From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga05.intel.com (mga05.intel.com [192.55.52.43])
 by mx.groups.io with SMTP id smtpd.web11.339.1573103338424937554
 for <devel@edk2.groups.io>;
 Wed, 06 Nov 2019 21:08:58 -0800
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: jian.j.wang@intel.com)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga005.jf.intel.com ([10.7.209.41])
  by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Nov 2019 21:08:58 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.68,276,1569308400"; 
   d="scan'208";a="377311887"
Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202])
  by orsmga005.jf.intel.com with ESMTP; 06 Nov 2019 21:08:57 -0800
Received: from fmsmsx158.amr.corp.intel.com (10.18.116.75) by
 fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Wed, 6 Nov 2019 21:08:57 -0800
Received: from shsmsx106.ccr.corp.intel.com (10.239.4.159) by
 fmsmsx158.amr.corp.intel.com (10.18.116.75) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Wed, 6 Nov 2019 21:08:57 -0800
Received: from shsmsx107.ccr.corp.intel.com ([169.254.9.63]) by
 SHSMSX106.ccr.corp.intel.com ([169.254.10.248]) with mapi id 14.03.0439.000;
 Thu, 7 Nov 2019 13:08:55 +0800
From: "Wang, Jian J" <jian.j.wang@intel.com>
To: "Kinney, Michael D" <michael.d.kinney@intel.com>, "devel@edk2.groups.io"
	<devel@edk2.groups.io>
CC: "Yao, Jiewen" <jiewen.yao@intel.com>, "Zhang, Chao B"
	<chao.b.zhang@intel.com>
Subject: Re: [Patch v4 15/22] SecurityPkg: Add YAML files for CI builds
Thread-Topic: [Patch v4 15/22] SecurityPkg: Add YAML files for CI builds
Thread-Index: AQHVlQikVPcQbdppyE+Bfbx1oR+YwKd/KMxA
Date: Thu, 7 Nov 2019 05:08:54 +0000
Message-ID: <D827630B58408649ACB04F44C5100036259AAD76@SHSMSX107.ccr.corp.intel.com>
References: <20191107011349.16524-1-michael.d.kinney@intel.com>
 <20191107011349.16524-16-michael.d.kinney@intel.com>
In-Reply-To: <20191107011349.16524-16-michael.d.kinney@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiMDEzYzA1N2YtODc3OS00M2EzLWFiYjQtMWZjMDAyM2RhZDIzIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiTUhjXC9NQ2daWVExdStDb3Foc21xbFJmQ1FFaTh0Z3BScm5Xcnc4WWJkUkdZSUNyKzNcL0daQWRHeituTlJzaGh3In0=
x-ctpclassification: CTP_NT
dlp-product: dlpe-windows
dlp-version: 11.2.0.6
dlp-reaction: no-action
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Return-Path: jian.j.wang@intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable


Reviewed-by: Jian J Wang <jian.j.wang@intel.com>

Regards,
Jian

> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@intel.com>
> Sent: Thursday, November 07, 2019 9:14 AM
> To: devel@edk2.groups.io
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.c=
om>;
> Zhang, Chao B <chao.b.zhang@intel.com>
> Subject: [Patch v4 15/22] SecurityPkg: Add YAML files for CI builds
>=20
> Add YAML file to the package directory with the
> configuration of the checks to perform during a
> CI build.
>=20
> Use BaseCryptLibNull for package CI builds to reduce package
> build times.  Enabled with CONTINUOUS_INTEGRATION in YAML
> files.  By default CONTINUOUS_INTEGRATION is not defined,
> and the original lib mappings are preserved.
>=20
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
> ---
>  SecurityPkg/SecurityPkg.ci.yaml | 80 +++++++++++++++++++++++++++++++++
>  SecurityPkg/SecurityPkg.dsc     | 32 ++++++++++++-
>  2 files changed, 110 insertions(+), 2 deletions(-)
>  create mode 100644 SecurityPkg/SecurityPkg.ci.yaml
>=20
> diff --git a/SecurityPkg/SecurityPkg.ci.yaml b/SecurityPkg/SecurityPkg.ci=
.yaml
> new file mode 100644
> index 0000000000..c7e309fcda
> --- /dev/null
> +++ b/SecurityPkg/SecurityPkg.ci.yaml
> @@ -0,0 +1,80 @@
> +##
> +# CI configuration for SecurityPkg
> +#
> +# Copyright (c) Microsoft Corporation
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
> +##
> +{
> +    "CompilerPlugin": {
> +        "DscPath": "SecurityPkg.dsc"
> +    },
> +    "CharEncodingCheck": {
> +        "IgnoreFiles": []
> +    },
> +    "DependencyCheck": {
> +        "AcceptableDependencies": [
> +            "MdePkg/MdePkg.dec",
> +            "MdeModulePkg/MdeModulePkg.dec",
> +            "SecurityPkg/SecurityPkg.dec",
> +            "CryptoPkg/CryptoPkg.dec"
> +        ],
> +        # For host based unit tests
> +        "AcceptableDependencies-HOST_APPLICATION":[],
> +        # For UEFI shell based apps
> +        "AcceptableDependencies-UEFI_APPLICATION":[],
> +        "IgnoreInf": []
> +    },
> +    "DscCompleteCheck": {
> +        "DscPath": "SecurityPkg.dsc",
> +        "IgnoreInf": []
> +    },
> +    "GuidCheck": {
> +        "IgnoreGuidName": [],
> +        "IgnoreGuidValue": ["00000000-0000-0000-0000-000000000000"],
> +        "IgnoreFoldersAndFiles": [],
> +        "IgnoreDuplicates": [
> +            "Tpm2InstanceLibDTpm=3DgEfiTpmDeviceInstanceTpm20DtpmGuid", =
#  by
> design
> +        ]
> +    },
> +    "LibraryClassCheck": {
> +        "IgnoreHeaderFile": []
> +    },
> +
> +    ## options defined ci/Plugin/SpellCheck
> +    "SpellCheck": {
> +        "AuditOnly": True,           # Fails test but run in AuditOnly m=
ode to collect log
> +        "ExtendWords": [             # words to extend to the dictionary=
 for this
> package
> +            "shortformed", # tpm acpi
> +            "autodetect",
> +            "blocksid",
> +            "comid",
> +            "cpinsidpin", #OpalSScV2
> +            "ecdsa", # TPM
> +            "ecschnorr", # TPM
> +            "eisaid", # ACPI
> +            "harddisk",
> +            "hashall",
> +            "hashto",
> +            "kek's",
> +            "lfanew", # PE/COFF
> +            "pcrindex",
> +            "pkglength",
> +            "ppuser",
> +            "preos",
> +            "stclear",
> +            "toctou",
> +            "tpm's",
> +            "tpmcmdbuflength",
> +            "tpmcommlib",
> +            "tpmnvvaluelength",
> +            "wrlocked",
> +            "xored"
> +        ],
> +        "IgnoreStandardPaths": [],   # Standard Plugin defined paths tha=
t should be
> ignore
> +        "AdditionalIncludePaths": [] # Additional paths to spell check (=
wildcards
> supported)
> +    },
> +
> +    "Defines": {
> +        "BLD_*_CONTINUOUS_INTEGRATION": "TRUE",
> +    }
> +}
> diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
> index 9a254087a3..a2eeadda7a 100644
> --- a/SecurityPkg/SecurityPkg.dsc
> +++ b/SecurityPkg/SecurityPkg.dsc
> @@ -44,8 +44,6 @@ [LibraryClasses]
>    HiiLib|MdeModulePkg/Library/UefiHiiLib/UefiHiiLib.inf
>=20
> UefiHiiServicesLib|MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiService=
sLib
> .inf
>    PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
> -  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> -  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
>    IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
>    TpmCommLib|SecurityPkg/Library/TpmCommLib/TpmCommLib.inf
>=20
> PlatformSecureLib|SecurityPkg/Library/PlatformSecureLibNull/PlatformSecur=
eLi
> bNull.inf
> @@ -84,7 +82,13 @@ [LibraryClasses.common.PEIM]
>=20
> PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLib/PeiS=
ervi
> cesTablePointerLib.inf
>    HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
>=20
> MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllo
> cationLib.inf
> +!ifdef CONTINUOUS_INTEGRATION
> +  BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> +!else
> +  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> +  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
>    BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> +!endif
>=20
> HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRout
> erPei.inf
>=20
> ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiRepo
> rtStatusCodeLib.inf
>=20
> Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDT
> pm.inf
> @@ -95,7 +99,13 @@ [LibraryClasses.common.PEIM]
>  [LibraryClasses.common.DXE_DRIVER]
>    HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
>=20
> ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeRep
> ortStatusCodeLib.inf
> +!ifdef CONTINUOUS_INTEGRATION
> +  BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> +!else
> +  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> +  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
>    BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> +!endif
>=20
> HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRout
> erDxe.inf
>=20
> Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i
> nf
>=20
> Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.in
> f
> @@ -110,13 +120,25 @@ [LibraryClasses.common.UEFI_DRIVER,
> LibraryClasses.common.DXE_RUNTIME_DRIVER, Li
>=20
>  [LibraryClasses.common.DXE_RUNTIME_DRIVER]
>=20
> ReportStatusCodeLib|MdeModulePkg/Library/RuntimeDxeReportStatusCodeLib
> /RuntimeDxeReportStatusCodeLib.inf
> +!ifdef CONTINUOUS_INTEGRATION
> +  BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> +!else
> +  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> +  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
>    BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> +!endif
>=20
> HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRout
> erDxe.inf
>=20
> Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i
> nf
>=20
> Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.in
> f
>=20
>  [LibraryClasses.common.UEFI_DRIVER,
> LibraryClasses.common.UEFI_APPLICATION]
> +!ifdef CONTINUOUS_INTEGRATION
> +  BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> +!else
> +  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> +  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
>    BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> +!endif
>=20
> HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRout
> erDxe.inf
>=20
> Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i
> nf
>=20
> Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.in
> f
> @@ -127,7 +149,13 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
>=20
> MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemory
> AllocationLib.inf
>=20
> ReportStatusCodeLib|MdeModulePkg/Library/SmmReportStatusCodeLib/SmmR
> eportStatusCodeLib.inf
>    SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
> +!ifdef CONTINUOUS_INTEGRATION
> +  BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> +!else
> +  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> +  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
>    BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> +!endif
>=20
> Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i
> nf
>=20
> Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.in
> f
>=20
> Tcg2PhysicalPresenceLib|SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/Sm
> mTcg2PhysicalPresenceLib.inf
> --
> 2.21.0.windows.1