summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArd Biesheuvel <ardb@kernel.org>2024-09-03 22:21:23 +0200
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>2024-09-04 10:22:35 +0000
commit99d60cbd3990fe8f5b86eaab40876fbbf9d99084 (patch)
tree70ec599ddf760ed26a90933551198ac461441330
parent1240a722f8466930cced7f7d40a3fb6a29efb146 (diff)
downloadedk2-99d60cbd3990fe8f5b86eaab40876fbbf9d99084.tar.gz
edk2-99d60cbd3990fe8f5b86eaab40876fbbf9d99084.tar.bz2
edk2-99d60cbd3990fe8f5b86eaab40876fbbf9d99084.zip
ArmVirtPkg ARM: Move to MbedTls for crypto
Move all BaseCryptLib resolutions for 32-bit ARM to MbedTls, which does not require a softfloat library, which can therefore be dropped from EDK2 entirely going forward. Note that this implies no TLS networking for 32-bit ARM, as this code has a direct dependency on OpenSSL, so move the TlsLib resolution to a AARCH64-only section to force the build to fail early when attempting to build 32-bit ARM targets with NETWORK_TLS_ENABLE set. Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
-rw-r--r--ArmVirtPkg/ArmVirt.dsc.inc17
-rw-r--r--ArmVirtPkg/ArmVirtQemu.dsc8
2 files changed, 14 insertions, 11 deletions
diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
index 4f35da9a2a..0439455304 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -87,10 +87,6 @@
# Networking Requirements
!include NetworkPkg/NetworkLibs.dsc.inc
-!if $(NETWORK_TLS_ENABLE) == TRUE
- TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
-!endif
-
#
# It is not possible to prevent the ARM compiler from inserting calls to intrinsic functions.
@@ -155,7 +151,6 @@
!else
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
!endif
- BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
ArmTrngLib|ArmPkg/Library/ArmTrngLib/ArmTrngLib.inf
ArmMonitorLib|ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.inf
@@ -266,12 +261,20 @@
!endif
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf
-!if $(SECURE_BOOT_ENABLE) == TRUE
+[LibraryClasses.AARCH64.DXE_RUNTIME_DRIVER]
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
-!endif
+
+[LibraryClasses.ARM.DXE_RUNTIME_DRIVER]
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf
+
+[LibraryClasses.AARCH64]
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+ TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
[LibraryClasses.ARM]
ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf
+ MbedTlsLib|CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf
RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
[BuildOptions]
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index 713710c499..56512594ad 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -102,16 +102,16 @@
[LibraryClasses.common.PEIM]
ArmVirtMemInfoLib|ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoPeiLib.inf
-
-!if $(TPM2_ENABLE) == TRUE
ArmMonitorLib|ArmVirtPkg/Library/ArmVirtQemuMonitorPeiLib/ArmVirtQemuMonitorPeiLib.inf
- BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
FdtLib|MdePkg/Library/BaseFdtLib/BaseFdtLib.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
-!endif
[LibraryClasses.AARCH64.PEIM]
ArmMmuLib|ArmPkg/Library/ArmMmuLib/ArmMmuPeiLib.inf
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+
+[LibraryClasses.ARM.PEIM]
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf
[LibraryClasses.common.DXE_DRIVER]
AcpiPlatformLib|OvmfPkg/Library/AcpiPlatformLib/DxeAcpiPlatformLib.inf