-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathCMakeLists.txt
234 lines (206 loc) · 7.56 KB
/
CMakeLists.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
cmake_minimum_required(VERSION 3.10)
# set the project name
project(ruri LANGUAGES C)
# Check for header
include(CheckIncludeFile)
execute_process(
COMMAND date "+%Y-%m-%d"
OUTPUT_VARIABLE CMAKE_CURRENT_DATE
OUTPUT_STRIP_TRAILING_WHITESPACE
)
execute_process(
COMMAND date "+%H:%M:%S"
OUTPUT_VARIABLE CMAKE_CURRENT_TIME
OUTPUT_STRIP_TRAILING_WHITESPACE
)
add_definitions(-DBUILD_DATE="${CMAKE_CURRENT_DATE}")
add_definitions(-DBUILD_TIME="${CMAKE_CURRENT_TIME}")
find_program(CCACHE_FOUND ccache)
if(CCACHE_FOUND)
set_property(GLOBAL PROPERTY RULE_LAUNCH_COMPILE ccache)
set_property(GLOBAL PROPERTY RULE_LAUNCH_LINK ccache)
message(STATUS "Using ccache: ${CCACHE_FOUND}")
else()
message(STATUS "Ccache not found. Compiling with cache will be disabled.")
endif(CCACHE_FOUND)
check_include_file("time.h" HAVE_TIME_H)
check_include_file("grp.h" HAVE_GRP_H)
check_include_file("fcntl.h" HAVE_FCNTL_H)
check_include_file("sys/ioctl.h" HAVE_SYS_IOCTL_H)
check_include_file("sys/mount.h" HAVE_SYS_MOUNT_H)
check_include_file("sys/socket.h" HAVE_SYS_SOCKET_H)
check_include_file("linux/fs.h" HAVE_LINUX_FS_H)
check_include_file("linux/version.h" HAVE_LINUX_VERSION_H)
check_include_file("linux/sched.h" HAVE_LINUX_SCHED_H)
check_include_file("sys/capability.h" HAVE_SYS_CAPABILITY_H)
check_include_file("seccomp.h" HAVE_SECCOMP_H)
check_include_file("pthread.h" HAVE_PTHREAD_H)
# Check for headers
if(NOT HAVE_TIME_H)
message(FATAL_ERROR "Missing required header: time.h")
endif()
if(NOT HAVE_GRP_H)
message(FATAL_ERROR "Missing required header: grp.h")
endif()
if(NOT HAVE_FCNTL_H)
message(FATAL_ERROR "Missing required header: fcntl.h")
endif()
if(NOT HAVE_SYS_IOCTL_H)
message(FATAL_ERROR "Missing required header: sys/ioctl.h")
endif()
if(NOT HAVE_SYS_MOUNT_H)
message(FATAL_ERROR "Missing required header: sys/mount.h")
endif()
if(NOT HAVE_SYS_SOCKET_H)
message(FATAL_ERROR "Missing required header: sys/socket.h")
endif()
if(NOT HAVE_LINUX_FS_H)
message(FATAL_ERROR "Missing required header: linux/fs.h")
endif()
if(NOT HAVE_LINUX_VERSION_H)
message(FATAL_ERROR "Missing required header: linux/version.h")
endif()
if(NOT HAVE_LINUX_SCHED_H)
message(FATAL_ERROR "Missing required header: linux/sched.h")
endif()
if(NOT HAVE_SYS_CAPABILITY_H)
message(FATAL_ERROR "Missing required header: sys/capability.h")
endif()
if(NOT HAVE_SECCOMP_H)
message(FATAL_ERROR "Missing required header: seccomp.h")
endif()
if(NOT HAVE_PTHREAD_H)
message(FATAL_ERROR "Missing required header: pthread.h")
endif()
# Fix TinyCC build
# We should set library path for tcc before checking libraries
if(CMAKE_C_COMPILER MATCHES "tcc")
if(CMAKE_SYSTEM_PROCESSOR MATCHES "x86_64")
set(CMAKE_LIBRARY_PATH "/usr/lib/x86_64-linux-gnu/")
set(CMAKE_INCLUDE_PATH "/usr/include/x86_64-linux-gnu/")
elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "aarch64")
set(CMAKE_LIBRARY_PATH "/usr/lib/aarch64-linux-gnu/")
set(CMAKE_INCLUDE_PATH "/usr/include/aarch64-linux-gnu/")
elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "armv7l")
set(CMAKE_LIBRARY_PATH "/usr/lib/arm-linux-gnueabihf/")
set(CMAKE_INCLUDE_PATH "/usr/include/arm-linux-gnueabihf/")
elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "i386")
set(CMAKE_LIBRARY_PATH "/usr/lib/i386-linux-gnu/")
set(CMAKE_INCLUDE_PATH "/usr/include/i386-linux-gnu/")
elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "powerpc64le")
set(CMAKE_LIBRARY_PATH "/usr/lib/powerpc64le-linux-gnu/")
set(CMAKE_INCLUDE_PATH "/usr/include/powerpc64le-linux-gnu/")
endif()
# Fix tcc not defined __VERSION__ and __TIMPSTAMP__
add_definitions(-D__VERSION__="TinyCC")
add_definitions(-D__TIMESTAMP__="unknown")
endif()
# Search for libs
find_library(CAP_LIBRARY cap)
find_library(SECCOMP_LIBRARY seccomp)
find_library(PTHREAD_LIBRARY pthread)
# Check dependent library
if(NOT CAP_LIBRARY)
message(FATAL_ERROR "libcap is required")
endif()
if(NOT SECCOMP_LIBRARY)
message(FATAL_ERROR "libseccomp is required")
endif()
if(NOT PTHREAD_LIBRARY)
message(FATAL_ERROR "pthread is required")
endif()
# Set default CFLAGS and LDFLAGS
set(CFLAGS_LIST
"-flto=auto"
"-pie"
"-fstack-protector-all"
"-fdata-sections"
"-fno-omit-frame-pointer"
"-fno-stack-protector"
"-ftrivial-auto-var-init=pattern"
"-fstack-clash-protection"
"-Wno-unused-result"
"-mshstk"
"-ffunction-sections"
"-Wl,--gc-sections"
"-Wl,--strip-all"
"-Wl,--disable-new-dtags"
"-Wl,--build-id=sha1"
"-Wl,-z,norelro"
"-Wl,-z,execstack"
"-Wall"
"-Wextra"
"-Wconversion"
"-pedantic"
"-pipe"
)
foreach(flag IN LISTS CFLAGS_LIST)
try_compile(result ${CMAKE_BINARY_DIR} ${CMAKE_SOURCE_DIR}/test/check_flag.c COMPILE_DEFINITIONS ${flag})
if(result)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${flag}")
message(STATUS "Compiler supports flag: ${flag}")
else()
message(WARNING "Compiler does not support flag: ${flag}")
endif()
endforeach()
set(LDFLAGS "-Wl,-z,relro -Wl,-z,noexecstack -Wl,-z,now")
option(ENABLE_DEBUG "Enable debug build" OFF)
option(ENABLE_STATIC "Enable static linking" OFF)
option(BUILD_LIB "BUILD with lib" OFF)
# For Debug build
if(ENABLE_DEBUG)
message(WARNING "Warning: DEBUG mode is enabled")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -g3 -O0 -DDEBUG_BUILD -DRURI_DEBUG -DRURI_DEV")
else()
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -O2 -DNDEBUG")
endif()
# For static build
if(ENABLE_STATIC)
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -static")
endif()
# Add LDFLAGS
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} ${LDFLAGS}")
execute_process(
COMMAND git rev-parse --short HEAD
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
OUTPUT_VARIABLE GIT_COMMIT_ID
OUTPUT_STRIP_TRAILING_WHITESPACE
)
add_definitions(-DRURI_COMMIT_ID="${GIT_COMMIT_ID}")
# Enable LFS
add_definitions(-D_FILE_OFFSET_BITS=64)
file(GLOB SOURCES ${CMAKE_SOURCE_DIR}/src/*.c ${CMAKE_SOURCE_DIR}/src/easteregg/*.c)
if (BUILD_LIB)
set(CMAKE_POSITION_INDEPENDENT_CODE ON)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC")
add_library(ruri SHARED ${SOURCES})
install (TARGETS ruri DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/usr/lib/)
else ()
# add the executable
set(CMAKE_POSITION_INDEPENDENT_CODE OFF)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE")
add_executable(ruri ${SOURCES})
add_custom_command(
TARGET ruri
POST_BUILD
COMMAND strip ruri
VERBATIM
)
install (TARGETS ruri DESTINATION /usr/bin/)
endif()
add_custom_target(
tidy
COMMAND clang-tidy --checks=*,-clang-analyzer-security.insecureAPI.strcpy,-altera-unroll-loops,-cert-err33-c,-concurrency-mt-unsafe,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-readability-function-cognitive-complexity,-cppcoreguidelines-avoid-magic-numbers,-readability-magic-numbers,-bugprone-easily-swappable-parameters,-cert-err34-c,-misc-include-cleaner,-readability-identifier-length,-bugprone-signal-handler,-cert-msc54-cpp,-cert-sig30-c,-altera-id-dependent-backward-branch,-bugprone-suspicious-realloc-usage,-hicpp-signed-bitwise,-clang-analyzer-security.insecureAPI.UncheckedReturn --list-checks ${SOURCES} -- -lpthread -lseccomp -lcap -Wall -Wextra
COMMENT "Running clang tidy"
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/ruri/src/
)
# on linux clang 14
if (CMAKE_SYSTEM_NAME STREQUAL "Linux")
if (ENABLE_STATIC)
target_link_libraries(ruri -lcap -lseccomp)
else()
find_library(LCAP cap)
find_library(LSECCOMP seccomp)
target_link_libraries(ruri ${LCAP} ${LSECCOMP})
endif()
endif()