72 lines
2.1 KiB
Diff
72 lines
2.1 KiB
Diff
From 7719d41979ef6e376d183c70cd47951ff5bf6ef1 Mon Sep 17 00:00:00 2001
|
|
From: Jon Maloy <jmaloy@redhat.com>
|
|
Date: Thu, 20 Jun 2024 10:33:43 -0400
|
|
Subject: [PATCH 5/8] SecurityPkg/RngDxe: add rng test
|
|
|
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
|
RH-MergeRequest: 75: NetworkPkg: SECURITY PATCH CVE-2023-45236 and CVE-2023-45237
|
|
RH-Jira: RHEL-40270 RHEL-40272
|
|
RH-Acked-by: Gerd Hoffmann <None>
|
|
RH-Commit: [5/8] 84a58daaed0ee81ebed501392be33338da575df6
|
|
|
|
JIRA: https://issues.redhat.com/browse/RHEL-40270
|
|
Upstream: Merged
|
|
CVE: CVE-2023-45237
|
|
|
|
commit a61bc0accb8a76edba4f073fdc7bafc908df045d
|
|
Author: Gerd Hoffmann <kraxel@redhat.com>
|
|
Date: Fri May 31 09:49:13 2024 +0200
|
|
|
|
SecurityPkg/RngDxe: add rng test
|
|
|
|
Check whenever RngLib actually returns random numbers, only return
|
|
a non-zero number of Algorithms if that is the case.
|
|
|
|
This has the effect that RndDxe loads and installs EFI_RNG_PROTOCOL
|
|
only in case it can actually deliver random numbers.
|
|
|
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
|
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
|
|
|
Check whenever RngLib actually returns random numbers, only return
|
|
a non-zero number of Algorithms if that is the case.
|
|
|
|
This has the effect that RndDxe loads and installs EFI_RNG_PROTOCOL
|
|
only in case it can actually deliver random numbers.
|
|
|
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
---
|
|
SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c | 8 +++++++-
|
|
1 file changed, 7 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
|
|
index 7e06e16e4b..285b5f46e7 100644
|
|
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
|
|
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
|
|
@@ -23,6 +23,7 @@
|
|
|
|
#include <Library/BaseLib.h>
|
|
#include <Library/BaseMemoryLib.h>
|
|
+#include <Library/RngLib.h>
|
|
|
|
#include "RngDxeInternals.h"
|
|
|
|
@@ -43,7 +44,12 @@ GetAvailableAlgorithms (
|
|
VOID
|
|
)
|
|
{
|
|
- mAvailableAlgoArrayCount = RNG_ALGORITHM_COUNT;
|
|
+ UINT64 RngTest;
|
|
+
|
|
+ if (GetRandomNumber64 (&RngTest)) {
|
|
+ mAvailableAlgoArrayCount = RNG_ALGORITHM_COUNT;
|
|
+ }
|
|
+
|
|
return EFI_SUCCESS;
|
|
}
|
|
|
|
--
|
|
2.39.3
|
|
|