[edk2-devel] [edk2-staging/OpenSSL11_EOL 0/7] Openssl 3.0 POC update Mar 17
Li, Yi
yi1.li at intel.com
Fri Mar 17 10:21:32 UTC 2023
The current purpose of this POC is to find all ways to reduce the size increase as much as possible to meet our goal of +10% size increase.
I understand that the current code changes seem unacceptable, and the next step of the POC is to find a suitable way to apply these changes (some breaking changes may be discarded): such as upstream to openssl or integrate into the configure script.
If all goes well, the next step will start at the end of March.
Regards,
Yi
-----Original Message-----
From: Gerd Hoffmann <kraxel at redhat.com>
Sent: Friday, March 17, 2023 6:03 PM
To: Li, Yi1 <yi1.li at intel.com>
Cc: devel at edk2.groups.io; Yao, Jiewen <jiewen.yao at intel.com>; Hou, Wenxing <wenxing.hou at intel.com>
Subject: Re: [edk2-staging/OpenSSL11_EOL 0/7] Openssl 3.0 POC update Mar 17
On Fri, Mar 17, 2023 at 12:28:12PM +0800, Yi Li wrote:
> Please check the patch series if interested.
> PR: https://github.com/tianocore/edk2-staging/pull/359
So it seems you are doing a number of larger changes to the openssl code base. What is the plan for those?
I'd prefer to not be in a situation where every openssl update needs alot of work in our edk2-specific adaptions, especially as openssl updates can be timing-sensitive when it comes to fixing security issues.
For changes where we only need dummy stub functions which don't do anything is isn't a big problem. But when changing the provider logic to suit our needs it is probably much better to work with upstream openssl to get the changes we need merged.
I did that in the past, worked fine. See for example openssl commit a28dbfe7c84b6a43746d0e2ef4153e2a13067c4a (change printf to not support floating point for --target=UEFI).
take care,
Gerd
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101328): https://edk2.groups.io/g/devel/message/101328
Mute This Topic: https://groups.io/mt/97666986/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list