[PATCH v3 03/25] mbedtls: add mbedtls into the build system
Raymond Mao
raymond.mao at linaro.org
Tue Jun 4 23:50:08 CEST 2024
Hi Andy,
On Tue, 4 Jun 2024 at 16:17, Andy Shevchenko <
andriy.shevchenko at linux.intel.com> wrote:
> On Tue, May 28, 2024 at 07:09:14AM -0700, Raymond Mao wrote:
> > Port mbedtls with dummy libc header files.
> > Add mbedtls default config header file.
> > Optimize mbedtls default config by disabling unused features to
> > reduce the target size.
> > Add mbedtls kbuild makefile.
> > Add Kconfig and mbedtls config submenu.
> >
> > Prerequisite
> > ------------
> >
> > This patch series requires mbedtls git repo to be added as a
> > subtree to the main U-Boot repo via:
> >
> > $ git subtree add --prefix lib/mbedtls/external/mbedtls \
> > https://github.com/Mbed-TLS/mbedtls.git \
> > v3.6.0 --squash
>
> Is this approach maintainable?
> I don't remember if we have similar in Linux kernel, for example.
> (There are few candidates like compression algorithms that are usually
> being
> hosted elsewhere)
>
> > Moreover, due to the Windows-style files from mbedtls git repo,
> > we need to convert the CRLF endings to LF and do a commit manually:
> >
> > $ git add --renormalize .
> > $ git commit
>
> ...
>
> > lib/mbedtls/mbedtls_def_config.h | 4262 ++++++++++++++++++++++++++++++
>
> This is ridiculously HUGE! This is unreviewable. Moreover, this is even
> hard to
> configure by the user! Can you rather make it modular and maybe create a
> separate documentation for the most important options (I do not believe one
> needs _all_ of them to be set / tuned)?
>
> This is a file from MbedTLS and follows its own style.
And this is how MbedTLS is configured - with all features listed in a
config file and
commenting out the unused features with "//").
The modification here is just to control those existing options with
Kconfigs.
Regards,
Raymond
More information about the U-Boot
mailing list