Add RT DXE Shared Crypto [Rebase & FF] #67
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
UefiRuntimeLib needs to be included in [LibaryClasses] to properly link the functions. gEfiEventVirtualAddressChangeGuid is missing in the [Guids] section. Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
The migration commit (455ca6b) contained an older section of code in the DSC generation section. This restores the section to match the contents in microsoft/mu_basecore#713. Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
In CryptoBinPkg, some files (like Crypto.inc.dsc) are used during the build. This should come from the latest revisions in the mu_crypto_release repo (which doesn't use the actual binaries). In consuming repos, the path will likely come from MU_BASECORE. Tehcnically, the ext dep could be defined anywhere. To satisfy both of these needs and make the location more portable in general, an environment variable is introduced to track the path. In mu_crypto_release, the path will be set to "CryptoBinPkg". In shared crypto consuming repos, it will be set in the ext dep to the path the binaries are placed in. Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Currently built for IA32 and X64, the CryptoRuntimeDxe driver produces the EDK II Crypto protocol backed by runtime code buffers so the functionality can be invoked at OS runtime. Consuming RT DXE drivers should link an instance of BaseCryptLib that is RT DXE compatible, like the RuntimeDxeCryptLib in CryptoPkg. RUNTIMEDXE_CRYPTO_SERVICES and RUNTIMEDXE_CRYPTO_ARCH should be set in platform DSC files to a value other than "NONE" to use the driver. Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
makubacki
added
type:enhancement
github-actions
bot
added
language:python
Refreshes content in the main repo and shared crypto readme files to reflect recent changes and current process. Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
makubacki
force-pushed
the
add_rt_dxe_shared_crypto
branch
from
e86b9fa to
c31490d
Compare
kenlautner
approved these changes
Feb 13, 2024
5 tasks
apop5
approved these changes
Feb 14, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Closes #55
Primary purpose is to add Runtime DXE shared crypto. Other fixes and
updates are included. Below is a summary of the changes.
OpensslPkg/RuntimeCryptLib: Fix build issues
UefiRuntimeLib needs to be included in [LibaryClasses] to properly
link the functions. gEfiEventVirtualAddressChangeGuid is missing
in the [Guids] section.
generate_cryptodriver.py: Fix migration regression
The migration commit (455ca6b) contained an older section of code in
the DSC generation section. This restores the section to match the
contents in microsoft/mu_basecore#713.
Use SHARED_CRYPTO_PATH for the shared crypto path
In CryptoBinPkg, some files (like Crypto.inc.dsc) are used during
the build. This should come from the latest revisions in the
mu_crypto_release repo (which doesn't use the actual binaries).
In consuming repos, the ext dep could be defined anywhere. To
satisfy both of these needs and make the location more portable in
general, a build environment variable is introduced to track the
path.
In mu_crypto_release, the path will be set to "CryptoBinPkg". This
will cause its build to reference the files in the code tree. In
shared crypto consuming repos, it is set in the ext dep (during build)
to the path the binaries are placed in.
Add shared crypto Runtime DXE driver
Adds the CryptoRuntimeDxe driver, currently built for IA32 and X64,
it produces the EDK II Crypto protocol backed by runtime code buffers
so the functionality can be invoked at OS runtime.
Consuming RT DXE drivers should link an instance of BaseCryptLib
that is RT DXE compatible, like the RuntimeDxeCryptLib in
CryptoPkg.
RUNTIMEDXE_CRYPTO_SERVICES and RUNTIMEDXE_CRYPTO_ARCH should be set
in platform DSC files to a value other than "NONE" to use the driver.
Update readmes for recent changes
Refreshes content in the main repo and shared crypto readme files
to reflect recent changes and current process.
flow, or firmware?
validation improvement, ...
in build or boot behavior?
a function in a new library class in a pre-existing module, ...
outside direct code modifications (and comments)?
on an a separate Web page, ...
How This Was Tested
Integration Instructions
Use the new Runtime DXE shared crypto binaries if needed for a
platform.