[edk2-devel] [PATCH 00/24] CryptoPkg/openssl: update openssl submodule to v3.0
Michael D Kinney
michael.d.kinney at intel.com
Fri Jan 21 16:38:30 UTC 2022
Comments below.
Mike
> -----Original Message-----
> From: kraxel at redhat.com <kraxel at redhat.com>
> Sent: Friday, January 21, 2022 12:31 AM
> To: Yao, Jiewen <jiewen.yao at intel.com>
> Cc: devel at edk2.groups.io; Kinney, Michael D <michael.d.kinney at intel.com>; Wang, Jian J <jian.j.wang at intel.com>; Jiang, Guomin
> <guomin.jiang at intel.com>; Pawel Polawski <ppolawsk at redhat.com>; Lu, XiaoyuX <xiaoyux.lu at intel.com>
> Subject: Re: [edk2-devel] [PATCH 00/24] CryptoPkg/openssl: update openssl submodule to v3.0
>
> > > No changes in SEC and PEI.
> > [Jiewen] Do you mean the Crypto consumer in PEI has no size difference? Such as
> > https://github.com/tianocore/edk2/tree/master/SecurityPkg/Tcg/Tcg2Pei ,
> > https://github.com/tianocore/edk2/tree/master/SecurityPkg/FvReportPei ,
> > https://github.com/tianocore/edk2/tree/master/SignedCapsulePkg/Universal/RecoveryModuleLoadPei linking
> https://github.com/tianocore/edk2/tree/master/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256.
>
> PEI has this (OvmfIa32X64Pkg build):
>
> 7062 TpmMmioSevDecryptPei
> 7830 StatusCodeHandlerPei
> 7902 ReportStatusCodeRouterPei
> 8470 FaultTolerantWritePei
> 9734 SmmAccessPei
> 11206 Tcg2ConfigPei
> 11842 PeiVariable
> 14730 Tcg2PlatformPei
> 17274 TcgPei
> 18438 S3Resume2Pei
> 18682 DxeIpl
> 18938 PcdPeim
> 38014 CpuMpPei
> 39554 PlatformPei
> 45050 PeiCore
> 49274 Tcg2Pei
>
> No size change for Tcg2Pei.
>
> The other modules are not there. Seems they are related to firmware
> updates. We don't have that on ovmf as we can simply update the
> firmware image files on the host machine ...
>
> Is there some target I could use to test-build those modules?
>
> > > INFO - OpensslLibCrypto.lib(rsa_lib.obj) : error LNK2001: unresolved external
> > > symbol __allmul
> > > INFO - OpensslLibCrypto.lib(rsa_lib.obj) : error LNK2001: unresolved external
> > > symbol __aulldiv
> > > INFO - OpensslLibCrypto.lib(bio_print.obj) : error LNK2001: unresolved external
> > > symbol __aulldvrm
> > > INFO - OpensslLibCrypto.lib(bio_print.obj) : error LNK2001: unresolved external
> > > symbol __ftol2_sse
> > >
> > > Those symbols look like they reference helper functions to do 64bit math
> > > on 32bit architecture. Any hints how to fix that?
> > [Jiewen] Please add them to https://github.com/tianocore/edk2/tree/master/CryptoPkg/Library/IntrinsicLib
>
> Any hints where I could get them? Given this happens on windows builds
> it's probably somewhere in the microsoft standard C library? Is that
> available as open source somewhere?
Sean and Bret may be able to help with these.
There is also a BZ on this topic.
https://bugzilla.tianocore.org/show_bug.cgi?id=1516
>
> > > (3) Some NOOPT builds are failing due to the size growing ...
> > [Jiewen] Size becomes big challenge...
> > Have you tried to use https://github.com/tianocore/edk2/tree/master/CryptoPkg/Driver solution?
>
> Seems the idea is to have only one openssl copy in the dxe image by
> calling a protocol instead of linking a lib. Makes sense.
>
> Is this documented somewhere? Is there some easy way to use that as
> drop-in replacement? Or do we have to change all crypto users to call
> the driver instead of linking the lib?
>
> take care,
> Gerd
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#85930): https://edk2.groups.io/g/devel/message/85930
Mute This Topic: https://groups.io/mt/87479913/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list