *This, + IN CONST UINT8 *Message, + IN UINTN MessageSize) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +HashFinal, +(IN CONST EFI_HASH2_PROTOCOL *This, + IN OUT EFI_HASH2_OUTPUT *Hash) +); +}; + +extern "C" { + extern EFI_HASH2_PROTOCOL *gHash2Protocol; +} + +#endif // MOCK_HASH2_H_ diff --git a/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockHash2.cpp b/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockHash2.cpp new file mode 100644 index ..5cf94c43b4a5 --- /dev/null +++ b/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockHash2.cpp @@ -0,0 +1,27 @@ +/** @file MockHash2.cpp + Google Test mock for Hash2 Protocol + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +MOCK_INTERFACE_DEFINITION (MockHash2); +MOCK_FUNCTION_DEFINITION (MockHash2, GetHashSize, 3, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockHash2, Hash, 5, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockHash2, HashInit, 2, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockHash2, HashUpdate, 3, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockHash2, HashFinal, 2, EFIAPI); + +EFI_HASH2_PROTOCOL HASH2_PROTOCOL_INSTANCE = { + GetHashSize, // EFI_HASH2_GET_HASH_SIZE + Hash,// EFI_HASH2_HASH + HashInit,// EFI_HASH2_HASH_INIT + HashUpdate, // EFI_HASH2_HASH_UPDATE + HashFinal// EFI_HASH2_HASH_FINAL +}; + +extern "C" { + EFI_HASH2_PROTOCOL *gHash2Protocol = &HASH2_PROTOCOL_INSTANCE; +} -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118727): https://edk2.groups.io/g/devel/message/118727 Mute This Topic: https://groups.io/mt/105996590/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 11/13] MdePkg: : Adds Protocol for MockRng
From: Doug Flick This patch adds a protocol for MockRng. This protocol is used to mock the Rng protocol for testing purposes. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Signed-off-by: Doug Flick [MSFT] --- MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockRng.h | 48 MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockRng.cpp | 21 + 2 files changed, 69 insertions(+) diff --git a/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockRng.h b/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockRng.h new file mode 100644 index ..b54f8a234b2f --- /dev/null +++ b/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockRng.h @@ -0,0 +1,48 @@ +/** @file + This file declares a mock of Rng Protocol. + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef MOCK_RNG_H_ +#define MOCK_RNG_H_ + +#include +#include + +extern "C" { + #include + #include +} + +struct MockRng { + MOCK_INTERFACE_DECLARATION (MockRng); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +GetInfo, +( + IN EFI_RNG_PROTOCOL *This, + IN OUT UINTN*RNGAlgorithmListSize, + OUT EFI_RNG_ALGORITHM *RNGAlgorithmList +) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +GetRng, +( + IN EFI_RNG_PROTOCOL*This, + IN EFI_RNG_ALGORITHM *RNGAlgorithm, + IN UINTN RNGValueLength, + OUT UINT8 *RNGValue +) +); +}; + +extern "C" { + extern EFI_RNG_PROTOCOL *gRngProtocol; +} + +#endif // MOCK_RNG_H_ diff --git a/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockRng.cpp b/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockRng.cpp new file mode 100644 index ..7d8b69cc8673 --- /dev/null +++ b/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockRng.cpp @@ -0,0 +1,21 @@ +/** @file MockRng.cpp + Google Test mock for Rng Protocol + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +MOCK_INTERFACE_DEFINITION (MockRng); +MOCK_FUNCTION_DEFINITION (MockRng, GetInfo, 3, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockRng, GetRng, 4, EFIAPI); + +EFI_RNG_PROTOCOL RNG_PROTOCOL_INSTANCE = { + GetInfo, // EFI_RNG_GET_INFO + GetRng // EFI_RNG_GET_RNG +}; + +extern "C" { + EFI_RNG_PROTOCOL *gRngProtocol = &RNG_PROTOCOL_INSTANCE; +} -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118726): https://edk2.groups.io/g/devel/message/118726 Mute This Topic: https://groups.io/mt/105996589/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 10/13] MdePkg: : Add MockUefiBootServicesTableLib
From: Doug Flick This commit adds a mock library for UefiBootServicesTableLib. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Signed-off-by: Doug Flick [MSFT] --- MdePkg/Test/MdePkgHostTest.dsc | 1 + MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf | 32 MdePkg/Test/Mock/Include/GoogleTest/Library/MockUefiBootServicesTableLib.h | 78 MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.cpp | 69 + 4 files changed, 180 insertions(+) diff --git a/MdePkg/Test/MdePkgHostTest.dsc b/MdePkg/Test/MdePkgHostTest.dsc index e36b7c55..6a85d02236a0 100644 --- a/MdePkg/Test/MdePkgHostTest.dsc +++ b/MdePkg/Test/MdePkgHostTest.dsc @@ -43,6 +43,7 @@ [Components] MdePkg/Library/BaseLib/UnitTestHostBaseLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockUefiLib/MockUefiLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockUefiRuntimeServicesTableLib/MockUefiRuntimeServicesTableLib.inf + MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockPeiServicesLib/MockPeiServicesLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockHobLib/MockHobLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockFdtLib/MockFdtLib.inf diff --git a/MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf b/MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf new file mode 100644 index ..8b64fd195acd --- /dev/null +++ b/MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf @@ -0,0 +1,32 @@ +## @file +# Mock implementation of the UEFI Boot Services Table Library. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION= 0x00010005 + BASE_NAME = MockUefiBootServicesTableLib + FILE_GUID = 67EA4614-E276-49EC-9AE6-B97ACCEA676E + MODULE_TYPE= HOST_APPLICATION + VERSION_STRING = 1.0 + LIBRARY_CLASS = UefiBootServicesTableLib|HOST_APPLICATION + +# +# VALID_ARCHITECTURES = IA32 X64 EBC +# + +[Sources] + MockUefiBootServicesTableLib.cpp + +[LibraryClasses] + GoogleTestLib + +[Packages] + MdePkg/MdePkg.dec + UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec + +[BuildOptions] + MSFT:*_*_*_CC_FLAGS = /EHsc diff --git a/MdePkg/Test/Mock/Include/GoogleTest/Library/MockUefiBootServicesTableLib.h b/MdePkg/Test/Mock/Include/GoogleTest/Library/MockUefiBootServicesTableLib.h new file mode 100644 index ..d72b941323c1 --- /dev/null +++ b/MdePkg/Test/Mock/Include/GoogleTest/Library/MockUefiBootServicesTableLib.h @@ -0,0 +1,78 @@ +/** @file + Google Test mocks for UefiBootServicesTableLib + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef MOCK_UEFI_BOOT_SERVICES_TABLE_LIB_H_ +#define MOCK_UEFI_BOOT_SERVICES_TABLE_LIB_H_ + +#include +#include +extern "C" { + #include + #include +} + +// +// Declarations to handle usage of the UefiBootServiceTableLib by creating mock +// +struct MockUefiBootServicesTableLib { + MOCK_INTERFACE_DECLARATION (MockUefiBootServicesTableLib); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +gBS_GetMemoryMap, +(IN OUT UINTN *MemoryMapSize, + OUTEFI_MEMORY_DESCRIPTOR *MemoryMap, + OUTUINTN *MapKey, + OUTUINTN *DescriptorSize, + OUTUINT32*DescriptorVersion) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +gBS_CreateEvent, +(IN UINT32 Type, + IN EFI_TPL NotifyTpl, + IN EFI_EVENT_NOTIFY NotifyFunction, + IN VOID *NotifyContext, + OUT EFI_EVENT*Event) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +gBS_CloseEvent, +(IN EFI_EVENT Event) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +gBS_HandleProtocol, +(IN EFI_HANDLE Handle, + IN EFI_GUID *Protocol, + OUT VOID **Interface) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +gBS_LocateProtocol, +(IN EFI_GUID *Protocol, + IN VOID *Registration OPTIONAL, + OUT VOID **Interface) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +gBS_CreateEventEx, +(IN UINT32Type, + IN EFI_TPL NotifyTpl, + IN EFI_EVENT_NOTIFY NotifyFunction OPTIONAL, + IN CONST VOID*NotifyContext OPTIONAL, + IN CONST EFI_GUID*EventGroup OPTIONAL, + OUT EFI_EVENT*Event) +); +}; + +#endif // MOCK_UEFI_BOOT_SERVICES_TABLE_LIB_H_ diff --git a/Md
[edk2-devel] [PATCH v2 08/13] NetworkPkg:: SECURITY PATCH CVE-2023-45237
From: Doug Flick REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4542 Bug Overview: PixieFail Bug #9 CVE-2023-45237 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Use of a Weak PseudoRandom Number Generator Change Overview: Updates all Instances of NET_RANDOM (NetRandomInitSeed ()) to either > > EFI_STATUS > EFIAPI > PseudoRandomU32 ( > OUT UINT32 *Output > ); > or (depending on the use case) > > EFI_STATUS > EFIAPI > PseudoRandom ( > OUT VOID *Output, > IN UINTN OutputLength > ); > This is because the use of Example: The following code snippet PseudoRandomU32 () function is used: > > UINT32 Random; > > Status = PseudoRandomU32 (&Random); > if (EFI_ERROR (Status)) { > DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); > return Status; > } > This also introduces a new PCD to enable/disable the use of the secure implementation of algorithms for PseudoRandom () and instead depend on the default implementation. This may be required for some platforms where the UEFI Spec defined algorithms are not available. > > PcdEnforceSecureRngAlgorithms > If the platform does not have any one of the UEFI defined secure RNG algorithms then the driver will assert. Cc: Saloni Kasbekar Cc: Zachary Clark-williams Signed-off-by: Doug Flick [MSFT] --- NetworkPkg/NetworkPkg.dec | 7 ++ NetworkPkg/Library/DxeNetLib/DxeNetLib.inf | 13 +- NetworkPkg/TcpDxe/TcpDxe.inf | 3 + NetworkPkg/IScsiDxe/IScsiMisc.h| 6 +- NetworkPkg/Include/Library/NetLib.h| 40 -- NetworkPkg/Ip6Dxe/Ip6Nd.h | 8 +- NetworkPkg/Dhcp4Dxe/Dhcp4Driver.c | 10 +- NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c | 11 +- NetworkPkg/DnsDxe/DnsDhcp.c| 10 +- NetworkPkg/DnsDxe/DnsImpl.c| 11 +- NetworkPkg/HttpBootDxe/HttpBootDhcp6.c | 10 +- NetworkPkg/IScsiDxe/IScsiCHAP.c| 19 ++- NetworkPkg/IScsiDxe/IScsiMisc.c| 14 +-- NetworkPkg/Ip4Dxe/Ip4Driver.c | 10 +- NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c | 9 +- NetworkPkg/Ip6Dxe/Ip6Driver.c | 17 ++- NetworkPkg/Ip6Dxe/Ip6If.c | 12 +- NetworkPkg/Ip6Dxe/Ip6Mld.c | 12 +- NetworkPkg/Ip6Dxe/Ip6Nd.c | 33 - NetworkPkg/Library/DxeNetLib/DxeNetLib.c | 129 +--- NetworkPkg/TcpDxe/TcpDriver.c | 15 ++- NetworkPkg/Udp4Dxe/Udp4Driver.c| 10 +- NetworkPkg/Udp6Dxe/Udp6Driver.c| 11 +- NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.c | 9 +- NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c | 11 +- NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c | 12 +- NetworkPkg/SecurityFixes.yaml | 39 ++ 27 files changed, 408 insertions(+), 83 deletions(-) diff --git a/NetworkPkg/NetworkPkg.dec b/NetworkPkg/NetworkPkg.dec index e06f35e7747c..7c4289b77b21 100644 --- a/NetworkPkg/NetworkPkg.dec +++ b/NetworkPkg/NetworkPkg.dec @@ -5,6 +5,7 @@ # # Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved. # (C) Copyright 2015-2020 Hewlett Packard Enterprise Development LP +# Copyright (c) Microsoft Corporation # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -130,6 +131,12 @@ [PcdsFixedAtBuild, PcdsPatchableInModule] # @Prompt Indicates whether SnpDxe creates event for ExitBootServices() call. gEfiNetworkPkgTokenSpaceGuid.PcdSnpCreateExitBootServicesEvent|TRUE|BOOLEAN|0x100C + ## Enforces the use of Secure UEFI spec defined RNG algorithms for all network connections. + # TRUE - Enforce the use of Secure UEFI spec defined RNG algorithms. + # FALSE - Do not enforce and depend on the default implementation of RNG algorithm from the provider. + # @Prompt Enforce the use of Secure UEFI spec defined RNG algorithms. + gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|TRUE|BOOLEAN|0x100D + [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] ## IPv6 DHCP Unique Identifier (DUID) Type configuration (From RFCs 3315 and 6355). # 01 = DUID Based on Link-layer Address Plus Time [DUID-LLT] diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf index 8145d256ec10..236ccd362efe 100644 --- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf +++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf @@ -3,6 +3,7 @@ # # Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved. # (C) Copyright 2015 Hewlett Packard Enterprise Development LP +# Copyright (c) Microsoft Corporation # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -49,7 +50,10 @@ [Guids] gEfiSmbiosTableGuid ## SOMETIMES_CONSUMES ## SystemTable gEfiSmbios3TableGuid ## SOMETIMES_CONSUMES ## SystemTable gEfiAdapterInfoMediaStateGuid ## SOMETIMES_C
[edk2-devel] [PATCH v2 01/13] EmulatorPkg: : Add RngDxe to EmulatorPkg
From: Doug Flick This patch adds RngDxe to EmulatorPkg. The RngDxe is used to provide random number generation services to the UEFI firmware. Cc: Andrew Fish Cc: Ray Ni Signed-off-by: Doug Flick [MSFT] --- EmulatorPkg/EmulatorPkg.dsc | 9 +++-- EmulatorPkg/EmulatorPkg.fdf | 6 +- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/EmulatorPkg/EmulatorPkg.dsc b/EmulatorPkg/EmulatorPkg.dsc index 5fa1ed345a33..0a66294cb768 100644 --- a/EmulatorPkg/EmulatorPkg.dsc +++ b/EmulatorPkg/EmulatorPkg.dsc @@ -127,9 +127,9 @@ [LibraryClasses] ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf ImagePropertiesRecordLib|MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.inf - -!if $(SECURE_BOOT_ENABLE) == TRUE RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf + +!if $(SECURE_BOOT_ENABLE) == TRUE IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf PlatformSecureLib|SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf @@ -398,6 +398,11 @@ [Components] EmulatorPkg/PlatformSmbiosDxe/PlatformSmbiosDxe.inf EmulatorPkg/TimerDxe/Timer.inf + # + # Rng Protocol producer + # + SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf + !if $(SECURE_BOOT_ENABLE) == TRUE SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf !endif diff --git a/EmulatorPkg/EmulatorPkg.fdf b/EmulatorPkg/EmulatorPkg.fdf index 5420756eaa6f..d756c144d94d 100644 --- a/EmulatorPkg/EmulatorPkg.fdf +++ b/EmulatorPkg/EmulatorPkg.fdf @@ -193,6 +193,11 @@ [FV.FvRecovery] INF MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuApp.inf INF MdeModulePkg/Universal/DriverSampleDxe/DriverSampleDxe.inf +# +# Rng Protocol producer +# +INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf + # # Secure Boot Key Enroll # @@ -320,4 +325,3 @@ [Rule.Common.UEFI_APPLICATION.BINARY] UISTRING="$(MODULE_NAME)" Optional VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER) } - -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118717): https://edk2.groups.io/g/devel/message/118717 Mute This Topic: https://groups.io/mt/105996579/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 09/13] NetworkPkg: TcpDxe: SECURITY PATCH CVE-2023-45236
From: Doug Flick REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4541 REF: https://www.rfc-editor.org/rfc/rfc1948.txt REF: https://www.rfc-editor.org/rfc/rfc6528.txt REF: https://www.rfc-editor.org/rfc/rfc9293.txt Bug Overview: PixieFail Bug #8 CVE-2023-45236 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Updates TCP ISN generation to use a cryptographic hash of the connection's identifying parameters and a secret key. This prevents an attacker from guessing the ISN used for some other connection. This is follows the guidance in RFC 1948, RFC 6528, and RFC 9293. RFC: 9293 Section 3.4.1. Initial Sequence Number Selection A TCP implementation MUST use the above type of "clock" for clock- driven selection of initial sequence numbers (MUST-8), and SHOULD generate its initial sequence numbers with the expression: ISN = M + F(localip, localport, remoteip, remoteport, secretkey) where M is the 4 microsecond timer, and F() is a pseudorandom function (PRF) of the connection's identifying parameters ("localip, localport, remoteip, remoteport") and a secret key ("secretkey") (SHLD-1). F() MUST NOT be computable from the outside (MUST-9), or an attacker could still guess at sequence numbers from the ISN used for some other connection. The PRF could be implemented as a cryptographic hash of the concatenation of the TCP connection parameters and some secret data. For discussion of the selection of a specific hash algorithm and management of the secret key data, please see Section 3 of [42]. For each connection there is a send sequence number and a receive sequence number. The initial send sequence number (ISS) is chosen by the data sending TCP peer, and the initial receive sequence number (IRS) is learned during the connection-establishing procedure. For a connection to be established or initialized, the two TCP peers must synchronize on each other's initial sequence numbers. This is done in an exchange of connection-establishing segments carrying a control bit called "SYN" (for synchronize) and the initial sequence numbers. As a shorthand, segments carrying the SYN bit are also called "SYNs". Hence, the solution requires a suitable mechanism for picking an initial sequence number and a slightly involved handshake to exchange the ISNs. Cc: Saloni Kasbekar Cc: Zachary Clark-williams Signed-off-by: Doug Flick [MSFT] --- NetworkPkg/TcpDxe/TcpDxe.inf | 8 +- NetworkPkg/TcpDxe/TcpFunc.h | 23 +- NetworkPkg/TcpDxe/TcpMain.h | 59 - NetworkPkg/TcpDxe/TcpDriver.c | 92 +++- NetworkPkg/TcpDxe/TcpInput.c | 13 +- NetworkPkg/TcpDxe/TcpMisc.c | 242 ++-- NetworkPkg/TcpDxe/TcpTimer.c | 3 +- NetworkPkg/SecurityFixes.yaml | 22 ++ 8 files changed, 414 insertions(+), 48 deletions(-) diff --git a/NetworkPkg/TcpDxe/TcpDxe.inf b/NetworkPkg/TcpDxe/TcpDxe.inf index cf5423f4c537..76de4cf9ec3d 100644 --- a/NetworkPkg/TcpDxe/TcpDxe.inf +++ b/NetworkPkg/TcpDxe/TcpDxe.inf @@ -6,6 +6,7 @@ # stack has been loaded in system. This driver supports both IPv4 and IPv6 network stack. # # Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved. +# Copyright (c) Microsoft Corporation # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -68,7 +69,6 @@ [LibraryClasses] NetLib IpIoLib - [Protocols] ## SOMETIMES_CONSUMES ## SOMETIMES_PRODUCES @@ -81,6 +81,12 @@ [Protocols] gEfiIp6ServiceBindingProtocolGuid ## TO_START gEfiTcp6ProtocolGuid ## BY_START gEfiTcp6ServiceBindingProtocolGuid## BY_START + gEfiHash2ProtocolGuid ## BY_START + gEfiHash2ServiceBindingProtocolGuid ## BY_START + +[Guids] + gEfiHashAlgorithmMD5Guid ## CONSUMES + gEfiHashAlgorithmSha256Guid ## CONSUMES [Depex] gEfiHash2ServiceBindingProtocolGuid diff --git a/NetworkPkg/TcpDxe/TcpFunc.h b/NetworkPkg/TcpDxe/TcpFunc.h index a7af01fff246..c707bee3e548 100644 --- a/NetworkPkg/TcpDxe/TcpFunc.h +++ b/NetworkPkg/TcpDxe/TcpFunc.h @@ -2,7 +2,7 @@ Declaration of external functions shared in TCP driver. Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved. - + Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -36,8 +36,11 @@ VOID @param[in, out] Tcb Pointer to the TCP_CB of this TCP instance. + @retval EFI_SUCCESS The operation completed successfully + @retval others The underlying functions failed and could not complete the operation + **/ -VOID +EFI_STATUS TcpInitTcbLocal ( IN OUT TCP_CB *Tcb ); @@ -128,17 +131,6 @@ TcpCloneTcb ( IN TCP_CB *Tcb ); -/** - Compute an ISS to be used by a new connection. - - @return The result ISS. - -**/ -TCP_SEQNO -TcpGetIss ( - VOID - ); - /
[edk2-devel] [PATCH v2 00/13] NetworkPkg: CVE-2023-45236 and CVE-2023-45237
REF:https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html This patch series patches the following CVEs: - CVE-2023-45236: Predictable TCP Initial Sequence Numbers - CVE-2023-45237: Use of a Weak PseudoRandom Number Generator In order to patch these CVEs, the following changes were made: - NetworkPkg no longer performs it's own random number generation, instead it uses EFI_RNG_PROTOCOL provided by the plaform to generate random numbers. - This change was made such that any future random number generation vulnerabilities will be a result of the platforms implementation of the EFI_RNG_PROTOCOL and not the NetworkPkg - NetworkPkg uses the TCP initial sequence number algorithm as described in RFC 6528 to generate the initial sequence number for TCP connections. - This change was made to ensure that the initial sequence number is not predictable and therefore cannot be used in a TCP hijacking attack. In addition to the above changes, the following changes were made: - EmulatorPkg OvmfPkg, and ArmVirtPkg were updated to include the Hash2DxeCrypto driver to support TCP ISN generation using EFI_HASH2_PROTOCOL - EmulatorPkg was updated to include the RngDxe driver to support random number generation using the EFI_RNG_PROTOCOL - OvmfPkg, and ArmVirtPkg were updated to include the virtio-rng-pci device to support random number generation using the EFI_RNG_PROTOCOL using the existing VirtioRngDxe driver - SecurityPkg was updated to fix an incorrect limitation on the GetRng function in the RngDxe driver where the minimum amount of random data that could be requested was 32 bytes (256 bits) instead of what the caller requested - MdePkg was updated to include MockUefiBootServicesTableLib, MockRng, and MockHash2 protocols for testing - NetworkPkg was updated to include a test for the PxeBcDhcp6 driver due to underlying changes Cc: Liming Gao Signed-off-by: Doug Flick [MSFT] Doug Flick (13): EmulatorPkg: : Add RngDxe to EmulatorPkg EmulatorPkg: : Add Hash2DxeCrypto to EmulatorPkg OvmfPkg:PlatformCI: Support virtio-rng-pci OvmfPkg: : Add Hash2DxeCrypto to OvmfPkg ArmVirtPkg:PlatformCI: Support virtio-rng-pci ArmVirtPkg: : Add Hash2DxeCrypto to ArmVirtPkg SecurityPkg: RngDxe: Remove incorrect limitation on GetRng NetworkPkg:: SECURITY PATCH CVE-2023-45237 NetworkPkg: TcpDxe: SECURITY PATCH CVE-2023-45236 MdePkg: : Add MockUefiBootServicesTableLib MdePkg: : Adds Protocol for MockRng MdePkg: Add MockHash2 Protocol for testing NetworkPkg: Update the PxeBcDhcp6GoogleTest due to underlying changes NetworkPkg/NetworkPkg.dec | 7 + ArmVirtPkg/ArmVirtQemu.dsc | 5 + ArmVirtPkg/ArmVirtQemuKernel.dsc | 5 + EmulatorPkg/EmulatorPkg.dsc | 14 +- MdePkg/Test/MdePkgHostTest.dsc | 1 + NetworkPkg/Test/NetworkPkgHostTest.dsc | 1 + OvmfPkg/OvmfPkgIa32.dsc | 6 +- OvmfPkg/OvmfPkgIa32X64.dsc | 6 +- OvmfPkg/OvmfPkgX64.dsc | 6 +- OvmfPkg/OvmfXen.dsc | 5 + EmulatorPkg/EmulatorPkg.fdf | 11 +- OvmfPkg/OvmfPkgIa32.fdf | 5 + OvmfPkg/OvmfPkgIa32X64.fdf | 5 + OvmfPkg/OvmfPkgX64.fdf | 5 + OvmfPkg/OvmfXen.fdf | 5 + MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf | 32 +++ NetworkPkg/Library/DxeNetLib/DxeNetLib.inf | 13 +- NetworkPkg/TcpDxe/TcpDxe.inf | 11 +- NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf | 3 +- MdePkg/Test/Mock/Include/GoogleTest/Library/MockUefiBootServicesTableLib.h | 78 +++ MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockHash2.h | 67 ++ MdePkg/Test/Mock/Include/GoogleTest/Protocol/Mock
[edk2-devel] [PATCH v2 07/13] SecurityPkg: RngDxe: Remove incorrect limitation on GetRng
Removed from gEfiRngAlgorithmRaw an incorrect assumption that Raw cannot return less than 256 bits. The DRNG Algorithms should always use a 256 bit seed as per nist standards however a caller is free to request less than 256 bits. > > // >// When a DRBG is used on the output of a entropy source, >// its security level must be at least 256 bits according to UEFI Spec. >// >if (RNGValueLength < 32) { > return EFI_INVALID_PARAMETER; >} > AARCH64 platforms do not have this limitation and this brings both implementations into alignment with each other and the spec. Cc: Jiewen Yao Signed-off-by: Doug Flick [MSFT] --- SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c | 8 1 file changed, 8 deletions(-) diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c index 7e06e16e4be5..5723ed695747 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c @@ -116,14 +116,6 @@ RngGetRNG ( // The "raw" algorithm is intended to provide entropy directly // if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmRaw)) { -// -// When a DRBG is used on the output of a entropy source, -// its security level must be at least 256 bits according to UEFI Spec. -// -if (RNGValueLength < 32) { - return EFI_INVALID_PARAMETER; -} - Status = GenerateEntropy (RNGValueLength, RNGValue); return Status; } -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118722): https://edk2.groups.io/g/devel/message/118722 Mute This Topic: https://groups.io/mt/105996584/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 06/13] ArmVirtPkg: : Add Hash2DxeCrypto to ArmVirtPkg
This patch adds Hash2DxeCrypto to ArmVirtPkg. The Hash2DxeCrypto is used to provide the hashing protocol services. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Sami Mujawar Cc: Gerd Hoffmann Signed-off-by: Doug Flick [MSFT] --- ArmVirtPkg/ArmVirtQemu.dsc | 5 + ArmVirtPkg/ArmVirtQemuKernel.dsc | 5 + ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 5 + 3 files changed, 15 insertions(+) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index 7e2ff33ad172..1d3315ad3e47 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -554,6 +554,11 @@ [Components.common] MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf + # + # Hash2 Protocol Support + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # TPM2 support # diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc index efe2df97bdf7..94f48593c242 100644 --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc @@ -461,6 +461,11 @@ [Components.common] MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf + # + # Hash2 Protocol Support + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # ACPI Support # diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc index c5d097ffb935..80d420023e6c 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc @@ -177,6 +177,11 @@ [FV.FvMain] INF MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf + # + # Hash2 Protocol producer + # + INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # TPM2 support # -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118721): https://edk2.groups.io/g/devel/message/118721 Mute This Topic: https://groups.io/mt/105996583/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 05/13] ArmVirtPkg:PlatformCI: Support virtio-rng-pci
This patch adds "virtio-rng-pci" to the PlatformBuildLib.py This adds Rng services to the guest VM Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Sami Mujawar Cc: Gerd Hoffmann Signed-off-by: Doug Flick [MSFT] --- ArmVirtPkg/PlatformCI/PlatformBuildLib.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ArmVirtPkg/PlatformCI/PlatformBuildLib.py b/ArmVirtPkg/PlatformCI/PlatformBuildLib.py index 0ddaccf9c21f..3abab0914127 100644 --- a/ArmVirtPkg/PlatformCI/PlatformBuildLib.py +++ b/ArmVirtPkg/PlatformCI/PlatformBuildLib.py @@ -240,6 +240,8 @@ class PlatformBuilder(UefiBuilder, BuildSettingsManager): args += " -serial stdio" # Mount disk with startup.nsh args += f" -drive file=fat:rw:{VirtualDrive},format=raw,media=disk" +# Provides Rng services to the Guest VM +args += " -device virtio-rng-pci" # Conditional Args if (self.env.GetValue("QEMU_HEADLESS").upper() == "TRUE"): -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118720): https://edk2.groups.io/g/devel/message/118720 Mute This Topic: https://groups.io/mt/105996582/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 04/13] OvmfPkg: : Add Hash2DxeCrypto to OvmfPkg
From: Doug Flick This patch adds Hash2DxeCrypto to OvmfPkg. The Hash2DxeCrypto is used to provide the hashing protocol services. Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Gerd Hoffmann Signed-off-by: Doug Flick [MSFT] --- OvmfPkg/OvmfPkgIa32.dsc| 6 +- OvmfPkg/OvmfPkgIa32X64.dsc | 6 +- OvmfPkg/OvmfPkgX64.dsc | 6 +- OvmfPkg/OvmfXen.dsc| 5 + OvmfPkg/OvmfPkgIa32.fdf| 5 + OvmfPkg/OvmfPkgIa32X64.fdf | 5 + OvmfPkg/OvmfPkgX64.fdf | 5 + OvmfPkg/OvmfXen.fdf| 5 + 8 files changed, 40 insertions(+), 3 deletions(-) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 1be021be7140..2ca005d768ef 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -229,7 +229,6 @@ [LibraryClasses] VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf - # # Network libraries # @@ -858,6 +857,11 @@ [Components] MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network Support # diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index d27a4c7278c2..a39070a62655 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -234,7 +234,6 @@ [LibraryClasses] VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf - # # Network libraries # @@ -872,6 +871,11 @@ [Components.X64] MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network Support # diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 8f5cd23b2ec0..1b90aa8f5737 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -250,7 +250,6 @@ [LibraryClasses] VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf - # # Network libraries # @@ -940,6 +939,11 @@ [Components] MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network Support # diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index fa1a570e746a..7fc340d1c1df 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -667,6 +667,11 @@ [Components] MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network Support # diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index 6eb26f7d4613..0d4abb50a8f7 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -295,6 +295,11 @@ [FV.DXEFV] INF MdeModulePkg/Logo/LogoDxe.inf +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network modules # diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index 080784f722a7..23a825a01298 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -296,6 +296,11 @@ [FV.DXEFV] INF MdeModulePkg/Logo/LogoDxe.inf +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network modules # diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index b6e8f43566c4..4dcd6a033c5a 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -329,6 +329,11 @@ [FV.DXEFV] INF OvmfPkg/TdxDxe/TdxDxe.inf +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network modules # diff --git a/OvmfPkg/OvmfXen.fdf b/OvmfPkg/OvmfXen.fdf index 5770b173168b..41368f37e254 100644 --- a/OvmfPkg/OvmfXen.fdf +++ b/OvmfPkg/OvmfXen.fdf @@ -314,6 +314,11 @@ [FV.DXEFV] INF MdeModulePkg/Logo/LogoDxe.inf +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network modules # -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118719): https://edk2.groups.io/g/devel/message/118719 Mute This Topic: https://groups.io/mt/105996581/21656 Group Owner: devel+ow...
[edk2-devel] [PATCH v2 03/13] OvmfPkg:PlatformCI: Support virtio-rng-pci
This patch adds "virtio-rng-pci" to the PlatformBuildLib.py This adds Rng services to the guest VM Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Gerd Hoffmann Signed-off-by: Doug Flick [MSFT] --- OvmfPkg/PlatformCI/PlatformBuildLib.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/OvmfPkg/PlatformCI/PlatformBuildLib.py b/OvmfPkg/PlatformCI/PlatformBuildLib.py index 00d454954bff..3fe80f5c1caa 100644 --- a/OvmfPkg/PlatformCI/PlatformBuildLib.py +++ b/OvmfPkg/PlatformCI/PlatformBuildLib.py @@ -208,6 +208,8 @@ class PlatformBuilder( UefiBuilder, BuildSettingsManager): args += " -net none"# turn off network args += " -smp 4" args += f" -drive file=fat:rw:{VirtualDrive},format=raw,media=disk" # Mount disk with startup.nsh +# Provides Rng services to the Guest VM +args += " -device virtio-rng-pci" if (self.env.GetValue("QEMU_HEADLESS").upper() == "TRUE"): args += " -display none" # no graphics -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118718): https://edk2.groups.io/g/devel/message/118718 Mute This Topic: https://groups.io/mt/105996580/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH] OvmfPkg: Update VMM Hob list check to support new resource attributes
Encrypted and Special Purpose resource attributes are introduced in PI 1.8 Specification. This patch is to update VMM Hob list integrity check to recognise these resource attributes. Cc: Ard Biesheuvel Cc: Gerd Hoffmann Cc: Jiewen Yao Signed-off-by: Du Lin --- OvmfPkg/IntelTdx/TdxHelperLib/SecTdxHelper.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/OvmfPkg/IntelTdx/TdxHelperLib/SecTdxHelper.c b/OvmfPkg/IntelTdx/TdxHelperLib/SecTdxHelper.c index b6085eab44..19e9b1bf54 100644 --- a/OvmfPkg/IntelTdx/TdxHelperLib/SecTdxHelper.c +++ b/OvmfPkg/IntelTdx/TdxHelperLib/SecTdxHelper.c @@ -643,6 +643,8 @@ ValidateHobList ( EFI_RESOURCE_ATTRIBUTE_PERSISTABLE | EFI_RESOURCE_ATTRIBUTE_READ_ONLY_PROTECTED | EFI_RESOURCE_ATTRIBUTE_READ_ONLY_PROTECTABLE | + EFI_RESOURCE_ATTRIBUTE_ENCRYPTED| + EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE | EFI_RESOURCE_ATTRIBUTE_MORE_RELIABLE))) != 0) { DEBUG ((DEBUG_ERROR, "HOB: Unknow ResourceDescriptor ResourceAttribute type. Type: 0x%08x\n", Hob.ResourceDescriptor->ResourceAttribute)); -- 2.44.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118715): https://edk2.groups.io/g/devel/message/118715 Mute This Topic: https://groups.io/mt/105996363/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [edk2-stable202405 RESEND PATCH v2 1/1] DynamicTablesPkg: Adds integer to the AML package node
Adds an AmlAddIntegerToNamedPackage() API to generate AML code, which adds an integer value to the package node. Cc: Pierre Gondois Cc: Sami Mujawar Signed-off-by: Abdul Lateef Attar --- .../Include/Library/AmlLib/AmlLib.h | 41 +++- .../Common/AmlLib/CodeGen/AmlCodeGen.c| 67 +++ 2 files changed, 107 insertions(+), 1 deletion(-) diff --git a/DynamicTablesPkg/Include/Library/AmlLib/AmlLib.h b/DynamicTablesPkg/Include/Library/AmlLib/AmlLib.h index 82d5464084..4427ab68fa 100644 --- a/DynamicTablesPkg/Include/Library/AmlLib/AmlLib.h +++ b/DynamicTablesPkg/Include/Library/AmlLib/AmlLib.h @@ -2,7 +2,7 @@ AML Lib. Copyright (c) 2019 - 2023, Arm Limited. All rights reserved. - Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved. + Copyright (C) 2023 - 2024, Advanced Micro Devices, Inc. All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -1743,6 +1743,45 @@ AmlAddNameStringToNamedPackage ( IN AML_OBJECT_NODE_HANDLE NamedNode ); +/** Add an integer value to the named package node. + + AmlCodeGenNamePackage ("_CID", NULL, &PackageNode); + AmlGetEisaIdFromString ("PNP0A03", &EisaId); + AmlAddIntegerToNamedPackage (EisaId, NameNode); + AmlGetEisaIdFromString ("PNP0A08", &EisaId); + AmlAddIntegerToNamedPackage (EisaId, NameNode); + + equivalent of the following ASL code: + Name (_CID, Package (0x02) // _CID: Compatible ID + { + EisaId ("PNP0A03"), + EisaId ("PNP0A08") + }) + + The package is added at the tail of the list of the input package node + name: +Name ("NamePackageNode", Package () { + [Pre-existing package entries], + [Newly created integer entry] +}) + + + @ingroup CodeGenApis + + @param [in] Integer Integer value that need to be added to package node. + @param [in, out] NameNode Package named node to add the object to. + + @retval EFI_SUCCESS Success. + @retval EFI_INVALID_PARAMETER Invalid parameter. + @retval Others Error occurred during the operation. +**/ +EFI_STATUS +EFIAPI +AmlAddIntegerToNamedPackage ( + INUINT32 Integer, + IN OUT AML_OBJECT_NODE_HANDLE NameNode + ); + /** AML code generation to invoke/call another method. This method is a subset implementation of MethodInvocation diff --git a/DynamicTablesPkg/Library/Common/AmlLib/CodeGen/AmlCodeGen.c b/DynamicTablesPkg/Library/Common/AmlLib/CodeGen/AmlCodeGen.c index 22c2d598d0..89fa4e06f8 100644 --- a/DynamicTablesPkg/Library/Common/AmlLib/CodeGen/AmlCodeGen.c +++ b/DynamicTablesPkg/Library/Common/AmlLib/CodeGen/AmlCodeGen.c @@ -3871,6 +3871,73 @@ exit_handler: return Status; } +/** Add an integer value to the named package node. + + AmlCodeGenNamePackage ("_CID", NULL, &PackageNode); + AmlGetEisaIdFromString ("PNP0A03", &EisaId); + AmlAddIntegerToNamedPackage (EisaId, NameNode); + AmlGetEisaIdFromString ("PNP0A08", &EisaId); + AmlAddIntegerToNamedPackage (EisaId, NameNode); + + equivalent of the following ASL code: + Name (_CID, Package (0x02) // _CID: Compatible ID + { + EisaId ("PNP0A03"), + EisaId ("PNP0A08") + }) + + The package is added at the tail of the list of the input package node + name: +Name ("NamePackageNode", Package () { + [Pre-existing package entries], + [Newly created integer entry] +}) + + + @ingroup CodeGenApis + + @param [in] Integer Integer value that need to be added to package node. + @param [in, out] NameNode Package named node to add the object to. + + @retval EFI_SUCCESS Success. + @retval EFI_INVALID_PARAMETER Invalid parameter. + @retval Others Error occurred during the operation. +**/ +EFI_STATUS +EFIAPI +AmlAddIntegerToNamedPackage ( + INUINT32 Integer, + IN OUT AML_OBJECT_NODE_HANDLE NameNode + ) +{ + EFI_STATUS Status; + AML_OBJECT_NODE *PackageNode; + + if (NameNode == NULL) { +ASSERT_EFI_ERROR (FALSE); +return EFI_INVALID_PARAMETER; + } + + PackageNode = (AML_OBJECT_NODE_HANDLE)AmlGetFixedArgument ( + NameNode, + EAmlParseIndexTerm1 + ); + if ((PackageNode == NULL) || + (AmlGetNodeType ((AML_NODE_HANDLE)PackageNode) != EAmlNodeObject) || + (!AmlNodeHasOpCode (PackageNode, AML_PACKAGE_OP, 0))) + { +ASSERT_EFI_ERROR (FALSE); +return EFI_INVALID_PARAMETER; + } + + Status = AmlAddRegisterOrIntegerToPackage (NULL, Integer, PackageNode); + if (EFI_ERROR (Status)) { +ASSERT_EFI_ERROR (Status); + } + + return Status; +} + /** AML code generation to invoke/call another method. This method is a subset implementation of MethodInvocation -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this
[edk2-devel] [edk2-stable202405 RESEND PATCH v2 0/1] DynamicTablesPkg: Adds integer to the AML package node
Please concider this patch for stable release. PR: https://github.com/tianocore/edk2/pull/5636 This patch adds integer to the AML package node. v2 delta : Addressed comments from Pierre Gondois Cc: Pierre Gondois Cc: Sami Mujawar Cc: Liming Gao Cc: Michael D Kinney Abdul Lateef Attar (1): DynamicTablesPkg: Adds integer to the AML package node .../Include/Library/AmlLib/AmlLib.h | 41 +++- .../Common/AmlLib/CodeGen/AmlCodeGen.c| 67 +++ 2 files changed, 107 insertions(+), 1 deletion(-) -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118713): https://edk2.groups.io/g/devel/message/118713 Mute This Topic: https://groups.io/mt/105995994/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH] MdeModulePkg: Update GCD attribute conversion to support SP attribute
Add a new entry into GCD attribute conversion table to convert EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE to EFI_MEMORY_SP. Cc: Liming Gao Cc: Ray Ni Signed-off-by: Du Lin --- MdeModulePkg/Core/Dxe/Gcd/Gcd.c | 1 + 1 file changed, 1 insertion(+) diff --git a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c b/MdeModulePkg/Core/Dxe/Gcd/Gcd.c index fe1bbd6974..99364508cd 100644 --- a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c +++ b/MdeModulePkg/Core/Dxe/Gcd/Gcd.c @@ -92,6 +92,7 @@ GCD_ATTRIBUTE_CONVERSION_ENTRY mAttributeConversionTable[] = { { EFI_RESOURCE_ATTRIBUTE_TESTED, EFI_MEMORY_TESTED, FALSE }, { EFI_RESOURCE_ATTRIBUTE_PERSISTABLE, EFI_MEMORY_NV, TRUE }, { EFI_RESOURCE_ATTRIBUTE_MORE_RELIABLE, EFI_MEMORY_MORE_RELIABLE, TRUE }, + { EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE, EFI_MEMORY_SP, TRUE }, { 0, 0, FALSE } }; -- 2.44.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118712): https://edk2.groups.io/g/devel/message/118712 Mute This Topic: https://groups.io/mt/105995670/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 1/3] StandaloneMmPkg: Add LockBox Dependency DXE Driver
Reviewed-by: Jiaxin Wu mailto:jiaxin...@intel.com>> after resolve Ray's concern. From: Ni, Ray Sent: Wednesday, May 8, 2024 10:46 AM To: Xie, Yuanhao ; devel@edk2.groups.io Cc: Liming Gao ; Wu, Jiaxin Subject: Re: [PATCH 1/3] StandaloneMmPkg: Add LockBox Dependency DXE Driver +#include [Ray] Can you check if BaseLib is really needed? +#include + +/** + It attempts to install the gEfiLockBoxProtocolGuid protocol into the system's DXE database + with NULL as the protocol interface to mark the protocol as handled in the system or to + act as a trigger. [Ray] "mark the protocol as handled in the system or to act as a trigger", I don't quite understand it. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118711): https://edk2.groups.io/g/devel/message/118711 Mute This Topic: https://groups.io/mt/105955699/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 3/3] MdeModulePkg: Add Standalone MM Lockbox Driver.
Reviewed-by: Jiaxin Wu > -Original Message- > From: Xie, Yuanhao > Sent: Tuesday, May 7, 2024 2:09 PM > To: devel@edk2.groups.io > Cc: Liming Gao ; Wu, Jiaxin > ; Ni, Ray ; Xie, Yuanhao > > Subject: [PATCH 3/3] MdeModulePkg: Add Standalone MM Lockbox Driver. > > The Lockbox Driver allows sensitive data to be securely stored in a > designated area, thus protected against unauthorized access. > > This patch adds a Standalone MM Lockbox Driver with main modifications: > 1. Separating shared code between the Standalone MM driver and the > DXE MM Driver. > 2. Utilizing services from the SMM Services Table (gSmst) as opposed to > relying on Boot Services. > > Cc: Liming Gao > Cc: Jiaxin Wu > Cc: Ray Ni > > Signed-off-by: Yuanhao Xie > --- > MdeModulePkg/MdeModulePkg.dsc | > 1 + > > MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneM > m.c| 84 > ++ > ++ > > MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneM > m.inf | 56 > > > MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneM > m.uni | 14 ++ > > MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneM > mExtra.uni | 14 ++ > 5 files changed, 169 insertions(+) > > diff --git a/MdeModulePkg/MdeModulePkg.dsc > b/MdeModulePkg/MdeModulePkg.dsc > index 6bed9205ea..f0f02f180f 100644 > --- a/MdeModulePkg/MdeModulePkg.dsc > +++ b/MdeModulePkg/MdeModulePkg.dsc > @@ -500,6 +500,7 @@ > > MdeModulePkg/Universal/ReportStatusCodeRouter/Smm/ReportStatusCode > RouterSmm.inf > > MdeModulePkg/Universal/ReportStatusCodeRouter/Smm/ReportStatusCode > RouterStandaloneMm.inf >MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.inf > + > MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneM > m.inf > > MdeModulePkg/Library/SmmMemoryAllocationProfileLib/SmmMemoryAlloc > ationProfileLib.inf > > MdeModulePkg/Library/PiSmmCoreMemoryAllocationLib/PiSmmCoreMemo > ryAllocationProfileLib.inf > > MdeModulePkg/Library/PiSmmCoreMemoryAllocationLib/PiSmmCoreMemo > ryAllocationLib.inf > diff --git > a/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandalone > Mm.c > b/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandalone > Mm.c > new file mode 100644 > index 00..503be7efa8 > --- /dev/null > +++ > b/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandalone > Mm.c > @@ -0,0 +1,84 @@ > +/** @file > + LockBox MM driver. > + > +Copyright (c) 2024, Intel Corporation. All rights reserved. > + > +SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > + > +#include > +#include > +#include > +#include > + > +#include "SmmLockBoxCommon.h" > + > +/** > + This function is an abstraction layer for implementation specific Mm buffer > validation routine. > + > + @param Buffer The buffer start address to be checked. > + @param Length The buffer length to be checked. > + > + @retval TRUE This buffer is valid per processor architecture and not > overlap > with SMRAM. > + @retval FALSE This buffer is not valid per processor architecture or > overlap > with SMRAM. > +**/ > +BOOLEAN > +IsBufferOutsideMmValid ( > + IN EFI_PHYSICAL_ADDRESS Buffer, > + IN UINT64Length > + ) > +{ > + return MmIsBufferOutsideMmValid (Buffer, Length); > +} > + > +/** > + Entry Point for LockBox MM driver. > + > + @param[in] ImageHandle Image handle of this driver. > + @param[in] SystemTable A Pointer to the EFI System Table. > + > + @retval EFI_SUCEESS > + @return Others Some error occurs. > +**/ > +EFI_STATUS > +EFIAPI > +SmmLockBoxStandaloneMmEntryPoint ( > + IN EFI_HANDLE ImageHandle, > + IN EFI_MM_SYSTEM_TABLE *SystemTable > + ) > +{ > + EFI_STATUS Status; > + EFI_HANDLE DispatchHandle; > + VOID*Registration; > + > + // > + // Register LockBox communication handler > + // > + Status = gMmst->MmiHandlerRegister ( > +SmmLockBoxHandler, > +&gEfiSmmLockBoxCommunicationGuid, > +&DispatchHandle > +); > + ASSERT_EFI_ERROR (Status); > + > + // > + // Register SMM Ready To Lock Protocol notification > + // > + Status = gMmst->MmRegisterProtocolNotify ( > +&gEfiSmmReadyToLockProtocolGuid, > +SmmReadyToLockEventNotify, > +&Registration > +); > + ASSERT_EFI_ERROR (Status); > + return Status; > +} > diff --git > a/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandalone > Mm.inf > b/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandalone > Mm.inf > new file mode 100644 > index 00..544c87790c > --- /dev/null > +++ > b/MdeModulePkg/Universal/
Re: [edk2-devel] [PATCH 2/3] MdeModulePkg: Refactors SmmLockBox.c.
Reviewed-by: Jiaxin Wu > -Original Message- > From: Xie, Yuanhao > Sent: Tuesday, May 7, 2024 2:09 PM > To: devel@edk2.groups.io > Cc: Liming Gao ; Wu, Jiaxin > ; Ni, Ray ; Xie, Yuanhao > > Subject: [PATCH 2/3] MdeModulePkg: Refactors SmmLockBox.c. > > The Lockbox Driver allows sensitive data to be securely stored in a > designated area, thus protected against unauthorized access. > > This patch does not introduce any functional modifications. > It refactors the existing logic into a common component to facilitates > the integration of the Standalone MM Lockbox Driver in an upcoming patch > > Cc: Liming Gao > Cc: Jiaxin Wu > Cc: Ray Ni > > Signed-off-by: Yuanhao Xie > --- > MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c | 361 > --- > -- > -- > -- > MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.inf | 4 > +++- > MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxCommon.c | > 384 > ++ > ++ > ++ > ++ > ++ > ++ > > MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxCommon.h | > 148 > ++ > ++ > > 4 files changed, 547 insertions(+), 350 deletions(-) > > diff --git a/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c > b/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c > index c1e15c596b..2774979c34 100644 > --- a/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c > +++ b/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c > @@ -9,7 +9,7 @@ >SmmLockBoxHandler(), SmmLockBoxRestore(), SmmLockBoxUpdate(), > SmmLockBoxSave() >will receive untrusted input and do basic validation. > > -Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved. > +Copyright (c) 2010 - 2024, Intel Corporation. All rights reserved. > > SPDX-License-Identifier: BSD-2-Clause-Patent > > @@ -31,360 +31,24 @@ SPDX-License-Identifier: BSD-2-Clause-Patent > #include > #include > > -BOOLEAN mLocked = FALSE; > +#include "SmmLockBoxCommon.h" > > /** > - Dispatch function for SMM lock box save. > + This function is an abstraction layer for implementation specific Mm buffer > validation routine. > > - Caution: This function may receive untrusted input. > - Restore buffer and length are external input, so this function will > validate > - it is in SMRAM. > + @param Buffer The buffer start address to be checked. > + @param Length The buffer length to be checked. > > - @param LockBoxParameterSave parameter of lock box save > + @retval TRUE This buffer is valid per processor architecture and not > overlap > with SMRAM. > + @retval FALSE This buffer is not valid per processor architecture or > overlap > with SMRAM. > **/ > -VOID > -SmmLockBoxSave ( > - IN EFI_SMM_LOCK_BOX_PARAMETER_SAVE *LockBoxParameterSave > +BOOLEAN > +IsBufferOutsideMmValid ( > + IN EFI_PHYSICAL_ADDRESS Buffer, > + IN UINT64Length >) > { > - EFI_STATUS Status; > - EFI_SMM_LOCK_BOX_PARAMETER_SAVE TempLockBoxParameterSave; > - > - // > - // Sanity check > - // > - if (mLocked) { > -DEBUG ((DEBUG_ERROR, "SmmLockBox Locked!\n")); > -LockBoxParameterSave->Header.ReturnStatus = > (UINT64)EFI_ACCESS_DENIED; > -return; > - } > - > - CopyMem (&TempLockBoxParameterSave, LockBoxParameterSave, sizeof > (EFI_SMM_LOCK_BOX_PARAMETER_SAVE)); > - > - // > - // Sanity check > - // > - if (!SmmIsBufferOutsideSmmValid > ((UINTN)TempLockBoxParameterSave.Buffer, > (UINTN)TempLockBoxParameterSave.Length)) { > -DEBUG ((DEBUG_ERROR, "SmmLockBox Save address in SMRAM or buffer > overflow!\n")); > -LockBoxParameterSave->Header.ReturnStatus = > (UINT64)EFI_ACCESS_DENIED; > -return; > - } > - > - // > - // The SpeculationBarrier() call here is to ensure the above range check > for > - // the CommBuffer have been completed before calling into SaveLockBox(). > - // > - SpeculationBarrier (); > - > - // > - // Save data > - // > - Status = SaveLockBox ( > - &TempLockBoxParameterSave.Guid, > - (VOID *)(UINTN)TempLockBoxParameterSave.Buffer, > - (UINTN)TempLockBoxParameterSave.Length > - ); > - LockBoxPara
[edk2-devel] [edk2-platforms] [PATCH v1 1/2] MinPlatform: Add MpInfo2HobPei
MpInfo2HobPei provides backwards compatibility between FSP binaries built with older versions of EDK II and the latest EDK II. Newer versions of CpuMpPei produce the gMpInformation2HobGuid. This HOB is required by newer implementations of the CPU DXE driver, however older versions of CpuMpPei do not produce it. This PEIM will check if CpuMpPei creates gMpInformation2HobGuid and if it does not it creates it. Cc: Chasel Chiu Cc: Liming Gao Cc: Eric Dong Cc: Sai Chaganty Cc: Rosen Chuang Cc: Saloni Kasbekar Signed-off-by: Nate DeSimone --- .../FspWrapper/MpInfo2HobPei/MpInfo2HobPei.c | 236 ++ .../MpInfo2HobPei/MpInfo2HobPei.inf | 47 .../Intel/MinPlatformPkg/MinPlatformPkg.dsc | 3 +- 3 files changed, 285 insertions(+), 1 deletion(-) create mode 100644 Platform/Intel/MinPlatformPkg/FspWrapper/MpInfo2HobPei/MpInfo2HobPei.c create mode 100644 Platform/Intel/MinPlatformPkg/FspWrapper/MpInfo2HobPei/MpInfo2HobPei.inf diff --git a/Platform/Intel/MinPlatformPkg/FspWrapper/MpInfo2HobPei/MpInfo2HobPei.c b/Platform/Intel/MinPlatformPkg/FspWrapper/MpInfo2HobPei/MpInfo2HobPei.c new file mode 100644 index 00..4cbc4cf7e6 --- /dev/null +++ b/Platform/Intel/MinPlatformPkg/FspWrapper/MpInfo2HobPei/MpInfo2HobPei.c @@ -0,0 +1,236 @@ +/** @file + Multi-processor Info 2 HOB PEIM. + + The purpose of this PEIM is to provide backwards compatibility between FSP + binaries built with older versions of EDK II and the latest EDK II. + + Newer versions of CpuMpPei produce the gMpInformation2HobGuid. This HOB is + required by newer implementations of the CPU DXE driver, however older + versions of CpuMpPei do not produce it. This PEIM will check if CpuMpPei + creates gMpInformation2HobGuid and if it does not it creates it. + +Copyright (c) 2024, Intel Corporation. All rights reserved. + +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include + +typedef struct { + EDKII_PEI_MP_SERVICES2_PPI*CpuMpPpi2; + UINT8 *CoreTypes; +} GET_PROCESSOR_CORE_TYPE_BUFFER; + +/** + Get CPU core type. + + @param[in, out] Buffer Argument of the procedure. +**/ +VOID +EFIAPI +GetProcessorCoreType ( + IN OUT VOID *Buffer + ) +{ + EFI_STATUS Status; + UINT8*CoreTypes; + CPUID_NATIVE_MODEL_ID_AND_CORE_TYPE_EAX NativeModelIdAndCoreTypeEax; + UINTNProcessorIndex; + GET_PROCESSOR_CORE_TYPE_BUFFER *Params; + + Params = (GET_PROCESSOR_CORE_TYPE_BUFFER *)Buffer; + Status = Params->CpuMpPpi2->WhoAmI (Params->CpuMpPpi2, &ProcessorIndex); + ASSERT_EFI_ERROR (Status); + + CoreTypes = Params->CoreTypes; + AsmCpuidEx (CPUID_HYBRID_INFORMATION, CPUID_HYBRID_INFORMATION_MAIN_LEAF, &NativeModelIdAndCoreTypeEax.Uint32, NULL, NULL, NULL); + CoreTypes[ProcessorIndex] = (UINT8)NativeModelIdAndCoreTypeEax.Bits.CoreType; +} + +/** + Create gMpInformation2HobGuid. +**/ +VOID +BuildMpInformationHob ( + IN EDKII_PEI_MP_SERVICES2_PPI *CpuMpPpi2 + ) +{ + GET_PROCESSOR_CORE_TYPE_BUFFER Buffer; + EFI_STATUS Status; + UINTN ProcessorIndex; + UINTN NumberOfProcessors; + UINTN NumberOfEnabledProcessors; + UINTN NumberOfProcessorsInHob; + UINTN MaxProcessorsPerHob; + MP_INFORMATION2_HOB_DATA*MpInformation2HobData; + MP_INFORMATION2_ENTRY *MpInformation2Entry; + UINTN Index; + UINT8 *CoreTypes; + UINT32 CpuidMaxInput; + UINTN CoreTypePages; + + ProcessorIndex= 0; + MpInformation2HobData = NULL; + MpInformation2Entry = NULL; + CoreTypes = NULL; + CoreTypePages = 0; + + Status = CpuMpPpi2->GetNumberOfProcessors ( +CpuMpPpi2, +&NumberOfProcessors, +&NumberOfEnabledProcessors +); + ASSERT_EFI_ERROR (Status); + if (EFI_ERROR (Status)) { +goto Done; + } + + // + // Get Processors CoreType + // + AsmCpuid (CPUID_SIGNATURE, &CpuidMaxInput, NULL, NULL, NULL); + if (CpuidMaxInput >= CPUID_HYBRID_INFORMATION) { +CoreTypePages = EFI_SIZE_TO_PAGES (sizeof (UINT8) * NumberOfProcessors); +CoreTypes = AllocatePages (CoreTypePages); +ASSERT (CoreTypes != NULL); +if (CoreTypes == NULL) { + goto Done; +} + +Buffer.CoreTypes = CoreTypes; +Buffer.CpuMpPpi2 = CpuMpPpi2; +Status = CpuMpPpi2->StartupAllCPUs ( +CpuMpPpi2, +GetProcessorCoreType, +0, +(VOID *)&Buffer +
[edk2-devel] [edk2-platforms] [PATCH v1 0/2] Intel/MinPlatform: Add MpInfo2HobPei
Newer versions of CpuMpPei produce the gMpInformation2HobGuid. This HOB is required by newer implementations of the CPU DXE driver, however older versions of CpuMpPei do not produce it. This can cause backwards compatibiliity issues if the FSP binary was built with an older version of EDK II and the OpenBoard code is built with the latest version of EDK II. To solve this problem, this patch series introduces a new PEIM called MpInfo2HobPei. This PEIM will check if CpuMpPei creates gMpInformation2HobGuid and if it does not then MpInfo2HobPei will create it. Cc: Sai Chaganty Cc: Rosen Chuang Cc: Saloni Kasbekar Cc: Chasel Chiu Cc: Liming Gao Cc: Eric Dong Signed-off-by: Nate DeSimone Nate DeSimone (2): MinPlatform: Add MpInfo2HobPei AlderlakeOpenBoardPkg: Include MpInfo2HobPei .../AlderlakePRvp/OpenBoardPkg.dsc| 10 +- .../AlderlakePRvp/OpenBoardPkg.fdf| 10 +- .../FspWrapper/MpInfo2HobPei/MpInfo2HobPei.c | 236 ++ .../MpInfo2HobPei/MpInfo2HobPei.inf | 47 .../Intel/MinPlatformPkg/MinPlatformPkg.dsc | 3 +- 5 files changed, 303 insertions(+), 3 deletions(-) create mode 100644 Platform/Intel/MinPlatformPkg/FspWrapper/MpInfo2HobPei/MpInfo2HobPei.c create mode 100644 Platform/Intel/MinPlatformPkg/FspWrapper/MpInfo2HobPei/MpInfo2HobPei.inf -- 2.44.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118706): https://edk2.groups.io/g/devel/message/118706 Mute This Topic: https://groups.io/mt/105992896/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [edk2-platforms] [PATCH v1 2/2] AlderlakeOpenBoardPkg: Include MpInfo2HobPei
Because Alder Lake FSP includes an older version of CpuMpPei MpInfo2HobPei is needed to boot with newer versions of EDK II. Accordingly, this change adds MpInfo2HobPei to FvPostMemory. Cc: Sai Chaganty Cc: Rosen Chuang Cc: Saloni Kasbekar Cc: Chasel Chiu Cc: Liming Gao Cc: Eric Dong Signed-off-by: Nate DeSimone --- .../AlderlakePRvp/OpenBoardPkg.dsc | 10 +- .../AlderlakePRvp/OpenBoardPkg.fdf | 10 +- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/Platform/Intel/AlderlakeOpenBoardPkg/AlderlakePRvp/OpenBoardPkg.dsc b/Platform/Intel/AlderlakeOpenBoardPkg/AlderlakePRvp/OpenBoardPkg.dsc index edd03cba68..092cb34831 100644 --- a/Platform/Intel/AlderlakeOpenBoardPkg/AlderlakePRvp/OpenBoardPkg.dsc +++ b/Platform/Intel/AlderlakeOpenBoardPkg/AlderlakePRvp/OpenBoardPkg.dsc @@ -1,7 +1,7 @@ ## @file # The main build description file for the AlderlakePRvp board. # -# Copyright (c) 2022, Intel Corporation. All rights reserved. +# Copyright (c) 2022 - 2024, Intel Corporation. All rights reserved. # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -342,6 +342,14 @@ ResetSystemLib|$(PLATFORM_SI_PACKAGE)/Pch/Library/BaseResetSystemLib/BaseResetSy } + # + # ADL FSP includes an older version of CpuMpPei, so the compatibility PEIM + # is needed when using FSP Dispatch mode. + # +!if gIntelFsp2WrapperTokenSpaceGuid.PcdFspModeSelection == 0 + $(PLATFORM_PACKAGE)/FspWrapper/MpInfo2HobPei/MpInfo2HobPei.inf +!endif + # # Security # diff --git a/Platform/Intel/AlderlakeOpenBoardPkg/AlderlakePRvp/OpenBoardPkg.fdf b/Platform/Intel/AlderlakeOpenBoardPkg/AlderlakePRvp/OpenBoardPkg.fdf index ae7896e5e0..c8ceb8684c 100644 --- a/Platform/Intel/AlderlakeOpenBoardPkg/AlderlakePRvp/OpenBoardPkg.fdf +++ b/Platform/Intel/AlderlakeOpenBoardPkg/AlderlakePRvp/OpenBoardPkg.fdf @@ -1,7 +1,7 @@ ## @file # FDF file of Platform. # -# Copyright (c) 2022, Intel Corporation. All rights reserved. +# Copyright (c) 2022 - 2024, Intel Corporation. All rights reserved. # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -344,6 +344,14 @@ INF $(PLATFORM_BOARD_PACKAGE)/OpenBoardPlatformInit/OpenBoardPlatformInitPei/Ope INF $(PLATFORM_PACKAGE)/PlatformInit/SiliconPolicyPei/SiliconPolicyPeiPostMem.inf INF IntelFsp2WrapperPkg/FspsWrapperPeim/FspsWrapperPeim.inf +# +# ADL FSP includes an older version of CpuMpPei, so the compatibility PEIM +# is needed when using FSP Dispatch mode. +# +!if gIntelFsp2WrapperTokenSpaceGuid.PcdFspModeSelection == 0 + INF $(PLATFORM_PACKAGE)/FspWrapper/MpInfo2HobPei/MpInfo2HobPei.inf +!endif + [FV.FvPostMemory] BlockSize = $(FLASH_BLOCK_SIZE) -- 2.44.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118708): https://edk2.groups.io/g/devel/message/118708 Mute This Topic: https://groups.io/mt/105992898/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v1 07/14] NetworkPkg:: SECURITY PATCH CVE-2023-45237
On 08/05/2024 22:19, Ard Biesheuvel wrote: I've always found that logic rather bizarre - there is no way the implementation of the raw protocol can ensure that the caller uses it correctly, and so enforcing a minimum read size is pointless and arbitrary. And as you note, it has no basis in the UEFI spec either. So this should just be removed imo. For what it's worth, I agree that it should be removed. iPXE has the following comment: /** Minimum number of bytes to request from RNG * * The UEFI spec states (for no apparently good reason) that "When a * Deterministic Random Bit Generator (DRBG) is used on the output of * a (raw) entropy source, its security level must be at least 256 * bits." The EDK2 codebase (mis)interprets this to mean that the * call to GetRNG() should fail if given a buffer less than 32 bytes. * * Incidentally, nothing in the EFI RNG protocol provides any way to * report the actual amount of entropy returned by GetRNG(). */ #define EFIRNG_LEN 32 Michael -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118705): https://edk2.groups.io/g/devel/message/118705 Mute This Topic: https://groups.io/mt/105983246/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v1 07/14] NetworkPkg:: SECURITY PATCH CVE-2023-45237
I've always found that logic rather bizarre - there is no way the implementation of the raw protocol can ensure that the caller uses it correctly, and so enforcing a minimum read size is pointless and arbitrary. And as you note, it has no basis in the UEFI spec either. So this should just be removed imo. On Wed, 8 May 2024 at 22:40, Doug Flick via groups.io wrote: > > Ard, > > I went ahead an added your suggestion to use gEfiRngAlgorithmRaw. This > however led me to discover a difference in behavior in x86 based platforms > and Arm based platforms and I'm usure which is the correct behavior. > > On x86 based platforms, if the RngValueLength being requested is less than 32 > (256bits). Then it returns EFI_INVALID_PARAMETER (despite the function header > not indicating that's possible) > https://github.com/tianocore/edk2/blob/b82c9631da39ca5a1f0702185a46fea60446dd0a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c#L123 > > and it assumes that "When a Deterministic Random Bit Generator (DRBG) is used > on the output of a (raw) entropy source, its security level must be at least > 256 bits." means it shouldn't support requests smaller than 32 bytes. > https://uefi.org/specs/UEFI/2.10/37_Secure_Technologies.html#random-number-generator-protocol > > On Arm based Platforms it doesn't make this assumption and behaves according > to the specification. > https://github.com/tianocore/edk2/blob/b82c9631da39ca5a1f0702185a46fea60446dd0a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c#L106C35-L106C54 > > Right now my thought is that x86 machines are making an incorrect assumption > where the seed to a DRNG needs to be at least 256 bits by nist > recommendations but a caller should be free to request values smaller than 32 > bytes. > > Would you assume the same before I make a change to the x86 code to remove > that check? > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118704): https://edk2.groups.io/g/devel/message/118704 Mute This Topic: https://groups.io/mt/105983246/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v1 07/14] NetworkPkg:: SECURITY PATCH CVE-2023-45237
Ard, I went ahead an added your suggestion to use gEfiRngAlgorithmRaw. This however led me to discover a difference in behavior in x86 based platforms and Arm based platforms and I'm usure which is the correct behavior. On x86 based platforms, if the RngValueLength being requested is less than 32 (256bits). Then it returns EFI_INVALID_PARAMETER (despite the function header not indicating that's possible) https://github.com/tianocore/edk2/blob/b82c9631da39ca5a1f0702185a46fea60446dd0a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c#L123 and it assumes that "When a Deterministic Random Bit Generator (DRBG) is used on the output of a (raw) entropy source, its security level must be at least 256 bits." means it shouldn't support requests smaller than 32 bytes. https://uefi.org/specs/UEFI/2.10/37_Secure_Technologies.html#random-number-generator-protocol On Arm based Platforms it doesn't make this assumption and behaves according to the specification. https://github.com/tianocore/edk2/blob/b82c9631da39ca5a1f0702185a46fea60446dd0a/SecurityPkg/RandomNumberGenerator/RngDxe/ArmRngDxe.c#L106C35-L106C54 Right now my thought is that x86 machines are making an incorrect assumption where the seed to a DRNG needs to be at least 256 bits by nist recommendations but a caller should be free to request values smaller than 32 bytes. Would you assume the same before I make a change to the x86 code to remove that check? -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118703): https://edk2.groups.io/g/devel/message/118703 Mute This Topic: https://groups.io/mt/105983246/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v1 0/1] Add MockBiosIdLib to BoardModulePkg
This patch adds a mock library for MockBiosIdLib. REF: https://github.com/VivianNK/edk2-platforms/tree/vnowkakeane/MockBiosIdLib_v1 Cc: Eric Dong Cc: Liming Gao Signed-off-by: Vivian Nowka-Keane Bhavani Subramanian (1): BoardModulePkg: Added Mock library for BiosIdLib Platform/Intel/BoardModulePkg/BoardModulePkg.dec | 1 + Platform/Intel/BoardModulePkg/Test/BoardModulePkgHostTest.dsc | 32 +++ Platform/Intel/BoardModulePkg/Test/Mock/Include/GoogleTest/Library/MockBiosIdLib.h | 31 ++ Platform/Intel/BoardModulePkg/Test/Mock/Library/GoogleTest/MockBiosIdLib/MockBiosIdLib.cpp | 11 +++ Platform/Intel/BoardModulePkg/Test/Mock/Library/GoogleTest/MockBiosIdLib/MockBiosIdLib.inf | 33 5 files changed, 108 insertions(+) create mode 100644 Platform/Intel/BoardModulePkg/Test/BoardModulePkgHostTest.dsc create mode 100644 Platform/Intel/BoardModulePkg/Test/Mock/Include/GoogleTest/Library/MockBiosIdLib.h create mode 100644 Platform/Intel/BoardModulePkg/Test/Mock/Library/GoogleTest/MockBiosIdLib/MockBiosIdLib.cpp create mode 100644 Platform/Intel/BoardModulePkg/Test/Mock/Library/GoogleTest/MockBiosIdLib/MockBiosIdLib.inf -- 2.43.0.windows.1
[edk2-devel] [PATCH v1 1/1] BoardModulePkg: Added Mock library for BiosIdLib
From: Bhavani Subramanian Added a gmock for GoogleTests that pull in BiosIdLib. Cc: Eric Dong Cc: Liming Gao Signed-off-by: Vivian Nowka-Keane --- Platform/Intel/BoardModulePkg/BoardModulePkg.dec | 1 + Platform/Intel/BoardModulePkg/Test/BoardModulePkgHostTest.dsc | 32 +++ Platform/Intel/BoardModulePkg/Test/Mock/Include/GoogleTest/Library/MockBiosIdLib.h | 31 ++ Platform/Intel/BoardModulePkg/Test/Mock/Library/GoogleTest/MockBiosIdLib/MockBiosIdLib.cpp | 11 +++ Platform/Intel/BoardModulePkg/Test/Mock/Library/GoogleTest/MockBiosIdLib/MockBiosIdLib.inf | 33 5 files changed, 108 insertions(+) diff --git a/Platform/Intel/BoardModulePkg/BoardModulePkg.dec b/Platform/Intel/BoardModulePkg/BoardModulePkg.dec index 26e662f711d1..5efb1a0348ff 100644 --- a/Platform/Intel/BoardModulePkg/BoardModulePkg.dec +++ b/Platform/Intel/BoardModulePkg/BoardModulePkg.dec @@ -22,6 +22,7 @@ [Includes] Include + Test/Mock/Include # MU_CHANGE [LibraryClasses] ## @libraryclassProvide services to access CMOS area. diff --git a/Platform/Intel/BoardModulePkg/Test/BoardModulePkgHostTest.dsc b/Platform/Intel/BoardModulePkg/Test/BoardModulePkgHostTest.dsc new file mode 100644 index ..846a1e9f8b33 --- /dev/null +++ b/Platform/Intel/BoardModulePkg/Test/BoardModulePkgHostTest.dsc @@ -0,0 +1,32 @@ +## @fileBoardModulePkgHostTest.dsc +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# Description +# +## + +[Defines] +PLATFORM_NAME = BoardModulePkgHostTest +PLATFORM_GUID = 67275336-A324-4F69-BD38-70A4C7898F06 +PLATFORM_VERSION= 0.1 +DSC_SPECIFICATION = 0x00010005 +OUTPUT_DIRECTORY= Build/BoardModulePkg/HostTest +SUPPORTED_ARCHITECTURES = IA32|X64|AARCH64 +BUILD_TARGETS = NOOPT +SKUID_IDENTIFIER= DEFAULT + +!include UnitTestFrameworkPkg/UnitTestFrameworkPkgHost.dsc.inc + +[LibraryClasses] + +[Components] + # + # List of Unit test packages + # + + # + # Build HOST_APPLICATION Libraries With GoogleTest + # + BoardModulePkg/Test/Mock/Library/GoogleTest/MockBiosIdLib/MockBiosIdLib.inf diff --git a/Platform/Intel/BoardModulePkg/Test/Mock/Include/GoogleTest/Library/MockBiosIdLib.h b/Platform/Intel/BoardModulePkg/Test/Mock/Include/GoogleTest/Library/MockBiosIdLib.h new file mode 100644 index ..8f8a82da2807 --- /dev/null +++ b/Platform/Intel/BoardModulePkg/Test/Mock/Include/GoogleTest/Library/MockBiosIdLib.h @@ -0,0 +1,31 @@ +/** @file MockBiosIdLib.h + Google Test mocks for BiosIdLib + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef MOCK_BIOS_ID_LIB_H_ +#define MOCK_BIOS_ID_LIB_H_ + +#include +#include +extern "C" { + #include + #include + #include +} + +struct MockBiosIdLib { + MOCK_INTERFACE_DECLARATION (MockBiosIdLib); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +GetBiosId, +( + OUT BIOS_ID_IMAGE *BiosIdImage OPTIONAL +) +); +}; + +#endif diff --git a/Platform/Intel/BoardModulePkg/Test/Mock/Library/GoogleTest/MockBiosIdLib/MockBiosIdLib.cpp b/Platform/Intel/BoardModulePkg/Test/Mock/Library/GoogleTest/MockBiosIdLib/MockBiosIdLib.cpp new file mode 100644 index ..8b64e8a66acd --- /dev/null +++ b/Platform/Intel/BoardModulePkg/Test/Mock/Library/GoogleTest/MockBiosIdLib/MockBiosIdLib.cpp @@ -0,0 +1,11 @@ +/** @file MockBiosIdLib.cpp + Google Test mocks for BiosIdLib + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +MOCK_INTERFACE_DEFINITION (MockBiosIdLib); +MOCK_FUNCTION_DEFINITION (MockBiosIdLib, GetBiosId, 1, EFIAPI); diff --git a/Platform/Intel/BoardModulePkg/Test/Mock/Library/GoogleTest/MockBiosIdLib/MockBiosIdLib.inf b/Platform/Intel/BoardModulePkg/Test/Mock/Library/GoogleTest/MockBiosIdLib/MockBiosIdLib.inf new file mode 100644 index ..f60bc3724f6a --- /dev/null +++ b/Platform/Intel/BoardModulePkg/Test/Mock/Library/GoogleTest/MockBiosIdLib/MockBiosIdLib.inf @@ -0,0 +1,33 @@ +## @file MockBiosIdLib.inf +# Google Test mocks for BiosIdLib +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION= 0x00010005 + BASE_NAME = MockBiosIdLib + FILE_GUID = FD03FA6D-7447-499C-B3AF-D89450F7739A + MODULE_TYPE= HOST_APPLICATION + VERSION_STRING = 1.0 + LIBRARY_CLASS = BiosIdLib + PI_SPECIFICATION_VERSION = 0x0001000A + +# +# VALID_ARCHITECTURES = IA32 X64 +# + +[Sources] + MockBiosIdLib.cpp + +[Packages] + MdePkg/MdePkg.dec + UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec + BoardModulePkg/BoardModulePkg.dec + +[LibraryClasses] + GoogleTestLib + +[BuildOptio
Re: [edk2-devel] [PATCH v1 07/14] NetworkPkg:: SECURITY PATCH CVE-2023-45237
In that case, I think that's a fair argument and a simple enough request with limited impact to make. I'll go ahead and add RAW and drop the commits disabling "Secure Algorithms" from VirtioRngDxe based implementations -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118700): https://edk2.groups.io/g/devel/message/118700 Mute This Topic: https://groups.io/mt/105983246/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v1 07/14] NetworkPkg:: SECURITY PATCH CVE-2023-45237
On Wed, 8 May 2024 at 18:47, Doug Flick via groups.io wrote: > > I don't disagree. > > The intent is not to be limited by NIST specified standards but rather the > only UEFI Spec defined algorithms are NIST Standards. > > https://uefi.org/specs/UEFI/2.10/37_Secure_Technologies.html#efi-rng-algorithm-definitions > > I'm not sure what's the best way to clarify this distinction > The issue here is that virtio-rng only exposes the 'raw' RNG protocol, which is what the underlying hardware claims to implement. This has a special status in the spec, as it can be used as an entropy source for the NIST algorithms, the security strength of which is cannot exceed the security strength represented by the size of the seed consumed from the raw input. So in that sense, it might be appropriate to treat the raw protocol in the same way as the NIST ones, and permit them, call them 'secure' etc. Only when taking the default (ergo unspecified) algorithm should we conclude that the algorithm may be less strong than what the spec requires. What would help is if RngDxe could wrap an implementation of the raw RNG protocol produced by another driver, and produce the NIST DRBGs based on that - perhaps I should look into that. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118699): https://edk2.groups.io/g/devel/message/118699 Mute This Topic: https://groups.io/mt/105983246/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v1 07/14] NetworkPkg:: SECURITY PATCH CVE-2023-45237
I don't disagree. The intent is not to be limited by NIST specified standards but rather the only UEFI Spec defined algorithms are NIST Standards. https://uefi.org/specs/UEFI/2.10/37_Secure_Technologies.html#efi-rng-algorithm-definitions I'm not sure what's the best way to clarify this distinction -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118698): https://edk2.groups.io/g/devel/message/118698 Mute This Topic: https://groups.io/mt/105983246/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v4 00/14] Add SmmRelocationLib
Happy to merge this. Liming, please let me know if this meets the soft freeze requirements? Thanks, On Tue, 7 May 2024 at 07:18, Wu, Jiaxin wrote: > > Thanks Jiewen. > > > > > > > > From: Yao, Jiewen > Sent: Tuesday, May 7, 2024 12:59 PM > To: Wu, Jiaxin ; Ni, Ray ; > devel@edk2.groups.io; Ard Biesheuvel > Cc: Zeng, Star ; Gerd Hoffmann ; > Kumar, Rahul R ; Dong, Guo ; > Rhodes, Sean ; Lu, James ; Guo, > Gua ; Abdul Lateef Attar ; > Abner Chang ; Tom Lendacky > Subject: RE: [PATCH v4 00/14] Add SmmRelocationLib > > > > Acked-by: Jiewen Yao > > > > From: Wu, Jiaxin > Sent: Tuesday, May 7, 2024 11:39 AM > To: Ni, Ray ; devel@edk2.groups.io; Ard Biesheuvel > ; Yao, Jiewen > Cc: Zeng, Star ; Gerd Hoffmann ; > Kumar, Rahul R ; Dong, Guo ; > Rhodes, Sean ; Lu, James ; Guo, > Gua ; Abdul Lateef Attar ; > Abner Chang ; Tom Lendacky > Subject: RE: [PATCH v4 00/14] Add SmmRelocationLib > > > > Hi Jiewen and Ard, > > > > @Yao, Jiewen, @Ard Biesheuvel, do you agree we merge the change related to > OVMF package since you are the OVMF maintainers. Please help check /review. > > > > The patches have been acked/tested by the Gerd. > > > > [PATCH v4 08/14] OvmfPkg/SmmRelocationLib: Add library instance for OVMF > [PATCH v4 09/14] OvmfPkg/PlatformInitLib: Create gEfiSmmSmramMemoryGuid > [PATCH v4 10/14] OvmfPkg: Refine SmmAccess implementation > [PATCH v4 11/14] OvmfPkg/SmmCpuFeaturesLib: Check Smbase Relocation is done > or not > [PATCH v4 12/14] OvmfPkg/PlatformPei: Relocate SmBases in PEI phase > > > > Thanks, > > Jiaxin > > > > From: Wu, Jiaxin > Sent: Tuesday, April 30, 2024 6:14 PM > To: Ni, Ray ; devel@edk2.groups.io > Cc: Zeng, Star ; Gerd Hoffmann ; > Kumar, Rahul R ; Dong, Guo ; > Rhodes, Sean ; Lu, James ; Guo, > Gua ; Ard Biesheuvel ; Yao, > Jiewen ; Abdul Lateef Attar > ; Abner Chang ; Tom Lendacky > > Subject: RE: [PATCH v4 00/14] Add SmmRelocationLib > > > > Thanks Ray, I missed to add some already reviewed-by tag in v4. All V4 > patches are tested & acted by Gerd: > > Tested-by: Gerd Hoffmann > > Acked-by: Gerd Hoffmann > > > > For each one: listed as below, *so need Ray “reviewed-by” tag on the patch: > 05/06/14, need Gerd “reviewed-by” tag on the patch: 08/09/10/11/12* > > > > [PATCH v4 01/14] UefiCpuPkg: Add SmmRelocationLib class > > Reviewed-by: Ray Ni --> no change compared to V3 > > > [PATCH v4 02/14] UefiCpuPkg/SmmRelocationLib: Add SmmRelocationLib library > instance > > Reviewed-by: Ray Ni --> no change compared to V3 > > > [PATCH v4 03/14] UefiCpuPkg/SmmRelocationLib: Rename global variables > > Reviewed-by: Ray Ni --> no change compared to V3 > > > [PATCH v4 04/14] UefiCpuPkg/SmmRelocationLib: Avoid unnecessary memory > allocation > > Reviewed-by: Ray Ni --> no change compared to V3 > > > [PATCH v4 05/14] UefiCpuPkg/SmmRelocationLib: Remove unnecessary global > variable > [PATCH v4 06/14] UefiCpuPkg/SmmRelocationLib: Remove unnecessary CpuIndex > > * Change Based on Ray’s comment on V3: split the removal of CpuIndex > parameter in a new patch, so add the 06 patch in V4.* > > > [PATCH v4 07/14] UefiCpuPkg/SmmRelocationLib: Add library instance for AMD > > Reviewed-by: Abdul Lateef Attar --> no change > compared to V3 > > > [PATCH v4 08/14] OvmfPkg/SmmRelocationLib: Add library instance for OVMF > [PATCH v4 09/14] OvmfPkg/PlatformInitLib: Create gEfiSmmSmramMemoryGuid > [PATCH v4 10/14] OvmfPkg: Refine SmmAccess implementation > [PATCH v4 11/14] OvmfPkg/SmmCpuFeaturesLib: Check Smbase Relocation is done > or not > [PATCH v4 12/14] OvmfPkg/PlatformPei: Relocate SmBases in PEI phase > > *Change Based on Gerd’s comment on V3: 1. Creating the > EFI_SMM_SMRAM_MEMORY_GUID HOB should be moved to its own function. 2) refine > the comment in SmmAccess 3) refine the commit log.* > > > [PATCH v4 13/14] UefiPayloadPkg/UefiPayloadPkg.dsc: Include SmmRelocationLib > > Reviewed-by: Gua Guo > > Reviewed-by: Guo Dong > > > [PATCH v4 14/14] UefiCpuPkg/PiSmmCpuDxeSmm: Remove SmBases relocation logic > > *Change Based on Ray’s comment on V3: move the "TileSize" check just below > the original TileSize calculation logic* > > > > Thanks, > > Jiaxin > > > > From: Ni, Ray > Sent: Tuesday, April 30, 2024 2:01 PM > To: Wu, Jiaxin ; devel@edk2.groups.io > Cc: Zeng, Star ; Gerd Hoffmann ; > Kumar, Rahul R ; Dong, Guo ; > Rhodes, Sean ; Lu, James ; Guo, > Gua ; Ard Biesheuvel ; Yao, > Jiewen ; Abdul Lateef Attar > ; Abner Chang ; Tom Lendacky > > Subject: Re: [PATCH v4 00/14] Add SmmRelocationLib > > > > Jiaxin, > > You need to add the missing Reviewed-by for each patch if the patch doesn't > change in V4. > > > > Can you reply to this mail to list what patches have already got Reviewed-by > from whom? > > > > > > > > Thanks, > > Ray > > > > From: Wu, Jiaxin > Sent: Friday, April 26, 2024 20:17 > To: devel@edk2.groups.io > Cc: Ni, Ray ; Zeng, Star ; Gerd > Hoffmann ; Kumar, Rahul R ; Dong
Re: [edk2-devel] [PATCH V2 1/1] MdeModulePkg/XhciDxe: Reset endpoint while USB Transaction error
Hi Gaoliming, Could you help push the PR ? BR, More Shih From: Cai, Xianglei Sent: Friday, April 26, 2024 5:13 PM To: gaoliming ; devel@edk2.groups.io Cc: Ni, Ray ; Lewandowski, Krzysztof ; Huang, Jenny ; Shih, More Subject: RE: [edk2-devel] [PATCH V2 1/1] MdeModulePkg/XhciDxe: Reset endpoint while USB Transaction error I have no access to push PR. But I tried with my personal fork, it can pass CI. Thanks, Xianglei -Original Message- From: gaoliming Sent: Friday, April 26, 2024 4:44 PM To: devel@edk2.groups.io; Cai, Xianglei Cc: Ni, Ray ; Lewandowski, Krzysztof ; Huang, Jenny ; Shih, More Subject: 回复: [edk2-devel] [PATCH V2 1/1] MdeModulePkg/XhciDxe: Reset endpoint while USB Transaction error Can you create PR for this patch? If it passes CI, I will add push label. Thanks Liming > -邮件原件- > 发件人: devel@edk2.groups.io 代表 Xianglei Cai > 发送时间: 2024年4月25日 17:58 > 收件人: gaoliming ; devel@edk2.groups.io > 抄送: Ni, Ray ; Lewandowski, Krzysztof > ; Huang, Jenny > ; Shih, More > 主题: Re: [edk2-devel] [PATCH V2 1/1] MdeModulePkg/XhciDxe: Reset > endpoint while USB Transaction error > > Hi @gaoliming > > Could you provide the eta when the patch can be merged? > > Thanks, > Xianglei > > -Original Message- > From: Cai, Xianglei > Sent: Thursday, April 18, 2024 4:59 PM > To: gaoliming ; devel@edk2.groups.io > Cc: Ni, Ray ; Lewandowski, Krzysztof > ; Huang, Jenny > ; Shih, More > Subject: RE: [edk2-devel] [PATCH V2 1/1] MdeModulePkg/XhciDxe: Reset > endpoint while USB Transaction error > > Hi Liming, > > Could you help pick the change to the master branch? > > Thanks, > Xianglei > > -Original Message- > From: gaoliming > Sent: Monday, April 15, 2024 5:52 PM > To: devel@edk2.groups.io; Cai, Xianglei > Cc: Ni, Ray ; Lewandowski, Krzysztof > ; Huang, Jenny > ; Shih, More > Subject: 回复: [edk2-devel] [PATCH V2 1/1] MdeModulePkg/XhciDxe: Reset > endpoint while USB Transaction error > > Reviewed-by: Liming Gao > > > -邮件原件- > > 发件人: devel@edk2.groups.io 代表 Xianglei > Cai > > 发送时间: 2024年4月15日 14:55 > > 收件人: devel@edk2.groups.io > > 抄送: Xianglei Cai ; Ray Ni > > ; Liming Gao ; Krzysztof > > Lewandowski ; Jenny Huang > > ; More Shih > > 主题: [edk2-devel] [PATCH V2 1/1] MdeModulePkg/XhciDxe: Reset > endpoint > > while USB Transaction error > > > > https://bugzilla.tianocore.org/show_bug.cgi?id=4556 > > > > Based on XHCI spec 4.8.3, software should do the reset endpoint > > while USB Transaction occur. > > Add the error code for USB Transaction error since UEFI spec don't > > have the related definition. > > > > Cc: Ray Ni > > Cc: Liming Gao > > Cc: Krzysztof Lewandowski > > Cc: Jenny Huang > > Cc: More Shih > > Signed-off-by: Xianglei Cai > > Reviewed-by: Krzysztof Lewandowski > > --- > > MdeModulePkg/Bus/Pci/XhciDxe/Xhci.c | 5 - > > MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c | 5 - > > MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.h | 7 +++ > > 3 files changed, 15 insertions(+), 2 deletions(-) > > > > diff --git a/MdeModulePkg/Bus/Pci/XhciDxe/Xhci.c > > b/MdeModulePkg/Bus/Pci/XhciDxe/Xhci.c > > index f4e61d223c1b..cf6b32959e68 100644 > > --- a/MdeModulePkg/Bus/Pci/XhciDxe/Xhci.c > > +++ b/MdeModulePkg/Bus/Pci/XhciDxe/Xhci.c > > @@ -825,7 +825,10 @@ XhcTransfer ( > >*TransferResult = Urb->Result; > >*DataLength = Urb->Completed; > > > > - if ((*TransferResult == EFI_USB_ERR_STALL) || (*TransferResult == > > EFI_USB_ERR_BABBLE)) { > > + // > > + // Based on XHCI spec 4.8.3, software should do the reset > > + endpoint > while > > USB Transaction occur. > > + // > > + if ((*TransferResult == EFI_USB_ERR_STALL) || (*TransferResult == > > EFI_USB_ERR_BABBLE) || (*TransferResult == > > EDKII_USB_ERR_TRANSACTION)) { > > ASSERT (Status == EFI_DEVICE_ERROR); > > RecoveryStatus = XhcRecoverHaltedEndpoint (Xhc, Urb); > > if (EFI_ERROR (RecoveryStatus)) { diff --git > > a/MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c > > b/MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c > > index 5d735008ba31..a97ed44dbfc3 100644 > > --- a/MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c > > +++ b/MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c > > @@ -1192,8 +1192,11 @@ XhcCheckUrbResult ( > > DEBUG ((DEBUG_ERROR, "XhcCheckUrbResult: ERR_BUFFER! > > Completecode = %x\n", EvtTrb->Completecode)); > > goto EXIT; > > > > + // > > + // Based on XHCI spec 4.8.3, software should do the reset > > + endpoint > > while USB Transaction occur. > > + // > >case TRB_COMPLETION_USB_TRANSACTION_ERROR: > > -CheckedUrb->Result |= EFI_USB_ERR_TIMEOUT; > > +CheckedUrb->Result |= EDKII_USB_ERR_TRANSACTION; > > CheckedUrb->Finished = TRUE; > > DEBUG ((DEBUG_ERROR, "XhcCheckUrbResult: > > TRANSACTION_ERROR! Completecode = %x\n", EvtTrb->Completecode)); > > goto EXIT; > > diff --git a/MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.h >
[edk2-devel] [PATCH v3 1/2] Subject: [PATCH] MdePkg:Added new SPCR table stucture members as in Rev4.
In SPCR table, 4 structure members have been added newly as per SPCR table Rev4, which has to be added in MdePkg/SerialPortConsoleRedirectionTable.h file. Signed-off-by: Praveen Sankar N praveensank...@ami.com CC: michael.d.kin...@intel.com CC: gaolim...@byosoft.com.cn CC: zhiguang@intel.com CC: fel...@ami.com CC: srinivas...@ami.com CC: sundares...@ami.com --- .../IndustryStandard/SerialPortConsoleRedirectionTable.h| 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/MdePkg/Include/IndustryStandard/SerialPortConsoleRedirectionTable.h b/MdePkg/Include/IndustryStandard/SerialPortConsoleRedirectionTable.h index eb5ae28390..f0001ab137 100644 --- a/MdePkg/Include/IndustryStandard/SerialPortConsoleRedirectionTable.h +++ b/MdePkg/Include/IndustryStandard/SerialPortConsoleRedirectionTable.h @@ -47,7 +47,11 @@ typedef struct { UINT8 PciFunctionNumber; UINT32PciFlags; UINT8 PciSegment; - UINT32Reserved3; + UINT32UartClockFrequency; + UINT32PreciseBaudRate; + UINT16NameSpaceStrLength; + UINT16NameSpaceStrOffset; + CHAR8 NameSpaceString[0]; } EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE; #pragma pack() -- 2.38.1.windows.1 -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118693): https://edk2.groups.io/g/devel/message/118693 Mute This Topic: https://groups.io/mt/105984699/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v4 1/1] MdePkg: Added new SPCR table Revision 4 structure
In SPCR table, 4 structure members have been added newly as per SPCR table Revision 4, which has to be added in MdePkg/Include/IndustryStandard/SerialPortConsoleRedirectionTable.h. Signed-off-by: Praveen Sankar N praveensank...@ami.com Cc: michael.d.kin...@intel.com Cc: gaolim...@byosoft.com.cn Cc: zhiguang@intel.com Cc: fel...@ami.com Cc: srinivas...@ami.com Cc: sundares...@ami.com Cc: rabis...@ami.com --- .../SerialPortConsoleRedirectionTable.h | 32 +++ 1 file changed, 32 insertions(+) diff --git a/MdePkg/Include/IndustryStandard/SerialPortConsoleRedirectionTable.h b/MdePkg/Include/IndustryStandard/SerialPortConsoleRedirectionTable.h index eb5ae28390..bf967880ab 100644 --- a/MdePkg/Include/IndustryStandard/SerialPortConsoleRedirectionTable.h +++ b/MdePkg/Include/IndustryStandard/SerialPortConsoleRedirectionTable.h @@ -23,6 +23,7 @@ /// #define EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_REVISION 0x02 +#define EFI_ACPI_4_0_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_REVISION 0x04 /// /// Serial Port Console Redirection Table Format /// @@ -50,6 +51,37 @@ typedef struct { UINT32Reserved3; } EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE; +/// +/// Serial Port Console Redirection Table Format Revision 4 +/// +typedef struct { + EFI_ACPI_DESCRIPTION_HEADER Header; + UINT8 InterfaceType; + UINT8 Reserved1[3]; + EFI_ACPI_5_0_GENERIC_ADDRESS_STRUCTUREBaseAddress; + UINT8 InterruptType; + UINT8 Irq; + UINT32GlobalSystemInterrupt; + UINT8 BaudRate; + UINT8 Parity; + UINT8 StopBits; + UINT8 FlowControl; + UINT8 TerminalType; + UINT8 Reserved2; + UINT16PciDeviceId; + UINT16PciVendorId; + UINT8 PciBusNumber; + UINT8 PciDeviceNumber; + UINT8 PciFunctionNumber; + UINT32PciFlags; + UINT8 PciSegment; + UINT32UartClockFrequency; + UINT32PreciseBaudRate; + UINT16NameSpaceStrLength; + UINT16NameSpaceStrOffset; + CHAR8 NameSpaceString[0]; +} EFI_ACPI_4_0_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE; + #pragma pack() // -- 2.38.1.windows.1 -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118695): https://edk2.groups.io/g/devel/message/118695 Mute This Topic: https://groups.io/mt/105984701/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v3 2/2] MdePkg: Added new SPCR table Revision 4 structure
In SPCR table, 4 structure members have been added newly as per SPCR table Revision 4, which has to be added in MdePkg/Include/IndustryStandard/SerialPortConsoleRedirectionTable.h. Signed-off-by: Praveen Sankar N praveensank...@ami.com Cc: michael.d.kin...@intel.com Cc: gaolim...@byosoft.com.cn Cc: zhiguang@intel.com Cc: fel...@ami.com Cc: srinivas...@ami.com Cc: sundares...@ami.com Cc: rabis...@ami.com --- .../IndustryStandard/SerialPortConsoleRedirectionTable.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/MdePkg/Include/IndustryStandard/SerialPortConsoleRedirectionTable.h b/MdePkg/Include/IndustryStandard/SerialPortConsoleRedirectionTable.h index f0001ab137..3979baf594 100644 --- a/MdePkg/Include/IndustryStandard/SerialPortConsoleRedirectionTable.h +++ b/MdePkg/Include/IndustryStandard/SerialPortConsoleRedirectionTable.h @@ -21,7 +21,7 @@ /// /// SPCR Revision (defined in spec) /// -#define EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_REVISION 0x02 +#define EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_REVISION 0x04 /// /// Serial Port Console Redirection Table Format @@ -52,7 +52,7 @@ typedef struct { UINT16NameSpaceStrLength; UINT16NameSpaceStrOffset; CHAR8 NameSpaceString[0]; -} EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE; +} EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_V4; #pragma pack() -- 2.38.1.windows.1 -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118694): https://edk2.groups.io/g/devel/message/118694 Mute This Topic: https://groups.io/mt/105984700/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v3 0/2] MdePkg: Added new SPCR table Revision 4 structure
praveensankarn (2): Subject: [PATCH] MdePkg:Added new SPCR table stucture members as in Rev4. MdePkg: Added new SPCR table Revision 4 structure .../SerialPortConsoleRedirectionTable.h| 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) -- 2.38.1.windows.1 -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118692): https://edk2.groups.io/g/devel/message/118692 Mute This Topic: https://groups.io/mt/105984698/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v1 07/14] NetworkPkg:: SECURITY PATCH CVE-2023-45237
On Wed, 8 May 2024 at 17:29, Doug Flick via groups.io wrote: > > From: Doug Flick > > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4542 > > Bug Overview: > PixieFail Bug #9 > CVE-2023-45237 > CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N > CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) > > Use of a Weak PseudoRandom Number Generator > > Change Overview: > > Updates all Instances of NET_RANDOM (NetRandomInitSeed ()) to either > > > > > EFI_STATUS > > EFIAPI > > PseudoRandomU32 ( > > OUT UINT32 *Output > > ); > > > > or (depending on the use case) > > > > > EFI_STATUS > > EFIAPI > > PseudoRandom ( > > OUT VOID *Output, > > IN UINTN OutputLength > > ); > > > > This is because the use of > > Example: > > The following code snippet PseudoRandomU32 () function is used: > > > > > UINT32 Random; > > > > Status = PseudoRandomU32 (&Random); > > if (EFI_ERROR (Status)) { > > DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", > __func__, Status)); > > return Status; > > } > > > > This also introduces a new PCD to enable/disable the use of the > NIST SP-800-90 approved algorithms for PseudoRandom () and > instead depend on the default implementation. This may be required for > some platforms where the UEFI Spec defined algorithms are not available. > > > > > PcdEnforceSecureRngAlgorithms > > > > If the platform does not have the NIST SP-800-90 approved algorithms > then the driver will assert. > > Cc: Saloni Kasbekar > Cc: Zachary Clark-williams > > Signed-off-by: Doug Flick [MSFT] > --- > NetworkPkg/NetworkPkg.dec | 7 ++ > NetworkPkg/Library/DxeNetLib/DxeNetLib.inf | 12 +- > NetworkPkg/TcpDxe/TcpDxe.inf | 3 + > NetworkPkg/IScsiDxe/IScsiMisc.h| 6 +- > NetworkPkg/Include/Library/NetLib.h| 40 -- > NetworkPkg/Ip6Dxe/Ip6Nd.h | 8 +- > NetworkPkg/Dhcp4Dxe/Dhcp4Driver.c | 10 +- > NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c | 11 +- > NetworkPkg/DnsDxe/DnsDhcp.c| 10 +- > NetworkPkg/DnsDxe/DnsImpl.c| 11 +- > NetworkPkg/HttpBootDxe/HttpBootDhcp6.c | 10 +- > NetworkPkg/IScsiDxe/IScsiCHAP.c| 19 ++- > NetworkPkg/IScsiDxe/IScsiMisc.c| 14 +-- > NetworkPkg/Ip4Dxe/Ip4Driver.c | 10 +- > NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c | 9 +- > NetworkPkg/Ip6Dxe/Ip6Driver.c | 17 ++- > NetworkPkg/Ip6Dxe/Ip6If.c | 12 +- > NetworkPkg/Ip6Dxe/Ip6Mld.c | 12 +- > NetworkPkg/Ip6Dxe/Ip6Nd.c | 33 - > NetworkPkg/Library/DxeNetLib/DxeNetLib.c | 129 +--- > NetworkPkg/TcpDxe/TcpDriver.c | 15 ++- > NetworkPkg/Udp4Dxe/Udp4Driver.c| 10 +- > NetworkPkg/Udp6Dxe/Udp6Driver.c| 11 +- > NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.c | 9 +- > NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c | 11 +- > NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c | 12 +- > NetworkPkg/SecurityFixes.yaml | 39 ++ > 27 files changed, 407 insertions(+), 83 deletions(-) > > diff --git a/NetworkPkg/NetworkPkg.dec b/NetworkPkg/NetworkPkg.dec > index e06f35e7747c..7c4289b77b21 100644 > --- a/NetworkPkg/NetworkPkg.dec > +++ b/NetworkPkg/NetworkPkg.dec > @@ -5,6 +5,7 @@ > # > # Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved. > # (C) Copyright 2015-2020 Hewlett Packard Enterprise Development LP > +# Copyright (c) Microsoft Corporation > # > # SPDX-License-Identifier: BSD-2-Clause-Patent > # > @@ -130,6 +131,12 @@ [PcdsFixedAtBuild, PcdsPatchableInModule] ># @Prompt Indicates whether SnpDxe creates event for ExitBootServices() > call. > > gEfiNetworkPkgTokenSpaceGuid.PcdSnpCreateExitBootServicesEvent|TRUE|BOOLEAN|0x100C > > + ## Enforces the use of Secure UEFI spec defined RNG algorithms for all > network connections. > + # TRUE - Enforce the use of Secure UEFI spec defined RNG algorithms. > + # FALSE - Do not enforce and depend on the default implementation of RNG > algorithm from the provider. > + # @Prompt Enforce the use of Secure UEFI spec defined RNG algorithms. > + > gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|TRUE|BOOLEAN|0x100D > + This conflates 'secure' with 'specified by NIST', which I don't think is entirely accurate. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118691): https://edk2.groups.io/g/devel/message/118691 Mute This Topic: https://groups.io/mt/105983246/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] pr for stable tag
Yes On Wed, 8 May 2024 at 17:36, gaoliming via groups.io wrote: > > Ard: > So, this patch needs to catch this stable tag. Right? > > Thanks > Liming > > -邮件原件- > > 发件人: devel@edk2.groups.io 代表 Ard Biesheuvel > > 发送时间: 2024年5月8日 20:41 > > 收件人: Liming Gao (Byosoft address) ; Michael > > Kinney ; Leif Lindholm > > ; edk2-devel-groups-io > > 抄送: Peter Batard > > 主题: [edk2-devel] pr for stable tag > > > > Please set the push label on > > > > https://github.com/tianocore/edk2/pull/5642 > > > > discussed here: > > > > https://openfw.io/edk2-devel/20240508085148.1725-1-p...@akeo.ie/ > > > > > > > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118690): https://edk2.groups.io/g/devel/message/118690 Mute This Topic: https://groups.io/mt/105984326/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
回复: [edk2-devel] pr for stable tag
Ard: So, this patch needs to catch this stable tag. Right? Thanks Liming > -邮件原件- > 发件人: devel@edk2.groups.io 代表 Ard Biesheuvel > 发送时间: 2024年5月8日 20:41 > 收件人: Liming Gao (Byosoft address) ; Michael > Kinney ; Leif Lindholm > ; edk2-devel-groups-io > 抄送: Peter Batard > 主题: [edk2-devel] pr for stable tag > > Please set the push label on > > https://github.com/tianocore/edk2/pull/5642 > > discussed here: > > https://openfw.io/edk2-devel/20240508085148.1725-1-p...@akeo.ie/ > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118689): https://edk2.groups.io/g/devel/message/118689 Mute This Topic: https://groups.io/mt/105983425/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] Cancelled Event: TianoCore Bug Triage - APAC / NAMO - Wednesday, May 8, 2024 #cal-cancelled
BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Groups.io Inc//Groups.io Calendar//EN METHOD:CANCEL REFRESH-INTERVAL;VALUE=DURATION:PT1H X-PUBLISHED-TTL:PT1H CALSCALE:GREGORIAN BEGIN:VTIMEZONE TZID:America/Los_Angeles LAST-MODIFIED:20240422T053451Z TZURL:https://www.tzurl.org/zoneinfo-outlook/America/Los_Angeles X-LIC-LOCATION:America/Los_Angeles BEGIN:DAYLIGHT TZNAME:PDT TZOFFSETFROM:-0800 TZOFFSETTO:-0700 DTSTART:19700308T02 RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=2SU END:DAYLIGHT BEGIN:STANDARD TZNAME:PST TZOFFSETFROM:-0700 TZOFFSETTO:-0800 DTSTART:19701101T02 RRULE:FREQ=YEARLY;BYMONTH=11;BYDAY=1SU END:STANDARD END:VTIMEZONE BEGIN:VEVENT X-GIOIDS:Event:2324061 UID:mlda.1580078539586725120.r...@groups.io DTSTAMP:20240508T153528Z ORGANIZER;CN=Liming Gao;SENT-BY="mailto:gaolim...@byosoft.com.cn":mailto: gaolim...@byosoft.com.cn DTSTART:20240509T003000Z DTEND:20240509T013000Z SUMMARY:TianoCore Bug Triage - APAC / NAMO DESCRIPTION:TianoCore Bug Triage - APAC / NAMO\n\nHosted by Liming Gao\n\ n \n\nMicrosoft Teams meeting\n\n*Join on your computer or mobile a pp*\n\nClick here to join the meeting ( https://teams.microsoft.com/l/mee tup-join/19%3ameeting_OTk1YzJhN2UtOGQwNi00NjY4LWEwMTktY2JiODRlYTY1NmY0%40 thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed7712e255 d%22%2c%22Oid%22%3a%226e4ce4c4-1242-431b-9a51-92cd01a5df3c%22%7d )\n\n*Jo in with a video conferencing device*\n\nte...@conf.intel.com\n\nVideo Con ference ID: 116 062 094 0\n\nAlternate VTC dialing instructions ( https:/ /conf.intel.com/teams/?conf=1160620940&ivr=teams&d=conf.intel.com&test=te st_call )\n\n*Or call in (audio only)*\n\n+1 916-245-6934\,\,77463821# ( tel:+19162456934\,\,77463821# ) United States\, Sacramento\n\nPhone Confe rence ID: 774 638 21#\n\nFind a local number ( https://dialin.teams.micro soft.com/d195d438-2daa-420e-b9ea-da26f9d1d6d5?id=77463821 ) | Reset PIN ( https://mysettings.lync.com/pstnconferencing )\n\nLearn More ( https://a ka.ms/JoinTeamsMeeting ) | Meeting options ( https://teams.microsoft.com/ meetingOptions/?organizerId=b286b53a-1218-4db3-bfc9-3d4c5aa7669e&tenantId =46c98d88-e344-4ed4-8496-4ed7712e255d&threadId=19_meeting_OTUyZTg2NjgtNDh lNS00ODVlLTllYTUtYzg1OTNjNjdiZjFh@thread.v2&messageId=0&language=en-US ) LOCATION:https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTk1YzJhN 2UtOGQwNi00NjY4LWEwMTktY2JiODRlYTY1NmY0%40thread.v2/0?context=%7b%22Tid%2 2%3a%2246c98d88-e344-4ed4-8496-4ed7712e255d%22%2c%22Oid%22%3a%226e4ce4c4- 1242-431b-9a51-92cd01a5df3c%22%7d SEQUENCE:1 STATUS:CANCELLED END:VEVENT END:VCALENDAR invite.ics Description: application/ics
[edk2-devel] [PATCH v1 11/14] MdePkg: : Add MockUefiBootServicesTableLib
From: Doug Flick This commit adds a mock library for UefiBootServicesTableLib. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Signed-off-by: Doug Flick [MSFT] --- MdePkg/Test/MdePkgHostTest.dsc | 1 + MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf | 32 MdePkg/Test/Mock/Include/GoogleTest/Library/MockUefiBootServicesTableLib.h | 78 MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.cpp | 69 + 4 files changed, 180 insertions(+) diff --git a/MdePkg/Test/MdePkgHostTest.dsc b/MdePkg/Test/MdePkgHostTest.dsc index e36b7c55..6a85d02236a0 100644 --- a/MdePkg/Test/MdePkgHostTest.dsc +++ b/MdePkg/Test/MdePkgHostTest.dsc @@ -43,6 +43,7 @@ [Components] MdePkg/Library/BaseLib/UnitTestHostBaseLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockUefiLib/MockUefiLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockUefiRuntimeServicesTableLib/MockUefiRuntimeServicesTableLib.inf + MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockPeiServicesLib/MockPeiServicesLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockHobLib/MockHobLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockFdtLib/MockFdtLib.inf diff --git a/MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf b/MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf new file mode 100644 index ..8b64fd195acd --- /dev/null +++ b/MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf @@ -0,0 +1,32 @@ +## @file +# Mock implementation of the UEFI Boot Services Table Library. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION= 0x00010005 + BASE_NAME = MockUefiBootServicesTableLib + FILE_GUID = 67EA4614-E276-49EC-9AE6-B97ACCEA676E + MODULE_TYPE= HOST_APPLICATION + VERSION_STRING = 1.0 + LIBRARY_CLASS = UefiBootServicesTableLib|HOST_APPLICATION + +# +# VALID_ARCHITECTURES = IA32 X64 EBC +# + +[Sources] + MockUefiBootServicesTableLib.cpp + +[LibraryClasses] + GoogleTestLib + +[Packages] + MdePkg/MdePkg.dec + UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec + +[BuildOptions] + MSFT:*_*_*_CC_FLAGS = /EHsc diff --git a/MdePkg/Test/Mock/Include/GoogleTest/Library/MockUefiBootServicesTableLib.h b/MdePkg/Test/Mock/Include/GoogleTest/Library/MockUefiBootServicesTableLib.h new file mode 100644 index ..d72b941323c1 --- /dev/null +++ b/MdePkg/Test/Mock/Include/GoogleTest/Library/MockUefiBootServicesTableLib.h @@ -0,0 +1,78 @@ +/** @file + Google Test mocks for UefiBootServicesTableLib + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef MOCK_UEFI_BOOT_SERVICES_TABLE_LIB_H_ +#define MOCK_UEFI_BOOT_SERVICES_TABLE_LIB_H_ + +#include +#include +extern "C" { + #include + #include +} + +// +// Declarations to handle usage of the UefiBootServiceTableLib by creating mock +// +struct MockUefiBootServicesTableLib { + MOCK_INTERFACE_DECLARATION (MockUefiBootServicesTableLib); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +gBS_GetMemoryMap, +(IN OUT UINTN *MemoryMapSize, + OUTEFI_MEMORY_DESCRIPTOR *MemoryMap, + OUTUINTN *MapKey, + OUTUINTN *DescriptorSize, + OUTUINT32*DescriptorVersion) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +gBS_CreateEvent, +(IN UINT32 Type, + IN EFI_TPL NotifyTpl, + IN EFI_EVENT_NOTIFY NotifyFunction, + IN VOID *NotifyContext, + OUT EFI_EVENT*Event) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +gBS_CloseEvent, +(IN EFI_EVENT Event) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +gBS_HandleProtocol, +(IN EFI_HANDLE Handle, + IN EFI_GUID *Protocol, + OUT VOID **Interface) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +gBS_LocateProtocol, +(IN EFI_GUID *Protocol, + IN VOID *Registration OPTIONAL, + OUT VOID **Interface) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +gBS_CreateEventEx, +(IN UINT32Type, + IN EFI_TPL NotifyTpl, + IN EFI_EVENT_NOTIFY NotifyFunction OPTIONAL, + IN CONST VOID*NotifyContext OPTIONAL, + IN CONST EFI_GUID*EventGroup OPTIONAL, + OUT EFI_EVENT*Event) +); +}; + +#endif // MOCK_UEFI_BOOT_SERVICES_TABLE_LIB_H_ diff --git a/Md
[edk2-devel] [PATCH v1 06/14] ArmVirtPkg: : Add Hash2DxeCrypto to ArmVirtPkg
This patch adds Hash2DxeCrypto to ArmVirtPkg. The Hash2DxeCrypto is used to provide the hashing protocol services. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Sami Mujawar Cc: Gerd Hoffmann Signed-off-by: Doug Flick [MSFT] --- ArmVirtPkg/ArmVirtQemu.dsc | 5 + ArmVirtPkg/ArmVirtQemuKernel.dsc | 5 + ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 5 + 3 files changed, 15 insertions(+) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index f6f78359552d..36cb9bd329e7 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -554,6 +554,11 @@ [Components.common] MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf + # + # Hash2 Protocol Support + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # TPM2 support # diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc index 668a65ba648f..57aa2b1d1bad 100644 --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc @@ -461,6 +461,11 @@ [Components.common] MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf + # + # Hash2 Protocol Support + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # ACPI Support # diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc index c5d097ffb935..80d420023e6c 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc @@ -177,6 +177,11 @@ [FV.FvMain] INF MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf + # + # Hash2 Protocol producer + # + INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # TPM2 support # -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118679): https://edk2.groups.io/g/devel/message/118679 Mute This Topic: https://groups.io/mt/105983245/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v1 14/14] NetworkPkg: Update the PxeBcDhcp6GoogleTest due to underlying changes
From: Doug Flick This patch updates the PxeBcDhcp6GoogleTest due to the changes in the underlying code. The changes are as follows: - Random now comes from the RngLib Protocol - The TCP ISN is now generated by the hash function Cc: Saloni Kasbekar Cc: Zachary Clark-williams Signed-off-by: Doug Flick [MSFT] --- NetworkPkg/Test/NetworkPkgHostTest.dsc| 1 + NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf | 3 +- NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp | 102 +++- 3 files changed, 100 insertions(+), 6 deletions(-) diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc index fa301a7a52ab..1772afb05815 100644 --- a/NetworkPkg/Test/NetworkPkgHostTest.dsc +++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc @@ -30,6 +30,7 @@ [Components] NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf { UefiRuntimeServicesTableLib|MdePkg/Test/Mock/Library/GoogleTest/MockUefiRuntimeServicesTableLib/MockUefiRuntimeServicesTableLib.inf + UefiBootServicesTableLib|MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf } # Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests. diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf index 301dcdf61109..8b092d9291d4 100644 --- a/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf +++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf @@ -14,7 +14,7 @@ [Defines] # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 +# VALID_ARCHITECTURES = IA32 X64 AARCH64 # [Sources] @@ -23,6 +23,7 @@ [Sources] PxeBcDhcp6GoogleTest.h ../PxeBcDhcp6.c ../PxeBcSupport.c + ../../../MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockRng.cpp [Packages] MdePkg/MdePkg.dec diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp index bd423ebadfce..61736ff79e83 100644 --- a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp +++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp @@ -7,6 +7,8 @@ #include #include #include +#include +#include extern "C" { #include @@ -165,7 +167,7 @@ protected: // Note: // Testing PxeBcHandleDhcp6Offer() is difficult because it depends on a // properly setup Private structure. Attempting to properly test this function -// without a signficant refactor is a fools errand. Instead, we will test +// without a significant refactor is a fools errand. Instead, we will test // that we can prevent an overflow in the function. TEST_F (PxeBcHandleDhcp6OfferTest, BasicUsageTest) { PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL; @@ -238,6 +240,7 @@ TEST_F (PxeBcCacheDnsServerAddressesTest, BasicUsageTest) { FreePool (Option); } } + // Test Description // Test that we can prevent an overflow in the function TEST_F (PxeBcCacheDnsServerAddressesTest, AttemptOverflowTest) { @@ -470,10 +473,15 @@ TEST_F (PxeBcRequestBootServiceTest, AttemptRequestOverFlowExpectFailure) { class PxeBcDhcp6DiscoverTest : public ::testing::Test { public: PXEBC_PRIVATE_DATA Private = { 0 }; + // create a mock md5 hash + UINT8 Md5Hash[16] = { 0 }; + EFI_UDP6_PROTOCOL Udp6Read; protected: MockUefiRuntimeServicesTableLib RtServicesMock; + MockUefiBootServicesTableLib BsMock; + MockRng RngMock; // Add any setup code if needed virtual void @@ -527,8 +535,21 @@ TEST_F (PxeBcDhcp6DiscoverTest, BasicOverflowTest) { Private.Dhcp6Request->Length = (UINT16)(Cursor - (UINT8 *)Private.Dhcp6Request); - EXPECT_CALL (RtServicesMock, gRT_GetTime) -.WillOnce (::testing::Return (0)); + EXPECT_CALL (BsMock, gBS_LocateProtocol) +.WillOnce ( + ::testing::DoAll ( +::testing::SetArgPointee<2> (::testing::ByRef (gRngProtocol)), +::testing::Return (EFI_SUCCESS) +) + ); + + EXPECT_CALL (RngMock, GetRng) +.WillOnce ( + ::testing::DoAll ( +::testing::SetArgPointee<3> (::testing::ByRef (Md5Hash[0])), +::testing::Return (EFI_SUCCESS) +) + ); ASSERT_EQ ( PxeBcDhcp6Discover ( @@ -558,8 +579,21 @@ TEST_F (PxeBcDhcp6DiscoverTest, BasicUsageTest) { Private.Dhcp6Request->Length = (UINT16)(Cursor - (UINT8 *)Private.Dhcp6Request); - EXPECT_CALL (RtServicesMock, gRT_GetTime) -.WillOnce (::testing::Return (0)); + EXPECT_CALL (BsMock, gBS_LocateProtocol) +.WillOnce ( + ::testing::DoAll ( +::testing::SetArgPointee<2> (::testing::ByRef (gRngProtocol)), +::testing::Return (EFI_SUCCESS) +
[edk2-devel] [PATCH v1 13/14] MdePkg: Add MockHash2 Protocol for testing
From: Doug Flick This commit adds a new MockHash2 protocol to the MdePkg. This protocol is used to test Hash2 protocol consumers. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Signed-off-by: Doug Flick [MSFT] --- MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockHash2.h | 67 MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockHash2.cpp | 27 2 files changed, 94 insertions(+) diff --git a/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockHash2.h b/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockHash2.h new file mode 100644 index ..b44d341332dc --- /dev/null +++ b/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockHash2.h @@ -0,0 +1,67 @@ +/** @file + This file declares a mock of Hash2 Protocol. + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef MOCK_HASH2_H_ +#define MOCK_HASH2_H_ + +#include +#include + +extern "C" { + #include + #include +} + +struct MockHash2 { + MOCK_INTERFACE_DECLARATION (MockHash2); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +GetHashSize, +(IN CONST EFI_HASH2_PROTOCOL *This, + IN CONST EFI_GUID*HashAlgorithm, + OUT UINTN*HashSize) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +Hash, +(IN CONST EFI_HASH2_PROTOCOL *This, + IN CONST EFI_GUID*HashAlgorithm, + IN CONST UINT8 *Message, + IN UINTN MessageSize, + IN OUT EFI_HASH2_OUTPUT *Hash) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +HashInit, +(IN CONST EFI_HASH2_PROTOCOL *This, + IN CONST EFI_GUID*HashAlgorithm) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +HashUpdate, +(IN CONST EFI_HASH2_PROTOCOL *This, + IN CONST UINT8 *Message, + IN UINTN MessageSize) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +HashFinal, +(IN CONST EFI_HASH2_PROTOCOL *This, + IN OUT EFI_HASH2_OUTPUT *Hash) +); +}; + +extern "C" { + extern EFI_HASH2_PROTOCOL *gHash2Protocol; +} + +#endif // MOCK_HASH2_H_ diff --git a/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockHash2.cpp b/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockHash2.cpp new file mode 100644 index ..5cf94c43b4a5 --- /dev/null +++ b/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockHash2.cpp @@ -0,0 +1,27 @@ +/** @file MockHash2.cpp + Google Test mock for Hash2 Protocol + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +MOCK_INTERFACE_DEFINITION (MockHash2); +MOCK_FUNCTION_DEFINITION (MockHash2, GetHashSize, 3, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockHash2, Hash, 5, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockHash2, HashInit, 2, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockHash2, HashUpdate, 3, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockHash2, HashFinal, 2, EFIAPI); + +EFI_HASH2_PROTOCOL HASH2_PROTOCOL_INSTANCE = { + GetHashSize, // EFI_HASH2_GET_HASH_SIZE + Hash,// EFI_HASH2_HASH + HashInit,// EFI_HASH2_HASH_INIT + HashUpdate, // EFI_HASH2_HASH_UPDATE + HashFinal// EFI_HASH2_HASH_FINAL +}; + +extern "C" { + EFI_HASH2_PROTOCOL *gHash2Protocol = &HASH2_PROTOCOL_INSTANCE; +} -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118686): https://edk2.groups.io/g/devel/message/118686 Mute This Topic: https://groups.io/mt/105983253/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v1 07/14] NetworkPkg:: SECURITY PATCH CVE-2023-45237
From: Doug Flick REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4542 Bug Overview: PixieFail Bug #9 CVE-2023-45237 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Use of a Weak PseudoRandom Number Generator Change Overview: Updates all Instances of NET_RANDOM (NetRandomInitSeed ()) to either > > EFI_STATUS > EFIAPI > PseudoRandomU32 ( > OUT UINT32 *Output > ); > or (depending on the use case) > > EFI_STATUS > EFIAPI > PseudoRandom ( > OUT VOID *Output, > IN UINTN OutputLength > ); > This is because the use of Example: The following code snippet PseudoRandomU32 () function is used: > > UINT32 Random; > > Status = PseudoRandomU32 (&Random); > if (EFI_ERROR (Status)) { > DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); > return Status; > } > This also introduces a new PCD to enable/disable the use of the NIST SP-800-90 approved algorithms for PseudoRandom () and instead depend on the default implementation. This may be required for some platforms where the UEFI Spec defined algorithms are not available. > > PcdEnforceSecureRngAlgorithms > If the platform does not have the NIST SP-800-90 approved algorithms then the driver will assert. Cc: Saloni Kasbekar Cc: Zachary Clark-williams Signed-off-by: Doug Flick [MSFT] --- NetworkPkg/NetworkPkg.dec | 7 ++ NetworkPkg/Library/DxeNetLib/DxeNetLib.inf | 12 +- NetworkPkg/TcpDxe/TcpDxe.inf | 3 + NetworkPkg/IScsiDxe/IScsiMisc.h| 6 +- NetworkPkg/Include/Library/NetLib.h| 40 -- NetworkPkg/Ip6Dxe/Ip6Nd.h | 8 +- NetworkPkg/Dhcp4Dxe/Dhcp4Driver.c | 10 +- NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c | 11 +- NetworkPkg/DnsDxe/DnsDhcp.c| 10 +- NetworkPkg/DnsDxe/DnsImpl.c| 11 +- NetworkPkg/HttpBootDxe/HttpBootDhcp6.c | 10 +- NetworkPkg/IScsiDxe/IScsiCHAP.c| 19 ++- NetworkPkg/IScsiDxe/IScsiMisc.c| 14 +-- NetworkPkg/Ip4Dxe/Ip4Driver.c | 10 +- NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c | 9 +- NetworkPkg/Ip6Dxe/Ip6Driver.c | 17 ++- NetworkPkg/Ip6Dxe/Ip6If.c | 12 +- NetworkPkg/Ip6Dxe/Ip6Mld.c | 12 +- NetworkPkg/Ip6Dxe/Ip6Nd.c | 33 - NetworkPkg/Library/DxeNetLib/DxeNetLib.c | 129 +--- NetworkPkg/TcpDxe/TcpDriver.c | 15 ++- NetworkPkg/Udp4Dxe/Udp4Driver.c| 10 +- NetworkPkg/Udp6Dxe/Udp6Driver.c| 11 +- NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.c | 9 +- NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c | 11 +- NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c | 12 +- NetworkPkg/SecurityFixes.yaml | 39 ++ 27 files changed, 407 insertions(+), 83 deletions(-) diff --git a/NetworkPkg/NetworkPkg.dec b/NetworkPkg/NetworkPkg.dec index e06f35e7747c..7c4289b77b21 100644 --- a/NetworkPkg/NetworkPkg.dec +++ b/NetworkPkg/NetworkPkg.dec @@ -5,6 +5,7 @@ # # Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved. # (C) Copyright 2015-2020 Hewlett Packard Enterprise Development LP +# Copyright (c) Microsoft Corporation # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -130,6 +131,12 @@ [PcdsFixedAtBuild, PcdsPatchableInModule] # @Prompt Indicates whether SnpDxe creates event for ExitBootServices() call. gEfiNetworkPkgTokenSpaceGuid.PcdSnpCreateExitBootServicesEvent|TRUE|BOOLEAN|0x100C + ## Enforces the use of Secure UEFI spec defined RNG algorithms for all network connections. + # TRUE - Enforce the use of Secure UEFI spec defined RNG algorithms. + # FALSE - Do not enforce and depend on the default implementation of RNG algorithm from the provider. + # @Prompt Enforce the use of Secure UEFI spec defined RNG algorithms. + gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|TRUE|BOOLEAN|0x100D + [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] ## IPv6 DHCP Unique Identifier (DUID) Type configuration (From RFCs 3315 and 6355). # 01 = DUID Based on Link-layer Address Plus Time [DUID-LLT] diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf index 8145d256ec10..56e3c3c58540 100644 --- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf +++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf @@ -3,6 +3,7 @@ # # Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved. # (C) Copyright 2015 Hewlett Packard Enterprise Development LP +# Copyright (c) Microsoft Corporation # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -49,7 +50,9 @@ [Guids] gEfiSmbiosTableGuid ## SOMETIMES_CONSUMES ## SystemTable gEfiSmbios3TableGuid ## SOMETIMES_CONSUMES ## SystemTable gEfiAdapterInfoMediaStateGuid ## SOMETIMES_CONSUMES - +
[edk2-devel] [PATCH v1 12/14] MdePkg: : Adds Protocol for MockRng
From: Doug Flick This patch adds a protocol for MockRng. This protocol is used to mock the Rng protocol for testing purposes. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Signed-off-by: Doug Flick [MSFT] --- MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockRng.h | 48 MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockRng.cpp | 21 + 2 files changed, 69 insertions(+) diff --git a/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockRng.h b/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockRng.h new file mode 100644 index ..b54f8a234b2f --- /dev/null +++ b/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockRng.h @@ -0,0 +1,48 @@ +/** @file + This file declares a mock of Rng Protocol. + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef MOCK_RNG_H_ +#define MOCK_RNG_H_ + +#include +#include + +extern "C" { + #include + #include +} + +struct MockRng { + MOCK_INTERFACE_DECLARATION (MockRng); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +GetInfo, +( + IN EFI_RNG_PROTOCOL *This, + IN OUT UINTN*RNGAlgorithmListSize, + OUT EFI_RNG_ALGORITHM *RNGAlgorithmList +) +); + + MOCK_FUNCTION_DECLARATION ( +EFI_STATUS, +GetRng, +( + IN EFI_RNG_PROTOCOL*This, + IN EFI_RNG_ALGORITHM *RNGAlgorithm, + IN UINTN RNGValueLength, + OUT UINT8 *RNGValue +) +); +}; + +extern "C" { + extern EFI_RNG_PROTOCOL *gRngProtocol; +} + +#endif // MOCK_RNG_H_ diff --git a/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockRng.cpp b/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockRng.cpp new file mode 100644 index ..7d8b69cc8673 --- /dev/null +++ b/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockRng.cpp @@ -0,0 +1,21 @@ +/** @file MockRng.cpp + Google Test mock for Rng Protocol + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +MOCK_INTERFACE_DEFINITION (MockRng); +MOCK_FUNCTION_DEFINITION (MockRng, GetInfo, 3, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockRng, GetRng, 4, EFIAPI); + +EFI_RNG_PROTOCOL RNG_PROTOCOL_INSTANCE = { + GetInfo, // EFI_RNG_GET_INFO + GetRng // EFI_RNG_GET_RNG +}; + +extern "C" { + EFI_RNG_PROTOCOL *gRngProtocol = &RNG_PROTOCOL_INSTANCE; +} -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118685): https://edk2.groups.io/g/devel/message/118685 Mute This Topic: https://groups.io/mt/105983252/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v1 09/14] OvmfPkg: Disable NIST Algorithms NetworkPkg
This commit disables enforcement of NIST defined RNG algorithms. Such that NetworkPkg will accept "Default" and depend on the platform. Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Gerd Hoffmann Signed-off-by: Doug Flick [MSFT] --- OvmfPkg/OvmfPkgIa32.dsc| 7 +++ OvmfPkg/OvmfPkgIa32X64.dsc | 9 + OvmfPkg/OvmfPkgX64.dsc | 7 +++ OvmfPkg/OvmfXen.dsc| 7 +++ 4 files changed, 30 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 7d7729e07729..080d1a93a0ee 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -571,6 +571,13 @@ [PcdsFixedAtBuild] # !include NetworkPkg/NetworkPcds.dsc.inc + # + # Platforms may not support the EDK2 Standard NIST Algorithms + # This Pcd allows for platform to override the attempt to use the NIST Algorithms + # and falls back to default such that the platform can own the Rng Algorithm + # + gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|FALSE + gEfiShellPkgTokenSpaceGuid.PcdShellFileOperationSize|0x2 !if $(SMM_REQUIRE) == TRUE diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 1e924ccc5eb4..d62f9ea3fa69 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -571,6 +571,8 @@ [PcdsFixedAtBuild] # gUefiCpuPkgTokenSpaceGuid.PcdFirstTimeWakeUpAPsBySipi|FALSE + + [PcdsFixedAtBuild.IA32] # # The NumberOfPages values below are ad-hoc. They are updated sporadically at @@ -590,6 +592,13 @@ [PcdsFixedAtBuild.X64] # !include NetworkPkg/NetworkPcds.dsc.inc + # + # Platforms may not support the EDK2 Standard NIST Algorithms + # This Pcd allows for platform to override the attempt to use the NIST Algorithms + # and falls back to default such that the platform can own the Rng Algorithm + # + gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|FALSE + gEfiShellPkgTokenSpaceGuid.PcdShellFileOperationSize|0x2 !if $(SMM_REQUIRE) == TRUE diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 3637b967b139..761c86f73a6b 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -601,6 +601,13 @@ [PcdsFixedAtBuild] # !include NetworkPkg/NetworkPcds.dsc.inc + # + # Platforms may not support the EDK2 Standard NIST Algorithms + # This Pcd allows for platform to override the attempt to use the NIST Algorithms + # and falls back to default such that the platform can own the Rng Algorithm + # + gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|FALSE + gEfiShellPkgTokenSpaceGuid.PcdShellFileOperationSize|0x2 !if $(SMM_REQUIRE) == TRUE diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index 7fc340d1c1df..0b2dac0cdaef 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -443,6 +443,13 @@ [PcdsFixedAtBuild] # !include NetworkPkg/NetworkPcds.dsc.inc + # + # Platforms may not support the EDK2 Standard NIST Algorithms + # This Pcd allows for platform to override the attempt to use the NIST Algorithms + # and falls back to default such that the platform can own the Rng Algorithm + # + gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|FALSE + !ifdef $(DEBUG_ON_HYPERVISOR_CONSOLE) ## Set Xen's debug IO port for PlatformDebugLibIoPort gUefiOvmfPkgTokenSpaceGuid.PcdDebugIoPort|0xe9 -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118682): https://edk2.groups.io/g/devel/message/118682 Mute This Topic: https://groups.io/mt/105983248/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v1 08/14] NetworkPkg: TcpDxe: SECURITY PATCH CVE-2023-45236
From: Doug Flick REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4541 REF: https://www.rfc-editor.org/rfc/rfc1948.txt REF: https://www.rfc-editor.org/rfc/rfc6528.txt REF: https://www.rfc-editor.org/rfc/rfc9293.txt Bug Overview: PixieFail Bug #8 CVE-2023-45236 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Updates TCP ISN generation to use a cryptographic hash of the connection's identifying parameters and a secret key. This prevents an attacker from guessing the ISN used for some other connection. This is follows the guidance in RFC 1948, RFC 6528, and RFC 9293. RFC: 9293 Section 3.4.1. Initial Sequence Number Selection A TCP implementation MUST use the above type of "clock" for clock- driven selection of initial sequence numbers (MUST-8), and SHOULD generate its initial sequence numbers with the expression: ISN = M + F(localip, localport, remoteip, remoteport, secretkey) where M is the 4 microsecond timer, and F() is a pseudorandom function (PRF) of the connection's identifying parameters ("localip, localport, remoteip, remoteport") and a secret key ("secretkey") (SHLD-1). F() MUST NOT be computable from the outside (MUST-9), or an attacker could still guess at sequence numbers from the ISN used for some other connection. The PRF could be implemented as a cryptographic hash of the concatenation of the TCP connection parameters and some secret data. For discussion of the selection of a specific hash algorithm and management of the secret key data, please see Section 3 of [42]. For each connection there is a send sequence number and a receive sequence number. The initial send sequence number (ISS) is chosen by the data sending TCP peer, and the initial receive sequence number (IRS) is learned during the connection-establishing procedure. For a connection to be established or initialized, the two TCP peers must synchronize on each other's initial sequence numbers. This is done in an exchange of connection-establishing segments carrying a control bit called "SYN" (for synchronize) and the initial sequence numbers. As a shorthand, segments carrying the SYN bit are also called "SYNs". Hence, the solution requires a suitable mechanism for picking an initial sequence number and a slightly involved handshake to exchange the ISNs. Cc: Saloni Kasbekar Cc: Zachary Clark-williams Signed-off-by: Doug Flick [MSFT] --- NetworkPkg/TcpDxe/TcpDxe.inf | 8 +- NetworkPkg/TcpDxe/TcpFunc.h | 23 +- NetworkPkg/TcpDxe/TcpMain.h | 59 - NetworkPkg/TcpDxe/TcpDriver.c | 92 +++- NetworkPkg/TcpDxe/TcpInput.c | 13 +- NetworkPkg/TcpDxe/TcpMisc.c | 242 ++-- NetworkPkg/TcpDxe/TcpTimer.c | 3 +- NetworkPkg/SecurityFixes.yaml | 22 ++ 8 files changed, 414 insertions(+), 48 deletions(-) diff --git a/NetworkPkg/TcpDxe/TcpDxe.inf b/NetworkPkg/TcpDxe/TcpDxe.inf index cf5423f4c537..76de4cf9ec3d 100644 --- a/NetworkPkg/TcpDxe/TcpDxe.inf +++ b/NetworkPkg/TcpDxe/TcpDxe.inf @@ -6,6 +6,7 @@ # stack has been loaded in system. This driver supports both IPv4 and IPv6 network stack. # # Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved. +# Copyright (c) Microsoft Corporation # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -68,7 +69,6 @@ [LibraryClasses] NetLib IpIoLib - [Protocols] ## SOMETIMES_CONSUMES ## SOMETIMES_PRODUCES @@ -81,6 +81,12 @@ [Protocols] gEfiIp6ServiceBindingProtocolGuid ## TO_START gEfiTcp6ProtocolGuid ## BY_START gEfiTcp6ServiceBindingProtocolGuid## BY_START + gEfiHash2ProtocolGuid ## BY_START + gEfiHash2ServiceBindingProtocolGuid ## BY_START + +[Guids] + gEfiHashAlgorithmMD5Guid ## CONSUMES + gEfiHashAlgorithmSha256Guid ## CONSUMES [Depex] gEfiHash2ServiceBindingProtocolGuid diff --git a/NetworkPkg/TcpDxe/TcpFunc.h b/NetworkPkg/TcpDxe/TcpFunc.h index a7af01fff246..c707bee3e548 100644 --- a/NetworkPkg/TcpDxe/TcpFunc.h +++ b/NetworkPkg/TcpDxe/TcpFunc.h @@ -2,7 +2,7 @@ Declaration of external functions shared in TCP driver. Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved. - + Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -36,8 +36,11 @@ VOID @param[in, out] Tcb Pointer to the TCP_CB of this TCP instance. + @retval EFI_SUCCESS The operation completed successfully + @retval others The underlying functions failed and could not complete the operation + **/ -VOID +EFI_STATUS TcpInitTcbLocal ( IN OUT TCP_CB *Tcb ); @@ -128,17 +131,6 @@ TcpCloneTcb ( IN TCP_CB *Tcb ); -/** - Compute an ISS to be used by a new connection. - - @return The result ISS. - -**/ -TCP_SEQNO -TcpGetIss ( - VOID - ); - /
[edk2-devel] [PATCH v1 10/14] ArmVirtPkg: : Disables NIST algorithms NetworkPkg
The NetworkPkg attempts to use the NIST Algorithms as defined in the EDK2 specification. If not available (or if so desired) the platform may choose to use "Default" and use what is provided by the platform. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Sami Mujawar Cc: Gerd Hoffmann Signed-off-by: Doug Flick [MSFT] --- ArmVirtPkg/ArmVirt.dsc.inc | 7 +++ 1 file changed, 7 insertions(+) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index 2bc6a29eb131..00e6b5b5d582 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -382,6 +382,13 @@ [PcdsFixedAtBuild.common] gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|TRUE + # + # Platforms may not support the EDK2 Standard NIST Algorithms + # This Pcd allows for platform to override the attempt to use the NIST Algorithms + # and falls back to default such that the platform can own the Rng Algorithm + # + gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|FALSE + [Components.common] # # Ramdisk support -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118683): https://edk2.groups.io/g/devel/message/118683 Mute This Topic: https://groups.io/mt/105983249/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v1 04/14] OvmfPkg: : Add Hash2DxeCrypto to OvmfPkg
From: Doug Flick This patch adds Hash2DxeCrypto to OvmfPkg. The Hash2DxeCrypto is used to provide the hashing protocol services. Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Gerd Hoffmann Signed-off-by: Doug Flick [MSFT] --- OvmfPkg/OvmfPkgIa32.dsc| 6 +- OvmfPkg/OvmfPkgIa32X64.dsc | 6 +- OvmfPkg/OvmfPkgX64.dsc | 6 +- OvmfPkg/OvmfXen.dsc| 5 + OvmfPkg/OvmfPkgIa32.fdf| 5 + OvmfPkg/OvmfPkgIa32X64.fdf | 5 + OvmfPkg/OvmfPkgX64.fdf | 5 + OvmfPkg/OvmfXen.fdf| 5 + 8 files changed, 40 insertions(+), 3 deletions(-) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 9db3ebd0e722..7d7729e07729 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -228,7 +228,6 @@ [LibraryClasses] VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf - # # Network libraries # @@ -857,6 +856,11 @@ [Components] MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network Support # diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 43378122925b..1e924ccc5eb4 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -233,7 +233,6 @@ [LibraryClasses] VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf - # # Network libraries # @@ -871,6 +870,11 @@ [Components.X64] MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network Support # diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 157ae6c0e4b0..3637b967b139 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -249,7 +249,6 @@ [LibraryClasses] VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf - # # Network libraries # @@ -939,6 +938,11 @@ [Components] MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network Support # diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index fa1a570e746a..7fc340d1c1df 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -667,6 +667,11 @@ [Components] MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network Support # diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index 6eb26f7d4613..0d4abb50a8f7 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -295,6 +295,11 @@ [FV.DXEFV] INF MdeModulePkg/Logo/LogoDxe.inf +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network modules # diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index 080784f722a7..23a825a01298 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -296,6 +296,11 @@ [FV.DXEFV] INF MdeModulePkg/Logo/LogoDxe.inf +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network modules # diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index c2d3cc901e94..16c7a2b0a132 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -326,6 +326,11 @@ [FV.DXEFV] INF OvmfPkg/TdxDxe/TdxDxe.inf +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network modules # diff --git a/OvmfPkg/OvmfXen.fdf b/OvmfPkg/OvmfXen.fdf index 5770b173168b..41368f37e254 100644 --- a/OvmfPkg/OvmfXen.fdf +++ b/OvmfPkg/OvmfXen.fdf @@ -314,6 +314,11 @@ [FV.DXEFV] INF MdeModulePkg/Logo/LogoDxe.inf +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network modules # -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118677): https://edk2.groups.io/g/devel/message/118677 Mute This Topic: https://groups.io/mt/105983242/21656 Group Owner: devel+ow...
[edk2-devel] [PATCH v1 05/14] ArmVirtPkg:PlatformCI: Support virtio-rng-pci
This patch adds "virtio-rng-pci" to the PlatformBuildLib.py This adds Rng services to the guest VM Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Sami Mujawar Cc: Gerd Hoffmann Signed-off-by: Doug Flick [MSFT] --- ArmVirtPkg/PlatformCI/PlatformBuildLib.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ArmVirtPkg/PlatformCI/PlatformBuildLib.py b/ArmVirtPkg/PlatformCI/PlatformBuildLib.py index 0ddaccf9c21f..3abab0914127 100644 --- a/ArmVirtPkg/PlatformCI/PlatformBuildLib.py +++ b/ArmVirtPkg/PlatformCI/PlatformBuildLib.py @@ -240,6 +240,8 @@ class PlatformBuilder(UefiBuilder, BuildSettingsManager): args += " -serial stdio" # Mount disk with startup.nsh args += f" -drive file=fat:rw:{VirtualDrive},format=raw,media=disk" +# Provides Rng services to the Guest VM +args += " -device virtio-rng-pci" # Conditional Args if (self.env.GetValue("QEMU_HEADLESS").upper() == "TRUE"): -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118678): https://edk2.groups.io/g/devel/message/118678 Mute This Topic: https://groups.io/mt/105983244/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v1 02/14] EmulatorPkg: : Add Hash2DxeCrypto to EmulatorPkg
From: Doug Flick This patch adds Hash2DxeCrypto to EmulatorPkg. The Hash2DxeCrypto is used to provide the hashing protocol services. Cc: Andrew Fish Cc: Ray Ni Signed-off-by: Doug Flick [MSFT] --- EmulatorPkg/EmulatorPkg.dsc | 9 +++-- EmulatorPkg/EmulatorPkg.fdf | 5 + 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/EmulatorPkg/EmulatorPkg.dsc b/EmulatorPkg/EmulatorPkg.dsc index 0a66294cb768..1c356bc8c732 100644 --- a/EmulatorPkg/EmulatorPkg.dsc +++ b/EmulatorPkg/EmulatorPkg.dsc @@ -128,10 +128,11 @@ [LibraryClasses] FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf ImagePropertiesRecordLib|MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.inf RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf - -!if $(SECURE_BOOT_ENABLE) == TRUE IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + +!if $(SECURE_BOOT_ENABLE) == TRUE PlatformSecureLib|SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf @@ -402,6 +403,10 @@ [Components] # Rng Protocol producer # SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf !if $(SECURE_BOOT_ENABLE) == TRUE SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf diff --git a/EmulatorPkg/EmulatorPkg.fdf b/EmulatorPkg/EmulatorPkg.fdf index d756c144d94d..73d5b0068d3f 100644 --- a/EmulatorPkg/EmulatorPkg.fdf +++ b/EmulatorPkg/EmulatorPkg.fdf @@ -198,6 +198,11 @@ [FV.FvRecovery] # INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Secure Boot Key Enroll # -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118675): https://edk2.groups.io/g/devel/message/118675 Mute This Topic: https://groups.io/mt/105983240/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v1 03/14] OvmfPkg:PlatformCI: Support virtio-rng-pci
This patch adds "virtio-rng-pci" to the PlatformBuildLib.py This adds Rng services to the guest VM Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Gerd Hoffmann Signed-off-by: Doug Flick [MSFT] --- OvmfPkg/PlatformCI/PlatformBuildLib.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/OvmfPkg/PlatformCI/PlatformBuildLib.py b/OvmfPkg/PlatformCI/PlatformBuildLib.py index 00d454954bff..3fe80f5c1caa 100644 --- a/OvmfPkg/PlatformCI/PlatformBuildLib.py +++ b/OvmfPkg/PlatformCI/PlatformBuildLib.py @@ -208,6 +208,8 @@ class PlatformBuilder( UefiBuilder, BuildSettingsManager): args += " -net none"# turn off network args += " -smp 4" args += f" -drive file=fat:rw:{VirtualDrive},format=raw,media=disk" # Mount disk with startup.nsh +# Provides Rng services to the Guest VM +args += " -device virtio-rng-pci" if (self.env.GetValue("QEMU_HEADLESS").upper() == "TRUE"): args += " -display none" # no graphics -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118676): https://edk2.groups.io/g/devel/message/118676 Mute This Topic: https://groups.io/mt/105983241/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v1 00/14] NetworkPkg: CVE-2023-45236 and CVE-2023-45237
REF:https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html This patch series patches the following CVEs: - CVE-2023-45236: Predictable TCP Initial Sequence Numbers - CVE-2023-45237: Use of a Weak PseudoRandom Number Generator In order to patch these CVEs, the following changes were made: - NetworkPkg no longer performs it's own random number generation, instead it uses EFI_RNG_PROTOCOL provided by the plaform to generate random numbers. - This change was made such that any future random number generation vulnerabilities will be a result of the platforms implementation of the EFI_RNG_PROTOCOL and not the NetworkPkg - NetworkPkg uses the TCP initial sequence number algorithm as described in RFC 6528 to generate the initial sequence number for TCP connections. - This change was made to ensure that the initial sequence number is not predictable and therefore cannot be used in a TCP hijacking attack. In addition to the above changes, the following changes were made: - EmulatorPkg OvmfPkg, and ArmVirtPkg were updated to include the Hash2DxeCrypto driver to support TCP ISN generation using EFI_HASH2_PROTOCOL - EmulatorPkg was updated to include the RngDxe driver to support random number generation using the EFI_RNG_PROTOCOL - OvmfPkg, and ArmVirtPkg were updated to include the virtio-rng-pci device to support random number generation using the EFI_RNG_PROTOCOL using the existing VirtioRngDxe driver - ArmVirtPkg and OvmfPkg were updated to disable the NIST algorithms in the NetworkPkg due to the driver only supporting EFI_RNG_ALGORITHM - MdePkg was updated to include MockUefiBootServicesTableLib, MockRng, and MockHash2 protocols for testing - NetworkPkg was updated to include a test for the PxeBcDhcp6 driver due to underlying changes Cc: Liming Gao Signed-off-by: Doug Flick [MSFT] Doug Flick (14): EmulatorPkg: : Add RngDxe to EmulatorPkg EmulatorPkg: : Add Hash2DxeCrypto to EmulatorPkg OvmfPkg:PlatformCI: Support virtio-rng-pci OvmfPkg: : Add Hash2DxeCrypto to OvmfPkg ArmVirtPkg:PlatformCI: Support virtio-rng-pci ArmVirtPkg: : Add Hash2DxeCrypto to ArmVirtPkg NetworkPkg:: SECURITY PATCH CVE-2023-45237 NetworkPkg: TcpDxe: SECURITY PATCH CVE-2023-45236 OvmfPkg: Disable NIST Algorithms NetworkPkg ArmVirtPkg: : Disables NIST algorithms NetworkPkg MdePkg: : Add MockUefiBootServicesTableLib MdePkg: : Adds Protocol for MockRng MdePkg: Add MockHash2 Protocol for testing NetworkPkg: Update the PxeBcDhcp6GoogleTest due to underlying changes NetworkPkg/NetworkPkg.dec | 7 + ArmVirtPkg/ArmVirt.dsc.inc | 7 + ArmVirtPkg/ArmVirtQemu.dsc | 5 + ArmVirtPkg/ArmVirtQemuKernel.dsc | 5 + EmulatorPkg/EmulatorPkg.dsc | 14 +- MdePkg/Test/MdePkgHostTest.dsc | 1 + NetworkPkg/Test/NetworkPkgHostTest.dsc | 1 + OvmfPkg/OvmfPkgIa32.dsc | 13 +- OvmfPkg/OvmfPkgIa32X64.dsc | 15 +- OvmfPkg/OvmfPkgX64.dsc | 13 +- OvmfPkg/OvmfXen.dsc | 12 + EmulatorPkg/EmulatorPkg.fdf | 11 +- OvmfPkg/OvmfPkgIa32.fdf | 5 + OvmfPkg/OvmfPkgIa32X64.fdf | 5 + OvmfPkg/OvmfPkgX64.fdf | 5 + OvmfPkg/OvmfXen.fdf | 5 + MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf | 32 +++ NetworkPkg/Library/DxeNetLib/DxeNetLib.inf | 12 +- NetworkPkg/TcpDxe/TcpDxe.inf | 11 +- NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf | 3 +- MdePkg/Test/Mock/Include/GoogleTest/Library/MockUefiBootServicesTableLib.h | 78 +++ MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockHash2.h | 67 +++
[edk2-devel] [PATCH v1 01/14] EmulatorPkg: : Add RngDxe to EmulatorPkg
From: Doug Flick This patch adds RngDxe to EmulatorPkg. The RngDxe is used to provide random number generation services to the UEFI firmware. Cc: Andrew Fish Cc: Ray Ni Signed-off-by: Doug Flick [MSFT] --- EmulatorPkg/EmulatorPkg.dsc | 9 +++-- EmulatorPkg/EmulatorPkg.fdf | 6 +- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/EmulatorPkg/EmulatorPkg.dsc b/EmulatorPkg/EmulatorPkg.dsc index 5fa1ed345a33..0a66294cb768 100644 --- a/EmulatorPkg/EmulatorPkg.dsc +++ b/EmulatorPkg/EmulatorPkg.dsc @@ -127,9 +127,9 @@ [LibraryClasses] ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf ImagePropertiesRecordLib|MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.inf - -!if $(SECURE_BOOT_ENABLE) == TRUE RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf + +!if $(SECURE_BOOT_ENABLE) == TRUE IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf PlatformSecureLib|SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf @@ -398,6 +398,11 @@ [Components] EmulatorPkg/PlatformSmbiosDxe/PlatformSmbiosDxe.inf EmulatorPkg/TimerDxe/Timer.inf + # + # Rng Protocol producer + # + SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf + !if $(SECURE_BOOT_ENABLE) == TRUE SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf !endif diff --git a/EmulatorPkg/EmulatorPkg.fdf b/EmulatorPkg/EmulatorPkg.fdf index 5420756eaa6f..d756c144d94d 100644 --- a/EmulatorPkg/EmulatorPkg.fdf +++ b/EmulatorPkg/EmulatorPkg.fdf @@ -193,6 +193,11 @@ [FV.FvRecovery] INF MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuApp.inf INF MdeModulePkg/Universal/DriverSampleDxe/DriverSampleDxe.inf +# +# Rng Protocol producer +# +INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf + # # Secure Boot Key Enroll # @@ -320,4 +325,3 @@ [Rule.Common.UEFI_APPLICATION.BINARY] UISTRING="$(MODULE_NAME)" Optional VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER) } - -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118674): https://edk2.groups.io/g/devel/message/118674 Mute This Topic: https://groups.io/mt/105983239/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 1/1] MdeModulePkg: Load Serial driver in early DXE
We have considered that; however, we aim to avoid maintaining our own implementation of functions that communicate with UART. Please see discussion over previous approach: https://edk2.groups.io/g/devel/topic/104469297#115731 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118672): https://edk2.groups.io/g/devel/message/118672 Mute This Topic: https://groups.io/mt/105959587/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] pr for stable tag
Please set the push label on https://github.com/tianocore/edk2/pull/5642 discussed here: https://openfw.io/edk2-devel/20240508085148.1725-1-p...@akeo.ie/ -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118671): https://edk2.groups.io/g/devel/message/118671 Mute This Topic: https://groups.io/mt/105979790/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 1/1] MdePkg/BaseLib: Fix undefined symbol when compiling with Visual Studio
On Wed, 8 May 2024 at 11:21, Pete Batard wrote: > > Hi Ard, > > Thanks for the quick review. > > Note that as opposed to the previous one you referenced, that patches > both the .S and the .asm, my submission only patches the .asm, so it's > probably better to use Adam Liu's for integration (who was the first to > propose a fix anyway). > Yeah, we'll end up merging the other patch, most likely. But thanks for reminding us of this issue - it does need fixing. > As to your other question, see inline: > > On 2024.05.08 10:08, Ard Biesheuvel wrote: > > On Wed, 8 May 2024 at 11:07, Ard Biesheuvel wrote: > >> > >> On Wed, 8 May 2024 at 10:52, Pete Batard wrote: > >>> > >>> Commit 80bbea192aa44ab664ba8be29ac06c83f246e99c introduced a regression > >>> resulting in 'error A2023: undefined symbol: InternalAssertJumpBuffer' > >>> when compling MdePkg for AARCH64 with Visual Studio. > >>> Fix this by adding the relevant EXTERN reference. > >>> > >>> Signed-off-by: Pete Batard > >>> Cc: Leif Lindholm > >>> Cc: Ard Biesheuvel > >> > >> Reviewed-by: Ard Biesheuvel > >> > >> Note that the same issue has been raised two months ago, and a similar > >> fix proposed > >> > >> https://openfw.io/edk2-devel/20240320025130.599086-1-adam@tw.synaptics.com/ > >> > >> so IMHO this qualifies for inclusion in the stable tag. > >> > > > > BTW the existence of this issue appears to imply that the VS RELEASE > > build does not #define MDEPKG_NDEBUG. Is that an oversight? > > In my testing with VS2022 (with '-b RELEASE'), adding: > > #ifdef MDEPKG_NDEBUG > #error MDEPKG_NDEBUG is defined > #endif > > to SetJump.c does produce the expected: > > d:\edk2\MdePkg\Library\BaseLib\SetJump.c(12): fatal error C1189: #error: > MDEPKG_NDEBUG is defined > > So as far as I can tell, MDEPKG_NDEBUG is properly defined. > The reference to InternalAssertJumpBuffer was intended to only be emitted if MDEPKG_NDEBUG is not defined, but this appears to be broken too. MDEPKG_NDEBUG is added to the CC flags only, never to the PP flags - given that a #define is fundamentally a PP flag, it would be better if all -D flags were carried in a separate variable that gets added to both, but this is future refactoring that I won't get around to myself, most probably. Leif, any thoughts? -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118670): https://edk2.groups.io/g/devel/message/118670 Mute This Topic: https://groups.io/mt/105977470/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 1/1] MdePkg/BaseLib: Fix undefined symbol when compiling with Visual Studio
Hi Ard, Thanks for the quick review. Note that as opposed to the previous one you referenced, that patches both the .S and the .asm, my submission only patches the .asm, so it's probably better to use Adam Liu's for integration (who was the first to propose a fix anyway). As to your other question, see inline: On 2024.05.08 10:08, Ard Biesheuvel wrote: On Wed, 8 May 2024 at 11:07, Ard Biesheuvel wrote: On Wed, 8 May 2024 at 10:52, Pete Batard wrote: Commit 80bbea192aa44ab664ba8be29ac06c83f246e99c introduced a regression resulting in 'error A2023: undefined symbol: InternalAssertJumpBuffer' when compling MdePkg for AARCH64 with Visual Studio. Fix this by adding the relevant EXTERN reference. Signed-off-by: Pete Batard Cc: Leif Lindholm Cc: Ard Biesheuvel Reviewed-by: Ard Biesheuvel Note that the same issue has been raised two months ago, and a similar fix proposed https://openfw.io/edk2-devel/20240320025130.599086-1-adam@tw.synaptics.com/ so IMHO this qualifies for inclusion in the stable tag. BTW the existence of this issue appears to imply that the VS RELEASE build does not #define MDEPKG_NDEBUG. Is that an oversight? In my testing with VS2022 (with '-b RELEASE'), adding: #ifdef MDEPKG_NDEBUG #error MDEPKG_NDEBUG is defined #endif to SetJump.c does produce the expected: d:\edk2\MdePkg\Library\BaseLib\SetJump.c(12): fatal error C1189: #error: MDEPKG_NDEBUG is defined So as far as I can tell, MDEPKG_NDEBUG is properly defined. Regards, /Pete --- MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm | 1 + 1 file changed, 1 insertion(+) diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm index 6ec8f35f2c9f..fa161e25f517 100644 --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm @@ -7,6 +7,7 @@ EXPORT SetJump EXPORT InternalLongJump + EXTERN InternalAssertJumpBuffer AREA BaseLib_LowLevel, CODE, READONLY #define GPR_LAYOUT \ -- 2.45.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118669): https://edk2.groups.io/g/devel/message/118669 Mute This Topic: https://groups.io/mt/105977470/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 1/1] MdePkg/BaseLib: Fix undefined symbol when compiling with Visual Studio
On Wed, 8 May 2024 at 11:07, Ard Biesheuvel wrote: > > On Wed, 8 May 2024 at 10:52, Pete Batard wrote: > > > > Commit 80bbea192aa44ab664ba8be29ac06c83f246e99c introduced a regression > > resulting in 'error A2023: undefined symbol: InternalAssertJumpBuffer' > > when compling MdePkg for AARCH64 with Visual Studio. > > Fix this by adding the relevant EXTERN reference. > > > > Signed-off-by: Pete Batard > > Cc: Leif Lindholm > > Cc: Ard Biesheuvel > > Reviewed-by: Ard Biesheuvel > > Note that the same issue has been raised two months ago, and a similar > fix proposed > > https://openfw.io/edk2-devel/20240320025130.599086-1-adam@tw.synaptics.com/ > > so IMHO this qualifies for inclusion in the stable tag. > BTW the existence of this issue appears to imply that the VS RELEASE build does not #define MDEPKG_NDEBUG. Is that an oversight? > > > --- > > MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > > b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > > index 6ec8f35f2c9f..fa161e25f517 100644 > > --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > > +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > > @@ -7,6 +7,7 @@ > > > >EXPORT SetJump > >EXPORT InternalLongJump > > + EXTERN InternalAssertJumpBuffer > >AREA BaseLib_LowLevel, CODE, READONLY > > > > #define GPR_LAYOUT \ > > -- > > 2.45.0.windows.1 > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118668): https://edk2.groups.io/g/devel/message/118668 Mute This Topic: https://groups.io/mt/105977470/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 1/1] MdePkg/BaseLib: Fix undefined symbol when compiling with Visual Studio
On Wed, 8 May 2024 at 10:52, Pete Batard wrote: > > Commit 80bbea192aa44ab664ba8be29ac06c83f246e99c introduced a regression > resulting in 'error A2023: undefined symbol: InternalAssertJumpBuffer' > when compling MdePkg for AARCH64 with Visual Studio. > Fix this by adding the relevant EXTERN reference. > > Signed-off-by: Pete Batard > Cc: Leif Lindholm > Cc: Ard Biesheuvel Reviewed-by: Ard Biesheuvel Note that the same issue has been raised two months ago, and a similar fix proposed https://openfw.io/edk2-devel/20240320025130.599086-1-adam@tw.synaptics.com/ so IMHO this qualifies for inclusion in the stable tag. > --- > MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > index 6ec8f35f2c9f..fa161e25f517 100644 > --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > @@ -7,6 +7,7 @@ > >EXPORT SetJump >EXPORT InternalLongJump > + EXTERN InternalAssertJumpBuffer >AREA BaseLib_LowLevel, CODE, READONLY > > #define GPR_LAYOUT \ > -- > 2.45.0.windows.1 > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118667): https://edk2.groups.io/g/devel/message/118667 Mute This Topic: https://groups.io/mt/105977470/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH 1/1] MdePkg/BaseLib: Fix undefined symbol when compiling with Visual Studio
Commit 80bbea192aa44ab664ba8be29ac06c83f246e99c introduced a regression resulting in 'error A2023: undefined symbol: InternalAssertJumpBuffer' when compling MdePkg for AARCH64 with Visual Studio. Fix this by adding the relevant EXTERN reference. Signed-off-by: Pete Batard Cc: Leif Lindholm Cc: Ard Biesheuvel --- MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm | 1 + 1 file changed, 1 insertion(+) diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm index 6ec8f35f2c9f..fa161e25f517 100644 --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm @@ -7,6 +7,7 @@ EXPORT SetJump EXPORT InternalLongJump + EXTERN InternalAssertJumpBuffer AREA BaseLib_LowLevel, CODE, READONLY #define GPR_LAYOUT \ -- 2.45.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118666): https://edk2.groups.io/g/devel/message/118666 Mute This Topic: https://groups.io/mt/105977470/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH 0/1] MdePkg/BaseLib: Fix undefined symbol when compiling with Visual Studio
The following patch fixes a regression/breakage that currently prevents compilation of MdePkg for AARCH64 with Visual Studio 2022. This regression was introduced with the patch that was discussed in October 2020 at: https://edk2.groups.io/g/devel/topic/77247140#msg65813 and that was eventually integrated in September 2023. The full error can be seen on a real life example at: https://github.com/pbatard/EfiFs/actions/runs/8988513468/job/24689531001#step:8:220 Because this is a regression/breakage for one of the major toolchains, and the fix is expected to be low impact, I would appreciate if this could be speed-tracked for review and integration for the 202405 edk2 release, which is currently in soft freeze. Also, since this appears not to be the case, and it would have helped with this issue being caught during patch integration rather than 6 months down the line, I would also very much like to push for a VS2019/AARCH64 CI pipeline to be added to the edk2 patch validation process. Thanks, /Pete Pete Batard (1): MdePkg/BaseLib: Fix undefined symbol when compiling with Visual Studio MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm | 1 + 1 file changed, 1 insertion(+) -- 2.45.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118665): https://edk2.groups.io/g/devel/message/118665 Mute This Topic: https://groups.io/mt/105977469/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [edk2-redfish-client][PATCH] Tool/Redfish-Profile-Simulator: fix Werkzeug security issue
Upgrade Werkzeug to version 3.0.3 to address CVE-2024-34069 Signed-off-by: Nickle Wang Cc: Abner Chang Cc: Igor Kulchytskyy Cc: Nick Ramirez --- Tools/Redfish-Profile-Simulator/redfishProfileSimulator.py | 7 --- Tools/Redfish-Profile-Simulator/requirements.txt | 6 ++ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/Tools/Redfish-Profile-Simulator/redfishProfileSimulator.py b/Tools/Redfish-Profile-Simulator/redfishProfileSimulator.py index 91c792a2b..58697328a 100644 --- a/Tools/Redfish-Profile-Simulator/redfishProfileSimulator.py +++ b/Tools/Redfish-Profile-Simulator/redfishProfileSimulator.py @@ -1,6 +1,7 @@ # Copyright Notice: # # Copyright (c) 2019, Intel Corporation. All rights reserved. +# Copyright (c) 2024, NVIDIA CORPORATION & AFFILIATES. All rights reserved. # SPDX-License-Identifier: BSD-2-Clause-Patent # # Copyright Notice: @@ -89,8 +90,8 @@ class PreconditionRequired(werkzeug.exceptions.HTTPException): def main(argv): #Monkey patch the set_etag() method for conditional request. -_old_set_etag = werkzeug.ETagResponseMixin.set_etag -@functools.wraps(werkzeug.ETagResponseMixin.set_etag) +_old_set_etag = werkzeug.wrappers.Response.set_etag +@functools.wraps(werkzeug.wrappers.Response.set_etag) def _new_set_etag(self, etag, weak=False): # only check the first time through; when called twice # we're modifying @@ -107,7 +108,7 @@ def main(argv): raise NotModified flask.g.condtnl_etags_start = False _old_set_etag(self, etag, weak) -werkzeug.ETagResponseMixin.set_etag = _new_set_etag +werkzeug.wrappers.Response.set_etag = _new_set_etag # set default option args rf_profile_path = os.path.abspath("./MockupData/SimpleOcpServerV1") diff --git a/Tools/Redfish-Profile-Simulator/requirements.txt b/Tools/Redfish-Profile-Simulator/requirements.txt index 359a81446..83d2d8130 100644 --- a/Tools/Redfish-Profile-Simulator/requirements.txt +++ b/Tools/Redfish-Profile-Simulator/requirements.txt @@ -1,5 +1,3 @@ -Werkzeug==0.16 -Jinja2==3.0.3 -itsdangerous==2.0.1 -flask==1.1.1 +Werkzeug>=3.0.3 +flask==3.0.0 pyOpenSSL -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118664): https://edk2.groups.io/g/devel/message/118664 Mute This Topic: https://groups.io/mt/105977266/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH 1/2] AmdSev: Rework Blob Verifier
The Blob Verifier checks boot artifacts against a hash table injected by the hypervisor and measured by hardware. Update the Blob Verifier to enter a dead loop if the artifacts do not match. Signed-off-by: Tobin Feldman-Fitzthum --- .../BlobVerifierSevHashes.c | 39 +++ 1 file changed, 31 insertions(+), 8 deletions(-) diff --git a/OvmfPkg/AmdSev/BlobVerifierLibSevHashes/BlobVerifierSevHashes.c b/OvmfPkg/AmdSev/BlobVerifierLibSevHashes/BlobVerifierSevHashes.c index 2e58794c3c..ee8bca509a 100644 --- a/OvmfPkg/AmdSev/BlobVerifierLibSevHashes/BlobVerifierSevHashes.c +++ b/OvmfPkg/AmdSev/BlobVerifierLibSevHashes/BlobVerifierSevHashes.c @@ -77,13 +77,17 @@ FindBlobEntryGuid ( /** Verify blob from an external source. + If a non-secure configuration is detected this function will enter a + dead loop to prevent a boot. + @param[in] BlobName The name of the blob @param[in] BufThe data of the blob @param[in] BufSizeThe size of the blob in bytes - @retval EFI_SUCCESS The blob was verified successfully. - @retval EFI_ACCESS_DENIED The blob could not be verified, and therefore -should be considered non-secure. + @retval EFI_SUCCESS The blob was verified successfully or was not +found in the hash table. + @retval EFI_ACCESS_DENIED Kernel hashes not supported, but the boot +can continue safely. **/ EFI_STATUS EFIAPI @@ -99,8 +103,8 @@ VerifyBlob ( if ((mHashesTable == NULL) || (mHashesTableSize == 0)) { DEBUG (( - DEBUG_ERROR, - "%a: Verifier called but no hashes table discoverd in MEMFD\n", + DEBUG_WARN, + "%a: No hashes table discovered in MEMFD\n", __func__ )); return EFI_ACCESS_DENIED; @@ -114,7 +118,8 @@ VerifyBlob ( __func__, BlobName )); -return EFI_ACCESS_DENIED; + +CpuDeadLoop (); } // @@ -136,10 +141,22 @@ VerifyBlob ( DEBUG ((DEBUG_INFO, "%a: Found GUID %g in table\n", __func__, Guid)); +if (BufSize == 0) { + DEBUG (( +DEBUG_ERROR, +"%a: Blob Specified in Hash Table was not Provided", +__func__, +EntrySize, +SHA256_DIGEST_SIZE +)); + + CpuDeadLoop (); +} + EntrySize = Entry->Len - sizeof Entry->Guid - sizeof Entry->Len; if (EntrySize != SHA256_DIGEST_SIZE) { DEBUG (( -DEBUG_ERROR, +DEBUG_WARN, "%a: Hash has the wrong size %d != %d\n", __func__, EntrySize, @@ -170,18 +187,24 @@ VerifyBlob ( __func__, BlobName )); + + CpuDeadLoop (); } return Status; } + // + // If the GUID is not in the hash table, execution can still continue. + // This blob will not be measured, but at least one blob must be. + // DEBUG (( DEBUG_ERROR, "%a: Hash GUID %g not found in table\n", __func__, Guid )); - return EFI_ACCESS_DENIED; + return EFI_SUCCESS; } /** -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118662): https://edk2.groups.io/g/devel/message/118662 Mute This Topic: https://groups.io/mt/105977014/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
回复:[Internet]Re: [edk2-devel] [PATCH] Added support for ACPI related data structures for RISC_V64 platform
Hi Sunil, We mainly want to use UEFI+ACPI mode to start RISCV64 server. However, during the development process, we found that ACPI(6.5) in the current version of UEFI does not support riscv for the time being. In order to solve this problem, We refer to the upstream RISC-V ACPI platform specification provided by Ventana to implement RISC-V ACPI support, so adding this header file can make ACPI support RISCV architecture until the new version of ACPI specification supports RISCV architecture. Thanks 发自我的企业微信 --回复的邮件信息-- Sunil V Lhttps://edk2.groups.io/g/devel/message/118658 Mute This Topic: https://groups.io/mt/105977010/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH 2/2] AmdSev: Halt on failed blob allocation
A malicious host may be able to undermine the fw_cfg interface such that loading a blob fails. In this case rather than continuing to the next boot option, the blob verifier should halt. For non-confidential guests, the error should be non-fatal. Signed-off-by: Tobin Feldman-Fitzthum --- .../BlobVerifierSevHashes.c | 17 - OvmfPkg/Include/Library/BlobVerifierLib.h | 14 ++ .../BlobVerifierLibNull/BlobVerifierNull.c | 13 - .../QemuKernelLoaderFsDxe.c | 9 - 4 files changed, 38 insertions(+), 15 deletions(-) diff --git a/OvmfPkg/AmdSev/BlobVerifierLibSevHashes/BlobVerifierSevHashes.c b/OvmfPkg/AmdSev/BlobVerifierLibSevHashes/BlobVerifierSevHashes.c index ee8bca509a..c550518d73 100644 --- a/OvmfPkg/AmdSev/BlobVerifierLibSevHashes/BlobVerifierSevHashes.c +++ b/OvmfPkg/AmdSev/BlobVerifierLibSevHashes/BlobVerifierSevHashes.c @@ -83,6 +83,7 @@ FindBlobEntryGuid ( @param[in] BlobName The name of the blob @param[in] BufThe data of the blob @param[in] BufSizeThe size of the blob in bytes + @param[in] FetchStatusThe status of the previous blob fetch @retval EFI_SUCCESS The blob was verified successfully or was not found in the hash table. @@ -94,13 +95,27 @@ EFIAPI VerifyBlob ( IN CONST CHAR16 *BlobName, IN CONST VOID*Buf, - IN UINT32BufSize + IN UINT32BufSize, + IN EFI_STATUSFetchStatus ) { CONST GUID *Guid; INT32 Remaining; HASH_TABLE *Entry; + // Enter a dead loop if the fetching of this blob + // failed. This prevents a malicious host from + // circumventing the following checks. + if (EFI_ERROR (FetchStatus)) { +DEBUG (( + DEBUG_ERROR, + "%a: Fetching blob failed.\n", + __func__ + )); + +CpuDeadLoop (); + } + if ((mHashesTable == NULL) || (mHashesTableSize == 0)) { DEBUG (( DEBUG_WARN, diff --git a/OvmfPkg/Include/Library/BlobVerifierLib.h b/OvmfPkg/Include/Library/BlobVerifierLib.h index 7e1af27574..efe26734b1 100644 --- a/OvmfPkg/Include/Library/BlobVerifierLib.h +++ b/OvmfPkg/Include/Library/BlobVerifierLib.h @@ -19,20 +19,26 @@ /** Verify blob from an external source. + If a non-secure configuration is detected this function will enter a + dead loop to prevent a boot. + @param[in] BlobName The name of the blob @param[in] BufThe data of the blob @param[in] BufSizeThe size of the blob in bytes + @param[in] FetchStatusThe status of fetching this blob - @retval EFI_SUCCESS The blob was verified successfully. - @retval EFI_ACCESS_DENIED The blob could not be verified, and therefore -should be considered non-secure. + @retval EFI_SUCCESS The blob was verified successfully or was not +found in the hash table. + @retval EFI_ACCESS_DENIED Kernel hashes not supported but the boot can +continue safely. **/ EFI_STATUS EFIAPI VerifyBlob ( IN CONST CHAR16 *BlobName, IN CONST VOID*Buf, - IN UINT32BufSize + IN UINT32BufSize, + IN EFI_STATUSFetchStatus ); #endif diff --git a/OvmfPkg/Library/BlobVerifierLibNull/BlobVerifierNull.c b/OvmfPkg/Library/BlobVerifierLibNull/BlobVerifierNull.c index e817c3cc95..db5320571c 100644 --- a/OvmfPkg/Library/BlobVerifierLibNull/BlobVerifierNull.c +++ b/OvmfPkg/Library/BlobVerifierLibNull/BlobVerifierNull.c @@ -16,18 +16,21 @@ @param[in] BlobName The name of the blob @param[in] BufThe data of the blob @param[in] BufSizeThe size of the blob in bytes + @param[in] FetchStatusThe status of the fetch of this blob - @retval EFI_SUCCESS The blob was verified successfully. - @retval EFI_ACCESS_DENIED The blob could not be verified, and therefore -should be considered non-secure. + @retval EFI_SUCCESS The blob was verified successfully or was not +found in the hash table. + @retval EFI_ACCESS_DENIED Kernel hashes not supported but the boot can +continue safely. **/ EFI_STATUS EFIAPI VerifyBlob ( IN CONST CHAR16 *BlobName, IN CONST VOID*Buf, - IN UINT32BufSize + IN UINT32BufSize, + IN EFI_STATUSFetchStatus ) { - return EFI_SUCCESS; + return FetchStatus; } diff --git a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c index 3c12085f6c..cf58c97cd2 100644 --- a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c +++ b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c @@ -1042,6 +1042,7 @@ QemuKernelLoaderFsDxeEntrypoint ( KERNEL_BLOB *CurrentBlob;
Re: [edk2-rfc] [edk2-devel] Proposal to switch TianoCore Code Review from email to GitHub Pull Requests on 5-24-2024
Internal Use - Confidential On 2024-05-01 18:43, Michael D Kinney wrote: > Hello, > > I would like to propose that TianoCore move all code review from email > based code reviews to GitHub Pull Requests based code reviews. > > The proposed date to switch would be immediately after the next stable > tag which is currently scheduled for May 24, 2024. Very welcome news! Make it so! William Leara BIOS Architect Dell | BIOS/FW Architecture office 512-720-5122 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#851): https://urldefense.com/v3/__https://edk2.groups.io/g/rfc/message/851__;!!LpKI!kLrsCBspYuhPcpzu6_oy_nM3IrLm1PLlibITwnmUZRndVxpkUNIpWNxB7UeJUaSNexPOL8sbHixsM2L7Yh5TnNdWdBU$ [edk2[.]groups[.]io] Mute This Topic: https://urldefense.com/v3/__https://groups.io/mt/105848092/7889204__;!!LpKI!kLrsCBspYuhPcpzu6_oy_nM3IrLm1PLlibITwnmUZRndVxpkUNIpWNxB7UeJUaSNexPOL8sbHixsM2L7Yh5TxZFqh5M$ [groups[.]io] Group Owner: rfc+ow...@edk2.groups.io Unsubscribe: https://urldefense.com/v3/__https://edk2.groups.io/g/rfc/unsub__;!!LpKI!kLrsCBspYuhPcpzu6_oy_nM3IrLm1PLlibITwnmUZRndVxpkUNIpWNxB7UeJUaSNexPOL8sbHixsM2L7Yh5T3vhXcBU$ [edk2[.]groups[.]io] [william.le...@dell.com] -=-=-=-=-=-=-=-=-=-=-=- -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118660): https://edk2.groups.io/g/devel/message/118660 Mute This Topic: https://groups.io/mt/105977012/21656 Group Owner: develꌉ@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH 0/2] AmdSev: Harden SEV Kernel hashes verifier
The AmdSev package has a so-called BlobVerifier, which is meant to extend the TCB of a confidential guest (SEV or SNP) to include components provided via fw_cfg such as initrd, kernel, kernel params. This series fixes a few implementation errors in the blob verifier. One common theme is that the verifier currently fails to halt the boot when an invalid blob is detected. This can lead to a confidential guest having a launch measurement that does not reflect the guest TCB. This series could also help us move towards consolidating the AmdSev package back into the OvmfPkg although more discussion will be needed on this. Thank you for Ryan Savino at AMD for pointing out some of these issues. Tobin Feldman-Fitzthum (2): AmdSev: Rework Blob Verifier AmdSev: Halt on failed blob allocation .../BlobVerifierSevHashes.c | 56 --- OvmfPkg/Include/Library/BlobVerifierLib.h | 14 +++-- .../BlobVerifierLibNull/BlobVerifierNull.c| 13 +++-- .../QemuKernelLoaderFsDxe.c | 9 ++- 4 files changed, 69 insertions(+), 23 deletions(-) -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118661): https://edk2.groups.io/g/devel/message/118661 Mute This Topic: https://groups.io/mt/105977013/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH] MdeModulePkg: Potential UINT32 overflow in S3 ResumeCount
From: Shanmugavel Pakkirisamy REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4677 Attacker able to modify physical memory and ResumeCount. System will crash/DoS when ResumeCount reaches its MAX_UINT32. Cc: Zhiguang Liu Cc: Dandan Bi Cc: Liming Gao Signed-off-by: Pakkirisamy ShanmugavelX --- MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTablePei/FirmwarePerformancePei.c | 14 +- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTablePei/FirmwarePerformancePei.c b/MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTablePei/FirmwarePerformancePei.c index 2f2b2a80b2..1035ed8640 100644 --- a/MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTablePei/FirmwarePerformancePei.c +++ b/MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTablePei/FirmwarePerformancePei.c @@ -112,11 +112,15 @@ FpdtStatusCodeListenerPei ( // S3ResumeTotal = MultU64x32 (AcpiS3ResumeRecord->AverageResume, AcpiS3ResumeRecord->ResumeCount); AcpiS3ResumeRecord->ResumeCount++; - AcpiS3ResumeRecord->AverageResume = DivU64x32 (S3ResumeTotal + AcpiS3ResumeRecord->FullResume, AcpiS3ResumeRecord->ResumeCount); - - DEBUG ((DEBUG_INFO, "FPDT: S3 Resume Performance - ResumeCount = %d\n", AcpiS3ResumeRecord->ResumeCount)); - DEBUG ((DEBUG_INFO, "FPDT: S3 Resume Performance - FullResume= %ld\n", AcpiS3ResumeRecord->FullResume)); - DEBUG ((DEBUG_INFO, "FPDT: S3 Resume Performance - AverageResume = %ld\n", AcpiS3ResumeRecord->AverageResume)); + if (AcpiS3ResumeRecord->ResumeCount > 0) { +AcpiS3ResumeRecord->AverageResume = DivU64x32 (S3ResumeTotal + AcpiS3ResumeRecord->FullResume, AcpiS3ResumeRecord->ResumeCount); +DEBUG ((DEBUG_INFO, "\nFPDT: S3 Resume Performance - AverageResume = 0x%x\n", AcpiS3ResumeRecord->AverageResume)); + } + else { +DEBUG ((DEBUG_ERROR, "\nFPDT: S3 ResumeCount reaches the MAX_UINT32 value. S3 ResumeCount record reset to Zero.")); + } + DEBUG ((DEBUG_INFO, "FPDT: S3 Resume Performance - ResumeCount = 0x%x\n", AcpiS3ResumeRecord->ResumeCount)); + DEBUG ((DEBUG_INFO, "FPDT: S3 Resume Performance - FullResume= 0x%x\n", AcpiS3ResumeRecord->FullResume)); // // Update S3 Suspend Performance Record. -- 2.45.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118659): https://edk2.groups.io/g/devel/message/118659 Mute This Topic: https://groups.io/mt/105977011/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-