[efi-boot-shim.git] / Make.defaults

COMPILER	?= gcc
CC		= $(CROSS_COMPILE)$(COMPILER)
LD		= $(CROSS_COMPILE)ld
OBJCOPY		= $(CROSS_COMPILE)objcopy
DOS2UNIX	?= dos2unix
D2UFLAGS	?= -r -l -F -f -n
OPENSSL		?= openssl
HEXDUMP		?= hexdump
INSTALL		?= install
PK12UTIL	?= pk12util
CERTUTIL	?= certutil
PESIGN		?= pesign
SBSIGN		?= sbsign
prefix		?= /usr
prefix		:= $(abspath $(prefix))
datadir		?= $(prefix)/share/
PKGNAME		?= shim
ESPROOTDIR	?= boot/efi/
EFIBOOTDIR	?= $(ESPROOTDIR)EFI/BOOT/
TARGETDIR	?= $(ESPROOTDIR)EFI/$(EFIDIR)/
DATATARGETDIR	?= $(datadir)/$(PKGNAME)/$(VERSION)$(DASHRELEASE)/$(ARCH_SUFFIX)/
DEBUGINFO	?= $(prefix)/lib/debug/
DEBUGSOURCE	?= $(prefix)/src/debug/
OSLABEL		?= $(EFIDIR)
DEFAULT_LOADER	?= \\\\grub$(ARCH_SUFFIX).efi
DASHJ		?= -j$(shell echo $$(($$(grep -c "^model name" /proc/cpuinfo) + 1)))

ARCH		?= $(shell $(CC) -dumpmachine | cut -f1 -d- | sed s,i[3456789]86,ia32,)
OBJCOPY_GTE224	= $(shell expr `$(OBJCOPY) --version |grep ^"GNU objcopy" | sed 's/^.*\((.*)\|version\) //g' | cut -f1-2 -d.` \>= 2.24)
OPTIMIZATIONS	?= -Os

SUBDIRS		= $(TOPDIR)/Cryptlib $(TOPDIR)/lib

EFI_INCLUDE	?= /usr/include/efi
EFI_INCLUDES	= -nostdinc -I$(TOPDIR)/Cryptlib -I$(TOPDIR)/Cryptlib/Include \
		  -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol \
		  -I$(TOPDIR)/include -iquote $(TOPDIR) -iquote $(shell pwd)

EFI_CRT_OBJS 	= $(EFI_PATH)/crt0-efi-$(ARCH).o
EFI_LDS		= $(TOPDIR)/elf_$(ARCH)_efi.lds

CLANG_BUGS	= $(if $(findstring gcc,$(CC)),-maccumulate-outgoing-args,)

COMMIT_ID ?= $(shell if [ -e .git ] ; then git log -1 --pretty=format:%H ; elif [ -f commit ]; then cat commit ; else echo master; fi)

ifeq ($(ARCH),x86_64)
	ARCH_CFLAGS		?= -mno-mmx -mno-sse -mno-red-zone -nostdinc \
				   $(CLANG_BUGS) -m64 \
				   -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI \
				   -DNO_BUILTIN_VA_FUNCS -DMDE_CPU_X64 \
				   -DPAGE_SIZE=4096
	LIBDIR			?= $(prefix)/lib64
	ARCH_SUFFIX		?= x64
	ARCH_SUFFIX_UPPER	?= X64
	ARCH_LDFLAGS		?=
	TIMESTAMP_LOCATION	:= 136
endif
ifeq ($(ARCH),ia32)
	ARCH_CFLAGS		?= -mno-mmx -mno-sse -mno-red-zone -nostdinc \
				   $(CLANG_BUGS) -m32 \
				   -DMDE_CPU_IA32 -DPAGE_SIZE=4096
	LIBDIR			?= $(prefix)/lib
	ARCH_SUFFIX		?= ia32
	ARCH_SUFFIX_UPPER	?= IA32
	ARCH_LDFLAGS		?=
	ARCH_CFLAGS		?= -m32
	TIMESTAMP_LOCATION	:= 136
endif
ifeq ($(ARCH),aarch64)
	ARCH_CFLAGS		?= -DMDE_CPU_AARCH64 -DPAGE_SIZE=4096 -mstrict-align
	LIBDIR			?= $(prefix)/lib64
	ARCH_SUFFIX		?= aa64
	ARCH_SUFFIX_UPPER	?= AA64
	FORMAT			:= -O binary
	SUBSYSTEM		:= 0xa
	ARCH_LDFLAGS		+= --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM)
	ARCH_CFLAGS		?=
	TIMESTAMP_LOCATION	:= 72
endif
ifeq ($(ARCH),arm)
	ARCH_CFLAGS		?= -DMDE_CPU_ARM -DPAGE_SIZE=4096 -mno-unaligned-access
	LIBDIR			?= $(prefix)/lib
	ARCH_SUFFIX		?= arm
	ARCH_SUFFIX_UPPER	?= ARM
	FORMAT			:= -O binary
	SUBSYSTEM		:= 0xa
	ARCH_LDFLAGS		+= --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM)
	TIMESTAMP_LOCATION	:= 72
endif

