Merge changes from topics "prng_seeder_daemon", "tm-bssl-ffi" into tm-qpr-dev
* changes:
Use genrule to pull in bindgen-erated source
Make crate vendor_available
Allow prng_seeder utility
Build Rust bindings
diff --git a/Android.bp b/Android.bp
index 84c70c7..40acf08 100644
--- a/Android.bp
+++ b/Android.bp
@@ -566,3 +566,94 @@
"src/util/fipstools/test_fips.c",
],
}
+
+// Rust bindings
+rust_bindgen {
+ name: "libbssl_sys_raw",
+ source_stem: "bindings",
+ crate_name: "bssl_sys_raw",
+ host_supported: true,
+ wrapper_src: "src/rust/wrapper.h",
+ vendor_available: true,
+ bindgen_flags: [
+ // Adapted from upstream the src/rust/CMakeLists.txt file at:
+ // https://boringssl.googlesource.com/boringssl/+/refs/heads/master/rust/CMakeLists.txt
+ "--no-derive-default",
+ "--enable-function-attribute-detection",
+ "--use-core",
+ "--size_t-is-usize",
+ "--default-macro-constant-type=signed",
+ "--rustified-enum=point_conversion_form_t",
+ // These are not BoringSSL symbols, they are from glibc
+ // and are not relevant to the build besides throwing warnings
+ // about their 'long double' (aka u128) not being FFI safe.
+ // We block those functions so that the build doesn't
+ // spam warnings.
+ //
+ // https://github.com/rust-lang/rust-bindgen/issues/1549 describes the current problem
+ // and other folks' solutions.
+ "--blocklist-function=strtold",
+ "--blocklist-function=qecvt",
+ "--blocklist-function=qecvt_r",
+ "--blocklist-function=qgcvt",
+ "--blocklist-function=qfcvt",
+ "--blocklist-function=qfcvt_r",
+ ],
+ shared_libs: [
+ "libcrypto",
+ "libssl",
+ ],
+}
+
+// Encapsulate the bindgen-generated layout tests as a test target.
+rust_test {
+ name: "libbssl_sys_raw_test",
+ srcs: [
+ ":libbssl_sys_raw",
+ ],
+ crate_name: "bssl_sys_raw_test",
+ test_suites: ["general-tests"],
+ auto_gen_config: true,
+ clippy_lints: "none",
+ lints: "none",
+}
+
+// Rust's bindgen doesn't cope with macros, so this target includes C functions that
+// do the same thing as macros defined in BoringSSL header files.
+cc_library_static {
+ name: "libbssl_rust_support",
+ host_supported: true,
+ defaults: ["boringssl_flags"],
+ srcs: ["src/rust/rust_wrapper.c"],
+ shared_libs: [
+ "libcrypto",
+ "libssl",
+ ],
+}
+
+// Replace the upstream CMake placeholder with a re-export of all of the local bindgen output.
+gensrcs {
+ name: "libbssl_sys_src",
+ srcs: ["src/rust/src/lib.rs"],
+ cmd: "sed 's@^.{INCLUDES}@pub use bssl_sys_raw::*;@' $(in) > $(out)",
+}
+
+rust_library {
+ name: "libbssl_ffi",
+ host_supported: true,
+ crate_name: "bssl_ffi",
+ visibility: [
+ "//external/rust/crates/openssl",
+ "//system/keymint/boringssl",
+ "//system/security/prng_seeder",
+ ],
+ // Use the modified source with placeholder replaced.
+ srcs: [":libbssl_sys_src"],
+ vendor_available: true,
+ // Since libbssl_sys_raw is not publically visible, we can't
+ // accidentally force a double-link by linking statically, so do so.
+ rlibs: ["libbssl_sys_raw"],
+ static_libs: [
+ "libbssl_rust_support",
+ ],
+}
diff --git a/TEST_MAPPING b/TEST_MAPPING
new file mode 100644
index 0000000..ce97638
--- /dev/null
+++ b/TEST_MAPPING
@@ -0,0 +1,7 @@
+{
+ "presubmit": [
+ {
+ "name": "libbssl_sys_raw_test"
+ }
+ ]
+}
diff --git a/src/rust/wrapper.h b/src/rust/wrapper.h
index aa5aeed..ff46642 100644
--- a/src/rust/wrapper.h
+++ b/src/rust/wrapper.h
@@ -18,6 +18,7 @@
#include "../include/openssl/conf.h"
#include "../include/openssl/cpu.h"
#include "../include/openssl/crypto.h"
+#include "../include/openssl/ctrdrbg.h"
#include "../include/openssl/curve25519.h"
#include "../include/openssl/des.h"
#include "../include/openssl/dh.h"
