From: "Li, Yi" <yi1.li@intel.com>
To: "Yao, Jiewen" <jiewen.yao@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>,
Gerd Hoffmann <kraxel@redhat.com>
Cc: "dougflick@microsoft.com" <dougflick@microsoft.com>,
"Douglas Flick [MSFT]" <doug.edk2@gmail.com>
Subject: Re: [edk2-devel] [PATCH 0/6] SECURITY PATCHES TCBZ4117 & TCBZ4118
Date: Wed, 17 Jan 2024 08:15:00 +0000 [thread overview]
Message-ID: <SJ1PR11MB62274A7E2FEC73FDADEA8A7DC5722@SJ1PR11MB6227.namprd11.prod.outlook.com> (raw)
In-Reply-To: <MW4PR11MB587226F85045642EE4D79E378C722@MW4PR11MB5872.namprd11.prod.outlook.com>
Hi Jiewen,
Sounds strange, but new PRs in today all broken due to this issue, e.g.:
https://github.com/tianocore/edk2/pull/5210
https://github.com/tianocore/edk2/pull/5268
I checked build log, it matched the description from Gerd:
https://dev.azure.com/tianocore/11ea4a10-ac9f-4e5f-8b13-7def1f19d478/_apis/build/builds/114097/logs/350
2024-01-17T04:09:52.5996237Z INFO - /usr/bin/ld: DxeTpm2MeasureBootLibSanitization.obj (symbol from plugin): in function `SanitizeEfiPartitionTableHeader':
2024-01-17T04:09:52.6010570Z INFO - (.text+0x0): multiple definition of `SanitizeEfiPartitionTableHeader'; DxeTpmMeasureBootLibSanitization.obj (symbol from plugin):(.text+0x0): first defined here
2024-01-17T04:09:52.6020435Z INFO - /usr/bin/ld: DxeTpm2MeasureBootLibSanitization.obj (symbol from plugin): in function `SanitizeEfiPartitionTableHeader':
2024-01-17T04:09:52.6030987Z INFO - (.text+0x0): multiple definition of `SanitizePrimaryHeaderAllocationSize'; DxeTpmMeasureBootLibSanitization.obj (symbol from plugin):(.text+0x0): first defined here
2024-01-17T04:09:52.6040167Z INFO - /usr/bin/ld: DxeTpm2MeasureBootLibSanitization.obj (symbol from plugin): in function `SanitizeEfiPartitionTableHeader':
2024-01-17T04:09:52.6050625Z INFO - (.text+0x0): multiple definition of `SanitizePrimaryHeaderGptEventSize'; DxeTpmMeasureBootLibSanitization.obj (symbol from plugin):(.text+0x0): first defined here
2024-01-17T04:09:52.6061966Z INFO - /usr/bin/ld: DxeTpm2MeasureBootLibSanitization.obj (symbol from plugin): in function `SanitizeEfiPartitionTableHeader':
2024-01-17T04:09:52.6072661Z INFO - (.text+0x0): multiple definition of `SanitizePeImageEventSize'; DxeTpmMeasureBootLibSanitization.obj (symbol from plugin):(.text+0x0): first defined here
2024-01-17T04:10:12.9532147Z INFO - build.py...
2024-01-17T04:10:12.9593220Z INFO - : error 7000: Failed to execute command
2024-01-17T04:10:23.2054653Z INFO - build.py...
2024-01-17T04:10:23.2055014Z INFO - : error F002: Failed to build module
2024-01-17T04:10:23.2055379Z INFO - /__w/1/s/MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf [X64, GCC5, DEBUG]
-----Original Message-----
From: Yao, Jiewen <jiewen.yao@intel.com>
Sent: Wednesday, January 17, 2024 4:09 PM
To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io; Gerd Hoffmann <kraxel@redhat.com>
Cc: dougflick@microsoft.com; Douglas Flick [MSFT] <doug.edk2@gmail.com>
Subject: RE: [edk2-devel] [PATCH 0/6] SECURITY PATCHES TCBZ4117 & TCBZ4118
Please check https://github.com/tianocore/edk2/pull/5264. It is merged after pass CI.
May I know where you see PR CI builds are broken?
Thank you
Yao, Jiewen
> -----Original Message-----
> From: Li, Yi1 <yi1.li@intel.com>
> Sent: Wednesday, January 17, 2024 3:21 PM
> To: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>; Gerd
> Hoffmann <kraxel@redhat.com>
> Cc: dougflick@microsoft.com; Douglas Flick [MSFT]
> <doug.edk2@gmail.com>
> Subject: RE: [edk2-devel] [PATCH 0/6] SECURITY PATCHES TCBZ4117 &
> TCBZ4118
>
> Hi Jiewen,
>
> All EDK2 PR CI builds of OvmfPkg are broken due to this issue.
> Maybe we didn't have enough time to wait feedback and should fix the
> CI issue first.
>
> Regards,
> Yi
>
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao,
> Jiewen
> Sent: Tuesday, January 16, 2024 10:38 PM
> To: Gerd Hoffmann <kraxel@redhat.com>; devel@edk2.groups.io
> Cc: dougflick@microsoft.com; Douglas Flick [MSFT]
> <doug.edk2@gmail.com>
> Subject: Re: [edk2-devel] [PATCH 0/6] SECURITY PATCHES TCBZ4117 &
> TCBZ4118
>
> Sure. Let's start from OVMF.
>
> We have leaf enough time for feedback, but I see no comment from other people.
>
>
> > -----Original Message-----
> > From: Gerd Hoffmann <kraxel@redhat.com>
> > Sent: Tuesday, January 16, 2024 10:35 PM
> > To: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>
> > Cc: dougflick@microsoft.com; Douglas Flick [MSFT]
> > <doug.edk2@gmail.com>
> > Subject: Re: Re: [edk2-devel] [PATCH 0/6] SECURITY PATCHES TCBZ4117
> > &
> > TCBZ4118
> >
> > On Tue, Jan 16, 2024 at 01:30:43PM +0000, Yao, Jiewen wrote:
> > > Gerd
> > > I have merged this patch set today.
> > >
> > > I am fine to remove TPM1.2 in OVMF because of the known security
> limitation.
> >
> > I was thinking about the complete edk2 code base not only OVMF.
> >
> > But I can surely start with OVMF. Maybe it is the only platform
> > affected because on physical hardware you usually know whenever TPM
> > 1.2 or TPM 2.0 is present so there is no need to include both.
> >
> > take care,
> > Gerd
>
>
>
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#113937): https://edk2.groups.io/g/devel/message/113937
Mute This Topic: https://groups.io/mt/103675434/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2024-01-17 8:15 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-11 18:16 [edk2-devel] [PATCH 0/6] SECURITY PATCHES TCBZ4117 & TCBZ4118 Doug Flick via groups.io
2024-01-11 18:16 ` [edk2-devel] [PATCH 1/6] SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763 Doug Flick via groups.io
2024-01-11 18:16 ` [edk2-devel] [PATCH 2/6] SecurityPkg: DxeTpmMeasureBootLib: " Doug Flick via groups.io
2024-01-11 18:16 ` [edk2-devel] [PATCH 3/6] SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml Doug Flick via groups.io
2024-01-11 18:16 ` [edk2-devel] [PATCH 4/6] SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764 Doug Flick via groups.io
2024-01-11 18:16 ` [edk2-devel] [PATCH 5/6] SecurityPkg: DxeTpmMeasureBootLib: " Doug Flick via groups.io
2024-01-11 18:16 ` [edk2-devel] [PATCH 6/6] SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml Doug Flick via groups.io
2024-01-12 1:50 ` [edk2-devel] [PATCH 0/6] SECURITY PATCHES TCBZ4117 & TCBZ4118 Yao, Jiewen
2024-01-16 7:59 ` Yao, Jiewen
2024-01-16 12:00 ` Gerd Hoffmann
2024-01-16 13:30 ` Yao, Jiewen
2024-01-16 14:34 ` Gerd Hoffmann
2024-01-16 14:38 ` Yao, Jiewen
2024-01-17 7:21 ` Li, Yi
2024-01-17 8:08 ` Yao, Jiewen
2024-01-17 8:15 ` Li, Yi [this message]
2024-01-17 8:23 ` Yao, Jiewen
2024-01-17 14:05 ` Gerd Hoffmann
2024-01-17 14:12 ` Yao, Jiewen
2024-01-17 21:04 ` Doug Flick via groups.io
2024-01-17 22:49 ` Doug Flick via groups.io
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=SJ1PR11MB62274A7E2FEC73FDADEA8A7DC5722@SJ1PR11MB6227.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox