From 52ee615428963c4bdc20dbac7926e43f0fcdded4 Mon Sep 17 00:00:00 2001
From: "Yan, Like" <like.yan@intel.com>
Date: Thu, 20 Sep 2018 09:37:11 +0800
Subject: [PATCH] tools: acrnlog: update Makefile

In order to sync the compiler options with devicemode and enable options
to harden software.

Tracked-On: #1122
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
---
 tools/acrnlog/Makefile | 36 ++++++++++++++++++++++++++++++++++--
 1 file changed, 34 insertions(+), 2 deletions(-)

diff --git a/tools/acrnlog/Makefile b/tools/acrnlog/Makefile
index 2a1abe06a..bb7f526e2 100644
--- a/tools/acrnlog/Makefile
+++ b/tools/acrnlog/Makefile
@@ -1,6 +1,37 @@
+T := $(CURDIR)
+OUT_DIR ?= $(shell mkdir -p $(T)/build;cd $(T)/build;pwd)
+CC ?= gcc
 
-OUT_DIR ?= .
-CFLAGS += -fpie
+CFLAGS := -g -O0 -std=gnu11
+CFLAGS += -D_GNU_SOURCE
+CFLAGS += -DNO_OPENSSL
+CFLAGS += -m64
+CFLAGS += -Wall -ffunction-sections
+CFLAGS += -Werror
+CFLAGS += -O2 -D_FORTIFY_SOURCE=2
+CFLAGS += -Wformat -Wformat-security -fno-strict-aliasing
+CFLAGS += -fpie -fpic
+
+GCC_MAJOR=$(shell echo __GNUC__ | $(CC) -E -x c - | tail -n 1)
+GCC_MINOR=$(shell echo __GNUC_MINOR__ | $(CC) -E -x c - | tail -n 1)
+
+#enable stack overflow check
+STACK_PROTECTOR := 1
+
+ifdef STACK_PROTECTOR
+ifeq (true, $(shell [ $(GCC_MAJOR) -gt 4 ] && echo true))
+CFLAGS += -fstack-protector-strong
+else
+ifeq (true, $(shell [ $(GCC_MAJOR) -eq 4 ] && [ $(GCC_MINOR) -ge 9 ] && echo true))
+CFLAGS += -fstack-protector-strong
+else
+CFLAGS += -fstack-protector
+endif
+endif
+endif
+
+LDFLAGS := -Wl,-z,noexecstack
+LDFLAGS += -Wl,-z,relro,-z,now
 LDFLAGS += -pie
 
 all:
@@ -11,6 +42,7 @@ clean:
 	rm -f $(OUT_DIR)/acrnlog
 ifneq ($(OUT_DIR),.)
 	rm -f $(OUT_DIR)/acrnlog.service
+	rm -rf $(OUT_DIR)
 endif
 
 install: $(OUT_DIR)/acrnlog