The POC is to explore mbedtls as a smaller alternative to OpenSSL.
The Patch enable EC/X509/Pkcs7 base on Mbedtls for CryptoPkg.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Wenxing Hou (7):
Update ReadmeMbedtls
Clear unnecessary API in DH
Make all BaseCryptLibMbedTls inf files
Signed-off-by: Wenxing Hou
---
CryptoPkg/ReadmeMbedtls.md | 55 +-
1 file changed, 36 insertions(+), 19 deletions(-)
diff --git a/CryptoPkg/ReadmeMbedtls.md b/CryptoPkg/ReadmeMbedtls.md
index 4b5a132fd0..39fc93028c 100644
--- a/CryptoPkg/ReadmeMbedtls.md
+++ b
Signed-off-by: Wenxing Hou
---
.../Library/BaseCryptLibMbedTls/Pk/CryptDh.c | 73 ---
1 file changed, 73 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptDh.c
b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptDh.c
index cd0f3bd023..a2683721c3 100644
--- a/C
Signed-off-by: Wenxing Hou
---
CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf| 8
CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf | 2 +-
CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf | 4 ++--
.../Library/BaseCryptLibMbedTls/TestBaseCryptLib.inf |
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/InternalCryptLib.h| 32 ++
.../BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c | 5 +-
.../Pk/CryptPkcs7VerifyBase.c | 40 +-
.../Pk/CryptPkcs7VerifyCommon.c | 338 -
.../Pk/CryptPkcs7VerifyEku.c
Signed-off-by: Wenxing Hou
---
.../Library/BaseCryptLibMbedTls/Pk/CryptEc.c | 634 +-
1 file changed, 621 insertions(+), 13 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptEc.c
b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptEc.c
index 88684c9fa2..36bc29
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Pk/CryptX509.c| 163 +-
1 file changed, 161 insertions(+), 2 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509.c
b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509.c
index 6e4a898572..957
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Rand/CryptRandTsc.c| 7 +++
.../SysCall/ConstantTimeClock.c| 14 --
.../BaseCryptLibMbedTls/SysCall/CrtWrapper.c | 5 -
.../BaseCryptLibMbedTls/SysCall/TimerWrapper.c | 14 --
On Thu, Mar 16, 2023 at 01:59:49PM -0600, Rebecca Cran wrote:
> Is this still a requirement since Laszlo's departure from the project?
>
> I seem to recall it was him who made it a sticking point of moving to a
> GitHub PR workflow originally with the requirement to have emails of
> everything.
I
On Fri, Mar 17, 2023 at 12:28:12PM +0800, Yi Li wrote:
> Please check the patch series if interested.
> PR: https://github.com/tianocore/edk2-staging/pull/359
So it seems you are doing a number of larger changes to the openssl
code base. What is the plan for those?
I'd prefer to not be in a situ
Hi Gerd
Currently, the *blocking issue* for openssl 3.0 adoption in EDKII is *size*.
The big size increase will break exist platforms easily. As such, we are not
able to switch to openssl 3.0 directly.
I have written the proposal at
https://github.com/tianocore/edk2-staging/blob/OpenSSL11_EOL/R
The current purpose of this POC is to find all ways to reduce the size increase
as much as possible to meet our goal of +10% size increase.
I understand that the current code changes seem unacceptable, and the next step
of the POC is to find a suitable way to apply these changes (some breaking
I like that proposed workflow.
I've also been wondering if we could consider choosing a different
product for patch reviews that supports our desired workflow better,
such as Gitlab or Phorge (the new Phabricator project).
If anyone would be willing to donate money for colocation, I'd be happ
On 3/15/23 4:07 AM, Gerd Hoffmann wrote:
Rework the BaseTools Makefiles removing the 'BUILD_' prefix (BUILD_CC
and BUILD_CXX) and using the standard name 'LDFLAGS' instead of
'LFLAGS'. This allows clang to be used by running
'make -C BaseTools CC=clang CXX=clang++'.
Hmm, not sure this is a good
Talking about mailing lists, I'm still disappointed that we lost so much
history of discussion and reviews around the project when the edk2-devel
archive at lists.01.org was deleted.
