diff options
author | Reiner Herrmann <reiner@reiner-h.de> | 2021-10-13 21:27:59 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-10-13 23:27:59 +0200 |
commit | 2164412bb54087b1c540893acf5384ef9bf03f1d (patch) | |
tree | e56e687b9e9f782e9f2e1bb69bb77494c9e79d9a | |
parent | cleanup: move overlayfs code in separate module (diff) | |
download | firejail-2164412bb54087b1c540893acf5384ef9bf03f1d.tar.gz firejail-2164412bb54087b1c540893acf5384ef9bf03f1d.tar.zst firejail-2164412bb54087b1c540893acf5384ef9bf03f1d.zip |
build: allow building with sanitizer (#4594)
-rwxr-xr-x | configure | 54 | ||||
-rw-r--r-- | configure.ac | 9 |
2 files changed, 63 insertions, 0 deletions
@@ -711,6 +711,7 @@ ac_subst_files='' | |||
711 | ac_user_opts=' | 711 | ac_user_opts=' |
712 | enable_option_checking | 712 | enable_option_checking |
713 | enable_analyzer | 713 | enable_analyzer |
714 | enable_sanitizer | ||
714 | enable_apparmor | 715 | enable_apparmor |
715 | enable_selinux | 716 | enable_selinux |
716 | enable_dbusproxy | 717 | enable_dbusproxy |
@@ -1368,6 +1369,8 @@ Optional Features: | |||
1368 | --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) | 1369 | --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) |
1369 | --enable-FEATURE[=ARG] include FEATURE [ARG=yes] | 1370 | --enable-FEATURE[=ARG] include FEATURE [ARG=yes] |
1370 | --enable-analyzer enable GCC static analyzer | 1371 | --enable-analyzer enable GCC static analyzer |
1372 | --enable-sanitizer=[address | memory | undefined] | ||
1373 | enable a compiler-based sanitizer (debug) | ||
1371 | --enable-apparmor enable apparmor | 1374 | --enable-apparmor enable apparmor |
1372 | --enable-selinux SELinux labeling support | 1375 | --enable-selinux SELinux labeling support |
1373 | --disable-dbusproxy disable dbus proxy | 1376 | --disable-dbusproxy disable dbus proxy |
@@ -3294,6 +3297,57 @@ if test "x$enable_analyzer" = "xyes"; then : | |||
3294 | 3297 | ||
3295 | fi | 3298 | fi |
3296 | 3299 | ||
3300 | # Check whether --enable-sanitizer was given. | ||
3301 | if test "${enable_sanitizer+set}" = set; then : | ||
3302 | enableval=$enable_sanitizer; | ||
3303 | else | ||
3304 | enable_sanitizer=no | ||
3305 | fi | ||
3306 | |||
3307 | if test "x$enable_sanitizer" != "xno" ; then : | ||
3308 | as_CACHEVAR=`$as_echo "ax_cv_check_cflags__-fsanitize=$enable_sanitizer" | $as_tr_sh` | ||
3309 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fsanitize=$enable_sanitizer" >&5 | ||
3310 | $as_echo_n "checking whether C compiler accepts -fsanitize=$enable_sanitizer... " >&6; } | ||
3311 | if eval \${$as_CACHEVAR+:} false; then : | ||
3312 | $as_echo_n "(cached) " >&6 | ||
3313 | else | ||
3314 | |||
3315 | ax_check_save_flags=$CFLAGS | ||
3316 | CFLAGS="$CFLAGS -fsanitize=$enable_sanitizer" | ||
3317 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
3318 | /* end confdefs.h. */ | ||
3319 | |||
3320 | int | ||
3321 | main () | ||
3322 | { | ||
3323 | |||
3324 | ; | ||
3325 | return 0; | ||
3326 | } | ||
3327 | _ACEOF | ||
3328 | if ac_fn_c_try_compile "$LINENO"; then : | ||
3329 | eval "$as_CACHEVAR=yes" | ||
3330 | else | ||
3331 | eval "$as_CACHEVAR=no" | ||
3332 | fi | ||
3333 | rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext | ||
3334 | CFLAGS=$ax_check_save_flags | ||
3335 | fi | ||
3336 | eval ac_res=\$$as_CACHEVAR | ||
3337 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 | ||
3338 | $as_echo "$ac_res" >&6; } | ||
3339 | if eval test \"x\$"$as_CACHEVAR"\" = x"yes"; then : | ||
3340 | |||
3341 | EXTRA_CFLAGS="$EXTRA_CFLAGS -fsanitize=$enable_sanitizer -fno-omit-frame-pointer" | ||
3342 | EXTRA_LDFLAGS="$EXTRA_LDFLAGS -fsanitize=$enable_sanitizer" | ||
3343 | |||
3344 | else | ||
3345 | as_fn_error $? "sanitizer not supported: $enable_sanitizer" "$LINENO" 5 | ||
3346 | |||
3347 | fi | ||
3348 | |||
3349 | fi | ||
3350 | |||
3297 | HAVE_APPARMOR="" | 3351 | HAVE_APPARMOR="" |
3298 | # Check whether --enable-apparmor was given. | 3352 | # Check whether --enable-apparmor was given. |
3299 | if test "${enable_apparmor+set}" = set; then : | 3353 | if test "${enable_apparmor+set}" = set; then : |
diff --git a/configure.ac b/configure.ac index 5fde6d402..fc5823143 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -45,6 +45,15 @@ AS_IF([test "x$enable_analyzer" = "xyes"], [ | |||
45 | EXTRA_CFLAGS="$EXTRA_CFLAGS -fanalyzer -Wno-analyzer-malloc-leak" | 45 | EXTRA_CFLAGS="$EXTRA_CFLAGS -fanalyzer -Wno-analyzer-malloc-leak" |
46 | ]) | 46 | ]) |
47 | 47 | ||
48 | AC_ARG_ENABLE([sanitizer], | ||
49 | AS_HELP_STRING([--enable-sanitizer=@<:@address | memory | undefined@:>@], [enable a compiler-based sanitizer (debug)]), [], [enable_sanitizer=no]) | ||
50 | AS_IF([test "x$enable_sanitizer" != "xno" ], | ||
51 | [AX_CHECK_COMPILE_FLAG([-fsanitize=$enable_sanitizer], [ | ||
52 | EXTRA_CFLAGS="$EXTRA_CFLAGS -fsanitize=$enable_sanitizer -fno-omit-frame-pointer" | ||
53 | EXTRA_LDFLAGS="$EXTRA_LDFLAGS -fsanitize=$enable_sanitizer" | ||
54 | ], [AC_MSG_ERROR([sanitizer not supported: $enable_sanitizer])] | ||
55 | )]) | ||
56 | |||
48 | HAVE_APPARMOR="" | 57 | HAVE_APPARMOR="" |
49 | AC_ARG_ENABLE([apparmor], | 58 | AC_ARG_ENABLE([apparmor], |
50 | AS_HELP_STRING([--enable-apparmor], [enable apparmor])) | 59 | AS_HELP_STRING([--enable-apparmor], [enable apparmor])) |