Releases: tianocore/edk2
Releases Β· tianocore/edk2
edk2-stable202408.01
Contributors
mdkinney
Assets 2
edk2-stable202408
Release Date 2024-08-23
New Features & Bug Fixes
- CryptoPkg:Add more crypto APIs (AESGCM/PEM/X509/RSA/PKCS5/PKCS7/Authenticode) based on Mbedtls
- CryptoPkg: Enable Openssl native instruction support for AARCH64
- CryptoPkg: Add support for aes128-sha256 and aes256-sha256 cipher
- UefiCpuPkg: S3 cleanup
- MdePkg/BaseLib: Add CRC16 CCITT False Implementation
- DynamicTablesPkg: ACPI TPM2 generator
- DynamicTablesPkg: Prepare for supporting other archs
- BaseTools: Add VS2022 support
- OvmfPkg: Add LoongArchVirt instance to OvmfPkg and enable it
Bugzilla List
edk2-stable202405
Release Date 2024-05-24
New Features & Bug Fixes
- SecurityPkg:Add EFI Device Authentication Signature Database and SPDM
- CryptoPkg:add additional RSAES-OAEP crypto functions
- OvmfPkg:Add 5-level paging support
- OvmfPkg:SEV-SNP Support for running under an SVSM
- OvmfPkg:RBP register shall be cleared in TDVMCALL
- OvmfPkg:Harden #VC instruction emulation (CVE-2024-25742)
- Add SPI bus driver stack
- NetworkPkg: Predictable TCP ISNs
- NetworkPkg: Use of a Weak PseudoRandom Number Generator
- UefiCpuPkg: Add new SmmRelocationLib library
Bugzilla List
Update Notes
- NetworkPkg SECURITY PATCH CVE-2023-45237 requires the platform to provide the right implementation of the EFI_RNG_PROTOCOL
(i.e., using a GUID that appears in the allowlist) and EFI_HASH2_PROTOCOL. If it is not implemented, the platform will lose the ability to do network boot.
edk2-stable202402
Release Date 2024-02-23
New Features & Bug Fixes
- NetworkPkg: Packet->Length is not updated before being used by Dhcp6AppendIaAddrOption to safely know it can append.
- NetworkPkg: Out-of-bounds read when processing IA_NA/IA_TA options in a DHCPv6 Advertise message
- Heap Buffer Overflow in Tcg2MeasureGptTable()
- Add LoongArch help functions and defines in MdePkg and move some ArmVirtPkg libraries and PCDs to OvmfPkg
- Add NVMe Sanitize command support to Nvme.h
- Remove CSM support from OvmfPkg
- MAT Logic Incorrectly Reports Runtime Images
Bugzilla List
edk2-stable202311
Release Date 2023-11-24
New Features & Bug Fixes
- UefiPayloadPkg:Enhance the build processing for Universalpayload
- SplitFspBin.py cannot support FSP binary with child FV included
- Cache Disable should not be set by default in CR0 after ResetVector in x64 build
- SMM perf record is copied multiple times to FPDT table if multiple ReadyToBoot events are signaled
- In some cases, LocateHandleBuffer() may allocate a callee freed buffer when an error occurs
- OvmfPkg/IoMmuDxe: don't rely on TPLs to manage concurrency
- Recent OVMF build.sh change breaks useful functionality
- UEFI cryptography agile solution - separate crypto algorithm (phase I)
- Use MpService2Ppi to wakeup CPU in Smm CpuS3
- Move RngLibTimer from MdePkg to MdeModulePkg
- EFI_RNG_PROTOCOL Describe the DRBG algorithm used in the Arm RNDR instruction
- Faulty Rng algo selection for Arm
- RngDxe assert
- Add New Intel Processor family for SMBIOS Type 4 from SMBIOS 3.7.0
- NetworkPkg: HTTP protocol throughput too small
- MailBoxVersion should be 0 according to the ACPI spec 6.5
- Pyrite support - Secure erase is only available if encryption is supported
- Remove assembly/tool logic that creates AP waking vector in 4G-20h
- MdeModulePkg/Bus/Ata/AtaBusDxe: Coverity scan flags SIGN_EXTENSION issue
- MdeModulePkg/Bus/Pci/NvmExpressPei: Coverity scan flags DEADCODE issue
- MdeModulePkg/Bus/Pci/UhciDxe: fix Coverity issues
- DynamicTablesPkg: Add support for generating ACPI ThermalZones
- DynamicTablesPkg: Add support for PCI IO using Qword resources
- MdeModulePkg/XhciDxe: Use Performance Timer for XHCI Timeouts
- MdeModulePkg/Bus/Pci/XhciDxe: Need to abort the command for command timeout
- BaseTools: Add support for LOONGARCH64 R_LARCH_RELAX relocation
- UefiPayloadPkg: Add FIT support
- SMBIOS BCD revision is not match SMBIOS version
- Xhci: Skip size round up for TRB when getting PCI device/host memory address
- MdePkg: various fixes to ARM/AArch64 SetJump/LongJump
- TlsLib should not have a list of Ciphers which may or may not agree with what is available
- MtrrLib modules and Unit test Enhancement
- Use the base SortLib for Redfish modules only
- evaluate the feasibility of using mbedtls as crypto library
- bogus RealTimeClockLib class interface: LibRtcVirtualNotifyEvent
- OvmfPkg/VirtioFsDxe: tolerate opening an absolute pathname relative to a regular file
- UefiDevicePathLib DevPathToTextAcpiEx overflows the device path node when searching for optional strings
- DynamicTablesPkg/TableHelperLib updates
- Update Edk2-pytools to latest versions
- duplicate installation of EFI_REAL_TIME_CLOCK_ARCH_PROTOCOL in RealTimeClockLib instances
- UefiCpuPkg/BaseXApicX2ApicLib: fix CPUID_V2_EXTENDED_TOPOLOGY detection
- OvmfPkg/AcpiPlatformDxe: Coverity scan flags FORWARD_NULL and UNUSED_VALUE issues
- RedfishPkg/RedfishLib: Return HTTP headers to caller
- ArmVirtPkg: support two PL011 UARTs
- Update MADT for ACPI 6.5, and add TRBE & ETE support
- Add Variable Policy Audit App and Shell Command
- Use CodeQL CLI
- TDVF: TdVmCall needs handle the retry results for MapGPA
- Update GetMaintainer to handle case where a package has only reviewers and no maintainers
- Add 0x0B/Platform Runtime Mechanism (PRM) in Address Space ID of Generic Address Structure (GAS)
- Fix build error when remove "-Wno-sometimes-uninitialized" option
Bugzilla List
edk2-stable202308
Release Date 2023-08-25
New Features
- CryptoPkg: consume OpenSSL 3.0
- Replace the OVMF-specific SataControllerDxe with the generic one in MdeModulePkg
- Remove the duplicated definitions from BaseTools
- Arm GIC Library and Driver improvements
- Use restricted memory mappings in PEI
- Add SmmCpuFeaturesLib implementation for AMD Processor family
- Add USB Network RNDIS Drivers
- Support Standalone MM based variable services in PEI on ARM systems
- Add RISC-V MMU support
- Add RISC-V support to CLANGDWARF toolchain
Bugzilla List
edk2-stable202305
Release Date 2023-05-26
New Features
- Expose IBT/BTI compatible runtime DXE drivers via memory attributes table
- Update toolchain support
- MdePkg: Support FDT library
- Add google mocks support to UnitTestFrameworkPkg GoogleTestLib
- Platform Redfish Host Interface library for USBNIC
- [OpenSSL] Update OpenSSL version to version 1.1.1t to include CVE fix
- Replace pre-standard FUNCTION with C99 func throughout edk2
- Implement EFI memory attributes protocol for ARM platforms
- Add TraceHubLib Support
Bugzilla List
edk2-stable202302
Release Date 2023-03-03
New Features
- Add support for RISC-V qemu virt machine
- Add RPMB related commands and DCB definition for NVMe
- SecurityBoot - remove self-signed PK requirement in SetupMode
- SecurityBoot - support Authenticated SetVariable with ContentInfo
- TDVF Optimization - Enable Separate-Fv in OvmfPkg/IntelTdx
- TDVF Optimization - Pre-alloc shared memory for TDVF DMA
- TDVF Optimization - Enable Multi-core based lazy-accept
- TDVF - Fix Instruction Pointer Incrementation by TD #VE MMIO Handler
- TDVF - Incorrect implementation in the TDX RTMR implementation
- TDVF - Incorrect protocol and structure version in the TDX CC measurement
- TDVF - TdTcg2Dxe lives in the Ovmfpkg instead of the SecurityPkg
- TDVF - need measurement VMM input ACPI table before register
- TDVF - need integrate feature in config-B to config-A
Bugzilla List
edk2-stable202211
Release Date 2022-11-26
New Features
- CryptoPkg remove EC PCD and merge optimized openssl libs
- Add GoogleTest unit test support to UnitTestFrameworkPkg
- Add Raw algorithm support using Arm FW-TRNG interface
- TDVF Lazy Accept in OvmfPkg
- Debug code to audit BIOS TPM extend operations
- Add a new feature to enable LoongArch prot for EDKII
- CryptoPkg: Need to add additional cipher algos and TLS API to meet WPA3
- IntelFsp2(Wrapper)Pkg: Support FSP 2.4 MultiPhaseInit
- CryptoPkg: Need to support EC and BN API due to WPA3 feature
- Add PCI_DEVICE_PPI support for NvmExpressPei
Bugzilla List
edk2-stable202208
Release Date 2022-08-29
New Features
- Add CRC16 and CRC32C to MdePkg
- IntelFsp2Pkg/ConfigEditor: Support FSP 2.3 header
- Extend SecureBootVariableLib interfaces
- UEFI HTTPS Boot Support for HTTP Client Authentication (Basic or Digest)
- Support 64bit FspResetType for X64 build
- IntelFsp2Pkg/FspSecCore: Add FSP-I entry for SMM support
- Add PCI_DEVICE_PPI definition to EDK2
- Support to assign the subject name to sign the capsule file