diff options
author | Mike Beaton <mjsbeaton@gmail.com> | 2024-09-08 11:33:43 +0100 |
---|---|---|
committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2024-09-09 17:53:44 +0000 |
commit | 3885a3edad618861168fe7081027867f1753ed42 (patch) | |
tree | f5b4a209a920b65ea8d73d0bd5687f2036a87f17 /NetworkPkg/Library | |
parent | e5715711a41b3a323b1605e41e5875d377e7c9c2 (diff) | |
download | edk2-3885a3edad618861168fe7081027867f1753ed42.zip edk2-3885a3edad618861168fe7081027867f1753ed42.tar.gz edk2-3885a3edad618861168fe7081027867f1753ed42.tar.bz2 |
NetworkPkg/DxeNetLib: Update misleading comment
Commit 6862b9d538d96363635677198899e1669e591259 makes
more explicit the previous logic of the code anyway, which is that
it is (and was) only a fatal error if all secure algorithms fail.
However the comment updated by this commit seems somewhat
incompatible with that change, and even with the previous code
(which operated as now, just logging different error messages).
This updates the comment to be more compatible with how the
code operates.
Signed-off-by: Mike Beaton <mjsbeaton@gmail.com>
Diffstat (limited to 'NetworkPkg/Library')
-rw-r--r-- | NetworkPkg/Library/DxeNetLib/DxeNetLib.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c index 4dfbe91..cf875d7 100644 --- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c +++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c @@ -133,10 +133,16 @@ GLOBAL_REMOVE_IF_UNREFERENCED VLAN_DEVICE_PATH mNetVlanDevicePathTemplate = { // These represent UEFI SPEC defined algorithms that should be supported by
// the RNG protocol and are generally considered secure.
//
-// The order of the algorithms in this array is important. This order is the order
-// in which the algorithms will be tried by the RNG protocol.
-// If your platform needs to use a specific algorithm for the random number generator,
-// then you should place that algorithm first in the array.
+// Assuming that PcdEnforceSecureRngAlgorithms is TRUE (the default) then
+// only the algorithms defined here will be used by the network stack, and
+// none of these being available will result in an error condition (even if
+// some other RNG implementation is available).
+//
+// If PcdEnforceSecureRngAlgorithms is FALSE this list is not consulted,
+// and the first available RNG algorithm is used.
+//
+// If your platform needs to use a specific algorithm for the random number
+// generator, then you should modify this array.
//
GLOBAL_REMOVE_IF_UNREFERENCED EFI_GUID *mSecureHashAlgorithms[] = {
&gEfiRngAlgorithmSp80090Ctr256Guid, // SP800-90A DRBG CTR using AES-256
|