diff --git a/.edk2.metadata b/.edk2.metadata index fe107a9..71ce0e1 100644 --- a/.edk2.metadata +++ b/.edk2.metadata @@ -1,2 +1,2 @@ -858fffdab12810fb170144ffe1a9c39e9fface80 SOURCES/edk2-e1999b264f1f.tar.xz -2d79c58e492deec27d4ac583dd9c17a43c840487 SOURCES/openssl-rhel-bdd048e929dcfcf2f046d74e812e0e3d5fc58504.tar.xz +ae830c7278f985cb25e90f4687b46c8b22316bef SOURCES/edk2-bb1bba3d77.tar.xz +5a6547a1cc06af387b47642f96718bb0bdc4bbda SOURCES/openssl-rhel-a75722161d20fd632f8875585d3aa066ec5fea93.tar.xz diff --git a/.gitignore b/.gitignore index 55f0d70..345e141 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/edk2-e1999b264f1f.tar.xz -SOURCES/openssl-rhel-bdd048e929dcfcf2f046d74e812e0e3d5fc58504.tar.xz +SOURCES/edk2-bb1bba3d77.tar.xz +SOURCES/openssl-rhel-a75722161d20fd632f8875585d3aa066ec5fea93.tar.xz diff --git a/SOURCES/0008-BaseTools-do-not-build-BrotliCompress-RH-only.patch b/SOURCES/0008-BaseTools-do-not-build-BrotliCompress-RH-only.patch index 78d65ea..df8d529 100644 --- a/SOURCES/0008-BaseTools-do-not-build-BrotliCompress-RH-only.patch +++ b/SOURCES/0008-BaseTools-do-not-build-BrotliCompress-RH-only.patch @@ -1,4 +1,4 @@ -From dca56cf4d28bbbb1d3be029ce9a6710cb3f6cd2f Mon Sep 17 00:00:00 2001 +From cf62a9076777789bc8fef1d6769faeda26615aea Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Thu, 4 Jun 2020 13:34:12 +0200 Subject: BaseTools: do not build BrotliCompress (RH only) diff --git a/SOURCES/0009-MdeModulePkg-remove-package-private-Brotli-include-p.patch b/SOURCES/0009-MdeModulePkg-remove-package-private-Brotli-include-p.patch index 6046944..747e984 100644 --- a/SOURCES/0009-MdeModulePkg-remove-package-private-Brotli-include-p.patch +++ b/SOURCES/0009-MdeModulePkg-remove-package-private-Brotli-include-p.patch @@ -1,4 +1,4 @@ -From 9729dd1d6b83961d531e29777d0cc4a610b108be Mon Sep 17 00:00:00 2001 +From 0c26077c3c5265a39ae204ba77843274ff922085 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Thu, 4 Jun 2020 13:39:08 +0200 Subject: MdeModulePkg: remove package-private Brotli include path (RH only) @@ -31,7 +31,7 @@ Signed-off-by: Laszlo Ersek 1 file changed, 3 deletions(-) diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec -index 8d38383915..ba2d0290e7 100644 +index 463e889e9a..9d69fb86ed 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -24,9 +24,6 @@ diff --git a/SOURCES/0011-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch b/SOURCES/0010-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch similarity index 97% rename from SOURCES/0011-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch rename to SOURCES/0010-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch index ad9dd72..014279b 100644 --- a/SOURCES/0011-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch +++ b/SOURCES/0010-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch @@ -1,4 +1,4 @@ -From ed975a4db7c55e49ab9de1a0919baafdce9661e3 Mon Sep 17 00:00:00 2001 +From a5b59fe4517da90781a43accd05ce5b97ff5de63 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Thu, 20 Feb 2014 22:54:45 +0100 Subject: OvmfPkg: increase max debug message length to 512 (RHEL only) diff --git a/SOURCES/0010-advertise-OpenSSL-on-TianoCore-splash-screen-boot-lo.patch b/SOURCES/0010-advertise-OpenSSL-on-TianoCore-splash-screen-boot-lo.patch deleted file mode 100644 index 6fb626e..0000000 --- a/SOURCES/0010-advertise-OpenSSL-on-TianoCore-splash-screen-boot-lo.patch +++ /dev/null @@ -1,659 +0,0 @@ -From 8c815e04dda7897899dfa011063f779280cd4d5d Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 11 Jun 2014 23:33:33 +0200 -Subject: advertise OpenSSL on TianoCore splash screen / boot logo (RHEL only) - -Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] -> -RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase: - -- Extend the DSC/FDF change to the new OvmfPkg/AmdSev platform, which has - been introduced upstream in commit 30d277ed7a82 ("OvmfPkg/Amdsev: Base - commit to build encrypted boot specific OVMF", 2020-12-14), for - TianoCore#3077. - - We've always patched all those DSC/FDF files in OvmfPkg down-stream that - made sense at least in theory on QEMU. (For example, we've always - patched "OvmfPkgIa32.dsc" and "OvmfPkgIa32.fdf", even though we never - build or ship the pure IA32 firmware platform.) Follow suit with - "AmdSevX64.dsc" and "AmdSevX64.fdf". - - "AmdSevX64.dsc" consumes OpenSSL when built with "-D TPM_ENABLE". - -Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] -> -RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase: - -- Replace the open-coded BSDL with "SPDX-License-Identifier: - BSD-2-Clause-Patent" in the following files: - - - MdeModulePkg/Logo/Logo-OpenSSL.idf - - MdeModulePkg/Logo/LogoOpenSSLDxe.inf - - MdeModulePkg/Logo/LogoOpenSSLDxe.uni - - (This should have been done in the previous rebase, because the same - license block changes had been applied to MdeModulePkg/Logo/ in upstream - commit 9d510e61fcee ("MdeModulePkg: Replace BSD License with BSD+Patent - License", 2019-04-09), part of tag edk2-stable201905.) - -Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] -> -RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase: - -- trivial context update (performed silently by git-cherry-pick) for - upstream commit 3207a872a405 ("OvmfPkg: Update DSC/FDF files to consume - CSM components in OvmfPkg", 2019-06-14) - -- A note for the future: the logo could change completely in a subsequent - rebase. See (in - CONFIRMED status at the time of writing). - -Notes about the RHEL-8.0/20180508-ee3198e672e2 -> -RHEL-8.1/20190308-89910a39dcfd rebase: - -- Upstream edk2 removed the obsoleted network drivers in MdeModulePkg. The - OvmfPkg platforms were adapted in commit d2f1f6423bd1 ("OvmfPkg: Replace - obsoleted network drivers from platform DSC/FDF.", 2018-11-06). The - ArmVirtPkg platforms were adapted in commit 9a67ba261fe9 ("ArmVirtPkg: - Replace obsoleted network drivers from platform DSC/FDF.", 2018-12-14). - - Consequently, because the NetworkPkg iSCSI driver requires OpenSSL - unconditionally, as explained in - , this patch now - builds LogoOpenSSLDxe unconditionally, squashing and updating previous - downstream commits - - - 8e8ea8811e26 advertise OpenSSL on TianoCore splash screen / boot logo - (RHEL only) - - 02ed2c501cdd advertise OpenSSL due to IPv6 enablement too (RHEL only) - -Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 -> -RHEL-8.0/20180508-ee3198e672e2 rebase: - -- reorder the rebase changelog in the commit message so that it reads like - a blog: place more recent entries near the top -- no changes to the patch body - -Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase: - -- Adapted to upstream 25184ec33c36 ("MdeModulePkg/Logo.idf: Remove - incorrect comments.", 2018-02-28) - -Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase: - -- After picking previous downstream-only commit 32192c62e289, carry new - upstream commit e01e9ae28250 ("MdeModulePkg/LogoDxe: Add missing - dependency gEfiHiiImageExProtocolGuid", 2017-03-16) over to - "LogoOpenSSLDxe.inf". - -Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase: - -- For more fun, upstream completely changed the way logo bitmaps are - embedded in the firmware binary (see for example commit ab970515d2c6, - "OvmfPkg: Use the new LogoDxe driver", 2016-09-26). Therefore in this - rebase, we reimplement the previous downstream-only commit e775fb20c999, - as described below. - -- Beyond the new bitmap file (which we preserve intact from the last - downstream branch), we introduce: - - - a new IDF (image description file) referencing the new BMP, - - - a new driver INF file, referencing the new BMP and new IDF (same C - source code though), - - - a new UNI (~description) file for the new driver INF file. - -- In the OVMF DSC and FDF files, we select the new driver INF for - inclusion if either SECURE_BOOT_ENABLE or TLS_ENABLE is set, as they - both make use of OpenSSL (although different subsets of it). - -- In the AAVMF DSC and FDF files, we only look at SECURE_BOOT_ENABLE, - because the ArmVirtQemu platform does not support TLS_ENABLE yet. - -- This patch is best displayed with "git show --find-copies-harder". - -Notes about the d7c0dfa -> 90bb4c5 rebase: - -- squash in the following downstream-only commits (made originally for - ): - - - eef9eb0 restore TianoCore splash logo without OpenSSL advertisment - (RHEL only) - - - 25842f0 OvmfPkg, ArmVirtPkg: show OpenSSL-less logo without Secure - Boot (RH only) - - The reason is that ideas keep changing when and where to include the - Secure Boot feature, so the logo must be controllable directly on the - build command line, from the RPM spec file. See the following - references: - - - https://post-office.corp.redhat.com/mailman/private/virt-devel/2016-March/msg00253.html - - https://post-office.corp.redhat.com/mailman/private/virt-devel/2016-April/msg00118.html - - https://bugzilla.redhat.com/show_bug.cgi?id=1323363 - -- This squashed variant should remain the final version of this patch. - -Notes about the c9e5618 -> b9ffeab rebase: -- AAVMF gained Secure Boot support, therefore the logo is again modified - in the common location, and no FDF changes are necessary. - -Notes about the 9ece15a -> c9e5618 rebase: -- Logo.bmp is no longer modified in-place; instead a modified copy is - created. That's because AAVMF includes the logo too, but it doesn't - include OpenSSL / Secure Boot, so we need the original copy too. - -Because we may include the OpenSSL library in our OVMF and AAVMF builds -now, we should advertise it as required by its license. This patch takes -the original TianoCore logo, shifts it up by 20 pixels, and adds the -horizontally centered message - - This product includes software developed by the OpenSSL Project - for use in the OpenSSL Toolkit (http://www.openssl.org/) - -below. - -Logo-OpenSSL.bmp: PC bitmap, Windows 3.x format, 469 x 111 x 24 -Logo.bmp: PC bitmap, Windows 3.x format, 193 x 58 x 8 - -Downstream only because upstream edk2 does not intend to release a -secure-boot-enabled OVMF build. (However the advertising requirement in -the OpenSSL license, -"CryptoPkg/Library/OpensslLib/openssl-1.0.2*/LICENSE", has been discussed -nonetheless, which is why I'm changing the logo.) - -Signed-off-by: Laszlo Ersek -(cherry picked from commit 32192c62e289f261f5ce74acee48e5a94561f10b) -(cherry picked from commit 33a710cd613c2ca7d534b8401e2f9f2178af05be) -(cherry picked from commit 0b2d90347cb016cc71c2de62e941a2a4ab0f35a3) -(cherry picked from commit 8e8ea8811e269cdb31103c70fcd91d2dcfb1755d) -(cherry picked from commit 727c11ecd9f34990312e14f239e6238693619849) -(cherry picked from commit 740d239222c2656ae8eeb2d1cc4802ce5b07f3d2) -(cherry picked from commit cee80878b19e51d9b3c63335c681f152dcc59764) ---- - ArmVirtPkg/ArmVirtQemu.dsc | 2 +- - ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 2 +- - ArmVirtPkg/ArmVirtQemuKernel.dsc | 2 +- - MdeModulePkg/Logo/Logo-OpenSSL.bmp | Bin 0 -> 156342 bytes - MdeModulePkg/Logo/Logo-OpenSSL.idf | 10 +++++ - MdeModulePkg/Logo/LogoOpenSSLDxe.inf | 56 +++++++++++++++++++++++++++ - MdeModulePkg/Logo/LogoOpenSSLDxe.uni | 17 ++++++++ - OvmfPkg/AmdSev/AmdSevX64.dsc | 2 +- - OvmfPkg/AmdSev/AmdSevX64.fdf | 2 +- - OvmfPkg/OvmfPkgIa32.dsc | 2 +- - OvmfPkg/OvmfPkgIa32.fdf | 2 +- - OvmfPkg/OvmfPkgIa32X64.dsc | 2 +- - OvmfPkg/OvmfPkgIa32X64.fdf | 2 +- - OvmfPkg/OvmfPkgX64.dsc | 2 +- - OvmfPkg/OvmfPkgX64.fdf | 2 +- - 15 files changed, 94 insertions(+), 11 deletions(-) - create mode 100644 MdeModulePkg/Logo/Logo-OpenSSL.bmp - create mode 100644 MdeModulePkg/Logo/Logo-OpenSSL.idf - create mode 100644 MdeModulePkg/Logo/LogoOpenSSLDxe.inf - create mode 100644 MdeModulePkg/Logo/LogoOpenSSLDxe.uni - -diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index 7ef5e7297b..54d637163c 100644 ---- a/ArmVirtPkg/ArmVirtQemu.dsc -+++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -433,7 +433,7 @@ - MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf - MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf - MdeModulePkg/Universal/BdsDxe/BdsDxe.inf -- MdeModulePkg/Logo/LogoDxe.inf -+ MdeModulePkg/Logo/LogoOpenSSLDxe.inf - MdeModulePkg/Application/UiApp/UiApp.inf { - - NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf -diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index 5b1d100575..6cdbfc39be 100644 ---- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -@@ -196,7 +196,7 @@ READ_LOCK_STATUS = TRUE - # - # TianoCore logo (splash screen) - # -- INF MdeModulePkg/Logo/LogoDxe.inf -+ INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf - - # - # Ramdisk support -diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc -index a542fcb157..f598ac6a85 100644 ---- a/ArmVirtPkg/ArmVirtQemuKernel.dsc -+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc -@@ -369,7 +369,7 @@ - MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf - MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf - MdeModulePkg/Universal/BdsDxe/BdsDxe.inf -- MdeModulePkg/Logo/LogoDxe.inf -+ MdeModulePkg/Logo/LogoOpenSSLDxe.inf - MdeModulePkg/Application/UiApp/UiApp.inf { - - NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf -diff --git a/MdeModulePkg/Logo/Logo-OpenSSL.bmp b/MdeModulePkg/Logo/Logo-OpenSSL.bmp -new file mode 100644 -index 0000000000000000000000000000000000000000..4af5740232ce484a939a5852604e35711ea88a29 -GIT binary patch -literal 156342 -zcmeI5d(>~$xW~&aw_M64NYZ7LkVerMIgB$pYT%5)88Oa?KguvP -zI4QXdhfYMHh=?MQLQ0BCrP`(4zMRjyzxCbEZ>}}xTJLYa@9y1uKfkf|+RvQxna_OY -zcg^)(&zft#YrS&!|2yzL>&^VO;olbgyJY?K);pa4*I#cF_W4_@5Lmu^`C8SVd%H7l -zd)wQ-|NZYj=s^#f&XKk6aIEP)deoyH_4&_#{_lVP`%O39^p&rC<)truY4^x-xPS12 -zA8_cqMVXTbv=CU+PmfmLR(siwJMQ?$KmPI2kAC#jEw6otV@>bT_rCYN4}IuEk9fo* -z9`Jw%JnwnW`{56N_@4K?r+a)K^O(n6am5v{dey7CMVXTbR1sLyPmgNHR(rvH?sK2t -z{N^`rdefU$rRBBnaIEP)+Is7)?{~lZ`Iv68#THy*os7a;-tv}T|N7VKug`SBI`Auw -z>$~3du0Q?hPm32XzWnmb4?g%{15l_rUji4jU;gr!cieHu#TQ?^!wx%KcinZIMHId8 -zg)jW^kAJ*q(W0AgzWJNq{N|IN{Nz{>pwXu-Zb?o%?X;&ns#NVBjEGTfBy4FKl;%d-}uI8v#o%s?k`p^WRzo0Z5W`_D6$a? -zvU$J(2b_EExet8c17m)1nB4m7UiZ3R{Nfi*BE(uTSy+fksx%IV4gTQ|e{hr?Ww-vE -z=R5~xhBrCvk;!o>!l1&Sj-5fXjcubxvmIcy6SJ0&Z_&>v*L;pTROffdA%`%YZ@cZb -zGtWE|{#~+UiSoP1LngcKx~odp@_mG9&pr2qcDLDP8zy2n62JT1?|jZjwJsve+I;xK -zAAazIAN<_sKKHD%&VqxabIv*Ey!XBD-EhMVIrk1f{P45SKHGJ7*<}|lfG>O5%V_KI -zkAM6}Kl)MV#-$cwyHQ4=NV*F2hx0h2oI=gXkq*en7r*#LxRv|jhdksVSmqi7p`3W) -ziEeb+vSmN}+0U5OqLfQL(CxO{ZYpgwWM>Lj-}=_KUVr`d?|kPwH`!#9``-7y%$@DN -z`|iK}?Qi$mYcFXIDioIOXHAIujbYFz!m^E6AoC4xcmv_gBOm$5sDNA?CUW!x)en5& -z1NWq6{*TsTvak@7jl&TwoN&SkhBV4Et*-cSkBlh=BJ7dh{qA?)Q#kYgpu(Vzd)LOc -z(W5B_Snb5D<LCly@%?cI>&^Fp=BPF>?_bNldT>4z)+u#27YhLpjCu>496=n2` -zq%9Qrwd6<#Fw4C#mkJZQ8rook4H!=ZYf93}YhU|X`v8nwlay>URP*iUKmR$=oUKWC -z#xtIA)m2wX9#kkS7pA(&sNWa{jUsH?hy^C{fbL08dXidnepD`;;WG1r7rY>5##*sr -zEnhmd!x1e*1U}EBY@Jh2J@qF)`H3#H?75jc<&;xgiZG}!QU|p`Y->H5Vt~ai6ep&O -ziu?j?sWp5q^a*LXW3%!1z3+Wi=ps)D$Ti!_YqMY!=;Vzz-e?*niA;_Zd>bsq6mZAOCpR!ye{jO^BwVjDC@{g(AO}9O(dN&p6|Zcf8{rwr>Gm -zcFayIJX>%P5$iSAT%%;8p_*^Ryf$TlM-$gxd##d#3Wa4GsR>cPF$@|-Shf*_BaS%Y -z#V>v_F)6o1Zqy1<*`*SIi=M{JSSwbn7Jr_# -zunqzWPDZ&XvQ9U@R%@gK7-TBov5$RhY(g?)l=U={X(e*v{qKMOJMX+xMU94Pz7=gT -zK$&oWDS9shD0dYK%Z0&iGV0@SZ5T9)uxTR*oS96Nzv30Ih;3ORDn|w6yY9LR^kQbL -z6)V>ArBgc`(K0eOF`Vtnj50aTeC9KGGQs>99pRF|-5VhxgMk|n=?^N5F(Om!2eGa7 -zXo>+=J27kdxL2Spw;Mhe`W)6csCX6^6$<28Bf(=2BeOOO5d}tDyv8E)+)SNE?coo9 -zcnyeX1RW>8{N*n*xx=HXCqD6sMO`e%SeuE?E3dq=(21rbGd`rlvoE(&)GG2xa@ttO -zr6V1nB10!Wy0xh|N-zrvx`?j*?Qefmve6K=YCQscrpy44UjIu+>&u@o@F|&wqYw*9uWNDj@g9zr9B=S}P1vR686+b07cs$M@cQ -zZ)HZA9HQN?fBowS=bd-nQAZucL9U`|p;R#QO1`FiZ(fF4s%Qz?d>Q}#-r%VDGuz30;xx0^0QtBkc5pOzT -zMP`$;+{w6 -zH{5W8a%j}gD#>B0jui_kYBW^q5l}N;zx1Uqap~gzJqA9qIjB&8pjwT6)Nc%fMiIts -zL;~RA-VBcb3QU(O`l6 -zIy(Q$Di$8xzvx9TA}Aw%VZuw#mk2g_!UjJ+^{G$gxsyS(5TPW~N!DpGeTFqynDq~e -zAXJM7`Yc8PcUBaz3W6s~uYBbzZP0>Ek#qa)w{yJVBdQ#G?6LfPl+~gTtB}u)3HMf%xC9#(>mO=IFj^}NHV#Lj -z$@Btox_pQ-IgClIHe-zhH`?@_%%?y7>Aq1LR2XAKO|x%f+vw301FUvp*79+$KwECt -zeC{#^7{VZHYZoc{E-}%mW2voVQLYHuQRNHUA{h)X_hzVlkSY+9jx!LDA1`EGb -zg#`eGHC15}Sv~sHr#__|W)Fy(d7O&p)Q#&m$2fqIefHUh=5WAXA%F>lD`sK7lE(`y -z{J8MK3u%RiPAnaZ%DoLWdPG>wn!IQMnYBB|AAh_u2NjH4VWgHU^m~Va>NbjO!~#{A -zSpxPWk316D`Q5{0$CzeeHqc3g-XmC8h{?gjVK>wY5AiqMbkjm6)bI=vrBw0ib@-RH -z>Vpax9HXOlwXb12*rVAFu-b`P%g4O}G`rpFb1!2Mze6DWl>m3uET-nfk2AvYC~#)Q -z#U5^JZ4wkHy#0}}mC!ZV}nnU^RZ+|=Y -zYqY`)8dJ|u7}r83g1LuKD}xHN?e%Q+dpm0*7JAi`SsW&7f;JaRFUuvrX05PLByDg| -zAllk@-+iSP<-v;UltS$&%oPYmp6Hm>!3=}Bvb><}5SbEG_RcCSXus>u@z*u6a8AYz -z7izBaM8PwE{kCWk0uRUH)jPI0Co(scOxLgqhv<*VAC~SFF?CyEOs~z)>P3# -z!%lISq9!v@kf~Rp)vOg3iexm{mYHq*+~+98SlwjuW6_)6kV?67iuJ#*kP`pX+h-iwYql3 -z-vj~g?13`Eld^&4y-;r^w2{Wh%;l|SjUgq -zSeR08fgx~jjawGs@)w~j^p1arwm`7Cw=h{C-RF%Qyl-TII5XCbb^Mr(g(>wG7y|e1 -zxc%ShrZ`6<0RHgQodrAoh -zSgFbiHWu-)l-PgPQu`y9%`-LB*)t -z0JfJO;vrkhX;mA~d>btkWqVqn>;_z44NA{74Ak~PcLuen4MjgBgk{AzSHT(Yy+ZOeZa@tiM7kUSc0hsS^LlI)1XD -zu-16XJ)ss?51ZxhVqLfPQ4C%L5#O@rx(KctGrRePnv*rlR;al|6OE2EzAq5{Y(Qp|I9?%YE^} -zI*hok1sdfQXioAP9eoWfIwRRSMNyGoOV%t~-$LOM$wo&S-xsi-ZK$PI=rmA`ep0tc -z(oF(eLQ9I+7awKdm9>0KkF$k?%PW5P#p+R}`k1bvHXS&GicEk|{j;C_EWrzcevL-$ -zUK^a+xNTT&bm1PqX8y;4XdIcl2P^Puz~BG=_e@jpx6Zr{$@x)m7i6tg)NnOc8T0KG -zH5A>B=W?T==xX$~`@U03=lt_4MeDKGk_&~#kciGV`a8%E6FwBp_xfZV3#dVMwXaUZ -z2B;E&W>opzX3-i|8gIELz=^Lxh%fXhj5tY^-q)GakaeP;-TXq$$(m&=SdjggY;>gY -zeStAh*K``FM#qZo4}NojNb{Iuj$sypfk>ygGmX}wjO9kx1d;aBfx`z$^%@;M!5Lrf -z+-TJ9wZW;4+lJ*v7h+FwAdY8bDq4Z}&uQj?7ma@66Q6K?6x;4>S -zKTO5P2=S8*6vcPfH{Np3Gm5CmMc8gzP@_&Vq*guth16s=KKiU#cGDILmq<1`()hl> -z7^rJH4OAO`j``+-dZ#@M60IS}YFFFf)W&VY -za-$2er#KLe<3FBAfjbEXm_Akn+3^P3!IK$ly=N;18?Huw#(aAP{le{dE;kyYR_}R) -zK~7|@Gz{JO`}_*6#~(K+ykd}PdUv1FI93}&LI|j0qrZdv;HGB;nx9CoNRT=BEr8-y -zt7}9#n2J+f%pdua4HU&^);zX~Gqy})`@0yYpMHAO+;!Jo?Y0FsCxJJh*WPbbRI%qp -zKFQt>Vbm=t6%*pub_){ -zCA$l<)_b;6)NnQ04>SzuFu1i70ta6~A`DdXC=j -zVqk`4D7>weC&k1#JZWL!jyLuB?XwXz%QkDF -zYqrr5PP5vlI>ta<(`lgE@N@8+3#4^wr`@sI7!sJZ -zwFa<*{1Dw+X))&ZehVNrkKA~Py-jg));`(L`|f%k_;kOEA#2R>F-&>v&SO*N#SDZ6 -zsm0{}`|r=14;04_w9-uBbSZj=1wN7F69NU_jq_;m>nei^@i<1$qui^bsVeoc`^}x+ -zAt9U5S_9ZFKNN>-rH9d?b9*ygx)6j_@o?%-7_>V+olDczYI`!KG(N+W{yf1l#+jPV -zJb^P$W_x?l+g5L8Z}nPcJXou4jWBREe|v>~4Sro^P+?5R3mxu;`Kr^$KK3!bc3Q)B -zp7K{7GJLB2)HbE_`RQDmu2$QVk)=!-$B&ZC6D%X0=~bI2aOTPE -z_%5uv1My(3x-~rK2`X_PQSi){S60inS7?;G_|^RR6>cv1OD?_>7#DK%9=JKrjE8K% -zcXytO^3f -zh{|LlkO+)LU{y}MteXgcz}TUddWk?HP#};Dk_fCK0>y~RWFn9Vj77lb-f>49a@bDW -zvK_w54ib*s{pCdx`+U+ -zL?96;5bzlY?QXxpdau}UJ@!$syxXQ5q73aGyxmqJXzi(}&18)loO{B59Cgxv9?fRK -zGC6E8Cd>;{dpqxp|BbSes6n+?U4Ch?snnTE?z(I7op-|2i*CK8u_gaB`L?96ui-6BS*c0;IaijISoAXhIH_;?CZfvMU{uK+yJwdei7xpya)&%n}p|03g -zVec{f?S)OK87d(k{zVgdCG2(Zi!3fyChT0}-(|~|8H%-D_{5vhUWL{rld#LnSaW -zdl(rV7+DHj1K8kV;$k8`8bucWQk^8VFrw)cWOAsE9fgMChaRR3Q`NWYVa52T-<54&6jk -z&Cv=uR6zkZFhVQH*dZSr$fT4W(VQxhqq!!O$+t`R2|g(6prEYk>W&aoU2^1)_Qi}i57aDByd`it`*14L?zOuC7O`Zb -zMM~LYoFcX8D~-GwJJeDy5l93I1au0qhakki#Jok=YdS`4B>zGjXmW1XHcBB@&gTa6 -zs!05+XpS?VO~e5&U>wSTeIObr16HCJ=3h$T8Xn3K^O7k}fl8n!+7)NPDOiU7AT<=| -zAg0iv6iR|pQJ^_2tB8suu`CO^6X)`P8r~{yrBQUWrxs@M8M7#08Fr>RnN-mpQfr!>mb@vk@wzKEOR -zUl^giiGN`YjEEEA6vzVN5FLCf^F!?L~r8=F3M#awb7i(l9P#3zPvj~*JI}jH6 -zvH&a53YyTC%;Eq!I3V;C|9bv`y0Dc3iAGIIQD!bNZhJgfN!PI&Qb?_NaASq*^_Otm-EAV*Ox -z71_`i=aOjw!h&w#6gGH-O)`5(2Q@emuc)h1sN`V1TtIb}6UZ^3OpwW>AaE8mtNaaDbuBl=~Wik;+1jZuZ^Q{*DihtS9mVXuh#+bL@ -z;@R>q?8C{=X3m9KyurT&nC9FPkxLoM|ZfkdD{z-Jwk38Gqf -zHpah7vXA`BO=$0i5#66E{x$h3ZiRo9qrLf;XpXS1wxOo@H_~pDMZsiV>B`L?96ui-1pi)&}t0pQmuO -zjkyJsVOUMgmwe@7qN10I9 -zJnQFaaaNa1)QE6v^SRD1_?K{4D-+mj;go%g0uR}&)}73yl*wXNFR*9xaw{yTA~}>Q -z^yXO{Nm+}UZVorxR_(zZI&Klm=)3wD;a`iFUw_NQw&>0=^=5RKxw+-`m35JqR3^8{ -zrxeRA9$jrv$M08l~3*$q$_%GvhQ_IVEC`YEO>5ms|O#*GH -zA@<#MSL75e(kPl-$q4fcQ$-RIJm=Eod;Hh(Est8h-d+>i#s@Dy=!E5`oxgl>eR>8$ -zM1krkyE^g?$1Xqq%o*w|ezZlY+Pe6vqHrRKSz1RkS|&+b80r0u9crnU2qXdp0zRW) -z4VIvFX*cGe+#CNEER5O|{0mEpG}#kk+p$8R2n9A4Y0!#FVNzIC)uCM}cn`xyUWQdw -z3l@f;rKYP((H5Gr$(|rLmcp6r6t4$t%^Y9|aV;zhXpXG7(4w#v;g_pi8C^6vkSC$P`*s&}yzMDvEz)yfEm_ -z7UYXRGFxzcmx9L*wbV-l5`h8%pMLP~9LB%3=Wpg;go2x>0+)%o8vF~Zq89m=8Cd=C -zh%$?Ne>j>DUY1daGYOG@d*ffVC6^rkGL@mInS2bQ<2aW&VtOG?S1le_8es(DS&^Xk -zFeC9Su_qJ3Y**b-5;U4*`X`oDb(k?0LCujvDP6ka&x@(cq=c!tmw#h`jB%3jM^Y`y -zNMWHEQJG8x5`nP@_%s{jUojMf0^?{?jOnBWY)-+yFfw#D$iGlCYHW^wp+8SPz>LgA -zxKk3KPLxHL@UNLv{EI2rc`*KUEoNYRognNj+EU-$99$e9+{IXuxV83N3s#LmE}Hr= -zBkX(#u{+O;T5Q5ZDS8!$I`eL$EB>Pi6EtMq{Y3^R){eiiLoM|ZfkdD{z$en+`~y)W -z%9{V}WnN{nM~$enJ^#=f|B6^)w^_x%G{;MG9N{wOK>c$Hz0j310?+`MpPyffka>|0zQid`L~FF3kr@&Y_87uSIrS}iWU{m5(sm_ -zfR~|it^|;>m=rY=;$ZwM{#8isTHt^wHkxpzVUz$GcE%h%7-JSj2s6#sVp|2F;#SzO -z_ebn31?oCbZO6anda6(t)}~_IlT?l}i>Aj8wbV-l5`h8%pTqEPTzaT>uOf~q|a}+cx{*6-y -z&|I9i^&uz(0##TKvO`&G(L4zNOLoIpRVO~J@vqptTM_#z8o4J%4&iUU|F<}$GMNaB -zM!@I%$oLm#G0)ZnY{HE2X?u(F15{Z>{>1_l!5E<AqhNaBmwkID7H=H#8LX<@iYMn@?(6@eye;fR3%8nG=%~X!f%J}H9 -zmWqi$A~1=7&)c~bc<96*r?r1Yi|~}mZnpEk%p}10SYXp?1Oiq4EgX!@GebgS887A^ -zplJoOD0mrz9rH8-I^FqS42oN=Z$b0F3c5wy+~Y%S;x9i>v;Ihd(AE6tx!s~}q+095 -zOig9PT5`Z>N@_#zD%)aez~YZ -z5<7N=$qFe%>YSQ?x$AdKia@Aa{8+&j*FV6U`iXy47lw^b&!j*|>&ruzpwW?n*q^?{ -z-{`THiitoXFo}RqBw{_Njg6ab36h;eKpBSh#I6J<;T_3@y*4{uSQY-oD<}^_giK*r -zE(Z32Kp3w?h?ElWdfvn9e<5ELp{eC-=x`~bme@J2n&9f9Xj--4Xoto`+_4t^U{DA^ -zgdamB9JKZss5qfIuEVafQ{8IFHZ(DOQ1 -zL2xbpxXzOgb_Q=@TibUgI`Lgj(=e> -zMU)Nx~l!_3pH4%7MB!8D7Ym`!#`P^=;NZCbo -zYOx$bt!NLA<3PMHxQa+n1P7P-kAtlc1qjqsh;qTF)Ya?(MW}frTqQq}wQSO~Vq}Qh -z(-f*jPBe}T?|02&p|)mY^jJ&9L?98EM8M}fR1&GSE3cmU2gQ#K{RlEdP#0v4%e#ImMtXlgq`3qxe(=XJ#6JYIXtR@d=>u^LP`e(>mc9&@wKiE -zc&HqAVc`n|ry^h7)I+R9qY#{9VVIYkI8%WpISctWdaR{lB9I77BH$Byb;iFCsAmRr -zzpp*yt4)&zWELCVdj1!(?!C=-j~1rjIaU)fH~SDS;V>JF?Dc?VD+y4lwj$q2yfy#A(Q6|A(gmX6F3%RUOA>-!_~c7> -zMvt{rOau~vNd(NlgYhpEjPjh!KVV9MEl;c1khOQTTV%Qv2e=GKpUn9EA$Mer5cK^a -z0$zgOF7uMf$_Hj(*NETbfXY-NkO+)Mz-Ku8OK1r*D%6!w>``Ws028(CB@lz_AM`0q -zf7)`qfCKTHn1cVw*|W7Di!H#8j2>&Lm&Lm -z3nA`FS~-P8zz9qZs7xgSiNI(Cd=~L6i)U-?&B`ex0!Co;SWCr3AQ6~Ez-LjxzeQ5K -zY~>UZ0V6OupfZ&RBm$!m@L9z4LO1x0ER1aB6cPa=FnX+|Vj_?TOd{a3C{nG6SUEA@ -z$|)oQMqqM4WhxO!1V$s^v#1gOnu4vILLy)UMvt{rOau~vNd$ZrnPj`O5YDl33Wf`WzQnLf`< -zN(2&t(Fph~a{Oz~wUF}&Lm -+// -+// SPDX-License-Identifier: BSD-2-Clause-Patent -+// -+// **/ -+ -+#image IMG_LOGO Logo-OpenSSL.bmp -diff --git a/MdeModulePkg/Logo/LogoOpenSSLDxe.inf b/MdeModulePkg/Logo/LogoOpenSSLDxe.inf -new file mode 100644 -index 0000000000..d1207663b2 ---- /dev/null -+++ b/MdeModulePkg/Logo/LogoOpenSSLDxe.inf -@@ -0,0 +1,56 @@ -+## @file -+# The default logo bitmap picture shown on setup screen. -+# -+# Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
-+# -+# SPDX-License-Identifier: BSD-2-Clause-Patent -+# -+# -+## -+ -+[Defines] -+ INF_VERSION = 0x00010005 -+ BASE_NAME = LogoOpenSSLDxe -+ MODULE_UNI_FILE = LogoOpenSSLDxe.uni -+ FILE_GUID = 9CAE7B89-D48D-4D68-BBC4-4C0F1D48CDFF -+ MODULE_TYPE = DXE_DRIVER -+ VERSION_STRING = 1.0 -+ -+ ENTRY_POINT = InitializeLogo -+# -+# This flag specifies whether HII resource section is generated into PE image. -+# -+ UEFI_HII_RESOURCE_SECTION = TRUE -+ -+# -+# The following information is for reference only and not required by the build tools. -+# -+# VALID_ARCHITECTURES = IA32 X64 -+# -+ -+[Sources] -+ Logo-OpenSSL.bmp -+ Logo.c -+ Logo-OpenSSL.idf -+ -+[Packages] -+ MdeModulePkg/MdeModulePkg.dec -+ MdePkg/MdePkg.dec -+ -+[LibraryClasses] -+ UefiBootServicesTableLib -+ UefiDriverEntryPoint -+ DebugLib -+ -+[Protocols] -+ gEfiHiiDatabaseProtocolGuid ## CONSUMES -+ gEfiHiiImageExProtocolGuid ## CONSUMES -+ gEfiHiiPackageListProtocolGuid ## PRODUCES CONSUMES -+ gEdkiiPlatformLogoProtocolGuid ## PRODUCES -+ -+[Depex] -+ gEfiHiiDatabaseProtocolGuid AND -+ gEfiHiiImageExProtocolGuid -+ -+[UserExtensions.TianoCore."ExtraFiles"] -+ LogoDxeExtra.uni -diff --git a/MdeModulePkg/Logo/LogoOpenSSLDxe.uni b/MdeModulePkg/Logo/LogoOpenSSLDxe.uni -new file mode 100644 -index 0000000000..6439502b6a ---- /dev/null -+++ b/MdeModulePkg/Logo/LogoOpenSSLDxe.uni -@@ -0,0 +1,17 @@ -+// /** @file -+// The logo bitmap picture (with OpenSSL advertisment) shown on setup screen. -+// -+// This module provides the logo bitmap picture (with OpenSSL advertisment) -+// shown on setup screen, through EDKII Platform Logo protocol. -+// -+// Copyright (c) 2016, Intel Corporation. All rights reserved.
-+// -+// SPDX-License-Identifier: BSD-2-Clause-Patent -+// -+// **/ -+ -+ -+#string STR_MODULE_ABSTRACT #language en-US "Provides the logo bitmap picture (with OpenSSL advertisment) shown on setup screen." -+ -+#string STR_MODULE_DESCRIPTION #language en-US "This module provides the logo bitmap picture (with OpenSSL advertisment) shown on setup screen, through EDKII Platform Logo protocol." -+ -diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 66bbbc80cd..52bcae6cf6 100644 ---- a/OvmfPkg/AmdSev/AmdSevX64.dsc -+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -688,7 +688,7 @@ - PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf - MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf - MdeModulePkg/Universal/BdsDxe/BdsDxe.inf -- MdeModulePkg/Logo/LogoDxe.inf -+ MdeModulePkg/Logo/LogoOpenSSLDxe.inf - MdeModulePkg/Application/UiApp/UiApp.inf { - - NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf -diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf -index dd0030dbf1..fa5e484e63 100644 ---- a/OvmfPkg/AmdSev/AmdSevX64.fdf -+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf -@@ -279,7 +279,7 @@ INF OvmfPkg/AmdSev/Grub/Grub.inf - INF ShellPkg/Application/Shell/Shell.inf - !endif - --INF MdeModulePkg/Logo/LogoDxe.inf -+INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf - - # - # Usb Support -diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 33fbd76790..d8f03caa30 100644 ---- a/OvmfPkg/OvmfPkgIa32.dsc -+++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -777,7 +777,7 @@ - NULL|OvmfPkg/Csm/LegacyBootManagerLib/LegacyBootManagerLib.inf - !endif - } -- MdeModulePkg/Logo/LogoDxe.inf -+ MdeModulePkg/Logo/LogoOpenSSLDxe.inf - MdeModulePkg/Application/UiApp/UiApp.inf { - - NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf -diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index b3c8b56f3b..e3b1d74ce2 100644 ---- a/OvmfPkg/OvmfPkgIa32.fdf -+++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -300,7 +300,7 @@ INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf - !endif - INF ShellPkg/Application/Shell/Shell.inf - --INF MdeModulePkg/Logo/LogoDxe.inf -+INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf - - # - # Network modules -diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index b13e5cfd90..312577ebae 100644 ---- a/OvmfPkg/OvmfPkgIa32X64.dsc -+++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -791,7 +791,7 @@ - NULL|OvmfPkg/Csm/LegacyBootManagerLib/LegacyBootManagerLib.inf - !endif - } -- MdeModulePkg/Logo/LogoDxe.inf -+ MdeModulePkg/Logo/LogoOpenSSLDxe.inf - MdeModulePkg/Application/UiApp/UiApp.inf { - - NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf -diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index 86592c2364..f7732382d4 100644 ---- a/OvmfPkg/OvmfPkgIa32X64.fdf -+++ b/OvmfPkg/OvmfPkgIa32X64.fdf -@@ -301,7 +301,7 @@ INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf - !endif - INF ShellPkg/Application/Shell/Shell.inf - --INF MdeModulePkg/Logo/LogoDxe.inf -+INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf - - # - # Network modules -diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 999738dc39..d72a00e6b4 100644 ---- a/OvmfPkg/OvmfPkgX64.dsc -+++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -789,7 +789,7 @@ - NULL|OvmfPkg/Csm/LegacyBootManagerLib/LegacyBootManagerLib.inf - !endif - } -- MdeModulePkg/Logo/LogoDxe.inf -+ MdeModulePkg/Logo/LogoOpenSSLDxe.inf - MdeModulePkg/Application/UiApp/UiApp.inf { - - NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf -diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index d6be798fca..137ed6bceb 100644 ---- a/OvmfPkg/OvmfPkgX64.fdf -+++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -313,7 +313,7 @@ INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf - !endif - INF ShellPkg/Application/Shell/Shell.inf - --INF MdeModulePkg/Logo/LogoDxe.inf -+INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf - - # - # Network modules --- -2.27.0 - diff --git a/SOURCES/0012-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch b/SOURCES/0011-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch similarity index 98% rename from SOURCES/0012-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch rename to SOURCES/0011-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch index 73d2995..ae3bfc9 100644 --- a/SOURCES/0012-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch +++ b/SOURCES/0011-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch @@ -1,4 +1,4 @@ -From 6901201d2cd1d943ebd41f3d65102f787540d3c4 Mon Sep 17 00:00:00 2001 +From 419ec8370d8da04c33622cf94cd92b086ec095cb Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Tue, 25 Feb 2014 18:40:35 +0100 Subject: MdeModulePkg: TerminalDxe: add other text resolutions (RHEL only) diff --git a/SOURCES/0013-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch b/SOURCES/0012-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch similarity index 97% rename from SOURCES/0013-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch rename to SOURCES/0012-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch index 5fe8ff6..1aebc4f 100644 --- a/SOURCES/0013-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch +++ b/SOURCES/0012-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch @@ -1,4 +1,4 @@ -From 9485b38e5dbfd2e23ea6ad0585e773d7842a1903 Mon Sep 17 00:00:00 2001 +From 88b490682aef3e351e757467999f60a9e6880b24 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Tue, 25 Feb 2014 22:40:01 +0100 Subject: MdeModulePkg: TerminalDxe: set xterm resolution on mode change (RH @@ -87,10 +87,10 @@ Signed-off-by: Laszlo Ersek 3 files changed, 36 insertions(+) diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec -index ba2d0290e7..ff70d6e6eb 100644 +index 9d69fb86ed..08d59dfb3e 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec -@@ -2046,6 +2046,10 @@ +@@ -2076,6 +2076,10 @@ # @Prompt Enable PCIe Resizable BAR Capability support. gEfiMdeModulePkgTokenSpaceGuid.PcdPcieResizableBarSupport|FALSE|BOOLEAN|0x10000024 diff --git a/SOURCES/0014-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch b/SOURCES/0013-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch similarity index 92% rename from SOURCES/0014-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch rename to SOURCES/0013-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch index 6e2689a..90e6575 100644 --- a/SOURCES/0014-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch +++ b/SOURCES/0013-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch @@ -1,4 +1,4 @@ -From 1165bbcec94a97cf1d1509df8210feb2e1db00c5 Mon Sep 17 00:00:00 2001 +From 8528d0f734c0ad02120358a894e6fe59c6b9a9c2 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 14 Oct 2015 15:59:06 +0200 Subject: OvmfPkg: take PcdResizeXterm from the QEMU command line (RH only) @@ -75,7 +75,7 @@ Signed-off-by: Laszlo Ersek 6 files changed, 6 insertions(+) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 52bcae6cf6..0a8cb7fd3b 100644 +index 5ee5445116..6ea3621225 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -534,6 +534,7 @@ @@ -87,7 +87,7 @@ index 52bcae6cf6..0a8cb7fd3b 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0 diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index d8f03caa30..e6df324c7c 100644 +index 6a5be97c05..4cacf0ea94 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -594,6 +594,7 @@ @@ -99,7 +99,7 @@ index d8f03caa30..e6df324c7c 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0 diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 312577ebae..8104fe0218 100644 +index 71227d1b70..6225f8e095 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -600,6 +600,7 @@ @@ -111,7 +111,7 @@ index 312577ebae..8104fe0218 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0 diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index d72a00e6b4..3c8b2649a8 100644 +index 52f7598cf1..b66fc67563 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -600,6 +600,7 @@ @@ -123,10 +123,10 @@ index d72a00e6b4..3c8b2649a8 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0 diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c -index 96468701e3..14efbabe39 100644 +index df2d9ad015..d0e2c08de9 100644 --- a/OvmfPkg/PlatformPei/Platform.c +++ b/OvmfPkg/PlatformPei/Platform.c -@@ -748,6 +748,7 @@ InitializePlatform ( +@@ -752,6 +752,7 @@ InitializePlatform ( MemTypeInfoInitialization (); MemMapInitialization (); NoexecDxeInitialization (); @@ -135,13 +135,13 @@ index 96468701e3..14efbabe39 100644 InstallClearCacheCallback (); diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf -index 6ef77ba7bb..22425d34c0 100644 +index 67eb7aa716..69eb3edad3 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf -@@ -97,6 +97,7 @@ +@@ -93,6 +93,7 @@ + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved - gEfiMdeModulePkgTokenSpaceGuid.PcdPciDisableBusEnumeration + gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable diff --git a/SOURCES/0015-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch b/SOURCES/0014-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch similarity index 97% rename from SOURCES/0015-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch rename to SOURCES/0014-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch index aeb9736..c478b27 100644 --- a/SOURCES/0015-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch +++ b/SOURCES/0014-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch @@ -1,4 +1,4 @@ -From 3f9662c435278564640be672f0c4e17e535f1765 Mon Sep 17 00:00:00 2001 +From 2ea50cb9ad392b2df09bfb20d64c7c3c1863e867 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Sun, 26 Jul 2015 08:02:50 +0000 Subject: ArmVirtPkg: take PcdResizeXterm from the QEMU command line (RH only) @@ -95,10 +95,10 @@ Signed-off-by: Laszlo Ersek create mode 100644 ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index 54d637163c..41a26c8d18 100644 +index 891e065311..e0476ede4f 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -280,6 +280,8 @@ +@@ -282,6 +282,8 @@ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0 !endif @@ -107,7 +107,7 @@ index 54d637163c..41a26c8d18 100644 [PcdsDynamicHii] gArmVirtTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gArmVirtVariableGuid|0x0|FALSE|NV,BS -@@ -382,7 +384,10 @@ +@@ -384,7 +386,10 @@ MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleDxe.inf diff --git a/SOURCES/0016-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch b/SOURCES/0015-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch similarity index 93% rename from SOURCES/0016-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch rename to SOURCES/0015-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch index 165dd67..66af3b3 100644 --- a/SOURCES/0016-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch +++ b/SOURCES/0015-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch @@ -1,4 +1,4 @@ -From e9d9e73c317b256c0bdc6530b82a6a625d7d54db Mon Sep 17 00:00:00 2001 +From ed122866ad1a15f29e0ba570ddb9309917cb0370 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Tue, 4 Nov 2014 23:02:53 +0100 Subject: OvmfPkg: allow exclusion of the shell from the firmware image (RH @@ -111,10 +111,10 @@ Signed-off-by: Laszlo Ersek 3 files changed, 6 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index e3b1d74ce2..969524cf3b 100644 +index 775ea2d710..00ea14adf0 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -293,12 +293,14 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -290,12 +290,14 @@ INF FatPkg/EnhancedFatDxe/Fat.inf INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf @@ -127,10 +127,10 @@ index e3b1d74ce2..969524cf3b 100644 INF ShellPkg/Application/Shell/Shell.inf +!endif - INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf + INF MdeModulePkg/Logo/LogoDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index f7732382d4..36f078556f 100644 +index 9d8695922f..e33a40c44e 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -294,12 +294,14 @@ INF FatPkg/EnhancedFatDxe/Fat.inf @@ -146,13 +146,13 @@ index f7732382d4..36f078556f 100644 INF ShellPkg/Application/Shell/Shell.inf +!endif - INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf + INF MdeModulePkg/Logo/LogoDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index 137ed6bceb..a5900d8377 100644 +index b6cc3cabdd..85b4b23857 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -306,12 +306,14 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -310,12 +310,14 @@ INF FatPkg/EnhancedFatDxe/Fat.inf INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf @@ -165,7 +165,7 @@ index 137ed6bceb..a5900d8377 100644 INF ShellPkg/Application/Shell/Shell.inf +!endif - INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf + INF MdeModulePkg/Logo/LogoDxe.inf -- 2.27.0 diff --git a/SOURCES/0017-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch b/SOURCES/0016-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch similarity index 97% rename from SOURCES/0017-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch rename to SOURCES/0016-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch index 590baed..7f9c554 100644 --- a/SOURCES/0017-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch +++ b/SOURCES/0016-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch @@ -1,4 +1,4 @@ -From 6d968342cbfa40a8192cee7c685e1c794e6053df Mon Sep 17 00:00:00 2001 +From 03a7ff7a8ab80c740dc1ab64b74bb691cadbf84e Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 14 Oct 2015 13:49:43 +0200 Subject: ArmPlatformPkg: introduce fixed PCD for early hello message (RH only) diff --git a/SOURCES/0018-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch b/SOURCES/0017-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch similarity index 98% rename from SOURCES/0018-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch rename to SOURCES/0017-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch index affbde1..07079ad 100644 --- a/SOURCES/0018-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch +++ b/SOURCES/0017-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch @@ -1,4 +1,4 @@ -From e46d1e3f4c9b301acfa15fa4089661947e8742a4 Mon Sep 17 00:00:00 2001 +From c82c22df8ab7d2c7078421f4da4ad99e5c04d364 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 14 Oct 2015 13:59:20 +0200 Subject: ArmPlatformPkg: PrePeiCore: write early hello message to the serial diff --git a/SOURCES/0019-ArmVirtPkg-set-early-hello-message-RH-only.patch b/SOURCES/0018-ArmVirtPkg-set-early-hello-message-RH-only.patch similarity index 95% rename from SOURCES/0019-ArmVirtPkg-set-early-hello-message-RH-only.patch rename to SOURCES/0018-ArmVirtPkg-set-early-hello-message-RH-only.patch index 5e4f5c9..c8b8361 100644 --- a/SOURCES/0019-ArmVirtPkg-set-early-hello-message-RH-only.patch +++ b/SOURCES/0018-ArmVirtPkg-set-early-hello-message-RH-only.patch @@ -1,4 +1,4 @@ -From b14a92fafb171ad4a47598076bd028e5cf33ac28 Mon Sep 17 00:00:00 2001 +From 71a097feaba670e5d6eaebfc593394dee6e71cc9 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 14 Oct 2015 14:07:17 +0200 Subject: ArmVirtPkg: set early hello message (RH only) @@ -66,10 +66,10 @@ Signed-off-by: Laszlo Ersek 1 file changed, 1 insertion(+) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index 41a26c8d18..971422411d 100644 +index e0476ede4f..ec0edf6e7b 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -132,6 +132,7 @@ +@@ -134,6 +134,7 @@ gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE) [PcdsFixedAtBuild.common] diff --git a/SOURCES/0020-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch b/SOURCES/0019-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch similarity index 95% rename from SOURCES/0020-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch rename to SOURCES/0019-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch index 51c0342..764e1a6 100644 --- a/SOURCES/0020-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch +++ b/SOURCES/0019-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch @@ -1,4 +1,4 @@ -From 1771ff7479664c05884dab5a34d128cf8b01086f Mon Sep 17 00:00:00 2001 +From 1ac092c4fa4fef5f1dfe02b4179eb18830564854 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Tue, 21 Nov 2017 00:57:45 +0100 Subject: OvmfPkg: enable DEBUG_VERBOSE (RHEL only) @@ -65,7 +65,7 @@ Signed-off-by: Paolo Bonzini 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 0a8cb7fd3b..6e8defe5c7 100644 +index 6ea3621225..366fa79f62 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -486,7 +486,7 @@ @@ -78,7 +78,7 @@ index 0a8cb7fd3b..6e8defe5c7 100644 !if $(SOURCE_DEBUG_ENABLE) == TRUE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index e6df324c7c..52cd87f698 100644 +index 4cacf0ea94..2aacf1a5ff 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -534,7 +534,7 @@ @@ -91,7 +91,7 @@ index e6df324c7c..52cd87f698 100644 !if $(SOURCE_DEBUG_ENABLE) == TRUE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 8104fe0218..214195a594 100644 +index 6225f8e095..2613c83adb 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -538,7 +538,7 @@ @@ -104,7 +104,7 @@ index 8104fe0218..214195a594 100644 !if $(SOURCE_DEBUG_ENABLE) == TRUE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 3c8b2649a8..02aad65b00 100644 +index b66fc67563..d7d34eeef2 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -540,7 +540,7 @@ diff --git a/SOURCES/0021-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch b/SOURCES/0020-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch similarity index 94% rename from SOURCES/0021-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch rename to SOURCES/0020-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch index 4cea103..3557ef7 100644 --- a/SOURCES/0021-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch +++ b/SOURCES/0020-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch @@ -1,4 +1,4 @@ -From 4b2a35ab1d659068d47baaf1dd5b2918ba8a2573 Mon Sep 17 00:00:00 2001 +From 7e02a1017ef2f0c798c195c1adcb516c9461d22a Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Tue, 21 Nov 2017 00:57:46 +0100 Subject: OvmfPkg: silence DEBUG_VERBOSE (0x00400000) in @@ -82,10 +82,10 @@ Signed-off-by: Paolo Bonzini 4 files changed, 32 insertions(+), 8 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 6e8defe5c7..568ca369e6 100644 +index 366fa79f62..a289d8a573 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -747,8 +747,14 @@ +@@ -750,8 +750,14 @@ MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf @@ -103,10 +103,10 @@ index 6e8defe5c7..568ca369e6 100644 # diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 52cd87f698..52fd057c90 100644 +index 2aacf1a5ff..1a5cfa4c6d 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -842,9 +842,15 @@ +@@ -846,9 +846,15 @@ MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf !ifndef $(CSM_ENABLE) @@ -125,10 +125,10 @@ index 52cd87f698..52fd057c90 100644 # diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 214195a594..653849cc7a 100644 +index 2613c83adb..11002ffd95 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -856,9 +856,15 @@ +@@ -860,9 +860,15 @@ MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf !ifndef $(CSM_ENABLE) @@ -147,10 +147,10 @@ index 214195a594..653849cc7a 100644 # diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 02aad65b00..5275f2502b 100644 +index d7d34eeef2..f176aa4061 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -854,9 +854,15 @@ +@@ -858,9 +858,15 @@ MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf !ifndef $(CSM_ENABLE) diff --git a/SOURCES/0022-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch b/SOURCES/0021-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch similarity index 94% rename from SOURCES/0022-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch rename to SOURCES/0021-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch index 18d30be..1e8f626 100644 --- a/SOURCES/0022-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch +++ b/SOURCES/0021-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch @@ -1,4 +1,4 @@ -From 251653ccf48a973481bb8c90161cccde50c78ad5 Mon Sep 17 00:00:00 2001 +From e90b3928d862a2dadda7d5c7c8f680f05854bc6f Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 27 Jan 2016 03:05:18 +0100 Subject: ArmVirtPkg: silence DEBUG_VERBOSE (0x00400000) in QemuRamfbDxe (RH @@ -61,10 +61,10 @@ Signed-off-by: Laszlo Ersek 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index 971422411d..d2a2fdac8e 100644 +index ec0edf6e7b..e6fad9f066 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -504,7 +504,10 @@ +@@ -509,7 +509,10 @@ # # Video support # @@ -77,10 +77,10 @@ index 971422411d..d2a2fdac8e 100644 OvmfPkg/PlatformDxe/Platform.inf diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc -index f598ac6a85..7e50ce8b3b 100644 +index a8bb83b288..656c9d99a3 100644 --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc -@@ -434,7 +434,10 @@ +@@ -438,7 +438,10 @@ # # Video support # diff --git a/SOURCES/0023-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch b/SOURCES/0022-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch similarity index 97% rename from SOURCES/0023-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch rename to SOURCES/0022-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch index e75701e..a9b6cf4 100644 --- a/SOURCES/0023-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch +++ b/SOURCES/0022-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch @@ -1,4 +1,4 @@ -From bacf42ebf768aebb8c2b36fb52d154daf19c0c74 Mon Sep 17 00:00:00 2001 +From 619fb46a6790720fa1bd9a1a758471b9d5c018ef Mon Sep 17 00:00:00 2001 From: Philippe Mathieu-Daude Date: Thu, 1 Aug 2019 20:43:48 +0200 Subject: OvmfPkg: QemuRamfbDxe: Do not report DXE failure on Aarch64 silent diff --git a/SOURCES/0024-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch b/SOURCES/0023-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch similarity index 93% rename from SOURCES/0024-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch rename to SOURCES/0023-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch index d08e6fd..ecebb4e 100644 --- a/SOURCES/0024-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch +++ b/SOURCES/0023-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch @@ -1,4 +1,4 @@ -From 41c61737a6ead56c36edabd1b2e685a04c2e81c6 Mon Sep 17 00:00:00 2001 +From 009210d2d36584215d31bdbeb7071cf8ff4f1fa5 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Tue, 21 Nov 2017 00:57:47 +0100 Subject: OvmfPkg: silence EFI_D_VERBOSE (0x00400000) in NvmExpressDxe (RH @@ -63,10 +63,10 @@ Signed-off-by: Paolo Bonzini 4 files changed, 16 insertions(+), 4 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 568ca369e6..fb00b12f8c 100644 +index a289d8a573..ccdf9b8ce0 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -741,7 +741,10 @@ +@@ -744,7 +744,10 @@ OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -79,10 +79,10 @@ index 568ca369e6..fb00b12f8c 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 52fd057c90..119267e3c8 100644 +index 1a5cfa4c6d..a0666930d6 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -835,7 +835,10 @@ +@@ -839,7 +839,10 @@ OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -95,10 +95,10 @@ index 52fd057c90..119267e3c8 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 653849cc7a..166c9f1fef 100644 +index 11002ffd95..5efeb42bf3 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -849,7 +849,10 @@ +@@ -853,7 +853,10 @@ OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -111,10 +111,10 @@ index 653849cc7a..166c9f1fef 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 5275f2502b..19d0944a72 100644 +index f176aa4061..10fb7d7069 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -847,7 +847,10 @@ +@@ -851,7 +851,10 @@ OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf diff --git a/SOURCES/0025-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch b/SOURCES/0024-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch similarity index 97% rename from SOURCES/0025-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch rename to SOURCES/0024-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch index 9310962..15024d8 100644 --- a/SOURCES/0025-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch +++ b/SOURCES/0024-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch @@ -1,4 +1,4 @@ -From 7e6817e96a15f9ce32f0c9cf6326bb682672724c Mon Sep 17 00:00:00 2001 +From 7e6632fecb119feaf6c34c794e72a8424792fd3f Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Sat, 16 Nov 2019 17:11:27 +0100 Subject: CryptoPkg/OpensslLib: list RHEL8-specific OpenSSL files in the INFs @@ -131,7 +131,7 @@ Signed-off-by: Laszlo Ersek 2 files changed, 22 insertions(+) diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf -index b00bb74ce6..71e32f26ea 100644 +index d84bde056a..19913a4ac6 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf @@ -570,6 +570,17 @@ @@ -153,7 +153,7 @@ index b00bb74ce6..71e32f26ea 100644 ossl_store.c rand_pool.c diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -index 3557711bd8..003dcbad7a 100644 +index cdeed0d073..5057857e8d 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf @@ -519,6 +519,17 @@ diff --git a/SOURCES/0026-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch b/SOURCES/0025-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch similarity index 92% rename from SOURCES/0026-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch rename to SOURCES/0025-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch index 1533000..0cbb9cf 100644 --- a/SOURCES/0026-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch +++ b/SOURCES/0025-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch @@ -1,4 +1,4 @@ -From 29be717a1ae0a2617a7ae95698940286201d1612 Mon Sep 17 00:00:00 2001 +From 9e7da28d166fb4b5b434b444c655d522c9f32b1a Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 24 Jun 2020 11:31:36 +0200 Subject: OvmfPkg/QemuKernelLoaderFsDxe: suppress error on no "-kernel" in @@ -32,18 +32,18 @@ Signed-off-by: Miroslav Rezanina 2 files changed, 18 insertions(+) diff --git a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c -index b09ff6a359..ec0244d61b 100644 +index 6832d563bc..08ed67f5ff 100644 --- a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c +++ b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c -@@ -18,6 +18,7 @@ - #include +@@ -19,6 +19,7 @@ #include + #include #include +#include #include #include #include -@@ -1039,6 +1040,22 @@ QemuKernelLoaderFsDxeEntrypoint ( +@@ -1054,6 +1055,22 @@ QemuKernelLoaderFsDxeEntrypoint ( if (KernelBlob->Data == NULL) { Status = EFI_NOT_FOUND; diff --git a/SOURCES/0027-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch b/SOURCES/0026-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch similarity index 96% rename from SOURCES/0027-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch rename to SOURCES/0026-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch index 3cc5803..826dab6 100644 --- a/SOURCES/0027-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch +++ b/SOURCES/0026-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch @@ -1,4 +1,4 @@ -From dc27035d2a8ca09dc5b0113c97a643341f286c08 Mon Sep 17 00:00:00 2001 +From 2b01209a816fce5004012a033c1e9f679f8768db Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 24 Jun 2020 11:40:09 +0200 Subject: SecurityPkg/Tcg2Dxe: suppress error on no swtpm in silent aa64 build diff --git a/SOURCES/edk2-OvmfPkg-Remove-PrintDxe-RHEL-only.patch b/SOURCES/0029-OvmfPkg-Remove-PrintDxe-RHEL-only.patch similarity index 86% rename from SOURCES/edk2-OvmfPkg-Remove-PrintDxe-RHEL-only.patch rename to SOURCES/0029-OvmfPkg-Remove-PrintDxe-RHEL-only.patch index 251f5c8..588ad08 100644 --- a/SOURCES/edk2-OvmfPkg-Remove-PrintDxe-RHEL-only.patch +++ b/SOURCES/0029-OvmfPkg-Remove-PrintDxe-RHEL-only.patch @@ -1,7 +1,7 @@ -From fcc9ea03ba79d36ac4af6342f22bfbc93d0e5f2c Mon Sep 17 00:00:00 2001 +From ec59dc81bfaeb07ff114a956359161b29ca128fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:28:43 +0200 -Subject: [PATCH 01/19] OvmfPkg: Remove PrintDxe (RHEL only) +Subject: OvmfPkg: Remove PrintDxe (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -29,10 +29,10 @@ Signed-off-by: Miroslav Rezanina 8 files changed, 8 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index fb00b12f8c..0ee34ac576 100644 +index ccdf9b8ce0..0cd0a50090 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -729,7 +729,6 @@ +@@ -732,7 +732,6 @@ DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf } @@ -41,10 +41,10 @@ index fb00b12f8c..0ee34ac576 100644 MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf -index fa5e484e63..ee66b3d905 100644 +index 5662609886..5a84393b00 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf -@@ -237,7 +237,6 @@ INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf +@@ -245,7 +245,6 @@ INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf INF MdeModulePkg/Application/UiApp/UiApp.inf INF OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf @@ -53,10 +53,10 @@ index fa5e484e63..ee66b3d905 100644 INF MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf INF MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 119267e3c8..76591cff94 100644 +index a0666930d6..d729a7bef7 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -822,7 +822,6 @@ +@@ -826,7 +826,6 @@ DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf } @@ -65,10 +65,10 @@ index 119267e3c8..76591cff94 100644 MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index 969524cf3b..8c2256345c 100644 +index 00ea14adf0..bf76546356 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -257,7 +257,6 @@ INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf +@@ -255,7 +255,6 @@ INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf INF MdeModulePkg/Application/UiApp/UiApp.inf INF OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf @@ -77,10 +77,10 @@ index 969524cf3b..8c2256345c 100644 INF MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf INF MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 166c9f1fef..14eb12dd5e 100644 +index 5efeb42bf3..ad18b3f365 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -836,7 +836,6 @@ +@@ -840,7 +840,6 @@ DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf } @@ -89,10 +89,10 @@ index 166c9f1fef..14eb12dd5e 100644 MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index 36f078556f..e122f1c0d8 100644 +index e33a40c44e..2523aa2d52 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf -@@ -258,7 +258,6 @@ INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf +@@ -259,7 +259,6 @@ INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf INF MdeModulePkg/Application/UiApp/UiApp.inf INF OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf @@ -101,10 +101,10 @@ index 36f078556f..e122f1c0d8 100644 INF MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf INF MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 19d0944a72..48861db4dc 100644 +index 10fb7d7069..161de784ac 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -834,7 +834,6 @@ +@@ -838,7 +838,6 @@ DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf } @@ -113,10 +113,10 @@ index 19d0944a72..48861db4dc 100644 MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index a5900d8377..0aef17a708 100644 +index 85b4b23857..f9249b0b5f 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -270,7 +270,6 @@ INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf +@@ -275,7 +275,6 @@ INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf INF MdeModulePkg/Application/UiApp/UiApp.inf INF OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf diff --git a/SOURCES/edk2-OvmfPkg-Remove-EbcDxe-RHEL-only.patch b/SOURCES/0030-OvmfPkg-Remove-EbcDxe-RHEL-only.patch similarity index 84% rename from SOURCES/edk2-OvmfPkg-Remove-EbcDxe-RHEL-only.patch rename to SOURCES/0030-OvmfPkg-Remove-EbcDxe-RHEL-only.patch index ee4c552..d7cbdfa 100644 --- a/SOURCES/edk2-OvmfPkg-Remove-EbcDxe-RHEL-only.patch +++ b/SOURCES/0030-OvmfPkg-Remove-EbcDxe-RHEL-only.patch @@ -1,7 +1,7 @@ -From a7434b6bac325dbb0c2e7c6f43678d5c6d9ac1f7 Mon Sep 17 00:00:00 2001 +From ff2f54341791a5b95edc7b782f5f2713e4c12588 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:28:49 +0200 -Subject: [PATCH 02/19] OvmfPkg: Remove EbcDxe (RHEL only) +Subject: OvmfPkg: Remove EbcDxe (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -29,10 +29,10 @@ Signed-off-by: Miroslav Rezanina 8 files changed, 8 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 0ee34ac576..7ca368f667 100644 +index 0cd0a50090..d72a995159 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -667,7 +667,6 @@ +@@ -670,7 +670,6 @@ !endif } @@ -41,10 +41,10 @@ index 0ee34ac576..7ca368f667 100644 UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf UefiCpuPkg/CpuDxe/CpuDxe.inf diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf -index ee66b3d905..8af26d3989 100644 +index 5a84393b00..2a077ac5bd 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf -@@ -194,7 +194,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf +@@ -205,7 +205,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf @@ -53,10 +53,10 @@ index ee66b3d905..8af26d3989 100644 INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf INF UefiCpuPkg/CpuDxe/CpuDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 76591cff94..634a4aa73d 100644 +index d729a7bef7..e847cfad96 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -750,7 +750,6 @@ +@@ -753,7 +753,6 @@ !endif } @@ -65,35 +65,35 @@ index 76591cff94..634a4aa73d 100644 UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf UefiCpuPkg/CpuDxe/CpuDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index 8c2256345c..4e36026061 100644 +index bf76546356..b65f7306a8 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -210,7 +210,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf - - INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf - INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf --INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf - INF OvmfPkg/8259InterruptControllerDxe/8259.inf - INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf - INF UefiCpuPkg/CpuDxe/CpuDxe.inf -diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 14eb12dd5e..c3ce34870e 100644 ---- a/OvmfPkg/OvmfPkgIa32X64.dsc -+++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -764,7 +764,6 @@ - !endif - } - -- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf - OvmfPkg/8259InterruptControllerDxe/8259.inf - UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf - UefiCpuPkg/CpuDxe/CpuDxe.inf -diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index e122f1c0d8..97e24ab104 100644 ---- a/OvmfPkg/OvmfPkgIa32X64.fdf -+++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -211,7 +211,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf + INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf + INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf +-INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf + INF OvmfPkg/8259InterruptControllerDxe/8259.inf + INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf + INF UefiCpuPkg/CpuDxe/CpuDxe.inf +diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc +index ad18b3f365..b00b7682dd 100644 +--- a/OvmfPkg/OvmfPkgIa32X64.dsc ++++ b/OvmfPkg/OvmfPkgIa32X64.dsc +@@ -767,7 +767,6 @@ + !endif + } + +- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf + OvmfPkg/8259InterruptControllerDxe/8259.inf + UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf + UefiCpuPkg/CpuDxe/CpuDxe.inf +diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf +index 2523aa2d52..b145c0ca3e 100644 +--- a/OvmfPkg/OvmfPkgIa32X64.fdf ++++ b/OvmfPkg/OvmfPkgIa32X64.fdf +@@ -215,7 +215,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf + INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf -INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf @@ -101,10 +101,10 @@ index e122f1c0d8..97e24ab104 100644 INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf INF UefiCpuPkg/CpuDxe/CpuDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 48861db4dc..36d9b0943b 100644 +index 161de784ac..2f61405fbf 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -762,7 +762,6 @@ +@@ -765,7 +765,6 @@ !endif } @@ -113,10 +113,10 @@ index 48861db4dc..36d9b0943b 100644 UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf UefiCpuPkg/CpuDxe/CpuDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index 0aef17a708..6d66e4d07e 100644 +index f9249b0b5f..f82cba3934 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -223,7 +223,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf +@@ -231,7 +231,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf diff --git a/SOURCES/edk2-ArmVirtPkg-Remove-EbcDxe-RHEL-only.patch b/SOURCES/0031-ArmVirtPkg-Remove-EbcDxe-RHEL-only.patch similarity index 84% rename from SOURCES/edk2-ArmVirtPkg-Remove-EbcDxe-RHEL-only.patch rename to SOURCES/0031-ArmVirtPkg-Remove-EbcDxe-RHEL-only.patch index cb19b8d..46de278 100644 --- a/SOURCES/edk2-ArmVirtPkg-Remove-EbcDxe-RHEL-only.patch +++ b/SOURCES/0031-ArmVirtPkg-Remove-EbcDxe-RHEL-only.patch @@ -1,7 +1,7 @@ -From 1141700f8b6ffa86f1539e4dd03acea2e397e1d8 Mon Sep 17 00:00:00 2001 +From 550baa5312b42e21332da86982a7f291528150e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:28:54 +0200 -Subject: [PATCH 03/19] ArmVirtPkg: Remove EbcDxe (RHEL only) +Subject: ArmVirtPkg: Remove EbcDxe (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -23,10 +23,10 @@ Signed-off-by: Miroslav Rezanina 2 files changed, 10 deletions(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc -index d9abadbe70..505e895db7 100644 +index 5a1598d90c..2fd8d31611 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc -@@ -421,8 +421,3 @@ +@@ -420,8 +420,3 @@ NULL|EmbeddedPkg/Library/PlatformHasAcpiLib/PlatformHasAcpiLib.inf } @@ -36,10 +36,10 @@ index d9abadbe70..505e895db7 100644 - # - MdeModulePkg/Universal/EbcDxe/EbcDxe.inf diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index 6cdbfc39be..0ba57fe687 100644 +index f6a538df72..520d531518 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -@@ -149,11 +149,6 @@ READ_LOCK_STATUS = TRUE +@@ -146,11 +146,6 @@ READ_LOCK_STATUS = TRUE INF MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf INF OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpiPlatformDxe.inf diff --git a/SOURCES/edk2-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch b/SOURCES/0032-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch similarity index 82% rename from SOURCES/edk2-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch rename to SOURCES/0032-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch index 632a078..98de3a3 100644 --- a/SOURCES/edk2-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch +++ b/SOURCES/0032-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch @@ -1,7 +1,7 @@ -From c24e195227b350825389473db9b9ee8556148958 Mon Sep 17 00:00:00 2001 +From caf276302ed4b008e99749ed858db3bcf6501640 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:28:59 +0200 -Subject: [PATCH 04/19] OvmfPkg: Remove VirtioGpu device driver (RHEL only) +Subject: OvmfPkg: Remove VirtioGpu device driver (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -29,10 +29,10 @@ Signed-off-by: Miroslav Rezanina 8 files changed, 8 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 7ca368f667..8966b90cb5 100644 +index d72a995159..74e87f1b08 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -756,7 +756,6 @@ +@@ -759,7 +759,6 @@ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F } @@ -41,10 +41,10 @@ index 7ca368f667..8966b90cb5 100644 # # ISA Support diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf -index 8af26d3989..5f980d5f98 100644 +index 2a077ac5bd..d09a193d09 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf -@@ -292,7 +292,6 @@ INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf +@@ -299,7 +299,6 @@ INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf @@ -53,10 +53,10 @@ index 8af26d3989..5f980d5f98 100644 INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 634a4aa73d..2ba90ddf8b 100644 +index e847cfad96..f8ff1c2792 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -852,7 +852,6 @@ +@@ -856,7 +856,6 @@ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F } @@ -65,10 +65,10 @@ index 634a4aa73d..2ba90ddf8b 100644 # # ISA Support diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index 4e36026061..e70508ecfc 100644 +index b65f7306a8..ea7a3f893c 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -327,7 +327,6 @@ INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf +@@ -324,7 +324,6 @@ INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf !endif INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf @@ -77,10 +77,10 @@ index 4e36026061..e70508ecfc 100644 INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index c3ce34870e..5f22848972 100644 +index b00b7682dd..4b5f362780 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -866,7 +866,6 @@ +@@ -870,7 +870,6 @@ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F } @@ -89,7 +89,7 @@ index c3ce34870e..5f22848972 100644 # # ISA Support diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index 97e24ab104..237271e50b 100644 +index b145c0ca3e..3c33f0eadd 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -333,7 +333,6 @@ INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf @@ -101,10 +101,10 @@ index 97e24ab104..237271e50b 100644 INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 36d9b0943b..5377a8a2f3 100644 +index 2f61405fbf..89dcdb8bba 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -864,7 +864,6 @@ +@@ -868,7 +868,6 @@ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F } @@ -113,10 +113,10 @@ index 36d9b0943b..5377a8a2f3 100644 # # ISA Support diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index 6d66e4d07e..f8611f5c07 100644 +index f82cba3934..e7bf0da02b 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -345,7 +345,6 @@ INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf +@@ -349,7 +349,6 @@ INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf !endif INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf diff --git a/SOURCES/edk2-OvmfPkg-Remove-QemuRamfbDxe-display-device-driver-RH.patch b/SOURCES/0033-OvmfPkg-Remove-QemuRamfbDxe-display-device-driver-RH.patch similarity index 83% rename from SOURCES/edk2-OvmfPkg-Remove-QemuRamfbDxe-display-device-driver-RH.patch rename to SOURCES/0033-OvmfPkg-Remove-QemuRamfbDxe-display-device-driver-RH.patch index 9e437e4..02318a9 100644 --- a/SOURCES/edk2-OvmfPkg-Remove-QemuRamfbDxe-display-device-driver-RH.patch +++ b/SOURCES/0033-OvmfPkg-Remove-QemuRamfbDxe-display-device-driver-RH.patch @@ -1,8 +1,7 @@ -From 3ff50d45d2d9da7f7b995e261f6f7750706197ea Mon Sep 17 00:00:00 2001 +From 5f2032eca0be1191d8485eeba4005f4d0a3af879 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Fri, 2 Jul 2021 20:15:40 +0200 -Subject: [PATCH 05/19] OvmfPkg: Remove QemuRamfbDxe display device driver - (RHEL only) +Subject: OvmfPkg: Remove QemuRamfbDxe display device driver (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -30,10 +29,10 @@ Signed-off-by: Miroslav Rezanina 8 files changed, 20 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 8966b90cb5..72a5106f96 100644 +index 74e87f1b08..154e318e87 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -752,10 +752,6 @@ +@@ -755,10 +755,6 @@ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F } @@ -45,10 +44,10 @@ index 8966b90cb5..72a5106f96 100644 # # ISA Support diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf -index 5f980d5f98..2e1a2911e3 100644 +index d09a193d09..cd86f60270 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf -@@ -291,7 +291,6 @@ INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf +@@ -298,7 +298,6 @@ INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf @@ -57,10 +56,10 @@ index 5f980d5f98..2e1a2911e3 100644 INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 2ba90ddf8b..bb72780e3e 100644 +index f8ff1c2792..3061d0d796 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -848,10 +848,6 @@ +@@ -852,10 +852,6 @@ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F } !endif @@ -72,10 +71,10 @@ index 2ba90ddf8b..bb72780e3e 100644 # # ISA Support diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index e70508ecfc..e546622732 100644 +index ea7a3f893c..e55c88c84d 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -326,7 +326,6 @@ INF RuleOverride=CSM OvmfPkg/Csm/Csm16/Csm16.inf +@@ -323,7 +323,6 @@ INF RuleOverride=CSM OvmfPkg/Csm/Csm16/Csm16.inf INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf !endif @@ -84,10 +83,10 @@ index e70508ecfc..e546622732 100644 INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 5f22848972..12fe15539c 100644 +index 4b5f362780..01adc7b648 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -862,10 +862,6 @@ +@@ -866,10 +866,6 @@ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F } !endif @@ -99,7 +98,7 @@ index 5f22848972..12fe15539c 100644 # # ISA Support diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index 237271e50b..d709186a69 100644 +index 3c33f0eadd..43a96cc78a 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -332,7 +332,6 @@ INF RuleOverride=CSM OvmfPkg/Csm/Csm16/Csm16.inf @@ -111,10 +110,10 @@ index 237271e50b..d709186a69 100644 INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 5377a8a2f3..11b4bafe83 100644 +index 89dcdb8bba..bcbc17fba4 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -860,10 +860,6 @@ +@@ -864,10 +864,6 @@ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F } !endif @@ -126,10 +125,10 @@ index 5377a8a2f3..11b4bafe83 100644 # # ISA Support diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index f8611f5c07..86a310dd49 100644 +index e7bf0da02b..e992ed5f37 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -344,7 +344,6 @@ INF RuleOverride=CSM OvmfPkg/Csm/Csm16/Csm16.inf +@@ -348,7 +348,6 @@ INF RuleOverride=CSM OvmfPkg/Csm/Csm16/Csm16.inf INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf !endif diff --git a/SOURCES/edk2-ArmVirtPkg-Remove-QemuRamfbDxe-display-device-driver.patch b/SOURCES/0034-ArmVirtPkg-Remove-QemuRamfbDxe-display-device-driver.patch similarity index 84% rename from SOURCES/edk2-ArmVirtPkg-Remove-QemuRamfbDxe-display-device-driver.patch rename to SOURCES/0034-ArmVirtPkg-Remove-QemuRamfbDxe-display-device-driver.patch index 6ac3546..28c535a 100644 --- a/SOURCES/edk2-ArmVirtPkg-Remove-QemuRamfbDxe-display-device-driver.patch +++ b/SOURCES/0034-ArmVirtPkg-Remove-QemuRamfbDxe-display-device-driver.patch @@ -1,8 +1,7 @@ -From e80cc71e0692102a975e9c4d4f8810374a6e8bf0 Mon Sep 17 00:00:00 2001 +From 9dc5af1a38fffff9f377c8eddf517be621bb6cda Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:02 +0200 -Subject: [PATCH 06/19] ArmVirtPkg: Remove QemuRamfbDxe display device driver - (RHEL only) +Subject: ArmVirtPkg: Remove QemuRamfbDxe display device driver (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -26,10 +25,10 @@ Signed-off-by: Miroslav Rezanina 3 files changed, 9 deletions(-) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index d2a2fdac8e..031edc3a7f 100644 +index e6fad9f066..6677283c21 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -504,10 +504,6 @@ +@@ -509,10 +509,6 @@ # # Video support # @@ -41,10 +40,10 @@ index d2a2fdac8e..031edc3a7f 100644 OvmfPkg/PlatformDxe/Platform.inf diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index 0ba57fe687..fbb86af5a8 100644 +index 520d531518..2b51ac4a6d 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -@@ -164,7 +164,6 @@ READ_LOCK_STATUS = TRUE +@@ -161,7 +161,6 @@ READ_LOCK_STATUS = TRUE # # Video support # @@ -53,10 +52,10 @@ index 0ba57fe687..fbb86af5a8 100644 INF OvmfPkg/PlatformDxe/Platform.inf diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc -index 7e50ce8b3b..9810fa5817 100644 +index 656c9d99a3..1ab8d6b999 100644 --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc -@@ -434,10 +434,6 @@ +@@ -438,10 +438,6 @@ # # Video support # diff --git a/SOURCES/edk2-OvmfPkg-Remove-NvmExpressDxe-device-driver-RHEL-only.patch b/SOURCES/0035-OvmfPkg-Remove-NvmExpressDxe-device-driver-RHEL-only.patch similarity index 87% rename from SOURCES/edk2-OvmfPkg-Remove-NvmExpressDxe-device-driver-RHEL-only.patch rename to SOURCES/0035-OvmfPkg-Remove-NvmExpressDxe-device-driver-RHEL-only.patch index a327e9a..669de2c 100644 --- a/SOURCES/edk2-OvmfPkg-Remove-NvmExpressDxe-device-driver-RHEL-only.patch +++ b/SOURCES/0035-OvmfPkg-Remove-NvmExpressDxe-device-driver-RHEL-only.patch @@ -1,7 +1,7 @@ -From 69b32fefaabd83aaea663cc493fbf894d94d9c0c Mon Sep 17 00:00:00 2001 +From a66385d84b6b156d09fc6c8a62297a684b4c39d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:06 +0200 -Subject: [PATCH 07/19] OvmfPkg: Remove NvmExpressDxe device driver (RHEL only) +Subject: OvmfPkg: Remove NvmExpressDxe device driver (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -29,10 +29,10 @@ Signed-off-by: Miroslav Rezanina 8 files changed, 20 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 72a5106f96..5f8ec2250d 100644 +index 154e318e87..7d69eba83b 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -739,10 +739,6 @@ +@@ -742,10 +742,6 @@ OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -44,10 +44,10 @@ index 72a5106f96..5f8ec2250d 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf -index 2e1a2911e3..5d3eb97f02 100644 +index cd86f60270..45e9a345b7 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf -@@ -245,7 +245,6 @@ INF MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf +@@ -253,7 +253,6 @@ INF MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf INF OvmfPkg/SataControllerDxe/SataControllerDxe.inf INF MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf INF MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -56,10 +56,10 @@ index 2e1a2911e3..5d3eb97f02 100644 INF MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf INF MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index bb72780e3e..44ed88ebbf 100644 +index 3061d0d796..b947e817a5 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -833,10 +833,6 @@ +@@ -837,10 +837,6 @@ OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -71,10 +71,10 @@ index bb72780e3e..44ed88ebbf 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index e546622732..a82701e7e1 100644 +index e55c88c84d..bfed32ddd3 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -265,7 +265,6 @@ INF MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf +@@ -263,7 +263,6 @@ INF MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf INF OvmfPkg/SataControllerDxe/SataControllerDxe.inf INF MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf INF MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -83,10 +83,10 @@ index e546622732..a82701e7e1 100644 INF MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf INF MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 12fe15539c..d6ae83d7fc 100644 +index 01adc7b648..7e86a9872e 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -847,10 +847,6 @@ +@@ -851,10 +851,6 @@ OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -98,10 +98,10 @@ index 12fe15539c..d6ae83d7fc 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index d709186a69..22f077dddd 100644 +index 43a96cc78a..5965d4367a 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf -@@ -266,7 +266,6 @@ INF MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf +@@ -267,7 +267,6 @@ INF MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf INF OvmfPkg/SataControllerDxe/SataControllerDxe.inf INF MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf INF MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -110,10 +110,10 @@ index d709186a69..22f077dddd 100644 INF MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf INF MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 11b4bafe83..fb6a0123ea 100644 +index bcbc17fba4..952b831548 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -845,10 +845,6 @@ +@@ -849,10 +849,6 @@ OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -125,10 +125,10 @@ index 11b4bafe83..fb6a0123ea 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index 86a310dd49..79fee2afbf 100644 +index e992ed5f37..4e382f7912 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -278,7 +278,6 @@ INF MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf +@@ -283,7 +283,6 @@ INF MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf INF OvmfPkg/SataControllerDxe/SataControllerDxe.inf INF MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf INF MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf diff --git a/SOURCES/edk2-ArmVirtPkg-Remove-NvmExpressDxe-device-driver-RHEL-o.patch b/SOURCES/0036-ArmVirtPkg-Remove-NvmExpressDxe-device-driver-RHEL-o.patch similarity index 84% rename from SOURCES/edk2-ArmVirtPkg-Remove-NvmExpressDxe-device-driver-RHEL-o.patch rename to SOURCES/0036-ArmVirtPkg-Remove-NvmExpressDxe-device-driver-RHEL-o.patch index 8dfe018..8ddc0ab 100644 --- a/SOURCES/edk2-ArmVirtPkg-Remove-NvmExpressDxe-device-driver-RHEL-o.patch +++ b/SOURCES/0036-ArmVirtPkg-Remove-NvmExpressDxe-device-driver-RHEL-o.patch @@ -1,8 +1,7 @@ -From aa4142400a322fa9ee46ad33e8bc25c99388d349 Mon Sep 17 00:00:00 2001 +From c165681779351c785d6e1946d6b861b71d07fb3f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:10 +0200 -Subject: [PATCH 08/19] ArmVirtPkg: Remove NvmExpressDxe device driver (RHEL - only) +Subject: ArmVirtPkg: Remove NvmExpressDxe device driver (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -25,10 +24,10 @@ Signed-off-by: Miroslav Rezanina 3 files changed, 15 deletions(-) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index 031edc3a7f..b6fdcb3612 100644 +index 6677283c21..dff238fbdd 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -471,11 +471,6 @@ +@@ -476,11 +476,6 @@ MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf @@ -41,10 +40,10 @@ index 031edc3a7f..b6fdcb3612 100644 # SMBIOS Support # diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index fbb86af5a8..5418cde2e1 100644 +index 2b51ac4a6d..9449daa5af 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -@@ -130,11 +130,6 @@ READ_LOCK_STATUS = TRUE +@@ -127,11 +127,6 @@ READ_LOCK_STATUS = TRUE INF MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf INF MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf @@ -57,10 +56,10 @@ index fbb86af5a8..5418cde2e1 100644 # SMBIOS Support # diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc -index 9810fa5817..af0484d841 100644 +index 1ab8d6b999..1603a635a9 100644 --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc -@@ -401,11 +401,6 @@ +@@ -405,11 +405,6 @@ MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf diff --git a/SOURCES/edk2-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch b/SOURCES/0037-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch similarity index 85% rename from SOURCES/edk2-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch rename to SOURCES/0037-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch index 9e2c5ad..ea21ce1 100644 --- a/SOURCES/edk2-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch +++ b/SOURCES/0037-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch @@ -1,8 +1,7 @@ -From 649579b908c5d19c63a8768d47b24ad63b353b49 Mon Sep 17 00:00:00 2001 +From a1872bcc0413a84cebe61b52fe99e5ef0d6ccca5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:13 +0200 -Subject: [PATCH 09/19] OvmfPkg: Remove VirtioFsDxe filesystem driver (RHEL - only) +Subject: OvmfPkg: Remove VirtioFsDxe filesystem driver (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -28,10 +27,10 @@ Signed-off-by: Miroslav Rezanina 6 files changed, 6 deletions(-) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 44ed88ebbf..356f824525 100644 +index b947e817a5..7ed4218f3f 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -827,7 +827,6 @@ +@@ -831,7 +831,6 @@ MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf @@ -40,10 +39,10 @@ index 44ed88ebbf..356f824525 100644 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf OvmfPkg/SataControllerDxe/SataControllerDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index a82701e7e1..73012cc933 100644 +index bfed32ddd3..0c90dc9ddf 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -288,7 +288,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour +@@ -285,7 +285,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour INF FatPkg/EnhancedFatDxe/Fat.inf INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf @@ -52,10 +51,10 @@ index a82701e7e1..73012cc933 100644 !ifndef $(EXCLUDE_SHELL_FROM_FD) !if $(TOOL_CHAIN_TAG) != "XCODE5" diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index d6ae83d7fc..0b6275e83e 100644 +index 7e86a9872e..080351bfe4 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -841,7 +841,6 @@ +@@ -845,7 +845,6 @@ MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf @@ -64,7 +63,7 @@ index d6ae83d7fc..0b6275e83e 100644 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf OvmfPkg/SataControllerDxe/SataControllerDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index 22f077dddd..0553e4e1a8 100644 +index 5965d4367a..0d23401372 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -289,7 +289,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour @@ -76,10 +75,10 @@ index 22f077dddd..0553e4e1a8 100644 !ifndef $(EXCLUDE_SHELL_FROM_FD) !if $(TOOL_CHAIN_TAG) != "XCODE5" diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index fb6a0123ea..c9857d58ed 100644 +index 952b831548..fa2e439c39 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -839,7 +839,6 @@ +@@ -843,7 +843,6 @@ MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf @@ -88,10 +87,10 @@ index fb6a0123ea..c9857d58ed 100644 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf OvmfPkg/SataControllerDxe/SataControllerDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index 79fee2afbf..1e471581d2 100644 +index 4e382f7912..244c1d6ef2 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -301,7 +301,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour +@@ -305,7 +305,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour INF FatPkg/EnhancedFatDxe/Fat.inf INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf diff --git a/SOURCES/edk2-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch b/SOURCES/0038-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch similarity index 86% rename from SOURCES/edk2-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch rename to SOURCES/0038-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch index 62a8aa2..8990611 100644 --- a/SOURCES/edk2-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch +++ b/SOURCES/0038-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch @@ -1,8 +1,7 @@ -From 55ddaceab730853aa40f842501cf5f1bb1d3220a Mon Sep 17 00:00:00 2001 +From 772e5687d7ffeb88e98f49d8aa499180114d3c32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:16 +0200 -Subject: [PATCH 10/19] ArmVirtPkg: Remove VirtioFsDxe filesystem driver (RHEL - only) +Subject: ArmVirtPkg: Remove VirtioFsDxe filesystem driver (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -25,10 +24,10 @@ Signed-off-by: Miroslav Rezanina 3 files changed, 3 deletions(-) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index b6fdcb3612..1b35b84b72 100644 +index dff238fbdd..feac352b65 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -425,7 +425,6 @@ +@@ -427,7 +427,6 @@ MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf @@ -37,7 +36,7 @@ index b6fdcb3612..1b35b84b72 100644 # # Bds diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index 5418cde2e1..87c0c42085 100644 +index 9449daa5af..8cab9bec9a 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc @@ -84,7 +84,6 @@ READ_LOCK_STATUS = TRUE @@ -49,10 +48,10 @@ index 5418cde2e1..87c0c42085 100644 # # Status Code Routing diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc -index af0484d841..a8a8525b1f 100644 +index 1603a635a9..b365ac0f99 100644 --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc -@@ -355,7 +355,6 @@ +@@ -356,7 +356,6 @@ MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf diff --git a/SOURCES/edk2-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch b/SOURCES/0039-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch similarity index 85% rename from SOURCES/edk2-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch rename to SOURCES/0039-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch index e056a2a..18e3377 100644 --- a/SOURCES/edk2-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch +++ b/SOURCES/0039-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch @@ -1,7 +1,7 @@ -From 08f3358aad5bcc436dcca31bed871aff2cc94703 Mon Sep 17 00:00:00 2001 +From 5c6129a2e68f7914a374f8efadc71a959ac2cc0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:19 +0200 -Subject: [PATCH 11/19] OvmfPkg: Remove UdfDxe filesystem driver (RHEL only) +Subject: OvmfPkg: Remove UdfDxe filesystem driver (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -29,10 +29,10 @@ Signed-off-by: Miroslav Rezanina 8 files changed, 8 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 5f8ec2250d..a54a4e39e2 100644 +index 7d69eba83b..35691989bd 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -733,7 +733,6 @@ +@@ -736,7 +736,6 @@ MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf @@ -41,10 +41,10 @@ index 5f8ec2250d..a54a4e39e2 100644 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf OvmfPkg/SataControllerDxe/SataControllerDxe.inf diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf -index 5d3eb97f02..89e35c5b19 100644 +index 45e9a345b7..52cb301d43 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf -@@ -265,7 +265,6 @@ INF RuleOverride=ACPITABLE OvmfPkg/AcpiTables/AcpiTables.inf +@@ -272,7 +272,6 @@ INF OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpiPlatformDxe.inf INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf INF FatPkg/EnhancedFatDxe/Fat.inf @@ -53,10 +53,10 @@ index 5d3eb97f02..89e35c5b19 100644 !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 356f824525..4b30b0e461 100644 +index 7ed4218f3f..47dc58b2f2 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -826,7 +826,6 @@ +@@ -830,7 +830,6 @@ MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf @@ -65,10 +65,10 @@ index 356f824525..4b30b0e461 100644 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf OvmfPkg/SataControllerDxe/SataControllerDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index 73012cc933..8e21668044 100644 +index 0c90dc9ddf..04bd804471 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -287,7 +287,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf +@@ -284,7 +284,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf INF FatPkg/EnhancedFatDxe/Fat.inf @@ -77,10 +77,10 @@ index 73012cc933..8e21668044 100644 !ifndef $(EXCLUDE_SHELL_FROM_FD) !if $(TOOL_CHAIN_TAG) != "XCODE5" diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 0b6275e83e..faff80d56b 100644 +index 080351bfe4..dc5c6681c5 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -840,7 +840,6 @@ +@@ -844,7 +844,6 @@ MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf @@ -89,7 +89,7 @@ index 0b6275e83e..faff80d56b 100644 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf OvmfPkg/SataControllerDxe/SataControllerDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index 0553e4e1a8..40f68b0425 100644 +index 0d23401372..36433d984c 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -288,7 +288,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf @@ -101,10 +101,10 @@ index 0553e4e1a8..40f68b0425 100644 !ifndef $(EXCLUDE_SHELL_FROM_FD) !if $(TOOL_CHAIN_TAG) != "XCODE5" diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index c9857d58ed..6bfe64e892 100644 +index fa2e439c39..17a11f81ae 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -838,7 +838,6 @@ +@@ -842,7 +842,6 @@ MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf @@ -113,10 +113,10 @@ index c9857d58ed..6bfe64e892 100644 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf OvmfPkg/SataControllerDxe/SataControllerDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index 1e471581d2..b127f225bb 100644 +index 244c1d6ef2..ed0d60b5e0 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -300,7 +300,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf +@@ -304,7 +304,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf INF FatPkg/EnhancedFatDxe/Fat.inf diff --git a/SOURCES/edk2-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch b/SOURCES/0040-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch similarity index 86% rename from SOURCES/edk2-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch rename to SOURCES/0040-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch index ccd0aaa..be8a548 100644 --- a/SOURCES/edk2-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch +++ b/SOURCES/0040-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch @@ -1,7 +1,7 @@ -From 16ea5dcae2f8064bfb2c24109f48c87dfc5c0823 Mon Sep 17 00:00:00 2001 +From f5f031cd20029999856279428960eec8cb70b833 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:22 +0200 -Subject: [PATCH 12/19] ArmVirtPkg: Remove UdfDxe filesystem driver (RHEL only) +Subject: ArmVirtPkg: Remove UdfDxe filesystem driver (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -24,10 +24,10 @@ Signed-off-by: Miroslav Rezanina 3 files changed, 3 deletions(-) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index 1b35b84b72..2d40132431 100644 +index feac352b65..07d3723589 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -424,7 +424,6 @@ +@@ -426,7 +426,6 @@ MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf @@ -36,7 +36,7 @@ index 1b35b84b72..2d40132431 100644 # # Bds diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index 87c0c42085..a6d5c35649 100644 +index 8cab9bec9a..41392521a1 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc @@ -83,7 +83,6 @@ READ_LOCK_STATUS = TRUE @@ -48,10 +48,10 @@ index 87c0c42085..a6d5c35649 100644 # # Status Code Routing diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc -index a8a8525b1f..fa98d8ff50 100644 +index b365ac0f99..609f44dc24 100644 --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc -@@ -354,7 +354,6 @@ +@@ -355,7 +355,6 @@ MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf FatPkg/EnhancedFatDxe/Fat.inf diff --git a/SOURCES/edk2-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch b/SOURCES/0041-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch similarity index 86% rename from SOURCES/edk2-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch rename to SOURCES/0041-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch index ba111ec..a790794 100644 --- a/SOURCES/edk2-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch +++ b/SOURCES/0041-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch @@ -1,8 +1,7 @@ -From 08daf5b41ee0926d5e3ed40b6dad24166fac95ee Mon Sep 17 00:00:00 2001 +From db62fdc2ea07ba0796820c0f4aaa02e3a36c0b27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:25 +0200 -Subject: [PATCH 13/19] OvmfPkg: Remove TftpDynamicCommand from shell (RHEL - only) +Subject: OvmfPkg: Remove TftpDynamicCommand from shell (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -28,10 +27,10 @@ Signed-off-by: Miroslav Rezanina 6 files changed, 15 deletions(-) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 4b30b0e461..caa335bed5 100644 +index 47dc58b2f2..3e7cd1f0ff 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -907,10 +907,6 @@ +@@ -910,10 +910,6 @@ !endif !if $(TOOL_CHAIN_TAG) != "XCODE5" @@ -43,10 +42,10 @@ index 4b30b0e461..caa335bed5 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index 8e21668044..a6d0645c3f 100644 +index 04bd804471..61c3db7a13 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -290,7 +290,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -287,7 +287,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf !ifndef $(EXCLUDE_SHELL_FROM_FD) !if $(TOOL_CHAIN_TAG) != "XCODE5" @@ -55,10 +54,10 @@ index 8e21668044..a6d0645c3f 100644 INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf !endif diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index faff80d56b..52cc9edffc 100644 +index dc5c6681c5..450db0b473 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -921,10 +921,6 @@ +@@ -924,10 +924,6 @@ !endif !if $(TOOL_CHAIN_TAG) != "XCODE5" @@ -70,7 +69,7 @@ index faff80d56b..52cc9edffc 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index 40f68b0425..3fa5273f89 100644 +index 36433d984c..56781d84e4 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -291,7 +291,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf @@ -82,10 +81,10 @@ index 40f68b0425..3fa5273f89 100644 INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf !endif diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 6bfe64e892..6e1d5409e3 100644 +index 17a11f81ae..07d028b294 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -919,10 +919,6 @@ +@@ -922,10 +922,6 @@ !endif !if $(TOOL_CHAIN_TAG) != "XCODE5" @@ -97,10 +96,10 @@ index 6bfe64e892..6e1d5409e3 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index b127f225bb..1e332d2a73 100644 +index ed0d60b5e0..959736a1be 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -303,7 +303,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -307,7 +307,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf !ifndef $(EXCLUDE_SHELL_FROM_FD) !if $(TOOL_CHAIN_TAG) != "XCODE5" diff --git a/SOURCES/edk2-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch b/SOURCES/0042-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch similarity index 74% rename from SOURCES/edk2-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch rename to SOURCES/0042-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch index e9edf2b..4c7024d 100644 --- a/SOURCES/edk2-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch +++ b/SOURCES/0042-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch @@ -1,8 +1,7 @@ -From 1c009e878f32c2774db7493069335945ea51a9b4 Mon Sep 17 00:00:00 2001 +From 94302ccc1de9b13cb6dc28af3e077e0b09052460 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:28 +0200 -Subject: [PATCH 14/19] ArmVirtPkg: Remove TftpDynamicCommand from shell (RHEL - only) +Subject: ArmVirtPkg: Remove TftpDynamicCommand from shell (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -19,32 +18,35 @@ Suggested-by: Laszlo Ersek Signed-off-by: Philippe Mathieu-Daudé Signed-off-by: Miroslav Rezanina --- - ArmVirtPkg/ArmVirt.dsc.inc | 4 ---- + ArmVirtPkg/ArmVirt.dsc.inc | 7 +++---- ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 - - 2 files changed, 5 deletions(-) + 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc -index 505e895db7..012050147e 100644 +index 2fd8d31611..56c55eb473 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc -@@ -378,10 +378,6 @@ - # - # UEFI application (Shell Embedded Boot Loader) +@@ -377,10 +377,9 @@ # + MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf + - ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf { - - gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE - } ++ # ++ # UEFI application (Shell Embedded Boot Loader) ++ # ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf { gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index a6d5c35649..4a26071397 100644 +index 41392521a1..89e0bad645 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -@@ -101,7 +101,6 @@ READ_LOCK_STATUS = TRUE - # UEFI application (Shell Embedded Boot Loader) - # +@@ -98,7 +98,6 @@ READ_LOCK_STATUS = TRUE + INF OvmfPkg/VirtioRngDxe/VirtioRng.inf + INF ShellPkg/Application/Shell/Shell.inf - INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf diff --git a/SOURCES/edk2-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch b/SOURCES/0043-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch similarity index 86% rename from SOURCES/edk2-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch rename to SOURCES/0043-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch index d60c534..0701c9b 100644 --- a/SOURCES/edk2-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch +++ b/SOURCES/0043-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch @@ -1,8 +1,7 @@ -From 2ca952f2964aa744846a08cb13252428e92b3952 Mon Sep 17 00:00:00 2001 +From 266042abbae5f40f3a45e88601a27096734163da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:31 +0200 -Subject: [PATCH 15/19] OvmfPkg: Remove HttpDynamicCommand from shell (RHEL - only) +Subject: OvmfPkg: Remove HttpDynamicCommand from shell (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -28,10 +27,10 @@ Signed-off-by: Miroslav Rezanina 6 files changed, 15 deletions(-) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index caa335bed5..d22b643161 100644 +index 3e7cd1f0ff..1a14d8125b 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -907,10 +907,6 @@ +@@ -910,10 +910,6 @@ !endif !if $(TOOL_CHAIN_TAG) != "XCODE5" @@ -43,10 +42,10 @@ index caa335bed5..d22b643161 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index a6d0645c3f..87afeb57a1 100644 +index 61c3db7a13..bdb8bd2388 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -290,7 +290,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -287,7 +287,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf !ifndef $(EXCLUDE_SHELL_FROM_FD) !if $(TOOL_CHAIN_TAG) != "XCODE5" @@ -55,10 +54,10 @@ index a6d0645c3f..87afeb57a1 100644 !endif INF ShellPkg/Application/Shell/Shell.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 52cc9edffc..d3e913d094 100644 +index 450db0b473..a528e35e99 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -921,10 +921,6 @@ +@@ -924,10 +924,6 @@ !endif !if $(TOOL_CHAIN_TAG) != "XCODE5" @@ -70,7 +69,7 @@ index 52cc9edffc..d3e913d094 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index 3fa5273f89..96e65fab46 100644 +index 56781d84e4..2bb9c91909 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -291,7 +291,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf @@ -82,10 +81,10 @@ index 3fa5273f89..96e65fab46 100644 !endif INF ShellPkg/Application/Shell/Shell.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 6e1d5409e3..13320b3aa9 100644 +index 07d028b294..8b4963b022 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -919,10 +919,6 @@ +@@ -922,10 +922,6 @@ !endif !if $(TOOL_CHAIN_TAG) != "XCODE5" @@ -97,10 +96,10 @@ index 6e1d5409e3..13320b3aa9 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index 1e332d2a73..b3dccaebd3 100644 +index 959736a1be..9d1dfb1cee 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -303,7 +303,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -307,7 +307,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf !ifndef $(EXCLUDE_SHELL_FROM_FD) !if $(TOOL_CHAIN_TAG) != "XCODE5" diff --git a/SOURCES/edk2-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch b/SOURCES/0044-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch similarity index 82% rename from SOURCES/edk2-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch rename to SOURCES/0044-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch index f9e06c4..4092e92 100644 --- a/SOURCES/edk2-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch +++ b/SOURCES/0044-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch @@ -1,8 +1,7 @@ -From 6526e99a9e71d45f1ed69d95ff0dd75066a093f7 Mon Sep 17 00:00:00 2001 +From e2844c290619d4a0d835a0e0756d07eca0493ddb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:34 +0200 -Subject: [PATCH 16/19] ArmVirtPkg: Remove HttpDynamicCommand from shell (RHEL - only) +Subject: ArmVirtPkg: Remove HttpDynamicCommand from shell (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -24,10 +23,10 @@ Signed-off-by: Miroslav Rezanina 2 files changed, 5 deletions(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc -index 012050147e..98ff6a6f87 100644 +index 56c55eb473..0e221c22c9 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc -@@ -378,10 +378,6 @@ +@@ -380,10 +380,6 @@ # # UEFI application (Shell Embedded Boot Loader) # @@ -39,12 +38,12 @@ index 012050147e..98ff6a6f87 100644 gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index 4a26071397..5db1918159 100644 +index 89e0bad645..add13fc39d 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -@@ -101,7 +101,6 @@ READ_LOCK_STATUS = TRUE - # UEFI application (Shell Embedded Boot Loader) - # +@@ -98,7 +98,6 @@ READ_LOCK_STATUS = TRUE + INF OvmfPkg/VirtioRngDxe/VirtioRng.inf + INF ShellPkg/Application/Shell/Shell.inf - INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf diff --git a/SOURCES/edk2-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch b/SOURCES/0045-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch similarity index 85% rename from SOURCES/edk2-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch rename to SOURCES/0045-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch index 48a2b5a..19509d0 100644 --- a/SOURCES/edk2-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch +++ b/SOURCES/0045-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch @@ -1,8 +1,7 @@ -From 5f97a7d207dd52af15869726e9a628c3f9f1c5ff Mon Sep 17 00:00:00 2001 +From 855afbe9bf9ebb68f9cdb3ace57ce99e5614375f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:39 +0200 -Subject: [PATCH 17/19] OvmfPkg: Remove LinuxInitrdDynamicShellCommand (RHEL - only) +Subject: OvmfPkg: Remove LinuxInitrdDynamicShellCommand (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -35,10 +34,10 @@ Signed-off-by: Miroslav Rezanina 8 files changed, 20 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index a54a4e39e2..485c60dd36 100644 +index 35691989bd..88b65b9f59 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -783,10 +783,6 @@ +@@ -785,10 +785,6 @@ MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE @@ -50,10 +49,10 @@ index a54a4e39e2..485c60dd36 100644 OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf OvmfPkg/AmdSev/Grub/Grub.inf diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf -index 89e35c5b19..1cf4d659d1 100644 +index 52cb301d43..325570c5a3 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf -@@ -267,7 +267,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour +@@ -274,7 +274,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour INF FatPkg/EnhancedFatDxe/Fat.inf !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE @@ -62,10 +61,10 @@ index 89e35c5b19..1cf4d659d1 100644 INF OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf INF OvmfPkg/AmdSev/Grub/Grub.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index d22b643161..f844c5f97c 100644 +index 1a14d8125b..fa42d919be 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -907,10 +907,6 @@ +@@ -910,10 +910,6 @@ !endif !if $(TOOL_CHAIN_TAG) != "XCODE5" @@ -77,10 +76,10 @@ index d22b643161..f844c5f97c 100644 ShellPkg/Application/Shell/Shell.inf { diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index 87afeb57a1..f4a6829085 100644 +index bdb8bd2388..51433836d6 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -290,7 +290,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -287,7 +287,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf !ifndef $(EXCLUDE_SHELL_FROM_FD) !if $(TOOL_CHAIN_TAG) != "XCODE5" @@ -89,10 +88,10 @@ index 87afeb57a1..f4a6829085 100644 INF ShellPkg/Application/Shell/Shell.inf !endif diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index d3e913d094..b373c0d63a 100644 +index a528e35e99..ef962565f8 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -921,10 +921,6 @@ +@@ -924,10 +924,6 @@ !endif !if $(TOOL_CHAIN_TAG) != "XCODE5" @@ -104,7 +103,7 @@ index d3e913d094..b373c0d63a 100644 ShellPkg/Application/Shell/Shell.inf { diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index 96e65fab46..35692403d3 100644 +index 2bb9c91909..a50f80e1e9 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -291,7 +291,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf @@ -116,10 +115,10 @@ index 96e65fab46..35692403d3 100644 INF ShellPkg/Application/Shell/Shell.inf !endif diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 13320b3aa9..39e8e5b3c4 100644 +index 8b4963b022..ba9f9833b0 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -919,10 +919,6 @@ +@@ -922,10 +922,6 @@ !endif !if $(TOOL_CHAIN_TAG) != "XCODE5" @@ -131,10 +130,10 @@ index 13320b3aa9..39e8e5b3c4 100644 ShellPkg/Application/Shell/Shell.inf { diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index b3dccaebd3..a0c3c182f6 100644 +index 9d1dfb1cee..dd1c6eded9 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -303,7 +303,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf +@@ -307,7 +307,6 @@ INF FatPkg/EnhancedFatDxe/Fat.inf !ifndef $(EXCLUDE_SHELL_FROM_FD) !if $(TOOL_CHAIN_TAG) != "XCODE5" diff --git a/SOURCES/edk2-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch b/SOURCES/0046-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch similarity index 82% rename from SOURCES/edk2-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch rename to SOURCES/0046-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch index ba647d9..b113e6d 100644 --- a/SOURCES/edk2-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch +++ b/SOURCES/0046-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch @@ -1,8 +1,7 @@ -From de1c2b8b944701c789477246ecad73708afe1ae6 Mon Sep 17 00:00:00 2001 +From 74043040b2535bd098ab6089d0ec2ef19c6abeea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 1 Jul 2021 20:29:46 +0200 -Subject: [PATCH 18/19] ArmVirtPkg: Remove LinuxInitrdDynamicShellCommand (RHEL - only) +Subject: ArmVirtPkg: Remove LinuxInitrdDynamicShellCommand (RHEL only) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -25,10 +24,10 @@ Signed-off-by: Miroslav Rezanina 2 files changed, 5 deletions(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc -index 98ff6a6f87..f2b6b6bce8 100644 +index 0e221c22c9..040878939b 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc -@@ -378,10 +378,6 @@ +@@ -380,10 +380,6 @@ # # UEFI application (Shell Embedded Boot Loader) # @@ -40,12 +39,12 @@ index 98ff6a6f87..f2b6b6bce8 100644 ShellCommandLib|ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.inf diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -index 5db1918159..ea2d4cbe87 100644 +index add13fc39d..82b015d77d 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc -@@ -101,7 +101,6 @@ READ_LOCK_STATUS = TRUE - # UEFI application (Shell Embedded Boot Loader) - # +@@ -98,7 +98,6 @@ READ_LOCK_STATUS = TRUE + INF OvmfPkg/VirtioRngDxe/VirtioRng.inf + INF ShellPkg/Application/Shell/Shell.inf - INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf diff --git a/SOURCES/edk2-MdeModulePkg-PartitionDxe-Ignore-PMBR-BootIndicator-.patch b/SOURCES/edk2-MdeModulePkg-PartitionDxe-Ignore-PMBR-BootIndicator-.patch deleted file mode 100644 index f978260..0000000 --- a/SOURCES/edk2-MdeModulePkg-PartitionDxe-Ignore-PMBR-BootIndicator-.patch +++ /dev/null @@ -1,74 +0,0 @@ -From e02e989ebff6caef4efbb91bc34b242a3bbed9d7 Mon Sep 17 00:00:00 2001 -From: Neal Gompa -Date: Mon, 5 Jul 2021 05:36:03 -0400 -Subject: [PATCH] MdeModulePkg/PartitionDxe: Ignore PMBR BootIndicator per UEFI - spec -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -RH-Author: Philippe Mathieu-Daudé -RH-MergeRequest: 6: MdeModulePkg/PartitionDxe: Ignore PMBR BootIndicator per UEFI spec [RHEL-9, c9s] -RH-Commit: [1/1] b06df986d8e0cd0dab6e4234801c330b4d26e7db -RH-Bugzilla: 1988760 -RH-Acked-by: Miroslav Rezanina - -Per UEFI Spec 2.8 (UEFI_Spec_2_8_final.pdf, page 114) -5.2.3 Protective MBR -Table 20. Protective MBR Partition Record protecting the entire disk - -The description for BootIndicator states the following: - -> Set to 0x00 to indicate a non-bootable partition. If set to any -> value other than 0x00 the behavior of this flag on non-UEFI -> systems is undefined. Must be ignored by UEFI implementations. - -Unfortunately, we have been incorrectly assuming that the -BootIndicator value must be 0x00, which leads to problems -when the 'pmbr_boot' flag is set on a disk containing a GPT -(such as with GNU parted). When the flag is set, the value -changes to 0x01, causing this check to fail and the system -is rendered unbootable despite it being valid from the -perspective of the UEFI spec. - -To resolve this, we drop the check for the BootIndicator -so that we stop caring about the value set there, which -restores the capability to boot such disks. - -Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3474 - -Cc: Chris Murphy -Cc: David Duncan -Cc: Lazlo Ersek -Cc: Hao A Wu -Cc: Ray Ni -Cc: Zhichao Gao - -Signed-off-by: Neal Gompa -Message-Id: <20210705093603.575707-1-ngompa@fedoraproject.org> -Reviewed-by: Laszlo Ersek -Reviewed-by: Hao A Wu -(cherry picked from commit b3db0cb1f8d163f22b769c205c6347376a315dcd) -Signed-off-by: Philippe Mathieu-Daude -Signed-off-by: Miroslav Rezanina ---- - MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c b/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c -index aefb2d6ecb..efaff5e080 100644 ---- a/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c -+++ b/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c -@@ -264,8 +264,7 @@ PartitionInstallGptChildHandles ( - // Verify that the Protective MBR is valid - // - for (Index = 0; Index < MAX_MBR_PARTITIONS; Index++) { -- if (ProtectiveMbr->Partition[Index].BootIndicator == 0x00 && -- ProtectiveMbr->Partition[Index].OSIndicator == PMBR_GPT_PARTITION && -+ if (ProtectiveMbr->Partition[Index].OSIndicator == PMBR_GPT_PARTITION && - UNPACK_UINT32 (ProtectiveMbr->Partition[Index].StartingLBA) == 1 - ) { - break; --- -2.27.0 - diff --git a/SOURCES/edk2-NetworkPkg-IScsiDxe-assert-that-IScsiBinToHex-always.patch b/SOURCES/edk2-NetworkPkg-IScsiDxe-assert-that-IScsiBinToHex-always.patch deleted file mode 100644 index deb0bf6..0000000 --- a/SOURCES/edk2-NetworkPkg-IScsiDxe-assert-that-IScsiBinToHex-always.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 713a76945fb7962d97be9c0f8a54a32da5f683d2 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Tue, 8 Jun 2021 14:12:55 +0200 -Subject: [PATCH 06/11] NetworkPkg/IScsiDxe: assert that IScsiBinToHex() always - succeeds -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -RH-Author: Laszlo Ersek -RH-MergeRequest: 1: NetworkPkg/IScsiDxe: fix IScsiHexToBin() security and functionality bugs [RHEL-9, c9s] -RH-Commit: [6/10] f75dedb1034e5feb5fd268c99184d3e392ef9beb -RH-Bugzilla: 1961100 -RH-Acked-by: Philippe Mathieu-Daudé - -IScsiBinToHex() is called for encoding: - -- the answer to the target's challenge; that is, CHAP_R; - -- the challenge for the target, in case mutual authentication is enabled; - that is, CHAP_C. - -The initiator controls the size of both blobs, the sizes of their hex -encodings are correctly calculated in "RspLen" and "ChallengeLen". -Therefore the IScsiBinToHex() calls never fail; assert that. - -Cc: Jiaxin Wu -Cc: Maciej Rabeda -Cc: Philippe Mathieu-Daudé -Cc: Siyuan Fu -Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3356 -Signed-off-by: Laszlo Ersek -Reviewed-by: Philippe Mathieu-Daudé -Reviewed-by: Maciej Rabeda -Message-Id: <20210608121259.32451-7-lersek@redhat.com> -(cherry picked from commit d90fff40cb2502b627370a77f5608c8a178c3f78) -Signed-off-by: Miroslav Rezanina ---- - NetworkPkg/IScsiDxe/IScsiCHAP.c | 27 +++++++++++++++------------ - 1 file changed, 15 insertions(+), 12 deletions(-) - -diff --git a/NetworkPkg/IScsiDxe/IScsiCHAP.c b/NetworkPkg/IScsiDxe/IScsiCHAP.c -index 9e192ce292..dbe3c8ef46 100644 ---- a/NetworkPkg/IScsiDxe/IScsiCHAP.c -+++ b/NetworkPkg/IScsiDxe/IScsiCHAP.c -@@ -391,6 +391,7 @@ IScsiCHAPToSendReq ( - UINT32 RspLen; - CHAR8 *Challenge; - UINT32 ChallengeLen; -+ EFI_STATUS BinToHexStatus; - - ASSERT (Conn->CurrentStage == ISCSI_SECURITY_NEGOTIATION); - -@@ -471,12 +472,13 @@ IScsiCHAPToSendReq ( - // - // CHAP_R= - // -- IScsiBinToHex ( -- (UINT8 *) AuthData->CHAPResponse, -- ISCSI_CHAP_RSP_LEN, -- Response, -- &RspLen -- ); -+ BinToHexStatus = IScsiBinToHex ( -+ (UINT8 *) AuthData->CHAPResponse, -+ ISCSI_CHAP_RSP_LEN, -+ Response, -+ &RspLen -+ ); -+ ASSERT_EFI_ERROR (BinToHexStatus); - IScsiAddKeyValuePair (Pdu, ISCSI_KEY_CHAP_RESPONSE, Response); - - if (AuthData->AuthConfig->CHAPType == ISCSI_CHAP_MUTUAL) { -@@ -490,12 +492,13 @@ IScsiCHAPToSendReq ( - // CHAP_C= - // - IScsiGenRandom ((UINT8 *) AuthData->OutChallenge, ISCSI_CHAP_RSP_LEN); -- IScsiBinToHex ( -- (UINT8 *) AuthData->OutChallenge, -- ISCSI_CHAP_RSP_LEN, -- Challenge, -- &ChallengeLen -- ); -+ BinToHexStatus = IScsiBinToHex ( -+ (UINT8 *) AuthData->OutChallenge, -+ ISCSI_CHAP_RSP_LEN, -+ Challenge, -+ &ChallengeLen -+ ); -+ ASSERT_EFI_ERROR (BinToHexStatus); - IScsiAddKeyValuePair (Pdu, ISCSI_KEY_CHAP_CHALLENGE, Challenge); - - Conn->AuthStep = ISCSI_CHAP_STEP_FOUR; --- -2.27.0 - diff --git a/SOURCES/edk2-NetworkPkg-IScsiDxe-check-IScsiHexToBin-return-value.patch b/SOURCES/edk2-NetworkPkg-IScsiDxe-check-IScsiHexToBin-return-value.patch deleted file mode 100644 index 52fc46c..0000000 --- a/SOURCES/edk2-NetworkPkg-IScsiDxe-check-IScsiHexToBin-return-value.patch +++ /dev/null @@ -1,92 +0,0 @@ -From de86f03cd7ed849ff62b1591c5fd34aeb1792887 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Tue, 8 Jun 2021 14:12:59 +0200 -Subject: [PATCH 10/11] NetworkPkg/IScsiDxe: check IScsiHexToBin() return - values -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -RH-Author: Laszlo Ersek -RH-MergeRequest: 1: NetworkPkg/IScsiDxe: fix IScsiHexToBin() security and functionality bugs [RHEL-9, c9s] -RH-Commit: [10/10] 840f483839ce598396bb6db8ec1f0f50689b8215 -RH-Bugzilla: 1961100 -RH-Acked-by: Philippe Mathieu-Daudé - -IScsiDxe (that is, the initiator) receives two hex-encoded strings from -the iSCSI target: - -- CHAP_C, where the target challenges the initiator, - -- CHAP_R, where the target answers the challenge from the initiator (in - case the initiator wants mutual authentication). - -Accordingly, we have two IScsiHexToBin() call sites: - -- At the CHAP_C decoding site, check whether the decoding succeeds. The - decoded buffer ("AuthData->InChallenge") can accommodate 1024 bytes, - which is a permissible restriction on the target, per - . Shorter challenges - from the target are acceptable. - -- At the CHAP_R decoding site, enforce that the decoding both succeed, and - provide exactly ISCSI_CHAP_RSP_LEN bytes. CHAP_R contains the digest - calculated by the target, therefore it must be of fixed size. We may - only call IScsiCHAPAuthTarget() if "TargetRsp" has been fully populated. - -Cc: Jiaxin Wu -Cc: Maciej Rabeda -Cc: Philippe Mathieu-Daudé -Cc: Siyuan Fu -Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3356 -Signed-off-by: Laszlo Ersek -Reviewed-by: Philippe Mathieu-Daudé -Reviewed-by: Maciej Rabeda -Message-Id: <20210608121259.32451-11-lersek@redhat.com> -(cherry picked from commit b8649cf2a3e673a4a8cb6c255e394b354b771550) -Signed-off-by: Miroslav Rezanina ---- - NetworkPkg/IScsiDxe/IScsiCHAP.c | 20 ++++++++++++++------ - 1 file changed, 14 insertions(+), 6 deletions(-) - -diff --git a/NetworkPkg/IScsiDxe/IScsiCHAP.c b/NetworkPkg/IScsiDxe/IScsiCHAP.c -index dbe3c8ef46..7e930c0d1e 100644 ---- a/NetworkPkg/IScsiDxe/IScsiCHAP.c -+++ b/NetworkPkg/IScsiDxe/IScsiCHAP.c -@@ -290,11 +290,15 @@ IScsiCHAPOnRspReceived ( - - AuthData->InIdentifier = (UINT32) Result; - AuthData->InChallengeLength = (UINT32) sizeof (AuthData->InChallenge); -- IScsiHexToBin ( -- (UINT8 *) AuthData->InChallenge, -- &AuthData->InChallengeLength, -- Challenge -- ); -+ Status = IScsiHexToBin ( -+ (UINT8 *) AuthData->InChallenge, -+ &AuthData->InChallengeLength, -+ Challenge -+ ); -+ if (EFI_ERROR (Status)) { -+ Status = EFI_PROTOCOL_ERROR; -+ goto ON_EXIT; -+ } - Status = IScsiCHAPCalculateResponse ( - AuthData->InIdentifier, - AuthData->AuthConfig->CHAPSecret, -@@ -337,7 +341,11 @@ IScsiCHAPOnRspReceived ( - } - - RspLen = ISCSI_CHAP_RSP_LEN; -- IScsiHexToBin (TargetRsp, &RspLen, Response); -+ Status = IScsiHexToBin (TargetRsp, &RspLen, Response); -+ if (EFI_ERROR (Status) || RspLen != ISCSI_CHAP_RSP_LEN) { -+ Status = EFI_PROTOCOL_ERROR; -+ goto ON_EXIT; -+ } - - // - // Check the CHAP Name and Response replied by Target. --- -2.27.0 - diff --git a/SOURCES/edk2-NetworkPkg-IScsiDxe-clean-up-ISCSI_CHAP_AUTH_DATA.Ou.patch b/SOURCES/edk2-NetworkPkg-IScsiDxe-clean-up-ISCSI_CHAP_AUTH_DATA.Ou.patch deleted file mode 100644 index e4dd7fc..0000000 --- a/SOURCES/edk2-NetworkPkg-IScsiDxe-clean-up-ISCSI_CHAP_AUTH_DATA.Ou.patch +++ /dev/null @@ -1,103 +0,0 @@ -From 4524b42b1cdf042d348c0070984428ec95ba96ec Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Tue, 8 Jun 2021 14:12:52 +0200 -Subject: [PATCH 03/11] NetworkPkg/IScsiDxe: clean up - "ISCSI_CHAP_AUTH_DATA.OutChallengeLength" -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -RH-Author: Laszlo Ersek -RH-MergeRequest: 1: NetworkPkg/IScsiDxe: fix IScsiHexToBin() security and functionality bugs [RHEL-9, c9s] -RH-Commit: [3/10] 10e4f6de005e7fd67eb3a0d266c9bc95b2df648c -RH-Bugzilla: 1961100 -RH-Acked-by: Philippe Mathieu-Daudé - -The "ISCSI_CHAP_AUTH_DATA.OutChallenge" field is declared as a UINT8 array -with ISCSI_CHAP_AUTH_MAX_LEN (1024) elements. However, when the challenge -is generated and formatted, only ISCSI_CHAP_RSP_LEN (16) octets are used -in the array. - -Change the array size to ISCSI_CHAP_RSP_LEN, and remove the (now unused) -ISCSI_CHAP_AUTH_MAX_LEN macro. - -Remove the "ISCSI_CHAP_AUTH_DATA.OutChallengeLength" field, which is -superfluous too. - -Most importantly, explain in a new comment *why* tying the challenge size -to the digest size (ISCSI_CHAP_RSP_LEN) has always made sense. (See also -Linux kernel commit 19f5f88ed779, "scsi: target: iscsi: tie the challenge -length to the hash digest size", 2019-11-06.) For sure, the motivation -that the new comment now explains has always been there, and has always -been the same, for IScsiDxe; it's just that now we spell it out too. - -No change in peer-visible behavior. - -Cc: Jiaxin Wu -Cc: Maciej Rabeda -Cc: Philippe Mathieu-Daudé -Cc: Siyuan Fu -Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3356 -Signed-off-by: Laszlo Ersek -Reviewed-by: Philippe Mathieu-Daudé -Reviewed-by: Maciej Rabeda -Message-Id: <20210608121259.32451-4-lersek@redhat.com> -(cherry picked from commit 95616b866187b00355042953efa5c198df07250f) -Signed-off-by: Miroslav Rezanina ---- - NetworkPkg/IScsiDxe/IScsiCHAP.c | 3 +-- - NetworkPkg/IScsiDxe/IScsiCHAP.h | 9 ++++++--- - 2 files changed, 7 insertions(+), 5 deletions(-) - -diff --git a/NetworkPkg/IScsiDxe/IScsiCHAP.c b/NetworkPkg/IScsiDxe/IScsiCHAP.c -index df3c2eb120..9e192ce292 100644 ---- a/NetworkPkg/IScsiDxe/IScsiCHAP.c -+++ b/NetworkPkg/IScsiDxe/IScsiCHAP.c -@@ -122,7 +122,7 @@ IScsiCHAPAuthTarget ( - AuthData->AuthConfig->ReverseCHAPSecret, - SecretSize, - AuthData->OutChallenge, -- AuthData->OutChallengeLength, -+ ISCSI_CHAP_RSP_LEN, // ChallengeLength - VerifyRsp - ); - -@@ -490,7 +490,6 @@ IScsiCHAPToSendReq ( - // CHAP_C= - // - IScsiGenRandom ((UINT8 *) AuthData->OutChallenge, ISCSI_CHAP_RSP_LEN); -- AuthData->OutChallengeLength = ISCSI_CHAP_RSP_LEN; - IScsiBinToHex ( - (UINT8 *) AuthData->OutChallenge, - ISCSI_CHAP_RSP_LEN, -diff --git a/NetworkPkg/IScsiDxe/IScsiCHAP.h b/NetworkPkg/IScsiDxe/IScsiCHAP.h -index 1fc1d96ea3..35d5d6ec29 100644 ---- a/NetworkPkg/IScsiDxe/IScsiCHAP.h -+++ b/NetworkPkg/IScsiDxe/IScsiCHAP.h -@@ -19,7 +19,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent - - #define ISCSI_CHAP_ALGORITHM_MD5 5 - --#define ISCSI_CHAP_AUTH_MAX_LEN 1024 - /// - /// MD5_HASHSIZE - /// -@@ -59,9 +58,13 @@ typedef struct _ISCSI_CHAP_AUTH_DATA { - // - // Auth-data to be sent out for mutual authentication. - // -+ // While the challenge size is technically independent of the hashing -+ // algorithm, it is good practice to avoid hashing *fewer bytes* than the -+ // digest size. In other words, it's good practice to feed *at least as many -+ // bytes* to the hashing algorithm as the hashing algorithm will output. -+ // - UINT32 OutIdentifier; -- UINT8 OutChallenge[ISCSI_CHAP_AUTH_MAX_LEN]; -- UINT32 OutChallengeLength; -+ UINT8 OutChallenge[ISCSI_CHAP_RSP_LEN]; - } ISCSI_CHAP_AUTH_DATA; - - /** --- -2.27.0 - diff --git a/SOURCES/edk2-NetworkPkg-IScsiDxe-clean-up-library-class-dependenc.patch b/SOURCES/edk2-NetworkPkg-IScsiDxe-clean-up-library-class-dependenc.patch deleted file mode 100644 index c55de16..0000000 --- a/SOURCES/edk2-NetworkPkg-IScsiDxe-clean-up-library-class-dependenc.patch +++ /dev/null @@ -1,102 +0,0 @@ -From 26388852ad953a169f29b24277674c53f878ffe3 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Tue, 8 Jun 2021 14:12:53 +0200 -Subject: [PATCH 04/11] NetworkPkg/IScsiDxe: clean up library class - dependencies -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -RH-Author: Laszlo Ersek -RH-MergeRequest: 1: NetworkPkg/IScsiDxe: fix IScsiHexToBin() security and functionality bugs [RHEL-9, c9s] -RH-Commit: [4/10] c468615c009bfd43f68f93fd9c1dc0e5b8615563 -RH-Bugzilla: 1961100 -RH-Acked-by: Philippe Mathieu-Daudé - -Sort the library class dependencies in the #include directives and in the -INF file. Remove the DpcLib class from the #include directives -- it is -not listed in the INF file, and IScsiDxe doesn't call either DpcLib API -(QueueDpc(), DispatchDpc()). No functional changes. - -Cc: Jiaxin Wu -Cc: Maciej Rabeda -Cc: Philippe Mathieu-Daudé -Cc: Siyuan Fu -Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3356 -Signed-off-by: Laszlo Ersek -Reviewed-by: Philippe Mathieu-Daudé -Reviewed-by: Maciej Rabeda -Message-Id: <20210608121259.32451-5-lersek@redhat.com> -(cherry picked from commit e8f28b09e63dfdbb4169969a43c65f86c44b035a) -Signed-off-by: Miroslav Rezanina ---- - NetworkPkg/IScsiDxe/IScsiDxe.inf | 6 +++--- - NetworkPkg/IScsiDxe/IScsiImpl.h | 17 ++++++++--------- - 2 files changed, 11 insertions(+), 12 deletions(-) - -diff --git a/NetworkPkg/IScsiDxe/IScsiDxe.inf b/NetworkPkg/IScsiDxe/IScsiDxe.inf -index 0ffb340ce0..543c408302 100644 ---- a/NetworkPkg/IScsiDxe/IScsiDxe.inf -+++ b/NetworkPkg/IScsiDxe/IScsiDxe.inf -@@ -65,6 +65,7 @@ - NetworkPkg/NetworkPkg.dec - - [LibraryClasses] -+ BaseCryptLib - BaseLib - BaseMemoryLib - DebugLib -@@ -72,14 +73,13 @@ - HiiLib - MemoryAllocationLib - NetLib -- TcpIoLib - PrintLib -+ TcpIoLib - UefiBootServicesTableLib - UefiDriverEntryPoint -+ UefiHiiServicesLib - UefiLib - UefiRuntimeServicesTableLib -- UefiHiiServicesLib -- BaseCryptLib - - [Protocols] - gEfiAcpiTableProtocolGuid ## SOMETIMES_CONSUMES ## SystemTable -diff --git a/NetworkPkg/IScsiDxe/IScsiImpl.h b/NetworkPkg/IScsiDxe/IScsiImpl.h -index 387ab9765e..d895c7feb9 100644 ---- a/NetworkPkg/IScsiDxe/IScsiImpl.h -+++ b/NetworkPkg/IScsiDxe/IScsiImpl.h -@@ -35,21 +35,20 @@ SPDX-License-Identifier: BSD-2-Clause-Patent - #include - #include - --#include --#include --#include --#include -+#include - #include - #include -+#include -+#include -+#include - #include -+#include - #include -+#include - #include --#include -+#include - #include --#include --#include --#include --#include -+#include - - #include - #include --- -2.27.0 - diff --git a/SOURCES/edk2-NetworkPkg-IScsiDxe-fix-IScsiHexToBin-buffer-overflo.patch b/SOURCES/edk2-NetworkPkg-IScsiDxe-fix-IScsiHexToBin-buffer-overflo.patch deleted file mode 100644 index 3d53f7a..0000000 --- a/SOURCES/edk2-NetworkPkg-IScsiDxe-fix-IScsiHexToBin-buffer-overflo.patch +++ /dev/null @@ -1,114 +0,0 @@ -From 5fb7ec7c442e3ca7ab27b2a66223345cb7411c87 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Tue, 8 Jun 2021 14:12:58 +0200 -Subject: [PATCH 09/11] NetworkPkg/IScsiDxe: fix IScsiHexToBin() buffer - overflow -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -RH-Author: Laszlo Ersek -RH-MergeRequest: 1: NetworkPkg/IScsiDxe: fix IScsiHexToBin() security and functionality bugs [RHEL-9, c9s] -RH-Commit: [9/10] 91724ef3d2d9732ffe9328168a39d922d1baaa8b -RH-Bugzilla: 1961100 -RH-Acked-by: Philippe Mathieu-Daudé - -The IScsiHexToBin() function documents the EFI_BUFFER_TOO_SMALL return -condition, but never actually checks whether the decoded buffer fits into -the caller-provided room (i.e., the input value of "BinLength"), and -EFI_BUFFER_TOO_SMALL is never returned. The decoding of "HexStr" can -overflow "BinBuffer". - -This is remotely exploitable, as shown in a subsequent patch, which adds -error checking to the IScsiHexToBin() call sites. This issue allows the -target to compromise the initiator. - -Introduce EFI_BAD_BUFFER_SIZE, in addition to the existent -EFI_BUFFER_TOO_SMALL, for reporting a special case of the buffer overflow, -plus actually catch the buffer overflow. - -Cc: Jiaxin Wu -Cc: Maciej Rabeda -Cc: Philippe Mathieu-Daudé -Cc: Siyuan Fu -Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3356 -Signed-off-by: Laszlo Ersek -Reviewed-by: Maciej Rabeda -Reviewed-by: Philippe Mathieu-Daudé -Message-Id: <20210608121259.32451-10-lersek@redhat.com> -(cherry picked from commit 54e90edaed0d7c15230902ac4d74f4304bad2ebd) -Signed-off-by: Miroslav Rezanina ---- - NetworkPkg/IScsiDxe/IScsiMisc.c | 20 +++++++++++++++++--- - NetworkPkg/IScsiDxe/IScsiMisc.h | 3 +++ - 2 files changed, 20 insertions(+), 3 deletions(-) - -diff --git a/NetworkPkg/IScsiDxe/IScsiMisc.c b/NetworkPkg/IScsiDxe/IScsiMisc.c -index f0f4992b07..4069547867 100644 ---- a/NetworkPkg/IScsiDxe/IScsiMisc.c -+++ b/NetworkPkg/IScsiDxe/IScsiMisc.c -@@ -377,6 +377,9 @@ IScsiBinToHex ( - @retval EFI_SUCCESS The hexadecimal string is converted into a - binary encoded buffer. - @retval EFI_INVALID_PARAMETER Invalid hex encoding found in HexStr. -+ @retval EFI_BAD_BUFFER_SIZE The length of HexStr is too large for decoding: -+ the decoded size cannot be expressed in -+ BinLength on output. - @retval EFI_BUFFER_TOO_SMALL The binary buffer is too small to hold the - converted data. - **/ -@@ -387,6 +390,8 @@ IScsiHexToBin ( - IN CHAR8 *HexStr - ) - { -+ UINTN BinLengthMin; -+ UINT32 BinLengthProvided; - UINTN Index; - UINTN Length; - UINT8 Digit; -@@ -409,6 +414,18 @@ IScsiHexToBin ( - if (Length == 0 || Length % 2 != 0) { - return EFI_INVALID_PARAMETER; - } -+ // -+ // Check if the caller provides enough room for the decoded blob. -+ // -+ BinLengthMin = Length / 2; -+ if (BinLengthMin > MAX_UINT32) { -+ return EFI_BAD_BUFFER_SIZE; -+ } -+ BinLengthProvided = *BinLength; -+ *BinLength = (UINT32)BinLengthMin; -+ if (BinLengthProvided < BinLengthMin) { -+ return EFI_BUFFER_TOO_SMALL; -+ } - - for (Index = 0; Index < Length; Index ++) { - TemStr[0] = HexStr[Index]; -@@ -425,9 +442,6 @@ IScsiHexToBin ( - BinBuffer [Index/2] = (UINT8) ((BinBuffer [Index/2] << 4) + Digit); - } - } -- -- *BinLength = (UINT32) ((Index + 1)/2); -- - return EFI_SUCCESS; - } - -diff --git a/NetworkPkg/IScsiDxe/IScsiMisc.h b/NetworkPkg/IScsiDxe/IScsiMisc.h -index 404a482e57..fddef4f466 100644 ---- a/NetworkPkg/IScsiDxe/IScsiMisc.h -+++ b/NetworkPkg/IScsiDxe/IScsiMisc.h -@@ -172,6 +172,9 @@ IScsiBinToHex ( - @retval EFI_SUCCESS The hexadecimal string is converted into a - binary encoded buffer. - @retval EFI_INVALID_PARAMETER Invalid hex encoding found in HexStr. -+ @retval EFI_BAD_BUFFER_SIZE The length of HexStr is too large for decoding: -+ the decoded size cannot be expressed in -+ BinLength on output. - @retval EFI_BUFFER_TOO_SMALL The binary buffer is too small to hold the - converted data. - **/ --- -2.27.0 - diff --git a/SOURCES/edk2-NetworkPkg-IScsiDxe-fix-IScsiHexToBin-hex-parsing.patch b/SOURCES/edk2-NetworkPkg-IScsiDxe-fix-IScsiHexToBin-hex-parsing.patch deleted file mode 100644 index 1d0cdf3..0000000 --- a/SOURCES/edk2-NetworkPkg-IScsiDxe-fix-IScsiHexToBin-hex-parsing.patch +++ /dev/null @@ -1,105 +0,0 @@ -From b0b03cadbee4f8560e4eb284b8d12a5ccc697281 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Tue, 8 Jun 2021 14:12:57 +0200 -Subject: [PATCH 08/11] NetworkPkg/IScsiDxe: fix IScsiHexToBin() hex parsing -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -RH-Author: Laszlo Ersek -RH-MergeRequest: 1: NetworkPkg/IScsiDxe: fix IScsiHexToBin() security and functionality bugs [RHEL-9, c9s] -RH-Commit: [8/10] d336a24538fe8b4a53f7fd249ae94cd2c3c22cb5 -RH-Bugzilla: 1961100 -RH-Acked-by: Philippe Mathieu-Daudé - -The IScsiHexToBin() function has the following parser issues: - -(1) If the *subject sequence* in "HexStr" is empty, the function returns - EFI_SUCCESS (with "BinLength" set to 0 on output). Such inputs should - be rejected. - -(2) The function mis-handles a "HexStr" that ends with a stray nibble. For - example, if "HexStr" is "0xABC", the function decodes it to the bytes - {0xAB, 0x0C}, sets "BinLength" to 2 on output, and returns - EFI_SUCCESS. Such inputs should be rejected. - -(3) If an invalid hex char is found in "HexStr", the function treats it as - end-of-hex-string, and returns EFI_SUCCESS. Such inputs should be - rejected. - -All of the above cases are remotely triggerable, as shown in a subsequent -patch, which adds error checking to the IScsiHexToBin() call sites. While -the initiator is not immediately compromised, incorrectly parsing CHAP_R -from the target, in case of mutual authentication, is not great. - -Extend the interface contract of IScsiHexToBin() with -EFI_INVALID_PARAMETER, for reporting issues (1) through (3), and implement -the new checks. - -Cc: Jiaxin Wu -Cc: Maciej Rabeda -Cc: Philippe Mathieu-Daudé -Cc: Siyuan Fu -Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3356 -Signed-off-by: Laszlo Ersek -Reviewed-by: Maciej Rabeda -Reviewed-by: Philippe Mathieu-Daudé -Message-Id: <20210608121259.32451-9-lersek@redhat.com> -(cherry picked from commit 47b76780b487dbfde4efb6843b16064c4a97e94d) -Signed-off-by: Miroslav Rezanina ---- - NetworkPkg/IScsiDxe/IScsiMisc.c | 12 ++++++++++-- - NetworkPkg/IScsiDxe/IScsiMisc.h | 1 + - 2 files changed, 11 insertions(+), 2 deletions(-) - -diff --git a/NetworkPkg/IScsiDxe/IScsiMisc.c b/NetworkPkg/IScsiDxe/IScsiMisc.c -index 014700e87a..f0f4992b07 100644 ---- a/NetworkPkg/IScsiDxe/IScsiMisc.c -+++ b/NetworkPkg/IScsiDxe/IScsiMisc.c -@@ -376,6 +376,7 @@ IScsiBinToHex ( - - @retval EFI_SUCCESS The hexadecimal string is converted into a - binary encoded buffer. -+ @retval EFI_INVALID_PARAMETER Invalid hex encoding found in HexStr. - @retval EFI_BUFFER_TOO_SMALL The binary buffer is too small to hold the - converted data. - **/ -@@ -402,14 +403,21 @@ IScsiHexToBin ( - - Length = AsciiStrLen (HexStr); - -+ // -+ // Reject an empty hex string; reject a stray nibble. -+ // -+ if (Length == 0 || Length % 2 != 0) { -+ return EFI_INVALID_PARAMETER; -+ } -+ - for (Index = 0; Index < Length; Index ++) { - TemStr[0] = HexStr[Index]; - Digit = (UINT8) AsciiStrHexToUint64 (TemStr); - if (Digit == 0 && TemStr[0] != '0') { - // -- // Invalid Lun Char. -+ // Invalid Hex Char. - // -- break; -+ return EFI_INVALID_PARAMETER; - } - if ((Index & 1) == 0) { - BinBuffer [Index/2] = Digit; -diff --git a/NetworkPkg/IScsiDxe/IScsiMisc.h b/NetworkPkg/IScsiDxe/IScsiMisc.h -index 28cf408cd5..404a482e57 100644 ---- a/NetworkPkg/IScsiDxe/IScsiMisc.h -+++ b/NetworkPkg/IScsiDxe/IScsiMisc.h -@@ -171,6 +171,7 @@ IScsiBinToHex ( - - @retval EFI_SUCCESS The hexadecimal string is converted into a - binary encoded buffer. -+ @retval EFI_INVALID_PARAMETER Invalid hex encoding found in HexStr. - @retval EFI_BUFFER_TOO_SMALL The binary buffer is too small to hold the - converted data. - **/ --- -2.27.0 - diff --git a/SOURCES/edk2-NetworkPkg-IScsiDxe-fix-potential-integer-overflow-i.patch b/SOURCES/edk2-NetworkPkg-IScsiDxe-fix-potential-integer-overflow-i.patch deleted file mode 100644 index 0464b51..0000000 --- a/SOURCES/edk2-NetworkPkg-IScsiDxe-fix-potential-integer-overflow-i.patch +++ /dev/null @@ -1,155 +0,0 @@ -From 67474c22010ba8c7c240d8e02b2151c7d796171d Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Tue, 8 Jun 2021 14:12:54 +0200 -Subject: [PATCH 05/11] NetworkPkg/IScsiDxe: fix potential integer overflow in - IScsiBinToHex() -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -RH-Author: Laszlo Ersek -RH-MergeRequest: 1: NetworkPkg/IScsiDxe: fix IScsiHexToBin() security and functionality bugs [RHEL-9, c9s] -RH-Commit: [5/10] 3d7a886c1f73d811ef47381e4d6a82683ab0900e -RH-Bugzilla: 1961100 -RH-Acked-by: Philippe Mathieu-Daudé - -Considering IScsiBinToHex(): - -> if (((*HexLength) - 3) < BinLength * 2) { -> *HexLength = BinLength * 2 + 3; -> } - -the following subexpressions are problematic: - - (*HexLength) - 3 - BinLength * 2 - BinLength * 2 + 3 - -The first one may wrap under zero, the latter two may wrap over -MAX_UINT32. - -Rewrite the calculation using SafeIntLib. - -While at it, change the type of the "Index" variable from UINTN to UINT32. -The largest "Index"-based value that we calculate is - - Index * 2 + 2 (with (Index == BinLength)) - -Because the patch makes - - BinLength * 2 + 3 - -safe to calculate in UINT32, using UINT32 for - - Index * 2 + 2 (with (Index == BinLength)) - -is safe too. Consistently using UINT32 improves readability. - -This patch is best reviewed with "git show -W". - -The integer overflows that this patch fixes are theoretical; a subsequent -patch in the series will audit the IScsiBinToHex() call sites, and show -that none of them can fail. - -Cc: Jiaxin Wu -Cc: Maciej Rabeda -Cc: Philippe Mathieu-Daudé -Cc: Siyuan Fu -Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3356 -Signed-off-by: Laszlo Ersek -Reviewed-by: Maciej Rabeda -Reviewed-by: Philippe Mathieu-Daudé -Message-Id: <20210608121259.32451-6-lersek@redhat.com> -(cherry picked from commit cf01b2dc8fc3ff9cf49fb891af5703dc03e3193e) -Signed-off-by: Miroslav Rezanina ---- - NetworkPkg/IScsiDxe/IScsiDxe.inf | 1 + - NetworkPkg/IScsiDxe/IScsiImpl.h | 1 + - NetworkPkg/IScsiDxe/IScsiMisc.c | 19 +++++++++++++++---- - NetworkPkg/IScsiDxe/IScsiMisc.h | 1 + - 4 files changed, 18 insertions(+), 4 deletions(-) - -diff --git a/NetworkPkg/IScsiDxe/IScsiDxe.inf b/NetworkPkg/IScsiDxe/IScsiDxe.inf -index 543c408302..1dde56d00c 100644 ---- a/NetworkPkg/IScsiDxe/IScsiDxe.inf -+++ b/NetworkPkg/IScsiDxe/IScsiDxe.inf -@@ -74,6 +74,7 @@ - MemoryAllocationLib - NetLib - PrintLib -+ SafeIntLib - TcpIoLib - UefiBootServicesTableLib - UefiDriverEntryPoint -diff --git a/NetworkPkg/IScsiDxe/IScsiImpl.h b/NetworkPkg/IScsiDxe/IScsiImpl.h -index d895c7feb9..ac3a25730e 100644 ---- a/NetworkPkg/IScsiDxe/IScsiImpl.h -+++ b/NetworkPkg/IScsiDxe/IScsiImpl.h -@@ -44,6 +44,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent - #include - #include - #include -+#include - #include - #include - #include -diff --git a/NetworkPkg/IScsiDxe/IScsiMisc.c b/NetworkPkg/IScsiDxe/IScsiMisc.c -index b8fef3ff6f..42988e15cb 100644 ---- a/NetworkPkg/IScsiDxe/IScsiMisc.c -+++ b/NetworkPkg/IScsiDxe/IScsiMisc.c -@@ -316,6 +316,7 @@ IScsiMacAddrToStr ( - @retval EFI_SUCCESS The binary data is converted to the hexadecimal string - and the length of the string is updated. - @retval EFI_BUFFER_TOO_SMALL The string is too small. -+ @retval EFI_BAD_BUFFER_SIZE BinLength is too large for hex encoding. - @retval EFI_INVALID_PARAMETER The IP string is malformatted. - - **/ -@@ -327,18 +328,28 @@ IScsiBinToHex ( - IN OUT UINT32 *HexLength - ) - { -- UINTN Index; -+ UINT32 HexLengthMin; -+ UINT32 HexLengthProvided; -+ UINT32 Index; - - if ((HexStr == NULL) || (BinBuffer == NULL) || (BinLength == 0)) { - return EFI_INVALID_PARAMETER; - } - -- if (((*HexLength) - 3) < BinLength * 2) { -- *HexLength = BinLength * 2 + 3; -+ // -+ // Safely calculate: HexLengthMin := BinLength * 2 + 3. -+ // -+ if (RETURN_ERROR (SafeUint32Mult (BinLength, 2, &HexLengthMin)) || -+ RETURN_ERROR (SafeUint32Add (HexLengthMin, 3, &HexLengthMin))) { -+ return EFI_BAD_BUFFER_SIZE; -+ } -+ -+ HexLengthProvided = *HexLength; -+ *HexLength = HexLengthMin; -+ if (HexLengthProvided < HexLengthMin) { - return EFI_BUFFER_TOO_SMALL; - } - -- *HexLength = BinLength * 2 + 3; - // - // Prefix for Hex String. - // -diff --git a/NetworkPkg/IScsiDxe/IScsiMisc.h b/NetworkPkg/IScsiDxe/IScsiMisc.h -index 46c725aab3..231413993b 100644 ---- a/NetworkPkg/IScsiDxe/IScsiMisc.h -+++ b/NetworkPkg/IScsiDxe/IScsiMisc.h -@@ -150,6 +150,7 @@ IScsiAsciiStrToIp ( - @retval EFI_SUCCESS The binary data is converted to the hexadecimal string - and the length of the string is updated. - @retval EFI_BUFFER_TOO_SMALL The string is too small. -+ @retval EFI_BAD_BUFFER_SIZE BinLength is too large for hex encoding. - @retval EFI_INVALID_PARAMETER The IP string is malformatted. - - **/ --- -2.27.0 - diff --git a/SOURCES/edk2-NetworkPkg-IScsiDxe-reformat-IScsiHexToBin-leading-c.patch b/SOURCES/edk2-NetworkPkg-IScsiDxe-reformat-IScsiHexToBin-leading-c.patch deleted file mode 100644 index 3290626..0000000 --- a/SOURCES/edk2-NetworkPkg-IScsiDxe-reformat-IScsiHexToBin-leading-c.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 618ba71beb3f848660c8c95187d92f2c8f277143 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Tue, 8 Jun 2021 14:12:56 +0200 -Subject: [PATCH 07/11] NetworkPkg/IScsiDxe: reformat IScsiHexToBin() leading - comment block -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -RH-Author: Laszlo Ersek -RH-MergeRequest: 1: NetworkPkg/IScsiDxe: fix IScsiHexToBin() security and functionality bugs [RHEL-9, c9s] -RH-Commit: [7/10] ea7e41e567759e461777094ae2049a29eb5c3826 -RH-Bugzilla: 1961100 -RH-Acked-by: Philippe Mathieu-Daudé - -We'll need further return values for IScsiHexToBin() in a subsequent -patch; make room for them in the leading comment block of the function. -While at it, rewrap the comment block to 80 characters width. - -No functional changes. - -Cc: Jiaxin Wu -Cc: Maciej Rabeda -Cc: Philippe Mathieu-Daudé -Cc: Siyuan Fu -Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3356 -Signed-off-by: Laszlo Ersek -Reviewed-by: Maciej Rabeda -Reviewed-by: Philippe Mathieu-Daudé -Message-Id: <20210608121259.32451-8-lersek@redhat.com> -(cherry picked from commit dc469f137110fe79704b8b92c552972c739bb915) -Signed-off-by: Miroslav Rezanina ---- - NetworkPkg/IScsiDxe/IScsiMisc.c | 16 ++++++++-------- - NetworkPkg/IScsiDxe/IScsiMisc.h | 16 ++++++++-------- - 2 files changed, 16 insertions(+), 16 deletions(-) - -diff --git a/NetworkPkg/IScsiDxe/IScsiMisc.c b/NetworkPkg/IScsiDxe/IScsiMisc.c -index 42988e15cb..014700e87a 100644 ---- a/NetworkPkg/IScsiDxe/IScsiMisc.c -+++ b/NetworkPkg/IScsiDxe/IScsiMisc.c -@@ -370,14 +370,14 @@ IScsiBinToHex ( - /** - Convert the hexadecimal string into a binary encoded buffer. - -- @param[in, out] BinBuffer The binary buffer. -- @param[in, out] BinLength Length of the binary buffer. -- @param[in] HexStr The hexadecimal string. -- -- @retval EFI_SUCCESS The hexadecimal string is converted into a binary -- encoded buffer. -- @retval EFI_BUFFER_TOO_SMALL The binary buffer is too small to hold the converted data. -- -+ @param[in, out] BinBuffer The binary buffer. -+ @param[in, out] BinLength Length of the binary buffer. -+ @param[in] HexStr The hexadecimal string. -+ -+ @retval EFI_SUCCESS The hexadecimal string is converted into a -+ binary encoded buffer. -+ @retval EFI_BUFFER_TOO_SMALL The binary buffer is too small to hold the -+ converted data. - **/ - EFI_STATUS - IScsiHexToBin ( -diff --git a/NetworkPkg/IScsiDxe/IScsiMisc.h b/NetworkPkg/IScsiDxe/IScsiMisc.h -index 231413993b..28cf408cd5 100644 ---- a/NetworkPkg/IScsiDxe/IScsiMisc.h -+++ b/NetworkPkg/IScsiDxe/IScsiMisc.h -@@ -165,14 +165,14 @@ IScsiBinToHex ( - /** - Convert the hexadecimal string into a binary encoded buffer. - -- @param[in, out] BinBuffer The binary buffer. -- @param[in, out] BinLength Length of the binary buffer. -- @param[in] HexStr The hexadecimal string. -- -- @retval EFI_SUCCESS The hexadecimal string is converted into a binary -- encoded buffer. -- @retval EFI_BUFFER_TOO_SMALL The binary buffer is too small to hold the converted data. -- -+ @param[in, out] BinBuffer The binary buffer. -+ @param[in, out] BinLength Length of the binary buffer. -+ @param[in] HexStr The hexadecimal string. -+ -+ @retval EFI_SUCCESS The hexadecimal string is converted into a -+ binary encoded buffer. -+ @retval EFI_BUFFER_TOO_SMALL The binary buffer is too small to hold the -+ converted data. - **/ - EFI_STATUS - IScsiHexToBin ( --- -2.27.0 - diff --git a/SOURCES/edk2-NetworkPkg-IScsiDxe-simplify-ISCSI_CHAP_AUTH_DATA.In.patch b/SOURCES/edk2-NetworkPkg-IScsiDxe-simplify-ISCSI_CHAP_AUTH_DATA.In.patch deleted file mode 100644 index b350b08..0000000 --- a/SOURCES/edk2-NetworkPkg-IScsiDxe-simplify-ISCSI_CHAP_AUTH_DATA.In.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 543362e185edf822b9832b1953e78548ab42a0c5 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Tue, 8 Jun 2021 14:12:51 +0200 -Subject: [PATCH 02/11] NetworkPkg/IScsiDxe: simplify - "ISCSI_CHAP_AUTH_DATA.InChallenge" size -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -RH-Author: Laszlo Ersek -RH-MergeRequest: 1: NetworkPkg/IScsiDxe: fix IScsiHexToBin() security and functionality bugs [RHEL-9, c9s] -RH-Commit: [2/10] d1c332767a87d87274e5ff68cb0c0f630ec095e1 -RH-Bugzilla: 1961100 -RH-Acked-by: Philippe Mathieu-Daudé - -The ISCSI_CHAP_AUTH_MAX_LEN macro is defined with value 1024. - -The usage of this macro currently involves a semantic (not functional) -bug, which we're going to fix in a subsequent patch, eliminating -ISCSI_CHAP_AUTH_MAX_LEN altogether. - -For now, remove the macro's usage from all -"ISCSI_CHAP_AUTH_DATA.InChallenge" contexts. This is doable without -duplicating open-coded constants. - -No changes in functionality. - -Cc: Jiaxin Wu -Cc: Maciej Rabeda -Cc: Philippe Mathieu-Daudé -Cc: Siyuan Fu -Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3356 -Signed-off-by: Laszlo Ersek -Reviewed-by: Philippe Mathieu-Daudé -Reviewed-by: Maciej Rabeda -Message-Id: <20210608121259.32451-3-lersek@redhat.com> -(cherry picked from commit 29cab43bb7912a12efa5a78dac15394aee866e4c) -Signed-off-by: Miroslav Rezanina ---- - NetworkPkg/IScsiDxe/IScsiCHAP.c | 2 +- - NetworkPkg/IScsiDxe/IScsiCHAP.h | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/NetworkPkg/IScsiDxe/IScsiCHAP.c b/NetworkPkg/IScsiDxe/IScsiCHAP.c -index cbbc56ae5b..df3c2eb120 100644 ---- a/NetworkPkg/IScsiDxe/IScsiCHAP.c -+++ b/NetworkPkg/IScsiDxe/IScsiCHAP.c -@@ -289,7 +289,7 @@ IScsiCHAPOnRspReceived ( - } - - AuthData->InIdentifier = (UINT32) Result; -- AuthData->InChallengeLength = ISCSI_CHAP_AUTH_MAX_LEN; -+ AuthData->InChallengeLength = (UINT32) sizeof (AuthData->InChallenge); - IScsiHexToBin ( - (UINT8 *) AuthData->InChallenge, - &AuthData->InChallengeLength, -diff --git a/NetworkPkg/IScsiDxe/IScsiCHAP.h b/NetworkPkg/IScsiDxe/IScsiCHAP.h -index 5e59fb678b..1fc1d96ea3 100644 ---- a/NetworkPkg/IScsiDxe/IScsiCHAP.h -+++ b/NetworkPkg/IScsiDxe/IScsiCHAP.h -@@ -49,7 +49,7 @@ typedef struct _ISCSI_CHAP_AUTH_CONFIG_NVDATA { - typedef struct _ISCSI_CHAP_AUTH_DATA { - ISCSI_CHAP_AUTH_CONFIG_NVDATA *AuthConfig; - UINT32 InIdentifier; -- UINT8 InChallenge[ISCSI_CHAP_AUTH_MAX_LEN]; -+ UINT8 InChallenge[1024]; - UINT32 InChallengeLength; - // - // Calculated CHAP Response (CHAP_R) value. --- -2.27.0 - diff --git a/SOURCES/edk2-NetworkPkg-IScsiDxe-wrap-IScsiCHAP-source-files-to-8.patch b/SOURCES/edk2-NetworkPkg-IScsiDxe-wrap-IScsiCHAP-source-files-to-8.patch deleted file mode 100644 index 206de1b..0000000 --- a/SOURCES/edk2-NetworkPkg-IScsiDxe-wrap-IScsiCHAP-source-files-to-8.patch +++ /dev/null @@ -1,252 +0,0 @@ -From 997b8a12436a433a451ef4595ccf4abb8d90dd04 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Tue, 8 Jun 2021 14:12:50 +0200 -Subject: [PATCH 01/11] NetworkPkg/IScsiDxe: wrap IScsiCHAP source files to 80 - characters -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -RH-Author: Laszlo Ersek -RH-MergeRequest: 1: NetworkPkg/IScsiDxe: fix IScsiHexToBin() security and functionality bugs [RHEL-9, c9s] -RH-Commit: [1/10] a8d51743b8735749b53b0d0f8e665c42c4ea183c -RH-Bugzilla: 1961100 -RH-Acked-by: Philippe Mathieu-Daudé - -Working with overlong lines is difficult for me; rewrap the CHAP-related -source files in IScsiDxe to 80 characters width. No functional changes. - -Cc: Jiaxin Wu -Cc: Maciej Rabeda -Cc: Philippe Mathieu-Daudé -Cc: Siyuan Fu -Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3356 -Signed-off-by: Laszlo Ersek -Reviewed-by: Maciej Rabeda -Reviewed-by: Philippe Mathieu-Daudé -Message-Id: <20210608121259.32451-2-lersek@redhat.com> -(cherry picked from commit 83761337ec91fbd459c55d7d956fcc25df3bfa50) -Signed-off-by: Miroslav Rezanina ---- - NetworkPkg/IScsiDxe/IScsiCHAP.c | 90 +++++++++++++++++++++++++-------- - NetworkPkg/IScsiDxe/IScsiCHAP.h | 3 +- - 2 files changed, 71 insertions(+), 22 deletions(-) - -diff --git a/NetworkPkg/IScsiDxe/IScsiCHAP.c b/NetworkPkg/IScsiDxe/IScsiCHAP.c -index 355c6f129f..cbbc56ae5b 100644 ---- a/NetworkPkg/IScsiDxe/IScsiCHAP.c -+++ b/NetworkPkg/IScsiDxe/IScsiCHAP.c -@@ -1,5 +1,6 @@ - /** @file -- This file is for Challenge-Handshake Authentication Protocol (CHAP) Configuration. -+ This file is for Challenge-Handshake Authentication Protocol (CHAP) -+ Configuration. - - Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.
- SPDX-License-Identifier: BSD-2-Clause-Patent -@@ -18,9 +19,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent - @param[in] ChallengeLength The length of iSCSI CHAP challenge message. - @param[out] ChapResponse The calculation of the expected hash value. - -- @retval EFI_SUCCESS The expected hash value was calculatedly successfully. -- @retval EFI_PROTOCOL_ERROR The length of the secret should be at least the -- length of the hash value for the hashing algorithm chosen. -+ @retval EFI_SUCCESS The expected hash value was calculatedly -+ successfully. -+ @retval EFI_PROTOCOL_ERROR The length of the secret should be at least -+ the length of the hash value for the hashing -+ algorithm chosen. - @retval EFI_PROTOCOL_ERROR MD5 hash operation fail. - @retval EFI_OUT_OF_RESOURCES Fail to allocate resource to complete MD5. - -@@ -94,8 +97,10 @@ Exit: - @param[in] AuthData iSCSI CHAP authentication data. - @param[in] TargetResponse The response from target. - -- @retval EFI_SUCCESS The response from target passed authentication. -- @retval EFI_SECURITY_VIOLATION The response from target was not expected value. -+ @retval EFI_SUCCESS The response from target passed -+ authentication. -+ @retval EFI_SECURITY_VIOLATION The response from target was not expected -+ value. - @retval Others Other errors as indicated. - - **/ -@@ -193,7 +198,10 @@ IScsiCHAPOnRspReceived ( - // - // The first Login Response. - // -- Value = IScsiGetValueByKeyFromList (KeyValueList, ISCSI_KEY_TARGET_PORTAL_GROUP_TAG); -+ Value = IScsiGetValueByKeyFromList ( -+ KeyValueList, -+ ISCSI_KEY_TARGET_PORTAL_GROUP_TAG -+ ); - if (Value == NULL) { - goto ON_EXIT; - } -@@ -205,13 +213,17 @@ IScsiCHAPOnRspReceived ( - - Session->TargetPortalGroupTag = (UINT16) Result; - -- Value = IScsiGetValueByKeyFromList (KeyValueList, ISCSI_KEY_AUTH_METHOD); -+ Value = IScsiGetValueByKeyFromList ( -+ KeyValueList, -+ ISCSI_KEY_AUTH_METHOD -+ ); - if (Value == NULL) { - goto ON_EXIT; - } - // -- // Initiator mandates CHAP authentication but target replies without "CHAP", or -- // initiator suggets "None" but target replies with some kind of auth method. -+ // Initiator mandates CHAP authentication but target replies without -+ // "CHAP", or initiator suggets "None" but target replies with some kind of -+ // auth method. - // - if (Session->AuthType == ISCSI_AUTH_TYPE_NONE) { - if (AsciiStrCmp (Value, ISCSI_KEY_VALUE_NONE) != 0) { -@@ -236,7 +248,10 @@ IScsiCHAPOnRspReceived ( - // - // The Target replies with CHAP_A= CHAP_I= CHAP_C= - // -- Value = IScsiGetValueByKeyFromList (KeyValueList, ISCSI_KEY_CHAP_ALGORITHM); -+ Value = IScsiGetValueByKeyFromList ( -+ KeyValueList, -+ ISCSI_KEY_CHAP_ALGORITHM -+ ); - if (Value == NULL) { - goto ON_EXIT; - } -@@ -249,12 +264,18 @@ IScsiCHAPOnRspReceived ( - goto ON_EXIT; - } - -- Identifier = IScsiGetValueByKeyFromList (KeyValueList, ISCSI_KEY_CHAP_IDENTIFIER); -+ Identifier = IScsiGetValueByKeyFromList ( -+ KeyValueList, -+ ISCSI_KEY_CHAP_IDENTIFIER -+ ); - if (Identifier == NULL) { - goto ON_EXIT; - } - -- Challenge = IScsiGetValueByKeyFromList (KeyValueList, ISCSI_KEY_CHAP_CHALLENGE); -+ Challenge = IScsiGetValueByKeyFromList ( -+ KeyValueList, -+ ISCSI_KEY_CHAP_CHALLENGE -+ ); - if (Challenge == NULL) { - goto ON_EXIT; - } -@@ -269,7 +290,11 @@ IScsiCHAPOnRspReceived ( - - AuthData->InIdentifier = (UINT32) Result; - AuthData->InChallengeLength = ISCSI_CHAP_AUTH_MAX_LEN; -- IScsiHexToBin ((UINT8 *) AuthData->InChallenge, &AuthData->InChallengeLength, Challenge); -+ IScsiHexToBin ( -+ (UINT8 *) AuthData->InChallenge, -+ &AuthData->InChallengeLength, -+ Challenge -+ ); - Status = IScsiCHAPCalculateResponse ( - AuthData->InIdentifier, - AuthData->AuthConfig->CHAPSecret, -@@ -303,7 +328,10 @@ IScsiCHAPOnRspReceived ( - goto ON_EXIT; - } - -- Response = IScsiGetValueByKeyFromList (KeyValueList, ISCSI_KEY_CHAP_RESPONSE); -+ Response = IScsiGetValueByKeyFromList ( -+ KeyValueList, -+ ISCSI_KEY_CHAP_RESPONSE -+ ); - if (Response == NULL) { - goto ON_EXIT; - } -@@ -341,7 +369,8 @@ ON_EXIT: - @param[in, out] Pdu The PDU to send out. - - @retval EFI_SUCCESS All check passed and the phase-related CHAP -- authentication info is filled into the iSCSI PDU. -+ authentication info is filled into the iSCSI -+ PDU. - @retval EFI_OUT_OF_RESOURCES Failed to allocate memory. - @retval EFI_PROTOCOL_ERROR Some kind of protocol error occurred. - -@@ -392,7 +421,11 @@ IScsiCHAPToSendReq ( - // It's the initial Login Request. Fill in the key=value pairs mandatory - // for the initial Login Request. - // -- IScsiAddKeyValuePair (Pdu, ISCSI_KEY_INITIATOR_NAME, mPrivate->InitiatorName); -+ IScsiAddKeyValuePair ( -+ Pdu, -+ ISCSI_KEY_INITIATOR_NAME, -+ mPrivate->InitiatorName -+ ); - IScsiAddKeyValuePair (Pdu, ISCSI_KEY_SESSION_TYPE, "Normal"); - IScsiAddKeyValuePair ( - Pdu, -@@ -413,7 +446,8 @@ IScsiCHAPToSendReq ( - - case ISCSI_CHAP_STEP_ONE: - // -- // First step, send the Login Request with CHAP_A= key-value pair. -+ // First step, send the Login Request with CHAP_A= key-value -+ // pair. - // - AsciiSPrint (ValueStr, sizeof (ValueStr), "%d", ISCSI_CHAP_ALGORITHM_MD5); - IScsiAddKeyValuePair (Pdu, ISCSI_KEY_CHAP_ALGORITHM, ValueStr); -@@ -429,11 +463,20 @@ IScsiCHAPToSendReq ( - // - // CHAP_N= - // -- IScsiAddKeyValuePair (Pdu, ISCSI_KEY_CHAP_NAME, (CHAR8 *) &AuthData->AuthConfig->CHAPName); -+ IScsiAddKeyValuePair ( -+ Pdu, -+ ISCSI_KEY_CHAP_NAME, -+ (CHAR8 *) &AuthData->AuthConfig->CHAPName -+ ); - // - // CHAP_R= - // -- IScsiBinToHex ((UINT8 *) AuthData->CHAPResponse, ISCSI_CHAP_RSP_LEN, Response, &RspLen); -+ IScsiBinToHex ( -+ (UINT8 *) AuthData->CHAPResponse, -+ ISCSI_CHAP_RSP_LEN, -+ Response, -+ &RspLen -+ ); - IScsiAddKeyValuePair (Pdu, ISCSI_KEY_CHAP_RESPONSE, Response); - - if (AuthData->AuthConfig->CHAPType == ISCSI_CHAP_MUTUAL) { -@@ -448,7 +491,12 @@ IScsiCHAPToSendReq ( - // - IScsiGenRandom ((UINT8 *) AuthData->OutChallenge, ISCSI_CHAP_RSP_LEN); - AuthData->OutChallengeLength = ISCSI_CHAP_RSP_LEN; -- IScsiBinToHex ((UINT8 *) AuthData->OutChallenge, ISCSI_CHAP_RSP_LEN, Challenge, &ChallengeLen); -+ IScsiBinToHex ( -+ (UINT8 *) AuthData->OutChallenge, -+ ISCSI_CHAP_RSP_LEN, -+ Challenge, -+ &ChallengeLen -+ ); - IScsiAddKeyValuePair (Pdu, ISCSI_KEY_CHAP_CHALLENGE, Challenge); - - Conn->AuthStep = ISCSI_CHAP_STEP_FOUR; -diff --git a/NetworkPkg/IScsiDxe/IScsiCHAP.h b/NetworkPkg/IScsiDxe/IScsiCHAP.h -index 140bba0dcd..5e59fb678b 100644 ---- a/NetworkPkg/IScsiDxe/IScsiCHAP.h -+++ b/NetworkPkg/IScsiDxe/IScsiCHAP.h -@@ -88,7 +88,8 @@ IScsiCHAPOnRspReceived ( - @param[in, out] Pdu The PDU to send out. - - @retval EFI_SUCCESS All check passed and the phase-related CHAP -- authentication info is filled into the iSCSI PDU. -+ authentication info is filled into the iSCSI -+ PDU. - @retval EFI_OUT_OF_RESOURCES Failed to allocate memory. - @retval EFI_PROTOCOL_ERROR Some kind of protocol error occurred. - --- -2.27.0 - diff --git a/SOURCES/edk2-OvmfPkg-Remove-Xen-Drivers-RHEL-only.patch b/SOURCES/edk2-OvmfPkg-Remove-Xen-Drivers-RHEL-only.patch deleted file mode 100644 index 96dfa02..0000000 --- a/SOURCES/edk2-OvmfPkg-Remove-Xen-Drivers-RHEL-only.patch +++ /dev/null @@ -1,146 +0,0 @@ -From 8dbcd6ed425ce30a5c948e0c9c9fb46e146dfbf1 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= -Date: Fri, 2 Jul 2021 20:24:51 +0200 -Subject: [PATCH 19/19] OvmfPkg: Remove Xen Drivers (RHEL only) -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -RH-Author: Philippe Mathieu-Daudé -RH-MergeRequest: 3: Disable features for RHEL9 -RH-Commit: [19/19] 0414f7a12583c3290f3fde942098123c2be6d8c4 -RH-Bugzilla: 1967747 -RH-Acked-by: Laszlo Ersek - -Remove the XenIoPciDxe, XenBusDxe, XenPvBlkDxe drivers since Xen is -not supported in RHEL. - -Suggested-by: Laszlo Ersek -Signed-off-by: Philippe Mathieu-Daudé -Signed-off-by: Miroslav Rezanina ---- - OvmfPkg/AmdSev/AmdSevX64.dsc | 3 --- - OvmfPkg/AmdSev/AmdSevX64.fdf | 3 --- - OvmfPkg/OvmfPkgIa32.dsc | 3 --- - OvmfPkg/OvmfPkgIa32.fdf | 3 --- - OvmfPkg/OvmfPkgIa32X64.dsc | 3 --- - OvmfPkg/OvmfPkgIa32X64.fdf | 3 --- - OvmfPkg/OvmfPkgX64.dsc | 3 --- - OvmfPkg/OvmfPkgX64.fdf | 3 --- - 8 files changed, 24 deletions(-) - -diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 485c60dd36..2e103d5e6c 100644 ---- a/OvmfPkg/AmdSev/AmdSevX64.dsc -+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -701,9 +701,6 @@ - OvmfPkg/VirtioBlkDxe/VirtioBlk.inf - OvmfPkg/VirtioScsiDxe/VirtioScsi.inf - OvmfPkg/VirtioRngDxe/VirtioRng.inf -- OvmfPkg/XenIoPciDxe/XenIoPciDxe.inf -- OvmfPkg/XenBusDxe/XenBusDxe.inf -- OvmfPkg/XenPvBlkDxe/XenPvBlkDxe.inf - !if $(PVSCSI_ENABLE) == TRUE - OvmfPkg/PvScsiDxe/PvScsiDxe.inf - !endif -diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf -index 1cf4d659d1..0ba41279e8 100644 ---- a/OvmfPkg/AmdSev/AmdSevX64.fdf -+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf -@@ -211,9 +211,6 @@ INF OvmfPkg/Virtio10Dxe/Virtio10.inf - INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf - INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf - INF OvmfPkg/VirtioRngDxe/VirtioRng.inf --INF OvmfPkg/XenIoPciDxe/XenIoPciDxe.inf --INF OvmfPkg/XenBusDxe/XenBusDxe.inf --INF OvmfPkg/XenPvBlkDxe/XenPvBlkDxe.inf - !if $(PVSCSI_ENABLE) == TRUE - INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf - !endif -diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index f844c5f97c..7cf7ace2b3 100644 ---- a/OvmfPkg/OvmfPkgIa32.dsc -+++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -794,9 +794,6 @@ - OvmfPkg/VirtioBlkDxe/VirtioBlk.inf - OvmfPkg/VirtioScsiDxe/VirtioScsi.inf - OvmfPkg/VirtioRngDxe/VirtioRng.inf -- OvmfPkg/XenIoPciDxe/XenIoPciDxe.inf -- OvmfPkg/XenBusDxe/XenBusDxe.inf -- OvmfPkg/XenPvBlkDxe/XenPvBlkDxe.inf - !if $(PVSCSI_ENABLE) == TRUE - OvmfPkg/PvScsiDxe/PvScsiDxe.inf - !endif -diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf -index f4a6829085..f1b515d2ef 100644 ---- a/OvmfPkg/OvmfPkgIa32.fdf -+++ b/OvmfPkg/OvmfPkgIa32.fdf -@@ -227,9 +227,6 @@ INF OvmfPkg/Virtio10Dxe/Virtio10.inf - INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf - INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf - INF OvmfPkg/VirtioRngDxe/VirtioRng.inf --INF OvmfPkg/XenIoPciDxe/XenIoPciDxe.inf --INF OvmfPkg/XenBusDxe/XenBusDxe.inf --INF OvmfPkg/XenPvBlkDxe/XenPvBlkDxe.inf - !if $(PVSCSI_ENABLE) == TRUE - INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf - !endif -diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index b373c0d63a..4e63e9d0b1 100644 ---- a/OvmfPkg/OvmfPkgIa32X64.dsc -+++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -808,9 +808,6 @@ - OvmfPkg/VirtioBlkDxe/VirtioBlk.inf - OvmfPkg/VirtioScsiDxe/VirtioScsi.inf - OvmfPkg/VirtioRngDxe/VirtioRng.inf -- OvmfPkg/XenIoPciDxe/XenIoPciDxe.inf -- OvmfPkg/XenBusDxe/XenBusDxe.inf -- OvmfPkg/XenPvBlkDxe/XenPvBlkDxe.inf - !if $(PVSCSI_ENABLE) == TRUE - OvmfPkg/PvScsiDxe/PvScsiDxe.inf - !endif -diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf -index 35692403d3..88c0bc2a62 100644 ---- a/OvmfPkg/OvmfPkgIa32X64.fdf -+++ b/OvmfPkg/OvmfPkgIa32X64.fdf -@@ -228,9 +228,6 @@ INF OvmfPkg/Virtio10Dxe/Virtio10.inf - INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf - INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf - INF OvmfPkg/VirtioRngDxe/VirtioRng.inf --INF OvmfPkg/XenIoPciDxe/XenIoPciDxe.inf --INF OvmfPkg/XenBusDxe/XenBusDxe.inf --INF OvmfPkg/XenPvBlkDxe/XenPvBlkDxe.inf - !if $(PVSCSI_ENABLE) == TRUE - INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf - !endif -diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 39e8e5b3c4..0b43d1ebc7 100644 ---- a/OvmfPkg/OvmfPkgX64.dsc -+++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -806,9 +806,6 @@ - OvmfPkg/VirtioBlkDxe/VirtioBlk.inf - OvmfPkg/VirtioScsiDxe/VirtioScsi.inf - OvmfPkg/VirtioRngDxe/VirtioRng.inf -- OvmfPkg/XenIoPciDxe/XenIoPciDxe.inf -- OvmfPkg/XenBusDxe/XenBusDxe.inf -- OvmfPkg/XenPvBlkDxe/XenPvBlkDxe.inf - !if $(PVSCSI_ENABLE) == TRUE - OvmfPkg/PvScsiDxe/PvScsiDxe.inf - !endif -diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf -index a0c3c182f6..f578f9ffad 100644 ---- a/OvmfPkg/OvmfPkgX64.fdf -+++ b/OvmfPkg/OvmfPkgX64.fdf -@@ -240,9 +240,6 @@ INF OvmfPkg/Virtio10Dxe/Virtio10.inf - INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf - INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf - INF OvmfPkg/VirtioRngDxe/VirtioRng.inf --INF OvmfPkg/XenIoPciDxe/XenIoPciDxe.inf --INF OvmfPkg/XenBusDxe/XenBusDxe.inf --INF OvmfPkg/XenPvBlkDxe/XenPvBlkDxe.inf - !if $(PVSCSI_ENABLE) == TRUE - INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf - !endif --- -2.27.0 - diff --git a/SOURCES/edk2-OvmfPkg-create-Tcg12ConfigPei.inf.patch b/SOURCES/edk2-OvmfPkg-create-Tcg12ConfigPei.inf.patch new file mode 100644 index 0000000..44dc3e4 --- /dev/null +++ b/SOURCES/edk2-OvmfPkg-create-Tcg12ConfigPei.inf.patch @@ -0,0 +1,158 @@ +From 0ecb863aaca8d71a35763645ced278589666ada2 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Wed, 15 Dec 2021 12:39:19 +0100 +Subject: [PATCH 4/6] OvmfPkg: create Tcg12ConfigPei.inf + +RH-Author: Gerd Hoffmann +RH-MergeRequest: 9: backport tpm build updates, disable tpm 1.2 support +RH-Commit: [4/6] 92926b9a05aaff38aab9a2aeee211be736863ab9 (kraxel/centos-edk2) +RH-Bugzilla: 1935497 +RH-Acked-by: Oliver Steffen + +Split Tcg2ConfigPei.inf into two variants: Tcg12ConfigPei.inf with +TPM 1.2 support included and Tcg2ConfigPei.inf supporting TPM 2.0 only. +This allows x86 builds to choose whenever TPM 1.2 support should be +included or not by picking the one or the other inf file. + +Switch x86 builds to Tcg12ConfigPei.inf, so they continue to +have TPM 1.2 support. + +No functional change. + +Signed-off-by: Gerd Hoffmann +Reviewed-by: Stefan Berger +Tested-by: Stefan Berger +(cherry picked from commit b81938877276e808b6535e612b320eee559c4c2f) +--- + OvmfPkg/OvmfTpmComponentsPei.dsc.inc | 2 +- + OvmfPkg/OvmfTpmPei.fdf.inc | 2 +- + OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf | 56 +++++++++++++++++++++++ + OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf | 11 +---- + 4 files changed, 59 insertions(+), 12 deletions(-) + create mode 100644 OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf + +diff --git a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc +index 99fa7c13b3..87d491da50 100644 +--- a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc ++++ b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc +@@ -4,7 +4,7 @@ + + !if $(TPM_ENABLE) == TRUE + OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf +- OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf ++ OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf + SecurityPkg/Tcg/TcgPei/TcgPei.inf + SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { + +diff --git a/OvmfPkg/OvmfTpmPei.fdf.inc b/OvmfPkg/OvmfTpmPei.fdf.inc +index 9aefd73d21..709a608cc3 100644 +--- a/OvmfPkg/OvmfTpmPei.fdf.inc ++++ b/OvmfPkg/OvmfTpmPei.fdf.inc +@@ -4,7 +4,7 @@ + + !if $(TPM_ENABLE) == TRUE + INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf +-INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf ++INF OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf + INF SecurityPkg/Tcg/TcgPei/TcgPei.inf + INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf + INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf +diff --git a/OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf b/OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf +new file mode 100644 +index 0000000000..e8e0b88e60 +--- /dev/null ++++ b/OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf +@@ -0,0 +1,56 @@ ++## @file ++# Set TPM device type - supports TPM 1.2 and 2.0 ++# ++# In SecurityPkg, this module initializes the TPM device type based on a UEFI ++# variable and/or hardware detection. In OvmfPkg, the module only performs TPM ++# hardware detection. ++# ++# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
++# Copyright (C) 2018, Red Hat, Inc. ++# ++# SPDX-License-Identifier: BSD-2-Clause-Patent ++## ++ ++[Defines] ++ INF_VERSION = 0x00010005 ++ BASE_NAME = Tcg2ConfigPei ++ FILE_GUID = 8AD3148F-945F-46B4-8ACD-71469EA73945 ++ MODULE_TYPE = PEIM ++ VERSION_STRING = 1.0 ++ ENTRY_POINT = Tcg2ConfigPeimEntryPoint ++ ++[Sources] ++ Tcg2ConfigPeim.c ++ Tpm12Support.h ++ Tpm12Support.c ++ ++[Packages] ++ MdePkg/MdePkg.dec ++ MdeModulePkg/MdeModulePkg.dec ++ OvmfPkg/OvmfPkg.dec ++ SecurityPkg/SecurityPkg.dec ++ ++[LibraryClasses] ++ PeimEntryPoint ++ DebugLib ++ PeiServicesLib ++ Tpm2DeviceLib ++ BaseLib ++ Tpm12DeviceLib ++ ++[Guids] ++ gEfiTpmDeviceSelectedGuid ## PRODUCES ## GUID # Used as a PPI GUID ++ gEfiTpmDeviceInstanceTpm20DtpmGuid ## SOMETIMES_CONSUMES ++ gEfiTpmDeviceInstanceTpm12Guid ## SOMETIMES_CONSUMES ++ ++[Ppis] ++ gPeiTpmInitializationDonePpiGuid ## SOMETIMES_PRODUCES ++ ++[Pcd] ++ gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## PRODUCES ++ ++[Depex.IA32, Depex.X64] ++ gOvmfTpmMmioAccessiblePpiGuid ++ ++[Depex.ARM, Depex.AARCH64] ++ gOvmfTpmDiscoveredPpiGuid +diff --git a/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf b/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +index 39d1deeed1..51078c9813 100644 +--- a/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf ++++ b/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +@@ -1,5 +1,5 @@ + ## @file +-# Set TPM device type ++# Set TPM device type - supports TPM 2.0 only + # + # In SecurityPkg, this module initializes the TPM device type based on a UEFI + # variable and/or hardware detection. In OvmfPkg, the module only performs TPM +@@ -22,11 +22,6 @@ + [Sources] + Tcg2ConfigPeim.c + Tpm12Support.h +- +-[Sources.IA32, Sources.X64] +- Tpm12Support.c +- +-[Sources.ARM, Sources.AARCH64] + Tpm12SupportNull.c + + [Packages] +@@ -41,10 +36,6 @@ + PeiServicesLib + Tpm2DeviceLib + +-[LibraryClasses.IA32, LibraryClasses.X64] +- BaseLib +- Tpm12DeviceLib +- + [Guids] + gEfiTpmDeviceSelectedGuid ## PRODUCES ## GUID # Used as a PPI GUID + gEfiTpmDeviceInstanceTpm20DtpmGuid ## SOMETIMES_CONSUMES +-- +2.27.0 + diff --git a/SOURCES/edk2-OvmfPkg-drop-TPM_CONFIG_ENABLE.patch b/SOURCES/edk2-OvmfPkg-drop-TPM_CONFIG_ENABLE.patch new file mode 100644 index 0000000..d77387a --- /dev/null +++ b/SOURCES/edk2-OvmfPkg-drop-TPM_CONFIG_ENABLE.patch @@ -0,0 +1,151 @@ +From 505473655db4b91e4a0ac732069968f9eddabc51 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Wed, 15 Dec 2021 12:39:18 +0100 +Subject: [PATCH 3/6] OvmfPkg: drop TPM_CONFIG_ENABLE + +RH-Author: Gerd Hoffmann +RH-MergeRequest: 9: backport tpm build updates, disable tpm 1.2 support +RH-Commit: [3/6] be335526f74358d4af21fbd35cc7008b227ebb23 (kraxel/centos-edk2) +RH-Bugzilla: 1935497 +RH-Acked-by: Oliver Steffen + +Drop TPM_CONFIG_ENABLE config option. Including TPM support in the +build without also including the TPM configuration menu is not useful. + +Suggested-by: Stefan Berger +Signed-off-by: Gerd Hoffmann +Tested-by: Stefan Berger +(cherry picked from commit 5711ff4d0b56ff4c58dc7a780e706bc58aed2253) +--- + OvmfPkg/OvmfTpmComponentsDxe.dsc.inc | 2 -- + OvmfPkg/OvmfTpmDefines.dsc.inc | 1 - + OvmfPkg/OvmfTpmDxe.fdf.inc | 2 -- + OvmfPkg/OvmfTpmPcdsHii.dsc.inc | 2 +- + OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 6 +++--- + OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml | 6 +++--- + OvmfPkg/PlatformCI/ReadMe.md | 2 +- + 7 files changed, 8 insertions(+), 13 deletions(-) + +diff --git a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc +index d5c2586118..e025d85a58 100644 +--- a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc ++++ b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc +@@ -14,9 +14,7 @@ + NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf + } +-!if $(TPM_CONFIG_ENABLE) == TRUE + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +-!endif + SecurityPkg/Tcg/TcgDxe/TcgDxe.inf { + + Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf +diff --git a/OvmfPkg/OvmfTpmDefines.dsc.inc b/OvmfPkg/OvmfTpmDefines.dsc.inc +index 51da7508b3..5df4a331fb 100644 +--- a/OvmfPkg/OvmfTpmDefines.dsc.inc ++++ b/OvmfPkg/OvmfTpmDefines.dsc.inc +@@ -3,4 +3,3 @@ + ## + + DEFINE TPM_ENABLE = FALSE +- DEFINE TPM_CONFIG_ENABLE = FALSE +diff --git a/OvmfPkg/OvmfTpmDxe.fdf.inc b/OvmfPkg/OvmfTpmDxe.fdf.inc +index 9dcdaaf01c..32eef24638 100644 +--- a/OvmfPkg/OvmfTpmDxe.fdf.inc ++++ b/OvmfPkg/OvmfTpmDxe.fdf.inc +@@ -6,7 +6,5 @@ + INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf + INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf + INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf +-!if $(TPM_CONFIG_ENABLE) == TRUE + INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf + !endif +-!endif +diff --git a/OvmfPkg/OvmfTpmPcdsHii.dsc.inc b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc +index 164bc9c7fc..2e02a5b4cb 100644 +--- a/OvmfPkg/OvmfTpmPcdsHii.dsc.inc ++++ b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc +@@ -2,7 +2,7 @@ + # SPDX-License-Identifier: BSD-2-Clause-Patent + ## + +-!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE ++!if $(TPM_ENABLE) == TRUE + gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS + !endif +diff --git a/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml b/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml +index 7117b86b81..1774423580 100644 +--- a/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml ++++ b/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml +@@ -95,21 +95,21 @@ jobs: + OVMF_IA32X64_FULL_DEBUG: + Build.File: "$(package)/PlatformCI/PlatformBuild.py" + Build.Arch: "IA32,X64" +- Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_TPM_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" ++ Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" + Build.Target: "DEBUG" + Run.Flags: $(run_flags) + Run: $(should_run) + OVMF_IA32X64_FULL_RELEASE: + Build.File: "$(package)/PlatformCI/PlatformBuild.py" + Build.Arch: "IA32,X64" +- Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_TPM_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" ++ Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" + Build.Target: "RELEASE" + Run.Flags: $(run_flags) + Run: $(should_run) + OVMF_IA32X64_FULL_NOOPT: + Build.File: "$(package)/PlatformCI/PlatformBuild.py" + Build.Arch: "IA32,X64" +- Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_TPM_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" ++ Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" + Build.Target: "NOOPT" + Run.Flags: $(run_flags) + Run: $(should_run) +diff --git a/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml b/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml +index 2e07a3d889..09f9851312 100644 +--- a/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml ++++ b/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml +@@ -94,14 +94,14 @@ jobs: + OVMF_IA32X64_FULL_DEBUG: + Build.File: "$(package)/PlatformCI/PlatformBuild.py" + Build.Arch: "IA32,X64" +- Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_TPM_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" ++ Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" + Build.Target: "DEBUG" + Run.Flags: $(run_flags) + Run: $(should_run) + OVMF_IA32X64_FULL_RELEASE: + Build.File: "$(package)/PlatformCI/PlatformBuild.py" + Build.Arch: "IA32,X64" +- Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_TPM_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" ++ Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" + Build.Target: "RELEASE" + Run.Flags: $(run_flags) + Run: $(should_run) +@@ -112,7 +112,7 @@ jobs: + # OVMF_IA32X64_FULL_NOOPT: + # Build.File: "$(package)/PlatformCI/PlatformBuild.py" + # Build.Arch: "IA32,X64" +- # Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_TPM_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" ++ # Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" + # Build.Target: "NOOPT" + # Run.Flags: $(run_flags) + # Run: $(should_run) +diff --git a/OvmfPkg/PlatformCI/ReadMe.md b/OvmfPkg/PlatformCI/ReadMe.md +index 2ce9007dbe..44aa7c4a9d 100644 +--- a/OvmfPkg/PlatformCI/ReadMe.md ++++ b/OvmfPkg/PlatformCI/ReadMe.md +@@ -14,7 +14,7 @@ supported and are described below. + | IA32 | IA32 | OvmfPkgIa32.dsc | None | + | X64 | X64 | OvmfPkgIa64.dsc | None | + | IA32 X64 | PEI-IA32 DXE-X64 | OvmfPkgIa32X64.dsc | None | +-| IA32 X64 Full | PEI-IA32 DXE-X64 | OvmfPkgIa32X64.dsc | SECURE_BOOT_ENABLE=1 SMM_REQUIRE=1 TPM_ENABLE=1 TPM_CONFIG_ENABLE=1 NETWORK_TLS_ENABLE=1 NETWORK_IP6_ENABLE=1 NETWORK_HTTP_BOOT_ENABLE=1 | ++| IA32 X64 Full | PEI-IA32 DXE-X64 | OvmfPkgIa32X64.dsc | SECURE_BOOT_ENABLE=1 SMM_REQUIRE=1 TPM_ENABLE=1 NETWORK_TLS_ENABLE=1 NETWORK_IP6_ENABLE=1 NETWORK_HTTP_BOOT_ENABLE=1 | + + ## EDK2 Developer environment + +-- +2.27.0 + diff --git a/SOURCES/edk2-OvmfPkg-move-tcg-configuration-to-dsc-and-fdf-includ.patch b/SOURCES/edk2-OvmfPkg-move-tcg-configuration-to-dsc-and-fdf-includ.patch new file mode 100644 index 0000000..cc6af03 --- /dev/null +++ b/SOURCES/edk2-OvmfPkg-move-tcg-configuration-to-dsc-and-fdf-includ.patch @@ -0,0 +1,993 @@ +From 02544e617ce4dfffff15dab47463484ccdc9a51f Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Wed, 15 Dec 2021 12:39:17 +0100 +Subject: [PATCH 2/6] OvmfPkg: move tcg configuration to dsc and fdf include + files + +RH-Author: Gerd Hoffmann +RH-MergeRequest: 9: backport tpm build updates, disable tpm 1.2 support +RH-Commit: [2/6] d811b2cf266baa0fa3f958af0b80bb208f3fe27c (kraxel/centos-edk2) +RH-Bugzilla: 1935497 +RH-Acked-by: Oliver Steffen + +With this in place the tpm configuration is not duplicated for each of +our four ovmf config variants (ia32, ia32x64, x64, amdsev) and it is +easier to keep them all in sync when updating the tpm configuration. + +No functional change. + +Signed-off-by: Gerd Hoffmann +Reviewed-by: Stefan Berger +(cherry picked from commit b47575801e1903e8b316d01840572ce2681cf2c6) + +[ kraxel: solve conflict in OvmfPkg/AmdSev/AmdSevX64.dsc ] +--- + OvmfPkg/AmdSev/AmdSevX64.dsc | 85 ++++----------------------- + OvmfPkg/AmdSev/AmdSevX64.fdf | 17 +----- + OvmfPkg/OvmfPkgIa32.dsc | 88 ++++------------------------ + OvmfPkg/OvmfPkgIa32.fdf | 17 +----- + OvmfPkg/OvmfPkgIa32X64.dsc | 85 ++++----------------------- + OvmfPkg/OvmfPkgIa32X64.fdf | 17 +----- + OvmfPkg/OvmfPkgX64.dsc | 85 ++++----------------------- + OvmfPkg/OvmfPkgX64.fdf | 17 +----- + OvmfPkg/OvmfTpmComponentsDxe.dsc.inc | 28 +++++++++ + OvmfPkg/OvmfTpmComponentsPei.dsc.inc | 22 +++++++ + OvmfPkg/OvmfTpmDefines.dsc.inc | 6 ++ + OvmfPkg/OvmfTpmDxe.fdf.inc | 12 ++++ + OvmfPkg/OvmfTpmLibs.dsc.inc | 14 +++++ + OvmfPkg/OvmfTpmLibsDxe.dsc.inc | 8 +++ + OvmfPkg/OvmfTpmLibsPeim.dsc.inc | 9 +++ + OvmfPkg/OvmfTpmPcds.dsc.inc | 7 +++ + OvmfPkg/OvmfTpmPcdsHii.dsc.inc | 8 +++ + OvmfPkg/OvmfTpmPei.fdf.inc | 11 ++++ + OvmfPkg/OvmfTpmSecurityStub.dsc.inc | 8 +++ + 19 files changed, 185 insertions(+), 359 deletions(-) + create mode 100644 OvmfPkg/OvmfTpmComponentsDxe.dsc.inc + create mode 100644 OvmfPkg/OvmfTpmComponentsPei.dsc.inc + create mode 100644 OvmfPkg/OvmfTpmDefines.dsc.inc + create mode 100644 OvmfPkg/OvmfTpmDxe.fdf.inc + create mode 100644 OvmfPkg/OvmfTpmLibs.dsc.inc + create mode 100644 OvmfPkg/OvmfTpmLibsDxe.dsc.inc + create mode 100644 OvmfPkg/OvmfTpmLibsPeim.dsc.inc + create mode 100644 OvmfPkg/OvmfTpmPcds.dsc.inc + create mode 100644 OvmfPkg/OvmfTpmPcdsHii.dsc.inc + create mode 100644 OvmfPkg/OvmfTpmPei.fdf.inc + create mode 100644 OvmfPkg/OvmfTpmSecurityStub.dsc.inc + +diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc +index 88b65b9f59..8610602ddb 100644 +--- a/OvmfPkg/AmdSev/AmdSevX64.dsc ++++ b/OvmfPkg/AmdSev/AmdSevX64.dsc +@@ -32,8 +32,8 @@ + # -D FLAG=VALUE + # + DEFINE SOURCE_DEBUG_ENABLE = FALSE +- DEFINE TPM_ENABLE = FALSE +- DEFINE TPM_CONFIG_ENABLE = FALSE ++ ++!include OvmfPkg/OvmfTpmDefines.dsc.inc + + # + # Shell can be useful for debugging but should not be enabled for production +@@ -203,16 +203,7 @@ + SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf + OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf + +-!if $(TPM_ENABLE) == TRUE +- Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf +- Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf +- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf +- Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf +- TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf +-!else +- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf +- TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf +-!endif ++!include OvmfPkg/OvmfTpmLibs.dsc.inc + + [LibraryClasses.common] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +@@ -286,11 +277,7 @@ + PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf + QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf + +-!if $(TPM_ENABLE) == TRUE +- BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf +- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf +-!endif ++!include OvmfPkg/OvmfTpmLibsPeim.dsc.inc + + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf + +@@ -371,10 +358,8 @@ + MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf + QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf + QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.inf +-!if $(TPM_ENABLE) == TRUE +- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf +- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf +-!endif ++ ++!include OvmfPkg/OvmfTpmLibsDxe.dsc.inc + + [LibraryClasses.common.UEFI_APPLICATION] + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf +@@ -576,15 +561,10 @@ + + gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 + +-!if $(TPM_ENABLE) == TRUE +- gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} +-!endif ++!include OvmfPkg/OvmfTpmPcds.dsc.inc + + [PcdsDynamicHii] +-!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE +- gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS +- gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS +-!endif ++!include OvmfPkg/OvmfTpmPcdsHii.dsc.inc + + ################################################################################ + # +@@ -625,24 +605,7 @@ + UefiCpuPkg/CpuMpPei/CpuMpPei.inf + OvmfPkg/AmdSev/SecretPei/SecretPei.inf + +-!if $(TPM_ENABLE) == TRUE +- OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf +- OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +- SecurityPkg/Tcg/TcgPei/TcgPei.inf +- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { +- +- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf +- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf +- } +- SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { +- +- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf +- } +-!endif ++!include OvmfPkg/OvmfTpmComponentsPei.dsc.inc + + # + # DXE Phase modules +@@ -664,10 +627,7 @@ + + MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf { + +-!if $(TPM_ENABLE) == TRUE +- NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf +- NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf +-!endif ++!include OvmfPkg/OvmfTpmSecurityStub.dsc.inc + } + + OvmfPkg/8259InterruptControllerDxe/8259.inf +@@ -830,27 +790,4 @@ + # + # TPM support + # +-!if $(TPM_ENABLE) == TRUE +- SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { +- +- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf +- NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf +- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf +- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf +- } +-!if $(TPM_CONFIG_ENABLE) == TRUE +- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +-!endif +- SecurityPkg/Tcg/TcgDxe/TcgDxe.inf { +- +- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf +- } +- SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { +- +- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf +- } +-!endif ++!include OvmfPkg/OvmfTpmComponentsDxe.dsc.inc +diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf +index 325570c5a3..3f2329dab4 100644 +--- a/OvmfPkg/AmdSev/AmdSevX64.fdf ++++ b/OvmfPkg/AmdSev/AmdSevX64.fdf +@@ -156,13 +156,7 @@ INF UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf + INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf + INF OvmfPkg/AmdSev/SecretPei/SecretPei.inf + +-!if $(TPM_ENABLE) == TRUE +-INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf +-INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +-INF SecurityPkg/Tcg/TcgPei/TcgPei.inf +-INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +-INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf +-!endif ++!include OvmfPkg/OvmfTpmPei.fdf.inc + + ################################################################################ + +@@ -311,14 +305,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf + # + # TPM support + # +-!if $(TPM_ENABLE) == TRUE +-INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf +-INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +-INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf +-!if $(TPM_CONFIG_ENABLE) == TRUE +-INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +-!endif +-!endif ++!include OvmfPkg/OvmfTpmDxe.fdf.inc + + ################################################################################ + +diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc +index fa42d919be..904176ccfc 100644 +--- a/OvmfPkg/OvmfPkgIa32.dsc ++++ b/OvmfPkg/OvmfPkgIa32.dsc +@@ -32,10 +32,10 @@ + DEFINE SECURE_BOOT_ENABLE = FALSE + DEFINE SMM_REQUIRE = FALSE + DEFINE SOURCE_DEBUG_ENABLE = FALSE +- DEFINE TPM_ENABLE = FALSE +- DEFINE TPM_CONFIG_ENABLE = FALSE + DEFINE LOAD_X64_ON_IA32_ENABLE = FALSE + ++!include OvmfPkg/OvmfTpmDefines.dsc.inc ++ + # + # Network definition + # +@@ -229,16 +229,7 @@ + SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf + OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf + +-!if $(TPM_ENABLE) == TRUE +- Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf +- Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf +- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf +- Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf +- TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf +-!else +- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf +- TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf +-!endif ++!include OvmfPkg/OvmfTpmLibs.dsc.inc + + [LibraryClasses.common] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +@@ -309,11 +300,7 @@ + PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf + QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf + +-!if $(TPM_ENABLE) == TRUE +- BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf +- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf +-!endif ++!include OvmfPkg/OvmfTpmLibsPeim.dsc.inc + + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf + +@@ -401,10 +388,8 @@ + MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf + QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf + QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf +-!if $(TPM_ENABLE) == TRUE +- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf +- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf +-!endif ++ ++!include OvmfPkg/OvmfTpmLibsDxe.dsc.inc + + [LibraryClasses.common.UEFI_APPLICATION] + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf +@@ -643,19 +628,14 @@ + + gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 + +-!if $(TPM_ENABLE) == TRUE +- gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} +-!endif ++!include OvmfPkg/OvmfTpmPcds.dsc.inc + + # IPv4 and IPv6 PXE Boot support. + gEfiNetworkPkgTokenSpaceGuid.PcdIPv4PXESupport|0x01 + gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01 + + [PcdsDynamicHii] +-!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE +- gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS +- gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS +-!endif ++!include OvmfPkg/OvmfTpmPcdsHii.dsc.inc + + ################################################################################ + # +@@ -705,24 +685,7 @@ + !endif + UefiCpuPkg/CpuMpPei/CpuMpPei.inf + +-!if $(TPM_ENABLE) == TRUE +- OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf +- OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +- SecurityPkg/Tcg/TcgPei/TcgPei.inf +- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { +- +- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf +- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf +- } +- SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { +- +- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf +- } +-!endif ++!include OvmfPkg/OvmfTpmComponentsPei.dsc.inc + + # + # DXE Phase modules +@@ -747,10 +710,7 @@ + !if $(SECURE_BOOT_ENABLE) == TRUE + NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf + !endif +-!if $(TPM_ENABLE) == TRUE +- NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf +- NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf +-!endif ++!include OvmfPkg/OvmfTpmSecurityStub.dsc.inc + } + + OvmfPkg/8259InterruptControllerDxe/8259.inf +@@ -1004,31 +964,5 @@ + # + # TPM support + # +-!if $(TPM_ENABLE) == TRUE +- SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { +- +- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf +- NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf +- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf +- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf +- } +-!if $(TPM_CONFIG_ENABLE) == TRUE +- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +-!endif +- SecurityPkg/Tcg/TcgDxe/TcgDxe.inf { +- +- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf +- } +- SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { +- +- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf +- } +-!endif ++!include OvmfPkg/OvmfTpmComponentsDxe.dsc.inc + +-!if $(LOAD_X64_ON_IA32_ENABLE) == TRUE +- OvmfPkg/CompatImageLoaderDxe/CompatImageLoaderDxe.inf +-!endif +diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf +index 51433836d6..8ba9ffc83e 100644 +--- a/OvmfPkg/OvmfPkgIa32.fdf ++++ b/OvmfPkg/OvmfPkgIa32.fdf +@@ -161,13 +161,7 @@ INF OvmfPkg/SmmAccess/SmmAccessPei.inf + !endif + INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf + +-!if $(TPM_ENABLE) == TRUE +-INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf +-INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +-INF SecurityPkg/Tcg/TcgPei/TcgPei.inf +-INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +-INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf +-!endif ++!include OvmfPkg/OvmfTpmPei.fdf.inc + + ################################################################################ + +@@ -353,14 +347,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf + # + # TPM support + # +-!if $(TPM_ENABLE) == TRUE +-INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf +-INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +-INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf +-!if $(TPM_CONFIG_ENABLE) == TRUE +-INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +-!endif +-!endif ++!include OvmfPkg/OvmfTpmDxe.fdf.inc + + !if $(LOAD_X64_ON_IA32_ENABLE) == TRUE + INF OvmfPkg/CompatImageLoaderDxe/CompatImageLoaderDxe.inf +diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc +index ef962565f8..aebd8980e4 100644 +--- a/OvmfPkg/OvmfPkgIa32X64.dsc ++++ b/OvmfPkg/OvmfPkgIa32X64.dsc +@@ -32,8 +32,8 @@ + DEFINE SECURE_BOOT_ENABLE = FALSE + DEFINE SMM_REQUIRE = FALSE + DEFINE SOURCE_DEBUG_ENABLE = FALSE +- DEFINE TPM_ENABLE = FALSE +- DEFINE TPM_CONFIG_ENABLE = FALSE ++ ++!include OvmfPkg/OvmfTpmDefines.dsc.inc + + # + # Network definition +@@ -233,16 +233,7 @@ + SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf + OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf + +-!if $(TPM_ENABLE) == TRUE +- Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf +- Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf +- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf +- Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf +- TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf +-!else +- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf +- TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf +-!endif ++!include OvmfPkg/OvmfTpmLibs.dsc.inc + + [LibraryClasses.common] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +@@ -313,11 +304,7 @@ + PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf + QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf + +-!if $(TPM_ENABLE) == TRUE +- BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf +- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf +-!endif ++!include OvmfPkg/OvmfTpmLibsPeim.dsc.inc + + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf + +@@ -405,10 +392,8 @@ + MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf + QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf + QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf +-!if $(TPM_ENABLE) == TRUE +- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf +- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf +-!endif ++ ++!include OvmfPkg/OvmfTpmLibsDxe.dsc.inc + + [LibraryClasses.common.UEFI_APPLICATION] + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf +@@ -655,9 +640,7 @@ + + gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 + +-!if $(TPM_ENABLE) == TRUE +- gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} +-!endif ++!include OvmfPkg/OvmfTpmPcds.dsc.inc + + [PcdsDynamicDefault.X64] + # IPv4 and IPv6 PXE Boot support. +@@ -665,10 +648,7 @@ + gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01 + + [PcdsDynamicHii] +-!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE +- gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS +- gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS +-!endif ++!include OvmfPkg/OvmfTpmPcdsHii.dsc.inc + + ################################################################################ + # +@@ -718,24 +698,7 @@ + !endif + UefiCpuPkg/CpuMpPei/CpuMpPei.inf + +-!if $(TPM_ENABLE) == TRUE +- OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf +- OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +- SecurityPkg/Tcg/TcgPei/TcgPei.inf +- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { +- +- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf +- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf +- } +- SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { +- +- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf +- } +-!endif ++!include OvmfPkg/OvmfTpmComponentsPei.dsc.inc + + [Components.X64] + # +@@ -761,10 +724,7 @@ + !if $(SECURE_BOOT_ENABLE) == TRUE + NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf + !endif +-!if $(TPM_ENABLE) == TRUE +- NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf +- NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf +-!endif ++!include OvmfPkg/OvmfTpmSecurityStub.dsc.inc + } + + OvmfPkg/8259InterruptControllerDxe/8259.inf +@@ -1019,27 +979,4 @@ + # + # TPM support + # +-!if $(TPM_ENABLE) == TRUE +- SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { +- +- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf +- NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf +- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf +- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf +- } +-!if $(TPM_CONFIG_ENABLE) == TRUE +- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +-!endif +- SecurityPkg/Tcg/TcgDxe/TcgDxe.inf { +- +- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf +- } +- SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { +- +- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf +- } +-!endif ++!include OvmfPkg/OvmfTpmComponentsDxe.dsc.inc +diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf +index a50f80e1e9..65d2600016 100644 +--- a/OvmfPkg/OvmfPkgIa32X64.fdf ++++ b/OvmfPkg/OvmfPkgIa32X64.fdf +@@ -164,13 +164,7 @@ INF OvmfPkg/SmmAccess/SmmAccessPei.inf + !endif + INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf + +-!if $(TPM_ENABLE) == TRUE +-INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf +-INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +-INF SecurityPkg/Tcg/TcgPei/TcgPei.inf +-INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +-INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf +-!endif ++!include OvmfPkg/OvmfTpmPei.fdf.inc + + ################################################################################ + +@@ -363,14 +357,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf + # + # TPM support + # +-!if $(TPM_ENABLE) == TRUE +-INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf +-INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +-INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf +-!if $(TPM_CONFIG_ENABLE) == TRUE +-INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +-!endif +-!endif ++!include OvmfPkg/OvmfTpmDxe.fdf.inc + + ################################################################################ + +diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc +index ba9f9833b0..e85ac3d682 100644 +--- a/OvmfPkg/OvmfPkgX64.dsc ++++ b/OvmfPkg/OvmfPkgX64.dsc +@@ -32,8 +32,8 @@ + DEFINE SECURE_BOOT_ENABLE = FALSE + DEFINE SMM_REQUIRE = FALSE + DEFINE SOURCE_DEBUG_ENABLE = FALSE +- DEFINE TPM_ENABLE = FALSE +- DEFINE TPM_CONFIG_ENABLE = FALSE ++ ++!include OvmfPkg/OvmfTpmDefines.dsc.inc + + # + # Network definition +@@ -233,16 +233,7 @@ + SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf + OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf + +-!if $(TPM_ENABLE) == TRUE +- Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf +- Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf +- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf +- Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf +- TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf +-!else +- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf +- TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf +-!endif ++!include OvmfPkg/OvmfTpmLibs.dsc.inc + + [LibraryClasses.common] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +@@ -315,11 +306,7 @@ + PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf + QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf + +-!if $(TPM_ENABLE) == TRUE +- BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf +- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf +-!endif ++!include OvmfPkg/OvmfTpmLibsPeim.dsc.inc + + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf + +@@ -407,10 +394,8 @@ + MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf + QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf + QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf +-!if $(TPM_ENABLE) == TRUE +- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf +- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf +-!endif ++ ++!include OvmfPkg/OvmfTpmLibsDxe.dsc.inc + + [LibraryClasses.common.UEFI_APPLICATION] + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf +@@ -655,19 +640,14 @@ + + gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 + +-!if $(TPM_ENABLE) == TRUE +- gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} +-!endif ++!include OvmfPkg/OvmfTpmPcds.dsc.inc + + # IPv4 and IPv6 PXE Boot support. + gEfiNetworkPkgTokenSpaceGuid.PcdIPv4PXESupport|0x01 + gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01 + + [PcdsDynamicHii] +-!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE +- gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS +- gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS +-!endif ++!include OvmfPkg/OvmfTpmPcdsHii.dsc.inc + + ################################################################################ + # +@@ -717,24 +697,7 @@ + !endif + UefiCpuPkg/CpuMpPei/CpuMpPei.inf + +-!if $(TPM_ENABLE) == TRUE +- OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf +- OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +- SecurityPkg/Tcg/TcgPei/TcgPei.inf +- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { +- +- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf +- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf +- } +- SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { +- +- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf +- } +-!endif ++!include OvmfPkg/OvmfTpmComponentsPei.dsc.inc + + # + # DXE Phase modules +@@ -758,10 +721,7 @@ + + !if $(SECURE_BOOT_ENABLE) == TRUE + NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf +-!endif +-!if $(TPM_ENABLE) == TRUE +- NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf +- NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf ++!include OvmfPkg/OvmfTpmSecurityStub.dsc.inc + !endif + } + +@@ -1017,27 +977,4 @@ + # + # TPM support + # +-!if $(TPM_ENABLE) == TRUE +- SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { +- +- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf +- NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf +- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf +- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf +- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf +- } +-!if $(TPM_CONFIG_ENABLE) == TRUE +- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +-!endif +- SecurityPkg/Tcg/TcgDxe/TcgDxe.inf { +- +- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf +- } +- SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { +- +- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf +- } +-!endif ++!include OvmfPkg/OvmfTpmComponentsDxe.dsc.inc +diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf +index dd1c6eded9..e5cbae2073 100644 +--- a/OvmfPkg/OvmfPkgX64.fdf ++++ b/OvmfPkg/OvmfPkgX64.fdf +@@ -180,13 +180,7 @@ INF OvmfPkg/SmmAccess/SmmAccessPei.inf + !endif + INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf + +-!if $(TPM_ENABLE) == TRUE +-INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf +-INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +-INF SecurityPkg/Tcg/TcgPei/TcgPei.inf +-INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +-INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf +-!endif ++!include OvmfPkg/OvmfTpmPei.fdf.inc + + ################################################################################ + +@@ -379,14 +373,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf + # + # TPM support + # +-!if $(TPM_ENABLE) == TRUE +-INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf +-INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +-INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf +-!if $(TPM_CONFIG_ENABLE) == TRUE +-INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +-!endif +-!endif ++!include OvmfPkg/OvmfTpmDxe.fdf.inc + + ################################################################################ + +diff --git a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc +new file mode 100644 +index 0000000000..d5c2586118 +--- /dev/null ++++ b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc +@@ -0,0 +1,28 @@ ++## ++# SPDX-License-Identifier: BSD-2-Clause-Patent ++## ++ ++!if $(TPM_ENABLE) == TRUE ++ SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { ++ ++ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf ++ NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf ++ HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf ++ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf ++ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf ++ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf ++ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf ++ NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf ++ } ++!if $(TPM_CONFIG_ENABLE) == TRUE ++ SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf ++!endif ++ SecurityPkg/Tcg/TcgDxe/TcgDxe.inf { ++ ++ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf ++ } ++ SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { ++ ++ TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf ++ } ++!endif +diff --git a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc +new file mode 100644 +index 0000000000..99fa7c13b3 +--- /dev/null ++++ b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc +@@ -0,0 +1,22 @@ ++## ++# SPDX-License-Identifier: BSD-2-Clause-Patent ++## ++ ++!if $(TPM_ENABLE) == TRUE ++ OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf ++ OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf ++ SecurityPkg/Tcg/TcgPei/TcgPei.inf ++ SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { ++ ++ HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf ++ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf ++ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf ++ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf ++ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf ++ NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf ++ } ++ SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { ++ ++ TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf ++ } ++!endif +diff --git a/OvmfPkg/OvmfTpmDefines.dsc.inc b/OvmfPkg/OvmfTpmDefines.dsc.inc +new file mode 100644 +index 0000000000..51da7508b3 +--- /dev/null ++++ b/OvmfPkg/OvmfTpmDefines.dsc.inc +@@ -0,0 +1,6 @@ ++## ++# SPDX-License-Identifier: BSD-2-Clause-Patent ++## ++ ++ DEFINE TPM_ENABLE = FALSE ++ DEFINE TPM_CONFIG_ENABLE = FALSE +diff --git a/OvmfPkg/OvmfTpmDxe.fdf.inc b/OvmfPkg/OvmfTpmDxe.fdf.inc +new file mode 100644 +index 0000000000..9dcdaaf01c +--- /dev/null ++++ b/OvmfPkg/OvmfTpmDxe.fdf.inc +@@ -0,0 +1,12 @@ ++## ++# SPDX-License-Identifier: BSD-2-Clause-Patent ++## ++ ++!if $(TPM_ENABLE) == TRUE ++INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf ++INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf ++INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf ++!if $(TPM_CONFIG_ENABLE) == TRUE ++INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf ++!endif ++!endif +diff --git a/OvmfPkg/OvmfTpmLibs.dsc.inc b/OvmfPkg/OvmfTpmLibs.dsc.inc +new file mode 100644 +index 0000000000..50100f2c03 +--- /dev/null ++++ b/OvmfPkg/OvmfTpmLibs.dsc.inc +@@ -0,0 +1,14 @@ ++## ++# SPDX-License-Identifier: BSD-2-Clause-Patent ++## ++ ++!if $(TPM_ENABLE) == TRUE ++ Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf ++ Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf ++ Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf ++ Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf ++ TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf ++!else ++ Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf ++ TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf ++!endif +diff --git a/OvmfPkg/OvmfTpmLibsDxe.dsc.inc b/OvmfPkg/OvmfTpmLibsDxe.dsc.inc +new file mode 100644 +index 0000000000..67d5027aba +--- /dev/null ++++ b/OvmfPkg/OvmfTpmLibsDxe.dsc.inc +@@ -0,0 +1,8 @@ ++## ++# SPDX-License-Identifier: BSD-2-Clause-Patent ++## ++ ++!if $(TPM_ENABLE) == TRUE ++ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf ++ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf ++!endif +diff --git a/OvmfPkg/OvmfTpmLibsPeim.dsc.inc b/OvmfPkg/OvmfTpmLibsPeim.dsc.inc +new file mode 100644 +index 0000000000..4e84e3dcaa +--- /dev/null ++++ b/OvmfPkg/OvmfTpmLibsPeim.dsc.inc +@@ -0,0 +1,9 @@ ++## ++# SPDX-License-Identifier: BSD-2-Clause-Patent ++## ++ ++!if $(TPM_ENABLE) == TRUE ++ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf ++ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf ++ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf ++!endif +diff --git a/OvmfPkg/OvmfTpmPcds.dsc.inc b/OvmfPkg/OvmfTpmPcds.dsc.inc +new file mode 100644 +index 0000000000..0e7f83c04b +--- /dev/null ++++ b/OvmfPkg/OvmfTpmPcds.dsc.inc +@@ -0,0 +1,7 @@ ++## ++# SPDX-License-Identifier: BSD-2-Clause-Patent ++## ++ ++!if $(TPM_ENABLE) == TRUE ++ gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} ++!endif +diff --git a/OvmfPkg/OvmfTpmPcdsHii.dsc.inc b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc +new file mode 100644 +index 0000000000..164bc9c7fc +--- /dev/null ++++ b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc +@@ -0,0 +1,8 @@ ++## ++# SPDX-License-Identifier: BSD-2-Clause-Patent ++## ++ ++!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE ++ gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS ++ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS ++!endif +diff --git a/OvmfPkg/OvmfTpmPei.fdf.inc b/OvmfPkg/OvmfTpmPei.fdf.inc +new file mode 100644 +index 0000000000..9aefd73d21 +--- /dev/null ++++ b/OvmfPkg/OvmfTpmPei.fdf.inc +@@ -0,0 +1,11 @@ ++## ++# SPDX-License-Identifier: BSD-2-Clause-Patent ++## ++ ++!if $(TPM_ENABLE) == TRUE ++INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf ++INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf ++INF SecurityPkg/Tcg/TcgPei/TcgPei.inf ++INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf ++INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf ++!endif +diff --git a/OvmfPkg/OvmfTpmSecurityStub.dsc.inc b/OvmfPkg/OvmfTpmSecurityStub.dsc.inc +new file mode 100644 +index 0000000000..4bd4066843 +--- /dev/null ++++ b/OvmfPkg/OvmfTpmSecurityStub.dsc.inc +@@ -0,0 +1,8 @@ ++## ++# SPDX-License-Identifier: BSD-2-Clause-Patent ++## ++ ++!if $(TPM_ENABLE) == TRUE ++ NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf ++ NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf ++!endif +-- +2.27.0 + diff --git a/SOURCES/edk2-OvmfPkg-remove-unused-TPM-options-from-MicrovmX64.ds.patch b/SOURCES/edk2-OvmfPkg-remove-unused-TPM-options-from-MicrovmX64.ds.patch new file mode 100644 index 0000000..6920cec --- /dev/null +++ b/SOURCES/edk2-OvmfPkg-remove-unused-TPM-options-from-MicrovmX64.ds.patch @@ -0,0 +1,33 @@ +From 9948bb7e9e693b4add121964ec724d4db09df352 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Wed, 15 Dec 2021 12:39:16 +0100 +Subject: [PATCH 1/6] OvmfPkg: remove unused TPM options from MicrovmX64.dsc + +RH-Author: Gerd Hoffmann +RH-MergeRequest: 9: backport tpm build updates, disable tpm 1.2 support +RH-Commit: [1/6] cce6ba5501b413c0eb87ac452a53818e68dfa630 (kraxel/centos-edk2) +RH-Bugzilla: 1935497 +RH-Acked-by: Oliver Steffen + +Signed-off-by: Gerd Hoffmann +(cherry picked from commit 3a72ec71cd83f0f5ad2f1d3c78527f4b247da75f) +--- + OvmfPkg/Microvm/MicrovmX64.dsc | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc +index 617f925395..c58c4c35d4 100644 +--- a/OvmfPkg/Microvm/MicrovmX64.dsc ++++ b/OvmfPkg/Microvm/MicrovmX64.dsc +@@ -32,8 +32,6 @@ + DEFINE SECURE_BOOT_ENABLE = FALSE + DEFINE SMM_REQUIRE = FALSE + DEFINE SOURCE_DEBUG_ENABLE = FALSE +- DEFINE TPM_ENABLE = FALSE +- DEFINE TPM_CONFIG_ENABLE = FALSE + + # + # Network definition +-- +2.27.0 + diff --git a/SOURCES/edk2-OvmfPkg-rework-TPM-configuration.patch b/SOURCES/edk2-OvmfPkg-rework-TPM-configuration.patch new file mode 100644 index 0000000..6843741 --- /dev/null +++ b/SOURCES/edk2-OvmfPkg-rework-TPM-configuration.patch @@ -0,0 +1,293 @@ +From 5787adaccb16e4af7df661d6c7eb3197c7f14218 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Wed, 15 Dec 2021 12:39:20 +0100 +Subject: [PATCH 5/6] OvmfPkg: rework TPM configuration + +RH-Author: Gerd Hoffmann +RH-MergeRequest: 9: backport tpm build updates, disable tpm 1.2 support +RH-Commit: [5/6] 81ed86c6993e8cca4fabf5f471e198134b907562 (kraxel/centos-edk2) +RH-Bugzilla: 1935497 +RH-Acked-by: Oliver Steffen + +Rename TPM_ENABLE to TPM2_ENABLE so naming is in line with the +ArmVirtPkg config option name. + +Add separate TPM1_ENABLE option for TPM 1.2 support. + +Signed-off-by: Gerd Hoffmann +Tested-by: Stefan Berger +(cherry picked from commit 4de8d61bcec02a13ceed84f92b0cf3ea58adf9c5) +--- + OvmfPkg/OvmfTpmComponentsDxe.dsc.inc | 4 +++- + OvmfPkg/OvmfTpmComponentsPei.dsc.inc | 6 +++++- + OvmfPkg/OvmfTpmDefines.dsc.inc | 5 ++++- + OvmfPkg/OvmfTpmDxe.fdf.inc | 4 +++- + OvmfPkg/OvmfTpmLibs.dsc.inc | 4 +++- + OvmfPkg/OvmfTpmLibsDxe.dsc.inc | 4 +++- + OvmfPkg/OvmfTpmLibsPeim.dsc.inc | 4 +++- + OvmfPkg/OvmfTpmPcds.dsc.inc | 2 +- + OvmfPkg/OvmfTpmPcdsHii.dsc.inc | 2 +- + OvmfPkg/OvmfTpmPei.fdf.inc | 6 +++++- + OvmfPkg/OvmfTpmSecurityStub.dsc.inc | 4 +++- + OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 6 +++--- + OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml | 6 +++--- + OvmfPkg/PlatformCI/ReadMe.md | 2 +- + 14 files changed, 41 insertions(+), 18 deletions(-) + +diff --git a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc +index e025d85a58..75ae09571e 100644 +--- a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc ++++ b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc +@@ -2,7 +2,7 @@ + # SPDX-License-Identifier: BSD-2-Clause-Patent + ## + +-!if $(TPM_ENABLE) == TRUE ++!if $(TPM2_ENABLE) == TRUE + SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { + + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf +@@ -15,10 +15,12 @@ + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf + } + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf ++!if $(TPM1_ENABLE) == TRUE + SecurityPkg/Tcg/TcgDxe/TcgDxe.inf { + + Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf + } ++!endif + SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf +diff --git a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc +index 87d491da50..fa486eed82 100644 +--- a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc ++++ b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc +@@ -2,10 +2,14 @@ + # SPDX-License-Identifier: BSD-2-Clause-Patent + ## + +-!if $(TPM_ENABLE) == TRUE ++!if $(TPM2_ENABLE) == TRUE + OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf ++!if $(TPM1_ENABLE) == TRUE + OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf + SecurityPkg/Tcg/TcgPei/TcgPei.inf ++!else ++ OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf ++!endif + SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { + + HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf +diff --git a/OvmfPkg/OvmfTpmDefines.dsc.inc b/OvmfPkg/OvmfTpmDefines.dsc.inc +index 5df4a331fb..a65564d8d9 100644 +--- a/OvmfPkg/OvmfTpmDefines.dsc.inc ++++ b/OvmfPkg/OvmfTpmDefines.dsc.inc +@@ -2,4 +2,7 @@ + # SPDX-License-Identifier: BSD-2-Clause-Patent + ## + +- DEFINE TPM_ENABLE = FALSE ++ DEFINE TPM2_ENABLE = FALSE ++ ++ # has no effect unless TPM2_ENABLE == TRUE ++ DEFINE TPM1_ENABLE = TRUE +diff --git a/OvmfPkg/OvmfTpmDxe.fdf.inc b/OvmfPkg/OvmfTpmDxe.fdf.inc +index 32eef24638..7fc2bf8590 100644 +--- a/OvmfPkg/OvmfTpmDxe.fdf.inc ++++ b/OvmfPkg/OvmfTpmDxe.fdf.inc +@@ -2,8 +2,10 @@ + # SPDX-License-Identifier: BSD-2-Clause-Patent + ## + +-!if $(TPM_ENABLE) == TRUE ++!if $(TPM2_ENABLE) == TRUE ++!if $(TPM1_ENABLE) == TRUE + INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf ++!endif + INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf + INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf + INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +diff --git a/OvmfPkg/OvmfTpmLibs.dsc.inc b/OvmfPkg/OvmfTpmLibs.dsc.inc +index 50100f2c03..418747b134 100644 +--- a/OvmfPkg/OvmfTpmLibs.dsc.inc ++++ b/OvmfPkg/OvmfTpmLibs.dsc.inc +@@ -2,8 +2,10 @@ + # SPDX-License-Identifier: BSD-2-Clause-Patent + ## + +-!if $(TPM_ENABLE) == TRUE ++!if $(TPM2_ENABLE) == TRUE ++!if $(TPM1_ENABLE) == TRUE + Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf ++!endif + Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf + Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf + Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf +diff --git a/OvmfPkg/OvmfTpmLibsDxe.dsc.inc b/OvmfPkg/OvmfTpmLibsDxe.dsc.inc +index 67d5027aba..1d66cdac77 100644 +--- a/OvmfPkg/OvmfTpmLibsDxe.dsc.inc ++++ b/OvmfPkg/OvmfTpmLibsDxe.dsc.inc +@@ -2,7 +2,9 @@ + # SPDX-License-Identifier: BSD-2-Clause-Patent + ## + +-!if $(TPM_ENABLE) == TRUE ++!if $(TPM2_ENABLE) == TRUE ++!if $(TPM1_ENABLE) == TRUE + Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf ++!endif + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf + !endif +diff --git a/OvmfPkg/OvmfTpmLibsPeim.dsc.inc b/OvmfPkg/OvmfTpmLibsPeim.dsc.inc +index 4e84e3dcaa..03caccd7c6 100644 +--- a/OvmfPkg/OvmfTpmLibsPeim.dsc.inc ++++ b/OvmfPkg/OvmfTpmLibsPeim.dsc.inc +@@ -2,8 +2,10 @@ + # SPDX-License-Identifier: BSD-2-Clause-Patent + ## + +-!if $(TPM_ENABLE) == TRUE ++!if $(TPM2_ENABLE) == TRUE + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf ++!if $(TPM1_ENABLE) == TRUE + Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf ++!endif + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf + !endif +diff --git a/OvmfPkg/OvmfTpmPcds.dsc.inc b/OvmfPkg/OvmfTpmPcds.dsc.inc +index 0e7f83c04b..0d55d62737 100644 +--- a/OvmfPkg/OvmfTpmPcds.dsc.inc ++++ b/OvmfPkg/OvmfTpmPcds.dsc.inc +@@ -2,6 +2,6 @@ + # SPDX-License-Identifier: BSD-2-Clause-Patent + ## + +-!if $(TPM_ENABLE) == TRUE ++!if $(TPM2_ENABLE) == TRUE + gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} + !endif +diff --git a/OvmfPkg/OvmfTpmPcdsHii.dsc.inc b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc +index 2e02a5b4cb..e842253235 100644 +--- a/OvmfPkg/OvmfTpmPcdsHii.dsc.inc ++++ b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc +@@ -2,7 +2,7 @@ + # SPDX-License-Identifier: BSD-2-Clause-Patent + ## + +-!if $(TPM_ENABLE) == TRUE ++!if $(TPM2_ENABLE) == TRUE + gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS + !endif +diff --git a/OvmfPkg/OvmfTpmPei.fdf.inc b/OvmfPkg/OvmfTpmPei.fdf.inc +index 709a608cc3..9f8b9bdd5b 100644 +--- a/OvmfPkg/OvmfTpmPei.fdf.inc ++++ b/OvmfPkg/OvmfTpmPei.fdf.inc +@@ -2,10 +2,14 @@ + # SPDX-License-Identifier: BSD-2-Clause-Patent + ## + +-!if $(TPM_ENABLE) == TRUE ++!if $(TPM2_ENABLE) == TRUE + INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf ++!if $(TPM1_ENABLE) == TRUE + INF OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf + INF SecurityPkg/Tcg/TcgPei/TcgPei.inf ++!else ++INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf ++!endif + INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf + INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf + !endif +diff --git a/OvmfPkg/OvmfTpmSecurityStub.dsc.inc b/OvmfPkg/OvmfTpmSecurityStub.dsc.inc +index 4bd4066843..e9ab2fca7b 100644 +--- a/OvmfPkg/OvmfTpmSecurityStub.dsc.inc ++++ b/OvmfPkg/OvmfTpmSecurityStub.dsc.inc +@@ -2,7 +2,9 @@ + # SPDX-License-Identifier: BSD-2-Clause-Patent + ## + +-!if $(TPM_ENABLE) == TRUE ++!if $(TPM2_ENABLE) == TRUE ++!if $(TPM1_ENABLE) == TRUE + NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf ++!endif + NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf + !endif +diff --git a/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml b/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml +index 1774423580..8df31298f5 100644 +--- a/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml ++++ b/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml +@@ -95,21 +95,21 @@ jobs: + OVMF_IA32X64_FULL_DEBUG: + Build.File: "$(package)/PlatformCI/PlatformBuild.py" + Build.Arch: "IA32,X64" +- Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" ++ Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM2_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" + Build.Target: "DEBUG" + Run.Flags: $(run_flags) + Run: $(should_run) + OVMF_IA32X64_FULL_RELEASE: + Build.File: "$(package)/PlatformCI/PlatformBuild.py" + Build.Arch: "IA32,X64" +- Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" ++ Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM2_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" + Build.Target: "RELEASE" + Run.Flags: $(run_flags) + Run: $(should_run) + OVMF_IA32X64_FULL_NOOPT: + Build.File: "$(package)/PlatformCI/PlatformBuild.py" + Build.Arch: "IA32,X64" +- Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" ++ Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM2_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" + Build.Target: "NOOPT" + Run.Flags: $(run_flags) + Run: $(should_run) +diff --git a/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml b/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml +index 09f9851312..68b5d951e9 100644 +--- a/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml ++++ b/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml +@@ -94,14 +94,14 @@ jobs: + OVMF_IA32X64_FULL_DEBUG: + Build.File: "$(package)/PlatformCI/PlatformBuild.py" + Build.Arch: "IA32,X64" +- Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" ++ Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM2_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" + Build.Target: "DEBUG" + Run.Flags: $(run_flags) + Run: $(should_run) + OVMF_IA32X64_FULL_RELEASE: + Build.File: "$(package)/PlatformCI/PlatformBuild.py" + Build.Arch: "IA32,X64" +- Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" ++ Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM2_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" + Build.Target: "RELEASE" + Run.Flags: $(run_flags) + Run: $(should_run) +@@ -112,7 +112,7 @@ jobs: + # OVMF_IA32X64_FULL_NOOPT: + # Build.File: "$(package)/PlatformCI/PlatformBuild.py" + # Build.Arch: "IA32,X64" +- # Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" ++ # Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 BLD_*_TPM2_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1" + # Build.Target: "NOOPT" + # Run.Flags: $(run_flags) + # Run: $(should_run) +diff --git a/OvmfPkg/PlatformCI/ReadMe.md b/OvmfPkg/PlatformCI/ReadMe.md +index 44aa7c4a9d..1216dee126 100644 +--- a/OvmfPkg/PlatformCI/ReadMe.md ++++ b/OvmfPkg/PlatformCI/ReadMe.md +@@ -14,7 +14,7 @@ supported and are described below. + | IA32 | IA32 | OvmfPkgIa32.dsc | None | + | X64 | X64 | OvmfPkgIa64.dsc | None | + | IA32 X64 | PEI-IA32 DXE-X64 | OvmfPkgIa32X64.dsc | None | +-| IA32 X64 Full | PEI-IA32 DXE-X64 | OvmfPkgIa32X64.dsc | SECURE_BOOT_ENABLE=1 SMM_REQUIRE=1 TPM_ENABLE=1 NETWORK_TLS_ENABLE=1 NETWORK_IP6_ENABLE=1 NETWORK_HTTP_BOOT_ENABLE=1 | ++| IA32 X64 Full | PEI-IA32 DXE-X64 | OvmfPkgIa32X64.dsc | SECURE_BOOT_ENABLE=1 SMM_REQUIRE=1 TPM1_ENABLE=1 TPM2_ENABLE=1 NETWORK_TLS_ENABLE=1 NETWORK_IP6_ENABLE=1 NETWORK_HTTP_BOOT_ENABLE=1 | + + ## EDK2 Developer environment + +-- +2.27.0 + diff --git a/SPECS/edk2.spec b/SPECS/edk2.spec index 6d12b38..5836d90 100644 --- a/SPECS/edk2.spec +++ b/SPECS/edk2.spec @@ -1,7 +1,7 @@ ExclusiveArch: x86_64 aarch64 -%define GITDATE 20210527 -%define GITCOMMIT e1999b264f1f +%define GITDATE 20220126 +%define GITCOMMIT bb1bba3d77 %define TOOLCHAIN GCC5 %define OPENSSL_VER 1.1.1k @@ -24,18 +24,18 @@ ExclusiveArch: x86_64 aarch64 Name: edk2 Version: %{GITDATE}git%{GITCOMMIT} -Release: 7%{?dist} +Release: 2%{?dist} Summary: UEFI firmware for 64-bit virtual machines License: BSD-2-Clause-Patent and OpenSSL and MIT URL: http://www.tianocore.org # The source tarball is created using following commands: -# COMMIT=e1999b264f1f +# COMMIT=bb1bba3d77 # git archive --format=tar --prefix=edk2-$COMMIT/ $COMMIT \ # | xz -9ev >/tmp/edk2-$COMMIT.tar.xz Source0: http://batcave.lab.eng.brq.redhat.com/www/edk2-%{GITCOMMIT}.tar.xz Source1: ovmf-whitepaper-c770f8c.txt -Source2: openssl-rhel-bdd048e929dcfcf2f046d74e812e0e3d5fc58504.tar.xz +Source2: openssl-rhel-a75722161d20fd632f8875585d3aa066ec5fea93.tar.xz Source3: ovmf-vars-generator Source4: LICENSE.qosb Source5: RedHatSecureBootPkKek1.pem @@ -48,84 +48,51 @@ Source14: edk2-ovmf-cc.json Patch0008: 0008-BaseTools-do-not-build-BrotliCompress-RH-only.patch Patch0009: 0009-MdeModulePkg-remove-package-private-Brotli-include-p.patch -Patch0010: 0010-advertise-OpenSSL-on-TianoCore-splash-screen-boot-lo.patch -Patch0011: 0011-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch -Patch0012: 0012-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch -Patch0013: 0013-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch -Patch0014: 0014-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch -Patch0015: 0015-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch -Patch0016: 0016-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch -Patch0017: 0017-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch -Patch0018: 0018-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch -Patch0019: 0019-ArmVirtPkg-set-early-hello-message-RH-only.patch -Patch0020: 0020-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch -Patch0021: 0021-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch -Patch0022: 0022-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch -Patch0023: 0023-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch -Patch0024: 0024-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch -Patch0025: 0025-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch -Patch0026: 0026-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch -Patch0027: 0027-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch -# For bz#1961100 - edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe [rhel-9.0] -Patch28: edk2-NetworkPkg-IScsiDxe-wrap-IScsiCHAP-source-files-to-8.patch -# For bz#1961100 - edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe [rhel-9.0] -Patch29: edk2-NetworkPkg-IScsiDxe-simplify-ISCSI_CHAP_AUTH_DATA.In.patch -# For bz#1961100 - edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe [rhel-9.0] -Patch30: edk2-NetworkPkg-IScsiDxe-clean-up-ISCSI_CHAP_AUTH_DATA.Ou.patch -# For bz#1961100 - edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe [rhel-9.0] -Patch31: edk2-NetworkPkg-IScsiDxe-clean-up-library-class-dependenc.patch -# For bz#1961100 - edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe [rhel-9.0] -Patch32: edk2-NetworkPkg-IScsiDxe-fix-potential-integer-overflow-i.patch -# For bz#1961100 - edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe [rhel-9.0] -Patch33: edk2-NetworkPkg-IScsiDxe-assert-that-IScsiBinToHex-always.patch -# For bz#1961100 - edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe [rhel-9.0] -Patch34: edk2-NetworkPkg-IScsiDxe-reformat-IScsiHexToBin-leading-c.patch -# For bz#1961100 - edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe [rhel-9.0] -Patch35: edk2-NetworkPkg-IScsiDxe-fix-IScsiHexToBin-hex-parsing.patch -# For bz#1961100 - edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe [rhel-9.0] -Patch36: edk2-NetworkPkg-IScsiDxe-fix-IScsiHexToBin-buffer-overflo.patch -# For bz#1961100 - edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe [rhel-9.0] -Patch37: edk2-NetworkPkg-IScsiDxe-check-IScsiHexToBin-return-value.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch38: edk2-OvmfPkg-Remove-PrintDxe-RHEL-only.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch39: edk2-OvmfPkg-Remove-EbcDxe-RHEL-only.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch40: edk2-ArmVirtPkg-Remove-EbcDxe-RHEL-only.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch41: edk2-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch42: edk2-OvmfPkg-Remove-QemuRamfbDxe-display-device-driver-RH.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch43: edk2-ArmVirtPkg-Remove-QemuRamfbDxe-display-device-driver.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch44: edk2-OvmfPkg-Remove-NvmExpressDxe-device-driver-RHEL-only.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch45: edk2-ArmVirtPkg-Remove-NvmExpressDxe-device-driver-RHEL-o.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch46: edk2-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch47: edk2-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch48: edk2-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch49: edk2-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch50: edk2-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch51: edk2-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch52: edk2-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch53: edk2-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch54: edk2-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch55: edk2-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch -# For bz#1967747 - edk2: review features and drivers shipped in RHEL -Patch56: edk2-OvmfPkg-Remove-Xen-Drivers-RHEL-only.patch -# For bz#1988760 - edk2 does not ignore PMBR protective record BootIndicator as required by UEFI spec -Patch57: edk2-MdeModulePkg-PartitionDxe-Ignore-PMBR-BootIndicator-.patch +Patch0010: 0010-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch +Patch0011: 0011-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch +Patch0012: 0012-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch +Patch0013: 0013-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch +Patch0014: 0014-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch +Patch0015: 0015-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch +Patch0016: 0016-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch +Patch0017: 0017-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch +Patch0018: 0018-ArmVirtPkg-set-early-hello-message-RH-only.patch +Patch0019: 0019-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch +Patch0020: 0020-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch +Patch0021: 0021-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch +Patch0022: 0022-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch +Patch0023: 0023-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch +Patch0024: 0024-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch +Patch0025: 0025-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch +Patch0026: 0026-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch +Patch0029: 0029-OvmfPkg-Remove-PrintDxe-RHEL-only.patch +Patch0030: 0030-OvmfPkg-Remove-EbcDxe-RHEL-only.patch +Patch0031: 0031-ArmVirtPkg-Remove-EbcDxe-RHEL-only.patch +Patch0032: 0032-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch +Patch0033: 0033-OvmfPkg-Remove-QemuRamfbDxe-display-device-driver-RH.patch +Patch0034: 0034-ArmVirtPkg-Remove-QemuRamfbDxe-display-device-driver.patch +Patch0035: 0035-OvmfPkg-Remove-NvmExpressDxe-device-driver-RHEL-only.patch +Patch0036: 0036-ArmVirtPkg-Remove-NvmExpressDxe-device-driver-RHEL-o.patch +Patch0037: 0037-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch +Patch0038: 0038-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch +Patch0039: 0039-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch +Patch0040: 0040-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch +Patch0041: 0041-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch +Patch0042: 0042-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch +Patch0043: 0043-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch +Patch0044: 0044-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch +Patch0045: 0045-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch +Patch0046: 0046-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch +# For bz#1935497 - edk2 implements and/or uses the deprecated MD5 and SHA-1 algorithms by default +Patch47: edk2-OvmfPkg-remove-unused-TPM-options-from-MicrovmX64.ds.patch +# For bz#1935497 - edk2 implements and/or uses the deprecated MD5 and SHA-1 algorithms by default +Patch48: edk2-OvmfPkg-move-tcg-configuration-to-dsc-and-fdf-includ.patch +# For bz#1935497 - edk2 implements and/or uses the deprecated MD5 and SHA-1 algorithms by default +Patch49: edk2-OvmfPkg-drop-TPM_CONFIG_ENABLE.patch +# For bz#1935497 - edk2 implements and/or uses the deprecated MD5 and SHA-1 algorithms by default +Patch50: edk2-OvmfPkg-create-Tcg12ConfigPei.inf.patch +# For bz#1935497 - edk2 implements and/or uses the deprecated MD5 and SHA-1 algorithms by default +Patch51: edk2-OvmfPkg-rework-TPM-configuration.patch # python3-devel and libuuid-devel are required for building tools. @@ -269,8 +236,8 @@ fi CC_FLAGS="$CC_FLAGS --cmd-len=65536 -t %{TOOLCHAIN} -b DEBUG --hash" CC_FLAGS="$CC_FLAGS -D NETWORK_IP6_ENABLE" CC_FLAGS="$CC_FLAGS -D NETWORK_HTTP_BOOT_ENABLE -D NETWORK_TLS_ENABLE" -CC_FLAGS="$CC_FLAGS -D TPM_ENABLE" # x86 -CC_FLAGS="$CC_FLAGS -D TPM2_ENABLE" # arm +CC_FLAGS="$CC_FLAGS -D TPM2_ENABLE=TRUE" +CC_FLAGS="$CC_FLAGS -D TPM1_ENABLE=FALSE" OVMF_FLAGS="${CC_FLAGS}" OVMF_FLAGS="${OVMF_FLAGS} -D FD_SIZE_4MB" @@ -564,6 +531,26 @@ KERNEL_IMG=$(rpm -q -l $KERNEL_PKG | egrep '^/lib/modules/[^/]+/vmlinuz$') %changelog +* Tue Feb 08 2022 Miroslav Rezanina - 20220126gitbb1bba3d77-2 +- edk2-OvmfPkg-remove-unused-TPM-options-from-MicrovmX64.ds.patch [bz#1935497] +- edk2-OvmfPkg-move-tcg-configuration-to-dsc-and-fdf-includ.patch [bz#1935497] +- edk2-OvmfPkg-drop-TPM_CONFIG_ENABLE.patch [bz#1935497] +- edk2-OvmfPkg-create-Tcg12ConfigPei.inf.patch [bz#1935497] +- edk2-OvmfPkg-rework-TPM-configuration.patch [bz#1935497] +- edk2-spec-adapt-specfile-to-build-option-changes-disable-.patch [bz#1935497] +- Resolves: bz#1935497 + (edk2 implements and/or uses the deprecated MD5 and SHA-1 algorithms by default) + +* Tue Feb 01 2022 Miroslav Rezanina - 20220126gitbb1bba3d77-1 +- Rebase to latest upstream release [bz#2018388] +- Resolves: bz#2018388 + ([rebase] update edk2 to nov '21 release (edk2-stable202111xx)) + +* Fri Jan 14 2022 Miroslav Rezanina - 20210527gite1999b264f1f-8 +- edk2-Revert-advertise-OpenSSL-on-TianoCore-splash-screen-.patch [bz#2027286] +- Resolves: bz#2027286 + (Remove the customized boot splash logo patch) + * Mon Nov 01 2021 Miroslav Rezanina - 20210527gite1999b264f1f-7 - edk2-fix-tpm-build-options.patch [bz#2000396] - Resolves: bz#2000396