• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1// Note that some host libraries have the same module name as the target
2// libraries. This is currently needed to build, for example, adb. But it's
3// probably something that should be changed.
4
5package {
6    default_visibility: ["//visibility:private"],
7    default_applicable_licenses: ["external_boringssl_license"],
8}
9
10// Added automatically by a large-scale-change that took the approach of
11// 'apply every license found to every target'. While this makes sure we respect
12// every license restriction, it may not be entirely correct.
13//
14// e.g. GPL in an MIT project might only apply to the contrib/ directory.
15//
16// Please consider splitting the single license below into multiple licenses,
17// taking care not to lose any license_kind information, and overriding the
18// default license using the 'licenses: [...]' property on targets as needed.
19//
20// For unused files, consider creating a 'fileGroup' with "//visibility:private"
21// to attach the license to, and including a comment whether the files may be
22// used in the current project.
23// See: http://go/android-license-faq
24license {
25    name: "external_boringssl_license",
26    visibility: [":__subpackages__"],
27    license_kinds: [
28        "SPDX-license-identifier-Apache-2.0",
29        "SPDX-license-identifier-BSD",
30        "SPDX-license-identifier-ISC",
31        "SPDX-license-identifier-MIT",
32        "SPDX-license-identifier-OpenSSL",
33        "legacy_unencumbered",
34    ],
35    license_text: [
36        "NOTICE",
37    ],
38}
39
40// Pull in the autogenerated sources modules
41build = ["sources.bp"]
42
43// Used by libcrypto, libssl, bssl tool, and native tests
44cc_defaults {
45    name: "boringssl_flags",
46    vendor_available: true,
47    product_available: true,
48
49    cflags: [
50        "-fvisibility=hidden",
51        "-DBORINGSSL_SHARED_LIBRARY",
52        "-DBORINGSSL_ANDROID_SYSTEM",
53        "-DOPENSSL_SMALL",
54        "-Werror",
55        "-Wno-unused-parameter",
56    ],
57
58    cppflags: [
59        "-Wall",
60        "-Werror",
61    ],
62
63    // Build BoringSSL and its tests against the same STL.
64    sdk_version: "9",
65    stl: "libc++_static",
66}
67
68// Used by libcrypto + libssl
69cc_defaults {
70    name: "boringssl_defaults",
71
72    local_include_dirs: ["src/include"],
73    export_include_dirs: ["src/include"],
74    cflags: ["-DBORINGSSL_IMPLEMENTATION"],
75}
76
77//// libcrypto
78cc_defaults {
79    name: "libcrypto_defaults",
80    host_supported: true,
81    ramdisk_available: true,
82    vendor_ramdisk_available: true,
83
84    // Windows and Macs both have problems with assembly files
85    target: {
86        windows: {
87            enabled: true,
88            cflags: ["-DOPENSSL_NO_ASM"],
89            host_ldlibs: ["-lws2_32"],
90        },
91        darwin: {
92            cflags: ["-DOPENSSL_NO_ASM"],
93        },
94        host: {
95            host_ldlibs: ["-lpthread"],
96        },
97        android: {
98            // On FIPS builds (i.e. Android only) prevent other libraries
99            // from pre-empting symbols in libcrypto which could affect FIPS
100            // compliance and cause integrity checks to fail. See b/160231064.
101            ldflags: ["-Wl,-Bsymbolic"],
102        },
103    },
104
105    local_include_dirs: ["src/crypto"],
106    stl: "none",
107}
108
109// Boring Crypto Module object file.
110// Any changes here must also be reflected in bcm_object_for_testing below.
111cc_object {
112    name: "bcm_object",
113    device_supported: true,
114    recovery_available: true,
115    native_bridge_supported: true,
116    defaults: [
117        "libcrypto_bcm_sources",
118        "libcrypto_defaults",
119        "boringssl_defaults",
120        "boringssl_flags",
121    ],
122    sanitize: {
123        address: false,
124        hwaddress: false,
125        memtag_stack: false,
126        fuzzer: false,
127    },
128    target: {
129        android: {
130            cflags: [
131                "-DBORINGSSL_FIPS",
132                "-fPIC",
133                // -fno[data|text]-sections required to ensure a
134                // single text and data section for FIPS integrity check
135                "-fno-data-sections",
136                "-fno-function-sections",
137            ],
138            linker_script: "src/crypto/fipsmodule/fips_shared.lds",
139        },
140        // Temporary hack to let BoringSSL build with a new compiler.
141        // This doesn't enable HWASAN unconditionally, it just causes
142        // BoringSSL's asm code to unconditionally use a HWASAN-compatible
143        // global variable reference so that the non-HWASANified (because of
144        // sanitize: { hwaddress: false } above) code in the BCM can
145        // successfully link against the HWASANified code in the rest of
146        // BoringSSL in HWASAN builds.
147        android_arm64: {
148            asflags: [
149                "-fsanitize=hwaddress",
150            ],
151        },
152    },
153    apex_available: [
154        "//apex_available:platform",
155        "com.android.adbd",
156        "com.android.adservices",
157        "com.android.art",
158        "com.android.art.debug",
159        "com.android.art.testing",
160        "com.android.btservices",
161        "com.android.compos",
162        "com.android.conscrypt",
163        "com.android.extservices",
164        "com.android.resolv",
165        "com.android.virt",
166    ],
167    min_sdk_version: "29",
168}
169
170// Version of bcm_object built with BORINGSSL_FIPS_BREAK_TESTS defined.
171// Only for use with the FIPS break-tests.sh script.
172// Must be kept in sync with bcm_object.
173cc_object {
174    name: "bcm_object_for_testing",
175    visibility: [
176        "//external/boringssl",
177    ],
178    device_supported: true,
179    defaults: [
180        "libcrypto_bcm_sources",
181        "libcrypto_defaults",
182        "boringssl_defaults",
183        "boringssl_flags",
184    ],
185    sanitize: {
186        address: false,
187        hwaddress: false,
188        fuzzer: false,
189    },
190    target: {
191        android: {
192            cflags: [
193                "-DBORINGSSL_FIPS",
194                "-DBORINGSSL_FIPS_BREAK_TESTS",
195                "-fPIC",
196                // -fno[data|text]-sections required to ensure a
197                // single text and data section for FIPS integrity check
198                "-fno-data-sections",
199                "-fno-function-sections",
200            ],
201            linker_script: "src/crypto/fipsmodule/fips_shared.lds",
202        },
203        // Temporary hack to let BoringSSL build with a new compiler.
204        // This doesn't enable HWASAN unconditionally, it just causes
205        // BoringSSL's asm code to unconditionally use a HWASAN-compatible
206        // global variable reference so that the non-HWASANified (because of
207        // sanitize: { hwaddress: false } above) code in the BCM can
208        // successfully link against the HWASANified code in the rest of
209        // BoringSSL in HWASAN builds.
210        android_arm64: {
211            asflags: [
212                "-fsanitize=hwaddress",
213            ],
214        },
215    },
216    min_sdk_version: "29",
217}
218
219bootstrap_go_package {
220    name: "bssl_ar",
221    pkgPath: "boringssl.googlesource.com/boringssl/util/ar",
222    srcs: [
223        "src/util/ar/ar.go",
224    ],
225    testSrcs: [
226        "src/util/ar/ar_test.go",
227    ],
228}
229
230bootstrap_go_package {
231    name: "bssl_fipscommon",
232    pkgPath: "boringssl.googlesource.com/boringssl/util/fipstools/fipscommon",
233    srcs: [
234        "src/util/fipstools/fipscommon/const.go",
235    ],
236}
237
238blueprint_go_binary {
239    name: "bssl_inject_hash",
240    srcs: [
241        "src/util/fipstools/inject_hash/inject_hash.go",
242    ],
243    deps: [
244        "bssl_ar",
245        "bssl_fipscommon",
246    ],
247}
248
249// Target and host library.
250// Any changes here must also be reflected in libcrypto_for_test below.
251cc_library {
252    name: "libcrypto",
253    visibility: ["//visibility:public"],
254    vendor_available: true,
255    product_available: true,
256    native_bridge_supported: true,
257    vndk: {
258        enabled: true,
259    },
260    double_loadable: true,
261    recovery_available: true,
262    defaults: [
263        "libcrypto_sources",
264        "libcrypto_defaults",
265        "boringssl_defaults",
266        "boringssl_flags",
267    ],
268    unique_host_soname: true,
269    srcs: [
270        ":bcm_object",
271    ],
272    target: {
273        android: {
274            cflags: [
275                "-DBORINGSSL_FIPS",
276            ],
277            sanitize: {
278                // Disable address sanitizing otherwise libcrypto will not report
279                // itself as being in FIPS mode, which causes boringssl_self_test
280                // to fail.
