tpm: Remove need for libssl build dependency #458
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Hurray! |
|
@AdamCDunlap cool, thanks for that! Can we also remove |
Coconut-SVSM vendors its own copy of openssl (via git submodule), but previously it didn't pass in the right variables to libmstpm's configure script to tell it to use it. This meant that libssl-dev must be installed on the build system in order to build Coconut. This can be bypassed by passing LIBCRYPTO_LIBS and LIBCRYPTO_CFLAGS to configure. Coconut-SVSM was previously passing in LIBCRYPTO_LIBS only, but it would double-expanding the variables meaning that it was actually passing LIBCRYPTO_LIBS="", which was not enough for configure. Fix this, and also pass LIBCRYPTO_CFLAGS so that configure realizes the libcrypto dependency is satisfied without needing it installed on the build system. Tested by building in a docker container based on debian12 without libssl-dev. This commit also modifies the documentation and github workers to remove this dependency, but I have no way of directly testing these. Change-Id: I1584f52894d50a9fb8b289102a45e3cfa9f8d141 Signed-off-by: Adam Dunlap <acdunlap@google.com>
AdamCDunlap
force-pushed
the
no-libssl-dev
branch
from
1cb961f
to
24aab58
Compare
Pushed a new version with that change. Thanks for taking a look. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Coconut-SVSM vendors its own copy of openssl (via git submodule), but previously it didn't pass in the right variables to libmstpm's configure script to tell it to use it. This meant that libssl-dev must be installed on the build system in order to build Coconut.
This can be bypassed by passing LIBCRYPTO_LIBS and LIBCRYPTO_CFLAGS to configure. Coconut-SVSM was previously passing in LIBCRYPTO_LIBS only, but it would double-expanding the variables meaning that it was actually passing LIBCRYPTO_LIBS="", which was not enough for configure. Fix this, and also pass LIBCRYPTO_CFLAGS so that configure realizes the libcrypto dependency is satisfied without needing it installed on the build system.
Tested by building in a docker container based on debian12 without libssl-dev.
This commit also modifies the documentation and github workers to remove this dependency, but I have no way of directly testing these.