NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ad97d01b84
kumquat-buildroot/package/openssl/Config.in
Yann E. MORIN c72be5dd2f package/libopenssl does not support riscv32 
riscv32 is (surprise!) a 32-bit architecture. But it has been Y2038-safe
from its inception. As such, there are no legacy binaries that may use
the 32-bit time syscalls, and thus they are not available on riscv32.

Code that directly calls to the syscalls without using the C libraries
wrappers thus need to handle this case by themselves. That's what
upstream tried to do with:
    5b5e2985f3

We initially carried that patch with 2bb26c1a1d (package/libopenssl:
fix build on riscv32).

However, as Arnd Bergmann puts it [0]:

    The patch looks wrong to me: __NR_io_pgetevents_time64 must be used
    whenever time_t is 64-bit wide on a 32-bit architecture, while
    __NR_io_getevents/__NR_io_pgetevents must be used when time_t is the
    same width as 'long'.

    Checking whether __NR_io_getevents is defined is wrong for all
    architectures other than riscv

And Arnd agrees that patch should be reverted [1] [2] (there are further
comments in that stream, that are worth reading).

As such, we've reverted 2bb26c1a1d with 6cfb4ad7f7.

This means we have no working solution to enable openssl on riscv32 for
now. So, rather than fail the build, or backport a dysfunctional patch,
let's just forbid openssl on riscv32.

Drop the default from the choice selection; it was anyway superfluous:
the default of a choice, if left unspecified, is the first entry of the
choice. Also, having a default means we'd have to also propagate the
dependencies of the defaulted-to symbol, which is yet a little bit more
maintenance. Since the chances we get a third implementation of openssl
are pretty slim (very, very slim), reasoning about what is the default
is still very easy.

When propagating dependencies to tpm2-tss' users, we've tried to keep
the architecture dependency toward the top when possible, and otherwise
we've added it together with existing arch dependencies (MMU).

While at it, drop a useless redundant comment in ibm-sw-tpm2: if we
select FORCE_LIBOPENSSL, it is obvious that's because libressl is not
supported... Besides none of the other users of FORCE_LIBOPENSSL have
such a comment.

Fixes:
    http://autobuild.buildroot.org/results/eb9/eb9a64d4ffae8569b5225083f282cf87ffa7c681/
    ...
    http://autobuild.buildroot.org/results/07e/07e413b24ba8adc9558c80267ce16dda339bf032/

[0] 5b5e2985f3 (commitcomment-44782859)
[1] 5b5e2985f3 (commitcomment-47826509)
[2] 5b5e2985f3 (commitcomment-47830530)

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Mark Corbin <mark@dibsco.co.uk>
2021-03-04 22:53:08 +01:00

74 lines
1.8 KiB
Plaintext
Raw Blame History

config BR2_PACKAGE_LIBOPENSSL_ARCH_SUPPORTS
bool
default y
depends on !BR2_RISCV_32
config BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL
bool
depends on BR2_PACKAGE_LIBOPENSSL_ARCH_SUPPORTS
config BR2_PACKAGE_OPENSSL
bool "openssl support"
select BR2_PACKAGE_HAS_OPENSSL
help
Select the desired ssl library provider.
if BR2_PACKAGE_OPENSSL
choice
prompt "ssl library"
help
Select OpenSSL or LibreSSL.
config BR2_PACKAGE_LIBOPENSSL
bool "openssl"
depends on BR2_PACKAGE_LIBOPENSSL_ARCH_SUPPORTS
select BR2_PACKAGE_ZLIB
help
A collaborative effort to develop a robust, commercial-grade,
fully featured, and Open Source toolkit implementing the
Secure Sockets Layer (SSL v2/v3) and Transport Security
(TLS v1) as well as a full-strength general-purpose
cryptography library.
http://www.openssl.org/
Note: Some helper scripts need perl.
source "package/libopenssl/Config.in"
config BR2_PACKAGE_LIBRESSL
bool "libressl"
depends on !BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL
# uClibc on noMMU doesn't provide __register_atfork()
depends on !(BR2_TOOLCHAIN_USES_UCLIBC && !BR2_USE_MMU)
help
LibreSSL is a version of the TLS/crypto stack forked from
OpenSSL in 2014, with goals of modernizing the codebase,
improving security, and applying best practice development
processes.
http://www.libressl.org/
source "package/libressl/Config.in"
# openssl from br2-external trees, if any
source "$BR2_BASE_DIR/.br2-external.in.openssl"
endchoice
config BR2_PACKAGE_HAS_OPENSSL
bool
config BR2_PACKAGE_PROVIDES_OPENSSL
string
default "libopenssl" if BR2_PACKAGE_LIBOPENSSL
default "libressl" if BR2_PACKAGE_LIBRESSL
endif
# ensure libopenssl is used for the host variant
config BR2_PACKAGE_PROVIDES_HOST_OPENSSL
string
default "host-libopenssl"
Reference in New Issue View Git Blame Copy Permalink