From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: redhat.com, ip: 209.132.183.28, mailfrom: lersek@redhat.com) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by groups.io with SMTP; Tue, 11 Jun 2019 08:46:49 -0700 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id DD9EF30860B2; Tue, 11 Jun 2019 15:46:39 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-234.ams2.redhat.com [10.36.116.234]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6F6B960C81; Tue, 11 Jun 2019 15:46:38 +0000 (UTC) Subject: Re: [edk2-devel] EDK II Stable Tag release edk2-stable201905 completed To: Leif Lindholm , devel@edk2.groups.io Cc: "Gao, Liming" , "sssky307@163.com" , "'announce@edk2.groups.io'" , "Kinney, Michael D" , "afish@apple.com" References: <4A89E2EF3DFEDB4C8BFDE51014F606A14E46CD3D@SHSMSX104.ccr.corp.intel.com> <7606aa6e.d162.16b40a3cb45.Coremail.sssky307@163.com> <4A89E2EF3DFEDB4C8BFDE51014F606A14E46DF7E@SHSMSX104.ccr.corp.intel.com> <20190610140014.botd5fxrrrrus4a5@bivouac.eciton.net> <20190611103007.fwnbpiympnofpy4x@bivouac.eciton.net> From: "Laszlo Ersek" Message-ID: <6bbebdd6-a90a-ca83-b0af-105afa70a88c@redhat.com> Date: Tue, 11 Jun 2019 17:46:37 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <20190611103007.fwnbpiympnofpy4x@bivouac.eciton.net> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]); Tue, 11 Jun 2019 15:46:44 +0000 (UTC) Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 06/11/19 12:30, Leif Lindholm wrote: > On Tue, Jun 11, 2019 at 12:08:34PM +0200, Laszlo Ersek wrote: >>> Argh, no. OpenSSL has boringssl as a git submodule. >>> >>> edk2/CryptoPkg/Library/OpensslLib/openssl$ cat .gitmodules >>> [submodule "boringssl"] >>> path = boringssl >>> url = https://boringssl.googlesource.com/boringssl >>> ... >>> >> >> That's right, but it shouldn't matter. In edk2, I always use >> >> $ git submodule update --init --force >> >> and I never pass the "--recursive" flag. This is also how I tested the >> upgrade to OpenSSL-1.1.1b, before edk2-stable201905 was tagged. The >> boringssl sub-sub-module is not needed for edk2's purposes. >> >> We might want to drop "--recursive" from "OpenSSL-HOWTO.txt", instead. > > The instructions have spread to many other places (build instructions > in wiki and edk2-platforms Readme.md being two of them). > That's not to say we shouldn't change it, but that we need to go > through and update those places too. > > And frankly, if we've accepted the need to support submodules, we > need to document how edk2 interacts with submodules, not how each > individual submodule interacts with edk2 - so the git instructions in > OpenSSL-HOWTO.txt should probably be deleted. > > This might be a good topic to bring to the next design meeting. > > Presumably the above will be a useful workaround for the original > reporter in the meantime. To be clear -- the problem *exists* only because the original reporter is stuck behind a restrictive firewall. There is nothing *technically* wrong with the current instructions in "OpenSSL-HOWTO.txt". There is nothing particular in how "edk2 interacts with submodules". We're discussing workarounds for a political problem. Thanks Laszlo