EDK2 firmware: Adopt the edk2-stable202008 release

Note from Laszlo Ersek [1] while addressing LP#1852196 [2]: Consume the following upstream edk2 releases: https://github.com/tianocore/edk2/releases/tag/edk2-stable201908 https://github.com/tianocore/edk2/releases/tag/edk2-stable201911 https://github.com/tianocore/edk2/releases/tag/edk2-stable202002 https://github.com/tianocore/edk2/releases/tag/edk2-stable202005 https://github.com/tianocore/edk2/releases/tag/edk2-stable202008 Worth mentioning (in random order): - various CVE fixes (see [2] and shortlog) - OpenSSL-1.1.1g - UEFI HTTPS Boot for ARM/AARCH64 - TPM2 for ARM/AARCH64 - VCPU hotplug with SMI - support for Linux v5.7+ initrd and mixed mode loading - Fusion-MPT SCSI driver in OVMF - VMware PVSCSI driver in OVMF - PXEv4 / PXEv6 boot possible to disable on the QEMU command line - SEV-ES support The IA32 and X64 binaries are now smaller -- the reason is that Laszlo built them with DevToolSet 9 (gcc-9) on RHEL7, and so this is the first time they've undergone LTO (with the GCC5 edk2 toolchain settings). CI jobs results: https://gitlab.com/philmd/qemu/-/pipelines/189394120 https://travis-ci.org/github/philmd/qemu/builds/726842542 https://app.shippable.com/github/philmd/qemu/runs/866/summary/console [1] https://www.mail-archive.com/qemu-devel@nongnu.org/msg738173.html [2] https://bugs.launchpad.net/qemu/+bug/1852196 -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAl9fGJkACgkQ4+MsLN6t wN7XrRAAhDl6Ckj6uPkU3kC+y6PjMd3gaMGND8w7LB4t1VABFQ+D1oOfnsOtPva7 DfssLAg8OONw7osYWfpykvBK1j/U68O6K+keteT69I/xjvD0B5B2ndXbRcrykDVg zSfUnVdDR5h1CIiQ5lcbaT2ECw100h80DjzbrixaR6YD8QPVLS2DzdTNE4VTcHsc 7vU1k9eLIH9zthDypZFBbZcYRQIDkbkg5+iG7jWZvQCiO4gMy9RgVsWA3WBtQBty GwFMIIBKFw41JsrGZhnnrzOoG0t1bBlSPhP0vZ2Ymi61TCTCtwkFq0eYU54URJFg 9H0S4t22WUfXNSA1wTMI4Cowk4qp3UGjgVe86gfCd2Xra05V21F0wanJ1MhBNTIZ a5cboPRyjxIjAI/QwN5q18N+xKw4jCVCPevzs4REujjYxbq8xObJ0HkvBv8VdIod x3koOqLFiLMmn1wOYf4st23kPlnqICf86uahvIoWxFAp/Gy8YNf73ka8EmnyStg0 dPj9VoZCA5E72b3DkGFton4FeNihTau/zueLpzM29XLoXuvO6SJuka+oqcwuXxpY KV5F27boajFHlkGL9tWLr2fYkFveTmDmP+t+KXD0bCflHGh90mAdfts1fciGyqFY Ws9P9n6/xRzah/l8YUpygaapQhrtmFhBo7j+YGYBdQPwbB3/pV8= =r8cx -----END PGP SIGNATURE----- Merge remote-tracking branch 'remotes/philmd-gitlab/tags/edk2-next-20200914' into staging EDK2 firmware: Adopt the edk2-stable202008 release Note from Laszlo Ersek [1] while addressing LP#1852196 [2]: Consume the following upstream edk2 releases: https://github.com/tianocore/edk2/releases/tag/edk2-stable201908 https://github.com/tianocore/edk2/releases/tag/edk2-stable201911 https://github.com/tianocore/edk2/releases/tag/edk2-stable202002 https://github.com/tianocore/edk2/releases/tag/edk2-stable202005 https://github.com/tianocore/edk2/releases/tag/edk2-stable202008 Worth mentioning (in random order): - various CVE fixes (see [2] and shortlog) - OpenSSL-1.1.1g - UEFI HTTPS Boot for ARM/AARCH64 - TPM2 for ARM/AARCH64 - VCPU hotplug with SMI - support for Linux v5.7+ initrd and mixed mode loading - Fusion-MPT SCSI driver in OVMF - VMware PVSCSI driver in OVMF - PXEv4 / PXEv6 boot possible to disable on the QEMU command line - SEV-ES support The IA32 and X64 binaries are