1. Patchew
  2. EDK2
  3. [edk2-devel] [PATCH 00/11] Use proper entropy sources
  4. View patch

[edk2-devel] [PATCH 09/11] ArmVirtPkg/ArmVirt.dsc.inc: specify RngLib instances in dsc files

Wang, Jian J posted 11 patches 5 years ago
[edk2-devel] [PATCH 09/11] ArmVirtPkg/ArmVirt.dsc.inc: specify RngLib instances in dsc files
Posted by Wang, Jian J 5 years ago 
Per BZ1871, OpensslLib will depend on RngLib instead of TimerLib. Update
ArmVirt.dsc.inc file to accommodate the coming changes. It's supposed
that only TlsDxe needs random number. The RngDxeLib is added for it. For
all other drivers, RngLibNull is used by default.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1871
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
 ArmVirtPkg/ArmVirt.dsc.inc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
index 10037c938e..10e0890699 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -156,8 +156,10 @@
   IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
 !if $(NETWORK_TLS_ENABLE) == TRUE
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+  RngLib|SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRngLibRngProtocol.inf
 !else
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+  RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
 !endif
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
 
-- 
2.17.1.windows.2


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#50615): https://edk2.groups.io/g/devel/message/50615
Mute This Topic: https://groups.io/mt/56714162/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 09/11] ArmVirtPkg/ArmVirt.dsc.inc: specify RngLib instances in dsc files
Posted by Ard Biesheuvel 5 years ago 
On Thu, 14 Nov 2019 at 02:18, Wang, Jian J <jian.j.wang@intel.com> wrote:
>
> Per BZ1871, OpensslLib will depend on RngLib instead of TimerLib. Update
> ArmVirt.dsc.inc file to accommodate the coming changes. It's supposed
> that only TlsDxe needs random number. The RngDxeLib is added for it. For
> all other drivers, RngLibNull is used by default.
>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1871
> Cc: Leif Lindholm <leif.lindholm@linaro.org>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Signed-off-by: Jian J Wang <jian.j.wang@intel.com>

Does this mean we lose the ability to do HTTPS boot if we lack an
implementation of EFI_RNG_PROTOCOL?

> ---
>  ArmVirtPkg/ArmVirt.dsc.inc | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
> index 10037c938e..10e0890699 100644
> --- a/ArmVirtPkg/ArmVirt.dsc.inc
> +++ b/ArmVirtPkg/ArmVirt.dsc.inc
> @@ -156,8 +156,10 @@
>    IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
>  !if $(NETWORK_TLS_ENABLE) == TRUE
>    OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> +  RngLib|SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRngLibRngProtocol.inf
>  !else
>    OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> +  RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
>  !endif
>    BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
>
> --
> 2.17.1.windows.2
>
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#50643): https://edk2.groups.io/g/devel/message/50643
Mute This Topic: https://groups.io/mt/56714162/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 09/11] ArmVirtPkg/ArmVirt.dsc.inc: specify RngLib instances in dsc files
Posted by Wang, Jian J 5 years ago 
Ard,


> -----Original Message-----
> From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Sent: Thursday, November 14, 2019 3:41 PM
> To: edk2-devel-groups-io <devel@edk2.groups.io>; Wang, Jian J
> <jian.j.wang@intel.com>
> Cc: Leif Lindholm <leif.lindholm@linaro.org>; Laszlo Ersek <lersek@redhat.com>
> Subject: Re: [edk2-devel] [PATCH 09/11] ArmVirtPkg/ArmVirt.dsc.inc: specify
> RngLib instances in dsc files
> 
> On Thu, 14 Nov 2019 at 02:18, Wang, Jian J <jian.j.wang@intel.com> wrote:
> >
> > Per BZ1871, OpensslLib will depend on RngLib instead of TimerLib. Update
> > ArmVirt.dsc.inc file to accommodate the coming changes. It's supposed
> > that only TlsDxe needs random number. The RngDxeLib is added for it. For
> > all other drivers, RngLibNull is used by default.
> >
> > Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1871
> > Cc: Leif Lindholm <leif.lindholm@linaro.org>
> > Cc: Laszlo Ersek <lersek@redhat.com>
> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
> 
> Does this mean we lose the ability to do HTTPS boot if we lack an
> implementation of EFI_RNG_PROTOCOL?

