Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package ovmf for openSUSE:Factory checked in 
at 2024-07-17 15:13:44
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ovmf (Old)
 and      /work/SRC/openSUSE:Factory/.ovmf.new.17339 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "ovmf"

Wed Jul 17 15:13:44 2024 rev:103 rq:1187663 version:202402

Changes:
--------
--- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes        2024-05-16 
17:13:51.969075316 +0200
+++ /work/SRC/openSUSE:Factory/.ovmf.new.17339/ovmf.changes     2024-07-17 
15:14:10.567937207 +0200
@@ -1,0 +2,413 @@
+Tue Jul 16 04:42:23 UTC 2024 - Joey Lee <j...@suse.com>
+
+- Update to edk2-stable202402
+    - Features (https://github.com/tianocore/edk2/releases):
+        NetworkPkg: Packet->Length is not updated before being used by 
Dhcp6AppendIaAddrOption to safely know it can append.
+        NetworkPkg: Out-of-bounds read when processing IA_NA/IA_TA options in 
a DHCPv6 Advertise message
+        Heap Buffer Overflow in Tcg2MeasureGptTable()
+        Add LoongArch help functions and defines in MdePkg and move some 
ArmVirtPkg libraries and PCDs to OvmfPkg
+        Add NVMe Sanitize command support to Nvme.h
+        Remove CSM support from OvmfPkg
+        MAT Logic Incorrectly Reports Runtime Images
+    - Patches (git log --oneline --date-order 
edk2-stable202311..edk2-stable202402):
+        edc6681206 UefiCpuPkg/PiSmmCpuDxeSmm: fix NULL deref when 
gSmmBaseHobGuid is missing
+        72c441df36 UefiCpuPkg/PiSmmCpuDxeSmm: distinguish GetSmBase() failure 
modes
+        5fd3078a2e NetworkPkg: : Updating SecurityFixes.yaml
+        75deaf5c3c NetworkPkg: Dhcp6Dxe: Packet-Length is not updated before 
appending
+        af3fad99d6 NetworkPkg: Dhcp6Dxe: Removes duplicate check and replaces 
with macro
+        1c440a5ece NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Related 
Patch
+        a1c426e844 UnitTestFrameworkPkg: Add DSC and host tests that always 
fail
+        0a989069df UnitTestFrameworkPkg/SampleGoogleTest: Use 
EXPECT_ANY_THROW()
+        2d144d7e14 UnitTestFrameworkPkg/UnitTestDebugAssertLib: Add GoogleTest 
support
+        312ccaf81b UnitTestFrameworkPkg/UnitTestLib: 
GetActiveFrameworkHandle() no ASSERT()
+        81b69f306f UnitTestFrameworkPkg: Expand host-based exception handling 
and gcov
+        46c6de57b0 UnitTestFrameworkPkg: MSFT CC_FLAGS add /MT to for host 
builds
+        ded41a64bd MdePkg/Include: Rename _DEBUG() to address name collision
+        8801c75b4d OvmfPkg: Align XenRealTimeClockLib function headers with 
return values
+        dcdc6f8e3f ArmPlatformPkg: Align PL031 library function headers with 
return values
+        844ead5bce EmbeddedPkg: Align RealTimeClock function headers with 
return values
+        ef4d35d4ed MdeModulePkg: Align RuntimeDxe function headers with UEFI 
return values
+        e4ceae5c18 MdePkg: Add EFI_UNSUPPORTED return for some Runtime Service 
functions
+        dcf2e39dce EmbeddedPkg: compiler error due to arithmetic operation on 
void pointer
+        e32b58ab5a BaseTools: Remove Duplicate sets of SkuName and SkuId from 
allskuset
+        8f316e99ec BaseTools: Optimize GenerateByteArrayValue and 
CollectPlatformGuids APIs
+        4d1f0babe2 MdePkg: Add SynchronizationLib to MdeLibs.dsc.inc
+        1d0b95f645 NetworkPkg: : Adds a SecurityFix.yaml file
+        ff2986358f NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235 
Unit Tests
+        fac297724e NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235 
Patch
+        7f04c7a253 MdePkg: Test: Add gRT_GetTime Google Test Mock
+        458c582685 NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234 
Unit Tests
+        1b53515d53 NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234 
Patch
+        c9c87f08dd NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Unit Tests
+        4df0229ef9 NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Patch
+        6f77463d72 NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Unit Tests
+        bbfee34f41 NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Patch
+        07362769ab NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit 
Tests
+        1dbb10cc52 NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Patch
+        5f3658197b NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Unit 
Tests
+        8014ac2d7b NetworkPkg: : Add Unit tests to CI and create Host Test DSC
+        f31453e8d6 NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
+        959f71c801 MdeModulePkg: Optimize CoreConnectSingleController
+        9eddbab650 MdeModulePkg: Remove handle validation check in 
CoreGetProtocolInterface
+        62b43ec896 ArmVirtPkg: Move PlatformBootManagerLib to OvmfPkg
+        6bbce86d21 ArmVirtPkg: Move two PCD variables into OvmfPkg
+        0cca97e0a8 ArmVirtPkg: Move the FdtSerialPortAddressLib to OvmfPkg
+        5a3788bfca OvmfPkg/RiscVVirt: Remove PciCpuIo2Dxe from RiscVVirt
+        010f7298ce OvmfPkg/RiscVVirt: Enable CpuMmio2Dxe
+        147beaa5e7 ArmVirtPkg: Enable CpuMmio2Dxe
+        55a0cdb61c UefiCpuPkg: Add a new CPU IO 2 driver named CpuMmio2Dxe
+        54c2cdb241 ArmVirtPkg: Move PCD of FDT base address and FDT padding to 
OvmfPkg
+        3db49a6ca8 EmbeddedPkg: Add PcdPrePiCpuIoSize width for LOONGARCH64
+        f560c5d112 MdePkg: Add some comments for LoongArch exceptions
+        3f8fb8aeb9 MdePkg: Add a new library named 
PeiServicesTablePointerLibKs0
+        bc0b418cba MdePkg: Add IOCSR operation for LoongArch
+        0565a8e885 MdePkg: Add CSR operation for LoongArch
+        414ad233a5 MdePkg: Add read stable counter operation for LoongArch
+        344dc4b9d3 MdePkg: Add LoongArch Cpucfg function
+        2ff435b264 MdePkg: Add LoongArch64 local interrupt function set into 
BaseLib
+        57684402e4 MdePkg: Add LoongArch64 exception function set into BaseLib
+        e5b5073153 MdePkg: Add LoongArch64 FPU function set into BaseCpuLib
+        9e1576bc10 MdePkg: Add the header file named Csr.h for LoongArch64
+        ae59b8ba41 UefiCpuPkg/PiSmmCpuDxeSmm:Map SMRAM in 4K page granularity
+        397a084b9b UefiCpuPkg: Add more Paging mode enumeration
+        30a25f2778 UefiCpuPkg: Reduce and optimize access to attribute
+        056b4bf74b BaseTools/Scripts/PatchCheck.py: Check for Change-id
+        141dcaed6c UefiCpuPkg: Add cache operations support for Arch proto
+        cd6f215223 OvmfPkg/ResetVector: Fix SNP CPUID table processing results 
for ECX/EDX
+        a1b98c8f84 StandaloneMmPkg/Core: Output status in MMI handler assertion
+        927ea1364d ShellPkg: Update smbiosview for LoongArch
+        a3aab12c34 MdeModulePkg: Dxe: add LOONGARCH64 to mMachineTypeInfo
+        3656352675 UefiPayloadPkg/Crypto: Support external Crypto drivers.
+        97c3f5b8d2 OvmfPkg/IoMmuDxe: Provide an implementation for SetAttribute
+        0e9b124f9c UefiCpuPkg/BaseXApic[X2]ApicLib: Implements AMD extended 
cpu topology
+        d14526372d MdePkg: Adds AMD Extended CPU topology CPUID
+        40a45b5a2b Basetools: Include PCD declarations from Library Instance
+        af6e0e728f MdeModulePkg/Core/Dxe: Set MemoryTypeInfo bin range from HOB
+        c5e702e45a MdeModulePkg/Core/Dxe: Initialize GCD before RT memory 
allocations
+        909a9a5ae4 ArmPkg: Disable watchdog interaction after exiting boot 
services
+        9ac93da5b5 ArmPkg: Introduce global mTimerPeriod and remove calculation
+        beefa753f3 ArmPkg: Update GenericWatchdogDxe to allow setting full 
48-bit offset
+        98c7cb3be7 OvmfPkg/ResetVector: send post codes to qemu debug console
+        a6013625a3 PcAtChipsetPkg/HpetTimerDxe: Fix nested interrupt time 
accuracy
+        dc33394701 DynamicTablesPkg: Exempt some _CPC field from checks
+        dec9d35738 DynamicTablesPkg: Add PcdDevelopmentPlatformRelaxations Pcd
+        b2c4916344 DynamicTablesPkg: Add DynamicTablesScmiInfoLib
+        fc04cfd119 DynamicTablesPkg: Generate _PSD in SsdtCpuTopologyGenerator
+        3344495489 DynamicTablesPkg: Add AmlCreatePsdNode() to generate _PSD
+        0a9060b259 DynamicTablesPkg: Add PsdToken field to CM_ARM_GICC_INFO 
object
+        71ec5d3415 DynamicTablesPkg: Add CM_ARM_PSD_INFO object
+        e3992e40c7 DynamicTablesPkg: Rename AmlCpcInfo.h to AcpiObjects.h
+        ec15e345ae DynamicTablesPkg: Use new CPC revision macro
+        9f0ebabb57 ArmPkg/ArmScmiDxe: Add PERFORMANCE_DESCRIBE_FASTCHANNEL 
support
+        3630cdf6e7 ArmPkg/ArmScmiDxe: Rename PERFORMANCE_PROTOCOL_VERSION
+        4c43209a74 MdePkg/Library/BaseCpuLibNull: Add missing X86 specific 
services
+        7d7decfa3d UefiPayloadPkg/Crypto: Support external Crypto drivers.
+        9a75b030cf StandaloneMmPkg/Hob: Integer Overflow in CreateHob()
+        aeaee8944f EmbeddedPkg/Hob: Integer Overflow in CreateHob()
+        049695a0b1 MdeModulePkg/PciBusDxe: Add feedback status for PciIoMap
+        ff52277e37 MdeModulePkg/DriverSampleDxe: 
EFI_BROWSER_ACTION_REQUEST_QUESTION_APPLY
+        588cfc63d2 MdeModulePkg/SetupBrowserDxe: 
EFI_BROWSER_ACTION_REQUEST_QUESTION_APPLY
+        5694ff42d5 MdePkg: Add EFI_BROWSER_ACTION_REQUEST_QUESTION_APPLY
+        97e1ef8730 MdePkg: Add FdtLib gmock support
+        d24187a81f MdePkg/BaseFdtLib: Rename standard functions
+        1063665fa5 MdeModulePkg/ResetSystemRuntimeDxe: Print Reset Data
+        7f72c2829f MdePkg/Library/BaseCpuLibNull: Add 
StandardSignatureIsAuthenticAMD()
+        417ebe6d1d MdePkg/Include/Guid: Update the definition of FileName in 
EFI_FILE_INFO
+        2ddae5df31 StandaloneMmPkg/Core: Remove optimization for depex 
evaluation
+        d97f3a1d80 .pytool/Plugin: UncrustifyCheck: use stat instead of os.stat
+        313f9f0155 PrmPkg/PrmInfo: Drop -r parameter
+        0b09397dfa UefiPayloadPkg: CbParseLib: Fix integer overflow
+        0c6d29be8b CryptoPkg: Add dummy inttypes header to fix clang build
+        da228b29bd MdePkg/Library/BaseIoLibIntrinsic: Fix TD MMIO read type 
cast
+        5d016fe0a0 MdePkg/IndustryStandard: Add _PSD/_CPC/Coord types 
definitions
+        0223bdd4e4 FmpDevicePkg: Add DECLARE_LENGTH opcode of dependency 
expression
+        00bf6890a9 MdePkg: Add DECLARE_LENGTH opcode of dependency expression
+        9d3fe85fcc NetworkPkg/Ip4Dxe: Fix Reset To Default
+        264636d8e6 SecurityPkg: : Updating SecurityFixes.yaml after symbol 
rename
+        326db0c907 SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117/4118 
symbol rename
+        40adbb7f62 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 
4117/4118 symbol rename
+        b481b00f59 OvmfPkg/VirtNorFlashDxe: move DoErase code block into new 
function
+        735d0a5e2e OvmfPkg/VirtNorFlashDxe: ValidateFvHeader: unwritten state 
is EOL too
+        b25733c974 OvmfPkg/VirtNorFlashDxe: allow larger writes without block 
erase
+        28ffd72689 OvmfPkg/VirtNorFlashDxe: add a loop for NorFlashWriteBuffer 
calls.
+        35d8ea8097 OvmfPkg/VirtNorFlashDxe: clarify block write logic & fix 
shadowbuffer reads
+        0395045ae3 OvmfPkg/VirtNorFlashDxe: add casts to UINTN and UINT32
+        59f024c76e UefiPayloadPkg/Hob: Integer Overflow in CreateHob()
+        9971b99461 RedfishPkg/JsonLib: Add JSON delete object function
+        8f6d343ae6 SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml
+        0d341c01ee SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - 
CVE 2022-36764
+        c7b2794421 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - 
CVE 2022-36764
+        1ddcb9fc6b SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml
+        4776a1b39e SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117 - 
CVE 2022-36763
+        2244465432 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117 - 
CVE 2022-36763
+        a4b8944e27 MdePkg: Update the Label definitions of the EFI_NVDIMM_LABEL
+        682a5ed1a2 NetworkPkg: RFC1323 definition changed to RFC7323
+        638e4ca238 MdePkg: RFC1323 definition changed to RFC7323
+        7c2757c298 MdePkg: Update the comments of callback in 
EFI_FORM_BROWSER2_PROTOCOL
+        82e149f2bf OvmfPkg: CloudHv: Enable PcdUse1GPageTable
+        6d204e8fbc OvmfPkg: Update PlatformAddressWidthInitialization for 
CloudHv
+        bfad87ceec OvmfPkg: Add CloudHv support to PlatformScanE820 utility 
function.
+        195e59bd0c MdePkg: Update the comments of HiiConfigAccess ExtractConfig
+        d65b183f92 RedfishPkg/RedfishCrtLib: handle floating point number in 
JSON
+        6a01fb2ea5 OvmfPkg: RiscVVirt: Fix network drivers not be built
+        c15a899d83 NetworkPkg: Triger regularly scan only if not connect to AP
+        f5b91c60ef UefiCpuPkg: change name of gMpInformationHobGuid2
+        db59ff333d UefiCpuPkg:Limit PhysicalAddressBits in special case
+        cfe4846572 UefiCpuPkg/PiSmmCpuDxeSmm: Optimize PatchSmmSaveStateMap 
and FlushTlbForAll
+        2bce85bd86 pip-requirements.txt: Update to latest
+        58355ec192 .pytool/Readme.md: Update matrix for DynamicTablesPkg
+        0765ee6cd3 MdePkg/BaseLib: Fix boot DxeCore hang on riscv platform
+        ebf378a1ad OvmfPkg/RiscVVirt: Override Sstc extension
+        f91029947b UefiCpuPkg/CpuTimerDxeRiscV64: Add support for Sstc
+        8ae17a71af MdePkg/BaseLib: RISC-V: Add function to update stimecmp 
register
+        fd629ef6e3 MdePkg.dec: RISC-V: Define override bit for Sstc extension
+        889535caf8 MdePkg: Update GetHealthStatus function description
+        e7cfdc5f14 CryptoPkg: Fix redefinition error of int defines
+        6c488a2f39 BaseTools: Fix raw strings containing valid escape 
characters
+        7d055812cc IntelFsp2Pkg\Tools\ConfigEditor:Added new USF config 
workstream.
+        bc34a79cd2 RedfishPkg/RedfishDebugLib: add function to print buffer.
+        265b4ab91b RedfishPkg/RedfishRestExDxe: Update Supported function
+        b0e892d8a9 RedfishPkg/RedfishRestExDxe: Uncrustify 
RedfishRestExDriver.h
+        0a12d8bd55 RedfishPkg/RedfishRestExDxe: Implement 
EDKII_HTTP_CALLBACK_PROTOCOL
+        8466480965 NetworkPkg/HttpDxe: Add HttpEventTlsConfigured HTTP 
callback event
+        43ab6622a8 NetworkPkg/HttpDxe: Consider TLS certificate not found as a 
success case
+        0abd598e3f NetworkPkg/HttpDxe: Refactor TlsCreateChild
+        edba0779ba UefiPayloadPkg/UefiPayloadEntry: Remove SCI enabling check
+        4a443f73fd OvmfPkg/VirtNorFlashDxe: sanity-check variables
+        ae22b2f136 OvmfPkg/VirtNorFlashDxe: stop accepting gEfiVariableGuid
+        3b1ddbddee OvmfPkg/RiscVVirt: use gEfiAuthenticatedVariableGuid 
unconditionally
+        08a6528bac UefiCpuPkg: Check lower 24 bits of ProcessorNumber
+        2a5c08caaf UefiCpuPkg: set EXTENDED_PROCESSOR_INFORMATION to 0
+        f2b074398c MdePkg: Update the definition of 
EFI_NVDIMM_LABEL_FLAGS_LOCAL
+        e7152e6186 CryptoPkg: fix gcc build fail for CryptoPkgMbedtls
+        c3d865a4c2 UefiPayloadPkg: Add macro to enable selection of timer
+        ff1305c9fb MdePkg: Update the definition of CapsuleImageSize on 
EFI_CAPSULE_HEADER
+        9cf1d03ebe Add EFI_STATUS return to EMU_THUNK_PROTOCOL.SetTime()
+        5a2490df0e EmulatorPkg: Update MMTimerThread() signature
+        3114fd8ed7 EmulatorPkg: Improve comments in WinThunk.c
+        e8166a852e UefiCpuPkg/CpuMpPei: Parallel get stack base for better 
performance.
+        e449451770 CryptoPkg: move define to CrtLibSupport
+        16c8cfc810 DynamicTablesPkg: Fix IA32 compilation errors
+        ea658e35a9 DynamicTablesPkg: Fix X64 compilation errors
+        7a5823f85b EmbeddedPkg: Add DtPlatformLoaderLib gmock support
+        5804e94886 EmbeddedPkg: Add host based dependency to ci
+        0d39caefb9 EmbeddedPkg/PrePiMemoryAllocationLib: Add ReallocatePool
+        d7d4f09ff8 RedfishPkg: RedfishDiscoverDxe: add [] brackets to URI for 
IPv6 addresses
+        91f1ce4e27 RedfishDiscoverDxe: handle memory allocation error 
conditions.
+        139887a989 RedfishDiscoverDxe: release resources when refreshing 
information data
+        f8de39afab RedfishDiscoverDxe: add a helper function deallocating 
string resources.
+        d1c21f8d55 RedfishDiscoverDxe: refine InitInformationData() function
+        17870bf3f5 RedfishDiscoverDxe: refine InitInformationData(), remove 
unnecessary casts
+        2cd1b439d7 RedfishDiscoverDxe: introduce InitInformationData helper 
function
+        9e3de4eee0 EmulatorPkg: RedfishPlatformHostInterfaceLib: get rid of 
unused variable
+        5e2338d3df EmulatorPkg: fix typo. PcdRedfishServie -> PcdRedfishService
+        24de462a9d RedfishPkg: add proper initialization of IPMI request
+        8b59cb79fa RedfishPkg: add Component Name protocols to 
RedfishConfigHandler driver
+        a87e8505b1 RedfishPkg: RedfishDiscoverDxe: fix memory leak on error 
path.
+        d81813368a RedfishPkg: RedfishPlatformConfigDxe: reduce memory 
allocations
+        0f66c2e687 RedfishPkg: get rid of unused definitions from 
RedfishCrtLib.h
+        4fdd5165c1 RedfishPkg: fix RedfishPlatformCredentialLib library class 
name typo.
+        59b4b5017c RedfishPkg: fix RedfishPlatformHostInterfaceLib library 
class name typo.
+        58d9463939 UefiCpuPkg/PiSmmCpuDxeSmm: Reduce one round BSP & AP sync
+        41d1c4475b UefiCpuPkg/PiSmmCpuDxeSmm: Invert ReleaseAllAPs & 
InitializeDebugAgent
+        3a4ec6de01 UefiCpuPkg/PiSmmCpuDxeSmm: Align BSP and AP sync logic for 
SMI exit
+        e1b62f3e28 UefiCpuPkg/PiSmmCpuDxeSmm: Check SMM Debug Agent support or 
not
+        c7c2de798a MdeModulePkg/DebugAgentLibNull: Indicate SMM Debug Agent 
support or not
+        7b3b39a2e4 SourceLevelDebugPkg/Library: Indicate SMM Debug Agent 
support or not
+        54c662845f StandaloneMmPkg/Core: Remove dead code
+        1065536c64 MdeModulePkg: Support customized FV Migration Information
+        d01defe06b DynamicTablesPkg: AML Code generation to invoke a method
+        29ce755cba DynamicTablesPkg: Corrects function pointer typedef of 
AML_PARSE_FUNCTION
+        f8c918c46f DynamicTablesPkg: Corrects AmlCodeGenRdWordBusNumber 
parameters
+        ea65643547 DynamicTablesPkg: AML Code generation for word I/O ranges
+        5d533bbc27 BaseTools/GenFw: Correct offset when relocating an ADR
+        9f0061a03b BaseTools: Resolve regex syntax warnings
+        89705ad6c6 BaseTools: FMMT GuidTool Auto Select Config file Enabling
+        a83d953dc2 UefiCpuPkg/PiSmmCpuDxeSmm: Consume SmmCpuSyncLib
+        cc698d0335 UefiCpuPkg/PiSmmCpuDxeSmm: Simplify RunningApCount decrement
+        0a248f169d UefiPayloadPkg: Specifies SmmCpuSyncLib instance
+        32f84bd310 OvmfPkg: Specifies SmmCpuSyncLib instance
+        69eb9ad4a1 UefiCpuPkg: Implements SmmCpuSyncLib library instance
+        6f6a43cc8e MdePkg/MdeLibs.dsc.inc: Add SafeIntLib instance
+        ba822d2851 UefiCpuPkg: Adds SmmCpuSyncLib library class
+        e14a022246 UefiCpuPkg/PiSmmCpuDxeSmm: Optimize Semaphore Sync between 
BSP and AP
+        8c1e9f9c6f MdeModulePkg/UefiBootManagerLib: Signal ReadyToBoot on 
platform recovery
+        b1f33cbf81 OvmfPkg/RiscVVirt: Override for RISC-V CPU Features
+        904b002c50 MdePkg: Utilize Cache Management Operations Implementation 
For RISC-V
+        26727c2ae2 MdePkg: Implement RISC-V Cache Management Operations
+        30faafd024 MdePkg: Rename Cache Management Function To Clarify Fence 
Based Op
+        286b30f517 MdePkg: Move RISC-V Cache Management Declarations Into 
BaseLib
+        3c66390e4a StandaloneMmPkg/Core: Fix the failure to find uncompressed 
inner FV
+        4a9fcab124 StandaloneMmPkg/Core: Fix issue that offset calculation 
might be wrong
+        0904161f6f StandaloneMmPkg/Core: Fix potential memory leak issue
+        c012284048 StandaloneMmPkg/Core: Limit FwVol encapsulation section 
recursion
+        74daeded0c ShellPkg: Tidy for code readability
+        3ce5f2d445 FatPkg/FatPei: Check array offset before use
+        7f5e75895b ArmPkg/DebugPeCoffExtraActionLib: Drop RVCT and Cygwin 
support
+        59a952d9ab CloudHv: Add CI for CloudHv on AArch64
+        b8a3eec88c RedfishPkg/RedfishDicovery: Remedy Redfish service 
discovery flow
+        cee7ba349c ArmVirtQemu: Allow EFI memory attributes protocol to be 
disabled
+        725acd0b9c UefiCpuPkg: Avoid assuming only one smmbasehob
+        e51965ddd1 UefiCpuPkg: Cache core type in MpInfo2 HOB
+        fc4f6627f8 UefiCpuPkg: Add a new field in MpInfo2 HOB
+        be44fff723 UefiCpuPkg: Consume MpInfo2Hob in PiSmmCpuDxe
+        e10f1f5a04 UefiCpuPkg: Build MpInfo2HOB in CpuMpPei
+        c02eed8e5a UefiCpuPkg: Create gMpInformationHobGuid2 in UefiCpuPkg
+        1d50544aa2 MdePkg:simplify Fifo API in BaseIoLibIntrinsic
+        3c73532a8a MdePkg: Change IoLibFifo.c to IoLibFifoCc.c
+        aa2f32cefa ArmVirtPkg: Sync debug level comments in ArmVirt.dsc.inc
+        9e9c35970a MdePkg: Update MdePkg.uni with manageability debug level
+        20ca600d67 MdePkg: Add manageability debug level to 
PcdFixedDebugPrintErrorLevel
+        03be51e106 MdePkg: Improve wording of manageability debug level comment
+        5b5481526f BaseTools: fixing FMMT ShrinkFv issue
+        59f0d350a9 BaseTools: FMMT support ELF UPLD parser
+        9627447625 BaseTools: FMMT replace output file is not generated 
successfully
+        b5f5106c1e BaseTools: FMMT replace new free space fixing in replace
+        bb13a4adab StandaloneMmPkg/StandaloneMmHobLib: Remove HOB creation
+        85a5141a32 MdePkg: Add UEFI v2.10 ISA memory type definition
+        3c40ee8c68 MdePkg: Define the DevicePath argument from LoadImage as 
optional
+        2cd9d5f6fa Maintainers.txt: add Aaron Young as MptScsi and PvScsi 
reviewer
+        ff22700fc0 Maintainers.txt: add Laszlo Ersek as a UefiCpuPkg maintainer
+        408ca20a95 Maintainers.txt: add Laszlo Ersek as an OvmfPkg maintainer
+        b59574a066 Maintainers.txt: add Laszlo Ersek as an ArmVirtPkg 
maintainer
+        e8c23d1e27 OvmfPkg/MemEncryptSevLib: Fix address overflow during 
PVALIDATE
+        7eb5040607 UefiCpuPkg/PiSmmCpuDxeSmm: Get processor extended 
information
+        ad0b1cc144 UefiCpuPkg/BaseXApicLib: Fix CPUID_V2_EXTENDED_TOPOLOGY 
detection
+        fe2abc9b74 ShellPkg: Fix typos
+        eccdab611c OvmfPkg: remove CSM_ENABLE build macro
+        605248f0fd OvmfPkg: remove Pcd8259LegacyModeEdgeLevel and 
Pcd8259LegacyModeMask
+        cf9030f69f OvmfPkg: remove gEfiLegacy8259ProtocolGuid
+        67864ffd52 OvmfPkg: remove 8259InterruptControllerDxe
+        fb5c153abd OvmfPkg: exclude 8259InterruptControllerDxe
+        05cffb6637 OvmfPkg: remove 8254TimerDxe
+        89bd992b1f OvmfPkg: exclude 8254TimerDxe
+        0e0a0a5ee8 OvmfPkg: remove Csm16
+        528ae029ad OvmfPkg: remove Rule.Common.USER_DEFINED.CSM from all FDF 
files
+        e8f860d924 OvmfPkg: exclude Csm16.inf / Csm16.bin
+        769c46a9a2 OvmfPkg: remove <FrameworkDxe.h>
+        f14317e9ba OvmfPkg: remove gEfiLegacyInterruptProtocolGuid
+        504a0fed85 OvmfPkg: remove gEfiLegacyBiosProtocolGuid
+        dd63cb95af OvmfPkg: remove gEfiLegacyBiosPlatformProtocolGuid
+        f19b3d0cdc OvmfPkg: remove gEfiFirmwareVolumeProtocolGuid
+        bc495d89d4 OvmfPkg: remove CsmSupportLib
+        86cc0f15d9 OvmfPkg: unplug CsmSupportLib from BdsDxe
+        8bd14e685e OvmfPkg: remove LegacyBiosDxe PCDs
+        9d4becddba OvmfPkg: remove gEfiLegacyBiosGuid
+        5161ba8ea0 OvmfPkg: remove gEfiIsaAcpiProtocolGuid
+        0730f564ad OvmfPkg: remove gEfiIsaIoProtocolGuid
++++ 116 more lines (skipped)
++++ between /work/SRC/openSUSE:Factory/ovmf/ovmf.changes
++++ and /work/SRC/openSUSE:Factory/.ovmf.new.17339/ovmf.changes

Old:
----
  edk2-edk2-stable202311.tar.gz
  gen-key-enrollment-iso.sh
  openSUSE-UEFI-SIGN-Certificate-2048.crt
  ovmf-SecurityPkg-Adding-CVE-2022-36763-to-SecurityFixes.y.patch
  ovmf-SecurityPkg-Adding-CVE-2022-36764-to-SecurityFixes.y.patch
  
ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4117-4118-symbol-rename.patch
  ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4117.patch
  ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4118.patch
  
ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117-4118-symbol-rename.patch
  ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117.patch
  ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4118.patch
  ovmf-SecurityPkg-Updating-SecurityFixes.yaml-after-symbol.patch
  ovmf-build-funcs.sh
  ovmf-set-fixed-enroll-time.patch

New:
----
  edk2-edk2-stable202402.tar.gz

BETA DEBUG BEGIN:
  Old:            4776a1b39ee0 SecurityPkg: DxeTpmMeasureBootLib: SECURITY 
PATCH 4117 - CVE 2022-36763
        - ovmf-SecurityPkg-Adding-CVE-2022-36763-to-SecurityFixes.y.patch
            224446543206 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 
4117 - CVE 2022-36763
  Old:            0d341c01eeab SecurityPkg: DxeTpmMeasureBootLib: SECURITY 
PATCH 4118 - CVE 2022-36764
        - ovmf-SecurityPkg-Adding-CVE-2022-36764-to-SecurityFixes.y.patch
            c7b279442181 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 
4118 - CVE 2022-36764
  Old:            c7b279442181 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY 
PATCH 4118 - CVE 2022-36764
        - 
ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4117-4118-symbol-rename.patch
            264636d8e698 SecurityPkg: : Updating SecurityFixes.yaml after 
symbol rename
  Old:    - Removed patches which are merged to edk2-stable202402:
        - ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4117.patch
            1ddcb9fc6b41 SecurityPkg: : Adding CVE 2022-36763 to 
SecurityFixes.yaml
  Old:            224446543206 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY 
PATCH 4117 - CVE 2022-36763
        - ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4118.patch
            8f6d343ae639 SecurityPkg: : Adding CVE 2022-36764 to 
SecurityFixes.yaml
  Old:            264636d8e698 SecurityPkg: : Updating SecurityFixes.yaml after 
symbol rename
        - 
ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117-4118-symbol-rename.patch
            326db0c90720 SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 
4117/4118 symbol rename
  Old:            1ddcb9fc6b41 SecurityPkg: : Adding CVE 2022-36763 to 
SecurityFixes.yaml
        - ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117.patch
            4776a1b39ee0 SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117 
- CVE 2022-36763
  Old:            8f6d343ae639 SecurityPkg: : Adding CVE 2022-36764 to 
SecurityFixes.yaml
        - ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4118.patch
            0d341c01eeab SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 
- CVE 2022-36764
  Old:            326db0c90720 SecurityPkg: DxeTpmMeasureBootLib: SECURITY 
PATCH 4117/4118 symbol rename
        - ovmf-SecurityPkg-Updating-SecurityFixes.yaml-after-symbol.patch
            40adbb7f628d SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 
4117/4118 symbol rename
  Old:    + gen-key-enrollment-iso.sh
    + ovmf-set-fixed-enroll-time.patch
    + ovmf-build-funcs.sh
BETA DEBUG END:

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ ovmf.spec ++++++
--- /var/tmp/diff_new_pack.93KhpU/_old  2024-07-17 15:14:11.603974787 +0200
+++ /var/tmp/diff_new_pack.93KhpU/_new  2024-07-17 15:14:11.603974787 +0200
@@ -27,7 +27,7 @@
 %endif
 
 Name:           ovmf
-Version:        202311
+Version:        202402
 Release:        0
 Summary:        Open Virtual Machine Firmware
 License:        BSD-2-Clause-Patent
@@ -41,7 +41,6 @@
 Source2:        README
 Source3:        SLES-UEFI-CA-Certificate-2048.crt
 Source4:        openSUSE-UEFI-CA-Certificate-2048.crt
-Source5:        openSUSE-UEFI-SIGN-Certificate-2048.crt
 # berkeley-softfloat-3: https://github.com/ucb-bar/berkeley-softfloat-3
 Source6:        berkeley-softfloat-3-%{softfloat_version}.tar.xz
 Source7:        descriptors.tar.xz
@@ -53,12 +52,9 @@
 Source10:       mbedtls-3.3.0.tar.gz
 Source100:      %{name}-rpmlintrc
 Source101:      gdb_uefi.py.in
-Source102:      gen-key-enrollment-iso.sh
-Source103:      ovmf-build-funcs.sh
 Patch1:         %{name}-gdb-symbols.patch
 Patch2:         %{name}-pie.patch
 Patch3:         %{name}-disable-ia32-firmware-piepic.patch
-Patch4:         %{name}-set-fixed-enroll-time.patch
 Patch5:         %{name}-disable-brotli.patch
 Patch6:         %{name}-ignore-spurious-GCC-12-warning.patch
 # Bug 1205978 - Got Page-Fault exception when VM is booting with 
edk2-stable202211 ovmf
@@ -73,17 +69,6 @@
 Patch11:        
%{name}-OvmfPkg-SmbiosPlatformDxe-tweak-fallback-release-dat.patch
 # Bug 1217704 - ovmf: reproducible builds problem in ovmf-riscv64-code.bin
 Patch12:        
%{name}-EmbeddedPkg-Library-Support-SOURCE_DATE_EPOCH-in-Vir.patch
-# Bug 1218678 (CVE-2022-36763) - VUL-0: CVE-2022-36763: EDK2 is susceptible to 
a vulnerability in the Tcg2MeasureGptTable() function...
-Patch13:        
%{name}-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4117.patch
-Patch14:        
%{name}-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117.patch
-Patch15:        
%{name}-SecurityPkg-Adding-CVE-2022-36763-to-SecurityFixes.y.patch
-# Bug 1218679 (CVE-2022-36764) - VUL-0: CVE-2022-36764: EDK2 is susceptible to 
a vulnerability in the Tcg2MeasurePeImage() function...
-Patch16:        
%{name}-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4118.patch
-Patch17:        
%{name}-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4118.patch
-Patch18:        
%{name}-SecurityPkg-Adding-CVE-2022-36764-to-SecurityFixes.y.patch
-Patch19:        
%{name}-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4117-4118-symbol-rename.patch
-Patch20:        
%{name}-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117-4118-symbol-rename.patch
-Patch21:        
%{name}-SecurityPkg-Updating-SecurityFixes.yaml-after-symbol.patch
 BuildRequires:  bc
 BuildRequires:  cross-arm-binutils
 BuildRequires:  cross-arm-gcc%{gcc_version}
@@ -98,10 +83,8 @@
 BuildRequires:  nasm
 BuildRequires:  openssl
 BuildRequires:  python3
-BuildRequires:  qemu-arm >= 3.0.0
-BuildRequires:  qemu-ipxe
-BuildRequires:  qemu-x86 >= 3.0.0
 BuildRequires:  unzip
+BuildRequires:  virt-firmware
 %ifnarch aarch64
 BuildRequires:  cross-aarch64-binutils
 BuildRequires:  cross-aarch64-gcc%{gcc_version}
@@ -117,7 +100,7 @@
 %endif
 %endif
 # Only build on the architectures with
-#  1. cross-compilers, 2. iasl, 3. qemu-arm and qemu-x86
+#  1. cross-compilers, 2. iasl
 ExclusiveArch:  x86_64 aarch64 riscv64
 
 %description
@@ -240,8 +223,6 @@
 tar -xf %{SOURCE10} --strip 1
 popd
 
-chmod +x %{SOURCE102}
-
 %build
 
 # Enable python3 build
@@ -329,7 +310,6 @@
 %endif
 
 # Import the build functions
-source %{SOURCE103}
 source ./edksetup.sh
 
 ### Build x86 UEFI Images ###
@@ -398,14 +378,6 @@
 %endif
 done
 
-# build Shell.efi for X64
-build -a X64 -t $TOOL_CHAIN -p ShellPkg/ShellPkg.dsc
-
-# Copy Shell.efi and EnrollDefaultKeys.efi
-mkdir X64
-cp Build/Shell/DEBUG_*/X64/ShellPkg/Application/Shell/Shell/DEBUG/Shell.efi X64
-cp Build/OvmfX64/DEBUG_*/X64/EnrollDefaultKeys.efi X64
-
 %ifarch x86_64
 # Collect the source
 mkdir -p source/ovmf-x86_64
@@ -448,11 +420,6 @@
 cp Build/ArmVirtQemu-AARCH64/DEBUG_GCC*/FV/QEMU_VARS.fd aavmf-aarch64-vars.bin
 truncate -s 64M aavmf-aarch64-vars.bin
 
-# Copy Shell.efi and EnrollDefaultKeys.efi
-mkdir AARCH64
-cp Build/ArmVirtQemu-AARCH64/DEBUG_*/AARCH64/Shell.efi AARCH64
-cp Build/ArmVirtQemu-AARCH64/DEBUG_*/AARCH64/EnrollDefaultKeys.efi AARCH64
-
 # Remove the temporary build files to reduce the disk usage (bsc#1178244)
 rm -rf Build/ArmVirtQemu-AARCH64/
 
@@ -521,24 +488,6 @@
 {
        local ARCH=$1
 
-       # Assign the key iso file
-       local MS_ISO_FILE=ms-keys-${ARCH}.iso
-       local NOMS_ISO_FILE=no-ms-keys-${ARCH}.iso
-       declare -A KEY_ISO_FILES
-       KEY_ISO_FILES=(
-               [ms]=$MS_ISO_FILE
-               [suse]=$NOMS_ISO_FILE
-               [opensuse]=$NOMS_ISO_FILE
-               [devel]=$NOMS_ISO_FILE
-       )
-
-       # Create the iso images
-       local GEN_ISO=%{SOURCE102}
-       local SHELL=${ARCH}/Shell.efi
-       local ENROLLER=${ARCH}/EnrollDefaultKeys.efi
-       $GEN_ISO $ARCH $SHELL $ENROLLER default    $MS_ISO_FILE
-       $GEN_ISO $ARCH $SHELL $ENROLLER no-default $NOMS_ISO_FILE
-
        # We only build the variable templates for X64 and AARCH64
        if [ "$ARCH" == "X64" ]; then
                FLAVORS=${FLAVORS_X64[@]}
@@ -549,9 +498,15 @@
        # Generate the varstore templates
        for flavor in ${FLAVORS[@]}; do
                for key in ${KEY_SOURCES[@]}; do
-                       build_template "$ARCH" "$flavor" "$key" \
-                               "${PKKEK[$key]}" "${KEY_ISO_FILES[$key]}" \
-                               "separate"
+                       ln "${flavor}-code.bin" "${flavor}-${key}-code.bin"
+
+                       if [ "$key" == "ms" ]; then
+                               virt-fw-vars --secure-boot --enroll-cert 
"${PKKEK[$key]}" -i "${flavor}-vars.bin" -o "${flavor}-${key}-vars.bin"
+                       else
+                               # GUID of EnrollDefaultKeys.efi, already used 
by virt-fw-vars for PK and KEK
+                               virt-fw-vars --secure-boot --enroll-cert 
"${PKKEK[$key]}" -i "${flavor}-vars.bin" -o "${flavor}-${key}-vars.bin" \
+                                            --no-microsoft --microsoft-kek 
none --add-db a0baa8a3-041d-48a8-bc87-c36d121b5e3d "${PKKEK[$key]}"
+                       fi
                done
        done
 
@@ -560,9 +515,7 @@
                # backward compatibility. (bsc#1159793)
                for flavor in ${FLAVORS[@]}; do
                        for key in ${KEY_SOURCES[@]}; do
-                               build_template "$ARCH" "$flavor" "$key" \
-                                       "${PKKEK[$key]}" 
"${KEY_ISO_FILES[$key]}" \
-                                       "unified"
+                               cat "${flavor}-${key}-vars.bin" 
"${flavor}-code.bin" > "${flavor}-${key}.bin"
                        done
                done
        fi
@@ -599,6 +552,7 @@
 install -m 0644 -D aavmf-*.bin -t %{buildroot}/%{_datadir}/qemu/
 install -m 0644 -D descriptors/*.json \
        -t %{buildroot}/%{_datadir}/qemu/firmware
+
 %fdupes %{buildroot}/%{_datadir}/qemu/
 
 %ifarch x86_64
@@ -613,31 +567,12 @@
 %fdupes -s %{buildroot}%{_prefix}/src/debug/ovmf-x86_64
 %endif
 
-# Install Secure Boot key enroller
-mkdir -p %{buildroot}/%{_datadir}/ovmf/
-install -m 0755 %{SOURCE102} %{buildroot}/%{_datadir}/ovmf/
-%ifarch x86_64
-install -m 0644 X64/*.efi %{buildroot}/%{_datadir}/ovmf/
-%endif
-%ifarch aarch64
-install -m 0644 AARCH64/*.efi %{buildroot}/%{_datadir}/ovmf/
-%endif
-%ifarch riscv64
-# Nothing there yet
-#install -m 0644 RISCV64/*.efi %{buildroot}/%{_datadir}/ovmf/
-%endif
-
 %if %{without build_riscv64}
 rm %{buildroot}%{_datadir}/qemu/firmware/*-riscv64*.json
 %endif
 
 %files
 %doc README
-%dir %{_datadir}/ovmf/
-%ifnarch riscv64
-%{_datadir}/ovmf/*.efi
-%endif
-%{_datadir}/ovmf/*.sh
 
 %files tools
 %doc BaseTools/UserManuals/EfiRom_Utility_Man_Page.rtf


++++++ edk2-edk2-stable202311.tar.gz -> edk2-edk2-stable202402.tar.gz ++++++
/work/SRC/openSUSE:Factory/ovmf/edk2-edk2-stable202311.tar.gz 
/work/SRC/openSUSE:Factory/.ovmf.new.17339/edk2-edk2-stable202402.tar.gz 
differ: char 13, line 1

Reply via email to