xref: /linux/kernel/Makefile (revision 5cee964597260237dd2cabb3ec22bba0da24b25d)
11da177e4SLinus Torvalds#
21da177e4SLinus Torvalds# Makefile for the linux kernel.
31da177e4SLinus Torvalds#
41da177e4SLinus Torvalds
5b9ee979eSJoe Perchesobj-y     = fork.o exec_domain.o panic.o \
6*5cee9645SThomas Gleixner	    cpu.o exit.o softirq.o resource.o \
7*5cee9645SThomas Gleixner	    sysctl.o sysctl_binary.o capability.o ptrace.o user.o \
8e73f8959SOleg Nesterov	    signal.o sys.o kmod.o workqueue.o pid.o task_work.o \
9*5cee9645SThomas Gleixner	    extable.o params.o \
10*5cee9645SThomas Gleixner	    kthread.o sys_ni.o nsproxy.o \
1115d94b82SRobin Holt	    notifier.o ksysfs.o cred.o reboot.o \
12cd4d241dSPeter Zijlstra	    async.o range.o groups.o smpboot.o
13029632fbSPeter Zijlstra
14606576ceSSteven Rostedtifdef CONFIG_FUNCTION_TRACER
156ec56232SSteven Rostedt# Do not trace debug files and internal ftrace files
166ec56232SSteven RostedtCFLAGS_REMOVE_cgroup-debug.o = -pg
17e360adbeSPeter ZijlstraCFLAGS_REMOVE_irq_work.o = -pg
181d09daa5SSteven Rostedtendif
191d09daa5SSteven Rostedt
2058edae3aSAndi Kleen# cond_syscall is currently not LTO compatible
2158edae3aSAndi KleenCFLAGS_sys_ni.o = $(DISABLE_LTO)
2258edae3aSAndi Kleen
23391e43daSPeter Zijlstraobj-y += sched/
2401768b42SPeter Zijlstraobj-y += locking/
25dae5cbc2SRafael J. Wysockiobj-y += power/
26b9ee979eSJoe Perchesobj-y += printk/
270244ad00SMartin Schwidefskyobj-y += irq/
284102adabSPaul E. McKenneyobj-y += rcu/
29391e43daSPeter Zijlstra
301e142b29SCyrill Gorcunovobj-$(CONFIG_CHECKPOINT_RESTORE) += kcmp.o
318174f150SMatt Helsleyobj-$(CONFIG_FREEZER) += freezer.o
32b03f6489SAdrian Bunkobj-$(CONFIG_PROFILING) += profile.o
338637c099SIngo Molnarobj-$(CONFIG_STACKTRACE) += stacktrace.o
34ad596171Sjohn stultzobj-y += time/
351da177e4SLinus Torvaldsobj-$(CONFIG_FUTEX) += futex.o
3634f192c6SIngo Molnarifeq ($(CONFIG_COMPAT),y)
3734f192c6SIngo Molnarobj-$(CONFIG_FUTEX) += futex_compat.o
3834f192c6SIngo Molnarendif
391da177e4SLinus Torvaldsobj-$(CONFIG_GENERIC_ISA_DMA) += dma.o
40351f8f8eSAmerigo Wangobj-$(CONFIG_SMP) += smp.o
419316fcacSAndrew Mortonifneq ($(CONFIG_SMP),y)
4253ce3d95SAndrew Mortonobj-y += up.o
4353ce3d95SAndrew Mortonendif
441da177e4SLinus Torvaldsobj-$(CONFIG_UID16) += uid16.o
45b56e5a17SDavid Howellsobj-$(CONFIG_SYSTEM_TRUSTED_KEYRING) += system_keyring.o system_certificates.o
461da177e4SLinus Torvaldsobj-$(CONFIG_MODULES) += module.o
47b56e5a17SDavid Howellsobj-$(CONFIG_MODULE_SIG) += module_signing.o
481da177e4SLinus Torvaldsobj-$(CONFIG_KALLSYMS) += kallsyms.o
491da177e4SLinus Torvaldsobj-$(CONFIG_BSD_PROCESS_ACCT) += acct.o
50dc009d92SEric W. Biedermanobj-$(CONFIG_KEXEC) += kexec.o
516dab2778SArjan van de Venobj-$(CONFIG_BACKTRACE_SELF_TEST) += backtracetest.o
521da177e4SLinus Torvaldsobj-$(CONFIG_COMPAT) += compat.o
53ddbcc7e8SPaul Menageobj-$(CONFIG_CGROUPS) += cgroup.o
54dc52ddc0SMatt Helsleyobj-$(CONFIG_CGROUP_FREEZER) += cgroup_freezer.o
551da177e4SLinus Torvaldsobj-$(CONFIG_CPUSETS) += cpuset.o
56aee16ce7SPavel Emelyanovobj-$(CONFIG_UTS_NS) += utsname.o
57aee16ce7SPavel Emelyanovobj-$(CONFIG_USER_NS) += user_namespace.o
5874bd59bbSPavel Emelyanovobj-$(CONFIG_PID_NS) += pid_namespace.o
591da177e4SLinus Torvaldsobj-$(CONFIG_IKCONFIG) += configs.o
60e552b661SPavel Emelianovobj-$(CONFIG_RESOURCE_COUNTERS) += res_counter.o
61bbf1bb3eSTejun Heoobj-$(CONFIG_SMP) += stop_machine.o
628c1c9356SAnanth N Mavinakayanahalliobj-$(CONFIG_KPROBES_SANITY_TEST) += test_kprobes.o
63939a67fcSEric Parisobj-$(CONFIG_AUDIT) += audit.o auditfilter.o
641da177e4SLinus Torvaldsobj-$(CONFIG_AUDITSYSCALL) += auditsc.o
65939a67fcSEric Parisobj-$(CONFIG_AUDIT_WATCH) += audit_watch.o
6674c3cbe3SAl Viroobj-$(CONFIG_AUDIT_TREE) += audit_tree.o
67939a67fcSEric Parisobj-$(CONFIG_GCOV_KERNEL) += gcov/
681da177e4SLinus Torvaldsobj-$(CONFIG_KPROBES) += kprobes.o
69c4338209SJason Wesselobj-$(CONFIG_KGDB) += debug/
70e162b39aSMandeep Singh Bainesobj-$(CONFIG_DETECT_HUNG_TASK) += hung_task.o
7158687acbSDon Zickusobj-$(CONFIG_LOCKUP_DETECTOR) += watchdog.o
721da177e4SLinus Torvaldsobj-$(CONFIG_SECCOMP) += seccomp.o
73b86ff981SJens Axboeobj-$(CONFIG_RELAY) += relay.o
7439732acdSEric W. Biedermanobj-$(CONFIG_SYSCTL) += utsname_sysctl.o
75ca74e92bSShailabh Nagarobj-$(CONFIG_TASK_DELAY_ACCT) += delayacct.o
76f3cef7a9SJay Lanobj-$(CONFIG_TASKSTATS) += taskstats.o tsacct.o
7797e1c18eSMathieu Desnoyersobj-$(CONFIG_TRACEPOINTS) += tracepoint.o
789745512cSArjan van de Venobj-$(CONFIG_LATENCYTOP) += latencytop.o
791fcccbacSDaisuke HATAYAMAobj-$(CONFIG_BINFMT_ELF) += elfcore.o
801fcccbacSDaisuke HATAYAMAobj-$(CONFIG_COMPAT_BINFMT_ELF) += elfcore.o
811fcccbacSDaisuke HATAYAMAobj-$(CONFIG_BINFMT_ELF_FDPIC) += elfcore.o
82606576ceSSteven Rostedtobj-$(CONFIG_FUNCTION_TRACER) += trace/
83bc0c38d1SSteven Rostedtobj-$(CONFIG_TRACING) += trace/
84ea632e9fSJosh Triplettobj-$(CONFIG_TRACE_CLOCK) += trace/
851155de47SPaul Mundtobj-$(CONFIG_RING_BUFFER) += trace/
86870915e0SMathieu Desnoyersobj-$(CONFIG_TRACEPOINTS) += trace/
87e360adbeSPeter Zijlstraobj-$(CONFIG_IRQ_WORK) += irq_work.o
88ab10023eSColin Crossobj-$(CONFIG_CPU_PM) += cpu_pm.o
89fae85b7cSBorislav Petkov
90fae85b7cSBorislav Petkovobj-$(CONFIG_PERF_EVENTS) += events/
91fae85b7cSBorislav Petkov
927a041097SAvi Kivityobj-$(CONFIG_USER_RETURN_NOTIFIER) += user-return-notifier.o
9316295becSSteffen Klassertobj-$(CONFIG_PADATA) += padata.o
9493a72052SOlaf Heringobj-$(CONFIG_CRASH_DUMP) += crash_dump.o
95b77f0f3cSJason Baronobj-$(CONFIG_JUMP_LABEL) += jump_label.o
9691d1aa43SFrederic Weisbeckerobj-$(CONFIG_CONTEXT_TRACKING) += context_tracking.o
9751b1130eSPaul E. McKenneyobj-$(CONFIG_TORTURE_TEST) += torture.o
981da177e4SLinus Torvalds
991da177e4SLinus Torvalds$(obj)/configs.o: $(obj)/config_data.h
1001da177e4SLinus Torvalds
1011da177e4SLinus Torvalds# config_data.h contains the same information as ikconfig.h but gzipped.
1021da177e4SLinus Torvalds# Info from config_data can be extracted from /proc/config*
1031da177e4SLinus Torvaldstargets += config_data.gz
10441263fc6SBen Gardiner$(obj)/config_data.gz: $(KCONFIG_CONFIG) FORCE
1051da177e4SLinus Torvalds	$(call if_changed,gzip)
1061da177e4SLinus Torvalds
107e78e8f2dSPeter Foley      filechk_ikconfiggz = (echo "static const char kernel_config_data[] __used = MAGIC_START"; cat $< | scripts/bin2c; echo "MAGIC_END;")
1081da177e4SLinus Torvaldstargets += config_data.h
1091da177e4SLinus Torvalds$(obj)/config_data.h: $(obj)/config_data.gz FORCE
110e78e8f2dSPeter Foley	$(call filechk,ikconfiggz)
111bdc80787SH. Peter Anvin
112f0e6d220SDavid Howells###############################################################################
113631cc66eSDavid Howells#
1140fbd39cfSDavid Howells# Roll all the X.509 certificates that we can find together and pull them into
115b56e5a17SDavid Howells# the kernel so that they get loaded into the system trusted keyring during
116b56e5a17SDavid Howells# boot.
1170fbd39cfSDavid Howells#
1180fbd39cfSDavid Howells# We look in the source root and the build root for all files whose name ends
1190fbd39cfSDavid Howells# in ".x509".  Unfortunately, this will generate duplicate filenames, so we
1200fbd39cfSDavid Howells# have make canonicalise the pathnames and then sort them to discard the
1210fbd39cfSDavid Howells# duplicates.
122631cc66eSDavid Howells#
123f0e6d220SDavid Howells###############################################################################
124b56e5a17SDavid Howellsifeq ($(CONFIG_SYSTEM_TRUSTED_KEYRING),y)
125f0e6d220SDavid HowellsX509_CERTIFICATES-y := $(wildcard *.x509) $(wildcard $(srctree)/*.x509)
126d7ec435fSDavid HowellsX509_CERTIFICATES-$(CONFIG_MODULE_SIG) += $(objtree)/signing_key.x509
127d7ec435fSDavid HowellsX509_CERTIFICATES-raw := $(sort $(foreach CERT,$(X509_CERTIFICATES-y), \
1280fbd39cfSDavid Howells				$(or $(realpath $(CERT)),$(CERT))))
129d7ec435fSDavid HowellsX509_CERTIFICATES := $(subst $(realpath $(objtree))/,,$(X509_CERTIFICATES-raw))
130631cc66eSDavid Howells
131f0e6d220SDavid Howellsifeq ($(X509_CERTIFICATES),)
132f0e6d220SDavid Howells$(warning *** No X.509 certificates found ***)
133f0e6d220SDavid Howellsendif
134e10e1774SMichal Marek
135f0e6d220SDavid Howellsifneq ($(wildcard $(obj)/.x509.list),)
136f0e6d220SDavid Howellsifneq ($(shell cat $(obj)/.x509.list),$(X509_CERTIFICATES))
137f0e6d220SDavid Howells$(info X.509 certificate list changed)
138f0e6d220SDavid Howells$(shell rm $(obj)/.x509.list)
139f0e6d220SDavid Howellsendif
140f0e6d220SDavid Howellsendif
141631cc66eSDavid Howells
142b56e5a17SDavid Howellskernel/system_certificates.o: $(obj)/x509_certificate_list
143f0e6d220SDavid Howells
144f0e6d220SDavid Howellsquiet_cmd_x509certs  = CERTS   $@
145b56e5a17SDavid Howells      cmd_x509certs  = cat $(X509_CERTIFICATES) /dev/null >$@ $(foreach X509,$(X509_CERTIFICATES),; echo "  - Including cert $(X509)")
146b56e5a17SDavid Howells
147f0e6d220SDavid Howellstargets += $(obj)/x509_certificate_list
148f0e6d220SDavid Howells$(obj)/x509_certificate_list: $(X509_CERTIFICATES) $(obj)/.x509.list
149f0e6d220SDavid Howells	$(call if_changed,x509certs)
150f0e6d220SDavid Howells
151f0e6d220SDavid Howellstargets += $(obj)/.x509.list
152f0e6d220SDavid Howells$(obj)/.x509.list:
153f0e6d220SDavid Howells	@echo $(X509_CERTIFICATES) >$@
154f46a3cbbSKirill Tkhaiendif
155f0e6d220SDavid Howells
156f0e6d220SDavid Howellsclean-files := x509_certificate_list .x509.list
157d441108cSDavid Howells
158bdc80787SH. Peter Anvinifeq ($(CONFIG_MODULE_SIG),y)
159d441108cSDavid Howells###############################################################################
160d441108cSDavid Howells#
161d441108cSDavid Howells# If module signing is requested, say by allyesconfig, but a key has not been
162d441108cSDavid Howells# supplied, then one will need to be generated to make sure the build does not
163d441108cSDavid Howells# fail and that the kernel may be used afterwards.
164d441108cSDavid Howells#
165d441108cSDavid Howells###############################################################################
16622753674SMichal Marekifndef CONFIG_MODULE_SIG_HASH
1675e8cb1e4SDavid Howells$(error Could not determine digest type to use from kernel config)
1685e8cb1e4SDavid Howellsendif
1695e8cb1e4SDavid Howells
170d441108cSDavid Howellssigning_key.priv signing_key.x509: x509.genkey
171d441108cSDavid Howells	@echo "###"
172d441108cSDavid Howells	@echo "### Now generating an X.509 key pair to be used for signing modules."
173d441108cSDavid Howells	@echo "###"
174d441108cSDavid Howells	@echo "### If this takes a long time, you might wish to run rngd in the"
175d441108cSDavid Howells	@echo "### background to keep the supply of entropy topped up.  It"
1762008713cSH. Peter Anvin	@echo "### needs to be run as root, and uses a hardware random"
1772008713cSH. Peter Anvin	@echo "### number generator if one is available."
178d441108cSDavid Howells	@echo "###"
17922753674SMichal Marek	openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \
18022753674SMichal Marek		-batch -x509 -config x509.genkey \
181d441108cSDavid Howells		-outform DER -out signing_key.x509 \
18207c449bbSDavid Cohen		-keyout signing_key.priv 2>&1
183d441108cSDavid Howells	@echo "###"
184d441108cSDavid Howells	@echo "### Key pair generated."
185d441108cSDavid Howells	@echo "###"
186d441108cSDavid Howells
187d441108cSDavid Howellsx509.genkey:
188d441108cSDavid Howells	@echo Generating X.509 key generation config
189d441108cSDavid Howells	@echo  >x509.genkey "[ req ]"
190d441108cSDavid Howells	@echo >>x509.genkey "default_bits = 4096"
191d441108cSDavid Howells	@echo >>x509.genkey "distinguished_name = req_distinguished_name"
192d441108cSDavid Howells	@echo >>x509.genkey "prompt = no"
193e7d113bcSDavid Howells	@echo >>x509.genkey "string_mask = utf8only"
194d441108cSDavid Howells	@echo >>x509.genkey "x509_extensions = myexts"
195d441108cSDavid Howells	@echo >>x509.genkey
196d441108cSDavid Howells	@echo >>x509.genkey "[ req_distinguished_name ]"
197d441108cSDavid Howells	@echo >>x509.genkey "O = Magrathea"
198d441108cSDavid Howells	@echo >>x509.genkey "CN = Glacier signing key"
199d441108cSDavid Howells	@echo >>x509.genkey "emailAddress = slartibartfast@magrathea.h2g2"
200d441108cSDavid Howells	@echo >>x509.genkey
201d441108cSDavid Howells	@echo >>x509.genkey "[ myexts ]"
202d441108cSDavid Howells	@echo >>x509.genkey "basicConstraints=critical,CA:FALSE"
203d441108cSDavid Howells	@echo >>x509.genkey "keyUsage=digitalSignature"
204d441108cSDavid Howells	@echo >>x509.genkey "subjectKeyIdentifier=hash"
205d441108cSDavid Howells	@echo >>x509.genkey "authorityKeyIdentifier=keyid"
206d441108cSDavid Howellsendif
207