-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OvmfPkg: Add C runtime apis referenced by Boringssl #6539
base: master
Are you sure you want to change the base?
Conversation
57ed2aa
to
923c0fe
Compare
Please provide some context about what BoringSSL is, why it exists and why it is important for us [Google] to support it in EDK2. The changes themselves look reasonable to me, but it would be better to create a separate C file for them - that way, even non-LTO builds will only pull |
Thank you @ardbiesheuvel . I have addressed these comments, except that I kept strdup in CrtWrapper.c with other string functions.
|
OK But please combine these changes into a single patch. |
Is this part of the work to bring in BoringSSL? I don't see the benefit of this change at the moment when BoringSSL is not supported in CryptoPkg yet. |
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs. As documented at https://boringssl.googlesource.com/boringssl, Boringssl manages Google's patches to openssl and is used in almost all of Google products that rely on OpenSSL. A fork of EDK2 forms the basis for the Uefi code in GCP compute and Google would like to use Boringssl to work with it. As part of that effort, there are many C runtime apis that get referenced and are currently not implemented in EDK2. This change adds those apis to edk2. In particular, this change adds the following : - Stubs for file functions added to CrtWrapper.c. These have been implemented to return -1 rather than 0 since there is no file system support. This will ensure that any calls into these apis will return failure. - Implementation of (strdup : string duplication function) - Implementations of the following apis in CrtUtils.c, which are referenced and used by the Boringssl code : bsearch : binary search getentropy : return entropy of requested length Signed-off-by: Leena Soman <[email protected]>
|
Hi @liyi77 , |
Hi, is BoringSSL a replacement of OpenSSL or is it an independent Lib like MbedTls? If it is the second case, then there should be a separate BaseCryptLibBoringSsl instead of reusing the openssl one. |
Description
As part of the effort to get Boringssl to work with EDK2, there are many C runtime apis that get referenced and are currently not implemented in EDK2. This change adds those apis to edk2. In particular, this change adds the following :
Stubs for file functions. These have been implemented to return -1 rather than 0 since there is no file system support. This will ensure that any calls into these apis will return failure.
Implementations of the following api which are referenced and used by Boringssl code :
strdup : string duplication function
bsearch : binary search
getentropy : return entropy of requested length
How This Was Tested
Integration Instructions
NA