From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=fail (domain: intel.com, ip: , mailfrom: xiaoyux.lu@intel.com) Received: from mga17.intel.com (mga17.intel.com []) by groups.io with SMTP; Mon, 13 May 2019 06:26:08 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 May 2019 06:26:07 -0700 X-ExtLoop1: 1 Received: from xiaoyu-dev.sh.intel.com ([10.239.47.11]) by fmsmga004.fm.intel.com with ESMTP; 13 May 2019 06:26:05 -0700 From: "Xiaoyu lu" To: devel@edk2.groups.io Cc: lersek@redhat.com, xiaoyux.lu@intel.com, Jian J Wang , Ting Ye Subject: [PATCH v3 0/6] CryptoPkg: Upgrade OpenSSL to 1.1.1b Date: Mon, 13 May 2019 09:25:06 -0400 Message-Id: <1557753912-30122-1-git-send-email-xiaoyux.lu@intel.com> X-Mailer: git-send-email 2.7.4 (1) CryptoPkg/OpensslLib: Modify process_files.pl for upgrading OpenSSL OpenSSL only support seeding NONE for UEFI(rand_unix.c line 93). So add --with-rand-seed=none to process_files.pl. (2) CryptoPkg/OpensslLib: Exclude unnecessary files in process_files.pl When running process_files.py to configure OpenSSL, we can exclude some unnecessary files. This can reduce porting time, compiling time and library size. (3) CryptoPkg/IntrinsicLib: Fix possible unresolved external symbol issue (4) CryptoPkg/OpensslLib: Prepare for upgrading OpenSSL Disable warning for building OpenSSL_1_1_1b (5) CryptoPkg: Upgrade OpenSSL to 1.1.1b Update OpenSSL submodule to OpenSSL_1_1_1b OpenSSL_1_1_1b(50eaac9f3337667259de725451f201e784599687) OpenSSL doesn't implement some rand_pool function for UEFI. Use EFI_RNG_PROTOCOL to generate random for entropy. If EFI_RNG_PROTOCOL is not avaliable, fall back to performance counter, but we not sure about the amount of randomness it provides. (6) CryptoPkg/BaseCryptLib: Make HMAC_CTX size backward compatible Note: Will be remove next update. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1792 Ref: https://github.com/openssl/openssl/pull/4338 Cc: Jian J Wang Cc: Ting Ye Xiaoyu Lu (3): CryptoPkg/IntrinsicLib: Fix possible unresolved external symbol issue CryptoPkg: Upgrade OpenSSL to 1.1.1b CryptoPkg/BaseCryptLib: Make HMAC_CTX size backward compatible Xiaoyu lu (3): CryptoPkg/OpensslLib: Modify process_files.pl for upgrading OpenSSL CryptoPkg/OpensslLib: Exclude unnecessary files in process_files.pl CryptoPkg/OpensslLib: Prepare for upgrading OpenSSL CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c | 8 +- .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c | 9 +- .../Library/BaseCryptLib/Hmac/CryptHmacSha256.c | 8 +- CryptoPkg/Library/Include/CrtLibSupport.h | 11 + CryptoPkg/Library/Include/openssl/opensslconf.h | 54 +++- CryptoPkg/Library/Include/sys/syscall.h | 9 + CryptoPkg/Library/IntrinsicLib/Ia32/MathFtol.c | 22 ++ CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf | 4 +- CryptoPkg/Library/OpensslLib/OpensslLib.inf | 63 +++- CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 54 +++- CryptoPkg/Library/OpensslLib/buildinf.h | 2 + CryptoPkg/Library/OpensslLib/openssl | 2 +- CryptoPkg/Library/OpensslLib/ossl_store.c | 17 ++ CryptoPkg/Library/OpensslLib/process_files.pl | 11 +- CryptoPkg/Library/OpensslLib/rand_pool.c | 339 +++++++++++++++++++++ 15 files changed, 564 insertions(+), 49 deletions(-) create mode 100644 CryptoPkg/Library/Include/sys/syscall.h create mode 100644 CryptoPkg/Library/IntrinsicLib/Ia32/MathFtol.c create mode 100644 CryptoPkg/Library/OpensslLib/ossl_store.c create mode 100644 CryptoPkg/Library/OpensslLib/rand_pool.c -- 2.7.4