| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| no-stack-protector-all-archs.diff | pass -fno-stack-protector to all GCC toolchains The upstream build rules inexplicably pass -fno-stack-protector only when building for i386 and amd64. Add this essential argument to the generic rules for gcc 4.8 and later. =================================================================== |
Steve Langasek <steve.langasek@ubuntu.com> | no | |||
| brotlicompress-disable.diff | Do not attempt to compile removed BrotliCompress source BrotliCompress is not currently used, and including an embedded copy of its source could cause false-positives when scanning for security issues. This code is stripped from our orig.tar (at the request of the Ubuntu security team), so we also need to disable the build. |
dann frazier <dannf@debian.org> | not-needed | 2019-06-25 | ||
| x64-baseline-abi.patch | Explicitly target generic x86-64 ABI The system compiler may be configured to target a higher x86-64 psABI by default, so explicitly target the generic psABI to retain compatibility with older machine types. |
dann frazier <dannf@debian.org> | yes | 2022-06-10 | ||
| Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch | Revert "ArmVirtPkg: make EFI_LOADER_DATA non-executable" The versions of GRUB most distros are shipping still depend on executable EFI_LOADER_DATA. Revert this upstream change until the necessary fixes are more generally available. diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index 462073517a..34575585ad 100644 |
dann frazier <dannf@debian.org> | yes | debian | 2022-12-29 | |
| 0001-ArmVirtPkg-ArmPlatformLibQemu-Ensure-that-VFP-is-on-.patch | [PATCH 1/2] ArmVirtPkg/ArmPlatformLibQemu: Ensure that VFP is on before running C code Now that we build the early code without strict alignment and without suppressing the use of SIMD registers, ensure that the VFP unit is on before entering C code. While at it, simplyify the mov_i macro, which is only used for 32-bit quantities. diff --git a/ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S b/ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S index 05ccc7f9f0..1787d52fbf 100644 |
Ard Biesheuvel <ardb@kernel.org> | no | https://edk2.groups.io/g/devel/message/98022 | 2023-01-09 | |
| 0002-ArmVirtPkg-ArmVirtQemu-Avoid-early-ID-map-on-Thunder.patch | [PATCH 2/2] ArmVirtPkg/ArmVirtQemu: Avoid early ID map on ThunderX The early ID map used by ArmVirtQemu uses ASID scoped non-global mappings, as this allows us to switch to the permanent ID map seamlessly without the need for explicit TLB maintenance. However, this triggers a known erratum on ThunderX, which does not tolerate non-global mappings that are executable at EL1, as this appears to result in I-cache corruption. (Linux disables the KPTI based Meltdown mitigation on ThunderX for the same reason) So work around this, by detecting the CPU implementor and part number, and proceeding without the early ID map if a ThunderX CPU is detected. Note that this requires the C code to be built with strict alignment again, as we may end up executing it with the MMU and caches off. diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index f77443229e..5dd8b6104c 100644 |
Ard Biesheuvel <ardb@kernel.org> | no | https://edk2.groups.io/g/devel/message/98023 | 2023-01-09 |