From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 87F37803BD for ; Tue, 21 Mar 2017 19:44:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=intel.com; i=@intel.com; q=dns/txt; s=intel; t=1490150674; x=1521686674; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=ArpIjsmax/J4ip6v6JJr6YjEXmi/38RFUoeHE7V02PY=; b=i2S9ch1E74+B2c/XbrKTCT9yBw+SNA6HlHn/wzeUBxHnqDo47SBaIXFk m3DThTk/mo+QMO7y4zmJHezSkkzM1A==; Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 21 Mar 2017 19:44:34 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.36,202,1486454400"; d="scan'208";a="63445118" Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205]) by orsmga002.jf.intel.com with ESMTP; 21 Mar 2017 19:44:34 -0700 Received: from fmsmsx112.amr.corp.intel.com (10.18.116.6) by fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 21 Mar 2017 19:44:33 -0700 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by FMSMSX112.amr.corp.intel.com (10.18.116.6) with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 21 Mar 2017 19:44:33 -0700 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.20]) by SHSMSX152.ccr.corp.intel.com ([169.254.6.132]) with mapi id 14.03.0248.002; Wed, 22 Mar 2017 10:44:31 +0800 From: "Long, Qin" To: "Gao, Liming" , "edk2-devel@lists.01.org" CC: "ard.biesheuvel@linaro.org" , "Ye, Ting" , "ronald.cron@arm.com" , "Wu, Jiaxin" , "glin@suse.com" , "lersek@redhat.com" Thread-Topic: [edk2] [PATCH v1 0/9] *** Upgrade CryptoPkg to use the latest OpenSSL 1.1.0xx/stable release *** Thread-Index: AQHSolvMrVo8NYRiL0eSNJ4ytbRd/aGfm5mAgACG4sA= Date: Wed, 22 Mar 2017 02:44:30 +0000 Message-ID: References: <20170321155612.1192-1-qin.long@intel.com> <4A89E2EF3DFEDB4C8BFDE51014F606A14D6F383A@shsmsx102.ccr.corp.intel.com> In-Reply-To: <4A89E2EF3DFEDB4C8BFDE51014F606A14D6F383A@shsmsx102.ccr.corp.intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH v1 0/9] *** Upgrade CryptoPkg to use the latest OpenSSL 1.1.0xx/stable release *** X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Mar 2017 02:44:34 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable > -----Original Message----- > From: Gao, Liming > Sent: Wednesday, March 22, 2017 10:23 AM > To: Long, Qin; edk2-devel@lists.01.org > Cc: ard.biesheuvel@linaro.org; Ye, Ting; ronald.cron@arm.com; Wu, Jiaxin; > glin@suse.com; lersek@redhat.com > Subject: RE: [edk2] [PATCH v1 0/9] *** Upgrade CryptoPkg to use the lates= t > OpenSSL 1.1.0xx/stable release *** >=20 > Long: > I find several issues. Could you help clarify them? >=20 > 1. OpenSsl branch should be OpenSSL_1_1_0-stable instead of > OpenSSL_1_1_0e. Could you update OpenSSL-HOWTO.txt? Yes, the latest branch is OpenSSL_1_1_0-stable, and OpenSSL_1_1_0e is one formal tag for the latest release. These two versions were validate= d=20 by now. I am thinking if it's better to stick to one formal release in EDK2 by defa= ult, and user can clone their code base with Git (1.1.0xx tag, branch,=20 even HEAD, which was just not fully validated and no guarantees on build & functionality).=20 Will update HOWTO for more information.=20 > 2. process_files.pl in CryptoPkg\Library\OpensslLib still required? Not required. The INF and opensslconf.h were already generated in EDK2=20 for direct use, if user follow the HOWTO to choose the code base.=20 This is just provided for any customizations (on OpenSSL version change, or build flags updates.), and future OpenSSL version upgrade.=20 > 3. $(OPENSSL_PATH)/crypto/aes/aes_cbc.c exists in the clone openssl > directory. They are not auto generated files. Why comments in inf says au= to > generation for them? It's the generated file list, not file. The file list in OpensslLib[Crypto].INF was generated from "process_files.p= l", to include all needed openssl sources for building. =20 We will not maintain this file list manually in the future. Just use "proce= ss_file.pl" to update the INF file if any new OpenSSL version.=20 >=20 > Thanks > Liming > >-----Original Message----- > >From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of > >Qin Long > >Sent: Tuesday, March 21, 2017 11:56 PM > >To: edk2-devel@lists.01.org > >Cc: ard.biesheuvel@linaro.org; Ye, Ting ; > >ronald.cron@arm.com; Wu, Jiaxin ; glin@suse.com; > >lersek@redhat.com > >Subject: [edk2] [PATCH v1 0/9] *** Upgrade CryptoPkg to use the latest > >OpenSSL 1.1.0xx/stable release *** > > > >(https://github.com/qloong/edk2/tree/dev-openssl-stable) > > > >Current EDKII-CryptoPkg is leveraging OpenSSL-1.0.2xx as the underlying > >cryptographic provider, which requires some extra patches > >(EDKII-openssl-xxxx.patch) and installation scripts for EDKII build & us= age. > >The latest stable version of OpenSSL was upgraded to the 1.1.0 series > >of release, with lots of EDKII-specific patches integration, which make > >CryptoPkg possbile to remove all extra patch and scripts for more > >native build support. > > > >This patch series is to update EDKII-CryptoPkg to support native > >building with the latest OpenSSL 1.1.0xx. (By now, the latest OpenSSL > >stable release is 1.1.0e). Refer > >"CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt" for the information > about the version and source installation. > > > >(NOTE: The extra build options for ARM/RVCT/XCODE were kept, which > >expect > > further optimizations from community) > > > >Qin Long (9): > > CryptoPkg/OpensslLib: Update INF files to support OpenSSL-1.1.0xx buil= d. > > CryptoPkg/OpensslLib: Remove patch file and installation scripts. > > CryptoPkg: Fix handling of &strcmp function pointers > > CryptoPkg/OpensslLib: Use new Perl script for file list generation. > > CryptoPkg: Clean-up CRT Library Wrapper. > > CryptoPkg: Add extra build option to disable VS build warning > > CryptoPkg: Update HMAC Wrapper implementation with opaque > HMAC_CTX > >object. > > CryptoPkg: Update PK Ciphers Wrapper Implementations work with > opaque > >objects. > > CryptoPkg/TlsLib: Update TLS Wrapper Library to align with OpenSSL > changes. > > > > CryptoPkg/.gitignore | 3 +- > > CryptoPkg/CryptoPkg.dec | 8 +- > > CryptoPkg/Include/CrtLibSupport.h | 192 ++ > > CryptoPkg/Include/Library/BaseCryptLib.h | 87 +- > > CryptoPkg/Include/OpenSslSupport.h | 286 --- > > CryptoPkg/Include/arpa/inet.h | 16 - > > CryptoPkg/Include/assert.h | 7 +- > > CryptoPkg/Include/ctype.h | 7 +- > > CryptoPkg/Include/dirent.h | 16 - > > CryptoPkg/Include/errno.h | 7 +- > > CryptoPkg/Include/internal/dso_conf.h | 0 > > CryptoPkg/Include/limits.h | 7 +- > > CryptoPkg/Include/malloc.h | 16 - > > CryptoPkg/Include/math.h | 16 - > > CryptoPkg/Include/memory.h | 7 +- > > CryptoPkg/Include/netdb.h | 16 - > > CryptoPkg/Include/netinet/in.h | 16 - > > CryptoPkg/Include/openssl/opensslconf.h | 314 +++ > > CryptoPkg/Include/sgtty.h | 16 - > > CryptoPkg/Include/signal.h | 16 - > > CryptoPkg/Include/stdarg.h | 7 +- > > CryptoPkg/Include/stddef.h | 6 +- > > CryptoPkg/Include/stdio.h | 7 +- > > CryptoPkg/Include/stdlib.h | 7 +- > > CryptoPkg/Include/string.h | 7 +- > > CryptoPkg/Include/strings.h | 6 +- > > CryptoPkg/Include/sys/ioctl.h | 16 - > > CryptoPkg/Include/sys/param.h | 16 - > > CryptoPkg/Include/sys/socket.h | 16 - > > CryptoPkg/Include/sys/stat.h | 16 - > > CryptoPkg/Include/sys/time.h | 7 +- > > CryptoPkg/Include/sys/times.h | 16 - > > CryptoPkg/Include/sys/types.h | 7 +- > > CryptoPkg/Include/sys/un.h | 16 - > > CryptoPkg/Include/syslog.h | 6 +- > > CryptoPkg/Include/time.h | 6 +- > > CryptoPkg/Include/unistd.h | 6 +- > > CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 9 +- > > CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c | 75 +- > > .../Library/BaseCryptLib/Hmac/CryptHmacMd5Null.c | 38 +- > > .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c | 73 +- > > .../Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c | 38 +- > > .../Library/BaseCryptLib/Hmac/CryptHmacSha256.c | 73 +- > > .../BaseCryptLib/Hmac/CryptHmacSha256Null.c | 38 +- > > CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h | 11 +- > > CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 8 +- > > CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c | 69 +- > > CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c | 10 +- > > .../Library/BaseCryptLib/Pk/CryptPkcs7Verify.c | 68 +- > > CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c | 189 +- > > CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c | 70 +- > > CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c | 20 +- > > CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 41 +- > > CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 8 +- > > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 6 + > > .../BaseCryptLib/SysCall/BaseMemAllocation.c | 5 +- > > .../BaseCryptLib/SysCall/ConstantTimeClock.c | 6 +- > > .../Library/BaseCryptLib/SysCall/CrtWrapper.c | 156 +- > > .../Library/BaseCryptLib/SysCall/HelperWrapper.c | 54 - > > .../BaseCryptLib/SysCall/RuntimeMemAllocation.c | 3 +- > > .../Library/BaseCryptLib/SysCall/TimerWrapper.c | 4 +- > > CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c | 8 +- > > .../Library/OpensslLib/EDKII_openssl-1.0.2k.patch | 2094 -------------= ------- > > CryptoPkg/Library/OpensslLib/Install.cmd | 80 - > > CryptoPkg/Library/OpensslLib/Install.sh | 82 - > > CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt | 36 + > > CryptoPkg/Library/OpensslLib/OpensslLib.inf | 866 ++++---- > > CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 791 ++++---- > > CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt | 61 - > > CryptoPkg/Library/OpensslLib/buildinf.h | 2 +- > > CryptoPkg/Library/OpensslLib/opensslconf.h | 497 ----- > > CryptoPkg/Library/OpensslLib/process_files.pl | 223 +++ > > CryptoPkg/Library/OpensslLib/process_files.sh | 110 - > > CryptoPkg/Library/TlsLib/InternalTlsLib.h | 6 +- > > CryptoPkg/Library/TlsLib/TlsConfig.c | 21 +- > > CryptoPkg/Library/TlsLib/TlsInit.c | 19 +- > > CryptoPkg/Library/TlsLib/TlsLib.inf | 9 +- > > 77 files changed, 2406 insertions(+), 4792 deletions(-) create mode > >100644 CryptoPkg/Include/CrtLibSupport.h delete mode 100644 > >CryptoPkg/Include/OpenSslSupport.h > > delete mode 100644 CryptoPkg/Include/arpa/inet.h delete mode 100644 > >CryptoPkg/Include/dirent.h create mode 100644 > >CryptoPkg/Include/internal/dso_conf.h > > delete mode 100644 CryptoPkg/Include/malloc.h delete mode 100644 > >CryptoPkg/Include/math.h delete mode 100644 > CryptoPkg/Include/netdb.h > >delete mode 100644 CryptoPkg/Include/netinet/in.h create mode 100644 > >CryptoPkg/Include/openssl/opensslconf.h > > delete mode 100644 CryptoPkg/Include/sgtty.h delete mode 100644 > >CryptoPkg/Include/signal.h delete mode 100644 > >CryptoPkg/Include/sys/ioctl.h delete mode 100644 > >CryptoPkg/Include/sys/param.h delete mode 100644 > >CryptoPkg/Include/sys/socket.h delete mode 100644 > >CryptoPkg/Include/sys/stat.h delete mode 100644 > >CryptoPkg/Include/sys/times.h delete mode 100644 > >CryptoPkg/Include/sys/un.h delete mode 100644 > >CryptoPkg/Library/BaseCryptLib/SysCall/HelperWrapper.c > > delete mode 100644 CryptoPkg/Library/OpensslLib/EDKII_openssl- > >1.0.2k.patch > > delete mode 100755 CryptoPkg/Library/OpensslLib/Install.cmd > > delete mode 100755 CryptoPkg/Library/OpensslLib/Install.sh > > create mode 100644 CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt > > delete mode 100644 CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt > > delete mode 100644 CryptoPkg/Library/OpensslLib/opensslconf.h > > create mode 100644 CryptoPkg/Library/OpensslLib/process_files.pl > > delete mode 100755 CryptoPkg/Library/OpensslLib/process_files.sh > > > >-- > >2.11.1.windows.1 > > > >_______________________________________________ > >edk2-devel mailing list > >edk2-devel@lists.01.org > >https://lists.01.org/mailman/listinfo/edk2-devel