/** @file\r
RNG Driver to produce the UEFI Random Number Generator protocol.\r
\r
- The driver will use the RNDR instruction to produce random numbers.\r
+ The driver can use RNDR instruction (through the RngLib and if FEAT_RNG is\r
+ present) to produce random numbers. It also uses the Arm FW-TRNG interface\r
+ to implement EFI_RNG_ALGORITHM_RAW.\r
\r
RNG Algorithms defined in UEFI 2.4:\r
- EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID\r
- - EFI_RNG_ALGORITHM_RAW - Unsupported\r
+ - EFI_RNG_ALGORITHM_RAW\r
- EFI_RNG_ALGORITHM_SP800_90_HMAC_256_GUID\r
- EFI_RNG_ALGORITHM_SP800_90_HASH_256_GUID\r
- EFI_RNG_ALGORITHM_X9_31_3DES_GUID - Unsupported\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/RngLib.h>\r
+#include <Library/DebugLib.h>\r
+#include <Library/ArmTrngLib.h>\r
#include <Protocol/Rng.h>\r
\r
#include "RngDxeInternals.h"\r
\r
// Maximum number of Rng algorithms.\r
-#define RNG_AVAILABLE_ALGO_MAX 1\r
+#define RNG_AVAILABLE_ALGO_MAX 2\r
\r
/** Allocate and initialize mAvailableAlgoArray with the available\r
Rng algorithms. Also update mAvailableAlgoArrayCount.\r
)\r
{\r
UINT64 DummyRand;\r
+ UINT16 MajorRevision;\r
+ UINT16 MinorRevision;\r
\r
- // Allocate RNG_AVAILABLE_ALGO_MAX entries to avoid evaluating\r
// Rng algorithms 2 times, one for the allocation, one to populate.\r
mAvailableAlgoArray = AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX);\r
if (mAvailableAlgoArray == NULL) {\r
mAvailableAlgoArrayCount++;\r
}\r
\r
+ // Raw algorithm (Trng)\r
+ if (!EFI_ERROR (GetArmTrngVersion (&MajorRevision, &MinorRevision))) {\r
+ CopyMem (\r
+ &mAvailableAlgoArray[mAvailableAlgoArrayCount],\r
+ &gEfiRngAlgorithmRaw,\r
+ sizeof (EFI_RNG_ALGORITHM)\r
+ );\r
+ mAvailableAlgoArrayCount++;\r
+ }\r
+\r
return EFI_SUCCESS;\r
}\r
\r
return Status;\r
}\r
\r
+ // Raw algorithm (Trng)\r
+ if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmRaw)) {\r
+ return GenerateEntropy (RNGValueLength, RNGValue);\r
+ }\r
+\r
//\r
// Other algorithms are unsupported by this driver.\r
//\r
--- /dev/null
+/** @file\r
+ RNG Driver to produce the UEFI Random Number Generator protocol.\r
+\r
+ The driver implements the EFI_RNG_ALGORITHM_RAW using the FW-TRNG\r
+ interface to provide entropy.\r
+\r
+ Copyright (c) 2021 - 2022, Arm Limited. All rights reserved.<BR>\r
+\r
+ SPDX-License-Identifier: BSD-2-Clause-Patent\r
+\r
+**/\r
+\r
+#include <Library/BaseLib.h>\r
+#include <Library/BaseMemoryLib.h>\r
+#include <Library/DebugLib.h>\r
+#include <Library/ArmTrngLib.h>\r
+#include <Protocol/Rng.h>\r
+\r
+#include "RngDxeInternals.h"\r
+\r
+/**\r
+ Generate high-quality entropy source using a TRNG or through RDRAND.\r
+\r
+ @param[in] Length Size of the buffer, in bytes, to fill with.\r
+ @param[out] Entropy Pointer to the buffer to store the entropy data.\r
+\r
+ @retval RETURN_SUCCESS The function completed successfully.\r
+ @retval RETURN_INVALID_PARAMETER Invalid parameter.\r
+ @retval RETURN_UNSUPPORTED Function not implemented.\r
+ @retval RETURN_BAD_BUFFER_SIZE Buffer size is too small.\r
+ @retval RETURN_NOT_READY No Entropy available.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+GenerateEntropy (\r
+ IN UINTN Length,\r
+ OUT UINT8 *Entropy\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINTN CollectedEntropyBits;\r
+ UINTN RequiredEntropyBits;\r
+ UINTN EntropyBits;\r
+ UINTN Index;\r
+ UINTN MaxBits;\r
+\r
+ ZeroMem (Entropy, Length);\r
+\r
+ RequiredEntropyBits = (Length << 3);\r
+ Index = 0;\r
+ CollectedEntropyBits = 0;\r
+ MaxBits = GetArmTrngMaxSupportedEntropyBits ();\r
+ while (CollectedEntropyBits < RequiredEntropyBits) {\r
+ EntropyBits = MIN ((RequiredEntropyBits - CollectedEntropyBits), MaxBits);\r
+ Status = GetArmTrngEntropy (\r
+ EntropyBits,\r
+ (Length - Index),\r
+ &Entropy[Index]\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ // Discard the collected bits.\r
+ ZeroMem (Entropy, Length);\r
+ return Status;\r
+ }\r
+\r
+ CollectedEntropyBits += EntropyBits;\r
+ Index += (EntropyBits >> 3);\r
+ } // while\r
+\r
+ return Status;\r
+}\r
\r
[Sources.AARCH64]\r
AArch64/RngDxe.c\r
+ ArmTrng.c\r
\r
[Packages]\r
+ MdeModulePkg/MdeModulePkg.dec\r
MdePkg/MdePkg.dec\r
SecurityPkg/SecurityPkg.dec\r
\r
TimerLib\r
RngLib\r
\r
+[LibraryClasses.AARCH64]\r
+ ArmTrngLib\r
+\r
[Guids]\r
gEfiRngAlgorithmSp80090Hash256Guid ## SOMETIMES_PRODUCES ## GUID # Unique ID of the algorithm for RNG\r
gEfiRngAlgorithmSp80090Hmac256Guid ## SOMETIMES_PRODUCES ## GUID # Unique ID of the algorithm for RNG\r
# Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.<BR>\r
# (C) Copyright 2015-2020 Hewlett Packard Enterprise Development LP<BR>\r
# Copyright (c) 2022, Loongson Technology Corporation Limited. All rights reserved.<BR>\r
+# Copyright (c) 2021 - 2022, Arm Limited. All rights reserved.<BR>\r
# SPDX-License-Identifier: BSD-2-Clause-Patent\r
#\r
##\r
\r
ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf\r
\r
+ ArmTrngLib|MdePkg/Library/BaseArmTrngLibNull/BaseArmTrngLibNull.inf\r
+\r
[LibraryClasses.ARM]\r
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf\r
\r