Files
third_party_fsverity-utils/Makefile
T
Eric Biggers 5cd90ca608 Introduce libfsverity
From the 'fsverity' program, split out a library 'libfsverity'.
Currently it supports computing file measurements ("digests"), and
signing those file measurements for use with the fs-verity builtin
signature verification feature.

Rewritten from patches by Jes Sorensen <jsorensen@fb.com>.
I made a lot of improvements, e.g.:

- Separated library and program source into different directories.
- Drastically improved the Makefile.
- Added 'make check' target and rules to build test programs.
- In the shared lib, only export the functions intended to be public.
- Prefixed global functions with "libfsverity_" so that they don't cause
  conflicts when the library is built as a static library.
- Made library error messages be sent to a user-specified callback
  rather than always be printed to stderr.
- Keep showing OpenSSL error messages.
- Stopped abort()ing in library code, when possible.
- Made libfsverity_digest use native endianness.
- Moved file_size into the merkle_tree_params.
- Made libfsverity_get_hash_name() just return the static strings.
- Made some variables in the API uint32_t instead of uint16_t.
- Shared parse_hash_alg_option() between cmd_enable and cmd_sign.
- Lots of other fixes.

(Folded in a couple Makefile fixes from Jes.)

Reviewed-by: Jes Sorensen <jsorensen@fb.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
2020-05-25 13:45:31 -07:00

184 lines
5.7 KiB
Makefile

# SPDX-License-Identifier: GPL-2.0-or-later
#
# Use 'make help' to list available targets.
#
# Define V=1 to enable "verbose" mode, showing all executed commands.
#
# Define USE_SHARED_LIB=1 to link the fsverity binary to the shared library
# libfsverity.so rather than to the static library libfsverity.a.
#
# Define PREFIX to override the installation prefix, like './configure --prefix'
# in autotools-based projects (default: /usr/local)
#
# Define BINDIR to override where to install binaries, like './configure
# --bindir' in autotools-based projects (default: PREFIX/bin)
#
# Define INCDIR to override where to install headers, like './configure
# --includedir' in autotools-based projects (default: PREFIX/include)
#
# Define LIBDIR to override where to install libraries, like './configure
# --libdir' in autotools-based projects (default: PREFIX/lib)
#
# Define DESTDIR to override the installation destination directory
# (default: empty string)
#
# You can also specify custom CC, CFLAGS, CPPFLAGS, and/or LDFLAGS.
#
##############################################################################
cc-option = $(shell if $(CC) $(1) -c -x c /dev/null -o /dev/null &>/dev/null; \
then echo $(1); fi)
CFLAGS ?= -O2 -Wall -Wundef \
$(call cc-option,-Wdeclaration-after-statement) \
$(call cc-option,-Wimplicit-fallthrough) \
$(call cc-option,-Wmissing-field-initializers) \
$(call cc-option,-Wmissing-prototypes) \
$(call cc-option,-Wstrict-prototypes) \
$(call cc-option,-Wunused-parameter) \
$(call cc-option,-Wvla)
override CPPFLAGS := -D_FILE_OFFSET_BITS=64 $(CPPFLAGS)
ifneq ($(V),1)
QUIET_CC = @echo ' CC ' $@;
QUIET_CCLD = @echo ' CCLD ' $@;
QUIET_AR = @echo ' AR ' $@;
QUIET_LN = @echo ' LN ' $@;
endif
USE_SHARED_LIB ?=
PREFIX ?= /usr/local
BINDIR ?= $(PREFIX)/bin
INCDIR ?= $(PREFIX)/include
LIBDIR ?= $(PREFIX)/lib
DESTDIR ?=
# Rebuild if a user-specified setting that affects the build changed.
.build-config: FORCE
@flags='$(CC):$(CFLAGS):$(CPPFLAGS):$(LDFLAGS):$(USE_SHARED_LIB)'; \
if [ "$$flags" != "`cat $@ 2>/dev/null`" ]; then \
[ -e $@ ] && echo "Rebuilding due to new settings"; \
echo "$$flags" > $@; \
fi
DEFAULT_TARGETS :=
COMMON_HEADERS := $(wildcard common/*.h)
LDLIBS := -lcrypto
##############################################################################
#### Library
SOVERSION := 0
LIB_CFLAGS := $(CFLAGS) -fvisibility=hidden
LIB_SRC := $(wildcard lib/*.c)
LIB_HEADERS := $(wildcard lib/*.h) $(COMMON_HEADERS)
STATIC_LIB_OBJ := $(LIB_SRC:.c=.o)
SHARED_LIB_OBJ := $(LIB_SRC:.c=.shlib.o)
# Compile static library object files
$(STATIC_LIB_OBJ): %.o: %.c $(LIB_HEADERS) .build-config
$(QUIET_CC) $(CC) -o $@ -c $(CPPFLAGS) $(LIB_CFLAGS) $<
# Compile shared library object files
$(SHARED_LIB_OBJ): %.shlib.o: %.c $(LIB_HEADERS) .build-config
$(QUIET_CC) $(CC) -o $@ -c $(CPPFLAGS) $(LIB_CFLAGS) -fPIC $<
# Create static library
libfsverity.a:$(STATIC_LIB_OBJ)
$(QUIET_AR) $(AR) cr $@ $+
DEFAULT_TARGETS += libfsverity.a
# Create shared library
libfsverity.so.$(SOVERSION):$(SHARED_LIB_OBJ)
$(QUIET_CCLD) $(CC) -o $@ -Wl,-soname=$@ -shared $+ $(LDFLAGS) $(LDLIBS)
DEFAULT_TARGETS += libfsverity.so.$(SOVERSION)
# Create the symlink libfsverity.so => libfsverity.so.$(SOVERSION)
libfsverity.so:libfsverity.so.$(SOVERSION)
$(QUIET_LN) ln -sf $+ $@
DEFAULT_TARGETS += libfsverity.so
##############################################################################
#### Programs
ALL_PROG_SRC := $(wildcard programs/*.c)
ALL_PROG_OBJ := $(ALL_PROG_SRC:.c=.o)
ALL_PROG_HEADERS := $(wildcard programs/*.h) $(COMMON_HEADERS)
PROG_COMMON_SRC := programs/utils.c
PROG_COMMON_OBJ := $(PROG_COMMON_SRC:.c=.o)
FSVERITY_PROG_OBJ := $(PROG_COMMON_OBJ) \
programs/cmd_enable.o \
programs/cmd_measure.o \
programs/cmd_sign.o \
programs/fsverity.o
TEST_PROG_SRC := $(wildcard programs/test_*.c)
TEST_PROGRAMS := $(TEST_PROG_SRC:programs/%.c=%)
# Compile program object files
$(ALL_PROG_OBJ): %.o: %.c $(ALL_PROG_HEADERS) .build-config
$(QUIET_CC) $(CC) -o $@ -c $(CPPFLAGS) $(CFLAGS) $<
# Link the fsverity program
ifdef USE_SHARED_LIB
fsverity: $(FSVERITY_PROG_OBJ) libfsverity.so
$(QUIET_CCLD) $(CC) -o $@ $(FSVERITY_PROG_OBJ) -L. -lfsverity
else
fsverity: $(FSVERITY_PROG_OBJ) libfsverity.a
$(QUIET_CCLD) $(CC) -o $@ $+ $(LDFLAGS) $(LDLIBS)
endif
DEFAULT_TARGETS += fsverity
# Link the test programs
$(TEST_PROGRAMS): %: programs/%.o $(PROG_COMMON_OBJ) libfsverity.a
$(QUIET_CCLD) $(CC) -o $@ $+ $(LDFLAGS) $(LDLIBS)
##############################################################################
all:$(DEFAULT_TARGETS)
test_programs:$(TEST_PROGRAMS)
check:test_programs
for prog in $(TEST_PROGRAMS); do \
./$$prog || exit 1; \
done
@echo "All tests passed!"
install:all
install -d $(DESTDIR)$(LIBDIR) $(DESTDIR)$(INCDIR) $(DESTDIR)$(BINDIR)
install -m755 fsverity $(DESTDIR)$(BINDIR)
install -m644 libfsverity.a $(DESTDIR)$(LIBDIR)
install -m755 libfsverity.so.$(SOVERSION) $(DESTDIR)$(LIBDIR)
ln -sf libfsverity.so.$(SOVERSION) $(DESTDIR)$(LIBDIR)/libfsverity.so
install -m644 common/libfsverity.h $(DESTDIR)$(INCDIR)
uninstall:
rm -f $(DESTDIR)$(BINDIR)/fsverity
rm -f $(DESTDIR)$(LIBDIR)/libfsverity.a
rm -f $(DESTDIR)$(LIBDIR)/libfsverity.so.$(SOVERSION)
rm -f $(DESTDIR)$(LIBDIR)/libfsverity.so
rm -f $(DESTDIR)$(INCDIR)/libfsverity.h
help:
@echo "Available targets:"
@echo "------------------"
@for target in $(DEFAULT_TARGETS) $(TEST_PROGRAMS); do \
echo $$target; \
done
clean:
rm -f $(DEFAULT_TARGETS) $(TEST_PROGRAMS) \
lib/*.o programs/*.o .build-config
FORCE:
.PHONY: all test_programs check install uninstall help clean FORCE
.DEFAULT_GOAL = all