efi_loader: initialize the RNG protocol after the TCC2

Due to U-Boot's lazy binding the RNG presented by the TCG is not available
until the EFI_TCG2 protocol has been initialized.  Since the TPM has a
built-in RNG device we can use for the OS randomization, move the RNG
protocol installation after the TCG.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c
index 492ecf4..751beda 100644 (file)
--- a/lib/efi_loader/efi_setup.c
+++ b/lib/efi_loader/efi_setup.c
@@ -246,13 +246,6 @@ efi_status_t efi_init_obj_list(void)
        /* Set up console modes */
        efi_setup_console_size();
 
-       /* Install EFI_RNG_PROTOCOL */
-       if (IS_ENABLED(CONFIG_EFI_RNG_PROTOCOL)) {
-               ret = efi_rng_register();
-               if (ret != EFI_SUCCESS)
-                       goto out;
-       }
-
        /* Initialize variable services */
        ret = efi_init_variables();
        if (ret != EFI_SUCCESS)
@@ -289,6 +282,13 @@ efi_status_t efi_init_obj_list(void)
                        goto out;
        }
 
+       /* Install EFI_RNG_PROTOCOL */
+       if (IS_ENABLED(CONFIG_EFI_RNG_PROTOCOL)) {
+               ret = efi_rng_register();
+               if (ret != EFI_SUCCESS)
+                       goto out;
+       }
+
        if (IS_ENABLED(CONFIG_EFI_RISCV_BOOT_PROTOCOL)) {
                ret = efi_riscv_register();
                if (ret != EFI_SUCCESS)