* [Patch] OvmfPkg: Remove the flag control for the CryptoPkg libraries @ 2017-01-16 5:43 Jiaxin Wu 2017-01-16 8:07 ` Gary Lin 0 siblings, 1 reply; 3+ messages in thread From: Jiaxin Wu @ 2017-01-16 5:43 UTC (permalink / raw) To: edk2-devel; +Cc: Laszlo Ersek, Justen Jordan L, Gary Lin, Long Qin, Wu Jiaxin This patch is to remove the 'SECURE_BOOT_ENABLE' flag control for the CryptoPkg librarie. Not only the secure boot feature requires the CryptoPkg libraries (e.g, OpensslLib, BaseCryptLib), but also ISCSI, IpSec and HTTPS/TLS features. Those modules can be always included since no build performance impacts if they are not consumed. Cc: Laszlo Ersek <lersek@redhat.com> Cc: Justen Jordan L <jordan.l.justen@intel.com> Cc: Gary Lin <glin@suse.com> Cc: Long Qin <qin.long@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com> --- OvmfPkg/OvmfPkgIa32.dsc | 13 ++++++------- OvmfPkg/OvmfPkgIa32X64.dsc | 13 ++++++------- OvmfPkg/OvmfPkgX64.dsc | 13 ++++++------- 3 files changed, 18 insertions(+), 21 deletions(-) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index e97f7f0..65eef22 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -1,9 +1,9 @@ ## @file # EFI/Framework Open Virtual Machine Firmware (OVMF) platform # -# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR> +# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> # (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> # # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -139,14 +139,15 @@ ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf -!if $(SECURE_BOOT_ENABLE) == TRUE - PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + +!if $(SECURE_BOOT_ENABLE) == TRUE + PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf !if $(NETWORK_IP6_ENABLE) == TRUE TcpIoLib|MdeModulePkg/Library/DxeTcpIoLib/DxeTcpIoLib.inf !endif @@ -164,13 +165,11 @@ SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf [LibraryClasses.common] -!if $(SECURE_BOOT_ENABLE) == TRUE BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf -!endif [LibraryClasses.common.SEC] TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf !ifdef $(DEBUG_ON_SERIAL_PORT) @@ -256,13 +255,13 @@ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf !else DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf -!if $(SECURE_BOOT_ENABLE) == TRUE + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf -!endif + PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf [LibraryClasses.common.UEFI_DRIVER] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 8e3e04c..00d3e1d 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -1,9 +1,9 @@ ## @file # EFI/Framework Open Virtual Machine Firmware (OVMF) platform # -# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR> +# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> # (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> # # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -144,14 +144,15 @@ ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf -!if $(SECURE_BOOT_ENABLE) == TRUE - PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + +!if $(SECURE_BOOT_ENABLE) == TRUE + PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf !if $(NETWORK_IP6_ENABLE) == TRUE TcpIoLib|MdeModulePkg/Library/DxeTcpIoLib/DxeTcpIoLib.inf !endif @@ -169,13 +170,11 @@ SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf [LibraryClasses.common] -!if $(SECURE_BOOT_ENABLE) == TRUE BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf -!endif [LibraryClasses.common.SEC] TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf !ifdef $(DEBUG_ON_SERIAL_PORT) @@ -261,13 +260,13 @@ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf !else DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf -!if $(SECURE_BOOT_ENABLE) == TRUE + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf -!endif + PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf [LibraryClasses.common.UEFI_DRIVER] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 6ec3fe0..472ca30 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -1,9 +1,9 @@ ## @file # EFI/Framework Open Virtual Machine Firmware (OVMF) platform # -# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR> +# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> # (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> # # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -144,14 +144,15 @@ ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf -!if $(SECURE_BOOT_ENABLE) == TRUE - PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + +!if $(SECURE_BOOT_ENABLE) == TRUE + PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf !if $(NETWORK_IP6_ENABLE) == TRUE TcpIoLib|MdeModulePkg/Library/DxeTcpIoLib/DxeTcpIoLib.inf !endif @@ -169,13 +170,11 @@ SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf [LibraryClasses.common] -!if $(SECURE_BOOT_ENABLE) == TRUE BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf -!endif [LibraryClasses.common.SEC] TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf !ifdef $(DEBUG_ON_SERIAL_PORT) @@ -261,13 +260,13 @@ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf !else DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf -!if $(SECURE_BOOT_ENABLE) == TRUE + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf -!endif + PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf [LibraryClasses.common.UEFI_DRIVER] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf -- 1.9.5.msysgit.1 ^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Patch] OvmfPkg: Remove the flag control for the CryptoPkg libraries 2017-01-16 5:43 [Patch] OvmfPkg: Remove the flag control for the CryptoPkg libraries Jiaxin Wu @ 2017-01-16 8:07 ` Gary Lin 2017-01-16 9:18 ` Wu, Jiaxin 0 siblings, 1 reply; 3+ messages in thread From: Gary Lin @ 2017-01-16 8:07 UTC (permalink / raw) To: Jiaxin Wu; +Cc: edk2-devel, Justen Jordan L, Long Qin, Laszlo Ersek On Mon, Jan 16, 2017 at 01:43:35PM +0800, Jiaxin Wu wrote: > This patch is to remove the 'SECURE_BOOT_ENABLE' flag control for > the CryptoPkg librarie. > > Not only the secure boot feature requires the CryptoPkg libraries > (e.g, OpensslLib, BaseCryptLib), but also ISCSI, IpSec and HTTPS/TLS > features. Those modules can be always included since no build performance > impacts if they are not consumed. > We can also remove "SECURE_BOOT_ENABLE" flag from the "Network support" section. Currently, when enabling NETWORK_IP6_ENABLE, there is a conditional check to determine which ISCSI driver to be included: !if $(SECURE_BOOT_ENABLE) == TRUE NetworkPkg/IScsiDxe/IScsiDxe.inf !else MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf !endif In this case, "SECURE_BOOT_ENABLE" is used to detect if BaseCryptLib is included or not. Since this patch makes BaseCryptLib always available, we can directly use the NetworkPkg ISCSI driver now. Thanks, Gary Lin > Cc: Laszlo Ersek <lersek@redhat.com> > Cc: Justen Jordan L <jordan.l.justen@intel.com> > Cc: Gary Lin <glin@suse.com> > Cc: Long Qin <qin.long@intel.com> > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com> > --- > OvmfPkg/OvmfPkgIa32.dsc | 13 ++++++------- > OvmfPkg/OvmfPkgIa32X64.dsc | 13 ++++++------- > OvmfPkg/OvmfPkgX64.dsc | 13 ++++++------- > 3 files changed, 18 insertions(+), 21 deletions(-) > > diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc > index e97f7f0..65eef22 100644 > --- a/OvmfPkg/OvmfPkgIa32.dsc > +++ b/OvmfPkg/OvmfPkgIa32.dsc > @@ -1,9 +1,9 @@ > ## @file > # EFI/Framework Open Virtual Machine Firmware (OVMF) platform > # > -# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR> > +# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> > # (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> > # > # This program and the accompanying materials > # are licensed and made available under the terms and conditions of the BSD License > # which accompanies this distribution. The full text of the license may be found at > @@ -139,14 +139,15 @@ > > ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf > LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf > DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf > > -!if $(SECURE_BOOT_ENABLE) == TRUE > - PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > + > +!if $(SECURE_BOOT_ENABLE) == TRUE > + PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf > AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf > !if $(NETWORK_IP6_ENABLE) == TRUE > TcpIoLib|MdeModulePkg/Library/DxeTcpIoLib/DxeTcpIoLib.inf > !endif > @@ -164,13 +165,11 @@ > SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf > OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf > XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf > > [LibraryClasses.common] > -!if $(SECURE_BOOT_ENABLE) == TRUE > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > -!endif > > [LibraryClasses.common.SEC] > TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf > QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf > !ifdef $(DEBUG_ON_SERIAL_PORT) > @@ -256,13 +255,13 @@ > DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf > !else > DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf > !endif > UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf > -!if $(SECURE_BOOT_ENABLE) == TRUE > + > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > -!endif > + > PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf > > [LibraryClasses.common.UEFI_DRIVER] > PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf > TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf > diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc > index 8e3e04c..00d3e1d 100644 > --- a/OvmfPkg/OvmfPkgIa32X64.dsc > +++ b/OvmfPkg/OvmfPkgIa32X64.dsc > @@ -1,9 +1,9 @@ > ## @file > # EFI/Framework Open Virtual Machine Firmware (OVMF) platform > # > -# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR> > +# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> > # (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> > # > # This program and the accompanying materials > # are licensed and made available under the terms and conditions of the BSD License > # which accompanies this distribution. The full text of the license may be found at > @@ -144,14 +144,15 @@ > > ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf > LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf > DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf > > -!if $(SECURE_BOOT_ENABLE) == TRUE > - PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > + > +!if $(SECURE_BOOT_ENABLE) == TRUE > + PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf > AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf > !if $(NETWORK_IP6_ENABLE) == TRUE > TcpIoLib|MdeModulePkg/Library/DxeTcpIoLib/DxeTcpIoLib.inf > !endif > @@ -169,13 +170,11 @@ > SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf > OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf > XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf > > [LibraryClasses.common] > -!if $(SECURE_BOOT_ENABLE) == TRUE > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > -!endif > > [LibraryClasses.common.SEC] > TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf > QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf > !ifdef $(DEBUG_ON_SERIAL_PORT) > @@ -261,13 +260,13 @@ > DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf > !else > DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf > !endif > UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf > -!if $(SECURE_BOOT_ENABLE) == TRUE > + > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > -!endif > + > PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf > > [LibraryClasses.common.UEFI_DRIVER] > PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf > TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf > diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc > index 6ec3fe0..472ca30 100644 > --- a/OvmfPkg/OvmfPkgX64.dsc > +++ b/OvmfPkg/OvmfPkgX64.dsc > @@ -1,9 +1,9 @@ > ## @file > # EFI/Framework Open Virtual Machine Firmware (OVMF) platform > # > -# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR> > +# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> > # (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> > # > # This program and the accompanying materials > # are licensed and made available under the terms and conditions of the BSD License > # which accompanies this distribution. The full text of the license may be found at > @@ -144,14 +144,15 @@ > > ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf > LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf > DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf > > -!if $(SECURE_BOOT_ENABLE) == TRUE > - PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > + > +!if $(SECURE_BOOT_ENABLE) == TRUE > + PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf > AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf > !if $(NETWORK_IP6_ENABLE) == TRUE > TcpIoLib|MdeModulePkg/Library/DxeTcpIoLib/DxeTcpIoLib.inf > !endif > @@ -169,13 +170,11 @@ > SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf > OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf > XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf > > [LibraryClasses.common] > -!if $(SECURE_BOOT_ENABLE) == TRUE > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > -!endif > > [LibraryClasses.common.SEC] > TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf > QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf > !ifdef $(DEBUG_ON_SERIAL_PORT) > @@ -261,13 +260,13 @@ > DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf > !else > DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf > !endif > UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf > -!if $(SECURE_BOOT_ENABLE) == TRUE > + > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > -!endif > + > PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf > > [LibraryClasses.common.UEFI_DRIVER] > PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf > TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf > -- > 1.9.5.msysgit.1 > > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel > ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Patch] OvmfPkg: Remove the flag control for the CryptoPkg libraries 2017-01-16 8:07 ` Gary Lin @ 2017-01-16 9:18 ` Wu, Jiaxin 0 siblings, 0 replies; 3+ messages in thread From: Wu, Jiaxin @ 2017-01-16 9:18 UTC (permalink / raw) To: Gary Lin; +Cc: edk2-devel@lists.01.org, Justen, Jordan L, Long, Qin, Laszlo Ersek YES, you are right, I will remove it also. Thanks, Jiaxin > -----Original Message----- > From: Gary Lin [mailto:glin@suse.com] > Sent: Monday, January 16, 2017 4:08 PM > To: Wu, Jiaxin <jiaxin.wu@intel.com> > Cc: edk2-devel@lists.01.org; Justen, Jordan L <jordan.l.justen@intel.com>; Long, > Qin <qin.long@intel.com>; Laszlo Ersek <lersek@redhat.com> > Subject: Re: [edk2] [Patch] OvmfPkg: Remove the flag control for the CryptoPkg > libraries > > On Mon, Jan 16, 2017 at 01:43:35PM +0800, Jiaxin Wu wrote: > > This patch is to remove the 'SECURE_BOOT_ENABLE' flag control for > > the CryptoPkg librarie. > > > > Not only the secure boot feature requires the CryptoPkg libraries > > (e.g, OpensslLib, BaseCryptLib), but also ISCSI, IpSec and HTTPS/TLS > > features. Those modules can be always included since no build performance > > impacts if they are not consumed. > > > We can also remove "SECURE_BOOT_ENABLE" flag from the "Network > support" > section. > > Currently, when enabling NETWORK_IP6_ENABLE, there is a conditional > check to determine which ISCSI driver to be included: > > !if $(SECURE_BOOT_ENABLE) == TRUE > NetworkPkg/IScsiDxe/IScsiDxe.inf > !else > MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf > !endif > > In this case, "SECURE_BOOT_ENABLE" is used to detect if BaseCryptLib is > included or not. Since this patch makes BaseCryptLib always available, > we can directly use the NetworkPkg ISCSI driver now. > > Thanks, > > Gary Lin > > > Cc: Laszlo Ersek <lersek@redhat.com> > > Cc: Justen Jordan L <jordan.l.justen@intel.com> > > Cc: Gary Lin <glin@suse.com> > > Cc: Long Qin <qin.long@intel.com> > > Contributed-under: TianoCore Contribution Agreement 1.0 > > Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com> > > --- > > OvmfPkg/OvmfPkgIa32.dsc | 13 ++++++------- > > OvmfPkg/OvmfPkgIa32X64.dsc | 13 ++++++------- > > OvmfPkg/OvmfPkgX64.dsc | 13 ++++++------- > > 3 files changed, 18 insertions(+), 21 deletions(-) > > > > diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc > > index e97f7f0..65eef22 100644 > > --- a/OvmfPkg/OvmfPkgIa32.dsc > > +++ b/OvmfPkg/OvmfPkgIa32.dsc > > @@ -1,9 +1,9 @@ > > ## @file > > # EFI/Framework Open Virtual Machine Firmware (OVMF) platform > > # > > -# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR> > > +# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> > > # (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> > > # > > # This program and the accompanying materials > > # are licensed and made available under the terms and conditions of the > BSD License > > # which accompanies this distribution. The full text of the license may be > found at > > @@ -139,14 +139,15 @@ > > > > ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf > > > LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf > > > DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD > ebugPrintErrorLevelLib.inf > > > > -!if $(SECURE_BOOT_ENABLE) == TRUE > > - > PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > > + > > +!if $(SECURE_BOOT_ENABLE) == TRUE > > + > PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > > > TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmM > easurementLib.inf > > AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf > > !if $(NETWORK_IP6_ENABLE) == TRUE > > TcpIoLib|MdeModulePkg/Library/DxeTcpIoLib/DxeTcpIoLib.inf > > !endif > > @@ -164,13 +165,11 @@ > > SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf > > > OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib > /BaseOrderedCollectionRedBlackTreeLib.inf > > XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf > > > > [LibraryClasses.common] > > -!if $(SECURE_BOOT_ENABLE) == TRUE > > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > > -!endif > > > > [LibraryClasses.common.SEC] > > TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf > > QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf > > !ifdef $(DEBUG_ON_SERIAL_PORT) > > @@ -256,13 +255,13 @@ > > > DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf > > !else > > > DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i > nf > > !endif > > UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf > > -!if $(SECURE_BOOT_ENABLE) == TRUE > > + > > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > > -!endif > > + > > PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf > > > > [LibraryClasses.common.UEFI_DRIVER] > > PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf > > TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf > > diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc > > index 8e3e04c..00d3e1d 100644 > > --- a/OvmfPkg/OvmfPkgIa32X64.dsc > > +++ b/OvmfPkg/OvmfPkgIa32X64.dsc > > @@ -1,9 +1,9 @@ > > ## @file > > # EFI/Framework Open Virtual Machine Firmware (OVMF) platform > > # > > -# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR> > > +# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> > > # (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> > > # > > # This program and the accompanying materials > > # are licensed and made available under the terms and conditions of the > BSD License > > # which accompanies this distribution. The full text of the license may be > found at > > @@ -144,14 +144,15 @@ > > > > ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf > > > LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf > > > DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD > ebugPrintErrorLevelLib.inf > > > > -!if $(SECURE_BOOT_ENABLE) == TRUE > > - > PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > > + > > +!if $(SECURE_BOOT_ENABLE) == TRUE > > + > PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > > > TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmM > easurementLib.inf > > AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf > > !if $(NETWORK_IP6_ENABLE) == TRUE > > TcpIoLib|MdeModulePkg/Library/DxeTcpIoLib/DxeTcpIoLib.inf > > !endif > > @@ -169,13 +170,11 @@ > > SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf > > > OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib > /BaseOrderedCollectionRedBlackTreeLib.inf > > XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf > > > > [LibraryClasses.common] > > -!if $(SECURE_BOOT_ENABLE) == TRUE > > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > > -!endif > > > > [LibraryClasses.common.SEC] > > TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf > > QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf > > !ifdef $(DEBUG_ON_SERIAL_PORT) > > @@ -261,13 +260,13 @@ > > > DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf > > !else > > > DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i > nf > > !endif > > UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf > > -!if $(SECURE_BOOT_ENABLE) == TRUE > > + > > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > > -!endif > > + > > PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf > > > > [LibraryClasses.common.UEFI_DRIVER] > > PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf > > TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf > > diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc > > index 6ec3fe0..472ca30 100644 > > --- a/OvmfPkg/OvmfPkgX64.dsc > > +++ b/OvmfPkg/OvmfPkgX64.dsc > > @@ -1,9 +1,9 @@ > > ## @file > > # EFI/Framework Open Virtual Machine Firmware (OVMF) platform > > # > > -# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR> > > +# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> > > # (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> > > # > > # This program and the accompanying materials > > # are licensed and made available under the terms and conditions of the > BSD License > > # which accompanies this distribution. The full text of the license may be > found at > > @@ -144,14 +144,15 @@ > > > > ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf > > > LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf > > > DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD > ebugPrintErrorLevelLib.inf > > > > -!if $(SECURE_BOOT_ENABLE) == TRUE > > - > PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > > + > > +!if $(SECURE_BOOT_ENABLE) == TRUE > > + > PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf > > > TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmM > easurementLib.inf > > AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf > > !if $(NETWORK_IP6_ENABLE) == TRUE > > TcpIoLib|MdeModulePkg/Library/DxeTcpIoLib/DxeTcpIoLib.inf > > !endif > > @@ -169,13 +170,11 @@ > > SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf > > > OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib > /BaseOrderedCollectionRedBlackTreeLib.inf > > XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf > > > > [LibraryClasses.common] > > -!if $(SECURE_BOOT_ENABLE) == TRUE > > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > > -!endif > > > > [LibraryClasses.common.SEC] > > TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf > > QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf > > !ifdef $(DEBUG_ON_SERIAL_PORT) > > @@ -261,13 +260,13 @@ > > > DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf > > !else > > > DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i > nf > > !endif > > UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf > > -!if $(SECURE_BOOT_ENABLE) == TRUE > > + > > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > > -!endif > > + > > PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf > > > > [LibraryClasses.common.UEFI_DRIVER] > > PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf > > TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf > > -- > > 1.9.5.msysgit.1 > > > > _______________________________________________ > > edk2-devel mailing list > > edk2-devel@lists.01.org > > https://lists.01.org/mailman/listinfo/edk2-devel > > ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2017-01-16 9:18 UTC | newest] Thread overview: 3+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2017-01-16 5:43 [Patch] OvmfPkg: Remove the flag control for the CryptoPkg libraries Jiaxin Wu 2017-01-16 8:07 ` Gary Lin 2017-01-16 9:18 ` Wu, Jiaxin
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox