mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2026-03-20 19:21:09 +01:00
Merge pull request #10543 from gilles-peskine-arm/split-crypto-makefiles
Split crypto part of Mbed TLS makefiles
This commit is contained in:
Ronald Cron
@@ -1,4 +1,15 @@
|
||||
# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS
|
||||
CFLAGS ?= -O2
|
||||
WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
|
||||
WARNING_CXXFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral -std=c++11 -pedantic
|
||||
LDFLAGS ?=
|
||||
|
||||
PERL ?= perl
|
||||
|
||||
ifdef WINDOWS
|
||||
PYTHON ?= python
|
||||
else
|
||||
PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi)
|
||||
endif
|
||||
|
||||
ifndef MBEDTLS_PATH
|
||||
MBEDTLS_PATH := ..
|
||||
@@ -18,15 +29,14 @@ This is a fatal error
|
||||
endif
|
||||
include $(MBEDTLS_PATH)/framework/exported.make
|
||||
|
||||
CFLAGS ?= -O2
|
||||
WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
|
||||
WARNING_CXXFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral -std=c++11 -pedantic
|
||||
LDFLAGS ?=
|
||||
include $(MBEDTLS_PATH)/scripts/crypto-common.make
|
||||
|
||||
# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS
|
||||
|
||||
LOCAL_CFLAGS = $(WARNING_CFLAGS) -I$(MBEDTLS_TEST_PATH)/include \
|
||||
-I$(MBEDTLS_PATH)/framework/tests/include \
|
||||
-I$(MBEDTLS_PATH)/include -I$(MBEDTLS_PATH)/tf-psa-crypto/include \
|
||||
-I$(MBEDTLS_PATH)/tf-psa-crypto/drivers/builtin/include \
|
||||
-I$(MBEDTLS_PATH)/include \
|
||||
$(TF_PSA_CRYPTO_LIBRARY_PUBLIC_INCLUDE) \
|
||||
-D_FILE_OFFSET_BITS=64
|
||||
LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) $(LOCAL_CFLAGS)
|
||||
|
||||
@@ -36,20 +46,17 @@ LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \
|
||||
-lpsaclient \
|
||||
-lmbedtls$(SHARED_SUFFIX) \
|
||||
-lmbedx509$(SHARED_SUFFIX) \
|
||||
-lmbedcrypto$(SHARED_SUFFIX)
|
||||
-lmbedcrypto$(SHARED_SUFFIX) \
|
||||
$(TF_PSA_CRYPTO_EXTRA_LDFLAGS)
|
||||
else
|
||||
LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \
|
||||
-L$(MBEDTLS_PATH)/library \
|
||||
-lmbedtls$(SHARED_SUFFIX) \
|
||||
-lmbedx509$(SHARED_SUFFIX) \
|
||||
-lmbedcrypto$(SHARED_SUFFIX)
|
||||
-lmbedcrypto$(SHARED_SUFFIX) \
|
||||
$(TF_PSA_CRYPTO_EXTRA_LDFLAGS)
