From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id C70B321E1B747 for ; Thu, 21 Sep 2017 05:44:37 -0700 (PDT) Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 21 Sep 2017 05:47:44 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.42,425,1500966000"; d="scan'208";a="1197566291" Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202]) by fmsmga001.fm.intel.com with ESMTP; 21 Sep 2017 05:47:44 -0700 Received: from fmsmsx156.amr.corp.intel.com (10.18.116.74) by fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS) id 14.3.319.2; Thu, 21 Sep 2017 05:47:44 -0700 Received: from shsmsx103.ccr.corp.intel.com (10.239.4.69) by fmsmsx156.amr.corp.intel.com (10.18.116.74) with Microsoft SMTP Server (TLS) id 14.3.319.2; Thu, 21 Sep 2017 05:47:43 -0700 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.175]) by SHSMSX103.ccr.corp.intel.com ([169.254.4.213]) with mapi id 14.03.0319.002; Thu, 21 Sep 2017 20:47:42 +0800 From: "Yao, Jiewen" To: Leif Lindholm , "edk2-devel@lists.01.org" CC: "Kinney, Michael D" , "Justen, Jordan L" , Laszlo Ersek , Andrew Fish , Ard Biesheuvel Thread-Topic: [edk2] [RFC 0/6] Create central repository for boilerplate configuration Thread-Index: AQHTMjXlC+aoINej00Cj9agGTm98x6K/R/WQ Date: Thu, 21 Sep 2017 12:47:41 +0000 Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503A9C0507@shsmsx102.ccr.corp.intel.com> References: <20170920172755.22767-1-leif.lindholm@linaro.org> In-Reply-To: <20170920172755.22767-1-leif.lindholm@linaro.org> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.0.0.116 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [RFC 0/6] Create central repository for boilerplate configuration X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Sep 2017 12:44:38 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Leif It is good to see such configuration. Here is some of my thought: 1) We have similar idea. But there is one key difference is that we do not = use MACRO, but use PCD to control feature selection. For example, we defined=20 gPlatformModuleTokenSpaceGuid.PcdUefiSecureBootEnable|FALSE|BOOLEAN|0xF00= 000A4 gPlatformModuleTokenSpaceGuid.PcdTpm2Enable |FALSE|BOOLEAN|0xF00= 000A5 gPlatformModuleTokenSpaceGuid.PcdPerformanceEnable |FALSE|BOOLEAN|0xF00= 000A6 in https://github.com/tianocore/edk2-platforms/blob/devel-MinPlatform/Platf= orm/Intel/MinPlatformPkg/MinPlatformPkg.dec And they are used in https://github.com/tianocore/edk2-platforms/blob/devel= -MinPlatform/Platform/Intel/MinPlatformPkg/Include/Fdf/CoreDxeInclude.fdf I suggest we consider using PCD for configuration. 2) I do not suggest we use configuration for library, if this library only = has one instance. For example: + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf If no module need this library, this library will be ignored directly. We can always leave BaseCryptLib there. No impact. 3) For below NULL library, we need put configuration around the NULL librar= y instance, instead of the module. As such we may add more NULL instance, s= uch as DxeTpm2MeasureBootLib. +!if $(CONFIG_SECURE_BOOT_ENABLE) =3D=3D TRUE + MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf { + + NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificatio= nLib.inf + } To MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf { !if gSecurityTokenSpaceGuid.PcdUefiSecureBootEnable =3D=3D TRUE NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerification= Lib.inf !endif !if gSecurityTokenSpaceGuid.PcdTpm2Enable =3D=3D TRUE NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.= inf !endif } Thank you Yao Jiewen > -----Original Message----- > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Le= if > Lindholm > Sent: Thursday, September 21, 2017 1:28 AM > To: edk2-devel@lists.01.org > Cc: Kinney, Michael D ; Justen, Jordan L > ; Laszlo Ersek ; Andrew Fis= h > ; Ard Biesheuvel > Subject: [edk2] [RFC 0/6] Create central repository for boilerplate confi= guration >=20 > An awful lot of platform configuration is just repeated verbatim for > every platform. This is my first stab at eliminating some of this > redundancy. >=20 > I have additional bits as work in progress, but before I sink too much > time into it, I would like to try to gather feedback on this approach > (all the way down to directory structure). >=20 > This first round deals with basic network support and Secure Boot > requirements. >=20 > Leif Lindholm (6): > ConfigPkg: add new package for holding common config fragments > ArmVirtPkg: use ConfigPkg for common network items > OvmfPkg: use ConfigPkg for common network items > ConfigPkg: add common Security settings > ArmVirtPkg: use ConfigPkg for common security items > OvmfPkg: use ConfigPkg for common security items >=20 > ArmVirtPkg/ArmVirt.dsc.inc | 25 ++-------- > ArmVirtPkg/ArmVirtQemu.dsc | 46 +++--------------- > ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 24 ++-------- > ArmVirtPkg/ArmVirtQemuKernel.dsc | 46 +++--------------- > ConfigPkg/Network/Network.dsc.inc | 92 > ++++++++++++++++++++++++++++++++++++ > ConfigPkg/Network/Network.fdf.inc | 47 ++++++++++++++++++ > ConfigPkg/Security/Security.dsc.inc | 67 ++++++++++++++++++++++++++ > ConfigPkg/Security/Security.fdf.inc | 17 +++++++ > OvmfPkg/OvmfPkgIa32.dsc | 92 ++++--------------------------= ------ > OvmfPkg/OvmfPkgIa32.fdf | 37 +-------------- > OvmfPkg/OvmfPkgIa32X64.dsc | 90 ++++--------------------------= ----- > OvmfPkg/OvmfPkgIa32X64.fdf | 37 +-------------- > OvmfPkg/OvmfPkgX64.dsc | 92 > ++++-------------------------------- > OvmfPkg/OvmfPkgX64.fdf | 37 +-------------- > 14 files changed, 276 insertions(+), 473 deletions(-) > create mode 100644 ConfigPkg/Network/Network.dsc.inc > create mode 100644 ConfigPkg/Network/Network.fdf.inc > create mode 100644 ConfigPkg/Security/Security.dsc.inc > create mode 100644 ConfigPkg/Security/Security.fdf.inc >=20 > -- > 2.11.0 >=20 > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel