git.ipfire.org Git - thirdparty/ipxe.git/commit

author	Michael Brown <mcb30@ipxe.org>
	Mon, 20 Feb 2023 14:08:49 +0000 (14:08 +0000)
committer	Michael Brown <mcb30@ipxe.org>
	Mon, 20 Feb 2023 14:53:10 +0000 (14:53 +0000)
commit	471599dc7721d454b6658062c901b52038a78be2
tree	4829951380f8701b5909a9192e2e0678fe37a36d	tree
parent	7d71cf318a2a6fedde7aaf9303b1cdec0cf51660	commit \| diff

[efi] Split out EFI_RNG_PROTOCOL as a separate entropy source

Commit 7ca801d ("[efi] Use the EFI_RNG_PROTOCOL as an entropy source
if available") added EFI_RNG_PROTOCOL as an alternative entropy source
via an ad-hoc mechanism specific to efi_entropy.c.

Split out EFI_RNG_PROTOCOL to a separate entropy source, and allow the
entropy core to handle the selection of RDRAND, EFI_RNG_PROTOCOL, or
timer ticks as the active source.

The fault detection logic added in commit a87537d ("[efi] Detect and
disable seriously broken EFI_RNG_PROTOCOL implementations") may be
removed completely, since the failure will already be detected by the
generic ANS X9.82-mandated repetition count test and will now be
handled gracefully by the entropy core.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

src/config/config_entropy.c		diff \| blob \| blame \| history
src/config/defaults/efi.h		diff \| blob \| blame \| history
src/include/ipxe/errfile.h		diff \| blob \| blame \| history
src/interface/efi/efi_entropy.c		diff \| blob \| blame \| history
src/interface/efi/efi_rng.c	[new file with mode: 0644]	blob