File: Make.defaults

package info (click to toggle)
shim 15.8-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 15,124 kB
  • sloc: ansic: 168,639; asm: 1,714; sh: 1,294; makefile: 1,151; python: 284
file content (204 lines) | stat: -rw-r--r-- 6,254 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
 

# load the local configuration if it exists
-include Make.local
-include $(TOPDIR)/Make.local

COMPILER	?= gcc
CC		= $(CROSS_COMPILE)$(COMPILER)
HOSTCC		= $(COMPILER)
LD		= $(CROSS_COMPILE)ld
OBJCOPY		= $(CROSS_COMPILE)objcopy
DOS2UNIX	?= dos2unix
D2UFLAGS	?= -r -l -F -f -n
OPENSSL		?= openssl
HEXDUMP		?= hexdump
INSTALL		?= install
PK12UTIL	?= pk12util
CERTUTIL	?= certutil
PESIGN		?= pesign
SBSIGN		?= sbsign
prefix		?= /usr
prefix		:= $(abspath $(prefix))
datadir		?= $(prefix)/share/
PKGNAME		?= shim
ESPROOTDIR	?= boot/efi/
EFIBOOTDIR	?= $(ESPROOTDIR)EFI/BOOT/
TARGETDIR	?= $(ESPROOTDIR)EFI/$(EFIDIR)/
DATATARGETDIR	?= $(datadir)/$(PKGNAME)/$(VERSION)$(DASHRELEASE)/$(ARCH_SUFFIX)/
DEBUGINFO	?= $(prefix)/lib/debug/
DEBUGSOURCE	?= $(prefix)/src/debug/
OSLABEL		?= $(EFIDIR)
DEFAULT_LOADER	?= \\\\grub$(ARCH_SUFFIX).efi
DASHJ		?= -j$(shell echo $$(($$(grep -c "^model name" /proc/cpuinfo) + 1)))

ARCH		?= $(shell $(CC) -dumpmachine | cut -f1 -d- | sed s,i[3456789]86,ia32,)
OBJCOPY_GTE224	= $(shell expr `$(OBJCOPY) --version |grep ^"GNU objcopy" | sed 's/^.*\((.*)\|version\) //g' | cut -f1-2 -d.` \>= 2.24)
OPTIMIZATIONS	?= -Os
FA_OPTIMIZATIONS ?= -O2
ifneq ($(FANALYZER),)
override OPTIMIZATIONS := $(FA_OPTIMIZATIONS)
override CCACHE_DISABLE := true
endif
export OPTIMIZATIONS
ifneq ($(CCACHE_DISABLE),)
export CCACHE_DISABLE
endif

SUBDIRS		= $(TOPDIR)/Cryptlib $(TOPDIR)/lib

EFI_INCLUDE	?= $(TOPDIR)/gnu-efi/inc
EFI_INCLUDES	= -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol
override EFI_INCLUDES := $(EFI_INCLUDES)
EFI_CRT_OBJS 	= $(LOCAL_EFI_PATH)/crt0-efi-$(ARCH_GNUEFI).o
EFI_LDS		= $(TOPDIR)/elf_$(ARCH)_efi.lds

CLANG_WARNINGS = -Wno-pointer-bool-conversion \
		 -Wno-unknown-attributes

CLANG_BUGS	= $(if $(findstring gcc,$(CC)),-maccumulate-outgoing-args,) \
		  $(if $(findstring clang,$(CC)),$(CLANG_WARNINGS))

COMMIT_ID ?= $(shell if [ -e .git ] ; then git log -1 --pretty=format:%H ; elif [ -f commit ]; then cat commit ; else echo master; fi)

ifeq ($(ARCH),x86_64)
	ARCH_CFLAGS		?= -mno-mmx -mno-sse -mno-red-zone -nostdinc \
				   $(CLANG_BUGS) -m64 \
				   -DMDE_CPU_X64 -DPAGE_SIZE=4096
	ARCH_GNUEFI		?= x86_64
	ARCH_SUFFIX		?= x64
	ARCH_SUFFIX_UPPER	?= X64
	ARCH_LDFLAGS		?=
endif
ifeq ($(ARCH),ia32)
	ARCH_CFLAGS		?= -mno-mmx -mno-sse -mno-red-zone -nostdinc \
				   $(CLANG_BUGS) -m32 -malign-double \
				   -DMDE_CPU_IA32 -DPAGE_SIZE=4096
	ARCH_GNUEFI		?= ia32
	ARCH_SUFFIX		?= ia32
	ARCH_SUFFIX_UPPER	?= IA32
	ARCH_LDFLAGS		?=
	ARCH_CFLAGS		?= -m32
endif
ifeq ($(ARCH),aarch64)
	ARCH_CFLAGS		?= -DMDE_CPU_AARCH64 -DPAGE_SIZE=4096 -mstrict-align
	ARCH_GNUEFI		?= aarch64
	ARCH_SUFFIX		?= aa64
	ARCH_SUFFIX_UPPER	?= AA64
	ARCH_LDFLAGS		?=
	ARCH_CFLAGS		?=
endif
ifeq ($(ARCH),arm)
	ARCH_CFLAGS		?= -DMDE_CPU_ARM -DPAGE_SIZE=4096 -mno-unaligned-access
	ARCH_GNUEFI		?= arm
	ARCH_SUFFIX		?= arm
	ARCH_SUFFIX_UPPER	?= ARM
	FORMAT			:= -O binary
	SUBSYSTEM		:= 0xa
	ARCH_LDFLAGS		+= --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM)
endif

DEFINES		= -DDEFAULT_LOADER='L"$(DEFAULT_LOADER)"' \
		  -DDEFAULT_LOADER_CHAR='"$(DEFAULT_LOADER)"'

INCLUDES	= -nostdinc \
		  -I$(TOPDIR)/Cryptlib -I$(TOPDIR)/Cryptlib/Include \
		  -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH_GNUEFI) -I$(EFI_INCLUDE)/protocol \
		  -I$(TOPDIR)/include -iquote $(TOPDIR) -iquote $(shell pwd) \
		  -isystem $(TOPDIR)/include/system \
		  -isystem $(shell $(CC) $(ARCH_CFLAGS) -print-file-name=include)

override DEFAULT_FEATUREFLAGS = \
		-std=gnu11 \
		-ggdb \
		-ffreestanding \
		$(shell $(CC) -fmacro-prefix-map=./=./ -E -x c /dev/null >/dev/null 2>&1 && echo -fmacro-prefix-map='$(TOPDIR)/=$(DEBUGSRC)') \
		-fno-stack-protector \
		-fno-strict-aliasing \
		-fpic \
		-fshort-wchar
$(call update-variable,FEATUREFLAGS)
$(call conditional-add-flag,$(FANALYZER),analyzer,FEATUREFLAGS,-fanalyzer)
$(call conditional-add-flag,$(COLOR),diagnostics-color,FEATUREFLAGS,-fdiagnostics-color=always)

override DEFAULT_WARNFLAGS = \
		-Wall \
		-Wextra \
		-Wno-missing-field-initializers
$(call update-variable,WARNFLAGS)

override DEFAULT_WERRFLAGS = \
		-Werror
$(call update-variable,WERRFLAGS)

CFLAGS		= $(FEATUREFLAGS) \
		  $(OPTIMIZATIONS) \
		  $(WARNFLAGS) \
		  $(if $(findstring clang,$(CC)),$(CLANG_WARNINGS)) \
		  $(ARCH_CFLAGS) \
		  $(WERRFLAGS) \
		  $(INCLUDES) \
		  $(DEFINES)

POST_PROCESS_PE_FLAGS =

ifneq ($(origin OVERRIDE_SECURITY_POLICY), undefined)
	DEFINES	+= -DOVERRIDE_SECURITY_POLICY
endif

ifneq ($(origin REQUIRE_TPM), undefined)
	DEFINES  += -DREQUIRE_TPM
endif

ifneq ($(origin DISABLE_EBS_PROTECTION), undefined)
	DEFINES  += -DDISABLE_EBS_PROTECTION
endif

ifneq ($(origin DISABLE_REMOVABLE_LOAD_OPTIONS), undefined)
	DEFINES  += -DDISABLE_REMOVABLE_LOAD_OPTIONS
endif

LIB_GCC		= $(shell $(CC) $(ARCH_CFLAGS) -print-libgcc-file-name)
EFI_LIBS	= -lefi -lgnuefi --start-group Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a --end-group $(LIB_GCC)
FORMAT		?= --target efi-app-$(ARCH)
LOCAL_EFI_PATH	= gnu-efi/$(ARCH_GNUEFI)/gnuefi
LIBDIR		= gnu-efi/$(ARCH_GNUEFI)/lib

MMSTEM		?= mm$(ARCH_SUFFIX)
MMNAME		= $(MMSTEM).efi
MMSONAME	= $(MMSTEM).so
FBSTEM		?= fb$(ARCH_SUFFIX)
FBNAME		= $(FBSTEM).efi
FBSONAME	= $(FBSTEM).so
SHIMSTEM	?= shim$(ARCH_SUFFIX)
SHIMNAME	= $(SHIMSTEM).efi
SHIMSONAME	= $(SHIMSTEM).so
SHIMHASHNAME	= $(SHIMSTEM).hash
BOOTEFINAME	?= BOOT$(ARCH_SUFFIX_UPPER).EFI
BOOTCSVNAME	?= BOOT$(ARCH_SUFFIX_UPPER).CSV

DEFINES		+= -DEFI_ARCH='L"$(ARCH_SUFFIX)"' \
		   -DDEBUGDIR='L"/usr/lib/debug/usr/share/shim/$(ARCH_SUFFIX)-$(VERSION)$(DASHRELEASE)/"'

ifneq ($(origin VENDOR_DB_FILE), undefined)
DEFINES		+= -DVENDOR_DB_FILE=\"$(VENDOR_DB_FILE)\"
endif
ifneq ($(origin VENDOR_CERT_FILE), undefined)
DEFINES		+= -DVENDOR_CERT_FILE=\"$(VENDOR_CERT_FILE)\"
endif
ifneq ($(origin VENDOR_DBX_FILE), undefined)
DEFINES		+= -DVENDOR_DBX_FILE=\"$(VENDOR_DBX_FILE)\"
endif
ifneq ($(origin SBAT_AUTOMATIC_DATE), undefined)
DEFINES		+= -DSBAT_AUTOMATIC_DATE=$(SBAT_AUTOMATIC_DATE)
endif

LDFLAGS		= --hash-style=sysv -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(LOCAL_EFI_PATH) -L$(LIBDIR) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS) --build-id=sha1 $(ARCH_LDFLAGS) --no-undefined

ifneq ($(DEBUG),)
export DEBUG
endif
ifneq ($(VERBOSE),)
export VERBOSE
endif

# vim:filetype=make