[ipxe-devel] EFI enhancements for https

[Michael Brown]

On 29/10/13 23:23, Jarrod Johnson wrote:
> Currently I'm trying to understand how things fit together (by looking
> at how rtc_entropy hooks in) and how errfile.h should go.
>
> For reference, the meat of the entropy thing I was thinking to look like:
> uint8_t efi_sample ( void ) {
>      EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
>      EFI_EVENT waiter;
>      unsigned long before;
>      unsigned long after;
>      EFI_STATUS efirc;
>      EFI_TIMER_DELAY delay = TimerRelative;
>      UINTN discard;
>      /* int rc; */
>
>      if ( ( efirc = bs->CreateEvent ( EVT_TIMER, TPL_NOTIFY,
>                      NULL, NULL, &waiter ) ) != 0){
>          /* TODO: I don't know how to wrangle errfile.h......
>           * rc = -EEFI ( efirc );
>           */
>          return efirc;
>      }
>      bs->SetTimer(waiter, delay, 0);
>      bs->WaitForEvent(1, &waiter, &discard);
>      before = currticks();
>      bs->SetTimer(waiter, delay, 0);
>      bs->WaitForEvent(1, &waiter, &discard);
>      after = currticks();
>      bs->CloseEvent(waiter);
>      return ( after - before );
> }

I would suggest calling CreateEvent() from efi_entropy_enable(), and 
CloseEvent() from efi_entropy_disable().  This allows efi_sample() to 
always succeed (as with rtc_sample()), and should give a more natural fit.

As for errfile.h, just append a new identifier in include/ipxe/errfile.h 
under the ERRFILE_OTHER block, following the existing pattern.

You'll also need to create an include/ipxe/efi/efi_entropy.h (modelled 
on arch/i386/include/ipxe/rtc_entropy.h), #include this from within 
include/ipxe/entropy.h under "/* Include all architecture-independent 
entropy API headers */", and change config/defaults/efi.h to use 
ENTROPY_EFI rather than ENTROPY_NULL.

Michael