From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.120]) by mx.groups.io with SMTP id smtpd.web11.7611.1583932502392964913 for ; Wed, 11 Mar 2020 06:15:02 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=JMAsYXlc; spf=pass (domain: redhat.com, ip: 205.139.110.120, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1583932501; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WR1QPpEM+kdi+4NPJhkCq4U9LdM+Y8lt4BGjUujP0F0=; b=JMAsYXlc7fkMqbQl0+jrHB/quJQOO3P0Mit/UtAvQWyMPST3kur3d9oDQs7g4QrXX30qag Mdv1hUxUGB58Hk3/2QMiPcifL62LfkGdFhPsKUpMetVk40FT9UvvkQnv+E5EX76fXfeO9k OSNvTXd3l2fxOs8BBq6PibA50i3Obhc= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-240-ksZkM3gkNtaM5dsnN0-O_Q-1; Wed, 11 Mar 2020 09:14:57 -0400 X-MC-Unique: ksZkM3gkNtaM5dsnN0-O_Q-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 69A4F107ACC9; Wed, 11 Mar 2020 13:14:56 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (unknown [10.36.119.12]) by smtp.corp.redhat.com (Postfix) with ESMTP id 96EB460F89; Wed, 11 Mar 2020 13:14:54 +0000 (UTC) Subject: Re: Disabling safe string constraint assertions To: Vitaly Cheptsov , Andrew Fish , Mike Kinney , =?UTF-8?Q?Marvin_H=c3=a4user?= , "Gao, Liming" , "Gao, Zhichao" Cc: devel@edk2.groups.io References: <5F8859C7-5776-4DF0-99F5-1D0BC56B50C4@apple.com> <318F875F-3C9A-4236-841B-5BB9908CC139@ispras.ru> From: "Laszlo Ersek" Message-ID: <38e4a6e4-ca31-3c2f-5df5-fb4b67e05f33@redhat.com> Date: Wed, 11 Mar 2020 14:14:53 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <318F875F-3C9A-4236-841B-5BB9908CC139@ispras.ru> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 03/11/20 14:09, Vitaly Cheptsov wrote: > Hi everyone, >=20 > So, I believe that by now we mostly agreed to let the original > proposition land as a short-term solution. We end up with: >=20 > 1. A PCD condition within SAFE_STRING_COSTRAINT_CHECK macro. > 2. Make this condition evaluate to TRUE by default (i.e. ASSERT). > 3. Update documentation for BaseLib functions to include the information > about this behaviour. >=20 > The only thing in question is whether this should be a separate PCD or > an extra bit in PcdDebugPropertyMask. I believe that we almost agreed on > two things: >=20 > 1. Adding an extra bit to PcdDebugPropertyMask is cleaner. > 2. Extending DebugLib interface with a new function is not a good idea. >=20 > Therefore I suggest: >=20 > 1.Add #define DEBUG_PROPERTY_ASSERT_CONSTRAINT_ENABLED 0x40. > 2. Create header-only macros to replace functions like > DebugAssertEnabled. We can then use these macros in new code and > deprecate the original functions. > 3. Enable=C2=A0DEBUG_PROPERTY_ASSERT_CONSTRAINT_ENABLED bit in MdePkg by = default. >=20 > I will submit the new version of the patch soon unless there is an > immediate opposing opinion. Not sure about any particular deprecation timeline, but to me the above certainly sounds worth submitting for review. (NB I don't plan to review in detail -- I just meant to comment on the design, since I was asked to.) Thanks! Laszlo