From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id BE152D800EA for ; Fri, 12 Jan 2024 19:16:03 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=ohQOM3K0cZtyD8W5GLxwU+xxASqeZniATeOj9248zWQ=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1705086962; v=1; b=wqA8muj1XDGD/3frcnx048kpPHoRXBOUG8OsWVrmOjSstH1Jaujpx/ycs2po/pG0Hwc3UEd4 0mIlkBA8wQlqiZLFK2HQOvjq+GEYCn8/0XJPd1R3TsZ6v83zxGqF9bh+RZTejb4OYCyOx8SvdK9 stI41dZB0shFrZBp0t1/wQAE= X-Received: by 127.0.0.2 with SMTP id NzNFYY7687511xfOGZO7eufg; Fri, 12 Jan 2024 11:16:02 -0800 X-Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) by mx.groups.io with SMTP id smtpd.web11.18607.1704997003974689052 for ; Thu, 11 Jan 2024 10:16:44 -0800 X-Received: by mail-pl1-f172.google.com with SMTP id d9443c01a7336-1d3ec3db764so23948375ad.2 for ; Thu, 11 Jan 2024 10:16:43 -0800 (PST) X-Gm-Message-State: RflAR54Es2lMGrDMO4fchUnJx7686176AA= X-Google-Smtp-Source: AGHT+IEXAbrI3PVxwoISnLg4GoHor/2URLJE7FCuPLz6lgrMFOy/gujNCbYsExBUYejDXW7jsJ5uZw== X-Received: by 2002:a17:902:768b:b0:1d3:bda3:4aa6 with SMTP id m11-20020a170902768b00b001d3bda34aa6mr98427pll.74.1704997003047; Thu, 11 Jan 2024 10:16:43 -0800 (PST) X-Received: from localhost.localdomain ([131.107.1.208]) by smtp.gmail.com with ESMTPSA id kd13-20020a17090313cd00b001d4752f5403sm1453414plb.206.2024.01.11.10.16.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 11 Jan 2024 10:16:42 -0800 (PST) From: "Doug Flick via groups.io" To: devel@edk2.groups.io Cc: "Douglas Flick [MSFT]" , Jiewen Yao Subject: [edk2-devel] [PATCH 0/6] SECURITY PATCHES TCBZ4117 & TCBZ4118 Date: Thu, 11 Jan 2024 10:16:00 -0800 Message-ID: MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dougflick@microsoft.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=wqA8muj1; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=none This patch series include the combined / merged security patches (as seperate commits) for TCBZ4117 (CVE-2022-36763) and TCBZ4118 (CVE-2022-36764) for DxeTpm2MeasureBootLib and DxeTpmMeasureBootLib. These patches have already been reviewed by SecurityPkg Maintainer (Jiewen) on GHSA. This patch series (specifically TCBZ4117) supersedes TCBZ2168. Cc: Jiewen Yao Douglas Flick [MSFT] (6): SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763 SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763 SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764 SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764 SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml SecurityPkg/Test/SecurityPkgHostTest.dsc | 2 + .../DxeTpm2MeasureBootLib.inf | 4 +- ...Tpm2MeasureBootLibSanitizationTestHost.inf | 28 ++ .../DxeTpmMeasureBootLib.inf | 4 +- ...eTpmMeasureBootLibSanitizationTestHost.inf | 28 ++ .../DxeTpm2MeasureBootLibSanitization.h | 139 +++++++ .../DxeTpmMeasureBootLibSanitization.h | 137 +++++++ .../DxeTpm2MeasureBootLib.c | 87 ++-- .../DxeTpm2MeasureBootLibSanitization.c | 319 +++++++++++++++ .../DxeTpm2MeasureBootLibSanitizationTest.c | 345 ++++++++++++++++ .../DxeTpmMeasureBootLib.c | 53 ++- .../DxeTpmMeasureBootLibSanitization.c | 285 +++++++++++++ .../DxeTpmMeasureBootLibSanitizationTest.c | 387 ++++++++++++++++++ SecurityPkg/SecurityFixes.yaml | 36 ++ SecurityPkg/SecurityPkg.ci.yaml | 2 + 15 files changed, 1801 insertions(+), 55 deletions(-) create mode 100644 SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2MeasureBootLibSanitizationTestHost.inf create mode 100644 SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTestHost.inf create mode 100644 SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.h create mode 100644 SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h create mode 100644 SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.c create mode 100644 SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2MeasureBootLibSanitizationTest.c create mode 100644 SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c create mode 100644 SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c create mode 100644 SecurityPkg/SecurityFixes.yaml -- 2.43.0 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113756): https://edk2.groups.io/g/devel/message/113756 Mute This Topic: https://groups.io/mt/103675434/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-