Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Drop non-shared crypto from QemuQ35Pkg and QemuSbsaPkg #835

Merged
merged 1 commit into from
Feb 1, 2024
Merged

Drop non-shared crypto from QemuQ35Pkg and QemuSbsaPkg #835

merged 1 commit into from
Feb 1, 2024

Conversation

makubacki
Copy link
Member

@makubacki makubacki commented Jan 31, 2024
edited
Loading

Description

Moving forward the OpenSSL submodule will no longer be present in
CryptoPkg and the only option to integrate crypto into the platform
will be shared crypto (via the binary crypto ext dep).

The option to enable/disable shared crypto is removed since disabling
it is no longer an option.

Notes:

  • Integrates newly available AARCH64 PEI and Standalone MM shared crypto binaries.

  • The BaseCryptLibUnitTest EFI shell test is removed since it depends on
    functions not present in the PPI/Protocol instances of BaseCryptLib and
    the crypto releases should have the tests run before the release is made.

  • Runtime DXE crypto is not currently available. It is only needed at this time for
    the non-SMM instance of QemuQ35Pkg (VariableRuntimeDxe). Since this is not the
    primary target for QemuQ35Pkg, the Runtime DXE binary will be updated in the
    future to unblock Mu Basecore updates in Mu Tiano Platforms.

Updates these submodules to the following release points:

  • Impacts functionality?
    • Functionality - Does the change ultimately impact how firmware functions?
    • Examples: Add a new library, publish a new PPI, update an algorithm, ...
  • Impacts security?
    • Security - Does the change have a direct security impact on an application,
      flow, or firmware?
    • Examples: Crypto algorithm change, buffer overflow fix, parameter
      validation improvement, ...
  • Breaking change?
    • Breaking change - Will anyone consuming this change experience a break
      in build or boot behavior?
    • Examples: Add a new library class, move a module to a different repo, call
      a function in a new library class in a pre-existing module, ...
  • Includes tests?
    • Tests - Does the change include any explicit test code?
    • Examples: Unit tests, integration tests, robot tests, ...
  • Includes documentation?
    • Documentation - Does the change contain explicit documentation additions
      outside direct code modifications (and comments)?
    • Examples: Update readme file, add feature readme file, link to documentation
      on an a separate Web page, ...

How This Was Tested

  • QemuQ35Pkg and QemuSbsaPkg CI build and boot.

Integration Instructions

  • These changes only affect the mu_tiano_platforms.

@makubacki makubacki added the type:design-change A new proposal or modification to a feature design label Jan 31, 2024
@makubacki makubacki self-assigned this Jan 31, 2024
@github-actions github-actions bot added the impact:security Has a security impact label Jan 31, 2024
@makubacki makubacki mentioned this pull request Jan 31, 2024
Closed
@makubacki makubacki force-pushed the update_202302_w_aarch64_shared_crypto branch 2 times, most recently from 0985a78 to 6773074 Compare February 1, 2024 15:16
@makubacki
Copy link
Member Author

Now just waiting on microsoft/mu_basecore#715 to complete.

@makubacki makubacki force-pushed the update_202302_w_aarch64_shared_crypto branch from 6773074 to 6f7963d Compare February 1, 2024 16:59
@makubacki
Copy link
Member Author

Now just waiting on microsoft/mu_basecore#715 to complete.

Done. The PR has all changes now.

@makubacki
Drop non-shared crypto from QemuQ35Pkg and QemuSbsaPkg
b56aaf3 
Moving forward the OpenSSL submodule will no longer be present in
CryptoPkg and the only option to integrate crypto into the platform
will be shared crypto (via the binary crypto ext dep).

The option to enable/disable shared crypto is removed since disabling
it is no longer an option.

The BaseCryptLibUnitTest EFI shell test is removed since it depends
on functions not present in the PPI/Protocol instances of BaseCryptLib
and the crypto releases should have the tests run before the release
is made.

Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
@makubacki makubacki force-pushed the update_202302_w_aarch64_shared_crypto branch from 6f7963d to b56aaf3 Compare February 1, 2024 16:59
@makubacki makubacki requested a review from apop5 February 1, 2024 17:00
@makubacki makubacki enabled auto-merge (squash) February 1, 2024 17:00
@makubacki makubacki merged commit 0208c0e into microsoft:main Feb 1, 2024
28 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kuqin12 kuqin12 kuqin12 approved these changes

@apop5 apop5 apop5 approved these changes

@kenlautner kenlautner Awaiting requested review from kenlautner

Assignees

@makubacki makubacki

Labels
impact:security Has a security impact type:design-change A new proposal or modification to a feature design
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@makubacki @kuqin12 @apop5