1###### 2### This is a sample file for linux platform, please write the Makefile according to the actual situation of the product 3### If you want to create a shared library, use the command:"make" 4### If you want to create a static library, use the command:"make lib" 5### If you want to create a .ko file, use the command:"make kernel" 6### If you want to filter out unsupported compiler options, add the command:"CHECK_OPTION=check" 7###### 8 9PROJECT=libsecurec.so 10#if you need a debug version library, use "-g" instead of "-s -DNDEBUG -O2". 11# If you compiler report a warning on "break strict-aliasing rules", there is no problem. If you need to clear all warnings, you can add "-fno-strict-aliasing" option to your compiler, but this will impact the performance a little. 12CC?=gcc 13 14#for linux secure compile options from stdandard 2018.8 15SECURE_CFLAG_FOR_SHARED_LIBRARY = -fPIC 16SECURE_LDFLAG_FOR_SHARED_LIBRARY += -s 17SECURE_LDFLAG_FOR_SHARED_LIBRARY += -Wl,-z,relro,-z,now,-z,noexecstack 18#This option ensure forced links to functions in the library. If these functions are already contained in other libraries, cross-calls will occur 19#SECURE_LDFLAG_FOR_SHARED_LIBRARY += -Wl,-Bsymbolic 20 21 22GCC_HAVE_STRONG=$(shell $(CC) -fstack-protector-strong -E -dM - < /dev/null 2>&1 |grep -- "fstack-protector-strong" >/dev/null ;if [ $$? -ne 0 ] ;then echo yes;fi) 23ifeq ($(GCC_HAVE_STRONG),yes) 24SECURE_CFLAG_FOR_SHARED_LIBRARY += -fstack-protector-strong 25else 26SECURE_CFLAG_FOR_SHARED_LIBRARY += -fstack-protector-all 27endif 28 29 30#-fvisibility=hidden need modify source code 31#SECURE_CFLAG_FOR_SHARED_LIBRARY_OPTIONAL += -fvisibility=hidden 32 33#-ftrapv -D_FORTIFY_SOURCE=2 -fstack-check May result in performance degradation after opening 34SECURE_CFLAG_FOR_SHARED_LIBRARY_OPTIONAL += -D_FORTIFY_SOURCE=2 -O2 35#SECURE_CFLAG_FOR_SHARED_LIBRARY_OPTIONAL += -ftrapv 36#SECURE_CFLAG_FOR_SHARED_LIBRARY_OPTIONAL += -fstack-check 37 38 39SECURE_CFLAG_FOR_SHARED_LIBRARY_OPTIONAL += -Wformat=2 -Wfloat-equal -Wshadow 40# about pie option , We compiled a dynamic library, so we did not use it. ,If you want to compile executable files, please open this option 41#SECURE_CFLAG_FOR_EXE = -fPIE -pie 42 43 44 45## code standard options 46SECUREC_CODE_STANDARD_OPTION = -Wconversion 47SECUREC_CODE_STANDARD_OPTION += -Wformat-security 48SECUREC_CODE_STANDARD_OPTION += -Wextra 49SECUREC_CODE_STANDARD_OPTION += --param ssp-buffer-size=4 50 51#repeat options 52#SECUREC_CODE_STANDARD_OPTION += -D_FORTIFY_SOURCE=2 53#SECUREC_CODE_STANDARD_OPTION += -Wl,-z,relro,-z,now 54#SECUREC_CODE_STANDARD_OPTION += -fstack-protector 55 56#from product options 57PRODUCT_OPTION_FOR_SELECTION = -Warray-bounds 58PRODUCT_OPTION_FOR_SELECTION += -Wpointer-arith 59PRODUCT_OPTION_FOR_SELECTION += -Wcast-qual 60PRODUCT_OPTION_FOR_SELECTION += -Wstrict-prototypes 61PRODUCT_OPTION_FOR_SELECTION += -Wmissing-prototypes 62PRODUCT_OPTION_FOR_SELECTION += -Wstrict-overflow=1 63PRODUCT_OPTION_FOR_SELECTION += -Wstrict-aliasing=2 64PRODUCT_OPTION_FOR_SELECTION += -Wswitch -Wswitch-default 65PRODUCT_OPTION_FOR_SELECTION += -Wdate-time 66PRODUCT_OPTION_FOR_SELECTION += -Wdisabled-optimization 67PRODUCT_OPTION_FOR_SELECTION += -Wduplicated-branches 68PRODUCT_OPTION_FOR_SELECTION += -Wduplicated-cond 69PRODUCT_OPTION_FOR_SELECTION += -Wignored-qualifiers 70PRODUCT_OPTION_FOR_SELECTION += -Wimplicit-fallthrough=3 71PRODUCT_OPTION_FOR_SELECTION += -Wmissing-include-dirs 72PRODUCT_OPTION_FOR_SELECTION += -Wshift-negative-value 73PRODUCT_OPTION_FOR_SELECTION += -Wsign-compare 74PRODUCT_OPTION_FOR_SELECTION += -Wtrampolines 75PRODUCT_OPTION_FOR_SELECTION += -Wtype-limits 76PRODUCT_OPTION_FOR_SELECTION += -Wwrite-strings 77PRODUCT_OPTION_FOR_SELECTION += -Werror 78PRODUCT_OPTION_FOR_SELECTION += -Wunused-macros 79PRODUCT_OPTION_FOR_SELECTION += -Wshift-overflow=2 80PRODUCT_OPTION_FOR_SELECTION += -Wnested-externs 81PRODUCT_OPTION_FOR_SELECTION += -Wlogical-op 82PRODUCT_OPTION_FOR_SELECTION += -Wjump-misses-init 83PRODUCT_OPTION_FOR_SELECTION += -Wvla 84PRODUCT_OPTION_FOR_SELECTION += -Wframe-larger-than=4096 85PRODUCT_OPTION_FOR_SELECTION += -Wsuggest-attribute=format 86PRODUCT_OPTION_FOR_SELECTION += -Wmissing-format-attribute 87PRODUCT_OPTION_FOR_SELECTION += # -fno-inline-small-functions -fno-indirect-inlining -fno-inline-functions-called-once -fno-early-inlining -fno-inline 88PRODUCT_OPTION_FOR_SELECTION += # -ftrapv 89 90ifeq ($(CHECK_OPTION),check) 91PRODUCT_OPTION := $(shell touch tmp.c; echo "int main(void){return 0;}" > tmp.c; \ 92 for loop in $(PRODUCT_OPTION_FOR_SELECTION); \ 93 do err=$$({ `$(CC) $$loop -I../include -c tmp.c >/dev/null`; } 2>&1);\ 94 echo $${err} | grep ^clang:.w.*ted\]$$ > /dev/null 2>&1;\ 95 if [ $$? = 0 ] || [ "X$${err}" = "X" ];then echo "$$loop";fi;\ 96 done;\ 97 if [ -f tmp.o ];then rm tmp.o;fi;\ 98 if [ -f tmp.c ];then rm tmp.c;fi;) 99else 100PRODUCT_OPTION := $(PRODUCT_OPTION_FOR_SELECTION) 101endif 102 103CFLAG = -Wall -DNDEBUG -O2 $(SECURE_CFLAG_FOR_SHARED_LIBRARY) $(SECURE_CFLAG_FOR_EXE) $(SECURE_CFLAG_FOR_SHARED_LIBRARY_OPTIONAL) $(SECUREC_CODE_STANDARD_OPTION) $(PRODUCT_OPTION) 104#CFLAG += -DSECUREC_VXWORKS_PLATFORM 105#CFLAG += -DSECUREC_SUPPORT_STRTOLD 106#CFLAG += -DSECUREC_VXWORKS_VERSION_5_4 107#CFLAG += -D__STDC_WANT_LIB_EXT1__=0 108CFLAG += $(CFLAG_EXT) 109 110ARCH:=$(shell getconf LONG_BIT) 111 112ifeq ($(MAKECMDGOALS),lib) 113#Set static library related options 114CFLAG :=$(filter-out "xxxxx",$(CFLAG)) 115endif 116 117#SOURCES=$(wildcard *.c) 118SOURCES = fscanf_s.c gets_s.c memcpy_s.c memmove_s.c memset_s.c scanf_s.c securecutil.c secureinput_a.c secureprintoutput_a.c snprintf_s.c sprintf_s.c sscanf_s.c strcat_s.c strcpy_s.c strncat_s.c strncpy_s.c strtok_s.c vfscanf_s.c vscanf_s.c vsnprintf_s.c vsprintf_s.c vsscanf_s.c 119 120SOURCES += fwscanf_s.c secureinput_w.c secureprintoutput_w.c swprintf_s.c swscanf_s.c vfwscanf_s.c vswprintf_s.c vswscanf_s.c vwscanf_s.c wcscat_s.c wcscpy_s.c wcsncat_s.c wcsncpy_s.c wcstok_s.c wmemcpy_s.c wmemmove_s.c wscanf_s.c 121 122OBJECTS=$(patsubst %.c,%.o,$(SOURCES)) 123 124.PHONY:clean lib kernel 125 126ENABLE_SCANF_FILE=$(findstring SECUREC_ENABLE_SCANF_FILE=0,$(CFLAG)) 127ifeq ($(ENABLE_SCANF_FILE),SECUREC_ENABLE_SCANF_FILE=0) 128OBJECTS:=$(filter-out fscanf_s.o vfscanf_s.o vscanf_s.o scanf_s.o vwscanf_s.o wscanf_s.o fwscanf_s.o vfwscanf_s.o,$(OBJECTS)) 129endif 130 131 132ifneq ($(CFLAGS),) 133CFLAG :=$(CFLAGS) 134endif 135CFLAG += -I../include 136LD_FLAG ?= $(SECURE_LDFLAG_FOR_SHARED_LIBRARY) $(SECURE_CFLAG_FOR_SHARED_LIBRARY) 137AR ?=ar 138RANLIB ?=ranlib 139 140$(PROJECT): note_msg $(OBJECTS) 141 @mkdir -p ../obj 142 mkdir -p ../lib 143 $(CC) -shared -o ../lib/$@ $(patsubst %.o,../obj/%.o,$(OBJECTS)) $(LD_FLAG) 144 @echo "finish $(PROJECT)" 145 #you may add you custom commands here 146 147lib: note_msg $(OBJECTS) 148 $(AR) crv libsecurec.a $(patsubst %.o,../obj/%.o,$(OBJECTS)) 149 $(RANLIB) libsecurec.a 150 -mkdir -p ../lib 151 -cp libsecurec.a ../lib 152 @echo "finish libsecurec.a" 153 #you may add you custom commands here 154.c.o: 155 @mkdir -p ../obj 156 $(CC) -c $< $(CFLAG) -o ../obj/$(patsubst %.c,%.o,$<) 157 158EXTRA_CFLAGS += -I$(INCDIR) -fstack-protector $(CFLAG_EXT) 159 160# provide the default value to module name and ccflags-y 161ifeq ($(MODULE),) 162 MODULE := ksecurec 163endif 164ifeq ($(DEBUG),y) 165 ccflags-y += -DDEBUG 166endif 167 168ifneq ($(KERNELRELEASE),) 169 obj-m := ksecurec.o 170ifeq ($(SECUREC_KERNEL_ALL),) 171 #ksecurec-objs := memcpy_s.o memmove_s.o memset_s.o securecutil.o strcat_s.o strcpy_s.o strncat_s.o strncpy_s.o 172 ksecurec-objs := memcpy_s.o memmove_s.o memset_s.o securecutil.o strcat_s.o strcpy_s.o strncat_s.o strncpy_s.o sprintf_s.o vsprintf_s.o snprintf_s.o vsnprintf_s.o secureprintoutput_a.o sscanf_s.o vsscanf_s.o secureinput_a.o strtok_s.o 173else 174 ksecurec-objs := memcpy_s.o memmove_s.o memset_s.o securecutil.o strcat_s.o strcpy_s.o strncat_s.o strncpy_s.o sprintf_s.o vsprintf_s.o snprintf_s.o vsnprintf_s.o secureprintoutput_a.o sscanf_s.o vsscanf_s.o secureinput_a.o strtok_s.o 175endif 176else 177 KERNELDIR := /lib/modules/$(shell uname -r)/build 178 PWD := $(shell pwd) 179kernel: note_msg 180 $(MAKE) -C $(KERNELDIR) M=$(PWD) INCDIR=$(PWD)/../include modules 181endif 182 183NOTE_MSG:='\n' 184NOTE_MSG+='---------------------------------------------------------\n' 185NOTE_MSG+='+ This Makefile is a sample file, do not use in product +\n' 186NOTE_MSG+='---------------------------------------------------------\n' 187 188note_msg: 189 -@echo -e $(NOTE_MSG) 190 191clean: 192 @echo "cleaning ...." 193 -rm modules.order Module.symvers $(MODULE).ko $(MODULE).mod.c $(MODULE).mod.o $(MODULE).o *.o 194 -rm -rf ../obj ../lib 195 @echo "clean up" 196 197