efiboot

Taylor R Campbell Thu, 14 May 2020 12:19:24 -0700

Module Name:    src
Committed By:   riastradh
Date:           Thu May 14 19:19:08 UTC 2020


Modified Files:
        src/sys/stand/efiboot: Makefile.efiboot boot.c efiacpi.c
Added Files:
        src/sys/stand/efiboot: efirng.c efirng.h

Log Message:
Draft logic to get at EFI RNG.


To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 src/sys/stand/efiboot/Makefile.efiboot
cvs rdiff -u -r1.20 -r1.21 src/sys/stand/efiboot/boot.c
cvs rdiff -u -r1.6 -r1.7 src/sys/stand/efiboot/efiacpi.c
cvs rdiff -u -r0 -r1.1 src/sys/stand/efiboot/efirng.c \
    src/sys/stand/efiboot/efirng.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/stand/efiboot/Makefile.efiboot
diff -u src/sys/stand/efiboot/Makefile.efiboot:1.12 src/sys/stand/efiboot/Makefile.efiboot:1.13
--- src/sys/stand/efiboot/Makefile.efiboot:1.12	Sun Apr 26 06:51:35 2020
+++ src/sys/stand/efiboot/Makefile.efiboot	Thu May 14 19:19:08 2020
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.efiboot,v 1.12 2020/04/26 06:51:35 rin Exp $
+# $NetBSD: Makefile.efiboot,v 1.13 2020/05/14 19:19:08 riastradh Exp $
 
 S=		${.CURDIR}/../../..
 
@@ -22,7 +22,7 @@ AFLAGS.start.S= ${${ACTIVE_CC} == "clang
 .PATH: ${EFIDIR}/gnuefi
 SOURCES=	crt0-efi-${GNUEFIARCH}.S reloc_${GNUEFIARCH}.c
 SOURCES+=	boot.c conf.c console.c dev_net.c devopen.c exec.c panic.c prompt.c
-SOURCES+=	efiboot.c efichar.c efidev.c efienv.c efigetsecs.c efifdt.c efifile.c efiblock.c efinet.c efipxe.c efiacpi.c smbios.c
+SOURCES+=	efiboot.c efichar.c efidev.c efienv.c efigetsecs.c efifdt.c efifile.c efiblock.c efinet.c efipxe.c efiacpi.c efirng.c smbios.c
 
 .PATH: ${S}/external/bsd/libfdt/dist
 CPPFLAGS+=	-I${S}/external/bsd/libfdt/dist

Index: src/sys/stand/efiboot/boot.c
diff -u src/sys/stand/efiboot/boot.c:1.20 src/sys/stand/efiboot/boot.c:1.21
--- src/sys/stand/efiboot/boot.c:1.20	Sat Jan 25 11:24:20 2020
+++ src/sys/stand/efiboot/boot.c	Thu May 14 19:19:08 2020
@@ -1,4 +1,4 @@
-/*	$NetBSD: boot.c,v 1.20 2020/01/25 11:24:20 jmcneill Exp $	*/
+/*	$NetBSD: boot.c,v 1.21 2020/05/14 19:19:08 riastradh Exp $	*/
 
 /*-
  * Copyright (c) 2016 Kimihiro Nonaka <non...@netbsd.org>
@@ -32,6 +32,7 @@
 #include "efifdt.h"
 #include "efiacpi.h"
 #include "efienv.h"
+#include "efirng.h"
 
 #include <sys/bootblock.h>
 #include <sys/boot_flag.h>
@@ -285,6 +286,7 @@ command_version(char *arg)
 
 	efi_fdt_show();
 	efi_acpi_show();
+	efi_rng_show();
 }
 
 void

Index: src/sys/stand/efiboot/efiacpi.c
diff -u src/sys/stand/efiboot/efiacpi.c:1.6 src/sys/stand/efiboot/efiacpi.c:1.7
--- src/sys/stand/efiboot/efiacpi.c:1.6	Sat Jan 25 11:24:20 2020
+++ src/sys/stand/efiboot/efiacpi.c	Thu May 14 19:19:08 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: efiacpi.c,v 1.6 2020/01/25 11:24:20 jmcneill Exp $ */
+/* $NetBSD: efiacpi.c,v 1.7 2020/05/14 19:19:08 riastradh Exp $ */
 
 /*-
  * Copyright (c) 2018 The NetBSD Foundation, Inc.
@@ -124,7 +124,7 @@ efi_acpi_show(void)
 	    rsdp->oemid[3], rsdp->oemid[4], rsdp->oemid[5]);
 
 	if (smbios3_table)
-		printf("SMBIOS: %s", efi_acpi_get_model());
+		printf("SMBIOS: %s\n", efi_acpi_get_model());
 }
 
 int

Added files:

