From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id BE697AC186F for ; Fri, 30 Aug 2024 18:23:49 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=TQZViamLv89xAq2F3vmnT00ExLD5aaJz0mFrd5V4ny4=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:MIME-Version:User-Agent:Subject:To:Cc:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1725042229; v=1; b=kYWA5siUG+Vo3Pk7hjLutZRT8k8Ka9KFM1+Yi7YS9pt0hhU7wUbWQTxWTa8Rjo+9NzxXnq6d 2yK0GBtSNEpQnv56SfNSzJ+uSYmhClIos5yXyMiapvnpijAXTVK40WK4VYRUCAKEJIEQUtpVwu/ 3ttbh4blSlQAOoANrX8v0E03ArQRUHxuhH/Bra7Q61j/3OTYH17A/LImSZPm7hcdV6b3HpvDjzI BnIW266i7RUMv9LhRR+e+Mf+IpIiEZnyP+qWitYH9GdYc2m3Ga2u4G8xc2ZZ2TnGtMkibG8QWpY KBglRmSx70hP7mV/Z8R979rpkIJI4k+vKlyz6IyU9f1tQ== X-Received: by 127.0.0.2 with SMTP id 7CM1YY7687511xkdGPS3OlOD; Fri, 30 Aug 2024 11:23:48 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.1390.1725042227348247162 for ; Fri, 30 Aug 2024 11:23:47 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id D22A41063; Fri, 30 Aug 2024 11:24:12 -0700 (PDT) X-Received: from [192.168.20.57] (usa-sjc-mx-foss1.foss.arm.com [172.31.20.19]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 116373F762; Fri, 30 Aug 2024 11:23:44 -0700 (PDT) Message-ID: Date: Fri, 30 Aug 2024 13:23:42 -0500 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [edk2-devel] [PATCH edk2-platforms 1/1] Platform/RaspberryPi: Switch to MbedTls crypto library To: Ard Biesheuvel , devel@edk2.groups.io Cc: quic_llindhol@quicinc.com, sami.mujawar@arm.com, Ard Biesheuvel References: <20240830081853.1571365-1-ardb+git@google.com> From: "Jeremy Linton" In-Reply-To: <20240830081853.1571365-1-ardb+git@google.com> Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Fri, 30 Aug 2024 11:23:47 -0700 Resent-From: jeremy.linton@arm.com Reply-To: devel@edk2.groups.io,jeremy.linton@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: X6EGrqXrlHkfDGpySkY6omdXx7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=kYWA5siU; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=arm.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io Hi, On 8/30/24 3:18 AM, Ard Biesheuvel wrote: > From: Ard Biesheuvel >=20 > Switch to the MbedTls crypto library, which uses less space, which has > run out on RPi4 (the DEBUG build can only succeed with HTTPS boot > disabled at this point) This is going to be endless, maybe its better to adjust the image=20 offsets to increase the space available, its not like we have a problem=20 with storage capacity. The only gotcha with the patch I pointed out a=20 few months ago was that it requires moving the DTB in the config.txt=20 file as well, along with TFA. I was looking at alternatives, IIRC its=20 possible to gain some space without doing that just by moving a few=20 things around. >=20 > Signed-off-by: Ard Biesheuvel > --- > Platform/RaspberryPi/RPi3/RPi3.dsc | 5 +++-- > Platform/RaspberryPi/RPi4/RPi4.dsc | 5 +++-- > 2 files changed, 6 insertions(+), 4 deletions(-) >=20 > diff --git a/Platform/RaspberryPi/RPi3/RPi3.dsc b/Platform/RaspberryPi/RP= i3/RPi3.dsc > index 43d6d028e126..86c5281d7af6 100644 > --- a/Platform/RaspberryPi/RPi3/RPi3.dsc > +++ b/Platform/RaspberryPi/RPi3/RPi3.dsc > @@ -134,7 +134,8 @@ [LibraryClasses.common] > # Cryptographic libraries > RngLib|MdePkg/Library/DxeRngLib/DxeRngLib.inf > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > + BaseCryptLib|CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf > + MbedTlsLib|CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf > =20 > @@ -228,7 +229,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] > VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePoli= cyLibRuntimeDxe.inf > =20 > !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE > - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > + BaseCryptLib|CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf > !endif > =20 > #######################################################################= ############################ > diff --git a/Platform/RaspberryPi/RPi4/RPi4.dsc b/Platform/RaspberryPi/RP= i4/RPi4.dsc > index c79f322d9e75..2e7798c71ff3 100644 > --- a/Platform/RaspberryPi/RPi4/RPi4.dsc > +++ b/Platform/RaspberryPi/RPi4/RPi4.dsc > @@ -134,7 +134,8 @@ [LibraryClasses.common] > # Cryptographic libraries > RngLib|MdePkg/Library/DxeRngLib/DxeRngLib.inf > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > + BaseCryptLib|CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf > + MbedTlsLib|CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf > =20 > @@ -236,7 +237,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] > VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePoli= cyLibRuntimeDxe.inf > =20 > !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE > - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > + BaseCryptLib|CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf > !endif > =20 > #######################################################################= ############################ -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#120454): https://edk2.groups.io/g/devel/message/120454 Mute This Topic: https://groups.io/mt/108184374/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-