From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by mx.groups.io with SMTP id smtpd.web10.4074.1678783545824450844 for ; Tue, 14 Mar 2023 01:45:46 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=rvgGQNDJ; spf=pass (domain: kernel.org, ip: 145.40.68.75, mailfrom: ardb@kernel.org) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id A1AE5B8188C for ; Tue, 14 Mar 2023 08:45:43 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 72491C4339C for ; Tue, 14 Mar 2023 08:45:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1678783542; bh=5KGfpj2pck4KsxxCALBti/fGFjNZj52WwowPMH5uBAo=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=rvgGQNDJQMYN1FJipsmpESZsG4VM7xRLEHJfH0Y+EWFrcb05jTnvKeao6D/j6/2jP 8kXkzRGgv3cyeMcZ0tAKO8VdLR5VbsUL5EB4MjyxE4+es5YcrlGs7pb5TKqcynmOtN cQUHw7F6vODHM/e3oe7MhocKrVOD0Kk4knI3qY7gvtckYdKnISnvqMQ6D4f0K+61qD uvMWxemNg4hpFppXGmJbex+DqB5mLKkZVsmXSp49zxGgyH+/vF2VZ/lF9S9rbYZUsN BtMepZET064Qer2WnkTIbvJH3C2SMIt/8F8TvKHPCKWBumnEIt6GF0tW87U5eYSeyY PaQFbHTtTm/tQ== Received: by mail-lf1-f44.google.com with SMTP id d36so18954041lfv.8 for ; Tue, 14 Mar 2023 01:45:42 -0700 (PDT) X-Gm-Message-State: AO0yUKUIYvBakIm9QpdawmZf1OGeNYSgc2uAogEDQDBh4S0aappMt3XA 5NVfgqsKOkGkz34aaqVH0wTiFmqZcLM/JHoL0WA= X-Google-Smtp-Source: AK7set/AZp7U2QWABP5dkT3eO23WPOFDW9tYU4N4n4SvAKTYb5T1spQFCxIOf0g+pg+PgfDv3i0CR+ucmdfldnQL7zc= X-Received: by 2002:ac2:48b0:0:b0:4d5:ca32:6ae4 with SMTP id u16-20020ac248b0000000b004d5ca326ae4mr468546lfg.4.1678783540454; Tue, 14 Mar 2023 01:45:40 -0700 (PDT) MIME-Version: 1.0 References: <20230313083016.136448-1-kraxel@redhat.com> <20230313083016.136448-2-kraxel@redhat.com> <20230314081612.7dze46duc3dn6wrw@sirius.home.kraxel.org> In-Reply-To: <20230314081612.7dze46duc3dn6wrw@sirius.home.kraxel.org> From: "Ard Biesheuvel" Date: Tue, 14 Mar 2023 09:45:29 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [edk2-devel] [PATCH 01/22] CryptoPkg/openssl: update submodule to openssl-3.0.8 To: "kraxel@redhat.com" Cc: devel@edk2.groups.io, yi1.li@intel.com, "Wang, Jian J" , Pawel Polawski , "Lu, Xiaoyu1" , Ard Biesheuvel , "Jiang, Guomin" , "Yao, Jiewen" , Oliver Steffen , "Justen, Jordan L" Content-Type: text/plain; charset="UTF-8" On Tue, 14 Mar 2023 at 09:16, kraxel@redhat.com wrote: > > On Mon, Mar 13, 2023 at 03:13:28PM +0000, Li, Yi wrote: > > Hi Gerd, > > > > I also have some work on Openssl3, mainly to research how to reduce the binary size increase after the upgrade: > > > > https://github.com/tianocore/edk2-staging/blob/OpenSSL11_EOL/CryptoPkg/Readme-OpenSSL3.0.md > > > > > > > > I really appreciate your work in this patch series, especially the clear py script. > > > > But it seems that part of our work is repeated, if you don't mind, can > > I merge your work into openssl3.0 Edk2Staging branch? You can find it > > here if you're interested: > > Sure, that is the point of sharing it ;) > > github branch (which hot some updates for aarch64 meanwhile) is at > https://github.com/kraxel/edk2/commits/openssl3 > > aarch64 is not working, the cpu capability probing needs some work. > openssl seems to just try instructions and catch SIGILL. edk2 needs > something else of course. Easiest way out would be to just provide > dummy functions, but that would also mean we wouldn't use aes > instructions if available ... > > Any hints on that from the arm camp are welcome. > Yeah the SIGILL trapping is a bit nasty, but that is only used if no implementation of getauxval() exists. So perhaps the cleanest way to approach this is to provide a dummy implementation of getauxval() which only supports AT_HWCAP, and returns the correct hwcap mask for what the CPU id registers report in terms for ISA support for crypto extensions. I can code that up if you want.