commit: 7ce5b6fde46ba698919feec73ccee5bdaaf4f8c6
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Mon Jan 17 02:58:42 2022 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Mon Jan 17 02:58:42 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7ce5b6fd
dev-libs/libgcrypt: wire up CPU_FLAGS_ARM_* for crypto extensions
Note that we currently use an all-or-nothing approach as I'm
only aware of ARM CPUs supporting all of: cpu_flags_arm_{aes,sha1,sha2}
or none, but it does look like it's possible (or will be in future)
to support some crypto extensions but not all.
The libgcrypt build system only exposes --disable-arm-crypto-support which
uses at least both AES and SHA* instructions right now with no way to disable
just one.
Given in the wild, we're only aware of all-or-nothing CPUs, let's
just add REQUIRED_USE logic for safety for now, and enable/disable based
on all of cpu_flags_arm_{aes,sha1,sha2} being set by the user (which, again,
should be the case for all known CPUs. cpuid2cpuflags will do this
automatically.)
Needed to avoid automagic usage of crypto extensions which may cause
problems for e.g. binpkgs.
Signed-off-by: Sam James <sam <AT> gentoo.org>
dev-libs/libgcrypt/libgcrypt-1.9.4.ebuild | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/dev-libs/libgcrypt/libgcrypt-1.9.4.ebuild
b/dev-libs/libgcrypt/libgcrypt-1.9.4.ebuild
index c7244661f75b..f8ee619d921b 100644
--- a/dev-libs/libgcrypt/libgcrypt-1.9.4.ebuild
+++ b/dev-libs/libgcrypt/libgcrypt-1.9.4.ebuild
@@ -12,7 +12,17 @@ SRC_URI="mirror://gnupg/${PN}/${P}.tar.bz2"
LICENSE="LGPL-2.1 MIT"
SLOT="0/20" # subslot = soname major version
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv
~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris
~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="+asm cpu_flags_arm_neon cpu_flags_ppc_vsx2 cpu_flags_x86_aes
cpu_flags_x86_avx cpu_flags_x86_avx2 cpu_flags_x86_padlock cpu_flags_x86_sha
cpu_flags_x86_sse4_1 doc o-flag-munging static-libs"
+IUSE="+asm cpu_flags_arm_neon cpu_flags_arm_aes cpu_flags_arm_sha1
cpu_flags_arm_sha2 cpu_flags_ppc_vsx2 cpu_flags_x86_aes cpu_flags_x86_avx
cpu_flags_x86_avx2 cpu_flags_x86_padlock cpu_flags_x86_sha cpu_flags_x86_sse4_1
doc o-flag-munging static-libs"
+
+# Build system only has --disable-arm-crypto-support right now
+# If changing this, update src_configure logic too.
+# ARM CPUs seem to, right now, support all-or-nothing for crypto extensions,
+# but this looks like it might change in future. This is just a safety check
+# in case people somehow do have a CPU which only supports some. They must
+# for now disable them all if that's the case.
+REQUIRED_USE="cpu_flags_arm_aes? ( cpu_flags_arm_sha1 cpu_flags_arm_sha2 )
+ cpu_flags_arm_sha1? ( cpu_flags_arm_aes cpu_flags_arm_sha2 )
+ cpu_flags_arm_sha2? ( cpu_flags_arm_aes cpu_flags_arm_sha1 )"
RDEPEND=">=dev-libs/libgpg-error-1.25[${MULTILIB_USEDEP}]"
DEPEND="${RDEPEND}"
@@ -44,6 +54,8 @@ multilib_src_configure() {
--enable-noexecstack
$(use_enable cpu_flags_arm_neon neon-support)
+ # See REQUIRED_USE comment above
+ $(use_enable cpu_flags_arm_aes arm-crypto-support)
$(use_enable cpu_flags_ppc_vsx2 ppc-crypto-support)
$(use_enable cpu_flags_x86_aes aesni-support)
$(use_enable cpu_flags_x86_avx avx-support)
