[OE-core] [PATCH] ovmf: fix secureboot PACKAGECONFIG + OpenSSL update
Alexander Kanavin
alexander.kanavin at linux.intel.com
Fri Jun 16 11:24:15 UTC 2017
On 06/16/2017 12:53 PM, Patrick Ohly wrote:
> The recent ovmf update broke secureboot because upstream changed the
> +OPENSSL_RELEASE = "openssl-1.1.0e"
> +
> SRC_URI_append_class-target = " \
> - ${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'http://www.openssl.org/source/openssl-1.0.2j.tar.gz;name=openssl;subdir=${S}/CryptoPkg/Library/OpensslLib', '', d)} \
> + ${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'http://www.openssl.org/source/${OPENSSL_RELEASE}.tar.gz;name=openssl;subdir=${S}/CryptoPkg/Library/OpensslLib', '', d)} \
Is it possible to make ovmf use an externally built openssl (that is,
the one that is provided by the openssl recipe)?
Given openssl's baggage of major security issues, I really do not want
to have more than one copy of it in oe-core.
Alex
More information about the Openembedded-core
mailing list