v2023.12.0
What's Changed
⚠️ Breaking Changes
-
Reduce Crypto RNG Assumptions [Rebase \& FF] @makubacki (#88)
Change Details
## Description
NOTE: This PR should only be completed when we are sure that we would like to
introduce a dependency on the RNG PPI and RNG Protocol for the PEI and DXE
binaries.NOTE: This will need to be cherry-picked into the release/202302 branch
(with the MU_BASECORE submodule updated).
CryptoBinPkg.dsc: Use static stack cookie init for DXE
Simplifies the RNG support expected of platforms integrating
the DXE binary.
CryptoBinPkg: Use PeiRngLib and DxeRngLib for crypto binaries
Since platforms integrating the binaries may have very different
levels of support for random number generation, allow the platform
to provide a RNG service for PEI and DXE.A similar change may be made for SMM and Standalone MM environments
in the future.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- Build and platform integration
- Verify RNG PPI/Protocol is present on the PEI and DXE binaries
- Verify the PeiRngLib and DxeRngLib libraries can locate and use
the RNG PPI and Protocol
Integration Instructions
- Read the readme update made in this change in the
"Dependencies Built into Shared Crypto" section.
🚀 Features & ✨ Enhancements
-
Reduce Crypto RNG Assumptions [Rebase \& FF] @makubacki (#88)
Change Details
## Description
NOTE: This PR should only be completed when we are sure that we would like to
introduce a dependency on the RNG PPI and RNG Protocol for the PEI and DXE
binaries.NOTE: This will need to be cherry-picked into the release/202302 branch
(with the MU_BASECORE submodule updated).
CryptoBinPkg.dsc: Use static stack cookie init for DXE
Simplifies the RNG support expected of platforms integrating
the DXE binary.
CryptoBinPkg: Use PeiRngLib and DxeRngLib for crypto binaries
Since platforms integrating the binaries may have very different
levels of support for random number generation, allow the platform
to provide a RNG service for PEI and DXE.A similar change may be made for SMM and Standalone MM environments
in the future.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- Build and platform integration
- Verify RNG PPI/Protocol is present on the PEI and DXE binaries
- Verify the PeiRngLib and DxeRngLib libraries can locate and use
the RNG PPI and Protocol
Integration Instructions
- Read the readme update made in this change in the
"Dependencies Built into Shared Crypto" section.
📖 Documentation Updates
-
Reduce Crypto RNG Assumptions [Rebase \& FF] @makubacki (#88)
Change Details
## Description
NOTE: This PR should only be completed when we are sure that we would like to
introduce a dependency on the RNG PPI and RNG Protocol for the PEI and DXE
binaries.NOTE: This will need to be cherry-picked into the release/202302 branch
(with the MU_BASECORE submodule updated).
CryptoBinPkg.dsc: Use static stack cookie init for DXE
Simplifies the RNG support expected of platforms integrating
the DXE binary.
CryptoBinPkg: Use PeiRngLib and DxeRngLib for crypto binaries
Since platforms integrating the binaries may have very different
levels of support for random number generation, allow the platform
to provide a RNG service for PEI and DXE.A similar change may be made for SMM and Standalone MM environments
in the future.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- Build and platform integration
- Verify RNG PPI/Protocol is present on the PEI and DXE binaries
- Verify the PeiRngLib and DxeRngLib libraries can locate and use
the RNG PPI and Protocol
Integration Instructions
- Read the readme update made in this change in the
"Dependencies Built into Shared Crypto" section.
Full Changelog: v2023.11.5...v2024.0.0
