.PHONY: default

ARCH=$(shell uname -m)
BPF_TOOL_PATH      := ../../tools/$(ARCH)
BPF_TOOL           := $(BPF_TOOL_PATH)/bpftool
BPF_TOOL_ARCHIVE   := $(BPF_TOOL).tar.gz
VMLINUXH           := ../../include/vmlinux.h
VMLINUXH_TGZ       := ../../tools/$(ARCH)/vmlinux.tar.gz
LIBBPFA            := ../../libbpf/libbpf.a
PRIVATE_KEY        := ../../../../certs/security_pkey/keys/security.key
PUBLIC_KEY         := ../../../../certs/security_pkey/keys/security_pkey.pem


APPS := bpf_call dns_lookup sec_socket_connect udp_lookup java_exec tcp_set_state bind9


default: bpf_call_kern dns_lookup_kern sec_socket_connect_kern udp_lookup_kern java_exec_kern tcp_set_state_kern bind9_kern $(APPS)
	@echo "Success! All ok!"


$(LIBBPFA):
	@cd ../../libbpf && make


$(VMLINUXH):
	tar -xvf $(VMLINUXH_TGZ) -C ../../include/
	@echo "-> generate vmlinux.h done!"


$(BPF_TOOL): $(BPF_TOOL_ARCHIVE)
	@mkdir -p $(BPF_TOOL_PATH)
	@tar -xf $< -C $(BPF_TOOL_PATH)
	@chmod +x $@

bpf_call_kern: $(BPF_TOOL) $(VMLINUXH)
	clang -O2 -Wall \
	-funroll-loops \
	-DPROV_FILTER_FILE_PERMISSION_OFF \
	-DPROV_FILTER_SOCKET_SENDMSG_OFF \
	-D__KERNEL__ \
	-D__ASM_SYSREG_H \
	-D__$(ARCH)__ \
	-D__TARGET_ARCH_x86 \
	-Wno-unused-value -Wno-pointer-sign \
	-Wno-compare-distinct-pointer-types \
	-Wno-gnu-variable-sized-type-not-at-end \
	-Wno-address-of-packed-member -Wno-tautological-compare \
	-Wno-unknown-warning-option \
	-I../../include \
	-target bpf -g -c kern/bpf_call_kern.c -o kern/bpf_call_kern.o
	@ls -alh kern/bpf_call_kern.o
	echo $(ARCH)
	mkdir -p include
	$(BPF_TOOL) gen skeleton --bpffs kern/bpf_call_kern.o > include/bpf_call.skel.h
	@ls -alh include/bpf_call.skel.h

dns_lookup_kern: $(BPF_TOOL) $(VMLINUXH)
	clang -O2 -Wall \
	-funroll-loops \
	-DPROV_FILTER_FILE_PERMISSION_OFF \
	-DPROV_FILTER_SOCKET_SENDMSG_OFF \
	-D__KERNEL__ \
	-D__ASM_SYSREG_H \
	-D__$(ARCH)__ \
	-D__TARGET_ARCH_x86 \
	-Wno-unused-value -Wno-pointer-sign \
	-Wno-compare-distinct-pointer-types \
	-Wno-gnu-variable-sized-type-not-at-end \
	-Wno-address-of-packed-member -Wno-tautological-compare \
	-Wno-unknown-warning-option \
	-I../../include \
	-target bpf -g -c kern/dns_lookup_kern.c -o kern/dns_lookup_kern.o
	@ls -alh kern/dns_lookup_kern.o
	echo $(ARCH)
	mkdir -p include
	$(BPF_TOOL) gen skeleton --bpffs kern/dns_lookup_kern.o > include/dns_lookup.skel.h
	@ls -alh include/dns_lookup.skel.h

