Re: [edk2] Drop CSM support in OvmfPkg?

2019-01-24 Thread David Woodhouse
On Thu, 2019-01-24 at 01:48 +, Ni, Ray wrote: > David, > I think we got an agreement here to move CSM components in OvmfPkg. > I prefer we firstly clone the required CSM components in OvmfPkg right no. > Finally I can remove the IntelFrameworkModulePkg/IntelFrameworkPkg in one > patch. > (I

Re: [edk2] Drop CSM support in OvmfPkg?

2019-01-23 Thread David Woodhouse
the > exact pathnames of the CSM components, so we'd add a line like > > R: David Woodhouse > > under OvmfPkg. There is "prior art" for this pattern, see: > > R: Anthony Perard > R: Julien Grall > > Because Anthony and Julien are the authority

Re: [edk2] Drop CSM support in OvmfPkg?

2019-01-23 Thread David Woodhouse
On Wed, 2019-01-23 at 07:12 +0100, Gerd Hoffmann wrote: > > A one-size-fits-all BIOS using OVMF+CSM is very much > > preferable. > > Building a one-size-fits-all BIOS is pretty much impossible due to CSM > being incompatible with secure boot. Booting with CSM is incompatible with Secure Boot, of

Re: [edk2] Drop CSM support in OvmfPkg?

2019-01-22 Thread David Woodhouse
On Tue, 2019-01-22 at 16:13 +, Ni, Ray wrote: > David, > I'd like to re-start the discussion. > Could you please kindly explain the background/reason of adding CSM > support in OVMF? > Maybe knowing the reason can help to make further decisions of > whether to > A. keep it outside OvmfPkg > B.

Re: [edk2] Drop CSM support in OvmfPkg?

2018-12-20 Thread David Woodhouse
On Thu, 2018-12-20 at 07:44 +0100, Gerd Hoffmann wrote: > On Mon, Dec 17, 2018 at 10:54:25AM +0100, Laszlo Ersek wrote: > > (Adding Kevin, Gerd, David) > > > > On 12/17/18 03:23, Ni, Ruiyu wrote: > > > Hi OvmfPkg maintainers and reviewers, > > > I am working on removing IntelFrameworkModulePkg

Re: [edk2] [PATCH] CryptoPkg: update openssl to ignore RVCT 3079

2016-07-06 Thread David Woodhouse
On Tue, 2016-07-05 at 17:04 +, Long, Qin wrote: > Yes, this unset issue was already fixed in OpenSSL HEAD. > The patch is OK for me to ignore the warning for current 1.0.2 > version. Or we can backport some cleanups into our 1.0.2xx patch.  My main concern is that we don't accumulate hacks

Re: [edk2] [PATCH] CryptoPkg: update openssl to ignore RVCT 3079

2016-07-05 Thread David Woodhouse
> > Change-Id: I0d38193569b29f96861a191908c343831fd957c2 > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Eugene Cohen <eug...@hp.com> Can we "fix" the upstream code instead? -- David WoodhouseOpen Source

Re: [edk2] edk2-staging/HTTPS-TLS

2016-06-08 Thread David Woodhouse
On Thu, 2016-05-19 at 10:30 +0200, Laszlo Ersek wrote: > > master final merge > *---*-*---**---*--**--> >  \ \    \ / >   \ \   

Re: [edk2] Csm16.bin(seabios) failed to work in OVMF.

2016-05-04 Thread David Woodhouse
s) actually just thunk through SMM to the UEFI runtime? -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com Intel Corporation smime.p7s Description: S/MIME cryptographic signature __

Re: [edk2] [Patch 0/3] Use new BDS and UiApp for OvmfPkg

2016-05-03 Thread David Woodhouse
On Tue, 2016-05-03 at 12:37 +0200, Laszlo Ersek wrote: > > However, CSM is apparently generally borked at the moment (see > ), and I don't think I can > spend time on analyzing and fixing that. > > I guess this is not good news, but I thought it

Re: [edk2] EDK2 Staging Proposal 3rd draft, final?

2016-03-19 Thread David Woodhouse
On Fri, 2016-03-18 at 14:24 +0100, Laszlo Ersek wrote: > Except my own actions. I'm already watching the github issue tracker and > get emails of the actions of others. No emails about my own actions. It > makes the email audit trail completely unusable. That's your personal email notification.

Re: [edk2] EDK2 Staging Proposal 3rd draft, final?

2016-03-19 Thread David Woodhouse
On Fri, 2016-03-18 at 17:08 +0100, Laszlo Ersek wrote: > On 03/18/16 14:59, David Woodhouse wrote: > > Sometimes, stuff just broke and you just fix it up and move on. Let the > > people who *did* it work it out for themselves and that actually forms > > a *better* learnin

[edk2] [PATCH v2] OvmfPkg/PlatformPei: Fix VS2008 build breakage

2016-03-19 Thread David Woodhouse
tialise PciExBarBase to zero to shut the compiler up. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: David Woodhouse <david.woodho...@intel.com> --- Oops, my build test on Windows still had the temporary 'PciExBarBase=0' to shut the compiler up, so wasn't r

Re: [edk2] Problem with Author, Sign Off, and IP concerns

2016-03-19 Thread David Woodhouse
ned-off-by: tag indicating that they have the right to submit it. -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com Intel Corporation smime.p7s Description: S/MIME cryptographic signature

Re: [edk2] [PATCH v2] OvmfPkg/PlatformPei: Fix VS2008 build breakage

2016-03-19 Thread David Woodhouse
On Fri, 2016-03-18 at 17:53 +0100, Laszlo Ersek wrote: > > (1) The commit message uses at least one non-ASCII character, the EM > DASH (U+2014). Can you please replace it with a "--"? Yes, I know you > hate me for asking this. Please just write me off as stupid and replace > the character. No.

Re: [edk2] EDK2 Staging Proposal 3rd draft, final?

2016-03-19 Thread David Woodhouse
I could have sworn I'd responded to this last night, but it was late, and I see no evidence of such in my outbox or on the list. Apologies if I'm repeating myself... On Thu, 2016-03-17 at 00:15 +, Kinney, Michael D wrote: > Jordan asked a similar question about adding a 'staging' directory or

Re: [edk2] EDK2 Staging Repository 2nd Draft

2016-03-19 Thread David Woodhouse
> On 03/15/16 18:20, Kinney, Michael D wrote: > I don't object to pulling, if the submitter explicitly requests it, and > if we're making this option official now. Let's say "at the discretion of the person doing the merge" rather than writing down that it should need an explicit request. Over

Re: [edk2] [PATCH v2] OvmfPkg/PlatformPei: Fix VS2008 build breakage

2016-03-19 Thread David Woodhouse
On Fri, 2016-03-18 at 20:02 +0100, Laszlo Ersek wrote: > On 03/18/16 19:40, David Woodhouse wrote: > > > > > But this is different. This is the commit messages. And what would you > > know... the last commit message in the log which isn't ASCII *isn't* > > that oth

Re: [edk2] [PATCH v2] OvmfPkg/PlatformPei: Fix VS2008 build breakage

2016-03-19 Thread David Woodhouse
On Fri, 2016-03-18 at 19:05 +0100, Laszlo Ersek wrote: > On 03/18/16 18:45, David Woodhouse wrote: > > > > On Fri, 2016-03-18 at 17:53 +0100, Laszlo Ersek wrote: > > > > > > > > > (1) The commit message uses at least one non-ASCII character, the EM &

Re: [edk2] EDK2 Staging Proposal 3rd draft, final?

2016-03-19 Thread David Woodhouse
tion of what this buys us, over the normal process of having such submissions come via contributors' github repositories, with associated pull requests. Why invent new processes and not just use the existing tools that are basically *designed* for this workflow? -- David Woodhouse

Re: [edk2] [PATCH v2 3/6] OvmfPkg: PlatformPei: enable PCIEXBAR (aka MMCONFIG / ECAM) on Q35

2016-03-19 Thread David Woodhouse
On Tue, 2016-03-08 at 15:20 +0100, Laszlo Ersek wrote: > +UINT64  PciExBarBase; ... >  if (mHostBridgeDevId == INTEL_Q35_MCH_DEVICE_ID) { ... > +  PciExBarBase = FixedPcdGet64 (PcdPciExpressBaseAddress); ... >  } ... >  if (mHostBridgeDevId == INTEL_Q35_MCH_DEVICE_ID) { ... > + 

Re: [edk2] EDK2 Staging Proposal 3rd draft, final?

2016-03-19 Thread David Woodhouse
On Fri, 2016-03-18 at 13:18 +0100, Laszlo Ersek wrote: > > Thanks for the work. I'm willing to help you test these. > > I'm going to close the github pull requests now. Please don't. The point is to look at the workflow that the github PR tickets allow, not to actually merge the code — which is

Re: [edk2] EDK2 Staging Proposal 3rd draft, final?

2016-03-19 Thread David Woodhouse
On Thu, 2016-03-17 at 21:28 +, Kinney, Michael D wrote: > Yes.  Use of developer github forks is supported.  I had summarized > 3 development methods earlier in this thread. > > 1) PR emails send to edk2-devel.  There is a Wiki page that details process > for developers and maintainer.   > >

[edk2] [PATCH] OvmfPkg/PlatformPei: Fix VS2008 build breakage

2016-03-19 Thread David Woodhouse
OT_COMPLEX_BASE, SIZE_16KB);    //    // Note: there should be an --  2.5.5 -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com Intel Corporation smime.p7s Description: S/MIME cryptographic signature

Re: [edk2] [PATCH v2] OvmfPkg/PlatformPei: Fix VS2008 build breakage

2016-03-19 Thread David Woodhouse
On Sat, 2016-03-19 at 02:23 +0100, Laszlo Ersek wrote: > On 03/19/16 02:15, David Woodhouse wrote: > > > So we treat it as an opaque sequence of bytes on the way *in*, then > > make assumptions on the way *out* about what it was? > > On the way in, it is assumed to be UTF

Re: [edk2] [PATCH v2] OvmfPkg/PlatformPei: Fix VS2008 build breakage

2016-03-19 Thread David Woodhouse
On Fri, 2016-03-18 at 17:53 +0100, Laszlo Ersek wrote: > > (1) The commit message uses at least one non-ASCII character, the EM > DASH (U+2014). Can you please replace it with a "--"? Yes, I know you > hate me for asking this. Please just write me off as stupid and > replace the character.

