From c465cf5cf3fbd09caf82d2c34fc6f127f5648b48 Mon Sep 17 00:00:00 2001 From: Oliver Steffen Date: Thu, 7 Nov 2024 11:36:22 +0100 Subject: [PATCH 2/2] OvmfPkg/ArmVirtPkg: Add a Fallback RNG (RH only) RH-Author: Oliver Steffen RH-MergeRequest: 104: OvmfPkg: Add a Fallback RNG (RH only) RH-Jira: RHEL-66236 RH-Acked-by: Gerd Hoffmann RH-Commit: [2/2] d7748d697e522ab5ef70702da53241db71e602fe Since the pixiefail CVE fix, the network stack requires a random number generator. In case there is no hardware random number generator available, have the Platform Boot Manager install a pseudo RNG to ensure the network can be used. This patch adds the fallback rng which was introduced in a previous commit also to the ArmVirtPkg PlatformBootManagerLib. Signed-off-by: Oliver Steffen --- ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c | 5 +++++ .../PlatformBootManagerLib/PlatformBootManagerLib.inf | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c index 1848042f86..c4cfbfc7f6 100644 --- a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c +++ b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c @@ -29,6 +29,7 @@ #include #include #include +#include "FallbackRng.h" #include "PlatformBm.h" @@ -793,6 +794,8 @@ PlatformBootManagerBeforeConsole ( // instances on Virtio PCI RNG devices. // FilterAndProcess (&gEfiPciIoProtocolGuid, IsVirtioPciRng, Connect); + + FallbackRngCheckAndInstall (); } /** @@ -814,6 +817,8 @@ PlatformBootManagerAfterConsole ( { RETURN_STATUS Status; + FallbackRngPrintWarning (); + // // Show the splash screen. // diff --git a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf index 997eb1a442..d4ea9bef60 100644 --- a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf +++ b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf @@ -27,6 +27,8 @@ PlatformBm.c PlatformBm.h QemuKernel.c + ../../../OvmfPkg/Library/PlatformBootManagerLib/FallbackRng.h + ../../../OvmfPkg/Library/PlatformBootManagerLib/FallbackRng.c [Packages] ArmVirtPkg/ArmVirtPkg.dec @@ -53,6 +55,7 @@ UefiBootServicesTableLib UefiLib UefiRuntimeServicesTableLib + RngLib [FixedPcd] gEfiMdePkgTokenSpaceGuid.PcdUartDefaultBaudRate @@ -69,9 +72,11 @@ gEfiGlobalVariableGuid gRootBridgesConnectedEventGroupGuid gUefiShellFileGuid + gEfiRngAlgorithmRaw [Protocols] gEfiFirmwareVolume2ProtocolGuid gEfiGraphicsOutputProtocolGuid gEfiPciRootBridgeIoProtocolGuid gVirtioDeviceProtocolGuid + gEfiRngProtocolGuid -- 2.45.2