From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web10.21135.1675961190579533283 for ; Thu, 09 Feb 2023 08:46:30 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=AFUAWd/T; spf=pass (domain: kernel.org, ip: 139.178.84.217, mailfrom: ardb@kernel.org) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id F296661B48 for ; Thu, 9 Feb 2023 16:46:29 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 601AAC4339E for ; Thu, 9 Feb 2023 16:46:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1675961189; bh=x/q7LSJBeKqt4MBoa7pjSs63OzlE/yGVwA2vZZb4Qjo=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=AFUAWd/TxZ1+Va30EV3KZs+VM26nm2zzbBGU3++ANrH30iw5T3OQ4ffKmjEuDKIRq rmrkRUu9BR5i+I1LTLpFWdkHshvp7nmDx/GZJvpODz/f/+YkkhaolPmOBl7mYHZIly ZFwTgjrWMDLfJhdYEw1mH9w766UXYJAmMuucvn/LUgnn01X82bEtNf2TNJwWlzt3T5 j6aPOVeE9L+psjFipB4Bbq8GdQ+fEO2L65B/ylh0t63lo659i9FL8q8d5ivlIEDLxR 2xCdRzQgR7nmqqunlbmna2ktY8orTFpf8HAtmjii6pECeUrsqG60qQnTKLqu4ADtp8 N47tjBQsjHs6A== Received: by mail-lf1-f43.google.com with SMTP id h24so3961532lfv.6 for ; Thu, 09 Feb 2023 08:46:29 -0800 (PST) X-Gm-Message-State: AO0yUKVMvYN7419D055Ec/n8gKcqAn5pU0YAh4dirAgNVa9g0q2Nri1y Nm5czPM/K1d5wUJMtrCiJ1Y5+kkiUY/DWi8JmZs= X-Google-Smtp-Source: AK7set95fUCtNliMkicXOdKnM0l8hbPqao0y+IuYWEBciHskcSfwczFxSYNBORHruaDkIPDGnmonYoFRwrn26+e7hRg= X-Received: by 2002:ac2:55ba:0:b0:4ca:f9e3:c324 with SMTP id y26-20020ac255ba000000b004caf9e3c324mr1834919lfg.190.1675961187322; Thu, 09 Feb 2023 08:46:27 -0800 (PST) MIME-Version: 1.0 References: <20230209102648.2291743-1-kraxel@redhat.com> In-Reply-To: <20230209102648.2291743-1-kraxel@redhat.com> From: "Ard Biesheuvel" Date: Thu, 9 Feb 2023 17:46:15 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2 00/10] OvmfPkg: add Crypto Driver support To: Gerd Hoffmann Cc: devel@edk2.groups.io, Pawel Polawski , Guomin Jiang , Tom Lendacky , Jiewen Yao , Xiaoyu Lu , Jordan Justen , Min Xu , Jian J Wang , Michael Roth , Oliver Steffen , James Bottomley , Erdem Aktas , Ard Biesheuvel Content-Type: text/plain; charset="UTF-8" On Thu, 9 Feb 2023 at 11:27, Gerd Hoffmann wrote: > > Known problem: the NOOPT builds fail due to PEI becoming too big. > > What is the reason for doing these NOOPT builds? They are very useful for doing single step debugging with GDB. On ARM, I use the NOOPT builds fairly regularly. > I'm not sure what > value they provide. But the lack of LTO bloats the binaries with dead > code, which is a constant source of trouble ... > > v2 changes: > - turn on crypto driver support by default. > - left the config option in for now as fallback option. > When all goes as planned remove it one or two releases > later. > - fix various build problems. > > Gerd Hoffmann (10): > CryptoPkg: move Driver PCD configs to include files > CryptoPkg: add CryptoServicePcd.hash_only.dsc.inc > CryptoPkg: add TPM hashes to CryptoServicePcd.min_dxe_smm.dsc.inc > OvmfPkg: add OvmfCrypto*.inc > OvmfPkg: OvmfPkgX64: use crypto includes > OvmfPkg: OvmfPkgIa32X64: use crypto includes > OvmfPkg: OvmfPkgIa32: use crypto includes > OvmfPkg: Microvm: use crypto includes > OvmfPkg: IntelTdx: use crypto includes > OvmfPkg: AmdSev: use crypto includes > This looks fine to me but I'll give other folks some time to chime in. Thanks, > .../Include/Dsc/CryptoServicePcd.all.dsc.inc | 29 +++++++ > .../Dsc/CryptoServicePcd.hash_only.dsc.inc | 8 ++ > .../Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc | 37 +++++++++ > .../Dsc/CryptoServicePcd.min_pei.dsc.inc | 20 +++++ > .../Dsc/OvmfCryptoComponentsDxe.dsc.inc | 23 ++++++ > .../Dsc/OvmfCryptoComponentsPei.dsc.inc | 19 +++++ > .../Dsc/OvmfCryptoComponentsSmm.dsc.inc | 18 +++++ > OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc | 5 ++ > OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc | 57 ++++++++++++++ > CryptoPkg/CryptoPkg.dsc | 78 +------------------ > OvmfPkg/AmdSev/AmdSevX64.dsc | 12 ++- > OvmfPkg/IntelTdx/IntelTdxX64.dsc | 15 ++-- > OvmfPkg/Microvm/MicrovmX64.dsc | 24 +++--- > OvmfPkg/OvmfPkgIa32.dsc | 22 +++--- > OvmfPkg/OvmfPkgIa32X64.dsc | 22 +++--- > OvmfPkg/OvmfPkgX64.dsc | 22 +++--- > OvmfPkg/AmdSev/AmdSevX64.fdf | 6 ++ > OvmfPkg/IntelTdx/IntelTdxX64.fdf | 5 ++ > OvmfPkg/Microvm/MicrovmX64.fdf | 7 ++ > OvmfPkg/OvmfPkgIa32.fdf | 6 ++ > OvmfPkg/OvmfPkgIa32X64.fdf | 6 ++ > OvmfPkg/OvmfPkgX64.fdf | 6 ++ > OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc | 12 +++ > OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc | 9 +++ > 24 files changed, 331 insertions(+), 137 deletions(-) > create mode 100644 CryptoPkg/Include/Dsc/CryptoServicePcd.all.dsc.inc > create mode 100644 CryptoPkg/Include/Dsc/CryptoServicePcd.hash_only.dsc.inc > create mode 100644 CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc > create mode 100644 CryptoPkg/Include/Dsc/CryptoServicePcd.min_pei.dsc.inc > create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc > create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc > create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc > create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc > create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc > create mode 100644 OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc > create mode 100644 OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc > > -- > 2.39.1 >