| OLD | NEW |
|---|
| 1 # Copyright 2014 The Chromium Authors. All rights reserved. | 1 # Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 # Use of this source code is governed by a BSD-style license that can be | 2 # Use of this source code is governed by a BSD-style license that can be |
| 3 # found in the LICENSE file. | 3 # found in the LICENSE file. |
| 4 | 4 |
| 5 import("//build/config/features.gni") | 5 import("//build/config/features.gni") |
| 6 import("//testing/test.gni") | 6 import("//testing/test.gni") |
| 7 | 7 |
| 8 declare_args() { | 8 declare_args() { |
| 9 compile_suid_client = is_linux | 9 compile_suid_client = is_linux |
| 10 | 10 |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 59 "seccomp-bpf/sandbox_bpf_test_runner.cc", | 59 "seccomp-bpf/sandbox_bpf_test_runner.cc", |
| 60 "seccomp-bpf/sandbox_bpf_test_runner.h", | 60 "seccomp-bpf/sandbox_bpf_test_runner.h", |
| 61 ] | 61 ] |
| 62 deps += [ ":seccomp_bpf" ] | 62 deps += [ ":seccomp_bpf" ] |
| 63 } | 63 } |
| 64 } | 64 } |
| 65 | 65 |
| 66 # The main sandboxing test target. | 66 # The main sandboxing test target. |
| 67 test("sandbox_linux_unittests") { | 67 test("sandbox_linux_unittests") { |
| 68 sources = [ | 68 sources = [ |
| 69 "services/proc_util_unittest.cc", |
| 70 "services/resource_limits_unittests.cc", |
| 69 "services/scoped_process_unittest.cc", | 71 "services/scoped_process_unittest.cc", |
| 70 "services/syscall_wrappers_unittest.cc", | 72 "services/syscall_wrappers_unittest.cc", |
| 71 "services/thread_helpers_unittests.cc", | 73 "services/thread_helpers_unittests.cc", |
| 72 "services/yama_unittests.cc", | 74 "services/yama_unittests.cc", |
| 73 "syscall_broker/broker_file_permission_unittest.cc", | 75 "syscall_broker/broker_file_permission_unittest.cc", |
| 74 "syscall_broker/broker_process_unittest.cc", | 76 "syscall_broker/broker_process_unittest.cc", |
| 75 "tests/main.cc", | 77 "tests/main.cc", |
| 76 "tests/scoped_temporary_file.cc", | 78 "tests/scoped_temporary_file.cc", |
| 77 "tests/scoped_temporary_file.h", | 79 "tests/scoped_temporary_file.h", |
| 78 "tests/scoped_temporary_file_unittest.cc", | 80 "tests/scoped_temporary_file_unittest.cc", |
| (...skipping 15 matching lines...) Expand all Loading... |
| 94 } | 96 } |
| 95 | 97 |
| 96 if (compile_suid_client) { | 98 if (compile_suid_client) { |
| 97 sources += [ | 99 sources += [ |
| 98 "suid/client/setuid_sandbox_client_unittest.cc", | 100 "suid/client/setuid_sandbox_client_unittest.cc", |
| 99 "suid/client/setuid_sandbox_host_unittest.cc", | 101 "suid/client/setuid_sandbox_host_unittest.cc", |
| 100 ] | 102 ] |
| 101 } | 103 } |
| 102 if (use_seccomp_bpf) { | 104 if (use_seccomp_bpf) { |
| 103 sources += [ | 105 sources += [ |
| 104 "bpf_dsl/bpf_dsl_more_unittest.cc", | |
| 105 "bpf_dsl/bpf_dsl_unittest.cc", | 106 "bpf_dsl/bpf_dsl_unittest.cc", |
| 106 "bpf_dsl/codegen_unittest.cc", | 107 "bpf_dsl/codegen_unittest.cc", |
| 107 "bpf_dsl/cons_unittest.cc", | 108 "bpf_dsl/cons_unittest.cc", |
| 108 "bpf_dsl/syscall_set_unittest.cc", | 109 "bpf_dsl/syscall_set_unittest.cc", |
| 110 "integration_tests/bpf_dsl_seccomp_unittest.cc", |
| 111 "integration_tests/seccomp_broker_process_unittest.cc", |
| 109 "seccomp-bpf-helpers/baseline_policy_unittest.cc", | 112 "seccomp-bpf-helpers/baseline_policy_unittest.cc", |
| 110 "seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc", | 113 "seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc", |
| 111 "seccomp-bpf/bpf_tests_unittest.cc", | 114 "seccomp-bpf/bpf_tests_unittest.cc", |
| 112 "seccomp-bpf/errorcode_unittest.cc", | 115 "seccomp-bpf/errorcode_unittest.cc", |
| 113 "seccomp-bpf/sandbox_bpf_unittest.cc", | 116 "seccomp-bpf/sandbox_bpf_unittest.cc", |
| 114 "seccomp-bpf/syscall_unittest.cc", | 117 "seccomp-bpf/syscall_unittest.cc", |
| 115 ] | 118 ] |
| 116 } | 119 } |
| 117 if (compile_credentials) { | 120 if (compile_credentials) { |
| 118 sources += [ | 121 sources += [ |
| 122 "integration_tests/namespace_unix_domain_socket_unittest.cc", |
| 119 "services/credentials_unittest.cc", | 123 "services/credentials_unittest.cc", |
| 120 "services/namespace_sandbox_unittest.cc", | 124 "services/namespace_sandbox_unittest.cc", |
| 121 "services/namespace_utils_unittest.cc", | 125 "services/namespace_utils_unittest.cc", |
| 122 "services/proc_util_unittest.cc", | |
| 123 "services/unix_domain_socket_unittest.cc", | |
| 124 ] | 126 ] |
| 125 } | 127 } |
| 126 } | 128 } |
| 127 | 129 |
| 128 # TODO(GYP) Android version of this test. | 130 # TODO(GYP) Android version of this test. |
| 129 # { | 131 # { |
| 130 # # This target is the shared library used by Android APK (i.e. | 132 # # This target is the shared library used by Android APK (i.e. |
| 131 # # JNI-friendly) tests. | 133 # # JNI-friendly) tests. |
| 132 # "target_name": "sandbox_linux_jni_unittests", | 134 # "target_name": "sandbox_linux_jni_unittests", |
| 133 # "includes": [ | 135 # "includes": [ |
| (...skipping 13 matching lines...) Expand all Loading... |
| 147 sources = [ | 149 sources = [ |
| 148 "bpf_dsl/bpf_dsl.cc", | 150 "bpf_dsl/bpf_dsl.cc", |
| 149 "bpf_dsl/bpf_dsl.h", | 151 "bpf_dsl/bpf_dsl.h", |
| 150 "bpf_dsl/bpf_dsl_forward.h", | 152 "bpf_dsl/bpf_dsl_forward.h", |
| 151 "bpf_dsl/bpf_dsl_impl.h", | 153 "bpf_dsl/bpf_dsl_impl.h", |
| 152 "bpf_dsl/codegen.cc", | 154 "bpf_dsl/codegen.cc", |
| 153 "bpf_dsl/codegen.h", | 155 "bpf_dsl/codegen.h", |
| 154 "bpf_dsl/cons.h", | 156 "bpf_dsl/cons.h", |
| 155 "bpf_dsl/dump_bpf.cc", | 157 "bpf_dsl/dump_bpf.cc", |
| 156 "bpf_dsl/dump_bpf.h", | 158 "bpf_dsl/dump_bpf.h", |
| 159 "bpf_dsl/linux_syscall_ranges.h", |
| 157 "bpf_dsl/policy.cc", | 160 "bpf_dsl/policy.cc", |
| 158 "bpf_dsl/policy.h", | 161 "bpf_dsl/policy.h", |
| 159 "bpf_dsl/policy_compiler.cc", | 162 "bpf_dsl/policy_compiler.cc", |
| 160 "bpf_dsl/policy_compiler.h", | 163 "bpf_dsl/policy_compiler.h", |
| 164 "bpf_dsl/seccomp_macros.h", |
| 161 "bpf_dsl/syscall_set.cc", | 165 "bpf_dsl/syscall_set.cc", |
| 162 "bpf_dsl/syscall_set.h", | 166 "bpf_dsl/syscall_set.h", |
| 163 "bpf_dsl/trap_registry.h", | 167 "bpf_dsl/trap_registry.h", |
| 164 "seccomp-bpf/die.cc", | 168 "seccomp-bpf/die.cc", |
| 165 "seccomp-bpf/die.h", | 169 "seccomp-bpf/die.h", |
| 166 "seccomp-bpf/errorcode.cc", | 170 "seccomp-bpf/errorcode.cc", |
| 167 "seccomp-bpf/errorcode.h", | 171 "seccomp-bpf/errorcode.h", |
| 168 "seccomp-bpf/linux_seccomp.h", | |
