From e944f536f0b4bde843a2017c78f7a87dacb57603 Mon Sep 17 00:00:00 2001 From: Miroslav Rezanina Date: Mon, 11 Nov 2024 06:13:33 -0500 Subject: [PATCH] * Mon Nov 11 2024 Miroslav Rezanina - 20240524-11 - edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66234] - edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66234] - Resolves: RHEL-66234 ([Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-10]) --- edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch | 350 ++++++++++++++++++ ...rmVirtPkg-Add-a-Fallback-RNG-RH-only.patch | 101 +++++ edk2.spec | 12 +- 3 files changed, 462 insertions(+), 1 deletion(-) create mode 100644 edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch create mode 100644 edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch diff --git a/edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch b/edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch new file mode 100644 index 0000000..0e60724 --- /dev/null +++ b/edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch @@ -0,0 +1,350 @@ +From 7dcc1de7727fe15f17d18e727cdd7f11e93d147a Mon Sep 17 00:00:00 2001 +From: Oliver Steffen +Date: Mon, 4 Nov 2024 12:40:12 +0100 +Subject: [PATCH 1/2] OvmfPkg: Add a Fallback RNG (RH only) + +RH-Author: Oliver Steffen +RH-MergeRequest: 82: Add a Fallback RNG (RH only) +RH-Jira: RHEL-66234 +RH-Acked-by: Gerd Hoffmann +RH-Commit: [1/2] bb62ac9e3f1cd5eae1bb94e047fb6ebada57cd24 (osteffen/edk2) + +Since the pixiefail CVE fix, the network stack requires a random number +generator. +In case there is no hardware random number generator available, +have the Platform Boot Manager install a pseudo RNG to ensure +the network can be used. + +Signed-off-by: Oliver Steffen +--- + .../PlatformBootManagerLib/BdsPlatform.c | 7 + + .../PlatformBootManagerLib/FallbackRng.c | 222 ++++++++++++++++++ + .../PlatformBootManagerLib/FallbackRng.h | 20 ++ + .../PlatformBootManagerLib.inf | 5 + + 4 files changed, 254 insertions(+) + create mode 100644 OvmfPkg/Library/PlatformBootManagerLib/FallbackRng.c + create mode 100644 OvmfPkg/Library/PlatformBootManagerLib/FallbackRng.h + +diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c +index d9f61757cf..87d1ac3142 100644 +--- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c ++++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c +@@ -15,6 +15,8 @@ + #include + #include + ++#include "FallbackRng.h" ++ + // + // Global data + // +@@ -539,6 +541,9 @@ PlatformBootManagerBeforeConsole ( + ConnectVirtioPciRng, + NULL + ); ++ ++ FallbackRngCheckAndInstall (); ++ + } + + EFI_STATUS +@@ -1778,6 +1783,8 @@ PlatformBootManagerAfterConsole ( + + DEBUG ((DEBUG_INFO, "PlatformBootManagerAfterConsole\n")); + ++ FallbackRngPrintWarning (); ++ + if (PcdGetBool (PcdOvmfFlashVariablesEnable)) { + DEBUG (( + DEBUG_INFO, +diff --git a/OvmfPkg/Library/PlatformBootManagerLib/FallbackRng.c b/OvmfPkg/Library/PlatformBootManagerLib/FallbackRng.c +new file mode 100644 +index 0000000000..bba60e29d5 +--- /dev/null ++++ b/OvmfPkg/Library/PlatformBootManagerLib/FallbackRng.c +@@ -0,0 +1,222 @@ ++/** @file ++ Copyright (C) 2024, Red Hat, Inc. ++ SPDX-License-Identifier: BSD-2-Clause-Patent ++**/ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include "FallbackRng.h" ++ ++typedef struct { ++ EFI_RNG_PROTOCOL Rng; ++ EFI_HANDLE Handle; ++} FALLBACK_RNG_DEV; ++ ++/** ++ Returns information about the random number generation implementation. ++ ++ @param[in] This A pointer to the EFI_RNG_PROTOCOL ++ instance. ++ @param[in,out] RNGAlgorithmListSize On input, the size in bytes of ++ RNGAlgorithmList. ++ On output with a return code of ++ EFI_SUCCESS, the size in bytes of the ++ data returned in RNGAlgorithmList. On ++ output with a return code of ++ EFI_BUFFER_TOO_SMALL, the size of ++ RNGAlgorithmList required to obtain the ++ list. ++ @param[out] RNGAlgorithmList A caller-allocated memory buffer filled ++ by the driver with one EFI_RNG_ALGORITHM ++ element for each supported RNG algorithm. ++ The list must not change across multiple ++ calls to the same driver. The first ++ algorithm in the list is the default ++ algorithm for the driver. ++ ++ @retval EFI_SUCCESS The RNG algorithm list was returned ++ successfully. ++ @retval EFI_UNSUPPORTED The services is not supported by this ++ driver. ++ @retval EFI_DEVICE_ERROR The list of algorithms could not be ++ retrieved due to a hardware or firmware ++ error. ++ @retval EFI_INVALID_PARAMETER One or more of the parameters are ++ incorrect. ++ @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small ++ to hold the result. ++ ++**/ ++STATIC ++EFI_STATUS ++EFIAPI ++FallbackRngGetInfo ( ++ IN EFI_RNG_PROTOCOL *This, ++ IN OUT UINTN *RNGAlgorithmListSize, ++ OUT EFI_RNG_ALGORITHM *RNGAlgorithmList ++ ) ++{ ++ if ((This == NULL) || (RNGAlgorithmListSize == NULL)) { ++ return EFI_INVALID_PARAMETER; ++ } ++ ++ if (*RNGAlgorithmListSize < sizeof (EFI_RNG_ALGORITHM)) { ++ *RNGAlgorithmListSize = sizeof (EFI_RNG_ALGORITHM); ++ return EFI_BUFFER_TOO_SMALL; ++ } ++ ++ if (RNGAlgorithmList == NULL) { ++ return EFI_INVALID_PARAMETER; ++ } ++ ++ *RNGAlgorithmListSize = sizeof (EFI_RNG_ALGORITHM); ++ CopyGuid (RNGAlgorithmList, &gEfiRngAlgorithmRaw); ++ ++ return EFI_SUCCESS; ++} ++ ++/** ++ Produces and returns an RNG value using either the default or specified RNG ++ algorithm. ++ ++ @param[in] This A pointer to the EFI_RNG_PROTOCOL ++ instance. ++ @param[in] RNGAlgorithm A pointer to the EFI_RNG_ALGORITHM that ++ identifies the RNG algorithm to use. May ++ be NULL in which case the function will ++ use its default RNG algorithm. ++ @param[in] RNGValueLength The length in bytes of the memory buffer ++ pointed to by RNGValue. The driver shall ++ return exactly this numbers of bytes. ++ @param[out] RNGValue A caller-allocated memory buffer filled ++ by the driver with the resulting RNG ++ value. ++ ++ @retval EFI_SUCCESS The RNG value was returned successfully. ++ @retval EFI_UNSUPPORTED The algorithm specified by RNGAlgorithm ++ is not supported by this driver. ++ @retval EFI_DEVICE_ERROR An RNG value could not be retrieved due ++ to a hardware or firmware error. ++ @retval EFI_NOT_READY There is not enough random data available ++ to satisfy the length requested by ++ RNGValueLength. ++ @retval EFI_INVALID_PARAMETER RNGValue is NULL or RNGValueLength is ++ zero. ++ ++**/ ++STATIC ++EFI_STATUS ++EFIAPI ++FallbackRngGetRNG ( ++ IN EFI_RNG_PROTOCOL *This, ++ IN EFI_RNG_ALGORITHM *RNGAlgorithm OPTIONAL, ++ IN UINTN RNGValueLength, ++ OUT UINT8 *RNGValue ++ ) ++{ ++ UINT64 RandomData; ++ EFI_STATUS Status; ++ UINTN i; ++ ++ if ((This == NULL) || (RNGValueLength == 0) || (RNGValue == NULL)) { ++ return EFI_INVALID_PARAMETER; ++ } ++ ++ // ++ // We only support the raw algorithm, so reject requests for anything else ++ // ++ if ((RNGAlgorithm != NULL) && ++ !CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmRaw)) ++ { ++ return EFI_UNSUPPORTED; ++ } ++ ++ for (i = 0; i < RNGValueLength; ++i) { ++ if (i % 4 == 0) { ++ Status = GetRandomNumber64 (&RandomData); ++ if (EFI_ERROR (Status)) { ++ return Status; ++ } ++ } ++ } ++ ++ return EFI_SUCCESS; ++} ++ ++static FALLBACK_RNG_DEV Dev = { ++ .Rng.GetInfo = FallbackRngGetInfo, ++ .Rng.GetRNG = FallbackRngGetRNG, ++ .Handle = NULL, ++}; ++ ++EFI_STATUS ++FallbackRngCheckAndInstall ( ++ ) ++{ ++ EFI_STATUS Status; ++ EFI_HANDLE *HandleBuffer = NULL; ++ UINTN HandleCount = 0; ++ ++ if (Dev.Handle != NULL) { ++ DEBUG ((DEBUG_INFO, "Fallback RNG already installed.\n")); ++ return EFI_ALREADY_STARTED; ++ } ++ ++ Status = gBS->LocateHandleBuffer ( ++ ByProtocol, ++ &gEfiRngProtocolGuid, ++ NULL, ++ &HandleCount, ++ &HandleBuffer ++ ); ++ ++ gBS->FreePool (HandleBuffer); ++ ++ if (Status == EFI_NOT_FOUND) { ++ HandleCount = 0; ++ } else if (EFI_ERROR (Status)) { ++ DEBUG ((DEBUG_ERROR, "Error locating RNG protocol instances: %r\n", Status)); ++ return Status; ++ } ++ ++ DEBUG ((DEBUG_INFO, "Found %u RNGs\n", HandleCount)); ++ ++ if (HandleCount == 0) { ++ // Install RNG ++ Status = gBS->InstallProtocolInterface ( ++ &Dev.Handle, ++ &gEfiRngProtocolGuid, ++ EFI_NATIVE_INTERFACE, ++ &Dev.Rng ++ ); ++ if (EFI_ERROR (Status)) { ++ DEBUG ((DEBUG_ERROR, "Failed to install fallback RNG: %r\n", Status)); ++ return Status; ++ } ++ ++ gDS->Dispatch (); ++ } ++ ++ return EFI_SUCCESS; ++} ++ ++VOID ++FallbackRngPrintWarning ( ++ ) ++{ ++ if (Dev.Handle != NULL) { ++ Print (L"WARNING: Pseudo Random Number Generator in use - Pixiefail CVE not mitigated!\n"); ++ DEBUG ((DEBUG_WARN, "WARNING: Pseudo Random Number Generator in use - Pixiefail CVE not mitigated!\n")); ++ gBS->Stall (2000000); ++ } ++} +diff --git a/OvmfPkg/Library/PlatformBootManagerLib/FallbackRng.h b/OvmfPkg/Library/PlatformBootManagerLib/FallbackRng.h +new file mode 100644 +index 0000000000..77332bc51c +--- /dev/null ++++ b/OvmfPkg/Library/PlatformBootManagerLib/FallbackRng.h +@@ -0,0 +1,20 @@ ++/** @file ++ Copyright (C) 2024, Red Hat, Inc. ++ SPDX-License-Identifier: BSD-2-Clause-Patent ++**/ ++ ++#ifndef _FALLBACK_RNG_H_ ++#define _FALLBACK_RNG_H_ ++ ++#include ++#include ++ ++EFI_STATUS ++FallbackRngCheckAndInstall ( ++ ); ++ ++VOID ++FallbackRngPrintWarning ( ++ ); ++ ++#endif +diff --git a/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf +index c6ffc1ed9e..211716e30d 100644 +--- a/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf ++++ b/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf +@@ -25,6 +25,8 @@ + PlatformData.c + QemuKernel.c + BdsPlatform.h ++ FallbackRng.c ++ FallbackRng.h + + [Packages] + MdePkg/MdePkg.dec +@@ -56,6 +58,7 @@ + PlatformBmPrintScLib + Tcg2PhysicalPresenceLib + XenPlatformLib ++ RngLib + + [Pcd] + gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent +@@ -80,6 +83,7 @@ + gEfiDxeSmmReadyToLockProtocolGuid # PROTOCOL SOMETIMES_PRODUCED + gEfiLoadedImageProtocolGuid # PROTOCOL SOMETIMES_PRODUCED + gEfiFirmwareVolume2ProtocolGuid # PROTOCOL SOMETIMES_CONSUMED ++ gEfiRngProtocolGuid # PROTOCOL SOMETIMES_PRODUCED + + [Guids] + gEfiEndOfDxeEventGroupGuid +@@ -87,3 +91,4 @@ + gRootBridgesConnectedEventGroupGuid + gUefiShellFileGuid + gGrubFileGuid ++ gEfiRngAlgorithmRaw +-- +2.39.3 + diff --git a/edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch b/edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch new file mode 100644 index 0000000..c9e9616 --- /dev/null +++ b/edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch @@ -0,0 +1,101 @@ +From 35d3219a94631eaf437000a60cd63c918b35ba36 Mon Sep 17 00:00:00 2001 +From: Oliver Steffen +Date: Thu, 7 Nov 2024 11:36:22 +0100 +Subject: [PATCH 2/2] OvmfPkg/ArmVirtPkg: Add a Fallback RNG (RH only) + +RH-Author: Oliver Steffen +RH-MergeRequest: 82: Add a Fallback RNG (RH only) +RH-Jira: RHEL-66234 +RH-Acked-by: Gerd Hoffmann +RH-Commit: [2/2] ae2c04680e6420e096c667a22c52ec6f6fb46935 (osteffen/edk2) + +Since the pixiefail CVE fix, the network stack requires a random number +generator. +In case there is no hardware random number generator available, +have the Platform Boot Manager install a pseudo RNG to ensure +the network can be used. + +This patch adds the fallback rng which was introduced in a +previous commit also to the ArmVirtPkg PlatformBootManagerLib. + +Signed-off-by: Oliver Steffen +--- + OvmfPkg/Library/PlatformBootManagerLibLight/PlatformBm.c | 6 ++++++ + .../PlatformBootManagerLibLight/PlatformBootManagerLib.inf | 5 +++++ + 2 files changed, 11 insertions(+) + +diff --git a/OvmfPkg/Library/PlatformBootManagerLibLight/PlatformBm.c b/OvmfPkg/Library/PlatformBootManagerLibLight/PlatformBm.c +index 8e93f3cfed..8aa1e8e2df 100644 +--- a/OvmfPkg/Library/PlatformBootManagerLibLight/PlatformBm.c ++++ b/OvmfPkg/Library/PlatformBootManagerLibLight/PlatformBm.c +@@ -30,6 +30,7 @@ + #include + #include + #include ++#include "FallbackRng.h" + + #include "PlatformBm.h" + +@@ -1029,6 +1030,7 @@ PlatformBootManagerBeforeConsole ( + // + FilterAndProcess (&gEfiGraphicsOutputProtocolGuid, NULL, AddOutput); + ++ + // + // Add the hardcoded short-form USB keyboard device path to ConIn. + // +@@ -1110,6 +1112,8 @@ PlatformBootManagerBeforeConsole ( + // + FilterAndProcess (&gVirtioDeviceProtocolGuid, IsVirtioSerial, SetupVirtioSerial); + FilterAndProcess (&gEfiPciIoProtocolGuid, IsVirtioPciSerial, SetupVirtioSerial); ++ ++ FallbackRngCheckAndInstall (); + } + + /** +@@ -1175,6 +1179,8 @@ PlatformBootManagerAfterConsole ( + RETURN_STATUS Status; + BOOLEAN Uninstall; + ++ FallbackRngPrintWarning (); ++ + // + // Show the splash screen. + // +diff --git a/OvmfPkg/Library/PlatformBootManagerLibLight/PlatformBootManagerLib.inf b/OvmfPkg/Library/PlatformBootManagerLibLight/PlatformBootManagerLib.inf +index 8e7cd5605f..4583c05ef4 100644 +--- a/OvmfPkg/Library/PlatformBootManagerLibLight/PlatformBootManagerLib.inf ++++ b/OvmfPkg/Library/PlatformBootManagerLibLight/PlatformBootManagerLib.inf +@@ -27,6 +27,8 @@ + PlatformBm.c + PlatformBm.h + QemuKernel.c ++ ../PlatformBootManagerLib/FallbackRng.h ++ ../PlatformBootManagerLib/FallbackRng.c + + [Packages] + MdeModulePkg/MdeModulePkg.dec +@@ -53,6 +55,7 @@ + UefiBootServicesTableLib + UefiLib + UefiRuntimeServicesTableLib ++ RngLib + + [FixedPcd] + gEfiMdePkgTokenSpaceGuid.PcdUartDefaultBaudRate +@@ -70,6 +73,7 @@ + gEfiGlobalVariableGuid + gRootBridgesConnectedEventGroupGuid + gUefiShellFileGuid ++ gEfiRngAlgorithmRaw + + [Protocols] + gEfiFirmwareVolume2ProtocolGuid +@@ -77,3 +81,4 @@ + gEfiMemoryAttributeProtocolGuid + gEfiPciRootBridgeIoProtocolGuid + gVirtioDeviceProtocolGuid ++ gEfiRngProtocolGuid +-- +2.39.3 + diff --git a/edk2.spec b/edk2.spec index 2dbb198..5b92d27 100644 --- a/edk2.spec +++ b/edk2.spec @@ -21,7 +21,7 @@ ExclusiveArch: x86_64 aarch64 Name: edk2 Version: %{GITDATE} -Release: 10%{?dist} +Release: 11%{?dist} Summary: UEFI firmware for 64-bit virtual machines License: BSD-2-Clause-Patent and Apache-2.0 and MIT URL: http://www.tianocore.org @@ -107,6 +107,10 @@ Patch45: edk2-OvmfPkg-VirtioGpuDxe-ignore-display-resolutions-smal.patch Patch46: edk2-OvmfPkg-QemuVideoDxe-ignore-display-resolutions-smal.patch # For RHEL-60829 - CVE-2024-38796 edk2: Integer overflows in PeCoffLoaderRelocateImage [rhel-10.0] Patch47: edk2-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch +# For RHEL-66234 - [Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-10] +Patch48: edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch +# For RHEL-66234 - [Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-10] +Patch49: edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch # python3-devel and libuuid-devel are required for building tools. # python3-devel is also needed for varstore template generation and @@ -441,6 +445,12 @@ install -m 0644 \ %changelog +* Mon Nov 11 2024 Miroslav Rezanina - 20240524-11 +- edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66234] +- edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66234] +- Resolves: RHEL-66234 + ([Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-10]) + * Tue Oct 29 2024 Troy Dawson - 20240524-10 - Bump release for October 2024 mass rebuild: Resolves: RHEL-64018