]> git.dujemihanovic.xyz Git - u-boot.git/commit
projects / u-boot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 93b9cd7) | patch
efi_leader: delete rng-seed if having EFI RNG protocol
authorHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
Tue, 17 Sep 2024 08:49:29 +0000 (10:49 +0200)
committerTom Rini <trini@konsulko.com>
Thu, 10 Oct 2024 04:04:56 +0000 (22:04 -0600)
commitb03b2a45f9f07bdfb0074adf9c8b4339080a7def
tree02a2f3cbbb56dc29801d418a571a7219bb21c35ftree | snapshot
parent93b9cd792089e536f2bfa85d9903fd4798209f76commit | diff
efi_leader: delete rng-seed if having EFI RNG protocol

For measured be boot we must avoid any volatile values in the device-tree.
We already delete /chosen/kaslr-seed if we provide and EFI RNG protocol.

Additionally remove /chosen/rng-seed provided by QEMU or U-Boot.

Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
include/efi_loader.h diff | blob | history
lib/efi_loader/efi_dt_fixup.c diff | blob | history
lib/efi_loader/efi_helper.c diff | blob | history
My U-Boot fork