From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 401D6D811B2 for ; Fri, 24 May 2024 16:00:28 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=BSE2gNcLChucFnczzrjV1JGVNpLWyDsRGgdI20wdHVI=; c=relaxed/simple; d=groups.io; h=From:To:Cc:References:In-Reply-To:Subject:Date:Message-ID:MIME-Version:Thread-Index:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding:Content-Language; s=20240206; t=1716566426; v=1; b=n/wKqKu3Z2Nz5phzDMQcDG5DEMFZDYNymDHuGJ92MkOD5SdJKS2Dp3vRqPN3H/cHzht5Zu1b cP1210v17FBNGuWuhsgdQaNg+Bro2dmdNGRxwJYdycFAjAoclbivoqn7x94dtzhrlbiti53cvpy q2h5LKdz+TmRgJm2XVFqe4yLNDPomiSLtGeQwE4h8rKal6pEhVDrf/A0Uladp/UzZhSfES3E5Gw 1HS223gXGCVqxDsVzrHvuhTzA+rCeVbKE3pFX9SbQZXLnsKUpJlWXQoivM3BZV9PKiMkWI7xRbI C8VgTKL4JFm2bUtdiKC9dEi8plAYijo2YP2lE6fzYy0Qw== X-Received: by 127.0.0.2 with SMTP id afrQYY7687511xdoVXJBe1vq; Fri, 24 May 2024 09:00:26 -0700 X-Received: from cxsh.intel-email.com (cxsh.intel-email.com [121.46.250.151]) by mx.groups.io with SMTP id smtpd.web10.19512.1716566425402898186 for ; Fri, 24 May 2024 09:00:26 -0700 X-Received: from cxsh.intel-email.com (localhost [127.0.0.1]) by cxsh.intel-email.com (Postfix) with ESMTP id 50B8EDDA7F9 for ; Sat, 25 May 2024 00:00:22 +0800 (CST) X-Received: from localhost (localhost [127.0.0.1]) by cxsh.intel-email.com (Postfix) with ESMTP id 4C5AADDA7E9 for ; Sat, 25 May 2024 00:00:22 +0800 (CST) X-Received: from mail.byosoft.com.cn (mail.byosoft.com.cn [58.240.74.242]) by cxsh.intel-email.com (Postfix) with SMTP id 1FC1FDDA78F for ; Sat, 25 May 2024 00:00:16 +0800 (CST) X-Received: from DESKTOPS6D0PVI ([114.92.182.254]) (envelope-sender ) by 192.168.6.13 with ESMTP(SSL) for ; Sat, 25 May 2024 00:00:08 +0800 X-WM-Sender: gaoliming@byosoft.com.cn X-Originating-IP: 114.92.182.254 X-WM-AuthFlag: YES X-WM-AuthUser: gaoliming@byosoft.com.cn From: "gaoliming via groups.io" To: , , , "'Ard Biesheuvel'" Cc: , "'Michael D Kinney'" , "'Andrew Fish'" , References: <20240524054512.523329-1-douglas.flick@microsoft.com> <001001daada8$358301a0$a08904e0$@byosoft.com.cn> <003a01daadba$7013d080$503b7180$@byosoft.com.cn> <5sjxcwodwg3esdvarhmgt4gfg5f77mrp5el4datcuuja3gxoce@jpuxyfjui2tx> <17D27450B424AC2B.30215@groups.io> In-Reply-To: <17D27450B424AC2B.30215@groups.io> Subject: =?UTF-8?B?5Zue5aSNOiBbZWRrMi1kZXZlbF0gW1BBVENIIHYzIDAwLzIwXSBOZXR3b3JrUGtnOiBDVkUtMjAyMy00NTIzNiBhbmQgQ1ZFLTIwMjMtNDUyMzc=?= Date: Sat, 25 May 2024 00:00:12 +0800 Message-ID: <007b01daadf3$75c0f8d0$6142ea70$@byosoft.com.cn> MIME-Version: 1.0 Thread-Index: AQKDb+eujiMXEG5By6JZvHytBKYtfALWmuKqAZt6qRcAzzvDVAIjd7W2AnjwhCoCrO89tK/wsXoA Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Fri, 24 May 2024 09:00:26 -0700 Resent-From: gaoliming@byosoft.com.cn Reply-To: devel@edk2.groups.io,gaoliming@byosoft.com.cn List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: Rs034ORWZxo3ElBqkjbBZUVyx7686176AA= Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Content-Language: zh-cn X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b="n/wKqKu3"; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=pass (policy=none) header.from=groups.io Hi, all Because this patch fixes two CVE, I decide to include them in this stable tag 202405.=20 https://github.com/tianocore/edk2/pull/5582 has been merged.=20 Thanks Liming > -----=D3=CA=BC=FE=D4=AD=BC=FE----- > =B7=A2=BC=FE=C8=CB: devel@edk2.groups.io =B4=FA=B1= =ED gaoliming via > groups.io > =B7=A2=CB=CD=CA=B1=BC=E4: 2024=C4=EA5=D4=C224=C8=D5 22:51 > =CA=D5=BC=FE=C8=CB: devel@edk2.groups.io; kraxel@redhat.com; 'Ard Biesheu= vel' > > =B3=AD=CB=CD: dougflick@microsoft.com; 'Michael D Kinney' > ; 'Andrew Fish' ; > quic_llindhol@quicinc.com > =D6=F7=CC=E2: =BB=D8=B8=B4: [edk2-devel] [PATCH v3 00/20] NetworkPkg: CVE= -2023-45236 and > CVE-2023-45237 >=20 > Gerd and Ard: > Thanks for your comments. I understand this CVE fix requires > EFI_RNG_PROTOCOL. I will add this requirement in the release note. >=20 > Thanks > Liming > > -----=D3=CA=BC=FE=D4=AD=BC=FE----- > > =B7=A2=BC=FE=C8=CB: devel@edk2.groups.io =B4=FA= =B1=ED Gerd > Hoffmann > > =B7=A2=CB=CD=CA=B1=BC=E4: 2024=C4=EA5=D4=C224=C8=D5 19:49 > > =CA=D5=BC=FE=C8=CB: Ard Biesheuvel > > =B3=AD=CB=CD: devel@edk2.groups.io; gaoliming@byosoft.com.cn; > > dougflick@microsoft.com; Michael D Kinney ; > > Andrew Fish ; quic_llindhol@quicinc.com > > =D6=F7=CC=E2: Re: [edk2-devel] [PATCH v3 00/20] NetworkPkg: CVE-2023-45= 236 and > > CVE-2023-45237 > > > > On Fri, May 24, 2024 at 11:41:04AM GMT, Ard Biesheuvel wrote: > > > On Fri, 24 May 2024 at 11:12, gaoliming via groups.io > > > wrote: > > > > > > > > Ard: > > > > Here is Doug PR https://github.com/tianocore/edk2/pull/5582 that > > includes 20 commits. You can check them. > > > > > > > > > > This looks fine to me in principle. > > > > > > Reviewed-by: Ard Biesheuvel > > > > > > However, IIUC, the impact of this series is that all out-of-tree > > > platforms that lack the right implementation of the EFI_RNG_PROTOCOL > > > (i.e., using a GUID that appears in the allowlist) will lose the > > > ability to do network boot. If that is a tolerable result, I am fine > > > with that too, but I think it needs to be made very clear in the > > > stable tag release notes. > > > > Tested the v3 series with OVMF, results are as expected: Without > > virtio-rng-pci network boot does not work. With virtio-rng-pci > > everything is fine. > > > > Tested-by: Gerd Hoffmann > > Acked-by: Gerd Hoffmann > > > > Agree that this must be noted in the release notes. > > > > Related: I'm working on patch series adding RngDxe to OVMF with > > runtime rdrand detection: > > https://github.com/kraxel/edk2/commits/devel/ovmf-rdrand/ > > > > take care, > > Gerd > > > > > > > > > > >=20 >=20 >=20 >=20 >=20 >=20 >=20 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#119258): https://edk2.groups.io/g/devel/message/119258 Mute This Topic: https://groups.io/mt/106284249/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-