rpms
/
edk2
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

merge into: rpms:c8
Branches Tags
rpms:c8
rpms:c9
rpms:c9s
rpms:c9-beta
rpms:c8-beta
rpms:a8
rpms:a9
rpms:c8s
rpms:imports/c8/edk2-20220126gitbb1bba3d77-13.el8_10
rpms:imports/c9/edk2-20231122-6.el9
rpms:changed/a8/edk2-20220126gitbb1bba3d77-6.el8_9.6.alma
rpms:changed/a9/edk2-20230524-4.el9_3.2.alma
rpms:imports/c8/edk2-20220126gitbb1bba3d77-6.el8_9.3
rpms:imports/c8/edk2-20220126gitbb1bba3d77-6.el8_9.1
rpms:imports/c9/edk2-20230524-4.el9_3
rpms:imports/c8-beta/edk2-20220126gitbb1bba3d77-6.el8
rpms:imports/c9-beta/edk2-20230524-3.el9
rpms:imports/c8/edk2-20220126gitbb1bba3d77-4.el8
rpms:imports/c9/edk2-20221207gitfff6d81270b5-9.el9_2
rpms:imports/c9-beta/edk2-20221207gitfff6d81270b5-7.el9
rpms:imports/c8-beta/edk2-20220126gitbb1bba3d77-4.el8
rpms:imports/c8s/edk2-20220126gitbb1bba3d77-4.el8
rpms:imports/c9/edk2-20220526git16779ede2d36-3.el9
rpms:imports/c8/edk2-20220126gitbb1bba3d77-3.el8
rpms:imports/c9-beta/edk2-20220526git16779ede2d36-3.el9
rpms:imports/c8-beta/edk2-20220126gitbb1bba3d77-3.el8
rpms:imports/c9/edk2-20220126gitbb1bba3d77-3.el9_0.1
rpms:imports/c8s/edk2-20220126gitbb1bba3d77-3.el8
rpms:imports/c9/edk2-20220126gitbb1bba3d77-3.el9
rpms:imports/c8/edk2-20220126gitbb1bba3d77-2.el8
rpms:imports/c9-beta/edk2-20220126gitbb1bba3d77-3.el9
rpms:imports/c8-beta/edk2-20220126gitbb1bba3d77-1.el8.test
rpms:imports/c8s/edk2-20220126gitbb1bba3d77-2.el8
rpms:imports/c9-beta/edk2-20220126gitbb1bba3d77-2.el9
rpms:imports/c8s/edk2-20220126gitbb1bba3d77-1.el8.test
rpms:imports/c9-beta/edk2-20210527gite1999b264f1f-7.el9
rpms:imports/c9-beta/edk2-20210527gite1999b264f1f-6.el9
rpms:imports/c8/edk2-20210527gite1999b264f1f-3.el8
rpms:imports/c8-beta/edk2-20210527gite1999b264f1f-3.el8
rpms:imports/c8-beta/edk2-20200602gitca407c7246bf-4.el8
rpms:imports/c8-beta/edk2-20200602gitca407c7246bf-2.el8
rpms:imports/c8-beta/edk2-20190829git37eef91017ad-4.el8
rpms:imports/c8-beta/edk2-20190308git89910a39dcfd-4.el8
rpms:imports/c8s/edk2-20210527gite1999b264f1f-3.el8
rpms:imports/c8s/edk2-20210527gite1999b264f1f-1.el8
rpms:imports/c8s/edk2-20200602gitca407c7246bf-5.el8
rpms:imports/c8s/edk2-20200602gitca407c7246bf-4.el8
rpms:imports/c8s/edk2-20200602gitca407c7246bf-3.el8
rpms:imports/c8/edk2-20200602gitca407c7246bf-4.el8_4.2
rpms:imports/c8/edk2-20200602gitca407c7246bf-4.el8_4.1
rpms:imports/c8/edk2-20200602gitca407c7246bf-4.el8
rpms:imports/c8/edk2-20200602gitca407c7246bf-3.el8
rpms:imports/c8/edk2-20190829git37eef91017ad-9.el8
...
pull from: rpms:c9
Branches Tags
rpms:c8
rpms:c9
rpms:c9s
rpms:c9-beta
rpms:c8-beta
rpms:a8
rpms:a9
rpms:c8s
rpms:imports/c8/edk2-20220126gitbb1bba3d77-13.el8_10
rpms:imports/c9/edk2-20231122-6.el9
rpms:changed/a8/edk2-20220126gitbb1bba3d77-6.el8_9.6.alma
rpms:changed/a9/edk2-20230524-4.el9_3.2.alma
rpms:imports/c8/edk2-20220126gitbb1bba3d77-6.el8_9.3
rpms:imports/c8/edk2-20220126gitbb1bba3d77-6.el8_9.1
rpms:imports/c9/edk2-20230524-4.el9_3
rpms:imports/c8-beta/edk2-20220126gitbb1bba3d77-6.el8
rpms:imports/c9-beta/edk2-20230524-3.el9
rpms:imports/c8/edk2-20220126gitbb1bba3d77-4.el8
rpms:imports/c9/edk2-20221207gitfff6d81270b5-9.el9_2
rpms:imports/c9-beta/edk2-20221207gitfff6d81270b5-7.el9
rpms:imports/c8-beta/edk2-20220126gitbb1bba3d77-4.el8
rpms:imports/c8s/edk2-20220126gitbb1bba3d77-4.el8
rpms:imports/c9/edk2-20220526git16779ede2d36-3.el9
rpms:imports/c8/edk2-20220126gitbb1bba3d77-3.el8
rpms:imports/c9-beta/edk2-20220526git16779ede2d36-3.el9
rpms:imports/c8-beta/edk2-20220126gitbb1bba3d77-3.el8
rpms:imports/c9/edk2-20220126gitbb1bba3d77-3.el9_0.1
rpms:imports/c8s/edk2-20220126gitbb1bba3d77-3.el8
rpms:imports/c9/edk2-20220126gitbb1bba3d77-3.el9
rpms:imports/c8/edk2-20220126gitbb1bba3d77-2.el8
rpms:imports/c9-beta/edk2-20220126gitbb1bba3d77-3.el9
rpms:imports/c8-beta/edk2-20220126gitbb1bba3d77-1.el8.test
rpms:imports/c8s/edk2-20220126gitbb1bba3d77-2.el8
rpms:imports/c9-beta/edk2-20220126gitbb1bba3d77-2.el9
rpms:imports/c8s/edk2-20220126gitbb1bba3d77-1.el8.test
rpms:imports/c9-beta/edk2-20210527gite1999b264f1f-7.el9
rpms:imports/c9-beta/edk2-20210527gite1999b264f1f-6.el9
rpms:imports/c8/edk2-20210527gite1999b264f1f-3.el8
rpms:imports/c8-beta/edk2-20210527gite1999b264f1f-3.el8
rpms:imports/c8-beta/edk2-20200602gitca407c7246bf-4.el8
rpms:imports/c8-beta/edk2-20200602gitca407c7246bf-2.el8
rpms:imports/c8-beta/edk2-20190829git37eef91017ad-4.el8
rpms:imports/c8-beta/edk2-20190308git89910a39dcfd-4.el8
rpms:imports/c8s/edk2-20210527gite1999b264f1f-3.el8
rpms:imports/c8s/edk2-20210527gite1999b264f1f-1.el8
rpms:imports/c8s/edk2-20200602gitca407c7246bf-5.el8
rpms:imports/c8s/edk2-20200602gitca407c7246bf-4.el8
rpms:imports/c8s/edk2-20200602gitca407c7246bf-3.el8
rpms:imports/c8/edk2-20200602gitca407c7246bf-4.el8_4.2
rpms:imports/c8/edk2-20200602gitca407c7246bf-4.el8_4.1
rpms:imports/c8/edk2-20200602gitca407c7246bf-4.el8
rpms:imports/c8/edk2-20200602gitca407c7246bf-3.el8
rpms:imports/c8/edk2-20190829git37eef91017ad-9.el8

No commits in common. "c8" and "c9" have entirely different histories.
c8 ... c9

121 changed files with 6290 additions and 19688 deletions
Show Stats Expand all files Collapse all files

5
.edk2.metadata
View File

@ -1,2 +1,3 @@
ae830c7278f985cb25e90f4687b46c8b22316bef SOURCES/edk2-bb1bba3d77.tar.xz
85388ae6525650667302c6b553894430197d9e0d SOURCES/openssl-rhel-cf317b2bb227899cb2e761b9163210f62cab1b1e.tar.xz
de143fc38b339d982079517b6f01bcec5246cf5e SOURCES/DBXUpdate-20230509.x64.bin
4b2ed0d355d3ef44e21a72573e17017630b6d33c SOURCES/edk2-8736b8fdca.tar.xz
bf431935cb72db4d80c8435a0956abb25ca71185 SOURCES/openssl-rhel-db0287935122edceb91dcda8dfb53b4090734e22.tar.xz

5
.gitignore vendored
View File

@ -1,2 +1,3 @@
SOURCES/edk2-bb1bba3d77.tar.xz
SOURCES/openssl-rhel-cf317b2bb227899cb2e761b9163210f62cab1b1e.tar.xz
SOURCES/DBXUpdate-20230509.x64.bin
SOURCES/edk2-8736b8fdca.tar.xz
SOURCES/openssl-rhel-db0287935122edceb91dcda8dfb53b4090734e22.tar.xz

83
SOURCES/0001-ignore-build-artifacts-generated-files-session-setti.patch Normal file
View File

@ -0,0 +1,83 @@
From 21816395a94558c8e5c97f13adbb5ffb909656b8 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 11 Jun 2014 21:55:22 +0200
Subject: [PATCH] ignore build artifacts, generated files, session settings etc
(RHEL only)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
- no changes
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
- refresh against upstream commit 48760409ccc8 (".gitignore: Ignore python
compiled files, extdeps, and vscode", 2019-11-11)
- add ".AutoGenIdFile.txt" to "Conf/.gitignore", in response to upstream
commit 373298ca0d60 ("BaseTools: Fixed issue for IgnoreAutoGen",
2019-09-10)
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
- no changes
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
RHEL-8.1/20190308-89910a39dcfd rebase:
- no changes
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
- reorder the rebase changelog in the commit message so that it reads like
a blog: place more recent entries near the top
- no changes to the patch body
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
- no changes
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
- Conflict resolution against upstream commit 112f4ada2e6b ("edk2: Add
.DS_Store to .gitignore for macOS", 2017-05-04), in the ".gitignore"
file.
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
- no changes
Notes about the 9ece15a -> c9e5618 rebase:
- Upstream added .gitignore files in the meanwhile, we just need some
light customization. In particular the Conf/ReadMe.txt file should not
be ignored, it is not generated.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 3b9c914f2d6bff6274d5ed45fcf4c757ce27031b)
(cherry picked from commit b66c3c6d11a834dc7cb3ab326f09c6a21c0b81e8)
(cherry picked from commit c94381432988f6137de46772cbd4080d9832c9ad)
(cherry picked from commit 730cc57005e4908fcee29109672284808b21ec1c)
(cherry picked from commit 161184bcb55a670f8f7f8c4147825eb360b73794)
(cherry picked from commit 4eec2bb2176f2deda2b2c44a6f2ea167c5a43433)
(cherry picked from commit ea548c8d0c9d4cd5b8b5200eda8ff6ac220a6307)
(cherry picked from commit 4872f69df8b0460fbbfcd75950d81fdcd213f8c0)
---
Conf/.gitignore | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/Conf/.gitignore b/Conf/.gitignore
index 5e4debcc10..8601fc0cee 100644
--- a/Conf/.gitignore
+++ b/Conf/.gitignore
@@ -1 +1,6 @@
-*
+.AutoGenIdFile.txt
+.cache/
+BuildEnv.sh
+build_rule.txt
+target.txt
+tools_def.txt

121
SOURCES/0002-Remove-submodules.patch Normal file
View File

@ -0,0 +1,121 @@
From ff10592d4710f12d601dcfcdd25f28b6941c5141 Mon Sep 17 00:00:00 2001
From: Miroslav Rezanina <mrezanin@redhat.com>
Date: Thu, 24 Mar 2022 03:23:02 -0400
Subject: [PATCH] Remove submodules
Rebase to edk2-stable202311: removing additional submodule:
- CryptoPkg/Library/MbedTlsLib/mbedtls
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Rebase to edk2-stable202305: removing additional submodules:
- MdePkg/Library/BaseFdtLib/libfdt
- MdePkg/Library/MipiSysTLib/mipisyst
- UnitTestFrameworkPkg/Library/GoogleTestLib/googletest
- UnitTestFrameworkPkg/Library/SubhookLib/subhook
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
Upstream edk2 tracks several submodules we do not need in RHEL (removal
done by individual commits in previous RHEL versions):
- openssl: We use RHEL specific openssl submodule later (commit 48f993088e)
- SoftFloat: required only for 32-bit ARM (commit 273787a5c2)
- cmocka: needed for UnitTestFrameworkPkg we do not use (commit a2dca9bcd2)
- oniguruma: rhel do not need this dependency (commit 73f4b42b3a)
- brotli: removed this dependency (commits fcd212ffce, cf62a90767 and ac5782e6ab)
- jansson: we do not depend on JSON parsing or formating (commit c84227659a)
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
MdeModulePkg: remove package-private Brotli include path (RH only)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
- no change
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
- New patch.
Originating from upstream commit 58802e02c41b
("MdeModulePkg/BrotliCustomDecompressLib: Make brotli a submodule",
2020-04-16), "MdeModulePkg/MdeModulePkg.dec" contains a package-internal
include path into a Brotli submodule.
The edk2 build system requires such include paths to resolve successfully,
regardless of the firmware platform being built. Because
BrotliCustomDecompressLib is not consumed by any OvmfPkg or ArmVirtPkg
platforms, and we've removed the submodule earlier in this patch set,
remove the include path too.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit e05e0de713c4a2b8adb6ff9809611f222bfe50ed)
---
BaseTools/Source/C/GNUmakefile | 1 -
CryptoPkg/.gitignore | 1 +
MdeModulePkg/MdeModulePkg.dec | 3 ---
MdePkg/MdePkg.dec | 5 -----
4 files changed, 1 insertion(+), 9 deletions(-)
create mode 100644 CryptoPkg/.gitignore
diff --git a/BaseTools/Source/C/GNUmakefile b/BaseTools/Source/C/GNUmakefile
index 5275f657ef..39d7199753 100644
--- a/BaseTools/Source/C/GNUmakefile
+++ b/BaseTools/Source/C/GNUmakefile
@@ -51,7 +51,6 @@ all: makerootdir subdirs
LIBRARIES = Common
VFRAUTOGEN = VfrCompile/VfrLexer.h
APPLICATIONS = \
- BrotliCompress \
VfrCompile \
EfiRom \
GenFfs \
diff --git a/CryptoPkg/.gitignore b/CryptoPkg/.gitignore
new file mode 100644
index 0000000000..68b83272b7
--- /dev/null
+++ b/CryptoPkg/.gitignore
@@ -0,0 +1 @@
+Library/OpensslLib/openssl*/
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index d2fede4f87..265dfec94f 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -26,9 +26,6 @@
Include
Test/Mock/Include
-[Includes.Common.Private]
- Library/BrotliCustomDecompressLib/brotli/c/include
-
[LibraryClasses]
## @libraryclass Defines a set of methods to reset whole system.
ResetSystemLib|Include/Library/ResetSystemLib.h
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index ac54338089..29f0a6e178 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -29,7 +29,6 @@
Include
Test/UnitTest/Include
Test/Mock/Include
- Library/MipiSysTLib/mipisyst/library/include
[Includes.IA32]
Include/Ia32
@@ -295,10 +294,6 @@
#
FdtLib|Include/Library/FdtLib.h
- ## @libraryclass Provides general mipi sys-T services.
- #
- MipiSysTLib|Include/Library/MipiSysTLib.h
-
## @libraryclass Provides API to output Trace Hub debug message.
#
TraceHubDebugSysTLib|Include/Library/TraceHubDebugSysTLib.h

117
SOURCES/0012-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch → SOURCES/0003-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch
View File

@ -1,8 +1,20 @@
From fbfd113142f594c4f257b5a044a6e17ef7f66505 Mon Sep 17 00:00:00 2001
From a531e0f3c999670f54926b2579e0721d217a49e0 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 25 Feb 2014 22:40:01 +0100
Subject: MdeModulePkg: TerminalDxe: set xterm resolution on mode change (RH
only)
Subject: [PATCH] MdeModulePkg: TerminalDxe: set xterm resolution on mode
change (RH only)
Notes for rebase to edk2-stable202311:
- Minor context changes due to new PCDs (for USB Networking) being added.
Notes for rebase to edk2-stable202205:
- Minor context changes due to fd306d1dbc MdeModulePkg: Add PcdTdxSharedBitMask
Notes for rebase to edk2-stable202202:
- Minor context changes due to 1436aea4d MdeModulePkg: Apply uncrustify changes
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
@ -87,84 +99,84 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
3 files changed, 36 insertions(+)
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index 9d69fb86ed..08d59dfb3e 100644
index 265dfec94f..092a8dee2a 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -2076,6 +2076,10 @@
# @Prompt Enable PCIe Resizable BAR Capability support.
gEfiMdeModulePkgTokenSpaceGuid.PcdPcieResizableBarSupport|FALSE|BOOLEAN|0x10000024
@@ -2158,6 +2158,10 @@
# @Prompt The value is use for Usb Network rate limiting supported.
gEfiMdeModulePkgTokenSpaceGuid.PcdUsbNetworkRateLimitingFactor|100|UINT32|0x10000028
+ ## Controls whether TerminalDxe outputs an XTerm resize sequence on terminal
+ # mode change.
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE|BOOLEAN|0x00010080
+
+ ## Controls whether TerminalDxe outputs an XTerm resize sequence on terminal
+ # mode change.
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE|BOOLEAN|0x00010080
+
[PcdsPatchableInModule]
## Specify memory size with page number for PEI code when
# Loading Module at Fixed Address feature is enabled.
diff --git a/MdeModulePkg/Universal/Console/TerminalDxe/TerminalConOut.c b/MdeModulePkg/Universal/Console/TerminalDxe/TerminalConOut.c
index aae470e956..26156857aa 100644
index 7809869e7d..3be801039b 100644
--- a/MdeModulePkg/Universal/Console/TerminalDxe/TerminalConOut.c
+++ b/MdeModulePkg/Universal/Console/TerminalDxe/TerminalConOut.c
@@ -7,6 +7,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
**/
+#include <Library/PrintLib.h>
+
+#include <Library/PrintLib.h>
+
#include "Terminal.h"
//
@@ -80,6 +82,16 @@ CHAR16 mSetCursorPositionString[] = { ESC, '[', '0', '0', ';', '0', '0', 'H', 0
CHAR16 mCursorForwardString[] = { ESC, '[', '0', '0', 'C', 0 };
CHAR16 mCursorBackwardString[] = { ESC, '[', '0', '0', 'D', 0 };
@@ -80,6 +82,16 @@ CHAR16 mSetCursorPositionString[] = { ESC, '[', '0', '0', ';', '0', '0', 'H', 0
CHAR16 mCursorForwardString[] = { ESC, '[', '0', '0', 'C', 0 };
CHAR16 mCursorBackwardString[] = { ESC, '[', '0', '0', 'D', 0 };
+//
+// Note that this is an ASCII format string, taking two INT32 arguments:
+// rows, columns.
+//
+// A %d (INT32) format specification can expand to at most 11 characters.
+//
+CHAR8 mResizeTextAreaFormatString[] = "\x1B[8;%d;%dt";
+#define RESIZE_SEQ_SIZE (sizeof mResizeTextAreaFormatString + 2 * (11 - 2))
+
+
+//
+// Note that this is an ASCII format string, taking two INT32 arguments:
+// rows, columns.
+//
+// A %d (INT32) format specification can expand to at most 11 characters.
+//
+CHAR8 mResizeTextAreaFormatString[] = "\x1B[8;%d;%dt";
+#define RESIZE_SEQ_SIZE (sizeof mResizeTextAreaFormatString + 2 * (11 - 2))
+
+
//
// Body of the ConOut functions
//
@@ -506,6 +518,24 @@ TerminalConOutSetMode (
@@ -498,6 +510,24 @@ TerminalConOutSetMode (
return EFI_DEVICE_ERROR;
}
+ if (PcdGetBool (PcdResizeXterm)) {
+ CHAR16 ResizeSequence[RESIZE_SEQ_SIZE];
+
+ UnicodeSPrintAsciiFormat (
+ ResizeSequence,
+ sizeof ResizeSequence,
+ mResizeTextAreaFormatString,
+ (INT32) TerminalDevice->TerminalConsoleModeData[ModeNumber].Rows,
+ (INT32) TerminalDevice->TerminalConsoleModeData[ModeNumber].Columns
+ );
+ TerminalDevice->OutputEscChar = TRUE;
+ Status = This->OutputString (This, ResizeSequence);
+ TerminalDevice->OutputEscChar = FALSE;
+ if (EFI_ERROR (Status)) {
+ return EFI_DEVICE_ERROR;
+ }
+ }
+
This->Mode->Mode = (INT32) ModeNumber;
+ if (PcdGetBool (PcdResizeXterm)) {
+ CHAR16 ResizeSequence[RESIZE_SEQ_SIZE];
+
+ UnicodeSPrintAsciiFormat (
+ ResizeSequence,
+ sizeof ResizeSequence,
+ mResizeTextAreaFormatString,
+ (INT32) TerminalDevice->TerminalConsoleModeData[ModeNumber].Rows,
+ (INT32) TerminalDevice->TerminalConsoleModeData[ModeNumber].Columns
+ );
+ TerminalDevice->OutputEscChar = TRUE;
+ Status = This->OutputString (This, ResizeSequence);
+ TerminalDevice->OutputEscChar = FALSE;
+ if (EFI_ERROR (Status)) {
+ return EFI_DEVICE_ERROR;
+ }
+ }
+
This->Mode->Mode = (INT32)ModeNumber;
Status = This->ClearScreen (This);
Status = This->ClearScreen (This);
diff --git a/MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf b/MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
index b2a8aeba85..eff6253465 100644
index b2a8aeba85..96810f337c 100644
--- a/MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
+++ b/MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
@@ -55,6 +55,7 @@
DebugLib
PcdLib
BaseLib
+ PrintLib
+ PrintLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"ConInDev"
@ -172,10 +184,7 @@ index b2a8aeba85..eff6253465 100644
[Pcd]
gEfiMdePkgTokenSpaceGuid.PcdDefaultTerminalType ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdErrorCodeSetVariable ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm ## CONSUMES
# [Event]
# # Relative timer event set by UnicodeToEfiKey(), used to be one 2 seconds input timeout.
--
2.27.0

138
SOURCES/0013-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch → SOURCES/0004-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch
View File

@ -1,7 +1,12 @@
From 9ea7b3f689bf7d21b869adb829139be7eb91bb33 Mon Sep 17 00:00:00 2001
From c53aae9d945648b7301efede1dc77bf7b7f4ee1c Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 14 Oct 2015 15:59:06 +0200
Subject: OvmfPkg: take PcdResizeXterm from the QEMU command line (RH only)
Subject: [PATCH] OvmfPkg: take PcdResizeXterm from the QEMU command line (RH
only)
Notes about edk2-stable202205 rebase
- Necessary minor fixes for upstream changes
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
@ -66,87 +71,142 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 2cc462ee963d0be119bc97bfc9c70d292a40516f)
(cherry picked from commit 51e0de961029af84b5bdbfddcc9762b1819d500f)
---
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 +
OvmfPkg/OvmfPkgIa32.dsc | 1 +
OvmfPkg/OvmfPkgIa32X64.dsc | 1 +
OvmfPkg/OvmfPkgX64.dsc | 1 +
OvmfPkg/PlatformPei/Platform.c | 1 +
OvmfPkg/PlatformPei/PlatformPei.inf | 2 ++
6 files changed, 7 insertions(+)
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 +
OvmfPkg/CloudHv/CloudHvX64.dsc | 1 +
OvmfPkg/IntelTdx/IntelTdxX64.dsc | 1 +
OvmfPkg/Microvm/MicrovmX64.dsc | 2 +-
OvmfPkg/OvmfPkgIa32.dsc | 1 +
OvmfPkg/OvmfPkgIa32X64.dsc | 1 +
OvmfPkg/OvmfPkgX64.dsc | 1 +
OvmfPkg/PlatformPei/Platform.c | 13 +++++++++++++
OvmfPkg/PlatformPei/PlatformPei.inf | 1 +
9 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 5ee5445116..6ea3621225 100644
index 302c90e7c2..ef70f5f08c 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -534,6 +534,7 @@
@@ -486,6 +486,7 @@
[PcdsDynamicDefault]
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|0
diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
index c23c7eaf6c..49521ba47c 100644
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
@@ -576,6 +576,7 @@
# ($(SMM_REQUIRE) == FALSE)
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
!if $(SMM_REQUIRE) == FALSE
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
index 182ec3705d..fd6722499a 100644
--- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
@@ -482,6 +482,7 @@
# ($(SMM_REQUIRE) == FALSE)
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|0
diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc
index ea1fa3e296..79f14b5c05 100644
--- a/OvmfPkg/Microvm/MicrovmX64.dsc
+++ b/OvmfPkg/Microvm/MicrovmX64.dsc
@@ -584,7 +584,7 @@
# only set when
# ($(SMM_REQUIRE) == FALSE)
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
-
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|0
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 6a5be97c05..4cacf0ea94 100644
index ed3a19feeb..3101a3a4cf 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -594,6 +594,7 @@
@@ -604,6 +604,7 @@
# ($(SMM_REQUIRE) == FALSE)
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
!if $(SMM_REQUIRE) == FALSE
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 71227d1b70..6225f8e095 100644
index 16ca139b29..0c174947b7 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -600,6 +600,7 @@
@@ -616,6 +616,7 @@
# ($(SMM_REQUIRE) == FALSE)
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
!if $(SMM_REQUIRE) == FALSE
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 52f7598cf1..b66fc67563 100644
index dc1a0942aa..a328726d55 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -600,6 +600,7 @@
@@ -634,6 +634,7 @@
# ($(SMM_REQUIRE) == FALSE)
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
!if $(SMM_REQUIRE) == FALSE
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c
index df2d9ad015..d0e2c08de9 100644
index f5dc41c3a8..f244dcd24d 100644
--- a/OvmfPkg/PlatformPei/Platform.c
+++ b/OvmfPkg/PlatformPei/Platform.c
@@ -752,6 +752,7 @@ InitializePlatform (
MemTypeInfoInitialization ();
MemMapInitialization ();
NoexecDxeInitialization ();
+ UPDATE_BOOLEAN_PCD_FROM_FW_CFG (PcdResizeXterm);
@@ -41,6 +41,18 @@
#include "Platform.h"
+#define UPDATE_BOOLEAN_PCD_FROM_FW_CFG(TokenName) \
+ do { \
+ BOOLEAN Setting; \
+ RETURN_STATUS PcdStatus; \
+ \
+ if (!RETURN_ERROR (QemuFwCfgParseBool ( \
+ "opt/ovmf/" #TokenName, &Setting))) { \
+ PcdStatus = PcdSetBoolS (TokenName, Setting); \
+ ASSERT_RETURN_ERROR (PcdStatus); \
+ } \
+ } while (0)
+
EFI_PEI_PPI_DESCRIPTOR mPpiBootMode[] = {
{
EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
@@ -355,6 +367,7 @@ InitializePlatform (
MemTypeInfoInitialization (PlatformInfoHob);
MemMapInitialization (PlatformInfoHob);
NoexecDxeInitialization (PlatformInfoHob);
+ UPDATE_BOOLEAN_PCD_FROM_FW_CFG (PcdResizeXterm);
}
InstallClearCacheCallback ();
diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf
index 67eb7aa716..7d26b43680 100644
index 3934aeed95..d84aefee6d 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -93,6 +93,8 @@
@@ -100,6 +100,7 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved
+ gEfiMdeModulePkgTokenSpaceGuid.PcdPciDisableBusEnumeration
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm
gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode
gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable
gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack
--
2.27.0

183
SOURCES/0014-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch → SOURCES/0005-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch
View File

@ -1,7 +1,8 @@
From b846a65eeb926a483cff3e35242097eb6d21ceab Mon Sep 17 00:00:00 2001
From db9d61b18715590fc8956eb5da9b036afbfd9ab9 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Sun, 26 Jul 2015 08:02:50 +0000
Subject: ArmVirtPkg: take PcdResizeXterm from the QEMU command line (RH only)
Subject: [PATCH] ArmVirtPkg: take PcdResizeXterm from the QEMU command line
(RH only)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
@ -90,127 +91,111 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
ArmVirtPkg/ArmVirtQemu.dsc | 7 +++-
.../TerminalPcdProducerLib.c | 34 +++++++++++++++++++
.../TerminalPcdProducerLib.inf | 33 ++++++++++++++++++
OvmfPkg/PlatformPei/PlatformPei.inf | 1 -
4 files changed, 73 insertions(+), 2 deletions(-)
3 files changed, 73 insertions(+), 1 deletion(-)
create mode 100644 ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.c
create mode 100644 ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index 891e065311..e0476ede4f 100644
index 30e3cfc8b9..7b88b7441f 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -282,6 +282,8 @@
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0
@@ -309,6 +309,8 @@
gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x0
!endif
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
+
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
+
[PcdsDynamicHii]
gArmVirtTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gArmVirtVariableGuid|0x0|FALSE|NV,BS
gUefiOvmfPkgTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gOvmfVariableGuid|0x0|FALSE|NV,BS
@@ -384,7 +386,10 @@
@@ -418,7 +420,10 @@
MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf
MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf
MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleDxe.inf
- MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
+ MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf {
+ <LibraryClasses>
+ NULL|ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf
+ }
+ MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf {
+ <LibraryClasses>
+ NULL|ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf
+ }
MdeModulePkg/Universal/SerialDxe/SerialDxe.inf
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
diff --git a/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.c b/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.c
new file mode 100644
index 0000000000..bfd3a6a535
index 0000000000..37f71c5e4c
--- /dev/null
+++ b/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.c
@@ -0,0 +1,34 @@
+/** @file
+* Plugin library for setting up dynamic PCDs for TerminalDxe, from fw_cfg
+*
+* Copyright (C) 2015-2020, Red Hat, Inc.
+* Copyright (c) 2014, Linaro Ltd. All rights reserved.<BR>
+*
+* SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#include <Library/DebugLib.h>
+#include <Library/PcdLib.h>
+#include <Library/QemuFwCfgSimpleParserLib.h>
+
+#define UPDATE_BOOLEAN_PCD_FROM_FW_CFG(TokenName) \
+ do { \
+ BOOLEAN Setting; \
+ RETURN_STATUS PcdStatus; \
+ \
+ if (!RETURN_ERROR (QemuFwCfgParseBool ( \
+ "opt/org.tianocore.edk2.aavmf/" #TokenName, &Setting))) { \
+ PcdStatus = PcdSetBoolS (TokenName, Setting); \
+ ASSERT_RETURN_ERROR (PcdStatus); \
+ } \
+ } while (0)
+
+RETURN_STATUS
+EFIAPI
+TerminalPcdProducerLibConstructor (
+ VOID
+ )
+{
+ UPDATE_BOOLEAN_PCD_FROM_FW_CFG (PcdResizeXterm);
+ return RETURN_SUCCESS;
+}
+/** @file
+* Plugin library for setting up dynamic PCDs for TerminalDxe, from fw_cfg
+*
+* Copyright (C) 2015-2020, Red Hat, Inc.
+* Copyright (c) 2014, Linaro Ltd. All rights reserved.<BR>
+*
+* SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#include <Library/DebugLib.h>
+#include <Library/PcdLib.h>
+#include <Library/QemuFwCfgSimpleParserLib.h>
+
+#define UPDATE_BOOLEAN_PCD_FROM_FW_CFG(TokenName) \
+ do { \
+ BOOLEAN Setting; \
+ RETURN_STATUS PcdStatus; \
+ \
+ if (!RETURN_ERROR (QemuFwCfgParseBool ( \
+ "opt/org.tianocore.edk2.aavmf/" #TokenName, &Setting))) { \
+ PcdStatus = PcdSetBoolS (TokenName, Setting); \
+ ASSERT_RETURN_ERROR (PcdStatus); \
+ } \
+ } while (0)
+
+RETURN_STATUS
+EFIAPI
+TerminalPcdProducerLibConstructor (
+ VOID
+ )
+{
+ UPDATE_BOOLEAN_PCD_FROM_FW_CFG (PcdResizeXterm);
+ return RETURN_SUCCESS;
+}
diff --git a/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf b/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf
new file mode 100644
index 0000000000..a51dbd1670
index 0000000000..c840f6f97a
--- /dev/null
+++ b/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf
@@ -0,0 +1,33 @@
+## @file
+# Plugin library for setting up dynamic PCDs for TerminalDxe, from fw_cfg
+#
+# Copyright (C) 2015-2020, Red Hat, Inc.
+# Copyright (c) 2014, Linaro Ltd. All rights reserved.<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = TerminalPcdProducerLib
+ FILE_GUID = 4a0c5ed7-8c42-4c01-8f4c-7bf258316a96
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = NULL
+ CONSTRUCTOR = TerminalPcdProducerLibConstructor
+
+[Sources]
+ TerminalPcdProducerLib.c
+
+[Packages]
+ MdeModulePkg/MdeModulePkg.dec
+ MdePkg/MdePkg.dec
+ OvmfPkg/OvmfPkg.dec
+
+[LibraryClasses]
+ DebugLib
+ PcdLib
+ QemuFwCfgSimpleParserLib
+
+[Pcd]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm ## SOMETIMES_PRODUCES
diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf
index 7d26b43680..69eb3edad3 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -93,7 +93,6 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved
- gEfiMdeModulePkgTokenSpaceGuid.PcdPciDisableBusEnumeration
gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm
gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode
gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable
--
2.27.0
+## @file
+# Plugin library for setting up dynamic PCDs for TerminalDxe, from fw_cfg
+#
+# Copyright (C) 2015-2020, Red Hat, Inc.
+# Copyright (c) 2014, Linaro Ltd. All rights reserved.<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = TerminalPcdProducerLib
+ FILE_GUID = 4a0c5ed7-8c42-4c01-8f4c-7bf258316a96
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = NULL
+ CONSTRUCTOR = TerminalPcdProducerLibConstructor
+
+[Sources]
+ TerminalPcdProducerLib.c
+
+[Packages]
+ MdeModulePkg/MdeModulePkg.dec
+ MdePkg/MdePkg.dec
+ OvmfPkg/OvmfPkg.dec
+
+[LibraryClasses]
+ DebugLib
+ PcdLib
+ QemuFwCfgSimpleParserLib
+
+[Pcd]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm ## SOMETIMES_PRODUCES

31
SOURCES/0019-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch → SOURCES/0006-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch
View File

@ -1,7 +1,7 @@
From 02687f83845b9ae8455655e117f0b7cdaa18ba5c Mon Sep 17 00:00:00 2001
From ccc528cc7a9d5b0029a1ca91cb592c999e9f8c5a Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 21 Nov 2017 00:57:45 +0100
Subject: OvmfPkg: enable DEBUG_VERBOSE (RHEL only)
Subject: [PATCH] OvmfPkg: enable DEBUG_VERBOSE (RHEL only)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
@ -65,57 +65,54 @@ Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 6ea3621225..366fa79f62 100644
index ef70f5f08c..28bdc56227 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -486,7 +486,7 @@
@@ -428,7 +428,7 @@
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
# // significantly impact boot performance
# DEBUG_ERROR 0x80000000 // Error
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
!if $(SOURCE_DEBUG_ENABLE) == TRUE
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 4cacf0ea94..2aacf1a5ff 100644
index 3101a3a4cf..c4fc79a851 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -534,7 +534,7 @@
@@ -537,7 +537,7 @@
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
# // significantly impact boot performance
# DEBUG_ERROR 0x80000000 // Error
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
!if $(SOURCE_DEBUG_ENABLE) == TRUE
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 6225f8e095..2613c83adb 100644
index 0c174947b7..1da23b5389 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -538,7 +538,7 @@
@@ -544,7 +544,7 @@
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
# // significantly impact boot performance
# DEBUG_ERROR 0x80000000 // Error
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
!if $(SOURCE_DEBUG_ENABLE) == TRUE
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index b66fc67563..d7d34eeef2 100644
index a328726d55..4f886ba644 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -540,7 +540,7 @@
@@ -563,7 +563,7 @@
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
# // significantly impact boot performance
# DEBUG_ERROR 0x80000000 // Error
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
!if $(SOURCE_DEBUG_ENABLE) == TRUE
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
--
2.27.0

87
SOURCES/0020-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch → SOURCES/0007-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch
View File

@ -1,7 +1,7 @@
From a5dd9e06c570b2c003a2b6aea681f0d93bfbfdc4 Mon Sep 17 00:00:00 2001
From 4bb5f3b3473da371b4db99899c1128ae4ff99f6e Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 21 Nov 2017 00:57:46 +0100
Subject: OvmfPkg: silence DEBUG_VERBOSE (0x00400000) in
Subject: [PATCH] OvmfPkg: silence DEBUG_VERBOSE (0x00400000) in
QemuVideoDxe/QemuRamfbDxe (RH)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
@ -82,92 +82,89 @@ Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 files changed, 32 insertions(+), 8 deletions(-)
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 366fa79f62..a289d8a573 100644
index 28bdc56227..cbd48af4dc 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -750,8 +750,14 @@
@@ -694,8 +694,14 @@
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
#
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 2aacf1a5ff..1a5cfa4c6d 100644
index c4fc79a851..75a61c88e6 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -846,9 +846,15 @@
@@ -850,9 +850,15 @@
MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
!ifndef $(CSM_ENABLE)
- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
!endif
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
#
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 2613c83adb..11002ffd95 100644
index 1da23b5389..e5ca067d4c 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -860,9 +860,15 @@
@@ -868,9 +868,15 @@
MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
!ifndef $(CSM_ENABLE)
- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
!endif
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
#
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index d7d34eeef2..f176aa4061 100644
index 4f886ba644..ad314d86c6 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -858,9 +858,15 @@
@@ -936,9 +936,15 @@
MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
!ifndef $(CSM_ENABLE)
- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
!endif
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
#
--
2.27.0

33
SOURCES/0021-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch → SOURCES/0008-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch
View File

@ -1,8 +1,8 @@
From ccc2c9c85f43662f942bf5c303f4a1a9f964c36d Mon Sep 17 00:00:00 2001
From 72830b010e7b78ef8d74cefcb5c6ad018c653ea6 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 27 Jan 2016 03:05:18 +0100
Subject: ArmVirtPkg: silence DEBUG_VERBOSE (0x00400000) in QemuRamfbDxe (RH
only)
Subject: [PATCH] ArmVirtPkg: silence DEBUG_VERBOSE (0x00400000) in
QemuRamfbDxe (RH only)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
@ -61,37 +61,34 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index ec0edf6e7b..e6fad9f066 100644
index 7b88b7441f..fe7b7e1d64 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -509,7 +509,10 @@
@@ -547,7 +547,10 @@
#
# Video support
#
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|($(DEBUG_PRINT_ERROR_LEVEL)) & 0xFFBFFFFF
+ }
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|($(DEBUG_PRINT_ERROR_LEVEL)) & 0xFFBFFFFF
+ }
OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
OvmfPkg/PlatformDxe/Platform.inf
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
index a8bb83b288..656c9d99a3 100644
index b50f8e84a3..4a43892f7d 100644
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
@@ -438,7 +438,10 @@
@@ -447,7 +447,10 @@
#
# Video support
#
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|($(DEBUG_PRINT_ERROR_LEVEL)) & 0xFFBFFFFF
+ }
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|($(DEBUG_PRINT_ERROR_LEVEL)) & 0xFFBFFFFF
+ }
OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
OvmfPkg/PlatformDxe/Platform.inf
--
2.27.0

43
SOURCES/0008-BaseTools-do-not-build-BrotliCompress-RH-only.patch
View File

@ -1,43 +0,0 @@
From 0790c9c4f796fdce8ba6618359b78e1d0b331c95 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Thu, 4 Jun 2020 13:34:12 +0200
Subject: BaseTools: do not build BrotliCompress (RH only)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
- no change
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
- New patch.
BrotliCompress is not used for building ArmVirtPkg or OvmfPkg platforms.
It depends on one of the upstream Brotli git submodules that we removed
earlier in this rebase series. (See patch "remove upstream edk2's Brotli
submodules (RH only").
Do not attempt to build BrotliCompress.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit db8ccca337e2c5722c1d408d2541cf653d3371a2)
---
BaseTools/Source/C/GNUmakefile | 1 -
1 file changed, 1 deletion(-)
diff --git a/BaseTools/Source/C/GNUmakefile b/BaseTools/Source/C/GNUmakefile
index 8c191e0c38..3eae824a1c 100644
--- a/BaseTools/Source/C/GNUmakefile
+++ b/BaseTools/Source/C/GNUmakefile
@@ -48,7 +48,6 @@ all: makerootdir subdirs
LIBRARIES = Common
VFRAUTOGEN = VfrCompile/VfrLexer.h
APPLICATIONS = \
- BrotliCompress \
VfrCompile \
EfiRom \
GenFfs \
--
2.27.0

49
SOURCES/0009-MdeModulePkg-remove-package-private-Brotli-include-p.patch
View File

@ -1,49 +0,0 @@
From df9e25b7e6179a7764d44f915de95af5f850a020 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Thu, 4 Jun 2020 13:39:08 +0200
Subject: MdeModulePkg: remove package-private Brotli include path (RH only)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
- no change
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
- New patch.
Originating from upstream commit 58802e02c41b
("MdeModulePkg/BrotliCustomDecompressLib: Make brotli a submodule",
2020-04-16), "MdeModulePkg/MdeModulePkg.dec" contains a package-internal
include path into a Brotli submodule.
The edk2 build system requires such include paths to resolve successfully,
regardless of the firmware platform being built. Because
BrotliCustomDecompressLib is not consumed by any OvmfPkg or ArmVirtPkg
platforms, and we've removed the submodule earlier in this patch set,
remove the include path too.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit e05e0de713c4a2b8adb6ff9809611f222bfe50ed)
---
MdeModulePkg/MdeModulePkg.dec | 3 ---
1 file changed, 3 deletions(-)
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index 463e889e9a..9d69fb86ed 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -24,9 +24,6 @@
[Includes]
Include
-[Includes.Common.Private]
- Library/BrotliCustomDecompressLib/brotli/c/include
-
[LibraryClasses]
## @libraryclass Defines a set of methods to reset whole system.
ResetSystemLib|Include/Library/ResetSystemLib.h
--
2.27.0

47
SOURCES/0022-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch → SOURCES/0009-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch
View File

@ -1,8 +1,8 @@
From b3147a5ce92a149532ef1ec47cdf14082a56654d Mon Sep 17 00:00:00 2001
From 2b84cf52f9a6f24f932bce5548202460f20ca9d0 Mon Sep 17 00:00:00 2001
From: Philippe Mathieu-Daude <philmd@redhat.com>
Date: Thu, 1 Aug 2019 20:43:48 +0200
Subject: OvmfPkg: QemuRamfbDxe: Do not report DXE failure on Aarch64 silent
builds (RH only)
Subject: [PATCH] OvmfPkg: QemuRamfbDxe: Do not report DXE failure on Aarch64
silent builds (RH only)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
@ -47,49 +47,46 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
2 files changed, 15 insertions(+)
diff --git a/OvmfPkg/QemuRamfbDxe/QemuRamfb.c b/OvmfPkg/QemuRamfbDxe/QemuRamfb.c
index 0d49d8bbab..dbf9bcbe16 100644
index 5a1044f0dc..83c6d26c74 100644
--- a/OvmfPkg/QemuRamfbDxe/QemuRamfb.c
+++ b/OvmfPkg/QemuRamfbDxe/QemuRamfb.c
@@ -13,6 +13,7 @@
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
+#include <Library/DebugPrintErrorLevelLib.h>
+#include <Library/DebugPrintErrorLevelLib.h>
#include <Library/DevicePathLib.h>
#include <Library/FrameBufferBltLib.h>
#include <Library/MemoryAllocationLib.h>
@@ -242,6 +243,19 @@ InitializeQemuRamfb (
@@ -259,6 +260,19 @@ InitializeQemuRamfb (
Status = QemuFwCfgFindFile ("etc/ramfb", &mRamfbFwCfgItem, &FwCfgSize);
if (EFI_ERROR (Status)) {
+#if defined (MDE_CPU_AARCH64)
+ //
+ // RHBZ#1714446
+ // If no ramfb device was configured, this platform DXE driver should
+ // returns EFI_NOT_FOUND, so the DXE Core can unload it. However, even
+ // using a silent build, an error message is issued to the guest console.
+ // Since this confuse users, return success and stay resident. The wasted
+ // guest RAM still gets freed later after ExitBootServices().
+ //
+ if (GetDebugPrintErrorLevel () == DEBUG_ERROR) {
+ return EFI_SUCCESS;
+ }
+#endif
+#if defined (MDE_CPU_AARCH64)
+ //
+ // RHBZ#1714446
+ // If no ramfb device was configured, this platform DXE driver should
+ // returns EFI_NOT_FOUND, so the DXE Core can unload it. However, even
+ // using a silent build, an error message is issued to the guest console.
+ // Since this confuse users, return success and stay resident. The wasted
+ // guest RAM still gets freed later after ExitBootServices().
+ //
+ if (GetDebugPrintErrorLevel () == DEBUG_ERROR) {
+ return EFI_SUCCESS;
+ }
+#endif
return EFI_NOT_FOUND;
}
if (FwCfgSize != sizeof (RAMFB_CONFIG)) {
diff --git a/OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf b/OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
index e3890b8c20..6ffee5acb2 100644
index e3890b8c20..f79a4bc987 100644
--- a/OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
+++ b/OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
@@ -29,6 +29,7 @@
BaseLib
BaseMemoryLib
DebugLib
+ DebugPrintErrorLevelLib
+ DebugPrintErrorLevelLib
DevicePathLib
FrameBufferBltLib
MemoryAllocationLib
--
2.27.0

82
SOURCES/0010-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch
View File

@ -1,82 +0,0 @@
From 1a1bdd69fad22bbf48e3906bb73b33ede6632102 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Thu, 20 Feb 2014 22:54:45 +0100
Subject: OvmfPkg: increase max debug message length to 512 (RHEL only)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
- no change
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
- no change
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
- trivial context difference due to upstream commit 2fe5f2f52918
("OvmfPkg/PlatformDebugLibIoPort: Add new APIs", 2019-04-02), resolved
by git-cherry-pick automatically
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
RHEL-8.1/20190308-89910a39dcfd rebase:
- no changes
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
- reorder the rebase changelog in the commit message so that it reads like
a blog: place more recent entries near the top
- no changes to the patch body
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
- no changes
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
- no changes
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
- no changes
Upstream prefers short debug messages (sometimes even limited to 80
characters), but any line length under 512 characters is just unsuitable
for effective debugging. (For example, config strings in HII routing,
logged by the platform driver "OvmfPkg/PlatformDxe" on DEBUG_VERBOSE
level, can be several hundred characters long.) 512 is an empirically good
value.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit bfe568d18dba15602604f155982e3b73add63dfb)
(cherry picked from commit 29435a32ec9428720c74c454ce9817662e601fb6)
(cherry picked from commit 58e1d1ebb78bfdaf05f4c6e8abf8d4908dfa038a)
(cherry picked from commit 1df2c822c996ad767f2f45570ab2686458f7604a)
(cherry picked from commit 22c9b4e971c70c69b4adf8eb93133824ccb6426a)
(cherry picked from commit a1260c9122c95bcbef1efc5eebe11902767813c2)
(cherry picked from commit e949bab1268f83f0f5815a96cd1cb9dd3b21bfb5)
(cherry picked from commit a95cff0b9573bf23699551beb4786383f697ff1e)
---
OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c b/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c
index dffb20822d..0577c43c3d 100644
--- a/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c
+++ b/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c
@@ -21,7 +21,7 @@
//
// Define the maximum debug and assert message length that this library supports
//
-#define MAX_DEBUG_MESSAGE_LENGTH 0x100
+#define MAX_DEBUG_MESSAGE_LENGTH 0x200
//
// VA_LIST can not initialize to NULL for all compiler, so we use this to
--
2.27.0

65
SOURCES/0023-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch → SOURCES/0010-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch
View File

@ -1,8 +1,8 @@
From a663867a4a99b97d0e1c5fdfed0389312fecd767 Mon Sep 17 00:00:00 2001
From 67230df28e3861c4a7a8fb064a45ed85f015209c Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 21 Nov 2017 00:57:47 +0100
Subject: OvmfPkg: silence EFI_D_VERBOSE (0x00400000) in NvmExpressDxe (RH
only)
Subject: [PATCH] OvmfPkg: silence EFI_D_VERBOSE (0x00400000) in NvmExpressDxe
(RH only)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
@ -63,69 +63,66 @@ Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index a289d8a573..ccdf9b8ce0 100644
index cbd48af4dc..a0319c1f0a 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -744,7 +744,10 @@
OvmfPkg/SataControllerDxe/SataControllerDxe.inf
@@ -688,7 +688,10 @@
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 1a5cfa4c6d..a0666930d6 100644
index 75a61c88e6..34ad4f2777 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -839,7 +839,10 @@
OvmfPkg/SataControllerDxe/SataControllerDxe.inf
@@ -843,7 +843,10 @@
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 11002ffd95..5efeb42bf3 100644
index e5ca067d4c..4278ce5e1d 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -853,7 +853,10 @@
OvmfPkg/SataControllerDxe/SataControllerDxe.inf
@@ -861,7 +861,10 @@
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index f176aa4061..10fb7d7069 100644
index ad314d86c6..e41a1b976e 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -851,7 +851,10 @@
OvmfPkg/SataControllerDxe/SataControllerDxe.inf
@@ -929,7 +929,10 @@
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
--
2.27.0

168
SOURCES/0011-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch
View File

@ -1,168 +0,0 @@
From 8ea4ac38206664e1d833085a0b7d4e0736870c2b Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 25 Feb 2014 18:40:35 +0100
Subject: MdeModulePkg: TerminalDxe: add other text resolutions (RHEL only)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
- no change
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
- no changes
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
- no changes
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
RHEL-8.1/20190308-89910a39dcfd rebase:
- no change
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
- reorder the rebase changelog in the commit message so that it reads like
a blog: place more recent entries near the top
- no changes to the patch body
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
- update commit message as requested in
<https://bugzilla.redhat.com/show_bug.cgi?id=1503316#c0>
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
- no changes
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
- adapt commit 0bc77c63de03 (code and commit message) to upstream commit
390b95a49c14 ("MdeModulePkg/TerminalDxe: Refine
InitializeTerminalConsoleTextMode", 2017-01-10).
When the console output is multiplexed to several devices by
ConSplitterDxe, then ConSplitterDxe builds an intersection of text modes
supported by all console output devices.
Two notable output devices are provided by:
(1) MdeModulePkg/Universal/Console/GraphicsConsoleDxe,
(2) MdeModulePkg/Universal/Console/TerminalDxe.
GraphicsConsoleDxe supports four modes at most -- see
InitializeGraphicsConsoleTextMode() and "mGraphicsConsoleModeData":
(1a) 80x25 (required by the UEFI spec as mode 0),
(1b) 80x50 (not necessarily supported, but if it is, then the UEFI spec
requires the driver to provide it as mode 1),
(1c) 100x31 (corresponding to graphics resolution 800x600, which the UEFI
spec requires from all plug-in graphics devices),
(1d) "full screen" resolution, derived form the underlying GOP's
horizontal and vertical resolutions with division by EFI_GLYPH_WIDTH
(8) and EFI_GLYPH_HEIGHT (19), respectively.
The automatic "full screen resolution" makes GraphicsConsoleDxe's
character console very flexible. However, TerminalDxe (which runs on
serial ports) only provides the following fixed resolutions -- see
InitializeTerminalConsoleTextMode() and "mTerminalConsoleModeData":
(2a) 80x25 (required by the UEFI spec as mode 0),
(2b) 80x50 (since the character resolution of a serial device cannot be
interrogated easily, this is added unconditionally as mode 1),
(2c) 100x31 (since the character resolution of a serial device cannot be
interrogated easily, this is added unconditionally as mode 2).
When ConSplitterDxe combines (1) and (2), multiplexing console output to
both video output and serial terminal, the list of commonly supported text
modes (ie. the "intersection") comprises:
(3a) 80x25, unconditionally, from (1a) and (2a),
(3b) 80x50, if the graphics console provides at least 640x950 pixel
resolution, from (1b) and (2b)
(3c) 100x31, if the graphics device is a plug-in one (because in that case
800x600 is a mandated pixel resolution), from (1c) and (2c).
Unfortunately, the "full screen resolution" (1d) of the GOP-based text
console is not available in general.
Mitigate this problem by extending "mTerminalConsoleModeData" with a
handful of text resolutions that are derived from widespread maximal pixel
resolutions. This way TerminalDxe won't cause ConSplitterDxe to filter out
the most frequent (1d) values from the intersection, and eg. the MODE
command in the UEFI shell will offer the "best" (ie. full screen)
resolution too.
Upstreaming efforts for this patch have been discontinued; it was clear
from the off-list thread that consensus was impossible to reach.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 99dc3720ac86059f60156197328cc433603c536e)
(cherry picked from commit d2066c1748f885043026c51dec1bc8d6d406ae8f)
(cherry picked from commit 1facdd58e946c584a3dc1e5be8f2f837b5a7c621)
(cherry picked from commit 28faeb5f94b4866b9da16cf2a1e4e0fc09a26e37)
(cherry picked from commit 4e4e15b80a5b2103eadd495ef4a830d46dd4ed51)
(cherry picked from commit 12cb13a1da913912bd9148ce8f2353a75be77f18)
(cherry picked from commit 82b9edc5fef3a07227a45059bbe821af7b9abd69)
---
.../Universal/Console/TerminalDxe/Terminal.c | 41 +++++++++++++++++--
1 file changed, 38 insertions(+), 3 deletions(-)
diff --git a/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.c b/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.c
index a98b690c8b..ded5513c74 100644
--- a/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.c
+++ b/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.c
@@ -115,9 +115,44 @@ TERMINAL_DEV mTerminalDevTemplate = {
};
TERMINAL_CONSOLE_MODE_DATA mTerminalConsoleModeData[] = {
- {80, 25},
- {80, 50},
- {100, 31},
+ { 80, 25 }, // from graphics resolution 640 x 480
+ { 80, 50 }, // from graphics resolution 640 x 960
+ { 100, 25 }, // from graphics resolution 800 x 480
+ { 100, 31 }, // from graphics resolution 800 x 600
+ { 104, 32 }, // from graphics resolution 832 x 624
+ { 120, 33 }, // from graphics resolution 960 x 640
+ { 128, 31 }, // from graphics resolution 1024 x 600
+ { 128, 40 }, // from graphics resolution 1024 x 768
+ { 144, 45 }, // from graphics resolution 1152 x 864
+ { 144, 45 }, // from graphics resolution 1152 x 870
+ { 160, 37 }, // from graphics resolution 1280 x 720
+ { 160, 40 }, // from graphics resolution 1280 x 760
+ { 160, 40 }, // from graphics resolution 1280 x 768
+ { 160, 42 }, // from graphics resolution 1280 x 800
+ { 160, 50 }, // from graphics resolution 1280 x 960
+ { 160, 53 }, // from graphics resolution 1280 x 1024
+ { 170, 40 }, // from graphics resolution 1360 x 768
+ { 170, 40 }, // from graphics resolution 1366 x 768
+ { 175, 55 }, // from graphics resolution 1400 x 1050
+ { 180, 47 }, // from graphics resolution 1440 x 900
+ { 200, 47 }, // from graphics resolution 1600 x 900
+ { 200, 63 }, // from graphics resolution 1600 x 1200
+ { 210, 55 }, // from graphics resolution 1680 x 1050
+ { 240, 56 }, // from graphics resolution 1920 x 1080
+ { 240, 63 }, // from graphics resolution 1920 x 1200
+ { 240, 75 }, // from graphics resolution 1920 x 1440
+ { 250, 105 }, // from graphics resolution 2000 x 2000
+ { 256, 80 }, // from graphics resolution 2048 x 1536
+ { 256, 107 }, // from graphics resolution 2048 x 2048
+ { 320, 75 }, // from graphics resolution 2560 x 1440
+ { 320, 84 }, // from graphics resolution 2560 x 1600
+ { 320, 107 }, // from graphics resolution 2560 x 2048
+ { 350, 110 }, // from graphics resolution 2800 x 2100
+ { 400, 126 }, // from graphics resolution 3200 x 2400
+ { 480, 113 }, // from graphics resolution 3840 x 2160
+ { 512, 113 }, // from graphics resolution 4096 x 2160
+ { 960, 227 }, // from graphics resolution 7680 x 4320
+ { 1024, 227 }, // from graphics resolution 8192 x 4320
//
// New modes can be added here.
//
--
2.27.0

51
SOURCES/0025-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch → SOURCES/0011-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch
View File

@ -1,8 +1,8 @@
From d9416e3015cadb3214d5ca409e57fd2352ae1961 Mon Sep 17 00:00:00 2001
From 9bf175beabab17dae1b5883d528ae3d9d834249b Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 24 Jun 2020 11:31:36 +0200
Subject: OvmfPkg/QemuKernelLoaderFsDxe: suppress error on no "-kernel" in
silent aa64 build (RH)
Subject: [PATCH] OvmfPkg/QemuKernelLoaderFsDxe: suppress error on no "-kernel"
in silent aa64 build (RH)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
@ -32,52 +32,49 @@ Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
2 files changed, 18 insertions(+)
diff --git a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c
index 6832d563bc..08ed67f5ff 100644
index 3c12085f6c..e192809198 100644
--- a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c
+++ b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c
@@ -19,6 +19,7 @@
#include <Library/BaseMemoryLib.h>
#include <Library/BlobVerifierLib.h>
#include <Library/DebugLib.h>
+#include <Library/DebugPrintErrorLevelLib.h>
+#include <Library/DebugPrintErrorLevelLib.h>
#include <Library/DevicePathLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/QemuFwCfgLib.h>
@@ -1054,6 +1055,22 @@ QemuKernelLoaderFsDxeEntrypoint (
@@ -1081,6 +1082,22 @@ QemuKernelLoaderFsDxeEntrypoint (
if (KernelBlob->Data == NULL) {
Status = EFI_NOT_FOUND;
+#if defined (MDE_CPU_AARCH64)
+ //
+ // RHBZ#1844682
+ //
+ // If the "-kernel" QEMU option is not being used, this platform DXE driver
+ // should return EFI_NOT_FOUND, so that the DXE Core can unload it.
+ // However, the associated error message, logged by the DXE Core to the
+ // serial console, is not desired in the silent edk2-aarch64 build, given
+ // that the absence of "-kernel" is nothing out of the ordinary. Therefore,
+ // return success and stay resident. The wasted guest RAM still gets freed
+ // after ExitBootServices().
+ //
+ if (GetDebugPrintErrorLevel () == DEBUG_ERROR) {
+ Status = EFI_SUCCESS;
+ }
+#endif
+#if defined (MDE_CPU_AARCH64)
+ //
+ // RHBZ#1844682
+ //
+ // If the "-kernel" QEMU option is not being used, this platform DXE driver
+ // should return EFI_NOT_FOUND, so that the DXE Core can unload it.
+ // However, the associated error message, logged by the DXE Core to the
+ // serial console, is not desired in the silent edk2-aarch64 build, given
+ // that the absence of "-kernel" is nothing out of the ordinary. Therefore,
+ // return success and stay resident. The wasted guest RAM still gets freed
+ // after ExitBootServices().
+ //
+ if (GetDebugPrintErrorLevel () == DEBUG_ERROR) {
+ Status = EFI_SUCCESS;
+ }
+#endif
goto FreeBlobs;
}
diff --git a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf
index 7b35adb8e0..e0331c6e2c 100644
index 7b35adb8e0..23d9f5fca1 100644
--- a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf
+++ b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf
@@ -28,6 +28,7 @@
BaseLib
BaseMemoryLib
DebugLib
+ DebugPrintErrorLevelLib
+ DebugPrintErrorLevelLib
DevicePathLib
MemoryAllocationLib
QemuFwCfgLib
--
2.27.0

55
SOURCES/0026-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch → SOURCES/0012-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch
View File

@ -1,8 +1,8 @@
From fd19e4e33d52e843e6e35adde2c1e266497e8a7b Mon Sep 17 00:00:00 2001
From d3d9a0ea8cdd6a8438a878a859ca0cd416c42ad6 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 24 Jun 2020 11:40:09 +0200
Subject: SecurityPkg/Tcg2Dxe: suppress error on no swtpm in silent aa64 build
(RH)
Subject: [PATCH] SecurityPkg/Tcg2Dxe: suppress error on no swtpm in silent
aa64 build (RH)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
@ -31,52 +31,49 @@ Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
2 files changed, 18 insertions(+)
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
index 6d17616c1c..f1a97d4b2d 100644
index f6ea8b2bbf..1fd5e187fb 100644
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
@@ -28,6 +28,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Protocol/ResetNotification.h>
#include <Library/DebugLib.h>
+#include <Library/DebugPrintErrorLevelLib.h>
+#include <Library/DebugPrintErrorLevelLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/UefiRuntimeServicesTableLib.h>
#include <Library/UefiDriverEntryPoint.h>
@@ -2642,6 +2643,22 @@ DriverEntry (
if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceNoneGuid) ||
CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid)){
@@ -2691,6 +2692,22 @@ DriverEntry (
CompareGuid (PcdGetPtr (PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid))
{
DEBUG ((DEBUG_INFO, "No TPM2 instance required!\n"));
+#if defined (MDE_CPU_AARCH64)
+ //
+ // RHBZ#1844682
+ //
+ // If swtpm / vTPM2 is not being used, this driver should return
+ // EFI_UNSUPPORTED, so that the DXE Core can unload it. However, the
+ // associated error message, logged by the DXE Core to the serial console,
+ // is not desired in the silent edk2-aarch64 build, given that the absence
+ // of swtpm / vTPM2 is nothing out of the ordinary. Therefore, return
+ // success and stay resident. The wasted guest RAM still gets freed after
+ // ExitBootServices().
+ //
+ if (GetDebugPrintErrorLevel () == DEBUG_ERROR) {
+ return EFI_SUCCESS;
+ }
+#endif
+#if defined (MDE_CPU_AARCH64)
+ //
+ // RHBZ#1844682
+ //
+ // If swtpm / vTPM2 is not being used, this driver should return
+ // EFI_UNSUPPORTED, so that the DXE Core can unload it. However, the
+ // associated error message, logged by the DXE Core to the serial console,
+ // is not desired in the silent edk2-aarch64 build, given that the absence
+ // of swtpm / vTPM2 is nothing out of the ordinary. Therefore, return
+ // success and stay resident. The wasted guest RAM still gets freed after
+ // ExitBootServices().
+ //
+ if (GetDebugPrintErrorLevel () == DEBUG_ERROR) {
+ return EFI_SUCCESS;
+ }
+#endif
return EFI_UNSUPPORTED;
}
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
index 7dc7a2683d..3bc8833931 100644
index 7dc7a2683d..ae90070b36 100644
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
@@ -55,6 +55,7 @@
UefiRuntimeServicesTableLib
BaseMemoryLib
DebugLib
+ DebugPrintErrorLevelLib
+ DebugPrintErrorLevelLib
Tpm2CommandLib
PrintLib
UefiLib
--
2.27.0

126
SOURCES/0013-OvmfPkg-Remove-EbcDxe-RHEL-only.patch Normal file
View File

@ -0,0 +1,126 @@
From ce3ac92a202a0b845654c05449107840edf5d2f9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Date: Thu, 1 Jul 2021 20:28:49 +0200
Subject: [PATCH] OvmfPkg: Remove EbcDxe (RHEL only)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-MergeRequest: 3: Disable features for RHEL9
RH-Commit: [2/19] 6777c3dc453e4aecddc20216f783ba2a5acccaa0
RH-Bugzilla: 1967747
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
Remove EFI Byte Code interpreter.
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 -
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 -
OvmfPkg/OvmfPkgIa32.dsc | 1 -
OvmfPkg/OvmfPkgIa32.fdf | 1 -
OvmfPkg/OvmfPkgIa32X64.dsc | 1 -
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
OvmfPkg/OvmfPkgX64.dsc | 1 -
OvmfPkg/OvmfPkgX64.fdf | 1 -
8 files changed, 8 deletions(-)
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index a0319c1f0a..906c1a4332 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -613,7 +613,6 @@
!include OvmfPkg/Include/Dsc/OvmfTpmSecurityStub.dsc.inc
}
- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
UefiCpuPkg/CpuDxe/CpuDxe.inf
OvmfPkg/LocalApicTimerDxe/LocalApicTimerDxe.inf
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
index b2ab0c7773..20d31d0e2d 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
@@ -205,7 +205,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
-INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
INF UefiCpuPkg/CpuDxe/CpuDxe.inf
INF OvmfPkg/LocalApicTimerDxe/LocalApicTimerDxe.inf
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 34ad4f2777..d664b42c67 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -753,7 +753,6 @@
!include OvmfPkg/Include/Dsc/OvmfTpmSecurityStub.dsc.inc
}
- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
UefiCpuPkg/CpuDxe/CpuDxe.inf
!ifdef $(CSM_ENABLE)
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
index 383613e54b..236680dec2 100644
--- a/OvmfPkg/OvmfPkgIa32.fdf
+++ b/OvmfPkg/OvmfPkgIa32.fdf
@@ -216,7 +216,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
-INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
INF UefiCpuPkg/CpuDxe/CpuDxe.inf
!ifdef $(CSM_ENABLE)
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 4278ce5e1d..2e0af7698a 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -771,7 +771,6 @@
!include OvmfPkg/Include/Dsc/OvmfTpmSecurityStub.dsc.inc
}
- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
UefiCpuPkg/CpuDxe/CpuDxe.inf
!ifdef $(CSM_ENABLE)
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index 3cec3d0c87..3ad2fe5eee 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -217,7 +217,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
-INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
INF UefiCpuPkg/CpuDxe/CpuDxe.inf
!ifdef $(CSM_ENABLE)
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index e41a1b976e..55f6760f4c 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -816,7 +816,6 @@
!include OvmfPkg/Include/Dsc/OvmfTpmSecurityStub.dsc.inc
}
- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
UefiCpuPkg/CpuDxe/CpuDxe.inf {
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index 9c35b6e848..da4541d747 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -239,7 +239,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
-INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
INF UefiCpuPkg/CpuDxe/CpuDxe.inf

126
SOURCES/0014-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch Normal file
View File

@ -0,0 +1,126 @@
From 536709a91fe5d9bf5bb41bc0ae56cb3e3fa0cf5a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Date: Thu, 1 Jul 2021 20:28:59 +0200
Subject: [PATCH] OvmfPkg: Remove VirtioGpu device driver (RHEL only)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-MergeRequest: 3: Disable features for RHEL9
RH-Commit: [4/19] f0a41317291f2e9e3b5bd3125149c3866f23ab08
RH-Bugzilla: 1967747
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
QemuVideoDxe binds virtio-vga, so VirtioGpu is not needed.
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 -
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 -
OvmfPkg/OvmfPkgIa32.dsc | 1 -
OvmfPkg/OvmfPkgIa32.fdf | 1 -
OvmfPkg/OvmfPkgIa32X64.dsc | 1 -
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
OvmfPkg/OvmfPkgX64.dsc | 1 -
OvmfPkg/OvmfPkgX64.fdf | 1 -
8 files changed, 8 deletions(-)
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 906c1a4332..52b0d1062c 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -704,7 +704,6 @@
<PcdsFixedAtBuild>
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
}
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
#
# ISA Support
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
index 20d31d0e2d..48cc3b00c1 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
@@ -300,7 +300,6 @@ INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
-INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
INF OvmfPkg/PlatformDxe/Platform.inf
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index d664b42c67..d39d9e8c27 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -861,7 +861,6 @@
<PcdsFixedAtBuild>
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
}
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
#
# ISA Support
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
index 236680dec2..381735165d 100644
--- a/OvmfPkg/OvmfPkgIa32.fdf
+++ b/OvmfPkg/OvmfPkgIa32.fdf
@@ -334,7 +334,6 @@ INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
!endif
INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
-INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
INF OvmfPkg/PlatformDxe/Platform.inf
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 2e0af7698a..0e3de2ec5e 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -879,7 +879,6 @@
<PcdsFixedAtBuild>
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
}
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
#
# ISA Support
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index 3ad2fe5eee..2ca10f7c5e 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -340,7 +340,6 @@ INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
!endif
INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
-INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
INF OvmfPkg/PlatformDxe/Platform.inf
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 55f6760f4c..c266686361 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -947,7 +947,6 @@
<PcdsFixedAtBuild>
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
}
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
#
# ISA Support
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index da4541d747..00b3f9d0d8 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -367,7 +367,6 @@ INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
!endif
INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
-INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
INF OvmfPkg/PlatformDxe/Platform.inf
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf

100
SOURCES/0015-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch Normal file
View File

@ -0,0 +1,100 @@
From ff214a87a99084bd91a04711e52ec1bffa911557 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Date: Thu, 1 Jul 2021 20:29:13 +0200
Subject: [PATCH] OvmfPkg: Remove VirtioFsDxe filesystem driver (RHEL only)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-MergeRequest: 3: Disable features for RHEL9
RH-Commit: [9/19] b40d8a6b9c38568a74fb922b12bbae9f0e721f95
RH-Bugzilla: 1967747
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
Remove the virtio-fs driver.
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
OvmfPkg/OvmfPkgIa32.dsc | 1 -
OvmfPkg/OvmfPkgIa32.fdf | 1 -
OvmfPkg/OvmfPkgIa32X64.dsc | 1 -
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
OvmfPkg/OvmfPkgX64.dsc | 1 -
OvmfPkg/OvmfPkgX64.fdf | 1 -
6 files changed, 6 deletions(-)
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index d39d9e8c27..12ed090eab 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -836,7 +836,6 @@
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
FatPkg/EnhancedFatDxe/Fat.inf
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
index 381735165d..bd69792100 100644
--- a/OvmfPkg/OvmfPkgIa32.fdf
+++ b/OvmfPkg/OvmfPkgIa32.fdf
@@ -296,7 +296,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
-INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 0e3de2ec5e..821423cfe2 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -854,7 +854,6 @@
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
FatPkg/EnhancedFatDxe/Fat.inf
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index 2ca10f7c5e..4011682faf 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -297,7 +297,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
-INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index c266686361..ea3f8d73bc 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -922,7 +922,6 @@
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
FatPkg/EnhancedFatDxe/Fat.inf
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index 00b3f9d0d8..c53501679a 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -322,7 +322,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
-INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf

172
SOURCES/0015-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch
View File

@ -1,172 +0,0 @@
From e8e12cb7d3a47e5823cf2cb12c9bfe5901d3b100 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 4 Nov 2014 23:02:53 +0100
Subject: OvmfPkg: allow exclusion of the shell from the firmware image (RH
only)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
- No manual / explicit code change is necessary, because the newly
inherited OvmfPkg/AmdSev platform already has its own BUILD_SHELL
build-time macro (feature test flag), with default value FALSE -- from
upstream commit b261a30c900a ("OvmfPkg/AmdSev: add Grub Firmware Volume
Package", 2020-12-14).
- Contextual differences from new upstream commits 2d8ca4f90eae ("OvmfPkg:
enable HttpDynamicCommand", 2020-10-01) and 5ab6a0e1c8e9 ("OvmfPkg:
introduce VirtioFsDxe", 2020-12-21) have been auto-resolved by
git-cherry-pick.
- Remove obsolete commit message tags related to downstream patch
management: Message-id, Patchwork-id, O-Subject, Acked-by
(RHBZ#1846481).
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
- context difference from upstream commit ec41733cfd10 ("OvmfPkg: add the
'initrd' dynamic shell command", 2020-03-04) correctly auto-resolved
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
- no change
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
RHEL-8.1/20190308-89910a39dcfd rebase:
- update the patch against the following upstream commits:
- 4b888334d234 ("OvmfPkg: Remove EdkShellBinPkg in FDF", 2018-11-19)
- 277a3958d93a ("OvmfPkg: Don't include TftpDynamicCommand in XCODE5
tool chain", 2018-11-27)
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
- reorder the rebase changelog in the commit message so that it reads like
a blog: place more recent entries near the top
- no changes to the patch body
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
- no change
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
- no changes
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
- no changes
Bugzilla: 1147592
When '-D EXCLUDE_SHELL_FROM_FD' is passed to 'build', exclude the shell
binary from the firmware image.
Peter Jones advised us that firmware vendors for physical systems disable
the memory-mapped, firmware image-contained UEFI shell in
SecureBoot-enabled builds. The reason being that the memory-mapped shell
can always load, it may have direct access to various hardware in the
system, and it can run UEFI shell scripts (which cannot be signed at all).
Intended use of the new build option:
- In-tree builds: don't pass '-D EXCLUDE_SHELL_FROM_FD'. The resultant
firmware image will contain a shell binary, independently of SecureBoot
enablement, which is flexible for interactive development. (Ie. no
change for in-tree builds.)
- RPM builds: pass both '-D SECURE_BOOT_ENABLE' and
'-D EXCLUDE_SHELL_FROM_FD'. The resultant RPM will provide:
- OVMF_CODE.fd: SecureBoot-enabled firmware, without builtin UEFI shell,
- OVMF_VARS.fd: variable store template matching OVMF_CODE.fd,
- UefiShell.iso: a bootable ISO image with the shell on it as default
boot loader. The shell binary will load when SecureBoot is turned off,
and won't load when SecureBoot is turned on (because it is not
signed).
UefiShell.iso is the reason we're not excluding the shell from the DSC
files as well, only the FDF files -- when '-D EXCLUDE_SHELL_FROM_FD'
is specified, the shell binary needs to be built the same, only it
will be included in UefiShell.iso.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 9c391def70366cabae08e6008814299c3372fafd)
(cherry picked from commit d9dd9ee42937b2611fe37183cc9ec7f62d946933)
(cherry picked from commit 23df46ebbe7b09451d3a05034acd4d3a25e7177b)
(cherry picked from commit f0303f71d576c51b01c4ff961b429d0e0e707245)
(cherry picked from commit bbd64eb8658e9a33eab4227d9f4e51ad78d9f687)
(cherry picked from commit 8628ef1b8d675ebec39d83834abbe3c8c8c42cf4)
(cherry picked from commit 229c88dc3ded9baeaca8b87767dc5c41c05afd6e)
(cherry picked from commit c2812d7189dee06c780f05a5880eb421c359a687)
---
OvmfPkg/OvmfPkgIa32.fdf | 2 ++
OvmfPkg/OvmfPkgIa32X64.fdf | 2 ++
OvmfPkg/OvmfPkgX64.fdf | 2 ++
3 files changed, 6 insertions(+)
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
index 775ea2d710..00ea14adf0 100644
--- a/OvmfPkg/OvmfPkgIa32.fdf
+++ b/OvmfPkg/OvmfPkgIa32.fdf
@@ -290,12 +290,14 @@ INF FatPkg/EnhancedFatDxe/Fat.inf
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
+!ifndef $(EXCLUDE_SHELL_FROM_FD)
!if $(TOOL_CHAIN_TAG) != "XCODE5"
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif
INF ShellPkg/Application/Shell/Shell.inf
+!endif
INF MdeModulePkg/Logo/LogoDxe.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index 9d8695922f..e33a40c44e 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -294,12 +294,14 @@ INF FatPkg/EnhancedFatDxe/Fat.inf
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
+!ifndef $(EXCLUDE_SHELL_FROM_FD)
!if $(TOOL_CHAIN_TAG) != "XCODE5"
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif
INF ShellPkg/Application/Shell/Shell.inf
+!endif
INF MdeModulePkg/Logo/LogoDxe.inf
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index b6cc3cabdd..85b4b23857 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -310,12 +310,14 @@ INF FatPkg/EnhancedFatDxe/Fat.inf
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
+!ifndef $(EXCLUDE_SHELL_FROM_FD)
!if $(TOOL_CHAIN_TAG) != "XCODE5"
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif
INF ShellPkg/Application/Shell/Shell.inf
+!endif
INF MdeModulePkg/Logo/LogoDxe.inf
--
2.27.0

93
SOURCES/0016-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch
View File

@ -1,93 +0,0 @@
From eba5ecf4b2611d593a978ccac804314ab7848754 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 14 Oct 2015 13:49:43 +0200
Subject: ArmPlatformPkg: introduce fixed PCD for early hello message (RH only)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
- no change
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
- no change
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
- no change
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
RHEL-8.1/20190308-89910a39dcfd rebase:
- no change
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
- reorder the rebase changelog in the commit message so that it reads like
a blog: place more recent entries near the top
- no changes to the patch body
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
- no changes
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
- no changes
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
- no changes
Drew has proposed that ARM|AARCH64 platform firmware (especially virtual
machine firmware) print a reasonably early, simple hello message to the
serial port, regardless of debug mask settings. This should inform
interactive users, and provide some rough help in localizing boot
problems, even with restrictive debug masks.
If a platform doesn't want this feature, it should stick with the default
empty string.
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1270279
Downstream only:
<http://thread.gmane.org/gmane.comp.bios.edk2.devel/2996/focus=3433>.
Suggested-by: Drew Jones <drjones@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 7ce97b06421434c82095f01a1753a8c9c546cc30)
(cherry picked from commit 20b1f1cbd0590aa71c6d99d35e23cf08e0707750)
(cherry picked from commit 6734b88cf7abcaf42632e3d2fc469b2169dd2f16)
(cherry picked from commit ef77da632559e9baa1c69869e4cbea377068ef27)
(cherry picked from commit 58755c51d3252312d80cbcb97928d71199c2f5e1)
(cherry picked from commit c3f07e323e76856f1b42ea7b8c598ba3201c28a2)
(cherry picked from commit 9f756c1ad83cc81f7d892cd036d59a2b567b02dc)
(cherry picked from commit c75aea7a738ac7fb944c0695a4bfffc3985afaa9)
---
ArmPlatformPkg/ArmPlatformPkg.dec | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/ArmPlatformPkg/ArmPlatformPkg.dec b/ArmPlatformPkg/ArmPlatformPkg.dec
index 3a25ddcdc8..b2b58553c7 100644
--- a/ArmPlatformPkg/ArmPlatformPkg.dec
+++ b/ArmPlatformPkg/ArmPlatformPkg.dec
@@ -121,6 +121,13 @@
## If set, this will swap settings for HDLCD RED_SELECT and BLUE_SELECT registers
gArmPlatformTokenSpaceGuid.PcdArmHdLcdSwapBlueRedSelect|FALSE|BOOLEAN|0x00000045
+ #
+ # Early hello message (ASCII string), printed to the serial port.
+ # If set to the empty string, nothing is printed.
+ # Otherwise, a trailing CRLF should be specified explicitly.
+ #
+ gArmPlatformTokenSpaceGuid.PcdEarlyHelloMessage|""|VOID*|0x00000100
+
[PcdsFixedAtBuild.common,PcdsDynamic.common]
## PL031 RealTimeClock
gArmPlatformTokenSpaceGuid.PcdPL031RtcBase|0x0|UINT32|0x00000024
--
2.27.0

61
SOURCES/0016-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch Normal file
View File

@ -0,0 +1,61 @@
From 7478b17347f2119448467a0ce821a5c5f865a2c8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Date: Thu, 1 Jul 2021 20:29:16 +0200
Subject: [PATCH] ArmVirtPkg: Remove VirtioFsDxe filesystem driver (RHEL only)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-MergeRequest: 3: Disable features for RHEL9
RH-Commit: [10/19] 808ad4385c24fbf34fb0ba359808e6d364e1d030
RH-Bugzilla: 1967747
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
Remove the virtio-fs driver.
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
ArmVirtPkg/ArmVirtQemu.dsc | 1 -
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
ArmVirtPkg/ArmVirtQemuKernel.dsc | 1 -
3 files changed, 3 deletions(-)
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index fe7b7e1d64..f0946821c6 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -465,7 +465,6 @@
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
FatPkg/EnhancedFatDxe/Fat.inf
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
#
# Bds
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
index 9b3e37d5c9..a997063751 100644
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
@@ -84,7 +84,6 @@ READ_LOCK_STATUS = TRUE
INF FatPkg/EnhancedFatDxe/Fat.inf
INF MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
- INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
#
# Status Code Routing
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
index 4a43892f7d..8fa801dad6 100644
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
@@ -365,7 +365,6 @@
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
FatPkg/EnhancedFatDxe/Fat.inf
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
#
# Bds

145
SOURCES/0017-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch
View File

@ -1,145 +0,0 @@
From 8be1d7253ba8a7d30bb54835ef1fc866aa62e216 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 14 Oct 2015 13:59:20 +0200
Subject: ArmPlatformPkg: PrePeiCore: write early hello message to the serial
port (RH)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
- no change
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
- no change
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
- no change
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
RHEL-8.1/20190308-89910a39dcfd rebase:
- no change
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
- reorder the rebase changelog in the commit message so that it reads like
a blog: place more recent entries near the top
- no changes to the patch body
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
- adapt to upstream commit 7e2a8dfe8a9a ("ArmPlatformPkg/PrePeiCore: seed
temporary stack before entering PEI core", 2017-11-09) -- conflict
resolution in "ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf"
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
- no changes
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
- no changes
The FixedPcdGetSize() macro expands to an integer constant, therefore an
optimizing compiler can eliminate the new code, if the platform DSC
doesn't override the empty string (size=1) default of
PcdEarlyHelloMessage.
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1270279
Downstream only:
<http://thread.gmane.org/gmane.comp.bios.edk2.devel/2996/focus=3433>.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit b16c4c505ce0e27305235533eac9236aa66f132e)
(cherry picked from commit 742e5bf6d5ce5a1e73879d6e5c0dd00feda7a9ac)
(cherry picked from commit 93d69eb9393cf05af90676253875c59c1bec67fd)
(cherry picked from commit 638594083b191f84f5d9333eb6147a31570f5a5a)
(cherry picked from commit f4b7aae411d88b2b83f85d20ef06a4032a57e7de)
(cherry picked from commit bb71490fdda3b38fa9f071d281b863f9b64363bf)
(cherry picked from commit 8d5a8827aabc67cb2a046697e1a750ca8d9cc453)
(cherry picked from commit 49fe5596cd79c94d903c4d506c563d642ccd69aa)
---
ArmPlatformPkg/PrePeiCore/MainMPCore.c | 5 +++++
ArmPlatformPkg/PrePeiCore/MainUniCore.c | 5 +++++
ArmPlatformPkg/PrePeiCore/PrePeiCore.h | 1 +
ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf | 2 ++
ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf | 2 ++
5 files changed, 15 insertions(+)
diff --git a/ArmPlatformPkg/PrePeiCore/MainMPCore.c b/ArmPlatformPkg/PrePeiCore/MainMPCore.c
index 859f1adf20..cf9e65bb7c 100644
--- a/ArmPlatformPkg/PrePeiCore/MainMPCore.c
+++ b/ArmPlatformPkg/PrePeiCore/MainMPCore.c
@@ -111,6 +111,11 @@ PrimaryMain (
UINTN TemporaryRamBase;
UINTN TemporaryRamSize;
+ if (FixedPcdGetSize (PcdEarlyHelloMessage) > 1) {
+ SerialPortWrite (FixedPcdGetPtr (PcdEarlyHelloMessage),
+ FixedPcdGetSize (PcdEarlyHelloMessage) - 1);
+ }
+
CreatePpiList (&PpiListSize, &PpiList);
// Enable the GIC Distributor
diff --git a/ArmPlatformPkg/PrePeiCore/MainUniCore.c b/ArmPlatformPkg/PrePeiCore/MainUniCore.c
index 220f9b5680..158cc34c77 100644
--- a/ArmPlatformPkg/PrePeiCore/MainUniCore.c
+++ b/ArmPlatformPkg/PrePeiCore/MainUniCore.c
@@ -29,6 +29,11 @@ PrimaryMain (
UINTN TemporaryRamBase;
UINTN TemporaryRamSize;
+ if (FixedPcdGetSize (PcdEarlyHelloMessage) > 1) {
+ SerialPortWrite (FixedPcdGetPtr (PcdEarlyHelloMessage),
+ FixedPcdGetSize (PcdEarlyHelloMessage) - 1);
+ }
+
CreatePpiList (&PpiListSize, &PpiList);
// Adjust the Temporary Ram as the new Ppi List (Common + Platform Ppi Lists) is created at
diff --git a/ArmPlatformPkg/PrePeiCore/PrePeiCore.h b/ArmPlatformPkg/PrePeiCore/PrePeiCore.h
index 7b155a8a61..e9e283f9ec 100644
--- a/ArmPlatformPkg/PrePeiCore/PrePeiCore.h
+++ b/ArmPlatformPkg/PrePeiCore/PrePeiCore.h
@@ -15,6 +15,7 @@
#include <Library/DebugLib.h>
#include <Library/IoLib.h>
#include <Library/PcdLib.h>
+#include <Library/SerialPortLib.h>
#include <PiPei.h>
#include <Ppi/TemporaryRamSupport.h>
diff --git a/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf b/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf
index fb01dd1a11..a6681c1032 100644
--- a/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf
+++ b/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf
@@ -69,6 +69,8 @@
gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize
gArmPlatformTokenSpaceGuid.PcdCPUCoreSecondaryStackSize
+ gArmPlatformTokenSpaceGuid.PcdEarlyHelloMessage
+
gArmTokenSpaceGuid.PcdGicDistributorBase
gArmTokenSpaceGuid.PcdGicInterruptInterfaceBase
gArmTokenSpaceGuid.PcdGicSgiIntId
diff --git a/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf b/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf
index e9eb092d3a..c98dc82f0c 100644
--- a/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf
+++ b/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf
@@ -67,4 +67,6 @@
gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize
gArmPlatformTokenSpaceGuid.PcdCPUCoreSecondaryStackSize
+ gArmPlatformTokenSpaceGuid.PcdEarlyHelloMessage
+
gEfiMdeModulePkgTokenSpaceGuid.PcdInitValueInTempStack
--
2.27.0

126
SOURCES/0017-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch Normal file
View File

@ -0,0 +1,126 @@
From 42c144b94db706be6f01d5fb1537a35cc803daa8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Date: Thu, 1 Jul 2021 20:29:19 +0200
Subject: [PATCH] OvmfPkg: Remove UdfDxe filesystem driver (RHEL only)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-MergeRequest: 3: Disable features for RHEL9
RH-Commit: [11/19] 21614de37221fca27d4eec0f03c5c8bce5911af3
RH-Bugzilla: 1967747
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
Remove the UDF driver.
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 -
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 -
OvmfPkg/OvmfPkgIa32.dsc | 1 -
OvmfPkg/OvmfPkgIa32.fdf | 1 -
OvmfPkg/OvmfPkgIa32X64.dsc | 1 -
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
OvmfPkg/OvmfPkgX64.dsc | 1 -
OvmfPkg/OvmfPkgX64.fdf | 1 -
8 files changed, 8 deletions(-)
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 52b0d1062c..41953c119d 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -681,7 +681,6 @@
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
FatPkg/EnhancedFatDxe/Fat.inf
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
index 48cc3b00c1..2f03c80ffd 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
@@ -274,7 +274,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
INF FatPkg/EnhancedFatDxe/Fat.inf
-INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 12ed090eab..07176ad930 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -835,7 +835,6 @@
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
FatPkg/EnhancedFatDxe/Fat.inf
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
index bd69792100..97c808446e 100644
--- a/OvmfPkg/OvmfPkgIa32.fdf
+++ b/OvmfPkg/OvmfPkgIa32.fdf
@@ -295,7 +295,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
INF FatPkg/EnhancedFatDxe/Fat.inf
-INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 821423cfe2..ba7ed38412 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -853,7 +853,6 @@
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
FatPkg/EnhancedFatDxe/Fat.inf
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index 4011682faf..6351ce645b 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -296,7 +296,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
INF FatPkg/EnhancedFatDxe/Fat.inf
-INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index ea3f8d73bc..55f3315241 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -921,7 +921,6 @@
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
FatPkg/EnhancedFatDxe/Fat.inf
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index c53501679a..558a944f20 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -321,7 +321,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
INF FatPkg/EnhancedFatDxe/Fat.inf
-INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf

61
SOURCES/0018-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch Normal file
View File

@ -0,0 +1,61 @@
From 34b2ee906d0cce11a8156105777b6ecfaca5feba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Date: Thu, 1 Jul 2021 20:29:22 +0200
Subject: [PATCH] ArmVirtPkg: Remove UdfDxe filesystem driver (RHEL only)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-MergeRequest: 3: Disable features for RHEL9
RH-Commit: [12/19] fcadb6a747b65e4d449d48131c9a2eeed4bd3c9a
RH-Bugzilla: 1967747
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
Remove the UDF driver.
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
ArmVirtPkg/ArmVirtQemu.dsc | 1 -
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
ArmVirtPkg/ArmVirtQemuKernel.dsc | 1 -
3 files changed, 3 deletions(-)
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index f0946821c6..68ad5877ee 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -464,7 +464,6 @@
MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
FatPkg/EnhancedFatDxe/Fat.inf
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
#
# Bds
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
index a997063751..dcb1b793d1 100644
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
@@ -83,7 +83,6 @@ READ_LOCK_STATUS = TRUE
INF MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
INF FatPkg/EnhancedFatDxe/Fat.inf
INF MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
- INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
#
# Status Code Routing
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
index 8fa801dad6..87e54e682a 100644
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
@@ -364,7 +364,6 @@
MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
FatPkg/EnhancedFatDxe/Fat.inf
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
#
# Bds

82
SOURCES/0018-ArmVirtPkg-set-early-hello-message-RH-only.patch
View File

@ -1,82 +0,0 @@
From 12873d08db00e113ef28eb4552f478cd4ffb3393 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 14 Oct 2015 14:07:17 +0200
Subject: ArmVirtPkg: set early hello message (RH only)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
- no change
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
- context difference from upstream commit f5cb3767038e
("ArmVirtPkg/ArmVirtQemu: add ResetSystem PEIM for upcoming TPM2
support", 2020-03-04) automatically resolved correctly
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
- no change
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
RHEL-8.1/20190308-89910a39dcfd rebase:
- resolve context conflict with upstream commit eaa1e98ae31d ("ArmVirtPkg:
don't set PcdCoreCount", 2019-02-13)
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
- reorder the rebase changelog in the commit message so that it reads like
a blog: place more recent entries near the top
- no changes to the patch body
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
- no changes
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
- no changes
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
- no changes
Print a friendly banner on QEMU, regardless of debug mask settings.
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1270279
Downstream only:
<http://thread.gmane.org/gmane.comp.bios.edk2.devel/2996/focus=3433>.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 5d4a15b9019728b2d96322bc679099da49916925)
(cherry picked from commit 179df76dbb0d199bd905236e98775b4059c6502a)
(cherry picked from commit ce3f59d0710c24c162d5222bbf5cd7e36180c80c)
(cherry picked from commit c201a8e6ae28d75f7ba581828b533c3b26fa7f18)
(cherry picked from commit 2d4db6ec70e004cd9ac147615d17033bee5d3b18)
(cherry picked from commit fb2032bbea7e02c426855cf86a323556d493fd8a)
(cherry picked from commit ba73b99d5cb38f87c1a8f0936d515eaaefa3f04b)
(cherry picked from commit 72550e12ae469012a505bf5b98a6543a754028d3)
---
ArmVirtPkg/ArmVirtQemu.dsc | 1 +
1 file changed, 1 insertion(+)
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index e0476ede4f..ec0edf6e7b 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -134,6 +134,7 @@
gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE)
[PcdsFixedAtBuild.common]
+ gArmPlatformTokenSpaceGuid.PcdEarlyHelloMessage|"UEFI firmware starting.\r\n"
!if $(ARCH) == AARCH64
gArmTokenSpaceGuid.PcdVFPEnabled|1
!endif
--
2.27.0

109
SOURCES/0019-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch Normal file
View File

@ -0,0 +1,109 @@
From aac73e5f62e2305e6578c9b22ae557741bf6532a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Date: Thu, 1 Jul 2021 20:29:25 +0200
Subject: [PATCH] OvmfPkg: Remove TftpDynamicCommand from shell (RHEL only)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-MergeRequest: 3: Disable features for RHEL9
RH-Commit: [13/19] cf9ef346386ac89fa05b29d429d8d1b27cf0e3b0
RH-Bugzilla: 1967747
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
Remove the command to download files in the shell via TFTP.
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
OvmfPkg/OvmfPkgIa32.dsc | 4 ----
OvmfPkg/OvmfPkgIa32.fdf | 1 -
OvmfPkg/OvmfPkgIa32X64.dsc | 4 ----
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
OvmfPkg/OvmfPkgX64.dsc | 4 ----
OvmfPkg/OvmfPkgX64.fdf | 1 -
6 files changed, 15 deletions(-)
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 07176ad930..0183511722 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -913,10 +913,6 @@
!endif
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
- ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf {
- <PcdsFixedAtBuild>
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
- }
ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
<PcdsFixedAtBuild>
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
index 97c808446e..cb95c842fa 100644
--- a/OvmfPkg/OvmfPkgIa32.fdf
+++ b/OvmfPkg/OvmfPkgIa32.fdf
@@ -297,7 +297,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
-INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index ba7ed38412..66554b42ed 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -931,10 +931,6 @@
!endif
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
- ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf {
- <PcdsFixedAtBuild>
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
- }
ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
<PcdsFixedAtBuild>
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index 6351ce645b..592f0fed82 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -298,7 +298,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
-INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 55f3315241..6d1d2bd39b 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -999,10 +999,6 @@
!endif
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
- ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf {
- <PcdsFixedAtBuild>
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
- }
ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
<PcdsFixedAtBuild>
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index 558a944f20..70556f8ace 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -323,7 +323,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
-INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif

54
SOURCES/0020-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch Normal file
View File

@ -0,0 +1,54 @@
From a3493c0945f733e395ea7444f1639a42f8a717f0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Date: Thu, 1 Jul 2021 20:29:28 +0200
Subject: [PATCH] ArmVirtPkg: Remove TftpDynamicCommand from shell (RHEL only)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-MergeRequest: 3: Disable features for RHEL9
RH-Commit: [14/19] 12436014941bd4a7c99a26d779ebdcd75f169403
RH-Bugzilla: 1967747
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
Remove the command to download files in the shell via TFTP.
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
ArmVirtPkg/ArmVirt.dsc.inc | 7 +++----
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
2 files changed, 3 insertions(+), 5 deletions(-)
diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
index fe6488ee99..5677bad717 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -385,10 +385,9 @@
#
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
- ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf {
- <PcdsFixedAtBuild>
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
- }
+ #
+ # UEFI application (Shell Embedded Boot Loader)
+ #
ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
<PcdsFixedAtBuild>
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
index dcb1b793d1..b1c3fcc66d 100644
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
@@ -99,7 +99,6 @@ READ_LOCK_STATUS = TRUE
INF OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
INF ShellPkg/Application/Shell/Shell.inf
- INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
INF ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf

113
SOURCES/0021-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch Normal file
View File

@ -0,0 +1,113 @@
From 873a03ce289c988d822f1bb420c1e9a0eef5ca56 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Date: Thu, 1 Jul 2021 20:29:31 +0200
Subject: [PATCH] OvmfPkg: Remove HttpDynamicCommand from shell (RHEL only)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Rebase to edk2-stable202311:
Minor update, context change due to new variable policy shell command.
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-MergeRequest: 3: Disable features for RHEL9
RH-Commit: [15/19] 1911cf04f27467ef1175b1976864c1111d93d19e
RH-Bugzilla: 1967747
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
Remove the command to download files in the shell via HTTP(S).
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
OvmfPkg/OvmfPkgIa32.dsc | 4 ----
OvmfPkg/OvmfPkgIa32.fdf | 1 -
OvmfPkg/OvmfPkgIa32X64.dsc | 4 ----
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
OvmfPkg/OvmfPkgX64.dsc | 4 ----
OvmfPkg/OvmfPkgX64.fdf | 1 -
6 files changed, 15 deletions(-)
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 0183511722..970ffbad82 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -913,10 +913,6 @@
!endif
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
- ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
- <PcdsFixedAtBuild>
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
- }
ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf {
<PcdsFixedAtBuild>
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
index cb95c842fa..891e0e06ef 100644
--- a/OvmfPkg/OvmfPkgIa32.fdf
+++ b/OvmfPkg/OvmfPkgIa32.fdf
@@ -297,7 +297,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
-INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif
!if $(BUILD_SHELL) == TRUE
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 66554b42ed..3127e3d18d 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -931,10 +931,6 @@
!endif
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
- ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
- <PcdsFixedAtBuild>
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
- }
ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf {
<PcdsFixedAtBuild>
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index 592f0fed82..61a827b365 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -298,7 +298,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
-INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif
!if $(BUILD_SHELL) == TRUE
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 6d1d2bd39b..6f078b5b27 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -999,10 +999,6 @@
!endif
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
- ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
- <PcdsFixedAtBuild>
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
- }
ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf {
<PcdsFixedAtBuild>
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index 70556f8ace..d2e1c2894f 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -323,7 +323,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
-INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif
!if $(BUILD_SHELL) == TRUE

55
SOURCES/0022-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch Normal file
View File

@ -0,0 +1,55 @@
From 4b212f0b5f5d2dbe595e53bc0b553abb90ee288a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Date: Thu, 1 Jul 2021 20:29:34 +0200
Subject: [PATCH] ArmVirtPkg: Remove HttpDynamicCommand from shell (RHEL only)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Rebase to edk2-stable202311:
Minor update, context change due to new variable policy shell command.
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-MergeRequest: 3: Disable features for RHEL9
RH-Commit: [16/19] 07a74f1fdcdbb9a31d25ce9760edcd852e9574c3
RH-Bugzilla: 1967747
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
Remove the command to download files in the shell via HTTP(S).
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
ArmVirtPkg/ArmVirt.dsc.inc | 4 ----
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
2 files changed, 5 deletions(-)
diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
index 5677bad717..d4c001e1bd 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -388,10 +388,6 @@
#
# UEFI application (Shell Embedded Boot Loader)
#
- ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
- <PcdsFixedAtBuild>
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
- }
ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf {
<PcdsFixedAtBuild>
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
index b1c3fcc66d..8153558686 100644
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
@@ -99,7 +99,6 @@ READ_LOCK_STATUS = TRUE
INF OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
INF ShellPkg/Application/Shell/Shell.inf
- INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
INF ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf

315
SOURCES/0023-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch Normal file
View File

@ -0,0 +1,315 @@
From 3635ecb975af26d0d4886b862f8cf812b891eb37 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Date: Thu, 1 Jul 2021 20:29:39 +0200
Subject: [PATCH] OvmfPkg: Remove LinuxInitrdDynamicShellCommand (RHEL only)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Rebase to edk2-stable202311:
Minor update, context change due to new variable policy shell command.
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-MergeRequest: 3: Disable features for RHEL9
RH-Commit: [17/19] 491fe1301ea29c7cb56c20272e45614d5fcb6f14
RH-Bugzilla: 1967747
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
Remove the command to register a file in the shell as the
initial ramdisk for a UEFI stubbed kernel, to be booted next.
Note: as further dynamic shell commands might show up upstream,
we intentionally preserve the empty !ifdef'ry context to ease
future downstream rebases.
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
OvmfPkg/AmdSev/AmdSevX64.dsc | 4 ----
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 -
OvmfPkg/OvmfPkgIa32.dsc | 32 ++++++++++++++------------------
OvmfPkg/OvmfPkgIa32.fdf | 1 -
OvmfPkg/OvmfPkgIa32X64.dsc | 32 ++++++++++++++------------------
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
OvmfPkg/OvmfPkgX64.dsc | 32 ++++++++++++++------------------
OvmfPkg/OvmfPkgX64.fdf | 1 -
8 files changed, 42 insertions(+), 62 deletions(-)
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 41953c119d..7bb6ffb3f0 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -740,10 +740,6 @@
MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
- OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
- <PcdsFixedAtBuild>
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
- }
!endif
OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
OvmfPkg/AmdSev/Grub/Grub.inf
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
index 2f03c80ffd..0e3d7bea2b 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
@@ -276,7 +276,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
-INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif
INF OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
INF OvmfPkg/AmdSev/Grub/Grub.inf
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 970ffbad82..83adecc374 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -537,7 +537,7 @@
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
# // significantly impact boot performance
# DEBUG_ERROR 0x80000000 // Error
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
!if $(SOURCE_DEBUG_ENABLE) == TRUE
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
@@ -604,7 +604,7 @@
# ($(SMM_REQUIRE) == FALSE)
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
- gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
!if $(SMM_REQUIRE) == FALSE
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
@@ -840,25 +840,25 @@
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
- <PcdsFixedAtBuild>
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
- }
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
!ifndef $(CSM_ENABLE)
- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
- <PcdsFixedAtBuild>
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
- }
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
!endif
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
- <PcdsFixedAtBuild>
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
- }
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
#
# ISA Support
@@ -917,10 +917,6 @@
<PcdsFixedAtBuild>
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
}
- OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
- <PcdsFixedAtBuild>
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
- }
!endif
!if $(BUILD_SHELL) == TRUE
ShellPkg/Application/Shell/Shell.inf {
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
index 891e0e06ef..88c57ff5ff 100644
--- a/OvmfPkg/OvmfPkgIa32.fdf
+++ b/OvmfPkg/OvmfPkgIa32.fdf
@@ -297,7 +297,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
-INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif
!if $(BUILD_SHELL) == TRUE
INF ShellPkg/Application/Shell/Shell.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 3127e3d18d..b47cdf63e7 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -544,7 +544,7 @@
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
# // significantly impact boot performance
# DEBUG_ERROR 0x80000000 // Error
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
!if $(SOURCE_DEBUG_ENABLE) == TRUE
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
@@ -616,7 +616,7 @@
# ($(SMM_REQUIRE) == FALSE)
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
- gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
!if $(SMM_REQUIRE) == FALSE
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
@@ -858,25 +858,25 @@
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
- <PcdsFixedAtBuild>
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
- }
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
!ifndef $(CSM_ENABLE)
- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
- <PcdsFixedAtBuild>
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
- }
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
!endif
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
- <PcdsFixedAtBuild>
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
- }
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
#
# ISA Support
@@ -935,10 +935,6 @@
<PcdsFixedAtBuild>
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
}
- OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
- <PcdsFixedAtBuild>
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
- }
!endif
!if $(BUILD_SHELL) == TRUE
ShellPkg/Application/Shell/Shell.inf {
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index 61a827b365..ab5a9bc306 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -298,7 +298,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
-INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif
!if $(BUILD_SHELL) == TRUE
INF ShellPkg/Application/Shell/Shell.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 6f078b5b27..be3824ec1e 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -563,7 +563,7 @@
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
# // significantly impact boot performance
# DEBUG_ERROR 0x80000000 // Error
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
!if $(SOURCE_DEBUG_ENABLE) == TRUE
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
@@ -634,7 +634,7 @@
# ($(SMM_REQUIRE) == FALSE)
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
- gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
!if $(SMM_REQUIRE) == FALSE
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
@@ -926,25 +926,25 @@
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
- <PcdsFixedAtBuild>
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
- }
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
!ifndef $(CSM_ENABLE)
- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
- <PcdsFixedAtBuild>
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
- }
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
!endif
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
- <PcdsFixedAtBuild>
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
- }
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+ }
#
# ISA Support
@@ -1003,10 +1003,6 @@
<PcdsFixedAtBuild>
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
}
- OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
- <PcdsFixedAtBuild>
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
- }
!endif
!if $(BUILD_SHELL) == TRUE
ShellPkg/Application/Shell/Shell.inf {
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index d2e1c2894f..851399888f 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -323,7 +323,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
-INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif
!if $(BUILD_SHELL) == TRUE
INF ShellPkg/Application/Shell/Shell.inf

66
SOURCES/0024-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch Normal file
View File

@ -0,0 +1,66 @@
From b91bdc055499a46d825b3c6a2613de5c77e3a66d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Date: Thu, 1 Jul 2021 20:29:46 +0200
Subject: [PATCH] ArmVirtPkg: Remove LinuxInitrdDynamicShellCommand (RHEL only)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Rebase to edk2-stable202311:
Minor update, context change due to new variable policy shell command.
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-MergeRequest: 3: Disable features for RHEL9
RH-Commit: [18/19] 8f4e4007108462533e3d2050b84d8830073a7c0d
RH-Bugzilla: 1967747
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
Remove the command to register a file in the shell as the initial
ramdisk for a UEFI stubbed kernel, to be booted next.
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
ArmVirtPkg/ArmVirt.dsc.inc | 10 +++-------
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
2 files changed, 3 insertions(+), 8 deletions(-)
diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
index d4c001e1bd..fee6e5b17f 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -385,17 +385,13 @@
#
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
- #
- # UEFI application (Shell Embedded Boot Loader)
- #
+ #
+ # UEFI application (Shell Embedded Boot Loader)
+ #
ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf {
<PcdsFixedAtBuild>
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
}
- OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
- <PcdsFixedAtBuild>
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
- }
ShellPkg/Application/Shell/Shell.inf {
<LibraryClasses>
ShellCommandLib|ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.inf
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
index 8153558686..4cd53995d2 100644
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
@@ -100,7 +100,6 @@ READ_LOCK_STATUS = TRUE
INF ShellPkg/Application/Shell/Shell.inf
INF ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf
- INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
#
# Bds

179
SOURCES/0024-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch
View File

@ -1,179 +0,0 @@
From e0b349962f12a500afa449900a81440a96ca21f4 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Sat, 16 Nov 2019 17:11:27 +0100
Subject: CryptoPkg/OpensslLib: list RHEL8-specific OpenSSL files in the INFs
(RH)
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
- Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1938257
- Recreate the patch based on downstream commits:
- 56c4bb81b311 ("CryptoPkg/OpensslLib: list RHEL8-specific OpenSSL files
in the INFs (RH)", 2020-06-05),
- e81751a1c303 ("CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1g",
2020-11-23),
- 3e3fe5e62079 ("redhat: bump OpenSSL dist-git submodule to 1.1.1g+ /
RHEL-8.4", 2020-11-23).
(1) At e81751a1c303, downstream edk2 was in sync with upstream edk2
consuming OpenSSL 1.1.1g (upstream edk2 commit 8c30327debb2
("CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1g", 2020-07-25)).
Since commit 8c30327debb2, upstream edk2 modified the OpensslLib INF
files, namely
- CryptoPkg/Library/OpensslLib/OpensslLib.inf
- CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
in the following commits only:
- be01087e0780 ("CryptoPkg/Library: Remove the redundant build
option", 2020-08-12), which did not affect the source file list at
all,
- b5701a4c7a0f ("CryptoPkg: OpensslLib: Use RngLib to generate
entropy in rand_pool", 2020-09-18), which replaced some of the
*edk2-specific* "rand_pool_noise" source files with an RngLib
dependency.
This means that the list of required, actual OpenSSL source files
has not changed in upstream edk2 since our downstream edk2 commit
e81751a1c303.
(2) At commit 3e3fe5e62079 (the direct child of e81751a1c303),
downstream edk2's OpenSSL dependency was satisfied with RHEL-8
OpenSSL at dist-git commit bdd048e929dc ("Two fixes that will be
shipped in RHEL-8.3.0.z", 2020-10-23).
Since commit bdd048e929dc, RHEL-8 OpenSSL dist-git advanced
(fast-forwarded) to commit a75722161d20 ("Update to version 1.1.1k",
2021-05-25), which is the current head of the rhel-8.5.0 branch.
(See also <https://bugzilla.redhat.com/show_bug.cgi?id=1938257#c6>.)
At both dist-git bdd048e929dc and dist-git a75722161d20, I built the
respective RHEL-8 OpenSSL *source* RPM, and prepped the respective
source tree, with "rpmbuild -bp". Subsequently I compared the
prepped source trees recursively.
- The following files disappeared:
- 29 backup files created by "patch",
- the assembly generator perl script called
"ecp_nistz256-avx2.pl", which is not used during the build.
- The following new files appeared:
- 18 files directly or indirectly under the "test" subdirectory,
which are not used during the build,
- 5 backup files created by "patch",
- 2 DCL scripts used when building OpenSSL on OpenVMS.
This means that the total list of RHEL-8 OpenSSL source files has
not changed in RHEL-8 OpenSSL dist-git since our downstream edk2
commit 3e3fe5e62079.
As a result, copy the "RHEL8-specific OpenSSL file list" sections
verbatim from the INF files, at downstream commit e81751a1c303. (I used
the "git checkout -p e81751a1c303 -- Library/OpensslLib/OpensslLib.inf
CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf" command.)
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
- "OpensslLib.inf":
- Automatic leading context refresh against upstream commit c72ca4666886
("CryptoPkg/OpensslLib: Add "sort" keyword to header file parsing
loop", 2020-03-10).
- Manual trailing context refresh against upstream commit b49a6c8f80d9
("CryptoPkg/OpensslLib: improve INF file consistency", 2019-12-02).
- "OpensslLibCrypto.inf":
- Automatic leading context refresh against upstream commits
8906f076de35 ("CryptoPkg/OpensslLib: Add missing header files in INF
file", 2019-08-16) and 9f4fbd56d430 ("CryptoPkg/OpensslLib: Update
process_files.pl to generate .h files", 2019-10-30).
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
- new patch
The downstream changes in RHEL8's OpenSSL package, for example in
"openssl-1.1.1-evp-kdf.patch", introduce new files, and even move some
preexistent code into those new files. In order to avoid undefined
references in link editing, we have to list the new files.
Note: "process_files.pl" is not re-run at this time manually, because
(a) "process_files.pl" would pollute the file list (and some of the
auto-generated header files) with RHEL8-specific FIPS artifacts, which
are explicitly unwanted in edk2,
(b) The RHEL OpenSSL maintainer, Tomas Mraz, identified this specific set
of files in <https://bugzilla.redhat.com/show_bug.cgi?id=1749693#c10>,
and will help with future changes too.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 57bd3f146590df8757865d8f2cdd1db3cf3f4d40)
(cherry picked from commit 56c4bb81b311dfcee6a34c81d3e4feeda7f88995)
---
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 11 +++++++++++
CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 11 +++++++++++
2 files changed, 22 insertions(+)
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index d84bde056a..19913a4ac6 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -570,6 +570,17 @@
$(OPENSSL_PATH)/ssl/statem/statem.h
$(OPENSSL_PATH)/ssl/statem/statem_local.h
# Autogenerated files list ends here
+# RHEL8-specific OpenSSL file list starts here
+ $(OPENSSL_PATH)/crypto/evp/kdf_lib.c
+ $(OPENSSL_PATH)/crypto/evp/pkey_kdf.c
+ $(OPENSSL_PATH)/crypto/kdf/kbkdf.c
+ $(OPENSSL_PATH)/crypto/kdf/kdf_local.h
+ $(OPENSSL_PATH)/crypto/kdf/kdf_util.c
+ $(OPENSSL_PATH)/crypto/kdf/krb5kdf.c
+ $(OPENSSL_PATH)/crypto/kdf/pbkdf2.c
+ $(OPENSSL_PATH)/crypto/kdf/sshkdf.c
+ $(OPENSSL_PATH)/crypto/kdf/sskdf.c
+# RHEL8-specific OpenSSL file list ends here
buildinf.h
ossl_store.c
rand_pool.c
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index cdeed0d073..5057857e8d 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -519,6 +519,17 @@
$(OPENSSL_PATH)/crypto/x509v3/standard_exts.h
$(OPENSSL_PATH)/crypto/x509v3/v3_admis.h
# Autogenerated files list ends here
+# RHEL8-specific OpenSSL file list starts here
+ $(OPENSSL_PATH)/crypto/evp/kdf_lib.c
+ $(OPENSSL_PATH)/crypto/evp/pkey_kdf.c
+ $(OPENSSL_PATH)/crypto/kdf/kbkdf.c
+ $(OPENSSL_PATH)/crypto/kdf/kdf_local.h
+ $(OPENSSL_PATH)/crypto/kdf/kdf_util.c
+ $(OPENSSL_PATH)/crypto/kdf/krb5kdf.c
+ $(OPENSSL_PATH)/crypto/kdf/pbkdf2.c
+ $(OPENSSL_PATH)/crypto/kdf/sshkdf.c
+ $(OPENSSL_PATH)/crypto/kdf/sskdf.c
+# RHEL8-specific OpenSSL file list ends here
buildinf.h
ossl_store.c
rand_pool.c
--
2.27.0

28
SOURCES/edk2-UefiCpuPkg-MpInitLib-fix-apic-mode-for-cpu-hotplug.patch → SOURCES/0025-UefiCpuPkg-MpInitLib-fix-apic-mode-for-cpu-hotplug.patch
View File

@ -1,28 +1,31 @@
From c32f4994552ea5835cf00ce06f2f7d88c71249e5 Mon Sep 17 00:00:00 2001
From 41089770963055b4bc9662ba4204d8ee7907fbcd Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 28 Feb 2023 15:47:00 +0100
Subject: [PATCH] UefiCpuPkg/MpInitLib: fix apic mode for cpu hotplug
RH-Author: Miroslav Rezanina <mrezanin@redhat.com>
RH-MergeRequest: 29: UefiCpuPkg/MpInitLib: fix apic mode for cpu hotplug
RH-Bugzilla: 2150267
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Acked-by: Jon Maloy <jmaloy@redhat.com>
RH-Commit: [1/1] e7e332ac0e6edf207b1b9692f2e1aed4a1fe7c0c
RH-Author: Gerd Hoffmann <kraxel@redhat.com>
RH-MergeRequest: 42: UefiCpuPkg/MpInitLib: fix apic mode for cpu hotplug
RH-Bugzilla: 2124143
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [1/1] 5168501c31541a57aaeb3b3bd7c3602205eb7cdf (kraxel/centos-edk2)
In case the number of CPUs can in increase beyond 255
due to CPU hotplug choose x2apic mode.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
patch_name: edk2-UefiCpuPkg-MpInitLib-fix-apic-mode-for-cpu-hotplug.patch
present_in_specfile: true
location_in_specfile: 38
---
UefiCpuPkg/Library/MpInitLib/MpLib.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpInitLib/MpLib.c
index b9a06747ed..177d15ab5b 100644
index 9a6ec5db5c..14ecc62f2b 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c
@@ -495,7 +495,9 @@ CollectProcessorCount (
@@ -527,7 +527,9 @@ CollectProcessorCount (
//
// Enable x2APIC mode if
// 1. Number of CPU is greater than 255; or
@ -33,7 +36,7 @@ index b9a06747ed..177d15ab5b 100644
//
X2Apic = FALSE;
if (CpuMpData->CpuCount > 255) {
@@ -503,6 +505,10 @@ CollectProcessorCount (
@@ -535,6 +537,10 @@ CollectProcessorCount (
// If there are more than 255 processor found, force to enable X2APIC
//
X2Apic = TRUE;
@ -42,8 +45,5 @@ index b9a06747ed..177d15ab5b 100644
+ {
+ X2Apic = TRUE;
} else {
CpuInfoInHob = (CPU_INFO_IN_HOB *) (UINTN) CpuMpData->CpuInfoInHob;
CpuInfoInHob = (CPU_INFO_IN_HOB *)(UINTN)CpuMpData->CpuInfoInHob;
for (Index = 0; Index < CpuMpData->CpuCount; Index++) {
--
2.37.3

121
SOURCES/0026-OvmfPkg-AmdSevDxe-Shim-Reboot-workaround-RHEL-only.patch Normal file
View File

@ -0,0 +1,121 @@
From 5870362631ee204936f495b8e60eb2611bb05c3b Mon Sep 17 00:00:00 2001
From: Oliver Steffen <osteffen@redhat.com>
Date: Wed, 16 Aug 2023 12:09:40 +0200
Subject: [PATCH] OvmfPkg/AmdSevDxe: Shim Reboot workaround (RHEL only)
RH-Author: Oliver Steffen <osteffen@redhat.com>
RH-MergeRequest: 46: OvmfPkg/AmdSevDxe: Shim Reboot workaround (RHEL only)
RH-Bugzilla: 2218196
RH-Acked-by: Gerd Hoffmann <None>
RH-Commit: [1/1] 9bf3bb989e36253aa34bf82ecfe8faa7312e8d22 (osteffen/edk2)
Add a callback at the end of the Dxe phase that sets the
"FB_NO_REBOOT" variable under the Shim GUID.
This is a workaround for a boot loop in case a confidential
guest that uses shim is booted with a vtpm device present.
BZ 2218196
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
patch_name: edk2-OvmfPkg-AmdSevDxe-Shim-Reboot-workaround-RHEL-only.patch
present_in_specfile: true
location_in_specfile: 44
---
OvmfPkg/AmdSevDxe/AmdSevDxe.c | 42 +++++++++++++++++++++++++++++++++
OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 2 ++
2 files changed, 44 insertions(+)
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
index db3675ae86..f639c093a2 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
@@ -19,6 +19,7 @@
#include <Library/MemoryAllocationLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Guid/ConfidentialComputingSevSnpBlob.h>
+#include <Guid/GlobalVariable.h>
#include <Library/PcdLib.h>
#include <Pi/PrePiDxeCis.h>
#include <Protocol/SevMemoryAcceptance.h>
@@ -28,6 +29,10 @@
// Present, initialized, tested bits defined in MdeModulePkg/Core/Dxe/DxeMain.h
#define EFI_MEMORY_INTERNAL_MASK 0x0700000000000000ULL
+static EFI_GUID ShimLockGuid = {
+ 0x605dab50, 0xe046, 0x4300, { 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23 }
+};
+
STATIC
EFI_STATUS
AllocateConfidentialComputingBlob (
@@ -191,6 +196,32 @@ STATIC EDKII_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol = {
AmdSevMemoryAccept
};
+VOID
+EFIAPI
+PopulateVarstore (
+ EFI_EVENT Event,
+ VOID *Context
+ )
+{
+ EFI_SYSTEM_TABLE *SystemTable = (EFI_SYSTEM_TABLE *)Context;
+ EFI_STATUS Status;
+
+ DEBUG ((DEBUG_INFO, "Populating Varstore\n"));
+ UINT32 data = 1;
+
+ Status = SystemTable->RuntimeServices->SetVariable (
+ L"FB_NO_REBOOT",
+ &ShimLockGuid,
+ EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+ sizeof (data),
+ &data
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ Status = SystemTable->BootServices->CloseEvent (Event);
+ ASSERT_EFI_ERROR (Status);
+}
+
EFI_STATUS
EFIAPI
AmdSevDxeEntryPoint (
@@ -203,6 +234,7 @@ AmdSevDxeEntryPoint (
UINTN NumEntries;
UINTN Index;
CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION *SnpBootDxeTable;
+ EFI_EVENT PopulateVarstoreEvent;
//
// Do nothing when SEV is not enabled
@@ -361,5 +393,15 @@ AmdSevDxeEntryPoint (
);
}
+ Status = gBS->CreateEventEx (
+ EVT_NOTIFY_SIGNAL,
+ TPL_CALLBACK,
+ PopulateVarstore,
+ SystemTable,
+ &gEfiEndOfDxeEventGroupGuid,
+ &PopulateVarstoreEvent
+ );
+ ASSERT_EFI_ERROR (Status);
+
return EFI_SUCCESS;
}
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
index e7c7d526c9..09cbd2b0ca 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
@@ -54,6 +54,8 @@
[Guids]
gConfidentialComputingSevSnpBlobGuid
gEfiEventBeforeExitBootServicesGuid
+ gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event
+
[Pcd]
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId

85
SOURCES/0027-recreate-import-.distro-directory.patch Normal file
View File

@ -0,0 +1,85 @@
From 771ce5bae1eb03240b04dde05a7a40dcec3c8a10 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 11 Jun 2014 20:45:26 +0200
Subject: [PATCH] recreate / import ".distro/" directory
This patch now unites the following downstream commits:
- 18bd1193e7 .distro: simplify WORKSPACE setup
- b00f3398c8 fix tpm build options
- e032ab1675 spec: Centralize non-firmware %install files at the top
- 8501863acc spec: Don't put build output in the top directory
- e6ec0363d3 spec: Factor out OVMF_FLAGS and OVMF_SB_FLAGS
- 596f34c8b6 spec: Use %make_build macro
- 55169e466d spec: Replace RPM_BUILD_ROOT with %{buildroot}
- 69c4c60920 spec: Split out build_iso() function
- ed67da8c85 spec: Add %{qosb_testing} macro
- 44519f5b94 spec: Move %check to between %install and %files
- b37b334dc7 spec: Remove extra 'true' at end of %check
- dd11149c3a spec: Add %{qemu_package} and %{qemu_binary}
- 0f5d4ae0d5 spec: Move -D TPM_ENABLE to common CC_FLAGS
- 84b3fd93f9 spec: Replace ifarch+else conditionals with build_XXX variables
- e97f79e744 spec: Use %autosetup with our required git config options
- 45a347a759 spec: don't conditionalize %package definitions
- acfcfaea1e spec: Add BuildRequires: make
- d917a93f6f spec: remove Group: and %defattr
- f2d3be3ae3 redhat: build UefiShell.iso with xorriso rather than genisoimage
- 3fb4a20f30 redhat: narrow the "qemu-kvm" BuildRequires down to "qemu-kvm-core"
- bfb89c4ae5 redhat: drop Split tool from the edk2-tools subpackage
- ac8be2e0ef redhat: refresh "Makefile.common" for the 8.5 rebase
- 2bd2d18864 redhat: filter out jansson submodule removal hunks
- f13d7899ed recreate / import "redhat/" directory
Merged patches (edk2-stable202202):
- 1a7b1c3b72 spec: adapt specfile to build option changes, disable tpm1
- 96eb388be3 spec: build amdsev variant
- ea34352d41 redhat: bump OpenSSL dist-git submodule to a75722161d20 / RHEL-8.5
Merged patches (edk2-stable202208):
- a60bf3fd10 Adding support for CentOS 9 build
- d3f25d438c OvmfPkg: Update target machines config
- d63f783930 openssl: jump to 8.7.0 branch (2022-07-22)
- 39882ce96d qemu-ovmf-secureboot: Do not use submodule
- 283ef4a67d ovmf-vars-generator: Use max cpu
- b6887ef7e1 Update build target to RHEL 9.2.0
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
Merged patches (edk2-stable202305):
- 5eef16bd65 remove amd-sev feature flag from secure boot builds (rh only)
- cc9e1b6eaa build script update
- 046c1f08e6 PcdDxeNxMemoryProtectionPolicy update
- b9dc1b5365 add aarch64 qcow2 images
- f4e2d6bf41 update json files
- be03b42128 add libvirt version conflict
- dce699b61d add dbx update blob (rh only)
- d8b2407343 spec: apply dbx update (rh only)
- a8a5ef95b5 dbx update, 2023-05-09, black lotus edition
- 310e179053 json descriptors: explicitly set mode = split
- additionally
- update frh.py, add new upstream submodules
- replace egrep with grep -E and fgrep with grep -F in downstream
scripts
- remove git commit sha from package version string
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
Rebase to edk2-stable202311: squash commits:
- 5b833f0c8d Update TargetRelease to support 9.4.0
- 20024b4cbe Use fixed length for short hash for Makefile
- 8618f7367e Updated TargetRelease content to support 9.4.0 only.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
sources | 1 +
1 file changed, 1 insertion(+)
create mode 100644 sources
diff --git a/sources b/sources
new file mode 100644
index 0000000000..ea8c8ad50b
--- /dev/null
+++ b/sources
@@ -0,0 +1 @@
+SHA512 (edk2-ba91d0292e.tar.xz) = 3b21cc39671d28bfeb059da3683751cc5277c63a894b2a05bdfbd2bbe53545c34f04c229becf44f1563f89a738f37ae8f2333076d126a7e94d234bc4bb25454c

27
SOURCES/0028-distro-apply-git-diff-c9s-new_c9s-by-mirek.patch Normal file
View File

@ -0,0 +1,27 @@
From c0347206c55c9d4d69b46725e9edbb21448f7494 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 28 Nov 2023 12:11:55 +0100
Subject: [PATCH] distro: apply 'git diff c9s new_c9s' by mirek
Bring .distro toi latest standards for more automatic support.
---
CryptoPkg/.gitignore | 1 -
sources | 1 -
2 files changed, 2 deletions(-)
delete mode 100644 CryptoPkg/.gitignore
delete mode 100644 sources
diff --git a/CryptoPkg/.gitignore b/CryptoPkg/.gitignore
deleted file mode 100644
index 68b83272b7..0000000000
--- a/CryptoPkg/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-Library/OpensslLib/openssl*/
diff --git a/sources b/sources
deleted file mode 100644
index ea8c8ad50b..0000000000
--- a/sources
+++ /dev/null
@@ -1 +0,0 @@
-SHA512 (edk2-ba91d0292e.tar.xz) = 3b21cc39671d28bfeb059da3683751cc5277c63a894b2a05bdfbd2bbe53545c34f04c229becf44f1563f89a738f37ae8f2333076d126a7e94d234bc4bb25454c

28
SOURCES/0029-CryptoPkg-CrtLib-add-stat.h-include-file.patch Normal file
View File

@ -0,0 +1,28 @@
From 192cc2b49dbccc59f5731e2abc120bed3e06cc32 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Mon, 28 Aug 2023 13:11:02 +0200
Subject: [PATCH] CryptoPkg/CrtLib: add stat.h include file.
Needed by rhel downstream openssl patches.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
CryptoPkg/Library/Include/sys/stat.h | 9 +++++++++
1 file changed, 9 insertions(+)
create mode 100644 CryptoPkg/Library/Include/sys/stat.h
diff --git a/CryptoPkg/Library/Include/sys/stat.h b/CryptoPkg/Library/Include/sys/stat.h
new file mode 100644
index 0000000000..22247bb2db
--- /dev/null
+++ b/CryptoPkg/Library/Include/sys/stat.h
@@ -0,0 +1,9 @@
+/** @file
+ Include file to support building the third-party cryptographic library.
+
+Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <CrtLibSupport.h>

139
SOURCES/0030-CryptoPkg-CrtLib-add-access-open-read-write-close-sy.patch Normal file
View File

@ -0,0 +1,139 @@
From 09ccd0ffae512d7f0a7548cdfbc60e1482153796 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Mon, 28 Aug 2023 13:27:09 +0200
Subject: [PATCH] CryptoPkg/CrtLib: add access/open/read/write/close syscalls
Needed by rhel downstream openssl patches, they use unix syscalls
for file access (instead of fopen + friends like the rest of the
code base). No actual file access is needed for edk2, so just
add stubs to make linking work.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
.../Library/BaseCryptLib/SysCall/CrtWrapper.c | 46 +++++++++++++++++++
CryptoPkg/Library/Include/CrtLibSupport.h | 41 +++++++++++++++++
2 files changed, 87 insertions(+)
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
index 37cdecc9bd..dfdb635536 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
@@ -550,6 +550,52 @@ fread (
return 0;
}
+int
+access(
+ const char*,
+ int
+ )
+{
+ return -1;
+}
+
+int
+open (
+ const char *,
+ int
+ )
+{
+ return -1;
+}
+
+ssize_t
+read (
+ int,
+ void*,
+ size_t
+ )
+{
+ return -1;
+}
+
+ssize_t
+write (
+ int,
+ const void*,
+ size_t
+ )
+{
+ return -1;
+}
+
+int
+close (
+ int
+ )
+{
+ return -1;
+}
+
uid_t
getuid (
void
diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h b/CryptoPkg/Library/Include/CrtLibSupport.h
index f36fe08f0c..7d98496af8 100644
--- a/CryptoPkg/Library/Include/CrtLibSupport.h
+++ b/CryptoPkg/Library/Include/CrtLibSupport.h
@@ -78,6 +78,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
//
// Definitions for global constants used by CRT library routines
//
+#define EINTR 4
#define EINVAL 22 /* Invalid argument */
#define EAFNOSUPPORT 47 /* Address family not supported by protocol family */
#define INT_MAX 0x7FFFFFFF /* Maximum (signed) int value */
@@ -102,6 +103,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#define NS_INADDRSZ 4 /*%< IPv4 T_A */
#define NS_IN6ADDRSZ 16 /*%< IPv6 T_AAAA */
+#define O_RDONLY 00000000
+#define O_WRONLY 00000001
+#define O_RDWR 00000002
+
+#define R_OK 4
+#define W_OK 2
+#define X_OK 1
+#define F_OK 0
+
//
// Basic types mapping
//
@@ -324,6 +334,37 @@ fprintf (
...
);
+int
+access(
+ const char*,
+ int
+ );
+
+int
+open (
+ const char *,
+ int
+ );
+
+ssize_t
+read (
+ int,
+ void*,
+ size_t
+ );
+
+ssize_t
+write (
+ int,
+ const void*,
+ size_t
+ );
+
+int
+close (
+ int
+ );
+
time_t
time (
time_t *

169
SOURCES/0031-ArmVirtQemu-Allow-EFI-memory-attributes-protocol-to-.patch Normal file
View File

@ -0,0 +1,169 @@
From 0120fb7b5877ab40537fd17e64772f53bc89cd07 Mon Sep 17 00:00:00 2001
From: Ard Biesheuvel <ardb@kernel.org>
Date: Mon, 4 Dec 2023 10:41:08 +0100
Subject: [PATCH] ArmVirtQemu: Allow EFI memory attributes protocol to be
disabled
Shim's PE loader uses the EFI memory attributes protocol in a way that
results in an immediate crash when invoking the loaded image, unless the
base and size of its executable segment are both aligned to 4k.
If this is not the case, it will strip the memory allocation of its
executable permissions, but fail to add them back for the executable
region, resulting in non-executable code. Unfortunately, the PE loader
does not even bother invoking the protocol in this case (as it notices
the misalignment), making it very hard for system firmware to work
around this by attempting to infer the intent of the caller.
So let's introduce a QEMU command line option to indicate that the
protocol should not be exposed at all, and a PCD to set the default for
this option when it is omitted.
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Link: https://gitlab.com/qemu-project/qemu/-/issues/1990
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
(cherry picked from commit cee7ba349c0c1ce489001a338a4e28555728b573)
---
ArmVirtPkg/ArmVirtPkg.dec | 6 ++
.../PlatformBootManagerLib/PlatformBm.c | 64 +++++++++++++++++++
.../PlatformBootManagerLib.inf | 3 +
3 files changed, 73 insertions(+)
diff --git a/ArmVirtPkg/ArmVirtPkg.dec b/ArmVirtPkg/ArmVirtPkg.dec
index 0f2d787327..313aebda90 100644
--- a/ArmVirtPkg/ArmVirtPkg.dec
+++ b/ArmVirtPkg/ArmVirtPkg.dec
@@ -68,3 +68,9 @@
# Cloud Hypervisor has no other way to pass Rsdp address to the guest except use a PCD.
#
gArmVirtTokenSpaceGuid.PcdCloudHvAcpiRsdpBaseAddress|0x0|UINT64|0x00000005
+
+ ##
+ # Whether the EFI memory attributes protocol should be uninstalled before
+ # invoking the OS loader. This may be needed to work around problematic
+ # builds of shim that use the protocol incorrectly.
+ gArmVirtTokenSpaceGuid.PcdUninstallMemAttrProtocol|FALSE|BOOLEAN|0x00000006
diff --git a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c
index 85c01351b0..8e93f3cfed 100644
--- a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c
+++ b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c
@@ -16,6 +16,7 @@
#include <Library/PcdLib.h>
#include <Library/PlatformBmPrintScLib.h>
#include <Library/QemuBootOrderLib.h>
+#include <Library/QemuFwCfgSimpleParserLib.h>
#include <Library/TpmPlatformHierarchyLib.h>
#include <Library/UefiBootManagerLib.h>
#include <Protocol/DevicePath.h>
@@ -1111,6 +1112,49 @@ PlatformBootManagerBeforeConsole (
FilterAndProcess (&gEfiPciIoProtocolGuid, IsVirtioPciSerial, SetupVirtioSerial);
}
+/**
+ Uninstall the EFI memory attribute protocol if it exists.
+**/
+STATIC
+VOID
+UninstallEfiMemoryAttributesProtocol (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+ EFI_HANDLE Handle;
+ UINTN Size;
+ VOID *MemoryAttributeProtocol;
+
+ Size = sizeof (Handle);
+ Status = gBS->LocateHandle (
+ ByProtocol,
+ &gEfiMemoryAttributeProtocolGuid,
+ NULL,
+ &Size,
+ &Handle
+ );
+
+ if (EFI_ERROR (Status)) {
+ ASSERT (Status == EFI_NOT_FOUND);
+ return;
+ }
+
+ Status = gBS->HandleProtocol (
+ Handle,
+ &gEfiMemoryAttributeProtocolGuid,
+ &MemoryAttributeProtocol
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ Status = gBS->UninstallProtocolInterface (
+ Handle,
+ &gEfiMemoryAttributeProtocolGuid,
+ MemoryAttributeProtocol
+ );
+ ASSERT_EFI_ERROR (Status);
+}
+
/**
Do the platform specific action after the console is ready
Possible things that can be done in PlatformBootManagerAfterConsole:
@@ -1129,12 +1173,32 @@ PlatformBootManagerAfterConsole (
)
{
RETURN_STATUS Status;
+ BOOLEAN Uninstall;
//
// Show the splash screen.
//
BootLogoEnableLogo ();
+ //
+ // Work around shim's terminally broken use of the EFI memory attributes
+ // protocol, by uninstalling it if requested on the QEMU command line.
+ //
+ // E.g.,
+ // -fw_cfg opt/org.tianocore/UninstallMemAttrProtocol,string=y
+ //
+ Uninstall = FixedPcdGetBool (PcdUninstallMemAttrProtocol);
+ QemuFwCfgParseBool ("opt/org.tianocore/UninstallMemAttrProtocol", &Uninstall);
+ DEBUG ((
+ DEBUG_WARN,
+ "%a: %auninstalling EFI memory protocol\n",
+ __func__,
+ Uninstall ? "" : "not "
+ ));
+ if (Uninstall) {
+ UninstallEfiMemoryAttributesProtocol ();
+ }
+
//
// Process QEMU's -kernel command line option. The kernel booted this way
// will receive ACPI tables: in PlatformBootManagerBeforeConsole(), we
diff --git a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
index 997eb1a442..70e4ebf94a 100644
--- a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+++ b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
@@ -46,6 +46,7 @@
PcdLib
PlatformBmPrintScLib
QemuBootOrderLib
+ QemuFwCfgSimpleParserLib
QemuLoadImageLib
ReportStatusCodeLib
TpmPlatformHierarchyLib
@@ -55,6 +56,7 @@
UefiRuntimeServicesTableLib
[FixedPcd]
+ gArmVirtTokenSpaceGuid.PcdUninstallMemAttrProtocol
gEfiMdePkgTokenSpaceGuid.PcdUartDefaultBaudRate
gEfiMdePkgTokenSpaceGuid.PcdUartDefaultDataBits
gEfiMdePkgTokenSpaceGuid.PcdUartDefaultParity
@@ -73,5 +75,6 @@
[Protocols]
gEfiFirmwareVolume2ProtocolGuid
gEfiGraphicsOutputProtocolGuid
+ gEfiMemoryAttributeProtocolGuid
gEfiPciRootBridgeIoProtocolGuid
gVirtioDeviceProtocolGuid

2
SOURCES/edk2-ovmf-sb.json → SOURCES/30-edk2-ovmf-x64-sb-enrolled.json
View File

@ -5,6 +5,7 @@
],
"mapping": {
"device": "flash",
"mode": "split",
"executable": {
"filename": "/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd",
"format": "raw"
@ -24,7 +25,6 @@
],
"features": [
"acpi-s3",
"amd-sev",
"enrolled-keys",
"requires-smm",
"secure-boot",

2
SOURCES/edk2-ovmf.json → SOURCES/40-edk2-ovmf-x64-sb.json
View File

@ -5,6 +5,7 @@
],
"mapping": {
"device": "flash",
"mode": "split",
"executable": {
"filename": "/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd",
"format": "raw"
@ -24,7 +25,6 @@
],
"features": [
"acpi-s3",
"amd-sev",
"requires-smm",
"secure-boot",
"verbose-dynamic"

32
SOURCES/50-edk2-aarch64-qcow2.json Normal file
View File

@ -0,0 +1,32 @@
{
"description": "UEFI firmware for ARM64 virtual machines",
"interface-types": [
"uefi"
],
"mapping": {
"device": "flash",
"mode": "split",
"executable": {
"filename": "/usr/share/edk2/aarch64/QEMU_EFI-silent-pflash.qcow2",
"format": "qcow2"
},
"nvram-template": {
"filename": "/usr/share/edk2/aarch64/vars-template-pflash.qcow2",
"format": "qcow2"
}
},
"targets": [
{
"architecture": "aarch64",
"machines": [
"virt-*"
]
}
],
"features": [
],
"tags": [
]
}

9
SOURCES/edk2-ovmf-cc.json → SOURCES/50-edk2-ovmf-x64-nosb.json
View File

@ -1,12 +1,13 @@
{
"description": "OVMF with SEV-ES support",
"description": "OVMF without SB+SMM, empty varstore",
"interface-types": [
"uefi"
],
"mapping": {
"device": "flash",
"mode": "split",
"executable": {
"filename": "/usr/share/edk2/ovmf/OVMF_CODE.cc.fd",
"filename": "/usr/share/edk2/ovmf/OVMF_CODE.fd",
"format": "raw"
},
"nvram-template": {
@ -18,12 +19,12 @@
{
"architecture": "x86_64",
"machines": [
"pc-q35-rhel8.6.0",
"pc-q35-rhel8.5.0"
"pc-q35-*"
]
}
],
"features": [
"acpi-s3",
"amd-sev",
"amd-sev-es",
"verbose-dynamic"

1
SOURCES/edk2-aarch64.json → SOURCES/51-edk2-aarch64-raw.json
View File

@ -5,6 +5,7 @@
],
"mapping": {
"device": "flash",
"mode": "split",
"executable": {
"filename": "/usr/share/edk2/aarch64/QEMU_EFI-silent-pflash.raw",
"format": "raw"

32
SOURCES/52-edk2-aarch64-verbose-qcow2.json Normal file
View File

@ -0,0 +1,32 @@
{
"description": "UEFI firmware for ARM64 virtual machines, verbose logs",
"interface-types": [
"uefi"
],
"mapping": {
"device": "flash",
"mode": "split",
"executable": {
"filename": "/usr/share/edk2/aarch64/QEMU_EFI-pflash.qcow2",
"format": "qcow2"
},
"nvram-template": {
"filename": "/usr/share/edk2/aarch64/vars-template-pflash.qcow2",
"format": "qcow2"
}
},
"targets": [
{
"architecture": "aarch64",
"machines": [
"virt-*"
]
}
],
"features": [
"verbose-static"
],
"tags": [
]
}

1
SOURCES/edk2-aarch64-verbose.json → SOURCES/53-edk2-aarch64-verbose-raw.json
View File

@ -5,6 +5,7 @@
],
"mapping": {
"device": "flash",
"mode": "split",
"executable": {
"filename": "/usr/share/edk2/aarch64/QEMU_EFI-pflash.raw",
"format": "raw"

31
SOURCES/60-edk2-ovmf-x64-amdsev.json Normal file
View File

@ -0,0 +1,31 @@
{
"description": "OVMF with SEV-ES support",
"interface-types": [
"uefi"
],
"mapping": {
"device": "flash",
"mode": "stateless",
"executable": {
"filename": "/usr/share/edk2/ovmf/OVMF.amdsev.fd",
"format": "raw"
}
},
"targets": [
{
"architecture": "x86_64",
"machines": [
"pc-q35-*"
]
}
],
"features": [
"amd-sev",
"amd-sev-es",
"amd-sev-snp",
"verbose-dynamic"
],
"tags": [
]
}

27
SOURCES/60-edk2-ovmf-x64-inteltdx.json Normal file
View File

@ -0,0 +1,27 @@
{
"description": "OVMF with TDX support",
"interface-types": [
"uefi"
],
"mapping": {
"device": "memory",
"filename": "/usr/share/edk2/ovmf/OVMF.inteltdx.secboot.fd"
},
"targets": [
{
"architecture": "x86_64",
"machines": [
"pc-q35-*"
]
}
],
"features": [
"enrolled-keys",
"intel-tdx",
"secure-boot",
"verbose-dynamic"
],
"tags": [
]
}

21
SOURCES/LICENSE.qosb
View File

@ -1,21 +0,0 @@
MIT License
Copyright (c) 2017 Patrick Uiterwijk
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

22
SOURCES/RedHatSecureBootPkKek1.pem
View File

@ -1,22 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIDoDCCAoigAwIBAgIJAP71iOjzlsDxMA0GCSqGSIb3DQEBCwUAMFExKzApBgNV
BAMTIlJlZCBIYXQgU2VjdXJlIEJvb3QgKFBLL0tFSyBrZXkgMSkxIjAgBgkqhkiG
9w0BCQEWE3NlY2FsZXJ0QHJlZGhhdC5jb20wHhcNMTQxMDMxMTExNTM3WhcNMzcx
MDI1MTExNTM3WjBRMSswKQYDVQQDEyJSZWQgSGF0IFNlY3VyZSBCb290IChQSy9L
RUsga2V5IDEpMSIwIAYJKoZIhvcNAQkBFhNzZWNhbGVydEByZWRoYXQuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB+Ee42865cmgm2Iq4rJjGhw
+d9LB7I3gwsCyGdoMJ7j8PCZSrhZV8ZB9jiL/mZMSek3N5IumAEeWxRQ5qiNJQ31
huarMMtAFuqNixaGcEM38s7Akd9xFI6ZDom2TG0kHozkL08l0LoG+MboGRh2cx2B
bajYBc86yHsoyDajFg0pjJmaaNyrwE2Nv1q7K6k5SwSXHPk2u8U6hgSur9SCe+Cr
3kkFaPz2rmgabJBNVxk8ZGYD9sdSm/eUz5NqoWjJqs+Za7yqXgjnORz3+A+6Bn7x
y+h23f4i2q06Xls06rPJ4E0EKX64YLkF77XZF1hWFmC5MDLwNkrD8nmNEkBw8wID
AQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVy
YXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUPOlg4/8ZoQp7o0L0jUIutNWccuww
HwYDVR0jBBgwFoAUPOlg4/8ZoQp7o0L0jUIutNWccuwwDQYJKoZIhvcNAQELBQAD
ggEBAFxNkoi0gl8drYsR7N8GpnqlK583VQyNbgUArbcMQYlpz9ZlBptReNKtx7+c
3AVzf+ceORO06rYwfUB1q5xDC9+wwhu/MOD0/sDbYiGY9sWv3jtPSQrmHvmGsD8N
1tRGN9tUdF7/EcJgxnBYxRxv7LLYbm/DvDOHOKTzRGScNDsolCZ4J58WF+g7aQol
qXM2fp43XOzoP9uR+RKzPc7n3RXDrowFIGGbld6br/qxXBzll+fDNBGF9YonJqRw
NuwM9oM9kPc28/nzFdSQYr5TtK/TSa/v9HPoe3bkRCo3uoGkmQw6MSRxoOTktxrL
R+SqIs/vdWGA40O3SFdzET14m2k=
-----END CERTIFICATE-----

1735
SOURCES/edk2-Apply-uncrustify-changes-to-.c-.h-files-in-the-Netwo.patch
View File

File diff suppressed because it is too large Load Diff

149
SOURCES/edk2-ArmVirtPkg-ArmVirtQemu-migrate-to-OVMF-s-VirtNorFlas.patch
View File

@ -1,149 +0,0 @@
From 9ef10bbe9a03f22aa5c5ff659012794d37ef9839 Mon Sep 17 00:00:00 2001
From: Ard Biesheuvel <ardb@kernel.org>
Date: Mon, 24 Oct 2022 18:41:22 +0200
Subject: [PATCH 17/18] ArmVirtPkg/ArmVirtQemu: migrate to OVMF's
VirtNorFlashDxe
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [19/20] 2160140b0ea566451ab723e941d2ab91e1ad874e
Switch to the virt specific NorFlashDxe driver implementation that was
added recently.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
(cherry picked from commit b92298af8218dd074c231947bc95f2be94af663c)
---
ArmVirtPkg/ArmVirtQemu.dsc | 4 ++--
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 2 +-
ArmVirtPkg/ArmVirtQemuKernel.dsc | 4 ++--
ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.c | 12 ++++++------
.../Library/NorFlashQemuLib/NorFlashQemuLib.inf | 4 ++--
5 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index e6fad9f066..2b23becf30 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -67,7 +67,7 @@
ArmPlatformLib|ArmPlatformPkg/Library/ArmPlatformLibNull/ArmPlatformLibNull.inf
TimerLib|ArmPkg/Library/ArmArchTimerLib/ArmArchTimerLib.inf
- NorFlashPlatformLib|ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
+ VirtNorFlashPlatformLib|ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf
@@ -400,7 +400,7 @@
<LibraryClasses>
NULL|ArmVirtPkg/Library/ArmVirtTimerFdtClientLib/ArmVirtTimerFdtClientLib.inf
}
- ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
+ OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
#
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
index f6a538df72..7c655d384d 100644
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
@@ -73,7 +73,7 @@ READ_LOCK_STATUS = TRUE
INF ArmPkg/Drivers/ArmGic/ArmGicDxe.inf
INF ArmPkg/Drivers/TimerDxe/TimerDxe.inf
- INF ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
+ INF OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
#
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
index 656c9d99a3..344e2c4ed9 100644
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
@@ -65,7 +65,7 @@
ArmVirtMemInfoLib|ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoLib.inf
TimerLib|ArmPkg/Library/ArmArchTimerLib/ArmArchTimerLib.inf
- NorFlashPlatformLib|ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
+ VirtNorFlashPlatformLib|ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf
@@ -329,7 +329,7 @@
<LibraryClasses>
NULL|ArmVirtPkg/Library/ArmVirtTimerFdtClientLib/ArmVirtTimerFdtClientLib.inf
}
- ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
+ OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
#
diff --git a/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.c b/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.c
index 271d7f0efb..93a2fed40f 100644
--- a/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.c
+++ b/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.c
@@ -8,8 +8,8 @@
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
-#include <Library/NorFlashPlatformLib.h>
#include <Library/UefiBootServicesTableLib.h>
+#include <Library/VirtNorFlashPlatformLib.h>
#include <Protocol/FdtClient.h>
@@ -18,19 +18,19 @@
#define MAX_FLASH_BANKS 4
EFI_STATUS
-NorFlashPlatformInitialization (
+VirtNorFlashPlatformInitialization (
VOID
)
{
return EFI_SUCCESS;
}
-NOR_FLASH_DESCRIPTION mNorFlashDevices[MAX_FLASH_BANKS];
+STATIC VIRT_NOR_FLASH_DESCRIPTION mNorFlashDevices[MAX_FLASH_BANKS];
EFI_STATUS
-NorFlashPlatformGetDevices (
- OUT NOR_FLASH_DESCRIPTION **NorFlashDescriptions,
- OUT UINT32 *Count
+VirtNorFlashPlatformGetDevices (
+ OUT VIRT_NOR_FLASH_DESCRIPTION **NorFlashDescriptions,
+ OUT UINT32 *Count
)
{
FDT_CLIENT_PROTOCOL *FdtClient;
diff --git a/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf b/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
index 4c3683bf5d..a6b5865be9 100644
--- a/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
+++ b/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
@@ -14,17 +14,17 @@
FILE_GUID = 339B7829-4C5F-4EFC-B2DD-5050E530DECE
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = NorFlashPlatformLib
+ LIBRARY_CLASS = VirtNorFlashPlatformLib
[Sources.common]
NorFlashQemuLib.c
[Packages]
MdePkg/MdePkg.dec
- ArmPlatformPkg/ArmPlatformPkg.dec
ArmPkg/ArmPkg.dec
ArmVirtPkg/ArmVirtPkg.dec
EmbeddedPkg/EmbeddedPkg.dec
+ OvmfPkg/OvmfPkg.dec
[LibraryClasses]
BaseLib
--
2.41.0

174
SOURCES/edk2-EmbeddedPkg-Hob-Integer-Overflow-in-CreateHob.patch
View File

@ -1,174 +0,0 @@
From f8691984227809170b702f6fd087add1f95ee8fe Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Tue, 5 Mar 2024 16:38:49 -0500
Subject: [PATCH 1/2] EmbeddedPkg/Hob: Integer Overflow in CreateHob()
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 66: EmbeddedPkg/Hob: Integer Overflow in CreateHob()
RH-Jira: RHEL-21158
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Acked-by: Gerd Hoffmann <None>
RH-Commit: [1/2] 301d3bfe82c39179fb85d510788831aa340212d9
JIRA: https://issues.redhat.com/browse/RHEL-21158
CVE: CVE-2022-36765
Upstream: Merged
commit aeaee8944f0eaacbf4cdf39279785b9ba4836bb6
Author: Gua Guo <gua.guo@intel.com>
Date: Thu Jan 11 13:07:50 2024 +0800
EmbeddedPkg/Hob: Integer Overflow in CreateHob()
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4166
Fix integer overflow in various CreateHob instances.
Fixes: CVE-2022-36765
The CreateHob() function aligns the requested size to 8
performing the following operation:
```
HobLength = (UINT16)((HobLength + 0x7) & (~0x7));
```
No checks are performed to ensure this value doesn't
overflow, and could lead to CreateHob() returning a smaller
HOB than requested, which could lead to OOB HOB accesses.
Reported-by: Marc Beatove <mbeatove@google.com>
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
Reviewed-by: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Abner Chang <abner.chang@amd.com>
Cc: John Mathew <john.mathews@intel.com>
Authored-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Gua Guo <gua.guo@intel.com>
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
---
EmbeddedPkg/Library/PrePiHobLib/Hob.c | 47 +++++++++++++++++++++++++--
1 file changed, 45 insertions(+), 2 deletions(-)
diff --git a/EmbeddedPkg/Library/PrePiHobLib/Hob.c b/EmbeddedPkg/Library/PrePiHobLib/Hob.c
index b5cc6c5d8f..f4c99369c6 100644
--- a/EmbeddedPkg/Library/PrePiHobLib/Hob.c
+++ b/EmbeddedPkg/Library/PrePiHobLib/Hob.c
@@ -112,6 +112,13 @@ CreateHob (
HandOffHob = GetHobList ();
+ //
+ // Check Length to avoid data overflow.
+ //
+ if (HobLength > MAX_UINT16 - 0x7) {
+ return NULL;
+ }
+
HobLength = (UINT16)((HobLength + 0x7) & (~0x7));
FreeMemory = HandOffHob->EfiFreeMemoryTop - HandOffHob->EfiFreeMemoryBottom;
@@ -161,7 +168,10 @@ BuildResourceDescriptorHob (
EFI_HOB_RESOURCE_DESCRIPTOR *Hob;
Hob = CreateHob (EFI_HOB_TYPE_RESOURCE_DESCRIPTOR, sizeof (EFI_HOB_RESOURCE_DESCRIPTOR));
- ASSERT(Hob != NULL);
+ ASSERT (Hob != NULL);
+ if (Hob == NULL) {
+ return;
+ }
Hob->ResourceType = ResourceType;
Hob->ResourceAttribute = ResourceAttribute;
@@ -403,6 +413,10 @@ BuildModuleHob (
((ModuleLength & (EFI_PAGE_SIZE - 1)) == 0));
Hob = CreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION_MODULE));
+ ASSERT (Hob != NULL);
+ if (Hob == NULL) {
+ return;
+ }
CopyGuid (&(Hob->MemoryAllocationHeader.Name), &gEfiHobMemoryAllocModuleGuid);
Hob->MemoryAllocationHeader.MemoryBaseAddress = MemoryAllocationModule;
@@ -450,7 +464,12 @@ BuildGuidHob (
//
ASSERT (DataLength <= (0xffff - sizeof (EFI_HOB_GUID_TYPE)));
- Hob = CreateHob (EFI_HOB_TYPE_GUID_EXTENSION, (UINT16) (sizeof (EFI_HOB_GUID_TYPE) + DataLength));
+ Hob = CreateHob (EFI_HOB_TYPE_GUID_EXTENSION, (UINT16)(sizeof (EFI_HOB_GUID_TYPE) + DataLength));
+ ASSERT (Hob != NULL);
+ if (Hob == NULL) {
+ return NULL;
+ }
+
CopyGuid (&Hob->Name, Guid);
return Hob + 1;
}
@@ -516,6 +535,10 @@ BuildFvHob (
EFI_HOB_FIRMWARE_VOLUME *Hob;
Hob = CreateHob (EFI_HOB_TYPE_FV, sizeof (EFI_HOB_FIRMWARE_VOLUME));
+ ASSERT (Hob != NULL);
+ if (Hob == NULL) {
+ return;
+ }
Hob->BaseAddress = BaseAddress;
Hob->Length = Length;
@@ -548,6 +571,10 @@ BuildFv2Hob (
EFI_HOB_FIRMWARE_VOLUME2 *Hob;
Hob = CreateHob (EFI_HOB_TYPE_FV2, sizeof (EFI_HOB_FIRMWARE_VOLUME2));
+ ASSERT (Hob != NULL);
+ if (Hob == NULL) {
+ return;
+ }
Hob->BaseAddress = BaseAddress;
Hob->Length = Length;
@@ -589,6 +616,10 @@ BuildFv3Hob (
EFI_HOB_FIRMWARE_VOLUME3 *Hob;
Hob = CreateHob (EFI_HOB_TYPE_FV3, sizeof (EFI_HOB_FIRMWARE_VOLUME3));
+ ASSERT (Hob != NULL);
+ if (Hob == NULL) {
+ return;
+ }
Hob->BaseAddress = BaseAddress;
Hob->Length = Length;
@@ -645,6 +676,10 @@ BuildCpuHob (
EFI_HOB_CPU *Hob;
Hob = CreateHob (EFI_HOB_TYPE_CPU, sizeof (EFI_HOB_CPU));
+ ASSERT (Hob != NULL);
+ if (Hob == NULL) {
+ return;
+ }
Hob->SizeOfMemorySpace = SizeOfMemorySpace;
Hob->SizeOfIoSpace = SizeOfIoSpace;
@@ -681,6 +716,10 @@ BuildStackHob (
((Length & (EFI_PAGE_SIZE - 1)) == 0));
Hob = CreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION_STACK));
+ ASSERT (Hob != NULL);
+ if (Hob == NULL) {
+ return;
+ }
CopyGuid (&(Hob->AllocDescriptor.Name), &gEfiHobMemoryAllocStackGuid);
Hob->AllocDescriptor.MemoryBaseAddress = BaseAddress;
@@ -761,6 +800,10 @@ BuildMemoryAllocationHob (
((Length & (EFI_PAGE_SIZE - 1)) == 0));
Hob = CreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION));
+ ASSERT (Hob != NULL);
+ if (Hob == NULL) {
+ return;
+ }
ZeroMem (&(Hob->AllocDescriptor.Name), sizeof (EFI_GUID));
Hob->AllocDescriptor.MemoryBaseAddress = BaseAddress;
--
2.39.3

41
SOURCES/edk2-MdePkg-ArchitecturalMsr.h-add-defines-for-MTRR-cache.patch Normal file
View File

@ -0,0 +1,41 @@
From 08fc72d06946ef3adebf110c097ed869ab0ed416 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 30 Jan 2024 14:04:39 +0100
Subject: [PATCH 7/9] MdePkg/ArchitecturalMsr.h: add #defines for MTRR cache
types
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 55: OvmfPkg/Sec: Setup MTRR early in the boot process.
RH-Jira: RHEL-21704
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [2/4] a568bc2793d677462a2971aae9566a9bbc64b063 (kraxel.rh/centos-src-edk2)
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-ID: <20240130130441.772484-3-kraxel@redhat.com>
---
MdePkg/Include/Register/Intel/ArchitecturalMsr.h | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/MdePkg/Include/Register/Intel/ArchitecturalMsr.h b/MdePkg/Include/Register/Intel/ArchitecturalMsr.h
index 756e7c86ec..08ba949cf7 100644
--- a/MdePkg/Include/Register/Intel/ArchitecturalMsr.h
+++ b/MdePkg/Include/Register/Intel/ArchitecturalMsr.h
@@ -2103,6 +2103,13 @@ typedef union {
#define MSR_IA32_MTRR_PHYSBASE9 0x00000212
/// @}
+#define MSR_IA32_MTRR_CACHE_UNCACHEABLE 0
+#define MSR_IA32_MTRR_CACHE_WRITE_COMBINING 1
+#define MSR_IA32_MTRR_CACHE_WRITE_THROUGH 4
+#define MSR_IA32_MTRR_CACHE_WRITE_PROTECTED 5
+#define MSR_IA32_MTRR_CACHE_WRITE_BACK 6
+#define MSR_IA32_MTRR_CACHE_INVALID_TYPE 7
+
/**
MSR information returned for MSR indexes #MSR_IA32_MTRR_PHYSBASE0 to
#MSR_IA32_MTRR_PHYSBASE9
--
2.39.3

390
SOURCES/edk2-MdePkg-Introduce-CcMeasurementProtocol-for-CC-Guest-.patch
View File

@ -1,390 +0,0 @@
From b8261ac422ba284249cd4f341d78d058e79960f5 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Wed, 7 Feb 2024 11:56:37 -0500
Subject: [PATCH 03/17] MdePkg: Introduce CcMeasurementProtocol for CC Guest
firmware
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 44: edk2: heap buffer overflow in Tcg2MeasureGptTable()
RH-Jira: RHEL-21154 RHEL-21156
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [3/13] 6bf304f8e3bc875024c8fb0a4cd5d2c944f69480 (jmaloy/jons_fork)
JIRA: https://issues.redhat.com/browse/RHEL-21154
CVE: CVE-2022-36763
Upstream: Merged
commit e193584da60550008722498442c62ddb77bf27d5
Author: Min Xu <min.m.xu@intel.com>
Date: Sat Dec 11 21:08:40 2021 +0800
MdePkg: Introduce CcMeasurementProtocol for CC Guest firmware
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3625
CC guest is a Confidential Computing guest. If CC Guest firmware
supports measurement and an event is created, CC Guest firmware
is designed to report the event log with the same data structure
in TCG-Platform-Firmware-Profile specification with
EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 format.
The CC Guest firmware supports measurement. It is designed to
produce EFI_CC_MEASUREMENT_PROTOCOL with new GUID
EFI_CC_MEASUREMENT_PROTOCOL_GUID to report event log and provides
hash capability.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Ken Lu <ken.lu@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
---
MdePkg/Include/Protocol/CcMeasurement.h | 302 ++++++++++++++++++++++++
MdePkg/MdePkg.dec | 6 +
2 files changed, 308 insertions(+)
create mode 100644 MdePkg/Include/Protocol/CcMeasurement.h
diff --git a/MdePkg/Include/Protocol/CcMeasurement.h b/MdePkg/Include/Protocol/CcMeasurement.h
new file mode 100644
index 0000000000..68029e977f
--- /dev/null
+++ b/MdePkg/Include/Protocol/CcMeasurement.h
@@ -0,0 +1,302 @@
+/** @file
+ If CC Guest firmware supports measurement and an event is created,
+ CC Guest firmware is designed to report the event log with the same
+ data structure in TCG-Platform-Firmware-Profile specification with
+ EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 format.
+
+ The CC Guest firmware supports measurement, the CC Guest Firmware is
+ designed to produce EFI_CC_MEASUREMENT_PROTOCOL with new GUID
+ EFI_CC_MEASUREMENT_PROTOCOL_GUID to report event log and provides hash
+ capability.
+
+Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef CC_MEASUREMENT_PROTOCOL_H_
+#define CC_MEASUREMENT_PROTOCOL_H_
+
+#include <IndustryStandard/UefiTcgPlatform.h>
+
+#define EFI_CC_MEASUREMENT_PROTOCOL_GUID \
+ { 0x96751a3d, 0x72f4, 0x41a6, { 0xa7, 0x94, 0xed, 0x5d, 0x0e, 0x67, 0xae, 0x6b }}
+extern EFI_GUID gEfiCcMeasurementProtocolGuid;
+
+typedef struct _EFI_CC_MEASUREMENT_PROTOCOL EFI_CC_MEASUREMENT_PROTOCOL;
+
+typedef struct {
+ UINT8 Major;
+ UINT8 Minor;
+} EFI_CC_VERSION;
+
+//
+// EFI_CC Type/SubType definition
+//
+#define EFI_CC_TYPE_NONE 0
+#define EFI_CC_TYPE_SEV 1
+#define EFI_CC_TYPE_TDX 2
+
+typedef struct {
+ UINT8 Type;
+ UINT8 SubType;
+} EFI_CC_TYPE;
+
+typedef UINT32 EFI_CC_EVENT_LOG_BITMAP;
+typedef UINT32 EFI_CC_EVENT_LOG_FORMAT;
+typedef UINT32 EFI_CC_EVENT_ALGORITHM_BITMAP;
+typedef UINT32 EFI_CC_MR_INDEX;
+
+//
+// Intel TDX measure register index
+//
+#define TDX_MR_INDEX_MRTD 0
+#define TDX_MR_INDEX_RTMR0 1
+#define TDX_MR_INDEX_RTMR1 2
+#define TDX_MR_INDEX_RTMR2 3
+#define TDX_MR_INDEX_RTMR3 4
+
+#define EFI_CC_EVENT_LOG_FORMAT_TCG_2 0x00000002
+#define EFI_CC_BOOT_HASH_ALG_SHA384 0x00000004
+
+//
+// This bit is shall be set when an event shall be extended but not logged.
+//
+#define EFI_CC_FLAG_EXTEND_ONLY 0x0000000000000001
+//
+// This bit shall be set when the intent is to measure a PE/COFF image.
+//
+#define EFI_CC_FLAG_PE_COFF_IMAGE 0x0000000000000010
+
+#pragma pack (1)
+
+#define EFI_CC_EVENT_HEADER_VERSION 1
+
+typedef struct {
+ //
+ // Size of the event header itself (sizeof(EFI_CC_EVENT_HEADER)).
+ //
+ UINT32 HeaderSize;
+ //
+ // Header version. For this version of this specification, the value shall be 1.
+ //
+ UINT16 HeaderVersion;
+ //
+ // Index of the MR (measurement register) that shall be extended.
+ //
+ EFI_CC_MR_INDEX MrIndex;
+ //
+ // Type of the event that shall be extended (and optionally logged).
+ //
+ UINT32 EventType;
+} EFI_CC_EVENT_HEADER;
+
+typedef struct {
+ //
+ // Total size of the event including the Size component, the header and the Event data.
+ //
+ UINT32 Size;
+ EFI_CC_EVENT_HEADER Header;
+ UINT8 Event[1];
+} EFI_CC_EVENT;
+
+#pragma pack()
+
+typedef struct {
+ //
+ // Allocated size of the structure
+ //
+ UINT8 Size;
+ //
+ // Version of the EFI_CC_BOOT_SERVICE_CAPABILITY structure itself.
+ // For this version of the protocol, the Major version shall be set to 1
+ // and the Minor version shall be set to 0.
+ //
+ EFI_CC_VERSION StructureVersion;
+ //
+ // Version of the EFI CC Measurement protocol.
+ // For this version of the protocol, the Major version shall be set to 1
+ // and the Minor version shall be set to 0.
+ //
+ EFI_CC_VERSION ProtocolVersion;
+ //
+ // Supported hash algorithms
+ //
+ EFI_CC_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap;
+ //
+ // Bitmap of supported event log formats
+ //
+ EFI_CC_EVENT_LOG_BITMAP SupportedEventLogs;
+
+ //
+ // Indicates the CC type
+ //
+ EFI_CC_TYPE CcType;
+} EFI_CC_BOOT_SERVICE_CAPABILITY;
+
+/**
+ The EFI_CC_MEASUREMENT_PROTOCOL GetCapability function call provides protocol
+ capability information and state information.
+
+ @param[in] This Indicates the calling context
+ @param[in, out] ProtocolCapability The caller allocates memory for a EFI_CC_BOOT_SERVICE_CAPABILITY
+ structure and sets the size field to the size of the structure allocated.
+ The callee fills in the fields with the EFI CC BOOT Service capability
+ information and the current CC information.
+
+ @retval EFI_SUCCESS Operation completed successfully.
+ @retval EFI_DEVICE_ERROR The command was unsuccessful.
+ The ProtocolCapability variable will not be populated.
+ @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
+ The ProtocolCapability variable will not be populated.
+ @retval EFI_BUFFER_TOO_SMALL The ProtocolCapability variable is too small to hold the full response.
+ It will be partially populated (required Size field will be set).
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EFI_CC_GET_CAPABILITY)(
+ IN EFI_CC_MEASUREMENT_PROTOCOL *This,
+ IN OUT EFI_CC_BOOT_SERVICE_CAPABILITY *ProtocolCapability
+ );
+
+/**
+ The EFI_CC_MEASUREMENT_PROTOCOL Get Event Log function call allows a caller to
+ retrieve the address of a given event log and its last entry.
+
+ @param[in] This Indicates the calling context
+ @param[in] EventLogFormat The type of the event log for which the information is requested.
+ @param[out] EventLogLocation A pointer to the memory address of the event log.
+ @param[out] EventLogLastEntry If the Event Log contains more than one entry, this is a pointer to the
+ address of the start of the last entry in the event log in memory.
+ @param[out] EventLogTruncated If the Event Log is missing at least one entry because an event would
+ have exceeded the area allocated for events, this value is set to TRUE.
+ Otherwise, the value will be FALSE and the Event Log will be complete.
+
+ @retval EFI_SUCCESS Operation completed successfully.
+ @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect
+ (e.g. asking for an event log whose format is not supported).
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EFI_CC_GET_EVENT_LOG)(
+ IN EFI_CC_MEASUREMENT_PROTOCOL *This,
+ IN EFI_CC_EVENT_LOG_FORMAT EventLogFormat,
+ OUT EFI_PHYSICAL_ADDRESS *EventLogLocation,
+ OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry,
+ OUT BOOLEAN *EventLogTruncated
+ );
+
+/**
+ The EFI_CC_MEASUREMENT_PROTOCOL HashLogExtendEvent function call provides
+ callers with an opportunity to extend and optionally log events without requiring
+ knowledge of actual CC commands.
+ The extend operation will occur even if this function cannot create an event
+ log entry (e.g. due to the event log being full).
+
+ @param[in] This Indicates the calling context
+ @param[in] Flags Bitmap providing additional information.
+ @param[in] DataToHash Physical address of the start of the data buffer to be hashed.
+ @param[in] DataToHashLen The length in bytes of the buffer referenced by DataToHash.
+ @param[in] EfiCcEvent Pointer to data buffer containing information about the event.
+
+ @retval EFI_SUCCESS Operation completed successfully.
+ @retval EFI_DEVICE_ERROR The command was unsuccessful.
+ @retval EFI_VOLUME_FULL The extend operation occurred, but the event could not be written to one or more event logs.
+ @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
+ @retval EFI_UNSUPPORTED The PE/COFF image type is not supported.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EFI_CC_HASH_LOG_EXTEND_EVENT)(
+ IN EFI_CC_MEASUREMENT_PROTOCOL *This,
+ IN UINT64 Flags,
+ IN EFI_PHYSICAL_ADDRESS DataToHash,
+ IN UINT64 DataToHashLen,
+ IN EFI_CC_EVENT *EfiCcEvent
+ );
+
+/**
+ The EFI_CC_MEASUREMENT_PROTOCOL MapPcrToMrIndex function call provides callers
+ the info on TPM PCR <-> CC MR mapping information.
+
+ @param[in] This Indicates the calling context
+ @param[in] PcrIndex TPM PCR index.
+ @param[out] MrIndex CC MR index.
+
+ @retval EFI_SUCCESS The MrIndex is returned.
+ @retval EFI_INVALID_PARAMETER The MrIndex is NULL.
+ @retval EFI_UNSUPPORTED The PcrIndex is invalid.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EFI_CC_MAP_PCR_TO_MR_INDEX)(
+ IN EFI_CC_MEASUREMENT_PROTOCOL *This,
+ IN TCG_PCRINDEX PcrIndex,
+ OUT EFI_CC_MR_INDEX *MrIndex
+ );
+
+struct _EFI_CC_MEASUREMENT_PROTOCOL {
+ EFI_CC_GET_CAPABILITY GetCapability;
+ EFI_CC_GET_EVENT_LOG GetEventLog;
+ EFI_CC_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;
+ EFI_CC_MAP_PCR_TO_MR_INDEX MapPcrToMrIndex;
+};
+
+//
+// CC event log
+//
+
+#pragma pack(1)
+
+//
+// Crypto Agile Log Entry Format.
+// It is similar with TCG_PCR_EVENT2 except the field of MrIndex and PCRIndex.
+//
+typedef struct {
+ EFI_CC_MR_INDEX MrIndex;
+ UINT32 EventType;
+ TPML_DIGEST_VALUES Digests;
+ UINT32 EventSize;
+ UINT8 Event[1];
+} CC_EVENT;
+
+//
+// EFI CC Event Header
+// It is similar with TCG_PCR_EVENT2_HDR except the field of MrIndex and PCRIndex
+//
+typedef struct {
+ EFI_CC_MR_INDEX MrIndex;
+ UINT32 EventType;
+ TPML_DIGEST_VALUES Digests;
+ UINT32 EventSize;
+} CC_EVENT_HDR;
+
+#pragma pack()
+
+//
+// Log entries after Get Event Log service
+//
+
+#define EFI_CC_FINAL_EVENTS_TABLE_VERSION 1
+
+typedef struct {
+ //
+ // The version of this structure. It shall be set to 1.
+ //
+ UINT64 Version;
+ //
+ // Number of events recorded after invocation of GetEventLog API
+ //
+ UINT64 NumberOfEvents;
+ //
+ // List of events of type CC_EVENT.
+ //
+ // CC_EVENT Event[1];
+} EFI_CC_FINAL_EVENTS_TABLE;
+
+#define EFI_CC_FINAL_EVENTS_TABLE_GUID \
+ {0xdd4a4648, 0x2de7, 0x4665, {0x96, 0x4d, 0x21, 0xd9, 0xef, 0x5f, 0xb4, 0x46}}
+
+extern EFI_GUID gEfiCcFinalEventsTableGuid;
+
+#endif
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index 8b18415b10..6389a48338 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -823,6 +823,9 @@
#
gLinuxEfiInitrdMediaGuid = {0x5568e427, 0x68fc, 0x4f3d, {0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68}}
+ ## Include/Protocol/CcMeasurement.h
+ gEfiCcFinalEventsTableGuid = { 0xdd4a4648, 0x2de7, 0x4665, { 0x96, 0x4d, 0x21, 0xd9, 0xef, 0x5f, 0xb4, 0x46 }}
+
[Guids.IA32, Guids.X64]
## Include/Guid/Cper.h
gEfiIa32X64ErrorTypeCacheCheckGuid = { 0xA55701F5, 0xE3EF, 0x43de, { 0xAC, 0x72, 0x24, 0x9B, 0x57, 0x3F, 0xAD, 0x2C }}
@@ -1011,6 +1014,9 @@
## Include/Protocol/PcdInfo.h
gGetPcdInfoProtocolGuid = { 0x5be40f57, 0xfa68, 0x4610, { 0xbb, 0xbf, 0xe9, 0xc5, 0xfc, 0xda, 0xd3, 0x65 } }
+ ## Include/Protocol/CcMeasurement.h
+ gEfiCcMeasurementProtocolGuid = { 0x96751a3d, 0x72f4, 0x41a6, { 0xa7, 0x94, 0xed, 0x5d, 0x0e, 0x67, 0xae, 0x6b }}
+
#
# Protocols defined in PI1.0.
#
--
2.41.0

17
SOURCES/edk2-NetworkPkg-Add-Unit-tests-to-CI-and-create-Host-Test.patch
View File

@ -1,16 +1,17 @@
From aa66757951e9880df4e21e191142400480aa3908 Mon Sep 17 00:00:00 2001
From 0d85ac65b3e469e879f687150d0a25e6dbd6cac1 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Thu, 8 Feb 2024 10:35:14 -0500
Subject: [PATCH 15/17] NetworkPkg: : Add Unit tests to CI and create Host Test
Subject: [PATCH 02/18] NetworkPkg: : Add Unit tests to CI and create Host Test
DSC
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 50: CVE-2023-45230 and CVE-2023-45229
RH-Jira: RHEL-21840 RHEL-21842
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [2/4] 6669306e2dbb5aa3e7691d57f4a61685b7cd57b2 (jmaloy/jons_fork)
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [2/18] 331bea0d7e46de0e35e595ad08c94eec99c80cd8
JIRA: https://issues.redhat.com/browse/RHEL-21842
JIRA: https://issues.redhat.com/browse/RHEL-21843
CVE: CVE-2023-45230
Upstream: Merged
@ -165,5 +166,5 @@ index 0000000000..1aeca5c5b3
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2
+ gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType|0x4
--
2.41.0
2.39.3

14
SOURCES/edk2-NetworkPkg-Adds-a-SecurityFix.yaml-file.patch
View File

@ -1,16 +1,16 @@
From ffa1202da2f55c1f540240e8267db9a7ec8d6a60 Mon Sep 17 00:00:00 2001
From 3c1cf95b979cea6b0dee6e107756558a7a71d4ac Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Fri, 16 Feb 2024 10:48:05 -0500
Subject: [PATCH 11/15] NetworkPkg: : Adds a SecurityFix.yaml file
Subject: [PATCH 14/18] NetworkPkg: : Adds a SecurityFix.yaml file
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [11/15] 8a46b763887843d00293997bdd7d50ea120104d9
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [14/18] dddbcbe14e38dc1bb03acf4622d6285090c4bb02
JIRA: https://issues.redhat.com/browse/RHEL-21852
JIRA: https://issues.redhat.com/browse/RHEL-21853
CVE: CVE-2022-45235
Upstream: Merged

2054
SOURCES/edk2-NetworkPkg-Apply-uncrustify-changes-p2.patch
View File

File diff suppressed because it is too large Load Diff

1937
SOURCES/edk2-NetworkPkg-Apply-uncrustify-changes.patch
View File

File diff suppressed because it is too large Load Diff

20
SOURCES/edk2-NetworkPkg-Dhcp6Dxe-Packet-Length-is-not-updated-bef.patch
View File

@ -1,17 +1,17 @@
From 649fe647114ca5dee84b0c55106ee58a9703984f Mon Sep 17 00:00:00 2001
From 3ab0e3be00cc74b39db482e33bfe923f70768ae4 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Fri, 16 Feb 2024 10:48:05 -0500
Subject: [PATCH 15/15] NetworkPkg: Dhcp6Dxe: Packet-Length is not updated
Subject: [PATCH 17/18] NetworkPkg: Dhcp6Dxe: Packet-Length is not updated
before appending
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [15/15] bc7ef287311bb3f757bc26f8921875566bcb5917
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [17/18] c13c96534ecea4c43ca98cecf0789b07680958ca
JIRA: https://issues.redhat.com/browse/RHEL-21840
JIRA: https://issues.redhat.com/browse/RHEL-21841
CVE: CVE-2023-45229
Upstream: Merged
@ -37,10 +37,10 @@ Signed-off-by: Jon Maloy <jmaloy@redhat.com>
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
index e172ffc2a2..c23eff8766 100644
index e4e0725622..f38e3ee3fe 100644
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
@@ -948,6 +948,11 @@ Dhcp6AppendIaOption (
@@ -924,6 +924,11 @@ Dhcp6AppendIaOption (
*PacketCursor += sizeof (T2);
}
@ -52,7 +52,7 @@ index e172ffc2a2..c23eff8766 100644
//
// Fill all the addresses belong to the Ia
//
@@ -959,11 +964,6 @@ Dhcp6AppendIaOption (
@@ -935,11 +940,6 @@ Dhcp6AppendIaOption (
}
}

39
SOURCES/edk2-NetworkPkg-Dhcp6Dxe-Removes-duplicate-check-and-repl.patch
View File

@ -1,17 +1,17 @@
From 4bf844922a963cb20fb1e72ca11a65a673992ca2 Mon Sep 17 00:00:00 2001
From bb9d1831fd53d43889112a2e30a52b2c4504fdae Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Fri, 16 Feb 2024 10:48:05 -0500
Subject: [PATCH 14/15] NetworkPkg: Dhcp6Dxe: Removes duplicate check and
Subject: [PATCH 16/18] NetworkPkg: Dhcp6Dxe: Removes duplicate check and
replaces with macro
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [14/15] a943400f9267b219bf1fd202534500f82a2a4c56
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [16/18] 61914482aa965883b1ec3f29cf6143b67e88742a
JIRA: https://issues.redhat.com/browse/RHEL-21840
JIRA: https://issues.redhat.com/browse/RHEL-21841
CVE: CVE-2023-45229
Upstream: Merged
@ -46,14 +46,14 @@ Date: Tue Feb 13 10:46:01 2024 -0800
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
---
NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c | 43 +++++++++++++-----------------
1 file changed, 18 insertions(+), 25 deletions(-)
NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c | 44 +++++++++++++-----------------
1 file changed, 19 insertions(+), 25 deletions(-)
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
index 484c360a96..e172ffc2a2 100644
index 705c665c51..e4e0725622 100644
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
@@ -10,6 +10,15 @@
@@ -10,6 +10,16 @@
#include "Dhcp6Impl.h"
@ -66,10 +66,11 @@ index 484c360a96..e172ffc2a2 100644
+ ((*PacketCursor) >= (Packet)->Dhcp6.Option + ((Packet)->Size - sizeof(EFI_DHCP6_HEADER))) \
+ ) \
+
+
/**
Generate client Duid in the format of Duid-llt.
@@ -662,9 +671,7 @@ Dhcp6AppendOption (
@@ -638,9 +648,7 @@ Dhcp6AppendOption (
//
// Verify the PacketCursor is within the packet
//
@ -80,7 +81,7 @@ index 484c360a96..e172ffc2a2 100644
return EFI_INVALID_PARAMETER;
}
@@ -681,15 +688,6 @@ Dhcp6AppendOption (
@@ -657,15 +665,6 @@ Dhcp6AppendOption (
return EFI_BUFFER_TOO_SMALL;
}
@ -96,7 +97,7 @@ index 484c360a96..e172ffc2a2 100644
WriteUnaligned16 ((UINT16 *)*PacketCursor, OptType);
*PacketCursor += DHCP6_SIZE_OF_OPT_CODE;
WriteUnaligned16 ((UINT16 *)*PacketCursor, OptLen);
@@ -768,9 +766,7 @@ Dhcp6AppendIaAddrOption (
@@ -744,9 +743,7 @@ Dhcp6AppendIaAddrOption (
//
// Verify the PacketCursor is within the packet
//
@ -107,7 +108,7 @@ index 484c360a96..e172ffc2a2 100644
return EFI_INVALID_PARAMETER;
}
@@ -902,9 +898,7 @@ Dhcp6AppendIaOption (
@@ -877,9 +874,7 @@ Dhcp6AppendIaOption (
//
// Verify the PacketCursor is within the packet
//
@ -118,7 +119,7 @@ index 484c360a96..e172ffc2a2 100644
return EFI_INVALID_PARAMETER;
}
@@ -966,14 +960,14 @@ Dhcp6AppendIaOption (
@@ -941,14 +936,14 @@ Dhcp6AppendIaOption (
}
//
@ -137,7 +138,7 @@ index 484c360a96..e172ffc2a2 100644
return EFI_SUCCESS;
}
@@ -982,6 +976,7 @@ Dhcp6AppendIaOption (
@@ -957,6 +952,7 @@ Dhcp6AppendIaOption (
Append the appointed Elapsed time option to Buf, and move Buf to the end.
@param[in, out] Packet A pointer to the packet, on success Packet->Length
@ -145,7 +146,7 @@ index 484c360a96..e172ffc2a2 100644
@param[in, out] PacketCursor The pointer in the packet, on success PacketCursor
will be moved to the end of the option.
@param[in] Instance The pointer to the Dhcp6 instance.
@@ -1037,9 +1032,7 @@ Dhcp6AppendETOption (
@@ -1012,9 +1008,7 @@ Dhcp6AppendETOption (
//
// Verify the PacketCursor is within the packet
//

165
SOURCES/edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Pa.patch
View File

@ -1,16 +1,17 @@
From a115d0a66c3e73c60b74ec6d09e3759da89e919b Mon Sep 17 00:00:00 2001
From c1700b34913109cd9600f58f1fa6b82b08ce3795 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Fri, 9 Feb 2024 17:57:07 -0500
Subject: [PATCH 17/17] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229
Subject: [PATCH 04/18] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229
Patch
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 50: CVE-2023-45230 and CVE-2023-45229
RH-Jira: RHEL-21840 RHEL-21842
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [4/4] 3daf69000f78416ee1f1bad0b6ceb01ed28a84a5 (jmaloy/jons_fork)
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [4/18] 23b6841dbb01249055b8040d85995c366bd94252
JIRA: https://issues.redhat.com/browse/RHEL-21840
JIRA: https://issues.redhat.com/browse/RHEL-21841
CVE: CVE-2023-45229
Upstream: Merged
@ -54,15 +55,15 @@ Date: Fri Jan 26 05:54:46 2024 +0800
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
---
NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h | 138 ++++++++++++++++++---
NetworkPkg/Dhcp6Dxe/Dhcp6Io.c | 205 +++++++++++++++++++++-----------
2 files changed, 257 insertions(+), 86 deletions(-)
NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h | 138 +++++++++++++++++++---
NetworkPkg/Dhcp6Dxe/Dhcp6Io.c | 203 +++++++++++++++++++++-----------
2 files changed, 256 insertions(+), 85 deletions(-)
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h b/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h
index ec0ed5d8f5..e759ab9a62 100644
index f2422c2f28..220e7c68f1 100644
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h
@@ -47,6 +47,20 @@ typedef struct _DHCP6_INSTANCE DHCP6_INSTANCE;
@@ -45,6 +45,20 @@ typedef struct _DHCP6_INSTANCE DHCP6_INSTANCE;
#define DHCP6_SERVICE_SIGNATURE SIGNATURE_32 ('D', 'H', '6', 'S')
#define DHCP6_INSTANCE_SIGNATURE SIGNATURE_32 ('D', 'H', '6', 'I')
@ -75,15 +76,15 @@ index ec0ed5d8f5..e759ab9a62 100644
+#define DHCP6_PORT_CLIENT 546
+#define DHCP6_PORT_SERVER 547
+
+#define DHCP_CHECK_MEDIA_WAITING_TIME EFI_TIMER_PERIOD_SECONDS(20)
+#define DHCP_CHECK_MEDIA_WAITING_TIME EFI_TIMER_PERIOD_SECONDS(20)
+
+#define DHCP6_INSTANCE_FROM_THIS(Instance) CR ((Instance), DHCP6_INSTANCE, Dhcp6, DHCP6_INSTANCE_SIGNATURE)
+#define DHCP6_SERVICE_FROM_THIS(Service) CR ((Service), DHCP6_SERVICE, ServiceBinding, DHCP6_SERVICE_SIGNATURE)
+#define DHCP6_INSTANCE_FROM_THIS(Instance) CR ((Instance), DHCP6_INSTANCE, Dhcp6, DHCP6_INSTANCE_SIGNATURE)
+#define DHCP6_SERVICE_FROM_THIS(Service) CR ((Service), DHCP6_SERVICE, ServiceBinding, DHCP6_SERVICE_SIGNATURE)
+
//
// For more information on DHCP options see RFC 8415, Section 21.1
//
@@ -61,12 +75,10 @@ typedef struct _DHCP6_INSTANCE DHCP6_INSTANCE;
@@ -59,12 +73,10 @@ typedef struct _DHCP6_INSTANCE DHCP6_INSTANCE;
// | (option-len octets) |
// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
//
@ -98,7 +99,7 @@ index ec0ed5d8f5..e759ab9a62 100644
#define DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN (DHCP6_SIZE_OF_OPT_CODE + \
DHCP6_SIZE_OF_OPT_LEN)
@@ -75,34 +87,122 @@ STATIC_ASSERT (
@@ -73,34 +85,122 @@ STATIC_ASSERT (
"Combined size of Code and Length must be 4 per RFC 8415"
);
@ -159,7 +160,7 @@ index ec0ed5d8f5..e759ab9a62 100644
+ "Combined size of IAID, T1, T2 must be 12 per RFC 8415"
+ );
-#define DHCP6_BASE_PACKET_SIZE 1024
-#define DHCP6_BASE_PACKET_SIZE 1024
+// This is the size of IA_TA without options
+#define DHCP6_MIN_SIZE_OF_IA_TA (DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN + \
+ DHCP6_SIZE_OF_IAID)
@ -168,8 +169,8 @@ index ec0ed5d8f5..e759ab9a62 100644
+ "Minimum combined size of IA_TA per RFC 8415"
+ );
-#define DHCP6_PORT_CLIENT 546
-#define DHCP6_PORT_SERVER 547
-#define DHCP6_PORT_CLIENT 546
-#define DHCP6_PORT_SERVER 547
+// Offset to a IA_TA inner option
+#define DHCP6_OFFSET_OF_IA_TA_INNER_OPT(a) (a + DHCP6_MIN_SIZE_OF_IA_TA)
+STATIC_ASSERT (
@ -177,7 +178,7 @@ index ec0ed5d8f5..e759ab9a62 100644
+ "Offset of IA_TA Inner option is + 8 past start of option"
+ );
-#define DHCP_CHECK_MEDIA_WAITING_TIME EFI_TIMER_PERIOD_SECONDS(20)
-#define DHCP_CHECK_MEDIA_WAITING_TIME EFI_TIMER_PERIOD_SECONDS(20)
+// This is the size of IA_NA without options (16)
+#define DHCP6_MIN_SIZE_OF_IA_NA DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN + \
+ DHCP6_SIZE_OF_COMBINED_IAID_T1_T2
@ -186,8 +187,8 @@ index ec0ed5d8f5..e759ab9a62 100644
+ "Minimum combined size of IA_TA per RFC 8415"
+ );
-#define DHCP6_INSTANCE_FROM_THIS(Instance) CR ((Instance), DHCP6_INSTANCE, Dhcp6, DHCP6_INSTANCE_SIGNATURE)
-#define DHCP6_SERVICE_FROM_THIS(Service) CR ((Service), DHCP6_SERVICE, ServiceBinding, DHCP6_SERVICE_SIGNATURE)
-#define DHCP6_INSTANCE_FROM_THIS(Instance) CR ((Instance), DHCP6_INSTANCE, Dhcp6, DHCP6_INSTANCE_SIGNATURE)
-#define DHCP6_SERVICE_FROM_THIS(Service) CR ((Service), DHCP6_SERVICE, ServiceBinding, DHCP6_SERVICE_SIGNATURE)
+#define DHCP6_OFFSET_OF_IA_NA_INNER_OPT(a) (a + DHCP6_MIN_SIZE_OF_IA_NA)
+STATIC_ASSERT (
+ DHCP6_OFFSET_OF_IA_NA_INNER_OPT (0) == 16,
@ -234,54 +235,56 @@ index ec0ed5d8f5..e759ab9a62 100644
+ "Offset of status is + 4 past start of option"
+ );
extern EFI_IPv6_ADDRESS mAllDhcpRelayAndServersAddress;
extern EFI_DHCP6_PROTOCOL gDhcp6ProtocolTemplate;
extern EFI_IPv6_ADDRESS mAllDhcpRelayAndServersAddress;
extern EFI_DHCP6_PROTOCOL gDhcp6ProtocolTemplate;
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
index 2976684aba..d680febbf1 100644
index bf5aa7a769..89d16484a5 100644
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
@@ -611,8 +611,8 @@ Dhcp6UpdateIaInfo (
@@ -598,8 +598,8 @@ Dhcp6UpdateIaInfo (
// The inner options still start with 2 bytes option-code and 2 bytes option-len.
//
if (Instance->Config->IaDescriptor.Type == Dhcp6OptIana) {
- T1 = NTOHL (ReadUnaligned32 ((UINT32 *) (Option + 8)));
- T2 = NTOHL (ReadUnaligned32 ((UINT32 *) (Option + 12)));
- T1 = NTOHL (ReadUnaligned32 ((UINT32 *)(Option + 8)));
- T2 = NTOHL (ReadUnaligned32 ((UINT32 *)(Option + 12)));
+ T1 = NTOHL (ReadUnaligned32 ((UINT32 *)(DHCP6_OFFSET_OF_IA_NA_T1 (Option))));
+ T2 = NTOHL (ReadUnaligned32 ((UINT32 *)(DHCP6_OFFSET_OF_IA_NA_T2 (Option))));
//
// Refer to RFC3155 Chapter 22.4. If a client receives an IA_NA with T1 greater than T2,
// and both T1 and T2 are greater than 0, the client discards the IA_NA option and processes
@@ -621,13 +621,14 @@ Dhcp6UpdateIaInfo (
if (T1 > T2 && T2 > 0) {
@@ -609,13 +609,14 @@ Dhcp6UpdateIaInfo (
return EFI_DEVICE_ERROR;
}
- IaInnerOpt = Option + 16;
- IaInnerLen = (UINT16) (NTOHS (ReadUnaligned16 ((UINT16 *) (Option + 2))) - 12);
- IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(Option + 2))) - 12);
+ IaInnerOpt = DHCP6_OFFSET_OF_IA_NA_INNER_OPT (Option);
+ IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option)))) - DHCP6_SIZE_OF_COMBINED_IAID_T1_T2);
} else {
T1 = 0;
T2 = 0;
- T1 = 0;
- T2 = 0;
- IaInnerOpt = Option + 8;
- IaInnerLen = (UINT16) (NTOHS (ReadUnaligned16 ((UINT16 *) (Option + 2))) - 4);
- IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(Option + 2))) - 4);
+ T1 = 0;
+ T2 = 0;
+
+ IaInnerOpt = DHCP6_OFFSET_OF_IA_TA_INNER_OPT (Option);
+ IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option)))) - DHCP6_SIZE_OF_IAID);
}
//
@@ -653,7 +654,7 @@ Dhcp6UpdateIaInfo (
@@ -641,7 +642,7 @@ Dhcp6UpdateIaInfo (
Option = Dhcp6SeekOption (IaInnerOpt, IaInnerLen, Dhcp6OptStatusCode);
if (Option != NULL) {
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *) (Option + 4)));
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(Option + 4)));
+ StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option))));
if (StsCode != Dhcp6StsSuccess) {
return EFI_DEVICE_ERROR;
}
@@ -675,6 +676,87 @@ Dhcp6UpdateIaInfo (
@@ -661,6 +662,87 @@ Dhcp6UpdateIaInfo (
return Status;
}
+/**
+ Seeks the Inner Options from a DHCP6 Option
@ -367,16 +370,10 @@ index 2976684aba..d680febbf1 100644
/**
Seek StatusCode Option in package. A Status Code option may appear in the
options field of a DHCP message and/or in the options field of another option.
@@ -695,9 +777,15 @@ Dhcp6SeekStsOption (
OUT UINT8 **Option
)
{
- UINT8 *IaInnerOpt;
- UINT16 IaInnerLen;
- UINT16 StsCode;
+ UINT8 *IaInnerOpt;
+ UINT16 IaInnerLen;
+ UINT16 StsCode;
@@ -684,6 +766,12 @@ Dhcp6SeekStsOption (
UINT8 *IaInnerOpt;
UINT16 IaInnerLen;
UINT16 StsCode;
+ UINT32 OptionLen;
+
+ // OptionLen is the length of the Options excluding the DHCP header.
@ -386,7 +383,7 @@ index 2976684aba..d680febbf1 100644
//
// Seek StatusCode option directly in DHCP message body. That is, search in
@@ -705,12 +793,12 @@ Dhcp6SeekStsOption (
@@ -691,12 +779,12 @@ Dhcp6SeekStsOption (
//
*Option = Dhcp6SeekOption (
Packet->Dhcp6.Option,
@ -396,12 +393,12 @@ index 2976684aba..d680febbf1 100644
);
if (*Option != NULL) {
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *) (*Option + 4)));
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(*Option + 4)));
+ StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_STATUS_CODE (*Option))));
if (StsCode != Dhcp6StsSuccess) {
return EFI_DEVICE_ERROR;
}
@@ -721,7 +809,7 @@ Dhcp6SeekStsOption (
@@ -707,7 +795,7 @@ Dhcp6SeekStsOption (
//
*Option = Dhcp6SeekIaOption (
Packet->Dhcp6.Option,
@ -410,7 +407,7 @@ index 2976684aba..d680febbf1 100644
&Instance->Config->IaDescriptor
);
if (*Option == NULL) {
@@ -729,52 +817,35 @@ Dhcp6SeekStsOption (
@@ -715,52 +803,35 @@ Dhcp6SeekStsOption (
}
//
@ -461,16 +458,16 @@ index 2976684aba..d680febbf1 100644
- // sizeof (option-code + option-len + IaId) = 8
- // sizeof (option-code + option-len + IaId + T1) = 12
- // sizeof (option-code + option-len + IaId + T1 + T2) = 16
- //
- // The inner options still start with 2 bytes option-code and 2 bytes option-len.
+ // Seek the inner option
//
- // The inner options still start with 2 bytes option-code and 2 bytes option-len.
- //
- if (Instance->Config->IaDescriptor.Type == Dhcp6OptIana) {
- IaInnerOpt = *Option + 16;
- IaInnerLen = (UINT16) (NTOHS (ReadUnaligned16 ((UINT16 *) (*Option + 2))) - 12);
- IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(*Option + 2))) - 12);
- } else {
- IaInnerOpt = *Option + 8;
- IaInnerLen = (UINT16) (NTOHS (ReadUnaligned16 ((UINT16 *) (*Option + 2))) - 4);
- IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(*Option + 2))) - 4);
+ if (EFI_ERROR (
+ Dhcp6SeekInnerOptionSafe (
+ Instance->Config->IaDescriptor.Type,
@ -485,16 +482,16 @@ index 2976684aba..d680febbf1 100644
}
//
@@ -798,7 +869,7 @@ Dhcp6SeekStsOption (
@@ -784,7 +855,7 @@ Dhcp6SeekStsOption (
//
*Option = Dhcp6SeekOption (IaInnerOpt, IaInnerLen, Dhcp6OptStatusCode);
*Option = Dhcp6SeekOption (IaInnerOpt, IaInnerLen, Dhcp6OptStatusCode);
if (*Option != NULL) {
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *) (*Option + 4)));
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(*Option + 4)));
+ StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)((DHCP6_OFFSET_OF_STATUS_CODE (*Option)))));
if (StsCode != Dhcp6StsSuccess) {
return EFI_DEVICE_ERROR;
}
@@ -1123,7 +1194,7 @@ Dhcp6SendRequestMsg (
@@ -1105,7 +1176,7 @@ Dhcp6SendRequestMsg (
//
Option = Dhcp6SeekOption (
Instance->AdSelect->Dhcp6.Option,
@ -503,7 +500,7 @@ index 2976684aba..d680febbf1 100644
Dhcp6OptServerId
);
if (Option == NULL) {
@@ -1309,7 +1380,7 @@ Dhcp6SendDeclineMsg (
@@ -1289,7 +1360,7 @@ Dhcp6SendDeclineMsg (
//
Option = Dhcp6SeekOption (
LastReply->Dhcp6.Option,
@ -512,7 +509,7 @@ index 2976684aba..d680febbf1 100644
Dhcp6OptServerId
);
if (Option == NULL) {
@@ -1469,7 +1540,7 @@ Dhcp6SendReleaseMsg (
@@ -1448,7 +1519,7 @@ Dhcp6SendReleaseMsg (
//
Option = Dhcp6SeekOption (
LastReply->Dhcp6.Option,
@ -521,7 +518,7 @@ index 2976684aba..d680febbf1 100644
Dhcp6OptServerId
);
if (Option == NULL) {
@@ -1695,7 +1766,7 @@ Dhcp6SendRenewRebindMsg (
@@ -1673,7 +1744,7 @@ Dhcp6SendRenewRebindMsg (
Option = Dhcp6SeekOption (
LastReply->Dhcp6.Option,
@ -530,7 +527,7 @@ index 2976684aba..d680febbf1 100644
Dhcp6OptServerId
);
if (Option == NULL) {
@@ -2235,7 +2306,7 @@ Dhcp6HandleReplyMsg (
@@ -2208,7 +2279,7 @@ Dhcp6HandleReplyMsg (
//
Option = Dhcp6SeekOption (
Packet->Dhcp6.Option,
@ -539,43 +536,43 @@ index 2976684aba..d680febbf1 100644
Dhcp6OptRapidCommit
);
@@ -2383,7 +2454,7 @@ Dhcp6HandleReplyMsg (
@@ -2354,7 +2425,7 @@ Dhcp6HandleReplyMsg (
//
// Any error status code option is found.
//
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *) (Option + 4)));
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(Option + 4)));
+ StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)((DHCP6_OFFSET_OF_STATUS_CODE (Option)))));
switch (StsCode) {
case Dhcp6StsUnspecFail:
//
@@ -2514,7 +2585,7 @@ Dhcp6SelectAdvertiseMsg (
case Dhcp6StsUnspecFail:
//
@@ -2487,7 +2558,7 @@ Dhcp6SelectAdvertiseMsg (
//
Option = Dhcp6SeekOption(
Option = Dhcp6SeekOption (
AdSelect->Dhcp6.Option,
- AdSelect->Length - 4,
+ AdSelect->Length - sizeof (EFI_DHCP6_HEADER),
Dhcp6OptServerUnicast
);
@@ -2526,7 +2597,7 @@ Dhcp6SelectAdvertiseMsg (
@@ -2498,7 +2569,7 @@ Dhcp6SelectAdvertiseMsg (
return EFI_OUT_OF_RESOURCES;
}
- CopyMem (Instance->Unicast, Option + 4, sizeof(EFI_IPv6_ADDRESS));
- CopyMem (Instance->Unicast, Option + 4, sizeof (EFI_IPv6_ADDRESS));
+ CopyMem (Instance->Unicast, DHCP6_OFFSET_OF_OPT_DATA (Option), sizeof (EFI_IPv6_ADDRESS));
}
//
@@ -2580,7 +2651,7 @@ Dhcp6HandleAdvertiseMsg (
@@ -2551,7 +2622,7 @@ Dhcp6HandleAdvertiseMsg (
//
Option = Dhcp6SeekOption(
Option = Dhcp6SeekOption (
Packet->Dhcp6.Option,
- Packet->Length - 4,
+ Packet->Length - sizeof (EFI_DHCP6_HEADER),
Dhcp6OptRapidCommit
);
@@ -2676,7 +2747,7 @@ Dhcp6HandleAdvertiseMsg (
@@ -2645,7 +2716,7 @@ Dhcp6HandleAdvertiseMsg (
CopyMem (Instance->AdSelect, Packet, Packet->Size);
if (Option != NULL) {
@ -584,30 +581,30 @@ index 2976684aba..d680febbf1 100644
}
} else {
//
@@ -2747,11 +2818,11 @@ Dhcp6HandleStateful (
@@ -2714,11 +2785,11 @@ Dhcp6HandleStateful (
//
Option = Dhcp6SeekOption(
Option = Dhcp6SeekOption (
Packet->Dhcp6.Option,
- Packet->Length - 4,
+ Packet->Length - DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN,
Dhcp6OptClientId
);
- if (Option == NULL || CompareMem (Option + 4, ClientId->Duid, ClientId->Length) != 0) {
- if ((Option == NULL) || (CompareMem (Option + 4, ClientId->Duid, ClientId->Length) != 0)) {
+ if ((Option == NULL) || (CompareMem (DHCP6_OFFSET_OF_OPT_DATA (Option), ClientId->Duid, ClientId->Length) != 0)) {
goto ON_CONTINUE;
}
@@ -2760,7 +2831,7 @@ Dhcp6HandleStateful (
@@ -2727,7 +2798,7 @@ Dhcp6HandleStateful (
//
Option = Dhcp6SeekOption(
Option = Dhcp6SeekOption (
Packet->Dhcp6.Option,
- Packet->Length - 4,
+ Packet->Length - DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN,
Dhcp6OptServerId
);
@@ -2865,7 +2936,7 @@ Dhcp6HandleStateless (
@@ -2832,7 +2903,7 @@ Dhcp6HandleStateless (
//
Option = Dhcp6SeekOption (
Packet->Dhcp6.Option,
@ -617,5 +614,5 @@ index 2976684aba..d680febbf1 100644
);
--
2.41.0
2.39.3

20
SOURCES/edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Re.patch
View File

@ -1,17 +1,17 @@
From 1b58858f28a364a8f8fa897a78db7ced068719dd Mon Sep 17 00:00:00 2001
From dcfd5b6e28536e5b28fb4c47ec57f8d106b6b181 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Fri, 16 Feb 2024 10:48:05 -0500
Subject: [PATCH 13/15] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229
Subject: [PATCH 15/18] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229
Related Patch
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [13/15] 904fd82592208d0ca42bbb64f437691a5bdfd0b6
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [15/18] e2fe2033c2f90145249d9416a539d5b2fc52596a
JIRA: https://issues.redhat.com/browse/RHEL-21840
JIRA: https://issues.redhat.com/browse/RHEL-21841
CVE: CVE-2023-45229
Upstream: Merged
@ -222,11 +222,11 @@ index 3b8feb4a20..a9bffae353 100644
if (IaInnerLenTmp < DHCP6_SIZE_OF_IAID) {
return EFI_DEVICE_ERROR;
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.h b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.h
index 554f0f5e5d..8c0d282bca 100644
index 051a652f2b..ab0e1ac27f 100644
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.h
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.h
@@ -218,4 +218,26 @@ Dhcp6OnTimerTick (
IN VOID *Context
@@ -217,4 +217,26 @@ Dhcp6OnTimerTick (
IN VOID *Context
);
+/**

565
SOURCES/edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Un.patch Normal file
View File

@ -0,0 +1,565 @@
From 76930459d2e3f82e10968ec8904e45c8bac77fd8 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Fri, 9 Feb 2024 17:57:07 -0500
Subject: [PATCH 05/18] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229
Unit Tests
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [5/18] 7421b6f8d8e6bc3d8ea4aaf90f65608136b968b2
JIRA: https://issues.redhat.com/browse/RHEL-21841
CVE: CVE-2023-45229
Upstream: Merged
commit 07362769ab7a7d74dbea1c7a7a3662c7b5d1f097
Author: Doug Flick via groups.io <dougflick=microsoft.com@groups.io>
Date: Fri Jan 26 05:54:47 2024 +0800
NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4534
These tests confirm that the report bug...
"Out-of-bounds read when processing IA_NA/IA_TA options in a
DHCPv6 Advertise message"
..has been patched.
The following functions are tested to confirm an out of bounds read is
patched and that the correct statuses are returned:
Dhcp6SeekInnerOptionSafe
Dhcp6SeekStsOption
TCBZ4534
CVE-2023-45229
CVSS 6.5 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-125 Out-of-bounds Read
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
---
NetworkPkg/Dhcp6Dxe/Dhcp6Io.c | 2 +-
.../GoogleTest/Dhcp6DxeGoogleTest.inf | 1 +
.../Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp | 365 +++++++++++++++++-
.../Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.h | 58 +++
NetworkPkg/Test/NetworkPkgHostTest.dsc | 1 +
5 files changed, 424 insertions(+), 3 deletions(-)
create mode 100644 NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.h
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
index 89d16484a5..3b8feb4a20 100644
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
@@ -816,7 +816,7 @@ Dhcp6SeekStsOption (
// IA option to the end of the DHCP6 option area, thus subtract the space
// up until this option
//
- OptionLen = OptionLen - (*Option - Packet->Dhcp6.Option);
+ OptionLen = OptionLen - (UINT32)(*Option - Packet->Dhcp6.Option);
//
// Seek the inner option
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
index 8e9119a371..12532ed30c 100644
--- a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
@@ -18,6 +18,7 @@
[Sources]
Dhcp6DxeGoogleTest.cpp
Dhcp6IoGoogleTest.cpp
+ Dhcp6IoGoogleTest.h
../Dhcp6Io.c
../Dhcp6Utility.c
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
index 7ee40e4af4..7db253a7b8 100644
--- a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
@@ -13,6 +13,7 @@ extern "C" {
#include <Library/BaseMemoryLib.h>
#include "../Dhcp6Impl.h"
#include "../Dhcp6Utility.h"
+ #include "Dhcp6IoGoogleTest.h"
}
////////////////////////////////////////////////////////////////////////
@@ -21,7 +22,35 @@ extern "C" {
#define DHCP6_PACKET_MAX_LEN 1500
+// This definition is used by this test but is also required to compile
+// by Dhcp6Io.c
+#define DHCPV6_OPTION_IA_NA 3
+#define DHCPV6_OPTION_IA_TA 4
+
+#define SEARCH_PATTERN 0xDEADC0DE
+#define SEARCH_PATTERN_LEN sizeof(SEARCH_PATTERN)
+
////////////////////////////////////////////////////////////////////////
+// Test structures for IA_NA and IA_TA options
+////////////////////////////////////////////////////////////////////////
+typedef struct {
+ UINT16 Code;
+ UINT16 Len;
+ UINT32 IAID;
+} DHCPv6_OPTION;
+
+typedef struct {
+ DHCPv6_OPTION Header;
+ UINT32 T1;
+ UINT32 T2;
+ UINT8 InnerOptions[0];
+} DHCPv6_OPTION_IA_NA;
+
+typedef struct {
+ DHCPv6_OPTION Header;
+ UINT8 InnerOptions[0];
+} DHCPv6_OPTION_IA_TA;
+
////////////////////////////////////////////////////////////////////////
// Symbol Definitions
// These functions are not directly under test - but required to compile
@@ -210,7 +239,7 @@ TEST_F (Dhcp6AppendETOptionTest, InvalidDataExpectBufferTooSmall) {
Status = Dhcp6AppendETOption (
Dhcp6AppendETOptionTest::Packet,
&Cursor,
- &Instance, // Instance is not used in this function
+ &Instance, // Instance is not used in this function
&ElapsedTime
);
@@ -240,7 +269,7 @@ TEST_F (Dhcp6AppendETOptionTest, ValidDataExpectSuccess) {
Status = Dhcp6AppendETOption (
Dhcp6AppendETOptionTest::Packet,
&Cursor,
- &Instance, // Instance is not used in this function
+ &Instance, // Instance is not used in this function
&ElapsedTime
);
@@ -476,3 +505,335 @@ TEST_F (Dhcp6AppendIaOptionTest, IaTaValidDataExpectSuccess) {
// verify that the status is EFI_SUCCESS
ASSERT_EQ (Status, EFI_SUCCESS);
}
+
+////////////////////////////////////////////////////////////////////////
+// Dhcp6SeekInnerOptionSafe Tests
+////////////////////////////////////////////////////////////////////////
+
+// Define a fixture for your tests if needed
+class Dhcp6SeekInnerOptionSafeTest : public ::testing::Test {
+protected:
+ // Add any setup code if needed
+ virtual void
+ SetUp (
+ )
+ {
+ // Initialize any resources or variables
+ }
+
+ // Add any cleanup code if needed
+ virtual void
+ TearDown (
+ )
+ {
+ // Clean up any resources or variables
+ }
+};
+
+// Test Description:
+// This test verifies that Dhcp6SeekInnerOptionSafe returns EFI_SUCCESS when the IANA option is found.
+TEST_F (Dhcp6SeekInnerOptionSafeTest, IANAValidOptionExpectSuccess) {
+ EFI_STATUS Result;
+ UINT8 Option[sizeof (DHCPv6_OPTION_IA_NA) + SEARCH_PATTERN_LEN] = { 0 };
+ UINT32 OptionLength = sizeof (Option);
+ DHCPv6_OPTION_IA_NA *OptionPtr = (DHCPv6_OPTION_IA_NA *)Option;
+ UINT32 SearchPattern = SEARCH_PATTERN;
+
+ UINTN SearchPatternLength = SEARCH_PATTERN_LEN;
+ UINT8 *InnerOptionPtr = NULL;
+ UINT16 InnerOptionLength = 0;
+
+ OptionPtr->Header.Code = Dhcp6OptIana;
+ OptionPtr->Header.Len = HTONS (4 + 12); // Valid length has to be more than 12
+ OptionPtr->Header.IAID = 0x12345678;
+ OptionPtr->T1 = 0x11111111;
+ OptionPtr->T2 = 0x22222222;
+ CopyMem (OptionPtr->InnerOptions, &SearchPattern, SearchPatternLength);
+
+ Result = Dhcp6SeekInnerOptionSafe (
+ Dhcp6OptIana,
+ Option,
+ OptionLength,
+ &InnerOptionPtr,
+ &InnerOptionLength
+ );
+ ASSERT_EQ (Result, EFI_SUCCESS);
+ ASSERT_EQ (InnerOptionLength, 4);
+ ASSERT_EQ (CompareMem (InnerOptionPtr, &SearchPattern, SearchPatternLength), 0);
+}
+
+// Test Description:
+// This test verifies that Dhcp6SeekInnerOptionSafe returns EFI_DEIVCE_ERROR when the IANA option size is invalid.
+TEST_F (Dhcp6SeekInnerOptionSafeTest, IANAInvalidSizeExpectFail) {
+ // Lets add an inner option of bytes we expect to find
+ EFI_STATUS Status;
+ UINT8 Option[sizeof (DHCPv6_OPTION_IA_NA) + SEARCH_PATTERN_LEN] = { 0 };
+ UINT32 OptionLength = sizeof (Option);
+ DHCPv6_OPTION_IA_NA *OptionPtr = (DHCPv6_OPTION_IA_NA *)Option;
+ UINT32 SearchPattern = SEARCH_PATTERN;
+
+ UINTN SearchPatternLength = SEARCH_PATTERN_LEN;
+ UINT8 *InnerOptionPtr = NULL;
+ UINT16 InnerOptionLength = 0;
+
+ OptionPtr->Header.Code = Dhcp6OptIana;
+ OptionPtr->Header.Len = HTONS (4); // Set the length to lower than expected (12)
+ OptionPtr->Header.IAID = 0x12345678;
+ OptionPtr->T1 = 0x11111111;
+ OptionPtr->T2 = 0x22222222;
+ CopyMem (OptionPtr->InnerOptions, &SearchPattern, SearchPatternLength);
+
+ // Set the InnerOptionLength to be less than the size of the option
+ Status = Dhcp6SeekInnerOptionSafe (
+ Dhcp6OptIana,
+ Option,
+ OptionLength,
+ &InnerOptionPtr,
+ &InnerOptionLength
+ );
+ ASSERT_EQ (Status, EFI_DEVICE_ERROR);
+
+ // Now set the OptionLength to be less than the size of the option
+ OptionLength = sizeof (DHCPv6_OPTION_IA_NA) - 1;
+ Status = Dhcp6SeekInnerOptionSafe (
+ Dhcp6OptIana,
+ Option,
+ OptionLength,
+ &InnerOptionPtr,
+ &InnerOptionLength
+ );
+ ASSERT_EQ (Status, EFI_DEVICE_ERROR);
+}
+
+// Test Description:
+// This test verifies that Dhcp6SeekInnerOptionSafe returns EFI_SUCCESS when the IATA option is found
+TEST_F (Dhcp6SeekInnerOptionSafeTest, IATAValidOptionExpectSuccess) {
+ // Lets add an inner option of bytes we expect to find
+ EFI_STATUS Status;
+ UINT8 Option[sizeof (DHCPv6_OPTION_IA_TA) + SEARCH_PATTERN_LEN] = { 0 };
+ UINT32 OptionLength = sizeof (Option);
+ DHCPv6_OPTION_IA_TA *OptionPtr = (DHCPv6_OPTION_IA_TA *)Option;
+ UINT32 SearchPattern = SEARCH_PATTERN;
+
+ UINTN SearchPatternLength = SEARCH_PATTERN_LEN;
+ UINT8 *InnerOptionPtr = NULL;
+ UINT16 InnerOptionLength = 0;
+
+ OptionPtr->Header.Code = Dhcp6OptIata;
+ OptionPtr->Header.Len = HTONS (4 + 4); // Valid length has to be more than 4
+ OptionPtr->Header.IAID = 0x12345678;
+ CopyMem (OptionPtr->InnerOptions, &SearchPattern, SearchPatternLength);
+
+ Status = Dhcp6SeekInnerOptionSafe (
+ Dhcp6OptIata,
+ Option,
+ OptionLength,
+ &InnerOptionPtr,
+ &InnerOptionLength
+ );
+ ASSERT_EQ (Status, EFI_SUCCESS);
+ ASSERT_EQ (InnerOptionLength, 4);
+ ASSERT_EQ (CompareMem (InnerOptionPtr, &SearchPattern, SearchPatternLength), 0);
+}
+
+// Test Description:
+// This test verifies that Dhcp6SeekInnerOptionSafe returns EFI_SUCCESS when the IATA option size is invalid.
+TEST_F (Dhcp6SeekInnerOptionSafeTest, IATAInvalidSizeExpectFail) {
+ // Lets add an inner option of bytes we expect to find
+ EFI_STATUS Status;
+ UINT8 Option[sizeof (DHCPv6_OPTION_IA_TA) + SEARCH_PATTERN_LEN] = { 0 };
+ UINT32 OptionLength = sizeof (Option);
+ DHCPv6_OPTION_IA_TA *OptionPtr = (DHCPv6_OPTION_IA_TA *)Option;
+ UINT32 SearchPattern = SEARCH_PATTERN;
+
+ UINTN SearchPatternLength = SEARCH_PATTERN_LEN;
+ UINT8 *InnerOptionPtr = NULL;
+ UINT16 InnerOptionLength = 0;
+
+ OptionPtr->Header.Code = Dhcp6OptIata;
+ OptionPtr->Header.Len = HTONS (2); // Set the length to lower than expected (4)
+ OptionPtr->Header.IAID = 0x12345678;
+ CopyMem (OptionPtr->InnerOptions, &SearchPattern, SearchPatternLength);
+
+ Status = Dhcp6SeekInnerOptionSafe (
+ Dhcp6OptIata,
+ Option,
+ OptionLength,
+ &InnerOptionPtr,
+ &InnerOptionLength
+ );
+ ASSERT_EQ (Status, EFI_DEVICE_ERROR);
+
+ // Now lets try modifying the OptionLength to be less than the size of the option
+ OptionLength = sizeof (DHCPv6_OPTION_IA_TA) - 1;
+ Status = Dhcp6SeekInnerOptionSafe (
+ Dhcp6OptIata,
+ Option,
+ OptionLength,
+ &InnerOptionPtr,
+ &InnerOptionLength
+ );
+ ASSERT_EQ (Status, EFI_DEVICE_ERROR);
+}
+
+// Test Description:
+// This test verifies that any other Option Type fails
+TEST_F (Dhcp6SeekInnerOptionSafeTest, InvalidOption) {
+ // Lets add an inner option of bytes we expect to find
+ EFI_STATUS Result;
+ UINT8 Option[sizeof (DHCPv6_OPTION_IA_TA) + SEARCH_PATTERN_LEN] = { 0 };
+ UINT32 OptionLength = sizeof (Option);
+ DHCPv6_OPTION_IA_TA *OptionPtr = (DHCPv6_OPTION_IA_TA *)Option;
+ UINT32 SearchPattern = SEARCH_PATTERN;
+
+ UINTN SearchPatternLength = SEARCH_PATTERN_LEN;
+ UINT8 *InnerOptionPtr = NULL;
+ UINT16 InnerOptionLength = 0;
+
+ OptionPtr->Header.Code = 0xC0DE;
+ OptionPtr->Header.Len = HTONS (2); // Set the length to lower than expected (4)
+ OptionPtr->Header.IAID = 0x12345678;
+ CopyMem (OptionPtr->InnerOptions, &SearchPattern, SearchPatternLength);
+
+ Result = Dhcp6SeekInnerOptionSafe (0xC0DE, Option, OptionLength, &InnerOptionPtr, &InnerOptionLength);
+ ASSERT_EQ (Result, EFI_DEVICE_ERROR);
+}
+
+////////////////////////////////////////////////////////////////////////
+// Dhcp6SeekStsOption Tests
+////////////////////////////////////////////////////////////////////////
+
+#define PACKET_SIZE (1500)
+
+class Dhcp6SeekStsOptionTest : public ::testing::Test {
+public:
+ DHCP6_INSTANCE Instance = { 0 };
+ EFI_DHCP6_PACKET *Packet = NULL;
+ EFI_DHCP6_CONFIG_DATA Config = { 0 };
+
+protected:
+ // Add any setup code if needed
+ virtual void
+ SetUp (
+ )
+ {
+ // Allocate a packet
+ Packet = (EFI_DHCP6_PACKET *)AllocateZeroPool (PACKET_SIZE);
+ ASSERT_NE (Packet, nullptr);
+
+ // Initialize the packet
+ Packet->Size = PACKET_SIZE;
+
+ Instance.Config = &Config;
+ }
+
+ // Add any cleanup code if needed
+ virtual void
+ TearDown (
+ )
+ {
+ // Clean up any resources or variables
+ FreePool (Packet);
+ }
+};
+
+// Test Description:
+// This test verifies that Dhcp6SeekStsOption returns EFI_DEVICE_ERROR when the option is invalid
+// This verifies that the calling function is working as expected
+TEST_F (Dhcp6SeekStsOptionTest, SeekIATAOptionExpectFail) {
+ EFI_STATUS Status;
+ UINT8 *Option = NULL;
+ UINT32 SearchPattern = SEARCH_PATTERN;
+ UINT16 SearchPatternLength = SEARCH_PATTERN_LEN;
+ UINT16 *Len = NULL;
+ EFI_DHCP6_IA Ia = { 0 };
+
+ Ia.Descriptor.Type = DHCPV6_OPTION_IA_TA;
+ Ia.IaAddressCount = 1;
+ Ia.IaAddress[0].PreferredLifetime = 0xDEADBEEF;
+ Ia.IaAddress[0].ValidLifetime = 0xDEADAAAA;
+ Ia.IaAddress[0].IpAddress = mAllDhcpRelayAndServersAddress;
+
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
+
+ Option = Dhcp6SeekStsOptionTest::Packet->Dhcp6.Option;
+
+ // Let's append the option to the packet
+ Status = Dhcp6AppendOption (
+ Dhcp6SeekStsOptionTest::Packet,
+ &Option,
+ Dhcp6OptStatusCode,
+ SearchPatternLength,
+ (UINT8 *)&SearchPattern
+ );
+ ASSERT_EQ (Status, EFI_SUCCESS);
+
+ // Inner option length - this will be overwritten later
+ Len = (UINT16 *)(Option + 2);
+
+ // Fill in the inner IA option
+ Status = Dhcp6AppendIaOption (
+ Dhcp6SeekStsOptionTest::Packet,
+ &Option,
+ &Ia,
+ 0x12345678,
+ 0x11111111,
+ 0x22222222
+ );
+ ASSERT_EQ (Status, EFI_SUCCESS);
+
+ // overwrite the len of inner Ia option
+ *Len = HTONS (3);
+
+ Dhcp6SeekStsOptionTest::Instance.Config->IaDescriptor.Type = DHCPV6_OPTION_IA_TA;
+
+ Option = NULL;
+ Status = Dhcp6SeekStsOption (&(Dhcp6SeekStsOptionTest::Instance), Dhcp6SeekStsOptionTest::Packet, &Option);
+
+ ASSERT_EQ (Status, EFI_DEVICE_ERROR);
+}
+
+// Test Description:
+// This test verifies that Dhcp6SeekInnerOptionSafe returns EFI_SUCCESS when the IATA option size is invalid.
+TEST_F (Dhcp6SeekStsOptionTest, SeekIANAOptionExpectSuccess) {
+ EFI_STATUS Status = EFI_NOT_FOUND;
+ UINT8 *Option = NULL;
+ UINT32 SearchPattern = SEARCH_PATTERN;
+ UINT16 SearchPatternLength = SEARCH_PATTERN_LEN;
+ EFI_DHCP6_IA Ia = { 0 };
+
+ Ia.Descriptor.Type = DHCPV6_OPTION_IA_NA;
+ Ia.IaAddressCount = 1;
+ Ia.IaAddress[0].PreferredLifetime = 0x11111111;
+ Ia.IaAddress[0].ValidLifetime = 0x22222222;
+ Ia.IaAddress[0].IpAddress = mAllDhcpRelayAndServersAddress;
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
+
+ Option = Dhcp6SeekStsOptionTest::Packet->Dhcp6.Option;
+
+ Status = Dhcp6AppendOption (
+ Dhcp6SeekStsOptionTest::Packet,
+ &Option,
+ Dhcp6OptStatusCode,
+ SearchPatternLength,
+ (UINT8 *)&SearchPattern
+ );
+ ASSERT_EQ (Status, EFI_SUCCESS);
+
+ Status = Dhcp6AppendIaOption (
+ Dhcp6SeekStsOptionTest::Packet,
+ &Option,
+ &Ia,
+ 0x12345678,
+ 0x11111111,
+ 0x22222222
+ );
+ ASSERT_EQ (Status, EFI_SUCCESS);
+
+ Dhcp6SeekStsOptionTest::Instance.Config->IaDescriptor.Type = DHCPV6_OPTION_IA_NA;
+
+ Option = NULL;
+ Status = Dhcp6SeekStsOption (&(Dhcp6SeekStsOptionTest::Instance), Dhcp6SeekStsOptionTest::Packet, &Option);
+
+ ASSERT_EQ (Status, EFI_SUCCESS);
+}
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.h b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.h
new file mode 100644
index 0000000000..aed3b89082
--- /dev/null
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.h
@@ -0,0 +1,58 @@
+/** @file
+ Acts as header for private functions under test in Dhcp6Io.c
+
+ Copyright (c) Microsoft Corporation
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#ifndef DHCP6_IO_GOOGLE_TEST_H_
+#define DHCP6_IO_GOOGLE_TEST_H_
+
+////////////////////////////////////////////////////////////////////////////////
+// These are the functions that are being unit tested
+////////////////////////////////////////////////////////////////////////////////
+
+#include <Uefi.h>
+
+/**
+ Seeks the Inner Options from a DHCP6 Option
+
+ @param[in] IaType The type of the IA option.
+ @param[in] Option The pointer to the DHCP6 Option.
+ @param[in] OptionLen The length of the DHCP6 Option.
+ @param[out] IaInnerOpt The pointer to the IA inner option.
+ @param[out] IaInnerLen The length of the IA inner option.
+
+ @retval EFI_SUCCESS Seek the inner option successfully.
+ @retval EFI_DEVICE_ERROR The OptionLen is invalid.
+*/
+EFI_STATUS
+Dhcp6SeekInnerOptionSafe (
+ UINT16 IaType,
+ UINT8 *Option,
+ UINT32 OptionLen,
+ UINT8 **IaInnerOpt,
+ UINT16 *IaInnerLen
+ );
+
+/**
+ Seek StatusCode Option in package. A Status Code option may appear in the
+ options field of a DHCP message and/or in the options field of another option.
+ See details in section 22.13, RFC3315.
+
+ @param[in] Instance The pointer to the Dhcp6 instance.
+ @param[in] Packet The pointer to reply messages.
+ @param[out] Option The pointer to status code option.
+
+ @retval EFI_SUCCESS Seek status code option successfully.
+ @retval EFI_DEVICE_ERROR An unexpected error.
+
+**/
+EFI_STATUS
+Dhcp6SeekStsOption (
+ IN DHCP6_INSTANCE *Instance,
+ IN EFI_DHCP6_PACKET *Packet,
+ OUT UINT8 **Option
+ );
+
+#endif // DHCP6_IO_GOOGLE_TEST_H
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
index 20bc90b172..24dee654df 100644
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
@@ -16,6 +16,7 @@
SKUID_IDENTIFIER = DEFAULT
!include UnitTestFrameworkPkg/UnitTestFrameworkPkgHost.dsc.inc
+
[Packages]
MdePkg/MdePkg.dec
UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
--
2.39.3

1657
SOURCES/edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch
View File

File diff suppressed because it is too large Load Diff

17
SOURCES/edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Un.patch
View File

@ -1,16 +1,17 @@
From f5274b449181cb37efce0f08ed5d75a6bf6e54a8 Mon Sep 17 00:00:00 2001
From c4b0517aaa38857640b4b08b55803ae8a833c1e7 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Thu, 8 Feb 2024 10:35:14 -0500
Subject: [PATCH 16/17] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230
Subject: [PATCH 03/18] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230
Unit Tests
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 50: CVE-2023-45230 and CVE-2023-45229
RH-Jira: RHEL-21840 RHEL-21842
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [3/4] 43b8569c0586c7dbf66b19c5db335d0ce05829de (jmaloy/jons_fork)
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [3/18] 0fe85bcd3683b2424bcd91ad1495d1b79eb07405
JIRA: https://issues.redhat.com/browse/RHEL-21842
JIRA: https://issues.redhat.com/browse/RHEL-21843
CVE: CVE-2023-45230
Upstream: Merged
@ -625,5 +626,5 @@ index 1aeca5c5b3..20bc90b172 100644
# Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests.
[LibraryClasses]
--
2.41.0
2.39.3

14
SOURCES/edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45231-Patc.patch
View File

@ -1,16 +1,16 @@
From e3f153773bd2ca13ee4869187f1711840fc8afc9 Mon Sep 17 00:00:00 2001
From d51f47c8654f44a787d70b675830ebc7a4ea74f6 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Thu, 15 Feb 2024 11:51:09 -0500
Subject: [PATCH 02/15] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Patch
Subject: [PATCH 06/18] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Patch
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [2/15] 61eaf6aac61b774c3a8ace54af8abd607651d2db
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [6/18] 58ad218f1216ac1ea34ca01ef8cc21e207e2eaf2
JIRA: https://issues.redhat.com/browse/RHEL-21844
JIRA: https://issues.redhat.com/browse/RHEL-21845
CVE: CVE-2022-45231
Upstream: Merged

18
SOURCES/edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45231-Unit.patch
View File

@ -1,17 +1,17 @@
From e8200dda7752d21794b2268efe9e957958ffef29 Mon Sep 17 00:00:00 2001
From a5757e84bd77ad98580c50ba81da2d1daf0f147a Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Wed, 14 Feb 2024 12:24:44 -0500
Subject: [PATCH 03/15] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Unit
Subject: [PATCH 07/18] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Unit
Tests
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [3/15] ca554677a3397423073d3bb4774f856b2329ae9c
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [7/18] 57d08b408b30ea98de1e5dfd74f8892b66c0867c
JIRA: https://issues.redhat.com/browse/RHEL-21844
JIRA: https://issues.redhat.com/browse/RHEL-21845
CVE: CVE-2022-45231
Upstream: Merged
@ -261,10 +261,10 @@ index 0000000000..f2cd90e1a9
+ EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));
+}
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
index 20bc90b172..ab7c2857b6 100644
index 24dee654df..7fa7b0f9d5 100644
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
@@ -25,6 +25,7 @@
@@ -26,6 +26,7 @@
# Build HOST_APPLICATION that tests NetworkPkg
#
NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf

16
SOURCES/edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45232-Patc.patch
View File

@ -1,20 +1,20 @@
From 23b31a16bbb789f4c251b1d2f23334210a9fb545 Mon Sep 17 00:00:00 2001
From ff4f1d8227c6c4c89060e24df37defec6d7a07e2 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Thu, 15 Feb 2024 11:51:09 -0500
Subject: [PATCH 04/15] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Patch
Subject: [PATCH 08/18] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Patch
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [4/15] 48c273e43a6275c7eae3223c4ffa433f4d6531a4
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [8/18] c7bf831954da5b678450f1ba8e34371645959c81
JIRA: https://issues.redhat.com/browse/RHEL-21846
JIRA: https://issues.redhat.com/browse/RHEL-21847
CVE: CVE-2022-45232
Upstream: Merged
JIRA: https://issues.redhat.com/browse/RHEL-21848
JIRA: https://issues.redhat.com/browse/RHEL-21849
CVE: CVE-2022-45233
Upstream: Merged

14
SOURCES/edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45232-Unit.patch
View File

@ -1,17 +1,17 @@
From 2bd8bc051f6394f2ab3c22649c54ecbed5d636cd Mon Sep 17 00:00:00 2001
From dab03ad5334af1c93797119f2eeda6ce757461f8 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Wed, 14 Feb 2024 20:25:29 -0500
Subject: [PATCH 05/15] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Unit
Subject: [PATCH 09/18] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Unit
Tests
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [5/15] 624365d403df25927ab0514b0e25faea7376def8
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [9/18] f68829a7f34f5a09a02d28cc5cfd109f90c442da
JIRA: https://issues.redhat.com/browse/RHEL-21846
JIRA: https://issues.redhat.com/browse/RHEL-21847
CVE: CVE-2022-45232
Upstream: Merged

14
SOURCES/edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523.patch
View File

@ -1,17 +1,17 @@
From 38baf93892ec464490b6fe611c23b014f574344b Mon Sep 17 00:00:00 2001
From 1afdf854f67fbaeea47f15efa0c34c0f1fe6a504 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Fri, 16 Feb 2024 10:48:05 -0500
Subject: [PATCH 07/15] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234
Subject: [PATCH 10/18] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234
Patch
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [7/15] c1baa0b2facbf0b63a90a0bfd55264af9f893098
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [10/18] c7527c63ebe3afb55a2ef78103c1a57de26c36b7
JIRA: https://issues.redhat.com/browse/RHEL-21850
JIRA: https://issues.redhat.com/browse/RHEL-21851
CVE: CVE-2022-45234
Upstream: Merged

18
SOURCES/edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p2.patch
View File

@ -1,17 +1,17 @@
From fd1bc6ff10a45123b0ec7f9ae3354ad3713bc532 Mon Sep 17 00:00:00 2001
From d60257df151a6c58aefe74c2d2baee59344318d2 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Fri, 16 Feb 2024 10:48:05 -0500
Subject: [PATCH 08/15] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234
Subject: [PATCH 11/18] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234
Unit Tests
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [8/15] f88ebc7fa79ce4fe615dd79c42fedee0a0da7a0b
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [11/18] b917383d597172d4bf75548d9b281d08bf34e299
JIRA: https://issues.redhat.com/browse/RHEL-21850
JIRA: https://issues.redhat.com/browse/RHEL-21851
CVE: CVE-2022-45234
Upstream: Merged
@ -54,10 +54,10 @@ Signed-off-by: Jon Maloy <jmaloy@redhat.com>
create mode 100644 NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
index ab7c2857b6..c8a991e5c1 100644
index 7fa7b0f9d5..a0273c4310 100644
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
@@ -26,6 +26,7 @@
@@ -27,6 +27,7 @@
#
NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf

18
SOURCES/edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p3.patch
View File

@ -1,17 +1,17 @@
From 0016db53099ba979617f376fe1104fefada4fa29 Mon Sep 17 00:00:00 2001
From b57bd437db8cff7b7a206e3cd694b7821014ba53 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Fri, 16 Feb 2024 10:48:05 -0500
Subject: [PATCH 09/15] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235
Subject: [PATCH 12/18] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235
Patch
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [9/15] c48c060b87761537ee526e1f8a9e5993eb1a0381
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [12/18] 310a770792d1a81dbf54ee372f926541309492e8
JIRA: https://issues.redhat.com/browse/RHEL-21852
JIRA: https://issues.redhat.com/browse/RHEL-21853
CVE: CVE-2022-45235
Upstream: Merged
@ -225,10 +225,10 @@ index 2b2d372889..7fd1281c11 100644
Status = PxeBc->UdpWrite (
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h
index ae4be775e8..47eb8cc0c0 100644
index c86f6d391b..6357d27fae 100644
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h
@@ -35,6 +35,23 @@
@@ -34,6 +34,23 @@
#define PXEBC_ADDR_START_DELIMITER '['
#define PXEBC_ADDR_END_DELIMITER ']'

18
SOURCES/edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p4.patch
View File

@ -1,17 +1,17 @@
From 80b34c0f56228353c174f9ff739d0755c62d76cf Mon Sep 17 00:00:00 2001
From 59b9d468ebf6be2a5c53d7979c12040f9b41c2c2 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Fri, 16 Feb 2024 10:48:05 -0500
Subject: [PATCH 10/15] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235
Subject: [PATCH 13/18] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235
Unit Tests
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Commit: [10/15] 5dbf3f771506ff9a0c28827c568d04e825572658
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [13/18] 074410155526b2ee2a74cf161ea46385932da059
JIRA: https://issues.redhat.com/browse/RHEL-21852
JIRA: https://issues.redhat.com/browse/RHEL-21853
CVE: CVE-2022-45235
Upstream: Merged
@ -48,10 +48,10 @@ Signed-off-by: Jon Maloy <jmaloy@redhat.com>
3 files changed, 298 insertions(+), 3 deletions(-)
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
index c8a991e5c1..1010a80a15 100644
index a0273c4310..fa301a7a52 100644
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
@@ -26,7 +26,10 @@
@@ -27,7 +27,10 @@
#
NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf

51
SOURCES/edk2-NetworkPkg-Updating-SecurityFixes.yaml.patch Normal file
View File

@ -0,0 +1,51 @@
From ababd8837103d4e504cc5d044a13fb9516543795 Mon Sep 17 00:00:00 2001
From: Jon Maloy <jmaloy@redhat.com>
Date: Fri, 16 Feb 2024 10:48:05 -0500
Subject: [PATCH 18/18] NetworkPkg: : Updating SecurityFixes.yaml
RH-Author: Jon Maloy <jmaloy@redhat.com>
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
RH-Acked-by: Gerd Hoffmann <None>
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [18/18] e77d4ea79359b99e7d1073251d67909c2bfdb879
JIRA: https://issues.redhat.com/browse/RHEL-21841
CVE: CVE-2023-45229
Upstream: Merged
commit 5fd3078a2e08f607dc86a16c1b184b6e30a34a49
Author: Doug Flick <dougflick@microsoft.com>
Date: Tue Feb 13 10:46:03 2024 -0800
NetworkPkg: : Updating SecurityFixes.yaml
This captures the related security change for Dhcp6Dxe that is related
to CVE-2023-45229
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
---
NetworkPkg/SecurityFixes.yaml | 1 +
1 file changed, 1 insertion(+)
diff --git a/NetworkPkg/SecurityFixes.yaml b/NetworkPkg/SecurityFixes.yaml
index 7e900483fe..fa42025e0d 100644
--- a/NetworkPkg/SecurityFixes.yaml
+++ b/NetworkPkg/SecurityFixes.yaml
@@ -8,6 +8,7 @@ CVE_2023_45229:
commit_titles:
- "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Patch"
- "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests"
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Related Patch"
cve: CVE-2023-45229
date_reported: 2023-08-28 13:56 UTC
description: "Bug 01 - edk2/NetworkPkg: Out-of-bounds read when processing IA_NA/IA_TA options in a DHCPv6 Advertise message"
--
2.39.3

50
SOURCES/edk2-OvmfPkg-AmdSev-SecretPei-Mark-SEV-launch-secret-area.patch
View File

@ -1,50 +0,0 @@
From e4a64ad230ff2906ec56d41b2a8dd7a0bb39a399 Mon Sep 17 00:00:00 2001
From: Dov Murik <dovmurik@linux.ibm.com>
Date: Tue, 4 Jan 2022 15:16:40 +0800
Subject: [PATCH] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as
reserved
RH-Author: Pawel Polawski <None>
RH-MergeRequest: 11: OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved
RH-Commit: [1/1] a14d34eb204387aae3446770a0e5fb95a9283ae3 (elkoniu/edk2)
RH-Bugzilla: 2041754
RH-Acked-by: Oliver Steffen <None>
Mark the SEV launch secret MEMFD area as reserved, which will allow the
guest OS to use it during the lifetime of the OS, without creating
copies of the sensitive content.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Jiewen Yao <Jiewen.Yao@intel.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
---
OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
index db94c26b54..6bf1a55dea 100644
--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
@@ -19,7 +19,7 @@ InitializeSecretPei (
BuildMemoryAllocationHob (
PcdGet32 (PcdSevLaunchSecretBase),
ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),
- EfiBootServicesData
+ EfiReservedMemoryType
);
return EFI_SUCCESS;
--
2.27.0

52
SOURCES/edk2-OvmfPkg-RiscVVirt-use-gEfiAuthenticatedVariableGuid-.patch Normal file
View File

@ -0,0 +1,52 @@
From 390efa52b8c2b61bcc6f24cc9f3b805798150b6e Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 9 Jan 2024 12:29:00 +0100
Subject: [PATCH 1/3] OvmfPkg/RiscVVirt: use gEfiAuthenticatedVariableGuid
unconditionally
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
ArmVirt and OVMF are doing the same.
See commit d92eaabefbe0 ("OvmfPkg: simplify VARIABLE_STORE_HEADER
generation") for details.
Suggested-by: László Érsek <lersek@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20240109112902.30002-2-kraxel@redhat.com>
(cherry picked from commit 3b1ddbddeee64cee5aba4f0170fbf5e4781d4879)
---
OvmfPkg/RiscVVirt/VarStore.fdf.inc | 9 +--------
1 file changed, 1 insertion(+), 8 deletions(-)
diff --git a/OvmfPkg/RiscVVirt/VarStore.fdf.inc b/OvmfPkg/RiscVVirt/VarStore.fdf.inc
index aba32315cc..6679c246b3 100644
--- a/OvmfPkg/RiscVVirt/VarStore.fdf.inc
+++ b/OvmfPkg/RiscVVirt/VarStore.fdf.inc
@@ -36,19 +36,12 @@ DATA = {
# Blockmap[1]: End
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
## This is the VARIABLE_STORE_HEADER
-!if $(SECURE_BOOT_ENABLE) == TRUE
+ # It is compatible with SECURE_BOOT_ENABLE == FALSE as well.
# Signature: gEfiAuthenticatedVariableGuid =
# { 0xaaf32c78, 0x947b, 0x439a,
# { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 }}
0x78, 0x2c, 0xf3, 0xaa, 0x7b, 0x94, 0x9a, 0x43,
0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92,
-!else
- # Signature: gEfiVariableGuid =
- # { 0xddcf3616, 0x3275, 0x4164,
- # { 0x98, 0xb6, 0xfe, 0x85, 0x70, 0x7f, 0xfe, 0x7d }}
- 0x16, 0x36, 0xcf, 0xdd, 0x75, 0x32, 0x64, 0x41,
- 0x98, 0xb6, 0xfe, 0x85, 0x70, 0x7f, 0xfe, 0x7d,
-!endif
# Size: 0x40000 (gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize) -
# 0x48 (size of EFI_FIRMWARE_VOLUME_HEADER) = 0x3FFB8
# This can speed up the Variable Dispatch a bit.
--
2.39.3

193
SOURCES/edk2-OvmfPkg-Sec-Setup-MTRR-early-in-the-boot-process.patch Normal file
View File

@ -0,0 +1,193 @@
From 7b1298045185749369115719317dc92f58af92d7 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 30 Jan 2024 14:04:38 +0100
Subject: [PATCH 6/9] OvmfPkg/Sec: Setup MTRR early in the boot process.
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 55: OvmfPkg/Sec: Setup MTRR early in the boot process.
RH-Jira: RHEL-21704
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [1/4] c4061788d34f409944898b48642d610c259161f3 (kraxel.rh/centos-src-edk2)
Specifically before running lzma uncompress of the main firmware volume.
This is needed to make sure caching is enabled, otherwise the uncompress
can be extremely slow.
Adapt the ASSERTs and MTRR setup in PlatformInitLib to the changes.
Background: Depending on virtual machine configuration kvm may uses EPT
memory types to apply guest MTRR settings. In case MTRRs are disabled
kvm will use the uncachable memory type for all mappings. The
vmx_get_mt_mask() function in the linux kernel handles this and can be
found here:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/arch/x86/kvm/vmx/vmx.c?h=v6.7.1#n7580
In most VM configurations kvm uses MTRR_TYPE_WRBACK unconditionally. In
case the VM has a mdev device assigned that is not the case though.
Before commit e8aa4c6546ad ("UefiCpuPkg/ResetVector: Cache Disable
should not be set by default in CR0") kvm also ended up using
MTRR_TYPE_WRBACK due to KVM_X86_QUIRK_CD_NW_CLEARED. After that commit
kvm evaluates guest mtrr settings, which why setting up MTRRs early is
important now.
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-ID: <20240130130441.772484-2-kraxel@redhat.com>
[ kraxel: Downstream-only for now. Timely upstream merge is unlikely
due to chinese holidays and rhel-9.4 deadlines are close.
QE regression testing passed. So go with upstream posted
series v3 ]
---
OvmfPkg/IntelTdx/Sec/SecMain.c | 32 +++++++++++++++++++++
OvmfPkg/Library/PlatformInitLib/MemDetect.c | 10 +++----
OvmfPkg/Sec/SecMain.c | 32 +++++++++++++++++++++
3 files changed, 69 insertions(+), 5 deletions(-)
diff --git a/OvmfPkg/IntelTdx/Sec/SecMain.c b/OvmfPkg/IntelTdx/Sec/SecMain.c
index 42a587adfa..0daddac0a0 100644
--- a/OvmfPkg/IntelTdx/Sec/SecMain.c
+++ b/OvmfPkg/IntelTdx/Sec/SecMain.c
@@ -27,6 +27,8 @@
#include <Library/TdxHelperLib.h>
#include <Library/CcProbeLib.h>
#include <Library/PeilessStartupLib.h>
+#include <Register/Intel/ArchitecturalMsr.h>
+#include <Register/Intel/Cpuid.h>
#define SEC_IDT_ENTRY_COUNT 34
@@ -48,6 +50,31 @@ IA32_IDT_GATE_DESCRIPTOR mIdtEntryTemplate = {
}
};
+//
+// Enable MTRR early, set default type to write back.
+// Needed to make sure caching is enabled,
+// without this lzma decompress can be very slow.
+//
+STATIC
+VOID
+SecMtrrSetup (
+ VOID
+ )
+{
+ CPUID_VERSION_INFO_EDX Edx;
+ MSR_IA32_MTRR_DEF_TYPE_REGISTER DefType;
+
+ AsmCpuid (CPUID_VERSION_INFO, NULL, NULL, NULL, &Edx.Uint32);
+ if (!Edx.Bits.MTRR) {
+ return;
+ }
+
+ DefType.Uint64 = AsmReadMsr64 (MSR_IA32_MTRR_DEF_TYPE);
+ DefType.Bits.Type = 6; /* write back */
+ DefType.Bits.E = 1; /* enable */
+ AsmWriteMsr64 (MSR_IA32_MTRR_DEF_TYPE, DefType.Uint64);
+}
+
VOID
EFIAPI
SecCoreStartupWithStack (
@@ -204,6 +231,11 @@ SecCoreStartupWithStack (
InitializeApicTimer (0, MAX_UINT32, TRUE, 5);
DisableApicTimerInterrupt ();
+ //
+ // Initialize MTRR
+ //
+ SecMtrrSetup ();
+
PeilessStartup (&SecCoreData);
ASSERT (FALSE);
diff --git a/OvmfPkg/Library/PlatformInitLib/MemDetect.c b/OvmfPkg/Library/PlatformInitLib/MemDetect.c
index 662e7e85bb..f8d7f5bf1c 100644
--- a/OvmfPkg/Library/PlatformInitLib/MemDetect.c
+++ b/OvmfPkg/Library/PlatformInitLib/MemDetect.c
@@ -1035,18 +1035,18 @@ PlatformQemuInitializeRam (
MtrrGetAllMtrrs (&MtrrSettings);
//
- // MTRRs disabled, fixed MTRRs disabled, default type is uncached
+ // See SecMtrrSetup(), default type should be write back
//
- ASSERT ((MtrrSettings.MtrrDefType & BIT11) == 0);
+ ASSERT ((MtrrSettings.MtrrDefType & BIT11) != 0);
ASSERT ((MtrrSettings.MtrrDefType & BIT10) == 0);
- ASSERT ((MtrrSettings.MtrrDefType & 0xFF) == 0);
+ ASSERT ((MtrrSettings.MtrrDefType & 0xFF) == MTRR_CACHE_WRITE_BACK);
//
// flip default type to writeback
//
- SetMem (&MtrrSettings.Fixed, sizeof MtrrSettings.Fixed, 0x06);
+ SetMem (&MtrrSettings.Fixed, sizeof MtrrSettings.Fixed, MTRR_CACHE_WRITE_BACK);
ZeroMem (&MtrrSettings.Variables, sizeof MtrrSettings.Variables);
- MtrrSettings.MtrrDefType |= BIT11 | BIT10 | 6;
+ MtrrSettings.MtrrDefType |= BIT10;
MtrrSetAllMtrrs (&MtrrSettings);
//
diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index 31da5d0ace..3b7dc7205d 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -30,6 +30,8 @@
#include <Ppi/MpInitLibDep.h>
#include <Library/TdxHelperLib.h>
#include <Library/CcProbeLib.h>
+#include <Register/Intel/ArchitecturalMsr.h>
+#include <Register/Intel/Cpuid.h>
#include "AmdSev.h"
#define SEC_IDT_ENTRY_COUNT 34
@@ -744,6 +746,31 @@ FindAndReportEntryPoints (
return;
}
+//
+// Enable MTRR early, set default type to write back.
+// Needed to make sure caching is enabled,
+// without this lzma decompress can be very slow.
+//
+STATIC
+VOID
+SecMtrrSetup (
+ VOID
+ )
+{
+ CPUID_VERSION_INFO_EDX Edx;
+ MSR_IA32_MTRR_DEF_TYPE_REGISTER DefType;
+
+ AsmCpuid (CPUID_VERSION_INFO, NULL, NULL, NULL, &Edx.Uint32);
+ if (!Edx.Bits.MTRR) {
+ return;
+ }
+
+ DefType.Uint64 = AsmReadMsr64 (MSR_IA32_MTRR_DEF_TYPE);
+ DefType.Bits.Type = 6; /* write back */
+ DefType.Bits.E = 1; /* enable */
+ AsmWriteMsr64 (MSR_IA32_MTRR_DEF_TYPE, DefType.Uint64);
+}
+
VOID
EFIAPI
SecCoreStartupWithStack (
@@ -942,6 +969,11 @@ SecCoreStartupWithStack (
InitializeApicTimer (0, MAX_UINT32, TRUE, 5);
DisableApicTimerInterrupt ();
+ //
+ // Initialize MTRR
+ //
+ SecMtrrSetup ();
+
//
// Initialize Debug Agent to support source level debug in SEC/PEI phases before memory ready.
//
--
2.39.3

49
SOURCES/edk2-OvmfPkg-Sec-use-cache-type-defines-from-Architectura.patch Normal file
View File

@ -0,0 +1,49 @@
From 0e2a3df10d784fd38ceee2f6a733032d1333281f Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 30 Jan 2024 14:04:41 +0100
Subject: [PATCH 9/9] OvmfPkg/Sec: use cache type #defines from
ArchitecturalMsr.h
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 55: OvmfPkg/Sec: Setup MTRR early in the boot process.
RH-Jira: RHEL-21704
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [4/4] 55f00e3e153ca945ca458e7abc26780a8d83ac85 (kraxel.rh/centos-src-edk2)
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-ID: <20240130130441.772484-5-kraxel@redhat.com>
---
OvmfPkg/IntelTdx/Sec/SecMain.c | 2 +-
OvmfPkg/Sec/SecMain.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/OvmfPkg/IntelTdx/Sec/SecMain.c b/OvmfPkg/IntelTdx/Sec/SecMain.c
index 0daddac0a0..c00b852f0e 100644
--- a/OvmfPkg/IntelTdx/Sec/SecMain.c
+++ b/OvmfPkg/IntelTdx/Sec/SecMain.c
@@ -70,7 +70,7 @@ SecMtrrSetup (
}
DefType.Uint64 = AsmReadMsr64 (MSR_IA32_MTRR_DEF_TYPE);
- DefType.Bits.Type = 6; /* write back */
+ DefType.Bits.Type = MSR_IA32_MTRR_CACHE_WRITE_BACK;
DefType.Bits.E = 1; /* enable */
AsmWriteMsr64 (MSR_IA32_MTRR_DEF_TYPE, DefType.Uint64);
}
diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index 3b7dc7205d..aa0fa1b1ec 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -766,7 +766,7 @@ SecMtrrSetup (
}
DefType.Uint64 = AsmReadMsr64 (MSR_IA32_MTRR_DEF_TYPE);
- DefType.Bits.Type = 6; /* write back */
+ DefType.Bits.Type = MSR_IA32_MTRR_CACHE_WRITE_BACK;
DefType.Bits.E = 1; /* enable */
AsmWriteMsr64 (MSR_IA32_MTRR_DEF_TYPE, DefType.Uint64);
}
--
2.39.3

15
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-ValidateFvHeader-unwritten-s.patch
View File

@ -1,14 +1,15 @@
From f2aeff31924f6d070d7f8b87550dc6d9820531ad Mon Sep 17 00:00:00 2001
From cfcef96bb3c63342d4fb87cf0cda8e9dcaef9b2b Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 16 Jan 2024 18:11:04 +0100
Subject: [PATCH 15/18] OvmfPkg/VirtNorFlashDxe: ValidateFvHeader: unwritten
Subject: [PATCH 5/6] OvmfPkg/VirtNorFlashDxe: ValidateFvHeader: unwritten
state is EOL too
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-MergeRequest: 52: OvmfPkg/VirtNorFlashDxe: backport more fixes.
RH-Jira: RHEL-20963
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [17/20] 37220c700ea816c815e0612031e10b7d466b71a2
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Commit: [5/6] 24a9f2d03eeaf61ea8f0ea5a40f0921994b08688 (kraxel.rh/centos-src-edk2)
It is possible to find variable entries with State being 0xff, i.e. not
updated since flash block erase. This indicates the variable driver
@ -27,7 +28,7 @@ Message-Id: <20240116171105.37831-6-kraxel@redhat.com>
1 file changed, 5 insertions(+)
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
index acc4a413ee..f8e71f88c1 100644
index 8fcd999ac6..c8b5e0be13 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
@@ -302,6 +302,11 @@ ValidateFvHeader (
@ -43,5 +44,5 @@ index acc4a413ee..f8e71f88c1 100644
switch (VarHeader->State) {
// usage: State = VAR_HEADER_VALID_ONLY
--
2.41.0
2.39.3

13
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-add-a-loop-for-NorFlashWrite.patch
View File

@ -1,14 +1,15 @@
From 00d9e2d6cb03afeef5a1110d6f1fae1389a06f7a Mon Sep 17 00:00:00 2001
From a82176278e664c3955197d1e076188471d88a422 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 16 Jan 2024 18:11:02 +0100
Subject: [PATCH 13/18] OvmfPkg/VirtNorFlashDxe: add a loop for
Subject: [PATCH 3/6] OvmfPkg/VirtNorFlashDxe: add a loop for
NorFlashWriteBuffer calls.
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-MergeRequest: 52: OvmfPkg/VirtNorFlashDxe: backport more fixes.
RH-Jira: RHEL-20963
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [15/20] 72004a196ea61d627ab528573db657dd7db16de2
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Commit: [3/6] 993426855451252f1126348e107e386b07314bfd (kraxel.rh/centos-src-edk2)
Replace the two NorFlashWriteBuffer() calls with a loop containing a
single NorFlashWriteBuffer() call.
@ -69,5 +70,5 @@ index 88a4d2c23f..3d1343b381 100644
Exit:
--
2.41.0
2.39.3

13
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-add-casts-to-UINTN-and-UINT3.patch
View File

@ -1,16 +1,17 @@
From e8150ee7fdf1421d2e2801c901e0196496ef599e Mon Sep 17 00:00:00 2001
From 74d2d4b58efe72b931bd2979254cb0fa02a38276 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 16 Jan 2024 18:11:00 +0100
Subject: [PATCH 11/18] OvmfPkg/VirtNorFlashDxe: add casts to UINTN and UINT32
Subject: [PATCH 1/6] OvmfPkg/VirtNorFlashDxe: add casts to UINTN and UINT32
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-MergeRequest: 52: OvmfPkg/VirtNorFlashDxe: backport more fixes.
RH-Jira: RHEL-20963
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [13/20] fa695acadb9d693242b5221d2bc1958b929718e7
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Commit: [1/6] ad54e96a5f20907ac591fcfcc0961d353953c4f1 (kraxel.rh/centos-src-edk2)
This is needed to avoid bit operations being applied to signed integers.
@ -51,5 +52,5 @@ index b7f5d208b2..455eafacc2 100644
// CFI Addresses
#define P30_CFI_ADDR_QUERY_UNIQUE_QRY 0x10
--
2.41.0
2.39.3

13
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-allow-larger-writes-without-.patch
View File

@ -1,14 +1,15 @@
From 0193a89b0db837da31301bc1edb8382927842978 Mon Sep 17 00:00:00 2001
From 75774a03a6e0d2f5ca8103bab8d7d31e40624edd Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 16 Jan 2024 18:11:03 +0100
Subject: [PATCH 14/18] OvmfPkg/VirtNorFlashDxe: allow larger writes without
Subject: [PATCH 4/6] OvmfPkg/VirtNorFlashDxe: allow larger writes without
block erase
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-MergeRequest: 52: OvmfPkg/VirtNorFlashDxe: backport more fixes.
RH-Jira: RHEL-20963
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [16/20] 27ac63b90eb5e6fdc00cbc5a9105c3178ee559cd
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Commit: [4/6] 4bc6828b395ef708201a49001348bb61a0108339 (kraxel.rh/centos-src-edk2)
Raise the limit for writes without block erase from two to four
P30_MAX_BUFFER_SIZE_IN_BYTES blocks. With this in place almost all efi
@ -61,5 +62,5 @@ index 3d1343b381..3d1d20daa1 100644
// If the destination bits are only changing from 1s to 0s we can just write.
// After a block is erased all bits in the block is set to 1.
--
2.41.0
2.39.3

89
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-avoid-array-mode-switch-afte.patch
View File

@ -1,89 +0,0 @@
From 20ba071dabad6b0f5663083a017799b7a6e684c5 Mon Sep 17 00:00:00 2001
From: Ard Biesheuvel <ardb@kernel.org>
Date: Mon, 24 Oct 2022 17:34:09 +0200
Subject: [PATCH 05/18] OvmfPkg/VirtNorFlashDxe: avoid array mode switch after
each word write
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [7/20] 274f2ed71a6d5d3f6497129ee3c62f494cc2f067
NorFlashWriteSingleWord() switches into programming mode and back into
array mode for every single word that it writes. Under KVM, this
involves tearing down the read-only memslot, and setting it up again,
which is costly and unnecessary.
Instead, move the array mode switch into the callers, and only make the
switch when the writing is done.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
(cherry picked from commit ca01e6216a8d1a26c69018e216d1dc3f88a819a4)
---
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c | 12 +++---------
OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c | 3 +++
2 files changed, 6 insertions(+), 9 deletions(-)
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
index f41d9d372f..0a5c5d48c7 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
@@ -205,9 +205,6 @@ NorFlashWriteSingleWord (
SEND_NOR_COMMAND (Instance->DeviceBaseAddress, 0, P30_CMD_CLEAR_STATUS_REGISTER);
}
- // Put device back into Read Array mode
- SEND_NOR_COMMAND (Instance->DeviceBaseAddress, 0, P30_CMD_READ_ARRAY);
-
return Status;
}
@@ -286,8 +283,7 @@ NorFlashWriteBuffer (
// The buffer was not available for writing
if (WaitForBuffer == 0) {
- Status = EFI_DEVICE_ERROR;
- goto EXIT;
+ return EFI_DEVICE_ERROR;
}
// From now on we work in 32-bit words
@@ -337,10 +333,6 @@ NorFlashWriteBuffer (
SEND_NOR_COMMAND (Instance->DeviceBaseAddress, 0, P30_CMD_CLEAR_STATUS_REGISTER);
}
-EXIT:
- // Put device back into Read Array mode
- SEND_NOR_COMMAND (Instance->DeviceBaseAddress, 0, P30_CMD_READ_ARRAY);
-
return Status;
}
@@ -739,6 +731,8 @@ NorFlashWriteSingleBlock (
}
TempStatus = NorFlashWriteSingleWord (Instance, WordAddr, WordToWrite);
+ // Put device back into Read Array mode
+ SEND_NOR_COMMAND (Instance->DeviceBaseAddress, 0, P30_CMD_READ_ARRAY);
if (EFI_ERROR (TempStatus)) {
return EFI_DEVICE_ERROR;
}
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
index 2ceda22635..f9a41f6aab 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
@@ -280,6 +280,9 @@ NorFlashWriteFullBlock (
}
EXIT:
+ // Put device back into Read Array mode
+ SEND_NOR_COMMAND (Instance->DeviceBaseAddress, 0, P30_CMD_READ_ARRAY);
+
if (!EfiAtRuntime ()) {
// Interruptions can resume.
gBS->RestoreTPL (OriginalTPL);
--
2.41.0

303
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-avoid-switching-between-mode.patch
View File

@ -1,303 +0,0 @@
From 67e26db39c0ec90c164634251da761f649546529 Mon Sep 17 00:00:00 2001
From: Ard Biesheuvel <ardb@kernel.org>
Date: Mon, 24 Oct 2022 17:58:07 +0200
Subject: [PATCH 06/18] OvmfPkg/VirtNorFlashDxe: avoid switching between modes
in a tight loop
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [8/20] 4923b0fb1586d7955be466b90dce5f790da704ff
Currently, when dealing with small updates that can be written out
directly (i.e., if they only involve clearing bits and not setting bits,
as the latter requires a block level erase), we iterate over the data
one word at a time, read the old value, compare it, write the new value,
and repeat, unless we encountered a value that we cannot write (0->1
transition), in which case we fall back to a block level operation.
This is inefficient for two reasons:
- reading and writing a word at a time involves switching between array
and programming mode for every word of data, which is
disproportionately costly when running under KVM;
- we end up writing some data twice, as we may not notice that a block
erase is needed until after some data has been written to flash.
So replace this sequence with a single read of up to twice the buffered
write maximum size, followed by one or two buffered writes if the data
can be written directly. Otherwise, fall back to the existing block
level sequence, but without writing out part of the data twice.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
(cherry picked from commit 25589c4a76e7e3668fd6f794dd1827e958b6719c)
---
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c | 214 +++++++++----------------
1 file changed, 76 insertions(+), 138 deletions(-)
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
index 0a5c5d48c7..0343131a54 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
@@ -576,23 +576,20 @@ NorFlashWriteSingleBlock (
IN UINT8 *Buffer
)
{
- EFI_STATUS TempStatus;
- UINT32 Tmp;
- UINT32 TmpBuf;
- UINT32 WordToWrite;
- UINT32 Mask;
- BOOLEAN DoErase;
- UINTN BytesToWrite;
+ EFI_STATUS Status;
UINTN CurOffset;
- UINTN WordAddr;
UINTN BlockSize;
UINTN BlockAddress;
- UINTN PrevBlockAddress;
-
- PrevBlockAddress = 0;
+ UINT8 *OrigData;
DEBUG ((DEBUG_BLKIO, "NorFlashWriteSingleBlock(Parameters: Lba=%ld, Offset=0x%x, *NumBytes=0x%x, Buffer @ 0x%08x)\n", Lba, Offset, *NumBytes, Buffer));
+ // Check we did get some memory. Buffer is BlockSize.
+ if (Instance->ShadowBuffer == NULL) {
+ DEBUG ((DEBUG_ERROR, "FvbWrite: ERROR - Buffer not ready\n"));
+ return EFI_DEVICE_ERROR;
+ }
+
// Cache the block size to avoid de-referencing pointers all the time
BlockSize = Instance->BlockSize;
@@ -612,148 +609,89 @@ NorFlashWriteSingleBlock (
return EFI_BAD_BUFFER_SIZE;
}
- // Pick 128bytes as a good start for word operations as opposed to erasing the
- // block and writing the data regardless if an erase is really needed.
- // It looks like most individual NV variable writes are smaller than 128bytes.
- if (*NumBytes <= 128) {
+ // Pick P30_MAX_BUFFER_SIZE_IN_BYTES (== 128 bytes) as a good start for word
+ // operations as opposed to erasing the block and writing the data regardless
+ // if an erase is really needed. It looks like most individual NV variable
+ // writes are smaller than 128 bytes.
+ // To avoid pathological cases were a 2 byte write is disregarded because it
+ // occurs right at a 128 byte buffered write alignment boundary, permit up to
+ // twice the max buffer size, and perform two writes if needed.
+ if ((*NumBytes + (Offset & BOUNDARY_OF_32_WORDS)) <= (2 * P30_MAX_BUFFER_SIZE_IN_BYTES)) {
// Check to see if we need to erase before programming the data into NOR.
// If the destination bits are only changing from 1s to 0s we can just write.
// After a block is erased all bits in the block is set to 1.
// If any byte requires us to erase we just give up and rewrite all of it.
- DoErase = FALSE;
- BytesToWrite = *NumBytes;
- CurOffset = Offset;
-
- while (BytesToWrite > 0) {
- // Read full word from NOR, splice as required. A word is the smallest
- // unit we can write.
- TempStatus = NorFlashRead (Instance, Lba, CurOffset & ~(0x3), sizeof (Tmp), &Tmp);
- if (EFI_ERROR (TempStatus)) {
- return EFI_DEVICE_ERROR;
- }
- // Physical address of word in NOR to write.
- WordAddr = (CurOffset & ~(0x3)) + GET_NOR_BLOCK_ADDRESS (
- Instance->RegionBaseAddress,
- Lba,
- BlockSize
- );
- // The word of data that is to be written.
- TmpBuf = *((UINT32 *)(Buffer + (*NumBytes - BytesToWrite)));
-
- // First do word aligned chunks.
- if ((CurOffset & 0x3) == 0) {
- if (BytesToWrite >= 4) {
- // Is the destination still in 'erased' state?
- if (~Tmp != 0) {
- // Check to see if we are only changing bits to zero.
- if ((Tmp ^ TmpBuf) & TmpBuf) {
- DoErase = TRUE;
- break;
- }
- }
-
- // Write this word to NOR
- WordToWrite = TmpBuf;
- CurOffset += sizeof (TmpBuf);
- BytesToWrite -= sizeof (TmpBuf);
- } else {
- // BytesToWrite < 4. Do small writes and left-overs
- Mask = ~((~0) << (BytesToWrite * 8));
- // Mask out the bytes we want.
- TmpBuf &= Mask;
- // Is the destination still in 'erased' state?
- if ((Tmp & Mask) != Mask) {
- // Check to see if we are only changing bits to zero.
- if ((Tmp ^ TmpBuf) & TmpBuf) {
- DoErase = TRUE;
- break;
- }
- }
-
- // Merge old and new data. Write merged word to NOR
- WordToWrite = (Tmp & ~Mask) | TmpBuf;
- CurOffset += BytesToWrite;
- BytesToWrite = 0;
- }
- } else {
- // Do multiple words, but starting unaligned.
- if (BytesToWrite > (4 - (CurOffset & 0x3))) {
- Mask = ((~0) << ((CurOffset & 0x3) * 8));
- // Mask out the bytes we want.
- TmpBuf &= Mask;
- // Is the destination still in 'erased' state?
- if ((Tmp & Mask) != Mask) {
- // Check to see if we are only changing bits to zero.
- if ((Tmp ^ TmpBuf) & TmpBuf) {
- DoErase = TRUE;
- break;
- }
- }
-
- // Merge old and new data. Write merged word to NOR
- WordToWrite = (Tmp & ~Mask) | TmpBuf;
- BytesToWrite -= (4 - (CurOffset & 0x3));
- CurOffset += (4 - (CurOffset & 0x3));
- } else {
- // Unaligned and fits in one word.
- Mask = (~((~0) << (BytesToWrite * 8))) << ((CurOffset & 0x3) * 8);
- // Mask out the bytes we want.
- TmpBuf = (TmpBuf << ((CurOffset & 0x3) * 8)) & Mask;
- // Is the destination still in 'erased' state?
- if ((Tmp & Mask) != Mask) {
- // Check to see if we are only changing bits to zero.
- if ((Tmp ^ TmpBuf) & TmpBuf) {
- DoErase = TRUE;
- break;
- }
- }
-
- // Merge old and new data. Write merged word to NOR
- WordToWrite = (Tmp & ~Mask) | TmpBuf;
- CurOffset += BytesToWrite;
- BytesToWrite = 0;
- }
+ // Read the old version of the data into the shadow buffer
+ Status = NorFlashRead (
+ Instance,
+ Lba,
+ Offset & ~BOUNDARY_OF_32_WORDS,
+ (*NumBytes | BOUNDARY_OF_32_WORDS) + 1,
+ Instance->ShadowBuffer
+ );
+ if (EFI_ERROR (Status)) {
+ return EFI_DEVICE_ERROR;
+ }
+
+ // Make OrigData point to the start of the old version of the data inside
+ // the word aligned buffer
+ OrigData = Instance->ShadowBuffer + (Offset & BOUNDARY_OF_32_WORDS);
+
+ // Update the buffer containing the old version of the data with the new
+ // contents, while checking whether the old version had any bits cleared
+ // that we want to set. In that case, we will need to erase the block first.
+ for (CurOffset = 0; CurOffset < *NumBytes; CurOffset++) {
+ if (~OrigData[CurOffset] & Buffer[CurOffset]) {
+ goto DoErase;
}
- //
- // Write the word to NOR.
- //
+ OrigData[CurOffset] = Buffer[CurOffset];
+ }
- BlockAddress = GET_NOR_BLOCK_ADDRESS (Instance->RegionBaseAddress, Lba, BlockSize);
- if (BlockAddress != PrevBlockAddress) {
- TempStatus = NorFlashUnlockSingleBlockIfNecessary (Instance, BlockAddress);
- if (EFI_ERROR (TempStatus)) {
- return EFI_DEVICE_ERROR;
- }
+ //
+ // Write the updated buffer to NOR.
+ //
+ BlockAddress = GET_NOR_BLOCK_ADDRESS (Instance->RegionBaseAddress, Lba, BlockSize);
- PrevBlockAddress = BlockAddress;
- }
+ // Unlock the block if we have to
+ Status = NorFlashUnlockSingleBlockIfNecessary (Instance, BlockAddress);
+ if (EFI_ERROR (Status)) {
+ goto Exit;
+ }
- TempStatus = NorFlashWriteSingleWord (Instance, WordAddr, WordToWrite);
- // Put device back into Read Array mode
- SEND_NOR_COMMAND (Instance->DeviceBaseAddress, 0, P30_CMD_READ_ARRAY);
- if (EFI_ERROR (TempStatus)) {
- return EFI_DEVICE_ERROR;
- }
+ Status = NorFlashWriteBuffer (
+ Instance,
+ BlockAddress + (Offset & ~BOUNDARY_OF_32_WORDS),
+ P30_MAX_BUFFER_SIZE_IN_BYTES,
+ Instance->ShadowBuffer
+ );
+ if (EFI_ERROR (Status)) {
+ goto Exit;
}
- // Exit if we got here and could write all the data. Otherwise do the
- // Erase-Write cycle.
- if (!DoErase) {
- return EFI_SUCCESS;
+ if ((*NumBytes + (Offset & BOUNDARY_OF_32_WORDS)) > P30_MAX_BUFFER_SIZE_IN_BYTES) {
+ BlockAddress += P30_MAX_BUFFER_SIZE_IN_BYTES;
+
+ Status = NorFlashWriteBuffer (
+ Instance,
+ BlockAddress + (Offset & ~BOUNDARY_OF_32_WORDS),
+ P30_MAX_BUFFER_SIZE_IN_BYTES,
+ Instance->ShadowBuffer + P30_MAX_BUFFER_SIZE_IN_BYTES
+ );
}
- }
- // Check we did get some memory. Buffer is BlockSize.
- if (Instance->ShadowBuffer == NULL) {
- DEBUG ((DEBUG_ERROR, "FvbWrite: ERROR - Buffer not ready\n"));
- return EFI_DEVICE_ERROR;
+Exit:
+ // Put device back into Read Array mode
+ SEND_NOR_COMMAND (Instance->DeviceBaseAddress, 0, P30_CMD_READ_ARRAY);
+
+ return Status;
}
+DoErase:
// Read NOR Flash data into shadow buffer
- TempStatus = NorFlashReadBlocks (Instance, Lba, BlockSize, Instance->ShadowBuffer);
- if (EFI_ERROR (TempStatus)) {
+ Status = NorFlashReadBlocks (Instance, Lba, BlockSize, Instance->ShadowBuffer);
+ if (EFI_ERROR (Status)) {
// Return one of the pre-approved error statuses
return EFI_DEVICE_ERROR;
}
@@ -762,8 +700,8 @@ NorFlashWriteSingleBlock (
CopyMem ((VOID *)((UINTN)Instance->ShadowBuffer + Offset), Buffer, *NumBytes);
// Write the modified buffer back to the NorFlash
- TempStatus = NorFlashWriteBlocks (Instance, Lba, BlockSize, Instance->ShadowBuffer);
- if (EFI_ERROR (TempStatus)) {
+ Status = NorFlashWriteBlocks (Instance, Lba, BlockSize, Instance->ShadowBuffer);
+ if (EFI_ERROR (Status)) {
// Return one of the pre-approved error statuses
return EFI_DEVICE_ERROR;
}
--
2.41.0

15
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-clarify-block-write-logic-fi.patch
View File

@ -1,14 +1,15 @@
From f136d4895b1477a56b916a76448ba76e67b08163 Mon Sep 17 00:00:00 2001
From ef99dec08d51bad7be0f84942443a8a0e1412c87 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 16 Jan 2024 18:11:01 +0100
Subject: [PATCH 12/18] OvmfPkg/VirtNorFlashDxe: clarify block write logic &
fix shadowbuffer reads
Subject: [PATCH 2/6] OvmfPkg/VirtNorFlashDxe: clarify block write logic & fix
shadowbuffer reads
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-MergeRequest: 52: OvmfPkg/VirtNorFlashDxe: backport more fixes.
RH-Jira: RHEL-20963
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [14/20] 38009625e5f189166f7a93e236576140a7ccb393
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Commit: [2/6] e2f2231fd1b7b702aa5372e790c1d2c06ca79f74 (kraxel.rh/centos-src-edk2)
Introduce 'Start' and 'End' variables to make it easier to follow the
logic and code flow. Also add a ascii art diagram (based on a
@ -106,5 +107,5 @@ index 7f4743b003..88a4d2c23f 100644
Instance->ShadowBuffer + P30_MAX_BUFFER_SIZE_IN_BYTES
);
--
2.41.0
2.39.3

2973
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-clone-ArmPlatformPkg-s-NOR-f.patch
View File

File diff suppressed because it is too large Load Diff

504
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-drop-block-I-O-protocol-impl.patch
View File

@ -1,504 +0,0 @@
From 8cf16599ade30de07c9b51f90d2208046f74fee6 Mon Sep 17 00:00:00 2001
From: Ard Biesheuvel <ardb@kernel.org>
Date: Mon, 24 Oct 2022 17:12:08 +0200
Subject: [PATCH 04/18] OvmfPkg/VirtNorFlashDxe: drop block I/O protocol
implementation
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [6/20] 6843078997a30c2818e0d53a90fb7f6accb89aaf
We never boot from NOR flash, and generally rely on the firmware volume
PI protocols to expose the contents. So drop the block I/O protocol
implementation from VirtNorFlashDxe.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
(cherry picked from commit 83f11f957240ead9b135a778316330762b0a3acb)
---
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c | 49 ++++++------------
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h | 54 ++------------------
OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c | 40 +++------------
OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf | 1 -
OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c | 55 ++++++++-------------
5 files changed, 45 insertions(+), 154 deletions(-)
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
index 1094d48f7d..f41d9d372f 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
@@ -366,10 +366,6 @@ NorFlashWriteBlocks (
return EFI_INVALID_PARAMETER;
}
- if (Instance->Media.ReadOnly == TRUE) {
- return EFI_WRITE_PROTECTED;
- }
-
// We must have some bytes to read
DEBUG ((DEBUG_BLKIO, "NorFlashWriteBlocks: BufferSizeInBytes=0x%x\n", BufferSizeInBytes));
if (BufferSizeInBytes == 0) {
@@ -377,22 +373,22 @@ NorFlashWriteBlocks (
}
// The size of the buffer must be a multiple of the block size
- DEBUG ((DEBUG_BLKIO, "NorFlashWriteBlocks: BlockSize in bytes =0x%x\n", Instance->Media.BlockSize));
- if ((BufferSizeInBytes % Instance->Media.BlockSize) != 0) {
+ DEBUG ((DEBUG_BLKIO, "NorFlashWriteBlocks: BlockSize in bytes =0x%x\n", Instance->BlockSize));
+ if ((BufferSizeInBytes % Instance->BlockSize) != 0) {
return EFI_BAD_BUFFER_SIZE;
}
// All blocks must be within the device
- NumBlocks = ((UINT32)BufferSizeInBytes) / Instance->Media.BlockSize;
+ NumBlocks = ((UINT32)BufferSizeInBytes) / Instance->BlockSize;
- DEBUG ((DEBUG_BLKIO, "NorFlashWriteBlocks: NumBlocks=%d, LastBlock=%ld, Lba=%ld.\n", NumBlocks, Instance->Media.LastBlock, Lba));
+ DEBUG ((DEBUG_BLKIO, "NorFlashWriteBlocks: NumBlocks=%d, LastBlock=%ld, Lba=%ld.\n", NumBlocks, Instance->LastBlock, Lba));
- if ((Lba + NumBlocks) > (Instance->Media.LastBlock + 1)) {
+ if ((Lba + NumBlocks) > (Instance->LastBlock + 1)) {
DEBUG ((DEBUG_ERROR, "NorFlashWriteBlocks: ERROR - Write will exceed last block.\n"));
return EFI_INVALID_PARAMETER;
}
- BlockSizeInWords = Instance->Media.BlockSize / 4;
+ BlockSizeInWords = Instance->BlockSize / 4;
// Because the target *Buffer is a pointer to VOID, we must put all the data into a pointer
// to a proper data type, so use *ReadBuffer
@@ -489,8 +485,8 @@ NorFlashReadBlocks (
DEBUG_BLKIO,
"NorFlashReadBlocks: BufferSize=0x%xB BlockSize=0x%xB LastBlock=%ld, Lba=%ld.\n",
BufferSizeInBytes,
- Instance->Media.BlockSize,
- Instance->Media.LastBlock,
+ Instance->BlockSize,
+ Instance->LastBlock,
Lba
));
@@ -505,14 +501,14 @@ NorFlashReadBlocks (
}
// The size of the buffer must be a multiple of the block size
- if ((BufferSizeInBytes % Instance->Media.BlockSize) != 0) {
+ if ((BufferSizeInBytes % Instance->BlockSize) != 0) {
return EFI_BAD_BUFFER_SIZE;
}
// All blocks must be within the device
- NumBlocks = ((UINT32)BufferSizeInBytes) / Instance->Media.BlockSize;
+ NumBlocks = ((UINT32)BufferSizeInBytes) / Instance->BlockSize;
- if ((Lba + NumBlocks) > (Instance->Media.LastBlock + 1)) {
+ if ((Lba + NumBlocks) > (Instance->LastBlock + 1)) {
DEBUG ((DEBUG_ERROR, "NorFlashReadBlocks: ERROR - Read will exceed last block\n"));
return EFI_INVALID_PARAMETER;
}
@@ -521,7 +517,7 @@ NorFlashReadBlocks (
StartAddress = GET_NOR_BLOCK_ADDRESS (
Instance->RegionBaseAddress,
Lba,
- Instance->Media.BlockSize
+ Instance->BlockSize
);
// Put the device into Read Array mode
@@ -554,7 +550,7 @@ NorFlashRead (
return EFI_SUCCESS;
}
- if (((Lba * Instance->Media.BlockSize) + Offset + BufferSizeInBytes) > Instance->Size) {
+ if (((Lba * Instance->BlockSize) + Offset + BufferSizeInBytes) > Instance->Size) {
DEBUG ((DEBUG_ERROR, "NorFlashRead: ERROR - Read will exceed device size.\n"));
return EFI_INVALID_PARAMETER;
}
@@ -563,7 +559,7 @@ NorFlashRead (
StartAddress = GET_NOR_BLOCK_ADDRESS (
Instance->RegionBaseAddress,
Lba,
- Instance->Media.BlockSize
+ Instance->BlockSize
);
// Put the device into Read Array mode
@@ -577,7 +573,7 @@ NorFlashRead (
/*
Write a full or portion of a block. It must not span block boundaries; that is,
- Offset + *NumBytes <= Instance->Media.BlockSize.
+ Offset + *NumBytes <= Instance->BlockSize.
*/
EFI_STATUS
NorFlashWriteSingleBlock (
@@ -605,15 +601,8 @@ NorFlashWriteSingleBlock (
DEBUG ((DEBUG_BLKIO, "NorFlashWriteSingleBlock(Parameters: Lba=%ld, Offset=0x%x, *NumBytes=0x%x, Buffer @ 0x%08x)\n", Lba, Offset, *NumBytes, Buffer));
- // Detect WriteDisabled state
- if (Instance->Media.ReadOnly == TRUE) {
- DEBUG ((DEBUG_ERROR, "NorFlashWriteSingleBlock: ERROR - Can not write: Device is in WriteDisabled state.\n"));
- // It is in WriteDisabled state, return an error right away
- return EFI_ACCESS_DENIED;
- }
-
// Cache the block size to avoid de-referencing pointers all the time
- BlockSize = Instance->Media.BlockSize;
+ BlockSize = Instance->BlockSize;
// The write must not span block boundaries.
// We need to check each variable individually because adding two large values together overflows.
@@ -819,12 +808,6 @@ NorFlashVirtualNotifyEvent (
EfiConvertPointer (0x0, (VOID **)&mNorFlashInstances[Index]->DeviceBaseAddress);
EfiConvertPointer (0x0, (VOID **)&mNorFlashInstances[Index]->RegionBaseAddress);
- // Convert BlockIo protocol
- EfiConvertPointer (0x0, (VOID **)&mNorFlashInstances[Index]->BlockIoProtocol.FlushBlocks);
- EfiConvertPointer (0x0, (VOID **)&mNorFlashInstances[Index]->BlockIoProtocol.ReadBlocks);
- EfiConvertPointer (0x0, (VOID **)&mNorFlashInstances[Index]->BlockIoProtocol.Reset);
- EfiConvertPointer (0x0, (VOID **)&mNorFlashInstances[Index]->BlockIoProtocol.WriteBlocks);
-
// Convert Fvb
EfiConvertPointer (0x0, (VOID **)&mNorFlashInstances[Index]->FvbProtocol.EraseBlocks);
EfiConvertPointer (0x0, (VOID **)&mNorFlashInstances[Index]->FvbProtocol.GetAttributes);
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h
index 7733ee02ee..b7f5d208b2 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h
@@ -14,7 +14,6 @@
#include <Guid/EventGroup.h>
-#include <Protocol/BlockIo.h>
#include <Protocol/FirmwareVolumeBlock.h>
#include <Library/DebugLib.h>
@@ -108,8 +107,7 @@
#define P30_CMD_READ_CONFIGURATION_REGISTER 0x0003
#define NOR_FLASH_SIGNATURE SIGNATURE_32('n', 'o', 'r', '0')
-#define INSTANCE_FROM_FVB_THIS(a) CR(a, NOR_FLASH_INSTANCE, FvbProtocol, NOR_FLASH_SIGNATURE)
-#define INSTANCE_FROM_BLKIO_THIS(a) CR(a, NOR_FLASH_INSTANCE, BlockIoProtocol, NOR_FLASH_SIGNATURE)
+#define INSTANCE_FROM_FVB_THIS(a) CR(a, NOR_FLASH_INSTANCE, FvbProtocol, NOR_FLASH_SIGNATURE)
typedef struct _NOR_FLASH_INSTANCE NOR_FLASH_INSTANCE;
@@ -129,9 +127,8 @@ struct _NOR_FLASH_INSTANCE {
UINTN RegionBaseAddress;
UINTN Size;
EFI_LBA StartLba;
-
- EFI_BLOCK_IO_PROTOCOL BlockIoProtocol;
- EFI_BLOCK_IO_MEDIA Media;
+ EFI_LBA LastBlock;
+ UINT32 BlockSize;
EFI_FIRMWARE_VOLUME_BLOCK2_PROTOCOL FvbProtocol;
VOID *ShadowBuffer;
@@ -155,51 +152,6 @@ NorFlashWriteBuffer (
IN UINT32 *Buffer
);
-//
-// BlockIO Protocol function EFI_BLOCK_IO_PROTOCOL.Reset
-//
-EFI_STATUS
-EFIAPI
-NorFlashBlockIoReset (
- IN EFI_BLOCK_IO_PROTOCOL *This,
- IN BOOLEAN ExtendedVerification
- );
-
-//
-// BlockIO Protocol function EFI_BLOCK_IO_PROTOCOL.ReadBlocks
-//
-EFI_STATUS
-EFIAPI
-NorFlashBlockIoReadBlocks (
- IN EFI_BLOCK_IO_PROTOCOL *This,
- IN UINT32 MediaId,
- IN EFI_LBA Lba,
- IN UINTN BufferSizeInBytes,
- OUT VOID *Buffer
- );
-
-//
-// BlockIO Protocol function EFI_BLOCK_IO_PROTOCOL.WriteBlocks
-//
-EFI_STATUS
-EFIAPI
-NorFlashBlockIoWriteBlocks (
- IN EFI_BLOCK_IO_PROTOCOL *This,
- IN UINT32 MediaId,
- IN EFI_LBA Lba,
- IN UINTN BufferSizeInBytes,
- IN VOID *Buffer
- );
-
-//
-// BlockIO Protocol function EFI_BLOCK_IO_PROTOCOL.FlushBlocks
-//
-EFI_STATUS
-EFIAPI
-NorFlashBlockIoFlushBlocks (
- IN EFI_BLOCK_IO_PROTOCOL *This
- );
-
//
// NorFlashFvbDxe.c
//
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
index 4875b057d5..2ceda22635 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
@@ -34,29 +34,8 @@ NOR_FLASH_INSTANCE mNorFlashInstanceTemplate = {
0, // RegionBaseAddress ... NEED TO BE FILLED
0, // Size ... NEED TO BE FILLED
0, // StartLba
-
- {
- EFI_BLOCK_IO_PROTOCOL_REVISION2, // Revision
- NULL, // Media ... NEED TO BE FILLED
- NorFlashBlockIoReset, // Reset;
- NorFlashBlockIoReadBlocks, // ReadBlocks
- NorFlashBlockIoWriteBlocks, // WriteBlocks
- NorFlashBlockIoFlushBlocks // FlushBlocks
- }, // BlockIoProtocol
-
- {
- 0, // MediaId ... NEED TO BE FILLED
- FALSE, // RemovableMedia
- TRUE, // MediaPresent
- FALSE, // LogicalPartition
- FALSE, // ReadOnly
- FALSE, // WriteCaching;
- 0, // BlockSize ... NEED TO BE FILLED
- 4, // IoAlign
- 0, // LastBlock ... NEED TO BE FILLED
- 0, // LowestAlignedLba
- 1, // LogicalBlocksPerPhysicalBlock
- }, // Media;
+ 0, // LastBlock
+ 0, // BlockSize
{
FvbGetAttributes, // GetAttributes
@@ -115,11 +94,8 @@ NorFlashCreateInstance (
Instance->DeviceBaseAddress = NorFlashDeviceBase;
Instance->RegionBaseAddress = NorFlashRegionBase;
Instance->Size = NorFlashSize;
-
- Instance->BlockIoProtocol.Media = &Instance->Media;
- Instance->Media.MediaId = Index;
- Instance->Media.BlockSize = BlockSize;
- Instance->Media.LastBlock = (NorFlashSize / BlockSize)-1;
+ Instance->BlockSize = BlockSize;
+ Instance->LastBlock = (NorFlashSize / BlockSize) - 1;
CopyGuid (&Instance->DevicePath.Vendor.Guid, &gEfiCallerIdGuid);
Instance->DevicePath.Index = (UINT8)Index;
@@ -136,8 +112,6 @@ NorFlashCreateInstance (
&Instance->Handle,
&gEfiDevicePathProtocolGuid,
&Instance->DevicePath,
- &gEfiBlockIoProtocolGuid,
- &Instance->BlockIoProtocol,
&gEfiFirmwareVolumeBlockProtocolGuid,
&Instance->FvbProtocol,
NULL
@@ -151,8 +125,6 @@ NorFlashCreateInstance (
&Instance->Handle,
&gEfiDevicePathProtocolGuid,
&Instance->DevicePath,
- &gEfiBlockIoProtocolGuid,
- &Instance->BlockIoProtocol,
NULL
);
if (EFI_ERROR (Status)) {
@@ -434,7 +406,7 @@ NorFlashFvbInitialize (
PcdGet64 (PcdFlashNvStorageVariableBase64) : PcdGet32 (PcdFlashNvStorageVariableBase);
// Set the index of the first LBA for the FVB
- Instance->StartLba = (mFlashNvStorageVariableBase - Instance->RegionBaseAddress) / Instance->Media.BlockSize;
+ Instance->StartLba = (mFlashNvStorageVariableBase - Instance->RegionBaseAddress) / Instance->BlockSize;
BootMode = GetBootModeHob ();
if (BootMode == BOOT_WITH_DEFAULT_SETTINGS) {
@@ -455,7 +427,7 @@ NorFlashFvbInitialize (
));
// Erase all the NorFlash that is reserved for variable storage
- FvbNumLba = (PcdGet32 (PcdFlashNvStorageVariableSize) + PcdGet32 (PcdFlashNvStorageFtwWorkingSize) + PcdGet32 (PcdFlashNvStorageFtwSpareSize)) / Instance->Media.BlockSize;
+ FvbNumLba = (PcdGet32 (PcdFlashNvStorageVariableSize) + PcdGet32 (PcdFlashNvStorageFtwWorkingSize) + PcdGet32 (PcdFlashNvStorageFtwSpareSize)) / Instance->BlockSize;
Status = FvbEraseBlocks (&Instance->FvbProtocol, (EFI_LBA)0, FvbNumLba, EFI_LBA_LIST_TERMINATOR);
if (EFI_ERROR (Status)) {
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
index 53e9d58204..2a3d4a218e 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
@@ -19,7 +19,6 @@
[Sources.common]
VirtNorFlash.c
VirtNorFlash.h
- VirtNorFlashBlockIoDxe.c
VirtNorFlashDxe.c
VirtNorFlashFvb.c
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
index c824e0a0fb..cc5eefaaf3 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
@@ -89,7 +89,7 @@ InitializeFvAndVariableStoreHeaders (
}
// Check if the size of the area is at least one block size
- if ((NvStorageVariableSize <= 0) || (NvStorageVariableSize / Instance->Media.BlockSize <= 0)) {
+ if ((NvStorageVariableSize <= 0) || (NvStorageVariableSize / Instance->BlockSize <= 0)) {
DEBUG ((
DEBUG_ERROR,
"%a: NvStorageVariableSize is 0x%x, should be atleast one block size\n",
@@ -99,7 +99,7 @@ InitializeFvAndVariableStoreHeaders (
return EFI_INVALID_PARAMETER;
}
- if ((NvStorageFtwWorkingSize <= 0) || (NvStorageFtwWorkingSize / Instance->Media.BlockSize <= 0)) {
+ if ((NvStorageFtwWorkingSize <= 0) || (NvStorageFtwWorkingSize / Instance->BlockSize <= 0)) {
DEBUG ((
DEBUG_ERROR,
"%a: NvStorageFtwWorkingSize is 0x%x, should be atleast one block size\n",
@@ -109,7 +109,7 @@ InitializeFvAndVariableStoreHeaders (
return EFI_INVALID_PARAMETER;
}
- if ((NvStorageFtwSpareSize <= 0) || (NvStorageFtwSpareSize / Instance->Media.BlockSize <= 0)) {
+ if ((NvStorageFtwSpareSize <= 0) || (NvStorageFtwSpareSize / Instance->BlockSize <= 0)) {
DEBUG ((
DEBUG_ERROR,
"%a: NvStorageFtwSpareSize is 0x%x, should be atleast one block size\n",
@@ -120,9 +120,9 @@ InitializeFvAndVariableStoreHeaders (
}
// Ensure the Variable area Base Addresses are aligned on a block size boundaries
- if ((NvStorageVariableBase % Instance->Media.BlockSize != 0) ||
- (NvStorageFtwWorkingBase % Instance->Media.BlockSize != 0) ||
- (NvStorageFtwSpareBase % Instance->Media.BlockSize != 0))
+ if ((NvStorageVariableBase % Instance->BlockSize != 0) ||
+ (NvStorageFtwWorkingBase % Instance->BlockSize != 0) ||
+ (NvStorageFtwSpareBase % Instance->BlockSize != 0))
{
DEBUG ((DEBUG_ERROR, "%a: NvStorage Base addresses must be aligned to block size boundaries", __FUNCTION__));
return EFI_INVALID_PARAMETER;
@@ -149,8 +149,8 @@ InitializeFvAndVariableStoreHeaders (
);
FirmwareVolumeHeader->HeaderLength = sizeof (EFI_FIRMWARE_VOLUME_HEADER) + sizeof (EFI_FV_BLOCK_MAP_ENTRY);
FirmwareVolumeHeader->Revision = EFI_FVH_REVISION;
- FirmwareVolumeHeader->BlockMap[0].NumBlocks = Instance->Media.LastBlock + 1;
- FirmwareVolumeHeader->BlockMap[0].Length = Instance->Media.BlockSize;
+ FirmwareVolumeHeader->BlockMap[0].NumBlocks = Instance->LastBlock + 1;
+ FirmwareVolumeHeader->BlockMap[0].Length = Instance->BlockSize;
FirmwareVolumeHeader->BlockMap[1].NumBlocks = 0;
FirmwareVolumeHeader->BlockMap[1].Length = 0;
FirmwareVolumeHeader->Checksum = CalculateCheckSum16 ((UINT16 *)FirmwareVolumeHeader, FirmwareVolumeHeader->HeaderLength);
@@ -284,9 +284,6 @@ FvbGetAttributes (
)
{
EFI_FVB_ATTRIBUTES_2 FlashFvbAttributes;
- NOR_FLASH_INSTANCE *Instance;
-
- Instance = INSTANCE_FROM_FVB_THIS (This);
FlashFvbAttributes = (EFI_FVB_ATTRIBUTES_2)(
@@ -294,17 +291,12 @@ FvbGetAttributes (
EFI_FVB2_READ_STATUS | // Reads are currently enabled
EFI_FVB2_STICKY_WRITE | // A block erase is required to flip bits into EFI_FVB2_ERASE_POLARITY
EFI_FVB2_MEMORY_MAPPED | // It is memory mapped
- EFI_FVB2_ERASE_POLARITY // After erasure all bits take this value (i.e. '1')
+ EFI_FVB2_ERASE_POLARITY | // After erasure all bits take this value (i.e. '1')
+ EFI_FVB2_WRITE_STATUS | // Writes are currently enabled
+ EFI_FVB2_WRITE_ENABLED_CAP // Writes may be enabled
);
- // Check if it is write protected
- if (Instance->Media.ReadOnly != TRUE) {
- FlashFvbAttributes = FlashFvbAttributes |
- EFI_FVB2_WRITE_STATUS | // Writes are currently enabled
- EFI_FVB2_WRITE_ENABLED_CAP; // Writes may be enabled
- }
-
*Attributes = FlashFvbAttributes;
DEBUG ((DEBUG_BLKIO, "FvbGetAttributes(0x%X)\n", *Attributes));
@@ -418,15 +410,15 @@ FvbGetBlockSize (
Instance = INSTANCE_FROM_FVB_THIS (This);
- DEBUG ((DEBUG_BLKIO, "FvbGetBlockSize(Lba=%ld, BlockSize=0x%x, LastBlock=%ld)\n", Lba, Instance->Media.BlockSize, Instance->Media.LastBlock));
+ DEBUG ((DEBUG_BLKIO, "FvbGetBlockSize(Lba=%ld, BlockSize=0x%x, LastBlock=%ld)\n", Lba, Instance->BlockSize, Instance->LastBlock));
- if (Lba > Instance->Media.LastBlock) {
- DEBUG ((DEBUG_ERROR, "FvbGetBlockSize: ERROR - Parameter LBA %ld is beyond the last Lba (%ld).\n", Lba, Instance->Media.LastBlock));
+ if (Lba > Instance->LastBlock) {
+ DEBUG ((DEBUG_ERROR, "FvbGetBlockSize: ERROR - Parameter LBA %ld is beyond the last Lba (%ld).\n", Lba, Instance->LastBlock));
Status = EFI_INVALID_PARAMETER;
} else {
// This is easy because in this platform each NorFlash device has equal sized blocks.
- *BlockSize = (UINTN)Instance->Media.BlockSize;
- *NumberOfBlocks = (UINTN)(Instance->Media.LastBlock - Lba + 1);
+ *BlockSize = (UINTN)Instance->BlockSize;
+ *NumberOfBlocks = (UINTN)(Instance->LastBlock - Lba + 1);
DEBUG ((DEBUG_BLKIO, "FvbGetBlockSize: *BlockSize=0x%x, *NumberOfBlocks=0x%x.\n", *BlockSize, *NumberOfBlocks));
@@ -498,7 +490,7 @@ FvbRead (
TempStatus = EFI_SUCCESS;
// Cache the block size to avoid de-referencing pointers all the time
- BlockSize = Instance->Media.BlockSize;
+ BlockSize = Instance->BlockSize;
DEBUG ((DEBUG_BLKIO, "FvbRead: Check if (Offset=0x%x + NumBytes=0x%x) <= BlockSize=0x%x\n", Offset, *NumBytes, BlockSize));
@@ -669,13 +661,6 @@ FvbEraseBlocks (
Status = EFI_SUCCESS;
- // Detect WriteDisabled state
- if (Instance->Media.ReadOnly == TRUE) {
- // Firmware volume is in WriteDisabled state
- DEBUG ((DEBUG_ERROR, "FvbEraseBlocks: ERROR - Device is in WriteDisabled state.\n"));
- return EFI_ACCESS_DENIED;
- }
-
// Before erasing, check the entire list of parameters to ensure all specified blocks are valid
VA_START (Args, This);
@@ -698,9 +683,9 @@ FvbEraseBlocks (
"FvbEraseBlocks: Check if: ( StartingLba=%ld + NumOfLba=%Lu - 1 ) > LastBlock=%ld.\n",
Instance->StartLba + StartingLba,
(UINT64)NumOfLba,
- Instance->Media.LastBlock
+ Instance->LastBlock
));
- if ((NumOfLba == 0) || ((Instance->StartLba + StartingLba + NumOfLba - 1) > Instance->Media.LastBlock)) {
+ if ((NumOfLba == 0) || ((Instance->StartLba + StartingLba + NumOfLba - 1) > Instance->LastBlock)) {
VA_END (Args);
DEBUG ((DEBUG_ERROR, "FvbEraseBlocks: ERROR - Lba range goes past the last Lba.\n"));
Status = EFI_INVALID_PARAMETER;
@@ -733,7 +718,7 @@ FvbEraseBlocks (
BlockAddress = GET_NOR_BLOCK_ADDRESS (
Instance->RegionBaseAddress,
Instance->StartLba + StartingLba,
- Instance->Media.BlockSize
+ Instance->BlockSize
);
// Erase it
--
2.41.0

67
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-map-flash-memory-as-uncachea.patch
View File

@ -1,67 +0,0 @@
From 15415de9a228e74ff1847777a29f1531754b03b0 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Wed, 11 Jan 2023 19:00:23 +0100
Subject: [PATCH 08/18] OvmfPkg/VirtNorFlashDxe: map flash memory as
uncacheable
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [10/20] 40ca967bead9ec5c98c528bfe0757f75f3d3352f
Switching from the ArmPlatformPkg/NorFlashDxe driver to the
OvmfPkg/VirtNorFlashDxe driver had the side effect that flash address
space got registered as EFI_MEMORY_WC instead of EFI_MEMORY_UC.
That confuses the linux kernel's numa code, seems this makes kernel
consider the flash being node memory. "lsmem" changes from ...
RANGE SIZE STATE REMOVABLE BLOCK
0x0000000040000000-0x000000013fffffff 4G online yes 8-39
... to ...
RANGE SIZE STATE REMOVABLE BLOCK
0x0000000000000000-0x0000000007ffffff 128M online yes 0
0x0000000040000000-0x000000013fffffff 4G online yes 8-39
... and in the kernel log got new error lines:
NUMA: Warning: invalid memblk node 512 [mem 0x0000000004000000-0x0000000007ffffff]
NUMA: Faking a node at [mem 0x0000000004000000-0x000000013fffffff]
Changing the attributes back to EFI_MEMORY_UC fixes this.
Fixes: b92298af8218 ("ArmVirtPkg/ArmVirtQemu: migrate to OVMF's VirtNorFlashDxe")
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
(cherry picked from commit e5ec3ba409b5baa9cf429cc25fdf3c8d1b8dcef0)
---
OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
index ff3121af2a..f9a41f6aab 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
@@ -394,14 +394,14 @@ NorFlashFvbInitialize (
EfiGcdMemoryTypeMemoryMappedIo,
Instance->DeviceBaseAddress,
RuntimeMmioRegionSize,
- EFI_MEMORY_WC | EFI_MEMORY_RUNTIME
+ EFI_MEMORY_UC | EFI_MEMORY_RUNTIME
);
ASSERT_EFI_ERROR (Status);
Status = gDS->SetMemorySpaceAttributes (
Instance->DeviceBaseAddress,
RuntimeMmioRegionSize,
- EFI_MEMORY_WC | EFI_MEMORY_RUNTIME
+ EFI_MEMORY_UC | EFI_MEMORY_RUNTIME
);
ASSERT_EFI_ERROR (Status);
--
2.41.0

15
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-move-DoErase-code-block-into.patch
View File

@ -1,14 +1,15 @@
From 791c26a4a172b4a609a708db8018411ab653de4a Mon Sep 17 00:00:00 2001
From 0429352edb21bd20b8192aec3f484361f4dc3b33 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 16 Jan 2024 18:11:05 +0100
Subject: [PATCH 16/18] OvmfPkg/VirtNorFlashDxe: move DoErase code block into
new function
Subject: [PATCH 6/6] OvmfPkg/VirtNorFlashDxe: move DoErase code block into new
function
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-MergeRequest: 52: OvmfPkg/VirtNorFlashDxe: backport more fixes.
RH-Jira: RHEL-20963
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [18/20] 10f4685bfcb0c5423e392b4cf0e8633cd25b46b4
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Commit: [6/6] 9a25dbbd0d9881664f8ce30efb95c63099785204 (kraxel.rh/centos-src-edk2)
Move the DoErase code block into a separate function, call the function
instead of jumping around with goto.
@ -127,5 +128,5 @@ index 3d1d20daa1..e6aaed27ce 100644
EFI_STATUS
--
2.41.0
2.39.3

94
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-remove-CheckBlockLocked-feat.patch
View File

@ -1,94 +0,0 @@
From 03e0a729a5c3ebcab8806d136cd8908627bd91c9 Mon Sep 17 00:00:00 2001
From: Ard Biesheuvel <ardb@kernel.org>
Date: Mon, 24 Oct 2022 16:45:02 +0200
Subject: [PATCH 02/18] OvmfPkg/VirtNorFlashDxe: remove CheckBlockLocked
feature
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [4/20] 990bdf373801df8107d8a6ec4db3fb93e5a6ad68
We inherited a feature from the ArmPlatformPkg version of this driver
that never gets enabled. Let's remove it.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
(cherry picked from commit 0a64106c566273ff8ef951d56ddfa972fe65bd6c)
---
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c | 35 +++++----------------
OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf | 3 --
2 files changed, 8 insertions(+), 30 deletions(-)
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
index 12fa720dad..59a562efdf 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
@@ -65,35 +65,16 @@ NorFlashUnlockSingleBlock (
// Raise the Task Priority Level to TPL_NOTIFY to serialise all its operations
// and to protect shared data structures.
- if (FeaturePcdGet (PcdNorFlashCheckBlockLocked) == TRUE) {
- do {
- // Request a lock setup
- SEND_NOR_COMMAND (BlockAddress, 0, P30_CMD_LOCK_BLOCK_SETUP);
+ // Request a lock setup
+ SEND_NOR_COMMAND (BlockAddress, 0, P30_CMD_LOCK_BLOCK_SETUP);
- // Request an unlock
- SEND_NOR_COMMAND (BlockAddress, 0, P30_CMD_UNLOCK_BLOCK);
+ // Request an unlock
+ SEND_NOR_COMMAND (BlockAddress, 0, P30_CMD_UNLOCK_BLOCK);
- // Send command for reading device id
- SEND_NOR_COMMAND (BlockAddress, 2, P30_CMD_READ_DEVICE_ID);
-
- // Read block lock status
- LockStatus = MmioRead32 (CREATE_NOR_ADDRESS (BlockAddress, 2));
-
- // Decode block lock status
- LockStatus = FOLD_32BIT_INTO_16BIT (LockStatus);
- } while ((LockStatus & 0x1) == 1);
- } else {
- // Request a lock setup
- SEND_NOR_COMMAND (BlockAddress, 0, P30_CMD_LOCK_BLOCK_SETUP);
-
- // Request an unlock
- SEND_NOR_COMMAND (BlockAddress, 0, P30_CMD_UNLOCK_BLOCK);
-
- // Wait until the status register gives us the all clear
- do {
- LockStatus = NorFlashReadStatusRegister (Instance, BlockAddress);
- } while ((LockStatus & P30_SR_BIT_WRITE) != P30_SR_BIT_WRITE);
- }
+ // Wait until the status register gives us the all clear
+ do {
+ LockStatus = NorFlashReadStatusRegister (Instance, BlockAddress);
+ } while ((LockStatus & P30_SR_BIT_WRITE) != P30_SR_BIT_WRITE);
// Put device back into Read Array mode
SEND_NOR_COMMAND (BlockAddress, 0, P30_CMD_READ_ARRAY);
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
index 1bf50e4823..53e9d58204 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
@@ -24,7 +24,6 @@
VirtNorFlashFvb.c
[Packages]
- ArmPlatformPkg/ArmPlatformPkg.dec
EmbeddedPkg/EmbeddedPkg.dec
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
@@ -66,7 +65,5 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize
- gArmPlatformTokenSpaceGuid.PcdNorFlashCheckBlockLocked
-
[Depex]
gEfiCpuArchProtocolGuid
--
2.41.0

386
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-remove-disk-I-O-protocol-imp.patch
View File

@ -1,386 +0,0 @@
From 56041232238e4e4d3c8d703b27f51b0bc70fd5c8 Mon Sep 17 00:00:00 2001
From: Ard Biesheuvel <ardb@kernel.org>
Date: Mon, 24 Oct 2022 16:50:05 +0200
Subject: [PATCH 03/18] OvmfPkg/VirtNorFlashDxe: remove disk I/O protocol
implementation
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [5/20] 0551c3f56f43396cfdc380127565e89d69eb29a3
We only use NOR flash for firmware volumes, either for executable images
or for the variable store. So we have no need for exposing disk I/O on
top of the NOR flash partitions so let's remove it.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
(cherry picked from commit 68d234989b2d6bd8f255577e08bf8be0b1d197bb)
---
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c | 129 ------------------
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h | 29 ----
.../VirtNorFlashDxe/VirtNorFlashBlockIoDxe.c | 123 -----------------
OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c | 8 --
4 files changed, 289 deletions(-)
delete mode 100644 OvmfPkg/VirtNorFlashDxe/VirtNorFlashBlockIoDxe.c
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
index 59a562efdf..1094d48f7d 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
@@ -788,135 +788,6 @@ NorFlashWriteSingleBlock (
return EFI_SUCCESS;
}
-/*
- Although DiskIoDxe will automatically install the DiskIO protocol whenever
- we install the BlockIO protocol, its implementation is sub-optimal as it reads
- and writes entire blocks using the BlockIO protocol. In fact we can access
- NOR flash with a finer granularity than that, so we can improve performance
- by directly producing the DiskIO protocol.
-*/
-
-/**
- Read BufferSize bytes from Offset into Buffer.
-
- @param This Protocol instance pointer.
- @param MediaId Id of the media, changes every time the media is replaced.
- @param Offset The starting byte offset to read from
- @param BufferSize Size of Buffer
- @param Buffer Buffer containing read data
-
- @retval EFI_SUCCESS The data was read correctly from the device.
- @retval EFI_DEVICE_ERROR The device reported an error while performing the read.
- @retval EFI_NO_MEDIA There is no media in the device.
- @retval EFI_MEDIA_CHANGED The MediaId does not match the current device.
- @retval EFI_INVALID_PARAMETER The read request contains device addresses that are not
- valid for the device.
-
-**/
-EFI_STATUS
-EFIAPI
-NorFlashDiskIoReadDisk (
- IN EFI_DISK_IO_PROTOCOL *This,
- IN UINT32 MediaId,
- IN UINT64 DiskOffset,
- IN UINTN BufferSize,
- OUT VOID *Buffer
- )
-{
- NOR_FLASH_INSTANCE *Instance;
- UINT32 BlockSize;
- UINT32 BlockOffset;
- EFI_LBA Lba;
-
- Instance = INSTANCE_FROM_DISKIO_THIS (This);
-
- if (MediaId != Instance->Media.MediaId) {
- return EFI_MEDIA_CHANGED;
- }
-
- BlockSize = Instance->Media.BlockSize;
- Lba = (EFI_LBA)DivU64x32Remainder (DiskOffset, BlockSize, &BlockOffset);
-
- return NorFlashRead (Instance, Lba, BlockOffset, BufferSize, Buffer);
-}
-
-/**
- Writes a specified number of bytes to a device.
-
- @param This Indicates a pointer to the calling context.
- @param MediaId ID of the medium to be written.
- @param Offset The starting byte offset on the logical block I/O device to write.
- @param BufferSize The size in bytes of Buffer. The number of bytes to write to the device.
- @param Buffer A pointer to the buffer containing the data to be written.
-
- @retval EFI_SUCCESS The data was written correctly to the device.
- @retval EFI_WRITE_PROTECTED The device can not be written to.
- @retval EFI_DEVICE_ERROR The device reported an error while performing the write.
- @retval EFI_NO_MEDIA There is no media in the device.
- @retval EFI_MEDIA_CHANGED The MediaId does not match the current device.
- @retval EFI_INVALID_PARAMETER The write request contains device addresses that are not
- valid for the device.
-
-**/
-EFI_STATUS
-EFIAPI
-NorFlashDiskIoWriteDisk (
- IN EFI_DISK_IO_PROTOCOL *This,
- IN UINT32 MediaId,
- IN UINT64 DiskOffset,
- IN UINTN BufferSize,
- IN VOID *Buffer
- )
-{
- NOR_FLASH_INSTANCE *Instance;
- UINT32 BlockSize;
- UINT32 BlockOffset;
- EFI_LBA Lba;
- UINTN RemainingBytes;
- UINTN WriteSize;
- EFI_STATUS Status;
-
- Instance = INSTANCE_FROM_DISKIO_THIS (This);
-
- if (MediaId != Instance->Media.MediaId) {
- return EFI_MEDIA_CHANGED;
- }
-
- BlockSize = Instance->Media.BlockSize;
- Lba = (EFI_LBA)DivU64x32Remainder (DiskOffset, BlockSize, &BlockOffset);
-
- RemainingBytes = BufferSize;
-
- // Write either all the remaining bytes, or the number of bytes that bring
- // us up to a block boundary, whichever is less.
- // (DiskOffset | (BlockSize - 1)) + 1) rounds DiskOffset up to the next
- // block boundary (even if it is already on one).
- WriteSize = MIN (RemainingBytes, ((DiskOffset | (BlockSize - 1)) + 1) - DiskOffset);
-
- do {
- if (WriteSize == BlockSize) {
- // Write a full block
- Status = NorFlashWriteFullBlock (Instance, Lba, Buffer, BlockSize / sizeof (UINT32));
- } else {
- // Write a partial block
- Status = NorFlashWriteSingleBlock (Instance, Lba, BlockOffset, &WriteSize, Buffer);
- }
-
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- // Now continue writing either all the remaining bytes or single blocks.
- RemainingBytes -= WriteSize;
- Buffer = (UINT8 *)Buffer + WriteSize;
- Lba++;
- BlockOffset = 0;
- WriteSize = MIN (RemainingBytes, BlockSize);
- } while (RemainingBytes);
-
- return Status;
-}
-
EFI_STATUS
NorFlashReset (
IN NOR_FLASH_INSTANCE *Instance
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h
index e46522a198..7733ee02ee 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h
@@ -15,7 +15,6 @@
#include <Guid/EventGroup.h>
#include <Protocol/BlockIo.h>
-#include <Protocol/DiskIo.h>
#include <Protocol/FirmwareVolumeBlock.h>
#include <Library/DebugLib.h>
@@ -111,7 +110,6 @@
#define NOR_FLASH_SIGNATURE SIGNATURE_32('n', 'o', 'r', '0')
#define INSTANCE_FROM_FVB_THIS(a) CR(a, NOR_FLASH_INSTANCE, FvbProtocol, NOR_FLASH_SIGNATURE)
#define INSTANCE_FROM_BLKIO_THIS(a) CR(a, NOR_FLASH_INSTANCE, BlockIoProtocol, NOR_FLASH_SIGNATURE)
-#define INSTANCE_FROM_DISKIO_THIS(a) CR(a, NOR_FLASH_INSTANCE, DiskIoProtocol, NOR_FLASH_SIGNATURE)
typedef struct _NOR_FLASH_INSTANCE NOR_FLASH_INSTANCE;
@@ -134,7 +132,6 @@ struct _NOR_FLASH_INSTANCE {
EFI_BLOCK_IO_PROTOCOL BlockIoProtocol;
EFI_BLOCK_IO_MEDIA Media;
- EFI_DISK_IO_PROTOCOL DiskIoProtocol;
EFI_FIRMWARE_VOLUME_BLOCK2_PROTOCOL FvbProtocol;
VOID *ShadowBuffer;
@@ -203,32 +200,6 @@ NorFlashBlockIoFlushBlocks (
IN EFI_BLOCK_IO_PROTOCOL *This
);
-//
-// DiskIO Protocol function EFI_DISK_IO_PROTOCOL.ReadDisk
-//
-EFI_STATUS
-EFIAPI
-NorFlashDiskIoReadDisk (
- IN EFI_DISK_IO_PROTOCOL *This,
- IN UINT32 MediaId,
- IN UINT64 Offset,
- IN UINTN BufferSize,
- OUT VOID *Buffer
- );
-
-//
-// DiskIO Protocol function EFI_DISK_IO_PROTOCOL.WriteDisk
-//
-EFI_STATUS
-EFIAPI
-NorFlashDiskIoWriteDisk (
- IN EFI_DISK_IO_PROTOCOL *This,
- IN UINT32 MediaId,
- IN UINT64 Offset,
- IN UINTN BufferSize,
- IN VOID *Buffer
- );
-
//
// NorFlashFvbDxe.c
//
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashBlockIoDxe.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashBlockIoDxe.c
deleted file mode 100644
index ecf152e355..0000000000
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashBlockIoDxe.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/** @file NorFlashBlockIoDxe.c
-
- Copyright (c) 2011-2013, ARM Ltd. All rights reserved.<BR>
-
- SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include <Library/BaseMemoryLib.h>
-#include <Library/UefiBootServicesTableLib.h>
-
-#include "VirtNorFlash.h"
-
-//
-// BlockIO Protocol function EFI_BLOCK_IO_PROTOCOL.Reset
-//
-EFI_STATUS
-EFIAPI
-NorFlashBlockIoReset (
- IN EFI_BLOCK_IO_PROTOCOL *This,
- IN BOOLEAN ExtendedVerification
- )
-{
- NOR_FLASH_INSTANCE *Instance;
-
- Instance = INSTANCE_FROM_BLKIO_THIS (This);
-
- DEBUG ((DEBUG_BLKIO, "NorFlashBlockIoReset(MediaId=0x%x)\n", This->Media->MediaId));
-
- return NorFlashReset (Instance);
-}
-
-//
-// BlockIO Protocol function EFI_BLOCK_IO_PROTOCOL.ReadBlocks
-//
-EFI_STATUS
-EFIAPI
-NorFlashBlockIoReadBlocks (
- IN EFI_BLOCK_IO_PROTOCOL *This,
- IN UINT32 MediaId,
- IN EFI_LBA Lba,
- IN UINTN BufferSizeInBytes,
- OUT VOID *Buffer
- )
-{
- NOR_FLASH_INSTANCE *Instance;
- EFI_STATUS Status;
- EFI_BLOCK_IO_MEDIA *Media;
-
- if (This == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- Instance = INSTANCE_FROM_BLKIO_THIS (This);
- Media = This->Media;
-
- DEBUG ((DEBUG_BLKIO, "NorFlashBlockIoReadBlocks(MediaId=0x%x, Lba=%ld, BufferSize=0x%x bytes (%d kB), BufferPtr @ 0x%08x)\n", MediaId, Lba, BufferSizeInBytes, BufferSizeInBytes, Buffer));
-
- if (!Media) {
- Status = EFI_INVALID_PARAMETER;
- } else if (!Media->MediaPresent) {
- Status = EFI_NO_MEDIA;
- } else if (Media->MediaId != MediaId) {
- Status = EFI_MEDIA_CHANGED;
- } else if ((Media->IoAlign > 2) && (((UINTN)Buffer & (Media->IoAlign - 1)) != 0)) {
- Status = EFI_INVALID_PARAMETER;
- } else {
- Status = NorFlashReadBlocks (Instance, Lba, BufferSizeInBytes, Buffer);
- }
-
- return Status;
-}
-
-//
-// BlockIO Protocol function EFI_BLOCK_IO_PROTOCOL.WriteBlocks
-//
-EFI_STATUS
-EFIAPI
-NorFlashBlockIoWriteBlocks (
- IN EFI_BLOCK_IO_PROTOCOL *This,
- IN UINT32 MediaId,
- IN EFI_LBA Lba,
- IN UINTN BufferSizeInBytes,
- IN VOID *Buffer
- )
-{
- NOR_FLASH_INSTANCE *Instance;
- EFI_STATUS Status;
-
- Instance = INSTANCE_FROM_BLKIO_THIS (This);
-
- DEBUG ((DEBUG_BLKIO, "NorFlashBlockIoWriteBlocks(MediaId=0x%x, Lba=%ld, BufferSize=0x%x bytes, BufferPtr @ 0x%08x)\n", MediaId, Lba, BufferSizeInBytes, Buffer));
-
- if ( !This->Media->MediaPresent ) {
- Status = EFI_NO_MEDIA;
- } else if ( This->Media->MediaId != MediaId ) {
- Status = EFI_MEDIA_CHANGED;
- } else if ( This->Media->ReadOnly ) {
- Status = EFI_WRITE_PROTECTED;
- } else {
- Status = NorFlashWriteBlocks (Instance, Lba, BufferSizeInBytes, Buffer);
- }
-
- return Status;
-}
-
-//
-// BlockIO Protocol function EFI_BLOCK_IO_PROTOCOL.FlushBlocks
-//
-EFI_STATUS
-EFIAPI
-NorFlashBlockIoFlushBlocks (
- IN EFI_BLOCK_IO_PROTOCOL *This
- )
-{
- // No Flush required for the NOR Flash driver
- // because cache operations are not permitted.
-
- DEBUG ((DEBUG_BLKIO, "NorFlashBlockIoFlushBlocks: Function NOT IMPLEMENTED (not required).\n"));
-
- // Nothing to do so just return without error
- return EFI_SUCCESS;
-}
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
index 819425545e..4875b057d5 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
@@ -58,12 +58,6 @@ NOR_FLASH_INSTANCE mNorFlashInstanceTemplate = {
1, // LogicalBlocksPerPhysicalBlock
}, // Media;
- {
- EFI_DISK_IO_PROTOCOL_REVISION, // Revision
- NorFlashDiskIoReadDisk, // ReadDisk
- NorFlashDiskIoWriteDisk // WriteDisk
- },
-
{
FvbGetAttributes, // GetAttributes
FvbSetAttributes, // SetAttributes
@@ -159,8 +153,6 @@ NorFlashCreateInstance (
&Instance->DevicePath,
&gEfiBlockIoProtocolGuid,
&Instance->BlockIoProtocol,
- &gEfiDiskIoProtocolGuid,
- &Instance->DiskIoProtocol,
NULL
);
if (EFI_ERROR (Status)) {
--
2.41.0

216
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-sanity-check-variable2.patch
View File

@ -1,216 +0,0 @@
From c4d2144caff4eddb7021752fce6c2dec6d5e1632 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 9 Jan 2024 12:29:02 +0100
Subject: [PATCH 10/18] OvmfPkg/VirtNorFlashDxe: sanity-check variables
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [12/20] 2ad3957478b82a4ca29249ceb9620f97c591a1fe
Extend the ValidateFvHeader function, additionally to the header checks
walk over the list of variables and sanity check them.
In case we find inconsistencies indicating variable store corruption
return EFI_NOT_FOUND so the variable store will be re-initialized.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <20240109112902.30002-4-kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
[lersek@redhat.com: fix StartId initialization/assignment coding style]
(cherry picked from commit 4a443f73fd67ca8caaf0a3e1a01f8231b330d2e0)
---
OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf | 1 +
OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c | 149 +++++++++++++++++++-
2 files changed, 145 insertions(+), 5 deletions(-)
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
index 2a3d4a218e..f549400280 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
@@ -34,6 +34,7 @@
DxeServicesTableLib
HobLib
IoLib
+ SafeIntLib
UefiBootServicesTableLib
UefiDriverEntryPoint
UefiLib
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
index c503272a2b..acc4a413ee 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
@@ -12,6 +12,7 @@
#include <Library/BaseMemoryLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/PcdLib.h>
+#include <Library/SafeIntLib.h>
#include <Library/UefiLib.h>
#include <Guid/NvVarStoreFormatted.h>
@@ -185,11 +186,12 @@ ValidateFvHeader (
IN NOR_FLASH_INSTANCE *Instance
)
{
- UINT16 Checksum;
- EFI_FIRMWARE_VOLUME_HEADER *FwVolHeader;
- VARIABLE_STORE_HEADER *VariableStoreHeader;
- UINTN VariableStoreLength;
- UINTN FvLength;
+ UINT16 Checksum;
+ CONST EFI_FIRMWARE_VOLUME_HEADER *FwVolHeader;
+ CONST VARIABLE_STORE_HEADER *VariableStoreHeader;
+ UINTN VarOffset;
+ UINTN VariableStoreLength;
+ UINTN FvLength;
FwVolHeader = (EFI_FIRMWARE_VOLUME_HEADER *)Instance->RegionBaseAddress;
@@ -258,6 +260,143 @@ ValidateFvHeader (
return EFI_NOT_FOUND;
}
+ //
+ // check variables
+ //
+ DEBUG ((DEBUG_INFO, "%a: checking variables\n", __func__));
+ VarOffset = sizeof (*VariableStoreHeader);
+ for ( ; ;) {
+ UINTN VarHeaderEnd;
+ UINTN VarNameEnd;
+ UINTN VarEnd;
+ UINTN VarPadding;
+ CONST AUTHENTICATED_VARIABLE_HEADER *VarHeader;
+ CONST CHAR16 *VarName;
+ CONST CHAR8 *VarState;
+ RETURN_STATUS Status;
+
+ Status = SafeUintnAdd (VarOffset, sizeof (*VarHeader), &VarHeaderEnd);
+ if (RETURN_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: integer overflow\n", __func__));
+ return EFI_NOT_FOUND;
+ }
+
+ if (VarHeaderEnd >= VariableStoreHeader->Size) {
+ if (VarOffset <= VariableStoreHeader->Size - sizeof (UINT16)) {
+ CONST UINT16 *StartId;
+
+ StartId = (VOID *)((UINTN)VariableStoreHeader + VarOffset);
+ if (*StartId == 0x55aa) {
+ DEBUG ((DEBUG_ERROR, "%a: startid at invalid location\n", __func__));
+ return EFI_NOT_FOUND;
+ }
+ }
+
+ DEBUG ((DEBUG_INFO, "%a: end of var list (no space left)\n", __func__));
+ break;
+ }
+
+ VarHeader = (VOID *)((UINTN)VariableStoreHeader + VarOffset);
+ if (VarHeader->StartId != 0x55aa) {
+ DEBUG ((DEBUG_INFO, "%a: end of var list (no startid)\n", __func__));
+ break;
+ }
+
+ VarName = NULL;
+ switch (VarHeader->State) {
+ // usage: State = VAR_HEADER_VALID_ONLY
+ case VAR_HEADER_VALID_ONLY:
+ VarState = "header-ok";
+ VarName = L"<unknown>";
+ break;
+
+ // usage: State = VAR_ADDED
+ case VAR_ADDED:
+ VarState = "ok";
+ break;
+
+ // usage: State &= VAR_IN_DELETED_TRANSITION
+ case VAR_ADDED &VAR_IN_DELETED_TRANSITION:
+ VarState = "del-in-transition";
+ break;
+
+ // usage: State &= VAR_DELETED
+ case VAR_ADDED &VAR_DELETED:
+ case VAR_ADDED &VAR_DELETED &VAR_IN_DELETED_TRANSITION:
+ VarState = "deleted";
+ break;
+
+ default:
+ DEBUG ((
+ DEBUG_ERROR,
+ "%a: invalid variable state: 0x%x\n",
+ __func__,
+ VarHeader->State
+ ));
+ return EFI_NOT_FOUND;
+ }
+
+ Status = SafeUintnAdd (VarHeaderEnd, VarHeader->NameSize, &VarNameEnd);
+ if (RETURN_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: integer overflow\n", __func__));
+ return EFI_NOT_FOUND;
+ }
+
+ Status = SafeUintnAdd (VarNameEnd, VarHeader->DataSize, &VarEnd);
+ if (RETURN_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: integer overflow\n", __func__));
+ return EFI_NOT_FOUND;
+ }
+
+ if (VarEnd > VariableStoreHeader->Size) {
+ DEBUG ((
+ DEBUG_ERROR,
+ "%a: invalid variable size: 0x%Lx + 0x%Lx + 0x%x + 0x%x > 0x%x\n",
+ __func__,
+ (UINT64)VarOffset,
+ (UINT64)(sizeof (*VarHeader)),
+ VarHeader->NameSize,
+ VarHeader->DataSize,
+ VariableStoreHeader->Size
+ ));
+ return EFI_NOT_FOUND;
+ }
+
+ if (((VarHeader->NameSize & 1) != 0) ||
+ (VarHeader->NameSize < 4))
+ {
+ DEBUG ((DEBUG_ERROR, "%a: invalid name size\n", __func__));
+ return EFI_NOT_FOUND;
+ }
+
+ if (VarName == NULL) {
+ VarName = (VOID *)((UINTN)VariableStoreHeader + VarHeaderEnd);
+ if (VarName[VarHeader->NameSize / 2 - 1] != L'\0') {
+ DEBUG ((DEBUG_ERROR, "%a: name is not null terminated\n", __func__));
+ return EFI_NOT_FOUND;
+ }
+ }
+
+ DEBUG ((
+ DEBUG_VERBOSE,
+ "%a: +0x%04Lx: name=0x%x data=0x%x guid=%g '%s' (%a)\n",
+ __func__,
+ (UINT64)VarOffset,
+ VarHeader->NameSize,
+ VarHeader->DataSize,
+ &VarHeader->VendorGuid,
+ VarName,
+ VarState
+ ));
+
+ VarPadding = (4 - (VarEnd & 3)) & 3;
+ Status = SafeUintnAdd (VarEnd, VarPadding, &VarOffset);
+ if (RETURN_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: integer overflow\n", __func__));
+ return EFI_NOT_FOUND;
+ }
+ }
+
return EFI_SUCCESS;
}
--
2.41.0

58
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-sanity-check-variables.patch
View File

@ -1,13 +1,7 @@
From c4eef747624d41aaa09dc64ccafdb84bf1fe656e Mon Sep 17 00:00:00 2001
From d557e973e4a400325f68014e463201a5b48c1547 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 9 Jan 2024 12:29:02 +0100
Subject: [PATCH 2/2] OvmfPkg/VirtNorFlashDxe: sanity-check variables
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 42: OvmfPkg/VirtNorFlashDxe: sanity-check variables
RH-Jira: RHEL-17587
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [2/2] 56ff961f754d517c0e27ccf46a95b228efe7ab4b
Subject: [PATCH 3/3] OvmfPkg/VirtNorFlashDxe: sanity-check variables
Extend the ValidateFvHeader function, additionally to the header checks
walk over the list of variables and sanity check them.
@ -21,36 +15,36 @@ Reviewed-by: Laszlo Ersek <lersek@redhat.com>
[lersek@redhat.com: fix StartId initialization/assignment coding style]
(cherry picked from commit 4a443f73fd67ca8caaf0a3e1a01f8231b330d2e0)
---
.../Drivers/NorFlashDxe/NorFlashDxe.inf | 1 +
.../Drivers/NorFlashDxe/NorFlashFvb.c | 149 +++++++++++++++++-
OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf | 1 +
OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c | 149 +++++++++++++++++++-
2 files changed, 145 insertions(+), 5 deletions(-)
diff --git a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
index f8d4c27031..10388880a1 100644
--- a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
+++ b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
@@ -35,6 +35,7 @@
DebugLib
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
index 2a3d4a218e..f549400280 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
@@ -34,6 +34,7 @@
DxeServicesTableLib
HobLib
NorFlashPlatformLib
IoLib
+ SafeIntLib
UefiLib
UefiDriverEntryPoint
UefiBootServicesTableLib
diff --git a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvb.c b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvb.c
index 904605cbbc..2a166c94a6 100644
--- a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvb.c
+++ b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvb.c
@@ -13,6 +13,7 @@
#include <Library/UefiLib.h>
UefiDriverEntryPoint
UefiLib
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
index 9a614ae4b2..8fcd999ac6 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
@@ -12,6 +12,7 @@
#include <Library/BaseMemoryLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/PcdLib.h>
+#include <Library/SafeIntLib.h>
#include <Library/UefiLib.h>
#include <Guid/VariableFormat.h>
#include <Guid/SystemNvDataGuid.h>
@@ -166,11 +167,12 @@ ValidateFvHeader (
IN NOR_FLASH_INSTANCE *Instance
#include <Guid/NvVarStoreFormatted.h>
@@ -185,11 +186,12 @@ ValidateFvHeader (
IN NOR_FLASH_INSTANCE *Instance
)
{
- UINT16 Checksum;
@ -65,9 +59,9 @@ index 904605cbbc..2a166c94a6 100644
+ UINTN VariableStoreLength;
+ UINTN FvLength;
FwVolHeader = (EFI_FIRMWARE_VOLUME_HEADER*)Instance->RegionBaseAddress;
FwVolHeader = (EFI_FIRMWARE_VOLUME_HEADER *)Instance->RegionBaseAddress;
@@ -223,6 +225,143 @@ ValidateFvHeader (
@@ -258,6 +260,143 @@ ValidateFvHeader (
return EFI_NOT_FOUND;
}
@ -212,5 +206,5 @@ index 904605cbbc..2a166c94a6 100644
}
--
2.41.0
2.39.3

49
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-stop-accepting-gEfiVariable2.patch
View File

@ -1,49 +0,0 @@
From 1444157aad1b98ce9c1193ef109011b084113890 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 9 Jan 2024 12:29:01 +0100
Subject: [PATCH 09/18] OvmfPkg/VirtNorFlashDxe: stop accepting
gEfiVariableGuid
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [11/20] c7b9cd1b716e1b8163b8094fbea8117241901815
Only accept gEfiAuthenticatedVariableGuid when checking the variable
store header in ValidateFvHeader().
The edk2 code base has been switched to use the authenticated varstore
format unconditionally (even in case secure boot is not used or
supported) a few years ago.
Suggested-by: László Érsek <lersek@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20240109112902.30002-3-kraxel@redhat.com>
(cherry picked from commit ae22b2f136bcbd27135a5f4dd76d3a68a172d00e)
---
OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
index cc5eefaaf3..c503272a2b 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
@@ -239,9 +239,7 @@ ValidateFvHeader (
VariableStoreHeader = (VARIABLE_STORE_HEADER *)((UINTN)FwVolHeader + FwVolHeader->HeaderLength);
// Check the Variable Store Guid
- if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiVariableGuid) &&
- !CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVariableGuid))
- {
+ if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVariableGuid)) {
DEBUG ((
DEBUG_INFO,
"%a: Variable Store Guid non-compatible\n",
--
2.41.0

37
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-stop-accepting-gEfiVariableG.patch
View File

@ -1,17 +1,11 @@
From abe5b633eaae333190fb742af3fa15968f02a92e Mon Sep 17 00:00:00 2001
From 77047a56601aaa955a12030343bdee973b9d393d Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 9 Jan 2024 12:29:01 +0100
Subject: [PATCH 1/2] OvmfPkg/VirtNorFlashDxe: stop accepting gEfiVariableGuid
Subject: [PATCH 2/3] OvmfPkg/VirtNorFlashDxe: stop accepting gEfiVariableGuid
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 42: OvmfPkg/VirtNorFlashDxe: sanity-check variables
RH-Jira: RHEL-17587
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [1/2] 790f895bd180bc2c4b957a7a3c7d07e9107dd74b
Only accept gEfiAuthenticatedVariableGuid when checking the variable
store header in ValidateFvHeader().
@ -25,23 +19,24 @@ Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20240109112902.30002-3-kraxel@redhat.com>
(cherry picked from commit ae22b2f136bcbd27135a5f4dd76d3a68a172d00e)
---
ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvb.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvb.c b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvb.c
index db8eb595f4..904605cbbc 100644
--- a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvb.c
+++ b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvb.c
@@ -210,8 +210,7 @@ ValidateFvHeader (
VariableStoreHeader = (VARIABLE_STORE_HEADER*)((UINTN)FwVolHeader + FwVolHeader->HeaderLength);
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
index 5ee98e9b59..9a614ae4b2 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
@@ -239,9 +239,7 @@ ValidateFvHeader (
VariableStoreHeader = (VARIABLE_STORE_HEADER *)((UINTN)FwVolHeader + FwVolHeader->HeaderLength);
// Check the Variable Store Guid
- if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiVariableGuid) &&
- !CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVariableGuid)) {
- !CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVariableGuid))
- {
+ if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVariableGuid)) {
DEBUG ((EFI_D_INFO, "%a: Variable Store Guid non-compatible\n",
__FUNCTION__));
return EFI_NOT_FOUND;
DEBUG ((
DEBUG_INFO,
"%a: Variable Store Guid non-compatible\n",
--
2.41.0
2.39.3

150
SOURCES/edk2-OvmfPkg-VirtNorFlashDxe-use-EFI_MEMORY_WC-and-drop-A.patch
View File

@ -1,150 +0,0 @@
From e65da48afdabc9a5cba1c212b4323898b91ef2a4 Mon Sep 17 00:00:00 2001
From: Ard Biesheuvel <ardb@kernel.org>
Date: Mon, 24 Oct 2022 18:16:18 +0200
Subject: [PATCH 07/18] OvmfPkg/VirtNorFlashDxe: use EFI_MEMORY_WC and drop
AlignedCopyMem()
RH-Author: Gerd Hoffmann <None>
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
RH-Jira: RHEL-17587
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Commit: [9/20] 0c01619eff8282d08e05fae8c37175b944449f59
NOR flash emulation under KVM involves switching between two modes,
where array mode is backed by a read-only memslot, and programming mode
is fully emulated, i.e., the memory region is not backed by anything,
and the faulting accesses are forwarded to the VMM by the hypervisor,
which translates them into NOR flash programming commands.
Normally, we are limited to the use of device attributes when mapping
such regions, given that the programming mode has MMIO semantics.
However, when running under KVM, the chosen memory attributes only take
effect when in array mode, since no memory mapping exists otherwise.
This means we can tune the memory mapping so it behaves a bit more like
a ROM, by switching to EFI_MEMORY_WC attributes. This means we no longer
need a special CopyMem() implementation that avoids unaligned accesses
at all cost.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
(cherry picked from commit 789a723285533f35652ebd6029976e2ddc955655)
---
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c | 65 +----------------------
OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c | 4 +-
2 files changed, 4 insertions(+), 65 deletions(-)
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
index 0343131a54..1afd60ce66 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
@@ -401,67 +401,6 @@ NorFlashWriteBlocks (
return Status;
}
-#define BOTH_ALIGNED(a, b, align) ((((UINTN)(a) | (UINTN)(b)) & ((align) - 1)) == 0)
-
-/**
- Copy Length bytes from Source to Destination, using aligned accesses only.
- Note that this implementation uses memcpy() semantics rather then memmove()
- semantics, i.e., SourceBuffer and DestinationBuffer should not overlap.
-
- @param DestinationBuffer The target of the copy request.
- @param SourceBuffer The place to copy from.
- @param Length The number of bytes to copy.
-
- @return Destination
-
-**/
-STATIC
-VOID *
-AlignedCopyMem (
- OUT VOID *DestinationBuffer,
- IN CONST VOID *SourceBuffer,
- IN UINTN Length
- )
-{
- UINT8 *Destination8;
- CONST UINT8 *Source8;
- UINT32 *Destination32;
- CONST UINT32 *Source32;
- UINT64 *Destination64;
- CONST UINT64 *Source64;
-
- if (BOTH_ALIGNED (DestinationBuffer, SourceBuffer, 8) && (Length >= 8)) {
- Destination64 = DestinationBuffer;
- Source64 = SourceBuffer;
- while (Length >= 8) {
- *Destination64++ = *Source64++;
- Length -= 8;
- }
-
- Destination8 = (UINT8 *)Destination64;
- Source8 = (CONST UINT8 *)Source64;
- } else if (BOTH_ALIGNED (DestinationBuffer, SourceBuffer, 4) && (Length >= 4)) {
- Destination32 = DestinationBuffer;
- Source32 = SourceBuffer;
- while (Length >= 4) {
- *Destination32++ = *Source32++;
- Length -= 4;
- }
-
- Destination8 = (UINT8 *)Destination32;
- Source8 = (CONST UINT8 *)Source32;
- } else {
- Destination8 = DestinationBuffer;
- Source8 = SourceBuffer;
- }
-
- while (Length-- != 0) {
- *Destination8++ = *Source8++;
- }
-
- return DestinationBuffer;
-}
-
EFI_STATUS
NorFlashReadBlocks (
IN NOR_FLASH_INSTANCE *Instance,
@@ -516,7 +455,7 @@ NorFlashReadBlocks (
SEND_NOR_COMMAND (Instance->DeviceBaseAddress, 0, P30_CMD_READ_ARRAY);
// Readout the data
- AlignedCopyMem (Buffer, (VOID *)StartAddress, BufferSizeInBytes);
+ CopyMem (Buffer, (VOID *)StartAddress, BufferSizeInBytes);
return EFI_SUCCESS;
}
@@ -558,7 +497,7 @@ NorFlashRead (
SEND_NOR_COMMAND (Instance->DeviceBaseAddress, 0, P30_CMD_READ_ARRAY);
// Readout the data
- AlignedCopyMem (Buffer, (VOID *)(StartAddress + Offset), BufferSizeInBytes);
+ CopyMem (Buffer, (VOID *)(StartAddress + Offset), BufferSizeInBytes);
return EFI_SUCCESS;
}
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
index f9a41f6aab..ff3121af2a 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.c
@@ -394,14 +394,14 @@ NorFlashFvbInitialize (
EfiGcdMemoryTypeMemoryMappedIo,
Instance->DeviceBaseAddress,
RuntimeMmioRegionSize,
- EFI_MEMORY_UC | EFI_MEMORY_RUNTIME
+ EFI_MEMORY_WC | EFI_MEMORY_RUNTIME
);
ASSERT_EFI_ERROR (Status);
Status = gDS->SetMemorySpaceAttributes (
Instance->DeviceBaseAddress,
RuntimeMmioRegionSize,
- EFI_MEMORY_UC | EFI_MEMORY_RUNTIME
+ EFI_MEMORY_WC | EFI_MEMORY_RUNTIME
);
ASSERT_EFI_ERROR (Status);
--
2.41.0

Some files were not shown because too many files have changed in this diff Show More