From: Ingo Molnar <mingo@kernel.org>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Bhupesh Sharma <bhsharma@redhat.com>,
Ard Biesheuvel <ardb@kernel.org>,
linux-efi <linux-efi@vger.kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Dominik Brodowski <linux@dominikbrodowski.net>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v2 3/6] efi/random: treat EFI_RNG_PROTOCOL output as bootloader randomness
Date: Thu, 31 Oct 2019 09:41:26 +0100 [thread overview]
Message-ID: <20191031084126.GB107774@gmail.com> (raw)
In-Reply-To: <CAKv+Gu_zMMeRSBYk_tBX4UA+v1r+Kntrxe3xurLd1Q2_+HkbWw@mail.gmail.com>
* Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
> On Tue, 29 Oct 2019 at 20:14, Bhupesh Sharma <bhsharma@redhat.com> wrote:
> >
> > Hi Ard,
> >
> > On Tue, Oct 29, 2019 at 11:10 PM Ard Biesheuvel <ardb@kernel.org> wrote:
> > >
> > > From: Dominik Brodowski <linux@dominikbrodowski.net>
> > >
> > > Commit 428826f5358c ("fdt: add support for rng-seed") introduced
> > > add_bootloader_randomness(), permitting randomness provided by the
> > > bootloader or firmware to be credited as entropy. However, the fact
> > > that the UEFI support code was already wired into the RNG subsystem
> > > via a call to add_device_randomness() was overlooked, and so it was
> > > not converted at the same time.
> > >
> > > Note that this UEFI (v2.4 or newer) feature is currently only
> > > implemented for EFI stub booting on ARM, and further note that
> > > CONFIG_RANDOM_TRUST_BOOTLOADER must be enabled, and this should be
> > > done only if there indeed is sufficient trust in the bootloader
> > > _and_ its source of randomness.
> > >
> > > Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
> > > [ardb: update commit log]
> > > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> >
> > Seems my Tested-by was dropped which I provide for the RFC version of
> > this patch.
> > See <https://www.mail-archive.com/linux-efi@vger.kernel.org/msg12281.html>
> > for details.
> >
> > I can provide a similar Tested-by for this version as well.
> >
>
> Thanks Bhupesh
I've added Bhupesh's Tested-by to the commit - no need to resend.
I've picked up all 6 EFI fixes, will push them out after a bit of testing
- sorry about the delay!
Thanks,
Ingo
next prev parent reply other threads:[~2019-10-31 8:41 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-29 17:37 [GIT PULL v2 0/6] EFI fixes for v5.4 Ard Biesheuvel
2019-10-29 17:37 ` [PATCH v2 1/6] efi: Make CONFIG_EFI_RCI2_TABLE selectable on x86 only Ard Biesheuvel
2019-10-31 11:55 ` [tip: efi/urgent] " tip-bot2 for Narendra K
2019-10-29 17:37 ` [PATCH v2 2/6] efi/tpm: return -EINVAL when determining tpm final events log size fails Ard Biesheuvel
2019-10-31 11:55 ` [tip: efi/urgent] efi/tpm: Return " tip-bot2 for Jerry Snitselaar
2019-10-29 17:37 ` [PATCH v2 3/6] efi/random: treat EFI_RNG_PROTOCOL output as bootloader randomness Ard Biesheuvel
2019-10-29 19:14 ` Bhupesh Sharma
2019-10-31 8:24 ` Ard Biesheuvel
2019-10-31 8:41 ` Ingo Molnar [this message]
2019-10-31 13:47 ` Ard Biesheuvel
2019-10-31 11:55 ` [tip: efi/urgent] efi/random: Treat " tip-bot2 for Dominik Brodowski
2019-10-29 17:37 ` [PATCH v2 4/6] efi: libstub/arm: account for firmware reserved memory at the base of RAM Ard Biesheuvel
2019-10-31 11:55 ` [tip: efi/urgent] efi: libstub/arm: Account " tip-bot2 for Ard Biesheuvel
2019-10-29 17:37 ` [PATCH v2 5/6] x86, efi: never relocate kernel below lowest acceptable address Ard Biesheuvel
2019-10-31 11:55 ` [tip: efi/urgent] x86, efi: Never " tip-bot2 for Kairui Song
2019-10-29 17:37 ` [PATCH v2 6/6] efi/efi_test: lock down /dev/efi_test and require CAP_SYS_ADMIN Ard Biesheuvel
2019-10-31 11:55 ` [tip: efi/urgent] efi/efi_test: Lock " tip-bot2 for Javier Martinez Canillas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191031084126.GB107774@gmail.com \
--to=mingo@kernel.org \
--cc=ard.biesheuvel@linaro.org \
--cc=ardb@kernel.org \
--cc=bhsharma@redhat.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@dominikbrodowski.net \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.