From patchwork Wed Oct 5 06:44:05 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mikko Rapeli X-Patchwork-Id: 13548 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 57001C4332F for ; Wed, 5 Oct 2022 06:44:23 +0000 (UTC) Received: from mail.kapsi.fi (mail.kapsi.fi [91.232.154.25]) by mx.groups.io with SMTP id smtpd.web09.20852.1664952252965257158 for ; Tue, 04 Oct 2022 23:44:13 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=none, err=permanent DNS error (domain: lakka.kapsi.fi, ip: 91.232.154.25, mailfrom: mcfrisk@lakka.kapsi.fi) Received: from kapsi.fi ([2001:67c:1be8::11] helo=lakka.kapsi.fi) by mail.kapsi.fi with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ofy8W-00Cmss-Cx; Wed, 05 Oct 2022 09:44:08 +0300 Received: from mcfrisk by lakka.kapsi.fi with local (Exim 4.94.2) (envelope-from ) id 1ofy8V-00Aahb-US; Wed, 05 Oct 2022 09:44:07 +0300 From: Mikko Rapeli To: openembedded-core@lists.openembedded.org Cc: docs@lists.yoctoproject.org, Mikko Rapeli Subject: [PATCH v3 1/5] openssl-native.bbclass: add bbclass Date: Wed, 5 Oct 2022 09:44:05 +0300 Message-Id: <20221005064405.2523460-1-mikko.rapeli@linaro.org> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-Rspam-Score: -1.2 (-) X-Rspam-Report: Action: no action Symbol: RCVD_TLS_LAST(0.00) Symbol: ARC_NA(0.00) Symbol: DMARC_POLICY_SOFTFAIL(0.10) Symbol: FROM_HAS_DN(0.00) Symbol: RCPT_COUNT_THREE(0.00) Symbol: R_MISSING_CHARSET(0.50) Symbol: TO_MATCH_ENVRCPT_ALL(0.00) Symbol: MIME_GOOD(-0.10) Symbol: TO_DN_SOME(0.00) Symbol: MID_CONTAINS_FROM(1.00) Symbol: R_SPF_NA(0.00) Symbol: FORGED_SENDER(0.30) Symbol: R_DKIM_NA(0.00) Symbol: MIME_TRACE(0.00) Symbol: ASN(0.00) Symbol: FROM_NEQ_ENVFROM(0.00) Symbol: BAYES_HAM(-3.00) Symbol: RCVD_COUNT_TWO(0.00) Message-ID: 20221005064405.2523460-1-mikko.rapeli@linaro.org X-SA-Exim-Connect-IP: 2001:67c:1be8::11 X-SA-Exim-Mail-From: mcfrisk@lakka.kapsi.fi X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 05 Oct 2022 06:44:23 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/171444 Using openssl-native shared libraries correctly is hard. A number of environment variables need to be correctly set or the errors may be really confusing. openssl can be made to detect these paths automatically, but upstream has rejected these ideas. openssl-native provides a wrapper script for 'openssl' binary, but shared library users like python3-cryptgraphy-native need to have the shared libraries working directly. Thus follow example from python3native.bbclass and implement this via openssl-native.bbclass. If full certificate checking is needed, then users also need to DEPEND on ca-certificates-native. See also: https://lists.openembedded.org/g/openembedded-core/topic/93651845#170562 https://github.com/openssl/openssl/issues/19242 https://github.com/openssl/openssl/pull/19260 Signed-off-by: Mikko Rapeli --- meta/classes/openssl-native.bbclass | 7 +++++++ meta/recipes-connectivity/openssl/openssl_3.0.5.bb | 1 + 2 files changed, 8 insertions(+) create mode 100644 meta/classes/openssl-native.bbclass v3: no changes v2: no changes v1: https://lists.openembedded.org/g/openembedded-core/topic/docs_patch_1_4/94110827?p=,,,20,0,0,0::recentpostdate/sticky,,,20,2,0,94110827,previd%3D1664895400514033654,nextid%3D1664840452025327543&previd=1664895400514033654&nextid=1664840452025327543 diff --git a/meta/classes/openssl-native.bbclass b/meta/classes/openssl-native.bbclass new file mode 100644 index 0000000000..753f0b0fa4 --- /dev/null +++ b/meta/classes/openssl-native.bbclass @@ -0,0 +1,7 @@ +DEPENDS += "openssl-native" + +export OPENSSL_MODULES="${STAGING_LIBDIR_NATIVE}/ossl-modules" +export OPENSSL_ENGINES="${STAGING_LIBDIR_NATIVE}/engines-3" +export OPENSSL_CONF="${STAGING_LIBDIR_NATIVE}/ssl-3/openssl.cnf" +export SSL_CERT_DIR="${STAGING_LIBDIR_NATIVE}/ssl-3/certs" +export SSL_CERT_FILE="${STAGING_LIBDIR_NATIVE}/ssl-3/cert.pem" diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.5.bb b/meta/recipes-connectivity/openssl/openssl_3.0.5.bb index 04aff04fab..a0e63d7830 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.0.5.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.0.5.bb @@ -163,6 +163,7 @@ do_install () { ln -sf ${@oe.path.relative('${libdir}/ssl-3', '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-3/openssl.cnf } +# Please keep openssl-native.bbclass in sync with this wrapper do_install:append:class-native () { create_wrapper ${D}${bindir}/openssl \ OPENSSL_CONF=${libdir}/ssl-3/openssl.cnf \ From patchwork Wed Oct 5 06:44:24 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mikko Rapeli X-Patchwork-Id: 13549 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3900EC433FE for ; Wed, 5 Oct 2022 06:44:43 +0000 (UTC) Received: from mail.kapsi.fi (mail.kapsi.fi [91.232.154.25]) by mx.groups.io with SMTP id smtpd.web09.20859.1664952272578088662 for ; Tue, 04 Oct 2022 23:44:33 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=none, err=permanent DNS error (domain: lakka.kapsi.fi, ip: 91.232.154.25, mailfrom: mcfrisk@lakka.kapsi.fi) Received: from kapsi.fi ([2001:67c:1be8::11] helo=lakka.kapsi.fi) by mail.kapsi.fi with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ofy8s-00Cmve-DK; Wed, 05 Oct 2022 09:44:30 +0300 Received: from mcfrisk by lakka.kapsi.fi with local (Exim 4.94.2) (envelope-from ) id 1ofy8s-00AblU-1i; Wed, 05 Oct 2022 09:44:30 +0300 From: Mikko Rapeli To: docs@lists.yoctoproject.org Cc: openembedded-core@lists.openembedded.org, Mikko Rapeli Subject: [PATCH v3 2/5] classes.rst: document openssl-native.bbclass Date: Wed, 5 Oct 2022 09:44:24 +0300 Message-Id: <20221005064424.2527416-1-mikko.rapeli@linaro.org> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-Rspam-Score: -1.2 (-) X-Rspam-Report: Action: no action Symbol: RCVD_TLS_LAST(0.00) Symbol: ARC_NA(0.00) Symbol: DMARC_POLICY_SOFTFAIL(0.10) Symbol: FROM_HAS_DN(0.00) Symbol: RCPT_COUNT_THREE(0.00) Symbol: R_MISSING_CHARSET(0.50) Symbol: TO_MATCH_ENVRCPT_ALL(0.00) Symbol: MIME_GOOD(-0.10) Symbol: TO_DN_SOME(0.00) Symbol: MID_CONTAINS_FROM(1.00) Symbol: R_SPF_NA(0.00) Symbol: FORGED_SENDER(0.30) Symbol: R_DKIM_NA(0.00) Symbol: MIME_TRACE(0.00) Symbol: ASN(0.00) Symbol: FROM_NEQ_ENVFROM(0.00) Symbol: BAYES_HAM(-3.00) Symbol: RCVD_COUNT_TWO(0.00) Message-ID: 20221005064424.2527416-1-mikko.rapeli@linaro.org X-SA-Exim-Connect-IP: 2001:67c:1be8::11 X-SA-Exim-Mail-From: mcfrisk@lakka.kapsi.fi X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 05 Oct 2022 06:44:43 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/171445 It sets various environment variables correctly for openssl-native. Signed-off-by: Mikko Rapeli --- documentation/ref-manual/classes.rst | 11 +++++++++++ 1 file changed, 11 insertions(+) v3: no changes v2: moved doc changes to separate patch diff --git a/documentation/ref-manual/classes.rst b/documentation/ref-manual/classes.rst index 11e0d472e8..5fc30f9233 100644 --- a/documentation/ref-manual/classes.rst +++ b/documentation/ref-manual/classes.rst @@ -1672,6 +1672,17 @@ one such example. However, being aware of this class can reduce the proliferation of different versions of similar classes across multiple layers. +.. _ref-classes-openssl-native: + +``openssl-native.bbclass`` +================== + +The ``openssl-native`` class supports using the native version of openssl +built by the build system rather than support of the version provided +by the build host. It helps setting environment variables for engines, +modules, certificates etc correctly. For full certificate checking +users should also add ``ca-certificates-native`` to :term:`DEPENDS`. + .. _ref-classes-overlayfs: ``overlayfs.bbclass`` From patchwork Wed Oct 5 06:44:44 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mikko Rapeli X-Patchwork-Id: 13550 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 49D03C433FE for ; Wed, 5 Oct 2022 06:44:53 +0000 (UTC) Received: from mail.kapsi.fi (mail.kapsi.fi [91.232.154.25]) by mx.groups.io with SMTP id smtpd.web11.20735.1664952287723401329 for ; Tue, 04 Oct 2022 23:44:48 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=none, err=permanent DNS error (domain: lakka.kapsi.fi, ip: 91.232.154.25, mailfrom: mcfrisk@lakka.kapsi.fi) Received: from kapsi.fi ([2001:67c:1be8::11] helo=lakka.kapsi.fi) by mail.kapsi.fi with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ofy97-00CmxC-Ib; Wed, 05 Oct 2022 09:44:45 +0300 Received: from mcfrisk by lakka.kapsi.fi with local (Exim 4.94.2) (envelope-from ) id 1ofy97-00Aciq-9h; Wed, 05 Oct 2022 09:44:45 +0300 From: Mikko Rapeli To: openembedded-core@lists.openembedded.org Cc: Mikko Rapeli Subject: [PATCH v3 3/5] u-boot: use openssl-native.bbclass Date: Wed, 5 Oct 2022 09:44:44 +0300 Message-Id: <20221005064444.2531838-1-mikko.rapeli@linaro.org> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-Rspam-Score: -1.2 (-) X-Rspam-Report: Action: no action Symbol: RCVD_TLS_LAST(0.00) Symbol: ARC_NA(0.00) Symbol: DMARC_POLICY_SOFTFAIL(0.10) Symbol: FROM_HAS_DN(0.00) Symbol: TO_DN_SOME(0.00) Symbol: R_MISSING_CHARSET(0.50) Symbol: TO_MATCH_ENVRCPT_ALL(0.00) Symbol: MIME_GOOD(-0.10) Symbol: RCPT_COUNT_TWO(0.00) Symbol: MID_CONTAINS_FROM(1.00) Symbol: R_SPF_NA(0.00) Symbol: FORGED_SENDER(0.30) Symbol: R_DKIM_NA(0.00) Symbol: MIME_TRACE(0.00) Symbol: ASN(0.00) Symbol: FROM_NEQ_ENVFROM(0.00) Symbol: BAYES_HAM(-3.00) Symbol: RCVD_COUNT_TWO(0.00) Message-ID: 20221005064444.2531838-1-mikko.rapeli@linaro.org X-SA-Exim-Connect-IP: 2001:67c:1be8::11 X-SA-Exim-Mail-From: mcfrisk@lakka.kapsi.fi X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 05 Oct 2022 06:44:53 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/171446 It sets all environment variables correctly for openssl-native. Signed-off-by: Mikko Rapeli --- meta/recipes-bsp/u-boot/u-boot.inc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) v3: switched from .= to plain = in variable assignment v2: no changes https://lists.openembedded.org/g/openembedded-core/message/171443?p=%2C%2C%2C20%2C0%2C0%2C0%3A%3Arecentpostdate%2Fsticky%2C%2Cu-boot%3A+use+openssl-native.bbclass%2C20%2C2%2C0%2C94116081 v1: https://lists.openembedded.org/g/openembedded-core/message/171377?p=%2C%2C%2C20%2C0%2C0%2C0%3A%3Arecentpostdate%2Fsticky%2C%2Cu-boot%3A+use+openssl-native.bbclass%2C20%2C2%2C0%2C94110197 diff --git a/meta/recipes-bsp/u-boot/u-boot.inc b/meta/recipes-bsp/u-boot/u-boot.inc index f022aed732..c68306f203 100644 --- a/meta/recipes-bsp/u-boot/u-boot.inc +++ b/meta/recipes-bsp/u-boot/u-boot.inc @@ -17,7 +17,8 @@ PACKAGECONFIG ??= "openssl" # u-boot will compile its own tools during the build, with specific # configurations (aka when CONFIG_FIT_SIGNATURE is enabled) openssl is needed as # a host build dependency. -PACKAGECONFIG[openssl] = ",,openssl-native" +OPENSSL_INHERIT = "${@bb.utils.contains('PACKAGECONFIG', 'openssl', 'openssl-native', '', d)}" +inherit ${OPENSSL_INHERIT} # Allow setting an additional version string that will be picked up by the # u-boot build system and appended to the u-boot version. If the .scmversion From patchwork Wed Oct 5 06:44:50 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mikko Rapeli X-Patchwork-Id: 13552 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3EAEAC433F5 for ; Wed, 5 Oct 2022 06:45:03 +0000 (UTC) Received: from mail.kapsi.fi (mail.kapsi.fi [91.232.154.25]) by mx.groups.io with SMTP id smtpd.web11.20736.1664952293933958388 for ; Tue, 04 Oct 2022 23:44:54 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=none, err=permanent DNS error (domain: lakka.kapsi.fi, ip: 91.232.154.25, mailfrom: mcfrisk@lakka.kapsi.fi) Received: from kapsi.fi ([2001:67c:1be8::11] helo=lakka.kapsi.fi) by mail.kapsi.fi with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ofy9D-00Cmxv-VA; Wed, 05 Oct 2022 09:44:52 +0300 Received: from mcfrisk by lakka.kapsi.fi with local (Exim 4.94.2) (envelope-from ) id 1ofy9D-00Ad1r-Ms; Wed, 05 Oct 2022 09:44:51 +0300 From: Mikko Rapeli To: openembedded-core@lists.openembedded.org Cc: Mikko Rapeli Subject: [PATCH v3 4/5] make-mod-scripts: use openssl-native.bbclass Date: Wed, 5 Oct 2022 09:44:50 +0300 Message-Id: <20221005064450.2532912-1-mikko.rapeli@linaro.org> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-Rspam-Score: -1.2 (-) X-Rspam-Report: Action: no action Symbol: RCVD_TLS_LAST(0.00) Symbol: ARC_NA(0.00) Symbol: DMARC_POLICY_SOFTFAIL(0.10) Symbol: FROM_HAS_DN(0.00) Symbol: TO_DN_SOME(0.00) Symbol: R_MISSING_CHARSET(0.50) Symbol: TO_MATCH_ENVRCPT_ALL(0.00) Symbol: MIME_GOOD(-0.10) Symbol: RCPT_COUNT_TWO(0.00) Symbol: MID_CONTAINS_FROM(1.00) Symbol: R_SPF_NA(0.00) Symbol: FORGED_SENDER(0.30) Symbol: R_DKIM_NA(0.00) Symbol: MIME_TRACE(0.00) Symbol: ASN(0.00) Symbol: FROM_NEQ_ENVFROM(0.00) Symbol: BAYES_HAM(-3.00) Symbol: RCVD_COUNT_TWO(0.00) Message-ID: 20221005064450.2532912-1-mikko.rapeli@linaro.org X-SA-Exim-Connect-IP: 2001:67c:1be8::11 X-SA-Exim-Mail-From: mcfrisk@lakka.kapsi.fi X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 05 Oct 2022 06:45:03 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/171447 This sets environment variables correctly for openssl-native. Signed-off-by: Mikko Rapeli --- meta/recipes-kernel/make-mod-scripts/make-mod-scripts_1.0.bb | 1 + 1 file changed, 1 insertion(+) v3: no chnages v2: no changes v1: https://lists.openembedded.org/g/openembedded-core/message/171378?p=%2C%2C%2C20%2C0%2C0%2C0%3A%3Arecentpostdate%2Fsticky%2C%2Copenssl-native.bbclass%2C20%2C2%2C0%2C94110198 diff --git a/meta/recipes-kernel/make-mod-scripts/make-mod-scripts_1.0.bb b/meta/recipes-kernel/make-mod-scripts/make-mod-scripts_1.0.bb index 9afd6714f0..ba290c514d 100644 --- a/meta/recipes-kernel/make-mod-scripts/make-mod-scripts_1.0.bb +++ b/meta/recipes-kernel/make-mod-scripts/make-mod-scripts_1.0.bb @@ -5,6 +5,7 @@ LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/GPL-2.0-only;m inherit kernel-arch inherit pkgconfig +inherit openssl-native PACKAGE_ARCH = "${MACHINE_ARCH}" From patchwork Wed Oct 5 06:44:55 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mikko Rapeli X-Patchwork-Id: 13551 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3EB17C4332F for ; Wed, 5 Oct 2022 06:45:03 +0000 (UTC) Received: from mail.kapsi.fi (mail.kapsi.fi [91.232.154.25]) by mx.groups.io with SMTP id smtpd.web11.20737.1664952299602543108 for ; Tue, 04 Oct 2022 23:45:00 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=none, err=permanent DNS error (domain: lakka.kapsi.fi, ip: 91.232.154.25, mailfrom: mcfrisk@lakka.kapsi.fi) Received: from kapsi.fi ([2001:67c:1be8::11] helo=lakka.kapsi.fi) by mail.kapsi.fi with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ofy9J-00CmyP-AC; Wed, 05 Oct 2022 09:44:57 +0300 Received: from mcfrisk by lakka.kapsi.fi with local (Exim 4.94.2) (envelope-from ) id 1ofy9I-00AdFk-Vo; Wed, 05 Oct 2022 09:44:56 +0300 From: Mikko Rapeli To: openembedded-core@lists.openembedded.org Cc: Mikko Rapeli Subject: [PATCH v3 5/5] linux-yocto: use openssl-native.bbclass Date: Wed, 5 Oct 2022 09:44:55 +0300 Message-Id: <20221005064455.2533842-1-mikko.rapeli@linaro.org> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-Rspam-Score: -1.2 (-) X-Rspam-Report: Action: no action Symbol: RCVD_TLS_LAST(0.00) Symbol: ARC_NA(0.00) Symbol: DMARC_POLICY_SOFTFAIL(0.10) Symbol: FROM_HAS_DN(0.00) Symbol: TO_DN_SOME(0.00) Symbol: R_MISSING_CHARSET(0.50) Symbol: TO_MATCH_ENVRCPT_ALL(0.00) Symbol: MIME_GOOD(-0.10) Symbol: RCPT_COUNT_TWO(0.00) Symbol: MID_CONTAINS_FROM(1.00) Symbol: R_SPF_NA(0.00) Symbol: FORGED_SENDER(0.30) Symbol: R_DKIM_NA(0.00) Symbol: MIME_TRACE(0.00) Symbol: ASN(0.00) Symbol: FROM_NEQ_ENVFROM(0.00) Symbol: BAYES_HAM(-3.00) Symbol: RCVD_COUNT_TWO(0.00) Message-ID: 20221005064455.2533842-1-mikko.rapeli@linaro.org X-SA-Exim-Connect-IP: 2001:67c:1be8::11 X-SA-Exim-Mail-From: mcfrisk@lakka.kapsi.fi X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 05 Oct 2022 06:45:03 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/171448 It sets environment variables etc correctly for openssl-native use. For most kernel side use cases are covered by plain openssl native wrapper but some out of tree e.g. python scripts may be not. Signed-off-by: Mikko Rapeli --- meta/recipes-kernel/linux/linux-yocto-dev.bb | 4 ++-- meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb | 4 +++- meta/recipes-kernel/linux/linux-yocto-rt_5.19.bb | 4 +++- meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb | 4 +++- meta/recipes-kernel/linux/linux-yocto-tiny_5.19.bb | 4 +++- meta/recipes-kernel/linux/linux-yocto_5.15.bb | 4 +++- meta/recipes-kernel/linux/linux-yocto_5.19.bb | 4 +++- 7 files changed, 20 insertions(+), 8 deletions(-) v3: no changes v2: no changes v1: https://lists.openembedded.org/g/openembedded-core/message/171380?p=%2C%2C%2C20%2C0%2C0%2C0%3A%3Arecentpostdate%2Fsticky%2C%2Copenssl-native.bbclass%2C20%2C2%2C0%2C94110200 diff --git a/meta/recipes-kernel/linux/linux-yocto-dev.bb b/meta/recipes-kernel/linux/linux-yocto-dev.bb index b1b57beac3..fe701d25c8 100644 --- a/meta/recipes-kernel/linux/linux-yocto-dev.bb +++ b/meta/recipes-kernel/linux/linux-yocto-dev.bb @@ -11,7 +11,7 @@ inherit kernel require recipes-kernel/linux/linux-yocto.inc # for ncurses tests -inherit pkgconfig +inherit pkgconfig openssl-native # provide this .inc to set specific revisions include recipes-kernel/linux/linux-yocto-dev-revisions.inc @@ -37,7 +37,7 @@ PV = "${LINUX_VERSION}+git${SRCPV}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" -DEPENDS += "openssl-native util-linux-native" +DEPENDS += "util-linux-native" DEPENDS += "gmp-native libmpc-native" # yaml and dtschema are required for 5.16+ device tree validation, libyaml is checked diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb index 6f8648e004..8a97b8a575 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb @@ -22,7 +22,9 @@ LINUX_VERSION ?= "5.15.68" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" -DEPENDS += "openssl-native util-linux-native" +DEPENDS += "util-linux-native" + +inherit openssl-native PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.19.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.19.bb index b3e9fbae62..e028d07b45 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.19.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.19.bb @@ -22,7 +22,9 @@ LINUX_VERSION ?= "5.19.9" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" -DEPENDS += "openssl-native util-linux-native" +DEPENDS += "util-linux-native" + +inherit openssl-native PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb index 4f2bb48743..e58931e212 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb @@ -9,7 +9,9 @@ LINUX_VERSION ?= "5.15.68" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" -DEPENDS += "openssl-native util-linux-native" +DEPENDS += "util-linux-native" + +inherit openssl-native KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.19.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.19.bb index 466b7063b4..6e5c72be60 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.19.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.19.bb @@ -9,7 +9,9 @@ LINUX_VERSION ?= "5.19.9" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" -DEPENDS += "openssl-native util-linux-native" +DEPENDS += "util-linux-native" + +inherit openssl-native KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb index 2f91fb7a37..8303395326 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb @@ -41,9 +41,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" LINUX_VERSION ?= "5.15.68" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" -DEPENDS += "openssl-native util-linux-native" +DEPENDS += "util-linux-native" DEPENDS += "gmp-native libmpc-native" +inherit openssl-native + PV = "${LINUX_VERSION}+git${SRCPV}" KMETA = "kernel-meta" diff --git a/meta/recipes-kernel/linux/linux-yocto_5.19.bb b/meta/recipes-kernel/linux/linux-yocto_5.19.bb index f882972e35..3e915a2f5e 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.19.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.19.bb @@ -41,9 +41,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" LINUX_VERSION ?= "5.19.9" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" -DEPENDS += "openssl-native util-linux-native" +DEPENDS += "util-linux-native" DEPENDS += "gmp-native libmpc-native" +inherit openssl-native + PV = "${LINUX_VERSION}+git${SRCPV}" KMETA = "kernel-meta"