Do we separate these Security Driver into separate FV ? I really don’t want to see gather everything into uefi_fv. Separate it into a lot of fv, we can easy to plug in and plug out. Thanks, Gua From: devel@edk2.groups.io On Behalf Of Sean Rhodes Sent: Wednesday, April 26, 2023 8:33 PM To: Benjamin Doron Cc: devel@edk2.groups.io; Dong, Guo ; Ni, Ray ; Lu, James ; Guo, Gua Subject: Re: [edk2-devel][PATCH v1 2/2] UefiPayloadPkg: Enable RNG support Reviewed-by: Sean Rhodes > On Tue, 25 Apr 2023 at 18:09, Benjamin Doron > wrote: From: Benjamin Doron > Uses CPU RDRAND support and installs the EfiRngProtocol. The protocol may be used by iPXE or the Linux kernel to gather entropy. Cc: Guo Dong > Cc: Ray Ni > Cc: Sean Rhodes > Cc: James Lu > Cc: Gua Guo > Signed-off-by: Benjamin Doron > --- UefiPayloadPkg/UefiPayloadPkg.dsc | 3 +++ UefiPayloadPkg/UefiPayloadPkg.fdf | 3 +++ 2 files changed, 6 insertions(+) diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc index 1e803ba01567..486af2396731 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.dsc +++ b/UefiPayloadPkg/UefiPayloadPkg.dsc @@ -634,6 +634,9 @@ MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf !endif UefiCpuPkg/CpuDxe/CpuDxe.inf +!if $(CPU_RNG_ENABLE) == TRUE + SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf +!endif MdeModulePkg/Universal/BdsDxe/BdsDxe.inf !if $(BOOTSPLASH_IMAGE) MdeModulePkg/Logo/LogoDxe.inf diff --git a/UefiPayloadPkg/UefiPayloadPkg.fdf b/UefiPayloadPkg/UefiPayloadPkg.fdf index f8c2aa8c4a02..53add65a6a40 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.fdf +++ b/UefiPayloadPkg/UefiPayloadPkg.fdf @@ -157,6 +157,9 @@ INF CryptoPkg/Driver/CryptoDxe.inf INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf !endif INF UefiCpuPkg/CpuDxe/CpuDxe.inf +!if $(CPU_RNG_ENABLE) == TRUE +INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf +!endif INF RuleOverride = UI MdeModulePkg/Application/UiApp/UiApp.inf INF MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuApp.inf -- 2.39.2