The current purpose of this POC is to find all ways to reduce the size increase as much as possible to meet our goal of +10% size increase.
I understand that the current code changes seem unacceptable, and the next step of the POC is to find a suitable way to apply these changes (some breaking changes may be discarded): such as upstream to openssl or integrate into the configure script. If all goes well, the next step will start at the end of March. Regards, Yi -----Original Message----- From: Gerd Hoffmann <kra...@redhat.com> Sent: Friday, March 17, 2023 6:03 PM To: Li, Yi1 <yi1...@intel.com> Cc: devel@edk2.groups.io; Yao, Jiewen <jiewen....@intel.com>; Hou, Wenxing <wenxing....@intel.com> Subject: Re: [edk2-staging/OpenSSL11_EOL 0/7] Openssl 3.0 POC update Mar 17 On Fri, Mar 17, 2023 at 12:28:12PM +0800, Yi Li wrote: > Please check the patch series if interested. > PR: https://github.com/tianocore/edk2-staging/pull/359 So it seems you are doing a number of larger changes to the openssl code base. What is the plan for those? I'd prefer to not be in a situation where every openssl update needs alot of work in our edk2-specific adaptions, especially as openssl updates can be timing-sensitive when it comes to fixing security issues. For changes where we only need dummy stub functions which don't do anything is isn't a big problem. But when changing the provider logic to suit our needs it is probably much better to work with upstream openssl to get the changes we need merged. I did that in the past, worked fine. See for example openssl commit a28dbfe7c84b6a43746d0e2ef4153e2a13067c4a (change printf to not support floating point for --target=UEFI). take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#101328): https://edk2.groups.io/g/devel/message/101328 Mute This Topic: https://groups.io/mt/97666986/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
