Re: [PATCH] openssl: disable cryptodev by default

From: Martin Jansa <martin.jansa@gmail.com>
To: Ross Burton <ross.burton@intel.com>
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [PATCH] openssl: disable cryptodev by default
Date: Wed, 8 Mar 2017 18:05:33 +0100	[thread overview]
Message-ID: <20170308170533.GE3279@jama> (raw)
In-Reply-To: <1488992224-2962-1-git-send-email-ross.burton@intel.com>

[-- Attachment #1: Type: text/plain, Size: 2251 bytes --]

On Wed, Mar 08, 2017 at 04:57:04PM +0000, Ross Burton wrote:
> Cryptodev is a way for userspace to access the kernel crypto drivers (and so,
> hardware crypto).
> 
> Not all hardware supports cryptodev so this is something that should be enabled
> in a BSP layer instead of in oe-core.

How is BSP layer supposed to enable this without being considered toxic
to all other layers which might support MACHINEs with the same
TUNE_PKGARCH?

> Signed-off-by: Ross Burton <ross.burton@intel.com>
> ---
>  meta/recipes-connectivity/openssl/openssl.inc       | 2 ++
>  meta/recipes-connectivity/openssl/openssl_1.0.2k.bb | 5 -----
>  2 files changed, 2 insertions(+), 5 deletions(-)
> 
> diff --git a/meta/recipes-connectivity/openssl/openssl.inc b/meta/recipes-connectivity/openssl/openssl.inc
> index 9afa5bd..03dee0e 100644
> --- a/meta/recipes-connectivity/openssl/openssl.inc
> +++ b/meta/recipes-connectivity/openssl/openssl.inc
> @@ -15,7 +15,9 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
>            "
>  S = "${WORKDIR}/openssl-${PV}"
>  
> +PACKAGECONFIG ??= ""
>  PACKAGECONFIG[perl] = ",,,"
> +PACKAGECONFIG[cryptodev] = "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS,-UHAVE_CRYPTODEV,cryptodev-linux"
>  
>  AR_append = " r"
>  TERMIO_libc-musl = "-DTERMIOS"
> diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb
> index 1973f81..4436ba3 100644
> --- a/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb
> +++ b/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb
> @@ -1,10 +1,5 @@
>  require openssl.inc
>  
> -# For target side versions of openssl enable support for OCF Linux driver
> -# if they are available.
> -DEPENDS += "cryptodev-linux"
> -
> -CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS"
>  CFLAG_append_class-native = " -fPIC"
>  
>  LIC_FILES_CHKSUM = "file://LICENSE;md5=27ffa5d74bb5a337056c14b2ef93fbf6"
> -- 
> 2.8.1
> 
> -- 
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core

-- 
Martin 'JaMa' Jansa     jabber: Martin.Jansa@gmail.com

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 201 bytes --]