Add UEFI RNG Protocol support. The driver will leverage Intel Secure Key technology to produce the Random Number Generator protocol, which is used to provide high-quality random numbers for use in applications, or entropy for seeding other random number generators. Refer to http://software.intel.com/en-us/articles/intel-digital-random-number-generator-drng-software-implementation-guide/ for more information about Intel Secure Key technology.

Signed-off-by: Long, Qin <qin.long@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>
Reviewed-by: Rosenbaum, Lee G <lee.g.rosenbaum@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14858 6f19259b-4bc3-4df7-8a09-765794883524

SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm

@@ -0,0 +1,67 @@
+;------------------------------------------------------------------------------
+;
+; Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+; This program and the accompanying materials
+; are licensed and made available under the terms and conditions of the BSD License
+; which accompanies this distribution.  The full text of the license may be found at
+; http://opensource.org/licenses/bsd-license.php.
+;
+; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+;
+; Module Name:
+;
+;   AsmRdRand.Asm
+;
+; Abstract:
+;
+;   Implementation for 16-, and 32- invocations of RDRAND instruction under 32bit platform.
+;
+; Notes:
+;
+;   Visual Studio coding practices do not use inline asm since multiple compilers and 
+;   architectures are supported assembler not recognizing rdrand instruction so using DB's.
+;
+;------------------------------------------------------------------------------
+
+    .586P
+    .model flat, C
+    .code
+ 
+;------------------------------------------------------------------------------
+;  Generate a 16 bit random number
+;  Return TRUE if Rand generated successfully, or FALSE if not
+;
+;  BOOLEAN EFIAPI RdRand16Step (UINT16 *Rand);   ECX
+;------------------------------------------------------------------------------
+RdRand16Step  PROC
+    ; rdrand   ax                  ; generate a 16 bit RN into ax, CF=1 if RN generated ok, otherwise CF=0
+    db     0fh, 0c7h, 0f0h         ; rdrand r16:  "0f c7 /6  ModRM:r/m(w)"
+    jb     rn16_ok                 ; jmp if CF=1
+    xor    eax, eax                ; reg=0 if CF=0
+    ret                            ; return with failure status
+rn16_ok:
+    mov    [ecx], ax
+    mov    eax, 1
+    ret
+RdRand16Step ENDP
+
+;------------------------------------------------------------------------------
+;  Generate a 32 bit random number
+;    Return TRUE if Rand generated successfully, or FALSE if not
+;
+;  BOOLEAN EFIAPI RdRand32Step (UINT32 *Rand);   ECX
+;------------------------------------------------------------------------------
+RdRand32Step  PROC
+    ; rdrand   eax                 ; generate a 32 bit RN into eax, CF=1 if RN generated ok, otherwise CF=0
+    db     0fh, 0c7h, 0f0h         ; rdrand r32:  "0f c7 /6  ModRM:r/m(w)"
+    jb     rn32_ok                 ; jmp if CF=1
+    xor    eax, eax                ; reg=0 if CF=0
+    ret                            ; return with failure status
+rn32_ok:
+    mov    [ecx], eax
+    mov    eax,  1
+    ret
+RdRand32Step  ENDP
+
+    END

SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c

@@ -0,0 +1,69 @@
+/** @file
+  RDRAND Support Routines for GCC environment.
+
+Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+/**
+  Generates a 16-bit random number through RDRAND instruction.
+
+  @param[out]  Rand          Buffer pointer to store the random result.
+
+  @retval TRUE               RDRAND call was successful.
+  @retval FALSE              Failed attempts to call RDRAND.
+
+**/
+BOOLEAN
+EFIAPI
+RdRand16Step (
+  OUT UINT16       *Rand
+  )
+{
+  UINT8  Carry;
+
+  //
+  // Uses byte code for RDRAND instruction,
+  // in case that GCC version has no direct support on RDRAND assembly.
+  //
+  __asm__ __volatile__ (
+    ".byte 0x66; .byte 0x0f; .byte 0xc7; .byte 0xf0; setc %1"
+    :"=a"  (*Rand), 
+     "=qm" (Carry)
+    ); 
+
+  return (BOOLEAN) Carry;
+}
+
+/**
+  Generates a 32-bit random number through RDRAND instruction.
+
+  @param[out]  Rand          Buffer pointer to store the random result.
+
+  @retval TRUE               RDRAND call was successful.
+  @retval FALSE              Failed attempts to call RDRAND.
+
+**/
+BOOLEAN
+EFIAPI
+RdRand32Step (
+  OUT UINT32       *Rand
+  )
+{
+  UINT8  Carry;
+
+  __asm__ __volatile__ (
+    ".byte 0x0f; .byte 0xc7; .byte 0xf0; setc %1"
+    :"=a"  (*Rand), 
+     "=qm" (Carry)
+    );
+
+  return (BOOLEAN) Carry;
+}

SecurityPkg/RandomNumberGenerator/RngDxe/IA32/RdRandWord.c

@@ -0,0 +1,104 @@
+/** @file
+  RDRAND Support Routines.
+
+Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "RdRand.h"
+
+/**
+  Generates a 64-bit random number through RDRAND instruction.
+
+  @param[out]  Rand          Buffer pointer to store the random result.
+
+  @retval TRUE               RDRAND call was successful.
+  @retval FALSE              Failed attempts to call RDRAND.
+
+**/
+BOOLEAN
+EFIAPI
+RdRand64Step  (
+  OUT UINT64   *Rand
+  )
+{
+  UINT32  RandLow;
+  UINT32  RandHigh;
+
+  //
+  // Generating a 64-bit rand on a 32-bit system by 
+  // mapping two 32-bit RDRAND instructions.
+  //
+  if (!RdRand32Step (&RandLow)) {
+    return FALSE;
+  }
+  if (!RdRand32Step (&RandHigh)) {
+    return FALSE;
+  }
+
+  *Rand = (UINT64) RandLow | LShiftU64 ((UINT64)RandHigh, 32);
+
+  return TRUE;
+}
+
+/**
+  Calls RDRAND to request a word-length random number.
+
+  @param[out]  Rand          Buffer pointer to store the random number.
+  @param[in]   NeedRetry     Determine whether or not to loop retry.
+
+  @retval EFI_SUCCESS        Random word generation succeeded.
+  @retval EFI_NOT_READY      Failed to request random word.
+
+**/
+EFI_STATUS
+EFIAPI
+RdRandWord (
+  OUT UINTN        *Rand,
+  IN BOOLEAN       NeedRetry
+  )
+{
+  return RdRand32 (Rand, NeedRetry);
+}
+
+/**
+  Calls RDRAND to request multiple word-length random numbers.
+
+  @param[in]   Length        Size of the buffer, in words, to fill with.
+  @param[out]  RandBuffer    Pointer to the buffer to store the random result.
+
+  @retval EFI_SUCCESS        Random words generation succeeded.
+  @retval EFI_NOT_READY      Failed to request random words.
+
+**/
+EFI_STATUS
+EFIAPI
+RdRandGetWords (
+  IN UINTN         Length,
+  OUT UINTN        *RandBuffer
+  )
+{
+  EFI_STATUS  Status;
+  UINT32      Index;
+
+  for (Index = 0; Index < Length; Index++) {
+    //
+    // Obtain one word-length (32-bit) Random Number with possible retry-loop.
+    //
+    Status = RdRand32 (RandBuffer, TRUE);
+    if (EFI_ERROR (Status)) {
+      return Status;
+    }
+    
+    RandBuffer++;
+  }
+
+  return EFI_SUCCESS;
+}