svn commit: r344566 - in head: lib share/mk tools/build/options
Simon J. Gerraty
sjg at FreeBSD.org
Tue Feb 26 06:11:03 UTC 2019
Author: sjg
Date: Tue Feb 26 06:11:01 2019
New Revision: 344566
URL: https://svnweb.freebsd.org/changeset/base/344566
Log:
Enable build of libbearssl
Reviewed by: emaste
Sponsored by: Juniper Networks
Differential Revision: D16337
Added:
head/tools/build/options/WITH_BEARSSL (contents, props changed)
head/tools/build/options/WITH_LOADER_VERIEXEC (contents, props changed)
head/tools/build/options/WITH_VERIEXEC (contents, props changed)
Modified:
head/lib/Makefile
head/share/mk/src.libnames.mk
head/share/mk/src.opts.mk
Modified: head/lib/Makefile
==============================================================================
--- head/lib/Makefile Tue Feb 26 06:09:10 2019 (r344565)
+++ head/lib/Makefile Tue Feb 26 06:11:01 2019 (r344566)
@@ -133,6 +133,7 @@ SUBDIR_DEPEND_libpcap= ofed
# NB: keep these sorted by MK_* knobs
SUBDIR.${MK_ATM}+= libngatm
+SUBDIR.${MK_BEARSSL}+= libbearssl libsecureboot
SUBDIR.${MK_BLACKLIST}+=libblacklist
SUBDIR.${MK_BLUETOOTH}+=libbluetooth libsdp
SUBDIR.${MK_BSNMP}+= libbsnmp
@@ -204,6 +205,7 @@ SUBDIR.${MK_TESTS}+= tests
SUBDIR.${MK_UNBOUND}+= libunbound
SUBDIR.${MK_USB}+= libusbhid libusb
SUBDIR.${MK_OFED}+= ofed
+SUBDIR.${MK_VERIEXEC}+= libveriexec
SUBDIR.${MK_ZFS}+= libbe
.if !make(install)
Modified: head/share/mk/src.libnames.mk
==============================================================================
--- head/share/mk/src.libnames.mk Tue Feb 26 06:09:10 2019 (r344565)
+++ head/share/mk/src.libnames.mk Tue Feb 26 06:11:01 2019 (r344566)
@@ -210,6 +210,21 @@ _LIBRARIES+= \
osmvendor
.endif
+.if ${MK_BEARSSL} == "yes"
+_INTERNALLIBS+= \
+ bearssl \
+ secureboot \
+
+LIBBEARSSL?= ${LIBBEARSSLDIR}/libbearssl${PIE_SUFFIX}.a
+LIBSECUREBOOT?= ${LIBSECUREBOOTDIR}/libsecureboot${PIE_SUFFIX}.a
+.endif
+
+.if ${MK_VERIEXEC} == "yes"
+_INTERNALLIBS+= veriexec
+
+LIBVERIEXEC?= ${LIBVERIEXECDIR}/libveriexec${PIE_SUFFIX}.a
+.endif
+
# Each library's LIBADD needs to be duplicated here for static linkage of
# 2nd+ order consumers. Auto-generating this would be better.
_DP_80211= sbuf bsdxml
Modified: head/share/mk/src.opts.mk
==============================================================================
--- head/share/mk/src.opts.mk Tue Feb 26 06:09:10 2019 (r344565)
+++ head/share/mk/src.opts.mk Tue Feb 26 06:11:01 2019 (r344566)
@@ -194,6 +194,7 @@ __DEFAULT_YES_OPTIONS = \
ZONEINFO
__DEFAULT_NO_OPTIONS = \
+ BEARSSL \
BSD_GREP \
CLANG_EXTRAS \
DTRACE_TESTS \
@@ -219,6 +220,8 @@ __DEFAULT_NO_OPTIONS = \
__DEFAULT_DEPENDENT_OPTIONS= \
CLANG_FULL/CLANG \
LLVM_TARGET_ALL/CLANG \
+ LOADER_VERIEXEC/BEARSSL \
+ VERIEXEC/BEARSSL \
# MK_*_SUPPORT options which default to "yes" unless their corresponding
# MK_* variable is set to "no".
Added: head/tools/build/options/WITH_BEARSSL
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/tools/build/options/WITH_BEARSSL Tue Feb 26 06:11:01 2019 (r344566)
@@ -0,0 +1,11 @@
+.\" $FreeBSD$
+Build the BearSSL library.
+.Pp
+BearSSL is a tiny SSL library suitable for embedded environments.
+For details see
+.Lk http://www.BearSSL.org/
+.Pp
+This library is currently only used to perform
+signature verification and related operations
+for Verified Exec and
+.Xr loader 8 .
Added: head/tools/build/options/WITH_LOADER_VERIEXEC
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/tools/build/options/WITH_LOADER_VERIEXEC Tue Feb 26 06:11:01 2019 (r344566)
@@ -0,0 +1,7 @@
+.\" $FreeBSD$
+Enable building
+.Xr loader 8
+with support for verifcation similar to Verified Exec.
+.Pp
+It depends on
+.Va WITH_BEARSSL
Added: head/tools/build/options/WITH_VERIEXEC
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/tools/build/options/WITH_VERIEXEC Tue Feb 26 06:11:01 2019 (r344566)
@@ -0,0 +1,9 @@
+.\" $FreeBSD$
+Enable building
+.Xr veriexec 8
+which loads the contents of verified manifests into the kernel
+for use by
+.Xr mac_veriexec 4
+.Pp
+It depends on
+.Va WITH_BEARSSL
More information about the svn-src-head
mailing list