Commit Graph

289 Commits

Author SHA1 Message Date
Miroslav Rezanina
e944f536f0 * Mon Nov 11 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-11
- edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66234]
- edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66234]
- Resolves: RHEL-66234
  ([Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-10])
2024-11-11 06:13:33 -05:00
Troy Dawson
a8ae2c4e2e Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
2024-10-29 08:22:22 -07:00
Miroslav Rezanina
0ee4bc0f62 * Tue Oct 08 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-9
- edk2-OvmfPkg-VirtioGpuDxe-ignore-display-resolutions-smal.patch [RHEL-56249]
- edk2-OvmfPkg-QemuVideoDxe-ignore-display-resolutions-smal.patch [RHEL-56249]
- edk2-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch [RHEL-60829]
- Resolves: RHEL-56249
  (507x510 display resolution should not crash the firmware [edk2,rhel-10])
- Resolves: RHEL-60829
  (CVE-2024-38796 edk2: Integer overflows in PeCoffLoaderRelocateImage [rhel-10.0])
2024-10-08 03:12:04 -04:00
Miroslav Rezanina
5d71fdbfa7 * Fri Sep 27 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-8
- edk2-Bumped-openssl-submodule-version-to-0205b5898872.patch [RHEL-55302]
- Resolves: RHEL-55302
  (CVE-2024-6119 edk2/openssl: Possible denial of service in X.509 name checks [rhel-10.0 beta])
2024-09-27 00:22:34 -04:00
Miroslav Rezanina
65d726050c * Fri Sep 13 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-7
- edk2-OvmfPkg-CpuHotplugSmm-delay-SMM-exit.patch [RHEL-56154]
- Resolves: RHEL-56154
  (qemu-kvm: warning: Blocked re-entrant IO on MemoryRegion: acpi-cpu-hotplug at addr: 0x0 [rhel-10])

Rebuild
2024-09-18 02:51:11 -04:00
Miroslav Rezanina
e76486871e * Fri Sep 13 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-6
- edk2-OvmfPkg-CpuHotplugSmm-delay-SMM-exit.patch [RHEL-56154]
- Resolves: RHEL-56154
  (qemu-kvm: warning: Blocked re-entrant IO on MemoryRegion: acpi-cpu-hotplug at addr: 0x0 [rhel-10])
2024-09-13 00:55:20 -04:00
Miroslav Rezanina
30087a7a80 * Mon Sep 09 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-5
- edk2-UefiCpuPkg-PiSmmCpuDxeSmm-skip-PatchInstructionX86-c.patch [RHEL-50185]
- Resolves: RHEL-50185
  ([RHEL10] Hit soft lockup when hotplug vcpu)
2024-09-09 03:34:52 -04:00
Miroslav Rezanina
90ed2ec3c7 * Mon Sep 02 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-4
- edk2-AmdSevDxe-Fix-the-shim-fallback-reboot-workaround-fo.patch [RHEL-56082]
- Resolves: RHEL-56082
  ([EDK2] Shim fallback reboot workaround might not work on SNP [rhel-10])
2024-09-02 05:28:39 -04:00
Miroslav Rezanina
6604c0ed42 * Tue Aug 20 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-3
- edk2-NetworkPkg-DxeNetLib-adjust-PseudoRandom-error-loggi.patch [RHEL-45829]
- edk2-NetworkPkg-DxeNetLib-Reword-PseudoRandom-error-loggi.patch [RHEL-45829]
- Resolves: RHEL-45829
  ([RHEL-10.0] edk2 hit Failed to generate random data )
2024-08-20 02:19:08 -04:00
Miroslav Rezanina
1dedcda65a * Wed Jul 24 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-2
- edk2-MdeModulePkg-Warn-if-out-of-flash-space-when-writing.patch [RHEL-45261]
- Resolves: RHEL-45261
  ([RHEL10] edk2 disconnects abnormally before loading the kernel)
2024-07-24 08:04:29 -04:00
Miroslav Rezanina
691ec5109c * Fri Jun 28 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-1
- Rebase to edk2-stable202405
- Resolves: RHEL-32487
2024-06-28 04:26:35 -04:00
Troy Dawson
ed8e8719c6 Bump release for June 2024 mass rebuild 2024-06-24 08:41:10 -07:00
Yanan Fu
c4d260793d Initial gating.yaml for RHEL-10 OSCI gating
Resolves: RHEL-32188

Signed-off-by: Yanan Fu <yfu@redhat.com>
2024-04-09 15:03:54 +08:00
Miroslav Rezanina
8a2fa30d59 * Tue Apr 02 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240214-1
- Imported edk2-202402 from RHEL 9
- Resolves: RHEL-30180
2024-04-02 04:59:40 -04:00
Fedora Release Engineering
5f8b5dd1fe Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-24 10:09:29 +00:00
Fedora Release Engineering
32cca31e6e Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-19 17:53:12 +00:00
Gerd Hoffmann
bc6d394be4 set PcdSetNxForStack = TRUE for strict nx builds 2023-12-22 13:33:44 +01:00
Gerd Hoffmann
d8f2fa208c set PcdImageProtectionPolicy = 0x03 for strict nx builds 2023-12-22 11:32:14 +01:00
Gerd Hoffmann
b1b2afe957 switch the strictnx build to qcow2 (like all other 4M builds) 2023-12-13 13:42:35 +01:00
Gerd Hoffmann
c17e4f232c add PcdUninstallMemAttrProtocol configuration 2023-12-12 13:23:09 +01:00
Gerd Hoffmann
5a72362f6c swap MemoryAttributeProtocol patch, again 2023-12-12 12:19:37 +01:00
Gerd Hoffmann
645f17ba67 make hashlength configurable in make-tarball.sh
[skip changelog]
2023-12-12 12:10:30 +01:00
Gerd Hoffmann
afdeae3484 update bundled openssl 2023-12-06 13:30:25 +01:00
Gerd Hoffmann
fc6960f38b swap MemoryAttributeProtocol patch 2023-12-06 13:14:20 +01:00
Gerd Hoffmann
f11bca702b fix intel tdx firmware descriptor
Change the device type to memory,
i.e. '-bios $file' to load it into RAM/ROM.
2023-12-06 11:34:05 +01:00
Gerd Hoffmann
e23d2f953b update build config: 64bit pei, tdx sb
Stop using mixed mode builds, switch to 64-bit PEI phase.
Enable secure boot for the intel tdx builds.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2023-12-05 16:17:19 +01:00
Gerd Hoffmann
766cf0772e update build script 2023-12-05 16:16:38 +01:00
Gerd Hoffmann
994feb5796 silence '... has a LOAD segment with RWX permissions' warning 2023-11-27 19:00:10 +01:00
Gerd Hoffmann
3cc1097f10 enroll sb keys for tdx image 2023-11-27 18:56:14 +01:00
Gerd Hoffmann
78febee518 rebase to edk2-stable202311 2023-11-27 10:50:04 +01:00
Gerd Hoffmann
e038ec9e8d add unversioned virt machine type for riscv64 2023-11-17 14:01:11 +01:00
Gerd Hoffmann
0441730028 update debug patch, add proper fix for bz2241388 2023-10-11 10:34:03 +02:00
Gerd Hoffmann
cfa1bfa2a7 test patch for bz2241388 2023-10-10 13:07:41 +02:00
Gerd Hoffmann
0e2f6f6608 add dbxupdate to rpms
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2023-09-27 12:04:21 +02:00
Daniel P. Berrangé
37554dee28 Add BSD-3-Clause for arm firmware
This is used by the berkley-softfloat code built on arm 32-bit

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-09-25 18:12:20 +01:00
Daniel P. Berrangé
fbd6ccde44 Add BSD-2-Clause OR GPL-2.0-or-later license
This is used by FdtLib code which is linked into most of the
arm/riscv/x86 firmware targets.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-09-25 18:11:48 +01:00
Daniel P. Berrangé
c722a2a62d Add BSD-4-Clause and ISC licenses for arm/x86
The arm/x86 platform variants all include inet_pton.c which is
under the BSD-4-Clause and ISC licenses.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-09-25 18:10:25 +01:00
Daniel P. Berrangé
cf1130a5b8 Add public domain license for Lzma code
The Lzma decompressor code is builtin to all the
firmware binaries and the tools

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-09-25 18:08:38 +01:00
Daniel P. Berrangé
cb1564bbee Alphabetize the SPDX license terms
This will make it easier to keep track of licenses as we add records
of more of them.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-09-25 18:06:51 +01:00
Daniel P. Berrangé
3e96cc229d make it simpler to disable silent builds
Sometimes it is important to be able to see the actual set of
files built. Rather than requiring editting the edk2-build.py
arg for each flavour, lets have a macro to turn this off in
one place.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-09-25 12:07:36 +01:00
Gerd Hoffmann
0e461a6aaf fix 2M secure boot build 2023-09-25 09:52:27 +02:00
Miroslav Suchý
7cda606175 Correct SPDX license formula
The operators in the SPDX formula have to be upper case.
2023-09-24 06:32:39 +00:00
Gerd Hoffmann
04a4f0020f upgrade libvirt requirement to 9.7.0 or newer, add more subpackages 2023-09-21 17:18:11 +02:00
Gerd Hoffmann
ff60520676 add riscv64 to ExclusiveArch 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
7bb73aa336 cherry-pick edk2 bugfixes 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
b50b012c4b add README.experimental 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
6180cbc916 rename subpackage ovmf-experimental to experimental 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
1f7c76c7ed stateless: add --set-fallback-no-reboot 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
08c69a778e add experimental + testonly secure boot build for armvirt
It isn't actually secure, but exposes the secure boot APIs
and might be useful for development + CI purposes.
2023-09-19 08:58:15 +02:00
Gerd Hoffmann
58f180d4ee update edk2 build script 2023-09-19 08:58:15 +02:00