Re: [edk2-devel] RFC: Adding support for ARM (RNDR etc.) to RngDxe


Ard Biesheuvel <ardb@...>
 

On Wed, 10 Feb 2021 at 23:49, Rebecca Cran <rebecca@...> wrote:

On 1/15/21 7:51 PM, Sami Mujawar wrote:

I have shared some initial thoughts on the RNG implementation updates at https://edk2.groups.io/g/devel/files/Designs/2021/0116/EDKII%20-%20Proposed%20update%20to%20RNG%20implementation.pdf

Kindly let me know your feedback or if you have any queries.
The ARMv8.5 RNDRRS instruction appears to be missing from the diagram on
page 11 - it has RngLib|RNDR, which is listed under PRNG, but RNDRRS
returns a true random number. From the Arm ARM:

"Returns a 64-bit random number which is reseeded from the True
Random Number source immediately before the read of the random number."
This is an unfortunate oversight in the architecture, but RNDRRS most
certainly does not return a true random number.

RNDR and RNDRRS both return the output of a DRBG (pseudo RNG), and the
only difference is the reseed rate: RNDRRS triggers a reseed on every
invocation, whereas RNDR triggers a reseed at an IMPDEF rate.

Join rfc@edk2.groups.io to automatically receive all group messages.