Home | History | Annotate | Download | only in minijail 
      1 # Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
      2 # Use of this source code is governed by a BSD-style license that can be
      3 # found in the LICENSE file.
      4 
      5 BASE_VER=0
      6 include common.mk
      7 
      8 LIBDIR ?= /lib
      9 PRELOADNAME = libminijailpreload.so
     10 PRELOADPATH = "$(LIBDIR)/$(PRELOADNAME)"
     11 CPPFLAGS += -DPRELOADPATH='$(PRELOADPATH)'
     12 
     13 # Defines the pivot root path used by the minimalistic-mountns profile.
     14 DEFAULT_PIVOT_ROOT ?= /var/empty
     15 CPPFLAGS += -DDEFAULT_PIVOT_ROOT='"$(DEFAULT_PIVOT_ROOT)"'
     16 
     17 ifeq ($(USE_seccomp),no)
     18 CPPFLAGS += -DUSE_SECCOMP_SOFTFAIL
     19 endif
     20 
     21 # Allow people to use -L and related flags.
     22 ALLOW_DEBUG_LOGGING ?= yes
     23 ifeq ($(ALLOW_DEBUG_LOGGING),yes)
     24 CPPFLAGS += -DALLOW_DEBUG_LOGGING
     25 endif
     26 
     27 ifeq ($(USE_ASAN),yes)
     28 CPPFLAGS += -fsanitize=address
     29 LDFLAGS += -fsanitize=address
     30 USE_EXIT_ON_DIE = yes
     31 endif
     32 
     33 # Setting this flag can be useful for both AddressSanitizer builds and running
     34 # fuzzing tools, which do not expect crashes on gracefully-handled malformed
     35 # inputs.
     36 ifeq ($(USE_EXIT_ON_DIE),yes)
     37 CPPFLAGS += -DUSE_EXIT_ON_DIE
     38 endif
     39 
     40 MJ_COMMON_FLAGS = -Wunused-parameter -Wextra -Wno-missing-field-initializers
     41 CFLAGS += $(MJ_COMMON_FLAGS)
     42 CXXFLAGS += $(MJ_COMMON_FLAGS)
     43 
     44 USE_SYSTEM_GTEST ?= no
     45 ifeq ($(USE_SYSTEM_GTEST),no)
     46 GTEST_CXXFLAGS := -std=gnu++14
     47 GTEST_LIBS := gtest.a
     48 else
     49 GTEST_CXXFLAGS := $(shell gtest-config --cxxflags)
     50 GTEST_LIBS := $(shell gtest-config --libs)
     51 endif
     52 
     53 CORE_OBJECT_FILES := libminijail.o syscall_filter.o signal_handler.o \
     54 		bpf.o util.o system.o syscall_wrapper.o \
     55 		libconstants.gen.o libsyscalls.gen.o
     56 
     57 all: CC_BINARY(minijail0) CC_LIBRARY(libminijail.so) \
     58 	CC_LIBRARY(libminijailpreload.so)
     59 
     60 parse_seccomp_policy: CXX_BINARY(parse_seccomp_policy)
     61 dump_constants: CXX_BINARY(dump_constants)
     62 
     63 tests: TEST(CXX_BINARY(libminijail_unittest)) \
     64 	TEST(CXX_BINARY(minijail0_cli_unittest)) \
     65 	TEST(CXX_BINARY(syscall_filter_unittest)) \
     66 	TEST(CXX_BINARY(system_unittest)) \
     67 	TEST(CXX_BINARY(util_unittest)) \
     68 
     69 
     70 CC_BINARY(minijail0): LDLIBS += -lcap -ldl
     71 CC_BINARY(minijail0): $(CORE_OBJECT_FILES) \
     72 	elfparse.o minijail0.o minijail0_cli.o
     73 clean: CLEAN(minijail0)
     74 
     75 
     76 CC_LIBRARY(libminijail.so): LDLIBS += -lcap
     77 CC_LIBRARY(libminijail.so): $(CORE_OBJECT_FILES)
     78 clean: CLEAN(libminijail.so)
     79 
     80 
     81 CXX_BINARY(libminijail_unittest): CXXFLAGS += -Wno-write-strings \
     82 						$(GTEST_CXXFLAGS)
     83 CXX_BINARY(libminijail_unittest): LDLIBS += -lcap $(GTEST_LIBS)
     84 ifeq ($(USE_SYSTEM_GTEST),no)
     85 CXX_BINARY(libminijail_unittest): $(GTEST_LIBS)
     86 endif
     87 CXX_BINARY(libminijail_unittest): libminijail_unittest.o $(CORE_OBJECT_FILES) \
     88 		testrunner.o
     89 clean: CLEAN(libminijail_unittest)
     90 
     91 TEST(CXX_BINARY(libminijail_unittest)): CC_LIBRARY(libminijailpreload.so)
     92 
     93 
     94 CC_LIBRARY(libminijailpreload.so): LDLIBS += -lcap -ldl
     95 CC_LIBRARY(libminijailpreload.so): libminijailpreload.o $(CORE_OBJECT_FILES)
     96 clean: CLEAN(libminijailpreload.so)
     97 
     98 
     99 CXX_BINARY(minijail0_cli_unittest): CXXFLAGS += $(GTEST_CXXFLAGS)
    100 CXX_BINARY(minijail0_cli_unittest): LDLIBS += -lcap $(GTEST_LIBS)
    101 ifeq ($(USE_SYSTEM_GTEST),no)
    102 CXX_BINARY(minijail0_cli_unittest): $(GTEST_LIBS)
    103 endif
    104 CXX_BINARY(minijail0_cli_unittest): minijail0_cli_unittest.o \
    105 		$(CORE_OBJECT_FILES) minijail0_cli.o elfparse.o testrunner.o
    106 clean: CLEAN(minijail0_cli_unittest)
    107 
    108 
    109 CXX_BINARY(syscall_filter_unittest): CXXFLAGS += -Wno-write-strings \
    110 						$(GTEST_CXXFLAGS)
    111 CXX_BINARY(syscall_filter_unittest): LDLIBS += -lcap $(GTEST_LIBS)
    112 ifeq ($(USE_SYSTEM_GTEST),no)
    113 CXX_BINARY(syscall_filter_unittest): $(GTEST_LIBS)
    114 endif
    115 CXX_BINARY(syscall_filter_unittest): syscall_filter_unittest.o \
    116 		$(CORE_OBJECT_FILES) testrunner.o
    117 clean: CLEAN(syscall_filter_unittest)
    118 
    119 
    120 CXX_BINARY(system_unittest): CXXFLAGS += $(GTEST_CXXFLAGS)
    121 CXX_BINARY(system_unittest): LDLIBS += -lcap $(GTEST_LIBS)
    122 ifeq ($(USE_SYSTEM_GTEST),no)
    123 CXX_BINARY(system_unittest): $(GTEST_LIBS)
    124 endif
    125 CXX_BINARY(system_unittest): system_unittest.o \
    126 		$(CORE_OBJECT_FILES) testrunner.o
    127 clean: CLEAN(system_unittest)
    128 
    129 
    130 CXX_BINARY(util_unittest): CXXFLAGS += $(GTEST_CXXFLAGS)
    131 CXX_BINARY(util_unittest): LDLIBS += -lcap $(GTEST_LIBS)
    132 ifeq ($(USE_SYSTEM_GTEST),no)
    133 CXX_BINARY(util_unittest): $(GTEST_LIBS)
    134 endif
    135 CXX_BINARY(util_unittest): util_unittest.o \
    136 		$(CORE_OBJECT_FILES) testrunner.o
    137 clean: CLEAN(util_unittest)
    138 
    139 
    140 CXX_BINARY(parse_seccomp_policy): parse_seccomp_policy.o syscall_filter.o \
    141 		bpf.o util.o libconstants.gen.o libsyscalls.gen.o
    142 clean: CLEAN(parse_seccomp_policy)
    143 
    144 
    145 CXX_BINARY(dump_constants): dump_constants.o \
    146 		libconstants.gen.o libsyscalls.gen.o
    147 clean: CLEAN(dump_constants)
    148 
    149 
    150 constants.json: CXX_BINARY(dump_constants)
    151 	./dump_constants > $@
    152 clean: CLEANFILE(constants.json)
    153 
    154 
    155 libsyscalls.gen.o: CPPFLAGS += -I$(SRC)
    156 
    157 libsyscalls.gen.o.depends: libsyscalls.gen.c
    158 
    159 # Only regenerate libsyscalls.gen.c if the Makefile or header changes.
    160 # NOTE! This will not detect if the file is not appropriate for the target.
    161 libsyscalls.gen.c: $(SRC)/Makefile $(SRC)/libsyscalls.h
    162 	@printf "Generating target-arch specific $@...\n"
    163 	$(QUIET)CC="$(CC)" $(SRC)/gen_syscalls.sh "$@"
    164 	@printf "$@ done.\n"
    165 clean: CLEAN(libsyscalls.gen.c)
    166 
    167 $(eval $(call add_object_rules,libsyscalls.gen.o,CC,c,CFLAGS))
    168 
    169 libconstants.gen.o: CPPFLAGS += -I$(SRC)
    170 
    171 libconstants.gen.o.depends: libconstants.gen.c
    172 
    173 # Only regenerate libconstants.gen.c if the Makefile or header changes.
    174 # NOTE! This will not detect if the file is not appropriate for the target.
    175 libconstants.gen.c: $(SRC)/Makefile $(SRC)/libconstants.h
    176 	@printf "Generating target-arch specific $@...\n"
    177 	$(QUIET)CC="$(CC)" $(SRC)/gen_constants.sh "$@"
    178 	@printf "$@ done.\n"
    179 clean: CLEAN(libconstants.gen.c)
    180 
    181 $(eval $(call add_object_rules,libconstants.gen.o,CC,c,CFLAGS))
    182 
    183 
    184 ################################################################################
    185 # Google Test
    186 
    187 ifeq ($(USE_SYSTEM_GTEST),no)
    188 # Points to the root of Google Test, relative to where this file is.
    189 # Remember to tweak this if you move this file.
    190 GTEST_DIR = googletest-release-1.8.0/googletest
    191 
    192 # Flags passed to the preprocessor.
    193 # Set Google Test's header directory as a system directory, such that
    194 # the compiler doesn't generate warnings in Google Test headers.
    195 CPPFLAGS += -isystem $(GTEST_DIR)/include
    196 
    197 # Flags passed to the C++ compiler.
    198 GTEST_CXXFLAGS += -pthread
    199 
    200 # All Google Test headers.  Usually you shouldn't change this
    201 # definition.
    202 GTEST_HEADERS = $(GTEST_DIR)/include/gtest/*.h \
    203 		$(GTEST_DIR)/include/gtest/internal/*.h
    204 
    205 # House-keeping build targets.
    206 clean: clean_gtest
    207 
    208 clean_gtest:
    209 	rm -f gtest.a gtest_main.a *.o
    210 
    211 # Builds gtest.a and gtest_main.a.
    212 
    213 # Usually you shouldn't tweak such internal variables, indicated by a
    214 # trailing _.
    215 GTEST_SRCS_ = $(GTEST_DIR)/src/*.cc $(GTEST_DIR)/src/*.h $(GTEST_HEADERS)
    216 
    217 # For simplicity and to avoid depending on Google Test's
    218 # implementation details, the dependencies specified below are
    219 # conservative and not optimized.  This is fine as Google Test
    220 # compiles fast and for ordinary users its source rarely changes.
    221 gtest-all.o : $(GTEST_SRCS_)
    222 	$(CXX) $(CPPFLAGS) -I$(GTEST_DIR) $(CXXFLAGS) $(GTEST_CXXFLAGS) -c \
    223 		$(GTEST_DIR)/src/gtest-all.cc -o $@
    224 
    225 gtest_main.o : $(GTEST_SRCS_)
    226 	$(CXX) $(CPPFLAGS) -I$(GTEST_DIR) $(CXXFLAGS) $(GTEST_CXXFLAGS) -c \
    227 		$(GTEST_DIR)/src/gtest_main.cc -o $@
    228 
    229 gtest.a : gtest-all.o
    230 	$(AR) $(ARFLAGS) $@ $^
    231 
    232 gtest_main.a : gtest-all.o gtest_main.o
    233 	$(AR) $(ARFLAGS) $@ $^
    234 
    235 endif
    236 ################################################################################
    237