Hi Ard,
On Tue, Oct 29, 2019 at 11:10 PM Ard Biesheuvel <ardb@xxxxxxxxxx> wrote:
>
> From: Dominik Brodowski <linux@xxxxxxxxxxxxxxxxxxxx>
>
> Commit 428826f5358c ("fdt: add support for rng-seed") introduced
> add_bootloader_randomness(), permitting randomness provided by the
> bootloader or firmware to be credited as entropy. However, the fact
> that the UEFI support code was already wired into the RNG subsystem
> via a call to add_device_randomness() was overlooked, and so it was
> not converted at the same time.
>
> Note that this UEFI (v2.4 or newer) feature is currently only
> implemented for EFI stub booting on ARM, and further note that
> CONFIG_RANDOM_TRUST_BOOTLOADER must be enabled, and this should be
> done only if there indeed is sufficient trust in the bootloader
> _and_ its source of randomness.
>
> Signed-off-by: Dominik Brodowski <linux@xxxxxxxxxxxxxxxxxxxx>
> [ardb: update commit log]
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>
Seems my Tested-by was dropped which I provide for the RFC version of
this patch.
See <https://www.mail-archive.com/linux-efi@xxxxxxxxxxxxxxx/msg12281.html>
for details.
I can provide a similar Tested-by for this version as well.
Thanks,
Bhupesh
> ---
> drivers/firmware/efi/efi.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
> index 69f00f7453a3..e98bbf8e56d9 100644
> --- a/drivers/firmware/efi/efi.c
> +++ b/drivers/firmware/efi/efi.c
> @@ -554,7 +554,7 @@ int __init efi_config_parse_tables(void *config_tables, int count, int sz,
> sizeof(*seed) + size);
> if (seed != NULL) {
> pr_notice("seeding entropy pool\n");
> - add_device_randomness(seed->bits, seed->size);
> + add_bootloader_randomness(seed->bits, seed->size);
> early_memunmap(seed, sizeof(*seed) + size);
> } else {
> pr_err("Could not map UEFI random seed!\n");
> --
> 2.17.1
>