java_exec_kern: $(BPF_TOOL) $(VMLINUXH)
	clang -O2 -Wall \
	-funroll-loops \
	-DPROV_FILTER_FILE_PERMISSION_OFF \
	-DPROV_FILTER_SOCKET_SENDMSG_OFF \
	-D__KERNEL__ \
	-D__ASM_SYSREG_H \
	-D__$(ARCH)__ \
	-D__TARGET_ARCH_x86 \
	-Wno-unused-value -Wno-pointer-sign \
	-Wno-compare-distinct-pointer-types \
	-Wno-gnu-variable-sized-type-not-at-end \
	-Wno-address-of-packed-member -Wno-tautological-compare \
	-Wno-unknown-warning-option \
	-I../../include \
	-target bpf -g -c kern/java_exec_kern.c -o kern/java_exec_kern.o
	@ls -alh kern/java_exec_kern.o
	echo $(ARCH)
	mkdir -p include
	$(BPF_TOOL) gen skeleton --bpffs kern/java_exec_kern.o > include/java_exec.skel.h
	@ls -alh include/java_exec.skel.h

sec_socket_connect_kern: $(BPF_TOOL) $(VMLINUXH)
	clang -O2 -Wall \
	-funroll-loops \
	-DPROV_FILTER_FILE_PERMISSION_OFF \
	-DPROV_FILTER_SOCKET_SENDMSG_OFF \
	-D__KERNEL__ \
	-D__ASM_SYSREG_H \
	-D__$(ARCH)__ \
	-D__TARGET_ARCH_x86 \
	-Wno-unused-value -Wno-pointer-sign \
	-Wno-compare-distinct-pointer-types \
	-Wno-gnu-variable-sized-type-not-at-end \
	-Wno-address-of-packed-member -Wno-tautological-compare \
	-Wno-unknown-warning-option \
	-I../../include \
	-target bpf -g -c kern/sec_socket_connect_kern.c -o kern/sec_socket_connect_kern.o
	@ls -alh kern/sec_socket_connect_kern.o
	echo $(ARCH)
	mkdir -p include
	$(BPF_TOOL) gen skeleton --bpffs kern/sec_socket_connect_kern.o > include/sec_socket_connect.skel.h
	@ls -alh include/sec_socket_connect.skel.h

udp_lookup_kern: $(BPF_TOOL) $(VMLINUXH)
	clang -O2 -Wall \
	-funroll-loops \
	-DPROV_FILTER_FILE_PERMISSION_OFF \
	-DPROV_FILTER_SOCKET_SENDMSG_OFF \
	-D__KERNEL__ \
	-D__ASM_SYSREG_H \
	-D__$(ARCH)__ \
	-D__TARGET_ARCH_x86 \
	-Wno-unused-value -Wno-pointer-sign \
	-Wno-compare-distinct-pointer-types \
	-Wno-gnu-variable-sized-type-not-at-end \
	-Wno-address-of-packed-member -Wno-tautological-compare \
	-Wno-unknown-warning-option \
	-I../../include \
	-target bpf -g -c kern/udp_lookup_kern.c -o kern/udp_lookup_kern.o
	@ls -alh kern/udp_lookup_kern.o
	echo $(ARCH)
	mkdir -p include
	$(BPF_TOOL)	 gen skeleton --bpffs kern/udp_lookup_kern.o > include/udp_lookup.skel.h
	@ls -alh include/udp_lookup.skel.h

tcp_set_state_kern: $(BPF_TOOL) $(VMLINUXH)
	clang -O2 -Wall \
	-funroll-loops \
	-DPROV_FILTER_FILE_PERMISSION_OFF \
	-DPROV_FILTER_SOCKET_SENDMSG_OFF \
	-D__KERNEL__ \
	-D__ASM_SYSREG_H \
	-D__$(ARCH)__ \
	-D__TARGET_ARCH_x86 \
	-Wno-unused-value -Wno-pointer-sign \
	-Wno-compare-distinct-pointer-types \
	-Wno-gnu-variable-sized-type-not-at-end \
	-Wno-address-of-packed-member -Wno-tautological-compare \
	-Wno-unknown-warning-option \
	-I../../include \
	-target bpf -g -c kern/tcp_set_state_kern.c -o kern/tcp_set_state_kern.o
	@ls -alh kern/tcp_set_state_kern.o
	echo $(ARCH)
	mkdir -p include
	$(BPF_TOOL) gen skeleton --bpffs kern/tcp_set_state_kern.o > include/tcp_set_state.skel.h
	@ls -alh include/tcp_set_state.skel.h

