rpms/edk2
7
0
Fork 0
Code Issues Pull Requests Releases Activity
61318a0867
edk2/edk2-build.rhel-9
Miroslav Rezanina 61318a0867 * Mon Feb 13 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20221207gitfff6d81270b5-6 
- edk2-update-build-script-rhel-only.patch [bz#2168046]
- edk2-update-build-config-rhel-only.patch [bz#2168046]
- edk2-add-release-date-to-builds-rh-only.patch [bz#2168046]
- edk2-openssl-update.patch [bz#2164534 bz#2164550 bz#2164565 bz#2164583]
- edk2-rh-openssl-add-crypto-bn-rsa_sup_mul.c-to-file-list.patch [bz#2164534 bz#2164550 bz#2164565 bz#2164583]
- Resolves: bz#2168046
  ([SVVP] job 'Check SMBIOS Table Specific Requirements' failed on win2022)
- Resolves: bz#2164534
  (CVE-2023-0286 edk2: openssl: X.400 address type confusion in X.509 GeneralName [rhel-9])
- Resolves: bz#2164550
  (CVE-2022-4304 edk2: openssl: timing attack in RSA Decryption implementation [rhel-9])
- Resolves: bz#2164565
  (CVE-2023-0215 edk2: openssl: use-after-free following BIO_new_NDEF [rhel-9])
- Resolves: bz#2164583
  (CVE-2022-4450 edk2: openssl: double free after calling PEM_read_bio_ex [rhel-9])
2023-02-13 02:40:34 -05:00

112 lines
2.7 KiB
Plaintext
Raw Blame History

[opts.ovmf.common]
NETWORK_HTTP_BOOT_ENABLE = TRUE
NETWORK_IP6_ENABLE = TRUE
NETWORK_TLS_ENABLE = TRUE
NETWORK_ISCSI_ENABLE = TRUE
NETWORK_ALLOW_HTTP_CONNECTIONS = TRUE
TPM2_ENABLE = TRUE
TPM2_CONFIG_ENABLE = TRUE
TPM1_ENABLE = FALSE
CAVIUM_ERRATUM_27456 = TRUE
[opts.ovmf.4m]
FD_SIZE_4MB = TRUE
[opts.ovmf.sb.smm]
SECURE_BOOT_ENABLE = TRUE
SMM_REQUIRE = TRUE
# old downstream
EXCLUDE_SHELL_FROM_FD = TRUE
# new upstream
BUILD_SHELL = FALSE
[opts.armvirt.verbose]
DEBUG_PRINT_ERROR_LEVEL = 0x8040004F
[opts.armvirt.silent]
DEBUG_PRINT_ERROR_LEVEL = 0x80000000
#####################################################################
# stateful ovmf builds (with vars in flash)
[build.ovmf.4m.default]
desc = ovmf build (64-bit, 4MB)
conf = OvmfPkg/OvmfPkgX64.dsc
arch = X64
opts = ovmf.common
ovmf.4m
plat = OvmfX64
dest = RHEL-9/ovmf
cpy1 = FV/OVMF_CODE.fd OVMF_CODE.fd
cpy2 = FV/OVMF_VARS.fd
cpy3 = X64/Shell.efi
[build.ovmf.4m.sb.smm]
desc = ovmf build (32/64-bit, 4MB, q35 only, needs smm, secure boot)
conf = OvmfPkg/OvmfPkgIa32X64.dsc
arch = IA32 X64
opts = ovmf.common
ovmf.4m
ovmf.sb.smm
plat = Ovmf3264
dest = RHEL-9/ovmf
cpy1 = FV/OVMF_CODE.fd OVMF_CODE.secboot.fd
cpy2 = X64/EnrollDefaultKeys.efi
#####################################################################
# stateless ovmf builds (firmware in rom or r/o flash)
[build.ovmf.amdsev]
desc = ovmf build for AmdSev (4MB)
conf = OvmfPkg/AmdSev/AmdSevX64.dsc
arch = X64
opts = ovmf.common
ovmf.4m
plat = AmdSev
dest = RHEL-9/ovmf
cpy1 = FV/OVMF.fd OVMF.amdsev.fd
[build.ovmf.inteltdx]
desc = ovmf build for IntelTdx (4MB)
conf = OvmfPkg/IntelTdx/IntelTdxX64.dsc
arch = X64
opts = ovmf.common
ovmf.4m
plat = IntelTdx
dest = RHEL-9/ovmf
cpy1 = FV/OVMF.fd OVMF.inteltdx.fd
#####################################################################
# armvirt builds
[build.armvirt.aa64.verbose]
desc = ArmVirt build for qemu, 64-bit (arm v8), verbose
conf = ArmVirtPkg/ArmVirtQemu.dsc
arch = AARCH64
opts = ovmf.common
armvirt.verbose
plat = ArmVirtQemu-AARCH64
dest = RHEL-9/aarch64
cpy1 = FV/QEMU_EFI.fd
cpy2 = FV/QEMU_VARS.fd
cpy3 = FV/QEMU_EFI.fd QEMU_EFI-pflash.raw
cpy4 = FV/QEMU_VARS.fd vars-template-pflash.raw
pad3 = QEMU_EFI-pflash.raw 64m
pad4 = vars-template-pflash.raw 64m
[build.armvirt.aa64.silent]
desc = ArmVirt build for qemu, 64-bit (arm v8), silent
conf = ArmVirtPkg/ArmVirtQemu.dsc
arch = AARCH64
opts = ovmf.common
armvirt.silent
plat = ArmVirtQemu-AARCH64
dest = RHEL-9/aarch64
cpy1 = FV/QEMU_EFI.fd QEMU_EFI.silent.fd
cpy2 = FV/QEMU_EFI.fd QEMU_EFI-silent-pflash.raw
pad2 = QEMU_EFI-silent-pflash.raw 64m
Reference in New Issue View Git Blame Copy Permalink