From: "Long, Qin" <qin.long@intel.com>
To: "Gao, Liming" <liming.gao@intel.com>,
"edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
Cc: "ard.biesheuvel@linaro.org" <ard.biesheuvel@linaro.org>,
"Ye, Ting" <ting.ye@intel.com>,
"ronald.cron@arm.com" <ronald.cron@arm.com>,
"Wu, Jiaxin" <jiaxin.wu@intel.com>,
"glin@suse.com" <glin@suse.com>,
"lersek@redhat.com" <lersek@redhat.com>
Subject: Re: [PATCH v1 0/9] *** Upgrade CryptoPkg to use the latest OpenSSL 1.1.0xx/stable release ***
Date: Wed, 22 Mar 2017 02:44:30 +0000 [thread overview]
Message-ID: <BF2CCE9263284D428840004653A28B6E53F7034F@SHSMSX103.ccr.corp.intel.com> (raw)
In-Reply-To: <4A89E2EF3DFEDB4C8BFDE51014F606A14D6F383A@shsmsx102.ccr.corp.intel.com>
> -----Original Message-----
> From: Gao, Liming
> Sent: Wednesday, March 22, 2017 10:23 AM
> To: Long, Qin; edk2-devel@lists.01.org
> Cc: ard.biesheuvel@linaro.org; Ye, Ting; ronald.cron@arm.com; Wu, Jiaxin;
> glin@suse.com; lersek@redhat.com
> Subject: RE: [edk2] [PATCH v1 0/9] *** Upgrade CryptoPkg to use the latest
> OpenSSL 1.1.0xx/stable release ***
>
> Long:
> I find several issues. Could you help clarify them?
>
> 1. OpenSsl branch should be OpenSSL_1_1_0-stable instead of
> OpenSSL_1_1_0e. Could you update OpenSSL-HOWTO.txt?
Yes, the latest branch is OpenSSL_1_1_0-stable, and OpenSSL_1_1_0e
is one formal tag for the latest release. These two versions were validated
by now.
I am thinking if it's better to stick to one formal release in EDK2 by default,
and user can clone their code base with Git (1.1.0xx tag, branch,
even HEAD, which was just not fully validated and no guarantees on build
& functionality).
Will update HOWTO for more information.
> 2. process_files.pl in CryptoPkg\Library\OpensslLib still required?
Not required. The INF and opensslconf.h were already generated in EDK2
for direct use, if user follow the HOWTO to choose the code base.
This is just provided for any customizations (on OpenSSL version
change, or build flags updates.), and future OpenSSL version upgrade.
> 3. $(OPENSSL_PATH)/crypto/aes/aes_cbc.c exists in the clone openssl
> directory. They are not auto generated files. Why comments in inf says auto
> generation for them?
It's the generated file list, not file.
The file list in OpensslLib[Crypto].INF was generated from "process_files.pl",
to include all needed openssl sources for building.
We will not maintain this file list manually in the future. Just use "process_file.pl"
to update the INF file if any new OpenSSL version.
>
> Thanks
> Liming
> >-----Original Message-----
> >From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
> >Qin Long
> >Sent: Tuesday, March 21, 2017 11:56 PM
> >To: edk2-devel@lists.01.org
> >Cc: ard.biesheuvel@linaro.org; Ye, Ting <ting.ye@intel.com>;
> >ronald.cron@arm.com; Wu, Jiaxin <jiaxin.wu@intel.com>; glin@suse.com;
> >lersek@redhat.com
> >Subject: [edk2] [PATCH v1 0/9] *** Upgrade CryptoPkg to use the latest
> >OpenSSL 1.1.0xx/stable release ***
> >
> >(https://github.com/qloong/edk2/tree/dev-openssl-stable)
> >
> >Current EDKII-CryptoPkg is leveraging OpenSSL-1.0.2xx as the underlying
> >cryptographic provider, which requires some extra patches
> >(EDKII-openssl-xxxx.patch) and installation scripts for EDKII build & usage.
> >The latest stable version of OpenSSL was upgraded to the 1.1.0 series
> >of release, with lots of EDKII-specific patches integration, which make
> >CryptoPkg possbile to remove all extra patch and scripts for more
> >native build support.
> >
> >This patch series is to update EDKII-CryptoPkg to support native
> >building with the latest OpenSSL 1.1.0xx. (By now, the latest OpenSSL
> >stable release is 1.1.0e). Refer
> >"CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt" for the information
> about the version and source installation.
> >
> >(NOTE: The extra build options for ARM/RVCT/XCODE were kept, which
> >expect
> > further optimizations from community)
> >
> >Qin Long (9):
> > CryptoPkg/OpensslLib: Update INF files to support OpenSSL-1.1.0xx build.
> > CryptoPkg/OpensslLib: Remove patch file and installation scripts.
> > CryptoPkg: Fix handling of &strcmp function pointers
> > CryptoPkg/OpensslLib: Use new Perl script for file list generation.
> > CryptoPkg: Clean-up CRT Library Wrapper.
> > CryptoPkg: Add extra build option to disable VS build warning
> > CryptoPkg: Update HMAC Wrapper implementation with opaque
> HMAC_CTX
> >object.
> > CryptoPkg: Update PK Ciphers Wrapper Implementations work with
> opaque
> >objects.
> > CryptoPkg/TlsLib: Update TLS Wrapper Library to align with OpenSSL
> changes.
> >
> > CryptoPkg/.gitignore | 3 +-
> > CryptoPkg/CryptoPkg.dec | 8 +-
> > CryptoPkg/Include/CrtLibSupport.h | 192 ++
> > CryptoPkg/Include/Library/BaseCryptLib.h | 87 +-
> > CryptoPkg/Include/OpenSslSupport.h | 286 ---
> > CryptoPkg/Include/arpa/inet.h | 16 -
> > CryptoPkg/Include/assert.h | 7 +-
> > CryptoPkg/Include/ctype.h | 7 +-
> > CryptoPkg/Include/dirent.h | 16 -
> > CryptoPkg/Include/errno.h | 7 +-
> > CryptoPkg/Include/internal/dso_conf.h | 0
> > CryptoPkg/Include/limits.h | 7 +-
> > CryptoPkg/Include/malloc.h | 16 -
> > CryptoPkg/Include/math.h | 16 -
> > CryptoPkg/Include/memory.h | 7 +-
> > CryptoPkg/Include/netdb.h | 16 -
> > CryptoPkg/Include/netinet/in.h | 16 -
> > CryptoPkg/Include/openssl/opensslconf.h | 314 +++
> > CryptoPkg/Include/sgtty.h | 16 -
> > CryptoPkg/Include/signal.h | 16 -
> > CryptoPkg/Include/stdarg.h | 7 +-
> > CryptoPkg/Include/stddef.h | 6 +-
> > CryptoPkg/Include/stdio.h | 7 +-
> > CryptoPkg/Include/stdlib.h | 7 +-
> > CryptoPkg/Include/string.h | 7 +-
> > CryptoPkg/Include/strings.h | 6 +-
> > CryptoPkg/Include/sys/ioctl.h | 16 -
> > CryptoPkg/Include/sys/param.h | 16 -
> > CryptoPkg/Include/sys/socket.h | 16 -
> > CryptoPkg/Include/sys/stat.h | 16 -
> > CryptoPkg/Include/sys/time.h | 7 +-
> > CryptoPkg/Include/sys/times.h | 16 -
> > CryptoPkg/Include/sys/types.h | 7 +-
> > CryptoPkg/Include/sys/un.h | 16 -
> > CryptoPkg/Include/syslog.h | 6 +-
> > CryptoPkg/Include/time.h | 6 +-
> > CryptoPkg/Include/unistd.h | 6 +-
> > CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 9 +-
> > CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c | 75 +-
> > .../Library/BaseCryptLib/Hmac/CryptHmacMd5Null.c | 38 +-
> > .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c | 73 +-
> > .../Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c | 38 +-
> > .../Library/BaseCryptLib/Hmac/CryptHmacSha256.c | 73 +-
> > .../BaseCryptLib/Hmac/CryptHmacSha256Null.c | 38 +-
> > CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h | 11 +-
> > CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 8 +-
> > CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c | 69 +-
> > CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c | 10 +-
> > .../Library/BaseCryptLib/Pk/CryptPkcs7Verify.c | 68 +-
> > CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c | 189 +-
> > CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c | 70 +-
> > CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c | 20 +-
> > CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 41 +-
> > CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 8 +-
> > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 6 +
> > .../BaseCryptLib/SysCall/BaseMemAllocation.c | 5 +-
> > .../BaseCryptLib/SysCall/ConstantTimeClock.c | 6 +-
> > .../Library/BaseCryptLib/SysCall/CrtWrapper.c | 156 +-
> > .../Library/BaseCryptLib/SysCall/HelperWrapper.c | 54 -
> > .../BaseCryptLib/SysCall/RuntimeMemAllocation.c | 3 +-
> > .../Library/BaseCryptLib/SysCall/TimerWrapper.c | 4 +-
> > CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c | 8 +-
> > .../Library/OpensslLib/EDKII_openssl-1.0.2k.patch | 2094 --------------------
> > CryptoPkg/Library/OpensslLib/Install.cmd | 80 -
> > CryptoPkg/Library/OpensslLib/Install.sh | 82 -
> > CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt | 36 +
> > CryptoPkg/Library/OpensslLib/OpensslLib.inf | 866 ++++----
> > CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 791 ++++----
> > CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt | 61 -
> > CryptoPkg/Library/OpensslLib/buildinf.h | 2 +-
> > CryptoPkg/Library/OpensslLib/opensslconf.h | 497 -----
> > CryptoPkg/Library/OpensslLib/process_files.pl | 223 +++
> > CryptoPkg/Library/OpensslLib/process_files.sh | 110 -
> > CryptoPkg/Library/TlsLib/InternalTlsLib.h | 6 +-
> > CryptoPkg/Library/TlsLib/TlsConfig.c | 21 +-
> > CryptoPkg/Library/TlsLib/TlsInit.c | 19 +-
> > CryptoPkg/Library/TlsLib/TlsLib.inf | 9 +-
> > 77 files changed, 2406 insertions(+), 4792 deletions(-) create mode
> >100644 CryptoPkg/Include/CrtLibSupport.h delete mode 100644
> >CryptoPkg/Include/OpenSslSupport.h
> > delete mode 100644 CryptoPkg/Include/arpa/inet.h delete mode 100644
> >CryptoPkg/Include/dirent.h create mode 100644
> >CryptoPkg/Include/internal/dso_conf.h
> > delete mode 100644 CryptoPkg/Include/malloc.h delete mode 100644
> >CryptoPkg/Include/math.h delete mode 100644
> CryptoPkg/Include/netdb.h
> >delete mode 100644 CryptoPkg/Include/netinet/in.h create mode 100644
> >CryptoPkg/Include/openssl/opensslconf.h
> > delete mode 100644 CryptoPkg/Include/sgtty.h delete mode 100644
> >CryptoPkg/Include/signal.h delete mode 100644
> >CryptoPkg/Include/sys/ioctl.h delete mode 100644
> >CryptoPkg/Include/sys/param.h delete mode 100644
> >CryptoPkg/Include/sys/socket.h delete mode 100644
> >CryptoPkg/Include/sys/stat.h delete mode 100644
> >CryptoPkg/Include/sys/times.h delete mode 100644
> >CryptoPkg/Include/sys/un.h delete mode 100644
> >CryptoPkg/Library/BaseCryptLib/SysCall/HelperWrapper.c
> > delete mode 100644 CryptoPkg/Library/OpensslLib/EDKII_openssl-
> >1.0.2k.patch
> > delete mode 100755 CryptoPkg/Library/OpensslLib/Install.cmd
> > delete mode 100755 CryptoPkg/Library/OpensslLib/Install.sh
> > create mode 100644 CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
> > delete mode 100644 CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt
> > delete mode 100644 CryptoPkg/Library/OpensslLib/opensslconf.h
> > create mode 100644 CryptoPkg/Library/OpensslLib/process_files.pl
> > delete mode 100755 CryptoPkg/Library/OpensslLib/process_files.sh
> >
> >--
> >2.11.1.windows.1
> >
> >_______________________________________________
> >edk2-devel mailing list
> >edk2-devel@lists.01.org
> >https://lists.01.org/mailman/listinfo/edk2-devel
next prev parent reply other threads:[~2017-03-22 2:44 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-21 15:56 [PATCH v1 0/9] *** Upgrade CryptoPkg to use the latest OpenSSL 1.1.0xx/stable release *** Qin Long
2017-03-21 15:56 ` [PATCH v1 1/9] CryptoPkg/OpensslLib: Update INF files to support OpenSSL-1.1.0xx build Qin Long
2017-03-22 12:02 ` Laszlo Ersek
2017-03-22 12:18 ` Laszlo Ersek
2017-03-21 15:56 ` [PATCH v1 2/9] CryptoPkg/OpensslLib: Remove patch file and installation scripts Qin Long
2017-03-22 12:05 ` Laszlo Ersek
2017-03-21 15:56 ` [PATCH v1 3/9] CryptoPkg: Fix handling of &strcmp function pointers Qin Long
2017-03-22 10:11 ` Gary Lin
2017-03-23 2:16 ` Long, Qin
2017-03-23 3:39 ` Long, Qin
2017-03-21 15:56 ` [PATCH v1 4/9] CryptoPkg/OpensslLib: Use new Perl script for file list generation Qin Long
2017-03-21 15:56 ` [PATCH v1 5/9] CryptoPkg: Clean-up CRT Library Wrapper Qin Long
2017-03-21 15:56 ` [PATCH v1 6/9] CryptoPkg: Add extra build option to disable VS build warning Qin Long
2017-03-21 15:56 ` [PATCH v1 7/9] CryptoPkg: Update HMAC Wrapper implementation with opaque HMAC_CTX object Qin Long
2017-03-21 15:56 ` [PATCH v1 8/9] CryptoPkg: Update PK Ciphers Wrapper Implementations work with opaque objects Qin Long
2017-03-21 15:56 ` [PATCH v1 9/9] CryptoPkg/TlsLib: Update TLS Wrapper Library to align with OpenSSL changes Qin Long
2017-03-21 17:42 ` Palmer, Thomas
2017-03-22 1:32 ` Long, Qin
2017-03-23 1:20 ` Wu, Jiaxin
2017-03-23 16:23 ` Palmer, Thomas
2017-03-22 2:22 ` [PATCH v1 0/9] *** Upgrade CryptoPkg to use the latest OpenSSL 1.1.0xx/stable release *** Gao, Liming
2017-03-22 2:44 ` Long, Qin [this message]
2017-03-22 13:02 ` Laszlo Ersek
2017-03-22 16:20 ` Long, Qin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=BF2CCE9263284D428840004653A28B6E53F7034F@SHSMSX103.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox