Add libcrypto_baremetal
BoringSSL is already used in bare-metal environments, eg. in
external/u-boot, but so far hasn't been compiled that way in Soong.
Now that we are building pvmfw in AOSP, add a libcrypto_baremetal
target that will allow us to link it against BoringSSL.
The target defines:
- OPENSSL_NO_THREADS_CORRUPT_MEMORY_AND_LEAK_SECRETS_IF_THREADED
- no threading support in this environment
- OPENSSL_SMALL
- reduce size by removing uncommon functionality
- DOPENSSL_NO_ASM
- remove dependency on getauxval() and __system_property_get
Bug: 237372981
Test: atest vmbase_example.integration_test
Change-Id: Ie412d2f9178b183162c9be111a3b4496ac6243b0
diff --git a/Android.bp b/Android.bp
index 8130929..cc21e44 100644
--- a/Android.bp
+++ b/Android.bp
@@ -394,6 +394,25 @@
],
}
+// Static library for use in bare-metal environments
+cc_library_static {
+ name: "libcrypto_baremetal",
+ defaults: [
+ "libcrypto_bcm_sources",
+ "libcrypto_sources",
+ "libcrypto_defaults",
+ "boringssl_defaults",
+ "boringssl_flags",
+ ],
+ cflags: [
+ "-DOPENSSL_NO_THREADS_CORRUPT_MEMORY_AND_LEAK_SECRETS_IF_THREADED",
+ "-DOPENSSL_SMALL",
+ "-DOPENSSL_NO_ASM",
+ ],
+ visibility: ["//packages/modules/Virtualization:__subpackages__"],
+ apex_available: ["com.android.virt"],
+}
+
// Common defaults for lib*_fuzz_unsafe. These are unsafe and deterministic
// libraries for testing and fuzzing only. See src/FUZZING.md.
cc_defaults {
