From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=AaGC=PK=lists.denx.de=u-boot-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id B6099C433EF
	for <u-boot@archiver.kernel.org>; Fri, 22 Oct 2021 16:47:50 +0000 (UTC)
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id E9F206115B
	for <u-boot@archiver.kernel.org>; Fri, 22 Oct 2021 16:47:49 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org E9F206115B
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.denx.de
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 39B0E83458;
	Fri, 22 Oct 2021 18:47:47 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=debian.org
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Received: by phobos.denx.de (Postfix, from userid 109)
 id D067E834C1; Fri, 22 Oct 2021 18:47:45 +0200 (CEST)
Received: from cascadia.aikidev.net (cascadia.aikidev.net [173.255.214.101])
 by phobos.denx.de (Postfix) with ESMTP id C8075833AE
 for <u-boot@lists.denx.de>; Fri, 22 Oct 2021 18:47:41 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=none (p=none dis=none) header.from=debian.org
Authentication-Results: phobos.denx.de;
 spf=none smtp.mailfrom=vagrant@debian.org
Received: from localhost (unknown [IPv6:2600:3c01:e000:21:21:21:0:100b])
 (Authenticated sender: vagrant@cascadia.debian.net)
 by cascadia.aikidev.net (Postfix) with ESMTPSA id 0EB971AA2C;
 Fri, 22 Oct 2021 09:47:40 -0700 (PDT)
From: Vagrant Cascadian <vagrant@debian.org>
To: Tom Rini <trini@konsulko.com>, Andre Przywara <andre.przywara@arm.com>
Cc: Marek =?utf-8?Q?Beh=C3=BAn?= <marek.behun@nic.cz>, Peter Robinson
 <pbrobinson@gmail.com>,
 Matthias Brugger <mbrugger@suse.com>, Heinrich Schuchardt
 <heinrich.schuchardt@canonical.com>, Samuel Holland <samuel@sholland.org>,
 Pali =?utf-8?Q?Roh=C3=A1r?= <pali@kernel.org>, u-boot@lists.denx.de, Jagan
 Teki <jagan@amarulasolutions.com>, "Alex G ." <mr.nuke.me@gmail.com>, Artem
 Lapkin <email2tema@gmail.com>, Priyanka Jain <priyanka.jain@nxp.com>,
 Sughosh Ganu <sughosh.ganu@linaro.org>
Subject: Re: [PATCH v4 1/4] tools: Separate image types which depend on OpenSSL
In-Reply-To: <20211022162219.GK3577824@bill-the-cat>
References: <20211020024455.48136-2-samuel@sholland.org>
 <20211020072925.drf6622qhq4yykg6@pali>
 <20211020142902.12219c45@donnerap.cambridge.arm.com>
 <20211020134752.62k4fxukucj5rodh@pali>
 <f459f316-6636-c3c5-7878-761590831d3a@sholland.org>
 <20211021150048.59bb90d6@thinkpad>
 <eb5afb53-5a9a-e4ba-2b32-551a65406110@canonical.com>
 <20211022165922.22164ef8@thinkpad> <20211022150927.GJ3577824@bill-the-cat>
 <20211022165609.1725e93b@donnerap.cambridge.arm.com>
 <20211022162219.GK3577824@bill-the-cat>
Date: Fri, 22 Oct 2021 09:47:35 -0700
Message-ID: <87v91pnh08.fsf@yucca>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de
X-Virus-Status: Clean

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

On 2021-10-22, Tom Rini wrote:
> On Fri, Oct 22, 2021 at 04:56:09PM +0100, Andre Przywara wrote:
>> On Fri, 22 Oct 2021 11:09:27 -0400
>> Tom Rini <trini@konsulko.com> wrote:

>> > On Fri, Oct 22, 2021 at 04:59:22PM +0200, Marek Beh=C3=BAn wrote:
>> > > On Fri, 22 Oct 2021 12:09:19 +0200
>> > > Heinrich Schuchardt <heinrich.schuchardt@canonical.com> wrote:
>> > >=20=20=20
>> > > > On 10/21/21 15:00, Marek Beh=C3=BAn wrote:=20=20
>> > > > > BTW, wouldn't it be enough to simply imply TOOLS_LIBCRYPTO for m=
vebu
>> > > > > platform in Kconfig?
>> > > > >=20=20=20=20=20
>> > > >=20
>> > > > We should only use 'imply' for suggested settings and never for ha=
rd=20
>> > > > requirements. TOOLS_LIBCRYPTO already defaults to 'Y'. So implying=
 it=20
>> > > > for mvebu would be redundant.
>> > > >=20
>> > > > In an OS distribution we only want to ship a single version of mki=
mage.=20
>> > > > So it is good to elimate symbol CONFIG_MXS.
>> > > >=20
>> > > > How mkimage is built should not depend on CONFIG_TOOLS_LIBCRYPTO.
>> > > >=20
>> > > > Tom wrote regarding this aspect in=20
>> > > > https://lists.denx.de/pipermail/u-boot/2021-September/460251.html:
>> > > >=20
>> > > > "if we're building a generically useful tool, we don't want another
>> > > > symbol for it."=20=20
>> > >=20
>> > > OK, so mkimage and dumpimage should be always generic and always
>> > > support all platforms, that makes sense, since the tools can be
>> > > installed as a distribution package.
>> > >=20
>> > > But I still think it should be possible to cripple these tools if the
>> > > developer wants to disable libcrypto due to embedded environment.=20=
=20
>>=20
>> Well, I don't think this is the real question here, is it?
>> I think the tools part is clear: distros want to build just mkimage,
>> supporting as many platforms as possible, and might need to avoid OpenSS=
L.
>> This should be covered by TOOLS_LIBCRYPTO=3D[yn] and "make
>> tools-only_defconfg && make tools", and Samuel's patch actually fixes the
>> build (at least somewhat, I still get link errors).
>
> The problem is, are distros doing a tools-only build, for tools, or are
> they doing it per board?  Like, hey, ugh, OpenEmbedded uses
> sandbox_defconfig and cross_tools as the targets.  That's not quite what
> I was hoping to see.  So I want to know everyone else is doing, rather
> than we hope they're doing.

Thanks for bringing this to my attention!

In Debian, the u-boot-tools package is built using tools-only, and for
each of the board-specific targets, it still ends up building the
relevent tools, but we throw them away and do not ship them in any
packages.

With 2021.10, the board-specific builds made it harder to avoid openssl
with the corresponding tools, and I reluctantly added a dependency on
openssl... (which is technically permitted in Debian, having declared
openssl as a system library to avoid the GPL incompatibilities, but
... meh.)

I also have been doing some packaging of u-boot for GNU Guix, where I
suspect the stance wouldn't be as willing to accept such a compromise...

So... I would *love* an option to be able to build a board-only config
without any of the tools; do some boards use board-specific tools as
part of their build processes?


live well,
  vagrant

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCYXLrKAAKCRDcUY/If5cW
qqaYAQDNQq1P9YVc5CT2npAAl6xfPvCy84OgAvuJwRYAEDK75AD/WP0iALgpCwDm
R+h9bp83C9OawGLXO/jFC6hMvEgRaAs=
=T3w7
-----END PGP SIGNATURE-----
--=-=-=--