By default we have Neoverse-N2 cpu which supports FEAT_RNG feature. This
allows us to add RngDxe to have EFI_RNG_PROTOCOL available on
Neoverse-N2 and 'max' cpu cores.
Commit 5de5e230a80bed083360da95ba16a2c4a001620d (in EDK2) enabled that for
ArmVirt platform.
RNDR is implemented by both Neoverse-N2 and 'max' cpu implemented by QEMU.
Other cpu models lack it which prevents the RngDxe driver from running,
resulting in the same situation as before.
TRNG is not implemented in TCG mode but is required by RngDxe to run.
On older cpu cores nothing changes.
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiew...@linaro.org>
---
By default we have Neoverse-N2 cpu which supports FEAT_RNG feature. This
allows us to add RngDxe to have EFI_RNG_PROTOCOL available on
Neoverse-N2 and 'max' cpu cores.
When I boot with Neoverse-N2 or 'max' cpu then EFI_RNG_PROTOCOL gets
reported by 'EFI stub' on Linux boot and KASLR gets enabled.
Commit 5de5e230a80bed083360da95ba16a2c4a001620d (in EDK2) enabled that for
ArmVirt platform.
RNDR is implemented by both Neoverse-N2 and 'max' cpu implemented by QEMU.
Other cpu models lack it which prevents the RngDxe driver from running,
resulting in the same situation as before.
TRNG is not implemented in TCG mode but is required by RngDxe to run.
On older cpu cores nothing changes.
---
Platform/Qemu/SbsaQemu/SbsaQemu.dsc | 7 +++++++
Platform/Qemu/SbsaQemu/SbsaQemu.fdf | 1 +
2 files changed, 8 insertions(+)
diff --git a/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
b/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
index 9306986bf7c0..72b6a6d9a8b8 100644
--- a/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
+++ b/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
@@ -660,6 +660,13 @@ [Components.common]
OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
Silicon/Qemu/SbsaQemu/Drivers/SbsaQemuHighMemDxe/SbsaQemuHighMemDxe.inf
+ SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf {
+ <LibraryClasses>
+ RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
+ ArmTrngLib|ArmPkg/Library/ArmTrngLib/ArmTrngLib.inf
+ ArmMonitorLib|ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.inf
+ }
+
#
# FAT filesystem + GPT/MBR partitioning
diff --git a/Platform/Qemu/SbsaQemu/SbsaQemu.fdf
b/Platform/Qemu/SbsaQemu/SbsaQemu.fdf
index b35f42e11aa4..51a1ef8519f9 100644
--- a/Platform/Qemu/SbsaQemu/SbsaQemu.fdf
+++ b/Platform/Qemu/SbsaQemu/SbsaQemu.fdf
@@ -192,6 +192,7 @@ [FV.FvMain]
INF ArmPkg/Drivers/TimerDxe/TimerDxe.inf
INF OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
+ INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
#
# FAT filesystem + GPT/MBR partitioning + UDF filesystem
---
base-commit: c7ed8deaa8c1d7ee83af994b2c90d4490ef27bdc
change-id: 20240703-efi-rng-protocol-be991536709a
Best regards,
--
Marcin Juszkiewicz <marcin.juszkiew...@linaro.org>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119785): https://edk2.groups.io/g/devel/message/119785
Mute This Topic: https://groups.io/mt/107018350/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
