code-intelligence.com/cifuzz@v0.40.0/third-party/minijail/Makefile (about) 1 # Copyright (c) 2012 The Chromium OS Authors. All rights reserved. 2 # Use of this source code is governed by a BSD-style license that can be 3 # found in the LICENSE file. 4 5 BASE_VER=0 6 include common.mk 7 8 LIBDIR ?= /lib 9 PRELOADNAME = libminijailpreload.so 10 PRELOADPATH = "$(LIBDIR)/$(PRELOADNAME)" 11 CPPFLAGS += -DPRELOADPATH='$(PRELOADPATH)' 12 13 # Defines the pivot root path used by the minimalistic-mountns profile. 14 DEFAULT_PIVOT_ROOT ?= /var/empty 15 CPPFLAGS += -DDEFAULT_PIVOT_ROOT='"$(DEFAULT_PIVOT_ROOT)"' 16 17 ifeq ($(USE_seccomp),no) 18 CPPFLAGS += -DUSE_SECCOMP_SOFTFAIL 19 endif 20 21 # Allow people to use -L and related flags. 22 ALLOW_DEBUG_LOGGING ?= yes 23 ifeq ($(ALLOW_DEBUG_LOGGING),yes) 24 CPPFLAGS += -DALLOW_DEBUG_LOGGING 25 ifeq ($(SECCOMP_DEFAULT_RET_LOG),yes) 26 CPPFLAGS += -DSECCOMP_DEFAULT_RET_LOG 27 endif 28 endif 29 30 ifeq ($(USE_ASAN),yes) 31 CPPFLAGS += -fsanitize=address -fno-omit-frame-pointer 32 LDFLAGS += -fsanitize=address -fno-omit-frame-pointer 33 USE_EXIT_ON_DIE = yes 34 endif 35 36 # Setting this flag can be useful for both AddressSanitizer builds and running 37 # fuzzing tools, which do not expect crashes on gracefully-handled malformed 38 # inputs. 39 ifeq ($(USE_EXIT_ON_DIE),yes) 40 CPPFLAGS += -DUSE_EXIT_ON_DIE 41 endif 42 43 # Setting this flag allows duplicate syscalls definitions for seccomp filters. 44 ifeq ($(ALLOW_DUPLICATE_SYSCALLS),yes) 45 CPPFLAGS += -DALLOW_DUPLICATE_SYSCALLS 46 endif 47 48 MJ_COMMON_FLAGS = -Wunused-parameter -Wextra -Wno-missing-field-initializers 49 CFLAGS += $(MJ_COMMON_FLAGS) 50 CXXFLAGS += $(MJ_COMMON_FLAGS) 51 52 USE_SYSTEM_GTEST ?= no 53 ifeq ($(USE_SYSTEM_GTEST),no) 54 GTEST_CXXFLAGS := -std=gnu++14 55 GTEST_LIBS := gtest.a 56 else 57 GTEST_CXXFLAGS := $(shell gtest-config --cxxflags 2>/dev/null || \ 58 echo "-pthread") 59 GTEST_LIBS := $(shell gtest-config --libs 2>/dev/null || \ 60 echo "-lgtest -pthread -lpthread") 61 endif 62 63 CORE_OBJECT_FILES := libminijail.o syscall_filter.o signal_handler.o \ 64 bpf.o util.o system.o syscall_wrapper.o \ 65 libconstants.gen.o libsyscalls.gen.o 66 67 all: CC_BINARY(minijail0) CC_LIBRARY(libminijail.so) \ 68 CC_LIBRARY(libminijailpreload.so) 69 70 parse_seccomp_policy: CXX_BINARY(parse_seccomp_policy) 71 dump_constants: CXX_STATIC_BINARY(dump_constants) 72 73 tests: TEST(CXX_BINARY(libminijail_unittest)) \ 74 TEST(CXX_BINARY(minijail0_cli_unittest)) \ 75 TEST(CXX_BINARY(syscall_filter_unittest)) \ 76 TEST(CXX_BINARY(system_unittest)) \ 77 TEST(CXX_BINARY(util_unittest)) \ 78 79 80 CC_BINARY(minijail0): LDLIBS += -l:libcap.a -ldl 81 CC_BINARY(minijail0): $(CORE_OBJECT_FILES) \ 82 elfparse.o minijail0.o minijail0_cli.o 83 clean: CLEAN(minijail0) 84 85 86 CC_LIBRARY(libminijail.so): LDLIBS += -l:libcap.a 87 CC_LIBRARY(libminijail.so): $(CORE_OBJECT_FILES) 88 clean: CLEAN(libminijail.so) 89 90 CC_STATIC_LIBRARY(libminijail.pic.a): $(CORE_OBJECT_FILES) 91 CC_STATIC_LIBRARY(libminijail.pie.a): $(CORE_OBJECT_FILES) 92 clean: CLEAN(libminijail.*.a) 93 94 CXX_BINARY(libminijail_unittest): CXXFLAGS += -Wno-write-strings \ 95 $(GTEST_CXXFLAGS) 96 CXX_BINARY(libminijail_unittest): LDLIBS += -l:libcap.a $(GTEST_LIBS) 97 ifeq ($(USE_SYSTEM_GTEST),no) 98 CXX_BINARY(libminijail_unittest): $(GTEST_LIBS) 99 endif 100 CXX_BINARY(libminijail_unittest): libminijail_unittest.o $(CORE_OBJECT_FILES) \ 101 testrunner.o 102 clean: CLEAN(libminijail_unittest) 103 104 TEST(CXX_BINARY(libminijail_unittest)): CC_LIBRARY(libminijailpreload.so) 105 106 107 CC_LIBRARY(libminijailpreload.so): LDLIBS += -l:libcap.a -ldl 108 CC_LIBRARY(libminijailpreload.so): libminijailpreload.o $(CORE_OBJECT_FILES) 109 clean: CLEAN(libminijailpreload.so) 110 111 112 CXX_BINARY(minijail0_cli_unittest): CXXFLAGS += $(GTEST_CXXFLAGS) 113 CXX_BINARY(minijail0_cli_unittest): LDLIBS += -l:libcap.a $(GTEST_LIBS) 114 ifeq ($(USE_SYSTEM_GTEST),no) 115 CXX_BINARY(minijail0_cli_unittest): $(GTEST_LIBS) 116 endif 117 CXX_BINARY(minijail0_cli_unittest): minijail0_cli_unittest.o \ 118 $(CORE_OBJECT_FILES) minijail0_cli.o elfparse.o testrunner.o 119 clean: CLEAN(minijail0_cli_unittest) 120 121 122 CXX_BINARY(syscall_filter_unittest): CXXFLAGS += -Wno-write-strings \ 123 $(GTEST_CXXFLAGS) 124 CXX_BINARY(syscall_filter_unittest): LDLIBS += -l:libcap.a $(GTEST_LIBS) 125 ifeq ($(USE_SYSTEM_GTEST),no) 126 CXX_BINARY(syscall_filter_unittest): $(GTEST_LIBS) 127 endif 128 CXX_BINARY(syscall_filter_unittest): syscall_filter_unittest.o \ 129 $(CORE_OBJECT_FILES) testrunner.o 130 clean: CLEAN(syscall_filter_unittest) 131 132 133 CXX_BINARY(system_unittest): CXXFLAGS += $(GTEST_CXXFLAGS) 134 CXX_BINARY(system_unittest): LDLIBS += -l:libcap.a $(GTEST_LIBS) 135 ifeq ($(USE_SYSTEM_GTEST),no) 136 CXX_BINARY(system_unittest): $(GTEST_LIBS) 137 endif 138 CXX_BINARY(system_unittest): system_unittest.o \ 139 $(CORE_OBJECT_FILES) testrunner.o 140 clean: CLEAN(system_unittest) 141 142 143 CXX_BINARY(util_unittest): CXXFLAGS += $(GTEST_CXXFLAGS) 144 CXX_BINARY(util_unittest): LDLIBS += -l:libcap.a $(GTEST_LIBS) 145 ifeq ($(USE_SYSTEM_GTEST),no) 146 CXX_BINARY(util_unittest): $(GTEST_LIBS) 147 endif 148 CXX_BINARY(util_unittest): util_unittest.o \ 149 $(CORE_OBJECT_FILES) testrunner.o 150 clean: CLEAN(util_unittest) 151 152 153 CXX_BINARY(parse_seccomp_policy): parse_seccomp_policy.o syscall_filter.o \ 154 bpf.o util.o libconstants.gen.o libsyscalls.gen.o 155 clean: CLEAN(parse_seccomp_policy) 156 157 158 # Compiling dump_constants as a static executable makes it easy to run under 159 # qemu-user, which in turn simplifies cross-compiling bpf policies. 160 CXX_STATIC_BINARY(dump_constants): dump_constants.o \ 161 libconstants.gen.o libsyscalls.gen.o 162 clean: CLEAN(dump_constants) 163 164 165 constants.json: CXX_STATIC_BINARY(dump_constants) 166 ./dump_constants > $@ 167 clean: CLEANFILE(constants.json) 168 169 170 libsyscalls.gen.o: CPPFLAGS += -I$(SRC) 171 172 libsyscalls.gen.o.depends: libsyscalls.gen.c 173 174 # Only regenerate libsyscalls.gen.c if the Makefile or header changes. 175 # NOTE! This will not detect if the file is not appropriate for the target. 176 libsyscalls.gen.c: $(SRC)/Makefile $(SRC)/libsyscalls.h 177 @printf "Generating target-arch specific $@...\n" 178 $(QUIET)CC="$(CC)" $(SRC)/gen_syscalls.sh "$@" 179 @printf "$@ done.\n" 180 clean: CLEAN(libsyscalls.gen.c) 181 182 $(eval $(call add_object_rules,libsyscalls.gen.o,CC,c,CFLAGS)) 183 184 libconstants.gen.o: CPPFLAGS += -I$(SRC) 185 186 libconstants.gen.o.depends: libconstants.gen.c 187 188 # Only regenerate libconstants.gen.c if the Makefile or header changes. 189 # NOTE! This will not detect if the file is not appropriate for the target. 190 libconstants.gen.c: $(SRC)/Makefile $(SRC)/libconstants.h 191 @printf "Generating target-arch specific $@...\n" 192 $(QUIET)CC="$(CC)" $(SRC)/gen_constants.sh "$@" 193 @printf "$@ done.\n" 194 clean: CLEAN(libconstants.gen.c) 195 196 $(eval $(call add_object_rules,libconstants.gen.o,CC,c,CFLAGS)) 197 198 199 ################################################################################ 200 # Google Test 201 202 ifeq ($(USE_SYSTEM_GTEST),no) 203 # Points to the root of Google Test, relative to where this file is. 204 # Remember to tweak this if you move this file. 205 GTEST_DIR = googletest-release-1.10.0/googletest 206 207 # Flags passed to the preprocessor. 208 # Set Google Test's header directory as a system directory, such that 209 # the compiler doesn't generate warnings in Google Test headers. 210 CPPFLAGS += -isystem $(GTEST_DIR)/include 211 212 # Flags passed to the C++ compiler. 213 GTEST_CXXFLAGS += -pthread 214 215 # All Google Test headers. Usually you shouldn't change this 216 # definition. 217 GTEST_HEADERS = $(GTEST_DIR)/include/gtest/*.h \ 218 $(GTEST_DIR)/include/gtest/internal/*.h 219 220 # House-keeping build targets. 221 clean: clean_gtest 222 223 clean_gtest: 224 rm -f gtest.a gtest_main.a *.o 225 226 # Builds gtest.a and gtest_main.a. 227 228 # Usually you shouldn't tweak such internal variables, indicated by a 229 # trailing _. 230 GTEST_SRCS_ = $(GTEST_DIR)/src/*.cc $(GTEST_DIR)/src/*.h $(GTEST_HEADERS) 231 232 # For simplicity and to avoid depending on Google Test's 233 # implementation details, the dependencies specified below are 234 # conservative and not optimized. This is fine as Google Test 235 # compiles fast and for ordinary users its source rarely changes. 236 gtest-all.o : $(GTEST_SRCS_) 237 $(CXX) $(CPPFLAGS) -I$(GTEST_DIR) $(CXXFLAGS) $(GTEST_CXXFLAGS) -c \ 238 $(GTEST_DIR)/src/gtest-all.cc -o $@ 239 240 gtest_main.o : $(GTEST_SRCS_) 241 $(CXX) $(CPPFLAGS) -I$(GTEST_DIR) $(CXXFLAGS) $(GTEST_CXXFLAGS) -c \ 242 $(GTEST_DIR)/src/gtest_main.cc -o $@ 243 244 gtest.a : gtest-all.o 245 $(AR) $(ARFLAGS) $@ $^ 246 247 gtest_main.a : gtest-all.o gtest_main.o 248 $(AR) $(ARFLAGS) $@ $^ 249 250 endif 251 ################################################################################