I've sometimes wanted to go back and take a look at the review history
of a certain commit only to find it's be
Sorry, it might be the sourceforge mailing list that got lost, not
lists.01.org. I was wanting to see the review of the following commit,
but Google isn't finding anything:
commit a61331e8b78ba264f0ccd011b6dc5b9e809730a5
Author: Liming Gao
Date: Mon Aug 22 14:32:23 2016 +0800
BaseTools
Am 16.03.23 um 15:37 schrieb Gerd Hoffmann:
> On Thu, Mar 16, 2023 at 02:58:07PM +0100, Fiona Ebner wrote:
>> Hi,
>> after upgrading to edk2-stable202211 recently, we got user reports[0]
>> about QEMU virtual machines with '-cpu host' on AMD Ryzen hosts not
>> booting correctly anymore. A workaroun
Time to leave behind relics from the last century and arrive in the
modern world. Drop PC-ANSI Terminal Type for the serial console, use
UTF-8 instead.
Signed-off-by: Gerd Hoffmann
---
OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.h | 4 ++--
OvmfPkg/Library/PlatformBootManagerLib/Platfor
Hi Rebecca and Gerd,
Replying to 2 mails at once...
> On 17. Mar 2023, at 11:36, Rebecca Cran wrote:
>
> I like that proposed workflow.
>
> I've also been wondering if we could consider choosing a different product
> for patch reviews that supports our desired workflow better, such as Gitlab
On 3/17/23 6:32 AM, Marvin Häuser wrote:
On 17. Mar 2023, at 11:36, Rebecca Cran wrote:
I like that proposed workflow.
I've also been wondering if we could consider choosing a different
product for patch reviews that supports our desired workflow better,
such as Gitlab or Phorge (the new P
(+Michael Kubacki, Sean Brogan)
Mike, Michael, Sean:
This change is going to break building edk2 with anything older than
Visual Studio 2015, which is where support for __func__ was added.
I checked and currently it appears that VS2013 builds edk2 but VS2012
has errors. Given that the stuar
On Fri, Mar 17, 2023 at 12:32:15PM +, Marvin Häuser wrote:
> Hi Rebecca and Gerd,
>
> Replying to 2 mails at once...
>
> > On 17. Mar 2023, at 11:36, Rebecca Cran wrote:
> >
> > I like that proposed workflow.
> >
> > I've also been wondering if we could consider choosing a different
> > p
Hi,
> With edk2-stable202205 or when reverting the commit, my VM boots with
> only 512 MiB of assigned memory. With the commit, with 512 MiB it cannot
> even initialize the display, with 750 MiB it runs into a different error
> during Linux boot, and with 900 MiB it boots fine again.
>
> So it
The clang toolchain might default to fPIE/fPIC, which prevents
lld from linking the objects into a binary.
Specify -fno-pie -fno-pic as done on GCC to fix linking.
Test:
Building the Universal Payload using the command
'python UefiPayloadPkg/UniversalPayloadBuild.py -a IA32' actually
works.
Sign
Drop the "-z max-page-size=0x40" option as it causes the ELF
header to overflow into the .text section, causing undefined
behaviour.
With high optimization level it corrupts essential code and
the binary would crash. It might work with low optimization
level though. As the default is to use Oz and
Fixed the title.
Sorry for the confusion.
On Thu, Mar 16, 2023 at 1:05 AM Ard Biesheuvel wrote:
>
> On Wed, 15 Mar 2023 at 23:57, Marvin Häuser wrote:
> >
> >
> > > On 15. Mar 2023, at 23:51, Ard Biesheuvel wrote:
> > >
> > > On Wed, 15 Mar 2023 at 23:16, Marvin Häuser wrote:
> > >>
> > >> Hi
> On 17. Mar 2023, at 14:44, Gerd Hoffmann wrote:
>
> On Fri, Mar 17, 2023 at 12:32:15PM +, Marvin Häuser wrote:
>> Hi Rebecca and Gerd,
>>
>> Replying to 2 mails at once...
>>
On 17. Mar 2023, at 11:36, Rebecca Cran wrote:
>>>
>>> I like that proposed workflow.
>>>
>>> I've als
On 3/17/23 8:08 AM, Marvin Häuser wrote:
On 17. Mar 2023, at 14:44, Gerd Hoffmann wrote:
Yes, this. For active PRs this usually isn't much of a problem. But
try come back after a few months, or even a few years (see Rebecca
trying to lookup context for a 2016 commit in the archives).
I also
On 3/17/23 7:44 AM, Gerd Hoffmann wrote:
Agree. Also from the web-based review tools I've worked with so far
(not much, only github and gitlab) github is the better one.
Having used Review Board, Gitlab, Github, Phabricator, Gerrit and
probably others, Gerrit is by far my least favorite.
I
I sorry for not seeing your and Leif's emails, so I added you again.
- Tinh
On 3/16/2023 8:00 PM, Rebecca Cran wrote:
Given Leif's comments, I was expecting a new version with some changes.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Onl
I sorry for not seeing your and Leif's emails, so I added you again.
- Tinh
On 3/16/2023 8:00 PM, Rebecca Cran wrote:
Given Leif's comments, I was expecting a new version with some changes.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Onl
Thank you for your feedback; I will submit v2 as soon as possible.
Regards,
Tinh
On 3/15/2023 12:59 AM, Rebecca Cran wrote:
On 3/14/23 6:48 AM, Leif Lindholm wrote:
No objection to that.
But can we do it like this?:
Change GetBiosVersion to SetBiosVersion and in MiscBiosVendor, only call
Hi Rebecca,
For older compilers that do not support __func__, I believe a workaround
could be added to define __func__ to __FUNCTION__. We do not need to do
this for any of these patches. It can be something consumers can do if
they really want to use an older compiler.
You can try it out on VS
The full lists.01.org history was imported into groups.io.
Stephano did a great job working with groups.io to make that happen.
Mike
> -Original Message-
> From: Rebecca Cran
> Sent: Friday, March 17, 2023 3:58 AM
> To: Gerd Hoffmann ; devel@edk2.groups.io
> Cc: Kinney, Michael D ; Marv
I believe the policies for GitHub Actions artifacts and GitHub PR data retention
are different. Max 90 days for GitHub Actions for public repos:
https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration#artifact-and-log-retention-policy
Mike
> -Origina
On Fri, Mar 17, 2023 at 12:20:04 +0530, Abdul Lateef Attar wrote:
> Adds initial DEC and DSC file for BoardPkg and PlatformPkg packages,
> which supports AMD processor family based boards and platforms.
>
> Signed-off-by: Abdul Lateef Attar
> Cc: Ard Biesheuvel
> Cc: Leif Lindholm
> Cc: Abner C
On Fri, Mar 17, 2023 at 12:20:05 +0530, Abdul Lateef Attar via groups.io wrote:
> Adds PCI hotplug init protocol implementation.
What are some notable aspects of this initial implementation?
What groups of platforms is it intended to cover?
> Signed-off-by: Abdul Lateef Attar
> Cc: Ard Biesheuve
Typo in subject: BoarkPkg
On Fri, Mar 17, 2023 at 12:20:06 +0530, Abdul Lateef Attar wrote:
> Adds SetCacheMtrrLib library for AMD processor based boards.
> This library sets MTRR value or various memory ranges.
>
> Signed-off-by: Abdul Lateef Attar
> Cc: Ard Biesheuvel
> Cc: Leif Lindholm
> C
On Fri, Mar 17, 2023 at 12:20:07 +0530, Abdul Lateef Attar wrote:
> From: Abdul Lateef Attar
>
> Adds maintainers for AMD/BoardPkg and AMD/PlatformPkg.
>
> Signed-off-by: Abdul Lateef Attar
> Cc: Ard Biesheuvel
> Cc: Leif Lindholm
> Cc: Abner Chang
> Cc: Michael D Kinney
> ---
> Maintainer
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4377
Fix below warnings generated by NASM X64 build:
/X64/FspHelper.iii:26: warning: signed dword value exceeds bounds
/X64/FspHelper.iii:35: warning: signed dword value exceeds bounds
/X64/FspApiEntryT.iii:320: warning: dword data exceeds bounds
I've also seen that error building X64 firmware.
Could you update those flags too, please?
--
Rebecca Cran
On 3/17/23 8:06 AM, Patrick Rudolph wrote:
The clang toolchain might default to fPIE/fPIC, which prevents
lld from linking the objects into a binary.
Specify -fno-pie -fno-pic as done
Which error precisely?
X64 PIE *must not* be disabled, as it’s used to enforce RIP-relative addressing
where possible and has been for many years. Meanwhile the issues with IA32 is
PIE was disabled by default for most toolchains, but some enable it nowadays
(and thus it must be disabled explici
Building with "build -p OvmfPkg/OvmfPkgX64.dsc -a X64 -t CLANGDWARF -b
RELEASE" on FreeBSD causes the following errors:
ld.lld: error: relocation R_X86_64_64 cannot be used against local
symbol; recompile with -fPIC
>>> defined in
/home/bcran/src/uefi/edk2/Build/OvmfX64/RELEASE_CLANGDWARF/X64
43 matches
Mail list logo