now smaller -- the reason is that Laszlo built them with DevToolSet 9 (gcc-9) on RHEL7, and so this is the first time they've undergone LTO (with the GCC5 edk2 toolchain settings). CI jobs results: https://gitlab.com/philmd/qemu/-/pipelines/189394120 https://travis-ci.org/github/philmd/qemu/builds/726842542 https://app.shippable.com/github/philmd/qemu/runs/866/summary/console [1] https://www.mail-archive.com/qemu-devel@nongnu.org/msg738173.html [2] https://bugs.launchpad.net/qemu/+bug/1852196 # gpg: Signature made Mon 14 Sep 2020 08:15:37 BST # gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE # gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full] # Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE * remotes/philmd-gitlab/tags/edk2-next-20200914: tests: acpi: update "virt/SSDT.memhp" for edk2-stable202008 pc-bios: update the README file with edk2-stable202008 information pc-bios: refresh edk2 build artifacts for edk2-stable202008 roms/Makefile.edk2: enable new ARM/AARCH64 flags up to edk2-stable202008 roms/Makefile.edk2: complete replacing TPM2*_ENABLE macros roms/edk2: update submodule from edk2-stable201905 to edk2-stable202008 tests: acpi: tolerate "virt/SSDT.memhp" mismatch temporarily roms/Makefile.edk2: prepare for replacing TPM2*_ENABLE macros roms/efirom, tests/uefi-test-tools: update edk2's own submodules first Makefile: remove obsolete edk2 exception from "clean" rule Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-09-14 12:18:58 +01:00 · 2020-09-14 12:18:58 +01:00 · a68694cd1f
parent 95f2179839 8fa3b7029f
commit a68694cd1f
13 changed files with 21 additions and 14 deletions
--- a/1
+++ b/1
@ -200,7 +200,6 @@ clean: recurse-clean ninja-clean clean-ctlist
 	find . \( -name '*.so' -o -name '*.dll' -o -name '*.[oda]' \) -type f \
 		! -path ./roms/edk2/ArmPkg/Library/GccLto/liblto-aarch64.a \
 		! -path ./roms/edk2/ArmPkg/Library/GccLto/liblto-arm.a \
-		! -path ./roms/edk2/BaseTools/Source/Python/UPT/Dll/sqlite3.dll \
 		-exec rm {} +
 	rm -f TAGS cscope.* *.pod *~ */*~
 	rm -f fsdev/*.pod scsi/*.pod
--- a/pc-bios/README
+++ b/pc-bios/README
@ -52,8 +52,8 @@
  variable store templates built from the TianoCore community's EFI Development
  Kit II project
  <https://github.com/tianocore/tianocore.github.io/wiki/EDK-II>. The images
-  were built at git tag "edk2-stable201905". The firmware binaries bundle parts
-  of the OpenSSL project, at git tag "OpenSSL_1_1_1b" (the OpenSSL tag is a
+  were built at git tag "edk2-stable202008". The firmware binaries bundle parts
+  of the OpenSSL project, at git tag "OpenSSL_1_1_1g" (the OpenSSL tag is a
  function of the edk2 tag). Parts of the Berkeley SoftFloat library are
  bundled as well, at Release 3e plus a subsequent typo fix (commit
  b64af41c3276f97f0e181920400ee056b9c88037), as an OpenSSL dependency on 32-bit
--- a/pc-bios/edk2-aarch64-code.fd.bz2
+++ b/pc-bios/edk2-aarch64-code.fd.bz2
--- a/pc-bios/edk2-arm-code.fd.bz2
+++ b/pc-bios/edk2-arm-code.fd.bz2
--- a/pc-bios/edk2-i386-code.fd.bz2
+++ b/pc-bios/edk2-i386-code.fd.bz2
--- a/pc-bios/edk2-i386-secure-code.fd.bz2
+++ b/pc-bios/edk2-i386-secure-code.fd.bz2
--- a/pc-bios/edk2-x86_64-code.fd.bz2
+++ b/pc-bios/edk2-x86_64-code.fd.bz2
--- a/pc-bios/edk2-x86_64-secure-code.fd.bz2
+++ b/pc-bios/edk2-x86_64-secure-code.fd.bz2
--- a/roms/Makefile
+++ b/roms/Makefile
@ -138,6 +138,7 @@ build-efi-roms: build-pxe-roms
 #    efirom
 #
 edk2-basetools:
+	cd edk2/BaseTools && git submodule update --init --force
 	$(MAKE) -C edk2/BaseTools \
 		PYTHON_COMMAND=$${EDK2_PYTHON_COMMAND:-python3} \
 		EXTRA_OPTFLAGS='$(EDK2_BASETOOLS_OPTFLAGS)' \
--- a/roms/Makefile.edk2
+++ b/roms/Makefile.edk2
@ -64,7 +64,10 @@ submodules:
 		--arch=AARCH64 \
 		--platform=ArmVirtPkg/ArmVirtQemu.dsc \
 		-D NETWORK_IP6_ENABLE \
-		-D NETWORK_HTTP_BOOT_ENABLE
+		-D NETWORK_HTTP_BOOT_ENABLE \
+		-D NETWORK_TLS_ENABLE \
+		-D TPM2_ENABLE \
+		-D TPM2_CONFIG_ENABLE
 	cp edk2/Build/ArmVirtQemu-AARCH64/DEBUG_$(call toolchain,aarch64)/FV/QEMU_EFI.fd \
 		$@
 	truncate --size=64M $@
@ -75,7 +78,10 @@ submodules:
 		--arch=ARM \
 		--platform=ArmVirtPkg/ArmVirtQemu.dsc \
 		-D NETWORK_IP6_ENABLE \
-		-D NETWORK_HTTP_BOOT_ENABLE
+		-D NETWORK_HTTP_BOOT_ENABLE \
+		-D NETWORK_TLS_ENABLE \
+		-D TPM2_ENABLE \
+		-D TPM2_CONFIG_ENABLE
 	cp edk2/Build/ArmVirtQemu-ARM/DEBUG_$(call toolchain,arm)/FV/QEMU_EFI.fd \
 		$@
 	truncate --size=64M $@
@ -88,8 +94,8 @@ submodules:
 		-D NETWORK_IP6_ENABLE \
 		-D NETWORK_HTTP_BOOT_ENABLE \
 		-D NETWORK_TLS_ENABLE \
-		-D TPM2_ENABLE \
-		-D TPM2_CONFIG_ENABLE
+		-D TPM_ENABLE \
+		-D TPM_CONFIG_ENABLE
 	cp edk2/Build/OvmfIa32/DEBUG_$(call toolchain,i386)/FV/OVMF_CODE.fd $@

 ../pc-bios/edk2-i386-secure-code.fd: submodules
@ -100,8 +106,8 @@ submodules:
 		-D NETWORK_IP6_ENABLE \
 		-D NETWORK_HTTP_BOOT_ENABLE \
 		-D NETWORK_TLS_ENABLE \
-		-D TPM2_ENABLE \
-		-D TPM2_CONFIG_ENABLE \
+		-D TPM_ENABLE \
+		-D TPM_CONFIG_ENABLE \
 		-D SECURE_BOOT_ENABLE \
 		-D SMM_REQUIRE
 	cp edk2/Build/OvmfIa32/DEBUG_$(call toolchain,i386)/FV/OVMF_CODE.fd $@
@ -114,8 +120,8 @@ submodules:
 		-D NETWORK_IP6_ENABLE \
 		-D NETWORK_HTTP_BOOT_ENABLE \
 		-D NETWORK_TLS_ENABLE \
-		-D TPM2_ENABLE \
-		-D TPM2_CONFIG_ENABLE
+		-D TPM_ENABLE \
+		-D TPM_CONFIG_ENABLE
 	cp edk2/Build/OvmfX64/DEBUG_$(call toolchain,x86_64)/FV/OVMF_CODE.fd $@

 ../pc-bios/edk2-x86_64-secure-code.fd: submodules
@ -127,8 +133,8 @@ submodules:
 		-D NETWORK_IP6_ENABLE \
 		-D NETWORK_HTTP_BOOT_ENABLE \
 		-D NETWORK_TLS_ENABLE \
-		-D TPM2_ENABLE \
-		-D TPM2_CONFIG_ENABLE \
+		-D TPM_ENABLE \
+		-D TPM_CONFIG_ENABLE \
 		-D SECURE_BOOT_ENABLE \
 		-D SMM_REQUIRE
 	cp edk2/Build/Ovmf3264/DEBUG_$(call toolchain,x86_64)/FV/OVMF_CODE.fd $@
--- a/roms/edk2
+++ b/roms/edk2
@ -1 +1 @@
-Subproject commit 20d2e5a125e34fc8501026613a71549b2a1a3e54
+Subproject commit 06dc822d045c2bb42e497487935485302486e151
--- a/tests/data/acpi/virt/SSDT.memhp
+++ b/tests/data/acpi/virt/SSDT.memhp
--- a/tests/uefi-test-tools/Makefile
+++ b/tests/uefi-test-tools/Makefile
@ -99,6 +99,7 @@ Build/bios-tables-test.%.efi: build-edk2-tools
 	+./build.sh $(edk2_dir) BiosTablesTest $* $@

 build-edk2-tools:
+	cd $(edk2_dir)/BaseTools && git submodule update --init --force
 	$(MAKE) -C $(edk2_dir)/BaseTools \
 		PYTHON_COMMAND=$${EDK2_PYTHON_COMMAND:-python3} \
 		EXTRA_OPTFLAGS='$(EDK2_BASETOOLS_OPTFLAGS)' \