From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D89C2819EB for ; Tue, 17 Jan 2017 01:13:06 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx16.intmail.prod.int.phx2.redhat.com [10.5.11.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D11AC804F4; Tue, 17 Jan 2017 09:13:07 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-70.phx2.redhat.com [10.3.116.70]) by smtp.corp.redhat.com (Postfix) with ESMTP id 68CCF70A7; Tue, 17 Jan 2017 09:13:06 +0000 (UTC) To: Gary Lin , edk2-devel@ml01.01.org References: <20170117045232.4765-1-glin@suse.com> <20170117045232.4765-2-glin@suse.com> Cc: Justen Jordan L , Wu Jiaxin , Long Qin From: Laszlo Ersek Message-ID: <075118aa-3a1b-b3d2-5284-581b44b62d96@redhat.com> Date: Tue, 17 Jan 2017 10:13:04 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: <20170117045232.4765-2-glin@suse.com> X-Scanned-By: MIMEDefang 2.74 on 10.5.11.28 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Tue, 17 Jan 2017 09:13:07 +0000 (UTC) Subject: Re: [PATCH 1/3] OvmfPkg: always resolve OpenSslLib, IntrinsicLib and BaseCryptLib X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jan 2017 09:13:07 -0000 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit On 01/17/17 05:52, Gary Lin wrote: > This commit provides unconditional library resolutions for the OpenSslLib, > IntrinsicLib and BaseCryptLib classes, regardless of whether those classes > are actually used by any module. > > Although those libraries depends on OpenSSL, they won't be built unless > a module really uses them. Thus, missing OpenSSL from the tree won't > cause any build failure as long as SECURE_BOOT_ENABLE is false. > > (Based on Jiaxin's patch and Laszlo's suggestion) > > Cc: Laszlo Ersek > Cc: Justen Jordan L > Cc: Wu Jiaxin > Cc: Long Qin > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Gary Lin > --- > OvmfPkg/OvmfPkgIa32.dsc | 9 +++------ > OvmfPkg/OvmfPkgIa32X64.dsc | 9 +++------ > OvmfPkg/OvmfPkgX64.dsc | 9 +++------ > 3 files changed, 9 insertions(+), 18 deletions(-) > > diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc > index e97f7f0262..9aa66eb951 100644 > --- a/OvmfPkg/OvmfPkgIa32.dsc > +++ b/OvmfPkg/OvmfPkgIa32.dsc > @@ -141,10 +141,11 @@ [LibraryClasses] > LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf > DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf > > -!if $(SECURE_BOOT_ENABLE) == TRUE > - PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > + > +!if $(SECURE_BOOT_ENABLE) == TRUE > + PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf > AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf > !if $(NETWORK_IP6_ENABLE) == TRUE > @@ -166,9 +167,7 @@ [LibraryClasses] > XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf > > [LibraryClasses.common] > -!if $(SECURE_BOOT_ENABLE) == TRUE > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > -!endif > > [LibraryClasses.common.SEC] > TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf > @@ -258,9 +257,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] > DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf > !endif > UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf > -!if $(SECURE_BOOT_ENABLE) == TRUE > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > -!endif > PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf > > [LibraryClasses.common.UEFI_DRIVER] > diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc > index 8e3e04c135..9537e92077 100644 > --- a/OvmfPkg/OvmfPkgIa32X64.dsc > +++ b/OvmfPkg/OvmfPkgIa32X64.dsc > @@ -146,10 +146,11 @@ [LibraryClasses] > LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf > DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf > > -!if $(SECURE_BOOT_ENABLE) == TRUE > - PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > + > +!if $(SECURE_BOOT_ENABLE) == TRUE > + PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf > AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf > !if $(NETWORK_IP6_ENABLE) == TRUE > @@ -171,9 +172,7 @@ [LibraryClasses] > XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf > > [LibraryClasses.common] > -!if $(SECURE_BOOT_ENABLE) == TRUE > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > -!endif > > [LibraryClasses.common.SEC] > TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf > @@ -263,9 +262,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] > DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf > !endif > UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf > -!if $(SECURE_BOOT_ENABLE) == TRUE > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > -!endif > PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf > > [LibraryClasses.common.UEFI_DRIVER] > diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc > index 6ec3fe050d..d15294eb72 100644 > --- a/OvmfPkg/OvmfPkgX64.dsc > +++ b/OvmfPkg/OvmfPkgX64.dsc > @@ -146,10 +146,11 @@ [LibraryClasses] > LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf > DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf > > -!if $(SECURE_BOOT_ENABLE) == TRUE > - PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > + > +!if $(SECURE_BOOT_ENABLE) == TRUE > + PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf > AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf > !if $(NETWORK_IP6_ENABLE) == TRUE > @@ -171,9 +172,7 @@ [LibraryClasses] > XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf > > [LibraryClasses.common] > -!if $(SECURE_BOOT_ENABLE) == TRUE > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > -!endif > > [LibraryClasses.common.SEC] > TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf > @@ -263,9 +262,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] > DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf > !endif > UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf > -!if $(SECURE_BOOT_ENABLE) == TRUE > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > -!endif > PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf > > [LibraryClasses.common.UEFI_DRIVER] > Reviewed-by: Laszlo Ersek