Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add RNG PPI #10691

Merged
merged 5 commits into from
Feb 6, 2025
Merged

Add RNG PPI #10691

merged 5 commits into from
Feb 6, 2025
+742 −137

Conversation

makubacki
Copy link
Member

@makubacki makubacki commented Jan 28, 2025
edited
Loading

Description

Closes #10529

The RNG PPI was a code first proposal under BZ1814 and published in the PI Spec v1.9.

This change adds the RngPei module to SecurityPkg to produce the PPI and the RngLib library to MdePkg to consume the PPI.

MdePkg: Add Random Number Generator (RNG) PPI

Adds a new PPI that serves the same purpose as EFI_RNG_PROTOCOL in
DXE. This PPI can be produced by a PEIM to provide a dynamic interface
to RNG services in PEI.

MdePkg: Add PeiRngLib

Adds a new PEI library instance for RngLib that uses the RNG services
provided by the RNG PPI.

This library instance will add a DEPEX on gEfiRngPpiGuid on modules
it links against. It can be used to allow PEIMs to get RNG support
over a dynamic interface.

SecurityPkg: Add RngPei

The RngPei PEIM can be used if RNG should be provided over a
dynamic binary interface to other PEIMs on a platform.

  • Breaking change?
  • Impacts security?
  • Includes tests?

How This Was Tested

  • SecurityPkg CI
  • Verify RNG linked with RngLib is executed as expected
  • Verify random numbers are generated successfully with a valid
    RngLib

Integration Instructions

Use the RngPei module if a platform needs to produce
gEfiRngPpiGuid.

The platform should usually link a different RngLib instance to
RngPei than other PEIMs that may use the RNG PPI produced since
RngPei is responsible for producing the PPI.

For example, a RngLib instance that uses the rdrand instruction
may be linked against RngPei and a RngLib instance that uses
the RNG PPI may be linked against other PEIMs.

@makubacki makubacki self-assigned this Jan 28, 2025
@makubacki makubacki changed the title Add rng ppi Add RNG PPI Jan 28, 2025
mdkinney
mdkinney reviewed Jan 28, 2025
View reviewed changes
@makubacki makubacki force-pushed the add_rng_ppi branch 2 times, most recently from b2a3093 to 2f66285 Compare January 30, 2025 19:36
@mdkinney
Copy link
Member

mdkinney commented Feb 3, 2025

The commit messages reference BZ links. Should those be updated to GitHub Issues links?

@makubacki
MdePkg: Split RNG protocol definitions
c81f09b 
Move the structure definition to a common location that can be shared
with the RNG PPI. Move the algorithms to a common header that can be
referenced independent of the protocol.

Include the algorithm header in the interface header since the
algorithms are directly used in the interface and for compatibility
with existing code.

Signed-off-by: Michael Kubacki <[email protected]>
@makubacki
MdePkg: Add Random Number Generator (RNG) PPI
79cf61f 
REF:tianocore#10529

Adds a new PPI that serves the same purpose as EFI_RNG_PROTOCOL in
DXE. This PPI can be produced by a PEIM to provide a dynamic interface
to RNG services in PEI.

Signed-off-by: Michael Kubacki <[email protected]>
@makubacki
MdePkg: Add PeiRngLib
02958e5 
REF:tianocore#10529

Adds a new PEI library instance for RngLib that uses the RNG services
provided by the RNG PPI.

This library instance will add a DEPEX on gEfiRngPpiGuid on modules
it links against. It can be used to allow PEIMs to get RNG support
over a dynamic interface.

Signed-off-by: Michael Kubacki <[email protected]>
@makubacki
SecurityPkg: Add RngPei
2e6153d 
REF:tianocore#10529

The `RngPei` PEIM can be used if RNG should be provided over a
dynamic binary interface to other PEIMs on a platform.

Tested with:

- SecurityPkg CI
- Verify RNG linked with RngLib is executed as expected
- Verify random numbers are generated successfully with a valid
  RngLib

Integration instructions:

Use the `RngPei` module if a platform needs to produce
`gEfiRngPpiGuid`.

The platform should usually link a different `RngLib` instance to
`RngPei` than other PEIMs that may use the RNG PPI produced since
`RngPei` is responsible for producing the PPI.

For example, a `RngLib` instance that uses the rdrand instruction
may be linked against `RngPei` and a `RngLib` instance that uses
the RNG PPI may be linked against other PEIMs.

Signed-off-by: Michael Kubacki <[email protected]>
@makubacki
Copy link
Member Author

The commit messages reference BZ links. Should those be updated to GitHub Issues links?

Updated the references to GitHub issues.

@mdkinney
Copy link
Member

mdkinney commented Feb 4, 2025

@jyao1 Please review. This was started before soft freeze and should be considered for next stable tag

@lgao4 Request adding edk2-stable202502 milestone

@jyao1
Copy link
Contributor

jyao1 commented Feb 6, 2025

Please review. This was started before soft freeze and should be considered for next stable tag

Done.

@mdkinney mdkinney added this to the edk2-stable202502 milestone Feb 6, 2025
@mdkinney mdkinney added the push Auto push patch series in PR if all checks pass label Feb 6, 2025
@mergify mergify bot merged commit edf1450 into tianocore:master Feb 6, 2025
125 checks passed
@lgao4 lgao4 added the type:feature-request A new feature proposal label Feb 21, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jyao1 jyao1 jyao1 approved these changes

@mdkinney mdkinney mdkinney approved these changes

@lgao4 lgao4 Awaiting requested review from lgao4

Assignees

@makubacki makubacki

Labels
push Auto push patch series in PR if all checks pass type:feature-request A new feature proposal
Projects
None yet
Milestone
edk2-stable202502
Development

Successfully merging this pull request may close these issues.

Code First - PI Specification - Add RNG PPI (Bugzilla Bug 4814)
4 participants
@makubacki @mdkinney @jyao1 @lgao4