From: "Ard Biesheuvel" <ardb@kernel.org>
To: devel@edk2.groups.io, gaoliming@byosoft.com.cn
Cc: dougflick@microsoft.com, kraxel@redhat.com,
Michael D Kinney <michael.d.kinney@intel.com>,
Andrew Fish <afish@apple.com>,
quic_llindhol@quicinc.com
Subject: Re: [edk2-devel] [PATCH v3 00/20] NetworkPkg: CVE-2023-45236 and CVE-2023-45237
Date: Fri, 24 May 2024 11:41:04 +0200 [thread overview]
Message-ID: <CAMj1kXGiXpBgMBYMEd0BDSmsGXKr1XygNGCM40TiY9n4sOAW_A@mail.gmail.com> (raw)
In-Reply-To: <003a01daadba$7013d080$503b7180$@byosoft.com.cn>
On Fri, 24 May 2024 at 11:12, gaoliming via groups.io
<gaoliming=byosoft.com.cn@groups.io> wrote:
>
> Ard:
> Here is Doug PR https://github.com/tianocore/edk2/pull/5582 that includes 20 commits. You can check them.
>
This looks fine to me in principle.
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
However, IIUC, the impact of this series is that all out-of-tree
platforms that lack the right implementation of the EFI_RNG_PROTOCOL
(i.e., using a GUID that appears in the allowlist) will lose the
ability to do network boot. If that is a tolerable result, I am fine
with that too, but I think it needs to be made very clear in the
stable tag release notes.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119253): https://edk2.groups.io/g/devel/message/119253
Mute This Topic: https://groups.io/mt/106278600/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2024-05-24 9:41 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-24 5:44 [edk2-devel] [PATCH v3 00/20] NetworkPkg: CVE-2023-45236 and CVE-2023-45237 Doug Flick via groups.io
2024-05-24 5:44 ` [edk2-devel] [PATCH v3 01/20] EmulatorPkg: : Add RngDxe to EmulatorPkg Doug Flick via groups.io
2024-05-24 5:44 ` [edk2-devel] [PATCH v3 02/20] EmulatorPkg: : Add Hash2DxeCrypto " Doug Flick via groups.io
2024-05-24 5:44 ` [edk2-devel] [PATCH v3 03/20] OvmfPkg:PlatformCI: Support virtio-rng-pci Doug Flick via groups.io
2024-05-24 5:44 ` [edk2-devel] [PATCH v3 04/20] OvmfPkg: : Add Hash2DxeCrypto to OvmfPkg Doug Flick via groups.io
2024-05-24 5:44 ` [edk2-devel] [PATCH v3 05/20] ArmVirtPkg:PlatformCI: Support virtio-rng-pci Doug Flick via groups.io
2024-05-24 5:44 ` [edk2-devel] [PATCH v3 06/20] ArmVirtPkg: : Add Hash2DxeCrypto to ArmVirtPkg Doug Flick via groups.io
2024-05-24 5:44 ` [edk2-devel] [PATCH v3 07/20] SecurityPkg: RngDxe: Remove incorrect limitation on GetRng Doug Flick via groups.io
2024-05-24 5:53 ` Yao, Jiewen
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 08/20] NetworkPkg:: SECURITY PATCH CVE-2023-45237 Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 09/20] NetworkPkg: TcpDxe: SECURITY PATCH CVE-2023-45236 Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 10/20] MdePkg: : Add MockUefiBootServicesTableLib Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 11/20] MdePkg: : Adds Protocol for MockRng Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 12/20] MdePkg: Add MockHash2 Protocol for testing Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 13/20] NetworkPkg: Update the PxeBcDhcp6GoogleTest due to underlying changes Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 14/20] ArmPkg: Allow SMC/HVC monitor conduit to be specified at runtime Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 15/20] ArmVirtPkg: Move PcdMonitorConduitHvc Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 16/20] MdePkg/BaseRngLib AARCH64: Remove overzealous ASSERT() Doug Flick via groups.io
2024-05-24 6:47 ` 回复: " gaoliming via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 17/20] ArmVirtPkg/ArmVirtQemu: Permit the use of dynamic PCDs in PEI Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 18/20] ArmVirtPkg: Use dynamic PCD to set the SMCCC conduit Doug Flick via groups.io
2024-05-24 7:01 ` 回复: [edk2-devel] [PATCH v3 00/20] NetworkPkg: CVE-2023-45236 and CVE-2023-45237 gaoliming via groups.io
2024-05-24 7:07 ` Ard Biesheuvel
2024-05-24 9:12 ` 回复: " gaoliming via groups.io
2024-05-24 9:41 ` Ard Biesheuvel [this message]
2024-05-24 11:48 ` Gerd Hoffmann
2024-05-24 14:51 ` 回复: " gaoliming via groups.io
2024-05-24 16:50 ` [edk2-devel] " Doug Flick via groups.io
2024-05-25 4:33 ` 回复: " gaoliming via groups.io
[not found] ` <17D27450B424AC2B.30215@groups.io>
2024-05-24 16:00 ` gaoliming via groups.io
2024-05-29 13:09 ` Gerd Hoffmann
2024-05-30 5:07 ` 回复: " gaoliming via groups.io
2024-05-30 9:31 ` Gerd Hoffmann
2024-05-30 10:08 ` Michael Brown
2024-05-30 10:33 ` Gerd Hoffmann
2024-05-30 10:49 ` Michael Brown
2024-05-30 11:48 ` Gerd Hoffmann
-- strict thread matches above, loose matches on Subject: below --
2024-05-24 5:44 Doug Flick via groups.io
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAMj1kXGiXpBgMBYMEd0BDSmsGXKr1XygNGCM40TiY9n4sOAW_A@mail.gmail.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox