edk2/SOURCES/edk2-SecurityPkg-RngDxe-Add-debug-warning-for-NULL-PcdCpu.patch

From 8b78800fed2a4af7c08eebd20d1bf764e8e10c84 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Tue, 25 Jun 2024 22:28:58 -0400
Subject: [PATCH 10/31] SecurityPkg/RngDxe: Add debug warning for NULL
 PcdCpuRngSupportedAlgorithm

RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
RH-Acked-by: Gerd Hoffmann <None>
RH-Commit: [10/31] 66b888e9b1e2be0c79784e02b4821854bd80432d

JIRA: https://issues.redhat.com/browse/RHEL-21856
CVE: CVE-2022-45237
Upstream: Merged

commit 6cdddccf0085cf2929f8ae710515e4e53663dfb2
Author: Pierre Gondois <pierre.gondois@arm.com>
Date:   Fri Oct 28 17:32:56 2022 +0200

    SecurityPkg/RngDxe: Add debug warning for NULL PcdCpuRngSupportedAlgorithm

    PcdCpuRngSupportedAlgorithm should allow to identify the the algorithm
    used by the RNDR CPU instruction to generate a random number.
    Add a debug warning if the Pcd is not set.

    Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
    Acked-by: Jiewen Yao <jiewen.yao@intel.com>

Signed-off-by: Jon Maloy <jmaloy@redhat.com>
---
 .../RandomNumberGenerator/RngDxe/AArch64/RngDxe.c      | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c
index c0b0d28d48..a800a85792 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c
@@ -67,6 +67,16 @@ GetAvailableAlgorithms (
       sizeof (EFI_RNG_ALGORITHM)
       );
     mAvailableAlgoArrayCount++;
+
+    DEBUG_CODE_BEGIN ();
+    if (IsZeroGuid (PcdGetPtr (PcdCpuRngSupportedAlgorithm))) {
+      DEBUG ((
+        DEBUG_WARN,
+        "PcdCpuRngSupportedAlgorithm should be a non-zero GUID\n"
+        ));
+    }
+
+    DEBUG_CODE_END ();
   }
 
   // Raw algorithm (Trng)
-- 
2.39.3