Re: [RFC 0/6] Create central repository for boilerplate configuration

From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: Leif Lindholm <leif.lindholm@linaro.org>,
	"edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
Cc: "Kinney, Michael D" <michael.d.kinney@intel.com>,
	"Justen, Jordan L" <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>, Andrew Fish <afish@apple.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>
Subject: Re: [RFC 0/6] Create central repository for boilerplate configuration
Date: Thu, 21 Sep 2017 12:47:41 +0000	[thread overview]
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503A9C0507@shsmsx102.ccr.corp.intel.com> (raw)
In-Reply-To: <20170920172755.22767-1-leif.lindholm@linaro.org>

Hi Leif
It is good to see such configuration.

Here is some of my thought:

1) We have similar idea. But there is one key difference is that we do not use MACRO, but use PCD to control feature selection.

For example, we defined 
  gPlatformModuleTokenSpaceGuid.PcdUefiSecureBootEnable|FALSE|BOOLEAN|0xF00000A4
  gPlatformModuleTokenSpaceGuid.PcdTpm2Enable          |FALSE|BOOLEAN|0xF00000A5
  gPlatformModuleTokenSpaceGuid.PcdPerformanceEnable   |FALSE|BOOLEAN|0xF00000A6
in https://github.com/tianocore/edk2-platforms/blob/devel-MinPlatform/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec

And they are used in https://github.com/tianocore/edk2-platforms/blob/devel-MinPlatform/Platform/Intel/MinPlatformPkg/Include/Fdf/CoreDxeInclude.fdf

I suggest we consider using PCD for configuration.

2) I do not suggest we use configuration for library, if this library only has one instance.
For example:
+  BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf

If no module need this library, this library will be ignored directly.
We can always leave BaseCryptLib there. No impact.

3) For below NULL library, we need put configuration around the NULL library instance, instead of the module. As such we may add more NULL instance, such as DxeTpm2MeasureBootLib.

+!if $(CONFIG_SECURE_BOOT_ENABLE) == TRUE
+  MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {
+    <LibraryClasses>
+      NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
+  }

To

  MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {
    <LibraryClasses>
!if gSecurityTokenSpaceGuid.PcdUefiSecureBootEnable == TRUE
      NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
!endif
!if gSecurityTokenSpaceGuid.PcdTpm2Enable == TRUE
      NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
!endif
  }

Thank you
Yao Jiewen

> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Leif
> Lindholm
> Sent: Thursday, September 21, 2017 1:28 AM
> To: edk2-devel@lists.01.org
> Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Justen, Jordan L
> <jordan.l.justen@intel.com>; Laszlo Ersek <lersek@redhat.com>; Andrew Fish
> <afish@apple.com>; Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Subject: [edk2] [RFC 0/6] Create central repository for boilerplate configuration
> 
> An awful lot of platform configuration is just repeated verbatim for
> every platform. This is my first stab at eliminating some of this
> redundancy.
> 
> I have additional bits as work in progress, but before I sink too much
> time into it, I would like to try to gather feedback on this approach
> (all the way down to directory structure).
> 
> This first round deals with basic network support and Secure Boot
> requirements.
> 
> Leif Lindholm (6):
>   ConfigPkg: add new package for holding common config fragments
>   ArmVirtPkg: use	ConfigPkg for common network items
>   OvmfPkg: use ConfigPkg for common network items
>   ConfigPkg: add common Security settings
>   ArmVirtPkg: use ConfigPkg for common security items
>   OvmfPkg: use ConfigPkg for common security items
> 
>  ArmVirtPkg/ArmVirt.dsc.inc           | 25 ++--------
>  ArmVirtPkg/ArmVirtQemu.dsc           | 46 +++---------------
>  ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 24 ++--------
>  ArmVirtPkg/ArmVirtQemuKernel.dsc     | 46 +++---------------
>  ConfigPkg/Network/Network.dsc.inc    | 92
> ++++++++++++++++++++++++++++++++++++
>  ConfigPkg/Network/Network.fdf.inc    | 47 ++++++++++++++++++
>  ConfigPkg/Security/Security.dsc.inc  | 67 ++++++++++++++++++++++++++
>  ConfigPkg/Security/Security.fdf.inc  | 17 +++++++
>  OvmfPkg/OvmfPkgIa32.dsc              | 92 ++++--------------------------------
>  OvmfPkg/OvmfPkgIa32.fdf              | 37 +--------------
>  OvmfPkg/OvmfPkgIa32X64.dsc           | 90 ++++-------------------------------
>  OvmfPkg/OvmfPkgIa32X64.fdf           | 37 +--------------
>  OvmfPkg/OvmfPkgX64.dsc               | 92
> ++++--------------------------------
>  OvmfPkg/OvmfPkgX64.fdf               | 37 +--------------
>  14 files changed, 276 insertions(+), 473 deletions(-)
>  create mode 100644 ConfigPkg/Network/Network.dsc.inc
>  create mode 100644 ConfigPkg/Network/Network.fdf.inc
>  create mode 100644 ConfigPkg/Security/Security.dsc.inc
>  create mode 100644 ConfigPkg/Security/Security.fdf.inc
> 
> --
> 2.11.0
> 
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel