| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| no-stack-protector-all-archs.diff | pass -fno-stack-protector to all GCC toolchains The upstream build rules inexplicably pass -fno-stack-protector only when building for i386 and amd64. Add this essential argument to the generic rules for gcc 4.8 and later. =================================================================== |
Steve Langasek <steve.langasek@ubuntu.com> | no | |||
| brotlicompress-disable.diff | Do not attempt to compile removed BrotliCompress source BrotliCompress is not currently used, and including an embedded copy of its source could cause false-positives when scanning for security issues. This code is stripped from our orig.tar (at the request of the Ubuntu security team), so we also need to disable the build. |
dann frazier <dannf@debian.org> | not-needed | 2019-06-25 | ||
| ovmf-vars-generator-Pass-OEM-Strings-to-the-guest.patch | [PATCH] Pass OEM Strings to the guest Fixes #25 As a stop-gap solution to #25, expose the feature added in QEMU commit 2d6dcbf93fb0 ("smbios: support setting OEM strings table", 2017-12-05) with the new option "--oemstring". The caller of "ovmf-vars-generator" can format the PK/KEK1 certificate that is the subject of #25 as a base64-encoded string, preceded by an application prefix. This string can now be passed to "EnrollDefaultKeys.efi" with "--oemstring". |
Laszlo Ersek <lersek@redhat.com> | no | 2019-05-17 | ||
| ovmf-vars-generator-ignore-qemu-warnings.patch | Skip any warnings from QEMU while waiting for UEFI output =================================================================== |
dann frazier <dannf@ubuntu.com> | no | 2019-08-01 | ||
| ovmf-vars-generator-no-defaults.patch | =================================================================== | no | ||||
| 0001-SecurityPkg-Create-SecureBootVariableLib.patch | [PATCH 1/6] SecurityPkg: Create SecureBootVariableLib. This commits add library, which consist helper functions related to creation/removal Secure Boot variables. Some of the functions was moved from SecureBootConfigImpl.c file. [ dannf: Drop all functions except GetSetupMode() ] |
Grzegorz Bernacki <gjb@semihalf.com> | yes | upstream | https://github.com/tianocore/edk2/commit/bb806a6e88fb9744412f1698fb534429b14c93e0 | 2024-02-13 |
| 0002-ArmVirtPkg-add-SecureBootVariableLib-class-resolutio.patch | [PATCH 3/6] ArmVirtPkg: add SecureBootVariableLib class resolution The edk2 patch SecurityPkg: Create library for setting Secure Boot variables. moves generic functions from SecureBootConfigDxe and places them into SecureBootVariableLib. This patch adds SecureBootVariableLib mapping for ArmVirtPkg platform. [ dannf: Drop SecureBootVariableProvisionLib ] |
Grzegorz Bernacki <gjb@semihalf.com> | no | 2021-08-02 | ||
| 0003-OvmfPkg-add-SecureBootVariableLib-class-resolution.patch | [PATCH 4/6] OvmfPkg: add SecureBootVariableLib class resolution The edk2 patch SecurityPkg: Create library for setting Secure Boot variables. moves generic functions from SecureBootConfigDxe and places them into SecureBootVariableLib. This patch adds SecureBootVariableLib mapping for OvmfPkg. [ dannf: Drop SecureBootVariableProvisionLib ] |
Grzegorz Bernacki <gjb@semihalf.com> | no | 2021-08-02 | ||
| 0004-SecurityPkg-SecureBootVariableLib-Added-newly-suppor.patch | [PATCH] SecurityPkg: SecureBootVariableLib: Added newly supported interfaces This change updated the interfaces provided by SecureBootVariableLib. The new additions provided interfaces to enroll single authenticated variable from input, a helper function to query secure boot status, enroll all secure boot variables from UefiSecureBoot.h defined data structures, a as well as a routine that deletes all secure boot related variables. [ dannf: Context adjustments ] |
kuqin <kuqin@microsoft.com> | yes | upstream | https://github.com/tianocore/edk2/commit/6eb407947592e084110a124be089bef167af1383 | 2024-02-13 |
| Disable-the-Shell-when-SecureBoot-is-enabled.patch | Shell: Disable the Shell when SecureBoot is enabled and not in SetupMode | Mate Kukri <mate.kukri@canonical.com> | no | 2023-12-06 |