From 8b78800fed2a4af7c08eebd20d1bf764e8e10c84 Mon Sep 17 00:00:00 2001 From: Jon Maloy Date: Tue, 25 Jun 2024 22:28:58 -0400 Subject: [PATCH 10/31] SecurityPkg/RngDxe: Add debug warning for NULL PcdCpuRngSupportedAlgorithm RH-Author: Jon Maloy RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099 RH-Acked-by: Gerd Hoffmann RH-Commit: [10/31] 66b888e9b1e2be0c79784e02b4821854bd80432d JIRA: https://issues.redhat.com/browse/RHEL-21856 CVE: CVE-2022-45237 Upstream: Merged commit 6cdddccf0085cf2929f8ae710515e4e53663dfb2 Author: Pierre Gondois Date: Fri Oct 28 17:32:56 2022 +0200 SecurityPkg/RngDxe: Add debug warning for NULL PcdCpuRngSupportedAlgorithm PcdCpuRngSupportedAlgorithm should allow to identify the the algorithm used by the RNDR CPU instruction to generate a random number. Add a debug warning if the Pcd is not set. Signed-off-by: Pierre Gondois Acked-by: Jiewen Yao Signed-off-by: Jon Maloy --- .../RandomNumberGenerator/RngDxe/AArch64/RngDxe.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c index c0b0d28d48..a800a85792 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c @@ -67,6 +67,16 @@ GetAvailableAlgorithms ( sizeof (EFI_RNG_ALGORITHM) ); mAvailableAlgoArrayCount++; + + DEBUG_CODE_BEGIN (); + if (IsZeroGuid (PcdGetPtr (PcdCpuRngSupportedAlgorithm))) { + DEBUG (( + DEBUG_WARN, + "PcdCpuRngSupportedAlgorithm should be a non-zero GUID\n" + )); + } + + DEBUG_CODE_END (); } // Raw algorithm (Trng) -- 2.39.3