From 89e0b3c8bab8685c7b81dbffdcca05360de8547f Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jbjohnso@us.ibm.com>
Date: Thu, 31 Oct 2013 18:19:42 -0400
Subject: [PATCH] Implement some EFI compliant entropy provider for use in SSL

For now, mimick the rtc_entropy by using timers and TSC jitter.
When UEFI 2.4 is more accessible to develop/test against, should
add a path to take advantage of the RNG protocol it provides
to supplement this scheme.
---
 src/config/defaults/efi.h          |  2 +-
 src/include/ipxe/efi/efi_entropy.h | 35 ++++++++++++++++
 src/include/ipxe/entropy.h         |  1 +
 src/include/ipxe/errfile.h         |  1 +
 src/interface/efi/efi_entropy.c    | 66 ++++++++++++++++++++++++++++++
 5 files changed, 104 insertions(+), 1 deletion(-)
 create mode 100644 src/include/ipxe/efi/efi_entropy.h
 create mode 100644 src/interface/efi/efi_entropy.c

diff --git a/src/config/defaults/efi.h b/src/config/defaults/efi.h
index 4276d936..6b323d85 100644
--- a/src/config/defaults/efi.h
+++ b/src/config/defaults/efi.h
@@ -19,7 +19,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
 #define SMBIOS_EFI
 #define SANBOOT_NULL
 #define BOFM_EFI
-#define ENTROPY_NULL
+#define ENTROPY_EFI
 #define TIME_NULL
 #define REBOOT_EFI
 
diff --git a/src/include/ipxe/efi/efi_entropy.h b/src/include/ipxe/efi/efi_entropy.h
new file mode 100644
index 00000000..573dd1e5
--- /dev/null
+++ b/src/include/ipxe/efi/efi_entropy.h
@@ -0,0 +1,35 @@
+#ifndef _IPXE_EFI_ENTROPY_H
+#define _IPXE_EFI_ENTROPY_H
+
+/** @file
+ *
+ *    EFI entropy source
+ *
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER );
+
+#ifdef ENTROPY_EFI
+#define ENTROPY_PREFIX_efi
+#else
+#define ENTROPY_PREFIX_efi __efi_
+#endif
+
+static inline __always_inline double
+ENTROPY_INLINE ( efi, min_entropy_per_sample ) ( void ) {
+    /* TODO: actually meansure min entropy per sample */
+    return 1.3;
+}
+
+extern uint8_t efi_sample ( void );
+static inline __always_inline int
+ENTROPY_INLINE ( efi, get_noise ) ( noise_sample_t *noise ) {
+
+    /* get sample */
+    *noise = efi_sample();
+
+    /* success */
+    return 0;
+}
+
+#endif /* _IPXE_EFI_ENTROPY_H */
diff --git a/src/include/ipxe/entropy.h b/src/include/ipxe/entropy.h
index adf325e7..a1885121 100644
--- a/src/include/ipxe/entropy.h
+++ b/src/include/ipxe/entropy.h
@@ -58,6 +58,7 @@ typedef uint8_t entropy_sample_t;
 
 /* Include all architecture-dependent entropy API headers */
 #include <bits/entropy.h>
+#include <ipxe/efi/efi_entropy.h>
 
 /**
  * Enable entropy gathering
diff --git a/src/include/ipxe/errfile.h b/src/include/ipxe/errfile.h
index 83675796..d637d08c 100644
--- a/src/include/ipxe/errfile.h
+++ b/src/include/ipxe/errfile.h
@@ -288,6 +288,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
 #define ERRFILE_efi_reboot	      ( ERRFILE_OTHER | 0x003e0000 )
 #define ERRFILE_memmap_settings	      ( ERRFILE_OTHER | 0x003f0000 )
 #define ERRFILE_param_cmd	      ( ERRFILE_OTHER | 0x00400000 )
+#define ERRFILE_efi_entropy	      ( ERRFILE_OTHER | 0x00410000 )
 
 /** @} */
 
diff --git a/src/interface/efi/efi_entropy.c b/src/interface/efi/efi_entropy.c
new file mode 100644
index 00000000..f6a71c63
--- /dev/null
+++ b/src/interface/efi/efi_entropy.c
@@ -0,0 +1,66 @@
+/*
+ * Copyright (C) 2013 IBM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER );
+
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <ipxe/entropy.h>
+#include <ipxe/timer.h>
+#include <ipxe/efi/efi.h>
+
+EFI_EVENT waiter;
+
+static int efi_entropy_enable ( void ) {
+    EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
+    EFI_STATUS efirc;
+    int rc = 0;
+    if ( ( efirc = bs->CreateEvent ( EVT_TIMER, TPL_NOTIFY,
+                    NULL, NULL, &waiter ) ) != 0){
+         rc = -EEFI ( efirc );
+    }
+    return rc;
+}
+
+static void efi_entropy_disable ( void ) {
+    EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
+
+    bs->CloseEvent(waiter);
+}
+
+uint8_t efi_sample ( void ) {
+    EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
+    unsigned long before;
+    unsigned long after;
+    EFI_TIMER_DELAY delay = TimerRelative;
+    UINTN discard;
+
+    bs->SetTimer(waiter, delay, 0);
+    bs->WaitForEvent(1, &waiter, &discard);
+    before = currticks();
+    bs->SetTimer(waiter, delay, 10);
+    bs->WaitForEvent(1, &waiter, &discard);
+    after = currticks();
+    return ( after - before );
+}
+PROVIDE_ENTROPY_INLINE ( efi, min_entropy_per_sample );
+PROVIDE_ENTROPY ( efi, entropy_enable, efi_entropy_enable );
+PROVIDE_ENTROPY ( efi, entropy_disable, efi_entropy_disable );
+PROVIDE_ENTROPY_INLINE ( efi, get_noise );