CFLAGS		= -ggdb $(OPTIMIZATIONS) -fno-stack-protector -fno-strict-aliasing -fpic \
		  -fshort-wchar -Wall -Wsign-compare -Werror -fno-builtin \
		  -Werror=sign-compare -ffreestanding -std=gnu89 \
		  -I$(shell $(CC) $(ARCH_CFLAGS) -print-file-name=include) \
		  "-DDEFAULT_LOADER=L\"$(DEFAULT_LOADER)\"" \
		  "-DDEFAULT_LOADER_CHAR=\"$(DEFAULT_LOADER)\"" \
		  $(EFI_INCLUDES) $(ARCH_CFLAGS)

ifneq ($(origin OVERRIDE_SECURITY_POLICY), undefined)
	CFLAGS	+= -DOVERRIDE_SECURITY_POLICY
endif

ifneq ($(origin REQUIRE_TPM), undefined)
	CFLAGS  += -DREQUIRE_TPM
endif

ifneq ($(origin DISABLE_EBS_PROTECTION), undefined)
	CFLAGS  += -DDISABLE_EBS_PROTECTION
endif

LIB_GCC		= $(shell $(CC) $(ARCH_CFLAGS) -print-libgcc-file-name)
EFI_LIBS	= -lefi -lgnuefi --start-group Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a --end-group $(LIB_GCC)
FORMAT		?= --target efi-app-$(ARCH)
EFI_PATH	?= $(shell [ -d $(LIBDIR)/gnuefi ] && echo "$(LIBDIR)/gnuefi" || echo "$(LIBDIR)")

MMSTEM		?= mm$(ARCH_SUFFIX)
MMNAME		= $(MMSTEM).efi
MMSONAME	= $(MMSTEM).so
FBSTEM		?= fb$(ARCH_SUFFIX)
FBNAME		= $(FBSTEM).efi
FBSONAME	= $(FBSTEM).so
SHIMSTEM	?= shim$(ARCH_SUFFIX)
SHIMNAME	= $(SHIMSTEM).efi
SHIMSONAME	= $(SHIMSTEM).so
SHIMHASHNAME	= $(SHIMSTEM).hash
BOOTEFINAME	?= BOOT$(ARCH_SUFFIX_UPPER).EFI
BOOTCSVNAME	?= BOOT$(ARCH_SUFFIX_UPPER).CSV

CFLAGS += "-DEFI_ARCH=L\"$(ARCH_SUFFIX)\"" "-DDEBUGDIR=L\"/usr/lib/debug/usr/share/shim/$(ARCH_SUFFIX)-$(VERSION)$(DASHRELEASE)/\""

ifneq ($(origin VENDOR_DB_FILE), undefined)
	CFLAGS += -DVENDOR_DB_FILE=\"$(VENDOR_DB_FILE)\"
endif
ifneq ($(origin VENDOR_CERT_FILE), undefined)
	CFLAGS += -DVENDOR_CERT_FILE=\"$(VENDOR_CERT_FILE)\"
endif
ifneq ($(origin VENDOR_DBX_FILE), undefined)
	CFLAGS += -DVENDOR_DBX_FILE=\"$(VENDOR_DBX_FILE)\"
endif

LDFLAGS		= --hash-style=sysv -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(EFI_PATH) -L$(LIBDIR) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS) --build-id=sha1 $(ARCH_LDFLAGS) --no-undefined
Commit	Line	Data
d184bf10 PJ	1	COMPILER ?= gcc
d184bf10 PJ	2	CC = $(CROSS_COMPILE)$(COMPILER)
b681123a PJ	3	LD = $(CROSS_COMPILE)ld
b681123a PJ	4	OBJCOPY = $(CROSS_COMPILE)objcopy
dd707859 PJ	5	DOS2UNIX ?= dos2unix
dd707859 PJ	6	D2UFLAGS ?= -r -l -F -f -n
b681123a PJ	7	OPENSSL ?= openssl
	8	HEXDUMP ?= hexdump
	9	INSTALL ?= install
	10	PK12UTIL ?= pk12util
	11	CERTUTIL ?= certutil
	12	PESIGN ?= pesign
	13	SBSIGN ?= sbsign
	14	prefix ?= /usr
	15	prefix := $(abspath $(prefix))
	16	datadir ?= $(prefix)/share/
	17	PKGNAME ?= shim
	18	ESPROOTDIR ?= boot/efi/
	19	EFIBOOTDIR ?= $(ESPROOTDIR)EFI/BOOT/
	20	TARGETDIR ?= $(ESPROOTDIR)EFI/$(EFIDIR)/
	21	DATATARGETDIR ?= $(datadir)/$(PKGNAME)/$(VERSION)$(DASHRELEASE)/$(ARCH_SUFFIX)/
	22	DEBUGINFO ?= $(prefix)/lib/debug/
	23	DEBUGSOURCE ?= $(prefix)/src/debug/
	24	OSLABEL ?= $(EFIDIR)
	25	DEFAULT_LOADER ?= \\\\grub$(ARCH_SUFFIX).efi
d184bf10	26	DASHJ ?= -j$(shell echo $$(($$(grep -c "^model name" /proc/cpuinfo) + 1)))
b681123a PJ	27
	28	ARCH ?= $(shell $(CC) -dumpmachine \| cut -f1 -d- \| sed s,i[3456789]86,ia32,)
	29	OBJCOPY_GTE224 = $(shell expr `$(OBJCOPY) --version \|grep ^"GNU objcopy" \| sed 's/^.\((.)\\|version\) //g' \| cut -f1-2 -d.` \>= 2.24)
4edb31fc	30	OPTIMIZATIONS ?= -Os
b681123a PJ	31
	32	SUBDIRS = $(TOPDIR)/Cryptlib $(TOPDIR)/lib
	33
f2924073	34	EFI_INCLUDE ?= /usr/include/efi
b681123a PJ	35	EFI_INCLUDES = -nostdinc -I$(TOPDIR)/Cryptlib -I$(TOPDIR)/Cryptlib/Include \
	36	-I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol \
	37	-I$(TOPDIR)/include -iquote $(TOPDIR) -iquote $(shell pwd)
	38
b681123a PJ	39	EFI_CRT_OBJS = $(EFI_PATH)/crt0-efi-$(ARCH).o
	40	EFI_LDS = $(TOPDIR)/elf_$(ARCH)_efi.lds
	41
138deeff PJ	42	CLANG_BUGS = $(if $(findstring gcc,$(CC)),-maccumulate-outgoing-args,)
138deeff PJ	43
b681123a PJ	44	COMMIT_ID ?= $(shell if [ -e .git ] ; then git log -1 --pretty=format:%H ; elif [ -f commit ]; then cat commit ; else echo master; fi)
b681123a PJ	45
b681123a	46	ifeq ($(ARCH),x86_64)
32f71225 PJ	47	ARCH_CFLAGS ?= -mno-mmx -mno-sse -mno-red-zone -nostdinc \
	48	$(CLANG_BUGS) -m64 \
	49	-DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI \
	50	-DNO_BUILTIN_VA_FUNCS -DMDE_CPU_X64 \
	51	-DPAGE_SIZE=4096
b681123a PJ	52	LIBDIR ?= $(prefix)/lib64
	53	ARCH_SUFFIX ?= x64
	54	ARCH_SUFFIX_UPPER ?= X64
	55	ARCH_LDFLAGS ?=
10d6e3d9	56	TIMESTAMP_LOCATION := 136
b681123a PJ	57	endif
b681123a PJ	58	ifeq ($(ARCH),ia32)
32f71225 PJ	59	ARCH_CFLAGS ?= -mno-mmx -mno-sse -mno-red-zone -nostdinc \
	60	$(CLANG_BUGS) -m32 \
	61	-DMDE_CPU_IA32 -DPAGE_SIZE=4096
b681123a PJ	62	LIBDIR ?= $(prefix)/lib
	63	ARCH_SUFFIX ?= ia32
	64	ARCH_SUFFIX_UPPER ?= IA32
	65	ARCH_LDFLAGS ?=
32f71225	66	ARCH_CFLAGS ?= -m32
10d6e3d9	67	TIMESTAMP_LOCATION := 136
b681123a PJ	68	endif
b681123a PJ	69	ifeq ($(ARCH),aarch64)
32f71225	70	ARCH_CFLAGS ?= -DMDE_CPU_AARCH64 -DPAGE_SIZE=4096 -mstrict-align
b681123a PJ	71	LIBDIR ?= $(prefix)/lib64
	72	ARCH_SUFFIX ?= aa64
	73	ARCH_SUFFIX_UPPER ?= AA64
	74	FORMAT := -O binary
	75	SUBSYSTEM := 0xa
	76	ARCH_LDFLAGS += --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM)
32f71225	77	ARCH_CFLAGS ?=
10d6e3d9	78	TIMESTAMP_LOCATION := 72
b681123a PJ	79	endif
b681123a PJ	80	ifeq ($(ARCH),arm)
7f080b30	81	ARCH_CFLAGS ?= -DMDE_CPU_ARM -DPAGE_SIZE=4096 -mno-unaligned-access
b681123a PJ	82	LIBDIR ?= $(prefix)/lib
	83	ARCH_SUFFIX ?= arm
	84	ARCH_SUFFIX_UPPER ?= ARM
	85	FORMAT := -O binary
	86	SUBSYSTEM := 0xa
	87	ARCH_LDFLAGS += --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM)
10d6e3d9	88	TIMESTAMP_LOCATION := 72
b681123a PJ	89	endif
b681123a PJ	90
4edb31fc	91	CFLAGS = -ggdb $(OPTIMIZATIONS) -fno-stack-protector -fno-strict-aliasing -fpic \
32f71225 PJ	92	-fshort-wchar -Wall -Wsign-compare -Werror -fno-builtin \
	93	-Werror=sign-compare -ffreestanding -std=gnu89 \
	94	-I$(shell $(CC) $(ARCH_CFLAGS) -print-file-name=include) \
	95	"-DDEFAULT_LOADER=L\"$(DEFAULT_LOADER)\"" \
	96	"-DDEFAULT_LOADER_CHAR=\"$(DEFAULT_LOADER)\"" \
	97	$(EFI_INCLUDES) $(ARCH_CFLAGS)
	98
	99	ifneq ($(origin OVERRIDE_SECURITY_POLICY), undefined)
	100	CFLAGS += -DOVERRIDE_SECURITY_POLICY
	101	endif
	102
32f71225 PJ	103	ifneq ($(origin REQUIRE_TPM), undefined)
	104	CFLAGS += -DREQUIRE_TPM
	105	endif
	106
4b0a61dc PM	107	ifneq ($(origin DISABLE_EBS_PROTECTION), undefined)
	108	CFLAGS += -DDISABLE_EBS_PROTECTION
	109	endif
	110
32f71225 PJ	111	LIB_GCC = $(shell $(CC) $(ARCH_CFLAGS) -print-libgcc-file-name)
32f71225 PJ	112	EFI_LIBS = -lefi -lgnuefi --start-group Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a --end-group $(LIB_GCC)
b681123a	113	FORMAT ?= --target efi-app-$(ARCH)
e5f7b252	114	EFI_PATH ?= $(shell [ -d $(LIBDIR)/gnuefi ] && echo "$(LIBDIR)/gnuefi" \|\| echo "$(LIBDIR)")
b681123a PJ	115
	116	MMSTEM ?= mm$(ARCH_SUFFIX)
	117	MMNAME = $(MMSTEM).efi
	118	MMSONAME = $(MMSTEM).so
	119	FBSTEM ?= fb$(ARCH_SUFFIX)
	120	FBNAME = $(FBSTEM).efi
	121	FBSONAME = $(FBSTEM).so
	122	SHIMSTEM ?= shim$(ARCH_SUFFIX)
	123	SHIMNAME = $(SHIMSTEM).efi
	124	SHIMSONAME = $(SHIMSTEM).so
	125	SHIMHASHNAME = $(SHIMSTEM).hash
	126	BOOTEFINAME ?= BOOT$(ARCH_SUFFIX_UPPER).EFI
	127	BOOTCSVNAME ?= BOOT$(ARCH_SUFFIX_UPPER).CSV
	128
	129	CFLAGS += "-DEFI_ARCH=L\"$(ARCH_SUFFIX)\"" "-DDEBUGDIR=L\"/usr/lib/debug/usr/share/shim/$(ARCH_SUFFIX)-$(VERSION)$(DASHRELEASE)/\""
	130
dd3a5d71 PJ	131	ifneq ($(origin VENDOR_DB_FILE), undefined)
	132	CFLAGS += -DVENDOR_DB_FILE=\"$(VENDOR_DB_FILE)\"
	133	endif
b681123a PJ	134	ifneq ($(origin VENDOR_CERT_FILE), undefined)
	135	CFLAGS += -DVENDOR_CERT_FILE=\"$(VENDOR_CERT_FILE)\"
	136	endif
	137	ifneq ($(origin VENDOR_DBX_FILE), undefined)
	138	CFLAGS += -DVENDOR_DBX_FILE=\"$(VENDOR_DBX_FILE)\"
	139	endif
	140
	141	LDFLAGS = --hash-style=sysv -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(EFI_PATH) -L$(LIBDIR) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS) --build-id=sha1 $(ARCH_LDFLAGS) --no-undefined