[oe] [meta-oe][PATCH] cryptsetup: Add PACKAGECONFIG options

Peter Kjellerstedt peter.kjellerstedt at axis.com
Mon Jul 1 23:53:05 UTC 2019 

> -----Original Message-----
> From: Robert Joslyn <robert.joslyn at redrectangle.org>
> Sent: den 28 juni 2019 05:51
> To: Peter Kjellerstedt <peter.kjellerstedt at axis.com>; akuster808
> <akuster808 at gmail.com>; openembedded-devel at lists.openembedded.org
> Subject: Re: [oe] [meta-oe][PATCH] cryptsetup: Add PACKAGECONFIG
> options
> 
> On Thu, 2019-06-27 at 10:56 +0000, Peter Kjellerstedt wrote:
> > It is no longer possible to build cryptsetup-native after this was
> > merged.
> > It now fails with:
> >
> > ERROR: Nothing PROVIDES 'udev-native' (but virtual:native:.../meta-
> > oe/recipes-crypto/cryptsetup/cryptsetup_2.1.0.bb DEPENDS on or otherwise
> > requires it). Close matches:
> >   fuse-native
> >   unifdef-native
> >   db-native
> > ERROR: Required build target 'cryptsetup-native' has no buildable > providers.
> > Missing or unbuildable dependency chain was: ['cryptsetup-native', 'udev-native']
> >
> > This is with systemd in DISTRO_FEATURES.
> >
> > //Peter
> 
> Sorry about that. Is there a reasonable set of options useful for the
> native build? Any preference for an empty native PACKAGECONFIG or
> should it be the same as the target (minus udev obviously)?

I have no idea. I don't even know why cryptsetup-native is being built, 
all I know is that it can't depend on udev-native. Locally, I have fixed  
it by adding a bbappend with PACKAGECONFIG_remove_class-native = "udev", 
so now it builds again. For meta-oe I would instead suggest to add the 
udev feature using PACKAGECONFIG_append_class-target = " udev".

One thing that worries me though is that you stated in the commit message 
that the set of enabled PACKAGECONFIGs should match the default when no 
enable/disable options are specified. However, this does not seem to hold 
true for udev, as there was no dependency on udev before your change. So 
maybe udev should not be enabled by default for target either?

> Thanks,
> Robert

//Peter

> > > -----Original Message-----
> > > From: openembedded-devel-bounces at lists.openembedded.org
> <openembedded-
> > > devel-bounces at lists.openembedded.org> On Behalf Of Robert Joslyn
> > > Sent: den 7 juni 2019 05:46
> > > To: akuster808 <akuster808 at gmail.com>; openembedded-
> > > devel at lists.openembedded.org
> > > Subject: Re: [oe] [meta-oe][PATCH] cryptsetup: Add PACKAGECONFIG
> > > options
> > >
> > > On Thu, 2019-06-06 at 07:24 -0700, akuster808 wrote:
> > > > On 6/2/19 4:12 PM, Robert Joslyn wrote:
> > > > > Add various PACKAGECONFIG options, keeping the default options
> > > > > enabled.
> > > > the PACKCONFIG went from openssl to a lot more, how is that
> keeping
> > > > the
> > > > defaults?
> > >
> > > My intent was to add PACKAGECONFIG options, but to keep the
> resulting
> > > build the same as before. This should match the default options
> that
> > > are set by upstream when you don't specify any --enable or --
> disable
> > > options.
> > >
> > > I can send a v2 with a better description if desired.
> > >
> > > Thanks,
> > > Robert
> > >
> > > > > ---
> > > > >  .../cryptsetup/cryptsetup_2.1.0.bb            | 51
> > > > > ++++++++++++++++++-
> > > > >  1 file changed, 49 insertions(+), 2 deletions(-)
> > > > >
> > > > > diff --git a/meta-oe/recipes-
> crypto/cryptsetup/cryptsetup_2.1.0.bb
> > > > > b/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.1.0.bb
> > > > > index cf1d22242..51cecf5d2 100644
> > > > > --- a/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.1.0.bb
> > > > > +++ b/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.1.0.bb
> > > > > @@ -9,7 +9,12 @@ SECTION = "console"
> > > > >  LICENSE = "GPL-2.0-with-OpenSSL-exception"
> > > > >  LIC_FILES_CHKSUM =
> > > > > "file://COPYING;md5=32107dd283b1dfeb66c9b3e6be312326"
> > > > >
> > > > > -DEPENDS = "util-linux libdevmapper popt libgcrypt json-c"
> > > > > +DEPENDS = " \
> > > > > +    json-c \
> > > > > +    libdevmapper \
> > > > > +    popt \
> > > > > +    util-linux \
> > > > > +"
> > > > >
> > > > >  SRC_URI =
> "${KERNELORG_MIRROR}/linux/utils/${BPN}/v${@d.getVar('P
> > > > > V
> > > > >
> ').split('.')[0]}.${@d.getVar('PV').split('.')[1]}/${BP}.tar.xz"
> > > > >  SRC_URI[md5sum] = "41d8b985ef69242852b93e95d53e8e28"
> > > > > @@ -19,9 +24,45 @@ inherit autotools gettext pkgconfig
> > > > >
> > > > >  # Use openssl because libgcrypt drops root privileges
> > > > >  # if libgcrypt is linked with libcap support
> > > > > -PACKAGECONFIG ??= "openssl"
> > > > > +PACKAGECONFIG ??= " \
> > > > > +    keyring \
> > > > > +    cryptsetup \
> > > > > +    veritysetup \
> > > > > +    cryptsetup-reencrypt \
> > > > > +    integritysetup \
> > > > > +    ${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)} \
> > > > > +    udev \
> > > > > +    kernel_crypto \
> > > > > +    internal-argon2 \
> > > > > +    blkid \
> > > > > +    luks-adjust-xts-keysize \
> > > > > +    openssl \
> > > > > +"
> > > > > +
> > > > > +PACKAGECONFIG[keyring] = "--enable-keyring,--disable-keyring"
> > > > > +PACKAGECONFIG[fips] = "--enable-fips,--disable-fips"
> > > > > +PACKAGECONFIG[pwquality] = "--enable-pwquality,--disable-
> > > > > pwquality,libpwquality"
> > > > > +PACKAGECONFIG[passwdqc] = "--enable-passwdqc,--disable-
> > > > > passwdqc,passwdqc"
> > > > > +PACKAGECONFIG[cryptsetup] = "--enable-cryptsetup,--disable-
> > > > > cryptsetup"
> > > > > +PACKAGECONFIG[veritysetup] = "--enable-veritysetup,--disable-
> > > > > veritysetup"
> > > > > +PACKAGECONFIG[cryptsetup-reencrypt] = "--enable-cryptsetup-
> > > > > reencrypt,--disable-cryptsetup-reencrypt"
> > > > > +PACKAGECONFIG[integritysetup] = "--enable-integritysetup,
> > > > > --disable-integritysetup"
> > > > > +PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux"
> > > > > +PACKAGECONFIG[udev] = "--enable-udev,--disable-udev,udev"
> > > > > +PACKAGECONFIG[kernel_crypto] = "--enable-kernel_crypto,--
> disable-
> > > > > kernel_crypto"
> > > > > +# gcrypt-pkbdf2 requries --with-crypto_backend=gcrypt or the
> flag
> > > > > isn't
> > > > > +# recognized.
> > > > > +PACKAGECONFIG[gcrypt-pbkdf2] = "--enable-gcrypt-pbkdf2"
> > > > > +PACKAGECONFIG[internal-argon2] = "--enable-internal-argon2,
> > > > > --disable-internal-argon2"
> > > > > +PACKAGECONFIG[internal-sse-argon2] = "--enable-internal-sse-
> > > > > argon2,--disable-internal-sse-argon2"
> > > > > +PACKAGECONFIG[blkid] = "--enable-blkid,--disable-blkid,util-
> > > > > linux"
> > > > > +PACKAGECONFIG[dev-random] = "--enable-dev-random,--disable-
> dev-
> > > > > random"
> > > > > +PACKAGECONFIG[luks-adjust-xts-keysize] = "--enable-luks-
> adjust-
> > > > > xts-keysize,--disable-luks-adjust-xts-keysize"
> > > > >  PACKAGECONFIG[openssl] = "--with-
> crypto_backend=openssl,,openssl"
> > > > >  PACKAGECONFIG[gcrypt] = "--with-
> crypto_backend=gcrypt,,libgcrypt"
> > > > > +PACKAGECONFIG[nss] = "--with-crypto_backend=nss,,nss"
> > > > > +PACKAGECONFIG[kernel] = "--with-crypto_backend=kernel"
> > > > > +PACKAGECONFIG[nettle] = "--with-crypto_backend=nettle,,nettle"
> > > > >
> > > > >  RRECOMMENDS_${PN} = "kernel-module-aes-generic \
> > > > >                       kernel-module-dm-crypt \
> > > > > @@ -32,6 +73,12 @@ RRECOMMENDS_${PN} = "kernel-module-aes-
> generic
> > > > > \
> > > > >  "
> > > > >
> > > > >  EXTRA_OECONF = "--enable-static"
> > > > > +# Building without largefile is not supported by upstream
> > > > > +EXTRA_OECONF += "--enable-largefile"
> > > > > +# Requires a static popt library
> > > > > +EXTRA_OECONF += "--disable-static-cryptsetup"
> > > > > +# There's no recipe for libargon2 yet
> > > > > +EXTRA_OECONF += "--disable-libargon2"
> > > > >
> > > > >  FILES_${PN} +=
> "${@bb.utils.contains('DISTRO_FEATURES','systemd',
> > > > > '
> > > > > ${exec_prefix}/lib/tmpfiles.d/cryptsetup.conf', '', d)}"
> > > > >
> > >
> > > --
> > > _______________________________________________
> > > Openembedded-devel mailing list
> > > Openembedded-devel at lists.openembedded.org
> > > http://lists.openembedded.org/mailman/listinfo/openembedded-devel
>

More information about the Openembedded-devel mailing list