[RFC][IN-PROGRESS] RFC: Migrate to edk2-Crypto#8
Open
Flickdm wants to merge 1 commit intotianocore:mainfrom
Open
[RFC][IN-PROGRESS] RFC: Migrate to edk2-Crypto#8Flickdm wants to merge 1 commit intotianocore:mainfrom
Flickdm wants to merge 1 commit intotianocore:mainfrom
Conversation
os-d
reviewed
Feb 5, 2026
|
|
||
| - Add edk2-crypto as submodule to EDK2 | ||
| - Update OVMF as reference implementation | ||
| - Platform migration: add submodule, update PACKAGES_PATH, update DSC mappings |
There was a problem hiding this comment.
If edk2 has edk2-crypto as a submodule, platforms wouldn’t need to include it as a submodule, right?
liyi77
reviewed
Feb 6, 2026
|
|
||
| ### What Moves to edk2-crypto | ||
|
|
||
| - **OpensslPkg** - OpenSSL-based BaseCryptLib + OpensslLib + IntrinsicLib |
There was a problem hiding this comment.
EDK2 didn't allow to use submodule's submodule:
https://github.com/tianocore/edk2?tab=readme-ov-file#submodules
makubacki
reviewed
Feb 6, 2026
|
|
||
| - Platforms must be able to build with edk2-crypto as a submodule | ||
| - No C code changes required for migration (DSC/submodule only) | ||
| - Both OpensslPkg and MbedTlsPkg must implement BaseCryptLib.h |
Member
There was a problem hiding this comment.
You might want to consider the breakout of crypto providers to OpensslPkg and MbedTlsPkg in a separate and dedicated RFC.
That can happen independently of a repo switch. The edk2-crytpo repo RFC could then refer to that RFC.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
RFC: Migrate to Edk2-Crypto
This RFC proposes new separation boundaries between edk2 and edk2-crypto.
The end goal here is to unify crypto history and improve reviews by cryptographic auditors.
There are additional separate benefits to this model detailed in the RFC.
This proposed RFC describes how to separate and what items would go where.
Display the Rich Text for the best view of the diagrams.