From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web11.15105.1678696238207750449 for ; Mon, 13 Mar 2023 01:30:38 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=YhyhH/97; spf=pass (domain: redhat.com, ip: 170.10.129.124, mailfrom: kraxel@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1678696237; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=9CsX5sA6UeaFjldCRvlnzU9mu/oX1T6iFjCcwKHCWAM=; b=YhyhH/97JCdzmrnb9V2hjHiWDcYZXRbc4pZz6btheclpL5HUqnJhY3Zp5oITaNvrVsmzhb UmifqffcMdVa5aq4RAxFBYAgX2pdJDfef3KKfLD/uaNeW6C7XYTwUE+5mlTEIn9Awvtf8k CqojwQ+j7rTgRcx+HIjijnhKXCArMuM= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-463-bFR0QG0pMIC8sPJxgkGa9Q-1; Mon, 13 Mar 2023 04:30:34 -0400 X-MC-Unique: bFR0QG0pMIC8sPJxgkGa9Q-1 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C4C7A800050; Mon, 13 Mar 2023 08:30:33 +0000 (UTC) Received: from sirius.home.kraxel.org (unknown [10.39.192.142]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 58AB01731B; Mon, 13 Mar 2023 08:30:33 +0000 (UTC) Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 75ED41801E91; Mon, 13 Mar 2023 09:30:16 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Jian J Wang , Pawel Polawski , Xiaoyu Lu , Ard Biesheuvel , Guomin Jiang , Gerd Hoffmann , Jiewen Yao , Oliver Steffen , Jordan Justen Subject: [PATCH 16/22] [hash] CryptoPkg/openssl: add OpensslLibHash.inf Date: Mon, 13 Mar 2023 09:30:10 +0100 Message-Id: <20230313083016.136448-17-kraxel@redhat.com> In-Reply-To: <20230313083016.136448-1-kraxel@redhat.com> References: <20230313083016.136448-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII"; x-default=true Add *.inf variant with hash functions only, to support SEC and PEI doing measurements. I don't think we really need this, using OpensslLibCrypto.inf and depending on the linker dropping unused object files should work equally well. For trouble-shooting it's handy though because you'll get linker errors instead of bloated binaries. So not sure yet what to do with this ... Signed-off-by: Gerd Hoffmann --- .../Library/OpensslLib/OpensslLibHash.inf | 126 ++++++++++++++++++ 1 file changed, 126 insertions(+) create mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibHash.inf diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibHash.inf b/CryptoPkg/Library/OpensslLib/OpensslLibHash.inf new file mode 100644 index 000000000000..2d5838e682e9 --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/OpensslLibHash.inf @@ -0,0 +1,126 @@ +## @file +# This module provides OpenSSL Library implementation with ECC and TLS +# features removed and features have performance optimizations enabled. +# +# Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.
+# (C) Copyright 2020 Hewlett Packard Enterprise Development LP
+# Copyright (c) 2022, Loongson Technology Corporation Limited. All rights reserved.
+# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = OpensslLibCrypto + MODULE_UNI_FILE = OpensslLibCrypto.uni + FILE_GUID = E29FC209-8B64-4500-BD20-AF4EAE47EA0E + MODULE_TYPE = BASE + VERSION_STRING = 1.0 + LIBRARY_CLASS = OpensslLib + + DEFINE OPENSSL_PATH = openssl + DEFINE OPENSSL_GEN_PATH = openssl-gen + DEFINE OPENSSL_FLAGS = -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DEDK2_OPENSSL_NOEC=1 -DOPENSSL_NO_ASM + DEFINE OPENSSL_FLAGS_NOASM = + +# +# VALID_ARCHITECTURES = IA32 X64 ARM AARCH64 +# + +[Sources] +# Autogenerated files list starts here +# Autogenerated files list ends here + +[Packages] + MdePkg/MdePkg.dec + CryptoPkg/CryptoPkg.dec + +[LibraryClasses] + BaseLib + DebugLib + RngLib + +[LibraryClasses.ARM] + ArmSoftFloatLib + +[BuildOptions] + # + # Disables the following Visual Studio compiler warnings brought by openssl source, + # so we do not break the build with /WX option: + # C4090: 'function' : different 'const' qualifiers + # C4132: 'object' : const object should be initialized (tls13_enc.c) + # C4210: nonstandard extension used: function given file scope + # C4244: conversion from type1 to type2, possible loss of data + # C4245: conversion from type1 to type2, signed/unsigned mismatch + # C4267: conversion from size_t to type, possible loss of data + # C4306: 'identifier' : conversion from 'type1' to 'type2' of greater size + # C4310: cast truncates constant value + # C4389: 'operator' : signed/unsigned mismatch (xxxx) + # C4700: uninitialized local variable 'name' used. (conf_sap.c(71)) + # C4702: unreachable code + # C4706: assignment within conditional expression + # C4819: The file contains a character that cannot be represented in the current code page + # + MSFT:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_NOASM) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 /wd4310 /wd4389 /wd4700 /wd4702 /wd4706 /wd4819 + MSFT:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_NOASM) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 /wd4306 /wd4310 /wd4700 /wd4389 /wd4702 /wd4706 /wd4819 + + # + # Disable following Visual Studio 2015 compiler warnings brought by openssl source, + # so we do not break the build with /WX option: + # C4718: recursive call has no side effects, deleting + # + MSFT:*_VS2015x86_IA32_CC_FLAGS = /wd4718 + MSFT:*_VS2015x86_X64_CC_FLAGS = /wd4718 + + INTEL:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_NOASM) /w + INTEL:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_NOASM) /w + + # + # Suppress the following build warnings in openssl so we don't break the build with -Werror + # -Werror=maybe-uninitialized: there exist some other paths for which the variable is not initialized. + # -Werror=format: Check calls to printf and scanf, etc., to make sure that the arguments supplied have + # types appropriate to the format string specified. + # -Werror=unused-but-set-variable: Warn whenever a local variable is assigned to, but otherwise unused (aside from its declaration). + # + GCC:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_NOASM) -Wno-error=maybe-uninitialized -Wno-error=unused-but-set-variable + GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_NOASM) -Wno-error=maybe-uninitialized -Wno-error=format -Wno-format -Wno-error=unused-but-set-variable -DNO_MSABI_VA_FUNCS + GCC:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-error=unused-but-set-variable + GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-format -Wno-error=unused-but-set-variable -Wno-error=format + GCC:*_*_RISCV64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-format -Wno-error=unused-but-set-variable + GCC:*_*_LOONGARCH64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-format -Wno-error=unused-but-set-variable + GCC:*_CLANG35_*_CC_FLAGS = -std=c99 -Wno-error=uninitialized + GCC:*_CLANG38_*_CC_FLAGS = -std=c99 -Wno-error=uninitialized + GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=uninitialized -Wno-error=incompatible-pointer-types -Wno-error=pointer-sign -Wno-error=implicit-function-declaration -Wno-error=ignored-pragma-optimize + + # suppress the following warnings in openssl so we don't break the build with warnings-as-errors: + # 1295: Deprecated declaration - give arg types + # 550: was set but never used + # 1293: assignment in condition + # 111: statement is unreachable (invariably "break;" after "return X;" in case statement) + # 68: integer conversion resulted in a change of sign ("if (Status == -1)") + # 177: was declared but never referenced + # 223: function declared implicitly + # 144: a value of type cannot be used to initialize an entity of type + # 513: a value of type cannot be assigned to an entity of type + # 188: enumerated type mixed with another type (i.e. passing an integer as an enum without a cast) + # 1296: Extended constant initialiser used + # 128: loop is not reachable - may be emitted inappropriately if code follows a conditional return + # from the function that evaluates to true at compile time + # 546: transfer of control bypasses initialization - may be emitted inappropriately if the uninitialized + # variable is never referenced after the jump + # 1: ignore "#1-D: last line of file ends without a newline" + # 3017: may be used before being set (NOTE: This was fixed in OpenSSL 1.1 HEAD with + # commit d9b8b89bec4480de3a10bdaf9425db371c19145b, and can be dropped then.) + XCODE:*_*_IA32_CC_FLAGS = -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_NOASM) -w -std=c99 -Wno-error=uninitialized + XCODE:*_*_X64_CC_FLAGS = -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_NOASM) -w -std=c99 -Wno-error=uninitialized + + # + # AARCH64 uses strict alignment and avoids SIMD registers for code that may execute + # with the MMU off. This involves SEC, PEI_CORE and PEIM modules as well as BASE + # libraries, given that they may be included into such modules. + # This library, even though of the BASE type, is never used in such cases, and + # avoiding the SIMD register file (which is shared with the FPU) prevents the + # compiler from successfully building some of the OpenSSL source files that + # use floating point types, so clear the flags here. + # + GCC:*_*_AARCH64_CC_XIPFLAGS == -- 2.39.2