deleted file mode 100644
@@ -1,35 +0,0 @@
-From 772fa11ac82579a8f6fa171e6b835f68af3f64be Mon Sep 17 00:00:00 2001
-From: Rebecca Cran <rebecca@bsdio.com>
-Date: Mon, 26 May 2025 08:01:39 -0600
-Subject: [PATCH] SecurityPkg: Don't define bool type if building in C23 mode
-
-In C23 bool is a built-in type, so it's not necessary to typedef
-bool in LibspdmStdBoolAlt.h.
-
-Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
-
-Upstream-Status: Backport [https://github.com/tianocore/edk2/commit/772fa11ac82579a8f6fa171e6b835f68af3f64be]
-
-Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
----
- .../DeviceSecurity/SpdmLib/Include/hal/LibspdmStdBoolAlt.h | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/SecurityPkg/DeviceSecurity/SpdmLib/Include/hal/LibspdmStdBoolAlt.h b/SecurityPkg/DeviceSecurity/SpdmLib/Include/hal/LibspdmStdBoolAlt.h
-index 08af7296d0..395ef22d43 100644
---- a/SecurityPkg/DeviceSecurity/SpdmLib/Include/hal/LibspdmStdBoolAlt.h
-+++ b/SecurityPkg/DeviceSecurity/SpdmLib/Include/hal/LibspdmStdBoolAlt.h
-@@ -10,7 +10,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
- #ifndef LIBSPDM_STDBOOL_ALT_H
- #define LIBSPDM_STDBOOL_ALT_H
-
-+// In C23, bool is a built-in type
-+#if __STDC_VERSION__ < 202311L
- typedef BOOLEAN bool;
-+#endif
-
- #ifndef true
- #define true TRUE
-2.34.1
-
@@ -1,7 +1,7 @@
-From 61583b59620946683551f43c6110e656604a252f Mon Sep 17 00:00:00 2001
+From 0f859c6de2914cd984f8a0dd61471b91a2371bfa Mon Sep 17 00:00:00 2001
From: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
Date: Thu, 9 Jun 2016 02:23:01 -0700
-Subject: [PATCH 1/4] ovmf: update path to native BaseTools
+Subject: [PATCH] ovmf: update path to native BaseTools
BaseTools is a set of utilities to build EDK-based firmware. These utilities
are used during the build process. Thus, they need to be built natively.
@@ -28,6 +28,3 @@ index 279f0d099a..285f061bf4 100755
echo $EDK_TOOLS_PATH
source edksetup.sh BaseTools
else
-2.39.5
-
@@ -1,7 +1,7 @@
-From aacbf7c91732b9959e569e90844cf9de078b2f14 Mon Sep 17 00:00:00 2001
+From 9dbd082516fdd7100f99f0f389b8eef5ececab19 Mon Sep 17 00:00:00 2001
From: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
Date: Fri, 26 Jul 2019 17:34:26 -0400
-Subject: [PATCH 2/4] BaseTools: makefile: adjust to build in under bitbake
+Subject: [PATCH] BaseTools: makefile: adjust to build in under bitbake
Prepend the build flags with those of bitbake. This is to build
using the bitbake native sysroot include and library directories.
@@ -18,10 +18,10 @@ Upstream-Status: Inappropriate [needs to be converted to in-recipe fixups]
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/BaseTools/Source/C/Makefiles/header.makefile b/BaseTools/Source/C/Makefiles/header.makefile
-index d369908a09..22c670f316 100644
+index 55a7307a5e..e36e6a8f04 100644
--- a/BaseTools/Source/C/Makefiles/header.makefile
+++ b/BaseTools/Source/C/Makefiles/header.makefile
-@@ -85,35 +85,34 @@ endif
+@@ -154,35 +154,34 @@ endif
INCLUDE = $(TOOL_INCLUDE) -I $(MAKEROOT) -I $(MAKEROOT)/Include/Common -I $(MAKEROOT)/Include/ -I $(MAKEROOT)/Include/IndustryStandard -I $(MAKEROOT)/Common/ -I .. -I . $(ARCH_INCLUDE)
INCLUDE += -I $(EDK2_PATH)/MdePkg/Include
@@ -64,6 +64,3 @@ index d369908a09..22c670f316 100644
ifeq ($(HOST_ARCH), IA32)
#
# Snow Leopard is a 32-bit and 64-bit environment. uname -m returns i386, but gcc defaults
-2.39.5
-
@@ -1,7 +1,7 @@
-From 96fa2a7f2f54f1e6330275b5eba07e1efdbd865b Mon Sep 17 00:00:00 2001
+From eb6db21ed0a845dce149d17acf8673d5188adea4 Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Mon, 14 Jun 2021 19:56:28 +0200
-Subject: [PATCH 3/4] debug prefix map
+Subject: [PATCH] debug prefix map
We want to pass ${DEBUG_PREFIX_MAP} to gcc commands and also pass in
--debug-prefix-map to nasm (we carry a patch to nasm for this). The
@@ -21,9 +21,11 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
BaseTools/Conf/tools_def.template | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
+diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template
+index 0caa1c9001..dd86b3249d 100755
--- a/BaseTools/Conf/tools_def.template
+++ b/BaseTools/Conf/tools_def.template
-@@ -920,7 +920,7 @@ NOOPT_*_*_OBJCOPY_ADDDEBUGFLAG = --a
+@@ -920,7 +920,7 @@ NOOPT_*_*_OBJCOPY_ADDDEBUGFLAG = --add-gnu-debuglink="$(DEBUG_DIR)/$(MODULE_
*_*_*_DTC_PATH = DEF(DTC_BIN)
# All supported GCC archs except LOONGARCH64 support -mstack-protector-guard=global, so set that on everything except LOONGARCH64
@@ -32,18 +34,18 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
DEFINE GCC_IA32_X64_CC_FLAGS = -mstack-protector-guard=global
DEFINE GCC_ARM_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mlittle-endian -mabi=aapcs -fno-short-enums -funsigned-char -ffunction-sections -fdata-sections -fomit-frame-pointer -Wno-address -mthumb -fno-pic -fno-pie -mstack-protector-guard=global
DEFINE GCC_LOONGARCH64_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mabi=lp64d -fno-asynchronous-unwind-tables -Wno-address -fno-short-enums -fsigned-char -ffunction-sections -fdata-sections
-@@ -941,8 +941,8 @@ DEFINE GCC_ARM_ASLDLINK_FLAGS = DEF
+@@ -938,8 +938,8 @@ DEFINE GCC_ARM_AARCH64_ASLDLINK_FLAGS = -Wl,--defsym=PECOFF_HEADER_SIZE=0 DEF(GC
+ DEFINE GCC_ARM_ASLDLINK_FLAGS = DEF(GCC_ARM_DLINK_FLAGS) -Wl,--entry,ReferenceAcpiTable -u $(IMAGE_ENTRY_POINT) DEF(GCC_ARM_AARCH64_ASLDLINK_FLAGS)
DEFINE GCC_AARCH64_ASLDLINK_FLAGS = DEF(GCC_AARCH64_DLINK_FLAGS) -Wl,--entry,ReferenceAcpiTable -u $(IMAGE_ENTRY_POINT) DEF(GCC_ARM_AARCH64_ASLDLINK_FLAGS)
DEFINE GCC_LOONGARCH64_ASLDLINK_FLAGS = DEF(GCC_LOONGARCH64_DLINK_FLAGS) -Wl,--entry,ReferenceAcpiTable -u $(IMAGE_ENTRY_POINT)
- DEFINE GCC_IA32_X64_DLINK_FLAGS = DEF(GCC_IA32_X64_DLINK_COMMON) --entry _$(IMAGE_ENTRY_POINT) --file-alignment 0x20 --section-alignment 0x20 -Map $(DEST_DIR_DEBUG)/$(BASE_NAME).map
-DEFINE GCC_ASM_FLAGS = -c -x assembler -imacros AutoGen.h
-DEFINE GCC_PP_FLAGS = -E -x assembler-with-cpp -include AutoGen.h
+DEFINE GCC_ASM_FLAGS = -c -x assembler -imacros AutoGen.h ENV(GCC_PREFIX_MAP)
+DEFINE GCC_PP_FLAGS = -E -x assembler-with-cpp -include AutoGen.h ENV(GCC_PREFIX_MAP)
- DEFINE GCC_VFRPP_FLAGS = -x c -E -P -DVFRCOMPILE --include $(MODULE_NAME)StrDefs.h
+ DEFINE GCC_VFRPP_FLAGS = -x c -E -DVFRCOMPILE --include $(MODULE_NAME)StrDefs.h
DEFINE GCC_ASLPP_FLAGS = -x c -E -include AutoGen.h
DEFINE GCC_ASLCC_FLAGS = -x c
-@@ -1095,7 +1095,7 @@ DEFINE GCC5_LOONGARCH64_PP_FLAGS
+@@ -1092,7 +1092,7 @@ DEFINE GCC5_LOONGARCH64_PP_FLAGS = -mabi=lp64d -march=loongarch64 DEF(
*_GCC48_IA32_DLINK2_FLAGS = DEF(GCC48_IA32_DLINK2_FLAGS)
*_GCC48_IA32_RC_FLAGS = DEF(GCC_IA32_RC_FLAGS)
*_GCC48_IA32_OBJCOPY_FLAGS =
@@ -52,7 +54,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
DEBUG_GCC48_IA32_CC_FLAGS = DEF(GCC48_IA32_CC_FLAGS)
RELEASE_GCC48_IA32_CC_FLAGS = DEF(GCC48_IA32_CC_FLAGS) -Wno-unused-but-set-variable
-@@ -1123,7 +1123,7 @@ RELEASE_GCC48_IA32_CC_FLAGS = DEF(
+@@ -1120,7 +1120,7 @@ RELEASE_GCC48_IA32_CC_FLAGS = DEF(GCC48_IA32_CC_FLAGS) -Wno-unused-but-set
*_GCC48_X64_DLINK2_FLAGS = DEF(GCC48_X64_DLINK2_FLAGS)
*_GCC48_X64_RC_FLAGS = DEF(GCC_X64_RC_FLAGS)
*_GCC48_X64_OBJCOPY_FLAGS =
@@ -61,7 +63,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
DEBUG_GCC48_X64_CC_FLAGS = DEF(GCC48_X64_CC_FLAGS)
RELEASE_GCC48_X64_CC_FLAGS = DEF(GCC48_X64_CC_FLAGS) -Wno-unused-but-set-variable
-@@ -1232,7 +1232,7 @@ RELEASE_GCC48_AARCH64_CC_FLAGS = DEF(G
+@@ -1229,7 +1229,7 @@ RELEASE_GCC48_AARCH64_CC_FLAGS = DEF(GCC48_AARCH64_CC_FLAGS) -Wno-unused-but-s
*_GCC49_IA32_DLINK2_FLAGS = DEF(GCC49_IA32_DLINK2_FLAGS)
*_GCC49_IA32_RC_FLAGS = DEF(GCC_IA32_RC_FLAGS)
*_GCC49_IA32_OBJCOPY_FLAGS =
@@ -70,7 +72,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
DEBUG_GCC49_IA32_CC_FLAGS = DEF(GCC49_IA32_CC_FLAGS)
RELEASE_GCC49_IA32_CC_FLAGS = DEF(GCC49_IA32_CC_FLAGS) -Wno-unused-but-set-variable -Wno-unused-const-variable
-@@ -1260,7 +1260,7 @@ RELEASE_GCC49_IA32_CC_FLAGS = DEF(
+@@ -1257,7 +1257,7 @@ RELEASE_GCC49_IA32_CC_FLAGS = DEF(GCC49_IA32_CC_FLAGS) -Wno-unused-but-set
*_GCC49_X64_DLINK2_FLAGS = DEF(GCC49_X64_DLINK2_FLAGS)
*_GCC49_X64_RC_FLAGS = DEF(GCC_X64_RC_FLAGS)
*_GCC49_X64_OBJCOPY_FLAGS =
@@ -79,7 +81,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
DEBUG_GCC49_X64_CC_FLAGS = DEF(GCC49_X64_CC_FLAGS)
RELEASE_GCC49_X64_CC_FLAGS = DEF(GCC49_X64_CC_FLAGS) -Wno-unused-but-set-variable -Wno-unused-const-variable
-@@ -1519,7 +1519,7 @@ RELEASE_GCCNOLTO_AARCH64_DLINK_XIPFLAGS
+@@ -1516,7 +1516,7 @@ RELEASE_GCCNOLTO_AARCH64_DLINK_XIPFLAGS = -z common-page-size=0x20
*_GCC5_IA32_DLINK2_FLAGS = DEF(GCC5_IA32_DLINK2_FLAGS) -no-pie
*_GCC5_IA32_RC_FLAGS = DEF(GCC_IA32_RC_FLAGS)
*_GCC5_IA32_OBJCOPY_FLAGS =
@@ -88,7 +90,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
DEBUG_GCC5_IA32_CC_FLAGS = DEF(GCC5_IA32_CC_FLAGS) -flto
DEBUG_GCC5_IA32_DLINK_FLAGS = DEF(GCC5_IA32_X64_DLINK_FLAGS) -flto -Os -Wl,-m,elf_i386,--oformat=elf32-i386
-@@ -1551,7 +1551,7 @@ RELEASE_GCC5_IA32_DLINK_FLAGS = DEF(G
+@@ -1548,7 +1548,7 @@ RELEASE_GCC5_IA32_DLINK_FLAGS = DEF(GCC5_IA32_X64_DLINK_FLAGS) -flto -Os -Wl,
*_GCC5_X64_DLINK2_FLAGS = DEF(GCC5_X64_DLINK2_FLAGS)
*_GCC5_X64_RC_FLAGS = DEF(GCC_X64_RC_FLAGS)
*_GCC5_X64_OBJCOPY_FLAGS =
@@ -1,7 +1,7 @@
-From fc2d3c17ff2a7b39e8d47b788eeaac5e1487cdee Mon Sep 17 00:00:00 2001
+From 0d22e07cd9cc35ede04c01d3141068db744d7677 Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Mon, 14 Jun 2021 19:57:30 +0200
-Subject: [PATCH 4/4] reproducible
+Subject: [PATCH] reproducible
This patch fixes various things which make the build more reproducible. Some changes
here only change intermediate artefacts but that means when you have two build trees
@@ -34,9 +34,11 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
.../Source/Python/AutoGen/ModuleAutoGen.py | 5 +++-
4 files changed, 24 insertions(+), 16 deletions(-)
+diff --git a/BaseTools/Source/C/GenFw/Elf64Convert.c b/BaseTools/Source/C/GenFw/Elf64Convert.c
+index 18594122ea..92b5f13cf6 100644
--- a/BaseTools/Source/C/GenFw/Elf64Convert.c
+++ b/BaseTools/Source/C/GenFw/Elf64Convert.c
-@@ -15,6 +15,8 @@ SPDX-License-Identifier: BSD-2-Clause-Pa
+@@ -15,6 +15,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <windows.h>
#undef RUNTIME_FUNCTION
#include <io.h>
@@ -54,7 +56,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
//
// Add more space in the .debug data region for the DllCharacteristicsEx
-@@ -2310,7 +2312,7 @@ WriteDebug64 (
+@@ -2322,7 +2324,7 @@ WriteDebug64 (
EFI_IMAGE_DEBUG_CODEVIEW_NB10_ENTRY *Nb10;
EFI_IMAGE_DEBUG_EX_DLLCHARACTERISTICS_ENTRY *DllEntry;
@@ -63,7 +65,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
NtHdr = (EFI_IMAGE_OPTIONAL_HEADER_UNION *)(mCoffFile + mNtHdrOffset);
DataDir = &NtHdr->Pe32Plus.OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_DEBUG];
-@@ -2343,7 +2345,7 @@ WriteDebug64 (
+@@ -2355,7 +2357,7 @@ WriteDebug64 (
Nb10 = (EFI_IMAGE_DEBUG_CODEVIEW_NB10_ENTRY*)(Dir + 1);
Nb10->Signature = CODEVIEW_SIGNATURE_NB10;
@@ -72,6 +74,8 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
}
STATIC
+diff --git a/BaseTools/Source/Python/AutoGen/BuildEngine.py b/BaseTools/Source/Python/AutoGen/BuildEngine.py
+index b829a2503c..afe826b78f 100644
--- a/BaseTools/Source/Python/AutoGen/BuildEngine.py
+++ b/BaseTools/Source/Python/AutoGen/BuildEngine.py
@@ -70,6 +70,9 @@ class TargetDescBlock(object):
@@ -84,9 +88,11 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
def AddInput(self, Input):
if Input not in self.Inputs:
self.Inputs.append(Input)
+diff --git a/BaseTools/Source/Python/AutoGen/GenMake.py b/BaseTools/Source/Python/AutoGen/GenMake.py
+index e5f282c4ac..27a34ef7c6 100755
--- a/BaseTools/Source/Python/AutoGen/GenMake.py
+++ b/BaseTools/Source/Python/AutoGen/GenMake.py
-@@ -576,7 +576,7 @@ cleanlib:
+@@ -571,7 +571,7 @@ cleanlib:
os.remove(RespFileList)
# convert source files and binary files to build targets
@@ -95,7 +101,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
if len(self.ResultFileList) == 0 and len(MyAgo.SourceFileList) != 0:
EdkLogger.error("build", AUTOGEN_ERROR, "Nothing to build",
ExtraData="[%s]" % str(MyAgo))
-@@ -727,7 +727,7 @@ cleanlib:
+@@ -722,7 +722,7 @@ cleanlib:
OutputFile = ''
DepsFileList = []
@@ -104,7 +110,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
if Cmd[2]:
for CopyCmd in Cmd[2]:
Src, Dst = CopyCmd
-@@ -760,7 +760,7 @@ cleanlib:
+@@ -755,7 +755,7 @@ cleanlib:
self.BuildTargetList.append('\t%s' % CmdString)
self.ParseSecCmd(DepsFileList, Cmd[1])
@@ -113,7 +119,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
self.BuildTargetList.append('%s : %s' % (self.ReplaceMacro(SecOutputFile), self.ReplaceMacro(SecDepsFile)))
self.BuildTargetList.append('\t%s' % self.ReplaceMacro(SecCmd))
self.FfsOutputFileList = []
-@@ -799,13 +799,13 @@ cleanlib:
+@@ -794,13 +794,13 @@ cleanlib:
def CommandExceedLimit(self):
FlagDict = {
@@ -134,7 +140,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
}
RespDict = {}
-@@ -1019,9 +1019,9 @@ cleanlib:
+@@ -1014,9 +1014,9 @@ cleanlib:
if not self.ObjTargetDict.get(T.Target.SubDir):
self.ObjTargetDict[T.Target.SubDir] = set()
self.ObjTargetDict[T.Target.SubDir].add(NewFile)
@@ -146,9 +152,11 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
# Generate related macros if needed
if T.GenFileListMacro and T.FileListMacro not in self.FileListMacros:
self.FileListMacros[T.FileListMacro] = []
+diff --git a/BaseTools/Source/Python/AutoGen/ModuleAutoGen.py b/BaseTools/Source/Python/AutoGen/ModuleAutoGen.py
+index aa0b71632e..57c9cad117 100755
--- a/BaseTools/Source/Python/AutoGen/ModuleAutoGen.py
+++ b/BaseTools/Source/Python/AutoGen/ModuleAutoGen.py
-@@ -1474,6 +1474,9 @@ class ModuleAutoGen(AutoGen):
+@@ -1429,6 +1429,9 @@ class ModuleAutoGen(AutoGen):
for File in Files:
if File.lower().endswith('.pdb'):
AsBuiltInfDict['binary_item'].append('DISPOSABLE|' + File)
@@ -158,7 +166,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
HeaderComments = self.Module.HeaderComments
StartPos = 0
for Index in range(len(HeaderComments)):
-@@ -1749,7 +1752,7 @@ class ModuleAutoGen(AutoGen):
+@@ -1704,7 +1707,7 @@ class ModuleAutoGen(AutoGen):
if os.path.exists (self.TimeStampPath):
os.remove (self.TimeStampPath)
deleted file mode 100644
@@ -1,43 +0,0 @@
-From 2c8fb3e5164effc8a370e800fe91db7341e69116 Mon Sep 17 00:00:00 2001
-From: Doug Flick <dougflick@microsoft.com>
-Date: Mon, 7 Apr 2025 11:23:41 -0700
-Subject: [PATCH 1/4] SecurityPkg: Update SecurityFixes.yaml for CVE-2024-38797
-
-This commit updates the SecurityFixes.yaml file to include
-information about the CVE-2024-38797 vulnerability.
-
-Signed-off-by: Doug Flick <DougFlick@microsoft.com>
-
-CVE: CVE-2024-38797
-Upstream-Status: Backport [https://github.com/tianocore/edk2/pull/10928/commits/519366f542e9370bee982b1c3687ffedb5cabc21]
-Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
----
- SecurityPkg/SecurityFixes.yaml | 15 +++++++++++++++
- 1 file changed, 15 insertions(+)
-
-diff --git a/SecurityPkg/SecurityFixes.yaml b/SecurityPkg/SecurityFixes.yaml
-index b4006b4..06b597a 100644
---- a/SecurityPkg/SecurityFixes.yaml
-+++ b/SecurityPkg/SecurityFixes.yaml
-@@ -40,3 +40,18 @@ CVE_2022_36764:
- - Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c
- links:
- - https://bugzilla.tianocore.org/show_bug.cgi?id=4118
-+CVE_2024_38797:
-+ commit-titles:
-+ - "SecurityPkg: Out of bound read in HashPeImageByType()"
-+ - "SecurityPkg: Improving HashPeImageByType () logic"
-+ - "SecurityPkg: Improving SecureBootConfigImpl:HashPeImageByType () logic"
-+ cve: CVE-2024-38797
-+ date_reported: 2024-06-04 12:00 UTC
-+ description: Out of bound read in HashPeImageByType()
-+ note:
-+ files_impacted:
-+ - SecurityPkg\Library\DxeImageVerificationLib\DxeImageVerificationLib.c
-+ - SecurityPkg\VariableAuthenticated\SecureBootConfigDxe\SecureBootConfigImpl.c
-+ links:
-+ - https://bugzilla.tianocore.org/show_bug.cgi?id=2214
-+ - https://github.com/tianocore/edk2/security/advisories/GHSA-4wjw-6xmf-44xf
-2.34.1
-
deleted file mode 100644
@@ -1,63 +0,0 @@
-From 1a7be26382c4a34504875f094e15fe371d44192e Mon Sep 17 00:00:00 2001
-From: Doug Flick <dougflick@microsoft.com>
-Date: Thu, 3 Oct 2024 09:37:18 -0700
-Subject: [PATCH 2/4] SecurityPkg: Out of bound read in HashPeImageByType()
-
-In HashPeImageByType(), the hash of PE/COFF image is calculated.
-This function may get untrusted input.
-
-Inside this function, the following code verifies the loaded image has
-the correct format, by reading the second byte of the buffer.
-
-```c
- if ((*(AuthData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {
- ...
- }
-```
-
-The input image is not trusted and that may not have the second byte to
-read. So this poses an out of bound read error.
-
-With below fix we are assuring that we don't do out of bound read. i.e,
-we make sure that AuthDataSize is greater than 1.
-
-```c
- if (AuthDataSize > 1
- && (*(AuthData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE){
- ...
- }
-```
-
-AuthDataSize size is verified before reading the second byte.
-So if AuthDataSize is less than 2, the second byte will not be read, and
-the out of bound read situation won't occur.
-
-Tested the patch on real platform with and without TPM connected and
-verified image is booting fine.
-
-Authored-by: Raj AlwinX Selvaraj <Alw...@intel.com>
-Signed-off-by: Doug Flick <DougFlick@microsoft.com>
-
-CVE: CVE-2024-38797
-Upstream-Status: Backport [https://github.com/tianocore/edk2/pull/10928/commits/2dcdb41b564aa3cb846644b4b1722a0b3ae5e06b]
-Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
----
- .../Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
-index b05da19..2afa2c9 100644
---- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
-+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
-@@ -642,7 +642,7 @@ HashPeImageByType (
- // This field has the fixed offset (+32) in final Authenticode ASN.1 data.
- // Fixed offset (+32) is calculated based on two bytes of length encoding.
- //
-- if ((*(AuthData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {
-+ if ((AuthDataSize > 1) && ((*(AuthData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE)) {
- //
- // Only support two bytes of Long Form of Length Encoding.
- //
-2.34.1
-
deleted file mode 100644
@@ -1,99 +0,0 @@
-From 4db363db013a92937431234252fc9d84e44fc120 Mon Sep 17 00:00:00 2001
-From: Doug Flick <dougflick@microsoft.com>
-Date: Thu, 3 Oct 2024 10:16:57 -0700
-Subject: [PATCH 3/4] SecurityPkg: Improving HashPeImageByType () logic
-
-Namely:
-
-(1) The TWO_BYTE_ENCODE check is independent of Index. If it evalutes
- to TRUE for Index==0, then it will evaluate to TRUE for all other
- Index values as well. As a result, the (Index == HASHALG_MAX)
- condition will fire after the loop, and we'll return
- EFI_UNSUPPORTED.
-
- While this is correct, functionally speaking, it is wasteful to
- keep re-checking TWO_BYTE_ENCODE in the loop body. The check
- should be made at the top of the function, and EFI_UNSUPPORTED
- should be returned at once, if appropriate.
-
-(2) If the hash algorithm selected by Index has such a large OID that
- the OID comparison cannot even be performed (because AuthDataSize
- is not large enough for containing the OID in question, starting
- at offset 32), then the function returns EFI_UNSUPPORTED at once.
-
- This is bogus; this case should simply be treated as an OID
- mismatch, and the loop should advance to the next Index value /
- hash algorithm candidate. A remaining hash algo may have a shorter
- OID and yield an OID match.
-
-Signed-off-by: Doug Flick <DougFlick@microsoft.com>
-
-CVE: CVE-2024-38797
-Upstream-Status: Backport [https://github.com/tianocore/edk2/pull/10928/commits/5df518ec510324f48ed1cf0376150960644b41f0]
-Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
----
- .../DxeImageVerificationLib.c | 37 ++++++++++---------
- 1 file changed, 19 insertions(+), 18 deletions(-)
-
-diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
-index 2afa2c9..2eca39d 100644
---- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
-+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
-@@ -618,6 +618,7 @@ Done:
- @param[in] AuthDataSize Size of the Authenticode Signature in bytes.
-
- @retval EFI_UNSUPPORTED Hash algorithm is not supported.
-+ @retval EFI_BAD_BUFFER_SIZE AuthData provided is invalid size.
- @retval EFI_SUCCESS Hash successfully.
-
- **/
-@@ -629,28 +630,28 @@ HashPeImageByType (
- {
- UINT8 Index;
-
-- for (Index = 0; Index < HASHALG_MAX; Index++) {
-+ //
-+ // Check the Hash algorithm in PE/COFF Authenticode.
-+ // According to PKCS#7 Definition:
-+ // SignedData ::= SEQUENCE {
-+ // version Version,
-+ // digestAlgorithms DigestAlgorithmIdentifiers,
-+ // contentInfo ContentInfo,
-+ // .... }
-+ // The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing
-+ // This field has the fixed offset (+32) in final Authenticode ASN.1 data.
-+ // Fixed offset (+32) is calculated based on two bytes of length encoding.
-+ //
-+ if ((AuthDataSize > 1) && ((*(AuthData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE)) {
- //
-- // Check the Hash algorithm in PE/COFF Authenticode.
-- // According to PKCS#7 Definition:
-- // SignedData ::= SEQUENCE {
-- // version Version,
-- // digestAlgorithms DigestAlgorithmIdentifiers,
-- // contentInfo ContentInfo,
-- // .... }
-- // The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing
-- // This field has the fixed offset (+32) in final Authenticode ASN.1 data.
-- // Fixed offset (+32) is calculated based on two bytes of length encoding.
-+ // Only support two bytes of Long Form of Length Encoding.
- //
-- if ((AuthDataSize > 1) && ((*(AuthData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE)) {
-- //
-- // Only support two bytes of Long Form of Length Encoding.
-- //
-- continue;
-- }
-+ return EFI_BAD_BUFFER_SIZE;
-+ }
-
-+ for (Index = 0; Index < HASHALG_MAX; Index++) {
- if (AuthDataSize < 32 + mHash[Index].OidLength) {
-- return EFI_UNSUPPORTED;
-+ continue;
- }
-
- if (CompareMem (AuthData + 32, mHash[Index].OidValue, mHash[Index].OidLength) == 0) {
-2.34.1
-
deleted file mode 100644
@@ -1,97 +0,0 @@
-From cb3342702c5c1f8a4ddbb6d503a98ed720d14eb3 Mon Sep 17 00:00:00 2001
-From: Doug Flick <dougflick@microsoft.com>
-Date: Fri, 17 Jan 2025 11:30:17 -0800
-Subject: [PATCH 4/4] SecurityPkg: Improving
- SecureBootConfigImpl:HashPeImageByType () logic
-
-Namely:
-
-(1) The TWO_BYTE_ENCODE check is independent of Index. If it evalutes
- to TRUE for Index==0, then it will evaluate to TRUE for all other
- Index values as well. As a result, the (Index == HASHALG_MAX)
- condition will fire after the loop, and we'll return
- EFI_UNSUPPORTED.
-
- While this is correct, functionally speaking, it is wasteful to
- keep re-checking TWO_BYTE_ENCODE in the loop body. The check
- should be made at the top of the function, and EFI_UNSUPPORTED
- should be returned at once, if appropriate.
-
-(2) If the hash algorithm selected by Index has such a large OID that
- the OID comparison cannot even be performed (because AuthDataSize
- is not large enough for containing the OID in question, starting
- at offset 32), then the function returns EFI_UNSUPPORTED at once.
-
- This is bogus; this case should simply be treated as an OID
- mismatch, and the loop should advance to the next Index value /
- hash algorithm candidate. A remaining hash algo may have a shorter
- OID and yield an OID match.
-
-Signed-off-by: Doug Flick <DougFlick@microsoft.com>
-
-CVE: CVE-2024-38797
-Upstream-Status: Backport [https://github.com/tianocore/edk2/pull/10928/commits/8676572908b950dd4d1f8985006011be99c0a5b6]
-Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
----
- .../SecureBootConfigImpl.c | 37 +++++++++++--------
- 1 file changed, 21 insertions(+), 16 deletions(-)
-
-diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
-index 6d4560c..155e755 100644
---- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
-+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
-@@ -2096,30 +2096,35 @@ HashPeImageByType (
- {
- UINT8 Index;
- WIN_CERTIFICATE_EFI_PKCS *PkcsCertData;
-+ UINT32 PkcsCertSize;
-
- PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *)(mImageBase + mSecDataDir->Offset);
-+ PkcsCertSize = mSecDataDir->SizeOfCert;
-
-- for (Index = 0; Index < HASHALG_MAX; Index++) {
-+ //
-+ // Check the Hash algorithm in PE/COFF Authenticode.
-+ // According to PKCS#7 Definition:
-+ // SignedData ::= SEQUENCE {
-+ // version Version,
-+ // digestAlgorithms DigestAlgorithmIdentifiers,
-+ // contentInfo ContentInfo,
-+ // .... }
-+ // The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing
-+ // This field has the fixed offset (+32) in final Authenticode ASN.1 data.
-+ // Fixed offset (+32) is calculated based on two bytes of length encoding.
-+ //
-+ if ((PkcsCertSize > 1) && ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE)) {
- //
-- // Check the Hash algorithm in PE/COFF Authenticode.
-- // According to PKCS#7 Definition:
-- // SignedData ::= SEQUENCE {
-- // version Version,
-- // digestAlgorithms DigestAlgorithmIdentifiers,
-- // contentInfo ContentInfo,
-- // .... }
-- // The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing
-- // This field has the fixed offset (+32) in final Authenticode ASN.1 data.
-- // Fixed offset (+32) is calculated based on two bytes of length encoding.
-+ // Only support two bytes of Long Form of Length Encoding.
- //
-- if ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {
-- //
-- // Only support two bytes of Long Form of Length Encoding.
-- //
-+ return EFI_BAD_BUFFER_SIZE;
-+ }
-+
-+ for (Index = 0; Index < HASHALG_MAX; Index++) {
-+ if (PkcsCertSize < 32 + mHash[Index].OidLength) {
- continue;
- }
-
-- //
- if (CompareMem (PkcsCertData->CertData + 32, mHash[Index].OidValue, mHash[Index].OidLength) == 0) {
- break;
- }
-2.34.1
-
deleted file mode 100644
@@ -1,56 +0,0 @@
-From 4b028816b5619ede6c3720664478055e09151516 Mon Sep 17 00:00:00 2001
-From: Madhavan <madavtechy@gmail.com>
-Date: Fri, 14 Mar 2025 14:15:13 -0400
-Subject: [PATCH] NetworkPkg/IScsiDxe:Fix for Remote Memory Exposure in ISCSI
- bz4206
-
-Used SafeUint32Add to calculate and validate OutTransferLength with
-boundary check in IScsiOnR2TRcvd to avoid integer overflow
-
-Signed-off-by: Madhavan <madavtechy@gmail.com>
-
-CVE: CVE-2025-2295
-Upstream-Status: Backport [https://github.com/tianocore/edk2/commit/17cdc512f02a2dfd1b9e24133da56fdda099abda]
-Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
----
- NetworkPkg/IScsiDxe/IScsiProto.c | 10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
-diff --git a/NetworkPkg/IScsiDxe/IScsiProto.c b/NetworkPkg/IScsiDxe/IScsiProto.c
-index ef587649a0..fb48e6304d 100644
---- a/NetworkPkg/IScsiDxe/IScsiProto.c
-+++ b/NetworkPkg/IScsiDxe/IScsiProto.c
-@@ -1,7 +1,7 @@
- /** @file
- The implementation of iSCSI protocol based on RFC3720.
-
--Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.<BR>
-+Copyright (c) 2004 - 2025, Intel Corporation. All rights reserved.<BR>
- SPDX-License-Identifier: BSD-2-Clause-Patent
-
- **/
-@@ -2682,6 +2682,7 @@ IScsiOnR2TRcvd (
- EFI_STATUS Status;
- ISCSI_XFER_CONTEXT *XferContext;
- UINT8 *Data;
-+ UINT32 TransferLength;
-
- R2THdr = (ISCSI_READY_TO_TRANSFER *)NetbufGetByte (Pdu, 0, NULL);
- if (R2THdr == NULL) {
-@@ -2712,7 +2713,12 @@ IScsiOnR2TRcvd (
- XferContext->Offset = R2THdr->BufferOffset;
- XferContext->DesiredLength = R2THdr->DesiredDataTransferLength;
-
-- if (((XferContext->Offset + XferContext->DesiredLength) > Packet->OutTransferLength) ||
-+ Status = SafeUint32Add (XferContext->Offset, XferContext->DesiredLength, &TransferLength);
-+ if (EFI_ERROR (Status)) {
-+ return EFI_PROTOCOL_ERROR;
-+ }
-+
-+ if ((TransferLength > Packet->OutTransferLength) ||
- (XferContext->DesiredLength > Tcb->Conn->Session->MaxBurstLength)
- )
- {
-2.48.1
-
@@ -20,21 +20,15 @@ PACKAGECONFIG[tpm] = "-D TPM_ENABLE=TRUE,-D TPM_ENABLE=FALSE,,"
#see https://src.fedoraproject.org/rpms/edk2/blob/rawhide/f/0032-Basetools-turn-off-gcc12-warning.patch
BUILD_CFLAGS += "-Wno-error=stringop-overflow"
-SRC_URI = "gitsm://github.com/tianocore/edk2.git;branch=master;protocol=https \
+SRC_URI = "gitsm://github.com/tianocore/edk2.git;branch=master;protocol=https;tag=${PV} \
file://0001-ovmf-update-path-to-native-BaseTools.patch \
file://0002-BaseTools-makefile-adjust-to-build-in-under-bitbake.patch \
file://0003-debug-prefix-map.patch \
file://0004-reproducible.patch \
- file://CVE-2025-2295.patch \
- file://CVE-2024-38797-1.patch \
- file://CVE-2024-38797-2.patch \
- file://CVE-2024-38797-3.patch \
- file://CVE-2024-38797-4.patch \
- file://0001-SecurityPkg-Don-t-define-bool-type-if-building-in-C2.patch \
"
-PV = "edk2-stable202502"
-SRCREV = "fbe0805b2091393406952e84724188f8c1941837"
+PV = "edk2-stable202508"
+SRCREV = "d46aa46c8361194521391aa581593e556c707c6e"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>edk2-stable.*)"
CVE_PRODUCT = "edk2"