Reviewed-by: Sean Rhodes On Tue, 25 Apr 2023 at 18:09, Benjamin Doron wrote: > From: Benjamin Doron > > Presently, `ArchIsRngSupported()` always returns TRUE, per > > https://github.com/tianocore/edk2/blob/1eeca0750af5af2f0e78437bf791ac2de74bde74/MdePkg/Library/BaseRngLib/Rand/RdRand.c#L124-L125 > . > Therefore, `BaseRngLibConstructor()` should continue to assert RDRAND > support. > > However, older platforms do not support RDRAND, such as QEMU in some > configurations. Therefore, define an RngLib library class for such > systems, using a new flag. Maintain current behaviour by default. > > Note that this is less secure behaviour, and should be avoided in > production. > > Cc: Guo Dong > Cc: Ray Ni > Cc: Sean Rhodes > Cc: James Lu > Cc: Gua Guo > Signed-off-by: Benjamin Doron > --- > UefiPayloadPkg/UefiPayloadPkg.dsc | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc > b/UefiPayloadPkg/UefiPayloadPkg.dsc > index 9847f189fff5..1e803ba01567 100644 > --- a/UefiPayloadPkg/UefiPayloadPkg.dsc > +++ b/UefiPayloadPkg/UefiPayloadPkg.dsc > @@ -130,6 +130,7 @@ > # This is how BaseCpuTimerLib works, and a recommended way to get > Frequence, so set the default value as TRUE. > # Note: for emulation platform such as QEMU, this may not work and > should set it as FALSE > DEFINE CPU_TIMER_LIB_ENABLE = TRUE > + DEFINE CPU_RNG_ENABLE = TRUE > > DEFINE MULTIPLE_DEBUG_PORT_SUPPORT = FALSE > > @@ -204,7 +205,11 @@ > !endif > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > +!if $(CPU_RNG_ENABLE) == TRUE > RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf > +!else > + RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf > +!endif > HobLib|UefiPayloadPkg/Library/DxeHobLib/DxeHobLib.inf > > # > -- > 2.39.2 > >