The ArmVirtQemuXxx.dsc have EFI_RNG_PROTOCOL implemented. The
only one having problem is ArmVirtXen.dsc.

What's your suggestion? Implementing one (RngLib or EFI_RNG_PROTOCOL)
for ARM particually (you guys need to do it) or add a general RngLib (like
cpu jitter) this time (I can do that)?

Regards,
Jian
> 
> > ---
> >  ArmVirtPkg/ArmVirt.dsc.inc | 2 ++
> >  1 file changed, 2 insertions(+)
> >
> > diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
> > index 10037c938e..10e0890699 100644
> > --- a/ArmVirtPkg/ArmVirt.dsc.inc
> > +++ b/ArmVirtPkg/ArmVirt.dsc.inc
> > @@ -156,8 +156,10 @@
> >    IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> >  !if $(NETWORK_TLS_ENABLE) == TRUE
> >    OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> > +
> RngLib|SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRng
> LibRngProtocol.inf
> >  !else
> >    OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> > +  RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
> >  !endif
> >    BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> >
> > --
> > 2.17.1.windows.2
> >
> >
> > 
> >

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#50645): https://edk2.groups.io/g/devel/message/50645
Mute This Topic: https://groups.io/mt/56714162/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 09/11] ArmVirtPkg/ArmVirt.dsc.inc: specify RngLib instances in dsc files
Posted by Ard Biesheuvel 5 years ago 
On Thu, 14 Nov 2019 at 08:03, Wang, Jian J <jian.j.wang@intel.com> wrote:
>
> Ard,
>
>
> > -----Original Message-----
> > From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > Sent: Thursday, November 14, 2019 3:41 PM
> > To: edk2-devel-groups-io <devel@edk2.groups.io>; Wang, Jian J
> > <jian.j.wang@intel.com>
> > Cc: Leif Lindholm <leif.lindholm@linaro.org>; Laszlo Ersek <lersek@redhat.com>
> > Subject: Re: [edk2-devel] [PATCH 09/11] ArmVirtPkg/ArmVirt.dsc.inc: specify
> > RngLib instances in dsc files
> >
> > On Thu, 14 Nov 2019 at 02:18, Wang, Jian J <jian.j.wang@intel.com> wrote:
> > >
> > > Per BZ1871, OpensslLib will depend on RngLib instead of TimerLib. Update
> > > ArmVirt.dsc.inc file to accommodate the coming changes. It's supposed
> > > that only TlsDxe needs random number. The RngDxeLib is added for it. For
> > > all other drivers, RngLibNull is used by default.
> > >
> > > Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1871
> > > Cc: Leif Lindholm <leif.lindholm@linaro.org>
> > > Cc: Laszlo Ersek <lersek@redhat.com>
> > > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > > Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
> >
> > Does this mean we lose the ability to do HTTPS boot if we lack an
> > implementation of EFI_RNG_PROTOCOL?
>
> The ArmVirtQemuXxx.dsc have EFI_RNG_PROTOCOL implemented. The
> only one having problem is ArmVirtXen.dsc.
>

No, it applies to all of them. The fact that a driver is available
does not mean the virtual hardware is being provided.

> What's your suggestion? Implementing one (RngLib or EFI_RNG_PROTOCOL)
> for ARM particually (you guys need to do it) or add a general RngLib (like
> cpu jitter) this time (I can do that)?
>

How does this work today? How does TLS obtain the entropy to generate
the symmetric key for encryption?

> >
> > > ---
> > >  ArmVirtPkg/ArmVirt.dsc.inc | 2 ++
> > >  1 file changed, 2 insertions(+)
> > >
> > > diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
> > > index 10037c938e..10e0890699 100644
> > > --- a/ArmVirtPkg/ArmVirt.dsc.inc
> > > +++ b/ArmVirtPkg/ArmVirt.dsc.inc
> > > @@ -156,8 +156,10 @@
> > >    IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> > >  !if $(NETWORK_TLS_ENABLE) == TRUE
> > >    OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> > > +
> > RngLib|SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRng
> > LibRngProtocol.inf
> > >  !else
> > >    OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> > > +  RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
> > >  !endif
> > >    BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > >
> > > --
> > > 2.17.1.windows.2
> > >
> > >
> > >
> > >
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#50646): https://edk2.groups.io/g/devel/message/50646
Mute This Topic: https://groups.io/mt/56714162/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 09/11] ArmVirtPkg/ArmVirt.dsc.inc: specify RngLib instances in dsc files
Posted by Wang, Jian J 5 years ago 
Ard,


> -----Original Message-----
> From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Sent: Thursday, November 14, 2019 4:14 PM
> To: edk2-devel-groups-io <devel@edk2.groups.io>; Wang, Jian J
> <jian.j.wang@intel.com>
> Cc: Leif Lindholm <leif.lindholm@linaro.org>; Laszlo Ersek <lersek@redhat.com>
> Subject: Re: [edk2-devel] [PATCH 09/11] ArmVirtPkg/ArmVirt.dsc.inc: specify
> RngLib instances in dsc files
> 
> On Thu, 14 Nov 2019 at 08:03, Wang, Jian J <jian.j.wang@intel.com> wrote:
> >
> > Ard,
> >
> >
> > > -----Original Message-----
> > > From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > > Sent: Thursday, November 14, 2019 3:41 PM
> > > To: edk2-devel-groups-io <devel@edk2.groups.io>; Wang, Jian J
> > > <jian.j.wang@intel.com>
> > > Cc: Leif Lindholm <leif.lindholm@linaro.org>; Laszlo Ersek
> <lersek@redhat.com>
> > > Subject: Re: [edk2-devel] [PATCH 09/11] ArmVirtPkg/ArmVirt.dsc.inc: specify
> > > RngLib instances in dsc files
> > >
> > > On Thu, 14 Nov 2019 at 02:18, Wang, Jian J <jian.j.wang@intel.com> wrote:
> > > >
> > > > Per BZ1871, OpensslLib will depend on RngLib instead of TimerLib. Update
> > > > ArmVirt.dsc.inc file to accommodate the coming changes. It's supposed
> > > > that only TlsDxe needs random number. The RngDxeLib is added for it. For
> > > > all other drivers, RngLibNull is used by default.
> > > >
> > > > Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1871
> > > > Cc: Leif Lindholm <leif.lindholm@linaro.org>
> > > > Cc: Laszlo Ersek <lersek@redhat.com>
> > > > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > > > Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
> > >
> > > Does this mean we lose the ability to do HTTPS boot if we lack an
> > > implementation of EFI_RNG_PROTOCOL?
> >
> > The ArmVirtQemuXxx.dsc have EFI_RNG_PROTOCOL implemented. The
> > only one having problem is ArmVirtXen.dsc.
> >
> 
> No, it applies to all of them. The fact that a driver is available
> does not mean the virtual hardware is being provided.
> 

I see. Do you still want me to add the VirtioRngDxe into it?

> > What's your suggestion? Implementing one (RngLib or EFI_RNG_PROTOCOL)
> > for ARM particually (you guys need to do it) or add a general RngLib (like
> > cpu jitter) this time (I can do that)?
> >
> 
> How does this work today? How does TLS obtain the entropy to generate
> the symmetric key for encryption?
> 

I'm not expert of this area. I just read the code to find out the usages.
Here're some use cases (maybe more):
  - session id
  - IV for encryption
  - fill hello random data
  - generate RFC5077 ticket key
  - post-handshake auth

Regards,
Jian

> > >
> > > > ---
> > > >  ArmVirtPkg/ArmVirt.dsc.inc | 2 ++
> > > >  1 file changed, 2 insertions(+)
> > > >
> > > > diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
> > > > index 10037c938e..10e0890699 100644
> > > > --- a/ArmVirtPkg/ArmVirt.dsc.inc
> > > > +++ b/ArmVirtPkg/ArmVirt.dsc.inc
> > > > @@ -156,8 +156,10 @@
> > > >    IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> > > >  !if $(NETWORK_TLS_ENABLE) == TRUE
> > > >    OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> > > > +
> > >
> RngLib|SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRng
> > > LibRngProtocol.inf
> > > >  !else
> > > >    OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> > > > +  RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
> > > >  !endif
> > > >    BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > >
> > > > --
> > > > 2.17.1.windows.2
> > > >
> > > >
> > > >
> > > >
> >
> > 
> >

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#50653): https://edk2.groups.io/g/devel/message/50653
Mute This Topic: https://groups.io/mt/56714162/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 09/11] ArmVirtPkg/ArmVirt.dsc.inc: specify RngLib instances in dsc files
Posted by Laszlo Ersek 5 years ago 
On 11/14/19 03:17, Wang, Jian J wrote:
> Per BZ1871, OpensslLib will depend on RngLib instead of TimerLib. Update
> ArmVirt.dsc.inc file to accommodate the coming changes. It's supposed
> that only TlsDxe needs random number. The RngDxeLib is added for it. For
> all other drivers, RngLibNull is used by default.
> 
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1871
> Cc: Leif Lindholm <leif.lindholm@linaro.org>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
> ---
>  ArmVirtPkg/ArmVirt.dsc.inc | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
> index 10037c938e..10e0890699 100644
> --- a/ArmVirtPkg/ArmVirt.dsc.inc
> +++ b/ArmVirtPkg/ArmVirt.dsc.inc
> @@ -156,8 +156,10 @@
>    IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
>  !if $(NETWORK_TLS_ENABLE) == TRUE
>    OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> +  RngLib|SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRngLibRngProtocol.inf
>  !else
>    OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> +  RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
>  !endif
>    BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
>  
> 

(1) This is not right: the non-Null lib instance should be linked into
TlsDxe only, like in the OvmfPkg patch.

Please locate TlsAuthConfigDxe in both "ArmVirtQemu.dsc" and
"ArmVirtQemuKernel.dsc", and implement the same approach as in OvmfPkg
near "TlsAuthConfigDxe".

(2) See other comments in my OvmfPkg patch review.

Thanks
Laszlo


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#50657): https://edk2.groups.io/g/devel/message/50657
Mute This Topic: https://groups.io/mt/56714162/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 09/11] ArmVirtPkg/ArmVirt.dsc.inc: specify RngLib instances in dsc files
Posted by Wang, Jian J 5 years ago 
Laszlo,


> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Laszlo Ersek
> Sent: Thursday, November 14, 2019 6:37 PM
> To: devel@edk2.groups.io; Wang, Jian J <jian.j.wang@intel.com>
> Cc: Leif Lindholm <leif.lindholm@linaro.org>; Ard Biesheuvel
> <ard.biesheuvel@linaro.org>
> Subject: Re: [edk2-devel] [PATCH 09/11] ArmVirtPkg/ArmVirt.dsc.inc: specify
> RngLib instances in dsc files
> 
> On 11/14/19 03:17, Wang, Jian J wrote:
> > Per BZ1871, OpensslLib will depend on RngLib instead of TimerLib. Update
> > ArmVirt.dsc.inc file to accommodate the coming changes. It's supposed
> > that only TlsDxe needs random number. The RngDxeLib is added for it. For
> > all other drivers, RngLibNull is used by default.
> >
> > Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1871
> > Cc: Leif Lindholm <leif.lindholm@linaro.org>
> > Cc: Laszlo Ersek <lersek@redhat.com>
> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
> > ---
> >  ArmVirtPkg/ArmVirt.dsc.inc | 2 ++
> >  1 file changed, 2 insertions(+)
> >
> > diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
> > index 10037c938e..10e0890699 100644
> > --- a/ArmVirtPkg/ArmVirt.dsc.inc
> > +++ b/ArmVirtPkg/ArmVirt.dsc.inc
> > @@ -156,8 +156,10 @@
> >    IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> >  !if $(NETWORK_TLS_ENABLE) == TRUE
> >    OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> > +
> RngLib|SecurityPkg/RandomNumberGenerator/DxeRngLibRngProtocol/DxeRng
> LibRngProtocol.inf
> >  !else
> >    OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> > +  RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
> >  !endif
> >    BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> >
> >
> 
> (1) This is not right: the non-Null lib instance should be linked into
> TlsDxe only, like in the OvmfPkg patch.
> 
> Please locate TlsAuthConfigDxe in both "ArmVirtQemu.dsc" and
> "ArmVirtQemuKernel.dsc", and implement the same approach as in OvmfPkg
> near "TlsAuthConfigDxe".
> 

Got it. I'll update them all.

> (2) See other comments in my OvmfPkg patch review.
> 

Thanks,
Jian

> Thanks
> Laszlo
> 
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#50669): https://edk2.groups.io/g/devel/message/50669
Mute This Topic: https://groups.io/mt/56714162/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Patchew 2.1-devel-b67e4c2

© 2016 - 2024 Red Hat, Inc.