mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-15 16:07:26 +00:00
android-libboringssl: add new recipe for BoringSSL shared libraries
Add a recipe shipping the BoringSSL shared libraries required by
android-tools-adbd. BoringSSL is the TLS/crypto library used by adbd
for ADB authentication.
The libraries are installed under ${libdir}/android/ to avoid conflicting
with the system libcrypto/libssl in the sysroot. A SOVERSION=0 patch is
applied so Yocto's standard .so / .so.0 packaging split works correctly.
An ld.so.conf.d drop-in registers ${libdir}/android so binaries can find
the libraries at runtime.
This recipe is tightly coupled to android-tools: update it together when
upgrading android-tools to a new version.
AI-Generated: Uses GitHub Copilot (Claude Sonnet 4.6)
Signed-off-by: Mihajlo Marinkovic <mmarinkovic@snap.com>
Co-authored-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
This commit is contained in:
committed by
Khem Raj
parent
9cda6e09a4
commit
50f8744b0a
+62
@@ -0,0 +1,62 @@
|
||||
From 03a13ef3ea786286d9317562647e9856c1b71736 Mon Sep 17 00:00:00 2001
|
||||
From: Etienne Cordonnier <ecordonnier@snap.com>
|
||||
Date: Thu, 11 Jun 2026 00:00:00 +0000
|
||||
Subject: [PATCH] cmake: add SOVERSION 0 to crypto and ssl shared libraries
|
||||
|
||||
BoringSSL's CMakeLists.txt does not set SOVERSION, so the built shared
|
||||
libraries have no SONAME embedded and cmake names them libcrypto.so /
|
||||
libssl.so without any version suffix. This causes two problems in a
|
||||
Yocto build:
|
||||
|
||||
1. The Yocto QA check "dev-so" rejects unversioned .so symlinks in
|
||||
non-dev packages, but those symlinks are required at runtime because
|
||||
the DT_NEEDED entry in binaries that link against BoringSSL refers to
|
||||
the bare libcrypto.so name.
|
||||
|
||||
2. Standard Yocto FILES patterns split libraries by suffix: .so.* goes
|
||||
into the runtime package and .so symlinks go into -dev. Without a
|
||||
SOVERSION these patterns do not apply correctly.
|
||||
|
||||
Setting SOVERSION to 0 causes cmake to:
|
||||
- build libcrypto.so.0 as the real ELF with SONAME=libcrypto.so.0
|
||||
- create libcrypto.so as a development symlink
|
||||
|
||||
Binaries linked with -l:libcrypto.so.0 (as android-tools does) will
|
||||
record DT_NEEDED=libcrypto.so.0 and resolve correctly at runtime.
|
||||
|
||||
Upstream-Status: Inappropriate [OE-specific packaging requirement]
|
||||
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
|
||||
---
|
||||
crypto/CMakeLists.txt | 2 ++
|
||||
ssl/CMakeLists.txt | 2 ++
|
||||
2 files changed, 4 insertions(+)
|
||||
|
||||
diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt
|
||||
index cdb5ddc..fca86cc 100644
|
||||
--- a/crypto/CMakeLists.txt
|
||||
+++ b/crypto/CMakeLists.txt
|
||||
@@ -327,6 +327,8 @@ endif()
|
||||
|
||||
set_target_properties(crypto PROPERTIES LINKER_LANGUAGE C)
|
||||
|
||||
+set_target_properties(crypto PROPERTIES SOVERSION 0)
|
||||
+
|
||||
if(WIN32)
|
||||
target_link_libraries(crypto ws2_32)
|
||||
endif()
|
||||
diff --git a/ssl/CMakeLists.txt b/ssl/CMakeLists.txt
|
||||
index d8d997e..e49b350 100644
|
||||
--- a/ssl/CMakeLists.txt
|
||||
+++ b/ssl/CMakeLists.txt
|
||||
@@ -46,6 +46,8 @@ install_if_enabled(TARGETS ssl EXPORT OpenSSLTargets ${INSTALL_DESTINATION_DEFAU
|
||||
set_property(TARGET ssl PROPERTY EXPORT_NAME SSL)
|
||||
target_link_libraries(ssl crypto)
|
||||
|
||||
+set_target_properties(ssl PROPERTIES SOVERSION 0)
|
||||
+
|
||||
add_executable(
|
||||
ssl_test
|
||||
|
||||
--
|
||||
2.43.0
|
||||
|
||||
@@ -0,0 +1,22 @@
|
||||
#!/bin/sh
|
||||
if [ "$1" = "run" ] && [ "$2" = "util/embed_test_data.go" ]; then
|
||||
echo 'extern const int boringssl_dummy_crypto_test_data = 0;'
|
||||
exit 0
|
||||
fi
|
||||
if [ "$1" = "run" ] && [ "$2" = "err_data_generate.go" ]; then
|
||||
cat <<'EOF'
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
||||
const uint32_t kOpenSSLReasonValues[] = {0};
|
||||
const size_t kOpenSSLReasonValuesLen = 0;
|
||||
const char kOpenSSLReasonStringData[] = "";
|
||||
EOF
|
||||
exit 0
|
||||
fi
|
||||
if [ "$1" = "version" ]; then
|
||||
echo 'go version go0.0.0 yocto/stub'
|
||||
exit 0
|
||||
fi
|
||||
echo "Unexpected Go invocation: $*" >&2
|
||||
exit 1
|
||||
+1
@@ -0,0 +1 @@
|
||||
int boringssl_dummy_gtest_translation_unit = 0;
|
||||
@@ -0,0 +1,70 @@
|
||||
DESCRIPTION = "BoringSSL shared libraries for android-tools"
|
||||
SECTION = "libs"
|
||||
# This recipe is tightly coupled to android-tools: when upgrading android-tools,
|
||||
# update this recipe to the BoringSSL version shipped in the corresponding Debian
|
||||
# android-platform-tools source package.
|
||||
# BoringSSL is a fork of OpenSSL; new files carry ISC license, OpenSSL license
|
||||
# covers the forked parts.
|
||||
LICENSE = "OpenSSL & ISC"
|
||||
LIC_FILES_CHKSUM = "file://LICENSE;md5=2ca501bc96ce9ed0814e2c592c3f9593"
|
||||
|
||||
SRC_URI = " \
|
||||
https://deb.debian.org/debian/pool/main/a/android-platform-external-boringssl/android-platform-external-boringssl_${PV}.orig.tar.xz \
|
||||
file://boringssl-go-stub \
|
||||
file://boringssl-gtest-stub.cc \
|
||||
file://0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch \
|
||||
"
|
||||
SRC_URI[md5sum] = "83d24d2f3136ba6a486b5464369b91b4"
|
||||
SRC_URI[sha256sum] = "f9223e8c15ad5d9e3f1cd50861f4c272658864661e2332bea5d60952aa0930cd"
|
||||
|
||||
# The Debian orig tarball unpacks to android-platform-external-boringssl-${PV}/
|
||||
# with the actual source under a src/ subdirectory.
|
||||
S = "${UNPACKDIR}/android-platform-external-boringssl-${PV}/src"
|
||||
|
||||
inherit cmake
|
||||
|
||||
CFLAGS:append = " -Wno-discarded-qualifiers"
|
||||
|
||||
OECMAKE_TARGET_COMPILE = "crypto ssl"
|
||||
|
||||
EXTRA_OECMAKE = " \
|
||||
-DBUILD_SHARED_LIBS=ON \
|
||||
-DBUILD_TESTING=OFF \
|
||||
-DCMAKE_BUILD_TYPE=RelWithDebInfo \
|
||||
-DGO_EXECUTABLE=${WORKDIR}/hosttools/go \
|
||||
"
|
||||
|
||||
do_configure:prepend() {
|
||||
install -d ${WORKDIR}/hosttools
|
||||
install -m 0755 ${UNPACKDIR}/boringssl-go-stub ${WORKDIR}/hosttools/go
|
||||
|
||||
# BoringSSL builds its own minimal gtest from third_party/googletest; provide
|
||||
# an empty stub .cc. We only build the crypto and ssl targets so the test
|
||||
# source files are never compiled, but cmake still needs gtest-all.cc to
|
||||
# exist to create the boringssl_gtest target.
|
||||
if [ ! -f ${S}/third_party/googletest/src/gtest-all.cc ]; then
|
||||
install -d ${S}/third_party/googletest/src
|
||||
install -m 0644 ${UNPACKDIR}/boringssl-gtest-stub.cc \
|
||||
${S}/third_party/googletest/src/gtest-all.cc
|
||||
fi
|
||||
}
|
||||
do_install() {
|
||||
# Install headers under a boringssl/ subdirectory to avoid shadowing the
|
||||
# system OpenSSL headers in the sysroot.
|
||||
install -d ${D}${includedir}/boringssl
|
||||
cp -a ${S}/include/openssl ${D}${includedir}/boringssl/
|
||||
|
||||
# Install shared libraries under ${libdir}/android/ to avoid conflicting
|
||||
# with the system libssl/libcrypto in the sysroot.
|
||||
install -d ${D}${libdir}/android
|
||||
install -m 0755 ${B}/crypto/libcrypto.so.0 ${D}${libdir}/android/libcrypto.so.0
|
||||
ln -sf libcrypto.so.0 ${D}${libdir}/android/libcrypto.so
|
||||
install -m 0755 ${B}/ssl/libssl.so.0 ${D}${libdir}/android/libssl.so.0
|
||||
ln -sf libssl.so.0 ${D}${libdir}/android/libssl.so
|
||||
|
||||
}
|
||||
|
||||
FILES:${PN}-dev = "${includedir}/boringssl ${libdir}/android/libcrypto.so ${libdir}/android/libssl.so"
|
||||
FILES:${PN} = "${libdir}/android/libcrypto.so.0 ${libdir}/android/libssl.so.0"
|
||||
|
||||
BBCLASSEXTEND = "native"
|
||||
Reference in New Issue
Block a user