From nobody Fri Dec 19 04:15:27 2025
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+96191+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96191+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=kernel.org
ARC-Seal: i=1; a=rsa-sha256; t=1668088088; cv=none;
	d=zohomail.com; s=zohoarc;
	b=e0LWQkrOuJAx0XiiQB9HphwzXsVxPn71shKAdCnblVjViRMXp3Auzn7fQ8T6eWUBkfxZW6OT2HMO23FAEr3sB57usIydbHONobrY5L91uc8e4NTJ3nWfVVjQr8xqseTH7kFHH98nq4xd/wVjIyQFf2iQAYAsUkafYCRQB/5mXvw=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1668088088;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=E4vlU8FcPTCZMwX0fOtijWJYym55lF/qn3j7DAGSvSI=;
	b=Xpq988Da1IW6g9VCbNfQ+G8VzsfBk4TV8foQbf2OlcOe+kZYQNK7vT93QY6jdcM7K4jFdE1yR6WX60XwkkpMyd/BK/yvAve+TyqwIHvu7DwBT6WSDHUf1QQWUExY0chSWaKO2snz6CdRsKJqzj2emHOCJGgoG7b0sGCKic6k7Z8=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96191+1787277+3901457@groups.io;
	dmarc=fail header.from=<ardb@kernel.org> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1668088088759345.243756721551;
 Thu, 10 Nov 2022 05:48:08 -0800 (PST)
Return-Path: <bounce+27952+96191+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id m03cYY1788612xlfNrc2FXrD;
 Thu, 10 Nov 2022 05:48:08 -0800
X-Received: from dfw.source.kernel.org (dfw.source.kernel.org
 [139.178.84.217])
 by mx.groups.io with SMTP id smtpd.web12.7636.1668088087829444963
 for <devel@edk2.groups.io>;
 Thu, 10 Nov 2022 05:48:08 -0800
X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dfw.source.kernel.org (Postfix) with ESMTPS id 4F4C7617B6;
	Thu, 10 Nov 2022 13:48:07 +0000 (UTC)
X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id C56ECC43153;
	Thu, 10 Nov 2022 13:48:04 +0000 (UTC)
From: "Ard Biesheuvel" <ardb@kernel.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb@kernel.org>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Rebecca Cran <rebecca@bsdio.com>,
	Pierre Gondois <pierre.gondois@arm.com>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Gerd Hoffmann <kraxel@redhat.com>,
	"Jason A . Donenfeld" <Jason@zx2c4.com>
Subject: [edk2-devel] [PATCH 3/3] OvmfPkg/OvmfX86: Enable RDRAND based
 EFI_RNG_PROTOCOL implementation
Date: Thu, 10 Nov 2022 14:47:38 +0100
Message-Id: <20221110134738.3798618-4-ardb@kernel.org>
In-Reply-To: <20221110134738.3798618-1-ardb@kernel.org>
References: <20221110134738.3798618-1-ardb@kernel.org>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,ardb@kernel.org
X-Gm-Message-State: rRST2bDEhhRKoc9T5zEsBWjxx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1668088088;
 bh=8HLBVGMkcDjbqLSwLdqOzZphDhu9g8/dm1lJkCJrxfs=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=kAyy7kpsCCZoWPHps9T6qnpEKfIPekLmvz/A/VBuH1dnBnIfudJTPJj7oULh2ku9dHc
 j2pyreDbMaZPqLosuStxy0ApicRyeHYy6cEjd0uNkH36yLul7vHZqWGt8Uue4Nh7+wkro
 xmG3MgB22NNam5JmUQLpKnLYZmHjG23d32g=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1668088090881100009
Content-Type: text/plain; charset="utf-8"

Expose the EFI_RNG_PROTOCOL based on RdRand, so that we don't have to
rely on QEMU providing a virtio-rng device in order to implement this
protocol.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 OvmfPkg/OvmfPkgIa32.dsc    | 1 +
 OvmfPkg/OvmfPkgIa32.fdf    | 1 +
 OvmfPkg/OvmfPkgIa32X64.dsc | 1 +
 OvmfPkg/OvmfPkgIa32X64.fdf | 1 +
 OvmfPkg/OvmfPkgX64.dsc     | 1 +
 OvmfPkg/OvmfPkgX64.fdf     | 1 +
 6 files changed, 6 insertions(+)

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index e9ba491237ae..18c1e7255812 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -941,6 +941,7 @@ [Components]
   }
 !endif
=20
+  SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE
   SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDx=
e.inf
   OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.inf
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
index 7023ade8cebe..34f27ca832bc 100644
--- a/OvmfPkg/OvmfPkgIa32.fdf
+++ b/OvmfPkg/OvmfPkgIa32.fdf
@@ -248,6 +248,7 @@ [FV.DXEFV]
 INF  OvmfPkg/LsiScsiDxe/LsiScsiDxe.inf
 !endif
=20
+  INF  SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE
   INF  SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootCon=
figDxe.inf
 !endif
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index af566b953f36..e9a199c9f490 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -955,6 +955,7 @@ [Components.X64]
   }
 !endif
=20
+  SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE
   SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDx=
e.inf
   OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index 80de4fa2c0df..33cc163e596e 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -249,6 +249,7 @@ [FV.DXEFV]
 INF  OvmfPkg/LsiScsiDxe/LsiScsiDxe.inf
 !endif
=20
+  INF  SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE
   INF  SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootCon=
figDxe.inf
 !endif
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index f39d9cd117e6..5572cb82998f 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -1023,6 +1023,7 @@ [Components]
   }
 !endif
=20
+  SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE
   SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDx=
e.inf
   OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.inf
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index c0f5a1ef3c30..d42deebe3f8f 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -274,6 +274,7 @@ [FV.DXEFV]
 INF  OvmfPkg/LsiScsiDxe/LsiScsiDxe.inf
 !endif
=20
+INF  SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE
   INF  SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootCon=
figDxe.inf
 !endif
--=20
2.35.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96191): https://edk2.groups.io/g/devel/message/96191
Mute This Topic: https://groups.io/mt/94935843/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-