From nobody Tue Feb 10 16:19:05 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1526624439182424.52630968382414; Thu, 17 May 2018 23:20:39 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id E116A20961836; Thu, 17 May 2018 23:20:33 -0700 (PDT) Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id A657C2096182B for ; Thu, 17 May 2018 23:20:32 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id DC01481663C0; Fri, 18 May 2018 06:20:31 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-74.rdu2.redhat.com [10.10.120.74]) by smtp.corp.redhat.com (Postfix) with ESMTP id 222E8111AF25; Fri, 18 May 2018 06:20:30 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=66.187.233.73; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 18 May 2018 08:20:26 +0200 Message-Id: <20180518062026.2781-3-lersek@redhat.com> In-Reply-To: <20180518062026.2781-1-lersek@redhat.com> References: <20180518062026.2781-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Fri, 18 May 2018 06:20:31 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Fri, 18 May 2018 06:20:31 +0000 (UTC) for IP:'10.11.54.3' DOMAIN:'int-mx03.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'lersek@redhat.com' RCPT:'' Subject: [edk2] [PATCH 2/2] OvmfPkg/PlatformBootManagerLib: connect Virtio RNG devices again X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jordan Justen , Ard Biesheuvel MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Virtio RNG devices are never boot devices, so in commit 245c643cc8b7 we stopped connecting them. This is a problem because an OS boot loader may depend on EFI_RNG_PROTOCOL to seed the OS's RNG. Connect Virtio RNG devices again. And, while commit 245c643cc8b7 removed that from PlatformBootManagerAfterConsole(), reintroduce it now to PlatformBootManagerBeforeConsole() -- this way Driver#### options launched between both functions may access EFI_RNG_PROTOCOL too. Cc: Ard Biesheuvel Cc: Jordan Justen Fixes: 245c643cc8b73240c3b88cb55b2911b285a8c10d Ref: https://bugzilla.redhat.com/show_bug.cgi?id=3D1579518 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.h | 1 + OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c | 105 +++++++++++++++= +++++ 2 files changed, 106 insertions(+) diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.h b/OvmfPkg= /Library/PlatformBootManagerLib/BdsPlatform.h index 97ffbb514825..4948ca6518ec 100644 --- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.h +++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.h @@ -30,6 +30,7 @@ Abstract: #include #include #include +#include =20 #include #include diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c b/OvmfPkg= /Library/PlatformBootManagerLib/BdsPlatform.c index 004b753f4d26..5d4d323d7306 100644 --- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c +++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c @@ -318,6 +318,15 @@ ConnectRootBridge ( IN VOID *Context ); =20 +STATIC +EFI_STATUS +EFIAPI +ConnectVirtioPciRng ( + IN EFI_HANDLE Handle, + IN VOID *Instance, + IN VOID *Context + ); + STATIC VOID SaveS3BootScript ( @@ -399,6 +408,13 @@ PlatformBootManagerBeforeConsole ( ASSERT_RETURN_ERROR (PcdStatus); =20 PlatformRegisterOptionsAndKeys (); + + // + // Install both VIRTIO_DEVICE_PROTOCOL and (dependent) EFI_RNG_PROTOCOL + // instances on Virtio PCI RNG devices. + // + VisitAllInstancesOfProtocol (&gEfiPciIoProtocolGuid, ConnectVirtioPciRng, + NULL); } =20 =20 @@ -427,6 +443,95 @@ ConnectRootBridge ( } =20 =20 +STATIC +EFI_STATUS +EFIAPI +ConnectVirtioPciRng ( + IN EFI_HANDLE Handle, + IN VOID *Instance, + IN VOID *Context + ) +{ + EFI_PCI_IO_PROTOCOL *PciIo; + EFI_STATUS Status; + UINT16 VendorId; + UINT16 DeviceId; + UINT8 RevisionId; + BOOLEAN Virtio10; + UINT16 SubsystemId; + + PciIo =3D Instance; + + // + // Read and check VendorId. + // + Status =3D PciIo->Pci.Read (PciIo, EfiPciIoWidthUint16, PCI_VENDOR_ID_OF= FSET, + 1, &VendorId); + if (EFI_ERROR (Status)) { + goto Error; + } + if (VendorId !=3D VIRTIO_VENDOR_ID) { + return EFI_SUCCESS; + } + + // + // Read DeviceId and RevisionId. + // + Status =3D PciIo->Pci.Read (PciIo, EfiPciIoWidthUint16, PCI_DEVICE_ID_OF= FSET, + 1, &DeviceId); + if (EFI_ERROR (Status)) { + goto Error; + } + Status =3D PciIo->Pci.Read (PciIo, EfiPciIoWidthUint8, PCI_REVISION_ID_O= FFSET, + 1, &RevisionId); + if (EFI_ERROR (Status)) { + goto Error; + } + + // + // From DeviceId and RevisionId, determine whether the device is a + // modern-only Virtio 1.0 device. In case of Virtio 1.0, DeviceId can + // immediately be restricted to VIRTIO_SUBSYSTEM_ENTROPY_SOURCE, and + // SubsystemId will only play a sanity-check role. Otherwise, DeviceId c= an + // only be sanity-checked, and SubsystemId will decide. + // + if (DeviceId =3D=3D 0x1040 + VIRTIO_SUBSYSTEM_ENTROPY_SOURCE && + RevisionId >=3D 0x01) { + Virtio10 =3D TRUE; + } else if (DeviceId >=3D 0x1000 && DeviceId <=3D 0x103F && RevisionId = =3D=3D 0x00) { + Virtio10 =3D FALSE; + } else { + return EFI_SUCCESS; + } + + // + // Read and check SubsystemId as dictated by Virtio10. + // + Status =3D PciIo->Pci.Read (PciIo, EfiPciIoWidthUint16, + PCI_SUBSYSTEM_ID_OFFSET, 1, &SubsystemId); + if (EFI_ERROR (Status)) { + goto Error; + } + if ((Virtio10 && SubsystemId >=3D 0x40) || + (!Virtio10 && SubsystemId =3D=3D VIRTIO_SUBSYSTEM_ENTROPY_SOURCE)) { + Status =3D gBS->ConnectController ( + Handle, // ControllerHandle + NULL, // DriverImageHandle -- connect all drivers + NULL, // RemainingDevicePath -- produce all child ha= ndles + FALSE // Recursive -- don't follow child handles + ); + if (EFI_ERROR (Status)) { + goto Error; + } + } + return EFI_SUCCESS; + +Error: + DEBUG ((DEBUG_ERROR, "%a: %r\n", __FUNCTION__, Status)); + return Status; +} + + /** Add IsaKeyboard to ConIn; add IsaSerial to ConOut, ConIn, ErrOut. =20 --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel