From: "Wang, Jian J" <jian.j.wang@intel.com>
To: "Kinney, Michael D" <michael.d.kinney@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: "Yao, Jiewen" <jiewen.yao@intel.com>,
"Zhang, Chao B" <chao.b.zhang@intel.com>
Subject: Re: [Patch v4 15/22] SecurityPkg: Add YAML files for CI builds
Date: Thu, 7 Nov 2019 05:08:54 +0000 [thread overview]
Message-ID: <D827630B58408649ACB04F44C5100036259AAD76@SHSMSX107.ccr.corp.intel.com> (raw)
In-Reply-To: <20191107011349.16524-16-michael.d.kinney@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Regards,
Jian
> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@intel.com>
> Sent: Thursday, November 07, 2019 9:14 AM
> To: devel@edk2.groups.io
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>;
> Zhang, Chao B <chao.b.zhang@intel.com>
> Subject: [Patch v4 15/22] SecurityPkg: Add YAML files for CI builds
>
> Add YAML file to the package directory with the
> configuration of the checks to perform during a
> CI build.
>
> Use BaseCryptLibNull for package CI builds to reduce package
> build times. Enabled with CONTINUOUS_INTEGRATION in YAML
> files. By default CONTINUOUS_INTEGRATION is not defined,
> and the original lib mappings are preserved.
>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
> ---
> SecurityPkg/SecurityPkg.ci.yaml | 80 +++++++++++++++++++++++++++++++++
> SecurityPkg/SecurityPkg.dsc | 32 ++++++++++++-
> 2 files changed, 110 insertions(+), 2 deletions(-)
> create mode 100644 SecurityPkg/SecurityPkg.ci.yaml
>
> diff --git a/SecurityPkg/SecurityPkg.ci.yaml b/SecurityPkg/SecurityPkg.ci.yaml
> new file mode 100644
> index 0000000000..c7e309fcda
> --- /dev/null
> +++ b/SecurityPkg/SecurityPkg.ci.yaml
> @@ -0,0 +1,80 @@
> +##
> +# CI configuration for SecurityPkg
> +#
> +# Copyright (c) Microsoft Corporation
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
> +##
> +{
> + "CompilerPlugin": {
> + "DscPath": "SecurityPkg.dsc"
> + },
> + "CharEncodingCheck": {
> + "IgnoreFiles": []
> + },
> + "DependencyCheck": {
> + "AcceptableDependencies": [
> + "MdePkg/MdePkg.dec",
> + "MdeModulePkg/MdeModulePkg.dec",
> + "SecurityPkg/SecurityPkg.dec",
> + "CryptoPkg/CryptoPkg.dec"
> + ],
> + # For host based unit tests
> + "AcceptableDependencies-HOST_APPLICATION":[],
> + # For UEFI shell based apps
> + "AcceptableDependencies-UEFI_APPLICATION":[],
> + "IgnoreInf": []
> + },
> + "DscCompleteCheck": {
> + "DscPath": "SecurityPkg.dsc",
> + "IgnoreInf": []
> + },
> + "GuidCheck": {
> + "IgnoreGuidName": [],
> + "IgnoreGuidValue": ["00000000-0000-0000-0000-000000000000"],
> + "IgnoreFoldersAndFiles": [],
> + "IgnoreDuplicates": [
> + "Tpm2InstanceLibDTpm=gEfiTpmDeviceInstanceTpm20DtpmGuid", # by
> design
> + ]
> + },
> + "LibraryClassCheck": {
> + "IgnoreHeaderFile": []
> + },
> +
> + ## options defined ci/Plugin/SpellCheck
> + "SpellCheck": {
> + "AuditOnly": True, # Fails test but run in AuditOnly mode to collect log
> + "ExtendWords": [ # words to extend to the dictionary for this
> package
> + "shortformed", # tpm acpi
> + "autodetect",
> + "blocksid",
> + "comid",
> + "cpinsidpin", #OpalSScV2
> + "ecdsa", # TPM
> + "ecschnorr", # TPM
> + "eisaid", # ACPI
> + "harddisk",
> + "hashall",
> + "hashto",
> + "kek's",
> + "lfanew", # PE/COFF
> + "pcrindex",
> + "pkglength",
> + "ppuser",
> + "preos",
> + "stclear",
> + "toctou",
> + "tpm's",
> + "tpmcmdbuflength",
> + "tpmcommlib",
> + "tpmnvvaluelength",
> + "wrlocked",
> + "xored"
> + ],
> + "IgnoreStandardPaths": [], # Standard Plugin defined paths that should be
> ignore
> + "AdditionalIncludePaths": [] # Additional paths to spell check (wildcards
> supported)
> + },
> +
> + "Defines": {
> + "BLD_*_CONTINUOUS_INTEGRATION": "TRUE",
> + }
> +}
> diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
> index 9a254087a3..a2eeadda7a 100644
> --- a/SecurityPkg/SecurityPkg.dsc
> +++ b/SecurityPkg/SecurityPkg.dsc
> @@ -44,8 +44,6 @@ [LibraryClasses]
> HiiLib|MdeModulePkg/Library/UefiHiiLib/UefiHiiLib.inf
>
> UefiHiiServicesLib|MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib
> .inf
> PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
> - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
> TpmCommLib|SecurityPkg/Library/TpmCommLib/TpmCommLib.inf
>
> PlatformSecureLib|SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLi
> bNull.inf
> @@ -84,7 +82,13 @@ [LibraryClasses.common.PEIM]
>
> PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLib/PeiServi
> cesTablePointerLib.inf
> HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
>
> MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllo
> cationLib.inf
> +!ifdef CONTINUOUS_INTEGRATION
> + BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> +!else
> + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> +!endif
>
> HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRout
> erPei.inf
>
> ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiRepo
> rtStatusCodeLib.inf
>
> Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDT
> pm.inf
> @@ -95,7 +99,13 @@ [LibraryClasses.common.PEIM]
> [LibraryClasses.common.DXE_DRIVER]
> HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
>
> ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeRep
> ortStatusCodeLib.inf
> +!ifdef CONTINUOUS_INTEGRATION
> + BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> +!else
> + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> +!endif
>
> HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRout
> erDxe.inf
>
> Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i
> nf
>
> Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.in
> f
> @@ -110,13 +120,25 @@ [LibraryClasses.common.UEFI_DRIVER,
> LibraryClasses.common.DXE_RUNTIME_DRIVER, Li
>
> [LibraryClasses.common.DXE_RUNTIME_DRIVER]
>
> ReportStatusCodeLib|MdeModulePkg/Library/RuntimeDxeReportStatusCodeLib
> /RuntimeDxeReportStatusCodeLib.inf
> +!ifdef CONTINUOUS_INTEGRATION
> + BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> +!else
> + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> +!endif
>
> HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRout
> erDxe.inf
>
> Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i
> nf
>
> Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.in
> f
>
> [LibraryClasses.common.UEFI_DRIVER,
> LibraryClasses.common.UEFI_APPLICATION]
> +!ifdef CONTINUOUS_INTEGRATION
> + BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> +!else
> + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> +!endif
>
> HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRout
> erDxe.inf
>
> Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i
> nf
>
> Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.in
> f
> @@ -127,7 +149,13 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
>
> MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemory
> AllocationLib.inf
>
> ReportStatusCodeLib|MdeModulePkg/Library/SmmReportStatusCodeLib/SmmR
> eportStatusCodeLib.inf
> SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
> +!ifdef CONTINUOUS_INTEGRATION
> + BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> +!else
> + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> +!endif
>
> Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i
> nf
>
> Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.in
> f
>
> Tcg2PhysicalPresenceLib|SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/Sm
> mTcg2PhysicalPresenceLib.inf
> --
> 2.21.0.windows.1
next prev parent reply other threads:[~2019-11-07 5:08 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-07 1:13 [Patch v4 00/22] Enable Phase 1 of EDK II CI Michael D Kinney
2019-11-07 1:13 ` [Patch v4 01/22] Maintainers.txt: Add continuous integration(CI) directories Michael D Kinney
2019-11-07 1:13 ` [Patch v4 02/22] .gitignore: Ignore python compiled files, extdeps, and vscode Michael D Kinney
2019-11-07 10:26 ` Laszlo Ersek
2019-11-07 1:13 ` [Patch v4 03/22] requirements.txt: Add python pip requirements file Michael D Kinney
2019-11-07 10:39 ` Laszlo Ersek
2019-11-07 15:43 ` Leif Lindholm
2019-11-07 17:44 ` Michael D Kinney
2019-11-08 13:12 ` Laszlo Ersek
2019-11-08 16:58 ` Michael D Kinney
2019-11-07 10:49 ` Laszlo Ersek
2019-11-07 1:13 ` [Patch v4 04/22] BaseTools: Add RC_PATH define for VS2017/2019 Michael D Kinney
2019-11-07 1:13 ` [Patch v4 05/22] BaseTools: Add YAML files with path env and tool extdeps Michael D Kinney
2019-11-07 1:13 ` [Patch v4 06/22] BaseTools: Add BaseTools plugins to support CI Michael D Kinney
2019-11-07 1:13 ` [Patch v4 07/22] .pytool/Plugin: Add CI plugins Michael D Kinney
2019-11-07 6:58 ` Liming Gao
2019-11-07 1:13 ` [Patch v4 08/22] CryptoPkg: Add YAML file for CI builds Michael D Kinney
2019-11-07 5:06 ` Wang, Jian J
2019-11-07 1:13 ` [Patch v4 09/22] FatPkg: " Michael D Kinney
2019-11-07 2:12 ` Ni, Ray
2019-11-07 1:13 ` [Patch v4 10/22] FmpDevicePkg: " Michael D Kinney
2019-11-07 1:13 ` [Patch v4 11/22] MdeModulePkg: " Michael D Kinney
2019-11-07 3:03 ` Wu, Hao A
2019-11-07 20:02 ` Michael D Kinney
2019-11-07 1:13 ` [Patch v4 12/22] MdePkg: " Michael D Kinney
2019-11-07 1:13 ` [Patch v4 13/22] NetworkPkg: " Michael D Kinney
2019-11-07 1:13 ` [Patch v4 14/22] PcAtChipsetPkg: Add YAML files " Michael D Kinney
2019-11-07 2:12 ` Ni, Ray
2019-11-07 1:13 ` [Patch v4 15/22] SecurityPkg: " Michael D Kinney
2019-11-07 5:08 ` Wang, Jian J [this message]
2019-11-07 1:13 ` [Patch v4 16/22] ShellPkg: Add YAML file " Michael D Kinney
2019-11-07 2:12 ` Ni, Ray
2019-11-07 1:13 ` [Patch v4 17/22] UefiCpuPkg: " Michael D Kinney
2019-11-07 2:12 ` Ni, Ray
2019-11-07 10:42 ` Laszlo Ersek
2019-11-07 10:48 ` Laszlo Ersek
2019-11-07 19:23 ` [edk2-devel] " Michael D Kinney
2019-11-07 19:33 ` Sean
2019-11-08 14:43 ` Laszlo Ersek
2019-11-07 1:13 ` [Patch v4 18/22] SignedCapsulePkg: Use BaseCryptLibNull to reduce package CI time Michael D Kinney
2019-11-07 1:13 ` [Patch v4 19/22] .pytool: Add CISettings.py and Readme.md Michael D Kinney
2019-11-07 16:16 ` [edk2-devel] " rebecca
2019-11-07 1:13 ` [Patch v4 20/22] .azurepipelines: Add Azure Pipelines YML configuration files Michael D Kinney
2019-11-07 1:13 ` [Patch v4 21/22] .mergify: Add Mergify YML pull request rules configuration file Michael D Kinney
2019-11-07 1:13 ` [Patch v4 22/22] Readme.md: Add CI build status badges Michael D Kinney
2019-11-07 10:44 ` Laszlo Ersek
2019-11-07 16:00 ` Leif Lindholm
2019-11-07 19:42 ` Michael D Kinney
2019-11-07 23:16 ` Leif Lindholm
2019-11-08 9:24 ` Leif Lindholm
2019-11-07 15:35 ` [Patch v4 00/22] Enable Phase 1 of EDK II CI Liming Gao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=D827630B58408649ACB04F44C5100036259AAD76@SHSMSX107.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox