1 # Copyright (c) 2012 The Chromium OS Authors. All rights reserved. 2 # Use of this source code is governed by a BSD-style license that can be 3 # found in the LICENSE file. 4 5 BASE_VER=0 6 include common.mk 7 8 LIBDIR ?= lib 9 PRELOADNAME = libminijailpreload.so 10 PRELOADPATH = \"/$(LIBDIR)/$(PRELOADNAME)\" 11 CPPFLAGS += -DPRELOADPATH="$(PRELOADPATH)" 12 13 ifneq ($(HAVE_SECUREBITS_H),no) 14 CPPFLAGS += -DHAVE_SECUREBITS_H 15 endif 16 17 ifeq ($(USE_seccomp),no) 18 CPPFLAGS += -DUSE_SECCOMP_SOFTFAIL 19 endif 20 21 ifeq ($(USE_ASAN),yes) 22 CPPFLAGS += -fsanitize=address 23 LDFLAGS += -fsanitize=address 24 USE_EXIT_ON_DIE = yes 25 endif 26 27 # Setting this flag can be useful for both AddressSanitizer builds and running 28 # fuzzing tools, which do not expect crashes on gracefully-handled malformed 29 # inputs. 30 ifeq ($(USE_EXIT_ON_DIE),yes) 31 CPPFLAGS += -DUSE_EXIT_ON_DIE 32 endif 33 34 MJ_COMMON_FLAGS = -Wunused-parameter -Wextra -Wno-missing-field-initializers 35 CFLAGS += $(MJ_COMMON_FLAGS) 36 CXXFLAGS += $(MJ_COMMON_FLAGS) 37 38 USE_SYSTEM_GTEST ?= no 39 ifeq ($(USE_SYSTEM_GTEST),no) 40 GTEST_CXXFLAGS := -std=gnu++14 41 GTEST_LIBS := gtest.a 42 else 43 GTEST_CXXFLAGS := $(shell gtest-config --cxxflags) 44 GTEST_LIBS := $(shell gtest-config --libs) 45 endif 46 47 CORE_OBJECT_FILES := libminijail.o syscall_filter.o signal_handler.o \ 48 bpf.o util.o system.o syscall_wrapper.o \ 49 libconstants.gen.o libsyscalls.gen.o 50 51 all: CC_BINARY(minijail0) CC_LIBRARY(libminijail.so) \ 52 CC_LIBRARY(libminijailpreload.so) 53 54 parse_seccomp_policy: CXX_BINARY(parse_seccomp_policy) 55 56 tests: TEST(CXX_BINARY(libminijail_unittest)) \ 57 TEST(CXX_BINARY(minijail0_cli_unittest)) \ 58 TEST(CXX_BINARY(syscall_filter_unittest)) \ 59 TEST(CXX_BINARY(system_unittest)) \ 60 TEST(CXX_BINARY(util_unittest)) \ 61 62 63 CC_BINARY(minijail0): LDLIBS += -lcap -ldl 64 CC_BINARY(minijail0): $(CORE_OBJECT_FILES) \ 65 elfparse.o minijail0.o minijail0_cli.o 66 clean: CLEAN(minijail0) 67 68 69 CC_LIBRARY(libminijail.so): LDLIBS += -lcap 70 CC_LIBRARY(libminijail.so): $(CORE_OBJECT_FILES) 71 clean: CLEAN(libminijail.so) 72 73 74 CXX_BINARY(libminijail_unittest): CXXFLAGS += -Wno-write-strings \ 75 $(GTEST_CXXFLAGS) 76 CXX_BINARY(libminijail_unittest): LDLIBS += -lcap $(GTEST_LIBS) 77 ifeq ($(USE_SYSTEM_GTEST),no) 78 CXX_BINARY(libminijail_unittest): $(GTEST_LIBS) 79 endif 80 CXX_BINARY(libminijail_unittest): libminijail_unittest.o $(CORE_OBJECT_FILES) \ 81 testrunner.o 82 clean: CLEAN(libminijail_unittest) 83 84 85 CC_LIBRARY(libminijailpreload.so): LDLIBS += -lcap -ldl 86 CC_LIBRARY(libminijailpreload.so): libminijailpreload.o $(CORE_OBJECT_FILES) 87 clean: CLEAN(libminijailpreload.so) 88 89 90 CXX_BINARY(minijail0_cli_unittest): CXXFLAGS += $(GTEST_CXXFLAGS) 91 CXX_BINARY(minijail0_cli_unittest): LDLIBS += -lcap $(GTEST_LIBS) 92 ifeq ($(USE_SYSTEM_GTEST),no) 93 CXX_BINARY(minijail0_cli_unittest): $(GTEST_LIBS) 94 endif 95 CXX_BINARY(minijail0_cli_unittest): minijail0_cli_unittest.o \ 96 $(CORE_OBJECT_FILES) minijail0_cli.o elfparse.o testrunner.o 97 clean: CLEAN(minijail0_cli_unittest) 98 99 100 CXX_BINARY(syscall_filter_unittest): CXXFLAGS += -Wno-write-strings \ 101 $(GTEST_CXXFLAGS) 102 CXX_BINARY(syscall_filter_unittest): LDLIBS += -lcap $(GTEST_LIBS) 103 ifeq ($(USE_SYSTEM_GTEST),no) 104 CXX_BINARY(syscall_filter_unittest): $(GTEST_LIBS) 105 endif 106 CXX_BINARY(syscall_filter_unittest): syscall_filter_unittest.o \ 107 $(CORE_OBJECT_FILES) testrunner.o 108 clean: CLEAN(syscall_filter_unittest) 109 110 111 CXX_BINARY(system_unittest): CXXFLAGS += $(GTEST_CXXFLAGS) 112 CXX_BINARY(system_unittest): LDLIBS += -lcap $(GTEST_LIBS) 113 ifeq ($(USE_SYSTEM_GTEST),no) 114 CXX_BINARY(system_unittest): $(GTEST_LIBS) 115 endif 116 CXX_BINARY(system_unittest): system_unittest.o \ 117 $(CORE_OBJECT_FILES) testrunner.o 118 clean: CLEAN(system_unittest) 119 120 121 CXX_BINARY(util_unittest): CXXFLAGS += $(GTEST_CXXFLAGS) 122 CXX_BINARY(util_unittest): LDLIBS += -lcap $(GTEST_LIBS) 123 ifeq ($(USE_SYSTEM_GTEST),no) 124 CXX_BINARY(util_unittest): $(GTEST_LIBS) 125 endif 126 CXX_BINARY(util_unittest): util_unittest.o \ 127 $(CORE_OBJECT_FILES) testrunner.o 128 clean: CLEAN(util_unittest) 129 130 131 CXX_BINARY(parse_seccomp_policy): parse_seccomp_policy.o syscall_filter.o \ 132 bpf.o util.o libconstants.gen.o libsyscalls.gen.o 133 clean: CLEAN(parse_seccomp_policy) 134 135 136 libsyscalls.gen.o: CPPFLAGS += -I$(SRC) 137 138 libsyscalls.gen.o.depends: libsyscalls.gen.c 139 140 # Only regenerate libsyscalls.gen.c if the Makefile or header changes. 141 # NOTE! This will not detect if the file is not appropriate for the target. 142 libsyscalls.gen.c: $(SRC)/Makefile $(SRC)/libsyscalls.h 143 @printf "Generating target-arch specific $@...\n" 144 $(QUIET)CC="$(CC)" $(SRC)/gen_syscalls.sh "$@" 145 @printf "$@ done.\n" 146 clean: CLEAN(libsyscalls.gen.c) 147 148 $(eval $(call add_object_rules,libsyscalls.gen.o,CC,c,CFLAGS)) 149 150 libconstants.gen.o: CPPFLAGS += -I$(SRC) 151 152 libconstants.gen.o.depends: libconstants.gen.c 153 154 # Only regenerate libconstants.gen.c if the Makefile or header changes. 155 # NOTE! This will not detect if the file is not appropriate for the target. 156 libconstants.gen.c: $(SRC)/Makefile $(SRC)/libconstants.h 157 @printf "Generating target-arch specific $@...\n" 158 $(QUIET)CC="$(CC)" $(SRC)/gen_constants.sh "$@" 159 @printf "$@ done.\n" 160 clean: CLEAN(libconstants.gen.c) 161 162 $(eval $(call add_object_rules,libconstants.gen.o,CC,c,CFLAGS)) 163 164 165 ################################################################################ 166 # Google Test 167 168 ifeq ($(USE_SYSTEM_GTEST),no) 169 # Points to the root of Google Test, relative to where this file is. 170 # Remember to tweak this if you move this file. 171 GTEST_DIR = googletest-release-1.8.0/googletest 172 173 # Flags passed to the preprocessor. 174 # Set Google Test's header directory as a system directory, such that 175 # the compiler doesn't generate warnings in Google Test headers. 176 CPPFLAGS += -isystem $(GTEST_DIR)/include 177 178 # Flags passed to the C++ compiler. 179 GTEST_CXXFLAGS += -pthread 180 181 # All Google Test headers. Usually you shouldn't change this 182 # definition. 183 GTEST_HEADERS = $(GTEST_DIR)/include/gtest/*.h \ 184 $(GTEST_DIR)/include/gtest/internal/*.h 185 186 # House-keeping build targets. 187 clean: clean_gtest 188 189 clean_gtest: 190 rm -f gtest.a gtest_main.a *.o 191 192 # Builds gtest.a and gtest_main.a. 193 194 # Usually you shouldn't tweak such internal variables, indicated by a 195 # trailing _. 196 GTEST_SRCS_ = $(GTEST_DIR)/src/*.cc $(GTEST_DIR)/src/*.h $(GTEST_HEADERS) 197 198 # For simplicity and to avoid depending on Google Test's 199 # implementation details, the dependencies specified below are 200 # conservative and not optimized. This is fine as Google Test 201 # compiles fast and for ordinary users its source rarely changes. 202 gtest-all.o : $(GTEST_SRCS_) 203 $(CXX) $(CPPFLAGS) -I$(GTEST_DIR) $(CXXFLAGS) $(GTEST_CXXFLAGS) -c \ 204 $(GTEST_DIR)/src/gtest-all.cc -o $@ 205 206 gtest_main.o : $(GTEST_SRCS_) 207 $(CXX) $(CPPFLAGS) -I$(GTEST_DIR) $(CXXFLAGS) $(GTEST_CXXFLAGS) -c \ 208 $(GTEST_DIR)/src/gtest_main.cc -o $@ 209 210 gtest.a : gtest-all.o 211 $(AR) $(ARFLAGS) $@ $^ 212 213 gtest_main.a : gtest-all.o gtest_main.o 214 $(AR) $(ARFLAGS) $@ $^ 215 216 endif 217 ################################################################################ 218
