From nobody Sat Nov  2 16:19:10 2024
Delivered-To: importer@patchew.org
Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by
 domain of lists.01.org) client-ip=198.145.21.10;
 envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org;
Authentication-Results: mx.zoho.com;
	spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain
 of lists.01.org)  smtp.mailfrom=edk2-devel-bounces@lists.01.org;
Return-Path: <edk2-devel-bounces@lists.01.org>
Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com
	with SMTPS id 1487887081275855.8243302770906;
 Thu, 23 Feb 2017 13:58:01 -0800 (PST)
Received: from [127.0.0.1] (localhost [IPv6:::1])
	by ml01.01.org (Postfix) with ESMTP id 1CEF682187;
	Thu, 23 Feb 2017 13:57:58 -0800 (PST)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 8CD1A82187
 for <edk2-devel@ml01.01.org>; Thu, 23 Feb 2017 13:57:56 -0800 (PST)
Received: from int-mx14.intmail.prod.int.phx2.redhat.com
 (int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.redhat.com (Postfix) with ESMTPS id 18C0DC002421;
 Thu, 23 Feb 2017 21:57:57 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-58.phx2.redhat.com
 [10.3.116.58])
 by int-mx14.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id
 v1NLvmtC018936; Thu, 23 Feb 2017 16:57:54 -0500
X-Original-To: edk2-devel@ml01.01.org
From: Laszlo Ersek <lersek@redhat.com>
To: edk2-devel-01 <edk2-devel@ml01.01.org>
Date: Thu, 23 Feb 2017 22:57:41 +0100
Message-Id: <20170223215744.7293-3-lersek@redhat.com>
In-Reply-To: <20170223215744.7293-1-lersek@redhat.com>
References: <20170223215744.7293-1-lersek@redhat.com>
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.27
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
 (mx1.redhat.com [10.5.110.31]); Thu, 23 Feb 2017 21:57:57 +0000 (UTC)
Subject: [edk2] [PATCH 2/5] CryptoPkg/OpensslLib: introduce OpensslLibNoSsl
 instance
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>, Ard Biesheuvel <ard.biesheuvel@linaro.org>,
 Ting Ye <ting.ye@intel.com>, Jordan Justen <jordan.l.justen@intel.com>,
 Jiaxin Wu <jiaxin.wu@intel.com>, Gary Lin <glin@suse.com>,
 Qin Long <qin.long@intel.com>, Tomas Hoger <thoger@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Errors-To: edk2-devel-bounces@lists.01.org
Sender: "edk2-devel" <edk2-devel-bounces@lists.01.org>
X-ZohoMail: RSF_4  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Commit 32387e0081db ("CryptoPkg: Enable ssl build in OpensslLib directly",
2016-12-14) pulls OpenSSL's libssl files into the "OpensslLib.inf" library
instance unconditionally.

If a platform doesn't include the TLS modules, such as

- CryptoPkg/Library/TlsLib/TlsLib.inf
- NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
- NetworkPkg/TlsDxe/TlsDxe.inf

then the platform never actually uses the libssl functionality that gets
built into "OpensslLib.inf".

Tomas Hoger from Red Hat Product Security tells me that security
evaluation is less demanding if we can actually *exclude* the libssl files
from such OVMF builds that don't specify -D TLS_ENABLE (rather than just
trust modules not to call libssl functions if we don't specify -D
TLS_ENABLE).

This patch introduces a parallel OpensslLib instance called
"OpensslLibNoSsl" that is appropriate for platform builds without TLS
enablement. It does not build C source files in vain, and it eases
security review -- all libssl vulnerabilities can be excluded at once.

"OpensslLibNoSsl.inf" is created as a copy of "OpensslLib.inf", modifying
the BASE_NAME, MODULE_UNI_FILE and FILE_GUID defines.

"process_files.sh" is extended to auto-generate the list of OpenSSL files
for both library instances accordingly. This list is updated in
"OpensslLibNoSsl.inf" at once.

"OpensslLibNoSsl.uni" is introduced as a copy of "OpensslLib.uni",
highlighting the difference.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Gary Lin <glin@suse.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Qin Long <qin.long@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Ting Ye <ting.ye@intel.com>
Cc: Tomas Hoger <thoger@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
---
 CryptoPkg/Library/OpensslLib/{OpensslLib.inf =3D> OpensslLibNoSsl.inf} | 5=
6 ++------------------
 CryptoPkg/Library/OpensslLib/{OpensslLib.uni =3D> OpensslLibNoSsl.uni} |  =
8 +--
 CryptoPkg/Library/OpensslLib/process_files.sh                        | 27 =
+++++++---
 3 files changed, 28 insertions(+), 63 deletions(-)

diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Librar=
y/OpensslLib/OpensslLibNoSsl.inf
similarity index 90%
copy from CryptoPkg/Library/OpensslLib/OpensslLib.inf
copy to CryptoPkg/Library/OpensslLib/OpensslLibNoSsl.inf
index 42f523a611e5..d106989b9521 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibNoSsl.inf
@@ -14,9 +14,9 @@
=20
 [Defines]
   INF_VERSION                    =3D 0x00010005
-  BASE_NAME                      =3D OpensslLib
-  MODULE_UNI_FILE                =3D OpensslLib.uni
-  FILE_GUID                      =3D C873A7D0-9824-409f-9B42-2C158B992E69
+  BASE_NAME                      =3D OpensslLibNoSsl
+  MODULE_UNI_FILE                =3D OpensslLibNoSsl.uni
+  FILE_GUID                      =3D E29FC209-8B64-4500-BD20-AF4EAE47EA0E
   MODULE_TYPE                    =3D BASE
   VERSION_STRING                 =3D 1.0
   LIBRARY_CLASS                  =3D OpensslLib
@@ -474,56 +474,6 @@ [Sources]
   $(OPENSSL_PATH)/crypto/cmac/cmac.c
   $(OPENSSL_PATH)/crypto/cmac/cm_ameth.c
   $(OPENSSL_PATH)/crypto/cmac/cm_pmeth.c
-  $(OPENSSL_PATH)/ssl/s2_meth.c
-  $(OPENSSL_PATH)/ssl/s2_srvr.c
-  $(OPENSSL_PATH)/ssl/s2_clnt.c
-  $(OPENSSL_PATH)/ssl/s2_lib.c
-  $(OPENSSL_PATH)/ssl/s2_enc.c
-  $(OPENSSL_PATH)/ssl/s2_pkt.c
-  $(OPENSSL_PATH)/ssl/s3_meth.c
-  $(OPENSSL_PATH)/ssl/s3_srvr.c
-  $(OPENSSL_PATH)/ssl/s3_clnt.c
-  $(OPENSSL_PATH)/ssl/s3_lib.c
-  $(OPENSSL_PATH)/ssl/s3_enc.c
-  $(OPENSSL_PATH)/ssl/s3_pkt.c
-  $(OPENSSL_PATH)/ssl/s3_both.c
-  $(OPENSSL_PATH)/ssl/s3_cbc.c
-  $(OPENSSL_PATH)/ssl/s23_meth.c
-  $(OPENSSL_PATH)/ssl/s23_srvr.c
-  $(OPENSSL_PATH)/ssl/s23_clnt.c
-  $(OPENSSL_PATH)/ssl/s23_lib.c
-  $(OPENSSL_PATH)/ssl/s23_pkt.c
-  $(OPENSSL_PATH)/ssl/t1_meth.c
-  $(OPENSSL_PATH)/ssl/t1_srvr.c
-  $(OPENSSL_PATH)/ssl/t1_clnt.c
-  $(OPENSSL_PATH)/ssl/t1_lib.c
-  $(OPENSSL_PATH)/ssl/t1_enc.c
-  $(OPENSSL_PATH)/ssl/t1_ext.c
-  $(OPENSSL_PATH)/ssl/d1_meth.c
-  $(OPENSSL_PATH)/ssl/d1_srvr.c
-  $(OPENSSL_PATH)/ssl/d1_clnt.c
-  $(OPENSSL_PATH)/ssl/d1_lib.c
-  $(OPENSSL_PATH)/ssl/d1_pkt.c
-  $(OPENSSL_PATH)/ssl/d1_both.c
-  $(OPENSSL_PATH)/ssl/d1_srtp.c
-  $(OPENSSL_PATH)/ssl/ssl_lib.c
-  $(OPENSSL_PATH)/ssl/ssl_err2.c
-  $(OPENSSL_PATH)/ssl/ssl_cert.c
-  $(OPENSSL_PATH)/ssl/ssl_sess.c
-  $(OPENSSL_PATH)/ssl/ssl_ciph.c
-  $(OPENSSL_PATH)/ssl/ssl_stat.c
-  $(OPENSSL_PATH)/ssl/ssl_rsa.c
-  $(OPENSSL_PATH)/ssl/ssl_asn1.c
-  $(OPENSSL_PATH)/ssl/ssl_txt.c
-  $(OPENSSL_PATH)/ssl/ssl_algs.c
-  $(OPENSSL_PATH)/ssl/ssl_conf.c
-  $(OPENSSL_PATH)/ssl/bio_ssl.c
-  $(OPENSSL_PATH)/ssl/ssl_err.c
-  $(OPENSSL_PATH)/ssl/kssl.c
-  $(OPENSSL_PATH)/ssl/t1_reneg.c
-  $(OPENSSL_PATH)/ssl/tls_srp.c
-  $(OPENSSL_PATH)/ssl/t1_trce.c
-  $(OPENSSL_PATH)/ssl/ssl_utst.c
=20
 # Autogenerated files list ends here
=20
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.uni b/CryptoPkg/Librar=
y/OpensslLib/OpensslLibNoSsl.uni
similarity index 71%
copy from CryptoPkg/Library/OpensslLib/OpensslLib.uni
copy to CryptoPkg/Library/OpensslLib/OpensslLibNoSsl.uni
index 0dffec1c98a3..52dfb70ab61c 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.uni
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibNoSsl.uni
@@ -1,7 +1,7 @@
 // /** @file
-// This module provides openSSL Library implementation.
+// This module provides openSSL Library implementation without libssl.
 //
-// This module provides OpenSSL Library implementation.
+// This module provides OpenSSL Library implementation without libssl.
 //
 // Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
 //
@@ -16,7 +16,7 @@
 // **/
=20
=20
-#string STR_MODULE_ABSTRACT             #language en-US "OpenSSL Library i=
mplementation"
+#string STR_MODULE_ABSTRACT             #language en-US "OpenSSL Library i=
mplementation without libssl"
=20
-#string STR_MODULE_DESCRIPTION          #language en-US "This module provi=
des OpenSSL Library implementation."
+#string STR_MODULE_DESCRIPTION          #language en-US "This module provi=
des OpenSSL Library implementation without libssl."
=20
diff --git a/CryptoPkg/Library/OpensslLib/process_files.sh b/CryptoPkg/Libr=
ary/OpensslLib/process_files.sh
index 6f069ce264ac..fe1b8a01776b 100755
--- a/CryptoPkg/Library/OpensslLib/process_files.sh
+++ b/CryptoPkg/Library/OpensslLib/process_files.sh
@@ -1,8 +1,8 @@
 #!/bin/sh
 #
-# This script runs the OpenSSL Configure script, then processes the
-# resulting file list into our local OpensslLib.inf and also takes
-# a copy of opensslconf.h.
+# This script runs the OpenSSL Configure script, then processes the result=
ing
+# file list into our local OpensslLib.inf and OpensslLibNoSsl.inf, and also
+# takes a copy of opensslconf.h.
 #
 # This only needs to be done once by a developer when updating to a
 # new version of OpenSSL (or changing options, etc.). Normal users
@@ -10,6 +10,12 @@
 # git repository for them.
=20
 OPENSSL_PATH=3D$(sed -n '/DEFINE OPENSSL_PATH/{s/.* \(openssl-[0-9.]*[a-z]=
*\)[[:space:]]*/\1/ p}' OpensslLib.inf)
+OPENSSL_NOSSL_PATH=3D$(sed -n '/DEFINE OPENSSL_PATH/{s/.* \(openssl-[0-9.]=
*[a-z]*\)[[:space:]]*/\1/ p}' OpensslLibNoSsl.inf)
+
+if [ "$OPENSSL_PATH" !=3D "$OPENSSL_NOSSL_PATH" ]; then
+    echo "OPENSSL_PATH diverges between OpensslLib.inf and OpensslLibNoSsl=
.inf"
+    exit 1
+fi
=20
 if ! cd "${OPENSSL_PATH}" ; then
     echo "Cannot change to OpenSSL directory \"${OPENSSL_PATH}\""
@@ -65,6 +71,8 @@ cd -
=20
 function filelist ()
 {
+    SSL_SELECT=3D"$1"
+
     echo '1,/# Autogenerated files list starts here/p'
     echo '/# Autogenerated files list ends here/,$p'
     echo '/# Autogenerated files list starts here/a\'
@@ -76,18 +84,25 @@ function filelist ()
 		;;
 	    LIBSRC=3D*)
 		LIBSRC=3D$(echo "$LINE" | sed s/^LIBSRC=3D//)
-		for FILE in $LIBSRC; do
+		if [ "$RELATIVE_DIRECTORY" !=3D "ssl" ] ||
+		   [ "$SSL_SELECT" =3D "with-ssl" ]; then
+		    for FILE in $LIBSRC; do
 			if [ "$FILE" !=3D "b_print.c" ]; then
 			    echo -e '  $(OPENSSL_PATH)/'$RELATIVE_DIRECTORY/$FILE\\r\\
 			fi
-		done
+		    done
+		fi
 		;;
 	esac
     done
     echo -e \\r
 }
=20
-filelist < "${OPENSSL_PATH}/MINFO" |  sed -n -f - -i OpensslLib.inf
+filelist with-ssl < "${OPENSSL_PATH}/MINFO" \
+| sed -n -f - -i OpensslLib.inf
+
+filelist without-ssl < "${OPENSSL_PATH}/MINFO" \
+| sed -n -f - -i OpensslLibNoSsl.inf
=20
 # We can tell Windows users to put this back manually if they can't run
 # Configure. For now, until the git repository is fixed to store things
--=20
2.9.3


_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel