← Back to branch summary

~ubuntu-branches/ubuntu/quantal/hardening-wrapper/quantal

« back to all changes in this revision

Viewing changes to debian/rules

  • Committer: Bazaar Package Importer
  • Author(s): Kees Cook
  • Date: 2009-12-19 18:00:22 UTC
  • mto: This revision was merged to the branch mainline in revision 13.
  • Revision ID: james.westby@ubuntu.com-20091219180022-6pgp1t7aozcolnyc
Tags: 1.18
* debian/{control,rules}: add "hardening-includes" for use in other
  Debian rules files.
* debian/rules, hardening.make: relocate/enhance architecture logic
  to common makefile include file.
* tests/*: update to test both wrapper and include style.

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/rules
7
7
DEB_HOST_ARCH_OS := $(shell dpkg-architecture -qDEB_HOST_ARCH_OS 2>/dev/null)
8
8
DEB_HOST_ARCH_CPU := $(shell dpkg-architecture -qDEB_HOST_ARCH_CPU 2>/dev/null)
9
9
 
10
 
# Calculate arch-specific defaults
11
 
DEFAULT_PIE=0
12
 
ifneq (,$(findstring :$(DEB_HOST_ARCH_OS):,:linux:knetbsd:))
13
 
  # PIE enabled only on linux/knetbsd
14
 
  ifeq (,$(findstring :$(DEB_HOST_ARCH_CPU):,:hppa:m68k:arm:mips:mipsel:))
15
 
    # disabled on hppa, m68k (where it doesn't work).
16
 
    # disabled on mips/mipsel due to bug 532821 in toolchain
17
 
    # disabled for arm since there is no randomization support in ARM kernels
18
 
    DEFAULT_PIE=1
19
 
  endif
20
 
endif
21
 
DEFAULT_STACKPROT=1
22
 
ifneq (,$(findstring :$(DEB_HOST_ARCH_CPU):,:ia64:alpha:mips:mipsel:hppa:arm:))
23
 
  # Stack protector disabled on ia64, alpha, mips, mipsel, hppa.
24
 
  #   "warning: -fstack-protector not supported for this target"
25
 
  # Stack protector disabled on arm.
26
 
  #   compiler supports it incorrectly (leads to SEGV)
27
 
  DEFAULT_STACKPROT=0
28
 
endif
 
10
include hardening.make
 
11
DEFAULT_PIE:=$(DEB_BUILD_HARDENING_PIE)
 
12
DEFAULT_STACKPROT:=$(DEB_BUILD_HARDENING_STACKPROTECTOR)
29
13
 
30
14
build: build-stamp test
31
15
build-stamp:
72
56
        dh_testroot
73
57
        dh_clean -k
74
58
        dh_installdirs usr/bin
75
 
        dh_installdirs -A usr/share/lintian/overrides
 
59
        dh_installdirs -phardening-wrapper -A usr/share/lintian/overrides
76
60
        install -m644 debian/lintian.overrides debian/hardening-wrapper/usr/share/lintian/overrides/hardening-wrapper
77
61
        install build-tree/hardened-cc build-tree/hardened-c++ build-tree/hardened-ld debian/hardening-wrapper/usr/bin
78
 
        # Build links
79
 
        for ver in 4.1 4.2 4.3 4.4; do dh_link \
 
62
        # programatically Build links
 
63
        for ver in 4.1 4.2 4.3 4.4; do dh_link -phardening-wrapper \
80
64
                usr/bin/hardened-cc usr/bin/gcc-$$ver \
81
65
                usr/bin/hardened-c++ usr/bin/g++-$$ver \
82
66
                ;\
83
67
        done
84
 
        dh_link usr/bin/hardened-ld usr/bin/ld
 
68
        dh_link -phardening-wrapper usr/bin/hardened-ld usr/bin/ld
 
69
        install -m644 -D hardening.make debian/hardening-includes/usr/share/hardening-includes/hardening.make
85
70
 
86
71
 
87
72
# Build architecture-dependent files here.
109
94
        dh_builddeb
110
95
 
111
96
# Build architecture-independent files here.
112
 
binary-indep: binary-arch
113
 
        # Nothing to do here
 
97
binary-indep:
 
98
        # Nothing
114
99
 
115
100
source diff:
116
101
        @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false