Index: src/sys/stand/efiboot/efirng.c
diff -u /dev/null src/sys/stand/efiboot/efirng.c:1.1
--- /dev/null	Thu May 14 19:19:08 2020
+++ src/sys/stand/efiboot/efirng.c	Thu May 14 19:19:08 2020
@@ -0,0 +1,136 @@
+/*	$NetBSD: efirng.c,v 1.1 2020/05/14 19:19:08 riastradh Exp $	*/
+
+/*-
+ * Copyright (c) 2020 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * UEFI Forum, Inc.: UEFI Specification, Version 2.8 Errata A, February
+ * 2020, Sec. 37.5 EFI Random Number Generator Protocol, pp. 2158--2162
+ * https://uefi.org/sites/default/files/resources/UEFI_Spec_2_8_A_Feb14.pdf
+ */
+
+#include "efirng.h"
+
+#include "efiboot.h"
+
+static EFI_GUID RngProtocolGuid = EFI_RNG_PROTOCOL_GUID;
+static EFI_GUID RngAlgorithmRawGuid = EFI_RNG_ALGORITHM_RAW;
+static EFI_RNG_PROTOCOL *rng;
+
+#ifndef EFIBOOT_DEBUG
+#define	DPRINT(...)	__nothing
+#else
+#define	DPRINT		Print
+#endif
+
+static const struct {
+	EFI_GUID guid;
+	const CHAR16 *name;
+} algname[] = {
+	{EFI_RNG_ALGORITHM_SP800_90_HASH_256_GUID,
+	 L"NIST SP800-90 Hash_DRBG SHA-256"},
+	{EFI_RNG_ALGORITHM_SP800_90_HMAC_256_GUID,
+	 L"NIST SP800-90 HMAC_DRBG SHA-256"},
+	{EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID,
+	 L"NIST SP800-90 CTR_DRBG AES-256"},
+	{EFI_RNG_ALGORITHM_X9_31_3DES_GUID, L"ANSI X9.31 3DES"},
+	{EFI_RNG_ALGORITHM_X9_31_AES_GUID, L"ANSI X9.31 AES"},
+	{EFI_RNG_ALGORITHM_RAW, L"raw"},
+};
+
+void
+efi_rng_probe(void)
+{
+	EFI_STATUS status;
+
+	/* Get the RNG protocol.  */
+	status = LibLocateProtocol(&RngProtocolGuid, (void **)&rng);
+	if (EFI_ERROR(status)) {
+		DPRINT(L"efirng: protocol: %r\n", status);
+		rng = NULL;
+		return;
+	}
+}
+
+void
+efi_rng_show(void)
+{
+	EFI_RNG_ALGORITHM alglist[10];
+	UINTN i, j, alglistsz = sizeof alglist;
+	EFI_STATUS status;
+
+	/* Query the list of supported algorithms.  */
+	status = uefi_call_wrapper(rng->GetInfo, 3, rng, &alglistsz, alglist);
+	if (EFI_ERROR(status)) {
+		Print(L"efirng: GetInfo: %r\n", status);
+		return;
+	}
+
+	/* Print the list of supported algorithms.  */
+	for (i = 0; i < alglistsz/sizeof(alglist[0]); i++) {
+		const CHAR16 *name = L"[unknown]";
+		for (j = 0; j < __arraycount(algname); j++) {
+			if (memcmp(&alglist[i], &algname[j].guid,
+				sizeof(EFI_GUID)) == 0) {
+				name = algname[j].name;
+				break;
+			}
+		}
+		Print(L"RNG: %s (%g)\n", name, &alglist[i]);
+	}
+}
+
+int
+efi_rng_available(void)
+{
+
+	return rng != NULL;
+}
+
+int
+efi_rng(void *buf, UINTN len)
+{
+	EFI_STATUS status;
+
+	if (rng == NULL)
+		return EIO;
+
+	status = uefi_call_wrapper(rng->GetRNG, 3, rng, &RngAlgorithmRawGuid,
+	    len, buf);
+	if (status == EFI_UNSUPPORTED) {
+		/*
+		 * Fall back to any supported RNG `algorithm' even
+		 * though we would prefer raw samples.
+		 */
+		status = uefi_call_wrapper(rng->GetRNG, 3, rng, NULL, len, buf);
+	}
+	if (EFI_ERROR(status)) {
+		DPRINT(L"efirng: GetRNG: %r\n", status);
+		return EIO;
+	}
+
+	return 0;
+}
Index: src/sys/stand/efiboot/efirng.h
diff -u /dev/null src/sys/stand/efiboot/efirng.h:1.1
--- /dev/null	Thu May 14 19:19:08 2020
+++ src/sys/stand/efiboot/efirng.h	Thu May 14 19:19:08 2020
@@ -0,0 +1,39 @@
+/*	$NetBSD: efirng.h,v 1.1 2020/05/14 19:19:08 riastradh Exp $	*/
+
+/*-
+ * Copyright (c) 2020 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef	EFIBOOT_EFIRNG_H
+#define	EFIBOOT_EFIRNG_H
+
+#include <efi.h>
+
+void	efi_rng_probe(void);
+void	efi_rng_show(void);
+int	efi_rng_available(void);
+int	efi_rng(void *, UINTN);
+
+#endif	/* EFIBOOT_EFIRNG_H */

CVS commit: src/sys/stand/efiboot

Reply via email to