From bc02b255a83dbad98aa63a86b2cee82f1205e2e0 Mon Sep 17 00:00:00 2001 From: Pierre Gondois Date: Thu, 29 Aug 2024 16:31:45 +0200 Subject: MdePkg: Move PcdEnforceSecureRngAlgorithms from NetworkPkg The PcdEnforceSecureRngAlgorithms Pcd enforces the use of RNG algorithms defined by the UEFI spec. To re-use the Pcd in other packages and have a generic mean to control the usage of unsecure algorithms, move the Pcd to the MdePkg. Continuous-integration-options: PatchCheck.ignore-multi-package Signed-off-by: Pierre Gondois --- MdePkg/MdePkg.dec | 6 ++++++ NetworkPkg/Library/DxeNetLib/DxeNetLib.inf | 2 +- NetworkPkg/NetworkPkg.dec | 6 ------ 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index b542d6d832..624f626360 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -2266,6 +2266,12 @@ ## This PCD specifies the interrupt vector for stack cookie check failures gEfiMdePkgTokenSpaceGuid.PcdStackCookieExceptionVector|0x42|UINT8|0x30001019 + ## Enforces the use of Secure UEFI spec defined RNG algorithms. + # TRUE - Enforce the use of Secure UEFI spec defined RNG algorithms. + # FALSE - Do not enforce and depend on the default implementation of RNG algorithm from the provider. + # @Prompt Enforce the use of Secure UEFI spec defined RNG algorithms. + gEfiMdePkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|TRUE|BOOLEAN|0x1000000D + [PcdsFixedAtBuild,PcdsPatchableInModule] ## Indicates the maximum length of unicode string used in the following # BaseLib functions: StrLen(), StrSize(), StrCmp(), StrnCmp(), StrCpy(), StrnCpy()

diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf index a8f534a293..54dcb97e57 100644 --- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf +++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf @@ -67,7 +67,7 @@ gEfiRngProtocolGuid ## CONSUMES [FixedPcd] - gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms ## CONSUMES + gEfiMdePkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms ## CONSUMES [Depex] gEfiRngProtocolGuid diff --git a/NetworkPkg/NetworkPkg.dec b/NetworkPkg/NetworkPkg.dec index 29fc0c046c..5db7aa137a 100644 --- a/NetworkPkg/NetworkPkg.dec +++ b/NetworkPkg/NetworkPkg.dec @@ -141,12 +141,6 @@ # @Prompt Indicates whether SnpDxe creates event for ExitBootServices() call. gEfiNetworkPkgTokenSpaceGuid.PcdSnpCreateExitBootServicesEvent|TRUE|BOOLEAN|0x1000000C - ## Enforces the use of Secure UEFI spec defined RNG algorithms for all network connections. - # TRUE - Enforce the use of Secure UEFI spec defined RNG algorithms. - # FALSE - Do not enforce and depend on the default implementation of RNG algorithm from the provider. - # @Prompt Enforce the use of Secure UEFI spec defined RNG algorithms. - gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|TRUE|BOOLEAN|0x1000000D - [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] ## IPv6 DHCP Unique Identifier (DUID) Type configuration (From RFCs 3315 and 6355). # 01 = DUID Based on Link-layer Address Plus Time [DUID-LLT] -- cgit