proc_kern: $(BPF_TOOL) $(VMLINUXH)
	clang -O2 -Wall \
	-funroll-loops \
	-DPROV_FILTER_FILE_PERMISSION_OFF \
	-DPROV_FILTER_SOCKET_SENDMSG_OFF \
	-D__KERNEL__ \
	-D__ASM_SYSREG_H \
	-D__$(ARCH)__ \
	-D__TARGET_ARCH_x86 \
	-Wno-unused-value -Wno-pointer-sign \
	-Wno-compare-distinct-pointer-types \
	-Wno-gnu-variable-sized-type-not-at-end \
	-Wno-address-of-packed-member -Wno-tautological-compare \
	-Wno-unknown-warning-option \
	-I../../include \
	-target bpf -g -c kern/proc_kern.c -o kern/proc_kern.o
	@ls -alh kern/proc_kern.o
	echo $(ARCH)
	mkdir -p include
	$(BPF_TOOL) gen skeleton --bpffs kern/proc_kern.o > include/proc.skel.h
	@ls -alh include/proc.skel.h

bind9_kern: $(BPF_TOOL) $(VMLINUXH)
	clang -O2 -Wall \
	-funroll-loops \
	-DPROV_FILTER_FILE_PERMISSION_OFF \
	-DPROV_FILTER_SOCKET_SENDMSG_OFF \
	-D__KERNEL__ \
	-D__ASM_SYSREG_H \
	-D__$(ARCH)__ \
	-D__TARGET_ARCH_x86 \
	-Wno-unused-value -Wno-pointer-sign \
	-Wno-compare-distinct-pointer-types \
	-Wno-gnu-variable-sized-type-not-at-end \
	-Wno-address-of-packed-member -Wno-tautological-compare \
	-Wno-unknown-warning-option \
	-I../../include \
	-target bpf -g -c kern/bind9_kern.c -o kern/bind9_kern.o
	@ls -alh kern/bind9_kern.o
	echo $(ARCH)
	mkdir -p include
	$(BPF_TOOL) gen skeleton --bpffs kern/bind9_kern.o > include/bind9.skel.h
	@ls -alh include/bind9.skel.h

%: %.so
	clang -O2 -Wall \
	-DPROV_FILTER_FILE_PERMISSION_OFF \
	-DPROV_FILTER_SOCKET_SENDMSG_OFF \
	-D__KERNEL__ \
	-D__ASM_SYSREG_H \
	-D__$(ARCH)__ \
	-Wno-unused-value -Wno-pointer-sign \
	-Wno-compare-distinct-pointer-types \
	-Wno-gnu-variable-sized-type-not-at-end \
	-Wno-address-of-packed-member -Wno-tautological-compare \
	-Wno-unknown-warning-option \
	-ldl -g usr/$@_load.c -o usr/ctforge_$@

%.so: usr/%_user.c
	clang -shared -fPIC -g -o usr/ctforge_$@ $^ $(LIBBPFA) -lelf -lz -lpthread -I../../include -I/include
	../../ctforged/ctforge-signer -z -s -k $(PRIVATE_KEY) -i usr/ctforge_$@

clean:
	rm -f usr/*.o
	rm -f kern/*.o
	rm -f include/*.h
	rm -f usr/ctforge_bind9 usr/ctforge_bpf_call usr/ctforge_dns_lookup usr/ctforge_java_exec usr/ctforge_sec_socket_connect usr/ctforge_tcp_set_state usr/ctforge_udp_lookup
