## Makefile for the linux kernel.#obj-y = fork.o exec_domain.o panic.o \cpu.o exit.o softirq.o resource.o \sysctl.o sysctl_binary.o capability.o ptrace.o user.o \signal.o sys.o kmod.o workqueue.o pid.o task_work.o \extable.o params.o \kthread.o sys_ni.o nsproxy.o \notifier.o ksysfs.o cred.o reboot.o \async.o range.o groups.o smpboot.oifdef CONFIG_FUNCTION_TRACER# Do not trace debug files and internal ftrace filesCFLAGS_REMOVE_cgroup-debug.o = $(CC_FLAGS_FTRACE)CFLAGS_REMOVE_irq_work.o = $(CC_FLAGS_FTRACE)endif# cond_syscall is currently not LTO compatibleCFLAGS_sys_ni.o = $(DISABLE_LTO)obj-y += sched/obj-y += locking/obj-y += power/obj-y += printk/obj-y += irq/obj-y += rcu/obj-y += livepatch/obj-$(CONFIG_CHECKPOINT_RESTORE) += kcmp.oobj-$(CONFIG_FREEZER) += freezer.oobj-$(CONFIG_PROFILING) += profile.oobj-$(CONFIG_STACKTRACE) += stacktrace.oobj-y += time/obj-$(CONFIG_FUTEX) += futex.oifeq ($(CONFIG_COMPAT),y)obj-$(CONFIG_FUTEX) += futex_compat.oendifobj-$(CONFIG_GENERIC_ISA_DMA) += dma.oobj-$(CONFIG_SMP) += smp.oifneq ($(CONFIG_SMP),y)obj-y += up.oendifobj-$(CONFIG_UID16) += uid16.oobj-$(CONFIG_SYSTEM_TRUSTED_KEYRING) += system_keyring.o system_certificates.oobj-$(CONFIG_MODULES) += module.oobj-$(CONFIG_MODULE_SIG) += module_signing.oobj-$(CONFIG_KALLSYMS) += kallsyms.oobj-$(CONFIG_BSD_PROCESS_ACCT) += acct.oobj-$(CONFIG_KEXEC) += kexec.oobj-$(CONFIG_BACKTRACE_SELF_TEST) += backtracetest.oobj-$(CONFIG_COMPAT) += compat.oobj-$(CONFIG_CGROUPS) += cgroup.oobj-$(CONFIG_CGROUP_FREEZER) += cgroup_freezer.oobj-$(CONFIG_CPUSETS) += cpuset.oobj-$(CONFIG_UTS_NS) += utsname.oobj-$(CONFIG_USER_NS) += user_namespace.oobj-$(CONFIG_PID_NS) += pid_namespace.oobj-$(CONFIG_IKCONFIG) += configs.oobj-$(CONFIG_SMP) += stop_machine.oobj-$(CONFIG_KPROBES_SANITY_TEST) += test_kprobes.oobj-$(CONFIG_AUDIT) += audit.o auditfilter.oobj-$(CONFIG_AUDITSYSCALL) += auditsc.oobj-$(CONFIG_AUDIT_WATCH) += audit_watch.oobj-$(CONFIG_AUDIT_TREE) += audit_tree.oobj-$(CONFIG_GCOV_KERNEL) += gcov/obj-$(CONFIG_KPROBES) += kprobes.oobj-$(CONFIG_KGDB) += debug/obj-$(CONFIG_DETECT_HUNG_TASK) += hung_task.oobj-$(CONFIG_LOCKUP_DETECTOR) += watchdog.oobj-$(CONFIG_SECCOMP) += seccomp.oobj-$(CONFIG_RELAY) += relay.oobj-$(CONFIG_SYSCTL) += utsname_sysctl.oobj-$(CONFIG_TASK_DELAY_ACCT) += delayacct.oobj-$(CONFIG_TASKSTATS) += taskstats.o tsacct.oobj-$(CONFIG_TRACEPOINTS) += tracepoint.oobj-$(CONFIG_LATENCYTOP) += latencytop.oobj-$(CONFIG_BINFMT_ELF) += elfcore.oobj-$(CONFIG_COMPAT_BINFMT_ELF) += elfcore.oobj-$(CONFIG_BINFMT_ELF_FDPIC) += elfcore.oobj-$(CONFIG_FUNCTION_TRACER) += trace/obj-$(CONFIG_TRACING) += trace/obj-$(CONFIG_TRACE_CLOCK) += trace/obj-$(CONFIG_RING_BUFFER) += trace/obj-$(CONFIG_TRACEPOINTS) += trace/obj-$(CONFIG_IRQ_WORK) += irq_work.oobj-$(CONFIG_CPU_PM) += cpu_pm.oobj-$(CONFIG_BPF) += bpf/obj-$(CONFIG_PERF_EVENTS) += events/obj-$(CONFIG_USER_RETURN_NOTIFIER) += user-return-notifier.oobj-$(CONFIG_PADATA) += padata.oobj-$(CONFIG_CRASH_DUMP) += crash_dump.oobj-$(CONFIG_JUMP_LABEL) += jump_label.oobj-$(CONFIG_CONTEXT_TRACKING) += context_tracking.oobj-$(CONFIG_TORTURE_TEST) += torture.o$(obj)/configs.o: $(obj)/config_data.h# config_data.h contains the same information as ikconfig.h but gzipped.# Info from config_data can be extracted from /proc/config*targets += config_data.gz$(obj)/config_data.gz: $(KCONFIG_CONFIG) FORCE$(call if_changed,gzip)filechk_ikconfiggz = (echo "static const char kernel_config_data[] __used = MAGIC_START"; cat $< | scripts/basic/bin2c; echo "MAGIC_END;")targets += config_data.h$(obj)/config_data.h: $(obj)/config_data.gz FORCE$(call filechk,ikconfiggz)################################################################################# Roll all the X.509 certificates that we can find together and pull them into# the kernel so that they get loaded into the system trusted keyring during# boot.## We look in the source root and the build root for all files whose name ends# in ".x509". Unfortunately, this will generate duplicate filenames, so we# have make canonicalise the pathnames and then sort them to discard the# duplicates.################################################################################ifeq ($(CONFIG_SYSTEM_TRUSTED_KEYRING),y)X509_CERTIFICATES-y := $(wildcard *.x509) $(wildcard $(srctree)/*.x509)X509_CERTIFICATES-$(CONFIG_MODULE_SIG) += $(objtree)/signing_key.x509X509_CERTIFICATES-raw := $(sort $(foreach CERT,$(X509_CERTIFICATES-y), \$(or $(realpath $(CERT)),$(CERT))))X509_CERTIFICATES := $(subst $(realpath $(objtree))/,,$(X509_CERTIFICATES-raw))ifeq ($(X509_CERTIFICATES),)$(warning *** No X.509 certificates found ***)endififneq ($(wildcard $(obj)/.x509.list),)ifneq ($(shell cat $(obj)/.x509.list),$(X509_CERTIFICATES))$(info X.509 certificate list changed)$(shell rm $(obj)/.x509.list)endifendifkernel/system_certificates.o: $(obj)/x509_certificate_listquiet_cmd_x509certs = CERTS $@cmd_x509certs = cat $(X509_CERTIFICATES) /dev/null >$@ $(foreach X509,$(X509_CERTIFICATES),; $(kecho) " - Including cert $(X509)")targets += $(obj)/x509_certificate_list$(obj)/x509_certificate_list: $(X509_CERTIFICATES) $(obj)/.x509.list$(call if_changed,x509certs)targets += $(obj)/.x509.list$(obj)/.x509.list:@echo $(X509_CERTIFICATES) >$@endifclean-files := x509_certificate_list .x509.listifeq ($(CONFIG_MODULE_SIG),y)################################################################################# If module signing is requested, say by allyesconfig, but a key has not been# supplied, then one will need to be generated to make sure the build does not# fail and that the kernel may be used afterwards.################################################################################ifndef CONFIG_MODULE_SIG_HASH$(error Could not determine digest type to use from kernel config)endifsigning_key.priv signing_key.x509: x509.genkey@echo "###"@echo "### Now generating an X.509 key pair to be used for signing modules."@echo "###"@echo "### If this takes a long time, you might wish to run rngd in the"@echo "### background to keep the supply of entropy topped up. It"@echo "### needs to be run as root, and uses a hardware random"@echo "### number generator if one is available."@echo "###"openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \-batch -x509 -config x509.genkey \-outform DER -out signing_key.x509 \-keyout signing_key.priv 2>&1@echo "###"@echo "### Key pair generated."@echo "###"x509.genkey:@echo Generating X.509 key generation config@echo >x509.genkey "[ req ]"@echo >>x509.genkey "default_bits = 4096"@echo >>x509.genkey "distinguished_name = req_distinguished_name"@echo >>x509.genkey "prompt = no"@echo >>x509.genkey "string_mask = utf8only"@echo >>x509.genkey "x509_extensions = myexts"@echo >>x509.genkey@echo >>x509.genkey "[ req_distinguished_name ]"@echo >>x509.genkey "O = Magrathea"@echo >>x509.genkey "CN = Glacier signing key"@echo >>x509.genkey "emailAddress = slartibartfast@magrathea.h2g2"@echo >>x509.genkey@echo >>x509.genkey "[ myexts ]"@echo >>x509.genkey "basicConstraints=critical,CA:FALSE"@echo >>x509.genkey "keyUsage=digitalSignature"@echo >>x509.genkey "subjectKeyIdentifier=hash"@echo >>x509.genkey "authorityKeyIdentifier=keyid"endif
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。