-
Notifications
You must be signed in to change notification settings - Fork 7
/
CMakeLists.txt
109 lines (93 loc) · 3.75 KB
/
CMakeLists.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
# SPDX-License-Identifier: Apache-2.0
# Copyright 2023 IBM Corp.
cmake_minimum_required( VERSION 3.12 )
project( secvarctl C )
add_executable( secvarctl )
target_sources( secvarctl PRIVATE secvarctl.c generic.c )
target_include_directories( secvarctl BEFORE PRIVATE
./
include/
external/libstb-secvar/
external/libstb-secvar/include/
external/libstb-secvar/include/secvar/
external/libstb-secvar/external/
)
# Extract version string from VERSION
file( STRINGS VERSION VERSION_DATA REGEX "=[0-9\-]*$")
list( TRANSFORM VERSION_DATA STRIP )
list( TRANSFORM VERSION_DATA REPLACE "([^=]+)=(.*)" "set(\\1 \"\\2\")\n" )
cmake_language(EVAL CODE ${VERSION_DATA})
set( SECVARCTL_VERSION "${SECVARCTL_VERSION_MAJOR}.${SECVARCTL_VERSION_MINOR}.${SECVARCTL_VERSION_PATCH}${SECVARCTL_VERSION_EXTRA}")
message( STATUS "Detected version string as ${SECVARCTL_VERSION}" )
target_compile_definitions( secvarctl PRIVATE
SECVARCTL_VERSION=\"${SECVARCTL_VERSION}\"
)
# Backend selection
option( HOST_BACKEND "Build with the host backend enabled" ON )
option( GUEST_BACKEND "Build with the guest backend enabled" ON )
if( HOST_BACKEND )
include( backends/host/CMakeLists.txt )
endif()
if( GUEST_BACKEND )
include( backends/guest/CMakeLists.txt )
endif()
if( NOT ( HOST_BACKEND OR GUEST_BACKEND) )
message( FATAL_ERROR "No backends are enabled, refusing to build." )
endif()
# Crypto library selection
set( CRYPTO "openssl" CACHE STRING "Crypto library to use" )
set_property( CACHE CRYPTO PROPERTY STRINGS openssl mbedtls gnutls )
get_property( CRYPTO_STRINGS CACHE CRYPTO PROPERTY STRINGS )
if (NOT CRYPTO IN_LIST CRYPTO_STRINGS)
message(FATAL_ERROR "CRYPTO must be set to one of: ${CRYPTO_STRINGS}")
endif()
message( STATUS "Using ${CRYPTO} for crypto")
if( CRYPTO STREQUAL openssl )
target_compile_definitions( secvarctl PRIVATE SECVAR_CRYPTO_OPENSSL )
find_package( OpenSSL REQUIRED )
target_link_libraries( secvarctl OpenSSL::SSL )
endif()
if( CRYPTO STREQUAL mbedtls )
target_include_directories( secvarctl AFTER PRIVATE external/extraMbedtls/include/ )
target_sources( secvarctl PRIVATE
external/extraMbedtls/pkcs7.c
external/extraMbedtls/pkcs7_write.c
external/skiboot/libstb/secvar/crypto/crypto-mbedtls.c
)
target_compile_definitions( secvarctl PRIVATE SECVAR_CRYPTO_MBEDTLS )
find_library( MBEDX509 mbedx509 HINTS ENV PATH REQUIRED )
find_library( MBEDCRYPTO mbedcrypto HINTS ENV PATH REQUIRED )
find_library( MBEDTLS mbedtls HINTS ENV PATH REQUIRED )
target_link_libraries( secvarctl ${MBEDTLS} ${MBEDX509} ${MBEDCRYPTO} ${PTHREAD} )
endif()
if( CRYPTO STREQUAL gnutls )
message( FATAL_ERROR "gnutls is not currently supported for cmake builds" )
endif()
add_subdirectory( external/libstb-secvar )
target_link_libraries( secvarctl stb-secvar-openssl )
set( DEBUG_FLAGS "-O0 -g3 -Wall -Werror" )
set( COVERAGE_FLAGS "-fprofile-arcs -ftest-coverage" )
set( SANITIZE_FLAGS
"-fsanitize=address"
"-fsanitize=undefined"
"-fno-sanitize-recover=all"
"-fsanitize=float-divide-by-zero"
"-fsanitize=float-cast-overflow"
"-fno-sanitize=null"
"-fno-sanitize=alignment"
)
set( CMAKE_CONFIGURATION_TYPES "Debug" "Release" )
set( DEFAULT_BUILD_TYPE "Debug" )
if ( NOT CMAKE_BUILD_TYPE )
set( CMAKE_BUILD_TYPE ${DEFAULT_BUILD_TYPE} )
message( "Setting build type to default: " ${CMAKE_BUILD_TYPE} )
endif( )
set( CMAKE_C_FLAGS_RELEASE "-O2 -g" )
set( CMAKE_C_FLAGS_DEBUG "${DEBUG_FLAGS} ${COVERAGE_FLAGS}" )
option( USE_ASAN "Build with address sanitizers" OFF )
if( USE_ASAN )
target_compile_options( secvarctl PRIVATE ${SANITIZE_FLAGS} )
target_link_options( secvarctl PRIVATE ${SANITIZE_FLAGS} )
endif( )
install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/secvarctl.1 DESTINATION ${CMAKE_INSTALL_PREFIX}/share/man/man1 )
install( TARGETS secvarctl DESTINATION bin )