(mirror of https://github.com/vyos/efi-boot-shim.git) https://git.amelek.net/vyos/efi-boot-shim.git/atom?h=15.3 2021-03-12T09:15:01+00:00 2021-03-12T09:15:01+00:00 Peter Jones pjones@redhat.com 2021-03-11T21:48:44+00:00 urn:sha1:4457d79ce0ea638e7732f5529bf13849e290940d Be much more explicit about exactly which va_* stuff comes from which ABI in both shim and gnu-efi. This fixes the problem where we see: | (null):0:(null)() v->name:"(null)" v->rtname:"(null)" | (null):0:(null)() v->data_size:0 v->data:0x0 and similar messages where everything is NULL. Signed-off-by: Peter Jones <pjones@redhat.com> 2021-03-12T09:15:01+00:00 Peter Jones pjones@redhat.com 2021-03-11T16:40:46+00:00 urn:sha1:df74fff124a84428c9717a89ff00ca0931d09c52 Signed-off-by: Peter Jones <pjones@redhat.com> 2021-03-10T20:54:20+00:00 Peter Jones pjones@redhat.com 2021-03-09T22:15:53+00:00 urn:sha1:1bc4bf063adf57a17e5d6d8dc6399f03080a0566 gcc -Wextra, has a lot of good, useful checks, a few obnoxious checks, and a few absolutely insane checks. This enables -Wextra, but disables -Wmissing-field-initializers, because it is irrational nonsense that just leads to worse code. It also disables some specific things in the Cryptlib and Cryptlib/OpenSSL trees: Both: -Wno-unused-parameter - there are a fair number of functions that have to conform to some API or another but have arguments that are unused, but haven't been marked with UNUSED; we don't need to see warnings about them. Cryptlib/OpenSSL: -Wno-empty-body - functions that exist merely to populate some API -Wno-implicit-fallthrough - these probably should get fixed someday, but I bet upstream will do it and rebasing will solve it -Wno-old-style-declaration - this gripes if you write "const static" instead of "static const". Again I expect rebasing will fix it at some point. -Wno-unused-but-set-variable - self explanatory, and again, I expect a rebase to solve it someday. Signed-off-by: Peter Jones <pjones@redhat.com> 2021-03-10T20:54:20+00:00 Paul Moore pmoore2@cisco.com 2021-03-09T17:15:00+00:00 urn:sha1:f5493df9c626a7436803d1e68b0118f4d041e0fa There were a couple cases of "uninitialized variable" warnings in the imported OpenSSL code; I used the current OpenSSL code as a guide for picking the default values used here. On my dev system there is one remaining build warning in OpenSSL's crypto/asn1/x_pkey.c:X509_PKEY_new() function. Unfortunately it involves some preprocessor crimes and the fix would be a bit ugly. Fortunately it appears the warning here is harmless and can be ignored. As a point of reference, my build system is a current Arch install with GCC v10.2.0 and GNU-EFI v 3.0.12. Signed-off-by: Paul Moore <pmoore2@cisco.com> 2021-03-10T20:54:20+00:00 Peter Jones pjones@redhat.com 2021-03-09T19:40:03+00:00 urn:sha1:9beca885c29c77bb901547321a5ce6fd3c9c8ee3 This gets us the same working definition for VA_* va_* etc everywhere, and it's the same definition edk2 is using. Signed-off-by: Peter Jones <pjones@redhat.com> 2021-03-10T20:54:20+00:00 Peter Jones pjones@redhat.com 2021-03-09T17:16:23+00:00 urn:sha1:78809820b5a3f79a0bfbec00e630e40011acf4ec Some time ago, commit e571428e212 ("Update to openssl to 1.0.2e") changed the way we define the va_* (and VA_*) functions and macros. Unfortunately, it only changed for some parts of the tree, and the different parts of the tree need to both call each other and use the same types in all cases. Additionally, they need to all be able to call gnu-efi functions such as VPrint, which means they need the same va_list type definitions everywhere. This partially reverts that patch, adding EFIAPI back and unsetting NO_BUILTIN_VA_FUNCS everywhere. 2021-03-10T20:54:20+00:00 Peter Jones pjones@redhat.com 2021-03-09T16:42:34+00:00 urn:sha1:f033a1da9f4c3acf7e3dfef906d01e348b6fcf42 This re-structures our includes so we can be sure everything is always including all the system headers in a uniform, predictable way. Temporarily it also adds a bunch of junk at all the places we use variadic functions to specifically pick either the MS (cdecl) or ELF ABIs. I'm not 100% sure that's all correct (see later patch) but it's enough to allow this to build. Signed-off-by: Peter Jones <pjones@redhat.com> 2021-03-09T21:52:53+00:00 Peter Jones pjones@redhat.com 2021-03-05T23:01:29+00:00 urn:sha1:4425a1bf8b60cc4a3a17f5ee98d0ee771447815d This patch does some makefile cleanups, to fix the parts that are actually just bad that the previous patch left in for clarity: - removes -fno-builtin . This flag is implied by -ffreestanding , which we use everywhere. - gets rid of the two places where ARM has their own -O flags for no real reason. Note that this will make those use -Os instead of -O2. - export VERBOSE and DEBUG if they're set. Signed-off-by: Peter Jones <pjones@redhat.com> 2021-03-09T21:52:53+00:00 Peter Jones pjones@redhat.com 2021-03-08T17:42:21+00:00 urn:sha1:7d5df1cebdbdc3ed11cde165a752cf358878aa8a This improves our static analysis targets by making them work better with our make variables, and inhibits the use of ccache while building those. Signed-off-by: Peter Jones <pjones@redhat.com> 2021-03-09T21:52:53+00:00 Peter Jones pjones@redhat.com 2021-03-08T16:54:33+00:00 urn:sha1:1954ef164a55cbc4369f513cca3fb43f3550d81a These are all the NULL pointer dereferences (which all appear to be, at worst, very difficult to hit) that gcc -fanalyzer finds in our OpenSSL code. Signed-off-by: Peter Jones <pjones@redhat.com>