From: Laszlo Ersek <lersek@redhat.com>
To: Fu Siyuan <siyuan.fu@intel.com>, edk2-devel@lists.01.org
Cc: Anthony Perard <anthony.perard@citrix.com>,
Jordan Justen <jordan.l.justen@intel.com>
Subject: Re: [PATCH v2 5/6] OvmfPkg: Update DSC/FDF to use NetworkPkg's include fragment file.
Date: Fri, 23 Nov 2018 13:00:09 +0100 [thread overview]
Message-ID: <5c2bd936-6a84-eea0-f165-3c99ba892793@redhat.com> (raw)
In-Reply-To: <20181122052153.89464-6-siyuan.fu@intel.com>
On 11/22/18 06:21, Fu Siyuan wrote:
> This patch updates the platform DSC/FDF files to use the include fragment
> files provided by NetworkPkg.
> The feature enabling flags in [Defines] section have been updated to use
> the NetworkPkg's terms, and the value has been overridden with the original
> default value on this platform.
>
> This patch also rename the TLS_ENABLE flag to PLATFORM_TLS_ENABLE for the
> platform specific configuration for TLS support.
>
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Anthony Perard <anthony.perard@citrix.com>
> Cc: Julien Grall <julien.grall@linaro.org>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
> ---
>
> Notes:
> v2:
> Rename TLS_ENABLE flag to PLATFORM_TLS_ENABLE flag for platform specific configuration for TLS support.
>
> OvmfPkg/OvmfPkgIa32.dsc | 75 +++++++++----------
> OvmfPkg/OvmfPkgIa32.fdf | 27 +------
> OvmfPkg/OvmfPkgIa32X64.dsc | 76 +++++++++-----------
> OvmfPkg/OvmfPkgIa32X64.fdf | 27 +------
> OvmfPkg/OvmfPkgX64.dsc | 75 +++++++++----------
> OvmfPkg/OvmfPkgX64.fdf | 27 +------
> 6 files changed, 102 insertions(+), 205 deletions(-)
>
> diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
> index eccf34d3d1cb..adedd2240a8a 100644
> --- a/OvmfPkg/OvmfPkgIa32.dsc
> +++ b/OvmfPkg/OvmfPkgIa32.dsc
> @@ -35,12 +35,25 @@ [Defines]
> # -D FLAG=VALUE
> #
> DEFINE SECURE_BOOT_ENABLE = FALSE
> - DEFINE NETWORK_IP6_ENABLE = FALSE
> - DEFINE HTTP_BOOT_ENABLE = FALSE
> DEFINE SMM_REQUIRE = FALSE
> - DEFINE TLS_ENABLE = FALSE
> DEFINE TPM2_ENABLE = FALSE
>
> + #
> + # PLATFORM_TLS_ENABLE flag is used to control platform specific configuration for TLS support,
> + # which add a NULL class library instance to TlsAuthConfigDxe.inf for downloading the necessary
> + # data from QEMU via fw_cfg.
> + #
> + DEFINE PLATFORM_TLS_ENABLE = FALSE
> + #
> + # The NETWORK_TLS_ENABLE should always be set to FALSE since PLATFORM_TLS_ENABLE is used.
> + #
> + DEFINE NETWORK_TLS_ENABLE = FALSE
> + DEFINE NETWORK_IP6_ENABLE = FALSE
> + DEFINE NETWORK_HTTP_BOOT_ENABLE = FALSE
> + DEFINE NETWORK_ALLOW_HTTP_CONNECTIONS = TRUE
> + DEFINE NETWORK_IPSEC_ENABLE = FALSE
> +!include NetworkPkg/NetworkDefines.dsc.inc
> +
Perfect. Logically, this is exactly right.
One syntactic request:
(1) Can you please rewrap the -- otherwise spot-on -- explanation of
PLATFORM_TLS_ENABLE to 80 characters? Same for the NETWORK_TLS_ENABLE
explanation.
> #
> # Flash size selection. Setting FD_SIZE_IN_KB on the command line directly to
> # one of the supported values, in place of any of the convenience macros, is
> @@ -144,10 +157,6 @@ [LibraryClasses]
> FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
> UefiCpuLib|UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf
> SecurityManagementLib|MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf
> - NetLib|MdeModulePkg/Library/DxeNetLib/DxeNetLib.inf
> - IpIoLib|MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.inf
> - UdpIoLib|MdeModulePkg/Library/DxeUdpIoLib/DxeUdpIoLib.inf
> - DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf
> UefiUsbLib|MdePkg/Library/UefiUsbLib/UefiUsbLib.inf
> SerializeVariablesLib|OvmfPkg/Library/SerializeVariablesLib/SerializeVariablesLib.inf
> QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf
> @@ -173,7 +182,7 @@ [LibraryClasses]
> DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
>
> IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> -!if $(TLS_ENABLE) == TRUE
> +!if $(PLATFORM_TLS_ENABLE) == TRUE
> OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> !else
> OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> @@ -191,11 +200,12 @@ [LibraryClasses]
>
> TcpIoLib|MdeModulePkg/Library/DxeTcpIoLib/DxeTcpIoLib.inf
(2) Please remove the TcpIoLib resolution as well. It is provided by
"NetworkPkg/NetworkLibs.dsc.inc".
>
> -!if $(HTTP_BOOT_ENABLE) == TRUE
> - HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf
> -!endif
> + #
> + # Network libraries
> + #
> +!include NetworkPkg/NetworkLibs.dsc.inc
>
> -!if $(TLS_ENABLE) == TRUE
> +!if $(PLATFORM_TLS_ENABLE) == TRUE
> TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
> !endif
>
> @@ -442,7 +452,7 @@ [PcdsFixedAtBuild]
> !if ($(FD_SIZE_IN_KB) == 1024) || ($(FD_SIZE_IN_KB) == 2048)
> gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
> gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800
> -!if $(TLS_ENABLE) == FALSE
> +!if $(PLATFORM_TLS_ENABLE) == FALSE
> # match PcdFlashNvStorageVariableSize purely for convenience
> gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xe000
> !endif
> @@ -450,12 +460,12 @@ [PcdsFixedAtBuild]
> !if $(FD_SIZE_IN_KB) == 4096
> gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x8400
> gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x8400
> -!if $(TLS_ENABLE) == FALSE
> +!if $(PLATFORM_TLS_ENABLE) == FALSE
> # match PcdFlashNvStorageVariableSize purely for convenience
> gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0x40000
> !endif
> !endif
> -!if $(TLS_ENABLE) == TRUE
> +!if $(PLATFORM_TLS_ENABLE) == TRUE
> gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0x80000
> gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize|0x40000
> !endif
> @@ -504,9 +514,10 @@ [PcdsFixedAtBuild]
> gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2
> !endif
>
> -!if $(HTTP_BOOT_ENABLE) == TRUE
> - gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections|TRUE
> -!endif
> + #
> + # Network Pcds
> + #
> +!include NetworkPkg/NetworkPcds.dsc.inc
>
> gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdShellFile|{ 0x83, 0xA5, 0x04, 0x7C, 0x3E, 0x9E, 0x1C, 0x4F, 0xAD, 0x65, 0xE0, 0x52, 0x68, 0xD0, 0xB4, 0xD1 }
>
> @@ -777,31 +788,9 @@ [Components]
> #
> # Network Support
> #
> - MdeModulePkg/Universal/Network/SnpDxe/SnpDxe.inf
> - MdeModulePkg/Universal/Network/DpcDxe/DpcDxe.inf
> - MdeModulePkg/Universal/Network/MnpDxe/MnpDxe.inf
> - MdeModulePkg/Universal/Network/VlanConfigDxe/VlanConfigDxe.inf
> - MdeModulePkg/Universal/Network/ArpDxe/ArpDxe.inf
> - MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Dxe.inf
> - MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Dxe.inf
> - MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Dxe.inf
> - MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Dxe.inf
> - NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf
> - NetworkPkg/TcpDxe/TcpDxe.inf
> - NetworkPkg/IScsiDxe/IScsiDxe.inf
> -!if $(NETWORK_IP6_ENABLE) == TRUE
> - NetworkPkg/Ip6Dxe/Ip6Dxe.inf
> - NetworkPkg/Udp6Dxe/Udp6Dxe.inf
> - NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf
> - NetworkPkg/Mtftp6Dxe/Mtftp6Dxe.inf
> -!endif
> -!if $(HTTP_BOOT_ENABLE) == TRUE
> - NetworkPkg/DnsDxe/DnsDxe.inf
> - NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
> - NetworkPkg/HttpDxe/HttpDxe.inf
> - NetworkPkg/HttpBootDxe/HttpBootDxe.inf
> -!endif
> -!if $(TLS_ENABLE) == TRUE
> +!include NetworkPkg/NetworkComponents.dsc.inc
> +
> +!if $(PLATFORM_TLS_ENABLE) == TRUE
> NetworkPkg/TlsDxe/TlsDxe.inf
> NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf {
> <LibraryClasses>
(3) This is all great. What do you think of the following, in addition:
(and this is actually another comment for the NetworkPkg patch:)
We could introduce another include file, namely
NetworkPkg/NetworkShellCommandsLib.dsc.inc
And in that file, you could provide:
!if NETWORK_ENABLE
!if NETWORK_IP4_ENABLE
NULL|ShellPkg/Library/UefiShellNetwork1CommandsLib/UefiShellNetwork1CommandsLib.inf
!endif
!if NETWORK_IP6_ENABLE
NULL|ShellPkg/Library/UefiShellNetwork2CommandsLib/UefiShellNetwork2CommandsLib.inf
!endif
!endif
Because, with the help of this file, we could retire the last remaining
instance of NETWORK_IP6_ENABLE in the OVMF DSC files:
!if $(NETWORK_IP6_ENABLE) == TRUE
NULL|ShellPkg/Library/UefiShellNetwork2CommandsLib/UefiShellNetwork2CommandsLib.inf
!endif
What's your opinion?
> diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
> index f7f9ab06bb5a..995328992ccf 100644
> --- a/OvmfPkg/OvmfPkgIa32.fdf
> +++ b/OvmfPkg/OvmfPkgIa32.fdf
> @@ -296,31 +296,8 @@ [FV.DXEFV]
> #
> # Network modules
> #
> - INF MdeModulePkg/Universal/Network/SnpDxe/SnpDxe.inf
> - INF MdeModulePkg/Universal/Network/DpcDxe/DpcDxe.inf
> - INF MdeModulePkg/Universal/Network/MnpDxe/MnpDxe.inf
> - INF MdeModulePkg/Universal/Network/VlanConfigDxe/VlanConfigDxe.inf
> - INF MdeModulePkg/Universal/Network/ArpDxe/ArpDxe.inf
> - INF MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Dxe.inf
> - INF MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Dxe.inf
> - INF MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Dxe.inf
> - INF MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Dxe.inf
> - INF NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf
> - INF NetworkPkg/TcpDxe/TcpDxe.inf
> - INF NetworkPkg/IScsiDxe/IScsiDxe.inf
> -!if $(NETWORK_IP6_ENABLE) == TRUE
> - INF NetworkPkg/Ip6Dxe/Ip6Dxe.inf
> - INF NetworkPkg/Udp6Dxe/Udp6Dxe.inf
> - INF NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf
> - INF NetworkPkg/Mtftp6Dxe/Mtftp6Dxe.inf
> -!endif
> -!if $(HTTP_BOOT_ENABLE) == TRUE
> - INF NetworkPkg/DnsDxe/DnsDxe.inf
> - INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
> - INF NetworkPkg/HttpDxe/HttpDxe.inf
> - INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf
> -!endif
> -!if $(TLS_ENABLE) == TRUE
> +!include NetworkPkg/Network.fdf.inc
> +!if $(PLATFORM_TLS_ENABLE) == TRUE
> INF NetworkPkg/TlsDxe/TlsDxe.inf
> INF NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
> !endif
Nice.
Last request for the OvmfPkg patch:
(4) Please replace HTTP_BOOT_ENABLE and TLS_ENABLE in the "OvmfPkg/README"
file as well (there is one hit for each build flag).
Please also re-wrap any lines in the README that grow longer than 80
characters, due to the replacements.
(Regarding the Wiki, I've just filed
<https://bugzilla.tianocore.org/show_bug.cgi?id=1357> separately.)
I'm real happy about this series. :)
Thanks!
Laszlo
next prev parent reply other threads:[~2018-11-23 12:00 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-22 5:21 [PATCH v2 0/6] Add DSC/FDF include segment files for network stack Fu Siyuan
2018-11-22 5:21 ` [PATCH v2 1/6] NetworkPkg: Add DSC/FDF include segment files to NetworkPkg Fu Siyuan
2018-11-22 9:56 ` Ni, Ruiyu
2018-11-22 10:52 ` Fu, Siyuan
2018-11-23 10:56 ` Laszlo Ersek
2018-12-10 8:36 ` Ard Biesheuvel
2018-12-10 14:40 ` Laszlo Ersek
2018-12-10 16:39 ` Ard Biesheuvel
2018-11-22 5:21 ` [PATCH v2 2/6] Nt32Pkg: Update DSC/FDF to use NetworkPkg's include fragment file Fu Siyuan
2018-11-22 5:21 ` [PATCH v2 3/6] ArmVirtPkg: " Fu Siyuan
2018-11-23 12:29 ` Laszlo Ersek
2018-11-23 12:30 ` Laszlo Ersek
2018-11-23 16:50 ` Laszlo Ersek
2018-11-22 5:21 ` [PATCH v2 4/6] EmulatorPkg: " Fu Siyuan
2018-11-22 5:21 ` [PATCH v2 5/6] OvmfPkg: " Fu Siyuan
2018-11-23 12:00 ` Laszlo Ersek [this message]
2018-11-23 12:10 ` Laszlo Ersek
2018-11-23 12:19 ` Laszlo Ersek
2018-11-22 5:21 ` [PATCH v2 6/6] Vlv2TbltDevicePkg: " Fu Siyuan
2018-11-22 6:14 ` [PATCH v2 0/6] Add DSC/FDF include segment files for network stack Gao, Liming
2018-11-22 15:48 ` Laszlo Ersek
2018-11-23 16:02 ` Gao, Liming
2018-11-23 18:35 ` Laszlo Ersek
2018-11-26 3:31 ` Gao, Liming
2018-11-26 11:34 ` Laszlo Ersek
2018-11-22 16:12 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5c2bd936-6a84-eea0-f165-3c99ba892793@redhat.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox