forked from arichardson/openssh-portable
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Makefile.soaap
100 lines (84 loc) · 4.1 KB
/
Makefile.soaap
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
SOAAP_ROOT?=$(CURDIR)/..
LLVM_BUILD_DIR?=$(SOAAP_ROOT)/llvm/build
SOAAP_BUILD_DIR?=$(SOAAP_ROOT)/soaap/build
LLVM_LINK?=$(LLVM_BUILD_DIR)/bin/llvm-link
LLVM_EXTRACT?=$(LLVM_BUILD_DIR)/bin/llvm-extract
CLANG?=$(LLVM_BUILD_DIR)/bin/clang
BITCODE_LIBDIR?=$(SOAAP_ROOT)/bitcode/snapshots
SOAAP?=$(SOAAP_BUILD_DIR)/bin/soaap
# TODO: remove -soaap-skip-global-variable-analysis in the future
SOAAP_DEFAULT_OPTIONS?=-soaap-infer-fp-targets -soaap-sandbox-platform=capsicum -soaap-analyses=vulnerability,syscalls,privcalls,sandboxed,infoflow -soaap-output-traces=all
SOAAP_OPTIONS?=
SOAAP_FULL_ANALYSIS_OPTIONS?=-soaap-analyses=vulnerability,syscalls,privcalls,sandboxed,infoflow -soaap-list-fp-targets -soaap-list-sandboxed-funcs -soaap-dump-rpc-graph -soaap-output-traces=all -soaap-mode=all
SSHD_REQUIRED_LIBS= \
$(BITCODE_LIBDIR)/libz.so.bc \
$(BITCODE_LIBDIR)/libcrypto.so.bc \
$(BITCODE_LIBDIR)/libssl.so.bc \
openbsd-compat/libopenbsd-compat.a.bc \
libssh.a.bc
# TODO: linking libc won't work yet
# TODO: compile with musl libc?
# $(BITCODE_LIBDIR)/libc.so.bc \
# $(BITCODE_LIBDIR)/libutil.a.bc \
# $(BITCODE_LIBDIR)/libcrypt.a.bc \
# adding opebsd-compat.a.bc -> multiple def of opterr
# adding libssh.a.bc causes multiple def of log
# -> we need the override flag
# if configure was called correctly plain make is sufficient
# but for now always use the wrapper script
LLVM_IR_MAKE?=make-for-llvm-ir.py
.PHONY: all clean soaap soaap-json soaap-all soaap-all-json
all: sshd_executable.bc
@echo
soaap: sshd_executable.bc
$(SOAAP) -o sshd.soaap $^ $(SOAAP_DEFAULT_OPTIONS) $(SOAAP_OPTIONS)
soaap-json: sshd_executable.bc
$(SOAAP) -o sshd.soaap $^ $(SOAAP_DEFAULT_OPTIONS) $(SOAAP_OPTIONS) -soaap-report-output-formats=json
soaap-all: sshd_executable.bc
$(SOAAP) -o sshd.soaap $^ $(SOAAP_DEFAULT_OPTIONS) $(SOAAP_OPTIONS) $(SOAAP_FULL_ANALYSIS_OPTIONS)
soaap-all-json: sshd_executable.bc
$(SOAAP) -o sshd.soaap $^ $(SOAAP_DEFAULT_OPTIONS) $(SOAAP_OPTIONS) $(SOAAP_FULL_ANALYSIS_OPTIONS) -soaap-report-output-formats=json
clean:
rm -f *.bc openbsd-compat/*.bc sshd.soaap
DUPLICATE_LIBC_FUNCTIONS=-func=log
libc_fixed.so.bc: Makefile.soaap
ifneq ($(wildcard $(BITCODE_LIBDIR)/libc.so.bc),)
@echo "libc.so.bc exist"
@#libssh.a defines a log function for logging which conflicts with the builting math function log
$(LLVM_EXTRACT) -o $@ -delete -func=log $(BITCODE_LIBDIR)/libc.so.bc
else
@echo "WARNING: no LLVM IR libc.so.bc found. BITCODE_LIBDIR not correct?."
@echo "WARNING: Creating empty libc stub file."
$(CLANG) -S -emit-llvm -o $@ -x c /dev/null;
endif
# libcrypto_fixed.so.bc: Makefile.soaap
# ifneq ($(wildcard $(BITCODE_LIBDIR)/libcrypto.so.bc),)
# @echo "libcrypto.so.bc exist"
# @#$(LLVM_EXTRACT) -o $@ -delete -func=BF_set_key $(BITCODE_LIBDIR)/libcrypto.so.bc
# cp -L $(BITCODE_LIBDIR)/libcrypto.so.bc $@
# else
# @echo "WARNING: no LLVM IR libcrypto.so.bc found. BITCODE_LIBDIR not correct?."
# @echo "WARNING: Creating empty libcrypto stub file."
# $(CLANG) -S -emit-llvm -o $@ -x c /dev/null;
# endif
%.so.bc: Makefile.soaap
@if [[ -f "$(BITCODE_LIBDIR)/$@" ]]; then \
echo "$(BITCODE_LIBDIR)/$@ exists"; \
echo "cp -L $(BITCODE_LIBDIR)/$@ $@"; \
cp -L $(BITCODE_LIBDIR)/$@ $@; \
else \
echo "WARNING: no LLVM IR $@ found. BITCODE_LIBDIR not correct?."; \
echo "WARNING: Creating empty $@ stub file."; \
$(CLANG) -S -emit-llvm -o $@ -x c /dev/null; \
fi
libopenbsd-compat_fixed.a.bc: openbsd-compat/libopenbsd-compat.a.bc Makefile.soaap
@# openbsd compat includes defines for optind, opterr, glob, globfree, strlcat, strlcpy which libc also has
$(LLVM_EXTRACT) -o $@ -delete -glob=optind -glob=opterr -func=glob -func=globfree -func=strlcat -func=strlcpy $<
sshd_executable.bc: sshd.bc libssh.a.bc libopenbsd-compat_fixed.a.bc libc_fixed.so.bc libssl.so.bc libcrypto.so.bc libpam.so.bc libz.so.bc libk5crypto.so.bc libkrb5support.so.bc libkrb5.so.bc libcom_err.so.bc libkeyutils.so.bc
$(LLVM_LINK) -o $@ $^
sshd.bc:
$(LLVM_IR_MAKE) sshd $(MAKEFLAGS)
libssh.a.bc:
$(LLVM_IR_MAKE) libssh.a $(MAKEFLAGS)
openbsd-compat/libopenbsd-compat.a.bc:
$(LLVM_IR_MAKE) openbsd-compat/libopenbsd-compat.a $(MAKEFLAGS)