OvmfPkg: Rerun dispatcher after initializing virtio-rng

Since the pixiefail CVE fix the network stack requires a hardware random number generator. This can currently be a modern CPU supporting the RDRAND instruction or a virtio-rng device. The latter is initialized during the BDS phase. To ensure all depending (network) modules are also started, we need to run the dispatcher once more after the device was initialized. Without this, network boot is not available under certain hardware configurations. Fixes: 4c4ceb2ceb ("NetworkPkg: SECURITY PATCH CVE-2023-45237") Analysed-by: Stefano Garzarella <sgarzare@redhat.com> Suggested-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Oliver Steffen <osteffen@redhat.com>
author: Oliver Steffen <osteffen@redhat.com> 2024-11-04 19:00:11 +0100
committer: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> 2024-11-27 18:07:10 +0000
commit: 9c4542a0645ac832e22d0c3da0f1ee7b127a316f (patch)
tree: d2d707d3021841ef1c01f71dace63c1fb0ec8c02
parent: 3ee2ceb6fa4ee13484758bc3cd77195262faad07 (diff)
download: edk2-9c4542a0645ac832e22d0c3da0f1ee7b127a316f.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
index d9f61757cf..a44e45df8f 100644
--- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
+++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
@@ -670,6 +670,8 @@ ConnectVirtioPciRng (
     if (EFI_ERROR (Status)) {
       goto Error;
     }
+
+    gDS->Dispatch ();
   }
 
   return EFI_SUCCESS;
author	Oliver Steffen <osteffen@redhat.com>	2024-11-04 19:00:11 +0100
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-11-27 18:07:10 +0000
commit	9c4542a0645ac832e22d0c3da0f1ee7b127a316f (patch)
tree	d2d707d3021841ef1c01f71dace63c1fb0ec8c02
parent	3ee2ceb6fa4ee13484758bc3cd77195262faad07 (diff)
download	edk2-9c4542a0645ac832e22d0c3da0f1ee7b127a316f.tar.gz