| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
* Move msg to the end of errExit (right before perror(3p))
* Include the full file path (within the repository)
* Add "()" to function name for clarity
Before:
Error malloc: main.c:123 main: Cannot allocate memory
After:
Error src/firejail/main.c:123 main(): malloc: Cannot allocate memory
Note: This clarifies which is the exact file that the error message
comes from, as there are many source files with the same name. For
example:
$ git ls-files 'src/*/main.c' | wc -l
20
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To make them less confusing, as they are extra dependencies, not files
that are specific to the module.
Commands used to search and replace:
$ git grep -IFlz -e 'MOD_HDRS' -e 'MOD_OBJS' -- src |
xargs -0 -I '{}' sh -c "printf '%s\n' \"\$(sed \
-e 's/MOD_HDRS/EXTRA_HDRS/g' \
-e 's/MOD_OBJS/EXTRA_OBJS/g' '{}')\" >'{}'"
Added on commit f5b1ccaad ("makefiles: move extra deps into new MOD
vars", 2022-05-07) / PR #5478.
|
| |
|
|
|
|
|
| |
To reduce the amount of boilerplate in the makefiles.
This amends commit 9789c263a ("build: disable all built-in implicit make
rules", 2023-06-21) / PR #5864.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use `make -r` to reduce unnecessary filesystem lookups.
Overall, this appears to reduce the amount of implicit rule searches by
~93.3% (~97.5% compared to a8f01a383) for the default build and by
~83.3% (~99.3% compared to a8f01a383) for the "man" target (as an
example):
$ git show --pretty='%h %ai %s' -s
a8f01a383 2023-06-20 05:26:23 +0000 Merge pull request #5859 from kmk3/build-remove-retpoline
$ ./configure >/dev/null
$ make clean >/dev/null && make --debug=i -j 4 | grep -F 'Trying implicit' | wc -l
6798
$ make clean >/dev/null && make --debug=i -j 4 man | grep -F 'Trying implicit' | wc -l
1085
# (in the previous commit)
$ make clean >/dev/null && make --debug=i -j 4 | grep -F 'Trying implicit' | wc -l
2535
$ make clean >/dev/null && make --debug=i -j 4 man | grep -F 'Trying implicit' | wc -l
42
# (with this commit applied)
$ make clean >/dev/null && make --debug=i -j 4 | grep -F 'Trying implicit' | wc -l
170
$ make clean >/dev/null && make --debug=i -j 4 man | grep -F 'Trying implicit' | wc -l
7
Environment: GNU make 4.4.1-2 on Artix Linux.
Note: According to make(1p) in POSIX.1-2017, "If .SUFFIXES does not have
any prerequisites, the list of known suffixes shall be cleared.", while
"The result of setting MAKEFLAGS in the Makefile is unspecified."
Commands used to search and replace:
$ git ls-files -z -- '*Makefile*' | xargs -0 -I '{}' sh -c \
"printf '%s\n' \"\$(sed -E \
's/^(.SUFFIXES:)/\1\nMAKEFLAGS += -r\n/' '{}')\" >'{}'"
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clear `.SUFFIXES:` to reduce unnecessary filesystem lookups.
Overall, this appears to reduce the amount of implicit rule searches by
~62% for the default build and by ~96% for the "man" target (as an
example):
$ git checkout master >/dev/null 2>&1
$ git show --pretty='%h %ai %s' -s
a8f01a383 2023-06-20 05:26:23 +0000 Merge pull request #5859 from kmk3/build-remove-retpoline
$ ./configure >/dev/null
$ make clean >/dev/null && make --debug=i -j 4 | grep -F 'Trying implicit' | wc -l
6798
$ make clean >/dev/null && make --debug=i -j 4 man | grep -F 'Trying implicit' | wc -l
1085
# (with this commit applied)
$ make clean >/dev/null && make --debug=i -j 4 | grep -F 'Trying implicit' | wc -l
2535
$ make clean >/dev/null && make --debug=i -j 4 man | grep -F 'Trying implicit' | wc -l
42
Environment: GNU make 4.4.1-2 on Artix Linux.
Commands used to search and replace:
$ git ls-files -z -- '*Makefile*' | xargs -0 -I '{}' sh -c \
"printf '%s\n' \"\$(sed '1s/^/.SUFFIXES:\n/' '{}')\" >'{}'"
See also commit f48886f25 ("build: mark most phony targets as such",
2023-02-01) / PR #5637.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For consistency and readability.
Note: This also makes exactly one extra blank line be printed at the end
of every usage text, which is currently only done in the following
files:
* src/fcopy/main.c
* src/fnettrace-dns/main.c
* src/fnettrace-icmp/main.c
* src/fnettrace-sni/main.c
* src/fnettrace/main.c
* src/profstats/main.c
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commands used to search and replace:
$ git grep -Ilz '.' | xargs -0 -I '{}' sh -c \
"printf '%s\n' \"\$(cat '{}')\" >'{}'"
The above commands ensure that there is exaclty 1 line terminator at EOF
(rather than 0 or more than 1) on all non-empty text files.
This fixes all of the "new blank line at EOF" errors raised by git:
$ git diff --check 4b825dc642cb6eb9a060e54bf8d69288fbee4904..HEAD |
grep '^[^+]' | cut -f 3 -d : | LC_ALL=C sort | uniq -c
21 new blank line at EOF.
72 space before tab in indent.
4 trailing whitespace.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
For clarity, as it is included by the Makefiles that create programs and
non-shared-objects, but not by the ones that create shared objects (see
src/so.mk).
Commands used to move and search and replace:
$ git mv src/common.mk src/prog.mk
$ git grep -IFlz 'common.mk' -- src | xargs -0 -I '{}' sh -c \
"printf '%s\n' \"\$(sed 's/common.mk/prog.mk/' '{}')\" >'{}'"
|
| |
|
|
|
|
|
|
|
|
| |
The makefiles that both build C programs and include src/common.mk are
nearly identical, save for the main target name and for any extra
headers and objects that they might use.
So move all of their (duplicated) code into src/common.mk, which (other
than the "lib" target on src/lib/Makefile) leaves only variables and the
includes of config.mk and src/common.mk in place.
|
| |
|
|
|
|
|
|
|
|
| |
Put the main target name into a new PROG variable, put PROG into a new
TARGET variable, make "all" depend on `$(TARGET)` and replace every
other occurrence of the main target name with `$(PROG)`.
On the makefiles that build non-shared objects, to make them more
similar. With this commit, all of their targets are identical (except
for the extra "lib" target on src/lib/Makefile).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To make the makefiles more similar.
That is, add the following new variables:
* MOD_HDRS
* MOD_SRCS
* MOD_OBJS
And move existing module-specific header and object dependencies into
`MOD_HDRS` and `MOD_OBJS`, respectively. `MOD_SRCS` is added mostly for
symmetry/consistency.
Note: Use `MOD_` as a prefix instead of `EXTRA_` to avoid confusion, as
the latter is currently used for global variables (such as
`EXTRA_CFLAGS`), as opposed to module-specific variables.
Note2: Add them directly into the HDRS/SRCS/OBJS variables to avoid
cluttering the existing recipes with an extra variables unnecessarily.
This also allows, for example, referencing all of the object
dependencies with `$<` if `$(OBJS)` is the first dependency (at least in
GNU make).
Note3: Since HDRS/SRCS/OBJS use simple assignment (through `:=`), the
MOD variables should appear before including src/common.mk (or
src/so.mk).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To HDRS and SRCS, respectively.
To be more consistent with the OBJS variable.
Misc: These names also appear to be more common from the makefiles that
I've seen.
Commands used to search and replace:
git grep -IFlz -e H_FILE_LIST -e C_FILE_LIST -- src |
xargs -0 -I '{}' sh -c "printf '%s\n' \"\$(sed \
-e 's/^H_FILE_LIST *=/HDRS =/' \
-e 's/\$(H_FILE_LIST)/\$(HDRS)/g' \
-e 's/^C_FILE_LIST *=/SRCS =/' \
-e 's/\$(C_FILE_LIST:/\$(SRCS:/g' \
'{}')\" >'{}'"
|
| |
|
|
|
|
|
| |
Instead of including it through src/common.mk.
This allows each makefile to directly override any value defined in
config.mk.
|
| |
|
|
| |
Added on commit a627071b3 ("intrusion detection system", 2021-07-28).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the previous commit ("makefiles: stop failing when config.mk does
not exist", 2022-06-23), make will not immediately fail when trying to
build a target without having the proper compile-time flags (which are
defined on common.mk).
For example, when running the command below:
make distclean && make
It will throw an error only after (mis-)compiling multiple objects.
So add a dependency on config.mk on every target that uses output
variables (such as @NAME@ / $(NAME)) on its recipe. And add a
dependency on config.sh on targets that call shell scripts that use
output variables (such as @NAME@ / $NAME). Also, add a recipe for
config.mk / config.sh telling to run ./configure, to make it a bit more
obvious just in case.
With this commit, make will abort earlier, by detecting that the
config.mk / config.sh dependency does not exist. This happens before
trying to execute the recipe.
This also makes the dependencies more accurate, since if config.mk
(which defines some CFLAGS) is changed, the CFLAGS may also have
changed, so a target that uses CFLAGS should probably be considered out
of date in this case anyway.
Relates to #5140.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Configure summary: autoconf essentially only parses configure.ac and
generates the configure script (that is, the "./configure" shell
script). The latter is what actually checks what is available on the
system and internally sets the value of the output variables. It then,
for every filename foo in AC_CONFIG_FILES (and for every output variable
name BAR in AC_SUBST), reads foo.in, replaces every occurrence of
`@BAR@` with the value of the shell variable `$BAR` and generates the
file foo from the result. After this, configure is finished and `make`
could be executed to start the build.
Now that (as of #5140) all output variables are only defined on
config.mk.in and on config.sh.in, there is no need to generate any
makefile nor any other mkfile or shell script at configure time. So
rename every "Makefile.in" to "Makefile", mkdeb.sh.in to mkdeb.sh,
src/common.mk.in to src/common.mk and leave just config.mk and config.sh
as the files to be generated at configure time.
This allows editing and committing all makefiles directly, without
potentially having to run ./configure in between.
Commands used to rename the makefiles:
$ git ls-files -z -- '*Makefile.in' | xargs -0 -I '{}' sh -c \
"git mv '{}' \"\$(dirname '{}')/Makefile\""
Additionally, from my (rudimentary) testing, this commit reduces the
time it takes to run ./configure by about 20~25% compared to commit
72ece92ea ("Transmission fixes: drop private-lib (#5213)", 2022-06-22).
Environment: dash 0.5.11.5-1, gcc 12.1.0-2, Artix Linux, ext4 on an HDD.
Commands used for benchmarking each commit:
$ : >time_configure && ./configure && make distclean &&
for i in $(seq 1 10); do
{ time -p ./configure; } 2>>time_configure; done
$ grep real time_configure |
awk '{ total += $2 } END { print total/NR }'
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A non-absolute path on an include command is always treated as being
relative to the directory in which "make" was started in, rather than
being relative to the makefile that contains the command. For example,
given the following project structure and file contents:
* Makefile: include src/foo.mk
* src/foo.mk: include bar.mk
* src/bar.mk:
Running "make" on the root project directory (that is, where "Makefile"
is) yields the following:
src/foo.mk:1: bar.mk: No such file or directory
As "bar.mk" in "include bar.mk" is relative to the current (process)
directory (that is, "./bar.mk") and not to where foo.mk is located in
("./src/bar.mk").
So on every makefile that contains an include command, define the root
project directory in the ROOT variable and always include relative to
it, to later enable any included mkfiles to include other mkfiles
without having to worry about the correct path.
Commands used to search and replace:
$ git grep -Flz 'include ../common.mk' -- src |
xargs -0 -I '{}' sh -c \
"printf '%s\n' \"\`sed 's|include ../common.mk|ROOT = ../..\ninclude \$(ROOT)/src/common.mk|' '{}'\`\" >'{}'"
Environment: GNU make 4.3-3.1 on Artix Linux
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This should fix all such warnings on the following files:
* src/fids/main.c
* src/firejail/seccomp.c
Misc: Besides the above reason, these are some of the more
straightforward TOCTOU warning fixes and they are done without any
additional refactor commits, so that's the reason for "easy ones".
List of TOCTOU warnings:
https://github.com/netblue30/firejail/security/code-scanning?query=id%3Acpp%2Ftoctou-race-condition
See https://cwe.mitre.org/data/definitions/367.html
Relates to #4503.
|
| | |
|
| | |
|
| |
|
Kelvin M. Klann
David Fetter
netblue30
a1346054