| 169 "seccomp-bpf/sandbox_bpf.cc", | 172 "seccomp-bpf/sandbox_bpf.cc", |
| 170 "seccomp-bpf/sandbox_bpf.h", | 173 "seccomp-bpf/sandbox_bpf.h", |
| 171 "seccomp-bpf/syscall.cc", | 174 "seccomp-bpf/syscall.cc", |
| 172 "seccomp-bpf/syscall.h", | 175 "seccomp-bpf/syscall.h", |
| 173 "seccomp-bpf/trap.cc", | 176 "seccomp-bpf/trap.cc", |
| 174 "seccomp-bpf/trap.h", | 177 "seccomp-bpf/trap.h", |
| 175 "seccomp-bpf/verifier.cc", | 178 "seccomp-bpf/verifier.cc", |
| 176 "seccomp-bpf/verifier.h", | 179 "seccomp-bpf/verifier.h", |
| 177 ] | 180 ] |
| 178 defines = [ "SANDBOX_IMPLEMENTATION" ] | 181 defines = [ "SANDBOX_IMPLEMENTATION" ] |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 223 # TODO fix this and re-enable this warning. | 226 # TODO fix this and re-enable this warning. |
| 224 "-Wno-sign-compare", | 227 "-Wno-sign-compare", |
| 225 ] | 228 ] |
| 226 } | 229 } |
| 227 } | 230 } |
| 228 | 231 |
| 229 component("sandbox_services") { | 232 component("sandbox_services") { |
| 230 sources = [ | 233 sources = [ |
| 231 "services/init_process_reaper.cc", | 234 "services/init_process_reaper.cc", |
| 232 "services/init_process_reaper.h", | 235 "services/init_process_reaper.h", |
| 236 "services/proc_util.cc", |
| 237 "services/proc_util.h", |
| 238 "services/resource_limits.cc", |
| 239 "services/resource_limits.h", |
| 233 "services/scoped_process.cc", | 240 "services/scoped_process.cc", |
| 234 "services/scoped_process.h", | 241 "services/scoped_process.h", |
| 235 "services/syscall_wrappers.cc", | 242 "services/syscall_wrappers.cc", |
| 236 "services/syscall_wrappers.h", | 243 "services/syscall_wrappers.h", |
| 237 "services/thread_helpers.cc", | 244 "services/thread_helpers.cc", |
| 238 "services/thread_helpers.h", | 245 "services/thread_helpers.h", |
| 246 "services/yama.cc", |
| 239 "services/yama.h", | 247 "services/yama.h", |
| 240 "services/yama.cc", | |
| 241 "syscall_broker/broker_channel.cc", | 248 "syscall_broker/broker_channel.cc", |
| 242 "syscall_broker/broker_channel.h", | 249 "syscall_broker/broker_channel.h", |
| 243 "syscall_broker/broker_client.cc", | 250 "syscall_broker/broker_client.cc", |
| 244 "syscall_broker/broker_client.h", | 251 "syscall_broker/broker_client.h", |
| 245 "syscall_broker/broker_common.h", | 252 "syscall_broker/broker_common.h", |
| 246 "syscall_broker/broker_file_permission.cc", | 253 "syscall_broker/broker_file_permission.cc", |
| 247 "syscall_broker/broker_file_permission.h", | 254 "syscall_broker/broker_file_permission.h", |
| 248 "syscall_broker/broker_host.cc", | 255 "syscall_broker/broker_host.cc", |
| 249 "syscall_broker/broker_host.h", | 256 "syscall_broker/broker_host.h", |
| 250 "syscall_broker/broker_policy.cc", | 257 "syscall_broker/broker_policy.cc", |
| 251 "syscall_broker/broker_policy.h", | 258 "syscall_broker/broker_policy.h", |
| 252 "syscall_broker/broker_process.cc", | 259 "syscall_broker/broker_process.cc", |
| 253 "syscall_broker/broker_process.h", | 260 "syscall_broker/broker_process.h", |
| 254 ] | 261 ] |
| 255 | 262 |
| 256 defines = [ "SANDBOX_IMPLEMENTATION" ] | 263 defines = [ "SANDBOX_IMPLEMENTATION" ] |
| 257 | 264 |
| 258 if (compile_credentials) { | 265 if (compile_credentials) { |
| 259 sources += [ | 266 sources += [ |
| 260 "services/credentials.cc", | 267 "services/credentials.cc", |
| 261 "services/credentials.h", | 268 "services/credentials.h", |
| 262 "services/namespace_sandbox.cc", | 269 "services/namespace_sandbox.cc", |
| 263 "services/namespace_sandbox.h", | 270 "services/namespace_sandbox.h", |
| 264 "services/namespace_utils.cc", | 271 "services/namespace_utils.cc", |
| 265 "services/namespace_utils.h", | 272 "services/namespace_utils.h", |
| 266 "services/proc_util.cc", | |
| 267 "services/proc_util.h", | |
| 268 ] | 273 ] |
| 269 | 274 |
| 270 # For capabilities.cc. | 275 # For capabilities.cc. |
| 271 configs += [ "//build/config/linux:libcap" ] | 276 configs += [ "//build/config/linux:libcap" ] |
| 272 } | 277 } |
| 273 | 278 |
| 274 deps = [ | 279 deps = [ |
| 275 "//base", | 280 "//base", |
| 276 ] | 281 ] |
| 277 } | 282 } |
| 278 | 283 |
| 279 source_set("sandbox_services_headers") { | 284 source_set("sandbox_services_headers") { |
| 280 sources = [ | 285 sources = [ |
| 281 "services/android_arm_ucontext.h", | 286 "system_headers/android_arm64_ucontext.h", |
| 282 "services/android_arm64_ucontext.h", | 287 "system_headers/android_arm_ucontext.h", |
| 283 "services/android_futex.h", | 288 "system_headers/android_futex.h", |
| 284 "services/android_ucontext.h", | 289 "system_headers/android_i386_ucontext.h", |
| 285 "services/android_i386_ucontext.h", | 290 "system_headers/android_ucontext.h", |
| 286 "services/arm_linux_syscalls.h", | 291 "system_headers/arm64_linux_syscalls.h", |
| 287 "services/arm64_linux_syscalls.h", | 292 "system_headers/arm_linux_syscalls.h", |
| 288 "services/linux_syscalls.h", | 293 "system_headers/linux_seccomp.h", |
| 289 "services/x86_32_linux_syscalls.h", | 294 "system_headers/linux_syscalls.h", |
| 290 "services/x86_64_linux_syscalls.h", | 295 "system_headers/x86_32_linux_syscalls.h", |
| 296 "system_headers/x86_64_linux_syscalls.h", |
| 291 ] | 297 ] |
| 292 } | 298 } |
| 293 | 299 |
| 294 # We make this its own target so that it does not interfere with our tests. | 300 # We make this its own target so that it does not interfere with our tests. |
| 295 source_set("libc_urandom_override") { | 301 source_set("libc_urandom_override") { |
| 296 sources = [ | 302 sources = [ |
| 297 "services/libc_urandom_override.cc", | 303 "services/libc_urandom_override.cc", |
| 298 "services/libc_urandom_override.h", | 304 "services/libc_urandom_override.h", |
| 299 ] | 305 ] |
| 300 deps = [ | 306 deps = [ |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 346 # 'type': 'none', | 352 # 'type': 'none', |
| 347 # 'variables': { | 353 # 'variables': { |
| 348 # 'test_suite_name': 'sandbox_linux_jni_unittests', | 354 # 'test_suite_name': 'sandbox_linux_jni_unittests', |
| 349 # }, | 355 # }, |
| 350 # 'dependencies': [ | 356 # 'dependencies': [ |
| 351 # 'sandbox_linux_jni_unittests', | 357 # 'sandbox_linux_jni_unittests', |
| 352 # ], | 358 # ], |
| 353 # 'includes': [ '../../build/apk_test.gypi' ], | 359 # 'includes': [ '../../build/apk_test.gypi' ], |
| 354 # } | 360 # } |
| 355 } | 361 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 935333002:
Update from https://crrev.com/316786 (Closed)
Base URL: git@github.com:domokit/mojo.git@master