-
Notifications
You must be signed in to change notification settings - Fork 7
Expand file tree
/
Copy pathMakefile
More file actions
209 lines (176 loc) · 6.83 KB
/
Makefile
File metadata and controls
209 lines (176 loc) · 6.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
# elfuse -- aarch64-linux ELF executor on macOS Apple Silicon
#
# Copyright 2026 elfuse contributors
# SPDX-License-Identifier: Apache-2.0
#
# Usage:
# make <target> [SIGN_IDENTITY="Your Signing Identity"]
#
# Example: make elfuse
# make test-hello
# make V=1 elfuse (verbose -- show full commands)
.DEFAULT_GOAL := help
.DELETE_ON_ERROR:
include mk/toolchain.mk
include mk/config.mk
# Source files.
SRCS := \
main.c \
core/guest.c \
core/elf.c \
core/stack.c \
core/vdso.c \
core/bootstrap.c \
core/rosetta.c \
core/sysroot.c \
runtime/thread.c \
runtime/futex.c \
runtime/forkipc.c \
runtime/fork-state.c \
runtime/procemu.c \
runtime/proctitle.c \
syscall/syscall.c \
syscall/fdtable.c \
syscall/translate.c \
syscall/mem.c \
syscall/path.c \
syscall/fuse.c \
syscall/sidecar.c \
syscall/fs.c \
syscall/fs-stat.c \
syscall/fs-xattr.c \
syscall/io.c \
syscall/poll.c \
syscall/fd.c \
syscall/inotify.c \
syscall/time.c \
syscall/sys.c \
syscall/proc.c \
syscall/proc-identity.c \
syscall/proc-pidfd.c \
syscall/proc-state.c \
syscall/exec.c \
syscall/signal.c \
syscall/net.c \
syscall/net-msg.c \
syscall/net-abi.c \
syscall/net-absock.c \
syscall/net-sockopt.c \
syscall/netlink.c \
syscall/sysvipc.c \
debug/crashreport.c \
debug/gdbstub.c \
debug/gdbstub-reg.c \
debug/gdbstub-rsp.c \
debug/log.c
SRCS := $(addprefix src/,$(SRCS))
OBJS := $(patsubst src/%.c,$(BUILD_DIR)/%.o,$(SRCS))
DISPATCH_MANIFEST := src/syscall/dispatch.tbl
DISPATCH_GENERATOR := scripts/gen-syscall-dispatch.py
DISPATCH_HEADER := $(BUILD_DIR)/dispatch.h
HVF_LDFLAGS := -framework Hypervisor -arch arm64
# Generated headers under build/ that must exist before compiling sources that
# include them.
GENERATED_HEADERS := $(BUILD_DIR)/shim_blob.h $(BUILD_DIR)/version.h $(DISPATCH_HEADER)
include mk/common.mk
include mk/shim.mk
define link-and-sign
@echo " LD $1"
$(Q)tmp="$1.$$$$.tmp"; \
$(CC) $(CFLAGS) -o "$$tmp" $2 $(HVF_LDFLAGS); \
echo " SIGN $1"; \
codesign --entitlements $(ENTITLEMENTS) -f -s "$(SIGN_IDENTITY)" "$$tmp"; \
mv "$$tmp" "$1"
endef
# Main executable
.PHONY: all elfuse
.PHONY: gen-syscall-dispatch check-syscall-dispatch
all: elfuse
## Regenerate build/dispatch.h from src/syscall/dispatch.tbl
gen-syscall-dispatch:
@python3 $(DISPATCH_GENERATOR)
## Verify build/dispatch.h matches the generator output
check-syscall-dispatch: $(DISPATCH_HEADER)
@python3 $(DISPATCH_GENERATOR) --check
$(DISPATCH_HEADER): $(DISPATCH_MANIFEST) $(DISPATCH_GENERATOR) src/syscall/abi.h | $(BUILD_DIR)
@echo " GEN $@"
$(Q)tmp="$@.$$$$.tmp"; \
python3 $(DISPATCH_GENERATOR) --output "$$tmp"; \
cmp -s "$$tmp" "$@" 2>/dev/null || mv "$$tmp" "$@"; \
rm -f "$$tmp"
$(BUILD_DIR)/syscall/syscall.o: $(DISPATCH_HEADER)
## Build the elfuse executable
elfuse: $(ELFUSE_BIN)
$(ELFUSE_BIN): $(OBJS) | $(BUILD_DIR)
$(call link-and-sign,$@,$(OBJS))
# Native test binaries (macOS, Hypervisor.framework)
## Build the multi-vCPU HVF validation test (native macOS binary)
$(BUILD_DIR)/test-multi-vcpu: $(BUILD_DIR)/test-multi-vcpu.o | $(BUILD_DIR)
$(call link-and-sign,$@,$<)
## Build the RWX W^X validation test (native macOS binary)
$(BUILD_DIR)/test-rwx: $(BUILD_DIR)/test-rwx.o | $(BUILD_DIR)
$(call link-and-sign,$@,$<)
## Build the proctitle argv-tail regression test (native macOS binary)
# Links against the project-built proctitle.o so the exact in-tree code is
# exercised; no HVF entitlement is needed because the test only manipulates
# mmap and PROT_NONE. The codesign step is skipped for the same reason.
$(BUILD_DIR)/test-proctitle-host: $(BUILD_DIR)/test-proctitle-host.o \
$(BUILD_DIR)/runtime/proctitle.o | $(BUILD_DIR)
@echo " LD $@"
$(Q)$(CC) $(CFLAGS) -o $@ $^
# Guest test binaries (cross-compiled, aarch64-linux)
# Only used when GUEST_TEST_BINARIES is not set.
ifndef GUEST_TEST_BINARIES
$(BUILD_DIR)/test-hello: tests/hello.S tests/simple.ld | $(BUILD_DIR)
@echo " AS tests/hello.S"
$(Q)$(BAREMETAL_CROSS)as -o $(BUILD_DIR)/test-hello.o tests/hello.S
@echo " LD $@"
$(Q)$(BAREMETAL_CROSS)ld -T tests/simple.ld -o $@ $(BUILD_DIR)/test-hello.o
# Pattern rule: cross-compile tests/*.c to static aarch64-linux binaries
# -D_GNU_SOURCE exposes pipe2/dup3/O_DIRECT/etc. on glibc (musl exposes them by default)
$(BUILD_DIR)/%: tests/%.c | $(BUILD_DIR)
@echo " CROSS $<"
$(Q)$(CROSS_COMPILE)gcc -D_GNU_SOURCE -static -O2 -o $@ $<
# test-pthread needs -lpthread
$(BUILD_DIR)/test-pthread: tests/test-pthread.c | $(BUILD_DIR)
@echo " CROSS $< (with -lpthread)"
$(Q)$(CROSS_COMPILE)gcc -D_GNU_SOURCE -static -O2 -o $@ $< -lpthread
# test-fuse-basic runs a guest daemon thread and consumer in one process
$(BUILD_DIR)/test-fuse-basic: tests/test-fuse-basic.c | $(BUILD_DIR)
@echo " CROSS $< (with -lpthread)"
$(Q)$(CROSS_COMPILE)gcc -D_GNU_SOURCE -static -O2 -o $@ $< -lpthread
# test-sched-policy spawns a pthread to verify per-thread TID lookup
$(BUILD_DIR)/test-sched-policy: tests/test-sched-policy.c | $(BUILD_DIR)
@echo " CROSS $< (with -lpthread)"
$(Q)$(CROSS_COMPILE)gcc -D_GNU_SOURCE -static -O2 -o $@ $< -lpthread
# test-signalfd-hardening needs -lpthread for the worker-thread tid
# regression case in test_rt_sigqueueinfo_rejects_thread_tid.
$(BUILD_DIR)/test-signalfd-hardening: tests/test-signalfd-hardening.c | $(BUILD_DIR)
@echo " CROSS $< (with -lpthread)"
$(Q)$(CROSS_COMPILE)gcc -D_GNU_SOURCE -static -O2 -o $@ $< -lpthread
# test-futex-waitv needs -lpthread for the host wake-thread used to unblock
# the main thread's futex_waitv.
$(BUILD_DIR)/test-futex-waitv: tests/test-futex-waitv.c | $(BUILD_DIR)
@echo " CROSS $< (with -lpthread)"
$(Q)$(CROSS_COMPILE)gcc -D_GNU_SOURCE -static -O2 -o $@ $< -lpthread
# test-fork-lowbase must be a non-PIE ET_EXEC linked below ELF_DEFAULT_BASE so
# nested forks exercise elf_load_min preservation across fork IPC.
$(BUILD_DIR)/test-fork-lowbase: tests/test-fork-lowbase.c | $(BUILD_DIR)
@echo " CROSS $< (low-base ET_EXEC)"
$(Q)$(CROSS_COMPILE)gcc -D_GNU_SOURCE -static -O2 -no-pie \
-Wl,-Ttext-segment=0x200000 -o $@ $<
# test-lowbase-mem variants must be non-PIE ET_EXEC binaries linked below
# ELF_DEFAULT_BASE so mprotect/munmap exercise the old low-address reject
# window at two offsets.
$(BUILD_DIR)/test-lowbase-mem-200000: tests/test-lowbase-mem.c | $(BUILD_DIR)
@echo " CROSS $< (low-base ET_EXEC @0x200000)"
$(Q)$(CROSS_COMPILE)gcc -D_GNU_SOURCE -static -O2 -no-pie \
-Wl,-Ttext-segment=0x200000 -o $@ $<
$(BUILD_DIR)/test-lowbase-mem-300000: tests/test-lowbase-mem.c | $(BUILD_DIR)
@echo " CROSS $< (low-base ET_EXEC @0x300000)"
$(Q)$(CROSS_COMPILE)gcc -D_GNU_SOURCE -static -O2 -no-pie \
-Wl,-Ttext-segment=0x300000 -o $@ $<
endif
include mk/tests.mk
include mk/analysis.mk
include mk/help.mk