1# Copyright (c) 2012 The Chromium OS Authors. All rights reserved. 2# Use of this source code is governed by a BSD-style license that can be 3# found in the LICENSE file. 4 5BASE_VER=0 6include common.mk 7 8LIBDIR ?= /lib 9PRELOADNAME = libminijailpreload.so 10PRELOADPATH = "$(LIBDIR)/$(PRELOADNAME)" 11CPPFLAGS += -DPRELOADPATH='$(PRELOADPATH)' 12 13# Defines the pivot root path used by the minimalistic-mountns profile. 14DEFAULT_PIVOT_ROOT ?= /var/empty 15CPPFLAGS += -DDEFAULT_PIVOT_ROOT='"$(DEFAULT_PIVOT_ROOT)"' 16 17ifeq ($(USE_seccomp),no) 18CPPFLAGS += -DUSE_SECCOMP_SOFTFAIL 19endif 20 21# Allow people to use -L and related flags. 22ALLOW_DEBUG_LOGGING ?= yes 23ifeq ($(ALLOW_DEBUG_LOGGING),yes) 24CPPFLAGS += -DALLOW_DEBUG_LOGGING 25endif 26 27ifeq ($(USE_ASAN),yes) 28CPPFLAGS += -fsanitize=address 29LDFLAGS += -fsanitize=address 30USE_EXIT_ON_DIE = yes 31endif 32 33# Setting this flag can be useful for both AddressSanitizer builds and running 34# fuzzing tools, which do not expect crashes on gracefully-handled malformed 35# inputs. 36ifeq ($(USE_EXIT_ON_DIE),yes) 37CPPFLAGS += -DUSE_EXIT_ON_DIE 38endif 39 40MJ_COMMON_FLAGS = -Wunused-parameter -Wextra -Wno-missing-field-initializers 41CFLAGS += $(MJ_COMMON_FLAGS) 42CXXFLAGS += $(MJ_COMMON_FLAGS) 43 44USE_SYSTEM_GTEST ?= no 45ifeq ($(USE_SYSTEM_GTEST),no) 46GTEST_CXXFLAGS := -std=gnu++14 47GTEST_LIBS := gtest.a 48else 49GTEST_CXXFLAGS := $(shell gtest-config --cxxflags) 50GTEST_LIBS := $(shell gtest-config --libs) 51endif 52 53CORE_OBJECT_FILES := libminijail.o syscall_filter.o signal_handler.o \ 54 bpf.o util.o system.o syscall_wrapper.o \ 55 libconstants.gen.o libsyscalls.gen.o 56 57all: CC_BINARY(minijail0) CC_LIBRARY(libminijail.so) \ 58 CC_LIBRARY(libminijailpreload.so) 59 60parse_seccomp_policy: CXX_BINARY(parse_seccomp_policy) 61dump_constants: CXX_BINARY(dump_constants) 62 63tests: TEST(CXX_BINARY(libminijail_unittest)) \ 64 TEST(CXX_BINARY(minijail0_cli_unittest)) \ 65 TEST(CXX_BINARY(syscall_filter_unittest)) \ 66 TEST(CXX_BINARY(system_unittest)) \ 67 TEST(CXX_BINARY(util_unittest)) \ 68 69 70CC_BINARY(minijail0): LDLIBS += -lcap -ldl 71CC_BINARY(minijail0): $(CORE_OBJECT_FILES) \ 72 elfparse.o minijail0.o minijail0_cli.o 73clean: CLEAN(minijail0) 74 75 76CC_LIBRARY(libminijail.so): LDLIBS += -lcap 77CC_LIBRARY(libminijail.so): $(CORE_OBJECT_FILES) 78clean: CLEAN(libminijail.so) 79 80 81CXX_BINARY(libminijail_unittest): CXXFLAGS += -Wno-write-strings \ 82 $(GTEST_CXXFLAGS) 83CXX_BINARY(libminijail_unittest): LDLIBS += -lcap $(GTEST_LIBS) 84ifeq ($(USE_SYSTEM_GTEST),no) 85CXX_BINARY(libminijail_unittest): $(GTEST_LIBS) 86endif 87CXX_BINARY(libminijail_unittest): libminijail_unittest.o $(CORE_OBJECT_FILES) \ 88 testrunner.o 89clean: CLEAN(libminijail_unittest) 90 91TEST(CXX_BINARY(libminijail_unittest)): CC_LIBRARY(libminijailpreload.so) 92 93 94CC_LIBRARY(libminijailpreload.so): LDLIBS += -lcap -ldl 95CC_LIBRARY(libminijailpreload.so): libminijailpreload.o $(CORE_OBJECT_FILES) 96clean: CLEAN(libminijailpreload.so) 97 98 99CXX_BINARY(minijail0_cli_unittest): CXXFLAGS += $(GTEST_CXXFLAGS) 100CXX_BINARY(minijail0_cli_unittest): LDLIBS += -lcap $(GTEST_LIBS) 101ifeq ($(USE_SYSTEM_GTEST),no) 102CXX_BINARY(minijail0_cli_unittest): $(GTEST_LIBS) 103endif 104CXX_BINARY(minijail0_cli_unittest): minijail0_cli_unittest.o \ 105 $(CORE_OBJECT_FILES) minijail0_cli.o elfparse.o testrunner.o 106clean: CLEAN(minijail0_cli_unittest) 107 108 109CXX_BINARY(syscall_filter_unittest): CXXFLAGS += -Wno-write-strings \ 110 $(GTEST_CXXFLAGS) 111CXX_BINARY(syscall_filter_unittest): LDLIBS += -lcap $(GTEST_LIBS) 112ifeq ($(USE_SYSTEM_GTEST),no) 113CXX_BINARY(syscall_filter_unittest): $(GTEST_LIBS) 114endif 115CXX_BINARY(syscall_filter_unittest): syscall_filter_unittest.o \ 116 $(CORE_OBJECT_FILES) testrunner.o 117clean: CLEAN(syscall_filter_unittest) 118 119 120CXX_BINARY(system_unittest): CXXFLAGS += $(GTEST_CXXFLAGS) 121CXX_BINARY(system_unittest): LDLIBS += -lcap $(GTEST_LIBS) 122ifeq ($(USE_SYSTEM_GTEST),no) 123CXX_BINARY(system_unittest): $(GTEST_LIBS) 124endif 125CXX_BINARY(system_unittest): system_unittest.o \ 126 $(CORE_OBJECT_FILES) testrunner.o 127clean: CLEAN(system_unittest) 128 129 130CXX_BINARY(util_unittest): CXXFLAGS += $(GTEST_CXXFLAGS) 131CXX_BINARY(util_unittest): LDLIBS += -lcap $(GTEST_LIBS) 132ifeq ($(USE_SYSTEM_GTEST),no) 133CXX_BINARY(util_unittest): $(GTEST_LIBS) 134endif 135CXX_BINARY(util_unittest): util_unittest.o \ 136 $(CORE_OBJECT_FILES) testrunner.o 137clean: CLEAN(util_unittest) 138 139 140CXX_BINARY(parse_seccomp_policy): parse_seccomp_policy.o syscall_filter.o \ 141 bpf.o util.o libconstants.gen.o libsyscalls.gen.o 142clean: CLEAN(parse_seccomp_policy) 143 144 145CXX_BINARY(dump_constants): dump_constants.o \ 146 libconstants.gen.o libsyscalls.gen.o 147clean: CLEAN(dump_constants) 148 149 150constants.json: CXX_BINARY(dump_constants) 151 ./dump_constants > $@ 152clean: CLEANFILE(constants.json) 153 154 155libsyscalls.gen.o: CPPFLAGS += -I$(SRC) 156 157libsyscalls.gen.o.depends: libsyscalls.gen.c 158 159# Only regenerate libsyscalls.gen.c if the Makefile or header changes. 160# NOTE! This will not detect if the file is not appropriate for the target. 161libsyscalls.gen.c: $(SRC)/Makefile $(SRC)/libsyscalls.h 162 @printf "Generating target-arch specific $@...\n" 163 $(QUIET)CC="$(CC)" $(SRC)/gen_syscalls.sh "$@" 164 @printf "$@ done.\n" 165clean: CLEAN(libsyscalls.gen.c) 166 167$(eval $(call add_object_rules,libsyscalls.gen.o,CC,c,CFLAGS)) 168 169libconstants.gen.o: CPPFLAGS += -I$(SRC) 170 171libconstants.gen.o.depends: libconstants.gen.c 172 173# Only regenerate libconstants.gen.c if the Makefile or header changes. 174# NOTE! This will not detect if the file is not appropriate for the target. 175libconstants.gen.c: $(SRC)/Makefile $(SRC)/libconstants.h 176 @printf "Generating target-arch specific $@...\n" 177 $(QUIET)CC="$(CC)" $(SRC)/gen_constants.sh "$@" 178 @printf "$@ done.\n" 179clean: CLEAN(libconstants.gen.c) 180 181$(eval $(call add_object_rules,libconstants.gen.o,CC,c,CFLAGS)) 182 183 184################################################################################ 185# Google Test 186 187ifeq ($(USE_SYSTEM_GTEST),no) 188# Points to the root of Google Test, relative to where this file is. 189# Remember to tweak this if you move this file. 190GTEST_DIR = googletest-release-1.8.0/googletest 191 192# Flags passed to the preprocessor. 193# Set Google Test's header directory as a system directory, such that 194# the compiler doesn't generate warnings in Google Test headers. 195CPPFLAGS += -isystem $(GTEST_DIR)/include 196 197# Flags passed to the C++ compiler. 198GTEST_CXXFLAGS += -pthread 199 200# All Google Test headers. Usually you shouldn't change this 201# definition. 202GTEST_HEADERS = $(GTEST_DIR)/include/gtest/*.h \ 203 $(GTEST_DIR)/include/gtest/internal/*.h 204 205# House-keeping build targets. 206clean: clean_gtest 207 208clean_gtest: 209 rm -f gtest.a gtest_main.a *.o 210 211# Builds gtest.a and gtest_main.a. 212 213# Usually you shouldn't tweak such internal variables, indicated by a 214# trailing _. 215GTEST_SRCS_ = $(GTEST_DIR)/src/*.cc $(GTEST_DIR)/src/*.h $(GTEST_HEADERS) 216 217# For simplicity and to avoid depending on Google Test's 218# implementation details, the dependencies specified below are 219# conservative and not optimized. This is fine as Google Test 220# compiles fast and for ordinary users its source rarely changes. 221gtest-all.o : $(GTEST_SRCS_) 222 $(CXX) $(CPPFLAGS) -I$(GTEST_DIR) $(CXXFLAGS) $(GTEST_CXXFLAGS) -c \ 223 $(GTEST_DIR)/src/gtest-all.cc -o $@ 224 225gtest_main.o : $(GTEST_SRCS_) 226 $(CXX) $(CPPFLAGS) -I$(GTEST_DIR) $(CXXFLAGS) $(GTEST_CXXFLAGS) -c \ 227 $(GTEST_DIR)/src/gtest_main.cc -o $@ 228 229gtest.a : gtest-all.o 230 $(AR) $(ARFLAGS) $@ $^ 231 232gtest_main.a : gtest-all.o gtest_main.o 233 $(AR) $(ARFLAGS) $@ $^ 234 235endif 236################################################################################ 237