Releases: tianocore/edk2
Releases · tianocore/edk2
edk2-stable202208
Release Date 2022-08-29
New Features
- Add CRC16 and CRC32C to MdePkg
- IntelFsp2Pkg/ConfigEditor: Support FSP 2.3 header
- Extend SecureBootVariableLib interfaces
- UEFI HTTPS Boot Support for HTTP Client Authentication (Basic or Digest)
- Support 64bit FspResetType for X64 build
- IntelFsp2Pkg/FspSecCore: Add FSP-I entry for SMM support
- Add PCI_DEVICE_PPI definition to EDK2
- Support to assign the subject name to sign the capsule file
Bugzilla List
edk2-stable202205
Release Date 2022-05-27
New Features
- Support PEI 64bit in IntelFsp2Pkg and IntelFsp2WrapperPkg
- IntelFsp2Pkg: BaseFspCommonLib Support for X64 Build
- Add PrmPkg
- BaseTools Enhance GenFw to support PRM GCC build
- Enable Intel TDX in OvmfPkg
- Generate CloudHv target as PVH ELF binary
- Add parallel hash feature into BaseCryptLib
- Configure/Enable elliptic curve ciphers in OpenSSL
- Add FMMT tool into edk2 BaseTools
- Dynamic variable flash information cannot be passed in Standalone MM
Bugzilla List
edk2-stable202202
Release Date 2022-02-25
New Features
- OvmfPkg Add new target for Cloud Hypervisor
- Add TDVF to OvmfPkg
- Add new APIs to UefiCpuPkg/UefiCpuLib
- Add AMD Secure Nested Paging Support
- Add SSDT PCI generator in DynamicTablesPkg
- Support ACPI 6.4 PPTT changes
- Add FdtHwInfoParser library
- Add DynamicPlatRepo library
- Make package and platform builds reproducible across source format changes
- Add Uncrustify CI Plugin
- Apply uncrustify changes to all package C and H files
Bugzilla List
edk2-stable202111
Release Date 2021-11-26
New Features
- Add SSDT CPU topology generator
- Support ACPI 6.4 in GTDT parser and generator
- Support ACPI 6.4 in DynamicTables FADT parser
- Support ACPI 6.4 in Acpiview PCCT parser
- Support ACPI 6.4 in Acpiview HMAT parser
- Add support for the microvm machine type (qemu)
- OVMF/ArmVirt: add support for virtio-mmio 1.0
- IntelFsp2Pkg: adopt FSP 2.3 specification
- UefiCpuPkg VTF0 X64: Build page tables using Linear-Address Translation to a 1-GByte Page
- Enable wildcard host name matching in HTTPS/TLS implementation
- Add QuickSort function into BaseLib
- Add SMM NV variable support in universal UEFI payload
- Add TDVF to OvmfPkg
- Make package and platform builds reproducible across source format changes
Bugzilla List
edk2-stable202108
Release Date 2021-08-27
New Features
- OvmfPkg: remove Xen support from OvmfPkg*.dsc, in favor of OvmfXen.dsc
- Add CLANGDWARF toolchain for generating ELF+DWARF
- NetworkPkg/IScsiDxe: remotely exploitable buffer overflows
- NetworkPkg/IScsiDxe: add sha256 support to CHAP
- Create header files and multiple Hobs for Universal Payload
- Add search feature in config editor
- Add additional build option to treat Dynamic Pcd as DynamicEx Pcd
- Add a new MicrocodeLib for microcode loading
- Implement key enrolment from default key variables
- StandaloneMm support for 32bit Arm machines
- Add firmware support for Cloud Hypervisor on arm64
- Support architecture-specific openssl acceleration
- Support measured AMD SEV boot with kernel/initrd/cmdline
- Add ACPI 6.4 header
- Add new BootDiscoveryPolicyUiLib
Bugzilla List
Update Notes
- UefiCpuPkg Library CpuCacheInfoLib depends on SortLib. So, SortLib library instance is required to be specified in PlatformPkg.dsc
SortLib|MdeModulePkg/Library/BaseSortLib/BaseSortLib.inf - Smbios definition is updated.
MemoryArrayLocationCXLFlexbus10AddonCard ==> MemoryArrayLocationCXLAddonCard
MemoryTechnologyIntelPersistentMemory ==> MemoryTechnologyIntelOptanePersistentMemory
edk2-stable202105
Release Date 2021-05-28
New Features
- OVMF RFE: VCPU hot-unplug with SMI
- Add non-MMRAM memory protection for Standalone MM environment
- OpenSSL Update OpenSSL version to version 1.1.1j to include CVE fix
- Add a new library class RegisterFilterLib
- Add a new MicrocodeLib for microcode loading
- EDKII Redfish Config Handler Protocol
- Implementation of UEFI spec 31.1 Redfish Discover Protocol
- Add RedfishLib (from libredfish)
- Add the ArmPlatformPkg to the azurepipeline
- Add the ArmPkg to the azurepipeline
- Support Tcg2Smm under Standalone MM environment
- UefiCpuPkg/SmmCpuFeaturesLib: Add Standalone MM support
- Add support for AARCH64 to RngDxe and BaseRngLib
- Add support for RSASSA-PSS signature scheme in Crypto package
Bugzilla List
Update Notes
- MdeModulePkg VariableSmmRuntimeDxe.inf depends on library class MmUnblockMemoryLib. Platforms supporting variable service through SMM should configure platform DSC in [LibraryClasses]
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf - SecurityPkg Tcg2Smm is split into 2 drivers: Tcg2Smm and Tcg2Acpi. Platforms supporting TCG2 Physical Presence and Memory Clear through ACPI method should add a new entry in [Components] section of platform DSC as well as the corresponding FV section in platform FDF
SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf - Platform DSC needs to include
MdePkg/MdeLibs.dsc.incfor the required library instance.
edk2-stable202102
Release Date 2021-03-05
New Features
- ArmVirtPkg: support extra pci root bridges (pxb)
- SEV Encrypted Boot for Ovmf (remote attestation)
- virtio-fs driver for OvmfPkg and ArmVirtPkg
- Apply SEV-ES mitigations for encryption bit position and MMIO
- Add Core CI support for StandaloneMmPkg
- Update LZMA module to LZMA SDK latest version 19.00
- IntelFsp2Pkg: Support FSP private temporary memory
- Port open source JSON library (jansson)
- add file buffering to the UEFI shell's COMP command
- Shell: pathname / filename sorting
- Extend support of peripheral x64 MM_STANDALONE drivers
- BaseTools: Convert the Split tool from C language to Python
- ArmPkg: Add Universal/Smbios
- Move to Pip based Basetools python
- Add support for use of FF-A calls
Bugzilla List
Update Notes
- If the user has the windows bat script that calls Split in it,it needs to change to "call Split" because Split will be a bat script but not an executable file.
- Shell depends on library class OrderedCollectionLib. Platform DSC needs to configure it in [LibraryClasses]
OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf - Some struct fields in SmBios.h have typos and get fixed in these code change 0db8, bd9d, e157. Details are listed below.
In structSMBIOS_TABLE_TYPE17:
FirwareVersion ==> FirmwareVersion
In structSMBIOS_TABLE_TYPE4:
ProcessorManufacture ==> ProcessorManufacturer
In structPROCESSOR_CHARACTERISTIC_FLAGS:
Processor64BitCapble ==> Processor64BitCapable
ProcessorEnhancedVirtulization ==> ProcessorEnhancedVirtualization
Processor128bitCapble ==> Processor128BitCapable
Platform code that uses those fields need modifications.
edk2-stable202011
Release Date 2020-11-27
New Features
- ShellPkg: add HttpDynamicCommand
- OvmfPkg, ArmVirtPkg: enable HttpDynamicCommand
- CryptoPkg/BaseCryptLib: fix NULL dereference (CVE-2019-14584)
- Security fix: possible heap corruption with LzmaUefiDecompressGetInfo
- Security fix: unlimited FV recursion, round 2 (DXE Core)
- Remove DEPRECATED code wrapped by new macro DISABLE_NEW_DEPRECATED_INTERFACES
- MdePkg: Add definitions for HTTP Chunked Transfer
- Add SMBIOS 3.4.0 DDR5 Support
- UefiCpuPkg: MpServices2Ppi and MpServicesPpi compatibility support.
- Add RngLib instead of TimerLib for OpensslLib
- SecurityPkg/DxeImageVerificationLib: Disable SHA1 base on MACRO
- Remove the deprecated MD5 and SHA1 support of Hash2DxeCrypto
- Adopt VariablePolicy, Deprecate VarLock and VarCheckPolicy.
- BaseCryptLib: Add Host and Shell based unit tests
- Implementation of UEFI EFI_REST_JSON_STRUCTURE_PROTOCOL
- Implementation of UEFI Redfish Host Interface Dxe
- Add SATA port error recovery when operating in AHCI mode
- Restart failed ATA packets when operating in AHCI mode
- Extend usage of LastAttemptStatus in FmpDxe
- Add firmware support for Kvmtool
- EmulatorPkg: Add CI build for SECURE_BOOT_ENABLE
- BaseTools: Add EDKII_DSC_PLATFORM_GUID MACRO
- BaseTools: Enable Module Scope Structure Pcd
- BaseTools: Incremental build enhancement
Bugzilla List
Wiki
Update Notes
- DEPRECATED functions are removed. New secure version functions are required to be used.
- RngLib library instance is required to be specified in [LibraryClasses] section of Platform.dsc file.
- VariablePolicyLib and VariablePolicyHelperLib library instances are requried to be specified in [LibraryClasses] section of Platform.dsc file. The detail changes can refer to platform porting wiki.
edk2-stable202008
Release Date 2020-09-04
New Features
- BootGuard TOCTOU vulnerability (CVE-2019-11098)
- Provide MACROs to disable SHA1 support
- Update openssl version to latest stable version 1.1.1g
- TPM Add capability to let PEIM extend TcgEvent
- TPM Bios to verify TPM2_ChangeEPS Support through TPM Capabilities command request and enable it if available
- Add FSP binary measurement
- CXL 1.1 Base Specification Register definitions
- BaseTools: Add support on C files to consume ASL files
- Enable BSD-2-Clause-Patent license checker for new added files in open CI
- Enable ECC (EFI Code Checker) checker in open CI
- Add UNIT_TESTING_DEBUG define to enable source level debugging of host based unit tests
- Add new instance of BaseLib that for host based unit tests called UnitTestHostBaseLib
- Add a pre-memory AP vector at 0xFF000
- IntelFsp2Pkg: Add FSP*_ARCH_UPD
- Dynamic AML: A solution to simplify runtime generation of Definition Block tables
- Add support to OVMF for AMD SEV-ES
- Add bhyve hypervisor support to EDK2
- Add LSI 53C895A SCSI controller support to OVMF
Bugzilla List
Wiki
Update Notes
-
Add the below library instances into [LibraryClasses.common.PEIM] section of platform dsc If this platforms depend on Intel FSP
FspMeasurementLib|IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/BaseFspMeasurementLib.inf
TcgEventLogRecordLib|SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.inf
TpmMeasurementLib|SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf -
The SEV-ES feature adds new library dependencies. If your DSC file uses the UefiCpuPkg CpuExceptionHandlerLib library or the UefiCpuPkg MpInitLib library, then you must add an entry for the UefiCpuPkg VmgExitLib library (VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf).
edk2-stable202005
Release Date 2020-06-03
New Features
- RegularExpressionDxe: Use submodule way to access third party Oniguruma
- BrotliCustomDecompressLib: Use submodule way to access third party brotli
- BaseTools: Use submodule way to access third party brotli
- RISC-V architecture on EDK2
- Disabling safe string constraint assertions
- ArmVirtPkg Implement support for TPM2 measured boot
- OVMF Implement support for Linux v5.7+ initrd and mixed mode loading
- OVMF Use loadimage/startimage for loading the kernel passed via the QEMU command line
- OVMF Support booting from Fusion-MPT SCSI controllers
- OVMF Support booting from VMware PVSCSI controllers
- OVMF RFE: VCPU hotplug with SMM
- OVMF PEI phase variable driver / MemoryTypeInfo tracking
- ArmVirtPkg, OvmfPkg: Pass parameter from QEMU to control PXE IPv4/v6 boot
- FmpDxe: Implement Fmp Capsule Dependency feature in library
- Remove deprecate APIs in BaseCryptLib
- IntelFsp2Pkg: Support Multi-Phase silicon initialization and debug handlers
- Enable Host Unit Tests for Linux in Core CI
- Add Open CI build test for Ovmf and Emulator
- Add UEFI 2.8/2.8a definition in MdePkg
- Add PI1.7/PI1.7a definition into MdePkg
Bugzilla List
Update Notes
- The brotli source code is accessed through submodule way. So anybody updates to the latest edk2 should type ‘git submodule update –init’ to checkout submodule brotli.
- BaseCryptoLib MD4, ARC4, TDES, AES ECB MODE, HMAC MD5, HMAC SHA1 API have been deprecated. The consumer that use above functions should remove the related code and return unsupported status.
- SecurityPkg Tcg2PhysicalPresenceLib library class removes two macros
TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT and TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT. The consumer code should use gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags to get the default flags.