From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga18.intel.com (mga18.intel.com [134.134.136.126])
 by mx.groups.io with SMTP id smtpd.web11.277.1611189737378479469
 for <devel@edk2.groups.io>;
 Wed, 20 Jan 2021 16:42:17 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=OklBouvx;
 spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: maurice.ma@intel.com)
IronPort-SDR: eVNHL/Bi+5uL0TSKhngqvYxKK+D2er1Gi4GQy2RhBAHs2vaW/8MlnPm0GFU9bF7Fclcu75orJO
 8gq4QGaUDHuQ==
X-IronPort-AV: E=McAfee;i="6000,8403,9870"; a="166861494"
X-IronPort-AV: E=Sophos;i="5.79,362,1602572400"; 
   d="scan'208";a="166861494"
Received: from orsmga007.jf.intel.com ([10.7.209.58])
  by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Jan 2021 16:42:15 -0800
IronPort-SDR: 3Tfuoe/19CSeqmuPGT3SU7BoR9n51WuDG0qTk7jVve0x2aHbgSCW4/B63XR16lDJ9x3lFGGmZk
 ku5gr8LVj/wg==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.79,362,1602572400"; 
   d="scan'208";a="391737816"
Received: from fmsmsx604.amr.corp.intel.com ([10.18.126.84])
  by orsmga007.jf.intel.com with ESMTP; 20 Jan 2021 16:42:15 -0800
Received: from fmsmsx609.amr.corp.intel.com (10.18.126.89) by
 fmsmsx604.amr.corp.intel.com (10.18.126.84) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.1713.5; Wed, 20 Jan 2021 16:42:15 -0800
Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by
 fmsmsx609.amr.corp.intel.com (10.18.126.89) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5
 via Frontend Transport; Wed, 20 Jan 2021 16:42:15 -0800
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (104.47.66.46) by
 edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.1713.5; Wed, 20 Jan 2021 16:42:09 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=km++CwXpfb5iECHlADS68C497W46PWRe5BJpiFtVwYNKvPzT2JRI1FESTImg5602lngFZpOidkCTIPZpW62O+7zrUgyLWkQWWKMpKpWB7dCp2o6LM4DP/m7IqtJsjWjVzrRE3psbk2RSl0qFlNMHgmQTOBDcZTYsbqyxXWtS/Wvz4c5QcSpeLvOit1nZSt5Y0/GS9tXE/UwPbKKquqSQbb7DobtVGZyFle8OxP6y6asU5uwnokB+HXr5YGfNwqYBUw9uqSftiZopALJwZr1JsIj5Of8zKZMUj9QxPe7ARFZgig3v4Jkvw58I2fP18ylGgbTVlwx21s4MR5Z2zTXiSg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=uIxJO4Aplor/ER2FniIVEPvqbmQevYfsaMFQK3axF/I=;
 b=UMbJLbEWRMLcpQzu7+PM9HyeXutCy5xI+OypJQNFOJhBcFslu3IJfMS3sctdSUhPisS4J+ULmf05Zg9bUmyLS9zSUqOSqnEtfEF+WPa91VJG99ob9WUyChyXVsmtbg6fP9shio2W/2c1HT0uR/2AmKZHzxbTTONpdBcgOw6gmtG2z2n93qowaiHZbSkqmF/ti5uWX6eL54SkqglFEog6kAeEYD/BrKpprQ2wtJEkna8xYPkczSFyl3rOqjU3D4xM95NPRPKn+I0TxEHnIa71ZC/G6mOtfliNVHr14iqnNHadtLM3XgVrZmEE2HnokfYOc2kyxGTa4TM9Y+nc0fz8BA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=uIxJO4Aplor/ER2FniIVEPvqbmQevYfsaMFQK3axF/I=;
 b=OklBouvxGrZ7QmXEYmCzah/1qi/ccqturBydmRNMvnlt8FvbdOMO8L3I9do9yTmAd5FBv/5Lz8hAnCUBg3I4iH8708icSq7bHu9a11+RgY+oJDy6KU4Sk/vwAlnfUS84E2NXG/i5NULoa3NQI7c98Vj9TRh57a99o/r7xW2MXKM=
Received: from DM6PR11MB2793.namprd11.prod.outlook.com (2603:10b6:5:c0::29) by
 DM5PR11MB1321.namprd11.prod.outlook.com (2603:10b6:3:9::23) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.3784.11; Thu, 21 Jan 2021 00:42:09 +0000
Received: from DM6PR11MB2793.namprd11.prod.outlook.com
 ([fe80::19ca:d5c5:d1d4:a22f]) by DM6PR11MB2793.namprd11.prod.outlook.com
 ([fe80::19ca:d5c5:d1d4:a22f%6]) with mapi id 15.20.3763.014; Thu, 21 Jan 2021
 00:42:09 +0000
From: "Ma, Maurice" <maurice.ma@intel.com>
To: Patrick Rudolph <patrick.rudolph@9elements.com>, "devel@edk2.groups.io"
	<devel@edk2.groups.io>
CC: "Dong, Guo" <guo.dong@intel.com>, "You, Benjamin" <benjamin.you@intel.com>
Subject: Re: [PATCH] UefiPayloadPkg: Add RNG support
Thread-Topic: [PATCH] UefiPayloadPkg: Add RNG support
Thread-Index: AQHW70Q5b0a2sAJn9UedyAxiO/tzUaoxPQFg
Date: Thu, 21 Jan 2021 00:42:08 +0000
Message-ID: <DM6PR11MB27934BEE9C870430257EB13A89A10@DM6PR11MB2793.namprd11.prod.outlook.com>
References: <20210120155203.3342035-1-patrick.rudolph@9elements.com>
In-Reply-To: <20210120155203.3342035-1-patrick.rudolph@9elements.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-product: dlpe-windows
dlp-version: 11.5.1.3
dlp-reaction: no-action
authentication-results: 9elements.com; dkim=none (message not signed)
 header.d=none;9elements.com; dmarc=none action=none header.from=intel.com;
x-originating-ip: [104.153.200.60]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: b8cb3652-b5b6-43ed-2409-08d8bda56267
x-ms-traffictypediagnostic: DM5PR11MB1321:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <DM5PR11MB1321EA4B066B3D19908FF23C89A19@DM5PR11MB1321.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ASpuwpYA/+ZKKLH4fo+T+Pq/tsSBc1+GvMA4QX4WxjJHJAFogYkPXHEr9NkGpgwFA0bTE/JXj5ysdgTeXuwzlxyHJqi5jXfB6W9c6DpkWf04KlVbIiw1rEwPiUDPmUabnrubPWWynKqV3Se0lB6ODHw2WrIsnl5mB+jU9xr/XNCnytlAZTvSZ4XsvTPy9MLXklZKiYFgQ3gs2nWuTUWcIq7LEU9j3xGsKegu6fuUsNWCd5js56EqrYXvCJehySOszLaQ7lx7is9sUVZmN7koMfYlX/dg4LuKRlFy31Xsyi+Pz4WrIdlQTh5G4GBIfJUhpfc4yao7D4kKOP98XL152J/HJ+pZOhNDgS8ngMCJ9YmBCCA/w88M8syLHRyUr+LEK9GC+TnVsos+aeUdNkVq/3CjBXPeSPPtfxbQhTOH5qQuva3GCwDkayYZTYGhLzeRe2+qzuMH62TVFEEhtvqO7WZ/i7LIxezq3VTjKDwpZyPzIdcDvBK3pu2Y6IEEo4F57ORCXsDoKEwna9piJLyIiw==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR11MB2793.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39860400002)(396003)(366004)(376002)(346002)(136003)(66556008)(8676002)(54906003)(4326008)(26005)(53546011)(76116006)(8936002)(2906002)(83380400001)(107886003)(64756008)(33656002)(478600001)(86362001)(66446008)(7696005)(66946007)(66476007)(110136005)(55016002)(9686003)(71200400001)(186003)(52536014)(316002)(6506007)(5660300002);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata: =?us-ascii?Q?vxcu6Q49cWpF7+nBv3WdAlLgPswlfF9QNTxXfp8ZDg9fK4flwrPkPZALPlSB?=
 =?us-ascii?Q?tT7stfnMvpPuLxI7Bag6BnuH0aOOZx5it62+EjS8tzQ0OkfxGhoCASuEQQIG?=
 =?us-ascii?Q?A6L5yUR53tdeZclm40+EgnBbe3VnwXJ1uf3y1i1zFWDr7rpI7IHOyDqfoDPK?=
 =?us-ascii?Q?ZDln9yHwEPvtOFKbQm8wUliIcV0QP/C0UgSghtuK5k12NiYHdJZyw3Ruais/?=
 =?us-ascii?Q?yef40FfxT0JwotTJ7rNDAXoduapT2NR0YprVbX/8qhCJAmBrY5qZHFx5G0Cm?=
 =?us-ascii?Q?n32WpWdZpQLHz5dSY0ZqIxED5xuhYJkI3n6BuL7jbSZh3L90woYxaB29wJ8A?=
 =?us-ascii?Q?GTXSO4z2cPt377pzCyzrmEAxUM5L785BPq96FpAIZfjA/h7sW9uyHVsPUedX?=
 =?us-ascii?Q?sg9SjBzqWKg3p/U3Az1o0o/vUOK8TpMN5UxfWiEo05N8vnDx1F2Ngv5dzmBa?=
 =?us-ascii?Q?HKsPqlnwa7LMeL3SH2xEk3OFpb5FFwj9JEn+nqBO/evDQwTKoKzDu4sOOSIC?=
 =?us-ascii?Q?zshW3UNhVKBacBLWBf4r2OyLtyd9VxzOml2uRHsZJizGgiOLNekj3wvdukbO?=
 =?us-ascii?Q?YNLMs+0jCz3AwOjGNu14Tjv7fkISPFMu9j96yctmYbBOP2oOgy+JJEgOmcVz?=
 =?us-ascii?Q?Jskg3EapLBYxyaQNc8yo5+Eeu3ErdAFDSUHqcH57P64HCuLwKvwbb84jJzB3?=
 =?us-ascii?Q?yEJkLJYjRlOGB1OWbYjj84S/9EaOYKgM9ByQUAU9CnKJEhE6hJRker74EYhj?=
 =?us-ascii?Q?M/PWXlY5rv/HBn2jkv12zEBvvt6ah6HY+hHetixyDn0cmcQEovOLgckLXYuy?=
 =?us-ascii?Q?CMh/OMN3C4KXDbeEeAPEv1b4jxWN6g3bcUDT0j7+07QKjbYXq9jeNntcUmfj?=
 =?us-ascii?Q?YRpd0uh0TvBNCGgdHg+cES2L0lgydnKf4vnhgeOd9+tuJ0pqx7FP6xYSRFMo?=
 =?us-ascii?Q?RICny1ZoOwdgt0Ao405b3+FWruRiMtqkI597wpTF2BM=3D?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB2793.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b8cb3652-b5b6-43ed-2409-08d8bda56267
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Jan 2021 00:42:09.0135
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ONuoXqp4itH26K99pQioaXv1AWR+LXSLXIGD15ueQYKlaawhcOoDBZaUJPx7H1/Zf4rqhColYVWKeytHLGkxbw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR11MB1321
Return-Path: maurice.ma@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi,  Patrick

There is a BaseRngLib in MdePkg package already.  I am wondering why a new =
instance was created under UefiPayloadPkg in the patch.
Could we just reuse the same library in MdePkg?  =20
If not, what is the reason?   Can we try to enhance the library in MdePkg t=
o address it if required?

Thanks
Maurice
> -----Original Message-----
> From: Patrick Rudolph <patrick.rudolph@9elements.com>
> Sent: Wednesday, January 20, 2021 7:52
> To: devel@edk2.groups.io
> Cc: Ma, Maurice <maurice.ma@intel.com>; Dong, Guo <guo.dong@intel.com>;
> You, Benjamin <benjamin.you@intel.com>
> Subject: [PATCH] UefiPayloadPkg: Add RNG support
>=20
> Uses the RDRAND instruction if available and install EfiRngProtocol.
> The protocol may be used by iPXE or the Linux kernel to gather entropy.
>=20
> Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
> ---
>  UefiPayloadPkg/Library/BaseRngLib/BaseRng.c      | 199
> ++++++++++++++++++++
>  UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf |  32 ++++
> UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.uni |  17 ++
>  UefiPayloadPkg/UefiPayloadPkg.dsc                |   8 +
>  UefiPayloadPkg/UefiPayloadPkg.fdf                |   4 +
>  5 files changed, 260 insertions(+)
>=20
> diff --git a/UefiPayloadPkg/Library/BaseRngLib/BaseRng.c
> b/UefiPayloadPkg/Library/BaseRngLib/BaseRng.c
> new file mode 100644
> index 0000000000..1fe9e1dbe0
> --- /dev/null
> +++ b/UefiPayloadPkg/Library/BaseRngLib/BaseRng.c
> @@ -0,0 +1,199 @@
> +/** @file+  Random number generator services that uses RdRand instructio=
n
> access+  to provide high-quality random numbers.++Copyright (c) 2015, Int=
el
> Corporation. All rights reserved.<BR>+SPDX-License-Identifier: BSD-2-Clau=
se-
> Patent++**/++#include <Library/BaseLib.h>+#include
> <Library/DebugLib.h>+#include <Register/Intel/Cpuid.h>++STATIC BOOLEAN
> mHasRdRand;++//+// Bit mask used to determine if RdRand instruction is
> supported.+//+#define RDRAND_MASK                  BIT30++//+// Limited r=
etry
> number when valid random data is returned.+// Uses the recommended value
> defined in Section 7.3.17 of "Intel 64 and IA-32+// Architectures Softwar=
e
> Developer's Mannual".+//+#define RDRAND_RETRY_LIMIT           10++/**+  T=
he
> constructor function checks whether or not RDRAND instruction is supporte=
d+
> by the host hardware.++  The constructor function checks whether or not
> RDRAND instruction is supported.+  It will always return RETURN_SUCCESS.+=
+
> @retval RETURN_SUCCESS   The constructor always returns
> EFI_SUCCESS.++**/+RETURN_STATUS+EFIAPI+BaseRngLibConstructor (+
> VOID+  )+{+  UINT32  RegEax;+  UINT32  RegEcx;++  AsmCpuid
> (CPUID_SIGNATURE, &RegEax, NULL, NULL, NULL);+  if (RegEax < 1) {+
> mHasRdRand =3D FALSE;+    return RETURN_SUCCESS;+  }++  //+  // Determine
> RDRAND support by examining bit 30 of the ECX register returned by+  // C=
PUID.
> A value of 1 indicates that processor support RDRAND instruction.+  //+
> AsmCpuid (CPUID_VERSION_INFO, 0, 0, &RegEcx, 0);++  mHasRdRand =3D
> ((RegEcx & RDRAND_MASK) =3D=3D RDRAND_MASK);++  return
> RETURN_SUCCESS;+}++/**+  Generates a 16-bit random number.++  if Rand is
> NULL, then ASSERT().++  @param[out] Rand     Buffer pointer to store the =
16-bit
> random value.++  @retval TRUE         Random number generated successfull=
y.+
> @retval FALSE        Failed to generate the random
> number.++**/+BOOLEAN+EFIAPI+GetRandomNumber16 (+  OUT     UINT16
> *Rand+  )+{+  UINT32  Index;++  ASSERT (Rand !=3D NULL);++  if (mHasRdRan=
d) {+
> //+    // A loop to fetch a 16 bit random value with a retry count limit.=
+    //+
> for (Index =3D 0; Index < RDRAND_RETRY_LIMIT; Index++) {+      if (AsmRdR=
and16
> (Rand)) {+        return TRUE;+      }+    }+  }++  return FALSE;+}++/**+=
  Generates a
> 32-bit random number.++  if Rand is NULL, then ASSERT().++  @param[out]
> Rand     Buffer pointer to store the 32-bit random value.++  @retval TRUE
> Random number generated successfully.+  @retval FALSE        Failed to ge=
nerate
> the random number.++**/+BOOLEAN+EFIAPI+GetRandomNumber32 (+  OUT
> UINT32                    *Rand+  )+{+  UINT32  Index;++  ASSERT (Rand !=
=3D NULL);++  if
> (mHasRdRand) {+    //+    // A loop to fetch a 32 bit random value with a=
 retry
> count limit.+    //+    for (Index =3D 0; Index < RDRAND_RETRY_LIMIT; Ind=
ex++) {+
> if (AsmRdRand32 (Rand)) {+        return TRUE;+      }+    }+  }++  retur=
n
> FALSE;+}++/**+  Generates a 64-bit random number.++  if Rand is NULL, the=
n
> ASSERT().++  @param[out] Rand     Buffer pointer to store the 64-bit rand=
om
> value.++  @retval TRUE         Random number generated successfully.+  @r=
etval
> FALSE        Failed to generate the random
> number.++**/+BOOLEAN+EFIAPI+GetRandomNumber64 (+  OUT     UINT64
> *Rand+  )+{+  UINT32  Index;++  ASSERT (Rand !=3D NULL);++  if (mHasRdRan=
d) {+
> //+    // A loop to fetch a 64 bit random value with a retry count limit.=
+    //+
> for (Index =3D 0; Index < RDRAND_RETRY_LIMIT; Index++) {+      if (AsmRdR=
and64
> (Rand)) {+        return TRUE;+      }+    }+  }++  return FALSE;+}++/**+=
  Generates a
> 128-bit random number.++  if Rand is NULL, then ASSERT().++  @param[out]
> Rand     Buffer pointer to store the 128-bit random value.++  @retval TRU=
E
> Random number generated successfully.+  @retval FALSE        Failed to ge=
nerate
> the random number.++**/+BOOLEAN+EFIAPI+GetRandomNumber128 (+  OUT
> UINT64                    *Rand+  )+{+  ASSERT (Rand !=3D NULL);++  //+  =
// Read first 64
> bits+  //+  if (!GetRandomNumber64 (Rand)) {+    return FALSE;+  }++  //+=
  //
> Read second 64 bits+  //+  return GetRandomNumber64 (++Rand);+}diff --git
> a/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf
> b/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf
> new file mode 100644
> index 0000000000..67a91ccfff
> --- /dev/null
> +++ b/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf
> @@ -0,0 +1,32 @@
> +## @file+#  Instance of RNG (Random Number Generator) Library.+#+#
> Copyright (c) 2020 9elements Agency GmbH.<BR>+#+#  SPDX-License-Identifie=
r:
> BSD-2-Clause-Patent+#+##++[Defines]+  INF_VERSION                    =3D
> 0x00010005+  BASE_NAME                      =3D BaseRngLib+  MODULE_UNI_F=
ILE
> =3D BaseRngLib.uni+  FILE_GUID                      =3D 05C48431-DE18-455=
0-931A-
> 3350E8551498+  MODULE_TYPE                    =3D BASE+  VERSION_STRING
> =3D 1.0+  LIBRARY_CLASS                  =3D RngLib+  CONSTRUCTOR        =
            =3D
> BaseRngLibConstructor++#+#  VALID_ARCHITECTURES           =3D IA32
> X64+#++[Sources.Ia32, Sources.X64]+  BaseRng.c++[Packages]+
> MdePkg/MdePkg.dec++[LibraryClasses]+  BaseLib+  DebugLibdiff --git
> a/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.uni
> b/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.uni
> new file mode 100644
> index 0000000000..f3ed954c52
> --- /dev/null
> +++ b/UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.uni
> @@ -0,0 +1,17 @@
> +// /** @file+// Instance of RNG (Random Number Generator) Library.+//+//
> BaseRng Library that uses CPU RdRand instruction access to provide+// hig=
h-
> quality random numbers.+//+// Copyright (c) 2015, Intel Corporation. All =
rights
> reserved.<BR>+//+// SPDX-License-Identifier: BSD-2-Clause-Patent+//+//
> **/+++#string STR_MODULE_ABSTRACT             #language en-US "Instance o=
f
> RNG Library"++#string STR_MODULE_DESCRIPTION          #language en-US
> "BaseRng Library that uses CPU RdRand instruction access to provide high-
> quality random numbers"+diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc
> b/UefiPayloadPkg/UefiPayloadPkg.dsc
> index ae62a9c4d6..78a475ea02 100644
> --- a/UefiPayloadPkg/UefiPayloadPkg.dsc
> +++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
> @@ -494,6 +494,14 @@
>  !endif   UefiPayloadPkg/GraphicsOutputDxe/GraphicsOutputDxe.inf +  #+  #
> Random Number Generator+  #+
> SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf {+
> <LibraryClasses>+
> RngLib|UefiPayloadPkg/Library/BaseRngLib/BaseRngLib.inf+  }+   #---------=
--------
> -------------   #  Build the shell   #------------------------------diff =
--git
> a/UefiPayloadPkg/UefiPayloadPkg.fdf b/UefiPayloadPkg/UefiPayloadPkg.fdf
> index a97ace7395..57c06c8621 100644
> --- a/UefiPayloadPkg/UefiPayloadPkg.fdf
> +++ b/UefiPayloadPkg/UefiPayloadPkg.fdf
> @@ -169,6 +169,10 @@ INF
> MdeModulePkg/Bus/Usb/UsbBusDxe/UsbBusDxe.inf
>  INF MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf INF
> MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf +#+#
> Random Number Generator+#+INF
> SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf  # # Shell--
> 2.26.2