The kvmtool guest firmware is using the default RNG library defined in ArmVirtPkg.dsc.inc which is BaseRngLibTimerLib.
BaseRngLibTimerLib is only present to use for test purposes on platforms that do not have a suitable RNG source and must not be used for production purposes. Armv8.5 introduces random number instructions (e.g., RNDR) which return a 64-bit random number. Although, this feature is optional, it can be assumed that most modern platforms will implement this support. This feature i.e. FEAT_RNG can be discovered by examining the processor feature registers. It is therefore desirable to use the RNDR instructions instead of using the default BaseRngLibTimerLib which is unsafe. The BaseRngLib in MdePkg already implements the RNG support using RNDR. However, it is worth noting that FEAT_RNG is supported in AArch64 state only. Therefore, switch to using the BaseRngLib instance for AArch64 firmware builds. The AArch32 firmware builds will continue to use BaseRngLibTimerLib. Note: The guest firmware already supports Virtio RNG. So, should the processor not implement FEAT_RNG, the guest firmware can fall back to use Virtio RNG. Cc: Ard Biesheuvel <ardb+tianoc...@kernel.org> Cc: Leif Lindholm <quic_llind...@quicinc.com> Cc: Gerd Hoffmann <kra...@redhat.com> Signed-off-by: Sami Mujawar <sami.muja...@arm.com> --- ArmVirtPkg/ArmVirtKvmTool.dsc | 1 + 1 file changed, 1 insertion(+) diff --git a/ArmVirtPkg/ArmVirtKvmTool.dsc b/ArmVirtPkg/ArmVirtKvmTool.dsc index c358b0a55daea8f8231b037cc63005cc86fe9a18..835e4f1a5a618537d885682322a288f12b8ce8dd 100644 --- a/ArmVirtPkg/ArmVirtKvmTool.dsc +++ b/ArmVirtPkg/ArmVirtKvmTool.dsc @@ -90,6 +90,7 @@ [LibraryClasses.common] [LibraryClasses.AARCH64] ArmCcaLib|ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.inf ArmCcaRsiLib|ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.inf + RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf [LibraryClasses.common.SEC, LibraryClasses.common.PEI_CORE, LibraryClasses.common.PEIM] PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117692): https://edk2.groups.io/g/devel/message/117692 Mute This Topic: https://groups.io/mt/105483431/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
