From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 6847C7803DB for ; Wed, 17 Jan 2024 07:21:22 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=X2O297xJfdZCcCx0euC1JzJAYqGI+C9NUOqtZ59zTr0=; c=relaxed/simple; d=groups.io; h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1705476081; v=1; b=XIG0EgTQXvHiY4iDzX85muhfEytifoaaQrGZYHsYneo7AtgRNQOiQSylqOTG393eJPzfwBP9 8DtS+utUD6OX8V9xwrRawx2lwoW5XZQ5fnQ1eig7ZmPZG8UxOhAtk0CI+XULze/zH7XPgvdWU6a jv7yD9d1Qn4r6MwEij6ELPUM= X-Received: by 127.0.0.2 with SMTP id dJmmYY7687511xIYJgwoscYf; Tue, 16 Jan 2024 23:21:21 -0800 X-Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.13]) by mx.groups.io with SMTP id smtpd.web11.4339.1705476080495214893 for ; Tue, 16 Jan 2024 23:21:20 -0800 X-IronPort-AV: E=McAfee;i="6600,9927,10955"; a="7188616" X-IronPort-AV: E=Sophos;i="6.05,200,1701158400"; d="scan'208";a="7188616" X-Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Jan 2024 23:21:21 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,200,1701158400"; d="scan'208";a="26085412" X-Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by orviesa002.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 16 Jan 2024 23:21:20 -0800 X-Received: from fmsmsx601.amr.corp.intel.com (10.18.126.81) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Tue, 16 Jan 2024 23:21:19 -0800 X-Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Tue, 16 Jan 2024 23:21:19 -0800 X-Received: from NAM04-BN8-obe.outbound.protection.outlook.com (104.47.74.40) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Tue, 16 Jan 2024 23:21:18 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dPQ+LqEkhPEbIQUwm/4b7qKIaUXMc9Pq5/8u44nGgQHbazNk8Hq/ljFsfAJQe0FXLAhRTegIB0tQX3ogVDCA3Q+ktQwFrsKpMVP+SmH/NLiyq+RrPlSRR8/yi3kJmBybFMrTwHPw4oYMrrhdazz6o1p1iayQcQhc8355VMdMOpqX22XUZw+uF0NTBWU019qNrF4R/dodbR8N40sMtVh0U5CWk58N2AJ/SjHbJqGpGF7SdeeO90xd9tTu/tjkcvnka2os5zgI2pSciVnlzbIIrdn09rAPk1Ew7KfAXzl1+iNXfoM31rwFuS+4eouunFsEuENVi9SNDk6+hQz1VeCIjA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=st1Jp/Qu9AFdUDJ4LkArDN05vhPTDuCap7Fb40UkwHs=; b=db38N7fMN/QH4qNFasOS70ISCu+dmlZ+aOB0F+wLxijn6vQpnOQ8KoCP4g+P0k5Vr1mpy0uRt81YDoOnjCNxwm9iRxBYKJtpovuYD0qnHBiSBzhiUYa5676NcYhhlLD1sqsLMGNCP39TbVzocaetTvlkhBKgsueKxpEiz2499G9VqlWZMwQRfgRXT8iMD3hnEoxfINnWC/4n1BvzRfXKW+qdp68OmRYzU9ciBycEKPkKCJqVhWctysbwMyEYoZ0G8YhO0R67mT7P3sNuXdgbmFIQFdBADMp74V29im5wz9fkzzfguUuOGfsOPL8KjQ+oGK1lS2ivuxY1UZDuK6/XlQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com (2603:10b6:a03:45a::10) by PH0PR11MB5879.namprd11.prod.outlook.com (2603:10b6:510:142::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7202.23; Wed, 17 Jan 2024 07:21:16 +0000 X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::c9e4:c4a2:dd30:3ec5]) by SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::c9e4:c4a2:dd30:3ec5%4]) with mapi id 15.20.7181.026; Wed, 17 Jan 2024 07:21:16 +0000 From: "Li, Yi" To: "devel@edk2.groups.io" , "Yao, Jiewen" , Gerd Hoffmann CC: "dougflick@microsoft.com" , "Douglas Flick [MSFT]" Subject: Re: [edk2-devel] [PATCH 0/6] SECURITY PATCHES TCBZ4117 & TCBZ4118 Thread-Topic: [edk2-devel] [PATCH 0/6] SECURITY PATCHES TCBZ4117 & TCBZ4118 Thread-Index: AQHaRLo65kqNPAWQ/EurLYl0cPys1LDcXdsAgAAZGICAABHyAIAAAOGAgAEW6gA= Date: Wed, 17 Jan 2024 07:21:16 +0000 Message-ID: References: <2t6cs4djbxujhdglj5ok4y4we6jhnemgztttetunda3hv4zef5@cn4jew2nlhud> In-Reply-To: Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: SJ1PR11MB6227:EE_|PH0PR11MB5879:EE_ x-ms-office365-filtering-correlation-id: c606fb46-f16d-41ac-8acf-08dc172ce4b0 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: m4TlC4xiA+/PLflyaKSUH/8TXBEUzXSf6qfXt4vt11n3nP1ojLEBikRhJ4ddsoaddl1HT3pyZBHTLNUOf8zd5AyUpog/unthxfc3IqtdXubmlBDGMlrvOPi5SdQ8UHZvYeyz4FnC1JGkt84SbO9rlk50RuUTcGAi2394DMIoKULv74/ipkJ3sRvuiB408T0RPeMh4PHQHoHRjrccuNQTFVMp2zFqSJM+52UiMwfjsG6+a6IH8SnLfNqRSY4U6M0yw1wMlK4w/qksCiSMSpZLNzbADmA07CUHnXs6C/bfITYGVin52R3c+op4C4ZtG0QvgRpcIrkpW84bCe6w82+0Vlwo8wFUDn7YXcxbcSpPl9UdHKwEjBOOgVzXjPo0zLfdZkItkJIPISh1Onn+r+gLDnrhYjCbGXfpDNlUNIVHZcaiPcvbQRxTqTYGhmeSqoi6+p71iLFdqEbaoRhRvpzK1+6HB+GmEzRcWIwItRZyiFRfJnuWZWr9V5RffW3hewVUKbOU+nk/egpWJrlgcW9IMTVlvqLQNG97OLmBr6CkEHtbFLE/mxi4f+3I9x1KgXxKAov7XHcpSLxECGduFCAVK89Nk7eukIFVZCnTl8VYscsILZYD7sf9RQHieMyMBiw3PV0LPXhXxMEKrmicudHrxA== x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?bRLKozXaglvmidqfhfPcDzC/WSvop2p0HBAYEqWRfkPpzr8blWgcI9cnghTR?= =?us-ascii?Q?izOZMzoLfTSNgOXFlQiooVcwut+6JZdN541t1ZIIxrcdVrZoin8sUh32I+6M?= =?us-ascii?Q?iMk8IPncbOfzn1CuXZT86/1bMFD66oLLf3T7OWMPLNkwEuPl6D2bg5LYQjeA?= =?us-ascii?Q?SEN/kF6pe7MYfjvZjpQhfmt+G4/rk8qcksFROj5pEpti+OLejOJkrVkBIT0P?= =?us-ascii?Q?9pYfX4GtNm/8uyKU2lqIYx/umbIi8pyHBolgGJluWayVHkk3pmrtbtbe1YZ/?= =?us-ascii?Q?dpYNs+8omhkKbuHvtkyRezOSKKCBAKygS6IkJBtCiNm2cKHPAFFT1EFJQIQ4?= =?us-ascii?Q?kMC/2YDP3pjyD+LtfkMKFUQDE7Rp9kqSUnZz2YYpNqfHbi6QMglZWL8WM1nA?= =?us-ascii?Q?akOlKiQ7PoqW7gM7e9wJGtn3xkCXUz0ufqrK5bEPiv2PrwSqMkPvJIkquwkj?= =?us-ascii?Q?4whXZ4F+vLSzJDOsvFMJudZ8XZUxcwx1MhxZL9/WJUOXjR/isjWbd1GUmZ5w?= =?us-ascii?Q?ihAg6ktRhoQifZcc/0z7fs8/aTxtUpFQ2ZQb0gnsRpyiuaIwW098rxn4DR6d?= =?us-ascii?Q?5ybCfSXDyOIWs/nUOjK4Tm2mrZcHfdLjsdC/fOQUSb47/QRtLLOPSSzJ3VVI?= =?us-ascii?Q?h09iyZe7Q1s41NU4pXhcTkbW/8pwWJcc7DdoNtdYQoRF2W4OPqpTs5kTqiV+?= =?us-ascii?Q?KNTRCH4/E3SVxHVbh1frcHuNQFsAn7xfyyZjFyF7qFxprUaGSSHWZfGvhDsZ?= =?us-ascii?Q?g3K6EMldGeKYElfwLFktY2YmowqHf1mhUwvD4ynCEy4s1/vIncA0KjYy58ac?= =?us-ascii?Q?UDneXGbUg2MN99gnujJat6Z+U9oSENgbHOH+yfJTpED1N5ziWlHHK9UMnIPC?= =?us-ascii?Q?RzpdShx8MiHMwda/esy3LjPrS/7a4SGFRfPwsqENH0dmsRLlu5+MMpWPUBvp?= =?us-ascii?Q?ROFWQ1/0+gTBiQunr4HQRf1UcUs0hm5LaxRnThBCt6/dc8T3BrH8wJISwimo?= =?us-ascii?Q?hSFLtDaucz5Pn5aNY5VV3reiMKi+vceqb/Cpr6plEMt0BH0akf3kj7jwK2jb?= =?us-ascii?Q?ujLqbUkNa6XiYZt/xAcn88KnvI0vJABHnnENn+ra46RjNcIHrJZDBjKsZ6wT?= =?us-ascii?Q?5ZvW2Ibyua9OpFQsWmY4fTe7l3kUheGdLGJ8BvyvC2NcGewJD1Kg361mCNrd?= =?us-ascii?Q?3epqQOmtr2k6wizUm1pEvmFQj+mBNh+Fr35uJ+L9UCXNil0BoF31hZJJOgrI?= =?us-ascii?Q?9YMZR29gpzSTI3LIKZIZl8lck7PH8FWOzTDHhnbUqsdMC1Of8DzxhRgCA5D2?= =?us-ascii?Q?vvRNi7BcfbMnEU8+rRTa340kwFhkrxm4O3PYm1j8HqttUkPVQIpUYfjxxbZM?= =?us-ascii?Q?kwZ8DmL8p432Z5g78OCI2SlyoCjcdnwJGnhi7sMcWsDdhxckTl8QR+3Cd18m?= =?us-ascii?Q?9LDFlptcptiOo4IRPx92zAh6Ui52YuzKzODNH76yWet14r8ZTC2tMpjm2cDM?= =?us-ascii?Q?fLYAeZ8VSj6xWRaityixos+o2xrOLingJfS/tWr36IQtPFBGaCvBdcmLi2j9?= =?us-ascii?Q?27nLzIAaJ6oXo8MB0Tc=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SJ1PR11MB6227.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: c606fb46-f16d-41ac-8acf-08dc172ce4b0 X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jan 2024 07:21:16.2512 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: NmApgoFD5PGwTcjhklbwWFwen62w+jxC/R0QWiYZ5g9QiOOrAmQOqp00Rrif0mKlFP+Sx+BvLrAGW8/8lZ8Pww== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5879 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,yi1.li@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: T4Eqh7QSeYLAmCQQbyMQj33Mx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=XIG0EgTQ; arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}"); dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Hi Jiewen, All EDK2 PR CI builds of OvmfPkg are broken due to this issue. Maybe we didn't have enough time to wait feedback and should fix the CI iss= ue first. Regards, Yi -----Original Message----- From: devel@edk2.groups.io On Behalf Of Yao, Jiewen Sent: Tuesday, January 16, 2024 10:38 PM To: Gerd Hoffmann ; devel@edk2.groups.io Cc: dougflick@microsoft.com; Douglas Flick [MSFT] Subject: Re: [edk2-devel] [PATCH 0/6] SECURITY PATCHES TCBZ4117 & TCBZ4118 Sure. Let's start from OVMF. We have leaf enough time for feedback, but I see no comment from other peop= le. > -----Original Message----- > From: Gerd Hoffmann > Sent: Tuesday, January 16, 2024 10:35 PM > To: devel@edk2.groups.io; Yao, Jiewen > Cc: dougflick@microsoft.com; Douglas Flick [MSFT]=20 > > Subject: Re: Re: [edk2-devel] [PATCH 0/6] SECURITY PATCHES TCBZ4117 & > TCBZ4118 >=20 > On Tue, Jan 16, 2024 at 01:30:43PM +0000, Yao, Jiewen wrote: > > Gerd > > I have merged this patch set today. > > > > I am fine to remove TPM1.2 in OVMF because of the known security limita= tion. >=20 > I was thinking about the complete edk2 code base not only OVMF. >=20 > But I can surely start with OVMF. Maybe it is the only platform=20 > affected because on physical hardware you usually know whenever TPM=20 > 1.2 or TPM 2.0 is present so there is no need to include both. >=20 > take care, > Gerd -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113933): https://edk2.groups.io/g/devel/message/113933 Mute This Topic: https://groups.io/mt/103675434/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-