* Fri Nov 29 2024 Jon Maloy <jmaloy@redhat.com> - 20220126gitbb1bba3d77-13.el8.6
- edk2-OvmfPkg-Rerun-dispatcher-after-initializing-virtio-r.patch [RHEL-66188] - Resolves: RHEL-66188 ([Regression] HTTP Boot fails to work with edk2-ovmf-20231122-6.el9_4.2 and greater [rhel-8.10])
This commit is contained in:
parent
d69d9c3c54
commit
3c76f16083
@ -0,0 +1,45 @@
|
|||||||
|
From a56ec52966412cd44dd2427ba569d1e7b89a6c6d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
Date: Mon, 4 Nov 2024 19:00:11 +0100
|
||||||
|
Subject: [PATCH] OvmfPkg: Rerun dispatcher after initializing virtio-rng
|
||||||
|
|
||||||
|
RH-Author: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-MergeRequest: 106: OvmfPkg: Rerun dispatcher after initializing virtio-rng
|
||||||
|
RH-Jira: RHEL-66188
|
||||||
|
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
RH-Commit: [1/1] a62e445ae8e45d656aaa2ea5f1875541e658f1d8
|
||||||
|
|
||||||
|
Since the pixiefail CVE fix the network stack requires a hardware
|
||||||
|
random number generator. This can currently be a modern CPU supporting
|
||||||
|
the RDRAND instruction or a virtio-rng device.
|
||||||
|
The latter is initialized during the BDS phase.
|
||||||
|
To ensure all depending (network) modules are also started, we need to
|
||||||
|
run the dispatcher once more after the device was initialized.
|
||||||
|
Without this, network boot is not available under certain hardware
|
||||||
|
configurations.
|
||||||
|
|
||||||
|
Fixes: 4c4ceb2ceb ("NetworkPkg: SECURITY PATCH CVE-2023-45237")
|
||||||
|
|
||||||
|
Analysed-by: Stefano Garzarella <sgarzare@redhat.com>
|
||||||
|
Suggested-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
---
|
||||||
|
OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
|
||||||
|
index 70d648c7e3..eb97d67b62 100644
|
||||||
|
--- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
|
||||||
|
+++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
|
||||||
|
@@ -558,6 +558,8 @@ ConnectVirtioPciRng (
|
||||||
|
if (EFI_ERROR (Status)) {
|
||||||
|
goto Error;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ gDS->Dispatch ();
|
||||||
|
}
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
|
||||||
|
--
|
||||||
|
2.45.2
|
||||||
|
|
@ -7,7 +7,7 @@ ExclusiveArch: x86_64 aarch64
|
|||||||
|
|
||||||
Name: edk2
|
Name: edk2
|
||||||
Version: %{GITDATE}git%{GITCOMMIT}
|
Version: %{GITDATE}git%{GITCOMMIT}
|
||||||
Release: 13%{?dist}.5
|
Release: 13%{?dist}.6
|
||||||
Summary: UEFI firmware for 64-bit virtual machines
|
Summary: UEFI firmware for 64-bit virtual machines
|
||||||
Group: Applications/Emulators
|
Group: Applications/Emulators
|
||||||
License: BSD-2-Clause-Patent and OpenSSL and MIT
|
License: BSD-2-Clause-Patent and OpenSSL and MIT
|
||||||
@ -392,6 +392,8 @@ Patch117: edk2-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch
|
|||||||
Patch118: edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch
|
Patch118: edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch
|
||||||
# For RHEL-66236 - [Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-8.10]
|
# For RHEL-66236 - [Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-8.10]
|
||||||
Patch119: edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch
|
Patch119: edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch
|
||||||
|
# For RHEL-66188 - [Regression] HTTP Boot fails to work with edk2-ovmf-20231122-6.el9_4.2 and greater [rhel-8.10]
|
||||||
|
Patch120: edk2-OvmfPkg-Rerun-dispatcher-after-initializing-virtio-r.patch
|
||||||
|
|
||||||
|
|
||||||
# python3-devel and libuuid-devel are required for building tools.
|
# python3-devel and libuuid-devel are required for building tools.
|
||||||
@ -838,6 +840,11 @@ true
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Nov 29 2024 Jon Maloy <jmaloy@redhat.com> - 20220126gitbb1bba3d77-13.el8.6
|
||||||
|
- edk2-OvmfPkg-Rerun-dispatcher-after-initializing-virtio-r.patch [RHEL-66188]
|
||||||
|
- Resolves: RHEL-66188
|
||||||
|
([Regression] HTTP Boot fails to work with edk2-ovmf-20231122-6.el9_4.2 and greater [rhel-8.10])
|
||||||
|
|
||||||
* Thu Nov 14 2024 Jon Maloy <jmaloy@redhat.com> - 20220126gitbb1bba3d77-13.el8.5
|
* Thu Nov 14 2024 Jon Maloy <jmaloy@redhat.com> - 20220126gitbb1bba3d77-13.el8.5
|
||||||
- edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66236]
|
- edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66236]
|
||||||
- edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66236]
|
- edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66236]
|
||||||
|
Loading…
Reference in New Issue
Block a user