From 9d3f57c2b59b86d9a7d309e4a362ca3fd1f8c229 Mon Sep 17 00:00:00 2001 From: kenlautner <85201046+kenlautner@users.noreply.github.com> Date: Fri, 19 Jan 2024 12:06:43 -0800 Subject: [PATCH] Removed references to OpensslLib and changed all instances of BaseCryptLib to be the NULL implementation (#222) ## Description There are some references to BaseCryptLib and Openssl in package dsc files. In MU_BASECORE Openssl and it's BaseCryptLib implementations were removed so we need to update to using the NULL lib. - [ ] Impacts functionality? - **Functionality** - Does the change ultimately impact how firmware functions? - Examples: Add a new library, publish a new PPI, update an algorithm, ... - [ ] Impacts security? - **Security** - Does the change have a direct security impact on an application, flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter validation improvement, ... - [ ] Breaking change? - **Breaking change** - Will anyone consuming this change experience a break in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call a function in a new library class in a pre-existing module, ... - [ ] Includes tests? - **Tests** - Does the change include any explicit test code? - Examples: Unit tests, integration tests, robot tests, ... - [ ] Includes documentation? - **Documentation** - Does the change contain explicit documentation additions outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation on an a separate Web page, ... ## How This Was Tested Tested with CI ## Integration Instructions N/A --- FmpDevicePkg/FmpDevicePkg.ci.yaml | 7 ++-- FmpDevicePkg/FmpDevicePkg.dsc | 17 ++++---- SecurityPkg/SecurityPkg.ci.yaml | 7 ++-- SecurityPkg/SecurityPkg.dsc | 66 +++++++++++++++++-------------- 4 files changed, 54 insertions(+), 43 deletions(-) diff --git a/FmpDevicePkg/FmpDevicePkg.ci.yaml b/FmpDevicePkg/FmpDevicePkg.ci.yaml index 61e93e0246..4404d20676 100644 --- a/FmpDevicePkg/FmpDevicePkg.ci.yaml +++ b/FmpDevicePkg/FmpDevicePkg.ci.yaml @@ -68,8 +68,9 @@ "loongarch", "loongson" ] - }, - "Defines": { - "BLD_*_CONTINUOUS_INTEGRATION": "TRUE", } + # MU_CHANGE - Removed conditional logic around openssl crypto so this is no longer necessary + #"Defines": { + # "BLD_*_CONTINUOUS_INTEGRATION": "TRUE", + #} } diff --git a/FmpDevicePkg/FmpDevicePkg.dsc b/FmpDevicePkg/FmpDevicePkg.dsc index e5ab7e0f82..dc94bee3b8 100644 --- a/FmpDevicePkg/FmpDevicePkg.dsc +++ b/FmpDevicePkg/FmpDevicePkg.dsc @@ -55,14 +55,17 @@ DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf -!ifdef CONTINUOUS_INTEGRATION +# MU_CHANGE [START] - Remove references to openssl crypto +#!ifdef CONTINUOUS_INTEGRATION +# BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf +#!else +# IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf +# OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf +# BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +# RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf +#!endif BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf -!else - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf - RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf -!endif +# MU_CHANGE [END] FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf CapsuleUpdatePolicyLib|FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/CapsuleUpdatePolicyLibNull.inf FmpPayloadHeaderLib|FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHeaderLibV1.inf diff --git a/SecurityPkg/SecurityPkg.ci.yaml b/SecurityPkg/SecurityPkg.ci.yaml index 4a2b4a35e4..53fd7b30e2 100644 --- a/SecurityPkg/SecurityPkg.ci.yaml +++ b/SecurityPkg/SecurityPkg.ci.yaml @@ -142,9 +142,10 @@ "AdditionalIncludePaths": [] # Additional paths to spell check (wildcards supported) }, - "Defines": { - "BLD_*_CONTINUOUS_INTEGRATION": "TRUE", - }, + # MU_CHANGE - Removed conditional logic around openssl crypto so this is no longer necessary + #"Defines": { + # "BLD_*_CONTINUOUS_INTEGRATION": "TRUE", + #}, "DebugMacroCheck": { "StringSubstitutions": { diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index cd4bd88717..d9e9602b46 100644 --- a/SecurityPkg/SecurityPkg.dsc +++ b/SecurityPkg/SecurityPkg.dsc @@ -120,13 +120,16 @@ PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLib/PeiServicesTablePointerLib.inf HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf -!ifdef CONTINUOUS_INTEGRATION +# MU_CHANGE [START] - Remove references to openssl crypto +#!ifdef CONTINUOUS_INTEGRATION +# BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf +#!else +# IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf +# OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf +# BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +#!endif BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf -!else - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf -!endif +# MU_CHANGE [END] HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf @@ -138,13 +141,7 @@ [LibraryClasses.common.DXE_DRIVER] HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf -!ifdef CONTINUOUS_INTEGRATION BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf -!else - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf -!endif HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf @@ -160,25 +157,31 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] ReportStatusCodeLib|MdeModulePkg/Library/RuntimeDxeReportStatusCodeLib/RuntimeDxeReportStatusCodeLib.inf -!ifdef CONTINUOUS_INTEGRATION +# MU_CHANGE [START] - Remove references to openssl crypto +#!ifdef CONTINUOUS_INTEGRATION +# BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf +#!else +# IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf +# OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf +# BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf +#!endif BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf -!else - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf -!endif +# MU_CHANGE [END] HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf [LibraryClasses.common.UEFI_DRIVER, LibraryClasses.common.UEFI_APPLICATION] -!ifdef CONTINUOUS_INTEGRATION +# MU_CHANGE [START] - Remove references to openssl crypto +#!ifdef CONTINUOUS_INTEGRATION +# BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf +#!else +# IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf +# OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf +# BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +#!endif BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf -!else - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf -!endif +# MU_CHANGE [END] HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf @@ -191,13 +194,16 @@ MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAllocationLib.inf ReportStatusCodeLib|MdeModulePkg/Library/SmmReportStatusCodeLib/SmmReportStatusCodeLib.inf SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf -!ifdef CONTINUOUS_INTEGRATION +# MU_CHANGE [START] - Remove references to openssl crypto +#!ifdef CONTINUOUS_INTEGRATION +# BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf +#!else +# IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf +# OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf +# BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf +#!endif BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf -!else - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf -!endif +# MU_CHANGE [END] Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf Tcg2PhysicalPresenceLib|SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf