Hi Ard
Would you please take a look at 
https://github.com/tianocore/edk2-staging/tree/OpenSSL30, which is our current 
working version? If you have any idea, please propose patch.

Also, could you please try that on ARM/AARCH64 platform to see if there is 
anything broken?

I think those are important to make sure we have a working version for next 
stable tag.

Thank you
Yao, Jiewen

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Ard
> Biesheuvel
> Sent: Tuesday, March 14, 2023 4:45 PM
> To: kra...@redhat.com
> Cc: devel@edk2.groups.io; Li, Yi1 <yi1...@intel.com>; Wang, Jian J
> <jian.j.w...@intel.com>; Pawel Polawski <ppola...@redhat.com>; Lu,
> Xiaoyu1 <xiaoyu1...@intel.com>; Ard Biesheuvel <ardb+tianoc...@kernel.org>;
> Jiang, Guomin <guomin.ji...@intel.com>; Yao, Jiewen <jiewen....@intel.com>;
> Oliver Steffen <ostef...@redhat.com>; Justen, Jordan L
> <jordan.l.jus...@intel.com>
> Subject: Re: [edk2-devel] [PATCH 01/22] CryptoPkg/openssl: update submodule
> to openssl-3.0.8
> 
> On Tue, 14 Mar 2023 at 09:16, kra...@redhat.com <kra...@redhat.com> wrote:
> >
> > On Mon, Mar 13, 2023 at 03:13:28PM +0000, Li, Yi wrote:
> > > Hi Gerd,
> > >
> > > I also have some work on Openssl3, mainly to research how to reduce the
> binary size increase after the upgrade:
> > >
> > > https://github.com/tianocore/edk2-
> staging/blob/OpenSSL11_EOL/CryptoPkg/Readme-OpenSSL3.0.md
> > >
> > >
> > >
> > > I really appreciate your work in this patch series, especially the clear 
> > > py script.
> > >
> > > But it seems that part of our work is repeated, if you don't mind, can
> > > I merge your work into openssl3.0 Edk2Staging branch? You can find it
> > > here if you're interested:
> >
> > Sure, that is the point of sharing it ;)
> >
> > github branch (which hot some updates for aarch64 meanwhile) is at
> > https://github.com/kraxel/edk2/commits/openssl3
> >
> > aarch64 is not working, the cpu capability probing needs some work.
> > openssl seems to just try instructions and catch SIGILL.  edk2 needs
> > something else of course.  Easiest way out would be to just provide
> > dummy functions, but that would also mean we wouldn't use aes
> > instructions if available ...
> >
> > Any hints on that from the arm camp are welcome.
> >
> 
> Yeah the SIGILL trapping is a bit nasty, but that is only used if no
> implementation of getauxval() exists.
> 
> So perhaps the cleanest way to approach this is to provide a dummy
> implementation of getauxval() which only supports AT_HWCAP, and
> returns the correct hwcap mask for what the CPU id registers report in
> terms for ISA support for crypto extensions.
> 
> I can code that up if you want.
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#105616): https://edk2.groups.io/g/devel/message/105616
Mute This Topic: https://groups.io/mt/97576405/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-


Reply via email to