Compare commits
No commits in common. 'c9' and 'c8' have entirely different histories.
@ -1,3 +1,2 @@
|
|||||||
de143fc38b339d982079517b6f01bcec5246cf5e SOURCES/DBXUpdate-20230509.x64.bin
|
ae830c7278f985cb25e90f4687b46c8b22316bef SOURCES/edk2-bb1bba3d77.tar.xz
|
||||||
6da44cf37c27ab03f2940769c58515b07271e047 SOURCES/edk2-3e722403cd.tar.xz
|
85388ae6525650667302c6b553894430197d9e0d SOURCES/openssl-rhel-cf317b2bb227899cb2e761b9163210f62cab1b1e.tar.xz
|
||||||
0a9cfae889c6436333fab963250b069058eec6cf SOURCES/openssl-rhel-0205b589887203b065154ddc8e8107c4ac8625a1.tar.xz
|
|
||||||
|
@ -1,3 +1,2 @@
|
|||||||
SOURCES/DBXUpdate-20230509.x64.bin
|
SOURCES/edk2-bb1bba3d77.tar.xz
|
||||||
SOURCES/edk2-3e722403cd.tar.xz
|
SOURCES/openssl-rhel-cf317b2bb227899cb2e761b9163210f62cab1b1e.tar.xz
|
||||||
SOURCES/openssl-rhel-0205b589887203b065154ddc8e8107c4ac8625a1.tar.xz
|
|
||||||
|
@ -1,65 +0,0 @@
|
|||||||
From de9f92d118c1374243d9d3f006088a29ec7dcf8d Mon Sep 17 00:00:00 2001
|
|
||||||
From: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
Date: Thu, 24 Mar 2022 03:23:02 -0400
|
|
||||||
Subject: [PATCH] Remove paths leading to submodules
|
|
||||||
|
|
||||||
We removed submodules used upstream. However, edk2 build system requires
|
|
||||||
such include paths to resolve successfully, regardless of the firmware
|
|
||||||
platform being built.
|
|
||||||
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
BaseTools/Source/C/GNUmakefile | 1 -
|
|
||||||
MdeModulePkg/MdeModulePkg.dec | 3 ---
|
|
||||||
MdePkg/MdePkg.dec | 5 -----
|
|
||||||
3 files changed, 9 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/BaseTools/Source/C/GNUmakefile b/BaseTools/Source/C/GNUmakefile
|
|
||||||
index 5275f657ef..39d7199753 100644
|
|
||||||
--- a/BaseTools/Source/C/GNUmakefile
|
|
||||||
+++ b/BaseTools/Source/C/GNUmakefile
|
|
||||||
@@ -51,7 +51,6 @@ all: makerootdir subdirs
|
|
||||||
LIBRARIES = Common
|
|
||||||
VFRAUTOGEN = VfrCompile/VfrLexer.h
|
|
||||||
APPLICATIONS = \
|
|
||||||
- BrotliCompress \
|
|
||||||
VfrCompile \
|
|
||||||
EfiRom \
|
|
||||||
GenFfs \
|
|
||||||
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
|
|
||||||
index f7339f0aec..badb93238f 100644
|
|
||||||
--- a/MdeModulePkg/MdeModulePkg.dec
|
|
||||||
+++ b/MdeModulePkg/MdeModulePkg.dec
|
|
||||||
@@ -26,9 +26,6 @@
|
|
||||||
Include
|
|
||||||
Test/Mock/Include
|
|
||||||
|
|
||||||
-[Includes.Common.Private]
|
|
||||||
- Library/BrotliCustomDecompressLib/brotli/c/include
|
|
||||||
-
|
|
||||||
[LibraryClasses]
|
|
||||||
## @libraryclass Defines a set of methods to reset whole system.
|
|
||||||
ResetSystemLib|Include/Library/ResetSystemLib.h
|
|
||||||
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
|
|
||||||
index bf94549cbf..605b0f1be8 100644
|
|
||||||
--- a/MdePkg/MdePkg.dec
|
|
||||||
+++ b/MdePkg/MdePkg.dec
|
|
||||||
@@ -29,7 +29,6 @@
|
|
||||||
Include
|
|
||||||
Test/UnitTest/Include
|
|
||||||
Test/Mock/Include
|
|
||||||
- Library/MipiSysTLib/mipisyst/library/include
|
|
||||||
|
|
||||||
[Includes.IA32]
|
|
||||||
Include/Ia32
|
|
||||||
@@ -295,10 +294,6 @@
|
|
||||||
#
|
|
||||||
FdtLib|Include/Library/FdtLib.h
|
|
||||||
|
|
||||||
- ## @libraryclass Provides general mipi sys-T services.
|
|
||||||
- #
|
|
||||||
- MipiSysTLib|Include/Library/MipiSysTLib.h
|
|
||||||
-
|
|
||||||
## @libraryclass Provides API to output Trace Hub debug message.
|
|
||||||
#
|
|
||||||
TraceHubDebugSysTLib|Include/Library/TraceHubDebugSysTLib.h
|
|
@ -0,0 +1,43 @@
|
|||||||
|
From 0790c9c4f796fdce8ba6618359b78e1d0b331c95 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Thu, 4 Jun 2020 13:34:12 +0200
|
||||||
|
Subject: BaseTools: do not build BrotliCompress (RH only)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- New patch.
|
||||||
|
|
||||||
|
BrotliCompress is not used for building ArmVirtPkg or OvmfPkg platforms.
|
||||||
|
It depends on one of the upstream Brotli git submodules that we removed
|
||||||
|
earlier in this rebase series. (See patch "remove upstream edk2's Brotli
|
||||||
|
submodules (RH only").
|
||||||
|
|
||||||
|
Do not attempt to build BrotliCompress.
|
||||||
|
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit db8ccca337e2c5722c1d408d2541cf653d3371a2)
|
||||||
|
---
|
||||||
|
BaseTools/Source/C/GNUmakefile | 1 -
|
||||||
|
1 file changed, 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/BaseTools/Source/C/GNUmakefile b/BaseTools/Source/C/GNUmakefile
|
||||||
|
index 8c191e0c38..3eae824a1c 100644
|
||||||
|
--- a/BaseTools/Source/C/GNUmakefile
|
||||||
|
+++ b/BaseTools/Source/C/GNUmakefile
|
||||||
|
@@ -48,7 +48,6 @@ all: makerootdir subdirs
|
||||||
|
LIBRARIES = Common
|
||||||
|
VFRAUTOGEN = VfrCompile/VfrLexer.h
|
||||||
|
APPLICATIONS = \
|
||||||
|
- BrotliCompress \
|
||||||
|
VfrCompile \
|
||||||
|
EfiRom \
|
||||||
|
GenFfs \
|
||||||
|
--
|
||||||
|
2.27.0
|
||||||
|
|
@ -0,0 +1,49 @@
|
|||||||
|
From df9e25b7e6179a7764d44f915de95af5f850a020 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Thu, 4 Jun 2020 13:39:08 +0200
|
||||||
|
Subject: MdeModulePkg: remove package-private Brotli include path (RH only)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- New patch.
|
||||||
|
|
||||||
|
Originating from upstream commit 58802e02c41b
|
||||||
|
("MdeModulePkg/BrotliCustomDecompressLib: Make brotli a submodule",
|
||||||
|
2020-04-16), "MdeModulePkg/MdeModulePkg.dec" contains a package-internal
|
||||||
|
include path into a Brotli submodule.
|
||||||
|
|
||||||
|
The edk2 build system requires such include paths to resolve successfully,
|
||||||
|
regardless of the firmware platform being built. Because
|
||||||
|
BrotliCustomDecompressLib is not consumed by any OvmfPkg or ArmVirtPkg
|
||||||
|
platforms, and we've removed the submodule earlier in this patch set,
|
||||||
|
remove the include path too.
|
||||||
|
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit e05e0de713c4a2b8adb6ff9809611f222bfe50ed)
|
||||||
|
---
|
||||||
|
MdeModulePkg/MdeModulePkg.dec | 3 ---
|
||||||
|
1 file changed, 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
|
||||||
|
index 463e889e9a..9d69fb86ed 100644
|
||||||
|
--- a/MdeModulePkg/MdeModulePkg.dec
|
||||||
|
+++ b/MdeModulePkg/MdeModulePkg.dec
|
||||||
|
@@ -24,9 +24,6 @@
|
||||||
|
[Includes]
|
||||||
|
Include
|
||||||
|
|
||||||
|
-[Includes.Common.Private]
|
||||||
|
- Library/BrotliCustomDecompressLib/brotli/c/include
|
||||||
|
-
|
||||||
|
[LibraryClasses]
|
||||||
|
## @libraryclass Defines a set of methods to reset whole system.
|
||||||
|
ResetSystemLib|Include/Library/ResetSystemLib.h
|
||||||
|
--
|
||||||
|
2.27.0
|
||||||
|
|
@ -0,0 +1,82 @@
|
|||||||
|
From 1a1bdd69fad22bbf48e3906bb73b33ede6632102 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Thu, 20 Feb 2014 22:54:45 +0100
|
||||||
|
Subject: OvmfPkg: increase max debug message length to 512 (RHEL only)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- trivial context difference due to upstream commit 2fe5f2f52918
|
||||||
|
("OvmfPkg/PlatformDebugLibIoPort: Add new APIs", 2019-04-02), resolved
|
||||||
|
by git-cherry-pick automatically
|
||||||
|
|
||||||
|
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
|
||||||
|
RHEL-8.1/20190308-89910a39dcfd rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
|
||||||
|
RHEL-8.0/20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- reorder the rebase changelog in the commit message so that it reads like
|
||||||
|
a blog: place more recent entries near the top
|
||||||
|
- no changes to the patch body
|
||||||
|
|
||||||
|
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Upstream prefers short debug messages (sometimes even limited to 80
|
||||||
|
characters), but any line length under 512 characters is just unsuitable
|
||||||
|
for effective debugging. (For example, config strings in HII routing,
|
||||||
|
logged by the platform driver "OvmfPkg/PlatformDxe" on DEBUG_VERBOSE
|
||||||
|
level, can be several hundred characters long.) 512 is an empirically good
|
||||||
|
value.
|
||||||
|
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit bfe568d18dba15602604f155982e3b73add63dfb)
|
||||||
|
(cherry picked from commit 29435a32ec9428720c74c454ce9817662e601fb6)
|
||||||
|
(cherry picked from commit 58e1d1ebb78bfdaf05f4c6e8abf8d4908dfa038a)
|
||||||
|
(cherry picked from commit 1df2c822c996ad767f2f45570ab2686458f7604a)
|
||||||
|
(cherry picked from commit 22c9b4e971c70c69b4adf8eb93133824ccb6426a)
|
||||||
|
(cherry picked from commit a1260c9122c95bcbef1efc5eebe11902767813c2)
|
||||||
|
(cherry picked from commit e949bab1268f83f0f5815a96cd1cb9dd3b21bfb5)
|
||||||
|
(cherry picked from commit a95cff0b9573bf23699551beb4786383f697ff1e)
|
||||||
|
---
|
||||||
|
OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c b/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c
|
||||||
|
index dffb20822d..0577c43c3d 100644
|
||||||
|
--- a/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c
|
||||||
|
+++ b/OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c
|
||||||
|
@@ -21,7 +21,7 @@
|
||||||
|
//
|
||||||
|
// Define the maximum debug and assert message length that this library supports
|
||||||
|
//
|
||||||
|
-#define MAX_DEBUG_MESSAGE_LENGTH 0x100
|
||||||
|
+#define MAX_DEBUG_MESSAGE_LENGTH 0x200
|
||||||
|
|
||||||
|
//
|
||||||
|
// VA_LIST can not initialize to NULL for all compiler, so we use this to
|
||||||
|
--
|
||||||
|
2.27.0
|
||||||
|
|
@ -0,0 +1,168 @@
|
|||||||
|
From 8ea4ac38206664e1d833085a0b7d4e0736870c2b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Tue, 25 Feb 2014 18:40:35 +0100
|
||||||
|
Subject: MdeModulePkg: TerminalDxe: add other text resolutions (RHEL only)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
|
||||||
|
RHEL-8.1/20190308-89910a39dcfd rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
|
||||||
|
RHEL-8.0/20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- reorder the rebase changelog in the commit message so that it reads like
|
||||||
|
a blog: place more recent entries near the top
|
||||||
|
- no changes to the patch body
|
||||||
|
|
||||||
|
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- update commit message as requested in
|
||||||
|
<https://bugzilla.redhat.com/show_bug.cgi?id=1503316#c0>
|
||||||
|
|
||||||
|
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
|
||||||
|
|
||||||
|
- adapt commit 0bc77c63de03 (code and commit message) to upstream commit
|
||||||
|
390b95a49c14 ("MdeModulePkg/TerminalDxe: Refine
|
||||||
|
InitializeTerminalConsoleTextMode", 2017-01-10).
|
||||||
|
|
||||||
|
When the console output is multiplexed to several devices by
|
||||||
|
ConSplitterDxe, then ConSplitterDxe builds an intersection of text modes
|
||||||
|
supported by all console output devices.
|
||||||
|
|
||||||
|
Two notable output devices are provided by:
|
||||||
|
(1) MdeModulePkg/Universal/Console/GraphicsConsoleDxe,
|
||||||
|
(2) MdeModulePkg/Universal/Console/TerminalDxe.
|
||||||
|
|
||||||
|
GraphicsConsoleDxe supports four modes at most -- see
|
||||||
|
InitializeGraphicsConsoleTextMode() and "mGraphicsConsoleModeData":
|
||||||
|
|
||||||
|
(1a) 80x25 (required by the UEFI spec as mode 0),
|
||||||
|
(1b) 80x50 (not necessarily supported, but if it is, then the UEFI spec
|
||||||
|
requires the driver to provide it as mode 1),
|
||||||
|
(1c) 100x31 (corresponding to graphics resolution 800x600, which the UEFI
|
||||||
|
spec requires from all plug-in graphics devices),
|
||||||
|
(1d) "full screen" resolution, derived form the underlying GOP's
|
||||||
|
horizontal and vertical resolutions with division by EFI_GLYPH_WIDTH
|
||||||
|
(8) and EFI_GLYPH_HEIGHT (19), respectively.
|
||||||
|
|
||||||
|
The automatic "full screen resolution" makes GraphicsConsoleDxe's
|
||||||
|
character console very flexible. However, TerminalDxe (which runs on
|
||||||
|
serial ports) only provides the following fixed resolutions -- see
|
||||||
|
InitializeTerminalConsoleTextMode() and "mTerminalConsoleModeData":
|
||||||
|
|
||||||
|
(2a) 80x25 (required by the UEFI spec as mode 0),
|
||||||
|
(2b) 80x50 (since the character resolution of a serial device cannot be
|
||||||
|
interrogated easily, this is added unconditionally as mode 1),
|
||||||
|
(2c) 100x31 (since the character resolution of a serial device cannot be
|
||||||
|
interrogated easily, this is added unconditionally as mode 2).
|
||||||
|
|
||||||
|
When ConSplitterDxe combines (1) and (2), multiplexing console output to
|
||||||
|
both video output and serial terminal, the list of commonly supported text
|
||||||
|
modes (ie. the "intersection") comprises:
|
||||||
|
|
||||||
|
(3a) 80x25, unconditionally, from (1a) and (2a),
|
||||||
|
(3b) 80x50, if the graphics console provides at least 640x950 pixel
|
||||||
|
resolution, from (1b) and (2b)
|
||||||
|
(3c) 100x31, if the graphics device is a plug-in one (because in that case
|
||||||
|
800x600 is a mandated pixel resolution), from (1c) and (2c).
|
||||||
|
|
||||||
|
Unfortunately, the "full screen resolution" (1d) of the GOP-based text
|
||||||
|
console is not available in general.
|
||||||
|
|
||||||
|
Mitigate this problem by extending "mTerminalConsoleModeData" with a
|
||||||
|
handful of text resolutions that are derived from widespread maximal pixel
|
||||||
|
resolutions. This way TerminalDxe won't cause ConSplitterDxe to filter out
|
||||||
|
the most frequent (1d) values from the intersection, and eg. the MODE
|
||||||
|
command in the UEFI shell will offer the "best" (ie. full screen)
|
||||||
|
resolution too.
|
||||||
|
|
||||||
|
Upstreaming efforts for this patch have been discontinued; it was clear
|
||||||
|
from the off-list thread that consensus was impossible to reach.
|
||||||
|
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit 99dc3720ac86059f60156197328cc433603c536e)
|
||||||
|
(cherry picked from commit d2066c1748f885043026c51dec1bc8d6d406ae8f)
|
||||||
|
(cherry picked from commit 1facdd58e946c584a3dc1e5be8f2f837b5a7c621)
|
||||||
|
(cherry picked from commit 28faeb5f94b4866b9da16cf2a1e4e0fc09a26e37)
|
||||||
|
(cherry picked from commit 4e4e15b80a5b2103eadd495ef4a830d46dd4ed51)
|
||||||
|
(cherry picked from commit 12cb13a1da913912bd9148ce8f2353a75be77f18)
|
||||||
|
(cherry picked from commit 82b9edc5fef3a07227a45059bbe821af7b9abd69)
|
||||||
|
---
|
||||||
|
.../Universal/Console/TerminalDxe/Terminal.c | 41 +++++++++++++++++--
|
||||||
|
1 file changed, 38 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.c b/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.c
|
||||||
|
index a98b690c8b..ded5513c74 100644
|
||||||
|
--- a/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.c
|
||||||
|
+++ b/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.c
|
||||||
|
@@ -115,9 +115,44 @@ TERMINAL_DEV mTerminalDevTemplate = {
|
||||||
|
};
|
||||||
|
|
||||||
|
TERMINAL_CONSOLE_MODE_DATA mTerminalConsoleModeData[] = {
|
||||||
|
- {80, 25},
|
||||||
|
- {80, 50},
|
||||||
|
- {100, 31},
|
||||||
|
+ { 80, 25 }, // from graphics resolution 640 x 480
|
||||||
|
+ { 80, 50 }, // from graphics resolution 640 x 960
|
||||||
|
+ { 100, 25 }, // from graphics resolution 800 x 480
|
||||||
|
+ { 100, 31 }, // from graphics resolution 800 x 600
|
||||||
|
+ { 104, 32 }, // from graphics resolution 832 x 624
|
||||||
|
+ { 120, 33 }, // from graphics resolution 960 x 640
|
||||||
|
+ { 128, 31 }, // from graphics resolution 1024 x 600
|
||||||
|
+ { 128, 40 }, // from graphics resolution 1024 x 768
|
||||||
|
+ { 144, 45 }, // from graphics resolution 1152 x 864
|
||||||
|
+ { 144, 45 }, // from graphics resolution 1152 x 870
|
||||||
|
+ { 160, 37 }, // from graphics resolution 1280 x 720
|
||||||
|
+ { 160, 40 }, // from graphics resolution 1280 x 760
|
||||||
|
+ { 160, 40 }, // from graphics resolution 1280 x 768
|
||||||
|
+ { 160, 42 }, // from graphics resolution 1280 x 800
|
||||||
|
+ { 160, 50 }, // from graphics resolution 1280 x 960
|
||||||
|
+ { 160, 53 }, // from graphics resolution 1280 x 1024
|
||||||
|
+ { 170, 40 }, // from graphics resolution 1360 x 768
|
||||||
|
+ { 170, 40 }, // from graphics resolution 1366 x 768
|
||||||
|
+ { 175, 55 }, // from graphics resolution 1400 x 1050
|
||||||
|
+ { 180, 47 }, // from graphics resolution 1440 x 900
|
||||||
|
+ { 200, 47 }, // from graphics resolution 1600 x 900
|
||||||
|
+ { 200, 63 }, // from graphics resolution 1600 x 1200
|
||||||
|
+ { 210, 55 }, // from graphics resolution 1680 x 1050
|
||||||
|
+ { 240, 56 }, // from graphics resolution 1920 x 1080
|
||||||
|
+ { 240, 63 }, // from graphics resolution 1920 x 1200
|
||||||
|
+ { 240, 75 }, // from graphics resolution 1920 x 1440
|
||||||
|
+ { 250, 105 }, // from graphics resolution 2000 x 2000
|
||||||
|
+ { 256, 80 }, // from graphics resolution 2048 x 1536
|
||||||
|
+ { 256, 107 }, // from graphics resolution 2048 x 2048
|
||||||
|
+ { 320, 75 }, // from graphics resolution 2560 x 1440
|
||||||
|
+ { 320, 84 }, // from graphics resolution 2560 x 1600
|
||||||
|
+ { 320, 107 }, // from graphics resolution 2560 x 2048
|
||||||
|
+ { 350, 110 }, // from graphics resolution 2800 x 2100
|
||||||
|
+ { 400, 126 }, // from graphics resolution 3200 x 2400
|
||||||
|
+ { 480, 113 }, // from graphics resolution 3840 x 2160
|
||||||
|
+ { 512, 113 }, // from graphics resolution 4096 x 2160
|
||||||
|
+ { 960, 227 }, // from graphics resolution 7680 x 4320
|
||||||
|
+ { 1024, 227 }, // from graphics resolution 8192 x 4320
|
||||||
|
//
|
||||||
|
// New modes can be added here.
|
||||||
|
//
|
||||||
|
--
|
||||||
|
2.27.0
|
||||||
|
|
@ -1,126 +0,0 @@
|
|||||||
From 3208551a4a7934a905ba33dde70bfea37c9a95af Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
|
||||||
Date: Thu, 1 Jul 2021 20:28:49 +0200
|
|
||||||
Subject: [PATCH] OvmfPkg: Remove EbcDxe (RHEL only)
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
RH-MergeRequest: 3: Disable features for RHEL9
|
|
||||||
RH-Commit: [2/19] 6777c3dc453e4aecddc20216f783ba2a5acccaa0
|
|
||||||
RH-Bugzilla: 1967747
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
|
|
||||||
Remove EFI Byte Code interpreter.
|
|
||||||
|
|
||||||
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 -
|
|
||||||
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32.dsc | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32.fdf | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32X64.dsc | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
|
|
||||||
OvmfPkg/OvmfPkgX64.dsc | 1 -
|
|
||||||
OvmfPkg/OvmfPkgX64.fdf | 1 -
|
|
||||||
8 files changed, 8 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
||||||
index 32f47704bc..6b6e108d11 100644
|
|
||||||
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
||||||
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
||||||
@@ -611,7 +611,6 @@
|
|
||||||
!include OvmfPkg/Include/Dsc/OvmfTpmSecurityStub.dsc.inc
|
|
||||||
}
|
|
||||||
|
|
||||||
- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
|
||||||
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
|
||||||
UefiCpuPkg/CpuDxe/CpuDxe.inf
|
|
||||||
OvmfPkg/LocalApicTimerDxe/LocalApicTimerDxe.inf
|
|
||||||
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
||||||
index 595945181c..c176043482 100644
|
|
||||||
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
||||||
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
||||||
@@ -212,7 +212,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
|
|
||||||
|
|
||||||
INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
|
|
||||||
INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
|
|
||||||
-INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
|
||||||
INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
|
||||||
INF UefiCpuPkg/CpuDxe/CpuDxe.inf
|
|
||||||
INF OvmfPkg/LocalApicTimerDxe/LocalApicTimerDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
index 49540d54d0..d368aa11fe 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
@@ -746,7 +746,6 @@
|
|
||||||
!include OvmfPkg/Include/Dsc/OvmfTpmSecurityStub.dsc.inc
|
|
||||||
}
|
|
||||||
|
|
||||||
- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
|
||||||
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
|
||||||
UefiCpuPkg/CpuDxe/CpuDxe.inf
|
|
||||||
OvmfPkg/LocalApicTimerDxe/LocalApicTimerDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
index 0d4abb50a8..ef933def99 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
@@ -216,7 +216,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
|
|
||||||
|
|
||||||
INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
|
|
||||||
INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
|
|
||||||
-INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
|
||||||
INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
|
||||||
INF UefiCpuPkg/CpuDxe/CpuDxe.inf
|
|
||||||
INF OvmfPkg/LocalApicTimerDxe/LocalApicTimerDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
index 1c4e0514ed..cf09bdf785 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
@@ -760,7 +760,6 @@
|
|
||||||
!include OvmfPkg/Include/Dsc/OvmfTpmSecurityStub.dsc.inc
|
|
||||||
}
|
|
||||||
|
|
||||||
- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
|
||||||
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
|
||||||
UefiCpuPkg/CpuDxe/CpuDxe.inf
|
|
||||||
OvmfPkg/LocalApicTimerDxe/LocalApicTimerDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
index 23a825a012..0cd98ada5a 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
@@ -217,7 +217,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
|
|
||||||
|
|
||||||
INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
|
|
||||||
INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
|
|
||||||
-INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
|
||||||
INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
|
||||||
INF UefiCpuPkg/CpuDxe/CpuDxe.inf
|
|
||||||
INF OvmfPkg/LocalApicTimerDxe/LocalApicTimerDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
index e50e63b3f6..098d569381 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
@@ -805,7 +805,6 @@
|
|
||||||
!include OvmfPkg/Include/Dsc/OvmfTpmSecurityStub.dsc.inc
|
|
||||||
}
|
|
||||||
|
|
||||||
- MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
|
||||||
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
|
||||||
|
|
||||||
UefiCpuPkg/CpuDxe/CpuDxe.inf {
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
index 4dcd6a033c..b201505214 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
@@ -245,7 +245,6 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
|
|
||||||
|
|
||||||
INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
|
|
||||||
INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
|
|
||||||
-INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
|
||||||
INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
|
|
||||||
|
|
||||||
INF UefiCpuPkg/CpuDxe/CpuDxe.inf
|
|
@ -1,126 +0,0 @@
|
|||||||
From 42becc4c97abe443d06bb128a4b7d5e279842715 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
|
||||||
Date: Thu, 1 Jul 2021 20:28:59 +0200
|
|
||||||
Subject: [PATCH] OvmfPkg: Remove VirtioGpu device driver (RHEL only)
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
RH-MergeRequest: 3: Disable features for RHEL9
|
|
||||||
RH-Commit: [4/19] f0a41317291f2e9e3b5bd3125149c3866f23ab08
|
|
||||||
RH-Bugzilla: 1967747
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
|
|
||||||
QemuVideoDxe binds virtio-vga, so VirtioGpu is not needed.
|
|
||||||
|
|
||||||
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 -
|
|
||||||
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32.dsc | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32.fdf | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32X64.dsc | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
|
|
||||||
OvmfPkg/OvmfPkgX64.dsc | 1 -
|
|
||||||
OvmfPkg/OvmfPkgX64.fdf | 1 -
|
|
||||||
8 files changed, 8 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
||||||
index 6b6e108d11..5461c1290d 100644
|
|
||||||
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
||||||
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
||||||
@@ -701,7 +701,6 @@
|
|
||||||
<PcdsFixedAtBuild>
|
|
||||||
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
|
||||||
}
|
|
||||||
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
|
||||||
|
|
||||||
#
|
|
||||||
# ISA Support
|
|
||||||
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
||||||
index c176043482..10538a0465 100644
|
|
||||||
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
||||||
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
||||||
@@ -300,7 +300,6 @@ INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
|
|
||||||
INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
|
|
||||||
|
|
||||||
INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
|
||||||
-INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
|
||||||
INF OvmfPkg/PlatformDxe/Platform.inf
|
|
||||||
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
|
|
||||||
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
index d368aa11fe..40e78014c4 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
@@ -838,7 +838,6 @@
|
|
||||||
<PcdsFixedAtBuild>
|
|
||||||
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
|
||||||
}
|
|
||||||
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
|
||||||
OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf
|
|
||||||
|
|
||||||
#
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
index ef933def99..68d59968ec 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
@@ -317,7 +317,6 @@ INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
|
|
||||||
|
|
||||||
INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
|
|
||||||
INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
|
||||||
-INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
|
||||||
INF OvmfPkg/PlatformDxe/Platform.inf
|
|
||||||
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf
|
|
||||||
INF OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
index cf09bdf785..6ade9aa0ef 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
@@ -852,7 +852,6 @@
|
|
||||||
<PcdsFixedAtBuild>
|
|
||||||
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
|
||||||
}
|
|
||||||
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
|
||||||
OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf
|
|
||||||
|
|
||||||
#
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
index 0cd98ada5a..8891d96422 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
@@ -323,7 +323,6 @@ INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
|
|
||||||
|
|
||||||
INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
|
|
||||||
INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
|
||||||
-INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
|
||||||
INF OvmfPkg/PlatformDxe/Platform.inf
|
|
||||||
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
|
|
||||||
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
index 098d569381..8563835ae5 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
@@ -920,7 +920,6 @@
|
|
||||||
<PcdsFixedAtBuild>
|
|
||||||
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
|
|
||||||
}
|
|
||||||
- OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
|
||||||
OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf
|
|
||||||
|
|
||||||
#
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
index b201505214..06ac4423da 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
@@ -356,7 +356,6 @@ INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
|
|
||||||
|
|
||||||
INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
|
|
||||||
INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
|
|
||||||
-INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
|
||||||
INF OvmfPkg/PlatformDxe/Platform.inf
|
|
||||||
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
|
|
||||||
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf
|
|
@ -0,0 +1,172 @@
|
|||||||
|
From e8e12cb7d3a47e5823cf2cb12c9bfe5901d3b100 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Tue, 4 Nov 2014 23:02:53 +0100
|
||||||
|
Subject: OvmfPkg: allow exclusion of the shell from the firmware image (RH
|
||||||
|
only)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- No manual / explicit code change is necessary, because the newly
|
||||||
|
inherited OvmfPkg/AmdSev platform already has its own BUILD_SHELL
|
||||||
|
build-time macro (feature test flag), with default value FALSE -- from
|
||||||
|
upstream commit b261a30c900a ("OvmfPkg/AmdSev: add Grub Firmware Volume
|
||||||
|
Package", 2020-12-14).
|
||||||
|
|
||||||
|
- Contextual differences from new upstream commits 2d8ca4f90eae ("OvmfPkg:
|
||||||
|
enable HttpDynamicCommand", 2020-10-01) and 5ab6a0e1c8e9 ("OvmfPkg:
|
||||||
|
introduce VirtioFsDxe", 2020-12-21) have been auto-resolved by
|
||||||
|
git-cherry-pick.
|
||||||
|
|
||||||
|
- Remove obsolete commit message tags related to downstream patch
|
||||||
|
management: Message-id, Patchwork-id, O-Subject, Acked-by
|
||||||
|
(RHBZ#1846481).
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- context difference from upstream commit ec41733cfd10 ("OvmfPkg: add the
|
||||||
|
'initrd' dynamic shell command", 2020-03-04) correctly auto-resolved
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
|
||||||
|
RHEL-8.1/20190308-89910a39dcfd rebase:
|
||||||
|
|
||||||
|
- update the patch against the following upstream commits:
|
||||||
|
- 4b888334d234 ("OvmfPkg: Remove EdkShellBinPkg in FDF", 2018-11-19)
|
||||||
|
- 277a3958d93a ("OvmfPkg: Don't include TftpDynamicCommand in XCODE5
|
||||||
|
tool chain", 2018-11-27)
|
||||||
|
|
||||||
|
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
|
||||||
|
RHEL-8.0/20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- reorder the rebase changelog in the commit message so that it reads like
|
||||||
|
a blog: place more recent entries near the top
|
||||||
|
- no changes to the patch body
|
||||||
|
|
||||||
|
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Bugzilla: 1147592
|
||||||
|
|
||||||
|
When '-D EXCLUDE_SHELL_FROM_FD' is passed to 'build', exclude the shell
|
||||||
|
binary from the firmware image.
|
||||||
|
|
||||||
|
Peter Jones advised us that firmware vendors for physical systems disable
|
||||||
|
the memory-mapped, firmware image-contained UEFI shell in
|
||||||
|
SecureBoot-enabled builds. The reason being that the memory-mapped shell
|
||||||
|
can always load, it may have direct access to various hardware in the
|
||||||
|
system, and it can run UEFI shell scripts (which cannot be signed at all).
|
||||||
|
|
||||||
|
Intended use of the new build option:
|
||||||
|
|
||||||
|
- In-tree builds: don't pass '-D EXCLUDE_SHELL_FROM_FD'. The resultant
|
||||||
|
firmware image will contain a shell binary, independently of SecureBoot
|
||||||
|
enablement, which is flexible for interactive development. (Ie. no
|
||||||
|
change for in-tree builds.)
|
||||||
|
|
||||||
|
- RPM builds: pass both '-D SECURE_BOOT_ENABLE' and
|
||||||
|
'-D EXCLUDE_SHELL_FROM_FD'. The resultant RPM will provide:
|
||||||
|
|
||||||
|
- OVMF_CODE.fd: SecureBoot-enabled firmware, without builtin UEFI shell,
|
||||||
|
|
||||||
|
- OVMF_VARS.fd: variable store template matching OVMF_CODE.fd,
|
||||||
|
|
||||||
|
- UefiShell.iso: a bootable ISO image with the shell on it as default
|
||||||
|
boot loader. The shell binary will load when SecureBoot is turned off,
|
||||||
|
and won't load when SecureBoot is turned on (because it is not
|
||||||
|
signed).
|
||||||
|
|
||||||
|
UefiShell.iso is the reason we're not excluding the shell from the DSC
|
||||||
|
files as well, only the FDF files -- when '-D EXCLUDE_SHELL_FROM_FD'
|
||||||
|
is specified, the shell binary needs to be built the same, only it
|
||||||
|
will be included in UefiShell.iso.
|
||||||
|
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit 9c391def70366cabae08e6008814299c3372fafd)
|
||||||
|
(cherry picked from commit d9dd9ee42937b2611fe37183cc9ec7f62d946933)
|
||||||
|
(cherry picked from commit 23df46ebbe7b09451d3a05034acd4d3a25e7177b)
|
||||||
|
(cherry picked from commit f0303f71d576c51b01c4ff961b429d0e0e707245)
|
||||||
|
(cherry picked from commit bbd64eb8658e9a33eab4227d9f4e51ad78d9f687)
|
||||||
|
(cherry picked from commit 8628ef1b8d675ebec39d83834abbe3c8c8c42cf4)
|
||||||
|
(cherry picked from commit 229c88dc3ded9baeaca8b87767dc5c41c05afd6e)
|
||||||
|
(cherry picked from commit c2812d7189dee06c780f05a5880eb421c359a687)
|
||||||
|
---
|
||||||
|
OvmfPkg/OvmfPkgIa32.fdf | 2 ++
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.fdf | 2 ++
|
||||||
|
OvmfPkg/OvmfPkgX64.fdf | 2 ++
|
||||||
|
3 files changed, 6 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
index 775ea2d710..00ea14adf0 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
@@ -290,12 +290,14 @@ INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
||||||
|
|
||||||
|
+!ifndef $(EXCLUDE_SHELL_FROM_FD)
|
||||||
|
!if $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
||||||
|
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
||||||
|
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
!endif
|
||||||
|
INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
+!endif
|
||||||
|
|
||||||
|
INF MdeModulePkg/Logo/LogoDxe.inf
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
index 9d8695922f..e33a40c44e 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
@@ -294,12 +294,14 @@ INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
||||||
|
|
||||||
|
+!ifndef $(EXCLUDE_SHELL_FROM_FD)
|
||||||
|
!if $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
||||||
|
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
||||||
|
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
!endif
|
||||||
|
INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
+!endif
|
||||||
|
|
||||||
|
INF MdeModulePkg/Logo/LogoDxe.inf
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
index b6cc3cabdd..85b4b23857 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
@@ -310,12 +310,14 @@ INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
||||||
|
INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
||||||
|
|
||||||
|
+!ifndef $(EXCLUDE_SHELL_FROM_FD)
|
||||||
|
!if $(TOOL_CHAIN_TAG) != "XCODE5"
|
||||||
|
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
||||||
|
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
||||||
|
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
||||||
|
!endif
|
||||||
|
INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
+!endif
|
||||||
|
|
||||||
|
INF MdeModulePkg/Logo/LogoDxe.inf
|
||||||
|
|
||||||
|
--
|
||||||
|
2.27.0
|
||||||
|
|
@ -0,0 +1,93 @@
|
|||||||
|
From eba5ecf4b2611d593a978ccac804314ab7848754 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Wed, 14 Oct 2015 13:49:43 +0200
|
||||||
|
Subject: ArmPlatformPkg: introduce fixed PCD for early hello message (RH only)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
|
||||||
|
RHEL-8.1/20190308-89910a39dcfd rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
|
||||||
|
RHEL-8.0/20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- reorder the rebase changelog in the commit message so that it reads like
|
||||||
|
a blog: place more recent entries near the top
|
||||||
|
- no changes to the patch body
|
||||||
|
|
||||||
|
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Drew has proposed that ARM|AARCH64 platform firmware (especially virtual
|
||||||
|
machine firmware) print a reasonably early, simple hello message to the
|
||||||
|
serial port, regardless of debug mask settings. This should inform
|
||||||
|
interactive users, and provide some rough help in localizing boot
|
||||||
|
problems, even with restrictive debug masks.
|
||||||
|
|
||||||
|
If a platform doesn't want this feature, it should stick with the default
|
||||||
|
empty string.
|
||||||
|
|
||||||
|
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1270279
|
||||||
|
Downstream only:
|
||||||
|
<http://thread.gmane.org/gmane.comp.bios.edk2.devel/2996/focus=3433>.
|
||||||
|
|
||||||
|
Suggested-by: Drew Jones <drjones@redhat.com>
|
||||||
|
Contributed-under: TianoCore Contribution Agreement 1.0
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit 7ce97b06421434c82095f01a1753a8c9c546cc30)
|
||||||
|
(cherry picked from commit 20b1f1cbd0590aa71c6d99d35e23cf08e0707750)
|
||||||
|
(cherry picked from commit 6734b88cf7abcaf42632e3d2fc469b2169dd2f16)
|
||||||
|
(cherry picked from commit ef77da632559e9baa1c69869e4cbea377068ef27)
|
||||||
|
(cherry picked from commit 58755c51d3252312d80cbcb97928d71199c2f5e1)
|
||||||
|
(cherry picked from commit c3f07e323e76856f1b42ea7b8c598ba3201c28a2)
|
||||||
|
(cherry picked from commit 9f756c1ad83cc81f7d892cd036d59a2b567b02dc)
|
||||||
|
(cherry picked from commit c75aea7a738ac7fb944c0695a4bfffc3985afaa9)
|
||||||
|
---
|
||||||
|
ArmPlatformPkg/ArmPlatformPkg.dec | 7 +++++++
|
||||||
|
1 file changed, 7 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/ArmPlatformPkg/ArmPlatformPkg.dec b/ArmPlatformPkg/ArmPlatformPkg.dec
|
||||||
|
index 3a25ddcdc8..b2b58553c7 100644
|
||||||
|
--- a/ArmPlatformPkg/ArmPlatformPkg.dec
|
||||||
|
+++ b/ArmPlatformPkg/ArmPlatformPkg.dec
|
||||||
|
@@ -121,6 +121,13 @@
|
||||||
|
## If set, this will swap settings for HDLCD RED_SELECT and BLUE_SELECT registers
|
||||||
|
gArmPlatformTokenSpaceGuid.PcdArmHdLcdSwapBlueRedSelect|FALSE|BOOLEAN|0x00000045
|
||||||
|
|
||||||
|
+ #
|
||||||
|
+ # Early hello message (ASCII string), printed to the serial port.
|
||||||
|
+ # If set to the empty string, nothing is printed.
|
||||||
|
+ # Otherwise, a trailing CRLF should be specified explicitly.
|
||||||
|
+ #
|
||||||
|
+ gArmPlatformTokenSpaceGuid.PcdEarlyHelloMessage|""|VOID*|0x00000100
|
||||||
|
+
|
||||||
|
[PcdsFixedAtBuild.common,PcdsDynamic.common]
|
||||||
|
## PL031 RealTimeClock
|
||||||
|
gArmPlatformTokenSpaceGuid.PcdPL031RtcBase|0x0|UINT32|0x00000024
|
||||||
|
--
|
||||||
|
2.27.0
|
||||||
|
|
@ -1,100 +0,0 @@
|
|||||||
From 67e5739ca9ba906914aade6b5ad84c420ad9af29 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
|
||||||
Date: Thu, 1 Jul 2021 20:29:13 +0200
|
|
||||||
Subject: [PATCH] OvmfPkg: Remove VirtioFsDxe filesystem driver (RHEL only)
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
RH-MergeRequest: 3: Disable features for RHEL9
|
|
||||||
RH-Commit: [9/19] b40d8a6b9c38568a74fb922b12bbae9f0e721f95
|
|
||||||
RH-Bugzilla: 1967747
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
|
|
||||||
Remove the virtio-fs driver.
|
|
||||||
|
|
||||||
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
OvmfPkg/OvmfPkgIa32.dsc | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32.fdf | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32X64.dsc | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
|
|
||||||
OvmfPkg/OvmfPkgX64.dsc | 1 -
|
|
||||||
OvmfPkg/OvmfPkgX64.fdf | 1 -
|
|
||||||
6 files changed, 6 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
index 40e78014c4..afd2a3c5c0 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
@@ -816,7 +816,6 @@
|
|
||||||
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
|
||||||
FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
|
||||||
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
|
|
||||||
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
|
|
||||||
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
index 68d59968ec..c392b96470 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
@@ -290,7 +290,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
|
||||||
|
|
||||||
INF FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
-INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
|
||||||
|
|
||||||
INF MdeModulePkg/Logo/LogoDxe.inf
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
index 6ade9aa0ef..f5a4c57c8e 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
@@ -830,7 +830,6 @@
|
|
||||||
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
|
||||||
FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
|
||||||
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
|
|
||||||
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
|
|
||||||
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
index 8891d96422..6278daeeee 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
@@ -291,7 +291,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
|
||||||
|
|
||||||
INF FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
-INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
|
||||||
|
|
||||||
INF MdeModulePkg/Logo/LogoDxe.inf
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
index 8563835ae5..08b73a64c9 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
@@ -898,7 +898,6 @@
|
|
||||||
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
|
||||||
FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
|
||||||
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
|
|
||||||
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
|
|
||||||
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
index 06ac4423da..fc4b6dd3a4 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
@@ -322,7 +322,6 @@ INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResour
|
|
||||||
|
|
||||||
INF FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
-INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
|
||||||
|
|
||||||
INF MdeModulePkg/Logo/LogoDxe.inf
|
|
||||||
|
|
@ -0,0 +1,145 @@
|
|||||||
|
From 8be1d7253ba8a7d30bb54835ef1fc866aa62e216 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Wed, 14 Oct 2015 13:59:20 +0200
|
||||||
|
Subject: ArmPlatformPkg: PrePeiCore: write early hello message to the serial
|
||||||
|
port (RH)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
|
||||||
|
RHEL-8.1/20190308-89910a39dcfd rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
|
||||||
|
RHEL-8.0/20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- reorder the rebase changelog in the commit message so that it reads like
|
||||||
|
a blog: place more recent entries near the top
|
||||||
|
- no changes to the patch body
|
||||||
|
|
||||||
|
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- adapt to upstream commit 7e2a8dfe8a9a ("ArmPlatformPkg/PrePeiCore: seed
|
||||||
|
temporary stack before entering PEI core", 2017-11-09) -- conflict
|
||||||
|
resolution in "ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf"
|
||||||
|
|
||||||
|
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
The FixedPcdGetSize() macro expands to an integer constant, therefore an
|
||||||
|
optimizing compiler can eliminate the new code, if the platform DSC
|
||||||
|
doesn't override the empty string (size=1) default of
|
||||||
|
PcdEarlyHelloMessage.
|
||||||
|
|
||||||
|
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1270279
|
||||||
|
Downstream only:
|
||||||
|
<http://thread.gmane.org/gmane.comp.bios.edk2.devel/2996/focus=3433>.
|
||||||
|
|
||||||
|
Contributed-under: TianoCore Contribution Agreement 1.0
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit b16c4c505ce0e27305235533eac9236aa66f132e)
|
||||||
|
(cherry picked from commit 742e5bf6d5ce5a1e73879d6e5c0dd00feda7a9ac)
|
||||||
|
(cherry picked from commit 93d69eb9393cf05af90676253875c59c1bec67fd)
|
||||||
|
(cherry picked from commit 638594083b191f84f5d9333eb6147a31570f5a5a)
|
||||||
|
(cherry picked from commit f4b7aae411d88b2b83f85d20ef06a4032a57e7de)
|
||||||
|
(cherry picked from commit bb71490fdda3b38fa9f071d281b863f9b64363bf)
|
||||||
|
(cherry picked from commit 8d5a8827aabc67cb2a046697e1a750ca8d9cc453)
|
||||||
|
(cherry picked from commit 49fe5596cd79c94d903c4d506c563d642ccd69aa)
|
||||||
|
---
|
||||||
|
ArmPlatformPkg/PrePeiCore/MainMPCore.c | 5 +++++
|
||||||
|
ArmPlatformPkg/PrePeiCore/MainUniCore.c | 5 +++++
|
||||||
|
ArmPlatformPkg/PrePeiCore/PrePeiCore.h | 1 +
|
||||||
|
ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf | 2 ++
|
||||||
|
ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf | 2 ++
|
||||||
|
5 files changed, 15 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/ArmPlatformPkg/PrePeiCore/MainMPCore.c b/ArmPlatformPkg/PrePeiCore/MainMPCore.c
|
||||||
|
index 859f1adf20..cf9e65bb7c 100644
|
||||||
|
--- a/ArmPlatformPkg/PrePeiCore/MainMPCore.c
|
||||||
|
+++ b/ArmPlatformPkg/PrePeiCore/MainMPCore.c
|
||||||
|
@@ -111,6 +111,11 @@ PrimaryMain (
|
||||||
|
UINTN TemporaryRamBase;
|
||||||
|
UINTN TemporaryRamSize;
|
||||||
|
|
||||||
|
+ if (FixedPcdGetSize (PcdEarlyHelloMessage) > 1) {
|
||||||
|
+ SerialPortWrite (FixedPcdGetPtr (PcdEarlyHelloMessage),
|
||||||
|
+ FixedPcdGetSize (PcdEarlyHelloMessage) - 1);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
CreatePpiList (&PpiListSize, &PpiList);
|
||||||
|
|
||||||
|
// Enable the GIC Distributor
|
||||||
|
diff --git a/ArmPlatformPkg/PrePeiCore/MainUniCore.c b/ArmPlatformPkg/PrePeiCore/MainUniCore.c
|
||||||
|
index 220f9b5680..158cc34c77 100644
|
||||||
|
--- a/ArmPlatformPkg/PrePeiCore/MainUniCore.c
|
||||||
|
+++ b/ArmPlatformPkg/PrePeiCore/MainUniCore.c
|
||||||
|
@@ -29,6 +29,11 @@ PrimaryMain (
|
||||||
|
UINTN TemporaryRamBase;
|
||||||
|
UINTN TemporaryRamSize;
|
||||||
|
|
||||||
|
+ if (FixedPcdGetSize (PcdEarlyHelloMessage) > 1) {
|
||||||
|
+ SerialPortWrite (FixedPcdGetPtr (PcdEarlyHelloMessage),
|
||||||
|
+ FixedPcdGetSize (PcdEarlyHelloMessage) - 1);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
CreatePpiList (&PpiListSize, &PpiList);
|
||||||
|
|
||||||
|
// Adjust the Temporary Ram as the new Ppi List (Common + Platform Ppi Lists) is created at
|
||||||
|
diff --git a/ArmPlatformPkg/PrePeiCore/PrePeiCore.h b/ArmPlatformPkg/PrePeiCore/PrePeiCore.h
|
||||||
|
index 7b155a8a61..e9e283f9ec 100644
|
||||||
|
--- a/ArmPlatformPkg/PrePeiCore/PrePeiCore.h
|
||||||
|
+++ b/ArmPlatformPkg/PrePeiCore/PrePeiCore.h
|
||||||
|
@@ -15,6 +15,7 @@
|
||||||
|
#include <Library/DebugLib.h>
|
||||||
|
#include <Library/IoLib.h>
|
||||||
|
#include <Library/PcdLib.h>
|
||||||
|
+#include <Library/SerialPortLib.h>
|
||||||
|
|
||||||
|
#include <PiPei.h>
|
||||||
|
#include <Ppi/TemporaryRamSupport.h>
|
||||||
|
diff --git a/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf b/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf
|
||||||
|
index fb01dd1a11..a6681c1032 100644
|
||||||
|
--- a/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf
|
||||||
|
+++ b/ArmPlatformPkg/PrePeiCore/PrePeiCoreMPCore.inf
|
||||||
|
@@ -69,6 +69,8 @@
|
||||||
|
gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize
|
||||||
|
gArmPlatformTokenSpaceGuid.PcdCPUCoreSecondaryStackSize
|
||||||
|
|
||||||
|
+ gArmPlatformTokenSpaceGuid.PcdEarlyHelloMessage
|
||||||
|
+
|
||||||
|
gArmTokenSpaceGuid.PcdGicDistributorBase
|
||||||
|
gArmTokenSpaceGuid.PcdGicInterruptInterfaceBase
|
||||||
|
gArmTokenSpaceGuid.PcdGicSgiIntId
|
||||||
|
diff --git a/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf b/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf
|
||||||
|
index e9eb092d3a..c98dc82f0c 100644
|
||||||
|
--- a/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf
|
||||||
|
+++ b/ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf
|
||||||
|
@@ -67,4 +67,6 @@
|
||||||
|
gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize
|
||||||
|
gArmPlatformTokenSpaceGuid.PcdCPUCoreSecondaryStackSize
|
||||||
|
|
||||||
|
+ gArmPlatformTokenSpaceGuid.PcdEarlyHelloMessage
|
||||||
|
+
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdInitValueInTempStack
|
||||||
|
--
|
||||||
|
2.27.0
|
||||||
|
|
@ -1,61 +0,0 @@
|
|||||||
From 9827ce562f432da36410ef0e9ce6d7971e502b99 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
|
||||||
Date: Thu, 1 Jul 2021 20:29:16 +0200
|
|
||||||
Subject: [PATCH] ArmVirtPkg: Remove VirtioFsDxe filesystem driver (RHEL only)
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
RH-MergeRequest: 3: Disable features for RHEL9
|
|
||||||
RH-Commit: [10/19] 808ad4385c24fbf34fb0ba359808e6d364e1d030
|
|
||||||
RH-Bugzilla: 1967747
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
|
|
||||||
Remove the virtio-fs driver.
|
|
||||||
|
|
||||||
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
ArmVirtPkg/ArmVirtQemu.dsc | 1 -
|
|
||||||
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
|
|
||||||
ArmVirtPkg/ArmVirtQemuKernel.dsc | 1 -
|
|
||||||
3 files changed, 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
|
|
||||||
index 00e656d0c9..d1deccaadc 100644
|
|
||||||
--- a/ArmVirtPkg/ArmVirtQemu.dsc
|
|
||||||
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
|
|
||||||
@@ -464,7 +464,6 @@
|
|
||||||
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
|
||||||
FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
|
||||||
|
|
||||||
#
|
|
||||||
# Bds
|
|
||||||
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
index 38906004d7..7205274bed 100644
|
|
||||||
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
@@ -85,7 +85,6 @@ READ_LOCK_STATUS = TRUE
|
|
||||||
INF FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
INF MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
|
||||||
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
- INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
|
||||||
|
|
||||||
#
|
|
||||||
# Status Code Routing
|
|
||||||
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
|
||||||
index c7918c8cf3..9643fd5427 100644
|
|
||||||
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
|
||||||
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
|
||||||
@@ -368,7 +368,6 @@
|
|
||||||
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
|
||||||
FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
- OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
|
|
||||||
|
|
||||||
#
|
|
||||||
# Bds
|
|
@ -0,0 +1,82 @@
|
|||||||
|
From 12873d08db00e113ef28eb4552f478cd4ffb3393 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Wed, 14 Oct 2015 14:07:17 +0200
|
||||||
|
Subject: ArmVirtPkg: set early hello message (RH only)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- context difference from upstream commit f5cb3767038e
|
||||||
|
("ArmVirtPkg/ArmVirtQemu: add ResetSystem PEIM for upcoming TPM2
|
||||||
|
support", 2020-03-04) automatically resolved correctly
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- no change
|
||||||
|
|
||||||
|
Notes about the RHEL-8.0/20180508-ee3198e672e2 ->
|
||||||
|
RHEL-8.1/20190308-89910a39dcfd rebase:
|
||||||
|
|
||||||
|
- resolve context conflict with upstream commit eaa1e98ae31d ("ArmVirtPkg:
|
||||||
|
don't set PcdCoreCount", 2019-02-13)
|
||||||
|
|
||||||
|
Notes about the RHEL-7.6/ovmf-20180508-2.gitee3198e672e2.el7 ->
|
||||||
|
RHEL-8.0/20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- reorder the rebase changelog in the commit message so that it reads like
|
||||||
|
a blog: place more recent entries near the top
|
||||||
|
- no changes to the patch body
|
||||||
|
|
||||||
|
Notes about the 20171011-92d07e48907f -> 20180508-ee3198e672e2 rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the 20170228-c325e41585e3 -> 20171011-92d07e48907f rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Notes about the 20160608b-988715a -> 20170228-c325e41585e3 rebase:
|
||||||
|
|
||||||
|
- no changes
|
||||||
|
|
||||||
|
Print a friendly banner on QEMU, regardless of debug mask settings.
|
||||||
|
|
||||||
|
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1270279
|
||||||
|
Downstream only:
|
||||||
|
<http://thread.gmane.org/gmane.comp.bios.edk2.devel/2996/focus=3433>.
|
||||||
|
|
||||||
|
Contributed-under: TianoCore Contribution Agreement 1.0
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit 5d4a15b9019728b2d96322bc679099da49916925)
|
||||||
|
(cherry picked from commit 179df76dbb0d199bd905236e98775b4059c6502a)
|
||||||
|
(cherry picked from commit ce3f59d0710c24c162d5222bbf5cd7e36180c80c)
|
||||||
|
(cherry picked from commit c201a8e6ae28d75f7ba581828b533c3b26fa7f18)
|
||||||
|
(cherry picked from commit 2d4db6ec70e004cd9ac147615d17033bee5d3b18)
|
||||||
|
(cherry picked from commit fb2032bbea7e02c426855cf86a323556d493fd8a)
|
||||||
|
(cherry picked from commit ba73b99d5cb38f87c1a8f0936d515eaaefa3f04b)
|
||||||
|
(cherry picked from commit 72550e12ae469012a505bf5b98a6543a754028d3)
|
||||||
|
---
|
||||||
|
ArmVirtPkg/ArmVirtQemu.dsc | 1 +
|
||||||
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
index e0476ede4f..ec0edf6e7b 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
@@ -134,6 +134,7 @@
|
||||||
|
gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE)
|
||||||
|
|
||||||
|
[PcdsFixedAtBuild.common]
|
||||||
|
+ gArmPlatformTokenSpaceGuid.PcdEarlyHelloMessage|"UEFI firmware starting.\r\n"
|
||||||
|
!if $(ARCH) == AARCH64
|
||||||
|
gArmTokenSpaceGuid.PcdVFPEnabled|1
|
||||||
|
!endif
|
||||||
|
--
|
||||||
|
2.27.0
|
||||||
|
|
@ -1,126 +0,0 @@
|
|||||||
From 98e35df340a8a5cd18cb386361c7da6350c54800 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
|
||||||
Date: Thu, 1 Jul 2021 20:29:19 +0200
|
|
||||||
Subject: [PATCH] OvmfPkg: Remove UdfDxe filesystem driver (RHEL only)
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
RH-MergeRequest: 3: Disable features for RHEL9
|
|
||||||
RH-Commit: [11/19] 21614de37221fca27d4eec0f03c5c8bce5911af3
|
|
||||||
RH-Bugzilla: 1967747
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
|
|
||||||
Remove the UDF driver.
|
|
||||||
|
|
||||||
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 -
|
|
||||||
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32.dsc | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32.fdf | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32X64.dsc | 1 -
|
|
||||||
OvmfPkg/OvmfPkgIa32X64.fdf | 1 -
|
|
||||||
OvmfPkg/OvmfPkgX64.dsc | 1 -
|
|
||||||
OvmfPkg/OvmfPkgX64.fdf | 1 -
|
|
||||||
8 files changed, 8 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
||||||
index 5461c1290d..cf1ad83e09 100644
|
|
||||||
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
||||||
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
||||||
@@ -679,7 +679,6 @@
|
|
||||||
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
|
|
||||||
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
|
||||||
FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
|
|
||||||
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
|
|
||||||
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
|
||||||
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
||||||
index 10538a0465..c56c98dc85 100644
|
|
||||||
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
||||||
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
||||||
@@ -280,7 +280,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
|
||||||
INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
|
||||||
|
|
||||||
INF FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
-INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
|
|
||||||
INF OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
|
|
||||||
INF OvmfPkg/AmdSev/Grub/Grub.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
index afd2a3c5c0..d8ae542686 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
@@ -815,7 +815,6 @@
|
|
||||||
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
|
|
||||||
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
|
||||||
FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
|
|
||||||
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
|
|
||||||
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
index c392b96470..0ffa3be750 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
@@ -289,7 +289,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
|
||||||
INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
|
||||||
|
|
||||||
INF FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
-INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
|
|
||||||
INF MdeModulePkg/Logo/LogoDxe.inf
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
index f5a4c57c8e..52ac2c96fc 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
@@ -829,7 +829,6 @@
|
|
||||||
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
|
|
||||||
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
|
||||||
FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
|
|
||||||
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
|
|
||||||
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
index 6278daeeee..c4f3ec0735 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
@@ -290,7 +290,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
|
||||||
INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
|
||||||
|
|
||||||
INF FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
-INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
|
|
||||||
INF MdeModulePkg/Logo/LogoDxe.inf
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
index 08b73a64c9..f76d0ef7bc 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
@@ -897,7 +897,6 @@
|
|
||||||
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
|
|
||||||
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
|
||||||
FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
|
|
||||||
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
|
|
||||||
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
index fc4b6dd3a4..bedd85ef7a 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
@@ -321,7 +321,6 @@ INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
|
||||||
INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
|
||||||
|
|
||||||
INF FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
-INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
|
|
||||||
INF MdeModulePkg/Logo/LogoDxe.inf
|
|
||||||
|
|
@ -1,61 +0,0 @@
|
|||||||
From 9b039f2eb195f37b724f86efc31c8a4d6abd217d Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
|
||||||
Date: Thu, 1 Jul 2021 20:29:22 +0200
|
|
||||||
Subject: [PATCH] ArmVirtPkg: Remove UdfDxe filesystem driver (RHEL only)
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
RH-MergeRequest: 3: Disable features for RHEL9
|
|
||||||
RH-Commit: [12/19] fcadb6a747b65e4d449d48131c9a2eeed4bd3c9a
|
|
||||||
RH-Bugzilla: 1967747
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
|
|
||||||
Remove the UDF driver.
|
|
||||||
|
|
||||||
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
ArmVirtPkg/ArmVirtQemu.dsc | 1 -
|
|
||||||
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
|
|
||||||
ArmVirtPkg/ArmVirtQemuKernel.dsc | 1 -
|
|
||||||
3 files changed, 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
|
|
||||||
index d1deccaadc..f91bb09fa3 100644
|
|
||||||
--- a/ArmVirtPkg/ArmVirtQemu.dsc
|
|
||||||
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
|
|
||||||
@@ -463,7 +463,6 @@
|
|
||||||
MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
|
|
||||||
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
|
||||||
FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
|
|
||||||
#
|
|
||||||
# Bds
|
|
||||||
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
index 7205274bed..24a9dac2fd 100644
|
|
||||||
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
@@ -84,7 +84,6 @@ READ_LOCK_STATUS = TRUE
|
|
||||||
INF MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
|
|
||||||
INF FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
INF MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
|
||||||
- INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
|
|
||||||
#
|
|
||||||
# Status Code Routing
|
|
||||||
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
|
||||||
index 9643fd5427..c2825aa4c2 100644
|
|
||||||
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
|
||||||
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
|
||||||
@@ -367,7 +367,6 @@
|
|
||||||
MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
|
|
||||||
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
|
|
||||||
FatPkg/EnhancedFatDxe/Fat.inf
|
|
||||||
- MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
|
|
||||||
|
|
||||||
#
|
|
||||||
# Bds
|
|
@ -1,55 +0,0 @@
|
|||||||
From d417cfeb0ed76b3187b44e2491611f55d6de33b3 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
|
||||||
Date: Thu, 1 Jul 2021 20:29:25 +0200
|
|
||||||
Subject: [PATCH] OvmfPkg: Remove TftpDynamicCommand from shell (RHEL only)
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
rebase to edk2-stable202405:
|
|
||||||
|
|
||||||
rewrite due to shell build config being moved to an include file
|
|
||||||
|
|
||||||
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
RH-MergeRequest: 3: Disable features for RHEL9
|
|
||||||
RH-Commit: [13/19] cf9ef346386ac89fa05b29d429d8d1b27cf0e3b0
|
|
||||||
RH-Bugzilla: 1967747
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
|
|
||||||
Remove the command to download files in the shell via TFTP.
|
|
||||||
|
|
||||||
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
OvmfPkg/Include/Dsc/ShellComponents.dsc.inc | 4 ----
|
|
||||||
OvmfPkg/Include/Fdf/ShellDxe.fdf.inc | 1 -
|
|
||||||
2 files changed, 5 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/Include/Dsc/ShellComponents.dsc.inc b/OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
index 4075688e41..3663938054 100644
|
|
||||||
--- a/OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
+++ b/OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
@@ -6,10 +6,6 @@
|
|
||||||
|
|
||||||
!if $(TOOL_CHAIN_TAG) != "XCODE5"
|
|
||||||
!if $(NETWORK_ENABLE) == TRUE
|
|
||||||
- ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf {
|
|
||||||
- <PcdsFixedAtBuild>
|
|
||||||
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
|
||||||
- }
|
|
||||||
ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
|
|
||||||
<PcdsFixedAtBuild>
|
|
||||||
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
|
||||||
diff --git a/OvmfPkg/Include/Fdf/ShellDxe.fdf.inc b/OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
index 38f69747b0..1637083ff1 100644
|
|
||||||
--- a/OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
+++ b/OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
@@ -6,7 +6,6 @@
|
|
||||||
|
|
||||||
!if $(TOOL_CHAIN_TAG) != "XCODE5"
|
|
||||||
!if $(NETWORK_ENABLE) == TRUE
|
|
||||||
-INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
|
||||||
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
|
||||||
!endif
|
|
||||||
INF ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf
|
|
@ -1,54 +0,0 @@
|
|||||||
From b548dd4acf23412e9266be15d65d7f8cfccbf028 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
|
||||||
Date: Thu, 1 Jul 2021 20:29:28 +0200
|
|
||||||
Subject: [PATCH] ArmVirtPkg: Remove TftpDynamicCommand from shell (RHEL only)
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
RH-MergeRequest: 3: Disable features for RHEL9
|
|
||||||
RH-Commit: [14/19] 12436014941bd4a7c99a26d779ebdcd75f169403
|
|
||||||
RH-Bugzilla: 1967747
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
|
|
||||||
Remove the command to download files in the shell via TFTP.
|
|
||||||
|
|
||||||
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
ArmVirtPkg/ArmVirt.dsc.inc | 7 +++----
|
|
||||||
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
|
|
||||||
2 files changed, 3 insertions(+), 5 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
|
|
||||||
index 7044790a1e..ee98673e98 100644
|
|
||||||
--- a/ArmVirtPkg/ArmVirt.dsc.inc
|
|
||||||
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
|
|
||||||
@@ -391,10 +391,9 @@
|
|
||||||
#
|
|
||||||
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
|
|
||||||
|
|
||||||
- ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf {
|
|
||||||
- <PcdsFixedAtBuild>
|
|
||||||
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
|
||||||
- }
|
|
||||||
+ #
|
|
||||||
+ # UEFI application (Shell Embedded Boot Loader)
|
|
||||||
+ #
|
|
||||||
ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
|
|
||||||
<PcdsFixedAtBuild>
|
|
||||||
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
|
||||||
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
index 24a9dac2fd..1341de0a2f 100644
|
|
||||||
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
@@ -100,7 +100,6 @@ READ_LOCK_STATUS = TRUE
|
|
||||||
INF OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
|
||||||
|
|
||||||
INF ShellPkg/Application/Shell/Shell.inf
|
|
||||||
- INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
|
|
||||||
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
|
||||||
INF ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf
|
|
||||||
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
|
@ -1,63 +0,0 @@
|
|||||||
From 8a68c775e8ba00da3d725396fd8c78f67fbc8697 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
|
||||||
Date: Thu, 1 Jul 2021 20:29:31 +0200
|
|
||||||
Subject: [PATCH] OvmfPkg: Remove HttpDynamicCommand from shell (RHEL only)
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
rebase to edk2-stable202405:
|
|
||||||
|
|
||||||
rewrite due to shell build config being moved to an include file
|
|
||||||
|
|
||||||
Rebase to edk2-stable202311:
|
|
||||||
|
|
||||||
Minor update, context change due to new variable policy shell command.
|
|
||||||
|
|
||||||
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
RH-MergeRequest: 3: Disable features for RHEL9
|
|
||||||
RH-Commit: [15/19] 1911cf04f27467ef1175b1976864c1111d93d19e
|
|
||||||
RH-Bugzilla: 1967747
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
|
|
||||||
Remove the command to download files in the shell via HTTP(S).
|
|
||||||
|
|
||||||
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
OvmfPkg/Include/Dsc/ShellComponents.dsc.inc | 6 ------
|
|
||||||
OvmfPkg/Include/Fdf/ShellDxe.fdf.inc | 3 ---
|
|
||||||
2 files changed, 9 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/Include/Dsc/ShellComponents.dsc.inc b/OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
index 3663938054..a568f1ecc5 100644
|
|
||||||
--- a/OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
+++ b/OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
@@ -5,12 +5,6 @@
|
|
||||||
!if $(BUILD_SHELL) == TRUE
|
|
||||||
|
|
||||||
!if $(TOOL_CHAIN_TAG) != "XCODE5"
|
|
||||||
-!if $(NETWORK_ENABLE) == TRUE
|
|
||||||
- ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
|
|
||||||
- <PcdsFixedAtBuild>
|
|
||||||
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
|
||||||
- }
|
|
||||||
-!endif
|
|
||||||
ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf {
|
|
||||||
<PcdsFixedAtBuild>
|
|
||||||
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
|
||||||
diff --git a/OvmfPkg/Include/Fdf/ShellDxe.fdf.inc b/OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
index 1637083ff1..c0118a46e2 100644
|
|
||||||
--- a/OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
+++ b/OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
@@ -5,9 +5,6 @@
|
|
||||||
!if $(BUILD_SHELL) == TRUE && $(SECURE_BOOT_ENABLE) == FALSE
|
|
||||||
|
|
||||||
!if $(TOOL_CHAIN_TAG) != "XCODE5"
|
|
||||||
-!if $(NETWORK_ENABLE) == TRUE
|
|
||||||
-INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
|
||||||
-!endif
|
|
||||||
INF ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf
|
|
||||||
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
|
||||||
!endif
|
|
@ -1,55 +0,0 @@
|
|||||||
From 1f15cf34691e2f9604ee6efe142c2d710aad579c Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
|
||||||
Date: Thu, 1 Jul 2021 20:29:34 +0200
|
|
||||||
Subject: [PATCH] ArmVirtPkg: Remove HttpDynamicCommand from shell (RHEL only)
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
Rebase to edk2-stable202311:
|
|
||||||
|
|
||||||
Minor update, context change due to new variable policy shell command.
|
|
||||||
|
|
||||||
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
RH-MergeRequest: 3: Disable features for RHEL9
|
|
||||||
RH-Commit: [16/19] 07a74f1fdcdbb9a31d25ce9760edcd852e9574c3
|
|
||||||
RH-Bugzilla: 1967747
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
|
|
||||||
Remove the command to download files in the shell via HTTP(S).
|
|
||||||
|
|
||||||
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
ArmVirtPkg/ArmVirt.dsc.inc | 4 ----
|
|
||||||
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
|
|
||||||
2 files changed, 5 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
|
|
||||||
index ee98673e98..996b4ddfc4 100644
|
|
||||||
--- a/ArmVirtPkg/ArmVirt.dsc.inc
|
|
||||||
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
|
|
||||||
@@ -394,10 +394,6 @@
|
|
||||||
#
|
|
||||||
# UEFI application (Shell Embedded Boot Loader)
|
|
||||||
#
|
|
||||||
- ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {
|
|
||||||
- <PcdsFixedAtBuild>
|
|
||||||
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
|
||||||
- }
|
|
||||||
ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf {
|
|
||||||
<PcdsFixedAtBuild>
|
|
||||||
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
|
||||||
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
index 1341de0a2f..b49bf7ad4e 100644
|
|
||||||
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
@@ -100,7 +100,6 @@ READ_LOCK_STATUS = TRUE
|
|
||||||
INF OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
|
||||||
|
|
||||||
INF ShellPkg/Application/Shell/Shell.inf
|
|
||||||
- INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
|
|
||||||
INF ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf
|
|
||||||
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
|
||||||
|
|
@ -0,0 +1,179 @@
|
|||||||
|
From e0b349962f12a500afa449900a81440a96ca21f4 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Sat, 16 Nov 2019 17:11:27 +0100
|
||||||
|
Subject: CryptoPkg/OpensslLib: list RHEL8-specific OpenSSL files in the INFs
|
||||||
|
(RH)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
|
||||||
|
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
|
||||||
|
|
||||||
|
- Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1938257
|
||||||
|
|
||||||
|
- Recreate the patch based on downstream commits:
|
||||||
|
|
||||||
|
- 56c4bb81b311 ("CryptoPkg/OpensslLib: list RHEL8-specific OpenSSL files
|
||||||
|
in the INFs (RH)", 2020-06-05),
|
||||||
|
- e81751a1c303 ("CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1g",
|
||||||
|
2020-11-23),
|
||||||
|
- 3e3fe5e62079 ("redhat: bump OpenSSL dist-git submodule to 1.1.1g+ /
|
||||||
|
RHEL-8.4", 2020-11-23).
|
||||||
|
|
||||||
|
(1) At e81751a1c303, downstream edk2 was in sync with upstream edk2
|
||||||
|
consuming OpenSSL 1.1.1g (upstream edk2 commit 8c30327debb2
|
||||||
|
("CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1g", 2020-07-25)).
|
||||||
|
|
||||||
|
Since commit 8c30327debb2, upstream edk2 modified the OpensslLib INF
|
||||||
|
files, namely
|
||||||
|
|
||||||
|
- CryptoPkg/Library/OpensslLib/OpensslLib.inf
|
||||||
|
- CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
|
||||||
|
|
||||||
|
in the following commits only:
|
||||||
|
|
||||||
|
- be01087e0780 ("CryptoPkg/Library: Remove the redundant build
|
||||||
|
option", 2020-08-12), which did not affect the source file list at
|
||||||
|
all,
|
||||||
|
|
||||||
|
- b5701a4c7a0f ("CryptoPkg: OpensslLib: Use RngLib to generate
|
||||||
|
entropy in rand_pool", 2020-09-18), which replaced some of the
|
||||||
|
*edk2-specific* "rand_pool_noise" source files with an RngLib
|
||||||
|
dependency.
|
||||||
|
|
||||||
|
This means that the list of required, actual OpenSSL source files
|
||||||
|
has not changed in upstream edk2 since our downstream edk2 commit
|
||||||
|
e81751a1c303.
|
||||||
|
|
||||||
|
(2) At commit 3e3fe5e62079 (the direct child of e81751a1c303),
|
||||||
|
downstream edk2's OpenSSL dependency was satisfied with RHEL-8
|
||||||
|
OpenSSL at dist-git commit bdd048e929dc ("Two fixes that will be
|
||||||
|
shipped in RHEL-8.3.0.z", 2020-10-23).
|
||||||
|
|
||||||
|
Since commit bdd048e929dc, RHEL-8 OpenSSL dist-git advanced
|
||||||
|
(fast-forwarded) to commit a75722161d20 ("Update to version 1.1.1k",
|
||||||
|
2021-05-25), which is the current head of the rhel-8.5.0 branch.
|
||||||
|
(See also <https://bugzilla.redhat.com/show_bug.cgi?id=1938257#c6>.)
|
||||||
|
|
||||||
|
At both dist-git bdd048e929dc and dist-git a75722161d20, I built the
|
||||||
|
respective RHEL-8 OpenSSL *source* RPM, and prepped the respective
|
||||||
|
source tree, with "rpmbuild -bp". Subsequently I compared the
|
||||||
|
prepped source trees recursively.
|
||||||
|
|
||||||
|
- The following files disappeared:
|
||||||
|
|
||||||
|
- 29 backup files created by "patch",
|
||||||
|
|
||||||
|
- the assembly generator perl script called
|
||||||
|
"ecp_nistz256-avx2.pl", which is not used during the build.
|
||||||
|
|
||||||
|
- The following new files appeared:
|
||||||
|
|
||||||
|
- 18 files directly or indirectly under the "test" subdirectory,
|
||||||
|
which are not used during the build,
|
||||||
|
|
||||||
|
- 5 backup files created by "patch",
|
||||||
|
|
||||||
|
- 2 DCL scripts used when building OpenSSL on OpenVMS.
|
||||||
|
|
||||||
|
This means that the total list of RHEL-8 OpenSSL source files has
|
||||||
|
not changed in RHEL-8 OpenSSL dist-git since our downstream edk2
|
||||||
|
commit 3e3fe5e62079.
|
||||||
|
|
||||||
|
As a result, copy the "RHEL8-specific OpenSSL file list" sections
|
||||||
|
verbatim from the INF files, at downstream commit e81751a1c303. (I used
|
||||||
|
the "git checkout -p e81751a1c303 -- Library/OpensslLib/OpensslLib.inf
|
||||||
|
CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf" command.)
|
||||||
|
|
||||||
|
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
||||||
|
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
||||||
|
|
||||||
|
- "OpensslLib.inf":
|
||||||
|
|
||||||
|
- Automatic leading context refresh against upstream commit c72ca4666886
|
||||||
|
("CryptoPkg/OpensslLib: Add "sort" keyword to header file parsing
|
||||||
|
loop", 2020-03-10).
|
||||||
|
|
||||||
|
- Manual trailing context refresh against upstream commit b49a6c8f80d9
|
||||||
|
("CryptoPkg/OpensslLib: improve INF file consistency", 2019-12-02).
|
||||||
|
|
||||||
|
- "OpensslLibCrypto.inf":
|
||||||
|
|
||||||
|
- Automatic leading context refresh against upstream commits
|
||||||
|
8906f076de35 ("CryptoPkg/OpensslLib: Add missing header files in INF
|
||||||
|
file", 2019-08-16) and 9f4fbd56d430 ("CryptoPkg/OpensslLib: Update
|
||||||
|
process_files.pl to generate .h files", 2019-10-30).
|
||||||
|
|
||||||
|
Notes about the RHEL-8.1/20190308-89910a39dcfd [edk2-stable201903] ->
|
||||||
|
RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] rebase:
|
||||||
|
|
||||||
|
- new patch
|
||||||
|
|
||||||
|
The downstream changes in RHEL8's OpenSSL package, for example in
|
||||||
|
"openssl-1.1.1-evp-kdf.patch", introduce new files, and even move some
|
||||||
|
preexistent code into those new files. In order to avoid undefined
|
||||||
|
references in link editing, we have to list the new files.
|
||||||
|
|
||||||
|
Note: "process_files.pl" is not re-run at this time manually, because
|
||||||
|
|
||||||
|
(a) "process_files.pl" would pollute the file list (and some of the
|
||||||
|
auto-generated header files) with RHEL8-specific FIPS artifacts, which
|
||||||
|
are explicitly unwanted in edk2,
|
||||||
|
|
||||||
|
(b) The RHEL OpenSSL maintainer, Tomas Mraz, identified this specific set
|
||||||
|
of files in <https://bugzilla.redhat.com/show_bug.cgi?id=1749693#c10>,
|
||||||
|
and will help with future changes too.
|
||||||
|
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
(cherry picked from commit 57bd3f146590df8757865d8f2cdd1db3cf3f4d40)
|
||||||
|
(cherry picked from commit 56c4bb81b311dfcee6a34c81d3e4feeda7f88995)
|
||||||
|
---
|
||||||
|
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 11 +++++++++++
|
||||||
|
CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 11 +++++++++++
|
||||||
|
2 files changed, 22 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
|
||||||
|
index d84bde056a..19913a4ac6 100644
|
||||||
|
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
|
||||||
|
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
|
||||||
|
@@ -570,6 +570,17 @@
|
||||||
|
$(OPENSSL_PATH)/ssl/statem/statem.h
|
||||||
|
$(OPENSSL_PATH)/ssl/statem/statem_local.h
|
||||||
|
# Autogenerated files list ends here
|
||||||
|
+# RHEL8-specific OpenSSL file list starts here
|
||||||
|
+ $(OPENSSL_PATH)/crypto/evp/kdf_lib.c
|
||||||
|
+ $(OPENSSL_PATH)/crypto/evp/pkey_kdf.c
|
||||||
|
+ $(OPENSSL_PATH)/crypto/kdf/kbkdf.c
|
||||||
|
+ $(OPENSSL_PATH)/crypto/kdf/kdf_local.h
|
||||||
|
+ $(OPENSSL_PATH)/crypto/kdf/kdf_util.c
|
||||||
|
+ $(OPENSSL_PATH)/crypto/kdf/krb5kdf.c
|
||||||
|
+ $(OPENSSL_PATH)/crypto/kdf/pbkdf2.c
|
||||||
|
+ $(OPENSSL_PATH)/crypto/kdf/sshkdf.c
|
||||||
|
+ $(OPENSSL_PATH)/crypto/kdf/sskdf.c
|
||||||
|
+# RHEL8-specific OpenSSL file list ends here
|
||||||
|
buildinf.h
|
||||||
|
ossl_store.c
|
||||||
|
rand_pool.c
|
||||||
|
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
|
||||||
|
index cdeed0d073..5057857e8d 100644
|
||||||
|
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
|
||||||
|
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
|
||||||
|
@@ -519,6 +519,17 @@
|
||||||
|
$(OPENSSL_PATH)/crypto/x509v3/standard_exts.h
|
||||||
|
$(OPENSSL_PATH)/crypto/x509v3/v3_admis.h
|
||||||
|
# Autogenerated files list ends here
|
||||||
|
+# RHEL8-specific OpenSSL file list starts here
|
||||||
|
+ $(OPENSSL_PATH)/crypto/evp/kdf_lib.c
|
||||||
|
+ $(OPENSSL_PATH)/crypto/evp/pkey_kdf.c
|
||||||
|
+ $(OPENSSL_PATH)/crypto/kdf/kbkdf.c
|
||||||
|
+ $(OPENSSL_PATH)/crypto/kdf/kdf_local.h
|
||||||
|
+ $(OPENSSL_PATH)/crypto/kdf/kdf_util.c
|
||||||
|
+ $(OPENSSL_PATH)/crypto/kdf/krb5kdf.c
|
||||||
|
+ $(OPENSSL_PATH)/crypto/kdf/pbkdf2.c
|
||||||
|
+ $(OPENSSL_PATH)/crypto/kdf/sshkdf.c
|
||||||
|
+ $(OPENSSL_PATH)/crypto/kdf/sskdf.c
|
||||||
|
+# RHEL8-specific OpenSSL file list ends here
|
||||||
|
buildinf.h
|
||||||
|
ossl_store.c
|
||||||
|
rand_pool.c
|
||||||
|
--
|
||||||
|
2.27.0
|
||||||
|
|
@ -1,64 +0,0 @@
|
|||||||
From cd1746c9920e93bf40994172881bc13cf185991c Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
|
||||||
Date: Thu, 1 Jul 2021 20:29:39 +0200
|
|
||||||
Subject: [PATCH] OvmfPkg: Remove LinuxInitrdDynamicShellCommand (RHEL only)
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
rebase to edk2-stable202405:
|
|
||||||
|
|
||||||
rewrite due to shell build config being moved to an include file
|
|
||||||
|
|
||||||
Rebase to edk2-stable202311:
|
|
||||||
|
|
||||||
Minor update, context change due to new variable policy shell command.
|
|
||||||
|
|
||||||
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
RH-MergeRequest: 3: Disable features for RHEL9
|
|
||||||
RH-Commit: [17/19] 491fe1301ea29c7cb56c20272e45614d5fcb6f14
|
|
||||||
RH-Bugzilla: 1967747
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
|
|
||||||
Remove the command to register a file in the shell as the
|
|
||||||
initial ramdisk for a UEFI stubbed kernel, to be booted next.
|
|
||||||
|
|
||||||
Note: as further dynamic shell commands might show up upstream,
|
|
||||||
we intentionally preserve the empty !ifdef'ry context to ease
|
|
||||||
future downstream rebases.
|
|
||||||
|
|
||||||
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
OvmfPkg/Include/Dsc/ShellComponents.dsc.inc | 4 ----
|
|
||||||
OvmfPkg/Include/Fdf/ShellDxe.fdf.inc | 1 -
|
|
||||||
2 files changed, 5 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/Include/Dsc/ShellComponents.dsc.inc b/OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
index a568f1ecc5..f7e0f5e90e 100644
|
|
||||||
--- a/OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
+++ b/OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
@@ -9,10 +9,6 @@
|
|
||||||
<PcdsFixedAtBuild>
|
|
||||||
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
|
||||||
}
|
|
||||||
- OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
|
|
||||||
- <PcdsFixedAtBuild>
|
|
||||||
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
|
||||||
- }
|
|
||||||
!endif
|
|
||||||
|
|
||||||
ShellPkg/Application/Shell/Shell.inf {
|
|
||||||
diff --git a/OvmfPkg/Include/Fdf/ShellDxe.fdf.inc b/OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
index c0118a46e2..dced75e388 100644
|
|
||||||
--- a/OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
+++ b/OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
@@ -6,7 +6,6 @@
|
|
||||||
|
|
||||||
!if $(TOOL_CHAIN_TAG) != "XCODE5"
|
|
||||||
INF ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf
|
|
||||||
-INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
|
||||||
!endif
|
|
||||||
|
|
||||||
INF ShellPkg/Application/Shell/Shell.inf
|
|
@ -1,66 +0,0 @@
|
|||||||
From ec9c5e512252964f28c493d10b9f484b88c87c13 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
|
|
||||||
Date: Thu, 1 Jul 2021 20:29:46 +0200
|
|
||||||
Subject: [PATCH] ArmVirtPkg: Remove LinuxInitrdDynamicShellCommand (RHEL only)
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
Rebase to edk2-stable202311:
|
|
||||||
|
|
||||||
Minor update, context change due to new variable policy shell command.
|
|
||||||
|
|
||||||
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
RH-MergeRequest: 3: Disable features for RHEL9
|
|
||||||
RH-Commit: [18/19] 8f4e4007108462533e3d2050b84d8830073a7c0d
|
|
||||||
RH-Bugzilla: 1967747
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
|
|
||||||
Remove the command to register a file in the shell as the initial
|
|
||||||
ramdisk for a UEFI stubbed kernel, to be booted next.
|
|
||||||
|
|
||||||
Suggested-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
ArmVirtPkg/ArmVirt.dsc.inc | 10 +++-------
|
|
||||||
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 1 -
|
|
||||||
2 files changed, 3 insertions(+), 8 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
|
|
||||||
index 996b4ddfc4..2561e10ff5 100644
|
|
||||||
--- a/ArmVirtPkg/ArmVirt.dsc.inc
|
|
||||||
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
|
|
||||||
@@ -391,17 +391,13 @@
|
|
||||||
#
|
|
||||||
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
|
|
||||||
|
|
||||||
- #
|
|
||||||
- # UEFI application (Shell Embedded Boot Loader)
|
|
||||||
- #
|
|
||||||
+ #
|
|
||||||
+ # UEFI application (Shell Embedded Boot Loader)
|
|
||||||
+ #
|
|
||||||
ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf {
|
|
||||||
<PcdsFixedAtBuild>
|
|
||||||
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
|
||||||
}
|
|
||||||
- OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
|
|
||||||
- <PcdsFixedAtBuild>
|
|
||||||
- gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
|
|
||||||
- }
|
|
||||||
ShellPkg/Application/Shell/Shell.inf {
|
|
||||||
<LibraryClasses>
|
|
||||||
ShellCommandLib|ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.inf
|
|
||||||
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
index b49bf7ad4e..753afd799b 100644
|
|
||||||
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
|
||||||
@@ -101,7 +101,6 @@ READ_LOCK_STATUS = TRUE
|
|
||||||
|
|
||||||
INF ShellPkg/Application/Shell/Shell.inf
|
|
||||||
INF ShellPkg/DynamicCommand/VariablePolicyDynamicCommand/VariablePolicyDynamicCommand.inf
|
|
||||||
- INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
|
|
||||||
|
|
||||||
#
|
|
||||||
# Bds
|
|
@ -1,121 +0,0 @@
|
|||||||
From c916516d37fb50c187020bd01da21cca85c8e83a Mon Sep 17 00:00:00 2001
|
|
||||||
From: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
Date: Wed, 16 Aug 2023 12:09:40 +0200
|
|
||||||
Subject: [PATCH] OvmfPkg/AmdSevDxe: Shim Reboot workaround (RHEL only)
|
|
||||||
|
|
||||||
RH-Author: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
RH-MergeRequest: 46: OvmfPkg/AmdSevDxe: Shim Reboot workaround (RHEL only)
|
|
||||||
RH-Bugzilla: 2218196
|
|
||||||
RH-Acked-by: Gerd Hoffmann <None>
|
|
||||||
RH-Commit: [1/1] 9bf3bb989e36253aa34bf82ecfe8faa7312e8d22 (osteffen/edk2)
|
|
||||||
|
|
||||||
Add a callback at the end of the Dxe phase that sets the
|
|
||||||
"FB_NO_REBOOT" variable under the Shim GUID.
|
|
||||||
This is a workaround for a boot loop in case a confidential
|
|
||||||
guest that uses shim is booted with a vtpm device present.
|
|
||||||
|
|
||||||
BZ 2218196
|
|
||||||
|
|
||||||
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
|
|
||||||
patch_name: edk2-OvmfPkg-AmdSevDxe-Shim-Reboot-workaround-RHEL-only.patch
|
|
||||||
present_in_specfile: true
|
|
||||||
location_in_specfile: 44
|
|
||||||
---
|
|
||||||
OvmfPkg/AmdSevDxe/AmdSevDxe.c | 42 +++++++++++++++++++++++++++++++++
|
|
||||||
OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 2 ++
|
|
||||||
2 files changed, 44 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
|
|
||||||
index d497a343d3..0eb88e50ff 100644
|
|
||||||
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
|
|
||||||
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
|
|
||||||
@@ -19,6 +19,7 @@
|
|
||||||
#include <Library/MemoryAllocationLib.h>
|
|
||||||
#include <Library/UefiBootServicesTableLib.h>
|
|
||||||
#include <Guid/ConfidentialComputingSevSnpBlob.h>
|
|
||||||
+#include <Guid/GlobalVariable.h>
|
|
||||||
#include <Library/PcdLib.h>
|
|
||||||
#include <Pi/PiDxeCis.h>
|
|
||||||
#include <Protocol/SevMemoryAcceptance.h>
|
|
||||||
@@ -28,6 +29,10 @@
|
|
||||||
// Present, initialized, tested bits defined in MdeModulePkg/Core/Dxe/DxeMain.h
|
|
||||||
#define EFI_MEMORY_INTERNAL_MASK 0x0700000000000000ULL
|
|
||||||
|
|
||||||
+static EFI_GUID ShimLockGuid = {
|
|
||||||
+ 0x605dab50, 0xe046, 0x4300, { 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23 }
|
|
||||||
+};
|
|
||||||
+
|
|
||||||
STATIC
|
|
||||||
EFI_STATUS
|
|
||||||
AllocateConfidentialComputingBlob (
|
|
||||||
@@ -191,6 +196,32 @@ STATIC EDKII_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol = {
|
|
||||||
AmdSevMemoryAccept
|
|
||||||
};
|
|
||||||
|
|
||||||
+VOID
|
|
||||||
+EFIAPI
|
|
||||||
+PopulateVarstore (
|
|
||||||
+ EFI_EVENT Event,
|
|
||||||
+ VOID *Context
|
|
||||||
+ )
|
|
||||||
+{
|
|
||||||
+ EFI_SYSTEM_TABLE *SystemTable = (EFI_SYSTEM_TABLE *)Context;
|
|
||||||
+ EFI_STATUS Status;
|
|
||||||
+
|
|
||||||
+ DEBUG ((DEBUG_INFO, "Populating Varstore\n"));
|
|
||||||
+ UINT32 data = 1;
|
|
||||||
+
|
|
||||||
+ Status = SystemTable->RuntimeServices->SetVariable (
|
|
||||||
+ L"FB_NO_REBOOT",
|
|
||||||
+ &ShimLockGuid,
|
|
||||||
+ EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS,
|
|
||||||
+ sizeof (data),
|
|
||||||
+ &data
|
|
||||||
+ );
|
|
||||||
+ ASSERT_EFI_ERROR (Status);
|
|
||||||
+
|
|
||||||
+ Status = SystemTable->BootServices->CloseEvent (Event);
|
|
||||||
+ ASSERT_EFI_ERROR (Status);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
EFI_STATUS
|
|
||||||
EFIAPI
|
|
||||||
AmdSevDxeEntryPoint (
|
|
||||||
@@ -203,6 +234,7 @@ AmdSevDxeEntryPoint (
|
|
||||||
UINTN NumEntries;
|
|
||||||
UINTN Index;
|
|
||||||
CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION *SnpBootDxeTable;
|
|
||||||
+ EFI_EVENT PopulateVarstoreEvent;
|
|
||||||
|
|
||||||
//
|
|
||||||
// Do nothing when SEV is not enabled
|
|
||||||
@@ -361,5 +393,15 @@ AmdSevDxeEntryPoint (
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
+ Status = gBS->CreateEventEx (
|
|
||||||
+ EVT_NOTIFY_SIGNAL,
|
|
||||||
+ TPL_CALLBACK,
|
|
||||||
+ PopulateVarstore,
|
|
||||||
+ SystemTable,
|
|
||||||
+ &gEfiEndOfDxeEventGroupGuid,
|
|
||||||
+ &PopulateVarstoreEvent
|
|
||||||
+ );
|
|
||||||
+ ASSERT_EFI_ERROR (Status);
|
|
||||||
+
|
|
||||||
return EFI_SUCCESS;
|
|
||||||
}
|
|
||||||
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
|
|
||||||
index e7c7d526c9..09cbd2b0ca 100644
|
|
||||||
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
|
|
||||||
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
|
|
||||||
@@ -54,6 +54,8 @@
|
|
||||||
[Guids]
|
|
||||||
gConfidentialComputingSevSnpBlobGuid
|
|
||||||
gEfiEventBeforeExitBootServicesGuid
|
|
||||||
+ gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event
|
|
||||||
+
|
|
||||||
|
|
||||||
[Pcd]
|
|
||||||
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId
|
|
@ -1,28 +0,0 @@
|
|||||||
From 7a07b2f16eabf460891a21c05b30cd9c2f875a2a Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Date: Mon, 28 Aug 2023 13:11:02 +0200
|
|
||||||
Subject: [PATCH] CryptoPkg/CrtLib: add stat.h include file.
|
|
||||||
|
|
||||||
Needed by rhel downstream openssl patches.
|
|
||||||
|
|
||||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
---
|
|
||||||
CryptoPkg/Library/Include/sys/stat.h | 9 +++++++++
|
|
||||||
1 file changed, 9 insertions(+)
|
|
||||||
create mode 100644 CryptoPkg/Library/Include/sys/stat.h
|
|
||||||
|
|
||||||
diff --git a/CryptoPkg/Library/Include/sys/stat.h b/CryptoPkg/Library/Include/sys/stat.h
|
|
||||||
new file mode 100644
|
|
||||||
index 0000000000..22247bb2db
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/CryptoPkg/Library/Include/sys/stat.h
|
|
||||||
@@ -0,0 +1,9 @@
|
|
||||||
+/** @file
|
|
||||||
+ Include file to support building the third-party cryptographic library.
|
|
||||||
+
|
|
||||||
+Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
|
|
||||||
+SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
||||||
+
|
|
||||||
+**/
|
|
||||||
+
|
|
||||||
+#include <CrtLibSupport.h>
|
|
@ -1,139 +0,0 @@
|
|||||||
From 168cfe83b250d3166817549c1e96e6b1f02bcab4 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Date: Mon, 28 Aug 2023 13:27:09 +0200
|
|
||||||
Subject: [PATCH] CryptoPkg/CrtLib: add access/open/read/write/close syscalls
|
|
||||||
|
|
||||||
Needed by rhel downstream openssl patches, they use unix syscalls
|
|
||||||
for file access (instead of fopen + friends like the rest of the
|
|
||||||
code base). No actual file access is needed for edk2, so just
|
|
||||||
add stubs to make linking work.
|
|
||||||
|
|
||||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
---
|
|
||||||
.../Library/BaseCryptLib/SysCall/CrtWrapper.c | 46 +++++++++++++++++++
|
|
||||||
CryptoPkg/Library/Include/CrtLibSupport.h | 41 +++++++++++++++++
|
|
||||||
2 files changed, 87 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
|
|
||||||
index 37cdecc9bd..dfdb635536 100644
|
|
||||||
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
|
|
||||||
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
|
|
||||||
@@ -550,6 +550,52 @@ fread (
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+int
|
|
||||||
+access(
|
|
||||||
+ const char*,
|
|
||||||
+ int
|
|
||||||
+ )
|
|
||||||
+{
|
|
||||||
+ return -1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+int
|
|
||||||
+open (
|
|
||||||
+ const char *,
|
|
||||||
+ int
|
|
||||||
+ )
|
|
||||||
+{
|
|
||||||
+ return -1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+ssize_t
|
|
||||||
+read (
|
|
||||||
+ int,
|
|
||||||
+ void*,
|
|
||||||
+ size_t
|
|
||||||
+ )
|
|
||||||
+{
|
|
||||||
+ return -1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+ssize_t
|
|
||||||
+write (
|
|
||||||
+ int,
|
|
||||||
+ const void*,
|
|
||||||
+ size_t
|
|
||||||
+ )
|
|
||||||
+{
|
|
||||||
+ return -1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+int
|
|
||||||
+close (
|
|
||||||
+ int
|
|
||||||
+ )
|
|
||||||
+{
|
|
||||||
+ return -1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
uid_t
|
|
||||||
getuid (
|
|
||||||
void
|
|
||||||
diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h b/CryptoPkg/Library/Include/CrtLibSupport.h
|
|
||||||
index f36fe08f0c..7d98496af8 100644
|
|
||||||
--- a/CryptoPkg/Library/Include/CrtLibSupport.h
|
|
||||||
+++ b/CryptoPkg/Library/Include/CrtLibSupport.h
|
|
||||||
@@ -78,6 +78,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
||||||
//
|
|
||||||
// Definitions for global constants used by CRT library routines
|
|
||||||
//
|
|
||||||
+#define EINTR 4
|
|
||||||
#define EINVAL 22 /* Invalid argument */
|
|
||||||
#define EAFNOSUPPORT 47 /* Address family not supported by protocol family */
|
|
||||||
#define INT_MAX 0x7FFFFFFF /* Maximum (signed) int value */
|
|
||||||
@@ -102,6 +103,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
||||||
#define NS_INADDRSZ 4 /*%< IPv4 T_A */
|
|
||||||
#define NS_IN6ADDRSZ 16 /*%< IPv6 T_AAAA */
|
|
||||||
|
|
||||||
+#define O_RDONLY 00000000
|
|
||||||
+#define O_WRONLY 00000001
|
|
||||||
+#define O_RDWR 00000002
|
|
||||||
+
|
|
||||||
+#define R_OK 4
|
|
||||||
+#define W_OK 2
|
|
||||||
+#define X_OK 1
|
|
||||||
+#define F_OK 0
|
|
||||||
+
|
|
||||||
//
|
|
||||||
// Basic types mapping
|
|
||||||
//
|
|
||||||
@@ -324,6 +334,37 @@ fprintf (
|
|
||||||
...
|
|
||||||
);
|
|
||||||
|
|
||||||
+int
|
|
||||||
+access(
|
|
||||||
+ const char*,
|
|
||||||
+ int
|
|
||||||
+ );
|
|
||||||
+
|
|
||||||
+int
|
|
||||||
+open (
|
|
||||||
+ const char *,
|
|
||||||
+ int
|
|
||||||
+ );
|
|
||||||
+
|
|
||||||
+ssize_t
|
|
||||||
+read (
|
|
||||||
+ int,
|
|
||||||
+ void*,
|
|
||||||
+ size_t
|
|
||||||
+ );
|
|
||||||
+
|
|
||||||
+ssize_t
|
|
||||||
+write (
|
|
||||||
+ int,
|
|
||||||
+ const void*,
|
|
||||||
+ size_t
|
|
||||||
+ );
|
|
||||||
+
|
|
||||||
+int
|
|
||||||
+close (
|
|
||||||
+ int
|
|
||||||
+ );
|
|
||||||
+
|
|
||||||
time_t
|
|
||||||
time (
|
|
||||||
time_t *
|
|
@ -1,194 +0,0 @@
|
|||||||
From 4c49c1bcb2db128cc4d2ebb29b1ac53fe3ef6b18 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Date: Tue, 30 Jan 2024 14:04:38 +0100
|
|
||||||
Subject: [PATCH] OvmfPkg/Sec: Setup MTRR early in the boot process.
|
|
||||||
|
|
||||||
RH-Author: Gerd Hoffmann <None>
|
|
||||||
RH-MergeRequest: 55: OvmfPkg/Sec: Setup MTRR early in the boot process.
|
|
||||||
RH-Jira: RHEL-21704
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
RH-Commit: [1/4] c4061788d34f409944898b48642d610c259161f3 (kraxel.rh/centos-src-edk2)
|
|
||||||
|
|
||||||
Specifically before running lzma uncompress of the main firmware volume.
|
|
||||||
This is needed to make sure caching is enabled, otherwise the uncompress
|
|
||||||
can be extremely slow.
|
|
||||||
|
|
||||||
Adapt the ASSERTs and MTRR setup in PlatformInitLib to the changes.
|
|
||||||
|
|
||||||
Background: Depending on virtual machine configuration kvm may uses EPT
|
|
||||||
memory types to apply guest MTRR settings. In case MTRRs are disabled
|
|
||||||
kvm will use the uncachable memory type for all mappings. The
|
|
||||||
vmx_get_mt_mask() function in the linux kernel handles this and can be
|
|
||||||
found here:
|
|
||||||
|
|
||||||
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/arch/x86/kvm/vmx/vmx.c?h=v6.7.1#n7580
|
|
||||||
|
|
||||||
In most VM configurations kvm uses MTRR_TYPE_WRBACK unconditionally. In
|
|
||||||
case the VM has a mdev device assigned that is not the case though.
|
|
||||||
|
|
||||||
Before commit e8aa4c6546ad ("UefiCpuPkg/ResetVector: Cache Disable
|
|
||||||
should not be set by default in CR0") kvm also ended up using
|
|
||||||
MTRR_TYPE_WRBACK due to KVM_X86_QUIRK_CD_NW_CLEARED. After that commit
|
|
||||||
kvm evaluates guest mtrr settings, which why setting up MTRRs early is
|
|
||||||
important now.
|
|
||||||
|
|
||||||
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Message-ID: <20240130130441.772484-2-kraxel@redhat.com>
|
|
||||||
|
|
||||||
[ kraxel: Downstream-only for now. Timely upstream merge is unlikely
|
|
||||||
due to chinese holidays and rhel-9.4 deadlines are close.
|
|
||||||
QE regression testing passed. So go with upstream posted
|
|
||||||
series v3 ]
|
|
||||||
|
|
||||||
patch_name: edk2-OvmfPkg-Sec-Setup-MTRR-early-in-the-boot-process.patch
|
|
||||||
present_in_specfile: true
|
|
||||||
location_in_specfile: 49
|
|
||||||
---
|
|
||||||
OvmfPkg/IntelTdx/Sec/SecMain.c | 32 +++++++++++++++++++++
|
|
||||||
OvmfPkg/Library/PlatformInitLib/MemDetect.c | 10 +++----
|
|
||||||
OvmfPkg/Sec/SecMain.c | 32 +++++++++++++++++++++
|
|
||||||
3 files changed, 69 insertions(+), 5 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/IntelTdx/Sec/SecMain.c b/OvmfPkg/IntelTdx/Sec/SecMain.c
|
|
||||||
index 4e750755bf..7094d86159 100644
|
|
||||||
--- a/OvmfPkg/IntelTdx/Sec/SecMain.c
|
|
||||||
+++ b/OvmfPkg/IntelTdx/Sec/SecMain.c
|
|
||||||
@@ -26,6 +26,8 @@
|
|
||||||
#include <Library/TdxHelperLib.h>
|
|
||||||
#include <Library/CcProbeLib.h>
|
|
||||||
#include <Library/PeilessStartupLib.h>
|
|
||||||
+#include <Register/Intel/ArchitecturalMsr.h>
|
|
||||||
+#include <Register/Intel/Cpuid.h>
|
|
||||||
|
|
||||||
#define SEC_IDT_ENTRY_COUNT 34
|
|
||||||
|
|
||||||
@@ -47,6 +49,31 @@ IA32_IDT_GATE_DESCRIPTOR mIdtEntryTemplate = {
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
+//
|
|
||||||
+// Enable MTRR early, set default type to write back.
|
|
||||||
+// Needed to make sure caching is enabled,
|
|
||||||
+// without this lzma decompress can be very slow.
|
|
||||||
+//
|
|
||||||
+STATIC
|
|
||||||
+VOID
|
|
||||||
+SecMtrrSetup (
|
|
||||||
+ VOID
|
|
||||||
+ )
|
|
||||||
+{
|
|
||||||
+ CPUID_VERSION_INFO_EDX Edx;
|
|
||||||
+ MSR_IA32_MTRR_DEF_TYPE_REGISTER DefType;
|
|
||||||
+
|
|
||||||
+ AsmCpuid (CPUID_VERSION_INFO, NULL, NULL, NULL, &Edx.Uint32);
|
|
||||||
+ if (!Edx.Bits.MTRR) {
|
|
||||||
+ return;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ DefType.Uint64 = AsmReadMsr64 (MSR_IA32_MTRR_DEF_TYPE);
|
|
||||||
+ DefType.Bits.Type = 6; /* write back */
|
|
||||||
+ DefType.Bits.E = 1; /* enable */
|
|
||||||
+ AsmWriteMsr64 (MSR_IA32_MTRR_DEF_TYPE, DefType.Uint64);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
VOID
|
|
||||||
EFIAPI
|
|
||||||
SecCoreStartupWithStack (
|
|
||||||
@@ -203,6 +230,11 @@ SecCoreStartupWithStack (
|
|
||||||
InitializeApicTimer (0, MAX_UINT32, TRUE, 5);
|
|
||||||
DisableApicTimerInterrupt ();
|
|
||||||
|
|
||||||
+ //
|
|
||||||
+ // Initialize MTRR
|
|
||||||
+ //
|
|
||||||
+ SecMtrrSetup ();
|
|
||||||
+
|
|
||||||
PeilessStartup (&SecCoreData);
|
|
||||||
|
|
||||||
ASSERT (FALSE);
|
|
||||||
diff --git a/OvmfPkg/Library/PlatformInitLib/MemDetect.c b/OvmfPkg/Library/PlatformInitLib/MemDetect.c
|
|
||||||
index e64c0ee324..b6ba63ef95 100644
|
|
||||||
--- a/OvmfPkg/Library/PlatformInitLib/MemDetect.c
|
|
||||||
+++ b/OvmfPkg/Library/PlatformInitLib/MemDetect.c
|
|
||||||
@@ -1164,18 +1164,18 @@ PlatformQemuInitializeRam (
|
|
||||||
MtrrGetAllMtrrs (&MtrrSettings);
|
|
||||||
|
|
||||||
//
|
|
||||||
- // MTRRs disabled, fixed MTRRs disabled, default type is uncached
|
|
||||||
+ // See SecMtrrSetup(), default type should be write back
|
|
||||||
//
|
|
||||||
- ASSERT ((MtrrSettings.MtrrDefType & BIT11) == 0);
|
|
||||||
+ ASSERT ((MtrrSettings.MtrrDefType & BIT11) != 0);
|
|
||||||
ASSERT ((MtrrSettings.MtrrDefType & BIT10) == 0);
|
|
||||||
- ASSERT ((MtrrSettings.MtrrDefType & 0xFF) == 0);
|
|
||||||
+ ASSERT ((MtrrSettings.MtrrDefType & 0xFF) == MTRR_CACHE_WRITE_BACK);
|
|
||||||
|
|
||||||
//
|
|
||||||
// flip default type to writeback
|
|
||||||
//
|
|
||||||
- SetMem (&MtrrSettings.Fixed, sizeof MtrrSettings.Fixed, 0x06);
|
|
||||||
+ SetMem (&MtrrSettings.Fixed, sizeof MtrrSettings.Fixed, MTRR_CACHE_WRITE_BACK);
|
|
||||||
ZeroMem (&MtrrSettings.Variables, sizeof MtrrSettings.Variables);
|
|
||||||
- MtrrSettings.MtrrDefType |= BIT11 | BIT10 | 6;
|
|
||||||
+ MtrrSettings.MtrrDefType |= BIT10;
|
|
||||||
MtrrSetAllMtrrs (&MtrrSettings);
|
|
||||||
|
|
||||||
//
|
|
||||||
diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
|
|
||||||
index 60dfa61842..725b57e2fa 100644
|
|
||||||
--- a/OvmfPkg/Sec/SecMain.c
|
|
||||||
+++ b/OvmfPkg/Sec/SecMain.c
|
|
||||||
@@ -29,6 +29,8 @@
|
|
||||||
#include <Ppi/MpInitLibDep.h>
|
|
||||||
#include <Library/TdxHelperLib.h>
|
|
||||||
#include <Library/CcProbeLib.h>
|
|
||||||
+#include <Register/Intel/ArchitecturalMsr.h>
|
|
||||||
+#include <Register/Intel/Cpuid.h>
|
|
||||||
#include "AmdSev.h"
|
|
||||||
|
|
||||||
#define SEC_IDT_ENTRY_COUNT 34
|
|
||||||
@@ -743,6 +745,31 @@ FindAndReportEntryPoints (
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
+//
|
|
||||||
+// Enable MTRR early, set default type to write back.
|
|
||||||
+// Needed to make sure caching is enabled,
|
|
||||||
+// without this lzma decompress can be very slow.
|
|
||||||
+//
|
|
||||||
+STATIC
|
|
||||||
+VOID
|
|
||||||
+SecMtrrSetup (
|
|
||||||
+ VOID
|
|
||||||
+ )
|
|
||||||
+{
|
|
||||||
+ CPUID_VERSION_INFO_EDX Edx;
|
|
||||||
+ MSR_IA32_MTRR_DEF_TYPE_REGISTER DefType;
|
|
||||||
+
|
|
||||||
+ AsmCpuid (CPUID_VERSION_INFO, NULL, NULL, NULL, &Edx.Uint32);
|
|
||||||
+ if (!Edx.Bits.MTRR) {
|
|
||||||
+ return;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ DefType.Uint64 = AsmReadMsr64 (MSR_IA32_MTRR_DEF_TYPE);
|
|
||||||
+ DefType.Bits.Type = 6; /* write back */
|
|
||||||
+ DefType.Bits.E = 1; /* enable */
|
|
||||||
+ AsmWriteMsr64 (MSR_IA32_MTRR_DEF_TYPE, DefType.Uint64);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
VOID
|
|
||||||
EFIAPI
|
|
||||||
SecCoreStartupWithStack (
|
|
||||||
@@ -942,6 +969,11 @@ SecCoreStartupWithStack (
|
|
||||||
InitializeApicTimer (0, MAX_UINT32, TRUE, 5);
|
|
||||||
DisableApicTimerInterrupt ();
|
|
||||||
|
|
||||||
+ //
|
|
||||||
+ // Initialize MTRR
|
|
||||||
+ //
|
|
||||||
+ SecMtrrSetup ();
|
|
||||||
+
|
|
||||||
//
|
|
||||||
// Initialize Debug Agent to support source level debug in SEC/PEI phases before memory ready.
|
|
||||||
//
|
|
@ -1,41 +0,0 @@
|
|||||||
From 3124da27dc460926f40477d247e021ceeabe0be3 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Date: Tue, 30 Jan 2024 14:04:39 +0100
|
|
||||||
Subject: [PATCH] MdePkg/ArchitecturalMsr.h: add #defines for MTRR cache types
|
|
||||||
|
|
||||||
RH-Author: Gerd Hoffmann <None>
|
|
||||||
RH-MergeRequest: 55: OvmfPkg/Sec: Setup MTRR early in the boot process.
|
|
||||||
RH-Jira: RHEL-21704
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
RH-Commit: [2/4] a568bc2793d677462a2971aae9566a9bbc64b063 (kraxel.rh/centos-src-edk2)
|
|
||||||
|
|
||||||
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
|
|
||||||
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Message-ID: <20240130130441.772484-3-kraxel@redhat.com>
|
|
||||||
|
|
||||||
patch_name: edk2-MdePkg-ArchitecturalMsr.h-add-defines-for-MTRR-cache.patch
|
|
||||||
present_in_specfile: true
|
|
||||||
location_in_specfile: 50
|
|
||||||
---
|
|
||||||
MdePkg/Include/Register/Intel/ArchitecturalMsr.h | 7 +++++++
|
|
||||||
1 file changed, 7 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/MdePkg/Include/Register/Intel/ArchitecturalMsr.h b/MdePkg/Include/Register/Intel/ArchitecturalMsr.h
|
|
||||||
index 756e7c86ec..08ba949cf7 100644
|
|
||||||
--- a/MdePkg/Include/Register/Intel/ArchitecturalMsr.h
|
|
||||||
+++ b/MdePkg/Include/Register/Intel/ArchitecturalMsr.h
|
|
||||||
@@ -2103,6 +2103,13 @@ typedef union {
|
|
||||||
#define MSR_IA32_MTRR_PHYSBASE9 0x00000212
|
|
||||||
/// @}
|
|
||||||
|
|
||||||
+#define MSR_IA32_MTRR_CACHE_UNCACHEABLE 0
|
|
||||||
+#define MSR_IA32_MTRR_CACHE_WRITE_COMBINING 1
|
|
||||||
+#define MSR_IA32_MTRR_CACHE_WRITE_THROUGH 4
|
|
||||||
+#define MSR_IA32_MTRR_CACHE_WRITE_PROTECTED 5
|
|
||||||
+#define MSR_IA32_MTRR_CACHE_WRITE_BACK 6
|
|
||||||
+#define MSR_IA32_MTRR_CACHE_INVALID_TYPE 7
|
|
||||||
+
|
|
||||||
/**
|
|
||||||
MSR information returned for MSR indexes #MSR_IA32_MTRR_PHYSBASE0 to
|
|
||||||
#MSR_IA32_MTRR_PHYSBASE9
|
|
@ -1,70 +0,0 @@
|
|||||||
From f015a541308b2d752c399b9ef9597c4585218032 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Date: Tue, 30 Jan 2024 14:04:40 +0100
|
|
||||||
Subject: [PATCH] UefiCpuPkg/MtrrLib.h: use cache type #defines from
|
|
||||||
ArchitecturalMsr.h
|
|
||||||
|
|
||||||
RH-Author: Gerd Hoffmann <None>
|
|
||||||
RH-MergeRequest: 55: OvmfPkg/Sec: Setup MTRR early in the boot process.
|
|
||||||
RH-Jira: RHEL-21704
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
RH-Commit: [3/4] 8b766c97b247a8665662697534455c19423ff23c (kraxel.rh/centos-src-edk2)
|
|
||||||
|
|
||||||
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
|
|
||||||
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Message-ID: <20240130130441.772484-4-kraxel@redhat.com>
|
|
||||||
|
|
||||||
patch_name: edk2-UefiCpuPkg-MtrrLib.h-use-cache-type-defines-from-Arc.patch
|
|
||||||
present_in_specfile: true
|
|
||||||
location_in_specfile: 51
|
|
||||||
---
|
|
||||||
UefiCpuPkg/Include/Library/MtrrLib.h | 26 ++++++++++++++------------
|
|
||||||
1 file changed, 14 insertions(+), 12 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/UefiCpuPkg/Include/Library/MtrrLib.h b/UefiCpuPkg/Include/Library/MtrrLib.h
|
|
||||||
index 86cc1aab3b..287d249a99 100644
|
|
||||||
--- a/UefiCpuPkg/Include/Library/MtrrLib.h
|
|
||||||
+++ b/UefiCpuPkg/Include/Library/MtrrLib.h
|
|
||||||
@@ -9,6 +9,8 @@
|
|
||||||
#ifndef _MTRR_LIB_H_
|
|
||||||
#define _MTRR_LIB_H_
|
|
||||||
|
|
||||||
+#include <Register/Intel/ArchitecturalMsr.h>
|
|
||||||
+
|
|
||||||
//
|
|
||||||
// According to IA32 SDM, MTRRs number and MSR offset are always consistent
|
|
||||||
// for IA32 processor family
|
|
||||||
@@ -82,20 +84,20 @@ typedef struct _MTRR_SETTINGS_ {
|
|
||||||
// Memory cache types
|
|
||||||
//
|
|
||||||
typedef enum {
|
|
||||||
- CacheUncacheable = 0,
|
|
||||||
- CacheWriteCombining = 1,
|
|
||||||
- CacheWriteThrough = 4,
|
|
||||||
- CacheWriteProtected = 5,
|
|
||||||
- CacheWriteBack = 6,
|
|
||||||
- CacheInvalid = 7
|
|
||||||
+ CacheUncacheable = MSR_IA32_MTRR_CACHE_UNCACHEABLE,
|
|
||||||
+ CacheWriteCombining = MSR_IA32_MTRR_CACHE_WRITE_COMBINING,
|
|
||||||
+ CacheWriteThrough = MSR_IA32_MTRR_CACHE_WRITE_THROUGH,
|
|
||||||
+ CacheWriteProtected = MSR_IA32_MTRR_CACHE_WRITE_PROTECTED,
|
|
||||||
+ CacheWriteBack = MSR_IA32_MTRR_CACHE_WRITE_BACK,
|
|
||||||
+ CacheInvalid = MSR_IA32_MTRR_CACHE_INVALID_TYPE,
|
|
||||||
} MTRR_MEMORY_CACHE_TYPE;
|
|
||||||
|
|
||||||
-#define MTRR_CACHE_UNCACHEABLE 0
|
|
||||||
-#define MTRR_CACHE_WRITE_COMBINING 1
|
|
||||||
-#define MTRR_CACHE_WRITE_THROUGH 4
|
|
||||||
-#define MTRR_CACHE_WRITE_PROTECTED 5
|
|
||||||
-#define MTRR_CACHE_WRITE_BACK 6
|
|
||||||
-#define MTRR_CACHE_INVALID_TYPE 7
|
|
||||||
+#define MTRR_CACHE_UNCACHEABLE MSR_IA32_MTRR_CACHE_UNCACHEABLE
|
|
||||||
+#define MTRR_CACHE_WRITE_COMBINING MSR_IA32_MTRR_CACHE_WRITE_COMBINING
|
|
||||||
+#define MTRR_CACHE_WRITE_THROUGH MSR_IA32_MTRR_CACHE_WRITE_THROUGH
|
|
||||||
+#define MTRR_CACHE_WRITE_PROTECTED MSR_IA32_MTRR_CACHE_WRITE_PROTECTED
|
|
||||||
+#define MTRR_CACHE_WRITE_BACK MSR_IA32_MTRR_CACHE_WRITE_BACK
|
|
||||||
+#define MTRR_CACHE_INVALID_TYPE MSR_IA32_MTRR_CACHE_INVALID_TYPE
|
|
||||||
|
|
||||||
typedef struct {
|
|
||||||
UINT64 BaseAddress;
|
|
@ -1,49 +0,0 @@
|
|||||||
From dd543686c34fc3c6ddfafc0104066889ad9d1813 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Date: Tue, 30 Jan 2024 14:04:41 +0100
|
|
||||||
Subject: [PATCH] OvmfPkg/Sec: use cache type #defines from ArchitecturalMsr.h
|
|
||||||
|
|
||||||
RH-Author: Gerd Hoffmann <None>
|
|
||||||
RH-MergeRequest: 55: OvmfPkg/Sec: Setup MTRR early in the boot process.
|
|
||||||
RH-Jira: RHEL-21704
|
|
||||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
RH-Commit: [4/4] 55f00e3e153ca945ca458e7abc26780a8d83ac85 (kraxel.rh/centos-src-edk2)
|
|
||||||
|
|
||||||
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Message-ID: <20240130130441.772484-5-kraxel@redhat.com>
|
|
||||||
|
|
||||||
patch_name: edk2-OvmfPkg-Sec-use-cache-type-defines-from-Architectura.patch
|
|
||||||
present_in_specfile: true
|
|
||||||
location_in_specfile: 52
|
|
||||||
---
|
|
||||||
OvmfPkg/IntelTdx/Sec/SecMain.c | 2 +-
|
|
||||||
OvmfPkg/Sec/SecMain.c | 2 +-
|
|
||||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/IntelTdx/Sec/SecMain.c b/OvmfPkg/IntelTdx/Sec/SecMain.c
|
|
||||||
index 7094d86159..1a19f26178 100644
|
|
||||||
--- a/OvmfPkg/IntelTdx/Sec/SecMain.c
|
|
||||||
+++ b/OvmfPkg/IntelTdx/Sec/SecMain.c
|
|
||||||
@@ -69,7 +69,7 @@ SecMtrrSetup (
|
|
||||||
}
|
|
||||||
|
|
||||||
DefType.Uint64 = AsmReadMsr64 (MSR_IA32_MTRR_DEF_TYPE);
|
|
||||||
- DefType.Bits.Type = 6; /* write back */
|
|
||||||
+ DefType.Bits.Type = MSR_IA32_MTRR_CACHE_WRITE_BACK;
|
|
||||||
DefType.Bits.E = 1; /* enable */
|
|
||||||
AsmWriteMsr64 (MSR_IA32_MTRR_DEF_TYPE, DefType.Uint64);
|
|
||||||
}
|
|
||||||
diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
|
|
||||||
index 725b57e2fa..26963b924d 100644
|
|
||||||
--- a/OvmfPkg/Sec/SecMain.c
|
|
||||||
+++ b/OvmfPkg/Sec/SecMain.c
|
|
||||||
@@ -765,7 +765,7 @@ SecMtrrSetup (
|
|
||||||
}
|
|
||||||
|
|
||||||
DefType.Uint64 = AsmReadMsr64 (MSR_IA32_MTRR_DEF_TYPE);
|
|
||||||
- DefType.Bits.Type = 6; /* write back */
|
|
||||||
+ DefType.Bits.Type = MSR_IA32_MTRR_CACHE_WRITE_BACK;
|
|
||||||
DefType.Bits.E = 1; /* enable */
|
|
||||||
AsmWriteMsr64 (MSR_IA32_MTRR_DEF_TYPE, DefType.Uint64);
|
|
||||||
}
|
|
@ -1,127 +0,0 @@
|
|||||||
From 3f8eab199430de18c1c6a98d1d0772499b17cc86 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Date: Wed, 8 May 2024 13:14:26 +0200
|
|
||||||
Subject: [PATCH] OvmfPkg: add morlock support
|
|
||||||
|
|
||||||
Add dsc + fdf include files to add the MorLock drivers to the build.
