commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2020-11-10 13:38:34 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.11331 (New) Package is "ovmf" Tue Nov 10 13:38:34 2020 rev:53 rq:846146 version:202008 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2020-11-02 14:04:06.792668677 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.11331/ovmf.changes 2020-11-10 13:39:18.672490454 +0100 @@ -1,0 +2,7 @@ +Thu Nov 5 07:56:36 UTC 2020 - Gary Ching-Pang Lin + +- Update the json descriptors to address all x86_64 firmware files + (jsc#SLE-15915) +- Remove the executable bit from brotli source code files + +--- Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.S87VUk/_old 2020-11-10 13:39:19.46440 +0100 +++ /var/tmp/diff_new_pack.S87VUk/_new 2020-11-10 13:39:19.468488872 +0100 @@ -186,9 +186,13 @@ # add brotli pushd BaseTools/Source/C/BrotliCompress/brotli tar -xf %{SOURCE8} --strip 1 +# remove the executable bit from files +find . -type f -exec chmod 0644 {} \; popd pushd MdeModulePkg/Library/BrotliCustomDecompressLib/brotli tar -xf %{SOURCE8} --strip 1 +# remove the executable bit from files +find . -type f -exec chmod 0644 {} \; popd # add oniguruma ++ descriptors.tar.xz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/descriptors/60-ovmf-x86_64-2m-ms.json new/descriptors/60-ovmf-x86_64-2m-ms.json --- old/descriptors/60-ovmf-x86_64-2m-ms.json 1970-01-01 01:00:00.0 +0100 +++ new/descriptors/60-ovmf-x86_64-2m-ms.json 2020-11-05 07:27:37.143871500 +0100 @@ -0,0 +1,34 @@ +{ +"description": "UEFI firmware for x86_64, with Secure Boot, and MS certs enrolled (legacy 2MB flash size)", +"interface-types": [ +"uefi" +], +"mapping": { +"device": "flash", +"executable": { +"filename": "@DATADIR@/ovmf-x86_64-ms-code.bin", +"format": "raw" +}, +"nvram-template": { +"filename": "@DATADIR@/ovmf-x86_64-ms-vars.bin", +"format": "raw" +} +}, +"targets": [ +{ +"architecture": "x86_64", +"machines": [ +"pc-i440fx-*", +"pc-q35-*" +] +} +], +"features": [ +"acpi-s3", +"amd-sev", +"verbose-dynamic" +], +"tags": [ + +] +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/descriptors/60-ovmf-x86_64-2m-opensuse.json new/descriptors/60-ovmf-x86_64-2m-opensuse.json --- old/descriptors/60-ovmf-x86_64-2m-opensuse.json 1970-01-01 01:00:00.0 +0100 +++ new/descriptors/60-ovmf-x86_64-2m-opensuse.json 2020-11-05 07:27:46.151927408 +0100 @@ -0,0 +1,34 @@ +{ +"description": "UEFI firmware for x86_64, with Secure Boot, and openSUSE certs enrolled (legacy 2MB flash size)", +"interface-types": [ +"uefi" +], +"mapping": { +"device": "flash", +"executable": { +"filename": "@DATADIR@/ovmf-x86_64-opensuse-code.bin", +"format": "raw" +}, +"nvram-template": { +"filename": "@DATADIR@/ovmf-x86_64-opensuse-vars.bin", +"format": "raw" +} +}, +"targets": [ +{ +"architecture": "x86_64", +"machines": [ +"pc-i440fx-*", +"pc-q35-*" +] +} +], +"features": [ +"acpi-s3", +"amd-sev", +"verbose-dynamic" +], +"tags": [ + +] +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/descriptors/60-ovmf-x86_64-2m-suse.json new/descriptors/60-ovmf-x86_64-2m-suse.json --- old/descriptors/60-ovmf-x86_64-2m-suse.json 1970-01-01 01:00:00.0 +0100 +++ new/descriptors/60-ovmf-x86_64-2m-suse.json 2020-11-05 07:28:17.640122837 +0100 @@ -0,0 +1,34 @@ +{ +"description": "UEFI firmware for x86_64, with Secure Boot, and SUSE certs enrolled (legacy 2MB flash size)", +"interface-types": [ +"uefi" +], +"mapping": { +"device": "flash", +"executable": { +"filename": "@DATADIR@/ovmf-x86_64-suse-code.bin", +"format": "raw" +}, +"nvram-template": { +"filename": "@DATADIR@/ovmf-x86_64-suse-vars.bin", +"format": "raw" +} +}, +"targets": [ +{ +"architecture": "x86_64", +"machines": [ +
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2020-11-02 14:03:53 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.3463 (New) Package is "ovmf" Mon Nov 2 14:03:53 2020 rev:52 rq:844952 version:202008 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2020-09-09 17:49:39.154558706 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new.3463/ovmf.changes 2020-11-02 14:04:06.792668677 +0100 @@ -1,0 +2,7 @@ +Fri Oct 30 02:15:13 UTC 2020 - Gary Ching-Pang Lin + +- Add _constraints to request at least 6GB disk (bsc#1178244) +- Remove the build files after finishing the build to reduce the + disk usage (bsc#1178244) + +--- New: _constraints Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.V0sQ3q/_old 2020-11-02 14:04:07.920669534 +0100 +++ /var/tmp/diff_new_pack.V0sQ3q/_new 2020-11-02 14:04:07.924669536 +0100 @@ -283,6 +283,9 @@ cp Build/OvmfIa32/DEBUG_*/FV/OVMF_CODE.fd ovmf-ia32-code.bin cp Build/OvmfIa32/DEBUG_*/FV/OVMF_VARS.fd ovmf-ia32-vars.bin +# Remove the temporary build files to reduce the disk usage (bsc#1178244) +rm -rf Build/OvmfIa32/ + ### Build x86_64 UEFI Images ### %ifarch x86_64 collect_x86_64_debug_files() @@ -342,6 +345,9 @@ find source/ovmf-x86_64 -name *.c -type f -exec chmod 0644 {} \; %endif +# Remove the temporary build files to reduce the disk usage (bsc#1178244) +rm -rf Build/OvmfX64/ + # Build with keys done later (shared between archs) ### Build AARCH64 UEFI Images ### @@ -362,6 +368,9 @@ cp Build/ArmVirtQemu-AARCH64/DEBUG_*/AARCH64/Shell.efi AARCH64 cp Build/ArmVirtQemu-AARCH64/DEBUG_*/AARCH64/EnrollDefaultKeys.efi AARCH64 +# Remove the temporary build files to reduce the disk usage (bsc#1178244) +rm -rf Build/ArmVirtQemu-AARCH64/ + # Build with keys done later (shared between archs) ### Build AARCH32 UEFI Images ### @@ -377,6 +386,9 @@ dd of="aavmf-aarch32-code.bin" if="qemu-uefi-aarch32.bin" conv=notrunc dd of="aavmf-aarch32-vars.bin" if="/dev/zero" bs=1M count=64 +# Remove the temporary build files to reduce the disk usage (bsc#1178244) +rm -rf Build/ArmVirtQemu-ARM/ + ### Build the variable store templates ### # Default key sources: ms suse opensuse ++ _constraints ++ 6
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2020-09-09 17:48:21 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.3399 (New) Package is "ovmf" Wed Sep 9 17:48:21 2020 rev:51 rq:832683 version:202008 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2020-07-26 16:16:40.496660258 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new.3399/ovmf.changes 2020-09-09 17:49:39.154558706 +0200 @@ -1,0 +2,81 @@ +Mon Sep 7 03:55:46 UTC 2020 - Gary Ching-Pang Lin + +- Update to edk2-stable202008 + + MdeModulePkg/Library: add PEIM and SEC module type to +TpmMeasurementLibNull + + SecurityPkg/DxeImageVerificationLib: catch alignment overflow +(CVE-2019-14562) (bsc#1175476) + + OvmfPkg/CpuHotplugSmm: fix CPU hotplug race before and after +SMI broadcast + + SecurityPkg/Tcg2: handle PRE HASH and LOG ONLY + + MdePkg/Include: Add missing definition of SMBIOS type 42h in +SmBios.h + + MdePkg: UefiFileHandleLib: fix buffer overrun in +FileHandleReadLine() + + OvmfPkg: Add SEV-ES support + + MdeModulePkg/PartitionDxe: Fix the incorrect LBA size in child +hander + + MdeModulePkg/PartitionDxe: Revert changes for the special MBR + + MdeModulePkg/PartitionDxe: Put the UDF check ahead of MBR + + ShellPkg: smbiosview - Change some type 17 field values format + + CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1g + + MdeModulePkg: Upon BootOption failure, Destroy RamDisk memory +before RSC. + + OvmfPkg/LsiScsiDxe: Add support for LSI 53C895A + + MdeModulePkg/DisplayEngine: Add Debug message to show mismatch +menu info + + Add New Memory Attributes + + MdeModulePkg/PartitionDxe: Add already start check for child +hanldes + + MdeModulePkg/PartitionDxe: Skip the MBR that add for CD-ROM + + MdeModulePkg/PartitionDxe: Correct the MBR last block value + + MdeModulePkg/Variable/RuntimeDxe: Fix return status from +Reclaim() + + SecurityPkg/Tcg2Pei: Add missing PCRIndex in FvBlob event. + + SecurityPkg/Tcg2Dxe: Add PcdTcgPfpMeasurementRevision in +SpecId event. + + CryptoPkg/BaseCryptLib: Add MARCO to disable the deprecated +SHA1 and MD5 + + ArmVirtPkg/NorFlashQemuLib: disable NOR flash DT nodes upon +discovery + + UefiCpuPkg/SecCore: Add pre-memory AP vector + + OvmfPkg: End timer interrupt later to avoid stack overflow +under load + + ArmPkg/PlatformBootManagerLib: regenerate boot options on +boot failure + + MdeModulePkg/StatusCodeHandler: do not output \n\r for string +data + + Revert "OvmfPkg: use generic QEMU image loader for secure boot +enabled ..." + + ArmVirtPkg/PrePi: use standard PeCoff routines for +self-relocation + + ArmVirtPkg: add FDF rule for self-relocating PrePi + + ArmPkg/ArmExceptionLib: use static buffer for sp_el0 + + MdeModulePkg/SetupBrowserDxe: Do not reconnect driver with +form-update + + OvmfPkg/X86QemuLoadImageLib: handle EFI_ACCESS_DENIED from +LoadImage() + + OvmfPkg/Tcg2ConfigPei: generalize TPM2-only file-top comments + + ArmPkg: only attempt buildin MmCommunicationDxe for AArch64 + + ArmPkg/PlatformBootManagerLib: don't connect all devices on +each boot + + ArmPkg/PlatformBootManagerLib: hide UEFI Shell as a regular +boot option + + MdeModulePkg/BootManagerUiLib: show inactive boot options + + ArmPkg/PlatformBootManagerLib: fall back to the UiApp on +boot failure + + ArmPkg/PlatformBootManagerLib: register 's' as UEFI Shell +hotkey + + ArmPkg/PlatformBootManagerLib: connect non-discoverable USB +hosts + + ArmPkg/ArmSvcLib: prevent speculative execution beyond svc + + ArmPkg/PlatformBootManagerLib: reject 'default' parity and +stop bit count + + ArmPkg/PlatformBootManagerLib: use static assertion for +console type +- Update openssl to 1.1.1g +- Drop openssl-fix-syntax-error.patch + + The new openssl already includes the fix. +- Refresh ovmf-pie.patch and ovmf-disable-ia32-firmware-piepic.patch + +--- Old: edk2-stable202005.tar.gz openssl-1.1.1d.tar.gz openssl-1.1.1d.tar.gz.asc openssl-fix-syntax-error.patch New: edk2-stable202008.tar.gz openssl-1.1.1g.tar.gz openssl-1.1.1g.tar.gz.asc Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.CRcuNM/_old 2020-09-09 17:49:42.034561046 +0200 +++ /var/tmp/diff_new_pack.CRcuNM/_new 2020-09-09 17:49:42.038561050 +0200 @@ -18,7 +18,7 @@ %undefine _build_create_debug -%global openssl_version 1.1.1d +%global openssl_version 1.1.1g %global softfloat_version b64af41c3276f Name: ovmf @@ -26,7 +26,7 @@ Summary:Open Virtual Machine
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2020-07-26 16:15:15 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.3592 (New) Package is "ovmf" Sun Jul 26 16:15:15 2020 rev:50 rq:822306 version:202005 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2020-06-10 00:35:36.460946222 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new.3592/ovmf.changes 2020-07-26 16:16:40.496660258 +0200 @@ -1,0 +2,6 @@ +Wed Jul 22 16:01:04 UTC 2020 - Kai Liu + +- Fixed TPM support. TPM2_ENABLE & TPM2_CONFIG_ENABLE build flags + were changed to TPM_* since upstream commit 07952a962a40. + +--- Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.SdeYK7/_old 2020-07-26 16:16:42.048661564 +0200 +++ /var/tmp/diff_new_pack.SdeYK7/_new 2020-07-26 16:16:42.052661567 +0200 @@ -208,8 +208,8 @@ OVMF_FLAGS=" \ -D SECURE_BOOT_ENABLE \ - -D TPM2_ENABLE \ - -D TPM2_CONFIG_ENABLE \ + -D TPM_ENABLE \ + -D TPM_CONFIG_ENABLE \ -D NETWORK_IP6_ENABLE \ -D NETWORK_HTTP_BOOT_ENABLE \ "
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2020-06-10 00:35:14 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.3606 (New) Package is "ovmf" Wed Jun 10 00:35:14 2020 rev:49 rq:812838 version:202005 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2020-05-29 21:35:34.922329278 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new.3606/ovmf.changes 2020-06-10 00:35:36.460946222 +0200 @@ -1,0 +2,52 @@ +Tue Jun 9 08:06:06 UTC 2020 - Gary Ching-Pang Lin + +- Use the reduced source tarballs since ovmf only needs a portion + of the code. + + brotli-v1.0.7-17-g666c328.tar.xz -> +brotli-v1.0.7-17-g666c328-c.tar.xz +- We only need the "c" directory, not the whole tarball. + + oniguruma-v6.9.4_mark1.tar.xz -> +oniguruma-v6.9.4_mark1-src.tar.xz +- We only need the "src" directory, not the whole tarball. + +--- +Fri Jun 5 06:33:21 UTC 2020 - Gary Ching-Pang Lin + +- Update to edk2-stable202005 + + RegularExpressionDxe: Use submodule way to access third party +Oniguruma + + BrotliCustomDecompressLib: Use submodule way to access third +party brotli + + BaseTools: Use submodule way to access third party brotli + + RISC-V architecture on EDK2 + + Disabling safe string constraint assertions + + ArmVirtPkg Implement support for TPM2 measured boot + + OVMF Implement support for Linux v5.7+ initrd and mixed mode +loading + + OVMF Use loadimage/startimage for loading the kernel passed +via the QEMU command line + + OVMF Support booting from Fusion-MPT SCSI controllers + + OVMF Support booting from VMware PVSCSI controllers + + OVMF RFE: VCPU hotplug with SMM + + OVMF PEI phase variable driver / MemoryTypeInfo tracking + + ArmVirtPkg, OvmfPkg: Pass parameter from QEMU to control PXE +IPv4/v6 boot + + Remove deprecate APIs in BaseCryptLib + + Add UEFI 2.8/2.8a definition in MdePkg + + Add PI1.7/PI1.7a definition into MdePkg + + BaseCryptoLib MD4, ARC4, TDES, AES ECB MODE, HMAC MD5, HMAC +SHA1 API have been deprecated. + + SecurityPkg Tcg2PhysicalPresenceLib library class removes two +macros TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT and +TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT. +- Add 2 tarballs from the submodules of edk2: + + brotli-v1.0.7-17-g666c328.tar.xz + + oniguruma-v6.9.4_mark1.tar.xz +- Refresh patches: + + ovmf-add-exclude-shell-flag.patch + + ovmf-gdb-symbols.patch +- Drop upstream patch: ovmf-bsc1163927-fix-ping-and-ip6dxe.patch +- Drop ovmf-bsc1171643-workaround-outline-atomics.patch since + upstream fixed it in another way. + +--- Old: edk2-stable202002.tar.gz ovmf-bsc1163927-fix-ping-and-ip6dxe.patch ovmf-bsc1171643-workaround-outline-atomics.patch New: brotli-v1.0.7-17-g666c328-c.tar.xz edk2-stable202005.tar.gz oniguruma-v6.9.4_mark1-src.tar.xz Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.4KaMeY/_old 2020-06-10 00:35:38.176950825 +0200 +++ /var/tmp/diff_new_pack.4KaMeY/_new 2020-06-10 00:35:38.180950835 +0200 @@ -26,7 +26,7 @@ Summary:Open Virtual Machine Firmware License:BSD-2-Clause-Patent Group: System/Emulators/PC -Version:202002 +Version:202005 Release:0 Source0: https://github.com/tianocore/edk2/archive/edk2-stable%{version}.tar.gz Source1: https://www.openssl.org/source/openssl-%{openssl_version}.tar.gz @@ -39,6 +39,10 @@ # berkeley-softfloat-3: https://github.com/ucb-bar/berkeley-softfloat-3 Source6:berkeley-softfloat-3-%{softfloat_version}.tar.xz Source7:descriptors.tar.xz +# brotli: https://github.com/google/brotli, "c" directory only +Source8:brotli-v1.0.7-17-g666c328-c.tar.xz +# oniguruma: https://github.com/kkos/oniguruma, "src" directory only +Source9:oniguruma-v6.9.4_mark1-src.tar.xz Source100: %{name}-rpmlintrc Source101: gdb_uefi.py.in Source102: gen-key-enrollment-iso.sh @@ -48,8 +52,6 @@ Patch3: %{name}-pie.patch Patch4: %{name}-disable-ia32-firmware-piepic.patch Patch5: %{name}-set-fixed-enroll-time.patch -Patch6: %{name}-bsc1163927-fix-ping-and-ip6dxe.patch -Patch7: %{name}-bsc1171643-workaround-outline-atomics.patch Patch100: openssl-fix-syntax-error.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bc @@ -168,10 +170,6 @@ %patch3 -p1 %patch4 -p1 %patch5 -p1 -%patch6 -p1 -%if %{gcc_version} >= 10 -%patch7 -p1 -%endif # add openssl pushd
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2020-05-29 21:19:52 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.3606 (New) Package is "ovmf" Fri May 29 21:19:52 2020 rev:48 rq:807896 version:202002 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2020-04-25 20:09:21.243675129 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new.3606/ovmf.changes 2020-05-29 21:35:34.922329278 +0200 @@ -1,0 +2,6 @@ +Thu May 21 03:36:17 UTC 2020 - Gary Ching-Pang Lin + +- Add ovmf-bsc1171643-workaround-outline-atomics.patch to disable + gcc10 outline-atomics in AArch64 (bsc#1171643) + +--- New: ovmf-bsc1171643-workaround-outline-atomics.patch Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.fQ3DPa/_old 2020-05-29 21:35:35.878332124 +0200 +++ /var/tmp/diff_new_pack.fQ3DPa/_new 2020-05-29 21:35:35.878332124 +0200 @@ -49,6 +49,7 @@ Patch4: %{name}-disable-ia32-firmware-piepic.patch Patch5: %{name}-set-fixed-enroll-time.patch Patch6: %{name}-bsc1163927-fix-ping-and-ip6dxe.patch +Patch7: %{name}-bsc1171643-workaround-outline-atomics.patch Patch100: openssl-fix-syntax-error.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bc @@ -168,6 +169,9 @@ %patch4 -p1 %patch5 -p1 %patch6 -p1 +%if %{gcc_version} >= 10 +%patch7 -p1 +%endif # add openssl pushd CryptoPkg/Library/OpensslLib/openssl ++ ovmf-bsc1171643-workaround-outline-atomics.patch ++ diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template index 2b17d3b..cc510ae 100755 --- a/BaseTools/Conf/tools_def.template +++ b/BaseTools/Conf/tools_def.template @@ -2010,7 +2010,7 @@ DEFINE GCC5_ARM_ASM_FLAGS= DEF(GCC49_ARM_ASM_FLAGS) DEFINE GCC5_AARCH64_ASM_FLAGS= DEF(GCC49_AARCH64_ASM_FLAGS) DEFINE GCC5_ARM_CC_FLAGS = DEF(GCC49_ARM_CC_FLAGS) DEFINE GCC5_ARM_CC_XIPFLAGS = DEF(GCC49_ARM_CC_XIPFLAGS) -DEFINE GCC5_AARCH64_CC_FLAGS = DEF(GCC49_AARCH64_CC_FLAGS) +DEFINE GCC5_AARCH64_CC_FLAGS = DEF(GCC49_AARCH64_CC_FLAGS) -mno-outline-atomics DEFINE GCC5_AARCH64_CC_XIPFLAGS = DEF(GCC49_AARCH64_CC_XIPFLAGS) DEFINE GCC5_ARM_DLINK_FLAGS = DEF(GCC49_ARM_DLINK_FLAGS) DEFINE GCC5_ARM_DLINK2_FLAGS = DEF(GCC49_ARM_DLINK2_FLAGS) -Wno-error
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2020-04-25 20:09:14 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.2738 (New) Package is "ovmf" Sat Apr 25 20:09:14 2020 rev:47 rq:795744 version:202002 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2020-04-10 23:52:31.672666899 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new.2738/ovmf.changes 2020-04-25 20:09:21.243675129 +0200 @@ -1,0 +2,11 @@ +Mon Apr 20 06:11:25 UTC 2020 - Gary Ching-Pang Lin + +- Build all non-native firmware files on x86_64 and aarch64 with + cross-compilers (bsc#1159134) + + Exclude i586 and armv7hl due to the availability of +cross-compilers + + Move some bash functions to ovmf-build-funcs.sh +- Clean up PKG_TO_REMOVE + + Only EmulatorPkg still exists. + +--- New: ovmf-build-funcs.sh Other differences: -- ++ ovmf.spec ++ 719 lines (skipped) between /work/SRC/openSUSE:Factory/ovmf/ovmf.spec and /work/SRC/openSUSE:Factory/.ovmf.new.2738/ovmf.spec ++ ovmf-build-funcs.sh ++ #!/bin/bash # Generate PK/KEK OEM strings pkkek_oemstr() { local CERT_FILE=$1 sed \ -e 's/^-BEGIN CERTIFICATE-$/4e32566d-8e9e-4f52-81d3-5bb9715f9727:/' \ -e '/^-END CERTIFICATE-$/d' \ $CERT_FILE \ | tr -d '\n' } # Build the varstore template build_template() { local ARCH=$(echo $1 | tr '[:lower:'] '[:upper:]') local PREFIX="$2" local KEY="$3" local PKKEK_FILE="$4" local ISO_FILE="$5" local TYPE="$6" # QEMU parameters # pflash parameters local PFLASH="" if [ $TYPE == "separate" ]; then local FW_CODE_ORIG="${PREFIX}-code.bin" local FW_VARS_ORIG="${PREFIX}-vars.bin" local FW_CODE="${PREFIX}-${KEY}-code.bin" local FW_VARS="${PREFIX}-${KEY}-vars.bin" local PFLASH_CODE="-drive if=pflash,format=raw,unit=0,readonly,file=$FW_CODE" local PFLASH_VARS="-drive if=pflash,format=raw,unit=1,file=$FW_VARS" ln -s "$FW_CODE_ORIG" "$FW_CODE" cp "$FW_VARS_ORIG" "$FW_VARS" PFLASH="$PFLASH_CODE $PFLASH_VARS" elif [ $TYPE == "unified" ]; then local UNIFIED_FW_ORIG="${PREFIX}.bin" local UNIFIED_FW="${PREFIX}-${KEY}.bin" cp "$UNIFIED_FW_ORIG" "$UNIFIED_FW" PFLASH="-drive if=pflash,format=raw,unit=0,file=$UNIFIED_FW" fi # smbios parameters for PK and KEK local SMBIOS="-smbios type=11,value=$(pkkek_oemstr $PKKEK_FILE)" # memory: 256MB local MEMORY="-m 256" # redirect display to stdio and disable network local MISC="-display none -no-user-config -nodefaults -smp 1" MISC="$MISC -serial stdio" # set cdrom device local CDROM="-device virtio-scsi-pci,id=scsi0" CDROM="$CDROM -device scsi-cd,drive=cd0,bus=scsi0.0,bootindex=0" CDROM="$CDROM -drive media=cdrom,if=none,id=cd0,format=raw,readonly=on" CDROM="$CDROM,file=${ISO_FILE}" if [ $ARCH == "X64" ]; then # qemu command local QEMU="qemu-system-x86_64" # machine parameters local MACHINE="-machine q35" if [[ "$PREFIX" == *"-smm" ]]; then MACHINE="$MACHINE,smm=on,accel=tcg" MACHINE="$MACHINE -global driver=cfi.pflash01,property=secure,value=on" MACHINE="$MACHINE -global ICH9-LPC.disable_s3=1" fi MACHINE="$MACHINE -chardev pty,id=charserial1" MACHINE="$MACHINE -device isa-serial,chardev=charserial1,id=serial1" elif [ $ARCH == "AARCH64" ]; then # qemu command local QEMU="qemu-system-aarch64" # machine parameters local MACHINE="-cpu cortex-a57 -machine virt" fi # Launch the VM $QEMU $MACHINE $MEMORY $PFLASH $SMBIOS $CDROM $MISC }
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2020-04-10 23:52:18 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.3248 (New) Package is "ovmf" Fri Apr 10 23:52:18 2020 rev:46 rq:791681 version:202002 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2020-03-11 18:31:44.522876421 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.3248/ovmf.changes 2020-04-10 23:52:31.672666899 +0200 @@ -1,0 +2,6 @@ +Mon Apr 6 03:37:22 UTC 2020 - Gary Ching-Pang Lin + +- Add ovmf-bsc1163927-fix-ping-and-ip6dxe.patch to fix crash and + hang in ShellPkg and Ip6Dxe (bsc#1163927, CVE-2019-14559) + +--- New: ovmf-bsc1163927-fix-ping-and-ip6dxe.patch Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.BbzN4w/_old 2020-04-10 23:52:32.836667753 +0200 +++ /var/tmp/diff_new_pack.BbzN4w/_new 2020-04-10 23:52:32.836667753 +0200 @@ -49,6 +49,7 @@ Patch3: %{name}-pie.patch Patch4: %{name}-disable-ia32-firmware-piepic.patch Patch5: %{name}-set-fixed-enroll-time.patch +Patch6: %{name}-bsc1163927-fix-ping-and-ip6dxe.patch Patch100: openssl-fix-syntax-error.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bc @@ -172,6 +173,7 @@ %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 # add openssl pushd CryptoPkg/Library/OpensslLib/openssl ++ ovmf-bsc1163927-fix-ping-and-ip6dxe.patch ++ >From f0f676088e356b8c912922dd2a12de210308befb Mon Sep 17 00:00:00 2001 From: Maciej Rabeda Date: Thu, 27 Feb 2020 11:30:43 +0100 Subject: [PATCH 1/3] ShellPkg: Fix 'ping' command Ip4 receive flow. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2032 'ping' command's receive flow utilizes a single Rx token which it attempts to reuse before recycling the previously received packet. This causes a situation where under ICMP traffic, Ping6OnEchoReplyReceived() function will receive an already recycled packet with EFI_SUCCESS token status and finally dereference invalid pointers from RxData structure. Cc: Ray Ni Cc: Zhichao Gao Signed-off-by: Maciej Rabeda Reviewed-by: Siyuan Fu Acked-by: Zhichao Gao (cherry picked from commit 65c73df44c61235ede84c5aa1d2eab6650844966) --- ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c | 9 + 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c index 23567fa2c1bb..a3fa32515192 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c @@ -614,6 +614,11 @@ Ping6OnEchoReplyReceived ( ON_EXIT: + // + // Recycle the packet before reusing RxToken + // + gBS->SignalEvent (Private->IpChoice == PING_IP_CHOICE_IP6?((EFI_IP6_RECEIVE_DATA*)Private->RxToken.Packet.RxData)->RecycleSignal:((EFI_IP4_RECEIVE_DATA*)Private->RxToken.Packet.RxData)->RecycleSignal); + if (Private->RxCount < Private->SendNum) { // // Continue to receive icmp echo reply packets. @@ -632,10 +637,6 @@ ON_EXIT: // Private->Status = EFI_SUCCESS; } - // - // Singal to recycle the each rxdata here, not at the end of process. - // - gBS->SignalEvent (Private->IpChoice == PING_IP_CHOICE_IP6?((EFI_IP6_RECEIVE_DATA*)Private->RxToken.Packet.RxData)->RecycleSignal:((EFI_IP4_RECEIVE_DATA*)Private->RxToken.Packet.RxData)->RecycleSignal); } /** -- 2.25.1 >From d2f2e106c5f94acb2b1033c2f4324aa46b4b Mon Sep 17 00:00:00 2001 From: Maciej Rabeda Date: Mon, 2 Mar 2020 13:25:20 +0100 Subject: [PATCH 2/3] NetworkPkg/Ip6Dxe: Improve Neightbor Discovery message validation. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2174 Problem has been identified with Ip6ProcessRouterAdvertise() when Router Advertise packet contains options with malicious/invalid 'Length' field. This can lead to platform entering infinite loop when processing options from that packet. Cc: Jiaxin Wu Cc: Siyuan Fu Signed-off-by: Maciej Rabeda Reviewed-by: Siyuan Fu (cherry picked from commit 9c20342eed70ec99ec50cd73cb81804299f05403) --- NetworkPkg/Ip6Dxe/Ip6Nd.c | 44 --- NetworkPkg/Ip6Dxe/Ip6Nd.h | 13 NetworkPkg/Ip6Dxe/Ip6Option.c | 57 ++- 3 files changed, 83 insertions(+), 31 deletions(-) diff --git a/NetworkPkg/Ip6Dxe/Ip6Nd.c b/NetworkPkg/Ip6Dxe/Ip6Nd.c index 4288ef02dd46..fd7f60b2f92c 100644 --- a/NetworkPkg/Ip6Dxe/Ip6Nd.c +++ b/NetworkPkg/Ip6Dxe/Ip6Nd.c @@ -1927,7 +1927,7 @@ Ip6ProcessRouterAdvertise ( UINT32
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2020-03-11 18:31:36 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.3160 (New) Package is "ovmf" Wed Mar 11 18:31:36 2020 rev:45 rq:782009 version:202002 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2020-02-29 21:21:37.958174312 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.3160/ovmf.changes 2020-03-11 18:31:44.522876421 +0100 @@ -1,0 +2,221 @@ +Fri Mar 6 03:11:48 UTC 2020 - Gary Ching-Pang Lin + +- Update to edk2-stable202002 + + UefiCpuPkg/MpInitLib: Skip reading PlatformId on AMD processors. + + BaseTools: Remove invalid leading space before !INCLUDE in Makefile + + OvmfPkg/QemuVideoDxe: unbreak "secondary-vga" and "bochs-display" support + + NetworkPkg/ArpDxe: Recycle invalid ARP packets (CVE-2019-14559) + + ShellPkg: acpiview: Prevent infinite loop if structure length is 0 + + CryptoPkg/BaseHashApiLib: Change PcdHashApiLibPolicy type to FixedAtBuild + + CryptoPkg/BaseHashApiLib: Align BaseHashApiLib with TPM 2.0 Implementation + + MdeModulePkg: Make retval in UninstallMultipleProtocol follow Spec + + SecurityPkg/DxeImageVerificationLib: change IsCertHashFoundInDatabase +name (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: Differentiate error/search +result (2) (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: plug Data leak in +IsForbiddenByDbx() (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: tighten default result +(CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: Differentiate error/search +result (1) (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: refactor db/dbx fetching +code (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: avoid bypass in fetching +dbx (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: fix wrong fetch dbx in +IsAllowedByDb (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: reject +CertStack.CertNumber==0 per DBX (CVE-2019-14575) + + SecurityPkg/DxeImageVerificationLib: Fix memory leaks +(CVE-2019-14575) + + NetworkPkg/Ip4Dxe: Check the received package length +(CVE-2019-14559). + + ShellPkg: acpiview: Validate ACPI table 'Length' field + + ShellPkg: acpiview: Remove duplicate ACPI structure size definitions + + UefiCpuPkg RegisterCpuFeaturesLib: Match data type and format specifier + + MdeModulePkg/SdMmcPciHcDxe: Fix double PciIo Unmap in TRB creation +(CVE-2019-14587) + + MdeModulePkg/DisplayEngine: Zero memory before free (CVE-2019-14558) + + MdeModulePkg/String.c: Zero memory before free (CVE-2019-14558) + + MdeModulePkg/HiiDB: Remove configuration table when it's freed +(CVE-2019-14586) + + MdePkg: Remove FIT table industry standard header file. + + UefiCpuPkg: Remove FIT based microcode shadow logic from MpInitLib. + + UefiCpuPkg/CpuFeature: Introduce First to indicate 1st unit. + + UefiCpuPkg/RegisterCpuFeaturesLib: Rename [Before|After]FeatureBitMask + + UefiCpuPkg/RegisterCpuFeaturesLib: Delete CPU_FEATURE_[BEFORE|AFTER] + + MdePkg: Add PCCT table signature definition + + BaseTools: Fixed build failure when using python38 + + BaseTools:fix Ecc tool issue for check StructPcd + + BaseTools: Remove caret in NASM_INC macro + + BaseTools: Rationalise makefile generation + + MdePkg: Add PCI Express 5.0 Header File + + MdePkg: Disable EBC for unit tests in MdePkg.dsc + + MdePkg/SmBios.h: Add two additional DWORD for smbios 3.3.0 type17 + + UefiCpuPkg/MpInitLib: Not pass microcode info between archs in CPU_MP_DATA + + Revert UefiCpuPkg/MpInitLib: Relocate microcode patch fields in CPU_MP_DATA + + ShellPkg: acpiview: Validate global pointers before use + + ShellPkg: acpiview: Validate System Locality count + + ShellPkg: acpiview: Set ItemPtr to NULL for unprocessed table fields + + ShellPkg: Document UpdateArgcArgv returns EFI_INVALID_PARAMETER + + ShellPkg: Document ParseCommandLineToArgs returns EFI_INVALID_PARAMETER + + ShellPkg/UefiShellAcpiViewCommandLib: Fix FADT Parser + + SecurityPkg: Fix incorrect return value when File is NULL + + BaseTools: Fixed a Incremental build issue + + CryptoPkg/CryptoPkg.dsc: Add build of Crypto libraries/modules + + CryptoPkg/Library: Add BaseCryptLibOnProtocolPpi instances + + CryptoPkg/Driver: Add Crypto PEIM, DXE, and SMM modules + + CryptoPkg: Add EDK II Crypto Protocols/PPIs/PCDs + + CryptoPkg/BaseCryptLib: Add X509ConstructCertificateStackV(). + + MdeModulePkg/PiDxeS3BootScriptLib: Fix potential numeric truncation +(CVE-2019-14563) + + MdeModulePkg/Capsule: Remove RT restriction in UpdateCapsule service. + + SecurityPkg/TcgPhysicalPresenceLib: Replace the ASSERT with error code + + BaseTools/PcdValueCommon: Fix 64-bit host
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2020-02-29 21:21:22 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.26092 (New) Package is "ovmf" Sat Feb 29 21:21:22 2020 rev:44 rq:779256 version:201911 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2020-02-20 15:37:26.382744978 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.26092/ovmf.changes 2020-02-29 21:21:37.958174312 +0100 @@ -1,0 +2,10 @@ +Mon Feb 24 04:00:24 UTC 2020 - Gary Ching-Pang Lin + +- Add ovmf-bsc1163969-fix-DxeImageVerificationHandler.patch to fix + dbx signature check (bsc#1163969, CVE-2019-14575) + + Also change the order of several patches to distinguish the +openssl patch +- Add ovmf-bsc1163927-fix-ip4dxe-and-arpdxe.patch to fix memory + leakage in Ip4Dxe and ArpDxe (bsc#1163927, CVE-2019-14559) + +--- New: ovmf-bsc1163927-fix-ip4dxe-and-arpdxe.patch ovmf-bsc1163969-fix-DxeImageVerificationHandler.patch Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.WB2zxY/_old 2020-02-29 21:21:38.830176038 +0100 +++ /var/tmp/diff_new_pack.WB2zxY/_new 2020-02-29 21:21:38.834176046 +0100 @@ -49,8 +49,10 @@ Patch3: %{name}-pie.patch Patch4: %{name}-disable-ia32-firmware-piepic.patch Patch5: %{name}-set-fixed-enroll-time.patch -Patch6: openssl-fix-syntax-error.patch -Patch7: %{name}-bsc1163959-PiDxeS3BootScriptLib-fix-numeric-truncation.patch +Patch6: %{name}-bsc1163959-PiDxeS3BootScriptLib-fix-numeric-truncation.patch +Patch7: %{name}-bsc1163969-fix-DxeImageVerificationHandler.patch +Patch8: %{name}-bsc1163927-fix-ip4dxe-and-arpdxe.patch +Patch100: openssl-fix-syntax-error.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bc BuildRequires: fdupes @@ -173,12 +175,14 @@ %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 %patch7 -p1 +%patch8 -p1 # add openssl pushd CryptoPkg/Library/OpensslLib/openssl tar -xf %{SOURCE1} --strip 1 -%patch6 -p1 +%patch100 -p1 popd # add berkeley-softfloat-3 ++ ovmf-bsc1163927-fix-ip4dxe-and-arpdxe.patch ++ >From 7f9f7fccf58af2db5ac8c88801f56f4efe664fcb Mon Sep 17 00:00:00 2001 From: Jiaxin Wu Date: Mon, 29 Apr 2019 09:51:53 +0800 Subject: [PATCH 1/2] NetworkPkg/Ip4Dxe: Check the received package length (CVE-2019-14559). v3: correct the coding style. v2: correct the commit message & add BZ number. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1610 This patch is to check the received package length to make sure the package has a valid length field. Cc: Fu Siyuan Cc: Maciej Rabeda Signed-off-by: Wu Jiaxin Reviewed-by: Siyuan Fu (cherry picked from commit 578bcdc2605e3438b9cbdac4e68339f90f5bf8af) --- NetworkPkg/Ip4Dxe/Ip4Input.c | 46 +--- 1 file changed, 37 insertions(+), 9 deletions(-) diff --git a/NetworkPkg/Ip4Dxe/Ip4Input.c b/NetworkPkg/Ip4Dxe/Ip4Input.c index 24c584658803..fc1a892f14eb 100644 --- a/NetworkPkg/Ip4Dxe/Ip4Input.c +++ b/NetworkPkg/Ip4Dxe/Ip4Input.c @@ -1,7 +1,7 @@ /** @file IP4 input process. -Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved. +Copyright (c) 2005 - 2020, Intel Corporation. All rights reserved. (C) Copyright 2015 Hewlett-Packard Development Company, L.P. SPDX-License-Identifier: BSD-2-Clause-Patent @@ -711,10 +711,6 @@ Ip4PreProcessPacket ( // // Check if the IP4 header is correctly formatted. // - if ((*Packet)->TotalSize < IP4_MIN_HEADLEN) { -return EFI_INVALID_PARAMETER; - } - HeadLen = (Head->HeadLen << 2); TotalLen = NTOHS (Head->TotalLen); @@ -808,6 +804,30 @@ Ip4PreProcessPacket ( return EFI_SUCCESS; } +/** + This function checks the IPv4 packet length. + + @param[in] Packet Pointer to the IPv4 Packet to be checked. + + @retval TRUE The input IPv4 packet length is valid. + @retval FALSE The input IPv4 packet length is invalid. + +**/ +BOOLEAN +Ip4IsValidPacketLength ( + IN NET_BUF*Packet + ) +{ + // + // Check the IP4 packet length. + // + if (Packet->TotalSize < IP4_MIN_HEADLEN) { +return FALSE; + } + + return TRUE; +} + /** The IP4 input routine. It is called by the IP4_INTERFACE when a IP4 fragment is received from MNP. @@ -844,6 +864,10 @@ Ip4AccpetFrame ( goto DROP; } + if (!Ip4IsValidPacketLength (Packet)) { +goto RESTART; + } + Head = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL); ASSERT (Head != NULL); OptionLen = (Head->HeadLen << 2) - IP4_MIN_HEADLEN; @@ -890,10
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2020-02-20 15:37:21 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.26092 (New) Package is "ovmf" Thu Feb 20 15:37:21 2020 rev:43 rq:775106 version:201911 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2020-02-14 16:26:47.899237020 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.26092/ovmf.changes 2020-02-20 15:37:26.382744978 +0100 @@ -1,0 +2,7 @@ +Tue Feb 18 09:24:30 UTC 2020 - Gary Ching-Pang Lin + +- Add ovmf-bsc1163959-PiDxeS3BootScriptLib-fix-numeric-truncation.patch + to fix the numeric truncation to avoid the potential memory + corruption (bsc#1163959, CVE-2019-14563) + +--- New: ovmf-bsc1163959-PiDxeS3BootScriptLib-fix-numeric-truncation.patch Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.zF9AnQ/_old 2020-02-20 15:37:27.970747752 +0100 +++ /var/tmp/diff_new_pack.zF9AnQ/_new 2020-02-20 15:37:27.974747759 +0100 @@ -50,6 +50,7 @@ Patch4: %{name}-disable-ia32-firmware-piepic.patch Patch5: %{name}-set-fixed-enroll-time.patch Patch6: openssl-fix-syntax-error.patch +Patch7: %{name}-bsc1163959-PiDxeS3BootScriptLib-fix-numeric-truncation.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bc BuildRequires: fdupes @@ -172,6 +173,7 @@ %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch7 -p1 # add openssl pushd CryptoPkg/Library/OpensslLib/openssl ++ ovmf-bsc1163959-PiDxeS3BootScriptLib-fix-numeric-truncation.patch ++ >From 322ac05f8bbc1bce066af1dabd1b70ccdbe28891 Mon Sep 17 00:00:00 2001 From: Hao A Wu Date: Fri, 28 Jun 2019 14:15:55 +0800 Subject: [PATCH 1/1] MdeModulePkg/PiDxeS3BootScriptLib: Fix potential numeric truncation (CVE-2019-14563) REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2001 For S3BootScriptLib APIs: S3BootScriptSaveIoWrite S3BootScriptSaveMemWrite S3BootScriptSavePciCfgWrite S3BootScriptSavePciCfg2Write S3BootScriptSaveSmbusExecute S3BootScriptSaveInformation S3BootScriptSaveInformationAsciiString S3BootScriptLabel (happen in S3BootScriptLabelInternal()) possible numeric truncations will happen that may lead to S3 boot script entry with improper size being returned to store the boot script data. This commit will add checks to prevent this kind of issue. Please note that the remaining S3BootScriptLib APIs: S3BootScriptSaveIoReadWrite S3BootScriptSaveMemReadWrite S3BootScriptSavePciCfgReadWrite S3BootScriptSavePciCfg2ReadWrite S3BootScriptSaveStall S3BootScriptSaveDispatch2 S3BootScriptSaveDispatch S3BootScriptSaveMemPoll S3BootScriptSaveIoPoll S3BootScriptSavePciPoll S3BootScriptSavePci2Poll S3BootScriptCloseTable S3BootScriptExecute S3BootScriptMoveLastOpcode S3BootScriptCompare are not affected by such numeric truncation. Signed-off-by: Hao A Wu Reviewed-by: Laszlo Ersek Reviewed-by: Eric Dong Acked-by: Jian J Wang --- .../PiDxeS3BootScriptLib/BootScriptSave.c | 52 ++- 1 file changed, 51 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Library/PiDxeS3BootScriptLib/BootScriptSave.c b/MdeModulePkg/Library/PiDxeS3BootScriptLib/BootScriptSave.c index 9106e7d0f9f5..9315fc9f0188 100644 --- a/MdeModulePkg/Library/PiDxeS3BootScriptLib/BootScriptSave.c +++ b/MdeModulePkg/Library/PiDxeS3BootScriptLib/BootScriptSave.c @@ -1,7 +1,7 @@ /** @file Save the S3 data to S3 boot script. - Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved. + Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent @@ -1006,6 +1006,14 @@ S3BootScriptSaveIoWrite ( EFI_BOOT_SCRIPT_IO_WRITE ScriptIoWrite; WidthInByte = (UINT8) (0x01 << (Width & 0x03)); + + // + // Truncation check + // + if ((Count > MAX_UINT8) || + (WidthInByte * Count > MAX_UINT8 - sizeof (EFI_BOOT_SCRIPT_IO_WRITE))) { +return RETURN_OUT_OF_RESOURCES; + } Length = (UINT8)(sizeof (EFI_BOOT_SCRIPT_IO_WRITE) + (WidthInByte * Count)); Script = S3BootScriptGetEntryAddAddress (Length); @@ -1102,6 +1110,14 @@ S3BootScriptSaveMemWrite ( EFI_BOOT_SCRIPT_MEM_WRITE ScriptMemWrite; WidthInByte = (UINT8) (0x01 << (Width & 0x03)); + + // + // Truncation check + // + if ((Count > MAX_UINT8) || + (WidthInByte * Count > MAX_UINT8 - sizeof (EFI_BOOT_SCRIPT_MEM_WRITE))) { +return RETURN_OUT_OF_RESOURCES; + } Length = (UINT8)(sizeof (EFI_BOOT_SCRIPT_MEM_WRITE) + (WidthInByte * Count)); Script = S3BootScriptGetEntryAddAddress (Length); @@ -1206,6 +1222,14 @@ S3BootScriptSavePciCfgWrite ( }
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2020-02-14 16:26:44 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.26092 (New) Package is "ovmf" Fri Feb 14 16:26:44 2020 rev:42 rq:770415 version:201911 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2020-01-01 14:57:29.221905672 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.26092/ovmf.changes 2020-02-14 16:26:47.899237020 +0100 @@ -1,0 +2,6 @@ +Mon Feb 3 02:14:23 UTC 2020 - Gary Ching-Pang Lin + +- Build the unified firmware with preloaded keys for backward + compatibility (bsc#1159793) + +--- Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.zfP4i5/_old 2020-02-14 16:26:48.979237606 +0100 +++ /var/tmp/diff_new_pack.zfP4i5/_new 2020-02-14 16:26:48.979237606 +0100 @@ -1,7 +1,7 @@ # # spec file for package ovmf # -# Copyright (c) 2019 SUSE LLC +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -360,19 +360,31 @@ local KEY="$3" local PKKEK_FILE="$4" local ISO_FILE="$5" + local TYPE="$6" + # QEMU parameters + # pflash parameters + local PFLASH="" + if [ $TYPE == "separate" ]; then local FW_CODE_ORIG="${PREFIX}-code.bin" local FW_VARS_ORIG="${PREFIX}-vars.bin" local FW_CODE="${PREFIX}-${KEY}-code.bin" local FW_VARS="${PREFIX}-${KEY}-vars.bin" + local PFLASH_CODE="-drive if=pflash,format=raw,unit=0,readonly,file=$FW_CODE" + local PFLASH_VARS="-drive if=pflash,format=raw,unit=1,file=$FW_VARS" ln -s "$FW_CODE_ORIG" "$FW_CODE" cp "$FW_VARS_ORIG" "$FW_VARS" - # QEMU parameters - # pflash parameters - local PFLASH_CODE="-drive if=pflash,format=raw,unit=0,readonly,file=$FW_CODE" - local PFLASH_VARS="-drive if=pflash,format=raw,unit=1,file=$FW_VARS" + PFLASH="$PFLASH_CODE $PFLASH_VARS" + elif [ $TYPE == "unified" ]; then + local UNIFIED_FW_ORIG="${PREFIX}.bin" + local UNIFIED_FW="${PREFIX}-${KEY}.bin" + + cp "$UNIFIED_FW_ORIG" "$UNIFIED_FW" + + PFLASH="-drive if=pflash,format=raw,unit=0,file=$UNIFIED_FW" + fi # smbios parameters for PK and KEK local SMBIOS="-smbios type=11,value=$(pkkek_oemstr $PKKEK_FILE)" @@ -412,7 +424,7 @@ fi # Launch the VM - $QEMU $MACHINE $MEMORY $PFLASH_CODE $PFLASH_VARS $SMBIOS $CDROM $MISC + $QEMU $MACHINE $MEMORY $PFLASH $SMBIOS $CDROM $MISC } # Assign the default PK/KEK @@ -459,11 +471,22 @@ for flavor in ${FLAVORS[@]}; do for key in ${KEY_SOURCES[@]}; do build_template "$BUILD_ARCH" "$flavor" "$key" \ - "${PKKEK[$key]}" "${KEY_ISO_FILES[$key]}" + "${PKKEK[$key]}" "${KEY_ISO_FILES[$key]}" \ + "separate" done done %ifarch x86_64 +# Generate the unified firmware with preloaded keys for backward +# compatibility. (bsc#1159793) +for flavor in ${FLAVORS[@]}; do + for key in ${KEY_SOURCES[@]}; do + build_template "$BUILD_ARCH" "$flavor" "$key" \ + "${PKKEK[$key]}" "${KEY_ISO_FILES[$key]}" \ + "unified" + done +done + # Rename the x86_64 4MB firmware # We use ovmf-x86_64-$key-4m instead of ovmf-x86_64-4m-$key in the # version < stable201905. Rename the 4MB firmware files for backward
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2020-01-01 14:56:56 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.6675 (New) Package is "ovmf" Wed Jan 1 14:56:56 2020 rev:41 rq:758466 version:201911 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2019-12-07 15:17:42.171776174 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.6675/ovmf.changes 2020-01-01 14:57:29.221905672 +0100 @@ -1,0 +2,5 @@ +Fri Dec 20 09:11:37 UTC 2019 - Dirk Mueller + +- only build -aarch32 Cortex-A15 EFI on armv7hl + +--- Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.iMmP8x/_old 2020-01-01 14:57:33.073907684 +0100 +++ /var/tmp/diff_new_pack.iMmP8x/_new 2020-01-01 14:57:33.073907684 +0100 @@ -58,7 +58,7 @@ BuildRequires: iasl BuildRequires: libuuid-devel BuildRequires: python3 -%ifnarch %arm +%ifnarch armv7hl BuildRequires: nasm %endif %ifarch %{secureboot_archs} @@ -75,7 +75,7 @@ %endif BuildRequires: unzip %endif -ExclusiveArch: %ix86 x86_64 aarch64 %arm +ExclusiveArch: %ix86 x86_64 aarch64 armv7hl %description The Open Virtual Machine Firmware (OVMF) project aims to support @@ -144,7 +144,7 @@ virt board. %endif -%ifarch %arm +%ifarch armv7hl %package -n qemu-uefi-aarch32 Summary:UEFI QEMU rom image (AArch32) Group: System/Emulators/PC @@ -231,7 +231,7 @@ BUILD_OPTIONS="$OVMF_FLAGS -a AARCH64 -p ArmVirtPkg/ArmVirtQemu.dsc -b DEBUG -t $TOOL_CHAIN_TAG" ARCH=AARCH64 make -C BaseTools %else -%ifarch %arm +%ifarch armv7hl # Flavors for arm FLAVORS=("aavmf-aarch32") BUILD_ARCH="AARCH32" @@ -324,7 +324,7 @@ cp Build/ArmVirtQemu-AARCH64/DEBUG_*/AARCH64/EnrollDefaultKeys.efi . %else -%ifarch %arm +%ifarch armv7hl # Build the UEFI image build $BUILD_OPTIONS @@ -525,7 +525,7 @@ install -m 0644 -D descriptors/*-aarch64*.json \ -t %{buildroot}/%{_datadir}/qemu/firmware %else -%ifarch %arm +%ifarch armv7hl install -m 0644 -D qemu-uefi-aarch32.bin -t %{buildroot}/%{_datadir}/qemu/ install -m 0644 -D aavmf-aarch32-*.bin -t %{buildroot}/%{_datadir}/qemu/ install -m 0644 -D descriptors/*-aarch32*.json \ @@ -597,7 +597,7 @@ %{_datadir}/qemu/firmware/*-aarch64*.json %endif -%ifarch %arm +%ifarch armv7hl %files -n qemu-uefi-aarch32 %defattr(-,root,root) %license License.txt
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2019-12-07 15:15:50 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.4691 (New) Package is "ovmf" Sat Dec 7 15:15:50 2019 rev:40 rq:753074 version:201911 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2019-11-08 15:23:45.434869808 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.4691/ovmf.changes 2019-12-07 15:17:42.171776174 +0100 @@ -1,0 +2,68 @@ +Tue Dec 3 02:35:19 UTC 2019 - Gary Ching-Pang Lin + +- Update to edk2-stable201911 + + SecurityPkg: Fix TPM2 ACPI measurement + + MdeModulePkg: Enable variable runtime cache by default + + OvmfPkg: Disable variable runtime cache + + MdeModulePkg/Variable: Add RT GetVariable() cache support + + CryptoPkg: Upgrade OpenSSL to 1.1.1d + + MdePkg-UefiSpec.h: Add UEFI 2.8 new memory attributes + + MdePkg/UefiFileHandleLib: Fix potential NULL dereference + + NetworkPkg/HttpDxe: Set the HostName for the verification +(CVE-2019-14553) + + NetworkPkg/TlsDxe: Add the support of host validation to TlsDxe +driver (CVE-2019-14553) + + CryptoPkg/TlsLib: TlsSetVerifyHost: parse IP address literals +as such (CVE-2019-14553) + + CryptoPkg/TlsLib: Add the new API "TlsSetVerifyHost" +(CVE-2019-14553) + + MdePkg/Include/Protocol/Tls.h: Add the data type of +EfiTlsVerifyHost (CVE-2019-14553) + + MdeModulePkg/BdsDxe: Fix PlatformRecovery issue + + NetworkPkg/SnpDxe: Add PCD to remove ExitBootServices event +from SNP driver + + MdeModulePkg: Update to support SmBios 3.3.0 + + UefiCpuPkg/MpInitLib: honor the platform's boot CPU count in AP +detection + + SecurityPkg/Tcg2: Add Support Laml, Lasa for TPM2 ACPI + + OvmfPkg/PlatformDxe: fix EFI_HII_HANDLE parameters of internal +functions + + OvmfPkg/VirtioNetDxe: fix SignalEvent() call + + OvmfPkg/XenBusDxe: fix UninstallMultipleProtocolInterfaces() +call + + NetworkPkg/Ip4Dxe: fix NetLibDestroyServiceChild() call + + MdeModulePkg/ScsiDiskDxe: Support Storage Security Command +Protocol + + MdePkg: Implement SCSI commands for Security Protocol In/Out + + MdeModulePkg/TerminalDxe: Enhance the arrow keys support + + MdeModulePkg/UefiBootManager: Unload image on +EFI_SECURITY_VIOLATION + + MdeModulePkg/DxeCapsuleLibFmp: Unload image on +EFI_SECURITY_VIOLATION + + MdeModulePkg: Extend the support keyboard type of Terminal +console + + UefiCpuPkg/CpuExceptionHandlerLib: Fix split lock + + UefiCpuPkg: Fix potential spinLock issue in SmmStartupThisAp + + UefiCpuPkg/PiSmmCpu: Enable 5L paging only when phy addr line +> 48 + + OvmfPkg/EnrollDefaultKeys: clean up Base64Decode() retval +handling + + ArmVirtPkg/PlatformBootManagerLib: unload image on +EFI_SECURITY_VIOLATION + + ShellPkg/ShellPkg.dsc AARCH64: enable stack protector + + ArmVirtPkg/ArmVirtPrePiUniCoreRelocatable: revert to PIE +linking + + BaseTools/GenFw AARCH64: fix up GOT based relative relocations + + ShellPkg/Pci.c: Update supported link speed to PCI5.0 + + PcAtChipsetPkg: add PcdRealTimeClockUpdateTimeout + + UefiCpuPkg: Add PcdCpuSmmRestrictedMemoryAccess + + ShellPkg/CommandLib: avoid NULL derefence and memory leak + + MdePkg/DxeHstiLib: Added checks to improve error handling + + BaseTools: Support more file types in build cache + + UefiCpuPkg/SecCore: get AllSecPpiList after SecPlatformMain +- Update openssl to 1.1.1d + + Add openssl-fix-syntax-error.patch to fix a syntax error +- Drop ovmf-bsc1153072-fix-invalid-https-cert.patch + + Already upstreamed + +--- Old: edk2-stable201908.tar.gz openssl-1.1.1b.tar.gz openssl-1.1.1b.tar.gz.asc ovmf-bsc1153072-fix-invalid-https-cert.patch New: edk2-stable201911.tar.gz openssl-1.1.1d.tar.gz openssl-1.1.1d.tar.gz.asc openssl-fix-syntax-error.patch Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.b7wBZ5/_old 2019-12-07 15:17:47.331775444 +0100 +++ /var/tmp/diff_new_pack.b7wBZ5/_new 2019-12-07 15:17:47.367775439 +0100 @@ -1,7 +1,7 @@ # # spec file for package ovmf # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,15 +20,15 @@ %define secureboot_archs x86_64 aarch64 %undefine _build_create_debug -%global openssl_version 1.1.1b +%global openssl_version 1.1.1d %global softfloat_version b64af41c3276f Name: ovmf -Url:
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2019-11-08 15:23:40 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.2990 (New) Package is "ovmf" Fri Nov 8 15:23:40 2019 rev:39 rq:746484 version:201908 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2019-10-23 15:33:18.725506691 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new.2990/ovmf.changes 2019-11-08 15:23:45.434869808 +0100 @@ -1,0 +2,19 @@ +Fri Nov 8 04:09:48 UTC 2019 - Gary Ching-Pang Lin + +- Use the same x86 4MB firmware names as the ones in the previous + version (< stable201905) for backward compatibility + +--- +Wed Nov 6 06:28:25 UTC 2019 - Gary Ching-Pang Lin + +- Disable TLS for IA32(i586) to avoid exceeding the size limitation + while using the tool chain from SLE15-SP2/openSUSE Leap 15.2 + +--- +Mon Nov 4 06:44:03 UTC 2019 - Gary Ching-Pang Lin + +- Add ovmf-bsc1153072-fix-invalid-https-cert.patch to reject the + invalid server certificates for HTTPS Boot + (bsc#1153072, CVE-2019-14553) + +--- New: ovmf-bsc1153072-fix-invalid-https-cert.patch Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.bWcxRR/_old 2019-11-08 15:23:47.422871911 +0100 +++ /var/tmp/diff_new_pack.bWcxRR/_new 2019-11-08 15:23:47.426871915 +0100 @@ -49,6 +49,7 @@ Patch3: %{name}-pie.patch Patch4: %{name}-disable-ia32-firmware-piepic.patch Patch5: %{name}-set-fixed-enroll-time.patch +Patch6: %{name}-bsc1153072-fix-invalid-https-cert.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bc BuildRequires: fdupes @@ -171,6 +172,7 @@ %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 # add openssl pushd CryptoPkg/Library/OpensslLib/openssl @@ -208,7 +210,7 @@ FLAVORS=("ovmf-ia32") BUILD_ARCH="IA32" - OVMF_FLAGS="$OVMF_FLAGS -D NETWORK_TLS_ENABLE -D FD_SIZE_2MB" + OVMF_FLAGS="$OVMF_FLAGS -D FD_SIZE_2MB" BUILD_OPTIONS="$OVMF_FLAGS -a IA32 -p OvmfPkg/OvmfPkgIa32.dsc -b DEBUG -t $TOOL_CHAIN_TAG" make -C BaseTools %else @@ -461,6 +463,16 @@ done done +%ifarch x86_64 +# Rename the x86_64 4MB firmware +# We use ovmf-x86_64-$key-4m instead of ovmf-x86_64-4m-$key in the +# version < stable201905. Rename the 4MB firmware files for backward +# compatibility. +for key in ${KEY_SOURCES[@]}; do + rename "4m-$key" "$key-4m" *"4m-$key"*.bin +done +%endif #x86_64 + %endif #secureboot_archs %install ++ ovmf-bsc1153072-fix-invalid-https-cert.patch ++ 1129 lines (skipped)
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2019-10-23 15:33:16 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.2352 (New) Package is "ovmf" Wed Oct 23 15:33:16 2019 rev:38 rq:739020 version:201908 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2019-09-07 11:29:55.302460539 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new.2352/ovmf.changes 2019-10-23 15:33:18.725506691 +0200 @@ -1,0 +2,6 @@ +Thu Oct 17 06:25:01 UTC 2019 - Gary Ching-Pang Lin + +- Add the firmware descriptors for QEMU +- Tweak the install commands + +--- New: descriptors.tar.xz Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.McDequ/_old 2019-10-23 15:33:19.989508143 +0200 +++ /var/tmp/diff_new_pack.McDequ/_new 2019-10-23 15:33:19.993508148 +0200 @@ -40,6 +40,7 @@ Source5:openSUSE-UEFI-SIGN-Certificate-2048.crt # berkeley-softfloat-3: https://github.com/ucb-bar/berkeley-softfloat-3 Source6:berkeley-softfloat-3-%{softfloat_version}.tar.xz +Source7:descriptors.tar.xz Source100: %{name}-rpmlintrc Source101: gdb_uefi.py.in Source102: gen-key-enrollment-iso.sh @@ -181,6 +182,9 @@ tar -xf %{SOURCE6} --strip 1 popd +# prepare the firmware descriptors for qemu +tar -xf %{SOURCE7} + chmod +x %{SOURCE102} %build @@ -469,20 +473,25 @@ install -d %{buildroot}/%{_bindir} install -m 0755 --strip BaseTools/Source/C/bin/EfiRom %{buildroot}/%{_bindir} +# Replace @DATADIR@ in the firmware descriptors +sed -i "s:@DATADIR@:%{_datadir}/qemu:" descriptors/*.json + %ifarch %ix86 tr -d '\r' < OvmfPkg/License.txt > License-ovmf.txt -install -m 0644 -D ovmf-ia32.bin %{buildroot}/%{_datadir}/qemu/ovmf-ia32.bin -install -m 0644 -D ovmf-ia32-code.bin %{buildroot}/%{_datadir}/qemu/ovmf-ia32-code.bin -install -m 0644 -D ovmf-ia32-vars.bin %{buildroot}/%{_datadir}/qemu/ovmf-ia32-vars.bin +install -m 0644 -D ovmf-ia32*.bin -t %{buildroot}/%{_datadir}/qemu/ +install -m 0644 -D descriptors/*-ia32*.json \ + -t %{buildroot}/%{_datadir}/qemu/firmware %else %ifarch x86_64 tr -d '\r' < OvmfPkg/License.txt > License-ovmf.txt # Install firmware files -install -m 0644 -D ovmf-x86_64.bin %{buildroot}/%{_datadir}/qemu/ovmf-x86_64.bin -install -m 0644 ovmf-x86_64-*.bin %{buildroot}/%{_datadir}/qemu/ +install -m 0644 -D ovmf-x86_64*.bin -t %{buildroot}/%{_datadir}/qemu/ %fdupes %{buildroot}/%{_datadir}/qemu/ +install -m 0644 -D descriptors/*-x86_64*.json \ + -t %{buildroot}/%{_datadir}/qemu/firmware + # Install debug symbols, gdb-uefi.py install -d %{buildroot}/%{_datadir}/ovmf-x86_64/ install -m 0644 gdb_uefi-*.py %{buildroot}/%{_datadir}/ovmf-x86_64/ @@ -497,16 +506,18 @@ %ifarch aarch64 # Install firmware files install -d %{buildroot}/%{_datadir}/qemu/ -install -m 0644 -D qemu-uefi-aarch64*.bin %{buildroot}/%{_datadir}/qemu/ -install -m 0644 -D aavmf-aarch64-*code.bin %{buildroot}/%{_datadir}/qemu/ -install -m 0644 -D aavmf-aarch64-*vars.bin %{buildroot}/%{_datadir}/qemu/ +install -m 0644 -D qemu-uefi-aarch64*.bin -t %{buildroot}/%{_datadir}/qemu/ +install -m 0644 -D aavmf-aarch64-*.bin -t %{buildroot}/%{_datadir}/qemu/ %fdupes %{buildroot}/%{_datadir}/qemu/ +install -m 0644 -D descriptors/*-aarch64*.json \ + -t %{buildroot}/%{_datadir}/qemu/firmware %else %ifarch %arm -install -m 0644 -D qemu-uefi-aarch32.bin %{buildroot}/%{_datadir}/qemu/qemu-uefi-aarch32.bin -install -m 0644 -D aavmf-aarch32-code.bin %{buildroot}/%{_datadir}/qemu/aavmf-aarch32-code.bin -install -m 0644 -D aavmf-aarch32-vars.bin %{buildroot}/%{_datadir}/qemu/aavmf-aarch32-vars.bin +install -m 0644 -D qemu-uefi-aarch32.bin -t %{buildroot}/%{_datadir}/qemu/ +install -m 0644 -D aavmf-aarch32-*.bin -t %{buildroot}/%{_datadir}/qemu/ +install -m 0644 -D descriptors/*-aarch32*.json \ + -t %{buildroot}/%{_datadir}/qemu/firmware %endif #arm %endif #aarch64 %endif #x86_64 @@ -540,6 +551,8 @@ %license License.txt License-ovmf.txt %dir %{_datadir}/qemu/ %{_datadir}/qemu/ovmf-ia32*.bin +%dir %{_datadir}/qemu/firmware +%{_datadir}/qemu/firmware/*-ia32*.json %endif %ifarch x86_64 @@ -548,6 +561,8 @@ %license License.txt License-ovmf.txt %dir %{_datadir}/qemu/ %{_datadir}/qemu/ovmf-x86_64*.bin +%dir %{_datadir}/qemu/firmware +%{_datadir}/qemu/firmware/*-x86_64*.json %files -n qemu-ovmf-x86_64-debug %defattr(-,root,root) @@ -566,6 +581,8 @@ %{_datadir}/qemu/qemu-uefi-aarch64*.bin %{_datadir}/qemu/aavmf-aarch64-*code.bin %{_datadir}/qemu/aavmf-aarch64-*vars.bin +%dir %{_datadir}/qemu/firmware +%{_datadir}/qemu/firmware/*-aarch64*.json
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2019-09-07 11:29:46 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.7948 (New) Package is "ovmf" Sat Sep 7 11:29:46 2019 rev:37 rq:727926 version:201908 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2019-07-08 15:00:25.866480680 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new.7948/ovmf.changes 2019-09-07 11:29:55.302460539 +0200 @@ -1,0 +2,108 @@ +Tue Sep 3 02:08:57 UTC 2019 - Gary Ching-Pang Lin + +- Update to edk2-stable201908 + + OvmfPkg: Introduce platform OvmfXen + + OvmfPkg/ResetSystemLib: Add missing dependency on PciLib + + MdeModulePkg DxeCore: Fix for missing Memory Attributes Table +(MAT) update + + BaseTools: Fixed issue of incorrect Module Unique Name + + CryptoPkg/OpensslLib: Add missing header files in INF file + + SecurityPkg/SecurityPkg.uni: Add missing strings for new PCDs + + MdeModulePkg/DxeIplPeim: Initialize pointer PageMapLevel5Entry + + MdeModulePkg/MdeModulePkg.dec: Remove gEfiDpcProtocolGuid + + Readme.md: add submodule policy and clone commands + + MdeModulePkg/DxeIplPeim: Relocate operation of +PageMapLevel5Entry++ + + MdeModulePkg: Add missing header files in INF files + + MdePkg: Add MmAccess and MmControl definition. + + CryptoPkg/BaseCryptLib: Wrap OpenSSL HKDF algorithm + + MdeModulePkg/DxeIpl: Create 5-level page table for long mode + + MdeModulePkg/DxeIpl: Introduce PCD PcdUse5LevelPageTable + + UefiCpuPkg/CpuDxe: Support parsing 5-level page table + + UefiCpuPkg/MpInitLib: Enable 5-level paging for AP when BSP's +enabled + + OvmfPkg/PlatformPei: Change referenced MSR name. + + UefiCpuPkg/PiSmmCpuDxeSmm: Add check for pointer Pml5Entry + + SecurityPkg/SecurityPkg.dec: Remove trailing white space + + MdeModulePkg/PiSmmCore: Use unique structure signatures + + UefiCpuPkg/MpInitLib: don't shadow the microcode patch twice. + + ShellPkg: improve acpiview + + MdePkg: Add PI 1.5 SmramMemoryReserve HOB file + + MdePkg/PciExpress21.h: Fix the PCI industry standard register +defines + + CryptoPkg/BaseCryptLib: Use cmp-operator for non-Boolean +comparisons + + ArmPkg: DebugPeCoffExtraActionLib: fix trivial comment typos + + ArmPkg: DebugPeCoffExtraActionLib: debugger commands are not +errors + + UefiCpuPkg/RegisterCpuFeaturesLib: Start all processors +simultaneously. + + UefiCpuPkg: Add new EDKII_PEI_MP_SERVICES2_PPI + + list module-internal header files in INF [Sources] + + SecurityPkg: introduce the SM3 digest algorithm + + BaseTools: Fix python3.8 SyntaxWarning + + BaseTools: Add HOST_APPLICATION module type. + + UefiCpuPkg/PiSmmCpu: Enable 5 level paging when CPU supports + + MdePkg/BaseLib.h: Update IA32_CR4 structure for 5-level paging + + UefiCpuPkg RegisterCpuFeaturesLib: Fix an ASSERTION issue + + ArmPlatformPkg: Actually disable PL031 interrupts + + UefiCpuPkg/PiSmmCpu: Change variable names and comments to follow +SDM + + OvmfPkg: use DxeTpmMeasurementLib if and only if TPM2_ENABLE + + ArmPlatformPkg: Fix various typos + + ArmPkg: Fix various typos + + Remove IntelFrameworkPkg + + Remove IntelFrameworkModulePkg + + MdeModulePkg/BdsDxe: Use a pcd to control PlatformRecovery + + MdeModulePkg: Add a pcd to set the OS indications bit + + SecurityPkg: Remove DxeDeferImageLoadLib in DSC + + BaseTools:Linux changes the way the latest version is judged + + Fix indentation in edksetup.sh SetupPython3 + + MdeModulePkg/SdMmcHcDxe: Implement revision 3 of +SdMmcOverrideProtocol + + MdeModulePkg/SdMmcOverride: Add GetOperatingParam notify phase + + MdeModulePkg/UfsPassThruDxe: Fix unaligned data transfer +handling + + ArmVirtPkg: handle NETWORK_TLS_ENABLE in ArmVirtQemu* + + UefiCpuPkg/MpInitLib: MicrocodeDetect: Ensure checked range is +valid + + MdeModulePkg/UfsPassThruDxe: Refactor UFS device presence +detection + + PcAtChipsetPkg: Remove framework modules + + SecurityPkg: add FvReportPei.inf in dsc for build validation + + SecurityPkg/FvReportPei: implement a common FV verifier and +reporter + + SecurityPkg: add definitions for OBB verification + + OvmfPkg: don't assign PCI BARs above 4GiB when CSM enabled + + OvmfPkg: Don't build in QemuVideoDxe when we have CSM + + OvmfPkg/LegacyBbs: Add boot entries for VirtIO and NVME +devices + + OvmfPkg/LegacyBios: set NumberBbsEntries to the size of +BbsTable + + SecurityPkg: Add missing instances for build only + + BaseTools: Move Build Cache related function out of +CreateAsBuiltInf + + BaseTools: refine CreateAsBuiltInf function + + BaseTools:Add DetectNotUsedItem.py to Edk2\BaseTools\Scripts + + BaseTools:Add import in FvImageSection + + MdeModulePkg/PeiMain: PeiAllocatePool:
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2019-07-08 15:00:25 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.4615 (New) Package is "ovmf" Mon Jul 8 15:00:25 2019 rev:36 rq:713568 version:201905 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2019-06-24 21:50:15.959961881 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new.4615/ovmf.changes 2019-07-08 15:00:25.866480680 +0200 @@ -1,0 +2,5 @@ +Fri Jul 5 07:15:55 UTC 2019 - Gary Ching-Pang Lin + +- Reset BootOrder after enrolling the default keys (boo#1140195) + +--- Other differences: -- ++ gen-key-enrollment-iso.sh ++ --- /var/tmp/diff_new_pack.AQENtI/_old 2019-07-08 15:00:27.354482930 +0200 +++ /var/tmp/diff_new_pack.AQENtI/_new 2019-07-08 15:00:27.354482930 +0200 @@ -69,12 +69,17 @@ ENROLLER_SIZE=$(stat --format=%s -- "$ENROLLER_BINARY") START_SCRIPT=$TMP_DIR/"startup.nsh" +# Enter the first ESP echo "fs0:" > $START_SCRIPT +# Enroll the keys if [ $TYPE == "default" ]; then echo "EnrollDefaultKeys.efi" >> $START_SCRIPT else echo "EnrollDefaultKeys.efi --no-default" >> $START_SCRIPT fi +# Reset BootOrder +echo "setvar BootOrder -guid 8be4df61-93ca-11d2-aa0d-00e098032b8c -bs -rt -nv =" >> $START_SCRIPT +# Shutdown the system echo "reset -s" >> $START_SCRIPT UEFI_SHELL_IMAGE=uefi_shell_${ARCH}_${TYPE}.img
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2019-06-24 21:50:05 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.4615 (New) Package is "ovmf" Mon Jun 24 21:50:05 2019 rev:35 rq:710231 version:201905 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2019-05-08 15:15:13.016821620 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new.4615/ovmf.changes 2019-06-24 21:50:15.959961881 +0200 @@ -1,0 +2,61 @@ +Mon Jun 17 03:32:51 UTC 2019 - Gary Ching-Pang Lin + +- Update to edk2-stable201905 + + Update OpenSSL version to upcoming 1.1.1 + + Delete EdkCompatibilityPkg from edk2/master + + Remove .S assembly code for IA32 and X64 arch + + Replace BSD 2-Clause License with BSD + Patent Licence + + Recovery PEI BlockIO support for ATA device + + Add PCD to Enabled/Disabled IPv4/IPv6 PXE Support in NetworkPkg + + Remove NetworkPkg/IpSecDxe + + Add api to DebubLib to expose a print routine with VaList +parameter + + Introduce DebugPpi to save the image size with the debug +message + + ResetSystemLib Adds a new API ResetSystem + + ResetUtilityLib Add a new API ResetSystemWithSubtype + + Add support for get organization name to x509 in BaseCryptLib + + Add support for checking x509 EKUs in BaseCryptLib + + Add support for PKCS 1v2 RSAES-OAEP PKI encryption in +BaseCryptLib + + Remove ShellBinPkg from edk2/master + + Enable multiple thread /MP option for MSVC compiler + + Upstream the EnrollDefaultKeys application to OvmfPkg + + Share code for BaseUefiDecompressLib in MdePkg and MdeModulePkg + + Move network related components from MdeModulePkg to NetworkPkg + + Move BeagleBoardPkg and Omap35xxPkg from edk2 to edk2-platforms +repo + + Move MinnowMax and Quark platform to edk2-platforms repo + + Move OptionRomPkg into new Drivers directory edk2-platforms +repo + + Add ACPI6.3 definition + + Remove Nt32Pkg from edk2/master + + update ArmSoftFloatLib to latest upstream version (= 3e) +- Update openssl to 1.1.1b + + Add berkeley-softfloat-3-b64af41c3276f.tar.xz since arm7 needs +the softfloat implementation for openssl 1.1.1b +- Build the varstore templates with EnrollDefaultKeys.efi + + Create the iso files for key enrollment +- Add gen-key-enrollment-iso.sh to generate the iso file + + Drop the non-upstream ovmf-embed-default-keys.patch +- Also drop owner-guid-zero.h + + Drop the MS keys and dbx since they are already in +EnrollDefaultKeys.efi: MicCorKEKCA2011_2011-06-24.crt, +MicCorUEFCA2011_2011-06-27.crt, MicWinProPCA2011_2011-10-19.crt, +and dbxupdate.zip +- Also drop the related script strip_authinfo.pl + + Add ovmf-set-fixed-enroll-time.patch to set the fixed enrolling +time to make the varstore template reproducible + + Require qemu 3.0.0 for fw_cfg +- Update the build flags for network functions + + For x86_64, only enable TLS for the 4MB image since the code +size exceeds the boundary of 2MB image +- Refresh patches: + + ovmf-add-exclude-shell-flag.patch + + ovmf-disable-ia32-firmware-piepic.patch + + ovmf-pie.patch +- Drop the requirement of xxd +- Update README +- Update the License tag to BSD-2-Clause-Patent + +--- Old: MicCorKEKCA2011_2011-06-24.crt MicCorUEFCA2011_2011-06-27.crt MicWinProPCA2011_2011-10-19.crt dbxupdate.zip openssl-1.1.0j.tar.gz openssl-1.1.0j.tar.gz.asc ovmf-2019+git1552059899.89910a39dcfd.tar.xz ovmf-embed-default-keys.patch owner-guid-zero.h strip_authinfo.pl New: berkeley-softfloat-3-b64af41c3276f.tar.xz edk2-stable201905.tar.gz gen-key-enrollment-iso.sh openssl-1.1.1b.tar.gz openssl-1.1.1b.tar.gz.asc ovmf-set-fixed-enroll-time.patch Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.OS7tNc/_old 2019-06-24 21:50:19.067964300 +0200 +++ /var/tmp/diff_new_pack.OS7tNc/_new 2019-06-24 21:50:19.079964309 +0200 @@ -20,36 +20,34 @@ %define secureboot_archs x86_64 aarch64 %undefine _build_create_debug -%global openssl_version 1.1.0j +%global openssl_version 1.1.1b +%global softfloat_version b64af41c3276f Name: ovmf Url: http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=EDK2 Summary:Open Virtual Machine Firmware -License:BSD-2-Clause +License:BSD-2-Clause-Patent Group: System/Emulators/PC -Version:2019+git1552059899.89910a39dcfd +Version:201905 Release:0 -Source0:%{name}-%{version}.tar.xz +Source0: https://github.com/tianocore/edk2/archive/edk2-stable%{version}.tar.gz Source1:
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2019-05-08 15:15:09 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.5148 (New) Package is "ovmf" Wed May 8 15:15:09 2019 rev:34 rq:701162 version:2019+git1552059899.89910a39dcfd Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2019-03-22 14:53:23.546095871 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.5148/ovmf.changes 2019-05-08 15:15:13.016821620 +0200 @@ -1,0 +2,5 @@ +Mon May 6 09:46:22 UTC 2019 - Guillaume GARDET + +- Build SecureBoot firmwares for aarch64 + +--- Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.bwt65u/_old 2019-05-08 15:15:14.444824800 +0200 +++ /var/tmp/diff_new_pack.bwt65u/_new 2019-05-08 15:15:14.448824809 +0200 @@ -17,6 +17,8 @@ # needssslcertforbuild +%define secureboot_archs x86_64 aarch64 + %undefine _build_create_debug %global openssl_version 1.1.0j @@ -59,7 +61,7 @@ %ifnarch %arm BuildRequires: nasm %endif -%ifarch x86_64 +%ifarch %{secureboot_archs} BuildRequires: openssl BuildRequires: unzip %if 0%{?suse_version} @@ -160,6 +162,8 @@ %ifarch x86_64 %patch1 -p1 +%endif +%ifarch %{secureboot_archs} %patch2 -p1 %endif %patch3 -p1 @@ -297,6 +301,60 @@ done } +# Build with keys done later (shared between archs) + +%else +%ifarch aarch64 + +# Build the UEFI image without keys +build $BUILD_OPTIONS + +cp Build/ArmVirtQemu-AARCH64/DEBUG_GCC*/FV/QEMU_EFI.fd qemu-uefi-aarch64.bin +dd of="aavmf-aarch64-code.bin" if="/dev/zero" bs=1M count=64 +dd of="aavmf-aarch64-code.bin" if="qemu-uefi-aarch64.bin" conv=notrunc +dd of="aavmf-aarch64-vars.bin" if="/dev/zero" bs=1M count=64 + +build_with_keys() +{ + suffix_base="$1" + xxd -i Default_PK > SecurityPkg/Library/AuthVariableLib/Default_PK.h + xxd -i Default_KEK > SecurityPkg/Library/AuthVariableLib/Default_KEK.h + xxd -i Default_DB > SecurityPkg/Library/AuthVariableLib/Default_DB.h + xxd -i Default_DB_EX > SecurityPkg/Library/AuthVariableLib/Default_DB_EX.h + xxd -i Default_DBX > SecurityPkg/Library/AuthVariableLib/Default_DBX.h + cat Default_Owner > SecurityPkg/Library/AuthVariableLib/Default_Owner.h + + for suffix in $suffix_base; do + build $BUILD_OPTIONS + cp Build/ArmVirtQemu-AARCH64/DEBUG_*/FV/QEMU_EFI.fd qemu-uefi-aarch64-$suffix.bin +dd of="aavmf-aarch64-$suffix-code.bin" if="/dev/zero" bs=1M count=64 +dd of="aavmf-aarch64-$suffix-code.bin" if="qemu-uefi-aarch64-$suffix.bin" conv=notrunc +dd of="aavmf-aarch64-$suffix-vars.bin" if="/dev/zero" bs=1M count=64 + + done +} + +# Build with keys done later (shared between archs) + +%else +%ifarch %arm + +# Build the UEFI image +build $BUILD_OPTIONS + +cp Build/ArmVirtQemu-ARM/DEBUG_GCC*/FV/QEMU_EFI.fd qemu-uefi-aarch32.bin +dd of="aavmf-aarch32-code.bin" if="/dev/zero" bs=1M count=64 +dd of="aavmf-aarch32-code.bin" if="qemu-uefi-aarch32.bin" conv=notrunc +dd of="aavmf-aarch32-vars.bin" if="/dev/zero" bs=1M count=64 +%endif #arm +%endif #aarch64 +%endif #x86_64 +%endif #ix86 + +# Builds with keys is shared between archs +%ifarch %{secureboot_archs} +# Each arch must define its own build_with_keys() function + # OVMF with SUSE keys openssl x509 -in %{SOURCE3} -outform DER > Default_PK openssl x509 -in %{SOURCE3} -outform DER > Default_KEK @@ -343,31 +401,7 @@ build_with_keys devel fi fi - -%else -%ifarch aarch64 - -# Build the UEFI image -build $BUILD_OPTIONS - -cp Build/ArmVirtQemu-AARCH64/DEBUG_GCC*/FV/QEMU_EFI.fd qemu-uefi-aarch64.bin -dd of="aavmf-aarch64-code.bin" if="/dev/zero" bs=1M count=64 -dd of="aavmf-aarch64-code.bin" if="qemu-uefi-aarch64.bin" conv=notrunc -dd of="aavmf-aarch64-vars.bin" if="/dev/zero" bs=1M count=64 -%else -%ifarch %arm - -# Build the UEFI image -build $BUILD_OPTIONS - -cp Build/ArmVirtQemu-ARM/DEBUG_GCC*/FV/QEMU_EFI.fd qemu-uefi-aarch32.bin -dd of="aavmf-aarch32-code.bin" if="/dev/zero" bs=1M count=64 -dd of="aavmf-aarch32-code.bin" if="qemu-uefi-aarch32.bin" conv=notrunc -dd of="aavmf-aarch32-vars.bin" if="/dev/zero" bs=1M count=64 -%endif #arm -%endif #aarch64 -%endif #x86_64 -%endif #ix86 +%endif %install rm -rf %{buildroot} @@ -401,9 +435,11 @@ %fdupes -s %{buildroot}/usr/src/debug/ovmf-x86_64 %else %ifarch aarch64 -install -m 0644 -D qemu-uefi-aarch64.bin %{buildroot}/%{_datadir}/qemu/qemu-uefi-aarch64.bin -install -m 0644 -D aavmf-aarch64-code.bin %{buildroot}/%{_datadir}/qemu/aavmf-aarch64-code.bin -install -m 0644 -D aavmf-aarch64-vars.bin
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2019-03-22 14:53:20 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.25356 (New) Package is "ovmf" Fri Mar 22 14:53:20 2019 rev:33 rq:686884 version:2019+git1552059899.89910a39dcfd Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2019-03-14 14:54:35.751767745 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.25356/ovmf.changes 2019-03-22 14:53:23.546095871 +0100 @@ -1,0 +2,6 @@ +Wed Mar 20 08:31:11 UTC 2019 - Guillaume GARDET + +- Enable debug for aarch32 +- Add aavmf-aarch32-code.bin and aavmf-aarch32-vars.bin files + +--- Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.T5We1c/_old 2019-03-22 14:53:24.774095128 +0100 +++ /var/tmp/diff_new_pack.T5We1c/_new 2019-03-22 14:53:24.774095128 +0100 @@ -201,7 +201,7 @@ ARCH=AARCH64 make -C BaseTools %else %ifarch %arm - BUILD_OPTIONS="-a ARM -p ArmVirtPkg/ArmVirtQemu.dsc -b RELEASE -t $TOOL_CHAIN_TAG" + BUILD_OPTIONS="-a ARM -p ArmVirtPkg/ArmVirtQemu.dsc -b DEBUG -t $TOOL_CHAIN_TAG" ARCH=ARM make -C BaseTools %else echo "ERROR: unsupported architecture" @@ -360,7 +360,10 @@ # Build the UEFI image build $BUILD_OPTIONS -cp Build/ArmVirtQemu-ARM/RELEASE_GCC*/FV/QEMU_EFI.fd qemu-uefi-aarch32.bin +cp Build/ArmVirtQemu-ARM/DEBUG_GCC*/FV/QEMU_EFI.fd qemu-uefi-aarch32.bin +dd of="aavmf-aarch32-code.bin" if="/dev/zero" bs=1M count=64 +dd of="aavmf-aarch32-code.bin" if="qemu-uefi-aarch32.bin" conv=notrunc +dd of="aavmf-aarch32-vars.bin" if="/dev/zero" bs=1M count=64 %endif #arm %endif #aarch64 %endif #x86_64 @@ -404,6 +407,8 @@ %else %ifarch %arm install -m 0644 -D qemu-uefi-aarch32.bin %{buildroot}/%{_datadir}/qemu/qemu-uefi-aarch32.bin +install -m 0644 -D aavmf-aarch32-code.bin %{buildroot}/%{_datadir}/qemu/aavmf-aarch32-code.bin +install -m 0644 -D aavmf-aarch32-vars.bin %{buildroot}/%{_datadir}/qemu/aavmf-aarch32-vars.bin %endif #arm %endif #aarch64 %endif #x86_64 @@ -458,6 +463,8 @@ %doc License.txt %dir %{_datadir}/qemu/ %{_datadir}/qemu/qemu-uefi-aarch32.bin +%{_datadir}/qemu/aavmf-aarch32-code.bin +%{_datadir}/qemu/aavmf-aarch32-vars.bin %endif %changelog
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2019-03-14 14:54:32 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.28833 (New) Package is "ovmf" Thu Mar 14 14:54:32 2019 rev:32 rq:684137 version:2019+git1552059899.89910a39dcfd Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2019-02-24 18:04:02.695761401 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.28833/ovmf.changes 2019-03-14 14:54:35.751767745 +0100 @@ -1,0 +2,60 @@ +Tue Mar 12 03:18:33 UTC 2019 - Gary Ching-Pang Lin + +- Update to 2019+git1552059899.89910a39dcfd (edk2-stable201903) + + MdeModulePkg/HiiImage: Fix stack overflow when corrupted BMP +is parsed (bsc#1128503, CVE-2018-12181) + + MdeModulePkg/HiiDatabase: Fix potential integer overflow +(bsc#1128503, CVE-2018-12181) + + UefiCpuPkg/Microcode.c: Add verification before calculate +CheckSum32 + + UefiCpuPkg/Microcode: Fix InComplete CheckSum32 issue + + UefiCpuPkg: restore strict page attributes via #DB in nonstop +mode only + + IntelFrameworkModulePkg/FwVolDxe: Ensure FfsFileHeader 8 bytes +aligned (bsc#1127822, CVE-2018-3630) + + MdeModulePkg/DxeCore: Ensure FfsFileHeader 8 bytes aligned +(bsc#1127822, CVE-2018-3630) + + MdeModulePkg/PeiCore: Ensure FfsFileHeader 8 bytes aligned +(bsc#1127822, CVE-2018-3630) + + NetworkPkg: Add WiFi Connection Manager to NetworkPkg + + UefiCpuPkg/PiSmmCpu: Add Shadow Stack Support for X86 SMM + + MdePkg/BaseLib: Add Shadow Stack Support for X86 + + NetworkPkg/DnsDxe: Check the received packet size before +parsing the message (bsc#1127821, CVE-2018-12178) + + MdeModulePkg/RamDiskDxe: Restrict on RAM disk size +(bsc#1127820, CVE-2018-12180) + + MdeModulePkg/PartitionDxe: Ensure blocksize holds MBR +(bsc#1127820, CVE-2018-12180) + + ArmVirtPkg/PlatformBootManagerLib: display boot option +loading/starting + + ArmVirtPkg/ArmVirtQemu*: enable minimal Status Code Routing +in DXE + + OvmfPkg/PlatformBootManagerLib: display boot option +loading/starting + + OvmfPkg: add library to track boot option loading/starting on +the console + + MdeModulePkg/UefiBootManagerLib: fix LoadImage/StartImage +status code rep + + MdeModulePkg/AhciPei: Add AHCI mode ATA device support in PEI + + MdeModulePkg: Add definitions for EDKII PEI ATA PassThru PPI + + MdeModulePkg: Add definitions for ATA AHCI host controller PPI + + MdePkg/UefiDevicePathLib: Add sanity check for FilePath device +path + + UefiCpuPkg/Microcode: Fix incorrect checksum issue for +extended table + + SecurityPkg/TcgConfigDxe: Allow enabling TPM 1.2 device from +disabled state + + UefiCpuPkg/SecCore: Wrong Debug Information for SecCore + + Various bug fixes in BaseTools + + DynamicTablesPkg: Dynamic Tables Framework + + MdeModulePkg: Remove EmuVariableRuntimeDxe + + UefiCpuPkg/MtrrLib: Fix a bug that may wrongly set memory <1MB +to UC + + MdeModulePkg/BmBoot: Report status when fail to load/start +boot option + + MdeModulePkg/ReportStatusCodeLib: Avoid using AllocatePool if +possible + + NetworkPkg/Ip6Dxe: Clean the invalid IPv6 configuration during +driver start + +--- Old: ovmf-2019+git1550452308.c417c1b33d06.tar.xz New: ovmf-2019+git1552059899.89910a39dcfd.tar.xz Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.EtW3TT/_old 2019-03-14 14:54:37.843767424 +0100 +++ /var/tmp/diff_new_pack.EtW3TT/_new 2019-03-14 14:54:37.843767424 +0100 @@ -25,7 +25,7 @@ Summary:Open Virtual Machine Firmware License:BSD-2-Clause Group: System/Emulators/PC -Version:2019+git1550452308.c417c1b33d06 +Version:2019+git1552059899.89910a39dcfd Release:0 Source0:%{name}-%{version}.tar.xz Source1: https://www.openssl.org/source/openssl-%{openssl_version}.tar.gz ++ ovmf-2019+git1550452308.c417c1b33d06.tar.xz -> ovmf-2019+git1552059899.89910a39dcfd.tar.xz ++ /work/SRC/openSUSE:Factory/ovmf/ovmf-2019+git1550452308.c417c1b33d06.tar.xz /work/SRC/openSUSE:Factory/.ovmf.new.28833/ovmf-2019+git1552059899.89910a39dcfd.tar.xz differ: char 28, line 1
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2019-02-24 18:03:58 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.28833 (New) Package is "ovmf" Sun Feb 24 18:03:58 2019 rev:31 rq:677952 version:2019+git1550452308.c417c1b33d06 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2019-01-03 18:03:40.936297518 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.28833/ovmf.changes 2019-02-24 18:04:02.695761401 +0100 @@ -1,0 +2,57 @@ +Thu Feb 21 09:55:47 UTC 2019 - Gary Ching-Pang Lin + +- Add TPM2_CONFIG_ENABLE build flag to enable TPM2 config menu + +--- +Mon Feb 18 09:00:09 UTC 2019 - Gary Ching-Pang Lin + +- Update to 2019+git1550452308.c417c1b33d06 + + BaseTools: Fixed an issue about StructurePcd + + UefiCpuPkg/SecCore: Support EFI_PEI_CORE_FV_LOCATION_PPI + + OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu + + FatPkg/FatPei/Gpt.c: Fix uninitialized variable issue + + Make BaseTools compatible with python3 + + CryptoPkg/BaseCryptLib: split CryptPkcs7Verify.c on behalf +of runtime + + MdeModulePkg/UefiBootManagerLib: Match the nested partitions + + ArmPkg/ArmMmuLib AARCH64: get rid of needless TLB invalidation + + Upgrade UEFI supporting TCG spec info + + MdeModulePkg Variable: Add emulated variable NV mode support + + Code clean-up in the network packages + + OvmfPkg: add MmServicesTableLib resolution + + ArmPkg/ArmMmuLib AARCH64: fix out of bounds access + + BaseTools/VfrCompile: report error for Integer overflow + + OvmfPkg: require GCC48 or later + + MdePkg/BaseLib: Introduce new SpeculationBarrier API + + Remove the obsolete network packages in MdeModulePkg + + Upgrade OpenSSL to 1.1.0j + + MdePkg/Base: introduce MAX_ALLOC_ADDRESS + + MdeModulePkg/PciBus: Fix system hang when no PCI Option ROM exists + + BaseTools/tools_def AARCH64 RELEASE: move GCC49/GGC5 to 4 KB +alignment + + SecurityPkg: Remove dead code and inf redundant definitions + + UefiCpuPkg/Cpuid.h: Sync CPUID definition to latest SDM + + MdeModulePkg/PciBus: Shadow option ROM after BARs are programmed + + ArmVirtPkg/QemuVirtMemInfoLib: trim the MMIO region mapping + + ArmVirtPkg/XenVirtMemInfoLib: refactor reading of the PA space +size + + ArmVirtPkg/QemuVirtMemInfoLib: remove 1:1 mapping of top of +PA range + + ArmVirtPkg/NorFlashQemuLib: discover NOR flash banks dynamically + + ArmPkg/ArmSmcPsciResetSystemLib: add missing call to +ExitBootServices() + + SecurityPkg: Update TCG PFP spec revision. + + OvmfPkg: simply use the Bochs interface for vmsvga + + ArmPlatformPkg & ArmVirtPkg: clear frame pointer in startup +code + + Remove unused DuetPkg, EdkShellBinPkg, and UnixPkg + + ArmPkg/ArmGicDxe ARM: fix encoding for GICv3 interrupt +acknowledge + + MdePkg/BaseIoLibIntrinsicArmVirt ARM: avoid double word loads +and stores +- Refresh patches + + ovmf-add-exclude-shell-flag.patch + + ovmf-disable-ia32-firmware-piepic.patch +- Enable Python3 support in BaseTools (bsc#1075770) + +--- Old: openssl-1.1.0h.tar.gz openssl-1.1.0h.tar.gz.asc ovmf-2018+git1542164568.85588389222a.tar.xz New: openssl-1.1.0j.tar.gz openssl-1.1.0j.tar.gz.asc ovmf-2019+git1550452308.c417c1b33d06.tar.xz Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.ygfNTP/_old 2019-02-24 18:04:03.703761057 +0100 +++ /var/tmp/diff_new_pack.ygfNTP/_new 2019-02-24 18:04:03.707761057 +0100 @@ -1,7 +1,7 @@ # # spec file for package ovmf # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,14 +18,14 @@ %undefine _build_create_debug -%global openssl_version 1.1.0h +%global openssl_version 1.1.0j Name: ovmf Url: http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=EDK2 Summary:Open Virtual Machine Firmware License:BSD-2-Clause Group: System/Emulators/PC -Version:2018+git1542164568.85588389222a +Version:2019+git1550452308.c417c1b33d06 Release:0 Source0:%{name}-%{version}.tar.xz Source1: https://www.openssl.org/source/openssl-%{openssl_version}.tar.gz @@ -49,12 +49,13 @@ Patch4: %{name}-pie.patch Patch5: %{name}-disable-ia32-firmware-piepic.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build +BuildRequires: bc
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2019-01-03 18:03:39 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.28833 (New) Package is "ovmf" Thu Jan 3 18:03:39 2019 rev:30 rq:661570 version:2018+git1542164568.85588389222a Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2018-12-11 15:41:58.966591929 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.28833/ovmf.changes 2019-01-03 18:03:40.936297518 +0100 @@ -1,0 +2,11 @@ +Thu Dec 27 07:43:41 UTC 2018 - Gary Ching-Pang Lin + +- Add a new "smm" flavor to enable System Management Mode + + Also add ovmf-add-exclude-shell-flag.patch to exclude shell +from the resultant SMM firmware files +- Retire the old openSUSE 4096 bit certificates since all those + programs are unmaintained. +- Amend the numbering of patches and sources +- Update README to reflect the current status + +--- Old: openSUSE-UEFI-CA-Certificate-4096.crt openSUSE-UEFI-SIGN-Certificate-4096.crt New: ovmf-add-exclude-shell-flag.patch Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.HhHIGf/_old 2019-01-03 18:03:41.836296718 +0100 +++ /var/tmp/diff_new_pack.HhHIGf/_new 2019-01-03 18:03:41.836296718 +0100 @@ -33,18 +33,17 @@ Source112: openssl.keyring Source2:README Source3:SLES-UEFI-CA-Certificate-2048.crt -Source5:MicCorKEKCA2011_2011-06-24.crt -Source6:MicCorUEFCA2011_2011-06-27.crt -Source7:openSUSE-UEFI-CA-Certificate-2048.crt -Source8:openSUSE-UEFI-SIGN-Certificate-2048.crt -Source9:openSUSE-UEFI-CA-Certificate-4096.crt -Source10: openSUSE-UEFI-SIGN-Certificate-4096.crt -Source11: http://www.uefi.org/sites/default/files/resources/dbxupdate.zip -Source12: strip_authinfo.pl -Source13: MicWinProPCA2011_2011-10-19.crt -Source14: owner-guid-zero.h +Source4:MicCorKEKCA2011_2011-06-24.crt +Source5:MicCorUEFCA2011_2011-06-27.crt +Source6:MicWinProPCA2011_2011-10-19.crt +Source7:http://www.uefi.org/sites/default/files/resources/dbxupdate.zip +Source8:openSUSE-UEFI-CA-Certificate-2048.crt +Source9:openSUSE-UEFI-SIGN-Certificate-2048.crt +Source10: strip_authinfo.pl +Source11: owner-guid-zero.h Source100: %{name}-rpmlintrc Source101: gdb_uefi.py.in +Patch1: %{name}-add-exclude-shell-flag.patch Patch2: %{name}-embed-default-keys.patch Patch3: %{name}-gdb-symbols.patch Patch4: %{name}-pie.patch @@ -159,6 +158,7 @@ rm -rf $PKG_TO_REMOVE %ifarch x86_64 +%patch1 -p1 %patch2 -p1 %endif %patch3 -p1 @@ -218,9 +218,6 @@ %else %ifarch x86_64 -# Build the 2MB UEFI image for the backward compatibility -build $BUILD_OPTIONS -D FD_SIZE_2MB - collect_debug_files() { target="$1" @@ -242,12 +239,32 @@ %{SOURCE101} > gdb_uefi-$target.py } -cp Build/OvmfX64/DEBUG_*/FV/OVMF.fd ovmf-x86_64.bin -cp Build/OvmfX64/DEBUG_*/FV/OVMF_CODE.fd ovmf-x86_64-code.bin -cp Build/OvmfX64/DEBUG_*/FV/OVMF_VARS.fd ovmf-x86_64-vars.bin +build_ovmf() +{ + name="$1" + case $name in + *-smm) + build $BUILD_OPTIONS -D FD_SIZE_4MB -D SMM_REQUIRE -D EXCLUDE_SHELL + ;; + *-4m) + build $BUILD_OPTIONS -D FD_SIZE_4MB + ;; + *) + build $BUILD_OPTIONS -D FD_SIZE_2MB + ;; + esac +} + +# OVMF without any default keys +for name in ovmf-x86_64 ovmf-x86_64-4m ovmf-x86_64-smm; do + build_ovmf $name + cp Build/OvmfX64/DEBUG_*/FV/OVMF.fd $name.bin + cp Build/OvmfX64/DEBUG_*/FV/OVMF_CODE.fd $name-code.bin + cp Build/OvmfX64/DEBUG_*/FV/OVMF_VARS.fd $name-vars.bin + + collect_debug_files $name +done -# Collect the debug files -collect_debug_files ovmf-x86_64 # Collect the source mkdir -p source/ovmf-x86_64 # TODO get the source list from debug files @@ -255,14 +272,6 @@ find $src_list \( -name "*.c" -o -name "*.h" \) -type f -exec cp --parents -a {} source/ovmf-x86_64 \; find source/ovmf-x86_64 -name *.c -type f -exec chmod 0644 {} \; -# Build the 4MB UEFI image -build $BUILD_OPTIONS -D FD_SIZE_4MB -cp Build/OvmfX64/DEBUG_*/FV/OVMF.fd ovmf-x86_64-4m.bin -cp Build/OvmfX64/DEBUG_*/FV/OVMF_CODE.fd ovmf-x86_64-4m-code.bin -cp Build/OvmfX64/DEBUG_*/FV/OVMF_VARS.fd ovmf-x86_64-4m-vars.bin - -collect_debug_files ovmf-x86_64-4m - build_with_keys() { suffix_base="$1" @@ -273,12 +282,8 @@ xxd -i Default_DBX > SecurityPkg/Library/AuthVariableLib/Default_DBX.h cat Default_Owner >
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2018-12-11 15:41:53 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.19453 (New) Package is "ovmf" Tue Dec 11 15:41:53 2018 rev:29 rq:655463 version:2018+git1542164568.85588389222a Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2018-11-18 23:24:34.958033759 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.19453/ovmf.changes 2018-12-11 15:41:58.966591929 +0100 @@ -1,0 +2,9 @@ +Mon Dec 3 08:05:38 UTC 2018 - Gary Ching-Pang Lin + +- Update ovmf-embed-default-keys.patch and add owner-guid-zero.h to + set the default owner of PK/KEK/db/dbx and make the + auto-enrollment only happen at the very first boot. (bsc#1117998) +- Change the group of qemu-ovmf-x86_64-debug to Development/Sources + since there is no Development/Debug anymore + +--- New: owner-guid-zero.h Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.M6iKkb/_old 2018-12-11 15:42:01.258589420 +0100 +++ /var/tmp/diff_new_pack.M6iKkb/_new 2018-12-11 15:42:01.258589420 +0100 @@ -42,6 +42,7 @@ Source11: http://www.uefi.org/sites/default/files/resources/dbxupdate.zip Source12: strip_authinfo.pl Source13: MicWinProPCA2011_2011-10-19.crt +Source14: owner-guid-zero.h Source100: %{name}-rpmlintrc Source101: gdb_uefi.py.in Patch2: %{name}-embed-default-keys.patch @@ -114,7 +115,7 @@ %package -n qemu-ovmf-x86_64-debug Summary:Open Virtual Machine Firmware - debug symbols (x86_64) -Group: Development/Debug +Group: Development/Sources Requires: qemu %description -n qemu-ovmf-x86_64-debug @@ -270,6 +271,7 @@ xxd -i Default_DB > SecurityPkg/Library/AuthVariableLib/Default_DB.h xxd -i Default_DB_EX > SecurityPkg/Library/AuthVariableLib/Default_DB_EX.h xxd -i Default_DBX > SecurityPkg/Library/AuthVariableLib/Default_DBX.h + cat Default_Owner > SecurityPkg/Library/AuthVariableLib/Default_Owner.h for suffix in $suffix_base $suffix_base-4m; do if [ "$suffix" = "$suffix_base-4m" ]; then @@ -290,6 +292,7 @@ openssl x509 -in %{SOURCE3} -outform DER > Default_DB truncate -s 0 Default_DB_EX truncate -s 0 Default_DBX +cat %{SOURCE14} > Default_Owner build_with_keys suse #unpack the UEFI revocation list @@ -302,6 +305,8 @@ cat %{SOURCE13} > Default_DB_EX chmod 755 %{SOURCE12} %{SOURCE12} dbxupdate.bin Default_DBX +echo "EFI_GUID DefaultOwnerGUID = {0x77fa9abd, 0x0359, 0x4d32, {0xbd, 0x60, 0x28, 0xf4, 0xe7, 0x8f, 0x78, 0x4b}};" > \ +Default_Owner build_with_keys ms # OVMF with openSUSE keys @@ -310,6 +315,7 @@ openssl x509 -in %{SOURCE8} -outform DER > Default_DB truncate -s 0 Default_DB_EX truncate -s 0 Default_DBX +cat %{SOURCE14} > Default_Owner build_with_keys opensuse # OVMF with openSUSE keys (4096 bit CA) @@ -318,6 +324,7 @@ openssl x509 -in %{SOURCE10} -outform DER > Default_DB truncate -s 0 Default_DB_EX truncate -s 0 Default_DBX +cat %{SOURCE14} > Default_Owner build_with_keys opensuse-4096 if [ -e %{_sourcedir}/_projectcert.crt ]; then @@ -330,6 +337,7 @@ openssl x509 -in %{_sourcedir}/_projectcert.crt -outform DER > Default_DB truncate -s 0 Default_DB_EX truncate -s 0 Default_DBX + cat %{SOURCE14} > Default_Owner build_with_keys devel fi fi ++ ovmf-embed-default-keys.patch ++ --- /var/tmp/diff_new_pack.M6iKkb/_old 2018-12-11 15:42:01.354589316 +0100 +++ /var/tmp/diff_new_pack.M6iKkb/_new 2018-12-11 15:42:01.358589310 +0100 @@ -1,16 +1,16 @@ -From 933284f94b8bffb7d3d81152e0b5f49c46a9f787 Mon Sep 17 00:00:00 2001 +From 9263239b037b71f81b14ac86746dafd582527b98 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Fri, 10 May 2013 10:27:51 +0800 -Subject: [PATCH 1/3] Add a stub to allow keys to be embedded at build time +Subject: [PATCH 1/5] Add a stub to allow keys to be embedded at build time Signed-off-by: Gary Ching-Pang Lin --- - .../Library/AuthVariableLib/AuthVariableLib.c | 180 + - .../Library/AuthVariableLib/AuthVariableLib.inf| 4 + - SecurityPkg/Library/AuthVariableLib/Default_DB.h | 2 + - SecurityPkg/Library/AuthVariableLib/Default_DBX.h | 2 + - SecurityPkg/Library/AuthVariableLib/Default_KEK.h | 2 + - SecurityPkg/Library/AuthVariableLib/Default_PK.h | 2 + + .../Library/AuthVariableLib/AuthVariableLib.c | 180 ++ + .../AuthVariableLib/AuthVariableLib.inf | 4 + +
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2018-11-18 23:24:10 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Sun Nov 18 23:24:10 2018 rev:28 rq:649206 version:2018+git1542164568.85588389222a Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2018-10-15 10:04:33.905979681 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2018-11-18 23:24:34.958033759 +0100 @@ -1,0 +2,152 @@ +Thu Nov 15 07:25:30 UTC 2018 - Gary Ching-Pang Lin + +- Update to 2018+git1542164568.85588389222a (edk2-stable201811) + + UefiCpuPkg/CommonFeature: Always set FEATURE_CONTROL.Lock + + MdeModulePkg/NvmExpressPei: Refine data buffer & len check in +PassThru + + OvmfPkg/QemuVideoDxe: list "UnalignedIoInternal.h" in the INF +file + + OvmfPkg/QemuVideoDxe: VMWare SVGA device support + + OvmfPkg/QemuVideoDxe: Helper functions for unaligned port I/O + + OvmfPkg: VMWare SVGA display device register definitions + + Fix UEFI and Tiano Decompression logic issue + + MdePkg: Fix incorrect check for DisplayOnly text format in +AcpiEx + + UefiCpuPkg/PiSmmCpuDxeSmm: Separate semaphore container + + UefiCpuPkg/RegisterCpuFeaturesLib: Separate semaphore container + + UefiCpuPkg/RegisterCpuFeaturesLib: Adjust Order + + MdePkg/BaseSynchronizationLib: Fix InternalSync[De|In]crement + + UefiCpuPkg/SmmCpu: Block access-out only when static paging is +used + + MdeModulePkg/Core: fix ineffective guard page issue + + MdeModulePkg/Core: fill logic hole in +MemoryProtectionCpuArchProtocolNotify + + MdeModulePkg/Mtftp4Dxe: Fix invalid configuration of MTFTP +local port + + OvmfPkg: Replace obsoleted network drivers from platform DSC/FDF + + MdePkg/Base.h: Implement BASE_CR() via OFFSET_OF() + + MdeModulePkg/PiSmmIpl: Do not reset SMRAM to UC when CPU driver +runs + + NetworkPkg/TlsDxe: Fix failure to process multiple TLS records + + BaseTools ConvertFceToStructurePcd: Fix the array value with +empty string + + CryptoPkg/BaseCryptLib: Fix potential integer overflow issue + + ArmPkg/OpteeLib: Add APIs to communicate with OP-TEE + + UefiCpuPkg/PiSmmCpuDxeSmm: Fix ASSERT for success + + UefiCpuPkg/MpInitLib: Fix ASSERT for success + + MdeModulePkg/Core: fix an issue of potential NULL pointer access + + NetworkPkg/Mtftp6Dxe: Correct the total received and saved +block number + + MdeModulePke/Mtftp4Dxe: Correct the total received and saved +block number + + MdeModulePkg EhciDxe: Extract new EhciInsertAsyncIntTransfer +function + + MdeModulePkg XhciDxe: Extract new XhciInsertAsyncIntTransfer +function + + BaseTools: Sync the DevicePath Function update from MdePkg + + MdeModulePkg/HiiDB: Make sure database update behaviors are +atomic + + MdeModulePkg/HiiDB: Reorganize codes of exporting HII settings + + UefiCpuPkg/RegisterCpuFeaturesLib: Support combo CPU feature +style + + UefiCpuPkg/RegisterCpuFeaturesLib: Fix ECC issues + + MdeModulePkg/Core: add freed-memory guard feature + + MdeModulePkg/Core: prevent re-acquire GCD memory lock + + UefiCpuPkg/CpuDxe: prevent recursive calling of +InitializePageTablePool + + UefiCpuPkg/CpuDxe: consider freed-memory guard in non-stop mode + + MdeModulePkg: introduce UEFI freed-memory guard bit in HeapGuard +PCD + + MdeModulePkg/NvmExpressDxe: Refine PassThru IO queue creation +behavior + + MdeModulePkg/NvmExpressDxe: Always copy CQ entry to PassThru +packet + + MdeModulePkg/NvmExpressDxe: Refine data buffer & len check in +PassThru + + MdePkg: Handle various device path when optional para is not +specified + + FatPkg: Correct the line ending to CRLF + + MdePkg-BaseLib: Fix PathCleanUpDirectories() issue with +"\\..\\.." + + FatPkg/EnhancedFatDxe Fix Double Cluster Allocation + + FatBinPkg: Remove FatBinPkg and refresh document + + ShellPkg/dmem: Only dump sizeof (EFI_SYSTEM_TABLE) bytes for gST + + MdeModulePkg/UsbMass: Fix USB key write failure + + IntelFrameworkModulePkg: Add more checker in +UefiTianoDecompressLib (CVE FIX) + + MdePkg: Add more checker in UefiDecompressLib to access the +valid buffer only (CVE FIX) + + MdeModulePkg/PartitionDxe: Add check for underlying device +block size + + MdeModulePkg Xhci: Handle value 5 in Port Speed field of PORTSC + + MdeModulePkg XhciDxe: Assign Usb2Hc.XXXRevision based on SBRN + + MdePkg/BaseLib: AsciiStrToUnicodeStr(S) not handle EASCII +properly + + UefiCpuPkg/CpuCommonFeaturesLib: Register MSR base on scope Info + + UefiCpuPkg/CpuS3DataDxe: Keep old data if value already existed + + UefiCpuPkg/PiSmmCpuDxeSmm: Add logic to support semaphore type + + UefiCpuPkg/RegisterCpuFeaturesLib: Add logic to support +
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2018-10-15 10:04:15 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Mon Oct 15 10:04:15 2018 rev:27 rq:640028 version:2018+git1538590187.c0b1f749ef13 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2018-08-28 09:20:52.244157990 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2018-10-15 10:04:33.905979681 +0200 @@ -1,0 +2,127 @@ +Fri Oct 5 04:04:38 UTC 2018 - Gary Ching-Pang Lin + +- Update to 2018+git1538590187.c0b1f749ef13 + + ShellPkg: Create a homefilesystem environment variable + + NetworkPkg/HttpUtilitiesDxe: fix read memory access overflow + + NetworkPkg/HttpDxe: fix read memory access overflow in HTTPBoot + + PcAtChipsetPkg PcRtc: Use new EfiLocateFirstAcpiTable() + + MdeModulePkg S3SaveStateDxe: Use new EfiLocateFirstAcpiTable() + + MdePkg UefiLib: Add new EfiLocateXXXAcpiTable() APIs + + NetworkPkg/UefiPxeBcDxe: Add the clarification compared to +UefiPxeBcDxe in MdeModulePkg + + NetworkPkg/IScsiDxe: Add the clarification compared to +IScsiDxe in MdeModulePkg + + NetworkPkg/TcpDxe: Add the clarification compared to Tcp4Dxe +in MdeModulePkg + + MdeModulePkg/UefiPxeBcDxe: Add the clarification compared +to UefiPxeBcDxe in NetworkPkg + + MdeModulePkg/IScsiDxe: Add the clarification compared to +IScsiDxe in NetworkPkg + + MdeModulePkg/Tcp4Dxe: Add the clarification compared to TcpDxe +in NetworkPkg + + NetworkPkg/UefiPxeBcDxe: Use the specified MTFTP windowsize + + NetworkPkg: Define one PCD for PXE to specify MTFTP windowsize + + NetworkPkg/Mtftp6Dxe: Support windowsize in read request +operation + + MdeModulePke/Mtftp4Dxe: Support windowsize in read request +operation + + MdePkg/BaseSynchronizationLib: fix XADD operands in GCC +IA32/X64 assembly + + MdeModulePkg/PciHostBridge: Fix a bug that prevents PMEM +access + + MdeModulePkg/PciHostBridge: Enhance boundary check in +Io/Mem.Read/Write + + MdeModulePkg/DxeIpl: support more NX related PCDs + + MdeModulePkg: XhciDxe: Prevent illegal memory access in +XhcSetHsee + + SecurityPkg/TcgStorageOpalLib: Fixed correct user password +not works issue + + MdeModulePkg/SdMmcPciHcDxe: Execute card detect only for +RemovableSlot + + MdeModulePkg/SdMmcPciHcDxe: Fix SdMmcHcReset to set only +necesery bits + + NetworkPkg: UefiPxeBcDxe: Add EXCLUSIVE attribute when opening +SNP protocol installed by PXE + + BaseTools: Check GUID C structure format + + MdeModulePkg: Avoid key notification called more than once + + IntelFrameworkModulePkg: Avoid key notification called more +than once + + MdeModulePkg/Library/DxeHttpLib: Handle the blank value in +HTTP header + + MdeModulePkg/Ip4Dxe: Sync the direct route entry setting + + MdeModulePkg XhciDxe: Set HSEE Bit if SERR# Enable Bit is set + + BaseTools: Correct DXE_PCD_DATABASE_INIT + + BaseTools: Check PcdNvStoreDefaultValueBuffer + + BaseTools: Involve Dec default value to calculate Maxsize + + BaseTools: Structure Pcd value override incorrect + + BaseTools: Report error for incorrect hex value format + + MdeModulePkg/ConPlatform: Support short-form USB device path + + UefiCpuPkg/CpuDxe: fix an incorrect bit-wise operation + + UefiCpuPkg/CpuDxe: fix ECC reported issues + + UefiCpuPkg/CpuMpPei: support stack guard feature + + UefiCpuPkg/MpInitLib: fix register restore issue in AP wakeup + + UefiCpuPkg/CpuExceptionHandlerLib: support stack switch for +PEI exceptions + + MdeModulePkg/DxeIpl: disable paging before creating new page +table + + MdeModulePkg PeiCore: Always use PeiImageRead() function to +load PEI image + + MdeModulePkg/EhciDxe: factor out EhcIsDebugPortInUse() + + BaseTools/PatchCheck.py: Fix error when run with Python3 + + BaseTools: Report more clear error message for PCD used in +expression + + BaseTools: Fix a bug about list the PCD in "not used" section + + UefiCpuPkg/MpInitLib: Fix ECC issues + + MdeModulePkg/EhciDxe: fix host controller reset condition in +BindingStart + + BaseTools: Extend the keyword "!include"/"!if" to +case-insensitive + + MdeModulePkg/Setup: Fix incorrect size used in AllocateCopyPool + + MdeModulePkg DxeCore: Handle multiple FV images in one FV file + + MdeModulePkg PeiCore: Handle multiple FV images in one FV file + + UefiCpuPkg/CpuExceptionHandlerLib: Avoid calling PEI services +from AP + + CpuExceptionHandlerLib: Add comments to make code more readable + + BaseTools: Fixed the PcdValue trailing zero issue + + BaseTools: Dynamic Pcd value override from command line + + BaseTools: Check pcd DefaultValue and SkuId EBNF + + ShellPkg: Update Ifconfig command to
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2018-08-28 09:20:21 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Tue Aug 28 09:20:21 2018 rev:26 rq:630483 version:2018+git1534736099.43fe4c405292 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2018-07-17 09:38:25.446146711 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2018-08-28 09:20:52.244157990 +0200 @@ -1,0 +2,62 @@ +Mon Aug 20 06:59:05 UTC 2018 - g...@suse.com + +- Update to 2018+git1534736099.43fe4c405292 + + BaseTools: AutoGen refactor ModuleAutoGen caching + + OvmfPkg: link Sha384 and Sha512 support into Tcg2Pei and Tcg2Dxe + + MdePkg/UefiLib: introduce EfiOpenFileByDevicePath() + + BaseTools: Update the rule to remove .lib before link it for GCC + + BaseTools: Add Dns and BluetoothLE DevicePath + + MdeModulePkg SmmLockBox: Return actual data length in +SmmLockBoxRestore + + UefiCpuPkg/RegisterCpuFeaturesLib: Combine implementation + + UefiCpuPkg/CpuS3DataDxe: Remove below 4G limitation + + UefiCpuPkg/CpuS3DataDxe: Change Memory Type and address +limitation + + UefiCpuPkg/AcpiCpuData.h: Remove AcpiNVS and Below 4G limitation + + UefiCpuPkg/PiSmmCpuDxeSmm: Use GDT/IDT saved in Smram + + SecurityPkg/TcgStorageCoreLib.h: Use ascii instead of unicode + + BaseTool: Fixed the bug of Boolean Hii Pcd packing + + SecurityPkg: HashLib: Update HashLib file GUID + + SecurityPkg/Library/Tpm2DeviceLibDTpm: fix s/Constructor/CONSTRUCTOR + + OvmfPkg/PlatformDebugLibIoPort: fix port detection for use in +the DXE Core + + NetworkPkg/HttpDxe: Strip square brackets in IPv6 expressed +HostName + + MdeModulePkg/BdsDxe: Move display of test key usage into BDS +module + + ArmPkg: Add initial OpteeLib implementation + + SecurityPkg: HashLib: Add SHA384, SHA512 HashLib + + MdeModulePkg/BdsDxe: Call PlatformBootManagerUnableToBoot() + + MdeModulePkg/BdsDxe: Revert "fall back to UI loop before hanging" + + ArmVirtPkg/PlatformBDS: Implement PlatformBootManagerUnableToBoot + + OvmfPkg/PlatformBds: Implement PlatformBootManagerUnableToBoot + + MdeModulePkg/PciBusDxe: Fix small memory leak in FreePciDevice + + MdeModulePkg/DxeCore: Not update RtCode in MemAttrTable after +EndOfDxe + + UefiCpuPkg/MpInitLib: Not use disabled AP when call StartAllAPs + + UefiCpuPkg/MpInitLib: Remove redundant CpuStateFinished State + + MdeModulePkg/DxeLoadFunc: Add use case for new Perf macro + + SecurityPkg/Tcg: Add use case for new Perf macro + + ArmVirtPkg: remove wrong and superfluous ResourcePublicationLib +resolution + + OvmfPkg: Correct ResourcePublicationLib class name in DSC/INF +file + + MdeModulePkg CapsuleApp: Do not parse bits in CapsuleFlags of +ESRT + + MdeModulePkg, TpmMeasureLib: Variable: Re-prioritize TCG/TCG2 +protocol + + SecurityPkg: TcgSmm: Handle invalid parameter in MOR SMI handler + + OvmfPkg/XenPvBlkDxe: remove gEfiDevicePathProtocolGuid from +[Protocols] + + StandaloneMmPkg/Core: Implementation of Standalone MM Core Module + + UefiCpuPkg/CpuDxe: fix incorrect check of SMM mode + + UefiCpuPkg/MpInitLib: Optimize get processor number performance + + OvmfPkg/AcpiPlatformDxe: clean up libs and protos in +"AcpiPlatformDxe.inf" + + UefiCpuPkg/MpInitLib: Fix S3 resume hang issue + + UefiCpuPkg/MpInitLib: Use BSP uCode for APs if possible + + UefiCpuPkg/MpInitLib: Relocate uCode to memory to save time + + Update BaseTools for the preparation of python3 adoption +- Refresh ovmf-pie.patch and ovmf-gdb-symbols.patch + +--- Old: ovmf-2018+git1531464032.ae08ea246fe9.tar.xz New: ovmf-2018+git1534736099.43fe4c405292.tar.xz Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.2Rnk23/_old 2018-08-28 09:20:53.272161260 +0200 +++ /var/tmp/diff_new_pack.2Rnk23/_new 2018-08-28 09:20:53.272161260 +0200 @@ -25,7 +25,7 @@ Summary:Open Virtual Machine Firmware License:BSD-2-Clause Group: System/Emulators/PC -Version:2018+git1531464032.ae08ea246fe9 +Version:2018+git1534736099.43fe4c405292 Release:0 Source0:%{name}-%{version}.tar.xz Source1: https://www.openssl.org/source/openssl-%{openssl_version}.tar.gz ++ ovmf-2018+git1531464032.ae08ea246fe9.tar.xz -> ovmf-2018+git1534736099.43fe4c405292.tar.xz ++ /work/SRC/openSUSE:Factory/ovmf/ovmf-2018+git1531464032.ae08ea246fe9.tar.xz /work/SRC/openSUSE:Factory/.ovmf.new/ovmf-2018+git1534736099.43fe4c405292.tar.xz differ: char 29, line 1 ++ ovmf-gdb-symbols.patch
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2018-07-17 09:38:20 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Tue Jul 17 09:38:20 2018 rev:25 rq:622961 version:2018+git1531464032.ae08ea246fe9 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2018-06-22 13:13:47.950562128 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2018-07-17 09:38:25.446146711 +0200 @@ -1,0 +2,57 @@ +Fri Jul 13 08:32:57 UTC 2018 - g...@suse.com + +- Update to 2018+git1531464032.ae08ea246fe9 + + ArmVirtPkg/ArmVirtQemu: enable the IPv6 stack + + SecurityPkg: Fix assert when setting key from eMMC/SD/USB + + UefiCpuPkg/MpInitLib: Avoid calling PEI services from AP + + NetworkPkg/HttpDxe: Fix the bug when parsing HTTP(S) message +body + + SecurityPkg/OpalPassword: Fixed input correct password not +works issue + + SecurityPkg/TcgStorageOpalLib: Return AUTHORITY_LOCKED_OUT error + + OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Restore C-bit when SEV +is active + + OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Do not expose MMIO in +SMM build + + OvmfPkg/QemuFlashFvbServicesRuntimeDxe: mark Flash memory +range as MMIO + + MdeModulePkg/Variable: Check EFI_MEMORY_RUNTIME attribute +before setting it + + MdeModulePkg SataControllerDxe: Calculate ChannelCount based + on PI value + + SecurityPkg Tpm2DeviceLibDTpm: Update enum type name to match +the one in lib + + MdeModulePkg UsbBusDxe: Fix wrong buffer length used to read +hub desc + + SecurityPkg: Tpm2DeviceLib: Enable CapCRBIdleBypass support + + SecurityPkg: Cache TPM interface type info + + FatPkg/FatPei: Add the recognition of recovery capsule on NVME +device + + MdeModulePkg/NvmExpressPei: Add the NVME device PEI BlockIo +support + + MdeModulePkg: Add definitions for EDKII PEI NVME host +controller PPI + + ArmPkg/ArmMmuLib ARM: fix Mva to use idx instead of table base + + ArmPkg/ArmMmuLib ARM: assume page tables are in writeback +cacheable memory + + ArmPkg/ArmMmuLib ARM: remove cache maintenance of block mapping +contents + + MdeModulePkg: Enable SATA Controller PCI mem space + + MdeModulePkg/NetworkPkg: Checking for NULL pointer before use + + MdeModulePkg/Core: remove SMM check for Heap Guard feature +detection + + UefiCpuPkg/CpuDxe: allow accessing (DXE) page table in SMM mode + + BaseTools/tools_def IA32: drop -no-pie linker option for GCC49 + + SecurityPkg/SecureBootConfigDxe: Fix invalid NV data issue + + ArmVirtPkg: add QemuRamfbDxe + + OvmfPkg: add QemuRamfbDxe + + BaseTools/tools_def IA32: disable PIE code generation explicitly + + MdePkg UefiLib: Use comparison logic to check UINTN parameter + + ArmVirtPkg: switch to KVM safe IoLib implementation + + MdePkg/BaseIoLibIntrinsic: make BaseIoLibIntrinsic safe for +ArmVirt/KVM + + ArmPkg/CompilerIntrinsicsLib: fix GCC8 warning for +__aeabi_memcpy aliases +- The IP6 stack of AAVMF is enabled + +--- Old: ovmf-2018+git1528497654.eb5943134630.tar.xz New: ovmf-2018+git1531464032.ae08ea246fe9.tar.xz Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.8ymrK1/_old 2018-07-17 09:38:26.562142825 +0200 +++ /var/tmp/diff_new_pack.8ymrK1/_new 2018-07-17 09:38:26.562142825 +0200 @@ -25,7 +25,7 @@ Summary:Open Virtual Machine Firmware License:BSD-2-Clause Group: System/Emulators/PC -Version:2018+git1528497654.eb5943134630 +Version:2018+git1531464032.ae08ea246fe9 Release:0 Source0:%{name}-%{version}.tar.xz Source1: https://www.openssl.org/source/openssl-%{openssl_version}.tar.gz ++ ovmf-2018+git1528497654.eb5943134630.tar.xz -> ovmf-2018+git1531464032.ae08ea246fe9.tar.xz ++ /work/SRC/openSUSE:Factory/ovmf/ovmf-2018+git1528497654.eb5943134630.tar.xz /work/SRC/openSUSE:Factory/.ovmf.new/ovmf-2018+git1531464032.ae08ea246fe9.tar.xz differ: char 27, line 1
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2018-06-22 13:13:42 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Fri Jun 22 13:13:42 2018 rev:24 rq:616176 version:2018+git1528497654.eb5943134630 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2018-05-23 16:07:31.945430868 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2018-06-22 13:13:47.950562128 +0200 @@ -1,0 +2,39 @@ +Mon Jun 11 08:38:33 UTC 2018 - g...@suse.com + +- Update to 2018+git1528497654.eb5943134630 + + CryptoPkg PeiCryptLib: Enable SHA384/512 support + + MdePkg/UefiRuntimeLib: Do not allow to be linked by DXE driver + + CryptoPkg: Remove deprecated function usage in +X509GetCommonName() + + PlatformBootManagerLib: add missing report status code call + + OvmfPkg: raise DXEFV size to 11 MB + + SignedCapsulePkg/PlatformFlashAccessLib: Add progress API + + MdeModulePkg: Add DisplayUpdateProgressLib class + + PcAtChipsetPkg/PcRtc: Add two new PCD for RTC Index/Target +registers + + OvmfPkg/Virtio10Dxe: convert to PciCapLib + + OvmfPkg/PciHotPlugInitDxe: convert to PciCapLib + + ArmVirtPkg: resolve PciCapLib, PciCapPciSegmentLib, +PciCapPciIoLib + + OvmfPkg: resolve PciCapLib, PciCapPciSegmentLib, PciCapPciIoLib + + OvmfPkg: introduce PciCapPciIoLib + + OvmfPkg: introduce PciCapPciSegmentLib + + OvmfPkg: introduce PciCapLib + + BaseTools/tools_def: add "-fno-unwind-tables" to +GCC_AARCH64_CC_FLAGS + + OvmfPkg/PlatformBootManagerLib: process TPM PPI request + + OvmfPkg: add Tcg2PhysicalPresenceLibQemu + + OvmfPkg/IndustryStandard: add QemuTpm.h header + + OvmfPkg: add Tcg2PhysicalPresenceLibNull when !TPM2_ENABLE + + MdePkg/SmmPeriodicSmiLib: Get Periodic SMI Context More Robustly + + OvmfPkg/PlatformBootManagerLib: connect Virtio RNG devices again + + ArmVirtPkg/PlatformBootManagerLib: connect Virtio RNG devices +again + + OvmfPkg/QemuVideoDxe: Enable DISPLAY_OTHER pci class for qemu +stdvga + + OvmfPkg/QemuVideoDxe: Add SubClass field to QEMU_VIDEO_CARD + + OvmfPkg/PlatformBootManagerLib: connect consoles unconditionally + + BaseTools: Fix generating array's size is incorrect in AutoGen.c + + BaseTools: incorrect calculation for 16M + +--- Old: ovmf-2018+git1525854636.13e3f8c03339.tar.xz New: ovmf-2018+git1528497654.eb5943134630.tar.xz Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.eEsJdu/_old 2018-06-22 13:13:49.926488856 +0200 +++ /var/tmp/diff_new_pack.eEsJdu/_new 2018-06-22 13:13:49.930488708 +0200 @@ -25,7 +25,7 @@ Summary:Open Virtual Machine Firmware License:BSD-2-Clause Group: System/Emulators/PC -Version:2018+git1525854636.13e3f8c03339 +Version:2018+git1528497654.eb5943134630 Release:0 Source0:%{name}-%{version}.tar.xz Source1: https://www.openssl.org/source/openssl-%{openssl_version}.tar.gz ++ ovmf-2018+git1525854636.13e3f8c03339.tar.xz -> ovmf-2018+git1528497654.eb5943134630.tar.xz ++ /work/SRC/openSUSE:Factory/ovmf/ovmf-2018+git1525854636.13e3f8c03339.tar.xz /work/SRC/openSUSE:Factory/.ovmf.new/ovmf-2018+git1528497654.eb5943134630.tar.xz differ: char 67, line 2
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2018-05-23 16:07:27 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Wed May 23 16:07:27 2018 rev:23 rq:610819 version:2018+git1525854636.13e3f8c03339 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2018-05-13 15:57:59.209826991 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2018-05-23 16:07:31.945430868 +0200 @@ -1,0 +2,10 @@ +Fri May 18 01:49:10 UTC 2018 - g...@suse.com + +- Enable TLS support correctly + +--- +Thu May 17 06:54:38 UTC 2018 - g...@suse.com + +- Enable TPM 2.0 support + +--- Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.OPt7Ig/_old 2018-05-23 16:07:34.853324359 +0200 +++ /var/tmp/diff_new_pack.OPt7Ig/_new 2018-05-23 16:07:34.857324213 +0200 @@ -172,7 +172,7 @@ %build -OVMF_FLAGS="-D SECURE_BOOT_ENABLE -D NETWORK_IP6_ENABLE -D HTTP_BOOT_ENABLE -D ENABLE_TLS" +OVMF_FLAGS="-D SECURE_BOOT_ENABLE -D NETWORK_IP6_ENABLE -D HTTP_BOOT_ENABLE -D TLS_ENABLE -D TPM2_ENABLE" %if 0%{?suse_version} > 1320 TOOL_CHAIN_TAG=GCC5
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2018-05-13 15:57:58 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Sun May 13 15:57:58 2018 rev:22 rq:606304 version:2018+git1525854636.13e3f8c03339 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2018-03-24 16:05:07.597674915 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2018-05-13 15:57:59.209826991 +0200 @@ -1,0 +2,71 @@ +Thu May 10 08:05:16 UTC 2018 - g...@suse.com + +- Update to 2018+git1525854636.13e3f8c03339 + + BaseTools/VfrCompile: Avoid using uninitialized pointer + + MdeModulePkg/PciHostBridge: Count the (mm)io overhead when polling + + UefiCpuPkg/SecMain: Add NORETURN decorator to SecStartup() + + CryptoPkg/CrtLibSupport: add secure_getenv() stub function + + MdeModulePkg/AcpiPlatformDxe: Unload after execution + + SecurityPkg/OpalPassword: Add support for pyrite 2.0 devices + + NetworkPkg/NetworkPkg.dsc: Add the instance of library class +[SafeIntLib] + + ArmVirtPkg: use protocol-based DevicePathLib instance for most +DXE modules + + OvmfPkg/QemuVideoDxe: round up FrameBufferSize to full page + + ArmVirtPkg: reinstate timer unmask quirk for Xen + + ArmPkg/TimerDxe: remove workaround for KVM timer handling + + FatPkg/EnhancedFatDxe: Ensure traverse of subtasks is +delete-safe + + OvmfPkg/PlatformBootManagerLib: add USB keyboard to ConIn + + CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0h + + OvmfPkg/TlsAuthConfigLib: configure trusted cipher suites for +HTTPS boot + + ArmVirtPkg/ArmVirtQemu: hook NvVarStoreFormattedLib into +VariableRuntimeDxe + + ArmPlatformPkg/NorFlashDxe: cue the variable driver with +NvVarStoreFormatted + + ArmPlatformPkg/NorFlashDxe: initialize varstore headers eagerly + + OvmfPkg: remove BLOCK_MMIO_PROTOCOL and BlockMmioToBlockIoDxe + + OvmfPkg/TlsAuthConfigLib: configure trusted CA certs for +HTTPS boot + + MdeModulePkg/Variable/RuntimeDxe: introduce +PcdMaxVolatileVariableSize + + NetworkPkg/TlsAuthConfigDxe: preserve TlsCaCertificate variable +attributes + + NetworkPkg/HttpDxe: drop misleading comment / status code in +cert config + + NetworkPkg/HttpDxe: use error handler epilogue in +TlsConfigCertificate() + + NetworkPkg/HttpBootDxe: fix typo in DHCPv4 packet parsing + + OvmfPkg/QemuVideoDxe: handle invalid BltOperation gracefully + + NetworkPkg/UefiPxeBcDxe: Configure the ARP Instance/RouteTable +with new address + + NetworkPkg/HttpDxe: Handle the large data request via HTTPS +channel + + NetworkPkg/TlsDxe: Handle the multiple TLS record messages +encryption/decryption + + SecurityPkg Tpm12CommandLib: Fix TPM12 GetCapability response +error + + SecurityPkg Tpm2CommandLib: Fix TPM2.0 response memory overflow + + MdeModulePkg/DxeMain: Fix BSP interrupts reenabled in +ExitBootServices + + UefiCpuPkg/MpInitLib: Disable interrupt at ExitBootServices AP +Mwait + + OvmfPkg/PlatformBootManagerLib: process "-kernel" before boot +devices + + OvmfPkg/PlatformBootManagerLib: hoist PciAcpiInitialization() + + ArmVirtPkg/PlatformBootManagerLib: return to "-kernel before +boot devices" + + MdeModulePkg/Core: allow HeapGuard even before CpuArchProtocol +installed + + UefiCpuPkg CpuExceptionHandlerLib: use FixedPcdGetSize() as the +macro value + + remove TrEE + + MdeModulePkg/PciBus: return CPU address for GetBarAttributes + + MdeModulePkg/PciBus: convert host address to device address + + MdeModulePkg/PciHostBridgeDxe: Add support for address translation + + OvmfPkg/PciHostBridgeLib: clear PCI aperture vars for (re)init + + ArmPkg/TimerDxe: Add ISB for timer compare value reload + + BaseTools code refactoring + +--- Old: openssl-1.1.0g.tar.gz openssl-1.1.0g.tar.gz.asc ovmf-2018+git1521096615.b3fa393f477a.tar.xz New: openssl-1.1.0h.tar.gz openssl-1.1.0h.tar.gz.asc ovmf-2018+git1525854636.13e3f8c03339.tar.xz Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.31DtEZ/_old 2018-05-13 15:58:01.237752992 +0200 +++ /var/tmp/diff_new_pack.31DtEZ/_new 2018-05-13 15:58:01.241752846 +0200 @@ -18,14 +18,14 @@ %undefine _build_create_debug -%global openssl_version 1.1.0g +%global openssl_version 1.1.0h Name: ovmf Url: http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=EDK2 Summary:Open Virtual Machine Firmware License:BSD-2-Clause Group: System/Emulators/PC -Version:2018+git1521096615.b3fa393f477a +Version:
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2018-03-24 16:04:58 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Sat Mar 24 16:04:58 2018 rev:21 rq:587704 version:2018+git1521096615.b3fa393f477a Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2018-01-26 13:56:00.383045505 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2018-03-24 16:05:07.597674915 +0100 @@ -1,0 +2,119 @@ +Thu Mar 15 08:40:01 UTC 2018 - g...@suse.com + +- Update to 2018+git1521096615.b3fa393f477a + + OvmfPkg/QemuBootOrderLib: add ConnectDevicesFromQemu() + + NetworkPkg/IScsiDxe: Fix the ISCSI connection failure in +certain case + + OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Clear C-bit when SEV is +active + + OvmfPkg: include Tcg2Dxe module + + OvmfPkg: simplify SecurityStubDxe.inf inclusion + + OvmfPkg/AmdSevDxe: decrypt the pages of the initial SMRAM save +state map + + OvmfPkg/SmmCpuFeaturesLib: SEV: encrypt+free pages of init. +save state map + + OvmfPkg/PlatformPei: SEV: allocate pages of initial SMRAM save +state map + + OvmfPkg/MemEncryptSevLib: find pages of initial SMRAM save +state map + + MdeModulePkg/UsbMass: Retry CMD for MediaChanged sense key + + NetworkPkg/HttpDxe: Support HTTP Delete Method + + NetworkPkg/HttpBootDxe: Fix the incorrect error message output + + MdeModulePkg: Add Boot Logo 2 Protocol + + MdeModulePkg/UsbMass: Fix hot-plug USB CDROM can't be recognized + + NetworkPkg: Read HttpTlsCipherList variable and configure it +for HTTPS session + + NetworkPkg: Define one private variable for HTTPS to set Tls +CipherList + + ArmVirtPkg: Add SafeIntLib and BmpSupportLib to DSC files + + OvmfPkg: Add SafeIntLib and BmpSupportLib to DSC files + + UefiCpuPkg/PiSmmCpuDxeSmm: fix infinite loop issue in SMM profile + + MdeModulePkg Ppi/IoMmu.h: Add EFI_NOT_AVAILABLE_YET return +status code + + MdeModulePkg/Core: fix feature conflict between NX and heap guard + + ReadKeyStrokeEx always return key state + + SecurityPkg: Tcg2Smm: Enable TPM2.0 interrupt support + + MdeModulePkg/Partition: Fix media probe + + NetworkPkg/HttpBootDxe: Avoid to corrupt HttpBootDxe setup screen + + MdeModulePkg/UefiBootManagerLib: Skip the DNS device path node check + + MdeModulePkg/Core: fix a logic hole in page free + + OvmfPkg/BaseMemEncryptSevLib: Enable protection for newly +added page table + + MdeModulePkg/Ip4Dxe: Add an independent timer for reconfig checking + + NetworkPkg: Fix a memory leak issue in UDP6 driver + + UefiCpuPkg/MtrrLib: Fix bug that may calculate wrong MTRR result + + MdeModulePkg/DxeNetLib: Fix an error in packet length counting + + NetworkPkg: Fix memory leak problem in PXE driver + + MdeModulePkg/DxeHttpLib: Add boundary condition check + + CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0g + + MdeModulePkg/Core: Fix heap guard issues + + NetworkPkg/HttpBootDxe: Break the HttpBoot Callback function +when meet redirect status + + NetworkPkg/HttpBootDxe: Avoid the potential memory leak when +eror happen + + MdeModulePkg/DxeIplPeim: fix incorrect page table split during +protecting + + NetworkPkg/UefiPxeBcDxe: Allow the NULL configuration for +NewStationIP/NewSubnetMask + + NetworkPkg/UefiPxeBcDxe: Fix Pxe.Dhcp() return status code + + MdeModulePkg/Dhcp*: Check Media status before starting DHCP process + + MdeModulePkg/Ip4Dxe: fix ICMP echo reply memory leak + + NetworkPkg/DnsDxe: Update RetryCount/RetryInterval to comply +with UEFI spec + + MdeModulePkg/TcpIoLib: Cancel TCP token if connect/accept is +timeout + + MdeModulePkg/TcpIoLib: Check input Timeout before calling +CheckEvent() service + + MdeModulePkg/DxeIpl: Mark page table as read-only + + SecurityPkg:Tcg2Smm:Enabling TPM SIRQ interrupt support + + MdeModulePkg/ScsiDisk: Return EFI_NO_MEDIA when no media presents + + BaseTool/tools_def GCC5: enable optimization for ARM/AARCH64 +DEBUG builds + + UefiCpuPkg/CpuDxe: Initialize stack switch for MP + + UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support + + UefiCpuPkg PiSmmCpuDxeSmm: SMM profile and static paging mutual +exclusion + + MdeModulePkg/NetLib: Fix an error when AIP doesn't support +network media state detection + + MdeModulePkg/NetLib: Add NetLibDetectMediaWaitTimeout() API to +support EFI_NOT_READY media state detection + + MdeModulePkg/Core/Dxe: log informative memprotect msgs at +DEBUG_INFO level + + ArmVirtPkg/ArmVirtXen: move from Intel to generic BDS + + MdeModulePkg/SerialDxe: Do not fail reset when SetAttributes is +not supported + + MdeModulePkg/DxeCorePerformanceLib: add lock protection + + OvmfPkg/QemuBootOrderLib: let an
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2018-01-26 13:55:59 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Fri Jan 26 13:55:59 2018 rev:20 rq:568815 version:2017+git1510945757.b2662641d5 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2017-11-23 09:37:11.996307734 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2018-01-26 13:56:00.383045505 +0100 @@ -1,0 +2,6 @@ +Wed Jan 24 06:31:21 UTC 2018 - g...@suse.com + +- Only use SLES-UEFI-CA-Certificate-2048.crt for the suse flavor to + provide the better compatibility (bsc#1077330) + +--- Old: SLES-UEFI-SIGN-Certificate-2048.crt Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.b1jspE/_old 2018-01-26 13:56:02.750934947 +0100 +++ /var/tmp/diff_new_pack.b1jspE/_new 2018-01-26 13:56:02.754934759 +0100 @@ -1,7 +1,7 @@ # # spec file for package ovmf # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -33,7 +33,6 @@ Source112: openssl.keyring Source2:README Source3:SLES-UEFI-CA-Certificate-2048.crt -Source4:SLES-UEFI-SIGN-Certificate-2048.crt Source5:MicCorKEKCA2011_2011-06-24.crt Source6:MicCorUEFCA2011_2011-06-27.crt Source7:openSUSE-UEFI-CA-Certificate-2048.crt @@ -288,7 +287,7 @@ # OVMF with SUSE keys openssl x509 -in %{SOURCE3} -outform DER > Default_PK openssl x509 -in %{SOURCE3} -outform DER > Default_KEK -openssl x509 -in %{SOURCE4} -outform DER > Default_DB +openssl x509 -in %{SOURCE3} -outform DER > Default_DB truncate -s 0 Default_DB_EX truncate -s 0 Default_DBX build_with_keys suse
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2017-11-23 09:36:59 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Thu Nov 23 09:36:59 2017 rev:19 rq:543002 version:2017+git1510945757.b2662641d5 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2017-10-23 16:39:01.292755474 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2017-11-23 09:37:11.996307734 +0100 @@ -1,0 +2,104 @@ +Mon Nov 20 04:23:04 UTC 2017 - g...@suse.com + +- Update to 2017+git1510945757.b2662641d5 + + ArmPlatformPkg/ArmPlatformLibNull: remove bogus PCD dependencies + + MdeModulePkg/UsbMassStorageDxe: Enhance Request Sense Handling + + OvmfPkg: save on I/O port accesses when the debug port is not +in use + + OvmfPkg: create a separate PlatformDebugLibIoPort instance for +SEC + + OvmfPkg: make PlatformDebugLibIoPort a proper BASE library + + OvmfPkg: restore temporary SEC/PEI RAM size to 64KB + + OvmfPkg/Sec/X64: seed the temporary RAM with PcdInitValueInTempStack + + ArmVirtPkg: switch to new PL011UartLib implementation + + OvmfPkg/XenHypercallLib: enable virt extensions for ARM + + MdeModulePkg/PiSmmCore: Implement heap guard feature for SMM mode + + MdeModulePkg/DxeCore: Implement heap guard feature for UEFI + + ArmVirtPkg/ArmVirtQemu: use non-accelerated CopyMem for +VariableRuntimeDxe + + NetworkPkg: Fix incorrect SizeofHeaders returned from +HttpTcpReceiveHeader() + + NetworkPkg: Print error message to screen if error occurs +during HTTP boot + + MdeModulePkg/PartitionDxe: Fix UDF fs access on certain CD/DVD +medias + + MdeModulePkg/UsbMassStorageDxe: Fix USB Mass Storage detection + + MdeModulePkg SerialDxe: Handle Timeout change more robustly + + CryptoPkg/BaseCryptLib: Fix mismatched memory allocation/free + + CryptoPkg/BaseCryptLib: Fix buffer overflow issue in realloc +wrapper + + ArmPlatformPkg/PlatformPeim: allow PlatformPeiLib to set the +boot mode + + Deprecate EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS + + SecurityPkg: Remove Counter Based AuthVariable support + + BaseTools/tools_def AARCH64 ARM: disable PIE linking + + NetworkPkg/TlsAuthConfigDxe: Remove the extra FreePool + + NetworkPkg/HttpBootDxe: Add IPv6 support condition check + + NetworkPkg/IScsiDxe: Fix the incorrect/needless DHCP process + + MdeModulePkg/PciBus: Fix bug that PCI BUS claims too much resource + + UefiCpuPkg/MtrrLib: Use SetMem instead of SetMem64 to fix hang + + NetworkPkg: Remove ping6 and ifconfig shell application + + OvmfPkg: fix dynamic default for oprom verification policy PCD +without SB + + OvmfPkg/PlatformPei: DENY_EXECUTE_ON_SECURITY_VIOLATION when +SEV is active + + SecurityPkg\Tcg2Pei: FV measure performance enhancement + + SecurityPkg:AuthVariableLib:Implement ECR1707 for Private Auth +Variable + + ArmPlatformPkg: Store initial timer value + + ArmVirtPkg ArmVirtDxeHobLib: Implement BuildFv3Hob + + MdeModulePkg/Variable/RuntimeDxe: delete and lock OS-created + MOR variable + + ArmPkg/PlatformBootManagerLib: fix bug in ESRT invocation + + OvmfPkg/PciHotPlugInitDxe: translate QEMU's resource +reservation hints + + OvmfPkg/PciHotPlugInitDxe: generalize RESOURCE_PADDING +composition + + OvmfPkg/IndustryStandard: define PCI Capabilities for QEMU's +PCI Bridges + + MdeModulePkg/BdsDxe: Don't delete "BootNext" until booting it + + Clarify the usage of HttpConfigData in HTTP protocol + + SecurityPkg/SecureBootConfigImpl.c: Secure Boot DBX UI +Enhancement + + MdeModulePkg/UDF: Fix creation of UDF logical partition + + CryptoPkg: Add new API to retrieve commonName of X.509 certificate + + OvmfPkg/VirtioNetDxe: log debug message in VirtioNetExitBoot() + + OvmfPkg/QemuBootOrderLib: recognize "usb-storage" devices in +XHCI ports + + MdeModulePkg/Core: Fix out-of-sync issue in GCD + + UefiCpuPkg/CpuDxe: Fix out-of-sync issue in page attributes + + OvmfPkg/QemuVideoDxe/VbeShim: handle PAM1 register on Q35 +correctly + + OvmfPkg/QemuVideoDxe/VbeShim: rename Status to +Segment0AllocationStatus + + OvmfPkg/CsmSupportLib: move PAM register addresses to +IndustryStandard + + NetworkPkg/IScsiDxe: Remove redundant call to StrLen + + BaseTools/tools_def AARCH64: enable frame pointers for RELEASE +builds + + ArmPkg/PlatformBootManagerLib: process pending capsules + + MdeModulePkg/Udf: Avoid declaring and initializing local GUID +variable + + MdeModulePkg/UdfDxe: Avoid short (single character) variable name + + MdeModulePkg/UdfDxe: Use compare operator for non-boolean +comparisons + + MdeModulePkg/UdfDxe: Fix operands of different size in bitwise +OP + + MdeModulePkg/UdfDxe: Add checks to ensure no
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2017-10-23 16:39:00 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Mon Oct 23 16:39:00 2017 rev:18 rq:534326 version:2017+git1505340320.5afa5b8159 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2017-09-15 21:05:47.918092492 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2017-10-23 16:39:01.292755474 +0200 @@ -1,0 +2,7 @@ +Mon Oct 16 09:02:28 UTC 2017 - g...@suse.com + +- Update ovmf-gdb-symbols.patch to avoid some symbols from being + removed (bsc#1063463) +- Add needssslcertforbuild back. It's useful for the devel projects. + +--- Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.M2Nrbc/_old 2017-10-23 16:39:02.532697446 +0200 +++ /var/tmp/diff_new_pack.M2Nrbc/_new 2017-10-23 16:39:02.536697259 +0200 @@ -14,6 +14,7 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # +# needssslcertforbuild %undefine _build_create_debug ++ ovmf-gdb-symbols.patch ++ --- /var/tmp/diff_new_pack.M2Nrbc/_old 2017-10-23 16:39:02.684690334 +0200 +++ /var/tmp/diff_new_pack.M2Nrbc/_new 2017-10-23 16:39:02.688690146 +0200 @@ -1,7 +1,7 @@ -From 983c7fbc2444cbbbf3b82ae07a56232075a412bb Mon Sep 17 00:00:00 2001 +From 6f04d3c7e2fd042e1d367d9c4c0a9d19080f0e19 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang LinDate: Tue, 24 Jun 2014 11:57:32 +0800 -Subject: [PATCH 1/2] Add DebugPkg +Subject: [PATCH 1/3] Add DebugPkg --- DebugPkg/DebugPkg.dec| 34 + @@ -14,10 +14,11 @@ create mode 100644 DebugPkg/GdbSyms/GdbSyms.inf create mode 100644 DebugPkg/Scripts/gdb_uefi.py -Index: ovmf-2017+git1472049752.ea2f21e/DebugPkg/DebugPkg.dec -=== +diff --git a/DebugPkg/DebugPkg.dec b/DebugPkg/DebugPkg.dec +new file mode 100644 +index 00..e12401de3e --- /dev/null -+++ ovmf-2017+git1472049752.ea2f21e/DebugPkg/DebugPkg.dec b/DebugPkg/DebugPkg.dec @@ -0,0 +1,34 @@ +## @file +# Debug package - various useful stuff for debugging. @@ -53,10 +54,11 @@ + +[LibraryClasses] + -Index: ovmf-2017+git1472049752.ea2f21e/DebugPkg/GdbSyms/GdbSyms.c -=== +diff --git a/DebugPkg/GdbSyms/GdbSyms.c b/DebugPkg/GdbSyms/GdbSyms.c +new file mode 100644 +index 00..2551dfab90 --- /dev/null -+++ ovmf-2017+git1472049752.ea2f21e/DebugPkg/GdbSyms/GdbSyms.c b/DebugPkg/GdbSyms/GdbSyms.c @@ -0,0 +1,70 @@ +/** @file + @@ -128,10 +130,11 @@ +} + + -Index: ovmf-2017+git1472049752.ea2f21e/DebugPkg/GdbSyms/GdbSyms.inf -=== +diff --git a/DebugPkg/GdbSyms/GdbSyms.inf b/DebugPkg/GdbSyms/GdbSyms.inf +new file mode 100644 +index 00..afb78871b8 --- /dev/null -+++ ovmf-2017+git1472049752.ea2f21e/DebugPkg/GdbSyms/GdbSyms.inf b/DebugPkg/GdbSyms/GdbSyms.inf @@ -0,0 +1,57 @@ +## @file +# @@ -190,11 +193,12 @@ +[Depex] + TRUE + -Index: ovmf-2017+git1472049752.ea2f21e/DebugPkg/Scripts/gdb_uefi.py -=== +diff --git a/DebugPkg/Scripts/gdb_uefi.py b/DebugPkg/Scripts/gdb_uefi.py +new file mode 100644 +index 00..dac215c538 --- /dev/null -+++ ovmf-2017+git1472049752.ea2f21e/DebugPkg/Scripts/gdb_uefi.py -@@ -0,0 +1,350 @@ b/DebugPkg/Scripts/gdb_uefi.py +@@ -0,0 +1,348 @@ +""" +Allows loading TianoCore symbols into a GDB session attached to EFI +Firmware. @@ -215,7 +219,6 @@ +import array +import getopt +import binascii -+import re + +__license__ = "BSD" +__version = "1.0.0" @@ -441,7 +444,6 @@ +base = base + opt['SizeOfHeaders'] +if sym_name != self.EINVAL: +sym_name = sym_name.cast (self.ptype('CHAR8')).string () -+sym_name = re.sub(r"\.dll$", ".debug", sym_name) +syms.append ("add-symbol-file %s 0x%x" % \ + (sym_name, + long (base))) @@ -545,12 +547,85 @@ +ReloadUefi () + + -Index: ovmf-2017+git1472049752.ea2f21e/OvmfPkg/OvmfPkgX64.dsc -=== ovmf-2017+git1472049752.ea2f21e.orig/OvmfPkg/OvmfPkgX64.dsc -+++ ovmf-2017+git1472049752.ea2f21e/OvmfPkg/OvmfPkgX64.dsc -@@ -821,3 +821,4 @@ +-- +2.14.2 + + +From 670d526765a9b0f3f6b3f64f4f51a3aa03028e88 Mon Sep 17 00:00:00 2001 +From: Gary Ching-Pang Lin +Date: Tue, 24 Jun 2014 11:59:02 +0800 +Subject: [PATCH
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2017-09-15 21:05:38 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Fri Sep 15 21:05:38 2017 rev:17 rq:526242 version:2017+git1505340320.5afa5b8159 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2017-09-04 12:28:32.833106144 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2017-09-15 21:05:47.918092492 +0200 @@ -1,0 +2,166 @@ +Thu Sep 14 02:20:26 UTC 2017 - g...@suse.com + +- Update to 2017+git1505340320.5afa5b8159 + + MdeModulePkg/UdfDxe: suppress incorrect compiler warning in +ReadFile() + + MdeModulePkg/UdfDxe: reject reserved values in ICB.Flags[2:0] + + MdeModulePkg: Add UdfDxe to the dsc file + + MdeModulePkg: Update PiDxeS3BootScriptLib Internal function name + + MdeModulePkg/UdfDxe: Remove negative comparison of unsigned +number + + ArmVirtPkg/ArmVirtQemu: port HTTP_BOOT_ENABLE from OvmfPkg + + ArmVirtPkg: don't build the network stack uselessly for Xen + + MdeModulePkg/PartitionDxe: remove always false comparison + + MdeModulePkg/PartitionDxe: don't divide 64-bit values with C +operators + + MdeModulePkg/UdfDxe: replace zero-init of local variables with +ZeroMem() + + MdeModulePkg/UdfDxe: don't return unset Status if INLINE_DATA +req succeeds + + MdeModulePkg/UdfDxe: ASSERT() valid ReadFileInfo Flags for +INLINE_DATA req + + MdeModulePkg/UdfDxe: Initialize the array after declaration + + ShellPkg/Ifconfig6: Update error message and add a new line + + NetworkPkg/IScsiDxe: Fix the incorrect max length of IP_ADDRESS + + OvmfPkg/SataControllerDxe: log informative message at +DEBUG_INFO level + + OvmfPkg/PlatformBootManagerLib: log informative message at +DEBUG_INFO lvl + + OvmfPkg/PlatformPei: log informative message at DEBUG_INFO level + + UefiCpuPkg/CpuDxe: log informative message at DEBUG_INFO level + + MdeModulePkg/UsbBusDxe: log warning message at DEBUG_WARN level + + OvmfPkg/PlatformDebugLibIoPort: write messages with IoWriteFifo8() + + MdePkg/BaseIoLibIntrinsic: fix SEV (=unrolled) variants of IoWriteFifoXX() + + MdeModulePkg Xhci: Correct description of Timeout param in XhciReg.h + + BaseTools/GCC: set -Wno-unused-const-variable on RELEASE builds + + ArmVirtPkg: Enable UDF file system support + + OvmfPkg: Enable UDF file system support + + MdeModulePkg/PartitionDxe: Add UDF file system support + + OvmfPkg/IoMmuDxe: unmap all IOMMU mappings at ExitBootServices() + + OvmfPkg/IoMmuDxe: generalize IoMmuUnmap() to IoMmuUnmapWorker() + + OvmfPkg/IoMmuDxe: track all mappings + + OvmfPkg/VirtioScsiDxe: don't unmap VRING at ExitBootServices() + + OvmfPkg/VirtioRngDxe: don't unmap VRING at ExitBootServices() + + OvmfPkg/VirtioGpuDxe: don't unmap VRING & BackingStore at ExitBootServices + + OvmfPkg/VirtioBlkDxe: don't unmap VRING at ExitBootServices() + + MdeModulePkg/AtaAtapiPassThru: disable the device at ExitBootServices() + + MdeModulePkg/AtaAtapiPassThru: unmap DMA buffers after disabling +BM DMA + + MdeModulePkg/AtaAtapiPassThru: cache EnabledPciAttributes + + OvmfPkg/SecMain: Fix stack switching to permanent memory + + ArmPkg: add ArmCrashDumpDxe driver + + MdeModulePkg, NetworkPkg: Fix GCC build error + + NetworkPkg/Ip6Dxe: fix a bug in IP6 driver for IpSec protocol +notify + + MdeModulePkg/Ip4Dxe: fix a bug in IP4 driver for IpSec protocol +notify + + MdePkg: Add UEFI 2.7 defined GUID and structure for AIP network +media type + + MdeModulePkg/UefiBootManagerLib: Generate boot description for +SD/eMMC + + Pkcs7VerifyDxe: Don't allow Pkcs7Verify to install protocols twice + + SecurityPkg/Pkcs7Verify: Complete the Pkcs7VerifyDxe protocol + + MdePkg PeiMemoryAllocationLib: Update InternalAllocateAlignedPages + + MdePkg PeiMemoryAllocationLib: Update Free(Aligned)Pages + + MdeModule PeiCore: Support pre memory page allocation + + OvmfPkg/VirtioGpuDxe: negotiate VIRTIO_F_IOMMU_PLATFORM + + OvmfPkg/VirtioGpuDxe: map backing store to bus master device address + + OvmfPkg/VirtioGpuDxe: helpers for backing store (de)allocation+(un)mapping + + OvmfPkg/VirtioGpuDxe: take EFI_PHYSICAL_ADDRESS in ResourceAttachBacking() + + OvmfPkg/VirtioGpuDxe: map virtio GPU command objects to device +addresses + + OvmfPkg/VirtioGpuDxe: map VRING for bus master common buffer +operation + + OvmfPkg/IoMmuDxe: IoMmuFreeBuffer(): clean up DEBUG message + + OvmfPkg/IoMmuDxe: IoMmuAllocateBuffer(): nicer and more +informative DEBUGs + + OvmfPkg/IoMmuDxe: IoMmuUnmap(): clean up DEBUG message + + OvmfPkg/IoMmuDxe: IoMmuMap(): log nicer and more informative +DEBUG msgs + + OvmfPkg/BaseMemEncryptSevLib: clean up upper-case / lower-case +in DEBUGs
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2017-09-04 12:28:30 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Mon Sep 4 12:28:30 2017 rev:16 rq:519253 version:2017+git1502826981.a136bc3ccf Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2017-08-22 11:05:20.536595743 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2017-09-04 12:28:32.833106144 +0200 @@ -1,0 +2,6 @@ +Mon Aug 28 08:54:14 UTC 2017 - g...@suse.com + +- Update ovmf-embed-default-keys.patch to handle the empty + certificate files correctly + +--- Other differences: -- ++ ovmf-embed-default-keys.patch ++ --- /var/tmp/diff_new_pack.jQ0PSf/_old 2017-09-04 12:28:34.928811497 +0200 +++ /var/tmp/diff_new_pack.jQ0PSf/_new 2017-09-04 12:28:34.936810372 +0200 @@ -1,7 +1,7 @@ -From 6bf96df236dbe46c1e4591b6a59553928bfd603c Mon Sep 17 00:00:00 2001 +From b967e8dc2bea98736d8544d9ee2565f71ac06d08 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang LinDate: Fri, 10 May 2013 10:27:51 +0800 -Subject: [PATCH 1/2] Add a stub to allow keys to be embedded at build time +Subject: [PATCH 1/3] Add a stub to allow keys to be embedded at build time Signed-off-by: Gary Ching-Pang Lin --- @@ -18,7 +18,7 @@ create mode 100644 SecurityPkg/Library/AuthVariableLib/Default_PK.h diff --git a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c -index c4fbb64..9e12588 100644 +index 792a1232ae..f5f954e534 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c @@ -23,6 +23,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. @@ -223,7 +223,7 @@ // Reserve runtime buffer for public key database. The size excludes variable header and name size. // diff --git a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf -index 572ba4e..1a46019 100644 +index 572ba4e120..1a46019a5f 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf +++ b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf @@ -33,6 +33,10 @@ [Sources] @@ -239,7 +239,7 @@ MdePkg/MdePkg.dec diff --git a/SecurityPkg/Library/AuthVariableLib/Default_DB.h b/SecurityPkg/Library/AuthVariableLib/Default_DB.h new file mode 100644 -index 000..4d13894 +index 00..4d13894216 --- /dev/null +++ b/SecurityPkg/Library/AuthVariableLib/Default_DB.h @@ -0,0 +1,2 @@ @@ -247,7 +247,7 @@ +unsigned int Default_DB_len = 0; diff --git a/SecurityPkg/Library/AuthVariableLib/Default_DBX.h b/SecurityPkg/Library/AuthVariableLib/Default_DBX.h new file mode 100644 -index 000..5fd3cdc +index 00..5fd3cdc0f4 --- /dev/null +++ b/SecurityPkg/Library/AuthVariableLib/Default_DBX.h @@ -0,0 +1,2 @@ @@ -255,7 +255,7 @@ +unsigned int Default_DBX_len = 0; diff --git a/SecurityPkg/Library/AuthVariableLib/Default_KEK.h b/SecurityPkg/Library/AuthVariableLib/Default_KEK.h new file mode 100644 -index 000..80883de +index 00..80883de1ae --- /dev/null +++ b/SecurityPkg/Library/AuthVariableLib/Default_KEK.h @@ -0,0 +1,2 @@ @@ -263,20 +263,20 @@ +unsigned int Default_KEK_len = 0; diff --git a/SecurityPkg/Library/AuthVariableLib/Default_PK.h b/SecurityPkg/Library/AuthVariableLib/Default_PK.h new file mode 100644 -index 000..23b90e4 +index 00..23b90e45f0 --- /dev/null +++ b/SecurityPkg/Library/AuthVariableLib/Default_PK.h @@ -0,0 +1,2 @@ +unsigned char *Default_PK = NULL; +unsigned int Default_PK_len = 0; -- -2.8.1 +2.14.1 -From a627dbe16f6ebe1a1f294c82c30f7ad9745baf04 Mon Sep 17 00:00:00 2001 +From 5e76fc193363471e9720005bdb8e4c62fb15de6b Mon Sep 17 00:00:00 2001 From: Gary Lin Date: Tue, 15 Dec 2015 16:54:54 +0800 -Subject: [PATCH 2/2] Add DB_EX to include one more DB cert +Subject: [PATCH 2/3] Add DB_EX to include one more DB cert Signed-off-by: Gary Lin --- @@ -286,7 +286,7 @@ create mode 100644 SecurityPkg/Library/AuthVariableLib/Default_DB_EX.h diff --git a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c -index 9e12588..523b0e4 100644 +index f5f954e534..803b77d178 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c @@ -26,6 +26,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. @@ -353,12
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2017-08-22 11:05:10 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Tue Aug 22 11:05:10 2017 rev:15 rq:517308 version:2017+git1502826981.a136bc3ccf Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2017-06-17 10:19:09.768138196 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2017-08-22 11:05:20.536595743 +0200 @@ -1,0 +2,361 @@ +Thu Aug 17 04:10:00 UTC 2017 - g...@suse.com + +- Update to 2017+git1502826981.a136bc3ccf + + OvmfPkg/Protocol/VirtioDevice: fix comment style + + OvmfPkg/VirtioMmioDeviceLib: add missing IN and OUT decoration + + OvmfPkg/VirtioPciDeviceDxe: add missing IN and OUT decoration + + OvmfPkg/Virtio10Dxe: supply missing BUS_MASTER attribute + + OvmfPkg/VirtioPciDeviceDxe: supply missing BUS_MASTER attribute + + UefiCpuPkg MpInitLib: Save/restore original WakeupBuffer for +DxeMpLib + + ShellPkg UefiDpLib: Init CustomCumulativeData.MinDur + + MdeModulePkg DxeCore: Enhance "ConvertPages: Incompatible +memory types" + + MdeModulePkg DxeCore: Fix double free pages on LoadImage +failure path + + NetworkPkg/HttpBootDxe: Update device path node to include DNS +information + + MdeModulePkg/UefiBootManagerLib: Support DNS device path +description + + MdePkg/UefiDevicePathLib: Add DevPathFromTextDns and +DevPathToTextDns libraries + + MdePkg/DevicePath.h: Add DNS Device Path definition + + NetworkPkg/HttpDxe: Handle the HttpVersionUnsupported in the +HttpConfigData + + BaseTools: Support TabSpace between section tag in DEC file + + BaseTools: Don't need to add extra quotes when UI string from +file + + BaseTools/UPT: Support Multiple Installation + + BaseTools/Scripts: Add sample makefile for use with +RunMakefile.py + + BaseTools/Scripts: Add python script to run a makefile + + BaseTools/build: Expand PREBUILD/POSTBUILD DSC actions + + NetworkPkg/Ip6Dxe: Support SetData interface to clear specific +configuration + + MdeModulePkg/Ip4Dxe: Support SetData interface to clear +specific configuration + + ShellPkg/drivers: Fix GCC build failure + + BaseTools/edksetup.sh: fix invalid test for current working +directory + + ShellPkg/driver: Show "-" in non-SFO mode + + ShellPkg/drivers: Show Image Name in non-SFO mode + + MdeModulePkg: Variable: Fix typo in variable measure + + MdeModulePkg/NvmExpressDxe: Notify NVME HW when system reset +happens + + MdePkg/Nvme: Add NVME shutdown notification related macros + + NetworkPkg/HttpBootDxe: Refine the coding style. + + OvmfPkg/AcpiPlatformDxe: short-circuit the transfer of an empty +S3_CONTEXT + + MdeModulePkg SerialDxe: Process timeout consistently in +SerialRead + + UefiCpuPkg MtrrLib: Remove deprecated micro. + + UefiCpuPkg CpuDxe: Remove reference deprecated macro. + + UefiCpuPkg CpuDxe: Enhance get mtrr mask logic. + + BaseTools/Conf: apply nasmb, asm16 build rule order + + NetworkPkg/HttpDxe: Support HTTP Patch method + + OvmfPkg/PlatformPei: support >=1TB high RAM, and discontiguous +high RAM + + OvmfPkg/QemuFwCfgLib: Use BusMasterCommonBuffer to map +FW_CFG_DMA_ACCESS + + OvmfPkg/IoMmuDxe: Unmap(): recycle MAP_INFO after +BusMasterCommonBuffer[64] + + OvmfPkg/IoMmuDxe: abort harder on memory encryption mask +failures + + OvmfPkg/IoMmuDxe: implement in-place decryption/encryption for +Map/Unmap + + OvmfPkg/IoMmuDxe: rework setup of "MapInfo->PlainTextAddress" +in Map() + + OvmfPkg/IoMmuDxe: zero out pages before releasing them + + OvmfPkg/IoMmuDxe: clean up used library classes + + OvmfPkg/IoMmuDxe: propagate errors from AmdSevInstallIoMmuProtocol() + + OvmfPkg/IoMmuDxe: don't initialize local variables + + OvmfPkg/IoMmuDxe: convert UINTN arguments to UINT64 for the +%Lx fmt spec + + OvmfPkg/IoMmuDxe: rename HostAddress to CryptedAddress in +MAP_INFO + + OvmfPkg/IoMmuDxe: rename DeviceAddress to PlainTextAddress in +MAP_INFO + + OvmfPkg/IoMmuDxe: rewrap source code to 79 characters + + OvmfPkg/IoMmuDxe: Fix header guard macro + + MdeModulePkg/DisplayEngine: Fix incorrect display issue + + BaseTools/VfrCompile: Remove the MAX_PATH limitation + + BaseTools/VfrCompile: Fix segmentation fault issues + + NetworkPkg: iSCSI should allow to set 6 or 12 length of ISID +keyword. + + UefiCpuPkg: Enable Processor Trace feature. + + UefiCpuPkg: Add Processor Trace feature definition. + + UefiCpuPkg: Add Pcds used by processor trace feature. + + UefiCpuPkg/Msr: Add a missing IvyBridge processor signature + + MdeModulePkg PeiCore: Install SEC HOB data + + MdePkg: Add definition for SecHobData PPI + + UefiCpuPkg PiSmmCpuDxeSmm: Check LMCE capability when
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2017-06-17 10:19:03 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Sat Jun 17 10:19:03 2017 rev:14 rq:501237 version:2017+git1496630893.7ec69844b8 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2017-05-27 13:06:00.556317490 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2017-06-17 10:19:09.768138196 +0200 @@ -1,0 +2,77 @@ +Mon Jun 5 09:34:28 UTC 2017 - g...@suse.com + +- Update to 2017+git1496630893.7ec69844b8 + + ShellPkg/alias: Fix bug to support upper-case alias + + BaseTools/GCC ARM/AARCH64: Force disable PIE + + BaseTools/Scripts: discard .gnu.hash section in GCC builds + + OvmfPkg: make the 4MB flash size the default + + MdeModulePkg/BDS: Fix a buffer overflow bug + + CryptoPkg/BaseCryptLib: Add NULL pointer checks in DH and P7Verify + + UefiCpuPkg/BaseUefiCpuLib: Use NASM read-only data section name + + OvmfPkg/PlatformPei: align EmuVariableNvStore at any page boundary + + OvmfPkg/EmuVariableFvbRuntimeDxe: change block size to 4KB + + OvmfPkg/EmuVariableFvbRuntimeDxe: correct NumOfLba vararg type +in EraseBlocks() + + ArmPlatformPkg/NorFlashDxe: correct NumOfLba vararg type in +EraseBlocks() + + OvmfPkg/EmuVariableFvbRuntimeDxe: always format an auth +varstore header + + MdeModulePkg/PciBus: Add IOMMU support + + MdeModulePkg/PciHostBridge: Add IOMMU support + + MdeModulePkg/Include: Add IOMMU protocol definition + + ShellPkg/HandleParsingLib: Show LoadedImageProtocol file path +as text + + NetworkPkg: Fix issue in dns driver when building DHCP packet + + Addressing TCP Window Retraction when window scale factor is used + + Add wnd scale check before shrinking window + + UefiCpuPkg/MtrrLib: Don't report OutOfResource when MTRR is enough + + MdePkg DxeServicesLib: Handle potential NULL FvHandle + + OvmfPkg/PlatformPei: handle non-power-of-two spare size for +emu variables + + SecurityPkg/Pkcs7VerifyDxe: Add format check in DB list contents + + OvmfPkg: raise max variable size (auth & non-auth) to 33KB for +FD_SIZE_4MB + + OvmfPkg: introduce 4MB flash image (mainly) for Windows HCK + + OvmfPkg/OvmfPkg.fdf.inc: extract VARS_LIVE_SIZE and +VARS_SPARE_SIZE macros + + OvmfPkg: introduce the FD_SIZE_IN_KB macro / build flag + + ArmVirtPkg: install EdkiiPlatformHasDeviceTree proto in the +32-bit builds + + NetworkPkg: Fix PXEv6 boot failure when DhcpBinl offer received + + NetworkPkg: Fix bug in iSCSI mode ipv6 when enabling target DHCP + + Fix issue the iSCSI client can not send reset packet + + CryptoPkg/SmmCryptLib: Enable HMAC-SHA256 support for SMM + + ShellPkg/Shell: eliminate double-free in RunSplitCommand() + + ShellPkg/Shell: clean up bogus member types in SPLIT_LIST + + MdeModulePKg/BDS: Build meaningful description for Wi-Fi boot +option + + MdeModulePkg/DeviceManagerUiLib: Fix the network device MAC +display issue + + MdeModulePkg/Mtftp4Dxe: Add invalid ServerIp check during MTFTP +configuration + + NetworkPkg/TlsAuthConfigDxe: Close and free the file related +resource + + NetworkPkg: Correct the proxy DHCP offer handing + + NetworkPkg/HttpDxe: Fix HTTP download OS image over 4G size +failure + + MdeModulePkg/UefiBootManagerLib: Avoid buggy USB short-form +expanding + + NetworkPkg: Fix bug related DAD issue in IP6 driver + + NetworkPkg: Add check logic for iSCSI driver + + MdeModulePkg PiSmmCore: Enhance SMM FreePool to catch buffer +overflow + + UefiCpuPkg/PiSmmCpuDxeSmm: Lock should be acquired + + MdeModulePkg/BootManagerMenu: Add assertion to indicate no DIV +by 0 + + CryptoPkg: Correct some minor issues in function comments + + MdePkg/UefiLib: Avoid mis-calculate of graphic console size + + MdeModulePkg/PiSmmCore: Fix potentially uninitialized local +variable + + MdeModulePkg DxeCore: Fix issue to print GUID value %g without +pointer + + ArmVirtPkg/ArmVirtXen: remove ARM BdsLib library class resolution +- Add ovmf-disable-ia32-firmware-piepic.patch to disable pic/pie + explicitly since gcc7 in Factory enables pic/pie by default but + GenFw cannot handle the GOT sections and failed the build. + +--- Old: ovmf-2017+git1492060560.b6d11d7c46.tar.xz New: ovmf-2017+git1496630893.7ec69844b8.tar.xz ovmf-disable-ia32-firmware-piepic.patch Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.mZrIbY/_old 2017-06-17 10:19:11.123946942 +0200 +++ /var/tmp/diff_new_pack.mZrIbY/_new 2017-06-17 10:19:11.127946378 +0200 @@ -24,7
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2017-05-27 13:05:59 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Sat May 27 13:05:59 2017 rev:13 rq:493403 version:2017+git1492060560.b6d11d7c46 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2017-05-03 15:57:55.298029805 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2017-05-27 13:06:00.556317490 +0200 @@ -1,0 +2,6 @@ +Sat May 6 20:34:20 UTC 2017 - meiss...@suse.com + +- ovmf-pie.patch: add -fPIE to the Common build Makefile to + allow a global PIE build. + +--- @@ -137,0 +144 @@ +(bsc#1030565) @@ -442,0 +450 @@ +(bsc#1013603) @@ -451 +459 @@ -vblk prefix +vblk prefix (bsc#1009707) New: ovmf-pie.patch Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.P6n86Q/_old 2017-05-27 13:06:02.963977074 +0200 +++ /var/tmp/diff_new_pack.P6n86Q/_new 2017-05-27 13:06:02.967976508 +0200 @@ -14,7 +14,6 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # -# needssslcertforbuild %undefine _build_create_debug @@ -47,6 +46,7 @@ Source101: gdb_uefi.py.in Patch2: %{name}-embed-default-keys.patch Patch3: %{name}-gdb-symbols.patch +Patch4: %{name}-pie.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: fdupes BuildRequires: gcc @@ -160,6 +160,7 @@ %patch2 -p1 %endif %patch3 -p1 +%patch4 -p1 # add openssl pushd CryptoPkg/Library/OpensslLib ++ ovmf-pie.patch ++ Index: ovmf-2017+git1492060560.b6d11d7c46/BaseTools/Source/C/Makefiles/header.makefile === --- ovmf-2017+git1492060560.b6d11d7c46.orig/BaseTools/Source/C/Makefiles/header.makefile +++ ovmf-2017+git1492060560.b6d11d7c46/BaseTools/Source/C/Makefiles/header.makefile @@ -49,7 +49,7 @@ ifeq ($(DARWIN),Darwin) # assume clang or clang compatible flags on OS X BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -Wall -Werror -Wno-deprecated-declarations -Wno-self-assign -Wno-unused-result -nostdlib -c -g else -BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -Wall -Werror -Wno-deprecated-declarations -Wno-unused-result -nostdlib -c -g +BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -Wall -Werror -Wno-deprecated-declarations -Wno-unused-result -nostdlib -c -g -fPIE endif BUILD_LFLAGS = BUILD_CXXFLAGS = -Wno-unused-result
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2017-05-03 15:57:50 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Wed May 3 15:57:50 2017 rev:12 rq:492421 version:2017+git1492060560.b6d11d7c46 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2017-04-24 09:46:43.305456052 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2017-05-03 15:57:55.298029805 +0200 @@ -4 +4 @@ -- Update to 2017+git1492060560.b6d11d7c46 +- Update to 2017+git1492060560.b6d11d7c46 (fate#322331, bsc#1032659) Other differences: --
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2017-04-24 09:46:39 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Mon Apr 24 09:46:39 2017 rev:11 rq:487904 version:2017+git1492060560.b6d11d7c46 Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2017-03-10 21:09:33.454888394 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2017-04-24 09:46:43.305456052 +0200 @@ -1,0 +2,118 @@ +Thu Apr 13 07:13:09 UTC 2017 - g...@suse.com + +- Update to 2017+git1492060560.b6d11d7c46 + + MdePkg: BaseIoLibIntrinsic (IoLib class) library + + MdeModulePkg/IdeBusPei: Fix undefined behavior in signed left +shift + + MdeModulePkg/ScsiDiskDxe: Fix undefined behavior in signed left +shift + + OvmfPkg/QemuVideoDxe: VMWare SVGA device support + + MdeModulePkg/UefiBootManagerLib: Enhance short-form expanding +logic + + CryptoPkg/BaseCryptLib: Adding NULL checking in time() wrapper + + CryptoPkg: Fix possible unresolved external symbol issue. + + CryptoPkg/OpensslLib: Suppress extra build warnings in openssl +source + + CryptoPkg: Move openssl and CRT headers to private include +section + + BaseTools: Update tools_def.template to add -fno-builtin in GCC +tool chain + + SecurityPkg: SecureBootConfigDxe: Support AUTH_2 enrollment to +DBX + + MdeModulePkg/UefiHiiLib:Fix incorrect comparison expression + + ArmVirtPkg/ArmVirtQemuKernel: increase slack space for DTB + + ArmVirtPkg/FdtClientDxe: honor memory DT node 'status' property + + NetworkPkg: Fix some bugs related to iSCSI keyword configuration + + MdeModulePkg/DxeHttpLib: Avoid the pointless comparison of +UINTN with zero + + BaseTools: Enhance expression to support some more operation + + MdePkg/Shell.h: Update Shell version from 2.1 to 2.2 + + UefiCpuPkg/PiSmmCpuDxeSmm: Update saved SMM ranges check in +SmmProfile + + ArmVirtPkg/PlatformHasAcpiDtDxe: allow guest level ACPI disable +override + + BaseTools/GCC AARCH64: force disable PIC code generation + + UefiCpuPkg/MtrrLib: Use a better algorithm to calculate MTRR + + MdeModulePkg/SmmCore: Fix memory leak on Profile unregistered + + OvmfPkg: Allow multiple add-pointer linker commands to same +ACPI table +- Drop upstream patch: ovmf-bsc1031336-fix-hii-gcc7-build.patch + +--- +Wed Apr 5 04:43:20 UTC 2017 - g...@suse.com + +- Add ovmf-bsc1031336-fix-hii-gcc7-build.patch to fix gcc7 build + (bsc#1031336) + +--- +Thu Mar 30 08:31:38 UTC 2017 - g...@suse.com + +- Update to 2017+git1490844769.d3017dd96b + + MdeModulePkg/DxeHttpLib: Fix the incorrect return status if URI +port is invalid + + NetworkPkg/DnsDxe: Fix zero StationIp configuration failure of +DNSv6 + + CryptoPkg: Clean-up CRT Library Wrapper + + CryptoPkg: Fix handling of function pointers + + CryptoPkg/OpensslLib: Update INF files to support OpenSSL-1.1.0x +build + + ArmVirtPkg/PlatformHasAcpiDtDxe: don't expose DT if QEMU +provides ACPI + + ArmVirtPkg: enable AcpiTableDxe and EFI_ACPI_TABLE_PROTOCOL +dynamically + + ArmVirtPkg: add XenPlatformHasAcpiDtDxe + + ArmVirtPkg: add PlatformHasAcpiDtDxe + + UefiCpuPkg/AcpiCpuData.h: Support >4GB MMIO address + + NetworkPkg/IScsiDxe: Fix the incorrect error handling in +DriverEntryPoint + + Fix potential ASSERT if NetIp4IsUnicast is called + + ArmPkg/PlatformBootManagerLib: move to BootLogoLib for boot +splash support + + UefiCpuPkg: Add CPU Features PEI/DXE drivers + + ArmVirtPkg/HighMemDxe: use CPU arch protocol to apply memprotect +policy + + MdeModulePkg/BootGraphicsResourceTableDxe: don't allocate below +4 GB + + MdeModulePkg/DxeCore: deal with allocations spanning several +memmap entries + + MdeModulePkg/AcpiTableDxe: Not make FADT.{DSDT,X_DSDT} mutual +exclusion + + NetworkPkg: Fix service binding issue in TCP dxe + + MdeModulePkg: Fix service binding issue in TCP4 and Ip4 dxe + + MdeModulePkg: Fix bug in DxeHttplib when converting port number + + MdeModulePkg/Ip4Dxe: Add Ip/Netmask pair check for Ip4Config2 + + ArmPkg/UncachedMemoryAllocationLib: set XP bit via CPU arch +protocol + + MdeModulePkg DxeCore: Remove unreferenced symbol for memory +profile + + MdeModulePkg PiSmmCore: Remove unreferenced symbol for SMRAM +profile + + NetworkPkg: Fix potential bug if the iSCSI use dns protocol + + MdePkg/UefiDevicePathLib: Fix the wrong MAC address length + + OvmfPkg/AcpiPlatformDxe: save fw_cfg boot script with QemuFwCfgS3Lib + + ArmVirtPkg, OvmfPkg: retire QemuFwCfgS3Enabled() from QemuFwCfgLib + + OvmfPkg: resolve QemuFwCfgS3Lib + + ArmVirtPkg:
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2017-01-25 22:39:45 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2016-12-02 16:37:06.0 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2017-01-25 22:39:47.129323003 +0100 @@ -1,0 +2,77 @@ +Tue Jan 24 04:04:31 UTC 2017 - g...@suse.com + +- update to 2017+git1485224553.6671cd7444 + + NetworkPkg: Fix protocol handler service in HttpDxe + + OvmfPkg: Allow HTTP connections if HTTP Boot enabled + + NetworkPkg: Add PCD to enable the HTTP connections switch + + MdePkg: Add definitions for SMBIOS spec 3.1.0 + + ArmPlatformPkg/NorFlashDxe: Change Flash memory attributes +before writes + + MdePkg DxeHobLib: Make GetHobList working before Constructor +is called + + NetworkPkg: Add dns support for target URL configuration in +ISCSI + + MdeModulePkg/FileExplorer: Enable functionality of creating +new file/folder + + OvmfPkg: pull in TLS modules with -D TLS_ENABLE (also enabling +HTTPS) + + OvmfPkg: correct the IScsiDxe module included for the IPv6 stack + + OvmfPkg: always resolve OpenSslLib, IntrinsicLib and +BaseCryptLib + + OvmfPkg: Modify QemuFwCfgLib to use new IoLib class library + + OvmgPkg/PlatformBootManagerLib: Add Debug Agent console + + OvmfPkg/SmmControl2Dxe: correct PCI_CONFIG_READ_WRITE in S3 +boot script + + OvmfPkg: Install BGRT ACPI table + + MdeModulePkg/Bds: Fix a bug that may causes S4 fails to resume + + MdePkg, MdeModulePkg: S3BootScriptSaveMemPoll(): accept 64-bit +LoopTimes + + NetworkPkg/HttpDxe: Fix the potential NULL dereference + + NetworkPkg/HttpDxe: HTTPS support over IPv4 and IPv6 + + NetworkPkg/TlsAuthConfigDxe: Provide the UI to support TLS +auth configuration + + NetworkPkg/TlsDxe: TlsDxe driver implementation over OpenSSL + + MdePkg: Add TLS related protocol definition + + MdePkg/MemoryLib: Refine InternalMemSetMem16|32|64 functions +logic + + NetworkPkg: Replace ASSERT with error return code in PXE and +HTTP boot driver + + MdeModulePkg: Replace ASSERT with error return code in PXE +driver + + UefiCpuPkg/Cpuid.h: Update CPUID definitions with SDM (Sep.2016) + + UefiCpuPkg/Include: Update MSR header files with SDM (Sep.2016) + + UefiCpuPkg/PiSmmCpuDxeSmm: Always initialze PSD + + MdeModulePkg/PiSmmCore: MemoryAttributeTable need keep non-PE +record + + MdeModulePkg/PiSmmCore: AllocatePool should use MemoryType + + OvmfPkg/XenHypercallLib: Add EFIAPI + + OvmfPkg/QemuFwCfgLib: support QEMU's DMA-like fw_cfg access +method + + ArmVirtPkg/QemuFwCfgLib: rebase lib instance to updated lib +class header + + OvmfPkg/QemuFwCfgLib: extend lib class header with more +definitions + + ArmVirtPkg, OvmfPkg: QemuFwCfgLib: move DMA-related defs to lib +class + + OvmfPkg/QemuFwCfgLib: move InternalQemuFwCfgIsAvailable() to +lib instances + + ArmVirtPkg/QemuFwCfgLib: remove superfluous InternalQemuFwCfgIsAvailable() + + OvmfPkg: Remove use of IntelFrameworkModulePkg legacy libs + + UefiCpuPkg/PiSmmCpuDxeSmm: Remove MTRRs from PSD structure + + UefiCpuPkg/PiSmmCpuDxeSmm: Clear some semaphores on S3 boot +path + + ArmPkg/ArmDmaLib: add support for fixed host-to-device DMA +offset + + ArmPkg/ArmDmaLib: clean up abuse of device address + + ArmPkg/ArmDmaLib: fix incorrect device address of double buffer + + ArmPkg/ArmDmaLib: use DMA buffer alignment from CPU arch +protocol + + ArmPkg/ArmMmuLib: support page tables in cacheable memory only + + UefiCpuPkg/PiSmmCpu: relax superpage protection on page split + + OvmfPkg/PlatformPei: take VCPU count from QEMU and configure +MpInitLib + + UefiCpuPkg/MpInitLib: wait no longer than necessary for initial +AP startup +- Enable TLS support by default (for HTTPS) + +--- Old: ovmf-2017+git1480394913.2b2efe3.tar.xz New: ovmf-2017+git1485224553.6671cd7444.tar.xz Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.Pxqcnd/_old 2017-01-25 22:39:48.849063188 +0100 +++ /var/tmp/diff_new_pack.Pxqcnd/_new 2017-01-25 22:39:48.861061376 +0100 @@ -1,7 +1,7 @@ # # spec file for package ovmf # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -25,7 +25,7 @@ Summary:Open Virtual Machine Firmware License:
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2016-12-02 16:37:04 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2016-10-18 10:09:16.0 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2016-12-02 16:37:06.0 +0100 @@ -1,0 +2,149 @@ +Tue Nov 29 07:07:40 UTC 2016 - g...@suse.com + +- update to 2017+git1480394913.2b2efe3: + + UefiCpuPkg/PiSmmCpuDxeSmm: handle dynamic +PcdCpuMaxLogicalProcessorNumber + + SecurityPkg Tcg2ConfigDxe: Align Attempt TPM Device help with +options + + SecurityPkg Tcg2ConfigDxe: Remove BlockSID actions and related +strings + + SecurityPkg OpalPasswordDxe: Use PP actions to enable BlockSID + + SecurityPkg Tcg2PPLib: Support BlockSID related actions + + MdeModulePkg/NetLib: Handle an invalid IPv6 address case + + UefiCpuPkg/DxeMpLib: Fix bug when getting target C-State from +eax + + UefiCpuPkg/DxeMpLib: Make sure APs in safe loop code + + UefiCpuPkg/DxeMpLib: Allocate new safe stack < 4GB + + UefiCpuPkg/DxeMpLib: Get safe AP loop handler from global +variable + + ArmPlatformPkg: Fix VE RTSM mem map descriptor count + + ArmPlatformPkg: Reformat VE Memory Map code + + ArmPkg: remove the LinuxLoader application + + MdeModulePkg/SetupBrowser:Don't support password without +interactive flag + + MdeModulePkg/DisplayEngine: Popup dialogue when password is +not supported + + MdeModulePkg/AtaAtapiPassThru: Ensure GHC.AE bit is always set +in Ahci + + MdeModulePkg/Xhci: Add 10ms delay before sending SendAddr cmd +to dev + + UefiCpuPkg/PiSmmCpu: Correct exception message + + UefiCpuPkg: fix feature test for Extended Topology CPUID leaf + + SecurityPkg DxeTcg2PPLib: Lock Tcg2PhysicalPresenceFlags +variable on S4 + + MdeModulePkg/DxeNetLib: Allow the IPv4/prefix case when +AsciiStrToIp4 + + ShellPkg: update ping6 to use timer service instead of timer +arch protocol + + MdeModulePkg/DisplayEngine: Return the selectable menu +correctly + + SecurityPkg Tcg2Dxe: ASSERT to ensure 'VarData' is not NULL + + SecurityPkg TcgStorageCoreLib: ASSERT to ensure 'ByteSeq' is +not NULL + + UefiCpuPkg/PiSmmCpuDxeSmm: dynamic PcdCpuSmmApSyncTimeout, +PcdCpuSmmSyncMode + + MdeModulePkg/PiSmmCore: Cache CommunicationBuffer info before +using it + + Check for the max DHCP packet length before use it + + OvmfPkg: Add 4K PE alignment to enable SMM page level +protection + + UefiCpuPkg/PiSmmCpu: Check XdSupport before set NX + + MdeModulePkg/BdsDxe: Avoid overwriting PlatformRecovery + + MdeModulePkg/BdsDxe: Fix bug to run non-first +PlatformRecovery + + PcAtChipsetPkg/PcRtc: Handle NULL table entry in RSDT/XSDT + + UefiCpuPkg/SecCore: Correct print format for stack information + + MdeModulePkg/PiSmmCpuDxeSmm: Check RegisterCpuInterruptHandler +status + + MdeModulePkg/CpuExceptionHanderLibNull: +RegisterCpuInterruptHandler() + + UefiCpuPkg/PiSmmCpuDxeSmm: Add volatile to mNumberToFinish + + UefiCpuPkg/PiSmmCpuDxeSmm: TransferApToSafeState() use UINTN +params + + MdePkg/BaseSynchronizationLib: Fix function names in function +headers + + MdePkg/BaseSynchronizationLib: Add volatile Interlocked*() APIs + + MdePkg/Include: Add volatile to SynchronizationLib parameters + + UefiCpuPkg/MpInitLib: support 64-bit AP stack addresses + + UefiCpuPkg/MpInitLib/X64/MpFuncs.nasm: fix fatal typo + + UefiCpuPkg/MpInitLib/X64/MpFuncs.nasm: remove superfluous +instruction + + UefiCpuPkg/DxeMpInitLib: remove duplicate HobLib class +dependency + + MdeModulePkg/Include: Add PiSmmMemoryAttributesTable.h + + MdeModulePkg HiiDatabase: Remove extra memory initialization + + UefiCpuPkg/PiSmmCpuDxeSmm: Add paging protection + + UefiCpuPkg/dec: Add PcdCpuSmmStaticPageTable + + MdeModulePkg/PiSmmCore: Add MemoryAttributes support + + ArmVirtPkg DxeHobLib: Update func header description of +BuildFv(2)Hob() + + IntelFrameworkPkg PeiHobLib: Check FV alignment when building +FV HOB + + MdePkg HobLib: Check FV alignment when building FV HOB + + MdeModulePkg DxeCore: Show error message on unaligned FvImage +issue + + MdeModulePkg/Ip4Dxe: Correct the return status + + MdeModulePkg/Ip4Dxe: Add wrong/invalid subnet check + + OvmfPkg AcpiTables: Use PcdDebugIoPort to describe QEMU debug +console + + MdePkg/BaseLib: Add one wrapper on RdRand access for parameter +check + + UefiCpuPkg/MpInitLib: Update AP information when BSP switched + + UefiCpuPkg/MpInitLib: Program AP stack in fixed address + + UefiCpuPkg/MpInitLib: Add InitFlag and CpuInfo in +MP_CPU_EXCHANGE_INFO + + UefiCpuPkg/MpInitLib: Remove CPU
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2016-10-18 10:09:14 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2016-09-25 14:29:01.0 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2016-10-18 10:09:16.0 +0200 @@ -1,0 +2,34 @@ +Thu Oct 13 07:07:04 UTC 2016 - g...@suse.com + +- update to 2017+git1476331065.08354c3: + + OvmfPkg: add NOOPT build target for source level debugging + + OvmfPkg: QemuVideoDxe uses MdeModulePkg/FrameBufferLib + + BaseTools: support the NOOPT target with the GCC tool chains + + BaseTools Makefile: Enable O2 option for GCC tool chain + + CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2j + + MdeModulePkg/Logo: Add LogoDxe module + + MdeModulePkg/HiiDatabase: Add HiiImageEx implementation + + MdeModulePkg/PciBusDxe: make OPROM BAR degradation configurable + + NetworkPkg: Correct the DNS token return status by RCODE + + BaseTools/EfiRom: supply missing machine type lookup strings + + ArmVirtPkg: restrict mapping attributes of normal memory to +EFI_MEMORY_WB + + OvmfPkg/QemuBootOrderLib: drop too strict "/HD(" suffix from +vblk prefix + + NetworkPkg/DnsDxe: Handle CNAME type responded from the name +server + + ArmVirtPkg/FdtPciHostBridgeLib: enable 64-bit PCI DMA + + MdeModulePkg: Support classless IP for DHCPv4 TransmitReceive() + + ArmVirtPkg: implement FdtPciHostBridgeLib + + OvmfPkg: Use MdeModulePkg/ResetSystemRuntimeDxe + + OvmfPkg/VirtioGpuDxe: implement EFI_GRAPHICS_OUTPUT_PROTOCOL + + include VirtioGpuDxe in the platform DSC/FDF files + + OvmfPkg/Virtio10Dxe: don't bind virtio-vga + + OvmfPkg/QemuVideoDxe: don't incorrectly bind virtio-gpu-pci + + BaseTools/GenFw: ignore dynamic RELA sections + + Add implementations of API IsZeroBuffer() + + ArmVirtPkg: Add Ramdisk support to ArmVirtPkg platforms + + ArmVirtPkg: Move inclusion of AcpiTableDxe.inf to ArmVirt.dsc.inc +- Drop upstreamed ArmVirtPkg-Enable-PCI-bus-probing-again.patch + +--- Old: ArmVirtPkg-Enable-PCI-bus-probing-again.patch openssl-1.0.2h.tar.gz openssl-1.0.2h.tar.gz.asc ovmf-2017+git1472049752.ea2f21e.tar.xz New: openssl-1.0.2j.tar.gz openssl-1.0.2j.tar.gz.asc ovmf-2017+git1476331065.08354c3.tar.xz Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.jZzWbo/_old 2016-10-18 10:09:18.0 +0200 +++ /var/tmp/diff_new_pack.jZzWbo/_new 2016-10-18 10:09:18.0 +0200 @@ -19,14 +19,14 @@ # needssslcertforbuild %undefine _build_create_debug -%define openssl_version 1.0.2h +%define openssl_version 1.0.2j Name: ovmf Url: http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=EDK2 Summary:Open Virtual Machine Firmware License:BSD-2-Clause Group: System/Emulators/PC -Version:2017+git1472049752.ea2f21e +Version:2017+git1476331065.08354c3 Release:0 Source0:%{name}-%{version}.tar.xz Source1: https://www.openssl.org/source/openssl-%{openssl_version}.tar.gz @@ -48,7 +48,6 @@ Source101: gdb_uefi.py.in Patch2: %{name}-embed-default-keys.patch Patch3: %{name}-gdb-symbols.patch -Patch4: ArmVirtPkg-Enable-PCI-bus-probing-again.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: fdupes BuildRequires: gcc @@ -164,7 +163,6 @@ %patch2 -p1 %endif %patch3 -p1 -%patch4 -p1 # Intel has special patches for openssl pushd CryptoPkg/Library/OpensslLib/openssl-%{openssl_version} patch -p1 -i ../EDKII_openssl-%{openssl_version}.patch ++ ovmf-2017+git1472049752.ea2f21e.tar.xz -> ovmf-2017+git1476331065.08354c3.tar.xz ++ /work/SRC/openSUSE:Factory/ovmf/ovmf-2017+git1472049752.ea2f21e.tar.xz /work/SRC/openSUSE:Factory/.ovmf.new/ovmf-2017+git1476331065.08354c3.tar.xz differ: char 25, line 1
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2016-09-25 14:28:59 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2016-08-26 23:14:07.0 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2016-09-25 14:29:01.0 +0200 @@ -1,0 +2,10 @@ +Wed Sep 14 10:13:49 UTC 2016 - dmuel...@suse.com + +- update to 2017+git1472049752.ea2f21e: + + switches git branch from an (outdated) master tree + to the UDK2017 branch, which provides an insane amount of + changes. for details please look at https://github.com/tianocore/edk2/commits/UDK2017 +- unify build flags with aarch64 build for increased compatibility with + openSUSE installation medias + +--- Old: ovmf-2015+git1471575292.00bcb5c.tar.xz New: ovmf-2017+git1472049752.ea2f21e.tar.xz Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.UxH8fY/_old 2016-09-25 14:29:03.0 +0200 +++ /var/tmp/diff_new_pack.UxH8fY/_new 2016-09-25 14:29:03.0 +0200 @@ -26,7 +26,7 @@ Summary:Open Virtual Machine Firmware License:BSD-2-Clause Group: System/Emulators/PC -Version:2015+git1471575292.00bcb5c +Version:2017+git1472049752.ea2f21e Release:0 Source0:%{name}-%{version}.tar.xz Source1: https://www.openssl.org/source/openssl-%{openssl_version}.tar.gz @@ -53,10 +53,10 @@ BuildRequires: fdupes BuildRequires: gcc BuildRequires: gcc-c++ +BuildRequires: iasl BuildRequires: libuuid-devel BuildRequires: python -%ifnarch aarch64 %arm -BuildRequires: iasl +%ifnarch %arm BuildRequires: nasm %endif %ifarch x86_64 @@ -193,7 +193,7 @@ make -C BaseTools %else %ifarch aarch64 - BUILD_OPTIONS="-D SECURE_BOOT_ENABLE -a AARCH64 -p ArmVirtPkg/ArmVirtQemu.dsc -b RELEASE -t $TOOL_CHAIN_TAG" + BUILD_OPTIONS="$OVMF_FLAGS -a AARCH64 -p ArmVirtPkg/ArmVirtQemu.dsc -b DEBUG -t $TOOL_CHAIN_TAG" ARCH=AARCH64 make -C BaseTools %else %ifarch %arm @@ -316,7 +316,7 @@ %else %ifarch aarch64 -cp Build/ArmVirtQemu-AARCH64/RELEASE_GCC*/FV/QEMU_EFI.fd qemu-uefi-aarch64.bin +cp Build/ArmVirtQemu-AARCH64/DEBUG_GCC*/FV/QEMU_EFI.fd qemu-uefi-aarch64.bin dd of="aavmf-aarch64-code.bin" if="/dev/zero" bs=1M count=64 dd of="aavmf-aarch64-code.bin" if="qemu-uefi-aarch64.bin" conv=notrunc dd of="aavmf-aarch64-vars.bin" if="/dev/zero" bs=1M count=64 ++ _service ++ --- /var/tmp/diff_new_pack.UxH8fY/_old 2016-09-25 14:29:03.0 +0200 +++ /var/tmp/diff_new_pack.UxH8fY/_new 2016-09-25 14:29:03.0 +0200 @@ -1,7 +1,8 @@ ovmf -2015+git%at.%h +2017+git%at.%h +UDK2017 https://github.com/tianocore/edk2.git git ++ ovmf-2015+git1471575292.00bcb5c.tar.xz -> ovmf-2017+git1472049752.ea2f21e.tar.xz ++ /work/SRC/openSUSE:Factory/ovmf/ovmf-2015+git1471575292.00bcb5c.tar.xz /work/SRC/openSUSE:Factory/.ovmf.new/ovmf-2017+git1472049752.ea2f21e.tar.xz differ: char 25, line 1 ++ ovmf-gdb-symbols.patch ++ --- /var/tmp/diff_new_pack.UxH8fY/_old 2016-09-25 14:29:03.0 +0200 +++ /var/tmp/diff_new_pack.UxH8fY/_new 2016-09-25 14:29:03.0 +0200 @@ -14,11 +14,10 @@ create mode 100644 DebugPkg/GdbSyms/GdbSyms.inf create mode 100644 DebugPkg/Scripts/gdb_uefi.py -diff --git a/DebugPkg/DebugPkg.dec b/DebugPkg/DebugPkg.dec -new file mode 100644 -index 000..e12401d +Index: ovmf-2017+git1472049752.ea2f21e/DebugPkg/DebugPkg.dec +=== --- /dev/null -+++ b/DebugPkg/DebugPkg.dec ovmf-2017+git1472049752.ea2f21e/DebugPkg/DebugPkg.dec @@ -0,0 +1,34 @@ +## @file +# Debug package - various useful stuff for debugging. @@ -54,11 +53,10 @@ + +[LibraryClasses] + -diff --git a/DebugPkg/GdbSyms/GdbSyms.c b/DebugPkg/GdbSyms/GdbSyms.c -new file mode 100644 -index 000..2551dfa +Index: ovmf-2017+git1472049752.ea2f21e/DebugPkg/GdbSyms/GdbSyms.c +=== --- /dev/null -+++ b/DebugPkg/GdbSyms/GdbSyms.c ovmf-2017+git1472049752.ea2f21e/DebugPkg/GdbSyms/GdbSyms.c @@ -0,0 +1,70 @@ +/** @file + @@ -130,11 +128,10 @@ +} + + -diff --git a/DebugPkg/GdbSyms/GdbSyms.inf b/DebugPkg/GdbSyms/GdbSyms.inf -new file mode 100644 -index 000..afb7887 +Index: ovmf-2017+git1472049752.ea2f21e/DebugPkg/GdbSyms/GdbSyms.inf +=== --- /dev/null -+++ b/DebugPkg/GdbSyms/GdbSyms.inf
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2016-08-26 23:14:04 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2016-08-03 11:36:53.0 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2016-08-26 23:14:07.0 +0200 @@ -1,0 +2,132 @@ +Fri Aug 19 06:30:05 UTC 2016 - g...@suse.com + +- Update to 2015+git1471575292.00bcb5c + + NetworkPkg/IpSecDxe: Fix UEFI IKE Initial Exchange failure + + MdeModulePkg: Fix potential failure if UseDefaultAddress +configured + + OvmfPkg: Add MpInitLib reference in DSC files + + SecurityPkg: AuthVariableLib: Fix inconsistent CertDB case + + OvmfPkg: use StatusCode Router and Handler from MdeModulePkg + + ArmVirtPkg/ArmVirtPrePiUniCoreRelocatable: deal with relaxed +XIP alignment + + BaseTools GCC: introduce GCC5 toolchain to support GCC v5.x in +LTO mode + + BaseTools GCC: use 'gcc' as the linker command for GCC44 and +later + + ArmVirtPkg/ArmVirtPrePiUniCoreRelocatable: ignore .hash and +.note sections + + OvmfPkg/Sec: Support SECTION2 DXEFV types + + Preserve hii section in GCC binaries + + Fix IPv6 HTTPClient vendor class data + + CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2h + + NetworkPkg: Fix bug in TCP which not sending out ACK in +certain circumstance + + OvmfPkg: include UefiCpuPkg/CpuMpPei + + OvmfPkg/PlatformPei: rebase and resize the permanent PEI memory +for S3 + + SecurityPkg SecureBootConfigDxe: Add check for the external +PE/COFF image + + ArmVirtPkg/PlatformBootManagerLib: remove stale FvFile boot +options + + OvmfPkg/PlatformPei: add missing auto variable initialization + + OvmfPkg: add PciHotPlugInitDxe + + MdeModulePkg/PciBusDxe: recognize hotplug-capable PCIe ports + + OvmfPkg/PlatformBootManagerLib: remove stale FvFile boot +options + + OvmfPkg: add a Name GUID to each Firmware Volume + + CryptoPkg BaseCryptLib: Init the content of struct 'CertCtx' +before use + + CryptoPkg BaseCryptLib: Avoid passing NULL ptr to function +BN_bn2bin() + + MdeModulePkg/Bds: MemoryTypeInformation excludes boot option +mem use + + MdeModulePkg: Fix IPv4 stack potential disappeared issue + + NetworkPkg: Stop the HTTP Boot service after the boot image +download complete + + ArmVirtPkg: Re-add the Driver Health Manager + + OvmfPkg: Re-add the Driver Health Manager + + ArmVirtPkg/ArmVirtXen: Add ACPI support for Virt Xen ARM + + Massive conversion of assembly code to NASM + + MdeModulePkg/UefiBootManagerLib: Fix data in +MemoryTypeInformation + + ArmVirtPkg: add FDF definition for empty varstore + + ArmVirtPkg/ArmVirtQemu: switch secure boot build to NorFlashDxe + + NetworkPkg: Handling timeout case in httpboot driver + + NetworkPkg: HttpDxe response/cancel issue fix + + NetworkPkg: Support TCP Cancel function + + MdeModulePkg/RamDiskDxe: Add Memory Type selection support in +Ramdisk HII + + MdeModulePkg RamDiskDxe: Do not save 'Size' numeric value by +varstore + + MdeModulePkg: Fix IPv4 UseDefaultAddress failure case + + MdeModulePkg/AtaBusDxe: Fix some ATA hard drives cannot be +discovered + + ArmVirtPkg/PlatformBootManagerLib: rebase boot logo display to +BootLogoLib + + OvmfPkg: set SMM stack size to 16KB + + OvmfPkg/PlatformBootManagerLib: Connect the Xen drivers before +loading NvVars + + MdeModulePkg: Fix SNP.Initialize() spec conformance issue + + OvmfPkg: raise DXEFV size to 10 MB + + MdeModulePkg: Stop the timer before clean IP service + + OvmfPkg/PlatformBootManagerLib: rebase boot logo display to +BootLogoLib + + OvmfPkg/SerializeVariablesLib: Relax check for the read-only +variable + + OvmfPkg: prevent 64-bit MMIO BAR degradation if there is no CSM + + OvmfPkg, ArmVirtPkg: rename QemuNewBootOrderLib to +QemuBootOrderLib + + MdeModulePkg/PciBus: do not improperly degrade resource + + NetworkPkg/HttpDxe: Don't free Wrap in HttpTcpReceiveNotifyDpc + + NetworkPkg/TcpDxe: Remove the status check of +SockProcessRcvToken + + UefiCpuPkg/SmmCpuFeaturesLib: Add SMRR PhysBase/PhysMask +fields check + + MdeModulePkg: Skip invalid bus number scanning in PciBusDxe +driver + + OvmfPkg/PlatformPei: provide 10 * 4KB of PCI IO Port space on +Q35 + + OvmfPkg: introduce ICH9_PMBASE_VALUE + + OvmfPkg: replace PcdAcpiPmBaseAddress with PIIX4_PMBA_VALUE + + OvmfPkg/AcpiTimerLib: don't use possibly unset PMBA register +(PEI phase) + + MdeModulePkg: Refine the code for DxeHttpLib + + OvmfPkg/XenBusDxe: duplicate twice-iterated VA_LIST in +XenStoreVSPrint() + + SecurityPkg: Use PcdGet32() to access PcdPeiCoreMaxFvSupported + +
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2016-08-03 11:36:51 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2016-07-01 09:51:46.0 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2016-08-03 11:36:53.0 +0200 @@ -1,0 +2,9 @@ +Wed Jul 27 04:13:18 UTC 2016 - g...@suse.com + +- Update openssl to 1.0.2h (bsc#990612) + + Add the patch: ovmf-bsc990612-update-openssl-1.0.2h.patch + + Update the openssl tarball +- Add ovmf-bsc990773-remove-stale-boot-options.patch to remove the + stale boot options (bsc#990773) + +--- Old: openssl-1.0.2g.tar.gz openssl-1.0.2g.tar.gz.asc New: openssl-1.0.2h.tar.gz openssl-1.0.2h.tar.gz.asc ovmf-bsc990612-update-openssl-1.0.2h.patch ovmf-bsc990773-remove-stale-boot-options.patch Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.HlhCzv/_old 2016-08-03 11:36:55.0 +0200 +++ /var/tmp/diff_new_pack.HlhCzv/_new 2016-08-03 11:36:55.0 +0200 @@ -19,7 +19,7 @@ # needssslcertforbuild %undefine _build_create_debug -%define openssl_version 1.0.2g +%define openssl_version 1.0.2h Name: ovmf Url: http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=EDK2 @@ -54,6 +54,15 @@ Patch7: %{name}-bsc980635-fix-http-crash.patch Patch8: %{name}-bsc982193-dont-restore-readonly-var.patch Patch9: %{name}-bsc982193-connect-xen-drivers.patch +# NOTE: edk2 retired NO_BUILTIN_VA_FUNCS right after the 1.0.2h patch, so the +# following commits may be necessary for the next openssl update: +# b2dc04a87fab89307240dc0f30b9a23bb5726c81 CryptoPkg: set new define to avoid MS ABI VA_LIST on GCC/X64 +# 48d5f9a551a93acb45f272dda879b0ab5a504e36 MdePkg: Enable new MS VA intrinsics for GNUC x86 64bits build +# 0676c285ba518ae81ca7f06278d4cc4958660864 EdkCompatibilityPkg: Enable new MS VA intrinsics for GNUC x86 64bits build +# 247093f45d94a3956cdd15c357fe7d6dca878df9 BaseTools/tools_def: enable Os optimization for GCC X64 builds +# 17ab1ec5accc866b77446f4e336e982bb5e1cc9f MdePkg CryptoPkg EdkCompatibilityPkg: retire NO_BUILTIN_VA_FUNCS define +Patch10:%{name}-bsc990612-update-openssl-1.0.2h.patch +Patch11:%{name}-bsc990773-remove-stale-boot-options.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: fdupes BuildRequires: gcc @@ -175,6 +184,8 @@ %patch7 -p1 %patch8 -p1 %patch9 -p1 +%patch10 -p1 +%patch11 -p1 # Intel has special patches for openssl pushd CryptoPkg/Library/OpensslLib/openssl-%{openssl_version} patch -p1 -i ../EDKII_openssl-%{openssl_version}.patch ++ ovmf-bsc990612-update-openssl-1.0.2h.patch ++ >From 535421d25307a1c212a5f514048229b8ab429d5d Mon Sep 17 00:00:00 2001 From: Qin LongDate: Wed, 13 Jul 2016 13:27:11 +0800 Subject: [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2h OpenSSL 1.0.2h was released with several severity fixes at 03-May-2016 (https://www.openssl.org/news/secadv/20160503.txt). Upgrade the supported OpenSSL version in CryptoPkg/OpensslLib to catch the latest release 1.0.2h. Cc: Ting Ye Cc: David Woodhouse Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long Reviewed-by: Ye Ting Tested-by: Laszlo Ersek --- CryptoPkg/CryptoPkg.dec| 2 +- ...ssl-1.0.2g.patch => EDKII_openssl-1.0.2h.patch} | 97 ++ CryptoPkg/Library/OpensslLib/Install.cmd | 2 +- CryptoPkg/Library/OpensslLib/Install.sh| 2 +- CryptoPkg/Library/OpensslLib/OpensslLib.inf| 2 +- CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt | 26 +++--- 6 files changed, 62 insertions(+), 69 deletions(-) rename CryptoPkg/Library/OpensslLib/{EDKII_openssl-1.0.2g.patch => EDKII_openssl-1.0.2h.patch} (95%) diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec index e1cdb8e..c0885bb 100644 --- a/CryptoPkg/CryptoPkg.dec +++ b/CryptoPkg/CryptoPkg.dec @@ -24,7 +24,7 @@ [Defines] [Includes] Include - Library/OpensslLib/openssl-1.0.2g/include + Library/OpensslLib/openssl-1.0.2h/include [LibraryClasses] ## @libraryclass Provides basic library functions for cryptographic primitives. diff --git a/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2g.patch b/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2h.patch similarity index 95% rename from
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2016-07-01 09:51:44 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2016-06-07 23:47:28.0 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2016-07-01 09:51:46.0 +0200 @@ -1,0 +2,12 @@ +Tue Jun 14 03:16:27 UTC 2016 - g...@suse.com + +- Generate the varstore template for AArch64 (bsc#983747, + bsc#981836) + +--- +Mon Jun 6 13:20:59 UTC 2016 - jeng...@inai.de + +- Keep %prep minimal to shorten quilt setup run. + Adjust RPM group. Drop redundant 4th defattr argument. + +--- Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.KJ3Ka7/_old 2016-07-01 09:51:47.0 +0200 +++ /var/tmp/diff_new_pack.KJ3Ka7/_new 2016-07-01 09:51:48.0 +0200 @@ -120,7 +120,7 @@ %package -n qemu-ovmf-x86_64-debug Summary:Open Virtual Machine Firmware - debug symbols (x86_64) -Group: System/Emulators/PC +Group: Development/Debug Requires: qemu %description -n qemu-ovmf-x86_64-debug @@ -178,11 +178,13 @@ # Intel has special patches for openssl pushd CryptoPkg/Library/OpensslLib/openssl-%{openssl_version} patch -p1 -i ../EDKII_openssl-%{openssl_version}.patch -cd .. -./Install.sh popd %build +pushd CryptoPkg/Library/OpensslLib/ +./Install.sh +popd + OVMF_FLAGS="-D FD_SIZE_2MB -D SECURE_BOOT_ENABLE -D NETWORK_IP6_ENABLE -D HTTP_BOOT_ENABLE" %if 0%{?suse_version} > 1320 @@ -325,6 +327,9 @@ %else %ifarch aarch64 cp Build/ArmVirtQemu-AARCH64/RELEASE_GCC*/FV/QEMU_EFI.fd qemu-uefi-aarch64.bin +dd of="aavmf-aarch64-code.bin" if="/dev/zero" bs=1M count=64 +dd of="aavmf-aarch64-code.bin" if="qemu-uefi-aarch64.bin" conv=notrunc +dd of="aavmf-aarch64-vars.bin" if="/dev/zero" bs=1M count=64 %else %ifarch %arm cp Build/ArmVirtQemu-ARM/RELEASE_GCC*/FV/QEMU_EFI.fd qemu-uefi-aarch32.bin @@ -366,6 +371,8 @@ %ifarch aarch64 tr -d '\r' < ArmPlatformPkg/License.txt > License.txt install -m 0644 -D qemu-uefi-aarch64.bin %{buildroot}/%{_datadir}/qemu/qemu-uefi-aarch64.bin +install -m 0644 -D aavmf-aarch64-code.bin %{buildroot}/%{_datadir}/qemu/aavmf-aarch64-code.bin +install -m 0644 -D aavmf-aarch64-vars.bin %{buildroot}/%{_datadir}/qemu/aavmf-aarch64-vars.bin %else %ifarch %arm tr -d '\r' < ArmPlatformPkg/License.txt > License.txt @@ -376,17 +383,17 @@ %endif #ix86 %files -%defattr(-,root,root,-) +%defattr(-,root,root) %doc README %files tools -%defattr(-,root,root,-) +%defattr(-,root,root) %doc BaseTools/UserManuals/EfiRom_Utility_Man_Page.rtf %{_bindir}/EfiRom %ifarch %ix86 %files -n qemu-ovmf-ia32 -%defattr(-,root,root,-) +%defattr(-,root,root) %doc License.txt License-fat-driver.txt %dir %{_datadir}/qemu/ %{_datadir}/qemu/ovmf-ia32*.bin @@ -394,13 +401,13 @@ %ifarch x86_64 %files -n qemu-ovmf-x86_64 -%defattr(-,root,root,-) +%defattr(-,root,root) %doc License.txt License-fat-driver.txt %dir %{_datadir}/qemu/ %{_datadir}/qemu/ovmf-x86_64*.bin %files -n qemu-ovmf-x86_64-debug -%defattr(-,root,root,-) +%defattr(-,root,root) %{_datadir}/ovmf-x86_64/ %dir /usr/lib/debug/ /usr/lib/debug/ovmf-x86_64* @@ -410,15 +417,17 @@ %ifarch aarch64 %files -n qemu-uefi-aarch64 -%defattr(-,root,root,-) +%defattr(-,root,root) %doc License.txt License-fat-driver.txt %dir %{_datadir}/qemu/ %{_datadir}/qemu/qemu-uefi-aarch64.bin +%{_datadir}/qemu/aavmf-aarch64-code.bin +%{_datadir}/qemu/aavmf-aarch64-vars.bin %endif %ifarch %arm %files -n qemu-uefi-aarch32 -%defattr(-,root,root,-) +%defattr(-,root,root) %doc License.txt License-fat-driver.txt %dir %{_datadir}/qemu/ %{_datadir}/qemu/qemu-uefi-aarch32.bin
commit ovmf for openSUSE:Factory
Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2016-06-07 23:47:27 Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) Package is "ovmf" Changes: --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes2016-05-25 21:28:43.0 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2016-06-07 23:47:28.0 +0200 @@ -1,0 +2,7 @@ +Fri Jun 3 03:08:39 UTC 2016 - g...@suse.com + +- Add ovmf-bsc982193-dont-restore-readonly-var.patch and + ovmf-bsc982193-connect-xen-drivers.patch to fix the file-based + NvVars restoring. (bsc#982193) + +--- New: ovmf-bsc982193-connect-xen-drivers.patch ovmf-bsc982193-dont-restore-readonly-var.patch Other differences: -- ++ ovmf.spec ++ --- /var/tmp/diff_new_pack.WKqNRP/_old 2016-06-07 23:47:29.0 +0200 +++ /var/tmp/diff_new_pack.WKqNRP/_new 2016-06-07 23:47:29.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package ovmf # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,6 +15,7 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + # needssslcertforbuild %undefine _build_create_debug @@ -51,11 +52,13 @@ Patch5: %{name}-dxe-10mb.patch Patch6: %{name}-bsc976253-postpone-shell.patch Patch7: %{name}-bsc980635-fix-http-crash.patch +Patch8: %{name}-bsc982193-dont-restore-readonly-var.patch +Patch9: %{name}-bsc982193-connect-xen-drivers.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: libuuid-devel BuildRequires: fdupes BuildRequires: gcc BuildRequires: gcc-c++ +BuildRequires: libuuid-devel BuildRequires: python %ifnarch aarch64 %arm BuildRequires: iasl @@ -170,6 +173,8 @@ %patch5 -p1 %patch6 -p1 %patch7 -p1 +%patch8 -p1 +%patch9 -p1 # Intel has special patches for openssl pushd CryptoPkg/Library/OpensslLib/openssl-%{openssl_version} patch -p1 -i ../EDKII_openssl-%{openssl_version}.patch ++ ovmf-bsc982193-connect-xen-drivers.patch ++ >From da2369d21d2e57a0de8fa7ae954812122c87326e Mon Sep 17 00:00:00 2001 From: Gary LinDate: Wed, 1 Jun 2016 18:26:20 +0800 Subject: [PATCH] OvmfPkg/PlatformBootManagerLib: Connect the Xen drivers before loading NvVars When OVMF tried to load the file-based NvVars, it checked all the PCI instances and connected the drivers to the mass storage device. However, Xen registered its PCI device with a special class id (0xFF80), so ConnectRecursivelyIfPciMassStorage() couldn't recognize it and skipped the driver connecting for Xen PCI devices. In the end, the Xen block device wasn't initialized until EfiBootManagerConnectAll() was called, and it's already too late to load NvVars. This commit connects the Xen drivers in ConnectRecursivelyIfPciMassStorage() so that Xen can use the file-based NvVars. v3: * Introduce XenDetected() to cache the result of Xen detection instead of relying on PcdPciDisableBusEnumeration. v2: * Cosmetic changes Cc: Jordan Justen Cc: Laszlo Ersek Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gary Lin Reviewed-by: Jordan Justen --- .../Library/PlatformBootManagerLib/BdsPlatform.c | 41 -- .../PlatformBootManagerLib.inf | 1 + 2 files changed, 40 insertions(+), 2 deletions(-) diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c index befcc57..912c5ed 100644 --- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c +++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c @@ -13,6 +13,7 @@ **/ #include "BdsPlatform.h" +#include #include @@ -1037,6 +1038,37 @@ PciAcpiInitialization ( IoOr16 ((PciRead32 (Pmba) & ~BIT0) + 4, BIT0); } +/** + This function detects if OVMF is running on Xen. + +**/ +STATIC +BOOLEAN +XenDetected ( + VOID + ) +{ + EFI_HOB_GUID_TYPE *GuidHob; + STATIC INTN FoundHob = -1; + + if (FoundHob == 0) { +return FALSE; + } else if (FoundHob == 1) { +return TRUE; + } + + // + // See if a XenInfo HOB is available + // + GuidHob = GetFirstGuidHob (); + if (GuidHob == NULL) { +FoundHob = 0; +return FALSE; + } + + FoundHob = 1; + return TRUE; +} EFI_STATUS EFIAPI @@ -1050,7 +1082,11