From 129e802fd4e0ca73f9dbae7968331d055c3a97d1 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Fri, 24 Jun 2016 17:08:20 -0400 Subject: VPATH build for libpkcs11.so, and first cut at libpkcs11.dylib for Mac OS X. The Mac OS X build compiles, but is otherwise completely untested, and won't even be testable until cryptech_rpcd support configuring high-speed UARTs on Mac OS X (OS-specific voodoo). --- GNUmakefile | 99 +++++++++++++++++++++++++++++++++++++++++++------------------ 1 file changed, 70 insertions(+), 29 deletions(-) (limited to 'GNUmakefile') diff --git a/GNUmakefile b/GNUmakefile index c936c4a..62f1cba 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -31,53 +31,64 @@ # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # Locations of libraries on which this code depends. -# This will probably need to change if we go to VPATHs. -LIBHAL_DIR = ../libhal -LIBTFM_DIR = ../thirdparty/libtfm -SQLITE3_DIR = ../thirdparty/sqlite3 +ifndef CRYPTECH_ROOT + CRYPTECH_ROOT := $(abspath ../..) +endif + +PKCS11_DIR ?= ${CRYPTECH_ROOT}/sw/pkcs11 +LIBHAL_DIR ?= ${PKCS11_DIR}/libhal +LIBTFM_DIR ?= ${PKCS11_DIR}/libtfm +SQLITE3_DIR ?= ${PKCS11_DIR}/sqlite3 # Whether to enable threading. Main reason for being able to turn it # off is that gdb on the Novena (sometimes) goes bananas when # threading is enabled. -ifndef ENABLE_THREADS - ENABLE_THREADS := yes -endif +ENABLE_THREADS ?= yes # Whether to enable debugging code that prints diagnostic information # to stderr on various conditions (mostly failures). -ifndef ENABLE_DEBUGGING - ENABLE_DEBUGGING := no -endif +ENABLE_DEBUGGING ?= no # Whether to disable #warning statements; generally these are present for # a reason, but they can get distracting when one is attempting to debug # something else. -ifndef ENABLE_FOOTNOTE_WARNINGS - ENABLE_FOOTNOTE_WARNINGS := yes -endif +ENABLE_FOOTNOTE_WARNINGS ?= yes # Whether to build and use our own copy of the sqlite3 library. -ifndef ENABLE_OWN_SQLITE_LIBRARY - ENABLE_OWN_SQLITE_LIBRARY := $(if $(wildcard ${SQLITE3_DIR}),yes,no) -endif +ENABLE_OWN_SQLITE_LIBRARY ?= $(if $(wildcard ${CRYPTECH_ROOT}/sw/thirdparty/sqlite3),yes,no) + +# Target platform for shared library. Every platform has its own +# kinks, as does GNU libtool, so we just suck it up and do the +# necessary kinks for the platforms we support. Yuck. + +UNAME := $(shell uname) -CFLAGS := -g3 -fPIC -Wall -std=c99 -I${LIBHAL_DIR} -SOFLAGS := -Wl,-Bsymbolic-functions -Wl,-Bsymbolic -Wl,-z,noexecstack -Wl,-soname,libpkcs11.so.0 +# Compilation flags, etc. + +CFLAGS := -g3 -fPIC -Wall -std=c99 -I${CRYPTECH_ROOT}/sw/libhal LIBS := ${LIBHAL_DIR}/libhal.a ${LIBTFM_DIR}/libtfm.a +ifeq "${UNAME}" "Darwin" + SONAME := libpkcs11.dylib + SOFLAGS := -dynamiclib +else + SONAME := libpkcs11.so + SOFLAGS := -Wl,-Bsymbolic-functions -Wl,-Bsymbolic -Wl,-z,noexecstack -Wl,-soname,${SONAME}.0 +endif + ifeq "${ENABLE_FOOTNOTE_WARNINGS}" "no" CFLAGS += -Wno-\#warnings -Wno-cpp endif -ifeq "${ENABLE_THREADS}" "yes" - CFLAGS += -pthread -else +ifneq "${ENABLE_THREADS}" "yes" CFLAGS += -DUSE_PTHREADS=0 +else ifneq "${UNAME}" "Darwin" + CFLAGS += -pthread endif ifeq "${ENABLE_DEBUGGING}" "yes" @@ -95,14 +106,30 @@ ifndef OBJCOPY OBJCOPY := objcopy endif -all: libpkcs11.so p11util py11/attribute_map.py +all: ${SONAME} p11util py11/attribute_map.py clean: - rm -rf pkcs11.o pkcs11.so libpkcs11.so* p11util p11util.o schema.h attributes.h + rm -rf *.o ${SONAME}* p11util schema.h attributes.h + cd libtfm; ${MAKE} $@ + cd libhal; ${MAKE} $@ +ifeq "${ENABLE_OWN_SQLITE_LIBRARY}" "yes" + cd sqlite3; ${MAKE} $@ +endif distclean: clean rm -f TAGS +.FORCE: + +${LIBTFM_DIR}/libtfm.a: .FORCE + cd libtfm; ${MAKE} + +${LIBHAL_DIR}/libhal.a: .FORCE ${LIBTFM_DIR}/libtfm.a + cd libhal; ${MAKE} daemon + +${SQLITE3_DIR}/libsqlite3.a: .FORCE + cd sqlite3; ${MAKE} + schema.h: schema.sql scripts/convert-schema.sed GNUmakefile sed -f scripts/convert-schema.sed schema.h @@ -112,14 +139,28 @@ attributes.h: attributes.yaml scripts/build-attributes GNUmakefile py11/attribute_map.py: attributes.yaml scripts/build-py11-attributes GNUmakefile python scripts/build-py11-attributes attributes.yaml py11/attribute_map.py -pkcs11.o: pkcs11.c schema.h attributes.h +pkcs11.o: pkcs11.c schema.h attributes.h ${LIBS} ${CC} ${CFLAGS} -c $< -pkcs11.so: pkcs11.o ${LIBS} - ${CC} ${CFLAGS} -shared -o $@ $^ ${SOFLAGS} ${LDFLAGS} +ifeq "${ENABLE_OWN_SQLITE_LIBRARY}" "yes" + pkcs11.o: ${SQLITE3_DIR}/libsqlite3.a +endif + +ifeq "${UNAME}" "Darwin" -libpkcs11.so: pkcs11.so - ${OBJCOPY} -w -G 'C_*' $< $@ + ${SONAME}: pkcs11.o ${LIBS} + nm $< | awk 'NF == 3 && $$2 == "T" && $$3 ~ /^_C_/ {print $$3}' >$@.tmp + ${CC} -Wl,-exported_symbols_list,$@.tmp -o $@ $^ ${SOFLAGS} ${LDFLAGS} + rm -f $@.tmp + +else + + ${SONAME}: pkcs11.o ${LIBS} + ${CC} ${CFLAGS} -shared -o $@.tmp $^ ${SOFLAGS} ${LDFLAGS} + ${OBJCOPY} -w -G 'C_*' $@.tmp $@ + rm -f $@.tmp + +endif p11util.o: p11util.c schema.h ${CC} ${CFLAGS} -c $< @@ -144,7 +185,7 @@ HSMBULLY := $(firstword $(wildcard $(addsuffix /hsmbully,$(subst :, ,.:${PATH})) ifneq "${HSMBULLY}" "" HSMBULLY_OPTIONS := \ - --pin fnord --so-pin fnord --pkcs11lib $(abspath libpkcs11.so) \ + --pin fnord --so-pin fnord --pkcs11lib $(abspath ${SONAME}) \ --verbose=9 --fast-and-frivolous --skip-fragmentation --skip-keysizing HSMBULLY_DATABASE=$(abspath hsmbully.pkcs11.db) -- cgit v1.2.3