From 0b335792d90690f185376505121bf4abd2fe98da Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann Date: Wed, 24 May 2023 09:27:31 +0200 Subject: [PATCH] update to edk2-stable202305 --- ...-do-not-build-BrotliCompress-RH-only.patch | 4 +- ...ove-package-private-Brotli-include-p.patch | 10 +-- ...minalDxe-set-xterm-resolution-on-mod.patch | 8 +- ...ResizeXterm-from-the-QEMU-command-li.patch | 40 +++++----- ...PcdResizeXterm-from-the-QEMU-command.patch | 10 +-- ...mfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch | 20 ++--- ...DEBUG_VERBOSE-0x00400000-in-QemuVide.patch | 20 ++--- ...ce-DEBUG_VERBOSE-0x00400000-in-QemuR.patch | 8 +- ...bDxe-Do-not-report-DXE-failure-on-Aa.patch | 6 +- ...EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch | 20 ++--- ...lLib-list-RHEL8-specific-OpenSSL-fil.patch | 12 +-- ...elLoaderFsDxe-suppress-error-on-no-k.patch | 6 +- ...Dxe-suppress-error-on-no-swtpm-in-si.patch | 4 +- ...ecurityPkg-add-TIS-sanity-check-tpm2.patch | 35 --------- ...curityPkg-add-TIS-sanity-check-tpm12.patch | 34 --------- ...invariants-for-NestedInterruptTplLib.patch | 66 ---------------- ...sertion-that-interrupts-do-not-occur.patch | 75 ------------------- edk2.spec | 12 ++- sources | 4 +- 19 files changed, 91 insertions(+), 303 deletions(-) delete mode 100644 0014-SecurityPkg-add-TIS-sanity-check-tpm2.patch delete mode 100644 0015-SecurityPkg-add-TIS-sanity-check-tpm12.patch delete mode 100644 0016-OvmfPkg-Clarify-invariants-for-NestedInterruptTplLib.patch delete mode 100644 0017-OvmfPkg-Relax-assertion-that-interrupts-do-not-occur.patch diff --git a/0001-BaseTools-do-not-build-BrotliCompress-RH-only.patch b/0001-BaseTools-do-not-build-BrotliCompress-RH-only.patch index 2d76fab..665ace6 100644 --- a/0001-BaseTools-do-not-build-BrotliCompress-RH-only.patch +++ b/0001-BaseTools-do-not-build-BrotliCompress-RH-only.patch @@ -1,4 +1,4 @@ -From e1e3402a5bf94f2e4a5b67f9587b20ceb4a109ac Mon Sep 17 00:00:00 2001 +From 85b2dc9bb820a749e95136bf7bdd0f6c49e8389d Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Thu, 4 Jun 2020 13:34:12 +0200 Subject: [PATCH 01/14] BaseTools: do not build BrotliCompress (RH only) @@ -39,5 +39,5 @@ index 5275f657efe8..39d719975309 100644 EfiRom \ GenFfs \ -- -2.39.2 +2.40.1 diff --git a/0002-MdeModulePkg-remove-package-private-Brotli-include-p.patch b/0002-MdeModulePkg-remove-package-private-Brotli-include-p.patch index a6f8f6b..738473e 100644 --- a/0002-MdeModulePkg-remove-package-private-Brotli-include-p.patch +++ b/0002-MdeModulePkg-remove-package-private-Brotli-include-p.patch @@ -1,4 +1,4 @@ -From 7115ded03e80aa8f359a9e45979715a8dc47257c Mon Sep 17 00:00:00 2001 +From f1996ce088098f8479eec2f0739978b9de7840fc Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Thu, 4 Jun 2020 13:39:08 +0200 Subject: [PATCH 02/14] MdeModulePkg: remove package-private Brotli include @@ -32,12 +32,12 @@ Signed-off-by: Laszlo Ersek 1 file changed, 3 deletions(-) diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec -index e8058c8bfaec..f33312fb3510 100644 +index 95dd077e19b3..1609b6d9c29e 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec -@@ -25,9 +25,6 @@ [Defines] - [Includes] +@@ -26,9 +26,6 @@ [Includes] Include + Test/Mock/Include -[Includes.Common.Private] - Library/BrotliCustomDecompressLib/brotli/c/include @@ -46,5 +46,5 @@ index e8058c8bfaec..f33312fb3510 100644 ## @libraryclass Defines a set of methods to reset whole system. ResetSystemLib|Include/Library/ResetSystemLib.h -- -2.39.2 +2.40.1 diff --git a/0003-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch b/0003-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch index 9e92fd6..016ad0b 100644 --- a/0003-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch +++ b/0003-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch @@ -1,4 +1,4 @@ -From 84149154c873d3521bf0848d8473f2c09f3ccca0 Mon Sep 17 00:00:00 2001 +From 212665c3bc7c480d6dfa7df52c50457e83af149a Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Tue, 25 Feb 2014 22:40:01 +0100 Subject: [PATCH 03/14] MdeModulePkg: TerminalDxe: set xterm resolution on mode @@ -87,10 +87,10 @@ Signed-off-by: Laszlo Ersek 3 files changed, 35 insertions(+) diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec -index f33312fb3510..020f62fcc668 100644 +index 1609b6d9c29e..c0d376bed1f0 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec -@@ -2102,6 +2102,10 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] +@@ -2127,6 +2127,10 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] # @Prompt The shared bit mask when Intel Tdx is enabled. gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0|UINT64|0x10000025 @@ -176,5 +176,5 @@ index 7809869e7d49..496849458db4 100644 Status = This->ClearScreen (This); -- -2.39.2 +2.40.1 diff --git a/0004-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch b/0004-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch index 5262382..b7d1dd9 100644 --- a/0004-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch +++ b/0004-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch @@ -1,4 +1,4 @@ -From defcdb8fe170e58cb0b0de8ddd2784bcc2dd67d7 Mon Sep 17 00:00:00 2001 +From 677df60b929f97fde9e7d03dfe82b4bf593d5986 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 14 Oct 2015 15:59:06 +0200 Subject: [PATCH 04/14] OvmfPkg: take PcdResizeXterm from the QEMU command line @@ -88,10 +88,10 @@ Signed-off-by: Laszlo Ersek 9 files changed, 21 insertions(+) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 1cebd6b4bcc2..0bec51d5eeac 100644 +index b32049194d39..bff9f166219e 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -477,6 +477,7 @@ [PcdsFixedAtBuild] +@@ -476,6 +476,7 @@ [PcdsFixedAtBuild] [PcdsDynamicDefault] gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0 @@ -100,10 +100,10 @@ index 1cebd6b4bcc2..0bec51d5eeac 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|0 diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc -index fda7d2b9e52f..97a74cfb07e4 100644 +index 2a1139daaa19..1e61af6eeff6 100644 --- a/OvmfPkg/CloudHv/CloudHvX64.dsc +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc -@@ -587,6 +587,7 @@ [PcdsDynamicDefault] +@@ -575,6 +575,7 @@ [PcdsDynamicDefault] # ($(SMM_REQUIRE) == FALSE) gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0 @@ -112,10 +112,10 @@ index fda7d2b9e52f..97a74cfb07e4 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0 diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc -index 95b9594ddce0..bf4bf4cb1d4c 100644 +index d4403f11a7c6..86673d06ef2e 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc -@@ -485,6 +485,7 @@ [PcdsDynamicDefault] +@@ -473,6 +473,7 @@ [PcdsDynamicDefault] # ($(SMM_REQUIRE) == FALSE) gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0 @@ -124,10 +124,10 @@ index 95b9594ddce0..bf4bf4cb1d4c 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|0 diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc -index 0d65d21e651c..f123ca853085 100644 +index 5f671bc3840d..02c225f6d2a7 100644 --- a/OvmfPkg/Microvm/MicrovmX64.dsc +++ b/OvmfPkg/Microvm/MicrovmX64.dsc -@@ -585,6 +585,7 @@ [PcdsDynamicDefault] +@@ -573,6 +573,7 @@ [PcdsDynamicDefault] # ($(SMM_REQUIRE) == FALSE) gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0 @@ -136,10 +136,10 @@ index 0d65d21e651c..f123ca853085 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|0 diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 22dc29330d2d..9242e7714036 100644 +index e333b8b41803..f5390a30fb09 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -606,6 +606,7 @@ [PcdsDynamicDefault] +@@ -595,6 +595,7 @@ [PcdsDynamicDefault] # ($(SMM_REQUIRE) == FALSE) gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0 @@ -148,10 +148,10 @@ index 22dc29330d2d..9242e7714036 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0 diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 6b539814bdb0..43d40ddc9c46 100644 +index 25974230a27e..c43fb2d39910 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -613,6 +613,7 @@ [PcdsDynamicDefault] +@@ -603,6 +603,7 @@ [PcdsDynamicDefault] # ($(SMM_REQUIRE) == FALSE) gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0 @@ -160,10 +160,10 @@ index 6b539814bdb0..43d40ddc9c46 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0 diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index e3c64456dfef..231e5e7e4d1c 100644 +index c1762ffca445..ce49a3d3a54d 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -636,6 +636,7 @@ [PcdsDynamicDefault] +@@ -626,6 +626,7 @@ [PcdsDynamicDefault] # ($(SMM_REQUIRE) == FALSE) gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0 @@ -172,10 +172,10 @@ index e3c64456dfef..231e5e7e4d1c 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0 diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf -index 1fadadeb5565..3e28e1596d32 100644 +index 3934aeed9514..98123ec63b3d 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf -@@ -99,6 +99,7 @@ [Pcd] +@@ -100,6 +100,7 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved @@ -184,7 +184,7 @@ index 1fadadeb5565..3e28e1596d32 100644 gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c -index 148240342b4b..d324ae95f8f5 100644 +index c56247e294f2..5d7f50cc5876 100644 --- a/OvmfPkg/PlatformPei/Platform.c +++ b/OvmfPkg/PlatformPei/Platform.c @@ -41,6 +41,18 @@ @@ -206,7 +206,7 @@ index 148240342b4b..d324ae95f8f5 100644 EFI_PEI_PPI_DESCRIPTOR mPpiBootMode[] = { { EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, -@@ -385,6 +397,7 @@ InitializePlatform ( +@@ -386,6 +398,7 @@ InitializePlatform ( MemTypeInfoInitialization (PlatformInfoHob); MemMapInitialization (PlatformInfoHob); NoexecDxeInitialization (PlatformInfoHob); @@ -215,5 +215,5 @@ index 148240342b4b..d324ae95f8f5 100644 InstallClearCacheCallback (); -- -2.39.2 +2.40.1 diff --git a/0005-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch b/0005-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch index b553de6..a3100a9 100644 --- a/0005-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch +++ b/0005-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch @@ -1,4 +1,4 @@ -From 2d09cde35ac031aabf7a1dc09c8c8a5e65917ae8 Mon Sep 17 00:00:00 2001 +From ca84f8dd5a7653d2b884406f67f5e9d4bc136852 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Sun, 26 Jul 2015 08:02:50 +0000 Subject: [PATCH 05/14] ArmVirtPkg: take PcdResizeXterm from the QEMU command @@ -96,10 +96,10 @@ Signed-off-by: Laszlo Ersek create mode 100644 ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.c diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index 72a0cacab4a8..7a3be7e8592c 100644 +index 449e73b9e132..2ccbef41c23b 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -304,6 +304,8 @@ [PcdsPatchableInModule] +@@ -307,6 +307,8 @@ [PcdsPatchableInModule] gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x0 !endif @@ -108,7 +108,7 @@ index 72a0cacab4a8..7a3be7e8592c 100644 [PcdsDynamicHii] gUefiOvmfPkgTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gOvmfVariableGuid|0x0|FALSE|NV,BS -@@ -418,7 +420,10 @@ [Components.common] +@@ -416,7 +418,10 @@ [Components.common] MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleDxe.inf @@ -200,5 +200,5 @@ index 000000000000..bfd3a6a535f9 + return RETURN_SUCCESS; +} -- -2.39.2 +2.40.1 diff --git a/0006-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch b/0006-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch index e4dfc5f..dc19b24 100644 --- a/0006-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch +++ b/0006-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch @@ -1,4 +1,4 @@ -From 9070eb8deb0a973e9dd8f96b70955c7d3abca074 Mon Sep 17 00:00:00 2001 +From 447b5540fdc12ff4ca74dc2dd183149732075c18 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Tue, 21 Nov 2017 00:57:45 +0100 Subject: [PATCH 06/14] OvmfPkg: enable DEBUG_VERBOSE (RHEL only) @@ -65,10 +65,10 @@ Signed-off-by: Paolo Bonzini 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index 0bec51d5eeac..ae3f9c75c4a4 100644 +index bff9f166219e..14a5d10d2b67 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -429,7 +429,7 @@ [PcdsFixedAtBuild] +@@ -426,7 +426,7 @@ [PcdsFixedAtBuild] # DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may # // significantly impact boot performance # DEBUG_ERROR 0x80000000 // Error @@ -78,10 +78,10 @@ index 0bec51d5eeac..ae3f9c75c4a4 100644 !if $(SOURCE_DEBUG_ENABLE) == TRUE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 9242e7714036..bb3b0c1c96f3 100644 +index f5390a30fb09..62c68d99165d 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -546,7 +546,7 @@ [PcdsFixedAtBuild] +@@ -535,7 +535,7 @@ [PcdsFixedAtBuild] # DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may # // significantly impact boot performance # DEBUG_ERROR 0x80000000 // Error @@ -91,10 +91,10 @@ index 9242e7714036..bb3b0c1c96f3 100644 !if $(SOURCE_DEBUG_ENABLE) == TRUE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 43d40ddc9c46..19b968bd945d 100644 +index c43fb2d39910..b03af9cacd2b 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -551,7 +551,7 @@ [PcdsFixedAtBuild] +@@ -541,7 +541,7 @@ [PcdsFixedAtBuild] # DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may # // significantly impact boot performance # DEBUG_ERROR 0x80000000 // Error @@ -104,10 +104,10 @@ index 43d40ddc9c46..19b968bd945d 100644 !if $(SOURCE_DEBUG_ENABLE) == TRUE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 231e5e7e4d1c..876f2374a2cc 100644 +index ce49a3d3a54d..a9dad1b59ee8 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -572,7 +572,7 @@ [PcdsFixedAtBuild] +@@ -562,7 +562,7 @@ [PcdsFixedAtBuild] # DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may # // significantly impact boot performance # DEBUG_ERROR 0x80000000 // Error @@ -117,5 +117,5 @@ index 231e5e7e4d1c..876f2374a2cc 100644 !if $(SOURCE_DEBUG_ENABLE) == TRUE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 -- -2.39.2 +2.40.1 diff --git a/0007-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch b/0007-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch index e2390b9..76b05f4 100644 --- a/0007-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch +++ b/0007-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch @@ -1,4 +1,4 @@ -From ea0ec39c85e21daa5b4f31884ee1e4a198c78fcd Mon Sep 17 00:00:00 2001 +From f0d8ef8071a0b20495a5a1dc3e6e49f8f145c503 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Tue, 21 Nov 2017 00:57:46 +0100 Subject: [PATCH 07/14] OvmfPkg: silence DEBUG_VERBOSE (0x00400000) in @@ -82,10 +82,10 @@ Signed-off-by: Paolo Bonzini 4 files changed, 32 insertions(+), 8 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index ae3f9c75c4a4..c7d7add60d44 100644 +index 14a5d10d2b67..870c4bd890fe 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -682,8 +682,14 @@ [Components] +@@ -684,8 +684,14 @@ [Components] MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf @@ -103,10 +103,10 @@ index ae3f9c75c4a4..c7d7add60d44 100644 # diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index bb3b0c1c96f3..30b843d2287a 100644 +index 62c68d99165d..d7bce8d40d26 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -851,9 +851,15 @@ [Components] +@@ -841,9 +841,15 @@ [Components] MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf !ifndef $(CSM_ENABLE) @@ -125,10 +125,10 @@ index bb3b0c1c96f3..30b843d2287a 100644 # diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 19b968bd945d..2327c5c29611 100644 +index b03af9cacd2b..8103d1d4882a 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -864,9 +864,15 @@ [Components.X64] +@@ -855,9 +855,15 @@ [Components.X64] MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf !ifndef $(CSM_ENABLE) @@ -147,10 +147,10 @@ index 19b968bd945d..2327c5c29611 100644 # diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 876f2374a2cc..49b914c29f35 100644 +index a9dad1b59ee8..7fe23d9153fe 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -937,9 +937,15 @@ [Components] +@@ -929,9 +929,15 @@ [Components] MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf !ifndef $(CSM_ENABLE) @@ -169,5 +169,5 @@ index 876f2374a2cc..49b914c29f35 100644 # -- -2.39.2 +2.40.1 diff --git a/0008-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch b/0008-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch index 2c3a408..bbde580 100644 --- a/0008-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch +++ b/0008-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch @@ -1,4 +1,4 @@ -From a7f8d385ac55fce62cc5a9a1608e4d085801e6f3 Mon Sep 17 00:00:00 2001 +From 461077f978edf909f0ef59c777c2d45ab7664526 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 27 Jan 2016 03:05:18 +0100 Subject: [PATCH 08/14] ArmVirtPkg: silence DEBUG_VERBOSE (0x00400000) in @@ -61,10 +61,10 @@ Signed-off-by: Laszlo Ersek 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc -index 7a3be7e8592c..865172c5d56b 100644 +index 2ccbef41c23b..bc097880f79f 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc -@@ -546,7 +546,10 @@ [Components.common] +@@ -544,7 +544,10 @@ [Components.common] # # Video support # @@ -93,5 +93,5 @@ index 3cb9120e4e10..02877284bfa3 100644 OvmfPkg/PlatformDxe/Platform.inf -- -2.39.2 +2.40.1 diff --git a/0009-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch b/0009-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch index f4cbed4..d0b1002 100644 --- a/0009-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch +++ b/0009-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch @@ -1,4 +1,4 @@ -From 08c466269cf4728e954d61c1801b0eb6ca4175ff Mon Sep 17 00:00:00 2001 +From 58b31e995b9626e3187872c5dbb4696f04374a56 Mon Sep 17 00:00:00 2001 From: Philippe Mathieu-Daude Date: Thu, 1 Aug 2019 20:43:48 +0200 Subject: [PATCH 09/14] OvmfPkg: QemuRamfbDxe: Do not report DXE failure on @@ -59,7 +59,7 @@ index e3890b8c202f..6ffee5acb24c 100644 FrameBufferBltLib MemoryAllocationLib diff --git a/OvmfPkg/QemuRamfbDxe/QemuRamfb.c b/OvmfPkg/QemuRamfbDxe/QemuRamfb.c -index f5113fbc78a6..0295986fe0f1 100644 +index 5a1044f0dc7b..3a687901b0d2 100644 --- a/OvmfPkg/QemuRamfbDxe/QemuRamfb.c +++ b/OvmfPkg/QemuRamfbDxe/QemuRamfb.c @@ -13,6 +13,7 @@ @@ -92,5 +92,5 @@ index f5113fbc78a6..0295986fe0f1 100644 } -- -2.39.2 +2.40.1 diff --git a/0010-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch b/0010-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch index 5d90a04..c5898a5 100644 --- a/0010-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch +++ b/0010-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch @@ -1,4 +1,4 @@ -From ce8bf8cbb5ad81677c2b632b98f527a1d9fda3b1 Mon Sep 17 00:00:00 2001 +From 88ca1daf0a9c0b6ea002f09b56cca1ab075ace9e Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Tue, 21 Nov 2017 00:57:47 +0100 Subject: [PATCH 10/14] OvmfPkg: silence EFI_D_VERBOSE (0x00400000) in @@ -63,10 +63,10 @@ Signed-off-by: Paolo Bonzini 4 files changed, 16 insertions(+), 4 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc -index c7d7add60d44..2ea6fad2018a 100644 +index 870c4bd890fe..ad6e7724ee8e 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc -@@ -676,7 +676,10 @@ [Components] +@@ -678,7 +678,10 @@ [Components] OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -79,10 +79,10 @@ index c7d7add60d44..2ea6fad2018a 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc -index 30b843d2287a..db1cde0a3b03 100644 +index d7bce8d40d26..b644669291ac 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc -@@ -844,7 +844,10 @@ [Components] +@@ -834,7 +834,10 @@ [Components] OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -95,10 +95,10 @@ index 30b843d2287a..db1cde0a3b03 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc -index 2327c5c29611..938eaba74ad4 100644 +index 8103d1d4882a..e37ec97fbc7a 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc -@@ -857,7 +857,10 @@ [Components.X64] +@@ -848,7 +848,10 @@ [Components.X64] OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -111,10 +111,10 @@ index 2327c5c29611..938eaba74ad4 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc -index 49b914c29f35..91fbe83bfac1 100644 +index 7fe23d9153fe..1f4934616ada 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc -@@ -930,7 +930,10 @@ [Components] +@@ -922,7 +922,10 @@ [Components] OvmfPkg/SataControllerDxe/SataControllerDxe.inf MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf @@ -127,5 +127,5 @@ index 49b914c29f35..91fbe83bfac1 100644 MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf -- -2.39.2 +2.40.1 diff --git a/0011-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch b/0011-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch index ad2ed67..fec673d 100644 --- a/0011-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch +++ b/0011-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch @@ -1,4 +1,4 @@ -From 586d6536227c0fd176a1567b9a59345de348d472 Mon Sep 17 00:00:00 2001 +From 5e31bb6319ba4aabb113c2fb94e133a2efd79bb0 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Sat, 16 Nov 2019 17:11:27 +0100 Subject: [PATCH 11/14] CryptoPkg/OpensslLib: list RHEL8-specific OpenSSL files @@ -131,10 +131,10 @@ Signed-off-by: Laszlo Ersek 2 files changed, 24 insertions(+) diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf -index 60c6c24b0a67..7e78255467b1 100644 +index 0f64c9fa7eca..6d49136ed75e 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf -@@ -575,6 +575,18 @@ [Sources] +@@ -576,6 +576,18 @@ [Sources] $(OPENSSL_PATH)/ssl/statem/statem.h $(OPENSSL_PATH)/ssl/statem/statem_local.h # Autogenerated files list ends here @@ -154,10 +154,10 @@ index 60c6c24b0a67..7e78255467b1 100644 ossl_store.c rand_pool.c diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -index c4eaea888c1a..1c551cb0990c 100644 +index 311cd1e6051a..f5ead202ec8e 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -@@ -525,6 +525,18 @@ [Sources] +@@ -526,6 +526,18 @@ [Sources] $(OPENSSL_PATH)/crypto/x509v3/standard_exts.h $(OPENSSL_PATH)/crypto/x509v3/v3_admis.h # Autogenerated files list ends here @@ -177,5 +177,5 @@ index c4eaea888c1a..1c551cb0990c 100644 ossl_store.c rand_pool.c -- -2.39.2 +2.40.1 diff --git a/0012-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch b/0012-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch index 631e7a8..5558616 100644 --- a/0012-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch +++ b/0012-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch @@ -1,4 +1,4 @@ -From b748f55a0018d1766e46d27eedf7806c95d90075 Mon Sep 17 00:00:00 2001 +From 22d3b3dff458b0523fc3da5f22c96dce91e35d0c Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 24 Jun 2020 11:31:36 +0200 Subject: [PATCH 12/14] OvmfPkg/QemuKernelLoaderFsDxe: suppress error on no @@ -44,7 +44,7 @@ index 7b35adb8e034..e0331c6e2cbc 100644 MemoryAllocationLib QemuFwCfgLib diff --git a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c -index d4f3cd92255f..f007f8a6c233 100644 +index 3c12085f6c1e..e473c0b57345 100644 --- a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c +++ b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c @@ -19,6 +19,7 @@ @@ -80,5 +80,5 @@ index d4f3cd92255f..f007f8a6c233 100644 } -- -2.39.2 +2.40.1 diff --git a/0013-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch b/0013-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch index 7eb119b..d2fadc5 100644 --- a/0013-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch +++ b/0013-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch @@ -1,4 +1,4 @@ -From 8d5230a47e76ce2a10d722f1fb0349650c4287ed Mon Sep 17 00:00:00 2001 +From 583e3a67563e3f177a0e61dc41077e7413f100ef Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 24 Jun 2020 11:40:09 +0200 Subject: [PATCH 13/14] SecurityPkg/Tcg2Dxe: suppress error on no swtpm in @@ -78,5 +78,5 @@ index f6ea8b2bbf18..681eb7e08b98 100644 } -- -2.39.2 +2.40.1 diff --git a/0014-SecurityPkg-add-TIS-sanity-check-tpm2.patch b/0014-SecurityPkg-add-TIS-sanity-check-tpm2.patch deleted file mode 100644 index a08011a..0000000 --- a/0014-SecurityPkg-add-TIS-sanity-check-tpm2.patch +++ /dev/null @@ -1,35 +0,0 @@ -From cb0ffbcd86756a47696b6e24e19552d2bcc4238a Mon Sep 17 00:00:00 2001 -From: Gerd Hoffmann -Date: Wed, 26 Apr 2023 14:37:13 +0200 -Subject: [PATCH 14/16] SecurityPkg: add TIS sanity check (tpm2) - -The code blindly assumes a TIS interface is present in case both CRB and -FIFO checks fail. Check the InterfaceType for TIS instead and only -return Tpm2PtpInterfaceTis in case it matches, Tpm2PtpInterfaceMax -otherwise. - -Signed-off-by: Gerd Hoffmann ---- - SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c -index 1f9ac5ab5a30..eac9f0e29941 100644 ---- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c -+++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c -@@ -464,7 +464,11 @@ Tpm2GetPtpInterface ( - return Tpm2PtpInterfaceFifo; - } - -- return Tpm2PtpInterfaceTis; -+ if (InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_TIS) { -+ return Tpm2PtpInterfaceTis; -+ } -+ -+ return Tpm2PtpInterfaceMax; - } - - /** --- -2.40.0 - diff --git a/0015-SecurityPkg-add-TIS-sanity-check-tpm12.patch b/0015-SecurityPkg-add-TIS-sanity-check-tpm12.patch deleted file mode 100644 index 2030b7d..0000000 --- a/0015-SecurityPkg-add-TIS-sanity-check-tpm12.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 54ae30cea7731b9949b7e503401f732f1e95e930 Mon Sep 17 00:00:00 2001 -From: Gerd Hoffmann -Date: Wed, 26 Apr 2023 14:38:34 +0200 -Subject: [PATCH 15/16] SecurityPkg: add TIS sanity check (tpm12) - -The code blindly assumes a TIS interface is present in case both CRB and -FIFO checks fail. Check the InterfaceType for TIS instead and only -return PtpInterfaceTis in case it matches, PtpInterfaceMax otherwise. - -Signed-off-by: Gerd Hoffmann ---- - SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c b/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c -index 51f43591287a..d2b79a274084 100644 ---- a/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c -+++ b/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c -@@ -91,7 +91,11 @@ Tpm12GetPtpInterface ( - return PtpInterfaceFifo; - } - -- return PtpInterfaceTis; -+ if (InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_TIS) { -+ return PtpInterfaceTis; -+ } -+ -+ return PtpInterfaceMax; - } - - /** --- -2.40.0 - diff --git a/0016-OvmfPkg-Clarify-invariants-for-NestedInterruptTplLib.patch b/0016-OvmfPkg-Clarify-invariants-for-NestedInterruptTplLib.patch deleted file mode 100644 index 318149a..0000000 --- a/0016-OvmfPkg-Clarify-invariants-for-NestedInterruptTplLib.patch +++ /dev/null @@ -1,66 +0,0 @@ -From 51846ff74e3352151f99cfcfbe091c09f3ec8097 Mon Sep 17 00:00:00 2001 -From: Michael Brown -Date: Tue, 9 May 2023 12:09:30 +0000 -Subject: [PATCH 16/18] OvmfPkg: Clarify invariants for NestedInterruptTplLib - -NestedInterruptTplLib relies on CPU interrupts being disabled to -guarantee exclusive (and hence atomic) access to the shared state in -IsrState. Nothing in the calling interrupt handler should have -re-enabled interrupts before calling NestedInterruptRestoreTPL(), and -the loop in NestedInterruptRestoreTPL() itself maintains the invariant -that interrupts are disabled at the start of each iteration. - -Add assertions to clarify this invariant, and expand the comments -around the calls to RestoreTPL() and DisableInterrupts() to clarify -the expectations around enabling and disabling interrupts. - -Signed-off-by: Michael Brown -Acked-by: Laszlo Ersek -(cherry picked from commit ae0be176a83efebe9a8c13d2124151f7dd13443a) ---- - OvmfPkg/Library/NestedInterruptTplLib/Tpl.c | 10 ++++++++-- - 1 file changed, 8 insertions(+), 2 deletions(-) - -diff --git a/OvmfPkg/Library/NestedInterruptTplLib/Tpl.c b/OvmfPkg/Library/NestedInterruptTplLib/Tpl.c -index e19d98878eb7..e921a09c5599 100644 ---- a/OvmfPkg/Library/NestedInterruptTplLib/Tpl.c -+++ b/OvmfPkg/Library/NestedInterruptTplLib/Tpl.c -@@ -104,6 +104,7 @@ NestedInterruptRestoreTPL ( - // defer our call to RestoreTPL() to the in-progress outer instance - // of the same interrupt handler. - // -+ ASSERT (GetInterruptState () == FALSE); - if (InterruptedTPL == IsrState->InProgressRestoreTPL) { - // - // Trigger outer instance of this interrupt handler to perform the -@@ -153,6 +154,7 @@ NestedInterruptRestoreTPL ( - // - // Check shared state loop invariants. - // -+ ASSERT (GetInterruptState () == FALSE); - ASSERT (IsrState->InProgressRestoreTPL < InterruptedTPL); - ASSERT (IsrState->DeferredRestoreTPL == FALSE); - -@@ -167,13 +169,17 @@ NestedInterruptRestoreTPL ( - - // - // Call RestoreTPL() to allow event notifications to be -- // dispatched. This will implicitly re-enable interrupts. -+ // dispatched. This will implicitly re-enable interrupts (if -+ // InterruptedTPL is below TPL_HIGH_LEVEL), even though we are -+ // still inside the interrupt handler. - // - gBS->RestoreTPL (InterruptedTPL); - - // - // Re-disable interrupts after the call to RestoreTPL() to ensure -- // that we have exclusive access to the shared state. -+ // that we have exclusive access to the shared state. Interrupts -+ // will be re-enabled by the IRET or equivalent instruction when -+ // we subsequently return from the interrupt handler. - // - DisableInterrupts (); - --- -2.40.1 - diff --git a/0017-OvmfPkg-Relax-assertion-that-interrupts-do-not-occur.patch b/0017-OvmfPkg-Relax-assertion-that-interrupts-do-not-occur.patch deleted file mode 100644 index a9323b9..0000000 --- a/0017-OvmfPkg-Relax-assertion-that-interrupts-do-not-occur.patch +++ /dev/null @@ -1,75 +0,0 @@ -From 7272c2fbe66941f0785be7ec437ed79ab9e35b80 Mon Sep 17 00:00:00 2001 -From: Michael Brown -Date: Tue, 9 May 2023 12:09:33 +0000 -Subject: [PATCH 17/18] OvmfPkg: Relax assertion that interrupts do not occur - at TPL_HIGH_LEVEL - -At TPL_HIGH_LEVEL, CPU interrupts are disabled (as per the UEFI -specification) and so we should never encounter a situation in which -an interrupt occurs at TPL_HIGH_LEVEL. The specification also -restricts usage of TPL_HIGH_LEVEL to the firmware itself. - -However, nothing actually prevents a UEFI application from calling -gBS->RaiseTPL(TPL_HIGH_LEVEL) and then violating the invariant by -enabling interrupts via the STI or equivalent instruction. Some -versions of the Microsoft Windows bootloader are known to do this. - -NestedInterruptTplLib maintains the invariant that interrupts are -disabled at TPL_HIGH_LEVEL (even when performing the dark art of -deliberately manipulating the stack so that IRET will return with -interrupts still disabled), but does not itself rely on external code -maintaining this invariant. - -Relax the assertion that the interrupted TPL is below TPL_HIGH_LEVEL -to an error message, to allow UEFI applications such as these versions -of the Microsoft Windows bootloader to continue to function. - -Debugged-by: Gerd Hoffmann -Debugged-by: Laszlo Ersek -Ref: https://bugzilla.redhat.com/show_bug.cgi?id=2189136 -Signed-off-by: Michael Brown -Acked-by: Laszlo Ersek -Reviewed-by: Gerd Hoffmann -(cherry picked from commit bee67e0c142af6599a85aa7640094816b8a24c4f) ---- - OvmfPkg/Library/NestedInterruptTplLib/Tpl.c | 21 ++++++++++++++++++--- - 1 file changed, 18 insertions(+), 3 deletions(-) - -diff --git a/OvmfPkg/Library/NestedInterruptTplLib/Tpl.c b/OvmfPkg/Library/NestedInterruptTplLib/Tpl.c -index e921a09c5599..d56c12a44529 100644 ---- a/OvmfPkg/Library/NestedInterruptTplLib/Tpl.c -+++ b/OvmfPkg/Library/NestedInterruptTplLib/Tpl.c -@@ -34,12 +34,27 @@ NestedInterruptRaiseTPL ( - - // - // Raise TPL and assert that we were called from within an interrupt -- // handler (i.e. with TPL below TPL_HIGH_LEVEL but with interrupts -- // disabled). -+ // handler (i.e. with interrupts already disabled before raising the -+ // TPL). - // - ASSERT (GetInterruptState () == FALSE); - InterruptedTPL = gBS->RaiseTPL (TPL_HIGH_LEVEL); -- ASSERT (InterruptedTPL < TPL_HIGH_LEVEL); -+ -+ // -+ // At TPL_HIGH_LEVEL, CPU interrupts are disabled (as per the UEFI -+ // specification) and so we should never encounter a situation in -+ // which InterruptedTPL==TPL_HIGH_LEVEL. The specification also -+ // restricts usage of TPL_HIGH_LEVEL to the firmware itself. -+ // -+ // However, nothing actually prevents a UEFI application from -+ // invalidly calling gBS->RaiseTPL(TPL_HIGH_LEVEL) and then -+ // violating the invariant by enabling interrupts via the STI or -+ // equivalent instruction. Some versions of the Microsoft Windows -+ // bootloader are known to do this. -+ // -+ if (InterruptedTPL >= TPL_HIGH_LEVEL) { -+ DEBUG ((DEBUG_ERROR, "ERROR: Interrupts enabled at TPL_HIGH_LEVEL!\n")); -+ } - - return InterruptedTPL; - } --- -2.40.1 - diff --git a/edk2.spec b/edk2.spec index 55aca0b..bc2390b 100644 --- a/edk2.spec +++ b/edk2.spec @@ -9,8 +9,8 @@ ExclusiveArch: x86_64 aarch64 # edk2-stable202302 -%define GITDATE 20230301 -%define GITCOMMIT f80f052277c8 +%define GITDATE 20230524 +%define GITCOMMIT ba91d0292e59 %define TOOLCHAIN GCC5 %define OPENSSL_VER 1.1.1k @@ -52,7 +52,7 @@ Source0: edk2-%{GITCOMMIT}.tar.xz Source1: ovmf-whitepaper-c770f8c.txt Source2: openssl-rhel-d00c3c5b8a9d6d3ea3dabfcafdf36afd61ba8bcc.tar.xz Source3: softfloat-%{softfloat_version}.tar.xz -Source4: edk2-platforms-54306d023e7d.tar.xz +Source4: edk2-platforms-7880b92e2a04.tar.xz Source5: jansson-2.13.1.tar.bz2 # json description files @@ -99,10 +99,6 @@ Patch0010: 0010-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch Patch0011: 0011-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch Patch0012: 0012-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch Patch0013: 0013-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch -Patch0014: 0014-SecurityPkg-add-TIS-sanity-check-tpm2.patch -Patch0015: 0015-SecurityPkg-add-TIS-sanity-check-tpm12.patch -Patch0016: 0016-OvmfPkg-Clarify-invariants-for-NestedInterruptTplLib.patch -Patch0017: 0017-OvmfPkg-Relax-assertion-that-interrupts-do-not-occur.patch # python3-devel and libuuid-devel are required for building tools. @@ -288,6 +284,8 @@ tar -C CryptoPkg/Library/OpensslLib -a -f %{SOURCE2} -x tar -xf %{SOURCE3} --strip-components=1 --directory ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3/ tar -xf %{SOURCE4} --strip-components=1 "*/Drivers" "*/Features" "*/Platform" "*/Silicon" tar -xf %{SOURCE5} --strip-components=1 --directory RedfishPkg/Library/JsonLib/jansson +# include paths pointing to unused submodules +mkdir -p MdePkg/Library/MipiSysTLib/mipisyst/library/include # Done by %setup, but we do not use it for the auxiliary tarballs chmod -Rf a+rX,u+w,g-w,o-w . diff --git a/sources b/sources index 72adb36..f29b1d3 100644 --- a/sources +++ b/sources @@ -1,5 +1,5 @@ SHA512 (softfloat-20180726-gitb64af41.tar.xz) = f079debd1bfcc0fe64329a8947b0689ef49246793edcdd28a2879f6550c652b0cf0f53ac4f6f5ab61ac4f7933972e0019d0ab63eb9931b6884c2909f3a5ead30 SHA512 (jansson-2.13.1.tar.bz2) = 057f0eda43e4162569888d739f4d78d1d02fce8359400d8f66fdc6e440b0405cb457e1126820dc8ce51e9c4a7f4b7effc640caf1d54307c78c0c47c3fc093011 SHA512 (openssl-rhel-d00c3c5b8a9d6d3ea3dabfcafdf36afd61ba8bcc.tar.xz) = 418f8476e80c79e76ba2225670075f95ae75065b23cad9180daac5149e02f11deaa6551e1f70d04fe4b275b0e5f2756f890738693516a737d6f84ee8cd839019 -SHA512 (edk2-f80f052277c8.tar.xz) = af802257f010b63d973dc909b57ee845b7734e8d494b081050ba1f197349663b081e1f2edc5244726e2479ff6d16d79d0a6fceb00f4840b59982f10b79facf66 -SHA512 (edk2-platforms-54306d023e7d.tar.xz) = 08cb9b49f02a5ec4e5cd15cb4ab71b2f4ca37dd0bb86cdc06a31622f71f2082c36b58ad07f64bd22e5daf2decff59c46525c293e14851976619a18cbd70aea2f +SHA512 (edk2-ba91d0292e59.tar.xz) = bbf1c45a168528f057b8e1b43b7bec8eba68238b07ec9cff08a0478cb7f6599c233c18c45fea1044892bb600435070b205e01e108c745274fdd5954109968974 +SHA512 (edk2-platforms-7880b92e2a04.tar.xz) = 054cff28dd9ffa634067a9572570bd397dad892c056f174166f2d2acad52d3623b5768dac99d0a836e44b4a90fce965acc75a59446c9a48b7042b9d62439c7fb