|
||||
endif
|
||||
|
||||
THIRDPARTY_DIR = $(MBEDTLS_PATH)/tf-psa-crypto/drivers
|
||||
include $(THIRDPARTY_DIR)/everest/Makefile.inc
|
||||
include $(THIRDPARTY_DIR)/p256-m/Makefile.inc
|
||||
LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
|
||||
|
||||
ifdef PSASIM
|
||||
MBEDLIBS=$(PSASIM_PATH)/client_libs/libmbedcrypto.a \
|
||||
$(PSASIM_PATH)/client_libs/libmbedx509.a \
|
||||
@@ -74,27 +81,6 @@ ifdef WINDOWS
|
||||
WINDOWS_BUILD=1
|
||||
endif
|
||||
|
||||
## Usage: $(call remove_enabled_options,PREPROCESSOR_INPUT)
|
||||
## Remove the preprocessor symbols that are set in the current configuration
|
||||
## from PREPROCESSOR_INPUT. Also normalize whitespace.
|
||||
## Example:
|
||||
## $(call remove_enabled_options,MBEDTLS_FOO MBEDTLS_BAR)
|
||||
## This expands to an empty string "" if MBEDTLS_FOO and MBEDTLS_BAR are both
|
||||
## enabled, to "MBEDTLS_FOO" if MBEDTLS_BAR is enabled but MBEDTLS_FOO is
|
||||
## disabled, etc.
|
||||
##
|
||||
## This only works with a Unix-like shell environment (Bourne/POSIX-style shell
|
||||
## and standard commands) and a Unix-like compiler (supporting -E). In
|
||||
## other environments, the output is likely to be empty.
|
||||
define remove_enabled_options
|
||||
$(strip $(shell
|
||||
exec 2>/dev/null;
|
||||
{ echo '#include <mbedtls/build_info.h>'; echo $(1); } |
|
||||
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -E - |
|
||||
tail -n 1
|
||||
))
|
||||
endef
|
||||
|
||||
ifdef WINDOWS_BUILD
|
||||
DLEXT=dll
|
||||
EXEXT=.exe
|
||||
@@ -102,31 +88,10 @@ ifdef WINDOWS_BUILD
|
||||
ifdef SHARED
|
||||
SHARED_SUFFIX=.$(DLEXT)
|
||||
endif
|
||||
|
||||
else # Not building for Windows
|
||||
DLEXT ?= so
|
||||
EXEXT=
|
||||
SHARED_SUFFIX=
|
||||
ifndef THREADING
|
||||
# Auto-detect configurations with pthread.
|
||||
# If the call to remove_enabled_options returns "control", the symbols
|
||||
# are confirmed set and we link with pthread.
|
||||
# If the auto-detection fails, the result of the call is empty and
|
||||
# we keep THREADING undefined.
|
||||
ifeq (control,$(call remove_enabled_options,control MBEDTLS_THREADING_C MBEDTLS_THREADING_PTHREAD))
|
||||
THREADING := pthread
|
||||
endif
|
||||
endif
|
||||
|
||||
ifeq ($(THREADING),pthread)
|
||||
LOCAL_LDFLAGS += -lpthread
|
||||
endif
|
||||
endif
|
||||
|
||||
ifdef WINDOWS
|
||||
PYTHON ?= python
|
||||
else
|
||||
PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi)
|
||||
endif
|
||||
|
||||
# See root Makefile
|
||||
|
||||
99
scripts/crypto-common.make
Normal file
99
scripts/crypto-common.make
Normal file
@@ -0,0 +1,99 @@
|
||||
# Helper code for the make build system in Mbed TLS: define some variables
|
||||
# providing information such as file paths.
|
||||
# This file is only meant to exist for a short transition period.
|
||||
# It may change or be removed without notice.
|
||||
# Do not use it if you are not Mbed TLS!
|
||||
|
||||
# Assume that this makefile is located in a first-level subdirectory of the
|
||||
# Mbed TLS root, and is accessed directly (not via VPATH or such).
|
||||
# If this is not the case, TF_PSA_CRYPTO_PATH or MBEDTLS_PATH must be defined
|
||||
# before including this file.
|
||||
ifneq ($(origin TF_PSA_CRYPTO_PATH), undefined)
|
||||
# TF_PSA_CRYPTO_PATH was defined before including this file, good.
|
||||
else ifneq ($(origin MBEDTLS_PATH), undefined)
|
||||
TF_PSA_CRYPTO_PATH := $(MBEDTLS_PATH)/tf-psa-crypto
|
||||
else
|
||||
# $(dir $(lastword $(MAKEFILE_LIST))) is the path to this file, possibly
|
||||
# a relative path, with a trailing slash. Strip off another directory
|
||||
# from that.
|
||||
TF_PSA_CRYPTO_PATH := $(patsubst %/,%,$(dir $(patsubst %/,%,$(dir $(lastword $(MAKEFILE_LIST))))))/tf-psa-crypto
|
||||
endif
|
||||
|
||||
ifeq (,$(wildcard $(TF_PSA_CRYPTO_PATH)/core/psa_crypto.c))
|
||||
$(error $$(TF_PSA_CRYPTO_PATH)/core/psa_crypto.c not found)
|
||||
endif
|
||||
|
||||
TF_PSA_CRYPTO_CORE_PATH = $(TF_PSA_CRYPTO_PATH)/core
|
||||
TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH = $(TF_PSA_CRYPTO_PATH)/drivers/builtin/src
|
||||
|
||||
# Gather information about crypto drivers that are separate from the main
|
||||
# "builtin" driver (historically located in /3rdparty in Mbed TLS 2.x/3.x).
|
||||
THIRDPARTY_DIR := $(TF_PSA_CRYPTO_PATH)/drivers
|
||||
THIRDPARTY_INCLUDES =
|
||||
include $(TF_PSA_CRYPTO_PATH)/drivers/everest/Makefile.inc
|
||||
include $(TF_PSA_CRYPTO_PATH)/drivers/p256-m/Makefile.inc
|
||||
|
||||
# Directories with headers of public interfaces of TF-PSA-Crypto
|
||||
TF_PSA_CRYPTO_LIBRARY_PUBLIC_INCLUDE = \
|
||||
-I$(TF_PSA_CRYPTO_PATH)/include \
|
||||
-I$(TF_PSA_CRYPTO_PATH)/drivers/builtin/include \
|
||||
$(THIRDPARTY_INCLUDES)
|
||||
|
||||
# Directories with headers of internal interfaces of TF-PSA-Crypto
|
||||
# (currently consumed by Mbed TLS, eventually not so when we've finished
|
||||
# cleaning up)
|
||||
TF_PSA_CRYPTO_LIBRARY_PRIVATE_INCLUDE = \
|
||||
-I$(TF_PSA_CRYPTO_CORE_PATH) \
|
||||
-I$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)
|
||||
|
||||
# Extra linker flags required by the crypto library or the platform
|
||||
TF_PSA_CRYPTO_EXTRA_LDFLAGS =
|
||||
|
||||
## Usage: $(call remove_enabled_options_crypto,PREPROCESSOR_INPUT)
|
||||
## Remove the preprocessor symbols that are set in the current configuration
|
||||
## from PREPROCESSOR_INPUT. Also normalize whitespace.
|
||||
## Example:
|
||||
## $(call remove_enabled_options_crypto,MBEDTLS_FOO MBEDTLS_BAR)
|
||||
## This expands to an empty string "" if MBEDTLS_FOO and MBEDTLS_BAR are both
|
||||
## enabled in the TF-PSA-Crypto configuration, to "MBEDTLS_FOO" if
|
||||
## MBEDTLS_BAR is enabled but MBEDTLS_FOO is disabled, etc.
|
||||
##
|
||||
## This only works with a Unix-like shell environment (Bourne/POSIX-style shell
|
||||
## and standard commands) and a Unix-like compiler (supporting -E). In
|
||||
## other environments, the output is likely to be empty.
|
||||
define remove_enabled_options_crypto
|
||||
$(strip $(shell
|
||||
exec 2>/dev/null;
|
||||
{ echo '#include <tf-psa-crypto/build_info.h>'; echo $(1); } |
|
||||
$(CC) $(TF_PSA_CRYPTO_LIBRARY_PUBLIC_INCLUDE) $(CFLAGS) -E - |
|
||||
tail -n 1
|
||||
))
|
||||
endef
|
||||
|
||||
# Ensure that `THREADING` is always defined. This lets us get a clean run
|
||||
# with `make --warn-undefined-variables` without making the conditionals
|
||||
# below more complex than they already are. At this stage, if `$(THREADING)`
|
||||
# is empty, it means we don't know yet whether the threading implementation
|
||||
# requires extra `LDFLAGS`. Once we've done the analysis, if `$(THREADING)`
|
||||
# is empty, it will mean that no extra `LDFLAGS` are required, either
|
||||
# because threading is disabled or because the threading implementation
|
||||
# doesn't require any extra `LDFLAGS`.
|
||||
THREADING ?=
|
||||
|
||||
ifndef WINDOWS_BUILD
|
||||
ifeq ($(THREADING),)
|
||||
# Auto-detect configurations with pthread.
|
||||
# If the call to remove_enabled_options returns "control", the symbols
|
||||
# are confirmed set and we link with pthread.
|
||||
# If the auto-detection fails, the result of the call is empty and
|
||||
# we keep THREADING undefined.
|
||||
ifeq (control,$(call remove_enabled_options_crypto,control MBEDTLS_THREADING_C MBEDTLS_THREADING_PTHREAD))
|
||||
THREADING := pthread
|
||||
endif
|
||||
endif
|
||||
#$(info THREADING = $(THREADING))
|
||||
|
||||
ifeq ($(THREADING),pthread)
|
||||
TF_PSA_CRYPTO_EXTRA_LDFLAGS += -lpthread
|
||||
endif
|
||||
endif
|
||||
Reference in New Issue
Block a user