commit 565382ba5b47f7b1573da5159d5d3d442f4739e5 Author: Adrian Schröter Date: Fri Sep 22 09:57:32 2023 +0200 Sync from SUSE:ALP:Source:Standard:1.0 ovmf revision 3ab028ed4c13f59ac8d37812d342bd6c diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..fecc750 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/README b/README new file mode 100644 index 0000000..d0055ea --- /dev/null +++ b/README @@ -0,0 +1,185 @@ +Running the OVMF image in qemu +============================== + +The easiest way to run the OVMF image is to specify a pflash device for the +firmware file. Here is the example to use OVMF in the flash mode: + + $ cp /usr/share/qemu/ovmf-x86_64.bin . + $ qemu-system-x86_64 -pflash ovmf-x86_64.bin + +Please make sure the file is writable before using the flash mode, or all +your changes won't be saved. + +Starting from r15670, two extra firmware files are provided for the flash mode: +ovmf-*-code.bin and ovmf-*-vars.bin, and all non-volatile variables will be +stored in ovmf-*-vars.bin. Example: + + $ cp /usr/share/qemu/ovmf-x86_64-vars.bin . + $ qemu-system-x86_64 \ + -drive if=pflash,format=raw,unit=0,readonly,file=/usr/share/qemu/ovmf-x86_64-code.bin \ + -drive if=pflash,format=raw,unit=1,file=ovmf-x86_64-vars.bin + +It would be easier to manage the NV variables with the separated vars firmware. + +NOTE: Running OVMF with '-bios' is deprecated and should not be used anymore. + +Variable Stores with preloaded keys +----------------------------------- + +Besides the generic OVMF images, there are images preloaded with different +vendor keys. + +ovmf-x86_64-smm-ms-vars.bin +- PK: SUSE Linux Enterprise Secure Boot CA +- KEK: Microsoft Corporation KEK CA 2011, SUSE Linux Enterprise Secure Boot CA +- db: Microsoft Corporation UEFI CA 2011, Microsoft Windows Production PCA 2011 + +ovmf-x86_64-smm-opensuse-vars.bin +- PK: openSUSE Secure Boot CA +- KEK: openSUSE Secure Boot CA +- db: openSUSE Secure Boot CA + +ovmf-x86_64-smm-suse-vars.bin +- PK: SUSE Linux Enterprise Secure Boot CA +- KEK: SUSE Linux Enterprise Secure Boot CA +- db: SUSE Linux Enterprise Secure Boot CA + +Note that the preloaded key images are all 64 bit because openSUSE/SLE and +Windows only support Secure Boot in 64 bit mode. + +Those variable stores are created with EnrollDefaultKeys.efi which enrolls +the Microsoft keys into KEK and db. It also reads the key from SMBIOS Type 11 +and enrolls the key into PK and KEK. If the "--no-default" switch is provided, +the program will ignore the Microsoft keys and enroll the key from SMBIOS into +db instead. + +x86_64 4MB images +----------------- + +The OVMF upstream decides to switch the default flash size to 4MB since +the edk2 commit 1c47fcd465a496. It's mainly for Windows HCK which requests +a larger variable store. To maintain the backward compatibility, the 4MB +images are built separately. Only those images with 4m, e.g. ovmf-x86_64-4m.bin, +are the 4MB images. Otherwise, it's built with FD_SIZE_2MB, i.e. a 2MB image. + +x86_64 SMM Support +------------------ +The image files with "-smm", e.g. ovmf-x86_64-smm.bin, are the images +with SMM support. SMM provides better (virtual) hardware separation between +the guest OS and the firmware to prevent the runtime guest OS from tampering +with the variable store and S3 areas, so it's recommended to enable SMM along +with Secure Boot. Here are the requirements to use the SMM images: + +* SMM support requires QEMU 2.5. +* The minimum required QEMU machine type is "pc-q35-2.5". +* SMM with KVM requires Linux 4.4 (host). + +Here are the qemu commands to start a VM with SMM support: + + $ cp /usr/share/qemu/ovmf-x86_64-smm-vars.bin . + $ qemu-system-x86_64 \ + -machine q35,smm=on,accel=(tcg|kvm) \ + -global driver=cfi.pflash01,property=secure,value=on \ + -drive if=pflash,format=raw,unit=0,readonly,file=/usr/share/qemu/ovmf-x86_64-smm-code.bin \ + -drive if=pflash,format=raw,unit=1,file=ovmf-x86_64-smm-vars.bin \ + -global ICH9-LPC.disable_s3=1 \ + ... + +NOTE: The pflash variable store is required to use OVMF with SMM. + +Creating Platform and Key Exchange keys +======================================= + +A note about terminology. In UEFI terms, "key" means certificate (not the +openssl key). UEFI keys are required to be based on RSA 2048 bit keys. + +The Platform key and Key Exchange Keys should be the equivalent of CA root +certificates (i.e. a self signed certificate). Note that in current tianocore +OVMF, the input certificates, if taken from external media, *must* be in a +file with a .cer extension and in DER format. + +The platform key is the key which controls updates to the Key Exchange Key +database. The Key Exchange Key controls updates to the signature databases. +Note that if the Key Exchange Key is an X509 key, any key which has the KEK as +its root signature can also be used to validate an efi binary without need for +any entries in the signatures database. + + +Create Platform Key (PK) +------------------------ + +openssl req -new -x509 -newkey rsa:2048 -keyout PK.key -out PK.crt -days + +Note that the Key is PK.crt (PK.key is the private key you use to sign other +certificates) + +Now convert to DER format + +openssl x509 -in PK.crt -out PK.cer -outform DER + +The file PK.cer can be placed on a USB key for enrolling as the platform key. + +Create Key Exchange Key (KEK) +----------------------------- + +This is done exactly as the Platform key above, except call the file KEK.cer +instead. + +Note, for expermentation purposes, there's no reason the KEK and the PK can't +be the same certificate. + +Creating derived keys from the KEK +---------------------------------- + +This process can be used to create subordinate keys which can be used to sign +efi binaries (since their roots can be traced back to the KEK). + +openssl req -new -newkey rsa:2048 -keyout new.key -out new.csr -days + +Now sign the certificate request with the KEK: + +openssl x509 -req -in new.csr -CA KEK.crt -CAkey KEK.key -set_serial 1 -out new.crt + +Note that since the new key doesn't have to be enrolled in the platform +because its root of trust can be traced back to the KEK, there's no need to +create a DER form of the key (the sbsign utilites used to sign efi binaries +take the key.crt file which is in PEM form). + +Running the UEFI ARM image in qemu +================================== +There are two flavors of the UEFI ARM images: AArch32 and AArch64. +For the AArch64 image, use the following command: + +qemu-system-aarch64 -m 1024 -M virt -cpu cortex-a57 -bios /usr/share/qemu/qemu-uefi-aarch64.bin -serial stdio + +For AArch32: +qemu-system-arm -m 1024 -M virt -cpu cortex-a15 -bios /usr/share/qemu/qemu-uefi-aarch32.bin -serial stdio + +Source Level Debugging +====================== +It's possible to debug OVMF with gdb connecting to qemu with the following +steps: + +(1) install the debug package: qemu-ovmf-x86_64-debug + +(2) Start the virtual machine with '-s' or "-gdb tcp::1234" + +(3) Start gdb in another terminal and issue the following commands: + + (gdb) set architecture i386:x86-64:intel + (gdb) target remote localhost:1234 + (gdb) source /usr/share/ovmf-x86_64/gdb_uefi-ovmf-x86_64-.py + (gdb) reload-uefi -o /usr/lib/debug/ovmf-x86_64/DebugPkg/GdbSyms/GdbSyms/DEBUG/GdbSyms.dll + +(4) Happy debugging + +Reference: https://www.mail-archive.com/edk2-devel@lists.sourceforge.net/msg07075.html + +Note: It's also possible to debug OVMF with Xen, but the way to set up the port + is differnt. Instead of adding the port number to qemu, you need gdbsx. + Before starting gdb, execute this command: + + # gdbsx -a 64 1234 + + Then gdbsx will listen to port 1234 for the specific domainU. The rest is + the same as qemu. diff --git a/SLES-UEFI-CA-Certificate-2048.crt b/SLES-UEFI-CA-Certificate-2048.crt new file mode 100644 index 0000000..7efd6c8 --- /dev/null +++ b/SLES-UEFI-CA-Certificate-2048.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE5TCCA82gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBpjEtMCsGA1UEAwwkU1VT +RSBMaW51eCBFbnRlcnByaXNlIFNlY3VyZSBCb290IENBMQswCQYDVQQGEwJERTES +MBAGA1UEBwwJTnVyZW1iZXJnMSEwHwYDVQQKDBhTVVNFIExpbnV4IFByb2R1Y3Rz +IEdtYkgxEzARBgNVBAsMCkJ1aWxkIFRlYW0xHDAaBgkqhkiG9w0BCQEWDWJ1aWxk +QHN1c2UuZGUwHhcNMTMwNDE4MTQzMzQxWhcNMzUwMzE0MTQzMzQxWjCBpjEtMCsG +A1UEAwwkU1VTRSBMaW51eCBFbnRlcnByaXNlIFNlY3VyZSBCb290IENBMQswCQYD +VQQGEwJERTESMBAGA1UEBwwJTnVyZW1iZXJnMSEwHwYDVQQKDBhTVVNFIExpbnV4 +IFByb2R1Y3RzIEdtYkgxEzARBgNVBAsMCkJ1aWxkIFRlYW0xHDAaBgkqhkiG9w0B +CQEWDWJ1aWxkQHN1c2UuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQDN/avXKoT4gcM2NVA1LMfsBPH01sxgS8gTs3SbvfbEP2M+ZlHyfj9ufHZ7cZ1p +ISoVm6ql5VbIeZgSNc17Y4y4Nynud1C8t2SP/iZK5YMYHGxdtIfv1zPE+Bo/KZqE +WgHg2YFtMXdiKfXBZRTfSh37t0pGO/OQi6K4JioKw55UtQNggePZWDXtsAviT2vv +abqLR9+kxdrQ0iWqhWM+LwXbTGkCpg41s8KucLD/JYAxxw05dKPApFDNnz+Ft2L7 +e5JtyB4S0u4PlvQBMNHt4hDs0rK4oeHFLbOxHvjF+nloneWhkg9eT0VCfpAYVYz+ +whMxuCHerDCdmeFrRGEMQz11AgMBAAGjggEaMIIBFjAPBgNVHRMBAf8EBTADAQH/ +MB0GA1UdDgQWBBTsqw1CxFbPdwQ2uXOZOGKWXocmLzCB0wYDVR0jBIHLMIHIgBTs +qw1CxFbPdwQ2uXOZOGKWXocmL6GBrKSBqTCBpjEtMCsGA1UEAwwkU1VTRSBMaW51 +eCBFbnRlcnByaXNlIFNlY3VyZSBCb290IENBMQswCQYDVQQGEwJERTESMBAGA1UE +BwwJTnVyZW1iZXJnMSEwHwYDVQQKDBhTVVNFIExpbnV4IFByb2R1Y3RzIEdtYkgx +EzARBgNVBAsMCkJ1aWxkIFRlYW0xHDAaBgkqhkiG9w0BCQEWDWJ1aWxkQHN1c2Uu +ZGWCAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IBAQASviyFhVqU +Wc1JUQgXwdljJynTnp0/FQOZJBSe7XdBGPmy91+3ITqrXgyqo/218KISiQl53Qlw +pq+cIiGRAia1D7p7wbg7wsg+Trt0zZFXes30wfYq5pjfWadEBAgNCffkBz10TSjL +jQrVwW5N+yUJMoq+r843TzV56Huy6LBOVhI5yTz7X7i2rSJYfyQWM8oeHLj8Yl5M +rOB9gyTumxB4mOLmSqwKzJiUB0ppGPohdLUSSEKDdo6KSH/GjR7M7uBicwnzwJD3 +SVfT9nx9HKF2nXZlHvs5ViQQru3qP1tc6i0eXEnPTYW2+zkZcN0e5iHyozEZHsO0 +rvc1p6G0YWtO +-----END CERTIFICATE----- diff --git a/_constraints b/_constraints new file mode 100644 index 0000000..df1320b --- /dev/null +++ b/_constraints @@ -0,0 +1,7 @@ + + + + 6 + + + diff --git a/_service b/_service new file mode 100644 index 0000000..9c423a7 --- /dev/null +++ b/_service @@ -0,0 +1,14 @@ + + + ovmf + 2017+git%at.%h + UDK2017 + https://github.com/tianocore/edk2.git + git + + + xz + *.tar + + + diff --git a/berkeley-softfloat-3-b64af41c3276f.tar.xz b/berkeley-softfloat-3-b64af41c3276f.tar.xz new file mode 100644 index 0000000..4a64845 --- /dev/null +++ b/berkeley-softfloat-3-b64af41c3276f.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4adb7b95a362d8bfdc6118e53b0a9dbcf2bd7d23123c239373358c442a888ce3 +size 81796 diff --git a/descriptors.tar.xz b/descriptors.tar.xz new file mode 100644 index 0000000..78f05aa --- /dev/null +++ b/descriptors.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a13003f5e1a5470d19a1fb257a510c16e002a22d6adc67a8540f20aadc6d1eb2 +size 1560 diff --git a/edk2-edk2-stable202305.tar.gz b/edk2-edk2-stable202305.tar.gz new file mode 100644 index 0000000..12740d8 --- /dev/null +++ b/edk2-edk2-stable202305.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5f6c18cf1068089d669fbe81dab2325f8bf7b1298b192c276490b65e2edbbd94 +size 15351015 diff --git a/gdb_uefi.py.in b/gdb_uefi.py.in new file mode 100644 index 0000000..ce6e912 --- /dev/null +++ b/gdb_uefi.py.in @@ -0,0 +1,365 @@ +""" +Allows loading TianoCore symbols into a GDB session attached to EFI +Firmware. + +This is how it works: build GdbSyms - it's a dummy binary that +contains the relevant symbols needed to find and load image symbols. + +$ gdb +(gdb) taget remote .... +(gdb) source Scripts/gdb_uefi.py +(gdb) reload-uefi -o /path/to/GdbSyms.dll + +The -o option should be used if you've debugging EFI, where the PE +images were converted from MACH-O or ELF binaries. + +""" + +import array +import getopt +import binascii +import re + +__license__ = "BSD" +__version = "1.0.0" +__maintainer__ = "Andrei Warkentin" +__email__ = "andrey.warkentin@gmail.com" +__status__ = "Works" + + +# FOR RPM PACKAGE replace the strings in the spec file +build_path="__BUILD_PATH__" +source_path="__SOURCE_PATH__" +gdb_src_path="__GDB_SRC_PATH__" +flavor="__FLAVOR__" + +class ReloadUefi (gdb.Command): + """Reload UEFI symbols""" + + # + # Various constants. + # + + EINVAL = 0xffffffff + CV_NB10 = 0x3031424E + CV_RSDS = 0x53445352 + CV_MTOC = 0x434F544D + DOS_MAGIC = 0x5A4D + PE32PLUS_MAGIC = 0x20b + EST_SIGNATURE = 0x5453595320494249 + DEBUG_GUID = [0x49152E77, 0x1ADA, 0x4764, + [0xB7,0xA2,0x7A,0xFE, + 0xFE,0xD9,0x5E, 0x8B]] + DEBUG_IS_UPDATING = 0x1 + + # + # If the images were built as ELF/MACH-O and then converted to PE, + # then the base address needs to be offset by PE headers. + # + + offset_by_headers = False + + def __init__ (self): + super (ReloadUefi, self).__init__ ("reload-uefi", gdb.COMMAND_OBSCURE) + + # + # Returns gdb.Type for a type. + # + + def type (self, typename): + return gdb.lookup_type (typename) + + # + # Returns gdb.Type for a pointer to a type. + # + + def ptype (self, typename): + return gdb.lookup_type (typename).pointer () + + # + # Computes CRC32 on an array of data. + # + + def crc32 (self, data): + return binascii.crc32 (data) & 0xFFFFFFFF + + # + # Sets a field in a struct to a value, i.e. + # value->field_name = data. + # + # Newer Py bindings to Gdb provide access to the inferior + # memory, but not all, so have to do it this awkward way. + # + + def set_field (self, value, field_name, data): + gdb.execute ("set *(%s *) 0x%x = 0x%x" % \ + (str (value[field_name].type), \ + int (value[field_name].address), \ + data)) + + # + # Returns data backing a gdb.Value as an array. + # Same comment as above regarding newer Py bindings... + # + + def value_data (self, value, bytes=0): + value_address = gdb.Value (value.address) + array_t = self.ptype ('UINT8') + value_array = value_address.cast (array_t) + if bytes == 0: + bytes = value.type.sizeof + data = array.array ('B') + for i in range (0, bytes): + data.append (value_array[i]) + return data + + # + # Locates the EFI_SYSTEM_TABLE as per UEFI spec 17.4. + # Returns base address or -1. + # + + def search_est (self): + address = 0 + estp_t = self.ptype ('EFI_SYSTEM_TABLE_POINTER') + while True: + estp = gdb.Value(address).cast(estp_t) + if estp['Signature'] == self.EST_SIGNATURE: + oldcrc = int (estp['Crc32']) + self.set_field (estp, 'Crc32', 0) + newcrc = self.crc32 (self.value_data (estp.dereference (), 0)) + self.set_field (estp, 'Crc32', int (oldcrc)) + if newcrc == oldcrc: + return estp['EfiSystemTableBase'] + + address = address + 4*1024*1024 + if int (address) == 0: + return gdb.Value(self.EINVAL) + + # + # Searches for a vendor-specific configuration table (in EST), + # given a vendor-specific table GUID. GUID is a list like - + # [32-bit, 16-bit, 16-bit, [8 bytes]] + # + + def search_config (self, cfg_table, count, guid): + index = 0 + while index != count: + cfg_entry = cfg_table[index]['VendorGuid'] + if cfg_entry['Data1'] == guid[0] and \ + cfg_entry['Data2'] == guid[1] and \ + cfg_entry['Data3'] == guid[2] and \ + self.value_data (cfg_entry['Data4']).tolist () == guid[3]: + return cfg_table[index]['VendorTable'] + index = index + 1 + return gdb.Value(self.EINVAL) + + # + # Returns a UTF16 string corresponding to a (CHAR16 *) value in EFI. + # + + def parse_utf16 (self, value): + index = 0 + data = array.array ('H') + while value[index] != 0: + data.append (value[index]) + index = index + 1 + return data.tostring ().decode ('utf-16') + + # + # Returns offset of a field within structure. Useful + # for getting container of a structure. + # + + def offsetof (self, typename, field): + t = gdb.Value (0).cast (self.ptype (typename)) + return int (t[field].address) + + # + # Returns sizeof of a type. + # + + def sizeof (self, typename): + return self.type (typename).sizeof + + # + # Returns the EFI_IMAGE_NT_HEADERS32 pointer, given + # an ImageBase address as a gdb.Value. + # + + def pe_headers (self, imagebase): + dosh_t = self.ptype ('EFI_IMAGE_DOS_HEADER') + head_t = self.ptype ('EFI_IMAGE_OPTIONAL_HEADER_UNION') + dosh = imagebase.cast(dosh_t) + h_addr = imagebase + if dosh['e_magic'] == self.DOS_MAGIC: + h_addr = h_addr + dosh['e_lfanew'] + return gdb.Value(h_addr).cast (head_t) + + # + # Returns True if pe_headers refer to a PE32+ image. + # + + def pe_is_64 (self, pe_headers): + if pe_headers['Pe32']['OptionalHeader']['Magic'] == self.PE32PLUS_MAGIC: + return True + return False + + # + # Returns the PE (not so) optional header. + # + + def pe_optional (self, pe): + if self.pe_is_64 (pe): + return pe['Pe32Plus']['OptionalHeader'] + else: + return pe['Pe32']['OptionalHeader'] + + # + # Returns the symbol file name for a PE image. + # + + def pe_parse_debug (self, pe): + opt = self.pe_optional (pe) + debug_dir_entry = opt['DataDirectory'][6] + dep = debug_dir_entry['VirtualAddress'] + opt['ImageBase'] + dep = dep.cast (self.ptype ('EFI_IMAGE_DEBUG_DIRECTORY_ENTRY')) + cvp = dep.dereference ()['RVA'] + opt['ImageBase'] + cvv = cvp.cast(self.ptype ('UINT32')).dereference () + if cvv == self.CV_NB10: + return cvp + self.sizeof('EFI_IMAGE_DEBUG_CODEVIEW_NB10_ENTRY') + elif cvv == self.CV_RSDS: + return cvp + self.sizeof('EFI_IMAGE_DEBUG_CODEVIEW_RSDS_ENTRY') + elif cvv == self.CV_MTOC: + return cvp + self.sizeof('EFI_IMAGE_DEBUG_CODEVIEW_MTOC_ENTRY') + return gdb.Value(self.EINVAL) + + # + # Parses an EFI_LOADED_IMAGE_PROTOCOL, figuring out the symbol file name. + # This file name is then appended to list of loaded symbols. + # + # TBD: Support TE images. + # + + def parse_image (self, image, syms): + base = image['ImageBase'] + pe = self.pe_headers (base) + opt = self.pe_optional (pe) + sym_name = self.pe_parse_debug (pe) + + # For ELF and Mach-O-derived images... + if self.offset_by_headers: + base = base + opt['SizeOfHeaders'] + if sym_name != self.EINVAL: + sym_name = sym_name.cast (self.ptype('CHAR8')).string () + # Ignore the driver from qemu + if re.search (r"\.efidrv$", sym_name): + return + # FOR RPM PACKAGE substitute the build path + sym_name = re.sub(r"^"+re.escape(build_path), "/usr/lib/debug/"+flavor, sym_name) + sym_name = re.sub(r"\.dll$", ".debug", sym_name) + syms.append ("add-symbol-file %s 0x%x" % \ + (sym_name, + int (base))) + + # + # Parses table EFI_DEBUG_IMAGE_INFO structures, builds + # a list of add-symbol-file commands, and reloads debugger + # symbols. + # + + def parse_edii (self, edii, count): + index = 0 + syms = [] + while index != count: + entry = edii[index] + if entry['ImageInfoType'].dereference () == 1: + entry = entry['NormalImage'] + self.parse_image(entry['LoadedImageProtocolInstance'], syms) + else: + print ('Skipping unknown EFI_DEBUG_IMAGE_INFO (Type 0x%x)' % \ + entry['ImageInfoType'].dereference ()) + index = index + 1 + gdb.execute ("symbol-file") + print ('Loading new symbols...') + for sym in syms: + print (sym) + gdb.execute (sym) + + # + # Parses EFI_DEBUG_IMAGE_INFO_TABLE_HEADER, in order to load + # image symbols. + # + + def parse_dh (self, dh): + dh_t = self.ptype ('EFI_DEBUG_IMAGE_INFO_TABLE_HEADER') + dh = dh.cast (dh_t) + print ('DebugImageInfoTable @ 0x%x, 0x%x entries' \ + % (int (dh['EfiDebugImageInfoTable']), dh['TableSize'])) + if dh['UpdateStatus'] & self.DEBUG_IS_UPDATING: + print ('EfiDebugImageInfoTable update in progress, retry later') + return + self.parse_edii (dh['EfiDebugImageInfoTable'], dh['TableSize']) + + # + # Parses EFI_SYSTEM_TABLE, in order to load image symbols. + # + + def parse_est (self, est): + est_t = self.ptype ('EFI_SYSTEM_TABLE') + est = est.cast (est_t) + print ('Connected to %s (Rev. 0x%x)' % \ + (self.parse_utf16 (est['FirmwareVendor']), \ + int (est['FirmwareRevision']))) + print ('ConfigurationTable @ 0x%x, 0x%x entries' \ + % (int (est['ConfigurationTable']), est['NumberOfTableEntries'])) + + dh = self.search_config(est['ConfigurationTable'], + est['NumberOfTableEntries'], + self.DEBUG_GUID) + if dh == self.EINVAL: + print ('No EFI_DEBUG_IMAGE_INFO_TABLE_HEADER') + return + self.parse_dh (dh) + + # + # Usage information. + # + + def usage (self): + print ('Usage: reload-uefi [-o] /path/to/GdbSyms.dll') + + # + # Handler for reload-uefi. + # + + def invoke (self, arg, from_tty): + args = arg.split(' ') + try: + opts, args = getopt.getopt(args, "o", ["offset-by-headers"]) + except (getopt.GetoptError, err): + self.usage () + return + for opt, arg in opts: + if opt == "-o": + self.offset_by_headers = True + + if len(args) < 1: + self.usage () + return + + # FOR RPM PACKAGE substitute the path of the source code + gdb.execute ("set substitute-path "+source_path+" "+gdb_src_path) + + gdb.execute ("symbol-file") + gdb.execute ("symbol-file %s" % args[0]) + est = self.search_est () + if est == self.EINVAL: + print ('No EFI_SYSTEM_TABLE...') + return + + print ('EFI_SYSTEM_TABLE @ 0x%x' % est) + self.parse_est (est) + +ReloadUefi () + + diff --git a/gen-key-enrollment-iso.sh b/gen-key-enrollment-iso.sh new file mode 100644 index 0000000..304e355 --- /dev/null +++ b/gen-key-enrollment-iso.sh @@ -0,0 +1,113 @@ +#!/bin/bash -e +# The script to generate the key enrollment iso file +# based on build_iso() in https://git.kraxel.org/cgit/jenkins/edk2/tree/edk2.git.spec + +# Example: $0 X64 Shell.efi EnrollDefaultKeys.efi default key.iso + +usage() +{ + PROG_NAME=$1 + echo "Usage: $PROG_NAME " + echo "ex: $PROG_NAME X64 Shell.efi EnrollDefaultKeys.efi default key.iso" +} + +ARCH=$(echo $1 | tr '[:lower:'] '[:upper:]') +UEFI_SHELL_BINARY="$2" +ENROLLER_BINARY="$3" +TYPE="$4" +ISO_NAME="$5" + +# Check the arguments +if [ x$ARCH != xX64 ] && [ x$ARCH != xAARCH64 ]; then + echo "Supported architecture: X64, AARCH64" + usage $0 + exit 1 +fi + +if [ x$UEFI_SHELL_BINARY == x ] || [ ! -e "$UEFI_SHELL_BINARY" ]; then + echo "Please specify the UEFI shell binary" + usage $0 + exit 1 +fi + +if [ x$ENROLLER_BINARY == x ] || [ ! -e "$ENROLLER_BINARY" ]; then + echo "Please specify the enroller binary" + usage $0 + exit 1 +fi + +if [ x$TYPE == x ]; then + echo "Please specify the type of image: default or no-default" + usage $0 + exit 1 +fi + +if [ x$ISO_NAME == x ]; then + echo "Please specify the name of output iso" + usage $0 + exit 1 +fi + +ISO_PATH=$(realpath $ISO_NAME) + +TMP_DIR=$(mktemp -d) + +cp $UEFI_SHELL_BINARY $TMP_DIR/Shell.efi +cp $ENROLLER_BINARY $TMP_DIR/EnrollDefaultKeys.efi + +UEFI_BOOT_EFI=$( + if [ $ARCH == "X64" ]; then + echo bootx64.efi + elif [ $ARCH == "AARCH64" ]; then + echo bootaa64.efi + else + exit 1 + fi +) + +UEFI_SHELL_SIZE=$(stat --format=%s -- "$UEFI_SHELL_BINARY") +ENROLLER_SIZE=$(stat --format=%s -- "$ENROLLER_BINARY") +START_SCRIPT=$TMP_DIR/"startup.nsh" + +# Enter the first ESP +echo "fs0:" > $START_SCRIPT +# Enroll the keys +if [ $TYPE == "default" ]; then + echo "EnrollDefaultKeys.efi" >> $START_SCRIPT +else + echo "EnrollDefaultKeys.efi --no-default" >> $START_SCRIPT +fi +# Reset BootOrder +echo "setvar BootOrder -guid 8be4df61-93ca-11d2-aa0d-00e098032b8c -bs -rt -nv =" >> $START_SCRIPT +# Shutdown the system +echo "reset -s" >> $START_SCRIPT + +UEFI_SHELL_IMAGE=uefi_shell_${ARCH}_${TYPE}.img +# Add 1MB then 10% for metadata +UEFI_SHELL_IMAGE_KB=$(( + (UEFI_SHELL_SIZE + ENROLLER_SIZE + + 1 * 1024 * 1024) * 11 / 10 / 1024 +)) + +pushd $TMP_DIR + +# Create non-partitioned FAT image +rm -f -- "$UEFI_SHELL_IMAGE" +/usr/sbin/mkdosfs -C "$UEFI_SHELL_IMAGE" -n UEFI_SHELL -- "$UEFI_SHELL_IMAGE_KB" + +export MTOOLS_SKIP_CHECK=1 +mmd -i "$UEFI_SHELL_IMAGE" ::efi +mmd -i "$UEFI_SHELL_IMAGE" ::efi/boot +mcopy -i "$UEFI_SHELL_IMAGE" Shell.efi ::efi/boot/$UEFI_BOOT_EFI +mcopy -i "$UEFI_SHELL_IMAGE" "$START_SCRIPT" ::efi/boot/startup.nsh +mcopy -i "$UEFI_SHELL_IMAGE" EnrollDefaultKeys.efi ::EnrollDefaultKeys.efi +mdir -i "$UEFI_SHELL_IMAGE" -/ :: + +# build ISO with FAT image file as El Torito EFI boot image +mkisofs -input-charset ASCII -J -rational-rock \ + -eltorito-platform efi -eltorito-boot "$UEFI_SHELL_IMAGE" \ + -no-emul-boot -o "$ISO_PATH" -- "$UEFI_SHELL_IMAGE" + +popd + +#rm -rf $TMP_DIR diff --git a/oniguruma-v6.9.4_mark1-src.tar.xz b/oniguruma-v6.9.4_mark1-src.tar.xz new file mode 100644 index 0000000..eb65f2a --- /dev/null +++ b/oniguruma-v6.9.4_mark1-src.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4a651d7235dd074750518cbe5d4f239797916b0cd5dc922d4f757431173b3bed +size 217260 diff --git a/openSUSE-UEFI-CA-Certificate-2048.crt b/openSUSE-UEFI-CA-Certificate-2048.crt new file mode 100644 index 0000000..e943169 --- /dev/null +++ b/openSUSE-UEFI-CA-Certificate-2048.crt @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEdDCCA1ygAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgTEgMB4GA1UEAwwXb3Bl +blNVU0UgU2VjdXJlIEJvb3QgQ0ExCzAJBgNVBAYTAkRFMRIwEAYDVQQHDAlOdXJl +bWJlcmcxGTAXBgNVBAoMEG9wZW5TVVNFIFByb2plY3QxITAfBgkqhkiG9w0BCQEW +EmJ1aWxkQG9wZW5zdXNlLm9yZzAeFw0xMzA4MjYxNjEyMDdaFw0zNTA3MjIxNjEy +MDdaMIGBMSAwHgYDVQQDDBdvcGVuU1VTRSBTZWN1cmUgQm9vdCBDQTELMAkGA1UE +BhMCREUxEjAQBgNVBAcMCU51cmVtYmVyZzEZMBcGA1UECgwQb3BlblNVU0UgUHJv +amVjdDEhMB8GCSqGSIb3DQEJARYSYnVpbGRAb3BlbnN1c2Uub3JnMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3t9hknqk/oPRfTtoDrGn8E6Sk/xHPnAt +Tojcmp76M7Sm2w4jwQ2owdVlBIQE/zpIGE85MuTKTvkEnp8PzSBdYaunANil/yt/ +vuhHwy9bAsi73o4a6UbThu//iJmQ6xCJuIs/PqgHxlV6btNf/IM8PRbtJsUTc5Kx +cB4ilcgAbCV2RvGi2dCwmGgPpy2xDWeJypRK6hLFkVV2f2x6LvkYiZ/49CRD1TVq +ywAOLu1L4l0J2BuXcJmeWm+mgaidqVh2fWlxgtO6OpZDm/DaFcZO6cgVuenLx+Rx +zuoQG2vEKnABqVK0F94AUs995P0PTQMYspAo1G/Erla8NmBJRotrCwIDAQABo4H0 +MIHxMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFGhCYA3iLExHfpW+I9/qlRPl +lxdiMIGuBgNVHSMEgaYwgaOAFGhCYA3iLExHfpW+I9/qlRPllxdioYGHpIGEMIGB +MSAwHgYDVQQDDBdvcGVuU1VTRSBTZWN1cmUgQm9vdCBDQTELMAkGA1UEBhMCREUx +EjAQBgNVBAcMCU51cmVtYmVyZzEZMBcGA1UECgwQb3BlblNVU0UgUHJvamVjdDEh +MB8GCSqGSIb3DQEJARYSYnVpbGRAb3BlbnN1c2Uub3JnggEBMA4GA1UdDwEB/wQE +AwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAiqOJwo7Z+YIL8zPO6RkXF6NlgM0zrgZR +Vim2OId79J38KI6q4FMSDjpgxwbYOmF2O3cI9JSkjHxHOpnYhJsXzCBiLuJ25MY2 +DSbpLlM1Cvs6NZNFw5OCwQvzCOlXH1k3qdBsafto6n87r9P3WSeO1MeWc/QMCvc+ +5K9sjMd6bwl59EEf428R+z5ssaB75JK3yvky9d7DsHN947OCXc3sYdz+DD7Gteds +LV2Sc//tqmqpm2aeXjptcLAxwM7fLyEQaAyH83egMzEKDxX27jKIxZpTcc0NGqEo +idC/9lasSzs2BisBxevl3HKDPZSsKIMT+8FdJ5wT9jJf9h9Ktz5Tig== +-----END CERTIFICATE----- diff --git a/openSUSE-UEFI-SIGN-Certificate-2048.crt b/openSUSE-UEFI-SIGN-Certificate-2048.crt new file mode 100644 index 0000000..cfe5f18 --- /dev/null +++ b/openSUSE-UEFI-SIGN-Certificate-2048.crt @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEjTCCA3WgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgTEgMB4GA1UEAwwXb3Bl +blNVU0UgU2VjdXJlIEJvb3QgQ0ExCzAJBgNVBAYTAkRFMRIwEAYDVQQHDAlOdXJl +bWJlcmcxGTAXBgNVBAoMEG9wZW5TVVNFIFByb2plY3QxITAfBgkqhkiG9w0BCQEW +EmJ1aWxkQG9wZW5zdXNlLm9yZzAeFw0xMzA4MjYxNjE4MzdaFw0yMzA3MDUxNjE4 +MzdaMIGGMSUwIwYDVQQDDBxvcGVuU1VTRSBTZWN1cmUgQm9vdCBTaWdua2V5MQsw +CQYDVQQGEwJERTESMBAGA1UEBwwJTnVyZW1iZXJnMRkwFwYDVQQKDBBvcGVuU1VT +RSBQcm9qZWN0MSEwHwYJKoZIhvcNAQkBFhJidWlsZEBvcGVuc3VzZS5vcmcwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLNeCcz9j3S+vjlCzyEXczhpwo +HRneRWkhXqCUSgu1QS5nAWuRdjqFZipji4cr6JSKEm4lE7AHPygrdiU+KbJVQuc7 +RCQdt5kyy0TStIjLqU+nswa+XKruKwQJquxYY1rIYsfZaEP7vQ6S/0zsAkS8lcmf +0b4h+PSybVoK1U2YZczBjO/f8p/aRQV2+RrAi9UcBfLAuEqwEt9DytULGEazA77N +p9cBgPHFyu7ZOh9KM31QAavXOkhuYllzYh447zIx7lgYfVkFivt91A1enUeb2K+2 +EZ885xOE5ADsCpeJIpDzFObfwXUHrSQ42OCP9rnA20XjboFcHinQeK5sp0sfAgMB +AAGjggEHMIIBAzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQDMvqcvw2IvyGSSw3o +KgmlTV3vyDCBrgYDVR0jBIGmMIGjgBRoQmAN4ixMR36VviPf6pUT5ZcXYqGBh6SB +hDCBgTEgMB4GA1UEAwwXb3BlblNVU0UgU2VjdXJlIEJvb3QgQ0ExCzAJBgNVBAYT +AkRFMRIwEAYDVQQHDAlOdXJlbWJlcmcxGTAXBgNVBAoMEG9wZW5TVVNFIFByb2pl +Y3QxITAfBgkqhkiG9w0BCQEWEmJ1aWxkQG9wZW5zdXNlLm9yZ4IBATAOBgNVHQ8B +Af8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcNAQELBQADggEB +AI3sxNvPFB/+Cjj9GVCvNbaOGFV+5X6Dd7ZMJat0xI93GS+FvUOO1i53iCpnfSld +gE+2chifX2W3u6RyiJTTfwke4EVU4GWjFy78WwwszCih0byVa/YSQguvPuMjvQY6 +mw+exom0ri68328yWb1oCDaPOhI9Fr51hj50yUWWBbmpu2YPi5blN6CBE+9B2cbp +HVDPxoUWjYJ9leK951nfSu0E1+cLNYDpZ39h4dBHNvU1a3AueVKIXyEYaiwy0VDS +8CQJluUCE4eLlt/cbJqMs0/iY7nRnbVOOyZUYTYxq7ACvDrMyStkfdR4KLDzvLWo +8Gu+1aY2qw6wZ+TKiiRRYjQ= +-----END CERTIFICATE----- diff --git a/openssl-1.1.1t.tar.gz b/openssl-1.1.1t.tar.gz new file mode 100644 index 0000000..ced5fc4 --- /dev/null +++ b/openssl-1.1.1t.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8dee9b24bdb1dcbf0c3d1e9b02fb8f6bf22165e807f45adeb7c9677536859d3b +size 9881866 diff --git a/openssl-1.1.1t.tar.gz.asc b/openssl-1.1.1t.tar.gz.asc new file mode 100644 index 0000000..c1bb1d6 --- /dev/null +++ b/openssl-1.1.1t.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEeVOsH7w9yLOykjk+1enkP3357owFAmPiVA4ACgkQ1enkP335 +7owO9Q/+I6mvbNQeSgpOaOu//sVRGVkOD9pfZJsxZJtQuiYPQtXLlwkZyoh3Ft8b +Gty7sC6zXwWA2sbo4LGeum3jnjb7nb/x3+5O8KARPLFRpy2/4okL3uZnAw8Pr5ps +8VjCEIm9l9UmuWNZPWRQZPtup6Uz5u97/kVLQE17qFQW1bwiUixR+Yc+ICyW/hUQ +F13tbV2GVkoVdJKwD9UpwAs6ft0+faXtkEASNyLykcrTbGbBPVVpieXiH/Vuv6BX +1Ax/oBR5Xem9bGSZkCa5KZMDOqR08GUEA1zqa9Hh8VN4hH11w0cjyKPK9U6dQmAH +P6clMEtbNMYPr3pHO4Ufgwf0OzdnLfxIf8qCiqQcNLmBnCG0NHM0/8zJmiGg1O6r +Fy0P9/nSQ5CIT3t27Xcn8RciwTR7YClEyBtNGS1JdDzGJmomTqmxBns/QyZyKtlG +V+7IsNfUBVdCF4AUP7BRC+SkHf/2/fDyCPETg27AQz/iOUC9KU0DgKLQtmnnRKk0 +Uz49l/WSVJARzPS5y55o8NUEv/QhnSct2eGjYeO3RiikuHDVQoH9R663G6E1koMq +fahxEs0FX39hALOt/CVisZ/H8trIy3r3Buc7EmqLHj/Q40I5IJA9ZCzi1e8UviQV +pQpkVru5VJVwNsm8KB/aBOm6J00mi2kbXMPrW1zwfmJAwt+iSJ4= +=nNu+ +-----END PGP SIGNATURE----- diff --git a/openssl.keyring b/openssl.keyring new file mode 100644 index 0000000..c266b3b --- /dev/null +++ b/openssl.keyring @@ -0,0 +1,94 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Comment: 7953 AC1F BC3D C8B3 B292 393E D5E9 E43F 7DF9 EE8C +Comment: Richard Levitte +Comment: Richard Levitte +Comment: Richard Levitte + +xsFNBFQwazYBEAC01v949yFYzwbn0UkEkM3MHTrDqWbp+erhXqdVD5ymG/pXvmqx +5KlxL1TZMuWEFuaq9EVkW8Wm5glk4D14IalIVKARAMDwqgNrPnw0GCAmNIf+Omvl +G7gdsSR93eALJp1vvKZpeEVZj0M0gQ1i4QIIR8PMqs+2jaYyed4HhRYzUbGKZMnr +94Onby8FIAYq0B79VqBv5NfMc2KEKrLXwuDSjtZd2TGB7qeLF7sCczyFoi5XTj+B +iVfdxCzoYEa1Rjp5hGllVj85w2DdfKED/BW7VCel4H+WTZGqTFQ1e3kPo1KdqlwD +F+Ci2JFU6myPy0LpHrNhn6FsdQGOuRKgYPycol7VzJHKtcGNMDkUFGV2DsgljQuW +Sj5TNNX5umFCIIN94eLvHtV9bXP98yKB/5pr2JhagL6kdU7OE0c/mugA05gGQTUJ +DeLNsRq54YC+CLyM9dxMvH7yB43yMfUvgKcSRt0sHUo8g5aOYdFq0SXQUr8+t/iH +3t5/JxhqBik8FBiu0aISsTDUbvbxQQQe/LhfR+FWDZRFwHOL0VELapfw1whitGG+ +y+F9fQIJfa5yzEiC9AWYZjHRaFB7q6LAvF0V8vP+pkT157fTK63W53mt1+VPMt2L +732i+/Cqy/6HzwOdnNnNyfEdvm2Jojs8KXN20vChnfUGifvTjxuiFib9sQARAQAB +zR9SaWNoYXJkIExldml0dGUgPGxldml0dGVAbHAuc2U+wsGPBBMBAgAiBQJUMGwd +AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAhCRDV6eQ/ffnujBYhBHlTrB+8 +PcizspI5PtXp5D99+e6Mq7QP/iNhBEDJYRTrYc6JAmRIg6YyiKjeOx8kXtVCe9+q +CzC+Y9ehyZB5Dyl0Ybej9jNJdEDJzDHKzVwU4NrfefcTWqUOQDNbpClGtXcQHlUt +hjREPWpyAEH1OhD5NDTSMI5YYKZDEfiN6oEpWlc7WK0mXZuY5mHOo0B3yNDfV845 ++7CGPK9zuE56/f9SLmCaFsCkNMGbvV4ybLRoBfZdnC5NPOKyJXQ0TG0CbxGMgIN5 +cOrBphU+ZrPYY+p4jEoD5rvFugQl4+oRsvxygpJV5t8pe1ihNMhmzu3CpRtMjmRA +dzK+27Z8p7m8BORuoC+NbXVpcmjIueXDkYdxP+09qUyw8xE398tAuEXpbCVoQ68b +6NDCBpowgvUu34zxDn0wKdt2YGHB6z7Kl7b8RycWG3Y8u/Hs+l6QehEmiy6UKXl7 +zW3PIi3192WzElUi7TtG/btqC6YPs0U3SQMkNWzwkjbKM9bC4gPFMK05a8QENc66 +M+USWjNg0TiAkGP9PDlpYyhtjicCTgL51lDm8LBXr9cbzvXav7Jc6NVh7Zby89r1 +DsPFzfDkccOX6nSnqYMISmvRUGrGfgrkeeM0MNu93aPTrs+0fxq+HJIZEhX/YCyQ +N4jqM+hQGh9bOwM7BacaP9F9vnq2hDK2WIXlWChX9Q70xArViJqzI8/76Ph1inPb +jbJczSVSaWNoYXJkIExldml0dGUgPGxldml0dGVAb3BlbnNzbC5vcmc+wsGPBBMB +AgAiBQJUMGwKAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAhCRDV6eQ/ffnu +jBYhBHlTrB+8PcizspI5PtXp5D99+e6M1bAP/0byoJMiMsswapbBypQCT/vQmaoX +jZzNcU4qAKlB5EMlHkxl1T8ytEXxmNMd/e0ltV9HALeBqX1eYHS7oTG3rMXKuYVY +TO19eM2wLiCW664EUtOsB9zAnpp6X+8UWMoNEpWlEHgkdlADQ0xIrrH3pt29SAbd +x0QsvwkWPawEoKMoUiGPnVY4hAt7Xx9gDmWEa2T6tExd9soBBTIuIpTH3MbAEHsv +nBbdyarNltGF/pXYGMmGaYmU0WujqKzqpBpy3zwd0Rx1Kms5e0ZcypVzqx3Xgcue +W8fbMPTZbG+Z922GUFDJ139WjAA2FsMJ9ES7XIIoJh/4nfBwk+PXcj29TieDnl2r +d4x7Yxnqp4Vzau+IARz9Vr1OIFVlQbaSdXfmDFi/fvVf9CJZnWwcSwkqp4pk50Zy +nEA+8TzEQj08jdj0+yrJNvbRxqbIafzSmoU77bANs4gc0WOdTTpvv4honUQROARp +G/JT47hE7ATVGNdF7bmWNEyEYFtZMdGP0xD+K0xEgsir65aruVixVrNKxOX9wqx6 +JGzHTSTgtAVYAvMIsWJTLuCXZbMRmmmmubfyVaMAisz5UIYD+TCPncuJ1dMUW9WI +uLNFGLTRGHri01EWe2epaHZWA0WB0cQZaeGpc7C986WskDi9SA9ZzCIGW4oQIBQX +lRJjjYxIBCnjxtUWzSVSaWNoYXJkIExldml0dGUgPHJpY2hhcmRAbGV2aXR0ZS5v +cmc+wsGSBBMBAgAlAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCVDBtJgIZ +AQAhCRDV6eQ/ffnujBYhBHlTrB+8PcizspI5PtXp5D99+e6MmN0P/AmpB8DasBnj +h9fAlBM8kEZ23MHVdEguPWX8KBML4L6eVlWRn7hdfpvOS90Ll5LTdtWPAQs8lDYh +4V86hIYgLK9tisZyby+5NT4dEl6CXgHbRjdDbp0xKfGc5F9jWzPZpG8ZdDz6Zbvd +ooy/4ThXNS16HcsJRckan6oFjCNAWSNpXDYcLtA7+9ncimrC/C+kGYlyPWJGYZu1 +C3I+oL3+qWwiqAG9hp/zedsIsNP7o24wb0SgD0dTzphmOAPwTRfGS2DHhpbAH9P6 +MZPiFBRGsARRRFfTRGkzI9W1M4bv9l/L8s6STpjD8+40f+aUE8cyUcNj1ycyRGFA +nwf5MeO3MqzvjocoUyoZNc4t7/6rh6sceFjgMt/DFFZbi3kvz9cJBcaN6TWWktd4 ++1WmLxwcF0n3xaB04KCvXTaBZ5f/Hz5D4O8HyYsS6GlW6yIUiuAOvav8WizaTMbY +k81XfXBuBKv7Vxk0fRYf9+HJ7fyWyIlIN9FqrSiiopA3JR+8gP8ueFcycmLnl2D9 +fyZn/sv+UCLrMR6fyD/5EtzgzW0AJ8BDJw5n7ctmZ6UhuasDZZMPC2uB9LVhpQ8W +3mDDxJoaYe5bE2p0ca+mwEHZQpbpjmtT/2x5rGFZYxBUOhuGn/94zEYSqLLDirlF +IEUgucXLOLQHyEl+kEkCLEmSbn71WsM8wsGPBBMBAgAiBQJUMGs2AhsDBgsJCAcD +AgYVCAIJCgsEFgIDAQIeAQIXgAAhCRDV6eQ/ffnujBYhBHlTrB+8PcizspI5PtXp +5D99+e6MbdMP/1yj/fl/t8sl6ZH8v26uBBLSUeZPJYef9TCoe6akV//x4JLujB8y +dGGW8bToC680zpuYlNn+avMwmjyocPwe7Cqgev6AyO+CjspoodM9Xai0y10CAHCl +vGAW8mX7c79jtLcMB/Z/0+5u4ErkzfwyURRpB5deLcQ4LhyRVZbLQ72fdCrmPYzO +e6Rhmfr9nWKL/oHDTLDUtRjAXdurI8YQKK9nCtbsM2uytvYkzpD2wx0B16rB7N04 +QLJBNDyOUJwnm4K+Xt9LLs8NUJ8JXCdwXKXGrFFbt2b3vmy0y4/NR5AUoS444ao5 +1mybA19WkCcCj5mSKmfZ9Dfbv6K3JCJx4ra5uJT2HP2M3NugtumQ1KPBUlNApVC6 +u+Vn7SMqFW/KFRCxOjXDWWU+F4prqzOVc5SYqIUOk7XVxgj1FBryw5Wel5iq1Bn8 +La1Fv3Hs/+pUKHRYYIC48kRET7h6oCmBiNn+XmU0A2qZnIyblmVpmfYftj3UWUC0 +S86qf/dRi8unTXYl8qEQyOSPz8g6t2RDgEsJOzKhiO+j+wcBYVOgrSgsawC8yxjA +zfVwkprUJognVBJFCv4sKMb9wg99iEacI6O401w3FQy5FyokjmxXzrhn0UPj3t35 +wd81WZ5HWaBSLnBo8HklfDyaybPlXODldSI7OGOch/0/CZEQzQwzsmnazsFNBFQw +azYBEADPNcBdaXTUwkG81K9NRKsKGVZ1coVRxkOx2+VD2THTY45sBx9MGmQsmSpj +U45kx/wO5KiTVj+bM+scSzwNgERqLiyf/2hgOIDYaoyKSfAfIVCmm5pSa2Ad01RV +9qT3i0eSSpa1Kpx8eAHKcVsDsWb2ZCd8/MI9778cCjrCbPI4o9zEVK+fjtmYKtdk +HsEoMSVU6Jy86E908OLaJbOeo1a7bSKs4tU8zGWAX+ddY5Cb+w3cHQb4QheDWZHM +el8ZcEgTah7huS6lUA4seQnTKXHmkIZ+uNtB3gFMKso/6GoOGZnUTk8dPY3POLY1 +nbMQ/dEvMQpFxLCOBNQP0lhO4DGP0KuwLXzq2XAxrylX5tY0bNmZKLTjhi4CbKAt +c/+iwMUkQQXJRw7Vlp9Fp9ogOvzx/YlMaZQZZixg5uN2b4UD5cWliHn4Aq7DkTzQ +Je31m7sezA3cLnFR86ol2X77y79n0GRjGsMa+b+e9NRWNKs28JiCPF3ya31Kk+3+ +sjauCZQW3KYx31Il5bO3ulLHOtxhSkCUHx5sJ81NJIhZFr+7yAel/ECCiT9KbVbh +ddJBHsd7GNkwzb1QivcqnYiBW9QzXkQ+xAKHfS7YM5ooYcg6G7jw89/W0xznnGiz +5JTjMkj1s9cppQ8tdqiV4Uemvx/96Nr5F7n++UJZ7Oval9/zswARAQABwsF2BBgB +AgAJBQJUMGs2AhsMACEJENXp5D99+e6MFiEEeVOsH7w9yLOykjk+1enkP3357ozr +2A//YzMQJ6Mo+/SU328dOeoseI/sFypuK882pPhXfJqX8l8H1zyHbKWy5lLLiv1M +oNOC/8pWbpv2QlWyN3PKrB6srClnpPyiHIO37/lQBcpjvAfy9HWpl21FDxn9Ruxn +a/IMYwq60EjE5h8NynNn57vydF3qTcTqkhtHW61L3vbBAcz9VMSay9QVm1f6qzM5 +WbbLxp1sfNjQWKSo381kjs1Vj7yCTBrJul3qSeX0CsRB7WF5VYMalpNTHPRIqCWp +zTMcO3E5SSGIJy+AqwAZZvFiylGrSsux6TnVEVJ07s0nn1yj3q7Ii7av+waGmTf7 +9B0AyZv0IZ4j4NUWFNnGhsG1bEumFLkQl7Id/M61k0yKOusHdzDcZbCzecyww1w3 +WD+j4wvGkfBy4mQRqLiyjutsN/dpxRRkULATME+TH9J5eNq0A5sRRaayEiA1TDcA +WfF0PtA4smNy1GyIarobC+xn8AENi4eeYZBbfDfh8oRhEsICQ6rs098wiYz8jtZ/ +pOruzbiD7ZKDy+vjKtYqgjGnioHQalJCZrKTUnREpH102pg1Cw6v2OcjiXsqU5L7 +Yrhv1jQIluII051VIJ/QBWe5uT7YiJOsMLMQGWvkObPXEYLld2UF6hK6MH4epkwV +/w1uNqnlvIeEFgHTKmSHvfwlAF64lUiDCUdWExXybKkE2NY= +=1H60 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/openssl.keyring.README b/openssl.keyring.README new file mode 100644 index 0000000..c77ce94 --- /dev/null +++ b/openssl.keyring.README @@ -0,0 +1,63 @@ +Upgrade openssl tarball +====================== + +Sometimes you need also update openssl source code tarball when +upgrading EDK2 source code. Normally you should see similar patch +commit in EDK2 git repo: + +commit 4ca4041b0dbb310109d9cb047ed428a0082df395 +Author: Sheng Wei +Date: Tue Feb 28 10:43:57 2023 +0800 + + CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1t + +Then you will need to update openssl-%{openssl_version}.tar.gz and +openssl-%{openssl_version}.tar.gz.asc signature. You can find them +from https://www.openssl.org/source/old/1.1.1/ +e.g. +https://www.openssl.org/source/old/1.1.1/openssl-1.1.1t.tar.gz +https://www.openssl.org/source/old/1.1.1/openssl-1.1.1t.tar.gz.asc + +Update the key of signature for tarball +---------------------------------------- +You will use "osc ci" command to commit new openssl tarball to OBS. +But sometimes you will see fail like this: + +ovmf> osc ci -m "Upgrade OpenSSL to 1.1.1t" +- package has ovmf-rpmlintrc: (unchanged) +gpg: Signature made Tue 07 Feb 2023 09:37:18 PM CST +gpg: using RSA key 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C +gpg: Can't check signature: No public key +ERROR: signature ovmf/openssl-1.1.1t.tar.gz.asc does not validate + +It means that osc caommand didn't find corresponding key to validate +openssl-%{openssl_version}.tar.gz.asc. It will stop to submit your change +to OBS. + +In the above example, it indicates that the signature is using RSA key +7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C. You should go to openssl's +"OpenSSL Technical Committee" page to download the corresponding key +to local. In this case: + +https://www.openssl.org/community/otc.html +Richard Levitte (I) 7953 AC1F BC3D C8B3 B292 393E D5E9 E43F 7DF9 EE8C + +Then you just use downloaded key to overwrite openssl.keyring file. +e.g. +ovmf> cp 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C openssl.keyring + +Then the osc verification of openssl-%{openssl_version}.tar.gz.asc will pass. +Like this: + +ovmf> osc ci -m "Upgrade OpenSSL to 1.1.1t" +(W) Attention, 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C is not mentioned in spec files as source or patch. +###ASK ovmf/7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C +- package has ovmf-rpmlintrc: (unchanged) +gpg: Signature made Tue 07 Feb 2023 09:37:18 PM CST +gpg: using RSA key 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C +gpg: Good signature from "Richard Levitte " [unknown] +gpg: aka "Richard Levitte " [unknown] +gpg: aka "Richard Levitte " [unknown] + +Please maintain the openssl.keyring file in ovmf package with new openssl +tarball and signature. diff --git a/ovmf-Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch b/ovmf-Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch new file mode 100644 index 0000000..fdfd170 --- /dev/null +++ b/ovmf-Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch @@ -0,0 +1,13 @@ +Index: edk2-edk2-stable202305/ArmVirtPkg/ArmVirt.dsc.inc +=================================================================== +--- edk2-edk2-stable202305.orig/ArmVirtPkg/ArmVirt.dsc.inc ++++ edk2-edk2-stable202305/ArmVirtPkg/ArmVirt.dsc.inc +@@ -365,7 +365,7 @@ + # reserved ones, with the exception of LoaderData regions, of which OS loaders + # (i.e., GRUB) may assume that its contents are executable. + # +- gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD5 ++ gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD1 + + gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|TRUE + diff --git a/ovmf-Revert-OvmfPkg-OvmfXen-Set-PcdFSBClock.patch b/ovmf-Revert-OvmfPkg-OvmfXen-Set-PcdFSBClock.patch new file mode 100644 index 0000000..0ba8691 --- /dev/null +++ b/ovmf-Revert-OvmfPkg-OvmfXen-Set-PcdFSBClock.patch @@ -0,0 +1,60 @@ +From b8324bc3d5d44e5b1644a66f1b6e07b6e4ad9350 Mon Sep 17 00:00:00 2001 +From: "Lee, Chun-Yi" +Date: Wed, 15 Feb 2023 14:39:37 +0800 +Subject: [PATCH] Revert "OvmfPkg/OvmfXen: Set PcdFSBClock" + +This reverts commit 71cdb91f313380152d7bf38cfeebe76f5b2d39ac. +--- + OvmfPkg/OvmfXen.dsc | 4 +++- + OvmfPkg/XenPlatformPei/Xen.c | 4 ---- + OvmfPkg/XenPlatformPei/XenPlatformPei.inf | 1 - + 3 files changed, 3 insertions(+), 6 deletions(-) + +Index: edk2-edk2-stable202302/OvmfPkg/OvmfXen.dsc +=================================================================== +--- edk2-edk2-stable202302.orig/OvmfPkg/OvmfXen.dsc ++++ edk2-edk2-stable202302/OvmfPkg/OvmfXen.dsc +@@ -456,6 +456,9 @@ + # Point to the MdeModulePkg/Application/UiApp/UiApp.inf + gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile|{ 0x21, 0xaa, 0x2c, 0x46, 0x14, 0x76, 0x03, 0x45, 0x83, 0x6e, 0x8a, 0xb6, 0xf4, 0x66, 0x23, 0x31 } + ++ ## Xen vlapic's frequence is 100 MHz ++ gEfiMdePkgTokenSpaceGuid.PcdFSBClock|100000000 ++ + # We populate DXE IPL tables with 1G pages preferably on Xen + gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable|TRUE + +@@ -486,7 +489,6 @@ + gUefiOvmfPkgTokenSpaceGuid.PcdPciMmio64Base|0x0 + gUefiOvmfPkgTokenSpaceGuid.PcdPciMmio64Size|0x800000000 + +- gEfiMdePkgTokenSpaceGuid.PcdFSBClock|100000000 + gEfiMdePkgTokenSpaceGuid.PcdPlatformBootTimeOut|0 + + # Set video resolution for text setup. +Index: edk2-edk2-stable202302/OvmfPkg/XenPlatformPei/Xen.c +=================================================================== +--- edk2-edk2-stable202302.orig/OvmfPkg/XenPlatformPei/Xen.c ++++ edk2-edk2-stable202302/OvmfPkg/XenPlatformPei/Xen.c +@@ -634,9 +634,5 @@ CalibrateLapicTimer ( + Freq = DivU64x64Remainder (Dividend, TscTick2 - TscTick, NULL); + DEBUG ((DEBUG_INFO, "APIC Freq % 8lu Hz\n", Freq)); + +- ASSERT (Freq <= MAX_UINT32); +- Status = PcdSet32S (PcdFSBClock, (UINT32)Freq); +- ASSERT_EFI_ERROR (Status); +- + UnmapXenPage (SharedInfo); + } +Index: edk2-edk2-stable202302/OvmfPkg/XenPlatformPei/XenPlatformPei.inf +=================================================================== +--- edk2-edk2-stable202302.orig/OvmfPkg/XenPlatformPei/XenPlatformPei.inf ++++ edk2-edk2-stable202302/OvmfPkg/XenPlatformPei/XenPlatformPei.inf +@@ -86,7 +86,6 @@ + gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode + gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable + gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask +- gEfiMdePkgTokenSpaceGuid.PcdFSBClock + gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy + gUefiCpuPkgTokenSpaceGuid.PcdCpuLocalApicBaseAddress + diff --git a/ovmf-Revert-OvmfPkg-PlatformInitLib-dynamic-mmio-window-s.patch b/ovmf-Revert-OvmfPkg-PlatformInitLib-dynamic-mmio-window-s.patch new file mode 100644 index 0000000..d00ad18 --- /dev/null +++ b/ovmf-Revert-OvmfPkg-PlatformInitLib-dynamic-mmio-window-s.patch @@ -0,0 +1,28 @@ +From 5b3a40038886774228826b42c9aa3c9645a799a9 Mon Sep 17 00:00:00 2001 +From: "Lee, Chun-Yi" +Date: Wed, 15 Mar 2023 17:21:25 +0800 +Subject: [PATCH 6/6] Revert "OvmfPkg/PlatformInitLib: dynamic mmio window + size" + +This reverts commit ecb778d0ac62560aa172786ba19521f27bc3f650. + +Joey Lee: +Only revert one line to keep this workaround patch simple. Because +bsc#1205588 is a SUSE specific issue. + +--- + OvmfPkg/Library/PlatformInitLib/MemDetect.c | 28 --------------------- + 1 file changed, 28 deletions(-) + +Index: edk2-edk2-stable202305/OvmfPkg/Library/PlatformInitLib/MemDetect.c +=================================================================== +--- edk2-edk2-stable202305.orig/OvmfPkg/Library/PlatformInitLib/MemDetect.c ++++ edk2-edk2-stable202305/OvmfPkg/Library/PlatformInitLib/MemDetect.c +@@ -855,7 +855,6 @@ PlatformAddressWidthInitialization ( + PlatformAddressWidthFromCpuid (PlatformInfoHob, TRUE); + if (PlatformInfoHob->PhysMemAddressWidth != 0) { + // physical address width is known +- PlatformDynamicMmioWindow (PlatformInfoHob); + return; + } + diff --git a/ovmf-Revert-OvmfPkg-PlatformPei-Update-ReserveEmuVariable.patch b/ovmf-Revert-OvmfPkg-PlatformPei-Update-ReserveEmuVariable.patch new file mode 100644 index 0000000..5bec7fe --- /dev/null +++ b/ovmf-Revert-OvmfPkg-PlatformPei-Update-ReserveEmuVariable.patch @@ -0,0 +1,51 @@ +From 251820bfcd28abecf8a67ee94d82c8ab47547b0b Mon Sep 17 00:00:00 2001 +From: Joey Lee +Date: Mon, 20 Mar 2023 13:14:57 +0100 +Subject: [PATCH] Revert "OvmfPkg/PlatformPei: Update + ReserveEmuVariableNvStore" + +This reverts commit 58eb8517ad7b56574f8f04b770a59a9cbed796c4. +(bsc#1209266) + +Signed-off-by: Joey Lee +--- + OvmfPkg/PlatformPei/Platform.c | 25 ++++++++++++++++++------- + 1 file changed, 18 insertions(+), 7 deletions(-) + +Index: edk2-edk2-stable202305/OvmfPkg/PlatformPei/Platform.c +=================================================================== +--- edk2-edk2-stable202305.orig/OvmfPkg/PlatformPei/Platform.c ++++ edk2-edk2-stable202305/OvmfPkg/PlatformPei/Platform.c +@@ -219,14 +219,24 @@ ReserveEmuVariableNvStore ( + EFI_PHYSICAL_ADDRESS VariableStore; + RETURN_STATUS PcdStatus; + +- VariableStore = (EFI_PHYSICAL_ADDRESS)(UINTN)PlatformReserveEmuVariableNvStore (); +- PcdStatus = PcdSet64S (PcdEmuVariableNvStoreReserved, VariableStore); +- +- if (FeaturePcdGet (PcdSecureBootSupported)) { +- // restore emulated VarStore from pristine ROM copy +- PlatformInitEmuVariableNvStore ((VOID *)(UINTN)VariableStore); +- } +- ++ // ++ // Allocate storage for NV variables early on so it will be ++ // at a consistent address. Since VM memory is preserved ++ // across reboots, this allows the NV variable storage to survive ++ // a VM reboot. ++ // ++ VariableStore = ++ (EFI_PHYSICAL_ADDRESS)(UINTN) ++ AllocateRuntimePages ( ++ EFI_SIZE_TO_PAGES (2 * PcdGet32 (PcdFlashNvStorageFtwSpareSize)) ++ ); ++ DEBUG (( ++ DEBUG_INFO, ++ "Reserved variable store memory: 0x%lX; size: %dkb\n", ++ VariableStore, ++ (2 * PcdGet32 (PcdFlashNvStorageFtwSpareSize)) / 1024 ++ )); ++ PcdStatus = PcdSet64S (PcdEmuVariableNvStoreReserved, VariableStore); + ASSERT_RETURN_ERROR (PcdStatus); + } + diff --git a/ovmf-build-funcs.sh b/ovmf-build-funcs.sh new file mode 100644 index 0000000..42a1524 --- /dev/null +++ b/ovmf-build-funcs.sh @@ -0,0 +1,90 @@ +#!/bin/bash + +# Generate PK/KEK OEM strings +pkkek_oemstr() +{ + local CERT_FILE=$1 + sed \ + -e 's/^-----BEGIN CERTIFICATE-----$/4e32566d-8e9e-4f52-81d3-5bb9715f9727:/' \ + -e '/^-----END CERTIFICATE-----$/d' \ + $CERT_FILE \ + | tr -d '\n' +} + +# Build the varstore template +build_template() +{ + local ARCH=$(echo $1 | tr '[:lower:'] '[:upper:]') + local PREFIX="$2" + local KEY="$3" + local PKKEK_FILE="$4" + local ISO_FILE="$5" + local TYPE="$6" + + # QEMU parameters + # pflash parameters + local PFLASH="" + if [ $TYPE == "separate" ]; then + local FW_CODE_ORIG="${PREFIX}-code.bin" + local FW_VARS_ORIG="${PREFIX}-vars.bin" + local FW_CODE="${PREFIX}-${KEY}-code.bin" + local FW_VARS="${PREFIX}-${KEY}-vars.bin" + local PFLASH_CODE="-drive if=pflash,format=raw,unit=0,readonly=on,file=$FW_CODE" + local PFLASH_VARS="-drive if=pflash,format=raw,unit=1,file=$FW_VARS" + + ln -s "$FW_CODE_ORIG" "$FW_CODE" + cp "$FW_VARS_ORIG" "$FW_VARS" + + PFLASH="$PFLASH_CODE $PFLASH_VARS" + elif [ $TYPE == "unified" ]; then + local UNIFIED_FW_ORIG="${PREFIX}.bin" + local UNIFIED_FW="${PREFIX}-${KEY}.bin" + + cp "$UNIFIED_FW_ORIG" "$UNIFIED_FW" + + PFLASH="-drive if=pflash,format=raw,unit=0,file=$UNIFIED_FW" + fi + + # smbios parameters for PK and KEK + local SMBIOS="-smbios type=11,value=$(pkkek_oemstr $PKKEK_FILE)" + + # memory: 256MB + local MEMORY="-m 256" + + # kvm + local FW_CFG="-fw_cfg name=opt/org.tianocore/X-Cpuhp-Bugcheck-Override,string=yes" + + # redirect display to stdio and disable network + local MISC="-display none -no-user-config -nodefaults -smp 1" + MISC="$MISC -serial stdio" + + # set cdrom device + local CDROM="-device virtio-scsi-pci,id=scsi0" + CDROM="$CDROM -device scsi-cd,drive=cd0,bus=scsi0.0,bootindex=0" + CDROM="$CDROM -drive media=cdrom,if=none,id=cd0,format=raw,readonly=on" + CDROM="$CDROM,file=${ISO_FILE}" + + if [ $ARCH == "X64" ]; then + # qemu command + local QEMU="qemu-system-x86_64" + + # machine parameters + local MACHINE="-machine q35" + if [[ "$PREFIX" == *"-smm" ]]; then + MACHINE="$MACHINE,smm=on,accel=tcg" + MACHINE="$MACHINE -global driver=cfi.pflash01,property=secure,value=on" + MACHINE="$MACHINE -global ICH9-LPC.disable_s3=1" + fi + MACHINE="$MACHINE -chardev pty,id=charserial1" + MACHINE="$MACHINE -device isa-serial,chardev=charserial1,id=serial1" + elif [ $ARCH == "AARCH64" ]; then + # qemu command + local QEMU="qemu-system-aarch64" + + # machine parameters + local MACHINE="-cpu cortex-a57 -machine virt" + fi + + # Launch the VM + $QEMU $MACHINE $MEMORY $FW_CFG $PFLASH $SMBIOS $CDROM $MISC +} diff --git a/ovmf-disable-brotli.patch b/ovmf-disable-brotli.patch new file mode 100644 index 0000000..eea12ef --- /dev/null +++ b/ovmf-disable-brotli.patch @@ -0,0 +1,54 @@ +From 278d7e48deeaf8fcf2ac347a452c4e7ca0389007 Mon Sep 17 00:00:00 2001 +From: Gary Lin +Date: Thu, 1 Apr 2021 17:25:59 +0800 +Subject: [PATCH 1/1] Disable brotli + +The brotli compression/decompression function was never used and it +requires additional source tarball for packaging. Remove brotli from +building for good. + +Signed-off-by: Gary Lin +--- + BaseTools/Source/C/GNUmakefile | 1 - + MdeModulePkg/MdeModulePkg.dec | 3 --- + MdeModulePkg/MdeModulePkg.dsc | 1 - + 3 files changed, 5 deletions(-) + +Index: edk2-edk2-stable202305/BaseTools/Source/C/GNUmakefile +=================================================================== +--- edk2-edk2-stable202305.orig/BaseTools/Source/C/GNUmakefile ++++ edk2-edk2-stable202305/BaseTools/Source/C/GNUmakefile +@@ -51,7 +51,6 @@ all: makerootdir subdirs + LIBRARIES = Common + VFRAUTOGEN = VfrCompile/VfrLexer.h + APPLICATIONS = \ +- BrotliCompress \ + VfrCompile \ + EfiRom \ + GenFfs \ +Index: edk2-edk2-stable202305/MdeModulePkg/MdeModulePkg.dec +=================================================================== +--- edk2-edk2-stable202305.orig/MdeModulePkg/MdeModulePkg.dec ++++ edk2-edk2-stable202305/MdeModulePkg/MdeModulePkg.dec +@@ -26,9 +26,6 @@ + Include + Test/Mock/Include + +-[Includes.Common.Private] +- Library/BrotliCustomDecompressLib/brotli/c/include +- + [LibraryClasses] + ## @libraryclass Defines a set of methods to reset whole system. + ResetSystemLib|Include/Library/ResetSystemLib.h +Index: edk2-edk2-stable202305/MdeModulePkg/MdeModulePkg.dsc +=================================================================== +--- edk2-edk2-stable202305.orig/MdeModulePkg/MdeModulePkg.dsc ++++ edk2-edk2-stable202305/MdeModulePkg/MdeModulePkg.dsc +@@ -453,7 +453,6 @@ + MdeModulePkg/Universal/EbcDxe/EbcDebuggerConfig.inf + + [Components.IA32, Components.X64, Components.ARM, Components.AARCH64] +- MdeModulePkg/Library/BrotliCustomDecompressLib/BrotliCustomDecompressLib.inf + MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf + MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf + MdeModulePkg/Core/Dxe/DxeMain.inf { diff --git a/ovmf-disable-ia32-firmware-piepic.patch b/ovmf-disable-ia32-firmware-piepic.patch new file mode 100644 index 0000000..5172f3b --- /dev/null +++ b/ovmf-disable-ia32-firmware-piepic.patch @@ -0,0 +1,13 @@ +Index: edk2-edk2-stable202302/BaseTools/Conf/tools_def.template +=================================================================== +--- edk2-edk2-stable202302.orig/BaseTools/Conf/tools_def.template ++++ edk2-edk2-stable202302/BaseTools/Conf/tools_def.template +@@ -1888,7 +1888,7 @@ DEFINE GCC_DEPS_FLAGS = -MM + + DEFINE GCC48_ALL_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -ffunction-sections -fdata-sections -DSTRING_ARRAY_NAME=$(BASE_NAME)Strings + DEFINE GCC48_IA32_X64_DLINK_COMMON = -nostdlib -Wl,-n,-q,--gc-sections -z common-page-size=0x20 +-DEFINE GCC48_IA32_CC_FLAGS = DEF(GCC48_ALL_CC_FLAGS) -m32 -march=i586 -malign-double -fno-stack-protector -D EFI32 -fno-asynchronous-unwind-tables -Wno-address -fno-omit-frame-pointer ++DEFINE GCC48_IA32_CC_FLAGS = DEF(GCC48_ALL_CC_FLAGS) -m32 -march=i586 -malign-double -fno-stack-protector -D EFI32 -fno-asynchronous-unwind-tables -Wno-address -fno-omit-frame-pointer -fno-pic -fno-pie + DEFINE GCC48_X64_CC_FLAGS = DEF(GCC48_ALL_CC_FLAGS) -m64 -fno-stack-protector "-DEFIAPI=__attribute__((ms_abi))" -maccumulate-outgoing-args -mno-red-zone -Wno-address -mcmodel=small -fpie -fno-asynchronous-unwind-tables -Wno-address -fno-omit-frame-pointer + DEFINE GCC48_IA32_X64_ASLDLINK_FLAGS = DEF(GCC48_IA32_X64_DLINK_COMMON) -Wl,--entry,ReferenceAcpiTable -u ReferenceAcpiTable + DEFINE GCC48_IA32_X64_DLINK_FLAGS = DEF(GCC48_IA32_X64_DLINK_COMMON) -Wl,--entry,$(IMAGE_ENTRY_POINT) -u $(IMAGE_ENTRY_POINT) -Wl,-Map,$(DEST_DIR_DEBUG)/$(BASE_NAME).map,--whole-archive diff --git a/ovmf-gdb-symbols.patch b/ovmf-gdb-symbols.patch new file mode 100644 index 0000000..e42f40a --- /dev/null +++ b/ovmf-gdb-symbols.patch @@ -0,0 +1,565 @@ +From 263791566fbe25755aebde54c98d5aea061414f3 Mon Sep 17 00:00:00 2001 +From: Gary Ching-Pang Lin +Date: Tue, 24 Jun 2014 11:57:32 +0800 +Subject: [PATCH 1/3] Add DebugPkg + +--- + DebugPkg/DebugPkg.dec | 34 ++++ + DebugPkg/GdbSyms/GdbSyms.c | 70 +++++++ + DebugPkg/GdbSyms/GdbSyms.inf | 57 ++++++ + DebugPkg/Scripts/gdb_uefi.py | 348 +++++++++++++++++++++++++++++++++++ + 4 files changed, 509 insertions(+) + create mode 100644 DebugPkg/DebugPkg.dec + create mode 100644 DebugPkg/GdbSyms/GdbSyms.c + create mode 100644 DebugPkg/GdbSyms/GdbSyms.inf + create mode 100644 DebugPkg/Scripts/gdb_uefi.py + +Index: edk2-edk2-stable202302/DebugPkg/DebugPkg.dec +=================================================================== +--- /dev/null ++++ edk2-edk2-stable202302/DebugPkg/DebugPkg.dec +@@ -0,0 +1,34 @@ ++## @file ++# Debug package - various useful stuff for debugging. ++# ++# Copyright (c) 2006 - 2011, Andrei Warkentin ++# ++# This program and the accompanying materials ++# are licensed and made available under the terms and conditions of the BSD License ++# which accompanies this distribution. The full text of the license may be found at ++# http://opensource.org/licenses/bsd-license.php ++# ++# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, ++# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. ++# ++## ++ ++[Defines] ++ DEC_VERSION = 0x00010005 ++ PACKAGE_NAME = DebugPkg ++ PACKAGE_GUID = 2d234f34-50e5-4b9d-b8e3-5562334d87e5 ++ PACKAGE_VERSION = 0.1 ++ ++[Includes] ++ Include ++ ++[Guids] ++ ++[Protocols] ++ ++[PcdsFixedAtBuild] ++ ++[PcdsDynamic] ++ ++[LibraryClasses] ++ +Index: edk2-edk2-stable202302/DebugPkg/GdbSyms/GdbSyms.c +=================================================================== +--- /dev/null ++++ edk2-edk2-stable202302/DebugPkg/GdbSyms/GdbSyms.c +@@ -0,0 +1,78 @@ ++/** @file ++ ++ Bare-minimum GDB symbols needed for reloading symbols. ++ ++ This is not a "driver" and should not be placed in a FD. ++ ++ Copyright (c) 2011, Andrei Warkentin ++ ++ This program and the accompanying materials ++ are licensed and made available under the terms and conditions of the BSD License ++ which accompanies this distribution. The full text of the license may be found at ++ http://opensource.org/licenses/bsd-license.php ++ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, ++ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. ++ ++**/ ++ ++#include "PiDxe.h" ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++/** ++ Main entry point. ++ ++ @param[in] ImageHandle The firmware allocated handle for the EFI image. ++ @param[in] SystemTable A pointer to the EFI System Table. ++ ++ @retval EFI_SUCCESS Successfully initialized. ++ ++**/ ++EFI_STATUS ++EFIAPI ++Initialize ( ++ IN EFI_HANDLE ImageHandle, ++ IN EFI_SYSTEM_TABLE *SystemTable ++ ) ++{ ++ EFI_SYSTEM_TABLE_POINTER ESTP; ++ EFI_DEBUG_IMAGE_INFO_TABLE_HEADER EDIITH; ++ EFI_IMAGE_DOS_HEADER EIDH; ++ EFI_IMAGE_OPTIONAL_HEADER_UNION EIOHU; ++ EFI_IMAGE_DEBUG_DIRECTORY_ENTRY EIDDE; ++ EFI_IMAGE_DEBUG_CODEVIEW_NB10_ENTRY EIDCNE; ++ EFI_IMAGE_DEBUG_CODEVIEW_RSDS_ENTRY EIDCRE; ++ EFI_IMAGE_DEBUG_CODEVIEW_MTOC_ENTRY EIDCME; ++ UINTN Dummy = ++ (UINTN) &ESTP | ++ (UINTN) &EDIITH | ++ (UINTN) &EIDH | ++ (UINTN) &EIOHU | ++ (UINTN) &EIDDE | ++ (UINTN) &EIDCNE | ++ (UINTN) &EIDCRE | ++ (UINTN) &EIDCME | ++ 1 ++ ; ++ DEBUG ((DEBUG_VERBOSE, "%a: %llx\n", __FUNCTION__, &ESTP)); ++ DEBUG ((DEBUG_VERBOSE, "%a: %llx\n", __FUNCTION__, &EDIITH)); ++ DEBUG ((DEBUG_VERBOSE, "%a: %llx\n", __FUNCTION__, &EIDH)); ++ DEBUG ((DEBUG_VERBOSE, "%a: %llx\n", __FUNCTION__, &EIOHU)); ++ DEBUG ((DEBUG_VERBOSE, "%a: %llx\n", __FUNCTION__, &EIDDE)); ++ DEBUG ((DEBUG_VERBOSE, "%a: %llx\n", __FUNCTION__, &EIDCNE)); ++ DEBUG ((DEBUG_VERBOSE, "%a: %llx\n", __FUNCTION__, &EIDCRE)); ++ DEBUG ((DEBUG_VERBOSE, "%a: %llx\n", __FUNCTION__, &EIDCME)); ++ return !!Dummy & EFI_SUCCESS; ++} ++ ++ +Index: edk2-edk2-stable202302/DebugPkg/GdbSyms/GdbSyms.inf +=================================================================== +--- /dev/null ++++ edk2-edk2-stable202302/DebugPkg/GdbSyms/GdbSyms.inf +@@ -0,0 +1,57 @@ ++## @file ++# ++# Bare-minimum GDB symbols needed for reloading symbols. ++# ++# This is not a "driver" and should not be placed in a FD. ++# ++# Copyright (c) 2011, Andrei Warkentin ++# ++# This program and the accompanying materials ++# are licensed and made available under the terms and conditions of the BSD License ++# which accompanies this distribution. The full text of the license may be found at ++# http://opensource.org/licenses/bsd-license.php ++# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, ++# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. ++# ++## ++ ++[Defines] ++ INF_VERSION = 0x00010005 ++ BASE_NAME = GdbSyms ++ FILE_GUID = 22abcb60-fb40-42ac-b01f-3ab1fad9aad8 ++ MODULE_TYPE = DXE_DRIVER ++ VERSION_STRING = 1.0 ++ ENTRY_POINT = Initialize ++ ++# ++# The following information is for reference only and not required by the build tools. ++# ++# VALID_ARCHITECTURES = IA32 X64 IPF EBC ARM ++# ++ ++[Sources] ++ GdbSyms.c ++ ++[Packages] ++ MdePkg/MdePkg.dec ++ MdeModulePkg/MdeModulePkg.dec ++ ++[LibraryClasses] ++ BaseLib ++ BaseMemoryLib ++ DebugLib ++ DxeServicesTableLib ++ HobLib ++ MemoryAllocationLib ++ PcdLib ++ UefiBootServicesTableLib ++ UefiDriverEntryPoint ++ UefiLib ++ ++[Guids] ++ ++[Protocols] ++ ++[Depex] ++ TRUE ++ +Index: edk2-edk2-stable202302/DebugPkg/Scripts/gdb_uefi.py +=================================================================== +--- /dev/null ++++ edk2-edk2-stable202302/DebugPkg/Scripts/gdb_uefi.py +@@ -0,0 +1,350 @@ ++""" ++Allows loading TianoCore symbols into a GDB session attached to EFI ++Firmware. ++ ++This is how it works: build GdbSyms - it's a dummy binary that ++contains the relevant symbols needed to find and load image symbols. ++ ++$ gdb ++(gdb) taget remote .... ++(gdb) source Scripts/gdb_uefi.py ++(gdb) reload-uefi -o /path/to/GdbSyms.dll ++ ++The -o option should be used if you've debugging EFI, where the PE ++images were converted from MACH-O or ELF binaries. ++ ++""" ++ ++import array ++import getopt ++import binascii ++import re ++ ++__license__ = "BSD" ++__version = "1.0.0" ++__maintainer__ = "Andrei Warkentin" ++__email__ = "andrey.warkentin@gmail.com" ++__status__ = "Works" ++ ++class ReloadUefi (gdb.Command): ++ """Reload UEFI symbols""" ++ ++ # ++ # Various constants. ++ # ++ ++ EINVAL = 0xffffffff ++ CV_NB10 = 0x3031424E ++ CV_RSDS = 0x53445352 ++ CV_MTOC = 0x434F544D ++ DOS_MAGIC = 0x5A4D ++ PE32PLUS_MAGIC = 0x20b ++ EST_SIGNATURE = 0x5453595320494249L ++ DEBUG_GUID = [0x49152E77, 0x1ADA, 0x4764, ++ [0xB7,0xA2,0x7A,0xFE, ++ 0xFE,0xD9,0x5E, 0x8B]] ++ DEBUG_IS_UPDATING = 0x1 ++ ++ # ++ # If the images were built as ELF/MACH-O and then converted to PE, ++ # then the base address needs to be offset by PE headers. ++ # ++ ++ offset_by_headers = False ++ ++ def __init__ (self): ++ super (ReloadUefi, self).__init__ ("reload-uefi", gdb.COMMAND_OBSCURE) ++ ++ # ++ # Returns gdb.Type for a type. ++ # ++ ++ def type (self, typename): ++ return gdb.lookup_type (typename) ++ ++ # ++ # Returns gdb.Type for a pointer to a type. ++ # ++ ++ def ptype (self, typename): ++ return gdb.lookup_type (typename).pointer () ++ ++ # ++ # Computes CRC32 on an array of data. ++ # ++ ++ def crc32 (self, data): ++ return binascii.crc32 (data) & 0xFFFFFFFF ++ ++ # ++ # Sets a field in a struct to a value, i.e. ++ # value->field_name = data. ++ # ++ # Newer Py bindings to Gdb provide access to the inferior ++ # memory, but not all, so have to do it this awkward way. ++ # ++ ++ def set_field (self, value, field_name, data): ++ gdb.execute ("set *(%s *) 0x%x = 0x%x" % \ ++ (str (value[field_name].type), \ ++ long (value[field_name].address), \ ++ data)) ++ ++ # ++ # Returns data backing a gdb.Value as an array. ++ # Same comment as above regarding newer Py bindings... ++ # ++ ++ def value_data (self, value, bytes=0): ++ value_address = gdb.Value (value.address) ++ array_t = self.ptype ('UINT8') ++ value_array = value_address.cast (array_t) ++ if bytes == 0: ++ bytes = value.type.sizeof ++ data = array.array ('B') ++ for i in range (0, bytes): ++ data.append (value_array[i]) ++ return data ++ ++ # ++ # Locates the EFI_SYSTEM_TABLE as per UEFI spec 17.4. ++ # Returns base address or -1. ++ # ++ ++ def search_est (self): ++ address = 0 ++ estp_t = self.ptype ('EFI_SYSTEM_TABLE_POINTER') ++ while True: ++ estp = gdb.Value(address).cast(estp_t) ++ if estp['Signature'] == self.EST_SIGNATURE: ++ oldcrc = long (estp['Crc32']) ++ self.set_field (estp, 'Crc32', 0) ++ newcrc = self.crc32 (self.value_data (estp.dereference (), 0)) ++ self.set_field (estp, 'Crc32', long (oldcrc)) ++ if newcrc == oldcrc: ++ return estp['EfiSystemTableBase'] ++ ++ address = address + 4*1024*1024 ++ if long (address) == 0: ++ return gdb.Value(self.EINVAL) ++ ++ # ++ # Searches for a vendor-specific configuration table (in EST), ++ # given a vendor-specific table GUID. GUID is a list like - ++ # [32-bit, 16-bit, 16-bit, [8 bytes]] ++ # ++ ++ def search_config (self, cfg_table, count, guid): ++ index = 0 ++ while index != count: ++ cfg_entry = cfg_table[index]['VendorGuid'] ++ if cfg_entry['Data1'] == guid[0] and \ ++ cfg_entry['Data2'] == guid[1] and \ ++ cfg_entry['Data3'] == guid[2] and \ ++ self.value_data (cfg_entry['Data4']).tolist () == guid[3]: ++ return cfg_table[index]['VendorTable'] ++ index = index + 1 ++ return gdb.Value(self.EINVAL) ++ ++ # ++ # Returns a UTF16 string corresponding to a (CHAR16 *) value in EFI. ++ # ++ ++ def parse_utf16 (self, value): ++ index = 0 ++ data = array.array ('H') ++ while value[index] != 0: ++ data.append (value[index]) ++ index = index + 1 ++ return data.tostring ().decode ('utf-16') ++ ++ # ++ # Returns offset of a field within structure. Useful ++ # for getting container of a structure. ++ # ++ ++ def offsetof (self, typename, field): ++ t = gdb.Value (0).cast (self.ptype (typename)) ++ return long (t[field].address) ++ ++ # ++ # Returns sizeof of a type. ++ # ++ ++ def sizeof (self, typename): ++ return self.type (typename).sizeof ++ ++ # ++ # Returns the EFI_IMAGE_NT_HEADERS32 pointer, given ++ # an ImageBase address as a gdb.Value. ++ # ++ ++ def pe_headers (self, imagebase): ++ dosh_t = self.ptype ('EFI_IMAGE_DOS_HEADER') ++ head_t = self.ptype ('EFI_IMAGE_OPTIONAL_HEADER_UNION') ++ dosh = imagebase.cast(dosh_t) ++ h_addr = imagebase ++ if dosh['e_magic'] == self.DOS_MAGIC: ++ h_addr = h_addr + dosh['e_lfanew'] ++ return gdb.Value(h_addr).cast (head_t) ++ ++ # ++ # Returns True if pe_headers refer to a PE32+ image. ++ # ++ ++ def pe_is_64 (self, pe_headers): ++ if pe_headers['Pe32']['OptionalHeader']['Magic'] == self.PE32PLUS_MAGIC: ++ return True ++ return False ++ ++ # ++ # Returns the PE (not so) optional header. ++ # ++ ++ def pe_optional (self, pe): ++ if self.pe_is_64 (pe): ++ return pe['Pe32Plus']['OptionalHeader'] ++ else: ++ return pe['Pe32']['OptionalHeader'] ++ ++ # ++ # Returns the symbol file name for a PE image. ++ # ++ ++ def pe_parse_debug (self, pe): ++ opt = self.pe_optional (pe) ++ debug_dir_entry = opt['DataDirectory'][6] ++ dep = debug_dir_entry['VirtualAddress'] + opt['ImageBase'] ++ dep = dep.cast (self.ptype ('EFI_IMAGE_DEBUG_DIRECTORY_ENTRY')) ++ cvp = dep.dereference ()['RVA'] + opt['ImageBase'] ++ cvv = cvp.cast(self.ptype ('UINT32')).dereference () ++ if cvv == self.CV_NB10: ++ return cvp + self.sizeof('EFI_IMAGE_DEBUG_CODEVIEW_NB10_ENTRY') ++ elif cvv == self.CV_RSDS: ++ return cvp + self.sizeof('EFI_IMAGE_DEBUG_CODEVIEW_RSDS_ENTRY') ++ elif cvv == self.CV_MTOC: ++ return cvp + self.sizeof('EFI_IMAGE_DEBUG_CODEVIEW_MTOC_ENTRY') ++ return gdb.Value(self.EINVAL) ++ ++ # ++ # Parses an EFI_LOADED_IMAGE_PROTOCOL, figuring out the symbol file name. ++ # This file name is then appended to list of loaded symbols. ++ # ++ # TBD: Support TE images. ++ # ++ ++ def parse_image (self, image, syms): ++ base = image['ImageBase'] ++ pe = self.pe_headers (base) ++ opt = self.pe_optional (pe) ++ sym_name = self.pe_parse_debug (pe) ++ ++ # For ELF and Mach-O-derived images... ++ if self.offset_by_headers: ++ base = base + opt['SizeOfHeaders'] ++ if sym_name != self.EINVAL: ++ sym_name = sym_name.cast (self.ptype('CHAR8')).string () ++ sym_name = re.sub(r"\.dll$", ".debug", sym_name) ++ syms.append ("add-symbol-file %s 0x%x" % \ ++ (sym_name, ++ long (base))) ++ ++ # ++ # Parses table EFI_DEBUG_IMAGE_INFO structures, builds ++ # a list of add-symbol-file commands, and reloads debugger ++ # symbols. ++ # ++ ++ def parse_edii (self, edii, count): ++ index = 0 ++ syms = [] ++ while index != count: ++ entry = edii[index] ++ if entry['ImageInfoType'].dereference () == 1: ++ entry = entry['NormalImage'] ++ self.parse_image(entry['LoadedImageProtocolInstance'], syms) ++ else: ++ print "Skipping unknown EFI_DEBUG_IMAGE_INFO (Type 0x%x)" % \ ++ entry['ImageInfoType'].dereference () ++ index = index + 1 ++ gdb.execute ("symbol-file") ++ print "Loading new symbols..." ++ for sym in syms: ++ print sym ++ gdb.execute (sym) ++ ++ # ++ # Parses EFI_DEBUG_IMAGE_INFO_TABLE_HEADER, in order to load ++ # image symbols. ++ # ++ ++ def parse_dh (self, dh): ++ dh_t = self.ptype ('EFI_DEBUG_IMAGE_INFO_TABLE_HEADER') ++ dh = dh.cast (dh_t) ++ print "DebugImageInfoTable @ 0x%x, 0x%x entries" \ ++ % (long (dh['EfiDebugImageInfoTable']), dh['TableSize']) ++ if dh['UpdateStatus'] & self.DEBUG_IS_UPDATING: ++ print "EfiDebugImageInfoTable update in progress, retry later" ++ return ++ self.parse_edii (dh['EfiDebugImageInfoTable'], dh['TableSize']) ++ ++ # ++ # Parses EFI_SYSTEM_TABLE, in order to load image symbols. ++ # ++ ++ def parse_est (self, est): ++ est_t = self.ptype ('EFI_SYSTEM_TABLE') ++ est = est.cast (est_t) ++ print "Connected to %s (Rev. 0x%x)" % \ ++ (self.parse_utf16 (est['FirmwareVendor']), \ ++ long (est['FirmwareRevision'])) ++ print "ConfigurationTable @ 0x%x, 0x%x entries" \ ++ % (long (est['ConfigurationTable']), est['NumberOfTableEntries']) ++ ++ dh = self.search_config(est['ConfigurationTable'], ++ est['NumberOfTableEntries'], ++ self.DEBUG_GUID) ++ if dh == self.EINVAL: ++ print "No EFI_DEBUG_IMAGE_INFO_TABLE_HEADER" ++ return ++ self.parse_dh (dh) ++ ++ # ++ # Usage information. ++ # ++ ++ def usage (self): ++ print "Usage: reload-uefi [-o] /path/to/GdbSyms.dll" ++ ++ # ++ # Handler for reload-uefi. ++ # ++ ++ def invoke (self, arg, from_tty): ++ args = arg.split(' ') ++ try: ++ opts, args = getopt.getopt(args, "o", ["offset-by-headers"]) ++ except getopt.GetoptError, err: ++ self.usage () ++ return ++ for opt, arg in opts: ++ if opt == "-o": ++ self.offset_by_headers = True ++ ++ if len(args) < 1: ++ self.usage () ++ return ++ ++ gdb.execute ("symbol-file") ++ gdb.execute ("symbol-file %s" % args[0]) ++ est = self.search_est () ++ if est == self.EINVAL: ++ print "No EFI_SYSTEM_TABLE..." ++ return ++ ++ print "EFI_SYSTEM_TABLE @ 0x%x" % est ++ self.parse_est (est) ++ ++ReloadUefi () ++ ++ +Index: edk2-edk2-stable202302/OvmfPkg/OvmfPkgX64.dsc +=================================================================== +--- edk2-edk2-stable202302.orig/OvmfPkg/OvmfPkgX64.dsc ++++ edk2-edk2-stable202302/OvmfPkg/OvmfPkgX64.dsc +@@ -1123,3 +1123,5 @@ + # TPM support + # + !include OvmfPkg/Include/Dsc/OvmfTpmComponentsDxe.dsc.inc ++ ++ DebugPkg/GdbSyms/GdbSyms.inf diff --git a/ovmf-ignore-spurious-GCC-12-warning.patch b/ovmf-ignore-spurious-GCC-12-warning.patch new file mode 100644 index 0000000..090fbeb --- /dev/null +++ b/ovmf-ignore-spurious-GCC-12-warning.patch @@ -0,0 +1,60 @@ +diff --git a/BaseTools/Source/C/DevicePath/DevicePathUtilities.c b/BaseTools/Source/C/DevicePath/DevicePathUtilities.c +index 2ffefa8..c9fb432 100644 +--- a/BaseTools/Source/C/DevicePath/DevicePathUtilities.c ++++ b/BaseTools/Source/C/DevicePath/DevicePathUtilities.c +@@ -16,6 +16,10 @@ + #include "UefiDevicePathLib.h" + #include + ++#if __GNUC__ >= 12 ++# pragma GCC diagnostic ignored "-Wstringop-overflow" ++#endif ++ + // + // Template for an end-of-device path node. + // +diff --git a/BaseTools/Source/C/GenFfs/GenFfs.c b/BaseTools/Source/C/GenFfs/GenFfs.c +index 949025c..be55a52 100644 +--- a/BaseTools/Source/C/GenFfs/GenFfs.c ++++ b/BaseTools/Source/C/GenFfs/GenFfs.c +@@ -36,6 +36,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent + #define UTILITY_MAJOR_VERSION 0 + #define UTILITY_MINOR_VERSION 1 + ++#if __GNUC__ >= 12 ++# pragma GCC diagnostic ignored "-Wuse-after-free" ++#endif ++ + STATIC CHAR8 *mFfsFileType[] = { + NULL, // 0x00 + "EFI_FV_FILETYPE_RAW", // 0x01 +diff --git a/BaseTools/Source/C/GenSec/GenSec.c b/BaseTools/Source/C/GenSec/GenSec.c +index d54a4f9..fb40ad3 100644 +--- a/BaseTools/Source/C/GenSec/GenSec.c ++++ b/BaseTools/Source/C/GenSec/GenSec.c +@@ -37,6 +37,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent + #define UTILITY_MAJOR_VERSION 0 + #define UTILITY_MINOR_VERSION 1 + ++#if __GNUC__ >= 12 ++# pragma GCC diagnostic ignored "-Wuse-after-free" ++#endif ++ + STATIC CHAR8 *mSectionTypeName[] = { + NULL, // 0x00 - reserved + "EFI_SECTION_COMPRESSION", // 0x01 +diff --git a/BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c b/BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c +index 4e9b499..ab9b7cc 100644 +--- a/BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c ++++ b/BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c +@@ -40,6 +40,10 @@ static unsigned g_STAT_OFFSET = 0; + + #define REP_LEN_COUNT 64 + ++#if __GNUC__ >= 12 ++# pragma GCC diagnostic ignored "-Wdangling-pointer" ++#endif ++ + void LzmaEncProps_Init(CLzmaEncProps *p) + { + p->level = 5; diff --git a/ovmf-pie.patch b/ovmf-pie.patch new file mode 100644 index 0000000..fc858d0 --- /dev/null +++ b/ovmf-pie.patch @@ -0,0 +1,13 @@ +Index: edk2-edk2-stable202305/BaseTools/Source/C/Makefiles/header.makefile +=================================================================== +--- edk2-edk2-stable202305.orig/BaseTools/Source/C/Makefiles/header.makefile ++++ edk2-edk2-stable202305/BaseTools/Source/C/Makefiles/header.makefile +@@ -101,7 +101,7 @@ else + CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -fwrapv \ + -fno-delete-null-pointer-checks -Wall -Werror \ + -Wno-deprecated-declarations -Wno-stringop-truncation -Wno-restrict \ +--Wno-unused-result -nostdlib -g ++-Wno-unused-result -nostdlib -g -fPIE + endif + endif + ifneq ($(CLANG),) diff --git a/ovmf-riscv64-missing-memcpy.patch b/ovmf-riscv64-missing-memcpy.patch new file mode 100644 index 0000000..7b21405 --- /dev/null +++ b/ovmf-riscv64-missing-memcpy.patch @@ -0,0 +1,12 @@ +--- edk2-edk2-stable202302.orig/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf ++++ edk2-edk2-stable202302/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf +@@ -43,6 +43,9 @@ + [Sources.X64] + CopyMem.c + ++[Sources.RISCV64] ++ CopyMem.c ++ + [Packages] + MdePkg/MdePkg.dec + diff --git a/ovmf-rpmlintrc b/ovmf-rpmlintrc new file mode 100644 index 0000000..90e4201 --- /dev/null +++ b/ovmf-rpmlintrc @@ -0,0 +1,6 @@ +addFilter("unstripped-binary-or-object /usr/lib/debug/*") +addFilter("statically-linked-binary /usr/lib/debug/*") +addFilter("executable-stack /usr/lib/debug/*") +addFilter("position-independent-executable-suggested /usr/lib/debug/*") +addFilter("arch-independent-package-contains-binary-or-object /usr/share/qemu/ovmf-x86_64-xen-4m.bin") +addFilter("arch-independent-package-contains-binary-or-object /usr/share/qemu/ovmf-x86_64-xen.bin") diff --git a/ovmf-set-fixed-enroll-time.patch b/ovmf-set-fixed-enroll-time.patch new file mode 100644 index 0000000..860c311 --- /dev/null +++ b/ovmf-set-fixed-enroll-time.patch @@ -0,0 +1,33 @@ +From c0cec3409f3abda1e2359a79ccac575b4ea1838b Mon Sep 17 00:00:00 2001 +From: Gary Lin +Date: Tue, 21 May 2019 16:56:06 +0800 +Subject: [PATCH 1/1] OvmfPkg/EnrollDefaultKeys: Set the fixed time + +For the reproducible build, we need to set the fixed time when setting +the authenticate variables. + +Signed-off-by: Gary Lin +--- + OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +Index: edk2-edk2-stable202202/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c +=================================================================== +--- edk2-edk2-stable202202.orig/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c ++++ edk2-edk2-stable202202/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c +@@ -324,6 +324,15 @@ EnrollListOfCerts ( + goto FreeData; + } + ++ // Set the fixed time for the reproducible build ++ // 2019-5-20 00:00:00 ++ SingleHeader->TimeStamp.Year = 2019; ++ SingleHeader->TimeStamp.Month = 5; ++ SingleHeader->TimeStamp.Day = 20; ++ SingleHeader->TimeStamp.Hour = 0; ++ SingleHeader->TimeStamp.Minute = 0; ++ SingleHeader->TimeStamp.Second = 0; ++ + SingleHeader->TimeStamp.Pad1 = 0; + SingleHeader->TimeStamp.Nanosecond = 0; + SingleHeader->TimeStamp.TimeZone = 0; diff --git a/ovmf.changes b/ovmf.changes new file mode 100644 index 0000000..400b82e --- /dev/null +++ b/ovmf.changes @@ -0,0 +1,8359 @@ +------------------------------------------------------------------- +Thu Jul 20 15:16:10 UTC 2023 - Joey Lee + +- Removed the following patches because they are not necessary and + they blocked for submit to openSUSE:Factory. (bsc#1205978) + ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformAddHobCB.patch + ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformGetLowMem.patch + ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformReservati.patch + ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformScanE820-.patch + ovmf-Revert-OvmfPkg-PlatformInitLib-reorder-PlatformQemuU.patch + +------------------------------------------------------------------- +Thu Jul 20 08:20:33 UTC 2023 - Joey Lee + +- Add openssl.keyring.README to shim.spec as Source113 to avoid + erroe when submit to openSUSE:Factory + +------------------------------------------------------------------- +Wed Jul 19 08:44:53 UTC 2023 - Andreas Schwab + +- Enable support for riscv64 + +------------------------------------------------------------------- +Tue Jul 18 13:00:32 UTC 2023 - Joey Lee + +- Update to edk2-stable202305 (bsc#1205588) + - Features (https://github.com/tianocore/edk2/releases): + Expose IBT/BTI compatible runtime DXE drivers via memory attributes table + Update toolchain support + MdePkg: Support FDT library + Add google mocks support to UnitTestFrameworkPkg GoogleTestLib + Platform Redfish Host Interface library for USBNIC + [OpenSSL] Update OpenSSL version to version 1.1.1t to include CVE fix + Replace pre-standard FUNCTION with C99 func throughout edk2 + Implement EFI memory attributes protocol for ARM platforms + Add TraceHubLib Support + - Patches (git log --oneline --date-order edk2-stable202302..edk2-stable202305): + ba91d0292e MdeModulePkg/Core/Pei: set AprioriCount=0 before walking through next FV + 5ce29ae84d ArmPkg/ArmMmuLib AARCH64: Add missing ISB after page table update + c5cf7f69c9 pip-requirements.txt: Update edk2 pip modules + 0abfb0be6c OvmfPkg: RiscVVirt: Add missing SerialPortInitialize to Sec + 45da4e3135 MdePkg: add SBI-based SerialPortLib for RISC-V + 2900e75511 MdePkg: BaseRiscVSbiLib: make more useful to consumers + cafb4f3f36 UefiPayloadPkg: Fix boot shell issue for universal UEFI payload + 80bc13db83 Maintainers.txt: Update reviewers and maintainers for FdtLib. + d322557712 BaseTools/tools_def: Disable overzealous unused variable warning on Clang + e2607d3a78 BaseTools/tools_def: Drop ref to undefined CLANGDWARF_ARM_PREFIX + 0b37723186 ShellPkg/UefiShellDebug1CommandsLib: Replace hardcoded SMBIOS strings. + 2d4c76f783 MdePkg/IndustryStandard: Add SMBIOS anchor string & length defines. + c08a3a96fd MdePkg/IndustryStandard: Add IPMI Interface Capabilities definitions + 083b029538 MdePkg: Add new PCDs for IPMI SSIF + dea6c7dc2a MdePkg/IndustryStandard: Add definitions for IPMI SSIF + 0a0e60caf2 Maintainers.txt: Update reviewers and maintainers for TraceHubDebugLib. + 0f0422cedc MdeModulePkg: Add TraceHubDebugSysTLib library + 3d50fdc5c6 MdePkg: Add NULL library of TraceHubDebugSysTLib + c6bb7d54be MdePkg: Add MipiSysTLib library + 782948c1a7 MdePkg: Add mipisyst submodule + 6dd64168ed BaseTools/Plugin: Too many execute files cause "cmd too long" failure + c6382ba0f2 SecurityPkg: Add missing break in Tpm2TestParms + 77f75c7fb8 BaseTools: Update Tests/TestTools.py to allow it to work on Windows + b9bbb4ae93 BaseTools: only print the environment once in toolsetup.bat + dd246227d6 BaseTools: Update toolsetup.bat to not use BASETOOLS_PYTHON_SOURCE + f47415e031 BaseTools: Revert Set the CLANGDWARF OBJCOPY path in tools_def.template + 6fb2760dc8 OvmfPkg: drop PlatformBootManagerLibGrub + 81dc0d8b4c OvmfPkg/AmdSev: stop using PlatformBootManagerLibGrub + 63887e272d OvmfPkg/NvVarsFileLib: disable in case PcdBootRestrictToFirmware is set + 41d7832db0 OvmfPkg/PlatformBootManagerLib: add PcdBootRestrictToFirmware + e6447d2a08 Remove bashisms from edksetup.sh and BaseTools/BuildEnv + 373a95532a BaseTools: Remove the CLANGCC build rule for Hii-Binary-Package.UEFI_HII + ecbc394365 BaseTools: Set CLANGDWARF RC path to llvm-objcopy in tools_def.template + 11f62f4cc0 BaseTools: Set the CLANGDWARF OBJCOPY path in tools_def.template + c6f47e678f BaseTools: Remove BUILDRULEFAMILY from CLANGDWARF in tools_def.template + 9165a7e95e CryptoPkg: Delete CLANG35 and CLANG38 build flags; add CLANGDWARF flags + e97b9b4e5a MdePkg: Add more HobLib/PeiServicesLib gmock support + 25c9d44315 MdeModulePkg: Add more PciHostBridgeLib gmock support + bee67e0c14 OvmfPkg: Relax assertion that interrupts do not occur at TPL_HIGH_LEVEL + ae0be176a8 OvmfPkg: Clarify invariants for NestedInterruptTplLib + 5215cd5baf BaseTools: Update toolsetup.bat and Tests/PythonTest.py to check ver + e6de6052a0 edksetup.bat: if toolsetup.bat fails, just exit + 11ec5161fa BaseTools: use threading.current_thread in NmakeSubdirs.py + db7e6291c0 BaseTools: Remove Python2/Python3 detection from toolset.bat + 6eeb58ece3 RedfishPkg: Fix compile issue on Linux + 665fca9ee7 RedfishPkg: Add missing newline character + a1f6485a9b RedfishPkg: Create RestEx child on selected interface + 05762bd2e0 RedfishPkg: Fix condition checking of error status + c580e27efc RedfishPkg: Correct variable type to prevent memory corruption + d89492456f Securitypkg/hddpassword: Update HddPasswordDxeInit to use Variable Policy + 8dbf868e02 Add volatile keyword to NvmExpressPei's Passthru CQ + 293b97d0c4 Add the volatile keyword to NvmExpressDxe's Passthru CQ + 4dea9e4a0e BaseTools/Conf: Add quotes to ADDDEBUGFLAG in tools_def.txt + 8e985ac3fd BaseTools/Conf: Align CLANGDWARF and CLANGPDB warning overrides + 66494e5324 MdeModulePkg/CapsuleApp: Add EFIAPI to CompareFileNameInAlphabet() + eabaeb0613 OvmfPkg: move OvmfTpmDxe.fdf.inc to Include/Fdf + 8bca1bb977 OvmfPkg: move OvmfTpmPei.fdf.inc to Include/Fdf + b65c0eed6b BaseSynchronizationLib: Fix LoongArch64 synchronization functions + 757f502a3b BaseTools/Conf/tools_def.template: Bump VERSION to 3.00 + 050d6e9434 BaseTools: Delete CLANG38 from tools_def.template + 128547b081 BaseTools: Remove CLANG35 toolchain from tools_def.template + 4ef4b81c9b BaseTools: As with CLANGDWARF IA32 and X64, use lld for ARM and AARCH64 + 98edce75fa BaseTools: Add ARM and AARCH64 CLANGDWARF support in tools_def.template + 0fc07b1c6a BaseTools/Conf/tools_def.template: Add section for deprecated toolchains + 01225075db Add GCC and GCCNOLTO toolchains to tools_def.txt and update packages + 66803cafcf BaseTools: Update VS toolchain descriptions in tools_def.txt.template + d7c6030a47 BaseTools: Remove EBC (EFI Byte Code) compiler definitions + 8b441847e3 BaseTools: Remove unused IPHONE_TOOLS and SOURCERY_CYGWIN_TOOLS defs + ba634ce82b edksetup.bat: Remove VS2008-VS2013 remnants + c844d86bee MdePkg: Remove VS2008-VS2013 remnants + c3ac3301e9 BaseTools: Remove VS2008-VS2013 remnants + 0363584ac9 BaseTools: Remove VS2008, 2010, 2012 and 2013 toolchain definitions + 94c802e108 MdePkg/BasePeCoffLib: Deal with broken debug directories + ff7cb2d7c9 .pytool: Support FDT library. + 5d586606c7 MdePkg: Support FDT library. + 10416bf46e Tianocore: Support FDT library. + d992a05ade Maintainers.txt: Update for IntelFsp2Pkg and IntelFsp2WrapperPkg. + 4b02045f86 OvmfPkg/PlatformBootManagerLib: setup virtio serial console + c6c4362051 OvmfPkg/VirtioSerialDxe: wire up in OvmfPkg* + 4d1452c599 OvmfPkg/VirtioSerialDxe: add driver + 1694b00511 OvmfPkg: add IndustryStandard/VirtioSerial.h + 92da8a154f OvmfPkg: replace SECURE_BOOT_FEATURE_ENABLED with PcdSecureBootSupported + a818a873e5 ArmVirtPkg: allow setting Firmware Version from build command line + 8d59bbf47e OvmfPkg: allow setting Firmware Version from build command line + 5de2a54b2c ArmPkg/PlatformBootManagerLib: Add path to boot UEFI Shell over UiApp + d6b42ed7ed SecurityPkg: add TIS sanity check (tpm12) + 832fbc6e32 SecurityPkg: add TIS sanity check (tpm2) + 23c71536ef UefiPayloadPkg: Fix issues when MULTIPLE_DEBUG_PORT_SUPPORT is true + 56e9828380 RedfishPkg: Add Redfish Platform Config Protocol to RedfishPkg + 83d77fa311 RedfishPkg: Helper library of EDKII_REDFISH_PLATFORM_CONFIG_PROTOCOL + 01b31b585e RedfishPkg: Implementation of EDKII_REDFISH_PLATFORM_CONFIG_PROTOCOL + 02990e2558 RedfishPkg: introduce HII utility helper library + 78f088b5a7 RedfishPkg: introduce EDKII_REDFISH_PLATFORM_CONFIG_PROTOCOL + ecbcff0f49 MdeModulePkg/RegularExpressionDxe: Fix Arm build error + d226811a66 SecurityPkg/DxeImageVerificationLib: Add AUTH_SIG_NOT_FOUND Action + 95ef765839 UefiPayloadPkg: Clang dependency removal + e5e1cd1a83 .azurepipelines: Switch linux image default to Fedora-37 + 04f8371cdd .azurepipelines: Choose container that have installed lcov + 9688e231d7 BaseTools/Plugin: Report error if code coverage failure + edacc551e6 OvmfPkg/CcExitLib: Use documented XSave area base size for SEV-SNP + ce781cf8bb OvmfPkg/CcExitLib: Fix SEV-SNP XSave area size calculation + e5c7d0b017 OvmfPkg/AmdSevDxe: Update ConfidentialComputing blob struct definition + f384303dc5 OvmfPkg/AmdSevDxe: Allocate SEV-SNP CC blob as EfiACPIReclaimMemory + ede0bd1496 UefiCpuPkg: Update PT code to support enable collect performance + 61e2c83424 UefiCpuPkg: Update code to support enable ProcTrace only on BSP + 5a349b96b1 RedfishPkg: Remove the Discover Token global variables + 18f463edba DynamicTablesPkg/SsdtCpuTopology: Allow multi-packages topologies + 6127bf1f30 BaseTools: Add quotes around OBJCOPY cmd in build_rule.template + 2c2cb23528 ArmPkg: add ArmCpuInfo EFI application + a7c8969d03 ArmLib: add functions to read system registers + ed2ff315db MdePkg: Add DEBUG_MANAGEABILITY print error level + 3163f34a42 BaseTools/Plugin: Clarify code coverage failure message + 697e594fad MdePkg/Include: Add DMTF PLDM SMBIOS definitions + 9bf79303ae ArmPkg: older assemblers may lack ID_AA64ISAR2_EL1 + 67b5dba791 UefiPayloadPkg: Move Network modules from Dxe FV to Network FV in elf + 45f5341f6d MdePkg/Include: Add DMTF PLDM Base definitions + 8f4ec0cc43 ArmPkg/ArmMmuLib: Fix ArmReplaceLiveTranslationEntry() alignment + f433fa59d2 ArmPkg/AsmMacroIoLibV8: Introduce ASM_FUNC_ALIGN() + e3d2c08322 CryptoPkg: Enable DXE_CORE support in DxeCryptLib.inf + b16284e2a0 IntelFsp2Pkg/Tools: Enhance PathFv.py to patch Fd file directly + 6ded9f50c3 edk2: Add .git-blame-ignore-revs file + 797f526ae2 BaseTools: Update SetupGit.py to add new 'fp' alias for patch formatting + c9fb11f92f BaseTools: Update PatchCheck.py to check for __FUNCTION__ + 55b67b6950 MdeModulePkg/RegularExpressionDxe: Fix GCC build error + d795fb571b Maintainer.txt: add myself as reviewer for bhyve's OvmfPkg + 42b0443599 ShellPkg: UefiShellDebug1CommandsLib: Uefi Config Tables in Dmem.c + 5430f7f60d MdePkg: Add new JedecJep106Lib to fetch JEDEC JEP106 manufacturer + f9278458b6 OvmfPkg/VirtioMmioDeviceLib: virtio 1.0: Fix SetQueueAlignment. + 89520115b8 UefiPayloadPkg: Update default memory type information for S4 + dc5f2905eb UefiPayloadPkg: Always build MemoryTypeInformation HOB for DXE GCD + b991aec050 UefiCpuLib: Remove UefiCpuLib. + 51734dfc48 ShellPkg: Update smbiosview type 0/4/17/41 with SMBIOS 3.5 fields + 61652efd04 FmpDevicePkg: Update code to be more C11 compliant by using __func__ + 33f30cfec2 UefiPayloadPkg: Update code to be more C11 compliant by using __func__ + 66f6a64dd9 EmulatorPkg: Update code to be more C11 compliant by using __func__ + 457b4e42f7 SourceLevelDebugPkg: Update code to be more C11 compliant by using __func__ + 84f553cb63 NetworkPkg: Update code to be more C11 compliant by using __func__ + 74ce342f18 CryptoPkg: Update code to be more C11 compliant by using __func__ + f1d31a6ec7 StandaloneMmPkg: Update code to be more C11 compliant by using __func__ + 9e7b042ecb PrmPkg: Update code to be more C11 compliant by using __func__ + 1295e37d4b UnitTestFrameworkPkg: Update to be more C11 compliant by using __func__ + f20e35982b ArmPlatformPkg: Update code to be more C11 compliant by using __func__ + 997419d16f RedfishPkg: Update code to be more C11 compliant by using __func__ + ccbbb4b1c5 EmbeddedPkg: Update code to be more C11 compliant by using __func__ + dd0b33e3e5 SecurityPkg: Update code to be more C11 compliant by using __func__ + 7b82da70ed MdeModulePkg: Update code to be more C11 compliant by using __func__ + 8ba392687b OvmfPkg: Update code to be more C11 compliant by using __func__ + 089013a697 UefiCpuPkg: Update code to be more C11 compliant by using __func__ + 1639b6bf07 ArmVirtPkg: Update code to be more C11 compliant by using __func__ + f2cc962cd2 ArmPkg: Update code to be more C11 compliant by using __func__ + cf4af503fb PrmPkg/Library: HOST_APPLICATION IA32/X64 only + b27b897369 MdeModulePkg: HOST_APPLICATION IA32/X64 only + eb20c21fcc MdePkg/Library/BaseLib: HOST_APPLICATION IA32/X64 only + 358e23c1be SecurityPkg/Library/SecureBootVariableLib: HOST_APPLICATION IA32/X64 only + 0657e74116 SecurityPkg/Library/SecureBootVariableLib: Fix VS20xx 4122 errors + c28c16e7c4 SecurityPkg: Add gmock example + 1a24843ecb MdeModulePkg/Library/UefiSortLib: Add GoogleTestLib example + 09458c2b0b MdePkg: Add gmock examples + e4af282e9f UnitTestFrameworkPkg/ReadMe.md: Add gmock documentation + d0252b8fc1 UnitTestFrameworkPkg: Add gmock support to GoogleTestLib + caa389625f .pytool/CISettings.py: Add subhook submodule + 0c6d851d25 UnitTestFrameworkPkg: Add subhook submodule required for gmock + 6405cd0304 MdeModulePkg: Enable forward edge CFI in mem attributes table + d6457b3090 MdePkg/PeCoffLib: Capture DLL characteristics fields in image context + b62d7ac97b BaseTools/GenFw: Add DllCharacteristicsEx field to debug data + 6c299acf48 BaseTools/GenFw: Parse IBT/BTI support status from ELF note + cdf6ff1719 UefiPayloadPkg:Add new build commands for UniversalPayload + 3e3be2cbc2 UefiCpuPkg/CpuExceptionHandlerLib: Drop special XCODE5 version + 68c89b987f OvmfPkg: Drop special Xcode5 version of exception handler library + e5fcaeb133 UefiCpuPkg/CpuExceptionHandlerLib: Make runtime fixups XCODE-only + 4764aa50ef UefiCpuPkg/PeiCpuExceptionHandlerLib: Use SEC/PEI specific asm component + 95f0330953 UefiCpuPkg/CpuExceptionHandlerLib: Use single SEC/PEI version + a257988f59 BaseTools/tools_def CLANGDWARF: Permit text relocations + 8d185dfb66 BaseTools: Update antlr makefile to use cc by default + 2bb6938949 BaseTools/Conf/tools_def: Fix linking using CLANGDWARF_IA32 + a56ee36c49 BaseTools: Build against C++14 when building with clang + 728ff1da33 BaseTools: Allow users to build with clang using CC=clang CXX=clang++ + 206168e83f BaseTools: Allow users to specify compiler to use with make CC= CXX= + cdd79996c2 pip-requirements.txt: bump edk2-basetools to 0.1.43 + 7df447930c IntelFsp2Pkg: LoadMicrocodeDefault() causing unnecessary delay. + af98f1fb03 IntelFsp2Pkg: TempRamInit API should preserve EBX/RBX register. + fb89f62d27 .azurepilelines/templates: Split CryptoPkg builds + 56e70968e9 .github.workflows: Split MdeModulePkg and CryptoPkg analysis + 26997800c9 .github/codeql/edk2.qls: Enable CWE 120, 787, and 805 queries + 0734975824 .github/codeql/edk2.qls: Enable CWE 457, 676, and 758 queries + e03657dca8 UefiCpuPkg: Fix conditionally uninitialized variables + 11dd44dfbe ShellPkg: Fix conditionally uninitialized variables + 7dc182ed1e PcAtChipsetPkg: Fix conditionally uninitialized variables + 3fab32d41d NetworkPkg: Fix conditionally uninitialized variables + 321240b135 MdePkg: Fix conditionally uninitialized variables + 07251f3c6a MdeModulePkg: Fix conditionally uninitialized variables + 84d77d9bf5 CryptoPkg: Fix conditionally uninitialized variable + dbe820d5fa BaseTools/VfrCompile: Fix potential buffer overwrites + 4693b325e8 BaseTools/PatchCheck.py: Add PCCTS to tab exemption list + 33f517445b MdeModulePkg/SmbiosDxe: Fix pointer and buffer overflow CodeQL alerts + fc00ff286a .github/dependabot.yml: Disable automatic rebasing + b4af23aaab .github/workflows/codeql-analysis.yml: Add PIP caching + 4ca4d2b9df UefiCpuPkg/MtrrLib: use new IS_POW2() macro. + 12d3d60f51 OvmfPkg: Consume new alignment-related macros + 495809a614 MdeModulePkg: Consume new alignment-related macros + 836042ffd8 MdePkg/Base.h: Introduce various alignment-related macros + 24e6daa2bc OvmfPkg: Rename IS_ALIGNED macros to avoid name collisions + 583f1aba8b MdeModulePkg: Rename IS_ALIGNED macros to avoid name collisions + 67a6f414aa UefiCpuPkg/MpInitLib: Ensure SEV-SNP VMSA allocations are not 2MB aligned + 3323359a81 UefiCpuPkg/MpInitLib: Reuse VMSA allocation to avoid unreserved allocation + 54051768cd UefiCpuPkg/PiSmmCpuDxeSmm: fix format string + 71210053fa UefiCpuPkg/MtrrTest: Add test cases for TME-MK enable case + bb40c3836f UefiCpuPkg/CpuDxe: Substract TME-MK KEY_ID_BITS from CPU max PA + f2f526e074 UefiCpuPkg/CpuDxe: Refactor to use CPUID definitions + 263782f667 UefiCpuPkg/MtrrLib: Substract TME-MK KEY_ID_BITS from CPU max PA + bb5c115fa6 UefiCpuPkg/MtrrTest: Only claim CPUID max leaf as 1 + 24f57f9648 MdePkg: Add TME-MK related CPUID and MSR definitions + 2f499c36db UefiCpuPkg/Test: Disable random test cases + 4dca07ff0f Maintainers.txt: BaseTools Bob Feng -> reviewer, Rebecca Cran -> maintainer + eb6a748272 MdeModulePkg/Ahci: Skip retry for non-transient errors + 66f4b1b0d2 OvmfPkg/CI: Revert SMP mode + b08a19eae2 .azurepipelines/templates: Increase run to shell timeout + e9e6167123 PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe: PcdRtcDefaultYear bounds + 6f0c65cdb0 RedfishPkg/RedfishPlatformCredentialIpmiLib: IPMI implementation + 53eb26b238 MdePkg: Update MemoryAttributesTable to v2.10 + 3b4d1b38ea ArmVirtPkg/ArmPlatformLibQemu: Make IdMap.S BTI compatible + e701a4d51e ArmPlatformPkg/PrePeiCore: Make vector table object BTI compatible + f484427d10 ArmPkg, BaseTools AARCH64: Add BTI ELF note to .hii objects + 77ea6b547e ArmPkg/GccLto AARCH64: Add BTI note to LTO helper library + 48d642a310 ArmPkg: Emit BTI opcodes when BTI codegen is enabled + f8b1854b92 MdePkg/BaseRngLib AARCH64: Make asm files BTI compatible + 35318c2eb9 MdePkg/BaseSynchronizationLib AARCH64: Make asm files BTI compatible + 0ee255f50a MdePkg/BaseMemoryLibOptDxe AARCH64: Make asm files BTI compatible + c4c7fb2174 MdePkg/BaseLib AARCH64: Make asm files BTI compatible + e504b3917e MdePkg/BaseLib AARCH64: Make LongJump() BTI compatible + ea1312a5b4 MdePkg/BaseIoLibIntrinsic AARCH64: Make asm files BTI compatible + c5cd360277 MdePkg/BaseCpuLib AARCH64: Make asm files BTI compatible + 6521e4d202 MdePkg/ProcessorBind AARCH64: Add asm macro to emit GNU BTI note + e3e88d90e8 UefiPayloadPkg: Support more input parameter + f92a9dce10 OvmfPkg/CI: Boot OVMF in SMP mode. + 6f415f8af4 ArmVirtPkg: Fix depex in kvmtool guest Rtc library + 47b1d61169 ArmVirtPkg: Fix parsing of serial port node + cc6a0cff99 DynamicTablesPkg: Fix parsing of serial port node + 31f0af7964 DynamicTablesPkg: Reduce log output from TableHelperLib + b697a31a8d OvmfPkg: Use Xcode5 version of CpuExceptionHandlerLib for CLANGDWARF + 8f8e4fa3f3 OvmfPkg: Replace static struct initialization with ZeroMem call + e3aba976f6 RedfishPkg: fix config handler driver issues + 0cd7542a69 RedfishPkg: Redfish discover driver improvement + c2abf77116 RedfishPkg/JsonLib: address coverity issue + 5eb3d1bcc1 ArmVirtPkg: can't find gUefiOvmfPkgTokenSpaceGuid + 07e17188df ArmPkg/SmbiosMiscDxe: Adjust the priority of getting firmware version + e4b3fd905a OvmfPkg/PlatformInitLib: simplify mtrr setup + 82c1aa87f9 OvmfPkg/PlatformInitLib: move mmconfig to 0xe0000000 + 5eab38ad03 OvmfPkg/PlatformInitLib: update address space layout comment + 71fd87e98a OvmfPkg/RiscVVirt: Support multiple reserved memory ranges + 144028626e SecurityPkg/FvReportPei: Use FirmwareVolumeShadowPpi + c8e631588b MdeModulePkg/Include/Ppi: Add FirmwareVolumeShadowPpi + 2bc8545883 UefiCpuPkg/CpuPageTableLib: Reduce the number of random tests + aea5930c40 UefiCpuPkg/CpuPageTableLib: Add RandomTest for PAE paging + aad9a30144 UefiCpuPkg/CpuPageTableLib: Enable PAE paging + 878cbd871d UefiCpuPkg: Combine branch for non-present and leaf ParentEntry + f7686f2727 UefiCpuPkg/CpuPageTableLib: Add check for page table creation + aa3153b872 UefiCpuPkg: Modify UnitTest code since tested API is changed + 2e01a5c128 UefiCpuPkg: Fix IA32 build failure in CpuPageTableLib.inf + 8727cc9a8e UefiCpuPkg/CpuPageTableLib: Modify RandomTest to check IsModified + c8c6cf149d UefiCpuPkg/CpuPageTableLib: Add OUTPUT IsModified parameter. + 3b2661d247 UefiCpuPkg/CpuPageTableLib: Enable non-1:1 mapping in random test + cecf279c32 UefiCpuPkg/CpuPageTableLib:Modify RandomTest to check Mask/Attr + ecfe6382c1 UefiCpuPkg/CpuPageTableLib: Add LastMapEntry pointer + 661a669c81 UefiCpuPkg/CpuPageTableLib:Modify RandomBoolean() in RandomTest + 14ef21e559 UefiCpuPkg/CpuPageTableLib: Add manual test to check Mask and Attr + a926c6c49e UefiCpuPkg/CpuPageTableLib:Add check for Mask and Attr + 96e8676577 UefiCpuPkg/MpInitLib: Add code to initialize MapMask + c90cb726f8 UefiCpuPkg/CpuPageTableLib: Fix issue when splitting leaf entry + b6b54367c3 UefiCpuPkg/CpuPageTableLib:Clear PageSize bit(Bit7) for non-leaf + 4904a2b1ec UefiCpuPkg/CpuPageTableLib: Fix the non-1:1 mapping issue + 563a2d2695 UefiCpuPkg/CpuPageTableLib:Initialize some LocalVariable at beginning + c18fbd2c31 UefiCpuPkg/CpuPageTableLib: Add check for input Length + da3dad181e UefiCpuPkg/CpuPageTableLib: Remove unneeded 'if' condition + d55d73152e PcAtChipsetPkg: Add PCD for RTC default year + b1db096575 UefiCpuPkg: Solve that stack top address is not mapped in pagetable + 1bfc89414d UefiPayloadPkg: Add gUefiAcpiBoardInfoGuid support + 69e59545b1 MdePkg/Include: Add IPMI KCS definitions + 2c93253c95 MdePkg/Include: Add DMTF MCTP definitions + 07fa6d1841 MdePkg/Include/Ppi: Remove Itanium leftover data structure + f6bd3286ed IntelFsp2Pkg: Fix NASM X64 build warnings. + 1f26a9e62e BaseTools: Replace duplicate __PcdSet prototype with __PcdGet + b4e2cf092a BaseTools: Source/C/Common: Fix doc block locations and convert to Doxygen + cf6a0a52b0 OvmfPkg/PlatformBootManagerLib: use utf8 for the serial console. + 4f441d024b UefiCpuPkg/PiSmmCpuDxeSmm: fix error handling + 2e71876081 UefiCpuPkg/PiSmmCpuDxeSmm: drop support for obsolete processors + 494127613b SecurityPkg/DxeImageVerificationLib: Check result of GetEfiGlobalVariable2 + b7a8264ae4 RedfishPkg: Update Readme.md + f077bff840 RedfishPkg: Update Redfish DSC + f8fb208a3e RedfishPkg/Library: Redfish BMC USBNIC Host Interface + b17a3a133b MdePkg: Update code to be more C11 compliant by using __func__ + d6107c593b MdePkg: Update Base.h to be compliant with C11 + 410ca0ff94 CryptoPkg/Library: add -Wno-unused-but-set-variable for openssl + 0e57170097 MdeModulePkg/BmBoot: Skip removable media if it is not present + 16e0969ef7 ArmVirtPkg/ArmVirtQemu: Use PEI flavor of ArmMmuLib for all PEIMs + b05523a4e9 ArmPkg/ArmMmuLib: Introduce region types for RO/XP WB cached memory + 852227a9d5 ArmPkg/Mmu: Remove handling of NONSECURE memory regions + 1c4dfadb46 ArmPkg/CpuDxe: Implement EFI memory attributes protocol + b977956a6c MdePkg: Add Memory Attribute Protocol definition + f4a6f63999 ArmPkg/CpuDxe: Expose unified region-to-EFI attribute conversion + ae2c904c3d ArmPkg/ArmMmuLib: Avoid splitting block entries if possible + f07a9df9af ArmVirtPkg: Enable stack guard + 6b821be140 ArmPkg/ArmMmuLib: Implement EFI_MEMORY_RP using access flag + 041c7a31c2 ArmPkg/ArmMmuLib ARM: Clear individual permission bits + 28dce5b130 ArmPkg/ArmMmuLib ARM: Isolate the access flag from AP mask + 699372d388 ArmPkg/CpuDxe ARM: Fix page-to-section attribute conversion + 3b76284883 ArmPkg/ArmMmuLib ARM: Split off XN page descriptor bit from type field + 82ccaaf8e7 ArmPkg/ArmMmuLib ARM: Remove half baked large page support + 997c6967b0 MdePkg/BaseCacheMaintenanceLib: RISC-V: Fix InvalidateInstructionCacheRange + 7cfe9048e3 OvmfPkg/PlatformCI: Add CI coverage for RiscVVirtQemu + 961792c9d6 UefiPayloadPkg: Correct MAX_LOGICAL_PROCESSORS value + a1386bb252 UefiCpuPkg/PiSmmCpuDxeSmm: Fix S3 failure in SmmRestoreCpu + e4c1d8d231 ShellPkg/Library: Fix 32-bit truncation of pointer values + d2bfe28966 BaseTools: Extend fields for module_report.json + 4ad7ea9c84 BaseTools: Generate compile information in build report + 9b94ebb0c8 DynamicTablesPkg: Add SMBIOS String table helper library + a4c9c2b0f0 UefiPayloadPkg: Remove UefiCpuLib from module INFs. + c20408163f UefiCpuPkg: Remove UefiCpuLib from module INFs. + 16bd7aa076 SourceLevelDebugPkg: Remove UefiCpuLib from module INFs. + 866d3b9fd5 PcAtChipsetPkg: Remove UefiCpuLib from module INFs. + cd81e8e030 OvmfPkg: Remove UefiCpuLib from module INFs. + fa78edc57e IntelFsp2Pkg: Remove UefiCpuLib from module INFs. + b294633c68 MdePkg: Move API and implementation from UefiCpuLib to CpuLib + bf0c14a562 OvmfPkg: Add CpuLib to module INFs that depend on UefiCpuLib. + fd1820b7ea UefiCpuPkg/MicrocodeMeasurementDxe: Fix exception + 4ca4041b0d CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1t + 8820767fb3 IntelFsp2Pkg: Fix GCC Compiler warning. + a0f9628705 OvmfPkg/SmbiosPlatformDxe: tweak fallback release date + 2fccd1f153 ArmPkg/SemihostFs: replace SetMem with ZeroMem + 69da506c92 UefiCpuPkg: BaseRiscV64CpuExceptionHandlerLib: clean up + 5ad2592ab3 UefiCpuPkg: CpuTimerDxeRiscV64: fix tick duration accounting + db0a3087a5 MdeModulePkg: Dxe: add RISCV64 to mMachineTypeInfo + 6ceaef4804 MdePkg: BaseCpuLib: Fix RISCV CpuSleep symbol name. + 5bd2e5dfe6 MdePkg: BaseLib: don't log in RISCV InternalSwitchStack + dc5880d02f MdePkg: BasePeCoffLib: Allow AArch64 and x64 images in ImageFormatSupported + 7fa4692636 OvmfPkg: RiscVVirt: add SATA support + 75fb0cfc82 SecurityPkg/RngDxe: Conditionally install EFI_RNG_PROTOCOL + bfb574db11 SecurityPkg/RngDxe: Correctly update mAvailableAlgoArrayCount + aa1cd447b3 UefiCpuPkg: Calculate DisplayFamily correctly + f335d91a3b CryptoPkg/BaseCryptLib: avoid using SHA512() + 5a6455e04c CryptoPkg/BaseCryptLib: avoid using SHA384() + 7fc183df71 CryptoPkg/BaseCryptLib: avoid using SHA256() + 437ed29f27 CryptoPkg/BaseCryptLib: avoid using SHA1() + c7c2599759 UefiCpuPkg: Move AsmRelocateApLoopStart from Mpfuncs.nasm to AmdSev.nasm + 0d1ad06c27 UefiCpuPkg: Rename AsmRelocateApLoopStart. + facf52aeb8 UefiCpuPkg: Put APs in 64 bit mode before handoff to OS. + 6bc74286e7 UefiPayloadPkg: Add CpuPageTableLib required by MpInitLib. + c6e655743f OvmfPkg: Add CpuPageTableLib required by MpInitLib. + e9782e6907 UefiCpuPkg: Allocate contiguous memory for stacks and APs loop. + a6f799e7fd UefiCpuPkg: Split the path in RelocateApLoop into two. + 0c3f8766b0 UefiCpuPkg: Check AP_SAFE_STACK_SIZE during build time. + 46f51898ff MdeModulePkg: Improve formatting of DEBUG messages in UsbBusDxe + a1d595fc9c OvmfPkg/SmmCpuFeaturesLib: Check SmBase relocation supported or not + f6b86eec5a UefiCpuPkg/SmmCpuFeaturesLib: Skip SMBASE configuration + ec07fd0e35 UefiCpuPkg/PiSmmCpuDxeSmm: Consume SMM Base Hob for SmBase info + 7b8c5a8eb4 UefiCpuPkg/SmmBaseHob.h: Add SMM Base HOB Data + 85c6c14c4c UefiCpuPkg/PiSmmCpuDxeSmm: Replace mIsBsp by mBspApicId check + cb4820b6c1 UefiCpuPkg/PiSmmCpuDxeSmm: Fix invalid InitializeMpSyncData call + 5a0932b7d4 RedfishPkg/RedfishDebugLib: provide Redfish debug + fc14c809cb ShellPkg: Improve "ping" output by adding equals sign after time + - Respin the following patches: + ovmf-pie.patch + ovmf-disable-brotli.patch + ovmf-Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch + ovmf-Revert-OvmfPkg-PlatformPei-Update-ReserveEmuVariable.patch + - Add public-mipi-sys-t-1.1-edk2.tar.gz + - public-mipi-sys-t: https://github.com/MIPI-Alliance/public-mipi-sys-ti + - https://github.com/MIPI-Alliance/public-mipi-sys-t/releases/tag/v1.1%2Bedk2 + - Unpackage to MdePkg/Library/MipiSysTLib/mipisyst in source code + - Upgrade OpenSSL to 1.1.1t + - Add openssl-1.1.1t.tar.gz, openssl-1.1.1t.tar.gz.asc + - Update openssl.keyring + - Add openssl.keyring.README + - Update ovmf.spec: + Source1: https://www.openssl.org/source/old/1.1.1/openssl-%{openssl_version}.tar.gz + Source111: https://www.openssl.org/source/old/1.1.1/openssl-%{openssl_version}.tar.gz.asc + - Removed the following workaround patches (bsc#1205978) + - Removed + ovmf-Revert-OvmfPkg-PlatformInitLib-reorder-PlatformQemuU.patch + ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformReservati.patch + ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformAddHobCB.patch + ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformGetLowMem.patch + ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformScanE820-.patch + - Respin + ovmf-Revert-OvmfPkg-PlatformInitLib-dynamic-mmio-window-s.patch + to simplify workaround code. + - Because edk2 upstream expert confirmed that the bsc#1205978 is + a SUSE specific issue. So we removed some workaround revert patches. + And we only keep one respined simple workaround patch until qemu + issue be fixed. + +------------------------------------------------------------------- +Fri Jun 30 13:08:37 UTC 2023 - Callum Farmer + +- Initial riscv64 support + * Update descriptors.tar.xz + * Enable on TW/16 (riscv64 toolchain not available on 15) +- Add ovmf-riscv64-missing-memcpy.patch: fixes undefined memcpy + +------------------------------------------------------------------- +Mon Mar 20 13:28:55 UTC 2023 - Joey Lee + +- Add ovmf-Revert-OvmfPkg-PlatformPei-Update-ReserveEmuVariable.patch + to revert 58eb8517ad7b56574f8f04b770a59a9cbed796c4 patch to prevent + booting hangs when SEV + secure boot. (bsc#1209266) + +------------------------------------------------------------------- +Thu Mar 16 08:17:08 UTC 2023 - Joey Lee + +- Removed patches which are merged to edk2-stable202302 (bsc#1209266): + - ovmf-tools_def-add-fno-omit-frame-pointer-to-GCC48_-IA32-.patch + tools_def: add -fno-omit-frame-pointer to GCC48_{IA32,X64}_CC_FLAGS + (bsc#1199597) + - 129404f6e4 edk2-stable202302~200 + - ovmf-OvmfPkg-PlatformInitLib-Fix-integrity-checking-faile.patch + OvmfPkg/PlatformInitLib: Fix integrity checking failed of NvVarStore + (bsc#1206078) + - ceb52713b0 edk2-stable202302~226 + +------------------------------------------------------------------- +Wed Mar 15 05:40:30 UTC 2023 - Joey Lee + +- Update to edk2-stable202302 (bsc#1209266) + - Features (https://github.com/tianocore/edk2/releases): + Add support for RISC-V qemu virt machine + Add RPMB related commands and DCB definition for NVMe + SecurityBoot - remove self-signed PK requirement in SetupMode + SecurityBoot - support Authenticated SetVariable with ContentInfo + TDVF Optimization - Enable Separate-Fv in OvmfPkg/IntelTdx + TDVF Optimization - Pre-alloc shared memory for TDVF DMA + TDVF Optimization - Enable Multi-core based lazy-accept + TDVF - Fix Instruction Pointer Incrementation by TD #VE MMIO Handler + TDVF - Incorrect implementation in the TDX RTMR implementation + TDVF - Incorrect protocol and structure version in the TDX CC measurement + TDVF - TdTcg2Dxe lives in the Ovmfpkg instead of the SecurityPkg + TDVF - need measurement VMM input ACPI table before register + TDVF - need integrate feature in config-B to config-A + - Patches (git log --oneline --date-order edk2-stable202211..edk2-stable202302): + f80f052277 OvmfPkg/RiscVVirt: Add Stack HOB + 1eeca0750a UefiPayloadPkg: remove the change that get platform specific logic + bc82574de4 OvmfPkg/RiscVVirt: Fix SCT memory allocation test case failure + 2c5961cccf BaseTools/tools_def.template: Update -march parameter for RISC-V + 02fcfdce1e BaseTools: Update WindowsVsToolChain plugin + 5c551d6d91 Maintainers.txt: Add entry for OvmfPkg/RiscVVirt + 92b27c2e6a OvmfPkg/RiscVVirt: Add build files for Qemu Virt platform + e1aaef001f OvmfPkg/RiscVVirt: Add SEC module + a43a62f9b0 OvmfPkg/RiscVVirt: Add PciCpuIo2Dxe module + 6d5ae344cd OvmfPkg/RiscVVirt: Add VirtNorFlashPlatformLib library + c126e3588d OvmfPkg/RiscVVirt: Add ResetSystemLib library + 6720b8e46f OvmfPkg/RiscVVirt: Add PrePiHobListPointerLib library + d78df93863 OvmfPkg/RiscVVirt: Add PlatformBootManagerLib library + f13264b340 ArmVirtPkg: Fix up the location of PlatformHasAcpiDtDxe + 09cd17b0de ArmVirtPkg/PlatformHasAcpiDtDxe: Move to OvmfPkg + a7dec790dc UefiCpuPkg/UefiCpuPkg.ci.yaml: Ignore RISC-V file + c27cdc941d UefiCpuPkg: Add CpuDxeRiscV64 module + 98fa877efd UefiCpuPkg: Add CpuTimerDxeRiscV64 module + 705c3469b5 UefiCpuPkg: Add BaseRiscV64CpuTimerLib library + cbac2c74e8 UefiCpuPkg: Add BaseRiscV64CpuExceptionHandlerLib + d6017bca19 UefiCpuPkg: Add RISCV_EFI_BOOT_PROTOCOL related definitions + 76e956547e MdePkg: Add BaseRiscVSbiLib Library for RISC-V + 550f196e82 MdePkg/BaseLib: RISC-V: Add few more helper functions + 8aeb405466 MdePkg/Register: Add register definition header files for RISC-V + 38da9606f7 MdePkg: Added Call for AfterReadyToBoot Event + 419c0aafa6 MdePkg: Add After Ready To Boot Event Definition from UEFI 2.9 + 77d6772708 MdeModulePkg/Library: PcdAcpiS3Enable set FALSE cause Assert + 68c1bedbf2 MdeModulePkg/Variable: Attribute combination should return EFI_UNSUPPORTED + 090642db7a MdeModulePkg/EsrtFmpDxe: Support multiple devices with 0 HardwareInstance + f9c6b5134e MdeModulePkg/Pci: Display more information of PCIe devices + 1b5420e807 OvmfPkg/AmdSevDxe: Close mAcceptAllMemoryEvent + f67ec87704 OvmfPkg: Fix SevMemoryAcceptance memory attributes + 540522fec0 .devcontainer/devcontainer.json: Add devcontainer file + b3f321f2d7 .mergify/config.yml: Remove rebase_fallback attribute (deprecated) + 93a21b465b MdePkg: Add NVMe boot partition header definition + 069703228c MdePkg: Add RPMB related commands and DCB definition for NVMe + 39254d922e RedfishPkg/RedfishRestExDxe: Two PCDs for controlling the requests + 289d93b79c StandaloneMmPkg/StandaloneMmMemLib: Change max address computation + 173a7a7daa OvmfPkg: Update build.sh to allow building OVMF then running QEMU + f6ce1a5cd8 EmulatorPkg/PeiTimerLib: Bug fix in NanoSecondDelay + b59e6fdae2 .pytool/Plugin/EccCheck: Add PACKAGES_PATH support + 5db84c85c3 MdePkg:IORT header update for IORT Rev E.e spec + 96192ba5bd MdeModulePkg: EfiUnacceptedMemoryType is not allowed in AllocatePool + 8a763b533b MdeModulePkg: Disambiguate the meaning of PcdDxeIplSwitchToLongMode + aef0061ac2 BaseTools: remove useless dependency on libuuid + aea8a9c954 RedfishPkg: fix multiple SMBIOS type 42 version issue + b98e2113b5 ArmPkg/ArmScmiDxe: Fix the calculation of RequiredArraySize + 9d669016d9 OvmfPkg/IntelTdx: Update README + ff8485179c SecurityPkg/TdTcg2Dxe: td-guest shall halt when CcMeasurement install fail + cc18c503e0 SecurityPkg: don't require PK to be self-signed by default + f6e4824533 OvmfPkg: require self-signed PK when secure boot is enabled + 566cdfc675 SecurityPkg: limit verification of enrolled PK in setup mode + 7c138e4008 EmbeddedPkg/PrePiLib: Drop unused PCD PcdPrePiCpuIoSize + 4d37059d8e OvmfPkg: Support Tdx measurement in OvmfPkgX64 + 1f9bd937b3 OvmfPkg/PlatformPei: Build GuidHob for Tdx measurement + 6ea50514c1 OvmfPkg/OvmfPkgX64: Measure TdHob and Configuration FV in SecMain + d92db8a086 OvmfPkg/IntelTdx: Add PeiTdxHelperLib + 019621d078 OvmfPkg/IntelTdx: Measure TdHob and Configuration FV in SecMain + c0984d1ff2 OvmfPkg: Refactor ProcessHobList + 852ae4cd80 OvmfPkg: Refactor MeaureFvImage + f41acc651f OvmfPkg: Refactor MeasureHobList + d59279f8ce OvmfPkg/PeilessStartupLib: Update the define of FV_HANDOFF_TABLE_POINTERS2 + d09c1d4b88 OvmfPkg/IntelTdx: Add SecTdxHelperLib + d3109e5f18 OvmfPkg/IntelTdx: Add TdxHelperLibNull + 6ba931bebf OvmfPkg: Add Tdx measurement data structure in WorkArea + 935343cf16 OvmfPkg/AcpiPlatformDxe: Measure ACPI table from QEMU in TDVF + 7623b4bf6a MdeModulePkg: ScsiDiskDxe: clean up comment in ScsiDisk.c + 13b97736c8 UefiCpuPkg: Fix SMM code hangs when InitPaging + 11f0014c0e MdePkg: Label CreateEvent NotifyFunction and NotifyContext optional + ae6e470252 MdeModulePkg/Bus/Ata/AhciPei: Fix DEADCODE Coverity issue + 558b37b49b ShellPkg/AcpiView: ERST Parser + d375273c89 MdeModulePkg: ScsiBusDxe: Refactor DiscoverScsiDevice() + bda715bf6d MdePkg: Fix UINT64 and INT64 word length for LoongArch64 + 2f2fd79fc4 UefiPayloadPkg: Set RTC dynamic PCD to PeiPCDdatabase + 3509103132 MdePkg: Added serveral tables to MATD used by LoongArch64 + c5ef1f01a1 MdePkg: Add ACPI 6.5 header + 620cddb1e0 MdePkg: Add Acpi65.h to IgnoreFiles area + c59230bce1 ArmVirtPkg: Remove RealView Debugger lines from ArmVirtPkg.dsc.inc + 8c170ad491 ArmPkg: Remove RealView Debugger support + 15f98047d2 BaseTools: Remove CYGWIN_NT-5.1-i686 ref from Scripts/PatchCheck.py + cdcee3d17b BaseTools: Delete Bin/{CYGWIN_NT-5.1-i686,Darwin-i386} directories + 4b384c21ad MdeModulePkg: Correct memory type in PrePiDxeCis.h + bb13762548 tools_def: Remove duplicated -Os + e7aac7fc13 ArmPkg: implement EFI_MP_SERVICES_PROTOCOL based on PSCI calls + d1855afc6e ArmPkg: Add GET_MPIDR_AFFINITY_BITS and MPIDR_MT_BIT to ArmLib.h + 0d129ef7c3 OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted + 466d8f65e3 OvmfPkg: Implement AcceptAllUnacceptedMemory in AmdSevDxe + 26847fb6be OvmfPkg: Introduce the OvmfSevMemoryAcceptance protocol + a00e2e5513 OvmfPkg: Add memory acceptance event in AmdSevDxe + ca573b8615 ArmVirtPkg/PlatformCI: Perform build test of ArmVirtKvmTool + 0eda253317 ArmVirtPkg/PlatformCI: Add CI coverage for ArmVirtQemuKernel + ed1806b2c0 ArmVirtPkg/PlatformCI: Enable optional features on Qemu AARCH64 builds + 01a06884a1 ArmVirtPkg/PlatformCI: factor out reusable PlatformBuildLib.py + 619f077252 ArmVirtPkg/ArmVirtQemu: enlarge initial flash mapping + 6c8a08bd8a ArmVirtPkg/PrePi: Ensure timely execution of library constructors + d0ff1cae3a CryptoPkg/Library: Reinstate ARM/AARCH64 sections in SmmCryptLib.inf + f25ee54763 OvmfPkg: fix BuildResourceDescriptorHob call in PlatformAddHobCB() + 37d3eb026a SecurityPkg/AuthVariableLib: Check SHA-256 OID with ContentInfo present + 7afef31b2b MdeModulePkg: remove garbage pixels in LaffStd glyphs + e96a5734f6 ShellPkg: Export default shell delay as PCD + bf5678b580 OvmfPkg/PlatformInitLib: catch QEMU's CPU hotplug reg block regression + c3e128a4cd OvmfPkg/PlatformInitLib: factor out PlatformCpuCountBugCheck() + 3beb8c9654 OvmfPkg/PlatformCI VS2019: Enable temporary workaround for cpuhp bugfix + 51411435d5 EmbeddedPkg: Add back FfsFindSectionData + 0826808d4f EmbeddedPkg: Rename FfsFindSectionData as FfsFindSectionDataWithHook + 18df11da8c MdeModulePkg: Add IpmiCommandLib + ae55e9fca6 MdeModulePkg/IpmiCommandLib: Add NULL instance library + bde407db51 MdeModulePkg/Include: Add IpmiCommandLib header file + 426efcc374 RedfishPkg/Include: Redfish USB Interface V2 update + 663e70851c RedfishPkg/Include: Add Redfish IPMI definitions + cabcc6851b MdePkg/IndustryStandard: Update IPMI definitions + 998ebe5ca0 OvmfPkg/CcExitLib: Initialize Status in IoExit + 5c7a611353 OvmfPkg/BaseMemEncryptTdxLib: Refactor error handle of SetOrClearSharedBit + e0dcfb31fb SecurityPkg/TdTcg2Dxe: Extend EFI boot variable to PCR[1] + e05132aaa0 OvmfPkg/CcExitLib: Refactor TDX MmioExit + c01622057c OvmfPkg/CcExitLib: Move common X86 instruction code to separate file + 70d1481b55 OvmfPkg/PeilessStartupLib: Find NCCFV in non-td guest + c3f4f5a949 OvmfPkg/IntelTdx: Enable separate-fv in IntelTdx/IntelTdxX64.fdf + 066d3c8004 OvmfPkg: Add PCDs/GUID for NCCFV + c673216f53 EmbeddedPkg/PrePiLib: Add FFS_CHECK_SECTION_HOOK when finding section + 6c1988af76 ShellPkg: Display SMBIOS Type38 fields in smbiosview in formatted view + ea382b3b21 CI: use ubuntu-22.04 image (Linux only) + 7edf120150 OvmfPkg: CI: use ubuntu-22.04 vm_image (Linux only) + 5f8b749c73 EmulatorPkg: CI: use ubuntu-22.04 vm_image (Linux only) + 7e88204fe1 ArmVirtPkg: CI: use ubuntu-22.04 vm_image (Linux only) + 84cb35232d BaseTools: remove ext_dep files for gcc + 5d25638e1b .pytool: CISettings.py: don't add scopes for GCC + 7fab007f33 OvmfPkg: CI: Use Fedora 35 container (Linux only) + 32c76a8cd4 EmulatorPkg: CI: Use Fedora 35 container (Linux only) + 7cddfae1e8 ArmVirtPkg: CI: Use Fedora 35 container (Linux only) + ef09160098 CI: Use Fedora 35 container (Linux only) + 36d7626a37 CI: Allow running in a container. + becff4f473 CI: add ~/.local/bin to PATH (Linux only) + 65cc189414 OvmfPkg: CI: use Python version from defaults template + 7d62df623f EmulatorPkg: CI: use Python version from defaults template + 89ed7e4795 ArmVirtPkg: CI: use Python version from defaults template + 3579551734 CI: make Python version configurable + 015a001b03 OvmfPkg/PlatformInitLib: reorder PlatformQemuUc32BaseInitialization + c0a0b9bc35 OvmfPkg/PlatformInitLib: Add PlatformReservationConflictCB + 328076cfdf OvmfPkg/PlatformInitLib: Add PlatformAddHobCB + 124b765051 OvmfPkg/PlatformInitLib: Add PlatformGetLowMemoryCB + e037530468 OvmfPkg/PlatformInitLib: Add PlatformScanE820 and GetFirstNonAddressCB + a107ad0f62 BaseTools/tools_def CLANG38: Suppress unaligned access warning + 021930d7c2 BaseTools/tools_def ARM: Make choice for soft float ABI explicit + e974064303 BaseTools/tools_def ARM AARCH64: Get rid of ARCHCC and ARCHASM flags + 096cd41ce7 BaseTools/tools_def RISCV: Make OpenSBI references RISCV-only + d05739a3ff Fix cyclic dependency error on OptionROM build + 987cc09c7c ArmVirt: don't use unaligned CopyMem () on NOR flash + 47ab397011 MdeModulePkg/XhciPei: Unlinked XhciPei memory block + be8d6ef385 MdeModulePkg/Usb: Read a large number of blocks + 8147fe090f MdeModulePkg/Xhci: Initial XHCI DCI slot's Context value + 7cd55f3009 OvmfPkg/AcpiPlatformDxe: Return error if installing NotifyProtocol failed + 66f18fde49 OvmfPkg/AcpiPlatformDxe: Refactor QemuAcpiTableNotifyProtocol + 2ef0ff39e5 OvmfPkg/AcpiPlatformDxe: Add log to show the installed tables + 165f1e4936 OvmfPkg/AcpiPlatformDxe: Use local variable in QemuFwCfgAcpi.c + f81273f7fb OvmfPkg/AcpiPlatformDxe: Use local variable in CloudHvAcpi.c + 43b3ca6b7f OvmfPkg/AcpiPlatformDxe: Remove QEMU_ACPI_TABLE_NOTIFY_PROTOCOL + ba08910df1 OvmfPkg: fix OvmfTpmSecurityStub.dsc.inc include + 9d70d8f20d MdeModulePkg: Notify BeforeExitBootServices in CoreExitBootServices + 82b0ee8354 MdePkg: Add EFI_EVENT_BEFORE_EXIT_BOOT_SERVICES_GUID + 59aa48bb7d OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe + e5ec3ba409 OvmfPkg/VirtNorFlashDxe: map flash memory as uncacheable + 85fd05ab97 OvmfPkg/PlatformInitLib: fix comment about uncacheable MTRRs + fe405f08a0 NetworkPkg: Add WiFi profile sync protocol support + ec54ce1f1a ArmVirtPkg/ArmVirtQemu: Avoid early ID map on ThunderX + 5ee17c5418 ArmVirtPkg/ArmPlatformLibQemu: Ensure that VFP is on before running C code + 717f35a9f2 DynamicTablesPkg: FdtHwInfoParserLib: Fix compatible string + 82dd766f25 BaseTools: Reduce the LoongArch64 compiler size + 2cc6d4c8ed UefiPayloadPkg: Fix debug print error level hob not save correct + 33a3408fbb Revert "UefiCpuPkg: Duplicated AsmRelocateApLoop as AsmRelocateApLoopAmd" + ae80fe997d Revert "OvmfPkg: Add CpuPageTableLib required by MpInitLib." + 5ef3990735 Revert "UefiPayloadPkg: Add CpuPageTableLib required by MpInitLib." + cbcf0cd65e Revert "UefiCpuPkg: Has APs in 64 bit long-mode before booting to OS." + d8d829b89d UefiPayloadPkg: Move RTC PCD to dynamic PCD + 5386c9e6da Maintainers.txt: Update reviewers for OVMF/Confidential Computing + 5654ce1d2c SecurityPkg: Move TdTcg2Dxe from OvmfPkg to SecurityPkg + 0aca5901e3 Maintainers.txt: designate Gerd Hoffmann as UefiCpuPkg reviewer + 8c2357809e .azurepipelines: Skip CodeCoverage if coverage.xml not found + c32e733151 Maintainers.txt: Update NetworkPkg & MM modules Reviewer + 9ce09870e7 OvmfPkg/SmmCpuFeaturesLib: drop obsolete API implementation + ff379e1b48 UefiCpuPkg/SmmCpuFeaturesLib: drop obsolete API implementation + d452feedf2 OvmfPkg: raise DXEFV size to 13 MB in the traditional platform FDFs + 12e4043bd6 OvmfPkg/QemuVideoDxe/VbeShim.sh: remove end-of-options delimiter for nasm + 992d5451d1 MdeModulePkg/Bus/Pci/XhciDxe: Reset port if status change returns an error + 89c5d90003 .azurepipelines: Install code coverage tool + 6bb00aa484 BaseTools/Plugin: Add coverage support for Unit Test + 3701f105fa UnitTestFrameworkPkg: Add code coverage support for GCC + b670700ddf UefiCpuPkg/PiSmmCpuDxeSmm:Fix PF issue caused by smm page table code + bbd30066e1 BaseTools: Generate deps for Arm targets + 3a872dac7b BaseTools: Use BUILD_CC when checking gcc version in DevicePath + c5d68ef6e7 BaseTools: Fix IA32 UINT64 alignment for CLANG toolchains + a086f4a63b OvmfPkg: Use NestedInterruptTplLib in nested interrupt handlers + a24fbd6061 OvmfPkg: Add library to handle TPL from within nested interrupt handlers + 9bf473da4c OvmfPkg: Send EOI before RestoreTPL() in timer interrupt handlers + bf65d7ee88 OvmfPkg/PlatformInitLib: pass through reservations from qemu + 16acacf24c OvmfPkg: fix PlatformConfig + d8d4abdff9 UefiPayloadPkg: Fix boot issue for non-universal payload + 538ac013d6 ArmVirtPkg: Remove CcProbeLib from ArmVirtQemu.dsc + 8cb4b429a2 OvmfPkg/AcpiPlatformDxe: Check PcdConfidentialComputingGuestAttr + ec87305f90 PcAtChipsetPkg: Move RTC PCD to dynamic PCD + 129404f6e4 tools_def: add -fno-omit-frame-pointer to GCC48_{IA32,X64}_CC_FLAGS + 3e8b7e1055 tools_def: remove GCC_IA32_CC_FLAGS/GCC_X64_CC_FLAGS + 62031335bd CryptoPkg: Need to enable crypto functions + 72a9386f67 UefiCpuPkg: Simplify the code to set smm page table as RO + 0426115b67 UefiCpuPkg: Remove unused API in SmmCpuFeaturesLib.h + b822be1a20 UefiCpuPkg/PiSmmCpuDxeSmm: Introduce page table pool mechanism + 0b633b1494 OvmfPkg/OvmfXen: Build platform info HOB in XenPlatformPei + 451521ccbc OvmfPkg/PlatformInitLib: Implement multi-core accept memory for TDVF + c55cf3f795 OvmfPkg: Enable APs to accept memory for TDVF + 0547ffbf6d OvmfPkg/Sec: Move TDX APs related nasm code to IntelTdxAPs.nasm + 4d8651c2fb OvmfPkg: Add TdxMailboxLibNull in some platform dsc + b21fe5a8a6 OvmfPkg/TdxMailboxLib: Add NULL instance of TdxMailboxLib + a00b71b009 OvmfPkg/TdxMailboxLib: Delete global variables + b2d76fdd42 SecurityPkg: deprecate RpmcLib and VariableKeyLib + 3c16e6fb97 UefiPayloadPkg: Fixed that The UPL info section is not aligned at 4-byte + a7e722941c MdePkg: Fix typos and spacing in Library/PerformanceLib.h + 4bdc41cf17 MdePkg: Fix typo of EFI_INVALID_PARAMETER in Protocol/UsbIo.h + ec25e904c7 MdeModulePkg/Bus/Pci/XhciDxe: Check port is compatible before getting PSIV + 01c2fb0d22 MdeModulePkg/XhciDxe/Xhci: Don't check for invalid PSIV + 3f378450df UefiPayloadPkg: Add CpuPageTableLib required by MpInitLib. + 4a86424224 OvmfPkg: Add CpuPageTableLib required by MpInitLib. + 73ccde8f6d UefiCpuPkg: Has APs in 64 bit long-mode before booting to OS. + 7bda8c6481 UefiCpuPkg: Duplicated AsmRelocateApLoop as AsmRelocateApLoopAmd + 6937fc8338 UefiPayloadPkg/SerialPortLib: Enhance multi port behaviour + 259e1e0462 EmulatorPkg/RedfishHostInterface: Add NULL function + 2846c19da9 RedfishPkg/RedfishHostInterface: Platform Redfish HI notification + ceb52713b0 OvmfPkg/PlatformInitLib: Fix integrity checking failed of NvVarStore + 560f9bb063 UefiPayloadPkg: Define default values for the DynamicEX PCDs + 39ba0f8dfc CryptoPkg: Need to enable crypto functions + 5fb3f5723a DynamicTablesPkg: Allow for specified CPU names + 05da2d24b0 UefiPayloadPkg: Move bdsdxe.inf from DXEFV to BDSFV + 8bd2028f9a MdeModulePkg: Supporting S3 in 64bit PEI + 6acf72901a UefiCpuPkg: Supporting S3 in 64bit PEI + 4dd7b86556 Maintainers: Update OvmfPkg/IoMmuDxe + 47b9521513 OvmfPkg/IoMmuDxe: Add SEV support for reserved shared memory + 09f01d4efb OvmfPkg/IoMmuDxe: Rename AmdSevIoMmu to CcIoMmu + c4e76d2fba OvmfPkg/IoMmuDxe: Reserve shared memory region for DMA operation + 316e6df435 OvmfPkg: Add reference to new build instructions + 7a548f3ea9 EmulatorPkg: Add reference to new build instructions + 30697b94fd BaseTools: Add reference to new build instructions + f70f493d1b ArmVirtPkg: Add reference to new build instructions + 0e3e62fc2b .pytool/Readme.md: Add reference to new build instructions + e254c71e9e OvmfPkg/AcpiPlatformDxe: Differentiate TDX case for Cloud Hypervisor + 57162cb62d OvmfPkg/PlatformInitLib: Transfer GUID Extension HOB + e03b0d0672 OvmfPkg/PlatformInitLib: Differentiate TDX case for Cloud Hypervisor + 0adc35fccd OvmfPkg/AmdSev/SecretDxe: Allocate secret location as EfiACPIReclaimMemory + 3e3f5bb21c OvmfPkg/PlatformPei: Validate SEC's GHCB page + 01c0d3c0d5 OvmfPkg/SecTpmMeasurementLib: Fix the mapping error of PCR and RTMR index + fb91d6cbd0 OvmfPkg/TdTcg2Dxe: Fix the mapping error between PCR index and MR index + 19f7c63ea9 OvmfPkg/TdTcg2Dxe: Fix incorrect protocol and structure version + 44fc90eb0e UnitTestFrameworkPkg/UnitTestLib: Print expected Status on ASSERT fail + cda98df162 OvmfPkg/QemuFwCfgLib: remove mQemuFwCfgSupported + mQemuFwCfgDmaSupported + 81bbc1452c OvmfPkg/QemuFwCfgLib: rewrite fw_cfg probe + e59747bd82 OvmfPkg/DebugLibIoPort: use Rom version for PEI + f6a196c7eb OvmfPkg/PlatformPei: remove mFeatureControlValue + 862614e254 OvmfPkg/PlatformPei: remove mPlatformInfoHob + 4bc2c74851 OvmfPkg/PlatformPei: Verification: stop using mPlatformInfoHob + 7dbb8a24d1 OvmfPkg/PlatformPei: NoExec: stop using mPlatformInfoHob + cc6efda777 OvmfPkg/PlatformPei: MemTypeInfo: stop using mPlatformInfoHob + 27874a382c OvmfPkg/PlatformPei: PeiMemory: stop using mPlatformInfoHob + 00743d144b OvmfPkg/PlatformPei Q35 SMM helpers: stop using mPlatformInfoHob + 9d9d15b42a OvmfPkg/PlatformPei: PeiFv: stop using mPlatformInfoHob + 78c373f2a5 OvmfPkg/PlatformPei: AmdSev: stop using mPlatformInfoHob + 916825b84f DynamicTablesPkg: SSDT _LPI revision is incorrect + d103840cfb MdePkg/UnitTestHostBaseLib: Remove HOST_APPLICATION limitation + 1cd902f1f4 UnitTestFrameworkPkg: Modify APIs in UnitTestPersistenceLib + e986f4ce96 MdePkg/BaseCpuLib: Remove assembly for CpuFlushTlb + 804e8c6566 Maintainers.txt: Change Anthony's github id + 592bf33a29 ShellPkg/Shell: Do not set end device path if already end + 1fd8d08970 ShellPkg/AcpiView: APMT Parser + aa65bb4020 MdePkg/IndustryStandard: add definitions for ACPI APMT + 11ce7a2de7 DynamicTablesPkg: Remove duplicated words + 5890a18409 MdeModulePkg: SdMmcPciHcDxe: Fix issue that SD1.0 cards can't be recognized + a654289439 MdeModulePkg/Ata: Fix command status reporting + 4cb94f20b0 OvmfPkg/SmbiosPlatformDxe: use PcdFirmware* + 1ef86f1201 mv OvmfPkg: move fdf include snippets to Include/Fdf + 5eb973eb62 OvmfPkg: move dsc include snippet for Network support to Include/Dsc + 5c25f6c67b OvmfPkg: move dsc and fdf include snippets for TPM support to subdirs + 127e2c5315 OvmfPkg: Add INVD case in #VE handler + 54d81d06fc MdeModulePkg/DxeCore: Use correct type for alignment mask + 8a485e4bb8 EmulatorPkg: Record Argc, Argv and Envp in EmuThunk Ppi + 2c284027b2 EmulatorPkg: Remove unnecessary dependency on EmbeddedPkg + 22f73b6d2d EmulatorPkg: Add persistent memory in EmuThunkPpi + 1c75bf3c21 UefiCpuPkg: Bug fix in 5LPage handling + c14c4719f9 UefiCpuPkg: Check SMM Delayed/Blocked AP Count + 4e17aba4b5 EmulatorPkg/Win: Unload DLLs before reset + 2280af5ff8 UefiCpuPkg/Test: develop UEFI App and dynamic cmd for MP services UT + cf3d4508b2 UefiCpuPkg/Test: Move EfiMpServiceProtocol UT in a separate function + d9e7f6fe49 MdeModulePkg: Put USB DEBUGs that occur for bulk timeouts under VERBOSE + ca33daafc6 RedfishPkg: Remove overlapping private include path in DEC file + a639248bd0 UefiPayloadPkg: Support multiple firmware volume + 7bee249891 EmulatorPkg/WinHost: Add Reset2 PPI + a121165e35 EmulatorPkg/WinHost: XIP for SEC and PEI_CORE + d2842bb6ec EmulatorPkg/WinHost: pre-allocate "physical" RAM + 735a7496cb RedfishPkg: Fix typos of the .inc filenames + 7de1c71dd2 CryptoPkg/BaseCryptLib:time overflow + 5d5be45bd1 CryptPkg: Enable CryptoPkg BaseCryptLib ParallelHash for PEI and DXE + 47d988387e OvmfPkg/PlatformInitLib: Add check to NvVarStoreFV HeaderLength + a1d5723914 UnitTestFrameworkPkg: Library classes private to public + a8a78ef194 CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1s + beb0f8d483 MdeModulePkg: Disable PciDegrade support for LoongArch64 + dd3ba82d31 .github/ISSUE_TEMPLATE/config.yml: Add initial issue template + 8aff08c817 EmbeddedPkg/MetronomeDxe: Update outdated lower bound comment + b92e049522 BaseSynchronizationLib: Fix RISC-V helper name + c8c978d328 ShellPkg/DpDynamicCommand: Add ResetEnd support in DP command + ae3bc559f9 .github/dependabot.yml: Enable dependabot + d992163da6 ShellPkg/SmbiosView: Update ProcessorUpgradeTable + 85d805ed32 UefiPayloadPkg: The UPL info section is not aligned at 4-byte boundary + 6ae2b6648e ArmPkg/ArmTrngLib: Remove ASSERTs in ArmTrngLibConstructor() + - Removed patches which are merged to mainline: + - ovmf-tools_def-add-fno-omit-frame-pointer-to-GCC48_-IA32-.patch + tools_def: add -fno-omit-frame-pointer to GCC48_{IA32,X64}_CC_FLAGS + (bsc#1199597) + - 129404f6e4 edk2-stable202302~200 + - ovmf-OvmfPkg-PlatformInitLib-Fix-integrity-checking-faile.patch + OvmfPkg/PlatformInitLib: Fix integrity checking failed of NvVarStore + (bsc#1206078) + - ceb52713b0 edk2-stable202302~226 + - Add the following revert patches to avoid Page-Fault exception when booting + with edk2-stable202302 ovmf. (bsc#1205978) + ovmf-Revert-OvmfPkg-PlatformInitLib-reorder-PlatformQemuU.patch + ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformReservati.patch + ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformAddHobCB.patch + ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformGetLowMem.patch + ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformScanE820-.patch + ovmf-Revert-OvmfPkg-PlatformInitLib-dynamic-mmio-window-s.patch + - This is for workaround problem temporary. (bsc#1205978) + - Removed the following revert patches because they are not work for + edk2-stable202302. Those revert patches causes ovmf falls in unlimited + boot loops. Because we do not have plan to upgrade ovmf of 15.4. So + let's removed them: + # nasm-2.14 doesn't support corresponding instructions. + ovmf-Revert-MdePkg-Remove-the-macro-definitions-regarding.patch + ovmf-Revert-UefiCpuPkg-Replace-Opcode-with-the-correspond.patch + ovmf-Revert-SourceLevelDebugPkg-Replace-Opcode-with-the-c.patch + ovmf-Revert-MdePkg-Replace-Opcode-with-the-corresponding-.patch + ovmf-Revert-MdeModulePkg-Replace-Opcode-with-the-correspo.patch + - Respin the following patches: + - ovmf-gdb-symbols.patch + - ovmf-disable-ia32-firmware-piepic.patch + - fix-aarch64.patch + - ovmf-Revert-OvmfPkg-OvmfXen-Set-PcdFSBClock.patch + - Rename fix-aarch64.patch to ovmf-Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch + It's express purpose more clearly. (bsc#1207095) + - modified ovmf-build-funcs.sh, add the following qmeu paramter: + -fw_cfg name=opt/org.tianocore/X-Cpuhp-Bugcheck-Override,string=yes + It can disable the checking of CPU hotplug register block misbehaves + in qemu. Qemu needs dab30fbef38 patch, otherwise that ovmf will hang + when booting and show a message to indicate qemu bug. (bsc#1209266) + +------------------------------------------------------------------- +Wed Feb 15 15:01:46 UTC 2023 - Joey Lee + +- Add ovmf-Revert-OvmfPkg-OvmfXen-Set-PcdFSBClock.patch to revert + 71cdb91f313380152d7bf38cfeebe76f5b2d39ac patch (bsc#1205613) + - 71cdb91f313380152d7bf38cfeebe76f5b2d39ac OvmfPkg/OvmfXen: Set PcdFSBClock + - We are waiting better upsteam patch, revert the issue patch first. + Then PcdFSBClock will back to fixed variable. + - Reference: https://edk2.groups.io/g/devel/topic/94891128#96077 + https://bugzilla.tianocore.org/show_bug.cgi?id=4340 + +------------------------------------------------------------------- +Thu Jan 19 08:01:03 UTC 2023 - Paolo Stivanin + +- Add fix-aarch64.patch: this fixes https://bugzilla.suse.com/show_bug.cgi?id=1207095 + +------------------------------------------------------------------- +Thu Dec 8 12:16:49 UTC 2022 - Joey Lee + +- Add ovmf-OvmfPkg-PlatformInitLib-Fix-integrity-checking-faile.patch + to avoid "NvVarStore Variable header State was invalid" issue when + rebooting or booting second time. System hangs when booting. (bsc#1206078) + + The error message in ovmf log: + Select Item: 0x19 + Select Item: 0x25 + Reserved variable store memory: 0x7FF7C000; size: 528kb + NvVarStore Variable header State was invalid. + ASSERT /home/abuild/rpmbuild/BUILD/edk2-edk2-stable202211/OvmfPkg/Library/PlatformInitLib/Platform.c(807): ((BOOLEAN)(0==1)) + +------------------------------------------------------------------- +Fri Dec 2 12:27:15 UTC 2022 - Joey Lee + +- Add ovmf-Revert-OvmfPkg-PlatformInitLib-dynamic-mmio-window-s.patch + to avoid Page-Fault exception when booting with edk2-stable202211 + ovmf. (bsc#1205978) + - This is a revert patch for workaround problem temporary. + +------------------------------------------------------------------- +Tue Nov 29 14:48:03 UTC 2022 - Joey Lee + +- In the PFLASH_CODE in ovmf-build-funcs.sh, Use readonly=on instead of + readonly becuase we got the following message when building ovmf + on SLE15-SP3/SP4 code base: + +[ 981s] qemu-system-x86_64: -drive if=pflash,format=raw,unit=0,readonly,file=ovmf-x86_64-ms-code.bin: warning: short-form boolean option 'readonly' deprecated +[ 981s] Please use readonly=on instead +[ 981s] char device redirected to /dev/pts/0 (label charserial1) + +------------------------------------------------------------------- +Mon Nov 28 14:32:39 UTC 2022 - Joey Lee + +- Update to edk2-stable202211 (jsc#PED-1410) + - Features (https://github.com/tianocore/edk2/releases): + CryptoPkg remove EC PCD and merge optimized openssl libs + Add GoogleTest unit test support to UnitTestFrameworkPkg + Add Raw algorithm support using Arm FW-TRNG interface + TDVF Lazy Accept in OvmfPkg + Debug code to audit BIOS TPM extend operations + Add a new feature to enable LoongArch prot for EDKII + CryptoPkg: Need to add additional cipher algos and TLS API to meet WPA3 + IntelFsp2(Wrapper)Pkg: Support FSP 2.4 MultiPhaseInit + CryptoPkg: Need to support EC and BN API due to WPA3 feature + Add PCI_DEVICE_PPI support for NvmExpressPei + - Patches (git log --oneline --date-order edk2-stable202208..edk2-stable202211): + fff6d81270 pip-requirements.txt: Update to edk2-pytool-extensions 0.20.0 + 2ddc8e1b67 pip-requirements.txt: Update to edk2-pytool-library 0.12.1 + 93629f2c7c ArmPkg/ArmTrngLib: Remove ASSERT in GetArmTrngVersion() + 0cb30c3f5e Maintainers: Update the VmgExitLib to CcExitLib + 765ba5bf05 OvmfPkg/UefiCpuPkg: Add CcExit prefix to the APIs of CcExitLib + a89f558d3c OvmfPkg/UefiCpuPkg/UefiPayloadPkg: Rename VmgExitLib to CcExitLib + b9e702c3c9 UefiCpuPkg/ResetVector:Add Option to reserve 4K region at 4GB + 6d55ad9a59 MdePkg/Test: Add port of BaseSafeIntLib unit tests to GoogleTest + 31377aba8f BaseTools/Plugin/HostBaseUnitTestRunner: Enable gtest xml output + 80f097711b .pytool: Add googletest submodule to CISettings.py + d4586fe3ae UnitTestFrameworkPkg/Library/CmockaLib: Generate symbol information + cef0c5c684 UnitTestFrameworkPkg: Add googletest submodule and GoogleTestLib + c1b073a9dc MdePkg/Include/Library: Undefine _ASSERT() if already defined + 933b4c333c MdePkg/Include: Update Base.h to improve C++ compatibility + 3182843f3b IntelFsp2Pkg: Improvement of supporting null UPD pointer in FSP-T + c8fb724046 ArmPkg/ArmTrngLib: Fix incorrect GUID reference in DEBUG() output + 3b1f3414f2 .github/workflows: Update CodeQL to install Python 3.10.6 + c17c3c24d8 ShellPkg:Improved Smbios Type9 data under smbiosview + 342813a3f7 pip-requirements.txt: Update edk2-pytool-library to 0.12.0 + b0fd309719 edk2.qls: Allow error severity results and add new queries + 179efe5d69 BaseTools: Fix wrong type of arguments to formatting functions + 0be81a4d83 BaseTools/Source/C: Use /Z7 instead of /Zi for host tools + 6032b46dce PrmPkg/PrmSsdtInstallDxe: Update PRMT Device CID to PNP0C02. + 6c1a4a376e .github: Add initial CodeQL config and workflow files + c7aecf2a4f Maintainers.txt: Add .github maintainers and reviewers + 50bee4cc12 CryptoPkg: Sha1 functions causing build errors + 239bcf7805 PrmPkg: Use UnitTestFrameworkPkg UEFI BS library + 6e8b0b6913 UnitTestFrameworkPkg: Add UnitTestUefiBootServicesTableLib + 82e70d9ac0 CryptoPkg/Readme.md: typo and grammar fixes + 35043a5ec0 MdePkg/BaseLib: Fix out-of-bounds reads in SafeString + b556f2445c ArmVirtPkg: Kvmtool: Add RNG support using Arm TRNG interface + 9eb5ccda50 SecurityPkg/RngDxe: Add Arm support of RngDxe + ff29cdb968 SecurityPkg/RngDxe: Rename AArch64/RngDxe.c + 6cdddccf00 SecurityPkg/RngDxe: Add debug warning for NULL PcdCpuRngSupportedAlgorithm + 863fe9e191 SecurityPkg/RngDxe: Add AArch64 RawAlgorithm support through ArmTrngLib + 4b3e9d80be SecurityPkg/RngDxe: Check before advertising Cpu Rng algo + 199031b2b0 SecurityPkg/RngDxe: Documentation/include/parameter cleanup + 922bf317f1 SecurityPkg/RngDxe: Remove ArchGetSupportedRngAlgorithms() + aade3b93fe SecurityPkg/RngDxe: Replace Pcd with Sp80090Ctr256Guid + 8a89747844 SecurityPkg/RngDxe: Rename RdRandGenerateEntropy to generic name + e00ec499c5 ArmPkg/ArmTrngLib: Add Arm TRNG library + 351fe77666 ArmPkg: Add FID definitions for Arm TRNG + ef4cf3d88d MdePkg/ArmTrngLib: Add NULL instance of Arm TRNG Library + cbce5a1a93 MdePkg/ArmTrngLib: Definition for Arm TRNG library class interface + 3d480a93de ArmPkg/ArmHvcLibNull: Add NULL instance of ArmHvcLib + 9d8ed9c8ee ArmPkg: Sort HVC/SMC section alphbetically in ArmPkg.dsc + aa0f522471 ArmPkg/ArmMonitorLib: Add ArmMonitorLib + 9a50990cdb ArmPkg/ArmMonitorLib: Definition for ArmMonitorLib library class + dcf8c79056 ArmPkg: PCD to select conduit for monitor calls + cc650a0378 ArmPlatformPkg: Retire NorFlashDxe driver + eff44c008d OvmfPkg/VmgExitLig: HALT on #VE when access to private memory + 2695e49219 UefiPayloadPkg: Boot mode in PHIT HOB will not be updated + ee3da09bb2 MdeModulePkg/Ufs :Coverity scan flags multiple issues in edk2-stable202205 + eae9e51d98 MdeModulePkg/scsi :Coverity scan flags multiple issues in edk2-stable202205 + b84f32ae5b IntelFsp2Pkg: FSP should support input UPD as NULL. + cab1f02565 MdeModulePkg/PiSmmCore: SmmEntryPoint underflow (CVE-2021-38578) + c46204e25f IntelFsp2Pkg: Update Function header to support IA32/X64. + 957a15adaf UefiCpuPkg/SmmCpuFeaturesLib: Clean up header file inclusion in SmmStm.c + ae62a6e44d UefiCpuPkg/SmmCpuFeaturesLib: Abstract arch dependent code + ed8bfada03 UefiCpuPkg/SmmCpuFeaturesLib: Rename the common C file + 8487ec0ee7 CryptoPkg/Test: Simplify BaseCryptLib host based unit tests + b5dbf8267b pip-requirements.txt: Bump pytool extensions and library + 85dba961c7 UnitTestFrameworkPkg: Support FILE_GUID override in host based unit tests + 720c25ab41 OvmfPkg: Call gEdkiiMemoryAcceptProtocolGuid to accept pages + 7dcc2f3870 OvmfPkg: Realize EdkiiMemoryAcceptProtocol in TdxDxe + 2af33db365 MdePkg: The prototype definition of EdkiiMemoryAcceptProtocol + d1e41c620f OvmfPkg: Introduce lazy accept in PlatformInitLib and PlatformPei + 6ca9f410d1 ShellPkg: Update shell command memmap to show unaccepted memory + 43e306806e MdeModulePkg: Update Dxe to handle unaccepted memory type + 502c01c502 MdePkg: Add UEFI Unaccepted memory definition + 9b648112a5 OvmfPkg: Use BZ3937_EFI_RESOURCE_MEMORY_UNACCEPTED defined in MdeModulePkg + 32c5a470ad MdePkg: Increase EFI_RESOURCE_MAX_MEMORY_TYPE + 00bbb1e584 MdeModulePkg: Add PrePiHob.h + df7ce74e6c RedfishPkg/RedfishDiscoverDxe: Fix memory free issue + 66772bc852 Maintainers.txt: Add 'Pierre Gondois' as DynamicTablesPkg reviewer + e9a3613ce0 ShellPkg/AcpiView: Update PCCT fields for ACPI 6.5 + c9a4df88fd DynamicTablesPkg: Readme.md: Update available tables for generation + 1729fb8a82 DynamicTablesPkg/AmlLib: Allow larger AccessSize for Pcc address space + 8405b1480f DynamicTablesPkg: Add PCCT Generator + dab7bac94c DynamicTablesPkg: Add PCCT related objects + a5672d43a6 DynamicTablesPkg: Fix Ssdt PCI generation comments + 5acd6489df DynamicTablesPkg: FdtHwInfoParserLib: Remove wrong comment + 0bcd3cc06e DynamicTablesPkg: Remove deprecated APIs + 2ef32f914a DynamicTablesPkg: Fix wrong/missing fields in CmObjParser + a64cc43552 DynamicTablesPkg: Fix GTBlock and GTBlockTimerFrame CmObjParsers + 3bcc2e22ef DynamicTablesPkg: Update CmObjParser for MinorRevision + 44b7a856f0 DynamicTablesPkg: Update CmObjParser for IORT Rev E.d + 48c6e7dbcd DynamicTablesPkg: Add PrintString to CmObjParser + 020891f173 DynamicTablesPkg: Use correct print formatter + 52199bf532 MdeModulePkg/ScsiDiskDxe: Update proper device name for ScsiDisk drive + d98efb4682 UefiCpuPkg: Restore HpetTimer after CpuExceptionHandlerLib test + 99338ef81e ArmVirtPkg/ArmVirtKvmTool: Migrate to OVMF's VirtNorFlashDxe + b92298af82 ArmVirtPkg/ArmVirtQemu: migrate to OVMF's VirtNorFlashDxe + 789a723285 OvmfPkg/VirtNorFlashDxe: use EFI_MEMORY_WC and drop AlignedCopyMem() + 25589c4a76 OvmfPkg/VirtNorFlashDxe: avoid switching between modes in a tight loop + ca01e6216a OvmfPkg/VirtNorFlashDxe: avoid array mode switch after each word write + 83f11f9572 OvmfPkg/VirtNorFlashDxe: drop block I/O protocol implementation + 68d234989b OvmfPkg/VirtNorFlashDxe: remove disk I/O protocol implementation + 0a64106c56 OvmfPkg/VirtNorFlashDxe: remove CheckBlockLocked feature + c1ff81f799 OvmfPkg/VirtNorFlashDxe: clone ArmPlatformPkg's NOR flash driver + 16bf588b60 OvmfPkg: clone NorFlashPlatformLib into VirtNorFlashPlatformLib + 115cebbe4d ArmVirtPkg/ArmVirtQemu: Clear XIP flags instead of overriding them + b6efc505e4 ArmVirtPkg/ArmVirtQemu: omit PCD PEIM unless TPM support is enabled + 7136d5491e ArmVirtPkg/QemuVirtMemInfoLib: use HOB not PCD to record the memory size + fead469a3b ArmVirtPkg/ArmVirtQemu: avoid shadowing PEIMs unless necessary + 75d2be4a37 ArmVirtPkg/ArmVirtQemu: Drop unused variable PEIM + 07be1d34d9 ArmVirtPkg/ArmVirtQemu: enable initial ID map at early boot + a26050f74d ArmVirtPkg/ArmVirtQemu: use first 128 MiB as permanent PEI memory + 2eff4ddc77 ArmVirtPkg/ArmVirtQemu: implement ArmPlatformLib with static ID map + 9ca2dc7bec ArmVirtPkg/ArmVirtQemu: wire up timeout PCD to Timeout variable + 2997ae3873 ArmVirtPkg: make EFI_LOADER_DATA non-executable + 9e2c88b16e Maintainers.txt: Update maintainers and reviewers for LoongArch64 + 9670f79937 Maintainers.txt: Update maintainers list + 26638d2aa3 IntelFsp2WrapperPkg: Check header revision for MultiPhase support. + 7464db4474 MdeModulePkg: Fix spelling error in PciSioSerialDxe + 56035d1c8b ArmPlatformPkg/PrePeiCore: Print the firmware version early in boot + db2c22633f Ps2KbdCtrller: Make wait for SUCCESS after BAT non-fatal + fb493ac84e ArmPlatformPkg/PrePeiCore: permit entry with the MMU enabled + b28acb22e0 ArmVirtPkg: do not enable iSCSI driver by default + f4213fed34 ArmVirtPkg: remove EbcDxe from all platforms + acb2acccfd BaseTools/Tests: Use quotes around PYTHON_COMMAND + 4fcd5d2620 CryptoPkg/Library/OpensslLib: update auto-generated files + 0882d6a32d CryptoPkg/Library/OpensslLib: Add generated flag to Accel INF + d79295b5c5 CryptoPkg/Library/OpensslLib: Update process_files.pl INF generation + 3b46a1e243 Revert "CryptoPkg: Update process_files.pl to auto add PCD config option" + 244ce33bdd CryptoPkg: Add Readme.md + 584b246e88 CryptoPkg: Fixed host-based unit tests + 0c9744787e CryptoPkg: Update DSC to improve CI test coverage + dfc7c3dc8c CryptoPkg: Remove PcdOpensslEcEnabled from CryptoPkg.dec + a57b4c11a5 CryptoPkg/Library/OpensslLib: Remove PrintLib from INF files + e75951ca89 CryptoPkg/Library/OpensslLib: Produce consistent set of APIs + ea6d859b50 CryptoPkg/Library/OpensslLib: Combine all performance optimized INFs + dd00f92b2f CryptoPkg/Library: Cleanup BaseCryptLib and TlsLib + 961fadf60c CryptoPkg/Test/UnitTest/Library/BaseCryptLib: Unit test fixes + 8f8372439d CryptoPkg/Library/BaseCryptLib: Update internal functions/variables + 8437368c69 CryptoPkg/Library/BaseCryptLib: Add missing UNI file and fix format + d7d9866ef4 CryptoPkg: Document and disable deprecated crypto services + 4d29da411f remove GCC build warning + 6fd754ec0f BaseTools: Fixed the multiple pairs brackets issue in GenFv + 2355f0c09c BaseTools: Fix check for ${PYTHON_COMMAND} in Tests/GNUmakefile + 913a308df9 BaseTools/Scripts/PatchCheck.py: Allow tab in Makefile + c6720db5dd MdeModulePkg/XhciDxe: Add boundary check for TRB ring allocation + 31b1638468 ArmPkg/ArmMmuLib: Reuse XIP MMU routines when splitting entries + 999c53e2ca ArmPkg/ArmMmuLib: permit initial configuration with MMU enabled + 0487cac09f ArmPkg/ArmMmuLib: Disable and re-enable MMU only when needed + ab644cfac5 ArmPkg/ArmMmuLib: don't replace table entries with block entries + 0f6eccdbf7 BaseTools: Add missing spaces for PCD expression values in AutoGenC + 1d0ff11526 BaseTools: Correct initialization data size check for array PCDs + d23eb3aa99 BaseTools/GenFds: Correct file type set for the PIC section + 0a29933ea9 BaseTools: Support COMPAT16 section generation + 225810a182 BaseTools: Add support for SUBTYPE_GUID section generation + 81aeb94648 BaseTools: Correct BPDG tool error prints + 09e74b81ba BaseTools/FMMT: Add Shrink Fv function + 0e6db46b1b BaseTools/FMMT: Add Extract FV function + b03dceb87f BaseTools: Remove duplicated words in Python tools + c4663e7277 pip-requirement: Upgrade the edk2-basetools version from 0.1.29 to 0.1.39 + 9d6915ca91 UefiCpuPkg/Test: Add unit tests for MP service PPI and Protocol + 6f1bb567aa UefiCpuPkg: Add R8/R9 etc in EccCheck ExceptionList + 012e424601 UefiCpuPkg: Add Pei/DxeCpuExceptionHandlerLibUnitTest in dsc + 055eaacc34 UefiCpuPkg: Add Unit tests for PeiCpuExceptionHandlerLib + beabde5875 UefiCpuPkg: Add Unit tests for DxeCpuExceptionHandlerLib + b8e54e15de UefiCpuPkg/CpuPageTableLib:Support PAE paging for PageTableParse + a7e070808c UefiCpuPkg:Add RegisterExceptionHandler in PeiCpuExceptionHandlerLib + d618fe05bf BaseTools: Remove duplicated words in C tools + 8fc06b6e19 Fix bug on SRIOV ReservedBusNum when ARI enable. + 4aa7e66c06 MdeModulePkg: Fixed extra 1 SR-IOV reserved bus + e0200cc47a NetworkPkg: Add LoongArch64 architecture. + 2ce4bfb843 MdeModulePkg/DxeIplPeim : LoongArch DxeIPL implementation. + 380821a949 MdeModulePkg/CapsuleRuntimeDxe: Add LoongArch64 architecture. + dad7fc29d9 MdeModulePkg/Logo: Add LoongArch64 architecture. + ced203c3d5 MdePkg/BaseSafeIntLib: Add LoongArch64 architecture for BaseSafeIntLib. + 104df6136f MdePkg/BaseSynchronizationLib: LoongArch cache related code. + f89815a125 MdePkg/BaseCpuLib: LoongArch Base CPU library implementation. + dbbb045ff1 MdePkg/BasePeCoff: Add LoongArch PE/Coff related code. + 10d291f746 MdePkg/BaseIoLibIntrinsic: IoLibNoIo for LoongArch architecture. + 264e930de0 MdePkg/BaseCacheMaintenanceLib: LoongArch cache maintenance implementation. + cd24eb578b MdePkg/BaseLib: BaseLib for LOONGARCH64 architecture. + f0a704f9b5 MdePkg/Include: LoongArch definitions. + 76bf716a7a MdePkg: Add LoongArch LOONGARCH64 binding + b1b5177a0c .pytool: Add LoongArch64 architecture on LoongArch64 EDK2 CI. + ab9768cd46 .azurepipelines: Add LoongArch64 architecture on LoongArch64 EDK2 CI. + bcdafe1179 BaseTools: Enable LoongArch64 architecture for LoongArch64 EDK2 CI. + 114e6075b6 BaseTools: Add LoongArch64 binding. + c53807cb7b BaseTools: Updated build tools to support new LoongArch. + cb4f1dfcc1 BaseTools: Updated for GCC5 tool chain for LoongArch platfrom. + 1aa311d175 BaseTools: Update GenFw/GenFv to support LoongArch platform. + 082b563fc4 .python/SpellCheck: Add "Loongson" and "LOONGARCH" to "words" section + 10daf3ee24 MdeModulePkg: Use LockBoxNullLib for LOONGARCH64 + 23d873f4cf MdePkg/DxeServicesLib: Add LOONGARCH64 architecture + 6e1ddbab8d UnitTestFrameworkPkg: Add LOONGARCH64 architecture for EDK2 CI. + 78b081334e ShellPkg: Add LOONGARCH64 architecture for EDK2 CI. + 711ee4103a SecurityPkg: Add LOONGARCH64 architecture for EDK2 CI. + d2c0d52ed6 MdePkg/Include: Add LOONGARCH related definitions EDK2 CI. + c5f4b4fd03 CryptoPkg: Add LOONGARCH64 architecture for EDK2 CI. + ee2ea7868a NetworkPkg/HttpBootDxe: Add LOONGARCH64 architecture for EDK2 CI. + ad8f2b7251 NetworkPkg: Add LOONGARCH64 architecture for EDK2 CI. + 2067672ded FmpDevicePkg: Add LOONGARCH64 architecture for EDK2 CI. + d8c073c89b FatPkg: Add LOONGARCH64 architecture for EDK2 CI. + e25963d458 MdePkg: Added LoongArch jump buffer register definition to MdePkg.ci.yaml + 0371178d0b MdePkg: Added file of DebugSupport.h to MdePkg.ci.yaml + 5bd2dbc698 UefiPayloadPkg: Remove deprecate Crypto Service + e7d7f02c8e CryptoPkg: add Unit Test for X509 new function. + 22745df666 CryptoPkg: add new X509 function to Crypto Service. + 8ecae3d641 CryptoPkg: add new X509 function. + 190f77f8f4 CryptoPkg: add new X509 function definition. + 0371032289 CryptoPkg: add unit test for EC key interface. + 69a50a249b CryptoPkg: Add EC key interface to DXE and protocol + f21a1d48fe CryptoPkg: Add EC key retrieving and signature interface. + f80580f56b OvmfPkg/VirtioNetDxe: Check ChildHandle argument in GetControllerName + 8db4e9f9a0 CryptoPkg: Add new Tls APIs to DXE and protocol + bb78d969b7 CryptoPkg: Extend Tls function library + cafc573ac0 MdePkg: Add Tls configuration related define + 3c9e2f239a CryptoPkg: Fix integer overflow + de103f1981 MdeModulePkg: Handle InitialVFs=0 case for SR-IOV + 4364d66168 UefiCpuPkg: Reset a parameter when BSP Exit in CPU relaxed mode. + a670f12a74 UefiCpuPkg/CpuExceptionHandlerLib: Code optimization to allow bigger stack + 406ad0582a OvmfPkg: rename QemuBootOrderNNNN to VMMBootOrderNNNN + 3361336607 Revert "OvmfPkg/Microvm: no secure boot" + 8916a4f67f OvmfPkg/Microvm: add SECURE_BOOT_FEATURE_ENABLED + 9e6b552b4c OvmfPkg/PciHotPlugInitDxe: reserve more mmio space + ecb778d0ac OvmfPkg/PlatformInitLib: dynamic mmio window size + bbda386d25 OvmfPkg/PlatformInitLib: detect physical address space + 8f9ef9c9a0 OvmfPkg/PlatformInitLib: qemu cpuid physbits detection + 5ff7d712d4 MdeModulePkg/UefiBootManagerLib: Add Disk Info support for Ufs + 710f83b79d .azurepipelines: Add SourceLevelDebugPkg to CI + cf01fdd5d7 SourceLevelDebugPkg: Add package CI YAML file + d6d4a81f8a SourceLevelDebugPkg: Fix spelling errors + 1bd2ff1866 IntelFsp2WrapperPkg: Remove CI exception of PlatformMultiPhaseLib. + f054beec54 IntelFsp2WrapperPkg: Add header for PlatformMultiPhaseLib. + f931506815 .azurepipelines: Add SignedCapsulePkg to CI + b3d379d188 SignedCapsulePkg: Add package CI YAML file + 769879e2a6 .azurepipelines: Add IntelFsp2Pkg and IntelFsp2WrapperPkg to CI + 9ecab62d40 IntelFsp2WrapperPkg: Add CI YAML file + 7c424c28b0 IntelFsp2WrapperPkg: Fix code formatting errors + 28b16c01cf IntelFsp2Pkg: Add CI YAML file + a62bd922aa IntelFsp2Pkg/BaseFspMultiPhaseLib: Replace duplicate GUID + 629709a51d IntelFsp2Pkg: Fix code formatting errors + 12973359d0 EmbeddedPkg: Only run in CI for GCC5 + 43c1111530 EmbeddedPkg: Add CI YAML file + 51e0599536 EmbeddedPkg/AcpiLib: Fix code formatting errors + f01d3ee12c BaseTools/VolInfo: Update file and section type strings + b6d324e06b BaseTools/VolInfo: Update copyright information + 4e1133b946 BaseTools/VolInfo: Parse apriori files + c24328ca62 BaseTools/VolInfo: Increase GUID base name string + 8be33c6544 BaseTools/VolInfo: Fix EFI_SECTION_GUID_DEFINED parsing + 9fc029ee62 BaseTools/VolInfo: Correct buffer for GenCrc32 tool + 6a2b20ff97 MdeModulePkg/NonDiscoverablePciDeviceDxe: Allow partial FreeBuffer + 7aa06237b8 SecurityPkg: Remove enforcement of final GoIdle transition for CRB commands + b7213bbd59 OvmfPkg/QemuBootOrderLib: skip unsupported entries in StoreQemuBootOrder + d63242bd69 OvmfPkg/QemuBootOrderLib: allow slash in rom filenames + 2a0bd3bffc OvmfPkg/PlatformInitLib: q35 mtrr setup fix + 3c0d567c37 UefiPayloadPkg: Provide a wrapper for UniversalPayloadBuild.py + f4d539007c OvmfPkg/PeilessStartupLib: move mPageTablePool to stack + b3dd9cb836 MdeModulePkg/XhciDxe: Input context update for Evaluate Context command + 96f3efbd99 IntelFsp2WrapperPkg: Implement FSP 2.4 MultiPhase wrapper handlers. + d97ee3244d CryptoPkg/Test: Add unit test for CryptoEc + 2157a23a86 CryptoPkg: Add ECC related usage reference + 3b382f5b38 CryptoPkg: Add EC APIs to DXE and protocol + 988e4d8f5e CryptoPkg: Add EC support + 0e7aa6bf9e CryptoPkg: Fix pem heap-buffer-overflow due to BIO_snprintf() + 582a7c9995 CryptoPkg: Add missing library mappings to DSC file + ef9974b298 EmbeddedPkg/PrePi: Check for enough space before aligning heap pointer + 2500ce1011 DynamicTablesPkg: SSDT CPU _CPC generator + 58350c0055 DynamicTablesPkg: AML Code generation to add _CPC entries + 09c90532e7 DynamicTablesPkg: Add CM_ARM_CPC_INFO object + 953438e466 ArmPkg/SmbiosMiscDxe: Get SMBIOS information from OemMiscLib + e5eb0e3347 ArmPkg/SmbiosMiscDxe: Remove redundant updates in SMBIOS Type 2 + 7d74ea141e ArmPkg/SmbiosMiscDxe: Fix typo of "AssetTagType02" + 130b649a8b ArmPkg/SmbiosMiscDxe: Support fetching System UUID + 11b5093ce4 ArmPkg: Correct return value of "SMCCC_ARCH_SOC_ID" Function ID call + 8467a263f9 ArmPkg/ProcessorSubClassDxe: Get processor version from OemMiscLib + a8e8c43a0e CryptoPkg/OpensslLib: Update generated files for native X64 + 4102950a21 CryptoPkg/OpensslLib: Commit the auto-generated assembly files for IA32 + 03f708090b CryptoPkg/OpensslLib: Add native instruction support for IA32 + 0c9d4ad788 CryptoPkg/Test: Add unit test for CryptoBn + 42951543dd CryptoPkg: Add BigNum API to DXE and protocol + fd0ad0c346 CryptoPkg: Add BigNum support + 5f403cdc6a CryptoPkg: add UnitTest for AeadAesGcm. + 022787f806 CryptoPkg: add AeadAesGcm to Crypto Service. + a23f76e184 CryptoPkg: add AeadAesGcm support. + acbc5747bc CryptoPkg: add AeadAesGcm function() definition. + b19793a2ec CryptoPkg: add Hkdf UnitTest. + e919c390e8 CryptoPkg: add new Hkdf api to Crypto Service. + 11b24ef0d7 CryptoPkg: add new Hkdf api in Crypt Lib. + 1336476233 CryptoPkg: add new Hkdf api definition in Crypt Lib. + f3c69cb5a1 CryptoPkg: add Hmac Sha384 to host UnitTest. + 3f77ccb9c8 CryptoPkg: Add new hmac SHA api to Crypto Service. + cbb3b6b950 CryptoPkg: Update CryptLib inf as the file name changed. + 0b1a1bdc30 CryptoPkg: Add HMAC-SHA384 cipher support. + 7bb42e3249 CryptoPkg: Add new hmac definition to cryptlib + 238f5f9544 RedfishPkg/JsonLib: Fix JsonLib build failure + 6f340acfb1 CryptoPkg/BaseCryptLib:Remove redundant init + dd1e20b3c2 nasm_ext_dep.yaml: Remove leading zero in patch version + 62f00dad22 BaseTools: Edk2ToolsBuild: Fixing pipeline build due to path too long + 2c17d676e4 Maintainers.txt: Update email address + 415fc406d6 UefiPayloadPkg/PayloadLoaderPeim: remove GCC build warning + 3184e44df1 Maintainers.txt: Update maintainers/reviewers for CI and Test + f46c7d1e36 IntelFsp2Pkg: Fix FspSecCoreI build failure. + 981bf66d5a IntelFsp2Pkg: NvsBufferPtr is missing in Fsp24ApiEntryM.nasm + 8c92a9508e DynamicTablesPkg: AcpiSsdtPcieLibArm: Allow use of segment number as UID + 45297e6c9b BaseTools: 64bit FSP FV map file cannot be created correctly + 1dccbd1a38 MdeModulePkg/AhciPei: Fix MMIO base assignment + 838c730fe6 MdeModulePkg SmbiosMeasurementDxe: Add Type4 CurrentSpeed to filter table + db7afaee91 MdeModulePkg: Use configurable PCD for AHCI command retries + 970e262949 OvmfPkg: Allow runtime control of IPv4 and IPv6 support on QEMU + d933ec115b OvmfPkg: gather common NetworkComponents overrides in .dsc.inc file + 477b5b7d55 OvmfPkg: Introduce alternate UefiDriverEntrypoint to inhibit driver load + 34969dd260 ArmPkg, ArmVirtPkg: put SpellCheck in AuditOnly mode + cdb80a281f OvmfPkg/LegacyBootManagerLib: Fix debug macro arguments + 8fdb4de628 NetworkPkg/TcpDxe: Fix debug macro arguments + e8a537d28d DynamicTablesPkg/AcpiPpttLibArm: Fix debug macro arguments + e495b1009a SecurityPkg/SmmTcg2PhysicalPresenceLib: Add missing debug print specifier + c403de7bd4 RedfishPkg/RedfishRestExDxe: Remove extra debug macro argument + 1096a9b04b MdeModulePkg: Fix imbalanced debug macros + b4036b52b1 FatPkg/FatPei: Remove extraneous debug message argument + 917a7e3f34 ArmPlatformPkg/NorFlashDxe: Remove unused debug print specifier + 7b8f69d7e1 BaseTools/GenFw AARCH64: Convert more types of explicit GOT references + d82ec90f51 pip-requirement: Upgrade the edk2-basetools version from 0.1.28 to 0.1.29 + 8465fd59d3 OvmfPkg: Update I/O port related to ACPI devices for CloudHv + 54c8d5e432 UefiPayloadPkg: Allow DxeMain.inf to consume the new SerialPortLib + 11a04bb4a6 UefiPayloadPkg: Implement a new SerialPortLib instance + 512042eba8 OvmfPkg/QemuVideoDxe: fix bochs mode init + 314799a926 pip-requirement: Upgrade the edk2-basetools version from 0.1.24 to 0.1.28 + 3d35a6c243 IntelFsp2Pkg: Adopt FSP 2.4 MultiPhase functions. + 5eeb088ad6 OvmfPkg/QemuBootOrderLib: add StoreQemuBootOrder() + db463e8e9d CloudHv/arm: switch PeiMemLib to its own + dba79765c4 CloudHv/arm: add PeiMemInfoLib + 520ba8e306 OvmfPkg/OvmfPkg*.dsc: Increase ACPI Reclaim memory size + 18b5b14932 OvmfPkg/IncompatiblePciDeviceSupportDxe: Ignore OptionRom in Sev guest + f7da805b50 RedfishPkg/RedfishDiscoverDxe: Install protocol on each network interface + 39596c41c8 OvmfPkg: Add build-flag SECURE_BOOT_FEATURE_ENABLED + 3abaa281d3 OvmfPkg/TdxDxe: Set PcdEmuVariableNvStoreReserved + 70165fa6e2 OvmfPkg/NvVarsFileLib: Shortcut ConnectNvVarsToFileSystem in secure-boot + ee91d9ef24 OvmfPkg: Reserve and init EmuVariableNvStore in Pei-less Startup + 58eb8517ad OvmfPkg/PlatformPei: Update ReserveEmuVariableNvStore + 4f173db8b4 OvmfPkg/PlatformInitLib: Add functions for EmuVariableNvStore + 0e72e8762a OvmfPkg/PeilessStartupLib: Delete TdxValidateCfv + fb008dbe01 EmbeddedPkg: Add AllocateRuntimePages in PrePiMemoryAllocationLib + 7cc7c52670 OvmfPkg: Set default Pci PCDs in Tdx guest + 1b1c58ab32 OvmfPkg: Update CcProbeLib to DxeCcProbeLib + c4bc1a9498 OvmfPkg: Add SecPeiCcProbeLib + c05a218a97 EmbeddedPkg/GdbSerialDebugPortLib: fix compile warning + b5d1dc94d0 OvmfPkg: increase max debug message length to 512 + 1a24f5fb12 OvmfPkg/BhyvePkg: use correct PlatformSecureLib + a4037690d9 EmbeddedPkg: Remove duplicated words + 05db766bee ArmPkg: Remove duplicated words + 1926702c95 ArmPlatformPkg: Remove duplicated words + 6dc4ac1347 ArmVirtPkg: Remove duplicated words + e87ac5ef49 OvmfPkg: Remove duplicated words + 0ccf955674 StandaloneMmPkg: Remove duplicated words + 22c45b7c52 ArmPlatformPkg/PrePeiCore: Invoke constructors for SEC phase + 52bf4eba45 ArmPkg: Handle warm reboot request correctly + aefcc91805 OvmfPkg/PlatformDxe: Handle all requests in ExtractConfig and RouteConfig + 165b5bcd68 OvmfPkg/PlatformDxe: Check RouteConfig arguments for spec compliance + e61f3f4ef1 OvmfPkg: Add BUILD_SHELL flag for IA32, IA32X64, X64 + 08522341c4 UefiPayloadPkg: To replace the libraries for the capsule driver. + ec87181192 IntelFsp2WrapperPkg: Rename PlatformMultiPhaseLibSample. + 6edd257861 IntelFsp2WrapperPkg: Remove duplicated words + ac55fcb051 DynamicTablesPkg: Fix typo in AmlCodeGenRdMemory32Fixed doxygen comment + 7719bc3f71 DynamicTablesPkg: Fix nested processor containers + 0a4079ad86 DynamicTablesPkg: AcpiSsdtPcieLibArm : Add UID to slot creation + b9bb27e1ff DynamicTablesPkg: Add support to build _DSD + 033ba8bb29 DynamicTablesPkg: AcpiSsdtPcieLibArm: Added function to reserve ECAM space + 5236d47854 DynamicTablesPkg: DynamicTableManagerDxe: Added check for installed tables + d9c8a9cf11 DynamicTablesPkg: DynamicPlatRepoLib: Adding more token fixers + b18c0905ee DynamicTablesPkg: DynamicPlatRepoLib: Fix incorrect dereferencing + 2081054636 DynamicTablesPkg: DynamicPlatRepoLib: Added MemoryAllocationLib to inf + 9ca7ece8b3 MdeModulePkg/NvmExpressPei: Use PCI_DEVICE_PPI to manage Nvme device + 31a94f7fba IntelFsp2WrapperPkg: Add FSP 2.4 MultiPhase interface. + df25a5457f IntelFsp2Pkg: Add FSP 2.4 MultiPhase interface. + 4b7bd4c591 UefiCpuPkg: Enhance logic in InitializeMpExceptionStackSwitchHandlers + 9ab2b34dd4 UefiCpuPkg: Use Top of each AP's stack to save CpuMpData + 76cf3d35e6 UefiCpuPkg: Simplify the implementation when separate exception stacks + d1abb876f4 UefiCpuPkg/MpInitLib: Simplify logic in SwitchBsp + 76ec17526b UefiCpuPkg: Add PCD to control SMRR enable & SmmFeatureControl support + 367604b2f4 UefiCpuPkg/MpInitLib: Fix potential issue when IDT table is at above 4G + 3c06953fd7 ShellPkg: Adds Local APIC parser to AcpiView + 04ecdc38cd UefiCpuPkg/CpuPageTableLib/UnitTest: Add host based unit test + 383d34159d .azurepipelines: Use Python 3.10.6+ + 227a133a0a Maintainers.txt: Update Maintainers/reviewers for universal payload + - Removed patches which are merged to mainline: + - ovmf-add-exclude-shell-flag.patch to add BUILD_SHELL flag for + IA32, IA32X64, X64 + - e61f3f4ef1 edk2-stable202211~354 + - Modified shim.spec, use BUILD_SHELL instead of EXCLUDE_SHELL + - Remove "-D EXCLUDE_SHELL" from ovmf-x86_64 and ovmf-x86_64-smm. + - Add "-D BUILD_SHELL=FALSE" to ovmf-x86_64 and ovmf-x86_64-smm. + - ovmf-bsc1199156-OvmfPkg-IncompatiblePciDeviceSupportDxe-Ignore-Optio.patch + to ovmf to ignore OptionRom in Sev guest + - 18b5b14932 edk2-stable202211~328 + +------------------------------------------------------------------- +Sat Nov 12 00:46:04 UTC 2022 - Joey Lee + +- Change the size of ovmf-x86_64 back to 2MB, and remove EFI shell to + reduce the fv image size. + - Originally the reason of changing the size of ovmf-x86_64 to 4MB is for + preventing OBS exposes the following error: + + [ 266s] GenFv: ERROR 3000: Invalid + [ 266s] the required fv image size 0x1afed8 exceeds the set fv image size 0x1ac000 + + The fv image size is too big. But we found that change ovmf-x86_64 to 4MB causes + live migration problem on qemu. (bsc#1204220) + - So let's change the size of ovmf_x86_64 back to 2MB and remove EFI shell + to reduce the fv image size. If user wants to use EFI shell, they should move to + ovmf-x86_64-4m image. So we add the "-D EXCLUDE_SHELL" build option to ovmf-x86_64 + flavor in ovmf.spec. (bsc#1204220) + +------------------------------------------------------------------- +Thu Oct 13 04:25:28 UTC 2022 - Joey Lee + +- Update to edk2-stable202208 (jsc#PED-1410) + - Features (https://github.com/tianocore/edk2/releases): + Add CRC16 and CRC32C to MdePkg + IntelFsp2Pkg/ConfigEditor: Support FSP 2.3 header + Extend SecureBootVariableLib interfaces + UEFI HTTPS Boot Support for HTTP Client Authentication (Basic or Digest) + Support 64bit FspResetType for X64 build + IntelFsp2Pkg/FspSecCore: Add FSP-I entry for SMM support + Add PCI_DEVICE_PPI definition to EDK2 + Support to assign the subject name to sign the capsule file + - Patches (git log --oneline --reverse edk2-stable202205..edk2-stable202208): + 7f0890776e MdeModulePkg/UniversalPayload: Align Identifier value with UPL spec + b4be5f05dd UefiPayloadPkg: Align Identifier value with UPL spec + dac2fc8146 UefiPayloadPkg: Align SpecRevision value with UPL spec + 3ca7326b37 OvmfPkg/VirtioGpuDxe: replace struct copy with CopyMem call + fa2b212d61 IntelFsp2Pkg: Add FSP 2.3 header support + 11d8abcba2 IntelFsp2Pkg: FSP_TEMP_RAM_INIT call must follow X64 Calling Convention + df1c7e91b4 IntelFsp2WrapperPkg: FSP_TEMP_RAM_INIT call for X64 Calling Convention + 62044aa99b OvmfPkg/ResetVector: Removing SEV-ES CPUID bit check + 54cd0d9b2f OvmfPkg: Fix TDVMCALL error in ApRunLoop.nasm + 64706ef761 OvmfPkg: Search EFI_RESOURCE_MEMORY_UNACCEPTED for Fw hoblist + 81ab97b7b9 OvmfPkg/AmdSev: remove unused SMM bits from .dsc and .fdf files + 0223898f3e OvmfPkg/Microvm: drop CODE and VARS files + b57911c84c OvmfPkg/FdtPciHostBridgeLib: io range is not mandatory + 47f44097eb OvmfPkg/Platform: unfix PcdPciExpressBaseAddress + ad3bafa7d5 OvmfPkg/Microvm/pcie: no vbeshim please + bd10d4e201 OvmfPkg/Microvm/pcie: mPhysMemAddressWidth tweak + 632574ced1 OvmfPkg/Microvm/pcie: add pcie support + 5c9f151e0c OvmfPkg: CloudHv: Fix FW_BASE_ADDRESS + 43f3cfce19 OvmfPkg: Check for QemuFwCfg availability before accessing it + 3129ed374c OvmfPkg: CloudHv: Rely on QemuFwCfgLibNull implementation + bf25f27e00 OvmfPkg: Don't access A20 gate register on Cloud Hypervisor + 72c5afd0b4 Security: Add HashLibTdx + b1567b2e15 CryptoPkg: Add SecCryptLib + dc443e4437 SecurityPkg: Add definition of EFI_CC_EVENT_HOB_GUID + a708536dce OvmfPkg: Introduce SecMeasurementLib + 4b0a622635 OvmfPkg/IntelTdx: Measure Td HobList and Configuration FV + ac03c339de OvmfPkg: Add PCDs for LAML/LASA field in CC EVENTLOG ACPI table + f8264e1303 MdePkg: Define CC Measure EventLog ACPI Table + 57a6ee3461 OvmfPkg/IntelTdx: Add TdTcg2Dxe + 0a4019ec9d OvmfPkg/IntelTdx: Enable RTMR based measurement and measure boot + 0b36dea3f8 BaseTools: Fix dependency issue in PcdValueInit + 4f89e4b3e8 .pytool: UncrustifyCheck: Set IgnoreFiles path relative to package path + 2818fda9bc Security: Add SecTpmMeasurementLibTdx + ff0ffe5999 OvmfPkg: Implement MeasureHobList/MeasureFvImage + a81a650da1 OvmfPkg: Delete SecMeasurementLibTdx + ff36b2550f OvmfPkg/Sec: fix stack switch + 21a9b605b8 CpuException: Avoid allocating code pages for DXE instance + 34d505123e CpuException: Init global variables in-place + 2fbc5ff0a5 CpuException: Avoid allocating page but using global variables + 2a09527ebc CpuException: Remove InitializeCpuInterruptHandlers + e7abb94d1f CpuException: Add InitializeSeparateExceptionStacks + 54aeed7e00 MpInitLib: Allocate code buffer for PEI phase + 76323c3145 MpInitLib: remove unneeded global ASM_PFX + b4d7b9d2b5 MpInitLib: Put SEV logic in separate file + 283ab9437a MpInitLib: Only allocate below 1MB memory for 16bit code + ccc269756f MpInitLib: Move the Above1Mb vector allocation to MpInitLibInitialize + f0b97e165e Revert "OvmfPkg/Sec: fix stack switch" + b09ada6edc MdePkg: Remove "assert" from SmmCpuRendevousLibNull.c + 92288f4334 MdePkg/BaseLib: Add CRC16-ANSI and CRC32c implementations + e2ae0bed29 ArmPkg/ArmExceptionLib: Follow new CpuExceptionHandlerLib APIs + 6676162f64 DxeMain: Fix the bug that StackGuard is not enabled + 16d97fa601 OvmfPkg: Use PcdOvmfWorkAreaBase instead of PcdSevEsWorkAreaBase + 05e57cc9ce SecurityPkg/HashLibTdx: Return EFI_UNSUPPORTED if it is not Tdx guest + 92ab049719 BaseTools: output the intermediate library instance when error occurs + cc2db6ebfb UefiPayloadPkg: Increase the PcdMaximumUnicodeStringLength + e8034b534a UefiPayloadPkg: Always split page table entry to 4K if it covers stack. + cfe165140a UefiPayloadPkg: UniversalPayloadBuild.py to support --pcd feature + b97243dea3 MdeModulePkg/XhciDxe: Check return value of XHC_PAGESIZE register + 3930d1791a ArmPlatformPkg: Remove overly verbose DEBUG lines in LcdGraphicsBlt + aa1bce0e5e OvmfPkg: reduce the number of dsc include files for tpm libs + 6c9f218bc0 OvmfPkg/Library: Create base HardwareInfoLib for PCI Host Bridges + 2b1a5b8c61 Ovmf/HardwareInfoLib: Create Pei lib to parse directly from fw-cfg + a1bd79c514 Ovmf/HardwareInfoLib: Add Dxe lib to dynamically parse heterogenous data + 3497fd5c26 Ovmf/PlatformPei: Use host-provided GPA end if available + 3f5b1b9132 OvmfPkg/PciHostBridgeUtilityLib: Initialize RootBridges apertures with spec + f304308e1c ArmPlatformPkg: Add PCD for serial debug port interrupt + 4bfd668e5e UefiCpuPkg: CpuDxe: Set RW and P Attributes on Split Pages + 2aee08c0b6 UefiPayloadPkg: Backward support with python 3.6 + 8f0722434b ArmVirtPkg: Include DxeHardwareInfoLib library class in dsc + 15b25045e6 Ovmf: Include HardwareInfoLib library classes for IntelTdx + b600f253b3 BaseTools/Ecc: Fix grammar in Ecc error message + 7f4eca4cc2 MdeModulePkg/XhciDxe: Add access xHCI Extended Capabilities Pointer + 5914128871 BaseTools: Fix the GenMake bug for .cpp source file + c13377153f MdePkg/Acpi62: Add type 7 NFIT Platform Capabilities Structure support + 21e6ef7522 UefiPayloadPkg: Align Attribute value with UPL spec + 8d0564deaf pip-requirements.txt: Update basetools version to 0.1.24 + f966093f5b OvmfPkg/PlatformCI: add IntelTdxBuild.py + 70586d4e3a MdePkg/Acpi62: Add bit definitions to NFIT Platform Capabilities Structure + 7861b24dc9 ArmPkg/Drivers: ArmGicIsInterruptEnabled returns incorrect value + e1eef3a8b0 NetworkPkg: Add Wi-Fi Wpa3 support in WifiConnectManager + 134fbd552c SecurityPkg: UefiSecureBoot: Definitions of cert and payload structures + d6bee54c45 SecurityPkg: PlatformPKProtectionLib: Added PK protection interface + 56c717aafa SecurityPkg: SecureBootVariableLib: Updated time based payload creator + 6de7c084db SecurityPkg: SecureBootVariableLib: Updated signature list creator + 6eb4079475 SecurityPkg: SecureBootVariableLib: Added newly supported interfaces + fe73e9cd89 SecurityPkg: SecureBootVariableProvisionLib: Updated implementation + d2a0f379d5 SecurityPkg: Secure Boot Drivers: Added common header files + 5678ebb42b SecurityPkg: SecureBootConfigDxe: Updated invocation pattern + dbc4e3675f SecurityPkg: SecureBootVariableLib: Added unit tests + 152e37cc5a OvmfPkg: Pipeline: Resolve SecureBootVariableLib dependency + f193b945ea EmulatorPkg: Pipeline: Resolve SecureBootVariableLib dependency + 9ab18fec82 StandaloneMmPkg: Fix issue about SpPcpuSharedBufSize field + 31d3eeb103 StandaloneMmPkg: Replace DEBUG_INFO with DEBUG_ERROR + 5496c763aa StandaloneMmPkg: Fix check buffer address failed issue from TF-A + e93bc6309b UefiCpuPkg/SecCore: Add debug messages to illuminate data flow + 86a0f84470 ArmVirtPkg: Pipeline: Resolving newly introduced dependency + c8e30482fd .gitignore: Ignore build tools build logs + f6f3cc7ead UefiPayloadPkg: Add CryptoDxe driver to UefiPayload + 12dd064a18 MdePkg/include: Update DMAR definitions to Intel VT-d spec ver4.0 + 9ab389c01b UefiCpuPkg: Update SEC_IDT_TABLE struct + 470206ba7f IntelFsp2Pkg: Update SEC_IDT_TABLE struct + 0d23c447d6 DynamicTablesPkg: Add support to specify FADT minor revision + 07c8e5e59b UefiPayloadPkg/PlatformBootManagerLib: Evenly space boot prompt + 176016387f BaseTools: add '-p' for Linux 'cp' command. + 039bdb4d3e BaseTools: Fix DSC LibraryClass precedence rule + fc4a132c0e DynamicTables: Fix DT PCI interrupt flags parsing + 792ebb6374 DynamicTablesPkg: Fix generated _HID value for SBSA + c966204049 IntelFsp2Pkg: Add Definition of EDKII_PEI_VARIABLE_PPI + 586b4a104b Maintainers.txt: Add IntelFsp2*Pkg Maintainer + e18a5f813c Maintainers.txt: Update Maintainers/reviewers for UefiPayloadPkg + e21b203911 UefiPayloadPkg: Add macro to support selective driver in UPL + f0064ac3af Maintainers.txt: Update email address + 6cda306da1 DynamicTablesPkg: AcpiSsdtPcieLibArm: Correct translation value + 9ac155bf0b DynamicTablesPkg: AcpiSsdtPcieLibArm: Support UID > 0xF + 19a8768365 DynamicTablesPkg: AcpiSsdtPcieLibArm: Create support library + 671b0cea51 NetworkPkg/HttpBootDxe: Add Support for HTTP Boot Basic Authentication + 140446cd59 IntelFsp2Pkg: Support 64bit FspResetType for X64 build. + 24eac4caf3 IntelFsp2WrapperPkg: Support 64bit FspResetType for X64 build. + 4824924377 IntelFsp2Pkg/FspSecCore: Add FSP-I API for SMM support. + 3b8cee1781 Maintainers.txt: update Gary's email address + 7ef91af84c EmulatorPkg/PosixFileSystem: Add NULL check on memory allocation + 494f333aba MdeModulePkg/CoreDxe: Allow DXE Drivers to use untested memory + 343f37b5c0 MdeModulePkg/SetupBrowserDxe:Follow spec'd way to reconnect driver + c8af26627a ArmPkg/CpuDxe: drop ARM_PROCESSOR_TABLE pseudo-ACPI table + 5a3641bfcd IntelFsp2Pkg: Add FSPI_ARCH_UPD. + bf1ff540d9 MdePkg/UefiDevicePathLib: Add support for PEIMs + 6964b5c48c MdeModulePkg/Include: Long debug string is truncated to 104 char + d32a84b5ad BaseTools: INF should use latest Pcd value instead of default value + 8ee26529d1 BaseTools/VolInfo: Correct alignment attributes display + c0b7679aac BaseTools/VolInfo: Increase define for highest section value + fca5de51e1 BaseTools/VolInfo: Correct EFI_SECTION_VERSION display + 8a5782d704 UefiCpuPkg: Fix nasm warning "signed byte value exceeds" + a47241f133 UefiPayloadPkg: Add macro to support selection of CryptoDxe driver + 69f76d0f72 Maintainers.txt: Remove OvmfPkg/XenTimerDxe reference + a8c4fe23c4 Maintainers.txt: Add missing github ids + 7f1c89f167 Maintainers.txt: Remove reviewer Harry Han + b68d566439 BaseTools/Capsule: Support signtool input subject name to sign capsule file + e3d468acb9 BaseTools/VolInfo: Show encapsulation sections + 2677286307 UefiPayloadPkg: Fix RelaAddress type always mismatch in if condition + f26b70cb9f UefiPayloadPkg: Add support for logging to CBMEM console + 57783adfb5 OvmfPkg: Change default to disable MptScsi and PvScsi + 1774a44ad9 Maintainers.txt: Remove MptScsi and PvScsi reviewers + 0e7add1d75 OvmfPkg/XenHypercallLib: Fix naming of AArch64 + 3eca64f157 IntelFsp2Pkg: FSPI_UPD is not mandatory. + 0d0bfcb457 IntelFsp2Pkg: Fix GenCfgOpt bug for FSPI_UPD support. + 8a210b9ac0 ShellPkg: Acpiview: Abbreviate field names to preserve alignment + 65c4f3f2be DynamicTablesPkg: Handle error when IdMappingToken is NULL + f5cea604a6 DynamicTablesPkg: IORT set reference to Id array only if present + 238f903e8d DynamicTablesPkg: IORT set reference to interrupt array if present + 4c55f6394f MdePkg: IORT header update for IORT Rev E.d spec + cd67efa1b2 ShellPkg: Acpiview: IORT parser update for IORT Rev E.d spec + de200b7e2c DynamicTablesPkg: Update ArmNameSpaceObjects for IORT Rev E.d + e9150618ec DynamicTablesPkg: IORT generator updates for Rev E.d spec + 6f4e10d6db SecurityPkg: Add retry mechanism for tpm command + 19cbfaa431 OvmfPkg/QemuVideoDxe: Zero out PixelInformation in QueryMode + a551de0d93 ArmVirtPkg: Fix KVM Guest Firmware + 0dc9b78a46 Maintainers.txt: Add missing Github IDs for OvmfPkg TPM/TGC modules + d219119721 UefiPayloadPkg/PlatformBootManagerLib: Correct spacing in boot prompt + 79aab22fca UefiPayloadPkg: Add a Macro to enable Boot Logo + 444260d45e UefiPayloadPkg: Load Boot Logo into ACPI table + 86757f0b47 MdeModulePkg: Add EDKII_PCI_DEVICE_PPI definition + a8f59e2eb4 MdeModulePkg/AhciPei: Use PCI_DEVICE_PPI to manage AHCI device + 3e599bbc10 DynamicTablesPkg: Fix using RmrNodeCount unitlitialised + a0a03b5154 BaseTools/GenSec: Fix typo + f5f8c08db9 BaseTools/VolInfo: Show FV section boundaries + d241a09afb BaseTools/VolInfo: Parse EFI_SECTION_FREEFORM_SUBTYPE_GUID header + cf02322c98 BaseTools/GenSec: Support EFI_SECTION_FREEFORM_SUBTYPE_GUID sections + 1ee1622817 Basetools/GenFw: Allow AARCH64 builds to use the --prm flag + 9f197e44b1 PrmPkg: Enable external visibility on PRM symbols + 21200d9fe6 PrmPkg: Build Prm Samples with GCC for AARCH64 + 57faeb782a PrmPkg: Support AArch64 builds using GCC + 1da2012d93 PrmPkg: Add details on AArch64 build to the Readme. + 0f7bccf584 UefiCpuPkg: Simplify InitializeSeparateExceptionStacks + 9a24c3546e MdeModulePkg: Move CPU_EXCEPTION_INIT_DATA to UefiCpuPkg + f1688ec9da UefiCpuPkg: Simplify the struct definition of CPU_EXCEPTION_INIT_DATA + 75e3c2435c UefiCpuPkg: Create CpuPageTableLib for manipulating X86 paging structs + f336e30ba1 UefiCpuPkg/CpuPageTableLib: Return error on invalid parameters + bf334513b3 CpuPageTableLib: Fix a bug when a bit is 1 in Attribute, 0 in Mask + 13a0471bfd CpuPageTableLib: Refactor the logic + 9cb8974f06 CpuPageTableLib: Split the page entry when LA is aligned but PA is not + c16f02f776 CpuPageTableLib: Avoid treating non-leaf entry as leaf one + f4c845e46b CpuPageTableLib: Fix parent attributes are not inherited properly + 9f53fd4ba7 CpuPageTableLib: Fix a bug to avoid unnecessary changing to page table + 927113c83b CpuPageTableLib: Fix bug that wrongly requires extra size for mapping + e9e2ecab2d CpuPageTableLib: define IA32_PAGE_LEVEL enum type internally + e76496530c MdePkg/Library/UefiDevicePathLib: Add back StandaloneMm INF file + bd06717863 MdeModulePkg: Enhance bus scan for all root bridge instances + 74f44d920a ShellPkg/SmbiosView: Display extended memory info in smbiosview -t 17 + 83d5871184 UefiCpuPkg/PiSmmCpuDxeSmm: Add a new mIsShadowStack flag + 7b4754904e UefiCpuPkg/PiSmmCpuDxeSmm: Remove mInternalCr3 in PiSmmCpuDxeSmm + 62391b4ce9 MdeModulePkg/DxeIpl: Remove clearing CR0.WP when protecting pagetable + 803ed060ee UefiPayloadPkg: Remove clearing CR0.WP when protecting pagetable + a2b61de2f6 IntelFsp2Pkg: FSPM_ARCH2_UPD mismatching bug. + 809b5a3d2a MdeModulePkg: Update the SMBIOS version by UPL + 2812668bfc UefiCpuPkg/CpuPageTableLib/UnitTest: Add host based unit test + 30d62f5e31 OvmfPkg/PlatformDxe: Check ExtractConfig and RouteConfig arguments + b94836b224 OvmfPkg/VirtioGpuDxe: Check QueryMode arguments + 3f282f4510 OvmfPkg/VirtioFsDxe: Check GetDriverName arguments + 64a20bea97 MdeModulePkg/DumpDynPcd: Remove unsupported format specifiers + 9102518d29 MdePkg: Improved Smbios Type9 table and Smbios spec v3.5.0 Changes + 35d167ef3c ShellPkg: Improved Smbios Type 9 table changes in PrintInfo.c + 68bf712d4f MdePkg: Added support for SMBIOS spec v3.6.0 to Smbios.h + e2ac68a23b BaseTools/Source/C/GenSec: Fix EFI_SECTION_FREEFORM_SUBTYPE_GUID header + d5fd86f256 ShellPkg: Adds Local APIC parser to AcpiView + 2bb0020675 UefiPayloadPkg: Return PciRootBridges instead of NULL + c15c9fa420 UefiPayloadPkg: Add macro to control NvmExpressDxe + 938430741f RedfishPkg/RedfishDiscoverDxe: USB Redfish host interface is not supported + eebef1b3b7 RedfishPkg: Redfish modules may need to use the functions which are private + f2bf043aaa RedfishPkg: Redfish functions for REST requests are not fully spec complied + dfdba857a6 UefiPayloadPkg: Fix Coverity report defect + 4d83ee04f4 ShellPkg: Add revision check for DSDT Header on Arm + 0ede7cad73 Maintainers.txt: Update maintainers list + 722e03bc2e Revert "UefiCpuPkg/CpuPageTableLib/UnitTest: Add host based unit test" + 166c49c212 Revert "ShellPkg: Adds Local APIC parser to AcpiView" + 39ff9769ca Revert "BaseTools: Fix DSC LibraryClass precedence rule" + ba0e0e4c6a BaseTools: Fix DevicePath GNUmakefile for macOS + - Respin the following patches: + ovmf-Revert-UefiCpuPkg-Replace-Opcode-with-the-correspond.patch + +------------------------------------------------------------------- +Mon Sep 19 11:16:00 UTC 2022 - Joey Lee + +- Add patches to disable option ROM on sev (bsc#1199156) + ovmf-bsc1199156-OvmfPkg-IncompatiblePciDeviceSupportDxe-Ignore-Optio.patch + +------------------------------------------------------------------- +Mon Sep 12 11:10:13 UTC 2022 - Joey Lee + +- Modified ovmf.changes log, using PED-1410 instead of PED-1359 for + pushing to SLE15-SP5. + +------------------------------------------------------------------- +Tue Sep 6 04:15:26 UTC 2022 - Joey Lee + +- Because 5 revert patches in edk2-stable202205 for nasm-2.14 is against + 15-SP4/Leap 15.4 and earlier version. So add suse_version and sle_version + checking logic in ovmf.spec when applying revert patches. (jsc#PED-1410) + +------------------------------------------------------------------- +Tue Aug 23 13:00:42 UTC 2022 - Joey Lee + +- Removed patches in ovmf-bsc1196879-sev-fix.patch which are merged to + edk2-stable202205: + - OvmfPkg/AmdSev: reserve snp pages + - de463163d9 edk2-stable202205-rc1~292 + - OvmfPkg/ResetVector: cache the SEV status MSR value + - 63c50d3ff2 edk2-stable202205-rc1~291 + - OvmfPkg/BaseMemEncryptLib: use the SEV_STATUS MSR + - f1d1c337e7 edk2-stable202205-rc1~290 + +------------------------------------------------------------------- +Tue Aug 16 05:20:44 UTC 2022 - Joey Lee + +- Update to edk2-stable202205 + - Features (https://github.com/tianocore/edk2/releases): + Support PEI 64bit in IntelFsp2Pkg and IntelFsp2WrapperPkg + IntelFsp2Pkg: BaseFspCommonLib Support for X64 Build + Add PrmPkg + BaseTools Enhance GenFw to support PRM GCC build + Enable Intel TDX in OvmfPkg + Generate CloudHv target as PVH ELF binary + Add parallel hash feature into BaseCryptLib + Configure/Enable elliptic curve ciphers in OpenSSL + Add FMMT tool into edk2 BaseTools + Dynamic variable flash information cannot be passed in Standalone MM + - Patches (git log --oneline --reverse edk2-stable202202~..edk2-stable202205): + b24306f15d NetworkPkg: Fix incorrect unicode string of the AKM/Cipher Suite + 2dbed52506 ArmVirtPkg/ArmVirtMemoryInitPeiLib: avoid redundant cache invalidation + 54cddc3ad4 ArmVirtPkg/ArmVirtKvmTool: wire up configurable timeout + de463163d9 OvmfPkg/AmdSev: reserve snp pages + 63c50d3ff2 OvmfPkg/ResetVector: cache the SEV status MSR value in workarea + f1d1c337e7 OvmfPkg/BaseMemEncryptLib: use the SEV_STATUS MSR value from workarea + b1b89f9009 MdeModulePkg: Correct high-memory use in NvmExpressDxe + 84338c0d49 MdeModulePkg: Replace Opcode with the corresponding instructions. + d3febfd9ad MdePkg: Replace Opcode with the corresponding instructions. + 7bc8b1d9f4 SourceLevelDebugPkg: Replace Opcode with the corresponding instructions. + 2aa107c0aa UefiCpuPkg: Replace Opcode with the corresponding instructions. + bbaa00dd01 MdePkg: Remove the macro definitions regarding Opcode. + 6a890db161 BaseTools: Upgrade the version of NASM tool + 497ac7b6d7 UefiPayloadPkg/PayloadLoaderPeim: Use INT64 as input parameter + dc39554d58 edk2/MdeModulePkg/Debuglib: Add Standalone MM support + 906242343f MdeModulePkg/GraphicsConsoleDxe: Check status to make sure no error + b422b0fcf9 EmulatorPkg/EmuGopDxe: Set ModeInfo after Open successfully + 589d51df26 MdeModulePkg/Usb/Keyboard.c: Don't request protocol before setting + b909b4ad09 OvmfPkg: Make the Xen ELF header generator more flexible + 0a707eb258 OvmfPkg: Xen: Use a new fdf include for the PVH ELF header + 0015a4e0a8 OvmfPkg: Xen: Generate fdf include file from ELF header generator + 9ac8c85d50 OvmfPkg: CloudHv: Remove VARS and CODE sections + e1c7f9b4e5 OvmfPkg: Generate CloudHv as a PVH ELF binary + d50d9e5549 OvmfPkg: CloudHv: Retrieve RSDP address from PVH + 82bfd2e86d OvmfPkg: CloudHv: Rely on PVH memmap instead of CMOS + b83d0a6438 OvmfPkg: CloudHv: Add README + 4a68176cb5 UefiCpuPkg: Extend SMM CPU Service with rendezvous support. + 949b8a3d97 Maintainers.txt: Add new reviewer for UefiPayloadPkg + 091b6a1197 UefiPayloadPkg: Add build option for Above 4G Memory + 4adc364c75 UefiPayloadPkg: Fix case of protocol + 79f2734e5a MdeModulePkg: Add a check for metadata size in NvmExpress Driver + af74efe494 UefiPayloadPkg: Make Boot Manager Key configurable + 62fa37fe7b BlSupportSmm: fix definition of SetSmrr() + 56530dec11 .pytool/Plugin/UncrustifyCheck: Output file diffs by default + 2aac8bb7ef .pytool: Update to newest pytools + c63ef58698 .azurepipelines: Updated python version + f06941cc46 MdeModulePkg: Add bRefClkFreq card attribute programming support + 2b175eeb6a RedfishPkg: fix memory leak issue + 10b4c8f3b7 Maintainers: Update Maintainers.txt for edk2 Redfish modules + 0fdd466c75 UefiCpuPkg/MpInitLib:remove optional in declaration + 52e09dcd7a UefiCpuPkg: Support FFS3 GUID in SearchForBfvBase.asm + a13dfc769b MdeModulePkg/DxeIpl: Create 5-level page table for long mode + c8ea48bdf9 DynamicTablesPkg: Fix serial port namespace path in DBG2 + 414cd2a4d5 BaseTools/GenFw: Enhance GenFw to support PRM GCC build + 33438f7354 EmulatorPkg/RedfishPlatformCredentialLib: Check EFI_SECURE_BOOT_MODE_NAME + 5b56c52b5c EmulatorPkg/RedfishPlatformCredentialLib: Don't stop Redfish service + 0531f61376 IntelFsp2Pkg: BaseFspDebugLibSerialPort Support for X64 + 411b3ff6dd IntelFsp2Pkg: BaseFspSwitchStackLib Support for X64 + b429959bb6 MdeModulePkg/SdMmcPciHcDxe: Make timeout for SD card configurable + 79a705fbaf UefiPayloadPkg: Hookup SD/MMC timeout + 28eeb08d86 MdePkg/Include: Smbios Specification 3.5.0 changes + c1e662101a CryptoPkg: Add new hash algorithm ParallelHash256HashAll in BaseCryptLib. + 267a92fef3 MdePkg/AcpiXX.h: Update Error Severity type for Generic Error Status Block + ec0b54849b IntelFsp2Pkg: BaseFspCommonLib Support for X64 + 5d8d8b5148 MdeModulePkg/NvmExpressDxe: fix check for Cap.Css + 69218d5d28 MdeModulePkg/NvmExpressPei: fix check for NVM command set + bf9230a9f3 BaseTools: Add the FeatureFlagExpression usage to the Source Section + 3115377bf0 BaseTools: Remove the redundant __FLEXIBLE_SIZE from PcdValueInit.c + 4a2e1000a1 CryptoPkg: update openssl submodule to 1.1.1n + 355515a06a CryptoPkg? Redefinition bug in CrtLibSupport.h. + 7b005f344e BaseTools: fix gcc12 warning + 85021f8cf2 BaseTools: fix gcc12 warning + 22130dcd98 Basetools: turn off gcc12 warning + ec30a4a0c3 BaseTools:Support decimal version number in ECC check + 3ef2071927 UefiCpuPkg: Update BFV searching algorithm in VTF0 + 691b178667 ShellPkg/AcpiView: Adds ACPI_PARSER bitfield parser + 40004ff9d5 ShellPkg/AcpiView: PrintFormatter for FADT Flags field + 7456990e8e MdeModulePkg/Ufs: bRefClkFreq attribute be programmed after fDeviceInit + 237c966396 UefiPayloadPkg/UefiPayloadPkg.ci.yaml: Remove duplicated entry + 76191052fd UefiPayloadPkg: Fix build error + 449eb01a8d UefiPayloadPkg: Fix architecture in the build instruction + c248802e40 UefiPayloadPkg: Fix PciHostBridgeLib + 2b4b8013fe UefiPayloadPkg/Library/PlatformBootManagerLib: Remove broken VGA detection + 55637a2894 UefiPayloadPkg: Make Boot Timeout configurable + 2268920afc .azurepipelines: Use Python 3.8 + c3ca70669e .azurepipelines: Use windows-2019 VM image + 3b0de44759 EmulatorPkg: Use windows-2019 VM image + 75628d27c0 OvmfPkg: Use windows-2019 VM image + b328bb54c6 BaseTools/Bin: Update GCC ARM compiler version + 3f0c788a5f MdePkg: Add Tdx.h + 77228269e7 MdePkg: Update Cpuid.h for Tdx + 818bc9596d MdePkg: Introduce basic Tdx functions in BaseLib + c3001cb744 MdePkg: Add TdxLib to wrap Tdx operations + eddcba40b5 UefiCpuPkg: Extend VmgExitLibNull to handle #VE exception + daf8f642f3 OvmfPkg: Extend VmgExitLib to handle #VE exception + de327f7d8a UefiCpuPkg/CpuExceptionHandler: Add base support for the #VE exception + ab9d790901 MdePkg: Add helper functions for Tdx guest in BaseIoLibIntrinsic + b6b2de8848 MdePkg: Support mmio for Tdx guest in BaseIoLibIntrinsic + d74e932681 MdePkg: Support IoFifo for Tdx guest in BaseIoLibIntrinsic + 3571fc906f MdePkg: Support IoRead/IoWrite for Tdx guest in BaseIoLibIntrinsic + 7bed7ae6c5 UefiCpuPkg: Support TDX in BaseXApicX2ApicLib + d983b102b3 MdePkg: Add macro to check SEV / TDX guest + 88da06ca76 UefiCpuPkg: Enable Tdx support in MpInitLib + 352eabdcd5 OvmfPkg: Add IntelTdx.h in OvmfPkg/Include/IndustryStandard + 6a608255bb OvmfPkg: Add TdxMailboxLib + 57bcfc3b06 OvmfPkg: Create initial version of PlatformInitLib + 102cafedad OvmfPkg/PlatformInitLib: Add hob functions + 9a9b33b3d6 OvmfPkg/PlatformPei: Move global variables to PlatformInfoHob + 5a2574a82e OvmfPkg/PlatformPei: Refactor MiscInitialization + 6d2ce5fd5c OvmfPkg/PlatformPei: Refactor MiscInitialization for CloudHV + 3dd47f9544 OvmfPkg/PlatformPei: Refactor AddressWidthInitialization + 432e4acd87 OvmfPkg/PlatformPei: Refactor MaxCpuCountInitialization + f3801cf26c OvmfPkg/PlatformPei: Refactor QemuUc32BaseInitialization + e510326245 OvmfPkg/PlatformPei: Refactor InitializeRamRegions + 12e860a1e8 OvmfPkg/PlatformPei: Refactor MemMapInitialization + cec82a64cf OvmfPkg/PlatformPei: Refactor NoexecDxeInitialization + f53f449f15 OvmfPkg/PlatformPei: Refactor MiscInitialization + 10460942ff OvmfPkg/PlatformInitLib: Create MemDetect.c + 96047b6663 OvmfPkg/PlatformInitLib: Move functions to Platform.c + b22ac35b75 OvmfPkg: Update PlatformInitLib to process Tdx hoblist + ccca1c2d5d OvmfPkg/Sec: Declare local variable as volatile in SecCoreStartupWithStack + 2b80269d98 OvmfPkg: Update Sec to support Tdx + 6b27c11690 OvmfPkg: Check Tdx in QemuFwCfgPei to avoid DMA operation + bec9104201 MdeModulePkg: Skip setting IA32_ERER.NXE if it has already been set + fd306d1dbc MdeModulePkg: Add PcdTdxSharedBitMask + cc3620f304 UefiCpuPkg: Update AddressEncMask in CpuPageTable + e23f8f52fd OvmfPkg: Update PlatformInitLib for Tdx guest + cf17156d7d OvmfPkg: Update PlatformPei to support Tdx guest + 9fdc70af6b OvmfPkg: Update AcpiPlatformDxe to alter MADT table + 5aa8018639 OvmfPkg/BaseMemEncryptTdxLib: Add TDX helper library + fae5c1464d OvmfPkg: Add TdxDxe driver + 07c721fea7 OvmfPkg/QemuFwCfgLib: Support Tdx in QemuFwCfgDxe + 2520182122 OvmfPkg: Update IoMmuDxe to support TDX + c2e7be4055 OvmfPkg: Rename XenTimerDxe to LocalApicTimerDxe + 299c44cd4f UefiCpuPkg: Setting initial-count register as the last step + c37cbc030d OvmfPkg: Switch timer in build time for OvmfPkg + 580a6b616b OvmfPkg: Add TdxWorkArea definition + 75942a52ae OvmfPkg: Add PrePiHobListPointerLibTdx + 4fe2678411 OvmfPkg: Add PeilessStartupLib + 1f29de4d20 OvmfPkg/IntelTdx: Add Sec to bring up both Legacy and Tdx guest + 55fda68a80 OvmfPkg: Update TdxDxe to set TDX PCDs + f674fa9cde OvmfPkg: Update DxeAcpiTimerLib to read HostBridgeDevId in PlatformInfoHob + 149ed8e421 OvmfPkg/IncompatiblePciDeviceSupportDxe: Refine the configuration + c477b2783f OvmfPkg/IncompatiblePciDeviceSupportDxe: Ignore OptionRom in Td guest + cb8349f01a MdeModulePkg: Update PciEnumeratorSupport to ignore OptionRom if needed + 44a53a3bdd OvmfPkg: Introduce IntelTdxX64 for TDVF Config-B + 7fda517c3d OvmfPkg: Add dependency of VariableSmm driver to make it work normally. + b953265a27 UefiPayloadPkg: Add a new DebugPrintErrorLevelLib instance + 0023e35cf4 UefiPayloadPkg: Change some configuration of the payload + 3e130e40fc UefiPayloadPkg: Consume the new added DebugPrintErrorLevelLib instance + f16b05a13b .pytool/Plugin/UncrustifyCheck: Update func to return absolute paths + dbfbaedb21 .pytool/Plugin/UncrustifyCheck: Add ignore file support + d932199d39 OvmfPkg: Revert Uncrustify formatting in VbeShim.h files + ad6816c319 OvmfPkg: Do not check VbeShim.h formatting with Uncrustify + d2998af211 PrmPkg: Add package and include headers + 5f76c3e471 PrmPkg: Add PrmConfig protocol interface + e189e01af2 PrmPkg/PrmContextBufferLib: Add initial library instance + 3f7af17c6b PrmPkg/PrmConfigDxe: Add initial driver + 9276e0d2b9 PrmPkg: Add initial PrmSamplePrintModule + c63905aba7 PrmPkg: Add initial PrmSampleMemoryAllocationModule + 27b1a840e4 PrmPkg: Add initial PrmSampleHardwareAccessModule + 7c41ec47ca PrmPkg: Add initial PrmSampleContextBufferModule + 97ab54c1b1 PrmPkg: Add initial package DSC file + d2cb6e67a4 Readme.md: Add initial content + e846797662 PrmPkg: Add ALLOCATE_CONTEXT_BUFFER_IN_FW build option + a6f8946bc9 PrmPkg: Enable variable growth for the PRM_MODULE_EXPORT macro + ef05955996 PrmPkg: Publish PRM operation region to support PRM ACPI _DSM invocation + f96517f4d0 PrmPkg: Export major/minor version in PRM module PE COFF header + 50e1432a40 PrmPkg: Add initial PrmSsdtInstallDxe module + a409f4b67d PrmPkg: Remove PRM Module Update Lock + 0797989c5d PrmPkg: Remove ALLOCATE_CONTEXT_BUFFER_IN_FW build flag + 0b469caff6 PrmPkg/PrmContextBuffer.h: Add ACPI parameter support structures + be2c927d7c PrmPkg/PrmLoaderDxe: Add ACPI parameter buffer support + c1a7a50f67 PrmPkg/PrmSampleContextBufferModule: Remove OS debug print requirement + 4c8486fd72 PrmPkg/PrmSampleHardwareAccessModule: Add non-print PRM handlers + 7217263514 PrmPkg/SampleAcpiParameterBufferModule: Add initial module + fec018624c PrmPkg/HardwareAccessModuleConfigLib: Add initial library + d10b8dc5d8 PrmPkg/Samples/Readme.md: Add initial file + 6b7dde7cdd PrmPkg: Refactor some PrmLoaderDxe functionality into libraries + 4348c72ad0 PrmPkg/Application/PrmInfo: Add initial application + e10c776487 PrmPkg: Enforce stricter types + 2e55b0cd9e PrmPkg/Test/PrmPkgHostTest.dsc: Add initial file + 3599f5479d PrmPkg/Test/UnitTest/Library: Add initial UEFI Boot Services test lib + 82d15dc6c1 PrmPkg/Library/DxePrmContextBufferLib: Add host-based unit tests + 68ee42c991 PrmPkg/DxePrmModuleDiscoveryLib: Add initial host-based unit tests + c040831cf9 PrmPkg: Add PlatformGuid + a9302b89a9 PrmPkg: Update PRM OpRegion + f8e68587e2 Readme.md: Add iASL note and QEMU sample link + 4a4aeaa446 PrmPkg: Replace PcdPrmPlatformGuid with EDKII_DSC_PLATFORM_GUID + 17b2d64ced PrmPkg/Samples: Remove PrmSampleMemoryAllocationModule + 050b2ba27d PrmPkg/Samples: Remove PrmSamplePrintModule + 88f3d734f5 PrmPkg: Remove the concept of OS services + deea4e58b0 Readme.md: Add a link to PRM Specification + f3c11224b5 PrmPkg: Changes for edk2 repo transition + a298a84478 PrmPkg: Apply uncrustify changes + 94f905b3bf MdeModulePkg/HiiDatabase: Fix Setup numeric default value incorrect issue + b8c5ba2337 BaseTools: efi_debugging.py: Add debugger agnostic dbg Python Classes + 0d7fec9f79 BaseTools: Scripts/efi_gdb.py: Add gdb EFI commands and pretty Print + 4f4afcd288 BaseTools: Scripts/efi_lldb.py: Add lldb EFI commands and pretty Print + bfefdc2c49 UefiPayloadPkg: Fix PciHostBridgeLib + 676084303d UefiPayloadPkg: Support IA32 Build + 63e155f24d UefiPayloadPkg: Add dependency of VariableSmm driver. + dab96cf02e UefiPayloadPkg: Add --quiet argument to Universal Payload build script + 35a4b63247 NetworkPkg: Add PCDs for HTTP DNS RetryCount and RetryInterval + 38a9afd0fb NetworkPkg/HttpDxe: Decofigure Tcp4 before reconfiguring + 3974aa539e NetworkPkg/HttpDxe: Decofigure Tcp6 before reconfiguring + c43ff5188d NetworkPkg/HttpDxe: Add ConnectionClose flag fo HTTP_PROTOCOL + 753fd319e2 NetworkPkg/HttpDxe: Detect 'Connection: close' header + 12a50c9ce1 NetworkPkg/HttpDxe: Detect HTTP/1.0 servers + 5576b17363 BaseTools: Fix DevicePath tool build failure issue + 4352d115c4 CryptoPkg/CrtLibSupport: add fcntl.h + 3b4b49cf00 CryptoPkg/CrtLibSupport: add strstr() + 58771f4b2d CryptoPkg/CrtLibSupport: add INT_MIN + 2759e42fbc CryptoPkg/CrtLibSupport: add UINT_MAX + fd5f347c84 CryptoPkg/CrtLibSupport: add MODULESDIR + 03951e5645 CryptoPkg/CrtLibSupport: add off_t + fab6285a73 CryptoPkg/CrtLibSupport: fix strcpy + f5508a91e3 CryptoPkg/UnitTest: fix DH testcase + c411566fad pip-requirements.txt: Update basetools version to 0.1.17 + 8a5727c7a8 Maintainers.txt: Add Michael Kubacki as UnitTestFrameworkPkg maintainer + 1a49e2aa3c CryptoPkg: Add instrinsics to support building ECC on IA32 windows + efc39e65e5 CryptoPkg: Reconfigure OpensslLib to add EC algorithms + 0c901fcc20 CryptoPkg: Make EC source file config-able + f3da13461c CryptoPkg/TlsLibNull: Remove MU_CHANGE comment markers + 4cfb28f12a UefiPayloadPkg: Fix the build failure + 9bf7291d63 ShellPkg: Update smbiosview type 41 with SMBIOS 3.5 fields + 630df8c86e IntelFsp2Pkg: X64 compatible changes to support PEI in 64bit + 6f219bef55 IntelFsp2Pkg: Add FSPx_ARCH2_UPD support for X64 + d40965b987 IntelFsp2Pkg: Update FSP_GLOBAL_DATA and FSP_PLAT_DATA for X64 + 00aa71ce20 IntelFsp2Pkg: FspSecCore support for X64 + 6bec5a66ea IntelFsp2Pkg: SecFspSecPlatformLibNull support for X64 + 4a6ed7e46a IntelFsp2WrapperPkg: Adopt FSPM_UPD_COMMON_FSP24 for X64 + 86a2f3c439 IntelFsp2WrapperPkg: BaseFspWrapperApiLib support for X64 + 91a03f78ba IntelFsp2WrapperPkg: SecFspWrapperPlatformSecLibSample support for X64 + 3d97733f44 MdePkg: Add CC_GUEST_TYPE in ConfidentialComputingGuestAttr.h + d020ac55b6 OvmfPkg: Replace GUEST_TYPE with CC_GUEST_TYPE + 74a3eb975d MdePkg: Add CcProbeLibNull + 2f44d77c68 OvmfPkg: Add CcProbeLib + 2a7e1e890d OvmfPkg: Add CcProbeLib in *.dsc + 7012cb73c4 MdePkg: Probe Cc guest in BaseIoLibIntrinsicSev + 76fda1def3 OvmfPkg: Call CcProbe in SecMain.c instead of TsIsEnabled + 532bd4ec38 CryptoPkg/Crt: fix strcpy build on older VS compilers + 6d2baf9dfb PrmPkg/DxePrmContextBufferLib: Fix unit test GCC compilation errors + 892787fed5 OvmfPkg/OvmfPkgX64: Adjust load sequence of TdxDxe and AmdSevDxe driver + b06a007b64 CryptoPkg: Declare PcdEcEnabled in Library consuming OpensslLib + fdfbf1fdab MdePkg: Update smbiosview type 9 with SMBIOS 3.5 fields + a85ae8d964 ShellPkg: Update smbiosview type 9 with SMBIOS 3.5 fields + 2306555bf9 UefiPayloadPkg: Fix IA32 entry build failure + f4dfec6ca1 BaseTools: Move gPlatformFinalPcd to Datapipe and optimize size + ee582858c4 .azurepipelines: Add NOOPT to all package builds + 2d9d605714 .pytool/Plugin/UncrustifyCheck: Add Azure DevOps UI debug instructions + b807174fec MdeModulePkg/GraphicsConsoleDxe: add modes + 5a17629902 OvmfPkg: clear PcdConOut{Row,Column} + 96e1d337e0 ArmVirtPkg: clear PcdConOut{Row,Column} + 483d3bb716 ShellPkg: Update smbiosview type 0 with SMBIOS 3.5 fields + ecc79b092e OvmfPkg/VirtioGpuDxe: add VirtioGpuSendCommandWithReply + 182122914c OvmfPkg/VirtioGpuDxe: add GetDisplayInfo to virtio-gpu spec header. + 82c07f2cc7 OvmfPkg/VirtioGpuDxe: add VirtioGpuGetDisplayInfo + 5f6ecaa398 OvmfPkg/VirtioGpuDxe: use GopQueryMode in GopSetMode + 86de090b99 OvmfPkg/VirtioGpuDxe: move code to GopInitialize + 916f90baa5 OvmfPkg/VirtioGpuDxe: query native display resolution from host + d372ab585a BaseTools/Conf: Fix Dynamic-Library-File template + cabd96ad03 OvmfPkg: restore CompatImageLoaderDxe chunk + 4092f1d397 OvmfPkg/Bhyve: add support for QemuFwCfg + daa6cd8763 ArmPlatformPkg: Fix error message in Scripts/Ds5/edk2_debugger.py + 5299568ce6 ArmPlatformPkg: Fix target initialisation in cmd_load_symbols.py + 101f4c7892 ArmPlatformPkg: Fix EDK2_DSC check in Scripts/Makefile + a64b944942 BaseTools: Add FMMT Python Tool + 826527c9db UefiPayloadPkg: Add definition for PayloadCommandLine HOB + d4eef3fe7c MdePkg: Add CpuLib to module INFs that depend on UefiCpuLib. + a63b086e69 IntelFsp2Pkg: Add CpuLib to module INFs that depend on UefiCpuLib + 3afa0a2096 IntelFsp2WrapperPkg: Add CpuLib to module INFs that depend on UefiCpuLib. + 1783b099d3 OvmfPkg: Add CpuLib to module INFs that depend on UefiCpuLib. + 86d41c077e UefiCpuPkg: Add CpuLib to module INFs that depend on UefiCpuLib. + 2434f6f206 UefiPayloadPkg: Add CpuLib to module INFs that depend on UefiCpuLib. + 247a0fc65e OvmfPkg: Add README for TDVF + 8079d4dc4f MdePkg: add SmmCpuRendezvousLib.h and SmmCpuRendezvousLibNull implement. + 1a6c837638 UefiPayloadPkg: Fix the UPL build failure + 29ae55a0b8 PcAtChipsetPkg: Change the flow of PcRtcInit() + a658ed30e5 MdeModulePkg/PCD: Pcd initialize DXE have assert + 0e31124877 .pytool: Fix python command error in self introduction doc + 43613b2fe8 CryptoPkg: Rename PCD about openssl EC configuration + f753c36209 CryptoPkg: Separate auto-generated openssl config and edk2 openssl config + 499b0d5fa5 CryptoPkg: Update process_files.pl to automatically add PCD config option + a332ffb6ef CryptoPkg/openssl: update generated files + 9dd964f5e5 CryptoPkg/openssl: disable codestyle checks for generated files + b5cd30a79b UefiCpuPkg: Revert "UefiCpuPkg: Enable Tdx support in MpInitLib" + ad629b5c5a OvmfPkg: Add MpInitLibDepLib related PPI/Protocol definitions + 2f06e5af47 OvmfPkg: Add MpInitLibDepLib + b63a49e056 OvmfPkg/Sec: Install MpInitLibDepLib PPIs in SecMain.c + 73d6d41de0 OvmfPkg/TdxDxe: Install MpInitLibDepLib protocols + deee7a100b OvmfPkg: Enable 2 different CpuMpPei and CpuDxe drivers + 17702186b5 MdeModulePkg: PiSmmCore: Inspect memory guarded with pool headers + d0efa681b6 UefiPayloadPkg: Simplify code logic + 57ebb2994d UefiPayloadPkg: Add Serial IO device path according to related protocol + ef01d63ef3 UefiPayloadPkg: Connect all root bridge in PlatformBootManagerBeforeConsole + 35d9b7ea2d ArmPkg: Remove RVCT support + b55b6d33e4 ArmPlatformPkg: Remove RVCT support + e9eeb0ad2b CryptoPkg: Remove RVCT support + 48b919cb14 MdePkg: Remove RVCT support + 5621d81edf FatPkg: Remove RVCT support + cc070e9e0c NetworkPkg: Remove RVCT support + a744199470 ArmVirtPkg: Remove RVCT support + b7a446f224 EmbeddedPkg: Remove RVCT support + 57c84113a1 OvmfPkg: Remove RVCT support + 708620d29d BaseTools: Remove RVCT support + 2d1138a1a8 .azurepipelines: Fix cspell version to v5.20.0 + 7b126978e1 .pytool/plugin/SpellCheck: Allow compound words + 2189c71026 .pytool/plugin/SpellCheck: Add more common words + 0903042b66 MdeModulePkg: Add Variable Flash Info HOB + 60b519456c MdeModulePkg/VariableFlashInfoLib: Add initial library + 4dbebc2d10 MdeModulePkg/Variable: Consume Variable Flash Info + 8db39c60cd MdeModulePkg/FaultTolerantWrite: Consume Variable Flash Info + 524a15c1fa ArmVirtPkg/ArmVirt.dsc.inc: Add VariableFlashInfoLib + a69eac7578 EmulatorPkg: Add VariableFlashInfoLib + a7d3d4e7c4 OvmfPkg: Add VariableFlashInfoLib + 1f026ababf UefiPayloadPkg: Add VariableFlashInfoLib + a72d552f19 OvmfPkg/OvmfPkgX64: Use different CcProbeLib when SMM is on or off + a21a3438f7 OvmfPkg: Make an Ia32/X64 hybrid build work with SEV + 9c733f0b90 OvmfPkg: TdxDxe: Fix AsmRelocateApMailBoxLoop + 07c0c2eb0a OvmfPkg: fix PcdFSBClock + 16779ede2d Removed prefix to match AsmRelocateApMailBoxLoopStart + - Removed patches in ovmf-bsc1196879-sev-fix.patch which are merged to mainline: + - OvmfPkg/AmdSev: reserve snp pages + - de463163d9 edk2-stable202205-rc1~292 + - OvmfPkg/ResetVector: cache the SEV status MSR value + - 63c50d3ff2 edk2-stable202205-rc1~291 + - OvmfPkg/BaseMemEncryptLib: use the SEV_STATUS MSR + - f1d1c337e7 edk2-stable202205-rc1~290 +- Add the following patches for building edk2-stable202205 with nasm-2.14 on + SLE15-SP3/SP4 and Leap 15.3/15.4. Those patches add marco back because + nasm-2.14 doesn't support corresponding instructions. (jsc#PED-1410) + - ovmf-Revert-MdePkg-Remove-the-macro-definitions-regarding.patch + ovmf-Revert-UefiCpuPkg-Replace-Opcode-with-the-correspond.patch + ovmf-Revert-SourceLevelDebugPkg-Replace-Opcode-with-the-c.patch + ovmf-Revert-MdePkg-Replace-Opcode-with-the-corresponding-.patch + ovmf-Revert-MdeModulePkg-Replace-Opcode-with-the-correspo.patch + - Then reverted 5 patches in 84338c0d49~..bbaa00dd01 + MdeModulePkg: Replace Opcode with the corresponding + MdePkg: Replace Opcode with the corresponding + SourceLevelDebugPkg: Replace Opcode with the + UefiCpuPkg: Replace Opcode with the corresponding + MdePkg: Remove the macro definitions regarding Opcode. +- Change the size of ovmf-x86_64 to 4MB, otherwise OBS exposes the following error: + [ 266s] GenFv: ERROR 3000: Invalid + [ 266s] the required fv image size 0x1afed8 exceeds the set fv image size 0x1ac000 + - [ovmf-x86_64]="-p OvmfPkg/OvmfPkgX64.dsc -D FD_SIZE_4MB" + +------------------------------------------------------------------- +Tue Jun 21 07:46:23 UTC 2022 - Jiri Slaby + +- add ovmf-tools_def-add-fno-omit-frame-pointer-to-GCC48_-IA32-.patch. + It fixes crashes when linked using gcc 12 (bsc#1199597). + +------------------------------------------------------------------- +Mon May 2 09:51:21 UTC 2022 - jlee@suse.com + +- Respin amd-sev and amd-sev-es features + After more testing, we found that not all descriptors can support + both amd-sev with amd-sev-es. So we removed all amd-sev and amd-sev-es + feature tags but only keep them in ovmf-x86_64-2m.json and + 60-ovmf-x86_64.json. (bsc#1198246#c75) + +------------------------------------------------------------------- +Sat Mar 26 05:57:17 UTC 2022 - Martin Liška + +- Add GCC 12 workaround (ovmf-ignore-spurious-GCC-12-warning.patch) + that handles: https://bugzilla.tianocore.org/show_bug.cgi?id=3816 + The same patch is already included in qemu package. + +------------------------------------------------------------------- +Tue Mar 15 12:44:56 UTC 2022 - Fabian Vogt + +- TPM_ENABLE got renamed to TPM2_ENABLE and TPM_CONFIG_ENABLE removed + (except on ARM for some reason) (boo#1197104) + +------------------------------------------------------------------- +Thu Mar 10 05:35:44 UTC 2022 - jlee@suse.com + +- Update to edk2-stable202202 + - Features (https://github.com/tianocore/edk2/releases): + OvmfPkg Add new target for Cloud Hypervisor + Add TDVF to OvmfPkg + Add new APIs to UefiCpuPkg/UefiCpuLib + Add AMD Secure Nested Paging Support + Add SSDT PCI generator in DynamicTablesPkg + Support ACPI 6.4 PPTT changes + Add FdtHwInfoParser library + Add DynamicPlatRepo library + Make package and platform builds reproducible across source format changes + Add Uncrustify CI Plugin + Apply uncrustify changes to all package C and H files + - Patches (git log --oneline --reverse edk2-stable202111~..edk2-stable202202): + bb1bba3d77 NetworkPkg: Fix invalid pointer for DNS response token on error + ef9a059cdb EmulatorPkg/Win/Host: Update CC_FLAGS + 69877614fd .pytool/Plugin/EccCheck: Remove RevertCode() + 854462bd34 .pytool/Plugin/EccCheck: Remove temp directory on exception + 3019f1bbab .pytool/Plugin/EccCheck: Add performance optimizations + 99f84ff473 .pytools/Plugin/LicenseCheck: Use temp directory for git diff output + 76a1ce4d5f .azurepipelines/templates: Update max pipeline job time to 2 hours + 365dced2c3 ArmPkg: Update YAML to ignore specific ECC files/errors + 1939fc9569 ArmPlatformPkg: Update YAML to ignore specific ECC files/errors + c97fee87f0 ArmVirtPkg: Update YAML to ignore specific ECC files/errors + d5744ecba8 CryptoPkg: Update YAML to ignore specific ECC files/errors + d7d30e8f21 EmulatorPkg: Update YAML to ignore specific ECC files/errors + 9deb937076 MdeModulePkg: Update YAML to ignore specific ECC files/errors + df790cd6b3 MdePkg: Update YAML to ignore specific ECC files/errors + 60fa40be45 SecurityPkg: Update YAML to ignore specific ECC files/errors + 9944508e85 ShellPkg: Update YAML to ignore specific ECC files/errors + c30c40d6c6 StandaloneMmPkg: Update YAML to ignore specific ECC files/errors + c057347977 UefiPayloadPkg: Update YAML to ignore specific ECC files/errors + f0f3f5aae7 UnitTestFrameworkPkg: Update YAML to ignore specific ECC files/errors + dfafa8e453 MdeModulePkg/DxeCorePerformanceLib:Variable Initial + a4a582e180 ArmPkg: Change use of EFI_D_* to DEBUG_* + 1d2482e1e3 ArmPlatformPkg: Change use of EFI_D_* to DEBUG_* + c5b3a56e4f ArmVirtPkg: Change use of EFI_D_* to DEBUG_* + a1878955b2 EmbeddedPkg: Change use of EFI_D_* to DEBUG_* + 9c7da8d804 EmulatorPkg: Change use of EFI_D_* to DEBUG_* + 917e98f3e5 FatPkg: Change use of EFI_D_* to DEBUG_* + 87000d7708 MdeModulePkg: Change use of EFI_D_* to DEBUG_* + 5f289f3ae3 MdePkg: Change use of EFI_D_* to DEBUG_* + c49ca4a29e NetworkPkg: Change use of EFI_D_* to DEBUG_* + 47719926e8 OvmfPkg: Change use of EFI_D_* to DEBUG_* + ca56749b0e PcAtChipsetPkg: Change use of EFI_D_* to DEBUG_* + e905fbb05a SecurityPkg: Change use of EFI_D_* to DEBUG_* + 4a1aee13d8 ShellPkg: Change use of EFI_D_* to DEBUG_* + 586fda4800 SourceLevelDebugPkg: Change use of EFI_D_* to DEBUG_* + 96e1cba5c1 UefiCpuPkg: Change use of EFI_D_* to DEBUG_* + 1871d28eaf ArmPkg: Change OPTIONAL keyword usage style + 2863ba97ca ArmPlatformPkg: Change OPTIONAL keyword usage style + 9607597a74 ArmVirtPkg: Change OPTIONAL keyword usage style + c8f46130f8 CryptoPkg: Change OPTIONAL keyword usage style + fe2d81892f DynamicTablesPkg: Change OPTIONAL keyword usage style + 792433088c EmbeddedPkg: Change OPTIONAL keyword usage style + c69fc80c80 EmulatorPkg: Change OPTIONAL keyword usage style + 9c721071d3 FmpDevicePkg: Change OPTIONAL keyword usage style + e3917e22e7 MdeModulePkg: Change OPTIONAL keyword usage style + d0e2f8232a MdePkg: Change OPTIONAL keyword usage style + 8874fa199d NetworkPkg: Change OPTIONAL keyword usage style + 79d49e162e OvmfPkg: Change OPTIONAL keyword usage style + 237295f46d PcAtChipsetPkg: Change OPTIONAL keyword usage style + dc8fe5ec95 RedfishPkg: Change OPTIONAL keyword usage style + 12710fe93b SecurityPkg: Change OPTIONAL keyword usage style + 9b8507cabe ShellPkg: Change OPTIONAL keyword usage style + 18908e6131 SignedCapsulePkg: Change OPTIONAL keyword usage style + f9c9215b55 SourceLevelDebugPkg: Change OPTIONAL keyword usage style + 902e76de19 StandaloneMmPkg: Change OPTIONAL keyword usage style + 4ec586b9f6 UefiCpuPkg: Change OPTIONAL keyword usage style + e35dd32821 UefiPayloadPkg: Change OPTIONAL keyword usage style + 78bc3bdd2a UnitTestFrameworkPkg: Change OPTIONAL keyword usage style + ea85f0fe13 ArmVirtPkg: Change complex DEBUG_CODE() to DEBUG_CODE_BEGIN/END() + e3b855f283 CryptoPkg: Change complex DEBUG_CODE() to DEBUG_CODE_BEGIN/END() + 4a9d411662 DynamicTablesPkg: Change complex DEBUG_CODE() to DEBUG_CODE_BEGIN/END() + db52c7f755 MdeModulePkg: Change complex DEBUG_CODE() to DEBUG_CODE_BEGIN/END() + 098307e082 MdePkg: Change complex DEBUG_CODE() to DEBUG_CODE_BEGIN/END() + ed7f7c9168 NetworkPkg: Change complex DEBUG_CODE() to DEBUG_CODE_BEGIN/END() + 8e875037bf OvmfPkg: Change complex DEBUG_CODE() to DEBUG_CODE_BEGIN/END() + deba54761a PcAtChipsetPkg: Change complex DEBUG_CODE() to DEBUG_CODE_BEGIN/END() + f9f4fb2329 SecurityPkg: Change complex DEBUG_CODE() to DEBUG_CODE_BEGIN/END() + 7c2a6033c1 UefiCpuPkg: Change complex DEBUG_CODE() to DEBUG_CODE_BEGIN/END() + 429309e0c6 ArmPkg: Apply uncrustify changes + 40b0b23ed3 ArmPlatformPkg: Apply uncrustify changes + 2b16a4fb91 ArmVirtPkg: Apply uncrustify changes + 7c34237831 CryptoPkg: Apply uncrustify changes + 731c67e1d7 DynamicTablesPkg: Apply uncrustify changes + e7108d0e96 EmbeddedPkg: Apply uncrustify changes + a550d468a6 EmulatorPkg: Apply uncrustify changes + bcdcc4160d FatPkg: Apply uncrustify changes + 45ce0a67bb FmpDevicePkg: Apply uncrustify changes + 111f2228dd IntelFsp2Pkg: Apply uncrustify changes + 7c7184e201 IntelFsp2WrapperPkg: Apply uncrustify changes + 1436aea4d5 MdeModulePkg: Apply uncrustify changes + 2f88bd3a12 MdePkg: Apply uncrustify changes + d1050b9dff NetworkPkg: Apply uncrustify changes + ac0a286f4d OvmfPkg: Apply uncrustify changes + 5220bd211d PcAtChipsetPkg: Apply uncrustify changes + 39de741e2d RedfishPkg: Apply uncrustify changes + c411b485b6 SecurityPkg: Apply uncrustify changes + 47d20b54f9 ShellPkg: Apply uncrustify changes + b878648967 SignedCapsulePkg: Apply uncrustify changes + c1e126b119 SourceLevelDebugPkg: Apply uncrustify changes + 91415a36ae StandaloneMmPkg: Apply uncrustify changes + 053e878bfb UefiCpuPkg: Apply uncrustify changes + e5efcf8be8 UefiPayloadPkg: Apply uncrustify changes + 7c0ad2c338 UnitTestFrameworkPkg: Apply uncrustify changes + dc453b5164 .pytool/Plugin/UncrustifyCheck: Add Uncrustify CI plugin + 1832eb15aa UefiPayloadPkg/UefiPayloadPkg.fdf: Update DXE Apriori list + ca78281c25 UefiPayloadPkg/PayloadEntry: Inherit 4/5-level paging from bootloader + b2f7ee2ded UefiPayloadPkg: Increase SystemMemoryUefiRegionSize from 32M to 64M + 94e0a7bddb UefiPayloadPkg: Add missing Guid gUefiAcpiBoardInfoGuid + 2527723de9 UefiPayloadPkg: Add performance measurement feature + ffdde9d719 UefiPayloadPkg: Skip ModuleInfo HOB in Payload + 965292135b UefiPayloadPkg/UefiPayloadPkg.dsc:Add BootManagerLib for BootManagerMenuApp + 85a678bf76 UefiPayloadPkg: Add integration instruction for coreboot common error + 7b28310008 BaseTools: Increase the DevicePath length for support more PCD value. + d25b803e51 MdeModulePkg/Bus/Pci/UhciDxe: Fix the UsbHc memory allocate and free issue + c82ab4d8c1 BaseTools/VfrCompile: Correct Bit Field Flags for numeric/one of + 2ddacfb6b8 OvmfPkg/SecMain: move SEV specific routines in AmdSev.c + e2289d19d8 UefiCpuPkg/MpInitLib: move SEV specific routines in AmdSev.c + 2fe8edfe55 OvmfPkg/ResetVector: move clearing GHCB in SecMain + 3053183d41 OvmfPkg/ResetVector: introduce SEV metadata descriptor for VMM use + 707c71a01b OvmfPkg: reserve SNP secrets page + cca9cd3dd6 OvmfPkg: reserve CPUID page + f2dc28f0b6 OvmfPkg/ResetVector: pre-validate the data pages used in SEC phase + 34819f2cac OvmfPkg/ResetVector: use SEV-SNP-validated CPUID values + d9822304ce OvmfPkg/MemEncryptSevLib: add MemEncryptSevSnpEnabled() + 7c3b2892ea OvmfPkg/SecMain: register GHCB gpa for the SEV-SNP guest + d2b998fbdc OvmfPkg/VmgExitLib: use SEV-SNP-validated CPUID values + a19b648952 OvmfPkg/PlatformPei: register GHCB gpa for the SEV-SNP guest + 19914edc5a OvmfPkg/AmdSevDxe: do not use extended PCI config space + ade62c18f4 OvmfPkg/MemEncryptSevLib: add support to validate system RAM + d706f8fec2 OvmfPkg/MemEncryptSevLib: add function to check the VMPL0 + 11b15336f0 OvmfPkg/BaseMemEncryptSevLib: skip the pre-validated system RAM + d39f8d88ec OvmfPkg/MemEncryptSevLib: add support to validate > 4GB memory in PEI phase + 202fb22be6 OvmfPkg/SecMain: validate the memory used for decompressing Fv + 8eb79b5f4f OvmfPkg/PlatformPei: validate the system RAM when SNP is active + 26210f9436 MdePkg: Define ConfidentialComputingGuestAttr + 504ae26b80 OvmfPkg/PlatformPei: set PcdConfidentialComputingAttr when SEV is active + b95908e043 UefiCpuPkg/MpInitLib: use PcdConfidentialComputingAttr to check SEV status + f4e3ce5f53 UefiCpuPkg: add PcdGhcbHypervisorFeatures + f5a6e1bab5 OvmfPkg/PlatformPei: set the Hypervisor Features PCD + 2c354252be MdePkg/GHCB: increase the GHCB protocol max version + 9c703bc0f1 UefiCpuPkg/MpLib: add support to register GHCB GPA when SEV-SNP is enabled + d4d7c9ad5f UefiCpuPkg/MpInitLib: use BSP to do extended topology check + b928eb44d5 OvmfPkg/MemEncryptSevLib: change the page state in the RMP table + b7b8872031 OvmfPkg/MemEncryptSevLib: skip page state change for Mmio address + ea3a12d970 OvmfPkg/PlatformPei: mark cpuid and secrets memory reserved in EFI map + 67484aed69 OvmfPkg/AmdSev: expose the SNP reserved pages through configuration table + 06544455d0 UefiCpuPkg/MpInitLib: Use SEV-SNP AP Creation NAE event to launch APs + 0f1d7477c0 OvmfPkg: Remove unused print service driver (PrintDxe) + 30631f0a26 MdePkg: Add missing Cache ID (in)valid define + 0077c22f6d MdePkg: Remove PPTT ID type structure + a50b65ce22 ShellPkg: Update Acpiview PPTT parser to ACPI 6.4 + 8cf2bdfcfb ShellPkg: Add Cache ID to PPTT parser + b2bbe3df54 DynamicTablesPkg: Remove PPTT ID structure from ACPI 6.4 generator + e139829dd6 DynamicTablesPkg: Update PPTT generator to ACPI 6.4 + e81a81e584 DynamicTablesPkg: Add CacheId to PPTT generator + 9afcd48a94 OvmfPkg: Handle Cloud Hypervisor host bridge + 2ccefa32a6 OvmfPkg: Create global entry point for SMBIOS parsing + d8ef774346 OvmfPkg: Retrieve SMBIOS from Cloud Hypervisor + 66bce05f6d OvmfPkg: Generalize AcpiPlatformDxe + 7594c5bfe2 OvmfPkg: Install ACPI tables for Cloud Hypervisor + f6df289a1c OvmfPkg/OvmfXen: Fix Xen build + 2b20a34fd5 OvmfPkg-EmuVariableFvbRuntimeDxe: Support Access To Memory Above 4G + d5efc875ef MdePkg: Introduce CcMeasurementProtocol for CC Guest firmware + a124cd4ef9 SecurityPkg: Support CcMeasurementProtocol in DxeTpm2MeasureBootLib + 8c06c53b58 SecurityPkg: Support CcMeasurementProtocol in DxeTpmMeasurementLib + adf070ff56 OvmfPkg/Microvm: add PcdConfidentialComputingGuestAttr + 2686468c43 OvmfPkg/Bhyve: add MemEncryptSevLib + 61be49e0f7 OvmfPkg/PlatformCI: factor out PlatformBuildLib.py + 21ee379407 OvmfPkg/PlatformCI: add QEMU_SKIP + 64bccda534 OvmfPkg/PlatformCI: add BhyveBuild.py + 04eacd3943 OvmfPkg/PlatformCI: add MicrovmBuild.py + 8b8ae609a7 OvmfPkg/PlatformCI: add AmdSevBuild.py + 2722856a87 OvmfPkg/PlatformCI: dummy grub.efi for AmdSev + 1203eba58e OvmfPkg/PlatformCI: add XenBuild.py + 64ef0dd1d3 OvmfPkg/Microvm/fdt: add device tree support + 79dcaf7054 OvmfPkg/Microvm/fdt: load fdt from fw_cfg + c802f8935c OvmfPkg/Microvm/fdt: add empty fdt + 2a68abf6ee OvmfPkg/Microvm/virtio: add virtio-mmio support + e07d27e24d OvmfPkg/Microvm: add README + 7f1861be2b DynamicTablesPkg: AML Code generation for memory ranges + 0e7147fe75 DynamicTablesPkg: AML Code generation to create a named Package() + fd5fc4bbb7 DynamicTablesPkg: AML Code generation to create a named ResourceTemplate() + b2b8def4e3 DynamicTablesPkg: AML Code generation to add _PRT entries + 69ddfee1c3 DynamicTablesPkg: Add AmlAttachNode() + ce306e48eb DynamicTablesPkg: Add Pci related objects + e35a746cf5 DynamicTablesPkg: SSDT Pci express generator + ec37fd9c1f DynamicTablesPkg: Fix multiple objects parsing + 557dede8a6 OvmfPkg/PlatformPei: ScanOrAdd64BitE820Ram improvements + 759e3c6d21 OvmfPkg/PlatformPei: prefer etc/e820 for memory detection + 41d8bb3038 OvmfPkg/PlatformPei: stop using cmos for memory detection + 7a6e6ae933 EmulatorPkg: Update lldbefi.py to work with current lldb which uses python3 + 4d30352445 ArmPkg: Add SMC helper functions + c039fa7ff0 ArmPkg: Update SMC calls to use the new ArmCallSmc0/1/2/3 functions + 90ad4b3b34 DynamicTablesPkg: Definition for HwInfoParser interface + d59c5a20f8 DynamicTablesPkg: FdtHwInfoParser: CM Object descriptor helper + 5d8b5d171c DynamicTablesPkg: FdtHwInfoParser: Add FDT utility functions + 8d2691c3d5 DynamicTablesPkg: FdtHwInfoParser: Add Boot Arch parser + 3ebe1ff5c9 DynamicTablesPkg: FdtHwInfoParser: Generic Timer Parser + 51941f7558 DynamicTablesPkg: FdtHwInfoParser: Add Serial port parser + e366a41ef0 DynamicTablesPkg: FdtHwInfoParser: Add GICC parser + 0fa1217726 DynamicTablesPkg: FdtHwInfoParser: Add GICD parser + b04cf355a0 DynamicTablesPkg: FdtHwInfoParser: Add MSI Frame parser + d250d408cf DynamicTablesPkg: FdtHwInfoParser: Add ITS parser + 7b6c8b30a5 DynamicTablesPkg: FdtHwInfoParser: Add GICR parser + 26bf034a59 DynamicTablesPkg: FdtHwInfoParser: Add GIC dispatcher + c67bf628c8 DynamicTablesPkg: FdtHwInfoParser: Add PCI config parser + deb01dfd7f DynamicTablesPkg: Add FdtHwInfoParser library + 9006967c8d DynamicTablesPkg: Handle 16550_WITH_GAS id + b2d0ed20fd DynamicTablesPkg: Definition for DynamicPlatRepoLib interface + 2e2db65e39 DynamicTablesPkg: DynamicPlatRepo: Add TokenGenerator + 740e3bb634 DynamicTablesPkg: DynamicPlatRepo: Add TokenFixer + 5fe5b6f94f DynamicTablesPkg: DynamicPlatRepo: Add TokenMapper + 38f6d78c3b DynamicTablesPkg: Add DynamicPlatRepo library + f14fff5135 StandaloneMmPkg/FvLib: Support large file with EFI_FFS_FILE_HEADER2. + 3a72ec71cd OvmfPkg: remove unused TPM options from MicrovmX64.dsc + b47575801e OvmfPkg: move tcg configuration to dsc and fdf include files + 5711ff4d0b OvmfPkg: drop TPM_CONFIG_ENABLE + b819388772 OvmfPkg: create Tcg12ConfigPei.inf + 4de8d61bce OvmfPkg: rework TPM configuration + e6ea1464a8 OvmfPkg/PlatformPei: Revert "stop using cmos for memory detection" + a6c0418651 ArmPkg/SmbiosMiscDxe: Remove duplicate HII string definition + 45e3842970 ArmPkg/SmbiosMiscDxe: Get full SMBIOS strings from OemMiscLib + b451c69088 ArmPkg/ProcessorSubClassDxe: Get serial and part number from OemMiscLib + 8ed8568922 SecurityPkg: Debug code to audit BIOS TPM extend operations + 195f011973 SecurityPkg: Reallocate TPM Active PCRs based on platform support + ab5ab2f603 SecurityPkg: TPM must go to Idle state on CRB command completion + c63a10ecb7 EmbeddedPkg/AcpiLib: Add more helper functions + f129b1f06f OvmfPkg/Bhyve: fix tls-enabled build + ee1f8262b8 OvmfPkg: Call PlatformInitializeConsole for GPU passthrough case + de9e5b7dc7 IntelFsp2WrapperPkg : FSPM/S UPD data address based on Build Type + 9ec2cc1f31 IntelFsp2WrapperPkg : Remove EFIAPI from local functions. + ae8272ef78 MdeModulePkg/UsbBusDxe: fix NOOPT build error + 15c596aeeb OvmfPkg: Bhyve: Delete unused AcpiTables/Ssdt.asl file + 6612ff8561 UefiCpuPkg: Extend measurement of microcode patches to TPM + e910f076ad BaseTools: Fix the bug of --cmd-len build option + 7935be0fbd IntelFsp2Pkg/FspSecCore: ExtendedImageRevision was not printed. + c095122d4b MdeModulePkg/PciBusDxe: Enumerator to check for RCiEP before looking for RP + d463c56ddd MdeModulePkg: Replace with UFS_UNIT_DESC to fix timeout problem + 45920941d9 MdeModulePkg: Refactoring UFS DME request and fix timing problem + 13d9e8ec98 MdeModulePkg: Put off UFS HCS.DP checking to fix timing problem + 079a58276b OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved + 9dd14fc91c MdePkg: Add registers of boot partition feature + 14a731096d UnitTestFrameworkPkg: CI YAML: Grant cmockery spell check exception + 6062002bd5 MdeModulePkg/PartitionDxe: Add break to handle invalid LBA0 in MBR + 7438a85bf1 BaseTools: Fix wrong variable header size + c712ce2bb1 OvmfPkg/CloudHv: Add new target for Cloud Hypervisor + a2da72b2ca OvmfPkg/CloudHv: Replace legacy 8254 PIT with local APIC timer + 6ecdda71fe OvmfPkg/CloudHv: Connect serial console + 1552050ce7 OvmfPkg/CloudHv: Remove legacy 8259 PIC support + fdcea7ff6f OvmfPkg/CloudHv: Remove Q35 specifics + 71082d3d1b OvmfPkg/CloudHv: Reduce dependency on QemuFwCfg + 196be601f9 OvmfPkg/CloudHv: Remove video support + 7b6cbe0a81 OvmfPkg/CloudHv: Remove USB support + e73d1bf96a OvmfPkg/CloudHv: Remove CSM support + b66056ef21 OvmfPkg/CloudHv: add Maintainers.txt entry + 5302bd81d9 OvmfPkg: Add CloudHvX64 to the CI + 59c48c9314 UefiPayloadPkg: Change the user interface name of the Uiapp + 5801910013 UefiPayloadPkg: Not use BaseCpuTimerLib by default. + 772c5bb8dc FmpDevicePkg/FmpDxe: Update FmpDeviceCheckImageWithStatus() handling + 7709988dd8 RedfishPkg/RedfishRestExDxe:Simplify status check + 21320ef669 MdeModulePkg/Variable: Make only EFI_VARIABLE_NON_VOLATILE invalid + 7e5c603cba MdeModulePkg/SdMmcPciHcDxe: Robust improvements for SD card 1.8V switch + ee67067f17 MdeModulePkg: VariableSmmRuntimeDxe: Fix Variable Policy Message Length + 5b39832e18 MdePkg: MmCommunication2: Update MM communicate2 function description + ce37f45955 ArmPkg: MmCommunicationDxe: MM communicate function argument attributes + 541a077bd1 ArmPkg: MmCommunicationDxe: Update MM communicate `CommBuffer**` checks + 1aa1ec4574 ArmPkg: MmCommunicationDxe: Update MM communicate `CommSize` check + 8cc5590eab ArmPkg: MmCommunicationDxe: Update MM communicate `MessageLength` check + 6777e67383 EmbeddedPkg: Fix a build error in FwVol.c in X64 arch + a867f3a704 UefiPayloadPkg: Use BaseCpuTimerLib for Universal Payload by default + f4b7b473b4 MdeModulePkg/UefiBootManagerLib: Convert BmLoadOption to Variable Policy + 76b3d45b75 ShellPkg: Add the missing VariablePolicyHelperLib in ShellPkg.dsc + 8542fc5f95 NetworkPkg: Add the missing VariablePolicyHelperLib in NetworkPkg.dsc + ae35314e7b Maintainers.txt: Add Sami Mujawar as reviewer for ArmPkg + 862ea6e836 OvmfPkg: change qemu default resolution to 1280x800 + e95b44c90e ArmVirtPkg: change qemu default resolution to 1280x800 + 929804b172 OvmfPkg: add PcdVideoResolutionSource + 7f25ddbc03 OvmfPkg/QemuVideoDxe: simplify InitializeBochsGraphicsMode + 336da55ca8 OvmfPkg/QemuVideoDxe: drop QEMU_VIDEO_BOCHS_MODES->ColorDepth + 55c05427b9 OvmfPkg/QemuVideoDxe: factor out QemuVideoBochsAddMode + 49a2d8cbf5 OvmfPkg/QemuVideoDxe: parse edid blob, detect display resolution + ba79becd55 OvmfPkg/BaseCachingPciExpressLib: Migrate BaseCachingPciExpressLib + 103fa647d1 ArmPkg: Replace CoreId and ClusterId with Mpidr in ARM_CORE_INFO struct + 742dafd2cc DynamicTablesPkg: Print specifier macro for CM_OBJECT_ID + 13136cc311 DynamicTablesPkg: FdtHwInfoParserLib: Parse Pmu info + 5751d60821 DynamicTablesPkg: AmlLib: AmlAddPrtEntry() to handle GSI + 5816bd3eab DynamicTablesPkg: AcpiSsdtPcieLibArm: Remove link device generation + dc1118fa0d ArmVirtPkg: Add cspell exceptions + 0dbd356983 ArmVirtPkg/Kvmtool: Add DSDT ACPI table + 312ef7a0a4 ArmVirtPkg/Kvmtool: Add Configuration Manager + 17a02163bd ArmVirtPkg/Kvmtool: Enable ACPI support + 5b3c682d91 ArmVirtPkg/Kvmtool: Enable Acpiview + 017564d637 ArmPkg/ArmMmuLib AARCH64: avoid EL0 accessible mappings + 45b1612659 DynamicTablesPkg: Add Memory32Fixed function + 007a95055b DynamicTablesPkg: Remove redundant cast in AmlCodeGenReturn + 33189f0527 DynamicTablesPkg: Add AmlCodeGenMethodRetInteger function + a4b7aa362d MdeModulePkg/Bus/Pci/PciBusDxe: Support platform PCI ROM override + 6fb09da89f ShellPkg: Fix incorrect PPTT FlagName dereference + c09dbc92e9 BaseTools/Conf: Add new macro for customizing dll file reduction. + d4ac53aa91 BaseTools: Fix error leg in DscBuildData.py + f78b937c95 MdeModulePkg/RuntimeDxe: clear mVirtualMapMaxIndex + 96b8b5fd10 MdeModulePkg/UiApp: Fix spelling of 'FRONTPAGE' + bd676f080a Maintainers.txt: add missing github IDs to OvmfPkf/Fdt reviewers + 1f54eaa725 Maintainers.txt: update email for Leif Lindholm + b360b0b589 Maintainers.txt: Update email address + c9b7c6e0cc BaseTools: Update CLANG{35,38}_WARNING_OVERRIDES to ignore unused vars + 42af706dfb BaseTools: Update brotli submodule + 1193aa2dfb MdeModulePkg: update brotli submodule + 85589ddbf6 OvmfPkg/VmgExitLib: Fix uninitialized variable warning with XCODE5 + c28e376edc OvmfPkg/FvbServicesSmm: use the VmgExitLibNull + 8a57673316 ShellPkg: Fix Ping GetTimerPeriod API failure + b24306f15d NetworkPkg: Fix incorrect unicode string of the AKM/Cipher Suite +- Add amd-sev-es to the following descriptors because James Fehlig + tested them (bsc#1196879): + 60-ovmf-x86_64.json + 60-ovmf-x86_64-2m.json + 60-ovmf-x86_64-ms.json + 60-ovmf-x86_64-2m-ms.json +- Backported patches in ovmf-bsc1196879-sev-fix.patch for fixing SEV: + de463163d9 OvmfPkg/AmdSev: reserve snp pages + 63c50d3ff2 OvmfPkg/ResetVector: cache the SEV status MSR value in workarea + f1d1c337e7 OvmfPkg/BaseMemEncryptLib: use the SEV_STATUS MSR value from workarea + +------------------------------------------------------------------- +Thu Feb 17 02:14:26 UTC 2022 - Bernhard Wiedemann + +- Sort file lists for reproducible build results + +------------------------------------------------------------------- +Mon Jan 3 12:21:37 UTC 2022 - Joey Lee + +- Modified gdb_uefi.py.in for python3 (bsc#1192126) + - change 'long' to 'int' + - using + print (' + instead of + print " + +------------------------------------------------------------------- +Thu Dec 23 03:31:18 UTC 2021 - jlee@suse.com + +- Removed useless patch files because they are merged to edk2-stable202111 + - ovmf-OvmfPkg-OvmfXen-Fix-build-with-QemuKernelLoaderFsDxe.patch + - ovmf-OvmfPkg-OvmfXen-add-QemuKernelLoaderFsDxe.patch + - ovmf-OvmfPkg-OvmfXen-set-PcdAcpiS3Enable-at-initializatio.patch +- Updated URL to the edk2 repo on github +- Use downloaded edk2-edk2-stable%{version}.tar.gz instead of the URL + for Source0 because the edk2-edk2-stable202111 tarball is broken + in tianocore repo which can not pass the "osc service runall download_files" + testing. + - We ill change it back to the following setting when upstream fixed tarball: + Source0: https://github.com/tianocore/edk2/releases/download/edk2-stable%{version}/edk2-edk2-stable%{version}.tar.gz + +------------------------------------------------------------------- +Tue Dec 21 03:29:06 UTC 2021 - Joey Lee + +- Update to edk2-stable202111 + - Features (https://github.com/tianocore/edk2/releases): + Add SSDT CPU topology generator + Support ACPI 6.4 in GTDT parser and generator + Support ACPI 6.4 in DynamicTables FADT parser + Support ACPI 6.4 in Acpiview PCCT parser + Support ACPI 6.4 in Acpiview HMAT parser + Add support for the microvm machine type (qemu) + OVMF/ArmVirt: add support for virtio-mmio 1.0 + IntelFsp2Pkg: adopt FSP 2.3 specification + UefiCpuPkg VTF0 X64: Build page tables using Linear-Address Translation to a 1-GByte Page + Enable wildcard host name matching in HTTPS/TLS implementation + Add QuickSort function into BaseLib + Add SMM NV variable support in universal UEFI payload + Add TDVF to OvmfPkg + Make package and platform builds reproducible across source format changes + - Patches (git log --oneline --reverse edk2-stable202108~..edk2-stable202111): + 7b4a99be8a CryptoPkg: BaseCryptLib fix incorrect param order + 82f7e315d6 MdeModulePkg/PeiCore: Remove MigrateSecModulesInFv() + 8b15024dc7 Maintainers: Add kraxel as Reviewer to ArmVirtPkg and OvmfPkg + 80e67af9af OvmfPkg: introduce a common work area + ab77b6031b OvmfPkg/ResetVector: update SEV support to use new work area format + b9af5037b2 OvmfPkg/ResetVector: move the GHCB page setup in AmdSev.asm + a82bad9730 ArmPkg/GicV3Dxe: Don't signal EOI on arbitrary interrupts + 94e465e5cb OvmfPkg/Virtio10: Add virtio-mmio 1.0 defines + 08293e43da OvmfPkg/VirtioMmioDeviceLib: Add virtio 1.0 detection. + 212a2b9bb8 OvmfPkg/VirtioMmioDeviceLib: virtio 1.0: Fix SetPageSize. + 537a724421 OvmfPkg/VirtioMmioDeviceLib: virtio 1.0: Fix SetQueueAddress + 6a3e9576b8 OvmfPkg/VirtioMmioDeviceLib: virtio 1.0: Add default QueueNum + ae12188cf8 OvmfPkg/VirtioMmioDeviceLib: virtio 1.0: Adapt feature bit handling + 77d5fa8024 OvmfPkg/VirtioMmioDeviceLib: enable virtio 1.0 + b04453d36b MdeModulePkg/EbcDxe: Mitigate memcpy intrinsics + dc995ce906 MdeModulePkg: Add BootDiscoveryPolicyOld variable. + 443300be46 MdePkg:Update IndustryStandard/Nvme.h with Nvme amdin controller data + 0f11537548 MdeModulePkg:Increase Nvme capacity display + cae735f613 ArmPkg: Enable boot discovery policy for ARM package. + cb0d24637d OvmfPkg/OvmfXen: set PcdAcpiS3Enable at initialization + 28152333bc OvmfPkg/LockBoxLib: use PcdAcpiS3Enable to detect S3 support + 52e2dabc0f OvmfPkg/PlatformBootManagerLib: use PcdAcpiS3Enable to detect S3 support + 5b5f10d746 OvmfPkg/SmmControl2Dxe: use PcdAcpiS3Enable to detect S3 support + 9f3eda177a OvmfPkg/OvmfXen: add QemuKernelLoaderFsDxe + f0fe55bca4 UefiPayloadPkg: Fix the build error when enable Core ci for UefiPayloadPkg + 5d34cc49d5 UefiCpuPkg/PiSmmCpuDxeSmm: Update mPatchCetSupported set condition + cdda3f74a1 UefiPayloadPkg/UefiPayloadEntry: Fix memory corruption + 3b3f882288 MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands + b170806518 UefiCpuPkg: Clean up save state boundary checks and comments. + 12e33dca4c IntelFsp2Pkg: Support Config File and Binary delta comparison + 63fddc98e0 UefiPayloadPkg: Create .yaml file in UefiPayloadPkg + e3ee8c8dbd .azurepipelines: Add UefiPayloadPkg in gate-build-job.yml and CISetting.py + b6bc203375 MdeModulePkg/HiiDatabaseDxe:remove dead code block + c5e805ffe1 MdeModulePkg: Fix typo of "memory" in RamDiskDxe debug message + 81d71fb86e Maintainers.txt: Update maintainer/reviewer roles in MdeModulePkg + edf8bc6d24 SecurityPkg/MemoryOverwriteControl: Add missing argument to DEBUG print + 4473834e7d OvmfPkg/OvmfXen: Fix build with QemuKernelLoaderFsDxe + a7cf2c5664 RedfishPkg: Fix various typos + 851785ea67 UefiPayloadPkg: Include more modules in UefiPayloadPkg. + d248516b3a UefiPayloadPkg: Include Network modules in UefiPayloadPkg. + 6c7d6d4a5e UefiCpuPkg: ResetVector Tool Support for Python 3 + cf7c650592 UefiCpuPkg: ResetVector Tool additional debug prints + d96df7e993 UefiPayloadPkg: Fix the bug in dump guid HOB info functions + dcd3d63f4f UefiPayloadPkg: Dump hob info from gEdkiiBootManagerMenuFileGuid + 610d8073f2 SecurityPkg/TPM: Import PeiDxeTpmPlatformHierarchyLib.c from edk2-platforms + 4d5f39cd22 SecurityPkg/TPM: Fix bugs in imported PeiDxeTpmPlatformHierarchyLib + ebbc8ab2cd SecrutiyPkg/Tcg: Import Tcg2PlatformDxe from edk2-platforms + 2906e572c6 SecurityPkg/Tcg: Make Tcg2PlatformDxe buildable and fix style issues + f108178c56 SecurityPkg: Introduce new PCD PcdRandomizePlatformHierarchy + a4867dea2a SecurityPkg/Tcg: Import Tcg2PlatformPei from edk2-platforms + 2fa89c8e11 SecurityPkg/Tcg: Make Tcg2PlatformPei buildable and fix style issues + 3b69fcf5f8 SecurityPkg: Add references to header and inf files to SecurityPkg + 6c80564b89 MdeModulePkg/Core/Pei: Fix typo in function descriptions + 6f501a7c9b MdeModulePkg/Core/Pei: Make migrated PEIM message verbose + c19d18136e MdeModulePkg/Core/Pei: Fix pointer size mismatch in EvacuateTempRam() + f4e72cf9d6 UefiPayloadPkg: Add script to build UniversalPayload in UefiPayloadPkg + bda3546c55 UefiPayloadPkg: Fix the warning when building UefiPayloadPkg with IA32+X64 + 010753b7e7 UefiCpuPkg: Refactor initialization of CPU features during S3 resume + 89f7ed8b29 UefiCpuPkg: Prevent from re-initializing CPU features during S3 resume + 60d8bb9f28 UefiCpuPkg: VTF0 Linear-Address Translation to a 1-GByte Page till 512GB + ac6388add4 ArmPkg/ProcessorSubClassDxe: Fix the format of ProcessorId + e3e47d7963 UefiCpuPkg: SecCoreNative without ResetVector + 542cba73d2 SecurityPkg: Add debug log for indicating IBB verified OBB successfully + f334c5a41d IntelFsp2WrapperPkg: Make PcdFspModeSelection dynamic + 79019c7a42 OvmfPkg: set a default value for the WorkAreaHeader PCD + fdeff3fdae EmbeddedPkg: Remove duplicate libfdt.h include + f2a7e24e38 EmbeddedPkg: AndroidBootImgBoot error handling updates + c0cd26f43c EmbeddedPkg: Install FDT if UpdateDtb is not present + 7ea7f9c077 EmbeddedPkg: Add LoadFile2 for linux initrd + d60915b751 UefiPayloadPkg: Add Macro to enable or disable some drivers. + 46b4606ba2 MdeModulePkg/PciBusDxe: Improve the flow of testing support attributes + f57040b038 MdeModulePkg/BootManagerMenuApp: Limit string drawing within one line + b0f1b1c5fd MdePkg: Fix DEVICE_SECURITY_EVENT_DATA_HEADER version definition + cc5a67269e UefiPayloadPkg: Build a HOB from bootloader ACPI table + dc430ccf3f UefiPayloadPkg: Use dummy constructor for PlatformHookLib + 4a1899dd79 UefiPayloadPkg: Add ".upld_info" in universal payload + 2ea0a0a414 BaseTools: Switch to downloading the ARM compiler from Arm's site + 1ce6ceb75b BaseTools: Switch to downloading the AARCH64 compiler from Arm's site + c214128a38 BaseTools/GenMake: Use ToolDefinition as fallback option + 259c184c8f BaseTools/build: Set MakefileName + 445c39f757 BaseTools: Remove Makefile/MakefileName fields + c7d5b046d9 BaseTools: Remove hard-coded strings for target and tools_def + 442e46d3b6 UefiPayloadPkg: Update maximum logic processor to 256 + 499c4608b1 OvmfPkg/TPM PPI: Connect default consoles for user interaction + b8675deaa8 OvmfPkg: Handle TPM 2 physical presence opcodes much earlier + 8ab8fbc016 OvmfPkg: Reference new Tcg2PlatformDxe in the build system for compilation + bd298d7593 OvmfPkg: Reference new Tcg2PlatformPei in the build system + f86de75862 MdePkg: MmCommunication: Added definition of MM Communication PPI + 8b4bb94f64 MdePkg: CI YAML: Added new GUID to ignore duplicate list + 9e950cda6a MdeModulePkg: CI YAML: Added new GUID to ignore duplicate list + 2273799677 SecurityPkg: Fix SecureBootDefaultKeysDxe failed to start + 422e5d2f7f UefiPayloadPkg: Remove asm code and sharing libraries + 0875443f7e DynamicTablesPkg: Extract AcpiHelperLib from TableHelperLib + 20775950c6 DynamicTablesPkg: Update TableHelperLib.inf + 1ad5182500 DynamicTablesPkg: Rename single char input parameter + 653113412f DynamicTablesPkg: Add HexFromAscii() to AcpiHelperLib + 72ab552554 DynamicTablesPkg: Add AmlGetEisaIdFromString() to AcpiHelperLib + 96e006b37e DynamicTablesPkg: Add Configuration Manager Object parser + 235ff9fcd1 DynamicTablesPkg: Use %a formatter in AmlDbgPrint + 7a8c037e9e DynamicTablesPkg: Update DynamicTablesPkg.ci.yaml + 691c5f7762 DynamicTablesPkg: Deprecate Crs specific methods in AmlLib + 22873f58c4 DynamicTablesPkg: Rework AmlResourceDataCodegen.c/h + 4cc1458dbe IntelFsp2Pkg: Adopt FSP 2.3 specification. + c49cb8f30e ArmPkg: SmbiosMiscDxe: Don't populate ExtendedBiosSize when size < 16MB + 282122ec5f ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib + b3685956d2 ArmVirtPkg: Reference new TPM classes in the build system for compilation + c806b76865 ArmVirtPkg: Disable the TPM2 platform hierarchy + 606340fba3 OvmfPkg/Microvm: copy OvmfPkgX64 files as-is + 4932f05a00 OvmfPkg/Microvm: rename output files, fix includes + 2a49c19b9e OvmfPkg/Microvm: no smm + 60d55c4156 OvmfPkg/Microvm: no secure boot + 0569c52b15 OvmfPkg/Microvm: no tpm + 06fa1f1931 OvmfPkg/Microvm: no sev + 6073bf6cd8 OvmfPkg/Microvm: no csm + b9dd64b80e OvmfPkg/Microvm: no emulated scsi + 27de86ae41 OvmfPkg/Microvm: use MdePkg/Library/SecPeiDxeTimerLibCpu + 76602f45dc OvmfPkg/Microvm: use XenTimerDxe (lapic timer) + 6a8e9ad24b OvmfPkg/Microvm: PlatformPei/MemDetect tweaks + 8583b57c5c OvmfPkg/Microvm: PlatformPei/Platform memory map tweaks + bf02d73e74 OvmfPkg/Microvm: PlatformPei/Platform: add id. + 1d3e89f349 OvmfPkg/ResetSystemLib: add driver for microvm + 2c467c9be2 OvmfPkg/Microvm: BdsPlatform: PciAcpiInitialization tweak. + 8456785986 OvmfPkg/Microvm: use PciHostBridgeLibNull + 55f47d2299 OvmfPkg/Microvm: wire up serial console, drop super-io + 862e814de4 OvmfPkg/Microvm: add Maintainers.txt entry + 06a326caf1 DynamicTablesPkg: Update FADT generator to ACPI 6.4 + f09dbf20b9 DynamicTablesPkg: Rename SBSA generic watchdog + 942c9bd357 ShellPkg: Update Acpiview GTDT parser to ACPI 6.4 + 80e67bcb23 ShellPkg: Update Acpiview PCCT parser to ACPI 6.4 + b4da6c29f1 ShellPkg: Add Type 5 PCC Subspace Structure parser + 5ece2ad36c MdeModulePkg/Core/Dxe: Add lock protection in CoreLocateHandleBuffer() + 30400318a2 ShellPkg: Update Acpiview HMAT parser to ACPI spec version 6.4 + 71c3c9c0c4 DynamicTablesPkg: Remove unnecessary includes + 25cf58a163 DynamicTablesPkg: Add missing parameter check + bfaf7c8b9e DynamicTablesPkg: Add AddSsdtAcpiHeader() + 28b2df475f DynamicTablesPkg: Add AmlRdSetEndTagChecksum() + 74addfeab6 DynamicTablesPkg: Add AmlSetRdListCheckSum() + 7b2022d39e DynamicTablesPkg: Set EndTag's Checksum if RdList is modified + 2dd7dd3952 DynamicTablesPkg: Clear pointer in node creation fcts + 37bd08176c DynamicTablesPkg: Update error handling for node creation + 6d2777d85f DynamicTablesPkg: Make AmlNodeGetIntegerValue public + f995f8672b DynamicTablesPkg: AML Code generation for Register() + 9454d1ebcb DynamicTablesPkg: AML Code generation for Resource data EndTag + 1e33479b39 DynamicTablesPkg: AML code generation for a Package + 12e65fd258 DynamicTablesPkg: Helper function to compute package length + ce15936f2f DynamicTablesPkg: AML code generation for a ResourceTemplate + de62ccbf4f DynamicTablesPkg: AML code generation for a Method + e2d7b4950b DynamicTablesPkg: AML code generation to Return a NameString + 3e958e93ce DynamicTablesPkg: AML code generation for a Method returning a NS + 018a962d92 DynamicTablesPkg: AML code generation for a _LPI object + a5e36ad9bc DynamicTablesPkg: AML code generation to add an _LPI state + f17ef10e63 DynamicTablesPkg: Add CM_ARM_LPI_INFO object + 769e63999f DynamicTablesPkg: SSDT CPU topology and LPI state generator + 19ee56c4b3 UefiPayloadPkg: Add a macro to select the SecurityStubDxe driver. + 782d018703 MdePkg: Add ProcessorUpgradeSocketLGA4677 from SMBIOS 3.5.0 + ba4ae92234 ShellPkg: Support ProcessorUpgradeSocketLGA4677 from SMBIOS 3.5.0 + f22feb0e3b CryptoPkg/BaseCryptLib: Eliminate extra buffer copy in Pkcs7Verify() + 4225a464c6 MdePkg/BaseLib: Add QuickSort function on BaseLib + 6ed6abd6c1 BaseTools: Change RealPath to AbsPath + 978d428ec3 UefiPayloadPkg: Add PCI root bridge info hob support for SBL + 43b3840873 MdeModulePkg/Sd: Corrections for Extra.uni files + a7fcab7aa3 MdeModulePkg/Core/Dxe: Acquire a lock when iterating gHandleList + e40fefafa9 ArmVirtPkg/FdtClintDxe: Move FdtClientDxe to EmbeddedPkg + fb759b8b73 MdePkg: Add PcdPciIoTranslation PCD + 7d78a86ecf ArmPkg: Use PcdPciIoTranslation PCD from MdePkg + 77e9b3a7c6 ArmVirtPkg/FdtPciPcdProducerLib: Relocate PciPcdProducerLib to OvmfPkg + d881c6ddf5 ArmVirtPkg/HighMemDxe: Relocate HighMemDxe to OvmfPkg + 47bd85e9f9 OvmfPkg/HighMemDxe: Add RISC-V in the supported arch. + f8d0501ded ArmVirtPkg/QemuFwCfgLib: Relocate QemuFwCfgLib to OvmfPkg + 26aa241d2f OvmfPkg/QemuFwCfgLibMmio: Add RISC-V arch support + c6770f4b88 MdePkg: Add PcdPciMmio32(64)Translation PCDs + 9a7509e465 ArmVirtPkg/FdtPciHostBridgeLib: Relocate FdtPciHostBridgeLib to OvmfPkg/Fdt + b21c6794de OvmfPkg/FdtPciHostBridgeLib: Add RISC-V in the supported arch. + e0c23cba5e ArmVirtPkg/VirtioFdtDxe: Relocate VirtioFdtDxe to OvmfPkg/Fdt + f2400e06db BaseTools: add edk2-test repo to SetupGit.py + 785cfd3305 UefiPayloadPkg: Use SECURITY_STUB_ENABLE to control the SecurityStubDxe + 7e43d3e086 ArmPkg/Smbios: Fix max cache size 2 wrong issue + f10a112f08 UefiPayloadPkg: Fix the build issue for coreboot + 2108698346 StandaloneMmPkg: Support CLANGPDB builds + 11a4af85a4 Ovmfpkg: update Ia32 build to use new work area + 36b561623a OvmfPkg/AmdSev: update the fdf to use new workarea PCD + 91a978ce7e UefiPayloadPkg: Replace MEMROY_ENTRY by MEMORY_ENTRY + 6ef5797447 UefiPayloadPkg: Fix ECC reported issues + 90246a6d9f UefiPayloadPkg: Fix the build failure for non-universal payload + 37a33f02aa UefiCpuPkg: Cpu feature data stored in memory may be migrated + 4fdf843c75 DynamicTablesPkg: Fix unitialized variable use + 6893865b30 DynamicTablesPkg: Fix void pointer arithmetic + 99325a8b65 MdeModulePkg/SortLib: Add QuickSort function on BaseLib + 305fd6bee0 UefiCpuPkg/CpuCacheInfoLib: Add QuickSort function on BaseLib + 2f286930a8 ShellPkg: Parse I/O APIC and x2APIC structure + bd5ec03d87 NetworkPkg/HttpBootDxe: make file extension check case-insensitive + 6254037223 ArmPkg: Implement PlatformBootManagerLib for LinuxBoot + f079e9b450 OvmfPkg: Copy Main.asm from UefiCpuPkg to OvmfPkg's ResetVector + 5a2411784b OvmfPkg: Clear WORK_AREA_GUEST_TYPE in Main.asm + c9ec74a198 OvmfPkg: Add IntelTdxMetadata.asm + 8b76f23534 OvmfPkg: Enable TDX in ResetVector + 87a34ca0cf UefiPayloadPkg: Add a common SmmAccessDxe module + e7e8ea27d4 UefiPayloadPkg: Add a common SMM control Runtime DXE module + bed990aae6 UefiPayloadPkg: Add bootloader SMM support module + 1d66480aa4 UefiPayloadPkg: Add SpiFlashLib + 04714cef46 UefiPayloadPkg: Add FlashDeviceLib + ae8acce8ae UefiPayloadPkg: Add a common FVB SMM module + 242dcfe30f UefiPayloadPkg: Add a SMM dispatch module + b80c17b62d UefiPayloadPkg: Add SMM support and SMM variable support + 2f6f3329ad FmpDevicePkg/FmpDxe: Use new Variable Lock interface + 9a95d11023 IntelFsp2Pkg/SplitFspBin.py: adopt FSP 2.3 specification. + bb146ce32d MdePkg Cpuid.h: Define CPUID.(EAX=7,ECX=0):EDX[30] + 1bc232aae3 RedfishPkg: Update link to staging/RedfishClientPkg in Readme.md + e7663fdd82 UefiPayloadPkg: Remove SystemTableInfo GUID. + 91b772ab62 RedfishPkg: Add more information to Readme.md + c8594a5311 SecurityPkg/FvReportPei: Remove the ASSERT to allow neither M nor V + 939c2355da IntelFsp2Pkg SplitFspBin.py: Correct file name in file header + 6f9e83f757 NetworkPkg/HttpDxe: Enable wildcard host name matching for HTTP+TLS. + b258f12889 BaseTools/VrfCompile: Fix uninitialized field from unnamed field + 0f4cdad25b DynamicTablesPkg: Add missing BaseStackCheckLib instance + e13e53cb2f NetworkPkg/NetworkPkg.dsc: Add RngLib mapping for ARM and RISCV64 + c1f2287635 SecurityPkg/SecurityPkg.dsc: Add missing RngLib for ARM and RISCV64 + b0a03ca4a9 SignedCapsulePkg/SignedCapsulePkg.dsc: Add RngLib mapping + 15e635d1b5 UefiCpuPkg/MtrrLib/UnitTest: Fix 32-bit GCC build issues + 4050c873b5 MdeModulePkg/Variable/RuntimeDxeUnitTest: Fix 32-bit GCC builds + d79df34beb BaseTools: Fix StructurePcd offset error. + b5d4a35d90 MdeModulePkg/XhciSched: Fix missing DEBUG arguments + 48452993ad MdePkg/Include: Enhance DebugLib to support reproduce builds + 5948ec3647 MdePkg: Reproduce builds across source format changes + f331310a10 ArmPkg: Reproduce builds across source format changes + 77dcd03ecf MdeModulePkg: Reproduce builds across source format changes + 45137bca2f NetworkPkg: Reproduce builds across source format changes + d939a25d41 SecurityPkg: Reproduce builds across source format changes + fd42dcb1fc OvmfPkg: Reproduce builds across source format changes + 8c1b1fe634 ShellPkg: Add comment that ItemPtr is set after validation + d6e6337cd6 MdePkg: Fix ACPI memory aggregator/device type mismatch + c974257821 MdeModulePkg AtaAtapiPassThru: Always do S.M.A.R.T. check if device support + aab6bb3d32 MdeModulePkg/DxeCapsuleLibFmp: Capsule on Disk file name capsule + a7b35aae13 MdeModulePkg\UfsBlockIoPei: UFS MMIO address size support both 32/64 bits + f826b20811 UefiCpuPkg/UefiCpuLib: Add GetCpuFamilyModel and GetCpuSteppingId + 8c8867c5da MdeModulePkg/DxeCapsuleLibFmp: Use new Variable Lock interface + 22c3b5a865 BaseTools: Add authenticated variable store support + a92559671a OvmfPkg/Xen: Fix VS2019 build issues + 4c495e5e3d OvmfPkg/Bhyve/PlatformPei: Fix VS2019 X64 NOOPT build issue + 466ebdd2e0 MdeModulePkg/FPDT: Lock boot performance table address variable at EndOfDxe + 455b0347a7 UefiCpuPkg/PiSmmCpuDxeSmm: Use SMM Interrupt Shadow Stack + e1e7306b54 OvmfPkg/Library/ResetSystemLib: Fix Microvm VS2019 NOOPT build issue + 4c7ce0d285 MdeModulePkg AtaAtapiPassThru: Skip the potential NULL pointer access + bb1bba3d77 NetworkPkg: Fix invalid pointer for DNS response token on error + - Removed patches which are merged to mainline: + - ovmf-OvmfPkg-OvmfXen-set-PcdAcpiS3Enable-at-initializatio.patch to fix the + S3 detection in ovmf-xen + - cb0d24637d edk2-stable202111-rc1~220 + - ovmf-OvmfPkg-OvmfXen-add-QemuKernelLoaderFsDxe.patch to add QemuKernelLoaderFsDxe + to ovmf-xen to load kernel from qemu fw_cfg + - 9f3eda177a edk2-stable202111-rc1~216 + - ovmf-OvmfPkg-OvmfXen-Fix-build-with-QemuKernelLoaderFsDxe.patch + - 4473834e7d edk2-stable202111-rc1~203 + - The edk2-stable202111 includes the following patches for bsc#1192126 + to fix unlimited reset. (bsc#1192126) + 80e67af9af OvmfPkg: introduce a common work area + ab77b6031b OvmfPkg/ResetVector: update SEV support to use new work area format + b9af5037b2 OvmfPkg/ResetVector: move the GHCB page setup in AmdSev.asm + +------------------------------------------------------------------- +Wed Dec 8 11:26:32 UTC 2021 - jlee@suse.com + +- For preparing push to SLE15-SP4, add more notes: + - Drop upstreamed ovmf-jscSLE-16075-SEV-ES-fixes.patch from 15-SP4 + - All patches in the above big patch are in edk2-stable202011 + - Some changes in ovmf.spec file of 15-SP4: + - brotli-v1.0.7-17-g666c328-c.tar.xz and "add brotli" section + be removed because ovmf-disable-brotli.patch. + - Using %{_prefix} instead of /usr hard code. + - Redundant %defattr(-,root,root) are removed. + - BuildRoot be removed because factory doesn't have it. + - Sync some differences in the change log between 15-SP3 with openSUSE + TW since "Wed Jan 24 06:31:21 UTC 2018": + - Add TLS and IPv6 supports for ArmVirtQemu. + - ovmf-bsc1119454-additional-scsi-drivers.patch to support more + SCSI drivers (PvScsi, MptScsi, and LsiScsi) (bsc#1119454) + - already in edk2-stable202008 + - Drop the build requirement of python2 + +------------------------------------------------------------------- +Mon Dec 6 16:24:02 UTC 2021 - Guillaume GARDET + +- cross-i386-binutils and cross-i386-gcc have been dropped from + Factory, so use only cross-x86_64-* - boo#1193424 + +------------------------------------------------------------------- +Fri Dec 3 09:07:56 UTC 2021 - jlee@suse.com + +- Merge the difference from SLE for pushing back to SLE15-SP4 + - Add/Update 50-xen-hvm-x86_64.json in descriptors.tar.xz + - Add the json descriptor for xen-hvm (bsc#1180050) + - Add "nvram-template" and change the firmware file to + ovmf-x86_64-ms-4m.bin (bsc#1180050, bsc#1181264) + - The following patches in SLE are already in edk2-edk2-stable202108 + in factory, so they will be removed from 15-SP4 + - ovmf-bsc1177789-cryptopkg-fix-null-dereference.patch to fix + the potential NULL dereference in AuthenticodeVerify() + (bsc#1177789, CVE-2019-14584) + - 26442d11e620a9 edk2-stable202011~124 + - ovmf-bsc1180079-amd-sev-es-mitigation.patch to mitigate the + potential AMD SEV-ES security issues + (bsc#1180079) + - a91b700e385e74 edk2-stable202102~181 + - ovmf-jscSLE-16075-SEV-ES-use-physical-address.patch as the + follow-up patch for SEV-ES to fix the flash writing + (jsc#SLE-16075) + - 3a3501862f7309 edk2-stable202102~105 + - ovmf-bsc1183578-lzma-catch-4GB.patch to fix the possible + heap corruption + (bsc#1183578, CVE-2021-28211) + - e7bd0dd26db7e5 edk2-stable202011~7 + - ovmf-bsc1183579-fix-fv-recursion.patch to fix unlimited FV + recursion + (bsc#1183579, CVE-2021-28210) + - b9bdfc72853fe9 edk2-stable202011~9 + - Add ovmf-bsc1186151-fix-iscsi-overflows.patch to fix the possible + overflows in IScsiDxe + (bsc#1186151) + - 83761337ec91fb edk2-stable202108-rc0~171 + +------------------------------------------------------------------- +Mon Nov 8 10:09:06 UTC 2021 - Guillaume GARDET + +- Update rpmlintrc (fixes aarch64 build) + +------------------------------------------------------------------- +Tue Oct 26 07:38:52 UTC 2021 - jlee@suse.com + +- Removed patches which are merged to mainline: + ovmf-bsc1186151-fix-iscsi-overflows.patch + ovmf-xen-relocate-shared_info_page-map.patch +- Removed patches because replaced: + ovmf-fix-xen-s3-detection.patch -> ovmf-OvmfPkg-OvmfXen-set-PcdAcpiS3Enable-at-initializatio.patch + ovmf-xen-add-qemu-kernel-loader-fs.patch -> ovmf-OvmfPkg-OvmfXen-add-QemuKernelLoaderFsDxe.patch + +------------------------------------------------------------------- +Fri Oct 22 07:09:41 UTC 2021 - jlee@suse.com + +- Removed edk2-stable202105.tar.gz because we updated to edk2-stable202108 + +------------------------------------------------------------------- +Thu Oct 14 03:24:33 UTC 2021 - jlee@suse.com + +- Update to edk2-stable202108 + - Features (https://github.com/tianocore/edk2/releases): + OvmfPkg: remove Xen support from OvmfPkg*.dsc, in favor of OvmfXen.dsc + Add CLANGDWARF toolchain for generating ELF+DWARF + NetworkPkg/IScsiDxe: remotely exploitable buffer overflows + NetworkPkg/IScsiDxe: add sha256 support to CHAP + Create header files and multiple Hobs for Universal Payload + Add search feature in config editor + Add additional build option to treat Dynamic Pcd as DynamicEx Pcd + Add a new MicrocodeLib for microcode loading + Implement key enrolment from default key variables + StandaloneMm support for 32bit Arm machines + Add firmware support for Cloud Hypervisor on arm64 + Support architecture-specific openssl acceleration + Support measured AMD SEV boot with kernel/initrd/cmdline + Add ACPI 6.4 header + Add new BootDiscoveryPolicyUiLib + - Patches (git log --oneline --reverse edk2-stable202105~..edk2-stable202108): + e1999b264f ArmPkg/ArmGic: Fix maximum number of interrupts in GICv3 + b8ed8c0fb2 Maintainers.txt: add Sami Mujawar as top-level ArmVirtPkg reviewer + dbc22a1785 UefiCpuPkg/MpInitLib: Allocate a separate SEV-ES AP reset stack area + 0095070e70 MdePkg/Register/Amd: expand the SEV MSR to include the SNP definition + f828fc9876 MdePkg/Register/Amd: realign macros with more space for future expansion + 34e16ff883 MdePkg/Register/Amd: define GHCB macros for hypervisor feature detection + f0983b2074 MdePkg/Register/Amd: define GHCB macro for Register GPA structure + 4665fa6503 MdePkg/Register/Amd: define GHCB macro for the Page State Change + dfd41aef78 MdePkg/Register/Amd: define GHCB macros for SNP AP creation + 5a7cbd54a1 MdePkg/BaseLib: add support for PVALIDATE instruction + 2b5b2ff04d MdePkg/BaseLib: add support for RMPADJUST instruction + 901a9bfc3a OvmfPkg/BaseMemEncryptSevLib: introduce MemEncryptSevClearMmioPageEncMask() + c394fa4c9e OvmfPkg/AmdSevDxe: use MemEncryptSevClearMmioPageEncMask() to clear EncMask + 8ee4e52ba8 OvmfPkg/QemuFlashFvbServicesRuntimeDxe: use Mmio helper to clear enc mask + b4a8de5d27 OvmfPkg/TpmMmioSevDecryptPei: use MemEncryptSevClearMmioPageEncMask() + adfa3327d4 OvmfPkg/BaseMemEncryptSevLib: remove Flush parameter + fe5da0927a IntelFsp2WrapperPkg: Remove microcode related PCDs + d3ff5dbe1d MdePkg: MmControl: Fix function and structure definition mismatches + 197e27c90a MdePkg: Add new 16550-compatible Serial Port Subtypes to DBG2 + fdf3666f01 MdePkg: Update DBG2 and SPCR header with NVIDIA 16550 Subtype + b233eb1849 EmbeddedPkg/RealTimeClockRuntimeDxe: Improve GetWakeupTime + b5379899b3 MdeModulePkg/Xhci: Fix TRT when data length is 0 + 039e07f626 MdePkg/MdeModulePkg: Move AML_NAME_SEG_SIZE definition + 1f515342d8 DynamicTablesPkg: Use AML_NAME_SEG_SIZE define + 75e9154f81 OvmfPkg/VirtioMmioDeviceLib: Add EFIAPI to VirtioMmioSetQueueAddress + c410ad4da4 MdePkg/BaseLib: Fix AsmReadSs() with GCC toolchain + c1aa3bab12 BaseTools: Add ClangBase.lds for CLANG8 tool chain with max-page-size + c6b872c6ab BaseTools GenFw: Support CLANG8ELF with conversion ELF to PE/COFF image + cf9959adff BaseTools: Update build_rule to skip CLANG resource section generation + 4b56ad2049 BaseTools: Add new CLANG8ELF tool chain for new LLVM/CLANG8 + e1636fe18f BaseTools: Update ClangBase.lds to keep dynamic section + 924c2b847f BaseTools: Change CLANG8ELF to CLANGDWARF + e25566cd2b OvmfPkg: remove the Xen drivers from the IA32, IA32X64, and X64 platforms + aa7f19f480 OvmfPkg: remove the Xen drivers from the AmdSev platform + 7bc04a75a7 OvmfPkg: switch IA32, IA32X64, X64 to the fw_cfg-only ACPI platform driver + d697037446 OvmfPkg: switch the AmdSev platform to the fw_cfg-only ACPI platform driver + ae4aa4a346 OvmfPkg/README: bump minimum QEMU version to 1.7.1, machine types to 1.7 + 2a85d9b07e OvmfPkg/AcpiPlatformDxe: fix header file warts + 180f1908b3 OvmfPkg/AcpiPlatformDxe: sort #includes and [LibraryClasses] + 6d1e56e715 OvmfPkg/AcpiPlatformDxe/QemuLoader.h: remove QemuFwCfgLib class dependency + 747b1ef725 OvmfPkg/AcpiPlatformDxe: move "QemuLoader.h" to IndustryStandard + cc302b799e OvmfPkg/AcpiPlatformDxe: consolidate #includes and [LibraryClasses] + c9bba52fc7 OvmfPkg/XenAcpiPlatformDxe: create from AcpiPlatformDxe + a31fcb5096 OvmfPkg/AcpiPlatformDxe: remove the "AcpiPlatformDxe.inf" driver + 4115840c28 OvmfPkg/XenAcpiPlatformDxe: remove the QEMU ACPI linker/loader client + d6ba8aa6ef OvmfPkg/XenAcpiPlatformDxe: remove QEMU fw_cfg dependency + 3f975ee570 OvmfPkg/XenAcpiPlatformDxe: remove the InstallAcpiTable() helper function + 8f8d3d90c5 OvmfPkg/XenAcpiPlatformDxe: remove OVMF's built-in ACPI tables + 4174c5c787 OvmfPkg/Bhyve/AcpiPlatformDxe: fix file path typo in comment + d491c88a0c OvmfPkg/AcpiTables: remove unused module + e7641171b6 OvmfPkg/OvmfXen: make "PcdPciDisableBusEnumeration" Fixed-at-Build + 3357ac7380 OvmfPkg/XenAcpiPlatformDxe: remove delayed ACPI table installation + d06eb2d1d9 OvmfPkg/PlatformPei: remove Xen support + 8899e3fe6a OvmfPkg: drop PcdPciDisableBusEnumeration from the IA32, IA32X64, X64 DSCs + 2833589ad0 OvmfPkg: drop PcdPciDisableBusEnumeration from the AmdSev platform + e43cca74ad OvmfPkg/Bhyve: make "PcdPciDisableBusEnumeration" Fixed-at-Build + b005f9f1f5 OvmfPkg/OvmfXen: remove IncompatiblePciDeviceSupport DXE driver + 8c8f886f27 OvmfPkg/Bhyve: remove IncompatiblePciDeviceSupport DXE driver + 984c93ece3 OvmfPkg/IncompatiblePciDeviceSupportDxe: remove PcdPciDisableBusEnumeration + 32fef03563 OvmfPkg/PciHostBridgeLib: consolidate #includes and INF file sections + e120c962f5 OvmfPkg/PciHostBridgeLibScan: create from PciHostBridgeLib + c2f24ba321 OvmfPkg/Bhyve: consume PciHostBridgeLibScan + 307763c3da OvmfPkg/OvmfXen: consume PciHostBridgeLibScan + 242678da2a OvmfPkg/PciHostBridgeLib: remove Bhyve and Xen support + 33d4f3e39e OvmfPkg/PciHostBridgeLibScan: remove QEMU (fw_cfg) support + 4c81178cf0 OvmfPkg/PciHostBridgeLibScan: remove PcdOvmfHostBridgePciDevId + 8af38170b5 OvmfPkg/PciHostBridgeLibScan: clean up file names and file-top comments + 7e25086a00 OvmfPkg/SmbiosPlatformDxe: clean up #includes and INF + 5072593738 OvmfPkg/SmbiosPlatformDxe: return EFI_NOT_FOUND if there is no SMBIOS data + 4db374562f OvmfPkg/SmbiosPlatformDxe: locate SMBIOS protocol in InstallAllStructures() + a8ab14424e OvmfPkg/SmbiosPlatformDxe: split GetXenSmbiosTables() decl. to new header + 9d84e74ca0 OvmfPkg/SmbiosPlatformDxe: declare InstallAllStructures() in header file + d4a8aaee73 OvmfPkg/SmbiosPlatformDxe: create Xen-specific module INF file + ce270905bf OvmfPkg/SmbiosPlatformDxe: split Xen entry point from QEMU entry point + 51adb689e1 OvmfPkg: restrict XenPlatformLib to BdsDxe in the IA32, IA32X64, X64 DSCs + ddb3fdbef3 BaseTools GenFw: Fix regression issue to convert the image to ACPI data + 558d83ab1a OvmfPkg/README: Fix typo in README + beb443fde0 ShellPkg: Fix typo + 702ba436ed OvmfPkg/PlatformCI: bump QEMU choco package version to 2021.5.5 + 83761337ec NetworkPkg/IScsiDxe: wrap IScsiCHAP source files to 80 characters + 29cab43bb7 NetworkPkg/IScsiDxe: simplify "ISCSI_CHAP_AUTH_DATA.InChallenge" size + 95616b8661 NetworkPkg/IScsiDxe: clean up "ISCSI_CHAP_AUTH_DATA.OutChallengeLength" + e8f28b09e6 NetworkPkg/IScsiDxe: clean up library class dependencies + cf01b2dc8f NetworkPkg/IScsiDxe: fix potential integer overflow in IScsiBinToHex() + d90fff40cb NetworkPkg/IScsiDxe: assert that IScsiBinToHex() always succeeds + dc469f1371 NetworkPkg/IScsiDxe: reformat IScsiHexToBin() leading comment block + 47b76780b4 NetworkPkg/IScsiDxe: fix IScsiHexToBin() hex parsing + 54e90edaed NetworkPkg/IScsiDxe: fix IScsiHexToBin() buffer overflow + b8649cf2a3 NetworkPkg/IScsiDxe: check IScsiHexToBin() return values + 288bd74a22 Pytool: SpellCheck: Fix incorrect file mask across package matrices + 1ad794b627 MdeModulePkg: Fix device path when boot manager menu is from different FV + 11b1c1d4b9 SecurityPkg: TcgStorageOpalLib: Initialize SupportedAttributes parameter. + d58016b768 UefiPayloadPkg: Get platform specific logic via protocol for BDS + d8c18ba3f4 MdeModulePkg: Add Universal Payload general definition header file + b597b6e24c MdeModulePkg: Add new structure for the PCI Root Bridge Info Hob + 99de2e7e03 UefiPayloadPkg: UefiPayload retrieve PCI root bridge from Guid Hob + 9d53e01efe MdeModulePkg: Add new structure for the Universal Payload SMBios Table Hob + 70e8c9c3bc MdeModulePkg/Universal/SmbiosDxe: Scan for existing tables + 302a8f353c UefiPayloadPkg: Create gUniversalPayloadSmbiosTableGuid Hob + 75293330ea MdeModulePkg: Add new structure for the Universal Payload ACPI Table Hob + 761329ee27 MdeModulePkg/ACPI: Install ACPI table from HOB. + 8c0d678063 UefiPayloadPkg: Create gUniversalPayloadAcpiTableGuid Hob + fa24b6ed26 UefiPayloadPkg: Use DynamicEx instead of Dynamic to pass PCD across binary + c511426abe MdeModulePkg/UniversalPayload: Add definition for extra info in payload + fe471d4a57 UefiPayloadPkg: Add PayloadLoaderPeim which can load ELF payload + ab2b389e7a PeiCore: Remove assertion when failing to load PE image + 1b380aa603 BaseTools GenFw: Keep read only alloc section as text when convert ELF + 9cf9de668f StandaloneMmPkg: Core: Spelling error in comment + 610385fa3b ArmPlatformPkg: SpellCheck: Switch spellcheck CI to AuditOnly + 04ddd1271e ArmPkg: SpellCheck: Update valid acronyms in ExtendedWords + cdf7544703 MdeModulePkg PciBusDxe: Increase the width of data read during oprom shadow + 2847c72fda Maintainers.txt: Add Reviewers for Universal Payload definitions + 1162ae8297 Maintainers.txt: Add reviewers for ACPI and SMBIOS modules + a63914d3f6 ArmPkg: Move cache defs used in Universal/Smbios into ArmCache.h + 6cfeeb71c4 UefiCpuPkg/CpuCommonFeaturesLib: Correct the CPU location check + d9a7612f8d MdeModulePkg/BdsDxe: Update BdsEntry to use Variable Policy + 5959879e92 ArmVirtPkg: Add PCIe host bridge utility lib for ArmVirtPkg + 4dda0f7ab4 ArmVirtPkg: Enable PCIe support for Kvmtool + 1e5e58d39b UefiPayloadPkg/UefiPayloadEntry: Improve bootloader memrange parsing + 7471751a4d UefiPayloadPkg/UefiPayloadEntry: Remove 4GB memory WA + 20ca528828 CryptoPkg: BaseCryptLib: Update Salt length requirement for RSA-PSS scheme. + 18b2272e4d Azurepipeline: SpellCheck: Enforce Node dependency to use version 14.x + eba32695ee CryptoPkg/BaseCryptLib: Enabled CryptSha512 for Smm/Runtime drivers + 12e34cd2f7 OvmfPkg/Bhyve: clean up TPM_ENABLE remnants + 82f727c4af UefiPayloadPkg: Add HobLib for UniversalPayload + ea0bd5f6a7 MdeModulePkg: Add new structure for the Universal Payload Serial Port Info + a75c029f60 UefiPayloadPkg: Add a separate PlatformHookLib for Universal Payload + d63595c3c9 UefiPayloadPkg: Update the function definition of HobConstructor + 0ff6de9358 UefiPayloadPkg: Create separate Payload Entry for UniversalPayload + b208d37c73 UefiPayloadPkg: Get and enter DxeCore for Universal Payload + 27cb64fffc UefiPayloadPkg: Fix up UPL Pcd database + 6b69f73b59 UefiPayloadPkg: Include UniversalPayLoad modules in UefiPayloadPkg.dsc + 86e6948cfb UefiPayloadPkg: Remove assert when reserve MMIO/IO resource for devices + 2db0ed93ff UefiPayloadPkg: Add macro to enable and disable some drivers + 3eb72b308a UefiPayloadPkg: Add PcdInstallAcpiSdtProtocol feature in UefiPayloadPkg + caa139fe17 UefiPayloadPkg: Add PcdResetOnMemoryTypeInformationChange in UefiPayloadPkg + 8efd912baf UefiPayloadPkg: Add new structure for BootManagerMenuFile HOB + 19a541d70e UefiPayloadPkg: consume the BootManagerMenuFile HOB + 333a866106 BaseTools: Remove check for Split.exe in toolset.bat + f0a3f6d9c3 BaseTools: Fix spelling of "overwrite" and "overwriting" in toolset.bat + 17143c4837 BaseTools: Reset ERRORLEVEL in toolsetup.bat after edk2basetools check + abfff7c45d BaseTools GenFw: Add support for RISCV GOT/PLT relocations + 27b8a52957 MdePkg: MmConfiguration: Move definition of EFI_MM_RESERVED_MMRAM_REGION + d1fc3d7ef3 MdePkg: MmConfiguration: Added definition of MM Configuration PPI + 5a2e030f73 OvmfPkg/GenericQemuLoadImageLib: plug cmdline blob leak on success + 932449710c OvmfPkg/X86QemuLoadImageLib: plug cmdline blob leak on success + 24b0e9d128 Revert "OvmfPkg/QemuKernelLoaderFsDxe: don't expose kernel command line" + cf20302474 OvmfPkg/GenericQemuLoadImageLib: Read cmdline from QemuKernelLoaderFs + 9421f5ab8d OvmfPkg/X86QemuLoadImageLib: State fw_cfg dependency in file header + b37cfdd280 OvmfPkg/XenPlatformPei: Relocate shared_info page mapping + 55dee4947b MdePkg : Add IPMI Macro and Structure Defintions to resolve build errors + 580b11201e IntelFsp2Pkg: Add Config Editor tool support + 939ed3a592 UefiPayloadPkg/PayloadLoader: Fix bug in locating relocation section + 3cde0d553d UefiPayloadPkg/PayloadLoader: Remove assertion + 49eeda113a NetworkPkg/IScsiDxe: re-set session-level authentication state before login + 7eba9f698e NetworkPkg/IScsiDxe: add horizontal whitespace to IScsiCHAP files + 7b6c2b2a26 NetworkPkg/IScsiDxe: distinguish "maximum" and "selected" CHAP digest sizes + 903ce1d8f8 NetworkPkg/IScsiDxe: support multiple hash algorithms for CHAP + 47fea2abcb NetworkPkg/IScsiDxe: support SHA256 in CHAP + bb33c27fbe NetworkPkg: introduce the NETWORK_ISCSI_MD5_ENABLE feature test macro + 8697dc60cc Maintainers.txt: Update Maintainers and reviewers for UefiPayloadPkg + fea7901dba UefiPayloadPkg: Fix the build failure + 1e0c441c92 OvmfPkg/Bhyve: add USB support + 44ced03798 OvmfPkg/Bhyve: use static PCI32Base address + b3db0cb1f8 MdeModulePkg/PartitionDxe: Ignore PMBR BootIndicator per UEFI spec + 0a6b303dce UefiCpuPkg/ExceptionLib: Conditionally clear shadow stack token busy bit + d10e058016 MdeModulePkg/RegularExpressionDxe: Fix memory assert in FreePool() + 4c051c2c65 MdeModulePkg: Update YAML file to fix CI error + 31fcee6d99 ArmVirtPkg: Add PlatformHasAcpiDtDxe for Cloud Hypervisor + c28fc8ab3b ArmVirtPkg: Install Acpi tables for Cloud Hypervisor + 0e3b6bd0ee ArmVirtPkg: support Cloud Hypervisor in edk2 + b560e9d9b6 IntelFsp2Pkg: PatchFv parseInfFile function modification + f47c4676dd Pytool: SpellCheck: Defer path expansion in cspell parameters + cc89d245f9 Maintainers.txt: remove Laszlo Ersek's entries + 84af6ea320 BaseTools/Scripts: Ignore Mergify merge commits in PatchCheck.py + b491eace37 .mergify: Simplify Mergify rules using GitHub status checks + 5ef08a49e3 .azurepipelines: Remove FINISHED and FAILED states + ad1009ec62 MdePkg/Include: Add STATIC_ASSERT for L'' and L"" strings + 3de3c24755 BaseTools: Remove non-ascii character of StructurePcd comment + 40a9066439 BaseTools: Enable the flag to treat dynamic pcd as dynamicEx + 22fe311bd2 .pytool/EccCheck: Locate BaseTools dir with EDK_TOOLS_PATH + a050c599df .pytool/EccCheck: Rename edk2_path as workspace_path + 50672d2692 .pytool/EccCheck: Check ecc_csv exists + fb5b6220a9 .pytool/EccCheck: Set PACKAGES_PATH env var in Ecc + fda5226aa3 UefiPayloadPkg: Dump hob information from boot loader + 7d748705b1 MdeModulePkg: Change the PldHeader to Header in ExtraData.h + 9bf4aee734 UefiPayloadPkg: Assign the length of UniversalPayload ExtraData + d0b6596b8e MdeModulePkg/RamDiskDxe: Init list head before registering RamDisk protocol + 91f5d3b410 IntelFsp2Pkg: BaseCacheLib EfiProgramMtrr MtrrNumber Should be UINT32 + be282b1493 UefiPayloadPkg: Add PCD_DYNAMIC_AS_DYNAMICEX and set to True + cac83b6f3b IntelFsp2Pkg: Add search function for Config Editor + 4bac086e8e UefiPayloadPkg: Add FV Guid for DXEFV and PLDFV + fddb8d24ec ArmPlatformPkg/Scripts: Infer dll load address from console output + 885efcd3f9 MdePkg/Include: Smbios Specification 3.4.0 changes + 83b43c4cb1 MdeModulePkg PCD: Print which PCD was unable to be found + c32c5911c4 BaseTools GenFw: Add support for R_RISCV_PCREL_LO12_S relocation + 097aeeb119 MdePkg/BaseLib: Add MemoryFence implementation for RiscV64 + 391cffcb61 MdeModulePkg PiSmmCore: Change MemoryAttributes message to DEBUG_VERBOSE + 8781b143de BaseTools/Scripts: Fix GetMaintainer.py line endings + 28ef05ce10 BaseTools/Scripts: Allow GitHub ID at end Maintainers.txt lines + 2f5ad3f451 Maintainers.txt: Add GitHub IDs + 332632abf3 Maintainers.txt: Add Jiewen Yao as OvmfPkg Maintainer + 4d28a1c2fd BaseTools: Remove COMMON section from the GCC discard list + 878a92a887 CryptoPkg/OpensslLib: Add native instruction support for X64 + 147f34b56c CryptoPkg/OpensslLib: Commit the auto-generated assembly files for X64 + ac70e71b1f NetworkPkg: Making the HTTP IO timeout value programmable with PCD + ab796d3e2a NetworkPkg: Add HTTP Additional Event Notifications + b461d67639 OvmfPkg/ResetVector: move SEV specific code in a separate file + 7f05102f65 OvmfPkg/ResetVector: add the macro to invoke MSR protocol based VMGEXIT + dc485c556d OvmfPkg/ResetVector: add the macro to request guest termination + f05eb2dfe5 OvmfPkg/AmdSev/SecretDxe: fix header comment to generic naming + 35e267cb34 OvmfPkg/AmdSev: use GenericQemuLoadImageLib in AmdSev builds + a26a08dc1f OvmfPkg: PlatformBootManagerLibGrub: Allow executing kernel via fw_cfg + 0cb48007f7 OvmfPkg: add library class BlobVerifierLib with null implementation + c73e31f54d OvmfPkg: add BlobVerifierLibNull to DSC + 6bf5580a3d ArmVirtPkg: add BlobVerifierLibNull to DSC + d10ad8444f OvmfPkg/QemuKernelLoaderFsDxe: call VerifyBlob after fetch from fw_cfg + 5ace477f34 OvmfPkg/AmdSev/SecretPei: build hob for full page + 0deeab36d1 OvmfPkg/AmdSev: reserve MEMFD space for for firmware config hashes + 385b9d80a0 OvmfPkg/AmdSev: add BlobVerifierLibSevHashes + 514b3aa08e OvmfPkg/AmdSev: Enforce hash verification of kernel blobs + 8e6bb64fe4 EmbeddedPkg/VirtualRealTimeClockLib: Fix SetTime issues + 610bcc69ed ArmVirtPkg: Remove meaningless comment + 3445058aea MdeModulePkg/CapsuleApp: Fix typo in error message + 2e1fb41339 build: Fix python3.10 threading DeprecationWarnings + 0b1b0a9674 python: Replace distutils.utils.split_quotes with shlex.split + fc50df0d8e BaseTools: Drop check for distutils.utils + 03e77558d4 BaseTools: use shutil.copyfile instead shutil.copy2 + 2b47aaecef MdeModulePkg: Add BootDiscoveryPolicyUiLib. + bb806a6e88 SecurityPkg: Create SecureBootVariableLib. + 9732659698 SecurityPkg: Create library for enrolling Secure Boot variables. + 12a4d0cb9d ArmVirtPkg: add SecureBootVariableLib class resolution + 3d427c5f83 OvmfPkg: add SecureBootVariableLib class resolution + b926956418 EmulatorPkg: add SecureBootVariableLib class resolution + db959018b6 SecurityPkg: Remove duplicated functions from SecureBootConfigDxe. + a97e9e327e ArmPlatformPkg: Create include file for default key content. + 94e065582b SecurityPkg: Add SecureBootDefaultKeysDxe driver + 19107590b6 SecurityPkg: Add EnrollFromDefaultKeys application. + 45f3dd2ce9 SecurityPkg: Add new modules to Security package. + 55266a9b8a SecurityPkg: Add option to reset secure boot keys. + 6355287206 Maintainers.txt: Add new maintainer and reviewer to EmbeddedPkg/ + 9abc60f9f7 EmbeddedPkg/libfdt: Add strcmp and strncpy to libfdt_env.h + 0856cdc89e MdePkg: add definition of LINUX_EFI_INITRD_MEDIA_GUID + 97fdcbda4e OvmfPkg: Remove Initrd LINUX_EFI_INITRD_MEDIA_GUID + 4de77ae989 UefiCpuPkg/CpuCacheInfoLib: Sort CpuCacheInfo array + 3c6107758b SecurityPkg: Fix GetSupportedAndActivePcrs counter calculation + b40bdd6ecd UefiPayloadPkg: Add Fixed PCDs and use Macro to define the default value. + d497eace3b UefiPayloadPkg: define some PCD as DynamicEX PCD + ac6e5d6b41 UefiPayloadPkg: change the default value of some PCDs. + 672bd1c711 UefiPayloadPkg: Add a macro to enable or diable the serial driver. + d02dbb53cd UefiPayloadPkg: Fix the non-ascii character in UniversalPayloadEntry.c + a7ddc7847c RedfishPkg/JsonLib: Add more JsonLib functions + 5963ce5d28 MdePkg: Add ACPI 6.4 header file + 4d7137f261 MdePkg: Increment FADT version + d910e83299 MdePkg: Rename SBSA Generic Watchdog to Arm Generic Watchdog + ad3dea9861 MdePkg: Update PMTT to ACPI 6.4 + ced4cb7609 MdePkg: Add SPA Location Cookie field to SPA Range structure + c82d6dd4a3 MdePkg: Remove DPPT table + 357383bc4f MdePkg: Add flags and MinTransferSize to Generic Initiator + 7b17bcd9a0 MdePkg: Add 'Type 5' PCC structure + 0938f9235c MdePkg: Add Multiprocessor Wakeup structure + 75c4a8e10d MdePkg: Add the Platform Health Assessment Table (PHAT) + 1803757a9b MdePkg: Add Secure Access Components in the SDEV table + 605c4a1ff2 MdePkg: Add Cache ID to PPTT + 3d359ff905 MdePkg: Fix broken coding style in Acpi64.h + 7311e96417 RedfishPkg/RefishCrtLib: Public RefishCrtLib + 03e19e6bc8 ArmPkg/IndustryStandard: 32b/64b agnostic FF-A, Mm SVC and Std SMC IDs + aee0098faf ArmPkg: prepare 32bit ARM build of StandaloneMmPkg + ca1773878d GenFv: Arm: support images entered in Thumb mode + b7f0226a46 StandaloneMmPkg: fix pointer/int casts against 32bit architectures + a776bbabd9 StandaloneMmPkg: build for 32bit arm machines + ac826886c9 MdeModulePkg/UefiSortLib:Add UefiSortLib unit test + 6fdd1c13a7 MdeModulePkg PCD: Reinstall PCD service PPIS when memory available + ef56f55d19 EmbeddedPkg/NonCoherentDmaLib: Avoid dereferencing unset Map field + 8dd4fc5be6 UefiCpuPkg/CpuCacheInfoLib: Correct logical for identifying cache type + 7b4a99be8a CryptoPkg: BaseCryptLib fix incorrect param order + - Removed patches which are merged to mainline: + ovmf-bsc1186151-fix-iscsi-overflows.patch + ovmf-xen-relocate-shared_info_page-map.patch + - Updated patches + ovmf-fix-xen-s3-detection.patch -> ovmf-OvmfPkg-OvmfXen-set-PcdAcpiS3Enable-at-initializatio.patch + ovmf-xen-add-qemu-kernel-loader-fs.patch -> ovmf-OvmfPkg-OvmfXen-add-QemuKernelLoaderFsDxe.patch + - Added patches + ovmf-OvmfPkg-OvmfXen-Fix-build-with-QemuKernelLoaderFsDxe.patch + +------------------------------------------------------------------- +Fri Jul 9 05:48:26 UTC 2021 - Gary Ching-Pang Lin + +- Add ovmf-fix-xen-s3-detection.patch to fix the S3 detection in + ovmf-xen +- Add ovmf-xen-add-qemu-kernel-loader-fs.patch to add + QemuKernelLoaderFsDxe to ovmf-xen to load kernel from qemu fw_cfg + +------------------------------------------------------------------- +Fri Jul 2 01:27:35 UTC 2021 - Gary Ching-Pang Lin + +- Add ovmf-xen-relocate-shared_info_page-map.patch to fix the + save/restore/migrate in ovmf-xen + +------------------------------------------------------------------- +Wed Jun 9 01:47:49 UTC 2021 - Gary Ching-Pang Lin + +- Add ovmf-bsc1186151-fix-iscsi-overflows.patch to fix the possible + overflows in IScsiDxe (bsc#1186151) + +------------------------------------------------------------------- +Thu Jun 3 01:24:27 UTC 2021 - Gary Ching-Pang Lin + +- Correct the path to copy the Xen flavor + +------------------------------------------------------------------- +Mon May 31 09:44:17 UTC 2021 - Gary Ching-Pang Lin + +- Update to edk2-stable202105 + * MdeModulePkg/UfsPassThruDxe: Improve Device initialization + polling Loop + * MdePkg: MmUnblockMemoryLib: Added definition and null instance + * OvmfPkg: resolve MmUnblockMemoryLib (mainly for + VariableSmmRuntimeDxe) + * MdeModulePkg: VariableSmmRuntimeDxe: Added request unblock + memory interface + * SecurityPkg: Tcg2Smm: Switching from gSmst to gMmst + * SecurityPkg: Tcg2Smm: Separate Tcg2Smm into 2 modules + * SecurityPkg: Tcg2Smm: Added support for Standalone Mm + * SecurityPkg: Tcg2Acpi: Added unblock memory interface for NVS + region + * UefiCpuPkg/MpInitLib: Use NASM struc to avoid hardcode offset + * UefiCpuPkg/MpInitLib: Remove unused Lock from + MP_CPU_EXCHANGE_INFO + * UefiCpuPkg/SmmCpuFeaturesLib: Move multi-instance function decl + to header + * UefiCpuPkg/SmmCpuFeaturesLib: Rename SmmCpuFeaturesLib.c + * UefiCpuPkg/SmmCpuFeaturesLib: Cleanup library constructors + * UefiCpuPkg/SmmCpuFeaturesLib: Abstract PcdCpuMaxLogicalProcessorNumber + * UefiCpuPkg/SmmCpuFeaturesLib: Add Standalone MM support + * UefiCpuPkg/PiSmmCpu: Don't allocate Token for SmmStartupThisAp + * RedfishPkg/Library: RedfishLib + * OvmfPkg/CpuHotplugSmm: refactor hotplug logic + * OvmfPkg/CpuHotplugSmm: collect hot-unplug events + * OvmfPkg/CpuHotplugSmm: add Qemu Cpu Status helper + * OvmfPkg/CpuHotplugSmm: introduce UnplugCpus() + * OvmfPkg: define CPU_HOT_EJECT_DATA + * OvmfPkg/SmmCpuFeaturesLib: init CPU ejection state + * OvmfPkg/SmmCpuFeaturesLib: call CPU hot-eject handler + * OvmfPkg/CpuHotplugSmm: add EjectCpu() + * OvmfPkg/CpuHotplugSmm: do actual CPU hot-eject + * OvmfPkg/SmmControl2Dxe: negotiate CPU hot-unplug + * EmbeddedPkg/PrePiHobLib: replace duplicate GUID + * MdePkg/UefiLib: Correct the arguments passed to + IsLanguageSupported() + * UefiCpuPkg/CpuCacheInfoLib: Collect cache associative type + * UefiCpuPkg/MpInitLib: avoid printing debug messages in AP + * UefiCpuPkg/CpuDxe: Rename variables to follow EDKII coding + standard + * UefiCpuPkg/CpuDxe: Guarantee GDT is below 4GB + * BaseTools/Ecc: Make Ecc only check first include guard + * ShellPkg/SmbiosView: add more items for smbiosview -t 3 + * MdePkg: Support standalone MM Driver Unload capability + * OvmfPkg/X86QemuLoadImageLib: Handle allocation failure for + CommandLine + * ShellPkg/Pci: Add valid check for PCI extended config space + parser + * CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j + * OvmfPkg: strip build paths in release builds + * MdeModulePkg: Initialize local variable value before they are + used + * UefiCpuPkg/SmmCommunication: Remove out-dated comments + * MdePkg: use CpuPause() in CpuDeadLoop() + * MdePkg/Include: EFI Redfish Discover protocol + * ShellPkg/UefiHandleParsingLib: Support EFI Redfish protocols + * MdePkg/Include/Protocol: EFI_HII POPUP_PROTOCOL duplicate + declaration + * MdePkg/Include/Protocol: EFI_RESET_NOTIFICATION_PROTOCOL + duplicate + * CryptoPkg/Private/Protocol/Crypto.h: Remove duplicate function + type + * MdePkg/BaseLib: Add support for the XSETBV instruction + * MdeModulePkg/PiDxeS3BootScriptLib: Rename mAcpiS3Enable to + avoid dup symbol + * MdePkg/IoLib: Filter/trace port IO/MMIO access + * MdePkg/Baseib: Filter/trace MSR access for IA32/X64 + * UefiCpuPkg: Remove PEI/DXE instances of CpuTimerLib. + * UefiCpuPkg: Add MicrocodeLib for loading microcode + * OvmfPkg: Add MicrocodeLib in DSC files. + * UefiPayloadPkg/UefiPayloadPkg.dsc: Consume MicrocodeLib + * UefiCpuPkg/MpInitLib: Consume MicrocodeLib to remove duplicated + code + * UefiCpuPkg/PiSmmCpuDxeSmm: Support detect SMM shadow stack + overflow + * ShellPkg: Fix smbiosview system enclosure type table + * UefiCpuPkg/CpuTimerLib: Update LIBRARY_CLASS of Base instance. + * RedfishPkg/RedfishDiscoverDxe: EFI Redfish Discover Protocol + * RedfishPkg/RedfishConfigHandler: EDKII RedfishConfigHandler + Protocol + * UefiCpuPkg: PiSmmCpuDxeSmm: Check buffer size before accessing + * BaseTools/Conf: Fix MAKE_FLAGS typos in tools_def.template + * MdeModulePkg: Initialize temp variable in VarCheckPolicyLib + * SecurityPkg/Tcg2Smm: Initialize local Status variable + * DynamicTablesPkg: add validation for PcdNonBsaCompliant16550SerialHid + * OvmfPkg/XenResetVector: Silent a warning from nasm + * MdePkg: Allow PcdFSBClock to by Dynamic + * OvmfPkg/IndustryStandard/Xen: Apply EDK2 coding style to + XEN_VCPU_TIME_INFO + * OvmfPkg/IndustryStandard: Introduce PageTable.h + * OvmfPkg/XenPlatformPei: Map extra physical address + * OvmfPkg/XenPlatformPei: Calibrate APIC timer frequency + * OvmfPkg/OvmfXen: Set PcdFSBClock + * DynamicTablesPkg: Re-order GicItsIdentifierArray struct + * DynamicTablesPkg: Remove EArmObjExtendedInterruptInfo + * MdePkg: Fix AsmReadMsr64() and AsmWriteMsr64() with GCC + toolchain + * BaseTools/PlatformAutoGen: MAKE_FLAGS and MAKE_PATH fixes + * RedfishPkg/RestJsonStructureDxe: Fix typo in function header + * MdePkg/Include: Allow CPU specific defines to be predefined + * CryptoPkg/Library/Include: Allow CPU specific defines to be + predefined + * ArmPlatformPkg: Fix Ecc error 8001 + * ArmPlatformPkg: Fix Ecc error 9001 + * ArmPlatformPkg: Remove package dependency in + NorFlashStandaloneMm + * ArmPkg: Fix Ecc error 8001 in Chipset + * ArmPkg: Fix Ecc error 8001 in SemihostLib + * ArmPkg: Fix Ecc error 8001 in ArmArchTimerLib + * ArmPkg: Fix Ecc error 9005 in CpuDxe + * ArmPkg: Fix Ecc error 10006 in ArmPkg.dsc + * ArmPkg: Fix Ecc error 10016 in StandaloneMmMmuLib + * ArmPkg: Fix Ecc error 10014 in ArmScmiDxe + * ArmPkg: Fix Ecc error 10014 in GenericWatchdogDxe + * ArmPkg: Fix Ecc error 10014 in MmCommunicationDxe + * ArmPkg: Fix Ecc error 10014 in SemihostLib + * ArmPkg: Remove ArmGic/ArmGicSecLib.c + * ArmPkg: Fix Ecc error 5003 in ArmExceptionLib + * ArmPkg: Fix Ecc error 6001 in MmCommunicationDxe + * ArmPkg: Fix Ecc error 6001 in ArmSoftFloatLib + * ArmPkg: Rename include guard in ArmGicLib.h + * ArmPkg: Fix Ecc error 7008 for SCMI_CLOCK_RATE + * ArmPkg: Fix Ecc error 7008 for OPTEE_MESSAGE_PARAM + * ArmPkg: Fix Ecc error 8005/8007 in ArmDisassemblerLib + * ArmPkg: Fix Ecc error 8005 for SCMI_PROTOCOL_ID + * ArmPkg: Fix Ecc error 8005 for SCMI_MESSAGE_TYPE + * ArmPkg: Fix Ecc error 8005 for SCMI_STATUS + * ArmPkg: Fix Ecc error 8005 for SCMI_MESSAGE_ID + * ArmPkg: Fix Ecc error 8005 for SCMI_MESSAGE_ID_BASE + * ArmPkg: Fix Ecc error 8005 for SCMI_MESSAGE_ID_CLOCK + * ArmPkg: Fix Ecc error 8005 for SCMI_CLOCK_RATE_FORMAT + * ArmPkg: Fix Ecc error 8005 for SCMI_MESSAGE_ID_PERFORMANCE + * RedfishPkg: Add EDK2 Redfish Foundation diagrams + * SecurityPkg/FvReportPei: remove redundant sizeof + * ShellPkg: Rename Address Size to Access size + * DynamicTablesPkg: Add access size to CM_ARM_SERIAL_PORT_INFO + * DynamicTablesPkg: Set the Access size for the SPCR table + * DynamicTablesPkg: Set the Access size for the DBG2 table + * UefiCpuPkg: PiSmmCpuDxeSmm: Not to Change Bitwidth During + Static Paging + * MdePkg/Cpuid.h: Define new element in CPUID Leaf(07h) data + structure. + * SecurityPkg: Add constraints on PK strength + * ArmPkg: Allow platforms to supply more data for SMBIOS Type3 + record + * ArmPkg: Allow platforms to report their boot status via + OemMiscLib call + * ArmPkg: Fix calculation of offset of chassis SKU Number in + SmbiosMiscDxe + * ArmPkg: Fix typo of Manufacturer in comment in SmbiosMiscDxe + * ArmPkg: Fix Ecc error 8003 + * ArmPkg: Fix Ecc error 3002 in StandaloneMmMmuLib + * ArmPkg: Add missing library headers to ArmPkg.dec + * ArmPlatformPkg: Document libraries in ArmPlatformPkg.dec + * ArmPkg: Add OemMiscLibNull library to ArmPkg.dsc + * ArmPkg: Correct small typos + * ArmPlatformPkg: Add ArmPlatformPkg.ci.yaml + * OvfmPkg/VmgExitLib: Properly decode MMIO MOVZX and MOVSX + opcodes + * OvmfPkg/VmgExitLib: Add support for new MMIO MOV opcodes + * OvmfPkg: Define a new PPI GUID to signal TPM MMIO accessability + * OvmfPkg/TpmMmioSevDecryptPei: Mark TPM MMIO range as + unencrypted for SEV-ES + * OvmfPkg/Tcg2ConfigPei: Update Depex for IA32 and X64 + * ArmPkg: Update SCMI Base Protocol version to 0x20000 + * MdePkg/BaseRngLib: Add support for ARMv8.5 RNG instructions + * SecurityPkg: Add support for RngDxe on AARCH64 + * UefiCpuPkg/MpInitLib: Properly cast from PCD to SEV-ES jump + table pointer + * BaseTools: Add support for version 3 of FMP Image Header + structure + * CryptoPkg: BaseCryptLib: Add RSA PSS verify support + * ShellPkg/UefiShellCommandLib: suppress incorrect gcc warning + * OvmfPkg/VirtioFsDxe: suppress incorrect gcc warnings + * UefiCpuPkg/CpuExceptionHandler: Add missing comma to exception + name array + * UefiCpuPkg/PiSmmCpu: Remove hardcode 48 address size limitation + * MdeModulePkg: Retrieve boot manager menu from any fv + * ShellPkg/HttpDynamicCommand: Fix possible uninitialized use + * MdeModulePkg/PciBusDxe: Fix possible uninitialized use + * CryptoPkg/BaseCryptLib: Fix possible uninitialized use + * MdeModulePkg/PlatformDriOverrideDxe: Fix overflow condition + check + * MdeModulePkg/VariableLock: downgrade compatibility warnings to + DEBUG_WARN + * ArmPkg/ArmGic: Fix maximum number of interrupts in GICv3 +- Update openssl to 1.1.1j +- Drop upstreamed patch: ovmf-bsc1184801-fix-sev-with-tpm.patch +- Add the new Xen flavor for x86_64 + + Update 50-xen-hvm-x86_64.json to use ovmf-x86_64-xen-4m.bin as + the default firmware for Xen + +------------------------------------------------------------------- +Tue May 4 02:58:49 UTC 2021 - Gary Ching-Pang Lin + +- Update the descriptors to add "acpi-s4" tag to allow libvirt + enable hibernation (bsc#1182886#c31) + +------------------------------------------------------------------- +Mon May 3 02:08:51 UTC 2021 - Gary Ching-Pang Lin + +- Add ovmf-bsc1184801-fix-sev-with-tpm.patch to fix SEV-ES guest + crash with TPM (bsc#1184801) + +------------------------------------------------------------------- +Mon Apr 19 06:10:39 UTC 2021 - Gary Ching-Pang Lin + +- Build ovmf-x86_64-smm against Ia32X64 to enable S3 support + (bsc#1184938) +- Update ovmf-add-exclude-shell-flag.patch to include Ia32X64 + +------------------------------------------------------------------- +Tue Apr 6 07:04:42 UTC 2021 - Gary Ching-Pang Lin + +- Add ovmf-disable-brotli.patch to remove brotli since there is no + real user and it requires extra effort to maintain the brotli + submodule tarball + + Drop ovmf-bsc1183713-fix-gcc10-brotli-errors.patch and + brotli-v1.0.7-17-g666c328-c.tar.xz + +------------------------------------------------------------------- +Fri Mar 26 10:26:57 UTC 2021 - Gary Ching-Pang Lin + +- Add ovmf-bsc1183713-fix-gcc10-brotli-errors.patch to fix the + gcc10 error from brotli (bsc#1183713) + +------------------------------------------------------------------- +Thu Mar 11 02:07:17 UTC 2021 - Gary Ching-Pang Lin + +- Update to edk2-stable202102 + * ArmVirtPkg: support extra pci root bridges (pxb) + * SEV Encrypted Boot for Ovmf (remote attestation) + * virtio-fs driver for OvmfPkg and ArmVirtPkg + * Apply SEV-ES mitigations for encryption bit position and MMIO + * Add Core CI support for StandaloneMmPkg + * Update LZMA module to LZMA SDK latest version 19.00 + * Port open source JSON library (jansson) + * add file buffering to the UEFI shell's COMP command + * Shell: pathname / filename sorting + * Extend support of peripheral x64 MM_STANDALONE drivers + * BaseTools: Convert the Split tool from C language to Python + * ArmPkg: Add Universal/Smbios + * Move to Pip based Basetools python + * Add support for use of FF-A callsw +- Drop upstreamed patches: + + ovmf-jscSLE-16075-SEV-ES-use-physical-address.patch + + ovmf-bsc1180079-amd-sev-es-mitigation.patch + +------------------------------------------------------------------- +Thu Jan 28 07:56:37 UTC 2021 - Gary Ching-Pang Lin + +- Add ovmf-jscSLE-16075-SEV-ES-use-physical-address.patch as the + follow-up patch for SEV-ES to fix the flash writing + (jsc#SLE-16075) +- Update 50-xen-hvm-x86_64.json to add "nvram-template" and change + the firmware file to ovmf-x86_64-ms-4m.bin + (bsc#1180050, bsc#1181264) +- Refresh ovmf-bsc1180079-amd-sev-es-mitigation.patch + + Use "git format-patch --no-renames" to generate the patch to + avoid confusing quilt with the renamed files + +------------------------------------------------------------------- +Mon Jan 11 08:50:11 UTC 2021 - Gary Ching-Pang Lin + +- Add ovmf-bsc1180079-amd-sev-es-mitigation.patch to mitigate the + potential AMD SEV-ES security issues (bsc#1180079) +- Add the json descriptor for xen-hvm (bsc#1180050) + +------------------------------------------------------------------- +Fri Nov 27 09:24:04 UTC 2020 - Gary Ching-Pang Lin + +- Update to edk2-stable202011 + * MdeModulePkg/VariablePolicyLib: Fix runtime panic in + ValidateSetVariable() + * CryptoPkg: BaseCryptLib: Fix buffer double free in + CryptPkcs7VerifyEku + * Revert "SecurityPkg: Add RPMC Index to the RpmcLib" + * MdeModulePkg/LzmaCustomDecompressLib: catch 4GB+ uncompressed + buffer sizes (bsc#1183578, CVE-2021-28211) + * MdeModulePkg/Core/Dxe: limit FwVol encapsulation section + recursion (bsc#1183579, CVE-2021-28210) + * MdeModulePkg/Core/Dxe: assert SectionInstance invariant in + FindChildNode() (bsc#1183579, CVE-2021-28210) + * SecurityPkg: Add RPMC Index to the RpmcLib + * BaseTools: Resolve index out of range errors. + * UefiCpuPkg/PiSmmCpuDxeSmm: Reflect page table depth with page + table address + * UefiCpuPkg/PiSmmCpuDxeSmm: Correct the Cr3 typo + * CryptoPkg: Make the MD5 disable as default for security + * NetworkPkg/Defines: Make iSCSI disable as default + * OvmfPkg/OvmfXen.dsc: Enable MD5 while enable iSCSI + * OvmfPkg/OvmfPkgX64.dsc: Enable MD5 while enable iSCSI + * OvmfPkg/OvmfPkgIa32X64.dsc: Enable MD5 while enable iSCSI + * OvmfPkg/OvmfPkgIa32.dsc: Enable MD5 while enable iSCSI + * ArmVirtPkg/ArmVirtQemuKernel.dsc: Enable MD5 while enable iSCSI + * ArmVirtPkg/ArmVirtQemu.dsc: Enable MD5 while enable iSCSI + * NetworkPkg: Enable MD5 while enable iSCSI + * CryptoPkg/dsc: Enable MD5 when CRYPTO_SERVICES enable MD5 + * SecurityPkg/Hash2DxeCrypto: Remove SHA1 support + * SecurityPkg/Hash2DxeCrypto: Remove MD5 support + * MdeModulePkg: Drop VarLock from RuntimeDxe variable driver + * MdeModulePkg: Change TCG MOR variables to use VariablePolicy + * SecurityPkg: Allow VariablePolicy state to delete authenticated + variables + * MdeModulePkg: Allow VariablePolicy state to delete protected + variables + * MdeModulePkg: Connect VariablePolicy business logic to + VariableServices + * ArmVirtPkg: Add VariablePolicy engine to ArmVirtPkg platform + * OvmfPkg: Add VariablePolicy engine to OvmfPkg platform + * BaseTools: Fix BrotliCompress tool issue + * MdePkg/BaseRngLibDxe: Add DXE_RUNTIME_DRIVER class to RngLib + * MdeModulePkg DisplayEngineDxe: Correct the local variable name. + * MdeModulePkg/AtaAtapiPassThru: Trace ATA packets + * MdeModulePkg/AtaAtapiPassThru: Restart failed packets + * MdeModulePkg/AtaAtapiPassThru: Add SATA error recovery flow + * MdeModulePkg/AtaAtapiPassThru: Check IS to check for command + completion + * MdeModulePkg/DriverSampleDxe: Add HII sample options + * MdeModulePkg/Library: Revise HiiLib to check REST_STYLE + * BaseTools/VfrCompile: VFR compiler supports REST_STYLE in HII + option + * MdePkg: Add GUID for REST Style Formset + * UefiCpuPkg/MpInitLib: For SEV-ES guest, set stack based on + processor number + * UefiCpuPkg, OvmfPkg: Disable interrupts when using the GHCB + * OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Fix erase blocks for + SEV-ES + * OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Set the SwScratch valid + bit + * UefiCpuPkg/MpInitLib: Set the SW exit fields when performing + VMGEXIT + * OvmfPkg/VmgExitLib: Set the SwScratch valid bit for MMIO events + * OvmfPkg/VmgExitLib: Set the SwScratch valid bit for IOIO events + * OvmfPkg/VmgExitLib: Set the SW exit fields when performing + VMGEXIT + * OvmfPkg/VmgExitLib: Implement new VmgExitLib interfaces + * UefiCpuPkg/VmgExitLib: Add interfaces to set/read GHCB + ValidBitmap bits + * MdePkg: Clean up GHCB field offsets and save area + * BaseTools: Limit command line length. + * BaseTools: Update report map file format + * BaseTools: Add image type into generate map file + * BaseTools: Incremental build issue for included ASI file's + deletion. + * MdeModulePkg/Core/Dxe: log memory base and length, after lib + ctors again + * BaseTools: Fix BaseTools nmake cleanall hang issue + * ShellPkg:Fix bug in FileBuffer.c + * BaseTools: Enable Module Scope Structure Pcd + * MdeModulePkg/Gcd: Check memory allocation when initializing + memory + * BaseTools: Remove the dependency on the build intermediate file + * DynamicTablesPkg: Add SSDT CMN-600 Table generator + * MdePkg: Definitions for Extended Interrupt Flags + * BaseTools: Update the FV Space Information to display decimal + and Hex + * MdePkg/Include: Definitions of EFI REST JSON Structure Protocol + * MdeModulePkg/XhciDxe: Retry device slot init on failure + * MdeModulePkg/AcpiTableDxe: use pool allocation for RSDP if + possible + * MdeModulePkg/AcpiTableDxe: use pool allocation for RSDT/XSDT + if possible + * MdeModulePkg/AcpiTableDxe: use pool allocations when possible + * MdePkg: Fix SmBios.h PROCESSOR_CHARACTERISTIC_FLAGS to be + UINT16 + * MdePkg: Update SmBios.h to add SMBIOS 3.4.0 ARM64 SoC ID field + * ShellPkg: Add ARM64 SoC ID to Processor Characteristics in + smbiosview + * ShellPkg: Fix smbiosview string definition name for "boot from CD" + * ShellPkg: Fix a couple of typos in smbiosview + * MdeModulePkg/Core: Support standalone MM in FV2 protocol + GetNextFile(). + * MdePkg/SystemResourceTable.h: Add vendor range values + * MdePkg/Include: Fix wrong spelling in http11.h + * BaseTools/Ecc: Fix ECC check MetaFile Copyright information + issue + * MdeModulePkg/XhciDxe: Error handle for USB slot initialization + failure + * ArmPkg/ArmMmuLib: Explicitly cast function pointer argument + * ArmPkg/ArmMmuLib: Explicitly cast UINT32 data conversions + * DynamicTablesPkg: SsdtSerialPortFixupLib fix ECC errors + * DynamicTablesPkg: AmlEncoding change debug macro + * DynamicTablesPkg: AmlLib\AmlDbgPrint fix ECC error + * DynamicTablesPkg: AmlLib fix ECC errors + * DynamicTablesPkg: AcpiSratLibArm fix ECC error + * DynamicTablesPkg: SsdtSerialPortLibArm fix ECC error + * DynamicTablesPkg: Fix order of assert checks + * CryptoPkg/BaseCryptLib: fix NULL dereference (CVE-2019-14584) + (bsc#1177789) + * Revert "MdeModulePkg/PartitionDxe: Fix the incorrect LBA size + in child ..." + * UefiCpuPkg/MpInitLib: Reduce reset vector memory pressure + * SecurityPkg/Tcg2PhysicalPresenceLib: Fix incorrect TCG VER + comparision + * CryptoPkg: BaseCryptLib: Add unit tests (Host and Shell based) + * ArmVirtPkg: Add kvmtool to package dictionary + * ArmVirtPkg: Package dependency for MC146818 RTC + * ArmVirtPkg: Support for kvmtool virtual platform + * ArmVirtPkg: Add Kvmtool Platform Pei Lib + * ArmVirtPkg: 16550 UART Platform hook library + * ArmVirtPkg: GUID Hob for 16550 UART base address + * MdeModulePkg: Fix constructor invocation ordering + * ArmVirtPkg: Add Kvmtool NOR flash lib + * ArmVirtPkg: kvmtool platform memory map + * ArmVirtPkg: Add kvmtool platform driver + * ArmPlatformPkg: Dynamic flash variable base + * ArmVirtPkg: Add Kvmtool RTC Fdt Client Library + * PcAtChipsetPkg: Add MMIO Support to RTC driver + * MdePkg/Include: Add HTTP definitions + * BaseMemoryLibSse2: Take advantage of write combining buffers + * RedfishPkg/Include: PCD definitions of Host Interface EFI + device path + * MdePkg/Include: Definitions of EFI REST EX Protocol + * ShellPkg/SmbiosView: Add DDR5 support + * MdePkg/BaseLib: Fix invalid memory access in AArch64 + SetJump/LongJump + * BaseTools: Add EDKII_DSC_PLATFORM_GUID MACRO + * MdeModulePkg: Remove code wrapped by + DISABLE_NEW_DEPRECATED_INTERFACES + * MdePkg: Remove code wrapped by + DISABLE_NEW_DEPRECATED_INTERFACES + * BaseTools Build_Rule: Add the missing ASM16_FLAGS for ASM16 + source file + * BaseTools: Move C tool flags before the common flags + * BaseTools: Copy PACKED definition from MdePkg Base.h + * MdeModulePkg/Core/Dxe: expose SP and CRYPTO capabilities in + UEFI memmap + * MdePkg/UefiSpec: separate page access bitmask from SP and + CRYPTO caps + * MdePkg: SMBIOS 3.4.0 Update "adding DDR5 definitions". + * NetworkPkg: Fix possible infinite loop in HTTP msg body + parser + * NetworkPkg/HttpDxe: TlsChildHandle is not cleared when reset + * NetworkPkg: Add RngLib entry to .dsc file. + * MdeModulePkg/HiiDatabase: Do not modify CONST string + * OvmfPkg: enable HttpDynamicCommand + * ArmVirtPkg: enable HttpDynamiCommand + * ShellPkg/DynamicCommand: add HttpDynamicCommand + * CryptoPkg/BaseCryptLib: add crypto algorithms needed by + variable protection + * BaseTools: Add RISCV64 binding + * MdeModulePkg/XhciDxe: Fix Broken Timeouts + * BaseTools: Set section alignment as zero if its type is Auto + * BaseTools: Remove CanSkip calling for incremental build + * BaseTools: Normalize case of pathname when evaluating Macros. + * BaseTools: Clean the ffs folder before generating files in it + * BaseTools: Add included files to deps_target file. + * OvmfPkg/README: HTTPS Boot: describe host-side TLS cipher + suites forwarding + * MdeModulePkg/NonDiscoverablePciDeviceDxe: Add NULL pointer + check + * CryptoPkg: OpensslLib: Use RngLib to generate entropy in + rand_pool + * ArmVirtPkg: Add RngLib based on TimerLib for CryptoPkg + * OvmfPkg: Add RngLib based on TimerLib for Crypto + * MdePkg: BaseRngLibDxe: Add RngLib that uses RngDxe + * MdePkg: TimerRngLib: Added RngLib that uses TimerLib + * MdePkg: Correct EFI_BLOCK_IO_PROTOCOL_REVISION3 value + * OvmfPkg: drop redundant VendorID check in VirtioMmioDeviceLib + * MdePkg: PciExpressLib support variable size MMCONF + * UefiPayloadPkg: Store the size of the MMCONF window + * SecurityPkg/PeiTpmMeasurementLib: remove + gEfiTpmDeviceSelectedGuid + * BaseTools: update IASL extdep to more modern version + * UefiCpuPkg/RegisterCpuFeaturesLib: Support MpServices2 only + case. + * BaseTools: Sort the Pcd set when generating the VPD binary + * SecurityPkg/DxeImageVerificationLib: Disable SHA1 base on MACRO +- Refresh ovmf-add-exclude-shell-flag.patch +- Drop upstreamed ovmf-jscSLE-16075-SEV-ES-fixes.patch + +------------------------------------------------------------------- +Thu Nov 26 09:50:12 UTC 2020 - Gary Ching-Pang Lin + +- Cosmetic changes in the spec file suggested by spec-cleaner + +------------------------------------------------------------------- +Tue Nov 17 08:13:51 UTC 2020 - Gary Ching-Pang Lin + +- Add ovmf-jscSLE-16075-SEV-ES-fixes.patch to merge upstream SEV-ES + fixes (jsc#SLE-16075) + +------------------------------------------------------------------- +Thu Nov 5 07:56:36 UTC 2020 - Gary Ching-Pang Lin + +- Update the json descriptors to address all x86_64 firmware files + (jsc#SLE-15915) +- Remove the executable bit from brotli source code files + +------------------------------------------------------------------- +Fri Oct 30 02:15:13 UTC 2020 - Gary Ching-Pang Lin + +- Add _constraints to request at least 6GB disk (bsc#1178244) +- Remove the build files after finishing the build to reduce the + disk usage (bsc#1178244) + +------------------------------------------------------------------- +Mon Sep 7 03:55:46 UTC 2020 - Gary Ching-Pang Lin + +- Update to edk2-stable202008 + + MdeModulePkg/Library: add PEIM and SEC module type to + TpmMeasurementLibNull + + SecurityPkg/DxeImageVerificationLib: catch alignment overflow + (CVE-2019-14562) (bsc#1175476) + + OvmfPkg/CpuHotplugSmm: fix CPU hotplug race before and after + SMI broadcast + + SecurityPkg/Tcg2: handle PRE HASH and LOG ONLY + + MdePkg/Include: Add missing definition of SMBIOS type 42h in + SmBios.h + + MdePkg: UefiFileHandleLib: fix buffer overrun in + FileHandleReadLine() + + OvmfPkg: Add SEV-ES support + + MdeModulePkg/PartitionDxe: Fix the incorrect LBA size in child + hander + + MdeModulePkg/PartitionDxe: Revert changes for the special MBR + + MdeModulePkg/PartitionDxe: Put the UDF check ahead of MBR + + ShellPkg: smbiosview - Change some type 17 field values format + + CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1g + + MdeModulePkg: Upon BootOption failure, Destroy RamDisk memory + before RSC. + + OvmfPkg/LsiScsiDxe: Add support for LSI 53C895A + + MdeModulePkg/DisplayEngine: Add Debug message to show mismatch + menu info + + Add New Memory Attributes + + MdeModulePkg/PartitionDxe: Add already start check for child + hanldes + + MdeModulePkg/PartitionDxe: Skip the MBR that add for CD-ROM + + MdeModulePkg/PartitionDxe: Correct the MBR last block value + + MdeModulePkg/Variable/RuntimeDxe: Fix return status from + Reclaim() + + SecurityPkg/Tcg2Pei: Add missing PCRIndex in FvBlob event. + + SecurityPkg/Tcg2Dxe: Add PcdTcgPfpMeasurementRevision in + SpecId event. + + CryptoPkg/BaseCryptLib: Add MARCO to disable the deprecated + SHA1 and MD5 + + ArmVirtPkg/NorFlashQemuLib: disable NOR flash DT nodes upon + discovery + + UefiCpuPkg/SecCore: Add pre-memory AP vector + + OvmfPkg: End timer interrupt later to avoid stack overflow + under load + + ArmPkg/PlatformBootManagerLib: regenerate boot options on + boot failure + + MdeModulePkg/StatusCodeHandler: do not output \n\r for string + data + + Revert "OvmfPkg: use generic QEMU image loader for secure boot + enabled ..." + + ArmVirtPkg/PrePi: use standard PeCoff routines for + self-relocation + + ArmVirtPkg: add FDF rule for self-relocating PrePi + + ArmPkg/ArmExceptionLib: use static buffer for sp_el0 + + MdeModulePkg/SetupBrowserDxe: Do not reconnect driver with + form-update + + OvmfPkg/X86QemuLoadImageLib: handle EFI_ACCESS_DENIED from + LoadImage() + + OvmfPkg/Tcg2ConfigPei: generalize TPM2-only file-top comments + + ArmPkg: only attempt buildin MmCommunicationDxe for AArch64 + + ArmPkg/PlatformBootManagerLib: don't connect all devices on + each boot + + ArmPkg/PlatformBootManagerLib: hide UEFI Shell as a regular + boot option + + MdeModulePkg/BootManagerUiLib: show inactive boot options + + ArmPkg/PlatformBootManagerLib: fall back to the UiApp on + boot failure + + ArmPkg/PlatformBootManagerLib: register 's' as UEFI Shell + hotkey + + ArmPkg/PlatformBootManagerLib: connect non-discoverable USB + hosts + + ArmPkg/ArmSvcLib: prevent speculative execution beyond svc + + ArmPkg/PlatformBootManagerLib: reject 'default' parity and + stop bit count + + ArmPkg/PlatformBootManagerLib: use static assertion for + console type +- Update openssl to 1.1.1g +- Drop openssl-fix-syntax-error.patch + + The new openssl already includes the fix. +- Refresh ovmf-pie.patch and ovmf-disable-ia32-firmware-piepic.patch + +------------------------------------------------------------------- +Wed Jul 22 16:01:04 UTC 2020 - Kai Liu + +- Fixed TPM support. TPM2_ENABLE & TPM2_CONFIG_ENABLE build flags + were changed to TPM_* since upstream commit 07952a962a40. + +------------------------------------------------------------------- +Tue Jun 9 08:06:06 UTC 2020 - Gary Ching-Pang Lin + +- Use the reduced source tarballs since ovmf only needs a portion + of the code. + + brotli-v1.0.7-17-g666c328.tar.xz -> + brotli-v1.0.7-17-g666c328-c.tar.xz + - We only need the "c" directory, not the whole tarball. + + oniguruma-v6.9.4_mark1.tar.xz -> + oniguruma-v6.9.4_mark1-src.tar.xz + - We only need the "src" directory, not the whole tarball. + +------------------------------------------------------------------- +Fri Jun 5 06:33:21 UTC 2020 - Gary Ching-Pang Lin + +- Update to edk2-stable202005 + + RegularExpressionDxe: Use submodule way to access third party + Oniguruma + + BrotliCustomDecompressLib: Use submodule way to access third + party brotli + + BaseTools: Use submodule way to access third party brotli + + RISC-V architecture on EDK2 + + Disabling safe string constraint assertions + + ArmVirtPkg Implement support for TPM2 measured boot + + OVMF Implement support for Linux v5.7+ initrd and mixed mode + loading + + OVMF Use loadimage/startimage for loading the kernel passed + via the QEMU command line + + OVMF Support booting from Fusion-MPT SCSI controllers + + OVMF Support booting from VMware PVSCSI controllers + + OVMF RFE: VCPU hotplug with SMM + + OVMF PEI phase variable driver / MemoryTypeInfo tracking + + ArmVirtPkg, OvmfPkg: Pass parameter from QEMU to control PXE + IPv4/v6 boot + + Remove deprecate APIs in BaseCryptLib + + Add UEFI 2.8/2.8a definition in MdePkg + + Add PI1.7/PI1.7a definition into MdePkg + + BaseCryptoLib MD4, ARC4, TDES, AES ECB MODE, HMAC MD5, HMAC + SHA1 API have been deprecated. + + SecurityPkg Tcg2PhysicalPresenceLib library class removes two + macros TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT and + TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT. +- Add 2 tarballs from the submodules of edk2: + + brotli-v1.0.7-17-g666c328.tar.xz + + oniguruma-v6.9.4_mark1.tar.xz +- Refresh patches: + + ovmf-add-exclude-shell-flag.patch + + ovmf-gdb-symbols.patch +- Drop upstream patch: ovmf-bsc1163927-fix-ping-and-ip6dxe.patch +- Drop ovmf-bsc1171643-workaround-outline-atomics.patch since + upstream fixed it in another way. + +------------------------------------------------------------------- +Thu May 21 03:36:17 UTC 2020 - Gary Ching-Pang Lin + +- Add ovmf-bsc1171643-workaround-outline-atomics.patch to disable + gcc10 outline-atomics in AArch64 (bsc#1171643) + +------------------------------------------------------------------- +Mon Apr 20 06:11:25 UTC 2020 - Gary Ching-Pang Lin + +- Build all non-native firmware files on x86_64 and aarch64 with + cross-compilers (bsc#1159134) + + Exclude i586 and armv7hl due to the availability of + cross-compilers + + Move some bash functions to ovmf-build-funcs.sh +- Clean up PKG_TO_REMOVE + + Only EmulatorPkg still exists. + +------------------------------------------------------------------- +Mon Apr 6 03:37:22 UTC 2020 - Gary Ching-Pang Lin + +- Add ovmf-bsc1163927-fix-ping-and-ip6dxe.patch to fix crash and + hang in ShellPkg and Ip6Dxe (bsc#1163927, CVE-2019-14559) + +------------------------------------------------------------------- +Fri Mar 6 03:11:48 UTC 2020 - Gary Ching-Pang Lin + +- Update to edk2-stable202002 + + UefiCpuPkg/MpInitLib: Skip reading PlatformId on AMD processors. + + BaseTools: Remove invalid leading space before !INCLUDE in Makefile + + OvmfPkg/QemuVideoDxe: unbreak "secondary-vga" and "bochs-display" support + + NetworkPkg/ArpDxe: Recycle invalid ARP packets (CVE-2019-14559) + + ShellPkg: acpiview: Prevent infinite loop if structure length is 0 + + CryptoPkg/BaseHashApiLib: Change PcdHashApiLibPolicy type to FixedAtBuild + + CryptoPkg/BaseHashApiLib: Align BaseHashApiLib with TPM 2.0 Implementation + + MdeModulePkg: Make retval in UninstallMultipleProtocol follow Spec + + SecurityPkg/DxeImageVerificationLib: change IsCertHashFoundInDatabase + name (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: Differentiate error/search + result (2) (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: plug Data leak in + IsForbiddenByDbx() (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: tighten default result + (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: Differentiate error/search + result (1) (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: refactor db/dbx fetching + code (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: avoid bypass in fetching + dbx (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: fix wrong fetch dbx in + IsAllowedByDb (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: reject + CertStack.CertNumber==0 per DBX (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: Fix memory leaks + (CVE-2019-14575) + + NetworkPkg/Ip4Dxe: Check the received package length + (CVE-2019-14559). + + ShellPkg: acpiview: Validate ACPI table 'Length' field + + ShellPkg: acpiview: Remove duplicate ACPI structure size definitions + + UefiCpuPkg RegisterCpuFeaturesLib: Match data type and format specifier + + MdeModulePkg/SdMmcPciHcDxe: Fix double PciIo Unmap in TRB creation + (CVE-2019-14587) + + MdeModulePkg/DisplayEngine: Zero memory before free (CVE-2019-14558) + + MdeModulePkg/String.c: Zero memory before free (CVE-2019-14558) + + MdeModulePkg/HiiDB: Remove configuration table when it's freed + (CVE-2019-14586) + + MdePkg: Remove FIT table industry standard header file. + + UefiCpuPkg: Remove FIT based microcode shadow logic from MpInitLib. + + UefiCpuPkg/CpuFeature: Introduce First to indicate 1st unit. + + UefiCpuPkg/RegisterCpuFeaturesLib: Rename [Before|After]FeatureBitMask + + UefiCpuPkg/RegisterCpuFeaturesLib: Delete CPU_FEATURE_[BEFORE|AFTER] + + MdePkg: Add PCCT table signature definition + + BaseTools: Fixed build failure when using python38 + + BaseTools:fix Ecc tool issue for check StructPcd + + BaseTools: Remove caret in NASM_INC macro + + BaseTools: Rationalise makefile generation + + MdePkg: Add PCI Express 5.0 Header File + + MdePkg: Disable EBC for unit tests in MdePkg.dsc + + MdePkg/SmBios.h: Add two additional DWORD for smbios 3.3.0 type17 + + UefiCpuPkg/MpInitLib: Not pass microcode info between archs in CPU_MP_DATA + + Revert UefiCpuPkg/MpInitLib: Relocate microcode patch fields in CPU_MP_DATA + + ShellPkg: acpiview: Validate global pointers before use + + ShellPkg: acpiview: Validate System Locality count + + ShellPkg: acpiview: Set ItemPtr to NULL for unprocessed table fields + + ShellPkg: Document UpdateArgcArgv returns EFI_INVALID_PARAMETER + + ShellPkg: Document ParseCommandLineToArgs returns EFI_INVALID_PARAMETER + + ShellPkg/UefiShellAcpiViewCommandLib: Fix FADT Parser + + SecurityPkg: Fix incorrect return value when File is NULL + + BaseTools: Fixed a Incremental build issue + + CryptoPkg/CryptoPkg.dsc: Add build of Crypto libraries/modules + + CryptoPkg/Library: Add BaseCryptLibOnProtocolPpi instances + + CryptoPkg/Driver: Add Crypto PEIM, DXE, and SMM modules + + CryptoPkg: Add EDK II Crypto Protocols/PPIs/PCDs + + CryptoPkg/BaseCryptLib: Add X509ConstructCertificateStackV(). + + MdeModulePkg/PiDxeS3BootScriptLib: Fix potential numeric truncation + (CVE-2019-14563) + + MdeModulePkg/Capsule: Remove RT restriction in UpdateCapsule service. + + SecurityPkg/TcgPhysicalPresenceLib: Replace the ASSERT with error code + + BaseTools/PcdValueCommon: Fix 64-bit host compiler error + + BaseTools/Build: Do not use Common.lib in Structured PCD app + + MdeModulePkg/BaseSerialPortLib16550: Fix Serial Port Ready + + BaseTools: Script for converting .aml to .hex + + MdeModulePkg: Perform test only if not ignore memory test + + UefiCpuPkg/MpInitLib: Always get CPUID & PlatformID in MicrocodeDetect() + + OvmfPkg/PlatformPei: detect SMRAM at default SMBASE (for real) + + OvmfPkg: introduce PcdCsmEnable feature flag + + OvmfPkg/SmmAccess: close and lock SMRAM at default SMBASE + + OvmfPkg/SEV: don't manage the lifecycle of the SMRAM at the default SMBASE + + OvmfPkg/PlatformPei: reserve the SMRAM at the default SMBASE, if it exists + + OvmfPkg/PlatformPei: assert there's no permanent PEI RAM at default SMBASE + + OvmfPkg/PlatformPei: detect SMRAM at default SMBASE (skeleton) + + OvmfPkg/PlatformPei: factor out Q35BoardVerification() + + OvmfPkg/IndustryStandard: add MCH_DEFAULT_SMBASE* register macros + + OvmfPkg/IndustryStandard: increase vertical whitespace in Q35 macro defs + + OvmfPkg: introduce PcdQ35SmramAtDefaultSmbase + + CryptoPkg/BaseCryptLibNull: Add missing HkdfSha256ExtractAndExpand() + + BaseTools/DscBuildData: Fix PCD autogen include file conflict + + CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API + + CryptoPkg: Add CryptoPkg Token Space GUID + + BaseTools/Conf/gitattributes: fix "--function-context" for C source code + + SecurityPkg/DxeImageVerificationHandler: fix "defer" vs. "deny" policies + + SecurityPkg/DxeImageVerificationHandler: fix imgexec info on memalloc fail + + SecurityPkg/DxeImageVerificationHandler: fix retval for (FileBuffer==NULL) + + SecurityPkg/DxeImageVerificationHandler: eliminate "Status" variable + + SecurityPkg/DxeImageVerificationHandler: unnest AddImageExeInfo() call + + SecurityPkg/DxeImageVerificationHandler: remove superfluous Status setting + + SecurityPkg/DxeImageVerificationHandler: fix retval on memalloc failure + + SecurityPkg/DxeImageVerificationHandler: narrow down PE/COFF hash status + + SecurityPkg/DxeImageVerificationHandler: keep PE/COFF info status internal + + SecurityPkg/DxeImageVerificationHandler: remove "else" after return/break + + SecurityPkg/DxeImageVerificationHandler: simplify "VerifyStatus" + + OvmfPkg/PlatformPei: rewrite MaxCpuCountInitialization() for CPU hotplug + + OvmfPkg/IndustryStandard: define macros for QEMU's CPU hotplug registers + + OvmfPkg/OvmfXen.dsc: remove PcdCpu* dynamic defaults + + CryptoPkg/BaseCryptLib: remove HmacXxxGetContextSize interface + + CryptoPkg/BaseCryptLib: replace HmacXxxInit API with HmacXxxSetKey + + BaseTools: Fixed a incremental build bug + + UefiCpuPkg/MpInitLib: Fix possible uninitialized 'InitFlag' field + + FmdDevicePkg/FmpDxe: Support Fmp Capsule Dependency. + + MdeModulePkg/CapsuleApp: Enhance CapsuleApp for Fmp Capsule Dependency + + MdePkg: Add definition for Fmp Capsule Dependency. + + MdeModulePkg/SdMmcPciHcDxe: Add retries for async commands + + MdeModulePkg/SdMmcPciHcDxe: Add retries for sync commands + + MdeModulePkg/SdMmcPciHcDxe: Refactor command error detection + + MdeModulePkg/SdMmcPciHcDxe: Fix DAT lane SW reset + + UefiCpuPkg/PiSmmCpuDxeSmm: fix 2M->4K page splitting regression for PDEs + + MdeModulePkg/Variable: Fix VarErrorFlag RT cache offset calculation + + MdePkg Base.h: Use correct style to check the defined macro + + ShellPkg: acpiview: Update SRAT parser to ACPI 6.3 + + BaseTools/Capsule: Add capsule dependency support + + MdeModulePkg/Setup: Update opcode number variable type to UINTN + + ArmPlatformPkg/PrePeiCore: enable VFP at startup + + ArmPkg/ArmSmcPsciResetSystemLib: remove EnterS3WithImmediateWake () + + NetworkPkg/HttpDxe: fix 32-bit truncation in HTTPS download + + MdeModulePkg/UefiBootManagerLib: log reserved mem allocation failure + + BaseTools/Scripts/PatchCheck: Address false error conditions + + BaseTools:Fix GenFds issue for BuildOption replace GenFdsOption + + BaseTools:Change the case rules for ECC check pointer names + + MdeModulePkg/SdMmcPciHcDxe: Fix unknown doxygen tag error + + ArmVirtPkg: remove EnterS3WithImmediateWake () from ResetSystemLib + + OvmfPkg: remove EnterS3WithImmediateWake () from ResetSystemLib + + UefiPayloadPkg: remove EnterS3WithImmediateWake () from ResetSystemLib + + PcAtChipsetPkg: remove EnterS3WithImmediateWake () from ResetSystemLib + + MdeModulePkg: remove EnterS3WithImmediateWake () from ResetSystemLib + + UefiCpuPkg: Shadow microcode patch according to FIT microcode entry. + + MdePkg: Add header file for Firmware Interface Table specification. + + UefiCpuPkg/CpuCommonFeaturesLib: SMXE bit of CR4 should set + + MdePkg BaseLib.h: Update IA32_CR4 strut to include all public fields + + MdePkg: Do not use CreateEventEx unless required + + UefiCpuPkg/PiSmmCpuDxeSmm: Add missed comments for parameter. + + OvmfPkg: use HII type PCDs for TPM2 config related variables + + OvmfPkg: reorganize TPM2 support in DSC/FDF files + + BaseTools/PatchCheck.py: Ignore CR and LF characters in subject length + + MdeModulePkg: Add EDK2 Platform Boot Manager Protocol + + CryptoPkg: Support for SHA384 & SHA512 RSA signing schemes + + UefiCpuPkg: Always load microcode patch on AP processor. + + UefiCpuPkg: Remove alignment check when calculate microcode size. + + Revert "UefiCpuPkg/PiSmmCpuDxeSmm: Fix buffer overflow issue." + + MdeModulePkg/UsbMouseAbsolutePointer: Fix endpoint selection + + MdeModulePkg/Usb/UsbMouse: Fix endpoint selection + + MdeModulePkg/Usb/EfiKey: Fix endpoint selection + + SecurityPkg/Tcg2Pei: Add TCG PFP 105 support. + + MdeModulePkg/Smbios: Add TCG PFP rev 105 support. + + MdeModulePkg/dec: add PcdTcgPfpMeasurementRevision PCD + + MdeModulePkg/Smbios: Done measure Smbios multiple times. + + SecurityPkg/Tcg2Dxe: Add Tcg2Dxe to support 800-155 event. + + SecurityPkg/Guid: Add TCG 800-155 event GUID definition. + + MdeModulePkg/SdMmcPciHcDxe: Add function to start SD clock + + MdeModulePkg/SdMmcPciHcDxe: Hook SwitchClockFreq after SD clock start + + UefiCpuPkg/PiSmmCpuDxeSmm: Pre-allocate PROCEDURE_TOKEN buffer + + UefiPayloadPkg/BootManager: Add PS2 keyboard support + + UefiCpuPkg/MpInitLib: Remove redundant microcode fields in CPU_MP_DATA + + UefiCpuPkg/MpInitLib: Relocate microcode patch fields in CPU_MP_DATA + + UefiCpuPkg/MpInitLib: Produce EDKII microcode patch HOB + + UefiCpuPkg: Add definitions for EDKII microcode patch HOB + + UefiCpuPkg/MpInitLib: Reduce the size when loading microcode patches + + UefiCpuPkg/MpInitLib: Collect processors' CPUID & Platform ID info + + BaseTools/Scripts: Add sendemail.transferEncoding to SetupGit.py + + UefiCpuPkg/PiSmmCpuDxeSmm: Fix buffer overflow issue. + + UefiCpuPkg/PiSmmCpuDxeSmm: Remove dependence between APs + + edksetup.bat stuck on unicode locale Windows + + MdePkg/Tcg: Add new definition in TCG PFP spec. + + MdePkg: Use __builtin_offset with CLANGPDB toolchain + + MdePkg PciExpress21: PCI_REG_PCIE_DEVICE_CONTROL2 struct has 17 bits + + ShellPkg/ShellProtocol: Return error code while fail parsing cmd-line + + MdePkg/Spdm: fix Nonce structure error. + + BaseTools: Resolve a issue of Incremental build + + Maintainers.txt: Update email address and role + + BaseTools:replaces the two offending quotes by ascii quotes + + BaseTools: Fix build failure when multiple build targets given + + MdePkg/Include: Add DCC and BCM2835 SPCR UART types + + ArmPkg/MmCommunicationDxe: relay architected PI events to MM context + + SecurityPkg/Tcg2Smm: Measure the table before patch. + + BaseTools: Remove redundant binary cache file + + BaseTools: Leverage compiler output to optimize binary cache + + BaseTools: enhance the CacheCopyFile method arg names + + BaseTools: store more complete output files in binary cache + + BaseTools: Enhance Basetool for incremental build + + BaseTools: Update build_rule.txt to generate dependent files. + + BaseTools: Generate dependent files for ASL and ASM files + + BaseTools: Add build option for dependency file generation + + UefiCpuPkg/PiSmmCpuDxeSmm: Avoid allocate Token every time + + BaseTools: Avoid "is" with a literal Python 3.8 warnings + + ArmPkg: Dispatch deferred images after EndOfDxe + + ShellPkg/UefiHandleParsingLib: Fix error allocate pool + + ShellPkg/edit: typo "%d Lines Wrote" + + ShellPkg: acpiview: IORT Spec Rev D updates + + ShellPkg: acpiview: Add support for parsing FACS + + MdeModulePkg: Add ARM/Aarch64 support which were missing + + MdeModulePkg: LzmaCustomDecompressLib.inf don't support EBC anymore + + BaseTools:Enhance the way to handling included dsc file + + UefiCpuPkg/UefiCpuPkg.uni: Add missing strings for PCD + + NetworkPkg/NetworkPkg.uni: Add missing strings for PCD + + MdeModulePkg/MdeModulePkg.uni: Add missing strings for PCD + + NetworkPkg: Fixes to static code analysis hits + + CryptoPkg/OpensslLib.inf: list OpenSSL local header "ms/uplink.h" + + CryptoPkg/OpensslLib: improve INF file consistency + + MdeModulePkg/VariableSmmRuntimeDxe.inf: list local header "Variable.h" +- Drop upstreamed fixes + + ovmf-bsc1163927-fix-ip4dxe-and-arpdxe.patch + + ovmf-bsc1163959-PiDxeS3BootScriptLib-fix-numeric-truncation.patch + + ovmf-bsc1163969-fix-DxeImageVerificationHandler.patch +- Refresh ovmf-gdb-symbols.patch + +------------------------------------------------------------------- +Mon Feb 24 04:00:24 UTC 2020 - Gary Ching-Pang Lin + +- Add ovmf-bsc1163969-fix-DxeImageVerificationHandler.patch to fix + dbx signature check (bsc#1163969, CVE-2019-14575) + + Also change the order of several patches to distinguish the + openssl patch +- Add ovmf-bsc1163927-fix-ip4dxe-and-arpdxe.patch to fix memory + leakage in Ip4Dxe and ArpDxe (bsc#1163927, CVE-2019-14559) + +------------------------------------------------------------------- +Tue Feb 18 09:24:30 UTC 2020 - Gary Ching-Pang Lin + +- Add ovmf-bsc1163959-PiDxeS3BootScriptLib-fix-numeric-truncation.patch + to fix the numeric truncation to avoid the potential memory + corruption (bsc#1163959, CVE-2019-14563) + +------------------------------------------------------------------- +Mon Feb 3 02:14:23 UTC 2020 - Gary Ching-Pang Lin + +- Build the unified firmware with preloaded keys for backward + compatibility (bsc#1159793) + +------------------------------------------------------------------- +Fri Dec 20 09:11:37 UTC 2019 - Dirk Mueller + +- only build -aarch32 Cortex-A15 EFI on armv7hl + +------------------------------------------------------------------- +Tue Dec 3 02:35:19 UTC 2019 - Gary Ching-Pang Lin + +- Update to edk2-stable201911 + + SecurityPkg: Fix TPM2 ACPI measurement + + MdeModulePkg: Enable variable runtime cache by default + + OvmfPkg: Disable variable runtime cache + + MdeModulePkg/Variable: Add RT GetVariable() cache support + + CryptoPkg: Upgrade OpenSSL to 1.1.1d + + MdePkg-UefiSpec.h: Add UEFI 2.8 new memory attributes + + MdePkg/UefiFileHandleLib: Fix potential NULL dereference + + NetworkPkg/HttpDxe: Set the HostName for the verification + (CVE-2019-14553) + + NetworkPkg/TlsDxe: Add the support of host validation to TlsDxe + driver (CVE-2019-14553) + + CryptoPkg/TlsLib: TlsSetVerifyHost: parse IP address literals + as such (CVE-2019-14553) + + CryptoPkg/TlsLib: Add the new API "TlsSetVerifyHost" + (CVE-2019-14553) + + MdePkg/Include/Protocol/Tls.h: Add the data type of + EfiTlsVerifyHost (CVE-2019-14553) + + MdeModulePkg/BdsDxe: Fix PlatformRecovery issue + + NetworkPkg/SnpDxe: Add PCD to remove ExitBootServices event + from SNP driver + + MdeModulePkg: Update to support SmBios 3.3.0 + + UefiCpuPkg/MpInitLib: honor the platform's boot CPU count in AP + detection + + SecurityPkg/Tcg2: Add Support Laml, Lasa for TPM2 ACPI + + OvmfPkg/PlatformDxe: fix EFI_HII_HANDLE parameters of internal + functions + + OvmfPkg/VirtioNetDxe: fix SignalEvent() call + + OvmfPkg/XenBusDxe: fix UninstallMultipleProtocolInterfaces() + call + + NetworkPkg/Ip4Dxe: fix NetLibDestroyServiceChild() call + + MdeModulePkg/ScsiDiskDxe: Support Storage Security Command + Protocol + + MdePkg: Implement SCSI commands for Security Protocol In/Out + + MdeModulePkg/TerminalDxe: Enhance the arrow keys support + + MdeModulePkg/UefiBootManager: Unload image on + EFI_SECURITY_VIOLATION + + MdeModulePkg/DxeCapsuleLibFmp: Unload image on + EFI_SECURITY_VIOLATION + + MdeModulePkg: Extend the support keyboard type of Terminal + console + + UefiCpuPkg/CpuExceptionHandlerLib: Fix split lock + + UefiCpuPkg: Fix potential spinLock issue in SmmStartupThisAp + + UefiCpuPkg/PiSmmCpu: Enable 5L paging only when phy addr line + > 48 + + OvmfPkg/EnrollDefaultKeys: clean up Base64Decode() retval + handling + + ArmVirtPkg/PlatformBootManagerLib: unload image on + EFI_SECURITY_VIOLATION + + ShellPkg/ShellPkg.dsc AARCH64: enable stack protector + + ArmVirtPkg/ArmVirtPrePiUniCoreRelocatable: revert to PIE + linking + + BaseTools/GenFw AARCH64: fix up GOT based relative relocations + + ShellPkg/Pci.c: Update supported link speed to PCI5.0 + + PcAtChipsetPkg: add PcdRealTimeClockUpdateTimeout + + UefiCpuPkg: Add PcdCpuSmmRestrictedMemoryAccess + + ShellPkg/CommandLib: avoid NULL derefence and memory leak + + MdePkg/DxeHstiLib: Added checks to improve error handling + + BaseTools: Support more file types in build cache + + UefiCpuPkg/SecCore: get AllSecPpiList after SecPlatformMain +- Update openssl to 1.1.1d + + Add openssl-fix-syntax-error.patch to fix a syntax error +- Drop ovmf-bsc1153072-fix-invalid-https-cert.patch + + Already upstreamed + +------------------------------------------------------------------- +Fri Nov 8 04:09:48 UTC 2019 - Gary Ching-Pang Lin + +- Use the same x86 4MB firmware names as the ones in the previous + version (< stable201905) for backward compatibility + +------------------------------------------------------------------- +Wed Nov 6 06:28:25 UTC 2019 - Gary Ching-Pang Lin + +- Disable TLS for IA32(i586) to avoid exceeding the size limitation + while using the tool chain from SLE15-SP2/openSUSE Leap 15.2 + +------------------------------------------------------------------- +Mon Nov 4 06:44:03 UTC 2019 - Gary Ching-Pang Lin + +- Add ovmf-bsc1153072-fix-invalid-https-cert.patch to reject the + invalid server certificates for HTTPS Boot + (bsc#1153072, CVE-2019-14553) + +------------------------------------------------------------------- +Thu Oct 17 06:25:01 UTC 2019 - Gary Ching-Pang Lin + +- Add the firmware descriptors for QEMU +- Tweak the install commands + +------------------------------------------------------------------- +Tue Sep 3 02:08:57 UTC 2019 - Gary Ching-Pang Lin + +- Update to edk2-stable201908 + + OvmfPkg: Introduce platform OvmfXen + + OvmfPkg/ResetSystemLib: Add missing dependency on PciLib + + MdeModulePkg DxeCore: Fix for missing Memory Attributes Table + (MAT) update + + BaseTools: Fixed issue of incorrect Module Unique Name + + CryptoPkg/OpensslLib: Add missing header files in INF file + + SecurityPkg/SecurityPkg.uni: Add missing strings for new PCDs + + MdeModulePkg/DxeIplPeim: Initialize pointer PageMapLevel5Entry + + MdeModulePkg/MdeModulePkg.dec: Remove gEfiDpcProtocolGuid + + Readme.md: add submodule policy and clone commands + + MdeModulePkg/DxeIplPeim: Relocate operation of + PageMapLevel5Entry++ + + MdeModulePkg: Add missing header files in INF files + + MdePkg: Add MmAccess and MmControl definition. + + CryptoPkg/BaseCryptLib: Wrap OpenSSL HKDF algorithm + + MdeModulePkg/DxeIpl: Create 5-level page table for long mode + + MdeModulePkg/DxeIpl: Introduce PCD PcdUse5LevelPageTable + + UefiCpuPkg/CpuDxe: Support parsing 5-level page table + + UefiCpuPkg/MpInitLib: Enable 5-level paging for AP when BSP's + enabled + + OvmfPkg/PlatformPei: Change referenced MSR name. + + UefiCpuPkg/PiSmmCpuDxeSmm: Add check for pointer Pml5Entry + + SecurityPkg/SecurityPkg.dec: Remove trailing white space + + MdeModulePkg/PiSmmCore: Use unique structure signatures + + UefiCpuPkg/MpInitLib: don't shadow the microcode patch twice. + + ShellPkg: improve acpiview + + MdePkg: Add PI 1.5 SmramMemoryReserve HOB file + + MdePkg/PciExpress21.h: Fix the PCI industry standard register + defines + + CryptoPkg/BaseCryptLib: Use cmp-operator for non-Boolean + comparisons + + ArmPkg: DebugPeCoffExtraActionLib: fix trivial comment typos + + ArmPkg: DebugPeCoffExtraActionLib: debugger commands are not + errors + + UefiCpuPkg/RegisterCpuFeaturesLib: Start all processors + simultaneously. + + UefiCpuPkg: Add new EDKII_PEI_MP_SERVICES2_PPI + + list module-internal header files in INF [Sources] + + SecurityPkg: introduce the SM3 digest algorithm + + BaseTools: Fix python3.8 SyntaxWarning + + BaseTools: Add HOST_APPLICATION module type. + + UefiCpuPkg/PiSmmCpu: Enable 5 level paging when CPU supports + + MdePkg/BaseLib.h: Update IA32_CR4 structure for 5-level paging + + UefiCpuPkg RegisterCpuFeaturesLib: Fix an ASSERTION issue + + ArmPlatformPkg: Actually disable PL031 interrupts + + UefiCpuPkg/PiSmmCpu: Change variable names and comments to follow + SDM + + OvmfPkg: use DxeTpmMeasurementLib if and only if TPM2_ENABLE + + ArmPlatformPkg: Fix various typos + + ArmPkg: Fix various typos + + Remove IntelFrameworkPkg + + Remove IntelFrameworkModulePkg + + MdeModulePkg/BdsDxe: Use a pcd to control PlatformRecovery + + MdeModulePkg: Add a pcd to set the OS indications bit + + SecurityPkg: Remove DxeDeferImageLoadLib in DSC + + BaseTools:Linux changes the way the latest version is judged + + Fix indentation in edksetup.sh SetupPython3 + + MdeModulePkg/SdMmcHcDxe: Implement revision 3 of + SdMmcOverrideProtocol + + MdeModulePkg/SdMmcOverride: Add GetOperatingParam notify phase + + MdeModulePkg/UfsPassThruDxe: Fix unaligned data transfer + handling + + ArmVirtPkg: handle NETWORK_TLS_ENABLE in ArmVirtQemu* + + UefiCpuPkg/MpInitLib: MicrocodeDetect: Ensure checked range is + valid + + MdeModulePkg/UfsPassThruDxe: Refactor UFS device presence + detection + + PcAtChipsetPkg: Remove framework modules + + SecurityPkg: add FvReportPei.inf in dsc for build validation + + SecurityPkg/FvReportPei: implement a common FV verifier and + reporter + + SecurityPkg: add definitions for OBB verification + + OvmfPkg: don't assign PCI BARs above 4GiB when CSM enabled + + OvmfPkg: Don't build in QemuVideoDxe when we have CSM + + OvmfPkg/LegacyBbs: Add boot entries for VirtIO and NVME + devices + + OvmfPkg/LegacyBios: set NumberBbsEntries to the size of + BbsTable + + SecurityPkg: Add missing instances for build only + + BaseTools: Move Build Cache related function out of + CreateAsBuiltInf + + BaseTools: refine CreateAsBuiltInf function + + BaseTools:Add DetectNotUsedItem.py to Edk2\BaseTools\Scripts + + BaseTools:Add import in FvImageSection + + MdeModulePkg/PeiMain: PeiAllocatePool: output NULL if HOB + creation fails + + MdePkg: Add Generic Initiator Affinity Structure definitions + to SRAT + + BaseTools:Introduce CopyFileOnChange() function to copy cache + files + + MdeModulePkg: Add missing instances for build only + + SourceLevelDebugPkg: Add missing instances for build only + + CryptoPkg: Add missing instance for build only + + MdeModulePkg: Introduce EDKII_SERIAL_PORT_LIB_VENDOR_GUID + + MdeModulePkg/GraphicsConsoleDxe: Initialize the output mode + + MdeModulePkg/ConSplitterDxe: Optimize the + ConSplitterTextOutSetMode + + BaseTools: add script to configure local git options + + BaseTools: add centralized location for git config files + + OvmfPkg/QemuVideoDxe: Shouldn't assume system in VGA alias + mode. +- Refresh ovmf-gdb-symbols.patch +- Enable NETWORK_TLS_ENABLE for AArch64 + +------------------------------------------------------------------- +Fri Jul 5 07:15:55 UTC 2019 - Gary Ching-Pang Lin + +- Reset BootOrder after enrolling the default keys (boo#1140195) + +------------------------------------------------------------------- +Mon Jun 17 03:32:51 UTC 2019 - Gary Ching-Pang Lin + +- Update to edk2-stable201905 + + Update OpenSSL version to upcoming 1.1.1 + + Delete EdkCompatibilityPkg from edk2/master + + Remove .S assembly code for IA32 and X64 arch + + Replace BSD 2-Clause License with BSD + Patent Licence + + Recovery PEI BlockIO support for ATA device + + Add PCD to Enabled/Disabled IPv4/IPv6 PXE Support in NetworkPkg + + Remove NetworkPkg/IpSecDxe + + Add api to DebubLib to expose a print routine with VaList + parameter + + Introduce DebugPpi to save the image size with the debug + message + + ResetSystemLib Adds a new API ResetSystem + + ResetUtilityLib Add a new API ResetSystemWithSubtype + + Add support for get organization name to x509 in BaseCryptLib + + Add support for checking x509 EKUs in BaseCryptLib + + Add support for PKCS 1v2 RSAES-OAEP PKI encryption in + BaseCryptLib + + Remove ShellBinPkg from edk2/master + + Enable multiple thread /MP option for MSVC compiler + + Upstream the EnrollDefaultKeys application to OvmfPkg + + Share code for BaseUefiDecompressLib in MdePkg and MdeModulePkg + + Move network related components from MdeModulePkg to NetworkPkg + + Move BeagleBoardPkg and Omap35xxPkg from edk2 to edk2-platforms + repo + + Move MinnowMax and Quark platform to edk2-platforms repo + + Move OptionRomPkg into new Drivers directory edk2-platforms + repo + + Add ACPI6.3 definition + + Remove Nt32Pkg from edk2/master + + update ArmSoftFloatLib to latest upstream version (= 3e) +- Update openssl to 1.1.1b + + Add berkeley-softfloat-3-b64af41c3276f.tar.xz since arm7 needs + the softfloat implementation for openssl 1.1.1b +- Build the varstore templates with EnrollDefaultKeys.efi + + Create the iso files for key enrollment + - Add gen-key-enrollment-iso.sh to generate the iso file + + Drop the non-upstream ovmf-embed-default-keys.patch + - Also drop owner-guid-zero.h + + Drop the MS keys and dbx since they are already in + EnrollDefaultKeys.efi: MicCorKEKCA2011_2011-06-24.crt, + MicCorUEFCA2011_2011-06-27.crt, MicWinProPCA2011_2011-10-19.crt, + and dbxupdate.zip + - Also drop the related script strip_authinfo.pl + + Add ovmf-set-fixed-enroll-time.patch to set the fixed enrolling + time to make the varstore template reproducible + + Require qemu 3.0.0 for fw_cfg +- Update the build flags for network functions + + For x86_64, only enable TLS for the 4MB image since the code + size exceeds the boundary of 2MB image +- Refresh patches: + + ovmf-add-exclude-shell-flag.patch + + ovmf-disable-ia32-firmware-piepic.patch + + ovmf-pie.patch +- Drop the requirement of xxd +- Update README +- Update the License tag to BSD-2-Clause-Patent + +------------------------------------------------------------------- +Mon May 6 09:46:22 UTC 2019 - Guillaume GARDET + +- Build SecureBoot firmwares for aarch64 + +------------------------------------------------------------------- +Wed Mar 20 08:31:11 UTC 2019 - Guillaume GARDET + +- Enable debug for aarch32 +- Add aavmf-aarch32-code.bin and aavmf-aarch32-vars.bin files + +------------------------------------------------------------------- +Tue Mar 12 03:18:33 UTC 2019 - Gary Ching-Pang Lin + +- Update to 2019+git1552059899.89910a39dcfd (edk2-stable201903) + + MdeModulePkg/HiiImage: Fix stack overflow when corrupted BMP + is parsed (bsc#1128503, CVE-2018-12181) + + MdeModulePkg/HiiDatabase: Fix potential integer overflow + (bsc#1128503, CVE-2018-12181) + + UefiCpuPkg/Microcode.c: Add verification before calculate + CheckSum32 + + UefiCpuPkg/Microcode: Fix InComplete CheckSum32 issue + + UefiCpuPkg: restore strict page attributes via #DB in nonstop + mode only + + IntelFrameworkModulePkg/FwVolDxe: Ensure FfsFileHeader 8 bytes + aligned (bsc#1127822, CVE-2018-3630) + + MdeModulePkg/DxeCore: Ensure FfsFileHeader 8 bytes aligned + (bsc#1127822, CVE-2018-3630) + + MdeModulePkg/PeiCore: Ensure FfsFileHeader 8 bytes aligned + (bsc#1127822, CVE-2018-3630) + + NetworkPkg: Add WiFi Connection Manager to NetworkPkg + + UefiCpuPkg/PiSmmCpu: Add Shadow Stack Support for X86 SMM + + MdePkg/BaseLib: Add Shadow Stack Support for X86 + + NetworkPkg/DnsDxe: Check the received packet size before + parsing the message (bsc#1127821, CVE-2018-12178) + + MdeModulePkg/RamDiskDxe: Restrict on RAM disk size + (bsc#1127820, CVE-2018-12180) + + MdeModulePkg/PartitionDxe: Ensure blocksize holds MBR + (bsc#1127820, CVE-2018-12180) + + ArmVirtPkg/PlatformBootManagerLib: display boot option + loading/starting + + ArmVirtPkg/ArmVirtQemu*: enable minimal Status Code Routing + in DXE + + OvmfPkg/PlatformBootManagerLib: display boot option + loading/starting + + OvmfPkg: add library to track boot option loading/starting on + the console + + MdeModulePkg/UefiBootManagerLib: fix LoadImage/StartImage + status code rep + + MdeModulePkg/AhciPei: Add AHCI mode ATA device support in PEI + + MdeModulePkg: Add definitions for EDKII PEI ATA PassThru PPI + + MdeModulePkg: Add definitions for ATA AHCI host controller PPI + + MdePkg/UefiDevicePathLib: Add sanity check for FilePath device + path + + UefiCpuPkg/Microcode: Fix incorrect checksum issue for + extended table + + SecurityPkg/TcgConfigDxe: Allow enabling TPM 1.2 device from + disabled state + + UefiCpuPkg/SecCore: Wrong Debug Information for SecCore + + Various bug fixes in BaseTools + + DynamicTablesPkg: Dynamic Tables Framework + + MdeModulePkg: Remove EmuVariableRuntimeDxe + + UefiCpuPkg/MtrrLib: Fix a bug that may wrongly set memory <1MB + to UC + + MdeModulePkg/BmBoot: Report status when fail to load/start + boot option + + MdeModulePkg/ReportStatusCodeLib: Avoid using AllocatePool if + possible + + NetworkPkg/Ip6Dxe: Clean the invalid IPv6 configuration during + driver start + +------------------------------------------------------------------- +Thu Feb 21 09:55:47 UTC 2019 - Gary Ching-Pang Lin + +- Add TPM2_CONFIG_ENABLE build flag to enable TPM2 config menu + +------------------------------------------------------------------- +Mon Feb 18 09:00:09 UTC 2019 - Gary Ching-Pang Lin + +- Update to 2019+git1550452308.c417c1b33d06 + + BaseTools: Fixed an issue about StructurePcd + + UefiCpuPkg/SecCore: Support EFI_PEI_CORE_FV_LOCATION_PPI + + OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu + + FatPkg/FatPei/Gpt.c: Fix uninitialized variable issue + + Make BaseTools compatible with python3 + + CryptoPkg/BaseCryptLib: split CryptPkcs7Verify.c on behalf + of runtime + + MdeModulePkg/UefiBootManagerLib: Match the nested partitions + + ArmPkg/ArmMmuLib AARCH64: get rid of needless TLB invalidation + + Upgrade UEFI supporting TCG spec info + + MdeModulePkg Variable: Add emulated variable NV mode support + + Code clean-up in the network packages + + OvmfPkg: add MmServicesTableLib resolution + + ArmPkg/ArmMmuLib AARCH64: fix out of bounds access + + BaseTools/VfrCompile: report error for Integer overflow + + OvmfPkg: require GCC48 or later + + MdePkg/BaseLib: Introduce new SpeculationBarrier API + + Remove the obsolete network packages in MdeModulePkg + + Upgrade OpenSSL to 1.1.0j + + MdePkg/Base: introduce MAX_ALLOC_ADDRESS + + MdeModulePkg/PciBus: Fix system hang when no PCI Option ROM exists + + BaseTools/tools_def AARCH64 RELEASE: move GCC49/GGC5 to 4 KB + alignment + + SecurityPkg: Remove dead code and inf redundant definitions + + UefiCpuPkg/Cpuid.h: Sync CPUID definition to latest SDM + + MdeModulePkg/PciBus: Shadow option ROM after BARs are programmed + + ArmVirtPkg/QemuVirtMemInfoLib: trim the MMIO region mapping + + ArmVirtPkg/XenVirtMemInfoLib: refactor reading of the PA space + size + + ArmVirtPkg/QemuVirtMemInfoLib: remove 1:1 mapping of top of + PA range + + ArmVirtPkg/NorFlashQemuLib: discover NOR flash banks dynamically + + ArmPkg/ArmSmcPsciResetSystemLib: add missing call to + ExitBootServices() + + SecurityPkg: Update TCG PFP spec revision. + + OvmfPkg: simply use the Bochs interface for vmsvga + + ArmPlatformPkg & ArmVirtPkg: clear frame pointer in startup + code + + Remove unused DuetPkg, EdkShellBinPkg, and UnixPkg + + ArmPkg/ArmGicDxe ARM: fix encoding for GICv3 interrupt + acknowledge + + MdePkg/BaseIoLibIntrinsicArmVirt ARM: avoid double word loads + and stores +- Refresh patches + + ovmf-add-exclude-shell-flag.patch + + ovmf-disable-ia32-firmware-piepic.patch +- Enable Python3 support in BaseTools (bsc#1075770) + +------------------------------------------------------------------- +Thu Dec 27 07:43:41 UTC 2018 - Gary Ching-Pang Lin + +- Add a new "smm" flavor to enable System Management Mode + + Also add ovmf-add-exclude-shell-flag.patch to exclude shell + from the resultant SMM firmware files +- Retire the old openSUSE 4096 bit certificates since all those + programs are unmaintained. +- Amend the numbering of patches and sources +- Update README to reflect the current status + +------------------------------------------------------------------- +Mon Dec 3 08:05:38 UTC 2018 - Gary Ching-Pang Lin + +- Update ovmf-embed-default-keys.patch and add owner-guid-zero.h to + set the default owner of PK/KEK/db/dbx and make the + auto-enrollment only happen at the very first boot. (bsc#1117998) +- Change the group of qemu-ovmf-x86_64-debug to Development/Sources + since there is no Development/Debug anymore + +------------------------------------------------------------------- +Thu Nov 15 07:25:30 UTC 2018 - Gary Ching-Pang Lin + +- Update to 2018+git1542164568.85588389222a (edk2-stable201811) + + UefiCpuPkg/CommonFeature: Always set FEATURE_CONTROL.Lock + + MdeModulePkg/NvmExpressPei: Refine data buffer & len check in + PassThru + + OvmfPkg/QemuVideoDxe: list "UnalignedIoInternal.h" in the INF + file + + OvmfPkg/QemuVideoDxe: VMWare SVGA device support + + OvmfPkg/QemuVideoDxe: Helper functions for unaligned port I/O + + OvmfPkg: VMWare SVGA display device register definitions + + Fix UEFI and Tiano Decompression logic issue + + MdePkg: Fix incorrect check for DisplayOnly text format in + AcpiEx + + UefiCpuPkg/PiSmmCpuDxeSmm: Separate semaphore container + + UefiCpuPkg/RegisterCpuFeaturesLib: Separate semaphore container + + UefiCpuPkg/RegisterCpuFeaturesLib: Adjust Order + + MdePkg/BaseSynchronizationLib: Fix InternalSync[De|In]crement + + UefiCpuPkg/SmmCpu: Block access-out only when static paging is + used + + MdeModulePkg/Core: fix ineffective guard page issue + + MdeModulePkg/Core: fill logic hole in + MemoryProtectionCpuArchProtocolNotify + + MdeModulePkg/Mtftp4Dxe: Fix invalid configuration of MTFTP + local port + + OvmfPkg: Replace obsoleted network drivers from platform DSC/FDF + + MdePkg/Base.h: Implement BASE_CR() via OFFSET_OF() + + MdeModulePkg/PiSmmIpl: Do not reset SMRAM to UC when CPU driver + runs + + NetworkPkg/TlsDxe: Fix failure to process multiple TLS records + + BaseTools ConvertFceToStructurePcd: Fix the array value with + empty string + + CryptoPkg/BaseCryptLib: Fix potential integer overflow issue + + ArmPkg/OpteeLib: Add APIs to communicate with OP-TEE + + UefiCpuPkg/PiSmmCpuDxeSmm: Fix ASSERT for success + + UefiCpuPkg/MpInitLib: Fix ASSERT for success + + MdeModulePkg/Core: fix an issue of potential NULL pointer access + + NetworkPkg/Mtftp6Dxe: Correct the total received and saved + block number + + MdeModulePke/Mtftp4Dxe: Correct the total received and saved + block number + + MdeModulePkg EhciDxe: Extract new EhciInsertAsyncIntTransfer + function + + MdeModulePkg XhciDxe: Extract new XhciInsertAsyncIntTransfer + function + + BaseTools: Sync the DevicePath Function update from MdePkg + + MdeModulePkg/HiiDB: Make sure database update behaviors are + atomic + + MdeModulePkg/HiiDB: Reorganize codes of exporting HII settings + + UefiCpuPkg/RegisterCpuFeaturesLib: Support combo CPU feature + style + + UefiCpuPkg/RegisterCpuFeaturesLib: Fix ECC issues + + MdeModulePkg/Core: add freed-memory guard feature + + MdeModulePkg/Core: prevent re-acquire GCD memory lock + + UefiCpuPkg/CpuDxe: prevent recursive calling of + InitializePageTablePool + + UefiCpuPkg/CpuDxe: consider freed-memory guard in non-stop mode + + MdeModulePkg: introduce UEFI freed-memory guard bit in HeapGuard + PCD + + MdeModulePkg/NvmExpressDxe: Refine PassThru IO queue creation + behavior + + MdeModulePkg/NvmExpressDxe: Always copy CQ entry to PassThru + packet + + MdeModulePkg/NvmExpressDxe: Refine data buffer & len check in + PassThru + + MdePkg: Handle various device path when optional para is not + specified + + FatPkg: Correct the line ending to CRLF + + MdePkg-BaseLib: Fix PathCleanUpDirectories() issue with + "\\..\\.." + + FatPkg/EnhancedFatDxe Fix Double Cluster Allocation + + FatBinPkg: Remove FatBinPkg and refresh document + + ShellPkg/dmem: Only dump sizeof (EFI_SYSTEM_TABLE) bytes for gST + + MdeModulePkg/UsbMass: Fix USB key write failure + + IntelFrameworkModulePkg: Add more checker in + UefiTianoDecompressLib (CVE FIX) + + MdePkg: Add more checker in UefiDecompressLib to access the + valid buffer only (CVE FIX) + + MdeModulePkg/PartitionDxe: Add check for underlying device + block size (bsc#1130267, CVE-2019-0160) + + MdeModulePkg Xhci: Handle value 5 in Port Speed field of PORTSC + + MdeModulePkg XhciDxe: Assign Usb2Hc.XXXRevision based on SBRN + + MdePkg/BaseLib: AsciiStrToUnicodeStr(S) not handle EASCII + properly + + UefiCpuPkg/CpuCommonFeaturesLib: Register MSR base on scope Info + + UefiCpuPkg/CpuS3DataDxe: Keep old data if value already existed + + UefiCpuPkg/PiSmmCpuDxeSmm: Add logic to support semaphore type + + UefiCpuPkg/RegisterCpuFeaturesLib: Add logic to support + semaphore type + + UefiCpuPkg/RegisterCpuFeaturesLib.h: Add new dependence types + + UefiCpuPkg/Include/AcpiCpuData.h: Add Semaphore related + Information + + NetworkPkg/IpSecDxe: Fix issue to parse SA Payload + + NetworkPkg: Correct the time stamp and fix the integer overflow + issue + + NetworkPkg/TlsDxe: Remove the redundant library class + + MdePkg UefiLib: Check Table against NULL in ScanTableInSDT + + MdeModulePkg BrotliDecompressLib: Add the checker to avoid array + out of bound + + UefiCpuPkg/CpuExceptionHandlerLib: always clear descriptor data + in advance + + fix InternalSyncCompareExchange*() + + MdeModulePkg Variable: Fix Timestamp zeroing issue on + APPEND_WRITE + + MdeModulePkg/Bus/Ufs: Ensure device not return more data than + expected + + MdeModulePkg/AbsPointer: Don't access key codes when length is + wrong + + MdeModulePkg BrotliCustomDecompressLib: Don't build it for EBC + arch + + MdeModulePkg RegularExpressionDxe: Enable STDARG for variable + arguments + + MdeModulePkg/RegularExpressionDxe: Miss null pointer check + + MdeModulePkg PcdDxe: ASSERT PcdSetNvStoreDefaultId set + + UefiCpuPkg/S3Resume2Pei: disable paging before creating new + page table + + MdeModulePkg/SdMmcPciHcDxe: Allow additional SDHCI versions + + MdeModulePkg/SdMmcPciHcDxe: Add controller version defines + + MdePkg: Use VENDOR_DEVICE_PATH structure for Debug Port device + path + + ShellPkg-Cd: Ensure all valid cd targets are handled properly + + MdePkg-BaseLib: Fix PathCleanUpDirectories() error involving + "\..\.." + + MdeModulePkg/NonDiscoverablePciDeviceDxe: expose unique B/D/F + identifiers + + MdeModulePkg: Update Brotli DecompressLib to the latest v1.0.6 + + BaseTools: Update Brotli Compress to the latest one 1.0.6 + + MdePkg: Add PciRoot/PcieRoot text for ACPI Expanded Device Path + + MdePkg: Correct condition check for AcpiExp text format + + MdePkg: Correct the string order of ACPI Expanded Device Path + + MdePkg: Correct the string expression of UTF8 vendor device path + + MdeModulePkg/HiiDB: Fix incorrect structure convention for + checkbox + + Lzma: Update LZMA SDK version to 18.05 + + OvmfPkg/PlatformPei: clear CPU caches + + Various BaseTools clean up and fixes + + Various UDF fixes + + Various USB fixes +- Drop upstreamed patches + + ovmf-bsc1115916-fix-timestamp-zeroing.patch + + ovmf-bsc1115917-bounds-checking-for-ueficompress.patch + +------------------------------------------------------------------- +Wed Nov 14 04:17:53 UTC 2018 - Gary Ching-Pang Lin + +- Add ovmf-bsc1115916-fix-timestamp-zeroing.patch to fix Timestamp + zeroing issue on APPEND_WRITE (bsc#1115916, CVE-2018-3613) +- Add ovmf-bsc1115917-bounds-checking-for-ueficompress.patch for + the bound checking of ueficompress (bsc#1115917, CVE-2017-5731, + CVE-2017-5732, CVE-2017-5733, CVE-2017-5734, CVE-2017-5735) + +------------------------------------------------------------------- +Fri Oct 5 04:04:38 UTC 2018 - Gary Ching-Pang Lin + +- Update to 2018+git1538590187.c0b1f749ef13 + + ShellPkg: Create a homefilesystem environment variable + + NetworkPkg/HttpUtilitiesDxe: fix read memory access overflow + + NetworkPkg/HttpDxe: fix read memory access overflow in HTTPBoot + + PcAtChipsetPkg PcRtc: Use new EfiLocateFirstAcpiTable() + + MdeModulePkg S3SaveStateDxe: Use new EfiLocateFirstAcpiTable() + + MdePkg UefiLib: Add new EfiLocateXXXAcpiTable() APIs + + NetworkPkg/UefiPxeBcDxe: Add the clarification compared to + UefiPxeBcDxe in MdeModulePkg + + NetworkPkg/IScsiDxe: Add the clarification compared to + IScsiDxe in MdeModulePkg + + NetworkPkg/TcpDxe: Add the clarification compared to Tcp4Dxe + in MdeModulePkg + + MdeModulePkg/UefiPxeBcDxe: Add the clarification compared + to UefiPxeBcDxe in NetworkPkg + + MdeModulePkg/IScsiDxe: Add the clarification compared to + IScsiDxe in NetworkPkg + + MdeModulePkg/Tcp4Dxe: Add the clarification compared to TcpDxe + in NetworkPkg + + NetworkPkg/UefiPxeBcDxe: Use the specified MTFTP windowsize + + NetworkPkg: Define one PCD for PXE to specify MTFTP windowsize + + NetworkPkg/Mtftp6Dxe: Support windowsize in read request + operation + + MdeModulePke/Mtftp4Dxe: Support windowsize in read request + operation + + MdePkg/BaseSynchronizationLib: fix XADD operands in GCC + IA32/X64 assembly + + MdeModulePkg/PciHostBridge: Fix a bug that prevents PMEM + access + + MdeModulePkg/PciHostBridge: Enhance boundary check in + Io/Mem.Read/Write + + MdeModulePkg/DxeIpl: support more NX related PCDs + + MdeModulePkg: XhciDxe: Prevent illegal memory access in + XhcSetHsee + + SecurityPkg/TcgStorageOpalLib: Fixed correct user password + not works issue + + MdeModulePkg/SdMmcPciHcDxe: Execute card detect only for + RemovableSlot + + MdeModulePkg/SdMmcPciHcDxe: Fix SdMmcHcReset to set only + necesery bits + + NetworkPkg: UefiPxeBcDxe: Add EXCLUSIVE attribute when opening + SNP protocol installed by PXE + + BaseTools: Check GUID C structure format + + MdeModulePkg: Avoid key notification called more than once + + IntelFrameworkModulePkg: Avoid key notification called more + than once + + MdeModulePkg/Library/DxeHttpLib: Handle the blank value in + HTTP header + + MdeModulePkg/Ip4Dxe: Sync the direct route entry setting + + MdeModulePkg XhciDxe: Set HSEE Bit if SERR# Enable Bit is set + + BaseTools: Correct DXE_PCD_DATABASE_INIT + + BaseTools: Check PcdNvStoreDefaultValueBuffer + + BaseTools: Involve Dec default value to calculate Maxsize + + BaseTools: Structure Pcd value override incorrect + + BaseTools: Report error for incorrect hex value format + + MdeModulePkg/ConPlatform: Support short-form USB device path + + UefiCpuPkg/CpuDxe: fix an incorrect bit-wise operation + + UefiCpuPkg/CpuDxe: fix ECC reported issues + + UefiCpuPkg/CpuMpPei: support stack guard feature + + UefiCpuPkg/MpInitLib: fix register restore issue in AP wakeup + + UefiCpuPkg/CpuExceptionHandlerLib: support stack switch for + PEI exceptions + + MdeModulePkg/DxeIpl: disable paging before creating new page + table + + MdeModulePkg PeiCore: Always use PeiImageRead() function to + load PEI image + + MdeModulePkg/EhciDxe: factor out EhcIsDebugPortInUse() + + BaseTools/PatchCheck.py: Fix error when run with Python3 + + BaseTools: Report more clear error message for PCD used in + expression + + BaseTools: Fix a bug about list the PCD in "not used" section + + UefiCpuPkg/MpInitLib: Fix ECC issues + + MdeModulePkg/EhciDxe: fix host controller reset condition in + BindingStart + + BaseTools: Extend the keyword "!include"/"!if" to + case-insensitive + + MdeModulePkg/Setup: Fix incorrect size used in AllocateCopyPool + + MdeModulePkg DxeCore: Handle multiple FV images in one FV file + + MdeModulePkg PeiCore: Handle multiple FV images in one FV file + + UefiCpuPkg/CpuExceptionHandlerLib: Avoid calling PEI services + from AP + + CpuExceptionHandlerLib: Add comments to make code more readable + + BaseTools: Fixed the PcdValue trailing zero issue + + BaseTools: Dynamic Pcd value override from command line + + BaseTools: Check pcd DefaultValue and SkuId EBNF + + ShellPkg: Update Ifconfig command to accept 32bit subnet mask + + MdeModulePkg/Network: Add 32bit subnet mask support for IP4 + PXE boot + + BaseTools: Clarify a DSC parsing error about PCDs + + BaseTools: minimize assignment processing + + BaseTools: Refactor to remove functionally equivalent + functions + + BaseTools: include variable namespace GUIDs of HII PCDs in + Guid.xref + + ShellPkg/SmbiosView: Update SmbiosView for SMBIOS3.2.0 + + UefiCpuPkg/CpuDxe: change level of DEBUG message + + UefiCpuPkg/CpuDxe: implement non-stop mode for uefi + + UefiCpuPkg/CpuExceptionHandlerLib: Setup single step in #PF + handler + + MdeModulePkg/MdeModulePkg.dec: add new settings for PCDs + + MdePkg: Add the missing spec version information for header + files + + BaseTools: Fix one expression bug to support ~ operate + + BaseTools: Add check only VOID* type Pcd need the maxsize info + + MdeModulePkg: Update SMBIOS PCDs to 3.2.0 + + MdePkg SmBios.h: Add SMBIOS 3.2.0 definitions + + MdeModulePkg/PciBus: Restrict one VGA per HostBridge not + Segment + + MdeModulePkg/PciBus: Refine ActiveVGADeviceOnTheRootBridge + + ArmPkg/PlatformBootManagerLib: fix hotkey of boot option + + BaseTools: Use hashlib instead of md5 + + BaseTools: remove cmp due to deprecated in python3 + + BaseTools: Modify class OrderedListDic + + BaseTools: Update Makefile for ECC tool + + BaseTools/VfrCompile: honor EXTRA_LDFLAGS + + NetworkPkg/TlsAuthConfigDxe: fix TlsCaCertificate attributes + retrieval + + IntelFrameworkPkg/FrameworkUefiLib: don't special-case + EFI_FILE_MODE_CREATE + + MdePkg/UefiLib: don't special-case EFI_FILE_MODE_CREATE in + OpenMode + + Remove redundant variables, functions, library clesses, and + GUIDs + +------------------------------------------------------------------- +Mon Aug 20 06:59:05 UTC 2018 - glin@suse.com + +- Update to 2018+git1534736099.43fe4c405292 + + BaseTools: AutoGen refactor ModuleAutoGen caching + + OvmfPkg: link Sha384 and Sha512 support into Tcg2Pei and Tcg2Dxe + + MdePkg/UefiLib: introduce EfiOpenFileByDevicePath() + + BaseTools: Update the rule to remove .lib before link it for GCC + + BaseTools: Add Dns and BluetoothLE DevicePath + + MdeModulePkg SmmLockBox: Return actual data length in + SmmLockBoxRestore + + UefiCpuPkg/RegisterCpuFeaturesLib: Combine implementation + + UefiCpuPkg/CpuS3DataDxe: Remove below 4G limitation + + UefiCpuPkg/CpuS3DataDxe: Change Memory Type and address + limitation + + UefiCpuPkg/AcpiCpuData.h: Remove AcpiNVS and Below 4G limitation + + UefiCpuPkg/PiSmmCpuDxeSmm: Use GDT/IDT saved in Smram + + SecurityPkg/TcgStorageCoreLib.h: Use ascii instead of unicode + + BaseTool: Fixed the bug of Boolean Hii Pcd packing + + SecurityPkg: HashLib: Update HashLib file GUID + + SecurityPkg/Library/Tpm2DeviceLibDTpm: fix s/Constructor/CONSTRUCTOR + + OvmfPkg/PlatformDebugLibIoPort: fix port detection for use in + the DXE Core + + NetworkPkg/HttpDxe: Strip square brackets in IPv6 expressed + HostName + + MdeModulePkg/BdsDxe: Move display of test key usage into BDS + module + + ArmPkg: Add initial OpteeLib implementation + + SecurityPkg: HashLib: Add SHA384, SHA512 HashLib + + MdeModulePkg/BdsDxe: Call PlatformBootManagerUnableToBoot() + + MdeModulePkg/BdsDxe: Revert "fall back to UI loop before hanging" + + ArmVirtPkg/PlatformBDS: Implement PlatformBootManagerUnableToBoot + + OvmfPkg/PlatformBds: Implement PlatformBootManagerUnableToBoot + + MdeModulePkg/PciBusDxe: Fix small memory leak in FreePciDevice + + MdeModulePkg/DxeCore: Not update RtCode in MemAttrTable after + EndOfDxe + + UefiCpuPkg/MpInitLib: Not use disabled AP when call StartAllAPs + + UefiCpuPkg/MpInitLib: Remove redundant CpuStateFinished State + + MdeModulePkg/DxeLoadFunc: Add use case for new Perf macro + + SecurityPkg/Tcg: Add use case for new Perf macro + + ArmVirtPkg: remove wrong and superfluous ResourcePublicationLib + resolution + + OvmfPkg: Correct ResourcePublicationLib class name in DSC/INF + file + + MdeModulePkg CapsuleApp: Do not parse bits in CapsuleFlags of + ESRT + + MdeModulePkg, TpmMeasureLib: Variable: Re-prioritize TCG/TCG2 + protocol + + SecurityPkg: TcgSmm: Handle invalid parameter in MOR SMI handler + + OvmfPkg/XenPvBlkDxe: remove gEfiDevicePathProtocolGuid from + [Protocols] + + StandaloneMmPkg/Core: Implementation of Standalone MM Core Module + + UefiCpuPkg/CpuDxe: fix incorrect check of SMM mode + + UefiCpuPkg/MpInitLib: Optimize get processor number performance + + OvmfPkg/AcpiPlatformDxe: clean up libs and protos in + "AcpiPlatformDxe.inf" + + UefiCpuPkg/MpInitLib: Fix S3 resume hang issue + + UefiCpuPkg/MpInitLib: Use BSP uCode for APs if possible + + UefiCpuPkg/MpInitLib: Relocate uCode to memory to save time + + Update BaseTools for the preparation of python3 adoption +- Refresh ovmf-pie.patch and ovmf-gdb-symbols.patch + +------------------------------------------------------------------- +Fri Jul 13 08:32:57 UTC 2018 - glin@suse.com + +- Update to 2018+git1531464032.ae08ea246fe9 + + ArmVirtPkg/ArmVirtQemu: enable the IPv6 stack + + SecurityPkg: Fix assert when setting key from eMMC/SD/USB + + UefiCpuPkg/MpInitLib: Avoid calling PEI services from AP + + NetworkPkg/HttpDxe: Fix the bug when parsing HTTP(S) message + body + + SecurityPkg/OpalPassword: Fixed input correct password not + works issue + + SecurityPkg/TcgStorageOpalLib: Return AUTHORITY_LOCKED_OUT error + + OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Restore C-bit when SEV + is active + + OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Do not expose MMIO in + SMM build + + OvmfPkg/QemuFlashFvbServicesRuntimeDxe: mark Flash memory + range as MMIO + + MdeModulePkg/Variable: Check EFI_MEMORY_RUNTIME attribute + before setting it + + MdeModulePkg SataControllerDxe: Calculate ChannelCount based + on PI value + + SecurityPkg Tpm2DeviceLibDTpm: Update enum type name to match + the one in lib + + MdeModulePkg UsbBusDxe: Fix wrong buffer length used to read + hub desc (bsc#1131361, CVE-2019-0161) + + SecurityPkg: Tpm2DeviceLib: Enable CapCRBIdleBypass support + + SecurityPkg: Cache TPM interface type info + + FatPkg/FatPei: Add the recognition of recovery capsule on NVME + device + + MdeModulePkg/NvmExpressPei: Add the NVME device PEI BlockIo + support + + MdeModulePkg: Add definitions for EDKII PEI NVME host + controller PPI + + ArmPkg/ArmMmuLib ARM: fix Mva to use idx instead of table base + + ArmPkg/ArmMmuLib ARM: assume page tables are in writeback + cacheable memory + + ArmPkg/ArmMmuLib ARM: remove cache maintenance of block mapping + contents + + MdeModulePkg: Enable SATA Controller PCI mem space + + MdeModulePkg/NetworkPkg: Checking for NULL pointer before use + + MdeModulePkg/Core: remove SMM check for Heap Guard feature + detection + + UefiCpuPkg/CpuDxe: allow accessing (DXE) page table in SMM mode + + BaseTools/tools_def IA32: drop -no-pie linker option for GCC49 + + SecurityPkg/SecureBootConfigDxe: Fix invalid NV data issue + + ArmVirtPkg: add QemuRamfbDxe + + OvmfPkg: add QemuRamfbDxe + + BaseTools/tools_def IA32: disable PIE code generation explicitly + + MdePkg UefiLib: Use comparison logic to check UINTN parameter + + ArmVirtPkg: switch to KVM safe IoLib implementation + + MdePkg/BaseIoLibIntrinsic: make BaseIoLibIntrinsic safe for + ArmVirt/KVM + + ArmPkg/CompilerIntrinsicsLib: fix GCC8 warning for + __aeabi_memcpy aliases +- The IP6 stack of AAVMF is enabled + +------------------------------------------------------------------- +Mon Jun 11 08:38:33 UTC 2018 - glin@suse.com + +- Update to 2018+git1528497654.eb5943134630 + + CryptoPkg PeiCryptLib: Enable SHA384/512 support + + MdePkg/UefiRuntimeLib: Do not allow to be linked by DXE driver + + CryptoPkg: Remove deprecated function usage in + X509GetCommonName() + + PlatformBootManagerLib: add missing report status code call + + OvmfPkg: raise DXEFV size to 11 MB + + SignedCapsulePkg/PlatformFlashAccessLib: Add progress API + + MdeModulePkg: Add DisplayUpdateProgressLib class + + PcAtChipsetPkg/PcRtc: Add two new PCD for RTC Index/Target + registers + + OvmfPkg/Virtio10Dxe: convert to PciCapLib + + OvmfPkg/PciHotPlugInitDxe: convert to PciCapLib + + ArmVirtPkg: resolve PciCapLib, PciCapPciSegmentLib, + PciCapPciIoLib + + OvmfPkg: resolve PciCapLib, PciCapPciSegmentLib, PciCapPciIoLib + + OvmfPkg: introduce PciCapPciIoLib + + OvmfPkg: introduce PciCapPciSegmentLib + + OvmfPkg: introduce PciCapLib + + BaseTools/tools_def: add "-fno-unwind-tables" to + GCC_AARCH64_CC_FLAGS + + OvmfPkg/PlatformBootManagerLib: process TPM PPI request + + OvmfPkg: add Tcg2PhysicalPresenceLibQemu + + OvmfPkg/IndustryStandard: add QemuTpm.h header + + OvmfPkg: add Tcg2PhysicalPresenceLibNull when !TPM2_ENABLE + + MdePkg/SmmPeriodicSmiLib: Get Periodic SMI Context More Robustly + + OvmfPkg/PlatformBootManagerLib: connect Virtio RNG devices again + + ArmVirtPkg/PlatformBootManagerLib: connect Virtio RNG devices + again + + OvmfPkg/QemuVideoDxe: Enable DISPLAY_OTHER pci class for qemu + stdvga + + OvmfPkg/QemuVideoDxe: Add SubClass field to QEMU_VIDEO_CARD + + OvmfPkg/PlatformBootManagerLib: connect consoles unconditionally + + BaseTools: Fix generating array's size is incorrect in AutoGen.c + + BaseTools: incorrect calculation for 16M + +------------------------------------------------------------------- +Fri May 18 01:49:10 UTC 2018 - glin@suse.com + +- Enable TLS support correctly + +------------------------------------------------------------------- +Thu May 17 06:54:38 UTC 2018 - glin@suse.com + +- Enable TPM 2.0 support + +------------------------------------------------------------------- +Thu May 10 08:05:16 UTC 2018 - glin@suse.com + +- Update to 2018+git1525854636.13e3f8c03339 + + BaseTools/VfrCompile: Avoid using uninitialized pointer + + MdeModulePkg/PciHostBridge: Count the (mm)io overhead when polling + + UefiCpuPkg/SecMain: Add NORETURN decorator to SecStartup() + + CryptoPkg/CrtLibSupport: add secure_getenv() stub function + + MdeModulePkg/AcpiPlatformDxe: Unload after execution + + SecurityPkg/OpalPassword: Add support for pyrite 2.0 devices + + NetworkPkg/NetworkPkg.dsc: Add the instance of library class + [SafeIntLib] + + ArmVirtPkg: use protocol-based DevicePathLib instance for most + DXE modules + + OvmfPkg/QemuVideoDxe: round up FrameBufferSize to full page + + ArmVirtPkg: reinstate timer unmask quirk for Xen + + ArmPkg/TimerDxe: remove workaround for KVM timer handling + + FatPkg/EnhancedFatDxe: Ensure traverse of subtasks is + delete-safe + + OvmfPkg/PlatformBootManagerLib: add USB keyboard to ConIn + + CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0h + (bsc#1094289, CVE-2018-0739) + + OvmfPkg/TlsAuthConfigLib: configure trusted cipher suites for + HTTPS boot + + ArmVirtPkg/ArmVirtQemu: hook NvVarStoreFormattedLib into + VariableRuntimeDxe + + ArmPlatformPkg/NorFlashDxe: cue the variable driver with + NvVarStoreFormatted + + ArmPlatformPkg/NorFlashDxe: initialize varstore headers eagerly + + OvmfPkg: remove BLOCK_MMIO_PROTOCOL and BlockMmioToBlockIoDxe + + OvmfPkg/TlsAuthConfigLib: configure trusted CA certs for + HTTPS boot + + MdeModulePkg/Variable/RuntimeDxe: introduce + PcdMaxVolatileVariableSize + + NetworkPkg/TlsAuthConfigDxe: preserve TlsCaCertificate variable + attributes + + NetworkPkg/HttpDxe: drop misleading comment / status code in + cert config + + NetworkPkg/HttpDxe: use error handler epilogue in + TlsConfigCertificate() + + NetworkPkg/HttpBootDxe: fix typo in DHCPv4 packet parsing + + OvmfPkg/QemuVideoDxe: handle invalid BltOperation gracefully + + NetworkPkg/UefiPxeBcDxe: Configure the ARP Instance/RouteTable + with new address + + NetworkPkg/HttpDxe: Handle the large data request via HTTPS + channel + + NetworkPkg/TlsDxe: Handle the multiple TLS record messages + encryption/decryption + + SecurityPkg Tpm12CommandLib: Fix TPM12 GetCapability response + error + + SecurityPkg Tpm2CommandLib: Fix TPM2.0 response memory overflow + + MdeModulePkg/DxeMain: Fix BSP interrupts reenabled in + ExitBootServices + + UefiCpuPkg/MpInitLib: Disable interrupt at ExitBootServices AP + Mwait + + OvmfPkg/PlatformBootManagerLib: process "-kernel" before boot + devices + + OvmfPkg/PlatformBootManagerLib: hoist PciAcpiInitialization() + + ArmVirtPkg/PlatformBootManagerLib: return to "-kernel before + boot devices" + + MdeModulePkg/Core: allow HeapGuard even before CpuArchProtocol + installed + + UefiCpuPkg CpuExceptionHandlerLib: use FixedPcdGetSize() as the + macro value + + remove TrEE + + MdeModulePkg/PciBus: return CPU address for GetBarAttributes + + MdeModulePkg/PciBus: convert host address to device address + + MdeModulePkg/PciHostBridgeDxe: Add support for address translation + + OvmfPkg/PciHostBridgeLib: clear PCI aperture vars for (re)init + + ArmPkg/TimerDxe: Add ISB for timer compare value reload + + BaseTools code refactoring + +------------------------------------------------------------------- +Thu Mar 15 08:40:01 UTC 2018 - glin@suse.com + +- Update to 2018+git1521096615.b3fa393f477a + + OvmfPkg/QemuBootOrderLib: add ConnectDevicesFromQemu() + + NetworkPkg/IScsiDxe: Fix the ISCSI connection failure in + certain case + + OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Clear C-bit when SEV is + active (bsc#1099193) + + OvmfPkg: include Tcg2Dxe module + + OvmfPkg: simplify SecurityStubDxe.inf inclusion + + OvmfPkg/AmdSevDxe: decrypt the pages of the initial SMRAM save + state map + + OvmfPkg/SmmCpuFeaturesLib: SEV: encrypt+free pages of init. + save state map + + OvmfPkg/PlatformPei: SEV: allocate pages of initial SMRAM save + state map + + OvmfPkg/MemEncryptSevLib: find pages of initial SMRAM save + state map + + MdeModulePkg/UsbMass: Retry CMD for MediaChanged sense key + + NetworkPkg/HttpDxe: Support HTTP Delete Method + + NetworkPkg/HttpBootDxe: Fix the incorrect error message output + + MdeModulePkg: Add Boot Logo 2 Protocol + + MdeModulePkg/UsbMass: Fix hot-plug USB CDROM can't be recognized + + NetworkPkg: Read HttpTlsCipherList variable and configure it + for HTTPS session + + NetworkPkg: Define one private variable for HTTPS to set Tls + CipherList + + ArmVirtPkg: Add SafeIntLib and BmpSupportLib to DSC files + + OvmfPkg: Add SafeIntLib and BmpSupportLib to DSC files + + UefiCpuPkg/PiSmmCpuDxeSmm: fix infinite loop issue in SMM profile + + MdeModulePkg Ppi/IoMmu.h: Add EFI_NOT_AVAILABLE_YET return + status code + + MdeModulePkg/Core: fix feature conflict between NX and heap guard + + ReadKeyStrokeEx always return key state + + SecurityPkg: Tcg2Smm: Enable TPM2.0 interrupt support + + MdeModulePkg/Partition: Fix media probe + + NetworkPkg/HttpBootDxe: Avoid to corrupt HttpBootDxe setup screen + + MdeModulePkg/UefiBootManagerLib: Skip the DNS device path node check + + MdeModulePkg/Core: fix a logic hole in page free + + OvmfPkg/BaseMemEncryptSevLib: Enable protection for newly + added page table + + MdeModulePkg/Ip4Dxe: Add an independent timer for reconfig checking + + NetworkPkg: Fix a memory leak issue in UDP6 driver + + UefiCpuPkg/MtrrLib: Fix bug that may calculate wrong MTRR result + + MdeModulePkg/DxeNetLib: Fix an error in packet length counting + + NetworkPkg: Fix memory leak problem in PXE driver + + MdeModulePkg/DxeHttpLib: Add boundary condition check + + CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0g + + MdeModulePkg/Core: Fix heap guard issues + + NetworkPkg/HttpBootDxe: Break the HttpBoot Callback function + when meet redirect status + + NetworkPkg/HttpBootDxe: Avoid the potential memory leak when + eror happen + + MdeModulePkg/DxeIplPeim: fix incorrect page table split during + protecting + + NetworkPkg/UefiPxeBcDxe: Allow the NULL configuration for + NewStationIP/NewSubnetMask + + NetworkPkg/UefiPxeBcDxe: Fix Pxe.Dhcp() return status code + + MdeModulePkg/Dhcp*: Check Media status before starting DHCP process + + MdeModulePkg/Ip4Dxe: fix ICMP echo reply memory leak + + NetworkPkg/DnsDxe: Update RetryCount/RetryInterval to comply + with UEFI spec + + MdeModulePkg/TcpIoLib: Cancel TCP token if connect/accept is + timeout + + MdeModulePkg/TcpIoLib: Check input Timeout before calling + CheckEvent() service + + MdeModulePkg/DxeIpl: Mark page table as read-only + + SecurityPkg:Tcg2Smm:Enabling TPM SIRQ interrupt support + + MdeModulePkg/ScsiDisk: Return EFI_NO_MEDIA when no media presents + + BaseTool/tools_def GCC5: enable optimization for ARM/AARCH64 + DEBUG builds + + UefiCpuPkg/CpuDxe: Initialize stack switch for MP + + UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support + + UefiCpuPkg PiSmmCpuDxeSmm: SMM profile and static paging mutual + exclusion + + MdeModulePkg/NetLib: Fix an error when AIP doesn't support + network media state detection + + MdeModulePkg/NetLib: Add NetLibDetectMediaWaitTimeout() API to + support EFI_NOT_READY media state detection + + MdeModulePkg/Core/Dxe: log informative memprotect msgs at + DEBUG_INFO level + + ArmVirtPkg/ArmVirtXen: move from Intel to generic BDS + + MdeModulePkg/SerialDxe: Do not fail reset when SetAttributes is + not supported + + MdeModulePkg/DxeCorePerformanceLib: add lock protection + + OvmfPkg/QemuBootOrderLib: let an OFW devpath match multiple + UEFI boot opts + + OvmfPkg/QemuBootOrderLib: skip already matched / appended UEFI + boot opts + + MdeModulePkg/Core: Merge memory map after filtering paging + capability + + ArmVirtPkg/PrePi: don't export PE/COFF and LZMA libraries via HOBs + + MdeModulePkg/BdsDxe: fall back to a Boot Manager Menu loop + before hanging + + SecurityPkg/SecureBootConfigDxe: Fix deleting signature data issue + + CryptoPkg/IntrinsicLib: Fix the warning on memset + + MdeModulePkg/DxeCore: Filter out all paging capabilities + (bsc#1092943) + + CryptoPkg/TlsLib: Change the return type of TlsInitialize() + + NetworkPkg/HttpDxe: Fix the incorrect SizeofHeaders in + HttpTcpReceiveHeader() + + ArmVirtPkg: introduce ArmVirtMemInfoLib library class + + ArmVirtPkg/PrePi: remove bogus primary core check + + BaseTools/tools_def AARCH64 ARM: suppres PIE sections via + linker script + + PcAtChipsetPkg: Define FixePCD's for RTC register values + + MdeModulePkg EhciPei: Minor refinement about IOMMU + + MdeModulePkg/UefiBootManagerLib: Remove assertion + + MdeModulePkg EhciPei: Also check Buf against NULL to return error + + MdeModulePkg/UsbMassStorageDxe: Check Get Max LUN status/value + + MdeModulePkg/UsbBusDxe: Add UsbControlTransfer() error check + + BaseTools: Fix a bug for single module build with GenC/GenMake option + + MdeModulePkg/PiSmmCore: Fix an assert issue in pool free + + BaseTools: Fix the bug to collect source files per build rule family + + MdeModulePkg/UdfDxe: Avoid possible loss track of allocated buffer + + MdeModulePkg/PartitionDxe: Merge the discovery of ElTorito into UDF +- Refresh ovmf-gdb-symbols.patch and ovmf-pie.patch +- Modify openssl tarball unpacking to fit the change in ovmf + +------------------------------------------------------------------- +Wed Jan 24 06:31:21 UTC 2018 - glin@suse.com + +- Only use SLES-UEFI-CA-Certificate-2048.crt for the suse flavor to + provide the better compatibility (bsc#1077330) + +------------------------------------------------------------------- +Mon Nov 20 04:23:04 UTC 2017 - glin@suse.com + +- Update to 2017+git1510945757.b2662641d5 + + ArmPlatformPkg/ArmPlatformLibNull: remove bogus PCD dependencies + + MdeModulePkg/UsbMassStorageDxe: Enhance Request Sense Handling + + OvmfPkg: save on I/O port accesses when the debug port is not + in use + + OvmfPkg: create a separate PlatformDebugLibIoPort instance for + SEC + + OvmfPkg: make PlatformDebugLibIoPort a proper BASE library + + OvmfPkg: restore temporary SEC/PEI RAM size to 64KB + + OvmfPkg/Sec/X64: seed the temporary RAM with PcdInitValueInTempStack + + ArmVirtPkg: switch to new PL011UartLib implementation + + OvmfPkg/XenHypercallLib: enable virt extensions for ARM + + MdeModulePkg/PiSmmCore: Implement heap guard feature for SMM mode + + MdeModulePkg/DxeCore: Implement heap guard feature for UEFI + + ArmVirtPkg/ArmVirtQemu: use non-accelerated CopyMem for + VariableRuntimeDxe + + NetworkPkg: Fix incorrect SizeofHeaders returned from + HttpTcpReceiveHeader() + + NetworkPkg: Print error message to screen if error occurs + during HTTP boot + + MdeModulePkg/PartitionDxe: Fix UDF fs access on certain CD/DVD + medias + + MdeModulePkg/UsbMassStorageDxe: Fix USB Mass Storage detection + + MdeModulePkg SerialDxe: Handle Timeout change more robustly + + CryptoPkg/BaseCryptLib: Fix mismatched memory allocation/free + + CryptoPkg/BaseCryptLib: Fix buffer overflow issue in realloc + wrapper + + ArmPlatformPkg/PlatformPeim: allow PlatformPeiLib to set the + boot mode + + Deprecate EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS + + SecurityPkg: Remove Counter Based AuthVariable support + + BaseTools/tools_def AARCH64 ARM: disable PIE linking + + NetworkPkg/TlsAuthConfigDxe: Remove the extra FreePool + + NetworkPkg/HttpBootDxe: Add IPv6 support condition check + + NetworkPkg/IScsiDxe: Fix the incorrect/needless DHCP process + + MdeModulePkg/PciBus: Fix bug that PCI BUS claims too much resource + + UefiCpuPkg/MtrrLib: Use SetMem instead of SetMem64 to fix hang + + NetworkPkg: Remove ping6 and ifconfig shell application + + OvmfPkg: fix dynamic default for oprom verification policy PCD + without SB + + OvmfPkg/PlatformPei: DENY_EXECUTE_ON_SECURITY_VIOLATION when + SEV is active + + SecurityPkg\Tcg2Pei: FV measure performance enhancement + + SecurityPkg:AuthVariableLib:Implement ECR1707 for Private Auth + Variable + + ArmPlatformPkg: Store initial timer value + + ArmVirtPkg ArmVirtDxeHobLib: Implement BuildFv3Hob + + MdeModulePkg/Variable/RuntimeDxe: delete and lock OS-created + MOR variable + + ArmPkg/PlatformBootManagerLib: fix bug in ESRT invocation + + OvmfPkg/PciHotPlugInitDxe: translate QEMU's resource + reservation hints + + OvmfPkg/PciHotPlugInitDxe: generalize RESOURCE_PADDING + composition + + OvmfPkg/IndustryStandard: define PCI Capabilities for QEMU's + PCI Bridges + + MdeModulePkg/BdsDxe: Don't delete "BootNext" until booting it + + Clarify the usage of HttpConfigData in HTTP protocol + + SecurityPkg/SecureBootConfigImpl.c: Secure Boot DBX UI + Enhancement + + MdeModulePkg/UDF: Fix creation of UDF logical partition + + CryptoPkg: Add new API to retrieve commonName of X.509 certificate + + OvmfPkg/VirtioNetDxe: log debug message in VirtioNetExitBoot() + + OvmfPkg/QemuBootOrderLib: recognize "usb-storage" devices in + XHCI ports + + MdeModulePkg/Core: Fix out-of-sync issue in GCD + + UefiCpuPkg/CpuDxe: Fix out-of-sync issue in page attributes + + OvmfPkg/QemuVideoDxe/VbeShim: handle PAM1 register on Q35 + correctly + + OvmfPkg/QemuVideoDxe/VbeShim: rename Status to + Segment0AllocationStatus + + OvmfPkg/CsmSupportLib: move PAM register addresses to + IndustryStandard + + NetworkPkg/IScsiDxe: Remove redundant call to StrLen + + BaseTools/tools_def AARCH64: enable frame pointers for RELEASE + builds + + ArmPkg/PlatformBootManagerLib: process pending capsules + + MdeModulePkg/Udf: Avoid declaring and initializing local GUID + variable + + MdeModulePkg/UdfDxe: Avoid short (single character) variable name + + MdeModulePkg/UdfDxe: Use compare operator for non-boolean + comparisons + + MdeModulePkg/UdfDxe: Fix operands of different size in bitwise + OP + + MdeModulePkg/UdfDxe: Add checks to ensure no possible NULL ptr + deref + + MdeModulePkg/SerialDxe: Fix not able to change serial attributes + + NetworkPkg: Remove the redundant '/' in the end of returned + ISCSIMacAddr keyword + + MdeModulePkg/UdfDxe: Fix NULL pointer dereference + + OvmfPkg/VirtioNetDxe: negotiate VIRTIO_F_IOMMU_PLATFORM + + OvmfPkg/VirtioNetDxe: map caller-supplied Tx packet to + device-address + + OvmfPkg/VirtioNetDxe: add Tx packet map/unmap helper functions + + OvmfPkg/VirtioNetDxe: update TechNotes + + OvmfPkg/VirtioNetDxe: dynamically alloc transmit header + + OvmfPkg/VirtioNetDxe: alloc RxBuf using AllocateSharedPages() + + OvmfPkg/VirtioNetDxe: map VRINGs using VirtioRingMap() + + OvmfPkg/VirtioNetDxe: add helper VirtioNetUninitRing() +- Update openssl to 1.1.0g + +------------------------------------------------------------------- +Mon Oct 16 09:02:28 UTC 2017 - glin@suse.com + +- Update ovmf-gdb-symbols.patch to avoid some symbols from being + removed (bsc#1063463) +- Add needssslcertforbuild back. It's useful for the devel projects. + +------------------------------------------------------------------- +Thu Sep 14 02:20:26 UTC 2017 - glin@suse.com + +- Update to 2017+git1505340320.5afa5b8159 + + MdeModulePkg/UdfDxe: suppress incorrect compiler warning in + ReadFile() + + MdeModulePkg/UdfDxe: reject reserved values in ICB.Flags[2:0] + + MdeModulePkg: Add UdfDxe to the dsc file + + MdeModulePkg: Update PiDxeS3BootScriptLib Internal function name + + MdeModulePkg/UdfDxe: Remove negative comparison of unsigned + number + + ArmVirtPkg/ArmVirtQemu: port HTTP_BOOT_ENABLE from OvmfPkg + + ArmVirtPkg: don't build the network stack uselessly for Xen + + MdeModulePkg/PartitionDxe: remove always false comparison + + MdeModulePkg/PartitionDxe: don't divide 64-bit values with C + operators + + MdeModulePkg/UdfDxe: replace zero-init of local variables with + ZeroMem() + + MdeModulePkg/UdfDxe: don't return unset Status if INLINE_DATA + req succeeds + + MdeModulePkg/UdfDxe: ASSERT() valid ReadFileInfo Flags for + INLINE_DATA req + + MdeModulePkg/UdfDxe: Initialize the array after declaration + + ShellPkg/Ifconfig6: Update error message and add a new line + + NetworkPkg/IScsiDxe: Fix the incorrect max length of IP_ADDRESS + + OvmfPkg/SataControllerDxe: log informative message at + DEBUG_INFO level + + OvmfPkg/PlatformBootManagerLib: log informative message at + DEBUG_INFO lvl + + OvmfPkg/PlatformPei: log informative message at DEBUG_INFO level + + UefiCpuPkg/CpuDxe: log informative message at DEBUG_INFO level + + MdeModulePkg/UsbBusDxe: log warning message at DEBUG_WARN level + + OvmfPkg/PlatformDebugLibIoPort: write messages with IoWriteFifo8() + + MdePkg/BaseIoLibIntrinsic: fix SEV (=unrolled) variants of IoWriteFifoXX() + + MdeModulePkg Xhci: Correct description of Timeout param in XhciReg.h + + BaseTools/GCC: set -Wno-unused-const-variable on RELEASE builds + + ArmVirtPkg: Enable UDF file system support + + OvmfPkg: Enable UDF file system support + + MdeModulePkg/PartitionDxe: Add UDF file system support + + OvmfPkg/IoMmuDxe: unmap all IOMMU mappings at ExitBootServices() + + OvmfPkg/IoMmuDxe: generalize IoMmuUnmap() to IoMmuUnmapWorker() + + OvmfPkg/IoMmuDxe: track all mappings + + OvmfPkg/VirtioScsiDxe: don't unmap VRING at ExitBootServices() + + OvmfPkg/VirtioRngDxe: don't unmap VRING at ExitBootServices() + + OvmfPkg/VirtioGpuDxe: don't unmap VRING & BackingStore at ExitBootServices + + OvmfPkg/VirtioBlkDxe: don't unmap VRING at ExitBootServices() + + MdeModulePkg/AtaAtapiPassThru: disable the device at ExitBootServices() + + MdeModulePkg/AtaAtapiPassThru: unmap DMA buffers after disabling + BM DMA + + MdeModulePkg/AtaAtapiPassThru: cache EnabledPciAttributes + + OvmfPkg/SecMain: Fix stack switching to permanent memory + + ArmPkg: add ArmCrashDumpDxe driver + + MdeModulePkg, NetworkPkg: Fix GCC build error + + NetworkPkg/Ip6Dxe: fix a bug in IP6 driver for IpSec protocol + notify + + MdeModulePkg/Ip4Dxe: fix a bug in IP4 driver for IpSec protocol + notify + + MdePkg: Add UEFI 2.7 defined GUID and structure for AIP network + media type + + MdeModulePkg/UefiBootManagerLib: Generate boot description for + SD/eMMC + + Pkcs7VerifyDxe: Don't allow Pkcs7Verify to install protocols twice + + SecurityPkg/Pkcs7Verify: Complete the Pkcs7VerifyDxe protocol + + MdePkg PeiMemoryAllocationLib: Update InternalAllocateAlignedPages + + MdePkg PeiMemoryAllocationLib: Update Free(Aligned)Pages + + MdeModule PeiCore: Support pre memory page allocation + + OvmfPkg/VirtioGpuDxe: negotiate VIRTIO_F_IOMMU_PLATFORM + + OvmfPkg/VirtioGpuDxe: map backing store to bus master device address + + OvmfPkg/VirtioGpuDxe: helpers for backing store (de)allocation+(un)mapping + + OvmfPkg/VirtioGpuDxe: take EFI_PHYSICAL_ADDRESS in ResourceAttachBacking() + + OvmfPkg/VirtioGpuDxe: map virtio GPU command objects to device + addresses + + OvmfPkg/VirtioGpuDxe: map VRING for bus master common buffer + operation + + OvmfPkg/IoMmuDxe: IoMmuFreeBuffer(): clean up DEBUG message + + OvmfPkg/IoMmuDxe: IoMmuAllocateBuffer(): nicer and more + informative DEBUGs + + OvmfPkg/IoMmuDxe: IoMmuUnmap(): clean up DEBUG message + + OvmfPkg/IoMmuDxe: IoMmuMap(): log nicer and more informative + DEBUG msgs + + OvmfPkg/BaseMemEncryptSevLib: clean up upper-case / lower-case + in DEBUGs + + OvmfPkg/BaseMemEncryptSevLib: promote DEBUG_WARN levels to + DEBUG_ERROR + + OvmfPkg/BaseMemEncryptSevLib: clean up debug logging of + PhysicalAddress + + OvmfPkg/BaseMemEncryptSevLib: clean up DEBUG prefixes + + OvmfPkg/BaseMemEncryptSevLib: break DEBUG calls to multiple lines + + OvmfPkg/BaseMemEncryptSevLib: unify encrypt/decrypt DEBUG messages + + ArmPkg: remove ArmDmaLib + + OvmfPkg/VirtioScsiDxe: negotiate VIRTIO_F_IOMMU_PLATFORM + + OvmfPkg/VirtioScsiDxe: map virtio-scsi request and response buffers + + OvmfPkg/VirtioScsiDxe: add helper to create a fake host adapter error + + OvmfPkg/VirtioScsiDxe: map VRING using VirtioRingMap() + + ArmPkg: remove UncachedMemoryAllocationLib + + BaseTools/Gcc ARM AARCH64: add support for building device tree + binaries + + BaseTools: Enable --whole-archive in GCC tool chain as the + default option + + UefiCpuPkg/Mplib.c: Perform complete initialization when enable AP + + OvmfPkg/VirtioBlkDxe: Check the return status of unmap data buffer + + ArmVirtPkg: remove DmaLib library class resolution + + ShellPkg: Update CWD and current mapping when commands return + + ShellPkg: Fix bug that fails to change CWD after "map -r" + + SecurityPkg: Add ARM/AARCH64 arch to enable RngTest module build + + OvmfPkg/QemuFwCfgDxeLib: SEV: zero FW_CFG_DMA_ACCESS before + decrypting it + + ArmPkg/ArmDmaLib: implement DmaAllocateAlignedBuffer() + + MdeModulePkg/UefiHiiLib: Fix incorrect check for string length + + OvmfPkg/VirtioBlkDxe: negotiate VIRTIO_F_IOMMU_PLATFORM + + Ovmfpkg/VirtioBlkDxe: map virtio-blk request and response buffers + + OvmfPkg/VirtioBlkDxe: map VRING using VirtioRingMap() + + MdePkg/S3PciSegmentLib: Add S3PciSegmentLib class and instance + + MdePkg/PciSegmentLib: Add instances that consumes PciSegmentInfoLib + + MdePkg/PciSegmentInfoLib: Add PciSegmentInfoLib class and instance + + UefiCpuPkg/CpuCommonFeaturesLib: Add CPUID MCA support check + + UefiCpuPkg: Update default for PcdCpuProcTraceMemSize/PcdCpuProcTraceOutputScheme + + UefiCpuPkg/CpuCommonFeaturesLib: Use MSR data structure when + change MSR value + + UefiCpuPkg/ArchitecturalMsr.h: Add RTIT TOPA table entry + definition + + UefiCpuPkg/MpLib: fix potential overflow issue + + UefiCpuPkg/PiSmmCpuDxeSmm: Fix memory protection crash + + BaseTools/EfiRom: Add multiple device id support + + OvmfPkg/VirtioRngDxe: negotiate VIRTIO_F_IOMMU_PLATFORM + + OvmfPkg/Virtio10: define VIRTIO_F_IOMMU_PLATFORM feature bit + + MdeModulePkg XhciDxe: Fix Map and Unmap inconsistency + + SecurityPkg/Tcg2Dxe: Properly shutdown TPM before reset + + OvmfPkg/VirtioRngDxe: map host address to device address + + OvmfPkg/VirtioLib: change the parameter of VirtioAppendDesc() + to UINT64 + + OvmfPkg/VirtioLib: alloc VRING buffer with AllocateSharedPages() + + OvmfPkg/VirtioLib: add function to map VRING + + OvmfPkg/Virtio10Dxe: add the RingBaseShift offset + + OvmfPkg/Virtio: take RingBaseShift in SetQueueAddress() + + OvmfPkg/VirtioLib: take VirtIo instance in VirtioRingInit/VirtioRingUninit + + OvmfPkg/VirtioLib: add VirtioMapAllBytesInSharedBuffer() helper + function + + OvmfPkg/VirtioMmioDeviceLib: implement IOMMU-like member functions + + OvmfPkg/VirtioPciDeviceDxe: implement IOMMU-like member functions + + OvmfPkg/Virtio10Dxe: implement IOMMU-like member functions + + OvmfPkg: introduce IOMMU-like member functions to VIRTIO_DEVICE_PROTOCOL + + BaseTools: Add the missing -pie link option in GCC tool chain + + ArmPkg/ArmDmaLib: remove dependency on UncachedMemoryAllocationLib + + OvmfPkg/QemuVideoDxe: remove AARCH64/ARM support + + ArmVirtPkg: remove QemuVideoDxe from ArmVirtQemu and ArmVirtQemuKernel + + BaseTools: Roll back GenFw Change to keep unknown field in RSDS + debug entry + + MdeModulePkg/DisplayEngine: Add implementation of HiiPopup protocol + + MdeModulePkg/Library: Remove the self-reference in + UdpIoLib/TcpIoLib/IpIoLib + + ShellPkg/mkdir: support creating nested directories + + MdeModulePkg/ScsiBusDxe: don't produce ScsiIo for nonexistent LUNs + + UefiCpuPkg/PiSmmCpuDxeSmm: Add CPUID MCA support check + + ArmPkg/ArmDmaLib: use double buffering only for bus master write + + ArmVirtPkg/FdtPL011SerialPortLib: call PL011UartLib in all + SerialPortLib APIs + + UefiCpuPkg RegisterCpuFeaturesLib: Fix buffer pointer error usage + + NetworkPkg/Ip6Dxe: Fix the bug when checking the DataSize + + MdePkg/BaseLib: Update internal LinkedList verifications + + MdePkg/BaseLib: Add IsNodeInList() function + + MdeModulePkg: Delete useless case code + + MdeModulePkg: Delete never touched code + + UefiCpuPkg/BaseUefiCpuLib.inf: Remove unnecessary library class + + UefiCpuPkg RegisterCpuFeaturesLib: Enhance debug messages. + +------------------------------------------------------------------- +Mon Aug 28 08:54:14 UTC 2017 - glin@suse.com + +- Update ovmf-embed-default-keys.patch to handle the empty + certificate files correctly + +------------------------------------------------------------------- +Thu Aug 17 04:10:00 UTC 2017 - glin@suse.com + +- Update to 2017+git1502826981.a136bc3ccf + + OvmfPkg/Protocol/VirtioDevice: fix comment style + + OvmfPkg/VirtioMmioDeviceLib: add missing IN and OUT decoration + + OvmfPkg/VirtioPciDeviceDxe: add missing IN and OUT decoration + + OvmfPkg/Virtio10Dxe: supply missing BUS_MASTER attribute + + OvmfPkg/VirtioPciDeviceDxe: supply missing BUS_MASTER attribute + + UefiCpuPkg MpInitLib: Save/restore original WakeupBuffer for + DxeMpLib + + ShellPkg UefiDpLib: Init CustomCumulativeData.MinDur + + MdeModulePkg DxeCore: Enhance "ConvertPages: Incompatible + memory types" + + MdeModulePkg DxeCore: Fix double free pages on LoadImage + failure path + + NetworkPkg/HttpBootDxe: Update device path node to include DNS + information + + MdeModulePkg/UefiBootManagerLib: Support DNS device path + description + + MdePkg/UefiDevicePathLib: Add DevPathFromTextDns and + DevPathToTextDns libraries + + MdePkg/DevicePath.h: Add DNS Device Path definition + + NetworkPkg/HttpDxe: Handle the HttpVersionUnsupported in the + HttpConfigData + + BaseTools: Support TabSpace between section tag in DEC file + + BaseTools: Don't need to add extra quotes when UI string from + file + + BaseTools/UPT: Support Multiple Installation + + BaseTools/Scripts: Add sample makefile for use with + RunMakefile.py + + BaseTools/Scripts: Add python script to run a makefile + + BaseTools/build: Expand PREBUILD/POSTBUILD DSC actions + + NetworkPkg/Ip6Dxe: Support SetData interface to clear specific + configuration + + MdeModulePkg/Ip4Dxe: Support SetData interface to clear + specific configuration + + ShellPkg/drivers: Fix GCC build failure + + BaseTools/edksetup.sh: fix invalid test for current working + directory + + ShellPkg/driver: Show "-" in non-SFO mode + + ShellPkg/drivers: Show Image Name in non-SFO mode + + MdeModulePkg: Variable: Fix typo in variable measure + + MdeModulePkg/NvmExpressDxe: Notify NVME HW when system reset + happens + + MdePkg/Nvme: Add NVME shutdown notification related macros + + NetworkPkg/HttpBootDxe: Refine the coding style. + + OvmfPkg/AcpiPlatformDxe: short-circuit the transfer of an empty + S3_CONTEXT + + MdeModulePkg SerialDxe: Process timeout consistently in + SerialRead + + UefiCpuPkg MtrrLib: Remove deprecated micro. + + UefiCpuPkg CpuDxe: Remove reference deprecated macro. + + UefiCpuPkg CpuDxe: Enhance get mtrr mask logic. + + BaseTools/Conf: apply nasmb, asm16 build rule order + + NetworkPkg/HttpDxe: Support HTTP Patch method + + OvmfPkg/PlatformPei: support >=1TB high RAM, and discontiguous + high RAM + + OvmfPkg/QemuFwCfgLib: Use BusMasterCommonBuffer to map + FW_CFG_DMA_ACCESS + + OvmfPkg/IoMmuDxe: Unmap(): recycle MAP_INFO after + BusMasterCommonBuffer[64] + + OvmfPkg/IoMmuDxe: abort harder on memory encryption mask + failures + + OvmfPkg/IoMmuDxe: implement in-place decryption/encryption for + Map/Unmap + + OvmfPkg/IoMmuDxe: rework setup of "MapInfo->PlainTextAddress" + in Map() + + OvmfPkg/IoMmuDxe: zero out pages before releasing them + + OvmfPkg/IoMmuDxe: clean up used library classes + + OvmfPkg/IoMmuDxe: propagate errors from AmdSevInstallIoMmuProtocol() + + OvmfPkg/IoMmuDxe: don't initialize local variables + + OvmfPkg/IoMmuDxe: convert UINTN arguments to UINT64 for the + %Lx fmt spec + + OvmfPkg/IoMmuDxe: rename HostAddress to CryptedAddress in + MAP_INFO + + OvmfPkg/IoMmuDxe: rename DeviceAddress to PlainTextAddress in + MAP_INFO + + OvmfPkg/IoMmuDxe: rewrap source code to 79 characters + + OvmfPkg/IoMmuDxe: Fix header guard macro + + MdeModulePkg/DisplayEngine: Fix incorrect display issue + + BaseTools/VfrCompile: Remove the MAX_PATH limitation + + BaseTools/VfrCompile: Fix segmentation fault issues + + NetworkPkg: iSCSI should allow to set 6 or 12 length of ISID + keyword. + + UefiCpuPkg: Enable Processor Trace feature. + + UefiCpuPkg: Add Processor Trace feature definition. + + UefiCpuPkg: Add Pcds used by processor trace feature. + + UefiCpuPkg/Msr: Add a missing IvyBridge processor signature + + MdeModulePkg PeiCore: Install SEC HOB data + + MdePkg: Add definition for SecHobData PPI + + UefiCpuPkg PiSmmCpuDxeSmm: Check LMCE capability when wait for + AP. + + UefiCpuPkg CpuCommonFeaturesLib: Enable LMCE feature. + + UefiCpuPkg: Add definition for LMCE feature. + + NetworkPkg: Display HTTP redirection info to the screen if need. + + ShellPkg/dblk: Honor the BlockIo alignment requirement. + + MdeModulePkg/Ufs: Set 'Data Segment Length' field for Write + Descriptor + + MdeModulePkg/UfsPassThruDxe: Add impl of UFS Device Config + Protocol + + UefiCpuPkg SecCore: Fix operands of different size in bitwise + operation + + MdePkg/Ftp4: Fix wrong function pointer declaration + + NetworkPkg/HttpDxe: Destroy the TLS instance when cleaning up + the HTTP child + + CryptoPkg/TlsLib: Remove the redundant free of BIO objects + + NetworkPkg/Ip6Dxe: Fix the IPv6 PXE boot option goes missing + issue + + Fix spelling typo in EFI_HTTP_STATUS_CODE + + NetworkPkg/HttpDxe: Refine the coding style. + + MdePkg/Http.h: Refine the coding style. + + ArmPkg: Move IS_DEVICE_PATH_NODE for sharing + + MdeModulePkg FirmwarePerfPei: Remove SEC performance data + getting code + + UefiCpuPkg SecCore: Add SecPerformancePpiCallBack + + UefiCpuPkg SecCore: Adjust PeiTemporaryRamBase&Size to be + 8byte aligned + + MdeModulePkg PeiCore: Handle notification PPI from SEC + + MdePkg PiPeiCis.h: Add description for notification PPI from + SEC + + MdeModulePkg PiSmmCoreMemoryAllocLib: Fix a FreePool() + assertion issue + + BaseTools/GenCrc32: Fix a bug to hand empty file for decode + + BaseTools/EfiLdrImage: Fix a segmentation fault from + vfprintf() + + BaseTools/EfiRom: Fix a segmentation fault from + vsprintf()/vfprintf() + + BaseTools/GenFfs: Fix a segmentation fault from + vsprintf()/vfprintf() + + BaseTools/GenSec: Fix a segmentation fault in main() + + BaseTools/Split: Fix the segmentation fault in GetSplitValue() + + BaseTools: Fix the bug to correctly check Pcd type that in FDF + file + + MdeModulePkg/PciBus: Avoid hang when BUS pad resource is not + in top + + ShellPkg: Avoid buffer out-of-bound access + + ShellPkg/setvar: Check the duplicate flag + + ShellPkg/ShellLib: Remove unused macros + + MdePkg: Follow UEFI 2.7 spec to deprecate SMM Communication + ACPI Table + + UefiCpuPkg PiSmmCommunicationSmm: Deprecate SMM Communication + ACPI Table + + MdeModulePkg/BMMUiLib: Check reset requirement before exiting + UiApp + + MdeModulePkg/BMUiLib: Check reset requirement before exiting + UiApp + + MdeModulePkg/SetupBrowser: Record the reset status in all + SendForm + + ShellPkg/map: Recognize CDROM change + + MdeModulePkg Xhci: Also RecoverHaltedEndpoint for BABBLE_ERROR + + MdeModulePkg SmmLockBoxDxeLib: Get SmmCommRegion for COMM + buffer + + MdePkg/ResetNotification: Rename to UnregisterResetNotify + + MdePkg: Add UEFI 2.7 defined GUID and structure for KMS + protocol. + + ShellPkg/ls: Display the file time in local time. + + BaseTools: Fix the bug that warn() function with only 1 + argument + + BaseTools: add some comment for .PrebuildEnv file's usage + + UefiCpuPkg: Update RegisterCpuFeaturesLib to consume + PcdGetSize with UINTN + + UefiCpuPkg: Update RegisterCpuFeaturesLib module UNI to match + it + + MdeModulePkg: Update NonDiscoverableDeviceRegistrationLib file + header format + + MdePkg UsbFunctionIo.h: Update comments for GetDeviceInfo + return status + + UefiCpuPkg: Remove deprecated CPU feature. + + MdeModulePkg SmmAccess: Update comments to follow PI spec. + + MdePkg SmmAccess2: Update comments to follow PI spec. + + UefiCpuPkg RegisterCpuFeaturesLib: Add error handling. + + MdeModulePkg/DxeCore: Avoid accessing non-owned memory + + MdePkg DxeHstiLib: Fix memory leak issue + + MdePkg Hsti.h: Update version info to 1.1a + + ArmPlatformPkg: Support different PL011 reg offset + + CryptoPkg/OpensslLib AARCH64: clear XIP CC flags + + BaseTools/tools_def AARCH64: avoid SIMD registers in XIP code + + BaseTools/tools_def AARCH64: mark register x18 as reserved + + BaseTools/Build: Support python scripts in PREBUILD/POSTBUILD + + UefiCpuPkg CpuCommonFeaturesLib: Fix smx/vmx enable logic + error. + + UefiCpuPkg RegisterCpuFeaturesLib: Add error handling code. + + OvmfPkg/QemuFwCfgLib: Suppress GCC49 IA32 build failure + + MdePkg: Declare _ReturnAddress() in Base.h for MSFT tool chain + + OvmfPkg: update PciHostBridgeDxe to use PlatformHasIoMmuLib + + OvmfPkg/QemuFwCfgLib: Add SEV support + + OvmfPkg: Add IoMmuDxe driver + + OvmfPkg: Add PlatformHasIoMmuLib + + OvmfPkg: Add AmdSevDxe driver + + OvmfPkg/PlatformPei: Set memory encryption PCD when SEV is + enabled + + OvmfPkg/BaseMemcryptSevLib: Add SEV helper library + + OvmfPkg: Update dsc to use IoLib from BaseIoLibIntrinsicSev.inf + + OvmfPkg/ResetVector: Set C-bit when building initial page table + + MdeModulePkg/XhciDxe: Make comments align with function + + MdeModulePkg/PartitionDxe: Add impl of Partition Information + Protocol + + MdePkg: Add EFI Partition Information Protocol definitions + + BaseTools: Report Fd File Path in build log + + BaseTools: Fix FDF file parse !include file issue + + BaseTools: Add PCDs conditional operator function + + BaseTools/Eot: register MM Module types with FFS class. + + BaseTools/Workspace: check MM module type compatibility with + PI version. + + BaseTools/build: register MM module types with build tools. + + BaseTools/GenFds: register MM Modules and MM FV file types. + + BaseTools/CommonDataClass: register MM Modules. + + BaseTools/Common: add support in FDF Parser to parse MM + Modules. + + BaseTools/Common: add MM Module data types. + + BaseTools/AutoGen: auto generate MM template APIs and + dependencies. + + BaseTools/GenFw: recognize MM file types as EFI Boot Service + Drivers. + + BaseTools/GenFfs: add FFS file types for MM modules. + + UefiCpuPkg MpInitLib: Update return status to follow spec. + + UefiCpuPkg CpuMpPei: Update return status to follow spec. + + UefiCpuPkg CpuDxe: Update return status to follow spec. + + MdePkg MpServices: Update return status to follow spec. + + BaseTools/GenFw: disregard payload in PE debug directory entry + size + + MdeModulePkg/NvmExpressDxe: Handle timeout for blocking + PassThru req + + OvmfPkg: mention the extended TSEG near the PcdQ35TsegMbytes + declaration + + OvmfPkg/PlatformPei: honor extended TSEG in PcdQ35TsegMbytes + if available + + OvmfPkg/SmmAccess: support extended TSEG size + + OvmfPkg/IndustryStandard/Q35MchIch9.h: add extended TSEG size + macros + + OvmfPkg: make PcdQ35TsegMbytes dynamic + + OvmfPkg/SmmAccess: prepare for PcdQ35TsegMbytes becoming dynamic + + OvmfPkg/PlatformPei: prepare for PcdQ35TsegMbytes becoming dynamic + + OvmfPkg: widen PcdQ35TsegMbytes to UINT16 + + OvmfPkg: update -D E1000_ENABLE from Intel PROEFI v.07 to + BootUtil v.22 + + OvmfPkg: disable build-time relocation for DXEFV modules + + ArmVirtPkg: remove status code support + + ArmPlatformPkg: convert VExpress ResetSystemLib to + ResetSystemLib + + MdeModulePkg/XhciDxe: Check timeout URB again after stopping + endpoint + + MdeModulePkg/XhciDxe: Separate common logic to XhcTransfer + + MdeModulePkg/XhciDxe: Dump the CMD/EVENT/INT/BULK ring + information + + MdeModulePkg/XhciDxe: Refine IsTransferRingTrb and + IsAsyncIntTrb + + BaseTools: suppress usage instructions with rebuild options + + ArmVirtPkg: switch to generic ResetSystemRuntimeDxe + + ArmPkg: implement ResetSystemLib using PSCI 0.2 calls + + MdeModulePkg CapsuleApp: Fix print info in BuildGatherList() + + MdeModulePkg ResetSystem: Update the comments of ResetSystem() + + MdeModulePkg/ResetSystem: Implement ResetNotification protocol + + MdeModulePkg/ResetSystem: Remove unnecessary global variable + + MdePkg: Add ResetNotification protocol definition + + MdeModulePkg PeiCore: Correct the comments of PeiResetSystem2 + + MdePkg: Correct the comments of EFI_PEI_RESET2_SYSTEM + + ShellPkg: Update dh command to reflect correct driver field + information + + MdeModulePkg/AtaAtapiPassThru: relax PHY detect timeout + + MdePkg/IndustryStandard: update ACPI/IORT definitions to + revision C + + ShellPkg DmpStore: Make NameSize to be consistent with name + buffer + + MdeModulePkg/BdsDxe: Report Status Code when booting from + BootOrder list + + MdePkg/PiStatusCode: Add new Status Code for BDS when + attempting BootOrder + + Revert "MdeModulePkg/DxeCore: Fixed Interface returned by + CoreOpenProtocol" + + UefiCpuPkg: Modify GetProcessorLocationByApicId() to support + AMD. + + UefiCpuPkg: Add CPUID definitions for AMD. + + UefiCpuPkg: Define AMD Memory Encryption specific CPUID and MSR + + MdeModulePkg DxeCore: Only free ScratchBuffer when it is not + NULL + + MdeModulePkg/DxeCore: Fixed Interface returned by + CoreOpenProtocol + + BaseTools/PatchCheck.py: Add warning info for new binary files + + BaseTools/PatchCheck.py: Fix misreport for binary changes in + patch + + BaseTools: support building the same INF more than once with + -m option + + BaseTools: report error HiiString in HII format PCD must not + be empty + + BaseTools: Fix the bug that use '|' or '||' in DSC file's Pcd + value + + BaseTools: Enhance the report to not show the empty section + + BaseTools: Enhance DEC Defines section format check + + BaseTools: Copy "TianoCore" userextensions into As Built Inf + + BaseTools: Copy "MODULE_UNI_FILE" file into OUTPUT directory + + MdePkg/Cper.h: Update Firmware Error Record per UEFI 2.7 + + MdeModulePkg: Enhance the debug message for + InstallProtocolInterface + + MdePkg: update Base.h in MdePkg to check the _MSC_VER + + BaseTools: add /Gw to CC_FLAGS for VS2013 and higher tool + chain tags + + NetworkPkg: Fix GCC build issue. + + BaseTools/tools_def: AARCH64: disable LTO type mismatch + warnings + + BaseTools/tools_def GCC: ARM/AARCH64: drop -save-temps from + command line + + MdeModulePkg Variable: Add missing change in dd59d95e1994 + + MdeModulePkg: Minor update to the Data parameter for PEI + GetVariable() + + MdePkg: Minor update to the Data parameter for PEI + GetVariable() + + NetworkPkg/HttpBootDxe: Add HTTP Boot Callback protocol + support. + + MdePkg: Add header file for HTTP Boot Callback protocol + in UEFI 2.7. + + MdeModulePkg: Return invalid param in LocateProtocol for + Protocol==NULL + + MdePkg: Add EFI UFS Device Config Protocol definitions + + MdeModulePkg: Fix use-after-free error in + InstallConfigurationTable() + + MdeModulePkg: Clean ACPI 2.0 characters in UEFI spec + + MdePkg: Clean ACPI 2.0 characters in UEFI spec + + UefiCpuPkg/SmmCpuFeatureLib: Add more CPU ID for + SmmFeatureControl. + + ShellBinPkg: Ia32/X64 Shell binary update. + + MdeModulePkg/BMMUiLib: Fix incorrect variable name + + SecurityPkg TcgDxe: Simplify debug msg when "TPM not working + properly" + + ShellPkg: Fix typo errors in ifconfig help output + + Shell/alias: Print detailed error when deleting alias + + OvmfPkg/AcpiPlatformDxe: fix spurious uninitialized var warning + + NetworkPkg/HttpBootDxe: Handle new #define in HttpBootDxe + + MdeModulePkg/DxeHttpLib: Handle new #define in + HttpMappingToStatusCode + + MdePkg/Http.h: Add #define for 308 redirect + + ShellPkg/ifconfig: Update help message + + MdeModulePkg/PciHostBridgeDxe: Make bitwise operands of the + same size + + OvmfPkg/AcpiPlatformDxe: alloc blobs from 64-bit space unless + restricted + + BaseTools: Fix the bug use same FMP_PAYLOAD in different + capsule file + + BaseTools: Fix incremental build failure that override file be + removed + + ShellBinPkg: Ia32/X64 Shell binary update. + + ShellPkg/parse: Handle Unicode stream from pipe correctly + + ShellPkg/alias: Return status for alias deletion + + MdePkg SmmIoLib: Use NULL pointer check instead of useless + Status check + + MdePkg SmmMemLib: Remove ASSERT in SmmIsBufferOutsideSmmValid + + MdeModulePkg/UefiPxeBcDxe: Refine the PXE boot displayed + information + + MdeModulePkg/UefiPxeBcDxe: Fix the PXE BootMenu selection issue +- Build x86_64 4MB images since upstream switched to 4MB by for a + larger space for variables. Also update README to reflect the + change. +- Remove License-fat-driver.txt since FatPkg uses the same license + as the root license. +- Add the OVMF license file +- Disable the PIE/PIC warning for the debug files since all object + files will be converted to PE/COFF, so it's pointless to enable + PIE/PIC. +- Remove Default_DB_EX and Default_DBX correctly + +------------------------------------------------------------------- +Mon Jun 5 09:34:28 UTC 2017 - glin@suse.com + +- Update to 2017+git1496630893.7ec69844b8 + + ShellPkg/alias: Fix bug to support upper-case alias + + BaseTools/GCC ARM/AARCH64: Force disable PIE + + BaseTools/Scripts: discard .gnu.hash section in GCC builds + + OvmfPkg: make the 4MB flash size the default + + MdeModulePkg/BDS: Fix a buffer overflow bug + + CryptoPkg/BaseCryptLib: Add NULL pointer checks in DH and P7Verify + + UefiCpuPkg/BaseUefiCpuLib: Use NASM read-only data section name + + OvmfPkg/PlatformPei: align EmuVariableNvStore at any page boundary + + OvmfPkg/EmuVariableFvbRuntimeDxe: change block size to 4KB + + OvmfPkg/EmuVariableFvbRuntimeDxe: correct NumOfLba vararg type + in EraseBlocks() + + ArmPlatformPkg/NorFlashDxe: correct NumOfLba vararg type in + EraseBlocks() + + OvmfPkg/EmuVariableFvbRuntimeDxe: always format an auth + varstore header + + MdeModulePkg/PciBus: Add IOMMU support + + MdeModulePkg/PciHostBridge: Add IOMMU support + + MdeModulePkg/Include: Add IOMMU protocol definition + + ShellPkg/HandleParsingLib: Show LoadedImageProtocol file path + as text + + NetworkPkg: Fix issue in dns driver when building DHCP packet + + Addressing TCP Window Retraction when window scale factor is used + + Add wnd scale check before shrinking window + + UefiCpuPkg/MtrrLib: Don't report OutOfResource when MTRR is enough + + MdePkg DxeServicesLib: Handle potential NULL FvHandle + + OvmfPkg/PlatformPei: handle non-power-of-two spare size for + emu variables + + SecurityPkg/Pkcs7VerifyDxe: Add format check in DB list contents + + OvmfPkg: raise max variable size (auth & non-auth) to 33KB for + FD_SIZE_4MB + + OvmfPkg: introduce 4MB flash image (mainly) for Windows HCK + + OvmfPkg/OvmfPkg.fdf.inc: extract VARS_LIVE_SIZE and + VARS_SPARE_SIZE macros + + OvmfPkg: introduce the FD_SIZE_IN_KB macro / build flag + + ArmVirtPkg: install EdkiiPlatformHasDeviceTree proto in the + 32-bit builds + + NetworkPkg: Fix PXEv6 boot failure when DhcpBinl offer received + + NetworkPkg: Fix bug in iSCSI mode ipv6 when enabling target DHCP + + Fix issue the iSCSI client can not send reset packet + + CryptoPkg/SmmCryptLib: Enable HMAC-SHA256 support for SMM + + ShellPkg/Shell: eliminate double-free in RunSplitCommand() + + ShellPkg/Shell: clean up bogus member types in SPLIT_LIST + + MdeModulePKg/BDS: Build meaningful description for Wi-Fi boot + option + + MdeModulePkg/DeviceManagerUiLib: Fix the network device MAC + display issue + + MdeModulePkg/Mtftp4Dxe: Add invalid ServerIp check during MTFTP + configuration + + NetworkPkg/TlsAuthConfigDxe: Close and free the file related + resource + + NetworkPkg: Correct the proxy DHCP offer handing + + NetworkPkg/HttpDxe: Fix HTTP download OS image over 4G size + failure + + MdeModulePkg/UefiBootManagerLib: Avoid buggy USB short-form + expanding + + NetworkPkg: Fix bug related DAD issue in IP6 driver + + NetworkPkg: Add check logic for iSCSI driver + + MdeModulePkg PiSmmCore: Enhance SMM FreePool to catch buffer + overflow + + UefiCpuPkg/PiSmmCpuDxeSmm: Lock should be acquired + + MdeModulePkg/BootManagerMenu: Add assertion to indicate no DIV + by 0 + + CryptoPkg: Correct some minor issues in function comments + + MdePkg/UefiLib: Avoid mis-calculate of graphic console size + + MdeModulePkg/PiSmmCore: Fix potentially uninitialized local + variable + + MdeModulePkg DxeCore: Fix issue to print GUID value %g without + pointer + + ArmVirtPkg/ArmVirtXen: remove ARM BdsLib library class resolution +- Add ovmf-disable-ia32-firmware-piepic.patch to disable pic/pie + explicitly since gcc7 in Factory enables pic/pie by default but + GenFw cannot handle the GOT sections and failed the build. + +------------------------------------------------------------------- +Sat May 6 20:34:20 UTC 2017 - meissner@suse.com + +- ovmf-pie.patch: add -fPIE to the Common build Makefile to + allow a global PIE build. + +------------------------------------------------------------------- +Thu Apr 13 07:13:09 UTC 2017 - glin@suse.com + +- Update to 2017+git1492060560.b6d11d7c46 (fate#322331, bsc#1032659) + + MdePkg: BaseIoLibIntrinsic (IoLib class) library + + MdeModulePkg/IdeBusPei: Fix undefined behavior in signed left + shift + + MdeModulePkg/ScsiDiskDxe: Fix undefined behavior in signed left + shift + + OvmfPkg/QemuVideoDxe: VMWare SVGA device support + + MdeModulePkg/UefiBootManagerLib: Enhance short-form expanding + logic + + CryptoPkg/BaseCryptLib: Adding NULL checking in time() wrapper + + CryptoPkg: Fix possible unresolved external symbol issue. + + CryptoPkg/OpensslLib: Suppress extra build warnings in openssl + source + + CryptoPkg: Move openssl and CRT headers to private include + section + + BaseTools: Update tools_def.template to add -fno-builtin in GCC + tool chain + + SecurityPkg: SecureBootConfigDxe: Support AUTH_2 enrollment to + DBX + + MdeModulePkg/UefiHiiLib:Fix incorrect comparison expression + + ArmVirtPkg/ArmVirtQemuKernel: increase slack space for DTB + + ArmVirtPkg/FdtClientDxe: honor memory DT node 'status' property + + NetworkPkg: Fix some bugs related to iSCSI keyword configuration + + MdeModulePkg/DxeHttpLib: Avoid the pointless comparison of + UINTN with zero + + BaseTools: Enhance expression to support some more operation + + MdePkg/Shell.h: Update Shell version from 2.1 to 2.2 + + UefiCpuPkg/PiSmmCpuDxeSmm: Update saved SMM ranges check in + SmmProfile + + ArmVirtPkg/PlatformHasAcpiDtDxe: allow guest level ACPI disable + override + + BaseTools/GCC AARCH64: force disable PIC code generation + + UefiCpuPkg/MtrrLib: Use a better algorithm to calculate MTRR + + MdeModulePkg/SmmCore: Fix memory leak on Profile unregistered + + OvmfPkg: Allow multiple add-pointer linker commands to same + ACPI table +- Drop upstream patch: ovmf-bsc1031336-fix-hii-gcc7-build.patch + +------------------------------------------------------------------- +Wed Apr 5 04:43:20 UTC 2017 - glin@suse.com + +- Add ovmf-bsc1031336-fix-hii-gcc7-build.patch to fix gcc7 build + (bsc#1031336) + +------------------------------------------------------------------- +Thu Mar 30 08:31:38 UTC 2017 - glin@suse.com + +- Update to 2017+git1490844769.d3017dd96b + + MdeModulePkg/DxeHttpLib: Fix the incorrect return status if URI + port is invalid + + NetworkPkg/DnsDxe: Fix zero StationIp configuration failure of + DNSv6 + + CryptoPkg: Clean-up CRT Library Wrapper + + CryptoPkg: Fix handling of &strcmp function pointers + + CryptoPkg/OpensslLib: Update INF files to support OpenSSL-1.1.0x + build + + ArmVirtPkg/PlatformHasAcpiDtDxe: don't expose DT if QEMU + provides ACPI + + ArmVirtPkg: enable AcpiTableDxe and EFI_ACPI_TABLE_PROTOCOL + dynamically + + ArmVirtPkg: add XenPlatformHasAcpiDtDxe + + ArmVirtPkg: add PlatformHasAcpiDtDxe + + UefiCpuPkg/AcpiCpuData.h: Support >4GB MMIO address + + NetworkPkg/IScsiDxe: Fix the incorrect error handling in + DriverEntryPoint + + Fix potential ASSERT if NetIp4IsUnicast is called + + ArmPkg/PlatformBootManagerLib: move to BootLogoLib for boot + splash support + + UefiCpuPkg: Add CPU Features PEI/DXE drivers + + ArmVirtPkg/HighMemDxe: use CPU arch protocol to apply memprotect + policy + + MdeModulePkg/BootGraphicsResourceTableDxe: don't allocate below + 4 GB + + MdeModulePkg/DxeCore: deal with allocations spanning several + memmap entries + + MdeModulePkg/AcpiTableDxe: Not make FADT.{DSDT,X_DSDT} mutual + exclusion + + NetworkPkg: Fix service binding issue in TCP dxe + + MdeModulePkg: Fix service binding issue in TCP4 and Ip4 dxe + + MdeModulePkg: Fix bug in DxeHttplib when converting port number + + MdeModulePkg/Ip4Dxe: Add Ip/Netmask pair check for Ip4Config2 + + ArmPkg/UncachedMemoryAllocationLib: set XP bit via CPU arch + protocol + + MdeModulePkg DxeCore: Remove unreferenced symbol for memory + profile + + MdeModulePkg PiSmmCore: Remove unreferenced symbol for SMRAM + profile + + NetworkPkg: Fix potential bug if the iSCSI use dns protocol + + MdePkg/UefiDevicePathLib: Fix the wrong MAC address length + + OvmfPkg/AcpiPlatformDxe: save fw_cfg boot script with QemuFwCfgS3Lib + + ArmVirtPkg, OvmfPkg: retire QemuFwCfgS3Enabled() from QemuFwCfgLib + + OvmfPkg: resolve QemuFwCfgS3Lib + + ArmVirtPkg: resolve QemuFwCfgS3Lib + + OvmfPkg/QemuFwCfgS3Lib: add initial PEI and DXE fw_cfg library + instances + + OvmfPkg: introduce QemuFwCfgS3Lib class + + MdeModulePkg/SmmCore: Add Context in SmiHandlerProfileUnregister + + MdeModulePkg/UefiBootManagerLib: Generate boot description for + NVME + + ArmVirtPkg/ArmVirtPL031FdtClientLib: unconditionally disable DT + node + + ArmVirtPkg/FdtClientDxe: supplement missing EFIAPI calling conv + specifiers + + MdeModulePkg/AcpiTableDxe: improve FADT.{DSDT,X_DSDT} mutual + exclusion + + ArmPkg/CpuDxe: handle implied attributes in EfiAttributeToArmAttribute + + ArmVirtPkg: apply PE/COFF memory protection to DxeCore as well + + ArmPkg/UncachedMemoryAllocationLib: map uncached allocations + non-executable + + ArmPkg/UncachedMemoryAllocationLib: use CWG value to align pool + allocations + + ArmPkg/UncachedMemoryAllocationLib: restore mapping attributes + after free +- Update openssl to 1.1.0e + +------------------------------------------------------------------- +Wed Mar 8 06:53:17 UTC 2017 - glin@suse.com + +- Update to 2017+git1488934948.29e9bf10dc + + ArmVirtPkg: enable non-executable DXE stack for all platforms + + ArmVirtPkg: enable PE/COFF image and memory protection for ARM + platforms + + ArmPkg/CpuDxe ARM: honour RO/XP attributes in SetMemoryAttributes() + + ArmPkg/CpuDxe ARM: avoid unnecessary cache/TLB maintenance + + ArmPkg/CpuDxe ARM: avoid splitting page table sections + unnecessarily + + Refine casting expression result to bigger size + + NetworkPkg/Dhcp6Dxe: Handle the Nil UUID case + + ArmVirtPkg AARCH64: enable NX memory protection for all platforms + + ArmVirtPkg/HighMemDxe: preserve non-exec permissions on newly + added regions + + SecurityPkg: Fix potential bug in Security Boot dxe + + MdeModulePkg/EbcDxe: use EfiBootServicesCode memory for thunks + + CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2k + (bsc#1030565) + + ArmVirtPkg: clear PcdPerformanceLibraryPropertyMask PCD + + Ignore duplicated DNS address check + + MdeModulePkg/DxeCore: base code protection on permission + attributes + + OvmfPkg: exclude libssl functionality from OpensslLib if + TLS_ENABLE=FALSE + + CryptoPkg/OpensslLib: introduce OpensslLibCrypto instance + + ArmVirtPkg/ArmVirt.dsc.inc: AARCH64: enable DXE image + protection feature + + OvmfPkg/XenBusDxe: Use EFIAPI for XenStoreVSPrint + + Update the Ethernet interface name + + NetworkPkg:Add scriptable configuration to iSCSI driver by + leveraging x-UEFI + + ArmPkg/ArmMmuLib: AARCH64: enable stack alignment checking + + ArmPlatformPkg/ArmPlatformStackLib: use callee preserved + registers + + MdeModulePkg/DxeCore: Add UEFI image protection + + UefiCpuPkg/CpuDxe: Add memory attribute setting + + OvmfPkg/QemuFwCfg: introduce FW_CFG_IO_SELECTOR, FW_CFG_IO_DATA, + and FW_CFG_IO_DMA_ADDRESS + + UefiCpuPkg/ExceptionHandlerAsm.S: Fix code length issue with + GCC 5.4 + + ArmPkg/ArmMmuLib: AARCH64: add support for modifying only + permissions + + ArmPkg/CpuDxe: ARM: ignore page table updates that only change + permissions + + ArmPkg/CpuDxe: translate invalid memory types in + EfiAttributeToArmAttribute + + ArmPkg/CpuDxe: Correct EFI_MEMORY_RO usage + + OvmfPkg/AcpiPlatformDxe: implement the QEMU_LOADER_WRITE_POINTER + command + + MdeMoudlePkg/DisplayEngine: Fix incorrect index used in array + "InputText" + + MdeModulePkg: Add the EFI_PRINT2S_PROTOCOL + + MdePkg/BasePrintLib: Add safe print functions [A|U]ValueToStringS + + Refine the SPrint functions + + SecurityPkg: enhance secure boot Config Dxe & Time Based + AuthVariable + + Generate the correct operational state of the interface + + NetworkPkg/HttpBootDxe: Update to check specified media type + + NetworkPkg/HttpBootDxe: Request HTTP token notify as a DPC at + TPL_CALLBACK + + NetworkPkg/iSCSIDxe: Update the condition for IScsiStart Abort + + MdePkg ACPI: Incorrect definition name for ACPI IORT Table + signature + + MdeModulePkg/PciBus: Accept Spec values as BarIndex and + Alignment + + NetworkPkg/NetworkPkg.uni: Define the prompt and help + information for PcdAllowHttpConnections + + MdeModulePkg/DxeHttpLib: Correct the return status for the + HTTP Port/ContentLength + + MdeModulePkg/UefiBootManagerLib: Initialize Handle before + using it + + OvmfPkg/SmmControl2Dxe: select broadcast SMI if available + + OvmfPkg: dynamic defaults for PcdCpuSmmApSyncTimeout, + PcdCpuSmmSyncMode + + ArmVirtPkg/QemuFwCfgLib: implement QemuFwCfgSkipBytes() API + + ArmVirtPkg/QemuFwCfgLib: use DMA for QemuFwCfgWriteBytes() if + available + + ArmVirtPkg/QemuFwCfgLib: extract generic DmaTransferBytes() + function + + OvmfPkg/QemuFwCfgLib: add QemuFwCfgSkipBytes() + + OvmfPkg/QemuFwCfgLib: generalize InternalQemuFwCfgDmaBytes() + to SKIP op + + SecurityPkg: Tcg2Dxe: Update PCR[4] measure logic + + MdePkg: Add definitions for SMBIOS spec 3.1.1 + + OvmfPkg/QemuVideoDxe: Frame buffer config size may change in + new mode +- Update openssl to 1.0.2k + +------------------------------------------------------------------- +Tue Jan 24 04:04:31 UTC 2017 - glin@suse.com + +- update to 2017+git1485224553.6671cd7444 + + NetworkPkg: Fix protocol handler service in HttpDxe + + OvmfPkg: Allow HTTP connections if HTTP Boot enabled + + NetworkPkg: Add PCD to enable the HTTP connections switch + + MdePkg: Add definitions for SMBIOS spec 3.1.0 + + ArmPlatformPkg/NorFlashDxe: Change Flash memory attributes + before writes + + MdePkg DxeHobLib: Make GetHobList working before Constructor + is called + + NetworkPkg: Add dns support for target URL configuration in + ISCSI + + MdeModulePkg/FileExplorer: Enable functionality of creating + new file/folder + + OvmfPkg: pull in TLS modules with -D TLS_ENABLE (also enabling + HTTPS) + + OvmfPkg: correct the IScsiDxe module included for the IPv6 stack + + OvmfPkg: always resolve OpenSslLib, IntrinsicLib and + BaseCryptLib + + OvmfPkg: Modify QemuFwCfgLib to use new IoLib class library + + OvmgPkg/PlatformBootManagerLib: Add Debug Agent console + + OvmfPkg/SmmControl2Dxe: correct PCI_CONFIG_READ_WRITE in S3 + boot script + + OvmfPkg: Install BGRT ACPI table + + MdeModulePkg/Bds: Fix a bug that may causes S4 fails to resume + + MdePkg, MdeModulePkg: S3BootScriptSaveMemPoll(): accept 64-bit + LoopTimes + + NetworkPkg/HttpDxe: Fix the potential NULL dereference + + NetworkPkg/HttpDxe: HTTPS support over IPv4 and IPv6 + + NetworkPkg/TlsAuthConfigDxe: Provide the UI to support TLS + auth configuration + + NetworkPkg/TlsDxe: TlsDxe driver implementation over OpenSSL + + MdePkg: Add TLS related protocol definition + + MdePkg/MemoryLib: Refine InternalMemSetMem16|32|64 functions + logic + + NetworkPkg: Replace ASSERT with error return code in PXE and + HTTP boot driver + + MdeModulePkg: Replace ASSERT with error return code in PXE + driver + + UefiCpuPkg/Cpuid.h: Update CPUID definitions with SDM (Sep.2016) + + UefiCpuPkg/Include: Update MSR header files with SDM (Sep.2016) + + UefiCpuPkg/PiSmmCpuDxeSmm: Always initialze PSD + + MdeModulePkg/PiSmmCore: MemoryAttributeTable need keep non-PE + record + + MdeModulePkg/PiSmmCore: AllocatePool should use MemoryType + + OvmfPkg/XenHypercallLib: Add EFIAPI + + OvmfPkg/QemuFwCfgLib: support QEMU's DMA-like fw_cfg access + method + + ArmVirtPkg/QemuFwCfgLib: rebase lib instance to updated lib + class header + + OvmfPkg/QemuFwCfgLib: extend lib class header with more + definitions + + ArmVirtPkg, OvmfPkg: QemuFwCfgLib: move DMA-related defs to lib + class + + OvmfPkg/QemuFwCfgLib: move InternalQemuFwCfgIsAvailable() to + lib instances + + ArmVirtPkg/QemuFwCfgLib: remove superfluous InternalQemuFwCfgIsAvailable() + + OvmfPkg: Remove use of IntelFrameworkModulePkg legacy libs + + UefiCpuPkg/PiSmmCpuDxeSmm: Remove MTRRs from PSD structure + + UefiCpuPkg/PiSmmCpuDxeSmm: Clear some semaphores on S3 boot + path + + ArmPkg/ArmDmaLib: add support for fixed host-to-device DMA + offset + + ArmPkg/ArmDmaLib: clean up abuse of device address + + ArmPkg/ArmDmaLib: fix incorrect device address of double buffer + + ArmPkg/ArmDmaLib: use DMA buffer alignment from CPU arch + protocol + + ArmPkg/ArmMmuLib: support page tables in cacheable memory only + + UefiCpuPkg/PiSmmCpu: relax superpage protection on page split + + OvmfPkg/PlatformPei: take VCPU count from QEMU and configure + MpInitLib + + UefiCpuPkg/MpInitLib: wait no longer than necessary for initial + AP startup +- Enable TLS support by default (for HTTPS) + +------------------------------------------------------------------- +Tue Nov 29 07:07:40 UTC 2016 - glin@suse.com + +- update to 2017+git1480394913.2b2efe3: + + UefiCpuPkg/PiSmmCpuDxeSmm: handle dynamic + PcdCpuMaxLogicalProcessorNumber + + SecurityPkg Tcg2ConfigDxe: Align Attempt TPM Device help with + options + + SecurityPkg Tcg2ConfigDxe: Remove BlockSID actions and related + strings + + SecurityPkg OpalPasswordDxe: Use PP actions to enable BlockSID + + SecurityPkg Tcg2PPLib: Support BlockSID related actions + + MdeModulePkg/NetLib: Handle an invalid IPv6 address case + + UefiCpuPkg/DxeMpLib: Fix bug when getting target C-State from + eax + + UefiCpuPkg/DxeMpLib: Make sure APs in safe loop code + + UefiCpuPkg/DxeMpLib: Allocate new safe stack < 4GB + + UefiCpuPkg/DxeMpLib: Get safe AP loop handler from global + variable + + ArmPlatformPkg: Fix VE RTSM mem map descriptor count + + ArmPlatformPkg: Reformat VE Memory Map code + + ArmPkg: remove the LinuxLoader application + + MdeModulePkg/SetupBrowser:Don't support password without + interactive flag + + MdeModulePkg/DisplayEngine: Popup dialogue when password is + not supported + + MdeModulePkg/AtaAtapiPassThru: Ensure GHC.AE bit is always set + in Ahci + + MdeModulePkg/Xhci: Add 10ms delay before sending SendAddr cmd + to dev + + UefiCpuPkg/PiSmmCpu: Correct exception message + + UefiCpuPkg: fix feature test for Extended Topology CPUID leaf + + SecurityPkg DxeTcg2PPLib: Lock Tcg2PhysicalPresenceFlags + variable on S4 + + MdeModulePkg/DxeNetLib: Allow the IPv4/prefix case when + AsciiStrToIp4 + + ShellPkg: update ping6 to use timer service instead of timer + arch protocol + + MdeModulePkg/DisplayEngine: Return the selectable menu + correctly + + SecurityPkg Tcg2Dxe: ASSERT to ensure 'VarData' is not NULL + + SecurityPkg TcgStorageCoreLib: ASSERT to ensure 'ByteSeq' is + not NULL + + UefiCpuPkg/PiSmmCpuDxeSmm: dynamic PcdCpuSmmApSyncTimeout, + PcdCpuSmmSyncMode + + MdeModulePkg/PiSmmCore: Cache CommunicationBuffer info before + using it + + Check for the max DHCP packet length before use it + + OvmfPkg: Add 4K PE alignment to enable SMM page level + protection + + UefiCpuPkg/PiSmmCpu: Check XdSupport before set NX + + MdeModulePkg/BdsDxe: Avoid overwriting PlatformRecovery#### + + MdeModulePkg/BdsDxe: Fix bug to run non-first + PlatformRecovery#### + + PcAtChipsetPkg/PcRtc: Handle NULL table entry in RSDT/XSDT + + UefiCpuPkg/SecCore: Correct print format for stack information + + MdeModulePkg/PiSmmCpuDxeSmm: Check RegisterCpuInterruptHandler + status + + MdeModulePkg/CpuExceptionHanderLibNull: + RegisterCpuInterruptHandler() + + UefiCpuPkg/PiSmmCpuDxeSmm: Add volatile to mNumberToFinish + + UefiCpuPkg/PiSmmCpuDxeSmm: TransferApToSafeState() use UINTN + params + + MdePkg/BaseSynchronizationLib: Fix function names in function + headers + + MdePkg/BaseSynchronizationLib: Add volatile Interlocked*() APIs + + MdePkg/Include: Add volatile to SynchronizationLib parameters + + UefiCpuPkg/MpInitLib: support 64-bit AP stack addresses + + UefiCpuPkg/MpInitLib/X64/MpFuncs.nasm: fix fatal typo + + UefiCpuPkg/MpInitLib/X64/MpFuncs.nasm: remove superfluous + instruction + + UefiCpuPkg/DxeMpInitLib: remove duplicate HobLib class + dependency + + MdeModulePkg/Include: Add PiSmmMemoryAttributesTable.h + + MdeModulePkg HiiDatabase: Remove extra memory initialization + + UefiCpuPkg/PiSmmCpuDxeSmm: Add paging protection + + UefiCpuPkg/dec: Add PcdCpuSmmStaticPageTable + + MdeModulePkg/PiSmmCore: Add MemoryAttributes support + + ArmVirtPkg DxeHobLib: Update func header description of + BuildFv(2)Hob() + + IntelFrameworkPkg PeiHobLib: Check FV alignment when building + FV HOB + + MdePkg HobLib: Check FV alignment when building FV HOB + + MdeModulePkg DxeCore: Show error message on unaligned FvImage + issue + + MdeModulePkg/Ip4Dxe: Correct the return status + + MdeModulePkg/Ip4Dxe: Add wrong/invalid subnet check + + OvmfPkg AcpiTables: Use PcdDebugIoPort to describe QEMU debug + console + + MdePkg/BaseLib: Add one wrapper on RdRand access for parameter + check + + UefiCpuPkg/MpInitLib: Update AP information when BSP switched + + UefiCpuPkg/MpInitLib: Program AP stack in fixed address + + UefiCpuPkg/MpInitLib: Add InitFlag and CpuInfo in + MP_CPU_EXCHANGE_INFO + + UefiCpuPkg/MpInitLib: Remove CPU information from CPU_AP_DATA + + UefiCpuPkg/MpInitLib: Force sending INIT-SIPI-SIPI to reset APs + + UefiCpuPkg/MpInitLib: Fixed offset error on Cr3Location + + UefiCpuPkg/PiSmmCpuDxeSmm: Free SmramRanges to save SMM space + + ShellPkg/dmpstore: Support "-sfo" + + ArmPkg/Library/ArmDmaLib: Deallocate Map buffer in case of + error + + UefiCpuPkg/PiSmmCpuDxeSmm: Decrease mNumberToFinish in AP safe + code + + UefiCpuPkg/PiSmmCpuDxeSmm: Place AP to 32bit protected mode on + S3 path + + UefiCpuPkg/PiSmmCpuDxeSmm: Put AP into safe hlt-loop code on S3 + path + + UefiCpuPkg/DxeMpLib: Place APs to suitable state on Legacy OS + boot + + UefiCpuPkg/DxeMpLib: Allocate below 4GB mem for + AsmRelocateApLoopFunc + + CryptoPkg/BaseCryptLib: Make comments consistent with the + function + + OvmfPkg/PlatformBds: Dispatch deferred images after EndOfDxe + + ArmVirPkg/PlatformBds: Dispatch deferred images after EndOfDxe + + MdeModulePkg/BdsDxe: Check deferred images before booting to OS + + UefiCpuPkg/MpInitLib: Do not wakeup AP if only one processor + supported + + BaseTools/EfiRom: Fix potential memory leak + + OvmfPkg/ResetVector: Depend on PCD values of the page tables + + CryptoPkg: Add HMAC-SHA256 cipher support + + CryptoPkg: Add xxxxHashAll APIs to facilitate the digest + computation + + NetworkPkg: Fix the wrong Timer event check + + NetworkPkg: Update IP4 stack drivers for classless address + unicast check + + PcAtChipsetPkg/HpetTimerDxe: Fix race condition in + SetTimerPeriod() + + OvmfPkg: Make more use of ARRAY_SIZE() + + rebase to ARRAY_SIZE() + + ArmPlatformPkg: remove ARM BDS + + OvmfPkg/XenConsoleSerialPortLib: don't include + + + NetworkPkg: Support bracketed IPv6 address during a redirection + in iSCSI + + NetworkPkg: Enhance the code in DNS driver + + NetworkPkg: Add dns support for pxe boot based on IPv6 + + disable deprecated interfaces + + OvmfPkg/QemuVideoDxe: drop useless variables + QEMU_VIDEO_MODE_DATA.RefreshRate + QEMU_VIDEO_CIRRUS_MODES.RefreshRate + QEMU_VIDEO_PRIVATE_DATA.CurrentMode + QEMU_VIDEO_PRIVATE_DATA.LineBuffer + + ArmVirtPkg: undo bogus component name and driver diagnostics + disablement + + NetworkPkg: Record user configured TargetIP/Port in iBFT +- Use GCC5 in Tumbleweed + +------------------------------------------------------------------- +Thu Oct 13 07:07:04 UTC 2016 - glin@suse.com + +- update to 2017+git1476331065.08354c3: + + OvmfPkg: add NOOPT build target for source level debugging + + OvmfPkg: QemuVideoDxe uses MdeModulePkg/FrameBufferLib + + BaseTools: support the NOOPT target with the GCC tool chains + + BaseTools Makefile: Enable O2 option for GCC tool chain + + CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2j + (bsc#1013603) + + MdeModulePkg/Logo: Add LogoDxe module + + MdeModulePkg/HiiDatabase: Add HiiImageEx implementation + + MdeModulePkg/PciBusDxe: make OPROM BAR degradation configurable + + NetworkPkg: Correct the DNS token return status by RCODE + + BaseTools/EfiRom: supply missing machine type lookup strings + + ArmVirtPkg: restrict mapping attributes of normal memory to + EFI_MEMORY_WB + + OvmfPkg/QemuBootOrderLib: drop too strict "/HD(" suffix from + vblk prefix (bsc#1009707) + + NetworkPkg/DnsDxe: Handle CNAME type responded from the name + server + + ArmVirtPkg/FdtPciHostBridgeLib: enable 64-bit PCI DMA + + MdeModulePkg: Support classless IP for DHCPv4 TransmitReceive() + + ArmVirtPkg: implement FdtPciHostBridgeLib + + OvmfPkg: Use MdeModulePkg/ResetSystemRuntimeDxe + + OvmfPkg/VirtioGpuDxe: implement EFI_GRAPHICS_OUTPUT_PROTOCOL + + include VirtioGpuDxe in the platform DSC/FDF files + + OvmfPkg/Virtio10Dxe: don't bind virtio-vga + + OvmfPkg/QemuVideoDxe: don't incorrectly bind virtio-gpu-pci + + BaseTools/GenFw: ignore dynamic RELA sections + + Add implementations of API IsZeroBuffer() + + ArmVirtPkg: Add Ramdisk support to ArmVirtPkg platforms + + ArmVirtPkg: Move inclusion of AcpiTableDxe.inf to ArmVirt.dsc.inc +- Drop upstreamed ArmVirtPkg-Enable-PCI-bus-probing-again.patch + +------------------------------------------------------------------- +Wed Sep 14 10:13:49 UTC 2016 - dmueller@suse.com + +- update to 2017+git1472049752.ea2f21e: + + switches git branch from an (outdated) master tree + to the UDK2017 branch, which provides an insane amount of + changes. for details please look at https://github.com/tianocore/edk2/commits/UDK2017 +- unify build flags with aarch64 build for increased compatibility with + openSUSE installation medias + +------------------------------------------------------------------- +Fri Aug 19 06:30:05 UTC 2016 - glin@suse.com + +- Update to 2015+git1471575292.00bcb5c + + NetworkPkg/IpSecDxe: Fix UEFI IKE Initial Exchange failure + + MdeModulePkg: Fix potential failure if UseDefaultAddress + configured + + OvmfPkg: Add MpInitLib reference in DSC files + + SecurityPkg: AuthVariableLib: Fix inconsistent CertDB case + + OvmfPkg: use StatusCode Router and Handler from MdeModulePkg + + ArmVirtPkg/ArmVirtPrePiUniCoreRelocatable: deal with relaxed + XIP alignment + + BaseTools GCC: introduce GCC5 toolchain to support GCC v5.x in + LTO mode + + BaseTools GCC: use 'gcc' as the linker command for GCC44 and + later + + ArmVirtPkg/ArmVirtPrePiUniCoreRelocatable: ignore .hash and + .note sections + + OvmfPkg/Sec: Support SECTION2 DXEFV types + + Preserve hii section in GCC binaries + + Fix IPv6 HTTPClient vendor class data + + CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2h + + NetworkPkg: Fix bug in TCP which not sending out ACK in + certain circumstance + + OvmfPkg: include UefiCpuPkg/CpuMpPei + + OvmfPkg/PlatformPei: rebase and resize the permanent PEI memory + for S3 + + SecurityPkg SecureBootConfigDxe: Add check for the external + PE/COFF image + + ArmVirtPkg/PlatformBootManagerLib: remove stale FvFile boot + options + + OvmfPkg/PlatformPei: add missing auto variable initialization + + OvmfPkg: add PciHotPlugInitDxe + + MdeModulePkg/PciBusDxe: recognize hotplug-capable PCIe ports + + OvmfPkg/PlatformBootManagerLib: remove stale FvFile boot + options + + OvmfPkg: add a Name GUID to each Firmware Volume + + CryptoPkg BaseCryptLib: Init the content of struct 'CertCtx' + before use + + CryptoPkg BaseCryptLib: Avoid passing NULL ptr to function + BN_bn2bin() + + MdeModulePkg/Bds: MemoryTypeInformation excludes boot option + mem use + + MdeModulePkg: Fix IPv4 stack potential disappeared issue + + NetworkPkg: Stop the HTTP Boot service after the boot image + download complete + + ArmVirtPkg: Re-add the Driver Health Manager + + OvmfPkg: Re-add the Driver Health Manager + + ArmVirtPkg/ArmVirtXen: Add ACPI support for Virt Xen ARM + + Massive conversion of assembly code to NASM + + MdeModulePkg/UefiBootManagerLib: Fix data in + MemoryTypeInformation + + ArmVirtPkg: add FDF definition for empty varstore + + ArmVirtPkg/ArmVirtQemu: switch secure boot build to NorFlashDxe + + NetworkPkg: Handling timeout case in httpboot driver + + NetworkPkg: HttpDxe response/cancel issue fix + + NetworkPkg: Support TCP Cancel function + + MdeModulePkg/RamDiskDxe: Add Memory Type selection support in + Ramdisk HII + + MdeModulePkg RamDiskDxe: Do not save 'Size' numeric value by + varstore + + MdeModulePkg: Fix IPv4 UseDefaultAddress failure case + + MdeModulePkg/AtaBusDxe: Fix some ATA hard drives cannot be + discovered + + ArmVirtPkg/PlatformBootManagerLib: rebase boot logo display to + BootLogoLib + + OvmfPkg: set SMM stack size to 16KB + + OvmfPkg/PlatformBootManagerLib: Connect the Xen drivers before + loading NvVars + + MdeModulePkg: Fix SNP.Initialize() spec conformance issue + + OvmfPkg: raise DXEFV size to 10 MB + + MdeModulePkg: Stop the timer before clean IP service + + OvmfPkg/PlatformBootManagerLib: rebase boot logo display to + BootLogoLib + + OvmfPkg/SerializeVariablesLib: Relax check for the read-only + variable + + OvmfPkg: prevent 64-bit MMIO BAR degradation if there is no CSM + + OvmfPkg, ArmVirtPkg: rename QemuNewBootOrderLib to + QemuBootOrderLib + + MdeModulePkg/PciBus: do not improperly degrade resource + + NetworkPkg/HttpDxe: Don't free Wrap in HttpTcpReceiveNotifyDpc + + NetworkPkg/TcpDxe: Remove the status check of + SockProcessRcvToken + + UefiCpuPkg/SmmCpuFeaturesLib: Add SMRR PhysBase/PhysMask + fields check + + MdeModulePkg: Skip invalid bus number scanning in PciBusDxe + driver + + OvmfPkg/PlatformPei: provide 10 * 4KB of PCI IO Port space on + Q35 + + OvmfPkg: introduce ICH9_PMBASE_VALUE + + OvmfPkg: replace PcdAcpiPmBaseAddress with PIIX4_PMBA_VALUE + + OvmfPkg/AcpiTimerLib: don't use possibly unset PMBA register + (PEI phase) + + MdeModulePkg: Refine the code for DxeHttpLib + + OvmfPkg/XenBusDxe: duplicate twice-iterated VA_LIST in + XenStoreVSPrint() + + SecurityPkg: Use PcdGet32() to access PcdPeiCoreMaxFvSupported + + UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile: Fix BTS support check bug + + NetworkPkg:HttpDxe: Code changes to support HTTP PUT/POST + operations + + CryptoPkg/SmmCryptLib: Enable AES support for SMM + + MdePkg: Add NFIT definition from ACPI 6.1 + + BaseTools/GenFw: enhance to use Magic Field to identify the + image + + MdeModulePkg-DxeCore: rename CoreGetMemoryMapPropertiesTable + + MdeModulePkg Variable: return error for empty str VariableName + to GetVariable + + PcAtChipsetPkg AcpiTimerLib: Fix a logic error + + MdeModulePkg UiApp: change code for easy customization + + MdePkg: Add HII definitions from UEFI 2.6 + + NetworkPkg: Make HttpBootGetBootFile return + EFI_BUFFER_TOO_SMALL + + MdeModulePkg:DxeHttpLib: Add checks in HttpGenRequestMessage + API + + ArmPkg/ArmLib: don't invalidate entire I-cache on range + operation + + OvmfPkg/PlatformBootManagerLib: Postpone the shell registration + + OvmfPkg/QemuNewBootOrderLib: adapt Q35 SATA PMPN to UEFI spec + Mantis 1353 + + MdeModulePkg Ata: Use the new (incompatible) PortMultiplierPort + semantics + + NetworkPkg: Bug fix of iSCSI to support MPIO +- Drop upstreamed patches + + ovmf-dxe-10mb.patch + + ovmf-bsc976253-postpone-shell.patch + + ovmf-bsc980635-fix-http-crash.patch + + ovmf-bsc982193-dont-restore-readonly-var.patch + + ovmf-bsc982193-connect-xen-drivers.patch + + ovmf-bsc990612-update-openssl-1.0.2h.patch + + ovmf-bsc990773-remove-stale-boot-options.patch +- Update dbxupdate.zip since there are new hashes added into dbx + +------------------------------------------------------------------- +Wed Jul 27 04:13:18 UTC 2016 - glin@suse.com + +- Update openssl to 1.0.2h (bsc#990612) + + Add the patch: ovmf-bsc990612-update-openssl-1.0.2h.patch + + Update the openssl tarball +- Add ovmf-bsc990773-remove-stale-boot-options.patch to remove the + stale boot options (bsc#990773) + +------------------------------------------------------------------- +Tue Jun 14 03:16:27 UTC 2016 - glin@suse.com + +- Generate the varstore template for AArch64 (bsc#983747, + bsc#981836) + +------------------------------------------------------------------- +Mon Jun 6 13:20:59 UTC 2016 - jengelh@inai.de + +- Keep %prep minimal to shorten quilt setup run. + Adjust RPM group. Drop redundant 4th defattr argument. + +------------------------------------------------------------------- +Fri Jun 3 03:08:39 UTC 2016 - glin@suse.com + +- Add ovmf-bsc982193-dont-restore-readonly-var.patch and + ovmf-bsc982193-connect-xen-drivers.patch to fix the file-based + NvVars restoring. (bsc#982193) + +------------------------------------------------------------------- +Tue May 24 04:08:49 UTC 2016 - glin@suse.com + +- Add the commands to remove irrelevant packages in %prep to make + sure those source code will never build. (bsc#973038) + +------------------------------------------------------------------- +Fri May 20 09:16:49 UTC 2016 - glin@suse.com + +- Add ovmf-bsc980635-fix-http-crash.patch to fix the crash when + downloading files from the http server (bsc#980635) + +------------------------------------------------------------------- +Wed May 11 07:39:16 UTC 2016 - glin@suse.com + +- Update to 2015+git1462940744.321151f + + BaseTools: Fix bug in GenFds to handle FV image alignment + + SecurityPkg: SecureBootConfigDxe: Add NULL pointer check + + OvmfPkg/PciHostBridgeLib: Scan for root bridges when running + over Xen + + OvmfPkg/PciHostBridgeLib: Change InitRootBridge prototype + + MdeModulePkg/PciHostBridgeDxe: Honor ResourceAssigned + + OvmfPkg/PciHostBridgeLib: Set correct Base/Limit for absent + resource + + MdeModulePkg/PciHostBridgeDxe: Fix a Base/Limit comparing bug + + MdeModulePkg/PciHostBridgeDxe: Don't miss prefetchable MMIO + aperture + + ArmVirtPkg: set PcdMaxVariableSize and PcdMaxAuthVariableSize + + ArmPkg/AArch64Mmu: don't let table entries inherit XN + permission bits + + ArmPkg/ArmDmaLib: do not remap arbitrary memory regions as + uncached + + ArmPkg/ArmDmaLib: reject consistent DMA mappings of cached + memory + + MdeModulePkg/PciSioSerialDxe: Do not flush the UART + + MdeModulePkg RamDiskDxe: Fix wrong HII behavior for more than 8 + RAM disks + + OvmfPkg: Modify FDF/DSC files for RamDiskDxe's adding NFIT + report feature + + MdeModulePkg RamDiskDxe: Report ACPI NFIT for reserved memory + RAM disks + + ArmVirtPkg/ArmVirtQemu: use MdeModulePkg/BDS + + Ignore BootFileName if it is overloaded (HTTP Boot/PXE) + + NetworkPkg: Fix a memory leak in HTTP boot driver + + NetworkPkg/HttpBootDxe: Fix for the issue that the HTTP boot + option can't be booted more than once + + deModulePkg NvmExpressDxe: Initialize IoAlign info for an NVMe + device + + MdeModulePkg: Refine SNP driver's media status check logic + + MdeModulePkg: ScsiDiskDxe: cope with broken "Supported VPD Pages" + VPD page + + MdeModulePkg FileExplorerLib: Add UefiHiiServicesLib dependency + + SecurityPkg: SecureBootConfigDxe: Disable SecureBoot + Enable/Disable in some case + + Do not use hard coded TTL/ToS in PXE driver + + NetworkPkg: Use UefiBootManagerLib API to create load option + + Remove DeployedMode/AuditMode + + OvmfPkg: Use MdeModulePkg/BDS + + ArmPlatformPkg/PrePi: allow unicore version to be used on MP + hardware + + ArmPkg: implement CpuIo2 protocol driver specific for PCI + + ArmPlatformPkg: move PCI related PCD definitions to ArmPkg + + MdeModulePkg/DxeCore: set ImageContext Handle and ImageRead() + fields + + MdeModulePkg/PciBusDxe: don't create bogus descriptor if no + resources needed + + MdeModulePkg: Add new driver to publish EDKII_PI_SMM_COMMUNICATION_REGION_TABLE + + SecuritPkg: DxeImageVerificationLib: Fix wrong verification + logic in DBX & DBT + + UefiCpuPkg/MtrrLib: Reduce the loop time to get fixed-MTRR MSR + index + + MdeModulePkg: PiDxeS3BootScriptLib: honor PcdAcpiS3Enable + + NetworkPkg: Fix incorrect buffer free in HttpDxe + + NetworkPkg: Avoid the indefinite wait case in HttpDxe + + MdeModulePkg: DxeCore MemoryPool Algorithm Update + + MdeModulePkg: Export ConfigResp only for form Package after + ReadyToBoot + + NetworkPkg:HttpDxe:Consume DxeHttpLib API changes + + MdeModulePkg:DxeHttpLib: Update to DxeHttpLib API + + NetworkPkg: Allow user to create a HTTP corporate boot option + in setup page + + MdePkg:Http11.h: Add defines for "Expect" header + + BaseTools: Update FMP Capsule support to follow FDF spec + + OvmfPkg: SataControllerDxe: SataControllerStop: fix use after + free + + OvmfPkg: SataControllerDxe: SataControllerStop: remove useless + null check + + MdeModulePkg DxeCore: Check free memory type by CoreUpdateProfile() + + MdeModulePkg/NvmExpress: Fix bug of handling not + null-terminated strings + + ShellPkg: Enahance 'dh' command to add more protocols decoding + support + + MdeModulePkg/DxeCore: Avoid assertion in CoreLocateProtocol + + MdeModulePkg: Correct PlatformHookLibSerialPortPpi module type + + FatPkg: Update License.txt to have the full license text + + refine codes of iSCSI driver + + MdeModulePkg DxeCore: Enhance MemoryAttributesTable installation + + MdeModulePkg DxeCore: Return memory type from internal free + pool/pages + + MdeModulePkg DxeCore: Fix a memory leak in + InstallMemoryAttributesTable() + + MdeModulePkg DxeCore: Call PeCoffExtraActionLib member after + Constructor + + MdeModulePkg/Usb: Fix wrong condition judgment to support + usb3.1 dev + + MdeModulePkg/UsbKbDxe: don't assert when the key read is + invalid + + BaseTools: Add mixed PCD support feature + + OvmfPkg: AcpiPlatformDxe: Don't enable unsupported PCI + attributes + + MdeModulePkg/HiiDatabaseDxe: Support EfiVarStore to get AltCfg + from Driver + + MdeModulePkg/HiiDatabaseDxe: Correct the ReallocatePool size + + MdeModulePkg/SetupBrowserDxe: Get default from callback for + orderedList + + SecurityPkg: AuthVariableLib & SecureBootConfigDxe: + Fix SecureBootEnable & PK inconsistency issue + + ShellPkg: Update ping command options to sync with Spec + + MdeModulePkg NvmExpressDxe: Ensure write-through for NVMe write + command + + ShellPkg: Cache the environment variable into memory to enhance + the performance. + + BaseTools: Update to handle PE image with .code section only + + ArmPkg/AArch64Mmu: disable MMU during page table manipulations + + ArmPkg/AArch64Mmu: Fix XN attribute for device memory + + NetworkPkg: Fix issue in Ip6Dxe SetData +- The updated tarball includes the PCI host bridge fix for Xen + (bsc#976253) +- Add ovmf-dxe-10mb.patch to raise DXEFV to 10MB to avoid build + error. +- Add ovmf-bsc976253-postpone-shell.patch to postpone the creation + of the shell boot option so that the firmware will try the block + devices first. (bsc#976253) +- Update README for Xen debugging. + +------------------------------------------------------------------- +Thu Apr 21 11:21:59 UTC 2016 - agraf@suse.com + +- Add patch to enable PCI BAR probing on ARM again: + * ArmVirtPkg-Enable-PCI-bus-probing-again.patch + +------------------------------------------------------------------- +Fri Apr 15 01:58:59 UTC 2016 - glin@suse.com + +- Change the fat driver license to the BSD license in FatPkg + instead of the proprietary license in FatBinPkg since OvmfPkg and + ArmVirtPkg now use FatPkg (bsc#973038) + +------------------------------------------------------------------- +Thu Apr 14 03:39:34 UTC 2016 - glin@suse.com + +- Update to 2015+git1460599637.f70cfe7 + + MdeModulePkg S3SaveStateDxe: Add protocol usage for gEfiLockBoxProtocolGuid + + ArmVirtPkg/VirtFdtDxe: remove Xenio handling and rename to VirtioFdtDxe + + ArmVirtPkg/ArmVirtXen: move from VirtFdtDxe to new XenioFdtDxe driver + + OvmfPkg/XenIoMmioLib: add missing MemoryAllocationLib dependency to INF + + ArmVirtPkg/VirtFdtDxe: move FDT config table installation to FdtClientDxe + + ArmVirtPkg/VirtFdtDxe: remove unused PL011 DT node type + + ArmVirtPkg: get rid of A PRIORI DXE declarations for VirtFdtDxe + + ArmVirtPkg/VirtFdtDxe: drop RTC handling + + ArmVirtPkg: move QEMU based platforms to ArmVirtPL031FdtClientLib + + ArmVirtPkg: implement ArmVirtPL031FdtClientLib + + ArmVirtPkg/RelocatableVirtHelper: use correct FindMemNode argument order + + IntelFrameworkModulePkg: Remove unused PCD/Protocol + + IntelFrameworkModulePkg/KeyboardDxe: Use PCD defined in MdeModulePkg + + IntelFrameworkModulePkg/Ps2Mouse: Use PCD defined in MdeModulePkg + + IntelFrameworkModulePkg/Ps2AbsPointer: Use PCD defined in MdeModulePkg + + IntelFrameworkModulePkg/Ps2Kbd: use PCD/Protocol in MdeModulePkg + + MdeModulePkg/MdeModulePkg.uni: Add PS2 related PCD description + + MdeModulePkg/Ps2MouseDxe: Use a different FILE_GUID + + MdeModulePkg/Ps2KeyboardDxe: Use a different FILE_GUID + + MdeModulePkg/Ps2Mouse: Fix potential buffer overflow issue. + + MdeModulePkg: Update Guid/Protocol usages in INF files. + + ShellPkg: Update Guid/Protocol usages in INF files. + + SecurityPkg: Update protocol usage in module INF files. + + MdePkg: Add EFI Erase Block Protocol definitions + + MdeModulePkg/Ps2MouseDxe: Fix build failure of GCC tool chain + + ArmVirtPkg/VirtFdtDxe: drop PCI host bridge handling + + ArmVirtPkg/PciHostBridgeDxe: move to FDT client protocol + + ArmVirtPkg/BaseCachingPciExpressLib: depend on PciPcdProducerLib + + ArmVirtPkg: implement FdtPciPcdProducerLib + + ArmVirtPkg/VirtFdtDxe: remove handling of fw_cfg DT node + + ArmVirtPkg/QemuFwCfgLib: move to FDT client protocol + + BaseTools: use unsigned chars on ARM architectures + + BaseTools: generate hash value in build report for each output EFI image + + BaseTools/VolInfo: generate HASH value for each PE image + + ArmVirtPkg/VirtFdtDxe: remove timer DT node handling + + ArmVirtPkg: move TimerDxe to FDT client library + + ArmVirtPkg: implement ArmVirtTimerFdtClientLib + + ArmVirtPkg/VirtFdtDxe: drop detection of PSCI method + + ArmVirtPkg/ArmVirtPsciResetSystemLib: move to FDT client protocol + + ArmVirtPkg/VirtFdtDxe: remove GIC discovery + + ArmVirtPkg/ArmGicArchLib: move to FdtClient protocol + + ArmVirtPkg: add FdtClientDxe to the ArmVirtPkg platforms + + ArmVirtPkg/FdtClientDxe: implement new driver + + ArmVirtPkg: introduce FdtClientProtocol + + UefiCpuPkg: CpuIo2Dxe: optimize FIFO reads and writes of IO ports + + MdeModulePkg: Update PerformanceLib instances not to check Identifier. + + MdePkg: Update PerformanceLib comments not to check Identifier. + + Update edksetup.bat to check EDK_TOOLS_PATH before set it. + + MdeModulePkg/Ps2Keyboard: Add missing PCD and protocol to DEC file + + UefiCpuPkg/CpuMpPei: Fix potential AP mwait wakeup issue + + NetworkPkg: Add RAM disk boot support to HTTP Boot driver. + + ShellPkg: Fix Shell ASSERT when mv file with cwd is NULL. + + MdeModulePkg BootScriptExecutorDxe: Consume PcdAcpiS3Enable to control the code + + MdeModulePkg SmmS3SaveStateDxe: Consume PcdAcpiS3Enable to control the code + + MdeModulePkg: Add new macros and refine codes + + NetworkPkg: Add new macros and refine codes + + MdeModulePkg: Add Ps2MouseDxe driver + + MdeModulePkg: Add Ps2KeyboardDxe driver. + + MdeModulePkg/UefiBootManagerLib: API BmIsValidLoadOptionVariableName + + SecurityPkg OpalPasswordDxe: Clean up debug message in OpalHii.c + + SecurityPkg TcgStorageOpalLib: Fix wrong condition judgment. + + SecurityPkg OpalPasswordDxe: Suppress option for special device. + + OvmfPkg: remove PciHostBridgeDxe fork + + OvmfPkg: remove USE_OLD_PCI_HOST build option + + OvmfPkg: Convert to using FatPkg in the EDK II tree + + ArmVirtPkg: Convert to build FatPkg from source + + ArmVirtPkg: drop dependency on PeiPcdLib for PEI Pcd.inf + + ArmVirtPkg: drop dependency on DxePcdLib for DXE Pcd.inf + + IntelFrameworkModulePkg AcpiS3SaveDxe: Remove S3Ready() functional code + + IntelFrameworkModulePkg AcpiS3SaveDxe: Consume PcdAcpiS3Enable to control the code + + OvmfPkg: Retire AcpiS3SaveDxe + + MdeModulePkg S3SaveStateDxe: Move S3Ready() functional code from AcpiS3SaveDxe + + MdeModulePkg S3SaveStateDxe: Consume PcdAcpiS3Enable to control the code + + OvmfPkg: Install LockBox protocol in constructor of LockBoxDxeLib + + OvmfPkg: Set PcdAcpiS3Enable according to QemuFwCfgS3Enabled() + + MdeModulePkg: Introduce new PCD PcdAcpiS3Enable + + ArmVirtPkg: drop bogus ArmPlatformSecExtraActionLib resolution + + ArmVirtPkg: remove linux loader from ARM builds + + Merge 2-clause BSD licensed FatPkg + + BaseTools: Add support to merge Prebuild and Postbuild into build Process + + BaseTools: Enhance --Pcd which override by build option + + MdeModulePkg/Bds: Fix build failures of VS tool chain + + OvmfPkg: disable PcdHiiOsRuntimeSupport + + OvmfPkg: remove PcdMaxHardwareErrorVariableSize from the DSC files + + ArmVirtPkg: include Virtio10Dxe from OvmfPkg + + OvmfPkg: include Virtio10Dxe + + OvmfPkg: Virtio10Dxe: non-transitional driver for virtio-1.0 PCI devices + + OvmfPkg: VirtioNetDxe: adapt virtio-net packet header size to virtio-1.0 + + OvmfPkg: VirtioScsiDxe: adapt feature negotiation to virtio-1.0 + + OvmfPkg: VirtioRngDxe: adapt feature negotiation to virtio-1.0 + + OvmfPkg: VirtioNetDxe: adapt feature negotiation to virtio-1.0 + + OvmfPkg: VirtioBlkDxe: adapt feature negotiation to virtio-1.0 + + OvmfPkg: VirtioLib: add Virtio10WriteFeatures() function + + OvmfPkg: IndustryStandard: add definitions from the VirtIo 1.0 spec + + OvmfPkg: IndustryStandard: factor out Virtio095Net.h + + OvmfPkg: IndustryStandard: factor out Virtio095.h + + OvmfPkg: VirtioRngDxe: clear all feature bits more explicitly + + OvmfPkg: VirtioBlkDxe: don't clear non-negotiable feature bits + + OvmfPkg: VIRTIO_DEVICE_PROTOCOL: pass VRING object to SetQueueAddress() + + OvmfPkg: VIRTIO_DEVICE_PROTOCOL: remove GetQueueAddress() member + + OvmfPkg: VIRTIO_DEVICE_PROTOCOL: widen the Features bitmap to 64 bits + + MdeModulePkg/Bds: Fix a boot hang due to Ram Disk boot support + + BaseTools: cache the defined Guid tool to improve the performance + + MdeModulePkg/Bds: Memory Bins don't count the memory used by RAM Disk + + MdeModulePkg/Bds: Free resources after ram disk boot finishes + + MdeModulePkg/Bds: Allocate reserved memory for RAM Disk boot media + + SecurityPkg OpalPasswordSupportLib: Add comments for the used protocol in inf file. + + SecurityPkg OpalPasswordSupportLib: Remove the hard code debug build option. + + SecurityPkg OpalPasswordSupportLib: Fixed gcc build failure. + + SecurityPkg TcgStorageOpalLib: Fixed gcc build failure. + + SecurityPkg OpalPasswordDxe: Check the pointer before use it. + + SecurityPkg TcgStorageOpalLib: Remove the hard code debug build option. + + SecurityPkg OpalPasswordDxe: Remove the hard code debug build option. + + SecurityPkg OpalPasswordSmm: Remove the hard code build option. + + MdePkg Cper.h: Add missing structure for 'Processor Error Record' + + SourceLevelDebugPkg/SmmDebugAgent: mMailboxPointer is used before set + + MdePkg/MdePkg.uni: Add description for PcdUartDefaultReceiveFifoDepth + + MdePkg/BaseSynchronizationLib: Add spin lock alignment for IA32/x64 + + MdePkg/BaseSynchronizationLib: Do not check timeout if lock released + + BaseTools/GenFds: Fix the bug for wrong alignment generate for RAW file + + MdeModulePkg/UiApp: Correct the total RAM calculation + + IntelFrameworkModulePkg/Bds: Correct the total RAM calculation + + MdeModulePkg: DxeUdpIoLib: fix non-empty payload path in UDP reception + + OvmfPkg: Add RAM disk support + + ArmPkg/ArmArchTimerLib: correct typos + + ArmPkg/ArmArchTimerLib: fix unused variable in RELEASE builds + + EmbeddedPkg/AcpiLib: fix SBSA Generic Watchdog helper definition + + ArmPlatformPkg: Add PCD for Pl011 UART Interrupt + + MdePkg: Add ARM Serial Port Subtypes to DBG2 + + MdePkg: Add ARM Serial Port Subtype definitions + + ArmVirtPkg: disable PcdHiiOsRuntimeSupport + + ArmPkg/ArmArchTimerLib: add GetTimeInNanoSecond() to ArmArchTimerLib + + ArmPkg/ArchArmTimerLib: refactor MultU64xN and TimerFreq definitions + + NetworkPkg: Check received packet size before use it. + + MdeModulePkg: Check received packet size before use it. + + NetworkPkg: Check pointer for NULL before use. + + Revert "TerminalDxe: select the UART's default receive FIFO depth" + + ArmVirtPkg/ArmVirtQemu: gate FDT config table install with build option + + ArmVirtPkg/VirtFdtDxe: make installation of FDT as config table optional + + MdeModulePkg RamDiskDxe: Fix incorrect RAM disk memory address calculation + + MdeModulePkg EmmcDxe: Fix GCC build failure with set but unused variables + + SecurityPkg: Tcg2Dxe: Fix undersized TempBuf + + MdeModulePkg/UefiBootManagerLib: BmGetActiveConsoleIn code cleanup + + MdeModulePkg/SdMmc: Add EDKII SD/MMC stack + + MdePkg/IndustryStandard: Add SD/EMMC common definitions + + MdePkg/DevicePath: Add EMMC device path definition + + MdePkg: Add EFI_SD_MMC_PASS_THRU_PROTOCOL definition + + UefiCpuPkg/Cpuid.h: Display Intel SGX Resource Enumeration Leaves + + UefiCpuPkg/Cpuid.h: Add CPUID defines and structures for Intel SGX + + ShellPkg: Refine the comparisons code in ShellPkg. + + MdeModulePkg PartitionDxe: Add Re-entry handling logic for BindingStop + + SecurityPkg: Enable Opal password solution build. + + SecurityPkg: OpalPasswordSmm: Add Opal password Smm driver. + + SecurityPkg: OpalPasswordDxe: Add Opal password dxe driver. + + SecurityPkg: OpalPasswordSupportLib: Add Opal password support library. + + SecurityPkg: TcgStorageOpalLib: Add TCG storage opal library. + + SecurityPkg: TcgStorageCoreLib: Add TCG storage core library. + + MdePkg: Add definition for TCG Storage Core and Opal specs. + + BaseTools: Add two new sections for PCD in the build report + + MdeModulePkg/SerialDxe: Set FIFO depth with PCD + + MdePkg: Add PCD for UART default receive FIFO depth + + MdeModulePkg DiskIoDxe: Media status check not be done at DiskIo level + + MdeModulePkg PartitionDxe: Some ISO images cannot be recognized properly + + MdeModulePkg ScsiDiskDxe: Fix hang issue when reconnecting an ISCSI device + + PcAtChipsetPkg/PciHostBridge: Remove PciHostBridge driver + + ShellPkg/UefiDpLib: Fix a memory leak issue in Dp. + + PerformancePkg/Dp_App: Fix a memory leak issue in Dp. + + BaseTools: Remove the unnecessary check for RAW File + + BaseTools: generate alignment when the FV content come from the filesystem + + BaseTools: Extend the RAW format to support multiple binary files + + ShellPkg AARCH64: remove DEBUG BuildOptions override + + BaseTools AARCH64: move DEBUG GCC49 to the small code model + + OvmfPkg: Increase the maximum size for Authenticated variables + + BaseTools/GCC: set -Wno-unused-but-set-variables only on RELEASE builds + + UefiCpuPkg: CpuMpPei: remove set but unused variables + + UefiCpuPkg: PiSmmCpuDxeSmm: remove set but unused variables + + UefiCpuPkg/MtrrLib: remove unused but set variable + + NetworkPkg: IpSecDxe: remove set but unused variables + + MdeModulePkg: DeviceManagerUiLib: remove set but unused variables + + MdeModulePkg: BootMaintenanceManagerUiLib: remove set but unused variables + + MdeModulePkg: UfsPassThruDxe: remove set but unused variables + + MdeModulePkg: BootManagerMenuApp: remove set but unused variables + + MdeModulePkg/PciHostBridgeDxe: remove unused but set variables + + IntelFspWrapperPkg: PeiFspHobProcessLibSample: remove set but unused variables + + IntelFrameworkModulePkg: LegacyBootMaintUiLib: remove set but unused variables + + IntelFrameworkModulePkg: DxeCapsuleLib: remove set but unused variables + + IntelFrameworkModulePkg: BiosVideo: remove set but unused variable + + EmulatorPkg: CpuRuntimeDxe: remove set but unused variables + + EdkCompatibilityPkg: SmmBaseHelper: remove set but unused variables + + EdkCompatibilityPkg: EdkIIGlueLib: remove set but unused variables + + EdkCompatibilityPkg: BsSerialStatusCode: remove set but unused variable + + EdkCompatibilityPkg: UefiEfiIfrSupportLib: remove set but not used variables + + ArmPkg|EmbeddedPkg: make PcdCpuVectorBaseAddress 64 bits wide + + ArmPlatformPkg: fixups for 64-bit pointers + + ArmPkg: apply Cortex-A57 errata + + NetworkPkg:Fix bug when parsing the dhcp6 option 16 + + NetworkPkg:Fix Http boot download issue. + + ShellPkg/UefiHandleParsingLib: Fix GUID reference + + BaseTools: Updated BuildNotes URLs + + MdeModulePkg/RamDiskDxe: Fix typo in HII message + + SecurityPkg/SecureBootConfigDxe: Remove type casting from the ChooseFile handlers + + SecurityPkg/SecureBootConfigDxe: Declare EFIAPI for the ChooseFile handlers + + ShellPkg/UefiShellDebug1CommandsLib: remove unused but set variable + + MdeModulePkg/PciBus: Should reserve enough bus number for HPC + + MdeModulePkg/Bds: Fix VS2012 build failure. + + ShellPkg: Modify the 'dh' Shell command to dump the Firmware Management Protocol Image Descriptor Information. + + MdePkg: Move SMBIOS data into the IndustryStandard header. + + ShellPkg: Make the USB mouse behavior in 'edit' consistent with 'hexedit'. + + NetworkPkg: Fix HII related problem in HTTP boot driver. + + MdeModulePkg/FileExplorerLib.h: Remove the redefinition of typedefs + + OvmfPkg: PciHostBridgeLib: install 64-bit PCI host aperture + + OvmfPkg: PlatformPei: determine the 64-bit PCI host aperture for X64 DXE + + OvmfPkg: PlatformPei: factor out GetFirstNonAddress() + + OvmfPkg: AcpiPlatformDxe: enable PCI IO and MMIO while fetching QEMU tables + + OvmfPkg: AcpiPlatformDxe: when PCI is enabled, wait for Platform BDS's cue + + ArmVirtPkg: PlatformIntelBdsLib: signal gRootBridgesConnectedEventGroupGuid + + OvmfPkg: PlatformBdsLib: signal gRootBridgesConnectedEventGroupGuid + + OvmfPkg: introduce gRootBridgesConnectedEventGroupGuid + + OvmfPkg: OvmfPkg.dec: add horizontal whitespace under Guids and Protocols + + OvmfPkg/PlatformBdsLib: rebase to EfiEventGroupSignal + + ArmVirtPkg/PlatformIntelBdsLib: rebase to EfiEventGroupSignal + + IntelFrameworkPkg/FrameworkUefiLib: implement EfiEventGroupSignal + + IntelFrameworkPkg/FrameworkUefiLib: move InternalEmptyFunction to UefiLib.c + + MdePkg/UefiLib: introduce EfiEventGroupSignal + + MdePkg/UefiLib: move InternalEmptyFunction to UefiLib.c + + BaseTools: not include the undefined macro in response file + + MdeModulePkg/BootMaintenanceManagerUiLib: Remove type casting in ChooseFile + + MdeModulePkg/BootMaintManagerUiLib: Declare EFIAPI for ChooseFile handler + + MdeModulePkg RamDiskDxe: Remove unnecessary TPL raise operations + + MdeModulePkg RamDiskDxe: Uninstall DEVICE_PATH_PROTOCOL with correct param + + MdeModulePkg RamDiskDxe: Remove unnecessary 'DisconnectController' calls + + MdeModulePkg/Bds: BDS hotkey shouldn't work on inactive consoles + + ArmPkg/AArch64Mmu: use correct AP[] bits in ArmClearMemoryRegionReadOnly + + ArmPkg/ArmExceptionLib: reimplement register stack/unstack routines + + ArmPkg/ArmExceptionLib: avoid indirect call if using vector table in place + + ArmPkg/ArmExceptionLib: make build time define visible to the compiler + + ArmPkg/ArmExceptionLib: don't restore ESR and FAR upon exception return + + ArmPkg/ArmExceptionLib: stack FPSR on common path + + ArmPkg/ArmExceptionLib: fold exception handler prologue into vector table + + ArmPkg/AsmMacroIoLibV8: remove undocumented assumption from ELx macros + + BaseTools: Fix nmake failure due to command-line length limitation + + MdePkg/Pci22.h: Fix a coding style issue + + MdeModulePkg DxeCore: Address boundary check for Type AllocateAddress + + MdeModulePkg DxeCore: Check Start consistently in CoreConvertPagesEx + + OvmfPkg/PlatformPei: suppress wrong VS2008 warning (use of uninited local) + + MdeModulePkg PlatformVarCleanupLib: Locate VarCheck protocol when using + + ArmPkg: update CpuDxe to use CpuExceptionHandlerLib + + ArmVirtPkg/ArmVirtQemu: move to ARM version of CpuExceptionHandlerLib + + ShellPkg: Remove the unused local variable. + + MdeModulePkg: Fixed incorrect return value of MatchString + + MdeModulePkg: ConSplitterDxe: use U64 mult/div wrappers in AbsPtr scaling + + ArmPkg: ARM/AArch64 implementation of CpuExceptionHandlerLib + + ArmPkg/ArmLib: add ArmReadHcr to enable read-modify-write of HCR + + MdeModulePkg: Rescale ConSplitter Absolute Pointer. + + ShellPkg: Per UEFI Shell 2.2 SPEC to make Shell supports 'NoNesting'. + + NetworkPkg: Fix the driver model issue in HTTP Boot driver. + + MdeModulePkg: Coding style update for DxeHttpLib.inf + + IntelFrameworkModulePkg/LegacyBootMaintUiLib: Refine the code + + MdeModulePkg: Refine the UI code + + MdeModulePkg/DriverSampleDxe: Uninstall the ConfigAccess protocol + + BaseTools: add new command line option to support override PCD value +- The fix for bsc#973625 is also included in the update tarball +- Remove upstreamed patches: + ovmf-fix-choose-handlers-crash.patch + ovmf-fix-httpboot-driver-option-16.patch + ovmf-fix-httpboot-driver-model.patch + +------------------------------------------------------------------- +Fri Apr 1 08:31:57 UTC 2016 - glin@suse.com + +- Add ovmf-fix-httpboot-driver-option-16.patch to fix the parsing + of DHCPv6 option 16 + +------------------------------------------------------------------- +Wed Mar 23 09:22:25 UTC 2016 - glin@suse.com + +- Add ovmf-fix-choose-handlers-crash.patch to fix the crash while + selecting files from BootMaintenanceManager and SecureBootConfig + +------------------------------------------------------------------- +Wed Mar 16 02:52:06 UTC 2016 - glin@suse.com + +- Update to 2015+git1458029440.db27e9f + + OvmfPkg/LegacyRegion: Support legacy region manipulation of Q35 + + CryptoPkg: Fix the potential system hang issue + + CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2g + + ArmVirtPkg/VirtFdtDxe: set /chosen/linux,pci-probe-only to 1 + in DTB + + OvmfPkg: match PCI config access to machine type + (if not USE_OLD_PCI_HOST) + + OvmfPkg: add DxePciLibI440FxQ35 + + OvmfPkg: Enable Network2 Shell Commands for IPv6 + + MdeModulePkg AcpiTableDxe: Use Rsdt to check against NULL + + MdePkg: Fix ACPI NFIT GUID definitions + + NetworkPkg: Add URI configuration form to HTTP boot driver + + CryptoPkg/OpensslLib: Switch to upstream fix for OpenSSL + RT#3628, RT#3674, RT#3951, RT#3955, RT#3964, RT#3969, RT#3992, + RT#4175, RT#4310 + + CryptoPkg/OpensslLib: Include complete copy of opensslconf.h + + SecurityPkg/SecureBootConfigDxe: Handle allocation failure + gracefully + + MdeModulePkg/Bds: Support booting from remote file system + + MdeModulePkg/Bds: Wide match HTTP boot option + + MdeModulePkg: Fix IPv4 double free + + UefiCpuPkg: Add dynamic type for PcdCpuMaxLogicalProcessorNumber + + ArmPkg: Configure TTBCR register + + OvmfPkg: switch to MdeModulePkg/Bus/Pci/PciHostBridgeDxe + + MdeModulePkg: PciHostBridgeDxe: don't assume extended config + space + + ShellPkg: Update 'ifconfig -r' implementation + + NetworkPkg: Change the default IPv6 config policy + + MdeModulePkg: Change the default IPv4 config policy + + OvmfPkg: copy log level comments from DebugLib.h + + ArmVirtPkg: sync log level comments to DebugLib.h + + MdeModulePkg: DxeCore: fully initialize image context before + passing it on + + MdeModulePkg/NvmExpress: Fix uninitialized field used in NVMe + DiskInfo + + MdeModulePkg: Add new API HttpUrlGetPath() to HttpLib.h + + MdeModulePkg: Add RamDiskDxe driver implementation + + SecurityPkg: Tcg2Smm: Change TPM2.0 MMIO range attribute + + MdeModulePkg:Fix a robustness issue of Mnp Driver + + MdeModulePkg: RegularExpressionDxe: support free(NULL) + + MdeModulePkg/PciHostBridge: Don't assume resources are fully + NonExistent + + SecurityPkg: Use FileExplorerLib in SecureBootConfigDxe + + MdeModulePkg: Add ASSERT to make sure pointer 'OptionalData' + not be NULL + + MdeModulePkg: Add ASSERT to make sure pointer 'MemoryMap' is + not NULL +- Update openssl to 1.0.2g +- Add ovmf-fix-httpboot-driver-model.patch to fix the crash caused + by the httpboot driver. + +------------------------------------------------------------------- +Wed Mar 2 04:47:55 UTC 2016 - glin@suse.com + +- Add ovmf-tools to package EfiRom (FATE#319531) + +------------------------------------------------------------------- +Fri Feb 26 03:19:11 UTC 2016 - glin@suse.com + +- Update to 2015+git1456452471.ba33c80 + + CryptoPkg: RuntimeCryptLib: support realloc(NULL, size) + + CryptoPkg: support free(NULL) + + MdePkg: Add EFI RAM Disk Protocol definitions + + MdePkg: Update Http11 with additional useful definitions + + NetworkPkg: Use Http11 definitions in HttpDxe and HttpBootDxe + + Add new HII action type EFI_BROWSER_ACTION_SUBMITTED + + UefiCpuPkg/Cpuid: Add UEFI CPUID application + + BaseTools/tools_def.txt: Add -march=i586 for IA32 GCC targets + + MdeModulePkg: Fix Memory Attributes table type issue + + MdePkg: Add definition for new warning code + EFI_WARN_FILE_SYSTEM + + OvmfPkg: add driver for Virtio-RNG device + + ArmVirtPkg: ArmVirtQemu: add driver for Virtio-RNG device + + OvmfPkg: implement UEFI driver for Virtio RNG devices + + OvmfPkg: VirtioFlush(): return the number of bytes written by + the host + + ArmPlatformPkg/IntelBds: call BdsLibConnectAll() + + ArmVirtPkg/ArmVirtQemu: limit ACPI support to v5.0 and higher + + MdeModulePkg: AcpiTableDxe: make 4 GB table allocation limit + optional + + ShellPkg: Support finding help message embedded in resource + section + + MdeModulePkg/UsbBusDxe: Fix memory leak + + MdePkg: BaseLib: fix AArch64 DAIF interrupt mask definitions + + ArmPkg: CpuDxe: don't track interrupt state in a global + variable + + ArmPkg: CpuDxe: fix AArch64 interrupt read masks + + MdeModulePkg: Refine the code in BootMaintenanceManagerUiLib + + MdeModulePkg: HiiDatabaseDxe: HiiStringToImage() should not + overwrite BltX + + CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f + + UefiCpuPkg/PiSmmCpuDxeSmm: Enable/Restore XD in SMM + + UefiCpuPkg/PiSmmCpuDxeSmm: Add EFIAPI to CheckFeatureSupported() + + ArmVirtPkg: ArmVirtQemu: make ACPI support AARCH64 only + + SecurityPkg: TcgConfigDxe: Move TPM state string update to + CallBack function + + MdePkg: Fix incorrect PCIe Extended Capabilities definition + + MdeModulePkg/Partition: Use proper partition number for MBR + + MdePkg: Change PcdPropertiesTableEnable default value to FALSE + + ArmVirtPkg: ArmVirtQemu: expose only 64-bit entry point for + v3.0+ SMBIOS + + NetworkPkg: Replace the internal function with exposed one + + MdeModulePkg: Define a general function to create DNS QName + + MdePkg: Add invocation register support in SMM Communication + ACPI Table + + MdeModulePkg: SNP should check Cdb.StatCode with + PXE_STATCODE_SUCCESS + + MdeModulePkg: Make the DEBUG info consistent in SNP driver + + Add UEFI2.6 MemoryAttributes Table + + OvmfPkg: simplify VARIABLE_STORE_HEADER generation + + Minor comments update to AllocatePages() and AllocatePool() + + MdeModulePkg DxeCore: Missing change for OEM reserved memory + type at R17460 + + ArmPkg: DefaultExceptionHandler fixes for use with DxeCore + + BaseTools/GenFw AARCH64: add support for relative data + relocations +- Update openssl to 1.0.2f + +------------------------------------------------------------------- + Feb 15 09:17:12 UTC 2016 - glin@suse.com + +- edk2 upstream switched the repo from svn to git, so the naming + has to change to use the git hash. The most recent stable release + of edk2 is UDK 2015, so the base version changes to 2015. +- update to ovmf-2015+git1454310736.ed5e386 + + MdePkg: Update the UEFI version to reflect new revision + + MdePkg: Add EFI Supplicant Protocol definitions + + MdePkg: Add EFI Wireless MAC Connection II Protocol definitions + + MdePkg: Add ACPI6.1 definition + + NetworkPkg: better sanity check on Ipv6 prefix length + + NetworkPkg: Reword PXE download message + + ShellPkg: ShellFileHandleReadLine must return UCS2 lines + + ArmPlatformPkg/Bds: Early Console Initialization + + ShellBinPkg: Arm/AArch64 Shell binary update + + ShellPkg: Fix ASCII and UNICODE file pipes + + ArmVirtPkg: implement ArmVirtQemuKernel + + ArmVirtPkg: introduce new ArmQemuRelocatablePlatformLib + + MdeModulePkg: Update DxeCore dispatcher to ignore PEI and SMM + depex for FV + + ArmPkg: Add isb when setting SCR + + MdeModulePkg/PcRtc: Still create timezone variable when + Daylight != 0 + + MdeModulePkg/UsbAbsPointer:Fix GetState() to return absolute + value + + MdeModulePkg: Correct one return status code in SNP Transmit + function + + MdeModulePkg: Update the default size of MNP TX buffer pool + + MdeModulePkg: Update DBsize in SNP GetStatus command + + NetworkPkg:Add a new error status code EFI_HTTP_ERROR + + MdePkg:Add a new error status code EFI_HTTP_ERROR + + NetworkPkg: Fix suspicious dereference of pointer 'Mode.Ia' + + OvmfPkg: QemuBootOrderLib: recognize NVMe devices + + OvmfPkg: include NvmExpressDxe driver + + SecurityPkg: AuthVariableLib: Add new cert database for + volatile time based Auth variable + + MdeModulePkg: Add BS+RT+AT variable attribute definition + + MdePkg: Add new enum EfiPlatformConfigurationActionUnsupportedGuid + + PcAtChipsetPkg/Rtc: Don't unnecessarily create timezone + variable + + Correct inconsistent function descriptions in DNS + + OvmfPkg: Increase default RELEASE build image size to 2MB + + Minor update to the Data parameter for GetVariable() + + MdeModulePkg: NvmExpressDxe: clean up NvmeRead() / NvmeWrite() + debug msgs + + MdePkg:Add new traffic statistics definition for Wireless NIC + + NetworkPkg:Fix Network memory leak when calling GetModeData + interface + + SecurityPkg: Correct data copy in Tpm2NvReadPublic + + SecurityPkg: Add TPM PTP detection in Tpm12SubmitCommand + + MdeModulePkg DxeCore: Avoid the closed event to be signaled + wrongly + + SecurityPkg: SecureBootConfigDxe: Fix potential NULL pointer + dereference + + CryptoPkg: Fix function qsort for non 32-bit machines +- update _service to fetch git repo + +------------------------------------------------------------------- +Tue Jan 26 04:24:29 UTC 2016 - glin@suse.com + +- update to R19743 + + NetworkPkg: Removing or adding some ASSERT statement + + MdeModulePkg:Fix the potential memory leak issue in Display + Engine + + MdeModulePkg: Add error DEBUG statements in ATA passthru driver + + NetworkPkg: DnsDxe: fix return type of DnsFillinQNameForQueryIp() + + MdeModulePkg/Ide: return correct status when DRQ is not ready + for ATAPI + + MdeModulePkg/ScsiDisk: Increase the value of SCSI_DISK_TIMEOUT + to 30s + + OvmfPkg: inherit Image Verification Policy defaults from + SecurityPkg + + OvmfPkg: execute option ROM images regardless of Secure Boot + + Rename TisTpmCommand to avoid name collision + + MdeModulePkg: update SNP.GetStatus to handle multiple recycled + TX buffer. + + MdeModulePkg: Update MNP driver to recycle TX buffer + asynchronously. + + Refine error handle code, avoid assert when load this module + twice. + + MdeModulePkg: DeleteLoadOptionVariable() removes Boot#### + + MdeModulePkg: Fix GraphicsConsole driver resolution out of + sync issue + + SecurityPkg: MOR drivers use Tcg2Protocol instead of TrEE. + + SecurityPkg: Add Tpm2Startup return code check. + + SecurityPkg: Clear AuthSession content after use. + + BaseTools/VfrCompile: honor CC if it is set + + BaseTools AARCH64: add separate GCC build rule for XIP objects + + BaseTools AARCH64: build XIP modules with strict alignment + + SecurityPkg: TcgDxe,Tcg2Dxe,TrEEDxe: New PCD for TCG event log + and TCG2 final event log area + + NetworkPkg: Fix some typos in Http boot driver. + + MdeModulePkg: Add DNS QType and QClass values definition + + NetworkPkg: Remove DNS QType and QClass definition + + SecurityPkg: SecureBootConfigDxe: Change + KEY_TRANS_SECURE_BOOT_MODE value + + SecurityPkg: SecureBootConfigDxe: Enhance secure boot string + update logic + + MdeModulePkg:Fix the potential memory leak issue in Display + Engine + + ShellPkg: Update 'dh' command to reflect correct driver handle + information + + NetworkPkg: Fix IpSec SPD and SAD mapping issue when SPD is + updated + + NetworkPkg: Fix SPD entry edit policy issue in IPSecConfig. + + MdeModulePkg: Add new library class PciHostBridgeLib + + MdeModulePkg: Add PciHostBridgeLibNull + + MdePkg: Add PciSegmentLib instance based on PciLib + + MdeModulePkg: Add generic PciHostBridgeDxe driver. + + Add NOOPT target + + ShellPkg UefiDpLib: Use Image->FilePath to get name for SMM + drivers + + MdeModulePkg/.../IdeMode: actualize DRQReady*() comment blocks + + MdeModulePkg/.../IdeMode: report early finish of packet read + as success + + MdeModulePkg: SerialDxe: lay out mSerialIoMode initializer more + nicely + + MdeModulePkg: SerialDxe: sync EFI_SERIAL_IO_MODE.Timeout with + the spec + + MdeModulePkg: TerminalDxe: select the UART's default receive + FIFO depth + + BaseTools: make build report tolerant of FVs specified by name + + Replace TpmCommLib with Tpm12DeviceLib + + Add TPM 1.2 commands used by TCG modules + + SecurityPkg: Update TCG PPI "1.3" for TCG2. + + Add TPM PTP support +- Remove upstreamed ovmf-fix-signedness.patch + +------------------------------------------------------------------- +Wed Jan 6 08:04:47 UTC 2016 - glin@suse.com + +- update to R19584 + + NetworkPkg: Support DNS4/6 GeneralLookUp feature + + SecurityPkg AuthVariableLib: Correct comment/error log about + CleanCertsFromDb + + NetworkPkg: Fix suspicious dereference of pointer before NULL + check + + NetworkPkg: Update module inf to include the missing uni file + + NetworkPkg: Remove a CopyMem to speed up the HTTP boot download + + NetworkPkg: Remove unused EFI_HTTP_PROTOCOL definition + + MdePkg : Update SPCR to use ACPI5 definition + + MdeModulePkg ScsiDiskDxe: Raise the Tpl of async IO callback + to TPL_NOTIFY + + ScsiDiskDxe: Close event when SCSI command fails + + MdeModulePkg ScsiBusDxe: Only signal caller event when + PassThru() succeeds + + MdeModulePkg DiskIoDxe: Check for MediaPresent in + DiskIo2ReadWriteDisk() + + MdeModulePkg ScsiDiskDxe: Modify WriteBlocks(Ex)() to follow + UEFI spec + + MdeModulePkg ScsiDiskDxe: Modify FlushBlocksEx() to follow UEFI + spec + + MdeModulePkg ScsiDiskDxe: Set block I/O media of SCSI CDROM to + read-only + + PcAtChipsetPkg/Rtc: Fix a UEFI Win7 boot hang issue + + MdeModulePkg:Clear the screen before booting the boot option + + NetworkPkg : Remove unused local variables to fix gcc build + errors + + MdePkg: Add HTTP 1.1 industry standard definitions + + SecurityPkg: SecureBootConfigDxe: Remove useless code in VFR + + NetworkPkg:Fix a bug the 2nd httpboot fail issue + + NetworkPkg: Update iSCSI driver to check existing AIP instances + + UefiCpuPkg/CpuMpPei: Fix pack(1) issue on x64 arch + + MdeModulePkg:Fix bug that get the password width info + incorrectly + + NetworkPkg:Fix the issue Http boot hang when network failed + + DxeTpmMeasureBootLib: Change global variable name to avoid + name conflict + + ArmVirtPkg/ArmVirtXen: add ARM support + + ArmVirtPkg/XenRelocatablePlatformLib: rewrite DTB memory node + retrieval in C + + OvfmPkg/XenHypercallLib: add missing GCC_ASM_EXPORT to + XenHypercall2 + + Shell update + + MdeModulePkg:Fix a bug HttpLib can't parse last chunked data + well + + MdeModulePkg/PciSioSerialDxe:add non-null pointer dereference + assertion + + ArmPkg: rewrite vector table population macros + + BootManagerLib: Check the pointer to avoid use NULL pointer + + MdeModulePkg: Fix RegularExpressionDxe memcpy intrinsic +- Add ovmf-fix-signedness.patch to fix the build error + +------------------------------------------------------------------- +Wed Dec 16 03:01:28 UTC 2015 - glin@suse.com + +- Update R19289 + + MdePkg: Add missing SMBIOS definitions for SATA and SAS Ports + + MdePkg: Add GIC version to ACPI 5.1/6 definitions + + MdePkg: Add Ipmi2.0 definitions head file + + MdeModulePkg: Add NULL pointer check for RegularExpressionDxe + + Convert all .uni files to utf-8 + + BaseTools/Scripts: Add ConvertUni.py script + + Fix >4G issue on IDT not restored correctly + + MdeModulePkg: Improved SetupBrowser handling to failed GOTO + callback + + ArmPlatformPkg/Sec: fix return_from_exception code and comment + + ArmPlatformPkg/ArmPlatformLibNull: use declared PPI rather than + module local var + + ArmVirtPkg RVCT: build DXE_RUNTIME_DRIVER modules with 4 KB + alignment + + BaseTools/GenFw RVCT: fix relocation processing of PT_DYNAMIC + sections + + BaseTools RVCT: use scatter file to enforce minimum section + alignment + + MdePkg/BaseIoLibIntrinsic: Add EBC support + + MdePkg: Add 3 macro defined in latest TPM2 specification + + ShellPkg: Initialize the local pointer to avoid potential + suspicious dereference + + CryptoPkg/OpensslLib: upgrade OpenSSL version to 1.0.2e + + MdeModulePkg ScsiDiskDxe: Add BlockIO2 Support + + MdePkg UefiScsiLib: Add non-blocking support for SCSI + Read/Write command + + NetworkPkg: Fix the potential NULL pointer dereferenced issue + + ShellPkg: Make 'dh' support showing all spec defined protocols + + BaseTools GCC: avoid the use of COMMON symbols + + ArmPkg/PrePeiCore: adhere to architectural stack alignment + requirement + + UefiCpuPkg/MtrrLib: Add PCD PcdCpuNumberOfReservedVariableMtrrs + + ArmPkg/BdsLib: Send RemainingDevicePath to PXE Load File + protocol + + CryptoPkg/BaseCryptLib: make mVirtualAddressChangeEvent STATIC + + CryptoPkg ARM: add ArmSoftFloatLib resolution to CryptoPkg.dsc + + SecurityPkg: AuthVariableLib: Customized SecureBoot Mode + transition + + MdePkg: DebugAssert enhancement + + ArmVirtPkg: HighMemDxe: add memory space for the high memory + nodes + + ArmVirtPkg: ArmVirtPlatformLib: find the lowest memory node +- Update openssl to 1.0.2e +- Update ovmf-embed-default-keys.patch to include one more db key +- Add MicWinProPCA2011_2011-10-19.crt, the Windows Product key + +------------------------------------------------------------------- +Fri Dec 4 06:13:41 UTC 2015 - glin@suse.com + +- Update to R19110 + + ShellPkg: Fix wrong return status for Ifconfig.c + + OvmfPkg: pull in SMM-based variable driver stack + + OvmfPkg: any AP in SMM should not wait for the BSP for more + than 100 ms + + OvmfPkg: use relaxed AP SMM synchronization mode + + OvmfPkg: SmmCpuFeaturesLib: implement SMRAM state save map + access + + OvmfPkg: import SmmCpuFeaturesLib from UefiCpuPkg + + OvmfPkg: set gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmEnableBspElection + to FALSE + + OvmfPkg: LockBox: use SMM stack with -D SMM_REQUIRE + + OvmfPkg: introduce -D SMM_REQUIRE and PcdSmmSmramRequire + + ArmVirtPkg: add secure boot support to 32-bit ARM targets + + MdeModulePkg/BDS: Do not pass unnecessary option to boot option + + NetworkPkg: Fix a bug in HttpBootDriverBindingStop() when + destroying child + + ArmPlatformPkg/PrePiHobListPointerLib: use thread ID register + + ArmPlatformPkg/PrePeiCore: add missing entries to AArch64 + vector table +- Refresh ovmf-gdb-symbols.patch +- Run fdupes on /usr/share/qemu + +------------------------------------------------------------------- +Fri Nov 27 04:16:46 UTC 2015 - glin@suse.com + +- Update to R18975 + + ArmVirtPkg: Use SerialDxe in MdeModulePkg instead of + EmbeddedPkg + + OvmfPkg XenConsoleSerialPortLib: Implement + Get(Set)Control/SetAttributes + + NetworkPkg:Fix NULL pointer dereference issues + + Always set WP in CR0 + + ArmPkg/UncachedMemoryAllocationLib: fix warning about + uninitialized local var + + UefiCpuPkg/CpuS3DataDxe: Add module to initialize ACPI_CPU_DATA + for S3 + + Move CommunicationBuffer from stack to global variable + + Move SmmDebug feature from ASM to C + + Install LoadedImage protocol for PiSmmCore + + Uninstall LoadedImage protocol if SMM driver returns error and + is unloaded + + ArmLib/ArmV7Mmu: use 64-bit type for mapping region size + + ArmVirtPkg/ArmVirtPlatformLib: reduce ID map size to GCD region + size + + ArmVirtPkg/ArmVirtQemu: limit the (I)PA space to 40 bits + + MdeModulePkg/UefiBootManagerLib: Always create MemoryTypeInfo + variable + + ShellBinPkg: Arm/AArch64 Shell binary update + + MdeModulePkg:Create Boot Maintenance Manager Library + + MdeModulePkg:Create Device Manager Library + + MdeModulePkg:Create Boot Manager Library + + ArmPkg: Invalidate cache after allocating UC memory + + MdeModulePkg FileExplorerDxe: Create file explorer Protocol + + ArmPkg: ArmLib: purge incorrect ArmDrainWriteBuffer () alias + + UefiCpuPkg/CpuDxe: Don't use gBS->Stall + + UefiCpuPkg/SmmFeatureLib: Check SmmFeatureControl by + Code_Access_Chk + + UefiCpuPkg: Not touch SmmFeatureControl if Code_Access_Chk not + Set + + ArmPkg/ArmPlatformPkg: position vectors relative to base + + ArmPkg: correct TTBR1_EL1 settings in TCR_EL1 + + ShellPkg: Corrected CatSPrint usage to prevent memory leaks + + ArmPkg/ArmV7Mmu: handle memory regions over 4 GB correctly + + ArmPkg/ArmV7Lib: take MP extensions into account when + programming TTBR + + ArmPkg/ArmV7Lib: fix definition of TTBR_NON_INNER_CACHEABLE + + ArmPkg/ArmV7Mmu: introduce feature PCD to map normal memory + non-shareable + + ArmPkg/ArmV7Mmu: make cached translation table accesses + shareable + + ArmPkg/ArmV7Lib: add function to test for presence of MP + extensions + + ArmPkg/ArmV7Lib: add support for reading the ID_MMFR0 system + register + + ArmPkg/ArmV7Mmu: fix write-through translation table accesses + + ArmPkg/Mmu: set required XN attributes for device mappings + + ArmVirtPkg/ArmVirtPlatformLib: map executable NOR region as + normal memory + + ArmPkg/AArch64Mmu: remove unused GcdAttributeToArmAttribute() + +------------------------------------------------------------------- +Wed Nov 18 09:35:19 UTC 2015 - glin@suse.com + +- Update to R18868 + + ArmPkg: ensure DebugAgentVectorTable is 2K-aligned + + MdeModulePkg: Add Platform recovery support + + MdePkg: Add Platform Recovery definitions + + MdeModulePkg: SmmLockBoxPeiLib: work without + EFI_PEI_SMM_COMMUNICATION_PPI + + NetworkPkg: Httpboot will fail the 2nd time result by wrong + TCP state + + MdeModulePkg PeiCore: PEI dispatcher need retry to process + NOT_DISPATCHED FV + + ArmPkg/ArmLib: mark all cached mappings as (inner) shareable + + ArmPlatformPkg: bring DS-5 scripts in line with linker script + changes + + MdeModulePkg: Add BootLogoLib to provide interfaces about logo + display + + MdeModulePkg: Add ImageDecoderLib to provide image decoding + service + + MdeModulePkg: Add PlatformLogo protocol definition + +------------------------------------------------------------------- +Thu Nov 12 06:51:09 UTC 2015 - glin@suse.com + +- Update to R18768 + + MdePkg: Add more DataBits support to Port80 output + + MdeModulePkg PeiCore: Fix issue AuthenticationStatus is not + propagated correctly + + NetworkPkg: Report Http Errors to screen when http layer + occurs an error + + Add error handling for TPM in S3 resume failure + + ArmPkg/ArmDmaLib: use the cache writeback granularity for + alignment + + ArmPkg/ArmLib: fix barriers in AArch64 ArmEnableMmu + + NetworkPkg:Enable Http Boot over Ipv6 stack + + NetworkPkg:Missing CloseEvent() in HttpResponseWorker + + CryptoPkg: Add one new API (Pkcs7GetCertificatesList) for certs + retrieving + + SourceLevelDebugPkg: DebugAgent: Set Local APIC SoftwareEnable + + UefiCpuPkg: LocalApicLib: Add API to set SoftwareEnable bit + + UefiCpuPkg: CpuDxe: Update GDT to be consistent with DxeIplPeim + + NetworkPkg: HttpDxe sometimes free a pointer twice + + CryptoPkg/OpensslLib: Move OPENSSL_NO_xxx defines into + opensslconf.h + + CryptoPkg/OpensslLib: Eliminate GETPID_IS_MEANINGLESS + definition + + CryptoPkg: Fix OpenSSL BN wordsize and OPENSSL_SYS_UEFI + handling + + CryptoPkg/OpensslLib: Undefine NO_BUILTIN_VA_FUNCS to fix + varargs breakage + + CryptoPkg/BaseCryptLib: Use X509_V_FLAG_NO_CHECK_TIME + + CryptoPkg/BaseCryptLib: Use X509_V_FLAG_PARTIAL_CHAIN + + CryptoPkg/BaseCryptLib: Clean up checking of PKCS#7 contents + type + + CryptoPkg/BaseCryptLib: Use accessor functions for ASN1_OBJECT + + CryptoPkg/BaseCryptLib: Use accessor functions for + X509_ATTRIBUTE + + CryptoPkg/BaseCryptLib: Use i2d_X509_NAME() instead of abusing + X509_NAME + + CryptoPkg/BaseCryptLib: Add missing OpenSSL includes + + UefiCpuPkg: PiSmmCpuDxeSmm: Replace PcdSet## with PcdSet##S + + MdePkg/BaseSynchronizationLib: fix AArch64 return values + + Fix issue that calling GetS3MemoryInfo() with wrong order + + Do not deadloop if Microcode not found in FspTempRamInit + + Move Smbios measurement from TCG driver to Smbios driver + + Add suppressif around TCG hash seleciton checkbox in TCG2 + + UefiCpuPkg: PiSmmCpuDxeSmm: Remove unused references to SmmLib + + OvmfPkg: QemuFlashFvbServicesRuntimeDxe: split out runtime DXE + specifics + + OvmfPkg: QemuFlashFvbServicesRuntimeDxe: no dual addressing + needed + + MdeModulePkg Variable: Enhance variable performance by reading + from existed memory cache + +------------------------------------------------------------------- +Thu Oct 22 03:07:19 UTC 2015 - glin@suse.com + +- Update to R18651 + + OvmfPkg: XenPvBlkDxe: handle empty cdrom drives + + MdeModulePkg SetupBrowserDxe: Save global variable values + before nest function called + + UefiCpuPkg: Add CPU Hot Plug Data include file + + UefiCpuPkg: Add ACPI CPU Data include file + + UefiCpuPkg: Add SMM CPU Service Protocol + + UefiCpuPkg: CpuDxe: broadcast MTRR changes to APs + + UefiCpuPkg: CpuDxe: Wait for APs to enter idle loop + + UefiCpuPkg: CpuDxe: Use PCD for AP detection timeout + + UefiCpuPkg: Update CPU MP drivers to support single CPU + configuration + + MdeModulePkg VarCheckLib: R18611 was thoughtless for property + set + + SecurityPkg : Fix Rsa2048Sha256GuidedSectionExtractLib issue + + OvmfPkg: VirtioBlkDxe: reset device at ExitBootServices() + + OvmfPkg: VirtioScsiDxe: reset device at ExitBootServices() + + OvmfPkg: Sec: Fix SOURCE_DEBUG_ENABLE ASSERT() + + MdeModulePkg: SmbiosDxe: soften DEBUG messages about table + reallocation + + MdeModulePkg: FaultTolerantWriteDxe: clean up some "success" + messages + + MdeModulePkg: FaultTolerantWriteDxe: mellow DEBUGs about + workspace reinit + + ArmPlatformPkg: NorFlashDxe: mellow DEBUG messages about flash + reinit + + ArmVirtPkg: include BaseStackCheckLib also for AARCH64 + + NetworkPkg: reset DHCP child when leaving PXE LoadFile + + MdeModulePkg: reset DHCP child when leaving PXE LoadFile + + SecurityPkg AuthVariableLib: Add the missing + gEfiAuthenticatedVariableGuid + + MdeModulePkg VariableRuntimeDxe: Add the missing + gEfiImageSecurityDatabaseGuid + + MdeModulepkg VarCheckLib: Return NULL when no property set to + variable with wildcard name + + NetworkPkg: remove unnecessary timeout event when setting IPv6 + address + + ShellPkg: Print error message when Shell set environment + variable fail + + BaseTools/PeCoffLoader: fix handling of ARM MOVW/MOVT + instruction relocs + + UefiCpuPkg: Add ASSERT to handle local APIC not config properly + + SecurityPkg: Integrate new RngLib into RngDxe + + MdePkg: Create GetRandomNumber128 in RngLib + + ArmVirtPkg/ArmVirtQemu: enable non-exec DXE stack for AARCH64 + + MdeModulePkg/DxeIplPeim: implement non-exec stack for + ARM/AARCH64 + + ArmPkg/ArmLib MMU: add functions to set/clear RO and XN bits on + regions + + ArmPkg/AArch64Mmu: move page table traversal code to separate + function + + ArmPkg/AArch64Mmu: use architecturally correct definitions for + XN/UXN + +------------------------------------------------------------------- +Thu Oct 8 02:33:33 UTC 2015 - glin@suse.com + +- Update to R18577 + + OvmfPkg: raise DXEFV size to 9 MB + + MdeModulePkg: exit pci function loops early if device is not + multi-function + + NetworkPkg: HttpDxe: Remove unused local variables + + ArmPkg/AArch64Mmu: remove cache maintenance for page tables + + BaseTools/AARCH64: use large code model for GCC <= 4.8 + + ArmPkg/Mmu: do not configure block translations at level 0 + + ArmVirtPkg: use 4 KB section alignment for + ARM DXE_RUNTIME_DRIVER modules + + BaseTools/ARM: move to unified GCC linker script +- Enable HttpBoot for i586 and x86_64 +- Drop patches since upstream fixes the issues + + ovmf-use-non-default-gcc48.patch + + 0001-Revert-BaseTools-AARCH64-use-tiny-code-model-by-defa.patch + + 0010-avoid-potentially-uninitialized-variable.diff + +------------------------------------------------------------------- +Thu Oct 1 08:54:34 UTC 2015 - glin@suse.com + +- Update to R18564 + + OvmfPkg: set 4 KB section alignment for DXE_RUNTIME_DRIVER + modules + + MdeModulePkg Ip4Dxe: Ip4Config2 to request DHCP Option6 DNS + server IP + + MdeModulePkg: Add SMBIOS 3.0 support in NetLibGetSystemGuid + + ArmVirtPkg: build the TFTP command into the UEFI shell + + OvmfPkg: build the TFTP command into the UEFI shell + + ArmVirtPkg: reduce preallocation of boot services data pages + + OvmfPkg: enable SATA controller + + OvmfPkg: QemuBootOrderLib: recognize Q35 SATA disks / CD-ROMs + + MdePkg: Add RngLib into MdePkg + + MdeModulePkg: Remove event from protocol database only if + registered + + ArmVirtPkg: PlatformIntelBdsLib: signal ReadyToBoot on direct + kernel boot + + ShellPkg: Added SMBIOS 2.8 Type 17 changes to smbiosview + + ShellPkg: Added SMBIOS 3.0 support in dmem + + MdeModulePkg: Enhance PCI capability looking up logic to avoid + hang + + OvmfPkg: disable no-exec DXE stack by default + + OvmfPkg: make PcdPropertiesTableEnable dynamic + + OvmfPkg: make PcdSetNxForStack dynamic + + MdeModulePkg: Change the algorithm in SNP to use the first + found BAR index + + NetworkPkg: Update Http driver to use DPC mechanism + + NetworkPkg: RxToken event not closed in Http.Response() + + NetworkPkg: Avoid memory allocation for each HTTP message + exchange + + NetworkPkg: Update cache management in HTTP boot driver + + NetworkPkg: Enlarge receive block size of HTTP boot driver + + PXE Driver's LoadFile protocol should check FilePath + + ArmVirtPkg: set max physical address width to 40 bits + + ArmVirtPkg/ArmVirtMemoryInitPeiLib: handle memory above 4 GB + on 32-bit ARM + + ArmPkg/Mmu: Fix potential page table memory leak + + ArmPkg/Mmu: Increase PageLevel when table found at the targeted + level + + ArmPkg/Mmu: Fix literal number left shift bug + + ArmPkg/Mmu: Fix page level calculation bug + + ArmPkg/Mmu: Fix bug of aligning new allocated page table + + MdeModulePkg: Fix a performance data buffer overrun issue + + ShellPkg: Fix 'for' command fail with multiple fields + + MdeModulePkg: Regular expression protocol + + NetworkPkg: Fix suspicious dereference of pointer 'FieldCount' + + Handle extra module patchable PCD variable in Linux map + + NetworkPkg: Fix the HttpCloseConnection fail issue + + UefiCpuPkg/MtrrLib: MtrrValidBitsMask and MtrrValidAddressMask + wrong +- Add ovmf-use-non-default-gcc48.patch: gcc5 generates the larger + code size and causes the x86_64 final image exceeds the size + limit if we enable Secure Boot and IPv6 at the same time. As a + workaround, we use the non-default gcc48. +- Drop ovmf-gcc5-conf.patch and use GCC49 as TOOL_CHAIN_TAG for + the distro with gcc5 +- Limit 0001-Revert-BaseTools-AARCH64-use-tiny-code-model-by-defa.patch + to the distro with gcc lower than 5 +- Refresh ovmf-embed-default-keys.patch and ovmf-gdb-symbols.patch + +------------------------------------------------------------------- +Thu Sep 3 06:36:37 UTC 2015 - glin@suse.com + +- Update to R18393 + + OvmfPkg: PlatformPei: force 32-bit MMIO aperture above 3 GB + on Q35 + + OvmfPkg: AcpiTables: serialize control methods that create + named objects + + OvmfPkg: PlatformPei: clear CMOS 0xF after setting mBootMode + + CryptoPkg: Fix one wrong parameter for weak key checking + + CryptoPkg: Replace string wrapper functions with safe string + functions + + ArmPlatformPkg/PlatformIntelBdsLib: add splash screen support + + ArmPlatformPkg/PlatformIntelBdsLib: fix and clean up error + handling + + ArmPlatformPkg/PlatformIntelBdsLib: remove ARM BDS dependency + + Locate IpSec on IP packet processing only if it's installed + + ShellPkg: Get media status in ifconfig command + + OvmfPkg: prevent code execution from DXE stack + + MdePkg: Modify string expression of Wi-Fi device path to + follow UEFI spec + + NetworkPkg: Fix IpSec run into infinite loop issue in some case + + FatBinPkg: Update EBC/IA32/X64/IPF binaries + + SecurityPkg: Fix one returned code issue in P7Verify Protocol + + Add VarCheckLib library + + BaseTools: Add NULL pointer check in AutoGen code + + Follow PI spec to update ExtendedSize in EFI_FFS_FILE_HEADER2 + + NetworkPkg: Add HTTP utilities driver + + OvmfPkg: Add HttpBoot support + + NetworkPkg: Remove the hostname from the http request URL + + MdeModulePkg:Full support F10 hot key in UiApp + + NetworkPkg: Fix DHCP TransmitReceive EFI_NO_MAPPING return in + DnsDxe + + MdeModulePkg: Fix default router table and interface missing + error + + ShellPkg: Fix 'ifconfig' can't get the address from dhcp in + some case + + ArmPkg: remove ARMv6 support code + + MdeModulePkg: Update UiApp to handle terminal type TtyTerm + + MdeModulePkg/Xhci: make all timeout values be consistent with + comments + + SecurityPkg: Fixed build error due to FixedAtBuild + PcdTcg2HashAlgorithmBitmap + + MdeModulePkg: IP4 should re-initiate a DHCP if it detects + network reconnection + + NetworkPkg: Stop and release DHCP4 child after boot info is + ready + + Add restriction that HashFinal() must be after at least one + HashUpdate() + + SecurityPkg: Update SignatureSize to comply UEFI spec + + NetworkPkg: Fix hang issue after system reconnected when IPSec + has set up + + Add TPM2 definition in trusted computing group + + BaseTools IA32/X64: prevent .eh_frame sections from being + generated + + MdeModulePkg:Use safe string functions in UiApp + + MdeModulePkg: Add codes to support trailer parse in HttpLib + + OvmfPkg/Xen: use lower case x in hex immediate value + + ArmVirtPkg: use global section alignment in custom linker + script + + ArmVirtPkg: avoid relocated immediates in AARCH64 asm + + MdeModulePkg: Fix issue about current Ip4Dxe implementation + for DHCP DORA process + + BaseTools/GenFw: allow AArch64 tiny and small code model + relocations +- Add 0001-Revert-BaseTools-AARCH64-use-tiny-code-model-by-defa.patch + to use the large model for aarch64 since ld/binutils couldn't + calculate the sections properly and GenFw would fail due to the + section offset. +- Drop arm patches + + 0001-ArmPlatformPkg-ArmVirtualizationPkg-enable-DEBUG_VER.patch + + 0002-ArmPlatformPkg-Bds-generate-ESP-Image-boot-option-if.patch + + 0003-ArmPlatformPkg-Bds-check-for-other-defaults-too-if-u.patch + + 0005-ArmPlatformPkg-Bds-initialize-ConIn-ConOut-ErrOut-be.patch + + 0006-ArmPlatformPkg-Bds-let-FindCandidate-search-all-file.patch + + 0007-ArmPlatformPkg-Bds-FindCandidateOnHandle-log-full-de.patch + + 0008-ArmPlatformPkg-Bds-fall-back-to-Boot-Menu-when-no-de.patch + + 0009-ArmPlatformPkg-Bds-always-connect-drivers-before-loo.patch + +------------------------------------------------------------------- +Mon Aug 10 06:45:04 UTC 2015 - glin@suse.com + +- Update to R18191 + + UefiCpuPkg CpuDxe: Sync up the settings of Execute Disable to APs + + MdeModulePkg DxeIpl: Fix IA32 build failure with GCC 5.1.1 + + ArmPlatformPkg/PlatformPeim: constify EFI_PEI_PPI_DESCRIPTOR + globals + + ArmPlatformPkg/PrePeiCore: constify PPI globals + + MdeModulePkg: Use monotonic count to initialize the NetLib + random seed + + OvmfPkg: SmbiosVersionLib: recognize SMBIOS 3.x entry point + + OvmfPkg: SmbiosPlatformDxe: eliminate duplicate entry point + validation + + ArmVirtPkg/ArmVirtQemu.dsc: set default for + PcdQemuSmbiosValidated + + OvmfPkg: introduce PcdQemuSmbiosValidated + + ArmVirtPkg: set SMBIOS version in DetectSmbiosVersionLib + instead of QemuFwCfgToPcdDxe + + OvmfPkg: set SMBIOS version in DetectSmbiosVersionLib instead + of PlatformPei + + OvmfPkg: SmbiosVersionLib: add "plugin" for detecting SMBIOS + version + + OvmfPkg: PlatformDebugLibIoPort: fix AsciiSPrint() format + string + + ShellPkg: Fix issue about ping fail with IPv4 + + MdeModulePkg DxeIpl: Add stack NX support + + NetworkPkg: Fix assert caused by wrong parameter in + AsciiStrCpyS() + + ArmVirtPkg/ArmVirtQemu: add LinuxLoader UEFI app to ARM build + + ArmVirtPkg/ArmVirtXen: remove unused PcdFirmwareVendor PCD + + ArmVirtPkg/ArmVirtQemu: drop ARM BDS and make Intel BDS the + default + + BaseTools GCC: move AutoGen.obj contents to .text section + + BaseTools GCC: align start of .data to .text alignment + + BaseTools GCC: add unified GCC linker script for all archs and + versions + + BaseTools IA32/X64: get header size and alignment from ld + commandline + + BaseTools IA32/X64: move .got contents to the PE/COFF .text + section + + BaseTools IA32/X64: drop redundant alignment from linker script + + BaseTools IA32/X64: move .rodata to PE/COFF .text section + + BaseTools IA32/X64: remove NOP padding from X86/IA32 GCC linker + scripts + + MdeModulePkg PeiCore: Add PCD to specify PEIM Shadow + + ArmVirtPkg: use 'auto' alignment and FIXED placement for XIP + modules + + MdeModulePkg: Enhance PciBusDxe to handle high 32bit of MEM64 + BAR returns 0 +- Refresh ovmf-gcc5-conf.patch +- Refresh 0001-ArmPlatformPkg-ArmVirtualizationPkg-enable-DEBUG_VER.patch +- Drop upstreamed patch: ovmf-netlib-random-seed.patch +- Drop 0004-ArmPlatformPkg-ArmVirtualizationPkg-auto-detect-boot.patch + since the ARM BDS was dropped + +------------------------------------------------------------------- +Wed Jul 29 09:40:38 UTC 2015 - glin@suse.com + +- Update to R18107 + + NetworkPkg: Fix the issue cannot boot to UEFI Network after + reset + + ArmVirtPkg: implement DT-based ArmGicArchLib + + OvmfPkg: fix conversion specifiers in DEBUG format strings + + Reduce reserved memory consumption + + MdeModulePkg: Make boot option description unique + + NetworkPkg: Fix the issue EfiPxeBcDhcp() may return wrong + status. + + ArmVirtPkg/ArmVirtQemu: support SMBIOS + + ArmVirtPkg: QemuFwCfgToPcdDxe: set SMBIOS entry point version + dynamically + + ArmVirtPkg: add QemuFwCfgToPcdDxe + + OvmfPkg: SmbiosPlatformDxe: restrict current Xen code to + IA32/X64 + + OvmfPkg: SmbiosPlatformDxe: move IsEntryPointStructureValid() + to Xen.c + + OvmfPkg: AcpiS3SaveDxe: drop EFI_ACPI_S3_SAVE_PROTOCOL + + OvmfPkg: install DxeSmmReadyToLock in PlatformBdsLib + + IntelFrameworkModulePkg/GenericBdsLib: remove AcpiS3->S3Save() + call + + OvmfPkg: PlatformBdsLib: signal End-of-Dxe event group + + OvmfPkg: AcpiS3SaveDxe: call S3Ready() at End-of-Dxe + + OvmfPkg: AcpiS3SaveDxe: prepare for End-of-Dxe callback +- Add ovmf-netlib-random-seed.patch to avoid the DHCPv6 IAID + collision + +------------------------------------------------------------------- +Fri Jul 24 03:40:08 UTC 2015 - glin@suse.com + +- Update to R18030 + + ArmVirtPkg: Make terminal type consistent + + NetworkPkg: Add the unspecified address check for DNS6 + StationIp + + ShellPkg: Add optional 'tftp' EFI Shell command + + NetworkPkg: Fix bios bootup hang issue when enable network + + SecurityPkg: Fix DBX Variable Read Error in + ImageVerificationLib + + SecurityPkg: Correct BootOrder/Boot#### measurement behavior + + ArmVirtPkg/ArmVirtQemu.dsc: Remove Linux specific boot path + + ArmPkg/BdsLib: Remove Linux loader from BdsLib + + ArmPlatformPkg: Add the LinuxLoader.efi EFI application + + ArmPkg/BdsLib: Replaced BdsLoadApplication() by + LocateEfiApplicationInFv() + + OvmfPkg: QemuBootOrderLib: recognize extra PCI root buses + + OvmfPkg: QemuBootOrderLib: introduce ExtraRootBusMap + + OvmfPkg: PciHostBridgeDxe: shorten search for extra root buses + + OvmfPkg: PciHostBridgeDxe: look for all root buses + + OvmfPkg: PciHostBridgeDxe: eliminate + PCI_HOST_BRIDGE_INSTANCE.RootBridgeNumber + + OvmfPkg: PciHostBridgeDxe: use private buffer in + RootBridgeIoConfiguration() + + OvmfPkg: PciHostBridgeDxe: release resources on driver entry + failure + + OvmfPkg: PciHostBridgeDxe: factor out InitRootBridge() function + + OvmfPkg: PciHostBridgeDxe: embed device path in private root + bridge struct + + OvmfPkg: PciHostBridgeDxe: kill RootBridgeNumber and + RootBridgeAttribute + + OvmfPkg: PciHostBridgeDxe: eliminate nominal support for + multiple host bridges + + OvmfPkg: PlatformBdsLib: connect all PCI root buses +- Refresh patches + + 0001-ArmPlatformPkg-ArmVirtualizationPkg-enable-DEBUG_VER.patch + + 0002-ArmPlatformPkg-Bds-generate-ESP-Image-boot-option-if.patch + + 0003-ArmPlatformPkg-Bds-check-for-other-defaults-too-if-u.patch + + 0004-ArmPlatformPkg-ArmVirtualizationPkg-auto-detect-boot.patch + + 0005-ArmPlatformPkg-Bds-initialize-ConIn-ConOut-ErrOut-be.patch + + 0006-ArmPlatformPkg-Bds-let-FindCandidate-search-all-file.patch + + 0007-ArmPlatformPkg-Bds-FindCandidateOnHandle-log-full-de.patch + + 0008-ArmPlatformPkg-Bds-fall-back-to-Boot-Menu-when-no-de.patch + + 0009-ArmPlatformPkg-Bds-always-connect-drivers-before-loo.patch + + 0010-avoid-potentially-uninitialized-variable.diff + +------------------------------------------------------------------- +Mon Jul 13 04:34:30 UTC 2015 - glin@suse.com + +- Update to R17935 + + CryptoPkg: update OpenSSL dependency to version 1.0.2d + + OvmfPkg: QemuFwCfgLib: avoid "variable set but not used" + warning from GCC + + Remove Ip4ConfigDxe module + + IntelFrameworkPkg FrameworkUefiLib: Fix ASSERT in CatVSPrint + + BaseTools: aarch64: add -fno-asynchronous-unwind-tables to gcc + cflags + + MdePkg/AArch64: use GCC_ASM_EXPORT to export functions + + MdeModulePkg/FvSimpleFileSystemDxe: Support file opening with + no '.efi' + + OvmfPkg: Fix GCC49 build hang in PeiCore + + Add "TtyTerm" terminal type to TerminalDxe + + MdeModulePkg AcpiTableDxe: Install config table at ACPI data + change +- Remove upstreamed ovmf-remove-old-ip4config.patch + +------------------------------------------------------------------- +Wed Jul 8 07:30:18 UTC 2015 - glin@suse.com + +- Update to R17883 + + MdePkg: Add UEFI2.5 Ramdisk device path definition + + ArmVirtPkg: use correct ASM decoration for non-function global + symbols + + NetworkPkg: Add UEFI HTTP boot driver + + NetworkPkg: Add HTTP Driver + + NetworkPkg: Add DNS feature support over IPv4 and IPv6 + + MdeModulePkg: Update Ip4Dxe driver to support Ip4Config2 + protocol + + ArmVirtPkg: adapt ArmVirtXen build to system memory end global + variable + + ArmPkg/CpuDxe: Fixed AArch64 MMU + + ArmPkg/Application: Add new EFI application to boot Linux + + ArmVirtPkg: build runtime drivers with 64 KB section alignment + + Restructure AuthVariableLib + + Conversion of the safe string functions + + CryptoPkg: Fix the dereferenced pointer issue + + SecurityPkg: Add MD5 support to Hash2DxeCrypto + + OvmfPkg: Increase the maximum size of RAM + + ArmVirtPkg: signal EndOxDxe event in PlatformBsdInit + + MdeModulePkg: Add Memory Capabilities for MMIO and Reserved + Range +- Add ovmf-remove-old-ip4config.patch to remove the old Ip4Config +- Refresh patches + + ovmf-embed-default-keys.patch + + ovmf-gcc5-conf.patch + + 0001-ArmPlatformPkg-ArmVirtualizationPkg-enable-DEBUG_VER.patch + + 0002-ArmPlatformPkg-Bds-generate-ESP-Image-boot-option-if.patch + + 0003-ArmPlatformPkg-Bds-check-for-other-defaults-too-if-u.patch + + 0004-ArmPlatformPkg-ArmVirtualizationPkg-auto-detect-boot.patch + + 0005-ArmPlatformPkg-Bds-initialize-ConIn-ConOut-ErrOut-be.patch + + 0006-ArmPlatformPkg-Bds-let-FindCandidate-search-all-file.patch + + 0007-ArmPlatformPkg-Bds-FindCandidateOnHandle-log-full-de.patch + + 0008-ArmPlatformPkg-Bds-fall-back-to-Boot-Menu-when-no-de.patch + + 0009-ArmPlatformPkg-Bds-always-connect-drivers-before-loo.patch +- Add the source-level debugging to README + +------------------------------------------------------------------- +Wed Jun 24 03:21:11 UTC 2015 - glin@suse.com + +- Update to R17700 + + OvmfPkg/PlatformDxe: Convert Platform.uni to UTF-8 + + OvmfPkg: QemuVideoDxe: add virtio-vga support + + CryptoPkg: OpensslLib: reintroduce EFIAPI for + ERR_add_error_data() + + SecurityPkg: Provide correct file GUID for Pkcs7VerifyDxe + + SecurityPkg: Fix wrong calculation of ImageExeInfoEntrySize + + OvmfPkg: PlatformPei: set SMBIOS entry point version + dynamically + + SecurityPkg: Add UEFI-2.5 PKCS7 Verification Protocol Support + + CryptoPkg: Add one new API for PKCS7 Verification Protocol + Support + + MdeModulePkg PiSmmCore: Introduce SMM Exit Boot Services and + Legacy Boot + + MdePkg/DxeServicesLib: Return NULL GetFileBufferByFilePath + reads directory + + MdeModulePkg: Fix DHCP4 driver hang issue in some case + + MdeModulePkg: Remove DHCP4.TransmitReceive()and DORA process + dependency + + MdeModulePkg:System hangs in setup menu + + ArmVirtPkg: increase memory preallocations for secure build + + Update openssl to 1.0.2c + + Add code to protect the whole BIOS region on SPI flash, except + UEFI Variable region + + SecurityPkg/MdeModulePkg: Add PcdMaxAuthVariableSize + declaration + + MdePkg: Add EFI REST Protocol definitions + + OvmfPkg/PlatformPei: Initialise RCBA (B0:D31:F0 0xf0) register + + OvmfPkg/PlatformPei: Query Host Bridge DID only once + + ArmPkg: reduce sysreg access count in GIC revision probe + + SecurityPkg: Fix wrong cert data measurement in DBX path + + MdeModulePkg/UhciDxe: Update async polling interval to 1ms + + MdeModulePkg/EhciDxe: Update async polling interval to 1ms + + MdeModulePkg/XhciDxe: Update async polling interval to 1ms + + ShellPkg\Application\Shell: Clean start row information after + the console has been Reset or SetMode + + Add SysPrepOrder and SysPrep#### to global list + + MdePkg: Add EFI Capsule Report data structure and GUID + + Add UEFI 2.5 Properties table definition + + MdePkg:Add UEFI 2.5 PKCS7 Verification Protocol Definition + + ShellPkg: Handle escape characters properly for parse command + + ShellPkg: Add pipe support for parse command + + ArmVirtPkg: increase memory preallocations to reduce region + count +- Add ovmf-gcc5-conf.patch for GCC5 and adjust the spec file for + gcc5 + +------------------------------------------------------------------- +Wed Jun 3 09:51:38 UTC 2015 - glin@suse.com + +- Update to R17553 + + MdeModulePkg/AtaAtapiPassThru: ensure PRDT of IDE is in 64K + boundary + + ArmPkg/BdsLib: Fixed TFTP when there are directories in the + name + + Renamed ArmPlatformPkg/ArmVirtualizationPkg into ArmVirtPkg + + ArmPkg: Expand AArch64 address width to 48 bits + + MdeModulePkg:Support delete key + + MdeModulePkg/AtaAtapiPassThruDxe: Support 4K bytes block size + HDDs + + MdeModulePkg: Fix potential buffer overflow issues + + Update for OEM reserved memory type +- Update ArmPlatformPkg patches + + 0001-ArmPlatformPkg-ArmVirtualizationPkg-enable-DEBUG_VER.patch + + 0002-ArmPlatformPkg-Bds-generate-ESP-Image-boot-option-if.patch + + 0003-ArmPlatformPkg-Bds-check-for-other-defaults-too-if-u.patch + + 0004-ArmPlatformPkg-ArmVirtualizationPkg-auto-detect-boot.patch + + 0005-ArmPlatformPkg-Bds-initialize-ConIn-ConOut-ErrOut-be.patch + + 0006-ArmPlatformPkg-Bds-let-FindCandidate-search-all-file.patch + + 0007-ArmPlatformPkg-Bds-FindCandidateOnHandle-log-full-de.patch + + 0008-ArmPlatformPkg-Bds-fall-back-to-Boot-Menu-when-no-de.patch + + 0009-ArmPlatformPkg-Bds-always-connect-drivers-before-loo.patch + + 0010-avoid-potentially-uninitialized-variable.diff +- Remove the prefix of the arm patches + + ovmf-0001-ArmPlatformPkg-ArmVirtualizationPkg-enable-DEBUG_VER.patch + + ovmf-0002-ArmPlatformPkg-Bds-generate-ESP-Image-boot-option-if.patch + + ovmf-0003-ArmPlatformPkg-Bds-check-for-other-defaults-too-if-u.patch + + ovmf-0004-ArmPlatformPkg-ArmVirtualizationPkg-auto-detect-boot.patch + + ovmf-0005-ArmPlatformPkg-Bds-initialize-ConIn-ConOut-ErrOut-be.patch + + ovmf-0006-ArmPlatformPkg-Bds-let-FindCandidate-search-all-file.patch + + ovmf-0007-ArmPlatformPkg-Bds-FindCandidateOnHandle-log-full-de.patch + + ovmf-0008-ArmPlatformPkg-Bds-fall-back-to-Boot-Menu-when-no-de.patch + + ovmf-0009-ArmPlatformPkg-Bds-always-connect-drivers-before-loo.patch + + ovmf-0010-avoid-potentially-uninitialized-variable.diff + +------------------------------------------------------------------- +Thu May 14 06:59:14 UTC 2015 - glin@suse.com + +- Update to R17446 + + OvmfPkg: AcpiS3SaveDxe: fix protocol usage hint in the INF file + + OvmfPkg: extract some bits and port offsets common to Q35 and + I440FX + + MdeModulePkg: Add ESRT management module. + + MdeModulePkg: Add ESRT management protocol definition + + MdePkg: Add Microsoft UX capsule GUID & layout + + SecurityPkg: Update SecureBootConfigDxe to support ARM image + + SecurityPkg Variable: Make PK & SecureBootMode consistent + + MdeModulePkg DxeCore: Add read only memory support + + OvmfPkg: QemuBootOrderLib: parse OFW device path nodes of PCI + bridges + + MdePkg: Add UEFI 2.5 SD (Secure Digital) Device Path Definitions + + Hash2 driver to [Components.IA32, Components.X64, Components.IPF] + section + + ArmVirtualizationPkg: Enable secure boot for ArmVirtualizationQemu + + ArmPlatformPkg: enable use of authenticated variables in + NorFlashDxe +- Refresh patch + + ovmf-0002-ArmPlatformPkg-Bds-generate-ESP-Image-boot-option-if.patch +- Enable Secure Boot for AArch64 +- Remove the workaround for SLE11 + +------------------------------------------------------------------- +Thu May 7 10:13:13 UTC 2015 - glin@suse.com + +- Although ovmf-gdb-symbols.patch has been included for a while, + it's not mentioned in changelog and legal-auto script is not + happy with it. + +------------------------------------------------------------------- +Thu May 7 06:58:50 UTC 2015 - glin@suse.com + +- Update to R17351 + + BaseTools: Fix build fail issue + + MdeModluePkg: Enable refresh opcode to refresh the entire form + + BaseTool: Add refresh form opcode in vfrcompiler + + MdeModulePkg: Add BootManagerMenuApp + + MdeModulePkg: Add BdsDxe driver and PlatformBootManagerNull + library + + MdeModulePkg: Add UefiBootManagerLib + + MdePkg: Update the UEFI version to reflect new revision + + OvmfPkg: Use the new PCDs defined in MdePkg and MdeModulePkg + + MdePkg: Add UEFI2.5 bluetooth protocol/devicepath definition + + Add UEFI2.5 HASH protocol implementation + + MdeModulePkg: Add UEFI2.5 and PI1.4 PersistentMemory feature + + MdePkg: Add ESRT Interface Definitions + + Various fixes for Shell +- Drop ovmf-sle-11-gcc47.patch + + The NASM version in SLE11 is too old to build the newer ovmf +- Rename the ARM patches to make the legal-auto script happy + + ovmf-0001-ArmPlatformPkg-ArmVirtualizationPkg-enable-DEBUG_VER.patch + + ovmf-0002-ArmPlatformPkg-Bds-generate-ESP-Image-boot-option-if.patch + + ovmf-0003-ArmPlatformPkg-Bds-check-for-other-defaults-too-if-u.patch + + ovmf-0004-ArmPlatformPkg-ArmVirtualizationPkg-auto-detect-boot.patch + + ovmf-0005-ArmPlatformPkg-Bds-initialize-ConIn-ConOut-ErrOut-be.patch + + ovmf-0006-ArmPlatformPkg-Bds-let-FindCandidate-search-all-file.patch + + ovmf-0007-ArmPlatformPkg-Bds-FindCandidateOnHandle-log-full-de.patch + + ovmf-0008-ArmPlatformPkg-Bds-fall-back-to-Boot-Menu-when-no-de.patch + + ovmf-0009-ArmPlatformPkg-Bds-always-connect-drivers-before-loo.patch + + ovmf-0010-avoid-potentially-uninitialized-variable.diff + +------------------------------------------------------------------- +Thu Apr 23 03:33:36 UTC 2015 - glin@suse.com + +- Update ovmf-embed-default-keys.patch to embed the default dbx. + Also add the dbx list from the UEFI website and enable it in the + MS flavor. A script, strip_authinfo.pl, was added to strip the + AuthInfo headers from dbxupdate.bin since those are not necessary + in dbx. + +------------------------------------------------------------------- +Mon Apr 20 03:43:56 UTC 2015 - glin@suse.com + +- Update to R17187 + + Save initial TSVal from TCP connection initiation packets + + BaseTools/Ecc: Add ECC (EFI Code Checker) Binary into BaseTools + bin directory + + MdePkg: Add ESRT Interface Definitions + + OvmfPkg: XenConsoleSerialPortLib: deal with output overflow + + OvmfPkg: Q35: Use correct ACPI PM control register:bit + + PXE driver bug fix + + A failed PXEv6 after a success PXEv4 will cause ASSERT + + MdePkg: BaseSynchronizationLib: fix Increment/Decrement retvals + for ARM + + Updated Memory Error Record Per UEFI Specification 2.4a + + MdeModulePkg BootScriptExecutorDxe: Use ImageContext.ImageSize + to allocate memory for PE image to handle the case PE file + alignment is not same as PE section alignment. + + Fix GCC hang issue: Point should use directly assignment + instead of IP4_COPY_ADDRESS. + + SecurityPkg Variable: Update code in ProcessVariable () +- Update openssl to 0.9.8zf + +------------------------------------------------------------------- +Tue Mar 17 03:10:34 UTC 2015 - glin@suse.com + +- Update to R17055 + + OvmfPkg: include XHCI driver + + ArmVirtualizationPkg/ArmVirtualizationQemu: include XHCI driver + + ArmVirtualizationPkg: build UEFI shell from source + + SecurityPkg Variable: Allow the delete operation of common auth + variable at user physical presence + + Set network boot option to the default last priority + + MdeModulePkg: improve scalability of memory pools + + MdeModulePkg: use correct granularity when allocating pool + pages + +------------------------------------------------------------------- +Fri Mar 6 03:22:51 UTC 2015 - glin@suse.com + +- Update to R17007 + + ArmVirtualizationPkg: PlatformIntelBdsLib: lack of QEMU kernel + is no error + + Improve Xen support in Ovmf + + ArmVirtualizationPkg: PlatformIntelBdsLib: display TianoCore + logo + + ArmVirtualizationPkg/ArmVirtualizationQemu: add USB keyboard + input + + ArmVirtualizationPkg/ArmVirtualizationQemu: add VGA console + output + + ArmVirtualizationPkg/ArmVirtualizationQemu: enable PCI support + + OvmfPkg/QemuVideoDxe: enable ARM builds + + Improve ACPI support in Ovmf + + OvmfPkg/PlatformBdsLib: Signal ReadyToBoot before booting QEMU + kernel + + ArmPkg/ArmLib.h: Add CPU Affinity definitions + + OvmfPkg/SMBIOS: Provide default Type 0 (BIOS Information) + structure + + NetworkPkg: Code refine to avoid NULL pointer dereferenced + + DHCP6 bug fix + + BaseTools/GenFw: Set the PE/COFF attribute BaseOfData with the + address of the first '.data' section + + OvmfPkg: Update PlatformBaseDebugLibIoPort library + + Various fixes for shell +- Update ARM patches + +------------------------------------------------------------------- +Fri Feb 6 10:47:54 UTC 2015 - lnussel@suse.de + +- update to R16775 +- add RH patches for ARM + +------------------------------------------------------------------- +Tue Jan 6 07:51:52 UTC 2015 - glin@suse.com + +- Update to R16580 + + MdeModulePkg Variable: Implement VarCheck PROTOCOL and follow + UEFI spec to check UEFI defined variables + + ArmVirtualizationPkg: Intel BDS: load EFI-stubbed Linux kernel + from fw_cfg + + ArmVirtualizationPkg: identify "new shell" as builtin shell + for Intel BDS + + ArmVirtualizationPkg: PlatformIntelBdsLib: adhere to QEMU's + boot order + + OvmfPkg: QemuBootOrderLib: OFW-to-UEFI translation for + virtio-mmio + + OvmfPkg: QemuBootOrderLib: widen ParseUnitAddressHexList() to + UINT64 + + ArmVirtualizationPkg: VirtFdtDxe: use dedicated + VIRTIO_MMIO_TRANSPORT_GUID + + OvmfPkg: introduce VIRTIO_MMIO_TRANSPORT_GUID + + OvmfPkg: QemuBootOrderLib: featurize PCI-like device path + translation + + OvmfPkg: extract QemuBootOrderLib + + ArmVirtualizationPkg: PlatformIntelBdsLib: add basic policy + + ArmVirtualizationPkg: clone PlatformIntelBdsLib from + ArmPlatformPkg + + ArmVirtualizationPkg: introduce QemuFwCfgLib instance for DXE + drivers + + ArmVirtualizationPkg: VirtFdtDxe: forward FwCfg addresses from + DTB to PCDs + + MdeModulePkg/FvSimpleFileSystem:Fix a potential NULL + dereference issue + + Correct the Hash Calculation for Revoked X.509 Certificate to + align with RFC3280 and UEFI 2.4 Spec + + MdeModulePkg/FvSimpleFileSystem: Add a new module to provide + access to executable files in FVs + + OvmfPkg: enable IPv6 support + + Fix a bug that the gateway is not necessary in a simple PXE + network + + ArmPkg/BdsLib: Update the size of the Device Tree before + booting Linux + + ArmPkg/BdsLib: Rework TFTP boot + + MdePkg: UefiScsiLib: do not encode LUN in CDB for SCSI commands + + Correct the alignment calculation of PE/COFF attribute + certificate entry + + OvmfPkg: CsmSupportLib: depend on OvmfPkg.dec explicitly + + OvmfPkg: AcpiPlatformDxe: make dependency on PCI enumeration + explicit + + MdePkg/MdeModulePkg: Implement the missing + SetMemorySpaceCapabilities function + + Various fixes for shell +- Set the flag to enable IPv6 support +- Refresh ovmf-embed-default-keys.patch + +------------------------------------------------------------------- +Tue Nov 18 07:01:54 UTC 2014 - glin@suse.com + +- Update to R16398 + + OvmfPkg: PlatformBdsLib: Dynamic PCI Interrupt Line register + setup + + SecurityPkg: VariableServiceSetVariable(): fix dbt <-> GUID + association + + CryptoPkg: OpenSslSupport.h: edk2-ize offsetof() macro for + gcc-4.8 / X64 + + CryptoPkg: TimestampTokenVerify(): fix gcc-4.8 / Ia32 build + failure + + UEFI 2.4 X509 Certificate Hash and RFC3161 Timestamp + Verification support for Secure Boot + + OvmfPkg: PlatformBdsLib: Platform dependent + PCI/IRQ initialization + + OvmfPkg: AcpiTimerLib: Split into multiple phase-specific + instances + + OvmfPkg: PlatformPei: Platform specific ACPI power management + setup + + OvmfPkg: Factor out platform detection (q35 vs. piix4) + + UefiCpuPkg/CpuDxe: install Mp Service protocol + + UefiCpuPkg/CpuDxe: introduce EFI_MP_SERVICES_PROTOCOL + + ArmPkg/ArmGicLib: select GICv2 mode if SRE is present but + unavailable + + OvmfPkg/XenPvBlkDxe: Don't include system inttypes.h + + ArmPlatformPkg: fix undefined reference to memcpy + + CryptoPkg Updates to support RFC3161 timestamp signature + verification + + MdeModulePkg DxeCore/PiSmmCore: Add UEFI memory and SMRAM + profile support + +------------------------------------------------------------------- +Tue Nov 11 08:15:31 UTC 2014 - glin@suse.com + +- Update to R16329 + + ArmPkg/ArmArchTimerLib: Promotes 32bit value to prevent + overflow + + ArmPkg/CompilerIntrinsicesLib: Fixed memmove() and memset() + + ArmPkg: Ensured the stack is always quad-word aligned + + ArmPlatformPkg: Increase more ARM address Pcd entries to 64-bit + + Fix execution status & DEBUG message level mismatch + + OvmfPkg: set video resolution of text setup to 640x480 + + OvmfPkg: BDS: drop custom boot timeout, revert to + IntelFrameworkModulePkg's + + OvmfPkg: BDS: drop superfluous "connect first boot option" + logic + + OvmfPkg: BDS: optimize second argument in + PlatformBdsEnterFrontPage() call + + OvmfPkg: BDS: don't overwrite the BDS Front Page timeout + + OvmfPkg: BDS: drop useless return statement + + OvmfPkg: BDS: remove dead call to PlatformBdsEnterFrontPage() + + BaseTools/GenFw: Fixed R_AARCH64_CALL26/R_AARCH64_JUMP26 when + referring to start of a section + + Various fixes for ShellPkg + + Convert the assembly code in OVMF to NASM + + MdeModulePkg/SecurityPkg Variable: Add boundary check for + while (IsValidVariableHeader (Variable)) + + Add Xen support for OVMF + + OvmfPkg: Add the MIT license to License.txt + + ArmPkg/ArmLib: Removed duplicated invalidate TLB function + + ArmPlatformPkg/ArmShellCmdRunAxf: Added 'runaxf' cmd to shell +- Amend the spec file to use the system gcc version as the tool + chain tag + +------------------------------------------------------------------- +Wed Oct 22 10:13:08 UTC 2014 - glin@suse.com + +- Update to R16226 + + ArmVirtualizationPkg: FdtPL011SerialPortLib: support + UEFI_APPLICATION + + ArmPlatformPkg/ArmVirtualizationPkg: Added support for Intel + BDS + + ArmPkg/ArmLib/AArch64: Initialize the new N+1-level page table + before registering it + + ArmPkg/UncachedMemoryAllocationLib: Track uncached memory + allocations + + ArmPkg/ArmPsciResetSystemLib: Made the library only using SMC + + ArmPlatformPkg/Bds: Reduce boot device entries + + Various fixes for ShellPkg + + OvmfPkg: disable stale fork of SecureBootConfigDxe +- Drop upstreamed ovmf-use-generic-sb-config.patch + +------------------------------------------------------------------- +Wed Oct 1 02:37:34 UTC 2014 - glin@suse.com + +- Update to R16190 + + OvmfPkg: AcpiPlatformDxe: implement QEMU's full ACPI table + loader interface + + OvmfPkg: AcpiPlatformDxe: actualize QemuLoader.h comments + + OvmfPkg: resolve OrderedCollectionLib with base red-black tree + instance + + Fix X64 native function call prolog + + Add ArmVirtualizationQemu platform + + Various fixes for ShellPkg +- Enable AArch32 and AArch64 QEMU rom images +- Drop the rom images for Foundation Model +- Drop upstreamed ovmf-correct-debug-path.patch +- Drop upstreamed edk2-basetools-aarch64.patch + +------------------------------------------------------------------- +Tue Sep 16 07:33:48 UTC 2014 - glin@suse.com + +- Update to R16106 + + OvmfPkg: resolve BcfgCommandLib class for + ShellPkg/.../Shell.inf + + OvmfPkg: AcpiTimerLib: Access power mgmt regs based on host + bridge type + + OvmfPkg: QemuVideoDxe: work around misreported QXL framebuffer + size + + OvmfPkg: Build OVMF ResetVector during EDK II build process + + Update openssl to 0.9.8zb + + Replace GAS Thunk16 with NASM version + + Various fixes for ShellPkg +- Add ovmf-*-code.bin and ovmf-*-vars.bin for the better flash + mode support +- Refresh edk2-basetools-aarch64.patch + +------------------------------------------------------------------- +Thu Aug 21 11:23:11 UTC 2014 - lnussel@suse.de + +- also build a firmware with the openSUSE 4096 bit CA embedded + +------------------------------------------------------------------- +Thu Aug 14 09:06:28 UTC 2014 - glin@suse.com + +- Amend the spec file to package the debug files and update README + for the source level debugging +- Add gdb_uefi.py.in: the helper script to load the debug symbols +- Update to R15801 + + OvmfPkg/build.sh: Support IA32+X64 build + + OvmfPkg/build.sh: Add support for GCC49 toolchain + + Add ACPI5.1 header file + + BaseTools: various fixes and add support for GCC49 + + OvmfPkg: build OVMF_VARS.fd, OVMF_CODE.fd, OVMF.fd + + OvmfPkg: extract varstore-related FD Layout Regions to an + include file + + StdLib: various fixes and code cleanup + + Fix segfault while the pointers passed to WaitForEvent() are + NULL + + Update openssl to 0.9.8za + + Correct the default value for date opcode + + XhciPei/UsbBusPei: Add XHCI recovery support + + Fix a bug in IP4 driver when computing the network broadcast + adress + + Fix the potential address overflow issue when checking PE + signature + + OvmfPkg: add missing braces to aggregate and/or union + initializers + + OvmfPkg: AcpiPlatformDxe: don't rely on unstable QEMU interface + + OvmfPkg: AcpiPlatformDxe: exclude RSD PTR from QEMU's fw_cfg + payload + + OvmfPkg: AcpiPlatformDxe: pass FwCfgFile to + InstallQemuLinkedTables() + + OvmgPkg: QemuFwCfgLib: export QEMU_FW_CFG_FNAME_SIZE + + Initialize the PCI device path earlier to avoid the possible + crash + + Create boot option for all block IO devices + + ShellPkg: various fixes +- Refresh OVMF-correct-debug-path.patch + +------------------------------------------------------------------- +Wed Aug 13 09:32:33 UTC 2014 - glin@suse.com + +- Rename filenames to match the package name + +------------------------------------------------------------------- +Wed May 28 09:13:09 UTC 2014 - glin@suse.com + +- Update to R15547 + + Fix memory corruption after S3 + + QemuVideoDxe: Int10h stub for Windows 7 & 2008 (stdvga, QXL) + + Add QEMU support to OVMF SMBIOS driver + +------------------------------------------------------------------- +Thu Apr 3 07:18:06 UTC 2014 - glin@suse.com + +- Update to R15426 + + AcpiPlatformDxe: download ACPI tables from QEMU + + PlatformDxe: set preferred video resolution from platform + config + + QemuBootOrder: don't leak unreferenced boot options + + Support S3 suspend + + Bug fixes for QemuVideoDxe + prefered resolution + + Various fixes for ShellPkg +- Refresh OVMF-use-generic-sb-config.patch + +------------------------------------------------------------------- +Tue Feb 18 09:57:47 UTC 2014 - glin@suse.com + +- Update to R15245 + + OvmfPkg: Reorganize the memory layout + + OvmfPkg: unify PcdMaxVariableSize at 0x2000 bytes + + Fix bug that PXEv4 boot fail if PXEv6 is performed firstly + + Update PXE driver to support PXE forced mode + + OvmfPkg: QemuFwCfgLib: implement for SEC + + OvmfPkg: VirtioBlkInit(): expose virtio-blk topology in BlockIo + + OvmfPkg: QemuFlashFvbServicesRuntimeDxe: fix out-of-LBA write + access + + OvmfPkg/QemuVideoDxe: child handles should have open parent + protocol BY_CHILD_CONTROLLER + + UefiCpuPkg: S3Resume2Pei: align return stacks explicitly + + Virtio drivers: fix incorrect casts in init functions + + Use the new VIRTIO_DEVICE_PROTOCOL protocol + + Various fixes for ShellPkg + + Support Xen better + + Fixed the system hang on VM with >2GB RAM + + Fix a bug in Fat driver that it asserts when + OpenEx/ReadEx/WriteEx is about to return failure + + Updated OvmfPkg to use suitable CPU Exception Handler Library + instances + + Updated CPU Exception Handler Library + + Add Reserve Interrupt and Exception Vectors definition defined + in PI 1.2.1. + + QemuVideoDxe: don't leak descriptors returned by + GetBarAttributes +- Add OVMF-correct-debug-path.patch to correct the path to the + debug symbols +- Enable AArch64 UEFI image build against Foundation Model +- Drop OVMF-more-gcc-def.patch: just use the flags for gcc 4.7 + +------------------------------------------------------------------- +Mon Nov 18 06:48:11 UTC 2013 - glin@suse.com + +- Update to R14854 + + Support --enable-flash switch + + Use rsp instead of esp to save 64-bit stack pointer + + Fix the bug that SetTimer () cannot work when Type is + TimerPeriodic and TriggerTime is 0 + + Several Virtio fixes + + emulated NV storage must be EfiRuntimeServicesData + + Fix a bug about the iSCSI DHCP dependency issue + + correctly align emulated NV storage + + Update ATA drivers to follow UEFI2.4 new request + + Restore the correct cursor status after finish creating the + dialog + + Fix display engine driver paint some menu error + + Fix a bug about the “VendorKey” variable update logic + + Several fixes for shell commands + + Fix spelling typo in the NIC_IP4_CONFIG_INFO.Permanent variable + name + + Added VirtIo Subsystem IDs + + Add the definition for Timestamp Protocol and a new driver + base on TimerLib to produce Timestamp protocol + + Fix modal form display error + + Fix form flash issue + + Fix the BdsExpandPartitionPartialDevicePathToFull() hang issue +- Update README about the flash mode support + +------------------------------------------------------------------- +Wed Sep 25 06:06:50 UTC 2013 - glin@suse.com + +- Update to R14721 + + Fix EFI handover flag + + Build early pagetable for the machines without EPT + + Enable caching in initial page tables + + Fix pool allocation in shell + + Improve QemuBootOrder +- Drop upstreamed OVMF-build-early-pagetable.patch + +------------------------------------------------------------------- +Fri Sep 6 08:58:31 UTC 2013 - glin@suse.com + +- Strip CR from the license files +- Update README + +------------------------------------------------------------------- +Thu Sep 5 02:59:08 UTC 2013 - glin@suse.com + +- Rename the package name from OVMF to ovmf +- Update to R14609 + + Fixes for virtio disk + + Build the new shell by default + + Fix EFI memory mapping in Linux loader + + Add gcc47 definition +- Refresh OVMF-more-gcc-def.patch and OVMF-sle-11-gcc47.patch +- Add OVMF-build-early-pagetable.patch to fix the black screen + issue on the CPU without EPT support +- Drop upstreamed OVMF-fix-shell-warning.patch +- Drop patches and use the build parameters instead: + OVMF-enable-secure-boot.patch and OVMF-add-ovmf-targets.patch +- Install license files +- Add _service to checkout the source code from svn + +------------------------------------------------------------------- +Thu Aug 29 09:10:56 UTC 2013 - lnussel@suse.de + +- when built in devel project also create a firmware variant that + includes the devel project key +- include new 2048 bit openSUSE keys + +------------------------------------------------------------------- +Tue Aug 27 10:26:51 UTC 2013 - glin@suse.com + +- Add OVMF-sle-11-gcc47.patch for SLE-11-SP3 +- Clean up the spec file +- Only embed keys in the x86_64 roms since openSUSE/SUSE and + Microsoft only support secure boot on x86_64 machines + +------------------------------------------------------------------- +Mon Aug 26 08:11:18 UTC 2013 - glin@suse.com + +- Package OVMF roms in qemu-ovmf-* +- Rename patches + + 0001-OVMF-Enable-secure-boot-and-expand-X64-rom-size.patch to + OVMF-enable-secure-boot.patch + + 0002-edk-targets-for-x86_64.patch to + OVMF-add-ovmf-targets.patch (also enable IA32) +- Merge 0004-add-GCC47-definition-one-removal-of-melf_x86_64.patch + and OVMF-gcc48-definition.patch into OVMF-more-gcc-def.patch +- Drop 0003-edk2-add-readme.patch and maintain README outside the + tarball +- Drop 0005-edk-image-size.patch +- Drop 0006-edk-add-shell.efi-target.patch since we don't build + shell.efi anymore + +------------------------------------------------------------------- +Thu Aug 22 10:13:47 UTC 2013 - glin@suse.com + +- Update to R14547 +- Drop upstreamed OVMF-fix-shell-warning.patch + +------------------------------------------------------------------- +Mon Jul 15 09:09:22 UTC 2013 - glin@suse.com + +- Update to R14466 +- Add OVMF-fix-shell-warning.patch to fix a compilation warning in + shell +- Drop upstreamed OVMF-adjust-variable-size.patch and + OVMF-convert-virtual-address.patch + +------------------------------------------------------------------- +Mon Jul 8 09:54:40 UTC 2013 - glin@suse.com + +- Add OVMF-gcc48-definition.patch for gcc 4.8 + +------------------------------------------------------------------- +Mon Jun 10 08:35:18 UTC 2013 - glin@suse.com + +- Add OVMF-convert-virtual-address.patch to convert + mLockedVariableList to virtual address to fix crash when updating + variables in Runtime + +------------------------------------------------------------------- +Wed Jun 5 09:56:49 UTC 2013 - glin@suse.com + +- Update to R14395 +- Add OVMF-use-generic-sb-config.patch to use the generic secure + boot config menu +- Drop OVMF-multi-signatures.patch + +------------------------------------------------------------------- +Wed May 29 03:39:56 UTC 2013 - glin@suse.com + +- Update to R14387 +- Add OVMF-adjust-variable-size.patch to adjust the default maximum + variable size to avoid crash +- Remove upstreamed OVMF-new-shell-error-string.patch +- Disable OVMF-multi-signatures.patch +- Build the image with openSUSE keys + +------------------------------------------------------------------- +Tue May 14 07:59:13 UTC 2013 - glin@suse.com + +- Refresh OVMF-embed-default-keys.patch to fix a bug that causd the + enrolled keys overwritten by the default keys after system reset. +- Add OVMF-new-shell-error-string.patch to add newer error status + strings +- Enable the new shell + +------------------------------------------------------------------- +Fri May 10 04:09:19 UTC 2013 - glin@suse.com + +- Add OVMF-embed-default-keys.patch to embed keys at build time +- Build images with SUSE and MS keys + +------------------------------------------------------------------- +Fri Mar 22 02:58:23 UTC 2013 - glin@suse.com + +- Add OVMF-multi-signatures.patch (R14141) +- New package OVMF based on James Bottomley's OVMF package (R14071) diff --git a/ovmf.spec b/ovmf.spec new file mode 100644 index 0000000..6ba4d09 --- /dev/null +++ b/ovmf.spec @@ -0,0 +1,680 @@ +# +# spec file for package ovmf +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# +# needssslcertforbuild + + +%undefine _build_create_debug +%global openssl_version 1.1.1t +%global softfloat_version b64af41c3276f +%if 0%{?suse_version} < 1599 +%bcond_with build_riscv64 +%else +%bcond_without build_riscv64 +%endif + +Name: ovmf +Version: 202305 +Release: 0 +Summary: Open Virtual Machine Firmware +License: BSD-2-Clause-Patent +Group: System/Emulators/PC +URL: https://github.com/tianocore/edk2 +Source0: edk2-edk2-stable%{version}.tar.gz +Source1: https://www.openssl.org/source/old/1.1.1/openssl-%{openssl_version}.tar.gz +Source111: https://www.openssl.org/source/old/1.1.1/openssl-%{openssl_version}.tar.gz.asc +Source112: openssl.keyring +Source113: openssl.keyring.README +Source2: README +Source3: SLES-UEFI-CA-Certificate-2048.crt +Source4: openSUSE-UEFI-CA-Certificate-2048.crt +Source5: openSUSE-UEFI-SIGN-Certificate-2048.crt +# berkeley-softfloat-3: https://github.com/ucb-bar/berkeley-softfloat-3 +Source6: berkeley-softfloat-3-%{softfloat_version}.tar.xz +Source7: descriptors.tar.xz +# oniguruma: https://github.com/kkos/oniguruma, "src" directory only +Source8: oniguruma-v6.9.4_mark1-src.tar.xz +# public-mipi-sys-t: https://github.com/MIPI-Alliance/public-mipi-sys-t +Source9: public-mipi-sys-t-1.1-edk2.tar.gz +Source100: %{name}-rpmlintrc +Source101: gdb_uefi.py.in +Source102: gen-key-enrollment-iso.sh +Source103: ovmf-build-funcs.sh +Patch1: %{name}-gdb-symbols.patch +Patch2: %{name}-pie.patch +Patch3: %{name}-disable-ia32-firmware-piepic.patch +Patch4: %{name}-set-fixed-enroll-time.patch +Patch5: %{name}-disable-brotli.patch +Patch6: %{name}-ignore-spurious-GCC-12-warning.patch +# Bug 1205978 - Got Page-Fault exception when VM is booting with edk2-stable202211 ovmf +Patch7: %{name}-Revert-OvmfPkg-PlatformInitLib-dynamic-mmio-window-s.patch +# Bug 1207095 - ASSERT [ArmCpuDxe] /home/abuild/rpmbuild/BUILD/edk2-edk2-stable202211/ArmPkg/Library/DefaultExceptionHandlerLib/AArch64/DefaultExceptionHandler.c(333): ((BOOLEAN)(0==1)) +Patch8: %{name}-Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch +# Bug 1205613 - L3: win 2k22 UEFI xen VMs cannot boot in xen after upgrade +Patch9: %{name}-Revert-OvmfPkg-OvmfXen-Set-PcdFSBClock.patch +# Bug 1209266 - OVMF firmware hangs when booting SEV or SEV-ES guest +Patch10: %{name}-Revert-OvmfPkg-PlatformPei-Update-ReserveEmuVariable.patch +Patch11: ovmf-riscv64-missing-memcpy.patch +BuildRequires: bc +BuildRequires: cross-arm-binutils +BuildRequires: cross-arm-gcc%{gcc_version} +BuildRequires: dosfstools +BuildRequires: fdupes +BuildRequires: gcc +BuildRequires: gcc-c++ +BuildRequires: iasl +BuildRequires: libuuid-devel +BuildRequires: mkisofs +BuildRequires: mtools +BuildRequires: nasm +BuildRequires: openssl +BuildRequires: python3 +BuildRequires: qemu-arm >= 3.0.0 +BuildRequires: qemu-ipxe +BuildRequires: qemu-x86 >= 3.0.0 +BuildRequires: unzip +%ifnarch aarch64 +BuildRequires: cross-aarch64-binutils +BuildRequires: cross-aarch64-gcc%{gcc_version} +%endif +%ifnarch x86_64 +BuildRequires: cross-x86_64-binutils +BuildRequires: cross-x86_64-gcc%{gcc_version} +%endif +%ifnarch riscv64 +%if %{with build_riscv64} +BuildRequires: cross-riscv64-binutils +BuildRequires: cross-riscv64-gcc%{gcc_version} +%endif +%endif +# Only build on the architectures with +# 1. cross-compilers, 2. iasl, 3. qemu-arm and qemu-x86 +ExclusiveArch: x86_64 aarch64 riscv64 + +%description +The Open Virtual Machine Firmware (OVMF) project aims to support +firmware for Virtual Machines using the edk2 code base. + +%package tools +Summary: The BaseTools from edk2 +Group: System/Emulators/PC + +%description tools +The Open Virtual Machine Firmware (OVMF) project aims to support +firmware for Virtual Machines using the edk2 code base. + +This package contains the tools from edk2. + +%package -n qemu-ovmf-ia32 +Summary: Open Virtual Machine Firmware - QEMU rom images (IA32) +Group: System/Emulators/PC +Requires: qemu +BuildArch: noarch + +%description -n qemu-ovmf-ia32 +The Open Virtual Machine Firmware (OVMF) project aims to support +firmware for Virtual Machines using the edk2 code base. + +This package contains UEFI rom images for exercising UEFI secure +boot in a qemu environment (IA32) + +%package -n qemu-ovmf-x86_64 +Summary: Open Virtual Machine Firmware - QEMU rom images (x86_64) +Group: System/Emulators/PC +Requires: qemu +BuildArch: noarch + +%description -n qemu-ovmf-x86_64 +The Open Virtual Machine Firmware (OVMF) project aims to support +firmware for Virtual Machines using the edk2 code base. + +This package contains UEFI rom images for exercising UEFI secure +boot in a qemu environment (x86_64) + +%ifarch x86_64 +%package -n qemu-ovmf-x86_64-debug +Summary: Open Virtual Machine Firmware - debug symbols (x86_64) +Group: Development/Sources +Requires: qemu + +%description -n qemu-ovmf-x86_64-debug +The Open Virtual Machine Firmware (OVMF) project aims to support +firmware for Virtual Machines using the edk2 code base. + +This package contains the debug symbols for UEFI rom images (x86_64) +%endif + +%package -n qemu-uefi-aarch64 +Summary: UEFI QEMU rom image (AArch64) +Group: System/Emulators/PC +BuildArch: noarch + +%description -n qemu-uefi-aarch64 +This package contains the UEFI rom image (AArch64) for QEMU cortex-a57 +virt board. + +%package -n qemu-uefi-aarch32 +Summary: UEFI QEMU rom image (AArch32) +Group: System/Emulators/PC +BuildArch: noarch + +%description -n qemu-uefi-aarch32 +This package contains the UEFI rom image (AArch32) for QEMU cortex-a15 +virt board. + +%if %{with build_riscv64} +%package -n qemu-uefi-riscv64 +Summary: UEFI QEMU rom image (RISC-V 64) +Group: System/Emulators/PC +BuildArch: noarch + +%description -n qemu-uefi-riscv64 +This package contains the UEFI rom image (RISC-V 64) for QEMU +virt board. +%endif + +%prep +%setup -q -n edk2-edk2-stable%{version} + +# bsc#973038 Remove the packages we don't need to avoid any potential +# license issue. +PKG_TO_REMOVE="EmulatorPkg" +rm -rf $PKG_TO_REMOVE + +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 + +# add openssl +pushd CryptoPkg/Library/OpensslLib/openssl +tar -xf %{SOURCE1} --strip 1 +popd + +# add berkeley-softfloat-3 +pushd ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3 +tar -xf %{SOURCE6} --strip 1 +popd + +# prepare the firmware descriptors for qemu +tar -xf %{SOURCE7} + +# add oniguruma +pushd MdeModulePkg/Universal/RegularExpressionDxe/oniguruma +tar -xf %{SOURCE8} --strip 1 +popd + +# add public-mipi-sys-t +pushd MdePkg/Library/MipiSysTLib/mipisyst +tar -xf %{SOURCE9} --strip 1 +popd + +chmod +x %{SOURCE102} + +%build + +# Enable python3 build +export PYTHON3_ENABLE=TRUE +export PYTHON_COMMAND=python3 + +# For some reason ARM still uses TPM2_CONFIG_ENABLE +OVMF_FLAGS=" \ + -D SECURE_BOOT_ENABLE \ + -D TPM2_ENABLE \ + -D TPM2_CONFIG_ENABLE \ + -D NETWORK_IP6_ENABLE \ + -D NETWORK_HTTP_BOOT_ENABLE \ +" + +%if 0%{?suse_version} > 1320 +TOOL_CHAIN=GCC5 +%else +echo `gcc -dumpversion` +TOOL_CHAIN=GCC$(gcc -dumpversion|sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/') +%endif + +# Flavors for x86 +FLAVORS_X86=("ovmf-ia32") +BUILD_OPTIONS_X86=" \ + $OVMF_FLAGS \ + -D FD_SIZE_2MB \ + -a IA32 \ + -p OvmfPkg/OvmfPkgIa32.dsc \ + -b DEBUG \ + -t $TOOL_CHAIN \ +" + +# Flavors for x86_64: 2MB, 4MB, and 4MB+SMM +FLAVORS_X64=("ovmf-x86_64" "ovmf-x86_64-4m" "ovmf-x86_64-smm") +BUILD_OPTIONS_X64=" \ + $OVMF_FLAGS \ + -a X64 \ + -b DEBUG \ + -t $TOOL_CHAIN \ +" + +# Flavors for aarch64 +FLAVORS_AA64=("aavmf-aarch64") +BUILD_OPTIONS_AA64=" \ + $OVMF_FLAGS \ + -D NETWORK_TLS_ENABLE \ + -a AARCH64 \ + -p ArmVirtPkg/ArmVirtQemu.dsc \ + -b DEBUG \ + -t $TOOL_CHAIN \ +" + +# Flavors for arm +FLAVORS_AA32=("aavmf-aarch32") +BUILD_OPTIONS_AA32=" \ + -a ARM \ + -p ArmVirtPkg/ArmVirtQemu.dsc \ + -b DEBUG \ + -t $TOOL_CHAIN \ +" +%if %{with build_riscv64} +# Flavors for riscv +FLAVORS_RV64=("riscv") +BUILD_OPTIONS_RV64=" \ + $OVMF_FLAGS \ + -a RISCV64 \ + -p OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc \ + -b DEBUG \ + -t $TOOL_CHAIN \ +" +%endif + +# Build BaseTools +%ifarch x86_64 + make -C BaseTools +%endif +%ifarch aarch64 + ARCH=AARCH64 make -C BaseTools +%endif +%ifarch riscv64 + ARCH=RISCV64 make -C BaseTools +%endif + +# Import the build functions +source %{SOURCE103} +source ./edksetup.sh + +### Build x86 UEFI Images ### +%ifnarch %{ix86} x86_64 +# Assign the cross-compiler prefix +export ${TOOL_CHAIN}_BIN="x86_64-suse-linux-" +%endif +build $BUILD_OPTIONS_X86 + +cp Build/OvmfIa32/DEBUG_*/FV/OVMF.fd ovmf-ia32.bin +cp Build/OvmfIa32/DEBUG_*/FV/OVMF_CODE.fd ovmf-ia32-code.bin +cp Build/OvmfIa32/DEBUG_*/FV/OVMF_VARS.fd ovmf-ia32-vars.bin + +# Remove the temporary build files to reduce the disk usage (bsc#1178244) +rm -rf Build/OvmfIa32/ + +### Build x86_64 UEFI Images ### +%ifarch x86_64 +collect_x86_64_debug_files() +{ + local target="$1" + local out_dir="debug/$target" + local abs_path="`pwd`/$out_dir/" + local source_path="`pwd`" + local gdb_src_path="%{_prefix}/src/debug/ovmf-x86_64" + + # copy the debug symbols + mkdir -p $out_dir + pushd Build/OvmfX64/DEBUG_GCC*/X64/ + find . -mindepth 2 -type f -name "*.debug" -print0 | sort -z | xargs -i -0 cp --parents -a {} $abs_path + cp --parents -a DebugPkg/GdbSyms/GdbSyms/DEBUG/GdbSyms.dll $abs_path + build_path=`pwd` + popd + + # Change the path in the python gdb script + sed "s:__BUILD_PATH__:$build_path:;s:__SOURCE_PATH__:$source_path:;s:__GDB_SRC_PATH__:$gdb_src_path:;s/__FLAVOR__/$target/" \ + %{SOURCE101} > gdb_uefi-$target.py +} +%endif + +declare -A EXTRA_FLAGS_X64 +EXTRA_FLAGS_X64=( + [ovmf-x86_64]="-p OvmfPkg/OvmfPkgX64.dsc -D FD_SIZE_2MB -D BUILD_SHELL=FALSE" + [ovmf-x86_64-4m]="-p OvmfPkg/OvmfPkgX64.dsc -D FD_SIZE_4MB -D NETWORK_TLS_ENABLE" + [ovmf-x86_64-smm]="-a IA32 -p OvmfPkg/OvmfPkgIa32X64.dsc -D FD_SIZE_4MB -D NETWORK_TLS_ENABLE -D SMM_REQUIRE -D BUILD_SHELL=FALSE" +) +declare -A OUTDIR_X64 +OUTDIR_X64=( + [ovmf-x86_64]="OvmfX64" + [ovmf-x86_64-4m]="OvmfX64" + [ovmf-x86_64-smm]="Ovmf3264" +) + +%ifnarch x86_64 +# Assign the cross-compiler prefix +export ${TOOL_CHAIN}_BIN="x86_64-suse-linux-" +%endif +for flavor in ${FLAVORS_X64[@]}; do + build $BUILD_OPTIONS_X64 ${EXTRA_FLAGS_X64[$flavor]} + cp Build/${OUTDIR_X64[$flavor]}/DEBUG_*/FV/OVMF.fd $flavor.bin + cp Build/${OUTDIR_X64[$flavor]}/DEBUG_*/FV/OVMF_CODE.fd $flavor-code.bin + cp Build/${OUTDIR_X64[$flavor]}/DEBUG_*/FV/OVMF_VARS.fd $flavor-vars.bin + +%ifarch x86_64 + collect_x86_64_debug_files $flavor +%endif +done + +# Copy Shell.efi and EnrollDefaultKeys.efi +mkdir X64 +cp Build/OvmfX64/DEBUG_*/X64/Shell.efi X64 +cp Build/OvmfX64/DEBUG_*/X64/EnrollDefaultKeys.efi X64 + +%ifarch x86_64 +# Collect the source +mkdir -p source/ovmf-x86_64 +# TODO get the source list from debug files +src_list=`find Build/OvmfX64/DEBUG_GCC*/X64/ -mindepth 1 -maxdepth 1 -type d -print0 | sort -z | xargs -0 -i basename {}` +find $src_list \( -name "*.c" -o -name "*.h" \) -type f -print0 | sort -z | xargs -0 -i cp --parents -a {} source/ovmf-x86_64 +find source/ovmf-x86_64 -name *.c -type f -exec chmod 0644 {} \; +%endif + +# The extra Xen flavor for x86_64 +BUILD_OPTION_X64_XEN=" \ + -p OvmfPkg/OvmfXen.dsc \ + -a X64 \ + -b DEBUG \ + -t $TOOL_CHAIN \ +" +# Build the 2MB Xen flavor +build $BUILD_OPTION_X64_XEN -D FD_SIZE_2MB +cp Build/OvmfXen/DEBUG_*/FV/OVMF.fd ovmf-x86_64-xen.bin +# Build the 4MB Xen flavor +build $BUILD_OPTION_X64_XEN -D FD_SIZE_4MB +cp Build/OvmfXen/DEBUG_*/FV/OVMF.fd ovmf-x86_64-xen-4m.bin + +# Remove the temporary build files to reduce the disk usage (bsc#1178244) +rm -rf Build/OvmfX64/ Build/Ovmf3264/ Build/OvmfXen/ + +# Build with keys done later (shared between archs) + +### Build AARCH64 UEFI Images ### +%ifnarch aarch64 +# Assign the cross-compiler prefix +export ${TOOL_CHAIN}_AARCH64_PREFIX="aarch64-suse-linux-" +%endif +# Build the UEFI image without keys +build $BUILD_OPTIONS_AA64 + +cp Build/ArmVirtQemu-AARCH64/DEBUG_GCC*/FV/QEMU_EFI.fd qemu-uefi-aarch64.bin +dd of="aavmf-aarch64-code.bin" if="/dev/zero" bs=1M count=64 +dd of="aavmf-aarch64-code.bin" if="qemu-uefi-aarch64.bin" conv=notrunc +dd of="aavmf-aarch64-vars.bin" if="/dev/zero" bs=1M count=64 + +# Copy Shell.efi and EnrollDefaultKeys.efi +mkdir AARCH64 +cp Build/ArmVirtQemu-AARCH64/DEBUG_*/AARCH64/Shell.efi AARCH64 +cp Build/ArmVirtQemu-AARCH64/DEBUG_*/AARCH64/EnrollDefaultKeys.efi AARCH64 + +# Remove the temporary build files to reduce the disk usage (bsc#1178244) +rm -rf Build/ArmVirtQemu-AARCH64/ + +# Build with keys done later (shared between archs) + +### Build AARCH32 UEFI Images ### +%ifnarch armv7hl +# Assign the cross-compiler prefix +export ${TOOL_CHAIN}_ARM_PREFIX="arm-suse-linux-gnueabi-" +%endif +# Build the UEFI image +build $BUILD_OPTIONS_AA32 + +cp Build/ArmVirtQemu-ARM/DEBUG_GCC*/FV/QEMU_EFI.fd qemu-uefi-aarch32.bin +dd of="aavmf-aarch32-code.bin" if="/dev/zero" bs=1M count=64 +dd of="aavmf-aarch32-code.bin" if="qemu-uefi-aarch32.bin" conv=notrunc +dd of="aavmf-aarch32-vars.bin" if="/dev/zero" bs=1M count=64 + +# Remove the temporary build files to reduce the disk usage (bsc#1178244) +rm -rf Build/ArmVirtQemu-ARM/ + +### Build RISCV64 UEFI Images ### +%if %{with build_riscv64} +%ifnarch riscv64 +# Assign the cross-compiler prefix +export ${TOOL_CHAIN}_RISCV64_PREFIX="riscv64-suse-linux-" +%endif +# Build the UEFI image without keys +build $BUILD_OPTIONS_RV64 + +cp Build/RiscVVirtQemu/DEBUG_GCC*/FV/RISCV_VIRT.fd qemu-uefi-riscv64.bin +dd of="ovmf-riscv64-code.bin" if="/dev/zero" bs=1M count=32 +dd of="ovmf-riscv64-code.bin" if="qemu-uefi-riscv64.bin" conv=notrunc +dd of="ovmf-riscv64-vars.bin" if="/dev/zero" bs=1M count=32 + +# Remove the temporary build files to reduce the disk usage (bsc#1178244) +rm -rf Build/RiscVVirtQemu/ + +%endif + +### Build the variable store templates ### + +# Default key sources: ms suse opensuse +KEY_SOURCES=(ms suse opensuse) +# Add 'devel' if necessary +if [ -e %{_sourcedir}/_projectcert.crt ]; then + prjissuer=$(openssl x509 -in %{_sourcedir}/_projectcert.crt -noout -issuer_hash) + opensusesubject=$(openssl x509 -in %{SOURCE4} -noout -subject_hash) + slessubject=$(openssl x509 -in %{SOURCE3} -noout -subject_hash) + if [ "$prjissuer" != "$opensusesubject" -a "$prjissuer" != "$slessubject" ]; then + KEY_SOURCES+=(devel) + fi +fi + +# Assign the default PK/KEK +declare -A PKKEK +PKKEK=( + [ms]=%{SOURCE3} + [suse]=%{SOURCE3} + [opensuse]=%{SOURCE4} + [devel]=%{_sourcedir}/_projectcert.crt +) + +generate_sb_var_templates() +{ + local ARCH=$1 + + # Assign the key iso file + local MS_ISO_FILE=ms-keys-${ARCH}.iso + local NOMS_ISO_FILE=no-ms-keys-${ARCH}.iso + declare -A KEY_ISO_FILES + KEY_ISO_FILES=( + [ms]=$MS_ISO_FILE + [suse]=$NOMS_ISO_FILE + [opensuse]=$NOMS_ISO_FILE + [devel]=$NOMS_ISO_FILE + ) + + # Create the iso images + local GEN_ISO=%{SOURCE102} + local SHELL=${ARCH}/Shell.efi + local ENROLLER=${ARCH}/EnrollDefaultKeys.efi + $GEN_ISO $ARCH $SHELL $ENROLLER default $MS_ISO_FILE + $GEN_ISO $ARCH $SHELL $ENROLLER no-default $NOMS_ISO_FILE + + # We only build the variable templates for X64 and AARCH64 + if [ "$ARCH" == "X64" ]; then + FLAVORS=${FLAVORS_X64[@]} + elif [ "$ARCH" == "AARCH64" ]; then + FLAVORS=${FLAVORS_AA64[@]} + fi + + # Generate the varstore templates + for flavor in ${FLAVORS[@]}; do + for key in ${KEY_SOURCES[@]}; do + build_template "$ARCH" "$flavor" "$key" \ + "${PKKEK[$key]}" "${KEY_ISO_FILES[$key]}" \ + "separate" + done + done + + if [ "$ARCH" == "X64" ]; then + # Generate the unified firmware with preloaded keys for + # backward compatibility. (bsc#1159793) + for flavor in ${FLAVORS[@]}; do + for key in ${KEY_SOURCES[@]}; do + build_template "$ARCH" "$flavor" "$key" \ + "${PKKEK[$key]}" "${KEY_ISO_FILES[$key]}" \ + "unified" + done + done + fi +} + +# Generate the variable stores with default Secure Boot keys +generate_sb_var_templates X64 +generate_sb_var_templates AARCH64 + +# Rename the x86_64 4MB firmware +# We use ovmf-x86_64-$key-4m instead of ovmf-x86_64-4m-$key in the +# version < stable201905. Rename the 4MB firmware files for backward +# compatibility. +for key in ${KEY_SOURCES[@]}; do + rename "4m-$key" "$key-4m" *"4m-$key"*.bin +done + +%install +cp %{SOURCE2} README + +sed -i s/'\r'// License.txt + +# Install BaseTools +install -d %{buildroot}/%{_bindir} +install -m 0755 --strip BaseTools/Source/C/bin/EfiRom %{buildroot}/%{_bindir} + +# Replace @DATADIR@ in the firmware descriptors +sed -i "s:@DATADIR@:%{_datadir}/qemu:" descriptors/*.json + +tr -d '\r' < OvmfPkg/License.txt > License-ovmf.txt + +install -m 0644 -D ovmf-*.bin -t %{buildroot}/%{_datadir}/qemu/ +install -m 0644 -D qemu-uefi-*.bin -t %{buildroot}/%{_datadir}/qemu/ +install -m 0644 -D aavmf-*.bin -t %{buildroot}/%{_datadir}/qemu/ +install -m 0644 -D descriptors/*.json \ + -t %{buildroot}/%{_datadir}/qemu/firmware +%fdupes %{buildroot}/%{_datadir}/qemu/ + +%ifarch x86_64 +# Install debug symbols, gdb-uefi.py +install -d %{buildroot}/%{_datadir}/ovmf-x86_64/ +install -m 0644 gdb_uefi-*.py %{buildroot}/%{_datadir}/ovmf-x86_64/ +mkdir -p %{buildroot}%{_prefix}/lib/debug +mv debug/ovmf-x86_64* %{buildroot}%{_prefix}/lib/debug +%fdupes %{buildroot}%{_prefix}/lib/debug/ovmf-x86_64* +mkdir -p %{buildroot}%{_prefix}/src/debug +mv source/ovmf-x86_64* %{buildroot}%{_prefix}/src/debug +%fdupes -s %{buildroot}%{_prefix}/src/debug/ovmf-x86_64 +%endif + +# Install Secure Boot key enroller +mkdir -p %{buildroot}/%{_datadir}/ovmf/ +install -m 0755 %{SOURCE102} %{buildroot}/%{_datadir}/ovmf/ +%ifarch x86_64 +install -m 0644 X64/*.efi %{buildroot}/%{_datadir}/ovmf/ +%endif +%ifarch aarch64 +install -m 0644 AARCH64/*.efi %{buildroot}/%{_datadir}/ovmf/ +%endif +%ifarch riscv64 +# Nothing there yet +#install -m 0644 RISCV64/*.efi %{buildroot}/%{_datadir}/ovmf/ +%endif + +%if %{without build_riscv64} +rm %{buildroot}%{_datadir}/qemu/firmware/*-riscv64*.json +%endif + +%files +%doc README +%dir %{_datadir}/ovmf/ +%ifnarch riscv64 +%{_datadir}/ovmf/*.efi +%endif +%{_datadir}/ovmf/*.sh + +%files tools +%doc BaseTools/UserManuals/EfiRom_Utility_Man_Page.rtf +%{_bindir}/EfiRom + +%files -n qemu-ovmf-ia32 +%license License.txt License-ovmf.txt +%dir %{_datadir}/qemu/ +%{_datadir}/qemu/ovmf-ia32*.bin +%dir %{_datadir}/qemu/firmware +%{_datadir}/qemu/firmware/*-ia32*.json + +%files -n qemu-ovmf-x86_64 +%license License.txt License-ovmf.txt +%dir %{_datadir}/qemu/ +%{_datadir}/qemu/ovmf-x86_64*.bin +%dir %{_datadir}/qemu/firmware +%{_datadir}/qemu/firmware/*-x86_64*.json + +%ifarch x86_64 +%files -n qemu-ovmf-x86_64-debug +%{_datadir}/ovmf-x86_64/ +%dir %{_prefix}/lib/debug/ +%{_prefix}/lib/debug/ovmf-x86_64* +%dir %{_prefix}/src/debug/ +%{_prefix}/src/debug/ovmf-x86_64* +%endif + +%files -n qemu-uefi-aarch64 +%license License.txt +%dir %{_datadir}/qemu/ +%{_datadir}/qemu/qemu-uefi-aarch64*.bin +%{_datadir}/qemu/aavmf-aarch64-*code.bin +%{_datadir}/qemu/aavmf-aarch64-*vars.bin +%dir %{_datadir}/qemu/firmware +%{_datadir}/qemu/firmware/*-aarch64*.json + +%files -n qemu-uefi-aarch32 +%license License.txt +%dir %{_datadir}/qemu/ +%{_datadir}/qemu/qemu-uefi-aarch32.bin +%{_datadir}/qemu/aavmf-aarch32-code.bin +%{_datadir}/qemu/aavmf-aarch32-vars.bin +%dir %{_datadir}/qemu/firmware +%{_datadir}/qemu/firmware/*-aarch32*.json + +%if %{with build_riscv64} +%files -n qemu-uefi-riscv64 +%license License.txt +%dir %{_datadir}/qemu/ +%{_datadir}/qemu/qemu-uefi-riscv64.bin +%{_datadir}/qemu/ovmf-riscv64-code.bin +%{_datadir}/qemu/ovmf-riscv64-vars.bin +%dir %{_datadir}/qemu/firmware +%{_datadir}/qemu/firmware/*-riscv64*.json +%endif + +%changelog diff --git a/public-mipi-sys-t-1.1-edk2.tar.gz b/public-mipi-sys-t-1.1-edk2.tar.gz new file mode 100644 index 0000000..ea55d37 --- /dev/null +++ b/public-mipi-sys-t-1.1-edk2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:473dcd46ed32b098091a2353f0ed13e69cbe773811c5551e6e766c16ac9ba464 +size 378282