Currently networking can only be enabled/disabled at compile time. This patch series will add support to disable VirtIo net at runtime even if the functionality is built into binary at compile time.
This will enable VMM to reduce attack surface without recompilation. The changes can be seen at: https://github.com/yyu/edk2/tree/network_cfg_lib_v1 Cc: Ard Biesheuvel <ardb+tianoc...@kernel.org> Cc: Jordan Justen <jordan.l.jus...@intel.com> Cc: Laszlo Ersek <ler...@redhat.com> Cc: Anthony Perard <anthony.per...@citrix.com> Cc: Julien Grall <jul...@xen.org> Yuan Yu (2): OvmfPkg: Introduce NetworkCfgLib OvmfPkg: Use PcdNetworkSupport to enable/disable VirtIo net OvmfPkg/OvmfPkg.dec | 3 ++ OvmfPkg/OvmfPkgX64.dsc | 7 ++++- OvmfPkg/Library/NetworkCfgLib/NetworkCfgLib.inf | 29 ++++++++++++++++++ OvmfPkg/VirtioNetDxe/VirtioNet.inf | 3 ++ OvmfPkg/Library/NetworkCfgLib/NetworkCfgLib.c | 32 ++++++++++++++++++++ OvmfPkg/VirtioNetDxe/EntryPoint.c | 10 ++++++ 6 files changed, 83 insertions(+), 1 deletion(-) create mode 100644 OvmfPkg/Library/NetworkCfgLib/NetworkCfgLib.inf create mode 100644 OvmfPkg/Library/NetworkCfgLib/NetworkCfgLib.c -- 2.37.1.559.g78731f0fdb-goog -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#92118): https://edk2.groups.io/g/devel/message/92118 Mute This Topic: https://groups.io/mt/92808627/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
