From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+119793+7686176+12367111@groups.io>
Received: from mail05.groups.io (mail05.groups.io [45.79.224.7])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 4864278003C
	for <rebecca@openfw.io>; Thu,  4 Jul 2024 11:27:46 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=WlALcKl/BYXnzyFhBK1I6V7ERoSUL5bmTtg34JARsyA=;
 c=relaxed/simple; d=groups.io;
 h=Date:From:To:CC:Subject:Message-ID:References:MIME-Version:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Disposition;
 s=20240206; t=1720092466; v=1;
 b=n5lL+qweC9ch9pRPb5WNiHY5li7mhdDi4gk0nkP8269qWaa+7CSxT99Z0nl4WvxjhbPiyf08
 opfk7dqGS6/AxYxM0wN8MidWZz27iWw4gGCf2XP4Eiad32v9y79S3gDol2nYaVv9trkEI3p/di0
 /zuS3+pwcnUH+pP3BpvdpT4h74MgNs+xq4V2TFEtcqouL/FxAFZyT+i/y8tlJVSEOXYEaquBXKm
 tIdkcvSag7zc3qG8+Bl0jrJ5BIrMXhMMNjGodgDFNldkQUlU7g+Iv91bTe/vJ5f4TehUadycZco
 oSlEGYbeoUsBMqGNUgnijyqOhX2tKdTU/YmvSk0vxc2YQ==
X-Received: by 127.0.0.2 with SMTP id tI30YY7687511xacvqIeczO4; Thu, 04 Jul 2024 04:27:44 -0700
X-Received: from mx0a-0031df01.pphosted.com (mx0a-0031df01.pphosted.com [205.220.168.131])
 by mx.groups.io with SMTP id smtpd.web11.7959.1720092464172680872
 for <devel@edk2.groups.io>;
 Thu, 04 Jul 2024 04:27:44 -0700
X-Received: from pps.filterd (m0279862.ppops.net [127.0.0.1])
	by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 464AMdWk012411;
	Thu, 4 Jul 2024 11:27:44 GMT
X-Received: from nasanppmta01.qualcomm.com (i-global254.qualcomm.com [199.106.103.254])
	by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 404kctnhem-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Thu, 04 Jul 2024 11:27:43 +0000 (GMT)
X-Received: from nasanex01c.na.qualcomm.com (nasanex01c.na.qualcomm.com [10.45.79.139])
	by NASANPPMTA01.qualcomm.com (8.17.1.19/8.17.1.19) with ESMTPS id 464BRhj5022055
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Thu, 4 Jul 2024 11:27:43 GMT
X-Received: from qc-i7.hemma.eciton.net (10.80.80.8) by
 nasanex01c.na.qualcomm.com (10.45.79.139) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.1544.9; Thu, 4 Jul 2024 04:27:41 -0700
Date: Thu, 4 Jul 2024 12:27:38 +0100
From: "Leif Lindholm" <quic_llindhol@quicinc.com>
To: <devel@edk2.groups.io>, <marcin.juszkiewicz@linaro.org>
CC: Ard Biesheuvel <ardb+tianocore@kernel.org>,
        Graeme Gregory
	<graeme@xora.org.uk>
Subject: Re: [edk2-devel] [PATCH edk2-platforms v2] SbsaQemu: use FEAT_RNG for EFI_RNG_PROTOCOL
Message-ID: <ZoaHKgHgs556kCeF@qc-i7.hemma.eciton.net>
References: <20240703-efi-rng-protocol-v2-1-73a486537538@linaro.org>
MIME-Version: 1.0
In-Reply-To: <20240703-efi-rng-protocol-v2-1-73a486537538@linaro.org>
X-Originating-IP: [10.80.80.8]
X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To
 nasanex01c.na.qualcomm.com (10.45.79.139)
X-QCInternal: smtphost
X-Proofpoint-GUID: EM0GYDHTuBvnCSt8nOxnyE7wOAKMYug_
X-Proofpoint-ORIG-GUID: EM0GYDHTuBvnCSt8nOxnyE7wOAKMYug_
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Resent-Date: Thu, 04 Jul 2024 04:27:44 -0700
Resent-From: quic_llindhol@quicinc.com
Reply-To: devel@edk2.groups.io,quic_llindhol@quicinc.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: 4pBcV35jI4IHX5BJxFLAYbZUx7686176AA=
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20240206 header.b=n5lL+qwe;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=quicinc.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io

On Wed, Jul 03, 2024 at 14:39:31 +0200, Marcin Juszkiewicz wrote:
> By default we have Neoverse-N2 cpu which supports FEAT_RNG feature. This
> allows us to add RngDxe to have EFI_RNG_PROTOCOL available on
> Neoverse-N2 and 'max' cpu cores.
> 
> Commit 5de5e230a80bed083360da95ba16a2c4a001620d (in EDK2) enabled that for
> ArmVirt platform.
> 
> RNDR is implemented by both Neoverse-N2 and 'max' cpu implemented by QEMU.
> Other cpu models lack it which prevents the RngDxe driver from running,
> resulting in the same situation as before.
> 
> TRNG is not implemented in TCG mode but is required by RngDxe to run.
> 
> On older cpu cores nothing changes.
> 
> Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>

Thanks!

Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
With one niggle below:

> ---
> By default we have Neoverse-N2 cpu which supports FEAT_RNG feature. This
> allows us to add RngDxe to have EFI_RNG_PROTOCOL available on
> Neoverse-N2 and 'max' cpu cores.
> 
> When I boot with Neoverse-N2 or 'max' cpu then EFI_RNG_PROTOCOL gets
> reported by 'EFI stub' on Linux boot and KASLR gets enabled.
> 
> Commit 5de5e230a80bed083360da95ba16a2c4a001620d (in EDK2) enabled that for
> ArmVirt platform.
> 
> RNDR is implemented by both Neoverse-N2 and 'max' cpu implemented by QEMU.
> Other cpu models lack it which prevents the RngDxe driver from running,
> resulting in the same situation as before.
> 
> TRNG is not implemented in TCG mode but is required by RngDxe to run.
> 
> On older cpu cores nothing changes.
> ---
>  Platform/Qemu/SbsaQemu/SbsaQemu.dsc | 7 +++++++
>  Platform/Qemu/SbsaQemu/SbsaQemu.fdf | 1 +
>  2 files changed, 8 insertions(+)
> 
> diff --git a/Platform/Qemu/SbsaQemu/SbsaQemu.dsc b/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
> index 9306986bf7c0..72b6a6d9a8b8 100644
> --- a/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
> +++ b/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
> @@ -660,6 +660,13 @@ [Components.common]
>    OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
>    MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
>    Silicon/Qemu/SbsaQemu/Drivers/SbsaQemuHighMemDxe/SbsaQemuHighMemDxe.inf
> +  SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf {
> +    <LibraryClasses>
> +      RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
> +      ArmTrngLib|ArmPkg/Library/ArmTrngLib/ArmTrngLib.inf
> +      ArmMonitorLib|ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.inf
> +  }
> +

Please drop the added blank line.

/
    Leif

>  
>    #
>    # FAT filesystem + GPT/MBR partitioning
> diff --git a/Platform/Qemu/SbsaQemu/SbsaQemu.fdf b/Platform/Qemu/SbsaQemu/SbsaQemu.fdf
> index b35f42e11aa4..51a1ef8519f9 100644
> --- a/Platform/Qemu/SbsaQemu/SbsaQemu.fdf
> +++ b/Platform/Qemu/SbsaQemu/SbsaQemu.fdf
> @@ -192,6 +192,7 @@ [FV.FvMain]
>    INF ArmPkg/Drivers/TimerDxe/TimerDxe.inf
>    INF OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
>    INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
> +  INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
>  
>    #
>    # FAT filesystem + GPT/MBR partitioning + UDF filesystem
> 
> ---
> base-commit: c7ed8deaa8c1d7ee83af994b2c90d4490ef27bdc
> change-id: 20240703-efi-rng-protocol-be991536709a
> 
> Best regards,
> -- 
> Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
> 
> 
> 
> 
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119793): https://edk2.groups.io/g/devel/message/119793
Mute This Topic: https://groups.io/mt/107018350/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-