On Fri, Jun 12, 2026 at 4:33 PM Etienne Cordonnier via lists.openembedded.org <[email protected]> wrote: > > From: Etienne Cordonnier <[email protected]> > > Add a recipe shipping the BoringSSL shared libraries required by > android-tools-adbd. BoringSSL is the TLS/crypto library used by adbd > for ADB authentication. > > The libraries are installed under ${libdir}/android/ to avoid conflicting > with the system libcrypto/libssl in the sysroot. A SOVERSION=0 patch is > applied so Yocto's standard .so / .so.0 packaging split works correctly. > An ld.so.conf.d drop-in registers ${libdir}/android so binaries can find > the libraries at runtime. > > This recipe is tightly coupled to android-tools: update it together when > upgrading android-tools to a new version. > > AI-Generated: Uses GitHub Copilot (Claude Sonnet 4.6) > > Signed-off-by: Mihajlo Marinkovic <[email protected]> > Co-authored-by: Etienne Cordonnier <[email protected]> > ---
Just sent this: https://patchwork.yoctoproject.org/project/oe/patch/[email protected]/ Which I needed to get it to build against current master OE-Core (at least I think that's what was the important dimension). > ...ION-0-to-crypto-and-ssl-shared-libra.patch | 62 ++++++++++++++++ > .../android-libboringssl/boringssl-go-stub | 22 ++++++ > .../boringssl-gtest-stub.cc | 1 + > .../android-libboringssl_14.0.0+r45.bb | 70 +++++++++++++++++++ > 4 files changed, 155 insertions(+) > create mode 100644 > meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch > create mode 100644 > meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub > create mode 100644 > meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc > create mode 100644 > meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+r45.bb > > diff --git > a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch > > b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch > new file mode 100644 > index 0000000000..74ad93aa8d > --- /dev/null > +++ > b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch > @@ -0,0 +1,62 @@ > +From 03a13ef3ea786286d9317562647e9856c1b71736 Mon Sep 17 00:00:00 2001 > +From: Etienne Cordonnier <[email protected]> > +Date: Thu, 11 Jun 2026 00:00:00 +0000 > +Subject: [PATCH] cmake: add SOVERSION 0 to crypto and ssl shared libraries > + > +BoringSSL's CMakeLists.txt does not set SOVERSION, so the built shared > +libraries have no SONAME embedded and cmake names them libcrypto.so / > +libssl.so without any version suffix. This causes two problems in a > +Yocto build: > + > +1. The Yocto QA check "dev-so" rejects unversioned .so symlinks in > + non-dev packages, but those symlinks are required at runtime because > + the DT_NEEDED entry in binaries that link against BoringSSL refers to > + the bare libcrypto.so name. > + > +2. Standard Yocto FILES patterns split libraries by suffix: .so.* goes > + into the runtime package and .so symlinks go into -dev. Without a > + SOVERSION these patterns do not apply correctly. > + > +Setting SOVERSION to 0 causes cmake to: > + - build libcrypto.so.0 as the real ELF with SONAME=libcrypto.so.0 > + - create libcrypto.so as a development symlink > + > +Binaries linked with -l:libcrypto.so.0 (as android-tools does) will > +record DT_NEEDED=libcrypto.so.0 and resolve correctly at runtime. > + > +Upstream-Status: Inappropriate [OE-specific packaging requirement] > +Signed-off-by: Etienne Cordonnier <[email protected]> > +--- > + crypto/CMakeLists.txt | 2 ++ > + ssl/CMakeLists.txt | 2 ++ > + 2 files changed, 4 insertions(+) > + > +diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt > +index cdb5ddc..fca86cc 100644 > +--- a/crypto/CMakeLists.txt > ++++ b/crypto/CMakeLists.txt > +@@ -327,6 +327,8 @@ endif() > + > + set_target_properties(crypto PROPERTIES LINKER_LANGUAGE C) > + > ++set_target_properties(crypto PROPERTIES SOVERSION 0) > ++ > + if(WIN32) > + target_link_libraries(crypto ws2_32) > + endif() > +diff --git a/ssl/CMakeLists.txt b/ssl/CMakeLists.txt > +index d8d997e..e49b350 100644 > +--- a/ssl/CMakeLists.txt > ++++ b/ssl/CMakeLists.txt > +@@ -46,6 +46,8 @@ install_if_enabled(TARGETS ssl EXPORT OpenSSLTargets > ${INSTALL_DESTINATION_DEFAU > + set_property(TARGET ssl PROPERTY EXPORT_NAME SSL) > + target_link_libraries(ssl crypto) > + > ++set_target_properties(ssl PROPERTIES SOVERSION 0) > ++ > + add_executable( > + ssl_test > + > +-- > +2.43.0 > + > diff --git > a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub > > b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub > new file mode 100644 > index 0000000000..de63f38c9c > --- /dev/null > +++ > b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub > @@ -0,0 +1,22 @@ > +#!/bin/sh > +if [ "$1" = "run" ] && [ "$2" = "util/embed_test_data.go" ]; then > + echo 'extern const int boringssl_dummy_crypto_test_data = 0;' > + exit 0 > +fi > +if [ "$1" = "run" ] && [ "$2" = "err_data_generate.go" ]; then > + cat <<'EOF' > +#include <stddef.h> > +#include <stdint.h> > + > +const uint32_t kOpenSSLReasonValues[] = {0}; > +const size_t kOpenSSLReasonValuesLen = 0; > +const char kOpenSSLReasonStringData[] = ""; > +EOF > + exit 0 > +fi > +if [ "$1" = "version" ]; then > + echo 'go version go0.0.0 yocto/stub' > + exit 0 > +fi > +echo "Unexpected Go invocation: $*" >&2 > +exit 1 > diff --git > a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc > > b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc > new file mode 100644 > index 0000000000..7477536281 > --- /dev/null > +++ > b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc > @@ -0,0 +1 @@ > +int boringssl_dummy_gtest_translation_unit = 0; > diff --git > a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+r45.bb > > b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+r45.bb > new file mode 100644 > index 0000000000..fccf6e0dff > --- /dev/null > +++ > b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+r45.bb > @@ -0,0 +1,70 @@ > +DESCRIPTION = "BoringSSL shared libraries for android-tools" > +SECTION = "libs" > +# This recipe is tightly coupled to android-tools: when upgrading > android-tools, > +# update this recipe to the BoringSSL version shipped in the corresponding > Debian > +# android-platform-tools source package. > +# BoringSSL is a fork of OpenSSL; new files carry ISC license, OpenSSL > license > +# covers the forked parts. > +LICENSE = "OpenSSL & ISC" > +LIC_FILES_CHKSUM = "file://LICENSE;md5=2ca501bc96ce9ed0814e2c592c3f9593" > + > +SRC_URI = " \ > + > https://deb.debian.org/debian/pool/main/a/android-platform-external-boringssl/android-platform-external-boringssl_${PV}.orig.tar.xz > \ > + file://boringssl-go-stub \ > + file://boringssl-gtest-stub.cc \ > + file://0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch \ > +" > +SRC_URI[md5sum] = "83d24d2f3136ba6a486b5464369b91b4" > +SRC_URI[sha256sum] = > "f9223e8c15ad5d9e3f1cd50861f4c272658864661e2332bea5d60952aa0930cd" > + > +# The Debian orig tarball unpacks to > android-platform-external-boringssl-${PV}/ > +# with the actual source under a src/ subdirectory. > +S = "${UNPACKDIR}/android-platform-external-boringssl-${PV}/src" > + > +inherit cmake > + > +CFLAGS:append = " -Wno-discarded-qualifiers" > + > +OECMAKE_TARGET_COMPILE = "crypto ssl" > + > +EXTRA_OECMAKE = " \ > + -DBUILD_SHARED_LIBS=ON \ > + -DBUILD_TESTING=OFF \ > + -DCMAKE_BUILD_TYPE=RelWithDebInfo \ > + -DGO_EXECUTABLE=${WORKDIR}/hosttools/go \ > +" > + > +do_configure:prepend() { > + install -d ${WORKDIR}/hosttools > + install -m 0755 ${UNPACKDIR}/boringssl-go-stub ${WORKDIR}/hosttools/go > + > + # BoringSSL builds its own minimal gtest from third_party/googletest; > provide > + # an empty stub .cc. We only build the crypto and ssl targets so the test > + # source files are never compiled, but cmake still needs gtest-all.cc to > + # exist to create the boringssl_gtest target. > + if [ ! -f ${S}/third_party/googletest/src/gtest-all.cc ]; then > + install -d ${S}/third_party/googletest/src > + install -m 0644 ${UNPACKDIR}/boringssl-gtest-stub.cc \ > + ${S}/third_party/googletest/src/gtest-all.cc > + fi > +} > +do_install() { > + # Install headers under a boringssl/ subdirectory to avoid shadowing the > + # system OpenSSL headers in the sysroot. > + install -d ${D}${includedir}/boringssl > + cp -a ${S}/include/openssl ${D}${includedir}/boringssl/ > + > + # Install shared libraries under ${libdir}/android/ to avoid conflicting > + # with the system libssl/libcrypto in the sysroot. > + install -d ${D}${libdir}/android > + install -m 0755 ${B}/crypto/libcrypto.so.0 > ${D}${libdir}/android/libcrypto.so.0 > + ln -sf libcrypto.so.0 ${D}${libdir}/android/libcrypto.so > + install -m 0755 ${B}/ssl/libssl.so.0 ${D}${libdir}/android/libssl.so.0 > + ln -sf libssl.so.0 ${D}${libdir}/android/libssl.so > + > +} > + > +FILES:${PN}-dev = "${includedir}/boringssl ${libdir}/android/libcrypto.so > ${libdir}/android/libssl.so" > +FILES:${PN} = "${libdir}/android/libcrypto.so.0 > ${libdir}/android/libssl.so.0" > + > +BBCLASSEXTEND = "native" > -- > 2.43.0 > > > > -- Alex Kiernan
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#127552): https://lists.openembedded.org/g/openembedded-devel/message/127552 Mute This Topic: https://lists.openembedded.org/mt/119775569/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