Re: [edk2] EDK2 Staging Proposal 3rd draft, final?

2016-03-18 Thread David Woodhouse
On Fri, 2016-03-18 at 13:30 +0100, Laszlo Ersek wrote: > > Our workflow should not be centered on github pull requests in any case, > so I don't see the point in testing them out. Well, thanks for destroying the test I spent this morning setting up, because you don't believe it would have

Re: [edk2] [PATCH v2] OvmfPkg/PlatformPei: Fix VS2008 build breakage

2016-03-18 Thread David Woodhouse
On Fri, 2016-03-18 at 22:53 +0100, Laszlo Ersek wrote: > It happens to display Michał's name correctly, because it fits in latin2. Ah, OK. You got lucky on that one. Lots of names *don't* fit in ISO8859-2. > The extreme lengths that I had to go to were necessary to convince > git-send-email not

Re: [edk2] [PATCH v2] OvmfPkg/PlatformPei: Fix VS2008 build breakage

2016-03-18 Thread David Woodhouse
On Sat, 2016-03-19 at 01:55 +0100, Laszlo Ersek wrote: > > Okay, here's what I'll do. I will switch i18n.commitencoding back to > UTF-8. And, I will add a commit-msg hook that converts the commit > message in-place from latin2 to UTF-8, with "iconv". That should keep > us both happy. Deal? That

Re: [edk2] [PATCH] OvmfPkg/PlatformPei: suppress wrong VS2008 warning (use of uninited local)

2016-03-18 Thread David Woodhouse
. This is not the case (see > "mHostBridgeDevId"); suppress the warning. > > Reported-by: David Woodhouse <dw...@infradead.org> > Ref: http://thread.gmane.org/gmane.comp.bios.edk2.devel/8871/focus=94 > 31 > Cc: David Woodhouse <dw...@infradead.org> >

Re: [edk2] [PATCH v2] OvmfPkg/PlatformPei: Fix VS2008 build breakage

2016-03-18 Thread David Woodhouse
On Fri, 2016-03-18 at 23:26 +0100, Laszlo Ersek wrote: > > Whenever you contribute to a project, do you always start with making a > huge noise, calling everyone around (or their rules) insane, "makes no > sense at all", and so on? Not at all. Some weeks I'll work on as many as a dozen or so

Re: [edk2] EDK2 Staging Proposal 3rd draft, final?

2016-03-18 Thread David Woodhouse
line endings. This should mean that the tools can do the right thing and check out the working files according to the norms of the platform — you'll get CRLF on Windows, and LF on Linux. It would be good to test that, iron out any problems and get it fixed. But again, definitely something that wa

Re: [edk2] [PATCH v2] OvmfPkg/PlatformPei: Fix VS2008 build breakage

2016-03-18 Thread David Woodhouse
On Sat, 2016-03-19 at 01:03 +0100, Laszlo Ersek wrote: > > So yes, I'm interested in the bug because it should be fixed. But > > basically, you brought it upon yourself by operating in a mode that is > > *known* to invite such errors, and was abandoned by most other people a > > *long* time ago. >

Re: [edk2] EDK2 Staging Repository 2nd Draft

2016-03-15 Thread David Woodhouse
On Tue, 2016-03-15 at 00:16 +, Kinney, Michael D wrote: > > > Can you provide some revised text you would like to see in step 6. > > I agree that we need to use the tools in ways that help make this easy, > prevent > errors, and preserve history.  Given that step 6 describes promoting a >

Re: [edk2] EDK2 Staging Repository 2nd Draft

2016-03-14 Thread David Woodhouse
ing, that is *precisely* the kind of work where we want to be using the tools properly and *pull* it in rather than rebasing it. -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com Intel Corporation smime.p7s Description: S/M

Re: [edk2] EDK2 Staging Repository 2nd Draft

2016-03-14 Thread David Woodhouse
r they rebase, and responsible for subsequent retesting everything). Perhaps better still, the Reviewed-by: could be included in the *merge* commit. Either way, let's not further entrench incorrect rebase behaviour. -- David WoodhouseOpen Source Technology Ce

Re: [edk2] EDK2 Staging Repository 2nd Draft

2016-03-14 Thread David Woodhouse
* Not intended to be used for bug fixes. > * Not intended to be used for small, simple, or low risk features. Surely all of this is covered by the normal process of contributors publishing their work in github repositories of their own? Why do we need to do something different? -- David Woodho

Re: [edk2] [Patch 2/6] CryptoPkg: Add OpensslTlsLib module to enable 'openssl\ssl'

2016-03-11 Thread David Woodhouse
d here's where I came in... is there any need for it to be separate? If the objects corresponding to ssl/*.c are present in the library archive, doesn't that just mean that they'll get pulled in if they're *referenced*, and not if they're not? So why separate it out into OpensslTlsLib at all?

Re: [edk2] [Patch 2/6] CryptoPkg: Add OpensslTlsLib module to enable 'openssl\ssl'

2016-03-11 Thread David Woodhouse
On Fri, 2016-03-11 at 09:25 -0800, James Bottomley wrote: > > > With the ssl/ directory enabled? > > Yes, if you crack the package, this is the contents: > > /usr/include/edk2 > /usr/include/edk2/Base.h > /usr/include/edk2/Guid > /usr/include/edk2/Guid/GlobalVariable.h >

Re: [edk2] [PATCH 4/9] CryptoPkg/OpensslLib: Fix GCC unused-value warnings with HOST_c2l() (RT#4347)

2016-03-11 Thread David Woodhouse
On Fri, 2016-03-11 at 17:30 +, David Woodhouse wrote: > If we actually allow GCC to produce warnings, we'll see a lot of these: > …/crypto/md5/md5_dgst.c:109:56: error: right-hand operand of comma expression > has no effect [-Werror=unused-value] > > These were fixed in OpenSS

[edk2] [PATCH 9/9] CryptoPkg/OpensslLib: Enable building of ssl/ subdirectory of OpenSSL

2016-03-11 Thread David Woodhouse
Since it's just a library archive, let's just build the ssl/ parts unconditionally. If they're referenced, they'll get pulled in. If not then they won't. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: David Woodhouse <david.woodho...@intel.com> --- An alternative ap

[edk2] [PATCH 8/9] CryptoPkg: Abuse internal headers to make OpenSSL HEAD build work

2016-03-11 Thread David Woodhouse
More stuff got hidden. Some of this is tolerable. Other bits are horrid, but given that we expose *requires* that we know the size of the data structure, it's hard to see how we can avoid it. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: David Woodhouse <david.woo

[edk2] [PATCH 6/9] CryptoPkg: Fix time(NULL) crash

2016-03-11 Thread David Woodhouse
intel.com> Cc: Ye Ting <ting...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> Reviewed-by: David Woodhouse <david.woodho...@intel.com> --- I took the liberty of changing the commit comment a little.  ..

[edk2] [PATCH 4/9] CryptoPkg/OpensslLib: Fix GCC unused-value warnings with HOST_c2l() (RT#4347)

2016-03-11 Thread David Woodhouse
Contribution Agreement 1.0 Signed-off-by: David Woodhouse <david.woodho...@intel.com> ---  .../Library/OpensslLib/EDKII_openssl-1.0.2g.patch  | 168 +  1 file changed, 168 insertions(+) diff --git a/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2g.patch b/CryptoPkg/Library/Open

[edk2] [PATCH 5/9] CryptoPkg/OpensslLib: Enable warnings in GCC builds

2016-03-11 Thread David Woodhouse
[This space intentionally left blank, in case I accidentally venture  an opinion about the fact that we *ever* added '-w' to the build  flags of a security-sensitive piece of code.] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: David Woodhouse <david.woodho...@intel.

[edk2] [PATCH 3/9] CryptoPkg/OpensslLib: Fix handling of function pointers

2016-03-11 Thread David Woodhouse
ted-under: TianoCore Contribution Agreement 1.0 Signed-off-by: David Woodhouse <david.woodho...@intel.com> ---  CryptoPkg/Include/OpenSslSupport.h| 1 -  CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c | 6 ++  2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/

[edk2] [PATCH 2/9] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2g

2016-03-11 Thread David Woodhouse
From: Qin Long <qin.l...@intel.com> OpenSSL 1.0.2g was released with several severity fixes at 01-Mar-2016(https://www.openssl.org/news/secadv/20160301.txt). Upgrade the supported OpenSSL version in CryptoPkg/OpensslLib to catch the latest release 1.0.2g. (NOTE: RT4175 from David Woo

[edk2] [PATCH 1/9] CryptoPkg/OpensslLib: Convert saved opensslconf.h to DOS line endings

2016-03-11 Thread David Woodhouse
-by: David Woodhouse <david.woodho...@intel.com> Reviewed-by: Qin Long <qin.l...@intel.com> --- v2: Add missing '-n' arg.  CryptoPkg/Library/OpensslLib/process_files.sh | 5 +++--  1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/CryptoPkg/Library/OpensslLib/process_files.sh

[edk2] More OpenSSL fun...

2016-03-11 Thread David Woodhouse
At git//, https://git.infradead.org/users/dwmw2/edk2.git and in following emails you can find the following: As before, the ones which update to OpenSSL HEAD, and after that, are for comment only. David Woodhouse (7):     CryptoPkg/OpensslLib: Convert saved opensslconf.h to DOS line endings

Re: [edk2] [Patch 2/6] CryptoPkg: Add OpensslTlsLib module to enable 'openssl\ssl'

2016-03-11 Thread David Woodhouse
On Fri, 2016-03-11 at 07:54 -0800, James Bottomley wrote: > > I package it here: > > https://build.opensuse.org/package/show/home:jejb1:UEFI/OVMF > > in edk2-devel With the ssl/ directory enabled? -- dwmw2 smime.p7s Description: S/MIME cryptographic signature

Re: [edk2] [Patch 2/6] CryptoPkg: Add OpensslTlsLib module to enable 'openssl\ssl'

2016-03-11 Thread David Woodhouse
*.c files in the build. If I'm right, the resulting image will be identical. I'm slightly concerned by all the other duplication in the OpensslTlsLib.inf file — the CFLAGS and other things. Merging them into one, if it's technically feasible, does seem cleaner. -- David Woodhouse

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2g

2016-03-11 Thread David Woodhouse
; (NOTE: RT4175 from David Woodhouse was included in 1.0.2g. The >    new-generated patch will remove this part. And the line >    endings were still kept as before in this version for >    consistency) > > CC: David Woodhouse <david.woodho...@intel.com> > CC: Ti

Re: [edk2] [Patch 2/6] CryptoPkg: Add OpensslTlsLib module to enable 'openssl\ssl'

2016-03-11 Thread David Woodhouse
n if something *uses* it. Doesn't it? -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com Intel Corporation smime.p7s Description: S/MIME cryptographic signature ___ edk2-devel

Re: [edk2] [Patch] CryptoPkg: Fix the potential system hang issue

2016-03-11 Thread David Woodhouse
On Fri, 2016-03-11 at 12:35 +0800, Jiaxin Wu wrote: > This patch is used to fix the potential system hang > caused by the NULL 'time' parameter usage. Looks good. Thanks. > Cc: David Woodhouse <dw...@infradead.org> > Cc: Long Qin <qin.l...@intel.com> > Cc:

Re: [edk2] [Patch 2/6] CryptoPkg: Add OpensslTlsLib module to enable 'openssl\ssl'

2016-03-10 Thread David Woodhouse
On Thu, 2016-03-10 at 17:12 +, Long, Qin wrote: > > This patch series should be based on the old version, before the > back-porting of upstreaming patch was done. > We should have no need to add the extra patches on OpenSSL now for > OpensslTlsLib build now. Do you have a simple test case

Re: [edk2] Tianocore Community Update 2016 #1

2016-03-10 Thread David Woodhouse
On Thu, 2016-03-10 at 13:58 +0100, Laszlo Ersek wrote: > > > Sure, actually getting vendor buy-in for that is a completely different > > story. But let's not design the system to make it hard :) > > I couldn't buy in. That's fine. I'm not asking you to. I'm just asking that we don't make it

[edk2] [PATCH] CryptoPkg/OpensslLib: Convert saved opensslconf.h to DOS line endings

2016-03-10 Thread David Woodhouse
-by: David Woodhouse <david.woodho...@intel.com> --- (Resent from list-subscribed email address)  CryptoPkg/Library/OpensslLib/process_files.sh | 5 +++--  1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/CryptoPkg/Library/OpensslLib/process_files.sh b/CryptoPkg/Library/Open

Re: [edk2] [Patch 2/6] CryptoPkg: Add OpensslTlsLib module to enable 'openssl\ssl'

2016-03-10 Thread David Woodhouse
3$N;!am#E(MP69L These should be UTF-8 now, shouldn't they? It seems wrong to be adding new UTF-16 files while other people are submitting patches to convert *from* UTF-16 to UTF-8. -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com

Re: [edk2] Tianocore Community Update 2016 #1

2016-03-10 Thread David Woodhouse
On Thu, 2016-03-10 at 11:33 +0100, Laszlo Ersek wrote: > > > * Considering tying the Bugzilla login to GitHub using GitHub as the > > provider.  This would mean that anyone wishing to submit an item into > > BZ would require a GitHub account. > > I vote against this. I find 3rd party

Re: [edk2] [Patch 2/6] CryptoPkg: Add OpensslTlsLib module to enable 'openssl\ssl'

2016-03-10 Thread David Woodhouse
penSSL API cleanups, for example, which make things *ready* for OpenSSL 1.1 even while we're still using 1.0.2. -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com Intel Corporatio

Re: [edk2] [Patch 2/6] CryptoPkg: Add OpensslTlsLib module to enable 'openssl\ssl'

2016-03-10 Thread David Woodhouse
auto-generated now. You'll need to extend the process_files.sh script to do this for OpensslTlsLib.inf just like it does for OpensslLib.inf. -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com Intel Corporation smime.p7s D

Re: [edk2] [Patch 2/6] CryptoPkg: Add OpensslTlsLib module to enable 'openssl\ssl'

2016-03-10 Thread David Woodhouse
s own separate commit, with a commit comment *identifying* the upstream ticket (and OpenSSL 1.1 commit) in which it was fixed. But that's important to get right too. -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com

Re: [edk2] OpenSSL 1.1 status, and a worked example of why you should *NEVER* rebase

2016-03-09 Thread David Woodhouse
en email and pull requests, in this respect. Likewise, if you are taking submissions from someone in whom you do not have sufficient trust, then you *do* to need to look at the content. There is no difference between email and pull request in this respect either. -- David Woodhouse

Re: [edk2] OpenSSL 1.1 status, and a worked example of why you should *NEVER* rebase

2016-03-08 Thread David Woodhouse
On Wed, 2016-03-09 at 07:49 +0700, Ard Biesheuvel wrote: > > I agree that they should be allowed, but i share the concern that > merging puts the burden of fixing up conflicts on the maintainer > rather than the contributor, who is arguably in a worse position to > assess any potential problems

Re: [edk2] OpenSSL 1.1 status, and a worked example of why you should *NEVER* rebase

2016-03-08 Thread David Woodhouse
On Wed, 2016-03-09 at 00:05 +0100, Laszlo Ersek wrote: > (1) The submitter is himself/herself responsible for picking up review > tags, and then for posting a final (fully reviewed) PULL that can be > merged without *any* kind of rebase by the pulling maintainer. > > Corollary: since the first

Re: [edk2] OpenSSL 1.1 status, and a worked example of why you should *NEVER* rebase

2016-03-08 Thread David Woodhouse
On Tue, 2016-03-08 at 19:00 +0100, Laszlo Ersek wrote: > It is not about the branch that linus pulls from the subsystem > maintainer. > > It is about the patches that the subsystem maintainer picks up from > emails of individual contributors. > > Let me quote Linus's email back at you: The

Re: [edk2] OpenSSL 1.1 status, and a worked example of why you should *NEVER* rebase

2016-03-08 Thread David Woodhouse
On Tue, 2016-03-08 at 09:30 -0800, Jordan Justen wrote: > It sounds like the issue was a lack or gap in testing after the > rebase. > > I don't see that possibility going away just because you instead used > merge. Especially if you consider resolving merge conflicts or other > subtle errors that

Re: [edk2] OpenSSL 1.1 status, and a worked example of why you should *NEVER* rebase

2016-03-08 Thread David Woodhouse
On Tue, 2016-03-08 at 18:24 +0100, Laszlo Ersek wrote: > Here again I can only point to people who I consider my betters -- are > you suggesting that the QEMU workflow and the Linux workflow are utterly > wrong? It is not "the Linux workflow". Linus will *eat* you if you rebase trees which you

Re: [edk2] OpenSSL 1.1 status, and a worked example of why you should *NEVER* rebase

2016-03-08 Thread David Woodhouse
On Tue, 2016-03-08 at 14:21 +0100, Laszlo Ersek wrote: > As soon as Intel leadership signs off on a merge-oriented workflow, > I'll seek to adopt it immediately. What is this "Intel leadership" of which you speak? I thought the direction from Intel was that we would move to git (at last). Nobody

[edk2] OpenSSL 1.1 status, and a worked example of why you should *NEVER* rebase

2016-03-08 Thread David Woodhouse
Sure, send the patches to the list for review *too*, but that shouldn't be how they actually get in. Note: using 'git rebase --interactive' just to add Reviewed-by: and similar tags is acceptable. But don't actually rebase onto a different base. Keep it where it was, and *merge* it. -- David

Re: [edk2] [GIT PULL] CryptoPkg/OpensslLib: Fix CRLF breakage in process_files.sh

2016-03-07 Thread David Woodhouse
On Sat, 2016-03-05 at 20:05 +0100, Ard Biesheuvel wrote: > On 5 March 2016 at 17:54, David Woodhouse <dw...@infradead.org> wrote: > > Please PULL this commit from: > > > > git://git.infradead.org/users/dwmw2/edk2.git fix-crlf-crap > > > > F

[edk2] [GIT PULL] CryptoPkg/OpensslLib: Fix CRLF breakage in process_files.sh

2016-03-05 Thread David Woodhouse
Please PULL this commit from: git://git.infradead.org/users/dwmw2/edk2.git fix-crlf-crap From 9353c60cea6eeedbbe4b336aea02646e2bf25f47 Mon Sep 17 00:00:00 2001 From: David Woodhouse <david.woodho...@intel.com> Date: Sat, 5 Mar 2016 16:44:33 + Subject: [PATCH] CryptoPkg/Open

Re: [edk2] [PATCH 2/9] Linux: Ignore *.patch and *~ files

2016-03-04 Thread David Woodhouse
;leroy.p.le...@intel.com> Can't this wait until I have finished killing off the OpenSSL patch, which it would also ignore? OpenSSL 1.1 should be released next month, and shouldn't need patching...  -- David WoodhouseOpen Source Technology Centr

Re: [edk2] [PATCH v2] MdeModulePkg: RegularExpressionDxe: support free(NULL)

2016-02-26 Thread David Woodhouse
as    free(myPointer++); -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com Intel Corporation smime.p7s Description: S/MIME cryptographic signature ___ edk2-devel mailing lis

Re: [edk2] [PATCH] MdeModulePkg: AcpiTableDxe: fix VS2008 build by merging adjacent if blocks

2016-02-25 Thread David Woodhouse
e; thanks. Reviewed-by: David Woodhouse <david.woodho...@intel.com> -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com Intel Corporation smime.p7s Description: S/MIME cryptographic signature

Re: [edk2] [PATCH v4 1/2] MdeModulePkg: AcpiTableDxe: make 4 GB table allocation limit optional

2016-02-25 Thread David Woodhouse
On Thu, 2016-02-25 at 17:16 +0100, Ard Biesheuvel wrote: > > > This appears to break the build with VS2008 for me: > > > > e:\edk2\mdemodulepkg\universal\acpi\acpitabledxe\acpitableprotocol.c(98 > > 4) : warning C4701: potentially uninitialized local variable > > 'CurrentRsdtEntry' used > > LINK

Re: [edk2] [PATCH v4 1/2] MdeModulePkg: AcpiTableDxe: make 4 GB table allocation limit optional

2016-02-25 Thread David Woodhouse
On Tue, 2016-02-23 at 18:35 +0100, Ard Biesheuvel wrote: > AARCH64 systems never require compatibility with legacy ACPI OSes, and > may not have any 32-bit addressable system RAM. To support ACPI on these > systems, we need to be able to relax the 4 GB allocation restriction. > > So add a PCD

Re: [edk2] [PATCH 0/4] free(NULL) and realloc(NULL, size) conformance improvements

2016-02-25 Thread David Woodhouse
On Thu, 2016-02-25 at 11:01 +0100, Laszlo Ersek wrote: > > > Anyway, I've rebased my tree on top of yours, > > Thanks -- I'll push the first three patches to edk2 master in a minute, > and I'll post a new version of the fourth. You've committed the one I need. Thanks. > > split up the patch >

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-24 Thread David Woodhouse
On Wed, 2016-02-24 at 18:20 +0100, Laszlo Ersek wrote: > > Now, in the edk2 build, OPENSSL_free() boils down to a FreePool(). > However, *unlike* the free() function of the standard C library, > FreePool() does *not* handle a NULL argument transparently. Well that's just utterly batshit insane,

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-24 Thread David Woodhouse
On Wed, 2016-02-24 at 15:46 +0100, Laszlo Ersek wrote: > On 02/24/16 13:05, David Woodhouse wrote: > > On Tue, 2016-02-23 at 21:57 +0100, Laszlo Ersek wrote: > > > > First of all, I built it for: > > > - OvmfPkg/OvmfIa32.dsc > > > - OvmfPkg/Ovmf

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-24 Thread David Woodhouse
On Tue, 2016-02-23 at 21:57 +0100, Laszlo Ersek wrote: > > I'm testing David's patches from his repo referenced above, master branch, > commits > > 1  81009e3cff24 CryptoPkg: Use OpenSSL include directory directly > 2  8a40ff734a1e CryptoPkg/OpensslLib: Include complete copy of >

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-19 Thread David Woodhouse
On Fri, 2016-02-19 at 14:26 +0100, Laszlo Ersek wrote: > > In file included from > .../CryptoPkg/Library/OpensslLib/openssl/crypto/bn/bn_add.c:59:0: > .../CryptoPkg/Library/OpensslLib/openssl/crypto/bn/bn_lcl.h:114:31: > fatal error: internal/bn_conf.h: No such file or directory >  # include

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-19 Thread David Woodhouse
On Fri, 2016-02-19 at 10:43 +0100, Laszlo Ersek wrote: > > I can test this for you, if you give me precise instructions. > > (I'm asking for instructions because CryptoPkg/Include/openssl/README is > deleted in one of the early patches.) It moved from Patch-HOWTO.txt to OpenSSL-HOWTO.txt since

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-19 Thread David Woodhouse
ur "out-of-the-box" integration. Yeah, I might actually throw the whole lot away and start again, adding only what's needed (and only then when I can't make OpenSSL *stop* needing it)... -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-19 Thread David Woodhouse
sidered "obviously" bugs — like including anything in netinet/ when configured with no-sock for example. And I really don't see why it needs syslog.h for the UEFI build, or dirent.h for a no-stdio (which really means no file access) build. -- David WoodhouseO

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-18 Thread David Woodhouse
ile we stick with 1.0.2. The final two commits need more work (and I'm hoping you follow through on the discussion about the HMAC APIs), but are mostly useful for ensuring that OpenSSL HEAD *stays* working as it approaches release. --  David WoodhouseOpen Source Techn

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-18 Thread David Woodhouse
On Thu, 2016-02-18 at 14:27 +, David Woodhouse wrote: > On Thu, 2016-02-18 at 14:58 +0100, Laszlo Ersek wrote: > >  > > Then I gave my R-b to this patch, admitting that I couldn't verify the > > edk2-only customizations against the 1.0.2f release. > >  > &g

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-18 Thread David Woodhouse
On Thu, 2016-02-18 at 14:58 +0100, Laszlo Ersek wrote: > > Then I gave my R-b to this patch, admitting that I couldn't verify the > edk2-only customizations against the 1.0.2f release. > > Turns out those customizations are indeed no longer correct, so my R-b > was in error. Er, aren't they?

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-18 Thread David Woodhouse
tely insane if you aren't using git properly" things fixed first... like using LF in the stored files. -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com Intel Corporation smime.p7s Description: S/MIME crypt

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-18 Thread David Woodhouse
his week though; I'm not about to attempt to boot a Windows machine and check :) Either way, such a change will be *very* quickly lost in the dim and distant past — rather than being a constant problem and a barrier to contributions. -- David WoodhouseOpen S

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-18 Thread David Woodhouse
it 100% from an external, unmodified upstream tarball (I think this is > what David has been working on, right?) As noted yesterday, we're two trivial patches from being able to use the next OpenSSL 1.1.0 beta snapshot "out of the box" with EDK2. -

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-18 Thread David Woodhouse
o fix up the SVN->git mirror, and we knew we needed to do this *long* before git actually became the "primary" system. And even if we've missed the chance to do it "in retrospect" for historical commits in our canonical git repository, we could still make a commit now which *cha

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-18 Thread David Woodhouse
SSL 1.1. FWIW I was unable to apply the patch from your email; if there was ever a trick to managing the bogus line endings, I've forgotten it. Can we *please* keep native line endings in the git tree and let it be checked out into the native form — like everyone else does? -- David Woodhouse

Re: [edk2] [Patch] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2f

2016-02-18 Thread David Woodhouse
I *did* like having "it's easy now..." as the commit comment. That exercise has highlighted one more potential improvement — the upgrade from 1.0.2e to 1.0.2f did require changing about 18 instances of the string "1.0.2e" to "1.0.2f". I'll see if I can cut that down. -- D

[edk2] [PATCH 7/7] CryptoPkg: Abuse internal headers to make OpenSSL HEAD build work

2016-02-17 Thread David Woodhouse
More stuff got hidden. Some of this is tolerable. Other bits are horrid, but given that we expose *requires* that we know the size of the data structure, it's hard to see how we can avoid it. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: David Woodhouse <david.woo

[edk2] [PATCH 2/7] CryptoPkg/OpensslLib: Include complete copy of opensslconf.h

2016-02-17 Thread David Woodhouse
-under: TianoCore Contribution Agreement 1.0 Signed-off-by: David Woodhouse <david.woodho...@intel.com> ---  CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2e.patch | 323 -  CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt|   6 +-  CryptoPkg/Library/OpensslLib/openssl

[edk2] [PATCH 1/7] CryptoPkg: Use OpenSSL include directory directly

2016-02-17 Thread David Woodhouse
update to 1.1, we can just kill Install.cmd completely (as well as the patching step too, hopefully.) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: David Woodhouse <david.woodho...@intel.com> ---  CryptoPkg/CryptoPkg.dec  |   1 +  CryptoPkg/Include/o

[edk2] EDK2 vs. OpenSSL HEAD update

2016-02-17 Thread David Woodhouse
, and stand alone. The last patch in the series stands alone for reasons which will be obvious when you see it. David Woodhouse (7):   CryptoPkg: Use OpenSSL include directory directly   CryptoPkg/OpensslLib: Include complete copy of opensslconf.h   CryptoPkg/OpensslLib: Update OpenSSL patch

Re: [edk2] [PATCH 3/4] CryptoPkg/OpensslLib: comment out unused code

2015-12-03 Thread David Woodhouse
On Thu, 2015-12-03 at 12:32 +0100, Ard Biesheuvel wrote: > > > ... or maybe not (I hit send too soon) > > It does not appear that there are any tests for those #defines > anywhere, and the pqueue and ts_* source files are built > unconditionally by the standard Makefiles. That might be OK. I

Re: [edk2] [PATCH 3/4] CryptoPkg/OpensslLib: comment out unused code

2015-12-03 Thread David Woodhouse
On Thu, 2015-12-03 at 11:50 +0100, Ard Biesheuvel wrote: > This comments out the pqueue and ts_* source files from the > OpensslLib build, since they have no users. These are going to be auto-generated from the OpenSSL build system (see the process_files.sh script in the patches I've been

  1   2   >