From: Gary Lin <glin@suse.com>
To: edk2-devel@lists.01.org
Cc: Laszlo Ersek <lersek@redhat.com>,
Justen Jordan L <jordan.l.justen@intel.com>,
Wu Jiaxin <jiaxin.wu@intel.com>, Long Qin <qin.long@intel.com>
Subject: [PATCH 1/3] OvmfPkg: always resolve OpenSslLib, IntrinsicLib and BaseCryptLib
Date: Tue, 17 Jan 2017 12:52:30 +0800 [thread overview]
Message-ID: <20170117045232.4765-2-glin@suse.com> (raw)
In-Reply-To: <20170117045232.4765-1-glin@suse.com>
This commit provides unconditional library resolutions for the OpenSslLib,
IntrinsicLib and BaseCryptLib classes, regardless of whether those classes
are actually used by any module.
Although those libraries depends on OpenSSL, they won't be built unless
a module really uses them. Thus, missing OpenSSL from the tree won't
cause any build failure as long as SECURE_BOOT_ENABLE is false.
(Based on Jiaxin's patch and Laszlo's suggestion)
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Justen Jordan L <jordan.l.justen@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Long Qin <qin.long@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Lin <glin@suse.com>
---
OvmfPkg/OvmfPkgIa32.dsc | 9 +++------
OvmfPkg/OvmfPkgIa32X64.dsc | 9 +++------
OvmfPkg/OvmfPkgX64.dsc | 9 +++------
3 files changed, 9 insertions(+), 18 deletions(-)
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index e97f7f0262..9aa66eb951 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -141,10 +141,11 @@ [LibraryClasses]
LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf
DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
-!if $(SECURE_BOOT_ENABLE) == TRUE
- PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+
+!if $(SECURE_BOOT_ENABLE) == TRUE
+ PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
!if $(NETWORK_IP6_ENABLE) == TRUE
@@ -166,9 +167,7 @@ [LibraryClasses]
XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf
[LibraryClasses.common]
-!if $(SECURE_BOOT_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
-!endif
[LibraryClasses.common.SEC]
TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf
@@ -258,9 +257,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]
DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
!endif
UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf
-!if $(SECURE_BOOT_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
-!endif
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
[LibraryClasses.common.UEFI_DRIVER]
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 8e3e04c135..9537e92077 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -146,10 +146,11 @@ [LibraryClasses]
LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf
DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
-!if $(SECURE_BOOT_ENABLE) == TRUE
- PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+
+!if $(SECURE_BOOT_ENABLE) == TRUE
+ PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
!if $(NETWORK_IP6_ENABLE) == TRUE
@@ -171,9 +172,7 @@ [LibraryClasses]
XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf
[LibraryClasses.common]
-!if $(SECURE_BOOT_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
-!endif
[LibraryClasses.common.SEC]
TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf
@@ -263,9 +262,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]
DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
!endif
UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf
-!if $(SECURE_BOOT_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
-!endif
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
[LibraryClasses.common.UEFI_DRIVER]
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 6ec3fe050d..d15294eb72 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -146,10 +146,11 @@ [LibraryClasses]
LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf
DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
-!if $(SECURE_BOOT_ENABLE) == TRUE
- PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+
+!if $(SECURE_BOOT_ENABLE) == TRUE
+ PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
!if $(NETWORK_IP6_ENABLE) == TRUE
@@ -171,9 +172,7 @@ [LibraryClasses]
XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf
[LibraryClasses.common]
-!if $(SECURE_BOOT_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
-!endif
[LibraryClasses.common.SEC]
TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf
@@ -263,9 +262,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]
DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
!endif
UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf
-!if $(SECURE_BOOT_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
-!endif
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
[LibraryClasses.common.UEFI_DRIVER]
--
2.11.0
next prev parent reply other threads:[~2017-01-17 4:52 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-17 4:52 [PATCH 0/3] Enable HTTPS Boot in OVMF Gary Lin
2017-01-17 4:52 ` Gary Lin [this message]
2017-01-17 8:03 ` [PATCH 1/3] OvmfPkg: always resolve OpenSslLib, IntrinsicLib and BaseCryptLib Wu, Jiaxin
2017-01-17 9:13 ` Laszlo Ersek
2017-01-17 4:52 ` [PATCH 2/3] OvmfPkg: correct the set of modules included for the IPv6 stack Gary Lin
2017-01-17 8:04 ` Wu, Jiaxin
2017-01-17 9:22 ` Laszlo Ersek
2017-01-18 0:47 ` Wu, Jiaxin
2017-01-18 8:17 ` Laszlo Ersek
2017-01-18 9:21 ` Gary Lin
2017-01-19 3:09 ` Wu, Jiaxin
2017-01-19 8:36 ` Laszlo Ersek
2017-01-17 4:52 ` [PATCH 3/3] OvmfPkg: pull in TLS modules with -D TLS_ENABLE (also enabling HTTPS) Gary Lin
2017-01-17 8:04 ` Wu, Jiaxin
2017-01-17 9:24 ` Laszlo Ersek
2017-01-17 8:13 ` [PATCH 0/3] Enable HTTPS Boot in OVMF Long, Qin
2017-01-17 8:25 ` Jordan Justen
2017-01-17 20:13 ` Laszlo Ersek
2017-01-18 1:59 ` Gary Lin
2017-01-17 9:49 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170117045232.4765-2-glin@suse.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox