]> xenbits.xensource.com Git - people/aperard/ovmf.git/commitdiff
projects / people / aperard / ovmf.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5c8bdb1)
MdePkg: Move PcdEnforceSecureRngAlgorithms from NetworkPkg
authorPierre Gondois <pierre.gondois@arm.com>
Thu, 29 Aug 2024 14:31:45 +0000 (16:31 +0200)
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Fri, 13 Sep 2024 14:34:21 +0000 (14:34 +0000)
The PcdEnforceSecureRngAlgorithms Pcd enforces the use of RNG
algorithms defined by the UEFI spec. To re-use the Pcd in other
packages and have a generic mean to control the usage of unsecure
algorithms, move the Pcd to the MdePkg.

Continuous-integration-options: PatchCheck.ignore-multi-package
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
MdePkg/MdePkg.dec patch | blob | blame | history
NetworkPkg/Library/DxeNetLib/DxeNetLib.inf patch | blob | blame | history
NetworkPkg/NetworkPkg.dec patch | blob | blame | history

diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index b542d6d832354b59282a4d97628d5483ea26ad9d..624f6263609268a139195f5b55889b1b184c66a9 100644 (file)
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -2266,6 +2266,12 @@
   ## This PCD specifies the interrupt vector for stack cookie check failures\r
   gEfiMdePkgTokenSpaceGuid.PcdStackCookieExceptionVector|0x42|UINT8|0x30001019\r
 \r
+  ## Enforces the use of Secure UEFI spec defined RNG algorithms.\r
+  # TRUE  - Enforce the use of Secure UEFI spec defined RNG algorithms.\r
+  # FALSE - Do not enforce and depend on the default implementation of RNG algorithm from the provider.\r
+  # @Prompt Enforce the use of Secure UEFI spec defined RNG algorithms.\r
+  gEfiMdePkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|TRUE|BOOLEAN|0x1000000D\r
+\r
 [PcdsFixedAtBuild,PcdsPatchableInModule]\r
   ## Indicates the maximum length of unicode string used in the following\r
   #  BaseLib functions: StrLen(), StrSize(), StrCmp(), StrnCmp(), StrCpy(), StrnCpy()<BR><BR>\r
diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
index a8f534a29358de43411760c758e54572d557de81..54dcb97e578dc5c27c4de3c4130b88bb80690316 100644 (file)
--- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
+++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
@@ -67,7 +67,7 @@
   gEfiRngProtocolGuid                           ## CONSUMES\r
 \r
 [FixedPcd]\r
-  gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms ## CONSUMES\r
+  gEfiMdePkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms ## CONSUMES\r
 \r
 [Depex]\r
   gEfiRngProtocolGuid\r
diff --git a/NetworkPkg/NetworkPkg.dec b/NetworkPkg/NetworkPkg.dec
index 29fc0c046c5b12266241f0afa4dd4166eca31ec3..5db7aa137a23a980b615f4f5da40f3eb3be57703 100644 (file)
--- a/NetworkPkg/NetworkPkg.dec
+++ b/NetworkPkg/NetworkPkg.dec
@@ -141,12 +141,6 @@
   # @Prompt Indicates whether SnpDxe creates event for ExitBootServices() call.\r
   gEfiNetworkPkgTokenSpaceGuid.PcdSnpCreateExitBootServicesEvent|TRUE|BOOLEAN|0x1000000C\r
 \r
-  ## Enforces the use of Secure UEFI spec defined RNG algorithms for all network connections.\r
-  # TRUE  - Enforce the use of Secure UEFI spec defined RNG algorithms.\r
-  # FALSE - Do not enforce and depend on the default implementation of RNG algorithm from the provider.\r
-  # @Prompt Enforce the use of Secure UEFI spec defined RNG algorithms.\r
-  gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|TRUE|BOOLEAN|0x1000000D\r
-\r
 [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]\r
   ## IPv6 DHCP Unique Identifier (DUID) Type configuration (From RFCs 3315 and 6355).\r
   # 01 = DUID Based on Link-layer Address Plus Time [DUID-LLT]\r
OVMF