|
|
||||||
Add the include files to OVMF build configurations.
|
|
||||||
|
|
||||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
(cherry picked from commit b45aff0dc9cb87f316eb17a11e5d4438175d9cca)
|
|
||||||
---
|
|
||||||
OvmfPkg/Include/Dsc/MorLock.dsc.inc | 10 ++++++++++
|
|
||||||
OvmfPkg/Include/Fdf/MorLock.fdf.inc | 10 ++++++++++
|
|
||||||
OvmfPkg/OvmfPkgIa32.dsc | 1 +
|
|
||||||
OvmfPkg/OvmfPkgIa32.fdf | 1 +
|
|
||||||
OvmfPkg/OvmfPkgIa32X64.dsc | 1 +
|
|
||||||
OvmfPkg/OvmfPkgIa32X64.fdf | 1 +
|
|
||||||
OvmfPkg/OvmfPkgX64.dsc | 1 +
|
|
||||||
OvmfPkg/OvmfPkgX64.fdf | 1 +
|
|
||||||
8 files changed, 26 insertions(+)
|
|
||||||
create mode 100644 OvmfPkg/Include/Dsc/MorLock.dsc.inc
|
|
||||||
create mode 100644 OvmfPkg/Include/Fdf/MorLock.fdf.inc
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/Include/Dsc/MorLock.dsc.inc b/OvmfPkg/Include/Dsc/MorLock.dsc.inc
|
|
||||||
new file mode 100644
|
|
||||||
index 0000000000..a8c5fb24b8
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/OvmfPkg/Include/Dsc/MorLock.dsc.inc
|
|
||||||
@@ -0,0 +1,10 @@
|
|
||||||
+##
|
|
||||||
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
||||||
+#
|
|
||||||
+# MorLock support
|
|
||||||
+##
|
|
||||||
+
|
|
||||||
+ SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
|
|
||||||
+!if $(SMM_REQUIRE) == TRUE
|
|
||||||
+ SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf
|
|
||||||
+!endif
|
|
||||||
diff --git a/OvmfPkg/Include/Fdf/MorLock.fdf.inc b/OvmfPkg/Include/Fdf/MorLock.fdf.inc
|
|
||||||
new file mode 100644
|
|
||||||
index 0000000000..20b7d6619a
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/OvmfPkg/Include/Fdf/MorLock.fdf.inc
|
|
||||||
@@ -0,0 +1,10 @@
|
|
||||||
+##
|
|
||||||
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
||||||
+#
|
|
||||||
+# MorLock support
|
|
||||||
+##
|
|
||||||
+
|
|
||||||
+INF SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
|
|
||||||
+!if $(SMM_REQUIRE) == TRUE
|
|
||||||
+INF SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf
|
|
||||||
+!endif
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
index d8ae542686..65a866ae0c 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
@@ -887,6 +887,7 @@
|
|
||||||
MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
+!include OvmfPkg/Include/Dsc/MorLock.dsc.inc
|
|
||||||
|
|
||||||
!if $(SECURE_BOOT_ENABLE) == TRUE
|
|
||||||
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
index 0ffa3be750..10eb6fe72b 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
@@ -355,6 +355,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
|
|
||||||
!include OvmfPkg/Include/Fdf/OvmfTpmDxe.fdf.inc
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
+!include OvmfPkg/Include/Fdf/MorLock.fdf.inc
|
|
||||||
|
|
||||||
!if $(LOAD_X64_ON_IA32_ENABLE) == TRUE
|
|
||||||
INF OvmfPkg/CompatImageLoaderDxe/CompatImageLoaderDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
index 52ac2c96fc..679e25501b 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
@@ -901,6 +901,7 @@
|
|
||||||
MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
+!include OvmfPkg/Include/Dsc/MorLock.dsc.inc
|
|
||||||
|
|
||||||
!if $(SECURE_BOOT_ENABLE) == TRUE
|
|
||||||
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
index c4f3ec0735..ff06bbfc6f 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
@@ -362,6 +362,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
|
|
||||||
!include OvmfPkg/Include/Fdf/OvmfTpmDxe.fdf.inc
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
+!include OvmfPkg/Include/Fdf/MorLock.fdf.inc
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
index f76d0ef7bc..d294fd4625 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
@@ -969,6 +969,7 @@
|
|
||||||
MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
+!include OvmfPkg/Include/Dsc/MorLock.dsc.inc
|
|
||||||
|
|
||||||
!if $(SECURE_BOOT_ENABLE) == TRUE
|
|
||||||
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
index bedd85ef7a..f3b787201f 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
@@ -402,6 +402,7 @@ INF OvmfPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.inf
|
|
||||||
!include OvmfPkg/Include/Fdf/OvmfTpmDxe.fdf.inc
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
+!include OvmfPkg/Include/Fdf/MorLock.fdf.inc
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
|
|
@ -1,43 +0,0 @@
|
|||||||
From 4947d363211159647e9266fa20ad9d4c8bc52f71 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Date: Fri, 31 May 2024 09:49:13 +0200
|
|
||||||
Subject: [PATCH] SecurityPkg/RngDxe: add rng test
|
|
||||||
|
|
||||||
Check whenever RngLib actually returns random numbers, only return
|
|
||||||
a non-zero number of Algorithms if that is the case.
|
|
||||||
|
|
||||||
This has the effect that RndDxe loads and installs EFI_RNG_PROTOCOL
|
|
||||||
only in case it can actually deliver random numbers.
|
|
||||||
|
|
||||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
(cherry picked from commit a61bc0accb8a76edba4f073fdc7bafc908df045d)
|
|
||||||
---
|
|
||||||
SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c | 8 +++++++-
|
|
||||||
1 file changed, 7 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
|
|
||||||
index 5723ed6957..8b0742bab6 100644
|
|
||||||
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
|
|
||||||
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c
|
|
||||||
@@ -23,6 +23,7 @@
|
|
||||||
|
|
||||||
#include <Library/BaseLib.h>
|
|
||||||
#include <Library/BaseMemoryLib.h>
|
|
||||||
+#include <Library/RngLib.h>
|
|
||||||
|
|
||||||
#include "RngDxeInternals.h"
|
|
||||||
|
|
||||||
@@ -43,7 +44,12 @@ GetAvailableAlgorithms (
|
|
||||||
VOID
|
|
||||||
)
|
|
||||||
{
|
|
||||||
- mAvailableAlgoArrayCount = RNG_ALGORITHM_COUNT;
|
|
||||||
+ UINT64 RngTest;
|
|
||||||
+
|
|
||||||
+ if (GetRandomNumber64 (&RngTest)) {
|
|
||||||
+ mAvailableAlgoArrayCount = RNG_ALGORITHM_COUNT;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
return EFI_SUCCESS;
|
|
||||||
}
|
|
||||||
|
|
@ -1,301 +0,0 @@
|
|||||||
From 0aa96c512c689426838ec1cf4aa78ff088c03a1e Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Date: Fri, 24 May 2024 12:51:17 +0200
|
|
||||||
Subject: [PATCH] OvmfPkg: wire up RngDxe
|
|
||||||
|
|
||||||
Add OvmfRng include snippets with the random number generator
|
|
||||||
configuration for OVMF. Include RngDxe, build with BaseRngLib,
|
|
||||||
so the rdrand instruction is used (if available).
|
|
||||||
|
|
||||||
Also move VirtioRng to the include snippets.
|
|
||||||
|
|
||||||
Use the new include snippets for OVMF builds.
|
|
||||||
|
|
||||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
(cherry picked from commit 712797cf19acd292bf203522a79e40e7e13d268b)
|
|
||||||
---
|
|
||||||
OvmfPkg/AmdSev/AmdSevX64.dsc | 2 +-
|
|
||||||
OvmfPkg/AmdSev/AmdSevX64.fdf | 2 +-
|
|
||||||
OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc | 9 +++++++++
|
|
||||||
OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc | 6 ++++++
|
|
||||||
OvmfPkg/IntelTdx/IntelTdxX64.dsc | 2 +-
|
|
||||||
OvmfPkg/IntelTdx/IntelTdxX64.fdf | 2 +-
|
|
||||||
OvmfPkg/Microvm/MicrovmX64.dsc | 2 +-
|
|
||||||
OvmfPkg/Microvm/MicrovmX64.fdf | 2 +-
|
|
||||||
OvmfPkg/OvmfPkgIa32.dsc | 2 +-
|
|
||||||
OvmfPkg/OvmfPkgIa32.fdf | 2 +-
|
|
||||||
OvmfPkg/OvmfPkgIa32X64.dsc | 2 +-
|
|
||||||
OvmfPkg/OvmfPkgIa32X64.fdf | 2 +-
|
|
||||||
OvmfPkg/OvmfPkgX64.dsc | 2 +-
|
|
||||||
OvmfPkg/OvmfPkgX64.fdf | 2 +-
|
|
||||||
14 files changed, 27 insertions(+), 12 deletions(-)
|
|
||||||
create mode 100644 OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
|
||||||
create mode 100644 OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
||||||
index cf1ad83e09..4edc2a9069 100644
|
|
||||||
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
||||||
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
||||||
@@ -649,7 +649,6 @@
|
|
||||||
OvmfPkg/Virtio10Dxe/Virtio10.inf
|
|
||||||
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
|
||||||
OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
|
||||||
- OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
|
||||||
!if $(PVSCSI_ENABLE) == TRUE
|
|
||||||
OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
|
||||||
!endif
|
|
||||||
@@ -740,6 +739,7 @@
|
|
||||||
OvmfPkg/AmdSev/Grub/Grub.inf
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
+!include OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
|
||||||
|
|
||||||
OvmfPkg/PlatformDxe/Platform.inf
|
|
||||||
OvmfPkg/AmdSevDxe/AmdSevDxe.inf {
|
|
||||||
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
||||||
index c56c98dc85..480837b0fa 100644
|
|
||||||
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
||||||
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
||||||
@@ -227,7 +227,6 @@ INF OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
|
|
||||||
INF OvmfPkg/Virtio10Dxe/Virtio10.inf
|
|
||||||
INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
|
||||||
INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
|
||||||
-INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
|
||||||
!if $(PVSCSI_ENABLE) == TRUE
|
|
||||||
INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
|
||||||
!endif
|
|
||||||
@@ -318,6 +317,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
|
|
||||||
!include OvmfPkg/Include/Fdf/OvmfTpmDxe.fdf.inc
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
+!include OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc b/OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
|
||||||
new file mode 100644
|
|
||||||
index 0000000000..68839a0caa
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
|
||||||
@@ -0,0 +1,9 @@
|
|
||||||
+##
|
|
||||||
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
||||||
+##
|
|
||||||
+
|
|
||||||
+ SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf {
|
|
||||||
+ <LibraryClasses>
|
|
||||||
+ RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
|
|
||||||
+ }
|
|
||||||
+ OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
|
||||||
diff --git a/OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc b/OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
|
||||||
new file mode 100644
|
|
||||||
index 0000000000..99cb4a32b1
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
|
||||||
@@ -0,0 +1,6 @@
|
|
||||||
+##
|
|
||||||
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
||||||
+##
|
|
||||||
+
|
|
||||||
+INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
|
|
||||||
+INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
|
||||||
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
|
||||||
index 9f49b60ff0..4b7e1596fc 100644
|
|
||||||
--- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
|
||||||
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
|
||||||
@@ -636,7 +636,6 @@
|
|
||||||
OvmfPkg/Virtio10Dxe/Virtio10.inf
|
|
||||||
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
|
||||||
OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
|
||||||
- OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
|
||||||
!if $(PVSCSI_ENABLE) == TRUE
|
|
||||||
OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
|
||||||
!endif
|
|
||||||
@@ -719,6 +718,7 @@
|
|
||||||
MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
+!include OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
|
||||||
|
|
||||||
!if $(SECURE_BOOT_ENABLE) == TRUE
|
|
||||||
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
|
|
||||||
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.fdf b/OvmfPkg/IntelTdx/IntelTdxX64.fdf
|
|
||||||
index ce5d542048..88d0f75ae2 100644
|
|
||||||
--- a/OvmfPkg/IntelTdx/IntelTdxX64.fdf
|
|
||||||
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.fdf
|
|
||||||
@@ -285,7 +285,6 @@ READ_LOCK_STATUS = TRUE
|
|
||||||
#
|
|
||||||
INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
|
||||||
INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
|
||||||
-INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
|
||||||
!if $(PVSCSI_ENABLE) == TRUE
|
|
||||||
INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
|
||||||
!endif
|
|
||||||
@@ -326,6 +325,7 @@ INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
|
|
||||||
INF OvmfPkg/PlatformDxe/Platform.inf
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
+!include OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc
|
|
||||||
index fb73f2e089..9206f01816 100644
|
|
||||||
--- a/OvmfPkg/Microvm/MicrovmX64.dsc
|
|
||||||
+++ b/OvmfPkg/Microvm/MicrovmX64.dsc
|
|
||||||
@@ -760,7 +760,6 @@
|
|
||||||
OvmfPkg/Virtio10Dxe/Virtio10.inf
|
|
||||||
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
|
||||||
OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
|
||||||
- OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
|
||||||
OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
|
||||||
MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
|
|
||||||
MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
|
|
||||||
@@ -846,6 +845,7 @@
|
|
||||||
MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
+!include OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
|
||||||
|
|
||||||
!if $(SECURE_BOOT_ENABLE) == TRUE
|
|
||||||
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
|
|
||||||
diff --git a/OvmfPkg/Microvm/MicrovmX64.fdf b/OvmfPkg/Microvm/MicrovmX64.fdf
|
|
||||||
index 055e659a35..c8268d7e8c 100644
|
|
||||||
--- a/OvmfPkg/Microvm/MicrovmX64.fdf
|
|
||||||
+++ b/OvmfPkg/Microvm/MicrovmX64.fdf
|
|
||||||
@@ -207,7 +207,6 @@ INF OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
|
|
||||||
INF OvmfPkg/Virtio10Dxe/Virtio10.inf
|
|
||||||
INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
|
||||||
INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
|
||||||
-INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
|
||||||
INF OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
|
||||||
|
|
||||||
!if $(SECURE_BOOT_ENABLE) == TRUE
|
|
||||||
@@ -299,6 +298,7 @@ INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
|
|
||||||
INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
+!include OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
index 65a866ae0c..b64c215585 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
|
||||||
@@ -784,7 +784,6 @@
|
|
||||||
OvmfPkg/Virtio10Dxe/Virtio10.inf
|
|
||||||
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
|
||||||
OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
|
||||||
- OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
|
||||||
OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
|
||||||
!if $(PVSCSI_ENABLE) == TRUE
|
|
||||||
OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
|
||||||
@@ -888,6 +887,7 @@
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
!include OvmfPkg/Include/Dsc/MorLock.dsc.inc
|
|
||||||
+!include OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
|
||||||
|
|
||||||
!if $(SECURE_BOOT_ENABLE) == TRUE
|
|
||||||
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
index 10eb6fe72b..c31276e4a3 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
|
||||||
@@ -231,7 +231,6 @@ INF OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
|
|
||||||
INF OvmfPkg/Virtio10Dxe/Virtio10.inf
|
|
||||||
INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
|
||||||
INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
|
||||||
-INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
|
||||||
INF OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
|
||||||
!if $(PVSCSI_ENABLE) == TRUE
|
|
||||||
INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
|
||||||
@@ -356,6 +355,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
!include OvmfPkg/Include/Fdf/MorLock.fdf.inc
|
|
||||||
+!include OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
|
||||||
|
|
||||||
!if $(LOAD_X64_ON_IA32_ENABLE) == TRUE
|
|
||||||
INF OvmfPkg/CompatImageLoaderDxe/CompatImageLoaderDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
index 679e25501b..ececac3757 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
||||||
@@ -798,7 +798,6 @@
|
|
||||||
OvmfPkg/Virtio10Dxe/Virtio10.inf
|
|
||||||
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
|
||||||
OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
|
||||||
- OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
|
||||||
OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
|
||||||
!if $(PVSCSI_ENABLE) == TRUE
|
|
||||||
OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
|
||||||
@@ -902,6 +901,7 @@
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
!include OvmfPkg/Include/Dsc/MorLock.dsc.inc
|
|
||||||
+!include OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
|
||||||
|
|
||||||
!if $(SECURE_BOOT_ENABLE) == TRUE
|
|
||||||
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
index ff06bbfc6f..a7b4aeac08 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
||||||
@@ -232,7 +232,6 @@ INF OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
|
|
||||||
INF OvmfPkg/Virtio10Dxe/Virtio10.inf
|
|
||||||
INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
|
||||||
INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
|
||||||
-INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
|
||||||
INF OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
|
||||||
!if $(PVSCSI_ENABLE) == TRUE
|
|
||||||
INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
|
||||||
@@ -363,6 +362,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
!include OvmfPkg/Include/Fdf/MorLock.fdf.inc
|
|
||||||
+!include OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
index d294fd4625..0ab4d3df06 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
|
||||||
@@ -866,7 +866,6 @@
|
|
||||||
OvmfPkg/Virtio10Dxe/Virtio10.inf
|
|
||||||
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
|
||||||
OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
|
||||||
- OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
|
||||||
OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
|
||||||
!if $(PVSCSI_ENABLE) == TRUE
|
|
||||||
OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
|
||||||
@@ -970,6 +969,7 @@
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Dsc/ShellComponents.dsc.inc
|
|
||||||
!include OvmfPkg/Include/Dsc/MorLock.dsc.inc
|
|
||||||
+!include OvmfPkg/Include/Dsc/OvmfRngComponents.dsc.inc
|
|
||||||
|
|
||||||
!if $(SECURE_BOOT_ENABLE) == TRUE
|
|
||||||
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
|
|
||||||
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
index f3b787201f..ae08ac4fe9 100644
|
|
||||||
--- a/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
|
||||||
@@ -263,7 +263,6 @@ INF OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
|
|
||||||
INF OvmfPkg/Virtio10Dxe/Virtio10.inf
|
|
||||||
INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
|
|
||||||
INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
|
|
||||||
-INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
|
|
||||||
INF OvmfPkg/VirtioSerialDxe/VirtioSerial.inf
|
|
||||||
!if $(PVSCSI_ENABLE) == TRUE
|
|
||||||
INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf
|
|
||||||
@@ -403,6 +402,7 @@ INF OvmfPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.inf
|
|
||||||
|
|
||||||
!include OvmfPkg/Include/Fdf/ShellDxe.fdf.inc
|
|
||||||
!include OvmfPkg/Include/Fdf/MorLock.fdf.inc
|
|
||||||
+!include OvmfPkg/Include/Fdf/OvmfRngDxe.fdf.inc
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
|
|
@ -1,37 +0,0 @@
|
|||||||
From d5d19043e62a268a492f9a1ef6a11380d8f7e784 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Date: Fri, 14 Jun 2024 11:45:49 +0200
|
|
||||||
Subject: [PATCH] CryptoPkg/Test: call ProcessLibraryConstructorList
|
|
||||||
|
|
||||||
Needed to properly initialize BaseRngLib.
|
|
||||||
|
|
||||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
(cherry picked from commit 94961b8817eec6f8d0434555ac50a7aa51c22201)
|
|
||||||
---
|
|
||||||
.../Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c | 7 +++++++
|
|
||||||
1 file changed, 7 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c
|
|
||||||
index d0c1c7a4f7..48d463b8ad 100644
|
|
||||||
--- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c
|
|
||||||
+++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c
|
|
||||||
@@ -8,6 +8,12 @@
|
|
||||||
**/
|
|
||||||
#include "TestBaseCryptLib.h"
|
|
||||||
|
|
||||||
+VOID
|
|
||||||
+EFIAPI
|
|
||||||
+ProcessLibraryConstructorList (
|
|
||||||
+ VOID
|
|
||||||
+ );
|
|
||||||
+
|
|
||||||
/**
|
|
||||||
Initialize the unit test framework, suite, and unit tests for the
|
|
||||||
sample unit tests and run the unit tests.
|
|
||||||
@@ -76,5 +82,6 @@ main (
|
|
||||||
char *argv[]
|
|
||||||
)
|
|
||||||
{
|
|
||||||
+ ProcessLibraryConstructorList ();
|
|
||||||
return UefiTestMain ();
|
|
||||||
}
|
|
@ -1,43 +0,0 @@
|
|||||||
From 320207a3df995771af36639c7bdf89c4203cf1c2 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Date: Fri, 14 Jun 2024 11:45:53 +0200
|
|
||||||
Subject: [PATCH] MdePkg/X86UnitTestHost: set rdrand cpuid bit
|
|
||||||
|
|
||||||
Set the rdrand feature bit when faking cpuid for host test cases.
|
|
||||||
Needed to make the CryptoPkg test cases work.
|
|
||||||
|
|
||||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
(cherry picked from commit 5e776299a2604b336a947e68593012ab2cc16eb4)
|
|
||||||
---
|
|
||||||
MdePkg/Library/BaseLib/X86UnitTestHost.c | 11 ++++++++++-
|
|
||||||
1 file changed, 10 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/MdePkg/Library/BaseLib/X86UnitTestHost.c b/MdePkg/Library/BaseLib/X86UnitTestHost.c
|
|
||||||
index 8ba4f54a38..7f7276f7f4 100644
|
|
||||||
--- a/MdePkg/Library/BaseLib/X86UnitTestHost.c
|
|
||||||
+++ b/MdePkg/Library/BaseLib/X86UnitTestHost.c
|
|
||||||
@@ -66,6 +66,15 @@ UnitTestHostBaseLibAsmCpuid (
|
|
||||||
OUT UINT32 *Edx OPTIONAL
|
|
||||||
)
|
|
||||||
{
|
|
||||||
+ UINT32 RetEcx;
|
|
||||||
+
|
|
||||||
+ RetEcx = 0;
|
|
||||||
+ switch (Index) {
|
|
||||||
+ case 1:
|
|
||||||
+ RetEcx |= BIT30; /* RdRand */
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
if (Eax != NULL) {
|
|
||||||
*Eax = 0;
|
|
||||||
}
|
|
||||||
@@ -75,7 +84,7 @@ UnitTestHostBaseLibAsmCpuid (
|
|
||||||
}
|
|
||||||
|
|
||||||
if (Ecx != NULL) {
|
|
||||||
- *Ecx = 0;
|
|
||||||
+ *Ecx = RetEcx;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (Edx != NULL) {
|
|
@ -1,32 +0,0 @@
|
|||||||
{
|
|
||||||
"description": "UEFI firmware for ARM64 virtual machines",
|
|
||||||
"interface-types": [
|
|
||||||
"uefi"
|
|
||||||
],
|
|
||||||
"mapping": {
|
|
||||||
"device": "flash",
|
|
||||||
"mode": "split",
|
|
||||||
"executable": {
|
|
||||||
"filename": "/usr/share/edk2/aarch64/QEMU_EFI-silent-pflash.qcow2",
|
|
||||||
"format": "qcow2"
|
|
||||||
},
|
|
||||||
"nvram-template": {
|
|
||||||
"filename": "/usr/share/edk2/aarch64/vars-template-pflash.qcow2",
|
|
||||||
"format": "qcow2"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"architecture": "aarch64",
|
|
||||||
"machines": [
|
|
||||||
"virt-*"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"features": [
|
|
||||||
|
|
||||||
],
|
|
||||||
"tags": [
|
|
||||||
|
|
||||||
]
|
|
||||||
}
|
|
@ -1,32 +0,0 @@
|
|||||||
{
|
|
||||||
"description": "UEFI firmware for ARM64 virtual machines, verbose logs",
|
|
||||||
"interface-types": [
|
|
||||||
"uefi"
|
|
||||||
],
|
|
||||||
"mapping": {
|
|
||||||
"device": "flash",
|
|
||||||
"mode": "split",
|
|
||||||
"executable": {
|
|
||||||
"filename": "/usr/share/edk2/aarch64/QEMU_EFI-pflash.qcow2",
|
|
||||||
"format": "qcow2"
|
|
||||||
},
|
|
||||||
"nvram-template": {
|
|
||||||
"filename": "/usr/share/edk2/aarch64/vars-template-pflash.qcow2",
|
|
||||||
"format": "qcow2"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"architecture": "aarch64",
|
|
||||||
"machines": [
|
|
||||||
"virt-*"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"features": [
|
|
||||||
"verbose-static"
|
|
||||||
],
|
|
||||||
"tags": [
|
|
||||||
|
|
||||||
]
|
|
||||||
}
|
|
@ -1,31 +0,0 @@
|
|||||||
{
|
|
||||||
"description": "OVMF with SEV-ES support",
|
|
||||||
"interface-types": [
|
|
||||||
"uefi"
|
|
||||||
],
|
|
||||||
"mapping": {
|
|
||||||
"device": "flash",
|
|
||||||
"mode": "stateless",
|
|
||||||
"executable": {
|
|
||||||
"filename": "/usr/share/edk2/ovmf/OVMF.amdsev.fd",
|
|
||||||
"format": "raw"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"architecture": "x86_64",
|
|
||||||
"machines": [
|
|
||||||
"pc-q35-*"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"features": [
|
|
||||||
"amd-sev",
|
|
||||||
"amd-sev-es",
|
|
||||||
"amd-sev-snp",
|
|
||||||
"verbose-dynamic"
|
|
||||||
],
|
|
||||||
"tags": [
|
|
||||||
|
|
||||||
]
|
|
||||||
}
|
|
@ -1,27 +0,0 @@
|
|||||||
{
|
|
||||||
"description": "OVMF with TDX support",
|
|
||||||
"interface-types": [
|
|
||||||
"uefi"
|
|
||||||
],
|
|
||||||
"mapping": {
|
|
||||||
"device": "memory",
|
|
||||||
"filename": "/usr/share/edk2/ovmf/OVMF.inteltdx.secboot.fd"
|
|
||||||
},
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"architecture": "x86_64",
|
|
||||||
"machines": [
|
|
||||||
"pc-q35-*"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"features": [
|
|
||||||
"enrolled-keys",
|
|
||||||
"intel-tdx",
|
|
||||||
"secure-boot",
|
|
||||||
"verbose-dynamic"
|
|
||||||
],
|
|
||||||
"tags": [
|
|
||||||
|
|
||||||
]
|
|
||||||
}
|
|
@ -0,0 +1,21 @@
|
|||||||
|
MIT License
|
||||||
|
|
||||||
|
Copyright (c) 2017 Patrick Uiterwijk
|
||||||
|
|
||||||
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
of this software and associated documentation files (the "Software"), to deal
|
||||||
|
in the Software without restriction, including without limitation the rights
|
||||||
|
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
copies of the Software, and to permit persons to whom the Software is
|
||||||
|
furnished to do so, subject to the following conditions:
|
||||||
|
|
||||||
|
The above copyright notice and this permission notice shall be included in all
|
||||||
|
copies or substantial portions of the Software.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||||
|
SOFTWARE.
|
@ -0,0 +1,22 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIDoDCCAoigAwIBAgIJAP71iOjzlsDxMA0GCSqGSIb3DQEBCwUAMFExKzApBgNV
|
||||||
|
BAMTIlJlZCBIYXQgU2VjdXJlIEJvb3QgKFBLL0tFSyBrZXkgMSkxIjAgBgkqhkiG
|
||||||
|
9w0BCQEWE3NlY2FsZXJ0QHJlZGhhdC5jb20wHhcNMTQxMDMxMTExNTM3WhcNMzcx
|
||||||
|
MDI1MTExNTM3WjBRMSswKQYDVQQDEyJSZWQgSGF0IFNlY3VyZSBCb290IChQSy9L
|
||||||
|
RUsga2V5IDEpMSIwIAYJKoZIhvcNAQkBFhNzZWNhbGVydEByZWRoYXQuY29tMIIB
|
||||||
|
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB+Ee42865cmgm2Iq4rJjGhw
|
||||||
|
+d9LB7I3gwsCyGdoMJ7j8PCZSrhZV8ZB9jiL/mZMSek3N5IumAEeWxRQ5qiNJQ31
|
||||||
|
huarMMtAFuqNixaGcEM38s7Akd9xFI6ZDom2TG0kHozkL08l0LoG+MboGRh2cx2B
|
||||||
|
bajYBc86yHsoyDajFg0pjJmaaNyrwE2Nv1q7K6k5SwSXHPk2u8U6hgSur9SCe+Cr
|
||||||
|
3kkFaPz2rmgabJBNVxk8ZGYD9sdSm/eUz5NqoWjJqs+Za7yqXgjnORz3+A+6Bn7x
|
||||||
|
y+h23f4i2q06Xls06rPJ4E0EKX64YLkF77XZF1hWFmC5MDLwNkrD8nmNEkBw8wID
|
||||||
|
AQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVy
|
||||||
|
YXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUPOlg4/8ZoQp7o0L0jUIutNWccuww
|
||||||
|
HwYDVR0jBBgwFoAUPOlg4/8ZoQp7o0L0jUIutNWccuwwDQYJKoZIhvcNAQELBQAD
|
||||||
|
ggEBAFxNkoi0gl8drYsR7N8GpnqlK583VQyNbgUArbcMQYlpz9ZlBptReNKtx7+c
|
||||||
|
3AVzf+ceORO06rYwfUB1q5xDC9+wwhu/MOD0/sDbYiGY9sWv3jtPSQrmHvmGsD8N
|
||||||
|
1tRGN9tUdF7/EcJgxnBYxRxv7LLYbm/DvDOHOKTzRGScNDsolCZ4J58WF+g7aQol
|
||||||
|
qXM2fp43XOzoP9uR+RKzPc7n3RXDrowFIGGbld6br/qxXBzll+fDNBGF9YonJqRw
|
||||||
|
NuwM9oM9kPc28/nzFdSQYr5TtK/TSa/v9HPoe3bkRCo3uoGkmQw6MSRxoOTktxrL
|
||||||
|
R+SqIs/vdWGA40O3SFdzET14m2k=
|
||||||
|
-----END CERTIFICATE-----
|
@ -1,63 +0,0 @@
|
|||||||
From 481310a21104aba17bc0cddd236ecdf69d4ba662 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
Date: Mon, 26 Aug 2024 19:25:52 +0200
|
|
||||||
Subject: [PATCH] AmdSevDxe: Fix the shim fallback reboot workaround for SNP
|
|
||||||
|
|
||||||
RH-Author: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
RH-MergeRequest: 68: AmdSevDxe: Fix the shim fallback reboot workaround for SNP
|
|
||||||
RH-Jira: RHEL-56081
|
|
||||||
RH-Acked-by: Gerd Hoffmann <None>
|
|
||||||
RH-Commit: [1/1] ab8678b61d171f9c19459e034483437b29037b4b (osteffen/edk2)
|
|
||||||
|
|
||||||
The shim fallback reboot workaround (introduced for SEV-ES) does
|
|
||||||
not always work for SEV-SNP, due to a conditional early return.
|
|
||||||
|
|
||||||
Let's just register the workaround earlier in this function to
|
|
||||||
fix that.
|
|
||||||
|
|
||||||
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
---
|
|
||||||
OvmfPkg/AmdSevDxe/AmdSevDxe.c | 21 +++++++++++----------
|
|
||||||
1 file changed, 11 insertions(+), 10 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
|
|
||||||
index 0eb88e50ff..ca345e95da 100644
|
|
||||||
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
|
|
||||||
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
|
|
||||||
@@ -243,6 +243,17 @@ AmdSevDxeEntryPoint (
|
|
||||||
return EFI_UNSUPPORTED;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ // Shim fallback reboot workaround
|
|
||||||
+ Status = gBS->CreateEventEx (
|
|
||||||
+ EVT_NOTIFY_SIGNAL,
|
|
||||||
+ TPL_CALLBACK,
|
|
||||||
+ PopulateVarstore,
|
|
||||||
+ SystemTable,
|
|
||||||
+ &gEfiEndOfDxeEventGroupGuid,
|
|
||||||
+ &PopulateVarstoreEvent
|
|
||||||
+ );
|
|
||||||
+ ASSERT_EFI_ERROR (Status);
|
|
||||||
+
|
|
||||||
//
|
|
||||||
// Iterate through the GCD map and clear the C-bit from MMIO and NonExistent
|
|
||||||
// memory space. The NonExistent memory space will be used for mapping the
|
|
||||||
@@ -393,15 +404,5 @@ AmdSevDxeEntryPoint (
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
- Status = gBS->CreateEventEx (
|
|
||||||
- EVT_NOTIFY_SIGNAL,
|
|
||||||
- TPL_CALLBACK,
|
|
||||||
- PopulateVarstore,
|
|
||||||
- SystemTable,
|
|
||||||
- &gEfiEndOfDxeEventGroupGuid,
|
|
||||||
- &PopulateVarstoreEvent
|
|
||||||
- );
|
|
||||||
- ASSERT_EFI_ERROR (Status);
|
|
||||||
-
|
|
||||||
return EFI_SUCCESS;
|
|
||||||
}
|
|
||||||
--
|
|
||||||
2.39.3
|
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,149 @@
|
|||||||
|
From 9ef10bbe9a03f22aa5c5ff659012794d37ef9839 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ard Biesheuvel <ardb@kernel.org>
|
||||||
|
Date: Mon, 24 Oct 2022 18:41:22 +0200
|
||||||
|
Subject: [PATCH 17/18] ArmVirtPkg/ArmVirtQemu: migrate to OVMF's
|
||||||
|
VirtNorFlashDxe
|
||||||
|
|
||||||
|
RH-Author: Gerd Hoffmann <None>
|
||||||
|
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
|
||||||
|
RH-Jira: RHEL-17587
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [19/20] 2160140b0ea566451ab723e941d2ab91e1ad874e
|
||||||
|
|
||||||
|
Switch to the virt specific NorFlashDxe driver implementation that was
|
||||||
|
added recently.
|
||||||
|
|
||||||
|
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
||||||
|
Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
|
||||||
|
(cherry picked from commit b92298af8218dd074c231947bc95f2be94af663c)
|
||||||
|
---
|
||||||
|
ArmVirtPkg/ArmVirtQemu.dsc | 4 ++--
|
||||||
|
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 2 +-
|
||||||
|
ArmVirtPkg/ArmVirtQemuKernel.dsc | 4 ++--
|
||||||
|
ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.c | 12 ++++++------
|
||||||
|
.../Library/NorFlashQemuLib/NorFlashQemuLib.inf | 4 ++--
|
||||||
|
5 files changed, 13 insertions(+), 13 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
index e6fad9f066..2b23becf30 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
@@ -67,7 +67,7 @@
|
||||||
|
ArmPlatformLib|ArmPlatformPkg/Library/ArmPlatformLibNull/ArmPlatformLibNull.inf
|
||||||
|
|
||||||
|
TimerLib|ArmPkg/Library/ArmArchTimerLib/ArmArchTimerLib.inf
|
||||||
|
- NorFlashPlatformLib|ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
|
||||||
|
+ VirtNorFlashPlatformLib|ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
|
||||||
|
|
||||||
|
CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
|
||||||
|
BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf
|
||||||
|
@@ -400,7 +400,7 @@
|
||||||
|
<LibraryClasses>
|
||||||
|
NULL|ArmVirtPkg/Library/ArmVirtTimerFdtClientLib/ArmVirtTimerFdtClientLib.inf
|
||||||
|
}
|
||||||
|
- ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
|
||||||
|
+ OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
|
||||||
|
MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
index f6a538df72..7c655d384d 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
|
||||||
|
@@ -73,7 +73,7 @@ READ_LOCK_STATUS = TRUE
|
||||||
|
|
||||||
|
INF ArmPkg/Drivers/ArmGic/ArmGicDxe.inf
|
||||||
|
INF ArmPkg/Drivers/TimerDxe/TimerDxe.inf
|
||||||
|
- INF ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
|
||||||
|
+ INF OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
|
||||||
|
INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
||||||
|
index 656c9d99a3..344e2c4ed9 100644
|
||||||
|
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
||||||
|
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
|
||||||
|
@@ -65,7 +65,7 @@
|
||||||
|
ArmVirtMemInfoLib|ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoLib.inf
|
||||||
|
|
||||||
|
TimerLib|ArmPkg/Library/ArmArchTimerLib/ArmArchTimerLib.inf
|
||||||
|
- NorFlashPlatformLib|ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
|
||||||
|
+ VirtNorFlashPlatformLib|ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
|
||||||
|
|
||||||
|
CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
|
||||||
|
BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf
|
||||||
|
@@ -329,7 +329,7 @@
|
||||||
|
<LibraryClasses>
|
||||||
|
NULL|ArmVirtPkg/Library/ArmVirtTimerFdtClientLib/ArmVirtTimerFdtClientLib.inf
|
||||||
|
}
|
||||||
|
- ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
|
||||||
|
+ OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
|
||||||
|
MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
diff --git a/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.c b/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.c
|
||||||
|
index 271d7f0efb..93a2fed40f 100644
|
||||||
|
--- a/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.c
|
||||||
|
+++ b/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.c
|
||||||
|
@@ -8,8 +8,8 @@
|
||||||
|
|
||||||
|
#include <Library/BaseLib.h>
|
||||||
|
#include <Library/DebugLib.h>
|
||||||
|
-#include <Library/NorFlashPlatformLib.h>
|
||||||
|
#include <Library/UefiBootServicesTableLib.h>
|
||||||
|
+#include <Library/VirtNorFlashPlatformLib.h>
|
||||||
|
|
||||||
|
#include <Protocol/FdtClient.h>
|
||||||
|
|
||||||
|
@@ -18,19 +18,19 @@
|
||||||
|
#define MAX_FLASH_BANKS 4
|
||||||
|
|
||||||
|
EFI_STATUS
|
||||||
|
-NorFlashPlatformInitialization (
|
||||||
|
+VirtNorFlashPlatformInitialization (
|
||||||
|
VOID
|
||||||
|
)
|
||||||
|
{
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
-NOR_FLASH_DESCRIPTION mNorFlashDevices[MAX_FLASH_BANKS];
|
||||||
|
+STATIC VIRT_NOR_FLASH_DESCRIPTION mNorFlashDevices[MAX_FLASH_BANKS];
|
||||||
|
|
||||||
|
EFI_STATUS
|
||||||
|
-NorFlashPlatformGetDevices (
|
||||||
|
- OUT NOR_FLASH_DESCRIPTION **NorFlashDescriptions,
|
||||||
|
- OUT UINT32 *Count
|
||||||
|
+VirtNorFlashPlatformGetDevices (
|
||||||
|
+ OUT VIRT_NOR_FLASH_DESCRIPTION **NorFlashDescriptions,
|
||||||
|
+ OUT UINT32 *Count
|
||||||
|
)
|
||||||
|
{
|
||||||
|
FDT_CLIENT_PROTOCOL *FdtClient;
|
||||||
|
diff --git a/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf b/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
|
||||||
|
index 4c3683bf5d..a6b5865be9 100644
|
||||||
|
--- a/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
|
||||||
|
+++ b/ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
|
||||||
|
@@ -14,17 +14,17 @@
|
||||||
|
FILE_GUID = 339B7829-4C5F-4EFC-B2DD-5050E530DECE
|
||||||
|
MODULE_TYPE = DXE_DRIVER
|
||||||
|
VERSION_STRING = 1.0
|
||||||
|
- LIBRARY_CLASS = NorFlashPlatformLib
|
||||||
|
+ LIBRARY_CLASS = VirtNorFlashPlatformLib
|
||||||
|
|
||||||
|
[Sources.common]
|
||||||
|
NorFlashQemuLib.c
|
||||||
|
|
||||||
|
[Packages]
|
||||||
|
MdePkg/MdePkg.dec
|
||||||
|
- ArmPlatformPkg/ArmPlatformPkg.dec
|
||||||
|
ArmPkg/ArmPkg.dec
|
||||||
|
ArmVirtPkg/ArmVirtPkg.dec
|
||||||
|
EmbeddedPkg/EmbeddedPkg.dec
|
||||||
|
+ OvmfPkg/OvmfPkg.dec
|
||||||
|
|
||||||
|
[LibraryClasses]
|
||||||
|
BaseLib
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
@ -0,0 +1,56 @@
|
|||||||
|
From 045496325e278716e724ffdf9685667a8766d4f3 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 20 Jun 2024 10:34:52 -0400
|
||||||
|
Subject: [PATCH 28/31] CryptoPkg/Test: call ProcessLibraryConstructorList
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
|
||||||
|
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [28/31] 5ff484fbc68d094fbcdda2772c2869818c67de8d
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21856
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45237
|
||||||
|
|
||||||
|
commit 94961b8817eec6f8d0434555ac50a7aa51c22201
|
||||||
|
Author: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Fri Jun 14 11:45:49 2024 +0200
|
||||||
|
|
||||||
|
CryptoPkg/Test: call ProcessLibraryConstructorList
|
||||||
|
|
||||||
|
Needed to properly initialize BaseRngLib.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c | 6 ++++++
|
||||||
|
1 file changed, 6 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c
|
||||||
|
index 88a3f96305..0ba9f35840 100644
|
||||||
|
--- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c
|
||||||
|
+++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c
|
||||||
|
@@ -8,6 +8,11 @@
|
||||||
|
**/
|
||||||
|
#include "TestBaseCryptLib.h"
|
||||||
|
|
||||||
|
+VOID
|
||||||
|
+EFIAPI
|
||||||
|
+ProcessLibraryConstructorList (
|
||||||
|
+ VOID
|
||||||
|
+ );
|
||||||
|
|
||||||
|
/**
|
||||||
|
Initialize the unit test framework, suite, and unit tests for the
|
||||||
|
@@ -77,5 +82,6 @@ main (
|
||||||
|
char *argv[]
|
||||||
|
)
|
||||||
|
{
|
||||||
|
+ ProcessLibraryConstructorList ();
|
||||||
|
return UefiTestMain ();
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,174 @@
|
|||||||
|
From f8691984227809170b702f6fd087add1f95ee8fe Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Tue, 5 Mar 2024 16:38:49 -0500
|
||||||
|
Subject: [PATCH 1/2] EmbeddedPkg/Hob: Integer Overflow in CreateHob()
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 66: EmbeddedPkg/Hob: Integer Overflow in CreateHob()
|
||||||
|
RH-Jira: RHEL-21158
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [1/2] 301d3bfe82c39179fb85d510788831aa340212d9
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21158
|
||||||
|
CVE: CVE-2022-36765
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit aeaee8944f0eaacbf4cdf39279785b9ba4836bb6
|
||||||
|
Author: Gua Guo <gua.guo@intel.com>
|
||||||
|
Date: Thu Jan 11 13:07:50 2024 +0800
|
||||||
|
|
||||||
|
EmbeddedPkg/Hob: Integer Overflow in CreateHob()
|
||||||
|
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4166
|
||||||
|
|
||||||
|
Fix integer overflow in various CreateHob instances.
|
||||||
|
Fixes: CVE-2022-36765
|
||||||
|
|
||||||
|
The CreateHob() function aligns the requested size to 8
|
||||||
|
performing the following operation:
|
||||||
|
```
|
||||||
|
HobLength = (UINT16)((HobLength + 0x7) & (~0x7));
|
||||||
|
```
|
||||||
|
|
||||||
|
No checks are performed to ensure this value doesn't
|
||||||
|
overflow, and could lead to CreateHob() returning a smaller
|
||||||
|
HOB than requested, which could lead to OOB HOB accesses.
|
||||||
|
|
||||||
|
Reported-by: Marc Beatove <mbeatove@google.com>
|
||||||
|
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
|
||||||
|
Reviewed-by: Ard Biesheuvel <ardb+tianocore@kernel.org>
|
||||||
|
Cc: Abner Chang <abner.chang@amd.com>
|
||||||
|
Cc: John Mathew <john.mathews@intel.com>
|
||||||
|
Authored-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Signed-off-by: Gua Guo <gua.guo@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
EmbeddedPkg/Library/PrePiHobLib/Hob.c | 47 +++++++++++++++++++++++++--
|
||||||
|
1 file changed, 45 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/EmbeddedPkg/Library/PrePiHobLib/Hob.c b/EmbeddedPkg/Library/PrePiHobLib/Hob.c
|
||||||
|
index b5cc6c5d8f..f4c99369c6 100644
|
||||||
|
--- a/EmbeddedPkg/Library/PrePiHobLib/Hob.c
|
||||||
|
+++ b/EmbeddedPkg/Library/PrePiHobLib/Hob.c
|
||||||
|
@@ -112,6 +112,13 @@ CreateHob (
|
||||||
|
|
||||||
|
HandOffHob = GetHobList ();
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Check Length to avoid data overflow.
|
||||||
|
+ //
|
||||||
|
+ if (HobLength > MAX_UINT16 - 0x7) {
|
||||||
|
+ return NULL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
HobLength = (UINT16)((HobLength + 0x7) & (~0x7));
|
||||||
|
|
||||||
|
FreeMemory = HandOffHob->EfiFreeMemoryTop - HandOffHob->EfiFreeMemoryBottom;
|
||||||
|
@@ -161,7 +168,10 @@ BuildResourceDescriptorHob (
|
||||||
|
EFI_HOB_RESOURCE_DESCRIPTOR *Hob;
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_RESOURCE_DESCRIPTOR, sizeof (EFI_HOB_RESOURCE_DESCRIPTOR));
|
||||||
|
- ASSERT(Hob != NULL);
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Hob->ResourceType = ResourceType;
|
||||||
|
Hob->ResourceAttribute = ResourceAttribute;
|
||||||
|
@@ -403,6 +413,10 @@ BuildModuleHob (
|
||||||
|
((ModuleLength & (EFI_PAGE_SIZE - 1)) == 0));
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION_MODULE));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
CopyGuid (&(Hob->MemoryAllocationHeader.Name), &gEfiHobMemoryAllocModuleGuid);
|
||||||
|
Hob->MemoryAllocationHeader.MemoryBaseAddress = MemoryAllocationModule;
|
||||||
|
@@ -450,7 +464,12 @@ BuildGuidHob (
|
||||||
|
//
|
||||||
|
ASSERT (DataLength <= (0xffff - sizeof (EFI_HOB_GUID_TYPE)));
|
||||||
|
|
||||||
|
- Hob = CreateHob (EFI_HOB_TYPE_GUID_EXTENSION, (UINT16) (sizeof (EFI_HOB_GUID_TYPE) + DataLength));
|
||||||
|
+ Hob = CreateHob (EFI_HOB_TYPE_GUID_EXTENSION, (UINT16)(sizeof (EFI_HOB_GUID_TYPE) + DataLength));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return NULL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
CopyGuid (&Hob->Name, Guid);
|
||||||
|
return Hob + 1;
|
||||||
|
}
|
||||||
|
@@ -516,6 +535,10 @@ BuildFvHob (
|
||||||
|
EFI_HOB_FIRMWARE_VOLUME *Hob;
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_FV, sizeof (EFI_HOB_FIRMWARE_VOLUME));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Hob->BaseAddress = BaseAddress;
|
||||||
|
Hob->Length = Length;
|
||||||
|
@@ -548,6 +571,10 @@ BuildFv2Hob (
|
||||||
|
EFI_HOB_FIRMWARE_VOLUME2 *Hob;
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_FV2, sizeof (EFI_HOB_FIRMWARE_VOLUME2));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Hob->BaseAddress = BaseAddress;
|
||||||
|
Hob->Length = Length;
|
||||||
|
@@ -589,6 +616,10 @@ BuildFv3Hob (
|
||||||
|
EFI_HOB_FIRMWARE_VOLUME3 *Hob;
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_FV3, sizeof (EFI_HOB_FIRMWARE_VOLUME3));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Hob->BaseAddress = BaseAddress;
|
||||||
|
Hob->Length = Length;
|
||||||
|
@@ -645,6 +676,10 @@ BuildCpuHob (
|
||||||
|
EFI_HOB_CPU *Hob;
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_CPU, sizeof (EFI_HOB_CPU));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Hob->SizeOfMemorySpace = SizeOfMemorySpace;
|
||||||
|
Hob->SizeOfIoSpace = SizeOfIoSpace;
|
||||||
|
@@ -681,6 +716,10 @@ BuildStackHob (
|
||||||
|
((Length & (EFI_PAGE_SIZE - 1)) == 0));
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION_STACK));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
CopyGuid (&(Hob->AllocDescriptor.Name), &gEfiHobMemoryAllocStackGuid);
|
||||||
|
Hob->AllocDescriptor.MemoryBaseAddress = BaseAddress;
|
||||||
|
@@ -761,6 +800,10 @@ BuildMemoryAllocationHob (
|
||||||
|
((Length & (EFI_PAGE_SIZE - 1)) == 0));
|
||||||
|
|
||||||
|
Hob = CreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION));
|
||||||
|
+ ASSERT (Hob != NULL);
|
||||||
|
+ if (Hob == NULL) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
ZeroMem (&(Hob->AllocDescriptor.Name), sizeof (EFI_GUID));
|
||||||
|
Hob->AllocDescriptor.MemoryBaseAddress = BaseAddress;
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,66 @@
|
|||||||
|
From 2e4b2b8fce40cf93f35e052102f37fee07b2e64a Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Mon, 10 Jun 2024 18:13:29 -0400
|
||||||
|
Subject: [PATCH 02/31] MdeModulePkg: Potential UINT32 overflow in S3
|
||||||
|
ResumeCount
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
|
||||||
|
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [2/31] a3592c3437041cbd33a6c11feb3d0999e122c8c0
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-40099
|
||||||
|
CVE: CVE-2024-1298
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 284dbac43da752ee34825c8b3f6f9e8281cb5a19
|
||||||
|
Author: Shanmugavel Pakkirisamy <shanmugavelx.pakkirisamy@intel.com>
|
||||||
|
Date: Mon May 6 17:53:09 2024 +0800
|
||||||
|
|
||||||
|
MdeModulePkg: Potential UINT32 overflow in S3 ResumeCount
|
||||||
|
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4677
|
||||||
|
|
||||||
|
Attacker able to modify physical memory and ResumeCount.
|
||||||
|
System will crash/DoS when ResumeCount reaches its MAX_UINT32.
|
||||||
|
|
||||||
|
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
|
||||||
|
Cc: Dandan Bi <dandan.bi@intel.com>
|
||||||
|
Cc: Liming Gao <gaoliming@byosoft.com.cn>
|
||||||
|
|
||||||
|
Signed-off-by: Pakkirisamy ShanmugavelX <shanmugavelx.pakkirisamy@intel.com>
|
||||||
|
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../FirmwarePerformancePei.c | 12 ++++++++----
|
||||||
|
1 file changed, 8 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTablePei/FirmwarePerformancePei.c b/MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTablePei/FirmwarePerformancePei.c
|
||||||
|
index 6881466201..54b3bc3c54 100644
|
||||||
|
--- a/MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTablePei/FirmwarePerformancePei.c
|
||||||
|
+++ b/MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTablePei/FirmwarePerformancePei.c
|
||||||
|
@@ -110,11 +110,15 @@ FpdtStatusCodeListenerPei (
|
||||||
|
//
|
||||||
|
S3ResumeTotal = MultU64x32 (AcpiS3ResumeRecord->AverageResume, AcpiS3ResumeRecord->ResumeCount);
|
||||||
|
AcpiS3ResumeRecord->ResumeCount++;
|
||||||
|
- AcpiS3ResumeRecord->AverageResume = DivU64x32 (S3ResumeTotal + AcpiS3ResumeRecord->FullResume, AcpiS3ResumeRecord->ResumeCount);
|
||||||
|
+ if (AcpiS3ResumeRecord->ResumeCount > 0) {
|
||||||
|
+ AcpiS3ResumeRecord->AverageResume = DivU64x32 (S3ResumeTotal + AcpiS3ResumeRecord->FullResume, AcpiS3ResumeRecord->ResumeCount);
|
||||||
|
+ DEBUG ((DEBUG_INFO, "\nFPDT: S3 Resume Performance - AverageResume = 0x%x\n", AcpiS3ResumeRecord->AverageResume));
|
||||||
|
+ } else {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "\nFPDT: S3 ResumeCount reaches the MAX_UINT32 value. S3 ResumeCount record reset to Zero."));
|
||||||
|
+ }
|
||||||
|
|
||||||
|
- DEBUG ((DEBUG_INFO, "FPDT: S3 Resume Performance - ResumeCount = %d\n", AcpiS3ResumeRecord->ResumeCount));
|
||||||
|
- DEBUG ((DEBUG_INFO, "FPDT: S3 Resume Performance - FullResume = %ld\n", AcpiS3ResumeRecord->FullResume));
|
||||||
|
- DEBUG ((DEBUG_INFO, "FPDT: S3 Resume Performance - AverageResume = %ld\n", AcpiS3ResumeRecord->AverageResume));
|
||||||
|
+ DEBUG ((DEBUG_INFO, "FPDT: S3 Resume Performance - ResumeCount = 0x%x\n", AcpiS3ResumeRecord->ResumeCount));
|
||||||
|
+ DEBUG ((DEBUG_INFO, "FPDT: S3 Resume Performance - FullResume = 0x%x\n", AcpiS3ResumeRecord->FullResume));
|
||||||
|
|
||||||
|
//
|
||||||
|
// Update S3 Suspend Performance Record.
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,90 @@
|
|||||||
|
From 5ba444af245d59e3208260478aa710d4f143f259 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 20 Jun 2024 16:06:25 -0400
|
||||||
|
Subject: [PATCH 20/31] MdeModulePkg/Rng: Add GUID to describe unsafe Rng
|
||||||
|
algorithms
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
|
||||||
|
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [20/31] d0e553560d60122f2fe5f33923b5b943c138a18d
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21856
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45237
|
||||||
|
|
||||||
|
commit 414c0f20896f3dec412135fa4260f8aad8bef246
|
||||||
|
Author: Pierre Gondois <pierre.gondois@arm.com>
|
||||||
|
Date: Fri Aug 11 16:33:07 2023 +0200
|
||||||
|
|
||||||
|
MdeModulePkg/Rng: Add GUID to describe unsafe Rng algorithms
|
||||||
|
|
||||||
|
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4441
|
||||||
|
|
||||||
|
The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has multiple
|
||||||
|
implementations, some of them are unsafe (e.g. BaseRngLibTimerLib).
|
||||||
|
To allow the RngDxe to detect when such implementation is used,
|
||||||
|
a GetRngGuid() function is added in a following patch.
|
||||||
|
|
||||||
|
Prepare GetRngGuid() return values and add a gEdkiiRngAlgorithmUnSafe
|
||||||
|
to describe an unsafe implementation, cf. the BaseRngLibTimerLib.
|
||||||
|
|
||||||
|
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
|
||||||
|
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
|
||||||
|
Acked-by: Ard Biesheuvel <ardb@kernel.org>
|
||||||
|
Tested-by: Kun Qin <kun.qin@microsoft.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
MdeModulePkg/Include/Guid/RngAlgorithm.h | 23 +++++++++++++++++++++++
|
||||||
|
MdeModulePkg/MdeModulePkg.dec | 3 +++
|
||||||
|
2 files changed, 26 insertions(+)
|
||||||
|
create mode 100644 MdeModulePkg/Include/Guid/RngAlgorithm.h
|
||||||
|
|
||||||
|
diff --git a/MdeModulePkg/Include/Guid/RngAlgorithm.h b/MdeModulePkg/Include/Guid/RngAlgorithm.h
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..e2ac2ba3e5
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/MdeModulePkg/Include/Guid/RngAlgorithm.h
|
||||||
|
@@ -0,0 +1,23 @@
|
||||||
|
+/** @file
|
||||||
|
+ Rng Algorithm
|
||||||
|
+
|
||||||
|
+ Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+
|
||||||
|
+#ifndef RNG_ALGORITHM_GUID_H_
|
||||||
|
+#define RNG_ALGORITHM_GUID_H_
|
||||||
|
+
|
||||||
|
+///
|
||||||
|
+/// The implementation of a Random Number Generator might be unsafe, when using
|
||||||
|
+/// a dummy implementation for instance. Allow identifying such implementation
|
||||||
|
+/// with this GUID.
|
||||||
|
+///
|
||||||
|
+#define EDKII_RNG_ALGORITHM_UNSAFE \
|
||||||
|
+ { \
|
||||||
|
+ 0x869f728c, 0x409d, 0x4ab4, {0xac, 0x03, 0x71, 0xd3, 0x09, 0xc1, 0xb3, 0xf4 } \
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+extern EFI_GUID gEdkiiRngAlgorithmUnSafe;
|
||||||
|
+
|
||||||
|
+#endif // #ifndef RNG_ALGORITHM_GUID_H_
|
||||||
|
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
|
||||||
|
index 08d59dfb3e..3513a9678a 100644
|
||||||
|
--- a/MdeModulePkg/MdeModulePkg.dec
|
||||||
|
+++ b/MdeModulePkg/MdeModulePkg.dec
|
||||||
|
@@ -401,6 +401,9 @@
|
||||||
|
## Include/Guid/MigratedFvInfo.h
|
||||||
|
gEdkiiMigratedFvInfoGuid = { 0xc1ab12f7, 0x74aa, 0x408d, { 0xa2, 0xf4, 0xc6, 0xce, 0xfd, 0x17, 0x98, 0x71 } }
|
||||||
|
|
||||||
|
+ ## Include/Guid/RngAlgorithm.h
|
||||||
|
+ gEdkiiRngAlgorithmUnSafe = { 0x869f728c, 0x409d, 0x4ab4, {0xac, 0x03, 0x71, 0xd3, 0x09, 0xc1, 0xb3, 0xf4 }}
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# GUID defined in UniversalPayload
|
||||||
|
#
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -1,43 +0,0 @@
|
|||||||
From 880c1ca7420b873c5f81563b122d7bd1ebad72cb Mon Sep 17 00:00:00 2001
|
|
||||||
From: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
Date: Mon, 4 Mar 2024 15:32:58 +0100
|
|
||||||
Subject: [PATCH] MdeModulePkg: Warn if out of flash space when writing
|
|
||||||
variables
|
|
||||||
|
|
||||||
RH-Author: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
RH-MergeRequest: 64: MdeModulePkg: Warn if out of flash space when writing variables
|
|
||||||
RH-Jira: RHEL-43442
|
|
||||||
RH-Acked-by: Gerd Hoffmann <None>
|
|
||||||
RH-Commit: [1/1] b65130800090192f47f13d67ff14f902a4f5bfb5 (osteffen/edk2)
|
|
||||||
|
|
||||||
Emit a DEBUG_WARN message if there is not enough flash space left to
|
|
||||||
write/update a variable. This condition is currently not logged
|
|
||||||
appropriately in all cases, given that full variable store can easily
|
|
||||||
render the system unbootable.
|
|
||||||
This new message helps identifying this condition.
|
|
||||||
|
|
||||||
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
(cherry picked from commit 80b59ff8320d1bd134bf689fe9c0ddf4e0473b88)
|
|
||||||
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
---
|
|
||||||
MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 2 ++
|
|
||||||
1 file changed, 2 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
|
|
||||||
index d394d237a5..1c7659031d 100644
|
|
||||||
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
|
|
||||||
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
|
|
||||||
@@ -2364,6 +2364,8 @@ Done:
|
|
||||||
);
|
|
||||||
ASSERT_EFI_ERROR (Status);
|
|
||||||
}
|
|
||||||
+ } else if (Status == EFI_OUT_OF_RESOURCES) {
|
|
||||||
+ DEBUG ((DEBUG_WARN, "UpdateVariable failed: Out of flash space\n"));
|
|
||||||
}
|
|
||||||
|
|
||||||
return Status;
|
|
||||||
--
|
|
||||||
2.39.3
|
|
||||||
|
|
@ -0,0 +1,89 @@
|
|||||||
|
From 3800b9ee5d6d4c05c7e27f949c3b32c422c78f2d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 20 Jun 2024 16:02:31 -0400
|
||||||
|
Subject: [PATCH 16/31] MdePkg: Add deprecated warning to BaseRngLibTimer
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
|
||||||
|
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [16/31] 6e199344d083e90f60cbe01dfb3c2a3719e3177d
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21856
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45237
|
||||||
|
|
||||||
|
commit e93468442b7da7bc80e00014e854c0c8a0a7184b
|
||||||
|
Author: Pierre Gondois <pierre.gondois@arm.com>
|
||||||
|
Date: Fri Aug 11 16:33:03 2023 +0200
|
||||||
|
|
||||||
|
MdePkg: Add deprecated warning to BaseRngLibTimer
|
||||||
|
|
||||||
|
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4504
|
||||||
|
|
||||||
|
To keep the MdePkg self-contained and avoid dependencies on GUIDs
|
||||||
|
defined in other packages, the BaseRngLibTimer was moved to the
|
||||||
|
MdePkg.
|
||||||
|
Add a constructor to warn and request to use the MdeModulePkg
|
||||||
|
implementation.
|
||||||
|
|
||||||
|
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
|
||||||
|
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
||||||
|
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
|
||||||
|
Acked-by: Ard Biesheuvel <ardb@kernel.org>
|
||||||
|
Tested-by: Kun Qin <kun.qin@microsoft.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../BaseRngLibTimerLib/BaseRngLibTimerLib.inf | 1 +
|
||||||
|
.../Library/BaseRngLibTimerLib/RngLibTimer.c | 22 +++++++++++++++++++
|
||||||
|
2 files changed, 23 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf b/MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
|
||||||
|
index f857290e82..96c90db63f 100644
|
||||||
|
--- a/MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
|
||||||
|
+++ b/MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
|
||||||
|
@@ -23,6 +23,7 @@
|
||||||
|
MODULE_TYPE = BASE
|
||||||
|
VERSION_STRING = 1.0
|
||||||
|
LIBRARY_CLASS = RngLib
|
||||||
|
+ CONSTRUCTOR = BaseRngLibTimerConstructor
|
||||||
|
|
||||||
|
[Sources]
|
||||||
|
RngLibTimer.c
|
||||||
|
diff --git a/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c b/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
|
||||||
|
index 54d29d96f3..6b8392162b 100644
|
||||||
|
--- a/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
|
||||||
|
+++ b/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
|
||||||
|
@@ -13,6 +13,28 @@
|
||||||
|
|
||||||
|
#define DEFAULT_DELAY_TIME_IN_MICROSECONDS 10
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ This implementation is to be replaced by its MdeModulePkg copy.
|
||||||
|
+ The cause being that some GUIDs (gEdkiiRngAlgorithmUnSafe) cannot
|
||||||
|
+ be defined in the MdePkg.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS.
|
||||||
|
+**/
|
||||||
|
+RETURN_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+BaseRngLibTimerConstructor (
|
||||||
|
+ VOID
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ DEBUG ((
|
||||||
|
+ DEBUG_WARN,
|
||||||
|
+ "Warning: This BaseRngTimerLib implementation will be deprecated. "
|
||||||
|
+ "Please use the MdeModulePkg implementation equivalent.\n"
|
||||||
|
+ ));
|
||||||
|
+
|
||||||
|
+ return RETURN_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
Using the TimerLib GetPerformanceCounterProperties() we delay
|
||||||
|
for enough time for the PerformanceCounter to increment.
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,94 @@
|
|||||||
|
From 1198bceefa4834c09e1edc1c558aeffe4930d1f5 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Tue, 11 Jun 2024 21:32:26 -0400
|
||||||
|
Subject: [PATCH 03/31] MdePkg: Apply uncrustify changes
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
|
||||||
|
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [3/31] 422d94b837bf0e65164968272a358c2656f59838
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21856
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45237
|
||||||
|
|
||||||
|
This is a subset of the whitespace changes in the corresponding upstream
|
||||||
|
commit. It is needed for the next commits in this series to apply with
|
||||||
|
less fewer conflicts.
|
||||||
|
|
||||||
|
commit 2f88bd3a1296c522317f1c21377876de63de5be7
|
||||||
|
Author: Michael Kubacki <michael.kubacki@microsoft.com>
|
||||||
|
Date: Sun Dec 5 14:54:05 2021 -0800
|
||||||
|
|
||||||
|
MdePkg: Apply uncrustify changes
|
||||||
|
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737
|
||||||
|
|
||||||
|
Apply uncrustify changes to .c/.h files in the MdePkg package
|
||||||
|
|
||||||
|
Cc: Andrew Fish <afish@apple.com>
|
||||||
|
Cc: Leif Lindholm <leif@nuviainc.com>
|
||||||
|
Cc: Michael D Kinney <michael.d.kinney@intel.com>
|
||||||
|
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
|
||||||
|
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
MdePkg/Include/Protocol/Rng.h | 24 ++++++++++++------------
|
||||||
|
1 file changed, 12 insertions(+), 12 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/MdePkg/Include/Protocol/Rng.h b/MdePkg/Include/Protocol/Rng.h
|
||||||
|
index a0a05d1661..baf425587b 100644
|
||||||
|
--- a/MdePkg/Include/Protocol/Rng.h
|
||||||
|
+++ b/MdePkg/Include/Protocol/Rng.h
|
||||||
|
@@ -93,7 +93,7 @@ typedef EFI_GUID EFI_RNG_ALGORITHM;
|
||||||
|
**/
|
||||||
|
typedef
|
||||||
|
EFI_STATUS
|
||||||
|
-(EFIAPI *EFI_RNG_GET_INFO) (
|
||||||
|
+(EFIAPI *EFI_RNG_GET_INFO)(
|
||||||
|
IN EFI_RNG_PROTOCOL *This,
|
||||||
|
IN OUT UINTN *RNGAlgorithmListSize,
|
||||||
|
OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
|
||||||
|
@@ -123,9 +123,9 @@ EFI_STATUS
|
||||||
|
**/
|
||||||
|
typedef
|
||||||
|
EFI_STATUS
|
||||||
|
-(EFIAPI *EFI_RNG_GET_RNG) (
|
||||||
|
+(EFIAPI *EFI_RNG_GET_RNG)(
|
||||||
|
IN EFI_RNG_PROTOCOL *This,
|
||||||
|
- IN EFI_RNG_ALGORITHM *RNGAlgorithm, OPTIONAL
|
||||||
|
+ IN EFI_RNG_ALGORITHM *RNGAlgorithm OPTIONAL,
|
||||||
|
IN UINTN RNGValueLength,
|
||||||
|
OUT UINT8 *RNGValue
|
||||||
|
);
|
||||||
|
@@ -135,16 +135,16 @@ EFI_STATUS
|
||||||
|
/// applications, or entropy for seeding other random number generators.
|
||||||
|
///
|
||||||
|
struct _EFI_RNG_PROTOCOL {
|
||||||
|
- EFI_RNG_GET_INFO GetInfo;
|
||||||
|
- EFI_RNG_GET_RNG GetRNG;
|
||||||
|
+ EFI_RNG_GET_INFO GetInfo;
|
||||||
|
+ EFI_RNG_GET_RNG GetRNG;
|
||||||
|
};
|
||||||
|
|
||||||
|
-extern EFI_GUID gEfiRngProtocolGuid;
|
||||||
|
-extern EFI_GUID gEfiRngAlgorithmSp80090Hash256Guid;
|
||||||
|
-extern EFI_GUID gEfiRngAlgorithmSp80090Hmac256Guid;
|
||||||
|
-extern EFI_GUID gEfiRngAlgorithmSp80090Ctr256Guid;
|
||||||
|
-extern EFI_GUID gEfiRngAlgorithmX9313DesGuid;
|
||||||
|
-extern EFI_GUID gEfiRngAlgorithmX931AesGuid;
|
||||||
|
-extern EFI_GUID gEfiRngAlgorithmRaw;
|
||||||
|
+extern EFI_GUID gEfiRngProtocolGuid;
|
||||||
|
+extern EFI_GUID gEfiRngAlgorithmSp80090Hash256Guid;
|
||||||
|
+extern EFI_GUID gEfiRngAlgorithmSp80090Hmac256Guid;
|
||||||
|
+extern EFI_GUID gEfiRngAlgorithmSp80090Ctr256Guid;
|
||||||
|
+extern EFI_GUID gEfiRngAlgorithmX9313DesGuid;
|
||||||
|
+extern EFI_GUID gEfiRngAlgorithmX931AesGuid;
|
||||||
|
+extern EFI_GUID gEfiRngAlgorithmRaw;
|
||||||
|
|
||||||
|
#endif
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,66 @@
|
|||||||
|
From 3351bd0ba07cc490c344d2dc54b86833993ca5a2 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 20 Jun 2024 15:58:58 -0400
|
||||||
|
Subject: [PATCH 18/31] MdePkg/DxeRngLib: Request raw algorithm instead of
|
||||||
|
default
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
|
||||||
|
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [18/31] fa2da700127ae713aa578638c2390673fc49522d
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21856
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45237
|
||||||
|
|
||||||
|
commit bd1f0eecc1dfe51ba20161bef8860d12392006bd
|
||||||
|
Author: Pierre Gondois <pierre.gondois@arm.com>
|
||||||
|
Date: Fri Aug 11 16:33:05 2023 +0200
|
||||||
|
|
||||||
|
MdePkg/DxeRngLib: Request raw algorithm instead of default
|
||||||
|
|
||||||
|
The DxeRngLib tries to generate a random number using the 3 NIST
|
||||||
|
SP 800-90 compliant DRBG algorithms, i.e. 256-bits CTR, HASH and HMAC.
|
||||||
|
If none of the call is successful, the fallback option is the default
|
||||||
|
RNG algorithm of the EFI_RNG_PROTOCOL. This default algorithm might
|
||||||
|
be an unsafe implementation.
|
||||||
|
|
||||||
|
Try requesting the Raw algorithm before requesting the default one.
|
||||||
|
|
||||||
|
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
|
||||||
|
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
|
||||||
|
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
||||||
|
Acked-by: Ard Biesheuvel <ardb@kernel.org>
|
||||||
|
Tested-by: Kun Qin <kun.qin@microsoft.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
MdePkg/Library/DxeRngLib/DxeRngLib.c | 9 ++++++++-
|
||||||
|
1 file changed, 8 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/MdePkg/Library/DxeRngLib/DxeRngLib.c b/MdePkg/Library/DxeRngLib/DxeRngLib.c
|
||||||
|
index 9c3d67b5a6..4b2fc1cde5 100644
|
||||||
|
--- a/MdePkg/Library/DxeRngLib/DxeRngLib.c
|
||||||
|
+++ b/MdePkg/Library/DxeRngLib/DxeRngLib.c
|
||||||
|
@@ -64,9 +64,16 @@ GenerateRandomNumberViaNist800Algorithm (
|
||||||
|
if (!EFI_ERROR (Status)) {
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ Status = RngProtocol->GetRNG (RngProtocol, &gEfiRngAlgorithmRaw, BufferSize, Buffer);
|
||||||
|
+ DEBUG ((DEBUG_INFO, "%a: GetRNG algorithm Raw - Status = %r\n", __func__, Status));
|
||||||
|
+ if (!EFI_ERROR (Status)) {
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
// If all the other methods have failed, use the default method from the RngProtocol
|
||||||
|
Status = RngProtocol->GetRNG (RngProtocol, NULL, BufferSize, Buffer);
|
||||||
|
- DEBUG((DEBUG_INFO, "%a: GetRNG algorithm Hash-256 - Status = %r\n", __FUNCTION__, Status));
|
||||||
|
+ DEBUG ((DEBUG_INFO, "%a: GetRNG algorithm default - Status = %r\n", __func__, Status));
|
||||||
|
if (!EFI_ERROR (Status)) {
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,390 @@
|
|||||||
|
From b8261ac422ba284249cd4f341d78d058e79960f5 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Wed, 7 Feb 2024 11:56:37 -0500
|
||||||
|
Subject: [PATCH 03/17] MdePkg: Introduce CcMeasurementProtocol for CC Guest
|
||||||
|
firmware
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 44: edk2: heap buffer overflow in Tcg2MeasureGptTable()
|
||||||
|
RH-Jira: RHEL-21154 RHEL-21156
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [3/13] 6bf304f8e3bc875024c8fb0a4cd5d2c944f69480 (jmaloy/jons_fork)
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21154
|
||||||
|
CVE: CVE-2022-36763
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit e193584da60550008722498442c62ddb77bf27d5
|
||||||
|
Author: Min Xu <min.m.xu@intel.com>
|
||||||
|
Date: Sat Dec 11 21:08:40 2021 +0800
|
||||||
|
|
||||||
|
MdePkg: Introduce CcMeasurementProtocol for CC Guest firmware
|
||||||
|
|
||||||
|
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3625
|
||||||
|
|
||||||
|
CC guest is a Confidential Computing guest. If CC Guest firmware
|
||||||
|
supports measurement and an event is created, CC Guest firmware
|
||||||
|
is designed to report the event log with the same data structure
|
||||||
|
in TCG-Platform-Firmware-Profile specification with
|
||||||
|
EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 format.
|
||||||
|
|
||||||
|
The CC Guest firmware supports measurement. It is designed to
|
||||||
|
produce EFI_CC_MEASUREMENT_PROTOCOL with new GUID
|
||||||
|
EFI_CC_MEASUREMENT_PROTOCOL_GUID to report event log and provides
|
||||||
|
hash capability.
|
||||||
|
|
||||||
|
Cc: Michael D Kinney <michael.d.kinney@intel.com>
|
||||||
|
Cc: Liming Gao <gaoliming@byosoft.com.cn>
|
||||||
|
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
|
||||||
|
Cc: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
Cc: Jian J Wang <jian.j.wang@intel.com>
|
||||||
|
Cc: Ken Lu <ken.lu@intel.com>
|
||||||
|
Cc: Sami Mujawar <sami.mujawar@arm.com>
|
||||||
|
Cc: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
||||||
|
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
|
||||||
|
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
Signed-off-by: Min Xu <min.m.xu@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
MdePkg/Include/Protocol/CcMeasurement.h | 302 ++++++++++++++++++++++++
|
||||||
|
MdePkg/MdePkg.dec | 6 +
|
||||||
|
2 files changed, 308 insertions(+)
|
||||||
|
create mode 100644 MdePkg/Include/Protocol/CcMeasurement.h
|
||||||
|
|
||||||
|
diff --git a/MdePkg/Include/Protocol/CcMeasurement.h b/MdePkg/Include/Protocol/CcMeasurement.h
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..68029e977f
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/MdePkg/Include/Protocol/CcMeasurement.h
|
||||||
|
@@ -0,0 +1,302 @@
|
||||||
|
+/** @file
|
||||||
|
+ If CC Guest firmware supports measurement and an event is created,
|
||||||
|
+ CC Guest firmware is designed to report the event log with the same
|
||||||
|
+ data structure in TCG-Platform-Firmware-Profile specification with
|
||||||
|
+ EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 format.
|
||||||
|
+
|
||||||
|
+ The CC Guest firmware supports measurement, the CC Guest Firmware is
|
||||||
|
+ designed to produce EFI_CC_MEASUREMENT_PROTOCOL with new GUID
|
||||||
|
+ EFI_CC_MEASUREMENT_PROTOCOL_GUID to report event log and provides hash
|
||||||
|
+ capability.
|
||||||
|
+
|
||||||
|
+Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.<BR>
|
||||||
|
+SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+
|
||||||
|
+**/
|
||||||
|
+
|
||||||
|
+#ifndef CC_MEASUREMENT_PROTOCOL_H_
|
||||||
|
+#define CC_MEASUREMENT_PROTOCOL_H_
|
||||||
|
+
|
||||||
|
+#include <IndustryStandard/UefiTcgPlatform.h>
|
||||||
|
+
|
||||||
|
+#define EFI_CC_MEASUREMENT_PROTOCOL_GUID \
|
||||||
|
+ { 0x96751a3d, 0x72f4, 0x41a6, { 0xa7, 0x94, 0xed, 0x5d, 0x0e, 0x67, 0xae, 0x6b }}
|
||||||
|
+extern EFI_GUID gEfiCcMeasurementProtocolGuid;
|
||||||
|
+
|
||||||
|
+typedef struct _EFI_CC_MEASUREMENT_PROTOCOL EFI_CC_MEASUREMENT_PROTOCOL;
|
||||||
|
+
|
||||||
|
+typedef struct {
|
||||||
|
+ UINT8 Major;
|
||||||
|
+ UINT8 Minor;
|
||||||
|
+} EFI_CC_VERSION;
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// EFI_CC Type/SubType definition
|
||||||
|
+//
|
||||||
|
+#define EFI_CC_TYPE_NONE 0
|
||||||
|
+#define EFI_CC_TYPE_SEV 1
|
||||||
|
+#define EFI_CC_TYPE_TDX 2
|
||||||
|
+
|
||||||
|
+typedef struct {
|
||||||
|
+ UINT8 Type;
|
||||||
|
+ UINT8 SubType;
|
||||||
|
+} EFI_CC_TYPE;
|
||||||
|
+
|
||||||
|
+typedef UINT32 EFI_CC_EVENT_LOG_BITMAP;
|
||||||
|
+typedef UINT32 EFI_CC_EVENT_LOG_FORMAT;
|
||||||
|
+typedef UINT32 EFI_CC_EVENT_ALGORITHM_BITMAP;
|
||||||
|
+typedef UINT32 EFI_CC_MR_INDEX;
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// Intel TDX measure register index
|
||||||
|
+//
|
||||||
|
+#define TDX_MR_INDEX_MRTD 0
|
||||||
|
+#define TDX_MR_INDEX_RTMR0 1
|
||||||
|
+#define TDX_MR_INDEX_RTMR1 2
|
||||||
|
+#define TDX_MR_INDEX_RTMR2 3
|
||||||
|
+#define TDX_MR_INDEX_RTMR3 4
|
||||||
|
+
|
||||||
|
+#define EFI_CC_EVENT_LOG_FORMAT_TCG_2 0x00000002
|
||||||
|
+#define EFI_CC_BOOT_HASH_ALG_SHA384 0x00000004
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// This bit is shall be set when an event shall be extended but not logged.
|
||||||
|
+//
|
||||||
|
+#define EFI_CC_FLAG_EXTEND_ONLY 0x0000000000000001
|
||||||
|
+//
|
||||||
|
+// This bit shall be set when the intent is to measure a PE/COFF image.
|
||||||
|
+//
|
||||||
|
+#define EFI_CC_FLAG_PE_COFF_IMAGE 0x0000000000000010
|
||||||
|
+
|
||||||
|
+#pragma pack (1)
|
||||||
|
+
|
||||||
|
+#define EFI_CC_EVENT_HEADER_VERSION 1
|
||||||
|
+
|
||||||
|
+typedef struct {
|
||||||
|
+ //
|
||||||
|
+ // Size of the event header itself (sizeof(EFI_CC_EVENT_HEADER)).
|
||||||
|
+ //
|
||||||
|
+ UINT32 HeaderSize;
|
||||||
|
+ //
|
||||||
|
+ // Header version. For this version of this specification, the value shall be 1.
|
||||||
|
+ //
|
||||||
|
+ UINT16 HeaderVersion;
|
||||||
|
+ //
|
||||||
|
+ // Index of the MR (measurement register) that shall be extended.
|
||||||
|
+ //
|
||||||
|
+ EFI_CC_MR_INDEX MrIndex;
|
||||||
|
+ //
|
||||||
|
+ // Type of the event that shall be extended (and optionally logged).
|
||||||
|
+ //
|
||||||
|
+ UINT32 EventType;
|
||||||
|
+} EFI_CC_EVENT_HEADER;
|
||||||
|
+
|
||||||
|
+typedef struct {
|
||||||
|
+ //
|
||||||
|
+ // Total size of the event including the Size component, the header and the Event data.
|
||||||
|
+ //
|
||||||
|
+ UINT32 Size;
|
||||||
|
+ EFI_CC_EVENT_HEADER Header;
|
||||||
|
+ UINT8 Event[1];
|
||||||
|
+} EFI_CC_EVENT;
|
||||||
|
+
|
||||||
|
+#pragma pack()
|
||||||
|
+
|
||||||
|
+typedef struct {
|
||||||
|
+ //
|
||||||
|
+ // Allocated size of the structure
|
||||||
|
+ //
|
||||||
|
+ UINT8 Size;
|
||||||
|
+ //
|
||||||
|
+ // Version of the EFI_CC_BOOT_SERVICE_CAPABILITY structure itself.
|
||||||
|
+ // For this version of the protocol, the Major version shall be set to 1
|
||||||
|
+ // and the Minor version shall be set to 0.
|
||||||
|
+ //
|
||||||
|
+ EFI_CC_VERSION StructureVersion;
|
||||||
|
+ //
|
||||||
|
+ // Version of the EFI CC Measurement protocol.
|
||||||
|
+ // For this version of the protocol, the Major version shall be set to 1
|
||||||
|
+ // and the Minor version shall be set to 0.
|
||||||
|
+ //
|
||||||
|
+ EFI_CC_VERSION ProtocolVersion;
|
||||||
|
+ //
|
||||||
|
+ // Supported hash algorithms
|
||||||
|
+ //
|
||||||
|
+ EFI_CC_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap;
|
||||||
|
+ //
|
||||||
|
+ // Bitmap of supported event log formats
|
||||||
|
+ //
|
||||||
|
+ EFI_CC_EVENT_LOG_BITMAP SupportedEventLogs;
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Indicates the CC type
|
||||||
|
+ //
|
||||||
|
+ EFI_CC_TYPE CcType;
|
||||||
|
+} EFI_CC_BOOT_SERVICE_CAPABILITY;
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ The EFI_CC_MEASUREMENT_PROTOCOL GetCapability function call provides protocol
|
||||||
|
+ capability information and state information.
|
||||||
|
+
|
||||||
|
+ @param[in] This Indicates the calling context
|
||||||
|
+ @param[in, out] ProtocolCapability The caller allocates memory for a EFI_CC_BOOT_SERVICE_CAPABILITY
|
||||||
|
+ structure and sets the size field to the size of the structure allocated.
|
||||||
|
+ The callee fills in the fields with the EFI CC BOOT Service capability
|
||||||
|
+ information and the current CC information.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Operation completed successfully.
|
||||||
|
+ @retval EFI_DEVICE_ERROR The command was unsuccessful.
|
||||||
|
+ The ProtocolCapability variable will not be populated.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
|
||||||
|
+ The ProtocolCapability variable will not be populated.
|
||||||
|
+ @retval EFI_BUFFER_TOO_SMALL The ProtocolCapability variable is too small to hold the full response.
|
||||||
|
+ It will be partially populated (required Size field will be set).
|
||||||
|
+**/
|
||||||
|
+typedef
|
||||||
|
+EFI_STATUS
|
||||||
|
+(EFIAPI *EFI_CC_GET_CAPABILITY)(
|
||||||
|
+ IN EFI_CC_MEASUREMENT_PROTOCOL *This,
|
||||||
|
+ IN OUT EFI_CC_BOOT_SERVICE_CAPABILITY *ProtocolCapability
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ The EFI_CC_MEASUREMENT_PROTOCOL Get Event Log function call allows a caller to
|
||||||
|
+ retrieve the address of a given event log and its last entry.
|
||||||
|
+
|
||||||
|
+ @param[in] This Indicates the calling context
|
||||||
|
+ @param[in] EventLogFormat The type of the event log for which the information is requested.
|
||||||
|
+ @param[out] EventLogLocation A pointer to the memory address of the event log.
|
||||||
|
+ @param[out] EventLogLastEntry If the Event Log contains more than one entry, this is a pointer to the
|
||||||
|
+ address of the start of the last entry in the event log in memory.
|
||||||
|
+ @param[out] EventLogTruncated If the Event Log is missing at least one entry because an event would
|
||||||
|
+ have exceeded the area allocated for events, this value is set to TRUE.
|
||||||
|
+ Otherwise, the value will be FALSE and the Event Log will be complete.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Operation completed successfully.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect
|
||||||
|
+ (e.g. asking for an event log whose format is not supported).
|
||||||
|
+**/
|
||||||
|
+typedef
|
||||||
|
+EFI_STATUS
|
||||||
|
+(EFIAPI *EFI_CC_GET_EVENT_LOG)(
|
||||||
|
+ IN EFI_CC_MEASUREMENT_PROTOCOL *This,
|
||||||
|
+ IN EFI_CC_EVENT_LOG_FORMAT EventLogFormat,
|
||||||
|
+ OUT EFI_PHYSICAL_ADDRESS *EventLogLocation,
|
||||||
|
+ OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry,
|
||||||
|
+ OUT BOOLEAN *EventLogTruncated
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ The EFI_CC_MEASUREMENT_PROTOCOL HashLogExtendEvent function call provides
|
||||||
|
+ callers with an opportunity to extend and optionally log events without requiring
|
||||||
|
+ knowledge of actual CC commands.
|
||||||
|
+ The extend operation will occur even if this function cannot create an event
|
||||||
|
+ log entry (e.g. due to the event log being full).
|
||||||
|
+
|
||||||
|
+ @param[in] This Indicates the calling context
|
||||||
|
+ @param[in] Flags Bitmap providing additional information.
|
||||||
|
+ @param[in] DataToHash Physical address of the start of the data buffer to be hashed.
|
||||||
|
+ @param[in] DataToHashLen The length in bytes of the buffer referenced by DataToHash.
|
||||||
|
+ @param[in] EfiCcEvent Pointer to data buffer containing information about the event.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Operation completed successfully.
|
||||||
|
+ @retval EFI_DEVICE_ERROR The command was unsuccessful.
|
||||||
|
+ @retval EFI_VOLUME_FULL The extend operation occurred, but the event could not be written to one or more event logs.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
|
||||||
|
+ @retval EFI_UNSUPPORTED The PE/COFF image type is not supported.
|
||||||
|
+**/
|
||||||
|
+typedef
|
||||||
|
+EFI_STATUS
|
||||||
|
+(EFIAPI *EFI_CC_HASH_LOG_EXTEND_EVENT)(
|
||||||
|
+ IN EFI_CC_MEASUREMENT_PROTOCOL *This,
|
||||||
|
+ IN UINT64 Flags,
|
||||||
|
+ IN EFI_PHYSICAL_ADDRESS DataToHash,
|
||||||
|
+ IN UINT64 DataToHashLen,
|
||||||
|
+ IN EFI_CC_EVENT *EfiCcEvent
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ The EFI_CC_MEASUREMENT_PROTOCOL MapPcrToMrIndex function call provides callers
|
||||||
|
+ the info on TPM PCR <-> CC MR mapping information.
|
||||||
|
+
|
||||||
|
+ @param[in] This Indicates the calling context
|
||||||
|
+ @param[in] PcrIndex TPM PCR index.
|
||||||
|
+ @param[out] MrIndex CC MR index.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS The MrIndex is returned.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER The MrIndex is NULL.
|
||||||
|
+ @retval EFI_UNSUPPORTED The PcrIndex is invalid.
|
||||||
|
+**/
|
||||||
|
+typedef
|
||||||
|
+EFI_STATUS
|
||||||
|
+(EFIAPI *EFI_CC_MAP_PCR_TO_MR_INDEX)(
|
||||||
|
+ IN EFI_CC_MEASUREMENT_PROTOCOL *This,
|
||||||
|
+ IN TCG_PCRINDEX PcrIndex,
|
||||||
|
+ OUT EFI_CC_MR_INDEX *MrIndex
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+struct _EFI_CC_MEASUREMENT_PROTOCOL {
|
||||||
|
+ EFI_CC_GET_CAPABILITY GetCapability;
|
||||||
|
+ EFI_CC_GET_EVENT_LOG GetEventLog;
|
||||||
|
+ EFI_CC_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;
|
||||||
|
+ EFI_CC_MAP_PCR_TO_MR_INDEX MapPcrToMrIndex;
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// CC event log
|
||||||
|
+//
|
||||||
|
+
|
||||||
|
+#pragma pack(1)
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// Crypto Agile Log Entry Format.
|
||||||
|
+// It is similar with TCG_PCR_EVENT2 except the field of MrIndex and PCRIndex.
|
||||||
|
+//
|
||||||
|
+typedef struct {
|
||||||
|
+ EFI_CC_MR_INDEX MrIndex;
|
||||||
|
+ UINT32 EventType;
|
||||||
|
+ TPML_DIGEST_VALUES Digests;
|
||||||
|
+ UINT32 EventSize;
|
||||||
|
+ UINT8 Event[1];
|
||||||
|
+} CC_EVENT;
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// EFI CC Event Header
|
||||||
|
+// It is similar with TCG_PCR_EVENT2_HDR except the field of MrIndex and PCRIndex
|
||||||
|
+//
|
||||||
|
+typedef struct {
|
||||||
|
+ EFI_CC_MR_INDEX MrIndex;
|
||||||
|
+ UINT32 EventType;
|
||||||
|
+ TPML_DIGEST_VALUES Digests;
|
||||||
|
+ UINT32 EventSize;
|
||||||
|
+} CC_EVENT_HDR;
|
||||||
|
+
|
||||||
|
+#pragma pack()
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// Log entries after Get Event Log service
|
||||||
|
+//
|
||||||
|
+
|
||||||
|
+#define EFI_CC_FINAL_EVENTS_TABLE_VERSION 1
|
||||||
|
+
|
||||||
|
+typedef struct {
|
||||||
|
+ //
|
||||||
|
+ // The version of this structure. It shall be set to 1.
|
||||||
|
+ //
|
||||||
|
+ UINT64 Version;
|
||||||
|
+ //
|
||||||
|
+ // Number of events recorded after invocation of GetEventLog API
|
||||||
|
+ //
|
||||||
|
+ UINT64 NumberOfEvents;
|
||||||
|
+ //
|
||||||
|
+ // List of events of type CC_EVENT.
|
||||||
|
+ //
|
||||||
|
+ // CC_EVENT Event[1];
|
||||||
|
+} EFI_CC_FINAL_EVENTS_TABLE;
|
||||||
|
+
|
||||||
|
+#define EFI_CC_FINAL_EVENTS_TABLE_GUID \
|
||||||
|
+ {0xdd4a4648, 0x2de7, 0x4665, {0x96, 0x4d, 0x21, 0xd9, 0xef, 0x5f, 0xb4, 0x46}}
|
||||||
|
+
|
||||||
|
+extern EFI_GUID gEfiCcFinalEventsTableGuid;
|
||||||
|
+
|
||||||
|
+#endif
|
||||||
|
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
|
||||||
|
index 8b18415b10..6389a48338 100644
|
||||||
|
--- a/MdePkg/MdePkg.dec
|
||||||
|
+++ b/MdePkg/MdePkg.dec
|
||||||
|
@@ -823,6 +823,9 @@
|
||||||
|
#
|
||||||
|
gLinuxEfiInitrdMediaGuid = {0x5568e427, 0x68fc, 0x4f3d, {0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68}}
|
||||||
|
|
||||||
|
+ ## Include/Protocol/CcMeasurement.h
|
||||||
|
+ gEfiCcFinalEventsTableGuid = { 0xdd4a4648, 0x2de7, 0x4665, { 0x96, 0x4d, 0x21, 0xd9, 0xef, 0x5f, 0xb4, 0x46 }}
|
||||||
|
+
|
||||||
|
[Guids.IA32, Guids.X64]
|
||||||
|
## Include/Guid/Cper.h
|
||||||
|
gEfiIa32X64ErrorTypeCacheCheckGuid = { 0xA55701F5, 0xE3EF, 0x43de, { 0xAC, 0x72, 0x24, 0x9B, 0x57, 0x3F, 0xAD, 0x2C }}
|
||||||
|
@@ -1011,6 +1014,9 @@
|
||||||
|
## Include/Protocol/PcdInfo.h
|
||||||
|
gGetPcdInfoProtocolGuid = { 0x5be40f57, 0xfa68, 0x4610, { 0xbb, 0xbf, 0xe9, 0xc5, 0xfc, 0xda, 0xd3, 0x65 } }
|
||||||
|
|
||||||
|
+ ## Include/Protocol/CcMeasurement.h
|
||||||
|
+ gEfiCcMeasurementProtocolGuid = { 0x96751a3d, 0x72f4, 0x41a6, { 0xa7, 0x94, 0xed, 0x5d, 0x0e, 0x67, 0xae, 0x6b }}
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Protocols defined in PI1.0.
|
||||||
|
#
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
@ -0,0 +1,91 @@
|
|||||||
|
From 2a01056c29542a10941cb32929032b80df091a17 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 20 Jun 2024 16:04:48 -0400
|
||||||
|
Subject: [PATCH 19/31] MdePkg/Rng: Add GUID to describe Arm Rndr Rng
|
||||||
|
algorithms
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
|
||||||
|
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [19/31] 58b0f069c74b00eb6476427dd84a50a86aceb598
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21856
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45237
|
||||||
|
|
||||||
|
commit cf07238e5fa4f8b1138ac1c9e80530b4d4e59f1c
|
||||||
|
Author: Pierre Gondois <pierre.gondois@arm.com>
|
||||||
|
Date: Fri Aug 11 16:33:06 2023 +0200
|
||||||
|
|
||||||
|
MdePkg/Rng: Add GUID to describe Arm Rndr Rng algorithms
|
||||||
|
|
||||||
|
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4441
|
||||||
|
|
||||||
|
The EFI_RNG_PROTOCOL can rely on the RngLib. The RngLib has multiple
|
||||||
|
implementations, some of them are unsafe (e.g. BaseRngLibTimerLib).
|
||||||
|
To allow the RngDxe to detect when such implementation is used,
|
||||||
|
a GetRngGuid() function is added in a following patch.
|
||||||
|
|
||||||
|
Prepare GetRngGuid() return values and add a gEfiRngAlgorithmArmRndr
|
||||||
|
to describe a Rng algorithm accessed through Arm's RNDR instruction.
|
||||||
|
[1] states that the implementation of this algorithm should be
|
||||||
|
compliant to NIST SP900-80. The compliance is not guaranteed.
|
||||||
|
|
||||||
|
[1] Arm Architecture Reference Manual Armv8, for A-profile architecture
|
||||||
|
sK12.1 'Properties of the generated random number'
|
||||||
|
|
||||||
|
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
|
||||||
|
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
|
||||||
|
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
||||||
|
Acked-by: Ard Biesheuvel <ardb@kernel.org>
|
||||||
|
Tested-by: Kun Qin <kun.qin@microsoft.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
MdePkg/Include/Protocol/Rng.h | 10 ++++++++++
|
||||||
|
MdePkg/MdePkg.dec | 1 +
|
||||||
|
2 files changed, 11 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/MdePkg/Include/Protocol/Rng.h b/MdePkg/Include/Protocol/Rng.h
|
||||||
|
index baf425587b..38bde53240 100644
|
||||||
|
--- a/MdePkg/Include/Protocol/Rng.h
|
||||||
|
+++ b/MdePkg/Include/Protocol/Rng.h
|
||||||
|
@@ -67,6 +67,15 @@ typedef EFI_GUID EFI_RNG_ALGORITHM;
|
||||||
|
{ \
|
||||||
|
0xe43176d7, 0xb6e8, 0x4827, {0xb7, 0x84, 0x7f, 0xfd, 0xc4, 0xb6, 0x85, 0x61 } \
|
||||||
|
}
|
||||||
|
+///
|
||||||
|
+/// The Arm Architecture states the RNDR that the DRBG algorithm should be compliant
|
||||||
|
+/// with NIST SP800-90A, while not mandating a particular algorithm, so as to be
|
||||||
|
+/// inclusive of different geographies.
|
||||||
|
+///
|
||||||
|
+#define EFI_RNG_ALGORITHM_ARM_RNDR \
|
||||||
|
+ { \
|
||||||
|
+ 0x43d2fde3, 0x9d4e, 0x4d79, {0x02, 0x96, 0xa8, 0x9b, 0xca, 0x78, 0x08, 0x41} \
|
||||||
|
+ }
|
||||||
|
|
||||||
|
/**
|
||||||
|
Returns information about the random number generation implementation.
|
||||||
|
@@ -146,5 +155,6 @@ extern EFI_GUID gEfiRngAlgorithmSp80090Ctr256Guid;
|
||||||
|
extern EFI_GUID gEfiRngAlgorithmX9313DesGuid;
|
||||||
|
extern EFI_GUID gEfiRngAlgorithmX931AesGuid;
|
||||||
|
extern EFI_GUID gEfiRngAlgorithmRaw;
|
||||||
|
+extern EFI_GUID gEfiRngAlgorithmArmRndr;
|
||||||
|
|
||||||
|
#endif
|
||||||
|
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
|
||||||
|
index 8f05e822ac..36501e8bb9 100644
|
||||||
|
--- a/MdePkg/MdePkg.dec
|
||||||
|
+++ b/MdePkg/MdePkg.dec
|
||||||
|
@@ -594,6 +594,7 @@
|
||||||
|
gEfiRngAlgorithmX9313DesGuid = { 0x63c4785a, 0xca34, 0x4012, {0xa3, 0xc8, 0x0b, 0x6a, 0x32, 0x4f, 0x55, 0x46 }}
|
||||||
|
gEfiRngAlgorithmX931AesGuid = { 0xacd03321, 0x777e, 0x4d3d, {0xb1, 0xc8, 0x20, 0xcf, 0xd8, 0x88, 0x20, 0xc9 }}
|
||||||
|
gEfiRngAlgorithmRaw = { 0xe43176d7, 0xb6e8, 0x4827, {0xb7, 0x84, 0x7f, 0xfd, 0xc4, 0xb6, 0x85, 0x61 }}
|
||||||
|
+ gEfiRngAlgorithmArmRndr = { 0x43d2fde3, 0x9d4e, 0x4d79, {0x02, 0x96, 0xa8, 0x9b, 0xca, 0x78, 0x08, 0x41 }}
|
||||||
|
|
||||||
|
## Include/Protocol/AdapterInformation.h
|
||||||
|
gEfiAdapterInfoMediaStateGuid = { 0xD7C74207, 0xA831, 0x4A26, {0xB1, 0xF5, 0xD1, 0x93, 0x06, 0x5C, 0xE8, 0xB6 }}
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,409 @@
|
|||||||
|
From b466e2545e25ebb2004ae9b9f95c6c2f60d1f168 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 20 Jun 2024 16:08:28 -0400
|
||||||
|
Subject: [PATCH 21/31] MdePkg/Rng: Add GetRngGuid() to RngLib
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
|
||||||
|
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [21/31] 54783ad88ba101c620240aa463c5d758fa416c31
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21856
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45237
|
||||||
|
|
||||||
|
commit 5443c2dc310d2c8eb15fb8eefd5057342e78cd0d
|
||||||
|
Author: Pierre Gondois <pierre.gondois@arm.com>
|
||||||
|
Date: Fri Aug 11 16:33:08 2023 +0200
|
||||||
|
|
||||||
|
MdePkg/Rng: Add GetRngGuid() to RngLib
|
||||||
|
|
||||||
|
The EFI_RNG_PROTOCOL can use the RngLib. The RngLib has multiple
|
||||||
|
implementations, some of them are unsafe (e.g. BaseRngLibTimerLib).
|
||||||
|
To allow the RngDxe to detect when such implementation is used,
|
||||||
|
add a GetRngGuid() function to the RngLib.
|
||||||
|
|
||||||
|
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
|
||||||
|
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
||||||
|
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
|
||||||
|
Acked-by: Ard Biesheuvel <ardb@kernel.org>
|
||||||
|
Tested-by: Kun Qin <kun.qin@microsoft.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../BaseRngLibTimerLib/BaseRngLibTimerLib.inf | 4 ++
|
||||||
|
.../Library/BaseRngLibTimerLib/RngLibTimer.c | 28 +++++++++++++
|
||||||
|
MdePkg/Include/Library/RngLib.h | 19 ++++++++-
|
||||||
|
MdePkg/Library/BaseRngLib/AArch64/Rndr.c | 42 +++++++++++++++++++
|
||||||
|
MdePkg/Library/BaseRngLib/BaseRngLib.inf | 10 +++++
|
||||||
|
MdePkg/Library/BaseRngLib/Rand/RdRand.c | 26 ++++++++++++
|
||||||
|
.../Library/BaseRngLibNull/BaseRngLibNull.c | 22 ++++++++++
|
||||||
|
.../Library/BaseRngLibTimerLib/RngLibTimer.c | 23 ++++++++++
|
||||||
|
MdePkg/Library/DxeRngLib/DxeRngLib.c | 28 +++++++++++++
|
||||||
|
9 files changed, 201 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf b/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
|
||||||
|
index f729001060..8461260cc8 100644
|
||||||
|
--- a/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
|
||||||
|
+++ b/MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
|
||||||
|
@@ -29,6 +29,10 @@
|
||||||
|
|
||||||
|
[Packages]
|
||||||
|
MdePkg/MdePkg.dec
|
||||||
|
+ MdeModulePkg/MdeModulePkg.dec
|
||||||
|
+
|
||||||
|
+[Guids]
|
||||||
|
+ gEdkiiRngAlgorithmUnSafe
|
||||||
|
|
||||||
|
[LibraryClasses]
|
||||||
|
BaseLib
|
||||||
|
diff --git a/MdeModulePkg/Library/BaseRngLibTimerLib/RngLibTimer.c b/MdeModulePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
|
||||||
|
index 980854d67b..28ff46c71f 100644
|
||||||
|
--- a/MdeModulePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
|
||||||
|
+++ b/MdeModulePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
|
||||||
|
@@ -2,14 +2,18 @@
|
||||||
|
BaseRng Library that uses the TimerLib to provide reasonably random numbers.
|
||||||
|
Do not use this on a production system.
|
||||||
|
|
||||||
|
+ Copyright (c) 2023, Arm Limited. All rights reserved.
|
||||||
|
Copyright (c) Microsoft Corporation.
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
**/
|
||||||
|
|
||||||
|
#include <Base.h>
|
||||||
|
+#include <Uefi.h>
|
||||||
|
#include <Library/BaseLib.h>
|
||||||
|
+#include <Library/BaseMemoryLib.h>
|
||||||
|
#include <Library/DebugLib.h>
|
||||||
|
#include <Library/TimerLib.h>
|
||||||
|
+#include <Guid/RngAlgorithm.h>
|
||||||
|
|
||||||
|
#define DEFAULT_DELAY_TIME_IN_MICROSECONDS 10
|
||||||
|
|
||||||
|
@@ -190,3 +194,27 @@ GetRandomNumber128 (
|
||||||
|
// Read second 64 bits
|
||||||
|
return GetRandomNumber64 (++Rand);
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Get a GUID identifying the RNG algorithm implementation.
|
||||||
|
+
|
||||||
|
+ @param [out] RngGuid If success, contains the GUID identifying
|
||||||
|
+ the RNG algorithm implementation.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Success.
|
||||||
|
+ @retval EFI_UNSUPPORTED Not supported.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER Invalid parameter.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+GetRngGuid (
|
||||||
|
+ GUID *RngGuid
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ if (RngGuid == NULL) {
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ CopyMem (RngGuid, &gEdkiiRngAlgorithmUnSafe, sizeof (*RngGuid));
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
diff --git a/MdePkg/Include/Library/RngLib.h b/MdePkg/Include/Library/RngLib.h
|
||||||
|
index 05e513022e..801aa6d5bd 100644
|
||||||
|
--- a/MdePkg/Include/Library/RngLib.h
|
||||||
|
+++ b/MdePkg/Include/Library/RngLib.h
|
||||||
|
@@ -1,6 +1,7 @@
|
||||||
|
/** @file
|
||||||
|
Provides random number generator services.
|
||||||
|
|
||||||
|
+Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
|
||||||
|
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
@@ -77,4 +78,20 @@ GetRandomNumber128 (
|
||||||
|
OUT UINT64 *Rand
|
||||||
|
);
|
||||||
|
|
||||||
|
-#endif // __RNG_LIB_H__
|
||||||
|
+/**
|
||||||
|
+ Get a GUID identifying the RNG algorithm implementation.
|
||||||
|
+
|
||||||
|
+ @param [out] RngGuid If success, contains the GUID identifying
|
||||||
|
+ the RNG algorithm implementation.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Success.
|
||||||
|
+ @retval EFI_UNSUPPORTED Not supported.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER Invalid parameter.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+GetRngGuid (
|
||||||
|
+ GUID *RngGuid
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+#endif // __RNG_LIB_H__
|
||||||
|
diff --git a/MdePkg/Library/BaseRngLib/AArch64/Rndr.c b/MdePkg/Library/BaseRngLib/AArch64/Rndr.c
|
||||||
|
index c9f8c813ed..7641314a54 100644
|
||||||
|
--- a/MdePkg/Library/BaseRngLib/AArch64/Rndr.c
|
||||||
|
+++ b/MdePkg/Library/BaseRngLib/AArch64/Rndr.c
|
||||||
|
@@ -2,6 +2,7 @@
|
||||||
|
Random number generator service that uses the RNDR instruction
|
||||||
|
to provide pseudorandom numbers.
|
||||||
|
|
||||||
|
+ Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
|
||||||
|
Copyright (c) 2021, NUVIA Inc. All rights reserved.<BR>
|
||||||
|
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
|
||||||
|
|
||||||
|
@@ -11,6 +12,7 @@
|
||||||
|
|
||||||
|
#include <Uefi.h>
|
||||||
|
#include <Library/BaseLib.h>
|
||||||
|
+#include <Library/BaseMemoryLib.h>
|
||||||
|
#include <Library/DebugLib.h>
|
||||||
|
#include <Library/RngLib.h>
|
||||||
|
|
||||||
|
@@ -137,3 +139,43 @@ ArchIsRngSupported (
|
||||||
|
{
|
||||||
|
return mRndrSupported;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Get a GUID identifying the RNG algorithm implementation.
|
||||||
|
+
|
||||||
|
+ @param [out] RngGuid If success, contains the GUID identifying
|
||||||
|
+ the RNG algorithm implementation.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Success.
|
||||||
|
+ @retval EFI_UNSUPPORTED Not supported.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER Invalid parameter.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+GetRngGuid (
|
||||||
|
+ GUID *RngGuid
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ GUID *RngLibGuid;
|
||||||
|
+
|
||||||
|
+ if (RngGuid == NULL) {
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (!mRndrSupported) {
|
||||||
|
+ return EFI_UNSUPPORTED;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // If the platform advertises the algorithm behind RNDR instruction,
|
||||||
|
+ // use it. Otherwise use gEfiRngAlgorithmArmRndr.
|
||||||
|
+ //
|
||||||
|
+ RngLibGuid = PcdGetPtr (PcdCpuRngSupportedAlgorithm);
|
||||||
|
+ if (!IsZeroGuid (RngLibGuid)) {
|
||||||
|
+ CopyMem (RngGuid, RngLibGuid, sizeof (*RngGuid));
|
||||||
|
+ } else {
|
||||||
|
+ CopyMem (RngGuid, &gEfiRngAlgorithmArmRndr, sizeof (*RngGuid));
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
diff --git a/MdePkg/Library/BaseRngLib/BaseRngLib.inf b/MdePkg/Library/BaseRngLib/BaseRngLib.inf
|
||||||
|
index 1fcceb9414..49503b139b 100644
|
||||||
|
--- a/MdePkg/Library/BaseRngLib/BaseRngLib.inf
|
||||||
|
+++ b/MdePkg/Library/BaseRngLib/BaseRngLib.inf
|
||||||
|
@@ -4,6 +4,7 @@
|
||||||
|
# BaseRng Library that uses CPU RNG instructions (e.g. RdRand) to
|
||||||
|
# provide random numbers.
|
||||||
|
#
|
||||||
|
+# Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
|
||||||
|
# Copyright (c) 2021, NUVIA Inc. All rights reserved.<BR>
|
||||||
|
# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
|
||||||
|
#
|
||||||
|
@@ -43,9 +44,18 @@
|
||||||
|
AArch64/ArmReadIdIsar0.asm | MSFT
|
||||||
|
AArch64/ArmRng.asm | MSFT
|
||||||
|
|
||||||
|
+[Guids.AARCH64]
|
||||||
|
+ gEfiRngAlgorithmArmRndr
|
||||||
|
+
|
||||||
|
+[Guids.Ia32, Guids.X64]
|
||||||
|
+ gEfiRngAlgorithmSp80090Ctr256Guid
|
||||||
|
+
|
||||||
|
[Packages]
|
||||||
|
MdePkg/MdePkg.dec
|
||||||
|
|
||||||
|
+[Pcd.AARCH64]
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm
|
||||||
|
+
|
||||||
|
[LibraryClasses]
|
||||||
|
BaseLib
|
||||||
|
DebugLib
|
||||||
|
diff --git a/MdePkg/Library/BaseRngLib/Rand/RdRand.c b/MdePkg/Library/BaseRngLib/Rand/RdRand.c
|
||||||
|
index 09fb875ac3..aee8ea04e8 100644
|
||||||
|
--- a/MdePkg/Library/BaseRngLib/Rand/RdRand.c
|
||||||
|
+++ b/MdePkg/Library/BaseRngLib/Rand/RdRand.c
|
||||||
|
@@ -2,6 +2,7 @@
|
||||||
|
Random number generator services that uses RdRand instruction access
|
||||||
|
to provide high-quality random numbers.
|
||||||
|
|
||||||
|
+Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
|
||||||
|
Copyright (c) 2021, NUVIA Inc. All rights reserved.<BR>
|
||||||
|
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
|
||||||
|
|
||||||
|
@@ -11,6 +12,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
#include <Uefi.h>
|
||||||
|
#include <Library/BaseLib.h>
|
||||||
|
+#include <Library/BaseMemoryLib.h>
|
||||||
|
#include <Library/DebugLib.h>
|
||||||
|
|
||||||
|
#include "BaseRngLibInternals.h"
|
||||||
|
@@ -129,3 +131,27 @@ ArchIsRngSupported (
|
||||||
|
*/
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Get a GUID identifying the RNG algorithm implementation.
|
||||||
|
+
|
||||||
|
+ @param [out] RngGuid If success, contains the GUID identifying
|
||||||
|
+ the RNG algorithm implementation.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Success.
|
||||||
|
+ @retval EFI_UNSUPPORTED Not supported.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER Invalid parameter.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+GetRngGuid (
|
||||||
|
+ GUID *RngGuid
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ if (RngGuid == NULL) {
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ CopyMem (RngGuid, &gEfiRngAlgorithmSp80090Ctr256Guid, sizeof (*RngGuid));
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
diff --git a/MdePkg/Library/BaseRngLibNull/BaseRngLibNull.c b/MdePkg/Library/BaseRngLibNull/BaseRngLibNull.c
|
||||||
|
index cad30599ea..34a18e6a4d 100644
|
||||||
|
--- a/MdePkg/Library/BaseRngLibNull/BaseRngLibNull.c
|
||||||
|
+++ b/MdePkg/Library/BaseRngLibNull/BaseRngLibNull.c
|
||||||
|
@@ -1,13 +1,16 @@
|
||||||
|
/** @file
|
||||||
|
Null version of Random number generator services.
|
||||||
|
|
||||||
|
+Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
|
||||||
|
Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
**/
|
||||||
|
|
||||||
|
+#include <Uefi.h>
|
||||||
|
#include <Library/DebugLib.h>
|
||||||
|
#include <Library/RngLib.h>
|
||||||
|
+#include <Protocol/Rng.h>
|
||||||
|
|
||||||
|
/**
|
||||||
|
Generates a 16-bit random number.
|
||||||
|
@@ -92,3 +95,22 @@ GetRandomNumber128 (
|
||||||
|
ASSERT (FALSE);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Get a GUID identifying the RNG algorithm implementation.
|
||||||
|
+
|
||||||
|
+ @param [out] RngGuid If success, contains the GUID identifying
|
||||||
|
+ the RNG algorithm implementation.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Success.
|
||||||
|
+ @retval EFI_UNSUPPORTED Not supported.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER Invalid parameter.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+GetRngGuid (
|
||||||
|
+ GUID *RngGuid
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_UNSUPPORTED;
|
||||||
|
+}
|
||||||
|
diff --git a/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c b/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
|
||||||
|
index 6b8392162b..7337500fec 100644
|
||||||
|
--- a/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
|
||||||
|
+++ b/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c
|
||||||
|
@@ -209,3 +209,26 @@ GetRandomNumber128 (
|
||||||
|
// Read second 64 bits
|
||||||
|
return GetRandomNumber64 (++Rand);
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Get a GUID identifying the RNG algorithm implementation.
|
||||||
|
+
|
||||||
|
+ @param [out] RngGuid If success, contains the GUID identifying
|
||||||
|
+ the RNG algorithm implementation.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Success.
|
||||||
|
+ @retval EFI_UNSUPPORTED Not supported.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER Invalid parameter.
|
||||||
|
+**/
|
||||||
|
+RETURN_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+GetRngGuid (
|
||||||
|
+ GUID *RngGuid
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ /* This implementation is to be replaced by its MdeModulePkg copy.
|
||||||
|
+ * The cause being that some GUIDs (gEdkiiRngAlgorithmUnSafe) cannot
|
||||||
|
+ * be defined in the MdePkg.
|
||||||
|
+ */
|
||||||
|
+ return RETURN_UNSUPPORTED;
|
||||||
|
+}
|
||||||
|
diff --git a/MdePkg/Library/DxeRngLib/DxeRngLib.c b/MdePkg/Library/DxeRngLib/DxeRngLib.c
|
||||||
|
index 4b2fc1cde5..20248b4107 100644
|
||||||
|
--- a/MdePkg/Library/DxeRngLib/DxeRngLib.c
|
||||||
|
+++ b/MdePkg/Library/DxeRngLib/DxeRngLib.c
|
||||||
|
@@ -1,6 +1,7 @@
|
||||||
|
/** @file
|
||||||
|
Provides an implementation of the library class RngLib that uses the Rng protocol.
|
||||||
|
|
||||||
|
+ Copyright (c) 2023, Arm Limited. All rights reserved.
|
||||||
|
Copyright (c) Microsoft Corporation. All rights reserved.
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
@@ -204,3 +205,30 @@ GetRandomNumber128 (
|
||||||
|
}
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Get a GUID identifying the RNG algorithm implementation.
|
||||||
|
+
|
||||||
|
+ @param [out] RngGuid If success, contains the GUID identifying
|
||||||
|
+ the RNG algorithm implementation.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Success.
|
||||||
|
+ @retval EFI_UNSUPPORTED Not supported.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER Invalid parameter.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+GetRngGuid (
|
||||||
|
+ GUID *RngGuid
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ /* It is not possible to know beforehand which Rng algorithm will
|
||||||
|
+ * be used by this library.
|
||||||
|
+ * This API is mainly used by RngDxe. RngDxe relies on the RngLib.
|
||||||
|
+ * The RngLib|DxeRngLib.inf implementation locates and uses an installed
|
||||||
|
+ * EFI_RNG_PROTOCOL.
|
||||||
|
+ * It is thus not possible to have both RngDxe and RngLib|DxeRngLib.inf.
|
||||||
|
+ * and it is ok not to support this API.
|
||||||
|
+ */
|
||||||
|
+ return EFI_UNSUPPORTED;
|
||||||
|
+}
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,63 @@
|
|||||||
|
From 634ee7a8cef2eac9f41cff4b42859d9d54b204bf Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 20 Jun 2024 10:35:27 -0400
|
||||||
|
Subject: [PATCH 29/31] MdePkg/X86UnitTestHost: set rdrand cpuid bit
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
|
||||||
|
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [29/31] 60851c6253df6f0114dc2c5598e0dde139d56c4c
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21856
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45237
|
||||||
|
|
||||||
|
commit 5e776299a2604b336a947e68593012ab2cc16eb4
|
||||||
|
Author: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Fri Jun 14 11:45:53 2024 +0200
|
||||||
|
|
||||||
|
MdePkg/X86UnitTestHost: set rdrand cpuid bit
|
||||||
|
|
||||||
|
Set the rdrand feature bit when faking cpuid for host test cases.
|
||||||
|
Needed to make the CryptoPkg test cases work.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
MdePkg/Library/BaseLib/X86UnitTestHost.c | 11 ++++++++++-
|
||||||
|
1 file changed, 10 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/MdePkg/Library/BaseLib/X86UnitTestHost.c b/MdePkg/Library/BaseLib/X86UnitTestHost.c
|
||||||
|
index d0e428457e..abc092a990 100644
|
||||||
|
--- a/MdePkg/Library/BaseLib/X86UnitTestHost.c
|
||||||
|
+++ b/MdePkg/Library/BaseLib/X86UnitTestHost.c
|
||||||
|
@@ -66,6 +66,15 @@ UnitTestHostBaseLibAsmCpuid (
|
||||||
|
OUT UINT32 *Edx OPTIONAL
|
||||||
|
)
|
||||||
|
{
|
||||||
|
+ UINT32 RetEcx;
|
||||||
|
+
|
||||||
|
+ RetEcx = 0;
|
||||||
|
+ switch (Index) {
|
||||||
|
+ case 1:
|
||||||
|
+ RetEcx |= BIT30; /* RdRand */
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (Eax != NULL) {
|
||||||
|
*Eax = 0;
|
||||||
|
}
|
||||||
|
@@ -73,7 +82,7 @@ UnitTestHostBaseLibAsmCpuid (
|
||||||
|
*Ebx = 0;
|
||||||
|
}
|
||||||
|
if (Ecx != NULL) {
|
||||||
|
- *Ecx = 0;
|
||||||
|
+ *Ecx = RetEcx;
|
||||||
|
}
|
||||||
|
if (Edx != NULL) {
|
||||||
|
*Edx = 0;
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,169 @@
|
|||||||
|
From aa66757951e9880df4e21e191142400480aa3908 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 8 Feb 2024 10:35:14 -0500
|
||||||
|
Subject: [PATCH 15/17] NetworkPkg: : Add Unit tests to CI and create Host Test
|
||||||
|
DSC
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 50: CVE-2023-45230 and CVE-2023-45229
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21842
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [2/4] 6669306e2dbb5aa3e7691d57f4a61685b7cd57b2 (jmaloy/jons_fork)
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21842
|
||||||
|
CVE: CVE-2023-45230
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 8014ac2d7bbbc503f5562b51af46bb20ae3d22ff
|
||||||
|
Author: Doug Flick via groups.io <dougflick=microsoft.com@groups.io>
|
||||||
|
Date: Fri Jan 26 05:54:44 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: : Add Unit tests to CI and create Host Test DSC
|
||||||
|
|
||||||
|
Adds Host Based testing to the NetworkPkg
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/NetworkPkg.ci.yaml | 7 +-
|
||||||
|
NetworkPkg/Test/NetworkPkgHostTest.dsc | 98 ++++++++++++++++++++++++++
|
||||||
|
2 files changed, 104 insertions(+), 1 deletion(-)
|
||||||
|
create mode 100644 NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/NetworkPkg.ci.yaml b/NetworkPkg/NetworkPkg.ci.yaml
|
||||||
|
index 07dc7abd69..076424eb60 100644
|
||||||
|
--- a/NetworkPkg/NetworkPkg.ci.yaml
|
||||||
|
+++ b/NetworkPkg/NetworkPkg.ci.yaml
|
||||||
|
@@ -24,6 +24,9 @@
|
||||||
|
"CompilerPlugin": {
|
||||||
|
"DscPath": "NetworkPkg.dsc"
|
||||||
|
},
|
||||||
|
+ "HostUnitTestCompilerPlugin": {
|
||||||
|
+ "DscPath": "Test/NetworkPkgHostTest.dsc"
|
||||||
|
+ },
|
||||||
|
"CharEncodingCheck": {
|
||||||
|
"IgnoreFiles": []
|
||||||
|
},
|
||||||
|
@@ -35,7 +38,9 @@
|
||||||
|
"CryptoPkg/CryptoPkg.dec"
|
||||||
|
],
|
||||||
|
# For host based unit tests
|
||||||
|
- "AcceptableDependencies-HOST_APPLICATION":[],
|
||||||
|
+ "AcceptableDependencies-HOST_APPLICATION":[
|
||||||
|
+ UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||||
|
+ ],
|
||||||
|
# For UEFI shell based apps
|
||||||
|
"AcceptableDependencies-UEFI_APPLICATION":[
|
||||||
|
"ShellPkg/ShellPkg.dec"
|
||||||
|
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..1aeca5c5b3
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
@@ -0,0 +1,98 @@
|
||||||
|
+## @file
|
||||||
|
+# NetworkPkgHostTest DSC file used to build host-based unit tests.
|
||||||
|
+#
|
||||||
|
+# Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+#
|
||||||
|
+##
|
||||||
|
+[Defines]
|
||||||
|
+ PLATFORM_NAME = NetworkPkgHostTest
|
||||||
|
+ PLATFORM_GUID = 3b68324e-fc07-4d49-9520-9347ede65879
|
||||||
|
+ PLATFORM_VERSION = 0.1
|
||||||
|
+ DSC_SPECIFICATION = 0x00010005
|
||||||
|
+ OUTPUT_DIRECTORY = Build/NetworkPkg/HostTest
|
||||||
|
+ SUPPORTED_ARCHITECTURES = IA32|X64|AARCH64
|
||||||
|
+ BUILD_TARGETS = NOOPT
|
||||||
|
+ SKUID_IDENTIFIER = DEFAULT
|
||||||
|
+
|
||||||
|
+!include UnitTestFrameworkPkg/UnitTestFrameworkPkgHost.dsc.inc
|
||||||
|
+[Packages]
|
||||||
|
+ MdePkg/MdePkg.dec
|
||||||
|
+ UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||||
|
+
|
||||||
|
+[Components]
|
||||||
|
+ #
|
||||||
|
+ # Build HOST_APPLICATION that tests NetworkPkg
|
||||||
|
+ #
|
||||||
|
+
|
||||||
|
+# Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests.
|
||||||
|
+[LibraryClasses]
|
||||||
|
+ NetLib|NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
|
||||||
|
+ DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf
|
||||||
|
+ BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
|
||||||
|
+ BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
|
||||||
|
+ DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
|
||||||
|
+ HiiLib|MdeModulePkg/Library/UefiHiiLib/UefiHiiLib.inf
|
||||||
|
+ MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
|
||||||
|
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
|
||||||
|
+ PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
|
||||||
|
+ UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf
|
||||||
|
+ UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf
|
||||||
|
+ UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf
|
||||||
|
+ UefiLib|MdePkg/Library/UefiLib/UefiLib.inf
|
||||||
|
+ UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf
|
||||||
|
+ UefiHiiServicesLib|MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib.inf
|
||||||
|
+ UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf
|
||||||
|
+ TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf
|
||||||
|
+ PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
|
||||||
|
+ PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
|
||||||
|
+ DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf
|
||||||
|
+ DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf
|
||||||
|
+ SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
|
||||||
|
+ RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
|
||||||
|
+ VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
|
||||||
|
+!ifdef CONTINUOUS_INTEGRATION
|
||||||
|
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
|
||||||
|
+ TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
|
||||||
|
+!else
|
||||||
|
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
|
||||||
|
+ OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
|
||||||
|
+ TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
|
||||||
|
+!endif
|
||||||
|
+ DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
|
||||||
|
+ FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
|
||||||
|
+ FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
|
||||||
|
+ SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf
|
||||||
|
+ IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
|
||||||
|
+
|
||||||
|
+!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022
|
||||||
|
+[LibraryClasses.X64]
|
||||||
|
+ # Provide StackCookie support lib so that we can link to /GS exports for VS builds
|
||||||
|
+ RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
|
||||||
|
+!endif
|
||||||
|
+
|
||||||
|
+[LibraryClasses.common.UEFI_DRIVER]
|
||||||
|
+ HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
|
||||||
|
+ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
|
||||||
|
+ DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebugLibConOut.inf
|
||||||
|
+[LibraryClasses.common.UEFI_APPLICATION]
|
||||||
|
+ DebugLib|MdePkg/Library/UefiDebugLibStdErr/UefiDebugLibStdErr.inf
|
||||||
|
+ ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
|
||||||
|
+[LibraryClasses.ARM, LibraryClasses.AARCH64]
|
||||||
|
+ #
|
||||||
|
+ # It is not possible to prevent ARM compiler calls to generic intrinsic functions.
|
||||||
|
+ # This library provides the instrinsic functions generated by a given compiler.
|
||||||
|
+ # [LibraryClasses.ARM] and NULL mean link this library into all ARM images.
|
||||||
|
+ #
|
||||||
|
+!if $(TOOL_CHAIN_TAG) != VS2017 and $(TOOL_CHAIN_TAG) != VS2015 and $(TOOL_CHAIN_TAG) != VS2019
|
||||||
|
+ NULL|ArmPkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf
|
||||||
|
+!endif
|
||||||
|
+ NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf
|
||||||
|
+[LibraryClasses.ARM]
|
||||||
|
+ RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
|
||||||
|
+[LibraryClasses.RISCV64]
|
||||||
|
+ RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
|
||||||
|
+
|
||||||
|
+[PcdsFixedAtBuild]
|
||||||
|
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2
|
||||||
|
+ gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType|0x4
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
@ -0,0 +1,170 @@
|
|||||||
|
From ffa1202da2f55c1f540240e8267db9a7ec8d6a60 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 11/15] NetworkPkg: : Adds a SecurityFix.yaml file
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [11/15] 8a46b763887843d00293997bdd7d50ea120104d9
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21852
|
||||||
|
CVE: CVE-2022-45235
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 1d0b95f6457d225c5108302a9da74b4ed7aa5a38
|
||||||
|
Author: Doug Flick via groups.io <dougflick=microsoft.com@groups.io>
|
||||||
|
Date: Fri Jan 26 05:54:57 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: : Adds a SecurityFix.yaml file
|
||||||
|
|
||||||
|
This creates / adds a security file that tracks the security fixes
|
||||||
|
found in this package and can be used to find the fixes that were
|
||||||
|
applied.
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/SecurityFixes.yaml | 123 ++++++++++++++++++++++++++++++++++
|
||||||
|
1 file changed, 123 insertions(+)
|
||||||
|
create mode 100644 NetworkPkg/SecurityFixes.yaml
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/SecurityFixes.yaml b/NetworkPkg/SecurityFixes.yaml
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..7e900483fe
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/SecurityFixes.yaml
|
||||||
|
@@ -0,0 +1,123 @@
|
||||||
|
+## @file
|
||||||
|
+# Security Fixes for SecurityPkg
|
||||||
|
+#
|
||||||
|
+# Copyright (c) Microsoft Corporation
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+##
|
||||||
|
+CVE_2023_45229:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Patch"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests"
|
||||||
|
+ cve: CVE-2023-45229
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 01 - edk2/NetworkPkg: Out-of-bounds read when processing IA_NA/IA_TA options in a DHCPv6 Advertise message"
|
||||||
|
+ note:
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg\Dhcp6Dxe\Dhcp6Io.c
|
||||||
|
+ - NetworkPkg\Dhcp6Dxe\Dhcp6Impl.h
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4534
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45229
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
+CVE_2023_45230:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Unit Tests"
|
||||||
|
+ cve: CVE-2023-45230
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 02 - edk2/NetworkPkg: Buffer overflow in the DHCPv6 client via a long Server ID option"
|
||||||
|
+ note:
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg\Dhcp6Dxe\Dhcp6Io.c
|
||||||
|
+ - NetworkPkg\Dhcp6Dxe\Dhcp6Impl.h
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4535
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45230
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
+CVE_2023_45231:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45231 Patch"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45231 Unit Tests"
|
||||||
|
+ cve: CVE-2023-45231
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 03 - edk2/NetworkPkg: Out-of-bounds read when handling a ND Redirect message with truncated options"
|
||||||
|
+ note:
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4536
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45231
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
+CVE_2023_45232:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Patch"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Unit Tests"
|
||||||
|
+ cve: CVE-2023-45232
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 04 - edk2/NetworkPkg: Infinite loop when parsing unknown options in the Destination Options header"
|
||||||
|
+ note:
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.h
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4537
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45232
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
+CVE_2023_45233:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Patch"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Unit Tests"
|
||||||
|
+ cve: CVE-2023-45233
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 05 - edk2/NetworkPkg: Infinite loop when parsing a PadN option in the Destination Options header "
|
||||||
|
+ note: This was fixed along with CVE-2023-45233
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.h
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4538
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45233
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
+CVE_2023_45234:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45234 Patch"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45234 Unit Tests"
|
||||||
|
+ cve: CVE-2023-45234
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 06 - edk2/NetworkPkg: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message"
|
||||||
|
+ note:
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4539
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45234
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
+CVE_2023_45235:
|
||||||
|
+ commit_titles:
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45235 Patch"
|
||||||
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45235 Unit Tests"
|
||||||
|
+ cve: CVE-2023-45235
|
||||||
|
+ date_reported: 2023-08-28 13:56 UTC
|
||||||
|
+ description: "Bug 07 - edk2/NetworkPkg: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message"
|
||||||
|
+ note:
|
||||||
|
+ files_impacted:
|
||||||
|
+ - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
+ - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h
|
||||||
|
+ links:
|
||||||
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4540
|
||||||
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45235
|
||||||
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
||||||
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
||||||
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,69 @@
|
|||||||
|
From 649fe647114ca5dee84b0c55106ee58a9703984f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 15/15] NetworkPkg: Dhcp6Dxe: Packet-Length is not updated
|
||||||
|
before appending
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [15/15] bc7ef287311bb3f757bc26f8921875566bcb5917
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21840
|
||||||
|
CVE: CVE-2023-45229
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 75deaf5c3c0d164c61653258c331151241bb69d8
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Tue Feb 13 10:46:02 2024 -0800
|
||||||
|
|
||||||
|
NetworkPkg: Dhcp6Dxe: Packet-Length is not updated before appending
|
||||||
|
|
||||||
|
In order for Dhcp6AppendIaAddrOption (..) to safely append the IA
|
||||||
|
Address option, the Packet-Length field must be updated before appending
|
||||||
|
the option.
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c | 10 +++++-----
|
||||||
|
1 file changed, 5 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
|
||||||
|
index e172ffc2a2..c23eff8766 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
|
||||||
|
@@ -948,6 +948,11 @@ Dhcp6AppendIaOption (
|
||||||
|
*PacketCursor += sizeof (T2);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Update the packet length
|
||||||
|
+ //
|
||||||
|
+ Packet->Length += BytesNeeded;
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Fill all the addresses belong to the Ia
|
||||||
|
//
|
||||||
|
@@ -959,11 +964,6 @@ Dhcp6AppendIaOption (
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
- //
|
||||||
|
- // Update the packet length
|
||||||
|
- //
|
||||||
|
- Packet->Length += BytesNeeded;
|
||||||
|
-
|
||||||
|
//
|
||||||
|
// Fill the value of Ia option length
|
||||||
|
//
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,161 @@
|
|||||||
|
From 4bf844922a963cb20fb1e72ca11a65a673992ca2 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 14/15] NetworkPkg: Dhcp6Dxe: Removes duplicate check and
|
||||||
|
replaces with macro
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [14/15] a943400f9267b219bf1fd202534500f82a2a4c56
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21840
|
||||||
|
CVE: CVE-2023-45229
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit af3fad99d6088881562e50149f414f76a5be0140
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Tue Feb 13 10:46:01 2024 -0800
|
||||||
|
|
||||||
|
NetworkPkg: Dhcp6Dxe: Removes duplicate check and replaces with macro
|
||||||
|
|
||||||
|
Removes duplicate check after merge
|
||||||
|
|
||||||
|
>
|
||||||
|
> //
|
||||||
|
> // Verify the PacketCursor is within the packet
|
||||||
|
> //
|
||||||
|
> if ( (*PacketCursor < Packet->Dhcp6.Option)
|
||||||
|
> || (*PacketCursor >= Packet->Dhcp6.Option + (Packet->Size -
|
||||||
|
sizeof (EFI_DHCP6_HEADER))))
|
||||||
|
> {
|
||||||
|
> return EFI_INVALID_PARAMETER;
|
||||||
|
> }
|
||||||
|
>
|
||||||
|
|
||||||
|
Converts the check to a macro and replaces all instances of the check
|
||||||
|
with the macro
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c | 43 +++++++++++++-----------------
|
||||||
|
1 file changed, 18 insertions(+), 25 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
|
||||||
|
index 484c360a96..e172ffc2a2 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
|
||||||
|
@@ -10,6 +10,15 @@
|
||||||
|
|
||||||
|
#include "Dhcp6Impl.h"
|
||||||
|
|
||||||
|
+//
|
||||||
|
+// Verifies the packet cursor is within the packet
|
||||||
|
+// otherwise it is invalid
|
||||||
|
+//
|
||||||
|
+#define IS_INVALID_PACKET_CURSOR(PacketCursor, Packet) \
|
||||||
|
+ (((*PacketCursor) < (Packet)->Dhcp6.Option) || \
|
||||||
|
+ ((*PacketCursor) >= (Packet)->Dhcp6.Option + ((Packet)->Size - sizeof(EFI_DHCP6_HEADER))) \
|
||||||
|
+ ) \
|
||||||
|
+
|
||||||
|
|
||||||
|
/**
|
||||||
|
Generate client Duid in the format of Duid-llt.
|
||||||
|
@@ -662,9 +671,7 @@ Dhcp6AppendOption (
|
||||||
|
//
|
||||||
|
// Verify the PacketCursor is within the packet
|
||||||
|
//
|
||||||
|
- if ( (*PacketCursor < Packet->Dhcp6.Option)
|
||||||
|
- || (*PacketCursor >= Packet->Dhcp6.Option + (Packet->Size - sizeof (EFI_DHCP6_HEADER))))
|
||||||
|
- {
|
||||||
|
+ if (IS_INVALID_PACKET_CURSOR (PacketCursor, Packet)) {
|
||||||
|
return EFI_INVALID_PARAMETER;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -681,15 +688,6 @@ Dhcp6AppendOption (
|
||||||
|
return EFI_BUFFER_TOO_SMALL;
|
||||||
|
}
|
||||||
|
|
||||||
|
- //
|
||||||
|
- // Verify the PacketCursor is within the packet
|
||||||
|
- //
|
||||||
|
- if ( (*PacketCursor < Packet->Dhcp6.Option)
|
||||||
|
- || (*PacketCursor >= Packet->Dhcp6.Option + (Packet->Size - sizeof (EFI_DHCP6_HEADER))))
|
||||||
|
- {
|
||||||
|
- return EFI_INVALID_PARAMETER;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
WriteUnaligned16 ((UINT16 *)*PacketCursor, OptType);
|
||||||
|
*PacketCursor += DHCP6_SIZE_OF_OPT_CODE;
|
||||||
|
WriteUnaligned16 ((UINT16 *)*PacketCursor, OptLen);
|
||||||
|
@@ -768,9 +766,7 @@ Dhcp6AppendIaAddrOption (
|
||||||
|
//
|
||||||
|
// Verify the PacketCursor is within the packet
|
||||||
|
//
|
||||||
|
- if ( (*PacketCursor < Packet->Dhcp6.Option)
|
||||||
|
- || (*PacketCursor >= Packet->Dhcp6.Option + (Packet->Size - sizeof (EFI_DHCP6_HEADER))))
|
||||||
|
- {
|
||||||
|
+ if (IS_INVALID_PACKET_CURSOR (PacketCursor, Packet)) {
|
||||||
|
return EFI_INVALID_PARAMETER;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -902,9 +898,7 @@ Dhcp6AppendIaOption (
|
||||||
|
//
|
||||||
|
// Verify the PacketCursor is within the packet
|
||||||
|
//
|
||||||
|
- if ( (*PacketCursor < Packet->Dhcp6.Option)
|
||||||
|
- || (*PacketCursor >= Packet->Dhcp6.Option + (Packet->Size - sizeof (EFI_DHCP6_HEADER))))
|
||||||
|
- {
|
||||||
|
+ if (IS_INVALID_PACKET_CURSOR (PacketCursor, Packet)) {
|
||||||
|
return EFI_INVALID_PARAMETER;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -966,14 +960,14 @@ Dhcp6AppendIaOption (
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
- // Fill the value of Ia option length
|
||||||
|
+ // Update the packet length
|
||||||
|
//
|
||||||
|
- *Len = HTONS ((UINT16)(*PacketCursor - (UINT8 *)Len - 2));
|
||||||
|
+ Packet->Length += BytesNeeded;
|
||||||
|
|
||||||
|
//
|
||||||
|
- // Update the packet length
|
||||||
|
+ // Fill the value of Ia option length
|
||||||
|
//
|
||||||
|
- Packet->Length += BytesNeeded;
|
||||||
|
+ *Len = HTONS ((UINT16)(*PacketCursor - (UINT8 *)Len - 2));
|
||||||
|
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
@@ -982,6 +976,7 @@ Dhcp6AppendIaOption (
|
||||||
|
Append the appointed Elapsed time option to Buf, and move Buf to the end.
|
||||||
|
|
||||||
|
@param[in, out] Packet A pointer to the packet, on success Packet->Length
|
||||||
|
+ will be updated.
|
||||||
|
@param[in, out] PacketCursor The pointer in the packet, on success PacketCursor
|
||||||
|
will be moved to the end of the option.
|
||||||
|
@param[in] Instance The pointer to the Dhcp6 instance.
|
||||||
|
@@ -1037,9 +1032,7 @@ Dhcp6AppendETOption (
|
||||||
|
//
|
||||||
|
// Verify the PacketCursor is within the packet
|
||||||
|
//
|
||||||
|
- if ( (*PacketCursor < Packet->Dhcp6.Option)
|
||||||
|
- || (*PacketCursor >= Packet->Dhcp6.Option + (Packet->Size - sizeof (EFI_DHCP6_HEADER))))
|
||||||
|
- {
|
||||||
|
+ if (IS_INVALID_PACKET_CURSOR (PacketCursor, Packet)) {
|
||||||
|
return EFI_INVALID_PARAMETER;
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,621 @@
|
|||||||
|
From a115d0a66c3e73c60b74ec6d09e3759da89e919b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 9 Feb 2024 17:57:07 -0500
|
||||||
|
Subject: [PATCH 17/17] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229
|
||||||
|
Patch
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 50: CVE-2023-45230 and CVE-2023-45229
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21842
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [4/4] 3daf69000f78416ee1f1bad0b6ceb01ed28a84a5 (jmaloy/jons_fork)
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21840
|
||||||
|
CVE: CVE-2023-45229
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 1dbb10cc52dc8ef49bb700daa1cefc76b26d52e0
|
||||||
|
Author: Doug Flick via groups.io <dougflick=microsoft.com@groups.io>
|
||||||
|
Date: Fri Jan 26 05:54:46 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Patch
|
||||||
|
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4534
|
||||||
|
|
||||||
|
Bug Details:
|
||||||
|
PixieFail Bug #1
|
||||||
|
CVE-2023-45229
|
||||||
|
CVSS 6.5 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
||||||
|
CWE-125 Out-of-bounds Read
|
||||||
|
|
||||||
|
Change Overview:
|
||||||
|
|
||||||
|
Introduce Dhcp6SeekInnerOptionSafe which performs checks before seeking
|
||||||
|
the Inner Option from a DHCP6 Option.
|
||||||
|
|
||||||
|
>
|
||||||
|
> EFI_STATUS
|
||||||
|
> Dhcp6SeekInnerOptionSafe (
|
||||||
|
> IN UINT16 IaType,
|
||||||
|
> IN UINT8 *Option,
|
||||||
|
> IN UINT32 OptionLen,
|
||||||
|
> OUT UINT8 **IaInnerOpt,
|
||||||
|
> OUT UINT16 *IaInnerLen
|
||||||
|
> );
|
||||||
|
>
|
||||||
|
|
||||||
|
Lots of code cleanup to improve code readability.
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h | 138 ++++++++++++++++++---
|
||||||
|
NetworkPkg/Dhcp6Dxe/Dhcp6Io.c | 205 +++++++++++++++++++++-----------
|
||||||
|
2 files changed, 257 insertions(+), 86 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h b/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h
|
||||||
|
index ec0ed5d8f5..e759ab9a62 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h
|
||||||
|
@@ -47,6 +47,20 @@ typedef struct _DHCP6_INSTANCE DHCP6_INSTANCE;
|
||||||
|
#define DHCP6_SERVICE_SIGNATURE SIGNATURE_32 ('D', 'H', '6', 'S')
|
||||||
|
#define DHCP6_INSTANCE_SIGNATURE SIGNATURE_32 ('D', 'H', '6', 'I')
|
||||||
|
|
||||||
|
+#define DHCP6_PACKET_ALL 0
|
||||||
|
+#define DHCP6_PACKET_STATEFUL 1
|
||||||
|
+#define DHCP6_PACKET_STATELESS 2
|
||||||
|
+
|
||||||
|
+#define DHCP6_BASE_PACKET_SIZE 1024
|
||||||
|
+
|
||||||
|
+#define DHCP6_PORT_CLIENT 546
|
||||||
|
+#define DHCP6_PORT_SERVER 547
|
||||||
|
+
|
||||||
|
+#define DHCP_CHECK_MEDIA_WAITING_TIME EFI_TIMER_PERIOD_SECONDS(20)
|
||||||
|
+
|
||||||
|
+#define DHCP6_INSTANCE_FROM_THIS(Instance) CR ((Instance), DHCP6_INSTANCE, Dhcp6, DHCP6_INSTANCE_SIGNATURE)
|
||||||
|
+#define DHCP6_SERVICE_FROM_THIS(Service) CR ((Service), DHCP6_SERVICE, ServiceBinding, DHCP6_SERVICE_SIGNATURE)
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// For more information on DHCP options see RFC 8415, Section 21.1
|
||||||
|
//
|
||||||
|
@@ -61,12 +75,10 @@ typedef struct _DHCP6_INSTANCE DHCP6_INSTANCE;
|
||||||
|
// | (option-len octets) |
|
||||||
|
// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
//
|
||||||
|
-#define DHCP6_SIZE_OF_OPT_CODE (sizeof(UINT16))
|
||||||
|
-#define DHCP6_SIZE_OF_OPT_LEN (sizeof(UINT16))
|
||||||
|
+#define DHCP6_SIZE_OF_OPT_CODE (sizeof (((EFI_DHCP6_PACKET_OPTION *)0)->OpCode))
|
||||||
|
+#define DHCP6_SIZE_OF_OPT_LEN (sizeof (((EFI_DHCP6_PACKET_OPTION *)0)->OpLen))
|
||||||
|
|
||||||
|
-//
|
||||||
|
// Combined size of Code and Length
|
||||||
|
-//
|
||||||
|
#define DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN (DHCP6_SIZE_OF_OPT_CODE + \
|
||||||
|
DHCP6_SIZE_OF_OPT_LEN)
|
||||||
|
|
||||||
|
@@ -75,34 +87,122 @@ STATIC_ASSERT (
|
||||||
|
"Combined size of Code and Length must be 4 per RFC 8415"
|
||||||
|
);
|
||||||
|
|
||||||
|
-//
|
||||||
|
// Offset to the length is just past the code
|
||||||
|
-//
|
||||||
|
-#define DHCP6_OPT_LEN_OFFSET(a) (a + DHCP6_SIZE_OF_OPT_CODE)
|
||||||
|
+#define DHCP6_OFFSET_OF_OPT_LEN(a) (a + DHCP6_SIZE_OF_OPT_CODE)
|
||||||
|
STATIC_ASSERT (
|
||||||
|
- DHCP6_OPT_LEN_OFFSET (0) == 2,
|
||||||
|
+ DHCP6_OFFSET_OF_OPT_LEN (0) == 2,
|
||||||
|
"Offset of length is + 2 past start of option"
|
||||||
|
);
|
||||||
|
|
||||||
|
-#define DHCP6_OPT_DATA_OFFSET(a) (a + DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN)
|
||||||
|
+#define DHCP6_OFFSET_OF_OPT_DATA(a) (a + DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN)
|
||||||
|
STATIC_ASSERT (
|
||||||
|
- DHCP6_OPT_DATA_OFFSET (0) == 4,
|
||||||
|
+ DHCP6_OFFSET_OF_OPT_DATA (0) == 4,
|
||||||
|
"Offset to option data should be +4 from start of option"
|
||||||
|
);
|
||||||
|
+//
|
||||||
|
+// Identity Association options (both NA (Non-Temporary) and TA (Temporary Association))
|
||||||
|
+// are defined in RFC 8415 and are a deriviation of a TLV stucture
|
||||||
|
+// For more information on IA_NA see Section 21.4
|
||||||
|
+// For more information on IA_TA see Section 21.5
|
||||||
|
+//
|
||||||
|
+//
|
||||||
|
+// The format of IA_NA and IA_TA option:
|
||||||
|
+//
|
||||||
|
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | OPTION_IA_NA | option-len |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | IAID (4 octets) |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | T1 (only for IA_NA) |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | T2 (only for IA_NA) |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | |
|
||||||
|
+// . IA_NA-options/IA_TA-options .
|
||||||
|
+// . .
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+//
|
||||||
|
+#define DHCP6_SIZE_OF_IAID (sizeof(UINT32))
|
||||||
|
+#define DHCP6_SIZE_OF_TIME_INTERVAL (sizeof(UINT32))
|
||||||
|
|
||||||
|
-#define DHCP6_PACKET_ALL 0
|
||||||
|
-#define DHCP6_PACKET_STATEFUL 1
|
||||||
|
-#define DHCP6_PACKET_STATELESS 2
|
||||||
|
+// Combined size of IAID, T1, and T2
|
||||||
|
+#define DHCP6_SIZE_OF_COMBINED_IAID_T1_T2 (DHCP6_SIZE_OF_IAID + \
|
||||||
|
+ DHCP6_SIZE_OF_TIME_INTERVAL + \
|
||||||
|
+ DHCP6_SIZE_OF_TIME_INTERVAL)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_SIZE_OF_COMBINED_IAID_T1_T2 == 12,
|
||||||
|
+ "Combined size of IAID, T1, T2 must be 12 per RFC 8415"
|
||||||
|
+ );
|
||||||
|
|
||||||
|
-#define DHCP6_BASE_PACKET_SIZE 1024
|
||||||
|
+// This is the size of IA_TA without options
|
||||||
|
+#define DHCP6_MIN_SIZE_OF_IA_TA (DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN + \
|
||||||
|
+ DHCP6_SIZE_OF_IAID)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_MIN_SIZE_OF_IA_TA == 8,
|
||||||
|
+ "Minimum combined size of IA_TA per RFC 8415"
|
||||||
|
+ );
|
||||||
|
|
||||||
|
-#define DHCP6_PORT_CLIENT 546
|
||||||
|
-#define DHCP6_PORT_SERVER 547
|
||||||
|
+// Offset to a IA_TA inner option
|
||||||
|
+#define DHCP6_OFFSET_OF_IA_TA_INNER_OPT(a) (a + DHCP6_MIN_SIZE_OF_IA_TA)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_OFFSET_OF_IA_TA_INNER_OPT (0) == 8,
|
||||||
|
+ "Offset of IA_TA Inner option is + 8 past start of option"
|
||||||
|
+ );
|
||||||
|
|
||||||
|
-#define DHCP_CHECK_MEDIA_WAITING_TIME EFI_TIMER_PERIOD_SECONDS(20)
|
||||||
|
+// This is the size of IA_NA without options (16)
|
||||||
|
+#define DHCP6_MIN_SIZE_OF_IA_NA DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN + \
|
||||||
|
+ DHCP6_SIZE_OF_COMBINED_IAID_T1_T2
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_MIN_SIZE_OF_IA_NA == 16,
|
||||||
|
+ "Minimum combined size of IA_TA per RFC 8415"
|
||||||
|
+ );
|
||||||
|
|
||||||
|
-#define DHCP6_INSTANCE_FROM_THIS(Instance) CR ((Instance), DHCP6_INSTANCE, Dhcp6, DHCP6_INSTANCE_SIGNATURE)
|
||||||
|
-#define DHCP6_SERVICE_FROM_THIS(Service) CR ((Service), DHCP6_SERVICE, ServiceBinding, DHCP6_SERVICE_SIGNATURE)
|
||||||
|
+#define DHCP6_OFFSET_OF_IA_NA_INNER_OPT(a) (a + DHCP6_MIN_SIZE_OF_IA_NA)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_OFFSET_OF_IA_NA_INNER_OPT (0) == 16,
|
||||||
|
+ "Offset of IA_NA Inner option is + 16 past start of option"
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+#define DHCP6_OFFSET_OF_IA_NA_T1(a) (a + \
|
||||||
|
+ DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN + \
|
||||||
|
+ DHCP6_SIZE_OF_IAID)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_OFFSET_OF_IA_NA_T1 (0) == 8,
|
||||||
|
+ "Offset of IA_NA Inner option is + 8 past start of option"
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+#define DHCP6_OFFSET_OF_IA_NA_T2(a) (a + \
|
||||||
|
+ DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN +\
|
||||||
|
+ DHCP6_SIZE_OF_IAID + \
|
||||||
|
+ DHCP6_SIZE_OF_TIME_INTERVAL)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_OFFSET_OF_IA_NA_T2 (0) == 12,
|
||||||
|
+ "Offset of IA_NA Inner option is + 12 past start of option"
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// For more information see RFC 8415 Section 21.13
|
||||||
|
+//
|
||||||
|
+// The format of the Status Code Option:
|
||||||
|
+//
|
||||||
|
+// 0 1 2 3
|
||||||
|
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | OPTION_STATUS_CODE | option-len |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | status-code | |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
|
||||||
|
+// . .
|
||||||
|
+// . status-message .
|
||||||
|
+// . .
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+//
|
||||||
|
+#define DHCP6_OFFSET_OF_STATUS_CODE(a) (a + DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ DHCP6_OFFSET_OF_STATUS_CODE (0) == 4,
|
||||||
|
+ "Offset of status is + 4 past start of option"
|
||||||
|
+ );
|
||||||
|
|
||||||
|
extern EFI_IPv6_ADDRESS mAllDhcpRelayAndServersAddress;
|
||||||
|
extern EFI_DHCP6_PROTOCOL gDhcp6ProtocolTemplate;
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
index 2976684aba..d680febbf1 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
@@ -611,8 +611,8 @@ Dhcp6UpdateIaInfo (
|
||||||
|
// The inner options still start with 2 bytes option-code and 2 bytes option-len.
|
||||||
|
//
|
||||||
|
if (Instance->Config->IaDescriptor.Type == Dhcp6OptIana) {
|
||||||
|
- T1 = NTOHL (ReadUnaligned32 ((UINT32 *) (Option + 8)));
|
||||||
|
- T2 = NTOHL (ReadUnaligned32 ((UINT32 *) (Option + 12)));
|
||||||
|
+ T1 = NTOHL (ReadUnaligned32 ((UINT32 *)(DHCP6_OFFSET_OF_IA_NA_T1 (Option))));
|
||||||
|
+ T2 = NTOHL (ReadUnaligned32 ((UINT32 *)(DHCP6_OFFSET_OF_IA_NA_T2 (Option))));
|
||||||
|
//
|
||||||
|
// Refer to RFC3155 Chapter 22.4. If a client receives an IA_NA with T1 greater than T2,
|
||||||
|
// and both T1 and T2 are greater than 0, the client discards the IA_NA option and processes
|
||||||
|
@@ -621,13 +621,14 @@ Dhcp6UpdateIaInfo (
|
||||||
|
if (T1 > T2 && T2 > 0) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
- IaInnerOpt = Option + 16;
|
||||||
|
- IaInnerLen = (UINT16) (NTOHS (ReadUnaligned16 ((UINT16 *) (Option + 2))) - 12);
|
||||||
|
+ IaInnerOpt = DHCP6_OFFSET_OF_IA_NA_INNER_OPT (Option);
|
||||||
|
+ IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option)))) - DHCP6_SIZE_OF_COMBINED_IAID_T1_T2);
|
||||||
|
} else {
|
||||||
|
T1 = 0;
|
||||||
|
T2 = 0;
|
||||||
|
- IaInnerOpt = Option + 8;
|
||||||
|
- IaInnerLen = (UINT16) (NTOHS (ReadUnaligned16 ((UINT16 *) (Option + 2))) - 4);
|
||||||
|
+
|
||||||
|
+ IaInnerOpt = DHCP6_OFFSET_OF_IA_TA_INNER_OPT (Option);
|
||||||
|
+ IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option)))) - DHCP6_SIZE_OF_IAID);
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
@@ -653,7 +654,7 @@ Dhcp6UpdateIaInfo (
|
||||||
|
Option = Dhcp6SeekOption (IaInnerOpt, IaInnerLen, Dhcp6OptStatusCode);
|
||||||
|
|
||||||
|
if (Option != NULL) {
|
||||||
|
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *) (Option + 4)));
|
||||||
|
+ StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option))));
|
||||||
|
if (StsCode != Dhcp6StsSuccess) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
@@ -675,6 +676,87 @@ Dhcp6UpdateIaInfo (
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ Seeks the Inner Options from a DHCP6 Option
|
||||||
|
+
|
||||||
|
+ @param[in] IaType The type of the IA option.
|
||||||
|
+ @param[in] Option The pointer to the DHCP6 Option.
|
||||||
|
+ @param[in] OptionLen The length of the DHCP6 Option.
|
||||||
|
+ @param[out] IaInnerOpt The pointer to the IA inner option.
|
||||||
|
+ @param[out] IaInnerLen The length of the IA inner option.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Seek the inner option successfully.
|
||||||
|
+ @retval EFI_DEVICE_ERROR The OptionLen is invalid. On Error,
|
||||||
|
+ the pointers are not modified
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ IN UINT16 IaType,
|
||||||
|
+ IN UINT8 *Option,
|
||||||
|
+ IN UINT32 OptionLen,
|
||||||
|
+ OUT UINT8 **IaInnerOpt,
|
||||||
|
+ OUT UINT16 *IaInnerLen
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ UINT16 IaInnerLenTmp;
|
||||||
|
+ UINT8 *IaInnerOptTmp;
|
||||||
|
+
|
||||||
|
+ if (Option == NULL) {
|
||||||
|
+ ASSERT (Option != NULL);
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (IaInnerOpt == NULL) {
|
||||||
|
+ ASSERT (IaInnerOpt != NULL);
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (IaInnerLen == NULL) {
|
||||||
|
+ ASSERT (IaInnerLen != NULL);
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (IaType == Dhcp6OptIana) {
|
||||||
|
+ // Verify we have a fully formed IA_NA
|
||||||
|
+ if (OptionLen < DHCP6_MIN_SIZE_OF_IA_NA) {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ IaInnerOptTmp = DHCP6_OFFSET_OF_IA_NA_INNER_OPT (Option);
|
||||||
|
+
|
||||||
|
+ // Verify the IaInnerLen is valid.
|
||||||
|
+ IaInnerLenTmp = (UINT16)NTOHS (ReadUnaligned16 ((UINT16 *)DHCP6_OFFSET_OF_OPT_LEN (Option)));
|
||||||
|
+ if (IaInnerLenTmp < DHCP6_SIZE_OF_COMBINED_IAID_T1_T2) {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ IaInnerLenTmp -= DHCP6_SIZE_OF_COMBINED_IAID_T1_T2;
|
||||||
|
+ } else if (IaType == Dhcp6OptIata) {
|
||||||
|
+ // Verify the OptionLen is valid.
|
||||||
|
+ if (OptionLen < DHCP6_MIN_SIZE_OF_IA_TA) {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ IaInnerOptTmp = DHCP6_OFFSET_OF_IA_TA_INNER_OPT (Option);
|
||||||
|
+
|
||||||
|
+ // Verify the IaInnerLen is valid.
|
||||||
|
+ IaInnerLenTmp = (UINT16)NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option))));
|
||||||
|
+ if (IaInnerLenTmp < DHCP6_SIZE_OF_IAID) {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ IaInnerLenTmp -= DHCP6_SIZE_OF_IAID;
|
||||||
|
+ } else {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ *IaInnerOpt = IaInnerOptTmp;
|
||||||
|
+ *IaInnerLen = IaInnerLenTmp;
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
Seek StatusCode Option in package. A Status Code option may appear in the
|
||||||
|
options field of a DHCP message and/or in the options field of another option.
|
||||||
|
@@ -695,9 +777,15 @@ Dhcp6SeekStsOption (
|
||||||
|
OUT UINT8 **Option
|
||||||
|
)
|
||||||
|
{
|
||||||
|
- UINT8 *IaInnerOpt;
|
||||||
|
- UINT16 IaInnerLen;
|
||||||
|
- UINT16 StsCode;
|
||||||
|
+ UINT8 *IaInnerOpt;
|
||||||
|
+ UINT16 IaInnerLen;
|
||||||
|
+ UINT16 StsCode;
|
||||||
|
+ UINT32 OptionLen;
|
||||||
|
+
|
||||||
|
+ // OptionLen is the length of the Options excluding the DHCP header.
|
||||||
|
+ // Length of the EFI_DHCP6_PACKET from the first byte of the Header field to the last
|
||||||
|
+ // byte of the Option[] field.
|
||||||
|
+ OptionLen = Packet->Length - sizeof (Packet->Dhcp6.Header);
|
||||||
|
|
||||||
|
//
|
||||||
|
// Seek StatusCode option directly in DHCP message body. That is, search in
|
||||||
|
@@ -705,12 +793,12 @@ Dhcp6SeekStsOption (
|
||||||
|
//
|
||||||
|
*Option = Dhcp6SeekOption (
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - 4,
|
||||||
|
+ OptionLen,
|
||||||
|
Dhcp6OptStatusCode
|
||||||
|
);
|
||||||
|
|
||||||
|
if (*Option != NULL) {
|
||||||
|
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *) (*Option + 4)));
|
||||||
|
+ StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_STATUS_CODE (*Option))));
|
||||||
|
if (StsCode != Dhcp6StsSuccess) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
@@ -721,7 +809,7 @@ Dhcp6SeekStsOption (
|
||||||
|
//
|
||||||
|
*Option = Dhcp6SeekIaOption (
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
+ OptionLen,
|
||||||
|
&Instance->Config->IaDescriptor
|
||||||
|
);
|
||||||
|
if (*Option == NULL) {
|
||||||
|
@@ -729,52 +817,35 @@ Dhcp6SeekStsOption (
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
- // The format of the IA_NA option is:
|
||||||
|
+ // Calculate the distance from Packet->Dhcp6.Option to the IA option.
|
||||||
|
//
|
||||||
|
- // 0 1 2 3
|
||||||
|
- // 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | OPTION_IA_NA | option-len |
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | IAID (4 octets) |
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | T1 |
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | T2 |
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | |
|
||||||
|
- // . IA_NA-options .
|
||||||
|
- // . .
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+ // Packet->Size and Packet->Length are both UINT32 type, and Packet->Size is
|
||||||
|
+ // the size of the whole packet, including the DHCP header, and Packet->Length
|
||||||
|
+ // is the length of the DHCP message body, excluding the DHCP header.
|
||||||
|
//
|
||||||
|
- // The format of the IA_TA option is:
|
||||||
|
+ // (*Option - Packet->Dhcp6.Option) is the number of bytes from the start of
|
||||||
|
+ // DHCP6 option area to the start of the IA option.
|
||||||
|
//
|
||||||
|
- // 0 1 2 3
|
||||||
|
- // 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | OPTION_IA_TA | option-len |
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | IAID (4 octets) |
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
- // | |
|
||||||
|
- // . IA_TA-options .
|
||||||
|
- // . .
|
||||||
|
- // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+ // Dhcp6SeekInnerOptionSafe() is searching starting from the start of the
|
||||||
|
+ // IA option to the end of the DHCP6 option area, thus subtract the space
|
||||||
|
+ // up until this option
|
||||||
|
//
|
||||||
|
+ OptionLen = OptionLen - (*Option - Packet->Dhcp6.Option);
|
||||||
|
|
||||||
|
//
|
||||||
|
- // sizeof (option-code + option-len + IaId) = 8
|
||||||
|
- // sizeof (option-code + option-len + IaId + T1) = 12
|
||||||
|
- // sizeof (option-code + option-len + IaId + T1 + T2) = 16
|
||||||
|
+ // Seek the inner option
|
||||||
|
//
|
||||||
|
- // The inner options still start with 2 bytes option-code and 2 bytes option-len.
|
||||||
|
- //
|
||||||
|
- if (Instance->Config->IaDescriptor.Type == Dhcp6OptIana) {
|
||||||
|
- IaInnerOpt = *Option + 16;
|
||||||
|
- IaInnerLen = (UINT16) (NTOHS (ReadUnaligned16 ((UINT16 *) (*Option + 2))) - 12);
|
||||||
|
- } else {
|
||||||
|
- IaInnerOpt = *Option + 8;
|
||||||
|
- IaInnerLen = (UINT16) (NTOHS (ReadUnaligned16 ((UINT16 *) (*Option + 2))) - 4);
|
||||||
|
+ if (EFI_ERROR (
|
||||||
|
+ Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ Instance->Config->IaDescriptor.Type,
|
||||||
|
+ *Option,
|
||||||
|
+ OptionLen,
|
||||||
|
+ &IaInnerOpt,
|
||||||
|
+ &IaInnerLen
|
||||||
|
+ )
|
||||||
|
+ ))
|
||||||
|
+ {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
@@ -798,7 +869,7 @@ Dhcp6SeekStsOption (
|
||||||
|
//
|
||||||
|
*Option = Dhcp6SeekOption (IaInnerOpt, IaInnerLen, Dhcp6OptStatusCode);
|
||||||
|
if (*Option != NULL) {
|
||||||
|
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *) (*Option + 4)));
|
||||||
|
+ StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)((DHCP6_OFFSET_OF_STATUS_CODE (*Option)))));
|
||||||
|
if (StsCode != Dhcp6StsSuccess) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
@@ -1123,7 +1194,7 @@ Dhcp6SendRequestMsg (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
Instance->AdSelect->Dhcp6.Option,
|
||||||
|
- Instance->AdSelect->Length - 4,
|
||||||
|
+ Instance->AdSelect->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptServerId
|
||||||
|
);
|
||||||
|
if (Option == NULL) {
|
||||||
|
@@ -1309,7 +1380,7 @@ Dhcp6SendDeclineMsg (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
LastReply->Dhcp6.Option,
|
||||||
|
- LastReply->Length - 4,
|
||||||
|
+ LastReply->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptServerId
|
||||||
|
);
|
||||||
|
if (Option == NULL) {
|
||||||
|
@@ -1469,7 +1540,7 @@ Dhcp6SendReleaseMsg (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
LastReply->Dhcp6.Option,
|
||||||
|
- LastReply->Length - 4,
|
||||||
|
+ LastReply->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptServerId
|
||||||
|
);
|
||||||
|
if (Option == NULL) {
|
||||||
|
@@ -1695,7 +1766,7 @@ Dhcp6SendRenewRebindMsg (
|
||||||
|
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
LastReply->Dhcp6.Option,
|
||||||
|
- LastReply->Length - 4,
|
||||||
|
+ LastReply->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptServerId
|
||||||
|
);
|
||||||
|
if (Option == NULL) {
|
||||||
|
@@ -2235,7 +2306,7 @@ Dhcp6HandleReplyMsg (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - 4,
|
||||||
|
+ Packet->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptRapidCommit
|
||||||
|
);
|
||||||
|
|
||||||
|
@@ -2383,7 +2454,7 @@ Dhcp6HandleReplyMsg (
|
||||||
|
//
|
||||||
|
// Any error status code option is found.
|
||||||
|
//
|
||||||
|
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *) (Option + 4)));
|
||||||
|
+ StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)((DHCP6_OFFSET_OF_STATUS_CODE (Option)))));
|
||||||
|
switch (StsCode) {
|
||||||
|
case Dhcp6StsUnspecFail:
|
||||||
|
//
|
||||||
|
@@ -2514,7 +2585,7 @@ Dhcp6SelectAdvertiseMsg (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption(
|
||||||
|
AdSelect->Dhcp6.Option,
|
||||||
|
- AdSelect->Length - 4,
|
||||||
|
+ AdSelect->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptServerUnicast
|
||||||
|
);
|
||||||
|
|
||||||
|
@@ -2526,7 +2597,7 @@ Dhcp6SelectAdvertiseMsg (
|
||||||
|
return EFI_OUT_OF_RESOURCES;
|
||||||
|
}
|
||||||
|
|
||||||
|
- CopyMem (Instance->Unicast, Option + 4, sizeof(EFI_IPv6_ADDRESS));
|
||||||
|
+ CopyMem (Instance->Unicast, DHCP6_OFFSET_OF_OPT_DATA (Option), sizeof (EFI_IPv6_ADDRESS));
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
@@ -2580,7 +2651,7 @@ Dhcp6HandleAdvertiseMsg (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption(
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - 4,
|
||||||
|
+ Packet->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptRapidCommit
|
||||||
|
);
|
||||||
|
|
||||||
|
@@ -2676,7 +2747,7 @@ Dhcp6HandleAdvertiseMsg (
|
||||||
|
CopyMem (Instance->AdSelect, Packet, Packet->Size);
|
||||||
|
|
||||||
|
if (Option != NULL) {
|
||||||
|
- Instance->AdPref = *(Option + 4);
|
||||||
|
+ Instance->AdPref = *(DHCP6_OFFSET_OF_OPT_DATA (Option));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
//
|
||||||
|
@@ -2747,11 +2818,11 @@ Dhcp6HandleStateful (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption(
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - 4,
|
||||||
|
+ Packet->Length - DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN,
|
||||||
|
Dhcp6OptClientId
|
||||||
|
);
|
||||||
|
|
||||||
|
- if (Option == NULL || CompareMem (Option + 4, ClientId->Duid, ClientId->Length) != 0) {
|
||||||
|
+ if ((Option == NULL) || (CompareMem (DHCP6_OFFSET_OF_OPT_DATA (Option), ClientId->Duid, ClientId->Length) != 0)) {
|
||||||
|
goto ON_CONTINUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -2760,7 +2831,7 @@ Dhcp6HandleStateful (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption(
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - 4,
|
||||||
|
+ Packet->Length - DHCP6_SIZE_OF_COMBINED_CODE_AND_LEN,
|
||||||
|
Dhcp6OptServerId
|
||||||
|
);
|
||||||
|
|
||||||
|
@@ -2865,7 +2936,7 @@ Dhcp6HandleStateless (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekOption (
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - 4,
|
||||||
|
+ Packet->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
Dhcp6OptServerId
|
||||||
|
);
|
||||||
|
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
@ -0,0 +1,257 @@
|
|||||||
|
From 1b58858f28a364a8f8fa897a78db7ced068719dd Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 13/15] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229
|
||||||
|
Related Patch
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [13/15] 904fd82592208d0ca42bbb64f437691a5bdfd0b6
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21840
|
||||||
|
CVE: CVE-2023-45229
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 1c440a5eceedc64e892877eeac0f1a4938f5abbb
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Tue Feb 13 10:46:00 2024 -0800
|
||||||
|
|
||||||
|
NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Related Patch
|
||||||
|
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4673
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4534
|
||||||
|
|
||||||
|
This was not part of the Quarkslab bugs however the same pattern
|
||||||
|
as CVE-2023-45229 exists in Dhcp6UpdateIaInfo.
|
||||||
|
|
||||||
|
This patch replaces the code in question with the safe function
|
||||||
|
created to patch CVE-2023-45229
|
||||||
|
|
||||||
|
>
|
||||||
|
> if (EFI_ERROR (
|
||||||
|
> Dhcp6SeekInnerOptionSafe (
|
||||||
|
> Instance->Config->IaDescriptor.Type,
|
||||||
|
> Option,
|
||||||
|
> OptionLen,
|
||||||
|
> &IaInnerOpt,
|
||||||
|
> &IaInnerLen
|
||||||
|
> )
|
||||||
|
> ))
|
||||||
|
> {
|
||||||
|
> return EFI_DEVICE_ERROR;
|
||||||
|
> }
|
||||||
|
>
|
||||||
|
|
||||||
|
Additionally corrects incorrect usage of macro to read the status
|
||||||
|
|
||||||
|
> - StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)DHCP6_OFFSET_OF_OPT_LEN
|
||||||
|
(Option)));
|
||||||
|
> + StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)
|
||||||
|
DHCP6_OFFSET_OF_STATUS_CODE (Option));
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Dhcp6Dxe/Dhcp6Io.c | 70 ++++++++++++++++++++++++++---------
|
||||||
|
NetworkPkg/Dhcp6Dxe/Dhcp6Io.h | 22 +++++++++++
|
||||||
|
2 files changed, 75 insertions(+), 17 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
index 3b8feb4a20..a9bffae353 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
|
||||||
|
@@ -528,13 +528,23 @@ Dhcp6UpdateIaInfo (
|
||||||
|
{
|
||||||
|
EFI_STATUS Status;
|
||||||
|
UINT8 *Option;
|
||||||
|
+ UINT32 OptionLen;
|
||||||
|
UINT8 *IaInnerOpt;
|
||||||
|
UINT16 IaInnerLen;
|
||||||
|
UINT16 StsCode;
|
||||||
|
UINT32 T1;
|
||||||
|
UINT32 T2;
|
||||||
|
|
||||||
|
+ T1 = 0;
|
||||||
|
+ T2 = 0;
|
||||||
|
+
|
||||||
|
ASSERT (Instance->Config != NULL);
|
||||||
|
+
|
||||||
|
+ // OptionLen is the length of the Options excluding the DHCP header.
|
||||||
|
+ // Length of the EFI_DHCP6_PACKET from the first byte of the Header field to the last
|
||||||
|
+ // byte of the Option[] field.
|
||||||
|
+ OptionLen = Packet->Length - sizeof (Packet->Dhcp6.Header);
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// If the reply was received in response to a solicit with rapid commit option,
|
||||||
|
// request, renew or rebind message, the client updates the information it has
|
||||||
|
@@ -549,13 +559,29 @@ Dhcp6UpdateIaInfo (
|
||||||
|
//
|
||||||
|
Option = Dhcp6SeekIaOption (
|
||||||
|
Packet->Dhcp6.Option,
|
||||||
|
- Packet->Length - sizeof (EFI_DHCP6_HEADER),
|
||||||
|
+ OptionLen,
|
||||||
|
&Instance->Config->IaDescriptor
|
||||||
|
);
|
||||||
|
if (Option == NULL) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Calculate the distance from Packet->Dhcp6.Option to the IA option.
|
||||||
|
+ //
|
||||||
|
+ // Packet->Size and Packet->Length are both UINT32 type, and Packet->Size is
|
||||||
|
+ // the size of the whole packet, including the DHCP header, and Packet->Length
|
||||||
|
+ // is the length of the DHCP message body, excluding the DHCP header.
|
||||||
|
+ //
|
||||||
|
+ // (*Option - Packet->Dhcp6.Option) is the number of bytes from the start of
|
||||||
|
+ // DHCP6 option area to the start of the IA option.
|
||||||
|
+ //
|
||||||
|
+ // Dhcp6SeekInnerOptionSafe() is searching starting from the start of the
|
||||||
|
+ // IA option to the end of the DHCP6 option area, thus subtract the space
|
||||||
|
+ // up until this option
|
||||||
|
+ //
|
||||||
|
+ OptionLen = OptionLen - (UINT32)(Option - Packet->Dhcp6.Option);
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// The format of the IA_NA option is:
|
||||||
|
//
|
||||||
|
@@ -591,32 +617,32 @@ Dhcp6UpdateIaInfo (
|
||||||
|
//
|
||||||
|
|
||||||
|
//
|
||||||
|
- // sizeof (option-code + option-len + IaId) = 8
|
||||||
|
- // sizeof (option-code + option-len + IaId + T1) = 12
|
||||||
|
- // sizeof (option-code + option-len + IaId + T1 + T2) = 16
|
||||||
|
- //
|
||||||
|
- // The inner options still start with 2 bytes option-code and 2 bytes option-len.
|
||||||
|
+ // Seek the inner option
|
||||||
|
//
|
||||||
|
+ if (EFI_ERROR (
|
||||||
|
+ Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ Instance->Config->IaDescriptor.Type,
|
||||||
|
+ Option,
|
||||||
|
+ OptionLen,
|
||||||
|
+ &IaInnerOpt,
|
||||||
|
+ &IaInnerLen
|
||||||
|
+ )
|
||||||
|
+ ))
|
||||||
|
+ {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (Instance->Config->IaDescriptor.Type == Dhcp6OptIana) {
|
||||||
|
T1 = NTOHL (ReadUnaligned32 ((UINT32 *)(DHCP6_OFFSET_OF_IA_NA_T1 (Option))));
|
||||||
|
T2 = NTOHL (ReadUnaligned32 ((UINT32 *)(DHCP6_OFFSET_OF_IA_NA_T2 (Option))));
|
||||||
|
//
|
||||||
|
// Refer to RFC3155 Chapter 22.4. If a client receives an IA_NA with T1 greater than T2,
|
||||||
|
// and both T1 and T2 are greater than 0, the client discards the IA_NA option and processes
|
||||||
|
- // the remainder of the message as though the server had not included the invalid IA_NA option.
|
||||||
|
+ // the remainder of the message as though the server had not included the invalid IA_NA option.
|
||||||
|
//
|
||||||
|
if ((T1 > T2) && (T2 > 0)) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
-
|
||||||
|
- IaInnerOpt = DHCP6_OFFSET_OF_IA_NA_INNER_OPT (Option);
|
||||||
|
- IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option)))) - DHCP6_SIZE_OF_COMBINED_IAID_T1_T2);
|
||||||
|
- } else {
|
||||||
|
- T1 = 0;
|
||||||
|
- T2 = 0;
|
||||||
|
-
|
||||||
|
- IaInnerOpt = DHCP6_OFFSET_OF_IA_TA_INNER_OPT (Option);
|
||||||
|
- IaInnerLen = (UINT16)(NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option)))) - DHCP6_SIZE_OF_IAID);
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
@@ -642,7 +668,7 @@ Dhcp6UpdateIaInfo (
|
||||||
|
Option = Dhcp6SeekOption (IaInnerOpt, IaInnerLen, Dhcp6OptStatusCode);
|
||||||
|
|
||||||
|
if (Option != NULL) {
|
||||||
|
- StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option))));
|
||||||
|
+ StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_STATUS_CODE (Option))));
|
||||||
|
if (StsCode != Dhcp6StsSuccess) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
@@ -703,15 +729,21 @@ Dhcp6SeekInnerOptionSafe (
|
||||||
|
}
|
||||||
|
|
||||||
|
if (IaType == Dhcp6OptIana) {
|
||||||
|
+ //
|
||||||
|
// Verify we have a fully formed IA_NA
|
||||||
|
+ //
|
||||||
|
if (OptionLen < DHCP6_MIN_SIZE_OF_IA_NA) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Get the IA Inner Option and Length
|
||||||
|
//
|
||||||
|
IaInnerOptTmp = DHCP6_OFFSET_OF_IA_NA_INNER_OPT (Option);
|
||||||
|
|
||||||
|
+ //
|
||||||
|
// Verify the IaInnerLen is valid.
|
||||||
|
+ //
|
||||||
|
IaInnerLenTmp = (UINT16)NTOHS (ReadUnaligned16 ((UINT16 *)DHCP6_OFFSET_OF_OPT_LEN (Option)));
|
||||||
|
if (IaInnerLenTmp < DHCP6_SIZE_OF_COMBINED_IAID_T1_T2) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
@@ -719,14 +751,18 @@ Dhcp6SeekInnerOptionSafe (
|
||||||
|
|
||||||
|
IaInnerLenTmp -= DHCP6_SIZE_OF_COMBINED_IAID_T1_T2;
|
||||||
|
} else if (IaType == Dhcp6OptIata) {
|
||||||
|
+ //
|
||||||
|
// Verify the OptionLen is valid.
|
||||||
|
+ //
|
||||||
|
if (OptionLen < DHCP6_MIN_SIZE_OF_IA_TA) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
IaInnerOptTmp = DHCP6_OFFSET_OF_IA_TA_INNER_OPT (Option);
|
||||||
|
|
||||||
|
+ //
|
||||||
|
// Verify the IaInnerLen is valid.
|
||||||
|
+ //
|
||||||
|
IaInnerLenTmp = (UINT16)NTOHS (ReadUnaligned16 ((UINT16 *)(DHCP6_OFFSET_OF_OPT_LEN (Option))));
|
||||||
|
if (IaInnerLenTmp < DHCP6_SIZE_OF_IAID) {
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.h b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.h
|
||||||
|
index 554f0f5e5d..8c0d282bca 100644
|
||||||
|
--- a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.h
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.h
|
||||||
|
@@ -218,4 +218,26 @@ Dhcp6OnTimerTick (
|
||||||
|
IN VOID *Context
|
||||||
|
);
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ Seeks the Inner Options from a DHCP6 Option
|
||||||
|
+
|
||||||
|
+ @param[in] IaType The type of the IA option.
|
||||||
|
+ @param[in] Option The pointer to the DHCP6 Option.
|
||||||
|
+ @param[in] OptionLen The length of the DHCP6 Option.
|
||||||
|
+ @param[out] IaInnerOpt The pointer to the IA inner option.
|
||||||
|
+ @param[out] IaInnerLen The length of the IA inner option.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Seek the inner option successfully.
|
||||||
|
+ @retval EFI_DEVICE_ERROR The OptionLen is invalid. On Error,
|
||||||
|
+ the pointers are not modified
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+Dhcp6SeekInnerOptionSafe (
|
||||||
|
+ IN UINT16 IaType,
|
||||||
|
+ IN UINT8 *Option,
|
||||||
|
+ IN UINT32 OptionLen,
|
||||||
|
+ OUT UINT8 **IaInnerOpt,
|
||||||
|
+ OUT UINT16 *IaInnerLen
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
#endif
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,629 @@
|
|||||||
|
From f5274b449181cb37efce0f08ed5d75a6bf6e54a8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 8 Feb 2024 10:35:14 -0500
|
||||||
|
Subject: [PATCH 16/17] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230
|
||||||
|
Unit Tests
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 50: CVE-2023-45230 and CVE-2023-45229
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21842
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [3/4] 43b8569c0586c7dbf66b19c5db335d0ce05829de (jmaloy/jons_fork)
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21842
|
||||||
|
CVE: CVE-2023-45230
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 5f3658197bf29c83b3349b0ab1d99cdb0c3814bc
|
||||||
|
Author: Doug Flick via groups.io <dougflick=microsoft.com@groups.io>
|
||||||
|
Date: Fri Jan 26 05:54:45 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Unit Tests
|
||||||
|
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4535
|
||||||
|
|
||||||
|
Confirms that reported issue...
|
||||||
|
|
||||||
|
"Buffer overflow in the DHCPv6 client via a long Server ID option"
|
||||||
|
|
||||||
|
..has been corrected by the provided patch.
|
||||||
|
|
||||||
|
Tests the following functions to ensure they appropriately handle
|
||||||
|
untrusted data (either too long or too small) to prevent a buffer
|
||||||
|
overflow:
|
||||||
|
|
||||||
|
Dhcp6AppendOption
|
||||||
|
Dhcp6AppendETOption
|
||||||
|
Dhcp6AppendIaOption
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../GoogleTest/Dhcp6DxeGoogleTest.cpp | 20 +
|
||||||
|
.../GoogleTest/Dhcp6DxeGoogleTest.inf | 43 ++
|
||||||
|
.../Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp | 478 ++++++++++++++++++
|
||||||
|
NetworkPkg/Test/NetworkPkgHostTest.dsc | 1 +
|
||||||
|
4 files changed, 542 insertions(+)
|
||||||
|
create mode 100644 NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.cpp
|
||||||
|
create mode 100644 NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
create mode 100644 NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.cpp b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.cpp
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..9aeced2f91
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.cpp
|
||||||
|
@@ -0,0 +1,20 @@
|
||||||
|
+/** @file
|
||||||
|
+ Acts as the main entry point for the tests for the Dhcp6Dxe module.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+#include <gtest/gtest.h>
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Run the tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////////////
|
||||||
|
+int
|
||||||
|
+main (
|
||||||
|
+ int argc,
|
||||||
|
+ char *argv[]
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ testing::InitGoogleTest (&argc, argv);
|
||||||
|
+ return RUN_ALL_TESTS ();
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..8e9119a371
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
@@ -0,0 +1,43 @@
|
||||||
|
+## @file
|
||||||
|
+# Unit test suite for the Dhcp6Dxe using Google Test
|
||||||
|
+#
|
||||||
|
+# Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+##
|
||||||
|
+[Defines]
|
||||||
|
+ INF_VERSION = 0x00010017
|
||||||
|
+ BASE_NAME = Dhcp6DxeGoogleTest
|
||||||
|
+ FILE_GUID = 1D2A4C65-38C8-4C2F-BB60-B5FA49625AA9
|
||||||
|
+ VERSION_STRING = 1.0
|
||||||
|
+ MODULE_TYPE = HOST_APPLICATION
|
||||||
|
+#
|
||||||
|
+# The following information is for reference only and not required by the build tools.
|
||||||
|
+#
|
||||||
|
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
|
||||||
|
+#
|
||||||
|
+[Sources]
|
||||||
|
+ Dhcp6DxeGoogleTest.cpp
|
||||||
|
+ Dhcp6IoGoogleTest.cpp
|
||||||
|
+ ../Dhcp6Io.c
|
||||||
|
+ ../Dhcp6Utility.c
|
||||||
|
+
|
||||||
|
+[Packages]
|
||||||
|
+ MdePkg/MdePkg.dec
|
||||||
|
+ MdeModulePkg/MdeModulePkg.dec
|
||||||
|
+ UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||||
|
+ NetworkPkg/NetworkPkg.dec
|
||||||
|
+
|
||||||
|
+[LibraryClasses]
|
||||||
|
+ GoogleTestLib
|
||||||
|
+ DebugLib
|
||||||
|
+ NetLib
|
||||||
|
+ PcdLib
|
||||||
|
+
|
||||||
|
+[Protocols]
|
||||||
|
+ gEfiDhcp6ServiceBindingProtocolGuid
|
||||||
|
+
|
||||||
|
+[Pcd]
|
||||||
|
+ gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType
|
||||||
|
+
|
||||||
|
+[Guids]
|
||||||
|
+ gZeroGuid
|
||||||
|
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..7ee40e4af4
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
|
||||||
|
@@ -0,0 +1,478 @@
|
||||||
|
+/** @file
|
||||||
|
+ Tests for Dhcp6Io.c.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+#include <gtest/gtest.h>
|
||||||
|
+
|
||||||
|
+extern "C" {
|
||||||
|
+ #include <Uefi.h>
|
||||||
|
+ #include <Library/BaseLib.h>
|
||||||
|
+ #include <Library/DebugLib.h>
|
||||||
|
+ #include <Library/BaseMemoryLib.h>
|
||||||
|
+ #include "../Dhcp6Impl.h"
|
||||||
|
+ #include "../Dhcp6Utility.h"
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Defines
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+#define DHCP6_PACKET_MAX_LEN 1500
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Symbol Definitions
|
||||||
|
+// These functions are not directly under test - but required to compile
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+// This definition is used by this test but is also required to compile
|
||||||
|
+// by Dhcp6Io.c
|
||||||
|
+EFI_IPv6_ADDRESS mAllDhcpRelayAndServersAddress = {
|
||||||
|
+ { 0xFF, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 2 }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+UdpIoSendDatagram (
|
||||||
|
+ IN UDP_IO *UdpIo,
|
||||||
|
+ IN NET_BUF *Packet,
|
||||||
|
+ IN UDP_END_POINT *EndPoint OPTIONAL,
|
||||||
|
+ IN EFI_IP_ADDRESS *Gateway OPTIONAL,
|
||||||
|
+ IN UDP_IO_CALLBACK CallBack,
|
||||||
|
+ IN VOID *Context
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+UdpIoRecvDatagram (
|
||||||
|
+ IN UDP_IO *UdpIo,
|
||||||
|
+ IN UDP_IO_CALLBACK CallBack,
|
||||||
|
+ IN VOID *Context,
|
||||||
|
+ IN UINT32 HeadLen
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Dhcp6AppendOptionTest Tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+class Dhcp6AppendOptionTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ UINT8 *Buffer = NULL;
|
||||||
|
+ EFI_DHCP6_PACKET *Packet;
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Initialize any resources or variables
|
||||||
|
+ Buffer = (UINT8 *)AllocateZeroPool (DHCP6_PACKET_MAX_LEN);
|
||||||
|
+ ASSERT_NE (Buffer, (UINT8 *)NULL);
|
||||||
|
+
|
||||||
|
+ Packet = (EFI_DHCP6_PACKET *)Buffer;
|
||||||
|
+ Packet->Size = DHCP6_PACKET_MAX_LEN;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ if (Buffer != NULL) {
|
||||||
|
+ FreePool (Buffer);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Attempt to append an option to a packet that is too small by a duid that is too large
|
||||||
|
+TEST_F (Dhcp6AppendOptionTest, InvalidDataExpectBufferTooSmall) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_DHCP6_DUID *UntrustedDuid;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
+ UntrustedDuid = (EFI_DHCP6_DUID *)AllocateZeroPool (sizeof (EFI_DHCP6_DUID));
|
||||||
|
+ ASSERT_NE (UntrustedDuid, (EFI_DHCP6_DUID *)NULL);
|
||||||
|
+
|
||||||
|
+ UntrustedDuid->Length = NTOHS (0xFFFF);
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendOption (
|
||||||
|
+ Dhcp6AppendOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ HTONS (Dhcp6OptServerId),
|
||||||
|
+ UntrustedDuid->Length,
|
||||||
|
+ UntrustedDuid->Duid
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (Status, EFI_BUFFER_TOO_SMALL);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Attempt to append an option to a packet that is large enough
|
||||||
|
+TEST_F (Dhcp6AppendOptionTest, ValidDataExpectSuccess) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_DHCP6_DUID *UntrustedDuid;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ UINTN OriginalLength;
|
||||||
|
+
|
||||||
|
+ UINT8 Duid[6] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05 };
|
||||||
|
+
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+ OriginalLength = Packet->Length;
|
||||||
|
+
|
||||||
|
+ UntrustedDuid = (EFI_DHCP6_DUID *)AllocateZeroPool (sizeof (EFI_DHCP6_DUID));
|
||||||
|
+ ASSERT_NE (UntrustedDuid, (EFI_DHCP6_DUID *)NULL);
|
||||||
|
+
|
||||||
|
+ UntrustedDuid->Length = NTOHS (sizeof (Duid));
|
||||||
|
+ CopyMem (UntrustedDuid->Duid, Duid, sizeof (Duid));
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendOption (
|
||||||
|
+ Dhcp6AppendOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ HTONS (Dhcp6OptServerId),
|
||||||
|
+ UntrustedDuid->Length,
|
||||||
|
+ UntrustedDuid->Duid
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
+
|
||||||
|
+ // verify that the pointer to cursor moved by the expected amount
|
||||||
|
+ ASSERT_EQ (Cursor, (UINT8 *)Dhcp6AppendOptionTest::Packet->Dhcp6.Option + sizeof (Duid) + 4);
|
||||||
|
+
|
||||||
|
+ // verify that the length of the packet is now the expected amount
|
||||||
|
+ ASSERT_EQ (Dhcp6AppendOptionTest::Packet->Length, OriginalLength + sizeof (Duid) + 4);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Dhcp6AppendETOption Tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+class Dhcp6AppendETOptionTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ UINT8 *Buffer = NULL;
|
||||||
|
+ EFI_DHCP6_PACKET *Packet;
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Initialize any resources or variables
|
||||||
|
+ Buffer = (UINT8 *)AllocateZeroPool (DHCP6_PACKET_MAX_LEN);
|
||||||
|
+ ASSERT_NE (Buffer, (UINT8 *)NULL);
|
||||||
|
+
|
||||||
|
+ Packet = (EFI_DHCP6_PACKET *)Buffer;
|
||||||
|
+ Packet->Size = DHCP6_PACKET_MAX_LEN;
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ if (Buffer != NULL) {
|
||||||
|
+ FreePool (Buffer);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Attempt to append an option to a packet that is too small by a duid that is too large
|
||||||
|
+TEST_F (Dhcp6AppendETOptionTest, InvalidDataExpectBufferTooSmall) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ DHCP6_INSTANCE Instance;
|
||||||
|
+ UINT16 ElapsedTimeVal;
|
||||||
|
+ UINT16 *ElapsedTime;
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendETOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+ ElapsedTime = &ElapsedTimeVal;
|
||||||
|
+
|
||||||
|
+ Packet->Length = Packet->Size - 2;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendETOption (
|
||||||
|
+ Dhcp6AppendETOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ &Instance, // Instance is not used in this function
|
||||||
|
+ &ElapsedTime
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ // verify that we error out because the packet is too small for the option header
|
||||||
|
+ ASSERT_EQ (Status, EFI_BUFFER_TOO_SMALL);
|
||||||
|
+
|
||||||
|
+ // reset the length
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Attempt to append an option to a packet that is large enough
|
||||||
|
+TEST_F (Dhcp6AppendETOptionTest, ValidDataExpectSuccess) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ DHCP6_INSTANCE Instance;
|
||||||
|
+ UINT16 ElapsedTimeVal;
|
||||||
|
+ UINT16 *ElapsedTime;
|
||||||
|
+ UINTN ExpectedSize;
|
||||||
|
+ UINTN OriginalLength;
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendETOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+ ElapsedTime = &ElapsedTimeVal;
|
||||||
|
+ ExpectedSize = 6;
|
||||||
|
+ OriginalLength = Packet->Length;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendETOption (
|
||||||
|
+ Dhcp6AppendETOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ &Instance, // Instance is not used in this function
|
||||||
|
+ &ElapsedTime
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ // verify that the status is EFI_SUCCESS
|
||||||
|
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
+
|
||||||
|
+ // verify that the pointer to cursor moved by the expected amount
|
||||||
|
+ ASSERT_EQ (Cursor, (UINT8 *)Dhcp6AppendETOptionTest::Packet->Dhcp6.Option + ExpectedSize);
|
||||||
|
+
|
||||||
|
+ // verify that the length of the packet is now the expected amount
|
||||||
|
+ ASSERT_EQ (Dhcp6AppendETOptionTest::Packet->Length, OriginalLength + ExpectedSize);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Dhcp6AppendIaOption Tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+class Dhcp6AppendIaOptionTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ UINT8 *Buffer = NULL;
|
||||||
|
+ EFI_DHCP6_PACKET *Packet;
|
||||||
|
+ EFI_DHCP6_IA *Ia;
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Initialize any resources or variables
|
||||||
|
+ Buffer = (UINT8 *)AllocateZeroPool (DHCP6_PACKET_MAX_LEN);
|
||||||
|
+ ASSERT_NE (Buffer, (UINT8 *)NULL);
|
||||||
|
+
|
||||||
|
+ Packet = (EFI_DHCP6_PACKET *)Buffer;
|
||||||
|
+ Packet->Size = DHCP6_PACKET_MAX_LEN;
|
||||||
|
+
|
||||||
|
+ Ia = (EFI_DHCP6_IA *)AllocateZeroPool (sizeof (EFI_DHCP6_IA) + sizeof (EFI_DHCP6_IA_ADDRESS) * 2);
|
||||||
|
+ ASSERT_NE (Ia, (EFI_DHCP6_IA *)NULL);
|
||||||
|
+
|
||||||
|
+ CopyMem (Ia->IaAddress, mAllDhcpRelayAndServersAddress.Addr, sizeof (EFI_IPv6_ADDRESS));
|
||||||
|
+ CopyMem (Ia->IaAddress + 1, mAllDhcpRelayAndServersAddress.Addr, sizeof (EFI_IPv6_ADDRESS));
|
||||||
|
+
|
||||||
|
+ Ia->IaAddressCount = 2;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ if (Buffer != NULL) {
|
||||||
|
+ FreePool (Buffer);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (Ia != NULL) {
|
||||||
|
+ FreePool (Ia);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Attempt to append an option to a packet that doesn't have enough space
|
||||||
|
+// for the option header
|
||||||
|
+TEST_F (Dhcp6AppendIaOptionTest, IaNaInvalidDataExpectBufferTooSmall) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
+ Packet->Length = Packet->Size - 2;
|
||||||
|
+
|
||||||
|
+ Ia->Descriptor.Type = Dhcp6OptIana;
|
||||||
|
+ Ia->Descriptor.IaId = 0x12345678;
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendIaOption (
|
||||||
|
+ Dhcp6AppendIaOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ Ia,
|
||||||
|
+ 0x12345678,
|
||||||
|
+ 0x11111111,
|
||||||
|
+ Dhcp6OptIana
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ // verify that we error out because the packet is too small for the option header
|
||||||
|
+ ASSERT_EQ (Status, EFI_BUFFER_TOO_SMALL);
|
||||||
|
+
|
||||||
|
+ // reset the length
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Attempt to append an option to a packet that doesn't have enough space
|
||||||
|
+// for the option header
|
||||||
|
+TEST_F (Dhcp6AppendIaOptionTest, IaTaInvalidDataExpectBufferTooSmall) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
+ // Use up nearly all the space in the packet
|
||||||
|
+ Packet->Length = Packet->Size - 2;
|
||||||
|
+
|
||||||
|
+ Ia->Descriptor.Type = Dhcp6OptIata;
|
||||||
|
+ Ia->Descriptor.IaId = 0x12345678;
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendIaOption (
|
||||||
|
+ Dhcp6AppendIaOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ Ia,
|
||||||
|
+ 0,
|
||||||
|
+ 0,
|
||||||
|
+ Dhcp6OptIata
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ // verify that we error out because the packet is too small for the option header
|
||||||
|
+ ASSERT_EQ (Status, EFI_BUFFER_TOO_SMALL);
|
||||||
|
+
|
||||||
|
+ // reset the length
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+TEST_F (Dhcp6AppendIaOptionTest, IaNaValidDataExpectSuccess) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ UINTN ExpectedSize;
|
||||||
|
+ UINTN OriginalLength;
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // 2 bytes for the option header type
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize = 2;
|
||||||
|
+ //
|
||||||
|
+ // 2 bytes for the option header length
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += 2;
|
||||||
|
+ //
|
||||||
|
+ // 4 bytes for the IAID
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += 4;
|
||||||
|
+ //
|
||||||
|
+ // + 4 bytes for the T1
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += 4;
|
||||||
|
+ //
|
||||||
|
+ // + 4 bytes for the T2
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += 4;
|
||||||
|
+ //
|
||||||
|
+ // + (4 + sizeof (EFI_DHCP6_IA_ADDRESS)) * 2;
|
||||||
|
+ // + 2 bytes for the option header type
|
||||||
|
+ // + 2 bytes for the option header length
|
||||||
|
+ // + sizeof (EFI_DHCP6_IA_ADDRESS) for the IA Address
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += (4 + sizeof (EFI_DHCP6_IA_ADDRESS)) * 2;
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+ OriginalLength = Packet->Length;
|
||||||
|
+
|
||||||
|
+ Ia->Descriptor.Type = Dhcp6OptIana;
|
||||||
|
+ Ia->Descriptor.IaId = 0x12345678;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendIaOption (
|
||||||
|
+ Dhcp6AppendIaOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ Ia,
|
||||||
|
+ 0x12345678,
|
||||||
|
+ 0x12345678,
|
||||||
|
+ Dhcp6OptIana
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ // verify that the pointer to cursor moved by the expected amount
|
||||||
|
+ ASSERT_EQ (Cursor, (UINT8 *)Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option + ExpectedSize);
|
||||||
|
+
|
||||||
|
+ // verify that the length of the packet is now the expected amount
|
||||||
|
+ ASSERT_EQ (Dhcp6AppendIaOptionTest::Packet->Length, OriginalLength + ExpectedSize);
|
||||||
|
+
|
||||||
|
+ // verify that the status is EFI_SUCCESS
|
||||||
|
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+TEST_F (Dhcp6AppendIaOptionTest, IaTaValidDataExpectSuccess) {
|
||||||
|
+ UINT8 *Cursor;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ UINTN ExpectedSize;
|
||||||
|
+ UINTN OriginalLength;
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // 2 bytes for the option header type
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize = 2;
|
||||||
|
+ //
|
||||||
|
+ // 2 bytes for the option header length
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += 2;
|
||||||
|
+ //
|
||||||
|
+ // 4 bytes for the IAID
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += 4;
|
||||||
|
+ //
|
||||||
|
+ // + (4 + sizeof (EFI_DHCP6_IA_ADDRESS)) * 2;
|
||||||
|
+ // + 2 bytes for the option header type
|
||||||
|
+ // + 2 bytes for the option header length
|
||||||
|
+ // + sizeof (EFI_DHCP6_IA_ADDRESS) for the IA Address
|
||||||
|
+ //
|
||||||
|
+ ExpectedSize += (4 + sizeof (EFI_DHCP6_IA_ADDRESS)) * 2;
|
||||||
|
+
|
||||||
|
+ Cursor = Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option;
|
||||||
|
+
|
||||||
|
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
+ OriginalLength = Packet->Length;
|
||||||
|
+
|
||||||
|
+ Ia->Descriptor.Type = Dhcp6OptIata;
|
||||||
|
+ Ia->Descriptor.IaId = 0x12345678;
|
||||||
|
+
|
||||||
|
+ Status = Dhcp6AppendIaOption (
|
||||||
|
+ Dhcp6AppendIaOptionTest::Packet,
|
||||||
|
+ &Cursor,
|
||||||
|
+ Ia,
|
||||||
|
+ 0,
|
||||||
|
+ 0,
|
||||||
|
+ Dhcp6OptIata
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ // verify that the pointer to cursor moved by the expected amount
|
||||||
|
+ ASSERT_EQ (Cursor, (UINT8 *)Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option + ExpectedSize);
|
||||||
|
+
|
||||||
|
+ // verify that the length of the packet is now the expected amount
|
||||||
|
+ ASSERT_EQ (Dhcp6AppendIaOptionTest::Packet->Length, OriginalLength + ExpectedSize);
|
||||||
|
+
|
||||||
|
+ // verify that the status is EFI_SUCCESS
|
||||||
|
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
index 1aeca5c5b3..20bc90b172 100644
|
||||||
|
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
@@ -24,6 +24,7 @@
|
||||||
|
#
|
||||||
|
# Build HOST_APPLICATION that tests NetworkPkg
|
||||||
|
#
|
||||||
|
+ NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
|
||||||
|
# Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests.
|
||||||
|
[LibraryClasses]
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
@ -1,43 +0,0 @@
|
|||||||
From c5f142e26ea5e892a63ed35ca952c8b583a9f8c1 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
Date: Wed, 14 Aug 2024 09:53:49 +0200
|
|
||||||
Subject: [PATCH 2/2] NetworkPkg/DxeNetLib: Reword PseudoRandom error logging
|
|
||||||
|
|
||||||
RH-Author: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
RH-MergeRequest: 67: NetworkPkg/DxeNetLib: adjust PseudoRandom error logging
|
|
||||||
RH-Jira: RHEL-45899
|
|
||||||
RH-Commit: [2/2] 0d465ca0ea00598e6826446cd08e890c2ae4bea7 (osteffen/edk2)
|
|
||||||
|
|
||||||
The word "Failed" is used when logging tired Rng algorithms.
|
|
||||||
These mostly non-critical messages confused some users.
|
|
||||||
|
|
||||||
Reword it and also add a message confirming eventual success to
|
|
||||||
deescalate the importance somewhat.
|
|
||||||
|
|
||||||
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
---
|
|
||||||
NetworkPkg/Library/DxeNetLib/DxeNetLib.c | 3 ++-
|
|
||||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
|
||||||
index 4dfbe91a55..905a944975 100644
|
|
||||||
--- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
|
||||||
+++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
|
||||||
@@ -946,12 +946,13 @@ PseudoRandom (
|
|
||||||
//
|
|
||||||
// Secure Algorithm was supported on this platform
|
|
||||||
//
|
|
||||||
+ DEBUG ((DEBUG_VERBOSE, "Generated random data using secure algorithm %d: %r\n", AlgorithmIndex, Status));
|
|
||||||
return EFI_SUCCESS;
|
|
||||||
} else if (Status == EFI_UNSUPPORTED) {
|
|
||||||
//
|
|
||||||
// Secure Algorithm was not supported on this platform
|
|
||||||
//
|
|
||||||
- DEBUG ((DEBUG_VERBOSE, "Failed to generate random data using secure algorithm %d: %r\n", AlgorithmIndex, Status));
|
|
||||||
+ DEBUG ((DEBUG_VERBOSE, "Unable to generate random data using secure algorithm %d not available: %r\n", AlgorithmIndex, Status));
|
|
||||||
|
|
||||||
//
|
|
||||||
// Try the next secure algorithm
|
|
||||||
--
|
|
||||||
2.39.3
|
|
||||||
|
|
@ -1,48 +0,0 @@
|
|||||||
From 7cbd00792445ad50e861e4835cdb5ba60466aae3 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Date: Wed, 19 Jun 2024 09:07:56 +0200
|
|
||||||
Subject: [PATCH 1/2] NetworkPkg/DxeNetLib: adjust PseudoRandom error logging
|
|
||||||
|
|
||||||
RH-Author: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
RH-MergeRequest: 67: NetworkPkg/DxeNetLib: adjust PseudoRandom error logging
|
|
||||||
RH-Jira: RHEL-45899
|
|
||||||
RH-Commit: [1/2] 15135d672cef4310cb29f8a55146f36b2ee1f15d (osteffen/edk2)
|
|
||||||
|
|
||||||
There is a list of allowed rng algorithms, if /one/ of them is not
|
|
||||||
supported this is not a problem, only /all/ of them failing is an
|
|
||||||
error condition.
|
|
||||||
|
|
||||||
Downgrade the message for a single unsupported algorithm from ERROR to
|
|
||||||
VERBOSE. Add an error message in case we finish the loop without
|
|
||||||
finding a supported algorithm.
|
|
||||||
|
|
||||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
(cherry picked from commit 6862b9d538d96363635677198899e1669e591259)
|
|
||||||
---
|
|
||||||
NetworkPkg/Library/DxeNetLib/DxeNetLib.c | 3 ++-
|
|
||||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
|
||||||
index 01c13c08d2..4dfbe91a55 100644
|
|
||||||
--- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
|
||||||
+++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
|
||||||
@@ -951,7 +951,7 @@ PseudoRandom (
|
|
||||||
//
|
|
||||||
// Secure Algorithm was not supported on this platform
|
|
||||||
//
|
|
||||||
- DEBUG ((DEBUG_ERROR, "Failed to generate random data using secure algorithm %d: %r\n", AlgorithmIndex, Status));
|
|
||||||
+ DEBUG ((DEBUG_VERBOSE, "Failed to generate random data using secure algorithm %d: %r\n", AlgorithmIndex, Status));
|
|
||||||
|
|
||||||
//
|
|
||||||
// Try the next secure algorithm
|
|
||||||
@@ -971,6 +971,7 @@ PseudoRandom (
|
|
||||||
// If we get here, we failed to generate random data using any secure algorithm
|
|
||||||
// Platform owner should ensure that at least one secure algorithm is supported
|
|
||||||
//
|
|
||||||
+ DEBUG ((DEBUG_ERROR, "Failed to generate random data, no supported secure algorithm found\n"));
|
|
||||||
ASSERT_EFI_ERROR (Status);
|
|
||||||
return Status;
|
|
||||||
}
|
|
||||||
--
|
|
||||||
2.39.3
|
|
||||||
|
|
@ -0,0 +1,78 @@
|
|||||||
|
From e3f153773bd2ca13ee4869187f1711840fc8afc9 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 15 Feb 2024 11:51:09 -0500
|
||||||
|
Subject: [PATCH 02/15] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Patch
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [2/15] 61eaf6aac61b774c3a8ace54af8abd607651d2db
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21844
|
||||||
|
CVE: CVE-2022-45231
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit bbfee34f4188ac00371abe1389ae9c9fb989a0cd
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:48 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Patch
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4536
|
||||||
|
|
||||||
|
Bug Overview:
|
||||||
|
PixieFail Bug #3
|
||||||
|
CVE-2023-45231
|
||||||
|
CVSS 6.5 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
||||||
|
CWE-125 Out-of-bounds Read
|
||||||
|
|
||||||
|
Out-of-bounds read when handling a ND Redirect message with truncated
|
||||||
|
options
|
||||||
|
|
||||||
|
Change Overview:
|
||||||
|
|
||||||
|
Adds a check to prevent truncated options from being parsed
|
||||||
|
+ //
|
||||||
|
+ // Cannot process truncated options.
|
||||||
|
+ // Cannot process options with a length of 0 as there is no Type
|
||||||
|
field.
|
||||||
|
+ //
|
||||||
|
+ if (OptionLen < sizeof (IP6_OPTION_HEADER)) {
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Ip6Dxe/Ip6Option.c | 8 ++++++++
|
||||||
|
1 file changed, 8 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/Ip6Option.c b/NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
index 199eea124d..8718d5d875 100644
|
||||||
|
--- a/NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
@@ -137,6 +137,14 @@ Ip6IsNDOptionValid (
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Cannot process truncated options.
|
||||||
|
+ // Cannot process options with a length of 0 as there is no Type field.
|
||||||
|
+ //
|
||||||
|
+ if (OptionLen < sizeof (IP6_OPTION_HEADER)) {
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
Offset = 0;
|
||||||
|
|
||||||
|
//
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,277 @@
|
|||||||
|
From e8200dda7752d21794b2268efe9e957958ffef29 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Wed, 14 Feb 2024 12:24:44 -0500
|
||||||
|
Subject: [PATCH 03/15] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Unit
|
||||||
|
Tests
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [3/15] ca554677a3397423073d3bb4774f856b2329ae9c
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21844
|
||||||
|
CVE: CVE-2022-45231
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 6f77463d72807ec7f4ed6518c3dac29a1040df9f
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:49 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Unit Tests
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4536
|
||||||
|
|
||||||
|
Validates that the patch for...
|
||||||
|
|
||||||
|
Out-of-bounds read when handling a ND Redirect message with truncated
|
||||||
|
options
|
||||||
|
|
||||||
|
.. has been fixed
|
||||||
|
|
||||||
|
Tests the following function to ensure that an out of bounds read does
|
||||||
|
not occur
|
||||||
|
Ip6OptionValidation
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp | 20 +++
|
||||||
|
.../Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf | 42 ++++++
|
||||||
|
.../Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp | 129 ++++++++++++++++++
|
||||||
|
NetworkPkg/Test/NetworkPkgHostTest.dsc | 1 +
|
||||||
|
4 files changed, 192 insertions(+)
|
||||||
|
create mode 100644 NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp
|
||||||
|
create mode 100644 NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
create mode 100644 NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..6ebfd5fdfb
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp
|
||||||
|
@@ -0,0 +1,20 @@
|
||||||
|
+/** @file
|
||||||
|
+ Acts as the main entry point for the tests for the Ip6Dxe module.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+#include <gtest/gtest.h>
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Run the tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////////////
|
||||||
|
+int
|
||||||
|
+main (
|
||||||
|
+ int argc,
|
||||||
|
+ char *argv[]
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ testing::InitGoogleTest (&argc, argv);
|
||||||
|
+ return RUN_ALL_TESTS ();
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..6e4de0745f
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
@@ -0,0 +1,42 @@
|
||||||
|
+## @file
|
||||||
|
+# Unit test suite for the Ip6Dxe using Google Test
|
||||||
|
+#
|
||||||
|
+# Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+##
|
||||||
|
+[Defines]
|
||||||
|
+ INF_VERSION = 0x00010017
|
||||||
|
+ BASE_NAME = Ip6DxeUnitTest
|
||||||
|
+ FILE_GUID = 4F05D17D-D3E7-4AAE-820C-576D46D2D34A
|
||||||
|
+ VERSION_STRING = 1.0
|
||||||
|
+ MODULE_TYPE = HOST_APPLICATION
|
||||||
|
+#
|
||||||
|
+# The following information is for reference only and not required by the build tools.
|
||||||
|
+#
|
||||||
|
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
|
||||||
|
+#
|
||||||
|
+[Sources]
|
||||||
|
+ Ip6DxeGoogleTest.cpp
|
||||||
|
+ Ip6OptionGoogleTest.cpp
|
||||||
|
+ ../Ip6Option.c
|
||||||
|
+
|
||||||
|
+[Packages]
|
||||||
|
+ MdePkg/MdePkg.dec
|
||||||
|
+ MdeModulePkg/MdeModulePkg.dec
|
||||||
|
+ UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||||
|
+ NetworkPkg/NetworkPkg.dec
|
||||||
|
+
|
||||||
|
+[LibraryClasses]
|
||||||
|
+ GoogleTestLib
|
||||||
|
+ DebugLib
|
||||||
|
+ NetLib
|
||||||
|
+ PcdLib
|
||||||
|
+
|
||||||
|
+[Protocols]
|
||||||
|
+ gEfiDhcp6ServiceBindingProtocolGuid
|
||||||
|
+
|
||||||
|
+[Pcd]
|
||||||
|
+ gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType
|
||||||
|
+
|
||||||
|
+[Guids]
|
||||||
|
+ gZeroGuid
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..f2cd90e1a9
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp
|
||||||
|
@@ -0,0 +1,129 @@
|
||||||
|
+/** @file
|
||||||
|
+ Tests for Ip6Option.c.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+#include <gtest/gtest.h>
|
||||||
|
+
|
||||||
|
+extern "C" {
|
||||||
|
+ #include <Uefi.h>
|
||||||
|
+ #include <Library/BaseLib.h>
|
||||||
|
+ #include <Library/DebugLib.h>
|
||||||
|
+ #include "../Ip6Impl.h"
|
||||||
|
+ #include "../Ip6Option.h"
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Defines
|
||||||
|
+///////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+#define IP6_PREFIX_INFO_OPTION_DATA_LEN 32
|
||||||
|
+#define OPTION_HEADER_IP6_PREFIX_DATA_LEN (sizeof (IP6_OPTION_HEADER) + IP6_PREFIX_INFO_OPTION_DATA_LEN)
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Symbol Definitions
|
||||||
|
+// These functions are not directly under test - but required to compile
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+UINT32 mIp6Id;
|
||||||
|
+
|
||||||
|
+EFI_STATUS
|
||||||
|
+Ip6SendIcmpError (
|
||||||
|
+ IN IP6_SERVICE *IpSb,
|
||||||
|
+ IN NET_BUF *Packet,
|
||||||
|
+ IN EFI_IPv6_ADDRESS *SourceAddress OPTIONAL,
|
||||||
|
+ IN EFI_IPv6_ADDRESS *DestinationAddress,
|
||||||
|
+ IN UINT8 Type,
|
||||||
|
+ IN UINT8 Code,
|
||||||
|
+ IN UINT32 *Pointer OPTIONAL
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ // ..
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Ip6OptionValidation Tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+// Define a fixture for your tests if needed
|
||||||
|
+class Ip6OptionValidationTest : public ::testing::Test {
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Initialize any resources or variables
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Null option should return false
|
||||||
|
+TEST_F (Ip6OptionValidationTest, NullOptionShouldReturnFalse) {
|
||||||
|
+ UINT8 *option = nullptr;
|
||||||
|
+ UINT16 optionLen = 10; // Provide a suitable length
|
||||||
|
+
|
||||||
|
+ EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Truncated option should return false
|
||||||
|
+TEST_F (Ip6OptionValidationTest, TruncatedOptionShouldReturnFalse) {
|
||||||
|
+ UINT8 option[] = { 0x01 }; // Provide a truncated option
|
||||||
|
+ UINT16 optionLen = 1;
|
||||||
|
+
|
||||||
|
+ EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Ip6OptionPrefixInfo Option with zero length should return false
|
||||||
|
+TEST_F (Ip6OptionValidationTest, OptionWithZeroLengthShouldReturnFalse) {
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = Ip6OptionPrefixInfo;
|
||||||
|
+ optionHeader.Length = 0;
|
||||||
|
+ UINT8 option[sizeof (IP6_OPTION_HEADER)];
|
||||||
|
+
|
||||||
|
+ CopyMem (option, &optionHeader, sizeof (IP6_OPTION_HEADER));
|
||||||
|
+ UINT16 optionLen = sizeof (IP6_OPTION_HEADER);
|
||||||
|
+
|
||||||
|
+ EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Ip6OptionPrefixInfo Option with valid length should return true
|
||||||
|
+TEST_F (Ip6OptionValidationTest, ValidPrefixInfoOptionShouldReturnTrue) {
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = Ip6OptionPrefixInfo;
|
||||||
|
+ optionHeader.Length = 4; // Length 4 * 8 = 32
|
||||||
|
+ UINT8 option[OPTION_HEADER_IP6_PREFIX_DATA_LEN];
|
||||||
|
+
|
||||||
|
+ CopyMem (option, &optionHeader, sizeof (IP6_OPTION_HEADER));
|
||||||
|
+
|
||||||
|
+ EXPECT_TRUE (Ip6IsNDOptionValid (option, IP6_PREFIX_INFO_OPTION_DATA_LEN));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description:
|
||||||
|
+// Ip6OptionPrefixInfo Option with invalid length should return false
|
||||||
|
+TEST_F (Ip6OptionValidationTest, InvalidPrefixInfoOptionLengthShouldReturnFalse) {
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = Ip6OptionPrefixInfo;
|
||||||
|
+ optionHeader.Length = 3; // Length 3 * 8 = 24 (Invalid)
|
||||||
|
+ UINT8 option[sizeof (IP6_OPTION_HEADER)];
|
||||||
|
+
|
||||||
|
+ CopyMem (option, &optionHeader, sizeof (IP6_OPTION_HEADER));
|
||||||
|
+ UINT16 optionLen = sizeof (IP6_OPTION_HEADER);
|
||||||
|
+
|
||||||
|
+ EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
index 20bc90b172..ab7c2857b6 100644
|
||||||
|
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
@@ -25,6 +25,7 @@
|
||||||
|
# Build HOST_APPLICATION that tests NetworkPkg
|
||||||
|
#
|
||||||
|
NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
+ NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
|
||||||
|
# Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests.
|
||||||
|
[LibraryClasses]
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,377 @@
|
|||||||
|
From 23b31a16bbb789f4c251b1d2f23334210a9fb545 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Thu, 15 Feb 2024 11:51:09 -0500
|
||||||
|
Subject: [PATCH 04/15] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Patch
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [4/15] 48c273e43a6275c7eae3223c4ffa433f4d6531a4
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21846
|
||||||
|
CVE: CVE-2022-45232
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21848
|
||||||
|
CVE: CVE-2022-45233
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 4df0229ef992d4f2721a8508787ebf9dc81fbd6e
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:50 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Patch
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4537
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4538
|
||||||
|
|
||||||
|
Bug Details:
|
||||||
|
PixieFail Bug #4
|
||||||
|
CVE-2023-45232
|
||||||
|
CVSS 7.5 : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
||||||
|
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
|
||||||
|
|
||||||
|
Infinite loop when parsing unknown options in the Destination Options
|
||||||
|
header
|
||||||
|
|
||||||
|
PixieFail Bug #5
|
||||||
|
CVE-2023-45233
|
||||||
|
CVSS 7.5 : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
||||||
|
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
|
||||||
|
|
||||||
|
Infinite loop when parsing a PadN option in the Destination Options
|
||||||
|
header
|
||||||
|
|
||||||
|
Change Overview:
|
||||||
|
|
||||||
|
Most importantly this change corrects the following incorrect math
|
||||||
|
and cleans up the code.
|
||||||
|
|
||||||
|
> // It is a PadN option
|
||||||
|
> //
|
||||||
|
> - Offset = (UINT8)(Offset + *(Option + Offset + 1) + 2);
|
||||||
|
> + OptDataLen = ((EFI_IP6_OPTION *)(Option + Offset))->Length;
|
||||||
|
> + Offset = IP6_NEXT_OPTION_OFFSET (Offset, OptDataLen);
|
||||||
|
|
||||||
|
> case Ip6OptionSkip:
|
||||||
|
> - Offset = (UINT8)(Offset + *(Option + Offset + 1));
|
||||||
|
> OptDataLen = ((EFI_IP6_OPTION *)(Option + Offset))->Length;
|
||||||
|
> Offset = IP6_NEXT_OPTION_OFFSET (Offset, OptDataLen);
|
||||||
|
|
||||||
|
Additionally, this change also corrects incorrect math where the calling
|
||||||
|
function was calculating the HDR EXT optionLen as a uint8 instead of a
|
||||||
|
uint16
|
||||||
|
|
||||||
|
> - OptionLen = (UINT8)((*Option + 1) * 8 - 2);
|
||||||
|
> + OptionLen = IP6_HDR_EXT_LEN (*Option) -
|
||||||
|
IP6_COMBINED_SIZE_OF_NEXT_HDR_AND_LEN;
|
||||||
|
|
||||||
|
Additionally this check adds additional logic to santize the incoming
|
||||||
|
data
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Ip6Dxe/Ip6Nd.h | 35 ++++++++++++++++
|
||||||
|
NetworkPkg/Ip6Dxe/Ip6Option.c | 76 ++++++++++++++++++++++++++++++-----
|
||||||
|
NetworkPkg/Ip6Dxe/Ip6Option.h | 71 ++++++++++++++++++++++++++++++++
|
||||||
|
3 files changed, 171 insertions(+), 11 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/Ip6Nd.h b/NetworkPkg/Ip6Dxe/Ip6Nd.h
|
||||||
|
index 860934a167..bf64e9114e 100644
|
||||||
|
--- a/NetworkPkg/Ip6Dxe/Ip6Nd.h
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/Ip6Nd.h
|
||||||
|
@@ -56,13 +56,48 @@ VOID
|
||||||
|
VOID *Context
|
||||||
|
);
|
||||||
|
|
||||||
|
+//
|
||||||
|
+// Per RFC8200 Section 4.2
|
||||||
|
+//
|
||||||
|
+// Two of the currently-defined extension headers -- the Hop-by-Hop
|
||||||
|
+// Options header and the Destination Options header -- carry a variable
|
||||||
|
+// number of type-length-value (TLV) encoded "options", of the following
|
||||||
|
+// format:
|
||||||
|
+//
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - -
|
||||||
|
+// | Option Type | Opt Data Len | Option Data
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - -
|
||||||
|
+//
|
||||||
|
+// Option Type 8-bit identifier of the type of option.
|
||||||
|
+//
|
||||||
|
+// Opt Data Len 8-bit unsigned integer. Length of the Option
|
||||||
|
+// Data field of this option, in octets.
|
||||||
|
+//
|
||||||
|
+// Option Data Variable-length field. Option-Type-specific
|
||||||
|
+// data.
|
||||||
|
+//
|
||||||
|
typedef struct _IP6_OPTION_HEADER {
|
||||||
|
+ ///
|
||||||
|
+ /// identifier of the type of option.
|
||||||
|
+ ///
|
||||||
|
UINT8 Type;
|
||||||
|
+ ///
|
||||||
|
+ /// Length of the Option Data field of this option, in octets.
|
||||||
|
+ ///
|
||||||
|
UINT8 Length;
|
||||||
|
+ ///
|
||||||
|
+ /// Option-Type-specific data.
|
||||||
|
+ ///
|
||||||
|
} IP6_OPTION_HEADER;
|
||||||
|
|
||||||
|
STATIC_ASSERT (sizeof (IP6_OPTION_HEADER) == 2, "IP6_OPTION_HEADER is expected to be exactly 2 bytes long.");
|
||||||
|
|
||||||
|
+#define IP6_NEXT_OPTION_OFFSET(offset, length) (offset + sizeof(IP6_OPTION_HEADER) + length)
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ IP6_NEXT_OPTION_OFFSET (0, 0) == 2,
|
||||||
|
+ "The next option is minimally the combined size of the option tag and length"
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
typedef struct _IP6_ETHE_ADDR_OPTION {
|
||||||
|
UINT8 Type;
|
||||||
|
UINT8 Length;
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/Ip6Option.c b/NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
index 8718d5d875..fd97ce116f 100644
|
||||||
|
--- a/NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/Ip6Option.c
|
||||||
|
@@ -17,7 +17,8 @@
|
||||||
|
@param[in] IpSb The IP6 service data.
|
||||||
|
@param[in] Packet The to be validated packet.
|
||||||
|
@param[in] Option The first byte of the option.
|
||||||
|
- @param[in] OptionLen The length of the whole option.
|
||||||
|
+ @param[in] OptionLen The length of all options, expressed in byte length of octets.
|
||||||
|
+ Maximum length is 2046 bytes or ((n + 1) * 8) - 2 where n is 255.
|
||||||
|
@param[in] Pointer Identifies the octet offset within
|
||||||
|
the invoking packet where the error was detected.
|
||||||
|
|
||||||
|
@@ -31,12 +32,33 @@ Ip6IsOptionValid (
|
||||||
|
IN IP6_SERVICE *IpSb,
|
||||||
|
IN NET_BUF *Packet,
|
||||||
|
IN UINT8 *Option,
|
||||||
|
- IN UINT8 OptionLen,
|
||||||
|
+ IN UINT16 OptionLen,
|
||||||
|
IN UINT32 Pointer
|
||||||
|
)
|
||||||
|
{
|
||||||
|
- UINT8 Offset;
|
||||||
|
- UINT8 OptionType;
|
||||||
|
+ UINT16 Offset;
|
||||||
|
+ UINT8 OptionType;
|
||||||
|
+ UINT8 OptDataLen;
|
||||||
|
+
|
||||||
|
+ if (Option == NULL) {
|
||||||
|
+ ASSERT (Option != NULL);
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if ((OptionLen <= 0) || (OptionLen > IP6_MAX_EXT_DATA_LENGTH)) {
|
||||||
|
+ ASSERT (OptionLen > 0 && OptionLen <= IP6_MAX_EXT_DATA_LENGTH);
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (Packet == NULL) {
|
||||||
|
+ ASSERT (Packet != NULL);
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (IpSb == NULL) {
|
||||||
|
+ ASSERT (IpSb != NULL);
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
Offset = 0;
|
||||||
|
|
||||||
|
@@ -54,7 +76,8 @@ Ip6IsOptionValid (
|
||||||
|
//
|
||||||
|
// It is a PadN option
|
||||||
|
//
|
||||||
|
- Offset = (UINT8)(Offset + *(Option + Offset + 1) + 2);
|
||||||
|
+ OptDataLen = ((IP6_OPTION_HEADER *)(Option + Offset))->Length;
|
||||||
|
+ Offset = IP6_NEXT_OPTION_OFFSET (Offset, OptDataLen);
|
||||||
|
break;
|
||||||
|
case Ip6OptionRouterAlert:
|
||||||
|
//
|
||||||
|
@@ -69,7 +92,8 @@ Ip6IsOptionValid (
|
||||||
|
//
|
||||||
|
switch (OptionType & Ip6OptionMask) {
|
||||||
|
case Ip6OptionSkip:
|
||||||
|
- Offset = (UINT8)(Offset + *(Option + Offset + 1));
|
||||||
|
+ OptDataLen = ((IP6_OPTION_HEADER *)(Option + Offset))->Length;
|
||||||
|
+ Offset = IP6_NEXT_OPTION_OFFSET (Offset, OptDataLen);
|
||||||
|
break;
|
||||||
|
case Ip6OptionDiscard:
|
||||||
|
return FALSE;
|
||||||
|
@@ -308,7 +332,7 @@ Ip6IsExtsValid (
|
||||||
|
UINT32 Pointer;
|
||||||
|
UINT32 Offset;
|
||||||
|
UINT8 *Option;
|
||||||
|
- UINT8 OptionLen;
|
||||||
|
+ UINT16 OptionLen;
|
||||||
|
BOOLEAN Flag;
|
||||||
|
UINT8 CountD;
|
||||||
|
UINT8 CountA;
|
||||||
|
@@ -385,6 +409,36 @@ Ip6IsExtsValid (
|
||||||
|
// Fall through
|
||||||
|
//
|
||||||
|
case IP6_DESTINATION:
|
||||||
|
+ //
|
||||||
|
+ // See https://www.rfc-editor.org/rfc/rfc2460#section-4.2 page 23
|
||||||
|
+ //
|
||||||
|
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+ // | Next Header | Hdr Ext Len | |
|
||||||
|
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
|
||||||
|
+ // | |
|
||||||
|
+ // . .
|
||||||
|
+ // . Options .
|
||||||
|
+ // . .
|
||||||
|
+ // | |
|
||||||
|
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+ //
|
||||||
|
+ //
|
||||||
|
+ // Next Header 8-bit selector. Identifies the type of header
|
||||||
|
+ // immediately following the Destination Options
|
||||||
|
+ // header. Uses the same values as the IPv4
|
||||||
|
+ // Protocol field [RFC-1700 et seq.].
|
||||||
|
+ //
|
||||||
|
+ // Hdr Ext Len 8-bit unsigned integer. Length of the
|
||||||
|
+ // Destination Options header in 8-octet units, not
|
||||||
|
+ // including the first 8 octets.
|
||||||
|
+ //
|
||||||
|
+ // Options Variable-length field, of length such that the
|
||||||
|
+ // complete Destination Options header is an
|
||||||
|
+ // integer multiple of 8 octets long. Contains one
|
||||||
|
+ // or more TLV-encoded options, as described in
|
||||||
|
+ // section 4.2.
|
||||||
|
+ //
|
||||||
|
+
|
||||||
|
if (*NextHeader == IP6_DESTINATION) {
|
||||||
|
CountD++;
|
||||||
|
}
|
||||||
|
@@ -398,7 +452,7 @@ Ip6IsExtsValid (
|
||||||
|
|
||||||
|
Offset++;
|
||||||
|
Option = ExtHdrs + Offset;
|
||||||
|
- OptionLen = (UINT8)((*Option + 1) * 8 - 2);
|
||||||
|
+ OptionLen = IP6_HDR_EXT_LEN (*Option) - sizeof (IP6_EXT_HDR);
|
||||||
|
Option++;
|
||||||
|
Offset++;
|
||||||
|
|
||||||
|
@@ -430,7 +484,7 @@ Ip6IsExtsValid (
|
||||||
|
//
|
||||||
|
// Ignore the routing header and proceed to process the next header.
|
||||||
|
//
|
||||||
|
- Offset = Offset + (RoutingHead->HeaderLen + 1) * 8;
|
||||||
|
+ Offset = Offset + IP6_HDR_EXT_LEN (RoutingHead->HeaderLen);
|
||||||
|
|
||||||
|
if (UnFragmentLen != NULL) {
|
||||||
|
*UnFragmentLen = Offset;
|
||||||
|
@@ -441,7 +495,7 @@ Ip6IsExtsValid (
|
||||||
|
// to the packet's source address, pointing to the unrecognized routing
|
||||||
|
// type.
|
||||||
|
//
|
||||||
|
- Pointer = Offset + 2 + sizeof (EFI_IP6_HEADER);
|
||||||
|
+ Pointer = Offset + sizeof (IP6_EXT_HDR) + sizeof (EFI_IP6_HEADER);
|
||||||
|
if ((IpSb != NULL) && (Packet != NULL) &&
|
||||||
|
!IP6_IS_MULTICAST (&Packet->Ip.Ip6->DestinationAddress))
|
||||||
|
{
|
||||||
|
@@ -527,7 +581,7 @@ Ip6IsExtsValid (
|
||||||
|
//
|
||||||
|
// RFC2402, Payload length is specified in 32-bit words, minus "2".
|
||||||
|
//
|
||||||
|
- OptionLen = (UINT8)((*Option + 2) * 4);
|
||||||
|
+ OptionLen = ((UINT16)(*Option + 2) * 4);
|
||||||
|
Offset = Offset + OptionLen;
|
||||||
|
break;
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/Ip6Option.h b/NetworkPkg/Ip6Dxe/Ip6Option.h
|
||||||
|
index bd8e223c8a..fb07c28f5a 100644
|
||||||
|
--- a/NetworkPkg/Ip6Dxe/Ip6Option.h
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/Ip6Option.h
|
||||||
|
@@ -12,6 +12,77 @@
|
||||||
|
|
||||||
|
#define IP6_FRAGMENT_OFFSET_MASK (~0x3)
|
||||||
|
|
||||||
|
+//
|
||||||
|
+// For more information see RFC 8200, Section 4.3, 4.4, and 4.6
|
||||||
|
+//
|
||||||
|
+// This example format is from section 4.6
|
||||||
|
+// This does not apply to fragment headers
|
||||||
|
+//
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+// | Next Header | Hdr Ext Len | |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
|
||||||
|
+// | |
|
||||||
|
+// . .
|
||||||
|
+// . Header-Specific Data .
|
||||||
|
+// . .
|
||||||
|
+// | |
|
||||||
|
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||||
|
+//
|
||||||
|
+// Next Header 8-bit selector. Identifies the type of
|
||||||
|
+// header immediately following the extension
|
||||||
|
+// header. Uses the same values as the IPv4
|
||||||
|
+// Protocol field [IANA-PN].
|
||||||
|
+//
|
||||||
|
+// Hdr Ext Len 8-bit unsigned integer. Length of the
|
||||||
|
+// Destination Options header in 8-octet units,
|
||||||
|
+// not including the first 8 octets.
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// These defines apply to the following:
|
||||||
|
+// 1. Hop by Hop
|
||||||
|
+// 2. Routing
|
||||||
|
+// 3. Destination
|
||||||
|
+//
|
||||||
|
+typedef struct _IP6_EXT_HDR {
|
||||||
|
+ ///
|
||||||
|
+ /// The Next Header field identifies the type of header immediately
|
||||||
|
+ ///
|
||||||
|
+ UINT8 NextHeader;
|
||||||
|
+ ///
|
||||||
|
+ /// The Hdr Ext Len field specifies the length of the Hop-by-Hop Options
|
||||||
|
+ ///
|
||||||
|
+ UINT8 HdrExtLen;
|
||||||
|
+ ///
|
||||||
|
+ /// Header-Specific Data
|
||||||
|
+ ///
|
||||||
|
+} IP6_EXT_HDR;
|
||||||
|
+
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ sizeof (IP6_EXT_HDR) == 2,
|
||||||
|
+ "The combined size of Next Header and Len is two 8 bit fields"
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// IPv6 extension headers contain an 8-bit length field which describes the size of
|
||||||
|
+// the header. However, the length field only includes the size of the extension
|
||||||
|
+// header options, not the size of the first 8 bytes of the header. Therefore, in
|
||||||
|
+// order to calculate the full size of the extension header, we add 1 (to account
|
||||||
|
+// for the first 8 bytes omitted by the length field reporting) and then multiply
|
||||||
|
+// by 8 (since the size is represented in 8-byte units).
|
||||||
|
+//
|
||||||
|
+// a is the length field of the extension header (UINT8)
|
||||||
|
+// The result may be up to 2046 octets (UINT16)
|
||||||
|
+//
|
||||||
|
+#define IP6_HDR_EXT_LEN(a) (((UINT16)((UINT8)(a)) + 1) * 8)
|
||||||
|
+
|
||||||
|
+// This is the maxmimum length permissible by a extension header
|
||||||
|
+// Length is UINT8 of 8 octets not including the first 8 octets
|
||||||
|
+#define IP6_MAX_EXT_DATA_LENGTH (IP6_HDR_EXT_LEN (MAX_UINT8) - sizeof(IP6_EXT_HDR))
|
||||||
|
+STATIC_ASSERT (
|
||||||
|
+ IP6_MAX_EXT_DATA_LENGTH == 2046,
|
||||||
|
+ "Maximum data length is ((MAX_UINT8 + 1) * 8) - 2"
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
typedef struct _IP6_FRAGMENT_HEADER {
|
||||||
|
UINT8 NextHeader;
|
||||||
|
UINT8 Reserved;
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,430 @@
|
|||||||
|
From 2bd8bc051f6394f2ab3c22649c54ecbed5d636cd Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Wed, 14 Feb 2024 20:25:29 -0500
|
||||||
|
Subject: [PATCH 05/15] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Unit
|
||||||
|
Tests
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [5/15] 624365d403df25927ab0514b0e25faea7376def8
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21846
|
||||||
|
CVE: CVE-2022-45232
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit c9c87f08dd6ace36fa843424522c3558a8374cac
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:51 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Unit Tests
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4537
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4538
|
||||||
|
|
||||||
|
Unit tests to confirm that..
|
||||||
|
Infinite loop when parsing unknown options in the Destination Options
|
||||||
|
header
|
||||||
|
|
||||||
|
and
|
||||||
|
|
||||||
|
Infinite loop when parsing a PadN option in the Destination Options
|
||||||
|
header
|
||||||
|
|
||||||
|
... have been patched
|
||||||
|
|
||||||
|
This patch tests the following functions:
|
||||||
|
Ip6IsOptionValid
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
.../Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf | 10 +-
|
||||||
|
.../Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp | 278 ++++++++++++++++++
|
||||||
|
.../Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h | 40 +++
|
||||||
|
3 files changed, 324 insertions(+), 4 deletions(-)
|
||||||
|
create mode 100644 NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
index 6e4de0745f..ba29dbabad 100644
|
||||||
|
--- a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
@@ -1,13 +1,13 @@
|
||||||
|
## @file
|
||||||
|
-# Unit test suite for the Ip6Dxe using Google Test
|
||||||
|
+# Unit test suite for the Ip6DxeGoogleTest using Google Test
|
||||||
|
#
|
||||||
|
# Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
##
|
||||||
|
[Defines]
|
||||||
|
INF_VERSION = 0x00010017
|
||||||
|
- BASE_NAME = Ip6DxeUnitTest
|
||||||
|
- FILE_GUID = 4F05D17D-D3E7-4AAE-820C-576D46D2D34A
|
||||||
|
+ BASE_NAME = Ip6DxeGoogleTest
|
||||||
|
+ FILE_GUID = AE39981C-B7FE-41A8-A9C2-F41910477CA3
|
||||||
|
VERSION_STRING = 1.0
|
||||||
|
MODULE_TYPE = HOST_APPLICATION
|
||||||
|
#
|
||||||
|
@@ -16,9 +16,11 @@
|
||||||
|
# VALID_ARCHITECTURES = IA32 X64 AARCH64
|
||||||
|
#
|
||||||
|
[Sources]
|
||||||
|
+ ../Ip6Option.c
|
||||||
|
+ Ip6OptionGoogleTest.h
|
||||||
|
Ip6DxeGoogleTest.cpp
|
||||||
|
Ip6OptionGoogleTest.cpp
|
||||||
|
- ../Ip6Option.c
|
||||||
|
+ Ip6OptionGoogleTest.h
|
||||||
|
|
||||||
|
[Packages]
|
||||||
|
MdePkg/MdePkg.dec
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp
|
||||||
|
index f2cd90e1a9..29f8a4a96e 100644
|
||||||
|
--- a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp
|
||||||
|
@@ -12,6 +12,7 @@ extern "C" {
|
||||||
|
#include <Library/DebugLib.h>
|
||||||
|
#include "../Ip6Impl.h"
|
||||||
|
#include "../Ip6Option.h"
|
||||||
|
+ #include "Ip6OptionGoogleTest.h"
|
||||||
|
}
|
||||||
|
|
||||||
|
/////////////////////////////////////////////////////////////////////////
|
||||||
|
@@ -127,3 +128,280 @@ TEST_F (Ip6OptionValidationTest, InvalidPrefixInfoOptionLengthShouldReturnFalse)
|
||||||
|
|
||||||
|
EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Ip6IsOptionValid Tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+// Define a fixture for your tests if needed
|
||||||
|
+class Ip6IsOptionValidTest : public ::testing::Test {
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Initialize any resources or variables
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify that a NULL option is Invalid
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, NullOptionShouldReturnTrue) {
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ IP6_SERVICE *IpSb = NULL;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ EXPECT_FALSE (Ip6IsOptionValid (IpSb, &Packet, NULL, 0, 0));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify that an unknown option with a length of 0 and type of <unknown> does not cause an infinite loop
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, VerifyNoInfiniteLoopOnUnknownOptionLength0) {
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ UINT32 DeadCode = 0xDeadC0de;
|
||||||
|
+ // Don't actually use this pointer, just pass it to the function, nothing will be done with it
|
||||||
|
+ IP6_SERVICE *IpSb = (IP6_SERVICE *)&DeadCode;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = 23; // Unknown Option
|
||||||
|
+ optionHeader.Length = 0; // This will cause an infinite loop if the function is not working correctly
|
||||||
|
+
|
||||||
|
+ // This should be a valid option even though the length is 0
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify that an unknown option with a length of 1 and type of <unknown> does not cause an infinite loop
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, VerifyNoInfiniteLoopOnUnknownOptionLength1) {
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ UINT32 DeadCode = 0xDeadC0de;
|
||||||
|
+ // Don't actually use this pointer, just pass it to the function, nothing will be done with it
|
||||||
|
+ IP6_SERVICE *IpSb = (IP6_SERVICE *)&DeadCode;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = 23; // Unknown Option
|
||||||
|
+ optionHeader.Length = 1; // This will cause an infinite loop if the function is not working correctly
|
||||||
|
+
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify that an unknown option with a length of 2 and type of <unknown> does not cause an infinite loop
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, VerifyIpSkipUnknownOption) {
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ UINT32 DeadCode = 0xDeadC0de;
|
||||||
|
+ // Don't actually use this pointer, just pass it to the function, nothing will be done with it
|
||||||
|
+ IP6_SERVICE *IpSb = (IP6_SERVICE *)&DeadCode;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = 23; // Unknown Option
|
||||||
|
+ optionHeader.Length = 2; // Valid length for an unknown option
|
||||||
|
+
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify that Ip6OptionPad1 is valid with a length of 0
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, VerifyIp6OptionPad1) {
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ UINT32 DeadCode = 0xDeadC0de;
|
||||||
|
+ // Don't actually use this pointer, just pass it to the function, nothing will be done with it
|
||||||
|
+ IP6_SERVICE *IpSb = (IP6_SERVICE *)&DeadCode;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = Ip6OptionPad1;
|
||||||
|
+ optionHeader.Length = 0;
|
||||||
|
+
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify that Ip6OptionPadN doesn't overflow with various lengths
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, VerifyIp6OptionPadN) {
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ UINT32 DeadCode = 0xDeadC0de;
|
||||||
|
+ // Don't actually use this pointer, just pass it to the function, nothing will be done with it
|
||||||
|
+ IP6_SERVICE *IpSb = (IP6_SERVICE *)&DeadCode;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = Ip6OptionPadN;
|
||||||
|
+ optionHeader.Length = 0xFF;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+
|
||||||
|
+ optionHeader.Length = 0xFE;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+
|
||||||
|
+ optionHeader.Length = 0xFD;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+
|
||||||
|
+ optionHeader.Length = 0xFC;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify an unknown option doesn't cause an infinite loop with various lengths
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, VerifyNoInfiniteLoopOnUnknownOptionLengthAttemptOverflow) {
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ UINT32 DeadCode = 0xDeadC0de;
|
||||||
|
+ // Don't actually use this pointer, just pass it to the function, nothing will be done with it
|
||||||
|
+ IP6_SERVICE *IpSb = (IP6_SERVICE *)&DeadCode;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ IP6_OPTION_HEADER optionHeader;
|
||||||
|
+
|
||||||
|
+ optionHeader.Type = 23; // Unknown Option
|
||||||
|
+ optionHeader.Length = 0xFF;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+
|
||||||
|
+ optionHeader.Length = 0xFE;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+
|
||||||
|
+ optionHeader.Length = 0xFD;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+
|
||||||
|
+ optionHeader.Length = 0xFC;
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, sizeof (optionHeader), 0));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Verify that the function supports multiple options
|
||||||
|
+TEST_F (Ip6IsOptionValidTest, MultiOptionSupport) {
|
||||||
|
+ UINT16 HdrLen;
|
||||||
|
+ NET_BUF Packet = { 0 };
|
||||||
|
+ // we need to define enough of the packet to make the function work
|
||||||
|
+ // The function being tested will pass IpSb to Ip6SendIcmpError which is defined above
|
||||||
|
+ UINT32 DeadCode = 0xDeadC0de;
|
||||||
|
+ // Don't actually use this pointer, just pass it to the function, nothing will be done with it
|
||||||
|
+ IP6_SERVICE *IpSb = (IP6_SERVICE *)&DeadCode;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS SourceAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IPv6_ADDRESS DestinationAddress = { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 };
|
||||||
|
+ EFI_IP6_HEADER Ip6Header = { 0 };
|
||||||
|
+
|
||||||
|
+ Ip6Header.SourceAddress = SourceAddress;
|
||||||
|
+ Ip6Header.DestinationAddress = DestinationAddress;
|
||||||
|
+ Packet.Ip.Ip6 = &Ip6Header;
|
||||||
|
+
|
||||||
|
+ UINT8 ExtHdr[1024] = { 0 };
|
||||||
|
+ UINT8 *Cursor = ExtHdr;
|
||||||
|
+ IP6_OPTION_HEADER *Option = (IP6_OPTION_HEADER *)ExtHdr;
|
||||||
|
+
|
||||||
|
+ // Let's start chaining options
|
||||||
|
+
|
||||||
|
+ Option->Type = 23; // Unknown Option
|
||||||
|
+ Option->Length = 0xFC;
|
||||||
|
+
|
||||||
|
+ Cursor += sizeof (IP6_OPTION_HEADER) + 0xFC;
|
||||||
|
+
|
||||||
|
+ Option = (IP6_OPTION_HEADER *)Cursor;
|
||||||
|
+ Option->Type = Ip6OptionPad1;
|
||||||
|
+
|
||||||
|
+ Cursor += sizeof (1);
|
||||||
|
+
|
||||||
|
+ // Type and length aren't processed, instead it just moves the pointer forward by 4 bytes
|
||||||
|
+ Option = (IP6_OPTION_HEADER *)Cursor;
|
||||||
|
+ Option->Type = Ip6OptionRouterAlert;
|
||||||
|
+ Option->Length = 4;
|
||||||
|
+
|
||||||
|
+ Cursor += sizeof (IP6_OPTION_HEADER) + 4;
|
||||||
|
+
|
||||||
|
+ Option = (IP6_OPTION_HEADER *)Cursor;
|
||||||
|
+ Option->Type = Ip6OptionPadN;
|
||||||
|
+ Option->Length = 0xFC;
|
||||||
|
+
|
||||||
|
+ Cursor += sizeof (IP6_OPTION_HEADER) + 0xFC;
|
||||||
|
+
|
||||||
|
+ Option = (IP6_OPTION_HEADER *)Cursor;
|
||||||
|
+ Option->Type = Ip6OptionRouterAlert;
|
||||||
|
+ Option->Length = 4;
|
||||||
|
+
|
||||||
|
+ Cursor += sizeof (IP6_OPTION_HEADER) + 4;
|
||||||
|
+
|
||||||
|
+ // Total 524
|
||||||
|
+
|
||||||
|
+ HdrLen = (UINT16)(Cursor - ExtHdr);
|
||||||
|
+
|
||||||
|
+ EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, ExtHdr, HdrLen, 0));
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..0509b6ae30
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h
|
||||||
|
@@ -0,0 +1,40 @@
|
||||||
|
+/** @file
|
||||||
|
+ Exposes the functions needed to test the Ip6Option module.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+
|
||||||
|
+#ifndef IP6_OPTION_HEADER_GOOGLE_TEST_H_
|
||||||
|
+#define IP6_OPTION_HEADER_GOOGLE_TEST_H_
|
||||||
|
+
|
||||||
|
+#include <Uefi.h>
|
||||||
|
+#include "../Ip6Impl.h"
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Validate the IP6 option format for both the packets we received
|
||||||
|
+ and that we will transmit. It will compute the ICMPv6 error message fields
|
||||||
|
+ if the option is malformatted.
|
||||||
|
+
|
||||||
|
+ @param[in] IpSb The IP6 service data.
|
||||||
|
+ @param[in] Packet The to be validated packet.
|
||||||
|
+ @param[in] Option The first byte of the option.
|
||||||
|
+ @param[in] OptionLen The length of the whole option.
|
||||||
|
+ @param[in] Pointer Identifies the octet offset within
|
||||||
|
+ the invoking packet where the error was detected.
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+ @retval TRUE The option is properly formatted.
|
||||||
|
+ @retval FALSE The option is malformatted.
|
||||||
|
+
|
||||||
|
+**/
|
||||||
|
+BOOLEAN
|
||||||
|
+Ip6IsOptionValid (
|
||||||
|
+ IN IP6_SERVICE *IpSb,
|
||||||
|
+ IN NET_BUF *Packet,
|
||||||
|
+ IN UINT8 *Option,
|
||||||
|
+ IN UINT16 OptionLen,
|
||||||
|
+ IN UINT32 Pointer
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+#endif // __IP6_OPTION_HEADER_GOOGLE_TEST_H__
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,808 @@
|
|||||||
|
From 1e7f4034ddc0896e16c981d4220a1178813b4e86 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Tue, 11 Jun 2024 15:20:29 -0400
|
||||||
|
Subject: [PATCH 30/31] NetworkPkg TcpDxe: SECURITY PATCH CVE-2023-45236
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 77: UINT32 overflow in S3 ResumeCount and Pixiefail fixes
|
||||||
|
RH-Jira: RHEL-21854 RHEL-21856 RHEL-40099
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Commit: [30/31] 9ae15a2abf1d9bd0a0df1ff73a88446b9eb33602
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21854
|
||||||
|
Upstream: Merged
|
||||||
|
CVE: CVE-2023-45236
|
||||||
|
Conflicts: Didn't add new file NetworkPkg/SecurityFixes.yaml
|
||||||
|
|
||||||
|
commit 1904a64bcc18199738e5be183d28887ac5d837d7
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Wed May 8 22:56:29 2024 -0700
|
||||||
|
|
||||||
|
NetworkPkg TcpDxe: SECURITY PATCH CVE-2023-45236
|
||||||
|
|
||||||
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4541
|
||||||
|
REF: https://www.rfc-editor.org/rfc/rfc1948.txt
|
||||||
|
REF: https://www.rfc-editor.org/rfc/rfc6528.txt
|
||||||
|
REF: https://www.rfc-editor.org/rfc/rfc9293.txt
|
||||||
|
|
||||||
|
Bug Overview:
|
||||||
|
PixieFail Bug #8
|
||||||
|
CVE-2023-45236
|
||||||
|
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
|
||||||
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
|
||||||
|
|
||||||
|
Updates TCP ISN generation to use a cryptographic hash of the
|
||||||
|
connection's identifying parameters and a secret key.
|
||||||
|
This prevents an attacker from guessing the ISN used for some other
|
||||||
|
connection.
|
||||||
|
|
||||||
|
This is follows the guidance in RFC 1948, RFC 6528, and RFC 9293.
|
||||||
|
|
||||||
|
RFC: 9293 Section 3.4.1. Initial Sequence Number Selection
|
||||||
|
|
||||||
|
A TCP implementation MUST use the above type of "clock" for clock-
|
||||||
|
driven selection of initial sequence numbers (MUST-8), and SHOULD
|
||||||
|
generate its initial sequence numbers with the expression:
|
||||||
|
|
||||||
|
ISN = M + F(localip, localport, remoteip, remoteport, secretkey)
|
||||||
|
|
||||||
|
where M is the 4 microsecond timer, and F() is a pseudorandom
|
||||||
|
function (PRF) of the connection's identifying parameters ("localip,
|
||||||
|
localport, remoteip, remoteport") and a secret key ("secretkey")
|
||||||
|
(SHLD-1). F() MUST NOT be computable from the outside (MUST-9), or
|
||||||
|
an attacker could still guess at sequence numbers from the ISN used
|
||||||
|
for some other connection. The PRF could be implemented as a
|
||||||
|
cryptographic hash of the concatenation of the TCP connection
|
||||||
|
parameters and some secret data. For discussion of the selection of
|
||||||
|
a specific hash algorithm and management of the secret key data,
|
||||||
|
please see Section 3 of [42].
|
||||||
|
|
||||||
|
For each connection there is a send sequence number and a receive
|
||||||
|
sequence number. The initial send sequence number (ISS) is chosen by
|
||||||
|
the data sending TCP peer, and the initial receive sequence number
|
||||||
|
(IRS) is learned during the connection-establishing procedure.
|
||||||
|
|
||||||
|
For a connection to be established or initialized, the two TCP peers
|
||||||
|
must synchronize on each other's initial sequence numbers. This is
|
||||||
|
done in an exchange of connection-establishing segments carrying a
|
||||||
|
control bit called "SYN" (for synchronize) and the initial sequence
|
||||||
|
numbers. As a shorthand, segments carrying the SYN bit are also
|
||||||
|
called "SYNs". Hence, the solution requires a suitable mechanism for
|
||||||
|
picking an initial sequence number and a slightly involved handshake
|
||||||
|
to exchange the ISNs.
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/TcpDxe/TcpDriver.c | 92 ++++++++++++-
|
||||||
|
NetworkPkg/TcpDxe/TcpDxe.inf | 8 +-
|
||||||
|
NetworkPkg/TcpDxe/TcpFunc.h | 23 ++--
|
||||||
|
NetworkPkg/TcpDxe/TcpInput.c | 13 +-
|
||||||
|
NetworkPkg/TcpDxe/TcpMain.h | 59 ++++++--
|
||||||
|
NetworkPkg/TcpDxe/TcpMisc.c | 244 ++++++++++++++++++++++++++++++++--
|
||||||
|
NetworkPkg/TcpDxe/TcpTimer.c | 3 +-
|
||||||
|
7 files changed, 394 insertions(+), 48 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/TcpDxe/TcpDriver.c b/NetworkPkg/TcpDxe/TcpDriver.c
|
||||||
|
index 430911c2f4..34ae838ae0 100644
|
||||||
|
--- a/NetworkPkg/TcpDxe/TcpDriver.c
|
||||||
|
+++ b/NetworkPkg/TcpDxe/TcpDriver.c
|
||||||
|
@@ -83,6 +83,12 @@ EFI_SERVICE_BINDING_PROTOCOL gTcpServiceBinding = {
|
||||||
|
TcpServiceBindingDestroyChild
|
||||||
|
};
|
||||||
|
|
||||||
|
+//
|
||||||
|
+// This is the handle for the Hash2ServiceBinding Protocol instance this driver produces
|
||||||
|
+// if the platform does not provide one.
|
||||||
|
+//
|
||||||
|
+EFI_HANDLE mHash2ServiceHandle = NULL;
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
Create and start the heartbeat timer for the TCP driver.
|
||||||
|
|
||||||
|
@@ -165,6 +171,23 @@ TcpDriverEntryPoint (
|
||||||
|
EFI_STATUS Status;
|
||||||
|
UINT32 Random;
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Initialize the Secret used for hashing TCP sequence numbers
|
||||||
|
+ //
|
||||||
|
+ // Normally this should be regenerated periodically, but since
|
||||||
|
+ // this is only used for UEFI networking and not a general purpose
|
||||||
|
+ // operating system, it is not necessary to regenerate it.
|
||||||
|
+ //
|
||||||
|
+ Status = PseudoRandomU32 (&mTcpGlobalSecret);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "%a failed to generate random number: %r\n", __func__, Status));
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Get a random number used to generate a random port number
|
||||||
|
+ // Intentionally not linking this to mTcpGlobalSecret to avoid leaking information about the secret
|
||||||
|
+ //
|
||||||
|
Status = PseudoRandomU32 (&Random);
|
||||||
|
if (EFI_ERROR (Status)) {
|
||||||
|
DEBUG ((DEBUG_ERROR, "%a Failed to generate random number: %r\n", __func__, Status));
|
||||||
|
@@ -207,9 +230,8 @@ TcpDriverEntryPoint (
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
- // Initialize ISS and random port.
|
||||||
|
+ // Initialize the random port.
|
||||||
|
//
|
||||||
|
- mTcpGlobalIss = Random % mTcpGlobalIss;
|
||||||
|
mTcp4RandomPort = (UINT16)(TCP_PORT_KNOWN + (Random % TCP_PORT_KNOWN));
|
||||||
|
mTcp6RandomPort = mTcp4RandomPort;
|
||||||
|
|
||||||
|
@@ -224,6 +246,8 @@ TcpDriverEntryPoint (
|
||||||
|
@param[in] IpVersion IP_VERSION_4 or IP_VERSION_6.
|
||||||
|
|
||||||
|
@retval EFI_OUT_OF_RESOURCES Failed to allocate some resources.
|
||||||
|
+ @retval EFI_UNSUPPORTED Service Binding Protocols are unavailable.
|
||||||
|
+ @retval EFI_ALREADY_STARTED The TCP driver is already started on the controller.
|
||||||
|
@retval EFI_SUCCESS A new IP6 service binding private was created.
|
||||||
|
|
||||||
|
**/
|
||||||
|
@@ -234,11 +258,13 @@ TcpCreateService (
|
||||||
|
IN UINT8 IpVersion
|
||||||
|
)
|
||||||
|
{
|
||||||
|
- EFI_STATUS Status;
|
||||||
|
- EFI_GUID *IpServiceBindingGuid;
|
||||||
|
- EFI_GUID *TcpServiceBindingGuid;
|
||||||
|
- TCP_SERVICE_DATA *TcpServiceData;
|
||||||
|
- IP_IO_OPEN_DATA OpenData;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ EFI_GUID *IpServiceBindingGuid;
|
||||||
|
+ EFI_GUID *TcpServiceBindingGuid;
|
||||||
|
+ TCP_SERVICE_DATA *TcpServiceData;
|
||||||
|
+ IP_IO_OPEN_DATA OpenData;
|
||||||
|
+ EFI_SERVICE_BINDING_PROTOCOL *Hash2ServiceBinding;
|
||||||
|
+ EFI_HASH2_PROTOCOL *Hash2Protocol;
|
||||||
|
|
||||||
|
if (IpVersion == IP_VERSION_4) {
|
||||||
|
IpServiceBindingGuid = &gEfiIp4ServiceBindingProtocolGuid;
|
||||||
|
@@ -272,6 +298,33 @@ TcpCreateService (
|
||||||
|
return EFI_UNSUPPORTED;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ Status = gBS->LocateProtocol (&gEfiHash2ProtocolGuid, NULL, (VOID **)&Hash2Protocol);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ //
|
||||||
|
+ // If we can't find the Hashing protocol, then we need to create one.
|
||||||
|
+ //
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Platform is expected to publish the hash service binding protocol to support TCP.
|
||||||
|
+ //
|
||||||
|
+ Status = gBS->LocateProtocol (
|
||||||
|
+ &gEfiHash2ServiceBindingProtocolGuid,
|
||||||
|
+ NULL,
|
||||||
|
+ (VOID **)&Hash2ServiceBinding
|
||||||
|
+ );
|
||||||
|
+ if (EFI_ERROR (Status) || (Hash2ServiceBinding == NULL) || (Hash2ServiceBinding->CreateChild == NULL)) {
|
||||||
|
+ return EFI_UNSUPPORTED;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Create an instance of the hash protocol for this controller.
|
||||||
|
+ //
|
||||||
|
+ Status = Hash2ServiceBinding->CreateChild (Hash2ServiceBinding, &mHash2ServiceHandle);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ return EFI_UNSUPPORTED;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Create the TCP service data.
|
||||||
|
//
|
||||||
|
@@ -423,6 +476,7 @@ TcpDestroyService (
|
||||||
|
EFI_STATUS Status;
|
||||||
|
LIST_ENTRY *List;
|
||||||
|
TCP_DESTROY_CHILD_IN_HANDLE_BUF_CONTEXT Context;
|
||||||
|
+ EFI_SERVICE_BINDING_PROTOCOL *Hash2ServiceBinding;
|
||||||
|
|
||||||
|
ASSERT ((IpVersion == IP_VERSION_4) || (IpVersion == IP_VERSION_6));
|
||||||
|
|
||||||
|
@@ -439,6 +493,30 @@ TcpDestroyService (
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // Destroy the Hash2ServiceBinding instance if it is created by Tcp driver.
|
||||||
|
+ //
|
||||||
|
+ if (mHash2ServiceHandle != NULL) {
|
||||||
|
+ Status = gBS->LocateProtocol (
|
||||||
|
+ &gEfiHash2ServiceBindingProtocolGuid,
|
||||||
|
+ NULL,
|
||||||
|
+ (VOID **)&Hash2ServiceBinding
|
||||||
|
+ );
|
||||||
|
+ if (EFI_ERROR (Status) || (Hash2ServiceBinding == NULL) || (Hash2ServiceBinding->DestroyChild == NULL)) {
|
||||||
|
+ return EFI_UNSUPPORTED;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Destroy the instance of the hashing protocol for this controller.
|
||||||
|
+ //
|
||||||
|
+ Status = Hash2ServiceBinding->DestroyChild (Hash2ServiceBinding, &mHash2ServiceHandle);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ return EFI_UNSUPPORTED;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ mHash2ServiceHandle = NULL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
Status = gBS->OpenProtocol (
|
||||||
|
NicHandle,
|
||||||
|
ServiceBindingGuid,
|
||||||
|
diff --git a/NetworkPkg/TcpDxe/TcpDxe.inf b/NetworkPkg/TcpDxe/TcpDxe.inf
|
||||||
|
index cf5423f4c5..76de4cf9ec 100644
|
||||||
|
--- a/NetworkPkg/TcpDxe/TcpDxe.inf
|
||||||
|
+++ b/NetworkPkg/TcpDxe/TcpDxe.inf
|
||||||
|
@@ -6,6 +6,7 @@
|
||||||
|
# stack has been loaded in system. This driver supports both IPv4 and IPv6 network stack.
|
||||||
|
#
|
||||||
|
# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
|
||||||
|
+# Copyright (c) Microsoft Corporation
|
||||||
|
#
|
||||||
|
# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
#
|
||||||
|
@@ -68,7 +69,6 @@
|
||||||
|
NetLib
|
||||||
|
IpIoLib
|
||||||
|
|
||||||
|
-
|
||||||
|
[Protocols]
|
||||||
|
## SOMETIMES_CONSUMES
|
||||||
|
## SOMETIMES_PRODUCES
|
||||||
|
@@ -81,6 +81,12 @@
|
||||||
|
gEfiIp6ServiceBindingProtocolGuid ## TO_START
|
||||||
|
gEfiTcp6ProtocolGuid ## BY_START
|
||||||
|
gEfiTcp6ServiceBindingProtocolGuid ## BY_START
|
||||||
|
+ gEfiHash2ProtocolGuid ## BY_START
|
||||||
|
+ gEfiHash2ServiceBindingProtocolGuid ## BY_START
|
||||||
|
+
|
||||||
|
+[Guids]
|
||||||
|
+ gEfiHashAlgorithmMD5Guid ## CONSUMES
|
||||||
|
+ gEfiHashAlgorithmSha256Guid ## CONSUMES
|
||||||
|
|
||||||
|
[Depex]
|
||||||
|
gEfiHash2ServiceBindingProtocolGuid
|
||||||
|
diff --git a/NetworkPkg/TcpDxe/TcpFunc.h b/NetworkPkg/TcpDxe/TcpFunc.h
|
||||||
|
index 05cd3c75dc..e578b8bb29 100644
|
||||||
|
--- a/NetworkPkg/TcpDxe/TcpFunc.h
|
||||||
|
+++ b/NetworkPkg/TcpDxe/TcpFunc.h
|
||||||
|
@@ -2,7 +2,7 @@
|
||||||
|
Declaration of external functions shared in TCP driver.
|
||||||
|
|
||||||
|
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
|
-
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
**/
|
||||||
|
@@ -36,8 +36,11 @@ VOID
|
||||||
|
|
||||||
|
@param[in, out] Tcb Pointer to the TCP_CB of this TCP instance.
|
||||||
|
|
||||||
|
+ @retval EFI_SUCCESS The operation completed successfully
|
||||||
|
+ @retval others The underlying functions failed and could not complete the operation
|
||||||
|
+
|
||||||
|
**/
|
||||||
|
-VOID
|
||||||
|
+EFI_STATUS
|
||||||
|
TcpInitTcbLocal (
|
||||||
|
IN OUT TCP_CB *Tcb
|
||||||
|
);
|
||||||
|
@@ -128,17 +131,6 @@ TcpCloneTcb (
|
||||||
|
IN TCP_CB *Tcb
|
||||||
|
);
|
||||||
|
|
||||||
|
-/**
|
||||||
|
- Compute an ISS to be used by a new connection.
|
||||||
|
-
|
||||||
|
- @return The result ISS.
|
||||||
|
-
|
||||||
|
-**/
|
||||||
|
-TCP_SEQNO
|
||||||
|
-TcpGetIss (
|
||||||
|
- VOID
|
||||||
|
- );
|
||||||
|
-
|
||||||
|
/**
|
||||||
|
Get the local mss.
|
||||||
|
|
||||||
|
@@ -202,8 +194,11 @@ TcpFormatNetbuf (
|
||||||
|
@param[in, out] Tcb Pointer to the TCP_CB that wants to initiate a
|
||||||
|
connection.
|
||||||
|
|
||||||
|
+ @retval EFI_SUCCESS The operation completed successfully
|
||||||
|
+ @retval others The underlying functions failed and could not complete the operation
|
||||||
|
+
|
||||||
|
**/
|
||||||
|
-VOID
|
||||||
|
+EFI_STATUS
|
||||||
|
TcpOnAppConnect (
|
||||||
|
IN OUT TCP_CB *Tcb
|
||||||
|
);
|
||||||
|
diff --git a/NetworkPkg/TcpDxe/TcpInput.c b/NetworkPkg/TcpDxe/TcpInput.c
|
||||||
|
index 5e6c8c54ca..c0656ccd7d 100644
|
||||||
|
--- a/NetworkPkg/TcpDxe/TcpInput.c
|
||||||
|
+++ b/NetworkPkg/TcpDxe/TcpInput.c
|
||||||
|
@@ -759,6 +759,7 @@ TcpInput (
|
||||||
|
TCP_SEQNO Urg;
|
||||||
|
UINT16 Checksum;
|
||||||
|
INT32 Usable;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
|
||||||
|
ASSERT ((Version == IP_VERSION_4) || (Version == IP_VERSION_6));
|
||||||
|
|
||||||
|
@@ -908,7 +909,17 @@ TcpInput (
|
||||||
|
Tcb->LocalEnd.Port = Head->DstPort;
|
||||||
|
Tcb->RemoteEnd.Port = Head->SrcPort;
|
||||||
|
|
||||||
|
- TcpInitTcbLocal (Tcb);
|
||||||
|
+ Status = TcpInitTcbLocal (Tcb);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG (
|
||||||
|
+ (DEBUG_ERROR,
|
||||||
|
+ "TcpInput: discard a segment because failed to init local end for TCB %p\n",
|
||||||
|
+ Tcb)
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+ goto DISCARD;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
TcpInitTcbPeer (Tcb, Seg, &Option);
|
||||||
|
|
||||||
|
TcpSetState (Tcb, TCP_SYN_RCVD);
|
||||||
|
diff --git a/NetworkPkg/TcpDxe/TcpMain.h b/NetworkPkg/TcpDxe/TcpMain.h
|
||||||
|
index 0709298bbf..3fa572d3d4 100644
|
||||||
|
--- a/NetworkPkg/TcpDxe/TcpMain.h
|
||||||
|
+++ b/NetworkPkg/TcpDxe/TcpMain.h
|
||||||
|
@@ -3,6 +3,7 @@
|
||||||
|
It is the common head file for all Tcp*.c in TCP driver.
|
||||||
|
|
||||||
|
Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
**/
|
||||||
|
@@ -12,6 +13,7 @@
|
||||||
|
|
||||||
|
#include <Protocol/ServiceBinding.h>
|
||||||
|
#include <Protocol/DriverBinding.h>
|
||||||
|
+#include <Protocol/Hash2.h>
|
||||||
|
#include <Library/IpIoLib.h>
|
||||||
|
#include <Library/DevicePathLib.h>
|
||||||
|
#include <Library/PrintLib.h>
|
||||||
|
@@ -30,7 +32,7 @@ extern EFI_UNICODE_STRING_TABLE *gTcpControllerNameTable;
|
||||||
|
|
||||||
|
extern LIST_ENTRY mTcpRunQue;
|
||||||
|
extern LIST_ENTRY mTcpListenQue;
|
||||||
|
-extern TCP_SEQNO mTcpGlobalIss;
|
||||||
|
+extern TCP_SEQNO mTcpGlobalSecret;
|
||||||
|
extern UINT32 mTcpTick;
|
||||||
|
|
||||||
|
///
|
||||||
|
@@ -44,15 +46,6 @@ extern UINT32 mTcpTick;
|
||||||
|
|
||||||
|
#define TCP_EXPIRE_TIME 65535
|
||||||
|
|
||||||
|
-///
|
||||||
|
-/// The implementation selects the initial send sequence number and the unit to
|
||||||
|
-/// be added when it is increased.
|
||||||
|
-///
|
||||||
|
-#define TCP_BASE_ISS 0x4d7e980b
|
||||||
|
-#define TCP_ISS_INCREMENT_1 2048
|
||||||
|
-#define TCP_ISS_INCREMENT_2 100
|
||||||
|
-
|
||||||
|
-
|
||||||
|
typedef union {
|
||||||
|
EFI_TCP4_CONFIG_DATA Tcp4CfgData;
|
||||||
|
EFI_TCP6_CONFIG_DATA Tcp6CfgData;
|
||||||
|
@@ -774,4 +767,50 @@ Tcp6Poll (
|
||||||
|
IN EFI_TCP6_PROTOCOL *This
|
||||||
|
);
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ Retrieves the Initial Sequence Number (ISN) for a TCP connection identified by local
|
||||||
|
+ and remote IP addresses and ports.
|
||||||
|
+
|
||||||
|
+ This method is based on https://datatracker.ietf.org/doc/html/rfc9293#section-3.4.1
|
||||||
|
+ Where the ISN is computed as follows:
|
||||||
|
+ ISN = TimeStamp + MD5(LocalIP, LocalPort, RemoteIP, RemotePort, Secret)
|
||||||
|
+
|
||||||
|
+ Otherwise:
|
||||||
|
+ ISN = M + F(localip, localport, remoteip, remoteport, secretkey)
|
||||||
|
+
|
||||||
|
+ "Here M is the 4 microsecond timer, and F() is a pseudorandom function (PRF) of the
|
||||||
|
+ connection's identifying parameters ("localip, localport, remoteip, remoteport")
|
||||||
|
+ and a secret key ("secretkey") (SHLD-1). F() MUST NOT be computable from the
|
||||||
|
+ outside (MUST-9), or an attacker could still guess at sequence numbers from the
|
||||||
|
+ ISN used for some other connection. The PRF could be implemented as a
|
||||||
|
+ cryptographic hash of the concatenation of the TCP connection parameters and some
|
||||||
|
+ secret data. For discussion of the selection of a specific hash algorithm and
|
||||||
|
+ management of the secret key data."
|
||||||
|
+
|
||||||
|
+ @param[in] LocalIp A pointer to the local IP address of the TCP connection.
|
||||||
|
+ @param[in] LocalIpSize The size, in bytes, of the LocalIp buffer.
|
||||||
|
+ @param[in] LocalPort The local port number of the TCP connection.
|
||||||
|
+ @param[in] RemoteIp A pointer to the remote IP address of the TCP connection.
|
||||||
|
+ @param[in] RemoteIpSize The size, in bytes, of the RemoteIp buffer.
|
||||||
|
+ @param[in] RemotePort The remote port number of the TCP connection.
|
||||||
|
+ @param[out] Isn A pointer to the variable that will receive the Initial
|
||||||
|
+ Sequence Number (ISN).
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS The operation completed successfully, and the ISN was
|
||||||
|
+ retrieved.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER One or more of the input parameters are invalid.
|
||||||
|
+ @retval EFI_UNSUPPORTED The operation is not supported.
|
||||||
|
+
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+TcpGetIsn (
|
||||||
|
+ IN UINT8 *LocalIp,
|
||||||
|
+ IN UINTN LocalIpSize,
|
||||||
|
+ IN UINT16 LocalPort,
|
||||||
|
+ IN UINT8 *RemoteIp,
|
||||||
|
+ IN UINTN RemoteIpSize,
|
||||||
|
+ IN UINT16 RemotePort,
|
||||||
|
+ OUT TCP_SEQNO *Isn
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
#endif
|
||||||
|
diff --git a/NetworkPkg/TcpDxe/TcpMisc.c b/NetworkPkg/TcpDxe/TcpMisc.c
|
||||||
|
index 3fa9d90d9f..42dc9fa941 100644
|
||||||
|
--- a/NetworkPkg/TcpDxe/TcpMisc.c
|
||||||
|
+++ b/NetworkPkg/TcpDxe/TcpMisc.c
|
||||||
|
@@ -3,6 +3,7 @@
|
||||||
|
|
||||||
|
(C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR>
|
||||||
|
Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.<BR>
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
**/
|
||||||
|
@@ -19,7 +20,34 @@ LIST_ENTRY mTcpListenQue = {
|
||||||
|
&mTcpListenQue
|
||||||
|
};
|
||||||
|
|
||||||
|
-TCP_SEQNO mTcpGlobalIss = TCP_BASE_ISS;
|
||||||
|
+//
|
||||||
|
+// The Session secret
|
||||||
|
+// This must be initialized to a random value at boot time
|
||||||
|
+//
|
||||||
|
+TCP_SEQNO mTcpGlobalSecret;
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// Union to hold either an IPv4 or IPv6 address
|
||||||
|
+// This is used to simplify the ISN hash computation
|
||||||
|
+//
|
||||||
|
+typedef union {
|
||||||
|
+ UINT8 IPv4[4];
|
||||||
|
+ UINT8 IPv6[16];
|
||||||
|
+} NETWORK_ADDRESS;
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// The ISN is computed by hashing this structure
|
||||||
|
+// It is initialized with the local and remote IP addresses and ports
|
||||||
|
+// and the secret
|
||||||
|
+//
|
||||||
|
+//
|
||||||
|
+typedef struct {
|
||||||
|
+ UINT16 LocalPort;
|
||||||
|
+ UINT16 RemotePort;
|
||||||
|
+ NETWORK_ADDRESS LocalAddress;
|
||||||
|
+ NETWORK_ADDRESS RemoteAddress;
|
||||||
|
+ TCP_SEQNO Secret;
|
||||||
|
+} ISN_HASH_CTX;
|
||||||
|
|
||||||
|
CHAR16 *mTcpStateName[] = {
|
||||||
|
L"TCP_CLOSED",
|
||||||
|
@@ -40,12 +68,18 @@ CHAR16 *mTcpStateName[] = {
|
||||||
|
|
||||||
|
@param[in, out] Tcb Pointer to the TCP_CB of this TCP instance.
|
||||||
|
|
||||||
|
+ @retval EFI_SUCCESS The operation completed successfully
|
||||||
|
+ @retval others The underlying functions failed and could not complete the operation
|
||||||
|
+
|
||||||
|
**/
|
||||||
|
-VOID
|
||||||
|
+EFI_STATUS
|
||||||
|
TcpInitTcbLocal (
|
||||||
|
IN OUT TCP_CB *Tcb
|
||||||
|
)
|
||||||
|
{
|
||||||
|
+ TCP_SEQNO Isn;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Compute the checksum of the fixed parts of pseudo header
|
||||||
|
//
|
||||||
|
@@ -56,6 +90,16 @@ TcpInitTcbLocal (
|
||||||
|
0x06,
|
||||||
|
0
|
||||||
|
);
|
||||||
|
+
|
||||||
|
+ Status = TcpGetIsn (
|
||||||
|
+ Tcb->LocalEnd.Ip.v4.Addr,
|
||||||
|
+ sizeof (IPv4_ADDRESS),
|
||||||
|
+ Tcb->LocalEnd.Port,
|
||||||
|
+ Tcb->RemoteEnd.Ip.v4.Addr,
|
||||||
|
+ sizeof (IPv4_ADDRESS),
|
||||||
|
+ Tcb->RemoteEnd.Port,
|
||||||
|
+ &Isn
|
||||||
|
+ );
|
||||||
|
} else {
|
||||||
|
Tcb->HeadSum = NetIp6PseudoHeadChecksum (
|
||||||
|
&Tcb->LocalEnd.Ip.v6,
|
||||||
|
@@ -63,9 +107,25 @@ TcpInitTcbLocal (
|
||||||
|
0x06,
|
||||||
|
0
|
||||||
|
);
|
||||||
|
+
|
||||||
|
+ Status = TcpGetIsn (
|
||||||
|
+ Tcb->LocalEnd.Ip.v6.Addr,
|
||||||
|
+ sizeof (IPv6_ADDRESS),
|
||||||
|
+ Tcb->LocalEnd.Port,
|
||||||
|
+ Tcb->RemoteEnd.Ip.v6.Addr,
|
||||||
|
+ sizeof (IPv6_ADDRESS),
|
||||||
|
+ Tcb->RemoteEnd.Port,
|
||||||
|
+ &Isn
|
||||||
|
+ );
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_ERROR, "TcpInitTcbLocal: failed to get isn\n"));
|
||||||
|
+ ASSERT (FALSE);
|
||||||
|
+ return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
- Tcb->Iss = TcpGetIss ();
|
||||||
|
+ Tcb->Iss = Isn;
|
||||||
|
Tcb->SndUna = Tcb->Iss;
|
||||||
|
Tcb->SndNxt = Tcb->Iss;
|
||||||
|
|
||||||
|
@@ -81,6 +141,8 @@ TcpInitTcbLocal (
|
||||||
|
Tcb->RetxmitSeqMax = 0;
|
||||||
|
|
||||||
|
Tcb->ProbeTimerOn = FALSE;
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
@@ -505,18 +567,162 @@ TcpCloneTcb (
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
- Compute an ISS to be used by a new connection.
|
||||||
|
-
|
||||||
|
- @return The resulting ISS.
|
||||||
|
+ Retrieves the Initial Sequence Number (ISN) for a TCP connection identified by local
|
||||||
|
+ and remote IP addresses and ports.
|
||||||
|
+
|
||||||
|
+ This method is based on https://datatracker.ietf.org/doc/html/rfc9293#section-3.4.1
|
||||||
|
+ Where the ISN is computed as follows:
|
||||||
|
+ ISN = TimeStamp + MD5(LocalIP, LocalPort, RemoteIP, RemotePort, Secret)
|
||||||
|
+
|
||||||
|
+ Otherwise:
|
||||||
|
+ ISN = M + F(localip, localport, remoteip, remoteport, secretkey)
|
||||||
|
+
|
||||||
|
+ "Here M is the 4 microsecond timer, and F() is a pseudorandom function (PRF) of the
|
||||||
|
+ connection's identifying parameters ("localip, localport, remoteip, remoteport")
|
||||||
|
+ and a secret key ("secretkey") (SHLD-1). F() MUST NOT be computable from the
|
||||||
|
+ outside (MUST-9), or an attacker could still guess at sequence numbers from the
|
||||||
|
+ ISN used for some other connection. The PRF could be implemented as a
|
||||||
|
+ cryptographic hash of the concatenation of the TCP connection parameters and some
|
||||||
|
+ secret data. For discussion of the selection of a specific hash algorithm and
|
||||||
|
+ management of the secret key data."
|
||||||
|
+
|
||||||
|
+ @param[in] LocalIp A pointer to the local IP address of the TCP connection.
|
||||||
|
+ @param[in] LocalIpSize The size, in bytes, of the LocalIp buffer.
|
||||||
|
+ @param[in] LocalPort The local port number of the TCP connection.
|
||||||
|
+ @param[in] RemoteIp A pointer to the remote IP address of the TCP connection.
|
||||||
|
+ @param[in] RemoteIpSize The size, in bytes, of the RemoteIp buffer.
|
||||||
|
+ @param[in] RemotePort The remote port number of the TCP connection.
|
||||||
|
+ @param[out] Isn A pointer to the variable that will receive the Initial
|
||||||
|
+ Sequence Number (ISN).
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS The operation completed successfully, and the ISN was
|
||||||
|
+ retrieved.
|
||||||
|
+ @retval EFI_INVALID_PARAMETER One or more of the input parameters are invalid.
|
||||||
|
+ @retval EFI_UNSUPPORTED The operation is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
-TCP_SEQNO
|
||||||
|
-TcpGetIss (
|
||||||
|
- VOID
|
||||||
|
+EFI_STATUS
|
||||||
|
+TcpGetIsn (
|
||||||
|
+ IN UINT8 *LocalIp,
|
||||||
|
+ IN UINTN LocalIpSize,
|
||||||
|
+ IN UINT16 LocalPort,
|
||||||
|
+ IN UINT8 *RemoteIp,
|
||||||
|
+ IN UINTN RemoteIpSize,
|
||||||
|
+ IN UINT16 RemotePort,
|
||||||
|
+ OUT TCP_SEQNO *Isn
|
||||||
|
)
|
||||||
|
{
|
||||||
|
- mTcpGlobalIss += TCP_ISS_INCREMENT_1;
|
||||||
|
- return mTcpGlobalIss;
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+ EFI_HASH2_PROTOCOL *Hash2Protocol;
|
||||||
|
+ EFI_HASH2_OUTPUT HashResult;
|
||||||
|
+ ISN_HASH_CTX IsnHashCtx;
|
||||||
|
+ EFI_TIME TimeStamp;
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Check that the ISN pointer is valid
|
||||||
|
+ //
|
||||||
|
+ if (Isn == NULL) {
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // The local ip may be a v4 or v6 address and may not be NULL
|
||||||
|
+ //
|
||||||
|
+ if ((LocalIp == NULL) || (LocalIpSize == 0) || (RemoteIp == NULL) || (RemoteIpSize == 0)) {
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // the local ip may be a v4 or v6 address
|
||||||
|
+ //
|
||||||
|
+ if ((LocalIpSize != sizeof (EFI_IPv4_ADDRESS)) && (LocalIpSize != sizeof (EFI_IPv6_ADDRESS))) {
|
||||||
|
+ return EFI_INVALID_PARAMETER;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Locate the Hash Protocol
|
||||||
|
+ //
|
||||||
|
+ Status = gBS->LocateProtocol (&gEfiHash2ProtocolGuid, NULL, (VOID **)&Hash2Protocol);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_NET, "Failed to locate Hash Protocol: %r\n", Status));
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // TcpCreateService(..) is expected to be called prior to this function
|
||||||
|
+ //
|
||||||
|
+ ASSERT_EFI_ERROR (Status);
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Initialize the hash algorithm
|
||||||
|
+ //
|
||||||
|
+ Status = Hash2Protocol->HashInit (Hash2Protocol, &gEfiHashAlgorithmSha256Guid);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_NET, "Failed to initialize sha256 hash algorithm: %r\n", Status));
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ IsnHashCtx.LocalPort = LocalPort;
|
||||||
|
+ IsnHashCtx.RemotePort = RemotePort;
|
||||||
|
+ IsnHashCtx.Secret = mTcpGlobalSecret;
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Check the IP address family and copy accordingly
|
||||||
|
+ //
|
||||||
|
+ if (LocalIpSize == sizeof (EFI_IPv4_ADDRESS)) {
|
||||||
|
+ CopyMem (&IsnHashCtx.LocalAddress.IPv4, LocalIp, LocalIpSize);
|
||||||
|
+ } else if (LocalIpSize == sizeof (EFI_IPv6_ADDRESS)) {
|
||||||
|
+ CopyMem (&IsnHashCtx.LocalAddress.IPv6, LocalIp, LocalIpSize);
|
||||||
|
+ } else {
|
||||||
|
+ return EFI_INVALID_PARAMETER; // Unsupported address size
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Repeat the process for the remote IP address
|
||||||
|
+ //
|
||||||
|
+ if (RemoteIpSize == sizeof (EFI_IPv4_ADDRESS)) {
|
||||||
|
+ CopyMem (&IsnHashCtx.RemoteAddress.IPv4, RemoteIp, RemoteIpSize);
|
||||||
|
+ } else if (RemoteIpSize == sizeof (EFI_IPv6_ADDRESS)) {
|
||||||
|
+ CopyMem (&IsnHashCtx.RemoteAddress.IPv6, RemoteIp, RemoteIpSize);
|
||||||
|
+ } else {
|
||||||
|
+ return EFI_INVALID_PARAMETER; // Unsupported address size
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Compute the hash
|
||||||
|
+ // Update the hash with the data
|
||||||
|
+ //
|
||||||
|
+ Status = Hash2Protocol->HashUpdate (Hash2Protocol, (UINT8 *)&IsnHashCtx, sizeof (IsnHashCtx));
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_NET, "Failed to update hash: %r\n", Status));
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Finalize the hash and retrieve the result
|
||||||
|
+ //
|
||||||
|
+ Status = Hash2Protocol->HashFinal (Hash2Protocol, &HashResult);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ DEBUG ((DEBUG_NET, "Failed to finalize hash: %r\n", Status));
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ Status = gRT->GetTime (&TimeStamp, NULL);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // copy the first 4 bytes of the hash result into the ISN
|
||||||
|
+ //
|
||||||
|
+ CopyMem (Isn, HashResult.Md5Hash, sizeof (*Isn));
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // now add the timestamp to the ISN as 4 microseconds units (1000 / 4 = 250)
|
||||||
|
+ //
|
||||||
|
+ *Isn += (TCP_SEQNO)TimeStamp.Nanosecond * 250;
|
||||||
|
+
|
||||||
|
+ return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
@@ -719,17 +925,29 @@ TcpFormatNetbuf (
|
||||||
|
|
||||||
|
@param[in, out] Tcb Pointer to the TCP_CB that wants to initiate a
|
||||||
|
connection.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS The operation completed successfully
|
||||||
|
+ @retval others The underlying functions failed and could not complete the operation
|
||||||
|
+
|
||||||
|
**/
|
||||||
|
-VOID
|
||||||
|
+EFI_STATUS
|
||||||
|
TcpOnAppConnect (
|
||||||
|
IN OUT TCP_CB *Tcb
|
||||||
|
)
|
||||||
|
{
|
||||||
|
- TcpInitTcbLocal (Tcb);
|
||||||
|
+ EFI_STATUS Status;
|
||||||
|
+
|
||||||
|
+ Status = TcpInitTcbLocal (Tcb);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ return Status;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
TcpSetState (Tcb, TCP_SYN_SENT);
|
||||||
|
|
||||||
|
TcpSetTimer (Tcb, TCP_TIMER_CONNECT, Tcb->ConnectTimeout);
|
||||||
|
TcpToSendData (Tcb, 1);
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
diff --git a/NetworkPkg/TcpDxe/TcpTimer.c b/NetworkPkg/TcpDxe/TcpTimer.c
|
||||||
|
index 106d9470db..535d09d342 100644
|
||||||
|
--- a/NetworkPkg/TcpDxe/TcpTimer.c
|
||||||
|
+++ b/NetworkPkg/TcpDxe/TcpTimer.c
|
||||||
|
@@ -2,7 +2,7 @@
|
||||||
|
TCP timer related functions.
|
||||||
|
|
||||||
|
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
|
||||||
|
-
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
**/
|
||||||
|
@@ -497,7 +497,6 @@ TcpTickingDpc (
|
||||||
|
INT16 Index;
|
||||||
|
|
||||||
|
mTcpTick++;
|
||||||
|
- mTcpGlobalIss += TCP_ISS_INCREMENT_2;
|
||||||
|
|
||||||
|
//
|
||||||
|
// Don't use LIST_FOR_EACH, which isn't delete safe.
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,168 @@
|
|||||||
|
From 38baf93892ec464490b6fe611c23b014f574344b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 07/15] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234
|
||||||
|
Patch
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [7/15] c1baa0b2facbf0b63a90a0bfd55264af9f893098
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21850
|
||||||
|
CVE: CVE-2022-45234
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 1b53515d53d303166b2bbd31e2cc7f16fd0aecd7
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:52 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234 Patch
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4539
|
||||||
|
|
||||||
|
Bug Details:
|
||||||
|
PixieFail Bug #6
|
||||||
|
CVE-2023-45234
|
||||||
|
CVSS 8.3 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
|
||||||
|
CWE-119 Improper Restriction of Operations within the Bounds of
|
||||||
|
a Memory Buffer
|
||||||
|
|
||||||
|
Buffer overflow when processing DNS Servers option in a DHCPv6
|
||||||
|
Advertise message
|
||||||
|
|
||||||
|
Change Overview:
|
||||||
|
|
||||||
|
Introduces a function to cache the Dns Server and perform sanitizing
|
||||||
|
on the incoming DnsServerLen to ensure that the length is valid
|
||||||
|
|
||||||
|
> + EFI_STATUS
|
||||||
|
> + PxeBcCacheDnsServerAddresses (
|
||||||
|
> + IN PXEBC_PRIVATE_DATA *Private,
|
||||||
|
> + IN PXEBC_DHCP6_PACKET_CACHE *Cache6
|
||||||
|
> + )
|
||||||
|
|
||||||
|
Additional code cleanup
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c | 71 +++++++++++++++++++++++++---
|
||||||
|
1 file changed, 65 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
index 425e0cf806..2b2d372889 100644
|
||||||
|
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
@@ -3,6 +3,7 @@
|
||||||
|
|
||||||
|
(C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR>
|
||||||
|
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
|
||||||
|
@@ -1312,6 +1313,65 @@ PxeBcSelectDhcp6Offer (
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ Cache the DHCPv6 DNS Server addresses
|
||||||
|
+
|
||||||
|
+ @param[in] Private The pointer to PXEBC_PRIVATE_DATA.
|
||||||
|
+ @param[in] Cache6 The pointer to PXEBC_DHCP6_PACKET_CACHE.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Cache the DHCPv6 DNS Server address successfully.
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
|
||||||
|
+ @retval EFI_DEVICE_ERROR The DNS Server Address Length provided by a untrusted
|
||||||
|
+ option is not a multiple of 16 bytes (sizeof (EFI_IPv6_ADDRESS)).
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+PxeBcCacheDnsServerAddresses (
|
||||||
|
+ IN PXEBC_PRIVATE_DATA *Private,
|
||||||
|
+ IN PXEBC_DHCP6_PACKET_CACHE *Cache6
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ UINT16 DnsServerLen;
|
||||||
|
+
|
||||||
|
+ DnsServerLen = NTOHS (Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen);
|
||||||
|
+ //
|
||||||
|
+ // Make sure that the number is nonzero
|
||||||
|
+ //
|
||||||
|
+ if (DnsServerLen == 0) {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Make sure the DnsServerlen is a multiple of EFI_IPv6_ADDRESS (16)
|
||||||
|
+ //
|
||||||
|
+ if (DnsServerLen % sizeof (EFI_IPv6_ADDRESS) != 0) {
|
||||||
|
+ return EFI_DEVICE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // This code is currently written to only support a single DNS Server instead
|
||||||
|
+ // of multiple such as is spec defined (RFC3646, Section 3). The proper behavior
|
||||||
|
+ // would be to allocate the full space requested, CopyMem all of the data,
|
||||||
|
+ // and then add a DnsServerCount field to Private and update additional code
|
||||||
|
+ // that depends on this.
|
||||||
|
+ //
|
||||||
|
+ // To support multiple DNS servers the `AllocationSize` would need to be changed to DnsServerLen
|
||||||
|
+ //
|
||||||
|
+ // This is tracked in https://bugzilla.tianocore.org/show_bug.cgi?id=1886
|
||||||
|
+ //
|
||||||
|
+ Private->DnsServer = AllocateZeroPool (sizeof (EFI_IPv6_ADDRESS));
|
||||||
|
+ if (Private->DnsServer == NULL) {
|
||||||
|
+ return EFI_OUT_OF_RESOURCES;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Intentionally only copy over the first server address.
|
||||||
|
+ // To support multiple DNS servers, the `Length` would need to be changed to DnsServerLen
|
||||||
|
+ //
|
||||||
|
+ CopyMem (Private->DnsServer, Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->Data, sizeof (EFI_IPv6_ADDRESS));
|
||||||
|
+
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
Handle the DHCPv6 offer packet.
|
||||||
|
|
||||||
|
@@ -1335,6 +1395,7 @@ PxeBcHandleDhcp6Offer (
|
||||||
|
UINT32 SelectIndex;
|
||||||
|
UINT32 Index;
|
||||||
|
|
||||||
|
+ ASSERT (Private != NULL);
|
||||||
|
ASSERT (Private->SelectIndex > 0);
|
||||||
|
SelectIndex = (UINT32)(Private->SelectIndex - 1);
|
||||||
|
ASSERT (SelectIndex < PXEBC_OFFER_MAX_NUM);
|
||||||
|
@@ -1342,15 +1403,13 @@ PxeBcHandleDhcp6Offer (
|
||||||
|
Status = EFI_SUCCESS;
|
||||||
|
|
||||||
|
//
|
||||||
|
- // First try to cache DNS server address if DHCP6 offer provides.
|
||||||
|
+ // First try to cache DNS server addresses if DHCP6 offer provides.
|
||||||
|
//
|
||||||
|
if (Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] != NULL) {
|
||||||
|
- Private->DnsServer = AllocateZeroPool (NTOHS (Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen));
|
||||||
|
- if (Private->DnsServer == NULL) {
|
||||||
|
- return EFI_OUT_OF_RESOURCES;
|
||||||
|
+ Status = PxeBcCacheDnsServerAddresses (Private, Cache6);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ return Status;
|
||||||
|
}
|
||||||
|
-
|
||||||
|
- CopyMem (Private->DnsServer, Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->Data, sizeof (EFI_IPv6_ADDRESS));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (Cache6->OfferType == PxeOfferTypeDhcpBinl) {
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,511 @@
|
|||||||
|
From fd1bc6ff10a45123b0ec7f9ae3354ad3713bc532 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 08/15] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234
|
||||||
|
Unit Tests
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [8/15] f88ebc7fa79ce4fe615dd79c42fedee0a0da7a0b
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21850
|
||||||
|
CVE: CVE-2022-45234
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit 458c582685fc0e8057d2511c5a0394078d988c17
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:53 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234 Unit Tests
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4539
|
||||||
|
|
||||||
|
Unit tests to that the bug..
|
||||||
|
|
||||||
|
Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise
|
||||||
|
message
|
||||||
|
|
||||||
|
..has been patched
|
||||||
|
|
||||||
|
This contains tests for the following functions:
|
||||||
|
PxeBcHandleDhcp6Offer
|
||||||
|
PxeBcCacheDnsServerAddresses
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Test/NetworkPkgHostTest.dsc | 1 +
|
||||||
|
.../GoogleTest/PxeBcDhcp6GoogleTest.cpp | 300 ++++++++++++++++++
|
||||||
|
.../GoogleTest/PxeBcDhcp6GoogleTest.h | 50 +++
|
||||||
|
.../GoogleTest/UefiPxeBcDxeGoogleTest.cpp | 19 ++
|
||||||
|
.../GoogleTest/UefiPxeBcDxeGoogleTest.inf | 48 +++
|
||||||
|
5 files changed, 418 insertions(+)
|
||||||
|
create mode 100644 NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||||
|
create mode 100644 NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||||
|
create mode 100644 NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.cpp
|
||||||
|
create mode 100644 NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
index ab7c2857b6..c8a991e5c1 100644
|
||||||
|
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
@@ -26,6 +26,7 @@
|
||||||
|
#
|
||||||
|
NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
+ NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
|
||||||
|
|
||||||
|
# Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests.
|
||||||
|
[LibraryClasses]
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..8260eeee50
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||||
|
@@ -0,0 +1,300 @@
|
||||||
|
+/** @file
|
||||||
|
+ Host based unit test for PxeBcDhcp6.c.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+#include <gtest/gtest.h>
|
||||||
|
+
|
||||||
|
+extern "C" {
|
||||||
|
+ #include <Uefi.h>
|
||||||
|
+ #include <Library/BaseLib.h>
|
||||||
|
+ #include <Library/DebugLib.h>
|
||||||
|
+ #include "../PxeBcImpl.h"
|
||||||
|
+ #include "../PxeBcDhcp6.h"
|
||||||
|
+ #include "PxeBcDhcp6GoogleTest.h"
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Definitions
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+#define PACKET_SIZE (1500)
|
||||||
|
+
|
||||||
|
+typedef struct {
|
||||||
|
+ UINT16 OptionCode; // The option code for DHCP6_OPT_SERVER_ID (e.g., 0x03)
|
||||||
|
+ UINT16 OptionLen; // The length of the option (e.g., 16 bytes)
|
||||||
|
+ UINT8 ServerId[16]; // The 16-byte DHCPv6 Server Identifier
|
||||||
|
+} DHCP6_OPTION_SERVER_ID;
|
||||||
|
+
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+/// Symbol Definitions
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+EFI_STATUS
|
||||||
|
+MockUdpWrite (
|
||||||
|
+ IN EFI_PXE_BASE_CODE_PROTOCOL *This,
|
||||||
|
+ IN UINT16 OpFlags,
|
||||||
|
+ IN EFI_IP_ADDRESS *DestIp,
|
||||||
|
+ IN EFI_PXE_BASE_CODE_UDP_PORT *DestPort,
|
||||||
|
+ IN EFI_IP_ADDRESS *GatewayIp OPTIONAL,
|
||||||
|
+ IN EFI_IP_ADDRESS *SrcIp OPTIONAL,
|
||||||
|
+ IN OUT EFI_PXE_BASE_CODE_UDP_PORT *SrcPort OPTIONAL,
|
||||||
|
+ IN UINTN *HeaderSize OPTIONAL,
|
||||||
|
+ IN VOID *HeaderPtr OPTIONAL,
|
||||||
|
+ IN UINTN *BufferSize,
|
||||||
|
+ IN VOID *BufferPtr
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+EFI_STATUS
|
||||||
|
+MockUdpRead (
|
||||||
|
+ IN EFI_PXE_BASE_CODE_PROTOCOL *This,
|
||||||
|
+ IN UINT16 OpFlags,
|
||||||
|
+ IN OUT EFI_IP_ADDRESS *DestIp OPTIONAL,
|
||||||
|
+ IN OUT EFI_PXE_BASE_CODE_UDP_PORT *DestPort OPTIONAL,
|
||||||
|
+ IN OUT EFI_IP_ADDRESS *SrcIp OPTIONAL,
|
||||||
|
+ IN OUT EFI_PXE_BASE_CODE_UDP_PORT *SrcPort OPTIONAL,
|
||||||
|
+ IN UINTN *HeaderSize OPTIONAL,
|
||||||
|
+ IN VOID *HeaderPtr OPTIONAL,
|
||||||
|
+ IN OUT UINTN *BufferSize,
|
||||||
|
+ IN VOID *BufferPtr
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+EFI_STATUS
|
||||||
|
+MockConfigure (
|
||||||
|
+ IN EFI_UDP6_PROTOCOL *This,
|
||||||
|
+ IN EFI_UDP6_CONFIG_DATA *UdpConfigData OPTIONAL
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Needed by PxeBcSupport
|
||||||
|
+EFI_STATUS
|
||||||
|
+EFIAPI
|
||||||
|
+QueueDpc (
|
||||||
|
+ IN EFI_TPL DpcTpl,
|
||||||
|
+ IN EFI_DPC_PROCEDURE DpcProcedure,
|
||||||
|
+ IN VOID *DpcContext OPTIONAL
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// PxeBcHandleDhcp6OfferTest Tests
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+class PxeBcHandleDhcp6OfferTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ PXEBC_PRIVATE_DATA Private = { 0 };
|
||||||
|
+ EFI_UDP6_PROTOCOL Udp6Read;
|
||||||
|
+ EFI_PXE_BASE_CODE_MODE Mode = { 0 };
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ Private.Dhcp6Request = (EFI_DHCP6_PACKET *)AllocateZeroPool (PACKET_SIZE);
|
||||||
|
+
|
||||||
|
+ // Need to setup the EFI_PXE_BASE_CODE_PROTOCOL
|
||||||
|
+ // The function under test really only needs the following:
|
||||||
|
+ // UdpWrite
|
||||||
|
+ // UdpRead
|
||||||
|
+
|
||||||
|
+ Private.PxeBc.UdpWrite = (EFI_PXE_BASE_CODE_UDP_WRITE)MockUdpWrite;
|
||||||
|
+ Private.PxeBc.UdpRead = (EFI_PXE_BASE_CODE_UDP_READ)MockUdpRead;
|
||||||
|
+
|
||||||
|
+ // Need to setup EFI_UDP6_PROTOCOL
|
||||||
|
+ // The function under test really only needs the following:
|
||||||
|
+ // Configure
|
||||||
|
+
|
||||||
|
+ Udp6Read.Configure = (EFI_UDP6_CONFIGURE)MockConfigure;
|
||||||
|
+ Private.Udp6Read = &Udp6Read;
|
||||||
|
+
|
||||||
|
+ // Need to setup the EFI_PXE_BASE_CODE_MODE
|
||||||
|
+ Private.PxeBc.Mode = &Mode;
|
||||||
|
+
|
||||||
|
+ // for this test it doesn't really matter what the Dhcpv6 ack is set to
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ if (Private.Dhcp6Request != NULL) {
|
||||||
|
+ FreePool (Private.Dhcp6Request);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Note:
|
||||||
|
+// Testing PxeBcHandleDhcp6Offer() is difficult because it depends on a
|
||||||
|
+// properly setup Private structure. Attempting to properly test this function
|
||||||
|
+// without a signficant refactor is a fools errand. Instead, we will test
|
||||||
|
+// that we can prevent an overflow in the function.
|
||||||
|
+TEST_F (PxeBcHandleDhcp6OfferTest, BasicUsageTest) {
|
||||||
|
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION Option = { 0 };
|
||||||
|
+
|
||||||
|
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||||
|
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||||
|
+
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = &Option;
|
||||||
|
+ // Setup the DHCPv6 offer packet
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpCode = DHCP6_OPT_SERVER_ID;
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen = NTOHS (1337);
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcHandleDhcp6Offer (&(PxeBcHandleDhcp6OfferTest::Private)), EFI_DEVICE_ERROR);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+class PxeBcCacheDnsServerAddressesTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ PXEBC_PRIVATE_DATA Private = { 0 };
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Test that we cache the DNS server address from the DHCPv6 offer packet
|
||||||
|
+TEST_F (PxeBcCacheDnsServerAddressesTest, BasicUsageTest) {
|
||||||
|
+ UINT8 SearchPattern[16] = { 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF };
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION *Option;
|
||||||
|
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||||
|
+
|
||||||
|
+ Option = (EFI_DHCP6_PACKET_OPTION *)AllocateZeroPool (sizeof (EFI_DHCP6_PACKET_OPTION) + sizeof (SearchPattern));
|
||||||
|
+ ASSERT_NE (Option, nullptr);
|
||||||
|
+
|
||||||
|
+ Option->OpCode = DHCP6_OPT_SERVER_ID;
|
||||||
|
+ Option->OpLen = NTOHS (sizeof (SearchPattern));
|
||||||
|
+ CopyMem (Option->Data, SearchPattern, sizeof (SearchPattern));
|
||||||
|
+
|
||||||
|
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||||
|
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = Option;
|
||||||
|
+
|
||||||
|
+ Private.DnsServer = nullptr;
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcCacheDnsServerAddresses (&(PxeBcCacheDnsServerAddressesTest::Private), Cache6), EFI_SUCCESS);
|
||||||
|
+ ASSERT_NE (Private.DnsServer, nullptr);
|
||||||
|
+ ASSERT_EQ (CompareMem (Private.DnsServer, SearchPattern, sizeof (SearchPattern)), 0);
|
||||||
|
+
|
||||||
|
+ if (Private.DnsServer) {
|
||||||
|
+ FreePool (Private.DnsServer);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (Option) {
|
||||||
|
+ FreePool (Option);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+// Test Description
|
||||||
|
+// Test that we can prevent an overflow in the function
|
||||||
|
+TEST_F (PxeBcCacheDnsServerAddressesTest, AttemptOverflowTest) {
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION Option = { 0 };
|
||||||
|
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||||
|
+
|
||||||
|
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||||
|
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = &Option;
|
||||||
|
+ // Setup the DHCPv6 offer packet
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpCode = DHCP6_OPT_SERVER_ID;
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen = NTOHS (1337);
|
||||||
|
+
|
||||||
|
+ Private.DnsServer = NULL;
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcCacheDnsServerAddresses (&(PxeBcCacheDnsServerAddressesTest::Private), Cache6), EFI_DEVICE_ERROR);
|
||||||
|
+ ASSERT_EQ (Private.DnsServer, nullptr);
|
||||||
|
+
|
||||||
|
+ if (Private.DnsServer) {
|
||||||
|
+ FreePool (Private.DnsServer);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Test that we can prevent an underflow in the function
|
||||||
|
+TEST_F (PxeBcCacheDnsServerAddressesTest, AttemptUnderflowTest) {
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION Option = { 0 };
|
||||||
|
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||||
|
+
|
||||||
|
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||||
|
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = &Option;
|
||||||
|
+ // Setup the DHCPv6 offer packet
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpCode = DHCP6_OPT_SERVER_ID;
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen = NTOHS (2);
|
||||||
|
+
|
||||||
|
+ Private.DnsServer = NULL;
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcCacheDnsServerAddresses (&(PxeBcCacheDnsServerAddressesTest::Private), Cache6), EFI_DEVICE_ERROR);
|
||||||
|
+ ASSERT_EQ (Private.DnsServer, nullptr);
|
||||||
|
+
|
||||||
|
+ if (Private.DnsServer) {
|
||||||
|
+ FreePool (Private.DnsServer);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// Test that we can handle recursive dns (multiple dns entries)
|
||||||
|
+TEST_F (PxeBcCacheDnsServerAddressesTest, MultipleDnsEntries) {
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION Option = { 0 };
|
||||||
|
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||||
|
+
|
||||||
|
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||||
|
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = &Option;
|
||||||
|
+ // Setup the DHCPv6 offer packet
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpCode = DHCP6_OPT_SERVER_ID;
|
||||||
|
+
|
||||||
|
+ EFI_IPv6_ADDRESS addresses[2] = {
|
||||||
|
+ // 2001:db8:85a3::8a2e:370:7334
|
||||||
|
+ { 0x20, 0x01, 0x0d, 0xb8, 0x85, 0xa3, 0x00, 0x00, 0x00, 0x00, 0x8a, 0x2e, 0x03, 0x70, 0x73, 0x34 },
|
||||||
|
+ // fe80::d478:91c3:ecd7:4ff9
|
||||||
|
+ { 0xfe, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xd4, 0x78, 0x91, 0xc3, 0xec, 0xd7, 0x4f, 0xf9 }
|
||||||
|
+ };
|
||||||
|
+
|
||||||
|
+ CopyMem (Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->Data, &addresses, sizeof (addresses));
|
||||||
|
+
|
||||||
|
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen = NTOHS (sizeof (addresses));
|
||||||
|
+
|
||||||
|
+ Private.DnsServer = NULL;
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcCacheDnsServerAddresses (&(PxeBcCacheDnsServerAddressesTest::Private), Cache6), EFI_SUCCESS);
|
||||||
|
+
|
||||||
|
+ ASSERT_NE (Private.DnsServer, nullptr);
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // This is expected to fail until DnsServer supports multiple DNS servers
|
||||||
|
+ //
|
||||||
|
+ // This is tracked in https://bugzilla.tianocore.org/show_bug.cgi?id=1886
|
||||||
|
+ //
|
||||||
|
+ // Disabling:
|
||||||
|
+ // ASSERT_EQ (CompareMem(Private.DnsServer, &addresses, sizeof(addresses)), 0);
|
||||||
|
+
|
||||||
|
+ if (Private.DnsServer) {
|
||||||
|
+ FreePool (Private.DnsServer);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..b17c314791
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||||
|
@@ -0,0 +1,50 @@
|
||||||
|
+/** @file
|
||||||
|
+ This file exposes the internal interfaces which may be unit tested
|
||||||
|
+ for the PxeBcDhcp6Dxe driver.
|
||||||
|
+
|
||||||
|
+ Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+
|
||||||
|
+#ifndef PXE_BC_DHCP6_GOOGLE_TEST_H_
|
||||||
|
+#define PXE_BC_DHCP6_GOOGLE_TEST_H_
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// Minimal includes needed to compile
|
||||||
|
+//
|
||||||
|
+#include <Uefi.h>
|
||||||
|
+#include "../PxeBcImpl.h"
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Handle the DHCPv6 offer packet.
|
||||||
|
+
|
||||||
|
+ @param[in] Private The pointer to PXEBC_PRIVATE_DATA.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Handled the DHCPv6 offer packet successfully.
|
||||||
|
+ @retval EFI_NO_RESPONSE No response to the following request packet.
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
|
||||||
|
+ @retval EFI_BUFFER_TOO_SMALL Can't cache the offer pacet.
|
||||||
|
+
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+PxeBcHandleDhcp6Offer (
|
||||||
|
+ IN PXEBC_PRIVATE_DATA *Private
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ Cache the DHCPv6 Server address
|
||||||
|
+
|
||||||
|
+ @param[in] Private The pointer to PXEBC_PRIVATE_DATA.
|
||||||
|
+ @param[in] Cache6 The pointer to PXEBC_DHCP6_PACKET_CACHE.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Cache the DHCPv6 Server address successfully.
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
|
||||||
|
+ @retval EFI_DEVICE_ERROR Failed to cache the DHCPv6 Server address.
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+PxeBcCacheDnsServerAddresses (
|
||||||
|
+ IN PXEBC_PRIVATE_DATA *Private,
|
||||||
|
+ IN PXEBC_DHCP6_PACKET_CACHE *Cache6
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
+#endif // PXE_BC_DHCP6_GOOGLE_TEST_H_
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.cpp b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.cpp
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..cc4fdf525b
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.cpp
|
||||||
|
@@ -0,0 +1,19 @@
|
||||||
|
+/** @file
|
||||||
|
+ Acts as the main entry point for the tests for the UefiPxeBcDxe module.
|
||||||
|
+ Copyright (c) Microsoft Corporation
|
||||||
|
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+**/
|
||||||
|
+#include <gtest/gtest.h>
|
||||||
|
+
|
||||||
|
+////////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// Run the tests
|
||||||
|
+////////////////////////////////////////////////////////////////////////////////
|
||||||
|
+int
|
||||||
|
+main (
|
||||||
|
+ int argc,
|
||||||
|
+ char *argv[]
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ testing::InitGoogleTest (&argc, argv);
|
||||||
|
+ return RUN_ALL_TESTS ();
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000000..301dcdf611
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
|
||||||
|
@@ -0,0 +1,48 @@
|
||||||
|
+## @file
|
||||||
|
+# Unit test suite for the UefiPxeBcDxe using Google Test
|
||||||
|
+#
|
||||||
|
+# Copyright (c) Microsoft Corporation.<BR>
|
||||||
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
+##
|
||||||
|
+[Defines]
|
||||||
|
+INF_VERSION = 0x00010005
|
||||||
|
+BASE_NAME = UefiPxeBcDxeGoogleTest
|
||||||
|
+FILE_GUID = 77D45C64-EC1E-4174-887B-886E89FD1EDF
|
||||||
|
+MODULE_TYPE = HOST_APPLICATION
|
||||||
|
+VERSION_STRING = 1.0
|
||||||
|
+
|
||||||
|
+#
|
||||||
|
+# The following information is for reference only and not required by the build tools.
|
||||||
|
+#
|
||||||
|
+# VALID_ARCHITECTURES = IA32 X64
|
||||||
|
+#
|
||||||
|
+
|
||||||
|
+[Sources]
|
||||||
|
+ UefiPxeBcDxeGoogleTest.cpp
|
||||||
|
+ PxeBcDhcp6GoogleTest.cpp
|
||||||
|
+ PxeBcDhcp6GoogleTest.h
|
||||||
|
+ ../PxeBcDhcp6.c
|
||||||
|
+ ../PxeBcSupport.c
|
||||||
|
+
|
||||||
|
+[Packages]
|
||||||
|
+ MdePkg/MdePkg.dec
|
||||||
|
+ MdeModulePkg/MdeModulePkg.dec
|
||||||
|
+ UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||||
|
+ NetworkPkg/NetworkPkg.dec
|
||||||
|
+
|
||||||
|
+[LibraryClasses]
|
||||||
|
+ GoogleTestLib
|
||||||
|
+ DebugLib
|
||||||
|
+ NetLib
|
||||||
|
+ PcdLib
|
||||||
|
+
|
||||||
|
+[Protocols]
|
||||||
|
+ gEfiDhcp6ServiceBindingProtocolGuid
|
||||||
|
+ gEfiDns6ServiceBindingProtocolGuid
|
||||||
|
+ gEfiDns6ProtocolGuid
|
||||||
|
+
|
||||||
|
+[Pcd]
|
||||||
|
+ gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType
|
||||||
|
+
|
||||||
|
+[Guids]
|
||||||
|
+ gZeroGuid
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,257 @@
|
|||||||
|
From 0016db53099ba979617f376fe1104fefada4fa29 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 09/15] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235
|
||||||
|
Patch
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [9/15] c48c060b87761537ee526e1f8a9e5993eb1a0381
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21852
|
||||||
|
CVE: CVE-2022-45235
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit fac297724e6cc343430cd0104e55cd7a96d1151e
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:55 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235 Patch
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4540
|
||||||
|
|
||||||
|
Bug Details:
|
||||||
|
PixieFail Bug #7
|
||||||
|
CVE-2023-45235
|
||||||
|
CVSS 8.3 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
|
||||||
|
CWE-119 Improper Restriction of Operations within the Bounds of
|
||||||
|
a Memory Buffer
|
||||||
|
|
||||||
|
Buffer overflow when handling Server ID option from a DHCPv6 proxy
|
||||||
|
Advertise message
|
||||||
|
|
||||||
|
Change Overview:
|
||||||
|
|
||||||
|
Performs two checks
|
||||||
|
|
||||||
|
1. Checks that the length of the duid is accurate
|
||||||
|
> + //
|
||||||
|
> + // Check that the minimum and maximum requirements are met
|
||||||
|
> + //
|
||||||
|
> + if ((OpLen < PXEBC_MIN_SIZE_OF_DUID) ||
|
||||||
|
(OpLen > PXEBC_MAX_SIZE_OF_DUID)) {
|
||||||
|
> + Status = EFI_INVALID_PARAMETER;
|
||||||
|
> + goto ON_ERROR;
|
||||||
|
> + }
|
||||||
|
|
||||||
|
2. Ensures that the amount of data written to the buffer is tracked and
|
||||||
|
never exceeds that
|
||||||
|
> + //
|
||||||
|
> + // Check that the option length is valid.
|
||||||
|
> + //
|
||||||
|
> + if ((DiscoverLen + OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN)
|
||||||
|
> DiscoverLenNeeded) {
|
||||||
|
> + Status = EFI_OUT_OF_RESOURCES;
|
||||||
|
> + goto ON_ERROR;
|
||||||
|
> + }
|
||||||
|
|
||||||
|
Additional code clean up and fix for memory leak in case Option was NULL
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c | 77 ++++++++++++++++++++++------
|
||||||
|
NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h | 17 ++++++
|
||||||
|
2 files changed, 78 insertions(+), 16 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
index 2b2d372889..7fd1281c11 100644
|
||||||
|
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||||
|
@@ -887,6 +887,7 @@ PxeBcRequestBootService (
|
||||||
|
EFI_STATUS Status;
|
||||||
|
EFI_DHCP6_PACKET *IndexOffer;
|
||||||
|
UINT8 *Option;
|
||||||
|
+ UINTN DiscoverLenNeeded;
|
||||||
|
|
||||||
|
PxeBc = &Private->PxeBc;
|
||||||
|
Request = Private->Dhcp6Request;
|
||||||
|
@@ -899,7 +900,8 @@ PxeBcRequestBootService (
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
- Discover = AllocateZeroPool (sizeof (EFI_PXE_BASE_CODE_DHCPV6_PACKET));
|
||||||
|
+ DiscoverLenNeeded = sizeof (EFI_PXE_BASE_CODE_DHCPV6_PACKET);
|
||||||
|
+ Discover = AllocateZeroPool (DiscoverLenNeeded);
|
||||||
|
if (Discover == NULL) {
|
||||||
|
return EFI_OUT_OF_RESOURCES;
|
||||||
|
}
|
||||||
|
@@ -924,16 +926,34 @@ PxeBcRequestBootService (
|
||||||
|
DHCP6_OPT_SERVER_ID
|
||||||
|
);
|
||||||
|
if (Option == NULL) {
|
||||||
|
- return EFI_NOT_FOUND;
|
||||||
|
+ Status = EFI_NOT_FOUND;
|
||||||
|
+ goto ON_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Add Server ID Option.
|
||||||
|
//
|
||||||
|
OpLen = NTOHS (((EFI_DHCP6_PACKET_OPTION *)Option)->OpLen);
|
||||||
|
- CopyMem (DiscoverOpt, Option, OpLen + 4);
|
||||||
|
- DiscoverOpt += (OpLen + 4);
|
||||||
|
- DiscoverLen += (OpLen + 4);
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Check that the minimum and maximum requirements are met
|
||||||
|
+ //
|
||||||
|
+ if ((OpLen < PXEBC_MIN_SIZE_OF_DUID) || (OpLen > PXEBC_MAX_SIZE_OF_DUID)) {
|
||||||
|
+ Status = EFI_INVALID_PARAMETER;
|
||||||
|
+ goto ON_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ //
|
||||||
|
+ // Check that the option length is valid.
|
||||||
|
+ //
|
||||||
|
+ if ((DiscoverLen + OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN) > DiscoverLenNeeded) {
|
||||||
|
+ Status = EFI_OUT_OF_RESOURCES;
|
||||||
|
+ goto ON_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ CopyMem (DiscoverOpt, Option, OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ DiscoverOpt += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ DiscoverLen += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
}
|
||||||
|
|
||||||
|
while (RequestLen < Request->Length) {
|
||||||
|
@@ -944,16 +964,24 @@ PxeBcRequestBootService (
|
||||||
|
(OpCode != DHCP6_OPT_SERVER_ID)
|
||||||
|
)
|
||||||
|
{
|
||||||
|
+ //
|
||||||
|
+ // Check that the option length is valid.
|
||||||
|
+ //
|
||||||
|
+ if (DiscoverLen + OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN > DiscoverLenNeeded) {
|
||||||
|
+ Status = EFI_OUT_OF_RESOURCES;
|
||||||
|
+ goto ON_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Copy all the options except IA option and Server ID
|
||||||
|
//
|
||||||
|
- CopyMem (DiscoverOpt, RequestOpt, OpLen + 4);
|
||||||
|
- DiscoverOpt += (OpLen + 4);
|
||||||
|
- DiscoverLen += (OpLen + 4);
|
||||||
|
+ CopyMem (DiscoverOpt, RequestOpt, OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ DiscoverOpt += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ DiscoverLen += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
}
|
||||||
|
|
||||||
|
- RequestOpt += (OpLen + 4);
|
||||||
|
- RequestLen += (OpLen + 4);
|
||||||
|
+ RequestOpt += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ RequestLen += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
@@ -2154,6 +2182,7 @@ PxeBcDhcp6Discover (
|
||||||
|
UINT16 OpLen;
|
||||||
|
UINT32 Xid;
|
||||||
|
EFI_STATUS Status;
|
||||||
|
+ UINTN DiscoverLenNeeded;
|
||||||
|
|
||||||
|
PxeBc = &Private->PxeBc;
|
||||||
|
Mode = PxeBc->Mode;
|
||||||
|
@@ -2169,7 +2198,8 @@ PxeBcDhcp6Discover (
|
||||||
|
return EFI_DEVICE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
- Discover = AllocateZeroPool (sizeof (EFI_PXE_BASE_CODE_DHCPV6_PACKET));
|
||||||
|
+ DiscoverLenNeeded = sizeof (EFI_PXE_BASE_CODE_DHCPV6_PACKET);
|
||||||
|
+ Discover = AllocateZeroPool (DiscoverLenNeeded);
|
||||||
|
if (Discover == NULL) {
|
||||||
|
return EFI_OUT_OF_RESOURCES;
|
||||||
|
}
|
||||||
|
@@ -2185,22 +2215,37 @@ PxeBcDhcp6Discover (
|
||||||
|
DiscoverLen = sizeof (EFI_DHCP6_HEADER);
|
||||||
|
RequestLen = DiscoverLen;
|
||||||
|
|
||||||
|
+ //
|
||||||
|
+ // The request packet is generated by the UEFI network stack. In the DHCP4 DORA and DHCP6 SARR sequence,
|
||||||
|
+ // the first (discover in DHCP4 and solicit in DHCP6) and third (request in both DHCP4 and DHCP6) are
|
||||||
|
+ // generated by the DHCP client (the UEFI network stack in this case). By the time this function executes,
|
||||||
|
+ // the DHCP sequence already has been executed once (see UEFI Specification Figures 24.2 and 24.3), with
|
||||||
|
+ // Private->Dhcp6Request being a cached copy of the DHCP6 request packet that UEFI network stack previously
|
||||||
|
+ // generated and sent.
|
||||||
|
+ //
|
||||||
|
+ // Therefore while this code looks like it could overflow, in practice it's not possible.
|
||||||
|
+ //
|
||||||
|
while (RequestLen < Request->Length) {
|
||||||
|
OpCode = NTOHS (((EFI_DHCP6_PACKET_OPTION *)RequestOpt)->OpCode);
|
||||||
|
OpLen = NTOHS (((EFI_DHCP6_PACKET_OPTION *)RequestOpt)->OpLen);
|
||||||
|
if ((OpCode != EFI_DHCP6_IA_TYPE_NA) &&
|
||||||
|
(OpCode != EFI_DHCP6_IA_TYPE_TA))
|
||||||
|
{
|
||||||
|
+ if (DiscoverLen + OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN > DiscoverLenNeeded) {
|
||||||
|
+ Status = EFI_OUT_OF_RESOURCES;
|
||||||
|
+ goto ON_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Copy all the options except IA option.
|
||||||
|
//
|
||||||
|
- CopyMem (DiscoverOpt, RequestOpt, OpLen + 4);
|
||||||
|
- DiscoverOpt += (OpLen + 4);
|
||||||
|
- DiscoverLen += (OpLen + 4);
|
||||||
|
+ CopyMem (DiscoverOpt, RequestOpt, OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ DiscoverOpt += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ DiscoverLen += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
}
|
||||||
|
|
||||||
|
- RequestOpt += (OpLen + 4);
|
||||||
|
- RequestLen += (OpLen + 4);
|
||||||
|
+ RequestOpt += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
+ RequestLen += (OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN);
|
||||||
|
}
|
||||||
|
|
||||||
|
Status = PxeBc->UdpWrite (
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h
|
||||||
|
index ae4be775e8..47eb8cc0c0 100644
|
||||||
|
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h
|
||||||
|
@@ -35,6 +35,23 @@
|
||||||
|
#define PXEBC_ADDR_START_DELIMITER '['
|
||||||
|
#define PXEBC_ADDR_END_DELIMITER ']'
|
||||||
|
|
||||||
|
+//
|
||||||
|
+// A DUID consists of a 2-octet type code represented in network byte
|
||||||
|
+// order, followed by a variable number of octets that make up the
|
||||||
|
+// actual identifier. The length of the DUID (not including the type
|
||||||
|
+// code) is at least 1 octet and at most 128 octets.
|
||||||
|
+//
|
||||||
|
+#define PXEBC_MIN_SIZE_OF_DUID (sizeof(UINT16) + 1)
|
||||||
|
+#define PXEBC_MAX_SIZE_OF_DUID (sizeof(UINT16) + 128)
|
||||||
|
+
|
||||||
|
+//
|
||||||
|
+// This define represents the combineds code and length field from
|
||||||
|
+// https://datatracker.ietf.org/doc/html/rfc3315#section-22.1
|
||||||
|
+//
|
||||||
|
+#define PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN \
|
||||||
|
+ (sizeof (((EFI_DHCP6_PACKET_OPTION *)0)->OpCode) + \
|
||||||
|
+ sizeof (((EFI_DHCP6_PACKET_OPTION *)0)->OpLen))
|
||||||
|
+
|
||||||
|
#define GET_NEXT_DHCP6_OPTION(Opt) \
|
||||||
|
(EFI_DHCP6_PACKET_OPTION *) ((UINT8 *) (Opt) + \
|
||||||
|
sizeof (EFI_DHCP6_PACKET_OPTION) + (NTOHS ((Opt)->OpLen)) - 1)
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,409 @@
|
|||||||
|
From 80b34c0f56228353c174f9ff739d0755c62d76cf Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||||
|
Subject: [PATCH 10/15] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235
|
||||||
|
Unit Tests
|
||||||
|
|
||||||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-MergeRequest: 56: Pixiefail issues in NetworkPkg package
|
||||||
|
RH-Jira: RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852
|
||||||
|
RH-Acked-by: Gerd Hoffmann <None>
|
||||||
|
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-Commit: [10/15] 5dbf3f771506ff9a0c28827c568d04e825572658
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-21852
|
||||||
|
CVE: CVE-2022-45235
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
commit ff2986358f75d8f58ef08a66fe673539c9c48f41
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Fri Jan 26 05:54:56 2024 +0800
|
||||||
|
|
||||||
|
NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235 Unit Tests
|
||||||
|
|
||||||
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4540
|
||||||
|
|
||||||
|
Unit tests to confirm that the bug..
|
||||||
|
|
||||||
|
Buffer overflow when handling Server ID option from a DHCPv6 proxy
|
||||||
|
Advertise message
|
||||||
|
|
||||||
|
..has been patched.
|
||||||
|
|
||||||
|
This patch contains unit tests for the following functions:
|
||||||
|
PxeBcRequestBootService
|
||||||
|
PxeBcDhcp6Discover
|
||||||
|
|
||||||
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||||
|
|
||||||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
---
|
||||||
|
NetworkPkg/Test/NetworkPkgHostTest.dsc | 5 +-
|
||||||
|
.../GoogleTest/PxeBcDhcp6GoogleTest.cpp | 278 +++++++++++++++++-
|
||||||
|
.../GoogleTest/PxeBcDhcp6GoogleTest.h | 18 ++
|
||||||
|
3 files changed, 298 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
index c8a991e5c1..1010a80a15 100644
|
||||||
|
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||||
|
@@ -26,7 +26,10 @@
|
||||||
|
#
|
||||||
|
NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||||
|
NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||||
|
- NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
|
||||||
|
+ NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf {
|
||||||
|
+ <LibraryClasses>
|
||||||
|
+ UefiRuntimeServicesTableLib|MdePkg/Test/Mock/Library/GoogleTest/MockUefiRuntimeServicesTableLib/MockUefiRuntimeServicesTableLib.inf
|
||||||
|
+ }
|
||||||
|
|
||||||
|
# Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests.
|
||||||
|
[LibraryClasses]
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||||
|
index 8260eeee50..bd423ebadf 100644
|
||||||
|
--- a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||||
|
@@ -4,7 +4,9 @@
|
||||||
|
Copyright (c) Microsoft Corporation
|
||||||
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
**/
|
||||||
|
-#include <gtest/gtest.h>
|
||||||
|
+#include <Library/GoogleTestLib.h>
|
||||||
|
+#include <GoogleTest/Library/MockUefiLib.h>
|
||||||
|
+#include <GoogleTest/Library/MockUefiRuntimeServicesTableLib.h>
|
||||||
|
|
||||||
|
extern "C" {
|
||||||
|
#include <Uefi.h>
|
||||||
|
@@ -19,7 +21,8 @@ extern "C" {
|
||||||
|
// Definitions
|
||||||
|
///////////////////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
|
-#define PACKET_SIZE (1500)
|
||||||
|
+#define PACKET_SIZE (1500)
|
||||||
|
+#define REQUEST_OPTION_LENGTH (120)
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
UINT16 OptionCode; // The option code for DHCP6_OPT_SERVER_ID (e.g., 0x03)
|
||||||
|
@@ -76,6 +79,26 @@ MockConfigure (
|
||||||
|
}
|
||||||
|
|
||||||
|
// Needed by PxeBcSupport
|
||||||
|
+EFI_STATUS
|
||||||
|
+PxeBcDns6 (
|
||||||
|
+ IN PXEBC_PRIVATE_DATA *Private,
|
||||||
|
+ IN CHAR16 *HostName,
|
||||||
|
+ OUT EFI_IPv6_ADDRESS *IpAddress
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+UINT32
|
||||||
|
+PxeBcBuildDhcp6Options (
|
||||||
|
+ IN PXEBC_PRIVATE_DATA *Private,
|
||||||
|
+ OUT EFI_DHCP6_PACKET_OPTION **OptList,
|
||||||
|
+ IN UINT8 *Buffer
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ return EFI_SUCCESS;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
EFI_STATUS
|
||||||
|
EFIAPI
|
||||||
|
QueueDpc (
|
||||||
|
@@ -159,6 +182,10 @@ TEST_F (PxeBcHandleDhcp6OfferTest, BasicUsageTest) {
|
||||||
|
ASSERT_EQ (PxeBcHandleDhcp6Offer (&(PxeBcHandleDhcp6OfferTest::Private)), EFI_DEVICE_ERROR);
|
||||||
|
}
|
||||||
|
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// PxeBcCacheDnsServerAddresses Tests
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
class PxeBcCacheDnsServerAddressesTest : public ::testing::Test {
|
||||||
|
public:
|
||||||
|
PXEBC_PRIVATE_DATA Private = { 0 };
|
||||||
|
@@ -298,3 +325,250 @@ TEST_F (PxeBcCacheDnsServerAddressesTest, MultipleDnsEntries) {
|
||||||
|
FreePool (Private.DnsServer);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// PxeBcRequestBootServiceTest Test Cases
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+class PxeBcRequestBootServiceTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ PXEBC_PRIVATE_DATA Private = { 0 };
|
||||||
|
+ EFI_UDP6_PROTOCOL Udp6Read;
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ Private.Dhcp6Request = (EFI_DHCP6_PACKET *)AllocateZeroPool (PACKET_SIZE);
|
||||||
|
+
|
||||||
|
+ // Need to setup the EFI_PXE_BASE_CODE_PROTOCOL
|
||||||
|
+ // The function under test really only needs the following:
|
||||||
|
+ // UdpWrite
|
||||||
|
+ // UdpRead
|
||||||
|
+
|
||||||
|
+ Private.PxeBc.UdpWrite = (EFI_PXE_BASE_CODE_UDP_WRITE)MockUdpWrite;
|
||||||
|
+ Private.PxeBc.UdpRead = (EFI_PXE_BASE_CODE_UDP_READ)MockUdpRead;
|
||||||
|
+
|
||||||
|
+ // Need to setup EFI_UDP6_PROTOCOL
|
||||||
|
+ // The function under test really only needs the following:
|
||||||
|
+ // Configure
|
||||||
|
+
|
||||||
|
+ Udp6Read.Configure = (EFI_UDP6_CONFIGURE)MockConfigure;
|
||||||
|
+ Private.Udp6Read = &Udp6Read;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ if (Private.Dhcp6Request != NULL) {
|
||||||
|
+ FreePool (Private.Dhcp6Request);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+TEST_F (PxeBcRequestBootServiceTest, ServerDiscoverBasicUsageTest) {
|
||||||
|
+ PxeBcRequestBootServiceTest::Private.OfferBuffer[0].Dhcp6.OfferType = PxeOfferTypeProxyBinl;
|
||||||
|
+
|
||||||
|
+ DHCP6_OPTION_SERVER_ID Server = { 0 };
|
||||||
|
+
|
||||||
|
+ Server.OptionCode = HTONS (DHCP6_OPT_SERVER_ID);
|
||||||
|
+ Server.OptionLen = HTONS (16); // valid length
|
||||||
|
+ UINT8 Index = 0;
|
||||||
|
+
|
||||||
|
+ EFI_DHCP6_PACKET *Packet = (EFI_DHCP6_PACKET *)&Private.OfferBuffer[Index].Dhcp6.Packet.Offer;
|
||||||
|
+
|
||||||
|
+ UINT8 *Cursor = (UINT8 *)(Packet->Dhcp6.Option);
|
||||||
|
+
|
||||||
|
+ CopyMem (Cursor, &Server, sizeof (Server));
|
||||||
|
+ Cursor += sizeof (Server);
|
||||||
|
+
|
||||||
|
+ // Update the packet length
|
||||||
|
+ Packet->Length = (UINT16)(Cursor - (UINT8 *)Packet);
|
||||||
|
+ Packet->Size = PACKET_SIZE;
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcRequestBootService (&(PxeBcRequestBootServiceTest::Private), Index), EFI_SUCCESS);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+TEST_F (PxeBcRequestBootServiceTest, AttemptDiscoverOverFlowExpectFailure) {
|
||||||
|
+ PxeBcRequestBootServiceTest::Private.OfferBuffer[0].Dhcp6.OfferType = PxeOfferTypeProxyBinl;
|
||||||
|
+
|
||||||
|
+ DHCP6_OPTION_SERVER_ID Server = { 0 };
|
||||||
|
+
|
||||||
|
+ Server.OptionCode = HTONS (DHCP6_OPT_SERVER_ID);
|
||||||
|
+ Server.OptionLen = HTONS (1500); // This length would overflow without a check
|
||||||
|
+ UINT8 Index = 0;
|
||||||
|
+
|
||||||
|
+ EFI_DHCP6_PACKET *Packet = (EFI_DHCP6_PACKET *)&Private.OfferBuffer[Index].Dhcp6.Packet.Offer;
|
||||||
|
+
|
||||||
|
+ UINT8 *Cursor = (UINT8 *)(Packet->Dhcp6.Option);
|
||||||
|
+
|
||||||
|
+ CopyMem (Cursor, &Server, sizeof (Server));
|
||||||
|
+ Cursor += sizeof (Server);
|
||||||
|
+
|
||||||
|
+ // Update the packet length
|
||||||
|
+ Packet->Length = (UINT16)(Cursor - (UINT8 *)Packet);
|
||||||
|
+ Packet->Size = PACKET_SIZE;
|
||||||
|
+
|
||||||
|
+ // This is going to be stopped by the duid overflow check
|
||||||
|
+ ASSERT_EQ (PxeBcRequestBootService (&(PxeBcRequestBootServiceTest::Private), Index), EFI_INVALID_PARAMETER);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+TEST_F (PxeBcRequestBootServiceTest, RequestBasicUsageTest) {
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION RequestOpt = { 0 }; // the data section doesn't really matter
|
||||||
|
+
|
||||||
|
+ RequestOpt.OpCode = HTONS (0x1337);
|
||||||
|
+ RequestOpt.OpLen = 0; // valid length
|
||||||
|
+
|
||||||
|
+ UINT8 Index = 0;
|
||||||
|
+
|
||||||
|
+ EFI_DHCP6_PACKET *Packet = (EFI_DHCP6_PACKET *)&Private.Dhcp6Request[Index];
|
||||||
|
+
|
||||||
|
+ UINT8 *Cursor = (UINT8 *)(Packet->Dhcp6.Option);
|
||||||
|
+
|
||||||
|
+ CopyMem (Cursor, &RequestOpt, sizeof (RequestOpt));
|
||||||
|
+ Cursor += sizeof (RequestOpt);
|
||||||
|
+
|
||||||
|
+ // Update the packet length
|
||||||
|
+ Packet->Length = (UINT16)(Cursor - (UINT8 *)Packet);
|
||||||
|
+ Packet->Size = PACKET_SIZE;
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcRequestBootService (&(PxeBcRequestBootServiceTest::Private), Index), EFI_SUCCESS);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+TEST_F (PxeBcRequestBootServiceTest, AttemptRequestOverFlowExpectFailure) {
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION RequestOpt = { 0 }; // the data section doesn't really matter
|
||||||
|
+
|
||||||
|
+ RequestOpt.OpCode = HTONS (0x1337);
|
||||||
|
+ RequestOpt.OpLen = 1500; // this length would overflow without a check
|
||||||
|
+
|
||||||
|
+ UINT8 Index = 0;
|
||||||
|
+
|
||||||
|
+ EFI_DHCP6_PACKET *Packet = (EFI_DHCP6_PACKET *)&Private.Dhcp6Request[Index];
|
||||||
|
+
|
||||||
|
+ UINT8 *Cursor = (UINT8 *)(Packet->Dhcp6.Option);
|
||||||
|
+
|
||||||
|
+ CopyMem (Cursor, &RequestOpt, sizeof (RequestOpt));
|
||||||
|
+ Cursor += sizeof (RequestOpt);
|
||||||
|
+
|
||||||
|
+ // Update the packet length
|
||||||
|
+ Packet->Length = (UINT16)(Cursor - (UINT8 *)Packet);
|
||||||
|
+ Packet->Size = PACKET_SIZE;
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (PxeBcRequestBootService (&(PxeBcRequestBootServiceTest::Private), Index), EFI_OUT_OF_RESOURCES);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+// PxeBcDhcp6Discover Test
|
||||||
|
+///////////////////////////////////////////////////////////////////////////////
|
||||||
|
+
|
||||||
|
+class PxeBcDhcp6DiscoverTest : public ::testing::Test {
|
||||||
|
+public:
|
||||||
|
+ PXEBC_PRIVATE_DATA Private = { 0 };
|
||||||
|
+ EFI_UDP6_PROTOCOL Udp6Read;
|
||||||
|
+
|
||||||
|
+protected:
|
||||||
|
+ MockUefiRuntimeServicesTableLib RtServicesMock;
|
||||||
|
+
|
||||||
|
+ // Add any setup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ SetUp (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ Private.Dhcp6Request = (EFI_DHCP6_PACKET *)AllocateZeroPool (PACKET_SIZE);
|
||||||
|
+
|
||||||
|
+ // Need to setup the EFI_PXE_BASE_CODE_PROTOCOL
|
||||||
|
+ // The function under test really only needs the following:
|
||||||
|
+ // UdpWrite
|
||||||
|
+ // UdpRead
|
||||||
|
+
|
||||||
|
+ Private.PxeBc.UdpWrite = (EFI_PXE_BASE_CODE_UDP_WRITE)MockUdpWrite;
|
||||||
|
+ Private.PxeBc.UdpRead = (EFI_PXE_BASE_CODE_UDP_READ)MockUdpRead;
|
||||||
|
+
|
||||||
|
+ // Need to setup EFI_UDP6_PROTOCOL
|
||||||
|
+ // The function under test really only needs the following:
|
||||||
|
+ // Configure
|
||||||
|
+
|
||||||
|
+ Udp6Read.Configure = (EFI_UDP6_CONFIGURE)MockConfigure;
|
||||||
|
+ Private.Udp6Read = &Udp6Read;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Add any cleanup code if needed
|
||||||
|
+ virtual void
|
||||||
|
+ TearDown (
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ if (Private.Dhcp6Request != NULL) {
|
||||||
|
+ FreePool (Private.Dhcp6Request);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ // Clean up any resources or variables
|
||||||
|
+ }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// This will cause an overflow by an untrusted packet during the option parsing
|
||||||
|
+TEST_F (PxeBcDhcp6DiscoverTest, BasicOverflowTest) {
|
||||||
|
+ EFI_IPv6_ADDRESS DestIp = { 0 };
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION RequestOpt = { 0 }; // the data section doesn't really matter
|
||||||
|
+
|
||||||
|
+ RequestOpt.OpCode = HTONS (0x1337);
|
||||||
|
+ RequestOpt.OpLen = HTONS (0xFFFF); // overflow
|
||||||
|
+
|
||||||
|
+ UINT8 *Cursor = (UINT8 *)(Private.Dhcp6Request->Dhcp6.Option);
|
||||||
|
+
|
||||||
|
+ CopyMem (Cursor, &RequestOpt, sizeof (RequestOpt));
|
||||||
|
+ Cursor += sizeof (RequestOpt);
|
||||||
|
+
|
||||||
|
+ Private.Dhcp6Request->Length = (UINT16)(Cursor - (UINT8 *)Private.Dhcp6Request);
|
||||||
|
+
|
||||||
|
+ EXPECT_CALL (RtServicesMock, gRT_GetTime)
|
||||||
|
+ .WillOnce (::testing::Return (0));
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (
|
||||||
|
+ PxeBcDhcp6Discover (
|
||||||
|
+ &(PxeBcDhcp6DiscoverTest::Private),
|
||||||
|
+ 0,
|
||||||
|
+ NULL,
|
||||||
|
+ FALSE,
|
||||||
|
+ (EFI_IP_ADDRESS *)&DestIp
|
||||||
|
+ ),
|
||||||
|
+ EFI_OUT_OF_RESOURCES
|
||||||
|
+ );
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// Test Description
|
||||||
|
+// This will test that we can handle a packet with a valid option length
|
||||||
|
+TEST_F (PxeBcDhcp6DiscoverTest, BasicUsageTest) {
|
||||||
|
+ EFI_IPv6_ADDRESS DestIp = { 0 };
|
||||||
|
+ EFI_DHCP6_PACKET_OPTION RequestOpt = { 0 }; // the data section doesn't really matter
|
||||||
|
+
|
||||||
|
+ RequestOpt.OpCode = HTONS (0x1337);
|
||||||
|
+ RequestOpt.OpLen = HTONS (0x30);
|
||||||
|
+
|
||||||
|
+ UINT8 *Cursor = (UINT8 *)(Private.Dhcp6Request->Dhcp6.Option);
|
||||||
|
+
|
||||||
|
+ CopyMem (Cursor, &RequestOpt, sizeof (RequestOpt));
|
||||||
|
+ Cursor += sizeof (RequestOpt);
|
||||||
|
+
|
||||||
|
+ Private.Dhcp6Request->Length = (UINT16)(Cursor - (UINT8 *)Private.Dhcp6Request);
|
||||||
|
+
|
||||||
|
+ EXPECT_CALL (RtServicesMock, gRT_GetTime)
|
||||||
|
+ .WillOnce (::testing::Return (0));
|
||||||
|
+
|
||||||
|
+ ASSERT_EQ (
|
||||||
|
+ PxeBcDhcp6Discover (
|
||||||
|
+ &(PxeBcDhcp6DiscoverTest::Private),
|
||||||
|
+ 0,
|
||||||
|
+ NULL,
|
||||||
|
+ FALSE,
|
||||||
|
+ (EFI_IP_ADDRESS *)&DestIp
|
||||||
|
+ ),
|
||||||
|
+ EFI_SUCCESS
|
||||||
|
+ );
|
||||||
|
+}
|
||||||
|
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||||
|
index b17c314791..0d825e4425 100644
|
||||||
|
--- a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||||
|
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||||
|
@@ -47,4 +47,22 @@ PxeBcCacheDnsServerAddresses (
|
||||||
|
IN PXEBC_DHCP6_PACKET_CACHE *Cache6
|
||||||
|
);
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ Build and send out the request packet for the bootfile, and parse the reply.
|
||||||
|
+
|
||||||
|
+ @param[in] Private The pointer to PxeBc private data.
|
||||||
|
+ @param[in] Index PxeBc option boot item type.
|
||||||
|
+
|
||||||
|
+ @retval EFI_SUCCESS Successfully discovered the boot file.
|
||||||
|
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
|
||||||
|
+ @retval EFI_NOT_FOUND Can't get the PXE reply packet.
|
||||||
|
+ @retval Others Failed to discover the boot file.
|
||||||
|
+
|
||||||
|
+**/
|
||||||
|
+EFI_STATUS
|
||||||
|
+PxeBcRequestBootService (
|
||||||
|
+ IN PXEBC_PRIVATE_DATA *Private,
|
||||||
|
+ IN UINT32 Index
|
||||||
|
+ );
|
||||||
|
+
|
||||||
|
#endif // PXE_BC_DHCP6_GOOGLE_TEST_H_
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -0,0 +1,202 @@
|
|||||||
|
From d6cdd646e7d9c4cfc78a061d66ab9ba4d2f02cf3 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Wed, 8 May 2024 22:56:24 -0700
|
||||||
|
Subject: [PATCH] OvmfPkg: Add Hash2DxeCrypto to OvmfPkg
|
||||||
|
|
||||||
|
RH-Author: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
RH-MergeRequest: 81: OvmfPkg: Add Hash2DxeCrypto to OvmfPkg
|
||||||
|
RH-Jira: RHEL-53009
|
||||||
|
RH-Acked-by: Jon Maloy <jmaloy@redhat.com>
|
||||||
|
RH-Commit: [1/1] 07d3c21a816826beefe963908284cc8b5dd0b075
|
||||||
|
|
||||||
|
JIRA: https://issues.redhat.com/browse/RHEL-53009
|
||||||
|
Upstream: Merged
|
||||||
|
|
||||||
|
Upstream commit 4c4ceb2ceb80 ("NetworkPkg: SECURITY PATCH CVE-2023-45237")
|
||||||
|
broke HTTP boot in OVMF. This fixes it.
|
||||||
|
|
||||||
|
commit cb9d71189134e78efb00759eb9649ce92bf5b29a
|
||||||
|
Author: Doug Flick <dougflick@microsoft.com>
|
||||||
|
Date: Wed May 8 22:56:24 2024 -0700
|
||||||
|
|
||||||
|
OvmfPkg: Add Hash2DxeCrypto to OvmfPkg
|
||||||
|
|
||||||
|
This patch adds Hash2DxeCrypto to OvmfPkg. The Hash2DxeCrypto is
|
||||||
|
used to provide the hashing protocol services.
|
||||||
|
|
||||||
|
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
|
||||||
|
Cc: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
Cc: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
|
||||||
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||||
|
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
|
||||||
|
|
||||||
|
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
|
||||||
|
---
|
||||||
|
OvmfPkg/OvmfPkgIa32.dsc | 6 +++++-
|
||||||
|
OvmfPkg/OvmfPkgIa32.fdf | 5 +++++
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.dsc | 6 +++++-
|
||||||
|
OvmfPkg/OvmfPkgIa32X64.fdf | 5 +++++
|
||||||
|
OvmfPkg/OvmfPkgX64.dsc | 6 +++++-
|
||||||
|
OvmfPkg/OvmfPkgX64.fdf | 5 +++++
|
||||||
|
OvmfPkg/OvmfXen.dsc | 5 +++++
|
||||||
|
OvmfPkg/OvmfXen.fdf | 5 +++++
|
||||||
|
8 files changed, 40 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
index f03906a9ff..47c1732409 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
||||||
|
@@ -213,7 +213,6 @@
|
||||||
|
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
|
||||||
|
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
|
||||||
|
|
||||||
|
-
|
||||||
|
#
|
||||||
|
# Network libraries
|
||||||
|
#
|
||||||
|
@@ -884,6 +883,11 @@
|
||||||
|
MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
||||||
|
MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
||||||
|
|
||||||
|
+ #
|
||||||
|
+ # Hash2 Protocol producer
|
||||||
|
+ #
|
||||||
|
+ SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network Support
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
index 050148948c..71fb83b285 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
||||||
|
@@ -300,6 +300,11 @@ INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
|
||||||
|
INF MdeModulePkg/Logo/LogoDxe.inf
|
||||||
|
|
||||||
|
+#
|
||||||
|
+# Hash2 Protocol producer
|
||||||
|
+#
|
||||||
|
+INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network modules
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
index 81145050c3..186f783ff5 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
||||||
|
@@ -217,7 +217,6 @@
|
||||||
|
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
|
||||||
|
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
|
||||||
|
|
||||||
|
-
|
||||||
|
#
|
||||||
|
# Network libraries
|
||||||
|
#
|
||||||
|
@@ -898,6 +897,11 @@
|
||||||
|
MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
||||||
|
MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
||||||
|
|
||||||
|
+ #
|
||||||
|
+ # Hash2 Protocol producer
|
||||||
|
+ #
|
||||||
|
+ SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network Support
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
index 3e2373f225..6762627073 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
||||||
|
@@ -304,6 +304,11 @@ INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
|
||||||
|
INF MdeModulePkg/Logo/LogoDxe.inf
|
||||||
|
|
||||||
|
+#
|
||||||
|
+# Hash2 Protocol producer
|
||||||
|
+#
|
||||||
|
+INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network modules
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
index 1cb169b447..e968ab6be2 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
||||||
|
@@ -217,7 +217,6 @@
|
||||||
|
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
|
||||||
|
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
|
||||||
|
|
||||||
|
-
|
||||||
|
#
|
||||||
|
# Network libraries
|
||||||
|
#
|
||||||
|
@@ -896,6 +895,11 @@
|
||||||
|
MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
||||||
|
MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
||||||
|
|
||||||
|
+ #
|
||||||
|
+ # Hash2 Protocol producer
|
||||||
|
+ #
|
||||||
|
+ SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network Support
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
index 8ba0ca437a..95544c2bc5 100644
|
||||||
|
--- a/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
||||||
|
@@ -320,6 +320,11 @@ INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
|
||||||
|
INF MdeModulePkg/Logo/LogoDxe.inf
|
||||||
|
|
||||||
|
+#
|
||||||
|
+# Hash2 Protocol producer
|
||||||
|
+#
|
||||||
|
+INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network modules
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc
|
||||||
|
index e7c36d1b80..462e57ddcc 100644
|
||||||
|
--- a/OvmfPkg/OvmfXen.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfXen.dsc
|
||||||
|
@@ -660,6 +660,11 @@
|
||||||
|
MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
||||||
|
MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
||||||
|
|
||||||
|
+ #
|
||||||
|
+ # Hash2 Protocol producer
|
||||||
|
+ #
|
||||||
|
+ SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network Support
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/OvmfXen.fdf b/OvmfPkg/OvmfXen.fdf
|
||||||
|
index 8b58235559..3c64619e8e 100644
|
||||||
|
--- a/OvmfPkg/OvmfXen.fdf
|
||||||
|
+++ b/OvmfPkg/OvmfXen.fdf
|
||||||
|
@@ -369,6 +369,11 @@ INF ShellPkg/Application/Shell/Shell.inf
|
||||||
|
|
||||||
|
INF MdeModulePkg/Logo/LogoDxe.inf
|
||||||
|
|
||||||
|
+#
|
||||||
|
+# Hash2 Protocol producer
|
||||||
|
+#
|
||||||
|
+INF SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Network modules
|
||||||
|
#
|
||||||
|
--
|
||||||
|
2.45.1
|
||||||
|
|
@ -0,0 +1,50 @@
|
|||||||
|
From e4a64ad230ff2906ec56d41b2a8dd7a0bb39a399 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Dov Murik <dovmurik@linux.ibm.com>
|
||||||
|
Date: Tue, 4 Jan 2022 15:16:40 +0800
|
||||||
|
Subject: [PATCH] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as
|
||||||
|
reserved
|
||||||
|
|
||||||
|
RH-Author: Pawel Polawski <None>
|
||||||
|
RH-MergeRequest: 11: OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved
|
||||||
|
RH-Commit: [1/1] a14d34eb204387aae3446770a0e5fb95a9283ae3 (elkoniu/edk2)
|
||||||
|
RH-Bugzilla: 2041754
|
||||||
|
RH-Acked-by: Oliver Steffen <None>
|
||||||
|
|
||||||
|
Mark the SEV launch secret MEMFD area as reserved, which will allow the
|
||||||
|
guest OS to use it during the lifetime of the OS, without creating
|
||||||
|
copies of the sensitive content.
|
||||||
|
|
||||||
|
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
|
||||||
|
Cc: Jordan Justen <jordan.l.justen@intel.com>
|
||||||
|
Cc: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Cc: Brijesh Singh <brijesh.singh@amd.com>
|
||||||
|
Cc: Erdem Aktas <erdemaktas@google.com>
|
||||||
|
Cc: James Bottomley <jejb@linux.ibm.com>
|
||||||
|
Cc: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
Cc: Min Xu <min.m.xu@intel.com>
|
||||||
|
Cc: Tom Lendacky <thomas.lendacky@amd.com>
|
||||||
|
Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
|
||||||
|
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
|
||||||
|
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Acked-by: Jiewen Yao <Jiewen.Yao@intel.com>
|
||||||
|
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
|
||||||
|
---
|
||||||
|
OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
|
||||||
|
index db94c26b54..6bf1a55dea 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
|
||||||
|
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
|
||||||
|
@@ -19,7 +19,7 @@ InitializeSecretPei (
|
||||||
|
BuildMemoryAllocationHob (
|
||||||
|
PcdGet32 (PcdSevLaunchSecretBase),
|
||||||
|
ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),
|
||||||
|
- EfiBootServicesData
|
||||||
|
+ EfiReservedMemoryType
|
||||||
|
);
|
||||||
|
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
--
|
||||||
|
2.27.0
|
||||||
|
|
@ -1,46 +0,0 @@
|
|||||||
From 33ebaa6f0d476008ca6ba264657ac37faf63b723 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
Date: Thu, 29 Aug 2024 09:20:29 +0200
|
|
||||||
Subject: [PATCH 1/2] OvmfPkg/CpuHotplugSmm: delay SMM exit
|
|
||||||
|
|
||||||
RH-Author: Gerd Hoffmann <None>
|
|
||||||
RH-MergeRequest: 74: OvmfPkg/CpuHotplugSmm: delay SMM exit
|
|
||||||
RH-Jira: RHEL-56974
|
|
||||||
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
|
||||||
RH-Commit: [1/1] e1fb3f4db68457ec9f59ca5db47606bf4c34e6c5 (kraxel.rh/centos-src-edk2)
|
|
||||||
|
|
||||||
Let APs wait until the BSP has completed the register updates to remove
|
|
||||||
the CPU. This makes sure all APs stay in SMM mode until the CPU
|
|
||||||
hot-unplug operation is complete, which in turn makes sure the ACPI lock
|
|
||||||
is released only after the CPU hot-unplug operation is complete.
|
|
||||||
|
|
||||||
Some background: The CPU hotplug SMI is triggered from an ACPI function
|
|
||||||
which is protected by an ACPI lock. The ACPI function is in the ACPI
|
|
||||||
tables generated by qemu.
|
|
||||||
|
|
||||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
||||||
|
|
||||||
upstream: submitted (https://github.com/tianocore/edk2/pull/6138)
|
|
||||||
---
|
|
||||||
OvmfPkg/CpuHotplugSmm/CpuHotplug.c | 5 +++++
|
|
||||||
1 file changed, 5 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/OvmfPkg/CpuHotplugSmm/CpuHotplug.c b/OvmfPkg/CpuHotplugSmm/CpuHotplug.c
|
|
||||||
index d504163026..5af78211d3 100644
|
|
||||||
--- a/OvmfPkg/CpuHotplugSmm/CpuHotplug.c
|
|
||||||
+++ b/OvmfPkg/CpuHotplugSmm/CpuHotplug.c
|
|
||||||
@@ -355,6 +355,11 @@ EjectCpu (
|
|
||||||
//
|
|
||||||
QemuSelector = mCpuHotEjectData->QemuSelectorMap[ProcessorNum];
|
|
||||||
if (QemuSelector == CPU_EJECT_QEMU_SELECTOR_INVALID) {
|
|
||||||
+ /* wait until BSP is done */
|
|
||||||
+ while (mCpuHotEjectData->Handler != NULL) {
|
|
||||||
+ CpuPause ();
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
--
|
|
||||||
2.39.3
|
|
||||||
|
|
@ -0,0 +1,47 @@
|
|||||||
|
From f2aeff31924f6d070d7f8b87550dc6d9820531ad Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 16 Jan 2024 18:11:04 +0100
|
||||||
|
Subject: [PATCH 15/18] OvmfPkg/VirtNorFlashDxe: ValidateFvHeader: unwritten
|
||||||
|
state is EOL too
|
||||||
|
|
||||||
|
RH-Author: Gerd Hoffmann <None>
|
||||||
|
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
|
||||||
|
RH-Jira: RHEL-17587
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [17/20] 37220c700ea816c815e0612031e10b7d466b71a2
|
||||||
|
|
||||||
|
It is possible to find variable entries with State being 0xff, i.e. not
|
||||||
|
updated since flash block erase. This indicates the variable driver
|
||||||
|
could not complete the header write while appending a new entry, and
|
||||||
|
therefore State was not set to VAR_HEADER_VALID_ONLY.
|
||||||
|
|
||||||
|
This can only happen at the end of the variable list, so treat this as
|
||||||
|
additional "end of variable list" condition.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Message-Id: <20240116171105.37831-6-kraxel@redhat.com>
|
||||||
|
(cherry picked from commit 735d0a5e2e25c1577bf9bea7826da937ca38169d)
|
||||||
|
---
|
||||||
|
OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c | 5 +++++
|
||||||
|
1 file changed, 5 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
|
||||||
|
index acc4a413ee..f8e71f88c1 100644
|
||||||
|
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
|
||||||
|
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
|
||||||
|
@@ -302,6 +302,11 @@ ValidateFvHeader (
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (VarHeader->State == 0xff) {
|
||||||
|
+ DEBUG ((DEBUG_INFO, "%a: end of var list (unwritten state)\n", __func__));
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
VarName = NULL;
|
||||||
|
switch (VarHeader->State) {
|
||||||
|
// usage: State = VAR_HEADER_VALID_ONLY
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
@ -0,0 +1,73 @@
|
|||||||
|
From 00d9e2d6cb03afeef5a1110d6f1fae1389a06f7a Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Tue, 16 Jan 2024 18:11:02 +0100
|
||||||
|
Subject: [PATCH 13/18] OvmfPkg/VirtNorFlashDxe: add a loop for
|
||||||
|
NorFlashWriteBuffer calls.
|
||||||
|
|
||||||
|
RH-Author: Gerd Hoffmann <None>
|
||||||
|
RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport
|
||||||
|
RH-Jira: RHEL-17587
|
||||||
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
RH-Commit: [15/20] 72004a196ea61d627ab528573db657dd7db16de2
|
||||||
|
|
||||||
|
Replace the two NorFlashWriteBuffer() calls with a loop containing a
|
||||||
|
single NorFlashWriteBuffer() call.
|
||||||
|
|
||||||
|
With the changes in place the code is able to handle updates larger
|
||||||
|
than two P30_MAX_BUFFER_SIZE_IN_BYTES blocks, even though the patch
|
||||||
|
does not actually change the size limit.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Message-Id: <20240116171105.37831-4-kraxel@redhat.com>
|
||||||
|
(cherry picked from commit 28ffd726894f11a587a6ac7f71a4c4af341e24d2)
|
||||||
|
---
|
||||||
|
OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c | 21 ++++++++-------------
|
||||||
|
1 file changed, 8 insertions(+), 13 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
index 88a4d2c23f..3d1343b381 100644
|
||||||
|
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c
|
||||||
|
@@ -521,6 +521,7 @@ NorFlashWriteSingleBlock (
|
||||||
|
UINTN BlockAddress;
|
||||||
|
UINT8 *OrigData;
|
||||||
|
UINTN Start, End;
|
||||||
|
+ UINT32 Index, Count;
|
||||||
|
|
||||||
|
DEBUG ((DEBUG_BLKIO, "NorFlashWriteSingleBlock(Parameters: Lba=%ld, Offset=0x%x, *NumBytes=0x%x, Buffer @ 0x%08x)\n", Lba, Offset, *NumBytes, Buffer));
|
||||||
|
|
||||||
|
@@ -621,23 +622,17 @@ NorFlashWriteSingleBlock (
|
||||||
|
goto Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
- Status = NorFlashWriteBuffer (
|
||||||
|
- Instance,
|
||||||
|
- BlockAddress + Start,
|
||||||
|
- P30_MAX_BUFFER_SIZE_IN_BYTES,
|
||||||
|
- Instance->ShadowBuffer
|
||||||
|
- );
|
||||||
|
- if (EFI_ERROR (Status)) {
|
||||||
|
- goto Exit;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- if ((End - Start) > P30_MAX_BUFFER_SIZE_IN_BYTES) {
|
||||||
|
+ Count = (End - Start) / P30_MAX_BUFFER_SIZE_IN_BYTES;
|
||||||
|
+ for (Index = 0; Index < Count; Index++) {
|
||||||
|
Status = NorFlashWriteBuffer (
|
||||||
|
Instance,
|
||||||
|
- BlockAddress + Start + P30_MAX_BUFFER_SIZE_IN_BYTES,
|
||||||
|
+ BlockAddress + Start + Index * P30_MAX_BUFFER_SIZE_IN_BYTES,
|
||||||
|
P30_MAX_BUFFER_SIZE_IN_BYTES,
|
||||||
|
- Instance->ShadowBuffer + P30_MAX_BUFFER_SIZE_IN_BYTES
|
||||||
|
+ Instance->ShadowBuffer + Index * P30_MAX_BUFFER_SIZE_IN_BYTES
|
||||||
|
);
|
||||||
|
+ if (EFI_ERROR (Status)) {
|
||||||
|
+ goto Exit;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
Exit:
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue