From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <lersek@redhat.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=66.187.233.73; helo=mx1.redhat.com; envelope-from=lersek@redhat.com;
 receiver=edk2-devel@lists.01.org 
Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id A09B7207E36CB
 for <edk2-devel@lists.01.org>; Tue,  8 May 2018 04:32:19 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com
 [10.11.54.5])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.redhat.com (Postfix) with ESMTPS id 7244D738E0;
 Tue,  8 May 2018 11:32:18 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-52.rdu2.redhat.com
 [10.10.120.52])
 by smtp.corp.redhat.com (Postfix) with ESMTP id C7A48AFD4C;
 Tue,  8 May 2018 11:32:17 +0000 (UTC)
To: "Long, Qin" <qin.long@intel.com>, edk2-devel-01 <edk2-devel@lists.01.org>
Cc: "Ye, Ting" <ting.ye@intel.com>
References: <20180507202054.1293-1-lersek@redhat.com>
 <BF2CCE9263284D428840004653A28B6E540C1A6B@SHSMSX103.ccr.corp.intel.com>
From: Laszlo Ersek <lersek@redhat.com>
Message-ID: <18b929fc-929a-8b88-2246-1f5a689e1fd3@redhat.com>
Date: Tue, 8 May 2018 13:32:16 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <BF2CCE9263284D428840004653A28B6E540C1A6B@SHSMSX103.ccr.corp.intel.com>
X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
 (mx1.redhat.com [10.11.55.1]); Tue, 08 May 2018 11:32:18 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.1]);
 Tue, 08 May 2018 11:32:18 +0000 (UTC) for IP:'10.11.54.5'
 DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com'
 HELO:'smtp.corp.redhat.com' FROM:'lersek@redhat.com' RCPT:''
Subject: Re: [PATCH] CryptoPkg/CrtLibSupport: add secure_getenv() stub function
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Tue, 08 May 2018 11:32:19 -0000
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit

On 05/08/18 10:51, Long, Qin wrote:
> It's OK for me to add this NULL wrapper. 
> 
> Reviewed-by: Long Qin <qin.long@intel.com>

Thank you very much!

Commit ee3198e672e2.

Laszlo

> -----Original Message-----
> From: Laszlo Ersek [mailto:lersek@redhat.com] 
> Sent: Tuesday, May 8, 2018 4:21 AM
> To: edk2-devel-01 <edk2-devel@lists.01.org>
> Cc: Long, Qin <qin.long@intel.com>; Ye, Ting <ting.ye@intel.com>
> Subject: [PATCH] CryptoPkg/CrtLibSupport: add secure_getenv() stub function
> 
> The Fedora distro ships a modified OpenSSL 1.1.0 package stream. One of their patches calls the secure_getenv() C library function. We already have a stub for getenv(); it applies trivially to secure_getenv() as well.
> Add the secure_getenv() stub so that edk2 can be built with Fedora's OpenSSL 1.1.0 sources.
> 
> Cc: Qin Long <qin.long@intel.com>
> Cc: Ting Ye <ting.ye@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Laszlo Ersek <lersek@redhat.com>
> ---
> 
> Notes:
>     Repo:   https://github.com/lersek/edk2.git
>     Branch: secure_getenv
> 
>  CryptoPkg/Library/Include/CrtLibSupport.h           |  1 +
>  CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c | 13 +++++++++++++
>  2 files changed, 14 insertions(+)
> 
> diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h b/CryptoPkg/Library/Include/CrtLibSupport.h
> index 7f1ec1230206..feaf58b0c79a 100644
> --- a/CryptoPkg/Library/Include/CrtLibSupport.h
> +++ b/CryptoPkg/Library/Include/CrtLibSupport.h
> @@ -163,6 +163,7 @@ gid_t          getgid      (void);
>  gid_t          getegid     (void);
>  void           qsort       (void *, size_t, size_t, int (*)(const void *, const void *));
>  char           *getenv     (const char *);
> +char           *secure_getenv (const char *);
>  #if defined(__GNUC__) && (__GNUC__ >= 2)
>  void           abort       (void) __attribute__((__noreturn__));
>  #else
> diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
> index 20c96563d270..9510a4a383e6 100644
> --- a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
> +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
> @@ -361,6 +361,19 @@ char *getenv (const char *varname)
>    return NULL;
>  }
>  
> +/* Get a value from the current environment */ char *secure_getenv 
> +(const char *varname) {
> +  //
> +  // Null secure_getenv() function implementation to satisfy the 
> +linker, since
> +  // there is no direct functionality logic dependency in present UEFI cases.
> +  //
> +  // From the secure_getenv() manual: 'just like getenv() except that 
> +it
> +  // returns NULL in cases where "secure execution" is required'.
> +  //
> +  return NULL;
> +}
> +
>  //
>  // -- Stream I/O Routines --
>  //
> --
> 2.14.1.3.gb7cf6e02401b
> 
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
>