* [ptxdist] [PATCH 0/3] Fix U-Boot build with missing host libs
@ 2024-03-11 7:43 Markus Heidelberg
2024-03-11 7:43 ` [ptxdist] [PATCH 1/3] host-nettle: new package Markus Heidelberg
` (2 more replies)
0 siblings, 3 replies; 7+ messages in thread
From: Markus Heidelberg @ 2024-03-11 7:43 UTC (permalink / raw)
To: ptxdist; +Cc: Markus Heidelberg
I wasn't sure whether
https://www.ptxdist.org/doc/contributing.html#package-builds-should-be-reproducible
also applies to host packages, but probably yes, so followed that rule
for both nettle and gnutls.
Markus Heidelberg (3):
host-nettle: new package
host-gnutls: new package
u-boot: new options to select host-gnutls and host-libuuid
platforms/u-boot.in | 22 +++++++++-
rules/host-gnutls.in | 7 ++++
rules/host-gnutls.make | 95 ++++++++++++++++++++++++++++++++++++++++++
rules/host-nettle.in | 5 +++
rules/host-nettle.make | 45 ++++++++++++++++++++
5 files changed, 173 insertions(+), 1 deletion(-)
create mode 100644 rules/host-gnutls.in
create mode 100644 rules/host-gnutls.make
create mode 100644 rules/host-nettle.in
create mode 100644 rules/host-nettle.make
--
2.34.1
^ permalink raw reply [flat|nested] 7+ messages in thread
* [ptxdist] [PATCH 1/3] host-nettle: new package
2024-03-11 7:43 [ptxdist] [PATCH 0/3] Fix U-Boot build with missing host libs Markus Heidelberg
@ 2024-03-11 7:43 ` Markus Heidelberg
2024-03-19 6:44 ` [ptxdist] [APPLIED] " Michael Olbrich
2024-03-11 7:43 ` [ptxdist] [PATCH 2/3] host-gnutls: " Markus Heidelberg
2024-03-11 7:43 ` [ptxdist] [PATCH 3/3] u-boot: new options to select host-gnutls and host-libuuid Markus Heidelberg
2 siblings, 1 reply; 7+ messages in thread
From: Markus Heidelberg @ 2024-03-11 7:43 UTC (permalink / raw)
To: ptxdist; +Cc: Markus Heidelberg
Will be needed for host-gnutls.
Signed-off-by: Markus Heidelberg <m.heidelberg@cab.de>
---
There are several configure options not set in the target nettle package
yet. Is it common procedure to amend them there as well? I don't
use/need the target package myself, though.
rules/host-nettle.in | 5 +++++
rules/host-nettle.make | 45 ++++++++++++++++++++++++++++++++++++++++++
2 files changed, 50 insertions(+)
create mode 100644 rules/host-nettle.in
create mode 100644 rules/host-nettle.make
diff --git a/rules/host-nettle.in b/rules/host-nettle.in
new file mode 100644
index 000000000..fc2d7f165
--- /dev/null
+++ b/rules/host-nettle.in
@@ -0,0 +1,5 @@
+## SECTION=hosttools_noprompt
+
+config HOST_NETTLE
+ tristate
+ default y if ALLYES
diff --git a/rules/host-nettle.make b/rules/host-nettle.make
new file mode 100644
index 000000000..61e48b552
--- /dev/null
+++ b/rules/host-nettle.make
@@ -0,0 +1,45 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2024 by Markus Heidelberg <m.heidelberg@cab.de>
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+HOST_PACKAGES-$(PTXCONF_HOST_NETTLE) += host-nettle
+
+# ----------------------------------------------------------------------------
+# Prepare
+# ----------------------------------------------------------------------------
+
+#
+# autoconf
+#
+HOST_NETTLE_CONF_TOOL := autoconf
+HOST_NETTLE_CONF_OPT := \
+ $(HOST_AUTOCONF) \
