diff --git a/ArmPkg/ArmPkg.dec b/ArmPkg/ArmPkg.dec index 7fe2b9bca43b..ac030e295b04 100644 --- a/ArmPkg/ArmPkg.dec +++ b/ArmPkg/ArmPkg.dec @@ -139,11 +139,6 @@ # Define if the GICv3 controller should use the GICv2 legacy gArmTokenSpaceGuid.PcdArmGicV3WithV2Legacy|FALSE|BOOLEAN|0x00000042 - ## Define the conduit to use for monitor calls. - # Default PcdMonitorConduitHvc = FALSE, conduit = SMC - # If PcdMonitorConduitHvc = TRUE, conduit = HVC - gArmTokenSpaceGuid.PcdMonitorConduitHvc|FALSE|BOOLEAN|0x00000047 - # Whether to remap all unused memory NX before installing the CPU arch # protocol driver. This is needed on platforms that map all DRAM with RWX # attributes initially, and can be disabled otherwise. @@ -317,6 +312,11 @@ gArmTokenSpaceGuid.PcdSystemBiosRelease|0xFFFF|UINT16|0x30000058 gArmTokenSpaceGuid.PcdEmbeddedControllerFirmwareRelease|0xFFFF|UINT16|0x30000059 + ## Define the conduit to use for monitor calls. + # Default PcdMonitorConduitHvc = FALSE, conduit = SMC + # If PcdMonitorConduitHvc = TRUE, conduit = HVC + gArmTokenSpaceGuid.PcdMonitorConduitHvc|FALSE|BOOLEAN|0x00000047 + [PcdsFixedAtBuild.common, PcdsDynamic.common] # # ARM Architectural Timer diff --git a/ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.c b/ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.c index 741f5c615744..ec5b0b6619f0 100644 --- a/ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.c +++ b/ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.c @@ -26,7 +26,7 @@ ArmMonitorCall ( IN OUT ARM_MONITOR_ARGS *Args ) { - if (FeaturePcdGet (PcdMonitorConduitHvc)) { + if (PcdGetBool (PcdMonitorConduitHvc)) { ArmCallHvc ((ARM_HVC_ARGS *)Args); } else { ArmCallSmc ((ARM_SMC_ARGS *)Args); diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index 2bc6a29eb131..7044790a1e08 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -156,7 +156,9 @@ OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf !endif BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf - RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf + RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf + ArmTrngLib|ArmPkg/Library/ArmTrngLib/ArmTrngLib.inf + ArmMonitorLib|ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.inf # # Secure Boot dependencies @@ -266,6 +268,7 @@ [LibraryClasses.ARM] ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf + RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf [BuildOptions] GCC:RELEASE_*_*_CC_FLAGS = -DMDEPKG_NDEBUG diff --git a/ArmVirtPkg/ArmVirtCloudHv.dsc b/ArmVirtPkg/ArmVirtCloudHv.dsc index 5cb2a609b120..d5055a034102 100644 --- a/ArmVirtPkg/ArmVirtCloudHv.dsc +++ b/ArmVirtPkg/ArmVirtCloudHv.dsc @@ -201,6 +201,9 @@ [PcdsDynamicHii] gUefiOvmfPkgTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gOvmfVariableGuid|0x0|FALSE|NV,BS +[PcdsPatchableInModule.common] + gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE + ################################################################################ # # Components Section - list of all EDK II Modules needed by this Platform diff --git a/ArmVirtPkg/ArmVirtKvmTool.dsc b/ArmVirtPkg/ArmVirtKvmTool.dsc index 20da33196679..ae0dd1497f08 100644 --- a/ArmVirtPkg/ArmVirtKvmTool.dsc +++ b/ArmVirtPkg/ArmVirtKvmTool.dsc @@ -126,8 +126,6 @@ # Use MMIO for accessing RTC controller registers. gPcAtChipsetPkgTokenSpaceGuid.PcdRtcUseMmio|TRUE - gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE - [PcdsFixedAtBuild.common] gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000000F @@ -167,6 +165,8 @@ # gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16 + gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE + [PcdsPatchableInModule.common] # # This will be overridden in the code diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index 7e2ff33ad172..64aa4e96e58d 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -49,10 +49,10 @@ !include NetworkPkg/NetworkDefines.dsc.inc -!include ArmVirtPkg/ArmVirt.dsc.inc - !include MdePkg/MdeLibs.dsc.inc +!include ArmVirtPkg/ArmVirt.dsc.inc + [LibraryClasses.common] ArmLib|ArmPkg/Library/ArmLib/ArmBaseLib.inf ArmMmuLib|ArmPkg/Library/ArmMmuLib/ArmMmuBaseLib.inf @@ -293,6 +293,10 @@ gEfiNetworkPkgTokenSpaceGuid.PcdIPv4PXESupport|0x01 gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01 + # whether to use HVC or SMC to issue monitor calls - this typically depends + # on the exception level at which the UEFI system firmware executes + gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE + # # TPM2 support # @@ -318,11 +322,7 @@ gEfiMdePkgTokenSpaceGuid.PcdPlatformBootTimeOut|L"Timeout"|gEfiGlobalVariableGuid|0x0|5 [LibraryClasses.common.PEI_CORE, LibraryClasses.common.PEIM] -!if $(TPM2_ENABLE) == TRUE PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf -!else - PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf -!endif ################################################################################ # @@ -339,11 +339,11 @@ ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf ArmPkg/Drivers/CpuPei/CpuPei.inf -!if $(TPM2_ENABLE) == TRUE MdeModulePkg/Universal/PCD/Pei/Pcd.inf { PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf } +!if $(TPM2_ENABLE) == TRUE MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf { ResetSystemLib|ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVirtPsciResetSystemPeiLib.inf @@ -432,6 +432,7 @@ BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf } MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf + SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf # # Status Code Routing @@ -554,6 +555,11 @@ MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf + # + # Hash2 Protocol Support + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # TPM2 support # diff --git a/ArmVirtPkg/ArmVirtQemu.fdf b/ArmVirtPkg/ArmVirtQemu.fdf index 764f652afd0e..6073a31970a4 100644 --- a/ArmVirtPkg/ArmVirtQemu.fdf +++ b/ArmVirtPkg/ArmVirtQemu.fdf @@ -111,8 +111,8 @@ READ_LOCK_STATUS = TRUE INF ArmPkg/Drivers/CpuPei/CpuPei.inf INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf -!if $(TPM2_ENABLE) == TRUE INF MdeModulePkg/Universal/PCD/Pei/Pcd.inf +!if $(TPM2_ENABLE) == TRUE INF MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc index c5d097ffb935..38906004d77b 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc @@ -75,6 +75,7 @@ READ_LOCK_STATUS = TRUE INF ArmPkg/Drivers/TimerDxe/TimerDxe.inf INF OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf + INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf # # FAT filesystem + GPT/MBR partitioning + UDF filesystem + virtio-fs @@ -177,6 +178,11 @@ READ_LOCK_STATUS = TRUE INF MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf + # + # Hash2 Protocol producer + # + INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # TPM2 support # diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc index efe2df97bdf7..2cf96accbdc6 100644 --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc @@ -46,10 +46,10 @@ !include NetworkPkg/NetworkDefines.dsc.inc -!include ArmVirtPkg/ArmVirt.dsc.inc - !include MdePkg/MdeLibs.dsc.inc +!include ArmVirtPkg/ArmVirt.dsc.inc + [LibraryClasses.common] ArmLib|ArmPkg/Library/ArmLib/ArmBaseLib.inf ArmMmuLib|ArmPkg/Library/ArmMmuLib/ArmMmuBaseLib.inf @@ -203,6 +203,8 @@ gArmTokenSpaceGuid.PcdFdBaseAddress|0x0 gArmTokenSpaceGuid.PcdFvBaseAddress|0x0 + gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE + [PcdsDynamicDefault.common] gEfiMdePkgTokenSpaceGuid.PcdPlatformBootTimeOut|3 @@ -339,6 +341,7 @@ BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf } MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf + SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf # # Status Code Routing @@ -461,6 +464,11 @@ MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf + # + # Hash2 Protocol Support + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # ACPI Support # diff --git a/ArmVirtPkg/ArmVirtXen.dsc b/ArmVirtPkg/ArmVirtXen.dsc index 5809832e66d2..1505709a29ef 100644 --- a/ArmVirtPkg/ArmVirtXen.dsc +++ b/ArmVirtPkg/ArmVirtXen.dsc @@ -23,10 +23,10 @@ SKUID_IDENTIFIER = DEFAULT FLASH_DEFINITION = ArmVirtPkg/ArmVirtXen.fdf -!include ArmVirtPkg/ArmVirt.dsc.inc - !include MdePkg/MdeLibs.dsc.inc +!include ArmVirtPkg/ArmVirt.dsc.inc + [LibraryClasses] SerialPortLib|OvmfPkg/Library/XenConsoleSerialPortLib/XenConsoleSerialPortLib.inf !if $(TARGET) != RELEASE @@ -120,6 +120,8 @@ gArmTokenSpaceGuid.PcdFdBaseAddress|0x0 gArmTokenSpaceGuid.PcdFvBaseAddress|0x0 + gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE + [PcdsDynamicDefault.common] gArmTokenSpaceGuid.PcdArmArchTimerSecIntrNum|0x0 diff --git a/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c b/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c index 7ab4aa2d6bb9..b8e92083019e 100644 --- a/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c +++ b/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c @@ -18,6 +18,8 @@ #include #include +#include + #include #include @@ -224,5 +226,17 @@ PlatformPeim ( BuildFvHob (PcdGet64 (PcdFvBaseAddress), PcdGet32 (PcdFvSize)); + #ifdef MDE_CPU_AARCH64 + // + // Set the SMCCC conduit to SMC if executing at EL2, which is typically the + // exception level that services HVCs rather than the one that invokes them. + // + if (ArmReadCurrentEL () == AARCH64_EL2) { + Status = PcdSetBoolS (PcdMonitorConduitHvc, FALSE); + ASSERT_EFI_ERROR (Status); + } + + #endif + return EFI_SUCCESS; } diff --git a/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf b/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf index e9a34b6e2ec9..a38b89c1031d 100644 --- a/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf +++ b/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf @@ -45,6 +45,7 @@ [Pcd] gArmTokenSpaceGuid.PcdFvBaseAddress + gArmTokenSpaceGuid.PcdMonitorConduitHvc gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## SOMETIMES_PRODUCES gUefiOvmfPkgTokenSpaceGuid.PcdDeviceTreeInitialBaseAddress diff --git a/ArmVirtPkg/PlatformCI/PlatformBuildLib.py b/ArmVirtPkg/PlatformCI/PlatformBuildLib.py index 0ddaccf9c21f..3abab0914127 100644 --- a/ArmVirtPkg/PlatformCI/PlatformBuildLib.py +++ b/ArmVirtPkg/PlatformCI/PlatformBuildLib.py @@ -240,6 +240,8 @@ def FlashRomImage(self): args += " -serial stdio" # Mount disk with startup.nsh args += f" -drive file=fat:rw:{VirtualDrive},format=raw,media=disk" + # Provides Rng services to the Guest VM + args += " -device virtio-rng-pci" # Conditional Args if (self.env.GetValue("QEMU_HEADLESS").upper() == "TRUE"): diff --git a/EmulatorPkg/EmulatorPkg.dsc b/EmulatorPkg/EmulatorPkg.dsc index 5fa1ed345a33..1c356bc8c732 100644 --- a/EmulatorPkg/EmulatorPkg.dsc +++ b/EmulatorPkg/EmulatorPkg.dsc @@ -127,11 +127,12 @@ ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf ImagePropertiesRecordLib|MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.inf - -!if $(SECURE_BOOT_ENABLE) == TRUE RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + +!if $(SECURE_BOOT_ENABLE) == TRUE PlatformSecureLib|SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf @@ -398,6 +399,15 @@ EmulatorPkg/PlatformSmbiosDxe/PlatformSmbiosDxe.inf EmulatorPkg/TimerDxe/Timer.inf + # + # Rng Protocol producer + # + SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + !if $(SECURE_BOOT_ENABLE) == TRUE SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf !endif diff --git a/EmulatorPkg/EmulatorPkg.fdf b/EmulatorPkg/EmulatorPkg.fdf index 5420756eaa6f..73d5b0068d3f 100644 --- a/EmulatorPkg/EmulatorPkg.fdf +++ b/EmulatorPkg/EmulatorPkg.fdf @@ -193,6 +193,16 @@ INF RuleOverride = UI MdeModulePkg/Application/UiApp/UiApp.inf INF MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuApp.inf INF MdeModulePkg/Universal/DriverSampleDxe/DriverSampleDxe.inf +# +# Rng Protocol producer +# +INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf + +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Secure Boot Key Enroll # @@ -320,4 +330,3 @@ INF ShellPkg/Application/Shell/Shell.inf UI STRING="$(MODULE_NAME)" Optional VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER) } - diff --git a/MdePkg/Library/BaseRngLib/AArch64/Rndr.c b/MdePkg/Library/BaseRngLib/AArch64/Rndr.c index d39db62153ee..3a556a2e3f53 100644 --- a/MdePkg/Library/BaseRngLib/AArch64/Rndr.c +++ b/MdePkg/Library/BaseRngLib/AArch64/Rndr.c @@ -50,7 +50,6 @@ BaseRngLibConstructor ( // MSR. A non-zero value indicates that the processor supports the RNDR instruction. // Isar0 = ArmReadIdIsar0 (); - ASSERT ((Isar0 & RNDR_MASK) != 0); mRndrSupported = ((Isar0 & RNDR_MASK) != 0); diff --git a/MdePkg/Test/MdePkgHostTest.dsc b/MdePkg/Test/MdePkgHostTest.dsc index e666636b7c55..6a85d02236a0 100644 --- a/MdePkg/Test/MdePkgHostTest.dsc +++ b/MdePkg/Test/MdePkgHostTest.dsc @@ -43,6 +43,7 @@ MdePkg/Library/BaseLib/UnitTestHostBaseLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockUefiLib/MockUefiLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockUefiRuntimeServicesTableLib/MockUefiRuntimeServicesTableLib.inf + MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockPeiServicesLib/MockPeiServicesLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockHobLib/MockHobLib.inf MdePkg/Test/Mock/Library/GoogleTest/MockFdtLib/MockFdtLib.inf diff --git a/MdePkg/Test/Mock/Include/GoogleTest/Library/MockUefiBootServicesTableLib.h b/MdePkg/Test/Mock/Include/GoogleTest/Library/MockUefiBootServicesTableLib.h new file mode 100644 index 000000000000..d72b941323c1 --- /dev/null +++ b/MdePkg/Test/Mock/Include/GoogleTest/Library/MockUefiBootServicesTableLib.h @@ -0,0 +1,78 @@ +/** @file + Google Test mocks for UefiBootServicesTableLib + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef MOCK_UEFI_BOOT_SERVICES_TABLE_LIB_H_ +#define MOCK_UEFI_BOOT_SERVICES_TABLE_LIB_H_ + +#include +#include +extern "C" { + #include + #include +} + +// +// Declarations to handle usage of the UefiBootServiceTableLib by creating mock +// +struct MockUefiBootServicesTableLib { + MOCK_INTERFACE_DECLARATION (MockUefiBootServicesTableLib); + + MOCK_FUNCTION_DECLARATION ( + EFI_STATUS, + gBS_GetMemoryMap, + (IN OUT UINTN *MemoryMapSize, + OUT EFI_MEMORY_DESCRIPTOR *MemoryMap, + OUT UINTN *MapKey, + OUT UINTN *DescriptorSize, + OUT UINT32 *DescriptorVersion) + ); + + MOCK_FUNCTION_DECLARATION ( + EFI_STATUS, + gBS_CreateEvent, + (IN UINT32 Type, + IN EFI_TPL NotifyTpl, + IN EFI_EVENT_NOTIFY NotifyFunction, + IN VOID *NotifyContext, + OUT EFI_EVENT *Event) + ); + + MOCK_FUNCTION_DECLARATION ( + EFI_STATUS, + gBS_CloseEvent, + (IN EFI_EVENT Event) + ); + + MOCK_FUNCTION_DECLARATION ( + EFI_STATUS, + gBS_HandleProtocol, + (IN EFI_HANDLE Handle, + IN EFI_GUID *Protocol, + OUT VOID **Interface) + ); + + MOCK_FUNCTION_DECLARATION ( + EFI_STATUS, + gBS_LocateProtocol, + (IN EFI_GUID *Protocol, + IN VOID *Registration OPTIONAL, + OUT VOID **Interface) + ); + + MOCK_FUNCTION_DECLARATION ( + EFI_STATUS, + gBS_CreateEventEx, + (IN UINT32 Type, + IN EFI_TPL NotifyTpl, + IN EFI_EVENT_NOTIFY NotifyFunction OPTIONAL, + IN CONST VOID *NotifyContext OPTIONAL, + IN CONST EFI_GUID *EventGroup OPTIONAL, + OUT EFI_EVENT *Event) + ); +}; + +#endif // MOCK_UEFI_BOOT_SERVICES_TABLE_LIB_H_ diff --git a/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockHash2.h b/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockHash2.h new file mode 100644 index 000000000000..b44d341332dc --- /dev/null +++ b/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockHash2.h @@ -0,0 +1,67 @@ +/** @file + This file declares a mock of Hash2 Protocol. + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef MOCK_HASH2_H_ +#define MOCK_HASH2_H_ + +#include +#include + +extern "C" { + #include + #include +} + +struct MockHash2 { + MOCK_INTERFACE_DECLARATION (MockHash2); + + MOCK_FUNCTION_DECLARATION ( + EFI_STATUS, + GetHashSize, + (IN CONST EFI_HASH2_PROTOCOL *This, + IN CONST EFI_GUID *HashAlgorithm, + OUT UINTN *HashSize) + ); + + MOCK_FUNCTION_DECLARATION ( + EFI_STATUS, + Hash, + (IN CONST EFI_HASH2_PROTOCOL *This, + IN CONST EFI_GUID *HashAlgorithm, + IN CONST UINT8 *Message, + IN UINTN MessageSize, + IN OUT EFI_HASH2_OUTPUT *Hash) + ); + + MOCK_FUNCTION_DECLARATION ( + EFI_STATUS, + HashInit, + (IN CONST EFI_HASH2_PROTOCOL *This, + IN CONST EFI_GUID *HashAlgorithm) + ); + + MOCK_FUNCTION_DECLARATION ( + EFI_STATUS, + HashUpdate, + (IN CONST EFI_HASH2_PROTOCOL *This, + IN CONST UINT8 *Message, + IN UINTN MessageSize) + ); + + MOCK_FUNCTION_DECLARATION ( + EFI_STATUS, + HashFinal, + (IN CONST EFI_HASH2_PROTOCOL *This, + IN OUT EFI_HASH2_OUTPUT *Hash) + ); +}; + +extern "C" { + extern EFI_HASH2_PROTOCOL *gHash2Protocol; +} + +#endif // MOCK_HASH2_H_ diff --git a/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockRng.h b/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockRng.h new file mode 100644 index 000000000000..b54f8a234b2f --- /dev/null +++ b/MdePkg/Test/Mock/Include/GoogleTest/Protocol/MockRng.h @@ -0,0 +1,48 @@ +/** @file + This file declares a mock of Rng Protocol. + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef MOCK_RNG_H_ +#define MOCK_RNG_H_ + +#include +#include + +extern "C" { + #include + #include +} + +struct MockRng { + MOCK_INTERFACE_DECLARATION (MockRng); + + MOCK_FUNCTION_DECLARATION ( + EFI_STATUS, + GetInfo, + ( + IN EFI_RNG_PROTOCOL *This, + IN OUT UINTN *RNGAlgorithmListSize, + OUT EFI_RNG_ALGORITHM *RNGAlgorithmList + ) + ); + + MOCK_FUNCTION_DECLARATION ( + EFI_STATUS, + GetRng, + ( + IN EFI_RNG_PROTOCOL *This, + IN EFI_RNG_ALGORITHM *RNGAlgorithm, + IN UINTN RNGValueLength, + OUT UINT8 *RNGValue + ) + ); +}; + +extern "C" { + extern EFI_RNG_PROTOCOL *gRngProtocol; +} + +#endif // MOCK_RNG_H_ diff --git a/MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.cpp b/MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.cpp new file mode 100644 index 000000000000..ced6255418a2 --- /dev/null +++ b/MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.cpp @@ -0,0 +1,69 @@ +/** @file + Google Test mocks for UefiBootServicesTableLib + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ +#include + +MOCK_INTERFACE_DEFINITION (MockUefiBootServicesTableLib); +MOCK_FUNCTION_DEFINITION (MockUefiBootServicesTableLib, gBS_GetMemoryMap, 5, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockUefiBootServicesTableLib, gBS_CreateEvent, 5, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockUefiBootServicesTableLib, gBS_CloseEvent, 1, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockUefiBootServicesTableLib, gBS_HandleProtocol, 3, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockUefiBootServicesTableLib, gBS_LocateProtocol, 3, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockUefiBootServicesTableLib, gBS_CreateEventEx, 6, EFIAPI); + +static EFI_BOOT_SERVICES LocalBs = { + { 0, 0, 0, 0, 0 }, // EFI_TABLE_HEADER + NULL, // EFI_RAISE_TPL + NULL, // EFI_RESTORE_TPL + NULL, // EFI_ALLOCATE_PAGES + NULL, // EFI_FREE_PAGES + gBS_GetMemoryMap, // EFI_GET_MEMORY_MAP + NULL, // EFI_ALLOCATE_POOL + NULL, // EFI_FREE_POOL + gBS_CreateEvent, // EFI_CREATE_EVENT + NULL, // EFI_SET_TIMER + NULL, // EFI_WAIT_FOR_EVENT + NULL, // EFI_SIGNAL_EVENT + gBS_CloseEvent, // EFI_CLOSE_EVENT + NULL, // EFI_CHECK_EVENT + NULL, // EFI_INSTALL_PROTOCOL_INTERFACE + NULL, // EFI_REINSTALL_PROTOCOL_INTERFACE + NULL, // EFI_UNINSTALL_PROTOCOL_INTERFACE + gBS_HandleProtocol, // EFI_HANDLE_PROTOCOL + NULL, // VOID + NULL, // EFI_REGISTER_PROTOCOL_NOTIFY + NULL, // EFI_LOCATE_HANDLE + NULL, // EFI_LOCATE_DEVICE_PATH + NULL, // EFI_INSTALL_CONFIGURATION_TABLE + NULL, // EFI_IMAGE_LOAD + NULL, // EFI_IMAGE_START + NULL, // EFI_EXIT + NULL, // EFI_IMAGE_UNLOAD + NULL, // EFI_EXIT_BOOT_SERVICES + NULL, // EFI_GET_NEXT_MONOTONIC_COUNT + NULL, // EFI_STALL + NULL, // EFI_SET_WATCHDOG_TIMER + NULL, // EFI_CONNECT_CONTROLLER + NULL, // EFI_DISCONNECT_CONTROLLER + NULL, // EFI_OPEN_PROTOCOL + NULL, // EFI_CLOSE_PROTOCOL + NULL, // EFI_OPEN_PROTOCOL_INFORMATION + NULL, // EFI_PROTOCOLS_PER_HANDLE + NULL, // EFI_LOCATE_HANDLE_BUFFER + gBS_LocateProtocol, // EFI_LOCATE_PROTOCOL + NULL, // EFI_INSTALL_MULTIPLE_PROTOCOL_INTERFACES + NULL, // EFI_UNINSTALL_MULTIPLE_PROTOCOL_INTERFACES + NULL, // EFI_CALCULATE_CRC32 + NULL, // EFI_COPY_MEM + NULL, // EFI_SET_MEM + gBS_CreateEventEx // EFI_CREATE_EVENT_EX +}; + +extern "C" { + EFI_BOOT_SERVICES *gBS = &LocalBs; + EFI_HANDLE gImageHandle = NULL; + EFI_SYSTEM_TABLE *gST = NULL; +} diff --git a/MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf b/MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf new file mode 100644 index 000000000000..8b64fd195acd --- /dev/null +++ b/MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf @@ -0,0 +1,32 @@ +## @file +# Mock implementation of the UEFI Boot Services Table Library. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = MockUefiBootServicesTableLib + FILE_GUID = 67EA4614-E276-49EC-9AE6-B97ACCEA676E + MODULE_TYPE = HOST_APPLICATION + VERSION_STRING = 1.0 + LIBRARY_CLASS = UefiBootServicesTableLib|HOST_APPLICATION + +# +# VALID_ARCHITECTURES = IA32 X64 EBC +# + +[Sources] + MockUefiBootServicesTableLib.cpp + +[LibraryClasses] + GoogleTestLib + +[Packages] + MdePkg/MdePkg.dec + UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec + +[BuildOptions] + MSFT:*_*_*_CC_FLAGS = /EHsc diff --git a/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockHash2.cpp b/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockHash2.cpp new file mode 100644 index 000000000000..5cf94c43b4a5 --- /dev/null +++ b/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockHash2.cpp @@ -0,0 +1,27 @@ +/** @file MockHash2.cpp + Google Test mock for Hash2 Protocol + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +MOCK_INTERFACE_DEFINITION (MockHash2); +MOCK_FUNCTION_DEFINITION (MockHash2, GetHashSize, 3, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockHash2, Hash, 5, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockHash2, HashInit, 2, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockHash2, HashUpdate, 3, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockHash2, HashFinal, 2, EFIAPI); + +EFI_HASH2_PROTOCOL HASH2_PROTOCOL_INSTANCE = { + GetHashSize, // EFI_HASH2_GET_HASH_SIZE + Hash, // EFI_HASH2_HASH + HashInit, // EFI_HASH2_HASH_INIT + HashUpdate, // EFI_HASH2_HASH_UPDATE + HashFinal // EFI_HASH2_HASH_FINAL +}; + +extern "C" { + EFI_HASH2_PROTOCOL *gHash2Protocol = &HASH2_PROTOCOL_INSTANCE; +} diff --git a/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockRng.cpp b/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockRng.cpp new file mode 100644 index 000000000000..7d8b69cc8673 --- /dev/null +++ b/MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockRng.cpp @@ -0,0 +1,21 @@ +/** @file MockRng.cpp + Google Test mock for Rng Protocol + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +MOCK_INTERFACE_DEFINITION (MockRng); +MOCK_FUNCTION_DEFINITION (MockRng, GetInfo, 3, EFIAPI); +MOCK_FUNCTION_DEFINITION (MockRng, GetRng, 4, EFIAPI); + +EFI_RNG_PROTOCOL RNG_PROTOCOL_INSTANCE = { + GetInfo, // EFI_RNG_GET_INFO + GetRng // EFI_RNG_GET_RNG +}; + +extern "C" { + EFI_RNG_PROTOCOL *gRngProtocol = &RNG_PROTOCOL_INSTANCE; +} diff --git a/NetworkPkg/Dhcp4Dxe/Dhcp4Driver.c b/NetworkPkg/Dhcp4Dxe/Dhcp4Driver.c index 8c37e93be3a8..892caee36846 100644 --- a/NetworkPkg/Dhcp4Dxe/Dhcp4Driver.c +++ b/NetworkPkg/Dhcp4Dxe/Dhcp4Driver.c @@ -1,6 +1,7 @@ /** @file Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -189,6 +190,13 @@ Dhcp4CreateService ( { DHCP_SERVICE *DhcpSb; EFI_STATUS Status; + UINT32 Random; + + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } *Service = NULL; DhcpSb = AllocateZeroPool (sizeof (DHCP_SERVICE)); @@ -203,7 +211,7 @@ Dhcp4CreateService ( DhcpSb->Image = ImageHandle; InitializeListHead (&DhcpSb->Children); DhcpSb->DhcpState = Dhcp4Stopped; - DhcpSb->Xid = NET_RANDOM (NetRandomInitSeed ()); + DhcpSb->Xid = Random; CopyMem ( &DhcpSb->ServiceBinding, &mDhcp4ServiceBindingTemplate, diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c index b591a4605bc9..e7f2787a98ba 100644 --- a/NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c +++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c @@ -3,7 +3,7 @@ implementation for Dhcp6 Driver. Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
- + Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -123,6 +123,13 @@ Dhcp6CreateService ( { DHCP6_SERVICE *Dhcp6Srv; EFI_STATUS Status; + UINT32 Random; + + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } *Service = NULL; Dhcp6Srv = AllocateZeroPool (sizeof (DHCP6_SERVICE)); @@ -147,7 +154,7 @@ Dhcp6CreateService ( Dhcp6Srv->Signature = DHCP6_SERVICE_SIGNATURE; Dhcp6Srv->Controller = Controller; Dhcp6Srv->Image = ImageHandle; - Dhcp6Srv->Xid = (0xffffff & NET_RANDOM (NetRandomInitSeed ())); + Dhcp6Srv->Xid = (0xffffff & Random); CopyMem ( &Dhcp6Srv->ServiceBinding, diff --git a/NetworkPkg/DnsDxe/DnsDhcp.c b/NetworkPkg/DnsDxe/DnsDhcp.c index 933565a32df1..9eb3c1d2d81d 100644 --- a/NetworkPkg/DnsDxe/DnsDhcp.c +++ b/NetworkPkg/DnsDxe/DnsDhcp.c @@ -2,6 +2,7 @@ Functions implementation related with DHCPv4/v6 for DNS driver. Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -277,6 +278,7 @@ GetDns4ServerFromDhcp4 ( EFI_DHCP4_TRANSMIT_RECEIVE_TOKEN Token; BOOLEAN IsDone; UINTN Index; + UINT32 Random; Image = Instance->Service->ImageHandle; Controller = Instance->Service->ControllerHandle; @@ -292,6 +294,12 @@ GetDns4ServerFromDhcp4 ( Data = NULL; InterfaceInfo = NULL; + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } + ZeroMem ((UINT8 *)ParaList, sizeof (ParaList)); ZeroMem (&MnpConfigData, sizeof (EFI_MANAGED_NETWORK_CONFIG_DATA)); @@ -467,7 +475,7 @@ GetDns4ServerFromDhcp4 ( Status = Dhcp4->Build (Dhcp4, &SeedPacket, 0, NULL, 2, ParaList, &Token.Packet); - Token.Packet->Dhcp4.Header.Xid = HTONL (NET_RANDOM (NetRandomInitSeed ())); + Token.Packet->Dhcp4.Header.Xid = Random; Token.Packet->Dhcp4.Header.Reserved = HTONS ((UINT16)0x8000); diff --git a/NetworkPkg/DnsDxe/DnsImpl.c b/NetworkPkg/DnsDxe/DnsImpl.c index d311812800fd..c2629bb8df1f 100644 --- a/NetworkPkg/DnsDxe/DnsImpl.c +++ b/NetworkPkg/DnsDxe/DnsImpl.c @@ -2,6 +2,7 @@ DnsDxe support functions implementation. Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -1963,6 +1964,14 @@ ConstructDNSQuery ( NET_FRAGMENT Frag; DNS_HEADER *DnsHeader; DNS_QUERY_SECTION *DnsQuery; + EFI_STATUS Status; + UINT32 Random; + + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } // // Messages carried by UDP are restricted to 512 bytes (not counting the IP @@ -1977,7 +1986,7 @@ ConstructDNSQuery ( // Fill header // DnsHeader = (DNS_HEADER *)Frag.Bulk; - DnsHeader->Identification = (UINT16)NET_RANDOM (NetRandomInitSeed ()); + DnsHeader->Identification = (UINT16)Random; DnsHeader->Flags.Uint16 = 0x0000; DnsHeader->Flags.Bits.RD = 1; DnsHeader->Flags.Bits.OpCode = DNS_FLAGS_OPCODE_STANDARD; diff --git a/NetworkPkg/HttpBootDxe/HttpBootDhcp6.c b/NetworkPkg/HttpBootDxe/HttpBootDhcp6.c index b22cef4ff587..f964515b0fa6 100644 --- a/NetworkPkg/HttpBootDxe/HttpBootDhcp6.c +++ b/NetworkPkg/HttpBootDxe/HttpBootDhcp6.c @@ -2,6 +2,7 @@ Functions implementation related with DHCPv6 for HTTP boot driver. Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -951,6 +952,7 @@ HttpBootDhcp6Sarr ( UINT32 OptCount; UINT8 Buffer[HTTP_BOOT_DHCP6_OPTION_MAX_SIZE]; EFI_STATUS Status; + UINT32 Random; Dhcp6 = Private->Dhcp6; ASSERT (Dhcp6 != NULL); @@ -961,6 +963,12 @@ HttpBootDhcp6Sarr ( OptCount = HttpBootBuildDhcp6Options (Private, OptList, Buffer); ASSERT (OptCount > 0); + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } + Retransmit = AllocateZeroPool (sizeof (EFI_DHCP6_RETRANSMISSION)); if (Retransmit == NULL) { return EFI_OUT_OF_RESOURCES; @@ -976,7 +984,7 @@ HttpBootDhcp6Sarr ( Config.IaInfoEvent = NULL; Config.RapidCommit = FALSE; Config.ReconfigureAccept = FALSE; - Config.IaDescriptor.IaId = NET_RANDOM (NetRandomInitSeed ()); + Config.IaDescriptor.IaId = Random; Config.IaDescriptor.Type = EFI_DHCP6_IA_TYPE_NA; Config.SolicitRetransmission = Retransmit; Retransmit->Irt = 4; diff --git a/NetworkPkg/IScsiDxe/IScsiCHAP.c b/NetworkPkg/IScsiDxe/IScsiCHAP.c index b507f11cd45e..bebb1ac29b9c 100644 --- a/NetworkPkg/IScsiDxe/IScsiCHAP.c +++ b/NetworkPkg/IScsiDxe/IScsiCHAP.c @@ -3,6 +3,7 @@ Configuration. Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -576,16 +577,24 @@ IScsiCHAPToSendReq ( // // CHAP_I= // - IScsiGenRandom ((UINT8 *)&AuthData->OutIdentifier, 1); + Status = IScsiGenRandom ((UINT8 *)&AuthData->OutIdentifier, 1); + if (EFI_ERROR (Status)) { + break; + } + AsciiSPrint (ValueStr, sizeof (ValueStr), "%d", AuthData->OutIdentifier); IScsiAddKeyValuePair (Pdu, ISCSI_KEY_CHAP_IDENTIFIER, ValueStr); // // CHAP_C= // - IScsiGenRandom ( - (UINT8 *)AuthData->OutChallenge, - AuthData->Hash->DigestSize - ); + Status = IScsiGenRandom ( + (UINT8 *)AuthData->OutChallenge, + AuthData->Hash->DigestSize + ); + if (EFI_ERROR (Status)) { + break; + } + BinToHexStatus = IScsiBinToHex ( (UINT8 *)AuthData->OutChallenge, AuthData->Hash->DigestSize, diff --git a/NetworkPkg/IScsiDxe/IScsiMisc.c b/NetworkPkg/IScsiDxe/IScsiMisc.c index 78dc5c73d35a..2159b8494963 100644 --- a/NetworkPkg/IScsiDxe/IScsiMisc.c +++ b/NetworkPkg/IScsiDxe/IScsiMisc.c @@ -2,6 +2,7 @@ Miscellaneous routines for iSCSI driver. Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -474,20 +475,17 @@ IScsiNetNtoi ( @param[in, out] Rand The buffer to contain random numbers. @param[in] RandLength The length of the Rand buffer. + @retval EFI_SUCCESS on success + @retval others on error + **/ -VOID +EFI_STATUS IScsiGenRandom ( IN OUT UINT8 *Rand, IN UINTN RandLength ) { - UINT32 Random; - - while (RandLength > 0) { - Random = NET_RANDOM (NetRandomInitSeed ()); - *Rand++ = (UINT8)(Random); - RandLength--; - } + return PseudoRandom (Rand, RandLength); } /** diff --git a/NetworkPkg/IScsiDxe/IScsiMisc.h b/NetworkPkg/IScsiDxe/IScsiMisc.h index a951eee70ec9..91b2cd22613d 100644 --- a/NetworkPkg/IScsiDxe/IScsiMisc.h +++ b/NetworkPkg/IScsiDxe/IScsiMisc.h @@ -2,6 +2,7 @@ Miscellaneous definitions for iSCSI driver. Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -202,8 +203,11 @@ IScsiNetNtoi ( @param[in, out] Rand The buffer to contain random numbers. @param[in] RandLength The length of the Rand buffer. + @retval EFI_SUCCESS on success + @retval others on error + **/ -VOID +EFI_STATUS IScsiGenRandom ( IN OUT UINT8 *Rand, IN UINTN RandLength diff --git a/NetworkPkg/Include/Library/NetLib.h b/NetworkPkg/Include/Library/NetLib.h index 8c0e62b3889c..e8108b79db8f 100644 --- a/NetworkPkg/Include/Library/NetLib.h +++ b/NetworkPkg/Include/Library/NetLib.h @@ -3,6 +3,7 @@ It provides basic functions for the UEFI network stack. Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -539,8 +540,6 @@ extern EFI_IPv4_ADDRESS mZeroIp4Addr; #define TICKS_PER_MS 10000U #define TICKS_PER_SECOND 10000000U -#define NET_RANDOM(Seed) ((UINT32) ((UINT32) (Seed) * 1103515245UL + 12345) % 4294967295UL) - /** Extract a UINT32 from a byte stream. @@ -580,19 +579,40 @@ NetPutUint32 ( ); /** - Initialize a random seed using current time and monotonic count. + Generate a Random output data given a length. - Get current time and monotonic count first. Then initialize a random seed - based on some basic mathematics operation on the hour, day, minute, second, - nanosecond and year of the current time and the monotonic count value. + @param[out] Output - The buffer to store the generated random data. + @param[in] OutputLength - The length of the output buffer. - @return The random seed initialized with current time. + @retval EFI_SUCCESS On Success + @retval EFI_INVALID_PARAMETER Pointer is null or size is zero + @retval EFI_NOT_FOUND RNG protocol not found + @retval Others Error from RngProtocol->GetRNG() + @return Status code **/ -UINT32 +EFI_STATUS EFIAPI -NetRandomInitSeed ( - VOID +PseudoRandom ( + OUT VOID *Output, + IN UINTN OutputLength + ); + +/** + Generate a 32-bit pseudo-random number. + + @param[out] Output - The buffer to store the generated random number. + + @retval EFI_SUCCESS On Success + @retval EFI_NOT_FOUND RNG protocol not found + @retval Others Error from RngProtocol->GetRNG() + + @return Status code +**/ +EFI_STATUS +EFIAPI +PseudoRandomU32 ( + OUT UINT32 *Output ); #define NET_LIST_USER_STRUCT(Entry, Type, Field) \ diff --git a/NetworkPkg/Ip4Dxe/Ip4Driver.c b/NetworkPkg/Ip4Dxe/Ip4Driver.c index ec483ff01fa9..683423f38dc7 100644 --- a/NetworkPkg/Ip4Dxe/Ip4Driver.c +++ b/NetworkPkg/Ip4Dxe/Ip4Driver.c @@ -2,6 +2,7 @@ The driver binding and service binding protocol for IP4 driver. Copyright (c) 2005 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation (C) Copyright 2015 Hewlett-Packard Development Company, L.P.
SPDX-License-Identifier: BSD-2-Clause-Patent @@ -549,11 +550,18 @@ Ip4DriverBindingStart ( EFI_IP4_CONFIG2_PROTOCOL *Ip4Cfg2; UINTN Index; IP4_CONFIG2_DATA_ITEM *DataItem; + UINT32 Random; IpSb = NULL; Ip4Cfg2 = NULL; DataItem = NULL; + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } + // // Test for the Ip4 service binding protocol // @@ -653,7 +661,7 @@ Ip4DriverBindingStart ( // // Initialize the IP4 ID // - mIp4Id = (UINT16)NET_RANDOM (NetRandomInitSeed ()); + mIp4Id = (UINT16)Random; return Status; diff --git a/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c b/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c index 70e232ce6c4d..4c1354d26cc1 100644 --- a/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c +++ b/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c @@ -2276,6 +2276,13 @@ Ip6ConfigInitInstance ( UINTN Index; UINT16 IfIndex; IP6_CONFIG_DATA_ITEM *DataItem; + UINT32 Random; + + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } IpSb = IP6_SERVICE_FROM_IP6_CONFIG_INSTANCE (Instance); @@ -2381,7 +2388,7 @@ Ip6ConfigInitInstance ( // The NV variable is not set, so generate a random IAID, and write down the // fresh new configuration as the NV variable now. // - Instance->IaId = NET_RANDOM (NetRandomInitSeed ()); + Instance->IaId = Random; for (Index = 0; Index < IpSb->SnpMode.HwAddressSize; Index++) { Instance->IaId |= (IpSb->SnpMode.CurrentAddress.Addr[Index] << ((Index << 3) & 31)); diff --git a/NetworkPkg/Ip6Dxe/Ip6Driver.c b/NetworkPkg/Ip6Dxe/Ip6Driver.c index b483a7d136d9..cbe011dad472 100644 --- a/NetworkPkg/Ip6Dxe/Ip6Driver.c +++ b/NetworkPkg/Ip6Dxe/Ip6Driver.c @@ -3,7 +3,7 @@ Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.
(C) Copyright 2015 Hewlett-Packard Development Company, L.P.
- + Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -316,7 +316,11 @@ Ip6CreateService ( IpSb->CurHopLimit = IP6_HOP_LIMIT; IpSb->LinkMTU = IP6_MIN_LINK_MTU; IpSb->BaseReachableTime = IP6_REACHABLE_TIME; - Ip6UpdateReachableTime (IpSb); + Status = Ip6UpdateReachableTime (IpSb); + if (EFI_ERROR (Status)) { + goto ON_ERROR; + } + // // RFC4861 RETRANS_TIMER: 1,000 milliseconds // @@ -516,11 +520,18 @@ Ip6DriverBindingStart ( EFI_STATUS Status; EFI_IP6_CONFIG_PROTOCOL *Ip6Cfg; IP6_CONFIG_DATA_ITEM *DataItem; + UINT32 Random; IpSb = NULL; Ip6Cfg = NULL; DataItem = NULL; + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } + // // Test for the Ip6 service binding protocol // @@ -656,7 +667,7 @@ Ip6DriverBindingStart ( // // Initialize the IP6 ID // - mIp6Id = NET_RANDOM (NetRandomInitSeed ()); + mIp6Id = Random; return EFI_SUCCESS; diff --git a/NetworkPkg/Ip6Dxe/Ip6If.c b/NetworkPkg/Ip6Dxe/Ip6If.c index 4629c05f25a0..f3d11c4d2155 100644 --- a/NetworkPkg/Ip6Dxe/Ip6If.c +++ b/NetworkPkg/Ip6Dxe/Ip6If.c @@ -2,7 +2,7 @@ Implement IP6 pseudo interface. Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
- + Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -89,6 +89,14 @@ Ip6SetAddress ( IP6_PREFIX_LIST_ENTRY *PrefixEntry; UINT64 Delay; IP6_DELAY_JOIN_LIST *DelayNode; + EFI_STATUS Status; + UINT32 Random; + + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } NET_CHECK_SIGNATURE (Interface, IP6_INTERFACE_SIGNATURE); @@ -164,7 +172,7 @@ Ip6SetAddress ( // Thus queue the address to be processed in Duplicate Address Detection module // after the delay time (in milliseconds). // - Delay = (UINT64)NET_RANDOM (NetRandomInitSeed ()); + Delay = (UINT64)Random; Delay = MultU64x32 (Delay, IP6_ONE_SECOND_IN_MS); Delay = RShiftU64 (Delay, 32); diff --git a/NetworkPkg/Ip6Dxe/Ip6Mld.c b/NetworkPkg/Ip6Dxe/Ip6Mld.c index e6b2b653e295..498a11854305 100644 --- a/NetworkPkg/Ip6Dxe/Ip6Mld.c +++ b/NetworkPkg/Ip6Dxe/Ip6Mld.c @@ -696,7 +696,15 @@ Ip6UpdateDelayTimer ( IN OUT IP6_MLD_GROUP *Group ) { - UINT32 Delay; + UINT32 Delay; + EFI_STATUS Status; + UINT32 Random; + + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } // // If the Query packet specifies a Maximum Response Delay of zero, perform timer @@ -715,7 +723,7 @@ Ip6UpdateDelayTimer ( // is less than the remaining value of the running timer. // if ((Group->DelayTimer == 0) || (Delay < Group->DelayTimer)) { - Group->DelayTimer = Delay / 4294967295UL * NET_RANDOM (NetRandomInitSeed ()); + Group->DelayTimer = Delay / 4294967295UL * Random; } return EFI_SUCCESS; diff --git a/NetworkPkg/Ip6Dxe/Ip6Nd.c b/NetworkPkg/Ip6Dxe/Ip6Nd.c index c10c7017f88d..72aa45c10f3f 100644 --- a/NetworkPkg/Ip6Dxe/Ip6Nd.c +++ b/NetworkPkg/Ip6Dxe/Ip6Nd.c @@ -2,7 +2,7 @@ Implementation of Neighbor Discovery support routines. Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
- + Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -16,17 +16,28 @@ EFI_MAC_ADDRESS mZeroMacAddress; @param[in, out] IpSb Points to the IP6_SERVICE. + @retval EFI_SUCCESS ReachableTime Updated + @retval others Failed to update ReachableTime **/ -VOID +EFI_STATUS Ip6UpdateReachableTime ( IN OUT IP6_SERVICE *IpSb ) { - UINT32 Random; + UINT32 Random; + EFI_STATUS Status; - Random = (NetRandomInitSeed () / 4294967295UL) * IP6_RANDOM_FACTOR_SCALE; + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } + + Random = (Random / 4294967295UL) * IP6_RANDOM_FACTOR_SCALE; Random = Random + IP6_MIN_RANDOM_FACTOR_SCALED; IpSb->ReachableTime = (IpSb->BaseReachableTime * Random) / IP6_RANDOM_FACTOR_SCALE; + + return EFI_SUCCESS; } /** @@ -972,10 +983,17 @@ Ip6InitDADProcess ( IP6_SERVICE *IpSb; EFI_STATUS Status; UINT32 MaxDelayTick; + UINT32 Random; NET_CHECK_SIGNATURE (IpIf, IP6_INTERFACE_SIGNATURE); ASSERT (AddressInfo != NULL); + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } + // // Do nothing if we have already started DAD on the address. // @@ -1014,7 +1032,7 @@ Ip6InitDADProcess ( Entry->Transmit = 0; Entry->Receive = 0; MaxDelayTick = IP6_MAX_RTR_SOLICITATION_DELAY / IP6_TIMER_INTERVAL_IN_MS; - Entry->RetransTick = (MaxDelayTick * ((NET_RANDOM (NetRandomInitSeed ()) % 5) + 1)) / 5; + Entry->RetransTick = (MaxDelayTick * ((Random % 5) + 1)) / 5; Entry->AddressInfo = AddressInfo; Entry->Callback = Callback; Entry->Context = Context; @@ -2078,7 +2096,10 @@ Ip6ProcessRouterAdvertise ( // in BaseReachableTime and recompute a ReachableTime. // IpSb->BaseReachableTime = ReachableTime; - Ip6UpdateReachableTime (IpSb); + Status = Ip6UpdateReachableTime (IpSb); + if (EFI_ERROR (Status)) { + goto Exit; + } } if (RetransTimer != 0) { diff --git a/NetworkPkg/Ip6Dxe/Ip6Nd.h b/NetworkPkg/Ip6Dxe/Ip6Nd.h index bf64e9114e13..5795e23c7d71 100644 --- a/NetworkPkg/Ip6Dxe/Ip6Nd.h +++ b/NetworkPkg/Ip6Dxe/Ip6Nd.h @@ -2,7 +2,7 @@ Definition of Neighbor Discovery support routines. Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
- + Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -780,10 +780,10 @@ Ip6OnArpResolved ( /** Update the ReachableTime in IP6 service binding instance data, in milliseconds. - @param[in, out] IpSb Points to the IP6_SERVICE. - + @retval EFI_SUCCESS ReachableTime Updated + @retval others Failed to update ReachableTime **/ -VOID +EFI_STATUS Ip6UpdateReachableTime ( IN OUT IP6_SERVICE *IpSb ); diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c index fd4a9e15a892..01c13c08d203 100644 --- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c +++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c @@ -3,6 +3,7 @@ Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.
(C) Copyright 2015 Hewlett Packard Enterprise Development LP
+Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -31,6 +32,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include #define NIC_ITEM_CONFIG_SIZE (sizeof (NIC_IP4_CONFIG_INFO) + sizeof (EFI_IP4_ROUTE_TABLE) * MAX_IP4_CONFIG_IN_VARIABLE) #define DEFAULT_ZERO_START ((UINTN) ~0) @@ -127,6 +129,25 @@ GLOBAL_REMOVE_IF_UNREFERENCED VLAN_DEVICE_PATH mNetVlanDevicePathTemplate = { 0 }; +// +// These represent UEFI SPEC defined algorithms that should be supported by +// the RNG protocol and are generally considered secure. +// +// The order of the algorithms in this array is important. This order is the order +// in which the algorithms will be tried by the RNG protocol. +// If your platform needs to use a specific algorithm for the random number generator, +// then you should place that algorithm first in the array. +// +GLOBAL_REMOVE_IF_UNREFERENCED EFI_GUID *mSecureHashAlgorithms[] = { + &gEfiRngAlgorithmSp80090Ctr256Guid, // SP800-90A DRBG CTR using AES-256 + &gEfiRngAlgorithmSp80090Hmac256Guid, // SP800-90A DRBG HMAC using SHA-256 + &gEfiRngAlgorithmSp80090Hash256Guid, // SP800-90A DRBG Hash using SHA-256 + &gEfiRngAlgorithmArmRndr, // unspecified SP800-90A DRBG via ARM RNDR register + &gEfiRngAlgorithmRaw, // Raw data from NRBG (or TRNG) +}; + +#define SECURE_HASH_ALGORITHMS_SIZE (sizeof (mSecureHashAlgorithms) / sizeof (EFI_GUID *)) + /** Locate the handles that support SNP, then open one of them to send the syslog packets. The caller isn't required to close @@ -884,34 +905,107 @@ Ip6Swap128 ( } /** - Initialize a random seed using current time and monotonic count. + Generate a Random output data given a length. - Get current time and monotonic count first. Then initialize a random seed - based on some basic mathematics operation on the hour, day, minute, second, - nanosecond and year of the current time and the monotonic count value. + @param[out] Output - The buffer to store the generated random data. + @param[in] OutputLength - The length of the output buffer. - @return The random seed initialized with current time. + @retval EFI_SUCCESS On Success + @retval EFI_INVALID_PARAMETER Pointer is null or size is zero + @retval EFI_NOT_FOUND RNG protocol not found + @retval Others Error from RngProtocol->GetRNG() + @return Status code **/ -UINT32 +EFI_STATUS EFIAPI -NetRandomInitSeed ( - VOID +PseudoRandom ( + OUT VOID *Output, + IN UINTN OutputLength ) { - EFI_TIME Time; - UINT32 Seed; - UINT64 MonotonicCount; + EFI_RNG_PROTOCOL *RngProtocol; + EFI_STATUS Status; + UINTN AlgorithmIndex; + + if ((Output == NULL) || (OutputLength == 0)) { + return EFI_INVALID_PARAMETER; + } + + Status = gBS->LocateProtocol (&gEfiRngProtocolGuid, NULL, (VOID **)&RngProtocol); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed to locate EFI_RNG_PROTOCOL: %r\n", Status)); + ASSERT_EFI_ERROR (Status); + return Status; + } + + if (PcdGetBool (PcdEnforceSecureRngAlgorithms)) { + for (AlgorithmIndex = 0; AlgorithmIndex < SECURE_HASH_ALGORITHMS_SIZE; AlgorithmIndex++) { + Status = RngProtocol->GetRNG (RngProtocol, mSecureHashAlgorithms[AlgorithmIndex], OutputLength, (UINT8 *)Output); + if (!EFI_ERROR (Status)) { + // + // Secure Algorithm was supported on this platform + // + return EFI_SUCCESS; + } else if (Status == EFI_UNSUPPORTED) { + // + // Secure Algorithm was not supported on this platform + // + DEBUG ((DEBUG_ERROR, "Failed to generate random data using secure algorithm %d: %r\n", AlgorithmIndex, Status)); + + // + // Try the next secure algorithm + // + continue; + } else { + // + // Some other error occurred + // + DEBUG ((DEBUG_ERROR, "Failed to generate random data using secure algorithm %d: %r\n", AlgorithmIndex, Status)); + ASSERT_EFI_ERROR (Status); + return Status; + } + } + + // + // If we get here, we failed to generate random data using any secure algorithm + // Platform owner should ensure that at least one secure algorithm is supported + // + ASSERT_EFI_ERROR (Status); + return Status; + } + + // + // Lets try using the default algorithm (which may not be secure) + // + Status = RngProtocol->GetRNG (RngProtocol, NULL, OutputLength, (UINT8 *)Output); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random data: %r\n", __func__, Status)); + ASSERT_EFI_ERROR (Status); + return Status; + } - gRT->GetTime (&Time, NULL); - Seed = (Time.Hour << 24 | Time.Day << 16 | Time.Minute << 8 | Time.Second); - Seed ^= Time.Nanosecond; - Seed ^= Time.Year << 7; + return EFI_SUCCESS; +} + +/** + Generate a 32-bit pseudo-random number. - gBS->GetNextMonotonicCount (&MonotonicCount); - Seed += (UINT32)MonotonicCount; + @param[out] Output - The buffer to store the generated random number. - return Seed; + @retval EFI_SUCCESS On Success + @retval EFI_NOT_FOUND RNG protocol not found + @retval Others Error from RngProtocol->GetRNG() + + @return Status code +**/ +EFI_STATUS +EFIAPI +PseudoRandomU32 ( + OUT UINT32 *Output + ) +{ + return PseudoRandom (Output, sizeof (*Output)); } /** diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf index 8145d256ec10..a8f534a29358 100644 --- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf +++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf @@ -3,6 +3,7 @@ # # Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
# (C) Copyright 2015 Hewlett Packard Enterprise Development LP
+# Copyright (c) Microsoft Corporation # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -49,7 +50,11 @@ gEfiSmbiosTableGuid ## SOMETIMES_CONSUMES ## SystemTable gEfiSmbios3TableGuid ## SOMETIMES_CONSUMES ## SystemTable gEfiAdapterInfoMediaStateGuid ## SOMETIMES_CONSUMES - + gEfiRngAlgorithmRaw ## CONSUMES + gEfiRngAlgorithmSp80090Ctr256Guid ## CONSUMES + gEfiRngAlgorithmSp80090Hmac256Guid ## CONSUMES + gEfiRngAlgorithmSp80090Hash256Guid ## CONSUMES + gEfiRngAlgorithmArmRndr ## CONSUMES [Protocols] gEfiSimpleNetworkProtocolGuid ## SOMETIMES_CONSUMES @@ -59,3 +64,10 @@ gEfiComponentNameProtocolGuid ## SOMETIMES_CONSUMES gEfiComponentName2ProtocolGuid ## SOMETIMES_CONSUMES gEfiAdapterInformationProtocolGuid ## SOMETIMES_CONSUMES + gEfiRngProtocolGuid ## CONSUMES + +[FixedPcd] + gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms ## CONSUMES + +[Depex] + gEfiRngProtocolGuid diff --git a/NetworkPkg/NetworkPkg.dec b/NetworkPkg/NetworkPkg.dec index e06f35e7747c..7c4289b77b21 100644 --- a/NetworkPkg/NetworkPkg.dec +++ b/NetworkPkg/NetworkPkg.dec @@ -5,6 +5,7 @@ # # Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.
# (C) Copyright 2015-2020 Hewlett Packard Enterprise Development LP
+# Copyright (c) Microsoft Corporation # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -130,6 +131,12 @@ # @Prompt Indicates whether SnpDxe creates event for ExitBootServices() call. gEfiNetworkPkgTokenSpaceGuid.PcdSnpCreateExitBootServicesEvent|TRUE|BOOLEAN|0x1000000C + ## Enforces the use of Secure UEFI spec defined RNG algorithms for all network connections. + # TRUE - Enforce the use of Secure UEFI spec defined RNG algorithms. + # FALSE - Do not enforce and depend on the default implementation of RNG algorithm from the provider. + # @Prompt Enforce the use of Secure UEFI spec defined RNG algorithms. + gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|TRUE|BOOLEAN|0x1000000D + [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] ## IPv6 DHCP Unique Identifier (DUID) Type configuration (From RFCs 3315 and 6355). # 01 = DUID Based on Link-layer Address Plus Time [DUID-LLT] diff --git a/NetworkPkg/SecurityFixes.yaml b/NetworkPkg/SecurityFixes.yaml index fa42025e0d82..4305328425d0 100644 --- a/NetworkPkg/SecurityFixes.yaml +++ b/NetworkPkg/SecurityFixes.yaml @@ -122,3 +122,64 @@ CVE_2023_45235: - http://www.openwall.com/lists/oss-security/2024/01/16/2 - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html +CVE_2023_45236: + commit_titles: + - "NetworkPkg: TcpDxe: SECURITY PATCH CVE-2023-45236 Patch" + cve: CVE-2023-45236 + date_reported: 2023-08-28 13:56 UTC + description: "Bug 08 - edk2/NetworkPkg: Predictable TCP Initial Sequence Numbers" + note: + files_impacted: + - NetworkPkg/Include/Library/NetLib.h + - NetworkPkg/TcpDxe/TcpDriver.c + - NetworkPkg/TcpDxe/TcpDxe.inf + - NetworkPkg/TcpDxe/TcpFunc.h + - NetworkPkg/TcpDxe/TcpInput.c + - NetworkPkg/TcpDxe/TcpMain.h + - NetworkPkg/TcpDxe/TcpMisc.c + - NetworkPkg/TcpDxe/TcpTimer.c + links: + - https://bugzilla.tianocore.org/show_bug.cgi?id=4541 + - https://nvd.nist.gov/vuln/detail/CVE-2023-45236 + - http://www.openwall.com/lists/oss-security/2024/01/16/2 + - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html + - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html +CVE_2023_45237: + commit_titles: + - "NetworkPkg:: SECURITY PATCH CVE 2023-45237" + cve: CVE-2023-45237 + date_reported: 2023-08-28 13:56 UTC + description: "Bug 09 - Use of a Weak PseudoRandom Number Generator" + note: + files_impacted: + - NetworkPkg/Dhcp4Dxe/Dhcp4Driver.c + - NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c + - NetworkPkg/DnsDxe/DnsDhcp.c + - NetworkPkg/DnsDxe/DnsImpl.c + - NetworkPkg/HttpBootDxe/HttpBootDhcp6.c + - NetworkPkg/IScsiDxe/IScsiCHAP.c + - NetworkPkg/IScsiDxe/IScsiMisc.c + - NetworkPkg/IScsiDxe/IScsiMisc.h + - NetworkPkg/Include/Library/NetLib.h + - NetworkPkg/Ip4Dxe/Ip4Driver.c + - NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c + - NetworkPkg/Ip6Dxe/Ip6Driver.c + - NetworkPkg/Ip6Dxe/Ip6If.c + - NetworkPkg/Ip6Dxe/Ip6Mld.c + - NetworkPkg/Ip6Dxe/Ip6Nd.c + - NetworkPkg/Ip6Dxe/Ip6Nd.h + - NetworkPkg/Library/DxeNetLib/DxeNetLib.c + - NetworkPkg/Library/DxeNetLib/DxeNetLib.inf + - NetworkPkg/NetworkPkg.dec + - NetworkPkg/TcpDxe/TcpDriver.c + - NetworkPkg/Udp4Dxe/Udp4Driver.c + - NetworkPkg/Udp6Dxe/Udp6Driver.c + - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.c + - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c + - NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c + links: + - https://bugzilla.tianocore.org/show_bug.cgi?id=4542 + - https://nvd.nist.gov/vuln/detail/CVE-2023-45237 + - http://www.openwall.com/lists/oss-security/2024/01/16/2 + - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html + - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html diff --git a/NetworkPkg/TcpDxe/TcpDriver.c b/NetworkPkg/TcpDxe/TcpDriver.c index 98a90e02109b..40bba4080c87 100644 --- a/NetworkPkg/TcpDxe/TcpDriver.c +++ b/NetworkPkg/TcpDxe/TcpDriver.c @@ -2,7 +2,7 @@ The driver binding and service binding protocol for the TCP driver. Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
- + Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -83,6 +83,12 @@ EFI_SERVICE_BINDING_PROTOCOL gTcpServiceBinding = { TcpServiceBindingDestroyChild }; +// +// This is the handle for the Hash2ServiceBinding Protocol instance this driver produces +// if the platform does not provide one. +// +EFI_HANDLE mHash2ServiceHandle = NULL; + /** Create and start the heartbeat timer for the TCP driver. @@ -163,7 +169,30 @@ TcpDriverEntryPoint ( ) { EFI_STATUS Status; - UINT32 Seed; + UINT32 Random; + + // + // Initialize the Secret used for hashing TCP sequence numbers + // + // Normally this should be regenerated periodically, but since + // this is only used for UEFI networking and not a general purpose + // operating system, it is not necessary to regenerate it. + // + Status = PseudoRandomU32 (&mTcpGlobalSecret); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } + + // + // Get a random number used to generate a random port number + // Intentionally not linking this to mTcpGlobalSecret to avoid leaking information about the secret + // + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a Failed to generate random number: %r\n", __func__, Status)); + return Status; + } // // Install the TCP Driver Binding Protocol @@ -201,11 +230,9 @@ TcpDriverEntryPoint ( } // - // Initialize ISS and random port. + // Initialize the random port. // - Seed = NetRandomInitSeed (); - mTcpGlobalIss = NET_RANDOM (Seed) % mTcpGlobalIss; - mTcp4RandomPort = (UINT16)(TCP_PORT_KNOWN + (NET_RANDOM (Seed) % TCP_PORT_KNOWN)); + mTcp4RandomPort = (UINT16)(TCP_PORT_KNOWN + (Random % TCP_PORT_KNOWN)); mTcp6RandomPort = mTcp4RandomPort; return EFI_SUCCESS; @@ -219,6 +246,8 @@ TcpDriverEntryPoint ( @param[in] IpVersion IP_VERSION_4 or IP_VERSION_6. @retval EFI_OUT_OF_RESOURCES Failed to allocate some resources. + @retval EFI_UNSUPPORTED Service Binding Protocols are unavailable. + @retval EFI_ALREADY_STARTED The TCP driver is already started on the controller. @retval EFI_SUCCESS A new IP6 service binding private was created. **/ @@ -229,11 +258,13 @@ TcpCreateService ( IN UINT8 IpVersion ) { - EFI_STATUS Status; - EFI_GUID *IpServiceBindingGuid; - EFI_GUID *TcpServiceBindingGuid; - TCP_SERVICE_DATA *TcpServiceData; - IP_IO_OPEN_DATA OpenData; + EFI_STATUS Status; + EFI_GUID *IpServiceBindingGuid; + EFI_GUID *TcpServiceBindingGuid; + TCP_SERVICE_DATA *TcpServiceData; + IP_IO_OPEN_DATA OpenData; + EFI_SERVICE_BINDING_PROTOCOL *Hash2ServiceBinding; + EFI_HASH2_PROTOCOL *Hash2Protocol; if (IpVersion == IP_VERSION_4) { IpServiceBindingGuid = &gEfiIp4ServiceBindingProtocolGuid; @@ -267,6 +298,33 @@ TcpCreateService ( return EFI_UNSUPPORTED; } + Status = gBS->LocateProtocol (&gEfiHash2ProtocolGuid, NULL, (VOID **)&Hash2Protocol); + if (EFI_ERROR (Status)) { + // + // If we can't find the Hashing protocol, then we need to create one. + // + + // + // Platform is expected to publish the hash service binding protocol to support TCP. + // + Status = gBS->LocateProtocol ( + &gEfiHash2ServiceBindingProtocolGuid, + NULL, + (VOID **)&Hash2ServiceBinding + ); + if (EFI_ERROR (Status) || (Hash2ServiceBinding == NULL) || (Hash2ServiceBinding->CreateChild == NULL)) { + return EFI_UNSUPPORTED; + } + + // + // Create an instance of the hash protocol for this controller. + // + Status = Hash2ServiceBinding->CreateChild (Hash2ServiceBinding, &mHash2ServiceHandle); + if (EFI_ERROR (Status)) { + return EFI_UNSUPPORTED; + } + } + // // Create the TCP service data. // @@ -418,6 +476,7 @@ TcpDestroyService ( EFI_STATUS Status; LIST_ENTRY *List; TCP_DESTROY_CHILD_IN_HANDLE_BUF_CONTEXT Context; + EFI_SERVICE_BINDING_PROTOCOL *Hash2ServiceBinding; ASSERT ((IpVersion == IP_VERSION_4) || (IpVersion == IP_VERSION_6)); @@ -434,6 +493,30 @@ TcpDestroyService ( return EFI_SUCCESS; } + // + // Destroy the Hash2ServiceBinding instance if it is created by Tcp driver. + // + if (mHash2ServiceHandle != NULL) { + Status = gBS->LocateProtocol ( + &gEfiHash2ServiceBindingProtocolGuid, + NULL, + (VOID **)&Hash2ServiceBinding + ); + if (EFI_ERROR (Status) || (Hash2ServiceBinding == NULL) || (Hash2ServiceBinding->DestroyChild == NULL)) { + return EFI_UNSUPPORTED; + } + + // + // Destroy the instance of the hashing protocol for this controller. + // + Status = Hash2ServiceBinding->DestroyChild (Hash2ServiceBinding, &mHash2ServiceHandle); + if (EFI_ERROR (Status)) { + return EFI_UNSUPPORTED; + } + + mHash2ServiceHandle = NULL; + } + Status = gBS->OpenProtocol ( NicHandle, ServiceBindingGuid, diff --git a/NetworkPkg/TcpDxe/TcpDxe.inf b/NetworkPkg/TcpDxe/TcpDxe.inf index c0acbdca5700..76de4cf9ec3d 100644 --- a/NetworkPkg/TcpDxe/TcpDxe.inf +++ b/NetworkPkg/TcpDxe/TcpDxe.inf @@ -6,6 +6,7 @@ # stack has been loaded in system. This driver supports both IPv4 and IPv6 network stack. # # Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -68,7 +69,6 @@ NetLib IpIoLib - [Protocols] ## SOMETIMES_CONSUMES ## SOMETIMES_PRODUCES @@ -81,6 +81,15 @@ gEfiIp6ServiceBindingProtocolGuid ## TO_START gEfiTcp6ProtocolGuid ## BY_START gEfiTcp6ServiceBindingProtocolGuid ## BY_START + gEfiHash2ProtocolGuid ## BY_START + gEfiHash2ServiceBindingProtocolGuid ## BY_START + +[Guids] + gEfiHashAlgorithmMD5Guid ## CONSUMES + gEfiHashAlgorithmSha256Guid ## CONSUMES + +[Depex] + gEfiHash2ServiceBindingProtocolGuid [UserExtensions.TianoCore."ExtraFiles"] TcpDxeExtra.uni diff --git a/NetworkPkg/TcpDxe/TcpFunc.h b/NetworkPkg/TcpDxe/TcpFunc.h index a7af01fff246..c707bee3e548 100644 --- a/NetworkPkg/TcpDxe/TcpFunc.h +++ b/NetworkPkg/TcpDxe/TcpFunc.h @@ -2,7 +2,7 @@ Declaration of external functions shared in TCP driver. Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
- + Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -36,8 +36,11 @@ VOID @param[in, out] Tcb Pointer to the TCP_CB of this TCP instance. + @retval EFI_SUCCESS The operation completed successfully + @retval others The underlying functions failed and could not complete the operation + **/ -VOID +EFI_STATUS TcpInitTcbLocal ( IN OUT TCP_CB *Tcb ); @@ -128,17 +131,6 @@ TcpCloneTcb ( IN TCP_CB *Tcb ); -/** - Compute an ISS to be used by a new connection. - - @return The result ISS. - -**/ -TCP_SEQNO -TcpGetIss ( - VOID - ); - /** Get the local mss. @@ -202,8 +194,11 @@ TcpFormatNetbuf ( @param[in, out] Tcb Pointer to the TCP_CB that wants to initiate a connection. + @retval EFI_SUCCESS The operation completed successfully + @retval others The underlying functions failed and could not complete the operation + **/ -VOID +EFI_STATUS TcpOnAppConnect ( IN OUT TCP_CB *Tcb ); diff --git a/NetworkPkg/TcpDxe/TcpInput.c b/NetworkPkg/TcpDxe/TcpInput.c index 97633a3908be..a5d575ccafeb 100644 --- a/NetworkPkg/TcpDxe/TcpInput.c +++ b/NetworkPkg/TcpDxe/TcpInput.c @@ -724,6 +724,7 @@ TcpInput ( TCP_SEQNO Urg; UINT16 Checksum; INT32 Usable; + EFI_STATUS Status; ASSERT ((Version == IP_VERSION_4) || (Version == IP_VERSION_6)); @@ -872,7 +873,17 @@ TcpInput ( Tcb->LocalEnd.Port = Head->DstPort; Tcb->RemoteEnd.Port = Head->SrcPort; - TcpInitTcbLocal (Tcb); + Status = TcpInitTcbLocal (Tcb); + if (EFI_ERROR (Status)) { + DEBUG ( + (DEBUG_ERROR, + "TcpInput: discard a segment because failed to init local end for TCB %p\n", + Tcb) + ); + + goto DISCARD; + } + TcpInitTcbPeer (Tcb, Seg, &Option); TcpSetState (Tcb, TCP_SYN_RCVD); diff --git a/NetworkPkg/TcpDxe/TcpMain.h b/NetworkPkg/TcpDxe/TcpMain.h index c0c9b7f46ebe..4d5566ab9379 100644 --- a/NetworkPkg/TcpDxe/TcpMain.h +++ b/NetworkPkg/TcpDxe/TcpMain.h @@ -3,7 +3,7 @@ It is the common head file for all Tcp*.c in TCP driver. Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
- + Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -13,6 +13,7 @@ #include #include +#include #include #include #include @@ -31,7 +32,7 @@ extern EFI_UNICODE_STRING_TABLE *gTcpControllerNameTable; extern LIST_ENTRY mTcpRunQue; extern LIST_ENTRY mTcpListenQue; -extern TCP_SEQNO mTcpGlobalIss; +extern TCP_SEQNO mTcpGlobalSecret; extern UINT32 mTcpTick; /// @@ -45,14 +46,6 @@ extern UINT32 mTcpTick; #define TCP_EXPIRE_TIME 65535 -/// -/// The implementation selects the initial send sequence number and the unit to -/// be added when it is increased. -/// -#define TCP_BASE_ISS 0x4d7e980b -#define TCP_ISS_INCREMENT_1 2048 -#define TCP_ISS_INCREMENT_2 100 - typedef union { EFI_TCP4_CONFIG_DATA Tcp4CfgData; EFI_TCP6_CONFIG_DATA Tcp6CfgData; @@ -774,4 +767,50 @@ Tcp6Poll ( IN EFI_TCP6_PROTOCOL *This ); +/** + Retrieves the Initial Sequence Number (ISN) for a TCP connection identified by local + and remote IP addresses and ports. + + This method is based on https://datatracker.ietf.org/doc/html/rfc9293#section-3.4.1 + Where the ISN is computed as follows: + ISN = TimeStamp + MD5(LocalIP, LocalPort, RemoteIP, RemotePort, Secret) + + Otherwise: + ISN = M + F(localip, localport, remoteip, remoteport, secretkey) + + "Here M is the 4 microsecond timer, and F() is a pseudorandom function (PRF) of the + connection's identifying parameters ("localip, localport, remoteip, remoteport") + and a secret key ("secretkey") (SHLD-1). F() MUST NOT be computable from the + outside (MUST-9), or an attacker could still guess at sequence numbers from the + ISN used for some other connection. The PRF could be implemented as a + cryptographic hash of the concatenation of the TCP connection parameters and some + secret data. For discussion of the selection of a specific hash algorithm and + management of the secret key data." + + @param[in] LocalIp A pointer to the local IP address of the TCP connection. + @param[in] LocalIpSize The size, in bytes, of the LocalIp buffer. + @param[in] LocalPort The local port number of the TCP connection. + @param[in] RemoteIp A pointer to the remote IP address of the TCP connection. + @param[in] RemoteIpSize The size, in bytes, of the RemoteIp buffer. + @param[in] RemotePort The remote port number of the TCP connection. + @param[out] Isn A pointer to the variable that will receive the Initial + Sequence Number (ISN). + + @retval EFI_SUCCESS The operation completed successfully, and the ISN was + retrieved. + @retval EFI_INVALID_PARAMETER One or more of the input parameters are invalid. + @retval EFI_UNSUPPORTED The operation is not supported. + +**/ +EFI_STATUS +TcpGetIsn ( + IN UINT8 *LocalIp, + IN UINTN LocalIpSize, + IN UINT16 LocalPort, + IN UINT8 *RemoteIp, + IN UINTN RemoteIpSize, + IN UINT16 RemotePort, + OUT TCP_SEQNO *Isn + ); + #endif diff --git a/NetworkPkg/TcpDxe/TcpMisc.c b/NetworkPkg/TcpDxe/TcpMisc.c index c93212d47ded..3310306f639c 100644 --- a/NetworkPkg/TcpDxe/TcpMisc.c +++ b/NetworkPkg/TcpDxe/TcpMisc.c @@ -3,7 +3,7 @@ (C) Copyright 2014 Hewlett-Packard Development Company, L.P.
Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.
- + Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -20,7 +20,34 @@ LIST_ENTRY mTcpListenQue = { &mTcpListenQue }; -TCP_SEQNO mTcpGlobalIss = TCP_BASE_ISS; +// +// The Session secret +// This must be initialized to a random value at boot time +// +TCP_SEQNO mTcpGlobalSecret; + +// +// Union to hold either an IPv4 or IPv6 address +// This is used to simplify the ISN hash computation +// +typedef union { + UINT8 IPv4[4]; + UINT8 IPv6[16]; +} NETWORK_ADDRESS; + +// +// The ISN is computed by hashing this structure +// It is initialized with the local and remote IP addresses and ports +// and the secret +// +// +typedef struct { + UINT16 LocalPort; + UINT16 RemotePort; + NETWORK_ADDRESS LocalAddress; + NETWORK_ADDRESS RemoteAddress; + TCP_SEQNO Secret; +} ISN_HASH_CTX; CHAR16 *mTcpStateName[] = { L"TCP_CLOSED", @@ -41,12 +68,18 @@ CHAR16 *mTcpStateName[] = { @param[in, out] Tcb Pointer to the TCP_CB of this TCP instance. + @retval EFI_SUCCESS The operation completed successfully + @retval others The underlying functions failed and could not complete the operation + **/ -VOID +EFI_STATUS TcpInitTcbLocal ( IN OUT TCP_CB *Tcb ) { + TCP_SEQNO Isn; + EFI_STATUS Status; + // // Compute the checksum of the fixed parts of pseudo header // @@ -57,6 +90,16 @@ TcpInitTcbLocal ( 0x06, 0 ); + + Status = TcpGetIsn ( + Tcb->LocalEnd.Ip.v4.Addr, + sizeof (IPv4_ADDRESS), + Tcb->LocalEnd.Port, + Tcb->RemoteEnd.Ip.v4.Addr, + sizeof (IPv4_ADDRESS), + Tcb->RemoteEnd.Port, + &Isn + ); } else { Tcb->HeadSum = NetIp6PseudoHeadChecksum ( &Tcb->LocalEnd.Ip.v6, @@ -64,9 +107,25 @@ TcpInitTcbLocal ( 0x06, 0 ); + + Status = TcpGetIsn ( + Tcb->LocalEnd.Ip.v6.Addr, + sizeof (IPv6_ADDRESS), + Tcb->LocalEnd.Port, + Tcb->RemoteEnd.Ip.v6.Addr, + sizeof (IPv6_ADDRESS), + Tcb->RemoteEnd.Port, + &Isn + ); + } + + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "TcpInitTcbLocal: failed to get isn\n")); + ASSERT (FALSE); + return Status; } - Tcb->Iss = TcpGetIss (); + Tcb->Iss = Isn; Tcb->SndUna = Tcb->Iss; Tcb->SndNxt = Tcb->Iss; @@ -82,6 +141,8 @@ TcpInitTcbLocal ( Tcb->RetxmitSeqMax = 0; Tcb->ProbeTimerOn = FALSE; + + return EFI_SUCCESS; } /** @@ -506,18 +567,162 @@ TcpCloneTcb ( } /** - Compute an ISS to be used by a new connection. - - @return The resulting ISS. + Retrieves the Initial Sequence Number (ISN) for a TCP connection identified by local + and remote IP addresses and ports. + + This method is based on https://datatracker.ietf.org/doc/html/rfc9293#section-3.4.1 + Where the ISN is computed as follows: + ISN = TimeStamp + MD5(LocalIP, LocalPort, RemoteIP, RemotePort, Secret) + + Otherwise: + ISN = M + F(localip, localport, remoteip, remoteport, secretkey) + + "Here M is the 4 microsecond timer, and F() is a pseudorandom function (PRF) of the + connection's identifying parameters ("localip, localport, remoteip, remoteport") + and a secret key ("secretkey") (SHLD-1). F() MUST NOT be computable from the + outside (MUST-9), or an attacker could still guess at sequence numbers from the + ISN used for some other connection. The PRF could be implemented as a + cryptographic hash of the concatenation of the TCP connection parameters and some + secret data. For discussion of the selection of a specific hash algorithm and + management of the secret key data." + + @param[in] LocalIp A pointer to the local IP address of the TCP connection. + @param[in] LocalIpSize The size, in bytes, of the LocalIp buffer. + @param[in] LocalPort The local port number of the TCP connection. + @param[in] RemoteIp A pointer to the remote IP address of the TCP connection. + @param[in] RemoteIpSize The size, in bytes, of the RemoteIp buffer. + @param[in] RemotePort The remote port number of the TCP connection. + @param[out] Isn A pointer to the variable that will receive the Initial + Sequence Number (ISN). + + @retval EFI_SUCCESS The operation completed successfully, and the ISN was + retrieved. + @retval EFI_INVALID_PARAMETER One or more of the input parameters are invalid. + @retval EFI_UNSUPPORTED The operation is not supported. **/ -TCP_SEQNO -TcpGetIss ( - VOID +EFI_STATUS +TcpGetIsn ( + IN UINT8 *LocalIp, + IN UINTN LocalIpSize, + IN UINT16 LocalPort, + IN UINT8 *RemoteIp, + IN UINTN RemoteIpSize, + IN UINT16 RemotePort, + OUT TCP_SEQNO *Isn ) { - mTcpGlobalIss += TCP_ISS_INCREMENT_1; - return mTcpGlobalIss; + EFI_STATUS Status; + EFI_HASH2_PROTOCOL *Hash2Protocol; + EFI_HASH2_OUTPUT HashResult; + ISN_HASH_CTX IsnHashCtx; + EFI_TIME TimeStamp; + + // + // Check that the ISN pointer is valid + // + if (Isn == NULL) { + return EFI_INVALID_PARAMETER; + } + + // + // The local ip may be a v4 or v6 address and may not be NULL + // + if ((LocalIp == NULL) || (LocalIpSize == 0) || (RemoteIp == NULL) || (RemoteIpSize == 0)) { + return EFI_INVALID_PARAMETER; + } + + // + // the local ip may be a v4 or v6 address + // + if ((LocalIpSize != sizeof (EFI_IPv4_ADDRESS)) && (LocalIpSize != sizeof (EFI_IPv6_ADDRESS))) { + return EFI_INVALID_PARAMETER; + } + + // + // Locate the Hash Protocol + // + Status = gBS->LocateProtocol (&gEfiHash2ProtocolGuid, NULL, (VOID **)&Hash2Protocol); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_NET, "Failed to locate Hash Protocol: %r\n", Status)); + + // + // TcpCreateService(..) is expected to be called prior to this function + // + ASSERT_EFI_ERROR (Status); + return Status; + } + + // + // Initialize the hash algorithm + // + Status = Hash2Protocol->HashInit (Hash2Protocol, &gEfiHashAlgorithmSha256Guid); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_NET, "Failed to initialize sha256 hash algorithm: %r\n", Status)); + return Status; + } + + IsnHashCtx.LocalPort = LocalPort; + IsnHashCtx.RemotePort = RemotePort; + IsnHashCtx.Secret = mTcpGlobalSecret; + + // + // Check the IP address family and copy accordingly + // + if (LocalIpSize == sizeof (EFI_IPv4_ADDRESS)) { + CopyMem (&IsnHashCtx.LocalAddress.IPv4, LocalIp, LocalIpSize); + } else if (LocalIpSize == sizeof (EFI_IPv6_ADDRESS)) { + CopyMem (&IsnHashCtx.LocalAddress.IPv6, LocalIp, LocalIpSize); + } else { + return EFI_INVALID_PARAMETER; // Unsupported address size + } + + // + // Repeat the process for the remote IP address + // + if (RemoteIpSize == sizeof (EFI_IPv4_ADDRESS)) { + CopyMem (&IsnHashCtx.RemoteAddress.IPv4, RemoteIp, RemoteIpSize); + } else if (RemoteIpSize == sizeof (EFI_IPv6_ADDRESS)) { + CopyMem (&IsnHashCtx.RemoteAddress.IPv6, RemoteIp, RemoteIpSize); + } else { + return EFI_INVALID_PARAMETER; // Unsupported address size + } + + // + // Compute the hash + // Update the hash with the data + // + Status = Hash2Protocol->HashUpdate (Hash2Protocol, (UINT8 *)&IsnHashCtx, sizeof (IsnHashCtx)); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_NET, "Failed to update hash: %r\n", Status)); + return Status; + } + + // + // Finalize the hash and retrieve the result + // + Status = Hash2Protocol->HashFinal (Hash2Protocol, &HashResult); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_NET, "Failed to finalize hash: %r\n", Status)); + return Status; + } + + Status = gRT->GetTime (&TimeStamp, NULL); + if (EFI_ERROR (Status)) { + return Status; + } + + // + // copy the first 4 bytes of the hash result into the ISN + // + CopyMem (Isn, HashResult.Md5Hash, sizeof (*Isn)); + + // + // now add the timestamp to the ISN as 4 microseconds units (1000 / 4 = 250) + // + *Isn += (TCP_SEQNO)TimeStamp.Nanosecond * 250; + + return Status; } /** @@ -721,17 +926,28 @@ TcpFormatNetbuf ( @param[in, out] Tcb Pointer to the TCP_CB that wants to initiate a connection. + @retval EFI_SUCCESS The operation completed successfully + @retval others The underlying functions failed and could not complete the operation + **/ -VOID +EFI_STATUS TcpOnAppConnect ( IN OUT TCP_CB *Tcb ) { - TcpInitTcbLocal (Tcb); + EFI_STATUS Status; + + Status = TcpInitTcbLocal (Tcb); + if (EFI_ERROR (Status)) { + return Status; + } + TcpSetState (Tcb, TCP_SYN_SENT); TcpSetTimer (Tcb, TCP_TIMER_CONNECT, Tcb->ConnectTimeout); TcpToSendData (Tcb, 1); + + return EFI_SUCCESS; } /** diff --git a/NetworkPkg/TcpDxe/TcpTimer.c b/NetworkPkg/TcpDxe/TcpTimer.c index 5d2e124977d9..065b1bdf5feb 100644 --- a/NetworkPkg/TcpDxe/TcpTimer.c +++ b/NetworkPkg/TcpDxe/TcpTimer.c @@ -2,7 +2,7 @@ TCP timer related functions. Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.
- + Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -483,7 +483,6 @@ TcpTickingDpc ( INT16 Index; mTcpTick++; - mTcpGlobalIss += TCP_ISS_INCREMENT_2; // // Don't use LIST_FOR_EACH, which isn't delete safe. diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc index fa301a7a52ab..1772afb05815 100644 --- a/NetworkPkg/Test/NetworkPkgHostTest.dsc +++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc @@ -30,6 +30,7 @@ NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf { UefiRuntimeServicesTableLib|MdePkg/Test/Mock/Library/GoogleTest/MockUefiRuntimeServicesTableLib/MockUefiRuntimeServicesTableLib.inf + UefiBootServicesTableLib|MdePkg/Test/Mock/Library/GoogleTest/MockUefiBootServicesTableLib/MockUefiBootServicesTableLib.inf } # Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests. diff --git a/NetworkPkg/Udp4Dxe/Udp4Driver.c b/NetworkPkg/Udp4Dxe/Udp4Driver.c index cb917fcfc90f..c7ea16f4cd6f 100644 --- a/NetworkPkg/Udp4Dxe/Udp4Driver.c +++ b/NetworkPkg/Udp4Dxe/Udp4Driver.c @@ -1,6 +1,7 @@ /** @file Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -555,6 +556,13 @@ Udp4DriverEntryPoint ( ) { EFI_STATUS Status; + UINT32 Random; + + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } // // Install the Udp4DriverBinding and Udp4ComponentName protocols. @@ -571,7 +579,7 @@ Udp4DriverEntryPoint ( // // Initialize the UDP random port. // - mUdp4RandomPort = (UINT16)(((UINT16)NetRandomInitSeed ()) % UDP4_PORT_KNOWN + UDP4_PORT_KNOWN); + mUdp4RandomPort = (UINT16)(((UINT16)Random) % UDP4_PORT_KNOWN + UDP4_PORT_KNOWN); } return Status; diff --git a/NetworkPkg/Udp6Dxe/Udp6Driver.c b/NetworkPkg/Udp6Dxe/Udp6Driver.c index ae96fb996627..edb758d57ca4 100644 --- a/NetworkPkg/Udp6Dxe/Udp6Driver.c +++ b/NetworkPkg/Udp6Dxe/Udp6Driver.c @@ -2,7 +2,7 @@ Driver Binding functions and Service Binding functions for the Network driver module. Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
- + Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -596,6 +596,13 @@ Udp6DriverEntryPoint ( ) { EFI_STATUS Status; + UINT32 Random; + + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } // // Install the Udp6DriverBinding and Udp6ComponentName protocols. @@ -614,7 +621,7 @@ Udp6DriverEntryPoint ( // Initialize the UDP random port. // mUdp6RandomPort = (UINT16)( - ((UINT16)NetRandomInitSeed ()) % + ((UINT16)Random) % UDP6_PORT_KNOWN + UDP6_PORT_KNOWN ); diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp index bd423ebadfce..61736ff79e83 100644 --- a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp +++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp @@ -7,6 +7,8 @@ #include #include #include +#include +#include extern "C" { #include @@ -165,7 +167,7 @@ class PxeBcHandleDhcp6OfferTest : public ::testing::Test { // Note: // Testing PxeBcHandleDhcp6Offer() is difficult because it depends on a // properly setup Private structure. Attempting to properly test this function -// without a signficant refactor is a fools errand. Instead, we will test +// without a significant refactor is a fools errand. Instead, we will test // that we can prevent an overflow in the function. TEST_F (PxeBcHandleDhcp6OfferTest, BasicUsageTest) { PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL; @@ -238,6 +240,7 @@ TEST_F (PxeBcCacheDnsServerAddressesTest, BasicUsageTest) { FreePool (Option); } } + // Test Description // Test that we can prevent an overflow in the function TEST_F (PxeBcCacheDnsServerAddressesTest, AttemptOverflowTest) { @@ -470,10 +473,15 @@ TEST_F (PxeBcRequestBootServiceTest, AttemptRequestOverFlowExpectFailure) { class PxeBcDhcp6DiscoverTest : public ::testing::Test { public: PXEBC_PRIVATE_DATA Private = { 0 }; + // create a mock md5 hash + UINT8 Md5Hash[16] = { 0 }; + EFI_UDP6_PROTOCOL Udp6Read; protected: MockUefiRuntimeServicesTableLib RtServicesMock; + MockUefiBootServicesTableLib BsMock; + MockRng RngMock; // Add any setup code if needed virtual void @@ -527,8 +535,21 @@ TEST_F (PxeBcDhcp6DiscoverTest, BasicOverflowTest) { Private.Dhcp6Request->Length = (UINT16)(Cursor - (UINT8 *)Private.Dhcp6Request); - EXPECT_CALL (RtServicesMock, gRT_GetTime) - .WillOnce (::testing::Return (0)); + EXPECT_CALL (BsMock, gBS_LocateProtocol) + .WillOnce ( + ::testing::DoAll ( + ::testing::SetArgPointee<2> (::testing::ByRef (gRngProtocol)), + ::testing::Return (EFI_SUCCESS) + ) + ); + + EXPECT_CALL (RngMock, GetRng) + .WillOnce ( + ::testing::DoAll ( + ::testing::SetArgPointee<3> (::testing::ByRef (Md5Hash[0])), + ::testing::Return (EFI_SUCCESS) + ) + ); ASSERT_EQ ( PxeBcDhcp6Discover ( @@ -558,8 +579,21 @@ TEST_F (PxeBcDhcp6DiscoverTest, BasicUsageTest) { Private.Dhcp6Request->Length = (UINT16)(Cursor - (UINT8 *)Private.Dhcp6Request); - EXPECT_CALL (RtServicesMock, gRT_GetTime) - .WillOnce (::testing::Return (0)); + EXPECT_CALL (BsMock, gBS_LocateProtocol) + .WillOnce ( + ::testing::DoAll ( + ::testing::SetArgPointee<2> (::testing::ByRef (gRngProtocol)), + ::testing::Return (EFI_SUCCESS) + ) + ); + + EXPECT_CALL (RngMock, GetRng) + .WillOnce ( + ::testing::DoAll ( + ::testing::SetArgPointee<3> (::testing::ByRef (Md5Hash[0])), + ::testing::Return (EFI_SUCCESS) + ) + ); ASSERT_EQ ( PxeBcDhcp6Discover ( @@ -572,3 +606,61 @@ TEST_F (PxeBcDhcp6DiscoverTest, BasicUsageTest) { EFI_SUCCESS ); } + +TEST_F (PxeBcDhcp6DiscoverTest, MultipleRequestsAttemptOverflow) { + EFI_IPv6_ADDRESS DestIp = { 0 }; + EFI_DHCP6_PACKET_OPTION RequestOpt = { 0 }; // the data section doesn't really matter + + RequestOpt.OpCode = HTONS (0x1337); + RequestOpt.OpLen = HTONS (REQUEST_OPTION_LENGTH); // this length would overflow without a check + UINT8 RequestOptBuffer[REQUEST_OPTION_LENGTH] = { 0 }; + + // make sure we have enough space for 10 of these options + ASSERT_TRUE (REQUEST_OPTION_LENGTH * 10 <= PACKET_SIZE); + + UINT8 Index = 0; + EFI_DHCP6_PACKET *Packet = (EFI_DHCP6_PACKET *)&Private.Dhcp6Request[Index]; + UINT8 *Cursor = (UINT8 *)(Packet->Dhcp6.Option); + + // let's add 10 of these options - this should overflow + for (UINT8 i = 0; i < 10; i++) { + CopyMem (Cursor, &RequestOpt, sizeof (RequestOpt)); + Cursor += sizeof (RequestOpt) - 1; + CopyMem (Cursor, RequestOptBuffer, REQUEST_OPTION_LENGTH); + Cursor += REQUEST_OPTION_LENGTH; + } + + // Update the packet length + Packet->Length = (UINT16)(Cursor - (UINT8 *)Packet); + Packet->Size = PACKET_SIZE; + + // Make sure we're larger than the buffer we're trying to write into + ASSERT_TRUE (Packet->Length > sizeof (EFI_PXE_BASE_CODE_DHCPV6_PACKET)); + + EXPECT_CALL (BsMock, gBS_LocateProtocol) + .WillOnce ( + ::testing::DoAll ( + ::testing::SetArgPointee<2> (::testing::ByRef (gRngProtocol)), + ::testing::Return (EFI_SUCCESS) + ) + ); + + EXPECT_CALL (RngMock, GetRng) + .WillOnce ( + ::testing::DoAll ( + ::testing::SetArgPointee<3> (::testing::ByRef (Md5Hash[0])), + ::testing::Return (EFI_SUCCESS) + ) + ); + + ASSERT_EQ ( + PxeBcDhcp6Discover ( + &(PxeBcDhcp6DiscoverTest::Private), + 0, + NULL, + FALSE, + (EFI_IP_ADDRESS *)&DestIp + ), + EFI_OUT_OF_RESOURCES + ); +} diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf index 301dcdf61109..8b092d9291d4 100644 --- a/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf +++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf @@ -14,7 +14,7 @@ VERSION_STRING = 1.0 # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 +# VALID_ARCHITECTURES = IA32 X64 AARCH64 # [Sources] @@ -23,6 +23,7 @@ VERSION_STRING = 1.0 PxeBcDhcp6GoogleTest.h ../PxeBcDhcp6.c ../PxeBcSupport.c + ../../../MdePkg/Test/Mock/Library/GoogleTest/Protocol/MockRng.cpp [Packages] MdePkg/MdePkg.dec diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.c b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.c index 91146b78cb1e..452038c2194c 100644 --- a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.c +++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.c @@ -2,7 +2,7 @@ Functions implementation related with DHCPv4 for UefiPxeBc Driver. Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
- + Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -1381,6 +1381,12 @@ PxeBcDhcp4Discover ( UINT8 VendorOptLen; UINT32 Xid; + Status = PseudoRandomU32 (&Xid); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } + Mode = Private->PxeBc.Mode; Dhcp4 = Private->Dhcp4; Status = EFI_SUCCESS; @@ -1471,7 +1477,6 @@ PxeBcDhcp4Discover ( // // Set fields of the token for the request packet. // - Xid = NET_RANDOM (NetRandomInitSeed ()); Token.Packet->Dhcp4.Header.Xid = HTONL (Xid); Token.Packet->Dhcp4.Header.Reserved = HTONS ((UINT16)((IsBCast) ? 0x8000 : 0x0)); CopyMem (&Token.Packet->Dhcp4.Header.ClientAddr, &Private->StationIp, sizeof (EFI_IPv4_ADDRESS)); diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c index 7fd1281c1184..bcabbd221983 100644 --- a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c +++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c @@ -2180,7 +2180,7 @@ PxeBcDhcp6Discover ( UINTN ReadSize; UINT16 OpCode; UINT16 OpLen; - UINT32 Xid; + UINT32 Random; EFI_STATUS Status; UINTN DiscoverLenNeeded; @@ -2198,6 +2198,12 @@ PxeBcDhcp6Discover ( return EFI_DEVICE_ERROR; } + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status)); + return Status; + } + DiscoverLenNeeded = sizeof (EFI_PXE_BASE_CODE_DHCPV6_PACKET); Discover = AllocateZeroPool (DiscoverLenNeeded); if (Discover == NULL) { @@ -2207,8 +2213,7 @@ PxeBcDhcp6Discover ( // // Build the discover packet by the cached request packet before. // - Xid = NET_RANDOM (NetRandomInitSeed ()); - Discover->TransactionId = HTONL (Xid); + Discover->TransactionId = HTONL (Random); Discover->MessageType = Request->Dhcp6.Header.MessageType; RequestOpt = Request->Dhcp6.Option; DiscoverOpt = Discover->DhcpOptions; diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c b/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c index d84aca7e85ab..4cd915b41157 100644 --- a/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c +++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c @@ -3,6 +3,7 @@ (C) Copyright 2014 Hewlett-Packard Development Company, L.P.
Copyright (c) 2007 - 2019, Intel Corporation. All rights reserved.
+ Copyright (c) Microsoft Corporation SPDX-License-Identifier: BSD-2-Clause-Patent @@ -892,6 +893,13 @@ PxeBcCreateIp6Children ( PXEBC_PRIVATE_PROTOCOL *Id; EFI_SIMPLE_NETWORK_PROTOCOL *Snp; UINTN Index; + UINT32 Random; + + Status = PseudoRandomU32 (&Random); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed to generate random number using EFI_RNG_PROTOCOL: %r\n", Status)); + return Status; + } if (Private->Ip6Nic != NULL) { // @@ -935,9 +943,9 @@ PxeBcCreateIp6Children ( } // - // Generate a random IAID for the Dhcp6 assigned address. + // Set a random IAID for the Dhcp6 assigned address. // - Private->IaId = NET_RANDOM (NetRandomInitSeed ()); + Private->IaId = Random; if (Private->Snp != NULL) { for (Index = 0; Index < Private->Snp->Mode->HwAddressSize; Index++) { Private->IaId |= (Private->Snp->Mode->CurrentAddress.Addr[Index] << ((Index << 3) & 31)); diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 1be021be7140..2ca005d768ef 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -229,7 +229,6 @@ VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf - # # Network libraries # @@ -858,6 +857,11 @@ MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network Support # diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index 6eb26f7d4613..0d4abb50a8f7 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -295,6 +295,11 @@ INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf INF MdeModulePkg/Logo/LogoDxe.inf +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network modules # diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index d27a4c7278c2..a39070a62655 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -234,7 +234,6 @@ VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf - # # Network libraries # @@ -872,6 +871,11 @@ MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network Support # diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index 080784f722a7..23a825a01298 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -296,6 +296,11 @@ INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf INF MdeModulePkg/Logo/LogoDxe.inf +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network modules # diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 8f5cd23b2ec0..1b90aa8f5737 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -250,7 +250,6 @@ VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf - # # Network libraries # @@ -940,6 +939,11 @@ MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network Support # diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index b6e8f43566c4..4dcd6a033c5a 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -329,6 +329,11 @@ INF MdeModulePkg/Logo/LogoDxe.inf INF OvmfPkg/TdxDxe/TdxDxe.inf +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network modules # diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index fa1a570e746a..7fc340d1c1df 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -667,6 +667,11 @@ MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf + # + # Hash2 Protocol producer + # + SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network Support # diff --git a/OvmfPkg/OvmfXen.fdf b/OvmfPkg/OvmfXen.fdf index 5770b173168b..41368f37e254 100644 --- a/OvmfPkg/OvmfXen.fdf +++ b/OvmfPkg/OvmfXen.fdf @@ -314,6 +314,11 @@ INF ShellPkg/Application/Shell/Shell.inf INF MdeModulePkg/Logo/LogoDxe.inf +# +# Hash2 Protocol producer +# +INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf + # # Network modules # diff --git a/OvmfPkg/PlatformCI/PlatformBuildLib.py b/OvmfPkg/PlatformCI/PlatformBuildLib.py index 00d454954bff..3fe80f5c1caa 100644 --- a/OvmfPkg/PlatformCI/PlatformBuildLib.py +++ b/OvmfPkg/PlatformCI/PlatformBuildLib.py @@ -208,6 +208,8 @@ def FlashRomImage(self): args += " -net none" # turn off network args += " -smp 4" args += f" -drive file=fat:rw:{VirtualDrive},format=raw,media=disk" # Mount disk with startup.nsh + # Provides Rng services to the Guest VM + args += " -device virtio-rng-pci" if (self.env.GetValue("QEMU_HEADLESS").upper() == "TRUE"): args += " -display none" # no graphics diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c index 7e06e16e4be5..5723ed695747 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c @@ -116,14 +116,6 @@ RngGetRNG ( // The "raw" algorithm is intended to provide entropy directly // if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmRaw)) { - // - // When a DRBG is used on the output of a entropy source, - // its security level must be at least 256 bits according to UEFI Spec. - // - if (RNGValueLength < 32) { - return EFI_INVALID_PARAMETER; - } - Status = GenerateEntropy (RNGValueLength, RNGValue); return Status; }