[CHERRY-PICK] Reduce Crypto RNG Assumptions #89
Merged
+59
−15
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
**NOTE: This PR should only be completed when we are sure that we would like to introduce a dependency on the RNG PPI and RNG Protocol for the PEI and DXE binaries.** NOTE: This will need to be cherry-picked into the release/202302 branch (with the MU_BASECORE submodule updated). --- **CryptoBinPkg.dsc: Use static stack cookie init for DXE** Simplifies the RNG support expected of platforms integrating the DXE binary. --- **CryptoBinPkg: Use PeiRngLib and DxeRngLib for crypto binaries** Since platforms integrating the binaries may have very different levels of support for random number generation, allow the platform to provide a RNG service for PEI and DXE. A similar change may be made for SMM and Standalone MM environments in the future. --- - [x] Impacts functionality? - [ ] Impacts security? - [x] Breaking change? - [ ] Includes tests? - [x] Includes documentation? - Build and platform integration - Verify RNG PPI/Protocol is present on the PEI and DXE binaries - Verify the PeiRngLib and DxeRngLib libraries can locate and use the RNG PPI and Protocol - Read the readme update made in this change in the "Dependencies Built into Shared Crypto" section. --------- Signed-off-by: Michael Kubacki <[email protected]>
github-actions
bot
added
impact:breaking-change
kuqin12
approved these changes
Jun 6, 2024
apop5
approved these changes
Jun 6, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Cherry-picked from f54450c. Edited mu_basecore to point to latest release/202302 and fixed a merged conflict in the README.
CryptoBinPkg.dsc: Use static stack cookie init for DXE
Simplifies the RNG support expected of platforms integrating
the DXE binary.
CryptoBinPkg: Use PeiRngLib and DxeRngLib for crypto binaries
Since platforms integrating the binaries may have very different
levels of support for random number generation, allow the platform
to provide a RNG service for PEI and DXE.
A similar change may be made for SMM and Standalone MM environments
in the future.
How This Was Tested
the RNG PPI and Protocol
Integration Instructions
"Dependencies Built into Shared Crypto" section.
Signed-off-by: Michael Kubacki [email protected]