From: "Michael Brown" <mcb30@ipxe.org>
To: devel@edk2.groups.io, mhaeuser@posteo.de, Andrew Fish <afish@apple.com>
Cc: Laszlo Ersek <lersek@redhat.com>,
Nate DeSimone <nathaniel.l.desimone@intel.com>,
Mike Kinney <michael.d.kinney@intel.com>
Subject: Re: [edk2-devel] [GSoC proposal] Secure Image Loader
Date: Thu, 8 Apr 2021 23:42:40 +0100 [thread overview]
Message-ID: <c481baea-bf50-ca71-e386-4ebd8134fa4f@ipxe.org> (raw)
In-Reply-To: <9f565a00-03de-4e54-b86f-5ff2851bb7a3@posteo.de>
On 08/04/2021 22:07, Marvin Häuser wrote:
> PE is not a moving target, but EDK II is. The fact that even old and proven code sometimes needs maintanance is evidental from the proposal and its so far positive feedback. I'm not ready to duplicate code, I'd rather take the utilities out of the current scope and discuss ways to consume MdePkg libraries later. In fact, I want to reduce code duplication as a "free benefit" from the changes, especially image hashing.
>
> I know it takes time, but I think it will be worth it. We have been debugging and fuzztesting our EDK II packages in userland for a while, and found it to be a great help. I hope you will agree. :)
In case any of it happens to be helpful:
https://github.com/ipxe/efikit
is a proof-of-concept build of portions of EDK2 (specifically, several
of the MdePkg libraries) as cross-platform libraries that can be linked
against by standard Linux, Windows, or Mac userspace applications.
It's quite satisfying to be able to use
#include <Library/DevicePathLib.h>
...
size_t len = UefiDevicePathLibGetDevicePathSize ( path );
from otherwise perfectly normal-looking userspace C code.
It uses GNU autotools, so just download
https://github.com/ipxe/efikit/releases/download/v0.3/efikit-0.3.tar.gz
and run the standard:
./configure
make
Totally undocumented (for now), but if you're curious then good places
to dig in are probably
https://github.com/ipxe/efikit/blob/master/src/Makefile.am#L186-L237
https://github.com/ipxe/efikit/blob/master/src/libefidevpath.c#L187-L215
Michael
next prev parent reply other threads:[~2021-04-08 22:42 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-04 23:01 [GSoC proposal] Secure Image Loader Marvin Häuser
2021-04-06 9:41 ` [edk2-devel] " Nate DeSimone
2021-04-06 10:06 ` Marvin Häuser
2021-04-06 16:16 ` [EXTERNAL] " Bret Barkelew
2021-04-08 11:16 ` Laszlo Ersek
2021-04-08 14:13 ` Andrew Fish
2021-04-08 16:06 ` Marvin Häuser
2021-04-08 16:44 ` Andrew Fish
2021-04-08 17:02 ` Marvin Häuser
2021-04-08 17:39 ` Andrew Fish
2021-04-08 21:07 ` Marvin Häuser
2021-04-08 21:48 ` Andrew Fish
2021-04-08 22:42 ` Michael Brown [this message]
2021-04-12 17:22 ` Marvin Häuser
2021-04-12 18:30 ` [EXTERNAL] " Bret Barkelew
2021-04-13 0:19 ` Michael D Kinney
2021-04-13 0:56 ` Nate DeSimone
2021-04-13 7:31 ` Marvin Häuser
2021-04-13 15:05 ` Andrew Fish
2021-04-13 18:04 ` Nate DeSimone
2021-04-13 18:08 ` Michael D Kinney
2021-04-13 18:14 ` Andrew Fish
2021-04-16 7:36 ` Marvin Häuser
2021-04-07 21:05 ` Michael Brown
2021-04-07 21:31 ` Marvin Häuser
2021-04-07 21:50 ` Michael Brown
2021-04-07 22:02 ` Andrew Fish
[not found] ` <1673B28429E5B4FE.4742@groups.io>
2021-04-07 22:10 ` Andrew Fish
2021-04-08 9:04 ` Marvin Häuser
2021-04-08 9:40 ` Michael Brown
2021-04-08 8:53 ` Marvin Häuser
2021-04-08 9:26 ` Michael Brown
2021-04-08 9:41 ` Marvin Häuser
2021-04-08 9:50 ` Marvin Häuser
2021-04-08 9:55 ` Michael Brown
2021-04-08 10:13 ` Marvin Häuser
2021-04-08 10:31 ` Michael Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c481baea-bf50-ca71-e386-4ebd8134fa4f@ipxe.org \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox