From nobody Fri Dec 19 04:15:26 2025
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+96190+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96190+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=kernel.org
ARC-Seal: i=1; a=rsa-sha256; t=1668088086; cv=none;
	d=zohomail.com; s=zohoarc;
	b=C+YMw9+4CYNuc69y/pYF3r8F4yquUO0/4MheFq7VDBNn7UiGZPFUSU76uoW2nhBtBw+iUQezihpmjvyHASCbMrvPmJUbtbeIqGrdgGJCHyorAN18ePeI+uChyv64b/rkZFdpusSRnTwU7BcjlS8tWi/VHWfK6KWp1F39l1JWO54=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1668088086;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=d5zQCByV+hBy7vHoD8P0AfJkiO4Mhvn6rY0HTA4fQTk=;
	b=UvevO6pEYuxhloddEpKYuhhT/iGiJDYrp59bbvne3zMT1gXYmjV9txlb8xA1MzZJUncQwLeeR8cWXF42fsmvM1+CgEklkllFxHi51RnJ8QowU7yC51Y8quAA8vXDgawTQBd6meklxiByslkKs1AAdVPPk8tFGxvNHA10wYmy/dM=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96190+1787277+3901457@groups.io;
	dmarc=fail header.from=<ardb@kernel.org> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1668088086908453.3351072837304;
 Thu, 10 Nov 2022 05:48:06 -0800 (PST)
Return-Path: <bounce+27952+96190+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id edCLYY1788612x0TQFXmE1Mn;
 Thu, 10 Nov 2022 05:48:06 -0800
X-Received: from dfw.source.kernel.org (dfw.source.kernel.org
 [139.178.84.217])
 by mx.groups.io with SMTP id smtpd.web09.7632.1668088085909545739
 for <devel@edk2.groups.io>;
 Thu, 10 Nov 2022 05:48:06 -0800
X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dfw.source.kernel.org (Postfix) with ESMTPS id 4678561889;
	Thu, 10 Nov 2022 13:48:05 +0000 (UTC)
X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 68624C433C1;
	Thu, 10 Nov 2022 13:48:02 +0000 (UTC)
From: "Ard Biesheuvel" <ardb@kernel.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb@kernel.org>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Rebecca Cran <rebecca@bsdio.com>,
	Pierre Gondois <pierre.gondois@arm.com>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Gerd Hoffmann <kraxel@redhat.com>,
	"Jason A . Donenfeld" <Jason@zx2c4.com>
Subject: [edk2-devel] [PATCH 2/3] ArmVirtPkg/ArmVirtQemu: Expose TRNG
 hypercall via RngDxe if implemented
Date: Thu, 10 Nov 2022 14:47:37 +0100
Message-Id: <20221110134738.3798618-3-ardb@kernel.org>
In-Reply-To: <20221110134738.3798618-1-ardb@kernel.org>
References: <20221110134738.3798618-1-ardb@kernel.org>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,ardb@kernel.org
X-Gm-Message-State: vMHfenGEz8KohxYyqb6uFxIRx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1668088086;
 bh=ZWBLyyFxp0ne2k5Xegwv08+mcmd/zssTmd7fjEMoBik=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=A1PySXw9xuFg3M7M0QYmfyCFzRWeqoJEkmsR5ai5wpWEkBUKk7cWiAA2D6f0kGmmJax
 XSe3Oxl+dWWw4fhwAL9mbJqyrq/zqQ+71NJ3Yrexmj0rXJxu8T1+KfBKNqMMwW+YNBnwf
 7Ftwben4AN1pF/WRzlCGuHJ2D6uWfOQE/YA=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1668088088894100005
Content-Type: text/plain; charset="utf-8"

Currently, we only expose the EFI_RNG_PROTOCOL in ArmVirtQemu if QEMU
provides a virtio-rng device, and it doesn't do so by default.

Given that KVM exposes the ARM architected TRNG service (and has done so
for a while now), let's incorporate the RngDxe driver which has recently
grown support for the ARM firmware/hypervisor service.

If both the service and the virtio device are available, two
implementations of the RNG protocol will be exposed, but this is fine:
callers that don't care about the distinction will grab the first one
available.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 ArmVirtPkg/ArmVirtQemu.dsc           | 11 +++++++++++
 ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc |  5 +++++
 ArmVirtPkg/ArmVirtQemuKernel.dsc     | 11 +++++++++++
 3 files changed, 27 insertions(+)

diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index f77443229e8e..1771ad562225 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -140,6 +140,8 @@ [PcdsFeatureFlag.common]
=20
   gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE)
=20
+  gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE
+
 [PcdsFixedAtBuild.common]
 !if $(ARCH) =3D=3D AARCH64
   gArmTokenSpaceGuid.PcdVFPEnabled|1
@@ -442,6 +444,15 @@ [Components.common]
   OvmfPkg/VirtioNetDxe/VirtioNet.inf
   OvmfPkg/VirtioRngDxe/VirtioRng.inf
=20
+  #
+  # Rng Support
+  #
+  SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf {
+    <LibraryClasses>
+      ArmMonitorLib|ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.inf
+      ArmTrngLib|ArmPkg/Library/ArmTrngLib/ArmTrngLib.inf
+  }
+
   #
   # FAT filesystem + GPT/MBR partitioning + UDF filesystem + virtio-fs
   #
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuF=
vMain.fdf.inc
index e06ca7424476..75c75a2d9a17 100644
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
@@ -99,6 +99,11 @@ [FV.FvMain]
   INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
   INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
=20
+  #
+  # Rng Support
+  #
+  INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
+
   INF ShellPkg/Application/Shell/Shell.inf
   INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
   INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKerne=
l.dsc
index f5db3ac432f3..abe0cbab8295 100644
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
@@ -114,6 +114,8 @@ [PcdsFeatureFlag.common]
=20
   gEfiMdeModulePkgTokenSpaceGuid.PcdTurnOffUsbLegacySupport|TRUE
=20
+  gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE
+
 [PcdsFixedAtBuild.common]
 !if $(ARCH) =3D=3D AARCH64
   gArmTokenSpaceGuid.PcdVFPEnabled|1
@@ -350,6 +352,15 @@ [Components.common]
   OvmfPkg/VirtioNetDxe/VirtioNet.inf
   OvmfPkg/VirtioRngDxe/VirtioRng.inf
=20
+  #
+  # Rng Support
+  #
+  SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf {
+    <LibraryClasses>
+      ArmMonitorLib|ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.inf
+      ArmTrngLib|ArmPkg/Library/ArmTrngLib/ArmTrngLib.inf
+  }
+
   #
   # FAT filesystem + GPT/MBR partitioning + UDF filesystem + virtio-fs
   #
--=20
2.35.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96190): https://edk2.groups.io/g/devel/message/96190
Mute This Topic: https://groups.io/mt/94935841/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-