Thanks for the fix Alex. My local build and testing is with
openembedded-core commit
https://git.openembedded.org/openembedded-core/commit/?id=b5c24e1491dcb9ab0f782df6be6582fbd2151724


On Sat, Jun 13, 2026 at 9:33 AM Alex Kiernan <[email protected]> wrote:

> On Fri, Jun 12, 2026 at 4:33 PM Etienne Cordonnier via
> lists.openembedded.org <[email protected]>
> wrote:
> >
> > From: Etienne Cordonnier <[email protected]>
> >
> > Add a recipe shipping the BoringSSL shared libraries required by
> > android-tools-adbd. BoringSSL is the TLS/crypto library used by adbd
> > for ADB authentication.
> >
> > The libraries are installed under ${libdir}/android/ to avoid conflicting
> > with the system libcrypto/libssl in the sysroot. A SOVERSION=0 patch is
> > applied so Yocto's standard .so / .so.0 packaging split works correctly.
> > An ld.so.conf.d drop-in registers ${libdir}/android so binaries can find
> > the libraries at runtime.
> >
> > This recipe is tightly coupled to android-tools: update it together when
> > upgrading android-tools to a new version.
> >
> > AI-Generated: Uses GitHub Copilot (Claude Sonnet 4.6)
> >
> > Signed-off-by: Mihajlo Marinkovic <[email protected]>
> > Co-authored-by: Etienne Cordonnier <[email protected]>
> > ---
>
> Just sent this:
>
>
> https://urldefense.proofpoint.com/v2/url?u=https-3A__patchwork.yoctoproject.org_project_oe_patch_20260613073026.529355-2D2-2Dalex.kiernan-40gmail.com_&d=DwIFaQ&c=ncDTmphkJTvjIDPh0hpF_4vCHvabgGkICC2epckfdiw&r=AhkbNonVuMIGRfPx_Qj9TsRih1DULJTKUkSGa66m67E&m=0I9kcs3yTZeLi7TbI-G0bkjbrmVNpkpDZTF0qEOxbR6rOj9We36bB3auvx3yHUu8&s=SQmJGIsA5X3gdlStxI-8A4kfaK5CEr-sSH5aEWaLMDQ&e=
>
> Which I needed to get it to build against current master OE-Core (at
> least I think that's what was the important dimension).
>
> >  ...ION-0-to-crypto-and-ssl-shared-libra.patch | 62 ++++++++++++++++
> >  .../android-libboringssl/boringssl-go-stub    | 22 ++++++
> >  .../boringssl-gtest-stub.cc                   |  1 +
> >  .../android-libboringssl_14.0.0+r45.bb        | 70 +++++++++++++++++++
> >  4 files changed, 155 insertions(+)
> >  create mode 100644
> meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch
> >  create mode 100644
> meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub
> >  create mode 100644
> meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc
> >  create mode 100644
> meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+
> r45.bb
> >
> > diff --git
> a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch
> b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch
> > new file mode 100644
> > index 0000000000..74ad93aa8d
> > --- /dev/null
> > +++
> b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch
> > @@ -0,0 +1,62 @@
> > +From 03a13ef3ea786286d9317562647e9856c1b71736 Mon Sep 17 00:00:00 2001
> > +From: Etienne Cordonnier <[email protected]>
> > +Date: Thu, 11 Jun 2026 00:00:00 +0000
> > +Subject: [PATCH] cmake: add SOVERSION 0 to crypto and ssl shared
> libraries
> > +
> > +BoringSSL's CMakeLists.txt does not set SOVERSION, so the built shared
> > +libraries have no SONAME embedded and cmake names them libcrypto.so /
> > +libssl.so without any version suffix.  This causes two problems in a
> > +Yocto build:
> > +
> > +1. The Yocto QA check "dev-so" rejects unversioned .so symlinks in
> > +   non-dev packages, but those symlinks are required at runtime because
> > +   the DT_NEEDED entry in binaries that link against BoringSSL refers to
> > +   the bare libcrypto.so name.
> > +
> > +2. Standard Yocto FILES patterns split libraries by suffix: .so.* goes
> > +   into the runtime package and .so symlinks go into -dev.  Without a
> > +   SOVERSION these patterns do not apply correctly.
> > +
> > +Setting SOVERSION to 0 causes cmake to:
> > +  - build libcrypto.so.0 as the real ELF with SONAME=libcrypto.so.0
> > +  - create libcrypto.so as a development symlink
> > +
> > +Binaries linked with -l:libcrypto.so.0 (as android-tools does) will
> > +record DT_NEEDED=libcrypto.so.0 and resolve correctly at runtime.
> > +
> > +Upstream-Status: Inappropriate [OE-specific packaging requirement]
> > +Signed-off-by: Etienne Cordonnier <[email protected]>
> > +---
> > + crypto/CMakeLists.txt | 2 ++
> > + ssl/CMakeLists.txt    | 2 ++
> > + 2 files changed, 4 insertions(+)
> > +
> > +diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt
> > +index cdb5ddc..fca86cc 100644
> > +--- a/crypto/CMakeLists.txt
> > ++++ b/crypto/CMakeLists.txt
> > +@@ -327,6 +327,8 @@ endif()
> > +
> > + set_target_properties(crypto PROPERTIES LINKER_LANGUAGE C)
> > +
> > ++set_target_properties(crypto PROPERTIES SOVERSION 0)
> > ++
> > + if(WIN32)
> > +   target_link_libraries(crypto ws2_32)
> > + endif()
> > +diff --git a/ssl/CMakeLists.txt b/ssl/CMakeLists.txt
> > +index d8d997e..e49b350 100644
> > +--- a/ssl/CMakeLists.txt
> > ++++ b/ssl/CMakeLists.txt
> > +@@ -46,6 +46,8 @@ install_if_enabled(TARGETS ssl EXPORT OpenSSLTargets
> ${INSTALL_DESTINATION_DEFAU
> > + set_property(TARGET ssl PROPERTY EXPORT_NAME SSL)
> > + target_link_libraries(ssl crypto)
> > +
> > ++set_target_properties(ssl PROPERTIES SOVERSION 0)
> > ++
> > + add_executable(
> > +   ssl_test
> > +
> > +--
> > +2.43.0
> > +
> > diff --git
> a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub
> b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub
> > new file mode 100644
> > index 0000000000..de63f38c9c
> > --- /dev/null
> > +++
> b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub
> > @@ -0,0 +1,22 @@
> > +#!/bin/sh
> > +if [ "$1" = "run" ] && [ "$2" = "util/embed_test_data.go" ]; then
> > +    echo 'extern const int boringssl_dummy_crypto_test_data = 0;'
> > +    exit 0
> > +fi
> > +if [ "$1" = "run" ] && [ "$2" = "err_data_generate.go" ]; then
> > +    cat <<'EOF'
> > +#include <stddef.h>
> > +#include <stdint.h>
> > +
> > +const uint32_t kOpenSSLReasonValues[] = {0};
> > +const size_t kOpenSSLReasonValuesLen = 0;
> > +const char kOpenSSLReasonStringData[] = "";
> > +EOF
> > +    exit 0
> > +fi
> > +if [ "$1" = "version" ]; then
> > +    echo 'go version go0.0.0 yocto/stub'
> > +    exit 0
> > +fi
> > +echo "Unexpected Go invocation: $*" >&2
> > +exit 1
> > diff --git
> a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc
> b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc
> > new file mode 100644
> > index 0000000000..7477536281
> > --- /dev/null
> > +++
> b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc
> > @@ -0,0 +1 @@
> > +int boringssl_dummy_gtest_translation_unit = 0;
> > diff --git
> a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+
> r45.bb
> b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+
> r45.bb
> > new file mode 100644
> > index 0000000000..fccf6e0dff
> > --- /dev/null
> > +++
> b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+
> r45.bb
> > @@ -0,0 +1,70 @@
> > +DESCRIPTION = "BoringSSL shared libraries for android-tools"
> > +SECTION = "libs"
> > +# This recipe is tightly coupled to android-tools: when upgrading
> android-tools,
> > +# update this recipe to the BoringSSL version shipped in the
> corresponding Debian
> > +# android-platform-tools source package.
> > +# BoringSSL is a fork of OpenSSL; new files carry ISC license, OpenSSL
> license
> > +# covers the forked parts.
> > +LICENSE = "OpenSSL & ISC"
> > +LIC_FILES_CHKSUM = "file://LICENSE;md5=2ca501bc96ce9ed0814e2c592c3f9593"
> > +
> > +SRC_URI = " \
> > +
> https://urldefense.proofpoint.com/v2/url?u=https-3A__deb.debian.org_debian_pool_main_a_android-2Dplatform-2Dexternal-2Dboringssl_android-2Dplatform-2Dexternal-2Dboringssl-5F-24-257BPV-257D.orig.tar.xz&d=DwIFaQ&c=ncDTmphkJTvjIDPh0hpF_4vCHvabgGkICC2epckfdiw&r=AhkbNonVuMIGRfPx_Qj9TsRih1DULJTKUkSGa66m67E&m=0I9kcs3yTZeLi7TbI-G0bkjbrmVNpkpDZTF0qEOxbR6rOj9We36bB3auvx3yHUu8&s=h9UIfZ9dc3gsp4QbhsGF_Rgdtn0WP9593DrpZPubTfQ&e=
> \
> > +    file://boringssl-go-stub \
> > +    file://boringssl-gtest-stub.cc \
> > +
> file://0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch \
> > +"
> > +SRC_URI[md5sum] = "83d24d2f3136ba6a486b5464369b91b4"
> > +SRC_URI[sha256sum] =
> "f9223e8c15ad5d9e3f1cd50861f4c272658864661e2332bea5d60952aa0930cd"
> > +
> > +# The Debian orig tarball unpacks to
> android-platform-external-boringssl-${PV}/
> > +# with the actual source under a src/ subdirectory.
> > +S = "${UNPACKDIR}/android-platform-external-boringssl-${PV}/src"
> > +
> > +inherit cmake
> > +
> > +CFLAGS:append = " -Wno-discarded-qualifiers"
> > +
> > +OECMAKE_TARGET_COMPILE = "crypto ssl"
> > +
> > +EXTRA_OECMAKE = " \
> > +    -DBUILD_SHARED_LIBS=ON \
> > +    -DBUILD_TESTING=OFF \
> > +    -DCMAKE_BUILD_TYPE=RelWithDebInfo \
> > +    -DGO_EXECUTABLE=${WORKDIR}/hosttools/go \
> > +"
> > +
> > +do_configure:prepend() {
> > +    install -d ${WORKDIR}/hosttools
> > +    install -m 0755 ${UNPACKDIR}/boringssl-go-stub
> ${WORKDIR}/hosttools/go
> > +
> > +    # BoringSSL builds its own minimal gtest from
> third_party/googletest; provide
> > +    # an empty stub .cc. We only build the crypto and ssl targets so
> the test
> > +    # source files are never compiled, but cmake still needs
> gtest-all.cc to
> > +    # exist to create the boringssl_gtest target.
> > +    if [ ! -f ${S}/third_party/googletest/src/gtest-all.cc ]; then
> > +        install -d ${S}/third_party/googletest/src
> > +        install -m 0644 ${UNPACKDIR}/boringssl-gtest-stub.cc \
> > +            ${S}/third_party/googletest/src/gtest-all.cc
> > +    fi
> > +}
> > +do_install() {
> > +    # Install headers under a boringssl/ subdirectory to avoid
> shadowing the
> > +    # system OpenSSL headers in the sysroot.
> > +    install -d ${D}${includedir}/boringssl
> > +    cp -a ${S}/include/openssl ${D}${includedir}/boringssl/
> > +
> > +    # Install shared libraries under ${libdir}/android/ to avoid
> conflicting
> > +    # with the system libssl/libcrypto in the sysroot.
> > +    install -d ${D}${libdir}/android
> > +    install -m 0755 ${B}/crypto/libcrypto.so.0
> ${D}${libdir}/android/libcrypto.so.0
> > +    ln -sf libcrypto.so.0 ${D}${libdir}/android/libcrypto.so
> > +    install -m 0755 ${B}/ssl/libssl.so.0
> ${D}${libdir}/android/libssl.so.0
> > +    ln -sf libssl.so.0 ${D}${libdir}/android/libssl.so
> > +
> > +}
> > +
> > +FILES:${PN}-dev = "${includedir}/boringssl
> ${libdir}/android/libcrypto.so ${libdir}/android/libssl.so"
> > +FILES:${PN} = "${libdir}/android/libcrypto.so.0
> ${libdir}/android/libssl.so.0"
> > +
> > +BBCLASSEXTEND = "native"
> > --
> > 2.43.0
> >
> >
> > 
> >
>
>
> --
> Alex Kiernan
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#127582): 
https://lists.openembedded.org/g/openembedded-devel/message/127582
Mute This Topic: https://lists.openembedded.org/mt/119775569/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to