From: Thomas Petazzoni via buildroot <buildroot@buildroot.org>
To: Alistair Francis <alistair23@gmail.com>
Cc: Samuel Martin <s.martin49@gmail.com>,
Alistair Francis <alistair.francis@wdc.com>,
buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH v3] package/libspdm: new package
Date: Sat, 2 Sep 2023 15:28:59 +0200 [thread overview]
Message-ID: <20230902152859.42d5673d@windsurf> (raw)
In-Reply-To: <20230830053654.1827435-1-alistair.francis@wdc.com>
Hello Alistair,
On Wed, 30 Aug 2023 15:36:54 +1000
Alistair Francis <alistair23@gmail.com> wrote:
> Add the libspdm package (https://github.com/DMTF/libspdm).
>
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Thanks for this new iteration, it looks much better. I had fixed a few
things and was getting ready to apply, but it actually doesn't build.
See below some details to help you prepare a v4.
> diff --git a/DEVELOPERS b/DEVELOPERS
> index 9b500f3701..5b5556d492 100644
> --- a/DEVELOPERS
> +++ b/DEVELOPERS
> @@ -122,6 +122,7 @@ F: board/sifive/
> F: boot/opensbi/
> F: configs/hifive_unleashed_defconfig
> F: package/xen/
> +F: package/libspdm/
Please respect alphabetic ordering.
>
> N: Alvaro G. M <alvaro.gamez@hazent.com>
> F: package/dcron/
> diff --git a/package/Config.in b/package/Config.in
> index 54cddc3914..eda464262a 100644
> --- a/package/Config.in
> +++ b/package/Config.in
> @@ -193,6 +193,7 @@ menu "Development tools"
> source "package/jo/Config.in"
> source "package/jq/Config.in"
> source "package/libtool/Config.in"
> + source "package/libspdm/Config.in"
Please respect alphabetic ordering. Also, I believe this package should
be in "Libraries -> Crypto", and not in "Development tools".
> diff --git a/package/libspdm/0001-cryptlib_openssl-x509-Remove-internal-OpenSSL-crypto.patch b/package/libspdm/0001-cryptlib_openssl-x509-Remove-internal-OpenSSL-crypto.patch
> new file mode 100644
> index 0000000000..420098be11
> --- /dev/null
> +++ b/package/libspdm/0001-cryptlib_openssl-x509-Remove-internal-OpenSSL-crypto.patch
> @@ -0,0 +1,43 @@
> +From 7db883cdb3369cfaf9f0890b0eda503f47a5ffa3 Mon Sep 17 00:00:00 2001
> +From: Alistair Francis <alistair.francis@wdc.com>
> +Date: Fri, 11 Aug 2023 16:26:53 -0400
> +Subject: [PATCH] cryptlib_openssl: x509: Remove internal OpenSSL crypto
> + include
> +
> +The OpenSSL source code describes the crypto include as:
> +"Internal EC functions for other submodules: not for application use"
> + - https://github.com/openssl/openssl/blob/master/include/crypto/ec.h
> +
> +Using the internal APIS makes it difficult to use libspdm as a library
> +with other packages. So let's remove the uses of the internal API and
> +instead use the public API.
> +
Please add an "Upstream:" tag here and for all patches. Make sure to
run "make check-package" before submitting a patch, it will catch such
issues.
Here are the upstream tags:
0001-cryptlib_openssl-x509-Remove-internal-OpenSSL-crypto.patch:Upstream: https://github.com/DMTF/libspdm/commit/7db883cdb3369cfaf9f0890b0eda503f47a5ffa3
0002-cryptlib_openssl-ecd-Allow-disabling-code.patch:Upstream: https://github.com/DMTF/libspdm/commit/e87687d72688e980b929920b7d77dca26fff169e
0003-cryptlib_openssl-ec-Remove-internal-OpenSSL-crypto-i.patch:Upstream: https://github.com/DMTF/libspdm/commit/567b1c8ea731fe42650d43ede50a105b772dc7aa
0004-CMakeLists.txt-Allow-disabling-EDDSA-support-from-co.patch:Upstream: https://github.com/DMTF/libspdm/pull/2330
> diff --git a/package/libspdm/Config.in b/package/libspdm/Config.in
> new file mode 100644
> index 0000000000..2d0f46da85
> --- /dev/null
> +++ b/package/libspdm/Config.in
> @@ -0,0 +1,19 @@
> +config BR2_PACKAGE_LIBSPDM
> + bool "libspdm"
> + select BR2_PACKAGE_OPENSSL
> + select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL
> + help
> + libspdm is a sample implementation that follows
> + the DMTF SPDM specifications
> +
> + https://github.com/DMTF/libspdm
> +
> +config BR2_PACKAGE_LIBSPDM_CPU_FAMILLY
FAMILY, not FAMILLY.
> + string
> + default "arc" if BR2_arcle || BR2_arceb
> + default "arm" if BR2_arm || BR2_armeb
> + default "aarch64" if BR2_aarch64 || BR2_aarch64_be
> + default "ia32" if BR2_i386
> + default "riscv32" if BR2_riscv && BR2_RISCV_32
> + default "riscv64" if BR2_riscv && BR2_RISCV_64
> + default "x64" if BR2_x86_64
Also, use this to provide an ARCH_SUPPORTS variable. Like this:
config BR2_PACKAGE_LIBSPDM_CPU_FAMILY
string
default "arc" if BR2_arcle || BR2_arceb
default "arm" if BR2_arm || BR2_armeb
default "aarch64" if BR2_aarch64 || BR2_aarch64_be
default "ia32" if BR2_i386
default "riscv32" if BR2_riscv && BR2_RISCV_32
default "riscv64" if BR2_riscv && BR2_RISCV_64
default "x64" if BR2_x86_64
config BR2_PACKAGE_LIBSPDM_ARCH_SUPPORTS
bool
default y if BR2_PACKAGE_LIBSPDM_CPU_FAMILY != ""
config BR2_PACKAGE_LIBSPDM
bool "libspdm"
depends on BR2_PACKAGE_LIBSPDM_ARCH_SUPPORTS
select BR2_PACKAGE_OPENSSL
select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL
help
libspdm is a sample implementation that follows
the DMTF SPDM specifications
https://github.com/DMTF/libspdm
However, here is the problem: it doesn't build on ARM. Indeed, while
libspdm itself is OK with building on ARM, its OpenSSL backend is not,
causing this build failure:
CMake Error at os_stub/cryptlib_openssl/CMakeLists.txt:25 (MESSAGE):
Unknown ARCH
Two solutions here:
(1) Only support the architectures that are supported by the OpenSSL
backend
(2) Also support the mbedtls backend, with the appropriate architecture
dependencies.
> +LIBSPDM_INSTALL_STAGING = YES
> +
> +LIBSPDM_DEPENDENCIES = openssl
> +
> +LIBSPDM_TARGET_CPU_FAMILY = $(call qstrip,$(BR2_PACKAGE_LIBSPDM_CPU_FAMILLY))
^^^^^^^ FAMILY
> +define LIBSPDM_INSTALL_STAGING_CMDS
> + $(INSTALL) -m 0755 -t $(STAGING_DIR)/usr/lib/ $(@D)/lib/*
> +
> + mkdir -p $(STAGING_DIR)/usr/include/libspdm/
> + cp -dpfr $(@D)/include/* $(STAGING_DIR)/usr/include/libspdm/
> +
> + $(INSTALL) -d $(STAGING_DIR)/usr/include/libspdm/os_stub/spdm_crypt_ext_lib
> + $(INSTALL) -D -m 0755 $(@D)/os_stub/spdm_crypt_ext_lib/*.h $(STAGING_DIR)/usr/include/libspdm/os_stub/spdm_crypt_ext_lib
Please be consistent: always create the directory with mkdir -p, always
copy the files with cp -dpfr. So:
define LIBSPDM_INSTALL_STAGING_CMDS
mkdir -p $(STAGING_DIR)/usr/lib
cp -dpfr $(@D)/lib/* $(STAGING_DIR)/usr/lib/
mkdir -p $(STAGING_DIR)/usr/include/libspdm/
cp -dpfr $(@D)/include/* $(STAGING_DIR)/usr/include/libspdm/
mkdir -p $(STAGING_DIR)/usr/include/libspdm/os_stub/spdm_crypt_ext_lib
cp -dpfr $(@D)/os_stub/spdm_crypt_ext_lib/*.h \
$(STAGING_DIR)/usr/include/libspdm/os_stub/spdm_crypt_ext_lib/
endef
Thanks a lot!
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
prev parent reply other threads:[~2023-09-02 13:29 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-30 5:36 [Buildroot] [PATCH v3] package/libspdm: new package Alistair Francis
2023-09-02 13:28 ` Thomas Petazzoni via buildroot [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230902152859.42d5673d@windsurf \
--to=buildroot@buildroot.org \
--cc=alistair.francis@wdc.com \
--cc=alistair23@gmail.com \
--cc=s.martin49@gmail.com \
--cc=thomas.petazzoni@bootlin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox