diff --git a/.edk2.metadata b/.edk2.metadata
index abc14ec..7618d45 100644
--- a/.edk2.metadata
+++ b/.edk2.metadata
@@ -1,2 +1,2 @@
-b44cc7e0fda9dd4121d935975520b7cbd26ee4d0 SOURCES/edk2-ee3198e672e2.tar.xz
-906190b6a6a794da4c1ccb7fc1c05bf97ddde77a SOURCES/openssl-fedora-264133c642cdb6fc916f1d9bba9db4cb4cd4a17c.tar.xz
+87a87bbfca0e751b2840f74b0612e2f0dad70535 SOURCES/edk2-89910a39dcfd.tar.xz
+f0655dec5d8d815956bab417fcdb25e6da7e21b8 SOURCES/openssl-fedora-d2ede125556ac99aa0faa7744c703af3f559094e.tar.xz
diff --git a/.gitignore b/.gitignore
index 21c5827..549c44d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
-SOURCES/edk2-ee3198e672e2.tar.xz
-SOURCES/openssl-fedora-264133c642cdb6fc916f1d9bba9db4cb4cd4a17c.tar.xz
+SOURCES/edk2-89910a39dcfd.tar.xz
+SOURCES/openssl-fedora-d2ede125556ac99aa0faa7744c703af3f559094e.tar.xz
diff --git a/SOURCES/0003-advertise-OpenSSL-on-TianoCore-splash-screen-boot-lo.patch b/SOURCES/0003-advertise-OpenSSL-on-TianoCore-splash-screen-boot-lo.patch
index d9d971b..cf06037 100644
--- a/SOURCES/0003-advertise-OpenSSL-on-TianoCore-splash-screen-boot-lo.patch
+++ b/SOURCES/0003-advertise-OpenSSL-on-TianoCore-splash-screen-boot-lo.patch
@@ -1,8 +1,27 @@
-From 8e8ea8811e269cdb31103c70fcd91d2dcfb1755d Mon Sep 17 00:00:00 2001
+From 727c11ecd9f34990312e14f239e6238693619849 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 11 Jun 2014 23:33:33 +0200
Subject: advertise OpenSSL on TianoCore splash screen / boot logo (RHEL only)
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- Upstream edk2 removed the obsoleted network drivers in MdeModulePkg. The
+ OvmfPkg platforms were adapted in commit d2f1f6423bd1 ("OvmfPkg: Replace
+ obsoleted network drivers from platform DSC/FDF.", 2018-11-06). The
+ ArmVirtPkg platforms were adapted in commit 9a67ba261fe9 ("ArmVirtPkg:
+ Replace obsoleted network drivers from platform DSC/FDF.", 2018-12-14).
+
+ Consequently, because the NetworkPkg iSCSI driver requires OpenSSL
+ unconditionally, as explained in
+ <https://bugzilla.tianocore.org/show_bug.cgi?id=1278#c3>, this patch now
+ builds LogoOpenSSLDxe unconditionally, squashing and updating previous
+ downstream commits
+
+ - 8e8ea8811e26 advertise OpenSSL on TianoCore splash screen / boot logo
+ (RHEL only)
+ - 02ed2c501cdd advertise OpenSSL due to IPv6 enablement too (RHEL only)
+
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
@@ -103,71 +122,64 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 32192c62e289f261f5ce74acee48e5a94561f10b)
(cherry picked from commit 33a710cd613c2ca7d534b8401e2f9f2178af05be)
(cherry picked from commit 0b2d90347cb016cc71c2de62e941a2a4ab0f35a3)
+(cherry picked from commit 8e8ea8811e269cdb31103c70fcd91d2dcfb1755d)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
- ArmVirtPkg/ArmVirtQemu.dsc | 4 +++
- ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 4 +++
- ArmVirtPkg/ArmVirtQemuKernel.dsc | 4 +++
+ ArmVirtPkg/ArmVirtQemu.dsc | 2 +-
+ ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 2 +-
+ ArmVirtPkg/ArmVirtQemuKernel.dsc | 2 +-
MdeModulePkg/Logo/Logo-OpenSSL.bmp | Bin 0 -> 156342 bytes
- MdeModulePkg/Logo/Logo-OpenSSL.idf | 15 +++++++++
- MdeModulePkg/Logo/LogoOpenSSLDxe.inf | 61 +++++++++++++++++++++++++++++++++++
- MdeModulePkg/Logo/LogoOpenSSLDxe.uni | 22 +++++++++++++
- OvmfPkg/OvmfPkgIa32.dsc | 4 +++
- OvmfPkg/OvmfPkgIa32.fdf | 4 +++
- OvmfPkg/OvmfPkgIa32X64.dsc | 4 +++
- OvmfPkg/OvmfPkgIa32X64.fdf | 4 +++
- OvmfPkg/OvmfPkgX64.dsc | 4 +++
- OvmfPkg/OvmfPkgX64.fdf | 4 +++
- 13 files changed, 134 insertions(+)
+ MdeModulePkg/Logo/Logo-OpenSSL.idf | 15 +++++++
+ MdeModulePkg/Logo/LogoOpenSSLDxe.inf | 61 +++++++++++++++++++++++++++
+ MdeModulePkg/Logo/LogoOpenSSLDxe.uni | 22 ++++++++++
+ OvmfPkg/OvmfPkgIa32.dsc | 2 +-
+ OvmfPkg/OvmfPkgIa32.fdf | 2 +-
+ OvmfPkg/OvmfPkgIa32X64.dsc | 2 +-
+ OvmfPkg/OvmfPkgIa32X64.fdf | 2 +-
+ OvmfPkg/OvmfPkgX64.dsc | 2 +-
+ OvmfPkg/OvmfPkgX64.fdf | 2 +-
+ 13 files changed, 107 insertions(+), 9 deletions(-)
create mode 100644 MdeModulePkg/Logo/Logo-OpenSSL.bmp
create mode 100644 MdeModulePkg/Logo/Logo-OpenSSL.idf
create mode 100644 MdeModulePkg/Logo/LogoOpenSSLDxe.inf
create mode 100644 MdeModulePkg/Logo/LogoOpenSSLDxe.uni
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
-index d74feb7..7331597 100644
+index a77d71bcea..f2e5125494 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
-@@ -329,7 +329,11 @@
+@@ -347,7 +347,7 @@
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf
MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
-+!if $(SECURE_BOOT_ENABLE) == TRUE
+- MdeModulePkg/Logo/LogoDxe.inf
+ MdeModulePkg/Logo/LogoOpenSSLDxe.inf
-+!else
- MdeModulePkg/Logo/LogoDxe.inf
-+!endif
MdeModulePkg/Application/UiApp/UiApp.inf {
<LibraryClasses>
NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
-index 89f95b2..8941b7f 100644
+index 098d40b61b..ab799ca67f 100644
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
-@@ -191,7 +191,11 @@ READ_LOCK_STATUS = TRUE
+@@ -203,7 +203,7 @@ READ_LOCK_STATUS = TRUE
#
# TianoCore logo (splash screen)
#
-+!if $(SECURE_BOOT_ENABLE) == TRUE
+- INF MdeModulePkg/Logo/LogoDxe.inf
+ INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf
-+!else
- INF MdeModulePkg/Logo/LogoDxe.inf
-+!endif
#
# Ramdisk support
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
-index 1e823ae..1981aae 100644
+index 1e5388ae70..d2b3f24394 100644
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
-@@ -318,7 +318,11 @@
+@@ -331,7 +331,7 @@
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf
MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
-+!if $(SECURE_BOOT_ENABLE) == TRUE
+- MdeModulePkg/Logo/LogoDxe.inf
+ MdeModulePkg/Logo/LogoOpenSSLDxe.inf
-+!else
- MdeModulePkg/Logo/LogoDxe.inf
-+!endif
MdeModulePkg/Application/UiApp/UiApp.inf {
<LibraryClasses>
NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf
@@ -393,7 +405,7 @@ HcmV?d00001
diff --git a/MdeModulePkg/Logo/Logo-OpenSSL.idf b/MdeModulePkg/Logo/Logo-OpenSSL.idf
new file mode 100644
-index 0000000..a80de29
+index 0000000000..a80de29a63
--- /dev/null
+++ b/MdeModulePkg/Logo/Logo-OpenSSL.idf
@@ -0,0 +1,15 @@
@@ -414,7 +426,7 @@ index 0000000..a80de29
+#image IMG_LOGO Logo-OpenSSL.bmp
diff --git a/MdeModulePkg/Logo/LogoOpenSSLDxe.inf b/MdeModulePkg/Logo/LogoOpenSSLDxe.inf
new file mode 100644
-index 0000000..2f79d87
+index 0000000000..2f79d873e2
--- /dev/null
+++ b/MdeModulePkg/Logo/LogoOpenSSLDxe.inf
@@ -0,0 +1,61 @@
@@ -481,7 +493,7 @@ index 0000000..2f79d87
+ LogoDxeExtra.uni
diff --git a/MdeModulePkg/Logo/LogoOpenSSLDxe.uni b/MdeModulePkg/Logo/LogoOpenSSLDxe.uni
new file mode 100644
-index 0000000..7227ac3
+index 0000000000..7227ac3910
--- /dev/null
+++ b/MdeModulePkg/Logo/LogoOpenSSLDxe.uni
@@ -0,0 +1,22 @@
@@ -508,101 +520,83 @@ index 0000000..7227ac3
+#string STR_MODULE_DESCRIPTION #language en-US "This module provides the logo bitmap picture (with OpenSSL advertisment) shown on setup screen, through EDKII Platform Logo protocol."
+
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
-index 2d6c4c4..a5bb2b0 100644
+index 5b885590b2..249b1d8dc0 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
-@@ -687,7 +687,11 @@
+@@ -693,7 +693,7 @@
NULL|IntelFrameworkModulePkg/Library/LegacyBootManagerLib/LegacyBootManagerLib.inf
!endif
}
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
+- MdeModulePkg/Logo/LogoDxe.inf
+ MdeModulePkg/Logo/LogoOpenSSLDxe.inf
-+!else
- MdeModulePkg/Logo/LogoDxe.inf
-+!endif
MdeModulePkg/Application/UiApp/UiApp.inf {
<LibraryClasses>
NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
-index 0427ded..f552bc9 100644
+index 4999403ad7..be3d3b4d14 100644
--- a/OvmfPkg/OvmfPkgIa32.fdf
+++ b/OvmfPkg/OvmfPkgIa32.fdf
-@@ -295,7 +295,11 @@ INF ShellPkg/Application/Shell/Shell.inf
- INF RuleOverride = BINARY EdkShellBinPkg/FullShell/FullShell.inf
+@@ -293,7 +293,7 @@ INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
!endif
+ INF ShellPkg/Application/Shell/Shell.inf
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
+-INF MdeModulePkg/Logo/LogoDxe.inf
+INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf
-+!else
- INF MdeModulePkg/Logo/LogoDxe.inf
-+!endif
#
# Network modules
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
-index 43158c5..be8fee9 100644
+index bbf0853ee6..5ec186df4b 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
-@@ -696,7 +696,11 @@
+@@ -702,7 +702,7 @@
NULL|IntelFrameworkModulePkg/Library/LegacyBootManagerLib/LegacyBootManagerLib.inf
!endif
}
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
+- MdeModulePkg/Logo/LogoDxe.inf
+ MdeModulePkg/Logo/LogoOpenSSLDxe.inf
-+!else
- MdeModulePkg/Logo/LogoDxe.inf
-+!endif
MdeModulePkg/Application/UiApp/UiApp.inf {
<LibraryClasses>
NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
-index 6df47f4..ee77ae1 100644
+index d0cc107928..b56160b3bf 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
-@@ -296,7 +296,11 @@ INF ShellPkg/Application/Shell/Shell.inf
- INF RuleOverride = BINARY USE = X64 EdkShellBinPkg/FullShell/FullShell.inf
+@@ -294,7 +294,7 @@ INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
!endif
+ INF ShellPkg/Application/Shell/Shell.inf
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
+-INF MdeModulePkg/Logo/LogoDxe.inf
+INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf
-+!else
- INF MdeModulePkg/Logo/LogoDxe.inf
-+!endif
#
# Network modules
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
-index d1fdf7c..e224b0e 100644
+index d81460f520..29538ade4d 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
-@@ -694,7 +694,11 @@
+@@ -700,7 +700,7 @@
NULL|IntelFrameworkModulePkg/Library/LegacyBootManagerLib/LegacyBootManagerLib.inf
!endif
}
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
+- MdeModulePkg/Logo/LogoDxe.inf
+ MdeModulePkg/Logo/LogoOpenSSLDxe.inf
-+!else
- MdeModulePkg/Logo/LogoDxe.inf
-+!endif
MdeModulePkg/Application/UiApp/UiApp.inf {
<LibraryClasses>
NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
-index 2e2a174..505d25d 100644
+index d0cc107928..b56160b3bf 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
-@@ -296,7 +296,11 @@ INF ShellPkg/Application/Shell/Shell.inf
- INF RuleOverride = BINARY EdkShellBinPkg/FullShell/FullShell.inf
+@@ -294,7 +294,7 @@ INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
!endif
+ INF ShellPkg/Application/Shell/Shell.inf
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
+-INF MdeModulePkg/Logo/LogoDxe.inf
+INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf
-+!else
- INF MdeModulePkg/Logo/LogoDxe.inf
-+!endif
#
# Network modules
--
-1.8.3.1
+2.18.1
diff --git a/SOURCES/0004-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch b/SOURCES/0004-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch
index 3b642b2..d046525 100644
--- a/SOURCES/0004-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch
+++ b/SOURCES/0004-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch
@@ -1,8 +1,13 @@
-From 22c9b4e971c70c69b4adf8eb93133824ccb6426a Mon Sep 17 00:00:00 2001
+From a1260c9122c95bcbef1efc5eebe11902767813c2 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Thu, 20 Feb 2014 22:54:45 +0100
Subject: OvmfPkg: increase max debug message length to 512 (RHEL only)
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- no changes
+
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
@@ -34,12 +39,14 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 29435a32ec9428720c74c454ce9817662e601fb6)
(cherry picked from commit 58e1d1ebb78bfdaf05f4c6e8abf8d4908dfa038a)
(cherry picked from commit 1df2c822c996ad767f2f45570ab2686458f7604a)
+(cherry picked from commit 22c9b4e971c70c69b4adf8eb93133824ccb6426a)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c b/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c
-index 36cde54..c0c4eae 100644
+index 36cde54976..c0c4eaee0f 100644
--- a/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c
+++ b/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c
@@ -27,7 +27,7 @@
@@ -52,5 +59,5 @@ index 36cde54..c0c4eae 100644
/**
Prints a debug message to the debug output device if the specified error level is enabled.
--
-1.8.3.1
+2.18.1
diff --git a/SOURCES/0005-OvmfPkg-QemuVideoDxe-enable-debug-messages-in-VbeShi.patch b/SOURCES/0005-OvmfPkg-QemuVideoDxe-enable-debug-messages-in-VbeShi.patch
index 8b95726..56de229 100644
--- a/SOURCES/0005-OvmfPkg-QemuVideoDxe-enable-debug-messages-in-VbeShi.patch
+++ b/SOURCES/0005-OvmfPkg-QemuVideoDxe-enable-debug-messages-in-VbeShi.patch
@@ -1,8 +1,13 @@
-From 4dd1cc745bc9a8c8b32b5810b40743fed1e36d7e Mon Sep 17 00:00:00 2001
+From bd264265a99c60f45cadaa4109a9db59ae218471 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Thu, 12 Jun 2014 00:17:59 +0200
Subject: OvmfPkg: QemuVideoDxe: enable debug messages in VbeShim (RHEL only)
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- no changes
+
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
@@ -42,13 +47,15 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit ed45b26dbeadd63dd8f2edf627290957d8bbb3b2)
(cherry picked from commit 9a8a034ebc082f86fdbb54dc1303a5059508e14c)
(cherry picked from commit 7046d6040181bb0f76a5ebd680e0dc701c895dba)
+(cherry picked from commit 4dd1cc745bc9a8c8b32b5810b40743fed1e36d7e)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
OvmfPkg/QemuVideoDxe/VbeShim.asm | 2 +-
- OvmfPkg/QemuVideoDxe/VbeShim.h | 481 +++++++++++++++++++++++++--------------
+ OvmfPkg/QemuVideoDxe/VbeShim.h | 481 ++++++++++++++++++++-----------
2 files changed, 308 insertions(+), 175 deletions(-)
diff --git a/OvmfPkg/QemuVideoDxe/VbeShim.asm b/OvmfPkg/QemuVideoDxe/VbeShim.asm
-index 18fa920..f87ed5c 100644
+index 18fa9209d4..f87ed5cf30 100644
--- a/OvmfPkg/QemuVideoDxe/VbeShim.asm
+++ b/OvmfPkg/QemuVideoDxe/VbeShim.asm
@@ -18,7 +18,7 @@
@@ -61,7 +68,7 @@ index 18fa920..f87ed5c 100644
%macro DebugLog 1
%ifdef DEBUG
diff --git a/OvmfPkg/QemuVideoDxe/VbeShim.h b/OvmfPkg/QemuVideoDxe/VbeShim.h
-index cc9b6e1..325d647 100644
+index cc9b6e14cd..325d6478a1 100644
--- a/OvmfPkg/QemuVideoDxe/VbeShim.h
+++ b/OvmfPkg/QemuVideoDxe/VbeShim.h
@@ -517,185 +517,318 @@ STATIC CONST UINT8 mVbeShim[] = {
@@ -558,5 +565,5 @@ index cc9b6e1..325d647 100644
};
#endif
--
-1.8.3.1
+2.18.1
diff --git a/SOURCES/0006-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch b/SOURCES/0006-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch
index ab6086a..d76b4d9 100644
--- a/SOURCES/0006-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch
+++ b/SOURCES/0006-MdeModulePkg-TerminalDxe-add-other-text-resolutions-.patch
@@ -1,8 +1,13 @@
-From 28faeb5f94b4866b9da16cf2a1e4e0fc09a26e37 Mon Sep 17 00:00:00 2001
+From 4e4e15b80a5b2103eadd495ef4a830d46dd4ed51 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 25 Feb 2014 18:40:35 +0100
Subject: MdeModulePkg: TerminalDxe: add other text resolutions (RHEL only)
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- no change
+
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
@@ -83,12 +88,14 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 99dc3720ac86059f60156197328cc433603c536e)
(cherry picked from commit d2066c1748f885043026c51dec1bc8d6d406ae8f)
(cherry picked from commit 1facdd58e946c584a3dc1e5be8f2f837b5a7c621)
+(cherry picked from commit 28faeb5f94b4866b9da16cf2a1e4e0fc09a26e37)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
- .../Universal/Console/TerminalDxe/Terminal.c | 41 ++++++++++++++++++++--
+ .../Universal/Console/TerminalDxe/Terminal.c | 41 +++++++++++++++++--
1 file changed, 38 insertions(+), 3 deletions(-)
diff --git a/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.c b/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.c
-index 66dd3ad..78a1983 100644
+index 66dd3ad550..78a198379a 100644
--- a/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.c
+++ b/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.c
@@ -113,9 +113,44 @@ TERMINAL_DEV mTerminalDevTemplate = {
@@ -140,5 +147,5 @@ index 66dd3ad..78a1983 100644
// New modes can be added here.
//
--
-1.8.3.1
+2.18.1
diff --git a/SOURCES/0007-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch b/SOURCES/0007-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch
index 1ba3a2e..39ea933 100644
--- a/SOURCES/0007-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch
+++ b/SOURCES/0007-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch
@@ -1,9 +1,14 @@
-From 67415982afdc77922aa37496c981adeb4351acdb Mon Sep 17 00:00:00 2001
+From cfccb98d13e955beb0b93b4a75a973f30c273ffc Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 25 Feb 2014 22:40:01 +0100
Subject: MdeModulePkg: TerminalDxe: set xterm resolution on mode change (RH
only)
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- no change
+
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
@@ -42,17 +47,19 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 2909e025db6878723b49644a8a0cf160d07e6444)
(cherry picked from commit b9c5c901f25e48d68eef6e78a4abca00e153f574)
(cherry picked from commit b7f6115b745de8cbc5214b6ede33c9a8558beb90)
+(cherry picked from commit 67415982afdc77922aa37496c981adeb4351acdb)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
- MdeModulePkg/MdeModulePkg.dec | 4 +++
- .../Universal/Console/TerminalDxe/TerminalConOut.c | 30 ++++++++++++++++++++++
- .../Universal/Console/TerminalDxe/TerminalDxe.inf | 2 ++
+ MdeModulePkg/MdeModulePkg.dec | 4 +++
+ .../Console/TerminalDxe/TerminalConOut.c | 30 +++++++++++++++++++
+ .../Console/TerminalDxe/TerminalDxe.inf | 2 ++
3 files changed, 36 insertions(+)
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
-index cc39718..384d901 100644
+index a2130bc439..dcd118ba62 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
-@@ -1914,6 +1914,10 @@
+@@ -1968,6 +1968,10 @@
# @Prompt The address mask when memory encryption is enabled.
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0|UINT64|0x30001047
@@ -64,7 +71,7 @@ index cc39718..384d901 100644
## Specify memory size with page number for PEI code when
# Loading Module at Fixed Address feature is enabled.
diff --git a/MdeModulePkg/Universal/Console/TerminalDxe/TerminalConOut.c b/MdeModulePkg/Universal/Console/TerminalDxe/TerminalConOut.c
-index 5a83431..fbc1e0a 100644
+index 4d7218e415..295e7641a5 100644
--- a/MdeModulePkg/Universal/Console/TerminalDxe/TerminalConOut.c
+++ b/MdeModulePkg/Universal/Console/TerminalDxe/TerminalConOut.c
@@ -13,6 +13,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
@@ -76,10 +83,11 @@ index 5a83431..fbc1e0a 100644
#include "Terminal.h"
//
-@@ -87,6 +89,16 @@ CHAR16 mCursorForwardString[] = { ESC, '[', '0', '0', 'C', 0 };
+@@ -86,6 +88,16 @@ CHAR16 mSetCursorPositionString[] = { ESC, '[', '0', '0', ';', '0', '0', 'H', 0
+ CHAR16 mCursorForwardString[] = { ESC, '[', '0', '0', 'C', 0 };
CHAR16 mCursorBackwardString[] = { ESC, '[', '0', '0', 'D', 0 };
- //
++//
+// Note that this is an ASCII format string, taking two INT32 arguments:
+// rows, columns.
+//
@@ -89,10 +97,9 @@ index 5a83431..fbc1e0a 100644
+#define RESIZE_SEQ_SIZE (sizeof mResizeTextAreaFormatString + 2 * (11 - 2))
+
+
-+//
+ //
// Body of the ConOut functions
//
-
@@ -508,6 +520,24 @@ TerminalConOutSetMode (
return EFI_DEVICE_ERROR;
}
@@ -119,7 +126,7 @@ index 5a83431..fbc1e0a 100644
Status = This->ClearScreen (This);
diff --git a/MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf b/MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
-index 0780296..bd2ba82 100644
+index 15b4ac1c33..a704bc17e5 100644
--- a/MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
+++ b/MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
@@ -60,6 +60,7 @@
@@ -139,5 +146,5 @@ index 0780296..bd2ba82 100644
# [Event]
# # Relative timer event set by UnicodeToEfiKey(), used to be one 2 seconds input timeout.
--
-1.8.3.1
+2.18.1
diff --git a/SOURCES/0008-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch b/SOURCES/0008-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch
index a168378..4e62b6d 100644
--- a/SOURCES/0008-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch
+++ b/SOURCES/0008-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch
@@ -1,8 +1,13 @@
-From 2ebf3cc2ae99275d63bb6efd3c22dec76251a853 Mon Sep 17 00:00:00 2001
+From f9b73437b9b231773c1a20e0c516168817a930a2 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 14 Oct 2015 15:59:06 +0200
Subject: OvmfPkg: take PcdResizeXterm from the QEMU command line (RH only)
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- no change
+
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
@@ -31,6 +36,8 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 8abc2a6ddad25af7e88dc0cf57d55dfb75fbf92d)
(cherry picked from commit b311932d3841c017a0f0fec553edcac365cc2038)
(cherry picked from commit 61914fb81cf624c9028d015533b400b2794e52d3)
+(cherry picked from commit 2ebf3cc2ae99275d63bb6efd3c22dec76251a853)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
OvmfPkg/OvmfPkgIa32.dsc | 1 +
OvmfPkg/OvmfPkgIa32X64.dsc | 1 +
@@ -40,10 +47,10 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
5 files changed, 5 insertions(+)
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
-index a5bb2b0..b577767 100644
+index 249b1d8dc0..3f1da66aab 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
-@@ -530,6 +530,7 @@
+@@ -531,6 +531,7 @@
# ($(SMM_REQUIRE) == FALSE)
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
@@ -52,10 +59,10 @@ index a5bb2b0..b577767 100644
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
-index be8fee9..a6a40be 100644
+index 5ec186df4b..9bb0a4cede 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
-@@ -536,6 +536,7 @@
+@@ -537,6 +537,7 @@
# ($(SMM_REQUIRE) == FALSE)
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
@@ -64,10 +71,10 @@ index be8fee9..a6a40be 100644
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
-index e224b0e..8bd3754 100644
+index 29538ade4d..3b7fc5328c 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
-@@ -535,6 +535,7 @@
+@@ -536,6 +536,7 @@
# ($(SMM_REQUIRE) == FALSE)
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
@@ -76,7 +83,7 @@ index e224b0e..8bd3754 100644
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0
diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c
-index 5a78668..544ac54 100644
+index 22139a64cb..64b8034117 100644
--- a/OvmfPkg/PlatformPei/Platform.c
+++ b/OvmfPkg/PlatformPei/Platform.c
@@ -670,6 +670,7 @@ InitializePlatform (
@@ -86,12 +93,12 @@ index 5a78668..544ac54 100644
+ UPDATE_BOOLEAN_PCD_FROM_FW_CFG (PcdResizeXterm);
}
- AmdSevInitialize ();
+ InstallClearCacheCallback ();
diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf
-index 30ceb4b..016c067 100644
+index 5c8dd0fe6d..035ce249fe 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
-@@ -94,6 +94,7 @@
+@@ -96,6 +96,7 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved
gEfiMdeModulePkgTokenSpaceGuid.PcdPciDisableBusEnumeration
@@ -100,5 +107,5 @@ index 30ceb4b..016c067 100644
gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable
gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack
--
-1.8.3.1
+2.18.1
diff --git a/SOURCES/0009-ArmVirtPkg-QemuFwCfgLib-allow-UEFI_DRIVER-client-mod.patch b/SOURCES/0009-ArmVirtPkg-QemuFwCfgLib-allow-UEFI_DRIVER-client-mod.patch
index e527385..c346ac8 100644
--- a/SOURCES/0009-ArmVirtPkg-QemuFwCfgLib-allow-UEFI_DRIVER-client-mod.patch
+++ b/SOURCES/0009-ArmVirtPkg-QemuFwCfgLib-allow-UEFI_DRIVER-client-mod.patch
@@ -1,8 +1,13 @@
-From 762595334aa7ce88412cc77e136db9b41577a699 Mon Sep 17 00:00:00 2001
+From f372886be5f1c41677f168be77c484bae5841361 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 12 Apr 2016 20:50:25 +0200
Subject: ArmVirtPkg: QemuFwCfgLib: allow UEFI_DRIVER client modules (RH only)
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- no change
+
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
@@ -28,12 +33,14 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 5af259a93f4bbee5515ae18638068125e170f2cd)
(cherry picked from commit 22b073005af491eef177ef5f80ffe71c1ebabb03)
(cherry picked from commit f77f1e7dd6013f918c70e089c95b8f4166085fb9)
+(cherry picked from commit 762595334aa7ce88412cc77e136db9b41577a699)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
ArmVirtPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ArmVirtPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf b/ArmVirtPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
-index eff4a21..adf1ff6 100644
+index eff4a21650..adf1ff6c6a 100644
--- a/ArmVirtPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
+++ b/ArmVirtPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
@@ -22,7 +22,7 @@
@@ -46,5 +53,5 @@ index eff4a21..adf1ff6 100644
CONSTRUCTOR = QemuFwCfgInitialize
--
-1.8.3.1
+2.18.1
diff --git a/SOURCES/0010-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch b/SOURCES/0010-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch
index 2d3ab45..15a01b3 100644
--- a/SOURCES/0010-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch
+++ b/SOURCES/0010-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch
@@ -1,8 +1,13 @@
-From 9448b6b46267d8d807fac0c648e693171bb34806 Mon Sep 17 00:00:00 2001
+From 232fcf06f6b3048b7c2ebd6931f23186b3852f04 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Sun, 26 Jul 2015 08:02:50 +0000
Subject: ArmVirtPkg: take PcdResizeXterm from the QEMU command line (RH only)
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- no change
+
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
@@ -33,19 +38,21 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit d4564d39dfdbf74e762af43314005a2c026cb262)
(cherry picked from commit c9081ebe3bcd28e5cce4bf58bd8d4fca12f9af7c)
(cherry picked from commit 8e92730c8e1cdb642b3b3e680e643ff774a90c65)
+(cherry picked from commit 9448b6b46267d8d807fac0c648e693171bb34806)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
- ArmVirtPkg/ArmVirtQemu.dsc | 7 +-
- .../TerminalPcdProducerLib.c | 87 ++++++++++++++++++++++
- .../TerminalPcdProducerLib.inf | 41 ++++++++++
+ ArmVirtPkg/ArmVirtQemu.dsc | 7 +-
+ .../TerminalPcdProducerLib.c | 87 +++++++++++++++++++
+ .../TerminalPcdProducerLib.inf | 41 +++++++++
3 files changed, 134 insertions(+), 1 deletion(-)
create mode 100644 ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.c
create mode 100644 ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
-index 7331597..4bf94ce 100644
+index f2e5125494..9fc78d4e0a 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
-@@ -208,6 +208,8 @@
+@@ -221,6 +221,8 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0
gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE
@@ -54,7 +61,7 @@ index 7331597..4bf94ce 100644
[PcdsDynamicHii]
gArmVirtTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gArmVirtVariableGuid|0x0|FALSE|NV,BS
-@@ -284,7 +286,10 @@
+@@ -297,7 +299,10 @@
MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf
MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf
MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleDxe.inf
@@ -68,7 +75,7 @@ index 7331597..4bf94ce 100644
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
diff --git a/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.c b/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.c
new file mode 100644
-index 0000000..814ad48
+index 0000000000..814ad48199
--- /dev/null
+++ b/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.c
@@ -0,0 +1,87 @@
@@ -161,7 +168,7 @@ index 0000000..814ad48
+}
diff --git a/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf b/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf
new file mode 100644
-index 0000000..fecb37b
+index 0000000000..fecb37bcdf
--- /dev/null
+++ b/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf
@@ -0,0 +1,41 @@
@@ -207,5 +214,5 @@ index 0000000..fecb37b
+[Pcd]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm
--
-1.8.3.1
+2.18.1
diff --git a/SOURCES/0011-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch b/SOURCES/0011-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch
index 14b18d3..b1ada3a 100644
--- a/SOURCES/0011-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch
+++ b/SOURCES/0011-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch
@@ -1,9 +1,17 @@
-From bbd64eb8658e9a33eab4227d9f4e51ad78d9f687 Mon Sep 17 00:00:00 2001
+From 8628ef1b8d675ebec39d83834abbe3c8c8c42cf4 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 4 Nov 2014 23:02:53 +0100
Subject: OvmfPkg: allow exclusion of the shell from the firmware image (RH
only)
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- update the patch against the following upstream commits:
+ - 4b888334d234 ("OvmfPkg: Remove EdkShellBinPkg in FDF", 2018-11-19)
+ - 277a3958d93a ("OvmfPkg: Don't include TftpDynamicCommand in XCODE5
+ tool chain", 2018-11-27)
+
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
@@ -70,6 +78,8 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit d9dd9ee42937b2611fe37183cc9ec7f62d946933)
(cherry picked from commit 23df46ebbe7b09451d3a05034acd4d3a25e7177b)
(cherry picked from commit f0303f71d576c51b01c4ff961b429d0e0e707245)
+(cherry picked from commit bbd64eb8658e9a33eab4227d9f4e51ad78d9f687)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
OvmfPkg/OvmfPkgIa32.fdf | 2 ++
OvmfPkg/OvmfPkgIa32X64.fdf | 2 ++
@@ -77,62 +87,56 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
3 files changed, 6 insertions(+)
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
-index f552bc9..73007dd 100644
+index be3d3b4d14..a545f7c2a6 100644
--- a/OvmfPkg/OvmfPkgIa32.fdf
+++ b/OvmfPkg/OvmfPkgIa32.fdf
-@@ -288,12 +288,14 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
+@@ -288,10 +288,12 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
+!ifndef $(EXCLUDE_SHELL_FROM_FD)
- !ifndef $(USE_OLD_SHELL)
+ !if $(TOOL_CHAIN_TAG) != "XCODE5"
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
- INF ShellPkg/Application/Shell/Shell.inf
- !else
- INF RuleOverride = BINARY EdkShellBinPkg/FullShell/FullShell.inf
!endif
+ INF ShellPkg/Application/Shell/Shell.inf
+!endif
- !if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf
+
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
-index ee77ae1..116b3c6 100644
+index b56160b3bf..fe24e86b92 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
-@@ -289,12 +289,14 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
+@@ -289,10 +289,12 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
+!ifndef $(EXCLUDE_SHELL_FROM_FD)
- !ifndef $(USE_OLD_SHELL)
+ !if $(TOOL_CHAIN_TAG) != "XCODE5"
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
- INF ShellPkg/Application/Shell/Shell.inf
- !else
- INF RuleOverride = BINARY USE = X64 EdkShellBinPkg/FullShell/FullShell.inf
!endif
+ INF ShellPkg/Application/Shell/Shell.inf
+!endif
- !if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf
+
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
-index 505d25d..84d5845 100644
+index b56160b3bf..fe24e86b92 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
-@@ -289,12 +289,14 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
+@@ -289,10 +289,12 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
INF FatPkg/EnhancedFatDxe/Fat.inf
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
+!ifndef $(EXCLUDE_SHELL_FROM_FD)
- !ifndef $(USE_OLD_SHELL)
+ !if $(TOOL_CHAIN_TAG) != "XCODE5"
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
- INF ShellPkg/Application/Shell/Shell.inf
- !else
- INF RuleOverride = BINARY EdkShellBinPkg/FullShell/FullShell.inf
!endif
+ INF ShellPkg/Application/Shell/Shell.inf
+!endif
- !if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf
+
--
-1.8.3.1
+2.18.1
diff --git a/SOURCES/0012-OvmfPkg-EnrollDefaultKeys-application-for-enrolling-.patch b/SOURCES/0012-OvmfPkg-EnrollDefaultKeys-application-for-enrolling-.patch
index 496c697..94613a8 100644
--- a/SOURCES/0012-OvmfPkg-EnrollDefaultKeys-application-for-enrolling-.patch
+++ b/SOURCES/0012-OvmfPkg-EnrollDefaultKeys-application-for-enrolling-.patch
@@ -1,9 +1,14 @@
-From b59ee7769814e207c917615af78c7428bdf3b450 Mon Sep 17 00:00:00 2001
+From 60737ccca40e6b4f11da438892c862b254dbfac9 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 4 Nov 2014 23:02:55 +0100
Subject: OvmfPkg: EnrollDefaultKeys: application for enrolling default keys
(RH only)
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- no change
+
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
@@ -214,19 +219,21 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit c0b2615a9c0b4a4be1bffe45681a32915449279d)
(cherry picked from commit 92424de98ffaf1fa81e6346949b1d2b5f9a637ca)
(cherry picked from commit 98c91b36997e3afc4192449263182fbdcc771a1a)
+(cherry picked from commit b59ee7769814e207c917615af78c7428bdf3b450)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
- OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 1015 +++++++++++++++++++++++
- OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.inf | 52 ++
- OvmfPkg/OvmfPkgIa32.dsc | 4 +
- OvmfPkg/OvmfPkgIa32X64.dsc | 4 +
- OvmfPkg/OvmfPkgX64.dsc | 4 +
+ OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 1015 +++++++++++++++++
+ .../EnrollDefaultKeys/EnrollDefaultKeys.inf | 52 +
+ OvmfPkg/OvmfPkgIa32.dsc | 4 +
+ OvmfPkg/OvmfPkgIa32X64.dsc | 4 +
+ OvmfPkg/OvmfPkgX64.dsc | 4 +
5 files changed, 1079 insertions(+)
create mode 100644 OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
create mode 100644 OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.inf
diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
new file mode 100644
-index 0000000..dd413df
+index 0000000000..dd413df12d
--- /dev/null
+++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
@@ -0,0 +1,1015 @@
@@ -1247,7 +1254,7 @@ index 0000000..dd413df
+}
diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.inf b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.inf
new file mode 100644
-index 0000000..0ad86a2
+index 0000000000..0ad86a2843
--- /dev/null
+++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.inf
@@ -0,0 +1,52 @@
@@ -1304,10 +1311,10 @@ index 0000000..0ad86a2
+ UefiLib
+ UefiRuntimeServicesTableLib
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
-index b577767..4d268c9 100644
+index 3f1da66aab..bc75e03d47 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
-@@ -865,6 +865,10 @@
+@@ -864,6 +864,10 @@
!if $(SECURE_BOOT_ENABLE) == TRUE
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
@@ -1319,10 +1326,10 @@ index b577767..4d268c9 100644
OvmfPkg/PlatformDxe/Platform.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
-index a6a40be..6836622 100644
+index 9bb0a4cede..f630737662 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
-@@ -874,6 +874,10 @@
+@@ -873,6 +873,10 @@
!if $(SECURE_BOOT_ENABLE) == TRUE
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
@@ -1334,10 +1341,10 @@ index a6a40be..6836622 100644
OvmfPkg/PlatformDxe/Platform.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
-index 8bd3754..0b3008f 100644
+index 3b7fc5328c..ac70a0cac1 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
-@@ -872,6 +872,10 @@
+@@ -871,6 +871,10 @@
!if $(SECURE_BOOT_ENABLE) == TRUE
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
@@ -1349,5 +1356,5 @@ index 8bd3754..0b3008f 100644
OvmfPkg/PlatformDxe/Platform.inf
--
-1.8.3.1
+2.18.1
diff --git a/SOURCES/0013-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch b/SOURCES/0013-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch
index fd6d5fa..c85291d 100644
--- a/SOURCES/0013-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch
+++ b/SOURCES/0013-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch
@@ -1,8 +1,13 @@
-From 58755c51d3252312d80cbcb97928d71199c2f5e1 Mon Sep 17 00:00:00 2001
+From c3f07e323e76856f1b42ea7b8c598ba3201c28a2 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 14 Oct 2015 13:49:43 +0200
Subject: ArmPlatformPkg: introduce fixed PCD for early hello message (RH only)
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- no change
+
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
@@ -42,15 +47,17 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 20b1f1cbd0590aa71c6d99d35e23cf08e0707750)
(cherry picked from commit 6734b88cf7abcaf42632e3d2fc469b2169dd2f16)
(cherry picked from commit ef77da632559e9baa1c69869e4cbea377068ef27)
+(cherry picked from commit 58755c51d3252312d80cbcb97928d71199c2f5e1)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
ArmPlatformPkg/ArmPlatformPkg.dec | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/ArmPlatformPkg/ArmPlatformPkg.dec b/ArmPlatformPkg/ArmPlatformPkg.dec
-index dff4598..3c5c6c7 100644
+index 44c00bd0c1..40c8ec3251 100644
--- a/ArmPlatformPkg/ArmPlatformPkg.dec
+++ b/ArmPlatformPkg/ArmPlatformPkg.dec
-@@ -112,6 +112,13 @@
+@@ -114,6 +114,13 @@
## If set, this will swap settings for HDLCD RED_SELECT and BLUE_SELECT registers
gArmPlatformTokenSpaceGuid.PcdArmHdLcdSwapBlueRedSelect|FALSE|BOOLEAN|0x00000045
@@ -65,5 +72,5 @@ index dff4598..3c5c6c7 100644
## PL031 RealTimeClock
gArmPlatformTokenSpaceGuid.PcdPL031RtcBase|0x0|UINT32|0x00000024
--
-1.8.3.1
+2.18.1
diff --git a/SOURCES/0014-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch b/SOURCES/0014-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch
index 9ee5345..fae39ec 100644
--- a/SOURCES/0014-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch
+++ b/SOURCES/0014-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch
@@ -1,9 +1,14 @@
-From f4b7aae411d88b2b83f85d20ef06a4032a57e7de Mon Sep 17 00:00:00 2001
+From bb71490fdda3b38fa9f071d281b863f9b64363bf Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 14 Oct 2015 13:59:20 +0200
Subject: ArmPlatformPkg: PrePeiCore: write early hello message to the serial
port (RH)
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- no change
+
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
@@ -40,6 +45,8 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 742e5bf6d5ce5a1e73879d6e5c0dd00feda7a9ac)
(cherry picked from commit 93d69eb9393cf05af90676253875c59c1bec67fd)
(cherry picked from commit 638594083b191f84f5d9333eb6147a31570f5a5a)
+(cherry picked from commit f4b7aae411d88b2b83f85d20ef06a4032a57e7de)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
ArmPlatformPkg/PrePeiCore/MainMPCore.c | 5 +++++
ArmPlatformPkg/PrePeiCore/MainUniCore.c | 5 +++++
@@ -49,7 +56,7 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
5 files changed, 15 insertions(+)
diff --git a/ArmPlatformPkg/PrePeiCore/MainMPCore.c b/ArmPlatformPkg/PrePeiCore/MainMPCore.c
-index dc47adb..cbd7223 100644
+index dc47adbaff..cbd72232c7 100644
--- a/ArmPlatformPkg/PrePeiCore/MainMPCore.c
+++ b/ArmPlatformPkg/PrePeiCore/MainMPCore.c
@@ -117,6 +117,11 @@ PrimaryMain (
@@ -65,7 +72,7 @@ index dc47adb..cbd7223 100644
// Enable the GIC Distributor
diff --git a/ArmPlatformPkg/PrePeiCore/MainUniCore.c b/ArmPlatformPkg/PrePeiCore/MainUniCore.c
-index 134a469..af39fc0 100644
+index 134a469427..af39fc017c 100644
--- a/ArmPlatformPkg/PrePeiCore/MainUniCore.c
+++ b/ArmPlatformPkg/PrePeiCore/MainUniCore.c
@@ -35,6 +35,11 @@ PrimaryMain (
@@ -81,7 +88,7 @@ index 134a469..af39fc0 100644
// Adjust the Temporary Ram as the new Ppi List (Common + Platform Ppi Lists) is created at
diff --git a/ArmPlatformPkg/PrePeiCore/PrePeiCore.h b/ArmPlatformPkg/PrePeiCore/PrePeiCore.h
-index 1608946..bf843d7 100644
+index 160894620c..bf843d7768 100644
--- a/ArmPlatformPkg/PrePeiCore/PrePeiCore.h
+++ b/ArmPlatformPkg/PrePeiCore/PrePeiCore.h
@@ -21,6 +21,7 @@
@@ -93,7 +100,7 @@ index 1608946..bf843d7 100644
#include <PiPei.h>
#include <Ppi/TemporaryRamSupport.h>
diff --git a/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf b/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf
-index e3a31fa..1bc0c45 100644
+index e3a31fa7c6..1bc0c45420 100644
--- a/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf
+++ b/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf
@@ -72,6 +72,8 @@
@@ -106,7 +113,7 @@ index e3a31fa..1bc0c45 100644
gArmTokenSpaceGuid.PcdGicInterruptInterfaceBase
gArmTokenSpaceGuid.PcdGicSgiIntId
diff --git a/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf b/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf
-index ec83cec..b100820 100644
+index ec83cec2d8..b100820491 100644
--- a/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf
+++ b/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf
@@ -70,4 +70,6 @@
@@ -117,5 +124,5 @@ index ec83cec..b100820 100644
+
gEfiMdeModulePkgTokenSpaceGuid.PcdInitValueInTempStack
--
-1.8.3.1
+2.18.1
diff --git a/SOURCES/0015-ArmVirtPkg-set-early-hello-message-RH-only.patch b/SOURCES/0015-ArmVirtPkg-set-early-hello-message-RH-only.patch
index 7b1268c..849fadc 100644
--- a/SOURCES/0015-ArmVirtPkg-set-early-hello-message-RH-only.patch
+++ b/SOURCES/0015-ArmVirtPkg-set-early-hello-message-RH-only.patch
@@ -1,8 +1,14 @@
-From 2d4db6ec70e004cd9ac147615d17033bee5d3b18 Mon Sep 17 00:00:00 2001
+From fb2032bbea7e02c426855cf86a323556d493fd8a Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 14 Oct 2015 14:07:17 +0200
Subject: ArmVirtPkg: set early hello message (RH only)
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- resolve context conflict with upstream commit eaa1e98ae31d ("ArmVirtPkg:
+ don't set PcdCoreCount", 2019-02-13)
+
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
@@ -34,22 +40,24 @@ Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 179df76dbb0d199bd905236e98775b4059c6502a)
(cherry picked from commit ce3f59d0710c24c162d5222bbf5cd7e36180c80c)
(cherry picked from commit c201a8e6ae28d75f7ba581828b533c3b26fa7f18)
+(cherry picked from commit 2d4db6ec70e004cd9ac147615d17033bee5d3b18)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
ArmVirtPkg/ArmVirtQemu.dsc | 1 +
1 file changed, 1 insertion(+)
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
-index 4bf94ce..035b729 100644
+index 9fc78d4e0a..a4cd66b846 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
-@@ -89,6 +89,7 @@
- gEfiMdeModulePkgTokenSpaceGuid.PcdConOutUgaSupport|FALSE
+@@ -94,6 +94,7 @@
+ gEfiMdeModulePkgTokenSpaceGuid.PcdTurnOffUsbLegacySupport|TRUE
[PcdsFixedAtBuild.common]
+ gArmPlatformTokenSpaceGuid.PcdEarlyHelloMessage|"UEFI firmware starting.\r\n"
- gArmPlatformTokenSpaceGuid.PcdCoreCount|1
!if $(ARCH) == AARCH64
gArmTokenSpaceGuid.PcdVFPEnabled|1
+ !endif
--
-1.8.3.1
+2.18.1
diff --git a/SOURCES/0016-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch b/SOURCES/0016-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch
index 14d4635..d492ddb 100644
--- a/SOURCES/0016-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch
+++ b/SOURCES/0016-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch
@@ -1,8 +1,13 @@
-From 759bd3f591e2db699bdef4c7ea4e97c908e7f027 Mon Sep 17 00:00:00 2001
+From 7e6d5dc4078c64be6d55d8fc3317c59a91507a50 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 21 Nov 2017 00:57:45 +0100
Subject: OvmfPkg: enable DEBUG_VERBOSE (RHEL only)
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- no change
+
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
RHEL-8.0/20180508-ee3198e672e2 rebase:
@@ -32,6 +37,8 @@ Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(this patch was previously applied as commit 78d3ed73172b5738e32d2b0bc03f7984b9584117)
(cherry picked from commit 7aeeaabc9871f657e65d2b99d81011b4964a1ce9)
(cherry picked from commit a0617a6be1a80966099ddceb010f89202a79ee76)
+(cherry picked from commit 759bd3f591e2db699bdef4c7ea4e97c908e7f027)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
OvmfPkg/OvmfPkgIa32.dsc | 2 +-
OvmfPkg/OvmfPkgIa32X64.dsc | 2 +-
@@ -39,10 +46,10 @@ Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
-index 4d268c9..57bf021 100644
+index bc75e03d47..8093e6f000 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
-@@ -481,7 +481,7 @@
+@@ -484,7 +484,7 @@
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
# // significantly impact boot performance
# DEBUG_ERROR 0x80000000 // Error
@@ -52,10 +59,10 @@ index 4d268c9..57bf021 100644
!ifdef $(SOURCE_DEBUG_ENABLE)
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
-index 6836622..0e87c8f 100644
+index f630737662..eca9b4e6db 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
-@@ -486,7 +486,7 @@
+@@ -489,7 +489,7 @@
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
# // significantly impact boot performance
# DEBUG_ERROR 0x80000000 // Error
@@ -65,10 +72,10 @@ index 6836622..0e87c8f 100644
!ifdef $(SOURCE_DEBUG_ENABLE)
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
-index 0b3008f..38ba204 100644
+index ac70a0cac1..3ff9a3181e 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
-@@ -486,7 +486,7 @@
+@@ -489,7 +489,7 @@
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
# // significantly impact boot performance
# DEBUG_ERROR 0x80000000 // Error
@@ -78,5 +85,5 @@ index 0b3008f..38ba204 100644
!ifdef $(SOURCE_DEBUG_ENABLE)
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
--
-1.8.3.1
+2.18.1
diff --git a/SOURCES/0017-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch b/SOURCES/0017-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch
new file mode 100644
index 0000000..777fb22
--- /dev/null
+++ b/SOURCES/0017-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch
@@ -0,0 +1,130 @@
+From b06b87f8ffd4fed4ef7eacb13689a9b6d111f850 Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Tue, 21 Nov 2017 00:57:46 +0100
+Subject: OvmfPkg: silence DEBUG_VERBOSE (0x00400000) in
+ QemuVideoDxe/QemuRamfbDxe (RH)
+
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- Upstream commit 1d25ff51af5c ("OvmfPkg: add QemuRamfbDxe", 2018-06-14)
+ introduced another GOP driver that consumes FrameBufferBltLib, and
+ thereby produces a large number of (mostly useless) debug messages at
+ the DEBUG_VERBOSE level. Extend the patch to suppress those messages in
+ both QemuVideoDxe and QemuRamfbDxe; update the subject accordingly.
+ QemuRamfbDxe itself doesn't log anything at the VERBOSE level (see also
+ the original commit message at the bottom of this downstream patch).
+
+Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
+RHEL-8.0/20180508-ee3198e672e2 rebase:
+
+- reorder the rebase changelog in the commit message so that it reads like
+ a blog: place more recent entries near the top
+- no changes to the patch body
+
+Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
+
+- no changes
+
+Message-id: <20171120235748.29669-6-pbonzini@redhat.com>
+Patchwork-id: 77761
+O-Subject: [PATCH 5/7] OvmfPkg: silence EFI_D_VERBOSE (0x00400000) in
+ QemuVideoDxe (RH only)
+Bugzilla: 1488247
+Acked-by: Laszlo Ersek <lersek@redhat.com>
+Acked-by: Thomas Huth <thuth@redhat.com>
+
+From: Laszlo Ersek <lersek@redhat.com>
+
+In commit 5b2291f9567a ("OvmfPkg: QemuVideoDxe uses
+MdeModulePkg/FrameBufferLib"), QemuVideoDxe was rebased to
+FrameBufferBltLib.
+
+The FrameBufferBltLib instance added in commit b1ca386074bd
+("MdeModulePkg: Add FrameBufferBltLib library instance") logs many
+messages on the VERBOSE level; for example, a normal boot with OVMF can
+produce 500+ "VideoFill" messages, dependent on the progress bar, when the
+VERBOSE bit is set in PcdDebugPrintErrorLevel.
+
+QemuVideoDxe itself doesn't log anything at the VERBOSE level, so we lose
+none of its messages this way.
+
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+(this patch was previously applied as commit 9b0d031dee7e823f6717bab73e422fbc6f0a6c52)
+(cherry picked from commit 9122d5f2e8d8d289064d1e1700cb61964d9931f3)
+(cherry picked from commit 7eb3be1d4ccafc26c11fe5afb95cc12b250ce6f0)
+(cherry picked from commit bd650684712fb840dbcda5d6eaee065bd9e91fa1)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
+---
+ OvmfPkg/OvmfPkgIa32.dsc | 10 ++++++++--
+ OvmfPkg/OvmfPkgIa32X64.dsc | 10 ++++++++--
+ OvmfPkg/OvmfPkgX64.dsc | 10 ++++++++--
+ 3 files changed, 24 insertions(+), 6 deletions(-)
+
+diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
+index 8093e6f000..8f1cf80fe6 100644
+--- a/OvmfPkg/OvmfPkgIa32.dsc
++++ b/OvmfPkg/OvmfPkgIa32.dsc
+@@ -746,8 +746,14 @@
+ MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
+ MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
+
+- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
+- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
++ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
++ <PcdsFixedAtBuild>
++ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
++ }
++ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
++ <PcdsFixedAtBuild>
++ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
++ }
+ OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
+
+ #
+diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
+index eca9b4e6db..62d6d6c406 100644
+--- a/OvmfPkg/OvmfPkgIa32X64.dsc
++++ b/OvmfPkg/OvmfPkgIa32X64.dsc
+@@ -755,8 +755,14 @@
+ MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
+ MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
+
+- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
+- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
++ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
++ <PcdsFixedAtBuild>
++ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
++ }
++ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
++ <PcdsFixedAtBuild>
++ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
++ }
+ OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
+
+ #
+diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
+index 3ff9a3181e..992b141113 100644
+--- a/OvmfPkg/OvmfPkgX64.dsc
++++ b/OvmfPkg/OvmfPkgX64.dsc
+@@ -753,8 +753,14 @@
+ MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
+ MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
+
+- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
+- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
++ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
++ <PcdsFixedAtBuild>
++ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
++ }
++ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
++ <PcdsFixedAtBuild>
++ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
++ }
+ OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
+
+ #
+--
+2.18.1
+
diff --git a/SOURCES/0017-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-QemuVide.patch b/SOURCES/0017-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-QemuVide.patch
deleted file mode 100644
index 1fe8371..0000000
--- a/SOURCES/0017-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-QemuVide.patch
+++ /dev/null
@@ -1,101 +0,0 @@
-From bd650684712fb840dbcda5d6eaee065bd9e91fa1 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonzini@redhat.com>
-Date: Tue, 21 Nov 2017 00:57:46 +0100
-Subject: OvmfPkg: silence EFI_D_VERBOSE (0x00400000) in QemuVideoDxe (RH only)
-
-Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
-RHEL-8.0/20180508-ee3198e672e2 rebase:
-
-- reorder the rebase changelog in the commit message so that it reads like
- a blog: place more recent entries near the top
-- no changes to the patch body
-
-Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
-
-- no changes
-
-Message-id: <20171120235748.29669-6-pbonzini@redhat.com>
-Patchwork-id: 77761
-O-Subject: [PATCH 5/7] OvmfPkg: silence EFI_D_VERBOSE (0x00400000) in
- QemuVideoDxe (RH only)
-Bugzilla: 1488247
-Acked-by: Laszlo Ersek <lersek@redhat.com>
-Acked-by: Thomas Huth <thuth@redhat.com>
-
-From: Laszlo Ersek <lersek@redhat.com>
-
-In commit 5b2291f9567a ("OvmfPkg: QemuVideoDxe uses
-MdeModulePkg/FrameBufferLib"), QemuVideoDxe was rebased to
-FrameBufferBltLib.
-
-The FrameBufferBltLib instance added in commit b1ca386074bd
-("MdeModulePkg: Add FrameBufferBltLib library instance") logs many
-messages on the VERBOSE level; for example, a normal boot with OVMF can
-produce 500+ "VideoFill" messages, dependent on the progress bar, when the
-VERBOSE bit is set in PcdDebugPrintErrorLevel.
-
-QemuVideoDxe itself doesn't log anything at the VERBOSE level, so we lose
-none of its messages this way.
-
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-(this patch was previously applied as commit 9b0d031dee7e823f6717bab73e422fbc6f0a6c52)
-(cherry picked from commit 9122d5f2e8d8d289064d1e1700cb61964d9931f3)
-(cherry picked from commit 7eb3be1d4ccafc26c11fe5afb95cc12b250ce6f0)
----
- OvmfPkg/OvmfPkgIa32.dsc | 5 ++++-
- OvmfPkg/OvmfPkgIa32X64.dsc | 5 ++++-
- OvmfPkg/OvmfPkgX64.dsc | 5 ++++-
- 3 files changed, 12 insertions(+), 3 deletions(-)
-
-diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
-index 57bf021..2b2e874 100644
---- a/OvmfPkg/OvmfPkgIa32.dsc
-+++ b/OvmfPkg/OvmfPkgIa32.dsc
-@@ -744,7 +744,10 @@
- MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
- MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
-
-- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
-+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
-+ <PcdsFixedAtBuild>
-+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
-+ }
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
-
- #
-diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
-index 0e87c8f..892cc5e 100644
---- a/OvmfPkg/OvmfPkgIa32X64.dsc
-+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
-@@ -753,7 +753,10 @@
- MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
- MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
-
-- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
-+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
-+ <PcdsFixedAtBuild>
-+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
-+ }
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
-
- #
-diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
-index 38ba204..e7cb582 100644
---- a/OvmfPkg/OvmfPkgX64.dsc
-+++ b/OvmfPkg/OvmfPkgX64.dsc
-@@ -751,7 +751,10 @@
- MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
- MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
-
-- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
-+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
-+ <PcdsFixedAtBuild>
-+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
-+ }
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
-
- #
---
-1.8.3.1
-
diff --git a/SOURCES/0018-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch b/SOURCES/0018-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch
new file mode 100644
index 0000000..b7d7973
--- /dev/null
+++ b/SOURCES/0018-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch
@@ -0,0 +1,64 @@
+From 76b4ac28e975bd63c25db903a1d42c47b38cc756 Mon Sep 17 00:00:00 2001
+From: Laszlo Ersek <lersek@redhat.com>
+Date: Wed, 27 Jan 2016 03:05:18 +0100
+Subject: ArmVirtPkg: silence DEBUG_VERBOSE (0x00400000) in QemuRamfbDxe (RH
+ only)
+
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- new patch, due to upstream commit c64688f36a8b ("ArmVirtPkg: add
+ QemuRamfbDxe", 2018-06-14)
+
+QemuRamfbDxe uses FrameBufferLib. The FrameBufferBltLib instance added in
+commit b1ca386074bd ("MdeModulePkg: Add FrameBufferBltLib library
+instance") logs many messages on the VERBOSE level; for example, a normal
+boot with ArmVirtQemu[Kernel] can produce 500+ "VideoFill" messages,
+dependent on the progress bar, when the VERBOSE bit is set in
+PcdDebugPrintErrorLevel.
+
+QemuRamfbDxe itself doesn't log anything at the VERBOSE level, so we lose
+none of its messages this way.
+
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
+---
+ ArmVirtPkg/ArmVirtQemu.dsc | 5 ++++-
+ ArmVirtPkg/ArmVirtQemuKernel.dsc | 5 ++++-
+ 2 files changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
+index a4cd66b846..aac4094665 100644
+--- a/ArmVirtPkg/ArmVirtQemu.dsc
++++ b/ArmVirtPkg/ArmVirtQemu.dsc
+@@ -421,7 +421,10 @@
+ #
+ # Video support
+ #
+- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
++ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
++ <PcdsFixedAtBuild>
++ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
++ }
+ OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
+ OvmfPkg/PlatformDxe/Platform.inf
+
+diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
+index d2b3f24394..c9a635e80b 100644
+--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
++++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
+@@ -399,7 +399,10 @@
+ #
+ # Video support
+ #
+- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
++ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
++ <PcdsFixedAtBuild>
++ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
++ }
+ OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
+ OvmfPkg/PlatformDxe/Platform.inf
+
+--
+2.18.1
+
diff --git a/SOURCES/0018-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch b/SOURCES/0018-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch
deleted file mode 100644
index 3bea094..0000000
--- a/SOURCES/0018-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch
+++ /dev/null
@@ -1,92 +0,0 @@
-From 5a27af700f49e00608f232f618dedd7bf5e9b3e6 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonzini@redhat.com>
-Date: Tue, 21 Nov 2017 00:57:47 +0100
-Subject: OvmfPkg: silence EFI_D_VERBOSE (0x00400000) in NvmExpressDxe (RH
- only)
-
-Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
-RHEL-8.0/20180508-ee3198e672e2 rebase:
-
-- reorder the rebase changelog in the commit message so that it reads like
- a blog: place more recent entries near the top
-- no changes to the patch body
-
-Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
-
-- no changes
-
-Message-id: <20171120235748.29669-7-pbonzini@redhat.com>
-Patchwork-id: 77759
-O-Subject: [PATCH 6/7] OvmfPkg: silence EFI_D_VERBOSE (0x00400000) in
- NvmExpressDxe (RH only)
-Bugzilla: 1488247
-Acked-by: Laszlo Ersek <lersek@redhat.com>
-Acked-by: Thomas Huth <thuth@redhat.com>
-
-From: Laszlo Ersek <lersek@redhat.com>
-
-NvmExpressDxe logs all BlockIo read & write calls on the EFI_D_VERBOSE
-level.
-
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-(this patch was previously applied as commit 5f432837b9c60c2929b13dda1a1b488d5c3a6d2f)
-(cherry picked from commit 33e00146eb878588ad1395d7b1ae38f401729da4)
-(cherry picked from commit bd10cabcfcb1bc9a32b05062f4ee3792e27bc2d8)
----
- OvmfPkg/OvmfPkgIa32.dsc | 5 ++++-
- OvmfPkg/OvmfPkgIa32X64.dsc | 5 ++++-
- OvmfPkg/OvmfPkgX64.dsc | 5 ++++-
- 3 files changed, 12 insertions(+), 3 deletions(-)
-
-diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
-index 2b2e874..f6d7833 100644
---- a/OvmfPkg/OvmfPkgIa32.dsc
-+++ b/OvmfPkg/OvmfPkgIa32.dsc
-@@ -738,7 +738,10 @@
- OvmfPkg/SataControllerDxe/SataControllerDxe.inf
- MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
- MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
-- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
-+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
-+ <PcdsFixedAtBuild>
-+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
-+ }
- MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
- MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
- MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
-diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
-index 892cc5e..d6e628b 100644
---- a/OvmfPkg/OvmfPkgIa32X64.dsc
-+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
-@@ -747,7 +747,10 @@
- OvmfPkg/SataControllerDxe/SataControllerDxe.inf
- MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
- MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
-- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
-+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
-+ <PcdsFixedAtBuild>
-+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
-+ }
- MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
- MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
- MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
-diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
-index e7cb582..a9fe89c 100644
---- a/OvmfPkg/OvmfPkgX64.dsc
-+++ b/OvmfPkg/OvmfPkgX64.dsc
-@@ -745,7 +745,10 @@
- OvmfPkg/SataControllerDxe/SataControllerDxe.inf
- MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
- MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
-- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
-+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
-+ <PcdsFixedAtBuild>
-+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
-+ }
- MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
- MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
- MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
---
-1.8.3.1
-
diff --git a/SOURCES/0019-OvmfPkg-PlatformBootManagerLib-connect-consoles-unco.patch b/SOURCES/0019-OvmfPkg-PlatformBootManagerLib-connect-consoles-unco.patch
deleted file mode 100644
index aef16e3..0000000
--- a/SOURCES/0019-OvmfPkg-PlatformBootManagerLib-connect-consoles-unco.patch
+++ /dev/null
@@ -1,222 +0,0 @@
-From fca819227b23a4d0597e3da42d7edce1da8fb0f4 Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Tue, 15 May 2018 12:40:05 +0200
-Subject: OvmfPkg/PlatformBootManagerLib: connect consoles unconditionally
-
-Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
-RHEL-8.0/20180508-ee3198e672e2 rebase:
-
-- reorder the rebase changelog in the commit message so that it reads like
- a blog: place more recent entries near the top
-- no changes to the patch body
-
-Message-id: <20180515104005.12265-2-lersek@redhat.com>
-Patchwork-id: 80268
-O-Subject: [RHEL-7.6 ovmf PATCH 1/1] OvmfPkg/PlatformBootManagerLib: connect
- consoles unconditionally
-Bugzilla: 1577546
-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-
-If both ConIn and ConOut exist, but ConIn references none of the PS/2
-keyboard, the USB wild-card keyboard, and any serial ports, then
-PlatformInitializeConsole() currently allows the boot to proceed without
-any input devices at all. This makes for a bad user experience -- the
-firmware menu could only be entered through OsIndications, set by a guest
-OS.
-
-Do what ArmVirtQemu does already, namely connect the consoles, and add
-them to ConIn / ConOut / ErrOut, unconditionally. (The underlying
-EfiBootManagerUpdateConsoleVariable() function checks for duplicates.)
-
-The issue used to be masked by the EfiBootManagerConnectAll() call that
-got conditionalized in commit 245c643cc8b7.
-
-This patch is best viewed with "git show -b -W".
-
-Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-Cc: Jordan Justen <jordan.l.justen@intel.com>
-Fixes: 245c643cc8b73240c3b88cb55b2911b285a8c10d
-Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1577546
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-(cherry picked from commit f803c03cc2e0b6b0b0bed447a97ea2c61b04ed82)
-(cherry picked from commit 3e05bfc48cd7b2cf4c1cbfc1d0cd2572338fad1e)
----
- .../Library/PlatformBootManagerLib/BdsPlatform.c | 127 +++++++--------------
- 1 file changed, 44 insertions(+), 83 deletions(-)
-
-diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
-index 862fa6eb..004b753 100644
---- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
-+++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
-@@ -26,7 +26,6 @@ VOID *mEfiDevPathNotifyReg;
- EFI_EVENT mEfiDevPathEvent;
- VOID *mEmuVariableEventReg;
- EFI_EVENT mEmuVariableEvent;
--BOOLEAN mDetectVgaOnly;
- UINT16 mHostBridgeDevId;
-
- //
-@@ -830,35 +829,33 @@ DetectAndPreparePlatformPciDevicePath (
- );
- ASSERT_EFI_ERROR (Status);
-
-- if (!mDetectVgaOnly) {
-+ //
-+ // Here we decide whether it is LPC Bridge
-+ //
-+ if ((IS_PCI_LPC (Pci)) ||
-+ ((IS_PCI_ISA_PDECODE (Pci)) &&
-+ (Pci->Hdr.VendorId == 0x8086) &&
-+ (Pci->Hdr.DeviceId == 0x7000)
-+ )
-+ ) {
- //
-- // Here we decide whether it is LPC Bridge
-+ // Add IsaKeyboard to ConIn,
-+ // add IsaSerial to ConOut, ConIn, ErrOut
- //
-- if ((IS_PCI_LPC (Pci)) ||
-- ((IS_PCI_ISA_PDECODE (Pci)) &&
-- (Pci->Hdr.VendorId == 0x8086) &&
-- (Pci->Hdr.DeviceId == 0x7000)
-- )
-- ) {
-- //
-- // Add IsaKeyboard to ConIn,
-- // add IsaSerial to ConOut, ConIn, ErrOut
-- //
-- DEBUG ((EFI_D_INFO, "Found LPC Bridge device\n"));
-- PrepareLpcBridgeDevicePath (Handle);
-- return EFI_SUCCESS;
-- }
-+ DEBUG ((EFI_D_INFO, "Found LPC Bridge device\n"));
-+ PrepareLpcBridgeDevicePath (Handle);
-+ return EFI_SUCCESS;
-+ }
-+ //
-+ // Here we decide which Serial device to enable in PCI bus
-+ //
-+ if (IS_PCI_16550SERIAL (Pci)) {
- //
-- // Here we decide which Serial device to enable in PCI bus
-+ // Add them to ConOut, ConIn, ErrOut.
- //
-- if (IS_PCI_16550SERIAL (Pci)) {
-- //
-- // Add them to ConOut, ConIn, ErrOut.
-- //
-- DEBUG ((EFI_D_INFO, "Found PCI 16550 SERIAL device\n"));
-- PreparePciSerialDevicePath (Handle);
-- return EFI_SUCCESS;
-- }
-+ DEBUG ((EFI_D_INFO, "Found PCI 16550 SERIAL device\n"));
-+ PreparePciSerialDevicePath (Handle);
-+ return EFI_SUCCESS;
- }
-
- //
-@@ -878,26 +875,6 @@ DetectAndPreparePlatformPciDevicePath (
-
-
- /**
-- Do platform specific PCI Device check and add them to ConOut, ConIn, ErrOut
--
-- @param[in] DetectVgaOnly - Only detect VGA device if it's TRUE.
--
-- @retval EFI_SUCCESS - PCI Device check and Console variable update
-- successfully.
-- @retval EFI_STATUS - PCI Device check or Console variable update fail.
--
--**/
--EFI_STATUS
--DetectAndPreparePlatformPciDevicePaths (
-- BOOLEAN DetectVgaOnly
-- )
--{
-- mDetectVgaOnly = DetectVgaOnly;
-- return VisitAllPciInstances (DetectAndPreparePlatformPciDevicePath);
--}
--
--
--/**
- Connect the predefined platform default console device.
-
- Always try to find and enable PCI display devices.
-@@ -910,50 +887,34 @@ PlatformInitializeConsole (
- )
- {
- UINTN Index;
-- EFI_DEVICE_PATH_PROTOCOL *VarConout;
-- EFI_DEVICE_PATH_PROTOCOL *VarConin;
-
- //
-- // Connect RootBridge
-+ // Do platform specific PCI Device check and add them to ConOut, ConIn,
-+ // ErrOut
- //
-- GetEfiGlobalVariable2 (EFI_CON_OUT_VARIABLE_NAME, (VOID **) &VarConout,
-- NULL);
-- GetEfiGlobalVariable2 (EFI_CON_IN_VARIABLE_NAME, (VOID **) &VarConin, NULL);
--
-- if (VarConout == NULL || VarConin == NULL) {
-- //
-- // Do platform specific PCI Device check and add them to ConOut, ConIn,
-- // ErrOut
-- //
-- DetectAndPreparePlatformPciDevicePaths (FALSE);
-+ VisitAllPciInstances (DetectAndPreparePlatformPciDevicePath);
-
-+ //
-+ // Have chance to connect the platform default console,
-+ // the platform default console is the minimum device group
-+ // the platform should support
-+ //
-+ for (Index = 0; PlatformConsole[Index].DevicePath != NULL; ++Index) {
- //
-- // Have chance to connect the platform default console,
-- // the platform default console is the minimum device group
-- // the platform should support
-+ // Update the console variable with the connect type
- //
-- for (Index = 0; PlatformConsole[Index].DevicePath != NULL; ++Index) {
-- //
-- // Update the console variable with the connect type
-- //
-- if ((PlatformConsole[Index].ConnectType & CONSOLE_IN) == CONSOLE_IN) {
-- EfiBootManagerUpdateConsoleVariable (ConIn,
-- PlatformConsole[Index].DevicePath, NULL);
-- }
-- if ((PlatformConsole[Index].ConnectType & CONSOLE_OUT) == CONSOLE_OUT) {
-- EfiBootManagerUpdateConsoleVariable (ConOut,
-- PlatformConsole[Index].DevicePath, NULL);
-- }
-- if ((PlatformConsole[Index].ConnectType & STD_ERROR) == STD_ERROR) {
-- EfiBootManagerUpdateConsoleVariable (ErrOut,
-- PlatformConsole[Index].DevicePath, NULL);
-- }
-+ if ((PlatformConsole[Index].ConnectType & CONSOLE_IN) == CONSOLE_IN) {
-+ EfiBootManagerUpdateConsoleVariable (ConIn,
-+ PlatformConsole[Index].DevicePath, NULL);
-+ }
-+ if ((PlatformConsole[Index].ConnectType & CONSOLE_OUT) == CONSOLE_OUT) {
-+ EfiBootManagerUpdateConsoleVariable (ConOut,
-+ PlatformConsole[Index].DevicePath, NULL);
-+ }
-+ if ((PlatformConsole[Index].ConnectType & STD_ERROR) == STD_ERROR) {
-+ EfiBootManagerUpdateConsoleVariable (ErrOut,
-+ PlatformConsole[Index].DevicePath, NULL);
- }
-- } else {
-- //
-- // Only detect VGA device and add them to ConOut
-- //
-- DetectAndPreparePlatformPciDevicePaths (TRUE);
- }
- }
-
---
-1.8.3.1
-
diff --git a/SOURCES/0019-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch b/SOURCES/0019-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch
new file mode 100644
index 0000000..b61d745
--- /dev/null
+++ b/SOURCES/0019-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch
@@ -0,0 +1,99 @@
+From 58bba429b9ec7b78109940ef945d0dc93f3cd958 Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Tue, 21 Nov 2017 00:57:47 +0100
+Subject: OvmfPkg: silence EFI_D_VERBOSE (0x00400000) in NvmExpressDxe (RH
+ only)
+
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- no change
+
+Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
+RHEL-8.0/20180508-ee3198e672e2 rebase:
+
+- reorder the rebase changelog in the commit message so that it reads like
+ a blog: place more recent entries near the top
+- no changes to the patch body
+
+Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
+
+- no changes
+
+Message-id: <20171120235748.29669-7-pbonzini@redhat.com>
+Patchwork-id: 77759
+O-Subject: [PATCH 6/7] OvmfPkg: silence EFI_D_VERBOSE (0x00400000) in
+ NvmExpressDxe (RH only)
+Bugzilla: 1488247
+Acked-by: Laszlo Ersek <lersek@redhat.com>
+Acked-by: Thomas Huth <thuth@redhat.com>
+
+From: Laszlo Ersek <lersek@redhat.com>
+
+NvmExpressDxe logs all BlockIo read & write calls on the EFI_D_VERBOSE
+level.
+
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+(this patch was previously applied as commit 5f432837b9c60c2929b13dda1a1b488d5c3a6d2f)
+(cherry picked from commit 33e00146eb878588ad1395d7b1ae38f401729da4)
+(cherry picked from commit bd10cabcfcb1bc9a32b05062f4ee3792e27bc2d8)
+(cherry picked from commit 5a27af700f49e00608f232f618dedd7bf5e9b3e6)
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
+---
+ OvmfPkg/OvmfPkgIa32.dsc | 5 ++++-
+ OvmfPkg/OvmfPkgIa32X64.dsc | 5 ++++-
+ OvmfPkg/OvmfPkgX64.dsc | 5 ++++-
+ 3 files changed, 12 insertions(+), 3 deletions(-)
+
+diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
+index 8f1cf80fe6..bbf5e38274 100644
+--- a/OvmfPkg/OvmfPkgIa32.dsc
++++ b/OvmfPkg/OvmfPkgIa32.dsc
+@@ -740,7 +740,10 @@
+ OvmfPkg/SataControllerDxe/SataControllerDxe.inf
+ MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
+ MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
+- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
++ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
++ <PcdsFixedAtBuild>
++ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
++ }
+ MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
+ MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
+ MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
+diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
+index 62d6d6c406..3ec1b916e7 100644
+--- a/OvmfPkg/OvmfPkgIa32X64.dsc
++++ b/OvmfPkg/OvmfPkgIa32X64.dsc
+@@ -749,7 +749,10 @@
+ OvmfPkg/SataControllerDxe/SataControllerDxe.inf
+ MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
+ MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
+- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
++ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
++ <PcdsFixedAtBuild>
++ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
++ }
+ MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
+ MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
+ MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
+diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
+index 992b141113..ea54b4b8e8 100644
+--- a/OvmfPkg/OvmfPkgX64.dsc
++++ b/OvmfPkg/OvmfPkgX64.dsc
+@@ -747,7 +747,10 @@
+ OvmfPkg/SataControllerDxe/SataControllerDxe.inf
+ MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
+ MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
+- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
++ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
++ <PcdsFixedAtBuild>
++ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
++ }
+ MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
+ MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
+ MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
+--
+2.18.1
+
diff --git a/SOURCES/0020-ArmVirtPkg-PlatformBootManagerLib-connect-Virtio-RNG.patch b/SOURCES/0020-ArmVirtPkg-PlatformBootManagerLib-connect-Virtio-RNG.patch
deleted file mode 100644
index 7a4eb0f..0000000
--- a/SOURCES/0020-ArmVirtPkg-PlatformBootManagerLib-connect-Virtio-RNG.patch
+++ /dev/null
@@ -1,215 +0,0 @@
-From 402cfd944f9a6764daec96aef9eec4d2393c3a90 Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Fri, 18 May 2018 21:40:23 +0200
-Subject: ArmVirtPkg/PlatformBootManagerLib: connect Virtio RNG devices again
-
-Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
-RHEL-8.0/20180508-ee3198e672e2 rebase:
-
-- reorder the rebase changelog in the commit message so that it reads like
- a blog: place more recent entries near the top
-- no changes to the patch body
-
-Message-id: <20180518194024.30614-2-lersek@redhat.com>
-Patchwork-id: 80426
-O-Subject: [RHEL-7.6 ovmf PATCH 1/2] ArmVirtPkg/PlatformBootManagerLib: connect
- Virtio RNG devices again
-Bugzilla: 1579518
-Acked-by: Thomas Huth <thuth@redhat.com>
-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
-
-Virtio RNG devices are never boot devices, so in commit ff1d0fbfbaec we
-stopped connecting them. This is a problem because an OS boot loader may
-depend on EFI_RNG_PROTOCOL to seed the OS's RNG.
-
-Connect Virtio RNG devices again. And, while commit ff1d0fbfbaec removed
-that from PlatformBootManagerAfterConsole(), reintroduce it now to
-PlatformBootManagerBeforeConsole() -- this way Driver#### options launched
-between both functions may access EFI_RNG_PROTOCOL too.
-
-Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-Fixes: ff1d0fbfbaec55038ccf888759588fa4e21516f4
-Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1579518
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-(cherry picked from commit c4add6b6e971e0bb3f276ed3636a083e782e96cc)
-(cherry picked from commit 1d33f4bb28e1aa2c4d62979596140c22677a2e9f)
----
- .../Library/PlatformBootManagerLib/PlatformBm.c | 129 +++++++++++++++++++++
- .../PlatformBootManagerLib.inf | 1 +
- 2 files changed, 130 insertions(+)
-
-diff --git a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c
-index 5d5e51d..62cce6a 100644
---- a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c
-+++ b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c
-@@ -16,6 +16,7 @@
- **/
-
- #include <IndustryStandard/Pci22.h>
-+#include <IndustryStandard/Virtio095.h>
- #include <Library/BootLogoLib.h>
- #include <Library/DevicePathLib.h>
- #include <Library/PcdLib.h>
-@@ -27,6 +28,7 @@
- #include <Protocol/LoadedImage.h>
- #include <Protocol/PciIo.h>
- #include <Protocol/PciRootBridgeIo.h>
-+#include <Protocol/VirtioDevice.h>
- #include <Guid/EventGroup.h>
- #include <Guid/RootBridgesConnectedEventGroup.h>
-
-@@ -261,6 +263,121 @@ IsPciDisplay (
-
-
- /**
-+ This FILTER_FUNCTION checks if a handle corresponds to a Virtio RNG device at
-+ the VIRTIO_DEVICE_PROTOCOL level.
-+**/
-+STATIC
-+BOOLEAN
-+EFIAPI
-+IsVirtioRng (
-+ IN EFI_HANDLE Handle,
-+ IN CONST CHAR16 *ReportText
-+ )
-+{
-+ EFI_STATUS Status;
-+ VIRTIO_DEVICE_PROTOCOL *VirtIo;
-+
-+ Status = gBS->HandleProtocol (Handle, &gVirtioDeviceProtocolGuid,
-+ (VOID**)&VirtIo);
-+ if (EFI_ERROR (Status)) {
-+ return FALSE;
-+ }
-+ return (BOOLEAN)(VirtIo->SubSystemDeviceId ==
-+ VIRTIO_SUBSYSTEM_ENTROPY_SOURCE);
-+}
-+
-+
-+/**
-+ This FILTER_FUNCTION checks if a handle corresponds to a Virtio RNG device at
-+ the EFI_PCI_IO_PROTOCOL level.
-+**/
-+STATIC
-+BOOLEAN
-+EFIAPI
-+IsVirtioPciRng (
-+ IN EFI_HANDLE Handle,
-+ IN CONST CHAR16 *ReportText
-+ )
-+{
-+ EFI_STATUS Status;
-+ EFI_PCI_IO_PROTOCOL *PciIo;
-+ UINT16 VendorId;
-+ UINT16 DeviceId;
-+ UINT8 RevisionId;
-+ BOOLEAN Virtio10;
-+ UINT16 SubsystemId;
-+
-+ Status = gBS->HandleProtocol (Handle, &gEfiPciIoProtocolGuid,
-+ (VOID**)&PciIo);
-+ if (EFI_ERROR (Status)) {
-+ return FALSE;
-+ }
-+
-+ //
-+ // Read and check VendorId.
-+ //
-+ Status = PciIo->Pci.Read (PciIo, EfiPciIoWidthUint16, PCI_VENDOR_ID_OFFSET,
-+ 1, &VendorId);
-+ if (EFI_ERROR (Status)) {
-+ goto PciError;
-+ }
-+ if (VendorId != VIRTIO_VENDOR_ID) {
-+ return FALSE;
-+ }
-+
-+ //
-+ // Read DeviceId and RevisionId.
-+ //
-+ Status = PciIo->Pci.Read (PciIo, EfiPciIoWidthUint16, PCI_DEVICE_ID_OFFSET,
-+ 1, &DeviceId);
-+ if (EFI_ERROR (Status)) {
-+ goto PciError;
-+ }
-+ Status = PciIo->Pci.Read (PciIo, EfiPciIoWidthUint8, PCI_REVISION_ID_OFFSET,
-+ 1, &RevisionId);
-+ if (EFI_ERROR (Status)) {
-+ goto PciError;
-+ }
-+
-+ //
-+ // From DeviceId and RevisionId, determine whether the device is a
-+ // modern-only Virtio 1.0 device. In case of Virtio 1.0, DeviceId can
-+ // immediately be restricted to VIRTIO_SUBSYSTEM_ENTROPY_SOURCE, and
-+ // SubsystemId will only play a sanity-check role. Otherwise, DeviceId can
-+ // only be sanity-checked, and SubsystemId will decide.
-+ //
-+ if (DeviceId == 0x1040 + VIRTIO_SUBSYSTEM_ENTROPY_SOURCE &&
-+ RevisionId >= 0x01) {
-+ Virtio10 = TRUE;
-+ } else if (DeviceId >= 0x1000 && DeviceId <= 0x103F && RevisionId == 0x00) {
-+ Virtio10 = FALSE;
-+ } else {
-+ return FALSE;
-+ }
-+
-+ //
-+ // Read and check SubsystemId as dictated by Virtio10.
-+ //
-+ Status = PciIo->Pci.Read (PciIo, EfiPciIoWidthUint16,
-+ PCI_SUBSYSTEM_ID_OFFSET, 1, &SubsystemId);
-+ if (EFI_ERROR (Status)) {
-+ goto PciError;
-+ }
-+ if (Virtio10 && SubsystemId >= 0x40) {
-+ return TRUE;
-+ }
-+ if (!Virtio10 && SubsystemId == VIRTIO_SUBSYSTEM_ENTROPY_SOURCE) {
-+ return TRUE;
-+ }
-+ return FALSE;
-+
-+PciError:
-+ DEBUG ((DEBUG_ERROR, "%a: %s: %r\n", __FUNCTION__, ReportText, Status));
-+ return FALSE;
-+}
-+
-+
-+/**
- This CALLBACK_FUNCTION attempts to connect a handle non-recursively, asking
- the matching driver to produce all first-level child handles.
- **/
-@@ -644,6 +761,18 @@ PlatformBootManagerBeforeConsole (
- // Register platform-specific boot options and keyboard shortcuts.
- //
- PlatformRegisterOptionsAndKeys ();
-+
-+ //
-+ // At this point, VIRTIO_DEVICE_PROTOCOL instances exist only for Virtio MMIO
-+ // transports. Install EFI_RNG_PROTOCOL instances on Virtio MMIO RNG devices.
-+ //
-+ FilterAndProcess (&gVirtioDeviceProtocolGuid, IsVirtioRng, Connect);
-+
-+ //
-+ // Install both VIRTIO_DEVICE_PROTOCOL and (dependent) EFI_RNG_PROTOCOL
-+ // instances on Virtio PCI RNG devices.
-+ //
-+ FilterAndProcess (&gEfiPciIoProtocolGuid, IsVirtioPciRng, Connect);
- }
-
- /**
-diff --git a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
-index 1e22f8b..d6c1ef9 100644
---- a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
-+++ b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
-@@ -83,3 +83,4 @@
- gEfiLoadedImageProtocolGuid
- gEfiPciRootBridgeIoProtocolGuid
- gEfiSimpleFileSystemProtocolGuid
-+ gVirtioDeviceProtocolGuid
---
-1.8.3.1
-
diff --git a/SOURCES/0021-OvmfPkg-PlatformBootManagerLib-connect-Virtio-RNG-de.patch b/SOURCES/0021-OvmfPkg-PlatformBootManagerLib-connect-Virtio-RNG-de.patch
deleted file mode 100644
index 6918750..0000000
--- a/SOURCES/0021-OvmfPkg-PlatformBootManagerLib-connect-Virtio-RNG-de.patch
+++ /dev/null
@@ -1,188 +0,0 @@
-From 3f2be5f30bbd996473e7336b29ac43795d999676 Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Fri, 18 May 2018 21:40:24 +0200
-Subject: OvmfPkg/PlatformBootManagerLib: connect Virtio RNG devices again
-
-Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
-RHEL-8.0/20180508-ee3198e672e2 rebase:
-
-- reorder the rebase changelog in the commit message so that it reads like
- a blog: place more recent entries near the top
-- no changes to the patch body
-
-Message-id: <20180518194024.30614-3-lersek@redhat.com>
-Patchwork-id: 80427
-O-Subject: [RHEL-7.6 ovmf PATCH 2/2] OvmfPkg/PlatformBootManagerLib: connect
- Virtio RNG devices again
-Bugzilla: 1579518
-Acked-by: Thomas Huth <thuth@redhat.com>
-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
-
-Virtio RNG devices are never boot devices, so in commit 245c643cc8b7 we
-stopped connecting them. This is a problem because an OS boot loader may
-depend on EFI_RNG_PROTOCOL to seed the OS's RNG.
-
-Connect Virtio RNG devices again. And, while commit 245c643cc8b7 removed
-that from PlatformBootManagerAfterConsole(), reintroduce it now to
-PlatformBootManagerBeforeConsole() -- this way Driver#### options launched
-between both functions may access EFI_RNG_PROTOCOL too.
-
-Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-Cc: Jordan Justen <jordan.l.justen@intel.com>
-Fixes: 245c643cc8b73240c3b88cb55b2911b285a8c10d
-Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1579518
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-(cherry picked from commit 7ebad830d6ab61f0395f6f4bae4156664bbd8086)
-(cherry picked from commit 4c7e315ccb97dd7c3dc7f38e22b84ffbc4df90e3)
----
- .../Library/PlatformBootManagerLib/BdsPlatform.c | 105 +++++++++++++++++++++
- .../Library/PlatformBootManagerLib/BdsPlatform.h | 1 +
- 2 files changed, 106 insertions(+)
-
-diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
-index 004b753..5d4d323 100644
---- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
-+++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
-@@ -319,6 +319,15 @@ ConnectRootBridge (
- );
-
- STATIC
-+EFI_STATUS
-+EFIAPI
-+ConnectVirtioPciRng (
-+ IN EFI_HANDLE Handle,
-+ IN VOID *Instance,
-+ IN VOID *Context
-+ );
-+
-+STATIC
- VOID
- SaveS3BootScript (
- VOID
-@@ -399,6 +408,13 @@ PlatformBootManagerBeforeConsole (
- ASSERT_RETURN_ERROR (PcdStatus);
-
- PlatformRegisterOptionsAndKeys ();
-+
-+ //
-+ // Install both VIRTIO_DEVICE_PROTOCOL and (dependent) EFI_RNG_PROTOCOL
-+ // instances on Virtio PCI RNG devices.
-+ //
-+ VisitAllInstancesOfProtocol (&gEfiPciIoProtocolGuid, ConnectVirtioPciRng,
-+ NULL);
- }
-
-
-@@ -427,6 +443,95 @@ ConnectRootBridge (
- }
-
-
-+STATIC
-+EFI_STATUS
-+EFIAPI
-+ConnectVirtioPciRng (
-+ IN EFI_HANDLE Handle,
-+ IN VOID *Instance,
-+ IN VOID *Context
-+ )
-+{
-+ EFI_PCI_IO_PROTOCOL *PciIo;
-+ EFI_STATUS Status;
-+ UINT16 VendorId;
-+ UINT16 DeviceId;
-+ UINT8 RevisionId;
-+ BOOLEAN Virtio10;
-+ UINT16 SubsystemId;
-+
-+ PciIo = Instance;
-+
-+ //
-+ // Read and check VendorId.
-+ //
-+ Status = PciIo->Pci.Read (PciIo, EfiPciIoWidthUint16, PCI_VENDOR_ID_OFFSET,
-+ 1, &VendorId);
-+ if (EFI_ERROR (Status)) {
-+ goto Error;
-+ }
-+ if (VendorId != VIRTIO_VENDOR_ID) {
-+ return EFI_SUCCESS;
-+ }
-+
-+ //
-+ // Read DeviceId and RevisionId.
-+ //
-+ Status = PciIo->Pci.Read (PciIo, EfiPciIoWidthUint16, PCI_DEVICE_ID_OFFSET,
-+ 1, &DeviceId);
-+ if (EFI_ERROR (Status)) {
-+ goto Error;
-+ }
-+ Status = PciIo->Pci.Read (PciIo, EfiPciIoWidthUint8, PCI_REVISION_ID_OFFSET,
-+ 1, &RevisionId);
-+ if (EFI_ERROR (Status)) {
-+ goto Error;
-+ }
-+
-+ //
-+ // From DeviceId and RevisionId, determine whether the device is a
-+ // modern-only Virtio 1.0 device. In case of Virtio 1.0, DeviceId can
-+ // immediately be restricted to VIRTIO_SUBSYSTEM_ENTROPY_SOURCE, and
-+ // SubsystemId will only play a sanity-check role. Otherwise, DeviceId can
-+ // only be sanity-checked, and SubsystemId will decide.
-+ //
-+ if (DeviceId == 0x1040 + VIRTIO_SUBSYSTEM_ENTROPY_SOURCE &&
-+ RevisionId >= 0x01) {
-+ Virtio10 = TRUE;
-+ } else if (DeviceId >= 0x1000 && DeviceId <= 0x103F && RevisionId == 0x00) {
-+ Virtio10 = FALSE;
-+ } else {
-+ return EFI_SUCCESS;
-+ }
-+
-+ //
-+ // Read and check SubsystemId as dictated by Virtio10.
-+ //
-+ Status = PciIo->Pci.Read (PciIo, EfiPciIoWidthUint16,
-+ PCI_SUBSYSTEM_ID_OFFSET, 1, &SubsystemId);
-+ if (EFI_ERROR (Status)) {
-+ goto Error;
-+ }
-+ if ((Virtio10 && SubsystemId >= 0x40) ||
-+ (!Virtio10 && SubsystemId == VIRTIO_SUBSYSTEM_ENTROPY_SOURCE)) {
-+ Status = gBS->ConnectController (
-+ Handle, // ControllerHandle
-+ NULL, // DriverImageHandle -- connect all drivers
-+ NULL, // RemainingDevicePath -- produce all child handles
-+ FALSE // Recursive -- don't follow child handles
-+ );
-+ if (EFI_ERROR (Status)) {
-+ goto Error;
-+ }
-+ }
-+ return EFI_SUCCESS;
-+
-+Error:
-+ DEBUG ((DEBUG_ERROR, "%a: %r\n", __FUNCTION__, Status));
-+ return Status;
-+}
-+
-+
- /**
- Add IsaKeyboard to ConIn; add IsaSerial to ConOut, ConIn, ErrOut.
-
-diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.h b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.h
-index 97ffbb5..4948ca6 100644
---- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.h
-+++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.h
-@@ -30,6 +30,7 @@ Abstract:
- #include <IndustryStandard/Acpi.h>
- #include <IndustryStandard/SmBios.h>
- #include <IndustryStandard/PeImage.h>
-+#include <IndustryStandard/Virtio095.h>
-
- #include <Library/DebugLib.h>
- #include <Library/BaseMemoryLib.h>
---
-1.8.3.1
-
diff --git a/SOURCES/0026-Downgrade-CryptoPkg-INF-files-to-OpenSSL-1.1.0i-RH-o.patch b/SOURCES/0026-Downgrade-CryptoPkg-INF-files-to-OpenSSL-1.1.0i-RH-o.patch
new file mode 100644
index 0000000..85ce534
--- /dev/null
+++ b/SOURCES/0026-Downgrade-CryptoPkg-INF-files-to-OpenSSL-1.1.0i-RH-o.patch
@@ -0,0 +1,59 @@
+From d382b66affafe06c7e470e0a2dffbd3634b363f1 Mon Sep 17 00:00:00 2001
+From: Laszlo Ersek <lersek@redhat.com>
+Date: Tue, 19 Mar 2019 15:48:34 +0100
+Subject: Downgrade CryptoPkg INF files to OpenSSL 1.1.0i (RH only)
+
+Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
+RHEL-8.1/20190308-89910a39dcfd rebase:
+
+- new patch, due to upstream commit a18f784cfdbe ("Upgrade OpenSSL to
+ 1.1.0j", 2018-12-21)
+
+Upstream commit a18f784cfdbe (see above) advanced the OpenSSL git
+submodule from upstream OpenSSL commit d4e4bd2a8163 ("Prepare for 1.1.0h
+release", 2018-03-27) to upstream OpenSSL commit 74f2d9c1ec5f ("Prepare
+for 1.1.0j release", 2018-11-20). Meaning, upstream edk2 skipped 1.1.0i.
+
+However, Fedora 28 only offers 1.1.0i at this point (and it will not be
+rebased again until 1.1.0k is released). Therefore hunks in the upstream
+CryptoPkg commit that relate specifically to 1.1.0j have to be backed out.
+
+The only such hunks are the "crypto/getenv.c" additions to the INF files.
+The related upstream OpenSSL change was commit 1abdf08284af ("Use
+secure_getenv(3) when available.", 2018-09-24), part of tag
+"OpenSSL_1_1_0j".
+
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
+---
+ CryptoPkg/Library/OpensslLib/OpensslLib.inf | 1 -
+ CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 1 -
+ 2 files changed, 2 deletions(-)
+
+diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+index 6162d29143..fcb8bfddde 100644
+--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
++++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+@@ -282,7 +282,6 @@
+ $(OPENSSL_PATH)/crypto/evp/pmeth_lib.c
+ $(OPENSSL_PATH)/crypto/evp/scrypt.c
+ $(OPENSSL_PATH)/crypto/ex_data.c
+- $(OPENSSL_PATH)/crypto/getenv.c
+ $(OPENSSL_PATH)/crypto/hmac/hm_ameth.c
+ $(OPENSSL_PATH)/crypto/hmac/hm_pmeth.c
+ $(OPENSSL_PATH)/crypto/hmac/hmac.c
+diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+index b04bf62b4e..99ff89da0e 100644
+--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
++++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+@@ -282,7 +282,6 @@
+ $(OPENSSL_PATH)/crypto/evp/pmeth_lib.c
+ $(OPENSSL_PATH)/crypto/evp/scrypt.c
+ $(OPENSSL_PATH)/crypto/ex_data.c
+- $(OPENSSL_PATH)/crypto/getenv.c
+ $(OPENSSL_PATH)/crypto/hmac/hm_ameth.c
+ $(OPENSSL_PATH)/crypto/hmac/hm_pmeth.c
+ $(OPENSSL_PATH)/crypto/hmac/hmac.c
+--
+2.18.1
+
diff --git a/SOURCES/0027-BaseTools-tools_def-add-fno-unwind-tables-to-GCC_AAR.patch b/SOURCES/0027-BaseTools-tools_def-add-fno-unwind-tables-to-GCC_AAR.patch
deleted file mode 100644
index 080f995..0000000
--- a/SOURCES/0027-BaseTools-tools_def-add-fno-unwind-tables-to-GCC_AAR.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-From 7ef29963526aa451b1101e4b92e47d3028c9035a Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Fri, 18 May 2018 19:20:32 +0200
-Subject: BaseTools/tools_def: add "-fno-unwind-tables" to GCC_AARCH64_CC_FLAGS
-
-Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
-RHEL-8.0/20180508-ee3198e672e2 rebase:
-
-- reorder the rebase changelog in the commit message so that it reads like
- a blog: place more recent entries near the top
-
-- in RHEL-8.0 Alpha, this patch was applied downstream-only, for fixing
- RHBZ#1579525. Since then, the patch has been upstreamed, and now it is
- cherry-picked from upstream.
-
-The ElfConvert routines in GenFw don't handle the ".eh_frame" ELF section
-emitted by gcc. For this reason, Leif disabled the generation of that
-section for AARCH64 with "-fno-asynchronous-unwind-tables" in commit
-28e80befa4fe [1], and Ard did the same for IA32 and X64 in commit
-26ecc55c027d [2]. (The CLANG38 toolchain received the same flag at its
-inception, in commit 6f756db5ea05 [3].)
-
-However, ".eh_frame" is back now; in upstream gcc commit 9cbee213b579 [4]
-(part of tag "gcc-8_1_0-release"), both "-fasynchronous-unwind-tables" and
-"-funwind-tables" were made the default for AARCH64. (The patch author
-described the effects on the gcc mailing list [5].) We have to counter the
-latter flag with "-fno-unwind-tables", otherwise GenFw chokes on
-".eh_frame" again (triggered for example on Fedora 28).
-
-"-f[no-]unwind-tables" goes back to at least gcc-4.4 [6], so it's safe to
-add to GCC_AARCH64_CC_FLAGS.
-
-[1] https://github.com/tianocore/edk2/commit/28e80befa4fe
-[2] https://github.com/tianocore/edk2/commit/26ecc55c027d
-[3] https://github.com/tianocore/edk2/commit/6f756db5ea05
-[4] https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=9cbee213b579
-[5] http://mid.mail-archive.com/7b28c03a-c032-6cec-c127-1c12cbe98eeb@foss.arm.com
-[6] https://gcc.gnu.org/onlinedocs/gcc-4.4.7/gcc/Code-Gen-Options.html
-
-Cc: "Danilo C. L. de Paula" <ddepaula@redhat.com>
-Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-Cc: Cole Robinson <crobinso@redhat.com>
-Cc: Gerd Hoffmann <kraxel@redhat.com>
-Cc: Leif Lindholm <leif.lindholm@linaro.org>
-Cc: Liming Gao <liming.gao@intel.com>
-Cc: Paolo Bonzini <pbonzini@redhat.com>
-Cc: Yonghong Zhu <yonghong.zhu@intel.com>
-Reported-by: "Danilo C. L. de Paula" <ddepaula@redhat.com>
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-Reviewed-by: Liming Gao <liming.gao@intel.com>
-(cherry picked from commit cbf00651eda6818ca3c76115b8a18e3f6b23eef4)
----
- BaseTools/Conf/tools_def.template | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template
-index 03d7000..9429033 100755
---- a/BaseTools/Conf/tools_def.template
-+++ b/BaseTools/Conf/tools_def.template
-@@ -4537,7 +4537,7 @@ DEFINE GCC_X64_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mno-red-zone -Wno-ad
- DEFINE GCC_IPF_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -minline-int-divide-min-latency
- DEFINE GCC_ARM_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mlittle-endian -mabi=aapcs -fno-short-enums -funsigned-char -ffunction-sections -fdata-sections -fomit-frame-pointer -Wno-address -mthumb -mfloat-abi=soft -fno-pic -fno-pie
- DEFINE GCC_ARM_CC_XIPFLAGS = -mno-unaligned-access
--DEFINE GCC_AARCH64_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mlittle-endian -fno-short-enums -fverbose-asm -funsigned-char -ffunction-sections -fdata-sections -Wno-address -fno-asynchronous-unwind-tables -fno-pic -fno-pie -ffixed-x18
-+DEFINE GCC_AARCH64_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mlittle-endian -fno-short-enums -fverbose-asm -funsigned-char -ffunction-sections -fdata-sections -Wno-address -fno-asynchronous-unwind-tables -fno-unwind-tables -fno-pic -fno-pie -ffixed-x18
- DEFINE GCC_AARCH64_CC_XIPFLAGS = -mstrict-align -mgeneral-regs-only
- DEFINE GCC_DLINK_FLAGS_COMMON = -nostdlib --pie
- DEFINE GCC_DLINK2_FLAGS_COMMON = -Wl,--script=$(EDK_TOOLS_PATH)/Scripts/GccBase.lds
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-ArmPkg-DebugPeCoffExtraActionLib-debugger-commands-a.patch b/SOURCES/edk2-ArmPkg-DebugPeCoffExtraActionLib-debugger-commands-a.patch
new file mode 100644
index 0000000..2cef6f5
--- /dev/null
+++ b/SOURCES/edk2-ArmPkg-DebugPeCoffExtraActionLib-debugger-commands-a.patch
@@ -0,0 +1,63 @@
+From 11a1c8085b0edccd3a304f704f47ec5d8ee6255d Mon Sep 17 00:00:00 2001
+From: Philippe Mathieu-Daude <philmd@redhat.com>
+Date: Thu, 1 Aug 2019 20:43:49 +0200
+Subject: [PATCH 3/3] ArmPkg: DebugPeCoffExtraActionLib: debugger commands are
+ not errors
+
+Message-id: <20190801184349.28512-4-philmd@redhat.com>
+Patchwork-id: 89860
+O-Subject: [RHEL-8.1.0 edk2 PATCH v4 3/3] ArmPkg: DebugPeCoffExtraActionLib:
+ debugger commands are not errors
+Bugzilla: 1714446
+Acked-by: Andrew Jones <drjones@redhat.com>
+Acked-by: Laszlo Ersek <lersek@redhat.com>
+
+In commit 1fce963d89f3e we reduced the level of information printed
+by PeCoffLoaderRelocateImageExtraAction() but we did not update the
+similar PeCoffLoaderUnloadImageExtraAction() function.
+
+PeCoffLoaderUnloadImageExtraAction() prints helpful debugger commands
+for source level debugging. These messages should not be printed on the
+EFI_D_ERROR level; they don't report errors. Change the debug level
+(bitmask, actually) to DEBUG_LOAD | DEBUG_INFO, because the messages are
+printed in relation to image loading, and they are informative.
+
+Cc: Leif Lindholm <leif.lindholm@linaro.org>
+Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Reported-by: Andrew Jones <drjones@redhat.com>
+Suggested-by: Laszlo Ersek <lersek@redhat.com>
+Signed-off-by: Philippe Mathieu-Daude <philmd@redhat.com>
+Reviewed-by: Laszlo Ersek <lersek@redhat.com>
+Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
+(cherry picked from commit a6cd7fbac494ed3b2386db1f2a8b1a73f399e940)
+Signed-off-by: Philippe Mathieu-Daude <philmd@redhat.com>
+---
+ .../Library/DebugPeCoffExtraActionLib/DebugPeCoffExtraActionLib.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/ArmPkg/Library/DebugPeCoffExtraActionLib/DebugPeCoffExtraActionLib.c b/ArmPkg/Library/DebugPeCoffExtraActionLib/DebugPeCoffExtraActionLib.c
+index f298e58..895198f 100644
+--- a/ArmPkg/Library/DebugPeCoffExtraActionLib/DebugPeCoffExtraActionLib.c
++++ b/ArmPkg/Library/DebugPeCoffExtraActionLib/DebugPeCoffExtraActionLib.c
+@@ -128,14 +128,14 @@ PeCoffLoaderUnloadImageExtraAction (
+ if (ImageContext->PdbPointer) {
+ #ifdef __CC_ARM
+ // Print out the command for the RVD debugger to load symbols for this image
+- DEBUG ((EFI_D_ERROR, "unload symbols_only %a\n", DeCygwinPathIfNeeded (ImageContext->PdbPointer, Temp, sizeof (Temp))));
++ DEBUG ((DEBUG_LOAD | DEBUG_INFO, "unload symbols_only %a\n", DeCygwinPathIfNeeded (ImageContext->PdbPointer, Temp, sizeof (Temp))));
+ #elif __GNUC__
+ // This may not work correctly if you generate PE/COFF directlyas then the Offset would not be required
+- DEBUG ((EFI_D_ERROR, "remove-symbol-file %a 0x%08x\n", DeCygwinPathIfNeeded (ImageContext->PdbPointer, Temp, sizeof (Temp)), (UINTN)(ImageContext->ImageAddress + ImageContext->SizeOfHeaders)));
++ DEBUG ((DEBUG_LOAD | DEBUG_INFO, "remove-symbol-file %a 0x%08x\n", DeCygwinPathIfNeeded (ImageContext->PdbPointer, Temp, sizeof (Temp)), (UINTN)(ImageContext->ImageAddress + ImageContext->SizeOfHeaders)));
+ #else
+- DEBUG ((EFI_D_ERROR, "Unloading %a\n", ImageContext->PdbPointer));
++ DEBUG ((DEBUG_LOAD | DEBUG_INFO, "Unloading %a\n", ImageContext->PdbPointer));
+ #endif
+ } else {
+- DEBUG ((EFI_D_ERROR, "Unloading driver at 0x%11p\n", (VOID *)(UINTN) ImageContext->ImageAddress));
++ DEBUG ((DEBUG_LOAD | DEBUG_INFO, "Unloading driver at 0x%11p\n", (VOID *)(UINTN) ImageContext->ImageAddress));
+ }
+ }
+--
+1.8.3.1
+
diff --git a/SOURCES/edk2-ArmVirtPkg-ArmVirtQemu-enable-the-IPv6-stack.patch b/SOURCES/edk2-ArmVirtPkg-ArmVirtQemu-enable-the-IPv6-stack.patch
deleted file mode 100644
index aba9574..0000000
--- a/SOURCES/edk2-ArmVirtPkg-ArmVirtQemu-enable-the-IPv6-stack.patch
+++ /dev/null
@@ -1,197 +0,0 @@
-From eff60320e87dcda19a50de4f1ac05af4a5e1b133 Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Wed, 18 Jul 2018 00:18:19 +0200
-Subject: [PATCH 3/6] ArmVirtPkg/ArmVirtQemu: enable the IPv6 stack
-
-Message-id: <20180717221822.13110-3-lersek@redhat.com>
-Patchwork-id: 81375
-O-Subject: [RHEL8/virt212 edk2 PATCH 2/5] ArmVirtPkg/ArmVirtQemu: enable the
- IPv6 stack
-Bugzilla: 1536627
-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
-Acked-by: Wei Huang <wei@redhat.com>
-
-Add the IPv6 stack to ArmVirtQemu with a cumulative port of the following
-OvmfPkg commits:
-
-* 36c6413f76e5 "OvmfPkg: enable the IPv6 support", 2014-12-19
-
-* 96302b80d90e "OvmfPkg: Enable Network2 Shell Commands for IPv6",
- 2016-03-08
-
-* 6d0f8941bdc2 "OvmfPkg: always resolve OpenSslLib, IntrinsicLib and
- BaseCryptLib", 2017-01-17
-
-* 32e22f20c985 "OvmfPkg: correct the IScsiDxe module included for the IPv6
- stack", 2017-01-17
-
-The IPv6-enabled IScsiDxe driver depends on BaseCryptLib, and the
-"CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf" instance depends on
-IntrinsicLib and OpensslLib. This is why commit 6d0f8941bdc2 is relevant.
-
-However, unlike in OvmfPkg, in ArmVirtPkg we'll precisely track the
-firmware features that require these library classes. (The OvmfPkg
-discussion was quite complex, and the OvmfPkg solution was a compromise:
-<http://mid.mail-archive.com/1484569332-13440-1-git-send-email-jiaxin.wu@intel.com>.)
-
-The ArmVirtXen platform is not extended with the relevant drivers because
-currently it doesn't include any networking support.
-
-Cc: Julien Grall <julien.grall@linaro.org>
-Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1007
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-(cherry picked from commit ae08ea246fe9b4a4e05b7ee6cdbd5b0fa38f3f69)
----
- ArmVirtPkg/ArmVirt.dsc.inc | 18 +++++++++++++++---
- ArmVirtPkg/ArmVirtQemu.dsc | 13 ++++++++++++-
- ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 12 +++++++++++-
- ArmVirtPkg/ArmVirtQemuKernel.dsc | 13 ++++++++++++-
- 4 files changed, 50 insertions(+), 6 deletions(-)
-
-diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
-index 2bb8860..f031e81 100644
---- a/ArmVirtPkg/ArmVirt.dsc.inc
-+++ b/ArmVirtPkg/ArmVirt.dsc.inc
-@@ -80,6 +80,9 @@
- DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf
- UdpIoLib|MdeModulePkg/Library/DxeUdpIoLib/DxeUdpIoLib.inf
- IpIoLib|MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.inf
-+!if $(NETWORK_IP6_ENABLE) == TRUE
-+ TcpIoLib|MdeModulePkg/Library/DxeTcpIoLib/DxeTcpIoLib.inf
-+!endif
- !if $(HTTP_BOOT_ENABLE) == TRUE
- HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf
- !endif
-@@ -141,14 +144,20 @@
- XenIoMmioLib|OvmfPkg/Library/XenIoMmioLib/XenIoMmioLib.inf
-
- #
-- # Secure Boot dependencies
-+ # CryptoPkg libraries needed by multiple firmware features
- #
--!if $(SECURE_BOOT_ENABLE) == TRUE
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(NETWORK_IP6_ENABLE) == TRUE)
- IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
- OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
-+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
-+!endif
-+
-+ #
-+ # Secure Boot dependencies
-+ #
-+!if $(SECURE_BOOT_ENABLE) == TRUE
- TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
- AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
-- BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
-
- # re-use the UserPhysicalPresent() dummy implementation from the ovmf tree
- PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
-@@ -403,6 +412,9 @@
- NULL|ShellPkg/Library/UefiShellDebug1CommandsLib/UefiShellDebug1CommandsLib.inf
- NULL|ShellPkg/Library/UefiShellInstall1CommandsLib/UefiShellInstall1CommandsLib.inf
- NULL|ShellPkg/Library/UefiShellNetwork1CommandsLib/UefiShellNetwork1CommandsLib.inf
-+!if $(NETWORK_IP6_ENABLE) == TRUE
-+ NULL|ShellPkg/Library/UefiShellNetwork2CommandsLib/UefiShellNetwork2CommandsLib.inf
-+!endif
- HandleParsingLib|ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.inf
- PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
- BcfgCommandLib|ShellPkg/Library/UefiShellBcfgCommandLib/UefiShellBcfgCommandLib.inf
-diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
-index bb9d7c8..41ff17d 100644
---- a/ArmVirtPkg/ArmVirtQemu.dsc
-+++ b/ArmVirtPkg/ArmVirtQemu.dsc
-@@ -34,6 +34,7 @@
- # -D FLAG=VALUE
- #
- DEFINE SECURE_BOOT_ENABLE = FALSE
-+ DEFINE NETWORK_IP6_ENABLE = FALSE
- DEFINE HTTP_BOOT_ENABLE = FALSE
-
- !include ArmVirtPkg/ArmVirt.dsc.inc
-@@ -353,10 +354,20 @@
- MdeModulePkg/Universal/Network/MnpDxe/MnpDxe.inf
- MdeModulePkg/Universal/Network/VlanConfigDxe/VlanConfigDxe.inf
- MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Dxe.inf
-- MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Dxe.inf
- MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Dxe.inf
-+!if $(NETWORK_IP6_ENABLE) == TRUE
-+ NetworkPkg/Ip6Dxe/Ip6Dxe.inf
-+ NetworkPkg/TcpDxe/TcpDxe.inf
-+ NetworkPkg/Udp6Dxe/Udp6Dxe.inf
-+ NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf
-+ NetworkPkg/Mtftp6Dxe/Mtftp6Dxe.inf
-+ NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf
-+ NetworkPkg/IScsiDxe/IScsiDxe.inf
-+!else
-+ MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Dxe.inf
- MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf
- MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf
-+!endif
- !if $(HTTP_BOOT_ENABLE) == TRUE
- NetworkPkg/DnsDxe/DnsDxe.inf
- NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
-diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
-index 8941b7f..82d9cbd 100644
---- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
-+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
-@@ -125,10 +125,20 @@ READ_LOCK_STATUS = TRUE
- INF MdeModulePkg/Universal/Network/MnpDxe/MnpDxe.inf
- INF MdeModulePkg/Universal/Network/VlanConfigDxe/VlanConfigDxe.inf
- INF MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Dxe.inf
-- INF MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Dxe.inf
- INF MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Dxe.inf
-+!if $(NETWORK_IP6_ENABLE) == TRUE
-+ INF NetworkPkg/Ip6Dxe/Ip6Dxe.inf
-+ INF NetworkPkg/TcpDxe/TcpDxe.inf
-+ INF NetworkPkg/Udp6Dxe/Udp6Dxe.inf
-+ INF NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf
-+ INF NetworkPkg/Mtftp6Dxe/Mtftp6Dxe.inf
-+ INF NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf
-+ INF NetworkPkg/IScsiDxe/IScsiDxe.inf
-+!else
-+ INF MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Dxe.inf
- INF MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf
- INF MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf
-+!endif
- !if $(HTTP_BOOT_ENABLE) == TRUE
- INF NetworkPkg/DnsDxe/DnsDxe.inf
- INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
-diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
-index 9027805..83fc12f 100644
---- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
-+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
-@@ -34,6 +34,7 @@
- # -D FLAG=VALUE
- #
- DEFINE SECURE_BOOT_ENABLE = FALSE
-+ DEFINE NETWORK_IP6_ENABLE = FALSE
- DEFINE HTTP_BOOT_ENABLE = FALSE
-
- !include ArmVirtPkg/ArmVirt.dsc.inc
-@@ -336,10 +337,20 @@
- MdeModulePkg/Universal/Network/MnpDxe/MnpDxe.inf
- MdeModulePkg/Universal/Network/VlanConfigDxe/VlanConfigDxe.inf
- MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Dxe.inf
-- MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Dxe.inf
- MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Dxe.inf
-+!if $(NETWORK_IP6_ENABLE) == TRUE
-+ NetworkPkg/Ip6Dxe/Ip6Dxe.inf
-+ NetworkPkg/TcpDxe/TcpDxe.inf
-+ NetworkPkg/Udp6Dxe/Udp6Dxe.inf
-+ NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf
-+ NetworkPkg/Mtftp6Dxe/Mtftp6Dxe.inf
-+ NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf
-+ NetworkPkg/IScsiDxe/IScsiDxe.inf
-+!else
-+ MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Dxe.inf
- MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf
- MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf
-+!endif
- !if $(HTTP_BOOT_ENABLE) == TRUE
- NetworkPkg/DnsDxe/DnsDxe.inf
- NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-ArmVirtPkg-silence-DEBUG_VERBOSE-masking-0x00400000-.patch b/SOURCES/edk2-ArmVirtPkg-silence-DEBUG_VERBOSE-masking-0x00400000-.patch
new file mode 100644
index 0000000..064bcd2
--- /dev/null
+++ b/SOURCES/edk2-ArmVirtPkg-silence-DEBUG_VERBOSE-masking-0x00400000-.patch
@@ -0,0 +1,57 @@
+From 5a216abaa737195327235e37563b18a6bf2a74dc Mon Sep 17 00:00:00 2001
+From: Philippe Mathieu-Daude <philmd@redhat.com>
+Date: Thu, 1 Aug 2019 20:43:47 +0200
+Subject: [PATCH 1/3] ArmVirtPkg: silence DEBUG_VERBOSE masking ~0x00400000 in
+ QemuRamfbDxe (RH only)
+
+Message-id: <20190801184349.28512-2-philmd@redhat.com>
+Patchwork-id: 89859
+O-Subject: [RHEL-8.1.0 edk2 PATCH v4 1/3] ArmVirtPkg: silence DEBUG_VERBOSE
+ masking ~0x00400000 in QemuRamfbDxe (RH only)
+Bugzilla: 1714446
+Acked-by: Andrew Jones <drjones@redhat.com>
+Acked-by: Laszlo Ersek <lersek@redhat.com>
+
+Commit 76b4ac28e975 introduced a regression, while trying to only clear
+the DEBUG_VERBOSE bit, it also unconditionally sets other bits, normally
+kept clear in the "silent" build.
+
+Fix the macro by masking the cleared bits out.
+
+Reported-by: Andrew Jones <drjones@redhat.com>
+Suggested-by: Laszlo Ersek <lersek@redhat.com>
+Signed-off-by: Philippe Mathieu-Daude <philmd@redhat.com>
+---
+ ArmVirtPkg/ArmVirtQemu.dsc | 2 +-
+ ArmVirtPkg/ArmVirtQemuKernel.dsc | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
+index aac4094..a44477f 100644
+--- a/ArmVirtPkg/ArmVirtQemu.dsc
++++ b/ArmVirtPkg/ArmVirtQemu.dsc
+@@ -423,7 +423,7 @@
+ #
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
++ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|($(DEBUG_PRINT_ERROR_LEVEL)) & 0xFFBFFFFF
+ }
+ OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
+ OvmfPkg/PlatformDxe/Platform.inf
+diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
+index c9a635e..d28ac52 100644
+--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
++++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
+@@ -401,7 +401,7 @@
+ #
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
+ <PcdsFixedAtBuild>
+- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
++ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|($(DEBUG_PRINT_ERROR_LEVEL)) & 0xFFBFFFFF
+ }
+ OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
+ OvmfPkg/PlatformDxe/Platform.inf
+--
+1.8.3.1
+
diff --git a/SOURCES/edk2-ArmVirtPkg-unify-HttpLib-resolutions-in-ArmVirt.dsc..patch b/SOURCES/edk2-ArmVirtPkg-unify-HttpLib-resolutions-in-ArmVirt.dsc..patch
deleted file mode 100644
index bf902a8..0000000
--- a/SOURCES/edk2-ArmVirtPkg-unify-HttpLib-resolutions-in-ArmVirt.dsc..patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From c51468996553e70659b85a24cbdad61a27dac952 Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Wed, 18 Jul 2018 00:18:18 +0200
-Subject: [PATCH 2/6] ArmVirtPkg: unify HttpLib resolutions in
- "ArmVirt.dsc.inc"
-
-Message-id: <20180717221822.13110-2-lersek@redhat.com>
-Patchwork-id: 81376
-O-Subject: [RHEL8/virt212 edk2 PATCH 1/5] ArmVirtPkg: unify HttpLib resolutions
- in "ArmVirt.dsc.inc"
-Bugzilla: 1536627
-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
-Acked-by: Wei Huang <wei@redhat.com>
-
-We already resolve a number of networking-related library classes in
-ArmVirt.dsc.inc; follow suit with HttpLib.
-
-Cc: Julien Grall <julien.grall@linaro.org>
-Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1007
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-(cherry picked from commit 77b702bfa4947caaa6b4b04730820d91bdf07b03)
----
- ArmVirtPkg/ArmVirt.dsc.inc | 3 +++
- ArmVirtPkg/ArmVirtQemu.dsc | 4 ----
- ArmVirtPkg/ArmVirtQemuKernel.dsc | 4 ----
- 3 files changed, 3 insertions(+), 8 deletions(-)
-
-diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
-index 35bccb3d..2bb8860 100644
---- a/ArmVirtPkg/ArmVirt.dsc.inc
-+++ b/ArmVirtPkg/ArmVirt.dsc.inc
-@@ -80,6 +80,9 @@
- DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf
- UdpIoLib|MdeModulePkg/Library/DxeUdpIoLib/DxeUdpIoLib.inf
- IpIoLib|MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.inf
-+!if $(HTTP_BOOT_ENABLE) == TRUE
-+ HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf
-+!endif
-
- #
- # It is not possible to prevent the ARM compiler from inserting calls to intrinsic functions.
-diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
-index 035b729..bb9d7c8 100644
---- a/ArmVirtPkg/ArmVirtQemu.dsc
-+++ b/ArmVirtPkg/ArmVirtQemu.dsc
-@@ -63,10 +63,6 @@
- PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.inf
- PciHostBridgeLib|ArmVirtPkg/Library/FdtPciHostBridgeLib/FdtPciHostBridgeLib.inf
-
--!if $(HTTP_BOOT_ENABLE) == TRUE
-- HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf
--!endif
--
- [LibraryClasses.common.PEIM]
- ArmVirtMemInfoLib|ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoPeiLib.inf
-
-diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
-index 1981aae..9027805 100644
---- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
-+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
-@@ -63,10 +63,6 @@
- PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.inf
- PciHostBridgeLib|ArmVirtPkg/Library/FdtPciHostBridgeLib/FdtPciHostBridgeLib.inf
-
--!if $(HTTP_BOOT_ENABLE) == TRUE
-- HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf
--!endif
--
- [LibraryClasses.common.UEFI_DRIVER]
- UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf
-
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-BaseTools-Add-more-checker-in-Decompress-algorithm-t.patch b/SOURCES/edk2-BaseTools-Add-more-checker-in-Decompress-algorithm-t.patch
deleted file mode 100644
index 2cd5f00..0000000
--- a/SOURCES/edk2-BaseTools-Add-more-checker-in-Decompress-algorithm-t.patch
+++ /dev/null
@@ -1,273 +0,0 @@
-From 29c394f110b1f769e629e8775874261e33d4abd9 Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Wed, 24 Oct 2018 21:03:45 +0200
-Subject: [PATCH 4/4] BaseTools: Add more checker in Decompress algorithm to
- access the valid buffer (CVE FIX)
-
-Message-id: <20181024190345.15288-5-lersek@redhat.com>
-Patchwork-id: 82886
-O-Subject: [RHEL8 edk2 PATCH 4/4] BaseTools: Add more checker in Decompress
- algorithm to access the valid buffer (CVE FIX)
-Bugzilla: 1641445
-1641453
-1641464
-1641469
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-Acked-by: Thomas Huth <thuth@redhat.com>
-
-From: Liming Gao <liming.gao@intel.com>
-
---v-- RHEL8 note start --v--
-
-Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1641445
-Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1641453
-Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1641464
-Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1641469
-
-Unfortunately, the upstream patch series was not structured according to
-the CVE reports. This patch contributes to fixing:
-
-- CVE-2017-5731
-- CVE-2017-5733
-- CVE-2017-5734
-- CVE-2017-5735
-
-but not CVE-2017-5732 (contrarily to the upstream commit message). The
-best I could achieve up-stream was to get the "CVE FIX" expression into
-the subject, and a whole-sale dump of the CVEs into the body. I had not
-been invited to the original (off-list, embargoed) analysis and review.
-
-The differences that "git-backport-diff" reports as "functional" for this
-backport aren't actually functional differences. They are due to
-downstream lacking two upstream commits:
-
-- f7496d717357 ("BaseTools: Clean up source files", 2018-07-09), with the
- "usual" diffstat "289 files changed, 10645 insertions(+), 10645
- deletions(-)";
-
-- more importantly, 472eb3b89682 ("BaseTools: Add --uefi option to enable
- UefiCompress method", 2018-10-13).
-
-(Side note: in upstream, commit 472eb3b89682 was incorrectly reverted as
-part of 1ccc4d895dd8 ("Revert BaseTools: PYTHON3 migration", 2018-10-15),
-but then it was re-applied in f1400101a732.)
-
-In commit 472eb3b89682, the "UEFI" compression/decompression method was
-added to BaseTools, beyond the original "Tiano" method. This caused the
-Tiano method to be indented more deeply, in the main() function of
-"TianoCompress.c". (Also the original Decompress() function was renamed to
-TDecompress().) The CVE fix applies to the "Tiano" method, which RHEL8
-does have, but at a different nesting level. Therefore the changes have
-been backported manually, and the difference in indentation is also why
-"git-backport-diff" thinks the changes are functional.
-
-This backport, once applied, can be diffed against the upstream tree more
-easily as follows:
-
- git diff -b HEAD..041d89bc0f01 -- \
- BaseTools/Source/C/Common/Decompress.c \
- BaseTools/Source/C/TianoCompress/TianoCompress.c
-
---^-- RHEL8 note end --^--
-
-Fix CVE-2017-5731,CVE-2017-5732,CVE-2017-5733,CVE-2017-5734,CVE-2017-5735
-https://bugzilla.tianocore.org/show_bug.cgi?id=686
-
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Holtsclaw Brent <brent.holtsclaw@intel.com>
-Signed-off-by: Liming Gao <liming.gao@intel.com>
-Reviewed-by: Star Zeng <star.zeng@intel.com>
-Acked-by: Laszlo Ersek <lersek@redhat.com>
-(cherry picked from commit 041d89bc0f0119df37a5fce1d0f16495ff905089)
----
- BaseTools/Source/C/Common/Decompress.c | 23 +++++++++++++++++++--
- BaseTools/Source/C/TianoCompress/TianoCompress.c | 26 +++++++++++++++++++++++-
- 2 files changed, 46 insertions(+), 3 deletions(-)
-
-diff --git a/BaseTools/Source/C/Common/Decompress.c b/BaseTools/Source/C/Common/Decompress.c
-index 8f1afb4..bdc10f5 100644
---- a/BaseTools/Source/C/Common/Decompress.c
-+++ b/BaseTools/Source/C/Common/Decompress.c
-@@ -194,12 +194,16 @@ Returns:
- UINT16 Avail;
- UINT16 NextCode;
- UINT16 Mask;
-+ UINT16 MaxTableLength;
-
- for (Index = 1; Index <= 16; Index++) {
- Count[Index] = 0;
- }
-
- for (Index = 0; Index < NumOfChar; Index++) {
-+ if (BitLen[Index] > 16) {
-+ return (UINT16) BAD_TABLE;
-+ }
- Count[BitLen[Index]]++;
- }
-
-@@ -237,6 +241,7 @@ Returns:
-
- Avail = NumOfChar;
- Mask = (UINT16) (1U << (15 - TableBits));
-+ MaxTableLength = (UINT16) (1U << TableBits);
-
- for (Char = 0; Char < NumOfChar; Char++) {
-
-@@ -250,6 +255,9 @@ Returns:
- if (Len <= TableBits) {
-
- for (Index = Start[Len]; Index < NextCode; Index++) {
-+ if (Index >= MaxTableLength) {
-+ return (UINT16) BAD_TABLE;
-+ }
- Table[Index] = Char;
- }
-
-@@ -643,10 +651,14 @@ Returns: (VOID)
-
- BytesRemain--;
- while ((INT16) (BytesRemain) >= 0) {
-- Sd->mDstBase[Sd->mOutBuf++] = Sd->mDstBase[DataIdx++];
- if (Sd->mOutBuf >= Sd->mOrigSize) {
- return ;
- }
-+ if (DataIdx >= Sd->mOrigSize) {
-+ Sd->mBadTableFlag = (UINT16) BAD_TABLE;
-+ return ;
-+ }
-+ Sd->mDstBase[Sd->mOutBuf++] = Sd->mDstBase[DataIdx++];
-
- BytesRemain--;
- }
-@@ -684,6 +696,7 @@ Returns:
- --*/
- {
- UINT8 *Src;
-+ UINT32 CompSize;
-
- *ScratchSize = sizeof (SCRATCH_DATA);
-
-@@ -692,7 +705,13 @@ Returns:
- return EFI_INVALID_PARAMETER;
- }
-
-+ CompSize = Src[0] + (Src[1] << 8) + (Src[2] << 16) + (Src[3] << 24);
- *DstSize = Src[4] + (Src[5] << 8) + (Src[6] << 16) + (Src[7] << 24);
-+
-+ if (SrcSize < CompSize + 8 || (CompSize + 8) < 8) {
-+ return EFI_INVALID_PARAMETER;
-+ }
-+
- return EFI_SUCCESS;
- }
-
-@@ -752,7 +771,7 @@ Returns:
- CompSize = Src[0] + (Src[1] << 8) + (Src[2] << 16) + (Src[3] << 24);
- OrigSize = Src[4] + (Src[5] << 8) + (Src[6] << 16) + (Src[7] << 24);
-
-- if (SrcSize < CompSize + 8) {
-+ if (SrcSize < CompSize + 8 || (CompSize + 8) < 8) {
- return EFI_INVALID_PARAMETER;
- }
-
-diff --git a/BaseTools/Source/C/TianoCompress/TianoCompress.c b/BaseTools/Source/C/TianoCompress/TianoCompress.c
-index 046fb36..d07fd9e 100644
---- a/BaseTools/Source/C/TianoCompress/TianoCompress.c
-+++ b/BaseTools/Source/C/TianoCompress/TianoCompress.c
-@@ -1753,6 +1753,7 @@ Returns:
- SCRATCH_DATA *Scratch;
- UINT8 *Src;
- UINT32 OrigSize;
-+ UINT32 CompSize;
-
- SetUtilityName(UTILITY_NAME);
-
-@@ -1761,6 +1762,7 @@ Returns:
- OutBuffer = NULL;
- Scratch = NULL;
- OrigSize = 0;
-+ CompSize = 0;
- InputLength = 0;
- InputFileName = NULL;
- OutputFileName = NULL;
-@@ -1979,15 +1981,24 @@ Returns:
- if (DebugMode) {
- DebugMsg(UTILITY_NAME, 0, DebugLevel, "Decoding\n", NULL);
- }
-+ if (InputLength < 8){
-+ Error (NULL, 0, 3000, "Invalid", "The input file %s is too small.", InputFileName);
-+ goto ERROR;
-+ }
- //
- // Get Compressed file original size
- //
- Src = (UINT8 *)FileBuffer;
- OrigSize = Src[4] + (Src[5] << 8) + (Src[6] << 16) + (Src[7] << 24);
-+ CompSize = Src[0] + (Src[1] << 8) + (Src[2] <<16) + (Src[3] <<24);
-
- //
- // Allocate OutputBuffer
- //
-+ if (InputLength < CompSize + 8 || (CompSize + 8) < 8) {
-+ Error (NULL, 0, 3000, "Invalid", "The input file %s data is invalid.", InputFileName);
-+ goto ERROR;
-+ }
- OutBuffer = (UINT8 *)malloc(OrigSize);
- if (OutBuffer == NULL) {
- Error (NULL, 0, 4001, "Resource:", "Memory cannot be allocated!");
-@@ -2171,12 +2182,16 @@ Returns:
- UINT16 Mask;
- UINT16 WordOfStart;
- UINT16 WordOfCount;
-+ UINT16 MaxTableLength;
-
- for (Index = 0; Index <= 16; Index++) {
- Count[Index] = 0;
- }
-
- for (Index = 0; Index < NumOfChar; Index++) {
-+ if (BitLen[Index] > 16) {
-+ return (UINT16) BAD_TABLE;
-+ }
- Count[BitLen[Index]]++;
- }
-
-@@ -2220,6 +2235,7 @@ Returns:
-
- Avail = NumOfChar;
- Mask = (UINT16) (1U << (15 - TableBits));
-+ MaxTableLength = (UINT16) (1U << TableBits);
-
- for (Char = 0; Char < NumOfChar; Char++) {
-
-@@ -2233,6 +2249,9 @@ Returns:
- if (Len <= TableBits) {
-
- for (Index = Start[Len]; Index < NextCode; Index++) {
-+ if (Index >= MaxTableLength) {
-+ return (UINT16) BAD_TABLE;
-+ }
- Table[Index] = Char;
- }
-
-@@ -2617,11 +2636,16 @@ Returns: (VOID)
- DataIdx = Sd->mOutBuf - DecodeP (Sd) - 1;
-
- BytesRemain--;
-+
- while ((INT16) (BytesRemain) >= 0) {
-- Sd->mDstBase[Sd->mOutBuf++] = Sd->mDstBase[DataIdx++];
- if (Sd->mOutBuf >= Sd->mOrigSize) {
- goto Done ;
- }
-+ if (DataIdx >= Sd->mOrigSize) {
-+ Sd->mBadTableFlag = (UINT16) BAD_TABLE;
-+ goto Done ;
-+ }
-+ Sd->mDstBase[Sd->mOutBuf++] = Sd->mDstBase[DataIdx++];
-
- BytesRemain--;
- }
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-BaseTools-Fix-UEFI-and-Tiano-Decompression-logic-iss.patch b/SOURCES/edk2-BaseTools-Fix-UEFI-and-Tiano-Decompression-logic-iss.patch
deleted file mode 100644
index cf09fe5..0000000
--- a/SOURCES/edk2-BaseTools-Fix-UEFI-and-Tiano-Decompression-logic-iss.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-From 115cf260ac54a6793a184227d6ae6bfe3da74a56 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
-Date: Wed, 9 Jan 2019 17:10:05 +0100
-Subject: [PATCH 1/4] BaseTools: Fix UEFI and Tiano Decompression logic issue
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Message-id: <20190109161007.3471-2-philmd@redhat.com>
-Patchwork-id: 83924
-O-Subject: [RHEL8 edk2 PATCH 1/3] BaseTools: Fix UEFI and Tiano Decompression
- logic issue
-Bugzilla: 1662184
-Acked-by: Laszlo Ersek <lersek@redhat.com>
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-
-From: Liming Gao <liming.gao@intel.com>
-
-https://bugzilla.tianocore.org/show_bug.cgi?id=1317
-
-This is a regression issue caused by 041d89bc0f0119df37a5fce1d0f16495ff905089.
-In Decode() function, once mOutBuf is fully filled, Decode() should return.
-Current logic misses the checker of mOutBuf after while() loop.
-
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Liming Gao <liming.gao@intel.com>
-Cc: Yonghong Zhu <yonghong.zhu@intel.com>
-Reviewed-by: Yonghong Zhu <yonghong.zhu@intel.com>
-(cherry picked from commit 5e45a1fdcfbf9b2b389122eb97475148594625f8)
-Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
-Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
----
- BaseTools/Source/C/Common/Decompress.c | 6 ++++++
- BaseTools/Source/C/TianoCompress/TianoCompress.c | 6 ++++++
- 2 files changed, 12 insertions(+)
-
-diff --git a/BaseTools/Source/C/Common/Decompress.c b/BaseTools/Source/C/Common/Decompress.c
-index bdc10f5..af76f67 100644
---- a/BaseTools/Source/C/Common/Decompress.c
-+++ b/BaseTools/Source/C/Common/Decompress.c
-@@ -662,6 +662,12 @@ Returns: (VOID)
-
- BytesRemain--;
- }
-+ //
-+ // Once mOutBuf is fully filled, directly return
-+ //
-+ if (Sd->mOutBuf >= Sd->mOrigSize) {
-+ return ;
-+ }
- }
- }
-
-diff --git a/BaseTools/Source/C/TianoCompress/TianoCompress.c b/BaseTools/Source/C/TianoCompress/TianoCompress.c
-index d07fd9e..369f7b3 100644
---- a/BaseTools/Source/C/TianoCompress/TianoCompress.c
-+++ b/BaseTools/Source/C/TianoCompress/TianoCompress.c
-@@ -2649,6 +2649,12 @@ Returns: (VOID)
-
- BytesRemain--;
- }
-+ //
-+ // Once mOutBuf is fully filled, directly return
-+ //
-+ if (Sd->mOutBuf >= Sd->mOrigSize) {
-+ goto Done ;
-+ }
- }
- }
-
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-BaseTools-Source-C-split-O2-to-BUILD_OPTFLAGS.patch b/SOURCES/edk2-BaseTools-Source-C-split-O2-to-BUILD_OPTFLAGS.patch
deleted file mode 100644
index feeb709..0000000
--- a/SOURCES/edk2-BaseTools-Source-C-split-O2-to-BUILD_OPTFLAGS.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-From bd8f7996e759b1aa2549efc6062dbed8ac9b8dcb Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Wed, 29 Aug 2018 17:12:00 +0200
-Subject: [PATCH 3/7] BaseTools/Source/C: split "-O2" to BUILD_OPTFLAGS
-
-Message-id: <20180829151204.26958-4-lersek@redhat.com>
-Patchwork-id: 81961
-O-Subject: [RHEL8/virt212 edk2 PATCH 3/7] BaseTools/Source/C: split "-O2" to
- BUILD_OPTFLAGS
-Bugzilla: 1607906
-Acked-by: Thomas Huth <thuth@redhat.com>
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-
-The option "-O2" is not a preprocessor flag, but a code generation
-(compilation) flag. Move it from BUILD_CPPFLAGS to BUILD_CFLAGS and
-BUILD_CXXFLAGS.
-
-Because "VfrCompile/GNUmakefile" uses "-O2" through BUILD_CPPFLAGS, and
-because it doesn't use BUILD_CXXFLAGS, we have to introduce BUILD_OPTFLAGS
-separately, so that "VfrCompile/GNUmakefile" can continue using just this
-flag.
-
-This patch doesn't change behavior.
-
-Cc: Liming Gao <liming.gao@intel.com>
-Cc: Yonghong Zhu <yonghong.zhu@intel.com>
-Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1540244
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Reviewed-by: Liming Gao <liming.gao@intel.com>
-(cherry picked from commit b8a66170264395edeaa61e6d22930a58e576a685)
----
- BaseTools/Source/C/Makefiles/header.makefile | 6 +++++-
- BaseTools/Source/C/VfrCompile/GNUmakefile | 11 +++++++----
- 2 files changed, 12 insertions(+), 5 deletions(-)
-
-diff --git a/BaseTools/Source/C/Makefiles/header.makefile b/BaseTools/Source/C/Makefiles/header.makefile
-index 08421ba..498c6cf 100644
---- a/BaseTools/Source/C/Makefiles/header.makefile
-+++ b/BaseTools/Source/C/Makefiles/header.makefile
-@@ -68,7 +68,8 @@ $(error Bad HOST_ARCH)
- endif
-
- INCLUDE = $(TOOL_INCLUDE) -I $(MAKEROOT) -I $(MAKEROOT)/Include/Common -I $(MAKEROOT)/Include/ -I $(MAKEROOT)/Include/IndustryStandard -I $(MAKEROOT)/Common/ -I .. -I . $(ARCH_INCLUDE)
--BUILD_CPPFLAGS = $(INCLUDE) -O2
-+BUILD_CPPFLAGS = $(INCLUDE)
-+BUILD_OPTFLAGS = -O2
- ifeq ($(DARWIN),Darwin)
- # assume clang or clang compatible flags on OS X
- BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -Wall -Werror -Wno-deprecated-declarations -Wno-self-assign -Wno-unused-result -nostdlib -g
-@@ -91,6 +92,9 @@ ifeq ($(DARWIN),Darwin)
- endif
- endif
-
-+# keep BUILD_OPTFLAGS last
-+BUILD_CFLAGS += $(BUILD_OPTFLAGS)
-+BUILD_CXXFLAGS += $(BUILD_OPTFLAGS)
-
- .PHONY: all
- .PHONY: install
-diff --git a/BaseTools/Source/C/VfrCompile/GNUmakefile b/BaseTools/Source/C/VfrCompile/GNUmakefile
-index c4ec61a..bbe562c 100644
---- a/BaseTools/Source/C/VfrCompile/GNUmakefile
-+++ b/BaseTools/Source/C/VfrCompile/GNUmakefile
-@@ -25,6 +25,9 @@ OBJECTS = AParser.o DLexerBase.o ATokenBuffer.o EfiVfrParser.o VfrLexer.o VfrSyn
-
- VFR_CPPFLAGS = -DPCCTS_USE_NAMESPACE_STD $(BUILD_CPPFLAGS)
-
-+# keep BUILD_OPTFLAGS last
-+VFR_CXXFLAGS = $(BUILD_OPTFLAGS)
-+
- LINKER = $(BUILD_CXX)
-
- EXTRA_CLEAN_OBJECTS = EfiVfrParser.cpp EfiVfrParser.h VfrParser.dlg VfrTokens.h VfrLexer.cpp VfrLexer.h VfrSyntax.cpp tokens.h
-@@ -58,16 +61,16 @@ Pccts/dlg/dlg:
- BIN_DIR='.' $(MAKE) -C Pccts/dlg
-
- ATokenBuffer.o: Pccts/h/ATokenBuffer.cpp
-- $(BUILD_CXX) -c $(VFR_CPPFLAGS) $(INC) $? -o $@
-+ $(BUILD_CXX) -c $(VFR_CPPFLAGS) $(INC) $(VFR_CXXFLAGS) $? -o $@
-
- DLexerBase.o: Pccts/h/DLexerBase.cpp
-- $(BUILD_CXX) -c $(VFR_CPPFLAGS) $(INC) $? -o $@
-+ $(BUILD_CXX) -c $(VFR_CPPFLAGS) $(INC) $(VFR_CXXFLAGS) $? -o $@
-
- AParser.o: Pccts/h/AParser.cpp
-- $(BUILD_CXX) -c $(VFR_CPPFLAGS) $(INC) $? -o $@
-+ $(BUILD_CXX) -c $(VFR_CPPFLAGS) $(INC) $(VFR_CXXFLAGS) $? -o $@
-
- VfrSyntax.o: VfrSyntax.cpp
-- $(BUILD_CXX) -c $(VFR_CPPFLAGS) $(INC) $? -o $@
-+ $(BUILD_CXX) -c $(VFR_CPPFLAGS) $(INC) $(VFR_CXXFLAGS) $? -o $@
-
- clean: localClean
-
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-BaseTools-Source-C-take-EXTRA_LDFLAGS-from-the-calle.patch b/SOURCES/edk2-BaseTools-Source-C-take-EXTRA_LDFLAGS-from-the-calle.patch
deleted file mode 100644
index 334d001..0000000
--- a/SOURCES/edk2-BaseTools-Source-C-take-EXTRA_LDFLAGS-from-the-calle.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 7ad1348d09a32c467229ee8bef98a09e47b5a708 Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Wed, 29 Aug 2018 17:12:02 +0200
-Subject: [PATCH 5/7] BaseTools/Source/C: take EXTRA_LDFLAGS from the caller
-
-Message-id: <20180829151204.26958-6-lersek@redhat.com>
-Patchwork-id: 81965
-O-Subject: [RHEL8/virt212 edk2 PATCH 5/7] BaseTools/Source/C: take EXTRA_LDFLAGS
- from the caller
-Bugzilla: 1607906
-Acked-by: Thomas Huth <thuth@redhat.com>
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-
-Allow the caller of the top-level makefile either to set EXTRA_LDFLAGS in
-the environment or to pass EXTRA_LDFLAGS as a macro definition on the
-command line. EXTRA_LDFLAGS extends (and potentially overrides) default
-link-editing flags set in the makefiles.
-
-Cc: Liming Gao <liming.gao@intel.com>
-Cc: Yonghong Zhu <yonghong.zhu@intel.com>
-Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1540244
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Reviewed-by: Liming Gao <liming.gao@intel.com>
-(cherry picked from commit 81502cee20ac4046f08bb4aec754c7091c8808dc)
----
- BaseTools/Source/C/Makefiles/header.makefile | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/BaseTools/Source/C/Makefiles/header.makefile b/BaseTools/Source/C/Makefiles/header.makefile
-index 1b4cad5..7f283d6 100644
---- a/BaseTools/Source/C/Makefiles/header.makefile
-+++ b/BaseTools/Source/C/Makefiles/header.makefile
-@@ -99,6 +99,9 @@ endif
- BUILD_CFLAGS += $(BUILD_OPTFLAGS)
- BUILD_CXXFLAGS += $(BUILD_OPTFLAGS)
-
-+# keep EXTRA_LDFLAGS last
-+BUILD_LFLAGS += $(EXTRA_LDFLAGS)
-+
- .PHONY: all
- .PHONY: install
- .PHONY: clean
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-BaseTools-Source-C-take-EXTRA_OPTFLAGS-from-the-call.patch b/SOURCES/edk2-BaseTools-Source-C-take-EXTRA_OPTFLAGS-from-the-call.patch
deleted file mode 100644
index 6a97cc4..0000000
--- a/SOURCES/edk2-BaseTools-Source-C-take-EXTRA_OPTFLAGS-from-the-call.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From c8f78f5ef3463ffb63d26879d858327aba934d12 Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Wed, 29 Aug 2018 17:12:01 +0200
-Subject: [PATCH 4/7] BaseTools/Source/C: take EXTRA_OPTFLAGS from the caller
-
-Message-id: <20180829151204.26958-5-lersek@redhat.com>
-Patchwork-id: 81966
-O-Subject: [RHEL8/virt212 edk2 PATCH 4/7] BaseTools/Source/C: take
- EXTRA_OPTFLAGS from the caller
-Bugzilla: 1607906
-Acked-by: Thomas Huth <thuth@redhat.com>
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-
-Allow the caller of the top-level makefile either to set EXTRA_OPTFLAGS in
-the environment or to pass EXTRA_OPTFLAGS as a macro definition on the
-command line. EXTRA_OPTFLAGS extends (and potentially overrides) default C
-compilation flags set in the makefiles.
-
-Cc: Liming Gao <liming.gao@intel.com>
-Cc: Yonghong Zhu <yonghong.zhu@intel.com>
-Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1540244
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Reviewed-by: Liming Gao <liming.gao@intel.com>
-(cherry picked from commit b0ca5dae78ff71397a8ef568f1914da7668ff5a9)
----
- BaseTools/Source/C/Makefiles/header.makefile | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/BaseTools/Source/C/Makefiles/header.makefile b/BaseTools/Source/C/Makefiles/header.makefile
-index 498c6cf..1b4cad5 100644
---- a/BaseTools/Source/C/Makefiles/header.makefile
-+++ b/BaseTools/Source/C/Makefiles/header.makefile
-@@ -69,7 +69,10 @@ endif
-
- INCLUDE = $(TOOL_INCLUDE) -I $(MAKEROOT) -I $(MAKEROOT)/Include/Common -I $(MAKEROOT)/Include/ -I $(MAKEROOT)/Include/IndustryStandard -I $(MAKEROOT)/Common/ -I .. -I . $(ARCH_INCLUDE)
- BUILD_CPPFLAGS = $(INCLUDE)
--BUILD_OPTFLAGS = -O2
-+
-+# keep EXTRA_OPTFLAGS last
-+BUILD_OPTFLAGS = -O2 $(EXTRA_OPTFLAGS)
-+
- ifeq ($(DARWIN),Darwin)
- # assume clang or clang compatible flags on OS X
- BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -Wall -Werror -Wno-deprecated-declarations -Wno-self-assign -Wno-unused-result -nostdlib -g
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-BaseTools-VfrCompile-honor-EXTRA_LDFLAGS.patch b/SOURCES/edk2-BaseTools-VfrCompile-honor-EXTRA_LDFLAGS.patch
deleted file mode 100644
index 0571886..0000000
--- a/SOURCES/edk2-BaseTools-VfrCompile-honor-EXTRA_LDFLAGS.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-From 5825a1b2507e195c40a8655e18c5485c00513445 Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Wed, 29 Aug 2018 17:12:03 +0200
-Subject: [PATCH 6/7] BaseTools/VfrCompile: honor EXTRA_LDFLAGS
-
-Message-id: <20180829151204.26958-7-lersek@redhat.com>
-Patchwork-id: 81963
-O-Subject: [RHEL8/virt212 edk2 PATCH 6/7] BaseTools/VfrCompile: honor
- EXTRA_LDFLAGS
-Bugzilla: 1607906
-Acked-by: Thomas Huth <thuth@redhat.com>
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-
-In commit 81502cee20ac ("BaseTools/Source/C: take EXTRA_LDFLAGS from the
-caller", 2018-08-16), I missed that "VfrCompile/GNUmakefile" does not use
-BUILD_LFLAGS in the APPLICATION linking rule, unlike "app.makefile" does.
-Instead, "VfrCompile/GNUmakefile" uses the (undefined) LFLAGS macro.
-Therefore commit 81502cee20ac did not cover the linking step of
-VfrCompile.
-
-Thankfully, the structure of the linking rules is the same, between
-"app.makefile" and "VfrCompile/GNUmakefile". Rename the undefined LFLAGS
-macro in "VfrCompile/GNUmakefile" to VFR_LFLAGS (for consistency with
-VFR_CXXFLAGS), and set it to EXTRA_LDFLAGS.
-
-As a result, we have:
-
- | compilation | linking
- -----------+--------------------------------+----------------------
- VfrCompile | VFR_CXXFLAGS = | VFR_LFLAGS =
- | BUILD_OPTFLAGS = | EXTRA_LDFLAGS
- | '-O2' + EXTRA_OPTFLAGS |
- -----------+--------------------------------+----------------------
- other apps | BUILD_CFLAGS/BUILD_CXXFLAGS = | BUILD_LFLAGS =
- | [...] + BUILD_OPTFLAGS = | [...] + EXTRA_LDFLAGS
- | [...] + '-O2' + EXTRA_OPTFLAGS |
-
-This table shows
-- that the VfrCompile compilation and linking flags are always a subset of
- the corresponding flags used by the other apps,
-- and that the EXTRA flags are always at the end.
-
-Cc: Liming Gao <liming.gao@intel.com>
-Cc: Yonghong Zhu <yonghong.zhu@intel.com>
-Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1540244
-Fixes: 81502cee20ac4046f08bb4aec754c7091c8808dc
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Reviewed-by: Liming Gao <liming.gao@intel.com>
-(cherry picked from commit aa4e0df1f0c7ffdff07d7e382c9da89cbe207cdb)
----
- BaseTools/Source/C/VfrCompile/GNUmakefile | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/BaseTools/Source/C/VfrCompile/GNUmakefile b/BaseTools/Source/C/VfrCompile/GNUmakefile
-index bbe562c..9273589 100644
---- a/BaseTools/Source/C/VfrCompile/GNUmakefile
-+++ b/BaseTools/Source/C/VfrCompile/GNUmakefile
-@@ -28,6 +28,9 @@ VFR_CPPFLAGS = -DPCCTS_USE_NAMESPACE_STD $(BUILD_CPPFLAGS)
- # keep BUILD_OPTFLAGS last
- VFR_CXXFLAGS = $(BUILD_OPTFLAGS)
-
-+# keep EXTRA_LDFLAGS last
-+VFR_LFLAGS = $(EXTRA_LDFLAGS)
-+
- LINKER = $(BUILD_CXX)
-
- EXTRA_CLEAN_OBJECTS = EfiVfrParser.cpp EfiVfrParser.h VfrParser.dlg VfrTokens.h VfrLexer.cpp VfrLexer.h VfrSyntax.cpp tokens.h
-@@ -42,7 +45,7 @@ APPLICATION = $(MAKEROOT)/bin/$(APPNAME)
- all: $(MAKEROOT)/bin $(APPLICATION)
-
- $(APPLICATION): $(OBJECTS)
-- $(LINKER) -o $(APPLICATION) $(LFLAGS) $(OBJECTS) -L$(MAKEROOT)/libs $(LIBS)
-+ $(LINKER) -o $(APPLICATION) $(VFR_LFLAGS) $(OBJECTS) -L$(MAKEROOT)/libs $(LIBS)
-
- VfrCompiler.o: ../Include/Common/BuildVersion.h
-
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-BaseTools-footer.makefile-expand-BUILD_CFLAGS-last-f.patch b/SOURCES/edk2-BaseTools-footer.makefile-expand-BUILD_CFLAGS-last-f.patch
deleted file mode 100644
index 377b88c..0000000
--- a/SOURCES/edk2-BaseTools-footer.makefile-expand-BUILD_CFLAGS-last-f.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 5898a7a6403bb5ff73fc27a39f9c64b746089cb1 Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Wed, 29 Aug 2018 17:11:58 +0200
-Subject: [PATCH 1/7] BaseTools/footer.makefile: expand BUILD_CFLAGS last for C
- files too
-
-Message-id: <20180829151204.26958-2-lersek@redhat.com>
-Patchwork-id: 81962
-O-Subject: [RHEL8/virt212 edk2 PATCH 1/7] BaseTools/footer.makefile: expand
- BUILD_CFLAGS last for C files too
-Bugzilla: 1607906
-Acked-by: Thomas Huth <thuth@redhat.com>
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-
-BUILD_CPPFLAGS should be expanded before BUILD_CFLAGS. (The rule for C++
-source files already does this, with BUILD_CPPFLAGS and BUILD_CXXFLAGS.)
-
-This patch doesn't change behavior.
-
-Cc: Liming Gao <liming.gao@intel.com>
-Cc: Yonghong Zhu <yonghong.zhu@intel.com>
-Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1540244
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Reviewed-by: Liming Gao <liming.gao@intel.com>
-(cherry picked from commit 67983484a4430c5f82bb5f1397e010c759136321)
----
- BaseTools/Source/C/Makefiles/footer.makefile | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/BaseTools/Source/C/Makefiles/footer.makefile b/BaseTools/Source/C/Makefiles/footer.makefile
-index 0926aa9..5bda9e4 100644
---- a/BaseTools/Source/C/Makefiles/footer.makefile
-+++ b/BaseTools/Source/C/Makefiles/footer.makefile
-@@ -24,7 +24,7 @@ $(LIBRARY): $(OBJECTS)
- $(BUILD_AR) crs $@ $^
-
- %.o : %.c
-- $(BUILD_CC) -c $(BUILD_CFLAGS) $(BUILD_CPPFLAGS) $< -o $@
-+ $(BUILD_CC) -c $(BUILD_CPPFLAGS) $(BUILD_CFLAGS) $< -o $@
-
- %.o : %.cpp
- $(BUILD_CXX) -c $(BUILD_CPPFLAGS) $(BUILD_CXXFLAGS) $< -o $@
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-BaseTools-header.makefile-remove-c-from-BUILD_CFLAGS.patch b/SOURCES/edk2-BaseTools-header.makefile-remove-c-from-BUILD_CFLAGS.patch
deleted file mode 100644
index b32d6a9..0000000
--- a/SOURCES/edk2-BaseTools-header.makefile-remove-c-from-BUILD_CFLAGS.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From e7091299a079fd0405f01276f35838884b4c06b5 Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Wed, 29 Aug 2018 17:11:59 +0200
-Subject: [PATCH 2/7] BaseTools/header.makefile: remove "-c" from BUILD_CFLAGS
-
-Message-id: <20180829151204.26958-3-lersek@redhat.com>
-Patchwork-id: 81964
-O-Subject: [RHEL8/virt212 edk2 PATCH 2/7] BaseTools/header.makefile: remove "-c"
- from BUILD_CFLAGS
-Bugzilla: 1607906
-Acked-by: Thomas Huth <thuth@redhat.com>
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-
-Option "-c" is a mode selection flag (choosing between compiling and
-linking); it should not be in BUILD_CFLAGS, which applies only to
-compiling anyway. The compilation rule for C source files, in
-"footer.makefile", already includes "-c" -- currently we have double "-c"
-options.
-
-This patch doesn't change behavior.
-
-Cc: Liming Gao <liming.gao@intel.com>
-Cc: Yonghong Zhu <yonghong.zhu@intel.com>
-Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1540244
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Reviewed-by: Liming Gao <liming.gao@intel.com>
-(cherry picked from commit 03252ae287c4a61983b3793ff71baeabe2ff3df7)
----
- BaseTools/Source/C/Makefiles/header.makefile | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/BaseTools/Source/C/Makefiles/header.makefile b/BaseTools/Source/C/Makefiles/header.makefile
-index db43677..08421ba 100644
---- a/BaseTools/Source/C/Makefiles/header.makefile
-+++ b/BaseTools/Source/C/Makefiles/header.makefile
-@@ -71,9 +71,9 @@ INCLUDE = $(TOOL_INCLUDE) -I $(MAKEROOT) -I $(MAKEROOT)/Include/Common -I $(MAKE
- BUILD_CPPFLAGS = $(INCLUDE) -O2
- ifeq ($(DARWIN),Darwin)
- # assume clang or clang compatible flags on OS X
--BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -Wall -Werror -Wno-deprecated-declarations -Wno-self-assign -Wno-unused-result -nostdlib -c -g
-+BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -Wall -Werror -Wno-deprecated-declarations -Wno-self-assign -Wno-unused-result -nostdlib -g
- else
--BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -Wall -Werror -Wno-deprecated-declarations -Wno-stringop-truncation -Wno-restrict -Wno-unused-result -nostdlib -c -g
-+BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -Wall -Werror -Wno-deprecated-declarations -Wno-stringop-truncation -Wno-restrict -Wno-unused-result -nostdlib -g
- endif
- BUILD_LFLAGS =
- BUILD_CXXFLAGS = -Wno-unused-result
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-IntelFrameworkModulePkg-Add-more-checker-in-UefiTian.patch b/SOURCES/edk2-IntelFrameworkModulePkg-Add-more-checker-in-UefiTian.patch
deleted file mode 100644
index f316c12..0000000
--- a/SOURCES/edk2-IntelFrameworkModulePkg-Add-more-checker-in-UefiTian.patch
+++ /dev/null
@@ -1,130 +0,0 @@
-From 8358e53013fc62c9556598ad842d233906de00ef Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Wed, 24 Oct 2018 21:03:44 +0200
-Subject: [PATCH 3/4] IntelFrameworkModulePkg: Add more checker in
- UefiTianoDecompressLib (CVE FIX)
-
-Message-id: <20181024190345.15288-4-lersek@redhat.com>
-Patchwork-id: 82885
-O-Subject: [RHEL8 edk2 PATCH 3/4] IntelFrameworkModulePkg: Add more checker in
- UefiTianoDecompressLib (CVE FIX)
-Bugzilla: 1641453
-1641464
-1641469
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-Acked-by: Thomas Huth <thuth@redhat.com>
-
-From: Liming Gao <liming.gao@intel.com>
-
---v-- RHEL8 note start --v--
-
-Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1641453
-Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1641464
-Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1641469
-
-Unfortunately, the upstream patch series was not structured according to
-the CVE reports. This patch contributes to fixing:
-
-- CVE-2017-5733
-- CVE-2017-5734
-- CVE-2017-5735
-
-but not CVE-2017-5731 or CVE-2017-5732 (contrarily to the upstream commit
-message). The best I could achieve up-stream was to get the "CVE FIX"
-expression into the subject, and a whole-sale dump of the CVEs into the
-body. I had not been invited to the original (off-list, embargoed)
-analysis and review.
-
-The trivial context difference (whitespace) is due to RHEL8 lacking
-upstream commit 0a6f48249a60 ("IntelFrameworkModulePkg: Clean up source
-files", 2018-06-28). I've considered backporting that (since it only
-cleans up whitespace). However, the diffstat on that commit convinced me
-otherwise: "246 files changed, 4067 insertions(+), 4067 deletions(-)".
-I've decided not to do a partial backport of that (i.e. just for
-"BaseUefiTianoCustomDecompressLib.c").
-
---^-- RHEL8 note end --^--
-
-Fix CVE-2017-5731,CVE-2017-5732,CVE-2017-5733,CVE-2017-5734,CVE-2017-5735
-https://bugzilla.tianocore.org/show_bug.cgi?id=686
-To make sure the valid buffer be accessed only.
-
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Holtsclaw Brent <brent.holtsclaw@intel.com>
-Signed-off-by: Liming Gao <liming.gao@intel.com>
-Reviewed-by: Star Zeng <star.zeng@intel.com>
-Acked-by: Laszlo Ersek <lersek@redhat.com>
-(cherry picked from commit 684db6da64bc7b5faee4e1174e801c245f563b5c)
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
----
- .../BaseUefiTianoCustomDecompressLib.c | 16 ++++++++++++++--
- 1 file changed, 14 insertions(+), 2 deletions(-)
-
-diff --git a/IntelFrameworkModulePkg/Library/BaseUefiTianoCustomDecompressLib/BaseUefiTianoCustomDecompressLib.c b/IntelFrameworkModulePkg/Library/BaseUefiTianoCustomDecompressLib/BaseUefiTianoCustomDecompressLib.c
-index cb009e7..9b00166 100644
---- a/IntelFrameworkModulePkg/Library/BaseUefiTianoCustomDecompressLib/BaseUefiTianoCustomDecompressLib.c
-+++ b/IntelFrameworkModulePkg/Library/BaseUefiTianoCustomDecompressLib/BaseUefiTianoCustomDecompressLib.c
-@@ -143,6 +143,7 @@ MakeTable (
- UINT16 Mask;
- UINT16 WordOfStart;
- UINT16 WordOfCount;
-+ UINT16 MaxTableLength;
-
- //
- // The maximum mapping table width supported by this internal
-@@ -155,6 +156,9 @@ MakeTable (
- }
-
- for (Index = 0; Index < NumOfChar; Index++) {
-+ if (BitLen[Index] > 16) {
-+ return (UINT16) BAD_TABLE;
-+ }
- Count[BitLen[Index]]++;
- }
-
-@@ -196,6 +200,7 @@ MakeTable (
-
- Avail = NumOfChar;
- Mask = (UINT16) (1U << (15 - TableBits));
-+ MaxTableLength = (UINT16) (1U << TableBits);
-
- for (Char = 0; Char < NumOfChar; Char++) {
-
-@@ -209,6 +214,9 @@ MakeTable (
- if (Len <= TableBits) {
-
- for (Index = Start[Len]; Index < NextCode; Index++) {
-+ if (Index >= MaxTableLength) {
-+ return (UINT16) BAD_TABLE;
-+ }
- Table[Index] = Char;
- }
-
-@@ -615,10 +623,14 @@ Decode (
- //
- BytesRemain--;
- while ((INT16) (BytesRemain) >= 0) {
-- Sd->mDstBase[Sd->mOutBuf++] = Sd->mDstBase[DataIdx++];
- if (Sd->mOutBuf >= Sd->mOrigSize) {
- goto Done ;
- }
-+ if (DataIdx >= Sd->mOrigSize) {
-+ Sd->mBadTableFlag = (UINT16) BAD_TABLE;
-+ goto Done ;
-+ }
-+ Sd->mDstBase[Sd->mOutBuf++] = Sd->mDstBase[DataIdx++];
-
- BytesRemain--;
- }
-@@ -688,7 +700,7 @@ UefiDecompressGetInfo (
- }
-
- CompressedSize = ReadUnaligned32 ((UINT32 *)Source);
-- if (SourceSize < (CompressedSize + 8)) {
-+ if (SourceSize < (CompressedSize + 8) || (CompressedSize + 8) < 8) {
- return RETURN_INVALID_PARAMETER;
- }
-
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-IntelFrameworkModulePkg-Fix-UEFI-and-Tiano-Decompres.patch b/SOURCES/edk2-IntelFrameworkModulePkg-Fix-UEFI-and-Tiano-Decompres.patch
deleted file mode 100644
index e35c99b..0000000
--- a/SOURCES/edk2-IntelFrameworkModulePkg-Fix-UEFI-and-Tiano-Decompres.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From 601458a0a87bf4169d1f0c81c0bb454d22abe8f0 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
-Date: Wed, 9 Jan 2019 17:10:07 +0100
-Subject: [PATCH 3/4] IntelFrameworkModulePkg: Fix UEFI and Tiano Decompression
- logic issue
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Message-id: <20190109161007.3471-4-philmd@redhat.com>
-Patchwork-id: 83926
-O-Subject: [RHEL8 edk2 PATCH 3/3] IntelFrameworkModulePkg: Fix UEFI and Tiano
- Decompression logic issue
-Bugzilla: 1662184
-Acked-by: Laszlo Ersek <lersek@redhat.com>
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-
-From: Liming Gao <liming.gao@intel.com>
-
-https://bugzilla.tianocore.org/show_bug.cgi?id=1317
-
-This is a regression issue caused by 684db6da64bc7b5faee4e1174e801c245f563b5c.
-In Decode() function, once mOutBuf is fully filled, Decode() should return.
-Current logic misses the checker of mOutBuf after while() loop.
-
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Liming Gao <liming.gao@intel.com>
-Reviewed-by: Yonghong Zhu <yonghong.zhu@intel.com>
-(cherry picked from commit ade71c52a49d659b20c0b433fb11ddb4f4f543c4)
-Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
-Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
----
- .../BaseUefiTianoCustomDecompressLib.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/IntelFrameworkModulePkg/Library/BaseUefiTianoCustomDecompressLib/BaseUefiTianoCustomDecompressLib.c b/IntelFrameworkModulePkg/Library/BaseUefiTianoCustomDecompressLib/BaseUefiTianoCustomDecompressLib.c
-index 9b00166..e34bf4b 100644
---- a/IntelFrameworkModulePkg/Library/BaseUefiTianoCustomDecompressLib/BaseUefiTianoCustomDecompressLib.c
-+++ b/IntelFrameworkModulePkg/Library/BaseUefiTianoCustomDecompressLib/BaseUefiTianoCustomDecompressLib.c
-@@ -634,6 +634,12 @@ Decode (
-
- BytesRemain--;
- }
-+ //
-+ // Once mOutBuf is fully filled, directly return
-+ //
-+ if (Sd->mOutBuf >= Sd->mOrigSize) {
-+ goto Done ;
-+ }
- }
- }
-
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-MdeModulePkg-PartitionDxe-Ensure-blocksize-holds-MBR.patch b/SOURCES/edk2-MdeModulePkg-PartitionDxe-Ensure-blocksize-holds-MBR.patch
deleted file mode 100644
index 1d83568..0000000
--- a/SOURCES/edk2-MdeModulePkg-PartitionDxe-Ensure-blocksize-holds-MBR.patch
+++ /dev/null
@@ -1,102 +0,0 @@
-From b045711f96003a53493cd334fe867981fb3cae2b Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Fri, 1 Mar 2019 13:45:07 +0100
-Subject: [PATCH 1/2] MdeModulePkg/PartitionDxe: Ensure blocksize holds MBR
- (CVE-2018-12180)
-
-Message-id: <20190301124508.18497-2-lersek@redhat.com>
-Patchwork-id: 84759
-O-Subject: [RHEL-8.0 edk2 PATCH 1/2] MdeModulePkg/PartitionDxe: Ensure blocksize
- holds MBR (CVE-2018-12180)
-Bugzilla: 1690501
-Acked-by: Thomas Huth <thuth@redhat.com>
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-
-From: Hao Wu <hao.a.wu@intel.com>
-
---v-- RHEL-8.0 note --v--
-
-Trivial conflicts resolved in "Gpt.c" and "Mbr.c": up-stream, the Intel
-copyright notice got meanwhile extended to 2018, in commit d1102dba7210
-("MdeModulePkg: Clean up source files", 2018-06-28).
-
---^-- RHEL-8.0 note --^--
-
-REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1134
-
-The commit adds checks for detecting GPT and MBR partitions.
-
-These checks will ensure that the device block size is big enough to hold
-an MBR (512 bytes).
-
-Cc: Jian J Wang <jian.j.wang@intel.com>
-Cc: Star Zeng <star.zeng@intel.com>
-Cc: Laszlo Ersek <lersek@redhat.com>
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Hao Wu <hao.a.wu@intel.com>
-Reviewed-by: Ray Ni <ray.ni@intel.com>
-(cherry picked from commit fccdb88022c1f6d85c773fce506b10c879063f1d)
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
----
- MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c | 9 ++++++++-
- MdeModulePkg/Universal/Disk/PartitionDxe/Mbr.c | 9 ++++++++-
- 2 files changed, 16 insertions(+), 2 deletions(-)
-
-diff --git a/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c b/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
-index fe26a64..141dca0 100644
---- a/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
-+++ b/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
-@@ -14,7 +14,7 @@
- partition content and validate the GPT table and GPT entry.
-
- Copyright (c) 2018 Qualcomm Datacenter Technologies, Inc.
--Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
-+Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
- This program and the accompanying materials
- are licensed and made available under the terms and conditions of the BSD License
- which accompanies this distribution. The full text of the license may be found at
-@@ -237,6 +237,13 @@ PartitionInstallGptChildHandles (
- GptValidStatus = EFI_NOT_FOUND;
-
- //
-+ // Ensure the block size can hold the MBR
-+ //
-+ if (BlockSize < sizeof (MASTER_BOOT_RECORD)) {
-+ return EFI_NOT_FOUND;
-+ }
-+
-+ //
- // Allocate a buffer for the Protective MBR
- //
- ProtectiveMbr = AllocatePool (BlockSize);
-diff --git a/MdeModulePkg/Universal/Disk/PartitionDxe/Mbr.c b/MdeModulePkg/Universal/Disk/PartitionDxe/Mbr.c
-index 479745b..d7a15b4 100644
---- a/MdeModulePkg/Universal/Disk/PartitionDxe/Mbr.c
-+++ b/MdeModulePkg/Universal/Disk/PartitionDxe/Mbr.c
-@@ -13,7 +13,7 @@
-
- Copyright (c) 2018 Qualcomm Datacenter Technologies, Inc.
- Copyright (c) 2014, Hewlett-Packard Development Company, L.P.<BR>
--Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
-+Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
- This program and the accompanying materials
- are licensed and made available under the terms and conditions of the BSD License
- which accompanies this distribution. The full text of the license may be found at
-@@ -150,6 +150,13 @@ PartitionInstallMbrChildHandles (
- MediaId = BlockIo->Media->MediaId;
- LastBlock = BlockIo->Media->LastBlock;
-
-+ //
-+ // Ensure the block size can hold the MBR
-+ //
-+ if (BlockSize < sizeof (MASTER_BOOT_RECORD)) {
-+ return EFI_NOT_FOUND;
-+ }
-+
- Mbr = AllocatePool (BlockSize);
- if (Mbr == NULL) {
- return Found;
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-MdeModulePkg-RamDiskDxe-Restrict-on-RAM-disk-size-CV.patch b/SOURCES/edk2-MdeModulePkg-RamDiskDxe-Restrict-on-RAM-disk-size-CV.patch
deleted file mode 100644
index 82d285b..0000000
--- a/SOURCES/edk2-MdeModulePkg-RamDiskDxe-Restrict-on-RAM-disk-size-CV.patch
+++ /dev/null
@@ -1,137 +0,0 @@
-From 1fab0b299bc4c5b3f5106f718692f8f9bad5e635 Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Fri, 1 Mar 2019 13:45:08 +0100
-Subject: [PATCH 2/2] MdeModulePkg/RamDiskDxe: Restrict on RAM disk size
- (CVE-2018-12180)
-
-Message-id: <20190301124508.18497-3-lersek@redhat.com>
-Patchwork-id: 84760
-O-Subject: [RHEL-8.0 edk2 PATCH 2/2] MdeModulePkg/RamDiskDxe: Restrict on RAM
- disk size (CVE-2018-12180)
-Bugzilla: 1690501
-Acked-by: Thomas Huth <thuth@redhat.com>
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-
-From: Hao Wu <hao.a.wu@intel.com>
-
-REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1134
-
-Originally, the block size of created Ram disks is hard-coded to 512
-bytes. However, if the total size of the Ram disk is not a multiple of 512
-bytes, there will be potential memory access issues when dealing with the
-last block of the Ram disk.
-
-This commit will adjust the block size of the Ram disks to ensure that the
-total size is a multiple of the block size.
-
-Cc: Jian J Wang <jian.j.wang@intel.com>
-Cc: Star Zeng <star.zeng@intel.com>
-Cc: Laszlo Ersek <lersek@redhat.com>
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Hao Wu <hao.a.wu@intel.com>
-Reviewed-by: Ray Ni <ray.ni@intel.com>
-(cherry picked from commit 38c9fbdcaa0219eb86fe82d90e3f8cfb5a54be9f)
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
----
- .../Universal/Disk/RamDiskDxe/RamDiskBlockIo.c | 20 ++++++++++++++------
- MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskImpl.h | 6 +++---
- .../Universal/Disk/RamDiskDxe/RamDiskProtocol.c | 5 +++--
- 3 files changed, 20 insertions(+), 11 deletions(-)
-
-diff --git a/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskBlockIo.c b/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskBlockIo.c
-index 4f74b5e..8926ad7 100644
---- a/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskBlockIo.c
-+++ b/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskBlockIo.c
-@@ -1,7 +1,7 @@
- /** @file
- Produce EFI_BLOCK_IO_PROTOCOL on a RAM disk device.
-
-- Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
-+ Copyright (c) 2016 - 2019, Intel Corporation. All rights reserved.<BR>
- This program and the accompanying materials
- are licensed and made available under the terms and conditions of the BSD License
- which accompanies this distribution. The full text of the license may be found at
-@@ -54,6 +54,7 @@ RamDiskInitBlockIo (
- EFI_BLOCK_IO_PROTOCOL *BlockIo;
- EFI_BLOCK_IO2_PROTOCOL *BlockIo2;
- EFI_BLOCK_IO_MEDIA *Media;
-+ UINT32 Remainder;
-
- BlockIo = &PrivateData->BlockIo;
- BlockIo2 = &PrivateData->BlockIo2;
-@@ -69,11 +70,18 @@ RamDiskInitBlockIo (
- Media->LogicalPartition = FALSE;
- Media->ReadOnly = FALSE;
- Media->WriteCaching = FALSE;
-- Media->BlockSize = RAM_DISK_BLOCK_SIZE;
-- Media->LastBlock = DivU64x32 (
-- PrivateData->Size + RAM_DISK_BLOCK_SIZE - 1,
-- RAM_DISK_BLOCK_SIZE
-- ) - 1;
-+
-+ for (Media->BlockSize = RAM_DISK_DEFAULT_BLOCK_SIZE;
-+ Media->BlockSize >= 1;
-+ Media->BlockSize = Media->BlockSize >> 1) {
-+ Media->LastBlock = DivU64x32Remainder (PrivateData->Size, Media->BlockSize, &Remainder) - 1;
-+ if (Remainder == 0) {
-+ break;
-+ }
-+ }
-+ ASSERT (Media->BlockSize != 0);
-+
-+ return;
- }
-
-
-diff --git a/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskImpl.h b/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskImpl.h
-index 077bb77..18c7bb2 100644
---- a/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskImpl.h
-+++ b/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskImpl.h
-@@ -1,7 +1,7 @@
- /** @file
- The header file of RamDiskDxe driver.
-
-- Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
-+ Copyright (c) 2016 - 2019, Intel Corporation. All rights reserved.<BR>
- This program and the accompanying materials
- are licensed and made available under the terms and conditions of the BSD License
- which accompanies this distribution. The full text of the license may be found at
-@@ -49,9 +49,9 @@
- ///
-
- //
--// Block size for RAM disk
-+// Default block size for RAM disk
- //
--#define RAM_DISK_BLOCK_SIZE 512
-+#define RAM_DISK_DEFAULT_BLOCK_SIZE 512
-
- //
- // Iterate through the double linked list. NOT delete safe
-diff --git a/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskProtocol.c b/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskProtocol.c
-index 6784e2b..e8250d5 100644
---- a/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskProtocol.c
-+++ b/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskProtocol.c
-@@ -1,7 +1,7 @@
- /** @file
- The realization of EFI_RAM_DISK_PROTOCOL.
-
-- Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
-+ Copyright (c) 2016 - 2019, Intel Corporation. All rights reserved.<BR>
- (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
- This program and the accompanying materials
- are licensed and made available under the terms and conditions of the BSD License
-@@ -613,7 +613,8 @@ RamDiskRegister (
- //
- // Add check to prevent data read across the memory boundary
- //
-- if (RamDiskBase + RamDiskSize > ((UINTN) -1) - RAM_DISK_BLOCK_SIZE + 1) {
-+ if ((RamDiskSize > MAX_UINTN) ||
-+ (RamDiskBase > MAX_UINTN - RamDiskSize + 1)) {
- return EFI_INVALID_PARAMETER;
- }
-
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-MdeModulePkg-Variable-Fix-Timestamp-zeroing-issue-on.patch b/SOURCES/edk2-MdeModulePkg-Variable-Fix-Timestamp-zeroing-issue-on.patch
deleted file mode 100644
index 0c7b2cc..0000000
--- a/SOURCES/edk2-MdeModulePkg-Variable-Fix-Timestamp-zeroing-issue-on.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-From 3b8ff18ad4ac1af740a979ad27fb83dbbdca70ef Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Wed, 24 Oct 2018 21:03:42 +0200
-Subject: [PATCH 1/4] MdeModulePkg Variable: Fix Timestamp zeroing issue on
- APPEND_WRITE
-
-Message-id: <20181024190345.15288-2-lersek@redhat.com>
-Patchwork-id: 82887
-O-Subject: [RHEL8 edk2 PATCH 1/4] MdeModulePkg Variable: Fix Timestamp zeroing
- issue on APPEND_WRITE
-Bugzilla: 1641436
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-Acked-by: Thomas Huth <thuth@redhat.com>
-
-From: Star Zeng <star.zeng@intel.com>
-
---v-- RHEL8 note start --v--
-
-Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1641436
-
-This patch fixes CVE-2018-3613. Unfortunately, the upstream subject line
-does not include the CVE number. I've decided to stick with the upstream
-subject verbatim in the backport, so we can more easily drop this patch at
-the next rebase. On the upstream list, I did complain loudly, so there's
-hope the next CVE fix will advertise the CVE number in the subject.
-
-In practice, the vulnerability is difficult to exploit. Please refer to
-the following messages in the upstream discussion:
-
- https://lists.01.org/pipermail/edk2-devel/2018-October/031103.html
- https://lists.01.org/pipermail/edk2-devel/2018-October/031140.html
-
---^-- RHEL8 note end --^--
-
-REF: https://bugzilla.tianocore.org/show_bug.cgi?id=415
-
-When SetVariable() to a time based auth variable with APPEND_WRITE
-attribute, and if the EFI_VARIABLE_AUTHENTICATION_2.TimeStamp in
-the input Data is earlier than current value, it will cause timestamp
-zeroing.
-
-This issue may bring time based auth variable downgrade problem.
-For example:
-A vendor released three certs at 2014, 2015, and 2016, and system
-integrated the 2016 cert. User can SetVariable() with 2015 cert and
-APPEND_WRITE attribute to cause timestamp zeroing first, then
-SetVariable() with 2014 cert to downgrade the cert.
-
-This patch fixes this issue.
-
-Cc: Jiewen Yao <jiewen.yao@intel.com>
-Cc: Chao Zhang <chao.b.zhang@intel.com>
-Cc: Jian J Wang <jian.j.wang@intel.com>
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Star Zeng <star.zeng@intel.com>
-Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
-(cherry picked from commit b7dc8888f31402f410c53242839271ba3b94b619)
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
----
- MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
-index 6caf603..60439b5 100644
---- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
-+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
-@@ -2460,6 +2460,8 @@ UpdateVariable (
- if (Variable->CurrPtr != NULL) {
- if (VariableCompareTimeStampInternal (&(((AUTHENTICATED_VARIABLE_HEADER *) CacheVariable->CurrPtr)->TimeStamp), TimeStamp)) {
- CopyMem (&AuthVariable->TimeStamp, TimeStamp, sizeof (EFI_TIME));
-+ } else {
-+ CopyMem (&AuthVariable->TimeStamp, &(((AUTHENTICATED_VARIABLE_HEADER *) CacheVariable->CurrPtr)->TimeStamp), sizeof (EFI_TIME));
- }
- }
- }
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-MdePkg-Add-more-checker-in-UefiDecompressLib-to-acce.patch b/SOURCES/edk2-MdePkg-Add-more-checker-in-UefiDecompressLib-to-acce.patch
deleted file mode 100644
index 6fd94c1..0000000
--- a/SOURCES/edk2-MdePkg-Add-more-checker-in-UefiDecompressLib-to-acce.patch
+++ /dev/null
@@ -1,133 +0,0 @@
-From 41129e136b621728eb5cb1c81aafcc5fedc53a12 Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Wed, 24 Oct 2018 21:03:43 +0200
-Subject: [PATCH 2/4] MdePkg: Add more checker in UefiDecompressLib to access
- the valid buffer only (CVE FIX)
-
-Message-id: <20181024190345.15288-3-lersek@redhat.com>
-Patchwork-id: 82883
-O-Subject: [RHEL8 edk2 PATCH 2/4] MdePkg: Add more checker in UefiDecompressLib
- to access the valid buffer only (CVE FIX)
-Bugzilla: 1641449
-1641453
-1641464
-1641469
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-Acked-by: Thomas Huth <thuth@redhat.com>
-
-From: Liming Gao <liming.gao@intel.com>
-
---v-- RHEL8 note start --v--
-
-Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1641449
-Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1641453
-Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1641464
-Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1641469
-
-Unfortunately, the upstream patch series was not structured according to
-the CVE reports. This patch contributes to fixing:
-
-- CVE-2017-5732
-- CVE-2017-5733
-- CVE-2017-5734
-- CVE-2017-5735
-
-but not CVE-2017-5731 (contrarily to the upstream commit message). The
-best I could achieve up-stream was to get the "CVE FIX" expression into
-the subject, and a whole-sale dump of the CVEs into the body. I had not
-been invited to the original (off-list, embargoed) analysis and review.
-
-The trivial context difference (whitespace) is due to RHEL8 lacking
-upstream commit 9095d37b8fe5 ("MdePkg: Clean up source files",
-2018-06-28). I've considered backporting that (since it only cleans up
-whitespace). However, the diffstat on that commit convinced me otherwise:
-"729 files changed, 15667 insertions(+), 15667 deletions(-)". I've decided
-not to do a partial backport of that (i.e. just for
-"BaseUefiDecompressLib.c").
-
---^-- RHEL8 note end --^--
-
-Fix CVE-2017-5731,CVE-2017-5732,CVE-2017-5733,CVE-2017-5734,CVE-2017-5735
-https://bugzilla.tianocore.org/show_bug.cgi?id=686
-
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Holtsclaw Brent <brent.holtsclaw@intel.com>
-Signed-off-by: Liming Gao <liming.gao@intel.com>
-Reviewed-by: Star Zeng <star.zeng@intel.com>
-Acked-by: Laszlo Ersek <lersek@redhat.com>
-(cherry picked from commit 2ec7953d49677142c5f7552e9e3d96fb406ba0c4)
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
----
- .../BaseUefiDecompressLib/BaseUefiDecompressLib.c | 17 +++++++++++++++--
- 1 file changed, 15 insertions(+), 2 deletions(-)
-
-diff --git a/MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.c b/MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.c
-index e818543..0c6b1fe 100644
---- a/MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.c
-+++ b/MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.c
-@@ -152,6 +152,7 @@ MakeTable (
- UINT16 Mask;
- UINT16 WordOfStart;
- UINT16 WordOfCount;
-+ UINT16 MaxTableLength;
-
- //
- // The maximum mapping table width supported by this internal
-@@ -164,6 +165,9 @@ MakeTable (
- }
-
- for (Index = 0; Index < NumOfChar; Index++) {
-+ if (BitLen[Index] > 16) {
-+ return (UINT16) BAD_TABLE;
-+ }
- Count[BitLen[Index]]++;
- }
-
-@@ -205,6 +209,7 @@ MakeTable (
-
- Avail = NumOfChar;
- Mask = (UINT16) (1U << (15 - TableBits));
-+ MaxTableLength = (UINT16) (1U << TableBits);
-
- for (Char = 0; Char < NumOfChar; Char++) {
-
-@@ -218,6 +223,9 @@ MakeTable (
- if (Len <= TableBits) {
-
- for (Index = Start[Len]; Index < NextCode; Index++) {
-+ if (Index >= MaxTableLength) {
-+ return (UINT16) BAD_TABLE;
-+ }
- Table[Index] = Char;
- }
-
-@@ -620,11 +628,16 @@ Decode (
- // Write BytesRemain of bytes into mDstBase
- //
- BytesRemain--;
-+
- while ((INT16) (BytesRemain) >= 0) {
-- Sd->mDstBase[Sd->mOutBuf++] = Sd->mDstBase[DataIdx++];
- if (Sd->mOutBuf >= Sd->mOrigSize) {
- goto Done;
- }
-+ if (DataIdx >= Sd->mOrigSize) {
-+ Sd->mBadTableFlag = (UINT16) BAD_TABLE;
-+ goto Done;
-+ }
-+ Sd->mDstBase[Sd->mOutBuf++] = Sd->mDstBase[DataIdx++];
-
- BytesRemain--;
- }
-@@ -694,7 +707,7 @@ UefiDecompressGetInfo (
- }
-
- CompressedSize = ReadUnaligned32 ((UINT32 *)Source);
-- if (SourceSize < (CompressedSize + 8)) {
-+ if (SourceSize < (CompressedSize + 8) || (CompressedSize + 8) < 8) {
- return RETURN_INVALID_PARAMETER;
- }
-
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-MdePkg-BaseUefiDecompressLib-Fix-UEFI-Decompression-.patch b/SOURCES/edk2-MdePkg-BaseUefiDecompressLib-Fix-UEFI-Decompression-.patch
deleted file mode 100644
index 381062b..0000000
--- a/SOURCES/edk2-MdePkg-BaseUefiDecompressLib-Fix-UEFI-Decompression-.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-From c46469847b68f6a1a5b42feaf0de7a83fd0bed85 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
-Date: Wed, 9 Jan 2019 17:10:06 +0100
-Subject: [PATCH 2/4] MdePkg BaseUefiDecompressLib: Fix UEFI Decompression
- logic issue
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Message-id: <20190109161007.3471-3-philmd@redhat.com>
-Patchwork-id: 83923
-O-Subject: [RHEL8 edk2 PATCH 2/3] MdePkg BaseUefiDecompressLib: Fix UEFI
- Decompression logic issue
-Bugzilla: 1662184
-Acked-by: Laszlo Ersek <lersek@redhat.com>
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-
-From: Liming Gao <liming.gao@intel.com>
-
-https://bugzilla.tianocore.org/show_bug.cgi?id=1317
-
-This is a regression issue caused by 2ec7953d49677142c5f7552e9e3d96fb406ba0c4.
-In Decode() function, once mOutBuf is fully filled, Decode() should return.
-Current logic misses the checker of mOutBuf after while() loop.
-
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Liming Gao <liming.gao@intel.com>
-Cc: Michael Kinney <michael.d.kinney@intel.com>
-Reviewed-by: Yonghong Zhu <yonghong.zhu@intel.com>
-(cherry picked from commit 1c4cecc9fd314de0dce8125b0d4b45967637a401)
-Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
-Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
----
- MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.c b/MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.c
-index 0c6b1fe..8c30e97 100644
---- a/MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.c
-+++ b/MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.c
-@@ -641,6 +641,12 @@ Decode (
-
- BytesRemain--;
- }
-+ //
-+ // Once mOutBuf is fully filled, directly return
-+ //
-+ if (Sd->mOutBuf >= Sd->mOrigSize) {
-+ goto Done;
-+ }
- }
- }
-
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-NetworkPkg-UefiPxeBcDxe-Add-EXCLUSIVE-attribute-when.patch b/SOURCES/edk2-NetworkPkg-UefiPxeBcDxe-Add-EXCLUSIVE-attribute-when.patch
deleted file mode 100644
index 5c526b2..0000000
--- a/SOURCES/edk2-NetworkPkg-UefiPxeBcDxe-Add-EXCLUSIVE-attribute-when.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-From 1f2c35936d1731da26c3ed8d002785240853a742 Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Wed, 7 Nov 2018 11:25:57 +0100
-Subject: [PATCH] NetworkPkg: UefiPxeBcDxe: Add EXCLUSIVE attribute when
- opening SNP protocol installed by PXE.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Message-id: <20181107102557.9106-2-lersek@redhat.com>
-Patchwork-id: 82937
-O-Subject: [RHEL8 edk2 PATCH 1/1] NetworkPkg: UefiPxeBcDxe: Add EXCLUSIVE
- attribute when opening SNP protocol installed by PXE.
-Bugzilla: 1643377
-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
-
-From: "edk2-devel-bounces@lists.01.org" <edk2-devel-bounces@lists.01.org>
-
---v-- RHEL8 note start --v--
-
-Please see the analysis for this backport in
-<https://bugzilla.redhat.com/show_bug.cgi?id=1643377#c20> through
-<https://bugzilla.redhat.com/show_bug.cgi?id=1643377#c25>.
-
-There was a trivial conflict to resolve while cherry-picking the upstream
-commit; please refer to
-<https://bugzilla.redhat.com/show_bug.cgi?id=1643377#c28>.
-
---^-- RHEL8 note end --^--
-
-Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1152
-
-v2: Sync the same logic to Ipv6 and update code comments.
-
-The PXE driver installs a SNP and open this SNP with attribute BY_DRIVER
-to avoid it being opened by MNP driver, this SNP is also expected not to
-be opened by other drivers with EXCLUSIVE attribute. In some cases, other
-drivers may happen to do this by error, and thus cause a system crash.
-This patch adds EXCLUSIVE attribute when opening SNP in PXE driver, and
-will reject all OpenProtocol requests by EXCLUSIVE.
-
-Cc: Subramanian, Sriram <sriram-s@hpe.com>
-Cc: Ye Ting <ting.ye@intel.com>
-Cc: Fu Siyuan <siyuan.fu@intel.com>
-Cc: Wu Jiaxin <jiaxin.wu@intel.com>
-Contributed-under: TianoCore Contribution Agreement 1.1
-Signed-off-by: Wang Fan <fan.wang@intel.com>
-Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
-Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
-Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
-(cherry picked from commit cde5a72d365eff5b02b8330fef1c8d36fced08eb)
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
----
- NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c b/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c
-index 8dd787b..437cd6f 100644
---- a/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c
-+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c
-@@ -814,7 +814,7 @@ PxeBcCreateIp4Children (
- }
-
- //
-- // Open SNP on the child handle BY_DRIVER. It will prevent any additionally
-+ // Open SNP on the child handle BY_DRIVER|EXCLUSIVE. It will prevent any additionally
- // layering to perform the experiment.
- //
- Status = gBS->OpenProtocol (
-@@ -823,7 +823,7 @@ PxeBcCreateIp4Children (
- (VOID **) &Snp,
- This->DriverBindingHandle,
- Private->Ip4Nic->Controller,
-- EFI_OPEN_PROTOCOL_BY_DRIVER
-+ EFI_OPEN_PROTOCOL_BY_DRIVER|EFI_OPEN_PROTOCOL_EXCLUSIVE
- );
- if (EFI_ERROR (Status)) {
- goto ON_ERROR;
-@@ -1157,7 +1157,7 @@ PxeBcCreateIp6Children (
- }
-
- //
-- // Open SNP on the child handle BY_DRIVER. It will prevent any additionally
-+ // Open SNP on the child handle BY_DRIVER|EXCLUSIVE. It will prevent any additionally
- // layering to perform the experiment.
- //
- Status = gBS->OpenProtocol (
-@@ -1166,7 +1166,7 @@ PxeBcCreateIp6Children (
- (VOID **) &Snp,
- This->DriverBindingHandle,
- Private->Ip6Nic->Controller,
-- EFI_OPEN_PROTOCOL_BY_DRIVER
-+ EFI_OPEN_PROTOCOL_BY_DRIVER|EFI_OPEN_PROTOCOL_EXCLUSIVE
- );
- if (EFI_ERROR (Status)) {
- goto ON_ERROR;
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-OvmfPkg-PlatformPei-set-32-bit-UC-area-at-PciBase-Pc.patch b/SOURCES/edk2-OvmfPkg-PlatformPei-set-32-bit-UC-area-at-PciBase-Pc.patch
new file mode 100644
index 0000000..59cc788
--- /dev/null
+++ b/SOURCES/edk2-OvmfPkg-PlatformPei-set-32-bit-UC-area-at-PciBase-Pc.patch
@@ -0,0 +1,198 @@
+From 71c39f0fb0b9a3e9856cebc58ef3812752fd07cc Mon Sep 17 00:00:00 2001
+From: Laszlo Ersek <lersek@redhat.com>
+Date: Tue, 4 Jun 2019 11:06:45 +0200
+Subject: [PATCH 3/3] OvmfPkg/PlatformPei: set 32-bit UC area at PciBase /
+ PciExBarBase (pc/q35)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Message-id: <20190604090645.2847-4-lersek@redhat.com>
+Patchwork-id: 88483
+O-Subject: [RHEL-8.1.0 edk2 PATCH v2 3/3] OvmfPkg/PlatformPei: set 32-bit UC
+ area at PciBase / PciExBarBase (pc/q35)
+Bugzilla: 1666941
+Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+
+(This is a replacement for commit 39b9a5ffe661 ("OvmfPkg/PlatformPei: fix
+MTRR for low-RAM sizes that have many bits clear", 2019-05-16).)
+
+Reintroduce the same logic as seen in commit 39b9a5ffe661 for the pc
+(i440fx) board type.
+
+For q35, the same approach doesn't work any longer, given that (a) we'd
+like to keep the PCIEXBAR in the platform DSC a fixed-at-build PCD, and
+(b) QEMU expects the PCIEXBAR to reside at a lower address than the 32-bit
+PCI MMIO aperture.
+
+Therefore, introduce a helper function for determining the 32-bit
+"uncacheable" (MMIO) area base address:
+
+- On q35, this function behaves statically. Furthermore, the MTRR setup
+ exploits that the range [0xB000_0000, 0xFFFF_FFFF] can be marked UC with
+ just two variable MTRRs (one at 0xB000_0000 (size 256MB), another at
+ 0xC000_0000 (size 1GB)).
+
+- On pc (i440fx), the function behaves dynamically, implementing the same
+ logic as commit 39b9a5ffe661 did. The PciBase value is adjusted to the
+ value calculated, similarly to commit 39b9a5ffe661. A further
+ simplification is that we show that the UC32 area size truncation to a
+ whole power of two automatically guarantees a >=2GB base address.
+
+Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Cc: Gerd Hoffmann <kraxel@redhat.com>
+Cc: Jordan Justen <jordan.l.justen@intel.com>
+Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1859
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
+Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+(cherry picked from commit 49edde15230a5bfd6746225eb95535eaa2ec1ba4)
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+---
+ OvmfPkg/PlatformPei/MemDetect.c | 59 ++++++++++++++++++++++++++++++++++++++---
+ OvmfPkg/PlatformPei/Platform.c | 5 +++-
+ OvmfPkg/PlatformPei/Platform.h | 7 +++++
+ 3 files changed, 66 insertions(+), 5 deletions(-)
+
+diff --git a/OvmfPkg/PlatformPei/MemDetect.c b/OvmfPkg/PlatformPei/MemDetect.c
+index 2f9e835..0c38b70 100644
+--- a/OvmfPkg/PlatformPei/MemDetect.c
++++ b/OvmfPkg/PlatformPei/MemDetect.c
+@@ -20,6 +20,7 @@ Module Name:
+ // The package level header files this module uses
+ //
+ #include <IndustryStandard/E820.h>
++#include <IndustryStandard/I440FxPiix4.h>
+ #include <IndustryStandard/Q35MchIch9.h>
+ #include <PiPei.h>
+
+@@ -48,6 +49,8 @@ STATIC UINT32 mS3AcpiReservedMemorySize;
+
+ STATIC UINT16 mQ35TsegMbytes;
+
++UINT32 mQemuUc32Base;
++
+ VOID
+ Q35TsegMbytesInitialization (
+ VOID
+@@ -104,6 +107,54 @@ Q35TsegMbytesInitialization (
+ }
+
+
++VOID
++QemuUc32BaseInitialization (
++ VOID
++ )
++{
++ UINT32 LowerMemorySize;
++ UINT32 Uc32Size;
++
++ if (mXen) {
++ return;
++ }
++
++ if (mHostBridgeDevId == INTEL_Q35_MCH_DEVICE_ID) {
++ //
++ // On q35, the 32-bit area that we'll mark as UC, through variable MTRRs,
++ // starts at PcdPciExpressBaseAddress. The platform DSC is responsible for
++ // setting PcdPciExpressBaseAddress such that describing the
++ // [PcdPciExpressBaseAddress, 4GB) range require a very small number of
++ // variable MTRRs (preferably 1 or 2).
++ //
++ ASSERT (FixedPcdGet64 (PcdPciExpressBaseAddress) <= MAX_UINT32);
++ mQemuUc32Base = (UINT32)FixedPcdGet64 (PcdPciExpressBaseAddress);
++ return;
++ }
++
++ ASSERT (mHostBridgeDevId == INTEL_82441_DEVICE_ID);
++ //
++ // On i440fx, start with the [LowerMemorySize, 4GB) range. Make sure one
++ // variable MTRR suffices by truncating the size to a whole power of two,
++ // while keeping the end affixed to 4GB. This will round the base up.
++ //
++ LowerMemorySize = GetSystemMemorySizeBelow4gb ();
++ Uc32Size = GetPowerOfTwo32 ((UINT32)(SIZE_4GB - LowerMemorySize));
++ mQemuUc32Base = (UINT32)(SIZE_4GB - Uc32Size);
++ //
++ // Assuming that LowerMemorySize is at least 1 byte, Uc32Size is at most 2GB.
++ // Therefore mQemuUc32Base is at least 2GB.
++ //
++ ASSERT (mQemuUc32Base >= BASE_2GB);
++
++ if (mQemuUc32Base != LowerMemorySize) {
++ DEBUG ((DEBUG_VERBOSE, "%a: rounded UC32 base from 0x%x up to 0x%x, for "
++ "an UC32 size of 0x%x\n", __FUNCTION__, LowerMemorySize, mQemuUc32Base,
++ Uc32Size));
++ }
++}
++
++
+ /**
+ Iterate over the RAM entries in QEMU's fw_cfg E820 RAM map that start outside
+ of the 32-bit address range.
+@@ -694,11 +745,11 @@ QemuInitializeRam (
+ ASSERT_EFI_ERROR (Status);
+
+ //
+- // Set memory range from the "top of lower RAM" (RAM below 4GB) to 4GB as
+- // uncacheable
++ // Set the memory range from the start of the 32-bit MMIO area (32-bit PCI
++ // MMIO aperture on i440fx, PCIEXBAR on q35) to 4GB as uncacheable.
+ //
+- Status = MtrrSetMemoryAttribute (LowerMemorySize,
+- SIZE_4GB - LowerMemorySize, CacheUncacheable);
++ Status = MtrrSetMemoryAttribute (mQemuUc32Base, SIZE_4GB - mQemuUc32Base,
++ CacheUncacheable);
+ ASSERT_EFI_ERROR (Status);
+ }
+ }
+diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c
+index 64b8034..de19f5c 100644
+--- a/OvmfPkg/PlatformPei/Platform.c
++++ b/OvmfPkg/PlatformPei/Platform.c
+@@ -197,7 +197,8 @@ MemMapInitialization (
+ ASSERT (PciExBarBase <= MAX_UINT32 - SIZE_256MB);
+ PciBase = (UINT32)(PciExBarBase + SIZE_256MB);
+ } else {
+- PciBase = (TopOfLowRam < BASE_2GB) ? BASE_2GB : TopOfLowRam;
++ ASSERT (TopOfLowRam <= mQemuUc32Base);
++ PciBase = mQemuUc32Base;
+ }
+
+ //
+@@ -656,6 +657,8 @@ InitializePlatform (
+
+ PublishPeiMemory ();
+
++ QemuUc32BaseInitialization ();
++
+ InitializeRamRegions ();
+
+ if (mXen) {
+diff --git a/OvmfPkg/PlatformPei/Platform.h b/OvmfPkg/PlatformPei/Platform.h
+index b12a5c1..2b486ce 100644
+--- a/OvmfPkg/PlatformPei/Platform.h
++++ b/OvmfPkg/PlatformPei/Platform.h
+@@ -69,6 +69,11 @@ GetSystemMemorySizeBelow4gb (
+ );
+
+ VOID
++QemuUc32BaseInitialization (
++ VOID
++ );
++
++VOID
+ InitializeRamRegions (
+ VOID
+ );
+@@ -120,4 +125,6 @@ extern UINT32 mMaxCpuCount;
+
+ extern UINT16 mHostBridgeDevId;
+
++extern UINT32 mQemuUc32Base;
++
+ #endif // _PLATFORM_PEI_H_INCLUDED_
+--
+1.8.3.1
+
diff --git a/SOURCES/edk2-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch b/SOURCES/edk2-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch
new file mode 100644
index 0000000..7bfe17c
--- /dev/null
+++ b/SOURCES/edk2-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch
@@ -0,0 +1,75 @@
+From aaaedc1e2cfd55ef003fb1b5a37c73a196b26dc7 Mon Sep 17 00:00:00 2001
+From: Philippe Mathieu-Daude <philmd@redhat.com>
+Date: Thu, 1 Aug 2019 20:43:48 +0200
+Subject: [PATCH 2/3] OvmfPkg: QemuRamfbDxe: Do not report DXE failure on
+ Aarch64 silent builds (RH only)
+
+Message-id: <20190801184349.28512-3-philmd@redhat.com>
+Patchwork-id: 89861
+O-Subject: [RHEL-8.1.0 edk2 PATCH v4 2/3] OvmfPkg: QemuRamfbDxe: Do not report
+ DXE failure on Aarch64 silent builds (RH only)
+Bugzilla: 1714446
+Acked-by: Andrew Jones <drjones@redhat.com>
+Acked-by: Laszlo Ersek <lersek@redhat.com>
+
+To suppress an error message on the silent build when ramfb is
+not configured, change QemuRamfbDxe to return EFI_SUCCESS even
+when it fails.
+Some memory is wasted (driver stays resident without
+any good use), but it is mostly harmless, as the memory
+is released by the OS after ExitBootServices().
+
+Suggested-by: Laszlo Ersek <lersek@redhat.com>
+Signed-off-by: Philippe Mathieu-Daude <philmd@redhat.com>
+---
+ OvmfPkg/QemuRamfbDxe/QemuRamfb.c | 14 ++++++++++++++
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf | 1 +
+ 2 files changed, 15 insertions(+)
+
+diff --git a/OvmfPkg/QemuRamfbDxe/QemuRamfb.c b/OvmfPkg/QemuRamfbDxe/QemuRamfb.c
+index b49f2ca..c27e55f 100644
+--- a/OvmfPkg/QemuRamfbDxe/QemuRamfb.c
++++ b/OvmfPkg/QemuRamfbDxe/QemuRamfb.c
+@@ -20,6 +20,7 @@
+ #include <Library/BaseLib.h>
+ #include <Library/BaseMemoryLib.h>
+ #include <Library/DebugLib.h>
++#include <Library/DebugPrintErrorLevelLib.h>
+ #include <Library/DevicePathLib.h>
+ #include <Library/FrameBufferBltLib.h>
+ #include <Library/MemoryAllocationLib.h>
+@@ -249,6 +250,19 @@ InitializeQemuRamfb (
+
+ Status = QemuFwCfgFindFile ("etc/ramfb", &mRamfbFwCfgItem, &FwCfgSize);
+ if (EFI_ERROR (Status)) {
++#if defined (MDE_CPU_AARCH64)
++ //
++ // RHBZ#1714446
++ // If no ramfb device was configured, this platform DXE driver should
++ // returns EFI_NOT_FOUND, so the DXE Core can unload it. However, even
++ // using a silent build, an error message is issued to the guest console.
++ // Since this confuse users, return success and stay resident. The wasted
++ // guest RAM still gets freed later after ExitBootServices().
++ //
++ if (GetDebugPrintErrorLevel () == DEBUG_ERROR) {
++ return EFI_SUCCESS;
++ }
++#endif
+ return EFI_NOT_FOUND;
+ }
+ if (FwCfgSize != sizeof (RAMFB_CONFIG)) {
+diff --git a/OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf b/OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
+index 013edef..f9e24cb 100644
+--- a/OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
++++ b/OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
+@@ -36,6 +36,7 @@
+ BaseLib
+ BaseMemoryLib
+ DebugLib
++ DebugPrintErrorLevelLib
+ DevicePathLib
+ FrameBufferBltLib
+ MemoryAllocationLib
+--
+1.8.3.1
+
diff --git a/SOURCES/edk2-OvmfPkg-raise-the-PCIEXBAR-base-to-2816-MB-on-Q35.patch b/SOURCES/edk2-OvmfPkg-raise-the-PCIEXBAR-base-to-2816-MB-on-Q35.patch
new file mode 100644
index 0000000..4aae125
--- /dev/null
+++ b/SOURCES/edk2-OvmfPkg-raise-the-PCIEXBAR-base-to-2816-MB-on-Q35.patch
@@ -0,0 +1,109 @@
+From d362291ada9ee22316e3c069dc788c4c801b0796 Mon Sep 17 00:00:00 2001
+From: Laszlo Ersek <lersek@redhat.com>
+Date: Tue, 4 Jun 2019 11:06:44 +0200
+Subject: [PATCH 2/3] OvmfPkg: raise the PCIEXBAR base to 2816 MB on Q35
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Message-id: <20190604090645.2847-3-lersek@redhat.com>
+Patchwork-id: 88481
+O-Subject: [RHEL-8.1.0 edk2 PATCH v2 2/3] OvmfPkg: raise the PCIEXBAR base to
+ 2816 MB on Q35
+Bugzilla: 1666941
+Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+
+(This is a replacement for commit 75136b29541b, "OvmfPkg/PlatformPei:
+reorder the 32-bit PCI window vs. the PCIEXBAR on q35", 2019-05-16).
+
+Commit 7b8fe63561b4 ("OvmfPkg: PlatformPei: enable PCIEXBAR (aka MMCONFIG
+/ ECAM) on Q35", 2016-03-10) claimed that,
+
+ On Q35 machine types that QEMU intends to support in the long term, QEMU
+ never lets the RAM below 4 GB exceed 2 GB.
+
+Alas, this statement came from a misunderstanding that occurred while we
+worked out the interface contract. In fact QEMU does allow the 32-bit RAM
+extend up to 0xB000_0000 (exclusive), in case the RAM size falls in the
+range (0x8000_0000, 0xB000_0000) (i.e., the RAM size is greater than
+2048MB and smaller than 2816MB).
+
+In turn, such a RAM size (justifiedly) triggers
+
+ ASSERT (TopOfLowRam <= PciExBarBase);
+
+in MemMapInitialization(), because we placed the 256MB PCIEXBAR at
+0x8000_0000 (2GB) exactly, relying on the interface contract. (And, the
+32-bit PCI window would follow the PCIEXBAR, covering the [0x9000_0000,
+0xFC00_0000) range.)
+
+In order to fix this, place the PCIEXBAR at 2816MB (0xB000_0000), and
+start the 32-bit PCI window at 3 GB (0xC000_0000). This shrinks the 32-bit
+PCI window to
+
+ 0xFC00_0000 - 0xC000_0000 = 0x3C00_0000 = 960 MB.
+
+Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Cc: Gerd Hoffmann <kraxel@redhat.com>
+Cc: Jordan Justen <jordan.l.justen@intel.com>
+Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1859
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
+Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+(cherry picked from commit b07de0974b65a6a393c2d477427d1d6c7acce002)
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+---
+ OvmfPkg/OvmfPkgIa32.dsc | 4 ++--
+ OvmfPkg/OvmfPkgIa32X64.dsc | 4 ++--
+ OvmfPkg/OvmfPkgX64.dsc | 4 ++--
+ 3 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
+index bbf5e38..cf5f2ea 100644
+--- a/OvmfPkg/OvmfPkgIa32.dsc
++++ b/OvmfPkg/OvmfPkgIa32.dsc
+@@ -497,8 +497,8 @@
+ # the PCIEXBAR register.
+ #
+ # On Q35 machine types that QEMU intends to support in the long term, QEMU
+- # never lets the RAM below 4 GB exceed 2 GB.
+- gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress|0x80000000
++ # never lets the RAM below 4 GB exceed 2816 MB.
++ gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress|0xB0000000
+
+ !ifdef $(SOURCE_DEBUG_ENABLE)
+ gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2
+diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
+index 3ec1b91..5a24065 100644
+--- a/OvmfPkg/OvmfPkgIa32X64.dsc
++++ b/OvmfPkg/OvmfPkgIa32X64.dsc
+@@ -502,8 +502,8 @@
+ # the PCIEXBAR register.
+ #
+ # On Q35 machine types that QEMU intends to support in the long term, QEMU
+- # never lets the RAM below 4 GB exceed 2 GB.
+- gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress|0x80000000
++ # never lets the RAM below 4 GB exceed 2816 MB.
++ gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress|0xB0000000
+
+ !ifdef $(SOURCE_DEBUG_ENABLE)
+ gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2
+diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
+index ea54b4b..6ab50c9 100644
+--- a/OvmfPkg/OvmfPkgX64.dsc
++++ b/OvmfPkg/OvmfPkgX64.dsc
+@@ -502,8 +502,8 @@
+ # the PCIEXBAR register.
+ #
+ # On Q35 machine types that QEMU intends to support in the long term, QEMU
+- # never lets the RAM below 4 GB exceed 2 GB.
+- gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress|0x80000000
++ # never lets the RAM below 4 GB exceed 2816 MB.
++ gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress|0xB0000000
+
+ !ifdef $(SOURCE_DEBUG_ENABLE)
+ gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2
+--
+1.8.3.1
+
diff --git a/SOURCES/edk2-aarch64-verbose.json b/SOURCES/edk2-aarch64-verbose.json
new file mode 100644
index 0000000..ceec878
--- /dev/null
+++ b/SOURCES/edk2-aarch64-verbose.json
@@ -0,0 +1,31 @@
+{
+ "description": "UEFI firmware for ARM64 virtual machines, verbose logs",
+ "interface-types": [
+ "uefi"
+ ],
+ "mapping": {
+ "device": "flash",
+ "executable": {
+ "filename": "/usr/share/edk2/aarch64/QEMU_EFI-pflash.raw",
+ "format": "raw"
+ },
+ "nvram-template": {
+ "filename": "/usr/share/edk2/aarch64/vars-template-pflash.raw",
+ "format": "raw"
+ }
+ },
+ "targets": [
+ {
+ "architecture": "aarch64",
+ "machines": [
+ "virt-*"
+ ]
+ }
+ ],
+ "features": [
+ "verbose-static"
+ ],
+ "tags": [
+
+ ]
+}
diff --git a/SOURCES/edk2-aarch64.json b/SOURCES/edk2-aarch64.json
new file mode 100644
index 0000000..c5a73cb
--- /dev/null
+++ b/SOURCES/edk2-aarch64.json
@@ -0,0 +1,31 @@
+{
+ "description": "UEFI firmware for ARM64 virtual machines",
+ "interface-types": [
+ "uefi"
+ ],
+ "mapping": {
+ "device": "flash",
+ "executable": {
+ "filename": "/usr/share/edk2/aarch64/QEMU_EFI-silent-pflash.raw",
+ "format": "raw"
+ },
+ "nvram-template": {
+ "filename": "/usr/share/edk2/aarch64/vars-template-pflash.raw",
+ "format": "raw"
+ }
+ },
+ "targets": [
+ {
+ "architecture": "aarch64",
+ "machines": [
+ "virt-*"
+ ]
+ }
+ ],
+ "features": [
+
+ ],
+ "tags": [
+
+ ]
+}
diff --git a/SOURCES/edk2-advertise-OpenSSL-due-to-IPv6-enablement-too-RHEL-on.patch b/SOURCES/edk2-advertise-OpenSSL-due-to-IPv6-enablement-too-RHEL-on.patch
deleted file mode 100644
index 250879f..0000000
--- a/SOURCES/edk2-advertise-OpenSSL-due-to-IPv6-enablement-too-RHEL-on.patch
+++ /dev/null
@@ -1,154 +0,0 @@
-From 02ed2c501cdd56e9c404bdc8eac0abb9dfd5a04c Mon Sep 17 00:00:00 2001
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Wed, 18 Jul 2018 00:18:20 +0200
-Subject: [PATCH 4/6] advertise OpenSSL due to IPv6 enablement too (RHEL only)
-
-Message-id: <20180717221822.13110-4-lersek@redhat.com>
-Patchwork-id: 81378
-O-Subject: [RHEL8/virt212 edk2 PATCH 3/5] advertise OpenSSL due to IPv6
- enablement too (RHEL only)
-Bugzilla: 1536627
-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
-Acked-by: Wei Huang <wei@redhat.com>
-
-With "-D NETWORK_IP6_ENABLE", we pull the IPv6-enabled IScsiDxe driver
-into the edk2-ovmf and edk2-aarch64 builds. That driver depends on OpenSSL
-(the crypto part only, not the ssl part). Accordingly, extend our
-(downstream-only) OpenSSL advertisment to NETWORK_IP6_ENABLE.
-
-(At the next rebase, this patch will be squashed into commit "advertise
-OpenSSL on TianoCore splash screen / boot logo (RHEL only)".)
-
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
----
- ArmVirtPkg/ArmVirtQemu.dsc | 2 +-
- ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 2 +-
- ArmVirtPkg/ArmVirtQemuKernel.dsc | 2 +-
- OvmfPkg/OvmfPkgIa32.dsc | 2 +-
- OvmfPkg/OvmfPkgIa32.fdf | 2 +-
- OvmfPkg/OvmfPkgIa32X64.dsc | 2 +-
- OvmfPkg/OvmfPkgIa32X64.fdf | 2 +-
- OvmfPkg/OvmfPkgX64.dsc | 2 +-
- OvmfPkg/OvmfPkgX64.fdf | 2 +-
- 9 files changed, 9 insertions(+), 9 deletions(-)
-
-diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
-index 41ff17d..7091b6c 100644
---- a/ArmVirtPkg/ArmVirtQemu.dsc
-+++ b/ArmVirtPkg/ArmVirtQemu.dsc
-@@ -332,7 +332,7 @@
- MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
- MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf
- MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
--!if $(SECURE_BOOT_ENABLE) == TRUE
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(NETWORK_IP6_ENABLE) == TRUE)
- MdeModulePkg/Logo/LogoOpenSSLDxe.inf
- !else
- MdeModulePkg/Logo/LogoDxe.inf
-diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
-index 82d9cbd..a3f5fa9 100644
---- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
-+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
-@@ -201,7 +201,7 @@ READ_LOCK_STATUS = TRUE
- #
- # TianoCore logo (splash screen)
- #
--!if $(SECURE_BOOT_ENABLE) == TRUE
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(NETWORK_IP6_ENABLE) == TRUE)
- INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf
- !else
- INF MdeModulePkg/Logo/LogoDxe.inf
-diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
-index 83fc12f..5730633 100644
---- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
-+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
-@@ -315,7 +315,7 @@
- MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
- MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf
- MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
--!if $(SECURE_BOOT_ENABLE) == TRUE
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(NETWORK_IP6_ENABLE) == TRUE)
- MdeModulePkg/Logo/LogoOpenSSLDxe.inf
- !else
- MdeModulePkg/Logo/LogoDxe.inf
-diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
-index f6d7833..bef8df9 100644
---- a/OvmfPkg/OvmfPkgIa32.dsc
-+++ b/OvmfPkg/OvmfPkgIa32.dsc
-@@ -688,7 +688,7 @@
- NULL|IntelFrameworkModulePkg/Library/LegacyBootManagerLib/LegacyBootManagerLib.inf
- !endif
- }
--!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(NETWORK_IP6_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
- MdeModulePkg/Logo/LogoOpenSSLDxe.inf
- !else
- MdeModulePkg/Logo/LogoDxe.inf
-diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
-index 73007dd..43f80cd 100644
---- a/OvmfPkg/OvmfPkgIa32.fdf
-+++ b/OvmfPkg/OvmfPkgIa32.fdf
-@@ -297,7 +297,7 @@ INF RuleOverride = BINARY EdkShellBinPkg/FullShell/FullShell.inf
- !endif
- !endif
-
--!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(NETWORK_IP6_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
- INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf
- !else
- INF MdeModulePkg/Logo/LogoDxe.inf
-diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
-index d6e628b..2085848 100644
---- a/OvmfPkg/OvmfPkgIa32X64.dsc
-+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
-@@ -697,7 +697,7 @@
- NULL|IntelFrameworkModulePkg/Library/LegacyBootManagerLib/LegacyBootManagerLib.inf
- !endif
- }
--!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(NETWORK_IP6_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
- MdeModulePkg/Logo/LogoOpenSSLDxe.inf
- !else
- MdeModulePkg/Logo/LogoDxe.inf
-diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
-index 116b3c6..d858012 100644
---- a/OvmfPkg/OvmfPkgIa32X64.fdf
-+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
-@@ -298,7 +298,7 @@ INF RuleOverride = BINARY USE = X64 EdkShellBinPkg/FullShell/FullShell.inf
- !endif
- !endif
-
--!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(NETWORK_IP6_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
- INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf
- !else
- INF MdeModulePkg/Logo/LogoDxe.inf
-diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
-index a9fe89c..7bcb9fa 100644
---- a/OvmfPkg/OvmfPkgX64.dsc
-+++ b/OvmfPkg/OvmfPkgX64.dsc
-@@ -695,7 +695,7 @@
- NULL|IntelFrameworkModulePkg/Library/LegacyBootManagerLib/LegacyBootManagerLib.inf
- !endif
- }
--!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(NETWORK_IP6_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
- MdeModulePkg/Logo/LogoOpenSSLDxe.inf
- !else
- MdeModulePkg/Logo/LogoDxe.inf
-diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
-index 84d5845..41ce2d0 100644
---- a/OvmfPkg/OvmfPkgX64.fdf
-+++ b/OvmfPkg/OvmfPkgX64.fdf
-@@ -298,7 +298,7 @@ INF RuleOverride = BINARY EdkShellBinPkg/FullShell/FullShell.inf
- !endif
- !endif
-
--!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
-+!if ($(SECURE_BOOT_ENABLE) == TRUE) || ($(NETWORK_IP6_ENABLE) == TRUE) || ($(TLS_ENABLE) == TRUE)
- INF MdeModulePkg/Logo/LogoOpenSSLDxe.inf
- !else
- INF MdeModulePkg/Logo/LogoDxe.inf
---
-1.8.3.1
-
diff --git a/SOURCES/edk2-ovmf-sb.json b/SOURCES/edk2-ovmf-sb.json
new file mode 100644
index 0000000..a0203e8
--- /dev/null
+++ b/SOURCES/edk2-ovmf-sb.json
@@ -0,0 +1,36 @@
+{
+ "description": "OVMF with SB+SMM, SB enabled, MS certs enrolled",
+ "interface-types": [
+ "uefi"
+ ],
+ "mapping": {
+ "device": "flash",
+ "executable": {
+ "filename": "/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd",
+ "format": "raw"
+ },
+ "nvram-template": {
+ "filename": "/usr/share/edk2/ovmf/OVMF_VARS.secboot.fd",
+ "format": "raw"
+ }
+ },
+ "targets": [
+ {
+ "architecture": "x86_64",
+ "machines": [
+ "pc-q35-*"
+ ]
+ }
+ ],
+ "features": [
+ "acpi-s3",
+ "amd-sev",
+ "enrolled-keys",
+ "requires-smm",
+ "secure-boot",
+ "verbose-dynamic"
+ ],
+ "tags": [
+
+ ]
+}
diff --git a/SOURCES/edk2-ovmf.json b/SOURCES/edk2-ovmf.json
new file mode 100644
index 0000000..74d00e3
--- /dev/null
+++ b/SOURCES/edk2-ovmf.json
@@ -0,0 +1,35 @@
+{
+ "description": "OVMF with SB+SMM, empty varstore",
+ "interface-types": [
+ "uefi"
+ ],
+ "mapping": {
+ "device": "flash",
+ "executable": {
+ "filename": "/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd",
+ "format": "raw"
+ },
+ "nvram-template": {
+ "filename": "/usr/share/edk2/ovmf/OVMF_VARS.fd",
+ "format": "raw"
+ }
+ },
+ "targets": [
+ {
+ "architecture": "x86_64",
+ "machines": [
+ "pc-q35-*"
+ ]
+ }
+ ],
+ "features": [
+ "acpi-s3",
+ "amd-sev",
+ "requires-smm",
+ "secure-boot",
+ "verbose-dynamic"
+ ],
+ "tags": [
+
+ ]
+}
diff --git a/SPECS/edk2.spec b/SPECS/edk2.spec
index 7891d55..85fe4fd 100644
--- a/SPECS/edk2.spec
+++ b/SPECS/edk2.spec
@@ -1,13 +1,13 @@
ExclusiveArch: x86_64 aarch64
-%define GITDATE 20180508
-%define GITCOMMIT ee3198e672e2
+%define GITDATE 20190308
+%define GITCOMMIT 89910a39dcfd
%define TOOLCHAIN GCC5
-%define OPENSSL_VER 1.1.0h
+%define OPENSSL_VER 1.1.0i
Name: edk2
Version: %{GITDATE}git%{GITCOMMIT}
-Release: 9%{?dist}.1
+Release: 6%{?dist}
Summary: UEFI firmware for 64-bit virtual machines
Group: Applications/Emulators
License: BSD and OpenSSL and MIT
@@ -19,10 +19,15 @@ URL: http://www.tianocore.org
# | xz -9ev >/tmp/edk2-$COMMIT.tar.xz
Source0: http://batcave.lab.eng.brq.redhat.com/www/edk2-%{GITCOMMIT}.tar.xz
Source1: ovmf-whitepaper-c770f8c.txt
-Source2: openssl-fedora-264133c642cdb6fc916f1d9bba9db4cb4cd4a17c.tar.xz
+Source2: openssl-fedora-d2ede125556ac99aa0faa7744c703af3f559094e.tar.xz
Source3: ovmf-vars-generator
Source4: LICENSE.qosb
+Source10: edk2-aarch64-verbose.json
+Source11: edk2-aarch64.json
+Source12: edk2-ovmf-sb.json
+Source13: edk2-ovmf.json
+
Patch0003: 0003-advertise-OpenSSL-on-TianoCore-splash-screen-boot-lo.patch
Patch0004: 0004-OvmfPkg-increase-max-debug-message-length-to-512-RHE.patch
Patch0005: 0005-OvmfPkg-QemuVideoDxe-enable-debug-messages-in-VbeShi.patch
@@ -37,62 +42,26 @@ Patch0013: 0013-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch
Patch0014: 0014-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch
Patch0015: 0015-ArmVirtPkg-set-early-hello-message-RH-only.patch
Patch0016: 0016-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch
-Patch0017: 0017-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-QemuVide.patch
-Patch0018: 0018-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch
-Patch0019: 0019-OvmfPkg-PlatformBootManagerLib-connect-consoles-unco.patch
-Patch0020: 0020-ArmVirtPkg-PlatformBootManagerLib-connect-Virtio-RNG.patch
-Patch0021: 0021-OvmfPkg-PlatformBootManagerLib-connect-Virtio-RNG-de.patch
-Patch0027: 0027-BaseTools-tools_def-add-fno-unwind-tables-to-GCC_AAR.patch
-# For bz#1536627 - IPv6 enablement in OVMF
-Patch35: edk2-ArmVirtPkg-unify-HttpLib-resolutions-in-ArmVirt.dsc..patch
-# For bz#1536627 - IPv6 enablement in OVMF
-Patch36: edk2-ArmVirtPkg-ArmVirtQemu-enable-the-IPv6-stack.patch
-# For bz#1536627 - IPv6 enablement in OVMF
-Patch37: edk2-advertise-OpenSSL-due-to-IPv6-enablement-too-RHEL-on.patch
-# For bz#1607906 - edk2-tools: Does not use RPM build flags
-Patch38: edk2-BaseTools-footer.makefile-expand-BUILD_CFLAGS-last-f.patch
-# For bz#1607906 - edk2-tools: Does not use RPM build flags
-Patch39: edk2-BaseTools-header.makefile-remove-c-from-BUILD_CFLAGS.patch
-# For bz#1607906 - edk2-tools: Does not use RPM build flags
-Patch40: edk2-BaseTools-Source-C-split-O2-to-BUILD_OPTFLAGS.patch
-# For bz#1607906 - edk2-tools: Does not use RPM build flags
-Patch41: edk2-BaseTools-Source-C-take-EXTRA_OPTFLAGS-from-the-call.patch
-# For bz#1607906 - edk2-tools: Does not use RPM build flags
-Patch42: edk2-BaseTools-Source-C-take-EXTRA_LDFLAGS-from-the-calle.patch
-# For bz#1607906 - edk2-tools: Does not use RPM build flags
-Patch43: edk2-BaseTools-VfrCompile-honor-EXTRA_LDFLAGS.patch
-# For bz#1641436 - CVE-2018-3613 edk2: Logic error in MdeModulePkg in EDK II firmware allows for privilege escalation by authenticated users [rhel-8]
-Patch44: edk2-MdeModulePkg-Variable-Fix-Timestamp-zeroing-issue-on.patch
-# For bz#1641449 - CVE-2017-5732 edk2: Privilege escalation via processing of malformed files in BaseUefiDecompressLib.c [rhel-8]
-# For bz#1641453 - CVE-2017-5733 edk2: Privilege escalation via heap-based buffer overflow in MakeTable() function [rhel-8]
-# For bz#1641464 - CVE-2017-5734 edk2: Privilege escalation via stack-based buffer overflow in MakeTable() function [rhel-8]
-# For bz#1641469 - CVE-2017-5735 edk2: Privilege escalation via heap-based buffer overflow in Decode() function [rhel-8]
-Patch45: edk2-MdePkg-Add-more-checker-in-UefiDecompressLib-to-acce.patch
-# For bz#1641453 - CVE-2017-5733 edk2: Privilege escalation via heap-based buffer overflow in MakeTable() function [rhel-8]
-# For bz#1641464 - CVE-2017-5734 edk2: Privilege escalation via stack-based buffer overflow in MakeTable() function [rhel-8]
-# For bz#1641469 - CVE-2017-5735 edk2: Privilege escalation via heap-based buffer overflow in Decode() function [rhel-8]
-Patch46: edk2-IntelFrameworkModulePkg-Add-more-checker-in-UefiTian.patch
-# For bz#1641445 - CVE-2017-5731 edk2: Privilege escalation via processing of malformed files in TianoCompress.c [rhel-8]
-# For bz#1641453 - CVE-2017-5733 edk2: Privilege escalation via heap-based buffer overflow in MakeTable() function [rhel-8]
-# For bz#1641464 - CVE-2017-5734 edk2: Privilege escalation via stack-based buffer overflow in MakeTable() function [rhel-8]
-# For bz#1641469 - CVE-2017-5735 edk2: Privilege escalation via heap-based buffer overflow in Decode() function [rhel-8]
-Patch47: edk2-BaseTools-Add-more-checker-in-Decompress-algorithm-t.patch
-# For bz#1643377 - Exception when grubx64.efi used for UEFI netboot
-Patch48: edk2-NetworkPkg-UefiPxeBcDxe-Add-EXCLUSIVE-attribute-when.patch
-# For bz#1662184 - backport fix for (theoretical?) regression introduced by earlier CVE fixes
-Patch49: edk2-BaseTools-Fix-UEFI-and-Tiano-Decompression-logic-iss.patch
-# For bz#1662184 - backport fix for (theoretical?) regression introduced by earlier CVE fixes
-Patch50: edk2-MdePkg-BaseUefiDecompressLib-Fix-UEFI-Decompression-.patch
-# For bz#1662184 - backport fix for (theoretical?) regression introduced by earlier CVE fixes
-Patch51: edk2-IntelFrameworkModulePkg-Fix-UEFI-and-Tiano-Decompres.patch
-# For bz#1690501 - CVE-2018-12180 edk2: Buffer Overflow in BlockIo service for RAM disk [rhel-8.0.0.z]
-Patch52: edk2-MdeModulePkg-PartitionDxe-Ensure-blocksize-holds-MBR.patch
-# For bz#1690501 - CVE-2018-12180 edk2: Buffer Overflow in BlockIo service for RAM disk [rhel-8.0.0.z]
-Patch53: edk2-MdeModulePkg-RamDiskDxe-Restrict-on-RAM-disk-size-CV.patch
-
-
-# python2-devel and libuuid-devel are required for building tools
-BuildRequires: python2-devel
+Patch0017: 0017-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch
+Patch0018: 0018-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch
+Patch0019: 0019-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch
+Patch0026: 0026-Downgrade-CryptoPkg-INF-files-to-OpenSSL-1.1.0i-RH-o.patch
+# For bz#1666941 - UEFI guest cannot boot into os when setting some special memory size
+Patch27: edk2-OvmfPkg-raise-the-PCIEXBAR-base-to-2816-MB-on-Q35.patch
+# For bz#1666941 - UEFI guest cannot boot into os when setting some special memory size
+Patch28: edk2-OvmfPkg-PlatformPei-set-32-bit-UC-area-at-PciBase-Pc.patch
+# For bz#1714446 - edk2-aarch64 silent build is not silent enough
+Patch29: edk2-ArmVirtPkg-silence-DEBUG_VERBOSE-masking-0x00400000-.patch
+# For bz#1714446 - edk2-aarch64 silent build is not silent enough
+Patch30: edk2-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch
+# For bz#1714446 - edk2-aarch64 silent build is not silent enough
+Patch31: edk2-ArmPkg-DebugPeCoffExtraActionLib-debugger-commands-a.patch
+
+
+# python3-devel and libuuid-devel are required for building tools.
+# python3-devel is also needed for varstore template generation and
+# verification with "ovmf-vars-generator".
+BuildRequires: python3-devel
BuildRequires: libuuid-devel
BuildRequires: /usr/bin/iasl
BuildRequires: binutils gcc git
@@ -116,10 +85,6 @@ BuildRequires: qemu-kvm
BuildRequires: kernel-core
BuildRequires: rpmdevtools
-# For orchestrating the above two steps (varstore generation and verification),
-# we need to launch "ovmf-vars-generator" -- which we run on Python 3.
-BuildRequires: python3-devel
-
%package ovmf
Summary: UEFI firmware for x86_64 virtual machines
BuildArch: noarch
@@ -186,10 +151,7 @@ environment for the UEFI and PI specifications. This package contains sample
%prep
%setup -q -n edk2-%{GITCOMMIT}
-# Ensure old shell and binary packages are not used
-rm -rf EdkShellBinPkg
-rm -rf EdkShellPkg
-rm -rf FatBinPkg
+# Ensure binary packages are not used
rm -rf ShellBinPkg
%{lua:
@@ -228,16 +190,14 @@ echo "Applied $COUNT patches"
rm -f $PATCHLIST
cp -a -- %{SOURCE1} %{SOURCE3} .
+cp -a -- %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} .
tar -C CryptoPkg/Library/OpensslLib -a -f %{SOURCE2} -x
# Done by %setup, but we do not use it for the auxiliary tarballs
chmod -Rf a+rX,u+w,g-w,o-w .
%build
-# For the time being, we need Python 2 for the build. See RHBZ 1593429 and
-# <https://url.corp.redhat.com/rhel8-py2>.
-export RHEL_ALLOW_PYTHON2_FOR_BUILD=1
-
+export PYTHON_COMMAND=%{__python3}
source ./edksetup.sh
make -C "$EDK_TOOLS_PATH" \
EXTRA_OPTFLAGS="%{optflags}" \
@@ -255,12 +215,13 @@ CC_FLAGS="$CC_FLAGS -D NETWORK_IP6_ENABLE"
%ifarch x86_64
# Build with neither SB nor SMM; include UEFI shell.
-build ${CC_FLAGS} -D FD_SIZE_4MB -a X64 -p OvmfPkg/OvmfPkgX64.dsc
+build ${CC_FLAGS} -D TPM2_ENABLE -D FD_SIZE_4MB -a X64 \
+ -p OvmfPkg/OvmfPkgX64.dsc
# Build with SB and SMM; exclude UEFI shell.
build -D SECURE_BOOT_ENABLE -D EXCLUDE_SHELL_FROM_FD ${CC_FLAGS} \
-a IA32 -a X64 -p OvmfPkg/OvmfPkgIa32X64.dsc -D SMM_REQUIRE \
- -D FD_SIZE_4MB
+ -D TPM2_ENABLE -D FD_SIZE_4MB
# Sanity check: the varstore templates must be identical.
cmp Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \
@@ -326,6 +287,7 @@ build ${CC_FLAGS} -a AARCH64 \
%install
cp -a License.txt License.edk2.txt
+mkdir -p $RPM_BUILD_ROOT%{_datadir}/qemu/firmware
%ifarch x86_64
mkdir -p \
@@ -358,6 +320,11 @@ install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/Shell.efi \
install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/EnrollDefaultKeys.efi \
$RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/EnrollDefaultKeys.efi
+install -m 0644 edk2-ovmf-sb.json \
+ $RPM_BUILD_ROOT%{_datadir}/qemu/firmware/40-edk2-ovmf-sb.json
+install -m 0644 edk2-ovmf.json \
+ $RPM_BUILD_ROOT%{_datadir}/qemu/firmware/50-edk2-ovmf.json
+
%else
mkdir -p \
$RPM_BUILD_ROOT%{_datadir}/AAVMF \
@@ -397,6 +364,11 @@ install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \
install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_VARS.fd \
$RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64/QEMU_VARS.fd
+install -m 0644 edk2-aarch64.json \
+ $RPM_BUILD_ROOT%{_datadir}/qemu/firmware/60-edk2-aarch64.json
+install -m 0644 edk2-aarch64-verbose.json \
+ $RPM_BUILD_ROOT%{_datadir}/qemu/firmware/70-edk2-aarch64-verbose.json
+
%endif
cp -a CryptoPkg/Library/OpensslLib/openssl/LICENSE LICENSE.openssl
@@ -427,6 +399,8 @@ install BaseTools/Scripts/GccBase.lds \
%license OvmfPkg/License.txt
%license LICENSE.openssl
%dir %{_datadir}/%{name}/
+%dir %{_datadir}/qemu
+%dir %{_datadir}/qemu/firmware
%ifarch x86_64
%doc OvmfPkg/README
@@ -447,6 +421,8 @@ install BaseTools/Scripts/GccBase.lds \
%{_datadir}/OVMF/UefiShell.iso
%{_datadir}/%{name}/ovmf/Shell.efi
%{_datadir}/%{name}/ovmf/EnrollDefaultKeys.efi
+%{_datadir}/qemu/firmware/40-edk2-ovmf-sb.json
+%{_datadir}/qemu/firmware/50-edk2-ovmf.json
%else
%dir %{_datadir}/AAVMF/
@@ -460,23 +436,20 @@ install BaseTools/Scripts/GccBase.lds \
%{_datadir}/%{name}/aarch64/QEMU_EFI.fd
%{_datadir}/%{name}/aarch64/QEMU_EFI.silent.fd
%{_datadir}/%{name}/aarch64/QEMU_VARS.fd
+%{_datadir}/qemu/firmware/60-edk2-aarch64.json
+%{_datadir}/qemu/firmware/70-edk2-aarch64-verbose.json
%endif
%files tools
%license License.txt
-%{_bindir}/BootSectImage
%{_bindir}/Brotli
%{_bindir}/DevicePath
-%{_bindir}/EfiLdrImage
%{_bindir}/EfiRom
%{_bindir}/GenCrc32
%{_bindir}/GenFfs
%{_bindir}/GenFv
%{_bindir}/GenFw
-%{_bindir}/GenPage
%{_bindir}/GenSec
-%{_bindir}/GenVtf
-%{_bindir}/GnuGenBootSector
%{_bindir}/LzmaCompress
%{_bindir}/LzmaF86Compress
%{_bindir}/Split
@@ -515,11 +488,31 @@ true
%endif
%changelog
-* Tue Mar 26 2019 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 20180508gitee3198e672e2-9.el8_0
-- edk2-MdeModulePkg-PartitionDxe-Ensure-blocksize-holds-MBR.patch [bz#1690501]
-- edk2-MdeModulePkg-RamDiskDxe-Restrict-on-RAM-disk-size-CV.patch [bz#1690501]
-- Resolves: bz#1690501
- (CVE-2018-12180 edk2: Buffer Overflow in BlockIo service for RAM disk [rhel-8.0.0.z])
+* Mon Aug 05 2019 Miroslav Rezanina <mrezanin@redhat.com> - 20190308git89910a39dcfd-6.el8
+- edk2-ArmVirtPkg-silence-DEBUG_VERBOSE-masking-0x00400000-.patch [bz#1714446]
+- edk2-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch [bz#1714446]
+- edk2-ArmPkg-DebugPeCoffExtraActionLib-debugger-commands-a.patch [bz#1714446]
+- Resolves: bz#1714446
+ (edk2-aarch64 silent build is not silent enough)
+
+* Tue Jul 02 2019 Miroslav Rezanina <mrezanin@redhat.com> - 20190308git89910a39dcfd-5.el8
+- edk2-redhat-add-D-TPM2_ENABLE-to-the-edk2-ovmf-build-flag.patch [bz#1693205]
+- Resolves: bz#1693205
+ (edk2: Enable TPM2 support)
+
+* Tue Jun 11 2019 Miroslav Rezanina <mrezanin@redhat.com> - 20190308git89910a39dcfd-4.el8
+- edk2-OvmfPkg-raise-the-PCIEXBAR-base-to-2816-MB-on-Q35.patch [bz#1666941]
+- edk2-OvmfPkg-PlatformPei-set-32-bit-UC-area-at-PciBase-Pc.patch [bz#1666941]
+- Resolves: bz#1666941
+ (UEFI guest cannot boot into os when setting some special memory size)
+
+* Tue Apr 09 2019 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 20190308git89910a39dcfd-2.el8
+- edk2-redhat-provide-firmware-descriptor-meta-files.patch [bz#1600230]
+- Resolves: bz#1600230
+ ([RHEL 8.1] RFE: provide firmware descriptor meta-files for the edk2-ovmf and edk2-aarch64 firmware images)
+
+* Mon Apr 08 2019 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 20190308git89910a39dcfd-1.el8
+- Rebase to edk2-20190308git89910a39dcfd
* Mon Jan 21 2019 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 20180508gitee3198e672e2-9.el8
- edk2-BaseTools-Fix-UEFI-and-Tiano-Decompression-logic-iss.patch [bz#1662184]
@@ -534,11 +527,6 @@ true
- Resolves: bz#1643377
(Exception when grubx64.efi used for UEFI netboot)
-* Fri Nov 16 2018 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 20180508gitee3198e672e2-7.el8
-- Rebuilding edk2 outside the module branch
-- Resolves: bz#1637650
- (Move ipxe and edk2 out of the virt module.)
-
* Tue Nov 06 2018 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 20180508gitee3198e672e2-5.el8
- edk2-MdeModulePkg-Variable-Fix-Timestamp-zeroing-issue-on.patch [bz#1641436]
- edk2-MdePkg-Add-more-checker-in-UefiDecompressLib-to-acce.patch [bz#1641449 bz#1641453 bz#1641464 bz#1641469]