From df912b4c93cd848991d9a9439d3aba441bae1d67 Mon Sep 17 00:00:00 2001 From: Jon Maloy Date: Tue, 25 Jun 2024 22:21:09 -0400 Subject: [PATCH 06/31] SecurityPkg/RngDxe: Remove ArchGetSupportedRngAlgorithms() RH-Author: Jon Maloy RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099 RH-Acked-by: Gerd Hoffmann RH-Commit: [6/31] 4066cb1503b5c5a29b6d45a4b671d0829f2671ae JIRA: https://issues.redhat.com/browse/RHEL-21856 CVE: CVE-2022-45237 Upstream: Merged commit 922bf317f1731554b3e77a0a48033a38fdc75a77 Author: Pierre Gondois Date: Fri Oct 28 17:32:52 2022 +0200 SecurityPkg/RngDxe: Remove ArchGetSupportedRngAlgorithms() RngGetInfo() is one of the 2 functions of the EFI_RNG_PROTOCOL. RngGetInfo() is currently a mere wrapper around ArchGetSupportedRngAlgorithms() which is implemented differently depending on the architecture used. RngGetInfo() does nothing more than calling ArchGetSupportedRngAlgorithms(). So remove it, and let RngGetInfo() be implemented differently according to the architecture. This follows the implementation of the other function of the EFI_RNG_PROTOCOL, RngGetRNG(). Signed-off-by: Pierre Gondois Acked-by: Jiewen Yao Signed-off-by: Jon Maloy --- .../RngDxe/AArch64/RngDxe.c | 19 +++++-- .../RngDxe/Rand/RngDxe.c | 24 ++++++--- .../RandomNumberGenerator/RngDxe/RngDxe.c | 49 ------------------- .../RngDxe/RngDxeInternals.h | 25 ---------- 4 files changed, 33 insertions(+), 84 deletions(-) diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c index 1cdc842966..f6a0bf7b2b 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c @@ -14,6 +14,7 @@ Copyright (c) 2021, NUVIA Inc. All rights reserved.
Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
(C) Copyright 2015 Hewlett Packard Enterprise Development LP
+ Copyright (c) 2021 - 2022, Arm Limited. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent @@ -85,6 +86,7 @@ RngGetRNG ( /** Returns information about the random number generation implementation. + @param[in] This A pointer to the EFI_RNG_PROTOCOL instance. @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList. On output with a return code of EFI_SUCCESS, the size in bytes of the data returned in RNGAlgorithmList. On output @@ -97,14 +99,19 @@ RngGetRNG ( is the default algorithm for the driver. @retval EFI_SUCCESS The RNG algorithm list was returned successfully. + @retval EFI_UNSUPPORTED The services is not supported by this driver. + @retval EFI_DEVICE_ERROR The list of algorithms could not be retrieved due to a + hardware or firmware error. + @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect. @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result. **/ -UINTN +EFI_STATUS EFIAPI -ArchGetSupportedRngAlgorithms ( - IN OUT UINTN *RNGAlgorithmListSize, - OUT EFI_RNG_ALGORITHM *RNGAlgorithmList +RngGetInfo ( + IN EFI_RNG_PROTOCOL *This, + IN OUT UINTN *RNGAlgorithmListSize, + OUT EFI_RNG_ALGORITHM *RNGAlgorithmList ) { UINTN RequiredSize; @@ -112,6 +119,10 @@ ArchGetSupportedRngAlgorithms ( RequiredSize = sizeof (EFI_RNG_ALGORITHM); + if ((This == NULL) || (RNGAlgorithmListSize == NULL)) { + return EFI_INVALID_PARAMETER; + } + if (*RNGAlgorithmListSize < RequiredSize) { *RNGAlgorithmListSize = RequiredSize; return EFI_BUFFER_TOO_SMALL; diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c index 19755b3bfd..5a649ecf24 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c @@ -104,6 +104,7 @@ RngGetRNG ( /** Returns information about the random number generation implementation. + @param[in] This A pointer to the EFI_RNG_PROTOCOL instance. @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList. On output with a return code of EFI_SUCCESS, the size in bytes of the data returned in RNGAlgorithmList. On output @@ -116,19 +117,28 @@ RngGetRNG ( is the default algorithm for the driver. @retval EFI_SUCCESS The RNG algorithm list was returned successfully. + @retval EFI_UNSUPPORTED No supported algorithms found. + @retval EFI_DEVICE_ERROR The list of algorithms could not be retrieved due to a + hardware or firmware error. + @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect. @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result. **/ -UINTN +EFI_STATUS EFIAPI -ArchGetSupportedRngAlgorithms ( - IN OUT UINTN *RNGAlgorithmListSize, - OUT EFI_RNG_ALGORITHM *RNGAlgorithmList +RngGetInfo ( + IN EFI_RNG_PROTOCOL *This, + IN OUT UINTN *RNGAlgorithmListSize, + OUT EFI_RNG_ALGORITHM *RNGAlgorithmList ) { UINTN RequiredSize; EFI_RNG_ALGORITHM *CpuRngSupportedAlgorithm; + if ((This == NULL) || (RNGAlgorithmListSize == NULL)) { + return EFI_INVALID_PARAMETER; + } + RequiredSize = 2 * sizeof (EFI_RNG_ALGORITHM); if (*RNGAlgorithmListSize < RequiredSize) { @@ -136,9 +146,11 @@ ArchGetSupportedRngAlgorithms ( return EFI_BUFFER_TOO_SMALL; } - CpuRngSupportedAlgorithm = PcdGetPtr (PcdCpuRngSupportedAlgorithm); + if (RNGAlgorithmList == NULL) { + return EFI_INVALID_PARAMETER; + } - CopyMem(&RNGAlgorithmList[0], CpuRngSupportedAlgorithm, sizeof (EFI_RNG_ALGORITHM)); + CopyMem (&RNGAlgorithmList[0], &gEfiRngAlgorithmSp80090Ctr256Guid, sizeof (EFI_RNG_ALGORITHM)); // x86 platforms also support EFI_RNG_ALGORITHM_RAW via RDSEED CopyMem(&RNGAlgorithmList[1], &gEfiRngAlgorithmRaw, sizeof (EFI_RNG_ALGORITHM)); diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c index b959c70536..7b8ecfc70d 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c @@ -28,55 +28,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "RngDxeInternals.h" -/** - Returns information about the random number generation implementation. - - @param[in] This A pointer to the EFI_RNG_PROTOCOL instance. - @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList. - On output with a return code of EFI_SUCCESS, the size - in bytes of the data returned in RNGAlgorithmList. On output - with a return code of EFI_BUFFER_TOO_SMALL, - the size of RNGAlgorithmList required to obtain the list. - @param[out] RNGAlgorithmList A caller-allocated memory buffer filled by the driver - with one EFI_RNG_ALGORITHM element for each supported - RNG algorithm. The list must not change across multiple - calls to the same driver. The first algorithm in the list - is the default algorithm for the driver. - - @retval EFI_SUCCESS The RNG algorithm list was returned successfully. - @retval EFI_UNSUPPORTED The services is not supported by this driver. - @retval EFI_DEVICE_ERROR The list of algorithms could not be retrieved due to a - hardware or firmware error. - @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect. - @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result. - -**/ -EFI_STATUS -EFIAPI -RngGetInfo ( - IN EFI_RNG_PROTOCOL *This, - IN OUT UINTN *RNGAlgorithmListSize, - OUT EFI_RNG_ALGORITHM *RNGAlgorithmList - ) -{ - EFI_STATUS Status; - - if ((This == NULL) || (RNGAlgorithmListSize == NULL)) { - return EFI_INVALID_PARAMETER; - } - - // - // Return algorithm list supported by driver. - // - if (RNGAlgorithmList != NULL) { - Status = ArchGetSupportedRngAlgorithms (RNGAlgorithmListSize, RNGAlgorithmList); - } else { - Status = EFI_INVALID_PARAMETER; - } - - return Status; -} - // // The Random Number Generator (RNG) protocol // diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h index fcb8b69153..f17adb83fb 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h @@ -74,31 +74,6 @@ RngGetRNG ( OUT UINT8 *RNGValue ); -/** - Returns information about the random number generation implementation. - - @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList. - On output with a return code of EFI_SUCCESS, the size - in bytes of the data returned in RNGAlgorithmList. On output - with a return code of EFI_BUFFER_TOO_SMALL, - the size of RNGAlgorithmList required to obtain the list. - @param[out] RNGAlgorithmList A caller-allocated memory buffer filled by the driver - with one EFI_RNG_ALGORITHM element for each supported - RNG algorithm. The list must not change across multiple - calls to the same driver. The first algorithm in the list - is the default algorithm for the driver. - - @retval EFI_SUCCESS The RNG algorithm list was returned successfully. - @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result. - -**/ -UINTN -EFIAPI -ArchGetSupportedRngAlgorithms ( - IN OUT UINTN *RNGAlgorithmListSize, - OUT EFI_RNG_ALGORITHM *RNGAlgorithmList - ); - /** Runs CPU RNG instruction to fill a buffer of arbitrary size with random bytes. -- 2.39.3