From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 05 Jun 2026 10:51:54 +0200 Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wVQHS-002YwF-13 for lore@lore.pengutronix.de; Fri, 05 Jun 2026 10:51:54 +0200 Received: from [127.0.0.1] (helo=metis.whiteo.stw.pengutronix.de) by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1wVQHS-0004ur-5E; Fri, 05 Jun 2026 10:51:54 +0200 Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1wVQH7-0004i8-Ol; Fri, 05 Jun 2026 10:51:33 +0200 Received: from dude05.red.stw.pengutronix.de ([2a0a:edc0:0:1101:1d::54]) by drehscheibe.grey.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wVQH7-001DHb-2J; Fri, 05 Jun 2026 10:51:33 +0200 Received: from mol by dude05.red.stw.pengutronix.de with local (Exim 4.98.2) (envelope-from ) id 1wVQH7-0000000GWLK-2m50; Fri, 05 Jun 2026 10:51:33 +0200 From: Michael Olbrich To: ptxdist@pengutronix.de Date: Fri, 5 Jun 2026 10:51:33 +0200 Message-ID: <20260605085133.3937567-1-m.olbrich@pengutronix.de> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20260423-code-signing-provider-v2-2-be62a422e84a@pengutronix.de> References: <20260423-code-signing-provider-v2-2-be62a422e84a@pengutronix.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: Re: [ptxdist] [APPLIED] Add host-pkcs11-provider X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false Thanks, applied as 99ce47b3bd79229f12c6c551306be92b85b01a06. Michael [sent from post-receive hook] On Fri, 05 Jun 2026 10:51:33 +0200, Sascha Hauer wrote: > Add host-pkcs11-provider in preparation to add provider support to the > ptxdist code signing infrastructure. > > Signed-off-by: Sascha Hauer > Message-Id: <20260423-code-signing-provider-v2-2-be62a422e84a@pengutronix.de> > Signed-off-by: Michael Olbrich > > diff --git a/patches/pkcs11-provider-0.6/0001-meson-fix-provider-installation-path-with-DESTDIR.patch b/patches/pkcs11-provider-0.6/0001-meson-fix-provider-installation-path-with-DESTDIR.patch > new file mode 100644 > index 000000000000..b75132ea303a > --- /dev/null > +++ b/patches/pkcs11-provider-0.6/0001-meson-fix-provider-installation-path-with-DESTDIR.patch > @@ -0,0 +1,36 @@ > +From fbbb2835505f45cc84c17def5bd0e9d0fc7fb271 Mon Sep 17 00:00:00 2001 > +From: Sascha Hauer > +Date: Thu, 23 Apr 2026 11:08:17 +0200 > +Subject: [PATCH] meson: fix provider installation path with DESTDIR > + > +provider_path is set from the modulesdir pkg-config variable, which > +expands to an absolute path with the prefix baked in. When meson > +installs with DESTDIR set, it prepends DESTDIR to this absolute path, > +resulting in a doubled prefix in the install location. > + > +Fix this by passing pkgconfig_define to override ${prefix} during > +variable expansion, so modulesdir is re-evaluated relative to the > +current meson --prefix rather than whatever was recorded in the .pc > +file at the time OpenSSL was installed. > + > +Signed-off-by: Sascha Hauer > +--- > + meson.build | 2 +- > + 1 file changed, 1 insertion(+), 1 deletion(-) > + > +diff --git a/meson.build b/meson.build > +index b3912cb..f54b52f 100644 > +--- a/meson.build > ++++ b/meson.build > +@@ -46,7 +46,7 @@ conf.set('PACKAGE_MAJOR', major_version) > + conf.set('PACKAGE_MINOR', minor_version) > + > + libcrypto = dependency('libcrypto', version: '>= 3.0.7') > +-provider_path = libcrypto.get_variable(pkgconfig: 'modulesdir') > ++provider_path = libcrypto.get_variable(pkgconfig: 'modulesdir', pkgconfig_define: ['prefix', get_option('prefix')]) > + libssl = dependency('libssl', version: '>= 3.0.7') > + > + host_system = host_machine.system() > +-- > +2.47.3 > + > diff --git a/patches/pkcs11-provider-0.6/series b/patches/pkcs11-provider-0.6/series > new file mode 100644 > index 000000000000..9750a31a6d9a > --- /dev/null > +++ b/patches/pkcs11-provider-0.6/series > @@ -0,0 +1 @@ > +0001-meson-fix-provider-installation-path-with-DESTDIR.patch > diff --git a/rules/host-pkcs11-provider.in b/rules/host-pkcs11-provider.in > new file mode 100644 > index 000000000000..7d37f401ccfb > --- /dev/null > +++ b/rules/host-pkcs11-provider.in > @@ -0,0 +1,10 @@ > +## SECTION=hosttools_noprompt > + > +config HOST_PKCS11_PROVIDER > + tristate > + default y if ALLYES > + select HOST_MESON > + select HOST_OPENSSL > + > + > +# vim: ft=kconfig tw=80 > diff --git a/rules/host-pkcs11-provider.make b/rules/host-pkcs11-provider.make > new file mode 100644 > index 000000000000..f634e662b84c > --- /dev/null > +++ b/rules/host-pkcs11-provider.make > @@ -0,0 +1,28 @@ > +# -*-makefile-*- > +# > +# Copyright (C) 2026 by Sascha Hauer > +# > +# For further information about the PTXdist project and license conditions > +# see the README file. > +# > + > +# > +# We provide this package > +# > +HOST_PACKAGES-$(PTXCONF_HOST_PKCS11_PROVIDER) += host-pkcs11-provider > + > +# ---------------------------------------------------------------------------- > +# Prepare > +# ---------------------------------------------------------------------------- > + > +HOST_PKCS11_PROVIDER_CONF_ENV := \ > + $(HOST_ENV) > + > +# > +# meson > +# > +HOST_PKCS11_PROVIDER_CONF_TOOL := meson > +HOST_PKCS11_PROVIDER_CONF_OPT := \ > + $(HOST_MESON_OPT) > + > +# vim: ft=make