From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
 by mx.groups.io with SMTP id smtpd.web09.7632.1668088085909545739
 for <devel@edk2.groups.io>;
 Thu, 10 Nov 2022 05:48:06 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@kernel.org header.s=k20201202 header.b=MP7V+MtT;
 spf=pass (domain: kernel.org, ip: 139.178.84.217, mailfrom: ardb@kernel.org)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dfw.source.kernel.org (Postfix) with ESMTPS id 4678561889;
	Thu, 10 Nov 2022 13:48:05 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 68624C433C1;
	Thu, 10 Nov 2022 13:48:02 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1668088084;
	bh=CQGqeAI67k2bwaGgLVFd6gmYgNRAoNBBeXqbXnHaPc0=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=MP7V+MtTx6DCVQVEUTqZhKe/AMaUuUpKsPDFizGFwB5aSFwvRRZZfUbkdpcDZY6mW
	 wGwJTJ+HWv2QbmUhEbLdjKg6qtIcDX2YwViifmBYOnkGae8w5m768Vrtdgo1sRU18f
	 rXZca4mFeHy6TEIsU0X90RgKYdHFfPuyQqt2O5QbWayxom2jQOBOhbPY77uSDKLCSP
	 kfkqfHXkNrsgrZVqFL9koJ4WHQouVrtqTxX1K8caEFoyrEK4Kn2Kn0WoaRDXZpIzP9
	 IQLURRM/ThGNl7uxG7lLRYuUUOelJRLKOUFQNVyIaU8GXltY2iMHK1ogKQkMN2oTzI
	 tkaXidqVzQKEw==
From: "Ard Biesheuvel" <ardb@kernel.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb@kernel.org>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Rebecca Cran <rebecca@bsdio.com>,
	Pierre Gondois <pierre.gondois@arm.com>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Gerd Hoffmann <kraxel@redhat.com>,
	"Jason A . Donenfeld" <Jason@zx2c4.com>
Subject: [PATCH 2/3] ArmVirtPkg/ArmVirtQemu: Expose TRNG hypercall via RngDxe if implemented
Date: Thu, 10 Nov 2022 14:47:37 +0100
Message-Id: <20221110134738.3798618-3-ardb@kernel.org>
X-Mailer: git-send-email 2.35.1
In-Reply-To: <20221110134738.3798618-1-ardb@kernel.org>
References: <20221110134738.3798618-1-ardb@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

Currently, we only expose the EFI_RNG_PROTOCOL in ArmVirtQemu if QEMU
provides a virtio-rng device, and it doesn't do so by default.

Given that KVM exposes the ARM architected TRNG service (and has done so
for a while now), let's incorporate the RngDxe driver which has recently
grown support for the ARM firmware/hypervisor service.

If both the service and the virtio device are available, two
implementations of the RNG protocol will be exposed, but this is fine:
callers that don't care about the distinction will grab the first one
available.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 ArmVirtPkg/ArmVirtQemu.dsc           | 11 +++++++++++
 ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc |  5 +++++
 ArmVirtPkg/ArmVirtQemuKernel.dsc     | 11 +++++++++++
 3 files changed, 27 insertions(+)

diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index f77443229e8e..1771ad562225 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -140,6 +140,8 @@ [PcdsFeatureFlag.common]
 =0D
   gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE)=0D
 =0D
+  gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE=0D
+=0D
 [PcdsFixedAtBuild.common]=0D
 !if $(ARCH) =3D=3D AARCH64=0D
   gArmTokenSpaceGuid.PcdVFPEnabled|1=0D
@@ -442,6 +444,15 @@ [Components.common]
   OvmfPkg/VirtioNetDxe/VirtioNet.inf=0D
   OvmfPkg/VirtioRngDxe/VirtioRng.inf=0D
 =0D
+  #=0D
+  # Rng Support=0D
+  #=0D
+  SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf {=0D
+    <LibraryClasses>=0D
+      ArmMonitorLib|ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.inf=0D
+      ArmTrngLib|ArmPkg/Library/ArmTrngLib/ArmTrngLib.inf=0D
+  }=0D
+=0D
   #=0D
   # FAT filesystem + GPT/MBR partitioning + UDF filesystem + virtio-fs=0D
   #=0D
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuF=
vMain.fdf.inc
index e06ca7424476..75c75a2d9a17 100644
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
@@ -99,6 +99,11 @@ [FV.FvMain]
   INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf=0D
   INF OvmfPkg/VirtioRngDxe/VirtioRng.inf=0D
 =0D
+  #=0D
+  # Rng Support=0D
+  #=0D
+  INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf=0D
+=0D
   INF ShellPkg/Application/Shell/Shell.inf=0D
   INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf=0D
   INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf=0D
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKerne=
l.dsc
index f5db3ac432f3..abe0cbab8295 100644
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
@@ -114,6 +114,8 @@ [PcdsFeatureFlag.common]
 =0D
   gEfiMdeModulePkgTokenSpaceGuid.PcdTurnOffUsbLegacySupport|TRUE=0D
 =0D
+  gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE=0D
+=0D
 [PcdsFixedAtBuild.common]=0D
 !if $(ARCH) =3D=3D AARCH64=0D
   gArmTokenSpaceGuid.PcdVFPEnabled|1=0D
@@ -350,6 +352,15 @@ [Components.common]
   OvmfPkg/VirtioNetDxe/VirtioNet.inf=0D
   OvmfPkg/VirtioRngDxe/VirtioRng.inf=0D
 =0D
+  #=0D
+  # Rng Support=0D
+  #=0D
+  SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf {=0D
+    <LibraryClasses>=0D
+      ArmMonitorLib|ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.inf=0D
+      ArmTrngLib|ArmPkg/Library/ArmTrngLib/ArmTrngLib.inf=0D
+  }=0D
+=0D
   #=0D
   # FAT filesystem + GPT/MBR partitioning + UDF filesystem + virtio-fs=0D
   #=0D
--=20
2.35.1