1# 2# NOTE the built tests are all designed to be run from this 3# working directory when built DYNAMIC=yes. That is, they 4# link to the shared libraries in ../libcap/ . 5# 6topdir=$(shell pwd)/.. 7include ../Make.Rules 8# 9 10all: 11 make libcap_launch_test 12ifeq ($(PTHREADS),yes) 13 make psx_test libcap_psx_test libcap_psx_launch_test 14endif 15 16install: all 17 18ifeq ($(DYNAMIC),yes) 19LINKEXTRA=-Wl,-rpath,../libcap 20DEPS=../libcap/libcap.so 21ifeq ($(PTHREADS),yes) 22DEPS += ../libcap/libpsx.so 23endif 24else 25LDFLAGS += --static 26DEPS=../libcap/libcap.a 27ifeq ($(PTHREADS),yes) 28DEPS += ../libcap/libpsx.a 29endif 30endif 31 32../libcap/libcap.so: 33 make -C ../libcap libcap.so 34 35../libcap/libcap.a: 36 make -C ../libcap libcap.a 37 38ifeq ($(PTHREADS),yes) 39../libcap/libpsx.so: 40 make -C ../libcap libpsx.so 41 42../libcap/libpsx.a: 43 make -C ../libcap libpsx.a 44endif 45 46../progs/tcapsh-static: 47 make -C ../progs tcapsh-static 48 49test: 50ifeq ($(PTHREADS),yes) 51 make run_psx_test run_libcap_psx_test 52endif 53 54sudotest: test 55 make run_libcap_launch_test 56ifeq ($(PTHREADS),yes) 57 make run_libcap_psx_launch_test run_exploit_test 58endif 59 60# unprivileged 61run_psx_test: psx_test 62 ./psx_test 63 64psx_test: psx_test.c $(DEPS) 65 $(CC) $(CFLAGS) $(IPATH) $< -o $@ $(LINKEXTRA) $(LIBPSXLIB) $(LDFLAGS) 66 67run_libcap_psx_test: libcap_psx_test 68 ./libcap_psx_test 69 70libcap_psx_test: libcap_psx_test.c $(DEPS) 71 $(CC) $(CFLAGS) $(IPATH) $< -o $@ $(LINKEXTRA) $(LIBCAPLIB) $(LIBPSXLIB) $(LDFLAGS) 72 73# privileged 74run_libcap_launch_test: libcap_launch_test noop ../progs/tcapsh-static 75 sudo ./libcap_launch_test 76 77run_libcap_psx_launch_test: libcap_psx_launch_test ../progs/tcapsh-static 78 sudo ./libcap_psx_launch_test 79 80libcap_launch_test: libcap_launch_test.c $(DEPS) 81 $(CC) $(CFLAGS) $(IPATH) $< -o $@ $(LINKEXTRA) $(LIBCAPLIB) $(LDFLAGS) 82 83# This varies only slightly from the above insofar as it currently 84# only links in the pthreads fork support. TODO() we need to change 85# the source to do something interesting with pthreads. 86libcap_psx_launch_test: libcap_launch_test.c $(DEPS) 87 $(CC) $(CFLAGS) $(IPATH) -DWITH_PTHREADS $< -o $@ $(LINKEXTRA) $(LIBCAPLIB) $(LIBPSXLIB) $(LDFLAGS) 88 89 90# This test demonstrates that libpsx is needed to secure multithreaded 91# programs that link against libcap. 92run_exploit_test: exploit noexploit 93 @echo exploit should succeed 94 sudo ./exploit ; if [ $$? -ne 0 ]; then exit 0; else exit 1 ; fi 95 @echo exploit should fail 96 sudo ./noexploit ; if [ $$? -eq 0 ]; then exit 0; else exit 1 ; fi 97 98exploit.o: exploit.c 99 $(CC) $(CFLAGS) $(IPATH) -c $< 100 101exploit: exploit.o $(DEPS) 102 $(CC) $(CFLAGS) $(IPATH) $< -o $@ $(LINKEXTRA) $(LIBCAPLIB) -lpthread $(LDFLAGS) 103 104# Note, for some reason, the order of libraries is important to avoid 105# the exploit working for dynamic linking. 106noexploit: exploit.o $(DEPS) 107 $(CC) $(CFLAGS) $(IPATH) $< -o $@ $(LINKEXTRA) $(LIBPSXLIB) $(LIBCAPLIB) $(LDFLAGS) 108 109# This one runs in a chroot with no shared library files. 110noop: noop.c 111 $(CC) $(CFLAGS) $< -o $@ --static 112 113clean: 114 rm -f psx_test libcap_psx_test libcap_launch_test *~ 115 rm -f libcap_launch_test libcap_psx_launch_test core noop 116 rm -f exploit noexploit exploit.o 117