ktls-utils: Initial commit

Package ktls-utils which includes tlsd. This is used when in-kernel TLS consumers need a mechanism to perform TLS handshakes on a connected socket to negotiate TLS session parameters that can then be programmed into the kernel's TLS record protocol engine. Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-01-01 13:58:06 +00:00 · 2025-04-09 12:37:36 +10:00 · 2025-04-09 12:37:36 +10:00 · 519a3749c8
commit 519a3749c8
parent b8ea21f860
2 changed files with 61 additions and 0 deletions
--- a/meta-oe/recipes-kernel/ktls-utils/ktls-utils/0001-tlshd-Define-ALLPERMS-if-it-doesn-t-exist-to-fix-mus.patch
+++ b/meta-oe/recipes-kernel/ktls-utils/ktls-utils/0001-tlshd-Define-ALLPERMS-if-it-doesn-t-exist-to-fix-mus.patch
@ -0,0 +1,37 @@
+From ca95e956307672484e8c018263600749aa9c4f4d Mon Sep 17 00:00:00 2001
+From: Alistair Francis <alistair.francis@wdc.com>
+Date: Wed, 9 Apr 2025 11:14:52 +1000
+Subject: [PATCH] tlshd: Define ALLPERMS if it doesn't exist to fix musl build
+
+ALLPERMS exists in glibc, but not on musl, so we manually define
+it if it doesn't exist. This fixes building on musl systems.
+
+Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
+Upstream-Status: Submitted
+[https://github.com/oracle/ktls-utils/pull/88]
+---
+ src/tlshd/config.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/src/tlshd/config.c b/src/tlshd/config.c
+index 38948e8..e653bd8 100644
+--- a/src/tlshd/config.c
+++ b/src/tlshd/config.c
+@@ -46,6 +46,14 @@
+ 
+ static GKeyFile *tlshd_configuration;
+ 
+/**
+ * ALLPERMS exists in glibc, but not on musl, so we
+ * manually define it if it doesn't exist
+ */
+#ifndef ALLPERMS
+#define ALLPERMS (S_ISUID|S_ISGID|S_ISVTX|S_IRWXU|S_IRWXG|S_IRWXO)
+#endif
+
+ /**
+  * tlshd_config_init - Read tlshd's config file
+  * @pathname: Pathname to config file
+-- 
+2.49.0
+
--- a/meta-oe/recipes-kernel/ktls-utils/ktls-utils_0.11.bb
+++ b/meta-oe/recipes-kernel/ktls-utils/ktls-utils_0.11.bb
@ -0,0 +1,24 @@
+SUMMARY = "TLS handshake utilities for in-kernel TLS consumers"
+DESCRIPTION = "In-kernel TLS consumers need a mechanism to perform TLS \
+handshakes on a connected socket to negotiate TLS session parameters that \
+can then be programmed into the kernel's TLS record protocol engine."
+DEPENDS = "gnutls keyutils glib-2.0 libnl"
+RDEPENDS:${PN} += " gnutls"
+LICENSE = "GPL-2.0-only"
+LIC_FILES_CHKSUM = "file://COPYING;md5=d568123389d9a12625cca2b089b1728b"
+
+SRCREV = "5c3314b5728b272cbaf0d98f4d521cca9610b6bf"
+SRC_URI = " \
+	git://github.com/oracle/ktls-utils.git;nobranch=1;protocol=https \
+	file://0001-tlshd-Define-ALLPERMS-if-it-doesn-t-exist-to-fix-mus.patch \
+	"
+
+S = "${WORKDIR}/git"
+
+inherit autotools-brokensep pkgconfig systemd
+
+PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}"
+
+PACKAGECONFIG[systemd] = "--with-systemd,,systemd"
+
+SYSTEMD_SERVICE:${PN} = "tlshd.service"