1253 lines
42 KiB
Diff
1253 lines
42 KiB
Diff
|
From 43f2ff1b06ea010f06cdef68eebc9e0280489477 Mon Sep 17 00:00:00 2001
|
||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||
|
Date: Tue, 11 Jun 2024 15:19:39 -0400
|
||
|
Subject: [PATCH 24/31] NetworkPkg: SECURITY PATCH CVE-2023-45237
|
||
|
|
||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||
|
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
|
||
|
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
|
||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||
|
RH-Commit: [24/31] 3fc9b5e3d0ab3a20c139601292fed66a6a089644
|
||
|
|
||
|
JIRA: https://issues.redhat.com/browse/RHEL-21856
|
||
|
Upstream: Merged
|
||
|
CVE: CVE-2023-45237
|
||
|
Conflicts: Did not add NetworkPkg/SecurityFixes.yaml
|
||
|
|
||
|
commit 4c4ceb2ceb80c42fd5545b2a4bd80321f07f4345
|
||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||
|
Date: Wed May 8 22:56:28 2024 -0700
|
||
|
|
||
|
NetworkPkg: SECURITY PATCH CVE-2023-45237
|
||
|
|
||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4542
|
||
|
|
||
|
Bug Overview:
|
||
|
PixieFail Bug #9
|
||
|
CVE-2023-45237
|
||
|
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
||
|
CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
|
||
|
|
||
|
Use of a Weak PseudoRandom Number Generator
|
||
|
|
||
|
Change Overview:
|
||
|
|
||
|
Updates all Instances of NET_RANDOM (NetRandomInitSeed ()) to either
|
||
|
|
||
|
>
|
||
|
> EFI_STATUS
|
||
|
> EFIAPI
|
||
|
> PseudoRandomU32 (
|
||
|
> OUT UINT32 *Output
|
||
|
> );
|
||
|
>
|
||
|
|
||
|
or (depending on the use case)
|
||
|
|
||
|
>
|
||
|
> EFI_STATUS
|
||
|
> EFIAPI
|
||
|
> PseudoRandom (
|
||
|
> OUT VOID *Output,
|
||
|
> IN UINTN OutputLength
|
||
|
> );
|
||
|
>
|
||
|
|
||
|
This is because the use of
|
||
|
|
||
|
Example:
|
||
|
|
||
|
The following code snippet PseudoRandomU32 () function is used:
|
||
|
|
||
|
>
|
||
|
> UINT32 Random;
|
||
|
>
|
||
|
> Status = PseudoRandomU32 (&Random);
|
||
|
> if (EFI_ERROR (Status)) {
|
||
|
> DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n",
|
||
|
__func__, Status));
|
||
|
> return Status;
|
||
|
> }
|
||
|
>
|
||
|
This also introduces a new PCD to enable/disable the use of the
|
||
|
secure implementation of algorithms for PseudoRandom () and
|
||
|
instead depend on the default implementation. This may be required for
|
||
|
some platforms where the UEFI Spec defined algorithms are not available.
|
||
|
|
||
|
>
|
||
|
> PcdEnforceSecureRngAlgorithms
|
||
|
>
|
||
|
|
||
|
If the platform does not have any one of the UEFI defined
|
||
|
secure RNG algorithms then the driver will assert.
|
||
|
|
||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||
|
|
||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||
|
|
||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||
|
---
|
||
|
NetworkPkg/Dhcp4Dxe/Dhcp4Driver.c | 10 +-
|
||
|
NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c | 11 +-
|
||
|
NetworkPkg/DnsDxe/DnsDhcp.c | 10 +-
|
||
|
NetworkPkg/DnsDxe/DnsImpl.c | 11 +-
|
||
|
NetworkPkg/HttpBootDxe/HttpBootDhcp6.c | 10 +-
|
||
|
NetworkPkg/IScsiDxe/IScsiCHAP.c | 19 ++-
|
||
|
NetworkPkg/IScsiDxe/IScsiMisc.c | 14 +--
|
||
|
NetworkPkg/IScsiDxe/IScsiMisc.h | 6 +-
|
||
|
NetworkPkg/Include/Library/NetLib.h | 40 +++++--
|
||
|
NetworkPkg/Ip4Dxe/Ip4Driver.c | 10 +-
|
||
|
NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c | 9 +-
|
||
|
NetworkPkg/Ip6Dxe/Ip6Driver.c | 17 ++-
|
||
|
NetworkPkg/Ip6Dxe/Ip6If.c | 12 +-
|
||
|
NetworkPkg/Ip6Dxe/Ip6Mld.c | 12 +-
|
||
|
NetworkPkg/Ip6Dxe/Ip6Nd.c | 33 +++++-
|
||
|
NetworkPkg/Ip6Dxe/Ip6Nd.h | 8 +-
|
||
|
NetworkPkg/Library/DxeNetLib/DxeNetLib.c | 130 ++++++++++++++++++---
|
||
|
NetworkPkg/Library/DxeNetLib/DxeNetLib.inf | 14 ++-
|
||
|
NetworkPkg/NetworkPkg.dec | 7 ++
|
||
|
NetworkPkg/TcpDxe/TcpDriver.c | 15 ++-
|
||
|
NetworkPkg/TcpDxe/TcpDxe.inf | 3 +
|
||
|
NetworkPkg/Udp4Dxe/Udp4Driver.c | 10 +-
|
||
|
NetworkPkg/Udp6Dxe/Udp6Driver.c | 11 +-
|
||
|
NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.c | 9 +-
|
||
|
NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c | 11 +-
|
||
|
NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c | 12 +-
|
||
|
26 files changed, 371 insertions(+), 83 deletions(-)
|
||
|
|
||
|
diff --git a/NetworkPkg/Dhcp4Dxe/Dhcp4Driver.c b/NetworkPkg/Dhcp4Dxe/Dhcp4Driver.c
|
||
|
index 8c37e93be3..892caee368 100644
|
||
|
--- a/NetworkPkg/Dhcp4Dxe/Dhcp4Driver.c
|
||
|
+++ b/NetworkPkg/Dhcp4Dxe/Dhcp4Driver.c
|
||
|
@@ -1,6 +1,7 @@
|
||
|
/** @file
|
||
|
|
||
|
Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
+Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -189,6 +190,13 @@ Dhcp4CreateService (
|
||
|
{
|
||
|
DHCP_SERVICE *DhcpSb;
|
||
|
EFI_STATUS Status;
|
||
|
+ UINT32 Random;
|
||
|
+
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
|
||
|
*Service = NULL;
|
||
|
DhcpSb = AllocateZeroPool (sizeof (DHCP_SERVICE));
|
||
|
@@ -203,7 +211,7 @@ Dhcp4CreateService (
|
||
|
DhcpSb->Image = ImageHandle;
|
||
|
InitializeListHead (&DhcpSb->Children);
|
||
|
DhcpSb->DhcpState = Dhcp4Stopped;
|
||
|
- DhcpSb->Xid = NET_RANDOM (NetRandomInitSeed ());
|
||
|
+ DhcpSb->Xid = Random;
|
||
|
CopyMem (
|
||
|
&DhcpSb->ServiceBinding,
|
||
|
&mDhcp4ServiceBindingTemplate,
|
||
|
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c
|
||
|
index b591a4605b..e7f2787a98 100644
|
||
|
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c
|
||
|
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c
|
||
|
@@ -3,7 +3,7 @@
|
||
|
implementation for Dhcp6 Driver.
|
||
|
|
||
|
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
-
|
||
|
+ Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -123,6 +123,13 @@ Dhcp6CreateService (
|
||
|
{
|
||
|
DHCP6_SERVICE *Dhcp6Srv;
|
||
|
EFI_STATUS Status;
|
||
|
+ UINT32 Random;
|
||
|
+
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
|
||
|
*Service = NULL;
|
||
|
Dhcp6Srv = AllocateZeroPool (sizeof (DHCP6_SERVICE));
|
||
|
@@ -147,7 +154,7 @@ Dhcp6CreateService (
|
||
|
Dhcp6Srv->Signature = DHCP6_SERVICE_SIGNATURE;
|
||
|
Dhcp6Srv->Controller = Controller;
|
||
|
Dhcp6Srv->Image = ImageHandle;
|
||
|
- Dhcp6Srv->Xid = (0xffffff & NET_RANDOM (NetRandomInitSeed ()));
|
||
|
+ Dhcp6Srv->Xid = (0xffffff & Random);
|
||
|
|
||
|
CopyMem (
|
||
|
&Dhcp6Srv->ServiceBinding,
|
||
|
diff --git a/NetworkPkg/DnsDxe/DnsDhcp.c b/NetworkPkg/DnsDxe/DnsDhcp.c
|
||
|
index 933565a32d..9eb3c1d2d8 100644
|
||
|
--- a/NetworkPkg/DnsDxe/DnsDhcp.c
|
||
|
+++ b/NetworkPkg/DnsDxe/DnsDhcp.c
|
||
|
@@ -2,6 +2,7 @@
|
||
|
Functions implementation related with DHCPv4/v6 for DNS driver.
|
||
|
|
||
|
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
+Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -277,6 +278,7 @@ GetDns4ServerFromDhcp4 (
|
||
|
EFI_DHCP4_TRANSMIT_RECEIVE_TOKEN Token;
|
||
|
BOOLEAN IsDone;
|
||
|
UINTN Index;
|
||
|
+ UINT32 Random;
|
||
|
|
||
|
Image = Instance->Service->ImageHandle;
|
||
|
Controller = Instance->Service->ControllerHandle;
|
||
|
@@ -292,6 +294,12 @@ GetDns4ServerFromDhcp4 (
|
||
|
Data = NULL;
|
||
|
InterfaceInfo = NULL;
|
||
|
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
+
|
||
|
ZeroMem ((UINT8 *)ParaList, sizeof (ParaList));
|
||
|
|
||
|
ZeroMem (&MnpConfigData, sizeof (EFI_MANAGED_NETWORK_CONFIG_DATA));
|
||
|
@@ -467,7 +475,7 @@ GetDns4ServerFromDhcp4 (
|
||
|
|
||
|
Status = Dhcp4->Build (Dhcp4, &SeedPacket, 0, NULL, 2, ParaList, &Token.Packet);
|
||
|
|
||
|
- Token.Packet->Dhcp4.Header.Xid = HTONL (NET_RANDOM (NetRandomInitSeed ()));
|
||
|
+ Token.Packet->Dhcp4.Header.Xid = Random;
|
||
|
|
||
|
Token.Packet->Dhcp4.Header.Reserved = HTONS ((UINT16)0x8000);
|
||
|
|
||
|
diff --git a/NetworkPkg/DnsDxe/DnsImpl.c b/NetworkPkg/DnsDxe/DnsImpl.c
|
||
|
index d311812800..c2629bb8df 100644
|
||
|
--- a/NetworkPkg/DnsDxe/DnsImpl.c
|
||
|
+++ b/NetworkPkg/DnsDxe/DnsImpl.c
|
||
|
@@ -2,6 +2,7 @@
|
||
|
DnsDxe support functions implementation.
|
||
|
|
||
|
Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
+Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -1963,6 +1964,14 @@ ConstructDNSQuery (
|
||
|
NET_FRAGMENT Frag;
|
||
|
DNS_HEADER *DnsHeader;
|
||
|
DNS_QUERY_SECTION *DnsQuery;
|
||
|
+ EFI_STATUS Status;
|
||
|
+ UINT32 Random;
|
||
|
+
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
|
||
|
//
|
||
|
// Messages carried by UDP are restricted to 512 bytes (not counting the IP
|
||
|
@@ -1977,7 +1986,7 @@ ConstructDNSQuery (
|
||
|
// Fill header
|
||
|
//
|
||
|
DnsHeader = (DNS_HEADER *)Frag.Bulk;
|
||
|
- DnsHeader->Identification = (UINT16)NET_RANDOM (NetRandomInitSeed ());
|
||
|
+ DnsHeader->Identification = (UINT16)Random;
|
||
|
DnsHeader->Flags.Uint16 = 0x0000;
|
||
|
DnsHeader->Flags.Bits.RD = 1;
|
||
|
DnsHeader->Flags.Bits.OpCode = DNS_FLAGS_OPCODE_STANDARD;
|
||
|
diff --git a/NetworkPkg/HttpBootDxe/HttpBootDhcp6.c b/NetworkPkg/HttpBootDxe/HttpBootDhcp6.c
|
||
|
index b22cef4ff5..f964515b0f 100644
|
||
|
--- a/NetworkPkg/HttpBootDxe/HttpBootDhcp6.c
|
||
|
+++ b/NetworkPkg/HttpBootDxe/HttpBootDhcp6.c
|
||
|
@@ -2,6 +2,7 @@
|
||
|
Functions implementation related with DHCPv6 for HTTP boot driver.
|
||
|
|
||
|
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
+Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -951,6 +952,7 @@ HttpBootDhcp6Sarr (
|
||
|
UINT32 OptCount;
|
||
|
UINT8 Buffer[HTTP_BOOT_DHCP6_OPTION_MAX_SIZE];
|
||
|
EFI_STATUS Status;
|
||
|
+ UINT32 Random;
|
||
|
|
||
|
Dhcp6 = Private->Dhcp6;
|
||
|
ASSERT (Dhcp6 != NULL);
|
||
|
@@ -961,6 +963,12 @@ HttpBootDhcp6Sarr (
|
||
|
OptCount = HttpBootBuildDhcp6Options (Private, OptList, Buffer);
|
||
|
ASSERT (OptCount > 0);
|
||
|
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
+
|
||
|
Retransmit = AllocateZeroPool (sizeof (EFI_DHCP6_RETRANSMISSION));
|
||
|
if (Retransmit == NULL) {
|
||
|
return EFI_OUT_OF_RESOURCES;
|
||
|
@@ -976,7 +984,7 @@ HttpBootDhcp6Sarr (
|
||
|
Config.IaInfoEvent = NULL;
|
||
|
Config.RapidCommit = FALSE;
|
||
|
Config.ReconfigureAccept = FALSE;
|
||
|
- Config.IaDescriptor.IaId = NET_RANDOM (NetRandomInitSeed ());
|
||
|
+ Config.IaDescriptor.IaId = Random;
|
||
|
Config.IaDescriptor.Type = EFI_DHCP6_IA_TYPE_NA;
|
||
|
Config.SolicitRetransmission = Retransmit;
|
||
|
Retransmit->Irt = 4;
|
||
|
diff --git a/NetworkPkg/IScsiDxe/IScsiCHAP.c b/NetworkPkg/IScsiDxe/IScsiCHAP.c
|
||
|
index b507f11cd4..bebb1ac29b 100644
|
||
|
--- a/NetworkPkg/IScsiDxe/IScsiCHAP.c
|
||
|
+++ b/NetworkPkg/IScsiDxe/IScsiCHAP.c
|
||
|
@@ -3,6 +3,7 @@
|
||
|
Configuration.
|
||
|
|
||
|
Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
+Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -576,16 +577,24 @@ IScsiCHAPToSendReq (
|
||
|
//
|
||
|
// CHAP_I=<I>
|
||
|
//
|
||
|
- IScsiGenRandom ((UINT8 *)&AuthData->OutIdentifier, 1);
|
||
|
+ Status = IScsiGenRandom ((UINT8 *)&AuthData->OutIdentifier, 1);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ break;
|
||
|
+ }
|
||
|
+
|
||
|
AsciiSPrint (ValueStr, sizeof (ValueStr), "%d", AuthData->OutIdentifier);
|
||
|
IScsiAddKeyValuePair (Pdu, ISCSI_KEY_CHAP_IDENTIFIER, ValueStr);
|
||
|
//
|
||
|
// CHAP_C=<C>
|
||
|
//
|
||
|
- IScsiGenRandom (
|
||
|
- (UINT8 *)AuthData->OutChallenge,
|
||
|
- AuthData->Hash->DigestSize
|
||
|
- );
|
||
|
+ Status = IScsiGenRandom (
|
||
|
+ (UINT8 *)AuthData->OutChallenge,
|
||
|
+ AuthData->Hash->DigestSize
|
||
|
+ );
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ break;
|
||
|
+ }
|
||
|
+
|
||
|
BinToHexStatus = IScsiBinToHex (
|
||
|
(UINT8 *)AuthData->OutChallenge,
|
||
|
AuthData->Hash->DigestSize,
|
||
|
diff --git a/NetworkPkg/IScsiDxe/IScsiMisc.c b/NetworkPkg/IScsiDxe/IScsiMisc.c
|
||
|
index b3ea90158f..cd77f1a13e 100644
|
||
|
--- a/NetworkPkg/IScsiDxe/IScsiMisc.c
|
||
|
+++ b/NetworkPkg/IScsiDxe/IScsiMisc.c
|
||
|
@@ -2,6 +2,7 @@
|
||
|
Miscellaneous routines for iSCSI driver.
|
||
|
|
||
|
Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
+Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -474,20 +475,17 @@ IScsiNetNtoi (
|
||
|
@param[in, out] Rand The buffer to contain random numbers.
|
||
|
@param[in] RandLength The length of the Rand buffer.
|
||
|
|
||
|
+ @retval EFI_SUCCESS on success
|
||
|
+ @retval others on error
|
||
|
+
|
||
|
**/
|
||
|
-VOID
|
||
|
+EFI_STATUS
|
||
|
IScsiGenRandom (
|
||
|
IN OUT UINT8 *Rand,
|
||
|
IN UINTN RandLength
|
||
|
)
|
||
|
{
|
||
|
- UINT32 Random;
|
||
|
-
|
||
|
- while (RandLength > 0) {
|
||
|
- Random = NET_RANDOM (NetRandomInitSeed ());
|
||
|
- *Rand++ = (UINT8)(Random);
|
||
|
- RandLength--;
|
||
|
- }
|
||
|
+ return PseudoRandom (Rand, RandLength);
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
diff --git a/NetworkPkg/IScsiDxe/IScsiMisc.h b/NetworkPkg/IScsiDxe/IScsiMisc.h
|
||
|
index fddef4f466..a8f814f7b8 100644
|
||
|
--- a/NetworkPkg/IScsiDxe/IScsiMisc.h
|
||
|
+++ b/NetworkPkg/IScsiDxe/IScsiMisc.h
|
||
|
@@ -2,6 +2,7 @@
|
||
|
Miscellaneous definitions for iSCSI driver.
|
||
|
|
||
|
Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
+Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -205,8 +206,11 @@ IScsiNetNtoi (
|
||
|
@param[in, out] Rand The buffer to contain random numbers.
|
||
|
@param[in] RandLength The length of the Rand buffer.
|
||
|
|
||
|
+ @retval EFI_SUCCESS on success
|
||
|
+ @retval others on error
|
||
|
+
|
||
|
**/
|
||
|
-VOID
|
||
|
+EFI_STATUS
|
||
|
IScsiGenRandom (
|
||
|
IN OUT UINT8 *Rand,
|
||
|
IN UINTN RandLength
|
||
|
diff --git a/NetworkPkg/Include/Library/NetLib.h b/NetworkPkg/Include/Library/NetLib.h
|
||
|
index 53495aa494..8c05e3da47 100644
|
||
|
--- a/NetworkPkg/Include/Library/NetLib.h
|
||
|
+++ b/NetworkPkg/Include/Library/NetLib.h
|
||
|
@@ -3,6 +3,7 @@
|
||
|
It provides basic functions for the UEFI network stack.
|
||
|
|
||
|
Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
+Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -539,8 +540,6 @@ extern EFI_IPv4_ADDRESS mZeroIp4Addr;
|
||
|
#define TICKS_PER_MS 10000U
|
||
|
#define TICKS_PER_SECOND 10000000U
|
||
|
|
||
|
-#define NET_RANDOM(Seed) ((UINT32) ((UINT32) (Seed) * 1103515245UL + 12345) % 4294967295UL)
|
||
|
-
|
||
|
/**
|
||
|
Extract a UINT32 from a byte stream.
|
||
|
|
||
|
@@ -580,19 +579,40 @@ NetPutUint32 (
|
||
|
);
|
||
|
|
||
|
/**
|
||
|
- Initialize a random seed using current time and monotonic count.
|
||
|
+ Generate a Random output data given a length.
|
||
|
|
||
|
- Get current time and monotonic count first. Then initialize a random seed
|
||
|
- based on some basic mathematics operation on the hour, day, minute, second,
|
||
|
- nanosecond and year of the current time and the monotonic count value.
|
||
|
+ @param[out] Output - The buffer to store the generated random data.
|
||
|
+ @param[in] OutputLength - The length of the output buffer.
|
||
|
|
||
|
- @return The random seed initialized with current time.
|
||
|
+ @retval EFI_SUCCESS On Success
|
||
|
+ @retval EFI_INVALID_PARAMETER Pointer is null or size is zero
|
||
|
+ @retval EFI_NOT_FOUND RNG protocol not found
|
||
|
+ @retval Others Error from RngProtocol->GetRNG()
|
||
|
|
||
|
+ @return Status code
|
||
|
**/
|
||
|
-UINT32
|
||
|
+EFI_STATUS
|
||
|
EFIAPI
|
||
|
-NetRandomInitSeed (
|
||
|
- VOID
|
||
|
+PseudoRandom (
|
||
|
+ OUT VOID *Output,
|
||
|
+ IN UINTN OutputLength
|
||
|
+ );
|
||
|
+
|
||
|
+/**
|
||
|
+ Generate a 32-bit pseudo-random number.
|
||
|
+
|
||
|
+ @param[out] Output - The buffer to store the generated random number.
|
||
|
+
|
||
|
+ @retval EFI_SUCCESS On Success
|
||
|
+ @retval EFI_NOT_FOUND RNG protocol not found
|
||
|
+ @retval Others Error from RngProtocol->GetRNG()
|
||
|
+
|
||
|
+ @return Status code
|
||
|
+**/
|
||
|
+EFI_STATUS
|
||
|
+EFIAPI
|
||
|
+PseudoRandomU32 (
|
||
|
+ OUT UINT32 *Output
|
||
|
);
|
||
|
|
||
|
#define NET_LIST_USER_STRUCT(Entry, Type, Field) \
|
||
|
diff --git a/NetworkPkg/Ip4Dxe/Ip4Driver.c b/NetworkPkg/Ip4Dxe/Ip4Driver.c
|
||
|
index ec483ff01f..683423f38d 100644
|
||
|
--- a/NetworkPkg/Ip4Dxe/Ip4Driver.c
|
||
|
+++ b/NetworkPkg/Ip4Dxe/Ip4Driver.c
|
||
|
@@ -2,6 +2,7 @@
|
||
|
The driver binding and service binding protocol for IP4 driver.
|
||
|
|
||
|
Copyright (c) 2005 - 2019, Intel Corporation. All rights reserved.<BR>
|
||
|
+Copyright (c) Microsoft Corporation
|
||
|
(C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>
|
||
|
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
@@ -549,11 +550,18 @@ Ip4DriverBindingStart (
|
||
|
EFI_IP4_CONFIG2_PROTOCOL *Ip4Cfg2;
|
||
|
UINTN Index;
|
||
|
IP4_CONFIG2_DATA_ITEM *DataItem;
|
||
|
+ UINT32 Random;
|
||
|
|
||
|
IpSb = NULL;
|
||
|
Ip4Cfg2 = NULL;
|
||
|
DataItem = NULL;
|
||
|
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
+
|
||
|
//
|
||
|
// Test for the Ip4 service binding protocol
|
||
|
//
|
||
|
@@ -653,7 +661,7 @@ Ip4DriverBindingStart (
|
||
|
//
|
||
|
// Initialize the IP4 ID
|
||
|
//
|
||
|
- mIp4Id = (UINT16)NET_RANDOM (NetRandomInitSeed ());
|
||
|
+ mIp4Id = (UINT16)Random;
|
||
|
|
||
|
return Status;
|
||
|
|
||
|
diff --git a/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c b/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c
|
||
|
index ab38013369..a79fc89821 100644
|
||
|
--- a/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c
|
||
|
+++ b/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c
|
||
|
@@ -2294,6 +2294,13 @@ Ip6ConfigInitInstance (
|
||
|
UINTN Index;
|
||
|
UINT16 IfIndex;
|
||
|
IP6_CONFIG_DATA_ITEM *DataItem;
|
||
|
+ UINT32 Random;
|
||
|
+
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
|
||
|
IpSb = IP6_SERVICE_FROM_IP6_CONFIG_INSTANCE (Instance);
|
||
|
|
||
|
@@ -2399,7 +2406,7 @@ Ip6ConfigInitInstance (
|
||
|
// The NV variable is not set, so generate a random IAID, and write down the
|
||
|
// fresh new configuration as the NV variable now.
|
||
|
//
|
||
|
- Instance->IaId = NET_RANDOM (NetRandomInitSeed ());
|
||
|
+ Instance->IaId = Random;
|
||
|
|
||
|
for (Index = 0; Index < IpSb->SnpMode.HwAddressSize; Index++) {
|
||
|
Instance->IaId |= (IpSb->SnpMode.CurrentAddress.Addr[Index] << ((Index << 3) & 31));
|
||
|
diff --git a/NetworkPkg/Ip6Dxe/Ip6Driver.c b/NetworkPkg/Ip6Dxe/Ip6Driver.c
|
||
|
index 7c13d6a3d4..b73fcb4828 100644
|
||
|
--- a/NetworkPkg/Ip6Dxe/Ip6Driver.c
|
||
|
+++ b/NetworkPkg/Ip6Dxe/Ip6Driver.c
|
||
|
@@ -3,7 +3,7 @@
|
||
|
|
||
|
Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR>
|
||
|
(C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>
|
||
|
-
|
||
|
+ Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -315,7 +315,11 @@ Ip6CreateService (
|
||
|
IpSb->CurHopLimit = IP6_HOP_LIMIT;
|
||
|
IpSb->LinkMTU = IP6_MIN_LINK_MTU;
|
||
|
IpSb->BaseReachableTime = IP6_REACHABLE_TIME;
|
||
|
- Ip6UpdateReachableTime (IpSb);
|
||
|
+ Status = Ip6UpdateReachableTime (IpSb);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ goto ON_ERROR;
|
||
|
+ }
|
||
|
+
|
||
|
//
|
||
|
// RFC4861 RETRANS_TIMER: 1,000 milliseconds
|
||
|
//
|
||
|
@@ -515,11 +519,18 @@ Ip6DriverBindingStart (
|
||
|
EFI_STATUS Status;
|
||
|
EFI_IP6_CONFIG_PROTOCOL *Ip6Cfg;
|
||
|
IP6_CONFIG_DATA_ITEM *DataItem;
|
||
|
+ UINT32 Random;
|
||
|
|
||
|
IpSb = NULL;
|
||
|
Ip6Cfg = NULL;
|
||
|
DataItem = NULL;
|
||
|
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
+
|
||
|
//
|
||
|
// Test for the Ip6 service binding protocol
|
||
|
//
|
||
|
@@ -655,7 +666,7 @@ Ip6DriverBindingStart (
|
||
|
//
|
||
|
// Initialize the IP6 ID
|
||
|
//
|
||
|
- mIp6Id = NET_RANDOM (NetRandomInitSeed ());
|
||
|
+ mIp6Id = Random;
|
||
|
|
||
|
return EFI_SUCCESS;
|
||
|
|
||
|
diff --git a/NetworkPkg/Ip6Dxe/Ip6If.c b/NetworkPkg/Ip6Dxe/Ip6If.c
|
||
|
index 4629c05f25..f3d11c4d21 100644
|
||
|
--- a/NetworkPkg/Ip6Dxe/Ip6If.c
|
||
|
+++ b/NetworkPkg/Ip6Dxe/Ip6If.c
|
||
|
@@ -2,7 +2,7 @@
|
||
|
Implement IP6 pseudo interface.
|
||
|
|
||
|
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
-
|
||
|
+ Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -89,6 +89,14 @@ Ip6SetAddress (
|
||
|
IP6_PREFIX_LIST_ENTRY *PrefixEntry;
|
||
|
UINT64 Delay;
|
||
|
IP6_DELAY_JOIN_LIST *DelayNode;
|
||
|
+ EFI_STATUS Status;
|
||
|
+ UINT32 Random;
|
||
|
+
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
|
||
|
NET_CHECK_SIGNATURE (Interface, IP6_INTERFACE_SIGNATURE);
|
||
|
|
||
|
@@ -164,7 +172,7 @@ Ip6SetAddress (
|
||
|
// Thus queue the address to be processed in Duplicate Address Detection module
|
||
|
// after the delay time (in milliseconds).
|
||
|
//
|
||
|
- Delay = (UINT64)NET_RANDOM (NetRandomInitSeed ());
|
||
|
+ Delay = (UINT64)Random;
|
||
|
Delay = MultU64x32 (Delay, IP6_ONE_SECOND_IN_MS);
|
||
|
Delay = RShiftU64 (Delay, 32);
|
||
|
|
||
|
diff --git a/NetworkPkg/Ip6Dxe/Ip6Mld.c b/NetworkPkg/Ip6Dxe/Ip6Mld.c
|
||
|
index e6b2b653e2..498a118543 100644
|
||
|
--- a/NetworkPkg/Ip6Dxe/Ip6Mld.c
|
||
|
+++ b/NetworkPkg/Ip6Dxe/Ip6Mld.c
|
||
|
@@ -696,7 +696,15 @@ Ip6UpdateDelayTimer (
|
||
|
IN OUT IP6_MLD_GROUP *Group
|
||
|
)
|
||
|
{
|
||
|
- UINT32 Delay;
|
||
|
+ UINT32 Delay;
|
||
|
+ EFI_STATUS Status;
|
||
|
+ UINT32 Random;
|
||
|
+
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
|
||
|
//
|
||
|
// If the Query packet specifies a Maximum Response Delay of zero, perform timer
|
||
|
@@ -715,7 +723,7 @@ Ip6UpdateDelayTimer (
|
||
|
// is less than the remaining value of the running timer.
|
||
|
//
|
||
|
if ((Group->DelayTimer == 0) || (Delay < Group->DelayTimer)) {
|
||
|
- Group->DelayTimer = Delay / 4294967295UL * NET_RANDOM (NetRandomInitSeed ());
|
||
|
+ Group->DelayTimer = Delay / 4294967295UL * Random;
|
||
|
}
|
||
|
|
||
|
return EFI_SUCCESS;
|
||
|
diff --git a/NetworkPkg/Ip6Dxe/Ip6Nd.c b/NetworkPkg/Ip6Dxe/Ip6Nd.c
|
||
|
index c10c7017f8..72aa45c10f 100644
|
||
|
--- a/NetworkPkg/Ip6Dxe/Ip6Nd.c
|
||
|
+++ b/NetworkPkg/Ip6Dxe/Ip6Nd.c
|
||
|
@@ -2,7 +2,7 @@
|
||
|
Implementation of Neighbor Discovery support routines.
|
||
|
|
||
|
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
-
|
||
|
+ Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -16,17 +16,28 @@ EFI_MAC_ADDRESS mZeroMacAddress;
|
||
|
|
||
|
@param[in, out] IpSb Points to the IP6_SERVICE.
|
||
|
|
||
|
+ @retval EFI_SUCCESS ReachableTime Updated
|
||
|
+ @retval others Failed to update ReachableTime
|
||
|
**/
|
||
|
-VOID
|
||
|
+EFI_STATUS
|
||
|
Ip6UpdateReachableTime (
|
||
|
IN OUT IP6_SERVICE *IpSb
|
||
|
)
|
||
|
{
|
||
|
- UINT32 Random;
|
||
|
+ UINT32 Random;
|
||
|
+ EFI_STATUS Status;
|
||
|
|
||
|
- Random = (NetRandomInitSeed () / 4294967295UL) * IP6_RANDOM_FACTOR_SCALE;
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
+
|
||
|
+ Random = (Random / 4294967295UL) * IP6_RANDOM_FACTOR_SCALE;
|
||
|
Random = Random + IP6_MIN_RANDOM_FACTOR_SCALED;
|
||
|
IpSb->ReachableTime = (IpSb->BaseReachableTime * Random) / IP6_RANDOM_FACTOR_SCALE;
|
||
|
+
|
||
|
+ return EFI_SUCCESS;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
@@ -972,10 +983,17 @@ Ip6InitDADProcess (
|
||
|
IP6_SERVICE *IpSb;
|
||
|
EFI_STATUS Status;
|
||
|
UINT32 MaxDelayTick;
|
||
|
+ UINT32 Random;
|
||
|
|
||
|
NET_CHECK_SIGNATURE (IpIf, IP6_INTERFACE_SIGNATURE);
|
||
|
ASSERT (AddressInfo != NULL);
|
||
|
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
+
|
||
|
//
|
||
|
// Do nothing if we have already started DAD on the address.
|
||
|
//
|
||
|
@@ -1014,7 +1032,7 @@ Ip6InitDADProcess (
|
||
|
Entry->Transmit = 0;
|
||
|
Entry->Receive = 0;
|
||
|
MaxDelayTick = IP6_MAX_RTR_SOLICITATION_DELAY / IP6_TIMER_INTERVAL_IN_MS;
|
||
|
- Entry->RetransTick = (MaxDelayTick * ((NET_RANDOM (NetRandomInitSeed ()) % 5) + 1)) / 5;
|
||
|
+ Entry->RetransTick = (MaxDelayTick * ((Random % 5) + 1)) / 5;
|
||
|
Entry->AddressInfo = AddressInfo;
|
||
|
Entry->Callback = Callback;
|
||
|
Entry->Context = Context;
|
||
|
@@ -2078,7 +2096,10 @@ Ip6ProcessRouterAdvertise (
|
||
|
// in BaseReachableTime and recompute a ReachableTime.
|
||
|
//
|
||
|
IpSb->BaseReachableTime = ReachableTime;
|
||
|
- Ip6UpdateReachableTime (IpSb);
|
||
|
+ Status = Ip6UpdateReachableTime (IpSb);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ goto Exit;
|
||
|
+ }
|
||
|
}
|
||
|
|
||
|
if (RetransTimer != 0) {
|
||
|
diff --git a/NetworkPkg/Ip6Dxe/Ip6Nd.h b/NetworkPkg/Ip6Dxe/Ip6Nd.h
|
||
|
index bf64e9114e..5795e23c7d 100644
|
||
|
--- a/NetworkPkg/Ip6Dxe/Ip6Nd.h
|
||
|
+++ b/NetworkPkg/Ip6Dxe/Ip6Nd.h
|
||
|
@@ -2,7 +2,7 @@
|
||
|
Definition of Neighbor Discovery support routines.
|
||
|
|
||
|
Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
|
||
|
-
|
||
|
+ Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -780,10 +780,10 @@ Ip6OnArpResolved (
|
||
|
/**
|
||
|
Update the ReachableTime in IP6 service binding instance data, in milliseconds.
|
||
|
|
||
|
- @param[in, out] IpSb Points to the IP6_SERVICE.
|
||
|
-
|
||
|
+ @retval EFI_SUCCESS ReachableTime Updated
|
||
|
+ @retval others Failed to update ReachableTime
|
||
|
**/
|
||
|
-VOID
|
||
|
+EFI_STATUS
|
||
|
Ip6UpdateReachableTime (
|
||
|
IN OUT IP6_SERVICE *IpSb
|
||
|
);
|
||
|
diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
||
|
index 0428abdda0..0bc9aef8cd 100644
|
||
|
--- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
||
|
+++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
||
|
@@ -3,6 +3,7 @@
|
||
|
|
||
|
Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
(C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
|
||
|
+Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
**/
|
||
|
|
||
|
@@ -31,6 +32,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
#include <Library/DevicePathLib.h>
|
||
|
#include <Library/PrintLib.h>
|
||
|
#include <Library/UefiLib.h>
|
||
|
+#include <Protocol/Rng.h>
|
||
|
|
||
|
#define NIC_ITEM_CONFIG_SIZE (sizeof (NIC_IP4_CONFIG_INFO) + sizeof (EFI_IP4_ROUTE_TABLE) * MAX_IP4_CONFIG_IN_VARIABLE)
|
||
|
#define DEFAULT_ZERO_START ((UINTN) ~0)
|
||
|
@@ -127,6 +129,25 @@ GLOBAL_REMOVE_IF_UNREFERENCED VLAN_DEVICE_PATH mNetVlanDevicePathTemplate = {
|
||
|
0
|
||
|
};
|
||
|
|
||
|
+//
|
||
|
+// These represent UEFI SPEC defined algorithms that should be supported by
|
||
|
+// the RNG protocol and are generally considered secure.
|
||
|
+//
|
||
|
+// The order of the algorithms in this array is important. This order is the order
|
||
|
+// in which the algorithms will be tried by the RNG protocol.
|
||
|
+// If your platform needs to use a specific algorithm for the random number generator,
|
||
|
+// then you should place that algorithm first in the array.
|
||
|
+//
|
||
|
+GLOBAL_REMOVE_IF_UNREFERENCED EFI_GUID *mSecureHashAlgorithms[] = {
|
||
|
+ &gEfiRngAlgorithmSp80090Ctr256Guid, // SP800-90A DRBG CTR using AES-256
|
||
|
+ &gEfiRngAlgorithmSp80090Hmac256Guid, // SP800-90A DRBG HMAC using SHA-256
|
||
|
+ &gEfiRngAlgorithmSp80090Hash256Guid, // SP800-90A DRBG Hash using SHA-256
|
||
|
+ &gEfiRngAlgorithmArmRndr, // unspecified SP800-90A DRBG via ARM RNDR register
|
||
|
+ &gEfiRngAlgorithmRaw, // Raw data from NRBG (or TRNG)
|
||
|
+};
|
||
|
+
|
||
|
+#define SECURE_HASH_ALGORITHMS_SIZE (sizeof (mSecureHashAlgorithms) / sizeof (EFI_GUID *))
|
||
|
+
|
||
|
/**
|
||
|
Locate the handles that support SNP, then open one of them
|
||
|
to send the syslog packets. The caller isn't required to close
|
||
|
@@ -884,34 +905,107 @@ Ip6Swap128 (
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
- Initialize a random seed using current time and monotonic count.
|
||
|
+ Generate a Random output data given a length.
|
||
|
|
||
|
- Get current time and monotonic count first. Then initialize a random seed
|
||
|
- based on some basic mathematics operation on the hour, day, minute, second,
|
||
|
- nanosecond and year of the current time and the monotonic count value.
|
||
|
+ @param[out] Output - The buffer to store the generated random data.
|
||
|
+ @param[in] OutputLength - The length of the output buffer.
|
||
|
|
||
|
- @return The random seed initialized with current time.
|
||
|
+ @retval EFI_SUCCESS On Success
|
||
|
+ @retval EFI_INVALID_PARAMETER Pointer is null or size is zero
|
||
|
+ @retval EFI_NOT_FOUND RNG protocol not found
|
||
|
+ @retval Others Error from RngProtocol->GetRNG()
|
||
|
|
||
|
+ @return Status code
|
||
|
**/
|
||
|
-UINT32
|
||
|
+EFI_STATUS
|
||
|
EFIAPI
|
||
|
-NetRandomInitSeed (
|
||
|
- VOID
|
||
|
+PseudoRandom (
|
||
|
+ OUT VOID *Output,
|
||
|
+ IN UINTN OutputLength
|
||
|
)
|
||
|
{
|
||
|
- EFI_TIME Time;
|
||
|
- UINT32 Seed;
|
||
|
- UINT64 MonotonicCount;
|
||
|
+ EFI_RNG_PROTOCOL *RngProtocol;
|
||
|
+ EFI_STATUS Status;
|
||
|
+ UINTN AlgorithmIndex;
|
||
|
+
|
||
|
+ if ((Output == NULL) || (OutputLength == 0)) {
|
||
|
+ return EFI_INVALID_PARAMETER;
|
||
|
+ }
|
||
|
+
|
||
|
+ Status = gBS->LocateProtocol (&gEfiRngProtocolGuid, NULL, (VOID **)&RngProtocol);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "Failed to locate EFI_RNG_PROTOCOL: %r\n", Status));
|
||
|
+ ASSERT_EFI_ERROR (Status);
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
+
|
||
|
+ if (PcdGetBool (PcdEnforceSecureRngAlgorithms)) {
|
||
|
+ for (AlgorithmIndex = 0; AlgorithmIndex < SECURE_HASH_ALGORITHMS_SIZE; AlgorithmIndex++) {
|
||
|
+ Status = RngProtocol->GetRNG (RngProtocol, mSecureHashAlgorithms[AlgorithmIndex], OutputLength, (UINT8 *)Output);
|
||
|
+ if (!EFI_ERROR (Status)) {
|
||
|
+ //
|
||
|
+ // Secure Algorithm was supported on this platform
|
||
|
+ //
|
||
|
+ return EFI_SUCCESS;
|
||
|
+ } else if (Status == EFI_UNSUPPORTED) {
|
||
|
+ //
|
||
|
+ // Secure Algorithm was not supported on this platform
|
||
|
+ //
|
||
|
+ DEBUG ((DEBUG_ERROR, "Failed to generate random data using secure algorithm %d: %r\n", AlgorithmIndex, Status));
|
||
|
+
|
||
|
+ //
|
||
|
+ // Try the next secure algorithm
|
||
|
+ //
|
||
|
+ continue;
|
||
|
+ } else {
|
||
|
+ //
|
||
|
+ // Some other error occurred
|
||
|
+ //
|
||
|
+ DEBUG ((DEBUG_ERROR, "Failed to generate random data using secure algorithm %d: %r\n", AlgorithmIndex, Status));
|
||
|
+ ASSERT_EFI_ERROR (Status);
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
+ }
|
||
|
+
|
||
|
+ //
|
||
|
+ // If we get here, we failed to generate random data using any secure algorithm
|
||
|
+ // Platform owner should ensure that at least one secure algorithm is supported
|
||
|
+ //
|
||
|
+ ASSERT_EFI_ERROR (Status);
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
+
|
||
|
+ //
|
||
|
+ // Lets try using the default algorithm (which may not be secure)
|
||
|
+ //
|
||
|
+ Status = RngProtocol->GetRNG (RngProtocol, NULL, OutputLength, (UINT8 *)Output);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random data: %r\n", __func__, Status));
|
||
|
+ ASSERT_EFI_ERROR (Status);
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
|
||
|
- gRT->GetTime (&Time, NULL);
|
||
|
- Seed = (Time.Hour << 24 | Time.Day << 16 | Time.Minute << 8 | Time.Second);
|
||
|
- Seed ^= Time.Nanosecond;
|
||
|
- Seed ^= Time.Year << 7;
|
||
|
+ return EFI_SUCCESS;
|
||
|
+}
|
||
|
+
|
||
|
+/**
|
||
|
+ Generate a 32-bit pseudo-random number.
|
||
|
|
||
|
- gBS->GetNextMonotonicCount (&MonotonicCount);
|
||
|
- Seed += (UINT32)MonotonicCount;
|
||
|
+ @param[out] Output - The buffer to store the generated random number.
|
||
|
|
||
|
- return Seed;
|
||
|
+ @retval EFI_SUCCESS On Success
|
||
|
+ @retval EFI_NOT_FOUND RNG protocol not found
|
||
|
+ @retval Others Error from RngProtocol->GetRNG()
|
||
|
+
|
||
|
+ @return Status code
|
||
|
+**/
|
||
|
+EFI_STATUS
|
||
|
+EFIAPI
|
||
|
+PseudoRandomU32 (
|
||
|
+ OUT UINT32 *Output
|
||
|
+ )
|
||
|
+{
|
||
|
+ return PseudoRandom (Output, sizeof (*Output));
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
|
||
|
index 8145d256ec..a8f534a293 100644
|
||
|
--- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
|
||
|
+++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
|
||
|
@@ -3,6 +3,7 @@
|
||
|
#
|
||
|
# Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
# (C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
|
||
|
+# Copyright (c) Microsoft Corporation
|
||
|
# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
#
|
||
|
##
|
||
|
@@ -49,7 +50,11 @@
|
||
|
gEfiSmbiosTableGuid ## SOMETIMES_CONSUMES ## SystemTable
|
||
|
gEfiSmbios3TableGuid ## SOMETIMES_CONSUMES ## SystemTable
|
||
|
gEfiAdapterInfoMediaStateGuid ## SOMETIMES_CONSUMES
|
||
|
-
|
||
|
+ gEfiRngAlgorithmRaw ## CONSUMES
|
||
|
+ gEfiRngAlgorithmSp80090Ctr256Guid ## CONSUMES
|
||
|
+ gEfiRngAlgorithmSp80090Hmac256Guid ## CONSUMES
|
||
|
+ gEfiRngAlgorithmSp80090Hash256Guid ## CONSUMES
|
||
|
+ gEfiRngAlgorithmArmRndr ## CONSUMES
|
||
|
|
||
|
[Protocols]
|
||
|
gEfiSimpleNetworkProtocolGuid ## SOMETIMES_CONSUMES
|
||
|
@@ -59,3 +64,10 @@
|
||
|
gEfiComponentNameProtocolGuid ## SOMETIMES_CONSUMES
|
||
|
gEfiComponentName2ProtocolGuid ## SOMETIMES_CONSUMES
|
||
|
gEfiAdapterInformationProtocolGuid ## SOMETIMES_CONSUMES
|
||
|
+ gEfiRngProtocolGuid ## CONSUMES
|
||
|
+
|
||
|
+[FixedPcd]
|
||
|
+ gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms ## CONSUMES
|
||
|
+
|
||
|
+[Depex]
|
||
|
+ gEfiRngProtocolGuid
|
||
|
diff --git a/NetworkPkg/NetworkPkg.dec b/NetworkPkg/NetworkPkg.dec
|
||
|
index 928e84fec4..ff335e957c 100644
|
||
|
--- a/NetworkPkg/NetworkPkg.dec
|
||
|
+++ b/NetworkPkg/NetworkPkg.dec
|
||
|
@@ -5,6 +5,7 @@
|
||
|
#
|
||
|
# Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.<BR>
|
||
|
# (C) Copyright 2015-2020 Hewlett Packard Enterprise Development LP<BR>
|
||
|
+# Copyright (c) Microsoft Corporation
|
||
|
#
|
||
|
# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
#
|
||
|
@@ -127,6 +128,12 @@
|
||
|
# @Prompt Indicates whether SnpDxe creates event for ExitBootServices() call.
|
||
|
gEfiNetworkPkgTokenSpaceGuid.PcdSnpCreateExitBootServicesEvent|TRUE|BOOLEAN|0x1000000C
|
||
|
|
||
|
+ ## Enforces the use of Secure UEFI spec defined RNG algorithms for all network connections.
|
||
|
+ # TRUE - Enforce the use of Secure UEFI spec defined RNG algorithms.
|
||
|
+ # FALSE - Do not enforce and depend on the default implementation of RNG algorithm from the provider.
|
||
|
+ # @Prompt Enforce the use of Secure UEFI spec defined RNG algorithms.
|
||
|
+ gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|TRUE|BOOLEAN|0x1000000D
|
||
|
+
|
||
|
[PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
|
||
|
## IPv6 DHCP Unique Identifier (DUID) Type configuration (From RFCs 3315 and 6355).
|
||
|
# 01 = DUID Based on Link-layer Address Plus Time [DUID-LLT]
|
||
|
diff --git a/NetworkPkg/TcpDxe/TcpDriver.c b/NetworkPkg/TcpDxe/TcpDriver.c
|
||
|
index 8a75b4b55b..430911c2f4 100644
|
||
|
--- a/NetworkPkg/TcpDxe/TcpDriver.c
|
||
|
+++ b/NetworkPkg/TcpDxe/TcpDriver.c
|
||
|
@@ -2,7 +2,7 @@
|
||
|
The driver binding and service binding protocol for the TCP driver.
|
||
|
|
||
|
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
-
|
||
|
+ Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -163,7 +163,13 @@ TcpDriverEntryPoint (
|
||
|
)
|
||
|
{
|
||
|
EFI_STATUS Status;
|
||
|
- UINT32 Seed;
|
||
|
+ UINT32 Random;
|
||
|
+
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a Failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
|
||
|
//
|
||
|
// Install the TCP Driver Binding Protocol
|
||
|
@@ -203,9 +209,8 @@ TcpDriverEntryPoint (
|
||
|
//
|
||
|
// Initialize ISS and random port.
|
||
|
//
|
||
|
- Seed = NetRandomInitSeed ();
|
||
|
- mTcpGlobalIss = NET_RANDOM (Seed) % mTcpGlobalIss;
|
||
|
- mTcp4RandomPort = (UINT16)(TCP_PORT_KNOWN + (NET_RANDOM (Seed) % TCP_PORT_KNOWN));
|
||
|
+ mTcpGlobalIss = Random % mTcpGlobalIss;
|
||
|
+ mTcp4RandomPort = (UINT16)(TCP_PORT_KNOWN + (Random % TCP_PORT_KNOWN));
|
||
|
mTcp6RandomPort = mTcp4RandomPort;
|
||
|
|
||
|
return EFI_SUCCESS;
|
||
|
diff --git a/NetworkPkg/TcpDxe/TcpDxe.inf b/NetworkPkg/TcpDxe/TcpDxe.inf
|
||
|
index c0acbdca57..cf5423f4c5 100644
|
||
|
--- a/NetworkPkg/TcpDxe/TcpDxe.inf
|
||
|
+++ b/NetworkPkg/TcpDxe/TcpDxe.inf
|
||
|
@@ -82,5 +82,8 @@
|
||
|
gEfiTcp6ProtocolGuid ## BY_START
|
||
|
gEfiTcp6ServiceBindingProtocolGuid ## BY_START
|
||
|
|
||
|
+[Depex]
|
||
|
+ gEfiHash2ServiceBindingProtocolGuid
|
||
|
+
|
||
|
[UserExtensions.TianoCore."ExtraFiles"]
|
||
|
TcpDxeExtra.uni
|
||
|
diff --git a/NetworkPkg/Udp4Dxe/Udp4Driver.c b/NetworkPkg/Udp4Dxe/Udp4Driver.c
|
||
|
index cb917fcfc9..c7ea16f4cd 100644
|
||
|
--- a/NetworkPkg/Udp4Dxe/Udp4Driver.c
|
||
|
+++ b/NetworkPkg/Udp4Dxe/Udp4Driver.c
|
||
|
@@ -1,6 +1,7 @@
|
||
|
/** @file
|
||
|
|
||
|
Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
+Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -555,6 +556,13 @@ Udp4DriverEntryPoint (
|
||
|
)
|
||
|
{
|
||
|
EFI_STATUS Status;
|
||
|
+ UINT32 Random;
|
||
|
+
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
|
||
|
//
|
||
|
// Install the Udp4DriverBinding and Udp4ComponentName protocols.
|
||
|
@@ -571,7 +579,7 @@ Udp4DriverEntryPoint (
|
||
|
//
|
||
|
// Initialize the UDP random port.
|
||
|
//
|
||
|
- mUdp4RandomPort = (UINT16)(((UINT16)NetRandomInitSeed ()) % UDP4_PORT_KNOWN + UDP4_PORT_KNOWN);
|
||
|
+ mUdp4RandomPort = (UINT16)(((UINT16)Random) % UDP4_PORT_KNOWN + UDP4_PORT_KNOWN);
|
||
|
}
|
||
|
|
||
|
return Status;
|
||
|
diff --git a/NetworkPkg/Udp6Dxe/Udp6Driver.c b/NetworkPkg/Udp6Dxe/Udp6Driver.c
|
||
|
index ae96fb9966..edb758d57c 100644
|
||
|
--- a/NetworkPkg/Udp6Dxe/Udp6Driver.c
|
||
|
+++ b/NetworkPkg/Udp6Dxe/Udp6Driver.c
|
||
|
@@ -2,7 +2,7 @@
|
||
|
Driver Binding functions and Service Binding functions for the Network driver module.
|
||
|
|
||
|
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
-
|
||
|
+ Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -596,6 +596,13 @@ Udp6DriverEntryPoint (
|
||
|
)
|
||
|
{
|
||
|
EFI_STATUS Status;
|
||
|
+ UINT32 Random;
|
||
|
+
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
|
||
|
//
|
||
|
// Install the Udp6DriverBinding and Udp6ComponentName protocols.
|
||
|
@@ -614,7 +621,7 @@ Udp6DriverEntryPoint (
|
||
|
// Initialize the UDP random port.
|
||
|
//
|
||
|
mUdp6RandomPort = (UINT16)(
|
||
|
- ((UINT16)NetRandomInitSeed ()) %
|
||
|
+ ((UINT16)Random) %
|
||
|
UDP6_PORT_KNOWN +
|
||
|
UDP6_PORT_KNOWN
|
||
|
);
|
||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.c b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.c
|
||
|
index 874fc2c37b..5f13352566 100644
|
||
|
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.c
|
||
|
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.c
|
||
|
@@ -2,7 +2,7 @@
|
||
|
Functions implementation related with DHCPv4 for UefiPxeBc Driver.
|
||
|
|
||
|
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
|
||
|
-
|
||
|
+ Copyright (c) Microsoft Corporation
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
**/
|
||
|
@@ -1381,6 +1381,12 @@ PxeBcDhcp4Discover (
|
||
|
UINT8 VendorOptLen;
|
||
|
UINT32 Xid;
|
||
|
|
||
|
+ Status = PseudoRandomU32 (&Xid);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
+
|
||
|
Mode = Private->PxeBc.Mode;
|
||
|
Dhcp4 = Private->Dhcp4;
|
||
|
Status = EFI_SUCCESS;
|
||
|
@@ -1470,7 +1476,6 @@ PxeBcDhcp4Discover (
|
||
|
//
|
||
|
// Set fields of the token for the request packet.
|
||
|
//
|
||
|
- Xid = NET_RANDOM (NetRandomInitSeed ());
|
||
|
Token.Packet->Dhcp4.Header.Xid = HTONL (Xid);
|
||
|
Token.Packet->Dhcp4.Header.Reserved = HTONS ((UINT16) ((IsBCast) ? 0x8000 : 0x0));
|
||
|
CopyMem (&Token.Packet->Dhcp4.Header.ClientAddr, &Private->StationIp, sizeof (EFI_IPv4_ADDRESS));
|
||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||
|
index 7fd1281c11..bcabbd2219 100644
|
||
|
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||
|
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||
|
@@ -2180,7 +2180,7 @@ PxeBcDhcp6Discover (
|
||
|
UINTN ReadSize;
|
||
|
UINT16 OpCode;
|
||
|
UINT16 OpLen;
|
||
|
- UINT32 Xid;
|
||
|
+ UINT32 Random;
|
||
|
EFI_STATUS Status;
|
||
|
UINTN DiscoverLenNeeded;
|
||
|
|
||
|
@@ -2198,6 +2198,12 @@ PxeBcDhcp6Discover (
|
||
|
return EFI_DEVICE_ERROR;
|
||
|
}
|
||
|
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
+
|
||
|
DiscoverLenNeeded = sizeof (EFI_PXE_BASE_CODE_DHCPV6_PACKET);
|
||
|
Discover = AllocateZeroPool (DiscoverLenNeeded);
|
||
|
if (Discover == NULL) {
|
||
|
@@ -2207,8 +2213,7 @@ PxeBcDhcp6Discover (
|
||
|
//
|
||
|
// Build the discover packet by the cached request packet before.
|
||
|
//
|
||
|
- Xid = NET_RANDOM (NetRandomInitSeed ());
|
||
|
- Discover->TransactionId = HTONL (Xid);
|
||
|
+ Discover->TransactionId = HTONL (Random);
|
||
|
Discover->MessageType = Request->Dhcp6.Header.MessageType;
|
||
|
RequestOpt = Request->Dhcp6.Option;
|
||
|
DiscoverOpt = Discover->DhcpOptions;
|
||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c b/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c
|
||
|
index d84aca7e85..4cd915b411 100644
|
||
|
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c
|
||
|
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c
|
||
|
@@ -3,6 +3,7 @@
|
||
|
|
||
|
(C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR>
|
||
|
Copyright (c) 2007 - 2019, Intel Corporation. All rights reserved.<BR>
|
||
|
+ Copyright (c) Microsoft Corporation
|
||
|
|
||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||
|
|
||
|
@@ -892,6 +893,13 @@ PxeBcCreateIp6Children (
|
||
|
PXEBC_PRIVATE_PROTOCOL *Id;
|
||
|
EFI_SIMPLE_NETWORK_PROTOCOL *Snp;
|
||
|
UINTN Index;
|
||
|
+ UINT32 Random;
|
||
|
+
|
||
|
+ Status = PseudoRandomU32 (&Random);
|
||
|
+ if (EFI_ERROR (Status)) {
|
||
|
+ DEBUG ((DEBUG_ERROR, "Failed to generate random number using EFI_RNG_PROTOCOL: %r\n", Status));
|
||
|
+ return Status;
|
||
|
+ }
|
||
|
|
||
|
if (Private->Ip6Nic != NULL) {
|
||
|
//
|
||
|
@@ -935,9 +943,9 @@ PxeBcCreateIp6Children (
|
||
|
}
|
||
|
|
||
|
//
|
||
|
- // Generate a random IAID for the Dhcp6 assigned address.
|
||
|
+ // Set a random IAID for the Dhcp6 assigned address.
|
||
|
//
|
||
|
- Private->IaId = NET_RANDOM (NetRandomInitSeed ());
|
||
|
+ Private->IaId = Random;
|
||
|
if (Private->Snp != NULL) {
|
||
|
for (Index = 0; Index < Private->Snp->Mode->HwAddressSize; Index++) {
|
||
|
Private->IaId |= (Private->Snp->Mode->CurrentAddress.Addr[Index] << ((Index << 3) & 31));
|
||
|
--
|
||
|
2.39.3
|
||
|
|