From 0bde85a20e8388e6a12dcf507ea617d4e995c771 Mon Sep 17 00:00:00 2001 From: Camilla Conte Date: Thu, 15 Dec 2022 12:45:35 +0000 Subject: [PATCH] * Thu Dec 15 2022 Camilla Conte - 20221207gitfff6d81270b5-1 - Rebase to edk2-stable202211 tag Resolves: RHEL-119 (rebase edk2 to edk2-stable202211) - Resolves: RHEL-75 (edk2 builds should show the build version) - Resolves: bz#2132951 (edk2: Sort traditional virtualization builds before Confidential Computing builds) --- 0002-Remove-submodules.patch | 12 +- ...minalDxe-add-other-text-resolutions-.patch | 4 +- ...-max-debug-message-length-to-512-RHE.patch | 82 ----- ...minalDxe-set-xterm-resolution-on-mod.patch | 8 +- ...ResizeXterm-from-the-QEMU-command-li.patch | 36 +- ...PcdResizeXterm-from-the-QEMU-command.patch | 12 +- ...mfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch | 38 +- ...clusion-of-the-shell-from-the-firmwa.patch | 172 --------- ...DEBUG_VERBOSE-0x00400000-in-QemuVide.patch | 18 +- ...ntroduce-fixed-PCD-for-early-hello-m.patch | 93 ----- ...ce-DEBUG_VERBOSE-0x00400000-in-QemuR.patch | 10 +- ...rePeiCore-write-early-hello-message-.patch | 145 -------- ...bDxe-Do-not-report-DXE-failure-on-Aa.patch | 4 +- ...tPkg-set-early-hello-message-RH-only.patch | 82 ----- ...EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch | 18 +- ...lLib-list-RHEL8-specific-OpenSSL-fil.patch | 12 +- ...elLoaderFsDxe-suppress-error-on-no-k.patch | 4 +- ...Dxe-suppress-error-on-no-swtpm-in-si.patch | 4 +- ...0015-OvmfPkg-Remove-EbcDxe-RHEL-only.patch | 24 +- ...ve-VirtioGpu-device-driver-RHEL-only.patch | 24 +- ...irtioFsDxe-filesystem-driver-RHEL-on.patch | 34 +- ...e-VirtioFsDxe-filesystem-driver-RHEL.patch | 12 +- ...e-UdfDxe-filesystem-driver-RHEL-only.patch | 36 +- ...e-UdfDxe-filesystem-driver-RHEL-only.patch | 12 +- 0021-ArmVirtPkg-Remove-EbcDxe-RHEL-only.patch | 56 --- ...ftpDynamicCommand-from-shell-RHEL-on.patch | 46 +-- ...e-TftpDynamicCommand-from-shell-RHEL.patch | 8 +- ...ttpDynamicCommand-from-shell-RHEL-on.patch | 52 +-- ...e-HttpDynamicCommand-from-shell-RHEL.patch | 8 +- ...inuxInitrdDynamicShellCommand-RHEL-o.patch | 60 ++-- ...e-LinuxInitrdDynamicShellCommand-RHE.patch | 8 +- ...g-make-EFI_LOADER_DATA-non-executabl.patch | 26 ++ ...latformDxe-Handle-all-requests-in-Ex.patch | 216 ++++++++++++ ...Pkg-QemuVideoDxe-fix-bochs-mode-init.patch | 89 ----- ...kg-SmbiosPlatformDxe-use-PcdFirmware.patch | 231 ++++++++++++ ....json => 30-edk2-ovmf-x64-sb-enrolled.json | 0 edk2-ovmf.json => 40-edk2-ovmf-x64-sb.json | 0 edk2-aarch64.json => 50-edk2-aarch64.json | 0 ...ovmf-cc.json => 50-edk2-ovmf-x64-nosb.json | 9 +- ...rbose.json => 51-edk2-aarch64-verbose.json | 0 ...mdsev.json => 60-edk2-ovmf-x64-amdsev.json | 7 +- 60-edk2-ovmf-x64-inteltdx.json | 29 ++ LICENSE.qosb | 21 -- README.rst | 18 - RedHatSecureBootPkKek1.pem | 22 -- ...mmCore-SmmEntryPoint-underflow-CVE-2.patch | 228 ------------ edk2-build.py | 276 +++++++++++++++ edk2-build.rhel-9 | 103 ++++++ edk2.spec | 332 +++++------------- ovmf-vars-generator | 296 ---------------- sources | 4 +- 51 files changed, 1233 insertions(+), 1808 deletions(-) rename 0004-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch => 0003-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch (98%) delete mode 100644 0003-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch rename 0005-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch => 0004-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch (97%) rename 0006-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch => 0005-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch (93%) rename 0007-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch => 0006-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch (96%) rename 0012-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch => 0007-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch (94%) delete mode 100644 0008-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch rename 0013-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch => 0008-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch (94%) delete mode 100644 0009-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch rename 0014-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch => 0009-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch (94%) delete mode 100644 0010-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch rename 0015-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch => 0010-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch (97%) delete mode 100644 0011-ArmVirtPkg-set-early-hello-message-RH-only.patch rename 0016-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch => 0011-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch (94%) rename 0017-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch => 0012-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch (97%) rename 0018-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch => 0013-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch (96%) rename 0019-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch => 0014-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch (96%) rename 0020-OvmfPkg-Remove-EbcDxe-RHEL-only.patch => 0015-OvmfPkg-Remove-EbcDxe-RHEL-only.patch (90%) rename 0022-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch => 0016-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch (89%) rename 0023-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch => 0017-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch (81%) rename 0024-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch => 0018-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch (90%) rename 0025-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch => 0019-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch (85%) rename 0026-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch => 0020-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch (90%) delete mode 100644 0021-ArmVirtPkg-Remove-EbcDxe-RHEL-only.patch rename 0027-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch => 0021-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch (74%) rename 0028-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch => 0022-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch (92%) rename 0029-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch => 0023-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch (72%) rename 0030-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch => 0024-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch (92%) rename 0031-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch => 0025-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch (75%) rename 0032-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch => 0026-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch (92%) create mode 100644 0028-Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch create mode 100644 0032-Revert-OvmfPkg-PlatformDxe-Handle-all-requests-in-Ex.patch delete mode 100644 0033-OvmfPkg-QemuVideoDxe-fix-bochs-mode-init.patch create mode 100644 0033-OvmfPkg-SmbiosPlatformDxe-use-PcdFirmware.patch rename edk2-ovmf-sb.json => 30-edk2-ovmf-x64-sb-enrolled.json (100%) rename edk2-ovmf.json => 40-edk2-ovmf-x64-sb.json (100%) rename edk2-aarch64.json => 50-edk2-aarch64.json (100%) rename edk2-ovmf-cc.json => 50-edk2-ovmf-x64-nosb.json (70%) rename edk2-aarch64-verbose.json => 51-edk2-aarch64-verbose.json (100%) rename edk2-ovmf-amdsev.json => 60-edk2-ovmf-x64-amdsev.json (80%) create mode 100644 60-edk2-ovmf-x64-inteltdx.json delete mode 100644 LICENSE.qosb delete mode 100644 README.rst delete mode 100644 RedHatSecureBootPkKek1.pem delete mode 100644 edk2-MdeModulePkg-PiSmmCore-SmmEntryPoint-underflow-CVE-2.patch create mode 100755 edk2-build.py create mode 100644 edk2-build.rhel-9 delete mode 100755 ovmf-vars-generator diff --git a/0002-Remove-submodules.patch b/0002-Remove-submodules.patch index 8441889..58b0121 100644 --- a/0002-Remove-submodules.patch +++ b/0002-Remove-submodules.patch @@ -1,4 +1,4 @@ -From 4ba14da151b0f7c25954c8354f6008b9a8932c31 Mon Sep 17 00:00:00 2001 +From b7053a8abb865ff58bc92cae6e573ae1e805b602 Mon Sep 17 00:00:00 2001 From: Miroslav Rezanina Date: Thu, 24 Mar 2022 03:23:02 -0400 Subject: Remove submodules @@ -41,7 +41,7 @@ remove the include path too. Signed-off-by: Laszlo Ersek (cherry picked from commit e05e0de713c4a2b8adb6ff9809611f222bfe50ed) --- - .gitmodules | 22 ------------------- + .gitmodules | 25 ------------------- .../ArmSoftFloatLib/berkeley-softfloat-3 | 1 - BaseTools/Source/C/BrotliCompress/brotli | 1 - BaseTools/Source/C/GNUmakefile | 1 - @@ -52,7 +52,7 @@ Signed-off-by: Laszlo Ersek .../Universal/RegularExpressionDxe/oniguruma | 1 - RedfishPkg/Library/JsonLib/jansson | 1 - UnitTestFrameworkPkg/Library/CmockaLib/cmocka | 1 - - 11 files changed, 1 insertion(+), 33 deletions(-) + 11 files changed, 1 insertion(+), 36 deletions(-) delete mode 160000 ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3 delete mode 160000 BaseTools/Source/C/BrotliCompress/brotli create mode 100644 CryptoPkg/.gitignore @@ -63,10 +63,10 @@ Signed-off-by: Laszlo Ersek delete mode 160000 UnitTestFrameworkPkg/Library/CmockaLib/cmocka diff --git a/BaseTools/Source/C/GNUmakefile b/BaseTools/Source/C/GNUmakefile -index 8c191e0c38..3eae824a1c 100644 +index 5275f657ef..39d7199753 100644 --- a/BaseTools/Source/C/GNUmakefile +++ b/BaseTools/Source/C/GNUmakefile -@@ -48,7 +48,6 @@ all: makerootdir subdirs +@@ -51,7 +51,6 @@ all: makerootdir subdirs LIBRARIES = Common VFRAUTOGEN = VfrCompile/VfrLexer.h APPLICATIONS = \ @@ -75,7 +75,7 @@ index 8c191e0c38..3eae824a1c 100644 EfiRom \ GenFfs \ diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec -index 7d98910832..6db9eb91f0 100644 +index 58e6ab0048..775f1b27af 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -24,9 +24,6 @@ diff --git a/0004-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch b/0003-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch similarity index 98% rename from 0004-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch rename to 0003-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch index cf233a3..483c63d 100644 --- a/0004-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch +++ b/0003-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch @@ -1,4 +1,4 @@ -From 9edf58de04003f9acb71ef474f5e8aef85c537f0 Mon Sep 17 00:00:00 2001 +From cef6b69ea8f009aeba50b2f4b69889f9500fa585 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Tue, 25 Feb 2014 18:40:35 +0100 Subject: MdeModulePkg: TerminalDxe: add other text resolutions (RHEL only) @@ -168,5 +168,5 @@ index e2d779c783..dfd9c96773 100644 // New modes can be added here. // -- -2.31.1 +2.38.1 diff --git a/0003-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch b/0003-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch deleted file mode 100644 index 48ecb39..0000000 --- a/0003-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch +++ /dev/null @@ -1,82 +0,0 @@ -From 139711793e90c4bc2ce0f68b9d4675404d9d88eb Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Thu, 20 Feb 2014 22:54:45 +0100 -Subject: OvmfPkg: increase max debug message length to 512 (RHEL only) - -Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] -> -RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase: - -- no change - -Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] -> -RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase: - -- no change - -Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] -> -RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase: - -- trivial context difference due to upstream commit 2fe5f2f52918 - ("OvmfPkg/PlatformDebugLibIoPort: Add new APIs", 2019-04-02), resolved - by git-cherry-pick automatically - -Notes about the RHEL-8.0/20180508-ee3198e672e2 -> -RHEL-8.1/20190308-89910a39dcfd rebase: - -- no changes - -Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 -> -RHEL-8.0/20180508-ee3198e672e2 rebase: - -- reorder the rebase changelog in the commit message so that it reads like - a blog: place more recent entries near the top -- no changes to the patch body - -Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase: - -- no changes - -Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase: - -- no changes - -Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase: - -- no changes - -Upstream prefers short debug messages (sometimes even limited to 80 -characters), but any line length under 512 characters is just unsuitable -for effective debugging. (For example, config strings in HII routing, -logged by the platform driver "OvmfPkg/PlatformDxe" on DEBUG_VERBOSE -level, can be several hundred characters long.) 512 is an empirically good -value. - -Signed-off-by: Laszlo Ersek -(cherry picked from commit bfe568d18dba15602604f155982e3b73add63dfb) -(cherry picked from commit 29435a32ec9428720c74c454ce9817662e601fb6) -(cherry picked from commit 58e1d1ebb78bfdaf05f4c6e8abf8d4908dfa038a) -(cherry picked from commit 1df2c822c996ad767f2f45570ab2686458f7604a) -(cherry picked from commit 22c9b4e971c70c69b4adf8eb93133824ccb6426a) -(cherry picked from commit a1260c9122c95bcbef1efc5eebe11902767813c2) -(cherry picked from commit e949bab1268f83f0f5815a96cd1cb9dd3b21bfb5) -(cherry picked from commit a95cff0b9573bf23699551beb4786383f697ff1e) ---- - OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c b/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c -index 4e25f198aa..640627f38b 100644 ---- a/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c -+++ b/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c -@@ -21,7 +21,7 @@ - // - // Define the maximum debug and assert message length that this library supports - // --#define MAX_DEBUG_MESSAGE_LENGTH 0x100 -+#define MAX_DEBUG_MESSAGE_LENGTH 0x200 - - // - // VA_LIST can not initialize to NULL for all compiler, so we use this to --- -2.31.1 - diff --git a/0005-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch b/0004-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch similarity index 97% rename from 0005-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch rename to 0004-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch index 3677bdb..30cd65d 100644 --- a/0005-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch +++ b/0004-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch @@ -1,4 +1,4 @@ -From 63542614fd6063f29ef1367217e6d2e3085bc804 Mon Sep 17 00:00:00 2001 +From dc40fd64b7b3bc9bb53a7d4a95b3e80f8cfe5152 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Tue, 25 Feb 2014 22:40:01 +0100 Subject: MdeModulePkg: TerminalDxe: set xterm resolution on mode change (RH @@ -95,10 +95,10 @@ Signed-off-by: Laszlo Ersek 3 files changed, 36 insertions(+) diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec -index 6db9eb91f0..24c23f194d 100644 +index 775f1b27af..94f3394cef 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec -@@ -2095,6 +2095,10 @@ +@@ -2099,6 +2099,10 @@ # @Prompt The shared bit mask when Intel Tdx is enabled. gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0|UINT64|0x10000025 @@ -185,5 +185,5 @@ index b2a8aeba85..eff6253465 100644 # [Event] # # Relative timer event set by UnicodeToEfiKey(), used to be one 2 seconds input timeout. -- -2.31.1 +2.38.1 diff --git a/0006-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch b/0005-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch similarity index 93% rename from 0006-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch rename to 0005-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch index 0872a97..b56218e 100644 --- a/0006-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch +++ b/0005-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch @@ -1,4 +1,4 @@ -From f502a9b22443e556b489925e39acedd0f0e75746 Mon Sep 17 00:00:00 2001 +From e7d8bbcb71ec3b292a9f3a358ce185a315a41a1c Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 14 Oct 2015 15:59:06 +0200 Subject: OvmfPkg: take PcdResizeXterm from the QEMU command line (RH only) @@ -82,7 +82,7 @@ Signed-off-by: Laszlo Ersek 9 files changed, 21 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 90e8a213ef..20f9f0fd24 100644 +index 8f7cae787e..41ad97b47d 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -475,6 +475,7 @@ @@ -94,10 +94,10 @@ index 90e8a213ef..20f9f0fd24 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|0 diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc -index f0d700f144..bac05b72f2 100644 +index ce277cb239..faab59ae8d 100644 --- a/OvmfPkg/CloudHv/CloudHvX64.dsc +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc -@@ -573,6 +573,7 @@ +@@ -582,6 +582,7 @@ # ($(SMM_REQUIRE) == FALSE) gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0 @@ -106,10 +106,10 @@ index f0d700f144..bac05b72f2 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0 diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc -index 71b1cf8e70..f6945f6598 100644 +index 3458926515..4c4da09b90 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc -@@ -464,6 +464,7 @@ +@@ -474,6 +474,7 @@ # ($(SMM_REQUIRE) == FALSE) gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0 @@ -118,10 +118,10 @@ index 71b1cf8e70..f6945f6598 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|0 diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc -index 52498bbe90..89c3dfce98 100644 +index 994a02d301..1d5ba0e810 100644 --- a/OvmfPkg/Microvm/MicrovmX64.dsc +++ b/OvmfPkg/Microvm/MicrovmX64.dsc -@@ -562,7 +562,7 @@ +@@ -579,7 +579,7 @@ # only set when # ($(SMM_REQUIRE) == FALSE) gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0 @@ -131,10 +131,10 @@ index 52498bbe90..89c3dfce98 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|0 diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 725a01ae9a..22ea7e109c 100644 +index 6f774baf90..e8a074153a 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -584,6 +584,7 @@ +@@ -601,6 +601,7 @@ # ($(SMM_REQUIRE) == FALSE) gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0 @@ -143,10 +143,10 @@ index 725a01ae9a..22ea7e109c 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0 diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index adc813ba2e..3d832080f3 100644 +index c851764dec..0197997793 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -592,6 +592,7 @@ +@@ -609,6 +609,7 @@ # ($(SMM_REQUIRE) == FALSE) gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0 @@ -155,10 +155,10 @@ index adc813ba2e..3d832080f3 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0 diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 6e68f60dc9..16cfa4c362 100644 +index 63c3a47aea..fade13b4e8 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -611,6 +611,7 @@ +@@ -631,6 +631,7 @@ # ($(SMM_REQUIRE) == FALSE) gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0 @@ -167,7 +167,7 @@ index 6e68f60dc9..16cfa4c362 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0 diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c -index 009db67ee6..83d40b8a51 100644 +index b1f8140d60..e5132d95a8 100644 --- a/OvmfPkg/PlatformPei/Platform.c +++ b/OvmfPkg/PlatformPei/Platform.c @@ -41,6 +41,18 @@ @@ -189,7 +189,7 @@ index 009db67ee6..83d40b8a51 100644 EFI_HOB_PLATFORM_INFO mPlatformInfoHob = { 0 }; EFI_PEI_PPI_DESCRIPTOR mPpiBootMode[] = { -@@ -387,6 +399,7 @@ InitializePlatform ( +@@ -376,6 +388,7 @@ InitializePlatform ( MemTypeInfoInitialization (); MemMapInitialization (&mPlatformInfoHob); NoexecDxeInitialization (); @@ -198,7 +198,7 @@ index 009db67ee6..83d40b8a51 100644 InstallClearCacheCallback (); diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf -index 3cd83e6ec3..47adfd0fbb 100644 +index 1fadadeb55..3e28e1596d 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf @@ -99,6 +99,7 @@ @@ -210,5 +210,5 @@ index 3cd83e6ec3..47adfd0fbb 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack -- -2.31.1 +2.38.1 diff --git a/0007-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch b/0006-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch similarity index 96% rename from 0007-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch rename to 0006-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch index 584ef5f..43711cd 100644 --- a/0007-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch +++ b/0006-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch @@ -1,4 +1,4 @@ -From 3efca4ee23f017459e4f2b7add9f462fa2fa9221 Mon Sep 17 00:00:00 2001 +From 9a33267768684fe3034d0c15835a6ee13ad10d7b Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Sun, 26 Jul 2015 08:02:50 +0000 Subject: ArmVirtPkg: take PcdResizeXterm from the QEMU command line (RH only) @@ -95,11 +95,11 @@ Signed-off-by: Laszlo Ersek create mode 100644 ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index 9369a88858..7ed8870474 100644 +index f77443229e..ed66f00030 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -285,6 +285,8 @@ - gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0 +@@ -299,6 +299,8 @@ + gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x0 !endif + gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE @@ -107,7 +107,7 @@ index 9369a88858..7ed8870474 100644 [PcdsDynamicHii] gArmVirtTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gArmVirtVariableGuid|0x0|FALSE|NV,BS -@@ -387,7 +389,10 @@ +@@ -413,7 +415,10 @@ MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleDxe.inf @@ -199,5 +199,5 @@ index 0000000000..a51dbd1670 +[Pcd] + gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm ## SOMETIMES_PRODUCES -- -2.31.1 +2.38.1 diff --git a/0012-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch b/0007-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch similarity index 94% rename from 0012-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch rename to 0007-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch index dc78ae2..a0213f9 100644 --- a/0012-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch +++ b/0007-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch @@ -1,4 +1,4 @@ -From 168001f90be13a917ba52dd2408f66f4f1afac5e Mon Sep 17 00:00:00 2001 +From eb7d7c8bbbb0d3782a1d837c293f21629336d4d5 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Tue, 21 Nov 2017 00:57:45 +0100 Subject: OvmfPkg: enable DEBUG_VERBOSE (RHEL only) @@ -65,7 +65,7 @@ Signed-off-by: Paolo Bonzini 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 20f9f0fd24..7f455c72da 100644 +index 41ad97b47d..53a8938965 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -427,7 +427,7 @@ @@ -78,10 +78,10 @@ index 20f9f0fd24..7f455c72da 100644 !if $(SOURCE_DEBUG_ENABLE) == TRUE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 22ea7e109c..1a88a5350a 100644 +index e8a074153a..7bced89f2a 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -524,7 +524,7 @@ +@@ -541,7 +541,7 @@ # DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may # // significantly impact boot performance # DEBUG_ERROR 0x80000000 // Error @@ -91,31 +91,31 @@ index 22ea7e109c..1a88a5350a 100644 !if $(SOURCE_DEBUG_ENABLE) == TRUE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 3d832080f3..b8beaed894 100644 +index 0197997793..2599facbb7 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -530,7 +530,7 @@ - # DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may - # // significantly impact boot performance - # DEBUG_ERROR 0x80000000 // Error -- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F -+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F - - !if $(SOURCE_DEBUG_ENABLE) == TRUE - gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 -diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 16cfa4c362..414a0155b7 100644 ---- a/OvmfPkg/OvmfPkgX64.dsc -+++ b/OvmfPkg/OvmfPkgX64.dsc @@ -547,7 +547,7 @@ # DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may # // significantly impact boot performance # DEBUG_ERROR 0x80000000 // Error - gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F ++ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F + + !if $(SOURCE_DEBUG_ENABLE) == TRUE + gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 +diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc +index fade13b4e8..7bd445ca36 100644 +--- a/OvmfPkg/OvmfPkgX64.dsc ++++ b/OvmfPkg/OvmfPkgX64.dsc +@@ -567,7 +567,7 @@ + # DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may + # // significantly impact boot performance + # DEBUG_ERROR 0x80000000 // Error +- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F + gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F !if $(SOURCE_DEBUG_ENABLE) == TRUE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 -- -2.31.1 +2.38.1 diff --git a/0008-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch b/0008-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch deleted file mode 100644 index 33a0561..0000000 --- a/0008-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch +++ /dev/null @@ -1,172 +0,0 @@ -From 42e3402720d96331625c0d4eaf20aadc13b42587 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Tue, 4 Nov 2014 23:02:53 +0100 -Subject: OvmfPkg: allow exclusion of the shell from the firmware image (RH - only) - -Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] -> -RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase: - -- No manual / explicit code change is necessary, because the newly - inherited OvmfPkg/AmdSev platform already has its own BUILD_SHELL - build-time macro (feature test flag), with default value FALSE -- from - upstream commit b261a30c900a ("OvmfPkg/AmdSev: add Grub Firmware Volume - Package", 2020-12-14). - -- Contextual differences from new upstream commits 2d8ca4f90eae ("OvmfPkg: - enable HttpDynamicCommand", 2020-10-01) and 5ab6a0e1c8e9 ("OvmfPkg: - introduce VirtioFsDxe", 2020-12-21) have been auto-resolved by - git-cherry-pick. - -- Remove obsolete commit message tags related to downstream patch - management: Message-id, Patchwork-id, O-Subject, Acked-by - (RHBZ#1846481). - -Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] -> -RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase: - -- context difference from upstream commit ec41733cfd10 ("OvmfPkg: add the - 'initrd' dynamic shell command", 2020-03-04) correctly auto-resolved - -Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] -> -RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase: - -- no change - -Notes about the RHEL-8.0/20180508-ee3198e672e2 -> -RHEL-8.1/20190308-89910a39dcfd rebase: - -- update the patch against the following upstream commits: - - 4b888334d234 ("OvmfPkg: Remove EdkShellBinPkg in FDF", 2018-11-19) - - 277a3958d93a ("OvmfPkg: Don't include TftpDynamicCommand in XCODE5 - tool chain", 2018-11-27) - -Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 -> -RHEL-8.0/20180508-ee3198e672e2 rebase: - -- reorder the rebase changelog in the commit message so that it reads like - a blog: place more recent entries near the top -- no changes to the patch body - -Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase: - -- no change - -Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase: - -- no changes - -Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase: - -- no changes - -Bugzilla: 1147592 - -When '-D EXCLUDE_SHELL_FROM_FD' is passed to 'build', exclude the shell -binary from the firmware image. - -Peter Jones advised us that firmware vendors for physical systems disable -the memory-mapped, firmware image-contained UEFI shell in -SecureBoot-enabled builds. The reason being that the memory-mapped shell -can always load, it may have direct access to various hardware in the -system, and it can run UEFI shell scripts (which cannot be signed at all). - -Intended use of the new build option: - -- In-tree builds: don't pass '-D EXCLUDE_SHELL_FROM_FD'. The resultant - firmware image will contain a shell binary, independently of SecureBoot - enablement, which is flexible for interactive development. (Ie. no - change for in-tree builds.) - -- RPM builds: pass both '-D SECURE_BOOT_ENABLE' and - '-D EXCLUDE_SHELL_FROM_FD'. The resultant RPM will provide: - - - OVMF_CODE.fd: SecureBoot-enabled firmware, without builtin UEFI shell, - - - OVMF_VARS.fd: variable store template matching OVMF_CODE.fd, - - - UefiShell.iso: a bootable ISO image with the shell on it as default - boot loader. The shell binary will load when SecureBoot is turned off, - and won't load when SecureBoot is turned on (because it is not - signed). - - UefiShell.iso is the reason we're not excluding the shell from the DSC - files as well, only the FDF files -- when '-D EXCLUDE_SHELL_FROM_FD' - is specified, the shell binary needs to be built the same, only it - will be included in UefiShell.iso. - -Signed-off-by: Laszlo Ersek -(cherry picked from commit 9c391def70366cabae08e6008814299c3372fafd) -(cherry picked from commit d9dd9ee42937b2611fe37183cc9ec7f62d946933) -(cherry picked from commit 23df46ebbe7b09451d3a05034acd4d3a25e7177b) -(cherry picked from commit f0303f71d576c51b01c4ff961b429d0e0e707245) -(cherry picked from commit bbd64eb8658e9a33eab4227d9f4e51ad78d9f687) -(cherry picked from commit 8628ef1b8d675ebec39d83834abbe3c8c8c42cf4) -(cherry picked from commit 229c88dc3ded9baeaca8b87767dc5c41c05afd6e) -(cherry picked from commit c2812d7189dee06c780f05a5880eb421c359a687) ---- - OvmfPkg/OvmfPkgIa32.fdf | 2 ++ - OvmfPkg/OvmfPkgIa32X64.fdf | 2 ++ - OvmfPkg/OvmfPkgX64.fdf | 2 ++ - 3 files changed, 6 insertions(+) - -diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index 57d13b7130..69044874e2 100644 ---- a/OvmfPkg/OvmfPkgIa32.fdf -+++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -298,12 +298,14 @@ INF FatPkg/EnhancedFatDxe/Fat.inf - INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf - INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf - -+!ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" - INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf - INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf - INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf - !endif - INF ShellPkg/Application/Shell/Shell.inf -+!endif - - INF MdeModulePkg/Logo/LogoDxe.inf - -diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index ccde366887..bf535bef42 100644 ---- a/OvmfPkg/OvmfPkgIa32X64.fdf -+++ b/OvmfPkg/OvmfPkgIa32X64.fdf -@@ -299,12 +299,14 @@ INF FatPkg/EnhancedFatDxe/Fat.inf - INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf - INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf - -+!ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" - INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf - INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf - INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf - !endif - INF ShellPkg/Application/Shell/Shell.inf -+!endif - - INF MdeModulePkg/Logo/LogoDxe.inf - -diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index 438806fba8..21e4ce00dd 100644 ---- a/OvmfPkg/OvmfPkgX64.fdf -+++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -324,12 +324,14 @@ INF FatPkg/EnhancedFatDxe/Fat.inf - INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf - INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf - -+!ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" - INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf - INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf - INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf - !endif - INF ShellPkg/Application/Shell/Shell.inf -+!endif - - INF MdeModulePkg/Logo/LogoDxe.inf - --- -2.31.1 - diff --git a/0013-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch b/0008-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch similarity index 94% rename from 0013-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch rename to 0008-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch index a5ea59c..5a7cbe7 100644 --- a/0013-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch +++ b/0008-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch @@ -1,4 +1,4 @@ -From b3e3b02b8905379e1040e8ff0b44b050104295da Mon Sep 17 00:00:00 2001 +From 5ac6b33275b5ae82883f0aa16bcedd53efe1f2e2 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Tue, 21 Nov 2017 00:57:46 +0100 Subject: OvmfPkg: silence DEBUG_VERBOSE (0x00400000) in @@ -82,7 +82,7 @@ Signed-off-by: Paolo Bonzini 4 files changed, 32 insertions(+), 8 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 7f455c72da..81e5ecd8ed 100644 +index 53a8938965..f5133a801f 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -677,8 +677,14 @@ @@ -103,10 +103,10 @@ index 7f455c72da..81e5ecd8ed 100644 # diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 1a88a5350a..be7ccae652 100644 +index 7bced89f2a..1d271a3bdc 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -829,9 +829,15 @@ +@@ -846,9 +846,15 @@ MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf !ifndef $(CSM_ENABLE) @@ -125,10 +125,10 @@ index 1a88a5350a..be7ccae652 100644 # diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index b8beaed894..46daccf883 100644 +index 2599facbb7..240bc43d14 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -843,9 +843,15 @@ +@@ -860,9 +860,15 @@ MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf !ifndef $(CSM_ENABLE) @@ -147,10 +147,10 @@ index b8beaed894..46daccf883 100644 # diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 414a0155b7..271b690ba5 100644 +index 7bd445ca36..7c6faba950 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -908,9 +908,15 @@ +@@ -928,9 +928,15 @@ MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf !ifndef $(CSM_ENABLE) @@ -169,5 +169,5 @@ index 414a0155b7..271b690ba5 100644 # -- -2.31.1 +2.38.1 diff --git a/0009-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch b/0009-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch deleted file mode 100644 index f965585..0000000 --- a/0009-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch +++ /dev/null @@ -1,93 +0,0 @@ -From 2f555d10b34bb1725f645a52b446aeac1a8799fc Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 14 Oct 2015 13:49:43 +0200 -Subject: ArmPlatformPkg: introduce fixed PCD for early hello message (RH only) - -Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] -> -RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase: - -- no change - -Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] -> -RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase: - -- no change - -Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] -> -RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase: - -- no change - -Notes about the RHEL-8.0/20180508-ee3198e672e2 -> -RHEL-8.1/20190308-89910a39dcfd rebase: - -- no change - -Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 -> -RHEL-8.0/20180508-ee3198e672e2 rebase: - -- reorder the rebase changelog in the commit message so that it reads like - a blog: place more recent entries near the top -- no changes to the patch body - -Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase: - -- no changes - -Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase: - -- no changes - -Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase: - -- no changes - -Drew has proposed that ARM|AARCH64 platform firmware (especially virtual -machine firmware) print a reasonably early, simple hello message to the -serial port, regardless of debug mask settings. This should inform -interactive users, and provide some rough help in localizing boot -problems, even with restrictive debug masks. - -If a platform doesn't want this feature, it should stick with the default -empty string. - -RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1270279 -Downstream only: -. - -Suggested-by: Drew Jones -Contributed-under: TianoCore Contribution Agreement 1.0 -Signed-off-by: Laszlo Ersek -(cherry picked from commit 7ce97b06421434c82095f01a1753a8c9c546cc30) -(cherry picked from commit 20b1f1cbd0590aa71c6d99d35e23cf08e0707750) -(cherry picked from commit 6734b88cf7abcaf42632e3d2fc469b2169dd2f16) -(cherry picked from commit ef77da632559e9baa1c69869e4cbea377068ef27) -(cherry picked from commit 58755c51d3252312d80cbcb97928d71199c2f5e1) -(cherry picked from commit c3f07e323e76856f1b42ea7b8c598ba3201c28a2) -(cherry picked from commit 9f756c1ad83cc81f7d892cd036d59a2b567b02dc) -(cherry picked from commit c75aea7a738ac7fb944c0695a4bfffc3985afaa9) ---- - ArmPlatformPkg/ArmPlatformPkg.dec | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/ArmPlatformPkg/ArmPlatformPkg.dec b/ArmPlatformPkg/ArmPlatformPkg.dec -index dd6e78f62a..ac726417cb 100644 ---- a/ArmPlatformPkg/ArmPlatformPkg.dec -+++ b/ArmPlatformPkg/ArmPlatformPkg.dec -@@ -122,6 +122,13 @@ - ## If set, this will swap settings for HDLCD RED_SELECT and BLUE_SELECT registers - gArmPlatformTokenSpaceGuid.PcdArmHdLcdSwapBlueRedSelect|FALSE|BOOLEAN|0x00000045 - -+ # -+ # Early hello message (ASCII string), printed to the serial port. -+ # If set to the empty string, nothing is printed. -+ # Otherwise, a trailing CRLF should be specified explicitly. -+ # -+ gArmPlatformTokenSpaceGuid.PcdEarlyHelloMessage|""|VOID*|0x00000100 -+ - [PcdsFixedAtBuild.common,PcdsDynamic.common] - ## PL031 RealTimeClock - gArmPlatformTokenSpaceGuid.PcdPL031RtcBase|0x0|UINT32|0x00000024 --- -2.31.1 - diff --git a/0014-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch b/0009-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch similarity index 94% rename from 0014-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch rename to 0009-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch index 3c326c2..491e9e0 100644 --- a/0014-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch +++ b/0009-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch @@ -1,4 +1,4 @@ -From 52b4eed6061a6555f27ee5807739be02d072651a Mon Sep 17 00:00:00 2001 +From 0493dde37b4607853470f634e48fa26457edb5b9 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 27 Jan 2016 03:05:18 +0100 Subject: ArmVirtPkg: silence DEBUG_VERBOSE (0x00400000) in QemuRamfbDxe (RH @@ -61,10 +61,10 @@ Signed-off-by: Laszlo Ersek 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index ea6731f42d..520992a143 100644 +index ed66f00030..a3d744931a 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -512,7 +512,10 @@ +@@ -537,7 +537,10 @@ # # Video support # @@ -77,7 +77,7 @@ index ea6731f42d..520992a143 100644 OvmfPkg/PlatformDxe/Platform.inf diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc -index 7f7d15d6ee..14f7b29991 100644 +index f5db3ac432..ff3e6c5974 100644 --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc @@ -440,7 +440,10 @@ @@ -93,5 +93,5 @@ index 7f7d15d6ee..14f7b29991 100644 OvmfPkg/PlatformDxe/Platform.inf -- -2.31.1 +2.38.1 diff --git a/0010-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch b/0010-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch deleted file mode 100644 index d0a07e1..0000000 --- a/0010-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch +++ /dev/null @@ -1,145 +0,0 @@ -From 16098fd39af8ced21aef27070e44839636a83a99 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 14 Oct 2015 13:59:20 +0200 -Subject: ArmPlatformPkg: PrePeiCore: write early hello message to the serial - port (RH) - -Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] -> -RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase: - -- no change - -Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] -> -RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase: - -- no change - -Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] -> -RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase: - -- no change - -Notes about the RHEL-8.0/20180508-ee3198e672e2 -> -RHEL-8.1/20190308-89910a39dcfd rebase: - -- no change - -Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 -> -RHEL-8.0/20180508-ee3198e672e2 rebase: - -- reorder the rebase changelog in the commit message so that it reads like - a blog: place more recent entries near the top -- no changes to the patch body - -Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase: - -- adapt to upstream commit 7e2a8dfe8a9a ("ArmPlatformPkg/PrePeiCore: seed - temporary stack before entering PEI core", 2017-11-09) -- conflict - resolution in "ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf" - -Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase: - -- no changes - -Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase: - -- no changes - -The FixedPcdGetSize() macro expands to an integer constant, therefore an -optimizing compiler can eliminate the new code, if the platform DSC -doesn't override the empty string (size=1) default of -PcdEarlyHelloMessage. - -RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1270279 -Downstream only: -. - -Contributed-under: TianoCore Contribution Agreement 1.0 -Signed-off-by: Laszlo Ersek -(cherry picked from commit b16c4c505ce0e27305235533eac9236aa66f132e) -(cherry picked from commit 742e5bf6d5ce5a1e73879d6e5c0dd00feda7a9ac) -(cherry picked from commit 93d69eb9393cf05af90676253875c59c1bec67fd) -(cherry picked from commit 638594083b191f84f5d9333eb6147a31570f5a5a) -(cherry picked from commit f4b7aae411d88b2b83f85d20ef06a4032a57e7de) -(cherry picked from commit bb71490fdda3b38fa9f071d281b863f9b64363bf) -(cherry picked from commit 8d5a8827aabc67cb2a046697e1a750ca8d9cc453) -(cherry picked from commit 49fe5596cd79c94d903c4d506c563d642ccd69aa) ---- - ArmPlatformPkg/PrePeiCore/MainMPCore.c | 5 +++++ - ArmPlatformPkg/PrePeiCore/MainUniCore.c | 5 +++++ - ArmPlatformPkg/PrePeiCore/PrePeiCore.h | 1 + - ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf | 2 ++ - ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf | 2 ++ - 5 files changed, 15 insertions(+) - -diff --git a/ArmPlatformPkg/PrePeiCore/MainMPCore.c b/ArmPlatformPkg/PrePeiCore/MainMPCore.c -index b5d0d3a644..5126a6dfb0 100644 ---- a/ArmPlatformPkg/PrePeiCore/MainMPCore.c -+++ b/ArmPlatformPkg/PrePeiCore/MainMPCore.c -@@ -116,6 +116,11 @@ PrimaryMain ( - UINTN TemporaryRamBase; - UINTN TemporaryRamSize; - -+ if (FixedPcdGetSize (PcdEarlyHelloMessage) > 1) { -+ SerialPortWrite (FixedPcdGetPtr (PcdEarlyHelloMessage), -+ FixedPcdGetSize (PcdEarlyHelloMessage) - 1); -+ } -+ - CreatePpiList (&PpiListSize, &PpiList); - - // Enable the GIC Distributor -diff --git a/ArmPlatformPkg/PrePeiCore/MainUniCore.c b/ArmPlatformPkg/PrePeiCore/MainUniCore.c -index 1c2580eb92..2a7580dbb4 100644 ---- a/ArmPlatformPkg/PrePeiCore/MainUniCore.c -+++ b/ArmPlatformPkg/PrePeiCore/MainUniCore.c -@@ -29,6 +29,11 @@ PrimaryMain ( - UINTN TemporaryRamBase; - UINTN TemporaryRamSize; - -+ if (FixedPcdGetSize (PcdEarlyHelloMessage) > 1) { -+ SerialPortWrite (FixedPcdGetPtr (PcdEarlyHelloMessage), -+ FixedPcdGetSize (PcdEarlyHelloMessage) - 1); -+ } -+ - CreatePpiList (&PpiListSize, &PpiList); - - // Adjust the Temporary Ram as the new Ppi List (Common + Platform Ppi Lists) is created at -diff --git a/ArmPlatformPkg/PrePeiCore/PrePeiCore.h b/ArmPlatformPkg/PrePeiCore/PrePeiCore.h -index 0345dd7bdd..ae8302becd 100644 ---- a/ArmPlatformPkg/PrePeiCore/PrePeiCore.h -+++ b/ArmPlatformPkg/PrePeiCore/PrePeiCore.h -@@ -16,6 +16,7 @@ - #include - #include - #include -+#include - - #include - #include -diff --git a/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf b/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf -index a5b4722459..ea7b220bc8 100644 ---- a/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf -+++ b/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf -@@ -66,6 +66,8 @@ - gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize - gArmPlatformTokenSpaceGuid.PcdCPUCoreSecondaryStackSize - -+ gArmPlatformTokenSpaceGuid.PcdEarlyHelloMessage -+ - gArmTokenSpaceGuid.PcdGicDistributorBase - gArmTokenSpaceGuid.PcdGicInterruptInterfaceBase - gArmTokenSpaceGuid.PcdGicSgiIntId -diff --git a/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf b/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf -index 466a2b01c3..29fb8737cb 100644 ---- a/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf -+++ b/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf -@@ -64,4 +64,6 @@ - gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize - gArmPlatformTokenSpaceGuid.PcdCPUCoreSecondaryStackSize - -+ gArmPlatformTokenSpaceGuid.PcdEarlyHelloMessage -+ - gEfiMdeModulePkgTokenSpaceGuid.PcdInitValueInTempStack --- -2.31.1 - diff --git a/0015-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch b/0010-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch similarity index 97% rename from 0015-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch rename to 0010-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch index 3d84124..08e66ec 100644 --- a/0015-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch +++ b/0010-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch @@ -1,4 +1,4 @@ -From b97253c644c9661aaeb4fe090520e5262710b4dc Mon Sep 17 00:00:00 2001 +From 8188ba632ad933a4fe734d3dd715d67dfd12a57f Mon Sep 17 00:00:00 2001 From: Philippe Mathieu-Daude Date: Thu, 1 Aug 2019 20:43:48 +0200 Subject: OvmfPkg: QemuRamfbDxe: Do not report DXE failure on Aarch64 silent @@ -91,5 +91,5 @@ index e3890b8c20..6ffee5acb2 100644 FrameBufferBltLib MemoryAllocationLib -- -2.31.1 +2.38.1 diff --git a/0011-ArmVirtPkg-set-early-hello-message-RH-only.patch b/0011-ArmVirtPkg-set-early-hello-message-RH-only.patch deleted file mode 100644 index 52d39f5..0000000 --- a/0011-ArmVirtPkg-set-early-hello-message-RH-only.patch +++ /dev/null @@ -1,82 +0,0 @@ -From afade8eb1b04d50babe365ec9fc94938533d2818 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 14 Oct 2015 14:07:17 +0200 -Subject: ArmVirtPkg: set early hello message (RH only) - -Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] -> -RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase: - -- no change - -Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] -> -RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase: - -- context difference from upstream commit f5cb3767038e - ("ArmVirtPkg/ArmVirtQemu: add ResetSystem PEIM for upcoming TPM2 - support", 2020-03-04) automatically resolved correctly - -Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] -> -RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase: - -- no change - -Notes about the RHEL-8.0/20180508-ee3198e672e2 -> -RHEL-8.1/20190308-89910a39dcfd rebase: - -- resolve context conflict with upstream commit eaa1e98ae31d ("ArmVirtPkg: - don't set PcdCoreCount", 2019-02-13) - -Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 -> -RHEL-8.0/20180508-ee3198e672e2 rebase: - -- reorder the rebase changelog in the commit message so that it reads like - a blog: place more recent entries near the top -- no changes to the patch body - -Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase: - -- no changes - -Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase: - -- no changes - -Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase: - -- no changes - -Print a friendly banner on QEMU, regardless of debug mask settings. - -RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1270279 -Downstream only: -. - -Contributed-under: TianoCore Contribution Agreement 1.0 -Signed-off-by: Laszlo Ersek -(cherry picked from commit 5d4a15b9019728b2d96322bc679099da49916925) -(cherry picked from commit 179df76dbb0d199bd905236e98775b4059c6502a) -(cherry picked from commit ce3f59d0710c24c162d5222bbf5cd7e36180c80c) -(cherry picked from commit c201a8e6ae28d75f7ba581828b533c3b26fa7f18) -(cherry picked from commit 2d4db6ec70e004cd9ac147615d17033bee5d3b18) -(cherry picked from commit fb2032bbea7e02c426855cf86a323556d493fd8a) -(cherry picked from commit ba73b99d5cb38f87c1a8f0936d515eaaefa3f04b) -(cherry picked from commit 72550e12ae469012a505bf5b98a6543a754028d3) ---- - ArmVirtPkg/ArmVirtQemu.dsc | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index 7ed8870474..ea6731f42d 100644 ---- a/ArmVirtPkg/ArmVirtQemu.dsc -+++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -135,6 +135,7 @@ - gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE) - - [PcdsFixedAtBuild.common] -+ gArmPlatformTokenSpaceGuid.PcdEarlyHelloMessage|"UEFI firmware starting.\r\n" - !if $(ARCH) == AARCH64 - gArmTokenSpaceGuid.PcdVFPEnabled|1 - !endif --- -2.31.1 - diff --git a/0016-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch b/0011-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch similarity index 94% rename from 0016-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch rename to 0011-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch index eb20a55..d32b442 100644 --- a/0016-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch +++ b/0011-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch @@ -1,4 +1,4 @@ -From e46fd59f4da27438fc7d480cf1062c8f98f2d8fb Mon Sep 17 00:00:00 2001 +From 6e9df01fd85cfbbb7c27f2a8d31c2ec214649452 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Tue, 21 Nov 2017 00:57:47 +0100 Subject: OvmfPkg: silence EFI_D_VERBOSE (0x00400000) in NvmExpressDxe (RH @@ -63,7 +63,7 @@ Signed-off-by: Paolo Bonzini 4 files changed, 16 insertions(+), 4 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 81e5ecd8ed..b608ab62db 100644 +index f5133a801f..05908a7227 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -671,7 +671,10 @@ @@ -79,10 +79,10 @@ index 81e5ecd8ed..b608ab62db 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index be7ccae652..1cab3615a9 100644 +index 1d271a3bdc..9c0fb7d545 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -822,7 +822,10 @@ +@@ -839,7 +839,10 @@ OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -95,10 +95,10 @@ index be7ccae652..1cab3615a9 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 46daccf883..f51dd08f56 100644 +index 240bc43d14..8b93437044 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -836,7 +836,10 @@ +@@ -853,7 +853,10 @@ OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -111,10 +111,10 @@ index 46daccf883..f51dd08f56 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 271b690ba5..684a3d2a15 100644 +index 7c6faba950..8c9162db17 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -901,7 +901,10 @@ +@@ -921,7 +921,10 @@ OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -127,5 +127,5 @@ index 271b690ba5..684a3d2a15 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf -- -2.31.1 +2.38.1 diff --git a/0017-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch b/0012-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch similarity index 97% rename from 0017-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch rename to 0012-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch index 1f1d64d..a7df5e4 100644 --- a/0017-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch +++ b/0012-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch @@ -1,4 +1,4 @@ -From 0632b41c79dbb8fe4a518d8b57183123b234edb4 Mon Sep 17 00:00:00 2001 +From 87d4b94d2ea1896dec43a6e70feeae1aef7a4ce2 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Sat, 16 Nov 2019 17:11:27 +0100 Subject: CryptoPkg/OpensslLib: list RHEL8-specific OpenSSL files in the INFs @@ -131,10 +131,10 @@ Signed-off-by: Laszlo Ersek 2 files changed, 22 insertions(+) diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf -index c899b811b1..4a89dc82b6 100644 +index 60c6c24b0a..e446b51e66 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf -@@ -620,6 +620,17 @@ +@@ -575,6 +575,17 @@ $(OPENSSL_PATH)/ssl/statem/statem.h $(OPENSSL_PATH)/ssl/statem/statem_local.h # Autogenerated files list ends here @@ -153,10 +153,10 @@ index c899b811b1..4a89dc82b6 100644 ossl_store.c rand_pool.c diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -index 0ec3724541..f1cc0aaf9f 100644 +index c4eaea888c..c207dc8f4c 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -@@ -569,6 +569,17 @@ +@@ -525,6 +525,17 @@ $(OPENSSL_PATH)/crypto/x509v3/standard_exts.h $(OPENSSL_PATH)/crypto/x509v3/v3_admis.h # Autogenerated files list ends here @@ -175,5 +175,5 @@ index 0ec3724541..f1cc0aaf9f 100644 ossl_store.c rand_pool.c -- -2.31.1 +2.38.1 diff --git a/0018-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch b/0013-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch similarity index 96% rename from 0018-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch rename to 0013-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch index 6d4f832..a2fbf52 100644 --- a/0018-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch +++ b/0013-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch @@ -1,4 +1,4 @@ -From ade9b563275f1e7ea9e967ae6d4d7b430363dda7 Mon Sep 17 00:00:00 2001 +From 3a69bf86e6b4a1de6385e0ce9146dc8a0e13e22f Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 24 Jun 2020 11:31:36 +0200 Subject: OvmfPkg/QemuKernelLoaderFsDxe: suppress error on no "-kernel" in @@ -79,5 +79,5 @@ index 7b35adb8e0..e0331c6e2c 100644 MemoryAllocationLib QemuFwCfgLib -- -2.31.1 +2.38.1 diff --git a/0019-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch b/0014-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch similarity index 96% rename from 0019-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch rename to 0014-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch index d39269b..42373bf 100644 --- a/0019-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch +++ b/0014-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch @@ -1,4 +1,4 @@ -From fb86c3189e52d111bd1efa241f387d6205bd8a1c Mon Sep 17 00:00:00 2001 +From 37930c8079ea630535f82068b678c7ab2f9981a5 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 24 Jun 2020 11:40:09 +0200 Subject: SecurityPkg/Tcg2Dxe: suppress error on no swtpm in silent aa64 build @@ -78,5 +78,5 @@ index 7dc7a2683d..3bc8833931 100644 PrintLib UefiLib -- -2.31.1 +2.38.1 diff --git a/0020-OvmfPkg-Remove-EbcDxe-RHEL-only.patch b/0015-OvmfPkg-Remove-EbcDxe-RHEL-only.patch similarity index 90% rename from 0020-OvmfPkg-Remove-EbcDxe-RHEL-only.patch rename to 0015-OvmfPkg-Remove-EbcDxe-RHEL-only.patch index 7e34471..f4250be 100644 --- a/0020-OvmfPkg-Remove-EbcDxe-RHEL-only.patch +++ b/0015-OvmfPkg-Remove-EbcDxe-RHEL-only.patch @@ -1,4 +1,4 @@ -From c4b2acfe3e76876872bb859ddf4d0b1b19a232f0 Mon Sep 17 00:00:00 2001 +From a53408a224cef3260b12c969c9f8797b85b12f94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:28:49 +0200 Subject: OvmfPkg: Remove EbcDxe (RHEL only) @@ -29,7 +29,7 @@ Signed-off-by: Miroslav Rezanina 8 files changed, 8 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index b608ab62db..65c90882ad 100644 +index 05908a7227..8131d2fae1 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -599,7 +599,6 @@ @@ -53,10 +53,10 @@ index 4658e1d30e..67b9cdf941 100644 INF UefiCpuPkg/CpuDxe/CpuDxe.inf INF OvmfPkg/LocalApicTimerDxe/LocalApicTimerDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 1cab3615a9..788d935350 100644 +index 9c0fb7d545..8e29e62ea9 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -733,7 +733,6 @@ +@@ -750,7 +750,6 @@ !include OvmfPkg/OvmfTpmSecurityStub.dsc.inc } @@ -65,7 +65,7 @@ index 1cab3615a9..788d935350 100644 UefiCpuPkg/CpuDxe/CpuDxe.inf !ifdef $(CSM_ENABLE) diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index 69044874e2..209a82f922 100644 +index 7023ade8ce..159995952e 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -216,7 +216,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf @@ -77,10 +77,10 @@ index 69044874e2..209a82f922 100644 INF UefiCpuPkg/CpuDxe/CpuDxe.inf !ifdef $(CSM_ENABLE) diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index f51dd08f56..4c1e975920 100644 +index 8b93437044..c79514e86f 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -747,7 +747,6 @@ +@@ -764,7 +764,6 @@ !include OvmfPkg/OvmfTpmSecurityStub.dsc.inc } @@ -89,7 +89,7 @@ index f51dd08f56..4c1e975920 100644 UefiCpuPkg/CpuDxe/CpuDxe.inf !ifdef $(CSM_ENABLE) diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index bf535bef42..70eb60b370 100644 +index 80de4fa2c0..334de16a12 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -217,7 +217,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf @@ -101,10 +101,10 @@ index bf535bef42..70eb60b370 100644 INF UefiCpuPkg/CpuDxe/CpuDxe.inf !ifdef $(CSM_ENABLE) diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 684a3d2a15..f2ddf86601 100644 +index 8c9162db17..1daa7e6fe4 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -789,7 +789,6 @@ +@@ -809,7 +809,6 @@ !endif } @@ -113,7 +113,7 @@ index 684a3d2a15..f2ddf86601 100644 UefiCpuPkg/CpuDxe/CpuDxe.inf { diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index 21e4ce00dd..f0bb39f398 100644 +index c0f5a1ef3c..dec53ecdbd 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -239,7 +239,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf @@ -125,5 +125,5 @@ index 21e4ce00dd..f0bb39f398 100644 INF UefiCpuPkg/CpuDxe/CpuDxe.inf -- -2.31.1 +2.38.1 diff --git a/0022-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch b/0016-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch similarity index 89% rename from 0022-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch rename to 0016-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch index cf80ed0..3ba1aed 100644 --- a/0022-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch +++ b/0016-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch @@ -1,4 +1,4 @@ -From 86b35d66996bdcd730bb8b1268f76490b7e79737 Mon Sep 17 00:00:00 2001 +From 8c0d639c7ab33c6b31af3c3ddbf0b3086f2f99a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:28:59 +0200 Subject: OvmfPkg: Remove VirtioGpu device driver (RHEL only) @@ -29,7 +29,7 @@ Signed-off-by: Miroslav Rezanina 8 files changed, 8 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 65c90882ad..3198e64a68 100644 +index 8131d2fae1..5f70b3a12f 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -687,7 +687,6 @@ @@ -53,10 +53,10 @@ index 67b9cdf941..7b877446e4 100644 INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 788d935350..31601523d5 100644 +index 8e29e62ea9..49877b613b 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -840,7 +840,6 @@ +@@ -857,7 +857,6 @@ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F } @@ -65,7 +65,7 @@ index 788d935350..31601523d5 100644 # # ISA Support diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index 209a82f922..1e7868ebab 100644 +index 159995952e..306950bd87 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -333,7 +333,6 @@ INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf @@ -77,10 +77,10 @@ index 209a82f922..1e7868ebab 100644 INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 4c1e975920..eb8ce1f843 100644 +index c79514e86f..d6a2300c7a 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -854,7 +854,6 @@ +@@ -871,7 +871,6 @@ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F } @@ -89,7 +89,7 @@ index 4c1e975920..eb8ce1f843 100644 # # ISA Support diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index 70eb60b370..a2f78fb182 100644 +index 334de16a12..88ea4c6b65 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -339,7 +339,6 @@ INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf @@ -101,10 +101,10 @@ index 70eb60b370..a2f78fb182 100644 INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index f2ddf86601..af7589e9d9 100644 +index 1daa7e6fe4..2bc5ae576b 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -919,7 +919,6 @@ +@@ -939,7 +939,6 @@ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F } @@ -113,7 +113,7 @@ index f2ddf86601..af7589e9d9 100644 # # ISA Support diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index f0bb39f398..1495565c05 100644 +index dec53ecdbd..608ebdd4d2 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -366,7 +366,6 @@ INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf @@ -125,5 +125,5 @@ index f0bb39f398..1495565c05 100644 INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf -- -2.31.1 +2.38.1 diff --git a/0023-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch b/0017-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch similarity index 81% rename from 0023-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch rename to 0017-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch index e1eaab4..4a8e954 100644 --- a/0023-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch +++ b/0017-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch @@ -1,4 +1,4 @@ -From 844ad8757189bf0b91a5feecc5a17157e843ecce Mon Sep 17 00:00:00 2001 +From 1ba8ead93467fad1f2583c1650f28ca039da8405 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:13 +0200 Subject: OvmfPkg: Remove VirtioFsDxe filesystem driver (RHEL only) @@ -27,10 +27,10 @@ Signed-off-by: Miroslav Rezanina 6 files changed, 6 deletions(-) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 31601523d5..e624e75cb0 100644 +index 49877b613b..7550113f51 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -815,7 +815,6 @@ +@@ -832,7 +832,6 @@ MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf @@ -39,7 +39,7 @@ index 31601523d5..e624e75cb0 100644 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf OvmfPkg/SataControllerDxe/SataControllerDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index 1e7868ebab..45b624d450 100644 +index 306950bd87..3efa27bbac 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -295,7 +295,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour @@ -48,13 +48,13 @@ index 1e7868ebab..45b624d450 100644 INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf -INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" + INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index eb8ce1f843..3e7bf8fc64 100644 +index d6a2300c7a..2ef1368945 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -829,7 +829,6 @@ +@@ -846,7 +846,6 @@ MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf @@ -63,7 +63,7 @@ index eb8ce1f843..3e7bf8fc64 100644 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf OvmfPkg/SataControllerDxe/SataControllerDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index a2f78fb182..449e40dfdd 100644 +index 88ea4c6b65..5b73560782 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -296,7 +296,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour @@ -72,13 +72,13 @@ index a2f78fb182..449e40dfdd 100644 INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf -INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" + INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index af7589e9d9..1cd6ab8f4f 100644 +index 2bc5ae576b..c336aca5a6 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -894,7 +894,6 @@ +@@ -914,7 +914,6 @@ MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf @@ -87,7 +87,7 @@ index af7589e9d9..1cd6ab8f4f 100644 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf OvmfPkg/SataControllerDxe/SataControllerDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index 1495565c05..78e7328841 100644 +index 608ebdd4d2..ad98806b32 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -321,7 +321,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour @@ -96,8 +96,8 @@ index 1495565c05..78e7328841 100644 INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf -INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" + INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf -- -2.31.1 +2.38.1 diff --git a/0024-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch b/0018-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch similarity index 90% rename from 0024-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch rename to 0018-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch index 90b040d..7e53081 100644 --- a/0024-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch +++ b/0018-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch @@ -1,4 +1,4 @@ -From 594fe1cf7a220e40e5c3776409652ce14592dd36 Mon Sep 17 00:00:00 2001 +From 0a0c4645939b55e67817bc2c2880b1de69537279 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:16 +0200 Subject: ArmVirtPkg: Remove VirtioFsDxe filesystem driver (RHEL only) @@ -24,10 +24,10 @@ Signed-off-by: Miroslav Rezanina 3 files changed, 3 deletions(-) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index 520992a143..d40c66a68a 100644 +index a3d744931a..998d19165f 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -430,7 +430,6 @@ +@@ -455,7 +455,6 @@ MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf @@ -36,7 +36,7 @@ index 520992a143..d40c66a68a 100644 # # Bds diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index 7872861330..ddd014ac34 100644 +index e06ca74244..33797ebb95 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc @@ -84,7 +84,6 @@ READ_LOCK_STATUS = TRUE @@ -48,7 +48,7 @@ index 7872861330..ddd014ac34 100644 # # Status Code Routing diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc -index 14f7b29991..65cc8a9aac 100644 +index ff3e6c5974..2c01efc660 100644 --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc @@ -358,7 +358,6 @@ @@ -60,5 +60,5 @@ index 14f7b29991..65cc8a9aac 100644 # # Bds -- -2.31.1 +2.38.1 diff --git a/0025-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch b/0019-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch similarity index 85% rename from 0025-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch rename to 0019-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch index 2a6f3e1..ad47629 100644 --- a/0025-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch +++ b/0019-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch @@ -1,4 +1,4 @@ -From e776d93c73f9e3fdd1935e0e35db64197412b07c Mon Sep 17 00:00:00 2001 +From 08cad303158596a4c817765bb56e7b9f38138570 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:19 +0200 Subject: OvmfPkg: Remove UdfDxe filesystem driver (RHEL only) @@ -29,7 +29,7 @@ Signed-off-by: Miroslav Rezanina 8 files changed, 8 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 3198e64a68..25548a354f 100644 +index 5f70b3a12f..b3fa4941c5 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -664,7 +664,6 @@ @@ -53,10 +53,10 @@ index 7b877446e4..1b743cc93f 100644 !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index e624e75cb0..1546fc1284 100644 +index 7550113f51..e6a35ba448 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -814,7 +814,6 @@ +@@ -831,7 +831,6 @@ MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf @@ -65,7 +65,7 @@ index e624e75cb0..1546fc1284 100644 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf OvmfPkg/SataControllerDxe/SataControllerDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index 45b624d450..b56c749e39 100644 +index 3efa27bbac..1a1b79a157 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -294,7 +294,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf @@ -74,13 +74,13 @@ index 45b624d450..b56c749e39 100644 INF FatPkg/EnhancedFatDxe/Fat.inf -INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" + INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 3e7bf8fc64..1a5f0663b4 100644 +index 2ef1368945..17da49369e 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -828,7 +828,6 @@ +@@ -845,7 +845,6 @@ MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf @@ -89,7 +89,7 @@ index 3e7bf8fc64..1a5f0663b4 100644 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf OvmfPkg/SataControllerDxe/SataControllerDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index 449e40dfdd..1b0685bca5 100644 +index 5b73560782..f00a5f729e 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -295,7 +295,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf @@ -98,13 +98,13 @@ index 449e40dfdd..1b0685bca5 100644 INF FatPkg/EnhancedFatDxe/Fat.inf -INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" + INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 1cd6ab8f4f..4e77e54085 100644 +index c336aca5a6..721519a8e0 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -893,7 +893,6 @@ +@@ -913,7 +913,6 @@ MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf @@ -113,7 +113,7 @@ index 1cd6ab8f4f..4e77e54085 100644 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf OvmfPkg/SataControllerDxe/SataControllerDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index 78e7328841..5dc09a14fd 100644 +index ad98806b32..4967e984c1 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -320,7 +320,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf @@ -122,8 +122,8 @@ index 78e7328841..5dc09a14fd 100644 INF FatPkg/EnhancedFatDxe/Fat.inf -INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" + INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf -- -2.31.1 +2.38.1 diff --git a/0026-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch b/0020-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch similarity index 90% rename from 0026-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch rename to 0020-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch index 436fe94..2d33d67 100644 --- a/0026-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch +++ b/0020-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch @@ -1,4 +1,4 @@ -From 26687fbbe43c8c6836dcc13d49a576320c71f0c4 Mon Sep 17 00:00:00 2001 +From 4ba0cc5f6710f7b691583997b3b6fd73b92859f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:22 +0200 Subject: ArmVirtPkg: Remove UdfDxe filesystem driver (RHEL only) @@ -24,10 +24,10 @@ Signed-off-by: Miroslav Rezanina 3 files changed, 3 deletions(-) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index d40c66a68a..062f91068c 100644 +index 998d19165f..a4bd72e481 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -429,7 +429,6 @@ +@@ -454,7 +454,6 @@ MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf @@ -36,7 +36,7 @@ index d40c66a68a..062f91068c 100644 # # Bds diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index ddd014ac34..6065f4759c 100644 +index 33797ebb95..394253fc23 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc @@ -83,7 +83,6 @@ READ_LOCK_STATUS = TRUE @@ -48,7 +48,7 @@ index ddd014ac34..6065f4759c 100644 # # Status Code Routing diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc -index 65cc8a9aac..868e6e1e24 100644 +index 2c01efc660..7f85b0dc92 100644 --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc @@ -357,7 +357,6 @@ @@ -60,5 +60,5 @@ index 65cc8a9aac..868e6e1e24 100644 # # Bds -- -2.31.1 +2.38.1 diff --git a/0021-ArmVirtPkg-Remove-EbcDxe-RHEL-only.patch b/0021-ArmVirtPkg-Remove-EbcDxe-RHEL-only.patch deleted file mode 100644 index 80fa079..0000000 --- a/0021-ArmVirtPkg-Remove-EbcDxe-RHEL-only.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 50bb0d7b9b1f973feb02d895c30db5ae5ced59ea Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= -Date: Thu, 1 Jul 2021 20:28:54 +0200 -Subject: ArmVirtPkg: Remove EbcDxe (RHEL only) -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -RH-Author: Philippe Mathieu-Daudé -RH-MergeRequest: 3: Disable features for RHEL9 -RH-Commit: [3/19] 5ca7af1a505c16cc568a444398254aca06ca65aa -RH-Bugzilla: 1967747 -RH-Acked-by: Laszlo Ersek - -Remove EFI Byte Code interpreter. - -Suggested-by: Laszlo Ersek -Signed-off-by: Philippe Mathieu-Daudé -Signed-off-by: Miroslav Rezanina ---- - ArmVirtPkg/ArmVirt.dsc.inc | 5 ----- - ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 5 ----- - 2 files changed, 10 deletions(-) - -diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc -index c39e2506a3..34575585ad 100644 ---- a/ArmVirtPkg/ArmVirt.dsc.inc -+++ b/ArmVirtPkg/ArmVirt.dsc.inc -@@ -422,8 +422,3 @@ - - NULL|EmbeddedPkg/Library/PlatformHasAcpiLib/PlatformHasAcpiLib.inf - } -- -- # -- # EBC support -- # -- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf -diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index d4df6dede0..7872861330 100644 ---- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -@@ -146,11 +146,6 @@ READ_LOCK_STATUS = TRUE - INF MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf - INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf - INF OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf -- -- # -- # EBC support -- # -- INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf - !endif - - # --- -2.31.1 - diff --git a/0027-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch b/0021-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch similarity index 74% rename from 0027-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch rename to 0021-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch index fd8981f..8a2885c 100644 --- a/0027-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch +++ b/0021-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch @@ -1,4 +1,4 @@ -From 4b85a8d082e58f90ab3418125f82b63ee801150c Mon Sep 17 00:00:00 2001 +From dc4ea27a1f1ceca98eb9cfce086ae03e553cd78d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:25 +0200 Subject: OvmfPkg: Remove TftpDynamicCommand from shell (RHEL only) @@ -27,13 +27,13 @@ Signed-off-by: Miroslav Rezanina 6 files changed, 15 deletions(-) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 1546fc1284..3147b1a757 100644 +index e6a35ba448..b00ef51f2d 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -902,10 +902,6 @@ +@@ -909,10 +909,6 @@ !endif - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE - ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf { - - gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE @@ -42,25 +42,25 @@ index 1546fc1284..3147b1a757 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index b56c749e39..8599834ac4 100644 +index 1a1b79a157..e4e68e2122 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -297,7 +297,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -296,7 +296,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour + INF FatPkg/EnhancedFatDxe/Fat.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" -INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf !endif diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 1a5f0663b4..daf8a02b63 100644 +index 17da49369e..d129a79e33 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -916,10 +916,6 @@ +@@ -923,10 +923,6 @@ !endif - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE - ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf { - - gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE @@ -69,25 +69,25 @@ index 1a5f0663b4..daf8a02b63 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index 1b0685bca5..aab5e2934a 100644 +index f00a5f729e..ef831accf1 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf -@@ -298,7 +298,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -297,7 +297,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour + INF FatPkg/EnhancedFatDxe/Fat.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" -INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf !endif diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 4e77e54085..fcdc141304 100644 +index 721519a8e0..5b40364c47 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -981,10 +981,6 @@ +@@ -991,10 +991,6 @@ !endif - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE - ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf { - - gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE @@ -96,17 +96,17 @@ index 4e77e54085..fcdc141304 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index 5dc09a14fd..b02e35fed3 100644 +index 4967e984c1..aeae1650cd 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -323,7 +323,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -322,7 +322,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour + INF FatPkg/EnhancedFatDxe/Fat.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" -INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf !endif -- -2.31.1 +2.38.1 diff --git a/0028-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch b/0022-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch similarity index 92% rename from 0028-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch rename to 0022-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch index 5559745..36d205f 100644 --- a/0028-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch +++ b/0022-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch @@ -1,4 +1,4 @@ -From ae4a132498570b035b8f7bfba3f3a599a6a0b2b5 Mon Sep 17 00:00:00 2001 +From a4c198675df3c47c6a7fb62af1065b9a8f9b683a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:28 +0200 Subject: ArmVirtPkg: Remove TftpDynamicCommand from shell (RHEL only) @@ -23,7 +23,7 @@ Signed-off-by: Miroslav Rezanina 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc -index 34575585ad..090c228c5a 100644 +index 462073517a..39a569e07e 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -376,10 +376,9 @@ @@ -41,7 +41,7 @@ index 34575585ad..090c228c5a 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index 6065f4759c..ec5f4c95b1 100644 +index 394253fc23..5ef9f89464 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc @@ -98,7 +98,6 @@ READ_LOCK_STATUS = TRUE @@ -53,5 +53,5 @@ index 6065f4759c..ec5f4c95b1 100644 INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf -- -2.31.1 +2.38.1 diff --git a/0029-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch b/0023-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch similarity index 72% rename from 0029-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch rename to 0023-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch index 4565a73..e265fe8 100644 --- a/0029-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch +++ b/0023-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch @@ -1,4 +1,4 @@ -From 70b9f709ff722cbfd220a0fad76d7de6943f5547 Mon Sep 17 00:00:00 2001 +From e99047a0422578ad3572ea12dc7edffd24baf3f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:31 +0200 Subject: OvmfPkg: Remove HttpDynamicCommand from shell (RHEL only) @@ -27,13 +27,13 @@ Signed-off-by: Miroslav Rezanina 6 files changed, 15 deletions(-) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 3147b1a757..2d0f00075c 100644 +index b00ef51f2d..43d60df6e3 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -902,10 +902,6 @@ +@@ -909,10 +909,6 @@ !endif - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE - ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf { - - gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE @@ -42,25 +42,25 @@ index 3147b1a757..2d0f00075c 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index 8599834ac4..edcba6ad30 100644 +index e4e68e2122..5b7c3f7687 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -297,7 +297,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -296,7 +296,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour + INF FatPkg/EnhancedFatDxe/Fat.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" -INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf !endif - INF ShellPkg/Application/Shell/Shell.inf + !if $(BUILD_SHELL) == TRUE diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index daf8a02b63..662640b9a0 100644 +index d129a79e33..56426672b8 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -916,10 +916,6 @@ +@@ -923,10 +923,6 @@ !endif - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE - ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf { - - gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE @@ -69,25 +69,25 @@ index daf8a02b63..662640b9a0 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index aab5e2934a..cb01a23a24 100644 +index ef831accf1..45f5b69171 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf -@@ -298,7 +298,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -297,7 +297,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour + INF FatPkg/EnhancedFatDxe/Fat.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" -INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf !endif - INF ShellPkg/Application/Shell/Shell.inf + !if $(BUILD_SHELL) == TRUE diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index fcdc141304..5e183e5e20 100644 +index 5b40364c47..2b4635a71b 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -981,10 +981,6 @@ +@@ -991,10 +991,6 @@ !endif - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE - ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf { - - gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE @@ -96,17 +96,17 @@ index fcdc141304..5e183e5e20 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index b02e35fed3..8e2eeb22ee 100644 +index aeae1650cd..6b20e0946f 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -323,7 +323,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -322,7 +322,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour + INF FatPkg/EnhancedFatDxe/Fat.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" -INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf !endif - INF ShellPkg/Application/Shell/Shell.inf + !if $(BUILD_SHELL) == TRUE -- -2.31.1 +2.38.1 diff --git a/0030-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch b/0024-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch similarity index 92% rename from 0030-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch rename to 0024-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch index 48e3d54..2fb3de1 100644 --- a/0030-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch +++ b/0024-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch @@ -1,4 +1,4 @@ -From cff87d963dca131e9c8d3671a95781cf87062d7e Mon Sep 17 00:00:00 2001 +From f8e271d73e62ca932253b9461657483cc1081807 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:34 +0200 Subject: ArmVirtPkg: Remove HttpDynamicCommand from shell (RHEL only) @@ -23,7 +23,7 @@ Signed-off-by: Miroslav Rezanina 2 files changed, 5 deletions(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc -index 090c228c5a..c524346f6f 100644 +index 39a569e07e..49d2ef381c 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -379,10 +379,6 @@ @@ -38,7 +38,7 @@ index 090c228c5a..c524346f6f 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index ec5f4c95b1..f2298012ed 100644 +index 5ef9f89464..46978cc76c 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc @@ -98,7 +98,6 @@ READ_LOCK_STATUS = TRUE @@ -50,5 +50,5 @@ index ec5f4c95b1..f2298012ed 100644 # -- -2.31.1 +2.38.1 diff --git a/0031-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch b/0025-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch similarity index 75% rename from 0031-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch rename to 0025-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch index 5dad068..1f781c4 100644 --- a/0031-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch +++ b/0025-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch @@ -1,4 +1,4 @@ -From 743c933b2dc70f8f6779085bb02fe95b70d20ecd Mon Sep 17 00:00:00 2001 +From ed81dfa142253a7c37824201cf525231b7efcb71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:39 +0200 Subject: OvmfPkg: Remove LinuxInitrdDynamicShellCommand (RHEL only) @@ -34,7 +34,7 @@ Signed-off-by: Miroslav Rezanina 8 files changed, 20 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 25548a354f..b632a86fc4 100644 +index b3fa4941c5..adb051ecea 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -721,10 +721,6 @@ @@ -61,86 +61,86 @@ index 1b743cc93f..1d55c7815f 100644 INF OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf INF OvmfPkg/AmdSev/Grub/Grub.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 2d0f00075c..58698d647f 100644 +index 43d60df6e3..3b86666695 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -902,10 +902,6 @@ +@@ -909,10 +909,6 @@ !endif - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE - OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf { - - gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE - } !endif + !if $(BUILD_SHELL) == TRUE ShellPkg/Application/Shell/Shell.inf { - diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index edcba6ad30..840c79788c 100644 +index 5b7c3f7687..b1f4dbacd7 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -297,7 +297,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -296,7 +296,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour + INF FatPkg/EnhancedFatDxe/Fat.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" -INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf !endif + !if $(BUILD_SHELL) == TRUE INF ShellPkg/Application/Shell/Shell.inf - !endif diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 662640b9a0..e5d66010ad 100644 +index 56426672b8..c384425723 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -916,10 +916,6 @@ +@@ -923,10 +923,6 @@ !endif - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE - OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf { - - gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE - } !endif + !if $(BUILD_SHELL) == TRUE ShellPkg/Application/Shell/Shell.inf { - diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index cb01a23a24..37c4d52cc7 100644 +index 45f5b69171..c3dcda85c5 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf -@@ -298,7 +298,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -297,7 +297,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour + INF FatPkg/EnhancedFatDxe/Fat.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" -INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf !endif + !if $(BUILD_SHELL) == TRUE INF ShellPkg/Application/Shell/Shell.inf - !endif diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 5e183e5e20..a72b5eece7 100644 +index 2b4635a71b..bf372014b9 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -981,10 +981,6 @@ +@@ -991,10 +991,6 @@ !endif - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE - OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf { - - gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE - } !endif + !if $(BUILD_SHELL) == TRUE ShellPkg/Application/Shell/Shell.inf { - diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index 8e2eeb22ee..fc8954f8a6 100644 +index 6b20e0946f..2fd1d5315a 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -323,7 +323,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -322,7 +322,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour + INF FatPkg/EnhancedFatDxe/Fat.inf - !ifndef $(EXCLUDE_SHELL_FROM_FD) - !if $(TOOL_CHAIN_TAG) != "XCODE5" + !if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" -INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf !endif + !if $(BUILD_SHELL) == TRUE INF ShellPkg/Application/Shell/Shell.inf - !endif -- -2.31.1 +2.38.1 diff --git a/0032-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch b/0026-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch similarity index 92% rename from 0032-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch rename to 0026-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch index 7c797f0..5026d6a 100644 --- a/0032-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch +++ b/0026-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch @@ -1,4 +1,4 @@ -From 11bc5ced8508b38e730862cb6c234b287d9b657b Mon Sep 17 00:00:00 2001 +From 2bbe51e3b55e6860d4607c6627866ed6b7c858af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:46 +0200 Subject: ArmVirtPkg: Remove LinuxInitrdDynamicShellCommand (RHEL only) @@ -24,7 +24,7 @@ Signed-off-by: Miroslav Rezanina 2 files changed, 5 deletions(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc -index c524346f6f..65bfbc033f 100644 +index 49d2ef381c..1f0f8d44cd 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -379,10 +379,6 @@ @@ -39,7 +39,7 @@ index c524346f6f..65bfbc033f 100644 ShellCommandLib|ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.inf diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index f2298012ed..43a4eafae4 100644 +index 46978cc76c..7bcb152c7c 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc @@ -98,7 +98,6 @@ READ_LOCK_STATUS = TRUE @@ -51,5 +51,5 @@ index f2298012ed..43a4eafae4 100644 # # Bds -- -2.31.1 +2.38.1 diff --git a/0028-Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch b/0028-Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch new file mode 100644 index 0000000..2b10c67 --- /dev/null +++ b/0028-Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch @@ -0,0 +1,26 @@ +From 2f497dbe08c4374e02006edb5c2036d7216cd878 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Pawe=C5=82=20Po=C5=82awski?= +Date: Wed, 7 Dec 2022 03:19:20 +0100 +Subject: Revert "ArmVirtPkg: make EFI_LOADER_DATA non-executable" + +This reverts commit 2997ae38739756ecba9b0de19e86032ebc689ef9. +--- + ArmVirtPkg/ArmVirt.dsc.inc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc +index 1f0f8d44cd..65bfbc033f 100644 +--- a/ArmVirtPkg/ArmVirt.dsc.inc ++++ b/ArmVirtPkg/ArmVirt.dsc.inc +@@ -368,7 +368,7 @@ + # reserved ones, with the exception of LoaderData regions, of which OS loaders + # (i.e., GRUB) may assume that its contents are executable. + # +- gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD5 ++ gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD1 + + [Components.common] + # +-- +2.38.1 + diff --git a/0032-Revert-OvmfPkg-PlatformDxe-Handle-all-requests-in-Ex.patch b/0032-Revert-OvmfPkg-PlatformDxe-Handle-all-requests-in-Ex.patch new file mode 100644 index 0000000..f9176a0 --- /dev/null +++ b/0032-Revert-OvmfPkg-PlatformDxe-Handle-all-requests-in-Ex.patch @@ -0,0 +1,216 @@ +From b6a0dcb7a035aef12e1466fd1017194b9430c948 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Tue, 13 Dec 2022 10:31:05 +0100 +Subject: Revert "OvmfPkg/PlatformDxe: Handle all requests in ExtractConfig and + RouteConfig" + +This reverts commit aefcc91805fd69e4aad4bc08a9f708db11cae5f0. + +Fixes regression, patch breaks setting display resolution via ovmf +platform config. + +Signed-off-by: Gerd Hoffmann +--- + OvmfPkg/PlatformDxe/Platform.c | 115 +-------------------------- + OvmfPkg/PlatformDxe/PlatformConfig.c | 2 +- + OvmfPkg/PlatformDxe/PlatformConfig.h | 2 - + 3 files changed, 3 insertions(+), 116 deletions(-) + +diff --git a/OvmfPkg/PlatformDxe/Platform.c b/OvmfPkg/PlatformDxe/Platform.c +index ac31fafbdc..4d432f18df 100644 +--- a/OvmfPkg/PlatformDxe/Platform.c ++++ b/OvmfPkg/PlatformDxe/Platform.c +@@ -108,11 +108,6 @@ STATIC EFI_EVENT mGopEvent; + // + STATIC VOID *mGopTracker; + +-// +-// The driver image handle, used to obtain the device path for . +-// +-STATIC EFI_HANDLE mImageHandle; +- + // + // Cache the resolutions we get from the GOP. + // +@@ -234,10 +229,6 @@ ExtractConfig ( + { + MAIN_FORM_STATE MainFormState; + EFI_STATUS Status; +- EFI_STRING ConfigRequestHdr; +- EFI_STRING ConfigRequest; +- UINTN Size; +- BOOLEAN AllocatedRequest; + + DEBUG ((DEBUG_VERBOSE, "%a: Request=\"%s\"\n", __FUNCTION__, Request)); + +@@ -245,73 +236,18 @@ ExtractConfig ( + return EFI_INVALID_PARAMETER; + } + +- ConfigRequestHdr = NULL; +- ConfigRequest = NULL; +- Size = 0; +- AllocatedRequest = FALSE; +- +- // +- // Check if matches the GUID and name +- // +- *Progress = Request; +- if ((Request != NULL) && +- !HiiIsConfigHdrMatch ( +- Request, +- &gOvmfPlatformConfigGuid, +- mVariableName +- ) +- ) +- { +- return EFI_NOT_FOUND; +- } +- + Status = PlatformConfigToFormState (&MainFormState); + if (EFI_ERROR (Status)) { ++ *Progress = Request; + return Status; + } + +- if ((Request == NULL) || (StrStr (Request, L"OFFSET") == NULL)) { +- // +- // Request has no , so construct full request string. +- // Allocate and fill a buffer large enough to hold +- // followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a +- // null terminator. +- // +- ConfigRequestHdr = HiiConstructConfigHdr ( +- &gOvmfPlatformConfigGuid, +- mVariableName, +- mImageHandle +- ); +- if (ConfigRequestHdr == NULL) { +- return EFI_OUT_OF_RESOURCES; +- } +- +- Size = (StrLen (ConfigRequestHdr) + 32 + 1) * sizeof (CHAR16); +- ConfigRequest = AllocateZeroPool (Size); +- AllocatedRequest = TRUE; +- if (ConfigRequest == NULL) { +- FreePool (ConfigRequestHdr); +- return EFI_OUT_OF_RESOURCES; +- } +- +- UnicodeSPrint ( +- ConfigRequest, +- Size, +- L"%s&OFFSET=0&WIDTH=%016LX", +- ConfigRequestHdr, +- sizeof MainFormState +- ); +- FreePool (ConfigRequestHdr); +- } else { +- ConfigRequest = Request; +- } +- + // + // Answer the textual request keying off the binary form state. + // + Status = gHiiConfigRouting->BlockToConfig ( + gHiiConfigRouting, +- ConfigRequest, ++ Request, + (VOID *)&MainFormState, + sizeof MainFormState, + Results, +@@ -329,33 +265,6 @@ ExtractConfig ( + DEBUG ((DEBUG_VERBOSE, "%a: Results=\"%s\"\n", __FUNCTION__, *Results)); + } + +- // +- // If we used a newly allocated ConfigRequest, update Progress to point to +- // original Request instead of ConfigRequest. +- // +- if (Request == NULL) { +- *Progress = NULL; +- } else if (StrStr (Request, L"OFFSET") == NULL) { +- if (EFI_ERROR (Status)) { +- // +- // Since we constructed ConfigRequest, failure can only occur if there +- // is not enough memory. In this case, we point Progress to the first +- // character of Request. +- // +- *Progress = Request; +- } else { +- // +- // In case of success, we point Progress to the null terminator of +- // Request. +- // +- *Progress = Request + StrLen (Request); +- } +- } +- +- if (AllocatedRequest) { +- FreePool (ConfigRequest); +- } +- + return Status; + } + +@@ -439,21 +348,6 @@ RouteConfig ( + return EFI_INVALID_PARAMETER; + } + +- // +- // Check if matches the GUID and name +- // +- *Progress = Configuration; +- if ((Configuration != NULL) && +- !HiiIsConfigHdrMatch ( +- Configuration, +- &gOvmfPlatformConfigGuid, +- mVariableName +- ) +- ) +- { +- return EFI_NOT_FOUND; +- } +- + // + // the "read" step in RMW + // +@@ -972,11 +866,6 @@ PlatformInit ( + return Status; + } + +- // +- // Save the driver image handle. +- // +- mImageHandle = ImageHandle; +- + // + // Publish the HII package list to HII Database. + // +diff --git a/OvmfPkg/PlatformDxe/PlatformConfig.c b/OvmfPkg/PlatformDxe/PlatformConfig.c +index f5ac2d0609..e202ac5b47 100644 +--- a/OvmfPkg/PlatformDxe/PlatformConfig.c ++++ b/OvmfPkg/PlatformDxe/PlatformConfig.c +@@ -21,7 +21,7 @@ + // + // Name of the UEFI variable that we use for persistent storage. + // +-CHAR16 mVariableName[] = L"PlatformConfig"; ++STATIC CHAR16 mVariableName[] = L"PlatformConfig"; + + /** + Serialize and persistently save platform configuration. +diff --git a/OvmfPkg/PlatformDxe/PlatformConfig.h b/OvmfPkg/PlatformDxe/PlatformConfig.h +index 5d9b457b1b..902c9b2ce0 100644 +--- a/OvmfPkg/PlatformDxe/PlatformConfig.h ++++ b/OvmfPkg/PlatformDxe/PlatformConfig.h +@@ -50,6 +50,4 @@ PlatformConfigLoad ( + #define PLATFORM_CONFIG_F_GRAPHICS_RESOLUTION BIT0 + #define PLATFORM_CONFIG_F_DOWNGRADE BIT63 + +-extern CHAR16 mVariableName[]; +- + #endif // _PLATFORM_CONFIG_H_ +-- +2.38.1 + diff --git a/0033-OvmfPkg-QemuVideoDxe-fix-bochs-mode-init.patch b/0033-OvmfPkg-QemuVideoDxe-fix-bochs-mode-init.patch deleted file mode 100644 index 2c823e3..0000000 --- a/0033-OvmfPkg-QemuVideoDxe-fix-bochs-mode-init.patch +++ /dev/null @@ -1,89 +0,0 @@ -From 8c4e61fb92ec6511e1ca6c0880ba92897aadb599 Mon Sep 17 00:00:00 2001 -From: Gerd Hoffmann -Date: Wed, 7 Sep 2022 11:15:04 +0200 -Subject: OvmfPkg/QemuVideoDxe: fix bochs mode init - -RH-Author: Gerd Hoffmann -RH-MergeRequest: 17: OvmfPkg/QemuVideoDxe: fix bochs mode init -RH-Jira: RHELX-58 -RH-Acked-by: Oliver Steffen -RH-Acked-by: Miroslav Rezanina -RH-Acked-by: Pawel Polawski -RH-Commit: [1/1] a4be311ea4177a20113b80744c34f8bb77b2d775 (kraxel/centos-edk2) - -Add VgaInb() helper function to read vga registers. With that in place -fix the unblanking. We need to put the ATT_ADDRESS_REGISTER flip flop -into a known state, which is done by reading the -INPUT_STATUS_1_REGISTER. Reading the INPUT_STATUS_1_REGISTER only works -when the device is in color mode, so make sure that bit (0x01) is set in -MISC_OUTPUT_REGISTER. - -Currently the mode setting works more by luck because -ATT_ADDRESS_REGISTER flip flop happens to be in the state we need. - -Signed-off-by: Gerd Hoffmann -Reviewed-by: Ard Biesheuvel -(cherry picked from commit 512042eba87ff97a4820a55cf3b1a89a8afd1cc7) - -patch_name: edk2-OvmfPkg-QemuVideoDxe-fix-bochs-mode-init.patch -present_in_specfile: true -location_in_specfile: 34 ---- - OvmfPkg/QemuVideoDxe/Driver.c | 34 +++++++++++++++++++++++++++++++++- - 1 file changed, 33 insertions(+), 1 deletion(-) - -diff --git a/OvmfPkg/QemuVideoDxe/Driver.c b/OvmfPkg/QemuVideoDxe/Driver.c -index b91909a14e..c28171d137 100644 ---- a/OvmfPkg/QemuVideoDxe/Driver.c -+++ b/OvmfPkg/QemuVideoDxe/Driver.c -@@ -984,6 +984,34 @@ VgaOutb ( - } - } - -+STATIC -+UINT8 -+VgaInb ( -+ QEMU_VIDEO_PRIVATE_DATA *Private, -+ UINTN Reg -+ ) -+{ -+ EFI_STATUS Status; -+ UINT8 Data; -+ -+ if (Private->Variant == QEMU_VIDEO_BOCHS_MMIO) { -+ Data = 0; -+ Status = Private->PciIo->Mem.Read ( -+ Private->PciIo, -+ EfiPciIoWidthUint8, -+ PCI_BAR_IDX2, -+ 0x400 - 0x3c0 + Reg, -+ 1, -+ &Data -+ ); -+ ASSERT_EFI_ERROR (Status); -+ } else { -+ Data = inb (Private, Reg); -+ } -+ -+ return Data; -+} -+ - VOID - InitializeBochsGraphicsMode ( - QEMU_VIDEO_PRIVATE_DATA *Private, -@@ -998,7 +1026,11 @@ InitializeBochsGraphicsMode ( - ModeData->ColorDepth - )); - -- /* unblank */ -+ /* set color mode */ -+ VgaOutb (Private, MISC_OUTPUT_REGISTER, 0x01); -+ -+ /* reset flip flop + unblank */ -+ VgaInb (Private, INPUT_STATUS_1_REGISTER); - VgaOutb (Private, ATT_ADDRESS_REGISTER, 0x20); - - BochsWrite (Private, VBE_DISPI_INDEX_ENABLE, 0); --- -2.31.1 - diff --git a/0033-OvmfPkg-SmbiosPlatformDxe-use-PcdFirmware.patch b/0033-OvmfPkg-SmbiosPlatformDxe-use-PcdFirmware.patch new file mode 100644 index 0000000..01329b0 --- /dev/null +++ b/0033-OvmfPkg-SmbiosPlatformDxe-use-PcdFirmware.patch @@ -0,0 +1,231 @@ +From 8b2cc30989c009ab72951022bd017143764411b2 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Mon, 28 Nov 2022 13:40:20 +0800 +Subject: OvmfPkg/SmbiosPlatformDxe: use PcdFirmware* + +Instead of using hard-coded strings ("0.0.0" for BiosVersion etc) +which is mostly useless read the PCDs (PcdFirmwareVendor, +PcdFirmwareVersionString and PcdFirmwareReleaseDateString) and +build the string table dynamuically at runtime. + +Signed-off-by: Gerd Hoffmann +Reviewed-by: Jiewen Yao +(cherry picked from commit 4cb94f20b002c99dd2b4b75f07c5495b81a34ffd) + +https://issues.redhat.com/browse/RHEL-75 +--- + OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.c | 115 +++++++++++------- + .../SmbiosPlatformDxe/SmbiosPlatformDxe.inf | 6 + + .../XenSmbiosPlatformDxe.inf | 9 +- + 3 files changed, 85 insertions(+), 45 deletions(-) + +diff --git a/OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.c b/OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.c +index 94249d3ff1..dc1e6aed63 100644 +--- a/OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.c ++++ b/OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.c +@@ -9,57 +9,43 @@ + **/ + + #include // SMBIOS_TABLE_TYPE0 ++#include ++#include + #include // ASSERT_EFI_ERROR() ++#include ++#include + #include // gBS + #include // EFI_SMBIOS_PROTOCOL + + #include "SmbiosPlatformDxe.h" + +-#define TYPE0_STRINGS \ +- "EFI Development Kit II / OVMF\0" /* Vendor */ \ +- "0.0.0\0" /* BiosVersion */ \ +- "02/06/2015\0" /* BiosReleaseDate */ +-// +-// Type definition and contents of the default Type 0 SMBIOS table. +-// +-#pragma pack(1) +-typedef struct { +- SMBIOS_TABLE_TYPE0 Base; +- UINT8 Strings[sizeof (TYPE0_STRINGS)]; +-} OVMF_TYPE0; +-#pragma pack() +- +-STATIC CONST OVMF_TYPE0 mOvmfDefaultType0 = { ++STATIC CONST SMBIOS_TABLE_TYPE0 mOvmfDefaultType0 = { ++ // SMBIOS_STRUCTURE Hdr + { +- // SMBIOS_STRUCTURE Hdr +- { +- EFI_SMBIOS_TYPE_BIOS_INFORMATION, // UINT8 Type +- sizeof (SMBIOS_TABLE_TYPE0), // UINT8 Length +- }, +- 1, // SMBIOS_TABLE_STRING Vendor +- 2, // SMBIOS_TABLE_STRING BiosVersion +- 0xE800, // UINT16 BiosSegment +- 3, // SMBIOS_TABLE_STRING BiosReleaseDate +- 0, // UINT8 BiosSize +- { // MISC_BIOS_CHARACTERISTICS BiosCharacteristics +- 0, // Reserved :2 +- 0, // Unknown :1 +- 1, // BiosCharacteristicsNotSupported :1 +- // Remaining BiosCharacteristics bits left unset :60 +- }, +- { // BIOSCharacteristicsExtensionBytes[2] +- 0, // BiosReserved +- 0x1C // SystemReserved = VirtualMachineSupported | +- // UefiSpecificationSupported | +- // TargetContentDistributionEnabled +- }, +- 0, // UINT8 SystemBiosMajorRelease +- 0, // UINT8 SystemBiosMinorRelease +- 0xFF, // UINT8 EmbeddedControllerFirmwareMajorRelease +- 0xFF // UINT8 EmbeddedControllerFirmwareMinorRelease ++ EFI_SMBIOS_TYPE_BIOS_INFORMATION, // UINT8 Type ++ sizeof (SMBIOS_TABLE_TYPE0), // UINT8 Length + }, +- // Text strings (unformatted area) +- TYPE0_STRINGS ++ 1, // SMBIOS_TABLE_STRING Vendor ++ 2, // SMBIOS_TABLE_STRING BiosVersion ++ 0xE800, // UINT16 BiosSegment ++ 3, // SMBIOS_TABLE_STRING BiosReleaseDate ++ 0, // UINT8 BiosSize ++ { // MISC_BIOS_CHARACTERISTICS BiosCharacteristics ++ 0, // Reserved :2 ++ 0, // Unknown :1 ++ 1, // BiosCharacteristicsNotSupported :1 ++ // Remaining BiosCharacteristics bits left unset :60 ++ }, ++ { // BIOSCharacteristicsExtensionBytes[2] ++ 0, // BiosReserved ++ 0x1C // SystemReserved = VirtualMachineSupported | ++ // UefiSpecificationSupported | ++ // TargetContentDistributionEnabled ++ }, ++ 0, // UINT8 SystemBiosMajorRelease ++ 0, // UINT8 SystemBiosMinorRelease ++ 0xFF, // UINT8 EmbeddedControllerFirmwareMajorRelease ++ 0xFF // UINT8 EmbeddedControllerFirmwareMinorRelease + }; + + /** +@@ -153,14 +139,55 @@ InstallAllStructures ( + // + // Add OVMF default Type 0 (BIOS Information) table + // ++ CHAR16 *VendStr, *VersStr, *DateStr; ++ UINTN VendLen, VersLen, DateLen; ++ CHAR8 *Type0; ++ ++ VendStr = (CHAR16 *)FixedPcdGetPtr (PcdFirmwareVendor); ++ VendLen = StrLen (VendStr); ++ if (VendLen < 3) { ++ VendStr = L"unknown"; ++ VendLen = StrLen (VendStr); ++ } ++ ++ VersStr = (CHAR16 *)FixedPcdGetPtr (PcdFirmwareVersionString); ++ VersLen = StrLen (VersStr); ++ if (VersLen < 3) { ++ VersStr = L"unknown"; ++ VersLen = StrLen (VersStr); ++ } ++ ++ DateStr = (CHAR16 *)FixedPcdGetPtr (PcdFirmwareReleaseDateString); ++ DateLen = StrLen (DateStr); ++ if (DateLen < 3) { ++ DateStr = L"unknown"; ++ DateLen = StrLen (DateStr); ++ } ++ ++ DEBUG ((DEBUG_INFO, "FirmwareVendor: \"%s\" (%d chars)\n", VendStr, VendLen)); ++ DEBUG ((DEBUG_INFO, "FirmwareVersionString: \"%s\" (%d chars)\n", VersStr, VersLen)); ++ DEBUG ((DEBUG_INFO, "FirmwareReleaseDateString: \"%s\" (%d chars)\n", DateStr, DateLen)); ++ ++ Type0 = AllocateZeroPool (sizeof (mOvmfDefaultType0) + VendLen + VersLen + DateLen + 4); ++ if (Type0 == NULL) { ++ return EFI_OUT_OF_RESOURCES; ++ } ++ ++ CopyMem (Type0, &mOvmfDefaultType0, sizeof (mOvmfDefaultType0)); ++ UnicodeStrToAsciiStrS (VendStr, Type0 + sizeof (mOvmfDefaultType0), VendLen + 1); ++ UnicodeStrToAsciiStrS (VersStr, Type0 + sizeof (mOvmfDefaultType0) + VendLen + 1, VersLen + 1); ++ UnicodeStrToAsciiStrS (DateStr, Type0 + sizeof (mOvmfDefaultType0) + VendLen + VersLen + 2, DateLen + 1); ++ + SmbiosHandle = SMBIOS_HANDLE_PI_RESERVED; + Status = Smbios->Add ( + Smbios, + NULL, + &SmbiosHandle, +- (EFI_SMBIOS_TABLE_HEADER *)&mOvmfDefaultType0 ++ (EFI_SMBIOS_TABLE_HEADER *)Type0 + ); + ASSERT_EFI_ERROR (Status); ++ ++ FreePool (Type0); + } + + return EFI_SUCCESS; +diff --git a/OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.inf b/OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.inf +index 0066bbc922..52689c96e5 100644 +--- a/OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.inf ++++ b/OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.inf +@@ -32,9 +32,12 @@ + + [Packages] + MdePkg/MdePkg.dec ++ MdeModulePkg/MdeModulePkg.dec + OvmfPkg/OvmfPkg.dec + + [LibraryClasses] ++ BaseLib ++ BaseMemoryLib + DebugLib + MemoryAllocationLib + PcdLib +@@ -45,6 +48,9 @@ + [Pcd] + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId + gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated ++ gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVendor ++ gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString ++ gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareReleaseDateString + + [Protocols] + gEfiSmbiosProtocolGuid # PROTOCOL ALWAYS_CONSUMED +diff --git a/OvmfPkg/SmbiosPlatformDxe/XenSmbiosPlatformDxe.inf b/OvmfPkg/SmbiosPlatformDxe/XenSmbiosPlatformDxe.inf +index 7f4588e33d..e646c88741 100644 +--- a/OvmfPkg/SmbiosPlatformDxe/XenSmbiosPlatformDxe.inf ++++ b/OvmfPkg/SmbiosPlatformDxe/XenSmbiosPlatformDxe.inf +@@ -38,19 +38,26 @@ + + [Packages] + MdePkg/MdePkg.dec ++ MdeModulePkg/MdeModulePkg.dec + + [Packages.IA32, Packages.X64] + OvmfPkg/OvmfPkg.dec + + [LibraryClasses] ++ BaseLib ++ BaseMemoryLib + DebugLib + UefiBootServicesTableLib + UefiDriverEntryPoint + + [LibraryClasses.IA32, LibraryClasses.X64] +- BaseLib + HobLib + ++[Pcd] ++ gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVendor ++ gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString ++ gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareReleaseDateString ++ + [Protocols] + gEfiSmbiosProtocolGuid # PROTOCOL ALWAYS_CONSUMED + +-- +2.38.1 + diff --git a/edk2-ovmf-sb.json b/30-edk2-ovmf-x64-sb-enrolled.json similarity index 100% rename from edk2-ovmf-sb.json rename to 30-edk2-ovmf-x64-sb-enrolled.json diff --git a/edk2-ovmf.json b/40-edk2-ovmf-x64-sb.json similarity index 100% rename from edk2-ovmf.json rename to 40-edk2-ovmf-x64-sb.json diff --git a/edk2-aarch64.json b/50-edk2-aarch64.json similarity index 100% rename from edk2-aarch64.json rename to 50-edk2-aarch64.json diff --git a/edk2-ovmf-cc.json b/50-edk2-ovmf-x64-nosb.json similarity index 70% rename from edk2-ovmf-cc.json rename to 50-edk2-ovmf-x64-nosb.json index fe6b2a6..1685da9 100644 --- a/edk2-ovmf-cc.json +++ b/50-edk2-ovmf-x64-nosb.json @@ -1,12 +1,12 @@ { - "description": "OVMF with SEV-ES support", + "description": "OVMF without SB+SMM, empty varstore", "interface-types": [ "uefi" ], "mapping": { "device": "flash", "executable": { - "filename": "/usr/share/edk2/ovmf/OVMF_CODE.cc.fd", + "filename": "/usr/share/edk2/ovmf/OVMF_CODE.fd", "format": "raw" }, "nvram-template": { @@ -18,13 +18,12 @@ { "architecture": "x86_64", "machines": [ - "pc-q35-rhel8.5.0", - "pc-q35-rhel8.6.0", - "pc-q35-rhel9.*" + "pc-q35-*" ] } ], "features": [ + "acpi-s3", "amd-sev", "amd-sev-es", "verbose-dynamic" diff --git a/edk2-aarch64-verbose.json b/51-edk2-aarch64-verbose.json similarity index 100% rename from edk2-aarch64-verbose.json rename to 51-edk2-aarch64-verbose.json diff --git a/edk2-ovmf-amdsev.json b/60-edk2-ovmf-x64-amdsev.json similarity index 80% rename from edk2-ovmf-amdsev.json rename to 60-edk2-ovmf-x64-amdsev.json index a6549aa..9a561bc 100644 --- a/edk2-ovmf-amdsev.json +++ b/60-edk2-ovmf-x64-amdsev.json @@ -5,7 +5,7 @@ ], "mapping": { "device": "flash", - "mode": "stateless", + "mode": "stateless", "executable": { "filename": "/usr/share/edk2/ovmf/OVMF.amdsev.fd", "format": "raw" @@ -15,15 +15,14 @@ { "architecture": "x86_64", "machines": [ - "pc-q35-rhel8.5.0", - "pc-q35-rhel8.6.0", - "pc-q35-rhel9.*" + "pc-q35-*" ] } ], "features": [ "amd-sev", "amd-sev-es", + "amd-sev-snp", "verbose-dynamic" ], "tags": [ diff --git a/60-edk2-ovmf-x64-inteltdx.json b/60-edk2-ovmf-x64-inteltdx.json new file mode 100644 index 0000000..44993ab --- /dev/null +++ b/60-edk2-ovmf-x64-inteltdx.json @@ -0,0 +1,29 @@ +{ + "description": "OVMF with TDX support", + "interface-types": [ + "uefi" + ], + "mapping": { + "device": "flash", + "mode": "stateless", + "executable": { + "filename": "/usr/share/edk2/ovmf/OVMF.inteltdx.fd", + "format": "raw" + } + }, + "targets": [ + { + "architecture": "x86_64", + "machines": [ + "pc-q35-*" + ] + } + ], + "features": [ + "intel-tdx", + "verbose-dynamic" + ], + "tags": [ + + ] +} diff --git a/LICENSE.qosb b/LICENSE.qosb deleted file mode 100644 index 9849381..0000000 --- a/LICENSE.qosb +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2017 Patrick Uiterwijk - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/README.rst b/README.rst deleted file mode 100644 index 2520936..0000000 --- a/README.rst +++ /dev/null @@ -1,18 +0,0 @@ -=================== -EDK2 development -=================== - -EDK2 is maintained in a `source tree`_ rather than directly in dist-git -using packit service that provides way to develope using regular source code -structure and provides way to generate SRPM and build using koji service. - -Developers deliver all changes to source-git using merge request. Only maintainers -will be pushing changes sent to source-git to dist-git. - -Each release in dist-git is tagged in the source repository so you can easily -check out the source tree for a build. The tags are in the format -name-version-release, but note release doesn't contain the dist tag since the -source can be built in different build roots (Fedora, CentOS, etc.) - -.. _source tree: https://gitlab.com/redhat/centos-stream/src/edk2 - diff --git a/RedHatSecureBootPkKek1.pem b/RedHatSecureBootPkKek1.pem deleted file mode 100644 index d302362..0000000 --- a/RedHatSecureBootPkKek1.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDoDCCAoigAwIBAgIJAP71iOjzlsDxMA0GCSqGSIb3DQEBCwUAMFExKzApBgNV -BAMTIlJlZCBIYXQgU2VjdXJlIEJvb3QgKFBLL0tFSyBrZXkgMSkxIjAgBgkqhkiG -9w0BCQEWE3NlY2FsZXJ0QHJlZGhhdC5jb20wHhcNMTQxMDMxMTExNTM3WhcNMzcx -MDI1MTExNTM3WjBRMSswKQYDVQQDEyJSZWQgSGF0IFNlY3VyZSBCb290IChQSy9L -RUsga2V5IDEpMSIwIAYJKoZIhvcNAQkBFhNzZWNhbGVydEByZWRoYXQuY29tMIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB+Ee42865cmgm2Iq4rJjGhw -+d9LB7I3gwsCyGdoMJ7j8PCZSrhZV8ZB9jiL/mZMSek3N5IumAEeWxRQ5qiNJQ31 -huarMMtAFuqNixaGcEM38s7Akd9xFI6ZDom2TG0kHozkL08l0LoG+MboGRh2cx2B -bajYBc86yHsoyDajFg0pjJmaaNyrwE2Nv1q7K6k5SwSXHPk2u8U6hgSur9SCe+Cr -3kkFaPz2rmgabJBNVxk8ZGYD9sdSm/eUz5NqoWjJqs+Za7yqXgjnORz3+A+6Bn7x -y+h23f4i2q06Xls06rPJ4E0EKX64YLkF77XZF1hWFmC5MDLwNkrD8nmNEkBw8wID -AQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVy -YXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUPOlg4/8ZoQp7o0L0jUIutNWccuww -HwYDVR0jBBgwFoAUPOlg4/8ZoQp7o0L0jUIutNWccuwwDQYJKoZIhvcNAQELBQAD -ggEBAFxNkoi0gl8drYsR7N8GpnqlK583VQyNbgUArbcMQYlpz9ZlBptReNKtx7+c -3AVzf+ceORO06rYwfUB1q5xDC9+wwhu/MOD0/sDbYiGY9sWv3jtPSQrmHvmGsD8N -1tRGN9tUdF7/EcJgxnBYxRxv7LLYbm/DvDOHOKTzRGScNDsolCZ4J58WF+g7aQol -qXM2fp43XOzoP9uR+RKzPc7n3RXDrowFIGGbld6br/qxXBzll+fDNBGF9YonJqRw -NuwM9oM9kPc28/nzFdSQYr5TtK/TSa/v9HPoe3bkRCo3uoGkmQw6MSRxoOTktxrL -R+SqIs/vdWGA40O3SFdzET14m2k= ------END CERTIFICATE----- diff --git a/edk2-MdeModulePkg-PiSmmCore-SmmEntryPoint-underflow-CVE-2.patch b/edk2-MdeModulePkg-PiSmmCore-SmmEntryPoint-underflow-CVE-2.patch deleted file mode 100644 index 7c013da..0000000 --- a/edk2-MdeModulePkg-PiSmmCore-SmmEntryPoint-underflow-CVE-2.patch +++ /dev/null @@ -1,228 +0,0 @@ -From a5f083ad370f8ad887430da0540901928a57455f Mon Sep 17 00:00:00 2001 -From: Jon Maloy -Date: Thu, 10 Nov 2022 11:21:07 -0500 -Subject: [PATCH] =?UTF-8?q?MdeModulePkg/PiSmmCore:=20SmmEntryPoint=20under?= - =?UTF-8?q?flow=C2=A0(CVE-2021-38578)?= -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -RH-Author: Jon Maloy -RH-MergeRequest: 18: MdeModulePkg/PiSmmCore: SmmEntryPoint underflow (CVE-2021-38578) -RH-Bugzilla: 1989857 -RH-Acked-by: Gerd Hoffmann -RH-Commit: [1/1] ec5b68cb76de849cf854673a4707a40c8bf7dc7b - -BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1989857 -Upstream: Merged -CVE: CVE-2021-38578 - -commit cab1f02565d3b29081dd21afb074f35fdb4e1fd6 -Author: Miki Demeter -Date: Thu Oct 27 16:20:54 2022 -0700 - - MdeModulePkg/PiSmmCore: SmmEntryPoint underflow (CVE-2021-38578) - - REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3387 - - Added use of SafeIntLib to validate values are not causing overflows or - underflows in user controlled values when calculating buffer sizes. - - Signed-off-by: Miki Demeter - Reviewed-by: Michael D Kinney - Cc: Jian J Wang - Cc: Liming Gao - Reviewed-by: Liming Gao - -(cherry picked from commit cab1f02565d3b29081dd21afb074f35fdb4e1fd6) -Signed-off-by: Jon Maloy ---- - MdeModulePkg/Core/PiSmmCore/PiSmmCore.c | 41 ++++++++++++++++++----- - MdeModulePkg/Core/PiSmmCore/PiSmmCore.h | 1 + - MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf | 1 + - MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c | 31 +++++++++++++---- - MdeModulePkg/Core/PiSmmCore/PiSmmIpl.inf | 1 + - 5 files changed, 60 insertions(+), 15 deletions(-) - -diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c -index 9e5c6cbe33..875c7c0258 100644 ---- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c -+++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c -@@ -610,6 +610,7 @@ SmmEndOfS3ResumeHandler ( - @param[in] Size2 Size of Buff2 - - @retval TRUE Buffers overlap in memory. -+ @retval TRUE Math error. Prevents potential math over and underflows. - @retval FALSE Buffer doesn't overlap. - - **/ -@@ -621,11 +622,24 @@ InternalIsBufferOverlapped ( - IN UINTN Size2 - ) - { -+ UINTN End1; -+ UINTN End2; -+ BOOLEAN IsOverUnderflow1; -+ BOOLEAN IsOverUnderflow2; -+ -+ // Check for over or underflow -+ IsOverUnderflow1 = EFI_ERROR (SafeUintnAdd ((UINTN)Buff1, Size1, &End1)); -+ IsOverUnderflow2 = EFI_ERROR (SafeUintnAdd ((UINTN)Buff2, Size2, &End2)); -+ -+ if (IsOverUnderflow1 || IsOverUnderflow2) { -+ return TRUE; -+ } -+ - // - // If buff1's end is less than the start of buff2, then it's ok. - // Also, if buff1's start is beyond buff2's end, then it's ok. - // -- if (((Buff1 + Size1) <= Buff2) || (Buff1 >= (Buff2 + Size2))) { -+ if ((End1 <= (UINTN)Buff2) || ((UINTN)Buff1 >= End2)) { - return FALSE; - } - -@@ -651,6 +665,7 @@ SmmEntryPoint ( - EFI_SMM_COMMUNICATE_HEADER *CommunicateHeader; - BOOLEAN InLegacyBoot; - BOOLEAN IsOverlapped; -+ BOOLEAN IsOverUnderflow; - VOID *CommunicationBuffer; - UINTN BufferSize; - -@@ -699,23 +714,31 @@ SmmEntryPoint ( - (UINT8 *)gSmmCorePrivate, - sizeof (*gSmmCorePrivate) - ); -- if (!SmmIsBufferOutsideSmmValid ((UINTN)CommunicationBuffer, BufferSize) || IsOverlapped) { -+ // -+ // Check for over or underflows -+ // -+ IsOverUnderflow = EFI_ERROR (SafeUintnSub (BufferSize, OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data), &BufferSize)); -+ -+ if (!SmmIsBufferOutsideSmmValid ((UINTN)CommunicationBuffer, BufferSize) || -+ IsOverlapped || IsOverUnderflow) -+ { - // - // If CommunicationBuffer is not in valid address scope, - // or there is overlap between gSmmCorePrivate and CommunicationBuffer, -+ // or there is over or underflow, - // return EFI_INVALID_PARAMETER - // - gSmmCorePrivate->CommunicationBuffer = NULL; - gSmmCorePrivate->ReturnStatus = EFI_ACCESS_DENIED; - } else { - CommunicateHeader = (EFI_SMM_COMMUNICATE_HEADER *)CommunicationBuffer; -- BufferSize -= OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data); -- Status = SmiManage ( -- &CommunicateHeader->HeaderGuid, -- NULL, -- CommunicateHeader->Data, -- &BufferSize -- ); -+ // BufferSize was updated by the SafeUintnSub() call above. -+ Status = SmiManage ( -+ &CommunicateHeader->HeaderGuid, -+ NULL, -+ CommunicateHeader->Data, -+ &BufferSize -+ ); - // - // Update CommunicationBuffer, BufferSize and ReturnStatus - // Communicate service finished, reset the pointer to CommBuffer to NULL -diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h -index 71422b9dfc..b8a490a8c3 100644 ---- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h -+++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h -@@ -54,6 +54,7 @@ - #include - #include - #include -+#include - - #include "PiSmmCorePrivateData.h" - #include "HeapGuard.h" -diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf -index c8bfae3860..3df44b38f1 100644 ---- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf -+++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf -@@ -60,6 +60,7 @@ - PerformanceLib - HobLib - SmmMemLib -+ SafeIntLib - - [Protocols] - gEfiDxeSmmReadyToLockProtocolGuid ## UNDEFINED # SmiHandlerRegister -diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c -index 4f00cebaf5..fbba868fd0 100644 ---- a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c -+++ b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c -@@ -34,8 +34,8 @@ - #include - #include - #include -- - #include "PiSmmCorePrivateData.h" -+#include - - #define SMRAM_CAPABILITIES (EFI_MEMORY_WB | EFI_MEMORY_UC) - -@@ -1354,6 +1354,7 @@ SmmSplitSmramEntry ( - @param[in] ReservedRangeToCompare Pointer to EFI_SMM_RESERVED_SMRAM_REGION to compare. - - @retval TRUE There is overlap. -+ @retval TRUE Math error. - @retval FALSE There is no overlap. - - **/ -@@ -1363,11 +1364,29 @@ SmmIsSmramOverlap ( - IN EFI_SMM_RESERVED_SMRAM_REGION *ReservedRangeToCompare - ) - { -- UINT64 RangeToCompareEnd; -- UINT64 ReservedRangeToCompareEnd; -- -- RangeToCompareEnd = RangeToCompare->CpuStart + RangeToCompare->PhysicalSize; -- ReservedRangeToCompareEnd = ReservedRangeToCompare->SmramReservedStart + ReservedRangeToCompare->SmramReservedSize; -+ UINT64 RangeToCompareEnd; -+ UINT64 ReservedRangeToCompareEnd; -+ BOOLEAN IsOverUnderflow1; -+ BOOLEAN IsOverUnderflow2; -+ -+ // Check for over or underflow. -+ IsOverUnderflow1 = EFI_ERROR ( -+ SafeUint64Add ( -+ (UINT64)RangeToCompare->CpuStart, -+ RangeToCompare->PhysicalSize, -+ &RangeToCompareEnd -+ ) -+ ); -+ IsOverUnderflow2 = EFI_ERROR ( -+ SafeUint64Add ( -+ (UINT64)ReservedRangeToCompare->SmramReservedStart, -+ ReservedRangeToCompare->SmramReservedSize, -+ &ReservedRangeToCompareEnd -+ ) -+ ); -+ if (IsOverUnderflow1 || IsOverUnderflow2) { -+ return TRUE; -+ } - - if ((RangeToCompare->CpuStart >= ReservedRangeToCompare->SmramReservedStart) && - (RangeToCompare->CpuStart < ReservedRangeToCompareEnd)) -diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.inf b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.inf -index 6109d6b544..ddeb39cee2 100644 ---- a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.inf -+++ b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.inf -@@ -46,6 +46,7 @@ - DxeServicesLib - PcdLib - ReportStatusCodeLib -+ SafeIntLib - - [Protocols] - gEfiSmmBase2ProtocolGuid ## PRODUCES --- -2.31.1 - diff --git a/edk2-build.py b/edk2-build.py new file mode 100755 index 0000000..3b3e590 --- /dev/null +++ b/edk2-build.py @@ -0,0 +1,276 @@ +#!/usr/bin/python3 +import os +import sys +import glob +import shutil +import optparse +import subprocess +import configparser + +rebase_prefix = "" +version_override = None + +def check_rebase(): + """ detect 'git rebase -x edk2-build.py master' testbuilds """ + global rebase_prefix + global version_override + + if not os.path.exists('.git/rebase-merge/msgnum'): + return "" + with open('.git/rebase-merge/msgnum', 'r') as f: + msgnum = int(f.read()) + with open('.git/rebase-merge/end', 'r') as f: + end = int(f.read()) + with open('.git/rebase-merge/head-name', 'r') as f: + head = f.read().strip().split('/') + + rebase_prefix = f'[ {int(msgnum/2)} / {int(end/2)} - {head[-1]} ] ' + if msgnum != end: + # fixed version speeds up builds + version_override = "test-build-patch-series" + +def get_coredir(cfg): + if cfg.has_option('global', 'core'): + return os.path.abspath(cfg['global']['core']) + else: + return os.getcwd() + +def get_version(cfg): + coredir = get_coredir(cfg) + if version_override: + version = version_override + print('') + print(f'### version [override]: {version}') + return version + if os.environ.get('RPM_PACKAGE_NAME'): + version = os.environ.get('RPM_PACKAGE_NAME'); + version += '-' + os.environ.get('RPM_PACKAGE_VERSION'); + version += '-' + os.environ.get('RPM_PACKAGE_RELEASE'); + print('') + print(f'### version [rpmbuild]: {version}') + return version + if os.path.exists(coredir + '/.git'): + cmdline = [ 'git', 'describe', '--tags', '--abbrev=8', '--match=edk2-stable*' ] + result = subprocess.run(cmdline, capture_output = True, cwd = coredir) + version = result.stdout.decode().strip() + #cmdline = [ 'git', 'branch', '--show-current'] + #result = subprocess.run(cmdline, capture_output = True, cwd = coredir) + #branch = result.stdout.decode().strip() + #if branch != "master": + # version += f' ({branch})' + print('') + print(f'### version [git]: {version}') + return version + return None + +def pcd_string(name, value): + return f'{name}=L{value}\\0' + +def pcd_version(cfg): + version = get_version(cfg) + if version is None: + return [] + return [ '--pcd', pcd_string('PcdFirmwareVersionString', version) ] + +def build_message(line): + if os.environ.get('TERM') in [ 'xterm', 'xterm-256color' ]: + # setxterm title + start = '\x1b]2;' + end = '\x07' + print(f'{start}{rebase_prefix}{line}{end}', end = '') + + print('') + print('###') + print(f'### {rebase_prefix}{line}') + print('###') + +def build_run(cmdline, name): + print(cmdline) + result = subprocess.run(cmdline) + if result.returncode: + print(f'ERROR: {cmdline[0]} exited with {result.returncode} while building {name}') + sys.exit(result.returncode) + +def build_copy(plat, tgt, dstdir, copy): + srcdir = f'Build/{plat}/{tgt}_GCC5' + names = copy.split() + srcfile = names[0] + if len(names) > 1: + dstfile = names[1] + else: + dstfile = os.path.basename(srcfile) + print(f'# copy: {srcdir} / {srcfile} => {dstdir} / {dstfile}') + + os.makedirs(dstdir, exist_ok = True) + shutil.copy(srcdir + '/' + srcfile, + dstdir + '/' + dstfile) + +def pad_file(dstdir, pad): + args = pad.split() + if len(args) < 2: + raise RuntimeError(f'missing arg for pad ({args})') + name = args[0] + size = args[1] + cmdline = [ + 'truncate', + '--size', size, + dstdir + '/' + name, + ] + print(f'# padding: {dstdir} / {name} => {size}') + subprocess.run(cmdline) + +def build_one(cfg, build, jobs = None): + cmdline = [ 'build' ] + cmdline += [ '-t', 'GCC5' ] + cmdline += [ '-p', cfg[build]['conf'] ] + + if (cfg[build]['conf'].startswith('OvmfPkg/') or + cfg[build]['conf'].startswith('ArmVirtPkg/')): + cmdline += pcd_version(cfg) + + if jobs: + cmdline += [ '-n', jobs ] + for arch in cfg[build]['arch'].split(): + cmdline += [ '-a', arch ] + if 'opts' in cfg[build]: + for name in cfg[build]['opts'].split(): + section = 'opts.' + name + for opt in cfg[section]: + cmdline += [ '-D', opt.upper() + '=' + cfg[section][opt] ] + if 'tgts' in cfg[build]: + tgts = cfg[build]['tgts'].split() + else: + tgts = [ 'DEBUG' ] + for tgt in tgts: + build_message(f'building: {cfg[build]["conf"]} ({cfg[build]["arch"]}, {tgt})') + build_run(cmdline + [ '-b', tgt ], + cfg[build]['conf']) + + if 'plat' in cfg[build]: + # copy files + for cpy in cfg[build]: + if not cpy.startswith('cpy'): + continue + build_copy(cfg[build]['plat'], + tgt, + cfg[build]['dest'], + cfg[build][cpy]) + # pad builds + for pad in cfg[build]: + if not pad.startswith('pad'): + continue + pad_file(cfg[build]['dest'], + cfg[build][pad]) + +def build_basetools(): + build_message(f'building: BaseTools') + basedir = os.environ['EDK_TOOLS_PATH'] + cmdline = [ 'make', '-C', basedir ] + build_run(cmdline, 'BaseTools') + +def binary_exists(name): + for dir in os.environ['PATH'].split(':'): + if os.path.exists(dir + '/' + name): + return True + return False + +def prepare_env(cfg): + """ mimic Conf/BuildEnv.sh """ + workspace = os.getcwd() + packages = [ workspace, ] + path = os.environ['PATH'].split(':') + dirs = [ + 'BaseTools/Bin/Linux-x86_64', + 'BaseTools/BinWrappers/PosixLike' + ] + + coredir = get_coredir(cfg) + if coredir != workspace: + packages.append(coredir) + if cfg.has_option('global', 'pkgs'): + for pkgdir in cfg['global']['pkgs'].split(): + packages.append(os.path.abspath(pkgdir)) + + # add basetools to path + for dir in dirs: + p = coredir + '/' + dir + if not os.path.exists(p): + continue + if p in path: + continue + path.insert(0, p) + + # run edksetup if needed + toolsdef = coredir + '/Conf/tools_def.txt'; + if not os.path.exists(toolsdef): + build_message('running edksetup') + cmdline = [ 'sh', 'edksetup.sh' ] + subprocess.run(cmdline, cwd = coredir) + + # set variables + os.environ['PATH'] = ':'.join(path) + os.environ['PACKAGES_PATH'] = ':'.join(packages) + os.environ['WORKSPACE'] = workspace + os.environ['EDK_TOOLS_PATH'] = coredir + '/BaseTools' + os.environ['CONF_PATH'] = coredir + '/Conf' + os.environ['PYTHON_COMMAND'] = '/usr/bin/python3' + + # for cross builds + if binary_exists('arm-linux-gnu-gcc'): + os.environ['GCC5_ARM_PREFIX'] = 'arm-linux-gnu-' + if binary_exists('aarch64-linux-gnu-gcc'): + os.environ['GCC5_AARCH64_PREFIX'] = 'aarch64-linux-gnu-' + if binary_exists('x86_64-linux-gnu-gcc'): + os.environ['GCC5_IA32_PREFIX'] = 'x86_64-linux-gnu-' + os.environ['GCC5_X64_PREFIX'] = 'x86_64-linux-gnu-' + +def build_list(cfg): + for build in cfg.sections(): + if not build.startswith('build.'): + continue + name = build.lstrip('build.') + desc = 'no description' + if 'desc' in cfg[build]: + desc = cfg[build]['desc'] + print(f'# {name:20s} - {desc}') + +def main(): + parser = optparse.OptionParser() + parser.add_option('-c', '--config', dest = 'configfile', + type = 'string', default = '.edk2.builds') + parser.add_option('-j', '--jobs', dest = 'jobs', type = 'string') + parser.add_option('-m', '--match', dest = 'match', type = 'string') + parser.add_option('-l', '--list', dest = 'list', action = 'store_true') + parser.add_option('--core', dest = 'core', type = 'string') + parser.add_option('--version-override', dest = 'version_override', type = 'string') + (options, args) = parser.parse_args() + + cfg = configparser.ConfigParser() + cfg.read(options.configfile) + + if options.list: + build_list(cfg) + return + + if not cfg.has_section('global'): + cfg.add_section('global') + if options.core: + cfg.set('global', 'core', options.core) + + global version_override + check_rebase() + if options.version_override: + version_override = options.version_override + + prepare_env(cfg) + build_basetools() + for build in cfg.sections(): + if not build.startswith('build.'): + continue + if options.match and options.match not in build: + print(f'# skipping "{build}" (not matching "{options.match}")') + continue + build_one(cfg, build, options.jobs) + +if __name__ == '__main__': + sys.exit(main()) diff --git a/edk2-build.rhel-9 b/edk2-build.rhel-9 new file mode 100644 index 0000000..ef7df91 --- /dev/null +++ b/edk2-build.rhel-9 @@ -0,0 +1,103 @@ + +[opts.ovmf.common] +NETWORK_HTTP_BOOT_ENABLE = TRUE +NETWORK_IP6_ENABLE = TRUE +NETWORK_TLS_ENABLE = TRUE +NETWORK_ISCSI_ENABLE = TRUE +NETWORK_ALLOW_HTTP_CONNECTIONS = TRUE +TPM2_ENABLE = TRUE +TPM2_CONFIG_ENABLE = TRUE +TPM1_ENABLE = FALSE + +[opts.ovmf.4m] +FD_SIZE_4MB = TRUE + +[opts.ovmf.sb.smm] +SECURE_BOOT_ENABLE = TRUE +SMM_REQUIRE = TRUE +# old downstream +EXCLUDE_SHELL_FROM_FD = TRUE +# new upstream +BUILD_SHELL = FALSE + +[opts.armvirt.verbose] +DEBUG_PRINT_ERROR_LEVEL = 0x8040004F + +[opts.armvirt.silent] +DEBUG_PRINT_ERROR_LEVEL = 0x80000000 + + +##################################################################### +# stateful ovmf builds (with vars in flash) + +[build.ovmf.4m.default] +desc = ovmf build (64-bit, 4MB) +conf = OvmfPkg/OvmfPkgX64.dsc +arch = X64 +opts = ovmf.common ovmf.4m +plat = OvmfX64 +dest = RHEL-9/ovmf +cpy1 = FV/OVMF_CODE.fd OVMF_CODE.fd +cpy2 = FV/OVMF_VARS.fd +cpy3 = X64/Shell.efi + +[build.ovmf.4m.sb.smm] +desc = ovmf build (32/64-bit, 4MB, q35 only, needs smm, secure boot) +conf = OvmfPkg/OvmfPkgIa32X64.dsc +arch = IA32 X64 +opts = ovmf.common ovmf.4m ovmf.sb.smm +plat = Ovmf3264 +dest = RHEL-9/ovmf +cpy1 = FV/OVMF_CODE.fd OVMF_CODE.secboot.fd +cpy2 = X64/EnrollDefaultKeys.efi + + +##################################################################### +# stateless ovmf builds (firmware in rom or r/o flash) + +[build.ovmf.amdsev] +desc = ovmf build for AmdSev (4MB) +conf = OvmfPkg/AmdSev/AmdSevX64.dsc +arch = X64 +opts = ovmf.common ovmf.4m +plat = AmdSev +dest = RHEL-9/ovmf +cpy1 = FV/OVMF.fd OVMF.amdsev.fd + +[build.ovmf.inteltdx] +desc = ovmf build for IntelTdx (4MB) +conf = OvmfPkg/IntelTdx/IntelTdxX64.dsc +arch = X64 +opts = ovmf.common ovmf.4m +plat = IntelTdx +dest = RHEL-9/ovmf +cpy1 = FV/OVMF.fd OVMF.inteltdx.fd + + +##################################################################### +# armvirt builds + +[build.armvirt.aa64.verbose] +desc = ArmVirt build for qemu, 64-bit (arm v8), verbose +conf = ArmVirtPkg/ArmVirtQemu.dsc +arch = AARCH64 +opts = ovmf.common armvirt.verbose +plat = ArmVirtQemu-AARCH64 +dest = RHEL-9/aarch64 +cpy1 = FV/QEMU_EFI.fd +cpy2 = FV/QEMU_VARS.fd +cpy3 = FV/QEMU_EFI.fd QEMU_EFI-pflash.raw +cpy4 = FV/QEMU_VARS.fd vars-template-pflash.raw +pad3 = QEMU_EFI-pflash.raw 64m +pad4 = vars-template-pflash.raw 64m + +[build.armvirt.aa64.silent] +desc = ArmVirt build for qemu, 64-bit (arm v8), silent +conf = ArmVirtPkg/ArmVirtQemu.dsc +arch = AARCH64 +opts = ovmf.common armvirt.silent +plat = ArmVirtQemu-AARCH64 +dest = RHEL-9/aarch64 +cpy1 = FV/QEMU_EFI.fd QEMU_EFI.silent.fd +cpy2 = FV/QEMU_EFI.fd QEMU_EFI-silent-pflash.raw +pad2 = QEMU_EFI-silent-pflash.raw 64m diff --git a/edk2.spec b/edk2.spec index 8a4dbed..7bfa004 100644 --- a/edk2.spec +++ b/edk2.spec @@ -1,18 +1,10 @@ ExclusiveArch: x86_64 aarch64 -%define GITDATE 20220826 -%define GITCOMMIT ba0e0e4c6a +%define GITDATE 20221207 +%define GITCOMMIT fff6d81270b5 %define TOOLCHAIN GCC5 %define OPENSSL_VER 1.1.1k -%define qosb_testing 0 -%ifarch x86_64 -%define qosb_testing 1 -%endif - -%define qemu_package qemu-kvm-core >= 2.12.0-89 -%define qemu_binary /usr/libexec/qemu-kvm - %define build_ovmf 0 %define build_aarch64 0 %ifarch x86_64 @@ -24,63 +16,61 @@ ExclusiveArch: x86_64 aarch64 Name: edk2 Version: %{GITDATE}git%{GITCOMMIT} -Release: 2%{?dist} +Release: 1%{?dist} Summary: UEFI firmware for 64-bit virtual machines License: BSD-2-Clause-Patent and OpenSSL and MIT URL: http://www.tianocore.org # The source tarball is created using following commands: -# COMMIT=ba0e0e4c6a +# COMMIT=fff6d81270b5 # git archive --format=tar --prefix=edk2-$COMMIT/ $COMMIT \ # | xz -9ev >/tmp/edk2-$COMMIT.tar.xz Source0:edk2-%{GITCOMMIT}.tar.xz Source1: ovmf-whitepaper-c770f8c.txt Source2: openssl-rhel-740e53ace8f6771c205bf84780e26bcd7a3275df.tar.xz -Source3: ovmf-vars-generator -Source4: LICENSE.qosb -Source5: RedHatSecureBootPkKek1.pem -Source10: edk2-aarch64-verbose.json -Source11: edk2-aarch64.json -Source12: edk2-ovmf-sb.json -Source13: edk2-ovmf.json -Source14: edk2-ovmf-cc.json -Source15: edk2-ovmf-amdsev.json +# json description files +Source10: 50-edk2-aarch64.json +Source11: 51-edk2-aarch64-verbose.json + +Source40: 30-edk2-ovmf-x64-sb-enrolled.json +Source41: 40-edk2-ovmf-x64-sb.json +Source43: 50-edk2-ovmf-x64-nosb.json +Source44: 60-edk2-ovmf-x64-amdsev.json +Source45: 60-edk2-ovmf-x64-inteltdx.json + +# https://gitlab.com/kraxel/edk2-build-config +Source80: edk2-build.py +Source82: edk2-build.rhel-9 Patch0002: 0002-Remove-submodules.patch -Patch0003: 0003-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch -Patch0004: 0004-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch -Patch0005: 0005-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch -Patch0006: 0006-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch -Patch0007: 0007-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch -Patch0008: 0008-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch -Patch0009: 0009-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch -Patch0010: 0010-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch -Patch0011: 0011-ArmVirtPkg-set-early-hello-message-RH-only.patch -Patch0012: 0012-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch -Patch0013: 0013-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch -Patch0014: 0014-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch -Patch0015: 0015-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch -Patch0016: 0016-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch -Patch0017: 0017-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch -Patch0018: 0018-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch -Patch0019: 0019-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch -Patch0020: 0020-OvmfPkg-Remove-EbcDxe-RHEL-only.patch -Patch0021: 0021-ArmVirtPkg-Remove-EbcDxe-RHEL-only.patch -Patch0022: 0022-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch -Patch0023: 0023-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch -Patch0024: 0024-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch -Patch0025: 0025-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch -Patch0026: 0026-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch -Patch0027: 0027-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch -Patch0028: 0028-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch -Patch0029: 0029-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch -Patch0030: 0030-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch -Patch0031: 0031-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch -Patch0032: 0032-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch -Patch0033: 0033-OvmfPkg-QemuVideoDxe-fix-bochs-mode-init.patch -# For bz#1989857 - CVE-2021-38578 edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation [rhel-9.0] -Patch34: edk2-MdeModulePkg-PiSmmCore-SmmEntryPoint-underflow-CVE-2.patch +Patch0003: 0003-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch +Patch0004: 0004-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch +Patch0005: 0005-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch +Patch0006: 0006-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch +Patch0007: 0007-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch +Patch0008: 0008-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch +Patch0009: 0009-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch +Patch0010: 0010-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch +Patch0011: 0011-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch +Patch0012: 0012-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch +Patch0013: 0013-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch +Patch0014: 0014-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch +Patch0015: 0015-OvmfPkg-Remove-EbcDxe-RHEL-only.patch +Patch0016: 0016-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch +Patch0017: 0017-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch +Patch0018: 0018-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch +Patch0019: 0019-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch +Patch0020: 0020-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch +Patch0021: 0021-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch +Patch0022: 0022-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch +Patch0023: 0023-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch +Patch0024: 0024-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch +Patch0025: 0025-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch +Patch0026: 0026-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch +Patch0028: 0028-Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch +Patch0032: 0032-Revert-OvmfPkg-PlatformDxe-Handle-all-requests-in-Ex.patch +Patch0033: 0033-OvmfPkg-SmbiosPlatformDxe-use-PcdFirmware.patch # python3-devel and libuuid-devel are required for building tools. @@ -101,16 +91,8 @@ BuildRequires: dosfstools BuildRequires: mtools BuildRequires: xorriso -# For generating the variable store template with the default certificates -# enrolled, we need the qemu-kvm executable. -BuildRequires: %{qemu_package} - -%if %{qosb_testing} -# For verifying SB enablement in the above variable store template, we need a -# guest kernel that prints "Secure boot enabled". -BuildRequires: kernel-core >= 4.18.0-161 -BuildRequires: rpmdevtools -%endif +# secure boot enrollment +BuildRequires: python3dist(virt-firmware) # endif build_ovmf %endif @@ -188,54 +170,16 @@ git config am.keepcr true # -D is passed to %%setup to not delete the existing archive dir %autosetup -T -D -n edk2-%{GITCOMMIT} -S git_am -cp -a -- %{SOURCE1} %{SOURCE3} . -cp -a -- %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} %{SOURCE15} . +cp -a -- %{SOURCE1} . +cp -a -- %{SOURCE10} %{SOURCE11} . +cp -a -- %{SOURCE40} %{SOURCE41} %{SOURCE43} %{SOURCE44} %{SOURCE45} . +cp -a -- %{SOURCE80} %{SOURCE82} . tar -C CryptoPkg/Library/OpensslLib -a -f %{SOURCE2} -x -# Format the Red Hat-issued certificate that is to be enrolled as both Platform -# Key and first Key Exchange Key, as an SMBIOS OEM String. This means stripping -# the PEM header and footer, and prepending the textual representation of the -# GUID that identifies this particular OEM String to "EnrollDefaultKeys.efi", -# plus the separator ":". For details, see -# comments 2, 7, 14. -sed \ - -e 's/^-----BEGIN CERTIFICATE-----$/4e32566d-8e9e-4f52-81d3-5bb9715f9727:/' \ - -e '/^-----END CERTIFICATE-----$/d' \ - %{SOURCE5} \ - > PkKek1.oemstr - # Done by %setup, but we do not use it for the auxiliary tarballs chmod -Rf a+rX,u+w,g-w,o-w . %build -export PYTHON_COMMAND=%{__python3} -source ./edksetup.sh -%make_build -C "$EDK_TOOLS_PATH" \ - EXTRA_OPTFLAGS="%{optflags}" \ - EXTRA_LDFLAGS="%{__global_ldflags}" - -SMP_MFLAGS="%{?_smp_mflags}" -if [[ x"$SMP_MFLAGS" = x-j* ]]; then - CC_FLAGS="$CC_FLAGS -n ${SMP_MFLAGS#-j}" -elif [ -n "%{?jobs}" ]; then - CC_FLAGS="$CC_FLAGS -n %{?jobs}" -fi - -CC_FLAGS="$CC_FLAGS --cmd-len=65536 -t %{TOOLCHAIN} -b DEBUG --hash" -CC_FLAGS="$CC_FLAGS -D NETWORK_IP6_ENABLE" -CC_FLAGS="$CC_FLAGS -D NETWORK_HTTP_BOOT_ENABLE -D NETWORK_TLS_ENABLE" -CC_FLAGS="$CC_FLAGS -D TPM2_ENABLE=TRUE" -CC_FLAGS="$CC_FLAGS -D TPM1_ENABLE=FALSE" - -OVMF_FLAGS="${CC_FLAGS}" -OVMF_FLAGS="${OVMF_FLAGS} -D FD_SIZE_4MB" -OVMF_FLAGS="${OVMF_FLAGS} -D PVSCSI_ENABLE=FALSE -D MPT_SCSI_ENABLE=FALSE" - -OVMF_SB_FLAGS="${OVMF_FLAGS}" -OVMF_SB_FLAGS="${OVMF_SB_FLAGS} -D SECURE_BOOT_ENABLE" -OVMF_SB_FLAGS="${OVMF_SB_FLAGS} -D SMM_REQUIRE" -OVMF_SB_FLAGS="${OVMF_SB_FLAGS} -D EXCLUDE_SHELL_FROM_FD" - build_iso() { dir="$1" @@ -271,57 +215,20 @@ build_iso() { -o "$ISO_IMAGE" "$UEFI_SHELL_IMAGE" } +touch OvmfPkg/AmdSev/Grub/grub.efi # dummy %if %{build_ovmf} -# Build with neither SB nor SMM; include UEFI shell. -build ${OVMF_FLAGS} -a X64 \ - -p OvmfPkg/OvmfPkgX64.dsc - -# Build with SB and SMM; exclude UEFI shell. -build ${OVMF_SB_FLAGS} -a IA32 -a X64 \ - -p OvmfPkg/OvmfPkgIa32X64.dsc - -# Build AmdSev -touch OvmfPkg/AmdSev/Grub/grub.efi # dummy -build ${OVMF_FLAGS} -a X64 \ - -p OvmfPkg/AmdSev/AmdSevX64.dsc - -# Sanity check: the varstore templates must be identical. -cmp Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ - Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd - -# Prepare an ISO image that boots the UEFI shell. -build_iso Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64 - -# Enroll the default certificates in a separate variable store template. -%{__python3} ovmf-vars-generator --verbose --verbose \ - --qemu-binary %{qemu_binary} \ - --ovmf-binary Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \ - --ovmf-template-vars Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ - --uefi-shell-iso Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/UefiShell.iso \ - --oem-string "$(< PkKek1.oemstr)" \ - --skip-testing \ - Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.secboot.fd - -# endif build_ovmf +./edk2-build.py --config edk2-build.rhel-9 -m ovmf +build_iso RHEL-9/ovmf +virt-fw-vars --input RHEL-9/ovmf/OVMF_VARS.fd \ + --output RHEL-9/ovmf/OVMF_VARS.secboot.fd \ + --enroll-redhat --secure-boot %endif %if %{build_aarch64} -# Build with a verbose debug mask first, and stash the binary. -build ${CC_FLAGS} -a AARCH64 \ - -p ArmVirtPkg/ArmVirtQemu.dsc \ - -D DEBUG_PRINT_ERROR_LEVEL=0x8040004F -cp -a Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \ - Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.verbose.fd - -# Rebuild with a silent (errors only) debug mask. -build ${CC_FLAGS} -a AARCH64 \ - -p ArmVirtPkg/ArmVirtQemu.dsc \ - -D DEBUG_PRINT_ERROR_LEVEL=0x80000000 -# endif build_aarch64 +./edk2-build.py --config edk2-build.rhel-9 -m armvirt %endif - %install cp -a OvmfPkg/License.txt License.OvmfPkg.txt @@ -343,71 +250,31 @@ install BaseTools/Conf/*.template \ install BaseTools/Scripts/GccBase.lds \ %{buildroot}%{_datadir}/%{name}/Scripts +mkdir -p %{buildroot}%{_datadir}/%{name} +cp -av RHEL-9/* %{buildroot}%{_datadir}/%{name} %if %{build_ovmf} -mkdir -p \ - %{buildroot}%{_datadir}/OVMF \ - %{buildroot}%{_datadir}/%{name}/ovmf - -install -m 0644 Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \ - %{buildroot}%{_datadir}/%{name}/ovmf/OVMF_CODE.cc.fd -install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \ - %{buildroot}%{_datadir}/%{name}/ovmf/OVMF_CODE.secboot.fd - -install -m 0644 Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ - %{buildroot}%{_datadir}/%{name}/ovmf/OVMF_VARS.fd -install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.secboot.fd \ - %{buildroot}%{_datadir}/%{name}/ovmf/OVMF_VARS.secboot.fd -install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/UefiShell.iso \ - %{buildroot}%{_datadir}/%{name}/ovmf/UefiShell.iso - -install -m 0644 Build/AmdSev/DEBUG_%{TOOLCHAIN}/FV/OVMF.fd \ - %{buildroot}%{_datadir}/%{name}/ovmf/OVMF.amdsev.fd +mkdir -p %{buildroot}%{_datadir}/OVMF ln -s ../%{name}/ovmf/OVMF_CODE.secboot.fd %{buildroot}%{_datadir}/OVMF/ ln -s ../%{name}/ovmf/OVMF_VARS.fd %{buildroot}%{_datadir}/OVMF/ ln -s ../%{name}/ovmf/OVMF_VARS.secboot.fd %{buildroot}%{_datadir}/OVMF/ ln -s ../%{name}/ovmf/UefiShell.iso %{buildroot}%{_datadir}/OVMF/ +ln -s OVMF_CODE.fd %{buildroot}%{_datadir}/%{name}/ovmf/OVMF_CODE.cc.fd -install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/Shell.efi \ - %{buildroot}%{_datadir}/%{name}/ovmf/Shell.efi -install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/EnrollDefaultKeys.efi \ - %{buildroot}%{_datadir}/%{name}/ovmf/EnrollDefaultKeys.efi - -install -m 0644 edk2-ovmf-sb.json \ - %{buildroot}%{_datadir}/qemu/firmware/40-edk2-ovmf-sb.json -install -m 0644 edk2-ovmf.json \ - %{buildroot}%{_datadir}/qemu/firmware/50-edk2-ovmf.json -install -m 0644 edk2-ovmf-cc.json \ - %{buildroot}%{_datadir}/qemu/firmware/50-edk2-ovmf-cc.json -install -m 0644 edk2-ovmf-amdsev.json \ - %{buildroot}%{_datadir}/qemu/firmware/50-edk2-ovmf-amdsev.json +install -m 0644 \ + 30-edk2-ovmf-x64-sb-enrolled.json \ + 40-edk2-ovmf-x64-sb.json \ + 50-edk2-ovmf-x64-nosb.json \ + 60-edk2-ovmf-x64-amdsev.json \ + 60-edk2-ovmf-x64-inteltdx.json \ + %{buildroot}%{_datadir}/qemu/firmware # endif build_ovmf %endif %if %{build_aarch64} -mkdir -p \ - %{buildroot}%{_datadir}/AAVMF \ - %{buildroot}%{_datadir}/%{name}/aarch64 - -# Pad and install the verbose binary. -cat Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.verbose.fd \ - /dev/zero \ -| head -c 64m \ - > %{buildroot}%{_datadir}/%{name}/aarch64/QEMU_EFI-pflash.raw - -# Pad and install the silent (default) binary. -cat Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \ - /dev/zero \ -| head -c 64m \ - > %{buildroot}%{_datadir}/%{name}/aarch64/QEMU_EFI-silent-pflash.raw - -# Create varstore template. -cat Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_VARS.fd \ - /dev/zero \ -| head -c 64m \ - > %{buildroot}%{_datadir}/%{name}/aarch64/vars-template-pflash.raw +mkdir -p %{buildroot}%{_datadir}/AAVMF ln -s ../%{name}/aarch64/QEMU_EFI-pflash.raw \ %{buildroot}%{_datadir}/AAVMF/AAVMF_CODE.verbose.fd @@ -416,45 +283,16 @@ ln -s ../%{name}/aarch64/QEMU_EFI-silent-pflash.raw \ ln -s ../%{name}/aarch64/vars-template-pflash.raw \ %{buildroot}%{_datadir}/AAVMF/AAVMF_VARS.fd -chmod 0644 -- %{buildroot}%{_datadir}/AAVMF/AAVMF_*.fd +install -m 0644 \ + 50-edk2-aarch64.json \ + 51-edk2-aarch64-verbose.json \ + %{buildroot}%{_datadir}/qemu/firmware -install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.verbose.fd \ - %{buildroot}%{_datadir}/%{name}/aarch64/QEMU_EFI.fd -install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \ - %{buildroot}%{_datadir}/%{name}/aarch64/QEMU_EFI.silent.fd -install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_VARS.fd \ - %{buildroot}%{_datadir}/%{name}/aarch64/QEMU_VARS.fd - -install -m 0644 edk2-aarch64.json \ - %{buildroot}%{_datadir}/qemu/firmware/60-edk2-aarch64.json -install -m 0644 edk2-aarch64-verbose.json \ - %{buildroot}%{_datadir}/qemu/firmware/70-edk2-aarch64-verbose.json # endif build_aarch64 %endif - %check -%if %{qosb_testing} -# Of the installed host kernels, boot the one with the highest Version-Release -# under OVMF, and check if it prints "Secure boot enabled". -KERNEL_PKG=$(rpm -q kernel-core | rpmdev-sort | tail -n 1) -KERNEL_IMG=$(rpm -q -l $KERNEL_PKG | egrep '^/lib/modules/[^/]+/vmlinuz$') - -%{__python3} ovmf-vars-generator --verbose --verbose \ - --qemu-binary %{qemu_binary} \ - --ovmf-binary Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \ - --ovmf-template-vars Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ - --uefi-shell-iso Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/UefiShell.iso \ - --kernel-path $KERNEL_IMG \ - --skip-enrollment \ - --no-download \ - Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.secboot.fd - -# endif qosb_testing -%endif - - %global common_files \ %%license License.txt License.OvmfPkg.txt License-History.txt LICENSE.openssl \ %%dir %%{_datadir}/%%{name}/ \ @@ -468,11 +306,13 @@ KERNEL_IMG=$(rpm -q -l $KERNEL_PKG | egrep '^/lib/modules/[^/]+/vmlinuz$') %doc ovmf-whitepaper-c770f8c.txt %dir %{_datadir}/OVMF/ %dir %{_datadir}/%{name}/ovmf/ +%{_datadir}/%{name}/ovmf/OVMF_CODE.fd %{_datadir}/%{name}/ovmf/OVMF_CODE.cc.fd %{_datadir}/%{name}/ovmf/OVMF_CODE.secboot.fd %{_datadir}/%{name}/ovmf/OVMF_VARS.fd %{_datadir}/%{name}/ovmf/OVMF_VARS.secboot.fd %{_datadir}/%{name}/ovmf/OVMF.amdsev.fd +%{_datadir}/%{name}/ovmf/OVMF.inteltdx.fd %{_datadir}/%{name}/ovmf/UefiShell.iso %{_datadir}/OVMF/OVMF_CODE.secboot.fd %{_datadir}/OVMF/OVMF_VARS.fd @@ -480,10 +320,11 @@ KERNEL_IMG=$(rpm -q -l $KERNEL_PKG | egrep '^/lib/modules/[^/]+/vmlinuz$') %{_datadir}/OVMF/UefiShell.iso %{_datadir}/%{name}/ovmf/Shell.efi %{_datadir}/%{name}/ovmf/EnrollDefaultKeys.efi -%{_datadir}/qemu/firmware/40-edk2-ovmf-sb.json -%{_datadir}/qemu/firmware/50-edk2-ovmf-cc.json -%{_datadir}/qemu/firmware/50-edk2-ovmf-amdsev.json -%{_datadir}/qemu/firmware/50-edk2-ovmf.json +%{_datadir}/qemu/firmware/30-edk2-ovmf-x64-sb-enrolled.json +%{_datadir}/qemu/firmware/40-edk2-ovmf-x64-sb.json +%{_datadir}/qemu/firmware/50-edk2-ovmf-x64-nosb.json +%{_datadir}/qemu/firmware/60-edk2-ovmf-x64-amdsev.json +%{_datadir}/qemu/firmware/60-edk2-ovmf-x64-inteltdx.json # endif build_ovmf %endif @@ -501,8 +342,8 @@ KERNEL_IMG=$(rpm -q -l $KERNEL_PKG | egrep '^/lib/modules/[^/]+/vmlinuz$') %{_datadir}/%{name}/aarch64/QEMU_EFI.fd %{_datadir}/%{name}/aarch64/QEMU_EFI.silent.fd %{_datadir}/%{name}/aarch64/QEMU_VARS.fd -%{_datadir}/qemu/firmware/60-edk2-aarch64.json -%{_datadir}/qemu/firmware/70-edk2-aarch64-verbose.json +%{_datadir}/qemu/firmware/50-edk2-aarch64.json +%{_datadir}/qemu/firmware/51-edk2-aarch64-verbose.json # endif build_aarch64 %endif @@ -531,6 +372,15 @@ KERNEL_IMG=$(rpm -q -l $KERNEL_PKG | egrep '^/lib/modules/[^/]+/vmlinuz$') %changelog +* Thu Dec 15 2022 Camilla Conte - 20221207gitfff6d81270b5-1 +- Rebase to edk2-stable202211 tag + Resolves: RHEL-119 + (rebase edk2 to edk2-stable202211) +- Resolves: RHEL-75 + (edk2 builds should show the build version) +- Resolves: bz#2132951 + (edk2: Sort traditional virtualization builds before Confidential Computing builds) + * Mon Nov 21 2022 Miroslav Rezanina - 20220826gitba0e0e4c6a-2 - edk2-MdeModulePkg-PiSmmCore-SmmEntryPoint-underflow-CVE-2.patch [bz#1989857] - Resolves: bz#1989857 diff --git a/ovmf-vars-generator b/ovmf-vars-generator deleted file mode 100755 index 99bc4e5..0000000 --- a/ovmf-vars-generator +++ /dev/null @@ -1,296 +0,0 @@ -#!/bin/python3 -# Copyright (C) 2017 Red Hat -# Authors: -# - Patrick Uiterwijk -# - Kashyap Chamarthy -# -# Licensed under MIT License, for full text see LICENSE -# -# Purpose: Launch a QEMU guest and enroll ithe UEFI keys into an OVMF -# variables ("VARS") file. Then boot a Linux kernel with QEMU. -# Finally, perform a check to verify if Secure Boot -# is enabled. - -from __future__ import print_function - -import argparse -import os -import logging -import tempfile -import shutil -import string -import subprocess - - -def strip_special(line): - return ''.join([c for c in str(line) if c in string.printable]) - - -def generate_qemu_cmd(args, readonly, *extra_args): - if args.disable_smm: - machinetype = 'pc' - else: - machinetype = 'q35,smm=on' - machinetype += ',accel=%s' % ('kvm' if args.enable_kvm else 'tcg') - - if args.oem_string is None: - oemstrings = [] - else: - oemstring_values = [ - ",value=" + s.replace(",", ",,") for s in args.oem_string ] - oemstrings = [ - '-smbios', - "type=11" + ''.join(oemstring_values) ] - - return [ - args.qemu_binary, - '-machine', machinetype, - '-display', 'none', - '-cpu', 'max', - '-no-user-config', - '-nodefaults', - '-m', '768', - '-smp', '2,sockets=2,cores=1,threads=1', - '-chardev', 'pty,id=charserial1', - '-device', 'isa-serial,chardev=charserial1,id=serial1', - '-global', 'driver=cfi.pflash01,property=secure,value=%s' % ( - 'off' if args.disable_smm else 'on'), - '-drive', - 'file=%s,if=pflash,format=raw,unit=0,readonly=on' % ( - args.ovmf_binary), - '-drive', - 'file=%s,if=pflash,format=raw,unit=1,readonly=%s' % ( - args.out_temp, 'on' if readonly else 'off'), - '-serial', 'stdio'] + oemstrings + list(extra_args) - - -def download(url, target, suffix, no_download): - istemp = False - if target and os.path.exists(target): - return target, istemp - if not target: - temped = tempfile.mkstemp(prefix='qosb.', suffix='.%s' % suffix) - os.close(temped[0]) - target = temped[1] - istemp = True - if no_download: - raise Exception('%s did not exist, but downloading was disabled' % - target) - import requests - logging.debug('Downloading %s to %s', url, target) - r = requests.get(url, stream=True) - with open(target, 'wb') as f: - for chunk in r.iter_content(chunk_size=1024): - if chunk: - f.write(chunk) - return target, istemp - - -def enroll_keys(args): - shutil.copy(args.ovmf_template_vars, args.out_temp) - - logging.info('Starting enrollment') - - cmd = generate_qemu_cmd( - args, - False, - '-drive', - 'file=%s,format=raw,if=none,media=cdrom,id=drive-cd1,' - 'readonly=on' % args.uefi_shell_iso, - '-device', - 'ide-cd,drive=drive-cd1,id=cd1,' - 'bootindex=1') - p = subprocess.Popen(cmd, - stdin=subprocess.PIPE, - stdout=subprocess.PIPE, - stderr=subprocess.STDOUT) - logging.info('Performing enrollment') - # Wait until the UEFI shell starts (first line is printed) - read = p.stdout.readline() - if b'char device redirected' in read: - read = p.stdout.readline() - # Skip passed QEMU warnings, like the following one we see in Ubuntu: - # qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.vmx [bit 5] - while b'qemu-system-x86_64: warning:' in read: - read = p.stdout.readline() - if args.print_output: - print(strip_special(read), end='') - print() - # Send the escape char to enter the UEFI shell early - p.stdin.write(b'\x1b') - p.stdin.flush() - # And then run the following three commands from the UEFI shell: - # change into the first file system device; install the default - # keys and certificates, and reboot - p.stdin.write(b'fs0:\r\n') - p.stdin.write(b'EnrollDefaultKeys.efi\r\n') - p.stdin.write(b'reset -s\r\n') - p.stdin.flush() - while True: - read = p.stdout.readline() - if args.print_output: - print('OUT: %s' % strip_special(read), end='') - print() - if b'info: success' in read: - break - p.wait() - if args.print_output: - print(strip_special(p.stdout.read()), end='') - logging.info('Finished enrollment') - - -def test_keys(args): - logging.info('Grabbing test kernel') - kernel, kerneltemp = download(args.kernel_url, args.kernel_path, - 'kernel', args.no_download) - - logging.info('Starting verification') - try: - cmd = generate_qemu_cmd( - args, - True, - '-append', 'console=tty0 console=ttyS0,115200n8', - '-kernel', kernel) - p = subprocess.Popen(cmd, - stdin=subprocess.PIPE, - stdout=subprocess.PIPE, - stderr=subprocess.STDOUT) - logging.info('Performing verification') - while True: - read = p.stdout.readline() - if args.print_output: - print('OUT: %s' % strip_special(read), end='') - print() - if b'Secure boot disabled' in read: - raise Exception('Secure Boot was disabled') - elif b'Secure boot enabled' in read: - logging.info('Confirmed: Secure Boot is enabled') - break - elif b'Kernel is locked down from EFI secure boot' in read: - logging.info('Confirmed: Secure Boot is enabled') - break - p.kill() - if args.print_output: - print(strip_special(p.stdout.read()), end='') - logging.info('Finished verification') - finally: - if kerneltemp: - os.remove(kernel) - - -def parse_args(): - parser = argparse.ArgumentParser() - parser.add_argument('output', help='Filename for output vars file') - parser.add_argument('--out-temp', help=argparse.SUPPRESS) - parser.add_argument('--force', help='Overwrite existing output file', - action='store_true') - parser.add_argument('--print-output', help='Print the QEMU guest output', - action='store_true') - parser.add_argument('--verbose', '-v', help='Increase verbosity', - action='count') - parser.add_argument('--quiet', '-q', help='Decrease verbosity', - action='count') - parser.add_argument('--qemu-binary', help='QEMU binary path', - default='/usr/bin/qemu-system-x86_64') - parser.add_argument('--enable-kvm', help='Enable KVM acceleration', - action='store_true') - parser.add_argument('--ovmf-binary', help='OVMF secureboot code file', - default='/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd') - parser.add_argument('--ovmf-template-vars', help='OVMF empty vars file', - default='/usr/share/edk2/ovmf/OVMF_VARS.fd') - parser.add_argument('--uefi-shell-iso', help='Path to uefi shell iso', - default='/usr/share/edk2/ovmf/UefiShell.iso') - parser.add_argument('--skip-enrollment', - help='Skip enrollment, only test', action='store_true') - parser.add_argument('--skip-testing', - help='Skip testing generated "VARS" file', - action='store_true') - parser.add_argument('--kernel-path', - help='Specify a consistent path for kernel') - parser.add_argument('--no-download', action='store_true', - help='Never download a kernel') - parser.add_argument('--fedora-version', - help='Fedora version to get kernel for checking', - default='27') - parser.add_argument('--kernel-url', help='Kernel URL', - default='https://download.fedoraproject.org/pub/fedora' - '/linux/releases/%(version)s/Everything/x86_64' - '/os/images/pxeboot/vmlinuz') - parser.add_argument('--disable-smm', - help=('Don\'t restrict varstore pflash writes to ' - 'guest code that executes in SMM. Use this ' - 'option only if your OVMF binary doesn\'t have ' - 'the edk2 SMM driver stack built into it ' - '(possibly because your QEMU binary lacks SMM ' - 'emulation). Note that without restricting ' - 'varstore pflash writes to guest code that ' - 'executes in SMM, a malicious guest kernel, ' - 'used for testing, could undermine Secure ' - 'Boot.'), - action='store_true') - parser.add_argument('--oem-string', - help=('Pass the argument to the guest as a string in ' - 'the SMBIOS Type 11 (OEM Strings) table. ' - 'Multiple occurrences of this option are ' - 'collected into a single SMBIOS Type 11 table. ' - 'A pure ASCII string argument is strongly ' - 'suggested.'), - action='append') - args = parser.parse_args() - args.kernel_url = args.kernel_url % {'version': args.fedora_version} - - validate_args(args) - return args - - -def validate_args(args): - if (os.path.exists(args.output) - and not args.force - and not args.skip_enrollment): - raise Exception('%s already exists' % args.output) - - if args.skip_enrollment and not os.path.exists(args.output): - raise Exception('%s does not yet exist' % args.output) - - verbosity = (args.verbose or 1) - (args.quiet or 0) - if verbosity >= 2: - logging.basicConfig(level=logging.DEBUG) - elif verbosity == 1: - logging.basicConfig(level=logging.INFO) - elif verbosity < 0: - logging.basicConfig(level=logging.ERROR) - else: - logging.basicConfig(level=logging.WARN) - - if args.skip_enrollment: - args.out_temp = args.output - else: - temped = tempfile.mkstemp(prefix='qosb.', suffix='.vars') - os.close(temped[0]) - args.out_temp = temped[1] - logging.debug('Temp output: %s', args.out_temp) - - -def move_to_dest(args): - shutil.copy(args.out_temp, args.output) - os.remove(args.out_temp) - - -def main(): - args = parse_args() - if not args.skip_enrollment: - enroll_keys(args) - if not args.skip_testing: - test_keys(args) - if not args.skip_enrollment: - move_to_dest(args) - if args.skip_testing: - logging.info('Created %s' % args.output) - else: - logging.info('Created and verified %s' % args.output) - else: - logging.info('Verified %s', args.output) - - -if __name__ == '__main__': - main() diff --git a/sources b/sources index 8c37c59..8feaf0c 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (edk2-ba0e0e4c6a.tar.xz) = 651a817672922f8a2df89e2d7b0c37970f08ae7d542310c9ed6a52b2e3846463e86c8dfaff551830d9684af13551412c5b5602ba1e9e6fe8fc885dbe3d1248a9 -SHA512 (openssl-rhel-740e53ace8f6771c205bf84780e26bcd7a3275df.tar.xz) = 7444a1549d6593a69f113926c70bbfb1505aa355c12888198008153d79ec8d6aaebb1b996808485b811949495544cb2b272695011574401a312cf841727c0884 +SHA512 (edk2-fff6d81270b5.tar.xz) = 3b215ae200c6be355aa937ef933cc636867416a24e159a83852d7972b7b70f712df3773c429ed5ac5cc6e300fd6f733d6a5bc1b54a06fc0bc3f98ea14d7cb068 +SHA512 (openssl-rhel-740e53ace8f6771c205bf84780e26bcd7a3275df.tar.xz) = 8260c5faa963d0fc35ff9b17cacbbe7f7c1251f5b9243d63814313c230f6e0141b92e7a65d5adf5199795779261f738c26b9e93bfc007e96ee207b9a7ec6bea3