cosmopolitan/third_party/make/README.cosmo

DESCRIPTION

  Landlock Make is a fork of GNU Make that adds support for automatic
  sandboxing, resource limits, and network access restrictions.

ORIGIN

  GNU Make 4.4.1
  http://ftp.gnu.org/gnu/make/make-4.4.1.tar.gz

LICENSE

  GNU GPL version 3 or later
  http://gnu.org/licenses/gpl.html

LOCAL CHANGES

  - Introduce -T FILE, --time-log=FILE flag
  - Introduce $(uniq token...) native function
  - Remove code that forces slow path if not using /bin/sh

TODO

  - .PLEDGE variable which restricts system calls
  - .UNVEIL variable which controls Landlock LSM
  - .STRICT variable to disable implicit unveiling
  - .UNSANDBOXED variable to disable pledge / unveil
  - .CPU variable which tunes CPU rlimit in seconds
  - .MEMORY variable for virtual memory limit, e.g. 512m
  - .RSS variable for resident memory limit, e.g. 512m
  - .FSIZE variable which tunes max file size, e.g. 1g
  - .NPROC variable which tunes fork() / clone() limit
  - .NOFILE variable which tunes file descriptor limit
  - .MAXCORE variable to set upper limit on core dumps
Add .PLEDGE/.CPU/.MEMORY/etc. to Landlock Make 1.2 2022-08-15 03:16:44 +00:00			`DESCRIPTION`

			`Landlock Make is a fork of GNU Make that adds support for automatic`
			`sandboxing, resource limits, and network access restrictions.`

add make-4.3.tar.gz 2021-10-26 17:49:30 +00:00			`ORIGIN`

Import GNU Make 4.4.1 Landlock Make hasn't been working well on AARCH64 systems. Let's do this over the right way, using our new build tools. 2023-12-01 04:50:10 +00:00			`GNU Make 4.4.1`
			`http://ftp.gnu.org/gnu/make/make-4.4.1.tar.gz`
Add .PLEDGE/.CPU/.MEMORY/etc. to Landlock Make 1.2 2022-08-15 03:16:44 +00:00
			`LICENSE`

			`GNU GPL version 3 or later`
			`http://gnu.org/licenses/gpl.html`
Prove that Makefile is fully defined The whole repository is now buildable with GNU Make Landlock sandboxing. This proves that no Makefile targets exist which touch files other than their declared prerequisites. In order to do this, we had to: 1. Stop code morphing GCC output in package.com and instead run a newly introduced FIXUPOBJ.COM command after GCC invocations. 2. Disable all the crumby Python unit tests that do things like create files in the current directory, or rename() files between folders. This ended up being a lot of tests, but most of them are still ok. 3. Introduce an .UNSANDBOXED variable to GNU Make to disable Landlock. We currently only do this for things like `make tags`. 4. This change deletes some GNU Make code that was preventing the execve() optimization from working. This means it should no longer be necessary in most cases for command invocations to be indirected through the cocmd interpreter. 5. Missing dependencies had to be declared in certain places, in cases where they couldn't be automatically determined by MKDEPS.COM 6. The libcxx header situation has finally been tamed. One of the things that makes this difficult is MKDEPS.COM only wants to consider the first 64kb of a file, in order to go fast. But libcxx likes to have #include lines buried after huge documentation. 7. An .UNVEIL variable has been introduced to GNU Make just in case we ever wish to explicitly specify additional things that need to be whitelisted which aren't strictly prerequisites. This works in a manner similar to the recently introduced .EXTRA_PREREQS feature. There's now a new build/bootstrap/make.com prebuilt binary available. It should no longer be possible to write invalid Makefile code. 2022-08-06 10:51:50 +00:00
			`LOCAL CHANGES`

Introduce --timelog=FILE flag to GNU Make 2024-05-25 21:49:29 +00:00			`- Introduce -T FILE, --time-log=FILE flag`
Remove getopt_long() from headers We removed this API a long time ago and it was breaking the GNU make open source build. 2023-06-17 23:03:16 +00:00			`- Introduce $(uniq token...) native function`
Add $(uniq token...) native function to Make This reduces mono repo `make` latency from 336ms to 226ms. 2023-12-01 04:58:36 +00:00			`- Remove code that forces slow path if not using /bin/sh`

			`TODO`

Add .PLEDGE/.CPU/.MEMORY/etc. to Landlock Make 1.2 2022-08-15 03:16:44 +00:00			`- .PLEDGE variable which restricts system calls`
			`- .UNVEIL variable which controls Landlock LSM`
			`- .STRICT variable to disable implicit unveiling`
			`- .UNSANDBOXED variable to disable pledge / unveil`
			`- .CPU variable which tunes CPU rlimit in seconds`
			`- .MEMORY variable for virtual memory limit, e.g. 512m`
Make improvements - Polyfill pselect() on Windows - Add -O NOFILE flag to pledge.com - Polyfill ppoll() on NetBSD, XNU, and Windows - Support negative numbers and errno in sizetol() - Add .RSS, .NOFILE, and .MAXCORE to Landlock Make - Fix issue with .PLEDGE preventing touching of output files - Add __watch() function (like ftrace) for logging memory changes 2022-08-15 22:18:37 +00:00			`- .RSS variable for resident memory limit, e.g. 512m`
Add .PLEDGE/.CPU/.MEMORY/etc. to Landlock Make 1.2 2022-08-15 03:16:44 +00:00			`- .FSIZE variable which tunes max file size, e.g. 1g`
			`- .NPROC variable which tunes fork() / clone() limit`
Make improvements - Polyfill pselect() on Windows - Add -O NOFILE flag to pledge.com - Polyfill ppoll() on NetBSD, XNU, and Windows - Support negative numbers and errno in sizetol() - Add .RSS, .NOFILE, and .MAXCORE to Landlock Make - Fix issue with .PLEDGE preventing touching of output files - Add __watch() function (like ftrace) for logging memory changes 2022-08-15 22:18:37 +00:00			`- .NOFILE variable which tunes file descriptor limit`
			`- .MAXCORE variable to set upper limit on core dumps`