commit 369b92637992367bc061ae052c9bfb680bbfd372
author Ilias Apalodimas <ilias.apalodimas@linaro.org> Fri Jul 22 21:32:03 2022 +0530
committer Ilias Apalodimas <ilias.apalodimas@linaro.org> Tue Aug 02 23:50:02 2022 +0300
tree 141c46df097eb17696ffdaad64c7e8cba612e0f2
parent 8f2ecaf1074dc57a72ff97301898125cdb0f2681

efi_loader: initialize the RNG protocol after the TCC2

Due to U-Boot's lazy binding the RNG presented by the TCG is not available
until the EFI_TCG2 protocol has been initialized.  Since the TPM has a
built-in RNG device we can use for the OS randomization, move the RNG
protocol installation after the TCG.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

lib/efi_loader/efi_setup.c

diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c
index 492ecf4..751beda 100644
--- a/lib/efi_loader/efi_setup.c
+++ b/lib/efi_loader/efi_setup.c
@@ -246,13 +246,6 @@
 	/* Set up console modes */
 	efi_setup_console_size();
 
-	/* Install EFI_RNG_PROTOCOL */
-	if (IS_ENABLED(CONFIG_EFI_RNG_PROTOCOL)) {
-		ret = efi_rng_register();
-		if (ret != EFI_SUCCESS)
-			goto out;
-	}
-
 	/* Initialize variable services */
 	ret = efi_init_variables();
 	if (ret != EFI_SUCCESS)
@@ -289,6 +282,13 @@
 			goto out;
 	}
 
+	/* Install EFI_RNG_PROTOCOL */
+	if (IS_ENABLED(CONFIG_EFI_RNG_PROTOCOL)) {
+		ret = efi_rng_register();
+		if (ret != EFI_SUCCESS)
+			goto out;
+	}
+
 	if (IS_ENABLED(CONFIG_EFI_RISCV_BOOT_PROTOCOL)) {
 		ret = efi_riscv_register();
 		if (ret != EFI_SUCCESS)