summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEtienne Cordonnier <ecordonnier@snap.com>2026-06-12 17:33:38 +0200
committerKhem Raj <khem.raj@oss.qualcomm.com>2026-06-14 23:13:32 -0700
commit7d56eec7106be37be31d1645412f2052737d0ed7 (patch)
tree114d08c40aa051e49cab196925d58fc2372b0d6d
parentdfe448d205a77aaceb4e1acecf9d717cb0071001 (diff)
downloadmeta-openembedded-7d56eec7106be37be31d1645412f2052737d0ed7.tar.gz
android-libboringssl: add new recipe for BoringSSL shared libraries
Add a recipe shipping the BoringSSL shared libraries required by android-tools-adbd. BoringSSL is the TLS/crypto library used by adbd for ADB authentication. The libraries are installed under ${libdir}/android/ to avoid conflicting with the system libcrypto/libssl in the sysroot. A SOVERSION=0 patch is applied so Yocto's standard .so / .so.0 packaging split works correctly. An ld.so.conf.d drop-in registers ${libdir}/android so binaries can find the libraries at runtime. This recipe is tightly coupled to android-tools: update it together when upgrading android-tools to a new version. AI-Generated: Uses GitHub Copilot (Claude Sonnet 4.6) Signed-off-by: Mihajlo Marinkovic <mmarinkovic@snap.com> Co-authored-by: Etienne Cordonnier <ecordonnier@snap.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
-rw-r--r--meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch62
-rw-r--r--meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub22
-rw-r--r--meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc1
-rw-r--r--meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+r45.bb70
4 files changed, 155 insertions, 0 deletions
diff --git a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch
new file mode 100644
index 0000000000..74ad93aa8d
--- /dev/null
+++ b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch
@@ -0,0 +1,62 @@
1From 03a13ef3ea786286d9317562647e9856c1b71736 Mon Sep 17 00:00:00 2001
2From: Etienne Cordonnier <ecordonnier@snap.com>
3Date: Thu, 11 Jun 2026 00:00:00 +0000
4Subject: [PATCH] cmake: add SOVERSION 0 to crypto and ssl shared libraries
5
6BoringSSL's CMakeLists.txt does not set SOVERSION, so the built shared
7libraries have no SONAME embedded and cmake names them libcrypto.so /
8libssl.so without any version suffix. This causes two problems in a
9Yocto build:
10
111. The Yocto QA check "dev-so" rejects unversioned .so symlinks in
12 non-dev packages, but those symlinks are required at runtime because
13 the DT_NEEDED entry in binaries that link against BoringSSL refers to
14 the bare libcrypto.so name.
15
162. Standard Yocto FILES patterns split libraries by suffix: .so.* goes
17 into the runtime package and .so symlinks go into -dev. Without a
18 SOVERSION these patterns do not apply correctly.
19
20Setting SOVERSION to 0 causes cmake to:
21 - build libcrypto.so.0 as the real ELF with SONAME=libcrypto.so.0
22 - create libcrypto.so as a development symlink
23
24Binaries linked with -l:libcrypto.so.0 (as android-tools does) will
25record DT_NEEDED=libcrypto.so.0 and resolve correctly at runtime.
26
27Upstream-Status: Inappropriate [OE-specific packaging requirement]
28Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
29---
30 crypto/CMakeLists.txt | 2 ++
31 ssl/CMakeLists.txt | 2 ++
32 2 files changed, 4 insertions(+)
33
34diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt
35index cdb5ddc..fca86cc 100644
36--- a/crypto/CMakeLists.txt
37+++ b/crypto/CMakeLists.txt
38@@ -327,6 +327,8 @@ endif()
39
40 set_target_properties(crypto PROPERTIES LINKER_LANGUAGE C)
41
42+set_target_properties(crypto PROPERTIES SOVERSION 0)
43+
44 if(WIN32)
45 target_link_libraries(crypto ws2_32)
46 endif()
47diff --git a/ssl/CMakeLists.txt b/ssl/CMakeLists.txt
48index d8d997e..e49b350 100644
49--- a/ssl/CMakeLists.txt
50+++ b/ssl/CMakeLists.txt
51@@ -46,6 +46,8 @@ install_if_enabled(TARGETS ssl EXPORT OpenSSLTargets ${INSTALL_DESTINATION_DEFAU
52 set_property(TARGET ssl PROPERTY EXPORT_NAME SSL)
53 target_link_libraries(ssl crypto)
54
55+set_target_properties(ssl PROPERTIES SOVERSION 0)
56+
57 add_executable(
58 ssl_test
59
60--
612.43.0
62
diff --git a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub
new file mode 100644
index 0000000000..de63f38c9c
--- /dev/null
+++ b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub
@@ -0,0 +1,22 @@
1#!/bin/sh
2if [ "$1" = "run" ] && [ "$2" = "util/embed_test_data.go" ]; then
3 echo 'extern const int boringssl_dummy_crypto_test_data = 0;'
4 exit 0
5fi
6if [ "$1" = "run" ] && [ "$2" = "err_data_generate.go" ]; then
7 cat <<'EOF'
8#include <stddef.h>
9#include <stdint.h>
10
11const uint32_t kOpenSSLReasonValues[] = {0};
12const size_t kOpenSSLReasonValuesLen = 0;
13const char kOpenSSLReasonStringData[] = "";
14EOF
15 exit 0
16fi
17if [ "$1" = "version" ]; then
18 echo 'go version go0.0.0 yocto/stub'
19 exit 0
20fi
21echo "Unexpected Go invocation: $*" >&2
22exit 1
diff --git a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc
new file mode 100644
index 0000000000..7477536281
--- /dev/null
+++ b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc
@@ -0,0 +1 @@
int boringssl_dummy_gtest_translation_unit = 0;
diff --git a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+r45.bb b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+r45.bb
new file mode 100644
index 0000000000..fccf6e0dff
--- /dev/null
+++ b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+r45.bb
@@ -0,0 +1,70 @@
1DESCRIPTION = "BoringSSL shared libraries for android-tools"
2SECTION = "libs"
3# This recipe is tightly coupled to android-tools: when upgrading android-tools,
4# update this recipe to the BoringSSL version shipped in the corresponding Debian
5# android-platform-tools source package.
6# BoringSSL is a fork of OpenSSL; new files carry ISC license, OpenSSL license
7# covers the forked parts.
8LICENSE = "OpenSSL & ISC"
9LIC_FILES_CHKSUM = "file://LICENSE;md5=2ca501bc96ce9ed0814e2c592c3f9593"
10
11SRC_URI = " \
12 https://deb.debian.org/debian/pool/main/a/android-platform-external-boringssl/android-platform-external-boringssl_${PV}.orig.tar.xz \
13 file://boringssl-go-stub \
14 file://boringssl-gtest-stub.cc \
15 file://0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch \
16"
17SRC_URI[md5sum] = "83d24d2f3136ba6a486b5464369b91b4"
18SRC_URI[sha256sum] = "f9223e8c15ad5d9e3f1cd50861f4c272658864661e2332bea5d60952aa0930cd"
19
20# The Debian orig tarball unpacks to android-platform-external-boringssl-${PV}/
21# with the actual source under a src/ subdirectory.
22S = "${UNPACKDIR}/android-platform-external-boringssl-${PV}/src"
23
24inherit cmake
25
26CFLAGS:append = " -Wno-discarded-qualifiers"
27
28OECMAKE_TARGET_COMPILE = "crypto ssl"
29
30EXTRA_OECMAKE = " \
31 -DBUILD_SHARED_LIBS=ON \
32 -DBUILD_TESTING=OFF \
33 -DCMAKE_BUILD_TYPE=RelWithDebInfo \
34 -DGO_EXECUTABLE=${WORKDIR}/hosttools/go \
35"
36
37do_configure:prepend() {
38 install -d ${WORKDIR}/hosttools
39 install -m 0755 ${UNPACKDIR}/boringssl-go-stub ${WORKDIR}/hosttools/go
40
41 # BoringSSL builds its own minimal gtest from third_party/googletest; provide
42 # an empty stub .cc. We only build the crypto and ssl targets so the test
43 # source files are never compiled, but cmake still needs gtest-all.cc to
44 # exist to create the boringssl_gtest target.
45 if [ ! -f ${S}/third_party/googletest/src/gtest-all.cc ]; then
46 install -d ${S}/third_party/googletest/src
47 install -m 0644 ${UNPACKDIR}/boringssl-gtest-stub.cc \
48 ${S}/third_party/googletest/src/gtest-all.cc
49 fi
50}
51do_install() {
52 # Install headers under a boringssl/ subdirectory to avoid shadowing the
53 # system OpenSSL headers in the sysroot.
54 install -d ${D}${includedir}/boringssl
55 cp -a ${S}/include/openssl ${D}${includedir}/boringssl/
56
57 # Install shared libraries under ${libdir}/android/ to avoid conflicting
58 # with the system libssl/libcrypto in the sysroot.
59 install -d ${D}${libdir}/android
60 install -m 0755 ${B}/crypto/libcrypto.so.0 ${D}${libdir}/android/libcrypto.so.0
61 ln -sf libcrypto.so.0 ${D}${libdir}/android/libcrypto.so
62 install -m 0755 ${B}/ssl/libssl.so.0 ${D}${libdir}/android/libssl.so.0
63 ln -sf libssl.so.0 ${D}${libdir}/android/libssl.so
64
65}
66
67FILES:${PN}-dev = "${includedir}/boringssl ${libdir}/android/libcrypto.so ${libdir}/android/libssl.so"
68FILES:${PN} = "${libdir}/android/libcrypto.so.0 ${libdir}/android/libssl.so.0"
69
70BBCLASSEXTEND = "native"