From: "Wang, Jian J" <jian.j.wang@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>,
"lersek@redhat.com" <lersek@redhat.com>,
"dwmw2@infradead.org" <dwmw2@infradead.org>,
"Lu, XiaoyuX" <xiaoyux.lu@intel.com>
Cc: "Ye, Ting" <ting.ye@intel.com>, Richard Levitte <levitte@openssl.org>
Subject: Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg/OpensslLib: Exclude err_all.c in process_files.py
Date: Tue, 25 Jun 2019 08:58:14 +0000 [thread overview]
Message-ID: <D827630B58408649ACB04F44C51000362592C4F6@SHSMSX107.ccr.corp.intel.com> (raw)
In-Reply-To: <59b1f136-e1dd-257c-e45a-001358605b60@redhat.com>
Laszlo,
> -----Original Message-----
> From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of
> Laszlo Ersek
> Sent: Tuesday, June 25, 2019 3:54 AM
> To: Wang, Jian J <jian.j.wang@intel.com>; devel@edk2.groups.io;
> dwmw2@infradead.org; Lu, XiaoyuX <xiaoyux.lu@intel.com>
> Cc: Ye, Ting <ting.ye@intel.com>; Richard Levitte <levitte@openssl.org>
> Subject: Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg/OpensslLib: Exclude
> err_all.c in process_files.py
>
> On 06/21/19 10:37, Wang, Jian J wrote:
> > Hi David,
> >
> >
> >> -----Original Message-----
> >> From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of
> David
> >> Woodhouse
> >> Sent: Friday, June 21, 2019 6:34 AM
> >> To: devel@edk2.groups.io; lersek@redhat.com; Lu, XiaoyuX
> >> <xiaoyux.lu@intel.com>
> >> Cc: Wang, Jian J <jian.j.wang@intel.com>; Ye, Ting <ting.ye@intel.com>;
> >> Richard Levitte <levitte@openssl.org>
> >> Subject: Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg/OpensslLib: Exclude
> >> err_all.c in process_files.py
> >>
> >> On Thu, 2019-06-20 at 16:46 +0200, Laszlo Ersek wrote:
> >>>> Please submit a PR to OpenSSL to add 'no-store' if you really don't
> >>>> want it.
> >>>
> >>> I actually agree about "no-store"; please see point (1) in my earlier
> >>> review here:
> >>>
> >>> http://mid.mail-archive.com/0c5b5e95-cb2c-75af-a30b-
> >> 015dac14b91c@redhat.com
> >>
> >> Hm, you told them to use no-store, and I think you were right. They
> >> seem to have refused purely because of the piffling detail that it
> >> didn't actually exist. I find this suboptimal. Here:
> >>
> >> https://github.com/openssl/openssl/pull/9206
> >>
> >
> > Thanks for the PR.
>
> +1
>
> > And I agree adding the 'no-store' is the right way to fix
> > this issue. But the problem here is that we fixated the openssl to one
> > release tag. We don't change it until we upgrade it to a newer release.
> > That means any fixes in openssl trunk cannot be used by edk2 immediately,
> > not to mention there's possibility that the PR will be rejected. So there's
> > always a lag (maybe a quarter or half year, at least) here.
> >
> > We have also product release pressure which cannot afford quarters of
> > waiting for such kind fixes in upstream.
> >
> > My personal opinion is that, we fix any issue, if we can, in edk2 immediately
> > for current version of openssl (as workaround), and try to fix it in upstream
> > for future release at the same time. Once upstream has fixed the issue and
> > edk2 has decided to upgrade to it, we drop the workaround in edk2. We can
> > file BZ to track such kind of works.
> >
> > For this patch, I suggest we still push it. We can drop it and use real fix once
> > we decide to upgrade openssl future release including your PR.
>
> Right, in the most recent particular case, the time pressure to get
> stuff into usable-at-all state, for edk2-stable201905, was huge. I agree
> that "reminder BZs" (about backing out temporary downstream fixes) is
> the way to go.
I take this as agreement. I pushed this patch at (fixed file ext)
51f7a3e6c5192d3f9a0fa63b0b5617c151180ad7
> Example:
> https://bugzilla.tianocore.org/show_bug.cgi?id=1897
Above one is in our plan. I added BZ#1936 for this one.
https://bugzilla.tianocore.org/show_bug.cgi?id=1936
Thanks,
Jian
>
> Thanks
> Laszlo
>
>
next prev parent reply other threads:[~2019-06-25 8:58 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-19 7:19 [PATCH v1 1/1] CryptoPkg/OpensslLib: Exclude err_all.c in process_files.py Xiaoyu Lu
2019-06-19 22:59 ` Laszlo Ersek
2019-06-20 0:34 ` [edk2-devel] " Wang, Jian J
2019-06-20 7:54 ` David Woodhouse
2019-06-20 14:46 ` Laszlo Ersek
2019-06-20 22:33 ` David Woodhouse
2019-06-21 8:37 ` Wang, Jian J
2019-06-24 19:54 ` Laszlo Ersek
2019-06-25 8:58 ` Wang, Jian J [this message]
2019-06-26 12:46 ` Laszlo Ersek
2019-06-26 13:16 ` Wang, Jian J
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=D827630B58408649ACB04F44C51000362592C4F6@SHSMSX107.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox