svn commit: r344566 - in head: lib share/mk tools/build/options

Mon, 25 Feb 2019 22:12:05 -0800 

Author: sjg
Date: Tue Feb 26 06:11:01 2019
New Revision: 344566
URL: https://svnweb.freebsd.org/changeset/base/344566

Log:
  Enable build of libbearssl
  
  Reviewed by:  emaste
  Sponsored by: Juniper Networks
  Differential Revision:        D16337

Added:
  head/tools/build/options/WITH_BEARSSL   (contents, props changed)
  head/tools/build/options/WITH_LOADER_VERIEXEC   (contents, props changed)
  head/tools/build/options/WITH_VERIEXEC   (contents, props changed)
Modified:
  head/lib/Makefile
  head/share/mk/src.libnames.mk
  head/share/mk/src.opts.mk

Modified: head/lib/Makefile
==============================================================================
--- head/lib/Makefile   Tue Feb 26 06:09:10 2019        (r344565)
+++ head/lib/Makefile   Tue Feb 26 06:11:01 2019        (r344566)
@@ -133,6 +133,7 @@ SUBDIR_DEPEND_libpcap= ofed
 # NB: keep these sorted by MK_* knobs
 
 SUBDIR.${MK_ATM}+=     libngatm
+SUBDIR.${MK_BEARSSL}+= libbearssl libsecureboot
 SUBDIR.${MK_BLACKLIST}+=libblacklist
 SUBDIR.${MK_BLUETOOTH}+=libbluetooth libsdp
 SUBDIR.${MK_BSNMP}+=   libbsnmp
@@ -204,6 +205,7 @@ SUBDIR.${MK_TESTS}+=        tests
 SUBDIR.${MK_UNBOUND}+= libunbound
 SUBDIR.${MK_USB}+=     libusbhid libusb
 SUBDIR.${MK_OFED}+=    ofed
+SUBDIR.${MK_VERIEXEC}+=        libveriexec
 SUBDIR.${MK_ZFS}+=     libbe
 
 .if !make(install)

Modified: head/share/mk/src.libnames.mk
==============================================================================
--- head/share/mk/src.libnames.mk       Tue Feb 26 06:09:10 2019        
(r344565)
+++ head/share/mk/src.libnames.mk       Tue Feb 26 06:11:01 2019        
(r344566)
@@ -210,6 +210,21 @@ _LIBRARIES+= \
                osmvendor
 .endif
 
+.if ${MK_BEARSSL} == "yes"
+_INTERNALLIBS+= \
+               bearssl \
+               secureboot \
+
+LIBBEARSSL?=   ${LIBBEARSSLDIR}/libbearssl${PIE_SUFFIX}.a
+LIBSECUREBOOT?=        ${LIBSECUREBOOTDIR}/libsecureboot${PIE_SUFFIX}.a
+.endif
+
+.if ${MK_VERIEXEC} == "yes"
+_INTERNALLIBS+= veriexec
+
+LIBVERIEXEC?=  ${LIBVERIEXECDIR}/libveriexec${PIE_SUFFIX}.a
+.endif
+
 # Each library's LIBADD needs to be duplicated here for static linkage of
 # 2nd+ order consumers.  Auto-generating this would be better.
 _DP_80211=     sbuf bsdxml

Modified: head/share/mk/src.opts.mk
==============================================================================
--- head/share/mk/src.opts.mk   Tue Feb 26 06:09:10 2019        (r344565)
+++ head/share/mk/src.opts.mk   Tue Feb 26 06:11:01 2019        (r344566)
@@ -194,6 +194,7 @@ __DEFAULT_YES_OPTIONS = \
     ZONEINFO
 
 __DEFAULT_NO_OPTIONS = \
+    BEARSSL \
     BSD_GREP \
     CLANG_EXTRAS \
     DTRACE_TESTS \
@@ -219,6 +220,8 @@ __DEFAULT_NO_OPTIONS = \
 __DEFAULT_DEPENDENT_OPTIONS= \
        CLANG_FULL/CLANG \
        LLVM_TARGET_ALL/CLANG \
+       LOADER_VERIEXEC/BEARSSL \
+       VERIEXEC/BEARSSL \
 
 # MK_*_SUPPORT options which default to "yes" unless their corresponding
 # MK_* variable is set to "no".

Added: head/tools/build/options/WITH_BEARSSL
==============================================================================
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/tools/build/options/WITH_BEARSSL       Tue Feb 26 06:11:01 2019        
(r344566)
@@ -0,0 +1,11 @@
+.\" $FreeBSD$
+Build the BearSSL library.
+.Pp
+BearSSL is a tiny SSL library suitable for embedded environments.
+For details see
+.Lk http://www.BearSSL.org/
+.Pp
+This library is currently only used to perform
+signature verification and related operations
+for Verified Exec and
+.Xr loader 8 .

Added: head/tools/build/options/WITH_LOADER_VERIEXEC
==============================================================================
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/tools/build/options/WITH_LOADER_VERIEXEC       Tue Feb 26 06:11:01 
2019        (r344566)
@@ -0,0 +1,7 @@
+.\" $FreeBSD$
+Enable building
+.Xr loader 8
+with support for verifcation similar to Verified Exec.
+.Pp
+It depends on
+.Va WITH_BEARSSL

Added: head/tools/build/options/WITH_VERIEXEC
==============================================================================
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/tools/build/options/WITH_VERIEXEC      Tue Feb 26 06:11:01 2019        
(r344566)
@@ -0,0 +1,9 @@
+.\" $FreeBSD$
+Enable building
+.Xr veriexec 8
+which loads the contents of verified manifests into the kernel
+for use by
+.Xr mac_veriexec 4
+.Pp
+It depends on
+.Va WITH_BEARSSL
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to