+ --enable-public-key \
+ --enable-assembler \
+ --disable-static \
+ --enable-shared \
+ --disable-openssl \
+ --disable-gcov \
+ --disable-documentation \
+ --disable-fat \
+ --disable-arm-neon \
+ --disable-arm64-crypto \
+ --disable-x86-aesni \
+ --disable-x86-sha-ni \
+ --disable-x86-pclmul \
+ --disable-power-crypto-ext \
+ --disable-power-altivec \
+ --disable-s390x-vf \
+ --disable-s390x-msa \
+ --enable-mini-gmp \
+ --without-include-path \
+ --without-lib-path
+
+# vim: syntax=make
--
2.34.1
^ permalink raw reply [flat|nested] 7+ messages in thread
* [ptxdist] [PATCH 2/3] host-gnutls: new package
2024-03-11 7:43 [ptxdist] [PATCH 0/3] Fix U-Boot build with missing host libs Markus Heidelberg
2024-03-11 7:43 ` [ptxdist] [PATCH 1/3] host-nettle: new package Markus Heidelberg
@ 2024-03-11 7:43 ` Markus Heidelberg
2024-03-19 6:44 ` [ptxdist] [APPLIED] " Michael Olbrich
2024-03-11 7:43 ` [ptxdist] [PATCH 3/3] u-boot: new options to select host-gnutls and host-libuuid Markus Heidelberg
2 siblings, 1 reply; 7+ messages in thread
From: Markus Heidelberg @ 2024-03-11 7:43 UTC (permalink / raw)
To: ptxdist; +Cc: Markus Heidelberg
Will be needed for certain configurations of U-Boot.
Signed-off-by: Markus Heidelberg <m.heidelberg@cab.de>
---
That was left from configure_helper.py -p host-gnutls:
+ --with-default-trust-store-pkcs11=URI
+ --with-default-trust-store-dir=DIR
--with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt
+ --with-default-crl-file=FILE
+ --with-default-blacklist-file=FILE
+ --with-guile-site-dir=DIR
+ --with-guile-site-ccache-dir=DIR
+ --with-guile-extension-dir=DIR
I guess these options don't have an influence, but is there some
approach to apply dummy values to get configure_helper.py silent?
rules/host-gnutls.in | 7 ++++
rules/host-gnutls.make | 95 ++++++++++++++++++++++++++++++++++++++++++
2 files changed, 102 insertions(+)
create mode 100644 rules/host-gnutls.in
create mode 100644 rules/host-gnutls.make
diff --git a/rules/host-gnutls.in b/rules/host-gnutls.in
new file mode 100644
index 000000000..9178fa7ef
--- /dev/null
+++ b/rules/host-gnutls.in
@@ -0,0 +1,7 @@
+## SECTION=hosttools_noprompt
+
+config HOST_GNUTLS
+ tristate
+ default y if ALLYES
+ select HOST_LIBTASN1
+ select HOST_NETTLE
diff --git a/rules/host-gnutls.make b/rules/host-gnutls.make
new file mode 100644
index 000000000..ddba332c8
--- /dev/null
+++ b/rules/host-gnutls.make
@@ -0,0 +1,95 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2024 by Markus Heidelberg <m.heidelberg@cab.de>
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+HOST_PACKAGES-$(PTXCONF_HOST_GNUTLS) += host-gnutls
+
+# ----------------------------------------------------------------------------
+# Prepare
+# ----------------------------------------------------------------------------
+
+#
+# autoconf
+#
+HOST_GNUTLS_CONF_TOOL := autoconf
+HOST_GNUTLS_CONF_OPT := \
+ $(HOST_AUTOCONF) \
+ $(GLOBAL_LARGE_FILE_OPTION) \
+ --enable-threads=posix \
+ --disable-code-coverage \
+ --disable-bash-tests \
+ --disable-doc \
+ --disable-manpages \
+ --disable-tools \
+ --enable-cxx \
+ --disable-dyn-ncrypt \
+ --enable-hardware-acceleration \
+ --enable-tls13-interop \
+ --enable-padlock \
+ --enable-strict-der-time \
+ --enable-sha1-support \
+ --disable-ssl3-support \
+ --enable-ssl2-support \
+ --enable-dtls-srtp-support \
+ --enable-alpn-support \
+ --enable-heartbeat-support \
+ --enable-srp-authentication \
+ --enable-psk-authentication \
+ --enable-anon-authentication \
+ --enable-dhe \
+ --enable-ecdhe \
+ --enable-gost \
+ --disable-cryptodev \
+ --disable-afalg \
+ --disable-ktls \
+ --enable-ocsp \
+ --disable-openssl-compatibility \
+ --disable-tests \
+ --disable-fuzzer-target \
+ --disable-gtk-doc \
+ --disable-gtk-doc-html \
+ --disable-gtk-doc-pdf \
+ --disable-nls \
+ --disable-rpath \
+ --disable-seccomp-tests \
+ --enable-cross-guesses=conservative \
+ --disable-valgrind-tests \
+ --disable-full-test-suite \
+ --disable-oldgnutls-interop \
+ --disable-gcc-warnings \
+ --disable-static \
+ --enable-shared \
+ --disable-fips140-mode \
+ --disable-strict-x509 \
+ --enable-non-suiteb-curves \
+ --disable-libdane \
+ --disable-guile \
+ --without-gcov \
+ --with-nettle-mini \
+ --without-included-libtasn1 \
+ --with-included-unistring \
+ --without-fips140-key \
+ --without-fips140-module-name \
+ --without-fips140-module-version \
+ --with-pkcs12-iter-count=600000 \
+ --without-idn \
+ --without-unbound-root-key-file \
+ --without-system-priority-file \
+ --without-default-priority-string \
+ --without-p11-kit \
+ --without-tpm2 \
+ --without-tpm \
+ --without-trousers-lib \
+ --without-zlib \
+ --without-brotli \
+ --without-zstd \
+ --with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt
+
+# vim: syntax=make
--
2.34.1
^ permalink raw reply [flat|nested] 7+ messages in thread
* [ptxdist] [PATCH 3/3] u-boot: new options to select host-gnutls and host-libuuid
2024-03-11 7:43 [ptxdist] [PATCH 0/3] Fix U-Boot build with missing host libs Markus Heidelberg
2024-03-11 7:43 ` [ptxdist] [PATCH 1/3] host-nettle: new package Markus Heidelberg
2024-03-11 7:43 ` [ptxdist] [PATCH 2/3] host-gnutls: " Markus Heidelberg
@ 2024-03-11 7:43 ` Markus Heidelberg
2024-03-19 6:44 ` [ptxdist] [APPLIED] " Michael Olbrich
2 siblings, 1 reply; 7+ messages in thread
From: Markus Heidelberg @ 2024-03-11 7:43 UTC (permalink / raw)
To: ptxdist; +Cc: Markus Heidelberg
Certain U-Boot config options (e.g. EFI_CAPSULE_ON_DISK and
FWU_MULTI_BANK_UPDATE) require host tools (e.g. TOOLS_MKEFICAPSULE and
TOOLS_MKFWUMDATA) with these libraries as dependencies.
Signed-off-by: Markus Heidelberg <m.heidelberg@cab.de>
---
platforms/u-boot.in | 22 +++++++++++++++++++++-
1 file changed, 21 insertions(+), 1 deletion(-)
diff --git a/platforms/u-boot.in b/platforms/u-boot.in
index 769237081..000ca491a 100644
--- a/platforms/u-boot.in
+++ b/platforms/u-boot.in
@@ -4,6 +4,8 @@ menuconfig U_BOOT
select BOOTLOADER
select HOST_SYSTEM_PYTHON3
select HOST_OPENSSL if U_BOOT_NEEDS_HOST_OPENSSL
+ select HOST_GNUTLS if U_BOOT_NEEDS_HOST_GNUTLS
+ select HOST_LIBUUID if U_BOOT_NEEDS_HOST_LIBUUID
prompt "U-Boot "
bool
@@ -286,5 +288,23 @@ config U_BOOT_NEEDS_HOST_OPENSSL
It might just increase the build time, if no other package has
host openssl selected.
-endif
+config U_BOOT_NEEDS_HOST_GNUTLS
+ prompt "needs host GnuTLS"
+ bool
+ help
+ U-Boot from version 2022.04 includes host tools using GnuTLS for
+ image signing.
+ Select this if your board config enables such tools, e.g. with
+ CONFIG_TOOLS_MKEFICAPSULE.
+
+config U_BOOT_NEEDS_HOST_LIBUUID
+ prompt "needs host libuuid"
+ bool
+ help
+ U-Boot from version 2022.04 includes host tools using libuuid.
+
+ Select this if your board config enables such tools, e.g. with
+ CONFIG_TOOLS_MKEFICAPSULE or CONFIG_TOOLS_MKFWUMDATA.
+
+endif
--
2.34.1
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [ptxdist] [APPLIED] host-nettle: new package
2024-03-11 7:43 ` [ptxdist] [PATCH 1/3] host-nettle: new package Markus Heidelberg
@ 2024-03-19 6:44 ` Michael Olbrich
0 siblings, 0 replies; 7+ messages in thread
From: Michael Olbrich @ 2024-03-19 6:44 UTC (permalink / raw)
To: ptxdist; +Cc: Markus Heidelberg
Thanks, applied as ef7596f5e04f550869d11ceafec2a3e508a23dd8.
Michael
[sent from post-receive hook]
On Tue, 19 Mar 2024 07:44:41 +0100, Markus Heidelberg <m.heidelberg@cab.de> wrote:
> Will be needed for host-gnutls.
>
> Signed-off-by: Markus Heidelberg <m.heidelberg@cab.de>
> Message-Id: <20240311074308.34315-2-m.heidelberg@cab.de>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
>
> diff --git a/rules/host-nettle.in b/rules/host-nettle.in
> new file mode 100644
> index 000000000000..fc2d7f1650dc
> --- /dev/null
> +++ b/rules/host-nettle.in
> @@ -0,0 +1,5 @@
> +## SECTION=hosttools_noprompt
> +
> +config HOST_NETTLE
> + tristate
> + default y if ALLYES
> diff --git a/rules/host-nettle.make b/rules/host-nettle.make
> new file mode 100644
> index 000000000000..61e48b552b25
> --- /dev/null
> +++ b/rules/host-nettle.make
> @@ -0,0 +1,45 @@
> +# -*-makefile-*-
> +#
> +# Copyright (C) 2024 by Markus Heidelberg <m.heidelberg@cab.de>
> +#
> +# For further information about the PTXdist project and license conditions
> +# see the README file.
> +#
> +
> +#
> +# We provide this package
> +#
> +HOST_PACKAGES-$(PTXCONF_HOST_NETTLE) += host-nettle
> +
> +# ----------------------------------------------------------------------------
> +# Prepare
> +# ----------------------------------------------------------------------------
> +
> +#
> +# autoconf
> +#
> +HOST_NETTLE_CONF_TOOL := autoconf
> +HOST_NETTLE_CONF_OPT := \
> + $(HOST_AUTOCONF) \
> + --enable-public-key \
> + --enable-assembler \
> + --disable-static \
> + --enable-shared \
> + --disable-openssl \
> + --disable-gcov \
> + --disable-documentation \
> + --disable-fat \
> + --disable-arm-neon \
> + --disable-arm64-crypto \
> + --disable-x86-aesni \
> + --disable-x86-sha-ni \
> + --disable-x86-pclmul \
> + --disable-power-crypto-ext \
> + --disable-power-altivec \
> + --disable-s390x-vf \
> + --disable-s390x-msa \
> + --enable-mini-gmp \
> + --without-include-path \
> + --without-lib-path
> +
> +# vim: syntax=make
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [ptxdist] [APPLIED] host-gnutls: new package
2024-03-11 7:43 ` [ptxdist] [PATCH 2/3] host-gnutls: " Markus Heidelberg
@ 2024-03-19 6:44 ` Michael Olbrich
0 siblings, 0 replies; 7+ messages in thread
From: Michael Olbrich @ 2024-03-19 6:44 UTC (permalink / raw)
To: ptxdist; +Cc: Markus Heidelberg
Thanks, applied as 359576397afb515a8e33cce77f87f14cc2b1c478.
Michael
[sent from post-receive hook]
On Tue, 19 Mar 2024 07:44:41 +0100, Markus Heidelberg <m.heidelberg@cab.de> wrote:
> Will be needed for certain configurations of U-Boot.
>
> Signed-off-by: Markus Heidelberg <m.heidelberg@cab.de>
> Message-Id: <20240311074308.34315-3-m.heidelberg@cab.de>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
>
> diff --git a/rules/host-gnutls.in b/rules/host-gnutls.in
> new file mode 100644
> index 000000000000..9178fa7ef4b2
> --- /dev/null
> +++ b/rules/host-gnutls.in
> @@ -0,0 +1,7 @@
> +## SECTION=hosttools_noprompt
> +
> +config HOST_GNUTLS
> + tristate
> + default y if ALLYES
> + select HOST_LIBTASN1
> + select HOST_NETTLE
> diff --git a/rules/host-gnutls.make b/rules/host-gnutls.make
> new file mode 100644
> index 000000000000..ddba332c8e49
> --- /dev/null
> +++ b/rules/host-gnutls.make
> @@ -0,0 +1,95 @@
> +# -*-makefile-*-
> +#
> +# Copyright (C) 2024 by Markus Heidelberg <m.heidelberg@cab.de>
> +#
> +# For further information about the PTXdist project and license conditions
> +# see the README file.
> +#
> +
> +#
> +# We provide this package
> +#
> +HOST_PACKAGES-$(PTXCONF_HOST_GNUTLS) += host-gnutls
> +
> +# ----------------------------------------------------------------------------
> +# Prepare
> +# ----------------------------------------------------------------------------
> +
> +#
> +# autoconf
> +#
> +HOST_GNUTLS_CONF_TOOL := autoconf
> +HOST_GNUTLS_CONF_OPT := \
> + $(HOST_AUTOCONF) \
> + $(GLOBAL_LARGE_FILE_OPTION) \
> + --enable-threads=posix \
> + --disable-code-coverage \
> + --disable-bash-tests \
> + --disable-doc \
> + --disable-manpages \
> + --disable-tools \
> + --enable-cxx \
> + --disable-dyn-ncrypt \
> + --enable-hardware-acceleration \
> + --enable-tls13-interop \
> + --enable-padlock \
> + --enable-strict-der-time \
> + --enable-sha1-support \
> + --disable-ssl3-support \
> + --enable-ssl2-support \
> + --enable-dtls-srtp-support \
> + --enable-alpn-support \
> + --enable-heartbeat-support \
> + --enable-srp-authentication \
> + --enable-psk-authentication \
> + --enable-anon-authentication \
> + --enable-dhe \
> + --enable-ecdhe \
> + --enable-gost \
> + --disable-cryptodev \
> + --disable-afalg \
> + --disable-ktls \
> + --enable-ocsp \
> + --disable-openssl-compatibility \
> + --disable-tests \
> + --disable-fuzzer-target \
> + --disable-gtk-doc \
> + --disable-gtk-doc-html \
> + --disable-gtk-doc-pdf \
> + --disable-nls \
> + --disable-rpath \
> + --disable-seccomp-tests \
> + --enable-cross-guesses=conservative \
> + --disable-valgrind-tests \
> + --disable-full-test-suite \
> + --disable-oldgnutls-interop \
> + --disable-gcc-warnings \
> + --disable-static \
> + --enable-shared \
> + --disable-fips140-mode \
> + --disable-strict-x509 \
> + --enable-non-suiteb-curves \
> + --disable-libdane \
> + --disable-guile \
> + --without-gcov \
> + --with-nettle-mini \
> + --without-included-libtasn1 \
> + --with-included-unistring \
> + --without-fips140-key \
> + --without-fips140-module-name \
> + --without-fips140-module-version \
> + --with-pkcs12-iter-count=600000 \
> + --without-idn \
> + --without-unbound-root-key-file \
> + --without-system-priority-file \
> + --without-default-priority-string \
> + --without-p11-kit \
> + --without-tpm2 \
> + --without-tpm \
> + --without-trousers-lib \
> + --without-zlib \
> + --without-brotli \
> + --without-zstd \
> + --with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt
> +
> +# vim: syntax=make
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [ptxdist] [APPLIED] u-boot: new options to select host-gnutls and host-libuuid
2024-03-11 7:43 ` [ptxdist] [PATCH 3/3] u-boot: new options to select host-gnutls and host-libuuid Markus Heidelberg
@ 2024-03-19 6:44 ` Michael Olbrich
0 siblings, 0 replies; 7+ messages in thread
From: Michael Olbrich @ 2024-03-19 6:44 UTC (permalink / raw)
To: ptxdist; +Cc: Markus Heidelberg
Thanks, applied as 2dd8696c067ca5a90122746e5109a3291ed5805d.
Michael
[sent from post-receive hook]
On Tue, 19 Mar 2024 07:44:42 +0100, Markus Heidelberg <m.heidelberg@cab.de> wrote:
> Certain U-Boot config options (e.g. EFI_CAPSULE_ON_DISK and
> FWU_MULTI_BANK_UPDATE) require host tools (e.g. TOOLS_MKEFICAPSULE and
> TOOLS_MKFWUMDATA) with these libraries as dependencies.
>
> Signed-off-by: Markus Heidelberg <m.heidelberg@cab.de>
> Message-Id: <20240311074308.34315-4-m.heidelberg@cab.de>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
>
> diff --git a/platforms/u-boot.in b/platforms/u-boot.in
> index 7692370813b2..000ca491a1c2 100644
> --- a/platforms/u-boot.in
> +++ b/platforms/u-boot.in
> @@ -4,6 +4,8 @@ menuconfig U_BOOT
> select BOOTLOADER
> select HOST_SYSTEM_PYTHON3
> select HOST_OPENSSL if U_BOOT_NEEDS_HOST_OPENSSL
> + select HOST_GNUTLS if U_BOOT_NEEDS_HOST_GNUTLS
> + select HOST_LIBUUID if U_BOOT_NEEDS_HOST_LIBUUID
> prompt "U-Boot "
> bool
>
> @@ -286,5 +288,23 @@ config U_BOOT_NEEDS_HOST_OPENSSL
> It might just increase the build time, if no other package has
> host openssl selected.
>
> -endif
> +config U_BOOT_NEEDS_HOST_GNUTLS
> + prompt "needs host GnuTLS"
> + bool
> + help
> + U-Boot from version 2022.04 includes host tools using GnuTLS for
> + image signing.
>
> + Select this if your board config enables such tools, e.g. with
> + CONFIG_TOOLS_MKEFICAPSULE.
> +
> +config U_BOOT_NEEDS_HOST_LIBUUID
> + prompt "needs host libuuid"
> + bool
> + help
> + U-Boot from version 2022.04 includes host tools using libuuid.
> +
> + Select this if your board config enables such tools, e.g. with
> + CONFIG_TOOLS_MKEFICAPSULE or CONFIG_TOOLS_MKFWUMDATA.
> +
> +endif
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2024-03-19 6:45 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-03-11 7:43 [ptxdist] [PATCH 0/3] Fix U-Boot build with missing host libs Markus Heidelberg
2024-03-11 7:43 ` [ptxdist] [PATCH 1/3] host-nettle: new package Markus Heidelberg
2024-03-19 6:44 ` [ptxdist] [APPLIED] " Michael Olbrich
2024-03-11 7:43 ` [ptxdist] [PATCH 2/3] host-gnutls: " Markus Heidelberg
2024-03-19 6:44 ` [ptxdist] [APPLIED] " Michael Olbrich
2024-03-11 7:43 ` [ptxdist] [PATCH 3/3] u-boot: new options to select host-gnutls and host-libuuid Markus Heidelberg
2024-03-19 6:44 ` [ptxdist] [APPLIED] " Michael Olbrich
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox