Re: [edk2] [PATCH] CryptoPkg: OpensslLib: reintroduce EFIAPI for ERR_add_error_data()

Wed, 22 Jul 2015 14:33:01 -0700 

On Tue, 2015-06-23 at 09:54 -0400, Peter Jones wrote:
> On Tue, Jun 23, 2015 at 03:34:25PM +0200, Laszlo Ersek wrote:
> > Git commit f93f78ea70 (SVN r17633), with subject "CryptoPkg: Update
> > openssl patch file from 0.9.8zf to 1.0.2c", replaced the file
> > 
> >   CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8zf.patch
> > 
> > with
> > 
> >   CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2c.patch
> > 
> > In the process, two hunks were lost that used to add EFIAPI to the
> > declaration of the variadic function ERR_add_error_data().
> > 
> > The VA_START() macro, from "MdePkg/Include/Base.h", expands to an
> > EFIAPI-dependent implementation when
> > 
> >   !defined(__CC_ARM) && (!defined(__GNUC__) ||
> >                          defined(NO_BUILTIN_VA_FUNCS))
> > 
> > Under such circumstances, the va_start() macro invocation in
> > ERR_add_error_data() -- which is translated to VA_START() by
> > "CryptoPkg/Include/OpenSslSupport.h" -- results in EFIAPI-dependent code,
> > but callers of the function pass the arguments incorrectly, because the
> > declaration doesn't state EFIAPI.
> > 
> > This leads to crashes when ERR_add_error_vdata(), called by
> > ERR_add_error_data(), tries to access the arguments forwarded to it.
> > 
> > Restore the missing hunk from before SVN r17633.
> > 
> > Cc: Qin Long <qin.l...@intel.com>
> > Cc: Ard Biesheuvel <ard.biesheu...@linaro.org>
> > Cc: Gary Ching-Pang Lin <g...@suse.com>
> > Cc: Peter Jones <pjo...@redhat.com>
> > Contributed-under: TianoCore Contribution Agreement 1.0
> > Signed-off-by: Laszlo Ersek <ler...@redhat.com>
> 
> Yeah, EFIAPI to get the right calling conventions on x86_64 is
> definitely the right thing here.  Is this what was breaking shim for
> you?
> 
> It's mildly annoying that EFIAPI is pretty much 100% about ABI calling
> conventions and has nothing to do with actual API, but that ship has
> long past sailed.
> 
> Acked-by: Peter Jones <pjo...@redhat.com>

Alternatively (as I baulk at trying to send that particular one-liner
upstream to OpenSSL), would it be possible to simply *avoid* defining
NO_BUILTIN_VA_FUNCS for the OpenSSL part of the build?


-- 
David Woodhouse                            Open Source Technology Centre
david.woodho...@intel.com                              Intel Corporation

Attachment: smime.p7s
Description: S/MIME cryptographic signature

------------------------------------------------------------------------------

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel

Reply via email to