Thanks Laszlo, below patch did miss that point to avoid the build performance impact.
I will update it to introduce HTTPS_BOOT_ENABLE flag for TlsDxe. Thanks. Jiaxin > -----Original Message----- > From: Laszlo Ersek [mailto:[email protected]] > Sent: Monday, February 29, 2016 11:26 PM > To: Wu, Jiaxin <[email protected]>; [email protected] > Cc: Ye, Ting <[email protected]>; Ni, Ruiyu <[email protected]>; Fu, Siyuan > <[email protected]>; Long, Qin <[email protected]> > Subject: Re: [edk2] [PATCH v2 6/6] Nt32Pkg: Enable Nt32Pkg platform HTTPS > boot feature. > > On 02/29/16 02:37, Jiaxin Wu wrote: > > v2: > > *Update to remove 'SECURE_BOOT_ENABLE' flag for all library defined in > > CryptoPkg. > > > > This path is used to enable HTTPS boot feature. > > > > Cc: Ye Ting <[email protected]> > > Cc: Fu Siyuan <[email protected]> > > Cc: Long Qin <[email protected]> > > Cc: Ruiyu Ni <[email protected]> > > Cc: El-Haj-Mahmoud Samer <[email protected]> > > Contributed-under: TianoCore Contribution Agreement 1.0 > > Signed-off-by: Jiaxin Wu <[email protected]> > > --- > > Nt32Pkg/Nt32Pkg.dsc | 15 ++++++--------- Nt32Pkg/Nt32Pkg.fdf | 4 > > +++- > > 2 files changed, 9 insertions(+), 10 deletions(-) > > > > diff --git a/Nt32Pkg/Nt32Pkg.dsc b/Nt32Pkg/Nt32Pkg.dsc index > > 87a08c0..d297812 100644 > > --- a/Nt32Pkg/Nt32Pkg.dsc > > +++ b/Nt32Pkg/Nt32Pkg.dsc > > @@ -2,11 +2,11 @@ > > # EFI/Framework Emulation Platform with UEFI HII interface supported. > > # > > # The Emulation Platform can be used to debug individual modules, prior > to creating > > # a real platform. This also provides an example for how an DSC is > > created. > > # > > -# Copyright (c) 2006 - 2015, Intel Corporation. All rights > > reserved.<BR> > > +# Copyright (c) 2006 - 2016, Intel Corporation. All rights > > +reserved.<BR> > > # Copyright (c) 2015, Hewlett-Packard Development Company, L.P.<BR> > > # (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> # > > # This program and the accompanying materials > > # are licensed and made available under the terms and conditions of the > BSD License > > @@ -132,15 +132,16 @@ > > > DebugPrintErrorLevelLib|MdeModulePkg/Library/DxeDebugPrintErrorLevelL > ib/DxeDebugPrintErrorLevelLib.inf > > > PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanc > eLibNull.inf > > > DebugAgentLib|MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLi > bNull.inf > > > CpuExceptionHandlerLib|MdeModulePkg/Library/CpuExceptionHandlerLibN > ull/CpuExceptionHandlerLibNull.inf > > LockBoxLib|MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf > > + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > > + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > > + OpensslTlsLib|CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf > > > > !if $(SECURE_BOOT_ENABLE) == TRUE > > > > PlatformSecureLib|Nt32Pkg/Library/PlatformSecureLib/PlatformSecureLib. > > inf > > - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > > - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > > > TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTp > mMeasurementLib.inf > > > > AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.in > > f > > !else > > > TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/Tp > mMeasurementLibNull.inf > > > > > AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableL > > ibNull.inf > > @@ -174,13 +175,11 @@ > > > > > OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibN > ull/Oem > > HookStatusCodeLibNull.inf > > > > [LibraryClasses.common.PEIM] > > PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf > > > > > OemHookStatusCodeLib|Nt32Pkg/Library/PeiNt32OemHookStatusCodeLib/ > PeiNt > > 32OemHookStatusCodeLib.inf > > -!if $(SECURE_BOOT_ENABLE) == TRUE > > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf > > -!endif > > > > [LibraryClasses.common] > > # > > # DXE phase common > > # > > @@ -191,13 +190,12 @@ > > > ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/Dx > eReportStatusCodeLib.inf > > > OemHookStatusCodeLib|Nt32Pkg/Library/DxeNt32OemHookStatusCodeLib/ > DxeNt32OemHookStatusCodeLib.inf > > > PeCoffExtraActionLib|Nt32Pkg/Library/DxeNt32PeCoffExtraActionLib/DxeNt > 32PeCoffExtraActionLib.inf > > > ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeE > xtractGuidedSectionLib.inf > > WinNtLib|Nt32Pkg/Library/DxeWinNtLib/DxeWinNtLib.inf > > -!if $(SECURE_BOOT_ENABLE) == TRUE > > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > > -!endif > > + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf > > > > [LibraryClasses.common.DXE_CORE] > > HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf > > > MemoryAllocationLib|MdeModulePkg/Library/DxeCoreMemoryAllocationLi > b/DxeCoreMemoryAllocationLib.inf > > PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf > > @@ -214,13 +212,11 @@ > > > > [LibraryClasses.common.DXE_RUNTIME_DRIVER] > > # > > # Runtime > > # > > -!if $(SECURE_BOOT_ENABLE) == TRUE > > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > > -!endif > > > > > > > ########################################################## > ############ > > ########## > > # > > # Pcd Section - list of all EDK II PCD Entries defined by this > > Platform # @@ -443,10 +439,11 @@ > > > > NetworkPkg/HttpBootDxe/HttpBootDxe.inf > > NetworkPkg/DnsDxe/DnsDxe.inf > > NetworkPkg/HttpDxe/HttpDxe.inf > > NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf > > + NetworkPkg/TlsDxe/TlsDxe.inf > > > > MdeModulePkg/Universal/BdsDxe/BdsDxe.inf { > > <LibraryClasses> > > > NULL|MdeModulePkg/Library/BmpImageDecoderLib/BmpImageDecoderLib > .inf > > } > > diff --git a/Nt32Pkg/Nt32Pkg.fdf b/Nt32Pkg/Nt32Pkg.fdf index > > a10c12f..aa10ae8 100644 > > --- a/Nt32Pkg/Nt32Pkg.fdf > > +++ b/Nt32Pkg/Nt32Pkg.fdf > > @@ -1,9 +1,9 @@ > > ## @file > > # This is NT32 FDF file with UEFI HII features enabled # -# > > Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR> > > +# Copyright (c) 2007 - 2016, Intel Corporation. All rights > > +reserved.<BR> > > # (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> # > > # This program and the accompanying materials > > # are licensed and made available under the terms and conditions of the > BSD License > > # which accompanies this distribution. The full text of the license may > > be > found at > > @@ -260,10 +260,12 @@ INF > > MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf > > INF MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf > > INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf > > INF NetworkPkg/DnsDxe/DnsDxe.inf > > INF NetworkPkg/HttpDxe/HttpDxe.inf > > INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf > > +INF NetworkPkg/TlsDxe/TlsDxe.inf > > + > > > > > ########################################################## > ############ > > ########## > > # > > # FILE statements are provided so that a platform integrator can > > include # complete EFI FFS files, as well as a method for > > constructing FFS files # using curly "{}" brace scoping. The > > following three FILEs are > > > > I remember that it was suggested that HTTPS boot be made independent of > SECURE_BOOT_ENABLE, since these were two separate features. > > However, I think the above patch will make Nt32Pkg impossible to build > without adding OpenSSL to the tree. Is that intentional? > > Should we perhaps introduce a new build flag, like HTTPS_BOOT_ENABLE? > Then the OpenSSL-dependent libraries would be resolved for > HTTPS_BOOT_ENABLE || SECURE_BOOT_ENABLE, and the TLS driver would > only depend on HTTPS_BOOT_ENABLE. > > Just an idea. > > Thanks > Laszlo _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
