8e51a8153a
- edk2-MdeModulePkg-Change-use-of-EFI_D_-to-DEBUG_.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdeModulePkg-Potential-UINT32-overflow-in-S3-ResumeC.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdePkg-Apply-uncrustify-changes.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-NetworkPkg-Apply-uncrustify-changes.p2.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Rename-RdRandGenerateEntropy-to-g.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Remove-ArchGetSupportedRngAlgorit.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Documentation-include-parameter-c.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Check-before-advertising-Cpu-Rng-.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Add-AArch64-RawAlgorithm-support-.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Add-debug-warning-for-NULL-PcdCpu.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Rename-AArch64-RngDxe.c.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Add-Arm-support-of-RngDxe.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Correctly-update-mAvailableAlgoAr.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Conditionally-install-EFI_RNG_PRO.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdeModulePkg-Duplicate-BaseRngLibTimerLib-to-MdeModu.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdePkg-Add-deprecated-warning-to-BaseRngLibTimer.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-SecurityPkg.dec-Move-PcdCpuRngSupportedA.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdePkg-DxeRngLib-Request-raw-algorithm-instead-of-de.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdePkg-Rng-Add-GUID-to-describe-Arm-Rndr-Rng-algorit.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdeModulePkg-Rng-Add-GUID-to-describe-unsafe-Rng-alg.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdePkg-Rng-Add-GetRngGuid-to-RngLib.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Use-GetRngGuid-when-probing-RngLi.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Simplify-Rng-algorithm-selection-.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-NetworkPkg-SECURITY-PATCH-CVE-2023-45237.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdePkg-BaseRngLib-Add-a-smoketest-for-RDRAND-and-che.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-add-rng-test.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-OvmfPkg-wire-up-RngDxe.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-CryptoPkg-Test-call-ProcessLibraryConstructorList.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdePkg-X86UnitTestHost-set-rdrand-cpuid-bit.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-NetworkPkg-TcpDxe-SECURITY-PATCH-CVE-2023-45236.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-NetworkPkg-TcpDxe-Fixed-system-stuck-on-PXE-boot-flo.patch [RHEL-21854 RHEL-21856 RHEL-40099] - Resolves: RHEL-21854 (CVE-2023-45236 edk2: Predictable TCP Initial Sequence Numbers [rhel-8]) - Resolves: RHEL-21856 (CVE-2023-45237 edk2: Use of a Weak PseudoRandom Number Generator [rhel-8]) - Resolves: RHEL-40099 (CVE-2024-1298 edk2: Temporary DoS vulnerability [rhel-8.10.z])
259 lines
11 KiB
Diff
259 lines
11 KiB
Diff
From df912b4c93cd848991d9a9439d3aba441bae1d67 Mon Sep 17 00:00:00 2001
|
|
From: Jon Maloy <jmaloy@redhat.com>
|
|
Date: Tue, 25 Jun 2024 22:21:09 -0400
|
|
Subject: [PATCH 06/31] SecurityPkg/RngDxe: Remove
|
|
ArchGetSupportedRngAlgorithms()
|
|
|
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
|
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
|
|
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
|
|
RH-Acked-by: Gerd Hoffmann <None>
|
|
RH-Commit: [6/31] 4066cb1503b5c5a29b6d45a4b671d0829f2671ae
|
|
|
|
JIRA: https://issues.redhat.com/browse/RHEL-21856
|
|
CVE: CVE-2022-45237
|
|
Upstream: Merged
|
|
|
|
commit 922bf317f1731554b3e77a0a48033a38fdc75a77
|
|
Author: Pierre Gondois <Pierre.Gondois@arm.com>
|
|
Date: Fri Oct 28 17:32:52 2022 +0200
|
|
|
|
SecurityPkg/RngDxe: Remove ArchGetSupportedRngAlgorithms()
|
|
|
|
RngGetInfo() is one of the 2 functions of the EFI_RNG_PROTOCOL.
|
|
RngGetInfo() is currently a mere wrapper around
|
|
ArchGetSupportedRngAlgorithms() which is implemented differently
|
|
depending on the architecture used.
|
|
|
|
RngGetInfo() does nothing more than calling
|
|
ArchGetSupportedRngAlgorithms(). So remove it, and let RngGetInfo()
|
|
be implemented differently according to the architecture.
|
|
|
|
This follows the implementation of the other function of the
|
|
EFI_RNG_PROTOCOL, RngGetRNG().
|
|
|
|
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
|
|
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
|
|
|
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
|
---
|
|
.../RngDxe/AArch64/RngDxe.c | 19 +++++--
|
|
.../RngDxe/Rand/RngDxe.c | 24 ++++++---
|
|
.../RandomNumberGenerator/RngDxe/RngDxe.c | 49 -------------------
|
|
.../RngDxe/RngDxeInternals.h | 25 ----------
|
|
4 files changed, 33 insertions(+), 84 deletions(-)
|
|
|
|
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c
|
|
index 1cdc842966..f6a0bf7b2b 100644
|
|
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c
|
|
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/RngDxe.c
|
|
@@ -14,6 +14,7 @@
|
|
Copyright (c) 2021, NUVIA Inc. All rights reserved.<BR>
|
|
Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
|
|
(C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
|
|
+ Copyright (c) 2021 - 2022, Arm Limited. All rights reserved.<BR>
|
|
|
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
|
@@ -85,6 +86,7 @@ RngGetRNG (
|
|
/**
|
|
Returns information about the random number generation implementation.
|
|
|
|
+ @param[in] This A pointer to the EFI_RNG_PROTOCOL instance.
|
|
@param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.
|
|
On output with a return code of EFI_SUCCESS, the size
|
|
in bytes of the data returned in RNGAlgorithmList. On output
|
|
@@ -97,14 +99,19 @@ RngGetRNG (
|
|
is the default algorithm for the driver.
|
|
|
|
@retval EFI_SUCCESS The RNG algorithm list was returned successfully.
|
|
+ @retval EFI_UNSUPPORTED The services is not supported by this driver.
|
|
+ @retval EFI_DEVICE_ERROR The list of algorithms could not be retrieved due to a
|
|
+ hardware or firmware error.
|
|
+ @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
|
|
@retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result.
|
|
|
|
**/
|
|
-UINTN
|
|
+EFI_STATUS
|
|
EFIAPI
|
|
-ArchGetSupportedRngAlgorithms (
|
|
- IN OUT UINTN *RNGAlgorithmListSize,
|
|
- OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
|
|
+RngGetInfo (
|
|
+ IN EFI_RNG_PROTOCOL *This,
|
|
+ IN OUT UINTN *RNGAlgorithmListSize,
|
|
+ OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
|
|
)
|
|
{
|
|
UINTN RequiredSize;
|
|
@@ -112,6 +119,10 @@ ArchGetSupportedRngAlgorithms (
|
|
|
|
RequiredSize = sizeof (EFI_RNG_ALGORITHM);
|
|
|
|
+ if ((This == NULL) || (RNGAlgorithmListSize == NULL)) {
|
|
+ return EFI_INVALID_PARAMETER;
|
|
+ }
|
|
+
|
|
if (*RNGAlgorithmListSize < RequiredSize) {
|
|
*RNGAlgorithmListSize = RequiredSize;
|
|
return EFI_BUFFER_TOO_SMALL;
|
|
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
|
|
index 19755b3bfd..5a649ecf24 100644
|
|
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
|
|
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
|
|
@@ -104,6 +104,7 @@ RngGetRNG (
|
|
/**
|
|
Returns information about the random number generation implementation.
|
|
|
|
+ @param[in] This A pointer to the EFI_RNG_PROTOCOL instance.
|
|
@param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.
|
|
On output with a return code of EFI_SUCCESS, the size
|
|
in bytes of the data returned in RNGAlgorithmList. On output
|
|
@@ -116,19 +117,28 @@ RngGetRNG (
|
|
is the default algorithm for the driver.
|
|
|
|
@retval EFI_SUCCESS The RNG algorithm list was returned successfully.
|
|
+ @retval EFI_UNSUPPORTED No supported algorithms found.
|
|
+ @retval EFI_DEVICE_ERROR The list of algorithms could not be retrieved due to a
|
|
+ hardware or firmware error.
|
|
+ @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
|
|
@retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result.
|
|
|
|
**/
|
|
-UINTN
|
|
+EFI_STATUS
|
|
EFIAPI
|
|
-ArchGetSupportedRngAlgorithms (
|
|
- IN OUT UINTN *RNGAlgorithmListSize,
|
|
- OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
|
|
+RngGetInfo (
|
|
+ IN EFI_RNG_PROTOCOL *This,
|
|
+ IN OUT UINTN *RNGAlgorithmListSize,
|
|
+ OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
|
|
)
|
|
{
|
|
UINTN RequiredSize;
|
|
EFI_RNG_ALGORITHM *CpuRngSupportedAlgorithm;
|
|
|
|
+ if ((This == NULL) || (RNGAlgorithmListSize == NULL)) {
|
|
+ return EFI_INVALID_PARAMETER;
|
|
+ }
|
|
+
|
|
RequiredSize = 2 * sizeof (EFI_RNG_ALGORITHM);
|
|
|
|
if (*RNGAlgorithmListSize < RequiredSize) {
|
|
@@ -136,9 +146,11 @@ ArchGetSupportedRngAlgorithms (
|
|
return EFI_BUFFER_TOO_SMALL;
|
|
}
|
|
|
|
- CpuRngSupportedAlgorithm = PcdGetPtr (PcdCpuRngSupportedAlgorithm);
|
|
+ if (RNGAlgorithmList == NULL) {
|
|
+ return EFI_INVALID_PARAMETER;
|
|
+ }
|
|
|
|
- CopyMem(&RNGAlgorithmList[0], CpuRngSupportedAlgorithm, sizeof (EFI_RNG_ALGORITHM));
|
|
+ CopyMem (&RNGAlgorithmList[0], &gEfiRngAlgorithmSp80090Ctr256Guid, sizeof (EFI_RNG_ALGORITHM));
|
|
|
|
// x86 platforms also support EFI_RNG_ALGORITHM_RAW via RDSEED
|
|
CopyMem(&RNGAlgorithmList[1], &gEfiRngAlgorithmRaw, sizeof (EFI_RNG_ALGORITHM));
|
|
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c
|
|
index b959c70536..7b8ecfc70d 100644
|
|
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c
|
|
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c
|
|
@@ -28,55 +28,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
|
#include "RngDxeInternals.h"
|
|
|
|
-/**
|
|
- Returns information about the random number generation implementation.
|
|
-
|
|
- @param[in] This A pointer to the EFI_RNG_PROTOCOL instance.
|
|
- @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.
|
|
- On output with a return code of EFI_SUCCESS, the size
|
|
- in bytes of the data returned in RNGAlgorithmList. On output
|
|
- with a return code of EFI_BUFFER_TOO_SMALL,
|
|
- the size of RNGAlgorithmList required to obtain the list.
|
|
- @param[out] RNGAlgorithmList A caller-allocated memory buffer filled by the driver
|
|
- with one EFI_RNG_ALGORITHM element for each supported
|
|
- RNG algorithm. The list must not change across multiple
|
|
- calls to the same driver. The first algorithm in the list
|
|
- is the default algorithm for the driver.
|
|
-
|
|
- @retval EFI_SUCCESS The RNG algorithm list was returned successfully.
|
|
- @retval EFI_UNSUPPORTED The services is not supported by this driver.
|
|
- @retval EFI_DEVICE_ERROR The list of algorithms could not be retrieved due to a
|
|
- hardware or firmware error.
|
|
- @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
|
|
- @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result.
|
|
-
|
|
-**/
|
|
-EFI_STATUS
|
|
-EFIAPI
|
|
-RngGetInfo (
|
|
- IN EFI_RNG_PROTOCOL *This,
|
|
- IN OUT UINTN *RNGAlgorithmListSize,
|
|
- OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
|
|
- )
|
|
-{
|
|
- EFI_STATUS Status;
|
|
-
|
|
- if ((This == NULL) || (RNGAlgorithmListSize == NULL)) {
|
|
- return EFI_INVALID_PARAMETER;
|
|
- }
|
|
-
|
|
- //
|
|
- // Return algorithm list supported by driver.
|
|
- //
|
|
- if (RNGAlgorithmList != NULL) {
|
|
- Status = ArchGetSupportedRngAlgorithms (RNGAlgorithmListSize, RNGAlgorithmList);
|
|
- } else {
|
|
- Status = EFI_INVALID_PARAMETER;
|
|
- }
|
|
-
|
|
- return Status;
|
|
-}
|
|
-
|
|
//
|
|
// The Random Number Generator (RNG) protocol
|
|
//
|
|
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h
|
|
index fcb8b69153..f17adb83fb 100644
|
|
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h
|
|
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxeInternals.h
|
|
@@ -74,31 +74,6 @@ RngGetRNG (
|
|
OUT UINT8 *RNGValue
|
|
);
|
|
|
|
-/**
|
|
- Returns information about the random number generation implementation.
|
|
-
|
|
- @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.
|
|
- On output with a return code of EFI_SUCCESS, the size
|
|
- in bytes of the data returned in RNGAlgorithmList. On output
|
|
- with a return code of EFI_BUFFER_TOO_SMALL,
|
|
- the size of RNGAlgorithmList required to obtain the list.
|
|
- @param[out] RNGAlgorithmList A caller-allocated memory buffer filled by the driver
|
|
- with one EFI_RNG_ALGORITHM element for each supported
|
|
- RNG algorithm. The list must not change across multiple
|
|
- calls to the same driver. The first algorithm in the list
|
|
- is the default algorithm for the driver.
|
|
-
|
|
- @retval EFI_SUCCESS The RNG algorithm list was returned successfully.
|
|
- @retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result.
|
|
-
|
|
-**/
|
|
-UINTN
|
|
-EFIAPI
|
|
-ArchGetSupportedRngAlgorithms (
|
|
- IN OUT UINTN *RNGAlgorithmListSize,
|
|
- OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
|
|
- );
|
|
-
|
|
/**
|
|
Runs CPU RNG instruction to fill a buffer of arbitrary size with random bytes.
|
|
|
|
--
|
|
2.39.3
|
|
|