File: Makefile

package info (click to toggle)
hardening-wrapper 1.12
  • links: PTS, VCS
  • area: main
  • in suites: lenny
  • size: 88 kB
  • ctags: 24
  • sloc: perl: 179; makefile: 124; sh: 46; ansic: 17
file content (91 lines) | stat: -rwxr-xr-x 2,096 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
 
#!/usr/bin/make -f

BUILD_TREE=../build-tree

WRAPPED_CC=$(BUILD_TREE)/hardened-cc
WRAPPED_CXX=$(BUILD_TREE)/hardened-c++
WRAPPED_LD=$(BUILD_TREE)/hardened-ld

# It seems that GCC_EXEC_PREFIX does not behave the same across all
# architectures, so we need to pass the -B flag instead.
CC=$(WRAPPED_CC) -B $(BUILD_TREE)/

WRAPPERS=$(WRAPPED_CC) $(WRAPPED_LD) $(WRAPPED_CXX)


SYMLINKED_LD=$(BUILD_TREE)/ld

HELLO=hello.c

TEST_REQS=$(HELLO) $(WRAPPERS) $(SYMLINKED_LD)

export HARDENING_USE_USR_BIN=1
export DEB_BUILD_HARDENING=1
export DEB_BUILD_HARDENING_DEBUG=1

TESTS=\
	syntax.stamp \
	$(BUILD_TREE)/test-stock \
	$(BUILD_TREE)/test-compiled \
	$(SYMLINKED_LD) \
	$(BUILD_TREE)/test-linked \
	$(BUILD_TREE)/test-fPIC-direct \
	$(BUILD_TREE)/test-fPIC

check: $(TESTS)

clean:
	rm -f $(TESTS)

syntax.stamp: $(WRAPPERS)
	# Test basic perl syntax
	for script in $(WRAPPERS); do perl -c $$script; done
	touch $@

##########
# Compilation and linking results tests

$(BUILD_TREE)/test-stock: $(HELLO) $(WRAPPERS)
	# Compiler and linker options disabled.
	DEB_BUILD_HARDENING=0 $(CC) -o $@ $<
	readelf -l $@
	$@

$(BUILD_TREE)/test-compiled: $(HELLO) $(WRAPPERS)
	# Compiler options enabled. (linker is system-default)
	$(CC) -o $@ $<
	readelf -l $@
	# Run twice to show off PIE, if available in kernel
	$@
	$@

$(SYMLINKED_LD): $(WRAPPED_LD)
	# Enable symlink for ld to trick gcc into doing wrapped linking
	(cd $(BUILD_TREE) && ln -s hardened-ld ld)

$(BUILD_TREE)/test-linked: $(TEST_REQS)
	# Compiler and linker options enabled.
	$(CC) -o $@ $<
	readelf -l $@
	# Run twice to show off PIE, if available in kernel
	$@
	$@


##########
# Compiler arg calling style tests

# cmake likes to pass -fPIC to everything, which broke pre-1.10 wrappers
$(BUILD_TREE)/test-fPIC-direct: $(TEST_REQS)
	# Build directly with -fPIC already defined
	$(CC) -fPIC -o $@ $<
	$@

$(BUILD_TREE)/test-fPIC.o: $(TEST_REQS)
	# Build .o with -fPIC already defined
	$(CC) -fPIC -o $@ -c $<

$(BUILD_TREE)/test-fPIC: $(BUILD_TREE)/test-fPIC.o $(TEST_REQS)
	# Link .o with -fPIC already defined
	$(CC) -fPIC -o $@ $<
	$@