From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: isaac.w.oram@intel.com) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by groups.io with SMTP; Tue, 04 Jun 2019 01:24:46 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Jun 2019 01:24:45 -0700 X-ExtLoop1: 1 Received: from orsmsx102.amr.corp.intel.com ([10.22.225.129]) by fmsmga007.fm.intel.com with ESMTP; 04 Jun 2019 01:24:45 -0700 Received: from orsmsx159.amr.corp.intel.com (10.22.240.24) by ORSMSX102.amr.corp.intel.com (10.22.225.129) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 4 Jun 2019 01:24:44 -0700 Received: from orsmsx116.amr.corp.intel.com ([169.254.7.165]) by ORSMSX159.amr.corp.intel.com ([169.254.11.57]) with mapi id 14.03.0415.000; Tue, 4 Jun 2019 01:24:44 -0700 From: "Oram, Isaac W" To: "Yao, Jiewen" , "Dong, Eric" , "devel@edk2.groups.io" , "Gao, Liming" , "Kinney, Michael D" Subject: Re: [RFC][edk2-platform][Add new packages in Platform\Intel directory] Thread-Topic: [RFC][edk2-platform][Add new packages in Platform\Intel directory] Thread-Index: AQHVF4VesjHIV4fYq02QttUGV8OTt6aE3T9w//983wCABLxhoIAAeBKAgAAFGICAAALWAIABJ2Xg Date: Tue, 4 Jun 2019 08:24:43 +0000 Message-ID: <3155A53C14BABF45A364D10949B7414C970FE0D0@ORSMSX116.amr.corp.intel.com> References: <74D8A39837DF1E4DA445A8C0B3885C503F67FA7A@shsmsx102.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C503F67FB10@shsmsx102.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C503F686731@shsmsx102.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C503F6867EA@shsmsx102.ccr.corp.intel.com> In-Reply-To: <74D8A39837DF1E4DA445A8C0B3885C503F6867EA@shsmsx102.ccr.corp.intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.0.600.7 x-originating-ip: [10.22.254.139] MIME-Version: 1.0 Return-Path: isaac.w.oram@intel.com Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_3155A53C14BABF45A364D10949B7414C970FE0D0ORSMSX116amrcor_" --_000_3155A53C14BABF45A364D10949B7414C970FE0D0ORSMSX116amrcor_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Eric, I have envisioned less granular packages for advanced features. One of the= goals for MinPlatform is to improve usability during porting. The idea is= that you would do basic board porting with minimal effort to get your syst= em functional. Then you would enable additional features by adding collect= ions of features to your baseline. Then as a last step optimize out unnece= ssary things. This is something like a functionality oriented porting appr= oach. Get all the functionality you need by building up, then optimize out= . I would characterize Intel's traditional reference platforms as having e= verything and then adding and removing from a starting point that was very = feature rich. The challenge we seemed to face was that it was hard to remo= ve things with the feature rich starting point. As an example of functionality oriented porting, say that I set up my basic= server port by starting with the Purley open board package. I port it to = my motherboard, then I check out my baseline functionality. Then I add man= ageability features by including DSC/FDF from the ManageabilityFeaturePkg t= hat add FV to my MinPlatform port. And I repeat for other sets of features= until I get all of the features that I need. Then I optimize: for size, s= peed, to reduce complexity, and so on. It would be best if this optimizati= on were tool assisted to a great degree, e.g a more sophisticated FMMT that= lets one cut out extra components. My concern is that if we allow very specific feature packages, like the Use= rAuthenticationPkg, we are very much like today. Yes, you can select any d= rivers you need and add to your DSC/FDF. But that is very quickly overwhel= ming. There are hundreds of drivers and what they require is often complex= to determine. Thus we tend to copy something else and customize it. This= tends to lead to lots of technical debt and complexity. I am thinking that we should target something like 10-20 advanced feature p= ackages that produce one or two (if features have pre-memory components) FV= with a set of features and simpler dependencies. We are just in the early= stages of defining what this would look like, and our thinking is evolving= . We have identified Manageability and Debug as feature collections. I th= ink that there is one for adding USB, network, Bluetooth and such periphera= l support. I think setup browser and UI stuff will go somewhere. We can m= ine a few reference platforms for data. Let's discuss this in person and make a proposal for organization for featu= re packages and the rules for what goes where. We can add this proposal to= your RFC and I think that will help guide the future development of the Pl= atform\Intel contents. Regards, Isaac From: Yao, Jiewen Sent: Monday, June 3, 2019 9:03 AM To: Dong, Eric ; devel@edk2.groups.io; Gao, Liming ; Kubacki, Michael A ; Oram= , Isaac W ; Kinney, Michael D Subject: RE: [RFC][edk2-platform][Add new packages in Platform\Intel direct= ory] Since there is no other module, I think we can use this specific package na= me to tell people what it is. It is also good for feature isolation. Thank you Yao Jiewen From: Dong, Eric Sent: Monday, June 3, 2019 8:53 AM To: Yao, Jiewen >; devel@= edk2.groups.io; Gao, Liming >; Kubacki, Michael A >; Oram, Isaac W >; Kinney, Michael D > Subject: RE: [RFC][edk2-platform][Add new packages in Platform\Intel direct= ory] Hi Jiewen, So far, I don't have other modules which need to move to this package. I think UserAuthenticationPkg is too specific, but if others also agree wit= h this name, I'm ok too. Hi liming, Isaac & Mike, Any comments about the new package name? Thanks, Eric From: Yao, Jiewen Sent: Monday, June 3, 2019 8:35 AM To: Dong, Eric >; devel@edk= 2.groups.io; Gao, Liming >; Kubacki, Michael A >; Oram, Isaac W >; Kinney, Michael D > Cc: Yao, Jiewen > Subject: RE: [RFC][edk2-platform][Add new packages in Platform\Intel direct= ory] OK. Do you have any other modules what could be potentially in this package= ? I think another option is to name it UserAuthenticationPkg, just like Signe= dCapsulePkg. Thank you Yao Jiewen From: Dong, Eric Sent: Monday, June 3, 2019 8:28 AM To: Yao, Jiewen >; devel@= edk2.groups.io; Gao, Liming >; Kubacki, Michael A >; Oram, Isaac W >; Kinney, Michael D > Subject: RE: [RFC][edk2-platform][Add new packages in Platform\Intel direct= ory] I think sample means this is an example about how to enable this feature. C= ode implemented with production quality. Platform can decide whether to use= it or not. Thanks, Eric From: Yao, Jiewen Sent: Friday, May 31, 2019 4:06 PM To: Dong, Eric >; devel@edk= 2.groups.io; Gao, Liming >; Kubacki, Michael A >; Oram, Isaac W >; Kinney, Michael D > Subject: RE: [RFC][edk2-platform][Add new packages in Platform\Intel direct= ory] Would you please clarify what "sample" here really means? Not for productio= n? Or something else? Thank you Yao Jiewen From: Dong, Eric Sent: Friday, May 31, 2019 4:02 PM To: Yao, Jiewen >; devel@= edk2.groups.io; Gao, Liming >; Kubacki, Michael A >; Oram, Isaac W >; Kinney, Michael D > Subject: RE: [RFC][edk2-platform][Add new packages in Platform\Intel direct= ory] Hi Jiewen, I think SecuritySamplePkg used to save 1) sample implementation for securit= y related features, 2) it's platform scope feature. SecurityPkg used to save 1) common security features, 2) It's not a sample = implementation. This is just my proposal, If you have better one, you can raise here. Thanks, Eric From: Yao, Jiewen Sent: Friday, May 31, 2019 3:49 PM To: Dong, Eric >; devel@edk= 2.groups.io; Gao, Liming >; Kubacki, Michael A >; Oram, Isaac W >; Kinney, Michael D > Subject: RE: [RFC][edk2-platform][Add new packages in Platform\Intel direct= ory] Would you please clarify the position of SecuritySamplePkg ? What is the difference between SecurityPkg and SecuritySamplePkg ? Thank you Yao Jiewen From: Dong, Eric Sent: Friday, May 31, 2019 3:46 PM To: devel@edk2.groups.io; Gao, Liming >; Kubacki, Michael A >; Oram, Isaac W >; Kinney, Michael D >; Yao, Jiewen > Subject: [RFC][edk2-platform][Add new packages in Platform\Intel directory] Isaac, Jiewen & Mike, I plan to add a new driver named UserAuthentication. This driver shows a sa= mple implementation about how to control user enter setup page. I plan to a= dd a new package in Platform\Intel folder to save this driver. New package = name is SecuritySamplePkg. Any comments for this RFC? Thanks, Eric _._,_._,_ --_000_3155A53C14BABF45A364D10949B7414C970FE0D0ORSMSX116amrcor_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Eric,

 

I have envisioned less granular packages for advance= d features.  One of the goals for MinPlatform is to improve usability = during porting.  The idea is that you would do basic board porting wit= h minimal effort to get your system functional.  Then you would enable additional features by adding collections of feature= s to your baseline.  Then as a last step optimize out unnecessary thin= gs.  This is something like a functionality oriented porting approach.=   Get all the functionality you need by building up, then optimize out.  I would characterize Intel’s traditiona= l reference platforms as having everything and then adding and removing fro= m a starting point that was very feature rich.  The challenge we seeme= d to face was that it was hard to remove things with the feature rich starting point.

 

As an example of functionality oriented porting, say= that I set up my basic server port by starting with the Purley open board = package.  I port it to my motherboard, then I check out my baseline fu= nctionality.  Then I add manageability features by including DSC/FDF from the ManageabilityFeaturePkg that add FV= to my MinPlatform port.  And I repeat for other sets of features unti= l I get all of the features that I need.  Then I optimize: for size, s= peed, to reduce complexity, and so on.  It would be best if this optimization were tool assisted to a great degree, e= .g a more sophisticated FMMT that lets one cut out extra components.

 

My concern is that if we allow very specific feature= packages, like the UserAuthenticationPkg, we are very much like today.&nbs= p; Yes, you can select any drivers you need and add to your DSC/FDF.  = But that is very quickly overwhelming.  There are hundreds of drivers and what they require is often complex to determin= e.  Thus we tend to copy something else and customize it.  This t= ends to lead to lots of technical debt and complexity.

 

I am thinking that we should target something like 1= 0-20 advanced feature packages that produce one or two (if features have pr= e-memory components) FV with a set of features and simpler dependencies.&nb= sp; We are just in the early stages of defining what this would look like, and our thinking is evolving.  We= have identified Manageability and Debug as feature collections.  I th= ink that there is one for adding USB, network, Bluetooth and such periphera= l support.  I think setup browser and UI stuff will go somewhere.  We can mine a few reference platforms for data.

 

Let’s discuss this in person and make a propos= al for organization for feature packages and the rules for what goes where.=   We can add this proposal to your RFC and I think that will help guid= e the future development of the Platform\Intel contents.

 

Regards,

Isaac

 

 

From: Yao, Jiewen
Sent: Monday, June 3, 2019 9:03 AM
To: Dong, Eric <eric.dong@intel.com>; devel@edk2.groups.io; Ga= o, Liming <liming.gao@intel.com>; Kubacki, Michael A <michael.a.ku= backi@intel.com>; Oram, Isaac W <isaac.w.oram@intel.com>; Kinney, = Michael D <michael.d.kinney@intel.com>
Subject: RE: [RFC][edk2-platform][Add new packages in Platform\Intel= directory]

 

Since there is no other module, I think we can use th= is specific package name to tell people what it is.

It is also good for feature isolation.

 

Thank you

Yao Jiewen

 

From: Dong, Eric
Sent: Monday, June 3, 2019 8:53 AM
To: Yao, Jiewen <jiewen.y= ao@intel.com>; devel@edk2.groups.io; Gao, Limi= ng <liming.gao@intel.com>= ; Kubacki, Michael A <mic= hael.a.kubacki@intel.com>; Oram, Isaac W <isaac.w.oram@intel.com>; Kinney, Michael D <michae= l.d.kinney@intel.com>
Subject: RE: [RFC][edk2-platform][Add new packages in Platform\Intel= directory]

&nbs= p;

Hi Jiewen,

 

So far, I don’t have other modules which need to move to this pa= ckage.

 

I think UserAuthenticationPkg is too = specific, but if others also agree with this name, I’m ok too.=

 

 

Hi liming, Isaac & Mike,

 

Any comments about the new package name?

 

Thanks,

Eric

From:<= /span> Yao, Jiewen
Sent: Monday, June 3, 2019 8:35 AM
To: Dong, Eric <eric.dong@= intel.com>; devel@edk2.groups.io; Gao, Limi= ng <liming.gao@intel.com>= ; Kubacki, Michael A <mic= hael.a.kubacki@intel.com>; Oram, Isaac W <isaac.w.oram@intel.com>; Kinney, Michael D <michae= l.d.kinney@intel.com>
Cc: Yao, Jiewen <jiewen.y= ao@intel.com>
Subject: RE: [RFC][edk2-platform][Add new packages in Platform\Intel= directory]

&nbs= p;

OK. Do you have any other modules what could be poten= tially in this package?

 

I think another option is to name it UserAuthenticationPkg, just like SignedCapsulePkg.=

 

Thank you

Yao Jiewen

 

From:<= /span> Dong, Eric
Sent: Monday, June 3, 2019 8:28 AM
To: Yao, Jiewen <jiewen.y= ao@intel.com>; devel@edk2.groups.io; Gao, Limi= ng <liming.gao@intel.com>= ; Kubacki, Michael A <mic= hael.a.kubacki@intel.com>; Oram, Isaac W <isaac.w.oram@intel.com>; Kinney, Michael D <michae= l.d.kinney@intel.com>
Subject: RE: [RFC][edk2-platform][Add new packages in Platform\Intel= directory]

&nbs= p;

I think sample means this is an example about how to enable this featu= re. Code implemented with production quality. Platform can decide whether t= o use it or not.

 

Thanks,

Eric

From:<= /span> Yao, Jiewen
Sent: Friday, May 31, 2019 4:06 PM
To: Dong, Eric <eric.dong@= intel.com>; devel@edk2.groups.io; Gao, Limi= ng <liming.gao@intel.com>= ; Kubacki, Michael A <mic= hael.a.kubacki@intel.com>; Oram, Isaac W <isaac.w.oram@intel.com>; Kinney, Michael D <michae= l.d.kinney@intel.com>
Subject: RE: [RFC][edk2-platform][Add new packages in Platform\Intel= directory]

&nbs= p;

Would you please clarify what “sample” he= re really means? Not for production? Or something else?

 

Thank you

Yao Jiewen

 

 

From:<= /span> Dong, Eric
Sent: Friday, May 31, 2019 4:02 PM
To: Yao, Jiewen <jiewen.y= ao@intel.com>; devel@edk2.groups.io; Gao, Limi= ng <liming.gao@intel.com>= ; Kubacki, Michael A <mic= hael.a.kubacki@intel.com>; Oram, Isaac W <isaac.w.oram@intel.com>; Kinney, Michael D <michae= l.d.kinney@intel.com>
Subject: RE: [RFC][edk2-platform][Add new packages in Platform\Intel= directory]

&nbs= p;

Hi Jiewen,

 

I think SecuritySamplePkg used to save 1) sample implementation for se= curity related features, 2) it’s platform scope feature.

SecurityPkg used to save 1) common security features, 2) It’s no= t a sample implementation.

 

This is just my proposal, If you have better one, you can raise here.<= o:p>

 

Thanks,

Eric

From:<= /span> Yao, Jiewen
Sent: Friday, May 31, 2019 3:49 PM
To: Dong, Eric <eric.dong@= intel.com>; devel@edk2.groups.io; Gao, Limi= ng <liming.gao@intel.com>= ; Kubacki, Michael A <mic= hael.a.kubacki@intel.com>; Oram, Isaac W <isaac.w.oram@intel.com>; Kinney, Michael D <michae= l.d.kinney@intel.com>
Subject: RE: [RFC][edk2-platform][Add new packages in Platform\Intel= directory]

&nbs= p;

Would you please clarify the position of SecuritySam= plePkg ?

 

What is the difference between SecurityPkg and SecuritySamplePkg ?

 

Thank you

Yao Jiewen

 

From:<= /span> Dong, Eric
Sent: Friday, May 31, 2019 3:46 PM
To: devel@edk2.groups.io= ; Gao, Liming <liming.gao@intel.= com>; Kubacki, Michael A <michael.a.kubacki@intel.com>; Oram, Isaac W <isaac.w.oram@intel.c= om>; Kinney, Michael D <michael.d.kinney@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>
Subject: [RFC][edk2-platform][Add new packages in Platform\Intel dir= ectory]

&nbs= p;

Isaac, Jiewen & Mike,

&nbs= p;

I plan to add a new driver named UserAuthentication. This driver shows= a sample implementation about how to control user enter setup page. I plan= to add a new package in Platform\Intel folder to save this driver. New package name is SecuritySamplePkg. Any com= ments for this RFC?<= /o:p>

 

Thanks,

Eric

_._,_._,_=

--_000_3155A53C14BABF45A364D10949B7414C970FE0D0ORSMSX116amrcor_--