| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Enable it to offload crypto operation on Qoriq platforms.
Signed-off-by: Ting Liu <ting.liu@nxp.com>
|
| |
|
|
|
|
|
|
| |
Instead of maintaing 98% copy of OE-core recipe without being up-to-date
as good as possible, inject patches into OE-core recipe of openssl when
compiling for the right platform.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
|
| |
|
|
|
|
|
|
|
|
| |
Upgrade openssl-qoriq to 1.1.1f and rebase LSDK-20.04 changes on it, which
causes in two patches for QorIQ:
* 0001-eng_devcrypto-add-support-for-TLS-algorithms-offload.patch
* 0002-eng_devcrypto-add-support-for-TLS1.2-algorithms-offl.patch
Signed-off-by: Jens Rehsack <sno@netbsd.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*update to lsdk 1909 tag
include the following changes:
894da2f - Prepare for 1.1.1d release
1cb7eff - Update copyright year
a95b081 - Remove duplicate CHANGES entry
08229ad - Fix a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
7ff84d8 - Update CHANGES and NEWS for the new release
79f5e2f - Fix a potential crash in rand_unix.c
1d36536 - Fix a strict warnings error in rand_pool_acquire_entropy
6318018 - drbg: fix issue where DRBG_CTR fails if NO_DF is used (2nd attempt)
5520695 - drbg: add fork id to additional data on UNIX systems
1b0fe00 - drbg: ensure fork-safety without using a pthread_atfork handler
73a683b - [test] ECC: check the bounds for auto computing cofactor
827eab4 - Fix build with VS2008
4bf9781 - Use BN_clear_free in DH_set0_key
8003138 - DH_check_pub_key_ex was accidentally calling DH_check, so results were undefined.
1f9dc86 - Change DH_generate_parameters back to order 2q subgroup
288241b - Fix spacing nit in test/ectest.c
9a43a73 - [ec] Match built-in curves on EC_GROUP_new_from_ecparameters
ad9c296 - Configure: clang: move -Wno-unknown-warning-option to the front
9580391 - Append CVE-2019-1547 to related CHANGES entry
87bea65 - Remove x86/x86_64 BSAES and AES_ASM support
a6186f3 - CHANGES entry: for ECC parameters with NULL or zero cofactor, compute it
eb1ec38 - [test] computing ECC cofactors: regression test
30c22fa - [crypto/ec] for ECC parameters with NULL or zero cofactor, compute it
ed0ac11 - [ec/ecp_nistp*.c] restyle: use {} around `else` too
Signed-off-by: Chunrong Guo <chunrong.guo@nxp.com>
|
| |
|
|
|
|
|
| |
*fix missing dependency on hostperl-runtime-native
*drop Python dependency in ptest
Signed-off-by: Chunrong Guo <chunrong.guo@nxp.com>
|
| |
|
|
|
|
|
|
| |
*update to lsdk 1903 tag
include the following changes
472c9c3 - crypto/engine/eng_cryptodev.c: fix bignum<->crp conversion
Signed-off-by: Chunrong Guo <chunrong.guo@nxp.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
getVar() has been defaulting to expanding by default for
a long time (2016), thus remove the True option from
getVar() calls with a regex search and replace.
Search & replace made using the following command:
sed -e 's|\(d\.getVar \?\)( \?\([^,()]*\), \?True)|\1(\2)|g' \
-i $(git grep -E 'getVar ?\( ?([^,()]*), ?True\)' \
| cut -d':' -f1 \
| sort -u)
Signed-off-by: André Draszik <andre.draszik@jci.com>
|
| |
|
|
|
| |
Signed-off-by: Chunrong Guo <chunrong.guo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*update to lsdk 1809 tag
include the following changes:
c2300d1 - eng_cryptodev: add support for TLS algorithms offload
b2758a2 - Prepare for 1.1.0g release
6190960 - Update CHANGES and NEWS for new release
4443cf7 - bn/asm/x86_64-mont5.pl: fix carry bug in bn_sqrx8x_internal.
b701fa8 - Fix small but important regression
ab91952 - Address a timing side channel whereby it is possible to determine some
7184480 - Address a timing side channel whereby it is possible to determine some
bb0c588 - Travis: Add a docs checking job
df45d1a - docs: assign section 7 where appropriate
847685c - doc/crypto/OPENSSL_secure_malloc: add missing names
4401e28 - docs: fixup OpenSSL version style
41d74a5 - Adapt util/find-doc-nits back to 1.1.0
7fb4278 - Fix EVP_PKEY_ASN1_METHOD manual
0d9fece - afalg: Fix kernel version check
a0c2626 - afalg: Use eventfd2 syscall instead of eventfd
605fa68 - EVP_PKEY_asn1_add0(): Check that this method isn't already registered
6088fb7 - Document EVP_PKEY_ASN1_METHOD and associated functions
5a3d24a - Only reset the ctx when a cipher is given
257a03c - Add missing paren.
*update to 1.1.1
Signed-off-by: Chunrong Guo <chunrong.guo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
| |
Signed-off-by: Chunrong Guo <chunrong.guo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. The patch tool will apply patches by default with "fuzz", which is where if the
hunk context isn't present but what is there is close enough, it will force the
patch in.
Whilst this is useful when there's just whitespace changes, when applied to
source it is possible for a patch applied with fuzz to produce broken code which
still compiles (see #10450). This is obviously bad.
We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For
that to be realistic the existing patches with fuzz need to be rebased and
reviewed
2. drop openssl-1.0.2a-x32-asm.patch
The patch was applied in a completely incorrect spot (due to fuzz),
no one noticed or complained. Meanwhile upstream says the issue
has been resolved differently:
https://rt.openssl.org/Ticket/Display.html?id=3759&user=guest&pass=guest
Signed-off-by: Chunrong Guo <chunrong.guo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
| |
Signed-off-by: Chunrong Guo <chunrong.guo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
| |
Signed-off-by: Chunrong Guo <chunrong.guo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
|
| |
These functions were moved to meta/lib/oe in 2010 and the base_* functions in
utils.bbclass were intended to be a short-term compatibility layer. They're
still used in a few places, so update the callers to use the new functions
Signed-off-by: Chunrong Guo <chunrong.guo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*Update URL to fetch qoriq-open-source github
*Update to b9e6572
This includes the following changes:
b9e6572 - eng_cryptodev: add support for TLS algorithms offload
b3a3bab - Prepare for 1.0.2l release
539c4d3 - make update
cde19ec - Update CHANGES and NEWS for new release
8ded5f1 - Ignore -rle and -comp when compiled with OPENSSL_NO_COMP. Fixes make test when configured with no-comp.
d130456 - Fix regression in openssl req -x509 behaviour.
7c300b9 - Remove notification settings from appveyor.yml
b020bf6 - Remove dead code.
ea3fc60 - Copy custom extension flags in a call to SSL_set_SSL_CTX()
4ae5993 - perlasm/x86_64-xlate.pl: work around problem with hex constants in masm.
16d78fb - Fix some error path logic in i2v_AUTHORITY_INFO_ACCESS and i2v_GENERAL_NAME
6b8fa5b - RT2867: des_ede3_cfb1 ignored "size in bits" flag
5453820 - Fix URL links in comment
d2335f3 - Fix time offset calculation.
13f70ae - Check fflush on BIO_ctrl call
de46e82 - Remove unnecessary loop in pkey_rsa_decrypt.
b99f102 - check length sanity before correcting in EVP_CTRL_AEAD_TLS1_AAD
fb2345a - Annotate ASN.1 attributes of the jurisdictionCountryName NID
60a70a5 - Fixed typo in X509_STORE_CTX_new description
74bcd77 - Numbers greater than 1 are usually non-negative.
e8f2e2f - pkeyutl exit with 0 if the verification succeeded
71d66c4 - Additional check to handle BAD SSL_write retry
a91bfe2 - crypto/ppccap.c: SIGILL-free processor capabilities detection on MacOS X.
3f524f7 - Ensure dhparams can handle X9.42 params in DER
1f3b0fe - Add missing macros for DHxparams
248cf95 - Fix for #2730. Add CRLDP extension to list of supported extensions
d75c56f - Free the compression methods in s_server and s_client
4bc46d - doc: Add stitched ciphers to EVP_EncryptInit.pod
8625e92 - doc: Add missing options in s_{server,client}
62f488d - Fix the error handling in CRYPTO_dup_ex_data.
144ab9b - Add documentation for SNI APIs
*Openssl git includes all qoriq patches so remove qoriq patches folder
Signed-off-by: Chunrong Guo <chunrong.guo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
| |
*install head file of iproute2
So that we can use them outside of iproute2 package
Signed-off-by: Chunrong Guo <chunrong.guo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
| |
Signed-off-by: Chunrong Guo <B40290@freescale.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
ix the following error:
| ../libcrypto.so: undefined reference to `spcf_bn2bin'
| ../libcrypto.so: undefined reference to `spcf_bn2bin_ex'
| collect2: error: ld returned 1 exit status
| make[2]: *** [link_app.gnu] Error 1
Change-Id: I24be02ccd7f587d6c67d443ac3a36206399a4702
Signed-off-by: Chunrong Guo <chunrong.guo@nxp.com>
Signed-off-by: Chunrong Guo <B40290@freescale.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
| |
Sync with oe-core recipe to make maintenance easier, copy all patches
and let both openssl recipe more similar.
Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
| |
Signed-off-by: Chunrong Guo <B40290@freescale.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
| |
Update is required in order to exploit the ARM-CE primitives available on
ARMv8 platfom. Performance goes from 6 Gbps to 60Gbps for 8K frame length
Signed-off-by: Mircea Pop <mircea.pop@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
| |
This synchronizes the OpenSSL recipe with OE-Core as well as includes
the CVE-2016-2178 and CVE-2016-2177 security fixes in this fork.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
| |
Fix the following build error:
| Can't locate find.pl in @INC (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.22.1 /usr/local/share/perl/5.22.1 /usr/lib/x86_64-linux-gnu/perl5/5.22 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.22 /usr/share/perl/5.22 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base .) at perlpath.pl line 7.
Signed-off-by: Zhenhua Luo <zhenhua.luo@nxp.com>
|
| |
|
|
|
|
|
|
|
| |
Based on oe-core openssl-1.0.2h, revision:
e49d337 meta: update patch metadata
extended with patches from fsl to enable more features.
Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com>
|
| |
|
|
|
|
|
|
|
| |
The following packages depend on extend Yocto community layers, move related
recipes to dynamic-layers.
* ipsec-demo asf fmc usdpaa-apps web-sysmon
Signed-off-by: Zhenhua Luo <zhenhua.luo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
| |
base_contains is deprecated.
Signed-off-by: Zhenhua Luo <zhenhua.luo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
All files in the test_setkey directory are being copied with
ownership preserved (cp -a).
* Change ownership of all files in test_setkey directory to
root:root
Signed-off-by: Noor <noor_ahsan@mentor.com>
Signed-off-by: Abdur Rehman <abdur_rehman@mentor.com>
Signed-off-by: Sujith Haridasan <Sujith_Haridasan@mentor.com>
Signed-off-by: Zhenhua Luo <zhenhua.luo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
|
|
|
| |
The value(--disable-static) of EXTRA_OECONF set by poky is not supported by openssl-qoriq-1.0.1i.
remove it to fix the following build error:
| Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]
| WARNING: .../poky/p4080ds/tmp/work/ppce500mc-poky-linux/openssl-qoriq/1.0.1i-r0/temp/run.do_configure.3739:1 exit 1 from 'perl ./Configure --disable-static shared --prefix=$useprefix --openssldir=/usr/lib/ssl --libdir=`basename /usr/lib` $target'
| ERROR: Function failed: do_configure (log file is located at .../poky/p4080ds/tmp/work/ppce500mc-poky-linux/openssl-qoriq/1.0.1i-r0/temp/log.do_configure.3739)
Signed-off-by: Zhenhua Luo <zhenhua.luo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The openssl recipe currently relies on EXTRA_OEMAKE having been set to
"-e MAKEFLAGS=" in bitbake.conf to operate. It is necessary to make this
explicit so that the default in bitbake.conf can be changed.
(Refer to OE-Core rev: a384ab5cb4701fd1c1475bca4449def66b42c799)
Signed-off-by: Ting Liu <ting.liu@nxp.com>
Signed-off-by: Zhenhua Luo <zhenhua.luo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
| |
Signed-off-by: Ting Liu <ting.liu@nxp.com>
Signed-off-by: Zhenhua Luo <zhenhua.luo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix the following parse error:
ERROR: Multiple .bb files are due to be built which each provide openssl
(.../meta-freescale/recipes-connectivity/openssl/openssl-qoriq_1.0.1i.bb
/poky/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb). This usually
means one provides something the other doesn't and should.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix the following build issues:
WARNING: Host distribution "Ubuntu-12.04" has not been validated with this version of the build system; you may possibly experience unexpected failures. It is recommended that you use a tested distribution.
WARNING: Unable to get checksum for openssl-qoriq SRC_URI entry configure-targets.patch: file could not be found | ETA: 00:00:10
WARNING: Unable to get checksum for openssl-qoriq SRC_URI entry shared-libs.patch: file could not be found
WARNING: Unable to get checksum for openssl-qoriq SRC_URI entry oe-ldflags.patch: file could not be found
WARNING: Unable to get checksum for openssl-qoriq SRC_URI entry engines-install-in-libdir-ssl.patch: file could not be found
WARNING: Unable to get checksum for openssl-qoriq SRC_URI entry openssl-fix-link.patch: file could not be found
WARNING: Unable to get checksum for openssl-qoriq SRC_URI entry version-script.patch: file could not be found
WARNING: Unable to get checksum for openssl-qoriq SRC_URI entry pic.patch: file could not be found
...
ERROR: Fetcher failure: Unable to find file file://configure-targets.patch anywhere. The paths that were searched were:
/local/home/b19537/workspace/poky-os/meta-freescale/recipes-connectivity/openssl/openssl-qoriq-1.0.1i/poky
...
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
| |
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
|
|
|
| |
* add bash in RDEPENDS
* define S to fix build warning
* use noexec attribute to disable function execution
* add COMPATIBLE_MACHINE
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
Acked-by: Daiane Angolini <daiane.angolini@freescale.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
|
|
| |
The QorIQ version of openssl needs to use another recipe name and have
a common provider, which is than choosen for QorIQ-based machines.
The recipe is now called 'openssl-qoriq' and it provides openssl so
the preferrence is set just for QorIQ based machines.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix the following error:
| ../libcrypto.so: undefined reference to `spcf_bn2bin'
| ../libcrypto.so: undefined reference to `spcf_bn2bin_ex'
| collect2: error: ld returned 1 exit status
| make[2]: *** [link_app.gnu] Error 1
Signed-off-by: Ting Liu <ting.liu@freescale.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
|
|
This commit is just a rename of all contents of meta-fsl-ppc
subdirectory to this layer's root, merging the contents of common
files, subsequent changes are based on top of that.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
