forked from osquery/osquery
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCMakeLists.txt
274 lines (240 loc) · 8.3 KB
/
CMakeLists.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
# Set includes/compile options for kernel modules/extensions.
set(CMAKE_C_FLAGS "")
set(CMAKE_CXX_FLAGS "")
# Set kernel-exported variables/paths/settings.
# These must be set in the PARENT_SCOPE and the local scope.
set(KERNEL_BINARY_DIR "" PARENT_SCOPE)
set(KERNEL_BINARY "unknown" PARENT_SCOPE)
set(KERNEL_TYPE "unknown")
if(APPLE)
set(KERNEL_BINARY_DIR "osquery.kext/Contents/MacOS")
set(KERNEL_BINARY "${KERNEL_BINARY_DIR}/osquery")
set(KERNEL_BINARY_DIR "${KERNEL_BINARY_DIR}" PARENT_SCOPE)
set(KERNEL_BINARY "${KERNEL_BINARY}" PARENT_SCOPE)
# Set OS X platform-specific compiler flags.
set(KERNEL_C_FLAGS
"-arch x86_64"
-mkernel
-nostdinc
-fno-builtin
)
# Set OS X platform-specific linker flags.
set(KERNEL_LINKER_FLAGS
"-arch x86_64"
-mkernel
"-Xlinker -kext"
-nostdlib
-lkmod
)
# Set OS X platform-specific include paths.
include_directories("${CMAKE_SOURCE_DIR}/kernel/include")
include_directories("${CMAKE_SOURCE_DIR}/kernel/src")
include_directories("/System/Library/Frameworks/Kernel.framework/Headers")
include_directories("/Applications/Xcode.app/Contents/Developer/Platforms/\
MacOSX.platform/Developer/SDKs/MacOSX${OSQUERY_BUILD_DISTRO}.sdk\
/System/Library/Frameworks/Kernel.framework/Headers")
set(KERNEL_TYPE "darwin")
elseif(LINUX)
set(KERNEL_TYPE "linux")
endif()
# Join the set of linker flags, target properties want a " "-delimited set.
set(KERNEL_CXX_FLAGS ${KERNEL_C_FLAGS})
JOIN("${KERNEL_LINKER_FLAGS}" " " KERNEL_LINKER_FLAGS)
# Rewrite the osquery version defines to a kernel version in case they diverge.
add_definitions(
-DOSQUERY_KERNEL_VERSION="${OSQUERY_BUILD_VERSION}"
)
# Define what debug builds change (environment variable from Makefile)
if(DEFINED ENV{DEBUG})
set(KERNEL_CXX_FLAGS ${KERNEL_CXX_FLAGS} -O0)
else()
set(KERNEL_CXX_FLAGS ${KERNEL_CXX_FLAGS} -O3)
endif()
# We will introduce a "kernel-test" mode that builds for pull requests and
# merges into master and includes additional unit-test facilities.
if(NOT OSQUERY_BUILD_RELEASE)
add_definitions(-DKERNEL_TEST=1)
endif()
# The set of platform-agnostic implementations.
set(BASE_KERNEL_SOURCES
src/circular_queue_kern.c
)
file(GLOB APPLE_KERNEL_PUBLISHER_SOURCES "src/publishers/darwin/*.c")
# Add a set of platform-specific files.
set(APPLE_KERNEL_SOURCES
src/osquery.cpp
${APPLE_KERNEL_PUBLISHER_SOURCES}
)
# Define kernel targets, each should be an extension/module.
if(APPLE)
# TODO: Remove the OS X requirement.
add_executable(base_kernel ${APPLE_KERNEL_SOURCES} ${BASE_KERNEL_SOURCES})
set_target_properties(base_kernel PROPERTIES COMPILE_FLAGS ${KERNEL_C_FLAGS} ${KERNEL_CXX_FLAGS})
set_target_properties(base_kernel PROPERTIES LINK_FLAGS ${KERNEL_LINKER_FLAGS})
set_target_properties(base_kernel PROPERTIES EXCLUDE_FROM_ALL true)
set_target_properties(base_kernel PROPERTIES OUTPUT_NAME "${KERNEL_BINARY}")
add_dependencies(base_kernel kernel-layout)
endif()
# Define layouts and dependencies/debug setup steps for each platform.
if(APPLE)
# This should remain an opaque target.
add_custom_target(
kernel-layout
COMMAND mkdir -p "${CMAKE_BINARY_DIR}/kernel/${KERNEL_BINARY_DIR}"
COMMAND
cp "${CMAKE_SOURCE_DIR}/kernel/tools/deployment/Info.plist"
"${CMAKE_BINARY_DIR}/kernel/osquery.kext/Contents/Info.plist"
COMMENT "Create build directory structure for kernel extension"
)
# make kernel-provision
add_custom_target(
kernel-deps
COMMAND echo ""
COMMAND echo "WARNING: Disabling OS X kernel extension signature checking..."
COMMAND echo "WARNING: nvram boot-args=kext-dev-mode=1"
COMMAND sudo nvram boot-args="kext-dev-mode=1"
COMMAND echo "WARNING: Reboot required."
COMMAND echo ""
WORKING_DIRECTORY "${CMAKE_SOURCE_DIR}"
COMMENT "Preparing a development OS for kernel testing..."
)
# make kernel-load
add_custom_target(
kernel-test-load
DEPENDS kernel-build
# Move the kernel extension bundle to /tmp to change ownership.
# A virtual machine shared folder/filesystem may not allow root owned files.
COMMAND sudo cp -R "${CMAKE_BINARY_DIR}/kernel/osquery.kext" "/tmp/"
COMMAND sudo chown -R root:wheel "/tmp/osquery.kext"
COMMAND sudo chmod -R 0644 "/tmp/osquery.kext"
COMMAND echo "Wrote unsigned extension bundle: /tmp/osquery.kext"
COMMAND sudo kextload -v "/tmp/osquery.kext"
)
# make kernel-unload
add_custom_target(
kernel-test-unload
# Unload the kernel extension.
COMMAND sudo "./kernel/tools/unload_with_retry.sh"
COMMAND echo "Attempted to unload kernel extension with identifier:"
COMMAND echo "com.facebook.security.osquery"
WORKING_DIRECTORY "${CMAKE_SOURCE_DIR}"
)
# Additional helpful commands for configuring a debug environment for OS X.
add_custom_target(
kernel-configure-target
COMMAND
COMMAND echo ""
COMMAND echo "WARNING: Configuring kernel to break/debug..."
COMMAND echo "WARNING: nvram boot-args=\"kext-dev-mode=1 kcsuffix=kernel -v pmuflags=1\""
COMMAND sudo nvram boot-args="kext-dev-mode=1 kcsuffix=kernel -v pmuflags=1"
COMMAND echo "WARNING: Reboot required."
COMMAND echo ""
WORKING_DIRECTORY "${CMAKE_SOURCE_DIR}"
COMMENT "Preparing a development OS for kernel testing and debugging..."
)
add_custom_target(
kernel-debug
COMMAND dsymutil "${CMAKE_BINARY_DIR}/kernel/${KERNEL_BINARY}"
-o "${CMAKE_BINARY_DIR}/kernel/${KERNEL_BINARY}.dSYM"
COMMAND strip -S "${CMAKE_BINARY_DIR}/kernel/${KERNEL_BINARY}"
COMMAND
"${CMAKE_SOURCE_DIR}/kernel/tools/${KERNEL_TYPE}.sh" debug
WORKING_DIRECTORY "${CMAKE_SOURCE_DIR}"
COMMENT "Generating symbols and launching a debugger with kernel target..."
)
if(NOT DEFINED ENV{SKIP_TESTS})
add_custom_target(
kernel-test
COMMAND echo ""
COMMAND echo "Running kernel tests requires root."
COMMAND sudo $<TARGET_FILE:osquery_kernel_tests>
)
if(NOT DEFINED ENV{SKIP_BENCHMARKS})
add_custom_target(
run-kernel-benchmark
COMMAND echo ""
COMMAND echo "Running kernel benchmarks requires root."
COMMAND sudo bash -c "$<TARGET_FILE:osquery_kernel_benchmarks> $ENV{BENCHMARK_TO_FILE}"
WORKING_DIRECTORY "${CMAKE_SOURCE_DIR}"
)
endif()
endif()
elseif(LINUX)
add_custom_target(
base_kernel
COMMAND echo "-- No base kernel for Linux"
)
add_custom_target(
kernel-layout
COMMAND echo "-- No kernel layout for Linux"
)
add_custom_target(
kernel-deps
COMMAND echo "-- No kernel dependencies for Linux"
)
add_custom_target(
kernel-test-load
COMMAND echo "-- No kernel load for Linux"
)
add_custom_target(
kernel-test-unload
COMMAND echo "-- No kernel unload for Linux"
)
if(NOT DEFINED ENV{SKIP_TESTS})
add_custom_target(
kernel-test
COMMAND echo "-- No kernel test is run for Linux"
)
if(NOT DEFINED ENV{SKIP_BENCHMARKS})
add_custom_target(
run-kernel-benchmark
COMMAND echo "-- No kernel benchmark is run for Linux"
)
endif()
endif()
else()
add_custom_target(
base_kernel
COMMAND echo "-- No base kernel for unsupported platform"
)
add_custom_target(
kernel-layout
COMMAND echo "-- No kernel layout for unsupported platform"
)
add_custom_target(
kernel-deps
COMMAND echo "-- No kernel dependencies for unsupported platform"
)
add_custom_target(
kernel-test-load
COMMAND echo "-- No kernel load for unsupported platform"
)
add_custom_target(
kernel-test-unload
COMMAND echo "-- No kernel unload for unsupported platform"
)
if(NOT DEFINED ENV{SKIP_TESTS})
add_custom_target(
kernel-test
COMMAND echo "-- No kernel test is run for unsupported platform"
)
if(NOT DEFINED ENV{SKIP_BENCHMARKS})
add_custom_target(
run-kernel-benchmark
COMMAND echo "-- No kernel benchmark is run for unsupported platform"
)
endif()
endif()
endif()
add_custom_target(
kernel-dev-check
COMMAND echo "Checking for kernel development mode"
COMMAND echo "See http://osquery.readthedocs.io/en/stable/development/kernel/"
COMMAND nvram -x boot-args 2> /dev/null | grep -q "kext-dev-mode=1"
)
# make kernel-build
add_custom_target(
kernel-build
DEPENDS kernel-dev-check kernel-layout base_kernel
COMMAND echo "-- Building osquery kernel extension/module..."
)