1#!/usr/bin/make -f 2 3BUILD_TREE:=build-tree 4 5include hardening.make 6DEFAULT_PIE:=$(DEB_BUILD_HARDENING_PIE) 7DEFAULT_STACKPROT:=$(DEB_BUILD_HARDENING_STACKPROTECTOR) 8 9WRAPPERS=hardened-cc hardened-ld 10TOOLS=hardening.make hardening-check 11MANPAGES=hardened-cc.1 hardened-ld.1 12 13$(BUILD_TREE)/stamp-build: $(WRAPPERS) $(TOOLS) $(MANPAGES) Makefile 14 if [ -z "$(DEB_HOST_ARCH)" ]; then echo No DEB_HOST_ARCH; exit 1; fi 15 if [ -z "$(DEB_HOST_ARCH_OS)" ]; then echo No DEB_HOST_ARCH_OS; exit 1; fi 16 mkdir -p $(BUILD_TREE) 17 18 # Construct wrappers. 19 install $(WRAPPERS) $(BUILD_TREE)/ 20 # Set defaults, based on OS and ARCH. 21 perl -pi -e 's/ #OS#/ '"$(DEB_HOST_ARCH_OS)"'/; s/ #ARCH#/ '"$(DEB_HOST_ARCH)"'/;' $(BUILD_TREE)/hardened-cc $(BUILD_TREE)/hardened-ld 22 perl -pi -e "s/default{'DEB_BUILD_HARDENING_PIE'}=1;/default{'DEB_BUILD_HARDENING_PIE'}=$(DEFAULT_PIE);/;" $(BUILD_TREE)/hardened-cc $(BUILD_TREE)/hardened-ld 23 perl -pi -e "s/default{'DEB_BUILD_HARDENING_STACKPROTECTOR'}=1;/default{'DEB_BUILD_HARDENING_STACKPROTECTOR'}=$(DEFAULT_STACKPROT);/;" $(BUILD_TREE)/hardened-cc $(BUILD_TREE)/hardened-ld 24 # Duplicate cc wrapper to c++. 25 install $(BUILD_TREE)/hardened-cc $(BUILD_TREE)/hardened-c++ 26 perl -pi -e 's/hardened-cc/hardened-c++/g; s|/usr/bin/cc|/usr/bin/c++|g;' $(BUILD_TREE)/hardened-c++ 27 28 # Construct tools. 29 install $(TOOLS) $(BUILD_TREE)/ 30 # Do not use "shell" here because it eats newlines. We want those. 31 perl -pi -e "s/^my %libc;/my %libc = (\n$$(perl hardening-check --find-libc-functions /bin/ls)\n);/;" $(BUILD_TREE)/hardening-check 32 33 # Construct man pages. 34 install $(MANPAGES) $(BUILD_TREE)/ 35 pod2man hardening-check > $(BUILD_TREE)/hardening-check.1 36 # Duplicate cc man page to c++. 37 install $(BUILD_TREE)/hardened-cc.1 $(BUILD_TREE)/hardened-c++.1 38 perl -pi -e 's/hardened-cc/hardened-c++/g; s/gcc/g++/g;' $(BUILD_TREE)/hardened-c++.1 39 40 touch $(BUILD_TREE)/stamp-build 41 42check: $(BUILD_TREE)/stamp-build 43 make -C tests check 44 45clean: 46 rm -rf $(BUILD_TREE) 47 48old-install: 49 # programatically build links (change debian/h-w.{preinst,postrm} too) 50 for ver in 4.2 4.3 4.4 4.5 4.6 4.7; do dh_link -phardening-wrapper \ 51 usr/bin/hardened-cc usr/bin/gcc-$$ver \ 52 usr/bin/hardened-c++ usr/bin/g++-$$ver \ 53 ;\ 54 done 55 dh_link -phardening-wrapper usr/bin/hardened-ld usr/bin/ld.bfd 56 dh_link -phardening-wrapper usr/bin/hardened-ld usr/bin/ld.gold 57 58.PHONY: check clean 59