import edk2-20220126gitbb1bba3d77-3.el8

This commit is contained in:
CentOS Sources 2022-09-27 10:07:21 -04:00 committed by root
parent 077a31008e
commit 9d13c29e10
4 changed files with 66 additions and 4 deletions

View File

@ -1,2 +1,2 @@
ae830c7278f985cb25e90f4687b46c8b22316bef SOURCES/edk2-bb1bba3d77.tar.xz
801c454f41332e2dcc783983e65a6930ee7cb810 SOURCES/openssl-rhel-a75722161d20fd632f8875585d3aa066ec5fea93.tar.xz
50747c8a7bb55619b69e95683c7c4172d52d1974 SOURCES/openssl-rhel-740e53ace8f6771c205bf84780e26bcd7a3275df.tar.xz

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/edk2-bb1bba3d77.tar.xz
SOURCES/openssl-rhel-a75722161d20fd632f8875585d3aa066ec5fea93.tar.xz
SOURCES/openssl-rhel-740e53ace8f6771c205bf84780e26bcd7a3275df.tar.xz

View File

@ -0,0 +1,50 @@
From e4a64ad230ff2906ec56d41b2a8dd7a0bb39a399 Mon Sep 17 00:00:00 2001
From: Dov Murik <dovmurik@linux.ibm.com>
Date: Tue, 4 Jan 2022 15:16:40 +0800
Subject: [PATCH] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as
reserved
RH-Author: Pawel Polawski <None>
RH-MergeRequest: 11: OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved
RH-Commit: [1/1] a14d34eb204387aae3446770a0e5fb95a9283ae3 (elkoniu/edk2)
RH-Bugzilla: 2041754
RH-Acked-by: Oliver Steffen <None>
Mark the SEV launch secret MEMFD area as reserved, which will allow the
guest OS to use it during the lifetime of the OS, without creating
copies of the sensitive content.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Jiewen Yao <Jiewen.Yao@intel.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
---
OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
index db94c26b54..6bf1a55dea 100644
--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
@@ -19,7 +19,7 @@ InitializeSecretPei (
BuildMemoryAllocationHob (
PcdGet32 (PcdSevLaunchSecretBase),
ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),
- EfiBootServicesData
+ EfiReservedMemoryType
);
return EFI_SUCCESS;
--
2.27.0

View File

@ -7,7 +7,7 @@ ExclusiveArch: x86_64 aarch64
Name: edk2
Version: %{GITDATE}git%{GITCOMMIT}
Release: 1%{?dist}.test
Release: 3%{?dist}
Summary: UEFI firmware for 64-bit virtual machines
Group: Applications/Emulators
License: BSD-2-Clause-Patent and OpenSSL and MIT
@ -19,7 +19,7 @@ URL: http://www.tianocore.org
# | xz -9ev >/tmp/edk2-$COMMIT.tar.xz
Source0: http://batcave.lab.eng.brq.redhat.com/www/edk2-%{GITCOMMIT}.tar.xz
Source1: ovmf-whitepaper-c770f8c.txt
Source2: openssl-rhel-a75722161d20fd632f8875585d3aa066ec5fea93.tar.xz
Source2: openssl-rhel-740e53ace8f6771c205bf84780e26bcd7a3275df.tar.xz
Source3: ovmf-vars-generator
Source4: LICENSE.qosb
Source5: RedHatSecureBootPkKek1.pem
@ -49,6 +49,8 @@ Patch0023: 0023-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch
Patch0024: 0024-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch
Patch0025: 0025-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch
Patch0026: 0026-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch
# For bz#2112307 - Mark SEV launch secret area as reserved
Patch27: edk2-OvmfPkg-AmdSev-SecretPei-Mark-SEV-launch-secret-area.patch
# python3-devel and libuuid-devel are required for building tools.
@ -493,6 +495,16 @@ true
%endif
%changelog
* Tue Aug 02 2022 Camilla Conte <cconte@redhat.com> - 20220126gitbb1bba3d77-3
- Bumping OpenSSL version [bz# 2074834]
- Resolves: bz# 2074834
(edk2: sync openssl sources with rhel openssl rpm)
* Tue Mar 01 2022 Jon Maloy <jmaloy@redhat.com> - 20220126gitbb1bba3d77-2
- edk2-OvmfPkg-AmdSev-SecretPei-Mark-SEV-launch-secret-area.patch [bz#2112307]
- Resolves: bz#2112307
(Mark SEV launch secret area as reserved)
* Wed Feb 02 2022 Jon Maloy <jmaloy@redhat.com> - 20220126gitbb1bba3d77-1.el8
- Rebase to latest upstream release [bz#2018386]
- Resolves: bz#2018386