From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "Kinney, Michael D" <michael.d.kinney@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>,
"kraxel@redhat.com" <kraxel@redhat.com>
Cc: "Wang, Jian J" <jian.j.wang@intel.com>,
"Jiang, Guomin" <guomin.jiang@intel.com>,
"Pawel Polawski" <ppolawsk@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@redhat.com>,
"Lu, XiaoyuX" <xiaoyux.lu@intel.com>
Subject: Re: [edk2-devel] [PATCH 00/24] CryptoPkg/openssl: update openssl submodule to v3.0
Date: Fri, 3 Dec 2021 16:42:08 +0000 [thread overview]
Message-ID: <MW4PR11MB5872F7FE1CD55B75691C9F348C6A9@MW4PR11MB5872.namprd11.prod.outlook.com> (raw)
In-Reply-To: <CO1PR11MB492971FF08656705C08844A8D26A9@CO1PR11MB4929.namprd11.prod.outlook.com>
Also, assuming you have done enough test, would you please provide:
1) size difference, Including PEI, SMM, DXE.
2) performance difference, Including PEI, SMM, DXE.
3) what unit test you have done (such as each crypto API)
4) what system test you have done (such as secure boot, trusted boot)
Thank you
Yao Jiewen
> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@intel.com>
> Sent: Saturday, December 4, 2021 12:33 AM
> To: devel@edk2.groups.io; kraxel@redhat.com; Kinney, Michael D
> <michael.d.kinney@intel.com>
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>;
> Jiang, Guomin <guomin.jiang@intel.com>; Pawel Polawski
> <ppolawsk@redhat.com>; Philippe Mathieu-Daudé <philmd@redhat.com>; Lu,
> XiaoyuX <xiaoyux.lu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 00/24] CryptoPkg/openssl: update openssl
> submodule to v3.0
>
> Hi Gerd,
>
> Thank you for starting this work!
>
> Can you point the community as a summary of the changes/improvements in
> v3.0 and your
> take on why it is important to upgrade TianoCore.
>
> Thanks,
>
> Mike
>
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd
> Hoffmann
> > Sent: Friday, December 3, 2021 8:07 AM
> > To: devel@edk2.groups.io
> > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> <jian.j.wang@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>;
> > Pawel Polawski <ppolawsk@redhat.com>; Philippe Mathieu-Daudé
> <philmd@redhat.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>; Gerd
> > Hoffmann <kraxel@redhat.com>
> > Subject: [edk2-devel] [PATCH 00/24] CryptoPkg/openssl: update openssl
> submodule to v3.0
> >
> > Very first take on updating openssl to 3.0.
> >
> > Some hacks are in there still, only limited testing
> > (no CI runs), so cleary not complete yet. Review
> > comments and other hints are welcome nevertheless.
> >
> > take care,
> > Gerd
> >
> > Gerd Hoffmann (24):
> > CryptoPkg/openssl: update submodule to 3.0
> > CryptoPkg/openssl: process_files.pl: drop UefiAsm.conf
> > CryptoPkg/openssl: process_files.pl: expand *.a
> > CryptoPkg/openssl: process_files.pl: set api to 1.1.1
> > CryptoPkg/openssl: process_files.pl: change config header handling
> > CryptoPkg/openssl: process_files.pl: provider headers
> > CryptoPkg/openssl: process_files.pl: skip unused files
> > CryptoPkg/openssl: process_files.pl: clean up when done
> > CryptoPkg/openssl: process_files.pl: filter out crypto/buildinf.h
> > CryptoPkg/openssl: update generated files
> > CryptoPkg/BaseCryptLib: no openssl deprecation warnings please
> > CryptoPkg/BaseCryptLib; adapt CryptSm3.c to openssl 3.0 changes.
> > CryptoPkg/BaseCryptLib: add more bio print dummies
> > CryptoPkg/openssl: adapt rand_pool.c to openssl 3.0 changes
> > CryptoPkg/openssl: add dummy file store
> > CryptoPkg/openssl: move compiler_flags to buildinf.c
> > CryptoPkg/CrtLibSupport: add fcntl.h
> > CryptoPkg/CrtLibSupport: add strstr()
> > CryptoPkg/CrtLibSupport: add INT_MIN
> > CryptoPkg/CrtLibSupport: add UINT_MAX
> > CryptoPkg/CrtLibSupport: add MODULESDIR
> > CryptoPkg/openssl: process_files.pl: copy generated der/*.c source
> > files.
> > CryptoPkg/openssl: add generated files der source files
> > [hack] turn off -Werror
> >
> > CryptoPkg/Library/OpensslLib/OpensslLib.inf | 1305 +++++----
> > .../Library/OpensslLib/OpensslLibCrypto.inf | 1220 +++++---
> > .../Library/OpensslLib/OpensslLibX64.inf | 1 +
> > .../Library/OpensslLib/OpensslLibX64Gcc.inf | 1 +
> > .../Library/BaseCryptLib/InternalCryptLib.h | 2 +
> > CryptoPkg/Library/Include/CrtLibSupport.h | 4 +
> > CryptoPkg/Library/Include/crypto/bn_conf.h | 29 +
> > CryptoPkg/Library/Include/crypto/dso_conf.h | 8 +-
> > CryptoPkg/Library/Include/fcntl.h | 9 +
> > CryptoPkg/Library/Include/openssl/asn1.h | 1128 +++++++
> > CryptoPkg/Library/Include/openssl/asn1t.h | 946 ++++++
> > CryptoPkg/Library/Include/openssl/bio.h | 884 ++++++
> > CryptoPkg/Library/Include/openssl/cmp.h | 592 ++++
> > CryptoPkg/Library/Include/openssl/cms.h | 493 ++++
> > CryptoPkg/Library/Include/openssl/conf.h | 211 ++
> > .../Library/Include/openssl/configuration.h | 286 ++
> > CryptoPkg/Library/Include/openssl/crmf.h | 227 ++
> > CryptoPkg/Library/Include/openssl/crypto.h | 556 ++++
> > CryptoPkg/Library/Include/openssl/ct.h | 573 ++++
> > CryptoPkg/Library/Include/openssl/err.h | 492 ++++
> > CryptoPkg/Library/Include/openssl/ess.h | 128 +
> > CryptoPkg/Library/Include/openssl/fipskey.h | 36 +
> > CryptoPkg/Library/Include/openssl/lhash.h | 288 ++
> > CryptoPkg/Library/Include/openssl/ocsp.h | 483 +++
> > .../Library/Include/openssl/opensslconf.h | 348 ---
> > CryptoPkg/Library/Include/openssl/opensslv.h | 114 +
> > CryptoPkg/Library/Include/openssl/pkcs12.h | 350 +++
> > CryptoPkg/Library/Include/openssl/pkcs7.h | 427 +++
> > CryptoPkg/Library/Include/openssl/safestack.h | 297 ++
> > CryptoPkg/Library/Include/openssl/srp.h | 285 ++
> > CryptoPkg/Library/Include/openssl/ssl.h | 2585 +++++++++++++++++
> > CryptoPkg/Library/Include/openssl/ui.h | 407 +++
> > CryptoPkg/Library/Include/openssl/x509.h | 1276 ++++++++
> > CryptoPkg/Library/Include/openssl/x509_vfy.h | 894 ++++++
> > CryptoPkg/Library/Include/openssl/x509v3.h | 1450 +++++++++
> > CryptoPkg/Library/Include/prov/bio.h | 32 +
> > CryptoPkg/Library/Include/prov/blake2.h | 120 +
> > CryptoPkg/Library/Include/prov/ciphercommon.h | 361 +++
> > .../Library/Include/prov/ciphercommon_aead.h | 47 +
> > .../Library/Include/prov/ciphercommon_ccm.h | 100 +
> > .../Library/Include/prov/ciphercommon_gcm.h | 129 +
> > CryptoPkg/Library/Include/prov/der_digests.h | 160 +
> > CryptoPkg/Library/Include/prov/der_dsa.h | 94 +
> > CryptoPkg/Library/Include/prov/der_ec.h | 286 ++
> > CryptoPkg/Library/Include/prov/der_ecx.h | 50 +
> > CryptoPkg/Library/Include/prov/der_rsa.h | 187 ++
> > CryptoPkg/Library/Include/prov/der_sm2.h | 37 +
> > CryptoPkg/Library/Include/prov/der_wrap.h | 46 +
> > CryptoPkg/Library/Include/prov/digestcommon.h | 123 +
> > .../Library/Include/prov/implementations.h | 516 ++++
> > CryptoPkg/Library/Include/prov/kdfexchange.h | 24 +
> > CryptoPkg/Library/Include/prov/macsignature.h | 30 +
> > CryptoPkg/Library/Include/prov/md5_sha1.h | 36 +
> > CryptoPkg/Library/Include/prov/names.h | 327 +++
> > CryptoPkg/Library/Include/prov/proverr.h | 27 +
> > CryptoPkg/Library/Include/prov/provider_ctx.h | 40 +
> > .../Library/Include/prov/provider_util.h | 138 +
> > .../Library/Include/prov/providercommon.h | 24 +
> > .../Library/Include/prov/securitycheck.h | 30 +
> > CryptoPkg/Library/Include/prov/seeding.h | 41 +
> > CryptoPkg/Library/OpensslLib/buildinf.h | 2 +-
> > .../Library/BaseCryptLib/Hash/CryptSm3.c | 14 +-
> > .../Library/BaseCryptLib/SysCall/CrtWrapper.c | 10 +
> > .../OpensslLib/{buildinf.h => buildinf.c} | 3 +-
> > .../Library/OpensslLib/der_digests_gen.c | 160 +
> > CryptoPkg/Library/OpensslLib/der_rsa_gen.c | 174 ++
> > CryptoPkg/Library/OpensslLib/der_wrap_gen.c | 46 +
> > CryptoPkg/Library/OpensslLib/ossl_store.c | 11 +
> > CryptoPkg/Library/OpensslLib/rand_pool.c | 20 +-
> > CryptoPkg/Library/OpensslLib/openssl | 2 +-
> > CryptoPkg/Library/OpensslLib/process_files.pl | 79 +-
> > 71 files changed, 20510 insertions(+), 1351 deletions(-)
> > create mode 100644 CryptoPkg/Library/Include/crypto/bn_conf.h
> > create mode 100644 CryptoPkg/Library/Include/fcntl.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/asn1.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/asn1t.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/bio.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/cmp.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/cms.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/conf.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/configuration.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/crmf.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/crypto.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/ct.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/err.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/ess.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/fipskey.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/lhash.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/ocsp.h
> > delete mode 100644 CryptoPkg/Library/Include/openssl/opensslconf.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/opensslv.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/pkcs12.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/pkcs7.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/safestack.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/srp.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/ssl.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/ui.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/x509.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/x509_vfy.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/x509v3.h
> > create mode 100644 CryptoPkg/Library/Include/prov/bio.h
> > create mode 100644 CryptoPkg/Library/Include/prov/blake2.h
> > create mode 100644 CryptoPkg/Library/Include/prov/ciphercommon.h
> > create mode 100644 CryptoPkg/Library/Include/prov/ciphercommon_aead.h
> > create mode 100644 CryptoPkg/Library/Include/prov/ciphercommon_ccm.h
> > create mode 100644 CryptoPkg/Library/Include/prov/ciphercommon_gcm.h
> > create mode 100644 CryptoPkg/Library/Include/prov/der_digests.h
> > create mode 100644 CryptoPkg/Library/Include/prov/der_dsa.h
> > create mode 100644 CryptoPkg/Library/Include/prov/der_ec.h
> > create mode 100644 CryptoPkg/Library/Include/prov/der_ecx.h
> > create mode 100644 CryptoPkg/Library/Include/prov/der_rsa.h
> > create mode 100644 CryptoPkg/Library/Include/prov/der_sm2.h
> > create mode 100644 CryptoPkg/Library/Include/prov/der_wrap.h
> > create mode 100644 CryptoPkg/Library/Include/prov/digestcommon.h
> > create mode 100644 CryptoPkg/Library/Include/prov/implementations.h
> > create mode 100644 CryptoPkg/Library/Include/prov/kdfexchange.h
> > create mode 100644 CryptoPkg/Library/Include/prov/macsignature.h
> > create mode 100644 CryptoPkg/Library/Include/prov/md5_sha1.h
> > create mode 100644 CryptoPkg/Library/Include/prov/names.h
> > create mode 100644 CryptoPkg/Library/Include/prov/proverr.h
> > create mode 100644 CryptoPkg/Library/Include/prov/provider_ctx.h
> > create mode 100644 CryptoPkg/Library/Include/prov/provider_util.h
> > create mode 100644 CryptoPkg/Library/Include/prov/providercommon.h
> > create mode 100644 CryptoPkg/Library/Include/prov/securitycheck.h
> > create mode 100644 CryptoPkg/Library/Include/prov/seeding.h
> > copy CryptoPkg/Library/OpensslLib/{buildinf.h => buildinf.c} (50%)
> > create mode 100644 CryptoPkg/Library/OpensslLib/der_digests_gen.c
> > create mode 100644 CryptoPkg/Library/OpensslLib/der_rsa_gen.c
> > create mode 100644 CryptoPkg/Library/OpensslLib/der_wrap_gen.c
> >
> > --
> > 2.33.1
> >
> >
> >
> >
> >
next prev parent reply other threads:[~2021-12-03 16:42 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-03 16:07 [PATCH 00/24] CryptoPkg/openssl: update openssl submodule to v3.0 Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 01/24] CryptoPkg/openssl: update submodule to 3.0 Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 02/24] CryptoPkg/openssl: process_files.pl: drop UefiAsm.conf Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 03/24] CryptoPkg/openssl: process_files.pl: expand *.a Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 04/24] CryptoPkg/openssl: process_files.pl: set api to 1.1.1 Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 05/24] CryptoPkg/openssl: process_files.pl: change config header handling Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 06/24] CryptoPkg/openssl: process_files.pl: provider headers Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 07/24] CryptoPkg/openssl: process_files.pl: skip unused files Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 08/24] CryptoPkg/openssl: process_files.pl: clean up when done Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 09/24] CryptoPkg/openssl: process_files.pl: filter out crypto/buildinf.h Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 10/24] CryptoPkg/openssl: update generated files Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 11/24] CryptoPkg/BaseCryptLib: no openssl deprecation warnings please Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 12/24] CryptoPkg/BaseCryptLib; adapt CryptSm3.c to openssl 3.0 changes Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 13/24] CryptoPkg/BaseCryptLib: add more bio print dummies Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 14/24] CryptoPkg/openssl: adapt rand_pool.c to openssl 3.0 changes Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 15/24] CryptoPkg/openssl: add dummy file store Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 16/24] CryptoPkg/openssl: move compiler_flags to buildinf.c Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 17/24] CryptoPkg/CrtLibSupport: add fcntl.h Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 18/24] CryptoPkg/CrtLibSupport: add strstr() Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 19/24] CryptoPkg/CrtLibSupport: add INT_MIN Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 20/24] CryptoPkg/CrtLibSupport: add UINT_MAX Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 21/24] CryptoPkg/CrtLibSupport: add MODULESDIR Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 22/24] CryptoPkg/openssl: process_files.pl: copy generated der/*.c source files Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 23/24] CryptoPkg/openssl: add generated files der " Gerd Hoffmann
2021-12-03 16:07 ` [PATCH 24/24] [hack] turn off -Werror Gerd Hoffmann
2021-12-03 16:27 ` [edk2-devel] " Michael D Kinney
2021-12-03 17:57 ` Pedro Falcato
2021-12-03 18:38 ` Michael D Kinney
2021-12-06 7:38 ` Gerd Hoffmann
2021-12-06 7:23 ` Gerd Hoffmann
2021-12-08 8:06 ` Gerd Hoffmann
2021-12-03 16:32 ` [edk2-devel] [PATCH 00/24] CryptoPkg/openssl: update openssl submodule to v3.0 Michael D Kinney
2021-12-03 16:42 ` Yao, Jiewen [this message]
2022-01-17 11:46 ` Gerd Hoffmann
2022-01-18 11:12 ` Yao, Jiewen
2022-01-18 16:12 ` Michael D Kinney
2022-01-21 8:33 ` Gerd Hoffmann
2022-01-21 16:34 ` Michael D Kinney
2022-01-21 8:30 ` Gerd Hoffmann
2022-01-21 16:38 ` Michael D Kinney
2022-01-24 16:24 ` Kilian Kegel
2022-01-24 17:28 ` Michael D Kinney
2022-01-24 19:58 ` Pedro Falcato
2022-01-26 11:02 ` Gerd Hoffmann
2022-01-27 22:26 ` Kilian Kegel
2022-01-28 0:55 ` Andrew Fish
2022-01-28 9:06 ` Pedro Falcato
2022-01-28 10:14 ` Gerd Hoffmann
2022-01-28 11:23 ` Pedro Falcato
2022-01-28 9:51 ` Gerd Hoffmann
2022-01-30 20:17 ` Kilian Kegel
2022-02-01 9:55 ` Gerd Hoffmann
2022-02-02 12:07 ` Kilian Kegel
2022-01-25 20:05 ` Kilian Kegel
2022-01-23 8:41 ` Yao, Jiewen
2021-12-06 8:05 ` Gerd Hoffmann
-- strict thread matches above, loose matches on Subject: below --
2022-01-28 14:07 Gerd Hoffmann
2022-01-28 14:14 ` Gerd Hoffmann
2022-01-28 15:54 ` Pedro Falcato
2022-02-01 9:39 ` Gerd Hoffmann
2022-01-28 16:00 ` Pedro Falcato
2022-01-28 16:12 ` Kilian Kegel
2022-02-01 9:50 ` Gerd Hoffmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=MW4PR11MB5872F7FE1CD55B75691C9F348C6A9@MW4PR11MB5872.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox