mirror of
https://github.com/openharmony/third_party_fsverity-utils.git
synced 2026-07-01 10:05:35 -04:00
5cd90ca608
From the 'fsverity' program, split out a library 'libfsverity'.
Currently it supports computing file measurements ("digests"), and
signing those file measurements for use with the fs-verity builtin
signature verification feature.
Rewritten from patches by Jes Sorensen <jsorensen@fb.com>.
I made a lot of improvements, e.g.:
- Separated library and program source into different directories.
- Drastically improved the Makefile.
- Added 'make check' target and rules to build test programs.
- In the shared lib, only export the functions intended to be public.
- Prefixed global functions with "libfsverity_" so that they don't cause
conflicts when the library is built as a static library.
- Made library error messages be sent to a user-specified callback
rather than always be printed to stderr.
- Keep showing OpenSSL error messages.
- Stopped abort()ing in library code, when possible.
- Made libfsverity_digest use native endianness.
- Moved file_size into the merkle_tree_params.
- Made libfsverity_get_hash_name() just return the static strings.
- Made some variables in the API uint32_t instead of uint16_t.
- Shared parse_hash_alg_option() between cmd_enable and cmd_sign.
- Lots of other fixes.
(Folded in a couple Makefile fixes from Jes.)
Reviewed-by: Jes Sorensen <jsorensen@fb.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
184 lines
5.7 KiB
Makefile
184 lines
5.7 KiB
Makefile
# SPDX-License-Identifier: GPL-2.0-or-later
|
|
#
|
|
# Use 'make help' to list available targets.
|
|
#
|
|
# Define V=1 to enable "verbose" mode, showing all executed commands.
|
|
#
|
|
# Define USE_SHARED_LIB=1 to link the fsverity binary to the shared library
|
|
# libfsverity.so rather than to the static library libfsverity.a.
|
|
#
|
|
# Define PREFIX to override the installation prefix, like './configure --prefix'
|
|
# in autotools-based projects (default: /usr/local)
|
|
#
|
|
# Define BINDIR to override where to install binaries, like './configure
|
|
# --bindir' in autotools-based projects (default: PREFIX/bin)
|
|
#
|
|
# Define INCDIR to override where to install headers, like './configure
|
|
# --includedir' in autotools-based projects (default: PREFIX/include)
|
|
#
|
|
# Define LIBDIR to override where to install libraries, like './configure
|
|
# --libdir' in autotools-based projects (default: PREFIX/lib)
|
|
#
|
|
# Define DESTDIR to override the installation destination directory
|
|
# (default: empty string)
|
|
#
|
|
# You can also specify custom CC, CFLAGS, CPPFLAGS, and/or LDFLAGS.
|
|
#
|
|
##############################################################################
|
|
|
|
cc-option = $(shell if $(CC) $(1) -c -x c /dev/null -o /dev/null &>/dev/null; \
|
|
then echo $(1); fi)
|
|
|
|
CFLAGS ?= -O2 -Wall -Wundef \
|
|
$(call cc-option,-Wdeclaration-after-statement) \
|
|
$(call cc-option,-Wimplicit-fallthrough) \
|
|
$(call cc-option,-Wmissing-field-initializers) \
|
|
$(call cc-option,-Wmissing-prototypes) \
|
|
$(call cc-option,-Wstrict-prototypes) \
|
|
$(call cc-option,-Wunused-parameter) \
|
|
$(call cc-option,-Wvla)
|
|
|
|
override CPPFLAGS := -D_FILE_OFFSET_BITS=64 $(CPPFLAGS)
|
|
|
|
ifneq ($(V),1)
|
|
QUIET_CC = @echo ' CC ' $@;
|
|
QUIET_CCLD = @echo ' CCLD ' $@;
|
|
QUIET_AR = @echo ' AR ' $@;
|
|
QUIET_LN = @echo ' LN ' $@;
|
|
endif
|
|
USE_SHARED_LIB ?=
|
|
PREFIX ?= /usr/local
|
|
BINDIR ?= $(PREFIX)/bin
|
|
INCDIR ?= $(PREFIX)/include
|
|
LIBDIR ?= $(PREFIX)/lib
|
|
DESTDIR ?=
|
|
|
|
# Rebuild if a user-specified setting that affects the build changed.
|
|
.build-config: FORCE
|
|
@flags='$(CC):$(CFLAGS):$(CPPFLAGS):$(LDFLAGS):$(USE_SHARED_LIB)'; \
|
|
if [ "$$flags" != "`cat $@ 2>/dev/null`" ]; then \
|
|
[ -e $@ ] && echo "Rebuilding due to new settings"; \
|
|
echo "$$flags" > $@; \
|
|
fi
|
|
|
|
DEFAULT_TARGETS :=
|
|
COMMON_HEADERS := $(wildcard common/*.h)
|
|
LDLIBS := -lcrypto
|
|
|
|
##############################################################################
|
|
|
|
#### Library
|
|
|
|
SOVERSION := 0
|
|
LIB_CFLAGS := $(CFLAGS) -fvisibility=hidden
|
|
LIB_SRC := $(wildcard lib/*.c)
|
|
LIB_HEADERS := $(wildcard lib/*.h) $(COMMON_HEADERS)
|
|
STATIC_LIB_OBJ := $(LIB_SRC:.c=.o)
|
|
SHARED_LIB_OBJ := $(LIB_SRC:.c=.shlib.o)
|
|
|
|
# Compile static library object files
|
|
$(STATIC_LIB_OBJ): %.o: %.c $(LIB_HEADERS) .build-config
|
|
$(QUIET_CC) $(CC) -o $@ -c $(CPPFLAGS) $(LIB_CFLAGS) $<
|
|
|
|
# Compile shared library object files
|
|
$(SHARED_LIB_OBJ): %.shlib.o: %.c $(LIB_HEADERS) .build-config
|
|
$(QUIET_CC) $(CC) -o $@ -c $(CPPFLAGS) $(LIB_CFLAGS) -fPIC $<
|
|
|
|
# Create static library
|
|
libfsverity.a:$(STATIC_LIB_OBJ)
|
|
$(QUIET_AR) $(AR) cr $@ $+
|
|
|
|
DEFAULT_TARGETS += libfsverity.a
|
|
|
|
# Create shared library
|
|
libfsverity.so.$(SOVERSION):$(SHARED_LIB_OBJ)
|
|
$(QUIET_CCLD) $(CC) -o $@ -Wl,-soname=$@ -shared $+ $(LDFLAGS) $(LDLIBS)
|
|
|
|
DEFAULT_TARGETS += libfsverity.so.$(SOVERSION)
|
|
|
|
# Create the symlink libfsverity.so => libfsverity.so.$(SOVERSION)
|
|
libfsverity.so:libfsverity.so.$(SOVERSION)
|
|
$(QUIET_LN) ln -sf $+ $@
|
|
|
|
DEFAULT_TARGETS += libfsverity.so
|
|
|
|
##############################################################################
|
|
|
|
#### Programs
|
|
|
|
ALL_PROG_SRC := $(wildcard programs/*.c)
|
|
ALL_PROG_OBJ := $(ALL_PROG_SRC:.c=.o)
|
|
ALL_PROG_HEADERS := $(wildcard programs/*.h) $(COMMON_HEADERS)
|
|
PROG_COMMON_SRC := programs/utils.c
|
|
PROG_COMMON_OBJ := $(PROG_COMMON_SRC:.c=.o)
|
|
FSVERITY_PROG_OBJ := $(PROG_COMMON_OBJ) \
|
|
programs/cmd_enable.o \
|
|
programs/cmd_measure.o \
|
|
programs/cmd_sign.o \
|
|
programs/fsverity.o
|
|
TEST_PROG_SRC := $(wildcard programs/test_*.c)
|
|
TEST_PROGRAMS := $(TEST_PROG_SRC:programs/%.c=%)
|
|
|
|
# Compile program object files
|
|
$(ALL_PROG_OBJ): %.o: %.c $(ALL_PROG_HEADERS) .build-config
|
|
$(QUIET_CC) $(CC) -o $@ -c $(CPPFLAGS) $(CFLAGS) $<
|
|
|
|
# Link the fsverity program
|
|
ifdef USE_SHARED_LIB
|
|
fsverity: $(FSVERITY_PROG_OBJ) libfsverity.so
|
|
$(QUIET_CCLD) $(CC) -o $@ $(FSVERITY_PROG_OBJ) -L. -lfsverity
|
|
else
|
|
fsverity: $(FSVERITY_PROG_OBJ) libfsverity.a
|
|
$(QUIET_CCLD) $(CC) -o $@ $+ $(LDFLAGS) $(LDLIBS)
|
|
endif
|
|
|
|
DEFAULT_TARGETS += fsverity
|
|
|
|
# Link the test programs
|
|
$(TEST_PROGRAMS): %: programs/%.o $(PROG_COMMON_OBJ) libfsverity.a
|
|
$(QUIET_CCLD) $(CC) -o $@ $+ $(LDFLAGS) $(LDLIBS)
|
|
|
|
##############################################################################
|
|
|
|
all:$(DEFAULT_TARGETS)
|
|
|
|
test_programs:$(TEST_PROGRAMS)
|
|
|
|
check:test_programs
|
|
for prog in $(TEST_PROGRAMS); do \
|
|
./$$prog || exit 1; \
|
|
done
|
|
@echo "All tests passed!"
|
|
|
|
install:all
|
|
install -d $(DESTDIR)$(LIBDIR) $(DESTDIR)$(INCDIR) $(DESTDIR)$(BINDIR)
|
|
install -m755 fsverity $(DESTDIR)$(BINDIR)
|
|
install -m644 libfsverity.a $(DESTDIR)$(LIBDIR)
|
|
install -m755 libfsverity.so.$(SOVERSION) $(DESTDIR)$(LIBDIR)
|
|
ln -sf libfsverity.so.$(SOVERSION) $(DESTDIR)$(LIBDIR)/libfsverity.so
|
|
install -m644 common/libfsverity.h $(DESTDIR)$(INCDIR)
|
|
|
|
uninstall:
|
|
rm -f $(DESTDIR)$(BINDIR)/fsverity
|
|
rm -f $(DESTDIR)$(LIBDIR)/libfsverity.a
|
|
rm -f $(DESTDIR)$(LIBDIR)/libfsverity.so.$(SOVERSION)
|
|
rm -f $(DESTDIR)$(LIBDIR)/libfsverity.so
|
|
rm -f $(DESTDIR)$(INCDIR)/libfsverity.h
|
|
|
|
help:
|
|
@echo "Available targets:"
|
|
@echo "------------------"
|
|
@for target in $(DEFAULT_TARGETS) $(TEST_PROGRAMS); do \
|
|
echo $$target; \
|
|
done
|
|
|
|
clean:
|
|
rm -f $(DEFAULT_TARGETS) $(TEST_PROGRAMS) \
|
|
lib/*.o programs/*.o .build-config
|
|
|
|
FORCE:
|
|
|
|
.PHONY: all test_programs check install uninstall help clean FORCE
|
|
|
|
.DEFAULT_GOAL = all
|