281                address: false,
282            },
283            inject_bssl_hash: true,
284            static: {
285                // Disable the static version of libcrypto, as it causes
286                // problems for FIPS certification.  Use libcrypto_static for
287                // modules that need static libcrypto but do not need FIPS self
288                // testing, or use dynamic libcrypto.
289                enabled: false,
290            },
291        },
292    },
293    apex_available: [
294        "//apex_available:platform",
295        "com.android.adbd",
296        "com.android.adservices",
297        "com.android.art",
298        "com.android.art.debug",
299        "com.android.art.testing",
300        "com.android.btservices",
301        "com.android.compos",
302        "com.android.conscrypt",
303        "com.android.extservices",
304        "com.android.resolv",
305        "com.android.virt",
306    ],
307    min_sdk_version: "29",
308}
309
310// Version of libcrypto build with BORINGSSL_FIPS_BREAK_TESTS defined
311// Only for use with the FIPS break-tests.sh script.
312// Must be kept in sync with libcrypto.
313cc_library {
314    name: "libcrypto_for_testing",
315    visibility: [
316        "//external/boringssl",
317    ],
318    defaults: [
319        "libcrypto_sources",
320        "libcrypto_defaults",
321        "boringssl_defaults",
322        "boringssl_flags",
323    ],
324    unique_host_soname: true,
325    srcs: [
326        ":bcm_object_for_testing",
327    ],
328    target: {
329        android: {
330            cflags: [
331                "-DBORINGSSL_FIPS",
332                "-DBORINGSSL_FIPS_BREAK_TESTS",
333            ],
334            sanitize: {
335                // Disable address sanitizing otherwise libcrypto will not report
336                // itself as being in FIPS mode, which causes boringssl_self_test
337                // to fail.
338                address: false,
339            },
340            inject_bssl_hash: true,
341            static: {
342                // Disable the static version of libcrypto, as it causes
343                // problems for FIPS certification.  Use libcrypto_static for
344                // modules that need static libcrypto but do not need FIPS self
345                // testing, or use dynamic libcrypto.
346                enabled: false,
347            },
348        },
349    },
350    min_sdk_version: "29",
351}
352
353// Static library
354// This version of libcrypto will not have FIPS self tests enabled, so its
355// usage is protected through visibility to ensure it doesn't end up used
356// somewhere that needs the FIPS version.
357cc_library_static {
358    name: "libcrypto_static",
359    visibility: [
360        "//art/build/sdk",
361        "//bootable/recovery/updater",
362        "//external/conscrypt",
363        "//external/python/cpython2",
364        "//external/rust/crates/quiche",
365        // Strictly, only the *static* toybox for legacy devices should have
366        // access to libcrypto_static, but we can't express that.
367        "//external/toybox",
368        "//hardware/interfaces/confirmationui/1.0/vts/functional",
369        "//hardware/interfaces/drm/1.0/vts/functional",
370        "//hardware/interfaces/drm/1.2/vts/functional",
371        "//hardware/interfaces/drm/1.3/vts/functional",
372        "//hardware/interfaces/keymaster/3.0/vts/functional",
373        "//hardware/interfaces/keymaster/4.0/vts/functional",
374        "//hardware/interfaces/keymaster/4.1/vts/functional",
375        "//packages/modules/adb",
376        "//packages/modules/Bluetooth:__subpackages__",
377        "//packages/modules/DnsResolver/tests:__subpackages__",
378        "//packages/modules/NeuralNetworks:__subpackages__",
379        "//system/core/init",
380        "//system/core/fs_mgr/liblp",
381        "//system/core/fs_mgr/liblp/vts_core",
382        "//system/core/fs_mgr/libsnapshot",
383        "//system/libvintf/test",
384        "//system/security/keystore/tests",
385        "//test/vts-testcase/security/avb",
386    ],
387    min_sdk_version: "29",
388    apex_available: [
389        "//apex_available:platform",
390        "com.android.neuralnetworks",
391    ],
392    defaults: [
393        "libcrypto_bcm_sources",
394        "libcrypto_sources",
395        "libcrypto_defaults",
396        "boringssl_defaults",
397        "boringssl_flags",
398    ],
399}
400
401// Static library for use in bare-metal environments
402cc_library_static {
403    name: "libcrypto_baremetal",
404    defaults: [
405        "libcrypto_bcm_sources",
406        "libcrypto_sources",
407        "libcrypto_defaults",
408        "boringssl_defaults",
409        "boringssl_flags",
410    ],
411    cflags: [
412        "-DBORINGSSL_NO_STATIC_INITIALIZER",
413        "-DOPENSSL_SMALL",
414        "-DOPENSSL_STATIC_ARMCAP",
415        "-D__TRUSTY__",
416    ],
417    visibility: [
418        "//external/avb",
419        "//external/open-dice",
420        "//packages/modules/Virtualization:__subpackages__",
421        "//system/security/diced/open_dice",
422    ],
423    apex_available: ["com.android.virt"],
424}
425
426// Common defaults for lib*_fuzz_unsafe. These are unsafe and deterministic
427// libraries for testing and fuzzing only. See src/FUZZING.md.
428cc_defaults {
429    name: "boringssl_fuzz_unsafe_defaults",
430    host_supported: true,
431    cflags: [
432        "-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE",
433        "-DBORINGSSL_UNSAFE_FUZZER_MODE",
434    ],
435    visibility: [
436        "//frameworks/native/libs/binder/tests:__subpackages__",
437    ],
438}
439
440// Unsafe and deterministic version of libcrypto. For testing and fuzzing only.
441// See src/FUZZING.md.
442cc_test_library {
443    name: "libcrypto_fuzz_unsafe",
444    ramdisk_available: false,
445    vendor_ramdisk_available: false,
446    defaults: [
447        "libcrypto_bcm_sources",
448        "libcrypto_sources",
449        "libcrypto_defaults",
450        "boringssl_defaults",
451        "boringssl_flags",
452        "boringssl_fuzz_unsafe_defaults",
453    ],
454}
455
456//// libssl
457
458// Target static library
459
460// Static and Shared library
461cc_library {
462    name: "libssl",
463    visibility: ["//visibility:public"],
464    recovery_available: true,
465    vendor_available: true,
466    product_available: true,
467    native_bridge_supported: true,
468    vndk: {
469        enabled: true,
470    },
471    host_supported: true,
472    defaults: [
473        "libssl_sources",
474        "boringssl_defaults",
475        "boringssl_flags",
476    ],
477    target: {
478        windows: {
479            enabled: true,
480        },
481    },
482    unique_host_soname: true,
483
484    shared_libs: ["libcrypto"],
485
486    apex_available: [
487        "//apex_available:platform",
488        "com.android.btservices",
489        "com.android.adbd",
490        "com.android.conscrypt",
491        "com.android.resolv",
492        "com.android.virt",
493    ],
494    min_sdk_version: "29",
495}
496
497cc_library_static {
498    name: "libssl_baremetal",
499    defaults: [
500        "libssl_sources",
501        "boringssl_defaults",
502        "boringssl_flags",
503    ],
504    static_libs: ["libcrypto_baremetal"],
505}
506
507// Unsafe and deterministic version of libssl. For testing and fuzzing only.
508// See src/FUZZING.md.
509cc_test_library {
510    name: "libssl_fuzz_unsafe",
511    host_supported: true,
512    defaults: [
513        "libssl_sources",
514        "boringssl_defaults",
515        "boringssl_flags",
516        "boringssl_fuzz_unsafe_defaults",
517    ],
518    static_libs: [
519        "libcrypto_fuzz_unsafe",
520    ],
521}
522
523// Tool
524cc_binary {
525    name: "bssl",
526    host_supported: true,
527    defaults: [
528        "bssl_sources",
529        "boringssl_flags",
530    ],
531
532    shared_libs: [
533        "libcrypto",
534        "libssl",
535    ],
536    target: {
537        darwin: {
538            enabled: false,
539        },
540        android: {
541            compile_multilib: "both",
542        },
543    },
544    multilib: {
545        lib32: {
546            suffix: "32",
547        },
548    },
549}
550
551// Used for ACVP testing for FIPS certification.
552// Not installed on devices by default.
553cc_binary {
554    name: "acvp_modulewrapper",
555    srcs: [
556        "src/util/fipstools/acvp/modulewrapper/main.cc",
557    ],
558    target: {
559        android_x86: {
560            enabled: false,
561        },
562        android_x86_64: {
563            enabled: false,
564        },
565    },
566    stem: "modulewrapper",
567    compile_multilib: "both",
568    multilib: {
569        lib32: {
570            suffix: "32",
571        },
572    },
573
574    static_libs: [
575        "libacvp_modulewrapper",
576    ],
577    shared_libs: [
578        "libcrypto",
579    ],
580
581    defaults: [
582        "boringssl_flags",
583    ],
584}
585
586// ACVP wrapper implementation shared between Android and Trusty
587cc_library_static {
588    name: "libacvp_modulewrapper",
589    host_supported: true,
590    vendor_available: true,
591    srcs: [
592        "src/util/fipstools/acvp/modulewrapper/modulewrapper.cc",
593    ],
594    target: {
595        android: {
596            compile_multilib: "both",
597        },
598    },
599    export_include_dirs: ["src/util/fipstools/acvp/modulewrapper/"],
600    shared_libs: [
601        "libcrypto",
602    ],
603
604    defaults: [
605        "boringssl_flags",
606    ],
607
608    visibility: ["//system/core/trusty/utils/acvp"],
609}
610
611// Test support library
612cc_library_static {
613    name: "boringssl_test_support",
614    host_supported: true,
615    defaults: [
616        "boringssl_test_support_sources",
617        "boringssl_flags",
618    ],
619
620    shared_libs: [
621        "libcrypto",
622    ],
623}
624
625// Tests
626cc_test {
627    name: "boringssl_crypto_test",
628    test_config: "CryptoNativeTests.xml",
629    host_supported: false,
630    per_testcase_directory: true,
631    compile_multilib: "both",
632    multilib: {
633        lib32: {
634            suffix: "32",
635        },
636        lib64: {
637            suffix: "64",
638        },
639    },
640    defaults: [
641        "boringssl_crypto_test_sources",
642        "boringssl_flags",
643    ],
644    whole_static_libs: ["boringssl_test_support"],
645    // Statically link the library to test to ensure we always pick up the
646    // correct version regardless of device linker configuration.
647    static_libs: ["libcrypto_static"],
648    target: {
649        android: {
650            test_suites: ["mts-conscrypt"],
651        },
652    },
653}
654
655cc_test {
656    name: "boringssl_ssl_test",
657    test_config: "SslNativeTests.xml",
658    host_supported: false,
659    per_testcase_directory: true,
660    compile_multilib: "both",
661    multilib: {
662        lib32: {
663            suffix: "32",
664        },
665        lib64: {
666            suffix: "64",
667        },
668    },
669    defaults: [
670        "boringssl_ssl_test_sources",
671        "boringssl_flags",
672    ],
673    whole_static_libs: ["boringssl_test_support"],
674    // Statically link the libraries to test to ensure we always pick up the
675    // correct version regardless of device linker configuration.
676    static_libs: [
677        "libcrypto_static",
678        "libssl",
679    ],
680    target: {
681        android: {
682            test_suites: ["mts-conscrypt"],
683        },
684    },
685}
686
687// Utility binary for CMVP on-site testing.
688cc_binary {
689    name: "test_fips",
690    host_supported: false,
691    defaults: [
692        "boringssl_flags",
693    ],
694    shared_libs: [
695        "libcrypto",
696    ],
697    srcs: [
698        "src/util/fipstools/test_fips.c",
699    ],
700    required: [
701        "adb",
702        "libcrypto_for_testing",
703    ],
704}
705
706libbssl_sys_raw_flags = [
707    // Adapted from upstream the src/rust/CMakeLists.txt file at:
708    // https://boringssl.googlesource.com/boringssl/+/refs/heads/master/rust/CMakeLists.txt
709    "--no-derive-default",
710    "--enable-function-attribute-detection",
711    "--use-core",
712    "--size_t-is-usize",
713    "--default-macro-constant-type=signed",
714    "--rustified-enum=point_conversion_form_t",
715    "--allowlist-file=.*/include/openssl/.*\\.h",
716    "--allowlist-file=.*/rust_wrapper\\.h",
717    // These are not BoringSSL symbols, they are from glibc
718    // and are not relevant to the build besides throwing warnings
719    // about their 'long double' (aka u128) not being FFI safe.
720    // We block those functions so that the build doesn't
721    // spam warnings.
722    //
723    // https://github.com/rust-lang/rust-bindgen/issues/1549 describes the current problem
724    // and other folks' solutions.
725    "--blocklist-function=strtold",
726    "--blocklist-function=qecvt",
727    "--blocklist-function=qecvt_r",
728    "--blocklist-function=qgcvt",
729    "--blocklist-function=qfcvt",
730    "--blocklist-function=qfcvt_r",
731]
732
733// Rust bindings
734rust_bindgen {
735    name: "libbssl_sys_raw",
736    source_stem: "bindings",
737    crate_name: "bssl_sys_raw",
738    host_supported: true,
739    wrapper_src: "src/rust/bssl-sys/wrapper.h",
740    vendor_available: true,
741    product_available: true,
742    bindgen_flags: libbssl_sys_raw_flags,
743    shared_libs: [
744        "libcrypto",
745        "libssl",
746    ],
747    apex_available: [
748        "//apex_available:platform",
749        "com.android.virt",
750    ],
751}
752
753rust_bindgen {
754    name: "libbssl_sys_raw_nostd",
755    source_stem: "bindings",
756    crate_name: "bssl_sys_raw",
757    wrapper_src: "src/rust/bssl-sys/wrapper.h",
758    bindgen_flags: [
759        "--raw-line=#![no_std]",
760        "--ctypes-prefix=core::ffi",
761    ] + libbssl_sys_raw_flags,
762    header_libs: [
763        "libcrypto_baremetal",
764        "libssl_baremetal",
765    ],
766}
767
768// Encapsulate the bindgen-generated layout tests as a test target.
769rust_test {
770    name: "libbssl_sys_raw_test",
771    srcs: [
772        ":libbssl_sys_raw",
773    ],
774    crate_name: "bssl_sys_raw_test",
775    test_suites: ["general-tests"],
776    auto_gen_config: true,
777    clippy_lints: "none",
778    lints: "none",
779}
780
781// Rust's bindgen doesn't cope with macros, so this target includes C functions that
782// do the same thing as macros defined in BoringSSL header files.
783cc_library_static {
784    name: "libbssl_rust_support",
785    host_supported: true,
786    defaults: ["boringssl_flags"],
787    srcs: ["src/rust/bssl-sys/rust_wrapper.c"],
788    shared_libs: [
789        "libcrypto",
790        "libssl",
791    ],
792    apex_available: [
793        "//apex_available:platform",
794        "com.android.virt",
795    ],
796}
797
798cc_library_static {
799    name: "libbssl_rust_support_baremetal",
800    defaults: ["boringssl_flags"],
801    srcs: ["src/rust/bssl-sys/rust_wrapper.c"],
802    static_libs: [
803        "libcrypto_baremetal",
804        "libssl_baremetal",
805    ],
806}
807
808// Replace the upstream CMake placeholder with a re-export of all of the local bindgen output.
809gensrcs {
810    name: "libbssl_sys_src",
811    srcs: ["src/rust/bssl-sys/src/lib.rs"],
812    cmd: "sed 's@^.{INCLUDES}@pub use bssl_sys_raw::*;@' $(in) > $(out)",
813}
814
815rust_library {
816    name: "libbssl_ffi",
817    host_supported: true,
818    crate_name: "bssl_ffi",
819    visibility: [
820        "//external/rust/crates/openssl",
821        "//system/keymint/boringssl",
822        "//system/security/prng_seeder",
823    ],
824    // Use the modified source with placeholder replaced.
825    srcs: [":libbssl_sys_src"],
826    vendor_available: true,
827    product_available: true,
828    // Since libbssl_sys_raw is not publicly visible, we can't accidentally
829    // force a double-link by linking statically, so do so.
830    rlibs: ["libbssl_sys_raw"],
831    whole_static_libs: [
832        "libbssl_rust_support",
833    ],
834    apex_available: [
835        "//apex_available:platform",
836        "com.android.virt",
837    ],
838}
839
840gensrcs {
841    name: "libbssl_sys_src_nostd",
842    srcs: [":libbssl_sys_src"],
843    cmd: "(echo '#![no_std]' && cat $(in)) > $(out)",
844}
845
846rust_library_rlib {
847    name: "libbssl_ffi_nostd",
848    crate_name: "bssl_ffi",
849    visibility: [
850        "//packages/modules/Virtualization/pvmfw",
851    ],
852    srcs: [":libbssl_sys_src_nostd"],
853    rlibs: ["libbssl_sys_raw_nostd"],
854    prefer_rlib: true,
855    no_stdlibs: true,
856    stdlibs: [
857        "libcompiler_builtins.rust_sysroot",
858        "libcore.rust_sysroot",
859    ],
860    whole_static_libs: [
861        "libbssl_rust_support_baremetal",
862    ],
863}
864