diff options
| author | Michael Brown <mcb30@ipxe.org> | 2023-02-20 14:08:49 +0000 |
|---|---|---|
| committer | Michael Brown <mcb30@ipxe.org> | 2023-02-20 14:53:10 +0000 |
| commit | 471599dc7721d454b6658062c901b52038a78be2 (patch) | |
| tree | 4829951380f8701b5909a9192e2e0678fe37a36d /src/config/config_entropy.c | |
| parent | 7d71cf318a2a6fedde7aaf9303b1cdec0cf51660 (diff) | |
| download | ipxe-471599dc7721d454b6658062c901b52038a78be2.zip ipxe-471599dc7721d454b6658062c901b52038a78be2.tar.gz ipxe-471599dc7721d454b6658062c901b52038a78be2.tar.bz2 | |
[efi] Split out EFI_RNG_PROTOCOL as a separate entropy source
Commit 7ca801d ("[efi] Use the EFI_RNG_PROTOCOL as an entropy source
if available") added EFI_RNG_PROTOCOL as an alternative entropy source
via an ad-hoc mechanism specific to efi_entropy.c.
Split out EFI_RNG_PROTOCOL to a separate entropy source, and allow the
entropy core to handle the selection of RDRAND, EFI_RNG_PROTOCOL, or
timer ticks as the active source.
The fault detection logic added in commit a87537d ("[efi] Detect and
disable seriously broken EFI_RNG_PROTOCOL implementations") may be
removed completely, since the failure will already be detected by the
generic ANS X9.82-mandated repetition count test and will now be
handled gracefully by the entropy core.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/config/config_entropy.c')
| -rw-r--r-- | src/config/config_entropy.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/config/config_entropy.c b/src/config/config_entropy.c index e96019a..9f12f1f 100644 --- a/src/config/config_entropy.c +++ b/src/config/config_entropy.c @@ -37,9 +37,12 @@ PROVIDE_REQUIRING_SYMBOL(); #ifdef ENTROPY_RTC REQUIRE_OBJECT ( rtc_entropy ); #endif -#ifdef ENTROPY_EFI +#ifdef ENTROPY_EFITICK REQUIRE_OBJECT ( efi_entropy ); #endif +#ifdef ENTROPY_EFIRNG +REQUIRE_OBJECT ( efi_rng ); +#endif #ifdef ENTROPY_LINUX REQUIRE_OBJECT ( linux_entropy ); #endif |