ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2025-02-06 19:19:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Remove populate-lib, rework libraries and kernel module installation.

Browse Source 
The populate-lib program was buggy on some systems and could accidentally
introduce unwanted libraries into the initrd.  The Makefile now uses the
modules' $(module_libraries) variable to select which libraries should be
installed into the initrd.

Kernel modules are now stripped and installed using a similar system.
This commit is contained in:
Trammell Hudson 2017-03-29 15:15:03 -04:00
parent fbfe565064
commit ab0476ad2f
No known key found for this signature in database
GPG Key ID: C7CFA251FF608213
9 changed files with 58 additions and 136 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
Makefile
View File

@ -14,8 +14,20 @@ BUILD_LOG := $(shell [ -d "$(log_dir)" ] || mkdir "$(log_dir)")
# command to /dev/null. # command to /dev/null.
ifeq "$V" "" ifeq "$V" ""
VERBOSE_REDIRECT := > /dev/null VERBOSE_REDIRECT := > /dev/null
# Not verbose, so we only show the header
define do =
@echo "$(DATE) $1 $2"
@$3
endef
else
# Verbose, so we display what we are doing
define do =
@echo "$(DATE) $1 $2"
$3
endef
endif endif
# Check that we have a correct version of make # Check that we have a correct version of make
LOCAL_MAKE_VERSION := $(shell $(MAKE) --version | head -1 | cut -d' ' -f3) LOCAL_MAKE_VERSION := $(shell $(MAKE) --version | head -1 | cut -d' ' -f3)
include modules/make include modules/make
@ -151,7 +163,7 @@ define define_module =
$(foreach d,$($1_depends),$d.intermediate) \ $(foreach d,$($1_depends),$d.intermediate) \
$(foreach d,$($1_depends),$(call outputs,$d)) \ $(foreach d,$($1_depends),$(call outputs,$d)) \
$(build)/$($1_dir)/.configured $(build)/$($1_dir)/.configured
@echo "$(DATE) Building $1" @echo "$(DATE) MAKE $1"
@( \ @( \
echo "$(MAKE) \ echo "$(MAKE) \
-C \"$(build)/$($1_dir)\" \ -C \"$(build)/$($1_dir)\" \
@ -188,8 +200,7 @@ initrd_bin_dir := initrd/bin
# the destination file. # the destination file.
# #
define install = define install =
@echo "$(DATE) Installing $2" $(call do,INSTALL,$2,cp "$1" "$2")
@cp -a "$1" "$2"
endef endef
# #
@ -208,10 +219,8 @@ endef
define initrd_lib_add = define initrd_lib_add =
$(initrd_lib_dir)/$(notdir $1): $1 $(initrd_lib_dir)/$(notdir $1): $1
@if [ ! -d "$(initrd_lib_dir)" ]; \ @mkdir -p "$(initrd_lib_dir)"
then mkdir -p "$(initrd_lib_dir)"; \ $(call do,INSTALL-STRIP,$1,$(CROSS)strip -o "$$@" "$$<")
fi
$(call install,$$<,$$@)
initrd_libs += $(initrd_lib_dir)/$(notdir $1) initrd_libs += $(initrd_lib_dir)/$(notdir $1)
endef endef
@ -221,10 +230,10 @@ $(foreach _, $(call bins,cryptsetup), $(eval $(call initrd_bin_add,$_)))
$(foreach _, $(call bins,gpg), $(eval $(call initrd_bin_add,$_))) $(foreach _, $(call bins,gpg), $(eval $(call initrd_bin_add,$_)))
$(foreach _, $(call bins,lvm2), $(eval $(call initrd_bin_add,$_))) $(foreach _, $(call bins,lvm2), $(eval $(call initrd_bin_add,$_)))
$(foreach _, $(call libs,tpmtotp), $(eval $(call initrd_lib_add,$_))) # Install the libraries for every module that we have built
$(foreach _, $(call libs,mbedtls), $(eval $(call initrd_lib_add,$_))) $(foreach m, $(modules), \
$(foreach _, $(call libs,qrencode), $(eval $(call initrd_lib_add,$_))) $(foreach _, $(call libs,$m), $(eval $(call initrd_lib_add,$_))) \
$(foreach _, $(call libs,lvm2), $(eval $(call initrd_lib_add,$_))) )
#$(foreach _, $(call outputs,xen), $(eval $(call initrd_bin,$_))) #$(foreach _, $(call outputs,xen), $(eval $(call initrd_bin,$_)))
@ -248,22 +257,9 @@ initrd/bin/cbmem: $(build)/$(coreboot_dir)/util/cbmem/cbmem
$(build)/$(coreboot_dir)/util/cbmem/cbmem: \ $(build)/$(coreboot_dir)/util/cbmem/cbmem: \
$(build)/$(coreboot_dir)/.canary \ $(build)/$(coreboot_dir)/.canary \
musl.intermediate musl.intermediate
@echo "$(DATE) Building cbmem" $(call do,MAKE,cbmem,\
@$(MAKE) -C "$(dir $@)" CC="$(heads_cc)" $(MAKE) -C "$(dir $@)" CC="$(heads_cc)" \
)
# Update all of the libraries in the initrd based on the executables
# that were installed.
initrd_lib_install: $(initrd_bins) $(initrd_libs)
-find initrd/bin -type f -a ! -name '*.sh' -print0 \
| xargs -0 $(CROSS)strip --preserve-dates
LD_LIBRARY_PATH="$(INSTALL)/lib" \
./populate-lib \
$(initrd_lib_dir) \
initrd/bin/* \
initrd/sbin/* \
-$(CROSS)strip $(initrd_lib_dir)/* ; true
# #
@ -280,23 +276,30 @@ initrd_lib_install: $(initrd_bins) $(initrd_libs)
# unlikely that their device file has a different major/minor) # unlikely that their device file has a different major/minor)
# #
# #
initrd.cpio: $(initrd_bins) $(initrd_libs) initrd_lib_install linux_modules initrd.cpio: $(initrd_bins) $(initrd_libs) linux_modules
$(call do,CPIO,$@, \
cd ./initrd ; \ cd ./initrd ; \
find . \ find . \
| cpio --quiet -H newc -o \ | cpio --quiet -H newc -o \
| ../cpio-clean ../dev.cpio - \ | ../cpio-clean ../dev.cpio - \
> "../$@" > "../$@" \
)
initrd.intermediate: initrd.cpio initrd.intermediate: initrd.cpio
linux_modules: linux.intermediate linux_modules: linux.intermediate
@-mkdir initrd/lib/modules @-mkdir -p initrd/lib/modules
@for mod in $(linux_modules); do \
echo "$(DATE) Installing $$mod"; \
cp -a "$(build)/$(linux_dir)/$$mod" initrd/lib/modules; \
done
$(CROSS)strip --strip-debug initrd/lib/modules/*.ko
define linux_module =
$(build)/$(linux_dir)/$1: linux.intermediate
initrd.cpio: initrd/lib/modules/$(notdir $1)
initrd/lib/modules/$(notdir $1): $(build)/$(linux_dir)/$1
$(call do,INSTALL-STRIP,$$@,$(CROSS)strip --strip-debug -o "$$@" "$$<")
endef
define map =
$(foreach _,$2,$(eval $(call $1,$_)))
endef
$(call map,linux_module,$(linux_modules))
# populate the coreboot initrd image from the one we built. # populate the coreboot initrd image from the one we built.
@ -304,17 +307,19 @@ linux_modules: linux.intermediate
#$(call outputs,linux): initrd.cpio #$(call outputs,linux): initrd.cpio
coreboot.intermediate: $(build)/$(coreboot_dir)/initrd.cpio.xz coreboot.intermediate: $(build)/$(coreboot_dir)/initrd.cpio.xz
$(build)/$(coreboot_dir)/initrd.cpio.xz: initrd.cpio $(build)/$(coreboot_dir)/initrd.cpio.xz: initrd.cpio
$(call do,COMPRESS,$<,\
xz \ xz \
--check=crc32 \ --check=crc32 \
--lzma2=dict=1MiB \ --lzma2=dict=1MiB \
--extreme \ --extreme \
< "$<" \ < "$<" \
> "$@" > "$@" \
)
# hack for the coreboot to find the linux kernel # hack for the coreboot to find the linux kernel
$(build)/$(coreboot_dir)/bzImage: $(build)/$(linux_dir)/arch/x86/boot/bzImage $(build)/$(coreboot_dir)/bzImage: $(build)/$(linux_dir)/arch/x86/boot/bzImage
@echo "$(DATE) Copying $@" $(call do,COPY,$@,cp -a "$^" "$@")
@cp -a "$^" "$@"
coreboot.intermediate: $(build)/$(coreboot_dir)/bzImage coreboot.intermediate: $(build)/$(coreboot_dir)/bzImage
@ -325,13 +330,13 @@ coreboot.intermediate: $(build)/$(coreboot_dir)/bzImage
x230.rom: $(build)/$(coreboot_dir)/x230/coreboot.rom x230.rom: $(build)/$(coreboot_dir)/x230/coreboot.rom
"$(build)/$(coreboot_dir)/$(BOARD)/cbfstool" "$<" print "$(build)/$(coreboot_dir)/$(BOARD)/cbfstool" "$<" print
dd if="$<" of="$@" bs=1M skip=8 $(call do,EXTRACT,$@,dd if="$<" of="$@" bs=1M skip=8)
$(RM) "$<" @$(RM) "$<"
@sha256sum "$@" @sha256sum "$@"
qemu.rom: $(build)/$(coreboot_dir)/qemu/coreboot.rom qemu.rom: $(build)/$(coreboot_dir)/qemu/coreboot.rom
"$(build)/$(coreboot_dir)/$(BOARD)/cbfstool" "$<" print "$(build)/$(coreboot_dir)/$(BOARD)/cbfstool" "$<" print
mv "$<" "$@" $(call do,EXTRACT,$@,mv "$<" "$@")
@sha256sum "$@" @sha256sum "$@"

2
modules/cryptsetup
View File

@ -30,4 +30,6 @@ cryptsetup_output := \
src/.libs/cryptsetup \ src/.libs/cryptsetup \
src/.libs/veritysetup \ src/.libs/veritysetup \
cryptsetup_libraries := \
lib/.libs/libcryptsetup.so.4 \

2
modules/libuuid
View File

@ -17,5 +17,5 @@ libuuid_target := $(MAKE_JOBS) && \
prefix="$(INSTALL)" \ prefix="$(INSTALL)" \
install install
libuuid_libraries := .libs/libuuid.so libuuid_libraries := .libs/libuuid.so.1
libuuid_depends := $(musl_dep) libuuid_depends := $(musl_dep)

2
modules/lvm2
View File

@ -25,7 +25,7 @@ lvm2_target := \
$(MAKE_JOBS) \ $(MAKE_JOBS) \
install_device-mapper \ install_device-mapper \
#lvm2_libraries := libdm/libdevmapper.so lvm2_libraries := libdm/libdevmapper.so.1.02
lvm2_output := tools/dmsetup lvm2_output := tools/dmsetup

4
modules/mbedtls
View File

@ -6,10 +6,10 @@ mbedtls_tar := mbedtls-$(mbedtls_version)-gpl.tgz
mbedtls_url := https://tls.mbed.org/download/$(mbedtls_tar) mbedtls_url := https://tls.mbed.org/download/$(mbedtls_tar)
mbedtls_hash := d01f2d5586a52055329d194d909103f445bd2d0b6b2b5f1c830fbf828ac6299f mbedtls_hash := d01f2d5586a52055329d194d909103f445bd2d0b6b2b5f1c830fbf828ac6299f
mbedtls_libraries := \ mbedtls_libraries := library/libmbedcrypto.so.0
library/libmbedcrypto.so.0 \
mbedtls_configure := mbedtls_configure :=
mbedtls_target := \ mbedtls_target := \
SHARED=1 \ SHARED=1 \
DESTDIR=$(INSTALL) \ DESTDIR=$(INSTALL) \

2
modules/musl
View File

@ -22,6 +22,8 @@ musl_configure := ./configure \
--enable-shared \ --enable-shared \
CC=$(pwd)/crossgcc/x86_64-linux-musl/bin/x86_64-musl-linux-gcc CC=$(pwd)/crossgcc/x86_64-linux-musl/bin/x86_64-musl-linux-gcc
musl_libraries := \
lib/libc.so \
musl_target := $(MAKE_JOBS) install musl_target := $(MAKE_JOBS) install

3
modules/popt
View File

@ -17,5 +17,6 @@ popt_target := $(MAKE_JOBS) \
prefix="$(INSTALL)" \ prefix="$(INSTALL)" \
install install
popt_libraries := ./libs/libpopt.so popt_libraries := .libs/libpopt.so.0
popt_depends := $(musl_dep) popt_depends := $(musl_dep)

2
modules/qrencode
View File

@ -6,7 +6,7 @@ qrencode_tar := qrencode-$(qrencode_version).tar.gz
qrencode_url := https://fukuchi.org/works/qrencode/$(qrencode_tar) qrencode_url := https://fukuchi.org/works/qrencode/$(qrencode_tar)
qrencode_hash := e794e26a96019013c0e3665cb06b18992668f352c5553d0a553f5d144f7f2a72 qrencode_hash := e794e26a96019013c0e3665cb06b18992668f352c5553d0a553f5d144f7f2a72
qrencode_output := .libs/libqrencode.so.$(qrencode_version) qrencode_libraries := .libs/libqrencode.so.3
qrencode_configure := ./configure \ qrencode_configure := ./configure \
CC="$(heads_cc)" \ CC="$(heads_cc)" \

88
populate-lib
View File

@ -1,88 +0,0 @@
#!/usr/bin/perl
# Find all libraries for the executables
#
use warnings;
use strict;
use Data::Dumper;
use File::Copy;
use File::Basename;
my $dest = shift
or die "Usage: $0 dest-dir [programs...]\n";
my %libraries;
my %deps;
for my $file (@ARGV)
{
my @libs = `ldd "$file"`;
for (@libs)
{
if (/ not found/)
{
# check to see if it is already installed
my ($lib) = /^\s*(.*?)\s*=>/;
warn "$file: '$lib' $_"
unless -r "$dest/$lib";
next;
}
if (/ => ([^ ]+)/)
{
# Normal library
$libraries{$1}++;
push @{$deps{$file}}, $1;
}
elsif (/^\s+([^ ]+) \(/)
{
# Dynamic linker
$libraries{$1}++;
}
}
}
#print Dumper(\%libraries);
if(0)
{
print "$_: ", join(" ", @{$deps{$_}}), "\n"
for keys %deps;
print "\n";
}
unless( -d $dest )
{
system("mkdir", "-p", $dest)
and die "$dest: Unable to make directory: $!\n";
}
my $size = 0;
for my $lib (keys %libraries)
{
# skip vdso
next if $lib =~ /vdso/;
warn "$lib\n";
$size += -s $lib;
my $libname = basename $lib;
# my $dirname = dirname "$dest/$lib";
#
# unless( -d $dirname )
# {
# system("mkdir", "-p", $dirname)
# and die "$dirname: Unable to make directory: $!\n";
# }
my $dest_lib = "$dest/$libname";
copy $lib, $dest_lib
or die "$lib: Unable to copy: $!\n";
# make them executable because otherwise chroot barfs
system("chmod", "+x", $dest_lib);
}
print "Total size $size\n";
__END__