From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web09.27894.1652066594279531302 for ; Sun, 08 May 2022 20:23:14 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=ndK6T5Pw; spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1652066594; x=1683602594; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=WXhj2UO0yNSHwSfkeyio/Oml1Sr02A7XE5q68PNcpU8=; b=ndK6T5PwE+twen08EcYluGuvLPUPg1TBcHzwElAnaQktuYRGkK9gHP78 dIdTSqnIpmFyCm4IXCeVlfGdKmMC1GLwaIQCJ+pRQPJ12ycNRDeE3GaFl zfLRtnaAufF3Pl0D3mTXo3gtUIX3q4kn7dSG/WndJQxt3ZE9lgS6l6ywO jjqYZICtX5dor4q1jaYqSaS1WfcU8SSEABDYbqOCjGf7rsjDS3nlyPxJy KyFKJ0qRtdfqjZO6DL4+Fqf0Ad2ZMT0rqA7M4UTEDtZA4VS4/EIBVJk84 5z6LDyplBzsQyqXNsfwznO1O13JTR4w7x62OtEYvzeBWC2zz0LXeOsnAa g==; X-IronPort-AV: E=McAfee;i="6400,9594,10341"; a="256454929" X-IronPort-AV: E=Sophos;i="5.91,210,1647327600"; d="scan'208";a="256454929" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 May 2022 20:23:13 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.91,210,1647327600"; d="scan'208";a="591054162" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by orsmga008.jf.intel.com with ESMTP; 08 May 2022 20:23:13 -0700 Received: from fmsmsx608.amr.corp.intel.com (10.18.126.88) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Sun, 8 May 2022 20:23:13 -0700 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx608.amr.corp.intel.com (10.18.126.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27 via Frontend Transport; Sun, 8 May 2022 20:23:13 -0700 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (104.47.59.177) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.27; Sun, 8 May 2022 20:23:13 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YfoijFju1AVKZwSVfKic8chPGvNwjX5sF6XuqOBFR0IgM2ltrVa6JZtuE1RuDjjLNYQrT7V94djZ7VQsBkeetWKS/EGIA3Ppkogt+h5RPWeywCy2b1UxZ8EWrkk5GCANo4VT2N51W48xee7fFfis2DD/cG3TZUvHUDSvq6pUlj4n069CZldZEliXCrqHimLXRTszZFxeL7qWg/rxKPKrEvbLe6oWIszZAEVkm9AWAe/7O5IsiUVlpOOYa5dYs5JxngL58GFToeXFXfOQ7hd1UIQ7ueJJu72EnL8zf3CiNTtV7ghyfEykOrkxu9DhwIapF3cXfsTI9CxSFjjHSEc7uw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Mv8jTSdh6ASLHy4SXL+C986sVJM9Inp87b4uo4PMzak=; b=SYPCzD1if24w1NweQrnfFa5yQLREPkyXza+QVVMSwMZw+cKCknhjQpTtq1CqPp9aLxEvSLhpGSSGRKXkLigTl5ClKnAvMiG/hTmEIJEIRsn+PzAuDBYQrJeEmDu6SvjcFPjHzBiGQnV4RjsDXzLaxoSLqcWL/gZA8pciX2qWjLvVFe4bt30kOgL1ydT7hCzwdkEakNKY0d5ELGYVhx4A7cW/mZKeP7NLvgx0x5w9JY5wS1D+FO2ktlCw4ceSdK//L/DOd/LYawU+qO9gE0NRFw+h2riIQnMwLD2lpVmuama+sqtPnPpkLcxR1Lsk5UZYkeed69JChrQyALZFwelX6w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by BYAPR11MB3637.namprd11.prod.outlook.com (2603:10b6:a03:f9::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5227.21; Mon, 9 May 2022 03:23:11 +0000 Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::d55d:28c1:bfab:3dd]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::d55d:28c1:bfab:3dd%6]) with mapi id 15.20.5206.024; Mon, 9 May 2022 03:23:11 +0000 From: "Yao, Jiewen" To: "Li, Yi1" , "devel@edk2.groups.io" CC: "Wang, Jian J" , "Lu, Xiaoyu1" , "Jiang, Guomin" , "Gerd Hoffmann" Subject: Re: [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option Thread-Topic: [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option Thread-Index: AQHYY1Oks1QGXigPr0+zUu6SoJHQIa0V4Y6g Date: Mon, 9 May 2022 03:23:11 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.6.401.20 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 338feb3a-c86f-4f1a-89fc-08da316b3f2e x-ms-traffictypediagnostic: BYAPR11MB3637:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: PormTFnHxhkecfU50zslbS64rGssal75HqAJVEuhZcs+wrvLEUygpybr+1Mge6jRyM2dvD+QuGhh8Quw+gmqpZq0isqpHaPGsjtwg0Ra9Fi1epqFO2xuBchzmhhGB3wt/4VV0YC6Z4nCloFp1FiHDmJOtVIJWmLkELCVY9RsDny9lPcEY1aei4OhRPlEKgHsttYSIXjTejFVRciv8S7Ct67TSFFrCF1quSK4NzbWr+XatX/x4rZ6wwbuk7QiMcQd6wFXOwy8nJXz+HbKhCrPDCuMUrmwdcxA925l5iy0hneRQUt7hmOTANS+xQMA2jb3L/b71SYMOVW1SvUXnHFKQMw1pq4A8GOAkkp5urCuBYb3P4zWRmzNhJPm9p/sTB5BVN5NT/4pEmHpkWAItdMNMMzrLOSLFNkpengVIP5cC7yNXRXiGPTO5PhE0oeVE51GPPn9Nh8yegq8Kw4KFNZ2ffht97rsmD6AYY6Ap42S5XTuEMvDG/fCmQvU9j0E8Kcpz6+qdVZc9nyOjqZZsGSg1ONQXk71tzLiwqV+QpDYUpDWuUk++0NBnfC8YbrjUcJGfs8O+4uu8kl8MrVX0QckJFDY55+7XcdlVaMHCW4lj61JJ8NbY+IctehaMNqTcAANbMEq7mRPkaDQzc7Zvhe9iEm51C/Zx8SS5JFpfs1QL1T3xsutZ0wsTLa8S2l48cuHC63XacCOcG/Tp5eIuqmwbw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5872.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(316002)(55016003)(5660300002)(38100700002)(38070700005)(33656002)(52536014)(508600001)(8936002)(110136005)(64756008)(76116006)(66476007)(54906003)(66446008)(66556008)(186003)(66946007)(26005)(15650500001)(71200400001)(86362001)(9686003)(82960400001)(4326008)(8676002)(2906002)(122000001)(83380400001)(7696005)(6506007)(53546011);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?YXoQDeA3+6DlvAsxaN6Qi/U2aQJb89Si97jIWwbdLaO5bIuS6SIypl/aVKNl?= =?us-ascii?Q?hf2h64femKXN67+gFdTI6dzPK3GK6oN+cQ+LcjTjqWzRl5U/pOxeESkwZqId?= =?us-ascii?Q?x4u1rRW9xvnFUD8flQI9/v1PxVulLWmh2m3imaOVbiEhpO6z5DteaNxX2brS?= =?us-ascii?Q?nwxosk9VL26bZ07JYgxl9nF3ArU2TiuRr0mHytRtvtCR+ogEUXrrqsdFtm5v?= =?us-ascii?Q?UKWmdM/VqwOmJXTmC3+oOnjrn2i9OqCQB9srhxhdDEmew+QbWhCzELv/D64q?= =?us-ascii?Q?glsMRBJL4G+M3nlC5HPBkkZiACoCN5bmV4veKv+CAsJuVF/zYMUnW4CepapH?= =?us-ascii?Q?PHaAPcK8e6qEUsvFWfVjopYd1KTzavzXldMulSX7cRcIuewLRgB2WQXbOcRV?= =?us-ascii?Q?Kj2bDHd9ntDa1cctAv79fGDCDblcXZX6yFyyZlECZgeSRAbiMx3ugnIAYX3g?= =?us-ascii?Q?GXQYvfEOGFLjn4t4Gwq8iHRH9D3fXiJDuNwu25ri/9tzTYUHcJbi11stYeK1?= =?us-ascii?Q?oFWZdWWk8EfNDb1KFUe3dMSvSr5N7TX3NaZfwROp2sdMJUib6fEkqTsRXOUI?= =?us-ascii?Q?0z1+lgGXm0jyt9N7CF1BXhtvU0qCTtQOvrDOms2mwvceavB7WySaHe4Mg5JA?= =?us-ascii?Q?n5d8yhCVftJ+nuYyYj2AAD4hcZ0h/jVMekkQ2tQ3awNkvKBAWY5mOpZ1N8hY?= =?us-ascii?Q?/6GsdDXotMhD3LAG/ft/+TMzOoDRWGIuPqSPRYs5mhae3wUBoiUjWJU8PmXC?= =?us-ascii?Q?scOQB3Ye/chMARi6RktQnNUF/SAf8dHpuAKrfvd9nEEaVjsvnkGPw6gY7KJ9?= =?us-ascii?Q?zf2iTigclpAV/yZh+N5+ZAoeVFO1gQa8lNI4n6SAZCLupYM4CF/XlYzqJUGL?= =?us-ascii?Q?4Q+LmDi3DDi0k4urZAtbiMcn54EMSKydwVbv37/KqNr9+klgmwEQ2RjLOl8D?= =?us-ascii?Q?J5l4QnPlS5PE/WYm2VmnNZk/foa0g34DIZlKMvY/j6b4evc5I+OLYxzLsWz2?= =?us-ascii?Q?jvqFAdxw7RNwo8S2bvoVlEWmSNTGlcQtiugYFspXmE4YQJ3aHBwRZiRMP8uL?= =?us-ascii?Q?cMdLinkNKkfn0KTKmqZ8mrvZ8nO5p5bk0Hw+ZJ6xLE2Ta7is5sg+lhbZMDLY?= =?us-ascii?Q?GBPz523SZPNZIHDRoesK7a+ihhLMWDAXeVXcC6CsZXohSTPAqF8TmjLFiNVj?= =?us-ascii?Q?wplceJ46NGMOgfssJFml4iWUWPBY89PIQbSGFl389oaWJ8e+KQ2rCnAM7UTn?= =?us-ascii?Q?sFW4UMJ8SHjt4wVAsNhB0rDucCDCT7rXv/GXwc3xu1dATmyb1MfWImu2DOlt?= =?us-ascii?Q?WYS/uLRBnzpRwURK9RTiHC1fMeLvRHq/Vgj+0452ZJssEr4NwcCYxJbHPMuK?= =?us-ascii?Q?vmwT0WJIVVprhlRP+JOhRD6+IerJ9N13bswYk7xQcBJTXk8UmaCNB36U/Bx3?= =?us-ascii?Q?DXo5ptearOhk63M5u0TE8rBZqeEfmGLK1vL4T/InpfrqSLp4Y+WXCssK5//R?= =?us-ascii?Q?6L3ww8FESlbGZck4jayGevtju+/lc5dHxGlX7Qb64nQqdZWa+3kXYMS9viWN?= =?us-ascii?Q?kh9mPoLyoDgfMw2tqUEt0Vt+o3K4e9s+VQhVa/6fF+Q18i6fptt7MJGRygxo?= =?us-ascii?Q?pOTfE3Y/Iijx12Fh0BOEuSkfAHgVO5sQJjQpXQOO4p+Oy3I6vxILopceqNJc?= =?us-ascii?Q?o52vyD+kQRVcnJhcEmzGheH9bBOVj2nJuXcwFKPtjXYIWJ/uMvU7lJcesvkV?= =?us-ascii?Q?OVWmz5Uwpw=3D=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 338feb3a-c86f-4f1a-89fc-08da316b3f2e X-MS-Exchange-CrossTenant-originalarrivaltime: 09 May 2022 03:23:11.7467 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: w7GaqBAkvb0NzfuWKNFLxhg/Ld1+L/v1FYYv2gL4p0j3SYCSkQGdiQvdEVzNOjZC6JevAsq3s7pliVNtzRAoLQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB3637 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jiewen Yao > -----Original Message----- > From: Li, Yi1 > Sent: Monday, May 9, 2022 11:19 AM > To: devel@edk2.groups.io > Cc: Li, Yi1 ; Yao, Jiewen ; Wang,= Jian > J ; Lu, Xiaoyu1 ; Jiang, Guo= min > ; Gerd Hoffmann > Subject: [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically = add > PCD config option >=20 > Recommend from Gerd: > (2) Keep the EC config option, but update process_files.pl to > automatically add the PcdEcEnabled config option handling > to the files it generates. >=20 > When remove 'no-ec' from openssl configure list, will automatically remov= e > 'OPENSSL_NO_EC', 'OPENSSL_NO_ECDH', 'OPENSSL_NO_ECDSA', > 'OPENSSL_NO_TLS1_3', > form header, and add '/ec/.', '/sm2/.' files to INF files. >=20 > Signed-off-by: Yi Li > Cc: Jiewen Yao > Cc: Jian J Wang > Cc: Xiaoyu Lu > Cc: Guomin Jiang > Cc: Gerd Hoffmann > --- > CryptoPkg/Library/OpensslLib/process_files.pl | 67 ++++++++++++++++++- > 1 file changed, 65 insertions(+), 2 deletions(-) >=20 > diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl > b/CryptoPkg/Library/OpensslLib/process_files.pl > index 2ebfbbbca0de..2849f5d9aed0 100755 > --- a/CryptoPkg/Library/OpensslLib/process_files.pl > +++ b/CryptoPkg/Library/OpensslLib/process_files.pl > @@ -81,6 +81,19 @@ my $uefi_config; > my $extension; > my $arch; > my @inf; > +# > +# Use PCD to conditionally enable certain openssl features. > +# $conditional_feature contains fetures_names:pcd_name pairs > +# of conditional features. > +# @conditional_feature_dir contains relative_path:pcd_name pairs > +# of conditional features in openssl, MUST correspond to the content > +# in $conditional_feature. > +# > +# Configure list [openssl_configuratio : new_define_list : new_file_list= : pcd] > +# 1. no-ec : {NO_EC, NO_ECDH, NO_ECDSA, NO_TLS1_3, NO_SM2} : {/ec/, > /sm2/} : PcdEcEnabled > +# > +my %conditional_feature =3D ("EC"=3D>"PcdEcEnabled", "ECDH"=3D>"PcdEcEna= bled", > "ECDSA"=3D>"PcdEcEnabled", "TLS1_3"=3D>"PcdEcEnabled", > "SM2"=3D>"PcdEcEnabled"); > +my %conditional_feature_dir =3D ("/ec/"=3D>"PcdEcEnabled", > "/sm2/"=3D>"PcdEcEnabled"); >=20 > BEGIN { > $inf_file =3D "OpensslLib.inf"; > @@ -282,7 +295,13 @@ foreach my $product ((@{$unified_info{libraries}}, > push @sslfilelist, ' $(OPENSSL_PATH)/' . $s . "\r\n"; > next; > } > - push @cryptofilelist, ' $(OPENSSL_PATH)/' . $s . "\r\n"; > + push @cryptofilelist, ' $(OPENSSL_PATH)/' . $s; > + foreach (keys(%conditional_feature_dir)) { > + if ($s =3D~ $_) { > + push @cryptofilelist, ' |*|*|*|gEfiCryptoPkgTok= enSpaceGuid.' . > $conditional_feature_dir{$_}; > + } > + } > + push @cryptofilelist, "\r\n"; > } > } > } > @@ -311,7 +330,13 @@ foreach (@headers){ > push @sslfilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n"; > next; > } > - push @cryptofilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n"; > + push @cryptofilelist, ' $(OPENSSL_PATH)/' . $_; > + foreach my $conditional_key (keys(%conditional_feature_dir)) { > + if ($_ =3D~ $conditional_key) { > + push @cryptofilelist, ' |*|*|*|gEfiCryptoPkgTokenSpaceGuid.= ' . > $conditional_feature_dir{$conditional_key}; > + } > + } > + push @cryptofilelist, "\r\n"; > } >=20 >=20 > @@ -430,6 +455,44 @@ system( > die "Cannot copy dso_conf.h!"; > print "Done!\n"; >=20 > +# > +# Add conditional feature to opensslconf.h > +# > +my $conf_file =3D "../Include/openssl/opensslconf.h"; > +my @conf_raw =3D (); > +my @conditional_define =3D (); > +print "\n--> Updating $conf_file ... "; > + > +foreach my $feature_name (keys(%conditional_feature)) { > + push @conditional_define, "#if !FixedPcdGetBool > ($conditional_feature{$feature_name})\r\n"; > + push @conditional_define, "# ifndef OPENSSL_NO_$feature_name\r\n"; > + push @conditional_define, "# define OPENSSL_NO_$feature_name\r\n"; > + push @conditional_define, "# endif\r\n#endif\r\n"; > +} > + > +open( FD, "<" . $conf_file ) || > + die $conf_file; > +foreach () { > + # Insert conditional define to the begin of opensslconf.h > + if ($_ =3D~ "#ifdef OPENSSL_ALGORITHM_DEFINES") { > + push @conf_raw, @conditional_define; > + } > + push @conf_raw, $_; > + if ($_ =3D~ "") { > + push @conf_raw, "#include \r\n"; > + } > +} > +close(FD) || > + die $conf_file; > + > +open( FD, ">" . $conf_file ) || > + die $conf_file; > +print( FD @conf_raw ) || > + die $conf_file; > +close(FD) || > + die $conf_file; > +print "Done!\n"; > + > print "\nProcessing Files Done!\n"; >=20 > exit(0); > -- > 2.31.1.windows.1