Hi David,
> -----Original Message----- > From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of David > Woodhouse > Sent: Friday, June 21, 2019 6:34 AM > To: devel@edk2.groups.io; ler...@redhat.com; Lu, XiaoyuX > <xiaoyux...@intel.com> > Cc: Wang, Jian J <jian.j.w...@intel.com>; Ye, Ting <ting...@intel.com>; > Richard Levitte <levi...@openssl.org> > Subject: Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg/OpensslLib: Exclude > err_all.c in process_files.py > > On Thu, 2019-06-20 at 16:46 +0200, Laszlo Ersek wrote: > > > Please submit a PR to OpenSSL to add 'no-store' if you really don't > > > want it. > > > > I actually agree about "no-store"; please see point (1) in my earlier > > review here: > > > > http://mid.mail-archive.com/0c5b5e95-cb2c-75af-a30b- > 015dac14b...@redhat.com > > Hm, you told them to use no-store, and I think you were right. They > seem to have refused purely because of the piffling detail that it > didn't actually exist. I find this suboptimal. Here: > > https://github.com/openssl/openssl/pull/9206 > Thanks for the PR. And I agree adding the 'no-store' is the right way to fix this issue. But the problem here is that we fixated the openssl to one release tag. We don't change it until we upgrade it to a newer release. That means any fixes in openssl trunk cannot be used by edk2 immediately, not to mention there's possibility that the PR will be rejected. So there's always a lag (maybe a quarter or half year, at least) here. We have also product release pressure which cannot afford quarters of waiting for such kind fixes in upstream. My personal opinion is that, we fix any issue, if we can, in edk2 immediately for current version of openssl (as workaround), and try to fix it in upstream for future release at the same time. Once upstream has fixed the issue and edk2 has decided to upgrade to it, we drop the workaround in edk2. We can file BZ to track such kind of works. For this patch, I suggest we still push it. We can drop it and use real fix once we decide to upgrade openssl future release including your PR. Thanks, Jian > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#42689): https://edk2.groups.io/g/devel/message/42689 Mute This Topic: https://groups.io/mt/32120631/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
