From patchwork Fri Jul 22 16:02:03 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 592469 Delivered-To: patch@linaro.org Received: by 2002:a05:7000:b811:0:0:0:0 with SMTP id fc17csp635067mab; Fri, 22 Jul 2022 09:03:06 -0700 (PDT) X-Google-Smtp-Source: AGRyM1syuQBQzcvONEhdW2j0dGSVPHlc4YpDq8Vu1myCDcsdPacJ3sd+stg/y1OqiVfDEn3+6Kg/ X-Received: by 2002:a05:6638:1386:b0:33f:7dc7:bd98 with SMTP id w6-20020a056638138600b0033f7dc7bd98mr330746jad.281.1658505786348; Fri, 22 Jul 2022 09:03:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658505786; cv=none; d=google.com; s=arc-20160816; b=H/vdkoP9+jXpAuMwE2z5WZjs6i7eKIClGut9l4fd73v0JtRfbPSNEjlLaEJYm6S4gK Y5ugVyz8uSIfaRLBUrAovkUD3F3mjTA9sM0J/sBdX87XVJ/Qo8UysLJEiG1yzoqeDSLX BFytrSp0oGt/FKf9Z+tDOwK0/XFi1tC1gShsvAbyOOuLu6cr/YzbgOUpCxEu6oBSsTzq JlTJF8gT8VVg5+9zkbcniKpiNk+ywOxKglhfRcFjBYqNxi46r1kEHvA/o1Z8VcXdd9Fb iSBF9K4XEhk4/TtFm2sqLCsyynoFjYogpPDJsnAq1hXWWPuAPfowmc18MdlQYV5zUEip nVPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=edddUpnWQ2H3mz5zUpTRygXjoHe1nd/CiZIKGjPC7q8=; b=TVQt3fTyyFb1pSQPHVc+QR7Wyh1QkH+p1ykqgvauVEhPUDXNg3WlDnp7meynAYA1cR D7OquTT8xXaxdHilSmL9WG08aVWk7PuDzk42eqADZRiJUJsO6K9ZGUQC2tOZ9NpcC2JZ He6xFLDEnGcWTA3w9EaCe743G9SODpRMh3FQJSkXzOlwUBIgO3qeqkp6KxgujwPRX/qK ZPChbxz3eYlB2Pipn/CvnpN2/8+kTc3jVelX6Cm49UKL6A3NqBc9jlyLvRIGaWOHAB5Z PgD/F9ynZNipEA/DcGIefMtEezq7PWiv7iNORN1GUDnZLnVop7bVqypTKa94H4lM7mau XaEw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id h15-20020a056e021b8f00b002dab273202asi4507478ili.107.2022.07.22.09.03.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Jul 2022 09:03:06 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 9C2F083FB3; Fri, 22 Jul 2022 18:02:43 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 73DED83AC3; Fri, 22 Jul 2022 18:02:36 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 986CC82142 for ; Fri, 22 Jul 2022 18:02:32 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 971181063; Fri, 22 Jul 2022 09:02:32 -0700 (PDT) Received: from a076522.blr.arm.com (a076522.blr.arm.com [10.162.16.44]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 5ADDA3F73D; Fri, 22 Jul 2022 09:02:30 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Tom Rini Subject: [PATCH v8 2/8] efi_loader: initialize the RNG protocol after the TCC2 Date: Fri, 22 Jul 2022 21:32:03 +0530 Message-Id: <20220722160209.863840-3-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220722160209.863840-1-sughosh.ganu@linaro.org> References: <20220722160209.863840-1-sughosh.ganu@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean From: Ilias Apalodimas Due to U-Boot's lazy binding the RNG presented by the TCG is not available until the EFI_TCG2 protocol has been initialized. Since the TPM has a built-in RNG device we can use for the OS randomization, move the RNG protocol installation after the TCG. Signed-off-by: Ilias Apalodimas --- Changes since V7: New patch lib/efi_loader/efi_setup.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c index 492ecf4cb1..751beda590 100644 --- a/lib/efi_loader/efi_setup.c +++ b/lib/efi_loader/efi_setup.c @@ -246,13 +246,6 @@ efi_status_t efi_init_obj_list(void) /* Set up console modes */ efi_setup_console_size(); - /* Install EFI_RNG_PROTOCOL */ - if (IS_ENABLED(CONFIG_EFI_RNG_PROTOCOL)) { - ret = efi_rng_register(); - if (ret != EFI_SUCCESS) - goto out; - } - /* Initialize variable services */ ret = efi_init_variables(); if (ret != EFI_SUCCESS) @@ -289,6 +282,13 @@ efi_status_t efi_init_obj_list(void) goto out; } + /* Install EFI_RNG_PROTOCOL */ + if (IS_ENABLED(CONFIG_EFI_RNG_PROTOCOL)) { + ret = efi_rng_register(); + if (ret != EFI_SUCCESS) + goto out; + } + if (IS_ENABLED(CONFIG_EFI_RISCV_BOOT_PROTOCOL)) { ret = efi_riscv_register(); if (ret != EFI_SUCCESS)