[PATCH 0/5] Make the MD5 disable as default setting

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Gao, Zhichao" <zhichao.gao@intel.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@arm.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Leif Lindholm <leif@nuviainc.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Xiaoyu Lu <xiaoyux.lu@intel.com>,
	Guomin Jiang <guomin.jiang@intel.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Kelly Steele <kelly.steele@intel.com>,
	Zailiang Sun <zailiang.sun@intel.com>,
	Yi Qian <yi.qian@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Maciej Rabeda <maciej.rabeda@linux.intel.com>,
	Jiaxin Wu <jiaxin.wu@intel.com>, Siyuan Fu <siyuan.fu@intel.com>,
	Roger Feng <roger.feng@intel.com>
Subject: [PATCH 0/5] Make the MD5 disable as default setting
Date: Mon, 26 Oct 2020 17:03:38 +0800	[thread overview]
Message-ID: <20201026090343.13048-1-zhichao.gao@intel.com> (raw)

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3003
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3021

MD5 is deprecated, make it disable as default for security.
It required to set MD5 enable explicitly if the module is still
using MD5. List the modules that are still using it:
iSCSI, Hash2DxeCrypto, CryptoDxe(Pei, Smm) (with PACKAGE or ALL config).

This patch set would affact the platforms that are using iSCSI
function.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Zailiang Sun <zailiang.sun@intel.com>
Cc: Yi Qian <yi.qian@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Roger Feng <roger.feng@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>

Zhichao Gao (5):
  NetworkPkg/Defines: Make iSCSI disable as default
  NetworkPkg: Enable MD5 while enable iSCSI
  SecurityPkg/dsc: Explicitly enable MD5 for package build
  CryptoPkg/dsc: Enable MD5 when CRYPTO_SERVICES enable MD5
  CryptoPkg: Make the MD5 disable as default for security

 CryptoPkg/CryptoPkg.dsc                                | 3 +++
 CryptoPkg/Driver/Crypto.c                              | 4 ++--
 CryptoPkg/Include/Library/BaseCryptLib.h               | 2 +-
 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c         | 2 +-
 CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 2 +-
 NetworkPkg/Network.dsc.inc                             | 5 +++++
 NetworkPkg/NetworkDefines.dsc.inc                      | 4 ++--
 SecurityPkg/SecurityPkg.dsc                            | 2 +-
 8 files changed, 16 insertions(+), 8 deletions(-)

-- 
2.21.0.windows.1

next             reply	other threads:[~2020-10-26  9:05 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-10-26  9:03 Gao, Zhichao [this message]
2020-10-26  9:03 ` [PATCH 1/5] NetworkPkg/Defines: Make iSCSI disable as default Gao, Zhichao
2020-10-26  9:03 ` [PATCH 2/5] NetworkPkg: Enable MD5 while enable iSCSI Gao, Zhichao
2020-10-26  9:03 ` [PATCH 3/5] SecurityPkg/dsc: Explicitly enable MD5 for package build Gao, Zhichao
2020-10-26  9:03 ` [PATCH 4/5] CryptoPkg/dsc: Enable MD5 when CRYPTO_SERVICES enable MD5 Gao, Zhichao
2020-10-26  9:03 ` [PATCH 5/5] CryptoPkg: Make the MD5 disable as default for security Gao, Zhichao
2020-10-26  9:34 ` [PATCH 0/5] Make the MD5 disable as default setting Yao, Jiewen
2020-10-27  0:55   ` Gao, Zhichao
2020-10-29  3:01     ` Feng, Roger

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20201026090343.13048-1-zhichao.gao@intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox