31 Oct 22:35

github-actions

430fabd

v2024050000.0.3 Latest

Latest

What's Changed

[Cherry-Pick] Tcg2Smm: Added support for Standalone Mm [RB\&FF] @apop5 (#351)
Change Details
## Description
Cherry-Picking tianocore/edk2#5728 from edk2.

This change added Standalone MM instance of Tcg2. The notify function for
Standalone MM instance is left empty.

A dependency DXE driver with a Depex of gEfiMmCommunication2ProtocolGuid
was created to indicate the readiness of Standalone MM Tcg2 driver.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

Platform using standalone mm required these changes for Tcg2 MM support to corectly work.

Integration Instructions

There should be no changes for existing platforms using smm.

[Cherry-Pick] Convert line endings to CRLF @apop5 (#352)
Change Details
## Description
Convert line endings to CRLF so we are compliant with the LineEndingCheck plugin.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

N/A

Integration Instructions

N/A
```
  </blockquote>
  <hr>
</details>
```

Full Changelog: v2024050000.0.2...v2024050000.0.3

Contributors

apop5

Assets 2

24 Sep 13:56

github-actions

v2024050000.0.2

c5944c1

v2024050000.0.2

What's Changed

[CHERRY-PICK] [REBASE \& FF] Revert Mu Commit in Favor of edk2 Commit @os-d (#328)
Change Details
## Description
This reverts a Mu commit that has been upstreamed and cherry-picks the upstream version.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

N/A.

Integration Instructions

N/A.

Full Changelog: v2024050000.0.1...v2024050000.0.2

Contributors

os-d

Assets 2

12 Sep 17:40

github-actions

v2024050000.0.1

ef21d6d

v2024050000.0.1

What's Changed

[CHERRY-PICK][REBASE \& FF] Revert Mu Commits In Favor of edk2 Commits @os-d (#327)
Change Details
## Description
This PR is the current set of mu_tiano_plus commits I have upstreamed to edk2 from release/202405. Some of these had changes from edk2, so it is not a 1:1 revert to commit.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

N/A.

Integration Instructions

N/A.
```
  </blockquote>
  <hr>
</details>
```

Full Changelog: v2024050000.0.0...v2024050000.0.1

Contributors

os-d

Assets 2

26 Aug 22:45

apop5

v2024050000.0.0

142bd8b

v2024050000.0.0

Initial Release notes of 202405 contain a full list of mu changes on top of edk2-stable202405

PR associated with the commit can be found at the bottom of the information pane reached by clicking on the commit hash

What's Changed## 🚀 Features & ✨ Enhancements

GitHub Action: Bump robinraju/release-downloader from 1.10 to 1.11 (#320)

Change Details

142bd8b

pip: Update all pip-requirements to latest. (#326)

Change Details

7eac210

Repo File Sync: 202405 Branch Transition Updates. (#325)

Change Details

f9282bf

SecurityPkg: CodeQL Fixes.

Change Details

07d1bea

EmbeddedPkg: CodeQL Fixes.

Change Details

0704fc9

FmpDevicePkg: CodeQL Fixes.

Change Details

a92830e

FatPkg: CodeQL Fixes.

Change Details

b0a03e0

Updated Release Notes. (#319)

Change Details

23a0512

[202405][Rebase&&FF] Everything MS Changes (#311)

Change Details

2f03c18

SecurityPkg: Move Platform Lockdown to EndOfDxe event

Change Details

2cb135b

EmbeddedPkg: Enable build under VS2019 and fix build errors. (#282)

Change Details

c4264f3

Require cspell 5.20.0

Change Details

d41d3eb

SecurityPkg: Support special case where PK is being deleted

Change Details

96bca8b

SecurityPkg: Remove custom mode setting during PK deletion

Change Details

1c013ee

SecurityPkg: Allow unsigned PK's to be set when we don't have a PK already

Change Details

c9e819c

SecurityPkg: Add Pkcs7 EKU PCD for FmpAuthentication Lib

Change Details

d326e61

FmpDevicePkg: Add Eku PCD to FmpDxe

Change Details

3f714ec

SecurityPkg: Adding dTPM support for MM Core module type (#259)

Change Details

56cb462

SecurityPkg: Add an assert to TCG log function if log is full (#257)

Change Details

d78768e

SecurityPkg: Added NULL implementation for Tcg2PreUefiEventLogLib (#235)

Change Details

73c5b5a

SecurityPkg: Tcg2Smm: Inspect target address before usage (#195)

Change Details

312f7c0

SecurityPkg: Minimized TCG2 Physical Presence Interface Library

Change Details

e40760c

SecurityPkg: Add gEfiTcg2MuProtocolGuid & Log Only function Interface

Change Details

fdc4c58

SecurityPkg: Additional helper functions to Tpm2CommandLib

Change Details

dfb9dd5

SecurityPkg: Add a PCD to skip Tcg2Smm ACPI table measurement

Change Details

fe0091e

SecurityPkg: Tcg2Dxe ExitBootServicesFailed handler TPL change to CALLBACK

Change Details

21cdd73

SecurityPkg: Add NvUndefineSpaceSpecial to the Tpm2CommandLib.

Change Details

58a8d02

SecurityPkg: Add support for Excluded Fvs in Dxe Tpm2 MeasuredBootLib

Change Details

4352a67

SecurityPkg: Improve PCR allocation enforcement for varied platform support.

Change Details

a5cb3d8

SecurityPkg: Break out the PromptForUserConfirmation() function from Tcg2 PPI.

Change Details

8aeb4a5

SecurityPkg: Improved performance changes for TCG2 modules

Change Details

0b8e9e7

SecurityPkg: Add Pre-TCG measurements to logs

Change Details

ca7a21b

SecurityPkg: Add support for Tpm2PolicyLocality assertions.

Change Details

c39061e

SecurityPkg: Add Tpm2DebugLib to support detailed logging

Change De...

Assets 2

16 Jul 14:33

github-actions

v2023110001.1.0

9cf63ae

v2023110001.1.0

What's Changed

🚀 Features & ✨ Enhancements

SecurityPkg: Add RngPei @makubacki (#277)
Change Details
## Description
The RngPei PEIM can be used if RNG should be provided over a dynamic
binary interface to other PEIMs on a platform.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- SecurityPkg CI
- Verify RNG linked with RngLib is executed as expected
- Verify random numbers are generated successfully with a valid RngLib
Integration Instructions

Use the RngPei module if a platform needs to produce gEfiRngPpiGuid.

The platform should usually link a different RngLib instance to RngPei
than other PEIMs that may use the RNG PPI produced since RngPei is responsible
for producing the PPI.

For example, a RngLib instance that uses the rdrand instruction may be linked
against RngPei and a RngLib instance that uses the RNG PPI may be linked
against other PEIMs.

Full Changelog: v2023110001.0.1...v2023110001.1.0

Contributors

makubacki

Assets 2

16 Jul 14:33

github-actions

v2023020001.1.0

d9ff93b

v2023020001.1.0

What's Changed

🚀 Features & ✨ Enhancements

[CHERRY-PICK] SecurityPkg: Add RngPei @makubacki (#278)
Change Details
## Description
The RngPei PEIM can be used if RNG should be provided over a dynamic
binary interface to other PEIMs on a platform.

(cherry picked from mu_basecore/release/202311)
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- SecurityPkg CI
- Verify RNG linked with RngLib is executed as expected
- Verify random numbers are generated successfully with a valid RngLib
Integration Instructions

Use the RngPei module if a platform needs to produce gEfiRngPpiGuid.

The platform should usually link a different RngLib instance to RngPei
than other PEIMs that may use the RNG PPI produced since RngPei is responsible
for producing the PPI.

For example, a RngLib instance that uses the rdrand instruction may be linked
against RngPei and a RngLib instance that uses the RNG PPI may be linked
against other PEIMs.

Full Changelog: v2023020001.0.1...v2023020001.1.0

Contributors

makubacki

Assets 2

30 May 16:42

github-actions

v2023110001.0.1

7fe1fbe

v2023110001.0.1

What's Changed

Restore Device Security [Rebase \& FF] @makubacki (#276)
Change Details
## Description
Resolves #275

CHANGE 1:

SecurityPkg: Restore DeviceSecurity (and libspdm submodule)

Reverts the following commit:

"SecurityPkg: Temporarily remove DeviceSecurity (and libspdm) from build"
(11506d5)

The libspdm submodule is updated in the following commit to use a
cmocka from a more reliable host (GitLab). This revert is necessary
for that cherry-pick from edk2 to apply.

CHANGE 2:

[CHERRY-PICK] SecurityPkg: Update libspdm submodule to use GitLab cmocka repo

As noted in DMTF/libspdm#2707, the cmocka
submodule on cryptomilk is unreliable and impacting downstream
consumer builds of SecurityPkg. This is considered a regression in
that pre-existing workflows that clone and recursively initialize
the repo are now broken.

The cmocka host was switched to a more reliable gitlab host in
DMTF/libspdm#2710. This change updates the
submodule in edk2 to use that commit so edk2 users are not blocked
by cryptomilk.org service issues.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- SecurityPkg CI build
Integration Instructions
- First, note that this PR reverts PR #272.
  - Review any changes you may have made in response to that PR.
- This PR adds the DeviceSecurity code back to the SecurityPkg build. That should not impact downstream users as the code was not removed, only not built in SecurityPkg.
- The libspdm submodule is added back. That submodule will now be present for downstream repos (and SecurityPkg code) to use.

Full Changelog: v2023110001.0.0...v2023110001.0.1

Contributors

makubacki

Assets 2

22 May 22:11

github-actions

v2023110001.0.0

5651289

v2023110001.0.0

What's Changed

⚠️ Breaking Changes

SecurityPkg: Temporarily remove DeviceSecurity (and libspdm) from build @makubacki (#272)
Change Details
## Description
The SecurityPkg/DeviceSecurity/SpdmLib/libspdm submodule contains a
unit_test/cmockalib/cmocka submodule to https://git.cryptomilk.org/projects/cmocka.git.

cryptomilk.org is very unreliable and breaking all builds right now.
Since the DeviceSecurity content is not actively used in any main
branches, this change removes the libspdm submodule from the package
which, in turn, leads to removal of the content dependent on the
submodule.

These changes are made such that this commit can be reverted in the future.

That will easily restore everything after the libspdm submodule is updated
to find a more reliable host than cryptomilk.org.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- SecurityPkg CI build
Integration Instructions
- This is a temporary change. It is expected to be reverted soon.
  - If you depend on the libspdm submodule in SecurityPkg, it is
    recommended to stay on the commit prior to its removal and wait
    for it to be restored in a future commit.
  - If you do not depend on the libspdm submodule, there is not impact.
- If you pick up this change be aware that any files in your build
  dependent on the libspdm submodule will fail.

Full Changelog: v2023110000.1.0...v2023110001.0.0

Contributors

makubacki

Assets 2

22 Mar 20:04

github-actions

v2023110000.0.5

1c115e6

v2023110000.0.5

What's Changed

Add an assert to TCG log function if log is full @cfernald (#257)
Change Details
## Description
Currently, if the TCG log fills up, the firmware will boot only logging some errors and the OS may or may not fail depending on scenario and configuration. This PR adds an assert so that these truncations can be found in testing rather then having to wait for failures in production.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

N/A

Integration Instructions

N/A

Full Changelog: v2023110000.0.4...v2023110000.0.5

Contributors

cfernald

Assets 2

Releases: microsoft/mu_tiano_plus

v2024050000.0.3

What's Changed

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

Contributors

v2024050000.0.2

What's Changed

How This Was Tested

Integration Instructions

Contributors

v2024050000.0.1

What's Changed

How This Was Tested

Integration Instructions

Contributors

v2024050000.0.0

What's Changed## 🚀 Features & ✨ Enhancements

v2023110001.1.0

What's Changed

🚀 Features & ✨ Enhancements

How This Was Tested

Integration Instructions

Contributors

v2023020001.1.0

What's Changed

🚀 Features & ✨ Enhancements

How This Was Tested

Integration Instructions

Contributors

v2023110001.0.1

What's Changed

How This Was Tested

Integration Instructions

Contributors

v2023110001.0.0

What's Changed

⚠️ Breaking Changes

How This Was Tested

Integration Instructions

Contributors

v2023110000.1.0

What's Changed

Description

How This Was Tested

Integration Instructions

🚀 Features & ✨ Enhancements

Description

How This Was Tested

Integration Instructions

🔐 Security Impacting

Description

How This Was Tested

Integration Instructions

Contributors

v2023110000.0.5

What's Changed

How This Was Tested

Integration Instructions

Contributors