OLD | NEW |
1 # Copyright 2014 The Chromium Authors. All rights reserved. | 1 # Copyright 2014 The Chromium Authors. All rights reserved. |
2 # Use of this source code is governed by a BSD-style license that can be | 2 # Use of this source code is governed by a BSD-style license that can be |
3 # found in the LICENSE file. | 3 # found in the LICENSE file. |
4 | 4 |
5 import("//build/config/features.gni") | 5 import("//build/config/features.gni") |
6 | 6 |
7 declare_args() { | 7 declare_args() { |
8 compile_suid_client = is_linux | 8 compile_suid_client = is_linux |
9 | 9 |
10 compile_credentials = is_linux | 10 compile_credentials = is_linux |
11 | 11 |
12 compile_seccomp_bpf_demo = | 12 compile_seccomp_bpf_demo = |
13 (is_linux && (cpu_arch == "x86" || cpu_arch == "x64")) | 13 is_linux && (cpu_arch == "x86" || cpu_arch == "x64") |
14 } | 14 } |
15 | 15 |
16 # We have two principal targets: sandbox and sandbox_linux_unittests | 16 # We have two principal targets: sandbox and sandbox_linux_unittests |
17 # All other targets are listed as dependencies. | 17 # All other targets are listed as dependencies. |
18 # There is one notable exception: for historical reasons, chrome_sandbox is | 18 # There is one notable exception: for historical reasons, chrome_sandbox is |
19 # the setuid sandbox and is its own target. | 19 # the setuid sandbox and is its own target. |
20 | 20 |
21 group("sandbox") { | 21 group("sandbox") { |
22 deps = [ | 22 deps = [ |
23 ":sandbox_services", | 23 ":sandbox_services", |
(...skipping 27 matching lines...) Expand all Loading... |
51 "//testing/gtest", | 51 "//testing/gtest", |
52 ] | 52 ] |
53 | 53 |
54 if (use_seccomp_bpf) { | 54 if (use_seccomp_bpf) { |
55 sources += [ | 55 sources += [ |
56 "seccomp-bpf/bpf_tester_compatibility_delegate.h", | 56 "seccomp-bpf/bpf_tester_compatibility_delegate.h", |
57 "seccomp-bpf/bpf_tests.h", | 57 "seccomp-bpf/bpf_tests.h", |
58 "seccomp-bpf/sandbox_bpf_test_runner.cc", | 58 "seccomp-bpf/sandbox_bpf_test_runner.cc", |
59 "seccomp-bpf/sandbox_bpf_test_runner.h", | 59 "seccomp-bpf/sandbox_bpf_test_runner.h", |
60 ] | 60 ] |
61 deps += [ | 61 deps += [ ":seccomp_bpf" ] |
62 ":seccomp_bpf", | |
63 ] | |
64 } | 62 } |
65 } | 63 } |
66 | 64 |
67 # The main sandboxing test target. | 65 # The main sandboxing test target. |
68 test("sandbox_linux_unittests") { | 66 test("sandbox_linux_unittests") { |
69 sources = [ | 67 sources = [ |
70 "services/scoped_process_unittest.cc", | 68 "services/scoped_process_unittest.cc", |
71 "services/syscall_wrappers_unittest.cc", | 69 "services/syscall_wrappers_unittest.cc", |
72 "services/thread_helpers_unittests.cc", | 70 "services/thread_helpers_unittests.cc", |
73 "services/yama_unittests.cc", | 71 "services/yama_unittests.cc", |
(...skipping 14 matching lines...) Expand all Loading... |
88 "//base/test:test_support", | 86 "//base/test:test_support", |
89 "//testing/gtest", | 87 "//testing/gtest", |
90 ] | 88 ] |
91 | 89 |
92 if (is_linux) { | 90 if (is_linux) { |
93 # Don't use this on Android. | 91 # Don't use this on Android. |
94 libs = [ "rt" ] | 92 libs = [ "rt" ] |
95 } | 93 } |
96 | 94 |
97 if (compile_suid_client) { | 95 if (compile_suid_client) { |
98 sources += [ | 96 sources += [ "suid/client/setuid_sandbox_client_unittest.cc" ] |
99 "suid/client/setuid_sandbox_client_unittest.cc", | |
100 ] | |
101 } | 97 } |
102 if (use_seccomp_bpf) { | 98 if (use_seccomp_bpf) { |
103 sources += [ | 99 sources += [ |
104 "bpf_dsl/bpf_dsl_more_unittest.cc", | 100 "bpf_dsl/bpf_dsl_more_unittest.cc", |
105 "bpf_dsl/bpf_dsl_unittest.cc", | 101 "bpf_dsl/bpf_dsl_unittest.cc", |
106 "bpf_dsl/cons_unittest.cc", | 102 "bpf_dsl/cons_unittest.cc", |
107 "seccomp-bpf-helpers/baseline_policy_unittest.cc", | 103 "seccomp-bpf-helpers/baseline_policy_unittest.cc", |
108 "seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc", | 104 "seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc", |
109 "seccomp-bpf/bpf_tests_unittest.cc", | 105 "seccomp-bpf/bpf_tests_unittest.cc", |
110 "seccomp-bpf/codegen_unittest.cc", | 106 "seccomp-bpf/codegen_unittest.cc", |
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
195 ] | 191 ] |
196 defines = [ "SANDBOX_IMPLEMENTATION" ] | 192 defines = [ "SANDBOX_IMPLEMENTATION" ] |
197 | 193 |
198 deps = [ | 194 deps = [ |
199 "//base", | 195 "//base", |
200 ":seccomp_bpf", | 196 ":seccomp_bpf", |
201 ] | 197 ] |
202 } | 198 } |
203 | 199 |
204 if (is_linux) { | 200 if (is_linux) { |
205 # The setuid sandbox for Linux. | 201 # The setuid sandbox for Linux. |
206 executable("chrome_sandbox") { | 202 executable("chrome_sandbox") { |
207 sources = [ | 203 sources = [ |
208 "suid/common/sandbox.h", | 204 "suid/common/sandbox.h", |
209 "suid/common/suid_unsafe_environment_variables.h", | 205 "suid/common/suid_unsafe_environment_variables.h", |
210 "suid/process_util.h", | 206 "suid/process_util.h", |
211 "suid/process_util_linux.c", | 207 "suid/process_util_linux.c", |
212 "suid/sandbox.c", | 208 "suid/sandbox.c", |
213 ] | 209 ] |
214 | 210 |
215 cflags = [ | 211 cflags = [ |
216 # For ULLONG_MAX | 212 # For ULLONG_MAX |
217 "-std=gnu99", | 213 "-std=gnu99", |
| 214 |
218 # These files have a suspicious comparison. | 215 # These files have a suspicious comparison. |
219 # TODO fix this and re-enable this warning. | 216 # TODO fix this and re-enable this warning. |
220 "-Wno-sign-compare", | 217 "-Wno-sign-compare", |
221 ] | 218 ] |
222 } | 219 } |
223 } | 220 } |
224 | 221 |
225 component("sandbox_services") { | 222 component("sandbox_services") { |
226 sources = [ | 223 sources = [ |
227 "services/init_process_reaper.cc", | 224 "services/init_process_reaper.cc", |
(...skipping 23 matching lines...) Expand all Loading... |
251 | 248 |
252 defines = [ "SANDBOX_IMPLEMENTATION" ] | 249 defines = [ "SANDBOX_IMPLEMENTATION" ] |
253 | 250 |
254 if (compile_credentials) { | 251 if (compile_credentials) { |
255 sources += [ | 252 sources += [ |
256 "services/credentials.cc", | 253 "services/credentials.cc", |
257 "services/credentials.h", | 254 "services/credentials.h", |
258 "services/proc_util.cc", | 255 "services/proc_util.cc", |
259 "services/proc_util.h", | 256 "services/proc_util.h", |
260 ] | 257 ] |
| 258 |
261 # For capabilities.cc. | 259 # For capabilities.cc. |
262 configs += [ "//build/config/linux:libcap" ] | 260 configs += [ "//build/config/linux:libcap" ] |
263 } | 261 } |
264 | 262 |
265 deps = [ | 263 deps = [ |
266 "//base", | 264 "//base", |
267 ] | 265 ] |
268 } | 266 } |
269 | 267 |
270 source_set("sandbox_services_headers") { | 268 source_set("sandbox_services_headers") { |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
322 # | 320 # |
323 # args = [ | 321 # args = [ |
324 # rebase_path(in_file, root_build_dir), | 322 # rebase_path(in_file, root_build_dir), |
325 # "-o", rebase_path(out_file, root_build_dir), | 323 # "-o", rebase_path(out_file, root_build_dir), |
326 # ] | 324 # ] |
327 # | 325 # |
328 # deps = [ | 326 # deps = [ |
329 # ":sandbox_linux_unittests", | 327 # ":sandbox_linux_unittests", |
330 # ] | 328 # ] |
331 #} | 329 #} |
332 | |
333 # TODO(GYP) convert this. | 330 # TODO(GYP) convert this. |
334 # { | 331 # { |
335 # 'target_name': 'sandbox_linux_jni_unittests_apk', | 332 # 'target_name': 'sandbox_linux_jni_unittests_apk', |
336 # 'type': 'none', | 333 # 'type': 'none', |
337 # 'variables': { | 334 # 'variables': { |
338 # 'test_suite_name': 'sandbox_linux_jni_unittests', | 335 # 'test_suite_name': 'sandbox_linux_jni_unittests', |
339 # }, | 336 # }, |
340 # 'dependencies': [ | 337 # 'dependencies': [ |
341 # 'sandbox_linux_jni_unittests', | 338 # 'sandbox_linux_jni_unittests', |
342 # ], | 339 # ], |
343 # 'includes': [ '../../build/apk_test.gypi' ], | 340 # 'includes': [ '../../build/apk_test.gypi' ], |
344 # } | 341 # } |
345 } | 342 } |
OLD | NEW |