From c96825e6f40bcc9ca0a7c7f2439bd0f0a42fc3ef Mon Sep 17 00:00:00 2001 From: Miroslav Rezanina Date: Mon, 2 Sep 2024 06:58:25 -0400 Subject: [PATCH] * Mon Sep 02 2024 Miroslav Rezanina - 20240524-4 - edk2-AmdSevDxe-Fix-the-shim-fallback-reboot-workaround-fo.patch [RHEL-56081] - Resolves: RHEL-56081 ([EDK2] Shim fallback reboot workaround might not work on SNP) --- ...e-shim-fallback-reboot-workaround-fo.patch | 63 +++++++++++++++++++ edk2.spec | 9 ++- 2 files changed, 71 insertions(+), 1 deletion(-) create mode 100644 edk2-AmdSevDxe-Fix-the-shim-fallback-reboot-workaround-fo.patch diff --git a/edk2-AmdSevDxe-Fix-the-shim-fallback-reboot-workaround-fo.patch b/edk2-AmdSevDxe-Fix-the-shim-fallback-reboot-workaround-fo.patch new file mode 100644 index 0000000..8656838 --- /dev/null +++ b/edk2-AmdSevDxe-Fix-the-shim-fallback-reboot-workaround-fo.patch @@ -0,0 +1,63 @@ +From 481310a21104aba17bc0cddd236ecdf69d4ba662 Mon Sep 17 00:00:00 2001 +From: Oliver Steffen +Date: Mon, 26 Aug 2024 19:25:52 +0200 +Subject: [PATCH] AmdSevDxe: Fix the shim fallback reboot workaround for SNP + +RH-Author: Oliver Steffen +RH-MergeRequest: 68: AmdSevDxe: Fix the shim fallback reboot workaround for SNP +RH-Jira: RHEL-56081 +RH-Acked-by: Gerd Hoffmann +RH-Commit: [1/1] ab8678b61d171f9c19459e034483437b29037b4b (osteffen/edk2) + +The shim fallback reboot workaround (introduced for SEV-ES) does +not always work for SEV-SNP, due to a conditional early return. + +Let's just register the workaround earlier in this function to +fix that. + +Signed-off-by: Oliver Steffen +--- + OvmfPkg/AmdSevDxe/AmdSevDxe.c | 21 +++++++++++---------- + 1 file changed, 11 insertions(+), 10 deletions(-) + +diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c +index 0eb88e50ff..ca345e95da 100644 +--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c ++++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c +@@ -243,6 +243,17 @@ AmdSevDxeEntryPoint ( + return EFI_UNSUPPORTED; + } + ++ // Shim fallback reboot workaround ++ Status = gBS->CreateEventEx ( ++ EVT_NOTIFY_SIGNAL, ++ TPL_CALLBACK, ++ PopulateVarstore, ++ SystemTable, ++ &gEfiEndOfDxeEventGroupGuid, ++ &PopulateVarstoreEvent ++ ); ++ ASSERT_EFI_ERROR (Status); ++ + // + // Iterate through the GCD map and clear the C-bit from MMIO and NonExistent + // memory space. The NonExistent memory space will be used for mapping the +@@ -393,15 +404,5 @@ AmdSevDxeEntryPoint ( + ); + } + +- Status = gBS->CreateEventEx ( +- EVT_NOTIFY_SIGNAL, +- TPL_CALLBACK, +- PopulateVarstore, +- SystemTable, +- &gEfiEndOfDxeEventGroupGuid, +- &PopulateVarstoreEvent +- ); +- ASSERT_EFI_ERROR (Status); +- + return EFI_SUCCESS; + } +-- +2.39.3 + diff --git a/edk2.spec b/edk2.spec index 622e601..8ddb1ad 100644 --- a/edk2.spec +++ b/edk2.spec @@ -21,7 +21,7 @@ ExclusiveArch: x86_64 aarch64 Name: edk2 Version: %{GITDATE} -Release: 3%{?dist} +Release: 4%{?dist} Summary: UEFI firmware for 64-bit virtual machines License: BSD-2-Clause-Patent and Apache-2.0 and MIT URL: http://www.tianocore.org @@ -95,6 +95,8 @@ Patch39: edk2-MdeModulePkg-Warn-if-out-of-flash-space-when-writing.patch Patch40: edk2-NetworkPkg-DxeNetLib-adjust-PseudoRandom-error-loggi.patch # For RHEL-45899 - [RHEL-9.5.0] edk2 hit Failed to generate random data Patch41: edk2-NetworkPkg-DxeNetLib-Reword-PseudoRandom-error-loggi.patch +# For RHEL-56081 - [EDK2] Shim fallback reboot workaround might not work on SNP +Patch42: edk2-AmdSevDxe-Fix-the-shim-fallback-reboot-workaround-fo.patch # python3-devel and libuuid-devel are required for building tools. # python3-devel is also needed for varstore template generation and @@ -429,6 +431,11 @@ install -m 0644 \ %changelog +* Mon Sep 02 2024 Miroslav Rezanina - 20240524-4 +- edk2-AmdSevDxe-Fix-the-shim-fallback-reboot-workaround-fo.patch [RHEL-56081] +- Resolves: RHEL-56081 + ([EDK2] Shim fallback reboot workaround might not work on SNP) + * Tue Aug 20 2024 Miroslav Rezanina - 20240524-3 - edk2-NetworkPkg-DxeNetLib-adjust-PseudoRandom-error-loggi.patch [RHEL-45899] - edk2-NetworkPkg-DxeNetLib-Reword-PseudoRandom-error-loggi.patch [RHEL-45899]