public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Laszlo Ersek" <lersek@redhat.com>
To: "Lu, XiaoyuX" <xiaoyux.lu@intel.com>,
	"devel@edk2.groups.io" <devel@edk2.groups.io>,
	"glin@suse.com" <glin@suse.com>,
	"Wang, Jian J" <jian.j.wang@intel.com>
Cc: "Ye, Ting" <ting.ye@intel.com>
Subject: Re: [edk2-devel] [PATCH v3 0/6] CryptoPkg: Upgrade OpenSSL to 1.1.1b
Date: Wed, 15 May 2019 10:06:42 +0200	[thread overview]
Message-ID: <9984856c-6e88-ee59-6cf3-9f7ca443bb6a@redhat.com> (raw)
In-Reply-To: <BFD21A70FD4B3446B866B6088E3259E50B95DA30@SHSMSX101.ccr.corp.intel.com>

Hi Xiaoyu,

On 05/15/19 04:00, Lu, XiaoyuX wrote:
> Hi Gary Lin:
> 	I also need to modify the code about the entropy source today.
> 	But I have uploaded a TimerLib based implementation.
> 
> 	https://github.com/xiaoyuxlu/edk2/commits/bz_1089_patch_v4

This is not a good strategy.

Please refer to contributor step 31:

https://github.com/tianocore/tianocore.github.io/wiki/Laszlo's-unkempt-git-guide-for-edk2-contributors-and-maintainers#contrib-31

You should push a topic branch called "xxxx_v4" *only* if you are ready
to post it immediately to the list, as "PATCH v4".

Topic branches in personal repos must be *identical* to the
corresponding posting on edk2-devel. And once such a topic branch is
pushed and referenced in an edk2-devel posting, the branch should never
ever be modified again. Not rebased, not force-pushed, not
fast-forwarded to additional commits on top. Once you have a v4 posting
on edk2-devel, the topic branch *for that version* becomes read-only. If
you need updates, you need to prepare a v5.

It's OK to push (even force-push) branches to your personal repo that
are work-in-progress. However, the name of the branch should be very
clear about that. For example, you could call the branch
"bz_1089_patch_v4_wip", with the "_wip" suffix standing for
"work-in-progress". Then people fetching that branch will understand
it's not final, and may easily change until the mailing list posting.
When you decide it's time to post, you can rename the branch (drop the
"_wip" suffix), from which point on you should treat the branch as
read-only.

Thanks
Laszlo

> -----Original Message-----
> From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of Gary Lin
> Sent: Wednesday, May 15, 2019 9:54 AM
> To: devel@edk2.groups.io; Wang, Jian J <jian.j.wang@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>; Ye, Ting <ting.ye@intel.com>
> Subject: Re: [edk2-devel] [PATCH v3 0/6] CryptoPkg: Upgrade OpenSSL to 1.1.1b
> 
> On Tue, May 14, 2019 at 01:26:15PM +0000, Wang, Jian J wrote:
>> Yes, please wait for v4 version of this patch series.
> 
> Good. I'm looking forward to the new series :)
> 
> Thanks,
> 
> Gary Lin
> 
>>
>> Regards,
>> Jian
>>
>>
>>> -----Original Message-----
>>> From: Laszlo Ersek [mailto:lersek@redhat.com]
>>> Sent: Tuesday, May 14, 2019 8:06 PM
>>> To: devel@edk2.groups.io; glin@suse.com
>>> Cc: Lu, XiaoyuX <xiaoyux.lu@intel.com>; Wang, Jian J 
>>> <jian.j.wang@intel.com>; Ye, Ting <ting.ye@intel.com>
>>> Subject: Re: [edk2-devel] [PATCH v3 0/6] CryptoPkg: Upgrade OpenSSL 
>>> to 1.1.1b
>>>
>>> On 05/14/19 08:16, Gary Lin wrote:
>>>> On Mon, May 13, 2019 at 09:24:39PM +0200, Laszlo Ersek wrote:
>>>>> On 05/13/19 15:25, Xiaoyu lu wrote:
>>>>>> (1) CryptoPkg/OpensslLib: Modify process_files.pl for  upgrading OpenSSL
>>>>>>   OpenSSL only support seeding NONE for UEFI(rand_unix.c line 93).
>>>>>>   So add --with-rand-seed=none to process_files.pl.
>>>>>>
>>>>>> (2) CryptoPkg/OpensslLib: Exclude unnecessary files in  process_files.pl
>>>>>>   When running process_files.py to configure OpenSSL, we can 
>>>>>> exclude some
>>> unnecessary files. This can reduce porting time, compiling time and library size.
>>>>>>
>>>>>> (3) CryptoPkg/IntrinsicLib: Fix possible unresolved  external 
>>>>>> symbol issue
>>>>>>
>>>>>> (4) CryptoPkg/OpensslLib: Prepare for upgrading OpenSSL
>>>>>>   Disable warning for building OpenSSL_1_1_1b
>>>>>>
>>>>>> (5) CryptoPkg: Upgrade OpenSSL to 1.1.1b
>>>>>>   Update OpenSSL submodule to OpenSSL_1_1_1b
>>>>>>   OpenSSL_1_1_1b(50eaac9f3337667259de725451f201e784599687)
>>>>>>
>>>>>>   OpenSSL doesn't implement some rand_pool function for UEFI.
>>>>>>   Use EFI_RNG_PROTOCOL to generate random for entropy.
>>>>>>   If EFI_RNG_PROTOCOL is not avaliable, fall back to performance
>>>>>>   counter, but we not sure about the amount of randomness it provides.
>>>>>>
>>>>>> (6) CryptoPkg/BaseCryptLib: Make HMAC_CTX size backward  
>>>>>> compatible
>>>>>>
>>>>>>   Note: Will be remove next update.
>>>>>>   Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1792
>>>>>>   Ref: https://github.com/openssl/openssl/pull/4338
>>>>>>
>>>>>>
>>>>>> Cc: Jian J Wang <jian.j.wang@intel.com>
>>>>>> Cc: Ting Ye <ting.ye@intel.com>
>>>>>
>>>>> I'm withdrawing from reviewing or testing this series.
>>>>>
>>>>> Gary, if you have the time, can you please regression test this 
>>>>> (for HTTPS boot) in both OVMF and ArmVirtQemu?
>>>>>
>>>> I'll find some time to do the regression test tomorrorw.
>>>
>>> Thanks, Gary!
>>>
>>> Xiaoyu might post a v4 with a remote topic branch for reviewers to 
>>> fetch; I suggest awaiting that. (The series is difficult to apply 
>>> with
>>> git-am.)
>>>
>>> Thanks
>>> Laszlo
>>>
>>>> Cheers,
>>>>
>>>> Gary Lin
>>>>
>>>>
>>>>
>>
>>
>>
>>
> 
> 
> 


  parent reply	other threads:[~2019-05-15  8:06 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-05-13 13:25 [PATCH v3 0/6] CryptoPkg: Upgrade OpenSSL to 1.1.1b Xiaoyu lu
2019-05-13 13:25 ` [PATCH v3 1/6] CryptoPkg/OpensslLib: Modify process_files.pl for upgrading OpenSSL Xiaoyu lu
2019-05-13 13:25 ` [PATCH v3 2/6] CryptoPkg/OpensslLib: Exclude unnecessary files in process_files.pl Xiaoyu lu
2019-05-13 13:25 ` [PATCH v3 3/6] CryptoPkg/IntrinsicLib: Fix possible unresolved external symbol issue Xiaoyu lu
2019-05-13 13:25 ` [PATCH v3 4/6] CryptoPkg/OpensslLib: Prepare for upgrading OpenSSL Xiaoyu lu
2019-05-13 13:25 ` [PATCH v3 5/6] CryptoPkg: Upgrade OpenSSL to 1.1.1b Xiaoyu lu
2019-05-13 13:25 ` [PATCH v3 6/6] CryptoPkg/BaseCryptLib: Make HMAC_CTX size backward compatible Xiaoyu lu
2019-05-13 19:24 ` [edk2-devel] [PATCH v3 0/6] CryptoPkg: Upgrade OpenSSL to 1.1.1b Laszlo Ersek
2019-05-14  6:16   ` Gary Lin
2019-05-14 12:06     ` Laszlo Ersek
2019-05-14 13:26       ` Wang, Jian J
2019-05-15  1:53         ` Gary Lin
2019-05-15  2:00           ` Xiaoyu lu
2019-05-15  4:33             ` Gary Lin
2019-05-15  8:06             ` Laszlo Ersek [this message]
2019-05-15  8:58               ` Xiaoyu lu
2019-05-14 11:58   ` Laszlo Ersek
2019-05-14 15:52     ` Xiaoyu lu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=9984856c-6e88-ee59-6cf3-9f7ca443bb6a@redhat.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox