commit
dee7f6b1ce
@ -0,0 +1,3 @@
|
|||||||
|
0a9cfae889c6436333fab963250b069058eec6cf SOURCES/openssl-rhel-0205b589887203b065154ddc8e8107c4ac8625a1.tar.xz
|
||||||
|
4b2ed0d355d3ef44e21a72573e17017630b6d33c SOURCES/edk2-8736b8fdca.tar.xz
|
||||||
|
de143fc38b339d982079517b6f01bcec5246cf5e SOURCES/DBXUpdate-20230509.x64.bin
|
@ -0,0 +1,3 @@
|
|||||||
|
SOURCES/openssl-rhel-0205b589887203b065154ddc8e8107c4ac8625a1.tar.xz
|
||||||
|
SOURCES/edk2-8736b8fdca.tar.xz
|
||||||
|
SOURCES/DBXUpdate-20230509.x64.bin
|
@ -0,0 +1,83 @@
|
|||||||
|
From 21816395a94558c8e5c97f13adbb5ffb909656b8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Wed, 11 Jun 2014 21:55:22 +0200
|
||||||
|
Subject: [PATCH] ignore build artifacts, generated files, session settings etc
|
||||||
|
(RHEL only)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- refresh against upstream commit 48760409ccc8 (".gitignore: Ignore python
|
||||||
|
compiled files, extdeps, and vscode", 2019-11-11)
|
||||||
|
|
||||||
|
- add ".AutoGenIdFile.txt" to "Conf/.gitignore", in response to upstream
|
||||||
|
commit 373298ca0d60 ("BaseTools: Fixed issue for IgnoreAutoGen",
|
||||||
|
2019-09-10)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
|
||||||
|
RHEL-8.1/20190308-89910a39dcfd rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
|
||||||
|
RHEL-8.0/20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- reorder the rebase changelog in the commit message so that it reads like
|
||||||
|
a blog: place more recent entries near the top
|
||||||
|
- no changes to the patch body
|
||||||
|
|
||||||
|
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
|
||||||
|
|
||||||
|
- Conflict resolution against upstream commit 112f4ada2e6b ("edk2: Add
|
||||||
|
.DS_Store to .gitignore for macOS", 2017-05-04), in the ".gitignore"
|
||||||
|
file.
|
||||||
|
|
||||||
|
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the 9ece15a -> c9e5618 rebase:
|
||||||
|
|
||||||
|
- Upstream added .gitignore files in the meanwhile, we just need some
|
||||||
|
light customization. In particular the Conf/ReadMe.txt file should not
|
||||||
|
be ignored, it is not generated.
|
||||||
|
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit 3b9c914f2d6bff6274d5ed45fcf4c757ce27031b)
|
||||||
|
(cherry picked from commit b66c3c6d11a834dc7cb3ab326f09c6a21c0b81e8)
|
||||||
|
(cherry picked from commit c94381432988f6137de46772cbd4080d9832c9ad)
|
||||||
|
(cherry picked from commit 730cc57005e4908fcee29109672284808b21ec1c)
|
||||||
|
(cherry picked from commit 161184bcb55a670f8f7f8c4147825eb360b73794)
|
||||||
|
(cherry picked from commit 4eec2bb2176f2deda2b2c44a6f2ea167c5a43433)
|
||||||
|
(cherry picked from commit ea548c8d0c9d4cd5b8b5200eda8ff6ac220a6307)
|
||||||
|
(cherry picked from commit 4872f69df8b0460fbbfcd75950d81fdcd213f8c0)
|
||||||
|
---
|
||||||
|
Conf/.gitignore | 7 ++++++-
|
||||||
|
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/Conf/.gitignore b/Conf/.gitignore
|
||||||
|
index 5e4debcc10..8601fc0cee 100644
|
||||||
|
--- a/Conf/.gitignore
|
||||||
|
+++ b/Conf/.gitignore
|
||||||
|
@@ -1 +1,6 @@
|
||||||
|
-*
|
||||||
|
+.AutoGenIdFile.txt
|
||||||
|
+.cache/
|
||||||
|
+BuildEnv.sh
|
||||||
|
+build_rule.txt
|
||||||
|
+target.txt
|
||||||
|
+tools_def.txt
|
@ -0,0 +1,121 @@
|
|||||||
|
From ff10592d4710f12d601dcfcdd25f28b6941c5141 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
Date: Thu, 24 Mar 2022 03:23:02 -0400
|
||||||
|
Subject: [PATCH] Remove submodules
|
||||||
|
|
||||||
|
Rebase to edk2-stable202311: removing additional submodule:
|
||||||
|
|
||||||
|
- CryptoPkg/Library/MbedTlsLib/mbedtls
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
|
||||||
|
Rebase to edk2-stable202305: removing additional submodules:
|
||||||
|
|
||||||
|
- MdePkg/Library/BaseFdtLib/libfdt
|
||||||
|
- MdePkg/Library/MipiSysTLib/mipisyst
|
||||||
|
- UnitTestFrameworkPkg/Library/GoogleTestLib/googletest
|
||||||
|
- UnitTestFrameworkPkg/Library/SubhookLib/subhook
|
||||||
|
|
||||||
|
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
|
||||||
|
Upstream edk2 tracks several submodules we do not need in RHEL (removal
|
||||||
|
done by individual commits in previous RHEL versions):
|
||||||
|
|
||||||
|
- openssl: We use RHEL specific openssl submodule later (commit 48f993088e)
|
||||||
|
- SoftFloat: required only for 32-bit ARM (commit 273787a5c2)
|
||||||
|
- cmocka: needed for UnitTestFrameworkPkg we do not use (commit a2dca9bcd2)
|
||||||
|
- oniguruma: rhel do not need this dependency (commit 73f4b42b3a)
|
||||||
|
- brotli: removed this dependency (commits fcd212ffce, cf62a90767 and ac5782e6ab)
|
||||||
|
- jansson: we do not depend on JSON parsing or formating (commit c84227659a)
|
||||||
|
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
|
||||||
|
MdeModulePkg: remove package-private Brotli include path (RH only)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- New patch.
|
||||||
|
|
||||||
|
Originating from upstream commit 58802e02c41b
|
||||||
|
("MdeModulePkg/BrotliCustomDecompressLib: Make brotli a submodule",
|
||||||
|
2020-04-16), "MdeModulePkg/MdeModulePkg.dec" contains a package-internal
|
||||||
|
include path into a Brotli submodule.
|
||||||
|
|
||||||
|
The edk2 build system requires such include paths to resolve successfully,
|
||||||
|
regardless of the firmware platform being built. Because
|
||||||
|
BrotliCustomDecompressLib is not consumed by any OvmfPkg or ArmVirtPkg
|
||||||
|
platforms, and we've removed the submodule earlier in this patch set,
|
||||||
|
remove the include path too.
|
||||||
|
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit e05e0de713c4a2b8adb6ff9809611f222bfe50ed)
|
||||||
|
---
|
||||||
|
BaseTools/Source/C/GNUmakefile | 1 -
|
||||||
|
CryptoPkg/.gitignore | 1 +
|
||||||
|
MdeModulePkg/MdeModulePkg.dec | 3 ---
|
||||||
|
MdePkg/MdePkg.dec | 5 -----
|
||||||
|
4 files changed, 1 insertion(+), 9 deletions(-)
|
||||||
|
create mode 100644 CryptoPkg/.gitignore
|
||||||
|
|
||||||
|
diff --git a/BaseTools/Source/C/GNUmakefile b/BaseTools/Source/C/GNUmakefile
|
||||||
|
index 5275f657ef..39d7199753 100644
|
||||||
|
--- a/BaseTools/Source/C/GNUmakefile
|
||||||
|
+++ b/BaseTools/Source/C/GNUmakefile
|
||||||
|
@@ -51,7 +51,6 @@ all: makerootdir subdirs
|
||||||
|
LIBRARIES = Common
|
||||||
|
VFRAUTOGEN = VfrCompile/VfrLexer.h
|
||||||
|
APPLICATIONS = \
|
||||||
|
- BrotliCompress \
|
||||||
|
VfrCompile \
|
||||||
|
EfiRom \
|
||||||
|
GenFfs \
|
||||||
|
diff --git a/CryptoPkg/.gitignore b/CryptoPkg/.gitignore
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..68b83272b7
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/CryptoPkg/.gitignore
|
||||||
|
@@ -0,0 +1 @@
|
||||||
|
+Library/OpensslLib/openssl*/
|
||||||
|
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
|
||||||
|
index d2fede4f87..265dfec94f 100644
|
||||||
|
--- a/MdeModulePkg/MdeModulePkg.dec
|
||||||
|
+++ b/MdeModulePkg/MdeModulePkg.dec
|
||||||
|
@@ -26,9 +26,6 @@
|
||||||
|
Include
|
||||||
|
Test/Mock/Include
|
||||||
|
|
||||||
|
-[Includes.Common.Private]
|
||||||
|
- Library/BrotliCustomDecompressLib/brotli/c/include
|
||||||
|
-
|
||||||
|
[LibraryClasses]
|
||||||
|
## @libraryclass Defines a set of methods to reset whole system.
|
||||||
|
ResetSystemLib|Include/Library/ResetSystemLib.h
|
||||||
|
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
|
||||||
|
index ac54338089..29f0a6e178 100644
|
||||||
|
--- a/MdePkg/MdePkg.dec
|
||||||
|
+++ b/MdePkg/MdePkg.dec
|
||||||
|
@@ -29,7 +29,6 @@
|
||||||
|
Include
|
||||||
|
Test/UnitTest/Include
|
||||||
|
Test/Mock/Include
|
||||||
|
- Library/MipiSysTLib/mipisyst/library/include
|
||||||
|
|
||||||
|
[Includes.IA32]
|
||||||
|
Include/Ia32
|
||||||
|
@@ -295,10 +294,6 @@
|
||||||
|
#
|
||||||
|
FdtLib|Include/Library/FdtLib.h
|
||||||
|
|
||||||
|
- ## @libraryclass Provides general mipi sys-T services.
|
||||||
|
- #
|
||||||
|
- MipiSysTLib|Include/Library/MipiSysTLib.h
|
||||||
|
-
|
||||||
|
## @libraryclass Provides API to output Trace Hub debug message.
|
||||||
|
#
|
||||||
|
TraceHubDebugSysTLib|Include/Library/TraceHubDebugSysTLib.h
|
@ -0,0 +1,190 @@
|
|||||||
|
From a531e0f3c999670f54926b2579e0721d217a49e0 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Tue, 25 Feb 2014 22:40:01 +0100
|
||||||
|
Subject: [PATCH] MdeModulePkg: TerminalDxe: set xterm resolution on mode
|
||||||
|
change (RH only)
|
||||||
|
|
||||||
|
Notes for rebase to edk2-stable202311:
|
||||||
|
|
||||||
|
- Minor context changes due to new PCDs (for USB Networking) being added.
|
||||||
|
|
||||||
|
Notes for rebase to edk2-stable202205:
|
||||||
|
|
||||||
|
- Minor context changes due to fd306d1dbc MdeModulePkg: Add PcdTdxSharedBitMask
|
||||||
|
|
||||||
|
Notes for rebase to edk2-stable202202:
|
||||||
|
|
||||||
|
- Minor context changes due to 1436aea4d MdeModulePkg: Apply uncrustify changes
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- Resolve harmless conflict in "MdeModulePkg/MdeModulePkg.dec",
|
||||||
|
originating from new upstream commits
|
||||||
|
- 45bc28172fbf ("MdeModulePkg.dec: Change PCDs for status code.",
|
||||||
|
2020-06-18),
|
||||||
|
- 0785c619a58a ("MdeModulePkg/Bus/Pci/PciBusDxe: Support PCIe Resizable
|
||||||
|
BAR Capability", 2021-01-04),
|
||||||
|
- ef23012e5439 ("MdeModulePkg: Change default value of
|
||||||
|
PcdPcieResizableBarSupport to FALSE", 2021-01-14).
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- Resolve trivial conflict in "MdeModulePkg/MdeModulePkg.dec", arising
|
||||||
|
from upstream commit 166830d8f7ca ("MdeModulePkg/dec: add
|
||||||
|
PcdTcgPfpMeasurementRevision PCD", 2020-01-06).
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- Conflict in "MdeModulePkg/MdeModulePkg.dec" due to upstream commits
|
||||||
|
- 1103ba946aee ("MdeModulePkg: Add Capsule On Disk related definition.",
|
||||||
|
2019-06-26),
|
||||||
|
- 1c7b3eb84631 ("MdeModulePkg/DxeIpl: Introduce PCD
|
||||||
|
PcdUse5LevelPageTable", 2019-08-09),
|
||||||
|
with easy manual resolution.
|
||||||
|
|
||||||
|
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
|
||||||
|
RHEL-8.1/20190308-89910a39dcfd rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
|
||||||
|
RHEL-8.0/20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- reorder the rebase changelog in the commit message so that it reads like
|
||||||
|
a blog: place more recent entries near the top
|
||||||
|
- no changes to the patch body
|
||||||
|
|
||||||
|
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
|
||||||
|
|
||||||
|
- Refresh downstream-only commit 2909e025db68 against "MdeModulePkg.dec"
|
||||||
|
context change from upstream commits e043f7895b83 ("MdeModulePkg: Add
|
||||||
|
PCD PcdPteMemoryEncryptionAddressOrMask", 2017-02-27) and 76081dfcc5b2
|
||||||
|
("MdeModulePkg: Add PROMPT&HELP string of pcd to UNI file", 2017-03-03).
|
||||||
|
|
||||||
|
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
|
||||||
|
|
||||||
|
- refresh commit 519b9751573e against various context changes
|
||||||
|
|
||||||
|
The
|
||||||
|
|
||||||
|
CSI Ps ; Ps ; Ps t
|
||||||
|
|
||||||
|
escape sequence serves for window manipulation. We can use the
|
||||||
|
|
||||||
|
CSI 8 ; <rows> ; <columns> t
|
||||||
|
|
||||||
|
sequence to adapt eg. the xterm window size to the selected console mode.
|
||||||
|
|
||||||
|
Reference: <http://rtfm.etla.org/xterm/ctlseq.html>
|
||||||
|
Contributed-under: TianoCore Contribution Agreement 1.0
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit 2909e025db6878723b49644a8a0cf160d07e6444)
|
||||||
|
(cherry picked from commit b9c5c901f25e48d68eef6e78a4abca00e153f574)
|
||||||
|
(cherry picked from commit b7f6115b745de8cbc5214b6ede33c9a8558beb90)
|
||||||
|
(cherry picked from commit 67415982afdc77922aa37496c981adeb4351acdb)
|
||||||
|
(cherry picked from commit cfccb98d13e955beb0b93b4a75a973f30c273ffc)
|
||||||
|
(cherry picked from commit a11602f5e2ef930be5b693ddfd0c789a1bd4c60c)
|
||||||
|
(cherry picked from commit bc2266f20de5db1636e09a07e4a72c8dbf505f5a)
|
||||||
|
---
|
||||||
|
MdeModulePkg/MdeModulePkg.dec | 4 +++
|
||||||
|
.../Console/TerminalDxe/TerminalConOut.c | 30 +++++++++++++++++++
|
||||||
|
.../Console/TerminalDxe/TerminalDxe.inf | 2 ++
|
||||||
|
3 files changed, 36 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
|
||||||
|
index 265dfec94f..092a8dee2a 100644
|
||||||
|
--- a/MdeModulePkg/MdeModulePkg.dec
|
||||||
|
+++ b/MdeModulePkg/MdeModulePkg.dec
|
||||||
|
@@ -2158,6 +2158,10 @@
|
||||||
|
# @Prompt The value is use for Usb Network rate limiting supported.
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdUsbNetworkRateLimitingFactor|100|UINT32|0x10000028
|
||||||
|
|
||||||
|
+ ## Controls whether TerminalDxe outputs an XTerm resize sequence on terminal
|
||||||
|
+ # mode change.
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE|BOOLEAN|0x00010080
|
||||||
|
+
|
||||||
|
[PcdsPatchableInModule]
|
||||||
|
## Specify memory size with page number for PEI code when
|
||||||
|
# Loading Module at Fixed Address feature is enabled.
|
||||||
|
diff --git a/MdeModulePkg/Universal/Console/TerminalDxe/TerminalConOut.c b/MdeModulePkg/Universal/Console/TerminalDxe/TerminalConOut.c
|
||||||
|
index 7809869e7d..3be801039b 100644
|
||||||
|
--- a/MdeModulePkg/Universal/Console/TerminalDxe/TerminalConOut.c
|
||||||
|
+++ b/MdeModulePkg/Universal/Console/TerminalDxe/TerminalConOut.c
|
||||||
|
@@ -7,6 +7,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
**/
|
||||||
|
|
||||||
|
+#include <Library/PrintLib.h>
|
||||||
|
+
|
||||||
|
#include "Terminal.h"
|
||||||
|
|
||||||
|
//
|
||||||
|
@@ -80,6 +82,16 @@ CHAR16 mSetCursorPositionString[] = { ESC, '[', '0', '0', ';', '0', '0', 'H', 0
|
||||||
|
CHAR16 mCursorForwardString[] = { ESC, '[', '0', '0', 'C', 0 };
|
||||||
|
CHAR16 mCursorBackwardString[] = { ESC, '[', '0', '0', 'D', 0 };
|
||||||
|
|
||||||
|
+//
|
||||||
|
+// Note that this is an ASCII format string, taking two INT32 arguments:
|
||||||
|
+// rows, columns.
|
||||||
|
+//
|
||||||
|
+// A %d (INT32) format specification can expand to at most 11 characters.
|
||||||
|
+//
|
||||||
|
+CHAR8 mResizeTextAreaFormatString[] = "\x1B[8;%d;%dt";
|
||||||
|
+#define RESIZE_SEQ_SIZE (sizeof mResizeTextAreaFormatString + 2 * (11 - 2))
|
||||||
|
+
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Body of the ConOut functions
|
||||||
|
//
|
||||||
|
@@ -498,6 +510,24 @@ TerminalConOutSetMode (
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (PcdGetBool (PcdResizeXterm)) {
|
||||||
|
+ CHAR16 ResizeSequence[RESIZE_SEQ_SIZE];
|
||||||
|
+
|
||||||
|
+ UnicodeSPrintAsciiFormat (
|
||||||
|
+ ResizeSequence,
|
||||||
|
+ sizeof ResizeSequence,
|
||||||
|
+ mResizeTextAreaFormatString,
|
||||||
|
+ (INT32) TerminalDevice->TerminalConsoleModeData[ModeNumber].Rows,
|
||||||
|
+ (INT32) TerminalDevice->TerminalConsoleModeData[ModeNumber].Columns
|
||||||
|
+ );
|
||||||
|
+ TerminalDevice->OutputEscChar = TRUE;
|
||||||
|
+ Status = This->OutputString (This, ResizeSequence);
|
||||||
|
+ TerminalDevice->OutputEscChar = FALSE;
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
This->Mode->Mode = (INT32)ModeNumber;
|
||||||
|
|
||||||
|
Status = This->ClearScreen (This);
|
||||||
|
diff --git a/MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf b/MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
|
||||||
|
index b2a8aeba85..96810f337c 100644
|
||||||
|
--- a/MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
|
||||||
|
+++ b/MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
|
||||||
|
@@ -55,6 +55,7 @@
|
||||||
|
DebugLib
|
||||||
|
PcdLib
|
||||||
|
BaseLib
|
||||||
|
+ PrintLib
|
||||||
|
|
||||||
|
[Guids]
|
||||||
|
## SOMETIMES_PRODUCES ## Variable:L"ConInDev"
|
||||||
|
@@ -87,6 +88,7 @@
|
||||||
|
[Pcd]
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdDefaultTerminalType ## SOMETIMES_CONSUMES
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdErrorCodeSetVariable ## CONSUMES
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm ## CONSUMES
|
||||||
|
|
||||||
|
# [Event]
|
||||||
|
# # Relative timer event set by UnicodeToEfiKey(), used to be one 2 seconds input timeout.
|
@ -0,0 +1,212 @@
|
|||||||
|
From c53aae9d945648b7301efede1dc77bf7b7f4ee1c Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Wed, 14 Oct 2015 15:59:06 +0200
|
||||||
|
Subject: [PATCH] OvmfPkg: take PcdResizeXterm from the QEMU command line (RH
|
||||||
|
only)
|
||||||
|
|
||||||
|
Notes about edk2-stable202205 rebase
|
||||||
|
|
||||||
|
- Necessary minor fixes for upstream changes
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- Extend the DSC change to the new OvmfPkg/AmdSev platform, which has been
|
||||||
|
introduced upstream in commit 30d277ed7a82 ("OvmfPkg/Amdsev: Base commit
|
||||||
|
to build encrypted boot specific OVMF", 2020-12-14), for TianoCore#3077.
|
||||||
|
|
||||||
|
We've always patched all those DSC/FDF files in OvmfPkg down-stream that
|
||||||
|
made sense at least in theory on QEMU. (For example, we've always
|
||||||
|
patched "OvmfPkgIa32.dsc" and "OvmfPkgIa32.fdf", even though we never
|
||||||
|
build or ship the pure IA32 firmware platform.) Follow suit with
|
||||||
|
"AmdSevX64.dsc".
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- Resolve contextual conflict in the DSC files, from upstream commit
|
||||||
|
b0ed7ebdebd1 ("OvmfPkg: set fixed FlashNvStorage base addresses with -D
|
||||||
|
SMM_REQUIRE", 2020-03-12).
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
|
||||||
|
RHEL-8.1/20190308-89910a39dcfd rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
|
||||||
|
RHEL-8.0/20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- reorder the rebase changelog in the commit message so that it reads like
|
||||||
|
a blog: place more recent entries near the top
|
||||||
|
- no changes to the patch body
|
||||||
|
|
||||||
|
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
|
||||||
|
|
||||||
|
- refresh downstream-only commit 8abc2a6ddad2 against context differences
|
||||||
|
in the DSC files from upstream commit 5e167d7e784c
|
||||||
|
("OvmfPkg/PlatformPei: don't allocate reserved mem varstore if
|
||||||
|
SMM_REQUIRE", 2017-03-12).
|
||||||
|
|
||||||
|
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Contributed-under: TianoCore Contribution Agreement 1.0
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit 6fa0c4d67c0bb8bde2ddd6db41c19eb0c40b2721)
|
||||||
|
(cherry picked from commit 8abc2a6ddad25af7e88dc0cf57d55dfb75fbf92d)
|
||||||
|
(cherry picked from commit b311932d3841c017a0f0fec553edcac365cc2038)
|
||||||
|
(cherry picked from commit 61914fb81cf624c9028d015533b400b2794e52d3)
|
||||||
|
(cherry picked from commit 2ebf3cc2ae99275d63bb6efd3c22dec76251a853)
|
||||||
|
(cherry picked from commit f9b73437b9b231773c1a20e0c516168817a930a2)
|
||||||
|
(cherry picked from commit 2cc462ee963d0be119bc97bfc9c70d292a40516f)
|
||||||
|
(cherry picked from commit 51e0de961029af84b5bdbfddcc9762b1819d500f)
|
||||||
|
---
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 +
|
||||||
|
OvmfPkg/CloudHv/CloudHvX64.dsc | 1 +
|
||||||
|
OvmfPkg/IntelTdx/IntelTdxX64.dsc | 1 +
|
||||||
|
OvmfPkg/Microvm/MicrovmX64.dsc | 2 +-
|
||||||
|
OvmfPkg/OvmfPkgIa32.dsc | 1 +
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.dsc | 1 +
|
||||||
|
OvmfPkg/OvmfPkgX64.dsc | 1 +
|
||||||
|
OvmfPkg/PlatformPei/Platform.c | 13 +++++++++++++
|
||||||
|
OvmfPkg/PlatformPei/PlatformPei.inf | 1 +
|
||||||
|
9 files changed, 21 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
index 302c90e7c2..ef70f5f08c 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
@@ -486,6 +486,7 @@
|
||||||
|
[PcdsDynamicDefault]
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
|
||||||
|
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|0
|
||||||
|
diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
|
||||||
|
index c23c7eaf6c..49521ba47c 100644
|
||||||
|
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
|
||||||
|
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
|
||||||
|
@@ -576,6 +576,7 @@
|
||||||
|
# ($(SMM_REQUIRE) == FALSE)
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
|
||||||
|
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
|
||||||
|
!if $(SMM_REQUIRE) == FALSE
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
|
||||||
|
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
||||||
|
index 182ec3705d..fd6722499a 100644
|
||||||
|
--- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
||||||
|
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
||||||
|
@@ -482,6 +482,7 @@
|
||||||
|
# ($(SMM_REQUIRE) == FALSE)
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
|
||||||
|
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|0
|
||||||
|
diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc
|
||||||
|
index ea1fa3e296..79f14b5c05 100644
|
||||||
|
--- a/OvmfPkg/Microvm/MicrovmX64.dsc
|
||||||
|
+++ b/OvmfPkg/Microvm/MicrovmX64.dsc
|
||||||
|
@@ -584,7 +584,7 @@
|
||||||
|
# only set when
|
||||||
|
# ($(SMM_REQUIRE) == FALSE)
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
|
||||||
|
-
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|0
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
index ed3a19feeb..3101a3a4cf 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
@@ -604,6 +604,7 @@
|
||||||
|
# ($(SMM_REQUIRE) == FALSE)
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
|
||||||
|
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
|
||||||
|
!if $(SMM_REQUIRE) == FALSE
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
index 16ca139b29..0c174947b7 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
@@ -616,6 +616,7 @@
|
||||||
|
# ($(SMM_REQUIRE) == FALSE)
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
|
||||||
|
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
|
||||||
|
!if $(SMM_REQUIRE) == FALSE
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
index dc1a0942aa..a328726d55 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
@@ -634,6 +634,7 @@
|
||||||
|
# ($(SMM_REQUIRE) == FALSE)
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
|
||||||
|
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
|
||||||
|
!if $(SMM_REQUIRE) == FALSE
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
|
||||||
|
diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c
|
||||||
|
index f5dc41c3a8..f244dcd24d 100644
|
||||||
|
--- a/OvmfPkg/PlatformPei/Platform.c
|
||||||
|
+++ b/OvmfPkg/PlatformPei/Platform.c
|
||||||
|
@@ -41,6 +41,18 @@
|
||||||
|
|
||||||
|
#include "Platform.h"
|
||||||
|
|
||||||
|
+#define UPDATE_BOOLEAN_PCD_FROM_FW_CFG(TokenName) \
|
||||||
|
+ do { \
|
||||||
|
+ BOOLEAN Setting; \
|
||||||
|
+ RETURN_STATUS PcdStatus; \
|
||||||
|
+ \
|
||||||
|
+ if (!RETURN_ERROR (QemuFwCfgParseBool ( \
|
||||||
|
+ "opt/ovmf/" #TokenName, &Setting))) { \
|
||||||
|
+ PcdStatus = PcdSetBoolS (TokenName, Setting); \
|
||||||
|
+ ASSERT_RETURN_ERROR (PcdStatus); \
|
||||||
|
+ } \
|
||||||
|
+ } while (0)
|
||||||
|
+
|
||||||
|
EFI_PEI_PPI_DESCRIPTOR mPpiBootMode[] = {
|
||||||
|
{
|
||||||
|
EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
|
||||||
|
@@ -355,6 +367,7 @@ InitializePlatform (
|
||||||
|
MemTypeInfoInitialization (PlatformInfoHob);
|
||||||
|
MemMapInitialization (PlatformInfoHob);
|
||||||
|
NoexecDxeInitialization (PlatformInfoHob);
|
||||||
|
+ UPDATE_BOOLEAN_PCD_FROM_FW_CFG (PcdResizeXterm);
|
||||||
|
}
|
||||||
|
|
||||||
|
InstallClearCacheCallback ();
|
||||||
|
diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf
|
||||||
|
index 3934aeed95..d84aefee6d 100644
|
||||||
|
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
|
||||||
|
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
|
||||||
|
@@ -100,6 +100,7 @@
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack
|
@ -0,0 +1,201 @@
|
|||||||
|
From db9d61b18715590fc8956eb5da9b036afbfd9ab9 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Sun, 26 Jul 2015 08:02:50 +0000
|
||||||
|
Subject: [PATCH] ArmVirtPkg: take PcdResizeXterm from the QEMU command line
|
||||||
|
(RH only)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- Resolve leading context divergence in "ArmVirtPkg/ArmVirtQemu.dsc",
|
||||||
|
arising from upstream commits:
|
||||||
|
|
||||||
|
- 82662a3b5f56 ("ArmVirtPkg/PlatformPeiLib: discover the TPM base
|
||||||
|
address from the DT", 2020-03-04)
|
||||||
|
|
||||||
|
- ddd34a818315 ("ArmVirtPkg/ArmVirtQemu: enable TPM2 support in the PEI
|
||||||
|
phase", 2020-03-04)
|
||||||
|
|
||||||
|
- cdc3fa54184a ("ArmVirtPkg: control PXEv4 / PXEv6 boot support from the
|
||||||
|
QEMU command line", 2020-04-28)
|
||||||
|
|
||||||
|
- Rework the downstream patch quite a bit, paralleling the upstream work
|
||||||
|
done for <https://bugzilla.tianocore.org/show_bug.cgi?id=2681> in commit
|
||||||
|
range 64ab457d1f21..cdc3fa54184a:
|
||||||
|
|
||||||
|
- Refresh copyright year in TerminalPcdProducerLib.{inf,c}. Also replace
|
||||||
|
open-coded BSDL with "SPDX-License-Identifier: BSD-2-Clause-Patent".
|
||||||
|
|
||||||
|
- Simplify LIBRARY_CLASS: this lib instance is meant to be consumed only
|
||||||
|
via NULL class resolution (basically: as a plugin), so use NULL for
|
||||||
|
LIBRARY_CLASS, not "TerminalPcdProducerLib|DXE_DRIVER".
|
||||||
|
|
||||||
|
- Sort the [Packages] section alphabetically in the INF file.
|
||||||
|
|
||||||
|
- Replace the open-coded GetNamedFwCfgBoolean() function with a call to
|
||||||
|
QemuFwCfgParseBool(), from QemuFwCfgSimpleParserLib.
|
||||||
|
|
||||||
|
- Add the SOMETIMES_PRODUCES usage comment in the [Pcd] section of the
|
||||||
|
INF file.
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
|
||||||
|
RHEL-8.1/20190308-89910a39dcfd rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
|
||||||
|
RHEL-8.0/20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- reorder the rebase changelog in the commit message so that it reads like
|
||||||
|
a blog: place more recent entries near the top
|
||||||
|
- no changes to the patch body
|
||||||
|
|
||||||
|
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
|
||||||
|
|
||||||
|
- Refresh downstream-only commit d4564d39dfdb against context changes in
|
||||||
|
"ArmVirtPkg/ArmVirtQemu.dsc" from upstream commit 7e5f1b673870
|
||||||
|
("ArmVirtPkg/PlatformHasAcpiDtDxe: allow guest level ACPI disable
|
||||||
|
override", 2017-03-29).
|
||||||
|
|
||||||
|
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
|
||||||
|
|
||||||
|
- Adapt commit 6b97969096a3 to the fact that upstream has deprecated such
|
||||||
|
setter functions for dynamic PCDs that don't return a status code (such
|
||||||
|
as PcdSetBool()). Employ PcdSetBoolS(), and assert that it succeeds --
|
||||||
|
there's really no circumstance in this case when it could fail.
|
||||||
|
|
||||||
|
Contributed-under: TianoCore Contribution Agreement 1.0
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit d4564d39dfdbf74e762af43314005a2c026cb262)
|
||||||
|
(cherry picked from commit c9081ebe3bcd28e5cce4bf58bd8d4fca12f9af7c)
|
||||||
|
(cherry picked from commit 8e92730c8e1cdb642b3b3e680e643ff774a90c65)
|
||||||
|
(cherry picked from commit 9448b6b46267d8d807fac0c648e693171bb34806)
|
||||||
|
(cherry picked from commit 232fcf06f6b3048b7c2ebd6931f23186b3852f04)
|
||||||
|
(cherry picked from commit 8338545260fbb423f796d5196faaaf8ff6e1ed99)
|
||||||
|
(cherry picked from commit a5f7a57bf390f1f340ff1d1f1884a73716817ef1)
|
||||||
|
---
|
||||||
|
ArmVirtPkg/ArmVirtQemu.dsc | 7 +++-
|
||||||
|
.../TerminalPcdProducerLib.c | 34 +++++++++++++++++++
|
||||||
|
.../TerminalPcdProducerLib.inf | 33 ++++++++++++++++++
|
||||||
|
3 files changed, 73 insertions(+), 1 deletion(-)
|
||||||
|
create mode 100644 ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.c
|
||||||
|
create mode 100644 ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf
|
||||||
|
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
index 30e3cfc8b9..7b88b7441f 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
@@ -309,6 +309,8 @@
|
||||||
|
gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x0
|
||||||
|
!endif
|
||||||
|
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
|
||||||
|
+
|
||||||
|
[PcdsDynamicHii]
|
||||||
|
gUefiOvmfPkgTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gOvmfVariableGuid|0x0|FALSE|NV,BS
|
||||||
|
|
||||||
|
@@ -418,7 +420,10 @@
|
||||||
|
MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf
|
||||||
|
MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf
|
||||||
|
MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleDxe.inf
|
||||||
|
- MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
|
||||||
|
+ MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf {
|
||||||
|
+ <LibraryClasses>
|
||||||
|
+ NULL|ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf
|
||||||
|
+ }
|
||||||
|
MdeModulePkg/Universal/SerialDxe/SerialDxe.inf
|
||||||
|
|
||||||
|
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
|
||||||
|
diff --git a/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.c b/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.c
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..37f71c5e4c
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.c
|
||||||
|
@@ -0,0 +1,34 @@
|
||||||
|
+/** @file
|
||||||
|
+* Plugin library for setting up dynamic PCDs for TerminalDxe, from fw_cfg
|
||||||
|
+*
|
||||||
|
+* Copyright (C) 2015-2020, Red Hat, Inc.
|
||||||
|
+* Copyright (c) 2014, Linaro Ltd. All rights reserved.<BR>
|
||||||
|
+*
|
||||||
|
+* SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+
|
||||||
|
+#include <Library/DebugLib.h>
|
||||||
|
+#include <Library/PcdLib.h>
|
||||||
|
+#include <Library/QemuFwCfgSimpleParserLib.h>
|
||||||
|
+
|
||||||
|
+#define UPDATE_BOOLEAN_PCD_FROM_FW_CFG(TokenName) \
|
||||||
|
+ do { \
|
||||||
|
+ BOOLEAN Setting; \
|
||||||
|
+ RETURN_STATUS PcdStatus; \
|
||||||
|
+ \
|
||||||
|
+ if (!RETURN_ERROR (QemuFwCfgParseBool ( \
|
||||||
|
+ "opt/org.tianocore.edk2.aavmf/" #TokenName, &Setting))) { \
|
||||||
|
+ PcdStatus = PcdSetBoolS (TokenName, Setting); \
|
||||||
|
+ ASSERT_RETURN_ERROR (PcdStatus); \
|
||||||
|
+ } \
|
||||||
|
+ } while (0)
|
||||||
|
+
|
||||||
|
+RETURN_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+TerminalPcdProducerLibConstructor (
|
||||||
|
+ VOID
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ UPDATE_BOOLEAN_PCD_FROM_FW_CFG (PcdResizeXterm);
|
||||||
|
+ return RETURN_SUCCESS;
|
||||||
|
+}
|
||||||
|
diff --git a/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf b/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..c840f6f97a
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/ArmVirtPkg/Library/TerminalPcdProducerLib/TerminalPcdProducerLib.inf
|
||||||
|
@@ -0,0 +1,33 @@
|
||||||
|
+## @file
|
||||||
|
+# Plugin library for setting up dynamic PCDs for TerminalDxe, from fw_cfg
|
||||||
|
+#
|
||||||
|
+# Copyright (C) 2015-2020, Red Hat, Inc.
|
||||||
|
+# Copyright (c) 2014, Linaro Ltd. All rights reserved.<BR>
|
||||||
|
+#
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+##
|
||||||
|
+
|
||||||
|
+[Defines]
|
||||||
|
+ INF_VERSION = 0x00010005
|
||||||
|
+ BASE_NAME = TerminalPcdProducerLib
|
||||||
|
+ FILE_GUID = 4a0c5ed7-8c42-4c01-8f4c-7bf258316a96
|
||||||
|
+ MODULE_TYPE = BASE
|
||||||
|
+ VERSION_STRING = 1.0
|
||||||
|
+ LIBRARY_CLASS = NULL
|
||||||
|
+ CONSTRUCTOR = TerminalPcdProducerLibConstructor
|
||||||
|
+
|
||||||
|
+[Sources]
|
||||||
|
+ TerminalPcdProducerLib.c
|
||||||
|
+
|
||||||
|
+[Packages]
|
||||||
|
+ MdeModulePkg/MdeModulePkg.dec
|
||||||
|
+ MdePkg/MdePkg.dec
|
||||||
|
+ OvmfPkg/OvmfPkg.dec
|
||||||
|
+
|
||||||
|
+[LibraryClasses]
|
||||||
|
+ DebugLib
|
||||||
|
+ PcdLib
|
||||||
|
+ QemuFwCfgSimpleParserLib
|
||||||
|
+
|
||||||
|
+[Pcd]
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm ## SOMETIMES_PRODUCES
|
@ -0,0 +1,118 @@
|
|||||||
|
From ccc528cc7a9d5b0029a1ca91cb592c999e9f8c5a Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Date: Tue, 21 Nov 2017 00:57:45 +0100
|
||||||
|
Subject: [PATCH] OvmfPkg: enable DEBUG_VERBOSE (RHEL only)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- Extend the DSC change to the new OvmfPkg/AmdSev platform, which has been
|
||||||
|
introduced upstream in commit 30d277ed7a82 ("OvmfPkg/Amdsev: Base commit
|
||||||
|
to build encrypted boot specific OVMF", 2020-12-14), for TianoCore#3077.
|
||||||
|
|
||||||
|
- Remove obsolete commit message tags related to downstream patch
|
||||||
|
management: Message-id, Patchwork-id, O-Subject, Acked-by, From
|
||||||
|
(RHBZ#1846481).
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- context difference from upstream commit 46bb81200742 ("OvmfPkg: Make
|
||||||
|
SOURCE_DEBUG_ENABLE actually need to be set to TRUE", 2019-10-22)
|
||||||
|
resolved automatically
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
|
||||||
|
RHEL-8.1/20190308-89910a39dcfd rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
|
||||||
|
RHEL-8.0/20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- reorder the rebase changelog in the commit message so that it reads like
|
||||||
|
a blog: place more recent entries near the top
|
||||||
|
- no changes to the patch body
|
||||||
|
|
||||||
|
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Bugzilla: 1488247
|
||||||
|
|
||||||
|
Set the DEBUG_VERBOSE bit (0x00400000) in the log mask. We want detailed
|
||||||
|
debug messages, and code in OvmfPkg logs many messages on the
|
||||||
|
DEBUG_VERBOSE level.
|
||||||
|
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
(this patch was previously applied as commit 78d3ed73172b5738e32d2b0bc03f7984b9584117)
|
||||||
|
(cherry picked from commit 7aeeaabc9871f657e65d2b99d81011b4964a1ce9)
|
||||||
|
(cherry picked from commit a0617a6be1a80966099ddceb010f89202a79ee76)
|
||||||
|
(cherry picked from commit 759bd3f591e2db699bdef4c7ea4e97c908e7f027)
|
||||||
|
(cherry picked from commit 7e6d5dc4078c64be6d55d8fc3317c59a91507a50)
|
||||||
|
(cherry picked from commit 3cb92f9ba18ac79911bd5258ff4f949cc617ae89)
|
||||||
|
(cherry picked from commit 5ecc18badaabe774d9d0806b027ab63a30c6a2d7)
|
||||||
|
---
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.dsc | 2 +-
|
||||||
|
OvmfPkg/OvmfPkgIa32.dsc | 2 +-
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.dsc | 2 +-
|
||||||
|
OvmfPkg/OvmfPkgX64.dsc | 2 +-
|
||||||
|
4 files changed, 4 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
index ef70f5f08c..28bdc56227 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
@@ -428,7 +428,7 @@
|
||||||
|
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
|
||||||
|
# // significantly impact boot performance
|
||||||
|
# DEBUG_ERROR 0x80000000 // Error
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
|
||||||
|
|
||||||
|
!if $(SOURCE_DEBUG_ENABLE) == TRUE
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
index 3101a3a4cf..c4fc79a851 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
@@ -537,7 +537,7 @@
|
||||||
|
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
|
||||||
|
# // significantly impact boot performance
|
||||||
|
# DEBUG_ERROR 0x80000000 // Error
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
|
||||||
|
|
||||||
|
!if $(SOURCE_DEBUG_ENABLE) == TRUE
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
index 0c174947b7..1da23b5389 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
@@ -544,7 +544,7 @@
|
||||||
|
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
|
||||||
|
# // significantly impact boot performance
|
||||||
|
# DEBUG_ERROR 0x80000000 // Error
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
|
||||||
|
|
||||||
|
!if $(SOURCE_DEBUG_ENABLE) == TRUE
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
index a328726d55..4f886ba644 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
@@ -563,7 +563,7 @@
|
||||||
|
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
|
||||||
|
# // significantly impact boot performance
|
||||||
|
# DEBUG_ERROR 0x80000000 // Error
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
|
||||||
|
|
||||||
|
!if $(SOURCE_DEBUG_ENABLE) == TRUE
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
|
@ -0,0 +1,170 @@
|
|||||||
|
From 4bb5f3b3473da371b4db99899c1128ae4ff99f6e Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Date: Tue, 21 Nov 2017 00:57:46 +0100
|
||||||
|
Subject: [PATCH] OvmfPkg: silence DEBUG_VERBOSE (0x00400000) in
|
||||||
|
QemuVideoDxe/QemuRamfbDxe (RH)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- Extend the DSC change to the new OvmfPkg/AmdSev platform, which has been
|
||||||
|
introduced upstream in commit 30d277ed7a82 ("OvmfPkg/Amdsev: Base commit
|
||||||
|
to build encrypted boot specific OVMF", 2020-12-14), for TianoCore#3077.
|
||||||
|
|
||||||
|
- Remove obsolete commit message tags related to downstream patch
|
||||||
|
management: Message-id, Patchwork-id, O-Subject, Acked-by, From
|
||||||
|
(RHBZ#1846481).
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- Due to upstream commit 4b04d9d73604 ("OvmfPkg: Don't build in
|
||||||
|
QemuVideoDxe when we have CSM", 2019-06-26), the contexts of
|
||||||
|
"QemuVideoDxe.inf" / "QemuRamfbDxe.inf" have changed in the DSC files.
|
||||||
|
Resolve the conflict manually.
|
||||||
|
|
||||||
|
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
|
||||||
|
RHEL-8.1/20190308-89910a39dcfd rebase:
|
||||||
|
|
||||||
|
- Upstream commit 1d25ff51af5c ("OvmfPkg: add QemuRamfbDxe", 2018-06-14)
|
||||||
|
introduced another GOP driver that consumes FrameBufferBltLib, and
|
||||||
|
thereby produces a large number of (mostly useless) debug messages at
|
||||||
|
the DEBUG_VERBOSE level. Extend the patch to suppress those messages in
|
||||||
|
both QemuVideoDxe and QemuRamfbDxe; update the subject accordingly.
|
||||||
|
QemuRamfbDxe itself doesn't log anything at the VERBOSE level (see also
|
||||||
|
the original commit message at the bottom of this downstream patch).
|
||||||
|
|
||||||
|
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
|
||||||
|
RHEL-8.0/20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- reorder the rebase changelog in the commit message so that it reads like
|
||||||
|
a blog: place more recent entries near the top
|
||||||
|
- no changes to the patch body
|
||||||
|
|
||||||
|
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Bugzilla: 1488247
|
||||||
|
|
||||||
|
In commit 5b2291f9567a ("OvmfPkg: QemuVideoDxe uses
|
||||||
|
MdeModulePkg/FrameBufferLib"), QemuVideoDxe was rebased to
|
||||||
|
FrameBufferBltLib.
|
||||||
|
|
||||||
|
The FrameBufferBltLib instance added in commit b1ca386074bd
|
||||||
|
("MdeModulePkg: Add FrameBufferBltLib library instance") logs many
|
||||||
|
messages on the VERBOSE level; for example, a normal boot with OVMF can
|
||||||
|
produce 500+ "VideoFill" messages, dependent on the progress bar, when the
|
||||||
|
VERBOSE bit is set in PcdDebugPrintErrorLevel.
|
||||||
|
|
||||||
|
QemuVideoDxe itself doesn't log anything at the VERBOSE level, so we lose
|
||||||
|
none of its messages this way.
|
||||||
|
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
(this patch was previously applied as commit 9b0d031dee7e823f6717bab73e422fbc6f0a6c52)
|
||||||
|
(cherry picked from commit 9122d5f2e8d8d289064d1e1700cb61964d9931f3)
|
||||||
|
(cherry picked from commit 7eb3be1d4ccafc26c11fe5afb95cc12b250ce6f0)
|
||||||
|
(cherry picked from commit bd650684712fb840dbcda5d6eaee065bd9e91fa1)
|
||||||
|
(cherry picked from commit b06b87f8ffd4fed4ef7eacb13689a9b6d111f850)
|
||||||
|
(cherry picked from commit c8c3f893e7c3710afe45c46839e97954871536e4)
|
||||||
|
(cherry picked from commit 1355849ad97c1e4a5c430597a377165a5cc118f7)
|
||||||
|
---
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.dsc | 10 ++++++++--
|
||||||
|
OvmfPkg/OvmfPkgIa32.dsc | 10 ++++++++--
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.dsc | 10 ++++++++--
|
||||||
|
OvmfPkg/OvmfPkgX64.dsc | 10 ++++++++--
|
||||||
|
4 files changed, 32 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
index 28bdc56227..cbd48af4dc 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
@@ -694,8 +694,14 @@
|
||||||
|
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
|
||||||
|
MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
|
||||||
|
|
||||||
|
- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
|
||||||
|
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
||||||
|
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
index c4fc79a851..75a61c88e6 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
@@ -850,9 +850,15 @@
|
||||||
|
MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
|
||||||
|
|
||||||
|
!ifndef $(CSM_ENABLE)
|
||||||
|
- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
|
||||||
|
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
!endif
|
||||||
|
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
||||||
|
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
index 1da23b5389..e5ca067d4c 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
@@ -868,9 +868,15 @@
|
||||||
|
MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
|
||||||
|
|
||||||
|
!ifndef $(CSM_ENABLE)
|
||||||
|
- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
|
||||||
|
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
!endif
|
||||||
|
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
||||||
|
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
index 4f886ba644..ad314d86c6 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
@@ -936,9 +936,15 @@
|
||||||
|
MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
|
||||||
|
|
||||||
|
!ifndef $(CSM_ENABLE)
|
||||||
|
- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
|
||||||
|
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
!endif
|
||||||
|
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
||||||
|
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
|
||||||
|
#
|
@ -0,0 +1,94 @@
|
|||||||
|
From 72830b010e7b78ef8d74cefcb5c6ad018c653ea6 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Wed, 27 Jan 2016 03:05:18 +0100
|
||||||
|
Subject: [PATCH] ArmVirtPkg: silence DEBUG_VERBOSE (0x00400000) in
|
||||||
|
QemuRamfbDxe (RH only)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- The previous version of this patch (downstream commit 76b4ac28e975)
|
||||||
|
caused a regression (RHBZ#1714446), which was fixed up in downstream
|
||||||
|
commit 5a216abaa737 ("ArmVirtPkg: silence DEBUG_VERBOSE masking
|
||||||
|
~0x00400000 in QemuRamfbDxe (RH only)", 2019-08-05).
|
||||||
|
|
||||||
|
Squash the fixup into the original patch. Fuse the commit messages.
|
||||||
|
(Acked-by tags are not preserved, lest we confuse ourselves while
|
||||||
|
reviewing this rebase.)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
|
||||||
|
RHEL-8.1/20190308-89910a39dcfd rebase:
|
||||||
|
|
||||||
|
- new patch, due to upstream commit c64688f36a8b ("ArmVirtPkg: add
|
||||||
|
QemuRamfbDxe", 2018-06-14)
|
||||||
|
|
||||||
|
QemuRamfbDxe uses FrameBufferLib. The FrameBufferBltLib instance added in
|
||||||
|
commit b1ca386074bd ("MdeModulePkg: Add FrameBufferBltLib library
|
||||||
|
instance") logs many messages on the VERBOSE level; for example, a normal
|
||||||
|
boot with ArmVirtQemu[Kernel] can produce 500+ "VideoFill" messages,
|
||||||
|
dependent on the progress bar, when the VERBOSE bit is set in
|
||||||
|
PcdDebugPrintErrorLevel.
|
||||||
|
|
||||||
|
Clear the VERBOSE bit without touching other bits -- those other bits
|
||||||
|
differ between the "silent" and "verbose" builds, so we can't set them as
|
||||||
|
constants.
|
||||||
|
|
||||||
|
QemuRamfbDxe itself doesn't log anything at the VERBOSE level, so we lose
|
||||||
|
none of its messages, with the VERBOSE bit clear.
|
||||||
|
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit 76b4ac28e975bd63c25db903a1d42c47b38cc756)
|
||||||
|
Reported-by: Andrew Jones <drjones@redhat.com>
|
||||||
|
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Philippe Mathieu-Daude <philmd@redhat.com>
|
||||||
|
(cherry picked from commit 5a216abaa737195327235e37563b18a6bf2a74dc)
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit e5b8152bced2364a1ded0926dbba4d65e23e3f84)
|
||||||
|
(cherry picked from commit e7f57f154439c1c18ea5030b01f8d7bc492698b2)
|
||||||
|
---
|
||||||
|
ArmVirtPkg/ArmVirtQemu.dsc | 5 ++++-
|
||||||
|
ArmVirtPkg/ArmVirtQemuKernel.dsc | 5 ++++-
|
||||||
|
2 files changed, 8 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
index 7b88b7441f..fe7b7e1d64 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
@@ -547,7 +547,10 @@
|
||||||
|
#
|
||||||
|
# Video support
|
||||||
|
#
|
||||||
|
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
||||||
|
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|($(DEBUG_PRINT_ERROR_LEVEL)) & 0xFFBFFFFF
|
||||||
|
+ }
|
||||||
|
OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
OvmfPkg/PlatformDxe/Platform.inf
|
||||||
|
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
||||||
|
index b50f8e84a3..4a43892f7d 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
||||||
|
@@ -447,7 +447,10 @@
|
||||||
|
#
|
||||||
|
# Video support
|
||||||
|
#
|
||||||
|
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
||||||
|
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|($(DEBUG_PRINT_ERROR_LEVEL)) & 0xFFBFFFFF
|
||||||
|
+ }
|
||||||
|
OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
OvmfPkg/PlatformDxe/Platform.inf
|
||||||
|
|
@ -0,0 +1,92 @@
|
|||||||
|
From 2b84cf52f9a6f24f932bce5548202460f20ca9d0 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Philippe Mathieu-Daude <philmd@redhat.com>
|
||||||
|
Date: Thu, 1 Aug 2019 20:43:48 +0200
|
||||||
|
Subject: [PATCH] OvmfPkg: QemuRamfbDxe: Do not report DXE failure on Aarch64
|
||||||
|
silent builds (RH only)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- We have to carry this downstream-only patch -- committed originally as
|
||||||
|
aaaedc1e2cfd -- indefinitely.
|
||||||
|
|
||||||
|
- To avoid confusion, remove the tags from the commit message that had
|
||||||
|
been added by the downstream maintainer scripts, such as: Message-id,
|
||||||
|
Patchwork-id, O-Subject, Acked-by. These remain available on the
|
||||||
|
original downstream commit. The Bugzilla line is preserved, as it
|
||||||
|
doesn't relate to a specific posting, but to the problem.
|
||||||
|
|
||||||
|
Bugzilla: 1714446
|
||||||
|
|
||||||
|
To suppress an error message on the silent build when ramfb is
|
||||||
|
not configured, change QemuRamfbDxe to return EFI_SUCCESS even
|
||||||
|
when it fails.
|
||||||
|
Some memory is wasted (driver stays resident without
|
||||||
|
any good use), but it is mostly harmless, as the memory
|
||||||
|
is released by the OS after ExitBootServices().
|
||||||
|
|
||||||
|
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Philippe Mathieu-Daude <philmd@redhat.com>
|
||||||
|
(cherry picked from commit aaaedc1e2cfd55ef003fb1b5a37c73a196b26dc7)
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit aa2b66b18a62d652bdbefae7b5732297294306ca)
|
||||||
|
(cherry picked from commit deb3451034326b75fd760aba47a5171493ff055e)
|
||||||
|
---
|
||||||
|
OvmfPkg/QemuRamfbDxe/QemuRamfb.c | 14 ++++++++++++++
|
||||||
|
OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf | 1 +
|
||||||
|
2 files changed, 15 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/QemuRamfbDxe/QemuRamfb.c b/OvmfPkg/QemuRamfbDxe/QemuRamfb.c
|
||||||
|
index 5a1044f0dc..83c6d26c74 100644
|
||||||
|
--- a/OvmfPkg/QemuRamfbDxe/QemuRamfb.c
|
||||||
|
+++ b/OvmfPkg/QemuRamfbDxe/QemuRamfb.c
|
||||||
|
@@ -13,6 +13,7 @@
|
||||||
|
#include <Library/BaseLib.h>
|
||||||
|
#include <Library/BaseMemoryLib.h>
|
||||||
|
#include <Library/DebugLib.h>
|
||||||
|
+#include <Library/DebugPrintErrorLevelLib.h>
|
||||||
|
#include <Library/DevicePathLib.h>
|
||||||
|
#include <Library/FrameBufferBltLib.h>
|
||||||
|
#include <Library/MemoryAllocationLib.h>
|
||||||
|
@@ -259,6 +260,19 @@ InitializeQemuRamfb (
|
||||||
|
|
||||||
|
Status = QemuFwCfgFindFile ("etc/ramfb", &mRamfbFwCfgItem, &FwCfgSize);
|
||||||
|
if (EFI_ERROR (Status)) {
|
||||||
|
+#if defined (MDE_CPU_AARCH64)
|
||||||
|
+ //
|
||||||
|
+ // RHBZ#1714446
|
||||||
|
+ // If no ramfb device was configured, this platform DXE driver should
|
||||||
|
+ // returns EFI_NOT_FOUND, so the DXE Core can unload it. However, even
|
||||||
|
+ // using a silent build, an error message is issued to the guest console.
|
||||||
|
+ // Since this confuse users, return success and stay resident. The wasted
|
||||||
|
+ // guest RAM still gets freed later after ExitBootServices().
|
||||||
|
+ //
|
||||||
|
+ if (GetDebugPrintErrorLevel () == DEBUG_ERROR) {
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
return EFI_NOT_FOUND;
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf b/OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
||||||
|
index e3890b8c20..f79a4bc987 100644
|
||||||
|
--- a/OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
||||||
|
+++ b/OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
||||||
|
@@ -29,6 +29,7 @@
|
||||||
|
BaseLib
|
||||||
|
BaseMemoryLib
|
||||||
|
DebugLib
|
||||||
|
+ DebugPrintErrorLevelLib
|
||||||
|
DevicePathLib
|
||||||
|
FrameBufferBltLib
|
||||||
|
MemoryAllocationLib
|
@ -0,0 +1,128 @@
|
|||||||
|
From 67230df28e3861c4a7a8fb064a45ed85f015209c Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Date: Tue, 21 Nov 2017 00:57:47 +0100
|
||||||
|
Subject: [PATCH] OvmfPkg: silence EFI_D_VERBOSE (0x00400000) in NvmExpressDxe
|
||||||
|
(RH only)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- Extend the DSC change to the new OvmfPkg/AmdSev platform, which has been
|
||||||
|
introduced upstream in commit 30d277ed7a82 ("OvmfPkg/Amdsev: Base commit
|
||||||
|
to build encrypted boot specific OVMF", 2020-12-14), for TianoCore#3077.
|
||||||
|
|
||||||
|
- Remove obsolete commit message tags related to downstream patch
|
||||||
|
management: Message-id, Patchwork-id, O-Subject, Acked-by, From
|
||||||
|
(RHBZ#1846481).
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
|
||||||
|
RHEL-8.1/20190308-89910a39dcfd rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
|
||||||
|
RHEL-8.0/20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- reorder the rebase changelog in the commit message so that it reads like
|
||||||
|
a blog: place more recent entries near the top
|
||||||
|
- no changes to the patch body
|
||||||
|
|
||||||
|
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Bugzilla: 1488247
|
||||||
|
|
||||||
|
NvmExpressDxe logs all BlockIo read & write calls on the EFI_D_VERBOSE
|
||||||
|
level.
|
||||||
|
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
(this patch was previously applied as commit 5f432837b9c60c2929b13dda1a1b488d5c3a6d2f)
|
||||||
|
(cherry picked from commit 33e00146eb878588ad1395d7b1ae38f401729da4)
|
||||||
|
(cherry picked from commit bd10cabcfcb1bc9a32b05062f4ee3792e27bc2d8)
|
||||||
|
(cherry picked from commit 5a27af700f49e00608f232f618dedd7bf5e9b3e6)
|
||||||
|
(cherry picked from commit 58bba429b9ec7b78109940ef945d0dc93f3cd958)
|
||||||
|
(cherry picked from commit b8d0ebded8c2cf5b266c807519e2d8ccfd66fee6)
|
||||||
|
(cherry picked from commit ed89844b47f46cfe911f1bf2bda40e537a908502)
|
||||||
|
---
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.dsc | 5 ++++-
|
||||||
|
OvmfPkg/OvmfPkgIa32.dsc | 5 ++++-
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.dsc | 5 ++++-
|
||||||
|
OvmfPkg/OvmfPkgX64.dsc | 5 ++++-
|
||||||
|
4 files changed, 16 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
index cbd48af4dc..a0319c1f0a 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
@@ -688,7 +688,10 @@
|
||||||
|
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
||||||
|
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
|
||||||
|
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
|
||||||
|
- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
|
||||||
|
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
|
||||||
|
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
|
||||||
|
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
index 75a61c88e6..34ad4f2777 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
@@ -843,7 +843,10 @@
|
||||||
|
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
||||||
|
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
|
||||||
|
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
|
||||||
|
- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
|
||||||
|
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
|
||||||
|
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
|
||||||
|
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
index e5ca067d4c..4278ce5e1d 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
@@ -861,7 +861,10 @@
|
||||||
|
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
||||||
|
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
|
||||||
|
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
|
||||||
|
- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
|
||||||
|
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
|
||||||
|
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
|
||||||
|
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
index ad314d86c6..e41a1b976e 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
@@ -929,7 +929,10 @@
|
||||||
|
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
||||||
|
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
|
||||||
|
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
|
||||||
|
- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
|
||||||
|
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
|
||||||
|
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
|
||||||
|
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
|
@ -0,0 +1,80 @@
|
|||||||
|
From 9bf175beabab17dae1b5883d528ae3d9d834249b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Wed, 24 Jun 2020 11:31:36 +0200
|
||||||
|
Subject: [PATCH] OvmfPkg/QemuKernelLoaderFsDxe: suppress error on no "-kernel"
|
||||||
|
in silent aa64 build (RH)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- Remove obsolete commit message tags related to downstream patch
|
||||||
|
management: Message-id, Patchwork-id, O-Subject, Acked-by, From,
|
||||||
|
RH-Acked-by, RH-Author (RHBZ#1846481).
|
||||||
|
|
||||||
|
Bugzilla: 1844682
|
||||||
|
|
||||||
|
If the "-kernel" QEMU option is not used, then QemuKernelLoaderFsDxe
|
||||||
|
should return EFI_NOT_FOUND, so that the DXE Core can unload it. However,
|
||||||
|
the associated error message, logged by the DXE Core to the serial
|
||||||
|
console, is not desired in the silent edk2-aarch64 build, given that the
|
||||||
|
absence of "-kernel" is nothing out of the ordinary. Therefore, return
|
||||||
|
success and stay resident. The wasted guest RAM still gets freed after
|
||||||
|
ExitBootServices().
|
||||||
|
|
||||||
|
(Inspired by RHEL-8.1.0 commit aaaedc1e2cfd.)
|
||||||
|
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
(cherry picked from commit 9adcdf493ebbd11efb74e2905ab5f6c8996e096d)
|
||||||
|
---
|
||||||
|
.../QemuKernelLoaderFsDxe.c | 17 +++++++++++++++++
|
||||||
|
.../QemuKernelLoaderFsDxe.inf | 1 +
|
||||||
|
2 files changed, 18 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c
|
||||||
|
index 3c12085f6c..e192809198 100644
|
||||||
|
--- a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c
|
||||||
|
+++ b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c
|
||||||
|
@@ -19,6 +19,7 @@
|
||||||
|
#include <Library/BaseMemoryLib.h>
|
||||||
|
#include <Library/BlobVerifierLib.h>
|
||||||
|
#include <Library/DebugLib.h>
|
||||||
|
+#include <Library/DebugPrintErrorLevelLib.h>
|
||||||
|
#include <Library/DevicePathLib.h>
|
||||||
|
#include <Library/MemoryAllocationLib.h>
|
||||||
|
#include <Library/QemuFwCfgLib.h>
|
||||||
|
@@ -1081,6 +1082,22 @@ QemuKernelLoaderFsDxeEntrypoint (
|
||||||
|
|
||||||
|
if (KernelBlob->Data == NULL) {
|
||||||
|
Status = EFI_NOT_FOUND;
|
||||||
|
+#if defined (MDE_CPU_AARCH64)
|
||||||
|
+ //
|
||||||
|
+ // RHBZ#1844682
|
||||||
|
+ //
|
||||||
|
+ // If the "-kernel" QEMU option is not being used, this platform DXE driver
|
||||||
|
+ // should return EFI_NOT_FOUND, so that the DXE Core can unload it.
|
||||||
|
+ // However, the associated error message, logged by the DXE Core to the
|
||||||
|
+ // serial console, is not desired in the silent edk2-aarch64 build, given
|
||||||
|
+ // that the absence of "-kernel" is nothing out of the ordinary. Therefore,
|
||||||
|
+ // return success and stay resident. The wasted guest RAM still gets freed
|
||||||
|
+ // after ExitBootServices().
|
||||||
|
+ //
|
||||||
|
+ if (GetDebugPrintErrorLevel () == DEBUG_ERROR) {
|
||||||
|
+ Status = EFI_SUCCESS;
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
goto FreeBlobs;
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf
|
||||||
|
index 7b35adb8e0..23d9f5fca1 100644
|
||||||
|
--- a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf
|
||||||
|
+++ b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf
|
||||||
|
@@ -28,6 +28,7 @@
|
||||||
|
BaseLib
|
||||||
|
BaseMemoryLib
|
||||||
|
DebugLib
|
||||||
|
+ DebugPrintErrorLevelLib
|
||||||
|
DevicePathLib
|
||||||
|
MemoryAllocationLib
|
||||||
|
QemuFwCfgLib
|
@ -0,0 +1,79 @@
|
|||||||
|
From d3d9a0ea8cdd6a8438a878a859ca0cd416c42ad6 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Wed, 24 Jun 2020 11:40:09 +0200
|
||||||
|
Subject: [PATCH] SecurityPkg/Tcg2Dxe: suppress error on no swtpm in silent
|
||||||
|
aa64 build (RH)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- Remove obsolete commit message tags related to downstream patch
|
||||||
|
management: Message-id, Patchwork-id, O-Subject, Acked-by, From,
|
||||||
|
RH-Acked-by, RH-Author (RHBZ#1846481).
|
||||||
|
|
||||||
|
Bugzilla: 1844682
|
||||||
|
|
||||||
|
If swtpm / vTPM2 is not being used, Tcg2Dxe should return EFI_UNSUPPORTED,
|
||||||
|
so that the DXE Core can unload it. However, the associated error message,
|
||||||
|
logged by the DXE Core to the serial console, is not desired in the silent
|
||||||
|
edk2-aarch64 build, given that the absence of swtpm / vTPM2 is nothing out
|
||||||
|
of the ordinary. Therefore, return success and stay resident. The wasted
|
||||||
|
guest RAM still gets freed after ExitBootServices().
|
||||||
|
|
||||||
|
(Inspired by RHEL-8.1.0 commit aaaedc1e2cfd.)
|
||||||
|
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
(cherry picked from commit cbce29f7749477e271f9764fed82de94724af5df)
|
||||||
|
---
|
||||||
|
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c | 17 +++++++++++++++++
|
||||||
|
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf | 1 +
|
||||||
|
2 files changed, 18 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
|
||||||
|
index f6ea8b2bbf..1fd5e187fb 100644
|
||||||
|
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
|
||||||
|
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
|
||||||
|
@@ -28,6 +28,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
#include <Protocol/ResetNotification.h>
|
||||||
|
|
||||||
|
#include <Library/DebugLib.h>
|
||||||
|
+#include <Library/DebugPrintErrorLevelLib.h>
|
||||||
|
#include <Library/BaseMemoryLib.h>
|
||||||
|
#include <Library/UefiRuntimeServicesTableLib.h>
|
||||||
|
#include <Library/UefiDriverEntryPoint.h>
|
||||||
|
@@ -2691,6 +2692,22 @@ DriverEntry (
|
||||||
|
CompareGuid (PcdGetPtr (PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid))
|
||||||
|
{
|
||||||
|
DEBUG ((DEBUG_INFO, "No TPM2 instance required!\n"));
|
||||||
|
+#if defined (MDE_CPU_AARCH64)
|
||||||
|
+ //
|
||||||
|
+ // RHBZ#1844682
|
||||||
|
+ //
|
||||||
|
+ // If swtpm / vTPM2 is not being used, this driver should return
|
||||||
|
+ // EFI_UNSUPPORTED, so that the DXE Core can unload it. However, the
|
||||||
|
+ // associated error message, logged by the DXE Core to the serial console,
|
||||||
|
+ // is not desired in the silent edk2-aarch64 build, given that the absence
|
||||||
|
+ // of swtpm / vTPM2 is nothing out of the ordinary. Therefore, return
|
||||||
|
+ // success and stay resident. The wasted guest RAM still gets freed after
|
||||||
|
+ // ExitBootServices().
|
||||||
|
+ //
|
||||||
|
+ if (GetDebugPrintErrorLevel () == DEBUG_ERROR) {
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
return EFI_UNSUPPORTED;
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
|
||||||
|
index 7dc7a2683d..ae90070b36 100644
|
||||||
|
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
|
||||||
|
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
|
||||||
|
@@ -55,6 +55,7 @@
|
||||||
|
UefiRuntimeServicesTableLib
|
||||||
|
BaseMemoryLib
|
||||||
|
DebugLib
|
||||||
|
+ DebugPrintErrorLevelLib
|
||||||
|
Tpm2CommandLib
|
||||||
|
PrintLib
|
||||||
|
UefiLib
|
@ -0,0 +1,126 @@
|
|||||||
|
From ce3ac92a202a0b845654c05449107840edf5d2f9 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
||||||
|
Date: Thu, 1 Jul 2021 20:28:49 +0200
|
||||||
|
Subject: [PATCH] OvmfPkg: Remove EbcDxe (RHEL only)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
RH-MergeRequest: 3: Disable features for RHEL9
|
||||||
|
RH-Commit: [2/19] 6777c3dc453e4aecddc20216f783ba2a5acccaa0
|
||||||
|
RH-Bugzilla: 1967747
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
|
||||||
|
Remove EFI Byte Code interpreter.
|
||||||
|
|
||||||
|
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
---
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 -
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32.dsc | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.dsc | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgX64.dsc | 1 -
|
||||||
|
OvmfPkg/OvmfPkgX64.fdf | 1 -
|
||||||
|
8 files changed, 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
index a0319c1f0a..906c1a4332 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
@@ -613,7 +613,6 @@
|
||||||
|
!include OvmfPkg/Include/Dsc/OvmfTpmSecurityStub.dsc.inc
|
||||||
|
}
|
||||||
|
|
||||||
|
- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
||||||
|
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
||||||
|
UefiCpuPkg/CpuDxe/CpuDxe.inf
|
||||||
|
OvmfPkg/LocalApicTimerDxe/LocalApicTimerDxe.inf
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
index b2ab0c7773..20d31d0e2d 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
@@ -205,7 +205,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
|
||||||
|
|
||||||
|
INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
|
||||||
|
INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
|
||||||
|
-INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
||||||
|
INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
||||||
|
INF UefiCpuPkg/CpuDxe/CpuDxe.inf
|
||||||
|
INF OvmfPkg/LocalApicTimerDxe/LocalApicTimerDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
index 34ad4f2777..d664b42c67 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
@@ -753,7 +753,6 @@
|
||||||
|
!include OvmfPkg/Include/Dsc/OvmfTpmSecurityStub.dsc.inc
|
||||||
|
}
|
||||||
|
|
||||||
|
- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
||||||
|
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
||||||
|
UefiCpuPkg/CpuDxe/CpuDxe.inf
|
||||||
|
!ifdef $(CSM_ENABLE)
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
index 383613e54b..236680dec2 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
@@ -216,7 +216,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
|
||||||
|
|
||||||
|
INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
|
||||||
|
INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
|
||||||
|
-INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
||||||
|
INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
||||||
|
INF UefiCpuPkg/CpuDxe/CpuDxe.inf
|
||||||
|
!ifdef $(CSM_ENABLE)
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
index 4278ce5e1d..2e0af7698a 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
@@ -771,7 +771,6 @@
|
||||||
|
!include OvmfPkg/Include/Dsc/OvmfTpmSecurityStub.dsc.inc
|
||||||
|
}
|
||||||
|
|
||||||
|
- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
||||||
|
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
||||||
|
UefiCpuPkg/CpuDxe/CpuDxe.inf
|
||||||
|
!ifdef $(CSM_ENABLE)
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
index 3cec3d0c87..3ad2fe5eee 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
@@ -217,7 +217,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
|
||||||
|
|
||||||
|
INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
|
||||||
|
INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
|
||||||
|
-INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
||||||
|
INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
||||||
|
INF UefiCpuPkg/CpuDxe/CpuDxe.inf
|
||||||
|
!ifdef $(CSM_ENABLE)
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
index e41a1b976e..55f6760f4c 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
@@ -816,7 +816,6 @@
|
||||||
|
!include OvmfPkg/Include/Dsc/OvmfTpmSecurityStub.dsc.inc
|
||||||
|
}
|
||||||
|
|
||||||
|
- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
||||||
|
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
||||||
|
|
||||||
|
UefiCpuPkg/CpuDxe/CpuDxe.inf {
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
index 9c35b6e848..da4541d747 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
@@ -239,7 +239,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
|
||||||
|
|
||||||
|
INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
|
||||||
|
INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
|
||||||
|
-INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
||||||
|
INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
||||||
|
|
||||||
|
INF UefiCpuPkg/CpuDxe/CpuDxe.inf
|
@ -0,0 +1,126 @@
|
|||||||
|
From 536709a91fe5d9bf5bb41bc0ae56cb3e3fa0cf5a Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
||||||
|
Date: Thu, 1 Jul 2021 20:28:59 +0200
|
||||||
|
Subject: [PATCH] OvmfPkg: Remove VirtioGpu device driver (RHEL only)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
RH-MergeRequest: 3: Disable features for RHEL9
|
||||||
|
RH-Commit: [4/19] f0a41317291f2e9e3b5bd3125149c3866f23ab08
|
||||||
|
RH-Bugzilla: 1967747
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
|
||||||
|
QemuVideoDxe binds virtio-vga, so VirtioGpu is not needed.
|
||||||
|
|
||||||
|
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
---
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 -
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32.dsc | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.dsc | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgX64.dsc | 1 -
|
||||||
|
OvmfPkg/OvmfPkgX64.fdf | 1 -
|
||||||
|
8 files changed, 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
index 906c1a4332..52b0d1062c 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
@@ -704,7 +704,6 @@
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
}
|
||||||
|
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
# ISA Support
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
index 20d31d0e2d..48cc3b00c1 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
@@ -300,7 +300,6 @@ INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
|
||||||
|
INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
|
||||||
|
|
||||||
|
INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
||||||
|
-INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
INF OvmfPkg/PlatformDxe/Platform.inf
|
||||||
|
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
|
||||||
|
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
index d664b42c67..d39d9e8c27 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
@@ -861,7 +861,6 @@
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
}
|
||||||
|
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
# ISA Support
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
index 236680dec2..381735165d 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
@@ -334,7 +334,6 @@ INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
|
||||||
|
!endif
|
||||||
|
|
||||||
|
INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
||||||
|
-INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
INF OvmfPkg/PlatformDxe/Platform.inf
|
||||||
|
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
index 2e0af7698a..0e3de2ec5e 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
@@ -879,7 +879,6 @@
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
}
|
||||||
|
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
# ISA Support
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
index 3ad2fe5eee..2ca10f7c5e 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
@@ -340,7 +340,6 @@ INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
|
||||||
|
!endif
|
||||||
|
|
||||||
|
INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
||||||
|
-INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
INF OvmfPkg/PlatformDxe/Platform.inf
|
||||||
|
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
|
||||||
|
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
index 55f6760f4c..c266686361 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
@@ -947,7 +947,6 @@
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
}
|
||||||
|
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
# ISA Support
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
index da4541d747..00b3f9d0d8 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
@@ -367,7 +367,6 @@ INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
|
||||||
|
!endif
|
||||||
|
|
||||||
|
INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
||||||
|
-INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
INF OvmfPkg/PlatformDxe/Platform.inf
|
||||||
|
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
|
||||||
|
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf
|
@ -0,0 +1,100 @@
|
|||||||
|
From ff214a87a99084bd91a04711e52ec1bffa911557 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
||||||
|
Date: Thu, 1 Jul 2021 20:29:13 +0200
|
||||||
|
Subject: [PATCH] OvmfPkg: Remove VirtioFsDxe filesystem driver (RHEL only)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
RH-MergeRequest: 3: Disable features for RHEL9
|
||||||
|
RH-Commit: [9/19] b40d8a6b9c38568a74fb922b12bbae9f0e721f95
|
||||||
|
RH-Bugzilla: 1967747
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
|
||||||
|
Remove the virtio-fs driver.
|
||||||
|
|
||||||
|
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
---
|
||||||
|
OvmfPkg/OvmfPkgIa32.dsc | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.dsc | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgX64.dsc | 1 -
|
||||||
|
OvmfPkg/OvmfPkgX64.fdf | 1 -
|
||||||
|
6 files changed, 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
index d39d9e8c27..12ed090eab 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
@@ -836,7 +836,6 @@
|
||||||
|
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
||||||
|
FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
||||||
|
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
|
||||||
|
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
|
||||||
|
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
index 381735165d..bd69792100 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
@@ -296,7 +296,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
||||||
|
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
-INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
index 0e3de2ec5e..821423cfe2 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
@@ -854,7 +854,6 @@
|
||||||
|
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
||||||
|
FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
||||||
|
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
|
||||||
|
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
|
||||||
|
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
index 2ca10f7c5e..4011682faf 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
@@ -297,7 +297,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
||||||
|
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
-INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
index c266686361..ea3f8d73bc 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
@@ -922,7 +922,6 @@
|
||||||
|
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
||||||
|
FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
||||||
|
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
|
||||||
|
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
|
||||||
|
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
index 00b3f9d0d8..c53501679a 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
@@ -322,7 +322,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
||||||
|
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
-INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
@ -0,0 +1,61 @@
|
|||||||
|
From 7478b17347f2119448467a0ce821a5c5f865a2c8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
||||||
|
Date: Thu, 1 Jul 2021 20:29:16 +0200
|
||||||
|
Subject: [PATCH] ArmVirtPkg: Remove VirtioFsDxe filesystem driver (RHEL only)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
RH-MergeRequest: 3: Disable features for RHEL9
|
||||||
|
RH-Commit: [10/19] 808ad4385c24fbf34fb0ba359808e6d364e1d030
|
||||||
|
RH-Bugzilla: 1967747
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
|
||||||
|
Remove the virtio-fs driver.
|
||||||
|
|
||||||
|
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
---
|
||||||
|
ArmVirtPkg/ArmVirtQemu.dsc | 1 -
|
||||||
|
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
|
||||||
|
ArmVirtPkg/ArmVirtQemuKernel.dsc | 1 -
|
||||||
|
3 files changed, 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
index fe7b7e1d64..f0946821c6 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
@@ -465,7 +465,6 @@
|
||||||
|
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
||||||
|
FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
# Bds
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
index 9b3e37d5c9..a997063751 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
@@ -84,7 +84,6 @@ READ_LOCK_STATUS = TRUE
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
INF MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
||||||
|
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
- INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
# Status Code Routing
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
||||||
|
index 4a43892f7d..8fa801dad6 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
||||||
|
@@ -365,7 +365,6 @@
|
||||||
|
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
||||||
|
FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
# Bds
|
@ -0,0 +1,126 @@
|
|||||||
|
From 42c144b94db706be6f01d5fb1537a35cc803daa8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
||||||
|
Date: Thu, 1 Jul 2021 20:29:19 +0200
|
||||||
|
Subject: [PATCH] OvmfPkg: Remove UdfDxe filesystem driver (RHEL only)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
RH-MergeRequest: 3: Disable features for RHEL9
|
||||||
|
RH-Commit: [11/19] 21614de37221fca27d4eec0f03c5c8bce5911af3
|
||||||
|
RH-Bugzilla: 1967747
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
|
||||||
|
Remove the UDF driver.
|
||||||
|
|
||||||
|
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
---
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 -
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32.dsc | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.dsc | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgX64.dsc | 1 -
|
||||||
|
OvmfPkg/OvmfPkgX64.fdf | 1 -
|
||||||
|
8 files changed, 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
index 52b0d1062c..41953c119d 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
@@ -681,7 +681,6 @@
|
||||||
|
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
|
||||||
|
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
||||||
|
FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
|
||||||
|
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
|
||||||
|
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
index 48cc3b00c1..2f03c80ffd 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
@@ -274,7 +274,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
||||||
|
INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
||||||
|
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
-INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
|
||||||
|
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
|
||||||
|
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
index 12ed090eab..07176ad930 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
@@ -835,7 +835,6 @@
|
||||||
|
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
|
||||||
|
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
||||||
|
FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
|
||||||
|
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
|
||||||
|
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
index bd69792100..97c808446e 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
@@ -295,7 +295,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
||||||
|
INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
||||||
|
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
-INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
index 821423cfe2..ba7ed38412 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
@@ -853,7 +853,6 @@
|
||||||
|
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
|
||||||
|
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
||||||
|
FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
|
||||||
|
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
|
||||||
|
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
index 4011682faf..6351ce645b 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
@@ -296,7 +296,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
||||||
|
INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
||||||
|
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
-INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
index ea3f8d73bc..55f3315241 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
@@ -921,7 +921,6 @@
|
||||||
|
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
|
||||||
|
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
||||||
|
FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
|
||||||
|
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
|
||||||
|
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
index c53501679a..558a944f20 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
@@ -321,7 +321,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
||||||
|
INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
||||||
|
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
-INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
@ -0,0 +1,61 @@
|
|||||||
|
From 34b2ee906d0cce11a8156105777b6ecfaca5feba Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
||||||
|
Date: Thu, 1 Jul 2021 20:29:22 +0200
|
||||||
|
Subject: [PATCH] ArmVirtPkg: Remove UdfDxe filesystem driver (RHEL only)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
RH-MergeRequest: 3: Disable features for RHEL9
|
||||||
|
RH-Commit: [12/19] fcadb6a747b65e4d449d48131c9a2eeed4bd3c9a
|
||||||
|
RH-Bugzilla: 1967747
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
|
||||||
|
Remove the UDF driver.
|
||||||
|
|
||||||
|
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
---
|
||||||
|
ArmVirtPkg/ArmVirtQemu.dsc | 1 -
|
||||||
|
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
|
||||||
|
ArmVirtPkg/ArmVirtQemuKernel.dsc | 1 -
|
||||||
|
3 files changed, 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
index f0946821c6..68ad5877ee 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
@@ -464,7 +464,6 @@
|
||||||
|
MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
|
||||||
|
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
||||||
|
FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
# Bds
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
index a997063751..dcb1b793d1 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
@@ -83,7 +83,6 @@ READ_LOCK_STATUS = TRUE
|
||||||
|
INF MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
INF MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
||||||
|
- INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
# Status Code Routing
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
||||||
|
index 8fa801dad6..87e54e682a 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
||||||
|
@@ -364,7 +364,6 @@
|
||||||
|
MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
|
||||||
|
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
||||||
|
FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
# Bds
|
@ -0,0 +1,109 @@
|
|||||||
|
From aac73e5f62e2305e6578c9b22ae557741bf6532a Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
||||||
|
Date: Thu, 1 Jul 2021 20:29:25 +0200
|
||||||
|
Subject: [PATCH] OvmfPkg: Remove TftpDynamicCommand from shell (RHEL only)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
RH-MergeRequest: 3: Disable features for RHEL9
|
||||||
|
RH-Commit: [13/19] cf9ef346386ac89fa05b29d429d8d1b27cf0e3b0
|
||||||
|
RH-Bugzilla: 1967747
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
|
||||||
|
Remove the command to download files in the shell via TFTP.
|
||||||
|
|
||||||
|
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
---
|
||||||
|
OvmfPkg/OvmfPkgIa32.dsc | 4 ----
|
||||||
|
OvmfPkg/OvmfPkgIa32.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.dsc | 4 ----
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgX64.dsc | 4 ----
|
||||||
|
OvmfPkg/OvmfPkgX64.fdf | 1 -
|
||||||
|
6 files changed, 15 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
index 07176ad930..0183511722 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
@@ -913,10 +913,6 @@
|
||||||
|
!endif
|
||||||
|
|
||||||
|
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
|
||||||
|
- ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
- }
|
||||||
|
ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
index 97c808446e..cb95c842fa 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
@@ -297,7 +297,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
-INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
||||||
|
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
||||||
|
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
!endif
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
index ba7ed38412..66554b42ed 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
@@ -931,10 +931,6 @@
|
||||||
|
!endif
|
||||||
|
|
||||||
|
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
|
||||||
|
- ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
- }
|
||||||
|
ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
index 6351ce645b..592f0fed82 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
@@ -298,7 +298,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
-INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
||||||
|
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
||||||
|
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
!endif
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
index 55f3315241..6d1d2bd39b 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
@@ -999,10 +999,6 @@
|
||||||
|
!endif
|
||||||
|
|
||||||
|
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
|
||||||
|
- ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
- }
|
||||||
|
ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
index 558a944f20..70556f8ace 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
@@ -323,7 +323,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
-INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
||||||
|
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
||||||
|
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
!endif
|
@ -0,0 +1,54 @@
|
|||||||
|
From a3493c0945f733e395ea7444f1639a42f8a717f0 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
||||||
|
Date: Thu, 1 Jul 2021 20:29:28 +0200
|
||||||
|
Subject: [PATCH] ArmVirtPkg: Remove TftpDynamicCommand from shell (RHEL only)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
RH-MergeRequest: 3: Disable features for RHEL9
|
||||||
|
RH-Commit: [14/19] 12436014941bd4a7c99a26d779ebdcd75f169403
|
||||||
|
RH-Bugzilla: 1967747
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
|
||||||
|
Remove the command to download files in the shell via TFTP.
|
||||||
|
|
||||||
|
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
---
|
||||||
|
ArmVirtPkg/ArmVirt.dsc.inc | 7 +++----
|
||||||
|
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
|
||||||
|
2 files changed, 3 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
|
||||||
|
index fe6488ee99..5677bad717 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirt.dsc.inc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
|
||||||
|
@@ -385,10 +385,9 @@
|
||||||
|
#
|
||||||
|
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
|
||||||
|
|
||||||
|
- ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
- }
|
||||||
|
+ #
|
||||||
|
+ # UEFI application (Shell Embedded Boot Loader)
|
||||||
|
+ #
|
||||||
|
ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
index dcb1b793d1..b1c3fcc66d 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
@@ -99,7 +99,6 @@ READ_LOCK_STATUS = TRUE
|
||||||
|
INF OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
||||||
|
|
||||||
|
INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
- INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
||||||
|
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
||||||
|
INF ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf
|
||||||
|
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
@ -0,0 +1,113 @@
|
|||||||
|
From 873a03ce289c988d822f1bb420c1e9a0eef5ca56 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
||||||
|
Date: Thu, 1 Jul 2021 20:29:31 +0200
|
||||||
|
Subject: [PATCH] OvmfPkg: Remove HttpDynamicCommand from shell (RHEL only)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Rebase to edk2-stable202311:
|
||||||
|
|
||||||
|
Minor update, context change due to new variable policy shell command.
|
||||||
|
|
||||||
|
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
RH-MergeRequest: 3: Disable features for RHEL9
|
||||||
|
RH-Commit: [15/19] 1911cf04f27467ef1175b1976864c1111d93d19e
|
||||||
|
RH-Bugzilla: 1967747
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
|
||||||
|
Remove the command to download files in the shell via HTTP(S).
|
||||||
|
|
||||||
|
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
---
|
||||||
|
OvmfPkg/OvmfPkgIa32.dsc | 4 ----
|
||||||
|
OvmfPkg/OvmfPkgIa32.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.dsc | 4 ----
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgX64.dsc | 4 ----
|
||||||
|
OvmfPkg/OvmfPkgX64.fdf | 1 -
|
||||||
|
6 files changed, 15 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
index 0183511722..970ffbad82 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
@@ -913,10 +913,6 @@
|
||||||
|
!endif
|
||||||
|
|
||||||
|
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
|
||||||
|
- ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
- }
|
||||||
|
ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf {
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
index cb95c842fa..891e0e06ef 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
@@ -297,7 +297,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
-INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
||||||
|
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
!endif
|
||||||
|
!if $(BUILD_SHELL) == TRUE
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
index 66554b42ed..3127e3d18d 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
@@ -931,10 +931,6 @@
|
||||||
|
!endif
|
||||||
|
|
||||||
|
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
|
||||||
|
- ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
- }
|
||||||
|
ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf {
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
index 592f0fed82..61a827b365 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
@@ -298,7 +298,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
-INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
||||||
|
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
!endif
|
||||||
|
!if $(BUILD_SHELL) == TRUE
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
index 6d1d2bd39b..6f078b5b27 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
@@ -999,10 +999,6 @@
|
||||||
|
!endif
|
||||||
|
|
||||||
|
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
|
||||||
|
- ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
- }
|
||||||
|
ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf {
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
index 70556f8ace..d2e1c2894f 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
@@ -323,7 +323,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
-INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
||||||
|
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
!endif
|
||||||
|
!if $(BUILD_SHELL) == TRUE
|
@ -0,0 +1,55 @@
|
|||||||
|
From 4b212f0b5f5d2dbe595e53bc0b553abb90ee288a Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
||||||
|
Date: Thu, 1 Jul 2021 20:29:34 +0200
|
||||||
|
Subject: [PATCH] ArmVirtPkg: Remove HttpDynamicCommand from shell (RHEL only)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Rebase to edk2-stable202311:
|
||||||
|
|
||||||
|
Minor update, context change due to new variable policy shell command.
|
||||||
|
|
||||||
|
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
RH-MergeRequest: 3: Disable features for RHEL9
|
||||||
|
RH-Commit: [16/19] 07a74f1fdcdbb9a31d25ce9760edcd852e9574c3
|
||||||
|
RH-Bugzilla: 1967747
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
|
||||||
|
Remove the command to download files in the shell via HTTP(S).
|
||||||
|
|
||||||
|
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
---
|
||||||
|
ArmVirtPkg/ArmVirt.dsc.inc | 4 ----
|
||||||
|
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
|
||||||
|
2 files changed, 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
|
||||||
|
index 5677bad717..d4c001e1bd 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirt.dsc.inc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
|
||||||
|
@@ -388,10 +388,6 @@
|
||||||
|
#
|
||||||
|
# UEFI application (Shell Embedded Boot Loader)
|
||||||
|
#
|
||||||
|
- ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
- }
|
||||||
|
ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf {
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
index b1c3fcc66d..8153558686 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
@@ -99,7 +99,6 @@ READ_LOCK_STATUS = TRUE
|
||||||
|
INF OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
||||||
|
|
||||||
|
INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
- INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
||||||
|
INF ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf
|
||||||
|
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
|
@ -0,0 +1,315 @@
|
|||||||
|
From 3635ecb975af26d0d4886b862f8cf812b891eb37 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
||||||
|
Date: Thu, 1 Jul 2021 20:29:39 +0200
|
||||||
|
Subject: [PATCH] OvmfPkg: Remove LinuxInitrdDynamicShellCommand (RHEL only)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Rebase to edk2-stable202311:
|
||||||
|
|
||||||
|
Minor update, context change due to new variable policy shell command.
|
||||||
|
|
||||||
|
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
RH-MergeRequest: 3: Disable features for RHEL9
|
||||||
|
RH-Commit: [17/19] 491fe1301ea29c7cb56c20272e45614d5fcb6f14
|
||||||
|
RH-Bugzilla: 1967747
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
|
||||||
|
Remove the command to register a file in the shell as the
|
||||||
|
initial ramdisk for a UEFI stubbed kernel, to be booted next.
|
||||||
|
|
||||||
|
Note: as further dynamic shell commands might show up upstream,
|
||||||
|
we intentionally preserve the empty !ifdef'ry context to ease
|
||||||
|
future downstream rebases.
|
||||||
|
|
||||||
|
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
---
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.dsc | 4 ----
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32.dsc | 32 ++++++++++++++------------------
|
||||||
|
OvmfPkg/OvmfPkgIa32.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.dsc | 32 ++++++++++++++------------------
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
|
||||||
|
OvmfPkg/OvmfPkgX64.dsc | 32 ++++++++++++++------------------
|
||||||
|
OvmfPkg/OvmfPkgX64.fdf | 1 -
|
||||||
|
8 files changed, 42 insertions(+), 62 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
index 41953c119d..7bb6ffb3f0 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
@@ -740,10 +740,6 @@
|
||||||
|
MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
|
||||||
|
|
||||||
|
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
|
||||||
|
- OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
- }
|
||||||
|
!endif
|
||||||
|
OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
|
||||||
|
OvmfPkg/AmdSev/Grub/Grub.inf
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
index 2f03c80ffd..0e3d7bea2b 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
@@ -276,7 +276,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
|
||||||
|
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
|
||||||
|
-INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
!endif
|
||||||
|
INF OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
|
||||||
|
INF OvmfPkg/AmdSev/Grub/Grub.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
index 970ffbad82..83adecc374 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
@@ -537,7 +537,7 @@
|
||||||
|
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
|
||||||
|
# // significantly impact boot performance
|
||||||
|
# DEBUG_ERROR 0x80000000 // Error
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
|
||||||
|
|
||||||
|
!if $(SOURCE_DEBUG_ENABLE) == TRUE
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
|
||||||
|
@@ -604,7 +604,7 @@
|
||||||
|
# ($(SMM_REQUIRE) == FALSE)
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
|
||||||
|
|
||||||
|
- gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
|
||||||
|
!if $(SMM_REQUIRE) == FALSE
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
|
||||||
|
@@ -840,25 +840,25 @@
|
||||||
|
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
||||||
|
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
|
||||||
|
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
|
||||||
|
- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
- }
|
||||||
|
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
|
||||||
|
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
|
||||||
|
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
|
||||||
|
MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
|
||||||
|
|
||||||
|
!ifndef $(CSM_ENABLE)
|
||||||
|
- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
- }
|
||||||
|
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
!endif
|
||||||
|
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
- }
|
||||||
|
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
|
||||||
|
#
|
||||||
|
# ISA Support
|
||||||
|
@@ -917,10 +917,6 @@
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
}
|
||||||
|
- OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
- }
|
||||||
|
!endif
|
||||||
|
!if $(BUILD_SHELL) == TRUE
|
||||||
|
ShellPkg/Application/Shell/Shell.inf {
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
index 891e0e06ef..88c57ff5ff 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
@@ -297,7 +297,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
-INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
!endif
|
||||||
|
!if $(BUILD_SHELL) == TRUE
|
||||||
|
INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
index 3127e3d18d..b47cdf63e7 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
@@ -544,7 +544,7 @@
|
||||||
|
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
|
||||||
|
# // significantly impact boot performance
|
||||||
|
# DEBUG_ERROR 0x80000000 // Error
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
|
||||||
|
|
||||||
|
!if $(SOURCE_DEBUG_ENABLE) == TRUE
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
|
||||||
|
@@ -616,7 +616,7 @@
|
||||||
|
# ($(SMM_REQUIRE) == FALSE)
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
|
||||||
|
|
||||||
|
- gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
|
||||||
|
!if $(SMM_REQUIRE) == FALSE
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
|
||||||
|
@@ -858,25 +858,25 @@
|
||||||
|
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
||||||
|
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
|
||||||
|
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
|
||||||
|
- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
- }
|
||||||
|
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
|
||||||
|
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
|
||||||
|
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
|
||||||
|
MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
|
||||||
|
|
||||||
|
!ifndef $(CSM_ENABLE)
|
||||||
|
- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
- }
|
||||||
|
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
!endif
|
||||||
|
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
- }
|
||||||
|
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
|
||||||
|
#
|
||||||
|
# ISA Support
|
||||||
|
@@ -935,10 +935,6 @@
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
}
|
||||||
|
- OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
- }
|
||||||
|
!endif
|
||||||
|
!if $(BUILD_SHELL) == TRUE
|
||||||
|
ShellPkg/Application/Shell/Shell.inf {
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
index 61a827b365..ab5a9bc306 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
@@ -298,7 +298,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
-INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
!endif
|
||||||
|
!if $(BUILD_SHELL) == TRUE
|
||||||
|
INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
index 6f078b5b27..be3824ec1e 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
@@ -563,7 +563,7 @@
|
||||||
|
# DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
|
||||||
|
# // significantly impact boot performance
|
||||||
|
# DEBUG_ERROR 0x80000000 // Error
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8040004F
|
||||||
|
|
||||||
|
!if $(SOURCE_DEBUG_ENABLE) == TRUE
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
|
||||||
|
@@ -634,7 +634,7 @@
|
||||||
|
# ($(SMM_REQUIRE) == FALSE)
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
|
||||||
|
|
||||||
|
- gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
|
||||||
|
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResizeXterm|FALSE
|
||||||
|
!if $(SMM_REQUIRE) == FALSE
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0
|
||||||
|
@@ -926,25 +926,25 @@
|
||||||
|
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
||||||
|
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
|
||||||
|
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
|
||||||
|
- MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
- }
|
||||||
|
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
|
||||||
|
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
|
||||||
|
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
|
||||||
|
MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
|
||||||
|
|
||||||
|
!ifndef $(CSM_ENABLE)
|
||||||
|
- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
- }
|
||||||
|
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
!endif
|
||||||
|
- OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
- }
|
||||||
|
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf {
|
||||||
|
+ <PcdsFixedAtBuild>
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
||||||
|
+ }
|
||||||
|
|
||||||
|
#
|
||||||
|
# ISA Support
|
||||||
|
@@ -1003,10 +1003,6 @@
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
}
|
||||||
|
- OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
- }
|
||||||
|
!endif
|
||||||
|
!if $(BUILD_SHELL) == TRUE
|
||||||
|
ShellPkg/Application/Shell/Shell.inf {
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
index d2e1c2894f..851399888f 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
@@ -323,7 +323,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
|
||||||
|
!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
-INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
!endif
|
||||||
|
!if $(BUILD_SHELL) == TRUE
|
||||||
|
INF ShellPkg/Application/Shell/Shell.inf
|
@ -0,0 +1,66 @@
|
|||||||
|
From b91bdc055499a46d825b3c6a2613de5c77e3a66d Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
||||||
|
Date: Thu, 1 Jul 2021 20:29:46 +0200
|
||||||
|
Subject: [PATCH] ArmVirtPkg: Remove LinuxInitrdDynamicShellCommand (RHEL only)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Rebase to edk2-stable202311:
|
||||||
|
|
||||||
|
Minor update, context change due to new variable policy shell command.
|
||||||
|
|
||||||
|
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
RH-MergeRequest: 3: Disable features for RHEL9
|
||||||
|
RH-Commit: [18/19] 8f4e4007108462533e3d2050b84d8830073a7c0d
|
||||||
|
RH-Bugzilla: 1967747
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
|
||||||
|
Remove the command to register a file in the shell as the initial
|
||||||
|
ramdisk for a UEFI stubbed kernel, to be booted next.
|
||||||
|
|
||||||
|
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
---
|
||||||
|
ArmVirtPkg/ArmVirt.dsc.inc | 10 +++-------
|
||||||
|
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
|
||||||
|
2 files changed, 3 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
|
||||||
|
index d4c001e1bd..fee6e5b17f 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirt.dsc.inc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
|
||||||
|
@@ -385,17 +385,13 @@
|
||||||
|
#
|
||||||
|
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
|
||||||
|
|
||||||
|
- #
|
||||||
|
- # UEFI application (Shell Embedded Boot Loader)
|
||||||
|
- #
|
||||||
|
+ #
|
||||||
|
+ # UEFI application (Shell Embedded Boot Loader)
|
||||||
|
+ #
|
||||||
|
ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf {
|
||||||
|
<PcdsFixedAtBuild>
|
||||||
|
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
}
|
||||||
|
- OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
|
||||||
|
- <PcdsFixedAtBuild>
|
||||||
|
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
- }
|
||||||
|
ShellPkg/Application/Shell/Shell.inf {
|
||||||
|
<LibraryClasses>
|
||||||
|
ShellCommandLib|ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.inf
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
index 8153558686..4cd53995d2 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
@@ -100,7 +100,6 @@ READ_LOCK_STATUS = TRUE
|
||||||
|
|
||||||
|
INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
INF ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf
|
||||||
|
- INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
# Bds
|
@ -0,0 +1,49 @@
|
|||||||
|
From 41089770963055b4bc9662ba4204d8ee7907fbcd Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 28 Feb 2023 15:47:00 +0100
|
||||||
|
Subject: [PATCH] UefiCpuPkg/MpInitLib: fix apic mode for cpu hotplug
|
||||||
|
|
||||||
|
RH-Author: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
RH-MergeRequest: 42: UefiCpuPkg/MpInitLib: fix apic mode for cpu hotplug
|
||||||
|
RH-Bugzilla: 2124143
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [1/1] 5168501c31541a57aaeb3b3bd7c3602205eb7cdf (kraxel/centos-edk2)
|
||||||
|
|
||||||
|
In case the number of CPUs can in increase beyond 255
|
||||||
|
due to CPU hotplug choose x2apic mode.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
|
||||||
|
patch_name: edk2-UefiCpuPkg-MpInitLib-fix-apic-mode-for-cpu-hotplug.patch
|
||||||
|
present_in_specfile: true
|
||||||
|
location_in_specfile: 38
|
||||||
|
---
|
||||||
|
UefiCpuPkg/Library/MpInitLib/MpLib.c | 8 +++++++-
|
||||||
|
1 file changed, 7 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpInitLib/MpLib.c
|
||||||
|
index 9a6ec5db5c..14ecc62f2b 100644
|
||||||
|
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.c
|
||||||
|
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c
|
||||||
|
@@ -527,7 +527,9 @@ CollectProcessorCount (
|
||||||
|
//
|
||||||
|
// Enable x2APIC mode if
|
||||||
|
// 1. Number of CPU is greater than 255; or
|
||||||
|
- // 2. There are any logical processors reporting an Initial APIC ID of 255 or greater.
|
||||||
|
+ // 2. The platform exposed the exact *boot* CPU count to us in advance, and
|
||||||
|
+ // more than 255 logical processors are possible later, with hotplug; or
|
||||||
|
+ // 3. There are any logical processors reporting an Initial APIC ID of 255 or greater.
|
||||||
|
//
|
||||||
|
X2Apic = FALSE;
|
||||||
|
if (CpuMpData->CpuCount > 255) {
|
||||||
|
@@ -535,6 +537,10 @@ CollectProcessorCount (
|
||||||
|
// If there are more than 255 processor found, force to enable X2APIC
|
||||||
|
//
|
||||||
|
X2Apic = TRUE;
|
||||||
|
+ } else if ((PcdGet32 (PcdCpuBootLogicalProcessorNumber) > 0) &&
|
||||||
|
+ (PcdGet32 (PcdCpuMaxLogicalProcessorNumber) > 255))
|
||||||
|
+ {
|
||||||
|
+ X2Apic = TRUE;
|
||||||
|
} else {
|
||||||
|
CpuInfoInHob = (CPU_INFO_IN_HOB *)(UINTN)CpuMpData->CpuInfoInHob;
|
||||||
|
for (Index = 0; Index < CpuMpData->CpuCount; Index++) {
|
@ -0,0 +1,121 @@
|
|||||||
|
From 5870362631ee204936f495b8e60eb2611bb05c3b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
Date: Wed, 16 Aug 2023 12:09:40 +0200
|
||||||
|
Subject: [PATCH] OvmfPkg/AmdSevDxe: Shim Reboot workaround (RHEL only)
|
||||||
|
|
||||||
|
RH-Author: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-MergeRequest: 46: OvmfPkg/AmdSevDxe: Shim Reboot workaround (RHEL only)
|
||||||
|
RH-Bugzilla: 2218196
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [1/1] 9bf3bb989e36253aa34bf82ecfe8faa7312e8d22 (osteffen/edk2)
|
||||||
|
|
||||||
|
Add a callback at the end of the Dxe phase that sets the
|
||||||
|
"FB_NO_REBOOT" variable under the Shim GUID.
|
||||||
|
This is a workaround for a boot loop in case a confidential
|
||||||
|
guest that uses shim is booted with a vtpm device present.
|
||||||
|
|
||||||
|
BZ 2218196
|
||||||
|
|
||||||
|
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
|
||||||
|
patch_name: edk2-OvmfPkg-AmdSevDxe-Shim-Reboot-workaround-RHEL-only.patch
|
||||||
|
present_in_specfile: true
|
||||||
|
location_in_specfile: 44
|
||||||
|
---
|
||||||
|
OvmfPkg/AmdSevDxe/AmdSevDxe.c | 42 +++++++++++++++++++++++++++++++++
|
||||||
|
OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 2 ++
|
||||||
|
2 files changed, 44 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
|
||||||
|
index db3675ae86..f639c093a2 100644
|
||||||
|
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
|
||||||
|
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
|
||||||
|
@@ -19,6 +19,7 @@
|
||||||
|
#include <Library/MemoryAllocationLib.h>
|
||||||
|
#include <Library/UefiBootServicesTableLib.h>
|
||||||
|
#include <Guid/ConfidentialComputingSevSnpBlob.h>
|
||||||
|
+#include <Guid/GlobalVariable.h>
|
||||||
|
#include <Library/PcdLib.h>
|
||||||
|
#include <Pi/PrePiDxeCis.h>
|
||||||
|
#include <Protocol/SevMemoryAcceptance.h>
|
||||||
|
@@ -28,6 +29,10 @@
|
||||||
|
// Present, initialized, tested bits defined in MdeModulePkg/Core/Dxe/DxeMain.h
|
||||||
|
#define EFI_MEMORY_INTERNAL_MASK 0x0700000000000000ULL
|
||||||
|
|
||||||
|
+static EFI_GUID ShimLockGuid = {
|
||||||
|
+ 0x605dab50, 0xe046, 0x4300, { 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23 }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
STATIC
|
||||||
|
EFI_STATUS
|
||||||
|
AllocateConfidentialComputingBlob (
|
||||||
|
@@ -191,6 +196,32 @@ STATIC EDKII_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol = {
|
||||||
|
AmdSevMemoryAccept
|
||||||
|
};
|
||||||
|
|
||||||
|
+VOID
|
||||||
|
+EFIAPI
|
||||||
|
+PopulateVarstore (
|
||||||
|
+ EFI_EVENT Event,
|
||||||
|
+ VOID *Context
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ EFI_SYSTEM_TABLE *SystemTable = (EFI_SYSTEM_TABLE *)Context;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
+ DEBUG ((DEBUG_INFO, "Populating Varstore\n"));
|
||||||
|
+ UINT32 data = 1;
|
||||||
|
+
|
||||||
|
+ Status = SystemTable->RuntimeServices->SetVariable (
|
||||||
|
+ L"FB_NO_REBOOT",
|
||||||
|
+ &ShimLockGuid,
|
||||||
|
+ EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS,
|
||||||
|
+ sizeof (data),
|
||||||
|
+ &data
|
||||||
|
+ );
|
||||||
|
+ ASSERT_EFI_ERROR (Status);
|
||||||
|
+
|
||||||
|
+ Status = SystemTable->BootServices->CloseEvent (Event);
|
||||||
|
+ ASSERT_EFI_ERROR (Status);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
EFI_STATUS
|
||||||
|
EFIAPI
|
||||||
|
AmdSevDxeEntryPoint (
|
||||||
|
@@ -203,6 +234,7 @@ AmdSevDxeEntryPoint (
|
||||||
|
UINTN NumEntries;
|
||||||
|
UINTN Index;
|
||||||
|
CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION *SnpBootDxeTable;
|
||||||
|
+ EFI_EVENT PopulateVarstoreEvent;
|
||||||
|
|
||||||
|
//
|
||||||
|
// Do nothing when SEV is not enabled
|
||||||
|
@@ -361,5 +393,15 @@ AmdSevDxeEntryPoint (
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ Status = gBS->CreateEventEx (
|
||||||
|
+ EVT_NOTIFY_SIGNAL,
|
||||||
|
+ TPL_CALLBACK,
|
||||||
|
+ PopulateVarstore,
|
||||||
|
+ SystemTable,
|
||||||
|
+ &gEfiEndOfDxeEventGroupGuid,
|
||||||
|
+ &PopulateVarstoreEvent
|
||||||
|
+ );
|
||||||
|
+ ASSERT_EFI_ERROR (Status);
|
||||||
|
+
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
|
||||||
|
index e7c7d526c9..09cbd2b0ca 100644
|
||||||
|
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
|
||||||
|
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
|
||||||
|
@@ -54,6 +54,8 @@
|
||||||
|
[Guids]
|
||||||
|
gConfidentialComputingSevSnpBlobGuid
|
||||||
|
gEfiEventBeforeExitBootServicesGuid
|
||||||
|
+ gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event
|
||||||
|
+
|
||||||
|
|
||||||
|
[Pcd]
|
||||||
|
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId
|
@ -0,0 +1,85 @@
|
|||||||
|
From 771ce5bae1eb03240b04dde05a7a40dcec3c8a10 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Wed, 11 Jun 2014 20:45:26 +0200
|
||||||
|
Subject: [PATCH] recreate / import ".distro/" directory
|
||||||
|
|
||||||
|
This patch now unites the following downstream commits:
|
||||||
|
|
||||||
|
- 18bd1193e7 .distro: simplify WORKSPACE setup
|
||||||
|
- b00f3398c8 fix tpm build options
|
||||||
|
- e032ab1675 spec: Centralize non-firmware %install files at the top
|
||||||
|
- 8501863acc spec: Don't put build output in the top directory
|
||||||
|
- e6ec0363d3 spec: Factor out OVMF_FLAGS and OVMF_SB_FLAGS
|
||||||
|
- 596f34c8b6 spec: Use %make_build macro
|
||||||
|
- 55169e466d spec: Replace RPM_BUILD_ROOT with %{buildroot}
|
||||||
|
- 69c4c60920 spec: Split out build_iso() function
|
||||||
|
- ed67da8c85 spec: Add %{qosb_testing} macro
|
||||||
|
- 44519f5b94 spec: Move %check to between %install and %files
|
||||||
|
- b37b334dc7 spec: Remove extra 'true' at end of %check
|
||||||
|
- dd11149c3a spec: Add %{qemu_package} and %{qemu_binary}
|
||||||
|
- 0f5d4ae0d5 spec: Move -D TPM_ENABLE to common CC_FLAGS
|
||||||
|
- 84b3fd93f9 spec: Replace ifarch+else conditionals with build_XXX variables
|
||||||
|
- e97f79e744 spec: Use %autosetup with our required git config options
|
||||||
|
- 45a347a759 spec: don't conditionalize %package definitions
|
||||||
|
- acfcfaea1e spec: Add BuildRequires: make
|
||||||
|
- d917a93f6f spec: remove Group: and %defattr
|
||||||
|
- f2d3be3ae3 redhat: build UefiShell.iso with xorriso rather than genisoimage
|
||||||
|
- 3fb4a20f30 redhat: narrow the "qemu-kvm" BuildRequires down to "qemu-kvm-core"
|
||||||
|
- bfb89c4ae5 redhat: drop Split tool from the edk2-tools subpackage
|
||||||
|
- ac8be2e0ef redhat: refresh "Makefile.common" for the 8.5 rebase
|
||||||
|
- 2bd2d18864 redhat: filter out jansson submodule removal hunks
|
||||||
|
- f13d7899ed recreate / import "redhat/" directory
|
||||||
|
|
||||||
|
Merged patches (edk2-stable202202):
|
||||||
|
- 1a7b1c3b72 spec: adapt specfile to build option changes, disable tpm1
|
||||||
|
- 96eb388be3 spec: build amdsev variant
|
||||||
|
- ea34352d41 redhat: bump OpenSSL dist-git submodule to a75722161d20 / RHEL-8.5
|
||||||
|
|
||||||
|
Merged patches (edk2-stable202208):
|
||||||
|
- a60bf3fd10 Adding support for CentOS 9 build
|
||||||
|
- d3f25d438c OvmfPkg: Update target machines config
|
||||||
|
- d63f783930 openssl: jump to 8.7.0 branch (2022-07-22)
|
||||||
|
- 39882ce96d qemu-ovmf-secureboot: Do not use submodule
|
||||||
|
- 283ef4a67d ovmf-vars-generator: Use max cpu
|
||||||
|
- b6887ef7e1 Update build target to RHEL 9.2.0
|
||||||
|
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
|
||||||
|
Merged patches (edk2-stable202305):
|
||||||
|
- 5eef16bd65 remove amd-sev feature flag from secure boot builds (rh only)
|
||||||
|
- cc9e1b6eaa build script update
|
||||||
|
- 046c1f08e6 PcdDxeNxMemoryProtectionPolicy update
|
||||||
|
- b9dc1b5365 add aarch64 qcow2 images
|
||||||
|
- f4e2d6bf41 update json files
|
||||||
|
- be03b42128 add libvirt version conflict
|
||||||
|
- dce699b61d add dbx update blob (rh only)
|
||||||
|
- d8b2407343 spec: apply dbx update (rh only)
|
||||||
|
- a8a5ef95b5 dbx update, 2023-05-09, black lotus edition
|
||||||
|
- 310e179053 json descriptors: explicitly set mode = split
|
||||||
|
- additionally
|
||||||
|
- update frh.py, add new upstream submodules
|
||||||
|
- replace egrep with grep -E and fgrep with grep -F in downstream
|
||||||
|
scripts
|
||||||
|
- remove git commit sha from package version string
|
||||||
|
|
||||||
|
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
|
||||||
|
Rebase to edk2-stable202311: squash commits:
|
||||||
|
|
||||||
|
- 5b833f0c8d Update TargetRelease to support 9.4.0
|
||||||
|
- 20024b4cbe Use fixed length for short hash for Makefile
|
||||||
|
- 8618f7367e Updated TargetRelease content to support 9.4.0 only.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
---
|
||||||
|
sources | 1 +
|
||||||
|
1 file changed, 1 insertion(+)
|
||||||
|
create mode 100644 sources
|
||||||
|
|
||||||
|
diff --git a/sources b/sources
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..ea8c8ad50b
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/sources
|
||||||
|
@@ -0,0 +1 @@
|
||||||
|
+SHA512 (edk2-ba91d0292e.tar.xz) = 3b21cc39671d28bfeb059da3683751cc5277c63a894b2a05bdfbd2bbe53545c34f04c229becf44f1563f89a738f37ae8f2333076d126a7e94d234bc4bb25454c
|
@ -0,0 +1,27 @@
|
|||||||
|
From c0347206c55c9d4d69b46725e9edbb21448f7494 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 28 Nov 2023 12:11:55 +0100
|
||||||
|
Subject: [PATCH] distro: apply 'git diff c9s new_c9s' by mirek
|
||||||
|
|
||||||
|
Bring .distro toi latest standards for more automatic support.
|
||||||
|
---
|
||||||
|
CryptoPkg/.gitignore | 1 -
|
||||||
|
sources | 1 -
|
||||||
|
2 files changed, 2 deletions(-)
|
||||||
|
delete mode 100644 CryptoPkg/.gitignore
|
||||||
|
delete mode 100644 sources
|
||||||
|
|
||||||
|
diff --git a/CryptoPkg/.gitignore b/CryptoPkg/.gitignore
|
||||||
|
deleted file mode 100644
|
||||||
|
index 68b83272b7..0000000000
|
||||||
|
--- a/CryptoPkg/.gitignore
|
||||||
|
+++ /dev/null
|
||||||
|
@@ -1 +0,0 @@
|
||||||
|
-Library/OpensslLib/openssl*/
|
||||||
|
diff --git a/sources b/sources
|
||||||
|
deleted file mode 100644
|
||||||
|
index ea8c8ad50b..0000000000
|
||||||
|
--- a/sources
|
||||||
|
+++ /dev/null
|
||||||
|
@@ -1 +0,0 @@
|
||||||
|
-SHA512 (edk2-ba91d0292e.tar.xz) = 3b21cc39671d28bfeb059da3683751cc5277c63a894b2a05bdfbd2bbe53545c34f04c229becf44f1563f89a738f37ae8f2333076d126a7e94d234bc4bb25454c
|
@ -0,0 +1,28 @@
|
|||||||
|
From 192cc2b49dbccc59f5731e2abc120bed3e06cc32 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Mon, 28 Aug 2023 13:11:02 +0200
|
||||||
|
Subject: [PATCH] CryptoPkg/CrtLib: add stat.h include file.
|
||||||
|
|
||||||
|
Needed by rhel downstream openssl patches.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
---
|
||||||
|
CryptoPkg/Library/Include/sys/stat.h | 9 +++++++++
|
||||||
|
1 file changed, 9 insertions(+)
|
||||||
|
create mode 100644 CryptoPkg/Library/Include/sys/stat.h
|
||||||
|
|
||||||
|
diff --git a/CryptoPkg/Library/Include/sys/stat.h b/CryptoPkg/Library/Include/sys/stat.h
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..22247bb2db
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/CryptoPkg/Library/Include/sys/stat.h
|
||||||
|
@@ -0,0 +1,9 @@
|
||||||
|
+/** @file
|
||||||
|
+ Include file to support building the third-party cryptographic library.
|
||||||
|
+
|
||||||
|
+Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
|
||||||
|
+SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+
|
||||||
|
+**/
|
||||||
|
+
|
||||||
|
+#include <CrtLibSupport.h>
|
@ -0,0 +1,139 @@
|
|||||||
|
From 09ccd0ffae512d7f0a7548cdfbc60e1482153796 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Mon, 28 Aug 2023 13:27:09 +0200
|
||||||
|
Subject: [PATCH] CryptoPkg/CrtLib: add access/open/read/write/close syscalls
|
||||||
|
|
||||||
|
Needed by rhel downstream openssl patches, they use unix syscalls
|
||||||
|
for file access (instead of fopen + friends like the rest of the
|
||||||
|
code base). No actual file access is needed for edk2, so just
|
||||||
|
add stubs to make linking work.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
---
|
||||||
|
.../Library/BaseCryptLib/SysCall/CrtWrapper.c | 46 +++++++++++++++++++
|
||||||
|
CryptoPkg/Library/Include/CrtLibSupport.h | 41 +++++++++++++++++
|
||||||
|
2 files changed, 87 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
|
||||||
|
index 37cdecc9bd..dfdb635536 100644
|
||||||
|
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
|
||||||
|
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
|
||||||
|
@@ -550,6 +550,52 @@ fread (
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
+int
|
||||||
|
+access(
|
||||||
|
+ const char*,
|
||||||
|
+ int
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return -1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int
|
||||||
|
+open (
|
||||||
|
+ const char *,
|
||||||
|
+ int
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return -1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+ssize_t
|
||||||
|
+read (
|
||||||
|
+ int,
|
||||||
|
+ void*,
|
||||||
|
+ size_t
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return -1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+ssize_t
|
||||||
|
+write (
|
||||||
|
+ int,
|
||||||
|
+ const void*,
|
||||||
|
+ size_t
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return -1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int
|
||||||
|
+close (
|
||||||
|
+ int
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return -1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
uid_t
|
||||||
|
getuid (
|
||||||
|
void
|
||||||
|
diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h b/CryptoPkg/Library/Include/CrtLibSupport.h
|
||||||
|
index f36fe08f0c..7d98496af8 100644
|
||||||
|
--- a/CryptoPkg/Library/Include/CrtLibSupport.h
|
||||||
|
+++ b/CryptoPkg/Library/Include/CrtLibSupport.h
|
||||||
|
@@ -78,6 +78,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
//
|
||||||
|
// Definitions for global constants used by CRT library routines
|
||||||
|
//
|
||||||
|
+#define EINTR 4
|
||||||
|
#define EINVAL 22 /* Invalid argument */
|
||||||
|
#define EAFNOSUPPORT 47 /* Address family not supported by protocol family */
|
||||||
|
#define INT_MAX 0x7FFFFFFF /* Maximum (signed) int value */
|
||||||
|
@@ -102,6 +103,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
#define NS_INADDRSZ 4 /*%< IPv4 T_A */
|
||||||
|
#define NS_IN6ADDRSZ 16 /*%< IPv6 T_AAAA */
|
||||||
|
|
||||||
|
+#define O_RDONLY 00000000
|
||||||
|
+#define O_WRONLY 00000001
|
||||||
|
+#define O_RDWR 00000002
|
||||||
|
+
|
||||||
|
+#define R_OK 4
|
||||||
|
+#define W_OK 2
|
||||||
|
+#define X_OK 1
|
||||||
|
+#define F_OK 0
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Basic types mapping
|
||||||
|
//
|
||||||
|
@@ -324,6 +334,37 @@ fprintf (
|
||||||
|
...
|
||||||
|
);
|
||||||
|
|
||||||
|
+int
|
||||||
|
+access(
|
||||||
|
+ const char*,
|
||||||
|
+ int
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+int
|
||||||
|
+open (
|
||||||
|
+ const char *,
|
||||||
|
+ int
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ssize_t
|
||||||
|
+read (
|
||||||
|
+ int,
|
||||||
|
+ void*,
|
||||||
|
+ size_t
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ssize_t
|
||||||
|
+write (
|
||||||
|
+ int,
|
||||||
|
+ const void*,
|
||||||
|
+ size_t
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+int
|
||||||
|
+close (
|
||||||
|
+ int
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
time_t
|
||||||
|
time (
|
||||||
|
time_t *
|
@ -0,0 +1,169 @@
|
|||||||
|
From 0120fb7b5877ab40537fd17e64772f53bc89cd07 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ard Biesheuvel <ardb@kernel.org>
|
||||||
|
Date: Mon, 4 Dec 2023 10:41:08 +0100
|
||||||
|
Subject: [PATCH] ArmVirtQemu: Allow EFI memory attributes protocol to be
|
||||||
|
disabled
|
||||||
|
|
||||||
|
Shim's PE loader uses the EFI memory attributes protocol in a way that
|
||||||
|
results in an immediate crash when invoking the loaded image, unless the
|
||||||
|
base and size of its executable segment are both aligned to 4k.
|
||||||
|
|
||||||
|
If this is not the case, it will strip the memory allocation of its
|
||||||
|
executable permissions, but fail to add them back for the executable
|
||||||
|
region, resulting in non-executable code. Unfortunately, the PE loader
|
||||||
|
does not even bother invoking the protocol in this case (as it notices
|
||||||
|
the misalignment), making it very hard for system firmware to work
|
||||||
|
around this by attempting to infer the intent of the caller.
|
||||||
|
|
||||||
|
So let's introduce a QEMU command line option to indicate that the
|
||||||
|
protocol should not be exposed at all, and a PCD to set the default for
|
||||||
|
this option when it is omitted.
|
||||||
|
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Link: https://gitlab.com/qemu-project/qemu/-/issues/1990
|
||||||
|
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
||||||
|
(cherry picked from commit cee7ba349c0c1ce489001a338a4e28555728b573)
|
||||||
|
---
|
||||||
|
ArmVirtPkg/ArmVirtPkg.dec | 6 ++
|
||||||
|
.../PlatformBootManagerLib/PlatformBm.c | 64 +++++++++++++++++++
|
||||||
|
.../PlatformBootManagerLib.inf | 3 +
|
||||||
|
3 files changed, 73 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtPkg.dec b/ArmVirtPkg/ArmVirtPkg.dec
|
||||||
|
index 0f2d787327..313aebda90 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtPkg.dec
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtPkg.dec
|
||||||
|
@@ -68,3 +68,9 @@
|
||||||
|
# Cloud Hypervisor has no other way to pass Rsdp address to the guest except use a PCD.
|
||||||
|
#
|
||||||
|
gArmVirtTokenSpaceGuid.PcdCloudHvAcpiRsdpBaseAddress|0x0|UINT64|0x00000005
|
||||||
|
+
|
||||||
|
+ ##
|
||||||
|
+ # Whether the EFI memory attributes protocol should be uninstalled before
|
||||||
|
+ # invoking the OS loader. This may be needed to work around problematic
|
||||||
|
+ # builds of shim that use the protocol incorrectly.
|
||||||
|
+ gArmVirtTokenSpaceGuid.PcdUninstallMemAttrProtocol|FALSE|BOOLEAN|0x00000006
|
||||||
|
diff --git a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c
|
||||||
|
index 85c01351b0..8e93f3cfed 100644
|
||||||
|
--- a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c
|
||||||
|
+++ b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c
|
||||||
|
@@ -16,6 +16,7 @@
|
||||||
|
#include <Library/PcdLib.h>
|
||||||
|
#include <Library/PlatformBmPrintScLib.h>
|
||||||
|
#include <Library/QemuBootOrderLib.h>
|
||||||
|
+#include <Library/QemuFwCfgSimpleParserLib.h>
|
||||||
|
#include <Library/TpmPlatformHierarchyLib.h>
|
||||||
|
#include <Library/UefiBootManagerLib.h>
|
||||||
|
#include <Protocol/DevicePath.h>
|
||||||
|
@@ -1111,6 +1112,49 @@ PlatformBootManagerBeforeConsole (
|
||||||
|
FilterAndProcess (&gEfiPciIoProtocolGuid, IsVirtioPciSerial, SetupVirtioSerial);
|
||||||
|
}
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ Uninstall the EFI memory attribute protocol if it exists.
|
||||||
|
+**/
|
||||||
|
+STATIC
|
||||||
|
+VOID
|
||||||
|
+UninstallEfiMemoryAttributesProtocol (
|
||||||
|
+ VOID
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ EFI_HANDLE Handle;
|
||||||
|
+ UINTN Size;
|
||||||
|
+ VOID *MemoryAttributeProtocol;
|
||||||
|
+
|
||||||
|
+ Size = sizeof (Handle);
|
||||||
|
+ Status = gBS->LocateHandle (
|
||||||
|
+ ByProtocol,
|
||||||
|
+ &gEfiMemoryAttributeProtocolGuid,
|
||||||
|
+ NULL,
|
||||||
|
+ &Size,
|
||||||
|
+ &Handle
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ ASSERT (Status == EFI_NOT_FOUND);
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ Status = gBS->HandleProtocol (
|
||||||
|
+ Handle,
|
||||||
|
+ &gEfiMemoryAttributeProtocolGuid,
|
||||||
|
+ &MemoryAttributeProtocol
|
||||||
|
+ );
|
||||||
|
+ ASSERT_EFI_ERROR (Status);
|
||||||
|
+
|
||||||
|
+ Status = gBS->UninstallProtocolInterface (
|
||||||
|
+ Handle,
|
||||||
|
+ &gEfiMemoryAttributeProtocolGuid,
|
||||||
|
+ MemoryAttributeProtocol
|
||||||
|
+ );
|
||||||
|
+ ASSERT_EFI_ERROR (Status);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
Do the platform specific action after the console is ready
|
||||||
|
Possible things that can be done in PlatformBootManagerAfterConsole:
|
||||||
|
@@ -1129,12 +1173,32 @@ PlatformBootManagerAfterConsole (
|
||||||
|
)
|
||||||
|
{
|
||||||
|
RETURN_STATUS Status;
|
||||||
|
+ BOOLEAN Uninstall;
|
||||||
|
|
||||||
|
//
|
||||||
|
// Show the splash screen.
|
||||||
|
//
|
||||||
|
BootLogoEnableLogo ();
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Work around shim's terminally broken use of the EFI memory attributes
|
||||||
|
+ // protocol, by uninstalling it if requested on the QEMU command line.
|
||||||
|
+ //
|
||||||
|
+ // E.g.,
|
||||||
|
+ // -fw_cfg opt/org.tianocore/UninstallMemAttrProtocol,string=y
|
||||||
|
+ //
|
||||||
|
+ Uninstall = FixedPcdGetBool (PcdUninstallMemAttrProtocol);
|
||||||
|
+ QemuFwCfgParseBool ("opt/org.tianocore/UninstallMemAttrProtocol", &Uninstall);
|
||||||
|
+ DEBUG ((
|
||||||
|
+ DEBUG_WARN,
|
||||||
|
+ "%a: %auninstalling EFI memory protocol\n",
|
||||||
|
+ __func__,
|
||||||
|
+ Uninstall ? "" : "not "
|
||||||
|
+ ));
|
||||||
|
+ if (Uninstall) {
|
||||||
|
+ UninstallEfiMemoryAttributesProtocol ();
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Process QEMU's -kernel command line option. The kernel booted this way
|
||||||
|
// will receive ACPI tables: in PlatformBootManagerBeforeConsole(), we
|
||||||
|
diff --git a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
|
||||||
|
index 997eb1a442..70e4ebf94a 100644
|
||||||
|
--- a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
|
||||||
|
+++ b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
|
||||||
|
@@ -46,6 +46,7 @@
|
||||||
|
PcdLib
|
||||||
|
PlatformBmPrintScLib
|
||||||
|
QemuBootOrderLib
|
||||||
|
+ QemuFwCfgSimpleParserLib
|
||||||
|
QemuLoadImageLib
|
||||||
|
ReportStatusCodeLib
|
||||||
|
TpmPlatformHierarchyLib
|
||||||
|
@@ -55,6 +56,7 @@
|
||||||
|
UefiRuntimeServicesTableLib
|
||||||
|
|
||||||
|
[FixedPcd]
|
||||||
|
+ gArmVirtTokenSpaceGuid.PcdUninstallMemAttrProtocol
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdUartDefaultBaudRate
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdUartDefaultDataBits
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdUartDefaultParity
|
||||||
|
@@ -73,5 +75,6 @@
|
||||||
|
[Protocols]
|
||||||
|
gEfiFirmwareVolume2ProtocolGuid
|
||||||
|
gEfiGraphicsOutputProtocolGuid
|
||||||
|
+ gEfiMemoryAttributeProtocolGuid
|
||||||
|
gEfiPciRootBridgeIoProtocolGuid
|
||||||
|
gVirtioDeviceProtocolGuid
|
@ -0,0 +1,36 @@
|
|||||||
|
{
|
||||||
|
"description": "OVMF with SB+SMM, SB enabled, MS certs enrolled",
|
||||||
|
"interface-types": [
|
||||||
|
"uefi"
|
||||||
|
],
|
||||||
|
"mapping": {
|
||||||
|
"device": "flash",
|
||||||
|
"mode": "split",
|
||||||
|
"executable": {
|
||||||
|
"filename": "/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd",
|
||||||
|
"format": "raw"
|
||||||
|
},
|
||||||
|
"nvram-template": {
|
||||||
|
"filename": "/usr/share/edk2/ovmf/OVMF_VARS.secboot.fd",
|
||||||
|
"format": "raw"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"architecture": "x86_64",
|
||||||
|
"machines": [
|
||||||
|
"pc-q35-*"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"features": [
|
||||||
|
"acpi-s3",
|
||||||
|
"enrolled-keys",
|
||||||
|
"requires-smm",
|
||||||
|
"secure-boot",
|
||||||
|
"verbose-dynamic"
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
|
||||||
|
]
|
||||||
|
}
|
@ -0,0 +1,35 @@
|
|||||||
|
{
|
||||||
|
"description": "OVMF with SB+SMM, empty varstore",
|
||||||
|
"interface-types": [
|
||||||
|
"uefi"
|
||||||
|
],
|
||||||
|
"mapping": {
|
||||||
|
"device": "flash",
|
||||||
|
"mode": "split",
|
||||||
|
"executable": {
|
||||||
|
"filename": "/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd",
|
||||||
|
"format": "raw"
|
||||||
|
},
|
||||||
|
"nvram-template": {
|
||||||
|
"filename": "/usr/share/edk2/ovmf/OVMF_VARS.fd",
|
||||||
|
"format": "raw"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"architecture": "x86_64",
|
||||||
|
"machines": [
|
||||||
|
"pc-q35-*"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"features": [
|
||||||
|
"acpi-s3",
|
||||||
|
"requires-smm",
|
||||||
|
"secure-boot",
|
||||||
|
"verbose-dynamic"
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
|
||||||
|
]
|
||||||
|
}
|
@ -0,0 +1,32 @@
|
|||||||
|
{
|
||||||
|
"description": "UEFI firmware for ARM64 virtual machines",
|
||||||
|
"interface-types": [
|
||||||
|
"uefi"
|
||||||
|
],
|
||||||
|
"mapping": {
|
||||||
|
"device": "flash",
|
||||||
|
"mode": "split",
|
||||||
|
"executable": {
|
||||||
|
"filename": "/usr/share/edk2/aarch64/QEMU_EFI-silent-pflash.qcow2",
|
||||||
|
"format": "qcow2"
|
||||||
|
},
|
||||||
|
"nvram-template": {
|
||||||
|
"filename": "/usr/share/edk2/aarch64/vars-template-pflash.qcow2",
|
||||||
|
"format": "qcow2"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"architecture": "aarch64",
|
||||||
|
"machines": [
|
||||||
|
"virt-*"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"features": [
|
||||||
|
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
|
||||||
|
]
|
||||||
|
}
|
@ -0,0 +1,35 @@
|
|||||||
|
{
|
||||||
|
"description": "OVMF without SB+SMM, empty varstore",
|
||||||
|
"interface-types": [
|
||||||
|
"uefi"
|
||||||
|
],
|
||||||
|
"mapping": {
|
||||||
|
"device": "flash",
|
||||||
|
"mode": "split",
|
||||||
|
"executable": {
|
||||||
|
"filename": "/usr/share/edk2/ovmf/OVMF_CODE.fd",
|
||||||
|
"format": "raw"
|
||||||
|
},
|
||||||
|
"nvram-template": {
|
||||||
|
"filename": "/usr/share/edk2/ovmf/OVMF_VARS.fd",
|
||||||
|
"format": "raw"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"architecture": "x86_64",
|
||||||
|
"machines": [
|
||||||
|
"pc-q35-*"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"features": [
|
||||||
|
"acpi-s3",
|
||||||
|
"amd-sev",
|
||||||
|
"amd-sev-es",
|
||||||
|
"verbose-dynamic"
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
|
||||||
|
]
|
||||||
|
}
|
@ -0,0 +1,32 @@
|
|||||||
|
{
|
||||||
|
"description": "UEFI firmware for ARM64 virtual machines",
|
||||||
|
"interface-types": [
|
||||||
|
"uefi"
|
||||||
|
],
|
||||||
|
"mapping": {
|
||||||
|
"device": "flash",
|
||||||
|
"mode": "split",
|
||||||
|
"executable": {
|
||||||
|
"filename": "/usr/share/edk2/aarch64/QEMU_EFI-silent-pflash.raw",
|
||||||
|
"format": "raw"
|
||||||
|
},
|
||||||
|
"nvram-template": {
|
||||||
|
"filename": "/usr/share/edk2/aarch64/vars-template-pflash.raw",
|
||||||
|
"format": "raw"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"architecture": "aarch64",
|
||||||
|
"machines": [
|
||||||
|
"virt-*"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"features": [
|
||||||
|
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
|
||||||
|
]
|
||||||
|
}
|
@ -0,0 +1,32 @@
|
|||||||
|
{
|
||||||
|
"description": "UEFI firmware for ARM64 virtual machines, verbose logs",
|
||||||
|
"interface-types": [
|
||||||
|
"uefi"
|
||||||
|
],
|
||||||
|
"mapping": {
|
||||||
|
"device": "flash",
|
||||||
|
"mode": "split",
|
||||||
|
"executable": {
|
||||||
|
"filename": "/usr/share/edk2/aarch64/QEMU_EFI-pflash.qcow2",
|
||||||
|
"format": "qcow2"
|
||||||
|
},
|
||||||
|
"nvram-template": {
|
||||||
|
"filename": "/usr/share/edk2/aarch64/vars-template-pflash.qcow2",
|
||||||
|
"format": "qcow2"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"architecture": "aarch64",
|
||||||
|
"machines": [
|
||||||
|
"virt-*"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"features": [
|
||||||
|
"verbose-static"
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
|
||||||
|
]
|
||||||
|
}
|
@ -0,0 +1,32 @@
|
|||||||
|
{
|
||||||
|
"description": "UEFI firmware for ARM64 virtual machines, verbose logs",
|
||||||
|
"interface-types": [
|
||||||
|
"uefi"
|
||||||
|
],
|
||||||
|
"mapping": {
|
||||||
|
"device": "flash",
|
||||||
|
"mode": "split",
|
||||||
|
"executable": {
|
||||||
|
"filename": "/usr/share/edk2/aarch64/QEMU_EFI-pflash.raw",
|
||||||
|
"format": "raw"
|
||||||
|
},
|
||||||
|
"nvram-template": {
|
||||||
|
"filename": "/usr/share/edk2/aarch64/vars-template-pflash.raw",
|
||||||
|
"format": "raw"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"architecture": "aarch64",
|
||||||
|
"machines": [
|
||||||
|
"virt-*"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"features": [
|
||||||
|
"verbose-static"
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
|
||||||
|
]
|
||||||
|
}
|
@ -0,0 +1,31 @@
|
|||||||
|
{
|
||||||
|
"description": "OVMF with SEV-ES support",
|
||||||
|
"interface-types": [
|
||||||
|
"uefi"
|
||||||
|
],
|
||||||
|
"mapping": {
|
||||||
|
"device": "flash",
|
||||||
|
"mode": "stateless",
|
||||||
|
"executable": {
|
||||||
|
"filename": "/usr/share/edk2/ovmf/OVMF.amdsev.fd",
|
||||||
|
"format": "raw"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"architecture": "x86_64",
|
||||||
|
"machines": [
|
||||||
|
"pc-q35-*"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"features": [
|
||||||
|
"amd-sev",
|
||||||
|
"amd-sev-es",
|
||||||
|
"amd-sev-snp",
|
||||||
|
"verbose-dynamic"
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
|
||||||
|
]
|
||||||
|
}
|
@ -0,0 +1,27 @@
|
|||||||
|
{
|
||||||
|
"description": "OVMF with TDX support",
|
||||||
|
"interface-types": [
|
||||||
|
"uefi"
|
||||||
|
],
|
||||||
|
"mapping": {
|
||||||
|
"device": "memory",
|
||||||
|
"filename": "/usr/share/edk2/ovmf/OVMF.inteltdx.secboot.fd"
|
||||||
|
},
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"architecture": "x86_64",
|
||||||
|
"machines": [
|
||||||
|
"pc-q35-*"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"features": [
|
||||||
|
"enrolled-keys",
|
||||||
|
"intel-tdx",
|
||||||
|
"secure-boot",
|
||||||
|
"verbose-dynamic"
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
|
||||||
|
]
|
||||||
|
}
|
@ -0,0 +1,14 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
IMAGE="$1"
|
||||||
|
|
||||||
|
[ -f "$IMAGE" ] || { echo "File $IMAGE is not found!"; exit 1; }
|
||||||
|
|
||||||
|
GUID=$(virt-fw-vars -i $IMAGE -p -v 2>/dev/null | awk '{if($1 ~ /name=db$/){sub(/guid=guid:/,"",$2);print $2}}')
|
||||||
|
|
||||||
|
[ -n "$GUID" ] || { echo "GUID is not set!"; exit 1; }
|
||||||
|
|
||||||
|
for F in `ls ./*.pem`; do
|
||||||
|
echo "virt-fw-vars --add-db $GUID $F -i $IMAGE -o $IMAGE";
|
||||||
|
virt-fw-vars --add-db $GUID $F -i $IMAGE -o $IMAGE;
|
||||||
|
done
|
@ -0,0 +1,57 @@
|
|||||||
|
From b8793ffc6a7e7cfe3ecd9bd0da566ffd913a4544 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 20 Jun 2024 10:34:52 -0400
|
||||||
|
Subject: [PATCH 7/8] CryptoPkg/Test: call ProcessLibraryConstructorList
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 75: NetworkPkg: SECURITY PATCH CVE-2023-45236 and CVE-2023-45237
|
||||||
|
RH-Jira: RHEL-40270 RHEL-40272
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [7/8] 7b09b94bfb56f5b81df2ccf1e6dbe21a7354a723
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-40270
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45237
|
||||||
|
|
||||||
|
commit 94961b8817eec6f8d0434555ac50a7aa51c22201
|
||||||
|
Author: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Fri Jun 14 11:45:49 2024 +0200
|
||||||
|
|
||||||
|
CryptoPkg/Test: call ProcessLibraryConstructorList
|
||||||
|
|
||||||
|
Needed to properly initialize BaseRngLib.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c | 7 +++++++
|
||||||
|
1 file changed, 7 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c
|
||||||
|
index d0c1c7a4f7..48d463b8ad 100644
|
||||||
|
--- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c
|
||||||
|
+++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c
|
||||||
|
@@ -8,6 +8,12 @@
|
||||||
|
**/
|
||||||
|
#include "TestBaseCryptLib.h"
|
||||||
|
|
||||||
|
+VOID
|
||||||
|
+EFIAPI
|
||||||
|
+ProcessLibraryConstructorList (
|
||||||
|
+ VOID
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
Initialize the unit test framework, suite, and unit tests for the
|
||||||
|
sample unit tests and run the unit tests.
|
||||||
|
@@ -76,5 +82,6 @@ main (
|
||||||
|
char *argv[]
|
||||||
|
)
|
||||||
|
{
|
||||||
|
+ ProcessLibraryConstructorList ();
|
||||||
|
return UefiTestMain ();
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,170 @@
|
|||||||
|
From f01b34eaeff2ccdd0ee7f2cf6371542efc0b13f5 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Sat, 6 Apr 2024 11:00:29 -0400
|
||||||
|
Subject: [PATCH 1/2] EmbeddedPkg/Hob: Integer Overflow in CreateHob()
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 69: EmbeddedPkg/Hob: Integer Overflow in CreateHob()
|
||||||
|
RH-Jira: RHEL-30156
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [1/2] 1b851d3ecf23092f7961cd0320221dc56b69adc4
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-30156
|
||||||
|
CVE: CVE-2022-36765
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit aeaee8944f0eaacbf4cdf39279785b9ba4836bb6
|
||||||
|
Author: Gua Guo <gua.guo@intel.com>
|
||||||
|
Date: Thu Jan 11 13:07:50 2024 +0800
|
||||||
|
|
||||||
|
EmbeddedPkg/Hob: Integer Overflow in CreateHob()
|
||||||
|
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4166
|
||||||
|
|
||||||
|
Fix integer overflow in various CreateHob instances.
|
||||||
|
Fixes: CVE-2022-36765
|
||||||
|
|
||||||
|
The CreateHob() function aligns the requested size to 8
|
||||||
|
performing the following operation:
|
||||||
|
```
|
||||||
|
HobLength = (UINT16)((HobLength + 0x7) & (~0x7));
|
||||||
|
```
|
||||||
|
|
||||||
|
No checks are performed to ensure this value doesn't
|
||||||
|
overflow, and could lead to CreateHob() returning a smaller
|
||||||
|
HOB than requested, which could lead to OOB HOB accesses.
|
||||||
|
|
||||||
|
Reported-by: Marc Beatove <mbeatove@google.com>
|
||||||
|
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
|
||||||
|
Reviewed-by: Ard Biesheuvel <ardb+tianocore@kernel.org>
|
||||||
|
Cc: Abner Chang <abner.chang@amd.com>
|
||||||
|
Cc: John Mathew <john.mathews@intel.com>
|
||||||
|
Authored-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Signed-off-by: Gua Guo <gua.guo@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
EmbeddedPkg/Library/PrePiHobLib/Hob.c | 43 +++++++++++++++++++++++++++
|
||||||
|
1 file changed, 43 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/EmbeddedPkg/Library/PrePiHobLib/Hob.c b/EmbeddedPkg/Library/PrePiHobLib/Hob.c
|
||||||
|
index 8eb175aa96..cbc35152cc 100644
|
||||||
|
--- a/EmbeddedPkg/Library/PrePiHobLib/Hob.c
|
||||||
|
+++ b/EmbeddedPkg/Library/PrePiHobLib/Hob.c
|
||||||
|
@@ -110,6 +110,13 @@ CreateHob (
|
||||||
|
|
||||||
|
HandOffHob = GetHobList ();
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Check Length to avoid data overflow.
|
||||||
|
+ //
|
||||||
|
+ if (HobLength > MAX_UINT16 - 0x7) {
|
||||||
|
+ return NULL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
HobLength = (UINT16)((HobLength + 0x7) & (~0x7));
|
||||||
|
|
||||||
|
FreeMemory = HandOffHob->EfiFreeMemoryTop - HandOffHob->EfiFreeMemoryBottom;
|
||||||
|
@@ -160,6 +167,9 @@ BuildResourceDescriptorHob (
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_RESOURCE_DESCRIPTOR, sizeof (EFI_HOB_RESOURCE_DESCRIPTOR));
|
||||||
|
ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Hob->ResourceType = ResourceType;
|
||||||
|
Hob->ResourceAttribute = ResourceAttribute;
|
||||||
|
@@ -401,6 +411,10 @@ BuildModuleHob (
|
||||||
|
);
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION_MODULE));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
CopyGuid (&(Hob->MemoryAllocationHeader.Name), &gEfiHobMemoryAllocModuleGuid);
|
||||||
|
Hob->MemoryAllocationHeader.MemoryBaseAddress = MemoryAllocationModule;
|
||||||
|
@@ -449,6 +463,11 @@ BuildGuidHob (
|
||||||
|
ASSERT (DataLength <= (0xffff - sizeof (EFI_HOB_GUID_TYPE)));
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_GUID_EXTENSION, (UINT16)(sizeof (EFI_HOB_GUID_TYPE) + DataLength));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return NULL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
CopyGuid (&Hob->Name, Guid);
|
||||||
|
return Hob + 1;
|
||||||
|
}
|
||||||
|
@@ -512,6 +531,10 @@ BuildFvHob (
|
||||||
|
EFI_HOB_FIRMWARE_VOLUME *Hob;
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_FV, sizeof (EFI_HOB_FIRMWARE_VOLUME));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Hob->BaseAddress = BaseAddress;
|
||||||
|
Hob->Length = Length;
|
||||||
|
@@ -543,6 +566,10 @@ BuildFv2Hob (
|
||||||
|
EFI_HOB_FIRMWARE_VOLUME2 *Hob;
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_FV2, sizeof (EFI_HOB_FIRMWARE_VOLUME2));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Hob->BaseAddress = BaseAddress;
|
||||||
|
Hob->Length = Length;
|
||||||
|
@@ -584,6 +611,10 @@ BuildFv3Hob (
|
||||||
|
EFI_HOB_FIRMWARE_VOLUME3 *Hob;
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_FV3, sizeof (EFI_HOB_FIRMWARE_VOLUME3));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Hob->BaseAddress = BaseAddress;
|
||||||
|
Hob->Length = Length;
|
||||||
|
@@ -639,6 +670,10 @@ BuildCpuHob (
|
||||||
|
EFI_HOB_CPU *Hob;
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_CPU, sizeof (EFI_HOB_CPU));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Hob->SizeOfMemorySpace = SizeOfMemorySpace;
|
||||||
|
Hob->SizeOfIoSpace = SizeOfIoSpace;
|
||||||
|
@@ -676,6 +711,10 @@ BuildStackHob (
|
||||||
|
);
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION_STACK));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
CopyGuid (&(Hob->AllocDescriptor.Name), &gEfiHobMemoryAllocStackGuid);
|
||||||
|
Hob->AllocDescriptor.MemoryBaseAddress = BaseAddress;
|
||||||
|
@@ -756,6 +795,10 @@ BuildMemoryAllocationHob (
|
||||||
|
);
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
ZeroMem (&(Hob->AllocDescriptor.Name), sizeof (EFI_GUID));
|
||||||
|
Hob->AllocDescriptor.MemoryBaseAddress = BaseAddress;
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,41 @@
|
|||||||
|
From 08fc72d06946ef3adebf110c097ed869ab0ed416 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 30 Jan 2024 14:04:39 +0100
|
||||||
|
Subject: [PATCH 7/9] MdePkg/ArchitecturalMsr.h: add #defines for MTRR cache
|
||||||
|
types
|
||||||
|
|
||||||
|
RH-Author: Gerd Hoffmann <None>
|
||||||
|
RH-MergeRequest: 55: OvmfPkg/Sec: Setup MTRR early in the boot process.
|
||||||
|
RH-Jira: RHEL-21704
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [2/4] a568bc2793d677462a2971aae9566a9bbc64b063 (kraxel.rh/centos-src-edk2)
|
||||||
|
|
||||||
|
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Message-ID: <20240130130441.772484-3-kraxel@redhat.com>
|
||||||
|
---
|
||||||
|
MdePkg/Include/Register/Intel/ArchitecturalMsr.h | 7 +++++++
|
||||||
|
1 file changed, 7 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/MdePkg/Include/Register/Intel/ArchitecturalMsr.h b/MdePkg/Include/Register/Intel/ArchitecturalMsr.h
|
||||||
|
index 756e7c86ec..08ba949cf7 100644
|
||||||
|
--- a/MdePkg/Include/Register/Intel/ArchitecturalMsr.h
|
||||||
|
+++ b/MdePkg/Include/Register/Intel/ArchitecturalMsr.h
|
||||||
|
@@ -2103,6 +2103,13 @@ typedef union {
|
||||||
|
#define MSR_IA32_MTRR_PHYSBASE9 0x00000212
|
||||||
|
/// @}
|
||||||
|
|
||||||
|
+#define MSR_IA32_MTRR_CACHE_UNCACHEABLE 0
|
||||||
|
+#define MSR_IA32_MTRR_CACHE_WRITE_COMBINING 1
|
||||||
|
+#define MSR_IA32_MTRR_CACHE_WRITE_THROUGH 4
|
||||||
|
+#define MSR_IA32_MTRR_CACHE_WRITE_PROTECTED 5
|
||||||
|
+#define MSR_IA32_MTRR_CACHE_WRITE_BACK 6
|
||||||
|
+#define MSR_IA32_MTRR_CACHE_INVALID_TYPE 7
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
MSR information returned for MSR indexes #MSR_IA32_MTRR_PHYSBASE0 to
|
||||||
|
#MSR_IA32_MTRR_PHYSBASE9
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,213 @@
|
|||||||
|
From a0f61781d9d7d816363704823688ba251fe7e0ba Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 20 Jun 2024 10:32:29 -0400
|
||||||
|
Subject: [PATCH 4/8] MdePkg/BaseRngLib: Add a smoketest for RDRAND and check
|
||||||
|
CPUID
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 75: NetworkPkg: SECURITY PATCH CVE-2023-45236 and CVE-2023-45237
|
||||||
|
RH-Jira: RHEL-40270 RHEL-40272
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [4/8] 4fe23181254479e4a0f1abd31cedabacaec22944
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-40270
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45237
|
||||||
|
|
||||||
|
commit c3a8ca7b54a9fd17acdf16c6282a92cc989fa92a
|
||||||
|
Author: Pedro Falcato <pedro.falcato@gmail.com>
|
||||||
|
Date: Tue Nov 22 22:31:03 2022 +0000
|
||||||
|
|
||||||
|
MdePkg/BaseRngLib: Add a smoketest for RDRAND and check CPUID
|
||||||
|
|
||||||
|
RDRAND has notoriously been broken many times over its lifespan.
|
||||||
|
Add a smoketest to RDRAND, in order to better sniff out potential
|
||||||
|
security concerns.
|
||||||
|
|
||||||
|
Also add a proper CPUID test in order to support older CPUs which may
|
||||||
|
not have it; it was previously being tested but then promptly ignored.
|
||||||
|
|
||||||
|
Testing algorithm inspired by linux's arch/x86/kernel/cpu/rdrand.c
|
||||||
|
:x86_init_rdrand() per commit 049f9ae9..
|
||||||
|
|
||||||
|
Many thanks to Jason Donenfeld for relicensing his linux RDRAND detection
|
||||||
|
code to MIT and the public domain.
|
||||||
|
|
||||||
|
>On Tue, Nov 22, 2022 at 2:21 PM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
|
||||||
|
<..>
|
||||||
|
> I (re)wrote that function in Linux. I hereby relicense it as MIT, and
|
||||||
|
> also place it into public domain. Do with it what you will now.
|
||||||
|
>
|
||||||
|
> Jason
|
||||||
|
|
||||||
|
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4163
|
||||||
|
|
||||||
|
Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com>
|
||||||
|
Cc: Michael D Kinney <michael.d.kinney@intel.com>
|
||||||
|
Cc: Liming Gao <gaoliming@byosoft.com.cn>
|
||||||
|
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
|
||||||
|
Cc: Jason A. Donenfeld <Jason@zx2c4.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@gmail.com>
|
||||||
|
---
|
||||||
|
MdePkg/Library/BaseRngLib/Rand/RdRand.c | 99 +++++++++++++++++++++++--
|
||||||
|
1 file changed, 91 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/MdePkg/Library/BaseRngLib/Rand/RdRand.c b/MdePkg/Library/BaseRngLib/Rand/RdRand.c
|
||||||
|
index 9bd68352f9..06d2a6f12d 100644
|
||||||
|
--- a/MdePkg/Library/BaseRngLib/Rand/RdRand.c
|
||||||
|
+++ b/MdePkg/Library/BaseRngLib/Rand/RdRand.c
|
||||||
|
@@ -3,6 +3,7 @@
|
||||||
|
to provide high-quality random numbers.
|
||||||
|
|
||||||
|
Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
|
||||||
|
+Copyright (c) 2022, Pedro Falcato. All rights reserved.<BR>
|
||||||
|
Copyright (c) 2021, NUVIA Inc. All rights reserved.<BR>
|
||||||
|
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
|
||||||
|
|
||||||
|
@@ -24,6 +25,88 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
STATIC BOOLEAN mRdRandSupported;
|
||||||
|
|
||||||
|
+//
|
||||||
|
+// Intel SDM says 10 tries is good enough for reliable RDRAND usage.
|
||||||
|
+//
|
||||||
|
+#define RDRAND_RETRIES 10
|
||||||
|
+
|
||||||
|
+#define RDRAND_TEST_SAMPLES 8
|
||||||
|
+
|
||||||
|
+#define RDRAND_MIN_CHANGE 5
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// Add a define for native-word RDRAND, just for the test.
|
||||||
|
+//
|
||||||
|
+#ifdef MDE_CPU_X64
|
||||||
|
+#define ASM_RDRAND AsmRdRand64
|
||||||
|
+#else
|
||||||
|
+#define ASM_RDRAND AsmRdRand32
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Tests RDRAND for broken implementations.
|
||||||
|
+
|
||||||
|
+ @retval TRUE RDRAND is reliable (and hopefully safe).
|
||||||
|
+ @retval FALSE RDRAND is unreliable and should be disabled, despite CPUID.
|
||||||
|
+
|
||||||
|
+**/
|
||||||
|
+STATIC
|
||||||
|
+BOOLEAN
|
||||||
|
+TestRdRand (
|
||||||
|
+ VOID
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ //
|
||||||
|
+ // Test for notoriously broken rdrand implementations that always return the same
|
||||||
|
+ // value, like the Zen 3 uarch (all-1s) or other several AMD families on suspend/resume (also all-1s).
|
||||||
|
+ // Note that this should be expanded to extensively test for other sorts of possible errata.
|
||||||
|
+ //
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Our algorithm samples rdrand $RDRAND_TEST_SAMPLES times and expects
|
||||||
|
+ // a different result $RDRAND_MIN_CHANGE times for reliable RDRAND usage.
|
||||||
|
+ //
|
||||||
|
+ UINTN Prev;
|
||||||
|
+ UINT8 Idx;
|
||||||
|
+ UINT8 TestIteration;
|
||||||
|
+ UINT32 Changed;
|
||||||
|
+
|
||||||
|
+ Changed = 0;
|
||||||
|
+
|
||||||
|
+ for (TestIteration = 0; TestIteration < RDRAND_TEST_SAMPLES; TestIteration++) {
|
||||||
|
+ UINTN Sample;
|
||||||
|
+ //
|
||||||
|
+ // Note: We use a retry loop for rdrand. Normal users get this in BaseRng.c
|
||||||
|
+ // Any failure to get a random number will assume RDRAND does not work.
|
||||||
|
+ //
|
||||||
|
+ for (Idx = 0; Idx < RDRAND_RETRIES; Idx++) {
|
||||||
|
+ if (ASM_RDRAND (&Sample)) {
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (Idx == RDRAND_RETRIES) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "BaseRngLib/x86: CPU BUG: Failed to get an RDRAND random number - disabling\n"));
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (TestIteration != 0) {
|
||||||
|
+ Changed += Sample != Prev;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ Prev = Sample;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (Changed < RDRAND_MIN_CHANGE) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "BaseRngLib/x86: CPU BUG: RDRAND not reliable - disabling\n"));
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return TRUE;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#undef ASM_RDRAND
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
The constructor function checks whether or not RDRAND instruction is supported
|
||||||
|
by the host hardware.
|
||||||
|
@@ -48,10 +131,13 @@ BaseRngLibConstructor (
|
||||||
|
// CPUID. A value of 1 indicates that processor support RDRAND instruction.
|
||||||
|
//
|
||||||
|
AsmCpuid (1, 0, 0, &RegEcx, 0);
|
||||||
|
- ASSERT ((RegEcx & RDRAND_MASK) == RDRAND_MASK);
|
||||||
|
|
||||||
|
mRdRandSupported = ((RegEcx & RDRAND_MASK) == RDRAND_MASK);
|
||||||
|
|
||||||
|
+ if (mRdRandSupported) {
|
||||||
|
+ mRdRandSupported = TestRdRand ();
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -70,6 +156,7 @@ ArchGetRandomNumber16 (
|
||||||
|
OUT UINT16 *Rand
|
||||||
|
)
|
||||||
|
{
|
||||||
|
+ ASSERT (mRdRandSupported);
|
||||||
|
return AsmRdRand16 (Rand);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -88,6 +175,7 @@ ArchGetRandomNumber32 (
|
||||||
|
OUT UINT32 *Rand
|
||||||
|
)
|
||||||
|
{
|
||||||
|
+ ASSERT (mRdRandSupported);
|
||||||
|
return AsmRdRand32 (Rand);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -106,6 +194,7 @@ ArchGetRandomNumber64 (
|
||||||
|
OUT UINT64 *Rand
|
||||||
|
)
|
||||||
|
{
|
||||||
|
+ ASSERT (mRdRandSupported);
|
||||||
|
return AsmRdRand64 (Rand);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -122,13 +211,7 @@ ArchIsRngSupported (
|
||||||
|
VOID
|
||||||
|
)
|
||||||
|
{
|
||||||
|
- /*
|
||||||
|
- Existing software depends on this always returning TRUE, so for
|
||||||
|
- now hard-code it.
|
||||||
|
-
|
||||||
|
- return mRdRandSupported;
|
||||||
|
- */
|
||||||
|
- return TRUE;
|
||||||
|
+ return mRdRandSupported;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,63 @@
|
|||||||
|
From 90461020e9b7534dc03baeea7b485045ed5962e9 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 20 Jun 2024 10:35:27 -0400
|
||||||
|
Subject: [PATCH 8/8] MdePkg/X86UnitTestHost: set rdrand cpuid bit
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 75: NetworkPkg: SECURITY PATCH CVE-2023-45236 and CVE-2023-45237
|
||||||
|
RH-Jira: RHEL-40270 RHEL-40272
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [8/8] 5bacbf3cf6fadd3362dfd6f31743707e65b4f119
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-40270
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45237
|
||||||
|
|
||||||
|
commit 5e776299a2604b336a947e68593012ab2cc16eb4
|
||||||
|
Author: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Fri Jun 14 11:45:53 2024 +0200
|
||||||
|
|
||||||
|
MdePkg/X86UnitTestHost: set rdrand cpuid bit
|
||||||
|
|
||||||
|
Set the rdrand feature bit when faking cpuid for host test cases.
|
||||||
|
Needed to make the CryptoPkg test cases work.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
MdePkg/Library/BaseLib/X86UnitTestHost.c | 11 ++++++++++-
|
||||||
|
1 file changed, 10 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/MdePkg/Library/BaseLib/X86UnitTestHost.c b/MdePkg/Library/BaseLib/X86UnitTestHost.c
|
||||||
|
index 8ba4f54a38..7f7276f7f4 100644
|
||||||
|
--- a/MdePkg/Library/BaseLib/X86UnitTestHost.c
|
||||||
|
+++ b/MdePkg/Library/BaseLib/X86UnitTestHost.c
|
||||||
|
@@ -66,6 +66,15 @@ UnitTestHostBaseLibAsmCpuid (
|
||||||
|
OUT UINT32 *Edx OPTIONAL
|
||||||
|
)
|
||||||
|
{
|
||||||
|
+ UINT32 RetEcx;
|
||||||
|
+
|
||||||
|
+ RetEcx = 0;
|
||||||
|
+ switch (Index) {
|
||||||
|
+ case 1:
|
||||||
|
+ RetEcx |= BIT30; /* RdRand */
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (Eax != NULL) {
|
||||||
|
*Eax = 0;
|
||||||
|
}
|
||||||
|
@@ -75,7 +84,7 @@ UnitTestHostBaseLibAsmCpuid (
|
||||||
|
}
|
||||||
|
|
||||||
|
if (Ecx != NULL) {
|
||||||
|
- *Ecx = 0;
|
||||||
|
+ *Ecx = RetEcx;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (Edx != NULL) {
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,170 @@
|
|||||||
|
From 0d85ac65b3e469e879f687150d0a25e6dbd6cac1 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 8 Feb 2024 10:35:14 -0500
|
||||||
|
Subject: [PATCH 02/18] NetworkPkg: : Add Unit tests to CI and create Host Test
|
||||||
|
DSC
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [2/18] 331bea0d7e46de0e35e595ad08c94eec99c80cd8
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21843
|
||||||
|
CVE: CVE-2023-45230
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 8014ac2d7bbbc503f5562b51af46bb20ae3d22ff
|
||||||
|
Author: Doug Flick via groups.io <dougflick=microsoft.com@groups.io>
|
||||||
|
Date: Fri Jan 26 05:54:44 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: : Add Unit tests to CI and create Host Test DSC
|
||||||
|
|
||||||
|
Adds Host Based testing to the NetworkPkg
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/NetworkPkg.ci.yaml | 7 +-
|
||||||
|
NetworkPkg/Test/NetworkPkgHostTest.dsc | 98 ++++++++++++++++++++++++++
|
||||||
|
2 files changed, 104 insertions(+), 1 deletion(-)
|
||||||
|
create mode 100644 NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/NetworkPkg.ci.yaml b/NetworkPkg/NetworkPkg.ci.yaml
|
||||||
|
index 07dc7abd69..076424eb60 100644
|
||||||
|
--- a/NetworkPkg/NetworkPkg.ci.yaml
|
||||||
|
+++ b/NetworkPkg/NetworkPkg.ci.yaml
|
||||||
|
@@ -24,6 +24,9 @@
|
||||||
|
"CompilerPlugin": {
|
||||||
|
"DscPath": "NetworkPkg.dsc"
|
||||||
|
},
|
||||||
|
+ "HostUnitTestCompilerPlugin": {
|
||||||
|
+ "DscPath": "Test/NetworkPkgHostTest.dsc"
|
||||||
|
+ },
|
||||||
|
"CharEncodingCheck": {
|
||||||
|
"IgnoreFiles": []
|
||||||
|
},
|
||||||
|
@@ -35,7 +38,9 @@
|
||||||
|
"CryptoPkg/CryptoPkg.dec"
|
||||||
|
],
|
||||||
|
# For host based unit tests
|
||||||
|
- "AcceptableDependencies-HOST_APPLICATION":[],
|
||||||
|
+ "AcceptableDependencies-HOST_APPLICATION":[
|
||||||
|
+ UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||||
|
+ ],
|
||||||
|
# For UEFI shell based apps
|
||||||
|
"AcceptableDependencies-UEFI_APPLICATION":[
|
||||||
|
"ShellPkg/ShellPkg.dec"
|
||||||
|
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..1aeca5c5b3
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
@@ -0,0 +1,98 @@
|
||||||
|
+## @file
|
||||||
|
+# NetworkPkgHostTest DSC file used to build host-based unit tests.
|
||||||
|
+#
|
||||||
|
+# Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+#
|
||||||
|
+##
|
||||||
|
+[Defines]
|
||||||
|
+ PLATFORM_NAME = NetworkPkgHostTest
|
||||||
|
+ PLATFORM_GUID = 3b68324e-fc07-4d49-9520-9347ede65879
|
||||||
|
+ PLATFORM_VERSION = 0.1
|
||||||
|
+ DSC_SPECIFICATION = 0x00010005
|
||||||
|
+ OUTPUT_DIRECTORY = Build/NetworkPkg/HostTest
|
||||||
|
+ SUPPORTED_ARCHITECTURES = IA32|X64|AARCH64
|
||||||
|
+ BUILD_TARGETS = NOOPT
|
||||||
|
+ SKUID_IDENTIFIER = DEFAULT
|
||||||
|
+
|
||||||
|
+!include UnitTestFrameworkPkg/UnitTestFrameworkPkgHost.dsc.inc
|
||||||
|
+[Packages]
|
||||||
|
+ MdePkg/MdePkg.dec
|
||||||
|
+ UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||||
|
+
|
||||||
|
+[Components]
|
||||||
|
+ #
|
||||||
|
+ # Build HOST_APPLICATION that tests NetworkPkg
|
||||||
|
+ #
|
||||||
|
+
|
||||||
|
+# Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests.
|
||||||
|
+[LibraryClasses]
|
||||||
|
+ NetLib|NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
|
||||||
|
+ DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf
|
||||||
|
+ BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
|
||||||
|
+ BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
|
||||||
|
+ DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
|
||||||
|
+ HiiLib|MdeModulePkg/Library/UefiHiiLib/UefiHiiLib.inf
|
||||||
|
+ MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
|
||||||
|
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
|
||||||
|
+ PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
|
||||||
|
+ UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf
|
||||||
|
+ UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf
|
||||||
|
+ UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf
|
||||||
|
+ UefiLib|MdePkg/Library/UefiLib/UefiLib.inf
|
||||||
|
+ UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf
|
||||||
|
+ UefiHiiServicesLib|MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib.inf
|
||||||
|
+ UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf
|
||||||
|
+ TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf
|
||||||
|
+ PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
|
||||||
|
+ PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
|
||||||
|
+ DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf
|
||||||
|
+ DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf
|
||||||
|
+ SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
|
||||||
|
+ RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
|
||||||
|
+ VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
|
||||||
|
+!ifdef CONTINUOUS_INTEGRATION
|
||||||
|
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
|
||||||
|
+ TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
|
||||||
|
+!else
|
||||||
|
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
|
||||||
|
+ OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
|
||||||
|
+ TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
|
||||||
|
+!endif
|
||||||
|
+ DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
|
||||||
|
+ FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
|
||||||
|
+ FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
|
||||||
|
+ SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf
|
||||||
|
+ IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
|
||||||
|
+
|
||||||
|
+!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022
|
||||||
|
+[LibraryClasses.X64]
|
||||||
|
+ # Provide StackCookie support lib so that we can link to /GS exports for VS builds
|
||||||
|
+ RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
|
||||||
|
+!endif
|
||||||
|
+
|
||||||
|
+[LibraryClasses.common.UEFI_DRIVER]
|
||||||
|
+ HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
|
||||||
|
+ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
|
||||||
|
+ DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebugLibConOut.inf
|
||||||
|
+[LibraryClasses.common.UEFI_APPLICATION]
|
||||||
|
+ DebugLib|MdePkg/Library/UefiDebugLibStdErr/UefiDebugLibStdErr.inf
|
||||||
|
+ ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
|
||||||
|
+[LibraryClasses.ARM, LibraryClasses.AARCH64]
|
||||||
|
+ #
|
||||||
|
+ # It is not possible to prevent ARM compiler calls to generic intrinsic functions.
|
||||||
|
+ # This library provides the instrinsic functions generated by a given compiler.
|
||||||
|
+ # [LibraryClasses.ARM] and NULL mean link this library into all ARM images.
|
||||||
|
+ #
|
||||||
|
+!if $(TOOL_CHAIN_TAG) != VS2017 and $(TOOL_CHAIN_TAG) != VS2015 and $(TOOL_CHAIN_TAG) != VS2019
|
||||||
|
+ NULL|ArmPkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf
|
||||||
|
+!endif
|
||||||
|
+ NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf
|
||||||
|
+[LibraryClasses.ARM]
|
||||||
|
+ RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
|
||||||
|
+[LibraryClasses.RISCV64]
|
||||||
|
+ RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
|
||||||
|
+
|
||||||
|
+[PcdsFixedAtBuild]
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2
|
||||||
|
+ gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType|0x4
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,170 @@
|
|||||||
|
From 3c1cf95b979cea6b0dee6e107756558a7a71d4ac Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 14/18] NetworkPkg: : Adds a SecurityFix.yaml file
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [14/18] dddbcbe14e38dc1bb03acf4622d6285090c4bb02
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21853
|
||||||
|
CVE: CVE-2022-45235
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 1d0b95f6457d225c5108302a9da74b4ed7aa5a38
|
||||||
|
Author: Doug Flick via groups.io <dougflick=microsoft.com@groups.io>
|
||||||
|
Date: Fri Jan 26 05:54:57 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: : Adds a SecurityFix.yaml file
|
||||||
|
|
||||||
|
This creates / adds a security file that tracks the security fixes
|
||||||
|
found in this package and can be used to find the fixes that were
|
||||||
|
applied.
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/SecurityFixes.yaml | 123 ++++++++++++++++++++++++++++++++++
|
||||||
|
1 file changed, 123 insertions(+)
|
||||||
|
create mode 100644 NetworkPkg/SecurityFixes.yaml
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/SecurityFixes.yaml b/NetworkPkg/SecurityFixes.yaml
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..7e900483fe
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/SecurityFixes.yaml
|
||||||
|
@@ -0,0 +1,123 @@
|
||||||
|
+## @file
|
||||||
|
+# Security Fixes for SecurityPkg
|
||||||
|
+#
|
||||||
|
+# Copyright (c) Microsoft Corporation
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+##
|
||||||
|
+CVE_2023_45229:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Patch"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests"
|
||||||
|
+ cve: CVE-2023-45229
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 01 - edk2/NetworkPkg: Out-of-bounds read when processing IA_NA/IA_TA options in a DHCPv6 Advertise message"
|
||||||
|
+ note:
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg\Dhcp6Dxe\Dhcp6Io.c
|
||||||
|
+ - NetworkPkg\Dhcp6Dxe\Dhcp6Impl.h
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4534
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45229
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
+CVE_2023_45230:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Unit Tests"
|
||||||
|
+ cve: CVE-2023-45230
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 02 - edk2/NetworkPkg: Buffer overflow in the DHCPv6 client via a long Server ID option"
|
||||||
|
+ note:
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg\Dhcp6Dxe\Dhcp6Io.c
|
||||||
|
+ - NetworkPkg\Dhcp6Dxe\Dhcp6Impl.h
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4535
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45230
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
+CVE_2023_45231:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45231 Patch"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45231 Unit Tests"
|
||||||
|
+ cve: CVE-2023-45231
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 03 - edk2/NetworkPkg: Out-of-bounds read when handling a ND Redirect message with truncated options"
|
||||||
|
+ note:
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4536
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45231
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
+CVE_2023_45232:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Patch"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Unit Tests"
|
||||||
|
+ cve: CVE-2023-45232
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 04 - edk2/NetworkPkg: Infinite loop when parsing unknown options in the Destination Options header"
|
||||||
|
+ note:
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.h
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4537
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45232
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
+CVE_2023_45233:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Patch"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Unit Tests"
|
||||||
|
+ cve: CVE-2023-45233
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 05 - edk2/NetworkPkg: Infinite loop when parsing a PadN option in the Destination Options header "
|
||||||
|
+ note: This was fixed along with CVE-2023-45233
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.h
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4538
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45233
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
+CVE_2023_45234:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45234 Patch"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45234 Unit Tests"
|
||||||
|
+ cve: CVE-2023-45234
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 06 - edk2/NetworkPkg: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message"
|
||||||
|
+ note:
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4539
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45234
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
+CVE_2023_45235:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45235 Patch"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45235 Unit Tests"
|
||||||
|
+ cve: CVE-2023-45235
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 07 - edk2/NetworkPkg: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message"
|
||||||
|
+ note:
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
+ - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4540
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45235
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,69 @@
|
|||||||
|
From 3ab0e3be00cc74b39db482e33bfe923f70768ae4 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 17/18] NetworkPkg: Dhcp6Dxe: Packet-Length is not updated
|
||||||
|
before appending
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [17/18] c13c96534ecea4c43ca98cecf0789b07680958ca
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21841
|
||||||
|
CVE: CVE-2023-45229
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 75deaf5c3c0d164c61653258c331151241bb69d8
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Tue Feb 13 10:46:02 2024 -0800
|
||||||
|
|
||||||
|
NetworkPkg: Dhcp6Dxe: Packet-Length is not updated before appending
|
||||||
|
|
||||||
|
In order for Dhcp6AppendIaAddrOption (..) to safely append the IA
|
||||||
|
Address option, the Packet-Length field must be updated before appending
|
||||||
|
the option.
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c | 10 +++++-----
|
||||||
|
1 file changed, 5 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
|
||||||
|
index e4e0725622..f38e3ee3fe 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
|
||||||
|
@@ -924,6 +924,11 @@ Dhcp6AppendIaOption (
|
||||||
|
*PacketCursor += sizeof (T2);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Update the packet length
|
||||||
|
+ //
|
||||||
|
+ Packet->Length += BytesNeeded;
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Fill all the addresses belong to the Ia
|
||||||
|
//
|
||||||
|
@@ -935,11 +940,6 @@ Dhcp6AppendIaOption (
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
- //
|
||||||
|
- // Update the packet length
|
||||||
|
- //
|
||||||
|
- Packet->Length += BytesNeeded;
|
||||||
|
-
|
||||||
|
//
|
||||||
|
// Fill the value of Ia option length
|
||||||
|
//
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,162 @@
|
|||||||
|
From bb9d1831fd53d43889112a2e30a52b2c4504fdae Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 16/18] NetworkPkg: Dhcp6Dxe: Removes duplicate check and
|
||||||
|
replaces with macro
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [16/18] 61914482aa965883b1ec3f29cf6143b67e88742a
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21841
|
||||||
|
CVE: CVE-2023-45229
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit af3fad99d6088881562e50149f414f76a5be0140
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Tue Feb 13 10:46:01 2024 -0800
|
||||||
|
|
||||||
|
NetworkPkg: Dhcp6Dxe: Removes duplicate check and replaces with macro
|
||||||
|
|
||||||
|
Removes duplicate check after merge
|
||||||
|
|
||||||
|
>
|
||||||
|
> //
|
||||||
|
> // Verify the PacketCursor is within the packet
|
||||||
|
> //
|
||||||
|
> if ( (*PacketCursor < Packet->Dhcp6.Option)
|
||||||
|
> || (*PacketCursor >= Packet->Dhcp6.Option + (Packet->Size -
|
||||||
|
sizeof (EFI_DHCP6_HEADER))))
|
||||||
|
> {
|
||||||
|
> return EFI_INVALID_PARAMETER;
|
||||||
|
> }
|
||||||
|
>
|
||||||
|
|
||||||
|
Converts the check to a macro and replaces all instances of the check
|
||||||
|
with the macro
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c | 44 +++++++++++++-----------------
|
||||||
|
1 file changed, 19 insertions(+), 25 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
|
||||||
|
index 705c665c51..e4e0725622 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
|
||||||
|
@@ -10,6 +10,16 @@
|
||||||
|
|
||||||
|
#include "Dhcp6Impl.h"
|
||||||
|
|
||||||
|
+//
|
||||||
|
+// Verifies the packet cursor is within the packet
|
||||||
|
+// otherwise it is invalid
|
||||||
|
+//
|
||||||
|
+#define IS_INVALID_PACKET_CURSOR(PacketCursor, Packet) \
|
||||||
|
+ (((*PacketCursor) < (Packet)->Dhcp6.Option) || \
|
||||||
|
+ ((*PacketCursor) >= (Packet)->Dhcp6.Option + ((Packet)->Size - sizeof(EFI_DHCP6_HEADER))) \
|
||||||
|
+ ) \
|
||||||
|
+
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
Generate client Duid in the format of Duid-llt.
|
||||||
|
|
||||||
|
@@ -638,9 +648,7 @@ Dhcp6AppendOption (
|
||||||
|
//
|
||||||
|
// Verify the PacketCursor is within the packet
|
||||||
|
//
|
||||||
|
- if ( (*PacketCursor < Packet->Dhcp6.Option)
|
||||||
|
- || (*PacketCursor >= Packet->Dhcp6.Option + (Packet->Size - sizeof (EFI_DHCP6_HEADER))))
|
||||||
|
- {
|
||||||
|
+ if (IS_INVALID_PACKET_CURSOR (PacketCursor, Packet)) {
|
||||||
|
return EFI_INVALID_PARAMETER;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -657,15 +665,6 @@ Dhcp6AppendOption (
|
||||||
|
return EFI_BUFFER_TOO_SMALL;
|
||||||
|
}
|
||||||
|
|
||||||
|
- //
|
||||||
|
- // Verify the PacketCursor is within the packet
|
||||||
|
- //
|
||||||
|
- if ( (*PacketCursor < Packet->Dhcp6.Option)
|
||||||
|
- || (*PacketCursor >= Packet->Dhcp6.Option + (Packet->Size - sizeof (EFI_DHCP6_HEADER))))
|
||||||
|
- {
|
||||||
|
- return EFI_INVALID_PARAMETER;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
WriteUnaligned16 ((UINT16 *)*PacketCursor, OptType);
|
||||||
|
*PacketCursor += DHCP6_SIZE_OF_OPT_CODE;
|
||||||
|
WriteUnaligned16 ((UINT16 *)*PacketCursor, OptLen);
|
||||||
|
@@ -744,9 +743,7 @@ Dhcp6AppendIaAddrOption (
|
||||||
|
//
|
||||||
|
// Verify the PacketCursor is within the packet
|
||||||
|
//
|
||||||
|
- if ( (*PacketCursor < Packet->Dhcp6.Option)
|
||||||
|
- || (*PacketCursor >= Packet->Dhcp6.Option + (Packet->Size - sizeof (EFI_DHCP6_HEADER))))
|
||||||
|
- {
|
||||||
|
+ if (IS_INVALID_PACKET_CURSOR (PacketCursor, Packet)) {
|
||||||
|
return EFI_INVALID_PARAMETER;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -877,9 +874,7 @@ Dhcp6AppendIaOption (
|
||||||
|
//
|
||||||
|
// Verify the PacketCursor is within the packet
|
||||||
|
//
|
||||||
|
- if ( (*PacketCursor < Packet->Dhcp6.Option)
|
||||||
|
- || (*PacketCursor >= Packet->Dhcp6.Option + (Packet->Size - sizeof (EFI_DHCP6_HEADER))))
|
||||||
|
- {
|
||||||
|
+ if (IS_INVALID_PACKET_CURSOR (PacketCursor, Packet)) {
|
||||||
|
return EFI_INVALID_PARAMETER;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -941,14 +936,14 @@ Dhcp6AppendIaOption (
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
- // Fill the value of Ia option length
|
||||||
|
+ // Update the packet length
|
||||||
|
//
|
||||||
|
- *Len = HTONS ((UINT16)(*PacketCursor - (UINT8 *)Len - 2));
|
||||||
|
+ Packet->Length += BytesNeeded;
|
||||||
|
|
||||||
|
//
|
||||||
|
- // Update the packet length
|
||||||
|
+ // Fill the value of Ia option length
|
||||||
|
//
|
||||||
|
- Packet->Length += BytesNeeded;
|
||||||
|
+ *Len = HTONS ((UINT16)(*PacketCursor - (UINT8 *)Len - 2));
|
||||||
|
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
@@ -957,6 +952,7 @@ Dhcp6AppendIaOption (
|
||||||
|
Append the appointed Elapsed time option to Buf, and move Buf to the end.
|
||||||
|
|
||||||
|
@param[in, out] Packet A pointer to the packet, on success Packet->Length
|
||||||
|
+ will be updated.
|
||||||
|
@param[in, out] PacketCursor The pointer in the packet, on success PacketCursor
|
||||||
|
will be moved to the end of the option.
|
||||||
|
@param[in] Instance The pointer to the Dhcp6 instance.
|
||||||
|
@@ -1012,9 +1008,7 @@ Dhcp6AppendETOption (
|
||||||
|
//
|
||||||
|
// Verify the PacketCursor is within the packet
|
||||||
|
//
|
||||||
|
- if ( (*PacketCursor < Packet->Dhcp6.Option)
|
||||||
|
- || (*PacketCursor >= Packet->Dhcp6.Option + (Packet->Size - sizeof (EFI_DHCP6_HEADER))))
|
||||||
|
- {
|
||||||
|
+ if (IS_INVALID_PACKET_CURSOR (PacketCursor, Packet)) {
|
||||||
|
return EFI_INVALID_PARAMETER;
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,618 @@
|
|||||||
|
From c1700b34913109cd9600f58f1fa6b82b08ce3795 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 9 Feb 2024 17:57:07 -0500
|
||||||
|
Subject: [PATCH 04/18] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229
|
||||||
|
Patch
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [4/18] 23b6841dbb01249055b8040d85995c366bd94252
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21841
|
||||||
|
CVE: CVE-2023-45229
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 1dbb10cc52dc8ef49bb700daa1cefc76b26d52e0
|
||||||
|
Author: Doug Flick via groups.io <dougflick=microsoft.com@groups.io>
|
||||||
|
Date: Fri Jan 26 05:54:46 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Patch
|
||||||
|
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4534
|
||||||
|
|
||||||
|
Bug Details:
|
||||||
|
PixieFail Bug #1
|
||||||
|
CVE-2023-45229
|
||||||
|
CVSS 6.5 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
||||||
|
CWE-125 Out-of-bounds Read
|
||||||
|
|
||||||
|
Change Overview:
|
||||||
|
|
||||||
|
Introduce Dhcp6SeekInnerOptionSafe which performs checks before seeking
|
||||||
|
the Inner Option from a DHCP6 Option.
|
||||||
|
|
||||||
|
>
|
||||||
|
> EFI_STATUS
|
||||||
|
> Dhcp6SeekInnerOptionSafe (
|
||||||
|
> IN UINT16 IaType,
|
||||||
|
> IN UINT8 *Option,
|
||||||
|
> IN UINT32 OptionLen,
|
||||||
|
> OUT UINT8 **IaInnerOpt,
|
||||||
|
> OUT UINT16 *IaInnerLen
|
||||||
|
> );
|
||||||
|
>
|
||||||
|
|
||||||
|
Lots of code cleanup to improve code readability.
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h | 138 +++++++++++++++++++---
|
||||||
|
NetworkPkg/Dhcp6Dxe/Dhcp6Io.c | 203 +++++++++++++++++++++-----------
|
||||||
|
2 files changed, 256 insertions(+), 85 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h b/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h
|
||||||
|
index f2422c2f28..220e7c68f1 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h
|
||||||
|
@@ -45,6 +45,20 @@ typedef struct _DHCP6_INSTANCE DHCP6_INSTANCE;
|
||||||
|
#define DHCP6_SERVICE_SIGNATURE SIGNATURE_32 ('D', 'H', '6', 'S')
|
||||||
|
#define DHCP6_INSTANCE_SIGNATURE SIGNATURE_32 ('D', 'H', '6', 'I')
|
||||||
|
|
||||||
|
+#define DHCP6_PACKET_ALL 0
|
||||||
|
+#define DHCP6_PACKET_STATEFUL 1
|
||||||
|
+#define DHCP6_PACKET_STATELESS 2
|
||||||
|
+
|
||||||
|
+#define DHCP6_BASE_PACKET_SIZE 1024
|
||||||
|
+
|
||||||
|
+#define DHCP6_PORT_CLIENT 546
|
||||||
|
+#define DHCP6_PORT_SERVER 547
|
||||||
|
+
|
||||||
|
+#define DHCP_CHECK_MEDIA_WAITING_TIME EFI_TIMER_PERIOD_SECONDS(20)
|
||||||
|
+
|
||||||
|
+#define DHCP6_INSTANCE_FROM_THIS(Instance) CR ((Instance), DHCP6_INSTANCE, Dhcp6, DHCP6_INSTANCE_SIGNATURE)
|
||||||
|
+#define DHCP6_SERVICE_FROM_THIS(Service) CR ((Service), DHCP6_SERVICE, ServiceBinding, DHCP6_SERVICE_SIGNATURE)
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// For more information on DHCP options see RFC 8415, Section 21.1
|
||||||
|
//
|
||||||
|
@@ -59,12 +73,10 @@ typedef struct _DHCP6_INSTANCE DHCP6_INSTANCE;
|
||||||
|
// | (option-len octets) |
|
||||||
|
// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
//
|
||||||
|
-#define DHCP6_SIZE_OF_OPT_CODE (sizeof(UINT16))
|
||||||
|
-#define DHCP6_SIZE_OF_OPT_LEN (sizeof(UINT16))
|
||||||
|
+#define DHCP6_SIZE_OF_OPT_CODE (sizeof (((EFI_DHCP6_PACKET_OPTION *)0)->OpCode))
|
||||||
|
+#define DHCP6_SIZE_OF_OPT_LEN (sizeof (((EFI_DHCP6_PACKET_OPTION *)0)->OpLen))
|
||||||
|
|
||||||
|
-//
|
||||||
|
// Combined size of Code and Length
|
||||||
|
-//
|
||||||
|
#define DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN (DHCP6_SIZE_OF_OPT_CODE + \
|
||||||
|
DHCP6_SIZE_OF_OPT_LEN)
|
||||||
|
|
||||||
|
@@ -73,34 +85,122 @@ STATIC_ASSERT (
|
||||||
|
"Combined size of Code and Length must be 4 per RFC 8415"
|
||||||
|
);
|
||||||
|
|
||||||
|
-//
|
||||||
|
// Offset to the length is just past the code
|
||||||
|
-//
|
||||||
|
-#define DHCP6_OPT_LEN_OFFSET(a) (a + DHCP6_SIZE_OF_OPT_CODE)
|
||||||
|
+#define DHCP6_OFFSET_OF_OPT_LEN(a) (a + DHCP6_SIZE_OF_OPT_CODE)
|
||||||
|
STATIC_ASSERT (
|
||||||
|
- DHCP6_OPT_LEN_OFFSET (0) == 2,
|
||||||
|
+ DHCP6_OFFSET_OF_OPT_LEN (0) == 2,
|
||||||
|
"Offset of length is + 2 past start of option"
|
||||||
|
);
|
||||||
|
|
||||||
|
-#define DHCP6_OPT_DATA_OFFSET(a) (a + DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN)
|
||||||
|
+#define DHCP6_OFFSET_OF_OPT_DATA(a) (a + DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN)
|
||||||
|
STATIC_ASSERT (
|
||||||
|
- DHCP6_OPT_DATA_OFFSET (0) == 4,
|
||||||
|
+ DHCP6_OFFSET_OF_OPT_DATA (0) == 4,
|
||||||
|
"Offset to option data should be +4 from start of option"
|
||||||
|
);
|
||||||
|
+//
|
||||||
|
+// Identity Association options (both NA (Non-Temporary) and TA (Temporary Association))
|
||||||
|
+// are defined in RFC 8415 and are a deriviation of a TLV stucture
|
||||||
|
+// For more information on IA_NA see Section 21.4
|
||||||
|
+// For more information on IA_TA see Section 21.5
|
||||||
|
+//
|
||||||
|
+//
|
||||||
|
+// The format of IA_NA and IA_TA option:
|
||||||
|
+//
|
||||||
|
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | OPTION_IA_NA | option-len |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | IAID (4 octets) |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | T1 (only for IA_NA) |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | T2 (only for IA_NA) |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | |
|
||||||
|
+// . IA_NA-options/IA_TA-options .
|
||||||
|
+// . .
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+//
|
||||||
|
+#define DHCP6_SIZE_OF_IAID (sizeof(UINT32))
|
||||||
|
+#define DHCP6_SIZE_OF_TIME_INTERVAL (sizeof(UINT32))
|
||||||
|
|
||||||
|
-#define DHCP6_PACKET_ALL 0
|
||||||
|
-#define DHCP6_PACKET_STATEFUL 1
|
||||||
|
-#define DHCP6_PACKET_STATELESS 2
|
||||||
|
+// Combined size of IAID, T1, and T2
|
||||||
|
+#define DHCP6_SIZE_OF_COMBINED_IAID_T1_T2 (DHCP6_SIZE_OF_IAID + \
|
||||||
|
+ DHCP6_SIZE_OF_TIME_INTERVAL + \
|
||||||
|
+ DHCP6_SIZE_OF_TIME_INTERVAL)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_SIZE_OF_COMBINED_IAID_T1_T2 == 12,
|
||||||
|
+ "Combined size of IAID, T1, T2 must be 12 per RFC 8415"
|
||||||
|
+ );
|
||||||
|
|
||||||
|
-#define DHCP6_BASE_PACKET_SIZE 1024
|
||||||
|
+// This is the size of IA_TA without options
|
||||||
|
+#define DHCP6_MIN_SIZE_OF_IA_TA (DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN + \
|
||||||
|
+ DHCP6_SIZE_OF_IAID)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_MIN_SIZE_OF_IA_TA == 8,
|
||||||
|
+ "Minimum combined size of IA_TA per RFC 8415"
|
||||||
|
+ );
|
||||||
|
|
||||||
|
-#define DHCP6_PORT_CLIENT 546
|
||||||
|
-#define DHCP6_PORT_SERVER 547
|
||||||
|
+// Offset to a IA_TA inner option
|
||||||
|
+#define DHCP6_OFFSET_OF_IA_TA_INNER_OPT(a) (a + DHCP6_MIN_SIZE_OF_IA_TA)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_OFFSET_OF_IA_TA_INNER_OPT (0) == 8,
|
||||||
|
+ "Offset of IA_TA Inner option is + 8 past start of option"
|
||||||
|
+ );
|
||||||
|
|
||||||
|
-#define DHCP_CHECK_MEDIA_WAITING_TIME EFI_TIMER_PERIOD_SECONDS(20)
|
||||||
|
+// This is the size of IA_NA without options (16)
|
||||||
|
+#define DHCP6_MIN_SIZE_OF_IA_NA DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN + \
|
||||||
|
+ DHCP6_SIZE_OF_COMBINED_IAID_T1_T2
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_MIN_SIZE_OF_IA_NA == 16,
|
||||||
|
+ "Minimum combined size of IA_TA per RFC 8415"
|
||||||
|
+ );
|
||||||
|
|
||||||
|
-#define DHCP6_INSTANCE_FROM_THIS(Instance) CR ((Instance), DHCP6_INSTANCE, Dhcp6, DHCP6_INSTANCE_SIGNATURE)
|
||||||
|
-#define DHCP6_SERVICE_FROM_THIS(Service) CR ((Service), DHCP6_SERVICE, ServiceBinding, DHCP6_SERVICE_SIGNATURE)
|
||||||
|
+#define DHCP6_OFFSET_OF_IA_NA_INNER_OPT(a) (a + DHCP6_MIN_SIZE_OF_IA_NA)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_OFFSET_OF_IA_NA_INNER_OPT (0) == 16,
|
||||||
|
+ "Offset of IA_NA Inner option is + 16 past start of option"
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+#define DHCP6_OFFSET_OF_IA_NA_T1(a) (a + \
|
||||||
|
+ DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN + \
|
||||||
|
+ DHCP6_SIZE_OF_IAID)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_OFFSET_OF_IA_NA_T1 (0) == 8,
|
||||||
|
+ "Offset of IA_NA Inner option is + 8 past start of option"
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+#define DHCP6_OFFSET_OF_IA_NA_T2(a) (a + \
|
||||||
|
+ DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN +\
|
||||||
|
+ DHCP6_SIZE_OF_IAID + \
|
||||||
|
+ DHCP6_SIZE_OF_TIME_INTERVAL)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_OFFSET_OF_IA_NA_T2 (0) == 12,
|
||||||
|
+ "Offset of IA_NA Inner option is + 12 past start of option"
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// For more information see RFC 8415 Section 21.13
|
||||||
|
+//
|
||||||
|
+// The format of the Status Code Option:
|
||||||
|
+//
|
||||||
|
+// 0 1 2 3
|
||||||
|
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | OPTION_STATUS_CODE | option-len |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | status-code | |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
|
||||||
|
+// . .
|
||||||
|
+// . status-message .
|
||||||
|
+// . .
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+//
|
||||||
|
+#define DHCP6_OFFSET_OF_STATUS_CODE(a) (a + DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_OFFSET_OF_STATUS_CODE (0) == 4,
|
||||||
|
+ "Offset of status is + 4 past start of option"
|
||||||
|
+ );
|
||||||
|
|
||||||
|
extern EFI_IPv6_ADDRESS mAllDhcpRelayAndServersAddress;
|
||||||
|
extern EFI_DHCP6_PROTOCOL gDhcp6ProtocolTemplate;
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
index bf5aa7a769..89d16484a5 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
@@ -598,8 +598,8 @@ Dhcp6UpdateIaInfo (
|
||||||
|
// The inner options still start with 2 bytes option-code and 2 bytes option-len.
|
||||||
|
//
|
||||||
|
if (Instance->Config->IaDescriptor.Type == Dhcp6OptIana) {
|
||||||
|
- T1 = NTOHL (ReadUnaligned32 ((UINT32 *)(Option + 8)));
|
||||||
|
- T2 = NTOHL (ReadUnaligned32 ((UINT32 *)(Option + 12)));
|
||||||
|
+ T1 = NTOHL (ReadUnaligned32 ((UINT32 *)(DHCP6_OFFSET_OF_IA_NA_T1 (Option))));
|
||||||
|
+ T2 = NTOHL (ReadUnaligned32 ((UINT32 *)(DHCP6_OFFSET_OF_IA_NA_T2 (Option))));
|
||||||
|
//
|
||||||
|
// Refer to RFC3155 Chapter 22.4. If a client receives an IA_NA with T1 greater than T2,
|
||||||
|
// and both T1 and T2 are greater than 0, the client discards the IA_NA option and processes
|
||||||
|
@@ -609,13 +609,14 @@ Dhcp6UpdateIaInfo (
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
- IaInnerOpt = Option + 16;
|
||||||
|
- IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(Option + 2))) - 12);
|
||||||
|
+ IaInnerOpt = DHCP6_OFFSET_OF_IA_NA_INNER_OPT (Option);
|
||||||
|
+ IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option)))) - DHCP6_SIZE_OF_COMBINED_IAID_T1_T2);
|
||||||
|
} else {
|
||||||
|
- T1 = 0;
|
||||||
|
- T2 = 0;
|
||||||
|
- IaInnerOpt = Option + 8;
|
||||||
|
- IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(Option + 2))) - 4);
|
||||||
|
+ T1 = 0;
|
||||||
|
+ T2 = 0;
|
||||||
|
+
|
||||||
|
+ IaInnerOpt = DHCP6_OFFSET_OF_IA_TA_INNER_OPT (Option);
|
||||||
|
+ IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option)))) - DHCP6_SIZE_OF_IAID);
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
@@ -641,7 +642,7 @@ Dhcp6UpdateIaInfo (
|
||||||
|
Option = Dhcp6SeekOption (IaInnerOpt, IaInnerLen, Dhcp6OptStatusCode);
|
||||||
|
|
||||||
|
if (Option != NULL) {
|
||||||
|
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(Option + 4)));
|
||||||
|
+ StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option))));
|
||||||
|
if (StsCode != Dhcp6StsSuccess) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
@@ -661,6 +662,87 @@ Dhcp6UpdateIaInfo (
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ Seeks the Inner Options from a DHCP6 Option
|
||||||
|
+
|
||||||
|
+ @param[in] IaType The type of the IA option.
|
||||||
|
+ @param[in] Option The pointer to the DHCP6 Option.
|
||||||
|
+ @param[in] OptionLen The length of the DHCP6 Option.
|
||||||
|
+ @param[out] IaInnerOpt The pointer to the IA inner option.
|
||||||
|
+ @param[out] IaInnerLen The length of the IA inner option.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Seek the inner option successfully.
|
||||||
|
+ @retval EFI_DEVICE_ERROR The OptionLen is invalid. On Error,
|
||||||
|
+ the pointers are not modified
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ IN UINT16 IaType,
|
||||||
|
+ IN UINT8 *Option,
|
||||||
|
+ IN UINT32 OptionLen,
|
||||||
|
+ OUT UINT8 **IaInnerOpt,
|
||||||
|
+ OUT UINT16 *IaInnerLen
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ UINT16 IaInnerLenTmp;
|
||||||
|
+ UINT8 *IaInnerOptTmp;
|
||||||
|
+
|
||||||
|
+ if (Option == NULL) {
|
||||||
|
+ ASSERT (Option != NULL);
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (IaInnerOpt == NULL) {
|
||||||
|
+ ASSERT (IaInnerOpt != NULL);
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (IaInnerLen == NULL) {
|
||||||
|
+ ASSERT (IaInnerLen != NULL);
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (IaType == Dhcp6OptIana) {
|
||||||
|
+ // Verify we have a fully formed IA_NA
|
||||||
|
+ if (OptionLen < DHCP6_MIN_SIZE_OF_IA_NA) {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ IaInnerOptTmp = DHCP6_OFFSET_OF_IA_NA_INNER_OPT (Option);
|
||||||
|
+
|
||||||
|
+ // Verify the IaInnerLen is valid.
|
||||||
|
+ IaInnerLenTmp = (UINT16)NTOHS (ReadUnaligned16 ((UINT16 *)DHCP6_OFFSET_OF_OPT_LEN (Option)));
|
||||||
|
+ if (IaInnerLenTmp < DHCP6_SIZE_OF_COMBINED_IAID_T1_T2) {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ IaInnerLenTmp -= DHCP6_SIZE_OF_COMBINED_IAID_T1_T2;
|
||||||
|
+ } else if (IaType == Dhcp6OptIata) {
|
||||||
|
+ // Verify the OptionLen is valid.
|
||||||
|
+ if (OptionLen < DHCP6_MIN_SIZE_OF_IA_TA) {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ IaInnerOptTmp = DHCP6_OFFSET_OF_IA_TA_INNER_OPT (Option);
|
||||||
|
+
|
||||||
|
+ // Verify the IaInnerLen is valid.
|
||||||
|
+ IaInnerLenTmp = (UINT16)NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option))));
|
||||||
|
+ if (IaInnerLenTmp < DHCP6_SIZE_OF_IAID) {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ IaInnerLenTmp -= DHCP6_SIZE_OF_IAID;
|
||||||
|
+ } else {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ *IaInnerOpt = IaInnerOptTmp;
|
||||||
|
+ *IaInnerLen = IaInnerLenTmp;
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
Seek StatusCode Option in package. A Status Code option may appear in the
|
||||||
|
options field of a DHCP message and/or in the options field of another option.
|
||||||
|
@@ -684,6 +766,12 @@ Dhcp6SeekStsOption (
|
||||||
|
UINT8 *IaInnerOpt;
|
||||||
|
UINT16 IaInnerLen;
|
||||||
|
UINT16 StsCode;
|
||||||
|
+ UINT32 OptionLen;
|
||||||
|
+
|
||||||
|
+ // OptionLen is the length of the Options excluding the DHCP header.
|
||||||
|
+ // Length of the EFI_DHCP6_PACKET from the first byte of the Header field to the last
|
||||||
|
+ // byte of the Option[] field.
|
||||||
|
+ OptionLen = Packet->Length - sizeof (Packet->Dhcp6.Header);
|
||||||
|
|
||||||
|
//
|
||||||
|
// Seek StatusCode option directly in DHCP message body. That is, search in
|
||||||
|
@@ -691,12 +779,12 @@ Dhcp6SeekStsOption (
|
||||||
|
//
|
||||||
|
*Option = Dhcp6SeekOption (
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - 4,
|
||||||
|
+ OptionLen,
|
||||||
|
Dhcp6OptStatusCode
|
||||||
|
);
|
||||||
|
|
||||||
|
if (*Option != NULL) {
|
||||||
|
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(*Option + 4)));
|
||||||
|
+ StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_STATUS_CODE (*Option))));
|
||||||
|
if (StsCode != Dhcp6StsSuccess) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
@@ -707,7 +795,7 @@ Dhcp6SeekStsOption (
|
||||||
|
//
|
||||||
|
*Option = Dhcp6SeekIaOption (
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
+ OptionLen,
|
||||||
|
&Instance->Config->IaDescriptor
|
||||||
|
);
|
||||||
|
if (*Option == NULL) {
|
||||||
|
@@ -715,52 +803,35 @@ Dhcp6SeekStsOption (
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
- // The format of the IA_NA option is:
|
||||||
|
+ // Calculate the distance from Packet->Dhcp6.Option to the IA option.
|
||||||
|
//
|
||||||
|
- // 0 1 2 3
|
||||||
|
- // 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | OPTION_IA_NA | option-len |
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | IAID (4 octets) |
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | T1 |
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | T2 |
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | |
|
||||||
|
- // . IA_NA-options .
|
||||||
|
- // . .
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+ // Packet->Size and Packet->Length are both UINT32 type, and Packet->Size is
|
||||||
|
+ // the size of the whole packet, including the DHCP header, and Packet->Length
|
||||||
|
+ // is the length of the DHCP message body, excluding the DHCP header.
|
||||||
|
//
|
||||||
|
- // The format of the IA_TA option is:
|
||||||
|
+ // (*Option - Packet->Dhcp6.Option) is the number of bytes from the start of
|
||||||
|
+ // DHCP6 option area to the start of the IA option.
|
||||||
|
//
|
||||||
|
- // 0 1 2 3
|
||||||
|
- // 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | OPTION_IA_TA | option-len |
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | IAID (4 octets) |
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | |
|
||||||
|
- // . IA_TA-options .
|
||||||
|
- // . .
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+ // Dhcp6SeekInnerOptionSafe() is searching starting from the start of the
|
||||||
|
+ // IA option to the end of the DHCP6 option area, thus subtract the space
|
||||||
|
+ // up until this option
|
||||||
|
//
|
||||||
|
+ OptionLen = OptionLen - (*Option - Packet->Dhcp6.Option);
|
||||||
|
|
||||||
|
//
|
||||||
|
- // sizeof (option-code + option-len + IaId) = 8
|
||||||
|
- // sizeof (option-code + option-len + IaId + T1) = 12
|
||||||
|
- // sizeof (option-code + option-len + IaId + T1 + T2) = 16
|
||||||
|
- //
|
||||||
|
- // The inner options still start with 2 bytes option-code and 2 bytes option-len.
|
||||||
|
+ // Seek the inner option
|
||||||
|
//
|
||||||
|
- if (Instance->Config->IaDescriptor.Type == Dhcp6OptIana) {
|
||||||
|
- IaInnerOpt = *Option + 16;
|
||||||
|
- IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(*Option + 2))) - 12);
|
||||||
|
- } else {
|
||||||
|
- IaInnerOpt = *Option + 8;
|
||||||
|
- IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(*Option + 2))) - 4);
|
||||||
|
+ if (EFI_ERROR (
|
||||||
|
+ Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ Instance->Config->IaDescriptor.Type,
|
||||||
|
+ *Option,
|
||||||
|
+ OptionLen,
|
||||||
|
+ &IaInnerOpt,
|
||||||
|
+ &IaInnerLen
|
||||||
|
+ )
|
||||||
|
+ ))
|
||||||
|
+ {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
@@ -784,7 +855,7 @@ Dhcp6SeekStsOption (
|
||||||
|
//
|
||||||
|
*Option = Dhcp6SeekOption (IaInnerOpt, IaInnerLen, Dhcp6OptStatusCode);
|
||||||
|
if (*Option != NULL) {
|
||||||
|
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(*Option + 4)));
|
||||||
|
+ StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)((DHCP6_OFFSET_OF_STATUS_CODE (*Option)))));
|
||||||
|
if (StsCode != Dhcp6StsSuccess) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
@@ -1105,7 +1176,7 @@ Dhcp6SendRequestMsg (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
Instance->AdSelect->Dhcp6.Option,
|
||||||
|
- Instance->AdSelect->Length - 4,
|
||||||
|
+ Instance->AdSelect->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptServerId
|
||||||
|
);
|
||||||
|
if (Option == NULL) {
|
||||||
|
@@ -1289,7 +1360,7 @@ Dhcp6SendDeclineMsg (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
LastReply->Dhcp6.Option,
|
||||||
|
- LastReply->Length - 4,
|
||||||
|
+ LastReply->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptServerId
|
||||||
|
);
|
||||||
|
if (Option == NULL) {
|
||||||
|
@@ -1448,7 +1519,7 @@ Dhcp6SendReleaseMsg (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
LastReply->Dhcp6.Option,
|
||||||
|
- LastReply->Length - 4,
|
||||||
|
+ LastReply->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptServerId
|
||||||
|
);
|
||||||
|
if (Option == NULL) {
|
||||||
|
@@ -1673,7 +1744,7 @@ Dhcp6SendRenewRebindMsg (
|
||||||
|
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
LastReply->Dhcp6.Option,
|
||||||
|
- LastReply->Length - 4,
|
||||||
|
+ LastReply->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptServerId
|
||||||
|
);
|
||||||
|
if (Option == NULL) {
|
||||||
|
@@ -2208,7 +2279,7 @@ Dhcp6HandleReplyMsg (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - 4,
|
||||||
|
+ Packet->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptRapidCommit
|
||||||
|
);
|
||||||
|
|
||||||
|
@@ -2354,7 +2425,7 @@ Dhcp6HandleReplyMsg (
|
||||||
|
//
|
||||||
|
// Any error status code option is found.
|
||||||
|
//
|
||||||
|
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(Option + 4)));
|
||||||
|
+ StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)((DHCP6_OFFSET_OF_STATUS_CODE (Option)))));
|
||||||
|
switch (StsCode) {
|
||||||
|
case Dhcp6StsUnspecFail:
|
||||||
|
//
|
||||||
|
@@ -2487,7 +2558,7 @@ Dhcp6SelectAdvertiseMsg (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
AdSelect->Dhcp6.Option,
|
||||||
|
- AdSelect->Length - 4,
|
||||||
|
+ AdSelect->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptServerUnicast
|
||||||
|
);
|
||||||
|
|
||||||
|
@@ -2498,7 +2569,7 @@ Dhcp6SelectAdvertiseMsg (
|
||||||
|
return EFI_OUT_OF_RESOURCES;
|
||||||
|
}
|
||||||
|
|
||||||
|
- CopyMem (Instance->Unicast, Option + 4, sizeof (EFI_IPv6_ADDRESS));
|
||||||
|
+ CopyMem (Instance->Unicast, DHCP6_OFFSET_OF_OPT_DATA (Option), sizeof (EFI_IPv6_ADDRESS));
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
@@ -2551,7 +2622,7 @@ Dhcp6HandleAdvertiseMsg (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - 4,
|
||||||
|
+ Packet->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptRapidCommit
|
||||||
|
);
|
||||||
|
|
||||||
|
@@ -2645,7 +2716,7 @@ Dhcp6HandleAdvertiseMsg (
|
||||||
|
CopyMem (Instance->AdSelect, Packet, Packet->Size);
|
||||||
|
|
||||||
|
if (Option != NULL) {
|
||||||
|
- Instance->AdPref = *(Option + 4);
|
||||||
|
+ Instance->AdPref = *(DHCP6_OFFSET_OF_OPT_DATA (Option));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
//
|
||||||
|
@@ -2714,11 +2785,11 @@ Dhcp6HandleStateful (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - 4,
|
||||||
|
+ Packet->Length - DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN,
|
||||||
|
Dhcp6OptClientId
|
||||||
|
);
|
||||||
|
|
||||||
|
- if ((Option == NULL) || (CompareMem (Option + 4, ClientId->Duid, ClientId->Length) != 0)) {
|
||||||
|
+ if ((Option == NULL) || (CompareMem (DHCP6_OFFSET_OF_OPT_DATA (Option), ClientId->Duid, ClientId->Length) != 0)) {
|
||||||
|
goto ON_CONTINUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -2727,7 +2798,7 @@ Dhcp6HandleStateful (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - 4,
|
||||||
|
+ Packet->Length - DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN,
|
||||||
|
Dhcp6OptServerId
|
||||||
|
);
|
||||||
|
|
||||||
|
@@ -2832,7 +2903,7 @@ Dhcp6HandleStateless (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - 4,
|
||||||
|
+ Packet->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptServerId
|
||||||
|
);
|
||||||
|
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,257 @@
|
|||||||
|
From dcfd5b6e28536e5b28fb4c47ec57f8d106b6b181 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 15/18] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229
|
||||||
|
Related Patch
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [15/18] e2fe2033c2f90145249d9416a539d5b2fc52596a
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21841
|
||||||
|
CVE: CVE-2023-45229
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 1c440a5eceedc64e892877eeac0f1a4938f5abbb
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Tue Feb 13 10:46:00 2024 -0800
|
||||||
|
|
||||||
|
NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Related Patch
|
||||||
|
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4673
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4534
|
||||||
|
|
||||||
|
This was not part of the Quarkslab bugs however the same pattern
|
||||||
|
as CVE-2023-45229 exists in Dhcp6UpdateIaInfo.
|
||||||
|
|
||||||
|
This patch replaces the code in question with the safe function
|
||||||
|
created to patch CVE-2023-45229
|
||||||
|
|
||||||
|
>
|
||||||
|
> if (EFI_ERROR (
|
||||||
|
> Dhcp6SeekInnerOptionSafe (
|
||||||
|
> Instance->Config->IaDescriptor.Type,
|
||||||
|
> Option,
|
||||||
|
> OptionLen,
|
||||||
|
> &IaInnerOpt,
|
||||||
|
> &IaInnerLen
|
||||||
|
> )
|
||||||
|
> ))
|
||||||
|
> {
|
||||||
|
> return EFI_DEVICE_ERROR;
|
||||||
|
> }
|
||||||
|
>
|
||||||
|
|
||||||
|
Additionally corrects incorrect usage of macro to read the status
|
||||||
|
|
||||||
|
> - StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)DHCP6_OFFSET_OF_OPT_LEN
|
||||||
|
(Option)));
|
||||||
|
> + StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)
|
||||||
|
DHCP6_OFFSET_OF_STATUS_CODE (Option));
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Dhcp6Dxe/Dhcp6Io.c | 70 ++++++++++++++++++++++++++---------
|
||||||
|
NetworkPkg/Dhcp6Dxe/Dhcp6Io.h | 22 +++++++++++
|
||||||
|
2 files changed, 75 insertions(+), 17 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
index 3b8feb4a20..a9bffae353 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
@@ -528,13 +528,23 @@ Dhcp6UpdateIaInfo (
|
||||||
|
{
|
||||||
|
EFI_STATUS Status;
|
||||||
|
UINT8 *Option;
|
||||||
|
+ UINT32 OptionLen;
|
||||||
|
UINT8 *IaInnerOpt;
|
||||||
|
UINT16 IaInnerLen;
|
||||||
|
UINT16 StsCode;
|
||||||
|
UINT32 T1;
|
||||||
|
UINT32 T2;
|
||||||
|
|
||||||
|
+ T1 = 0;
|
||||||
|
+ T2 = 0;
|
||||||
|
+
|
||||||
|
ASSERT (Instance->Config != NULL);
|
||||||
|
+
|
||||||
|
+ // OptionLen is the length of the Options excluding the DHCP header.
|
||||||
|
+ // Length of the EFI_DHCP6_PACKET from the first byte of the Header field to the last
|
||||||
|
+ // byte of the Option[] field.
|
||||||
|
+ OptionLen = Packet->Length - sizeof (Packet->Dhcp6.Header);
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// If the reply was received in response to a solicit with rapid commit option,
|
||||||
|
// request, renew or rebind message, the client updates the information it has
|
||||||
|
@@ -549,13 +559,29 @@ Dhcp6UpdateIaInfo (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekIaOption (
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
+ OptionLen,
|
||||||
|
&Instance->Config->IaDescriptor
|
||||||
|
);
|
||||||
|
if (Option == NULL) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Calculate the distance from Packet->Dhcp6.Option to the IA option.
|
||||||
|
+ //
|
||||||
|
+ // Packet->Size and Packet->Length are both UINT32 type, and Packet->Size is
|
||||||
|
+ // the size of the whole packet, including the DHCP header, and Packet->Length
|
||||||
|
+ // is the length of the DHCP message body, excluding the DHCP header.
|
||||||
|
+ //
|
||||||
|
+ // (*Option - Packet->Dhcp6.Option) is the number of bytes from the start of
|
||||||
|
+ // DHCP6 option area to the start of the IA option.
|
||||||
|
+ //
|
||||||
|
+ // Dhcp6SeekInnerOptionSafe() is searching starting from the start of the
|
||||||
|
+ // IA option to the end of the DHCP6 option area, thus subtract the space
|
||||||
|
+ // up until this option
|
||||||
|
+ //
|
||||||
|
+ OptionLen = OptionLen - (UINT32)(Option - Packet->Dhcp6.Option);
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// The format of the IA_NA option is:
|
||||||
|
//
|
||||||
|
@@ -591,32 +617,32 @@ Dhcp6UpdateIaInfo (
|
||||||
|
//
|
||||||
|
|
||||||
|
//
|
||||||
|
- // sizeof (option-code + option-len + IaId) = 8
|
||||||
|
- // sizeof (option-code + option-len + IaId + T1) = 12
|
||||||
|
- // sizeof (option-code + option-len + IaId + T1 + T2) = 16
|
||||||
|
- //
|
||||||
|
- // The inner options still start with 2 bytes option-code and 2 bytes option-len.
|
||||||
|
+ // Seek the inner option
|
||||||
|
//
|
||||||
|
+ if (EFI_ERROR (
|
||||||
|
+ Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ Instance->Config->IaDescriptor.Type,
|
||||||
|
+ Option,
|
||||||
|
+ OptionLen,
|
||||||
|
+ &IaInnerOpt,
|
||||||
|
+ &IaInnerLen
|
||||||
|
+ )
|
||||||
|
+ ))
|
||||||
|
+ {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (Instance->Config->IaDescriptor.Type == Dhcp6OptIana) {
|
||||||
|
T1 = NTOHL (ReadUnaligned32 ((UINT32 *)(DHCP6_OFFSET_OF_IA_NA_T1 (Option))));
|
||||||
|
T2 = NTOHL (ReadUnaligned32 ((UINT32 *)(DHCP6_OFFSET_OF_IA_NA_T2 (Option))));
|
||||||
|
//
|
||||||
|
// Refer to RFC3155 Chapter 22.4. If a client receives an IA_NA with T1 greater than T2,
|
||||||
|
// and both T1 and T2 are greater than 0, the client discards the IA_NA option and processes
|
||||||
|
- // the remainder of the message as though the server had not included the invalid IA_NA option.
|
||||||
|
+ // the remainder of the message as though the server had not included the invalid IA_NA option.
|
||||||
|
//
|
||||||
|
if ((T1 > T2) && (T2 > 0)) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
-
|
||||||
|
- IaInnerOpt = DHCP6_OFFSET_OF_IA_NA_INNER_OPT (Option);
|
||||||
|
- IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option)))) - DHCP6_SIZE_OF_COMBINED_IAID_T1_T2);
|
||||||
|
- } else {
|
||||||
|
- T1 = 0;
|
||||||
|
- T2 = 0;
|
||||||
|
-
|
||||||
|
- IaInnerOpt = DHCP6_OFFSET_OF_IA_TA_INNER_OPT (Option);
|
||||||
|
- IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option)))) - DHCP6_SIZE_OF_IAID);
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
@@ -642,7 +668,7 @@ Dhcp6UpdateIaInfo (
|
||||||
|
Option = Dhcp6SeekOption (IaInnerOpt, IaInnerLen, Dhcp6OptStatusCode);
|
||||||
|
|
||||||
|
if (Option != NULL) {
|
||||||
|
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option))));
|
||||||
|
+ StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_STATUS_CODE (Option))));
|
||||||
|
if (StsCode != Dhcp6StsSuccess) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
@@ -703,15 +729,21 @@ Dhcp6SeekInnerOptionSafe (
|
||||||
|
}
|
||||||
|
|
||||||
|
if (IaType == Dhcp6OptIana) {
|
||||||
|
+ //
|
||||||
|
// Verify we have a fully formed IA_NA
|
||||||
|
+ //
|
||||||
|
if (OptionLen < DHCP6_MIN_SIZE_OF_IA_NA) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Get the IA Inner Option and Length
|
||||||
|
//
|
||||||
|
IaInnerOptTmp = DHCP6_OFFSET_OF_IA_NA_INNER_OPT (Option);
|
||||||
|
|
||||||
|
+ //
|
||||||
|
// Verify the IaInnerLen is valid.
|
||||||
|
+ //
|
||||||
|
IaInnerLenTmp = (UINT16)NTOHS (ReadUnaligned16 ((UINT16 *)DHCP6_OFFSET_OF_OPT_LEN (Option)));
|
||||||
|
if (IaInnerLenTmp < DHCP6_SIZE_OF_COMBINED_IAID_T1_T2) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
@@ -719,14 +751,18 @@ Dhcp6SeekInnerOptionSafe (
|
||||||
|
|
||||||
|
IaInnerLenTmp -= DHCP6_SIZE_OF_COMBINED_IAID_T1_T2;
|
||||||
|
} else if (IaType == Dhcp6OptIata) {
|
||||||
|
+ //
|
||||||
|
// Verify the OptionLen is valid.
|
||||||
|
+ //
|
||||||
|
if (OptionLen < DHCP6_MIN_SIZE_OF_IA_TA) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
IaInnerOptTmp = DHCP6_OFFSET_OF_IA_TA_INNER_OPT (Option);
|
||||||
|
|
||||||
|
+ //
|
||||||
|
// Verify the IaInnerLen is valid.
|
||||||
|
+ //
|
||||||
|
IaInnerLenTmp = (UINT16)NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option))));
|
||||||
|
if (IaInnerLenTmp < DHCP6_SIZE_OF_IAID) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.h b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.h
|
||||||
|
index 051a652f2b..ab0e1ac27f 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.h
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.h
|
||||||
|
@@ -217,4 +217,26 @@ Dhcp6OnTimerTick (
|
||||||
|
IN VOID *Context
|
||||||
|
);
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ Seeks the Inner Options from a DHCP6 Option
|
||||||
|
+
|
||||||
|
+ @param[in] IaType The type of the IA option.
|
||||||
|
+ @param[in] Option The pointer to the DHCP6 Option.
|
||||||
|
+ @param[in] OptionLen The length of the DHCP6 Option.
|
||||||
|
+ @param[out] IaInnerOpt The pointer to the IA inner option.
|
||||||
|
+ @param[out] IaInnerLen The length of the IA inner option.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Seek the inner option successfully.
|
||||||
|
+ @retval EFI_DEVICE_ERROR The OptionLen is invalid. On Error,
|
||||||
|
+ the pointers are not modified
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ IN UINT16 IaType,
|
||||||
|
+ IN UINT8 *Option,
|
||||||
|
+ IN UINT32 OptionLen,
|
||||||
|
+ OUT UINT8 **IaInnerOpt,
|
||||||
|
+ OUT UINT16 *IaInnerLen
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
#endif
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,565 @@
|
|||||||
|
From 76930459d2e3f82e10968ec8904e45c8bac77fd8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 9 Feb 2024 17:57:07 -0500
|
||||||
|
Subject: [PATCH 05/18] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229
|
||||||
|
Unit Tests
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [5/18] 7421b6f8d8e6bc3d8ea4aaf90f65608136b968b2
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21841
|
||||||
|
CVE: CVE-2023-45229
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 07362769ab7a7d74dbea1c7a7a3662c7b5d1f097
|
||||||
|
Author: Doug Flick via groups.io <dougflick=microsoft.com@groups.io>
|
||||||
|
Date: Fri Jan 26 05:54:47 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests
|
||||||
|
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4534
|
||||||
|
|
||||||
|
These tests confirm that the report bug...
|
||||||
|
|
||||||
|
"Out-of-bounds read when processing IA_NA/IA_TA options in a
|
||||||
|
DHCPv6 Advertise message"
|
||||||
|
|
||||||
|
..has been patched.
|
||||||
|
|
||||||
|
The following functions are tested to confirm an out of bounds read is
|
||||||
|
patched and that the correct statuses are returned:
|
||||||
|
|
||||||
|
Dhcp6SeekInnerOptionSafe
|
||||||
|
Dhcp6SeekStsOption
|
||||||
|
|
||||||
|
TCBZ4534
|
||||||
|
CVE-2023-45229
|
||||||
|
CVSS 6.5 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
||||||
|
CWE-125 Out-of-bounds Read
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Dhcp6Dxe/Dhcp6Io.c | 2 +-
|
||||||
|
.../GoogleTest/Dhcp6DxeGoogleTest.inf | 1 +
|
||||||
|
.../Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp | 365 +++++++++++++++++-
|
||||||
|
.../Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.h | 58 +++
|
||||||
|
NetworkPkg/Test/NetworkPkgHostTest.dsc | 1 +
|
||||||
|
5 files changed, 424 insertions(+), 3 deletions(-)
|
||||||
|
create mode 100644 NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.h
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
index 89d16484a5..3b8feb4a20 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
@@ -816,7 +816,7 @@ Dhcp6SeekStsOption (
|
||||||
|
// IA option to the end of the DHCP6 option area, thus subtract the space
|
||||||
|
// up until this option
|
||||||
|
//
|
||||||
|
- OptionLen = OptionLen - (*Option - Packet->Dhcp6.Option);
|
||||||
|
+ OptionLen = OptionLen - (UINT32)(*Option - Packet->Dhcp6.Option);
|
||||||
|
|
||||||
|
//
|
||||||
|
// Seek the inner option
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
index 8e9119a371..12532ed30c 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
@@ -18,6 +18,7 @@
|
||||||
|
[Sources]
|
||||||
|
Dhcp6DxeGoogleTest.cpp
|
||||||
|
Dhcp6IoGoogleTest.cpp
|
||||||
|
+ Dhcp6IoGoogleTest.h
|
||||||
|
../Dhcp6Io.c
|
||||||
|
../Dhcp6Utility.c
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
|
||||||
|
index 7ee40e4af4..7db253a7b8 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
|
||||||
|
@@ -13,6 +13,7 @@ extern "C" {
|
||||||
|
#include <Library/BaseMemoryLib.h>
|
||||||
|
#include "../Dhcp6Impl.h"
|
||||||
|
#include "../Dhcp6Utility.h"
|
||||||
|
+ #include "Dhcp6IoGoogleTest.h"
|
||||||
|
}
|
||||||
|
|
||||||
|
////////////////////////////////////////////////////////////////////////
|
||||||
|
@@ -21,7 +22,35 @@ extern "C" {
|
||||||
|
|
||||||
|
#define DHCP6_PACKET_MAX_LEN 1500
|
||||||
|
|
||||||
|
+// This definition is used by this test but is also required to compile
|
||||||
|
+// by Dhcp6Io.c
|
||||||
|
+#define DHCPV6_OPTION_IA_NA 3
|
||||||
|
+#define DHCPV6_OPTION_IA_TA 4
|
||||||
|
+
|
||||||
|
+#define SEARCH_PATTERN 0xDEADC0DE
|
||||||
|
+#define SEARCH_PATTERN_LEN sizeof(SEARCH_PATTERN)
|
||||||
|
+
|
||||||
|
////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Test structures for IA_NA and IA_TA options
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+typedef struct {
|
||||||
|
+ UINT16 Code;
|
||||||
|
+ UINT16 Len;
|
||||||
|
+ UINT32 IAID;
|
||||||
|
+} DHCPv6_OPTION;
|
||||||
|
+
|
||||||
|
+typedef struct {
|
||||||
|
+ DHCPv6_OPTION Header;
|
||||||
|
+ UINT32 T1;
|
||||||
|
+ UINT32 T2;
|
||||||
|
+ UINT8 InnerOptions[0];
|
||||||
|
+} DHCPv6_OPTION_IA_NA;
|
||||||
|
+
|
||||||
|
+typedef struct {
|
||||||
|
+ DHCPv6_OPTION Header;
|
||||||
|
+ UINT8 InnerOptions[0];
|
||||||
|
+} DHCPv6_OPTION_IA_TA;
|
||||||
|
+
|
||||||
|
////////////////////////////////////////////////////////////////////////
|
||||||
|
// Symbol Definitions
|
||||||
|
// These functions are not directly under test - but required to compile
|
||||||
|
@@ -210,7 +239,7 @@ TEST_F (Dhcp6AppendETOptionTest, InvalidDataExpectBufferTooSmall) {
|
||||||
|
Status = Dhcp6AppendETOption (
|
||||||
|
Dhcp6AppendETOptionTest::Packet,
|
||||||
|
&Cursor,
|
||||||
|
- &Instance, // Instance is not used in this function
|
||||||
|
+ &Instance, // Instance is not used in this function
|
||||||
|
&ElapsedTime
|
||||||
|
);
|
||||||
|
|
||||||
|
@@ -240,7 +269,7 @@ TEST_F (Dhcp6AppendETOptionTest, ValidDataExpectSuccess) {
|
||||||
|
Status = Dhcp6AppendETOption (
|
||||||
|
Dhcp6AppendETOptionTest::Packet,
|
||||||
|
&Cursor,
|
||||||
|
- &Instance, // Instance is not used in this function
|
||||||
|
+ &Instance, // Instance is not used in this function
|
||||||
|
&ElapsedTime
|
||||||
|
);
|
||||||
|
|
||||||
|
@@ -476,3 +505,335 @@ TEST_F (Dhcp6AppendIaOptionTest, IaTaValidDataExpectSuccess) {
|
||||||
|
// verify that the status is EFI_SUCCESS
|
||||||
|
ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Dhcp6SeekInnerOptionSafe Tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+// Define a fixture for your tests if needed
|
||||||
|
+class Dhcp6SeekInnerOptionSafeTest : public ::testing::Test {
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Initialize any resources or variables
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// This test verifies that Dhcp6SeekInnerOptionSafe returns EFI_SUCCESS when the IANA option is found.
|
||||||
|
+TEST_F (Dhcp6SeekInnerOptionSafeTest, IANAValidOptionExpectSuccess) {
|
||||||
|
+ EFI_STATUS Result;
|
||||||
|
+ UINT8 Option[sizeof (DHCPv6_OPTION_IA_NA) + SEARCH_PATTERN_LEN] = { 0 };
|
||||||
|
+ UINT32 OptionLength = sizeof (Option);
|
||||||
|
+ DHCPv6_OPTION_IA_NA *OptionPtr = (DHCPv6_OPTION_IA_NA *)Option;
|
||||||
|
+ UINT32 SearchPattern = SEARCH_PATTERN;
|
||||||
|
+
|
||||||
|
+ UINTN SearchPatternLength = SEARCH_PATTERN_LEN;
|
||||||
|
+ UINT8 *InnerOptionPtr = NULL;
|
||||||
|
+ UINT16 InnerOptionLength = 0;
|
||||||
|
+
|
||||||
|
+ OptionPtr->Header.Code = Dhcp6OptIana;
|
||||||
|
+ OptionPtr->Header.Len = HTONS (4 + 12); // Valid length has to be more than 12
|
||||||
|
+ OptionPtr->Header.IAID = 0x12345678;
|
||||||
|
+ OptionPtr->T1 = 0x11111111;
|
||||||
|
+ OptionPtr->T2 = 0x22222222;
|
||||||
|
+ CopyMem (OptionPtr->InnerOptions, &SearchPattern, SearchPatternLength);
|
||||||
|
+
|
||||||
|
+ Result = Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ Dhcp6OptIana,
|
||||||
|
+ Option,
|
||||||
|
+ OptionLength,
|
||||||
|
+ &InnerOptionPtr,
|
||||||
|
+ &InnerOptionLength
|
||||||
|
+ );
|
||||||
|
+ ASSERT_EQ (Result, EFI_SUCCESS);
|
||||||
|
+ ASSERT_EQ (InnerOptionLength, 4);
|
||||||
|
+ ASSERT_EQ (CompareMem (InnerOptionPtr, &SearchPattern, SearchPatternLength), 0);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// This test verifies that Dhcp6SeekInnerOptionSafe returns EFI_DEIVCE_ERROR when the IANA option size is invalid.
|
||||||
|
+TEST_F (Dhcp6SeekInnerOptionSafeTest, IANAInvalidSizeExpectFail) {
|
||||||
|
+ // Lets add an inner option of bytes we expect to find
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ UINT8 Option[sizeof (DHCPv6_OPTION_IA_NA) + SEARCH_PATTERN_LEN] = { 0 };
|
||||||
|
+ UINT32 OptionLength = sizeof (Option);
|
||||||
|
+ DHCPv6_OPTION_IA_NA *OptionPtr = (DHCPv6_OPTION_IA_NA *)Option;
|
||||||
|
+ UINT32 SearchPattern = SEARCH_PATTERN;
|
||||||
|
+
|
||||||
|
+ UINTN SearchPatternLength = SEARCH_PATTERN_LEN;
|
||||||
|
+ UINT8 *InnerOptionPtr = NULL;
|
||||||
|
+ UINT16 InnerOptionLength = 0;
|
||||||
|
+
|
||||||
|
+ OptionPtr->Header.Code = Dhcp6OptIana;
|
||||||
|
+ OptionPtr->Header.Len = HTONS (4); // Set the length to lower than expected (12)
|
||||||
|
+ OptionPtr->Header.IAID = 0x12345678;
|
||||||
|
+ OptionPtr->T1 = 0x11111111;
|
||||||
|
+ OptionPtr->T2 = 0x22222222;
|
||||||
|
+ CopyMem (OptionPtr->InnerOptions, &SearchPattern, SearchPatternLength);
|
||||||
|
+
|
||||||
|
+ // Set the InnerOptionLength to be less than the size of the option
|
||||||
|
+ Status = Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ Dhcp6OptIana,
|
||||||
|
+ Option,
|
||||||
|
+ OptionLength,
|
||||||
|
+ &InnerOptionPtr,
|
||||||
|
+ &InnerOptionLength
|
||||||
|
+ );
|
||||||
|
+ ASSERT_EQ (Status, EFI_DEVICE_ERROR);
|
||||||
|
+
|
||||||
|
+ // Now set the OptionLength to be less than the size of the option
|
||||||
|
+ OptionLength = sizeof (DHCPv6_OPTION_IA_NA) - 1;
|
||||||
|
+ Status = Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ Dhcp6OptIana,
|
||||||
|
+ Option,
|
||||||
|
+ OptionLength,
|
||||||
|
+ &InnerOptionPtr,
|
||||||
|
+ &InnerOptionLength
|
||||||
|
+ );
|
||||||
|
+ ASSERT_EQ (Status, EFI_DEVICE_ERROR);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// This test verifies that Dhcp6SeekInnerOptionSafe returns EFI_SUCCESS when the IATA option is found
|
||||||
|
+TEST_F (Dhcp6SeekInnerOptionSafeTest, IATAValidOptionExpectSuccess) {
|
||||||
|
+ // Lets add an inner option of bytes we expect to find
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ UINT8 Option[sizeof (DHCPv6_OPTION_IA_TA) + SEARCH_PATTERN_LEN] = { 0 };
|
||||||
|
+ UINT32 OptionLength = sizeof (Option);
|
||||||
|
+ DHCPv6_OPTION_IA_TA *OptionPtr = (DHCPv6_OPTION_IA_TA *)Option;
|
||||||
|
+ UINT32 SearchPattern = SEARCH_PATTERN;
|
||||||
|
+
|
||||||
|
+ UINTN SearchPatternLength = SEARCH_PATTERN_LEN;
|
||||||
|
+ UINT8 *InnerOptionPtr = NULL;
|
||||||
|
+ UINT16 InnerOptionLength = 0;
|
||||||
|
+
|
||||||
|
+ OptionPtr->Header.Code = Dhcp6OptIata;
|
||||||
|
+ OptionPtr->Header.Len = HTONS (4 + 4); // Valid length has to be more than 4
|
||||||
|
+ OptionPtr->Header.IAID = 0x12345678;
|
||||||
|
+ CopyMem (OptionPtr->InnerOptions, &SearchPattern, SearchPatternLength);
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ Dhcp6OptIata,
|
||||||
|
+ Option,
|
||||||
|
+ OptionLength,
|
||||||
|
+ &InnerOptionPtr,
|
||||||
|
+ &InnerOptionLength
|
||||||
|
+ );
|
||||||
|
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
+ ASSERT_EQ (InnerOptionLength, 4);
|
||||||
|
+ ASSERT_EQ (CompareMem (InnerOptionPtr, &SearchPattern, SearchPatternLength), 0);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// This test verifies that Dhcp6SeekInnerOptionSafe returns EFI_SUCCESS when the IATA option size is invalid.
|
||||||
|
+TEST_F (Dhcp6SeekInnerOptionSafeTest, IATAInvalidSizeExpectFail) {
|
||||||
|
+ // Lets add an inner option of bytes we expect to find
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ UINT8 Option[sizeof (DHCPv6_OPTION_IA_TA) + SEARCH_PATTERN_LEN] = { 0 };
|
||||||
|
+ UINT32 OptionLength = sizeof (Option);
|
||||||
|
+ DHCPv6_OPTION_IA_TA *OptionPtr = (DHCPv6_OPTION_IA_TA *)Option;
|
||||||
|
+ UINT32 SearchPattern = SEARCH_PATTERN;
|
||||||
|
+
|
||||||
|
+ UINTN SearchPatternLength = SEARCH_PATTERN_LEN;
|
||||||
|
+ UINT8 *InnerOptionPtr = NULL;
|
||||||
|
+ UINT16 InnerOptionLength = 0;
|
||||||
|
+
|
||||||
|
+ OptionPtr->Header.Code = Dhcp6OptIata;
|
||||||
|
+ OptionPtr->Header.Len = HTONS (2); // Set the length to lower than expected (4)
|
||||||
|
+ OptionPtr->Header.IAID = 0x12345678;
|
||||||
|
+ CopyMem (OptionPtr->InnerOptions, &SearchPattern, SearchPatternLength);
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ Dhcp6OptIata,
|
||||||
|
+ Option,
|
||||||
|
+ OptionLength,
|
||||||
|
+ &InnerOptionPtr,
|
||||||
|
+ &InnerOptionLength
|
||||||
|
+ );
|
||||||
|
+ ASSERT_EQ (Status, EFI_DEVICE_ERROR);
|
||||||
|
+
|
||||||
|
+ // Now lets try modifying the OptionLength to be less than the size of the option
|
||||||
|
+ OptionLength = sizeof (DHCPv6_OPTION_IA_TA) - 1;
|
||||||
|
+ Status = Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ Dhcp6OptIata,
|
||||||
|
+ Option,
|
||||||
|
+ OptionLength,
|
||||||
|
+ &InnerOptionPtr,
|
||||||
|
+ &InnerOptionLength
|
||||||
|
+ );
|
||||||
|
+ ASSERT_EQ (Status, EFI_DEVICE_ERROR);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// This test verifies that any other Option Type fails
|
||||||
|
+TEST_F (Dhcp6SeekInnerOptionSafeTest, InvalidOption) {
|
||||||
|
+ // Lets add an inner option of bytes we expect to find
|
||||||
|
+ EFI_STATUS Result;
|
||||||
|
+ UINT8 Option[sizeof (DHCPv6_OPTION_IA_TA) + SEARCH_PATTERN_LEN] = { 0 };
|
||||||
|
+ UINT32 OptionLength = sizeof (Option);
|
||||||
|
+ DHCPv6_OPTION_IA_TA *OptionPtr = (DHCPv6_OPTION_IA_TA *)Option;
|
||||||
|
+ UINT32 SearchPattern = SEARCH_PATTERN;
|
||||||
|
+
|
||||||
|
+ UINTN SearchPatternLength = SEARCH_PATTERN_LEN;
|
||||||
|
+ UINT8 *InnerOptionPtr = NULL;
|
||||||
|
+ UINT16 InnerOptionLength = 0;
|
||||||
|
+
|
||||||
|
+ OptionPtr->Header.Code = 0xC0DE;
|
||||||
|
+ OptionPtr->Header.Len = HTONS (2); // Set the length to lower than expected (4)
|
||||||
|
+ OptionPtr->Header.IAID = 0x12345678;
|
||||||
|
+ CopyMem (OptionPtr->InnerOptions, &SearchPattern, SearchPatternLength);
|
||||||
|
+
|
||||||
|
+ Result = Dhcp6SeekInnerOptionSafe (0xC0DE, Option, OptionLength, &InnerOptionPtr, &InnerOptionLength);
|
||||||
|
+ ASSERT_EQ (Result, EFI_DEVICE_ERROR);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Dhcp6SeekStsOption Tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+#define PACKET_SIZE (1500)
|
||||||
|
+
|
||||||
|
+class Dhcp6SeekStsOptionTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ DHCP6_INSTANCE Instance = { 0 };
|
||||||
|
+ EFI_DHCP6_PACKET *Packet = NULL;
|
||||||
|
+ EFI_DHCP6_CONFIG_DATA Config = { 0 };
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Allocate a packet
|
||||||
|
+ Packet = (EFI_DHCP6_PACKET *)AllocateZeroPool (PACKET_SIZE);
|
||||||
|
+ ASSERT_NE (Packet, nullptr);
|
||||||
|
+
|
||||||
|
+ // Initialize the packet
|
||||||
|
+ Packet->Size = PACKET_SIZE;
|
||||||
|
+
|
||||||
|
+ Instance.Config = &Config;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ FreePool (Packet);
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// This test verifies that Dhcp6SeekStsOption returns EFI_DEVICE_ERROR when the option is invalid
|
||||||
|
+// This verifies that the calling function is working as expected
|
||||||
|
+TEST_F (Dhcp6SeekStsOptionTest, SeekIATAOptionExpectFail) {
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ UINT8 *Option = NULL;
|
||||||
|
+ UINT32 SearchPattern = SEARCH_PATTERN;
|
||||||
|
+ UINT16 SearchPatternLength = SEARCH_PATTERN_LEN;
|
||||||
|
+ UINT16 *Len = NULL;
|
||||||
|
+ EFI_DHCP6_IA Ia = { 0 };
|
||||||
|
+
|
||||||
|
+ Ia.Descriptor.Type = DHCPV6_OPTION_IA_TA;
|
||||||
|
+ Ia.IaAddressCount = 1;
|
||||||
|
+ Ia.IaAddress[0].PreferredLifetime = 0xDEADBEEF;
|
||||||
|
+ Ia.IaAddress[0].ValidLifetime = 0xDEADAAAA;
|
||||||
|
+ Ia.IaAddress[0].IpAddress = mAllDhcpRelayAndServersAddress;
|
||||||
|
+
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+
|
||||||
|
+ Option = Dhcp6SeekStsOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+
|
||||||
|
+ // Let's append the option to the packet
|
||||||
|
+ Status = Dhcp6AppendOption (
|
||||||
|
+ Dhcp6SeekStsOptionTest::Packet,
|
||||||
|
+ &Option,
|
||||||
|
+ Dhcp6OptStatusCode,
|
||||||
|
+ SearchPatternLength,
|
||||||
|
+ (UINT8 *)&SearchPattern
|
||||||
|
+ );
|
||||||
|
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
+
|
||||||
|
+ // Inner option length - this will be overwritten later
|
||||||
|
+ Len = (UINT16 *)(Option + 2);
|
||||||
|
+
|
||||||
|
+ // Fill in the inner IA option
|
||||||
|
+ Status = Dhcp6AppendIaOption (
|
||||||
|
+ Dhcp6SeekStsOptionTest::Packet,
|
||||||
|
+ &Option,
|
||||||
|
+ &Ia,
|
||||||
|
+ 0x12345678,
|
||||||
|
+ 0x11111111,
|
||||||
|
+ 0x22222222
|
||||||
|
+ );
|
||||||
|
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
+
|
||||||
|
+ // overwrite the len of inner Ia option
|
||||||
|
+ *Len = HTONS (3);
|
||||||
|
+
|
||||||
|
+ Dhcp6SeekStsOptionTest::Instance.Config->IaDescriptor.Type = DHCPV6_OPTION_IA_TA;
|
||||||
|
+
|
||||||
|
+ Option = NULL;
|
||||||
|
+ Status = Dhcp6SeekStsOption (&(Dhcp6SeekStsOptionTest::Instance), Dhcp6SeekStsOptionTest::Packet, &Option);
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (Status, EFI_DEVICE_ERROR);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// This test verifies that Dhcp6SeekInnerOptionSafe returns EFI_SUCCESS when the IATA option size is invalid.
|
||||||
|
+TEST_F (Dhcp6SeekStsOptionTest, SeekIANAOptionExpectSuccess) {
|
||||||
|
+ EFI_STATUS Status = EFI_NOT_FOUND;
|
||||||
|
+ UINT8 *Option = NULL;
|
||||||
|
+ UINT32 SearchPattern = SEARCH_PATTERN;
|
||||||
|
+ UINT16 SearchPatternLength = SEARCH_PATTERN_LEN;
|
||||||
|
+ EFI_DHCP6_IA Ia = { 0 };
|
||||||
|
+
|
||||||
|
+ Ia.Descriptor.Type = DHCPV6_OPTION_IA_NA;
|
||||||
|
+ Ia.IaAddressCount = 1;
|
||||||
|
+ Ia.IaAddress[0].PreferredLifetime = 0x11111111;
|
||||||
|
+ Ia.IaAddress[0].ValidLifetime = 0x22222222;
|
||||||
|
+ Ia.IaAddress[0].IpAddress = mAllDhcpRelayAndServersAddress;
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+
|
||||||
|
+ Option = Dhcp6SeekStsOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendOption (
|
||||||
|
+ Dhcp6SeekStsOptionTest::Packet,
|
||||||
|
+ &Option,
|
||||||
|
+ Dhcp6OptStatusCode,
|
||||||
|
+ SearchPatternLength,
|
||||||
|
+ (UINT8 *)&SearchPattern
|
||||||
|
+ );
|
||||||
|
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendIaOption (
|
||||||
|
+ Dhcp6SeekStsOptionTest::Packet,
|
||||||
|
+ &Option,
|
||||||
|
+ &Ia,
|
||||||
|
+ 0x12345678,
|
||||||
|
+ 0x11111111,
|
||||||
|
+ 0x22222222
|
||||||
|
+ );
|
||||||
|
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
+
|
||||||
|
+ Dhcp6SeekStsOptionTest::Instance.Config->IaDescriptor.Type = DHCPV6_OPTION_IA_NA;
|
||||||
|
+
|
||||||
|
+ Option = NULL;
|
||||||
|
+ Status = Dhcp6SeekStsOption (&(Dhcp6SeekStsOptionTest::Instance), Dhcp6SeekStsOptionTest::Packet, &Option);
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.h b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.h
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..aed3b89082
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.h
|
||||||
|
@@ -0,0 +1,58 @@
|
||||||
|
+/** @file
|
||||||
|
+ Acts as header for private functions under test in Dhcp6Io.c
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+
|
||||||
|
+#ifndef DHCP6_IO_GOOGLE_TEST_H_
|
||||||
|
+#define DHCP6_IO_GOOGLE_TEST_H_
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// These are the functions that are being unit tested
|
||||||
|
+////////////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+#include <Uefi.h>
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Seeks the Inner Options from a DHCP6 Option
|
||||||
|
+
|
||||||
|
+ @param[in] IaType The type of the IA option.
|
||||||
|
+ @param[in] Option The pointer to the DHCP6 Option.
|
||||||
|
+ @param[in] OptionLen The length of the DHCP6 Option.
|
||||||
|
+ @param[out] IaInnerOpt The pointer to the IA inner option.
|
||||||
|
+ @param[out] IaInnerLen The length of the IA inner option.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Seek the inner option successfully.
|
||||||
|
+ @retval EFI_DEVICE_ERROR The OptionLen is invalid.
|
||||||
|
+*/
|
||||||
|
+EFI_STATUS
|
||||||
|
+Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ UINT16 IaType,
|
||||||
|
+ UINT8 *Option,
|
||||||
|
+ UINT32 OptionLen,
|
||||||
|
+ UINT8 **IaInnerOpt,
|
||||||
|
+ UINT16 *IaInnerLen
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Seek StatusCode Option in package. A Status Code option may appear in the
|
||||||
|
+ options field of a DHCP message and/or in the options field of another option.
|
||||||
|
+ See details in section 22.13, RFC3315.
|
||||||
|
+
|
||||||
|
+ @param[in] Instance The pointer to the Dhcp6 instance.
|
||||||
|
+ @param[in] Packet The pointer to reply messages.
|
||||||
|
+ @param[out] Option The pointer to status code option.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Seek status code option successfully.
|
||||||
|
+ @retval EFI_DEVICE_ERROR An unexpected error.
|
||||||
|
+
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+Dhcp6SeekStsOption (
|
||||||
|
+ IN DHCP6_INSTANCE *Instance,
|
||||||
|
+ IN EFI_DHCP6_PACKET *Packet,
|
||||||
|
+ OUT UINT8 **Option
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+#endif // DHCP6_IO_GOOGLE_TEST_H
|
||||||
|
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
index 20bc90b172..24dee654df 100644
|
||||||
|
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
@@ -16,6 +16,7 @@
|
||||||
|
SKUID_IDENTIFIER = DEFAULT
|
||||||
|
|
||||||
|
!include UnitTestFrameworkPkg/UnitTestFrameworkPkgHost.dsc.inc
|
||||||
|
+
|
||||||
|
[Packages]
|
||||||
|
MdePkg/MdePkg.dec
|
||||||
|
UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,630 @@
|
|||||||
|
From c4b0517aaa38857640b4b08b55803ae8a833c1e7 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 8 Feb 2024 10:35:14 -0500
|
||||||
|
Subject: [PATCH 03/18] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230
|
||||||
|
Unit Tests
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [3/18] 0fe85bcd3683b2424bcd91ad1495d1b79eb07405
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21843
|
||||||
|
CVE: CVE-2023-45230
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 5f3658197bf29c83b3349b0ab1d99cdb0c3814bc
|
||||||
|
Author: Doug Flick via groups.io <dougflick=microsoft.com@groups.io>
|
||||||
|
Date: Fri Jan 26 05:54:45 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Unit Tests
|
||||||
|
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4535
|
||||||
|
|
||||||
|
Confirms that reported issue...
|
||||||
|
|
||||||
|
"Buffer overflow in the DHCPv6 client via a long Server ID option"
|
||||||
|
|
||||||
|
..has been corrected by the provided patch.
|
||||||
|
|
||||||
|
Tests the following functions to ensure they appropriately handle
|
||||||
|
untrusted data (either too long or too small) to prevent a buffer
|
||||||
|
overflow:
|
||||||
|
|
||||||
|
Dhcp6AppendOption
|
||||||
|
Dhcp6AppendETOption
|
||||||
|
Dhcp6AppendIaOption
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../GoogleTest/Dhcp6DxeGoogleTest.cpp | 20 +
|
||||||
|
.../GoogleTest/Dhcp6DxeGoogleTest.inf | 43 ++
|
||||||
|
.../Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp | 478 ++++++++++++++++++
|
||||||
|
NetworkPkg/Test/NetworkPkgHostTest.dsc | 1 +
|
||||||
|
4 files changed, 542 insertions(+)
|
||||||
|
create mode 100644 NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.cpp
|
||||||
|
create mode 100644 NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
create mode 100644 NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.cpp b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.cpp
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..9aeced2f91
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.cpp
|
||||||
|
@@ -0,0 +1,20 @@
|
||||||
|
+/** @file
|
||||||
|
+ Acts as the main entry point for the tests for the Dhcp6Dxe module.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+#include <gtest/gtest.h>
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Run the tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////////////
|
||||||
|
+int
|
||||||
|
+main (
|
||||||
|
+ int argc,
|
||||||
|
+ char *argv[]
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ testing::InitGoogleTest (&argc, argv);
|
||||||
|
+ return RUN_ALL_TESTS ();
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..8e9119a371
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
@@ -0,0 +1,43 @@
|
||||||
|
+## @file
|
||||||
|
+# Unit test suite for the Dhcp6Dxe using Google Test
|
||||||
|
+#
|
||||||
|
+# Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+##
|
||||||
|
+[Defines]
|
||||||
|
+ INF_VERSION = 0x00010017
|
||||||
|
+ BASE_NAME = Dhcp6DxeGoogleTest
|
||||||
|
+ FILE_GUID = 1D2A4C65-38C8-4C2F-BB60-B5FA49625AA9
|
||||||
|
+ VERSION_STRING = 1.0
|
||||||
|
+ MODULE_TYPE = HOST_APPLICATION
|
||||||
|
+#
|
||||||
|
+# The following information is for reference only and not required by the build tools.
|
||||||
|
+#
|
||||||
|
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
|
||||||
|
+#
|
||||||
|
+[Sources]
|
||||||
|
+ Dhcp6DxeGoogleTest.cpp
|
||||||
|
+ Dhcp6IoGoogleTest.cpp
|
||||||
|
+ ../Dhcp6Io.c
|
||||||
|
+ ../Dhcp6Utility.c
|
||||||
|
+
|
||||||
|
+[Packages]
|
||||||
|
+ MdePkg/MdePkg.dec
|
||||||
|
+ MdeModulePkg/MdeModulePkg.dec
|
||||||
|
+ UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||||
|
+ NetworkPkg/NetworkPkg.dec
|
||||||
|
+
|
||||||
|
+[LibraryClasses]
|
||||||
|
+ GoogleTestLib
|
||||||
|
+ DebugLib
|
||||||
|
+ NetLib
|
||||||
|
+ PcdLib
|
||||||
|
+
|
||||||
|
+[Protocols]
|
||||||
|
+ gEfiDhcp6ServiceBindingProtocolGuid
|
||||||
|
+
|
||||||
|
+[Pcd]
|
||||||
|
+ gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType
|
||||||
|
+
|
||||||
|
+[Guids]
|
||||||
|
+ gZeroGuid
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..7ee40e4af4
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
|
||||||
|
@@ -0,0 +1,478 @@
|
||||||
|
+/** @file
|
||||||
|
+ Tests for Dhcp6Io.c.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+#include <gtest/gtest.h>
|
||||||
|
+
|
||||||
|
+extern "C" {
|
||||||
|
+ #include <Uefi.h>
|
||||||
|
+ #include <Library/BaseLib.h>
|
||||||
|
+ #include <Library/DebugLib.h>
|
||||||
|
+ #include <Library/BaseMemoryLib.h>
|
||||||
|
+ #include "../Dhcp6Impl.h"
|
||||||
|
+ #include "../Dhcp6Utility.h"
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Defines
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+#define DHCP6_PACKET_MAX_LEN 1500
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Symbol Definitions
|
||||||
|
+// These functions are not directly under test - but required to compile
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+// This definition is used by this test but is also required to compile
|
||||||
|
+// by Dhcp6Io.c
|
||||||
|
+EFI_IPv6_ADDRESS mAllDhcpRelayAndServersAddress = {
|
||||||
|
+ { 0xFF, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 2 }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+UdpIoSendDatagram (
|
||||||
|
+ IN UDP_IO *UdpIo,
|
||||||
|
+ IN NET_BUF *Packet,
|
||||||
|
+ IN UDP_END_POINT *EndPoint OPTIONAL,
|
||||||
|
+ IN EFI_IP_ADDRESS *Gateway OPTIONAL,
|
||||||
|
+ IN UDP_IO_CALLBACK CallBack,
|
||||||
|
+ IN VOID *Context
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+UdpIoRecvDatagram (
|
||||||
|
+ IN UDP_IO *UdpIo,
|
||||||
|
+ IN UDP_IO_CALLBACK CallBack,
|
||||||
|
+ IN VOID *Context,
|
||||||
|
+ IN UINT32 HeadLen
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Dhcp6AppendOptionTest Tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+class Dhcp6AppendOptionTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ UINT8 *Buffer = NULL;
|
||||||
|
+ EFI_DHCP6_PACKET *Packet;
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Initialize any resources or variables
|
||||||
|
+ Buffer = (UINT8 *)AllocateZeroPool (DHCP6_PACKET_MAX_LEN);
|
||||||
|
+ ASSERT_NE (Buffer, (UINT8 *)NULL);
|
||||||
|
+
|
||||||
|
+ Packet = (EFI_DHCP6_PACKET *)Buffer;
|
||||||
|
+ Packet->Size = DHCP6_PACKET_MAX_LEN;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ if (Buffer != NULL) {
|
||||||
|
+ FreePool (Buffer);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Attempt to append an option to a packet that is too small by a duid that is too large
|
||||||
|
+TEST_F (Dhcp6AppendOptionTest, InvalidDataExpectBufferTooSmall) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_DHCP6_DUID *UntrustedDuid;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
+ UntrustedDuid = (EFI_DHCP6_DUID *)AllocateZeroPool (sizeof (EFI_DHCP6_DUID));
|
||||||
|
+ ASSERT_NE (UntrustedDuid, (EFI_DHCP6_DUID *)NULL);
|
||||||
|
+
|
||||||
|
+ UntrustedDuid->Length = NTOHS (0xFFFF);
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendOption (
|
||||||
|
+ Dhcp6AppendOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ HTONS (Dhcp6OptServerId),
|
||||||
|
+ UntrustedDuid->Length,
|
||||||
|
+ UntrustedDuid->Duid
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (Status, EFI_BUFFER_TOO_SMALL);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Attempt to append an option to a packet that is large enough
|
||||||
|
+TEST_F (Dhcp6AppendOptionTest, ValidDataExpectSuccess) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_DHCP6_DUID *UntrustedDuid;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ UINTN OriginalLength;
|
||||||
|
+
|
||||||
|
+ UINT8 Duid[6] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05 };
|
||||||
|
+
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+ OriginalLength = Packet->Length;
|
||||||
|
+
|
||||||
|
+ UntrustedDuid = (EFI_DHCP6_DUID *)AllocateZeroPool (sizeof (EFI_DHCP6_DUID));
|
||||||
|
+ ASSERT_NE (UntrustedDuid, (EFI_DHCP6_DUID *)NULL);
|
||||||
|
+
|
||||||
|
+ UntrustedDuid->Length = NTOHS (sizeof (Duid));
|
||||||
|
+ CopyMem (UntrustedDuid->Duid, Duid, sizeof (Duid));
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendOption (
|
||||||
|
+ Dhcp6AppendOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ HTONS (Dhcp6OptServerId),
|
||||||
|
+ UntrustedDuid->Length,
|
||||||
|
+ UntrustedDuid->Duid
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
+
|
||||||
|
+ // verify that the pointer to cursor moved by the expected amount
|
||||||
|
+ ASSERT_EQ (Cursor, (UINT8 *)Dhcp6AppendOptionTest::Packet->Dhcp6.Option + sizeof (Duid) + 4);
|
||||||
|
+
|
||||||
|
+ // verify that the length of the packet is now the expected amount
|
||||||
|
+ ASSERT_EQ (Dhcp6AppendOptionTest::Packet->Length, OriginalLength + sizeof (Duid) + 4);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Dhcp6AppendETOption Tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+class Dhcp6AppendETOptionTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ UINT8 *Buffer = NULL;
|
||||||
|
+ EFI_DHCP6_PACKET *Packet;
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Initialize any resources or variables
|
||||||
|
+ Buffer = (UINT8 *)AllocateZeroPool (DHCP6_PACKET_MAX_LEN);
|
||||||
|
+ ASSERT_NE (Buffer, (UINT8 *)NULL);
|
||||||
|
+
|
||||||
|
+ Packet = (EFI_DHCP6_PACKET *)Buffer;
|
||||||
|
+ Packet->Size = DHCP6_PACKET_MAX_LEN;
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ if (Buffer != NULL) {
|
||||||
|
+ FreePool (Buffer);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Attempt to append an option to a packet that is too small by a duid that is too large
|
||||||
|
+TEST_F (Dhcp6AppendETOptionTest, InvalidDataExpectBufferTooSmall) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ DHCP6_INSTANCE Instance;
|
||||||
|
+ UINT16 ElapsedTimeVal;
|
||||||
|
+ UINT16 *ElapsedTime;
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendETOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+ ElapsedTime = &ElapsedTimeVal;
|
||||||
|
+
|
||||||
|
+ Packet->Length = Packet->Size - 2;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendETOption (
|
||||||
|
+ Dhcp6AppendETOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ &Instance, // Instance is not used in this function
|
||||||
|
+ &ElapsedTime
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ // verify that we error out because the packet is too small for the option header
|
||||||
|
+ ASSERT_EQ (Status, EFI_BUFFER_TOO_SMALL);
|
||||||
|
+
|
||||||
|
+ // reset the length
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Attempt to append an option to a packet that is large enough
|
||||||
|
+TEST_F (Dhcp6AppendETOptionTest, ValidDataExpectSuccess) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ DHCP6_INSTANCE Instance;
|
||||||
|
+ UINT16 ElapsedTimeVal;
|
||||||
|
+ UINT16 *ElapsedTime;
|
||||||
|
+ UINTN ExpectedSize;
|
||||||
|
+ UINTN OriginalLength;
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendETOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+ ElapsedTime = &ElapsedTimeVal;
|
||||||
|
+ ExpectedSize = 6;
|
||||||
|
+ OriginalLength = Packet->Length;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendETOption (
|
||||||
|
+ Dhcp6AppendETOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ &Instance, // Instance is not used in this function
|
||||||
|
+ &ElapsedTime
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ // verify that the status is EFI_SUCCESS
|
||||||
|
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
+
|
||||||
|
+ // verify that the pointer to cursor moved by the expected amount
|
||||||
|
+ ASSERT_EQ (Cursor, (UINT8 *)Dhcp6AppendETOptionTest::Packet->Dhcp6.Option + ExpectedSize);
|
||||||
|
+
|
||||||
|
+ // verify that the length of the packet is now the expected amount
|
||||||
|
+ ASSERT_EQ (Dhcp6AppendETOptionTest::Packet->Length, OriginalLength + ExpectedSize);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Dhcp6AppendIaOption Tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+class Dhcp6AppendIaOptionTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ UINT8 *Buffer = NULL;
|
||||||
|
+ EFI_DHCP6_PACKET *Packet;
|
||||||
|
+ EFI_DHCP6_IA *Ia;
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Initialize any resources or variables
|
||||||
|
+ Buffer = (UINT8 *)AllocateZeroPool (DHCP6_PACKET_MAX_LEN);
|
||||||
|
+ ASSERT_NE (Buffer, (UINT8 *)NULL);
|
||||||
|
+
|
||||||
|
+ Packet = (EFI_DHCP6_PACKET *)Buffer;
|
||||||
|
+ Packet->Size = DHCP6_PACKET_MAX_LEN;
|
||||||
|
+
|
||||||
|
+ Ia = (EFI_DHCP6_IA *)AllocateZeroPool (sizeof (EFI_DHCP6_IA) + sizeof (EFI_DHCP6_IA_ADDRESS) * 2);
|
||||||
|
+ ASSERT_NE (Ia, (EFI_DHCP6_IA *)NULL);
|
||||||
|
+
|
||||||
|
+ CopyMem (Ia->IaAddress, mAllDhcpRelayAndServersAddress.Addr, sizeof (EFI_IPv6_ADDRESS));
|
||||||
|
+ CopyMem (Ia->IaAddress + 1, mAllDhcpRelayAndServersAddress.Addr, sizeof (EFI_IPv6_ADDRESS));
|
||||||
|
+
|
||||||
|
+ Ia->IaAddressCount = 2;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ if (Buffer != NULL) {
|
||||||
|
+ FreePool (Buffer);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (Ia != NULL) {
|
||||||
|
+ FreePool (Ia);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Attempt to append an option to a packet that doesn't have enough space
|
||||||
|
+// for the option header
|
||||||
|
+TEST_F (Dhcp6AppendIaOptionTest, IaNaInvalidDataExpectBufferTooSmall) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
+ Packet->Length = Packet->Size - 2;
|
||||||
|
+
|
||||||
|
+ Ia->Descriptor.Type = Dhcp6OptIana;
|
||||||
|
+ Ia->Descriptor.IaId = 0x12345678;
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendIaOption (
|
||||||
|
+ Dhcp6AppendIaOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ Ia,
|
||||||
|
+ 0x12345678,
|
||||||
|
+ 0x11111111,
|
||||||
|
+ Dhcp6OptIana
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ // verify that we error out because the packet is too small for the option header
|
||||||
|
+ ASSERT_EQ (Status, EFI_BUFFER_TOO_SMALL);
|
||||||
|
+
|
||||||
|
+ // reset the length
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Attempt to append an option to a packet that doesn't have enough space
|
||||||
|
+// for the option header
|
||||||
|
+TEST_F (Dhcp6AppendIaOptionTest, IaTaInvalidDataExpectBufferTooSmall) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
+ // Use up nearly all the space in the packet
|
||||||
|
+ Packet->Length = Packet->Size - 2;
|
||||||
|
+
|
||||||
|
+ Ia->Descriptor.Type = Dhcp6OptIata;
|
||||||
|
+ Ia->Descriptor.IaId = 0x12345678;
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendIaOption (
|
||||||
|
+ Dhcp6AppendIaOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ Ia,
|
||||||
|
+ 0,
|
||||||
|
+ 0,
|
||||||
|
+ Dhcp6OptIata
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ // verify that we error out because the packet is too small for the option header
|
||||||
|
+ ASSERT_EQ (Status, EFI_BUFFER_TOO_SMALL);
|
||||||
|
+
|
||||||
|
+ // reset the length
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+TEST_F (Dhcp6AppendIaOptionTest, IaNaValidDataExpectSuccess) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ UINTN ExpectedSize;
|
||||||
|
+ UINTN OriginalLength;
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // 2 bytes for the option header type
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize = 2;
|
||||||
|
+ //
|
||||||
|
+ // 2 bytes for the option header length
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += 2;
|
||||||
|
+ //
|
||||||
|
+ // 4 bytes for the IAID
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += 4;
|
||||||
|
+ //
|
||||||
|
+ // + 4 bytes for the T1
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += 4;
|
||||||
|
+ //
|
||||||
|
+ // + 4 bytes for the T2
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += 4;
|
||||||
|
+ //
|
||||||
|
+ // + (4 + sizeof (EFI_DHCP6_IA_ADDRESS)) * 2;
|
||||||
|
+ // + 2 bytes for the option header type
|
||||||
|
+ // + 2 bytes for the option header length
|
||||||
|
+ // + sizeof (EFI_DHCP6_IA_ADDRESS) for the IA Address
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += (4 + sizeof (EFI_DHCP6_IA_ADDRESS)) * 2;
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+ OriginalLength = Packet->Length;
|
||||||
|
+
|
||||||
|
+ Ia->Descriptor.Type = Dhcp6OptIana;
|
||||||
|
+ Ia->Descriptor.IaId = 0x12345678;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendIaOption (
|
||||||
|
+ Dhcp6AppendIaOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ Ia,
|
||||||
|
+ 0x12345678,
|
||||||
|
+ 0x12345678,
|
||||||
|
+ Dhcp6OptIana
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ // verify that the pointer to cursor moved by the expected amount
|
||||||
|
+ ASSERT_EQ (Cursor, (UINT8 *)Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option + ExpectedSize);
|
||||||
|
+
|
||||||
|
+ // verify that the length of the packet is now the expected amount
|
||||||
|
+ ASSERT_EQ (Dhcp6AppendIaOptionTest::Packet->Length, OriginalLength + ExpectedSize);
|
||||||
|
+
|
||||||
|
+ // verify that the status is EFI_SUCCESS
|
||||||
|
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+TEST_F (Dhcp6AppendIaOptionTest, IaTaValidDataExpectSuccess) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ UINTN ExpectedSize;
|
||||||
|
+ UINTN OriginalLength;
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // 2 bytes for the option header type
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize = 2;
|
||||||
|
+ //
|
||||||
|
+ // 2 bytes for the option header length
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += 2;
|
||||||
|
+ //
|
||||||
|
+ // 4 bytes for the IAID
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += 4;
|
||||||
|
+ //
|
||||||
|
+ // + (4 + sizeof (EFI_DHCP6_IA_ADDRESS)) * 2;
|
||||||
|
+ // + 2 bytes for the option header type
|
||||||
|
+ // + 2 bytes for the option header length
|
||||||
|
+ // + sizeof (EFI_DHCP6_IA_ADDRESS) for the IA Address
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += (4 + sizeof (EFI_DHCP6_IA_ADDRESS)) * 2;
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+ OriginalLength = Packet->Length;
|
||||||
|
+
|
||||||
|
+ Ia->Descriptor.Type = Dhcp6OptIata;
|
||||||
|
+ Ia->Descriptor.IaId = 0x12345678;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendIaOption (
|
||||||
|
+ Dhcp6AppendIaOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ Ia,
|
||||||
|
+ 0,
|
||||||
|
+ 0,
|
||||||
|
+ Dhcp6OptIata
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ // verify that the pointer to cursor moved by the expected amount
|
||||||
|
+ ASSERT_EQ (Cursor, (UINT8 *)Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option + ExpectedSize);
|
||||||
|
+
|
||||||
|
+ // verify that the length of the packet is now the expected amount
|
||||||
|
+ ASSERT_EQ (Dhcp6AppendIaOptionTest::Packet->Length, OriginalLength + ExpectedSize);
|
||||||
|
+
|
||||||
|
+ // verify that the status is EFI_SUCCESS
|
||||||
|
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
index 1aeca5c5b3..20bc90b172 100644
|
||||||
|
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
@@ -24,6 +24,7 @@
|
||||||
|
#
|
||||||
|
# Build HOST_APPLICATION that tests NetworkPkg
|
||||||
|
#
|
||||||
|
+ NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
|
||||||
|
# Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests.
|
||||||
|
[LibraryClasses]
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,43 @@
|
|||||||
|
From 07d8292cce31630859b9e3138078d8cc8412a72f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
Date: Wed, 14 Aug 2024 09:53:49 +0200
|
||||||
|
Subject: [PATCH 3/3] NetworkPkg/DxeNetLib: Reword PseudoRandom error logging
|
||||||
|
|
||||||
|
RH-Author: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-MergeRequest: 82: NetworkPkg/DxeNetLib: adjust PseudoRandom error logging
|
||||||
|
RH-Jira: RHEL-54188
|
||||||
|
RH-Commit: [2/2] acea6a5fd931cdb6854c69a4e3c6e49caed83e68
|
||||||
|
|
||||||
|
The word "Failed" is used when logging tired Rng algorithms.
|
||||||
|
These mostly non-critical messages confused some users.
|
||||||
|
|
||||||
|
Reword it and also add a message confirming eventual success to
|
||||||
|
deescalate the importance somewhat.
|
||||||
|
|
||||||
|
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Library/DxeNetLib/DxeNetLib.c | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
||||||
|
index 4dfbe91a55..905a944975 100644
|
||||||
|
--- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
||||||
|
+++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
||||||
|
@@ -946,12 +946,13 @@ PseudoRandom (
|
||||||
|
//
|
||||||
|
// Secure Algorithm was supported on this platform
|
||||||
|
//
|
||||||
|
+ DEBUG ((DEBUG_VERBOSE, "Generated random data using secure algorithm %d: %r\n", AlgorithmIndex, Status));
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
} else if (Status == EFI_UNSUPPORTED) {
|
||||||
|
//
|
||||||
|
// Secure Algorithm was not supported on this platform
|
||||||
|
//
|
||||||
|
- DEBUG ((DEBUG_VERBOSE, "Failed to generate random data using secure algorithm %d: %r\n", AlgorithmIndex, Status));
|
||||||
|
+ DEBUG ((DEBUG_VERBOSE, "Unable to generate random data using secure algorithm %d not available: %r\n", AlgorithmIndex, Status));
|
||||||
|
|
||||||
|
//
|
||||||
|
// Try the next secure algorithm
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,48 @@
|
|||||||
|
From 537128fa22e410dac59b149ed11264731f09765b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Wed, 19 Jun 2024 09:07:56 +0200
|
||||||
|
Subject: [PATCH 2/3] NetworkPkg/DxeNetLib: adjust PseudoRandom error logging
|
||||||
|
|
||||||
|
RH-Author: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-MergeRequest: 82: NetworkPkg/DxeNetLib: adjust PseudoRandom error logging
|
||||||
|
RH-Jira: RHEL-54188
|
||||||
|
RH-Commit: [1/2] 5c4699fd88b0ebcf7fe8b7e3a3895bf772aebdb3
|
||||||
|
|
||||||
|
There is a list of allowed rng algorithms, if /one/ of them is not
|
||||||
|
supported this is not a problem, only /all/ of them failing is an
|
||||||
|
error condition.
|
||||||
|
|
||||||
|
Downgrade the message for a single unsupported algorithm from ERROR to
|
||||||
|
VERBOSE. Add an error message in case we finish the loop without
|
||||||
|
finding a supported algorithm.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
(cherry picked from commit 6862b9d538d96363635677198899e1669e591259)
|
||||||
|
---
|
||||||
|
NetworkPkg/Library/DxeNetLib/DxeNetLib.c | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
||||||
|
index 01c13c08d2..4dfbe91a55 100644
|
||||||
|
--- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
||||||
|
+++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
||||||
|
@@ -951,7 +951,7 @@ PseudoRandom (
|
||||||
|
//
|
||||||
|
// Secure Algorithm was not supported on this platform
|
||||||
|
//
|
||||||
|
- DEBUG ((DEBUG_ERROR, "Failed to generate random data using secure algorithm %d: %r\n", AlgorithmIndex, Status));
|
||||||
|
+ DEBUG ((DEBUG_VERBOSE, "Failed to generate random data using secure algorithm %d: %r\n", AlgorithmIndex, Status));
|
||||||
|
|
||||||
|
//
|
||||||
|
// Try the next secure algorithm
|
||||||
|
@@ -971,6 +971,7 @@ PseudoRandom (
|
||||||
|
// If we get here, we failed to generate random data using any secure algorithm
|
||||||
|
// Platform owner should ensure that at least one secure algorithm is supported
|
||||||
|
//
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "Failed to generate random data, no supported secure algorithm found\n"));
|
||||||
|
ASSERT_EFI_ERROR (Status);
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,78 @@
|
|||||||
|
From d51f47c8654f44a787d70b675830ebc7a4ea74f6 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 15 Feb 2024 11:51:09 -0500
|
||||||
|
Subject: [PATCH 06/18] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Patch
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [6/18] 58ad218f1216ac1ea34ca01ef8cc21e207e2eaf2
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21845
|
||||||
|
CVE: CVE-2022-45231
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit bbfee34f4188ac00371abe1389ae9c9fb989a0cd
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:48 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Patch
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4536
|
||||||
|
|
||||||
|
Bug Overview:
|
||||||
|
PixieFail Bug #3
|
||||||
|
CVE-2023-45231
|
||||||
|
CVSS 6.5 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
||||||
|
CWE-125 Out-of-bounds Read
|
||||||
|
|
||||||
|
Out-of-bounds read when handling a ND Redirect message with truncated
|
||||||
|
options
|
||||||
|
|
||||||
|
Change Overview:
|
||||||
|
|
||||||
|
Adds a check to prevent truncated options from being parsed
|
||||||
|
+ //
|
||||||
|
+ // Cannot process truncated options.
|
||||||
|
+ // Cannot process options with a length of 0 as there is no Type
|
||||||
|
field.
|
||||||
|
+ //
|
||||||
|
+ if (OptionLen < sizeof (IP6_OPTION_HEADER)) {
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Ip6Dxe/Ip6Option.c | 8 ++++++++
|
||||||
|
1 file changed, 8 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/Ip6Option.c b/NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
index 199eea124d..8718d5d875 100644
|
||||||
|
--- a/NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
@@ -137,6 +137,14 @@ Ip6IsNDOptionValid (
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Cannot process truncated options.
|
||||||
|
+ // Cannot process options with a length of 0 as there is no Type field.
|
||||||
|
+ //
|
||||||
|
+ if (OptionLen < sizeof (IP6_OPTION_HEADER)) {
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
Offset = 0;
|
||||||
|
|
||||||
|
//
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,277 @@
|
|||||||
|
From a5757e84bd77ad98580c50ba81da2d1daf0f147a Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Wed, 14 Feb 2024 12:24:44 -0500
|
||||||
|
Subject: [PATCH 07/18] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Unit
|
||||||
|
Tests
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [7/18] 57d08b408b30ea98de1e5dfd74f8892b66c0867c
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21845
|
||||||
|
CVE: CVE-2022-45231
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 6f77463d72807ec7f4ed6518c3dac29a1040df9f
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:49 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Unit Tests
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4536
|
||||||
|
|
||||||
|
Validates that the patch for...
|
||||||
|
|
||||||
|
Out-of-bounds read when handling a ND Redirect message with truncated
|
||||||
|
options
|
||||||
|
|
||||||
|
.. has been fixed
|
||||||
|
|
||||||
|
Tests the following function to ensure that an out of bounds read does
|
||||||
|
not occur
|
||||||
|
Ip6OptionValidation
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp | 20 +++
|
||||||
|
.../Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf | 42 ++++++
|
||||||
|
.../Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp | 129 ++++++++++++++++++
|
||||||
|
NetworkPkg/Test/NetworkPkgHostTest.dsc | 1 +
|
||||||
|
4 files changed, 192 insertions(+)
|
||||||
|
create mode 100644 NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp
|
||||||
|
create mode 100644 NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
create mode 100644 NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..6ebfd5fdfb
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp
|
||||||
|
@@ -0,0 +1,20 @@
|
||||||
|
+/** @file
|
||||||
|
+ Acts as the main entry point for the tests for the Ip6Dxe module.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+#include <gtest/gtest.h>
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Run the tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////////////
|
||||||
|
+int
|
||||||
|
+main (
|
||||||
|
+ int argc,
|
||||||
|
+ char *argv[]
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ testing::InitGoogleTest (&argc, argv);
|
||||||
|
+ return RUN_ALL_TESTS ();
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..6e4de0745f
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
@@ -0,0 +1,42 @@
|
||||||
|
+## @file
|
||||||
|
+# Unit test suite for the Ip6Dxe using Google Test
|
||||||
|
+#
|
||||||
|
+# Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+##
|
||||||
|
+[Defines]
|
||||||
|
+ INF_VERSION = 0x00010017
|
||||||
|
+ BASE_NAME = Ip6DxeUnitTest
|
||||||
|
+ FILE_GUID = 4F05D17D-D3E7-4AAE-820C-576D46D2D34A
|
||||||
|
+ VERSION_STRING = 1.0
|
||||||
|
+ MODULE_TYPE = HOST_APPLICATION
|
||||||
|
+#
|
||||||
|
+# The following information is for reference only and not required by the build tools.
|
||||||
|
+#
|
||||||
|
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
|
||||||
|
+#
|
||||||
|
+[Sources]
|
||||||
|
+ Ip6DxeGoogleTest.cpp
|
||||||
|
+ Ip6OptionGoogleTest.cpp
|
||||||
|
+ ../Ip6Option.c
|
||||||
|
+
|
||||||
|
+[Packages]
|
||||||
|
+ MdePkg/MdePkg.dec
|
||||||
|
+ MdeModulePkg/MdeModulePkg.dec
|
||||||
|
+ UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||||
|
+ NetworkPkg/NetworkPkg.dec
|
||||||
|
+
|
||||||
|
+[LibraryClasses]
|
||||||
|
+ GoogleTestLib
|
||||||
|
+ DebugLib
|
||||||
|
+ NetLib
|
||||||
|
+ PcdLib
|
||||||
|
+
|
||||||
|
+[Protocols]
|
||||||
|
+ gEfiDhcp6ServiceBindingProtocolGuid
|
||||||
|
+
|
||||||
|
+[Pcd]
|
||||||
|
+ gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType
|
||||||
|
+
|
||||||
|
+[Guids]
|
||||||
|
+ gZeroGuid
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..f2cd90e1a9
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp
|
||||||
|
@@ -0,0 +1,129 @@
|
||||||
|
+/** @file
|
||||||
|
+ Tests for Ip6Option.c.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+#include <gtest/gtest.h>
|
||||||
|
+
|
||||||
|
+extern "C" {
|
||||||
|
+ #include <Uefi.h>
|
||||||
|
+ #include <Library/BaseLib.h>
|
||||||
|
+ #include <Library/DebugLib.h>
|
||||||
|
+ #include "../Ip6Impl.h"
|
||||||
|
+ #include "../Ip6Option.h"
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Defines
|
||||||
|
+///////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+#define IP6_PREFIX_INFO_OPTION_DATA_LEN 32
|
||||||
|
+#define OPTION_HEADER_IP6_PREFIX_DATA_LEN (sizeof (IP6_OPTION_HEADER) + IP6_PREFIX_INFO_OPTION_DATA_LEN)
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Symbol Definitions
|
||||||
|
+// These functions are not directly under test - but required to compile
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+UINT32 mIp6Id;
|
||||||
|
+
|
||||||
|
+EFI_STATUS
|
||||||
|
+Ip6SendIcmpError (
|
||||||
|
+ IN IP6_SERVICE *IpSb,
|
||||||
|
+ IN NET_BUF *Packet,
|
||||||
|
+ IN EFI_IPv6_ADDRESS *SourceAddress OPTIONAL,
|
||||||
|
+ IN EFI_IPv6_ADDRESS *DestinationAddress,
|
||||||
|
+ IN UINT8 Type,
|
||||||
|
+ IN UINT8 Code,
|
||||||
|
+ IN UINT32 *Pointer OPTIONAL
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ // ..
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Ip6OptionValidation Tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+// Define a fixture for your tests if needed
|
||||||
|
+class Ip6OptionValidationTest : public ::testing::Test {
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Initialize any resources or variables
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Null option should return false
|
||||||
|
+TEST_F (Ip6OptionValidationTest, NullOptionShouldReturnFalse) {
|
||||||
|
+ UINT8 *option = nullptr;
|
||||||
|
+ UINT16 optionLen = 10; // Provide a suitable length
|
||||||
|
+
|
||||||
|
+ EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Truncated option should return false
|
||||||
|
+TEST_F (Ip6OptionValidationTest, TruncatedOptionShouldReturnFalse) {
|
||||||
|
+ UINT8 option[] = { 0x01 }; // Provide a truncated option
|
||||||
|
+ UINT16 optionLen = 1;
|
||||||
|
+
|
||||||
|
+ EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Ip6OptionPrefixInfo Option with zero length should return false
|
||||||
|
+TEST_F (Ip6OptionValidationTest, OptionWithZeroLengthShouldReturnFalse) {
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = Ip6OptionPrefixInfo;
|
||||||
|
+ optionHeader.Length = 0;
|
||||||
|
+ UINT8 option[sizeof (IP6_OPTION_HEADER)];
|
||||||
|
+
|
||||||
|
+ CopyMem (option, &optionHeader, sizeof (IP6_OPTION_HEADER));
|
||||||
|
+ UINT16 optionLen = sizeof (IP6_OPTION_HEADER);
|
||||||
|
+
|
||||||
|
+ EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Ip6OptionPrefixInfo Option with valid length should return true
|
||||||
|
+TEST_F (Ip6OptionValidationTest, ValidPrefixInfoOptionShouldReturnTrue) {
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = Ip6OptionPrefixInfo;
|
||||||
|
+ optionHeader.Length = 4; // Length 4 * 8 = 32
|
||||||
|
+ UINT8 option[OPTION_HEADER_IP6_PREFIX_DATA_LEN];
|
||||||
|
+
|
||||||
|
+ CopyMem (option, &optionHeader, sizeof (IP6_OPTION_HEADER));
|
||||||
|
+
|
||||||
|
+ EXPECT_TRUE (Ip6IsNDOptionValid (option, IP6_PREFIX_INFO_OPTION_DATA_LEN));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Ip6OptionPrefixInfo Option with invalid length should return false
|
||||||
|
+TEST_F (Ip6OptionValidationTest, InvalidPrefixInfoOptionLengthShouldReturnFalse) {
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = Ip6OptionPrefixInfo;
|
||||||
|
+ optionHeader.Length = 3; // Length 3 * 8 = 24 (Invalid)
|
||||||
|
+ UINT8 option[sizeof (IP6_OPTION_HEADER)];
|
||||||
|
+
|
||||||
|
+ CopyMem (option, &optionHeader, sizeof (IP6_OPTION_HEADER));
|
||||||
|
+ UINT16 optionLen = sizeof (IP6_OPTION_HEADER);
|
||||||
|
+
|
||||||
|
+ EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
index 24dee654df..7fa7b0f9d5 100644
|
||||||
|
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
@@ -26,6 +26,7 @@
|
||||||
|
# Build HOST_APPLICATION that tests NetworkPkg
|
||||||
|
#
|
||||||
|
NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
+ NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
|
||||||
|
# Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests.
|
||||||
|
[LibraryClasses]
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,377 @@
|
|||||||
|
From ff4f1d8227c6c4c89060e24df37defec6d7a07e2 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 15 Feb 2024 11:51:09 -0500
|
||||||
|
Subject: [PATCH 08/18] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Patch
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [8/18] c7bf831954da5b678450f1ba8e34371645959c81
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21847
|
||||||
|
CVE: CVE-2022-45232
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21849
|
||||||
|
CVE: CVE-2022-45233
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 4df0229ef992d4f2721a8508787ebf9dc81fbd6e
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:50 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Patch
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4537
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4538
|
||||||
|
|
||||||
|
Bug Details:
|
||||||
|
PixieFail Bug #4
|
||||||
|
CVE-2023-45232
|
||||||
|
CVSS 7.5 : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
||||||
|
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
|
||||||
|
|
||||||
|
Infinite loop when parsing unknown options in the Destination Options
|
||||||
|
header
|
||||||
|
|
||||||
|
PixieFail Bug #5
|
||||||
|
CVE-2023-45233
|
||||||
|
CVSS 7.5 : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
||||||
|
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
|
||||||
|
|
||||||
|
Infinite loop when parsing a PadN option in the Destination Options
|
||||||
|
header
|
||||||
|
|
||||||
|
Change Overview:
|
||||||
|
|
||||||
|
Most importantly this change corrects the following incorrect math
|
||||||
|
and cleans up the code.
|
||||||
|
|
||||||
|
> // It is a PadN option
|
||||||
|
> //
|
||||||
|
> - Offset = (UINT8)(Offset + *(Option + Offset + 1) + 2);
|
||||||
|
> + OptDataLen = ((EFI_IP6_OPTION *)(Option + Offset))->Length;
|
||||||
|
> + Offset = IP6_NEXT_OPTION_OFFSET (Offset, OptDataLen);
|
||||||
|
|
||||||
|
> case Ip6OptionSkip:
|
||||||
|
> - Offset = (UINT8)(Offset + *(Option + Offset + 1));
|
||||||
|
> OptDataLen = ((EFI_IP6_OPTION *)(Option + Offset))->Length;
|
||||||
|
> Offset = IP6_NEXT_OPTION_OFFSET (Offset, OptDataLen);
|
||||||
|
|
||||||
|
Additionally, this change also corrects incorrect math where the calling
|
||||||
|
function was calculating the HDR EXT optionLen as a uint8 instead of a
|
||||||
|
uint16
|
||||||
|
|
||||||
|
> - OptionLen = (UINT8)((*Option + 1) * 8 - 2);
|
||||||
|
> + OptionLen = IP6_HDR_EXT_LEN (*Option) -
|
||||||
|
IP6_COMBINED_SIZE_OF_NEXT_HDR_AND_LEN;
|
||||||
|
|
||||||
|
Additionally this check adds additional logic to santize the incoming
|
||||||
|
data
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Ip6Dxe/Ip6Nd.h | 35 ++++++++++++++++
|
||||||
|
NetworkPkg/Ip6Dxe/Ip6Option.c | 76 ++++++++++++++++++++++++++++++-----
|
||||||
|
NetworkPkg/Ip6Dxe/Ip6Option.h | 71 ++++++++++++++++++++++++++++++++
|
||||||
|
3 files changed, 171 insertions(+), 11 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/Ip6Nd.h b/NetworkPkg/Ip6Dxe/Ip6Nd.h
|
||||||
|
index 860934a167..bf64e9114e 100644
|
||||||
|
--- a/NetworkPkg/Ip6Dxe/Ip6Nd.h
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/Ip6Nd.h
|
||||||
|
@@ -56,13 +56,48 @@ VOID
|
||||||
|
VOID *Context
|
||||||
|
);
|
||||||
|
|
||||||
|
+//
|
||||||
|
+// Per RFC8200 Section 4.2
|
||||||
|
+//
|
||||||
|
+// Two of the currently-defined extension headers -- the Hop-by-Hop
|
||||||
|
+// Options header and the Destination Options header -- carry a variable
|
||||||
|
+// number of type-length-value (TLV) encoded "options", of the following
|
||||||
|
+// format:
|
||||||
|
+//
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - -
|
||||||
|
+// | Option Type | Opt Data Len | Option Data
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - -
|
||||||
|
+//
|
||||||
|
+// Option Type 8-bit identifier of the type of option.
|
||||||
|
+//
|
||||||
|
+// Opt Data Len 8-bit unsigned integer. Length of the Option
|
||||||
|
+// Data field of this option, in octets.
|
||||||
|
+//
|
||||||
|
+// Option Data Variable-length field. Option-Type-specific
|
||||||
|
+// data.
|
||||||
|
+//
|
||||||
|
typedef struct _IP6_OPTION_HEADER {
|
||||||
|
+ ///
|
||||||
|
+ /// identifier of the type of option.
|
||||||
|
+ ///
|
||||||
|
UINT8 Type;
|
||||||
|
+ ///
|
||||||
|
+ /// Length of the Option Data field of this option, in octets.
|
||||||
|
+ ///
|
||||||
|
UINT8 Length;
|
||||||
|
+ ///
|
||||||
|
+ /// Option-Type-specific data.
|
||||||
|
+ ///
|
||||||
|
} IP6_OPTION_HEADER;
|
||||||
|
|
||||||
|
STATIC_ASSERT (sizeof (IP6_OPTION_HEADER) == 2, "IP6_OPTION_HEADER is expected to be exactly 2 bytes long.");
|
||||||
|
|
||||||
|
+#define IP6_NEXT_OPTION_OFFSET(offset, length) (offset + sizeof(IP6_OPTION_HEADER) + length)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ IP6_NEXT_OPTION_OFFSET (0, 0) == 2,
|
||||||
|
+ "The next option is minimally the combined size of the option tag and length"
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
typedef struct _IP6_ETHE_ADDR_OPTION {
|
||||||
|
UINT8 Type;
|
||||||
|
UINT8 Length;
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/Ip6Option.c b/NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
index 8718d5d875..fd97ce116f 100644
|
||||||
|
--- a/NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
@@ -17,7 +17,8 @@
|
||||||
|
@param[in] IpSb The IP6 service data.
|
||||||
|
@param[in] Packet The to be validated packet.
|
||||||
|
@param[in] Option The first byte of the option.
|
||||||
|
- @param[in] OptionLen The length of the whole option.
|
||||||
|
+ @param[in] OptionLen The length of all options, expressed in byte length of octets.
|
||||||
|
+ Maximum length is 2046 bytes or ((n + 1) * 8) - 2 where n is 255.
|
||||||
|
@param[in] Pointer Identifies the octet offset within
|
||||||
|
the invoking packet where the error was detected.
|
||||||
|
|
||||||
|
@@ -31,12 +32,33 @@ Ip6IsOptionValid (
|
||||||
|
IN IP6_SERVICE *IpSb,
|
||||||
|
IN NET_BUF *Packet,
|
||||||
|
IN UINT8 *Option,
|
||||||
|
- IN UINT8 OptionLen,
|
||||||
|
+ IN UINT16 OptionLen,
|
||||||
|
IN UINT32 Pointer
|
||||||
|
)
|
||||||
|
{
|
||||||
|
- UINT8 Offset;
|
||||||
|
- UINT8 OptionType;
|
||||||
|
+ UINT16 Offset;
|
||||||
|
+ UINT8 OptionType;
|
||||||
|
+ UINT8 OptDataLen;
|
||||||
|
+
|
||||||
|
+ if (Option == NULL) {
|
||||||
|
+ ASSERT (Option != NULL);
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if ((OptionLen <= 0) || (OptionLen > IP6_MAX_EXT_DATA_LENGTH)) {
|
||||||
|
+ ASSERT (OptionLen > 0 && OptionLen <= IP6_MAX_EXT_DATA_LENGTH);
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (Packet == NULL) {
|
||||||
|
+ ASSERT (Packet != NULL);
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (IpSb == NULL) {
|
||||||
|
+ ASSERT (IpSb != NULL);
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Offset = 0;
|
||||||
|
|
||||||
|
@@ -54,7 +76,8 @@ Ip6IsOptionValid (
|
||||||
|
//
|
||||||
|
// It is a PadN option
|
||||||
|
//
|
||||||
|
- Offset = (UINT8)(Offset + *(Option + Offset + 1) + 2);
|
||||||
|
+ OptDataLen = ((IP6_OPTION_HEADER *)(Option + Offset))->Length;
|
||||||
|
+ Offset = IP6_NEXT_OPTION_OFFSET (Offset, OptDataLen);
|
||||||
|
break;
|
||||||
|
case Ip6OptionRouterAlert:
|
||||||
|
//
|
||||||
|
@@ -69,7 +92,8 @@ Ip6IsOptionValid (
|
||||||
|
//
|
||||||
|
switch (OptionType & Ip6OptionMask) {
|
||||||
|
case Ip6OptionSkip:
|
||||||
|
- Offset = (UINT8)(Offset + *(Option + Offset + 1));
|
||||||
|
+ OptDataLen = ((IP6_OPTION_HEADER *)(Option + Offset))->Length;
|
||||||
|
+ Offset = IP6_NEXT_OPTION_OFFSET (Offset, OptDataLen);
|
||||||
|
break;
|
||||||
|
case Ip6OptionDiscard:
|
||||||
|
return FALSE;
|
||||||
|
@@ -308,7 +332,7 @@ Ip6IsExtsValid (
|
||||||
|
UINT32 Pointer;
|
||||||
|
UINT32 Offset;
|
||||||
|
UINT8 *Option;
|
||||||
|
- UINT8 OptionLen;
|
||||||
|
+ UINT16 OptionLen;
|
||||||
|
BOOLEAN Flag;
|
||||||
|
UINT8 CountD;
|
||||||
|
UINT8 CountA;
|
||||||
|
@@ -385,6 +409,36 @@ Ip6IsExtsValid (
|
||||||
|
// Fall through
|
||||||
|
//
|
||||||
|
case IP6_DESTINATION:
|
||||||
|
+ //
|
||||||
|
+ // See https://www.rfc-editor.org/rfc/rfc2460#section-4.2 page 23
|
||||||
|
+ //
|
||||||
|
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+ // | Next Header | Hdr Ext Len | |
|
||||||
|
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
|
||||||
|
+ // | |
|
||||||
|
+ // . .
|
||||||
|
+ // . Options .
|
||||||
|
+ // . .
|
||||||
|
+ // | |
|
||||||
|
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+ //
|
||||||
|
+ //
|
||||||
|
+ // Next Header 8-bit selector. Identifies the type of header
|
||||||
|
+ // immediately following the Destination Options
|
||||||
|
+ // header. Uses the same values as the IPv4
|
||||||
|
+ // Protocol field [RFC-1700 et seq.].
|
||||||
|
+ //
|
||||||
|
+ // Hdr Ext Len 8-bit unsigned integer. Length of the
|
||||||
|
+ // Destination Options header in 8-octet units, not
|
||||||
|
+ // including the first 8 octets.
|
||||||
|
+ //
|
||||||
|
+ // Options Variable-length field, of length such that the
|
||||||
|
+ // complete Destination Options header is an
|
||||||
|
+ // integer multiple of 8 octets long. Contains one
|
||||||
|
+ // or more TLV-encoded options, as described in
|
||||||
|
+ // section 4.2.
|
||||||
|
+ //
|
||||||
|
+
|
||||||
|
if (*NextHeader == IP6_DESTINATION) {
|
||||||
|
CountD++;
|
||||||
|
}
|
||||||
|
@@ -398,7 +452,7 @@ Ip6IsExtsValid (
|
||||||
|
|
||||||
|
Offset++;
|
||||||
|
Option = ExtHdrs + Offset;
|
||||||
|
- OptionLen = (UINT8)((*Option + 1) * 8 - 2);
|
||||||
|
+ OptionLen = IP6_HDR_EXT_LEN (*Option) - sizeof (IP6_EXT_HDR);
|
||||||
|
Option++;
|
||||||
|
Offset++;
|
||||||
|
|
||||||
|
@@ -430,7 +484,7 @@ Ip6IsExtsValid (
|
||||||
|
//
|
||||||
|
// Ignore the routing header and proceed to process the next header.
|
||||||
|
//
|
||||||
|
- Offset = Offset + (RoutingHead->HeaderLen + 1) * 8;
|
||||||
|
+ Offset = Offset + IP6_HDR_EXT_LEN (RoutingHead->HeaderLen);
|
||||||
|
|
||||||
|
if (UnFragmentLen != NULL) {
|
||||||
|
*UnFragmentLen = Offset;
|
||||||
|
@@ -441,7 +495,7 @@ Ip6IsExtsValid (
|
||||||
|
// to the packet's source address, pointing to the unrecognized routing
|
||||||
|
// type.
|
||||||
|
//
|
||||||
|
- Pointer = Offset + 2 + sizeof (EFI_IP6_HEADER);
|
||||||
|
+ Pointer = Offset + sizeof (IP6_EXT_HDR) + sizeof (EFI_IP6_HEADER);
|
||||||
|
if ((IpSb != NULL) && (Packet != NULL) &&
|
||||||
|
!IP6_IS_MULTICAST (&Packet->Ip.Ip6->DestinationAddress))
|
||||||
|
{
|
||||||
|
@@ -527,7 +581,7 @@ Ip6IsExtsValid (
|
||||||
|
//
|
||||||
|
// RFC2402, Payload length is specified in 32-bit words, minus "2".
|
||||||
|
//
|
||||||
|
- OptionLen = (UINT8)((*Option + 2) * 4);
|
||||||
|
+ OptionLen = ((UINT16)(*Option + 2) * 4);
|
||||||
|
Offset = Offset + OptionLen;
|
||||||
|
break;
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/Ip6Option.h b/NetworkPkg/Ip6Dxe/Ip6Option.h
|
||||||
|
index bd8e223c8a..fb07c28f5a 100644
|
||||||
|
--- a/NetworkPkg/Ip6Dxe/Ip6Option.h
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/Ip6Option.h
|
||||||
|
@@ -12,6 +12,77 @@
|
||||||
|
|
||||||
|
#define IP6_FRAGMENT_OFFSET_MASK (~0x3)
|
||||||
|
|
||||||
|
+//
|
||||||
|
+// For more information see RFC 8200, Section 4.3, 4.4, and 4.6
|
||||||
|
+//
|
||||||
|
+// This example format is from section 4.6
|
||||||
|
+// This does not apply to fragment headers
|
||||||
|
+//
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | Next Header | Hdr Ext Len | |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
|
||||||
|
+// | |
|
||||||
|
+// . .
|
||||||
|
+// . Header-Specific Data .
|
||||||
|
+// . .
|
||||||
|
+// | |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+//
|
||||||
|
+// Next Header 8-bit selector. Identifies the type of
|
||||||
|
+// header immediately following the extension
|
||||||
|
+// header. Uses the same values as the IPv4
|
||||||
|
+// Protocol field [IANA-PN].
|
||||||
|
+//
|
||||||
|
+// Hdr Ext Len 8-bit unsigned integer. Length of the
|
||||||
|
+// Destination Options header in 8-octet units,
|
||||||
|
+// not including the first 8 octets.
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// These defines apply to the following:
|
||||||
|
+// 1. Hop by Hop
|
||||||
|
+// 2. Routing
|
||||||
|
+// 3. Destination
|
||||||
|
+//
|
||||||
|
+typedef struct _IP6_EXT_HDR {
|
||||||
|
+ ///
|
||||||
|
+ /// The Next Header field identifies the type of header immediately
|
||||||
|
+ ///
|
||||||
|
+ UINT8 NextHeader;
|
||||||
|
+ ///
|
||||||
|
+ /// The Hdr Ext Len field specifies the length of the Hop-by-Hop Options
|
||||||
|
+ ///
|
||||||
|
+ UINT8 HdrExtLen;
|
||||||
|
+ ///
|
||||||
|
+ /// Header-Specific Data
|
||||||
|
+ ///
|
||||||
|
+} IP6_EXT_HDR;
|
||||||
|
+
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ sizeof (IP6_EXT_HDR) == 2,
|
||||||
|
+ "The combined size of Next Header and Len is two 8 bit fields"
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// IPv6 extension headers contain an 8-bit length field which describes the size of
|
||||||
|
+// the header. However, the length field only includes the size of the extension
|
||||||
|
+// header options, not the size of the first 8 bytes of the header. Therefore, in
|
||||||
|
+// order to calculate the full size of the extension header, we add 1 (to account
|
||||||
|
+// for the first 8 bytes omitted by the length field reporting) and then multiply
|
||||||
|
+// by 8 (since the size is represented in 8-byte units).
|
||||||
|
+//
|
||||||
|
+// a is the length field of the extension header (UINT8)
|
||||||
|
+// The result may be up to 2046 octets (UINT16)
|
||||||
|
+//
|
||||||
|
+#define IP6_HDR_EXT_LEN(a) (((UINT16)((UINT8)(a)) + 1) * 8)
|
||||||
|
+
|
||||||
|
+// This is the maxmimum length permissible by a extension header
|
||||||
|
+// Length is UINT8 of 8 octets not including the first 8 octets
|
||||||
|
+#define IP6_MAX_EXT_DATA_LENGTH (IP6_HDR_EXT_LEN (MAX_UINT8) - sizeof(IP6_EXT_HDR))
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ IP6_MAX_EXT_DATA_LENGTH == 2046,
|
||||||
|
+ "Maximum data length is ((MAX_UINT8 + 1) * 8) - 2"
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
typedef struct _IP6_FRAGMENT_HEADER {
|
||||||
|
UINT8 NextHeader;
|
||||||
|
UINT8 Reserved;
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,430 @@
|
|||||||
|
From dab03ad5334af1c93797119f2eeda6ce757461f8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Wed, 14 Feb 2024 20:25:29 -0500
|
||||||
|
Subject: [PATCH 09/18] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Unit
|
||||||
|
Tests
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [9/18] f68829a7f34f5a09a02d28cc5cfd109f90c442da
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21847
|
||||||
|
CVE: CVE-2022-45232
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit c9c87f08dd6ace36fa843424522c3558a8374cac
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:51 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Unit Tests
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4537
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4538
|
||||||
|
|
||||||
|
Unit tests to confirm that..
|
||||||
|
Infinite loop when parsing unknown options in the Destination Options
|
||||||
|
header
|
||||||
|
|
||||||
|
and
|
||||||
|
|
||||||
|
Infinite loop when parsing a PadN option in the Destination Options
|
||||||
|
header
|
||||||
|
|
||||||
|
... have been patched
|
||||||
|
|
||||||
|
This patch tests the following functions:
|
||||||
|
Ip6IsOptionValid
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf | 10 +-
|
||||||
|
.../Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp | 278 ++++++++++++++++++
|
||||||
|
.../Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h | 40 +++
|
||||||
|
3 files changed, 324 insertions(+), 4 deletions(-)
|
||||||
|
create mode 100644 NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
index 6e4de0745f..ba29dbabad 100644
|
||||||
|
--- a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
@@ -1,13 +1,13 @@
|
||||||
|
## @file
|
||||||
|
-# Unit test suite for the Ip6Dxe using Google Test
|
||||||
|
+# Unit test suite for the Ip6DxeGoogleTest using Google Test
|
||||||
|
#
|
||||||
|
# Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
##
|
||||||
|
[Defines]
|
||||||
|
INF_VERSION = 0x00010017
|
||||||
|
- BASE_NAME = Ip6DxeUnitTest
|
||||||
|
- FILE_GUID = 4F05D17D-D3E7-4AAE-820C-576D46D2D34A
|
||||||
|
+ BASE_NAME = Ip6DxeGoogleTest
|
||||||
|
+ FILE_GUID = AE39981C-B7FE-41A8-A9C2-F41910477CA3
|
||||||
|
VERSION_STRING = 1.0
|
||||||
|
MODULE_TYPE = HOST_APPLICATION
|
||||||
|
#
|
||||||
|
@@ -16,9 +16,11 @@
|
||||||
|
# VALID_ARCHITECTURES = IA32 X64 AARCH64
|
||||||
|
#
|
||||||
|
[Sources]
|
||||||
|
+ ../Ip6Option.c
|
||||||
|
+ Ip6OptionGoogleTest.h
|
||||||
|
Ip6DxeGoogleTest.cpp
|
||||||
|
Ip6OptionGoogleTest.cpp
|
||||||
|
- ../Ip6Option.c
|
||||||
|
+ Ip6OptionGoogleTest.h
|
||||||
|
|
||||||
|
[Packages]
|
||||||
|
MdePkg/MdePkg.dec
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp
|
||||||
|
index f2cd90e1a9..29f8a4a96e 100644
|
||||||
|
--- a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp
|
||||||
|
@@ -12,6 +12,7 @@ extern "C" {
|
||||||
|
#include <Library/DebugLib.h>
|
||||||
|
#include "../Ip6Impl.h"
|
||||||
|
#include "../Ip6Option.h"
|
||||||
|
+ #include "Ip6OptionGoogleTest.h"
|
||||||
|
}
|
||||||
|
|
||||||
|
/////////////////////////////////////////////////////////////////////////
|
||||||
|
@@ -127,3 +128,280 @@ TEST_F (Ip6OptionValidationTest, InvalidPrefixInfoOptionLengthShouldReturnFalse)
|
||||||
|
|
||||||
|
EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Ip6IsOptionValid Tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+// Define a fixture for your tests if needed
|
||||||
|
+class Ip6IsOptionValidTest : public ::testing::Test {
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Initialize any resources or variables
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify that a NULL option is Invalid
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, NullOptionShouldReturnTrue) {
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ IP6_SERVICE *IpSb = NULL;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ EXPECT_FALSE (Ip6IsOptionValid (IpSb, &Packet, NULL, 0, 0));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify that an unknown option with a length of 0 and type of <unknown> does not cause an infinite loop
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, VerifyNoInfiniteLoopOnUnknownOptionLength0) {
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ UINT32 DeadCode = 0xDeadC0de;
|
||||||
|
+ // Don't actually use this pointer, just pass it to the function, nothing will be done with it
|
||||||
|
+ IP6_SERVICE *IpSb = (IP6_SERVICE *)&DeadCode;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = 23; // Unknown Option
|
||||||
|
+ optionHeader.Length = 0; // This will cause an infinite loop if the function is not working correctly
|
||||||
|
+
|
||||||
|
+ // This should be a valid option even though the length is 0
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify that an unknown option with a length of 1 and type of <unknown> does not cause an infinite loop
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, VerifyNoInfiniteLoopOnUnknownOptionLength1) {
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ UINT32 DeadCode = 0xDeadC0de;
|
||||||
|
+ // Don't actually use this pointer, just pass it to the function, nothing will be done with it
|
||||||
|
+ IP6_SERVICE *IpSb = (IP6_SERVICE *)&DeadCode;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = 23; // Unknown Option
|
||||||
|
+ optionHeader.Length = 1; // This will cause an infinite loop if the function is not working correctly
|
||||||
|
+
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify that an unknown option with a length of 2 and type of <unknown> does not cause an infinite loop
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, VerifyIpSkipUnknownOption) {
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ UINT32 DeadCode = 0xDeadC0de;
|
||||||
|
+ // Don't actually use this pointer, just pass it to the function, nothing will be done with it
|
||||||
|
+ IP6_SERVICE *IpSb = (IP6_SERVICE *)&DeadCode;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = 23; // Unknown Option
|
||||||
|
+ optionHeader.Length = 2; // Valid length for an unknown option
|
||||||
|
+
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify that Ip6OptionPad1 is valid with a length of 0
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, VerifyIp6OptionPad1) {
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ UINT32 DeadCode = 0xDeadC0de;
|
||||||
|
+ // Don't actually use this pointer, just pass it to the function, nothing will be done with it
|
||||||
|
+ IP6_SERVICE *IpSb = (IP6_SERVICE *)&DeadCode;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = Ip6OptionPad1;
|
||||||
|
+ optionHeader.Length = 0;
|
||||||
|
+
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify that Ip6OptionPadN doesn't overflow with various lengths
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, VerifyIp6OptionPadN) {
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ UINT32 DeadCode = 0xDeadC0de;
|
||||||
|
+ // Don't actually use this pointer, just pass it to the function, nothing will be done with it
|
||||||
|
+ IP6_SERVICE *IpSb = (IP6_SERVICE *)&DeadCode;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = Ip6OptionPadN;
|
||||||
|
+ optionHeader.Length = 0xFF;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+
|
||||||
|
+ optionHeader.Length = 0xFE;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+
|
||||||
|
+ optionHeader.Length = 0xFD;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+
|
||||||
|
+ optionHeader.Length = 0xFC;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify an unknown option doesn't cause an infinite loop with various lengths
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, VerifyNoInfiniteLoopOnUnknownOptionLengthAttemptOverflow) {
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ UINT32 DeadCode = 0xDeadC0de;
|
||||||
|
+ // Don't actually use this pointer, just pass it to the function, nothing will be done with it
|
||||||
|
+ IP6_SERVICE *IpSb = (IP6_SERVICE *)&DeadCode;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = 23; // Unknown Option
|
||||||
|
+ optionHeader.Length = 0xFF;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+
|
||||||
|
+ optionHeader.Length = 0xFE;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+
|
||||||
|
+ optionHeader.Length = 0xFD;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+
|
||||||
|
+ optionHeader.Length = 0xFC;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify that the function supports multiple options
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, MultiOptionSupport) {
|
||||||
|
+ UINT16 HdrLen;
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ UINT32 DeadCode = 0xDeadC0de;
|
||||||
|
+ // Don't actually use this pointer, just pass it to the function, nothing will be done with it
|
||||||
|
+ IP6_SERVICE *IpSb = (IP6_SERVICE *)&DeadCode;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ UINT8 ExtHdr[1024] = { 0 };
|
||||||
|
+ UINT8 *Cursor = ExtHdr;
|
||||||
|
+ IP6_OPTION_HEADER *Option = (IP6_OPTION_HEADER *)ExtHdr;
|
||||||
|
+
|
||||||
|
+ // Let's start chaining options
|
||||||
|
+
|
||||||
|
+ Option->Type = 23; // Unknown Option
|
||||||
|
+ Option->Length = 0xFC;
|
||||||
|
+
|
||||||
|
+ Cursor += sizeof (IP6_OPTION_HEADER) + 0xFC;
|
||||||
|
+
|
||||||
|
+ Option = (IP6_OPTION_HEADER *)Cursor;
|
||||||
|
+ Option->Type = Ip6OptionPad1;
|
||||||
|
+
|
||||||
|
+ Cursor += sizeof (1);
|
||||||
|
+
|
||||||
|
+ // Type and length aren't processed, instead it just moves the pointer forward by 4 bytes
|
||||||
|
+ Option = (IP6_OPTION_HEADER *)Cursor;
|
||||||
|
+ Option->Type = Ip6OptionRouterAlert;
|
||||||
|
+ Option->Length = 4;
|
||||||
|
+
|
||||||
|
+ Cursor += sizeof (IP6_OPTION_HEADER) + 4;
|
||||||
|
+
|
||||||
|
+ Option = (IP6_OPTION_HEADER *)Cursor;
|
||||||
|
+ Option->Type = Ip6OptionPadN;
|
||||||
|
+ Option->Length = 0xFC;
|
||||||
|
+
|
||||||
|
+ Cursor += sizeof (IP6_OPTION_HEADER) + 0xFC;
|
||||||
|
+
|
||||||
|
+ Option = (IP6_OPTION_HEADER *)Cursor;
|
||||||
|
+ Option->Type = Ip6OptionRouterAlert;
|
||||||
|
+ Option->Length = 4;
|
||||||
|
+
|
||||||
|
+ Cursor += sizeof (IP6_OPTION_HEADER) + 4;
|
||||||
|
+
|
||||||
|
+ // Total 524
|
||||||
|
+
|
||||||
|
+ HdrLen = (UINT16)(Cursor - ExtHdr);
|
||||||
|
+
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, ExtHdr, HdrLen, 0));
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..0509b6ae30
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h
|
||||||
|
@@ -0,0 +1,40 @@
|
||||||
|
+/** @file
|
||||||
|
+ Exposes the functions needed to test the Ip6Option module.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+
|
||||||
|
+#ifndef IP6_OPTION_HEADER_GOOGLE_TEST_H_
|
||||||
|
+#define IP6_OPTION_HEADER_GOOGLE_TEST_H_
|
||||||
|
+
|
||||||
|
+#include <Uefi.h>
|
||||||
|
+#include "../Ip6Impl.h"
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Validate the IP6 option format for both the packets we received
|
||||||
|
+ and that we will transmit. It will compute the ICMPv6 error message fields
|
||||||
|
+ if the option is malformatted.
|
||||||
|
+
|
||||||
|
+ @param[in] IpSb The IP6 service data.
|
||||||
|
+ @param[in] Packet The to be validated packet.
|
||||||
|
+ @param[in] Option The first byte of the option.
|
||||||
|
+ @param[in] OptionLen The length of the whole option.
|
||||||
|
+ @param[in] Pointer Identifies the octet offset within
|
||||||
|
+ the invoking packet where the error was detected.
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+ @retval TRUE The option is properly formatted.
|
||||||
|
+ @retval FALSE The option is malformatted.
|
||||||
|
+
|
||||||
|
+**/
|
||||||
|
+BOOLEAN
|
||||||
|
+Ip6IsOptionValid (
|
||||||
|
+ IN IP6_SERVICE *IpSb,
|
||||||
|
+ IN NET_BUF *Packet,
|
||||||
|
+ IN UINT8 *Option,
|
||||||
|
+ IN UINT16 OptionLen,
|
||||||
|
+ IN UINT32 Pointer
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+#endif // __IP6_OPTION_HEADER_GOOGLE_TEST_H__
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,841 @@
|
|||||||
|
From 6f0cf9f14b1abefa62416c1611f01d6fb3353c44 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Tue, 11 Jun 2024 15:20:29 -0400
|
||||||
|
Subject: [PATCH 2/8] NetworkPkg TcpDxe: SECURITY PATCH CVE-2023-45236
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 75: NetworkPkg: SECURITY PATCH CVE-2023-45236 and CVE-2023-45237
|
||||||
|
RH-Jira: RHEL-40270 RHEL-40272
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [2/8] 18e88b5def6b058ecd4ffa565ef6f3bafe6f03ad
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-40272
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45236
|
||||||
|
|
||||||
|
commit 1904a64bcc18199738e5be183d28887ac5d837d7
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Wed May 8 22:56:29 2024 -0700
|
||||||
|
|
||||||
|
NetworkPkg TcpDxe: SECURITY PATCH CVE-2023-45236
|
||||||
|
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4541
|
||||||
|
REF: https://www.rfc-editor.org/rfc/rfc1948.txt
|
||||||
|
REF: https://www.rfc-editor.org/rfc/rfc6528.txt
|
||||||
|
REF: https://www.rfc-editor.org/rfc/rfc9293.txt
|
||||||
|
|
||||||
|
Bug Overview:
|
||||||
|
PixieFail Bug #8
|
||||||
|
CVE-2023-45236
|
||||||
|
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
|
||||||
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
|
||||||
|
|
||||||
|
Updates TCP ISN generation to use a cryptographic hash of the
|
||||||
|
connection's identifying parameters and a secret key.
|
||||||
|
This prevents an attacker from guessing the ISN used for some other
|
||||||
|
connection.
|
||||||
|
|
||||||
|
This is follows the guidance in RFC 1948, RFC 6528, and RFC 9293.
|
||||||
|
|
||||||
|
RFC: 9293 Section 3.4.1. Initial Sequence Number Selection
|
||||||
|
|
||||||
|
A TCP implementation MUST use the above type of "clock" for clock-
|
||||||
|
driven selection of initial sequence numbers (MUST-8), and SHOULD
|
||||||
|
generate its initial sequence numbers with the expression:
|
||||||
|
|
||||||
|
ISN = M + F(localip, localport, remoteip, remoteport, secretkey)
|
||||||
|
|
||||||
|
where M is the 4 microsecond timer, and F() is a pseudorandom
|
||||||
|
function (PRF) of the connection's identifying parameters ("localip,
|
||||||
|
localport, remoteip, remoteport") and a secret key ("secretkey")
|
||||||
|
(SHLD-1). F() MUST NOT be computable from the outside (MUST-9), or
|
||||||
|
an attacker could still guess at sequence numbers from the ISN used
|
||||||
|
for some other connection. The PRF could be implemented as a
|
||||||
|
cryptographic hash of the concatenation of the TCP connection
|
||||||
|
parameters and some secret data. For discussion of the selection of
|
||||||
|
a specific hash algorithm and management of the secret key data,
|
||||||
|
please see Section 3 of [42].
|
||||||
|
|
||||||
|
For each connection there is a send sequence number and a receive
|
||||||
|
sequence number. The initial send sequence number (ISS) is chosen by
|
||||||
|
the data sending TCP peer, and the initial receive sequence number
|
||||||
|
(IRS) is learned during the connection-establishing procedure.
|
||||||
|
|
||||||
|
For a connection to be established or initialized, the two TCP peers
|
||||||
|
must synchronize on each other's initial sequence numbers. This is
|
||||||
|
done in an exchange of connection-establishing segments carrying a
|
||||||
|
control bit called "SYN" (for synchronize) and the initial sequence
|
||||||
|
numbers. As a shorthand, segments carrying the SYN bit are also
|
||||||
|
called "SYNs". Hence, the solution requires a suitable mechanism for
|
||||||
|
picking an initial sequence number and a slightly involved handshake
|
||||||
|
to exchange the ISNs.
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/SecurityFixes.yaml | 22 +++
|
||||||
|
NetworkPkg/TcpDxe/TcpDriver.c | 92 ++++++++++++-
|
||||||
|
NetworkPkg/TcpDxe/TcpDxe.inf | 8 +-
|
||||||
|
NetworkPkg/TcpDxe/TcpFunc.h | 23 ++--
|
||||||
|
NetworkPkg/TcpDxe/TcpInput.c | 13 +-
|
||||||
|
NetworkPkg/TcpDxe/TcpMain.h | 59 ++++++--
|
||||||
|
NetworkPkg/TcpDxe/TcpMisc.c | 244 ++++++++++++++++++++++++++++++++--
|
||||||
|
NetworkPkg/TcpDxe/TcpTimer.c | 3 +-
|
||||||
|
8 files changed, 415 insertions(+), 49 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/SecurityFixes.yaml b/NetworkPkg/SecurityFixes.yaml
|
||||||
|
index 20a4555019..4305328425 100644
|
||||||
|
--- a/NetworkPkg/SecurityFixes.yaml
|
||||||
|
+++ b/NetworkPkg/SecurityFixes.yaml
|
||||||
|
@@ -122,6 +122,28 @@ CVE_2023_45235:
|
||||||
|
- http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
- http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
- https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
+CVE_2023_45236:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: TcpDxe: SECURITY PATCH CVE-2023-45236 Patch"
|
||||||
|
+ cve: CVE-2023-45236
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 08 - edk2/NetworkPkg: Predictable TCP Initial Sequence Numbers"
|
||||||
|
+ note:
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg/Include/Library/NetLib.h
|
||||||
|
+ - NetworkPkg/TcpDxe/TcpDriver.c
|
||||||
|
+ - NetworkPkg/TcpDxe/TcpDxe.inf
|
||||||
|
+ - NetworkPkg/TcpDxe/TcpFunc.h
|
||||||
|
+ - NetworkPkg/TcpDxe/TcpInput.c
|
||||||
|
+ - NetworkPkg/TcpDxe/TcpMain.h
|
||||||
|
+ - NetworkPkg/TcpDxe/TcpMisc.c
|
||||||
|
+ - NetworkPkg/TcpDxe/TcpTimer.c
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4541
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45236
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
CVE_2023_45237:
|
||||||
|
commit_titles:
|
||||||
|
- "NetworkPkg:: SECURITY PATCH CVE 2023-45237"
|
||||||
|
diff --git a/NetworkPkg/TcpDxe/TcpDriver.c b/NetworkPkg/TcpDxe/TcpDriver.c
|
||||||
|
index 8fe6badd68..40bba4080c 100644
|
||||||
|
--- a/NetworkPkg/TcpDxe/TcpDriver.c
|
||||||
|
+++ b/NetworkPkg/TcpDxe/TcpDriver.c
|
||||||
|
@@ -83,6 +83,12 @@ EFI_SERVICE_BINDING_PROTOCOL gTcpServiceBinding = {
|
||||||
|
TcpServiceBindingDestroyChild
|
||||||
|
};
|
||||||
|
|
||||||
|
+//
|
||||||
|
+// This is the handle for the Hash2ServiceBinding Protocol instance this driver produces
|
||||||
|
+// if the platform does not provide one.
|
||||||
|
+//
|
||||||
|
+EFI_HANDLE mHash2ServiceHandle = NULL;
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
Create and start the heartbeat timer for the TCP driver.
|
||||||
|
|
||||||
|
@@ -165,6 +171,23 @@ TcpDriverEntryPoint (
|
||||||
|
EFI_STATUS Status;
|
||||||
|
UINT32 Random;
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Initialize the Secret used for hashing TCP sequence numbers
|
||||||
|
+ //
|
||||||
|
+ // Normally this should be regenerated periodically, but since
|
||||||
|
+ // this is only used for UEFI networking and not a general purpose
|
||||||
|
+ // operating system, it is not necessary to regenerate it.
|
||||||
|
+ //
|
||||||
|
+ Status = PseudoRandomU32 (&mTcpGlobalSecret);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Get a random number used to generate a random port number
|
||||||
|
+ // Intentionally not linking this to mTcpGlobalSecret to avoid leaking information about the secret
|
||||||
|
+ //
|
||||||
|
Status = PseudoRandomU32 (&Random);
|
||||||
|
if (EFI_ERROR (Status)) {
|
||||||
|
DEBUG ((DEBUG_ERROR, "%a Failed to generate random number: %r\n", __func__, Status));
|
||||||
|
@@ -207,9 +230,8 @@ TcpDriverEntryPoint (
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
- // Initialize ISS and random port.
|
||||||
|
+ // Initialize the random port.
|
||||||
|
//
|
||||||
|
- mTcpGlobalIss = Random % mTcpGlobalIss;
|
||||||
|
mTcp4RandomPort = (UINT16)(TCP_PORT_KNOWN + (Random % TCP_PORT_KNOWN));
|
||||||
|
mTcp6RandomPort = mTcp4RandomPort;
|
||||||
|
|
||||||
|
@@ -224,6 +246,8 @@ TcpDriverEntryPoint (
|
||||||
|
@param[in] IpVersion IP_VERSION_4 or IP_VERSION_6.
|
||||||
|
|
||||||
|
@retval EFI_OUT_OF_RESOURCES Failed to allocate some resources.
|
||||||
|
+ @retval EFI_UNSUPPORTED Service Binding Protocols are unavailable.
|
||||||
|
+ @retval EFI_ALREADY_STARTED The TCP driver is already started on the controller.
|
||||||
|
@retval EFI_SUCCESS A new IP6 service binding private was created.
|
||||||
|
|
||||||
|
**/
|
||||||
|
@@ -234,11 +258,13 @@ TcpCreateService (
|
||||||
|
IN UINT8 IpVersion
|
||||||
|
)
|
||||||
|
{
|
||||||
|
- EFI_STATUS Status;
|
||||||
|
- EFI_GUID *IpServiceBindingGuid;
|
||||||
|
- EFI_GUID *TcpServiceBindingGuid;
|
||||||
|
- TCP_SERVICE_DATA *TcpServiceData;
|
||||||
|
- IP_IO_OPEN_DATA OpenData;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ EFI_GUID *IpServiceBindingGuid;
|
||||||
|
+ EFI_GUID *TcpServiceBindingGuid;
|
||||||
|
+ TCP_SERVICE_DATA *TcpServiceData;
|
||||||
|
+ IP_IO_OPEN_DATA OpenData;
|
||||||
|
+ EFI_SERVICE_BINDING_PROTOCOL *Hash2ServiceBinding;
|
||||||
|
+ EFI_HASH2_PROTOCOL *Hash2Protocol;
|
||||||
|
|
||||||
|
if (IpVersion == IP_VERSION_4) {
|
||||||
|
IpServiceBindingGuid = &gEfiIp4ServiceBindingProtocolGuid;
|
||||||
|
@@ -272,6 +298,33 @@ TcpCreateService (
|
||||||
|
return EFI_UNSUPPORTED;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ Status = gBS->LocateProtocol (&gEfiHash2ProtocolGuid, NULL, (VOID **)&Hash2Protocol);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ //
|
||||||
|
+ // If we can't find the Hashing protocol, then we need to create one.
|
||||||
|
+ //
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Platform is expected to publish the hash service binding protocol to support TCP.
|
||||||
|
+ //
|
||||||
|
+ Status = gBS->LocateProtocol (
|
||||||
|
+ &gEfiHash2ServiceBindingProtocolGuid,
|
||||||
|
+ NULL,
|
||||||
|
+ (VOID **)&Hash2ServiceBinding
|
||||||
|
+ );
|
||||||
|
+ if (EFI_ERROR (Status) || (Hash2ServiceBinding == NULL) || (Hash2ServiceBinding->CreateChild == NULL)) {
|
||||||
|
+ return EFI_UNSUPPORTED;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Create an instance of the hash protocol for this controller.
|
||||||
|
+ //
|
||||||
|
+ Status = Hash2ServiceBinding->CreateChild (Hash2ServiceBinding, &mHash2ServiceHandle);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ return EFI_UNSUPPORTED;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Create the TCP service data.
|
||||||
|
//
|
||||||
|
@@ -423,6 +476,7 @@ TcpDestroyService (
|
||||||
|
EFI_STATUS Status;
|
||||||
|
LIST_ENTRY *List;
|
||||||
|
TCP_DESTROY_CHILD_IN_HANDLE_BUF_CONTEXT Context;
|
||||||
|
+ EFI_SERVICE_BINDING_PROTOCOL *Hash2ServiceBinding;
|
||||||
|
|
||||||
|
ASSERT ((IpVersion == IP_VERSION_4) || (IpVersion == IP_VERSION_6));
|
||||||
|
|
||||||
|
@@ -439,6 +493,30 @@ TcpDestroyService (
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Destroy the Hash2ServiceBinding instance if it is created by Tcp driver.
|
||||||
|
+ //
|
||||||
|
+ if (mHash2ServiceHandle != NULL) {
|
||||||
|
+ Status = gBS->LocateProtocol (
|
||||||
|
+ &gEfiHash2ServiceBindingProtocolGuid,
|
||||||
|
+ NULL,
|
||||||
|
+ (VOID **)&Hash2ServiceBinding
|
||||||
|
+ );
|
||||||
|
+ if (EFI_ERROR (Status) || (Hash2ServiceBinding == NULL) || (Hash2ServiceBinding->DestroyChild == NULL)) {
|
||||||
|
+ return EFI_UNSUPPORTED;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Destroy the instance of the hashing protocol for this controller.
|
||||||
|
+ //
|
||||||
|
+ Status = Hash2ServiceBinding->DestroyChild (Hash2ServiceBinding, &mHash2ServiceHandle);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ return EFI_UNSUPPORTED;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ mHash2ServiceHandle = NULL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
Status = gBS->OpenProtocol (
|
||||||
|
NicHandle,
|
||||||
|
ServiceBindingGuid,
|
||||||
|
diff --git a/NetworkPkg/TcpDxe/TcpDxe.inf b/NetworkPkg/TcpDxe/TcpDxe.inf
|
||||||
|
index cf5423f4c5..76de4cf9ec 100644
|
||||||
|
--- a/NetworkPkg/TcpDxe/TcpDxe.inf
|
||||||
|
+++ b/NetworkPkg/TcpDxe/TcpDxe.inf
|
||||||
|
@@ -6,6 +6,7 @@
|
||||||
|
# stack has been loaded in system. This driver supports both IPv4 and IPv6 network stack.
|
||||||
|
#
|
||||||
|
# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
|
||||||
|
+# Copyright (c) Microsoft Corporation
|
||||||
|
#
|
||||||
|
# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
#
|
||||||
|
@@ -68,7 +69,6 @@
|
||||||
|
NetLib
|
||||||
|
IpIoLib
|
||||||
|
|
||||||
|
-
|
||||||
|
[Protocols]
|
||||||
|
## SOMETIMES_CONSUMES
|
||||||
|
## SOMETIMES_PRODUCES
|
||||||
|
@@ -81,6 +81,12 @@
|
||||||
|
gEfiIp6ServiceBindingProtocolGuid ## TO_START
|
||||||
|
gEfiTcp6ProtocolGuid ## BY_START
|
||||||
|
gEfiTcp6ServiceBindingProtocolGuid ## BY_START
|
||||||
|
+ gEfiHash2ProtocolGuid ## BY_START
|
||||||
|
+ gEfiHash2ServiceBindingProtocolGuid ## BY_START
|
||||||
|
+
|
||||||
|
+[Guids]
|
||||||
|
+ gEfiHashAlgorithmMD5Guid ## CONSUMES
|
||||||
|
+ gEfiHashAlgorithmSha256Guid ## CONSUMES
|
||||||
|
|
||||||
|
[Depex]
|
||||||
|
gEfiHash2ServiceBindingProtocolGuid
|
||||||
|
diff --git a/NetworkPkg/TcpDxe/TcpFunc.h b/NetworkPkg/TcpDxe/TcpFunc.h
|
||||||
|
index a7af01fff2..c707bee3e5 100644
|
||||||
|
--- a/NetworkPkg/TcpDxe/TcpFunc.h
|
||||||
|
+++ b/NetworkPkg/TcpDxe/TcpFunc.h
|
||||||
|
@@ -2,7 +2,7 @@
|
||||||
|
Declaration of external functions shared in TCP driver.
|
||||||
|
|
||||||
|
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
|
-
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
**/
|
||||||
|
@@ -36,8 +36,11 @@ VOID
|
||||||
|
|
||||||
|
@param[in, out] Tcb Pointer to the TCP_CB of this TCP instance.
|
||||||
|
|
||||||
|
+ @retval EFI_SUCCESS The operation completed successfully
|
||||||
|
+ @retval others The underlying functions failed and could not complete the operation
|
||||||
|
+
|
||||||
|
**/
|
||||||
|
-VOID
|
||||||
|
+EFI_STATUS
|
||||||
|
TcpInitTcbLocal (
|
||||||
|
IN OUT TCP_CB *Tcb
|
||||||
|
);
|
||||||
|
@@ -128,17 +131,6 @@ TcpCloneTcb (
|
||||||
|
IN TCP_CB *Tcb
|
||||||
|
);
|
||||||
|
|
||||||
|
-/**
|
||||||
|
- Compute an ISS to be used by a new connection.
|
||||||
|
-
|
||||||
|
- @return The result ISS.
|
||||||
|
-
|
||||||
|
-**/
|
||||||
|
-TCP_SEQNO
|
||||||
|
-TcpGetIss (
|
||||||
|
- VOID
|
||||||
|
- );
|
||||||
|
-
|
||||||
|
/**
|
||||||
|
Get the local mss.
|
||||||
|
|
||||||
|
@@ -202,8 +194,11 @@ TcpFormatNetbuf (
|
||||||
|
@param[in, out] Tcb Pointer to the TCP_CB that wants to initiate a
|
||||||
|
connection.
|
||||||
|
|
||||||
|
+ @retval EFI_SUCCESS The operation completed successfully
|
||||||
|
+ @retval others The underlying functions failed and could not complete the operation
|
||||||
|
+
|
||||||
|
**/
|
||||||
|
-VOID
|
||||||
|
+EFI_STATUS
|
||||||
|
TcpOnAppConnect (
|
||||||
|
IN OUT TCP_CB *Tcb
|
||||||
|
);
|
||||||
|
diff --git a/NetworkPkg/TcpDxe/TcpInput.c b/NetworkPkg/TcpDxe/TcpInput.c
|
||||||
|
index 7b329be64d..86dd7c4907 100644
|
||||||
|
--- a/NetworkPkg/TcpDxe/TcpInput.c
|
||||||
|
+++ b/NetworkPkg/TcpDxe/TcpInput.c
|
||||||
|
@@ -724,6 +724,7 @@ TcpInput (
|
||||||
|
TCP_SEQNO Urg;
|
||||||
|
UINT16 Checksum;
|
||||||
|
INT32 Usable;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
|
||||||
|
ASSERT ((Version == IP_VERSION_4) || (Version == IP_VERSION_6));
|
||||||
|
|
||||||
|
@@ -872,7 +873,17 @@ TcpInput (
|
||||||
|
Tcb->LocalEnd.Port = Head->DstPort;
|
||||||
|
Tcb->RemoteEnd.Port = Head->SrcPort;
|
||||||
|
|
||||||
|
- TcpInitTcbLocal (Tcb);
|
||||||
|
+ Status = TcpInitTcbLocal (Tcb);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG (
|
||||||
|
+ (DEBUG_ERROR,
|
||||||
|
+ "TcpInput: discard a segment because failed to init local end for TCB %p\n",
|
||||||
|
+ Tcb)
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ goto DISCARD;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
TcpInitTcbPeer (Tcb, Seg, &Option);
|
||||||
|
|
||||||
|
TcpSetState (Tcb, TCP_SYN_RCVD);
|
||||||
|
diff --git a/NetworkPkg/TcpDxe/TcpMain.h b/NetworkPkg/TcpDxe/TcpMain.h
|
||||||
|
index c0c9b7f46e..4d5566ab93 100644
|
||||||
|
--- a/NetworkPkg/TcpDxe/TcpMain.h
|
||||||
|
+++ b/NetworkPkg/TcpDxe/TcpMain.h
|
||||||
|
@@ -3,7 +3,7 @@
|
||||||
|
It is the common head file for all Tcp*.c in TCP driver.
|
||||||
|
|
||||||
|
Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>
|
||||||
|
-
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
**/
|
||||||
|
@@ -13,6 +13,7 @@
|
||||||
|
|
||||||
|
#include <Protocol/ServiceBinding.h>
|
||||||
|
#include <Protocol/DriverBinding.h>
|
||||||
|
+#include <Protocol/Hash2.h>
|
||||||
|
#include <Library/IpIoLib.h>
|
||||||
|
#include <Library/DevicePathLib.h>
|
||||||
|
#include <Library/PrintLib.h>
|
||||||
|
@@ -31,7 +32,7 @@ extern EFI_UNICODE_STRING_TABLE *gTcpControllerNameTable;
|
||||||
|
|
||||||
|
extern LIST_ENTRY mTcpRunQue;
|
||||||
|
extern LIST_ENTRY mTcpListenQue;
|
||||||
|
-extern TCP_SEQNO mTcpGlobalIss;
|
||||||
|
+extern TCP_SEQNO mTcpGlobalSecret;
|
||||||
|
extern UINT32 mTcpTick;
|
||||||
|
|
||||||
|
///
|
||||||
|
@@ -45,14 +46,6 @@ extern UINT32 mTcpTick;
|
||||||
|
|
||||||
|
#define TCP_EXPIRE_TIME 65535
|
||||||
|
|
||||||
|
-///
|
||||||
|
-/// The implementation selects the initial send sequence number and the unit to
|
||||||
|
-/// be added when it is increased.
|
||||||
|
-///
|
||||||
|
-#define TCP_BASE_ISS 0x4d7e980b
|
||||||
|
-#define TCP_ISS_INCREMENT_1 2048
|
||||||
|
-#define TCP_ISS_INCREMENT_2 100
|
||||||
|
-
|
||||||
|
typedef union {
|
||||||
|
EFI_TCP4_CONFIG_DATA Tcp4CfgData;
|
||||||
|
EFI_TCP6_CONFIG_DATA Tcp6CfgData;
|
||||||
|
@@ -774,4 +767,50 @@ Tcp6Poll (
|
||||||
|
IN EFI_TCP6_PROTOCOL *This
|
||||||
|
);
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ Retrieves the Initial Sequence Number (ISN) for a TCP connection identified by local
|
||||||
|
+ and remote IP addresses and ports.
|
||||||
|
+
|
||||||
|
+ This method is based on https://datatracker.ietf.org/doc/html/rfc9293#section-3.4.1
|
||||||
|
+ Where the ISN is computed as follows:
|
||||||
|
+ ISN = TimeStamp + MD5(LocalIP, LocalPort, RemoteIP, RemotePort, Secret)
|
||||||
|
+
|
||||||
|
+ Otherwise:
|
||||||
|
+ ISN = M + F(localip, localport, remoteip, remoteport, secretkey)
|
||||||
|
+
|
||||||
|
+ "Here M is the 4 microsecond timer, and F() is a pseudorandom function (PRF) of the
|
||||||
|
+ connection's identifying parameters ("localip, localport, remoteip, remoteport")
|
||||||
|
+ and a secret key ("secretkey") (SHLD-1). F() MUST NOT be computable from the
|
||||||
|
+ outside (MUST-9), or an attacker could still guess at sequence numbers from the
|
||||||
|
+ ISN used for some other connection. The PRF could be implemented as a
|
||||||
|
+ cryptographic hash of the concatenation of the TCP connection parameters and some
|
||||||
|
+ secret data. For discussion of the selection of a specific hash algorithm and
|
||||||
|
+ management of the secret key data."
|
||||||
|
+
|
||||||
|
+ @param[in] LocalIp A pointer to the local IP address of the TCP connection.
|
||||||
|
+ @param[in] LocalIpSize The size, in bytes, of the LocalIp buffer.
|
||||||
|
+ @param[in] LocalPort The local port number of the TCP connection.
|
||||||
|
+ @param[in] RemoteIp A pointer to the remote IP address of the TCP connection.
|
||||||
|
+ @param[in] RemoteIpSize The size, in bytes, of the RemoteIp buffer.
|
||||||
|
+ @param[in] RemotePort The remote port number of the TCP connection.
|
||||||
|
+ @param[out] Isn A pointer to the variable that will receive the Initial
|
||||||
|
+ Sequence Number (ISN).
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS The operation completed successfully, and the ISN was
|
||||||
|
+ retrieved.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER One or more of the input parameters are invalid.
|
||||||
|
+ @retval EFI_UNSUPPORTED The operation is not supported.
|
||||||
|
+
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+TcpGetIsn (
|
||||||
|
+ IN UINT8 *LocalIp,
|
||||||
|
+ IN UINTN LocalIpSize,
|
||||||
|
+ IN UINT16 LocalPort,
|
||||||
|
+ IN UINT8 *RemoteIp,
|
||||||
|
+ IN UINTN RemoteIpSize,
|
||||||
|
+ IN UINT16 RemotePort,
|
||||||
|
+ OUT TCP_SEQNO *Isn
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
#endif
|
||||||
|
diff --git a/NetworkPkg/TcpDxe/TcpMisc.c b/NetworkPkg/TcpDxe/TcpMisc.c
|
||||||
|
index c93212d47d..3310306f63 100644
|
||||||
|
--- a/NetworkPkg/TcpDxe/TcpMisc.c
|
||||||
|
+++ b/NetworkPkg/TcpDxe/TcpMisc.c
|
||||||
|
@@ -3,7 +3,7 @@
|
||||||
|
|
||||||
|
(C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR>
|
||||||
|
Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.<BR>
|
||||||
|
-
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
**/
|
||||||
|
@@ -20,7 +20,34 @@ LIST_ENTRY mTcpListenQue = {
|
||||||
|
&mTcpListenQue
|
||||||
|
};
|
||||||
|
|
||||||
|
-TCP_SEQNO mTcpGlobalIss = TCP_BASE_ISS;
|
||||||
|
+//
|
||||||
|
+// The Session secret
|
||||||
|
+// This must be initialized to a random value at boot time
|
||||||
|
+//
|
||||||
|
+TCP_SEQNO mTcpGlobalSecret;
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// Union to hold either an IPv4 or IPv6 address
|
||||||
|
+// This is used to simplify the ISN hash computation
|
||||||
|
+//
|
||||||
|
+typedef union {
|
||||||
|
+ UINT8 IPv4[4];
|
||||||
|
+ UINT8 IPv6[16];
|
||||||
|
+} NETWORK_ADDRESS;
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// The ISN is computed by hashing this structure
|
||||||
|
+// It is initialized with the local and remote IP addresses and ports
|
||||||
|
+// and the secret
|
||||||
|
+//
|
||||||
|
+//
|
||||||
|
+typedef struct {
|
||||||
|
+ UINT16 LocalPort;
|
||||||
|
+ UINT16 RemotePort;
|
||||||
|
+ NETWORK_ADDRESS LocalAddress;
|
||||||
|
+ NETWORK_ADDRESS RemoteAddress;
|
||||||
|
+ TCP_SEQNO Secret;
|
||||||
|
+} ISN_HASH_CTX;
|
||||||
|
|
||||||
|
CHAR16 *mTcpStateName[] = {
|
||||||
|
L"TCP_CLOSED",
|
||||||
|
@@ -41,12 +68,18 @@ CHAR16 *mTcpStateName[] = {
|
||||||
|
|
||||||
|
@param[in, out] Tcb Pointer to the TCP_CB of this TCP instance.
|
||||||
|
|
||||||
|
+ @retval EFI_SUCCESS The operation completed successfully
|
||||||
|
+ @retval others The underlying functions failed and could not complete the operation
|
||||||
|
+
|
||||||
|
**/
|
||||||
|
-VOID
|
||||||
|
+EFI_STATUS
|
||||||
|
TcpInitTcbLocal (
|
||||||
|
IN OUT TCP_CB *Tcb
|
||||||
|
)
|
||||||
|
{
|
||||||
|
+ TCP_SEQNO Isn;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Compute the checksum of the fixed parts of pseudo header
|
||||||
|
//
|
||||||
|
@@ -57,6 +90,16 @@ TcpInitTcbLocal (
|
||||||
|
0x06,
|
||||||
|
0
|
||||||
|
);
|
||||||
|
+
|
||||||
|
+ Status = TcpGetIsn (
|
||||||
|
+ Tcb->LocalEnd.Ip.v4.Addr,
|
||||||
|
+ sizeof (IPv4_ADDRESS),
|
||||||
|
+ Tcb->LocalEnd.Port,
|
||||||
|
+ Tcb->RemoteEnd.Ip.v4.Addr,
|
||||||
|
+ sizeof (IPv4_ADDRESS),
|
||||||
|
+ Tcb->RemoteEnd.Port,
|
||||||
|
+ &Isn
|
||||||
|
+ );
|
||||||
|
} else {
|
||||||
|
Tcb->HeadSum = NetIp6PseudoHeadChecksum (
|
||||||
|
&Tcb->LocalEnd.Ip.v6,
|
||||||
|
@@ -64,9 +107,25 @@ TcpInitTcbLocal (
|
||||||
|
0x06,
|
||||||
|
0
|
||||||
|
);
|
||||||
|
+
|
||||||
|
+ Status = TcpGetIsn (
|
||||||
|
+ Tcb->LocalEnd.Ip.v6.Addr,
|
||||||
|
+ sizeof (IPv6_ADDRESS),
|
||||||
|
+ Tcb->LocalEnd.Port,
|
||||||
|
+ Tcb->RemoteEnd.Ip.v6.Addr,
|
||||||
|
+ sizeof (IPv6_ADDRESS),
|
||||||
|
+ Tcb->RemoteEnd.Port,
|
||||||
|
+ &Isn
|
||||||
|
+ );
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "TcpInitTcbLocal: failed to get isn\n"));
|
||||||
|
+ ASSERT (FALSE);
|
||||||
|
+ return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
- Tcb->Iss = TcpGetIss ();
|
||||||
|
+ Tcb->Iss = Isn;
|
||||||
|
Tcb->SndUna = Tcb->Iss;
|
||||||
|
Tcb->SndNxt = Tcb->Iss;
|
||||||
|
|
||||||
|
@@ -82,6 +141,8 @@ TcpInitTcbLocal (
|
||||||
|
Tcb->RetxmitSeqMax = 0;
|
||||||
|
|
||||||
|
Tcb->ProbeTimerOn = FALSE;
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
@@ -506,18 +567,162 @@ TcpCloneTcb (
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
- Compute an ISS to be used by a new connection.
|
||||||
|
-
|
||||||
|
- @return The resulting ISS.
|
||||||
|
+ Retrieves the Initial Sequence Number (ISN) for a TCP connection identified by local
|
||||||
|
+ and remote IP addresses and ports.
|
||||||
|
+
|
||||||
|
+ This method is based on https://datatracker.ietf.org/doc/html/rfc9293#section-3.4.1
|
||||||
|
+ Where the ISN is computed as follows:
|
||||||
|
+ ISN = TimeStamp + MD5(LocalIP, LocalPort, RemoteIP, RemotePort, Secret)
|
||||||
|
+
|
||||||
|
+ Otherwise:
|
||||||
|
+ ISN = M + F(localip, localport, remoteip, remoteport, secretkey)
|
||||||
|
+
|
||||||
|
+ "Here M is the 4 microsecond timer, and F() is a pseudorandom function (PRF) of the
|
||||||
|
+ connection's identifying parameters ("localip, localport, remoteip, remoteport")
|
||||||
|
+ and a secret key ("secretkey") (SHLD-1). F() MUST NOT be computable from the
|
||||||
|
+ outside (MUST-9), or an attacker could still guess at sequence numbers from the
|
||||||
|
+ ISN used for some other connection. The PRF could be implemented as a
|
||||||
|
+ cryptographic hash of the concatenation of the TCP connection parameters and some
|
||||||
|
+ secret data. For discussion of the selection of a specific hash algorithm and
|
||||||
|
+ management of the secret key data."
|
||||||
|
+
|
||||||
|
+ @param[in] LocalIp A pointer to the local IP address of the TCP connection.
|
||||||
|
+ @param[in] LocalIpSize The size, in bytes, of the LocalIp buffer.
|
||||||
|
+ @param[in] LocalPort The local port number of the TCP connection.
|
||||||
|
+ @param[in] RemoteIp A pointer to the remote IP address of the TCP connection.
|
||||||
|
+ @param[in] RemoteIpSize The size, in bytes, of the RemoteIp buffer.
|
||||||
|
+ @param[in] RemotePort The remote port number of the TCP connection.
|
||||||
|
+ @param[out] Isn A pointer to the variable that will receive the Initial
|
||||||
|
+ Sequence Number (ISN).
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS The operation completed successfully, and the ISN was
|
||||||
|
+ retrieved.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER One or more of the input parameters are invalid.
|
||||||
|
+ @retval EFI_UNSUPPORTED The operation is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
-TCP_SEQNO
|
||||||
|
-TcpGetIss (
|
||||||
|
- VOID
|
||||||
|
+EFI_STATUS
|
||||||
|
+TcpGetIsn (
|
||||||
|
+ IN UINT8 *LocalIp,
|
||||||
|
+ IN UINTN LocalIpSize,
|
||||||
|
+ IN UINT16 LocalPort,
|
||||||
|
+ IN UINT8 *RemoteIp,
|
||||||
|
+ IN UINTN RemoteIpSize,
|
||||||
|
+ IN UINT16 RemotePort,
|
||||||
|
+ OUT TCP_SEQNO *Isn
|
||||||
|
)
|
||||||
|
{
|
||||||
|
- mTcpGlobalIss += TCP_ISS_INCREMENT_1;
|
||||||
|
- return mTcpGlobalIss;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ EFI_HASH2_PROTOCOL *Hash2Protocol;
|
||||||
|
+ EFI_HASH2_OUTPUT HashResult;
|
||||||
|
+ ISN_HASH_CTX IsnHashCtx;
|
||||||
|
+ EFI_TIME TimeStamp;
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Check that the ISN pointer is valid
|
||||||
|
+ //
|
||||||
|
+ if (Isn == NULL) {
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // The local ip may be a v4 or v6 address and may not be NULL
|
||||||
|
+ //
|
||||||
|
+ if ((LocalIp == NULL) || (LocalIpSize == 0) || (RemoteIp == NULL) || (RemoteIpSize == 0)) {
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // the local ip may be a v4 or v6 address
|
||||||
|
+ //
|
||||||
|
+ if ((LocalIpSize != sizeof (EFI_IPv4_ADDRESS)) && (LocalIpSize != sizeof (EFI_IPv6_ADDRESS))) {
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Locate the Hash Protocol
|
||||||
|
+ //
|
||||||
|
+ Status = gBS->LocateProtocol (&gEfiHash2ProtocolGuid, NULL, (VOID **)&Hash2Protocol);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_NET, "Failed to locate Hash Protocol: %r\n", Status));
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // TcpCreateService(..) is expected to be called prior to this function
|
||||||
|
+ //
|
||||||
|
+ ASSERT_EFI_ERROR (Status);
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Initialize the hash algorithm
|
||||||
|
+ //
|
||||||
|
+ Status = Hash2Protocol->HashInit (Hash2Protocol, &gEfiHashAlgorithmSha256Guid);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_NET, "Failed to initialize sha256 hash algorithm: %r\n", Status));
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ IsnHashCtx.LocalPort = LocalPort;
|
||||||
|
+ IsnHashCtx.RemotePort = RemotePort;
|
||||||
|
+ IsnHashCtx.Secret = mTcpGlobalSecret;
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Check the IP address family and copy accordingly
|
||||||
|
+ //
|
||||||
|
+ if (LocalIpSize == sizeof (EFI_IPv4_ADDRESS)) {
|
||||||
|
+ CopyMem (&IsnHashCtx.LocalAddress.IPv4, LocalIp, LocalIpSize);
|
||||||
|
+ } else if (LocalIpSize == sizeof (EFI_IPv6_ADDRESS)) {
|
||||||
|
+ CopyMem (&IsnHashCtx.LocalAddress.IPv6, LocalIp, LocalIpSize);
|
||||||
|
+ } else {
|
||||||
|
+ return EFI_INVALID_PARAMETER; // Unsupported address size
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Repeat the process for the remote IP address
|
||||||
|
+ //
|
||||||
|
+ if (RemoteIpSize == sizeof (EFI_IPv4_ADDRESS)) {
|
||||||
|
+ CopyMem (&IsnHashCtx.RemoteAddress.IPv4, RemoteIp, RemoteIpSize);
|
||||||
|
+ } else if (RemoteIpSize == sizeof (EFI_IPv6_ADDRESS)) {
|
||||||
|
+ CopyMem (&IsnHashCtx.RemoteAddress.IPv6, RemoteIp, RemoteIpSize);
|
||||||
|
+ } else {
|
||||||
|
+ return EFI_INVALID_PARAMETER; // Unsupported address size
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Compute the hash
|
||||||
|
+ // Update the hash with the data
|
||||||
|
+ //
|
||||||
|
+ Status = Hash2Protocol->HashUpdate (Hash2Protocol, (UINT8 *)&IsnHashCtx, sizeof (IsnHashCtx));
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_NET, "Failed to update hash: %r\n", Status));
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Finalize the hash and retrieve the result
|
||||||
|
+ //
|
||||||
|
+ Status = Hash2Protocol->HashFinal (Hash2Protocol, &HashResult);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_NET, "Failed to finalize hash: %r\n", Status));
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ Status = gRT->GetTime (&TimeStamp, NULL);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // copy the first 4 bytes of the hash result into the ISN
|
||||||
|
+ //
|
||||||
|
+ CopyMem (Isn, HashResult.Md5Hash, sizeof (*Isn));
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // now add the timestamp to the ISN as 4 microseconds units (1000 / 4 = 250)
|
||||||
|
+ //
|
||||||
|
+ *Isn += (TCP_SEQNO)TimeStamp.Nanosecond * 250;
|
||||||
|
+
|
||||||
|
+ return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
@@ -721,17 +926,28 @@ TcpFormatNetbuf (
|
||||||
|
@param[in, out] Tcb Pointer to the TCP_CB that wants to initiate a
|
||||||
|
connection.
|
||||||
|
|
||||||
|
+ @retval EFI_SUCCESS The operation completed successfully
|
||||||
|
+ @retval others The underlying functions failed and could not complete the operation
|
||||||
|
+
|
||||||
|
**/
|
||||||
|
-VOID
|
||||||
|
+EFI_STATUS
|
||||||
|
TcpOnAppConnect (
|
||||||
|
IN OUT TCP_CB *Tcb
|
||||||
|
)
|
||||||
|
{
|
||||||
|
- TcpInitTcbLocal (Tcb);
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
+ Status = TcpInitTcbLocal (Tcb);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
TcpSetState (Tcb, TCP_SYN_SENT);
|
||||||
|
|
||||||
|
TcpSetTimer (Tcb, TCP_TIMER_CONNECT, Tcb->ConnectTimeout);
|
||||||
|
TcpToSendData (Tcb, 1);
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
diff --git a/NetworkPkg/TcpDxe/TcpTimer.c b/NetworkPkg/TcpDxe/TcpTimer.c
|
||||||
|
index 5d2e124977..065b1bdf5f 100644
|
||||||
|
--- a/NetworkPkg/TcpDxe/TcpTimer.c
|
||||||
|
+++ b/NetworkPkg/TcpDxe/TcpTimer.c
|
||||||
|
@@ -2,7 +2,7 @@
|
||||||
|
TCP timer related functions.
|
||||||
|
|
||||||
|
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
|
||||||
|
-
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
**/
|
||||||
|
@@ -483,7 +483,6 @@ TcpTickingDpc (
|
||||||
|
INT16 Index;
|
||||||
|
|
||||||
|
mTcpTick++;
|
||||||
|
- mTcpGlobalIss += TCP_ISS_INCREMENT_2;
|
||||||
|
|
||||||
|
//
|
||||||
|
// Don't use LIST_FOR_EACH, which isn't delete safe.
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,168 @@
|
|||||||
|
From 1afdf854f67fbaeea47f15efa0c34c0f1fe6a504 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 10/18] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234
|
||||||
|
Patch
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [10/18] c7527c63ebe3afb55a2ef78103c1a57de26c36b7
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21851
|
||||||
|
CVE: CVE-2022-45234
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 1b53515d53d303166b2bbd31e2cc7f16fd0aecd7
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:52 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234 Patch
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4539
|
||||||
|
|
||||||
|
Bug Details:
|
||||||
|
PixieFail Bug #6
|
||||||
|
CVE-2023-45234
|
||||||
|
CVSS 8.3 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
|
||||||
|
CWE-119 Improper Restriction of Operations within the Bounds of
|
||||||
|
a Memory Buffer
|
||||||
|
|
||||||
|
Buffer overflow when processing DNS Servers option in a DHCPv6
|
||||||
|
Advertise message
|
||||||
|
|
||||||
|
Change Overview:
|
||||||
|
|
||||||
|
Introduces a function to cache the Dns Server and perform sanitizing
|
||||||
|
on the incoming DnsServerLen to ensure that the length is valid
|
||||||
|
|
||||||
|
> + EFI_STATUS
|
||||||
|
> + PxeBcCacheDnsServerAddresses (
|
||||||
|
> + IN PXEBC_PRIVATE_DATA *Private,
|
||||||
|
> + IN PXEBC_DHCP6_PACKET_CACHE *Cache6
|
||||||
|
> + )
|
||||||
|
|
||||||
|
Additional code cleanup
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c | 71 +++++++++++++++++++++++++---
|
||||||
|
1 file changed, 65 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
index 425e0cf806..2b2d372889 100644
|
||||||
|
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
@@ -3,6 +3,7 @@
|
||||||
|
|
||||||
|
(C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR>
|
||||||
|
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
@@ -1312,6 +1313,65 @@ PxeBcSelectDhcp6Offer (
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ Cache the DHCPv6 DNS Server addresses
|
||||||
|
+
|
||||||
|
+ @param[in] Private The pointer to PXEBC_PRIVATE_DATA.
|
||||||
|
+ @param[in] Cache6 The pointer to PXEBC_DHCP6_PACKET_CACHE.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Cache the DHCPv6 DNS Server address successfully.
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
|
||||||
|
+ @retval EFI_DEVICE_ERROR The DNS Server Address Length provided by a untrusted
|
||||||
|
+ option is not a multiple of 16 bytes (sizeof (EFI_IPv6_ADDRESS)).
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+PxeBcCacheDnsServerAddresses (
|
||||||
|
+ IN PXEBC_PRIVATE_DATA *Private,
|
||||||
|
+ IN PXEBC_DHCP6_PACKET_CACHE *Cache6
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ UINT16 DnsServerLen;
|
||||||
|
+
|
||||||
|
+ DnsServerLen = NTOHS (Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen);
|
||||||
|
+ //
|
||||||
|
+ // Make sure that the number is nonzero
|
||||||
|
+ //
|
||||||
|
+ if (DnsServerLen == 0) {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Make sure the DnsServerlen is a multiple of EFI_IPv6_ADDRESS (16)
|
||||||
|
+ //
|
||||||
|
+ if (DnsServerLen % sizeof (EFI_IPv6_ADDRESS) != 0) {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // This code is currently written to only support a single DNS Server instead
|
||||||
|
+ // of multiple such as is spec defined (RFC3646, Section 3). The proper behavior
|
||||||
|
+ // would be to allocate the full space requested, CopyMem all of the data,
|
||||||
|
+ // and then add a DnsServerCount field to Private and update additional code
|
||||||
|
+ // that depends on this.
|
||||||
|
+ //
|
||||||
|
+ // To support multiple DNS servers the `AllocationSize` would need to be changed to DnsServerLen
|
||||||
|
+ //
|
||||||
|
+ // This is tracked in https://bugzilla.tianocore.org/show_bug.cgi?id=1886
|
||||||
|
+ //
|
||||||
|
+ Private->DnsServer = AllocateZeroPool (sizeof (EFI_IPv6_ADDRESS));
|
||||||
|
+ if (Private->DnsServer == NULL) {
|
||||||
|
+ return EFI_OUT_OF_RESOURCES;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Intentionally only copy over the first server address.
|
||||||
|
+ // To support multiple DNS servers, the `Length` would need to be changed to DnsServerLen
|
||||||
|
+ //
|
||||||
|
+ CopyMem (Private->DnsServer, Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->Data, sizeof (EFI_IPv6_ADDRESS));
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
Handle the DHCPv6 offer packet.
|
||||||
|
|
||||||
|
@@ -1335,6 +1395,7 @@ PxeBcHandleDhcp6Offer (
|
||||||
|
UINT32 SelectIndex;
|
||||||
|
UINT32 Index;
|
||||||
|
|
||||||
|
+ ASSERT (Private != NULL);
|
||||||
|
ASSERT (Private->SelectIndex > 0);
|
||||||
|
SelectIndex = (UINT32)(Private->SelectIndex - 1);
|
||||||
|
ASSERT (SelectIndex < PXEBC_OFFER_MAX_NUM);
|
||||||
|
@@ -1342,15 +1403,13 @@ PxeBcHandleDhcp6Offer (
|
||||||
|
Status = EFI_SUCCESS;
|
||||||
|
|
||||||
|
//
|
||||||
|
- // First try to cache DNS server address if DHCP6 offer provides.
|
||||||
|
+ // First try to cache DNS server addresses if DHCP6 offer provides.
|
||||||
|
//
|
||||||
|
if (Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] != NULL) {
|
||||||
|
- Private->DnsServer = AllocateZeroPool (NTOHS (Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen));
|
||||||
|
- if (Private->DnsServer == NULL) {
|
||||||
|
- return EFI_OUT_OF_RESOURCES;
|
||||||
|
+ Status = PxeBcCacheDnsServerAddresses (Private, Cache6);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ return Status;
|
||||||
|
}
|
||||||
|
-
|
||||||
|
- CopyMem (Private->DnsServer, Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->Data, sizeof (EFI_IPv6_ADDRESS));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (Cache6->OfferType == PxeOfferTypeDhcpBinl) {
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,511 @@
|
|||||||
|
From d60257df151a6c58aefe74c2d2baee59344318d2 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 11/18] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234
|
||||||
|
Unit Tests
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [11/18] b917383d597172d4bf75548d9b281d08bf34e299
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21851
|
||||||
|
CVE: CVE-2022-45234
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 458c582685fc0e8057d2511c5a0394078d988c17
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:53 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234 Unit Tests
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4539
|
||||||
|
|
||||||
|
Unit tests to that the bug..
|
||||||
|
|
||||||
|
Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise
|
||||||
|
message
|
||||||
|
|
||||||
|
..has been patched
|
||||||
|
|
||||||
|
This contains tests for the following functions:
|
||||||
|
PxeBcHandleDhcp6Offer
|
||||||
|
PxeBcCacheDnsServerAddresses
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Test/NetworkPkgHostTest.dsc | 1 +
|
||||||
|
.../GoogleTest/PxeBcDhcp6GoogleTest.cpp | 300 ++++++++++++++++++
|
||||||
|
.../GoogleTest/PxeBcDhcp6GoogleTest.h | 50 +++
|
||||||
|
.../GoogleTest/UefiPxeBcDxeGoogleTest.cpp | 19 ++
|
||||||
|
.../GoogleTest/UefiPxeBcDxeGoogleTest.inf | 48 +++
|
||||||
|
5 files changed, 418 insertions(+)
|
||||||
|
create mode 100644 NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||||
|
create mode 100644 NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||||
|
create mode 100644 NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.cpp
|
||||||
|
create mode 100644 NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
index 7fa7b0f9d5..a0273c4310 100644
|
||||||
|
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
@@ -27,6 +27,7 @@
|
||||||
|
#
|
||||||
|
NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
+ NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
|
||||||
|
|
||||||
|
# Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests.
|
||||||
|
[LibraryClasses]
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..8260eeee50
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||||
|
@@ -0,0 +1,300 @@
|
||||||
|
+/** @file
|
||||||
|
+ Host based unit test for PxeBcDhcp6.c.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+#include <gtest/gtest.h>
|
||||||
|
+
|
||||||
|
+extern "C" {
|
||||||
|
+ #include <Uefi.h>
|
||||||
|
+ #include <Library/BaseLib.h>
|
||||||
|
+ #include <Library/DebugLib.h>
|
||||||
|
+ #include "../PxeBcImpl.h"
|
||||||
|
+ #include "../PxeBcDhcp6.h"
|
||||||
|
+ #include "PxeBcDhcp6GoogleTest.h"
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Definitions
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+#define PACKET_SIZE (1500)
|
||||||
|
+
|
||||||
|
+typedef struct {
|
||||||
|
+ UINT16 OptionCode; // The option code for DHCP6_OPT_SERVER_ID (e.g., 0x03)
|
||||||
|
+ UINT16 OptionLen; // The length of the option (e.g., 16 bytes)
|
||||||
|
+ UINT8 ServerId[16]; // The 16-byte DHCPv6 Server Identifier
|
||||||
|
+} DHCP6_OPTION_SERVER_ID;
|
||||||
|
+
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+/// Symbol Definitions
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+EFI_STATUS
|
||||||
|
+MockUdpWrite (
|
||||||
|
+ IN EFI_PXE_BASE_CODE_PROTOCOL *This,
|
||||||
|
+ IN UINT16 OpFlags,
|
||||||
|
+ IN EFI_IP_ADDRESS *DestIp,
|
||||||
|
+ IN EFI_PXE_BASE_CODE_UDP_PORT *DestPort,
|
||||||
|
+ IN EFI_IP_ADDRESS *GatewayIp OPTIONAL,
|
||||||
|
+ IN EFI_IP_ADDRESS *SrcIp OPTIONAL,
|
||||||
|
+ IN OUT EFI_PXE_BASE_CODE_UDP_PORT *SrcPort OPTIONAL,
|
||||||
|
+ IN UINTN *HeaderSize OPTIONAL,
|
||||||
|
+ IN VOID *HeaderPtr OPTIONAL,
|
||||||
|
+ IN UINTN *BufferSize,
|
||||||
|
+ IN VOID *BufferPtr
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+EFI_STATUS
|
||||||
|
+MockUdpRead (
|
||||||
|
+ IN EFI_PXE_BASE_CODE_PROTOCOL *This,
|
||||||
|
+ IN UINT16 OpFlags,
|
||||||
|
+ IN OUT EFI_IP_ADDRESS *DestIp OPTIONAL,
|
||||||
|
+ IN OUT EFI_PXE_BASE_CODE_UDP_PORT *DestPort OPTIONAL,
|
||||||
|
+ IN OUT EFI_IP_ADDRESS *SrcIp OPTIONAL,
|
||||||
|
+ IN OUT EFI_PXE_BASE_CODE_UDP_PORT *SrcPort OPTIONAL,
|
||||||
|
+ IN UINTN *HeaderSize OPTIONAL,
|
||||||
|
+ IN VOID *HeaderPtr OPTIONAL,
|
||||||
|
+ IN OUT UINTN *BufferSize,
|
||||||
|
+ IN VOID *BufferPtr
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+EFI_STATUS
|
||||||
|
+MockConfigure (
|
||||||
|
+ IN EFI_UDP6_PROTOCOL *This,
|
||||||
|
+ IN EFI_UDP6_CONFIG_DATA *UdpConfigData OPTIONAL
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Needed by PxeBcSupport
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+QueueDpc (
|
||||||
|
+ IN EFI_TPL DpcTpl,
|
||||||
|
+ IN EFI_DPC_PROCEDURE DpcProcedure,
|
||||||
|
+ IN VOID *DpcContext OPTIONAL
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// PxeBcHandleDhcp6OfferTest Tests
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+class PxeBcHandleDhcp6OfferTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ PXEBC_PRIVATE_DATA Private = { 0 };
|
||||||
|
+ EFI_UDP6_PROTOCOL Udp6Read;
|
||||||
|
+ EFI_PXE_BASE_CODE_MODE Mode = { 0 };
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ Private.Dhcp6Request = (EFI_DHCP6_PACKET *)AllocateZeroPool (PACKET_SIZE);
|
||||||
|
+
|
||||||
|
+ // Need to setup the EFI_PXE_BASE_CODE_PROTOCOL
|
||||||
|
+ // The function under test really only needs the following:
|
||||||
|
+ // UdpWrite
|
||||||
|
+ // UdpRead
|
||||||
|
+
|
||||||
|
+ Private.PxeBc.UdpWrite = (EFI_PXE_BASE_CODE_UDP_WRITE)MockUdpWrite;
|
||||||
|
+ Private.PxeBc.UdpRead = (EFI_PXE_BASE_CODE_UDP_READ)MockUdpRead;
|
||||||
|
+
|
||||||
|
+ // Need to setup EFI_UDP6_PROTOCOL
|
||||||
|
+ // The function under test really only needs the following:
|
||||||
|
+ // Configure
|
||||||
|
+
|
||||||
|
+ Udp6Read.Configure = (EFI_UDP6_CONFIGURE)MockConfigure;
|
||||||
|
+ Private.Udp6Read = &Udp6Read;
|
||||||
|
+
|
||||||
|
+ // Need to setup the EFI_PXE_BASE_CODE_MODE
|
||||||
|
+ Private.PxeBc.Mode = &Mode;
|
||||||
|
+
|
||||||
|
+ // for this test it doesn't really matter what the Dhcpv6 ack is set to
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ if (Private.Dhcp6Request != NULL) {
|
||||||
|
+ FreePool (Private.Dhcp6Request);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Note:
|
||||||
|
+// Testing PxeBcHandleDhcp6Offer() is difficult because it depends on a
|
||||||
|
+// properly setup Private structure. Attempting to properly test this function
|
||||||
|
+// without a signficant refactor is a fools errand. Instead, we will test
|
||||||
|
+// that we can prevent an overflow in the function.
|
||||||
|
+TEST_F (PxeBcHandleDhcp6OfferTest, BasicUsageTest) {
|
||||||
|
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION Option = { 0 };
|
||||||
|
+
|
||||||
|
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||||
|
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||||
|
+
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = &Option;
|
||||||
|
+ // Setup the DHCPv6 offer packet
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpCode = DHCP6_OPT_SERVER_ID;
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen = NTOHS (1337);
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcHandleDhcp6Offer (&(PxeBcHandleDhcp6OfferTest::Private)), EFI_DEVICE_ERROR);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+class PxeBcCacheDnsServerAddressesTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ PXEBC_PRIVATE_DATA Private = { 0 };
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Test that we cache the DNS server address from the DHCPv6 offer packet
|
||||||
|
+TEST_F (PxeBcCacheDnsServerAddressesTest, BasicUsageTest) {
|
||||||
|
+ UINT8 SearchPattern[16] = { 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF };
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION *Option;
|
||||||
|
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||||
|
+
|
||||||
|
+ Option = (EFI_DHCP6_PACKET_OPTION *)AllocateZeroPool (sizeof (EFI_DHCP6_PACKET_OPTION) + sizeof (SearchPattern));
|
||||||
|
+ ASSERT_NE (Option, nullptr);
|
||||||
|
+
|
||||||
|
+ Option->OpCode = DHCP6_OPT_SERVER_ID;
|
||||||
|
+ Option->OpLen = NTOHS (sizeof (SearchPattern));
|
||||||
|
+ CopyMem (Option->Data, SearchPattern, sizeof (SearchPattern));
|
||||||
|
+
|
||||||
|
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||||
|
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = Option;
|
||||||
|
+
|
||||||
|
+ Private.DnsServer = nullptr;
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcCacheDnsServerAddresses (&(PxeBcCacheDnsServerAddressesTest::Private), Cache6), EFI_SUCCESS);
|
||||||
|
+ ASSERT_NE (Private.DnsServer, nullptr);
|
||||||
|
+ ASSERT_EQ (CompareMem (Private.DnsServer, SearchPattern, sizeof (SearchPattern)), 0);
|
||||||
|
+
|
||||||
|
+ if (Private.DnsServer) {
|
||||||
|
+ FreePool (Private.DnsServer);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (Option) {
|
||||||
|
+ FreePool (Option);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+// Test Description
|
||||||
|
+// Test that we can prevent an overflow in the function
|
||||||
|
+TEST_F (PxeBcCacheDnsServerAddressesTest, AttemptOverflowTest) {
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION Option = { 0 };
|
||||||
|
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||||
|
+
|
||||||
|
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||||
|
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = &Option;
|
||||||
|
+ // Setup the DHCPv6 offer packet
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpCode = DHCP6_OPT_SERVER_ID;
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen = NTOHS (1337);
|
||||||
|
+
|
||||||
|
+ Private.DnsServer = NULL;
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcCacheDnsServerAddresses (&(PxeBcCacheDnsServerAddressesTest::Private), Cache6), EFI_DEVICE_ERROR);
|
||||||
|
+ ASSERT_EQ (Private.DnsServer, nullptr);
|
||||||
|
+
|
||||||
|
+ if (Private.DnsServer) {
|
||||||
|
+ FreePool (Private.DnsServer);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Test that we can prevent an underflow in the function
|
||||||
|
+TEST_F (PxeBcCacheDnsServerAddressesTest, AttemptUnderflowTest) {
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION Option = { 0 };
|
||||||
|
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||||
|
+
|
||||||
|
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||||
|
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = &Option;
|
||||||
|
+ // Setup the DHCPv6 offer packet
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpCode = DHCP6_OPT_SERVER_ID;
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen = NTOHS (2);
|
||||||
|
+
|
||||||
|
+ Private.DnsServer = NULL;
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcCacheDnsServerAddresses (&(PxeBcCacheDnsServerAddressesTest::Private), Cache6), EFI_DEVICE_ERROR);
|
||||||
|
+ ASSERT_EQ (Private.DnsServer, nullptr);
|
||||||
|
+
|
||||||
|
+ if (Private.DnsServer) {
|
||||||
|
+ FreePool (Private.DnsServer);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Test that we can handle recursive dns (multiple dns entries)
|
||||||
|
+TEST_F (PxeBcCacheDnsServerAddressesTest, MultipleDnsEntries) {
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION Option = { 0 };
|
||||||
|
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||||
|
+
|
||||||
|
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||||
|
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = &Option;
|
||||||
|
+ // Setup the DHCPv6 offer packet
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpCode = DHCP6_OPT_SERVER_ID;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS addresses[2] = {
|
||||||
|
+ // 2001:db8:85a3::8a2e:370:7334
|
||||||
|
+ { 0x20, 0x01, 0x0d, 0xb8, 0x85, 0xa3, 0x00, 0x00, 0x00, 0x00, 0x8a, 0x2e, 0x03, 0x70, 0x73, 0x34 },
|
||||||
|
+ // fe80::d478:91c3:ecd7:4ff9
|
||||||
|
+ { 0xfe, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xd4, 0x78, 0x91, 0xc3, 0xec, 0xd7, 0x4f, 0xf9 }
|
||||||
|
+ };
|
||||||
|
+
|
||||||
|
+ CopyMem (Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->Data, &addresses, sizeof (addresses));
|
||||||
|
+
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen = NTOHS (sizeof (addresses));
|
||||||
|
+
|
||||||
|
+ Private.DnsServer = NULL;
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcCacheDnsServerAddresses (&(PxeBcCacheDnsServerAddressesTest::Private), Cache6), EFI_SUCCESS);
|
||||||
|
+
|
||||||
|
+ ASSERT_NE (Private.DnsServer, nullptr);
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // This is expected to fail until DnsServer supports multiple DNS servers
|
||||||
|
+ //
|
||||||
|
+ // This is tracked in https://bugzilla.tianocore.org/show_bug.cgi?id=1886
|
||||||
|
+ //
|
||||||
|
+ // Disabling:
|
||||||
|
+ // ASSERT_EQ (CompareMem(Private.DnsServer, &addresses, sizeof(addresses)), 0);
|
||||||
|
+
|
||||||
|
+ if (Private.DnsServer) {
|
||||||
|
+ FreePool (Private.DnsServer);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..b17c314791
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||||
|
@@ -0,0 +1,50 @@
|
||||||
|
+/** @file
|
||||||
|
+ This file exposes the internal interfaces which may be unit tested
|
||||||
|
+ for the PxeBcDhcp6Dxe driver.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+
|
||||||
|
+#ifndef PXE_BC_DHCP6_GOOGLE_TEST_H_
|
||||||
|
+#define PXE_BC_DHCP6_GOOGLE_TEST_H_
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// Minimal includes needed to compile
|
||||||
|
+//
|
||||||
|
+#include <Uefi.h>
|
||||||
|
+#include "../PxeBcImpl.h"
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Handle the DHCPv6 offer packet.
|
||||||
|
+
|
||||||
|
+ @param[in] Private The pointer to PXEBC_PRIVATE_DATA.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Handled the DHCPv6 offer packet successfully.
|
||||||
|
+ @retval EFI_NO_RESPONSE No response to the following request packet.
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
|
||||||
|
+ @retval EFI_BUFFER_TOO_SMALL Can't cache the offer pacet.
|
||||||
|
+
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+PxeBcHandleDhcp6Offer (
|
||||||
|
+ IN PXEBC_PRIVATE_DATA *Private
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Cache the DHCPv6 Server address
|
||||||
|
+
|
||||||
|
+ @param[in] Private The pointer to PXEBC_PRIVATE_DATA.
|
||||||
|
+ @param[in] Cache6 The pointer to PXEBC_DHCP6_PACKET_CACHE.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Cache the DHCPv6 Server address successfully.
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
|
||||||
|
+ @retval EFI_DEVICE_ERROR Failed to cache the DHCPv6 Server address.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+PxeBcCacheDnsServerAddresses (
|
||||||
|
+ IN PXEBC_PRIVATE_DATA *Private,
|
||||||
|
+ IN PXEBC_DHCP6_PACKET_CACHE *Cache6
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+#endif // PXE_BC_DHCP6_GOOGLE_TEST_H_
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.cpp b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.cpp
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..cc4fdf525b
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.cpp
|
||||||
|
@@ -0,0 +1,19 @@
|
||||||
|
+/** @file
|
||||||
|
+ Acts as the main entry point for the tests for the UefiPxeBcDxe module.
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+#include <gtest/gtest.h>
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Run the tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////////////
|
||||||
|
+int
|
||||||
|
+main (
|
||||||
|
+ int argc,
|
||||||
|
+ char *argv[]
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ testing::InitGoogleTest (&argc, argv);
|
||||||
|
+ return RUN_ALL_TESTS ();
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..301dcdf611
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
|
||||||
|
@@ -0,0 +1,48 @@
|
||||||
|
+## @file
|
||||||
|
+# Unit test suite for the UefiPxeBcDxe using Google Test
|
||||||
|
+#
|
||||||
|
+# Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+##
|
||||||
|
+[Defines]
|
||||||
|
+INF_VERSION = 0x00010005
|
||||||
|
+BASE_NAME = UefiPxeBcDxeGoogleTest
|
||||||
|
+FILE_GUID = 77D45C64-EC1E-4174-887B-886E89FD1EDF
|
||||||
|
+MODULE_TYPE = HOST_APPLICATION
|
||||||
|
+VERSION_STRING = 1.0
|
||||||
|
+
|
||||||
|
+#
|
||||||
|
+# The following information is for reference only and not required by the build tools.
|
||||||
|
+#
|
||||||
|
+# VALID_ARCHITECTURES = IA32 X64
|
||||||
|
+#
|
||||||
|
+
|
||||||
|
+[Sources]
|
||||||
|
+ UefiPxeBcDxeGoogleTest.cpp
|
||||||
|
+ PxeBcDhcp6GoogleTest.cpp
|
||||||
|
+ PxeBcDhcp6GoogleTest.h
|
||||||
|
+ ../PxeBcDhcp6.c
|
||||||
|
+ ../PxeBcSupport.c
|
||||||
|
+
|
||||||
|
+[Packages]
|
||||||
|
+ MdePkg/MdePkg.dec
|
||||||
|
+ MdeModulePkg/MdeModulePkg.dec
|
||||||
|
+ UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||||
|
+ NetworkPkg/NetworkPkg.dec
|
||||||
|
+
|
||||||
|
+[LibraryClasses]
|
||||||
|
+ GoogleTestLib
|
||||||
|
+ DebugLib
|
||||||
|
+ NetLib
|
||||||
|
+ PcdLib
|
||||||
|
+
|
||||||
|
+[Protocols]
|
||||||
|
+ gEfiDhcp6ServiceBindingProtocolGuid
|
||||||
|
+ gEfiDns6ServiceBindingProtocolGuid
|
||||||
|
+ gEfiDns6ProtocolGuid
|
||||||
|
+
|
||||||
|
+[Pcd]
|
||||||
|
+ gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType
|
||||||
|
+
|
||||||
|
+[Guids]
|
||||||
|
+ gZeroGuid
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,257 @@
|
|||||||
|
From b57bd437db8cff7b7a206e3cd694b7821014ba53 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 12/18] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235
|
||||||
|
Patch
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [12/18] 310a770792d1a81dbf54ee372f926541309492e8
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21853
|
||||||
|
CVE: CVE-2022-45235
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit fac297724e6cc343430cd0104e55cd7a96d1151e
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:55 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235 Patch
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4540
|
||||||
|
|
||||||
|
Bug Details:
|
||||||
|
PixieFail Bug #7
|
||||||
|
CVE-2023-45235
|
||||||
|
CVSS 8.3 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
|
||||||
|
CWE-119 Improper Restriction of Operations within the Bounds of
|
||||||
|
a Memory Buffer
|
||||||
|
|
||||||
|
Buffer overflow when handling Server ID option from a DHCPv6 proxy
|
||||||
|
Advertise message
|
||||||
|
|
||||||
|
Change Overview:
|
||||||
|
|
||||||
|
Performs two checks
|
||||||
|
|
||||||
|
1. Checks that the length of the duid is accurate
|
||||||
|
> + //
|
||||||
|
> + // Check that the minimum and maximum requirements are met
|
||||||
|
> + //
|
||||||
|
> + if ((OpLen < PXEBC_MIN_SIZE_OF_DUID) ||
|
||||||
|
(OpLen > PXEBC_MAX_SIZE_OF_DUID)) {
|
||||||
|
> + Status = EFI_INVALID_PARAMETER;
|
||||||
|
> + goto ON_ERROR;
|
||||||
|
> + }
|
||||||
|
|
||||||
|
2. Ensures that the amount of data written to the buffer is tracked and
|
||||||
|
never exceeds that
|
||||||
|
> + //
|
||||||
|
> + // Check that the option length is valid.
|
||||||
|
> + //
|
||||||
|
> + if ((DiscoverLen + OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN)
|
||||||
|
> DiscoverLenNeeded) {
|
||||||
|
> + Status = EFI_OUT_OF_RESOURCES;
|
||||||
|
> + goto ON_ERROR;
|
||||||
|
> + }
|
||||||
|
|
||||||
|
Additional code clean up and fix for memory leak in case Option was NULL
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c | 77 ++++++++++++++++++++++------
|
||||||
|
NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h | 17 ++++++
|
||||||
|
2 files changed, 78 insertions(+), 16 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
index 2b2d372889..7fd1281c11 100644
|
||||||
|
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
@@ -887,6 +887,7 @@ PxeBcRequestBootService (
|
||||||
|
EFI_STATUS Status;
|
||||||
|
EFI_DHCP6_PACKET *IndexOffer;
|
||||||
|
UINT8 *Option;
|
||||||
|
+ UINTN DiscoverLenNeeded;
|
||||||
|
|
||||||
|
PxeBc = &Private->PxeBc;
|
||||||
|
Request = Private->Dhcp6Request;
|
||||||
|
@@ -899,7 +900,8 @@ PxeBcRequestBootService (
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
- Discover = AllocateZeroPool (sizeof (EFI_PXE_BASE_CODE_DHCPV6_PACKET));
|
||||||
|
+ DiscoverLenNeeded = sizeof (EFI_PXE_BASE_CODE_DHCPV6_PACKET);
|
||||||
|
+ Discover = AllocateZeroPool (DiscoverLenNeeded);
|
||||||
|
if (Discover == NULL) {
|
||||||
|
return EFI_OUT_OF_RESOURCES;
|
||||||
|
}
|
||||||
|
@@ -924,16 +926,34 @@ PxeBcRequestBootService (
|
||||||
|
DHCP6_OPT_SERVER_ID
|
||||||
|
);
|
||||||
|
if (Option == NULL) {
|
||||||
|
- return EFI_NOT_FOUND;
|
||||||
|
+ Status = EFI_NOT_FOUND;
|
||||||
|
+ goto ON_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Add Server ID Option.
|
||||||
|
//
|
||||||
|
OpLen = NTOHS (((EFI_DHCP6_PACKET_OPTION *)Option)->OpLen);
|
||||||
|
- CopyMem (DiscoverOpt, Option, OpLen + 4);
|
||||||
|
- DiscoverOpt += (OpLen + 4);
|
||||||
|
- DiscoverLen += (OpLen + 4);
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Check that the minimum and maximum requirements are met
|
||||||
|
+ //
|
||||||
|
+ if ((OpLen < PXEBC_MIN_SIZE_OF_DUID) || (OpLen > PXEBC_MAX_SIZE_OF_DUID)) {
|
||||||
|
+ Status = EFI_INVALID_PARAMETER;
|
||||||
|
+ goto ON_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Check that the option length is valid.
|
||||||
|
+ //
|
||||||
|
+ if ((DiscoverLen + OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN) > DiscoverLenNeeded) {
|
||||||
|
+ Status = EFI_OUT_OF_RESOURCES;
|
||||||
|
+ goto ON_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ CopyMem (DiscoverOpt, Option, OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ DiscoverOpt += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ DiscoverLen += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
}
|
||||||
|
|
||||||
|
while (RequestLen < Request->Length) {
|
||||||
|
@@ -944,16 +964,24 @@ PxeBcRequestBootService (
|
||||||
|
(OpCode != DHCP6_OPT_SERVER_ID)
|
||||||
|
)
|
||||||
|
{
|
||||||
|
+ //
|
||||||
|
+ // Check that the option length is valid.
|
||||||
|
+ //
|
||||||
|
+ if (DiscoverLen + OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN > DiscoverLenNeeded) {
|
||||||
|
+ Status = EFI_OUT_OF_RESOURCES;
|
||||||
|
+ goto ON_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Copy all the options except IA option and Server ID
|
||||||
|
//
|
||||||
|
- CopyMem (DiscoverOpt, RequestOpt, OpLen + 4);
|
||||||
|
- DiscoverOpt += (OpLen + 4);
|
||||||
|
- DiscoverLen += (OpLen + 4);
|
||||||
|
+ CopyMem (DiscoverOpt, RequestOpt, OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ DiscoverOpt += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ DiscoverLen += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
}
|
||||||
|
|
||||||
|
- RequestOpt += (OpLen + 4);
|
||||||
|
- RequestLen += (OpLen + 4);
|
||||||
|
+ RequestOpt += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ RequestLen += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
@@ -2154,6 +2182,7 @@ PxeBcDhcp6Discover (
|
||||||
|
UINT16 OpLen;
|
||||||
|
UINT32 Xid;
|
||||||
|
EFI_STATUS Status;
|
||||||
|
+ UINTN DiscoverLenNeeded;
|
||||||
|
|
||||||
|
PxeBc = &Private->PxeBc;
|
||||||
|
Mode = PxeBc->Mode;
|
||||||
|
@@ -2169,7 +2198,8 @@ PxeBcDhcp6Discover (
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
- Discover = AllocateZeroPool (sizeof (EFI_PXE_BASE_CODE_DHCPV6_PACKET));
|
||||||
|
+ DiscoverLenNeeded = sizeof (EFI_PXE_BASE_CODE_DHCPV6_PACKET);
|
||||||
|
+ Discover = AllocateZeroPool (DiscoverLenNeeded);
|
||||||
|
if (Discover == NULL) {
|
||||||
|
return EFI_OUT_OF_RESOURCES;
|
||||||
|
}
|
||||||
|
@@ -2185,22 +2215,37 @@ PxeBcDhcp6Discover (
|
||||||
|
DiscoverLen = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
RequestLen = DiscoverLen;
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // The request packet is generated by the UEFI network stack. In the DHCP4 DORA and DHCP6 SARR sequence,
|
||||||
|
+ // the first (discover in DHCP4 and solicit in DHCP6) and third (request in both DHCP4 and DHCP6) are
|
||||||
|
+ // generated by the DHCP client (the UEFI network stack in this case). By the time this function executes,
|
||||||
|
+ // the DHCP sequence already has been executed once (see UEFI Specification Figures 24.2 and 24.3), with
|
||||||
|
+ // Private->Dhcp6Request being a cached copy of the DHCP6 request packet that UEFI network stack previously
|
||||||
|
+ // generated and sent.
|
||||||
|
+ //
|
||||||
|
+ // Therefore while this code looks like it could overflow, in practice it's not possible.
|
||||||
|
+ //
|
||||||
|
while (RequestLen < Request->Length) {
|
||||||
|
OpCode = NTOHS (((EFI_DHCP6_PACKET_OPTION *)RequestOpt)->OpCode);
|
||||||
|
OpLen = NTOHS (((EFI_DHCP6_PACKET_OPTION *)RequestOpt)->OpLen);
|
||||||
|
if ((OpCode != EFI_DHCP6_IA_TYPE_NA) &&
|
||||||
|
(OpCode != EFI_DHCP6_IA_TYPE_TA))
|
||||||
|
{
|
||||||
|
+ if (DiscoverLen + OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN > DiscoverLenNeeded) {
|
||||||
|
+ Status = EFI_OUT_OF_RESOURCES;
|
||||||
|
+ goto ON_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Copy all the options except IA option.
|
||||||
|
//
|
||||||
|
- CopyMem (DiscoverOpt, RequestOpt, OpLen + 4);
|
||||||
|
- DiscoverOpt += (OpLen + 4);
|
||||||
|
- DiscoverLen += (OpLen + 4);
|
||||||
|
+ CopyMem (DiscoverOpt, RequestOpt, OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ DiscoverOpt += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ DiscoverLen += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
}
|
||||||
|
|
||||||
|
- RequestOpt += (OpLen + 4);
|
||||||
|
- RequestLen += (OpLen + 4);
|
||||||
|
+ RequestOpt += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ RequestLen += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
}
|
||||||
|
|
||||||
|
Status = PxeBc->UdpWrite (
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h
|
||||||
|
index c86f6d391b..6357d27fae 100644
|
||||||
|
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h
|
||||||
|
@@ -34,6 +34,23 @@
|
||||||
|
#define PXEBC_ADDR_START_DELIMITER '['
|
||||||
|
#define PXEBC_ADDR_END_DELIMITER ']'
|
||||||
|
|
||||||
|
+//
|
||||||
|
+// A DUID consists of a 2-octet type code represented in network byte
|
||||||
|
+// order, followed by a variable number of octets that make up the
|
||||||
|
+// actual identifier. The length of the DUID (not including the type
|
||||||
|
+// code) is at least 1 octet and at most 128 octets.
|
||||||
|
+//
|
||||||
|
+#define PXEBC_MIN_SIZE_OF_DUID (sizeof(UINT16) + 1)
|
||||||
|
+#define PXEBC_MAX_SIZE_OF_DUID (sizeof(UINT16) + 128)
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// This define represents the combineds code and length field from
|
||||||
|
+// https://datatracker.ietf.org/doc/html/rfc3315#section-22.1
|
||||||
|
+//
|
||||||
|
+#define PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN \
|
||||||
|
+ (sizeof (((EFI_DHCP6_PACKET_OPTION *)0)->OpCode) + \
|
||||||
|
+ sizeof (((EFI_DHCP6_PACKET_OPTION *)0)->OpLen))
|
||||||
|
+
|
||||||
|
#define GET_NEXT_DHCP6_OPTION(Opt) \
|
||||||
|
(EFI_DHCP6_PACKET_OPTION *) ((UINT8 *) (Opt) + \
|
||||||
|
sizeof (EFI_DHCP6_PACKET_OPTION) + (NTOHS ((Opt)->OpLen)) - 1)
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,409 @@
|
|||||||
|
From 59b9d468ebf6be2a5c53d7979c12040f9b41c2c2 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 13/18] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235
|
||||||
|
Unit Tests
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [13/18] 074410155526b2ee2a74cf161ea46385932da059
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21853
|
||||||
|
CVE: CVE-2022-45235
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit ff2986358f75d8f58ef08a66fe673539c9c48f41
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:56 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235 Unit Tests
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4540
|
||||||
|
|
||||||
|
Unit tests to confirm that the bug..
|
||||||
|
|
||||||
|
Buffer overflow when handling Server ID option from a DHCPv6 proxy
|
||||||
|
Advertise message
|
||||||
|
|
||||||
|
..has been patched.
|
||||||
|
|
||||||
|
This patch contains unit tests for the following functions:
|
||||||
|
PxeBcRequestBootService
|
||||||
|
PxeBcDhcp6Discover
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Test/NetworkPkgHostTest.dsc | 5 +-
|
||||||
|
.../GoogleTest/PxeBcDhcp6GoogleTest.cpp | 278 +++++++++++++++++-
|
||||||
|
.../GoogleTest/PxeBcDhcp6GoogleTest.h | 18 ++
|
||||||
|
3 files changed, 298 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
index a0273c4310..fa301a7a52 100644
|
||||||
|
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
@@ -27,7 +27,10 @@
|
||||||
|
#
|
||||||
|
NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
- NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
|
||||||
|
+ NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf {
|
||||||
|
+ <LibraryClasses>
|
||||||
|
+ UefiRuntimeServicesTableLib|MdePkg/Test/Mock/Library/GoogleTest/MockUefiRuntimeServicesTableLib/MockUefiRuntimeServicesTableLib.inf
|
||||||
|
+ }
|
||||||
|
|
||||||
|
# Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests.
|
||||||
|
[LibraryClasses]
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||||
|
index 8260eeee50..bd423ebadf 100644
|
||||||
|
--- a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||||
|
@@ -4,7 +4,9 @@
|
||||||
|
Copyright (c) Microsoft Corporation
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
**/
|
||||||
|
-#include <gtest/gtest.h>
|
||||||
|
+#include <Library/GoogleTestLib.h>
|
||||||
|
+#include <GoogleTest/Library/MockUefiLib.h>
|
||||||
|
+#include <GoogleTest/Library/MockUefiRuntimeServicesTableLib.h>
|
||||||
|
|
||||||
|
extern "C" {
|
||||||
|
#include <Uefi.h>
|
||||||
|
@@ -19,7 +21,8 @@ extern "C" {
|
||||||
|
// Definitions
|
||||||
|
///////////////////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
|
-#define PACKET_SIZE (1500)
|
||||||
|
+#define PACKET_SIZE (1500)
|
||||||
|
+#define REQUEST_OPTION_LENGTH (120)
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
UINT16 OptionCode; // The option code for DHCP6_OPT_SERVER_ID (e.g., 0x03)
|
||||||
|
@@ -76,6 +79,26 @@ MockConfigure (
|
||||||
|
}
|
||||||
|
|
||||||
|
// Needed by PxeBcSupport
|
||||||
|
+EFI_STATUS
|
||||||
|
+PxeBcDns6 (
|
||||||
|
+ IN PXEBC_PRIVATE_DATA *Private,
|
||||||
|
+ IN CHAR16 *HostName,
|
||||||
|
+ OUT EFI_IPv6_ADDRESS *IpAddress
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+UINT32
|
||||||
|
+PxeBcBuildDhcp6Options (
|
||||||
|
+ IN PXEBC_PRIVATE_DATA *Private,
|
||||||
|
+ OUT EFI_DHCP6_PACKET_OPTION **OptList,
|
||||||
|
+ IN UINT8 *Buffer
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
EFI_STATUS
|
||||||
|
EFIAPI
|
||||||
|
QueueDpc (
|
||||||
|
@@ -159,6 +182,10 @@ TEST_F (PxeBcHandleDhcp6OfferTest, BasicUsageTest) {
|
||||||
|
ASSERT_EQ (PxeBcHandleDhcp6Offer (&(PxeBcHandleDhcp6OfferTest::Private)), EFI_DEVICE_ERROR);
|
||||||
|
}
|
||||||
|
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// PxeBcCacheDnsServerAddresses Tests
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
class PxeBcCacheDnsServerAddressesTest : public ::testing::Test {
|
||||||
|
public:
|
||||||
|
PXEBC_PRIVATE_DATA Private = { 0 };
|
||||||
|
@@ -298,3 +325,250 @@ TEST_F (PxeBcCacheDnsServerAddressesTest, MultipleDnsEntries) {
|
||||||
|
FreePool (Private.DnsServer);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// PxeBcRequestBootServiceTest Test Cases
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+class PxeBcRequestBootServiceTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ PXEBC_PRIVATE_DATA Private = { 0 };
|
||||||
|
+ EFI_UDP6_PROTOCOL Udp6Read;
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ Private.Dhcp6Request = (EFI_DHCP6_PACKET *)AllocateZeroPool (PACKET_SIZE);
|
||||||
|
+
|
||||||
|
+ // Need to setup the EFI_PXE_BASE_CODE_PROTOCOL
|
||||||
|
+ // The function under test really only needs the following:
|
||||||
|
+ // UdpWrite
|
||||||
|
+ // UdpRead
|
||||||
|
+
|
||||||
|
+ Private.PxeBc.UdpWrite = (EFI_PXE_BASE_CODE_UDP_WRITE)MockUdpWrite;
|
||||||
|
+ Private.PxeBc.UdpRead = (EFI_PXE_BASE_CODE_UDP_READ)MockUdpRead;
|
||||||
|
+
|
||||||
|
+ // Need to setup EFI_UDP6_PROTOCOL
|
||||||
|
+ // The function under test really only needs the following:
|
||||||
|
+ // Configure
|
||||||
|
+
|
||||||
|
+ Udp6Read.Configure = (EFI_UDP6_CONFIGURE)MockConfigure;
|
||||||
|
+ Private.Udp6Read = &Udp6Read;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ if (Private.Dhcp6Request != NULL) {
|
||||||
|
+ FreePool (Private.Dhcp6Request);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+TEST_F (PxeBcRequestBootServiceTest, ServerDiscoverBasicUsageTest) {
|
||||||
|
+ PxeBcRequestBootServiceTest::Private.OfferBuffer[0].Dhcp6.OfferType = PxeOfferTypeProxyBinl;
|
||||||
|
+
|
||||||
|
+ DHCP6_OPTION_SERVER_ID Server = { 0 };
|
||||||
|
+
|
||||||
|
+ Server.OptionCode = HTONS (DHCP6_OPT_SERVER_ID);
|
||||||
|
+ Server.OptionLen = HTONS (16); // valid length
|
||||||
|
+ UINT8 Index = 0;
|
||||||
|
+
|
||||||
|
+ EFI_DHCP6_PACKET *Packet = (EFI_DHCP6_PACKET *)&Private.OfferBuffer[Index].Dhcp6.Packet.Offer;
|
||||||
|
+
|
||||||
|
+ UINT8 *Cursor = (UINT8 *)(Packet->Dhcp6.Option);
|
||||||
|
+
|
||||||
|
+ CopyMem (Cursor, &Server, sizeof (Server));
|
||||||
|
+ Cursor += sizeof (Server);
|
||||||
|
+
|
||||||
|
+ // Update the packet length
|
||||||
|
+ Packet->Length = (UINT16)(Cursor - (UINT8 *)Packet);
|
||||||
|
+ Packet->Size = PACKET_SIZE;
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcRequestBootService (&(PxeBcRequestBootServiceTest::Private), Index), EFI_SUCCESS);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+TEST_F (PxeBcRequestBootServiceTest, AttemptDiscoverOverFlowExpectFailure) {
|
||||||
|
+ PxeBcRequestBootServiceTest::Private.OfferBuffer[0].Dhcp6.OfferType = PxeOfferTypeProxyBinl;
|
||||||
|
+
|
||||||
|
+ DHCP6_OPTION_SERVER_ID Server = { 0 };
|
||||||
|
+
|
||||||
|
+ Server.OptionCode = HTONS (DHCP6_OPT_SERVER_ID);
|
||||||
|
+ Server.OptionLen = HTONS (1500); // This length would overflow without a check
|
||||||
|
+ UINT8 Index = 0;
|
||||||
|
+
|
||||||
|
+ EFI_DHCP6_PACKET *Packet = (EFI_DHCP6_PACKET *)&Private.OfferBuffer[Index].Dhcp6.Packet.Offer;
|
||||||
|
+
|
||||||
|
+ UINT8 *Cursor = (UINT8 *)(Packet->Dhcp6.Option);
|
||||||
|
+
|
||||||
|
+ CopyMem (Cursor, &Server, sizeof (Server));
|
||||||
|
+ Cursor += sizeof (Server);
|
||||||
|
+
|
||||||
|
+ // Update the packet length
|
||||||
|
+ Packet->Length = (UINT16)(Cursor - (UINT8 *)Packet);
|
||||||
|
+ Packet->Size = PACKET_SIZE;
|
||||||
|
+
|
||||||
|
+ // This is going to be stopped by the duid overflow check
|
||||||
|
+ ASSERT_EQ (PxeBcRequestBootService (&(PxeBcRequestBootServiceTest::Private), Index), EFI_INVALID_PARAMETER);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+TEST_F (PxeBcRequestBootServiceTest, RequestBasicUsageTest) {
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION RequestOpt = { 0 }; // the data section doesn't really matter
|
||||||
|
+
|
||||||
|
+ RequestOpt.OpCode = HTONS (0x1337);
|
||||||
|
+ RequestOpt.OpLen = 0; // valid length
|
||||||
|
+
|
||||||
|
+ UINT8 Index = 0;
|
||||||
|
+
|
||||||
|
+ EFI_DHCP6_PACKET *Packet = (EFI_DHCP6_PACKET *)&Private.Dhcp6Request[Index];
|
||||||
|
+
|
||||||
|
+ UINT8 *Cursor = (UINT8 *)(Packet->Dhcp6.Option);
|
||||||
|
+
|
||||||
|
+ CopyMem (Cursor, &RequestOpt, sizeof (RequestOpt));
|
||||||
|
+ Cursor += sizeof (RequestOpt);
|
||||||
|
+
|
||||||
|
+ // Update the packet length
|
||||||
|
+ Packet->Length = (UINT16)(Cursor - (UINT8 *)Packet);
|
||||||
|
+ Packet->Size = PACKET_SIZE;
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcRequestBootService (&(PxeBcRequestBootServiceTest::Private), Index), EFI_SUCCESS);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+TEST_F (PxeBcRequestBootServiceTest, AttemptRequestOverFlowExpectFailure) {
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION RequestOpt = { 0 }; // the data section doesn't really matter
|
||||||
|
+
|
||||||
|
+ RequestOpt.OpCode = HTONS (0x1337);
|
||||||
|
+ RequestOpt.OpLen = 1500; // this length would overflow without a check
|
||||||
|
+
|
||||||
|
+ UINT8 Index = 0;
|
||||||
|
+
|
||||||
|
+ EFI_DHCP6_PACKET *Packet = (EFI_DHCP6_PACKET *)&Private.Dhcp6Request[Index];
|
||||||
|
+
|
||||||
|
+ UINT8 *Cursor = (UINT8 *)(Packet->Dhcp6.Option);
|
||||||
|
+
|
||||||
|
+ CopyMem (Cursor, &RequestOpt, sizeof (RequestOpt));
|
||||||
|
+ Cursor += sizeof (RequestOpt);
|
||||||
|
+
|
||||||
|
+ // Update the packet length
|
||||||
|
+ Packet->Length = (UINT16)(Cursor - (UINT8 *)Packet);
|
||||||
|
+ Packet->Size = PACKET_SIZE;
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcRequestBootService (&(PxeBcRequestBootServiceTest::Private), Index), EFI_OUT_OF_RESOURCES);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// PxeBcDhcp6Discover Test
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+class PxeBcDhcp6DiscoverTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ PXEBC_PRIVATE_DATA Private = { 0 };
|
||||||
|
+ EFI_UDP6_PROTOCOL Udp6Read;
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ MockUefiRuntimeServicesTableLib RtServicesMock;
|
||||||
|
+
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ Private.Dhcp6Request = (EFI_DHCP6_PACKET *)AllocateZeroPool (PACKET_SIZE);
|
||||||
|
+
|
||||||
|
+ // Need to setup the EFI_PXE_BASE_CODE_PROTOCOL
|
||||||
|
+ // The function under test really only needs the following:
|
||||||
|
+ // UdpWrite
|
||||||
|
+ // UdpRead
|
||||||
|
+
|
||||||
|
+ Private.PxeBc.UdpWrite = (EFI_PXE_BASE_CODE_UDP_WRITE)MockUdpWrite;
|
||||||
|
+ Private.PxeBc.UdpRead = (EFI_PXE_BASE_CODE_UDP_READ)MockUdpRead;
|
||||||
|
+
|
||||||
|
+ // Need to setup EFI_UDP6_PROTOCOL
|
||||||
|
+ // The function under test really only needs the following:
|
||||||
|
+ // Configure
|
||||||
|
+
|
||||||
|
+ Udp6Read.Configure = (EFI_UDP6_CONFIGURE)MockConfigure;
|
||||||
|
+ Private.Udp6Read = &Udp6Read;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ if (Private.Dhcp6Request != NULL) {
|
||||||
|
+ FreePool (Private.Dhcp6Request);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// This will cause an overflow by an untrusted packet during the option parsing
|
||||||
|
+TEST_F (PxeBcDhcp6DiscoverTest, BasicOverflowTest) {
|
||||||
|
+ EFI_IPv6_ADDRESS DestIp = { 0 };
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION RequestOpt = { 0 }; // the data section doesn't really matter
|
||||||
|
+
|
||||||
|
+ RequestOpt.OpCode = HTONS (0x1337);
|
||||||
|
+ RequestOpt.OpLen = HTONS (0xFFFF); // overflow
|
||||||
|
+
|
||||||
|
+ UINT8 *Cursor = (UINT8 *)(Private.Dhcp6Request->Dhcp6.Option);
|
||||||
|
+
|
||||||
|
+ CopyMem (Cursor, &RequestOpt, sizeof (RequestOpt));
|
||||||
|
+ Cursor += sizeof (RequestOpt);
|
||||||
|
+
|
||||||
|
+ Private.Dhcp6Request->Length = (UINT16)(Cursor - (UINT8 *)Private.Dhcp6Request);
|
||||||
|
+
|
||||||
|
+ EXPECT_CALL (RtServicesMock, gRT_GetTime)
|
||||||
|
+ .WillOnce (::testing::Return (0));
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (
|
||||||
|
+ PxeBcDhcp6Discover (
|
||||||
|
+ &(PxeBcDhcp6DiscoverTest::Private),
|
||||||
|
+ 0,
|
||||||
|
+ NULL,
|
||||||
|
+ FALSE,
|
||||||
|
+ (EFI_IP_ADDRESS *)&DestIp
|
||||||
|
+ ),
|
||||||
|
+ EFI_OUT_OF_RESOURCES
|
||||||
|
+ );
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// This will test that we can handle a packet with a valid option length
|
||||||
|
+TEST_F (PxeBcDhcp6DiscoverTest, BasicUsageTest) {
|
||||||
|
+ EFI_IPv6_ADDRESS DestIp = { 0 };
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION RequestOpt = { 0 }; // the data section doesn't really matter
|
||||||
|
+
|
||||||
|
+ RequestOpt.OpCode = HTONS (0x1337);
|
||||||
|
+ RequestOpt.OpLen = HTONS (0x30);
|
||||||
|
+
|
||||||
|
+ UINT8 *Cursor = (UINT8 *)(Private.Dhcp6Request->Dhcp6.Option);
|
||||||
|
+
|
||||||
|
+ CopyMem (Cursor, &RequestOpt, sizeof (RequestOpt));
|
||||||
|
+ Cursor += sizeof (RequestOpt);
|
||||||
|
+
|
||||||
|
+ Private.Dhcp6Request->Length = (UINT16)(Cursor - (UINT8 *)Private.Dhcp6Request);
|
||||||
|
+
|
||||||
|
+ EXPECT_CALL (RtServicesMock, gRT_GetTime)
|
||||||
|
+ .WillOnce (::testing::Return (0));
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (
|
||||||
|
+ PxeBcDhcp6Discover (
|
||||||
|
+ &(PxeBcDhcp6DiscoverTest::Private),
|
||||||
|
+ 0,
|
||||||
|
+ NULL,
|
||||||
|
+ FALSE,
|
||||||
|
+ (EFI_IP_ADDRESS *)&DestIp
|
||||||
|
+ ),
|
||||||
|
+ EFI_SUCCESS
|
||||||
|
+ );
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||||
|
index b17c314791..0d825e4425 100644
|
||||||
|
--- a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||||
|
@@ -47,4 +47,22 @@ PxeBcCacheDnsServerAddresses (
|
||||||
|
IN PXEBC_DHCP6_PACKET_CACHE *Cache6
|
||||||
|
);
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ Build and send out the request packet for the bootfile, and parse the reply.
|
||||||
|
+
|
||||||
|
+ @param[in] Private The pointer to PxeBc private data.
|
||||||
|
+ @param[in] Index PxeBc option boot item type.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Successfully discovered the boot file.
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
|
||||||
|
+ @retval EFI_NOT_FOUND Can't get the PXE reply packet.
|
||||||
|
+ @retval Others Failed to discover the boot file.
|
||||||
|
+
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+PxeBcRequestBootService (
|
||||||
|
+ IN PXEBC_PRIVATE_DATA *Private,
|
||||||
|
+ IN UINT32 Index
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
#endif // PXE_BC_DHCP6_GOOGLE_TEST_H_
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,51 @@
|
|||||||
|
From ababd8837103d4e504cc5d044a13fb9516543795 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 18/18] NetworkPkg: : Updating SecurityFixes.yaml
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||||
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [18/18] e77d4ea79359b99e7d1073251d67909c2bfdb879
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21841
|
||||||
|
CVE: CVE-2023-45229
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 5fd3078a2e08f607dc86a16c1b184b6e30a34a49
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Tue Feb 13 10:46:03 2024 -0800
|
||||||
|
|
||||||
|
NetworkPkg: : Updating SecurityFixes.yaml
|
||||||
|
|
||||||
|
This captures the related security change for Dhcp6Dxe that is related
|
||||||
|
to CVE-2023-45229
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/SecurityFixes.yaml | 1 +
|
||||||
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/SecurityFixes.yaml b/NetworkPkg/SecurityFixes.yaml
|
||||||
|
index 7e900483fe..fa42025e0d 100644
|
||||||
|
--- a/NetworkPkg/SecurityFixes.yaml
|
||||||
|
+++ b/NetworkPkg/SecurityFixes.yaml
|
||||||
|
@@ -8,6 +8,7 @@ CVE_2023_45229:
|
||||||
|
commit_titles:
|
||||||
|
- "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Patch"
|
||||||
|
- "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Related Patch"
|
||||||
|
cve: CVE-2023-45229
|
||||||
|
date_reported: 2023-08-28 13:56 UTC
|
||||||
|
description: "Bug 01 - edk2/NetworkPkg: Out-of-bounds read when processing IA_NA/IA_TA options in a DHCPv6 Advertise message"
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,201 @@
|
|||||||
|
From 1b48c27469c9867c69e6f2b35aa7cd5562b5cf39 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Wed, 8 May 2024 22:56:24 -0700
|
||||||
|
Subject: [PATCH 1/3] OvmfPkg: Add Hash2DxeCrypto to OvmfPkg
|
||||||
|
|
||||||
|
RH-Author: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-MergeRequest: 79: OvmfPkg: Add Hash2DxeCrypto to OvmfPkg
|
||||||
|
RH-Jira: RHEL-46976
|
||||||
|
RH-Commit: [1/1] 71f16261937c2fe2ff6fa434db6f300ff7f4fef0
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-46976
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
Upstream commit 4c4ceb2ceb80 ("NetworkPkg: SECURITY PATCH CVE-2023-45237")
|
||||||
|
broke HTTP boot in OVMF. This fixes it.
|
||||||
|
|
||||||
|
commit cb9d71189134e78efb00759eb9649ce92bf5b29a
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Wed May 8 22:56:24 2024 -0700
|
||||||
|
|
||||||
|
OvmfPkg: Add Hash2DxeCrypto to OvmfPkg
|
||||||
|
|
||||||
|
This patch adds Hash2DxeCrypto to OvmfPkg. The Hash2DxeCrypto is
|
||||||
|
used to provide the hashing protocol services.
|
||||||
|
|
||||||
|
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
|
||||||
|
Cc: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
Cc: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
|
||||||
|
|
||||||
|
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
---
|
||||||
|
OvmfPkg/OvmfPkgIa32.dsc | 6 +++++-
|
||||||
|
OvmfPkg/OvmfPkgIa32.fdf | 5 +++++
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.dsc | 6 +++++-
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.fdf | 5 +++++
|
||||||
|
OvmfPkg/OvmfPkgX64.dsc | 6 +++++-
|
||||||
|
OvmfPkg/OvmfPkgX64.fdf | 5 +++++
|
||||||
|
OvmfPkg/OvmfXen.dsc | 5 +++++
|
||||||
|
OvmfPkg/OvmfXen.fdf | 5 +++++
|
||||||
|
8 files changed, 40 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
index 4074aa382d..bd15bb30fe 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
@@ -226,7 +226,6 @@
|
||||||
|
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
|
||||||
|
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
|
||||||
|
|
||||||
|
-
|
||||||
|
#
|
||||||
|
# Network libraries
|
||||||
|
#
|
||||||
|
@@ -884,6 +883,11 @@
|
||||||
|
MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
||||||
|
MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
||||||
|
|
||||||
|
+ #
|
||||||
|
+ # Hash2 Protocol producer
|
||||||
|
+ #
|
||||||
|
+ SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network Support
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
index 20cfd2788e..2df265982b 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
@@ -303,6 +303,11 @@ INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
|
||||||
|
INF MdeModulePkg/Logo/LogoDxe.inf
|
||||||
|
|
||||||
|
+#
|
||||||
|
+# Hash2 Protocol producer
|
||||||
|
+#
|
||||||
|
+INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network modules
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
index 75ef19bc85..358f510ef8 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
@@ -231,7 +231,6 @@
|
||||||
|
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
|
||||||
|
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
|
||||||
|
|
||||||
|
-
|
||||||
|
#
|
||||||
|
# Network libraries
|
||||||
|
#
|
||||||
|
@@ -902,6 +901,11 @@
|
||||||
|
MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
||||||
|
MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
||||||
|
|
||||||
|
+ #
|
||||||
|
+ # Hash2 Protocol producer
|
||||||
|
+ #
|
||||||
|
+ SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network Support
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
index 8517c79ba2..4a73d67238 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
@@ -304,6 +304,11 @@ INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
|
||||||
|
INF MdeModulePkg/Logo/LogoDxe.inf
|
||||||
|
|
||||||
|
+#
|
||||||
|
+# Hash2 Protocol producer
|
||||||
|
+#
|
||||||
|
+INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network modules
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
index 631ff0c788..266d77e15c 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
@@ -247,7 +247,6 @@
|
||||||
|
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
|
||||||
|
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
|
||||||
|
|
||||||
|
-
|
||||||
|
#
|
||||||
|
# Network libraries
|
||||||
|
#
|
||||||
|
@@ -970,6 +969,11 @@
|
||||||
|
MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
||||||
|
MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
||||||
|
|
||||||
|
+ #
|
||||||
|
+ # Hash2 Protocol producer
|
||||||
|
+ #
|
||||||
|
+ SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network Support
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
index 7ecde357ce..cedc362d04 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
@@ -331,6 +331,11 @@ INF MdeModulePkg/Logo/LogoDxe.inf
|
||||||
|
|
||||||
|
INF OvmfPkg/TdxDxe/TdxDxe.inf
|
||||||
|
|
||||||
|
+#
|
||||||
|
+# Hash2 Protocol producer
|
||||||
|
+#
|
||||||
|
+INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network modules
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc
|
||||||
|
index 0063245b56..021558423d 100644
|
||||||
|
--- a/OvmfPkg/OvmfXen.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfXen.dsc
|
||||||
|
@@ -682,6 +682,11 @@
|
||||||
|
MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
||||||
|
MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
||||||
|
|
||||||
|
+ #
|
||||||
|
+ # Hash2 Protocol producer
|
||||||
|
+ #
|
||||||
|
+ SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network Support
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfXen.fdf b/OvmfPkg/OvmfXen.fdf
|
||||||
|
index bdff7c52d8..e970b91652 100644
|
||||||
|
--- a/OvmfPkg/OvmfXen.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfXen.fdf
|
||||||
|
@@ -315,6 +315,11 @@ INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
|
||||||
|
INF MdeModulePkg/Logo/LogoDxe.inf
|
||||||
|
|
||||||
|
+#
|
||||||
|
+# Hash2 Protocol producer
|
||||||
|
+#
|
||||||
|
+INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network modules
|
||||||
|
#
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,52 @@
|
|||||||
|
From 390efa52b8c2b61bcc6f24cc9f3b805798150b6e Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 9 Jan 2024 12:29:00 +0100
|
||||||
|
Subject: [PATCH 1/3] OvmfPkg/RiscVVirt: use gEfiAuthenticatedVariableGuid
|
||||||
|
unconditionally
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
ArmVirt and OVMF are doing the same.
|
||||||
|
|
||||||
|
See commit d92eaabefbe0 ("OvmfPkg: simplify VARIABLE_STORE_HEADER
|
||||||
|
generation") for details.
|
||||||
|
|
||||||
|
Suggested-by: László Érsek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Message-Id: <20240109112902.30002-2-kraxel@redhat.com>
|
||||||
|
(cherry picked from commit 3b1ddbddeee64cee5aba4f0170fbf5e4781d4879)
|
||||||
|
---
|
||||||
|
OvmfPkg/RiscVVirt/VarStore.fdf.inc | 9 +--------
|
||||||
|
1 file changed, 1 insertion(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/RiscVVirt/VarStore.fdf.inc b/OvmfPkg/RiscVVirt/VarStore.fdf.inc
|
||||||
|
index aba32315cc..6679c246b3 100644
|
||||||
|
--- a/OvmfPkg/RiscVVirt/VarStore.fdf.inc
|
||||||
|
+++ b/OvmfPkg/RiscVVirt/VarStore.fdf.inc
|
||||||
|
@@ -36,19 +36,12 @@ DATA = {
|
||||||
|
# Blockmap[1]: End
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
## This is the VARIABLE_STORE_HEADER
|
||||||
|
-!if $(SECURE_BOOT_ENABLE) == TRUE
|
||||||
|
+ # It is compatible with SECURE_BOOT_ENABLE == FALSE as well.
|
||||||
|
# Signature: gEfiAuthenticatedVariableGuid =
|
||||||
|
# { 0xaaf32c78, 0x947b, 0x439a,
|
||||||
|
# { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 }}
|
||||||
|
0x78, 0x2c, 0xf3, 0xaa, 0x7b, 0x94, 0x9a, 0x43,
|
||||||
|
0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92,
|
||||||
|
-!else
|
||||||
|
- # Signature: gEfiVariableGuid =
|
||||||
|
- # { 0xddcf3616, 0x3275, 0x4164,
|
||||||
|
- # { 0x98, 0xb6, 0xfe, 0x85, 0x70, 0x7f, 0xfe, 0x7d }}
|
||||||
|
- 0x16, 0x36, 0xcf, 0xdd, 0x75, 0x32, 0x64, 0x41,
|
||||||
|
- 0x98, 0xb6, 0xfe, 0x85, 0x70, 0x7f, 0xfe, 0x7d,
|
||||||
|
-!endif
|
||||||
|
# Size: 0x40000 (gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize) -
|
||||||
|
# 0x48 (size of EFI_FIRMWARE_VOLUME_HEADER) = 0x3FFB8
|
||||||
|
# This can speed up the Variable Dispatch a bit.
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,193 @@
|
|||||||
|
From 7b1298045185749369115719317dc92f58af92d7 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 30 Jan 2024 14:04:38 +0100
|
||||||
|
Subject: [PATCH 6/9] OvmfPkg/Sec: Setup MTRR early in the boot process.
|
||||||
|
|
||||||
|
RH-Author: Gerd Hoffmann <None>
|
||||||
|
RH-MergeRequest: 55: OvmfPkg/Sec: Setup MTRR early in the boot process.
|
||||||
|
RH-Jira: RHEL-21704
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [1/4] c4061788d34f409944898b48642d610c259161f3 (kraxel.rh/centos-src-edk2)
|
||||||
|
|
||||||
|
Specifically before running lzma uncompress of the main firmware volume.
|
||||||
|
This is needed to make sure caching is enabled, otherwise the uncompress
|
||||||
|
can be extremely slow.
|
||||||
|
|
||||||
|
Adapt the ASSERTs and MTRR setup in PlatformInitLib to the changes.
|
||||||
|
|
||||||
|
Background: Depending on virtual machine configuration kvm may uses EPT
|
||||||
|
memory types to apply guest MTRR settings. In case MTRRs are disabled
|
||||||
|
kvm will use the uncachable memory type for all mappings. The
|
||||||
|
vmx_get_mt_mask() function in the linux kernel handles this and can be
|
||||||
|
found here:
|
||||||
|
|
||||||
|
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/arch/x86/kvm/vmx/vmx.c?h=v6.7.1#n7580
|
||||||
|
|
||||||
|
In most VM configurations kvm uses MTRR_TYPE_WRBACK unconditionally. In
|
||||||
|
case the VM has a mdev device assigned that is not the case though.
|
||||||
|
|
||||||
|
Before commit e8aa4c6546ad ("UefiCpuPkg/ResetVector: Cache Disable
|
||||||
|
should not be set by default in CR0") kvm also ended up using
|
||||||
|
MTRR_TYPE_WRBACK due to KVM_X86_QUIRK_CD_NW_CLEARED. After that commit
|
||||||
|
kvm evaluates guest mtrr settings, which why setting up MTRRs early is
|
||||||
|
important now.
|
||||||
|
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Message-ID: <20240130130441.772484-2-kraxel@redhat.com>
|
||||||
|
|
||||||
|
[ kraxel: Downstream-only for now. Timely upstream merge is unlikely
|
||||||
|
due to chinese holidays and rhel-9.4 deadlines are close.
|
||||||
|
QE regression testing passed. So go with upstream posted
|
||||||
|
series v3 ]
|
||||||
|
---
|
||||||
|
OvmfPkg/IntelTdx/Sec/SecMain.c | 32 +++++++++++++++++++++
|
||||||
|
OvmfPkg/Library/PlatformInitLib/MemDetect.c | 10 +++----
|
||||||
|
OvmfPkg/Sec/SecMain.c | 32 +++++++++++++++++++++
|
||||||
|
3 files changed, 69 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/IntelTdx/Sec/SecMain.c b/OvmfPkg/IntelTdx/Sec/SecMain.c
|
||||||
|
index 42a587adfa..0daddac0a0 100644
|
||||||
|
--- a/OvmfPkg/IntelTdx/Sec/SecMain.c
|
||||||
|
+++ b/OvmfPkg/IntelTdx/Sec/SecMain.c
|
||||||
|
@@ -27,6 +27,8 @@
|
||||||
|
#include <Library/TdxHelperLib.h>
|
||||||
|
#include <Library/CcProbeLib.h>
|
||||||
|
#include <Library/PeilessStartupLib.h>
|
||||||
|
+#include <Register/Intel/ArchitecturalMsr.h>
|
||||||
|
+#include <Register/Intel/Cpuid.h>
|
||||||
|
|
||||||
|
#define SEC_IDT_ENTRY_COUNT 34
|
||||||
|
|
||||||
|
@@ -48,6 +50,31 @@ IA32_IDT_GATE_DESCRIPTOR mIdtEntryTemplate = {
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
+//
|
||||||
|
+// Enable MTRR early, set default type to write back.
|
||||||
|
+// Needed to make sure caching is enabled,
|
||||||
|
+// without this lzma decompress can be very slow.
|
||||||
|
+//
|
||||||
|
+STATIC
|
||||||
|
+VOID
|
||||||
|
+SecMtrrSetup (
|
||||||
|
+ VOID
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ CPUID_VERSION_INFO_EDX Edx;
|
||||||
|
+ MSR_IA32_MTRR_DEF_TYPE_REGISTER DefType;
|
||||||
|
+
|
||||||
|
+ AsmCpuid (CPUID_VERSION_INFO, NULL, NULL, NULL, &Edx.Uint32);
|
||||||
|
+ if (!Edx.Bits.MTRR) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ DefType.Uint64 = AsmReadMsr64 (MSR_IA32_MTRR_DEF_TYPE);
|
||||||
|
+ DefType.Bits.Type = 6; /* write back */
|
||||||
|
+ DefType.Bits.E = 1; /* enable */
|
||||||
|
+ AsmWriteMsr64 (MSR_IA32_MTRR_DEF_TYPE, DefType.Uint64);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
VOID
|
||||||
|
EFIAPI
|
||||||
|
SecCoreStartupWithStack (
|
||||||
|
@@ -204,6 +231,11 @@ SecCoreStartupWithStack (
|
||||||
|
InitializeApicTimer (0, MAX_UINT32, TRUE, 5);
|
||||||
|
DisableApicTimerInterrupt ();
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Initialize MTRR
|
||||||
|
+ //
|
||||||
|
+ SecMtrrSetup ();
|
||||||
|
+
|
||||||
|
PeilessStartup (&SecCoreData);
|
||||||
|
|
||||||
|
ASSERT (FALSE);
|
||||||
|
diff --git a/OvmfPkg/Library/PlatformInitLib/MemDetect.c b/OvmfPkg/Library/PlatformInitLib/MemDetect.c
|
||||||
|
index 662e7e85bb..f8d7f5bf1c 100644
|
||||||
|
--- a/OvmfPkg/Library/PlatformInitLib/MemDetect.c
|
||||||
|
+++ b/OvmfPkg/Library/PlatformInitLib/MemDetect.c
|
||||||
|
@@ -1035,18 +1035,18 @@ PlatformQemuInitializeRam (
|
||||||
|
MtrrGetAllMtrrs (&MtrrSettings);
|
||||||
|
|
||||||
|
//
|
||||||
|
- // MTRRs disabled, fixed MTRRs disabled, default type is uncached
|
||||||
|
+ // See SecMtrrSetup(), default type should be write back
|
||||||
|
//
|
||||||
|
- ASSERT ((MtrrSettings.MtrrDefType & BIT11) == 0);
|
||||||
|
+ ASSERT ((MtrrSettings.MtrrDefType & BIT11) != 0);
|
||||||
|
ASSERT ((MtrrSettings.MtrrDefType & BIT10) == 0);
|
||||||
|
- ASSERT ((MtrrSettings.MtrrDefType & 0xFF) == 0);
|
||||||
|
+ ASSERT ((MtrrSettings.MtrrDefType & 0xFF) == MTRR_CACHE_WRITE_BACK);
|
||||||
|
|
||||||
|
//
|
||||||
|
// flip default type to writeback
|
||||||
|
//
|
||||||
|
- SetMem (&MtrrSettings.Fixed, sizeof MtrrSettings.Fixed, 0x06);
|
||||||
|
+ SetMem (&MtrrSettings.Fixed, sizeof MtrrSettings.Fixed, MTRR_CACHE_WRITE_BACK);
|
||||||
|
ZeroMem (&MtrrSettings.Variables, sizeof MtrrSettings.Variables);
|
||||||
|
- MtrrSettings.MtrrDefType |= BIT11 | BIT10 | 6;
|
||||||
|
+ MtrrSettings.MtrrDefType |= BIT10;
|
||||||
|
MtrrSetAllMtrrs (&MtrrSettings);
|
||||||
|
|
||||||
|
//
|
||||||
|
diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
|
||||||
|
index 31da5d0ace..3b7dc7205d 100644
|
||||||
|
--- a/OvmfPkg/Sec/SecMain.c
|
||||||
|
+++ b/OvmfPkg/Sec/SecMain.c
|
||||||
|
@@ -30,6 +30,8 @@
|
||||||
|
#include <Ppi/MpInitLibDep.h>
|
||||||
|
#include <Library/TdxHelperLib.h>
|
||||||
|
#include <Library/CcProbeLib.h>
|
||||||
|
+#include <Register/Intel/ArchitecturalMsr.h>
|
||||||
|
+#include <Register/Intel/Cpuid.h>
|
||||||
|
#include "AmdSev.h"
|
||||||
|
|
||||||
|
#define SEC_IDT_ENTRY_COUNT 34
|
||||||
|
@@ -744,6 +746,31 @@ FindAndReportEntryPoints (
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
+//
|
||||||
|
+// Enable MTRR early, set default type to write back.
|
||||||
|
+// Needed to make sure caching is enabled,
|
||||||
|
+// without this lzma decompress can be very slow.
|
||||||
|
+//
|
||||||
|
+STATIC
|
||||||
|
+VOID
|
||||||
|
+SecMtrrSetup (
|
||||||
|
+ VOID
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ CPUID_VERSION_INFO_EDX Edx;
|
||||||
|
+ MSR_IA32_MTRR_DEF_TYPE_REGISTER DefType;
|
||||||
|
+
|
||||||
|
+ AsmCpuid (CPUID_VERSION_INFO, NULL, NULL, NULL, &Edx.Uint32);
|
||||||
|
+ if (!Edx.Bits.MTRR) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ DefType.Uint64 = AsmReadMsr64 (MSR_IA32_MTRR_DEF_TYPE);
|
||||||
|
+ DefType.Bits.Type = 6; /* write back */
|
||||||
|
+ DefType.Bits.E = 1; /* enable */
|
||||||
|
+ AsmWriteMsr64 (MSR_IA32_MTRR_DEF_TYPE, DefType.Uint64);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
VOID
|
||||||
|
EFIAPI
|
||||||
|
SecCoreStartupWithStack (
|
||||||
|
@@ -942,6 +969,11 @@ SecCoreStartupWithStack (
|
||||||
|
InitializeApicTimer (0, MAX_UINT32, TRUE, 5);
|
||||||
|
DisableApicTimerInterrupt ();
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Initialize MTRR
|
||||||
|
+ //
|
||||||
|
+ SecMtrrSetup ();
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Initialize Debug Agent to support source level debug in SEC/PEI phases before memory ready.
|
||||||
|
//
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,49 @@
|
|||||||
|
From 0e2a3df10d784fd38ceee2f6a733032d1333281f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 30 Jan 2024 14:04:41 +0100
|
||||||
|
Subject: [PATCH 9/9] OvmfPkg/Sec: use cache type #defines from
|
||||||
|
ArchitecturalMsr.h
|
||||||
|
|
||||||
|
RH-Author: Gerd Hoffmann <None>
|
||||||
|
RH-MergeRequest: 55: OvmfPkg/Sec: Setup MTRR early in the boot process.
|
||||||
|
RH-Jira: RHEL-21704
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [4/4] 55f00e3e153ca945ca458e7abc26780a8d83ac85 (kraxel.rh/centos-src-edk2)
|
||||||
|
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Message-ID: <20240130130441.772484-5-kraxel@redhat.com>
|
||||||
|
---
|
||||||
|
OvmfPkg/IntelTdx/Sec/SecMain.c | 2 +-
|
||||||
|
OvmfPkg/Sec/SecMain.c | 2 +-
|
||||||
|
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/IntelTdx/Sec/SecMain.c b/OvmfPkg/IntelTdx/Sec/SecMain.c
|
||||||
|
index 0daddac0a0..c00b852f0e 100644
|
||||||
|
--- a/OvmfPkg/IntelTdx/Sec/SecMain.c
|
||||||
|
+++ b/OvmfPkg/IntelTdx/Sec/SecMain.c
|
||||||
|
@@ -70,7 +70,7 @@ SecMtrrSetup (
|
||||||
|
}
|
||||||
|
|
||||||
|
DefType.Uint64 = AsmReadMsr64 (MSR_IA32_MTRR_DEF_TYPE);
|
||||||
|
- DefType.Bits.Type = 6; /* write back */
|
||||||
|
+ DefType.Bits.Type = MSR_IA32_MTRR_CACHE_WRITE_BACK;
|
||||||
|
DefType.Bits.E = 1; /* enable */
|
||||||
|
AsmWriteMsr64 (MSR_IA32_MTRR_DEF_TYPE, DefType.Uint64);
|
||||||
|
}
|
||||||
|
diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
|
||||||
|
index 3b7dc7205d..aa0fa1b1ec 100644
|
||||||
|
--- a/OvmfPkg/Sec/SecMain.c
|
||||||
|
+++ b/OvmfPkg/Sec/SecMain.c
|
||||||
|
@@ -766,7 +766,7 @@ SecMtrrSetup (
|
||||||
|
}
|
||||||
|
|
||||||
|
DefType.Uint64 = AsmReadMsr64 (MSR_IA32_MTRR_DEF_TYPE);
|
||||||
|
- DefType.Bits.Type = 6; /* write back */
|
||||||
|
+ DefType.Bits.Type = MSR_IA32_MTRR_CACHE_WRITE_BACK;
|
||||||
|
DefType.Bits.E = 1; /* enable */
|
||||||
|
AsmWriteMsr64 (MSR_IA32_MTRR_DEF_TYPE, DefType.Uint64);
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,48 @@
|
|||||||
|
From cfcef96bb3c63342d4fb87cf0cda8e9dcaef9b2b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 16 Jan 2024 18:11:04 +0100
|
||||||
|
Subject: [PATCH 5/6] OvmfPkg/VirtNorFlashDxe: ValidateFvHeader: unwritten
|
||||||
|
state is EOL too
|
||||||
|
|
||||||
|
RH-Author: Gerd Hoffmann <None>
|
||||||
|
RH-MergeRequest: 52: OvmfPkg/VirtNorFlashDxe: backport more fixes.
|
||||||
|
RH-Jira: RHEL-20963
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
RH-Commit: [5/6] 24a9f2d03eeaf61ea8f0ea5a40f0921994b08688 (kraxel.rh/centos-src-edk2)
|
||||||
|
|
||||||
|
It is possible to find variable entries with State being 0xff, i.e. not
|
||||||
|
updated since flash block erase. This indicates the variable driver
|
||||||
|
could not complete the header write while appending a new entry, and
|
||||||
|
therefore State was not set to VAR_HEADER_VALID_ONLY.
|
||||||
|
|
||||||
|
This can only happen at the end of the variable list, so treat this as
|
||||||
|
additional "end of variable list" condition.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Message-Id: <20240116171105.37831-6-kraxel@redhat.com>
|
||||||
|
(cherry picked from commit 735d0a5e2e25c1577bf9bea7826da937ca38169d)
|
||||||
|
---
|
||||||
|
OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c | 5 +++++
|
||||||
|
1 file changed, 5 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
|
||||||
|
index 8fcd999ac6..c8b5e0be13 100644
|
||||||
|
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
|
||||||
|
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
|
||||||
|
@@ -302,6 +302,11 @@ ValidateFvHeader (
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (VarHeader->State == 0xff) {
|
||||||
|
+ DEBUG ((DEBUG_INFO, "%a: end of var list (unwritten state)\n", __func__));
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
VarName = NULL;
|
||||||
|
switch (VarHeader->State) {
|
||||||
|
// usage: State = VAR_HEADER_VALID_ONLY
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,74 @@
|
|||||||
|
From a82176278e664c3955197d1e076188471d88a422 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 16 Jan 2024 18:11:02 +0100
|
||||||
|
Subject: [PATCH 3/6] OvmfPkg/VirtNorFlashDxe: add a loop for
|
||||||
|
NorFlashWriteBuffer calls.
|
||||||
|
|
||||||
|
RH-Author: Gerd Hoffmann <None>
|
||||||
|
RH-MergeRequest: 52: OvmfPkg/VirtNorFlashDxe: backport more fixes.
|
||||||
|
RH-Jira: RHEL-20963
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
RH-Commit: [3/6] 993426855451252f1126348e107e386b07314bfd (kraxel.rh/centos-src-edk2)
|
||||||
|
|
||||||
|
Replace the two NorFlashWriteBuffer() calls with a loop containing a
|
||||||
|
single NorFlashWriteBuffer() call.
|
||||||
|
|
||||||
|
With the changes in place the code is able to handle updates larger
|
||||||
|
than two P30_MAX_BUFFER_SIZE_IN_BYTES blocks, even though the patch
|
||||||
|
does not actually change the size limit.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Message-Id: <20240116171105.37831-4-kraxel@redhat.com>
|
||||||
|
(cherry picked from commit 28ffd726894f11a587a6ac7f71a4c4af341e24d2)
|
||||||
|
---
|
||||||
|
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c | 21 ++++++++-------------
|
||||||
|
1 file changed, 8 insertions(+), 13 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
index 88a4d2c23f..3d1343b381 100644
|
||||||
|
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
@@ -521,6 +521,7 @@ NorFlashWriteSingleBlock (
|
||||||
|
UINTN BlockAddress;
|
||||||
|
UINT8 *OrigData;
|
||||||
|
UINTN Start, End;
|
||||||
|
+ UINT32 Index, Count;
|
||||||
|
|
||||||
|
DEBUG ((DEBUG_BLKIO, "NorFlashWriteSingleBlock(Parameters: Lba=%ld, Offset=0x%x, *NumBytes=0x%x, Buffer @ 0x%08x)\n", Lba, Offset, *NumBytes, Buffer));
|
||||||
|
|
||||||
|
@@ -621,23 +622,17 @@ NorFlashWriteSingleBlock (
|
||||||
|
goto Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
- Status = NorFlashWriteBuffer (
|
||||||
|
- Instance,
|
||||||
|
- BlockAddress + Start,
|
||||||
|
- P30_MAX_BUFFER_SIZE_IN_BYTES,
|
||||||
|
- Instance->ShadowBuffer
|
||||||
|
- );
|
||||||
|
- if (EFI_ERROR (Status)) {
|
||||||
|
- goto Exit;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- if ((End - Start) > P30_MAX_BUFFER_SIZE_IN_BYTES) {
|
||||||
|
+ Count = (End - Start) / P30_MAX_BUFFER_SIZE_IN_BYTES;
|
||||||
|
+ for (Index = 0; Index < Count; Index++) {
|
||||||
|
Status = NorFlashWriteBuffer (
|
||||||
|
Instance,
|
||||||
|
- BlockAddress + Start + P30_MAX_BUFFER_SIZE_IN_BYTES,
|
||||||
|
+ BlockAddress + Start + Index * P30_MAX_BUFFER_SIZE_IN_BYTES,
|
||||||
|
P30_MAX_BUFFER_SIZE_IN_BYTES,
|
||||||
|
- Instance->ShadowBuffer + P30_MAX_BUFFER_SIZE_IN_BYTES
|
||||||
|
+ Instance->ShadowBuffer + Index * P30_MAX_BUFFER_SIZE_IN_BYTES
|
||||||
|
);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ goto Exit;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
Exit:
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,56 @@
|
|||||||
|
From 74d2d4b58efe72b931bd2979254cb0fa02a38276 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 16 Jan 2024 18:11:00 +0100
|
||||||
|
Subject: [PATCH 1/6] OvmfPkg/VirtNorFlashDxe: add casts to UINTN and UINT32
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
RH-Author: Gerd Hoffmann <None>
|
||||||
|
RH-MergeRequest: 52: OvmfPkg/VirtNorFlashDxe: backport more fixes.
|
||||||
|
RH-Jira: RHEL-20963
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
RH-Commit: [1/6] ad54e96a5f20907ac591fcfcc0961d353953c4f1 (kraxel.rh/centos-src-edk2)
|
||||||
|
|
||||||
|
This is needed to avoid bit operations being applied to signed integers.
|
||||||
|
|
||||||
|
Suggested-by: László Érsek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Message-Id: <20240116171105.37831-2-kraxel@redhat.com>
|
||||||
|
(cherry picked from commit 0395045ae307c43a41f72ca9a8bf4eb8f16b2fe0)
|
||||||
|
---
|
||||||
|
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c | 2 +-
|
||||||
|
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h | 2 +-
|
||||||
|
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
index 1afd60ce66..7f4743b003 100644
|
||||||
|
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
@@ -581,7 +581,7 @@ NorFlashWriteSingleBlock (
|
||||||
|
// contents, while checking whether the old version had any bits cleared
|
||||||
|
// that we want to set. In that case, we will need to erase the block first.
|
||||||
|
for (CurOffset = 0; CurOffset < *NumBytes; CurOffset++) {
|
||||||
|
- if (~OrigData[CurOffset] & Buffer[CurOffset]) {
|
||||||
|
+ if (~(UINT32)OrigData[CurOffset] & (UINT32)Buffer[CurOffset]) {
|
||||||
|
goto DoErase;
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h
|
||||||
|
index b7f5d208b2..455eafacc2 100644
|
||||||
|
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h
|
||||||
|
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.h
|
||||||
|
@@ -61,7 +61,7 @@
|
||||||
|
#define P30_MAX_BUFFER_SIZE_IN_BYTES ((UINTN)128)
|
||||||
|
#define P30_MAX_BUFFER_SIZE_IN_WORDS (P30_MAX_BUFFER_SIZE_IN_BYTES/((UINTN)4))
|
||||||
|
#define MAX_BUFFERED_PROG_ITERATIONS 10000000
|
||||||
|
-#define BOUNDARY_OF_32_WORDS 0x7F
|
||||||
|
+#define BOUNDARY_OF_32_WORDS ((UINTN)0x7F)
|
||||||
|
|
||||||
|
// CFI Addresses
|
||||||
|
#define P30_CFI_ADDR_QUERY_UNIQUE_QRY 0x10
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,66 @@
|
|||||||
|
From 75774a03a6e0d2f5ca8103bab8d7d31e40624edd Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 16 Jan 2024 18:11:03 +0100
|
||||||
|
Subject: [PATCH 4/6] OvmfPkg/VirtNorFlashDxe: allow larger writes without
|
||||||
|
block erase
|
||||||
|
|
||||||
|
RH-Author: Gerd Hoffmann <None>
|
||||||
|
RH-MergeRequest: 52: OvmfPkg/VirtNorFlashDxe: backport more fixes.
|
||||||
|
RH-Jira: RHEL-20963
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
RH-Commit: [4/6] 4bc6828b395ef708201a49001348bb61a0108339 (kraxel.rh/centos-src-edk2)
|
||||||
|
|
||||||
|
Raise the limit for writes without block erase from two to four
|
||||||
|
P30_MAX_BUFFER_SIZE_IN_BYTES blocks. With this in place almost all efi
|
||||||
|
variable updates are handled without block erase. With the old limit
|
||||||
|
some variable updates (with device paths) took the block erase code
|
||||||
|
path.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Message-Id: <20240116171105.37831-5-kraxel@redhat.com>
|
||||||
|
(cherry picked from commit b25733c97442513890ae6bb8e10fd340f13844a7)
|
||||||
|
---
|
||||||
|
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c | 18 ++++++++++--------
|
||||||
|
1 file changed, 10 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
index 3d1343b381..3d1d20daa1 100644
|
||||||
|
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
@@ -550,13 +550,15 @@ NorFlashWriteSingleBlock (
|
||||||
|
return EFI_BAD_BUFFER_SIZE;
|
||||||
|
}
|
||||||
|
|
||||||
|
- // Pick P30_MAX_BUFFER_SIZE_IN_BYTES (== 128 bytes) as a good start for word
|
||||||
|
- // operations as opposed to erasing the block and writing the data regardless
|
||||||
|
- // if an erase is really needed. It looks like most individual NV variable
|
||||||
|
- // writes are smaller than 128 bytes.
|
||||||
|
- // To avoid pathological cases were a 2 byte write is disregarded because it
|
||||||
|
- // occurs right at a 128 byte buffered write alignment boundary, permit up to
|
||||||
|
- // twice the max buffer size, and perform two writes if needed.
|
||||||
|
+ // Pick 4 * P30_MAX_BUFFER_SIZE_IN_BYTES (== 512 bytes) as a good
|
||||||
|
+ // start for word operations as opposed to erasing the block and
|
||||||
|
+ // writing the data regardless if an erase is really needed.
|
||||||
|
+ //
|
||||||
|
+ // Many NV variable updates are small enough for a a single
|
||||||
|
+ // P30_MAX_BUFFER_SIZE_IN_BYTES block write. In case the update is
|
||||||
|
+ // larger than a single block, or the update crosses a
|
||||||
|
+ // P30_MAX_BUFFER_SIZE_IN_BYTES boundary (as shown in the diagram
|
||||||
|
+ // below), or both, we might have to write two or more blocks.
|
||||||
|
//
|
||||||
|
// 0 128 256
|
||||||
|
// [----------------|----------------]
|
||||||
|
@@ -578,7 +580,7 @@ NorFlashWriteSingleBlock (
|
||||||
|
Start = Offset & ~BOUNDARY_OF_32_WORDS;
|
||||||
|
End = ALIGN_VALUE (Offset + *NumBytes, P30_MAX_BUFFER_SIZE_IN_BYTES);
|
||||||
|
|
||||||
|
- if ((End - Start) <= (2 * P30_MAX_BUFFER_SIZE_IN_BYTES)) {
|
||||||
|
+ if ((End - Start) <= (4 * P30_MAX_BUFFER_SIZE_IN_BYTES)) {
|
||||||
|
// Check to see if we need to erase before programming the data into NOR.
|
||||||
|
// If the destination bits are only changing from 1s to 0s we can just write.
|
||||||
|
// After a block is erased all bits in the block is set to 1.
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,111 @@
|
|||||||
|
From ef99dec08d51bad7be0f84942443a8a0e1412c87 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 16 Jan 2024 18:11:01 +0100
|
||||||
|
Subject: [PATCH 2/6] OvmfPkg/VirtNorFlashDxe: clarify block write logic & fix
|
||||||
|
shadowbuffer reads
|
||||||
|
|
||||||
|
RH-Author: Gerd Hoffmann <None>
|
||||||
|
RH-MergeRequest: 52: OvmfPkg/VirtNorFlashDxe: backport more fixes.
|
||||||
|
RH-Jira: RHEL-20963
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
RH-Commit: [2/6] e2f2231fd1b7b702aa5372e790c1d2c06ca79f74 (kraxel.rh/centos-src-edk2)
|
||||||
|
|
||||||
|
Introduce 'Start' and 'End' variables to make it easier to follow the
|
||||||
|
logic and code flow. Also add a ascii art diagram (based on a
|
||||||
|
suggestion by Laszlo).
|
||||||
|
|
||||||
|
This also fixes the 'Size' calculation for the NorFlashRead() call.
|
||||||
|
Without this patch the code will read only one instead of two
|
||||||
|
P30_MAX_BUFFER_SIZE_IN_BYTES blocks in case '*NumBytes' is smaller than
|
||||||
|
P30_MAX_BUFFER_SIZE_IN_BYTES but 'Offset + *NumBytes' is not, i.e. the
|
||||||
|
update range crosses a P30_MAX_BUFFER_SIZE_IN_BYTES boundary.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Message-Id: <20240116171105.37831-3-kraxel@redhat.com>
|
||||||
|
(cherry picked from commit 35d8ea8097794b522149688b5cfaf8364bc44d54)
|
||||||
|
---
|
||||||
|
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c | 36 ++++++++++++++++++++------
|
||||||
|
1 file changed, 28 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
index 7f4743b003..88a4d2c23f 100644
|
||||||
|
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
@@ -520,6 +520,7 @@ NorFlashWriteSingleBlock (
|
||||||
|
UINTN BlockSize;
|
||||||
|
UINTN BlockAddress;
|
||||||
|
UINT8 *OrigData;
|
||||||
|
+ UINTN Start, End;
|
||||||
|
|
||||||
|
DEBUG ((DEBUG_BLKIO, "NorFlashWriteSingleBlock(Parameters: Lba=%ld, Offset=0x%x, *NumBytes=0x%x, Buffer @ 0x%08x)\n", Lba, Offset, *NumBytes, Buffer));
|
||||||
|
|
||||||
|
@@ -555,7 +556,28 @@ NorFlashWriteSingleBlock (
|
||||||
|
// To avoid pathological cases were a 2 byte write is disregarded because it
|
||||||
|
// occurs right at a 128 byte buffered write alignment boundary, permit up to
|
||||||
|
// twice the max buffer size, and perform two writes if needed.
|
||||||
|
- if ((*NumBytes + (Offset & BOUNDARY_OF_32_WORDS)) <= (2 * P30_MAX_BUFFER_SIZE_IN_BYTES)) {
|
||||||
|
+ //
|
||||||
|
+ // 0 128 256
|
||||||
|
+ // [----------------|----------------]
|
||||||
|
+ // ^ ^ ^ ^
|
||||||
|
+ // | | | |
|
||||||
|
+ // | | | End, the next "word" boundary beyond
|
||||||
|
+ // | | | the (logical) update
|
||||||
|
+ // | | |
|
||||||
|
+ // | | (Offset & BOUNDARY_OF_32_WORDS) + NumBytes;
|
||||||
|
+ // | | i.e., the relative offset inside (or just past)
|
||||||
|
+ // | | the *double-word* such that it is the
|
||||||
|
+ // | | *exclusive* end of the (logical) update.
|
||||||
|
+ // | |
|
||||||
|
+ // | Offset & BOUNDARY_OF_32_WORDS; i.e., Offset within the "word";
|
||||||
|
+ // | this is where the (logical) update is supposed to start
|
||||||
|
+ // |
|
||||||
|
+ // Start = Offset & ~BOUNDARY_OF_32_WORDS; i.e., Offset truncated to "word" boundary
|
||||||
|
+
|
||||||
|
+ Start = Offset & ~BOUNDARY_OF_32_WORDS;
|
||||||
|
+ End = ALIGN_VALUE (Offset + *NumBytes, P30_MAX_BUFFER_SIZE_IN_BYTES);
|
||||||
|
+
|
||||||
|
+ if ((End - Start) <= (2 * P30_MAX_BUFFER_SIZE_IN_BYTES)) {
|
||||||
|
// Check to see if we need to erase before programming the data into NOR.
|
||||||
|
// If the destination bits are only changing from 1s to 0s we can just write.
|
||||||
|
// After a block is erased all bits in the block is set to 1.
|
||||||
|
@@ -565,8 +587,8 @@ NorFlashWriteSingleBlock (
|
||||||
|
Status = NorFlashRead (
|
||||||
|
Instance,
|
||||||
|
Lba,
|
||||||
|
- Offset & ~BOUNDARY_OF_32_WORDS,
|
||||||
|
- (*NumBytes | BOUNDARY_OF_32_WORDS) + 1,
|
||||||
|
+ Start,
|
||||||
|
+ End - Start,
|
||||||
|
Instance->ShadowBuffer
|
||||||
|
);
|
||||||
|
if (EFI_ERROR (Status)) {
|
||||||
|
@@ -601,7 +623,7 @@ NorFlashWriteSingleBlock (
|
||||||
|
|
||||||
|
Status = NorFlashWriteBuffer (
|
||||||
|
Instance,
|
||||||
|
- BlockAddress + (Offset & ~BOUNDARY_OF_32_WORDS),
|
||||||
|
+ BlockAddress + Start,
|
||||||
|
P30_MAX_BUFFER_SIZE_IN_BYTES,
|
||||||
|
Instance->ShadowBuffer
|
||||||
|
);
|
||||||
|
@@ -609,12 +631,10 @@ NorFlashWriteSingleBlock (
|
||||||
|
goto Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
- if ((*NumBytes + (Offset & BOUNDARY_OF_32_WORDS)) > P30_MAX_BUFFER_SIZE_IN_BYTES) {
|
||||||
|
- BlockAddress += P30_MAX_BUFFER_SIZE_IN_BYTES;
|
||||||
|
-
|
||||||
|
+ if ((End - Start) > P30_MAX_BUFFER_SIZE_IN_BYTES) {
|
||||||
|
Status = NorFlashWriteBuffer (
|
||||||
|
Instance,
|
||||||
|
- BlockAddress + (Offset & ~BOUNDARY_OF_32_WORDS),
|
||||||
|
+ BlockAddress + Start + P30_MAX_BUFFER_SIZE_IN_BYTES,
|
||||||
|
P30_MAX_BUFFER_SIZE_IN_BYTES,
|
||||||
|
Instance->ShadowBuffer + P30_MAX_BUFFER_SIZE_IN_BYTES
|
||||||
|
);
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,132 @@
|
|||||||
|
From 0429352edb21bd20b8192aec3f484361f4dc3b33 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 16 Jan 2024 18:11:05 +0100
|
||||||
|
Subject: [PATCH 6/6] OvmfPkg/VirtNorFlashDxe: move DoErase code block into new
|
||||||
|
function
|
||||||
|
|
||||||
|
RH-Author: Gerd Hoffmann <None>
|
||||||
|
RH-MergeRequest: 52: OvmfPkg/VirtNorFlashDxe: backport more fixes.
|
||||||
|
RH-Jira: RHEL-20963
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
RH-Commit: [6/6] 9a25dbbd0d9881664f8ce30efb95c63099785204 (kraxel.rh/centos-src-edk2)
|
||||||
|
|
||||||
|
Move the DoErase code block into a separate function, call the function
|
||||||
|
instead of jumping around with goto.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Message-Id: <20240116171105.37831-7-kraxel@redhat.com>
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit b481b00f593ef37695ee14271453320ed02a1256)
|
||||||
|
---
|
||||||
|
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c | 76 ++++++++++++++++++--------
|
||||||
|
1 file changed, 52 insertions(+), 24 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
index 3d1d20daa1..e6aaed27ce 100644
|
||||||
|
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
@@ -502,6 +502,38 @@ NorFlashRead (
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
+STATIC
|
||||||
|
+EFI_STATUS
|
||||||
|
+NorFlashWriteSingleBlockWithErase (
|
||||||
|
+ IN NOR_FLASH_INSTANCE *Instance,
|
||||||
|
+ IN EFI_LBA Lba,
|
||||||
|
+ IN UINTN Offset,
|
||||||
|
+ IN OUT UINTN *NumBytes,
|
||||||
|
+ IN UINT8 *Buffer
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
+ // Read NOR Flash data into shadow buffer
|
||||||
|
+ Status = NorFlashReadBlocks (Instance, Lba, Instance->BlockSize, Instance->ShadowBuffer);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ // Return one of the pre-approved error statuses
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Put the data at the appropriate location inside the buffer area
|
||||||
|
+ CopyMem ((VOID *)((UINTN)Instance->ShadowBuffer + Offset), Buffer, *NumBytes);
|
||||||
|
+
|
||||||
|
+ // Write the modified buffer back to the NorFlash
|
||||||
|
+ Status = NorFlashWriteBlocks (Instance, Lba, Instance->BlockSize, Instance->ShadowBuffer);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ // Return one of the pre-approved error statuses
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
Write a full or portion of a block. It must not span block boundaries; that is,
|
||||||
|
Offset + *NumBytes <= Instance->BlockSize.
|
||||||
|
@@ -607,7 +639,14 @@ NorFlashWriteSingleBlock (
|
||||||
|
// that we want to set. In that case, we will need to erase the block first.
|
||||||
|
for (CurOffset = 0; CurOffset < *NumBytes; CurOffset++) {
|
||||||
|
if (~(UINT32)OrigData[CurOffset] & (UINT32)Buffer[CurOffset]) {
|
||||||
|
- goto DoErase;
|
||||||
|
+ Status = NorFlashWriteSingleBlockWithErase (
|
||||||
|
+ Instance,
|
||||||
|
+ Lba,
|
||||||
|
+ Offset,
|
||||||
|
+ NumBytes,
|
||||||
|
+ Buffer
|
||||||
|
+ );
|
||||||
|
+ return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
OrigData[CurOffset] = Buffer[CurOffset];
|
||||||
|
@@ -636,33 +675,22 @@ NorFlashWriteSingleBlock (
|
||||||
|
goto Exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
-
|
||||||
|
-Exit:
|
||||||
|
- // Put device back into Read Array mode
|
||||||
|
- SEND_NOR_COMMAND (Instance->DeviceBaseAddress, 0, P30_CMD_READ_ARRAY);
|
||||||
|
-
|
||||||
|
+ } else {
|
||||||
|
+ Status = NorFlashWriteSingleBlockWithErase (
|
||||||
|
+ Instance,
|
||||||
|
+ Lba,
|
||||||
|
+ Offset,
|
||||||
|
+ NumBytes,
|
||||||
|
+ Buffer
|
||||||
|
+ );
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
-DoErase:
|
||||||
|
- // Read NOR Flash data into shadow buffer
|
||||||
|
- Status = NorFlashReadBlocks (Instance, Lba, BlockSize, Instance->ShadowBuffer);
|
||||||
|
- if (EFI_ERROR (Status)) {
|
||||||
|
- // Return one of the pre-approved error statuses
|
||||||
|
- return EFI_DEVICE_ERROR;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- // Put the data at the appropriate location inside the buffer area
|
||||||
|
- CopyMem ((VOID *)((UINTN)Instance->ShadowBuffer + Offset), Buffer, *NumBytes);
|
||||||
|
-
|
||||||
|
- // Write the modified buffer back to the NorFlash
|
||||||
|
- Status = NorFlashWriteBlocks (Instance, Lba, BlockSize, Instance->ShadowBuffer);
|
||||||
|
- if (EFI_ERROR (Status)) {
|
||||||
|
- // Return one of the pre-approved error statuses
|
||||||
|
- return EFI_DEVICE_ERROR;
|
||||||
|
- }
|
||||||
|
+Exit:
|
||||||
|
+ // Put device back into Read Array mode
|
||||||
|
+ SEND_NOR_COMMAND (Instance->DeviceBaseAddress, 0, P30_CMD_READ_ARRAY);
|
||||||
|
|
||||||
|
- return EFI_SUCCESS;
|
||||||
|
+ return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
EFI_STATUS
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,210 @@
|
|||||||
|
From d557e973e4a400325f68014e463201a5b48c1547 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 9 Jan 2024 12:29:02 +0100
|
||||||
|
Subject: [PATCH 3/3] OvmfPkg/VirtNorFlashDxe: sanity-check variables
|
||||||
|
|
||||||
|
Extend the ValidateFvHeader function, additionally to the header checks
|
||||||
|
walk over the list of variables and sanity check them.
|
||||||
|
|
||||||
|
In case we find inconsistencies indicating variable store corruption
|
||||||
|
return EFI_NOT_FOUND so the variable store will be re-initialized.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Message-Id: <20240109112902.30002-4-kraxel@redhat.com>
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
[lersek@redhat.com: fix StartId initialization/assignment coding style]
|
||||||
|
(cherry picked from commit 4a443f73fd67ca8caaf0a3e1a01f8231b330d2e0)
|
||||||
|
---
|
||||||
|
OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf | 1 +
|
||||||
|
OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c | 149 +++++++++++++++++++-
|
||||||
|
2 files changed, 145 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
|
||||||
|
index 2a3d4a218e..f549400280 100644
|
||||||
|
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
|
||||||
|
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
|
||||||
|
@@ -34,6 +34,7 @@
|
||||||
|
DxeServicesTableLib
|
||||||
|
HobLib
|
||||||
|
IoLib
|
||||||
|
+ SafeIntLib
|
||||||
|
UefiBootServicesTableLib
|
||||||
|
UefiDriverEntryPoint
|
||||||
|
UefiLib
|
||||||
|
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
|
||||||
|
index 9a614ae4b2..8fcd999ac6 100644
|
||||||
|
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
|
||||||
|
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
|
||||||
|
@@ -12,6 +12,7 @@
|
||||||
|
#include <Library/BaseMemoryLib.h>
|
||||||
|
#include <Library/MemoryAllocationLib.h>
|
||||||
|
#include <Library/PcdLib.h>
|
||||||
|
+#include <Library/SafeIntLib.h>
|
||||||
|
#include <Library/UefiLib.h>
|
||||||
|
|
||||||
|
#include <Guid/NvVarStoreFormatted.h>
|
||||||
|
@@ -185,11 +186,12 @@ ValidateFvHeader (
|
||||||
|
IN NOR_FLASH_INSTANCE *Instance
|
||||||
|
)
|
||||||
|
{
|
||||||
|
- UINT16 Checksum;
|
||||||
|
- EFI_FIRMWARE_VOLUME_HEADER *FwVolHeader;
|
||||||
|
- VARIABLE_STORE_HEADER *VariableStoreHeader;
|
||||||
|
- UINTN VariableStoreLength;
|
||||||
|
- UINTN FvLength;
|
||||||
|
+ UINT16 Checksum;
|
||||||
|
+ CONST EFI_FIRMWARE_VOLUME_HEADER *FwVolHeader;
|
||||||
|
+ CONST VARIABLE_STORE_HEADER *VariableStoreHeader;
|
||||||
|
+ UINTN VarOffset;
|
||||||
|
+ UINTN VariableStoreLength;
|
||||||
|
+ UINTN FvLength;
|
||||||
|
|
||||||
|
FwVolHeader = (EFI_FIRMWARE_VOLUME_HEADER *)Instance->RegionBaseAddress;
|
||||||
|
|
||||||
|
@@ -258,6 +260,143 @@ ValidateFvHeader (
|
||||||
|
return EFI_NOT_FOUND;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // check variables
|
||||||
|
+ //
|
||||||
|
+ DEBUG ((DEBUG_INFO, "%a: checking variables\n", __func__));
|
||||||
|
+ VarOffset = sizeof (*VariableStoreHeader);
|
||||||
|
+ for ( ; ;) {
|
||||||
|
+ UINTN VarHeaderEnd;
|
||||||
|
+ UINTN VarNameEnd;
|
||||||
|
+ UINTN VarEnd;
|
||||||
|
+ UINTN VarPadding;
|
||||||
|
+ CONST AUTHENTICATED_VARIABLE_HEADER *VarHeader;
|
||||||
|
+ CONST CHAR16 *VarName;
|
||||||
|
+ CONST CHAR8 *VarState;
|
||||||
|
+ RETURN_STATUS Status;
|
||||||
|
+
|
||||||
|
+ Status = SafeUintnAdd (VarOffset, sizeof (*VarHeader), &VarHeaderEnd);
|
||||||
|
+ if (RETURN_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "%a: integer overflow\n", __func__));
|
||||||
|
+ return EFI_NOT_FOUND;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (VarHeaderEnd >= VariableStoreHeader->Size) {
|
||||||
|
+ if (VarOffset <= VariableStoreHeader->Size - sizeof (UINT16)) {
|
||||||
|
+ CONST UINT16 *StartId;
|
||||||
|
+
|
||||||
|
+ StartId = (VOID *)((UINTN)VariableStoreHeader + VarOffset);
|
||||||
|
+ if (*StartId == 0x55aa) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "%a: startid at invalid location\n", __func__));
|
||||||
|
+ return EFI_NOT_FOUND;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ DEBUG ((DEBUG_INFO, "%a: end of var list (no space left)\n", __func__));
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ VarHeader = (VOID *)((UINTN)VariableStoreHeader + VarOffset);
|
||||||
|
+ if (VarHeader->StartId != 0x55aa) {
|
||||||
|
+ DEBUG ((DEBUG_INFO, "%a: end of var list (no startid)\n", __func__));
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ VarName = NULL;
|
||||||
|
+ switch (VarHeader->State) {
|
||||||
|
+ // usage: State = VAR_HEADER_VALID_ONLY
|
||||||
|
+ case VAR_HEADER_VALID_ONLY:
|
||||||
|
+ VarState = "header-ok";
|
||||||
|
+ VarName = L"<unknown>";
|
||||||
|
+ break;
|
||||||
|
+
|
||||||
|
+ // usage: State = VAR_ADDED
|
||||||
|
+ case VAR_ADDED:
|
||||||
|
+ VarState = "ok";
|
||||||
|
+ break;
|
||||||
|
+
|
||||||
|
+ // usage: State &= VAR_IN_DELETED_TRANSITION
|
||||||
|
+ case VAR_ADDED &VAR_IN_DELETED_TRANSITION:
|
||||||
|
+ VarState = "del-in-transition";
|
||||||
|
+ break;
|
||||||
|
+
|
||||||
|
+ // usage: State &= VAR_DELETED
|
||||||
|
+ case VAR_ADDED &VAR_DELETED:
|
||||||
|
+ case VAR_ADDED &VAR_DELETED &VAR_IN_DELETED_TRANSITION:
|
||||||
|
+ VarState = "deleted";
|
||||||
|
+ break;
|
||||||
|
+
|
||||||
|
+ default:
|
||||||
|
+ DEBUG ((
|
||||||
|
+ DEBUG_ERROR,
|
||||||
|
+ "%a: invalid variable state: 0x%x\n",
|
||||||
|
+ __func__,
|
||||||
|
+ VarHeader->State
|
||||||
|
+ ));
|
||||||
|
+ return EFI_NOT_FOUND;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ Status = SafeUintnAdd (VarHeaderEnd, VarHeader->NameSize, &VarNameEnd);
|
||||||
|
+ if (RETURN_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "%a: integer overflow\n", __func__));
|
||||||
|
+ return EFI_NOT_FOUND;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ Status = SafeUintnAdd (VarNameEnd, VarHeader->DataSize, &VarEnd);
|
||||||
|
+ if (RETURN_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "%a: integer overflow\n", __func__));
|
||||||
|
+ return EFI_NOT_FOUND;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (VarEnd > VariableStoreHeader->Size) {
|
||||||
|
+ DEBUG ((
|
||||||
|
+ DEBUG_ERROR,
|
||||||
|
+ "%a: invalid variable size: 0x%Lx + 0x%Lx + 0x%x + 0x%x > 0x%x\n",
|
||||||
|
+ __func__,
|
||||||
|
+ (UINT64)VarOffset,
|
||||||
|
+ (UINT64)(sizeof (*VarHeader)),
|
||||||
|
+ VarHeader->NameSize,
|
||||||
|
+ VarHeader->DataSize,
|
||||||
|
+ VariableStoreHeader->Size
|
||||||
|
+ ));
|
||||||
|
+ return EFI_NOT_FOUND;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (((VarHeader->NameSize & 1) != 0) ||
|
||||||
|
+ (VarHeader->NameSize < 4))
|
||||||
|
+ {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "%a: invalid name size\n", __func__));
|
||||||
|
+ return EFI_NOT_FOUND;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (VarName == NULL) {
|
||||||
|
+ VarName = (VOID *)((UINTN)VariableStoreHeader + VarHeaderEnd);
|
||||||
|
+ if (VarName[VarHeader->NameSize / 2 - 1] != L'\0') {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "%a: name is not null terminated\n", __func__));
|
||||||
|
+ return EFI_NOT_FOUND;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ DEBUG ((
|
||||||
|
+ DEBUG_VERBOSE,
|
||||||
|
+ "%a: +0x%04Lx: name=0x%x data=0x%x guid=%g '%s' (%a)\n",
|
||||||
|
+ __func__,
|
||||||
|
+ (UINT64)VarOffset,
|
||||||
|
+ VarHeader->NameSize,
|
||||||
|
+ VarHeader->DataSize,
|
||||||
|
+ &VarHeader->VendorGuid,
|
||||||
|
+ VarName,
|
||||||
|
+ VarState
|
||||||
|
+ ));
|
||||||
|
+
|
||||||
|
+ VarPadding = (4 - (VarEnd & 3)) & 3;
|
||||||
|
+ Status = SafeUintnAdd (VarEnd, VarPadding, &VarOffset);
|
||||||
|
+ if (RETURN_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "%a: integer overflow\n", __func__));
|
||||||
|
+ return EFI_NOT_FOUND;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,42 @@
|
|||||||
|
From 77047a56601aaa955a12030343bdee973b9d393d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 9 Jan 2024 12:29:01 +0100
|
||||||
|
Subject: [PATCH 2/3] OvmfPkg/VirtNorFlashDxe: stop accepting gEfiVariableGuid
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Only accept gEfiAuthenticatedVariableGuid when checking the variable
|
||||||
|
store header in ValidateFvHeader().
|
||||||
|
|
||||||
|
The edk2 code base has been switched to use the authenticated varstore
|
||||||
|
format unconditionally (even in case secure boot is not used or
|
||||||
|
supported) a few years ago.
|
||||||
|
|
||||||
|
Suggested-by: László Érsek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Message-Id: <20240109112902.30002-3-kraxel@redhat.com>
|
||||||
|
(cherry picked from commit ae22b2f136bcbd27135a5f4dd76d3a68a172d00e)
|
||||||
|
---
|
||||||
|
OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c | 4 +---
|
||||||
|
1 file changed, 1 insertion(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
|
||||||
|
index 5ee98e9b59..9a614ae4b2 100644
|
||||||
|
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
|
||||||
|
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
|
||||||
|
@@ -239,9 +239,7 @@ ValidateFvHeader (
|
||||||
|
VariableStoreHeader = (VARIABLE_STORE_HEADER *)((UINTN)FwVolHeader + FwVolHeader->HeaderLength);
|
||||||
|
|
||||||
|
// Check the Variable Store Guid
|
||||||
|
- if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiVariableGuid) &&
|
||||||
|
- !CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVariableGuid))
|
||||||
|
- {
|
||||||
|
+ if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVariableGuid)) {
|
||||||
|
DEBUG ((
|
||||||
|
DEBUG_INFO,
|
||||||
|
"%a: Variable Store Guid non-compatible\n",
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,330 @@
|
|||||||
|
From e22e11cc37c3bf3530ea8db1d18371c47c9e4440 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 20 Jun 2024 10:34:22 -0400
|
||||||
|
Subject: [PATCH 6/8] OvmfPkg: wire up RngDxe
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 75: NetworkPkg: SECURITY PATCH CVE-2023-45236 and CVE-2023-45237
|
||||||
|
RH-Jira: RHEL-40270 RHEL-40272
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [6/8] 4adf88888386923ee824469cf836b4f63117807d
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-40270
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45237
|
||||||
|
Conflicts: Cherry pick wanted to add include files from the
|
||||||
|
missing 'add ShellComponents' (commit 2cb466cc2cbf...)
|
||||||
|
series. This had to be handled manually.
|
||||||
|
|
||||||
|
commit 712797cf19acd292bf203522a79e40e7e13d268b
|
||||||
|
Author: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Fri May 24 12:51:17 2024 +0200
|
||||||
|
|
||||||
|
OvmfPkg: wire up RngDxe
|
||||||
|
|
||||||
|
Add OvmfRng include snippets with the random number generator
|
||||||
|
configuration for OVMF. Include RngDxe, build with BaseRngLib,
|
||||||
|
so the rdrand instruction is used (if available).
|
||||||
|
|
||||||
|
Also move VirtioRng to the include snippets.
|
||||||
|
|
||||||
|
Use the new include snippets for OVMF builds.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.dsc | 2 +-
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.fdf | 3 ++-
|
||||||
|
OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc | 9 +++++++++
|
||||||
|
OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc | 6 ++++++
|
||||||
|
OvmfPkg/IntelTdx/IntelTdxX64.dsc | 2 +-
|
||||||
|
OvmfPkg/IntelTdx/IntelTdxX64.fdf | 3 ++-
|
||||||
|
OvmfPkg/Microvm/MicrovmX64.dsc | 2 +-
|
||||||
|
OvmfPkg/Microvm/MicrovmX64.fdf | 3 ++-
|
||||||
|
OvmfPkg/OvmfPkgIa32.dsc | 2 +-
|
||||||
|
OvmfPkg/OvmfPkgIa32.fdf | 3 ++-
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.dsc | 2 +-
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.fdf | 3 ++-
|
||||||
|
OvmfPkg/OvmfPkgX64.dsc | 2 +-
|
||||||
|
OvmfPkg/OvmfPkgX64.fdf | 3 ++-
|
||||||
|
14 files changed, 33 insertions(+), 12 deletions(-)
|
||||||
|
create mode 100644 OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
||||||
|
create mode 100644 OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
index 7bb6ffb3f0..5d50e77002 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
@@ -651,7 +651,6 @@
|
||||||
|
OvmfPkg/Virtio10Dxe/Virtio10.inf
|
||||||
|
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
||||||
|
OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
||||||
|
- OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
||||||
|
!if $(PVSCSI_ENABLE) == TRUE
|
||||||
|
OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
||||||
|
!endif
|
||||||
|
@@ -763,6 +762,7 @@
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000
|
||||||
|
}
|
||||||
|
!endif
|
||||||
|
+!include OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
||||||
|
|
||||||
|
OvmfPkg/PlatformDxe/Platform.inf
|
||||||
|
OvmfPkg/AmdSevDxe/AmdSevDxe.inf {
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
index 0e3d7bea2b..c94f2d34ee 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
@@ -220,7 +220,6 @@ INF OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
|
||||||
|
INF OvmfPkg/Virtio10Dxe/Virtio10.inf
|
||||||
|
INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
||||||
|
INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
||||||
|
-INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
||||||
|
!if $(PVSCSI_ENABLE) == TRUE
|
||||||
|
INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
||||||
|
!endif
|
||||||
|
@@ -316,6 +315,8 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
|
||||||
|
#
|
||||||
|
!include OvmfPkg/Include/Fdf/OvmfTpmDxe.fdf.inc
|
||||||
|
|
||||||
|
+!include OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
||||||
|
+
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
[FV.FVMAIN_COMPACT]
|
||||||
|
diff --git a/OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc b/OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..68839a0caa
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
||||||
|
@@ -0,0 +1,9 @@
|
||||||
|
+##
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+##
|
||||||
|
+
|
||||||
|
+ SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf {
|
||||||
|
+ <LibraryClasses>
|
||||||
|
+ RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
|
||||||
|
+ }
|
||||||
|
+ OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
||||||
|
diff --git a/OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc b/OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..99cb4a32b1
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
||||||
|
@@ -0,0 +1,6 @@
|
||||||
|
+##
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+##
|
||||||
|
+
|
||||||
|
+INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
|
||||||
|
+INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
||||||
|
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
||||||
|
index fd6722499a..d38fed2171 100644
|
||||||
|
--- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
||||||
|
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
||||||
|
@@ -641,7 +641,6 @@
|
||||||
|
OvmfPkg/Virtio10Dxe/Virtio10.inf
|
||||||
|
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
||||||
|
OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
||||||
|
- OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
||||||
|
!if $(PVSCSI_ENABLE) == TRUE
|
||||||
|
OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
||||||
|
!endif
|
||||||
|
@@ -752,6 +751,7 @@
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000
|
||||||
|
}
|
||||||
|
!endif
|
||||||
|
+!include OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
||||||
|
|
||||||
|
!if $(SECURE_BOOT_ENABLE) == TRUE
|
||||||
|
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
|
||||||
|
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.fdf b/OvmfPkg/IntelTdx/IntelTdxX64.fdf
|
||||||
|
index 69ed7a9bc6..077a5c8637 100644
|
||||||
|
--- a/OvmfPkg/IntelTdx/IntelTdxX64.fdf
|
||||||
|
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.fdf
|
||||||
|
@@ -285,7 +285,6 @@ READ_LOCK_STATUS = TRUE
|
||||||
|
#
|
||||||
|
INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
||||||
|
INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
||||||
|
-INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
||||||
|
!if $(PVSCSI_ENABLE) == TRUE
|
||||||
|
INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
||||||
|
!endif
|
||||||
|
@@ -333,6 +332,8 @@ INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
||||||
|
INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
||||||
|
INF OvmfPkg/PlatformDxe/Platform.inf
|
||||||
|
|
||||||
|
+!include OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
||||||
|
+
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
[FV.FVMAIN_COMPACT]
|
||||||
|
diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc
|
||||||
|
index 79f14b5c05..ca6902971f 100644
|
||||||
|
--- a/OvmfPkg/Microvm/MicrovmX64.dsc
|
||||||
|
+++ b/OvmfPkg/Microvm/MicrovmX64.dsc
|
||||||
|
@@ -754,7 +754,6 @@
|
||||||
|
OvmfPkg/Virtio10Dxe/Virtio10.inf
|
||||||
|
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
||||||
|
OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
||||||
|
- OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
||||||
|
OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
||||||
|
MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
|
||||||
|
MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
|
||||||
|
@@ -880,6 +879,7 @@
|
||||||
|
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000
|
||||||
|
}
|
||||||
|
+!include OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
||||||
|
|
||||||
|
!if $(SECURE_BOOT_ENABLE) == TRUE
|
||||||
|
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
|
||||||
|
diff --git a/OvmfPkg/Microvm/MicrovmX64.fdf b/OvmfPkg/Microvm/MicrovmX64.fdf
|
||||||
|
index eda24a3ec9..767ee4b338 100644
|
||||||
|
--- a/OvmfPkg/Microvm/MicrovmX64.fdf
|
||||||
|
+++ b/OvmfPkg/Microvm/MicrovmX64.fdf
|
||||||
|
@@ -204,7 +204,6 @@ INF OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
|
||||||
|
INF OvmfPkg/Virtio10Dxe/Virtio10.inf
|
||||||
|
INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
||||||
|
INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
||||||
|
-INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
||||||
|
INF OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
||||||
|
|
||||||
|
!if $(SECURE_BOOT_ENABLE) == TRUE
|
||||||
|
@@ -303,6 +302,8 @@ INF OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf
|
||||||
|
INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
|
||||||
|
INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
|
||||||
|
|
||||||
|
+!include OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
||||||
|
+
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
[FV.FVMAIN_COMPACT]
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
index 83adecc374..4074aa382d 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
@@ -804,7 +804,6 @@
|
||||||
|
OvmfPkg/Virtio10Dxe/Virtio10.inf
|
||||||
|
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
||||||
|
OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
||||||
|
- OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
||||||
|
OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
||||||
|
!if $(PVSCSI_ENABLE) == TRUE
|
||||||
|
OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
||||||
|
@@ -942,6 +941,7 @@
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000
|
||||||
|
}
|
||||||
|
!endif
|
||||||
|
+!include OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
||||||
|
|
||||||
|
!if $(SECURE_BOOT_ENABLE) == TRUE
|
||||||
|
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
index 88c57ff5ff..20cfd2788e 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
@@ -236,7 +236,6 @@ INF OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
|
||||||
|
INF OvmfPkg/Virtio10Dxe/Virtio10.inf
|
||||||
|
INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
||||||
|
INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
||||||
|
-INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
||||||
|
INF OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
||||||
|
!if $(PVSCSI_ENABLE) == TRUE
|
||||||
|
INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
||||||
|
@@ -367,6 +366,8 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
|
||||||
|
#
|
||||||
|
!include OvmfPkg/Include/Fdf/OvmfTpmDxe.fdf.inc
|
||||||
|
|
||||||
|
+!include OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
||||||
|
+
|
||||||
|
!if $(LOAD_X64_ON_IA32_ENABLE) == TRUE
|
||||||
|
INF OvmfPkg/CompatImageLoaderDxe/CompatImageLoaderDxe.inf
|
||||||
|
!endif
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
index b47cdf63e7..75ef19bc85 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
@@ -822,7 +822,6 @@
|
||||||
|
OvmfPkg/Virtio10Dxe/Virtio10.inf
|
||||||
|
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
||||||
|
OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
||||||
|
- OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
||||||
|
OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
||||||
|
!if $(PVSCSI_ENABLE) == TRUE
|
||||||
|
OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
||||||
|
@@ -960,6 +959,7 @@
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000
|
||||||
|
}
|
||||||
|
!endif
|
||||||
|
+!include OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
||||||
|
|
||||||
|
!if $(SECURE_BOOT_ENABLE) == TRUE
|
||||||
|
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
index ab5a9bc306..8517c79ba2 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
@@ -237,7 +237,6 @@ INF OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
|
||||||
|
INF OvmfPkg/Virtio10Dxe/Virtio10.inf
|
||||||
|
INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
||||||
|
INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
||||||
|
-INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
||||||
|
INF OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
||||||
|
!if $(PVSCSI_ENABLE) == TRUE
|
||||||
|
INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
||||||
|
@@ -374,6 +373,8 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
|
||||||
|
#
|
||||||
|
!include OvmfPkg/Include/Fdf/OvmfTpmDxe.fdf.inc
|
||||||
|
|
||||||
|
+!include OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
||||||
|
+
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
[FV.FVMAIN_COMPACT]
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
index be3824ec1e..631ff0c788 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
@@ -890,7 +890,6 @@
|
||||||
|
OvmfPkg/Virtio10Dxe/Virtio10.inf
|
||||||
|
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
||||||
|
OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
||||||
|
- OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
||||||
|
OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
||||||
|
!if $(PVSCSI_ENABLE) == TRUE
|
||||||
|
OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
||||||
|
@@ -1028,6 +1027,7 @@
|
||||||
|
gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000
|
||||||
|
}
|
||||||
|
!endif
|
||||||
|
+!include OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
||||||
|
|
||||||
|
!if $(SECURE_BOOT_ENABLE) == TRUE
|
||||||
|
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
index 851399888f..7ecde357ce 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
@@ -262,7 +262,6 @@ INF OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
|
||||||
|
INF OvmfPkg/Virtio10Dxe/Virtio10.inf
|
||||||
|
INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
||||||
|
INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
||||||
|
-INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
||||||
|
INF OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
||||||
|
!if $(PVSCSI_ENABLE) == TRUE
|
||||||
|
INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
||||||
|
@@ -408,6 +407,8 @@ INF SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.inf
|
||||||
|
#
|
||||||
|
!include OvmfPkg/Include/Fdf/OvmfTpmDxe.fdf.inc
|
||||||
|
|
||||||
|
+!include OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
||||||
|
+
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
[FV.FVMAIN_COMPACT]
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,68 @@
|
|||||||
|
From b3a9b8a85e2782600b4fd26d08a4d15826cadcf7 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Wed, 17 Jan 2024 12:20:52 -0500
|
||||||
|
Subject: [PATCH 3/3] SecurityPkg: : Adding CVE 2022-36763 to
|
||||||
|
SecurityFixes.yaml
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 51: SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763
|
||||||
|
RH-Jira: RHEL-21155
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [3/3] 0763dad29bb6b9b3832b166bbabe15e84ed7208c
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21155
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2022-36763
|
||||||
|
|
||||||
|
commit 1ddcb9fc6b4164e882687b031e8beacfcf7df29e
|
||||||
|
Author: Douglas Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Date: Fri Jan 12 02:16:03 2024 +0800
|
||||||
|
|
||||||
|
SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml
|
||||||
|
|
||||||
|
This creates / adds a security file that tracks the security fixes
|
||||||
|
found in this package and can be used to find the fixes that were
|
||||||
|
applied.
|
||||||
|
|
||||||
|
Cc: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
SecurityPkg/SecurityFixes.yaml | 22 ++++++++++++++++++++++
|
||||||
|
1 file changed, 22 insertions(+)
|
||||||
|
create mode 100644 SecurityPkg/SecurityFixes.yaml
|
||||||
|
|
||||||
|
diff --git a/SecurityPkg/SecurityFixes.yaml b/SecurityPkg/SecurityFixes.yaml
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..f9e3e7be74
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/SecurityPkg/SecurityFixes.yaml
|
||||||
|
@@ -0,0 +1,22 @@
|
||||||
|
+## @file
|
||||||
|
+# Security Fixes for SecurityPkg
|
||||||
|
+#
|
||||||
|
+# Copyright (c) Microsoft Corporation
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+##
|
||||||
|
+CVE_2022_36763:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "SecurityPkg: DxeTpm2Measurement: SECURITY PATCH 4117 - CVE 2022-36763"
|
||||||
|
+ - "SecurityPkg: DxeTpmMeasurement: SECURITY PATCH 4117 - CVE 2022-36763"
|
||||||
|
+ - "SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml"
|
||||||
|
+ cve: CVE-2022-36763
|
||||||
|
+ date_reported: 2022-10-25 11:31 UTC
|
||||||
|
+ description: (CVE-2022-36763) - Heap Buffer Overflow in Tcg2MeasureGptTable()
|
||||||
|
+ note: This patch is related to and supersedes TCBZ2168
|
||||||
|
+ files_impacted:
|
||||||
|
+ - Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c
|
||||||
|
+ - Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4117
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=2168
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=1990
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,273 @@
|
|||||||
|
From 31ebaa021650c9b23c27f3a7954d33c1ef1e1502 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Tue, 13 Feb 2024 16:30:10 -0500
|
||||||
|
Subject: [PATCH 3/9] SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH
|
||||||
|
4117/4118 symbol rename
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 53: SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764
|
||||||
|
RH-Jira: RHEL-21157
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [3/5] d18f14e0a7df36223dab179bf7e9556db43f4c55
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21157
|
||||||
|
CVE: CVE-2022-36764
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 40adbb7f628dee79156c679fb0857968b61b7620
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Wed Jan 17 14:47:20 2024 -0800
|
||||||
|
|
||||||
|
SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117/4118 symbol rename
|
||||||
|
|
||||||
|
Updates the sanitation function names to be lib unique names
|
||||||
|
|
||||||
|
Cc: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
Cc: Rahul Kumar <rahul1.kumar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Message-Id: <7b18434c8a8b561654efd40ced3becb8b378c8f1.1705529990.git.doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../DxeTpm2MeasureBootLib.c | 8 +++---
|
||||||
|
.../DxeTpm2MeasureBootLibSanitization.c | 8 +++---
|
||||||
|
.../DxeTpm2MeasureBootLibSanitization.h | 8 +++---
|
||||||
|
.../DxeTpm2MeasureBootLibSanitizationTest.c | 26 +++++++++----------
|
||||||
|
4 files changed, 25 insertions(+), 25 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c
|
||||||
|
index 714cc8e03e..73719f3b96 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c
|
||||||
|
@@ -200,7 +200,7 @@ Tcg2MeasureGptTable (
|
||||||
|
BlockIo->Media->BlockSize,
|
||||||
|
(UINT8 *)PrimaryHeader
|
||||||
|
);
|
||||||
|
- if (EFI_ERROR (Status) || EFI_ERROR (SanitizeEfiPartitionTableHeader (PrimaryHeader, BlockIo))) {
|
||||||
|
+ if (EFI_ERROR (Status) || EFI_ERROR (Tpm2SanitizeEfiPartitionTableHeader (PrimaryHeader, BlockIo))) {
|
||||||
|
DEBUG ((DEBUG_ERROR, "Failed to read Partition Table Header or invalid Partition Table Header!\n"));
|
||||||
|
FreePool (PrimaryHeader);
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
@@ -209,7 +209,7 @@ Tcg2MeasureGptTable (
|
||||||
|
//
|
||||||
|
// Read the partition entry.
|
||||||
|
//
|
||||||
|
- Status = SanitizePrimaryHeaderAllocationSize (PrimaryHeader, &AllocSize);
|
||||||
|
+ Status = Tpm2SanitizePrimaryHeaderAllocationSize (PrimaryHeader, &AllocSize);
|
||||||
|
if (EFI_ERROR (Status)) {
|
||||||
|
FreePool (PrimaryHeader);
|
||||||
|
return EFI_BAD_BUFFER_SIZE;
|
||||||
|
@@ -250,7 +250,7 @@ Tcg2MeasureGptTable (
|
||||||
|
//
|
||||||
|
// Prepare Data for Measurement (CcProtocol and Tcg2Protocol)
|
||||||
|
//
|
||||||
|
- Status = SanitizePrimaryHeaderGptEventSize (PrimaryHeader, NumberOfPartition, &TcgEventSize);
|
||||||
|
+ Status = Tpm2SanitizePrimaryHeaderGptEventSize (PrimaryHeader, NumberOfPartition, &TcgEventSize);
|
||||||
|
if (EFI_ERROR (Status)) {
|
||||||
|
FreePool (PrimaryHeader);
|
||||||
|
FreePool (EntryPtr);
|
||||||
|
@@ -420,7 +420,7 @@ Tcg2MeasurePeImage (
|
||||||
|
}
|
||||||
|
|
||||||
|
FilePathSize = (UINT32)GetDevicePathSize (FilePath);
|
||||||
|
- Status = SanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||||
|
+ Status = Tpm2SanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||||
|
if (EFI_ERROR (Status)) {
|
||||||
|
return EFI_UNSUPPORTED;
|
||||||
|
}
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.c b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.c
|
||||||
|
index 2a4d52c6d5..809a3bfd89 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.c
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.c
|
||||||
|
@@ -63,7 +63,7 @@
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
EFIAPI
|
||||||
|
-SanitizeEfiPartitionTableHeader (
|
||||||
|
+Tpm2SanitizeEfiPartitionTableHeader (
|
||||||
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
IN CONST EFI_BLOCK_IO_PROTOCOL *BlockIo
|
||||||
|
)
|
||||||
|
@@ -169,7 +169,7 @@ SanitizeEfiPartitionTableHeader (
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
EFIAPI
|
||||||
|
-SanitizePrimaryHeaderAllocationSize (
|
||||||
|
+Tpm2SanitizePrimaryHeaderAllocationSize (
|
||||||
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
OUT UINT32 *AllocationSize
|
||||||
|
)
|
||||||
|
@@ -221,7 +221,7 @@ SanitizePrimaryHeaderAllocationSize (
|
||||||
|
One of the passed parameters was invalid.
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
-SanitizePrimaryHeaderGptEventSize (
|
||||||
|
+Tpm2SanitizePrimaryHeaderGptEventSize (
|
||||||
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
IN UINTN NumberOfPartition,
|
||||||
|
OUT UINT32 *EventSize
|
||||||
|
@@ -292,7 +292,7 @@ SanitizePrimaryHeaderGptEventSize (
|
||||||
|
One of the passed parameters was invalid.
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
-SanitizePeImageEventSize (
|
||||||
|
+Tpm2SanitizePeImageEventSize (
|
||||||
|
IN UINT32 FilePathSize,
|
||||||
|
OUT UINT32 *EventSize
|
||||||
|
)
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.h b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.h
|
||||||
|
index 8f72ba4240..8526bc7537 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.h
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.h
|
||||||
|
@@ -54,7 +54,7 @@
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
EFIAPI
|
||||||
|
-SanitizeEfiPartitionTableHeader (
|
||||||
|
+Tpm2SanitizeEfiPartitionTableHeader (
|
||||||
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
IN CONST EFI_BLOCK_IO_PROTOCOL *BlockIo
|
||||||
|
);
|
||||||
|
@@ -78,7 +78,7 @@ SanitizeEfiPartitionTableHeader (
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
EFIAPI
|
||||||
|
-SanitizePrimaryHeaderAllocationSize (
|
||||||
|
+Tpm2SanitizePrimaryHeaderAllocationSize (
|
||||||
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
OUT UINT32 *AllocationSize
|
||||||
|
);
|
||||||
|
@@ -107,7 +107,7 @@ SanitizePrimaryHeaderAllocationSize (
|
||||||
|
One of the passed parameters was invalid.
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
-SanitizePrimaryHeaderGptEventSize (
|
||||||
|
+Tpm2SanitizePrimaryHeaderGptEventSize (
|
||||||
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
IN UINTN NumberOfPartition,
|
||||||
|
OUT UINT32 *EventSize
|
||||||
|
@@ -131,7 +131,7 @@ SanitizePrimaryHeaderGptEventSize (
|
||||||
|
One of the passed parameters was invalid.
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
-SanitizePeImageEventSize (
|
||||||
|
+Tpm2SanitizePeImageEventSize (
|
||||||
|
IN UINT32 FilePathSize,
|
||||||
|
OUT UINT32 *EventSize
|
||||||
|
);
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2MeasureBootLibSanitizationTest.c b/SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2MeasureBootLibSanitizationTest.c
|
||||||
|
index 820e99aeb9..50a68e1076 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2MeasureBootLibSanitizationTest.c
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2MeasureBootLibSanitizationTest.c
|
||||||
|
@@ -84,27 +84,27 @@ TestSanitizeEfiPartitionTableHeader (
|
||||||
|
PrimaryHeader.Header.CRC32 = CalculateCrc32 ((UINT8 *)&PrimaryHeader, PrimaryHeader.Header.HeaderSize);
|
||||||
|
|
||||||
|
// Test that a normal PrimaryHeader passes validation
|
||||||
|
- Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
+ Status = Tpm2SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
UT_ASSERT_NOT_EFI_ERROR (Status);
|
||||||
|
|
||||||
|
// Test that when number of partition entries is 0, the function returns EFI_DEVICE_ERROR
|
||||||
|
// Should print "Invalid Partition Table Header NumberOfPartitionEntries!""
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = 0;
|
||||||
|
- Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
+ Status = Tpm2SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = DEFAULT_PRIMARY_TABLE_HEADER_SIZE_OF_PARTITION_ENTRY;
|
||||||
|
|
||||||
|
// Test that when the header size is too small, the function returns EFI_DEVICE_ERROR
|
||||||
|
// Should print "Invalid Partition Table Header Size!"
|
||||||
|
PrimaryHeader.Header.HeaderSize = 0;
|
||||||
|
- Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
+ Status = Tpm2SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
||||||
|
PrimaryHeader.Header.HeaderSize = sizeof (EFI_PARTITION_TABLE_HEADER);
|
||||||
|
|
||||||
|
// Test that when the SizeOfPartitionEntry is too small, the function returns EFI_DEVICE_ERROR
|
||||||
|
// should print: "SizeOfPartitionEntry shall be set to a value of 128 x 2^n where n is an integer greater than or equal to zero (e.g., 128, 256, 512, etc.)!"
|
||||||
|
PrimaryHeader.SizeOfPartitionEntry = 1;
|
||||||
|
- Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
+ Status = Tpm2SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
||||||
|
|
||||||
|
DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||||
|
@@ -137,7 +137,7 @@ TestSanitizePrimaryHeaderAllocationSize (
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = 5;
|
||||||
|
PrimaryHeader.SizeOfPartitionEntry = DEFAULT_PRIMARY_TABLE_HEADER_SIZE_OF_PARTITION_ENTRY;
|
||||||
|
|
||||||
|
- Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
+ Status = Tpm2SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
UT_ASSERT_NOT_EFI_ERROR (Status);
|
||||||
|
|
||||||
|
// Test that the allocation size is correct compared to the existing logic
|
||||||
|
@@ -146,19 +146,19 @@ TestSanitizePrimaryHeaderAllocationSize (
|
||||||
|
// Test that an overflow is detected
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = MAX_UINT32;
|
||||||
|
PrimaryHeader.SizeOfPartitionEntry = 5;
|
||||||
|
- Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
+ Status = Tpm2SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
|
||||||
|
// Test the inverse
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = 5;
|
||||||
|
PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
||||||
|
- Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
+ Status = Tpm2SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
|
||||||
|
// Test the worst case scenario
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = MAX_UINT32;
|
||||||
|
PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
||||||
|
- Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
+ Status = Tpm2SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
|
||||||
|
DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||||
|
@@ -196,7 +196,7 @@ TestSanitizePrimaryHeaderGptEventSize (
|
||||||
|
NumberOfPartition = 13;
|
||||||
|
|
||||||
|
// that the primary event size is correct
|
||||||
|
- Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
||||||
|
+ Status = Tpm2SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
||||||
|
UT_ASSERT_NOT_EFI_ERROR (Status);
|
||||||
|
|
||||||
|
// Calculate the existing logic event size
|
||||||
|
@@ -207,12 +207,12 @@ TestSanitizePrimaryHeaderGptEventSize (
|
||||||
|
UT_ASSERT_EQUAL (EventSize, ExistingLogicEventSize);
|
||||||
|
|
||||||
|
// Tests that the primary event size may not overflow
|
||||||
|
- Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, MAX_UINT32, &EventSize);
|
||||||
|
+ Status = Tpm2SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, MAX_UINT32, &EventSize);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
|
||||||
|
// Test that the size of partition entries may not overflow
|
||||||
|
PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
||||||
|
- Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
||||||
|
+ Status = Tpm2SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
|
||||||
|
DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||||
|
@@ -245,7 +245,7 @@ TestSanitizePeImageEventSize (
|
||||||
|
FilePathSize = 255;
|
||||||
|
|
||||||
|
// Test that a normal PE image passes validation
|
||||||
|
- Status = SanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||||
|
+ Status = Tpm2SanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_SUCCESS);
|
||||||
|
|
||||||
|
// Test that the event size is correct compared to the existing logic
|
||||||
|
@@ -258,7 +258,7 @@ TestSanitizePeImageEventSize (
|
||||||
|
}
|
||||||
|
|
||||||
|
// Test that the event size may not overflow
|
||||||
|
- Status = SanitizePeImageEventSize (MAX_UINT32, &EventSize);
|
||||||
|
+ Status = Tpm2SanitizePeImageEventSize (MAX_UINT32, &EventSize);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
|
||||||
|
DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,284 @@
|
|||||||
|
From 808551c1cb2ac9dc9a6287cbc85b167aa9eb2d7e Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Wed, 7 Feb 2024 15:43:10 -0500
|
||||||
|
Subject: [PATCH 1/9] SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 -
|
||||||
|
CVE 2022-36764
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 53: SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764
|
||||||
|
RH-Jira: RHEL-21157
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [1/5] 50edfd997d089549ac41b9592131ac1212fc3431
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21157
|
||||||
|
CVE: CVE-2022-36764
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit c7b27944218130cca3bbb20314ba5b88b5de4aa4
|
||||||
|
Author: Douglas Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Date: Fri Jan 12 02:16:04 2024 +0800
|
||||||
|
|
||||||
|
SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764
|
||||||
|
|
||||||
|
This commit contains the patch files and tests for DxeTpm2MeasureBootLib
|
||||||
|
CVE 2022-36764.
|
||||||
|
|
||||||
|
Cc: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../DxeTpm2MeasureBootLib.c | 12 ++--
|
||||||
|
.../DxeTpm2MeasureBootLibSanitization.c | 46 +++++++++++++-
|
||||||
|
.../DxeTpm2MeasureBootLibSanitization.h | 28 ++++++++-
|
||||||
|
.../DxeTpm2MeasureBootLibSanitizationTest.c | 60 ++++++++++++++++---
|
||||||
|
4 files changed, 131 insertions(+), 15 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c
|
||||||
|
index 0475103d6e..714cc8e03e 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c
|
||||||
|
@@ -378,7 +378,6 @@ Exit:
|
||||||
|
@retval EFI_OUT_OF_RESOURCES No enough resource to measure image.
|
||||||
|
@retval EFI_UNSUPPORTED ImageType is unsupported or PE image is mal-format.
|
||||||
|
@retval other error value
|
||||||
|
-
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
EFIAPI
|
||||||
|
@@ -405,6 +404,7 @@ Tcg2MeasurePeImage (
|
||||||
|
Status = EFI_UNSUPPORTED;
|
||||||
|
ImageLoad = NULL;
|
||||||
|
EventPtr = NULL;
|
||||||
|
+ Tcg2Event = NULL;
|
||||||
|
|
||||||
|
Tcg2Protocol = MeasureBootProtocols->Tcg2Protocol;
|
||||||
|
CcProtocol = MeasureBootProtocols->CcProtocol;
|
||||||
|
@@ -420,18 +420,22 @@ Tcg2MeasurePeImage (
|
||||||
|
}
|
||||||
|
|
||||||
|
FilePathSize = (UINT32)GetDevicePathSize (FilePath);
|
||||||
|
+ Status = SanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ return EFI_UNSUPPORTED;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
//
|
||||||
|
// Determine destination PCR by BootPolicy
|
||||||
|
//
|
||||||
|
- EventSize = sizeof (*ImageLoad) - sizeof (ImageLoad->DevicePath) + FilePathSize;
|
||||||
|
- EventPtr = AllocateZeroPool (EventSize + sizeof (EFI_TCG2_EVENT) - sizeof (Tcg2Event->Event));
|
||||||
|
+ // from a malicious GPT disk partition
|
||||||
|
+ EventPtr = AllocateZeroPool (EventSize);
|
||||||
|
if (EventPtr == NULL) {
|
||||||
|
return EFI_OUT_OF_RESOURCES;
|
||||||
|
}
|
||||||
|
|
||||||
|
Tcg2Event = (EFI_TCG2_EVENT *)EventPtr;
|
||||||
|
- Tcg2Event->Size = EventSize + sizeof (EFI_TCG2_EVENT) - sizeof (Tcg2Event->Event);
|
||||||
|
+ Tcg2Event->Size = EventSize;
|
||||||
|
Tcg2Event->Header.HeaderSize = sizeof (EFI_TCG2_EVENT_HEADER);
|
||||||
|
Tcg2Event->Header.HeaderVersion = EFI_TCG2_EVENT_HEADER_VERSION;
|
||||||
|
ImageLoad = (EFI_IMAGE_LOAD_EVENT *)Tcg2Event->Event;
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.c b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.c
|
||||||
|
index e2309655d3..2a4d52c6d5 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.c
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.c
|
||||||
|
@@ -151,7 +151,7 @@ SanitizeEfiPartitionTableHeader (
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
- This function will validate that the allocation size from the primary header is sane
|
||||||
|
+ This function will validate that the allocation size from the primary header is sane
|
||||||
|
It will check the following:
|
||||||
|
- AllocationSize does not overflow
|
||||||
|
|
||||||
|
@@ -273,3 +273,47 @@ SanitizePrimaryHeaderGptEventSize (
|
||||||
|
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ This function will validate that the PeImage Event Size from the loaded image is sane
|
||||||
|
+ It will check the following:
|
||||||
|
+ - EventSize does not overflow
|
||||||
|
+
|
||||||
|
+ @param[in] FilePathSize - Size of the file path.
|
||||||
|
+ @param[out] EventSize - Pointer to the event size.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS
|
||||||
|
+ The event size is valid.
|
||||||
|
+
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES
|
||||||
|
+ Overflow would have occurred.
|
||||||
|
+
|
||||||
|
+ @retval EFI_INVALID_PARAMETER
|
||||||
|
+ One of the passed parameters was invalid.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+SanitizePeImageEventSize (
|
||||||
|
+ IN UINT32 FilePathSize,
|
||||||
|
+ OUT UINT32 *EventSize
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
+ // Replacing logic:
|
||||||
|
+ // sizeof (*ImageLoad) - sizeof (ImageLoad->DevicePath) + FilePathSize;
|
||||||
|
+ Status = SafeUint32Add (OFFSET_OF (EFI_IMAGE_LOAD_EVENT, DevicePath), FilePathSize, EventSize);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "EventSize would overflow!\n"));
|
||||||
|
+ return EFI_BAD_BUFFER_SIZE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Replacing logic:
|
||||||
|
+ // EventSize + sizeof (EFI_TCG2_EVENT) - sizeof (Tcg2Event->Event)
|
||||||
|
+ Status = SafeUint32Add (*EventSize, OFFSET_OF (EFI_TCG2_EVENT, Event), EventSize);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "EventSize would overflow!\n"));
|
||||||
|
+ return EFI_BAD_BUFFER_SIZE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.h b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.h
|
||||||
|
index 048b738987..8f72ba4240 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.h
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.h
|
||||||
|
@@ -9,6 +9,9 @@
|
||||||
|
Tcg2MeasureGptTable() function will receive untrusted GPT partition table, and parse
|
||||||
|
partition data carefully.
|
||||||
|
|
||||||
|
+ Tcg2MeasurePeImage() function will accept untrusted PE/COFF image and validate its
|
||||||
|
+ data structure within this image buffer before use.
|
||||||
|
+
|
||||||
|
Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
@@ -110,4 +113,27 @@ SanitizePrimaryHeaderGptEventSize (
|
||||||
|
OUT UINT32 *EventSize
|
||||||
|
);
|
||||||
|
|
||||||
|
-#endif // DXE_TPM2_MEASURE_BOOT_LIB_SANITATION_
|
||||||
|
+/**
|
||||||
|
+ This function will validate that the PeImage Event Size from the loaded image is sane
|
||||||
|
+ It will check the following:
|
||||||
|
+ - EventSize does not overflow
|
||||||
|
+
|
||||||
|
+ @param[in] FilePathSize - Size of the file path.
|
||||||
|
+ @param[out] EventSize - Pointer to the event size.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS
|
||||||
|
+ The event size is valid.
|
||||||
|
+
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES
|
||||||
|
+ Overflow would have occurred.
|
||||||
|
+
|
||||||
|
+ @retval EFI_INVALID_PARAMETER
|
||||||
|
+ One of the passed parameters was invalid.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+SanitizePeImageEventSize (
|
||||||
|
+ IN UINT32 FilePathSize,
|
||||||
|
+ OUT UINT32 *EventSize
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+#endif // DXE_TPM2_MEASURE_BOOT_LIB_VALIDATION_
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2MeasureBootLibSanitizationTest.c b/SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2MeasureBootLibSanitizationTest.c
|
||||||
|
index 3eb9763e3c..820e99aeb9 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2MeasureBootLibSanitizationTest.c
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2MeasureBootLibSanitizationTest.c
|
||||||
|
@@ -72,10 +72,10 @@ TestSanitizeEfiPartitionTableHeader (
|
||||||
|
PrimaryHeader.Header.Revision = DEFAULT_PRIMARY_TABLE_HEADER_REVISION;
|
||||||
|
PrimaryHeader.Header.HeaderSize = sizeof (EFI_PARTITION_TABLE_HEADER);
|
||||||
|
PrimaryHeader.MyLBA = 1;
|
||||||
|
- PrimaryHeader.AlternateLBA = 2;
|
||||||
|
- PrimaryHeader.FirstUsableLBA = 3;
|
||||||
|
- PrimaryHeader.LastUsableLBA = 4;
|
||||||
|
- PrimaryHeader.PartitionEntryLBA = 5;
|
||||||
|
+ PrimaryHeader.PartitionEntryLBA = 2;
|
||||||
|
+ PrimaryHeader.AlternateLBA = 3;
|
||||||
|
+ PrimaryHeader.FirstUsableLBA = 4;
|
||||||
|
+ PrimaryHeader.LastUsableLBA = 5;
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = DEFAULT_PRIMARY_TABLE_HEADER_NUMBER_OF_PARTITION_ENTRIES;
|
||||||
|
PrimaryHeader.SizeOfPartitionEntry = DEFAULT_PRIMARY_TABLE_HEADER_SIZE_OF_PARTITION_ENTRY;
|
||||||
|
PrimaryHeader.PartitionEntryArrayCRC32 = 0; // Purposely invalid
|
||||||
|
@@ -187,11 +187,6 @@ TestSanitizePrimaryHeaderGptEventSize (
|
||||||
|
EFI_STATUS Status;
|
||||||
|
EFI_PARTITION_TABLE_HEADER PrimaryHeader;
|
||||||
|
UINTN NumberOfPartition;
|
||||||
|
- EFI_GPT_DATA *GptData;
|
||||||
|
- EFI_TCG2_EVENT *Tcg2Event;
|
||||||
|
-
|
||||||
|
- Tcg2Event = NULL;
|
||||||
|
- GptData = NULL;
|
||||||
|
|
||||||
|
// Test that a normal PrimaryHeader passes validation
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = 5;
|
||||||
|
@@ -225,6 +220,52 @@ TestSanitizePrimaryHeaderGptEventSize (
|
||||||
|
return UNIT_TEST_PASSED;
|
||||||
|
}
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ This function tests the SanitizePeImageEventSize function.
|
||||||
|
+ It's intent is to test that the untrusted input from a file path when generating a
|
||||||
|
+ EFI_IMAGE_LOAD_EVENT structure will not cause an overflow when calculating
|
||||||
|
+ the event size when allocating space
|
||||||
|
+
|
||||||
|
+ @param[in] Context The unit test context.
|
||||||
|
+
|
||||||
|
+ @retval UNIT_TEST_PASSED The test passed.
|
||||||
|
+ @retval UNIT_TEST_ERROR_TEST_FAILED The test failed.
|
||||||
|
+**/
|
||||||
|
+UNIT_TEST_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+TestSanitizePeImageEventSize (
|
||||||
|
+ IN UNIT_TEST_CONTEXT Context
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ UINT32 EventSize;
|
||||||
|
+ UINTN ExistingLogicEventSize;
|
||||||
|
+ UINT32 FilePathSize;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
+ FilePathSize = 255;
|
||||||
|
+
|
||||||
|
+ // Test that a normal PE image passes validation
|
||||||
|
+ Status = SanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||||
|
+ UT_ASSERT_EQUAL (Status, EFI_SUCCESS);
|
||||||
|
+
|
||||||
|
+ // Test that the event size is correct compared to the existing logic
|
||||||
|
+ ExistingLogicEventSize = OFFSET_OF (EFI_IMAGE_LOAD_EVENT, DevicePath) + FilePathSize;
|
||||||
|
+ ExistingLogicEventSize += OFFSET_OF (EFI_TCG2_EVENT, Event);
|
||||||
|
+
|
||||||
|
+ if (EventSize != ExistingLogicEventSize) {
|
||||||
|
+ UT_LOG_ERROR ("SanitizePeImageEventSize returned an incorrect event size. Expected %u, got %u\n", ExistingLogicEventSize, EventSize);
|
||||||
|
+ return UNIT_TEST_ERROR_TEST_FAILED;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Test that the event size may not overflow
|
||||||
|
+ Status = SanitizePeImageEventSize (MAX_UINT32, &EventSize);
|
||||||
|
+ UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
+
|
||||||
|
+ DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||||
|
+
|
||||||
|
+ return UNIT_TEST_PASSED;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
// *--------------------------------------------------------------------*
|
||||||
|
// * Unit Test Code Main Function
|
||||||
|
// *--------------------------------------------------------------------*
|
||||||
|
@@ -267,6 +308,7 @@ UefiTestMain (
|
||||||
|
AddTestCase (Tcg2MeasureBootLibValidationTestSuite, "Tests Validating EFI Partition Table", "Common.Tcg2MeasureBootLibValidation", TestSanitizeEfiPartitionTableHeader, NULL, NULL, NULL);
|
||||||
|
AddTestCase (Tcg2MeasureBootLibValidationTestSuite, "Tests Primary header gpt event checks for overflow", "Common.Tcg2MeasureBootLibValidation", TestSanitizePrimaryHeaderAllocationSize, NULL, NULL, NULL);
|
||||||
|
AddTestCase (Tcg2MeasureBootLibValidationTestSuite, "Tests Primary header allocation size checks for overflow", "Common.Tcg2MeasureBootLibValidation", TestSanitizePrimaryHeaderGptEventSize, NULL, NULL, NULL);
|
||||||
|
+ AddTestCase (Tcg2MeasureBootLibValidationTestSuite, "Tests PE Image and FileSize checks for overflow", "Common.Tcg2MeasureBootLibValidation", TestSanitizePeImageEventSize, NULL, NULL, NULL);
|
||||||
|
|
||||||
|
Status = RunAllTestSuites (Framework);
|
||||||
|
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,280 @@
|
|||||||
|
From bf371de652c1132667666a9534ec2d91f9ea111d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Tue, 13 Feb 2024 16:30:10 -0500
|
||||||
|
Subject: [PATCH 4/9] SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH
|
||||||
|
4117/4118 symbol rename
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 53: SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764
|
||||||
|
RH-Jira: RHEL-21157
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [4/5] bf00b368887b50b1ff5578a4491550b5741e3e34
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21157
|
||||||
|
CVE: CVE-2022-36764
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 326db0c9072004dea89427ea3a44393a84966f2b
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Wed Jan 17 14:47:21 2024 -0800
|
||||||
|
|
||||||
|
SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117/4118 symbol rename
|
||||||
|
|
||||||
|
Updates the sanitation function names to be lib unique names
|
||||||
|
|
||||||
|
Cc: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
Cc: Rahul Kumar <rahul1.kumar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Message-Id: <355aa846a99ca6ac0f7574cf5982661da0d9fea6.1705529990.git.doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../DxeTpmMeasureBootLib.c | 8 +++---
|
||||||
|
.../DxeTpmMeasureBootLibSanitization.c | 10 +++----
|
||||||
|
.../DxeTpmMeasureBootLibSanitization.h | 8 +++---
|
||||||
|
.../DxeTpmMeasureBootLibSanitizationTest.c | 26 +++++++++----------
|
||||||
|
4 files changed, 26 insertions(+), 26 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
|
||||||
|
index a9fc440a09..ac855b8fbb 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
|
||||||
|
@@ -174,7 +174,7 @@ TcgMeasureGptTable (
|
||||||
|
BlockIo->Media->BlockSize,
|
||||||
|
(UINT8 *)PrimaryHeader
|
||||||
|
);
|
||||||
|
- if (EFI_ERROR (Status) || EFI_ERROR (SanitizeEfiPartitionTableHeader (PrimaryHeader, BlockIo))) {
|
||||||
|
+ if (EFI_ERROR (Status) || EFI_ERROR (TpmSanitizeEfiPartitionTableHeader (PrimaryHeader, BlockIo))) {
|
||||||
|
DEBUG ((DEBUG_ERROR, "Failed to read Partition Table Header or invalid Partition Table Header!\n"));
|
||||||
|
FreePool (PrimaryHeader);
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
@@ -183,7 +183,7 @@ TcgMeasureGptTable (
|
||||||
|
//
|
||||||
|
// Read the partition entry.
|
||||||
|
//
|
||||||
|
- Status = SanitizePrimaryHeaderAllocationSize (PrimaryHeader, &AllocSize);
|
||||||
|
+ Status = TpmSanitizePrimaryHeaderAllocationSize (PrimaryHeader, &AllocSize);
|
||||||
|
if (EFI_ERROR (Status)) {
|
||||||
|
FreePool (PrimaryHeader);
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
@@ -224,7 +224,7 @@ TcgMeasureGptTable (
|
||||||
|
//
|
||||||
|
// Prepare Data for Measurement
|
||||||
|
//
|
||||||
|
- Status = SanitizePrimaryHeaderGptEventSize (PrimaryHeader, NumberOfPartition, &EventSize);
|
||||||
|
+ Status = TpmSanitizePrimaryHeaderGptEventSize (PrimaryHeader, NumberOfPartition, &EventSize);
|
||||||
|
TcgEvent = (TCG_PCR_EVENT *)AllocateZeroPool (EventSize);
|
||||||
|
if (TcgEvent == NULL) {
|
||||||
|
FreePool (PrimaryHeader);
|
||||||
|
@@ -351,7 +351,7 @@ TcgMeasurePeImage (
|
||||||
|
|
||||||
|
// Determine destination PCR by BootPolicy
|
||||||
|
//
|
||||||
|
- Status = SanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||||
|
+ Status = TpmSanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||||
|
if (EFI_ERROR (Status)) {
|
||||||
|
return EFI_UNSUPPORTED;
|
||||||
|
}
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c
|
||||||
|
index c989851cec..070e4a2c1c 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c
|
||||||
|
@@ -1,5 +1,5 @@
|
||||||
|
/** @file
|
||||||
|
- The library instance provides security service of TPM2 measure boot and
|
||||||
|
+ The library instance provides security service of TPM measure boot and
|
||||||
|
Confidential Computing (CC) measure boot.
|
||||||
|
|
||||||
|
Caution: This file requires additional review when modified.
|
||||||
|
@@ -63,7 +63,7 @@
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
EFIAPI
|
||||||
|
-SanitizeEfiPartitionTableHeader (
|
||||||
|
+TpmSanitizeEfiPartitionTableHeader (
|
||||||
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
IN CONST EFI_BLOCK_IO_PROTOCOL *BlockIo
|
||||||
|
)
|
||||||
|
@@ -145,7 +145,7 @@ SanitizeEfiPartitionTableHeader (
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
EFIAPI
|
||||||
|
-SanitizePrimaryHeaderAllocationSize (
|
||||||
|
+TpmSanitizePrimaryHeaderAllocationSize (
|
||||||
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
OUT UINT32 *AllocationSize
|
||||||
|
)
|
||||||
|
@@ -194,7 +194,7 @@ SanitizePrimaryHeaderAllocationSize (
|
||||||
|
One of the passed parameters was invalid.
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
-SanitizePrimaryHeaderGptEventSize (
|
||||||
|
+TpmSanitizePrimaryHeaderGptEventSize (
|
||||||
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
IN UINTN NumberOfPartition,
|
||||||
|
OUT UINT32 *EventSize
|
||||||
|
@@ -258,7 +258,7 @@ SanitizePrimaryHeaderGptEventSize (
|
||||||
|
One of the passed parameters was invalid.
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
-SanitizePeImageEventSize (
|
||||||
|
+TpmSanitizePeImageEventSize (
|
||||||
|
IN UINT32 FilePathSize,
|
||||||
|
OUT UINT32 *EventSize
|
||||||
|
)
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h
|
||||||
|
index 2248495813..db6e9c3752 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h
|
||||||
|
@@ -53,7 +53,7 @@
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
EFIAPI
|
||||||
|
-SanitizeEfiPartitionTableHeader (
|
||||||
|
+TpmSanitizeEfiPartitionTableHeader (
|
||||||
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
IN CONST EFI_BLOCK_IO_PROTOCOL *BlockIo
|
||||||
|
);
|
||||||
|
@@ -77,7 +77,7 @@ SanitizeEfiPartitionTableHeader (
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
EFIAPI
|
||||||
|
-SanitizePrimaryHeaderAllocationSize (
|
||||||
|
+TpmSanitizePrimaryHeaderAllocationSize (
|
||||||
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
OUT UINT32 *AllocationSize
|
||||||
|
);
|
||||||
|
@@ -105,7 +105,7 @@ SanitizePrimaryHeaderAllocationSize (
|
||||||
|
One of the passed parameters was invalid.
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
-SanitizePrimaryHeaderGptEventSize (
|
||||||
|
+TpmSanitizePrimaryHeaderGptEventSize (
|
||||||
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
IN UINTN NumberOfPartition,
|
||||||
|
OUT UINT32 *EventSize
|
||||||
|
@@ -129,7 +129,7 @@ SanitizePrimaryHeaderGptEventSize (
|
||||||
|
One of the passed parameters was invalid.
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
-SanitizePeImageEventSize (
|
||||||
|
+TpmSanitizePeImageEventSize (
|
||||||
|
IN UINT32 FilePathSize,
|
||||||
|
OUT UINT32 *EventSize
|
||||||
|
);
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c
|
||||||
|
index c41498be45..de1740af41 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c
|
||||||
|
@@ -83,27 +83,27 @@ TestSanitizeEfiPartitionTableHeader (
|
||||||
|
PrimaryHeader.Header.CRC32 = CalculateCrc32 ((UINT8 *)&PrimaryHeader, PrimaryHeader.Header.HeaderSize);
|
||||||
|
|
||||||
|
// Test that a normal PrimaryHeader passes validation
|
||||||
|
- Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
+ Status = TpmSanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
UT_ASSERT_NOT_EFI_ERROR (Status);
|
||||||
|
|
||||||
|
// Test that when number of partition entries is 0, the function returns EFI_DEVICE_ERROR
|
||||||
|
// Should print "Invalid Partition Table Header NumberOfPartitionEntries!""
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = 0;
|
||||||
|
- Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
+ Status = TpmSanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = DEFAULT_PRIMARY_TABLE_HEADER_SIZE_OF_PARTITION_ENTRY;
|
||||||
|
|
||||||
|
// Test that when the header size is too small, the function returns EFI_DEVICE_ERROR
|
||||||
|
// Should print "Invalid Partition Table Header Size!"
|
||||||
|
PrimaryHeader.Header.HeaderSize = 0;
|
||||||
|
- Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
+ Status = TpmSanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
||||||
|
PrimaryHeader.Header.HeaderSize = sizeof (EFI_PARTITION_TABLE_HEADER);
|
||||||
|
|
||||||
|
// Test that when the SizeOfPartitionEntry is too small, the function returns EFI_DEVICE_ERROR
|
||||||
|
// should print: "SizeOfPartitionEntry shall be set to a value of 128 x 2^n where n is an integer greater than or equal to zero (e.g., 128, 256, 512, etc.)!"
|
||||||
|
PrimaryHeader.SizeOfPartitionEntry = 1;
|
||||||
|
- Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
+ Status = TpmSanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
||||||
|
|
||||||
|
DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||||
|
@@ -136,7 +136,7 @@ TestSanitizePrimaryHeaderAllocationSize (
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = 5;
|
||||||
|
PrimaryHeader.SizeOfPartitionEntry = DEFAULT_PRIMARY_TABLE_HEADER_SIZE_OF_PARTITION_ENTRY;
|
||||||
|
|
||||||
|
- Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
+ Status = TpmSanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
UT_ASSERT_NOT_EFI_ERROR (Status);
|
||||||
|
|
||||||
|
// Test that the allocation size is correct compared to the existing logic
|
||||||
|
@@ -145,19 +145,19 @@ TestSanitizePrimaryHeaderAllocationSize (
|
||||||
|
// Test that an overflow is detected
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = MAX_UINT32;
|
||||||
|
PrimaryHeader.SizeOfPartitionEntry = 5;
|
||||||
|
- Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
+ Status = TpmSanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
|
||||||
|
// Test the inverse
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = 5;
|
||||||
|
PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
||||||
|
- Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
+ Status = TpmSanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
|
||||||
|
// Test the worst case scenario
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = MAX_UINT32;
|
||||||
|
PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
||||||
|
- Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
+ Status = TpmSanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
|
||||||
|
DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||||
|
@@ -195,7 +195,7 @@ TestSanitizePrimaryHeaderGptEventSize (
|
||||||
|
NumberOfPartition = 13;
|
||||||
|
|
||||||
|
// that the primary event size is correct
|
||||||
|
- Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
||||||
|
+ Status = TpmSanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
||||||
|
UT_ASSERT_NOT_EFI_ERROR (Status);
|
||||||
|
|
||||||
|
// Calculate the existing logic event size
|
||||||
|
@@ -206,12 +206,12 @@ TestSanitizePrimaryHeaderGptEventSize (
|
||||||
|
UT_ASSERT_EQUAL (EventSize, ExistingLogicEventSize);
|
||||||
|
|
||||||
|
// Tests that the primary event size may not overflow
|
||||||
|
- Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, MAX_UINT32, &EventSize);
|
||||||
|
+ Status = TpmSanitizePrimaryHeaderGptEventSize (&PrimaryHeader, MAX_UINT32, &EventSize);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
|
||||||
|
// Test that the size of partition entries may not overflow
|
||||||
|
PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
||||||
|
- Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
||||||
|
+ Status = TpmSanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
||||||
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
|
||||||
|
DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||||
|
@@ -269,7 +269,7 @@ TestSanitizePeImageEventSize (
|
||||||
|
FilePathSize = 255;
|
||||||
|
|
||||||
|
// Test that a normal PE image passes validation
|
||||||
|
- Status = SanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||||
|
+ Status = TpmSanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||||
|
if (EFI_ERROR (Status)) {
|
||||||
|
UT_LOG_ERROR ("SanitizePeImageEventSize failed with %r\n", Status);
|
||||||
|
goto Exit;
|
||||||
|
@@ -285,7 +285,7 @@ TestSanitizePeImageEventSize (
|
||||||
|
}
|
||||||
|
|
||||||
|
// Test that the event size may not overflow
|
||||||
|
- Status = SanitizePeImageEventSize (MAX_UINT32, &EventSize);
|
||||||
|
+ Status = TpmSanitizePeImageEventSize (MAX_UINT32, &EventSize);
|
||||||
|
if (Status != EFI_BAD_BUFFER_SIZE) {
|
||||||
|
UT_LOG_ERROR ("SanitizePeImageEventSize succeded when it was supposed to fail with %r\n", Status);
|
||||||
|
goto Exit;
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,914 @@
|
|||||||
|
From 8876f4f55b37e84f918282aba190fdd36eeb5f2a Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Wed, 17 Jan 2024 12:20:52 -0500
|
||||||
|
Subject: [PATCH 2/3] SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117 -
|
||||||
|
CVE 2022-36763
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 51: SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763
|
||||||
|
RH-Jira: RHEL-21155
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [2/3] 50a9b8392352266a5f0b7af2d6c82f829da8983b
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21155
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2022-36763
|
||||||
|
|
||||||
|
commit 4776a1b39ee08fc45c70c1eab5a0195f325000d3
|
||||||
|
Author: Douglas Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Date: Fri Jan 12 02:16:02 2024 +0800
|
||||||
|
|
||||||
|
SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763
|
||||||
|
|
||||||
|
This commit contains the patch files and tests for DxeTpmMeasureBootLib
|
||||||
|
CVE 2022-36763.
|
||||||
|
|
||||||
|
Cc: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../DxeTpmMeasureBootLib.c | 40 ++-
|
||||||
|
.../DxeTpmMeasureBootLib.inf | 4 +-
|
||||||
|
.../DxeTpmMeasureBootLibSanitization.c | 241 ++++++++++++++
|
||||||
|
.../DxeTpmMeasureBootLibSanitization.h | 114 +++++++
|
||||||
|
.../DxeTpmMeasureBootLibSanitizationTest.c | 301 ++++++++++++++++++
|
||||||
|
...eTpmMeasureBootLibSanitizationTestHost.inf | 28 ++
|
||||||
|
SecurityPkg/SecurityPkg.ci.yaml | 1 +
|
||||||
|
SecurityPkg/Test/SecurityPkgHostTest.dsc | 1 +
|
||||||
|
8 files changed, 716 insertions(+), 14 deletions(-)
|
||||||
|
create mode 100644 SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c
|
||||||
|
create mode 100644 SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h
|
||||||
|
create mode 100644 SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c
|
||||||
|
create mode 100644 SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTestHost.inf
|
||||||
|
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
|
||||||
|
index 220393dd2b..669ab19134 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
|
||||||
|
@@ -18,6 +18,8 @@
|
||||||
|
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
+Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
**/
|
||||||
|
|
||||||
|
#include <PiDxe.h>
|
||||||
|
@@ -40,6 +42,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
#include <Library/SecurityManagementLib.h>
|
||||||
|
#include <Library/HobLib.h>
|
||||||
|
|
||||||
|
+#include "DxeTpmMeasureBootLibSanitization.h"
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Flag to check GPT partition. It only need be measured once.
|
||||||
|
//
|
||||||
|
@@ -136,6 +140,9 @@ TcgMeasureGptTable (
|
||||||
|
UINT32 EventSize;
|
||||||
|
UINT32 EventNumber;
|
||||||
|
EFI_PHYSICAL_ADDRESS EventLogLastEntry;
|
||||||
|
+ UINT32 AllocSize;
|
||||||
|
+
|
||||||
|
+ GptData = NULL;
|
||||||
|
|
||||||
|
if (mMeasureGptCount > 0) {
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
@@ -166,8 +173,8 @@ TcgMeasureGptTable (
|
||||||
|
BlockIo->Media->BlockSize,
|
||||||
|
(UINT8 *)PrimaryHeader
|
||||||
|
);
|
||||||
|
- if (EFI_ERROR (Status)) {
|
||||||
|
- DEBUG ((DEBUG_ERROR, "Failed to Read Partition Table Header!\n"));
|
||||||
|
+ if (EFI_ERROR (Status) || EFI_ERROR (SanitizeEfiPartitionTableHeader (PrimaryHeader, BlockIo))) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "Failed to read Partition Table Header or invalid Partition Table Header!\n"));
|
||||||
|
FreePool (PrimaryHeader);
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
@@ -175,7 +182,13 @@ TcgMeasureGptTable (
|
||||||
|
//
|
||||||
|
// Read the partition entry.
|
||||||
|
//
|
||||||
|
- EntryPtr = (UINT8 *)AllocatePool (PrimaryHeader->NumberOfPartitionEntries * PrimaryHeader->SizeOfPartitionEntry);
|
||||||
|
+ Status = SanitizePrimaryHeaderAllocationSize (PrimaryHeader, &AllocSize);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ FreePool (PrimaryHeader);
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ EntryPtr = (UINT8 *)AllocatePool (AllocSize);
|
||||||
|
if (EntryPtr == NULL) {
|
||||||
|
FreePool (PrimaryHeader);
|
||||||
|
return EFI_OUT_OF_RESOURCES;
|
||||||
|
@@ -185,7 +198,7 @@ TcgMeasureGptTable (
|
||||||
|
DiskIo,
|
||||||
|
BlockIo->Media->MediaId,
|
||||||
|
MultU64x32 (PrimaryHeader->PartitionEntryLBA, BlockIo->Media->BlockSize),
|
||||||
|
- PrimaryHeader->NumberOfPartitionEntries * PrimaryHeader->SizeOfPartitionEntry,
|
||||||
|
+ AllocSize,
|
||||||
|
EntryPtr
|
||||||
|
);
|
||||||
|
if (EFI_ERROR (Status)) {
|
||||||
|
@@ -210,9 +223,8 @@ TcgMeasureGptTable (
|
||||||
|
//
|
||||||
|
// Prepare Data for Measurement
|
||||||
|
//
|
||||||
|
- EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions)
|
||||||
|
- + NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry);
|
||||||
|
- TcgEvent = (TCG_PCR_EVENT *)AllocateZeroPool (EventSize + sizeof (TCG_PCR_EVENT_HDR));
|
||||||
|
+ Status = SanitizePrimaryHeaderGptEventSize (PrimaryHeader, NumberOfPartition, &EventSize);
|
||||||
|
+ TcgEvent = (TCG_PCR_EVENT *)AllocateZeroPool (EventSize);
|
||||||
|
if (TcgEvent == NULL) {
|
||||||
|
FreePool (PrimaryHeader);
|
||||||
|
FreePool (EntryPtr);
|
||||||
|
@@ -221,7 +233,7 @@ TcgMeasureGptTable (
|
||||||
|
|
||||||
|
TcgEvent->PCRIndex = 5;
|
||||||
|
TcgEvent->EventType = EV_EFI_GPT_EVENT;
|
||||||
|
- TcgEvent->EventSize = EventSize;
|
||||||
|
+ TcgEvent->EventSize = EventSize - sizeof (TCG_PCR_EVENT_HDR);
|
||||||
|
GptData = (EFI_GPT_DATA *)TcgEvent->Event;
|
||||||
|
|
||||||
|
//
|
||||||
|
@@ -361,11 +373,13 @@ TcgMeasurePeImage (
|
||||||
|
TcgEvent->PCRIndex = 2;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
- DEBUG ((
|
||||||
|
- DEBUG_ERROR,
|
||||||
|
- "TcgMeasurePeImage: Unknown subsystem type %d",
|
||||||
|
- ImageType
|
||||||
|
- ));
|
||||||
|
+ DEBUG (
|
||||||
|
+ (
|
||||||
|
+ DEBUG_ERROR,
|
||||||
|
+ "TcgMeasurePeImage: Unknown subsystem type %d",
|
||||||
|
+ ImageType
|
||||||
|
+ )
|
||||||
|
+ );
|
||||||
|
goto Finish;
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
|
||||||
|
index ebab6f7c1e..414c654d15 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
|
||||||
|
@@ -32,6 +32,8 @@
|
||||||
|
|
||||||
|
[Sources]
|
||||||
|
DxeTpmMeasureBootLib.c
|
||||||
|
+ DxeTpmMeasureBootLibSanitization.c
|
||||||
|
+ DxeTpmMeasureBootLibSanitization.h
|
||||||
|
|
||||||
|
[Packages]
|
||||||
|
MdePkg/MdePkg.dec
|
||||||
|
@@ -41,6 +43,7 @@
|
||||||
|
|
||||||
|
[LibraryClasses]
|
||||||
|
BaseMemoryLib
|
||||||
|
+ SafeIntLib
|
||||||
|
DebugLib
|
||||||
|
MemoryAllocationLib
|
||||||
|
DevicePathLib
|
||||||
|
@@ -59,4 +62,3 @@
|
||||||
|
gEfiFirmwareVolumeBlockProtocolGuid ## SOMETIMES_CONSUMES
|
||||||
|
gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES
|
||||||
|
gEfiDiskIoProtocolGuid ## SOMETIMES_CONSUMES
|
||||||
|
-
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..a3fa46f5e6
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c
|
||||||
|
@@ -0,0 +1,241 @@
|
||||||
|
+/** @file
|
||||||
|
+ The library instance provides security service of TPM2 measure boot and
|
||||||
|
+ Confidential Computing (CC) measure boot.
|
||||||
|
+
|
||||||
|
+ Caution: This file requires additional review when modified.
|
||||||
|
+ This library will have external input - PE/COFF image and GPT partition.
|
||||||
|
+ This external input must be validated carefully to avoid security issue like
|
||||||
|
+ buffer overflow, integer overflow.
|
||||||
|
+
|
||||||
|
+ This file will pull out the validation logic from the following functions, in an
|
||||||
|
+ attempt to validate the untrusted input in the form of unit tests
|
||||||
|
+
|
||||||
|
+ These are those functions:
|
||||||
|
+
|
||||||
|
+ DxeTpmMeasureBootLibImageRead() function will make sure the PE/COFF image content
|
||||||
|
+ read is within the image buffer.
|
||||||
|
+
|
||||||
|
+ Tcg2MeasureGptTable() function will receive untrusted GPT partition table, and parse
|
||||||
|
+ partition data carefully.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+#include <Uefi.h>
|
||||||
|
+#include <Uefi/UefiSpec.h>
|
||||||
|
+#include <Library/SafeIntLib.h>
|
||||||
|
+#include <Library/UefiLib.h>
|
||||||
|
+#include <Library/DebugLib.h>
|
||||||
|
+#include <Library/BaseLib.h>
|
||||||
|
+#include <IndustryStandard/UefiTcgPlatform.h>
|
||||||
|
+#include <Protocol/BlockIo.h>
|
||||||
|
+#include <Library/MemoryAllocationLib.h>
|
||||||
|
+
|
||||||
|
+#include "DxeTpmMeasureBootLibSanitization.h"
|
||||||
|
+
|
||||||
|
+#define GPT_HEADER_REVISION_V1 0x00010000
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ This function will validate the EFI_PARTITION_TABLE_HEADER structure is safe to parse
|
||||||
|
+ However this function will not attempt to verify the validity of the GPT partition
|
||||||
|
+ It will check the following:
|
||||||
|
+ - Signature
|
||||||
|
+ - Revision
|
||||||
|
+ - AlternateLBA
|
||||||
|
+ - FirstUsableLBA
|
||||||
|
+ - LastUsableLBA
|
||||||
|
+ - PartitionEntryLBA
|
||||||
|
+ - NumberOfPartitionEntries
|
||||||
|
+ - SizeOfPartitionEntry
|
||||||
|
+ - BlockIo
|
||||||
|
+
|
||||||
|
+ @param[in] PrimaryHeader
|
||||||
|
+ Pointer to the EFI_PARTITION_TABLE_HEADER structure.
|
||||||
|
+
|
||||||
|
+ @param[in] BlockIo
|
||||||
|
+ Pointer to the EFI_BLOCK_IO_PROTOCOL structure.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS
|
||||||
|
+ The EFI_PARTITION_TABLE_HEADER structure is valid.
|
||||||
|
+
|
||||||
|
+ @retval EFI_INVALID_PARAMETER
|
||||||
|
+ The EFI_PARTITION_TABLE_HEADER structure is invalid.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+SanitizeEfiPartitionTableHeader (
|
||||||
|
+ IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
+ IN CONST EFI_BLOCK_IO_PROTOCOL *BlockIo
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ // Verify that the input parameters are safe to use
|
||||||
|
+ if (PrimaryHeader == NULL) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "Invalid Partition Table Header!\n"));
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if ((BlockIo == NULL) || (BlockIo->Media == NULL)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "Invalid BlockIo!\n"));
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // The signature must be EFI_PTAB_HEADER_ID ("EFI PART" in ASCII)
|
||||||
|
+ if (PrimaryHeader->Header.Signature != EFI_PTAB_HEADER_ID) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "Invalid Partition Table Header!\n"));
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // The version must be GPT_HEADER_REVISION_V1 (0x00010000)
|
||||||
|
+ if (PrimaryHeader->Header.Revision != GPT_HEADER_REVISION_V1) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "Invalid Partition Table Header Revision!\n"));
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // The HeaderSize must be greater than or equal to 92 and must be less than or equal to the logical block size
|
||||||
|
+ if ((PrimaryHeader->Header.HeaderSize < sizeof (EFI_PARTITION_TABLE_HEADER)) || (PrimaryHeader->Header.HeaderSize > BlockIo->Media->BlockSize)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "Invalid Partition Table Header HeaderSize!\n"));
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // check that the PartitionEntryLBA greater than the Max LBA
|
||||||
|
+ // This will be used later for multiplication
|
||||||
|
+ if (PrimaryHeader->PartitionEntryLBA > DivU64x32 (MAX_UINT64, BlockIo->Media->BlockSize)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "Invalid Partition Table Header PartitionEntryLBA!\n"));
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Check that the number of partition entries is greater than zero
|
||||||
|
+ if (PrimaryHeader->NumberOfPartitionEntries == 0) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "Invalid Partition Table Header NumberOfPartitionEntries!\n"));
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // SizeOfPartitionEntry must be 128, 256, 512... improper size may lead to accessing uninitialized memory
|
||||||
|
+ if ((PrimaryHeader->SizeOfPartitionEntry < 128) || ((PrimaryHeader->SizeOfPartitionEntry & (PrimaryHeader->SizeOfPartitionEntry - 1)) != 0)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "SizeOfPartitionEntry shall be set to a value of 128 x 2^n where n is an integer greater than or equal to zero (e.g., 128, 256, 512, etc.)!\n"));
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // This check is to prevent overflow when calculating the allocation size for the partition entries
|
||||||
|
+ // This check will be used later for multiplication
|
||||||
|
+ if (PrimaryHeader->NumberOfPartitionEntries > DivU64x32 (MAX_UINT64, PrimaryHeader->SizeOfPartitionEntry)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "Invalid Partition Table Header NumberOfPartitionEntries!\n"));
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ This function will validate that the allocation size from the primary header is sane
|
||||||
|
+ It will check the following:
|
||||||
|
+ - AllocationSize does not overflow
|
||||||
|
+
|
||||||
|
+ @param[in] PrimaryHeader
|
||||||
|
+ Pointer to the EFI_PARTITION_TABLE_HEADER structure.
|
||||||
|
+
|
||||||
|
+ @param[out] AllocationSize
|
||||||
|
+ Pointer to the allocation size.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS
|
||||||
|
+ The allocation size is valid.
|
||||||
|
+
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES
|
||||||
|
+ The allocation size is invalid.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+SanitizePrimaryHeaderAllocationSize (
|
||||||
|
+ IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
+ OUT UINT32 *AllocationSize
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
+ if (PrimaryHeader == NULL) {
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (AllocationSize == NULL) {
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Replacing logic:
|
||||||
|
+ // PrimaryHeader->NumberOfPartitionEntries * PrimaryHeader->SizeOfPartitionEntry;
|
||||||
|
+ Status = SafeUint32Mult (PrimaryHeader->NumberOfPartitionEntries, PrimaryHeader->SizeOfPartitionEntry, AllocationSize);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "Allocation Size would have overflowed!\n"));
|
||||||
|
+ return EFI_BAD_BUFFER_SIZE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ This function will validate that the Gpt Event Size calculated from the primary header is sane
|
||||||
|
+ It will check the following:
|
||||||
|
+ - EventSize does not overflow
|
||||||
|
+
|
||||||
|
+ Important: This function includes the entire length of the allocated space, including the
|
||||||
|
+ TCG_PCR_EVENT_HDR. When hashing the buffer allocated with this size, the caller must subtract
|
||||||
|
+ the size of the TCG_PCR_EVENT_HDR from the size of the buffer before hashing.
|
||||||
|
+
|
||||||
|
+ @param[in] PrimaryHeader - Pointer to the EFI_PARTITION_TABLE_HEADER structure.
|
||||||
|
+ @param[in] NumberOfPartition - Number of partitions.
|
||||||
|
+ @param[out] EventSize - Pointer to the event size.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS
|
||||||
|
+ The event size is valid.
|
||||||
|
+
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES
|
||||||
|
+ Overflow would have occurred.
|
||||||
|
+
|
||||||
|
+ @retval EFI_INVALID_PARAMETER
|
||||||
|
+ One of the passed parameters was invalid.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+SanitizePrimaryHeaderGptEventSize (
|
||||||
|
+ IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
+ IN UINTN NumberOfPartition,
|
||||||
|
+ OUT UINT32 *EventSize
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ UINT32 SafeNumberOfPartitions;
|
||||||
|
+
|
||||||
|
+ if (PrimaryHeader == NULL) {
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (EventSize == NULL) {
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // We shouldn't even attempt to perform the multiplication if the number of partitions is greater than the maximum value of UINT32
|
||||||
|
+ Status = SafeUintnToUint32 (NumberOfPartition, &SafeNumberOfPartitions);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "NumberOfPartition would have overflowed!\n"));
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Replacing logic:
|
||||||
|
+ // (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions) + NumberOfPartition * PrimaryHeader.SizeOfPartitionEntry + sizeof (TCG_PCR_EVENT_HDR));
|
||||||
|
+ Status = SafeUint32Mult (SafeNumberOfPartitions, PrimaryHeader->SizeOfPartitionEntry, EventSize);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "Event Size would have overflowed!\n"));
|
||||||
|
+ return EFI_BAD_BUFFER_SIZE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ Status = SafeUint32Add (
|
||||||
|
+ sizeof (TCG_PCR_EVENT_HDR) +
|
||||||
|
+ OFFSET_OF (EFI_GPT_DATA, Partitions),
|
||||||
|
+ *EventSize,
|
||||||
|
+ EventSize
|
||||||
|
+ );
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "Event Size would have overflowed because of GPTData!\n"));
|
||||||
|
+ return EFI_BAD_BUFFER_SIZE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..0d9d00c281
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h
|
||||||
|
@@ -0,0 +1,114 @@
|
||||||
|
+/** @file
|
||||||
|
+ This file includes the function prototypes for the sanitization functions.
|
||||||
|
+
|
||||||
|
+ These are those functions:
|
||||||
|
+
|
||||||
|
+ DxeTpmMeasureBootLibImageRead() function will make sure the PE/COFF image content
|
||||||
|
+ read is within the image buffer.
|
||||||
|
+
|
||||||
|
+ TcgMeasurePeImage() function will accept untrusted PE/COFF image and validate its
|
||||||
|
+ data structure within this image buffer before use.
|
||||||
|
+
|
||||||
|
+ TcgMeasureGptTable() function will receive untrusted GPT partition table, and parse
|
||||||
|
+ partition data carefully.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+
|
||||||
|
+**/
|
||||||
|
+
|
||||||
|
+#ifndef DXE_TPM_MEASURE_BOOT_LIB_VALIDATION_
|
||||||
|
+#define DXE_TPM_MEASURE_BOOT_LIB_VALIDATION_
|
||||||
|
+
|
||||||
|
+#include <Uefi.h>
|
||||||
|
+#include <Uefi/UefiSpec.h>
|
||||||
|
+#include <Protocol/BlockIo.h>
|
||||||
|
+#include <IndustryStandard/UefiTcgPlatform.h>
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ This function will validate the EFI_PARTITION_TABLE_HEADER structure is safe to parse
|
||||||
|
+ However this function will not attempt to verify the validity of the GPT partition
|
||||||
|
+ It will check the following:
|
||||||
|
+ - Signature
|
||||||
|
+ - Revision
|
||||||
|
+ - AlternateLBA
|
||||||
|
+ - FirstUsableLBA
|
||||||
|
+ - LastUsableLBA
|
||||||
|
+ - PartitionEntryLBA
|
||||||
|
+ - NumberOfPartitionEntries
|
||||||
|
+ - SizeOfPartitionEntry
|
||||||
|
+ - BlockIo
|
||||||
|
+
|
||||||
|
+ @param[in] PrimaryHeader
|
||||||
|
+ Pointer to the EFI_PARTITION_TABLE_HEADER structure.
|
||||||
|
+
|
||||||
|
+ @param[in] BlockIo
|
||||||
|
+ Pointer to the EFI_BLOCK_IO_PROTOCOL structure.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS
|
||||||
|
+ The EFI_PARTITION_TABLE_HEADER structure is valid.
|
||||||
|
+
|
||||||
|
+ @retval EFI_INVALID_PARAMETER
|
||||||
|
+ The EFI_PARTITION_TABLE_HEADER structure is invalid.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+SanitizeEfiPartitionTableHeader (
|
||||||
|
+ IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
+ IN CONST EFI_BLOCK_IO_PROTOCOL *BlockIo
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ This function will validate that the allocation size from the primary header is sane
|
||||||
|
+ It will check the following:
|
||||||
|
+ - AllocationSize does not overflow
|
||||||
|
+
|
||||||
|
+ @param[in] PrimaryHeader
|
||||||
|
+ Pointer to the EFI_PARTITION_TABLE_HEADER structure.
|
||||||
|
+
|
||||||
|
+ @param[out] AllocationSize
|
||||||
|
+ Pointer to the allocation size.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS
|
||||||
|
+ The allocation size is valid.
|
||||||
|
+
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES
|
||||||
|
+ The allocation size is invalid.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+SanitizePrimaryHeaderAllocationSize (
|
||||||
|
+ IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
+ OUT UINT32 *AllocationSize
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ This function will validate that the Gpt Event Size calculated from the primary header is sane
|
||||||
|
+ It will check the following:
|
||||||
|
+ - EventSize does not overflow
|
||||||
|
+
|
||||||
|
+ Important: This function includes the entire length of the allocated space, including the
|
||||||
|
+ TCG_PCR_EVENT_HDR. When hashing the buffer allocated with this size, the caller must subtract
|
||||||
|
+ the size of the TCG_PCR_EVENT_HDR from the size of the buffer before hashing.
|
||||||
|
+
|
||||||
|
+ @param[in] PrimaryHeader - Pointer to the EFI_PARTITION_TABLE_HEADER structure.
|
||||||
|
+ @param[in] NumberOfPartition - Number of partitions.
|
||||||
|
+ @param[out] EventSize - Pointer to the event size.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS
|
||||||
|
+ The event size is valid.
|
||||||
|
+
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES
|
||||||
|
+ Overflow would have occurred.
|
||||||
|
+
|
||||||
|
+ @retval EFI_INVALID_PARAMETER
|
||||||
|
+ One of the passed parameters was invalid.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+SanitizePrimaryHeaderGptEventSize (
|
||||||
|
+ IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||||
|
+ IN UINTN NumberOfPartition,
|
||||||
|
+ OUT UINT32 *EventSize
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+#endif // DXE_TPM_MEASURE_BOOT_LIB_VALIDATION_
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..eeb928cdb0
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c
|
||||||
|
@@ -0,0 +1,301 @@
|
||||||
|
+/** @file
|
||||||
|
+This file includes the unit test cases for the DxeTpmMeasureBootLibSanitizationTest.c.
|
||||||
|
+
|
||||||
|
+Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+
|
||||||
|
+#include <Uefi.h>
|
||||||
|
+#include <Library/UefiLib.h>
|
||||||
|
+#include <Library/DebugLib.h>
|
||||||
|
+#include <Library/UnitTestLib.h>
|
||||||
|
+#include <Protocol/BlockIo.h>
|
||||||
|
+#include <Library/MemoryAllocationLib.h>
|
||||||
|
+#include <Library/BaseMemoryLib.h>
|
||||||
|
+#include <IndustryStandard/UefiTcgPlatform.h>
|
||||||
|
+
|
||||||
|
+#include "../DxeTpmMeasureBootLibSanitization.h"
|
||||||
|
+
|
||||||
|
+#define UNIT_TEST_NAME "DxeTpmMeasureBootLibSanitizationTest"
|
||||||
|
+#define UNIT_TEST_VERSION "1.0"
|
||||||
|
+
|
||||||
|
+#define DEFAULT_PRIMARY_TABLE_HEADER_REVISION 0x00010000
|
||||||
|
+#define DEFAULT_PRIMARY_TABLE_HEADER_NUMBER_OF_PARTITION_ENTRIES 1
|
||||||
|
+#define DEFAULT_PRIMARY_TABLE_HEADER_SIZE_OF_PARTITION_ENTRY 128
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ This function tests the SanitizeEfiPartitionTableHeader function.
|
||||||
|
+ It's intent is to test that a malicious EFI_PARTITION_TABLE_HEADER
|
||||||
|
+ structure will not cause undefined or unexpected behavior.
|
||||||
|
+
|
||||||
|
+ In general the TPM should still be able to measure the data, but
|
||||||
|
+ be the header should be sanitized to prevent any unexpected behavior.
|
||||||
|
+
|
||||||
|
+ @param[in] Context The unit test context.
|
||||||
|
+
|
||||||
|
+ @retval UNIT_TEST_PASSED The test passed.
|
||||||
|
+ @retval UNIT_TEST_ERROR_TEST_FAILED The test failed.
|
||||||
|
+**/
|
||||||
|
+UNIT_TEST_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+TestSanitizeEfiPartitionTableHeader (
|
||||||
|
+ IN UNIT_TEST_CONTEXT Context
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ EFI_PARTITION_TABLE_HEADER PrimaryHeader;
|
||||||
|
+ EFI_BLOCK_IO_PROTOCOL BlockIo;
|
||||||
|
+ EFI_BLOCK_IO_MEDIA BlockMedia;
|
||||||
|
+
|
||||||
|
+ // Generate EFI_BLOCK_IO_MEDIA test data
|
||||||
|
+ BlockMedia.MediaId = 1;
|
||||||
|
+ BlockMedia.RemovableMedia = FALSE;
|
||||||
|
+ BlockMedia.MediaPresent = TRUE;
|
||||||
|
+ BlockMedia.LogicalPartition = FALSE;
|
||||||
|
+ BlockMedia.ReadOnly = FALSE;
|
||||||
|
+ BlockMedia.WriteCaching = FALSE;
|
||||||
|
+ BlockMedia.BlockSize = 512;
|
||||||
|
+ BlockMedia.IoAlign = 1;
|
||||||
|
+ BlockMedia.LastBlock = 0;
|
||||||
|
+
|
||||||
|
+ // Generate EFI_BLOCK_IO_PROTOCOL test data
|
||||||
|
+ BlockIo.Revision = 1;
|
||||||
|
+ BlockIo.Media = &BlockMedia;
|
||||||
|
+ BlockIo.Reset = NULL;
|
||||||
|
+ BlockIo.ReadBlocks = NULL;
|
||||||
|
+ BlockIo.WriteBlocks = NULL;
|
||||||
|
+ BlockIo.FlushBlocks = NULL;
|
||||||
|
+
|
||||||
|
+ // Geneate EFI_PARTITION_TABLE_HEADER test data
|
||||||
|
+ PrimaryHeader.Header.Signature = EFI_PTAB_HEADER_ID;
|
||||||
|
+ PrimaryHeader.Header.Revision = DEFAULT_PRIMARY_TABLE_HEADER_REVISION;
|
||||||
|
+ PrimaryHeader.Header.HeaderSize = sizeof (EFI_PARTITION_TABLE_HEADER);
|
||||||
|
+ PrimaryHeader.MyLBA = 1;
|
||||||
|
+ PrimaryHeader.AlternateLBA = 2;
|
||||||
|
+ PrimaryHeader.FirstUsableLBA = 3;
|
||||||
|
+ PrimaryHeader.LastUsableLBA = 4;
|
||||||
|
+ PrimaryHeader.PartitionEntryLBA = 5;
|
||||||
|
+ PrimaryHeader.NumberOfPartitionEntries = DEFAULT_PRIMARY_TABLE_HEADER_NUMBER_OF_PARTITION_ENTRIES;
|
||||||
|
+ PrimaryHeader.SizeOfPartitionEntry = DEFAULT_PRIMARY_TABLE_HEADER_SIZE_OF_PARTITION_ENTRY;
|
||||||
|
+ PrimaryHeader.PartitionEntryArrayCRC32 = 0; // Purposely invalid
|
||||||
|
+
|
||||||
|
+ // Calculate the CRC32 of the PrimaryHeader
|
||||||
|
+ PrimaryHeader.Header.CRC32 = CalculateCrc32 ((UINT8 *)&PrimaryHeader, PrimaryHeader.Header.HeaderSize);
|
||||||
|
+
|
||||||
|
+ // Test that a normal PrimaryHeader passes validation
|
||||||
|
+ Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
+ UT_ASSERT_NOT_EFI_ERROR (Status);
|
||||||
|
+
|
||||||
|
+ // Test that when number of partition entries is 0, the function returns EFI_DEVICE_ERROR
|
||||||
|
+ // Should print "Invalid Partition Table Header NumberOfPartitionEntries!""
|
||||||
|
+ PrimaryHeader.NumberOfPartitionEntries = 0;
|
||||||
|
+ Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
+ UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
||||||
|
+ PrimaryHeader.NumberOfPartitionEntries = DEFAULT_PRIMARY_TABLE_HEADER_SIZE_OF_PARTITION_ENTRY;
|
||||||
|
+
|
||||||
|
+ // Test that when the header size is too small, the function returns EFI_DEVICE_ERROR
|
||||||
|
+ // Should print "Invalid Partition Table Header Size!"
|
||||||
|
+ PrimaryHeader.Header.HeaderSize = 0;
|
||||||
|
+ Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
+ UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
||||||
|
+ PrimaryHeader.Header.HeaderSize = sizeof (EFI_PARTITION_TABLE_HEADER);
|
||||||
|
+
|
||||||
|
+ // Test that when the SizeOfPartitionEntry is too small, the function returns EFI_DEVICE_ERROR
|
||||||
|
+ // should print: "SizeOfPartitionEntry shall be set to a value of 128 x 2^n where n is an integer greater than or equal to zero (e.g., 128, 256, 512, etc.)!"
|
||||||
|
+ PrimaryHeader.SizeOfPartitionEntry = 1;
|
||||||
|
+ Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||||
|
+ UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
||||||
|
+
|
||||||
|
+ DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||||
|
+
|
||||||
|
+ return UNIT_TEST_PASSED;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ This function tests the SanitizePrimaryHeaderAllocationSize function.
|
||||||
|
+ It's intent is to test that the untrusted input from a EFI_PARTITION_TABLE_HEADER
|
||||||
|
+ structure will not cause an overflow when calculating the allocation size.
|
||||||
|
+
|
||||||
|
+ @param[in] Context The unit test context.
|
||||||
|
+
|
||||||
|
+ @retval UNIT_TEST_PASSED The test passed.
|
||||||
|
+ @retval UNIT_TEST_ERROR_TEST_FAILED The test failed.
|
||||||
|
+**/
|
||||||
|
+UNIT_TEST_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+TestSanitizePrimaryHeaderAllocationSize (
|
||||||
|
+ IN UNIT_TEST_CONTEXT Context
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ UINT32 AllocationSize;
|
||||||
|
+
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ EFI_PARTITION_TABLE_HEADER PrimaryHeader;
|
||||||
|
+
|
||||||
|
+ // Test that a normal PrimaryHeader passes validation
|
||||||
|
+ PrimaryHeader.NumberOfPartitionEntries = 5;
|
||||||
|
+ PrimaryHeader.SizeOfPartitionEntry = DEFAULT_PRIMARY_TABLE_HEADER_SIZE_OF_PARTITION_ENTRY;
|
||||||
|
+
|
||||||
|
+ Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
+ UT_ASSERT_NOT_EFI_ERROR (Status);
|
||||||
|
+
|
||||||
|
+ // Test that the allocation size is correct compared to the existing logic
|
||||||
|
+ UT_ASSERT_EQUAL (AllocationSize, PrimaryHeader.NumberOfPartitionEntries * PrimaryHeader.SizeOfPartitionEntry);
|
||||||
|
+
|
||||||
|
+ // Test that an overflow is detected
|
||||||
|
+ PrimaryHeader.NumberOfPartitionEntries = MAX_UINT32;
|
||||||
|
+ PrimaryHeader.SizeOfPartitionEntry = 5;
|
||||||
|
+ Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
+ UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
+
|
||||||
|
+ // Test the inverse
|
||||||
|
+ PrimaryHeader.NumberOfPartitionEntries = 5;
|
||||||
|
+ PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
||||||
|
+ Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
+ UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
+
|
||||||
|
+ // Test the worst case scenario
|
||||||
|
+ PrimaryHeader.NumberOfPartitionEntries = MAX_UINT32;
|
||||||
|
+ PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
||||||
|
+ Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||||
|
+ UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
+
|
||||||
|
+ DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||||
|
+
|
||||||
|
+ return UNIT_TEST_PASSED;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ This function tests the SanitizePrimaryHeaderGptEventSize function.
|
||||||
|
+ It's intent is to test that the untrusted input from a EFI_GPT_DATA structure
|
||||||
|
+ will not cause an overflow when calculating the event size.
|
||||||
|
+
|
||||||
|
+ @param[in] Context The unit test context.
|
||||||
|
+
|
||||||
|
+ @retval UNIT_TEST_PASSED The test passed.
|
||||||
|
+ @retval UNIT_TEST_ERROR_TEST_FAILED The test failed.
|
||||||
|
+**/
|
||||||
|
+UNIT_TEST_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+TestSanitizePrimaryHeaderGptEventSize (
|
||||||
|
+ IN UNIT_TEST_CONTEXT Context
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ UINT32 EventSize;
|
||||||
|
+ UINT32 ExistingLogicEventSize;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ EFI_PARTITION_TABLE_HEADER PrimaryHeader;
|
||||||
|
+ UINTN NumberOfPartition;
|
||||||
|
+ EFI_GPT_DATA *GptData;
|
||||||
|
+
|
||||||
|
+ GptData = NULL;
|
||||||
|
+
|
||||||
|
+ // Test that a normal PrimaryHeader passes validation
|
||||||
|
+ PrimaryHeader.NumberOfPartitionEntries = 5;
|
||||||
|
+ PrimaryHeader.SizeOfPartitionEntry = DEFAULT_PRIMARY_TABLE_HEADER_SIZE_OF_PARTITION_ENTRY;
|
||||||
|
+
|
||||||
|
+ // set the number of partitions
|
||||||
|
+ NumberOfPartition = 13;
|
||||||
|
+
|
||||||
|
+ // that the primary event size is correct
|
||||||
|
+ Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
||||||
|
+ UT_ASSERT_NOT_EFI_ERROR (Status);
|
||||||
|
+
|
||||||
|
+ // Calculate the existing logic event size
|
||||||
|
+ ExistingLogicEventSize = (UINT32)(sizeof (TCG_PCR_EVENT_HDR) + OFFSET_OF (EFI_GPT_DATA, Partitions)
|
||||||
|
+ + NumberOfPartition * PrimaryHeader.SizeOfPartitionEntry);
|
||||||
|
+
|
||||||
|
+ // Check that the event size is correct
|
||||||
|
+ UT_ASSERT_EQUAL (EventSize, ExistingLogicEventSize);
|
||||||
|
+
|
||||||
|
+ // Tests that the primary event size may not overflow
|
||||||
|
+ Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, MAX_UINT32, &EventSize);
|
||||||
|
+ UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
+
|
||||||
|
+ // Test that the size of partition entries may not overflow
|
||||||
|
+ PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
||||||
|
+ Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
||||||
|
+ UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||||
|
+
|
||||||
|
+ DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||||
|
+
|
||||||
|
+ return UNIT_TEST_PASSED;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// *--------------------------------------------------------------------*
|
||||||
|
+// * Unit Test Code Main Function
|
||||||
|
+// *--------------------------------------------------------------------*
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ This function acts as the entry point for the unit tests.
|
||||||
|
+
|
||||||
|
+ @param argc - The number of command line arguments
|
||||||
|
+ @param argv - The command line arguments
|
||||||
|
+
|
||||||
|
+ @return int - The status of the test
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+UefiTestMain (
|
||||||
|
+ VOID
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ UNIT_TEST_FRAMEWORK_HANDLE Framework;
|
||||||
|
+ UNIT_TEST_SUITE_HANDLE TcgMeasureBootLibValidationTestSuite;
|
||||||
|
+
|
||||||
|
+ Framework = NULL;
|
||||||
|
+
|
||||||
|
+ DEBUG ((DEBUG_INFO, "%a: TestMain() - Start\n", UNIT_TEST_NAME));
|
||||||
|
+
|
||||||
|
+ Status = InitUnitTestFramework (&Framework, UNIT_TEST_NAME, gEfiCallerBaseName, UNIT_TEST_VERSION);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "%a: Failed in InitUnitTestFramework. Status = %r\n", UNIT_TEST_NAME, Status));
|
||||||
|
+ goto EXIT;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ Status = CreateUnitTestSuite (&TcgMeasureBootLibValidationTestSuite, Framework, "TcgMeasureBootLibValidationTestSuite", "Common.TcgMeasureBootLibValidation", NULL, NULL);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "%s: Failed in CreateUnitTestSuite for TcgMeasureBootLibValidationTestSuite\n", UNIT_TEST_NAME));
|
||||||
|
+ Status = EFI_OUT_OF_RESOURCES;
|
||||||
|
+ goto EXIT;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // -----------Suite---------------------------------Description----------------------------Class----------------------------------Test Function------------------------Pre---Clean-Context
|
||||||
|
+ AddTestCase (TcgMeasureBootLibValidationTestSuite, "Tests Validating EFI Partition Table", "Common.TcgMeasureBootLibValidation", TestSanitizeEfiPartitionTableHeader, NULL, NULL, NULL);
|
||||||
|
+ AddTestCase (TcgMeasureBootLibValidationTestSuite, "Tests Primary header gpt event checks for overflow", "Common.TcgMeasureBootLibValidation", TestSanitizePrimaryHeaderAllocationSize, NULL, NULL, NULL);
|
||||||
|
+ AddTestCase (TcgMeasureBootLibValidationTestSuite, "Tests Primary header allocation size checks for overflow", "Common.TcgMeasureBootLibValidation", TestSanitizePrimaryHeaderGptEventSize, NULL, NULL, NULL);
|
||||||
|
+
|
||||||
|
+ Status = RunAllTestSuites (Framework);
|
||||||
|
+
|
||||||
|
+EXIT:
|
||||||
|
+ if (Framework != NULL) {
|
||||||
|
+ FreeUnitTestFramework (Framework);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ DEBUG ((DEBUG_INFO, "%a: TestMain() - End\n", UNIT_TEST_NAME));
|
||||||
|
+ return Status;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+///
|
||||||
|
+/// Avoid ECC error for function name that starts with lower case letter
|
||||||
|
+///
|
||||||
|
+#define DxeTpmMeasureBootLibUnitTestMain main
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Standard POSIX C entry point for host based unit test execution.
|
||||||
|
+
|
||||||
|
+ @param[in] Argc Number of arguments
|
||||||
|
+ @param[in] Argv Array of pointers to arguments
|
||||||
|
+
|
||||||
|
+ @retval 0 Success
|
||||||
|
+ @retval other Error
|
||||||
|
+**/
|
||||||
|
+INT32
|
||||||
|
+DxeTpmMeasureBootLibUnitTestMain (
|
||||||
|
+ IN INT32 Argc,
|
||||||
|
+ IN CHAR8 *Argv[]
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return (INT32)UefiTestMain ();
|
||||||
|
+}
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTestHost.inf b/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTestHost.inf
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..47b0811b00
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTestHost.inf
|
||||||
|
@@ -0,0 +1,28 @@
|
||||||
|
+## @file
|
||||||
|
+# This file builds the unit tests for DxeTpmMeasureBootLib
|
||||||
|
+#
|
||||||
|
+# Copyright (C) Microsoft Corporation.<BR>
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+##
|
||||||
|
+
|
||||||
|
+[Defines]
|
||||||
|
+ INF_VERSION = 0x00010006
|
||||||
|
+ BASE_NAME = DxeTpmMeasuredBootLibTest
|
||||||
|
+ FILE_GUID = eb01bc38-309c-4d3e-967e-9f078c90772f
|
||||||
|
+ MODULE_TYPE = HOST_APPLICATION
|
||||||
|
+ VERSION_STRING = 1.0
|
||||||
|
+ ENTRY_POINT = main
|
||||||
|
+
|
||||||
|
+[Sources]
|
||||||
|
+ DxeTpmMeasureBootLibSanitizationTest.c
|
||||||
|
+ ../DxeTpmMeasureBootLibSanitization.c
|
||||||
|
+
|
||||||
|
+[Packages]
|
||||||
|
+ MdePkg/MdePkg.dec
|
||||||
|
+
|
||||||
|
+[LibraryClasses]
|
||||||
|
+ BaseLib
|
||||||
|
+ DebugLib
|
||||||
|
+ UnitTestLib
|
||||||
|
+ PrintLib
|
||||||
|
+ SafeIntLib
|
||||||
|
diff --git a/SecurityPkg/SecurityPkg.ci.yaml b/SecurityPkg/SecurityPkg.ci.yaml
|
||||||
|
index 24389531af..53e5b1fd8e 100644
|
||||||
|
--- a/SecurityPkg/SecurityPkg.ci.yaml
|
||||||
|
+++ b/SecurityPkg/SecurityPkg.ci.yaml
|
||||||
|
@@ -17,6 +17,7 @@
|
||||||
|
"ExceptionList": [
|
||||||
|
"8005", "gRT",
|
||||||
|
"8001", "DxeTpm2MeasureBootLibUnitTestMain",
|
||||||
|
+ "8001", "DxeTpmMeasureBootLibUnitTestMain"
|
||||||
|
],
|
||||||
|
## Both file path and directory path are accepted.
|
||||||
|
"IgnoreFiles": [
|
||||||
|
diff --git a/SecurityPkg/Test/SecurityPkgHostTest.dsc b/SecurityPkg/Test/SecurityPkgHostTest.dsc
|
||||||
|
index 788c1ab6fe..1655e573ea 100644
|
||||||
|
--- a/SecurityPkg/Test/SecurityPkgHostTest.dsc
|
||||||
|
+++ b/SecurityPkg/Test/SecurityPkgHostTest.dsc
|
||||||
|
@@ -27,6 +27,7 @@
|
||||||
|
SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiLib.inf
|
||||||
|
SecurityPkg/Test/Mock/Library/GoogleTest/MockPlatformPKProtectionLib/MockPlatformPKProtectionLib.inf
|
||||||
|
SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2MeasureBootLibSanitizationTestHost.inf
|
||||||
|
+ SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTestHost.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
# Build SecurityPkg HOST_APPLICATION Tests
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,294 @@
|
|||||||
|
From c5580cd68acf14c9e8660f6ee2842654479089ae Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Wed, 7 Feb 2024 15:43:10 -0500
|
||||||
|
Subject: [PATCH 2/9] SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 -
|
||||||
|
CVE 2022-36764
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 53: SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764
|
||||||
|
RH-Jira: RHEL-21157
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [2/5] 3945cfd0838c822a3b2cc4b4e315c39a779a7344
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21157
|
||||||
|
CVE: CVE-2022-36764
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 0d341c01eeabe0ab5e76693b36e728b8f538a40e
|
||||||
|
Author: Douglas Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Date: Fri Jan 12 02:16:05 2024 +0800
|
||||||
|
|
||||||
|
SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764
|
||||||
|
|
||||||
|
This commit contains the patch files and tests for DxeTpmMeasureBootLib
|
||||||
|
CVE 2022-36764.
|
||||||
|
|
||||||
|
Cc: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../DxeTpmMeasureBootLib.c | 13 ++-
|
||||||
|
.../DxeTpmMeasureBootLibSanitization.c | 44 +++++++++
|
||||||
|
.../DxeTpmMeasureBootLibSanitization.h | 23 +++++
|
||||||
|
.../DxeTpmMeasureBootLibSanitizationTest.c | 98 +++++++++++++++++--
|
||||||
|
4 files changed, 168 insertions(+), 10 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
|
||||||
|
index 669ab19134..a9fc440a09 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
|
||||||
|
@@ -17,6 +17,7 @@
|
||||||
|
|
||||||
|
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
|
||||||
|
Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
@@ -345,18 +346,22 @@ TcgMeasurePeImage (
|
||||||
|
ImageLoad = NULL;
|
||||||
|
SectionHeader = NULL;
|
||||||
|
Sha1Ctx = NULL;
|
||||||
|
+ TcgEvent = NULL;
|
||||||
|
FilePathSize = (UINT32)GetDevicePathSize (FilePath);
|
||||||
|
|
||||||
|
- //
|
||||||
|
// Determine destination PCR by BootPolicy
|
||||||
|
//
|
||||||
|
- EventSize = sizeof (*ImageLoad) - sizeof (ImageLoad->DevicePath) + FilePathSize;
|
||||||
|
- TcgEvent = AllocateZeroPool (EventSize + sizeof (TCG_PCR_EVENT));
|
||||||
|
+ Status = SanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ return EFI_UNSUPPORTED;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ TcgEvent = AllocateZeroPool (EventSize);
|
||||||
|
if (TcgEvent == NULL) {
|
||||||
|
return EFI_OUT_OF_RESOURCES;
|
||||||
|
}
|
||||||
|
|
||||||
|
- TcgEvent->EventSize = EventSize;
|
||||||
|
+ TcgEvent->EventSize = EventSize - sizeof (TCG_PCR_EVENT_HDR);
|
||||||
|
ImageLoad = (EFI_IMAGE_LOAD_EVENT *)TcgEvent->Event;
|
||||||
|
|
||||||
|
switch (ImageType) {
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c
|
||||||
|
index a3fa46f5e6..c989851cec 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c
|
||||||
|
@@ -239,3 +239,47 @@ SanitizePrimaryHeaderGptEventSize (
|
||||||
|
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ This function will validate that the PeImage Event Size from the loaded image is sane
|
||||||
|
+ It will check the following:
|
||||||
|
+ - EventSize does not overflow
|
||||||
|
+
|
||||||
|
+ @param[in] FilePathSize - Size of the file path.
|
||||||
|
+ @param[out] EventSize - Pointer to the event size.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS
|
||||||
|
+ The event size is valid.
|
||||||
|
+
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES
|
||||||
|
+ Overflow would have occurred.
|
||||||
|
+
|
||||||
|
+ @retval EFI_INVALID_PARAMETER
|
||||||
|
+ One of the passed parameters was invalid.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+SanitizePeImageEventSize (
|
||||||
|
+ IN UINT32 FilePathSize,
|
||||||
|
+ OUT UINT32 *EventSize
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
+ // Replacing logic:
|
||||||
|
+ // sizeof (*ImageLoad) - sizeof (ImageLoad->DevicePath) + FilePathSize;
|
||||||
|
+ Status = SafeUint32Add (OFFSET_OF (EFI_IMAGE_LOAD_EVENT, DevicePath), FilePathSize, EventSize);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "EventSize would overflow!\n"));
|
||||||
|
+ return EFI_BAD_BUFFER_SIZE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Replacing logic:
|
||||||
|
+ // EventSize + sizeof (TCG_PCR_EVENT_HDR)
|
||||||
|
+ Status = SafeUint32Add (*EventSize, sizeof (TCG_PCR_EVENT_HDR), EventSize);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "EventSize would overflow!\n"));
|
||||||
|
+ return EFI_BAD_BUFFER_SIZE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h
|
||||||
|
index 0d9d00c281..2248495813 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h
|
||||||
|
@@ -111,4 +111,27 @@ SanitizePrimaryHeaderGptEventSize (
|
||||||
|
OUT UINT32 *EventSize
|
||||||
|
);
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ This function will validate that the PeImage Event Size from the loaded image is sane
|
||||||
|
+ It will check the following:
|
||||||
|
+ - EventSize does not overflow
|
||||||
|
+
|
||||||
|
+ @param[in] FilePathSize - Size of the file path.
|
||||||
|
+ @param[out] EventSize - Pointer to the event size.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS
|
||||||
|
+ The event size is valid.
|
||||||
|
+
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES
|
||||||
|
+ Overflow would have occurred.
|
||||||
|
+
|
||||||
|
+ @retval EFI_INVALID_PARAMETER
|
||||||
|
+ One of the passed parameters was invalid.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+SanitizePeImageEventSize (
|
||||||
|
+ IN UINT32 FilePathSize,
|
||||||
|
+ OUT UINT32 *EventSize
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
#endif // DXE_TPM_MEASURE_BOOT_LIB_VALIDATION_
|
||||||
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c
|
||||||
|
index eeb928cdb0..c41498be45 100644
|
||||||
|
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c
|
||||||
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c
|
||||||
|
@@ -1,8 +1,8 @@
|
||||||
|
/** @file
|
||||||
|
-This file includes the unit test cases for the DxeTpmMeasureBootLibSanitizationTest.c.
|
||||||
|
+ This file includes the unit test cases for the DxeTpmMeasureBootLibSanitizationTest.c.
|
||||||
|
|
||||||
|
-Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
-SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+ Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
**/
|
||||||
|
|
||||||
|
#include <Uefi.h>
|
||||||
|
@@ -186,9 +186,6 @@ TestSanitizePrimaryHeaderGptEventSize (
|
||||||
|
EFI_STATUS Status;
|
||||||
|
EFI_PARTITION_TABLE_HEADER PrimaryHeader;
|
||||||
|
UINTN NumberOfPartition;
|
||||||
|
- EFI_GPT_DATA *GptData;
|
||||||
|
-
|
||||||
|
- GptData = NULL;
|
||||||
|
|
||||||
|
// Test that a normal PrimaryHeader passes validation
|
||||||
|
PrimaryHeader.NumberOfPartitionEntries = 5;
|
||||||
|
@@ -222,6 +219,94 @@ TestSanitizePrimaryHeaderGptEventSize (
|
||||||
|
return UNIT_TEST_PASSED;
|
||||||
|
}
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ This function tests the SanitizePeImageEventSize function.
|
||||||
|
+ It's intent is to test that the untrusted input from a file path for an
|
||||||
|
+ EFI_IMAGE_LOAD_EVENT structure will not cause an overflow when calculating
|
||||||
|
+ the event size when allocating space.
|
||||||
|
+
|
||||||
|
+ @param[in] Context The unit test context.
|
||||||
|
+
|
||||||
|
+ @retval UNIT_TEST_PASSED The test passed.
|
||||||
|
+ @retval UNIT_TEST_ERROR_TEST_FAILED The test failed.
|
||||||
|
+**/
|
||||||
|
+UNIT_TEST_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+TestSanitizePeImageEventSize (
|
||||||
|
+ IN UNIT_TEST_CONTEXT Context
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ UINT32 EventSize;
|
||||||
|
+ UINTN ExistingLogicEventSize;
|
||||||
|
+ UINT32 FilePathSize;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ EFI_DEVICE_PATH_PROTOCOL DevicePath;
|
||||||
|
+ EFI_IMAGE_LOAD_EVENT *ImageLoadEvent;
|
||||||
|
+ UNIT_TEST_STATUS TestStatus;
|
||||||
|
+
|
||||||
|
+ TestStatus = UNIT_TEST_ERROR_TEST_FAILED;
|
||||||
|
+
|
||||||
|
+ // Generate EFI_DEVICE_PATH_PROTOCOL test data
|
||||||
|
+ DevicePath.Type = 0;
|
||||||
|
+ DevicePath.SubType = 0;
|
||||||
|
+ DevicePath.Length[0] = 0;
|
||||||
|
+ DevicePath.Length[1] = 0;
|
||||||
|
+
|
||||||
|
+ // Generate EFI_IMAGE_LOAD_EVENT test data
|
||||||
|
+ ImageLoadEvent = AllocateZeroPool (sizeof (EFI_IMAGE_LOAD_EVENT) + sizeof (EFI_DEVICE_PATH_PROTOCOL));
|
||||||
|
+ if (ImageLoadEvent == NULL) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "%a: AllocateZeroPool failed\n", __func__));
|
||||||
|
+ goto Exit;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Populate EFI_IMAGE_LOAD_EVENT54 test data
|
||||||
|
+ ImageLoadEvent->ImageLocationInMemory = (EFI_PHYSICAL_ADDRESS)0x12345678;
|
||||||
|
+ ImageLoadEvent->ImageLengthInMemory = 0x1000;
|
||||||
|
+ ImageLoadEvent->ImageLinkTimeAddress = (UINTN)ImageLoadEvent;
|
||||||
|
+ ImageLoadEvent->LengthOfDevicePath = sizeof (EFI_DEVICE_PATH_PROTOCOL);
|
||||||
|
+ CopyMem (ImageLoadEvent->DevicePath, &DevicePath, sizeof (EFI_DEVICE_PATH_PROTOCOL));
|
||||||
|
+
|
||||||
|
+ FilePathSize = 255;
|
||||||
|
+
|
||||||
|
+ // Test that a normal PE image passes validation
|
||||||
|
+ Status = SanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ UT_LOG_ERROR ("SanitizePeImageEventSize failed with %r\n", Status);
|
||||||
|
+ goto Exit;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Test that the event size is correct compared to the existing logic
|
||||||
|
+ ExistingLogicEventSize = OFFSET_OF (EFI_IMAGE_LOAD_EVENT, DevicePath) + FilePathSize;
|
||||||
|
+ ExistingLogicEventSize += sizeof (TCG_PCR_EVENT_HDR);
|
||||||
|
+
|
||||||
|
+ if (EventSize != ExistingLogicEventSize) {
|
||||||
|
+ UT_LOG_ERROR ("SanitizePeImageEventSize returned an incorrect event size. Expected %u, got %u\n", ExistingLogicEventSize, EventSize);
|
||||||
|
+ goto Exit;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Test that the event size may not overflow
|
||||||
|
+ Status = SanitizePeImageEventSize (MAX_UINT32, &EventSize);
|
||||||
|
+ if (Status != EFI_BAD_BUFFER_SIZE) {
|
||||||
|
+ UT_LOG_ERROR ("SanitizePeImageEventSize succeded when it was supposed to fail with %r\n", Status);
|
||||||
|
+ goto Exit;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ TestStatus = UNIT_TEST_PASSED;
|
||||||
|
+Exit:
|
||||||
|
+
|
||||||
|
+ if (ImageLoadEvent != NULL) {
|
||||||
|
+ FreePool (ImageLoadEvent);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (TestStatus == UNIT_TEST_ERROR_TEST_FAILED) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "%a: Test failed\n", __func__));
|
||||||
|
+ } else {
|
||||||
|
+ DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return TestStatus;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
// *--------------------------------------------------------------------*
|
||||||
|
// * Unit Test Code Main Function
|
||||||
|
// *--------------------------------------------------------------------*
|
||||||
|
@@ -265,6 +350,7 @@ UefiTestMain (
|
||||||
|
AddTestCase (TcgMeasureBootLibValidationTestSuite, "Tests Validating EFI Partition Table", "Common.TcgMeasureBootLibValidation", TestSanitizeEfiPartitionTableHeader, NULL, NULL, NULL);
|
||||||
|
AddTestCase (TcgMeasureBootLibValidationTestSuite, "Tests Primary header gpt event checks for overflow", "Common.TcgMeasureBootLibValidation", TestSanitizePrimaryHeaderAllocationSize, NULL, NULL, NULL);
|
||||||
|
AddTestCase (TcgMeasureBootLibValidationTestSuite, "Tests Primary header allocation size checks for overflow", "Common.TcgMeasureBootLibValidation", TestSanitizePrimaryHeaderGptEventSize, NULL, NULL, NULL);
|
||||||
|
+ AddTestCase (TcgMeasureBootLibValidationTestSuite, "Tests PE Image and FileSize checks for overflow", "Common.TcgMeasureBootLibValidation", TestSanitizePeImageEventSize, NULL, NULL, NULL);
|
||||||
|
|
||||||
|
Status = RunAllTestSuites (Framework);
|
||||||
|
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,71 @@
|
|||||||
|
From 7719d41979ef6e376d183c70cd47951ff5bf6ef1 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 20 Jun 2024 10:33:43 -0400
|
||||||
|
Subject: [PATCH 5/8] SecurityPkg/RngDxe: add rng test
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 75: NetworkPkg: SECURITY PATCH CVE-2023-45236 and CVE-2023-45237
|
||||||
|
RH-Jira: RHEL-40270 RHEL-40272
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [5/8] 84a58daaed0ee81ebed501392be33338da575df6
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-40270
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45237
|
||||||
|
|
||||||
|
commit a61bc0accb8a76edba4f073fdc7bafc908df045d
|
||||||
|
Author: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Fri May 31 09:49:13 2024 +0200
|
||||||
|
|
||||||
|
SecurityPkg/RngDxe: add rng test
|
||||||
|
|
||||||
|
Check whenever RngLib actually returns random numbers, only return
|
||||||
|
a non-zero number of Algorithms if that is the case.
|
||||||
|
|
||||||
|
This has the effect that RndDxe loads and installs EFI_RNG_PROTOCOL
|
||||||
|
only in case it can actually deliver random numbers.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
|
||||||
|
Check whenever RngLib actually returns random numbers, only return
|
||||||
|
a non-zero number of Algorithms if that is the case.
|
||||||
|
|
||||||
|
This has the effect that RndDxe loads and installs EFI_RNG_PROTOCOL
|
||||||
|
only in case it can actually deliver random numbers.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
---
|
||||||
|
SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c | 8 +++++++-
|
||||||
|
1 file changed, 7 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
|
||||||
|
index 7e06e16e4b..285b5f46e7 100644
|
||||||
|
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
|
||||||
|
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
|
||||||
|
@@ -23,6 +23,7 @@
|
||||||
|
|
||||||
|
#include <Library/BaseLib.h>
|
||||||
|
#include <Library/BaseMemoryLib.h>
|
||||||
|
+#include <Library/RngLib.h>
|
||||||
|
|
||||||
|
#include "RngDxeInternals.h"
|
||||||
|
|
||||||
|
@@ -43,7 +44,12 @@ GetAvailableAlgorithms (
|
||||||
|
VOID
|
||||||
|
)
|
||||||
|
{
|
||||||
|
- mAvailableAlgoArrayCount = RNG_ALGORITHM_COUNT;
|
||||||
|
+ UINT64 RngTest;
|
||||||
|
+
|
||||||
|
+ if (GetRandomNumber64 (&RngTest)) {
|
||||||
|
+ mAvailableAlgoArrayCount = RNG_ALGORITHM_COUNT;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,85 @@
|
|||||||
|
From 95697612d2f1953c691b0914a1669e0fcf179767 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Tue, 13 Feb 2024 16:30:10 -0500
|
||||||
|
Subject: [PATCH 5/9] SecurityPkg: : Updating SecurityFixes.yaml after symbol
|
||||||
|
rename
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 53: SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764
|
||||||
|
RH-Jira: RHEL-21157
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [5/5] 8e0c9c8c6b6ad05454f138397036954fe36c778c
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21157
|
||||||
|
CVE: CVE-2022-36764
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 264636d8e6983e0f6dc6be2fca9d84ec81315954
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Wed Jan 17 14:47:22 2024 -0800
|
||||||
|
|
||||||
|
SecurityPkg: : Updating SecurityFixes.yaml after symbol rename
|
||||||
|
|
||||||
|
Adding the new commit titles for the symbol renames
|
||||||
|
|
||||||
|
Cc: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
Cc: Rahul Kumar <rahul1.kumar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Message-Id: <5e0e851e97459e183420178888d4fcdadc2f1ae1.1705529990.git.doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
SecurityPkg/SecurityFixes.yaml | 31 ++++++++++++++++++++++++++-----
|
||||||
|
1 file changed, 26 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/SecurityPkg/SecurityFixes.yaml b/SecurityPkg/SecurityFixes.yaml
|
||||||
|
index f9e3e7be74..dc1bb83489 100644
|
||||||
|
--- a/SecurityPkg/SecurityFixes.yaml
|
||||||
|
+++ b/SecurityPkg/SecurityFixes.yaml
|
||||||
|
@@ -9,14 +9,35 @@ CVE_2022_36763:
|
||||||
|
- "SecurityPkg: DxeTpm2Measurement: SECURITY PATCH 4117 - CVE 2022-36763"
|
||||||
|
- "SecurityPkg: DxeTpmMeasurement: SECURITY PATCH 4117 - CVE 2022-36763"
|
||||||
|
- "SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml"
|
||||||
|
+ - "SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117/4118 symbol rename"
|
||||||
|
+ - "SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117/4118 symbol rename"
|
||||||
|
+ - "SecurityPkg: : Updating SecurityFixes.yaml after symbol rename"
|
||||||
|
cve: CVE-2022-36763
|
||||||
|
date_reported: 2022-10-25 11:31 UTC
|
||||||
|
description: (CVE-2022-36763) - Heap Buffer Overflow in Tcg2MeasureGptTable()
|
||||||
|
note: This patch is related to and supersedes TCBZ2168
|
||||||
|
files_impacted:
|
||||||
|
- - Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c
|
||||||
|
- - Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c
|
||||||
|
+ - Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c
|
||||||
|
+ - Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c
|
||||||
|
links:
|
||||||
|
- - https://bugzilla.tianocore.org/show_bug.cgi?id=4117
|
||||||
|
- - https://bugzilla.tianocore.org/show_bug.cgi?id=2168
|
||||||
|
- - https://bugzilla.tianocore.org/show_bug.cgi?id=1990
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4117
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=2168
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=1990
|
||||||
|
+CVE_2022_36764:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764"
|
||||||
|
+ - "SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764"
|
||||||
|
+ - "SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml"
|
||||||
|
+ - "SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117/4118 symbol rename"
|
||||||
|
+ - "SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117/4118 symbol rename"
|
||||||
|
+ - "SecurityPkg: : Updating SecurityFixes.yaml after symbol rename"
|
||||||
|
+ cve: CVE-2022-36764
|
||||||
|
+ date_reported: 2022-10-25 12:23 UTC
|
||||||
|
+ description: Heap Buffer Overflow in Tcg2MeasurePeImage()
|
||||||
|
+ note:
|
||||||
|
+ files_impacted:
|
||||||
|
+ - Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c
|
||||||
|
+ - Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4118
|
||||||
|
+
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,148 @@
|
|||||||
|
From 0ef57f5f435ee1909d14da24cd1c3edc91fef405 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Sat, 6 Apr 2024 11:00:29 -0400
|
||||||
|
Subject: [PATCH 2/2] StandaloneMmPkg/Hob: Integer Overflow in CreateHob()
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 69: EmbeddedPkg/Hob: Integer Overflow in CreateHob()
|
||||||
|
RH-Jira: RHEL-30156
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [2/2] 3c3454688975f62041dd8d3393f0bba5ec3b71f1
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-30156
|
||||||
|
CVE: CVE-2022-36765
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 9a75b030cf27d2530444e9a2f9f11867f79bf679
|
||||||
|
Author: Gua Guo <gua.guo@intel.com>
|
||||||
|
Date: Thu Jan 11 13:03:26 2024 +0800
|
||||||
|
|
||||||
|
StandaloneMmPkg/Hob: Integer Overflow in CreateHob()
|
||||||
|
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4166
|
||||||
|
|
||||||
|
Fix integer overflow in various CreateHob instances.
|
||||||
|
Fixes: CVE-2022-36765
|
||||||
|
|
||||||
|
The CreateHob() function aligns the requested size to 8
|
||||||
|
performing the following operation:
|
||||||
|
```
|
||||||
|
HobLength = (UINT16)((HobLength + 0x7) & (~0x7));
|
||||||
|
```
|
||||||
|
|
||||||
|
No checks are performed to ensure this value doesn't
|
||||||
|
overflow, and could lead to CreateHob() returning a smaller
|
||||||
|
HOB than requested, which could lead to OOB HOB accesses.
|
||||||
|
|
||||||
|
Reported-by: Marc Beatove <mbeatove@google.com>
|
||||||
|
Reviewed-by: Ard Biesheuvel <ardb+tianocore@kernel.org>
|
||||||
|
Cc: Sami Mujawar <sami.mujawar@arm.com>
|
||||||
|
Reviewed-by: Ray Ni <ray.ni@intel.com>
|
||||||
|
Cc: John Mathew <john.mathews@intel.com>
|
||||||
|
Authored-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Signed-off-by: Gua Guo <gua.guo@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../Arm/StandaloneMmCoreHobLib.c | 35 +++++++++++++++++++
|
||||||
|
1 file changed, 35 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/Arm/StandaloneMmCoreHobLib.c b/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/Arm/StandaloneMmCoreHobLib.c
|
||||||
|
index 1550e1babc..59473e28fe 100644
|
||||||
|
--- a/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/Arm/StandaloneMmCoreHobLib.c
|
||||||
|
+++ b/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/Arm/StandaloneMmCoreHobLib.c
|
||||||
|
@@ -34,6 +34,13 @@ CreateHob (
|
||||||
|
|
||||||
|
HandOffHob = GetHobList ();
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Check Length to avoid data overflow.
|
||||||
|
+ //
|
||||||
|
+ if (HobLength > MAX_UINT16 - 0x7) {
|
||||||
|
+ return NULL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
HobLength = (UINT16)((HobLength + 0x7) & (~0x7));
|
||||||
|
|
||||||
|
FreeMemory = HandOffHob->EfiFreeMemoryTop - HandOffHob->EfiFreeMemoryBottom;
|
||||||
|
@@ -89,6 +96,10 @@ BuildModuleHob (
|
||||||
|
);
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION_MODULE));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
CopyGuid (&(Hob->MemoryAllocationHeader.Name), &gEfiHobMemoryAllocModuleGuid);
|
||||||
|
Hob->MemoryAllocationHeader.MemoryBaseAddress = MemoryAllocationModule;
|
||||||
|
@@ -129,6 +140,9 @@ BuildResourceDescriptorHob (
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_RESOURCE_DESCRIPTOR, sizeof (EFI_HOB_RESOURCE_DESCRIPTOR));
|
||||||
|
ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Hob->ResourceType = ResourceType;
|
||||||
|
Hob->ResourceAttribute = ResourceAttribute;
|
||||||
|
@@ -167,6 +181,11 @@ BuildGuidHob (
|
||||||
|
ASSERT (DataLength <= (0xffff - sizeof (EFI_HOB_GUID_TYPE)));
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_GUID_EXTENSION, (UINT16)(sizeof (EFI_HOB_GUID_TYPE) + DataLength));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return NULL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
CopyGuid (&Hob->Name, Guid);
|
||||||
|
return Hob + 1;
|
||||||
|
}
|
||||||
|
@@ -226,6 +245,10 @@ BuildFvHob (
|
||||||
|
EFI_HOB_FIRMWARE_VOLUME *Hob;
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_FV, sizeof (EFI_HOB_FIRMWARE_VOLUME));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Hob->BaseAddress = BaseAddress;
|
||||||
|
Hob->Length = Length;
|
||||||
|
@@ -255,6 +278,10 @@ BuildFv2Hob (
|
||||||
|
EFI_HOB_FIRMWARE_VOLUME2 *Hob;
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_FV2, sizeof (EFI_HOB_FIRMWARE_VOLUME2));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Hob->BaseAddress = BaseAddress;
|
||||||
|
Hob->Length = Length;
|
||||||
|
@@ -282,6 +309,10 @@ BuildCpuHob (
|
||||||
|
EFI_HOB_CPU *Hob;
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_CPU, sizeof (EFI_HOB_CPU));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Hob->SizeOfMemorySpace = SizeOfMemorySpace;
|
||||||
|
Hob->SizeOfIoSpace = SizeOfIoSpace;
|
||||||
|
@@ -319,6 +350,10 @@ BuildMemoryAllocationHob (
|
||||||
|
);
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
ZeroMem (&(Hob->AllocDescriptor.Name), sizeof (EFI_GUID));
|
||||||
|
Hob->AllocDescriptor.MemoryBaseAddress = BaseAddress;
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,69 @@
|
|||||||
|
From 4d3ac0527ceb615a49214b0f7249d9198ddeb53a Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 30 Jan 2024 14:04:40 +0100
|
||||||
|
Subject: [PATCH 8/9] UefiCpuPkg/MtrrLib.h: use cache type #defines from
|
||||||
|
ArchitecturalMsr.h
|
||||||
|
|
||||||
|
RH-Author: Gerd Hoffmann <None>
|
||||||
|
RH-MergeRequest: 55: OvmfPkg/Sec: Setup MTRR early in the boot process.
|
||||||
|
RH-Jira: RHEL-21704
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [3/4] 8b766c97b247a8665662697534455c19423ff23c (kraxel.rh/centos-src-edk2)
|
||||||
|
|
||||||
|
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Message-ID: <20240130130441.772484-4-kraxel@redhat.com>
|
||||||
|
---
|
||||||
|
UefiCpuPkg/Include/Library/MtrrLib.h | 26 ++++++++++++++------------
|
||||||
|
1 file changed, 14 insertions(+), 12 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/UefiCpuPkg/Include/Library/MtrrLib.h b/UefiCpuPkg/Include/Library/MtrrLib.h
|
||||||
|
index 86cc1aab3b..287d249a99 100644
|
||||||
|
--- a/UefiCpuPkg/Include/Library/MtrrLib.h
|
||||||
|
+++ b/UefiCpuPkg/Include/Library/MtrrLib.h
|
||||||
|
@@ -9,6 +9,8 @@
|
||||||
|
#ifndef _MTRR_LIB_H_
|
||||||
|
#define _MTRR_LIB_H_
|
||||||
|
|
||||||
|
+#include <Register/Intel/ArchitecturalMsr.h>
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// According to IA32 SDM, MTRRs number and MSR offset are always consistent
|
||||||
|
// for IA32 processor family
|
||||||
|
@@ -82,20 +84,20 @@ typedef struct _MTRR_SETTINGS_ {
|
||||||
|
// Memory cache types
|
||||||
|
//
|
||||||
|
typedef enum {
|
||||||
|
- CacheUncacheable = 0,
|
||||||
|
- CacheWriteCombining = 1,
|
||||||
|
- CacheWriteThrough = 4,
|
||||||
|
- CacheWriteProtected = 5,
|
||||||
|
- CacheWriteBack = 6,
|
||||||
|
- CacheInvalid = 7
|
||||||
|
+ CacheUncacheable = MSR_IA32_MTRR_CACHE_UNCACHEABLE,
|
||||||
|
+ CacheWriteCombining = MSR_IA32_MTRR_CACHE_WRITE_COMBINING,
|
||||||
|
+ CacheWriteThrough = MSR_IA32_MTRR_CACHE_WRITE_THROUGH,
|
||||||
|
+ CacheWriteProtected = MSR_IA32_MTRR_CACHE_WRITE_PROTECTED,
|
||||||
|
+ CacheWriteBack = MSR_IA32_MTRR_CACHE_WRITE_BACK,
|
||||||
|
+ CacheInvalid = MSR_IA32_MTRR_CACHE_INVALID_TYPE,
|
||||||
|
} MTRR_MEMORY_CACHE_TYPE;
|
||||||
|
|
||||||
|
-#define MTRR_CACHE_UNCACHEABLE 0
|
||||||
|
-#define MTRR_CACHE_WRITE_COMBINING 1
|
||||||
|
-#define MTRR_CACHE_WRITE_THROUGH 4
|
||||||
|
-#define MTRR_CACHE_WRITE_PROTECTED 5
|
||||||
|
-#define MTRR_CACHE_WRITE_BACK 6
|
||||||
|
-#define MTRR_CACHE_INVALID_TYPE 7
|
||||||
|
+#define MTRR_CACHE_UNCACHEABLE MSR_IA32_MTRR_CACHE_UNCACHEABLE
|
||||||
|
+#define MTRR_CACHE_WRITE_COMBINING MSR_IA32_MTRR_CACHE_WRITE_COMBINING
|
||||||
|
+#define MTRR_CACHE_WRITE_THROUGH MSR_IA32_MTRR_CACHE_WRITE_THROUGH
|
||||||
|
+#define MTRR_CACHE_WRITE_PROTECTED MSR_IA32_MTRR_CACHE_WRITE_PROTECTED
|
||||||
|
+#define MTRR_CACHE_WRITE_BACK MSR_IA32_MTRR_CACHE_WRITE_BACK
|
||||||
|
+#define MTRR_CACHE_INVALID_TYPE MSR_IA32_MTRR_CACHE_INVALID_TYPE
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
UINT64 BaseAddress;
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,447 @@
|
|||||||
|
#!/usr/bin/python3
|
||||||
|
"""
|
||||||
|
build helper script for edk2, see
|
||||||
|
https://gitlab.com/kraxel/edk2-build-config
|
||||||
|
|
||||||
|
"""
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
|
import time
|
||||||
|
import shutil
|
||||||
|
import argparse
|
||||||
|
import subprocess
|
||||||
|
import configparser
|
||||||
|
|
||||||
|
rebase_prefix = ""
|
||||||
|
version_override = None
|
||||||
|
release_date = None
|
||||||
|
|
||||||
|
# pylint: disable=unused-variable
|
||||||
|
def check_rebase():
|
||||||
|
""" detect 'git rebase -x edk2-build.py master' testbuilds """
|
||||||
|
global rebase_prefix
|
||||||
|
global version_override
|
||||||
|
gitdir = '.git'
|
||||||
|
|
||||||
|
if os.path.isfile(gitdir):
|
||||||
|
with open(gitdir, 'r', encoding = 'utf-8') as f:
|
||||||
|
(unused, gitdir) = f.read().split()
|
||||||
|
|
||||||
|
if not os.path.exists(f'{gitdir}/rebase-merge/msgnum'):
|
||||||
|
return
|
||||||
|
with open(f'{gitdir}/rebase-merge/msgnum', 'r', encoding = 'utf-8') as f:
|
||||||
|
msgnum = int(f.read())
|
||||||
|
with open(f'{gitdir}/rebase-merge/end', 'r', encoding = 'utf-8') as f:
|
||||||
|
end = int(f.read())
|
||||||
|
with open(f'{gitdir}/rebase-merge/head-name', 'r', encoding = 'utf-8') as f:
|
||||||
|
head = f.read().strip().split('/')
|
||||||
|
|
||||||
|
rebase_prefix = f'[ {int(msgnum/2)} / {int(end/2)} - {head[-1]} ] '
|
||||||
|
if msgnum != end and not version_override:
|
||||||
|
# fixed version speeds up builds
|
||||||
|
version_override = "test-build-patch-series"
|
||||||
|
|
||||||
|
def get_coredir(cfg):
|
||||||
|
if cfg.has_option('global', 'core'):
|
||||||
|
return os.path.abspath(cfg['global']['core'])
|
||||||
|
return os.getcwd()
|
||||||
|
|
||||||
|
def get_toolchain(cfg, build):
|
||||||
|
if cfg.has_option(build, 'tool'):
|
||||||
|
return cfg[build]['tool']
|
||||||
|
if cfg.has_option('global', 'tool'):
|
||||||
|
return cfg['global']['tool']
|
||||||
|
return 'GCC5'
|
||||||
|
|
||||||
|
def get_hostarch():
|
||||||
|
mach = os.uname().machine
|
||||||
|
if mach == 'x86_64':
|
||||||
|
return 'X64'
|
||||||
|
if mach == 'aarch64':
|
||||||
|
return 'AARCH64'
|
||||||
|
if mach == 'riscv64':
|
||||||
|
return 'RISCV64'
|
||||||
|
return 'UNKNOWN'
|
||||||
|
|
||||||
|
def get_version(cfg, silent = False):
|
||||||
|
coredir = get_coredir(cfg)
|
||||||
|
if version_override:
|
||||||
|
version = version_override
|
||||||
|
if not silent:
|
||||||
|
print('')
|
||||||
|
print(f'### version [override]: {version}')
|
||||||
|
return version
|
||||||
|
if os.environ.get('RPM_PACKAGE_NAME'):
|
||||||
|
version = os.environ.get('RPM_PACKAGE_NAME')
|
||||||
|
version += '-' + os.environ.get('RPM_PACKAGE_VERSION')
|
||||||
|
version += '-' + os.environ.get('RPM_PACKAGE_RELEASE')
|
||||||
|
if not silent:
|
||||||
|
print('')
|
||||||
|
print(f'### version [rpmbuild]: {version}')
|
||||||
|
return version
|
||||||
|
if os.path.exists(coredir + '/.git'):
|
||||||
|
cmdline = [ 'git', 'describe', '--tags', '--abbrev=8',
|
||||||
|
'--match=edk2-stable*' ]
|
||||||
|
result = subprocess.run(cmdline, cwd = coredir,
|
||||||
|
stdout = subprocess.PIPE,
|
||||||
|
check = True)
|
||||||
|
version = result.stdout.decode().strip()
|
||||||
|
if not silent:
|
||||||
|
print('')
|
||||||
|
print(f'### version [git]: {version}')
|
||||||
|
return version
|
||||||
|
return None
|
||||||
|
|
||||||
|
def pcd_string(name, value):
|
||||||
|
return f'{name}=L{value}\\0'
|
||||||
|
|
||||||
|
def pcd_version(cfg, silent = False):
|
||||||
|
version = get_version(cfg, silent)
|
||||||
|
if version is None:
|
||||||
|
return []
|
||||||
|
return [ '--pcd', pcd_string('PcdFirmwareVersionString', version) ]
|
||||||
|
|
||||||
|
def pcd_release_date():
|
||||||
|
if release_date is None:
|
||||||
|
return []
|
||||||
|
return [ '--pcd', pcd_string('PcdFirmwareReleaseDateString', release_date) ]
|
||||||
|
|
||||||
|
def build_message(line, line2 = None, silent = False):
|
||||||
|
if os.environ.get('TERM') in [ 'xterm', 'xterm-256color' ]:
|
||||||
|
# setxterm title
|
||||||
|
start = '\x1b]2;'
|
||||||
|
end = '\x07'
|
||||||
|
print(f'{start}{rebase_prefix}{line}{end}', end = '')
|
||||||
|
|
||||||
|
if silent:
|
||||||
|
print(f'### {rebase_prefix}{line}', flush = True)
|
||||||
|
else:
|
||||||
|
print('')
|
||||||
|
print('###')
|
||||||
|
print(f'### {rebase_prefix}{line}')
|
||||||
|
if line2:
|
||||||
|
print(f'### {line2}')
|
||||||
|
print('###', flush = True)
|
||||||
|
|
||||||
|
def build_run(cmdline, name, section, silent = False, nologs = False):
|
||||||
|
if silent:
|
||||||
|
logfile = f'{section}.log'
|
||||||
|
if nologs:
|
||||||
|
print(f'### building in silent mode [no log] ...', flush = True)
|
||||||
|
else:
|
||||||
|
print(f'### building in silent mode [{logfile}] ...', flush = True)
|
||||||
|
start = time.time()
|
||||||
|
result = subprocess.run(cmdline, check = False,
|
||||||
|
stdout = subprocess.PIPE,
|
||||||
|
stderr = subprocess.STDOUT)
|
||||||
|
if not nologs:
|
||||||
|
with open(logfile, 'wb') as f:
|
||||||
|
f.write(result.stdout)
|
||||||
|
|
||||||
|
if result.returncode:
|
||||||
|
print('### BUILD FAILURE')
|
||||||
|
print('### cmdline')
|
||||||
|
print(cmdline)
|
||||||
|
print('### output')
|
||||||
|
print(result.stdout.decode())
|
||||||
|
print(f'### exit code: {result.returncode}')
|
||||||
|
else:
|
||||||
|
secs = int(time.time() - start)
|
||||||
|
print(f'### OK ({int(secs/60)}:{secs%60:02d})')
|
||||||
|
else:
|
||||||
|
print(cmdline, flush = True)
|
||||||
|
result = subprocess.run(cmdline, check = False)
|
||||||
|
if result.returncode:
|
||||||
|
print(f'ERROR: {cmdline[0]} exited with {result.returncode}'
|
||||||
|
f' while building {name}')
|
||||||
|
sys.exit(result.returncode)
|
||||||
|
|
||||||
|
def build_copy(plat, tgt, toolchain, dstdir, copy):
|
||||||
|
srcdir = f'Build/{plat}/{tgt}_{toolchain}'
|
||||||
|
names = copy.split()
|
||||||
|
srcfile = names[0]
|
||||||
|
if len(names) > 1:
|
||||||
|
dstfile = names[1]
|
||||||
|
else:
|
||||||
|
dstfile = os.path.basename(srcfile)
|
||||||
|
print(f'# copy: {srcdir} / {srcfile} => {dstdir} / {dstfile}')
|
||||||
|
|
||||||
|
src = srcdir + '/' + srcfile
|
||||||
|
dst = dstdir + '/' + dstfile
|
||||||
|
os.makedirs(os.path.dirname(dst), exist_ok = True)
|
||||||
|
shutil.copy(src, dst)
|
||||||
|
|
||||||
|
def pad_file(dstdir, pad):
|
||||||
|
args = pad.split()
|
||||||
|
if len(args) < 2:
|
||||||
|
raise RuntimeError(f'missing arg for pad ({args})')
|
||||||
|
name = args[0]
|
||||||
|
size = args[1]
|
||||||
|
cmdline = [
|
||||||
|
'truncate',
|
||||||
|
'--size', size,
|
||||||
|
dstdir + '/' + name,
|
||||||
|
]
|
||||||
|
print(f'# padding: {dstdir} / {name} => {size}')
|
||||||
|
subprocess.run(cmdline, check = True)
|
||||||
|
|
||||||
|
# pylint: disable=too-many-branches
|
||||||
|
def build_one(cfg, build, jobs = None, silent = False, nologs = False):
|
||||||
|
b = cfg[build]
|
||||||
|
|
||||||
|
cmdline = [ 'build' ]
|
||||||
|
cmdline += [ '-t', get_toolchain(cfg, build) ]
|
||||||
|
cmdline += [ '-p', b['conf'] ]
|
||||||
|
|
||||||
|
if (b['conf'].startswith('OvmfPkg/') or
|
||||||
|
b['conf'].startswith('ArmVirtPkg/')):
|
||||||
|
cmdline += pcd_version(cfg, silent)
|
||||||
|
cmdline += pcd_release_date()
|
||||||
|
|
||||||
|
if jobs:
|
||||||
|
cmdline += [ '-n', jobs ]
|
||||||
|
for arch in b['arch'].split():
|
||||||
|
if arch == 'HOST':
|
||||||
|
cmdline += [ '-a', get_hostarch() ]
|
||||||
|
else:
|
||||||
|
cmdline += [ '-a', arch ]
|
||||||
|
if 'opts' in b:
|
||||||
|
for name in b['opts'].split():
|
||||||
|
section = 'opts.' + name
|
||||||
|
for opt in cfg[section]:
|
||||||
|
cmdline += [ '-D', opt + '=' + cfg[section][opt] ]
|
||||||
|
if 'pcds' in b:
|
||||||
|
for name in b['pcds'].split():
|
||||||
|
section = 'pcds.' + name
|
||||||
|
for pcd in cfg[section]:
|
||||||
|
cmdline += [ '--pcd', pcd + '=' + cfg[section][pcd] ]
|
||||||
|
if 'tgts' in b:
|
||||||
|
tgts = b['tgts'].split()
|
||||||
|
else:
|
||||||
|
tgts = [ 'DEBUG' ]
|
||||||
|
for tgt in tgts:
|
||||||
|
desc = None
|
||||||
|
if 'desc' in b:
|
||||||
|
desc = b['desc']
|
||||||
|
build_message(f'building: {b["conf"]} ({b["arch"]}, {tgt})',
|
||||||
|
f'description: {desc}',
|
||||||
|
silent = silent)
|
||||||
|
build_run(cmdline + [ '-b', tgt ],
|
||||||
|
b['conf'],
|
||||||
|
build + '.' + tgt,
|
||||||
|
silent,
|
||||||
|
nologs)
|
||||||
|
|
||||||
|
if 'plat' in b:
|
||||||
|
# copy files
|
||||||
|
for cpy in b:
|
||||||
|
if not cpy.startswith('cpy'):
|
||||||
|
continue
|
||||||
|
build_copy(b['plat'], tgt,
|
||||||
|
get_toolchain(cfg, build),
|
||||||
|
b['dest'], b[cpy])
|
||||||
|
# pad builds
|
||||||
|
for pad in b:
|
||||||
|
if not pad.startswith('pad'):
|
||||||
|
continue
|
||||||
|
pad_file(b['dest'], b[pad])
|
||||||
|
|
||||||
|
def build_basetools(silent = False, nologs = False):
|
||||||
|
build_message('building: BaseTools', silent = silent)
|
||||||
|
basedir = os.environ['EDK_TOOLS_PATH']
|
||||||
|
cmdline = [ 'make', '-C', basedir ]
|
||||||
|
build_run(cmdline, 'BaseTools', 'build.basetools', silent, nologs)
|
||||||
|
|
||||||
|
def binary_exists(name):
|
||||||
|
for pdir in os.environ['PATH'].split(':'):
|
||||||
|
if os.path.exists(pdir + '/' + name):
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
||||||
|
def prepare_env(cfg, silent = False):
|
||||||
|
""" mimic Conf/BuildEnv.sh """
|
||||||
|
workspace = os.getcwd()
|
||||||
|
packages = [ workspace, ]
|
||||||
|
path = os.environ['PATH'].split(':')
|
||||||
|
dirs = [
|
||||||
|
'BaseTools/Bin/Linux-x86_64',
|
||||||
|
'BaseTools/BinWrappers/PosixLike'
|
||||||
|
]
|
||||||
|
|
||||||
|
if cfg.has_option('global', 'pkgs'):
|
||||||
|
for pkgdir in cfg['global']['pkgs'].split():
|
||||||
|
packages.append(os.path.abspath(pkgdir))
|
||||||
|
coredir = get_coredir(cfg)
|
||||||
|
if coredir != workspace:
|
||||||
|
packages.append(coredir)
|
||||||
|
|
||||||
|
# add basetools to path
|
||||||
|
for pdir in dirs:
|
||||||
|
p = coredir + '/' + pdir
|
||||||
|
if not os.path.exists(p):
|
||||||
|
continue
|
||||||
|
if p in path:
|
||||||
|
continue
|
||||||
|
path.insert(0, p)
|
||||||
|
|
||||||
|
# run edksetup if needed
|
||||||
|
toolsdef = coredir + '/Conf/tools_def.txt'
|
||||||
|
if not os.path.exists(toolsdef):
|
||||||
|
os.makedirs(os.path.dirname(toolsdef), exist_ok = True)
|
||||||
|
build_message('running BaseTools/BuildEnv', silent = silent)
|
||||||
|
cmdline = [ 'bash', 'BaseTools/BuildEnv' ]
|
||||||
|
subprocess.run(cmdline, cwd = coredir, check = True)
|
||||||
|
|
||||||
|
# set variables
|
||||||
|
os.environ['PATH'] = ':'.join(path)
|
||||||
|
os.environ['PACKAGES_PATH'] = ':'.join(packages)
|
||||||
|
os.environ['WORKSPACE'] = workspace
|
||||||
|
os.environ['EDK_TOOLS_PATH'] = coredir + '/BaseTools'
|
||||||
|
os.environ['CONF_PATH'] = coredir + '/Conf'
|
||||||
|
os.environ['PYTHON_COMMAND'] = '/usr/bin/python3'
|
||||||
|
os.environ['PYTHONHASHSEED'] = '1'
|
||||||
|
|
||||||
|
# for cross builds
|
||||||
|
if binary_exists('arm-linux-gnueabi-gcc'):
|
||||||
|
# ubuntu
|
||||||
|
os.environ['GCC5_ARM_PREFIX'] = 'arm-linux-gnueabi-'
|
||||||
|
os.environ['GCC_ARM_PREFIX'] = 'arm-linux-gnueabi-'
|
||||||
|
elif binary_exists('arm-linux-gnu-gcc'):
|
||||||
|
# fedora
|
||||||
|
os.environ['GCC5_ARM_PREFIX'] = 'arm-linux-gnu-'
|
||||||
|
os.environ['GCC_ARM_PREFIX'] = 'arm-linux-gnu-'
|
||||||
|
if binary_exists('loongarch64-linux-gnu-gcc'):
|
||||||
|
os.environ['GCC5_LOONGARCH64_PREFIX'] = 'loongarch64-linux-gnu-'
|
||||||
|
os.environ['GCC_LOONGARCH64_PREFIX'] = 'loongarch64-linux-gnu-'
|
||||||
|
|
||||||
|
hostarch = os.uname().machine
|
||||||
|
if binary_exists('aarch64-linux-gnu-gcc') and hostarch != 'aarch64':
|
||||||
|
os.environ['GCC5_AARCH64_PREFIX'] = 'aarch64-linux-gnu-'
|
||||||
|
os.environ['GCC_AARCH64_PREFIX'] = 'aarch64-linux-gnu-'
|
||||||
|
if binary_exists('riscv64-linux-gnu-gcc') and hostarch != 'riscv64':
|
||||||
|
os.environ['GCC5_RISCV64_PREFIX'] = 'riscv64-linux-gnu-'
|
||||||
|
os.environ['GCC_RISCV64_PREFIX'] = 'riscv64-linux-gnu-'
|
||||||
|
if binary_exists('x86_64-linux-gnu-gcc') and hostarch != 'x86_64':
|
||||||
|
os.environ['GCC5_IA32_PREFIX'] = 'x86_64-linux-gnu-'
|
||||||
|
os.environ['GCC5_X64_PREFIX'] = 'x86_64-linux-gnu-'
|
||||||
|
os.environ['GCC5_BIN'] = 'x86_64-linux-gnu-'
|
||||||
|
os.environ['GCC_IA32_PREFIX'] = 'x86_64-linux-gnu-'
|
||||||
|
os.environ['GCC_X64_PREFIX'] = 'x86_64-linux-gnu-'
|
||||||
|
os.environ['GCC_BIN'] = 'x86_64-linux-gnu-'
|
||||||
|
|
||||||
|
def build_list(cfg):
|
||||||
|
for build in cfg.sections():
|
||||||
|
if not build.startswith('build.'):
|
||||||
|
continue
|
||||||
|
name = build.lstrip('build.')
|
||||||
|
desc = 'no description'
|
||||||
|
if 'desc' in cfg[build]:
|
||||||
|
desc = cfg[build]['desc']
|
||||||
|
print(f'# {name:20s} - {desc}')
|
||||||
|
|
||||||
|
def main():
|
||||||
|
parser = argparse.ArgumentParser(prog = 'edk2-build',
|
||||||
|
description = 'edk2 build helper script')
|
||||||
|
parser.add_argument('-c', '--config', dest = 'configfile',
|
||||||
|
type = str, default = '.edk2.builds', metavar = 'FILE',
|
||||||
|
help = 'read configuration from FILE (default: .edk2.builds)')
|
||||||
|
parser.add_argument('-C', '--directory', dest = 'directory', type = str,
|
||||||
|
help = 'change to DIR before building', metavar = 'DIR')
|
||||||
|
parser.add_argument('-j', '--jobs', dest = 'jobs', type = str,
|
||||||
|
help = 'allow up to JOBS parallel build jobs',
|
||||||
|
metavar = 'JOBS')
|
||||||
|
parser.add_argument('-m', '--match', dest = 'match',
|
||||||
|
type = str, action = 'append',
|
||||||
|
help = 'only run builds matching INCLUDE (substring)',
|
||||||
|
metavar = 'INCLUDE')
|
||||||
|
parser.add_argument('-x', '--exclude', dest = 'exclude',
|
||||||
|
type = str, action = 'append',
|
||||||
|
help = 'skip builds matching EXCLUDE (substring)',
|
||||||
|
metavar = 'EXCLUDE')
|
||||||
|
parser.add_argument('-l', '--list', dest = 'list',
|
||||||
|
action = 'store_true', default = False,
|
||||||
|
help = 'list build configs available')
|
||||||
|
parser.add_argument('--silent', dest = 'silent',
|
||||||
|
action = 'store_true', default = False,
|
||||||
|
help = 'write build output to logfiles, '
|
||||||
|
'write to console only on errors')
|
||||||
|
parser.add_argument('--no-logs', dest = 'nologs',
|
||||||
|
action = 'store_true', default = False,
|
||||||
|
help = 'do not write build log files (with --silent)')
|
||||||
|
parser.add_argument('--core', dest = 'core', type = str, metavar = 'DIR',
|
||||||
|
help = 'location of the core edk2 repository '
|
||||||
|
'(i.e. where BuildTools are located)')
|
||||||
|
parser.add_argument('--pkg', '--package', dest = 'pkgs',
|
||||||
|
type = str, action = 'append', metavar = 'DIR',
|
||||||
|
help = 'location(s) of additional packages '
|
||||||
|
'(can be specified multiple times)')
|
||||||
|
parser.add_argument('-t', '--toolchain', dest = 'toolchain',
|
||||||
|
type = str, metavar = 'NAME',
|
||||||
|
help = 'tool chain to be used to build edk2')
|
||||||
|
parser.add_argument('--version-override', dest = 'version_override',
|
||||||
|
type = str, metavar = 'VERSION',
|
||||||
|
help = 'set firmware build version')
|
||||||
|
parser.add_argument('--release-date', dest = 'release_date',
|
||||||
|
type = str, metavar = 'DATE',
|
||||||
|
help = 'set firmware build release date (in MM/DD/YYYY format)')
|
||||||
|
options = parser.parse_args()
|
||||||
|
|
||||||
|
if options.directory:
|
||||||
|
os.chdir(options.directory)
|
||||||
|
|
||||||
|
if not os.path.exists(options.configfile):
|
||||||
|
print(f'config file "{options.configfile}" not found')
|
||||||
|
return 1
|
||||||
|
|
||||||
|
cfg = configparser.ConfigParser()
|
||||||
|
cfg.optionxform = str
|
||||||
|
cfg.read(options.configfile)
|
||||||
|
|
||||||
|
if options.list:
|
||||||
|
build_list(cfg)
|
||||||
|
return 0
|
||||||
|
|
||||||
|
if not cfg.has_section('global'):
|
||||||
|
cfg.add_section('global')
|
||||||
|
if options.core:
|
||||||
|
cfg.set('global', 'core', options.core)
|
||||||
|
if options.pkgs:
|
||||||
|
cfg.set('global', 'pkgs', ' '.join(options.pkgs))
|
||||||
|
if options.toolchain:
|
||||||
|
cfg.set('global', 'tool', options.toolchain)
|
||||||
|
|
||||||
|
global version_override
|
||||||
|
global release_date
|
||||||
|
check_rebase()
|
||||||
|
if options.version_override:
|
||||||
|
version_override = options.version_override
|
||||||
|
if options.release_date:
|
||||||
|
release_date = options.release_date
|
||||||
|
|
||||||
|
prepare_env(cfg, options.silent)
|
||||||
|
build_basetools(options.silent, options.nologs)
|
||||||
|
for build in cfg.sections():
|
||||||
|
if not build.startswith('build.'):
|
||||||
|
continue
|
||||||
|
if options.match:
|
||||||
|
matching = False
|
||||||
|
for item in options.match:
|
||||||
|
if item in build:
|
||||||
|
matching = True
|
||||||
|
if not matching:
|
||||||
|
print(f'# skipping "{build}" (not matching "{"|".join(options.match)}")')
|
||||||
|
continue
|
||||||
|
if options.exclude:
|
||||||
|
exclude = False
|
||||||
|
for item in options.exclude:
|
||||||
|
if item in build:
|
||||||
|
print(f'# skipping "{build}" (matching "{item}")')
|
||||||
|
exclude = True
|
||||||
|
if exclude:
|
||||||
|
continue
|
||||||
|
build_one(cfg, build, options.jobs, options.silent, options.nologs)
|
||||||
|
|
||||||
|
return 0
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
sys.exit(main())
|
@ -0,0 +1,129 @@
|
|||||||
|
|
||||||
|
[opts.ovmf.common]
|
||||||
|
NETWORK_HTTP_BOOT_ENABLE = TRUE
|
||||||
|
NETWORK_IP6_ENABLE = TRUE
|
||||||
|
NETWORK_TLS_ENABLE = TRUE
|
||||||
|
NETWORK_ISCSI_ENABLE = TRUE
|
||||||
|
NETWORK_ALLOW_HTTP_CONNECTIONS = TRUE
|
||||||
|
TPM2_ENABLE = TRUE
|
||||||
|
TPM2_CONFIG_ENABLE = TRUE
|
||||||
|
TPM1_ENABLE = FALSE
|
||||||
|
CAVIUM_ERRATUM_27456 = TRUE
|
||||||
|
|
||||||
|
[opts.ovmf.4m]
|
||||||
|
FD_SIZE_4MB = TRUE
|
||||||
|
|
||||||
|
[opts.ovmf.sb.smm]
|
||||||
|
SECURE_BOOT_ENABLE = TRUE
|
||||||
|
SMM_REQUIRE = TRUE
|
||||||
|
# old downstream
|
||||||
|
EXCLUDE_SHELL_FROM_FD = TRUE
|
||||||
|
# new upstream
|
||||||
|
BUILD_SHELL = FALSE
|
||||||
|
|
||||||
|
[opts.ovmf.sb.stateless]
|
||||||
|
SECURE_BOOT_ENABLE = TRUE
|
||||||
|
SMM_REQUIRE = FALSE
|
||||||
|
|
||||||
|
[opts.armvirt.verbose]
|
||||||
|
DEBUG_PRINT_ERROR_LEVEL = 0x8040004F
|
||||||
|
|
||||||
|
[opts.armvirt.silent]
|
||||||
|
DEBUG_PRINT_ERROR_LEVEL = 0x80000000
|
||||||
|
|
||||||
|
|
||||||
|
[pcds.nx.strict]
|
||||||
|
PcdDxeNxMemoryProtectionPolicy = 0xC000000000007FD5
|
||||||
|
PcdUninstallMemAttrProtocol = FALSE
|
||||||
|
|
||||||
|
[pcds.nx.broken.shim.grub]
|
||||||
|
# grub.efi uses EfiLoaderData for code
|
||||||
|
PcdDxeNxMemoryProtectionPolicy = 0xC000000000007FD1
|
||||||
|
# shim.efi has broken MemAttr code
|
||||||
|
PcdUninstallMemAttrProtocol = TRUE
|
||||||
|
|
||||||
|
|
||||||
|
#####################################################################
|
||||||
|
# stateful ovmf builds (with vars in flash)
|
||||||
|
|
||||||
|
[build.ovmf.4m.default]
|
||||||
|
desc = ovmf build (64-bit, 4MB)
|
||||||
|
conf = OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
arch = X64
|
||||||
|
opts = ovmf.common
|
||||||
|
ovmf.4m
|
||||||
|
plat = OvmfX64
|
||||||
|
dest = RHEL-9/ovmf
|
||||||
|
cpy1 = FV/OVMF_CODE.fd OVMF_CODE.fd
|
||||||
|
cpy2 = FV/OVMF_VARS.fd
|
||||||
|
cpy3 = X64/Shell.efi
|
||||||
|
|
||||||
|
[build.ovmf.4m.sb.smm]
|
||||||
|
desc = ovmf build (64-bit, 4MB, q35 only, needs smm, secure boot)
|
||||||
|
conf = OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
arch = X64
|
||||||
|
opts = ovmf.common
|
||||||
|
ovmf.4m
|
||||||
|
ovmf.sb.smm
|
||||||
|
plat = OvmfX64
|
||||||
|
dest = RHEL-9/ovmf
|
||||||
|
cpy1 = FV/OVMF_CODE.fd OVMF_CODE.secboot.fd
|
||||||
|
cpy2 = X64/EnrollDefaultKeys.efi
|
||||||
|
|
||||||
|
|
||||||
|
#####################################################################
|
||||||
|
# stateless ovmf builds (firmware in rom or r/o flash)
|
||||||
|
|
||||||
|
[build.ovmf.amdsev]
|
||||||
|
desc = ovmf build for AmdSev (4MB)
|
||||||
|
conf = OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
arch = X64
|
||||||
|
opts = ovmf.common
|
||||||
|
ovmf.4m
|
||||||
|
plat = AmdSev
|
||||||
|
dest = RHEL-9/ovmf
|
||||||
|
cpy1 = FV/OVMF.fd OVMF.amdsev.fd
|
||||||
|
|
||||||
|
[build.ovmf.inteltdx]
|
||||||
|
desc = ovmf build for IntelTdx (4MB)
|
||||||
|
conf = OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
||||||
|
arch = X64
|
||||||
|
opts = ovmf.common
|
||||||
|
ovmf.4m
|
||||||
|
ovmf.sb.stateless
|
||||||
|
plat = IntelTdx
|
||||||
|
dest = RHEL-9/ovmf
|
||||||
|
cpy1 = FV/OVMF.fd OVMF.inteltdx.fd
|
||||||
|
|
||||||
|
|
||||||
|
#####################################################################
|
||||||
|
# armvirt builds
|
||||||
|
|
||||||
|
[build.armvirt.aa64.verbose]
|
||||||
|
desc = ArmVirt build for qemu, 64-bit (arm v8), verbose
|
||||||
|
conf = ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
arch = AARCH64
|
||||||
|
opts = ovmf.common
|
||||||
|
armvirt.verbose
|
||||||
|
pcds = nx.broken.shim.grub
|
||||||
|
plat = ArmVirtQemu-AARCH64
|
||||||
|
dest = RHEL-9/aarch64
|
||||||
|
cpy1 = FV/QEMU_EFI.fd
|
||||||
|
cpy2 = FV/QEMU_VARS.fd
|
||||||
|
cpy3 = FV/QEMU_EFI.fd QEMU_EFI-pflash.raw
|
||||||
|
cpy4 = FV/QEMU_VARS.fd vars-template-pflash.raw
|
||||||
|
pad3 = QEMU_EFI-pflash.raw 64m
|
||||||
|
pad4 = vars-template-pflash.raw 64m
|
||||||
|
|
||||||
|
[build.armvirt.aa64.silent]
|
||||||
|
desc = ArmVirt build for qemu, 64-bit (arm v8), silent
|
||||||
|
conf = ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
arch = AARCH64
|
||||||
|
opts = ovmf.common
|
||||||
|
armvirt.silent
|
||||||
|
pcds = nx.broken.shim.grub
|
||||||
|
plat = ArmVirtQemu-AARCH64
|
||||||
|
dest = RHEL-9/aarch64
|
||||||
|
cpy1 = FV/QEMU_EFI.fd QEMU_EFI.silent.fd
|
||||||
|
cpy2 = FV/QEMU_EFI.fd QEMU_EFI-silent-pflash.raw
|
||||||
|
pad2 = QEMU_EFI-silent-pflash.raw 64m
|
@ -0,0 +1,86 @@
|
|||||||
|
Certificate:
|
||||||
|
Data:
|
||||||
|
Version: 3 (0x2)
|
||||||
|
Serial Number:
|
||||||
|
52:17:7c:cc:f0:fd:5d:71:2f:84:89:87:48:d3:d9:07:71:f5:c3:c1
|
||||||
|
Signature Algorithm: sha256WithRSAEncryption
|
||||||
|
Issuer: CN = MSVSphere IMA CA, O = NCSD LLC, C = RU, ST = Moscow, L = Moscow, emailAddress = security@msvsphere-os.ru, OU = MSVSphere Certification Authority
|
||||||
|
Validity
|
||||||
|
Not Before: Oct 17 14:50:46 2023 GMT
|
||||||
|
Not After : May 31 14:50:46 2040 GMT
|
||||||
|
Subject: CN = MSVSphere IMA CA, O = NCSD LLC, C = RU, ST = Moscow, L = Moscow, emailAddress = security@msvsphere-os.ru, OU = MSVSphere Certification Authority
|
||||||
|
Subject Public Key Info:
|
||||||
|
Public Key Algorithm: rsaEncryption
|
||||||
|
Public-Key: (2048 bit)
|
||||||
|
Modulus:
|
||||||
|
00:a7:93:2f:b8:68:02:6e:4c:a8:ec:d4:b5:5c:24:
|
||||||
|
f9:30:e9:ef:4a:16:2e:d6:19:f8:44:0f:b8:f1:7d:
|
||||||
|
32:74:2a:05:d4:2d:3b:36:89:70:d7:59:f9:c8:b1:
|
||||||
|
9c:7e:71:c5:61:72:59:b6:c5:c8:d1:a2:d6:57:f4:
|
||||||
|
14:f2:c1:67:bd:a3:aa:75:df:f2:f9:48:cb:13:f2:
|
||||||
|
b9:f0:94:02:a5:3c:cf:9b:43:f1:a1:b2:8c:ff:c7:
|
||||||
|
20:3b:1e:75:14:d6:e6:0c:01:04:6d:82:f7:56:25:
|
||||||
|
9a:d8:e3:72:b2:1b:17:87:3a:3c:da:6f:5d:06:c2:
|
||||||
|
8c:b9:de:ef:e1:f5:38:ae:d4:c9:26:3c:57:be:af:
|
||||||
|
b2:57:5d:ec:ce:cd:14:98:39:77:cd:b8:f5:ad:a4:
|
||||||
|
3c:a7:1c:c3:2b:80:d2:89:b8:7e:22:9a:67:00:91:
|
||||||
|
d8:c1:52:e7:b3:61:21:3c:8c:80:39:68:8c:1e:ee:
|
||||||
|
23:a5:86:6a:80:16:e1:4a:27:fa:37:fd:69:62:89:
|
||||||
|
28:d6:5c:cd:cb:3e:d4:d7:f4:23:57:ce:cb:c2:ec:
|
||||||
|
ca:ff:4a:04:ec:98:b4:cd:b9:f6:81:3c:fd:ab:bc:
|
||||||
|
83:b1:ed:47:be:65:8e:93:14:13:d3:bd:df:99:8b:
|
||||||
|
fa:93:ca:55:9c:c1:2e:74:54:f5:ae:86:a1:20:29:
|
||||||
|
b2:d9
|
||||||
|
Exponent: 65537 (0x10001)
|
||||||
|
X509v3 extensions:
|
||||||
|
X509v3 Subject Key Identifier:
|
||||||
|
77:00:6F:8D:E0:2B:DC:27:EA:D8:DB:F4:C1:DA:12:AD:BF:6E:05:EC
|
||||||
|
X509v3 Basic Constraints: critical
|
||||||
|
CA:TRUE
|
||||||
|
X509v3 Authority Key Identifier:
|
||||||
|
77:00:6F:8D:E0:2B:DC:27:EA:D8:DB:F4:C1:DA:12:AD:BF:6E:05:EC
|
||||||
|
X509v3 Key Usage: critical
|
||||||
|
Certificate Sign, CRL Sign
|
||||||
|
Signature Algorithm: sha256WithRSAEncryption
|
||||||
|
Signature Value:
|
||||||
|
a3:d4:fc:8d:25:5c:d9:3a:60:c3:6d:41:e1:c1:d9:7b:aa:bf:
|
||||||
|
13:97:71:9f:8f:c1:a6:c9:fe:8d:50:49:cb:14:cc:03:76:80:
|
||||||
|
69:8a:9a:af:84:e0:b8:9b:ef:8e:03:04:ea:38:01:5c:c0:cd:
|
||||||
|
f0:af:85:e0:de:9f:f8:05:1e:6c:36:13:c5:24:f3:57:4d:0d:
|
||||||
|
97:ef:f2:ef:18:e9:82:c0:ce:1f:4a:b5:55:94:1b:c5:06:33:
|
||||||
|
29:de:c8:45:1a:c3:10:2b:c9:ba:9f:8e:66:50:24:b8:78:a8:
|
||||||
|
42:72:28:54:2e:67:1c:4f:74:d2:bf:45:cc:cb:f2:b9:44:86:
|
||||||
|
01:1a:54:e0:58:19:e7:dc:00:15:80:0a:47:6e:5a:25:9a:21:
|
||||||
|
7c:47:c6:de:c4:73:82:7a:0e:2c:3b:4a:e8:1a:4d:32:33:b1:
|
||||||
|
f2:02:1f:dc:f3:b2:45:79:db:5f:3d:67:a7:b5:b3:90:41:e4:
|
||||||
|
49:e6:40:29:39:d3:b6:72:06:17:d5:96:80:c1:20:29:4b:f1:
|
||||||
|
51:03:18:60:66:e3:b3:14:50:b3:0e:72:ad:d7:d6:a2:eb:94:
|
||||||
|
8f:2f:7f:db:02:1f:a6:a9:f5:a4:2e:fc:73:43:8f:0e:84:96:
|
||||||
|
8b:d5:c5:60:f1:2d:9f:e4:ca:07:ea:af:5f:68:93:9f:41:73:
|
||||||
|
31:8b:b6:a7
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIEVzCCAz+gAwIBAgIUUhd8zPD9XXEvhImHSNPZB3H1w8EwDQYJKoZIhvcNAQEL
|
||||||
|
BQAwgbIxGTAXBgNVBAMMEE1TVlNwaGVyZSBJTUEgQ0ExETAPBgNVBAoMCE5DU0Qg
|
||||||
|
TExDMQswCQYDVQQGEwJSVTEPMA0GA1UECAwGTW9zY293MQ8wDQYDVQQHDAZNb3Nj
|
||||||
|
b3cxJzAlBgkqhkiG9w0BCQEWGHNlY3VyaXR5QG1zdnNwaGVyZS1vcy5ydTEqMCgG
|
||||||
|
A1UECwwhTVNWU3BoZXJlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIzMTAx
|
||||||
|
NzE0NTA0NloXDTQwMDUzMTE0NTA0NlowgbIxGTAXBgNVBAMMEE1TVlNwaGVyZSBJ
|
||||||
|
TUEgQ0ExETAPBgNVBAoMCE5DU0QgTExDMQswCQYDVQQGEwJSVTEPMA0GA1UECAwG
|
||||||
|
TW9zY293MQ8wDQYDVQQHDAZNb3Njb3cxJzAlBgkqhkiG9w0BCQEWGHNlY3VyaXR5
|
||||||
|
QG1zdnNwaGVyZS1vcy5ydTEqMCgGA1UECwwhTVNWU3BoZXJlIENlcnRpZmljYXRp
|
||||||
|
b24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5Mv
|
||||||
|
uGgCbkyo7NS1XCT5MOnvShYu1hn4RA+48X0ydCoF1C07Nolw11n5yLGcfnHFYXJZ
|
||||||
|
tsXI0aLWV/QU8sFnvaOqdd/y+UjLE/K58JQCpTzPm0PxobKM/8cgOx51FNbmDAEE
|
||||||
|
bYL3ViWa2ONyshsXhzo82m9dBsKMud7v4fU4rtTJJjxXvq+yV13szs0UmDl3zbj1
|
||||||
|
raQ8pxzDK4DSibh+IppnAJHYwVLns2EhPIyAOWiMHu4jpYZqgBbhSif6N/1pYoko
|
||||||
|
1lzNyz7U1/QjV87LwuzK/0oE7Ji0zbn2gTz9q7yDse1HvmWOkxQT073fmYv6k8pV
|
||||||
|
nMEudFT1roahICmy2QIDAQABo2MwYTAdBgNVHQ4EFgQUdwBvjeAr3Cfq2Nv0wdoS
|
||||||
|
rb9uBewwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBR3AG+N4CvcJ+rY2/TB
|
||||||
|
2hKtv24F7DAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKPU/I0l
|
||||||
|
XNk6YMNtQeHB2XuqvxOXcZ+PwabJ/o1QScsUzAN2gGmKmq+E4Lib744DBOo4AVzA
|
||||||
|
zfCvheDen/gFHmw2E8Uk81dNDZfv8u8Y6YLAzh9KtVWUG8UGMyneyEUawxArybqf
|
||||||
|
jmZQJLh4qEJyKFQuZxxPdNK/RczL8rlEhgEaVOBYGefcABWACkduWiWaIXxHxt7E
|
||||||
|
c4J6Diw7SugaTTIzsfICH9zzskV52189Z6e1s5BB5EnmQCk507ZyBhfVloDBIClL
|
||||||
|
8VEDGGBm47MUULMOcq3X1qLrlI8vf9sCH6ap9aQu/HNDjw6ElovVxWDxLZ/kygfq
|
||||||
|
r19ok59BczGLtqc=
|
||||||
|
-----END CERTIFICATE-----
|
@ -0,0 +1,86 @@
|
|||||||
|
Certificate:
|
||||||
|
Data:
|
||||||
|
Version: 3 (0x2)
|
||||||
|
Serial Number:
|
||||||
|
d6:39:17:e7:e5:6a:47:54:b8:56:f2:eb:47:6b:f8:c3
|
||||||
|
Signature Algorithm: sha256WithRSAEncryption
|
||||||
|
Issuer: OU = MSVSphere Certification Authority, emailAddress = security@msvsphere.ru, L = Moscow, ST = Moscow, C = RU, O = NCSD LLC, CN = MSVSphere Secure Boot CA
|
||||||
|
Validity
|
||||||
|
Not Before: Mar 22 16:42:54 2023 GMT
|
||||||
|
Not After : Mar 22 16:42:54 2053 GMT
|
||||||
|
Subject: OU = MSVSphere Certification Authority, emailAddress = security@msvsphere.ru, L = Moscow, ST = Moscow, C = RU, O = NCSD LLC, CN = MSVSphere Driver update signing key
|
||||||
|
Subject Public Key Info:
|
||||||
|
Public Key Algorithm: rsaEncryption
|
||||||
|
Public-Key: (2048 bit)
|
||||||
|
Modulus:
|
||||||
|
00:ba:09:cd:1d:80:9c:00:59:96:07:ce:1f:69:a2:
|
||||||
|
d7:8b:29:2e:68:13:6f:87:42:5e:ff:42:58:19:b1:
|
||||||
|
75:b2:ba:af:5d:84:37:74:50:0e:dd:5a:1d:45:f2:
|
||||||
|
f1:e0:9b:b5:f3:9c:d5:a8:29:5a:cd:8c:85:8a:13:
|
||||||
|
d4:60:b9:52:ad:c9:fe:0c:4f:fe:af:08:25:ec:a7:
|
||||||
|
c6:2a:e3:ff:66:b8:b0:89:69:5a:fe:b1:a8:68:8a:
|
||||||
|
de:79:1e:68:e7:a8:14:01:c8:45:5b:0e:00:54:98:
|
||||||
|
32:40:4a:5d:e7:18:55:ce:bd:bc:77:3d:94:38:ac:
|
||||||
|
db:e8:5e:71:d2:be:e4:38:60:39:f8:e1:9a:ee:1a:
|
||||||
|
84:df:14:33:ce:ce:db:c4:57:c8:cf:d1:3e:72:a9:
|
||||||
|
eb:b5:7e:50:57:a1:51:06:d5:07:9c:e2:57:1a:1c:
|
||||||
|
66:8c:ba:05:aa:50:dc:e2:19:d5:04:fd:a8:bd:83:
|
||||||
|
eb:70:06:19:81:f0:ab:2a:3f:ec:cd:f3:0f:ce:ee:
|
||||||
|
75:87:87:93:1b:0e:44:e1:f9:ba:e5:53:91:ef:09:
|
||||||
|
6e:d8:63:8e:69:00:6e:37:1d:90:83:99:3f:23:c7:
|
||||||
|
33:d7:ae:13:cb:c8:fa:76:d8:5d:26:b5:9f:5a:5e:
|
||||||
|
18:22:b1:3a:c5:84:6c:67:20:e3:72:98:07:02:43:
|
||||||
|
83:55
|
||||||
|
Exponent: 65537 (0x10001)
|
||||||
|
X509v3 extensions:
|
||||||
|
X509v3 Authority Key Identifier:
|
||||||
|
49:59:67:B5:13:6C:C8:DF:7E:64:B9:22:E3:A9:35:50:6B:95:84:D5
|
||||||
|
X509v3 Extended Key Usage:
|
||||||
|
Code Signing, 1.3.6.1.4.1.2312.16.1.2
|
||||||
|
X509v3 Basic Constraints: critical
|
||||||
|
CA:FALSE
|
||||||
|
X509v3 Subject Key Identifier:
|
||||||
|
20:11:38:3B:AE:1E:E8:65:DE:29:6E:C4:7B:90:7F:4D:38:27:EB:DE
|
||||||
|
Signature Algorithm: sha256WithRSAEncryption
|
||||||
|
Signature Value:
|
||||||
|
82:29:45:3f:f4:79:e2:b5:d4:4a:a3:22:1e:16:75:68:38:44:
|
||||||
|
46:61:0d:4c:74:cc:7d:11:f5:e2:db:c3:a3:ba:5f:03:77:95:
|
||||||
|
9e:37:b8:72:68:ea:ee:a9:f2:09:a9:d6:07:d7:45:27:6c:fa:
|
||||||
|
a1:b8:20:77:fb:22:f1:59:26:70:fa:4c:2f:1c:6e:fc:ec:4a:
|
||||||
|
15:91:c2:90:d6:89:b8:50:9e:c6:56:e3:1f:4a:e2:20:e5:90:
|
||||||
|
09:16:80:a2:89:a9:90:a8:f2:37:e8:6e:29:d8:9a:61:31:d2:
|
||||||
|
2b:2a:23:2f:69:1a:7c:9f:7f:66:e0:93:29:1f:5f:9b:78:0b:
|
||||||
|
ec:74:5b:58:33:6f:bc:62:9e:98:87:9b:ae:38:b5:ed:4f:f3:
|
||||||
|
b6:48:24:16:da:18:72:09:a0:b1:01:ee:d7:6e:e4:b4:c3:eb:
|
||||||
|
b8:06:5f:38:69:78:c8:bb:40:6d:c7:8a:e9:82:69:fa:db:28:
|
||||||
|
54:2d:8c:c0:83:4c:4f:d7:8f:a5:fd:a0:96:b7:e9:c7:b1:78:
|
||||||
|
e7:09:72:e7:62:37:44:67:3f:53:b8:4c:17:17:c8:a8:1f:ec:
|
||||||
|
a5:5f:2a:18:4d:3d:aa:1a:f5:7d:c3:17:5b:42:ba:28:68:f8:
|
||||||
|
36:ad:6a:28:6b:a8:a9:aa:be:82:96:11:a8:0e:88:b5:20:52:
|
||||||
|
c1:23:aa:15
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIEeTCCA2GgAwIBAgIRANY5F+flakdUuFby60dr+MMwDQYJKoZIhvcNAQELBQAw
|
||||||
|
gbcxKjAoBgNVBAsTIU1TVlNwaGVyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEk
|
||||||
|
MCIGCSqGSIb3DQEJARYVc2VjdXJpdHlAbXN2c3BoZXJlLnJ1MQ8wDQYDVQQHEwZN
|
||||||
|
b3Njb3cxDzANBgNVBAgTBk1vc2NvdzELMAkGA1UEBhMCUlUxETAPBgNVBAoTCE5D
|
||||||
|
U0QgTExDMSEwHwYDVQQDExhNU1ZTcGhlcmUgU2VjdXJlIEJvb3QgQ0EwIBcNMjMw
|
||||||
|
MzIyMTY0MjU0WhgPMjA1MzAzMjIxNjQyNTRaMIHCMSowKAYDVQQLEyFNU1ZTcGhl
|
||||||
|
cmUgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJDAiBgkqhkiG9w0BCQEWFXNlY3Vy
|
||||||
|
aXR5QG1zdnNwaGVyZS5ydTEPMA0GA1UEBxMGTW9zY293MQ8wDQYDVQQIEwZNb3Nj
|
||||||
|
b3cxCzAJBgNVBAYTAlJVMREwDwYDVQQKEwhOQ1NEIExMQzEsMCoGA1UEAxMjTVNW
|
||||||
|
U3BoZXJlIERyaXZlciB1cGRhdGUgc2lnbmluZyBrZXkwggEiMA0GCSqGSIb3DQEB
|
||||||
|
AQUAA4IBDwAwggEKAoIBAQC6Cc0dgJwAWZYHzh9poteLKS5oE2+HQl7/QlgZsXWy
|
||||||
|
uq9dhDd0UA7dWh1F8vHgm7XznNWoKVrNjIWKE9RguVKtyf4MT/6vCCXsp8Yq4/9m
|
||||||
|
uLCJaVr+sahoit55HmjnqBQByEVbDgBUmDJASl3nGFXOvbx3PZQ4rNvoXnHSvuQ4
|
||||||
|
YDn44ZruGoTfFDPOztvEV8jP0T5yqeu1flBXoVEG1Qec4lcaHGaMugWqUNziGdUE
|
||||||
|
/ai9g+twBhmB8KsqP+zN8w/O7nWHh5MbDkTh+brlU5HvCW7YY45pAG43HZCDmT8j
|
||||||
|
xzPXrhPLyPp22F0mtZ9aXhgisTrFhGxnIONymAcCQ4NVAgMBAAGjcTBvMB8GA1Ud
|
||||||
|
IwQYMBaAFElZZ7UTbMjffmS5IuOpNVBrlYTVMB8GA1UdJQQYMBYGCCsGAQUFBwMD
|
||||||
|
BgorBgEEAZIIEAECMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFCARODuuHuhl3ilu
|
||||||
|
xHuQf004J+veMA0GCSqGSIb3DQEBCwUAA4IBAQCCKUU/9HnitdRKoyIeFnVoOERG
|
||||||
|
YQ1MdMx9EfXi28Ojul8Dd5WeN7hyaOruqfIJqdYH10UnbPqhuCB3+yLxWSZw+kwv
|
||||||
|
HG787EoVkcKQ1om4UJ7GVuMfSuIg5ZAJFoCiiamQqPI36G4p2JphMdIrKiMvaRp8
|
||||||
|
n39m4JMpH1+beAvsdFtYM2+8Yp6Yh5uuOLXtT/O2SCQW2hhyCaCxAe7XbuS0w+u4
|
||||||
|
Bl84aXjIu0Btx4rpgmn62yhULYzAg0xP14+l/aCWt+nHsXjnCXLnYjdEZz9TuEwX
|
||||||
|
F8ioH+ylXyoYTT2qGvV9wxdbQrooaPg2rWooa6ipqr6ClhGoDoi1IFLBI6oV
|
||||||
|
-----END CERTIFICATE-----
|
@ -0,0 +1,75 @@
|
|||||||
|
Certificate:
|
||||||
|
Data:
|
||||||
|
Version: 3 (0x2)
|
||||||
|
Serial Number:
|
||||||
|
71:a3:0f:db:5d:68:ba:11:ad:0d:d7:a2:bb:f2:9b:33:69:22:69:1b
|
||||||
|
Signature Algorithm: sha256WithRSAEncryption
|
||||||
|
Issuer: CN = MSVSphere IMA CA, O = NCSD LLC, C = RU, ST = Moscow, L = Moscow, emailAddress = security@msvsphere-os.ru, OU = MSVSphere Certification Authority
|
||||||
|
Validity
|
||||||
|
Not Before: Oct 17 14:52:34 2023 GMT
|
||||||
|
Not After : May 31 14:52:34 2040 GMT
|
||||||
|
Subject: CN = MSVSphere 9 IMA release key, O = NCSD LLC, C = RU, ST = Moscow, L = Moscow, emailAddress = security@msvsphere-os.ru, OU = MSVSphere Certification Authority
|
||||||
|
Subject Public Key Info:
|
||||||
|
Public Key Algorithm: id-ecPublicKey
|
||||||
|
Public-Key: (384 bit)
|
||||||
|
pub:
|
||||||
|
04:8f:3a:c4:74:50:a0:dd:2b:7c:eb:48:63:06:f9:
|
||||||
|
ec:a5:f9:c2:ef:1a:5a:64:79:95:14:9c:2a:da:3a:
|
||||||
|
f7:bb:50:36:16:51:ca:2d:e4:0f:2e:a1:a5:16:9a:
|
||||||
|
63:a6:f0:ce:c2:69:2a:aa:08:ce:40:17:8f:db:de:
|
||||||
|
16:08:47:02:6d:0b:39:36:80:bd:0d:12:f5:aa:9e:
|
||||||
|
80:8d:ae:c9:90:d6:d3:5e:a4:c0:26:a6:78:83:04:
|
||||||
|
ce:9e:09:17:b7:3e:52
|
||||||
|
ASN1 OID: secp384r1
|
||||||
|
NIST CURVE: P-384
|
||||||
|
X509v3 extensions:
|
||||||
|
X509v3 Basic Constraints: critical
|
||||||
|
CA:FALSE
|
||||||
|
X509v3 Key Usage: critical
|
||||||
|
Digital Signature
|
||||||
|
X509v3 Extended Key Usage: critical
|
||||||
|
Code Signing
|
||||||
|
X509v3 Subject Key Identifier:
|
||||||
|
90:88:18:27:43:0F:80:32:F8:AB:35:AC:DE:28:6D:3B:B9:F5:55:E0
|
||||||
|
X509v3 Authority Key Identifier:
|
||||||
|
77:00:6F:8D:E0:2B:DC:27:EA:D8:DB:F4:C1:DA:12:AD:BF:6E:05:EC
|
||||||
|
Signature Algorithm: sha256WithRSAEncryption
|
||||||
|
Signature Value:
|
||||||
|
18:6a:36:58:96:ad:13:f2:48:97:e6:87:14:ec:00:43:2d:a4:
|
||||||
|
9a:43:80:5a:92:06:fb:cb:26:62:fe:04:23:b2:11:e8:d4:7a:
|
||||||
|
25:6e:14:e4:2b:c0:8d:27:2e:92:b1:19:41:2d:ce:e4:e5:30:
|
||||||
|
99:72:d5:fd:86:b2:d6:15:32:86:91:20:5f:02:da:be:fe:2d:
|
||||||
|
b0:24:60:48:7b:df:41:11:36:0e:df:97:d0:a3:36:4a:0b:88:
|
||||||
|
ec:7c:32:b7:9e:a0:72:6f:f5:4f:b4:bb:c0:71:1d:6c:38:22:
|
||||||
|
3c:e8:e8:9d:58:40:54:7d:86:1d:43:f3:02:df:16:07:89:1b:
|
||||||
|
5b:d0:d5:ea:9c:4d:b5:04:5d:99:f1:64:42:67:ab:d7:15:e6:
|
||||||
|
44:3f:2e:a8:03:51:ae:3a:df:7e:9c:8b:3d:91:5c:ce:a1:b2:
|
||||||
|
b7:69:81:43:ed:a1:f7:63:93:e8:f7:b7:0f:7d:5d:94:55:18:
|
||||||
|
f4:0a:35:13:01:d6:4b:06:57:50:ca:7c:ea:23:b3:e5:9c:ed:
|
||||||
|
87:80:23:7e:0b:64:09:49:98:a2:22:51:83:3c:b8:e4:0b:8b:
|
||||||
|
16:c2:3a:11:ee:78:6a:f2:a4:c7:13:de:b0:3d:97:c6:d5:84:
|
||||||
|
f5:6a:8e:4a:5e:1d:c1:f3:d8:80:b6:71:f5:8f:3b:fd:ad:15:
|
||||||
|
d6:c9:78:d6
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIDyTCCArGgAwIBAgIUcaMP211ouhGtDdeiu/KbM2kiaRswDQYJKoZIhvcNAQEL
|
||||||
|
BQAwgbIxGTAXBgNVBAMMEE1TVlNwaGVyZSBJTUEgQ0ExETAPBgNVBAoMCE5DU0Qg
|
||||||
|
TExDMQswCQYDVQQGEwJSVTEPMA0GA1UECAwGTW9zY293MQ8wDQYDVQQHDAZNb3Nj
|
||||||
|
b3cxJzAlBgkqhkiG9w0BCQEWGHNlY3VyaXR5QG1zdnNwaGVyZS1vcy5ydTEqMCgG
|
||||||
|
A1UECwwhTVNWU3BoZXJlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIzMTAx
|
||||||
|
NzE0NTIzNFoXDTQwMDUzMTE0NTIzNFowgb0xJDAiBgNVBAMMG01TVlNwaGVyZSA5
|
||||||
|
IElNQSByZWxlYXNlIGtleTERMA8GA1UECgwITkNTRCBMTEMxCzAJBgNVBAYTAlJV
|
||||||
|
MQ8wDQYDVQQIDAZNb3Njb3cxDzANBgNVBAcMBk1vc2NvdzEnMCUGCSqGSIb3DQEJ
|
||||||
|
ARYYc2VjdXJpdHlAbXN2c3BoZXJlLW9zLnJ1MSowKAYDVQQLDCFNU1ZTcGhlcmUg
|
||||||
|
Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASP
|
||||||
|
OsR0UKDdK3zrSGMG+eyl+cLvGlpkeZUUnCraOve7UDYWUcot5A8uoaUWmmOm8M7C
|
||||||
|
aSqqCM5AF4/b3hYIRwJtCzk2gL0NEvWqnoCNrsmQ1tNepMAmpniDBM6eCRe3PlKj
|
||||||
|
eDB2MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMBYGA1UdJQEB/wQMMAoG
|
||||||
|
CCsGAQUFBwMDMB0GA1UdDgQWBBSQiBgnQw+AMvirNazeKG07ufVV4DAfBgNVHSME
|
||||||
|
GDAWgBR3AG+N4CvcJ+rY2/TB2hKtv24F7DANBgkqhkiG9w0BAQsFAAOCAQEAGGo2
|
||||||
|
WJatE/JIl+aHFOwAQy2kmkOAWpIG+8smYv4EI7IR6NR6JW4U5CvAjScukrEZQS3O
|
||||||
|
5OUwmXLV/Yay1hUyhpEgXwLavv4tsCRgSHvfQRE2Dt+X0KM2SguI7Hwyt56gcm/1
|
||||||
|
T7S7wHEdbDgiPOjonVhAVH2GHUPzAt8WB4kbW9DV6pxNtQRdmfFkQmer1xXmRD8u
|
||||||
|
qANRrjrffpyLPZFczqGyt2mBQ+2h92OT6Pe3D31dlFUY9Ao1EwHWSwZXUMp86iOz
|
||||||
|
5Zzth4AjfgtkCUmYoiJRgzy45AuLFsI6Ee54avKkxxPesD2XxtWE9WqOSl4dwfPY
|
||||||
|
gLZx9Y87/a0V1sl41g==
|
||||||
|
-----END CERTIFICATE-----
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue