From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 88FEC84BF for ; Wed, 30 Aug 2023 17:50:05 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 6AA543746A for ; Wed, 30 Aug 2023 17:50:05 +0200 (CEST) Received: from lana.proxmox.com (unknown [94.136.29.99]) by firstgate.proxmox.com (Proxmox) with ESMTP for ; Wed, 30 Aug 2023 17:50:04 +0200 (CEST) Received: by lana.proxmox.com (Postfix, from userid 10043) id 763192C25AE; Wed, 30 Aug 2023 17:50:04 +0200 (CEST) From: Stefan Hanreich To: pve-devel@lists.proxmox.com Date: Wed, 30 Aug 2023 17:50:01 +0200 Message-Id: <20230830155001.2249173-1-s.hanreich@proxmox.com> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-SPAM-LEVEL: Spam detection results: 0 AWL -0.696 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods KAM_NUMSUBJECT 0.5 Subject ends in numbers excluding current years RDNS_NONE 0.793 Delivered to internal network by a host with no rDNS SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record Subject: [pve-devel] [PATCH edk2-firmware v2] update to edk2-stable202308 X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Aug 2023 15:50:05 -0000 * Removed 0001-OvmfPkg-PlatformInitLib-limit-phys-bits-to-46.patch since it has been included upstream since commit c1e85376 [1]. * Updated the patch Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl so it applies again. * had to increase FD_SIZE to 4M for the x64 build as otherwise the package wouldn't build due to the size of the resulting image [1] https://github.com/tianocore/edk2/commit/c1e853769046b322690ad336fdb989= 66757e7414 Signed-off-by: Stefan Hanreich --- Changes from v1 -> v2: * fixed metadata in ArmVirtPkg patch Wasn't able to build this package without setting FD_SIZE to 4M, not sure if this is due to my failure or if the image just got bigger with the new changes. Due to CRLF shenanigans I have made this commit available via my repos as well - you can find it under staff/s.hanreich/pve-edk2-firmware on the branch 2023-08. Still not sure if the line endings are 100% correct since I have warnings about EOL and trailing spaces, but I think they are because of gits CRLF handling. debian/changelog | 6 +++ ...latformInitLib-limit-phys-bits-to-46.patch | 43 ------------------- ...g-make-EFI_LOADER_DATA-non-executabl.patch | 6 +-- debian/patches/series | 1 - debian/rules | 3 +- edk2 | 2 +- 6 files changed, 11 insertions(+), 50 deletions(-) delete mode 100644 debian/patches/0001-OvmfPkg-PlatformInitLib-limit-phys-= bits-to-46.patch diff --git a/debian/changelog b/debian/changelog index 4d0ac21..dd61c6f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +pve-edk2-firmware (3.20230826-1) bookworm; urgency=3Dmedium + + * update sources to upstream edk2-stable202308 tag + + -- Proxmox Support Team Tue, 29 Aug 2023 13:58:15 = +0200 + pve-edk2-firmware (3.20230228-4) bookworm; urgency=3Dmedium * limiting the phys-bits to 46 instead of 47 to work around older guest diff --git a/debian/patches/0001-OvmfPkg-PlatformInitLib-limit-phys-bits-to= -46.patch b/debian/patches/0001-OvmfPkg-PlatformInitLib-limit-phys-bits-to-= 46.patch deleted file mode 100644 index 1708f40..0000000 --- a/debian/patches/0001-OvmfPkg-PlatformInitLib-limit-phys-bits-to-46.pat= ch +++ /dev/null @@ -1,43 +0,0 @@ -From 89a12f2a42b989e7925b4a71e503209971eaa271 Mon Sep 17 00:00:00 2001 -From: Gerd Hoffmann -Date: Thu, 1 Jun 2023 09:57:31 +0200 -Subject: [PATCH] OvmfPkg/PlatformInitLib: limit phys-bits to 46. - -Older linux kernels have problems with phys-bits larger than 46, -ubuntu 18.04 (kernel 4.15) has been reported to be affected. - -Reduce phys-bits limit from 47 to 46. - -Reported-by: Fiona Ebner -Signed-off-by: Gerd Hoffmann ---- - OvmfPkg/Library/PlatformInitLib/MemDetect.c | 9 ++++++--- - 1 file changed, 6 insertions(+), 3 deletions(-) - -diff --git a/OvmfPkg/Library/PlatformInitLib/MemDetect.c b/OvmfPkg/Library= /PlatformInitLib/MemDetect.c -index 38cece9173..4d0522ce22 100644 ---- a/OvmfPkg/Library/PlatformInitLib/MemDetect.c -+++ b/OvmfPkg/Library/PlatformInitLib/MemDetect.c -@@ -657,16 +657,19 @@ PlatformAddressWidthFromCpuid ( - ));=0D - =0D - if (Valid) {=0D -- if (PhysBits > 47) {=0D -+ if (PhysBits > 46) {=0D - /*=0D - * Avoid 5-level paging altogether for now, which limits=0D - * PhysBits to 48. Also avoid using address bit 48, due to sign=0D - * extension we can't identity-map these addresses (and lots of=0D - * places in edk2 assume we have everything identity-mapped).=0D - * So the actual limit is 47.=0D -+ *=0D -+ * Also some older linux kernels apparently have problems handling= =0D -+ * phys-bits > 46 correctly, so use that as limit.=0D - */=0D -- DEBUG ((DEBUG_INFO, "%a: limit PhysBits to 47 (avoid 5-level paging= )\n", __func__));=0D -- PhysBits =3D 47;=0D -+ DEBUG ((DEBUG_INFO, "%a: limit PhysBits to 46 (avoid 5-level paging= )\n", __func__));=0D -+ PhysBits =3D 46;=0D - }=0D - =0D - if (!Page1GSupport && (PhysBits > 40)) {=0D diff --git a/debian/patches/Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-exec= utabl.patch b/debian/patches/Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-exe= cutabl.patch index 7e1417a..d389cfd 100644 --- a/debian/patches/Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.p= atch +++ b/debian/patches/Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.p= atch @@ -9,12 +9,12 @@ Last-Update: 2023-03-09 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc -@@ -361,7 +361,7 @@ +@@ -365,7 +365,7 @@ # reserved ones, with the exception of LoaderData regions, of which OS = loaders=0D # (i.e., GRUB) may assume that its contents are executable.=0D #=0D - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000= 000007FD5=0D + gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000= 000007FD1=0D =0D - [Components.common]=0D - #=0D + gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|TRUE=0D + =0D diff --git a/debian/patches/series b/debian/patches/series index a9ee2be..f1ec614 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,4 +2,3 @@ no-stack-protector-all-archs.diff brotlicompress-disable.diff x64-baseline-abi.patch Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch -0001-OvmfPkg-PlatformInitLib-limit-phys-bits-to-46.patch diff --git a/debian/rules b/debian/rules index eb0ee89..934fe50 100755 --- a/debian/rules +++ b/debian/rules @@ -29,7 +29,6 @@ COMMON_FLAGS +=3D -DPVSCSI_ENABLE=3DTRUE OVMF_COMMON_FLAGS =3D $(COMMON_FLAGS) OVMF_2M_FLAGS =3D $(OVMF_COMMON_FLAGS) -DFD_SIZE_2MB OVMF_4M_FLAGS =3D $(OVMF_COMMON_FLAGS) -DFD_SIZE_4MB -OVMF_2M_SMM_FLAGS =3D $(OVMF_2M_FLAGS) -DSMM_REQUIRE=3DTRUE OVMF_4M_SMM_FLAGS =3D $(OVMF_4M_FLAGS) -DSMM_REQUIRE=3DTRUE OVMF32_4M_FLAGS =3D $(OVMF_COMMON_FLAGS) -DFD_SIZE_4MB OVMF32_4M_SMM_FLAGS =3D $(OVMF32_4M_FLAGS) -DSMM_REQUIRE=3DTRUE @@ -132,7 +131,7 @@ $(OVMF_BINARIES) $(OVMF_IMAGES): debian/setup-build-sta= mp -t $(EDK2_TOOLCHAIN) \ -p OvmfPkg/OvmfPkgX64.dsc \ $(PCD_OPTIONS) \ - $(OVMF_2M_SMM_FLAGS) -b $(BUILD_TYPE) + $(OVMF_4M_SMM_FLAGS) -b $(BUILD_TYPE) cp $(OVMF_BUILD_DIR)/FV/OVMF_CODE.fd \ $(OVMF_INSTALL_DIR)/OVMF_CODE.secboot.fd rm -rf Build/OvmfX64 diff --git a/edk2 b/edk2 index f80f052..819cfc6 160000 --- a/edk2 +++ b/edk2 @@ -1 +1 @@ -Subproject commit f80f052277c88a67c55e107b550f504eeea947d3 +Subproject commit 819cfc6b42a68790a23509e4fcc58ceb70e1965e -- 2.39.2