sandbox_linux.gypi revision 0f1bc08d4cfcc34181b0b5cbf065c40f687bf740
1# Copyright (c) 2012 The Chromium Authors. All rights reserved. 2# Use of this source code is governed by a BSD-style license that can be 3# found in the LICENSE file. 4 5{ 6 'variables': { 7 'conditions': [ 8 ['OS=="linux"', { 9 'compile_suid_client': 1, 10 'compile_credentials': 1, 11 }, { 12 'compile_suid_client': 0, 13 'compile_credentials': 0, 14 }], 15 ['((OS=="linux" or OS=="android") and ' 16 '(target_arch=="ia32" or target_arch=="x64" or ' 17 'target_arch=="arm"))', { 18 'compile_seccomp_bpf': 1, 19 }, { 20 'compile_seccomp_bpf': 0, 21 }], 22 ], 23 }, 24 'target_defaults': { 25 'target_conditions': [ 26 # All linux/ files will automatically be excluded on Android 27 # so make sure we re-include them explicitly. 28 ['OS == "android"', { 29 'sources/': [ 30 ['include', '^linux/'], 31 ], 32 }], 33 ], 34 }, 35 'targets': [ 36 # We have two principal targets: sandbox and sandbox_linux_unittests 37 # All other targets are listed as dependencies. 38 # FIXME(jln): for historial reasons, sandbox_linux is the setuid sandbox 39 # and is its own target. 40 { 41 'target_name': 'sandbox', 42 'type': 'none', 43 'dependencies': [ 44 'sandbox_services', 45 ], 46 'conditions': [ 47 [ 'compile_suid_client==1', { 48 'dependencies': [ 49 'suid_sandbox_client', 50 ], 51 }], 52 # Compile seccomp BPF when we support it. 53 [ 'compile_seccomp_bpf==1', { 54 'dependencies': [ 55 'seccomp_bpf', 56 ], 57 }], 58 ], 59 }, 60 { 61 # The main sandboxing test target. 62 'target_name': 'sandbox_linux_unittests', 63 'includes': [ 64 'sandbox_linux_test_sources.gypi', 65 ], 66 'type': 'executable', 67 }, 68 { 69 # This target is the shared library used by Android APK (i.e. 70 # JNI-friendly) tests. 71 'target_name': 'sandbox_linux_jni_unittests', 72 'includes': [ 73 'sandbox_linux_test_sources.gypi', 74 ], 75 'type': 'shared_library', 76 'conditions': [ 77 [ 'OS == "android" and gtest_target_type == "shared_library"', { 78 'dependencies': [ 79 '../testing/android/native_test.gyp:native_test_native_code', 80 ], 81 'ldflags!': [ 82 # Remove warnings about text relocations, to prevent build 83 # failure. 84 '-Wl,--warn-shared-textrel' 85 ], 86 }], 87 ], 88 }, 89 { 90 'target_name': 'seccomp_bpf', 91 'type': 'static_library', 92 'sources': [ 93 'seccomp-bpf/basicblock.cc', 94 'seccomp-bpf/basicblock.h', 95 'seccomp-bpf/codegen.cc', 96 'seccomp-bpf/codegen.h', 97 'seccomp-bpf/die.cc', 98 'seccomp-bpf/die.h', 99 'seccomp-bpf/errorcode.cc', 100 'seccomp-bpf/errorcode.h', 101 'seccomp-bpf/instruction.h', 102 'seccomp-bpf/linux_seccomp.h', 103 'seccomp-bpf/port.h', 104 'seccomp-bpf/sandbox_bpf.cc', 105 'seccomp-bpf/sandbox_bpf.h', 106 'seccomp-bpf/sandbox_bpf_policy_forward.h', 107 'seccomp-bpf/syscall.cc', 108 'seccomp-bpf/syscall.h', 109 'seccomp-bpf/syscall_iterator.cc', 110 'seccomp-bpf/syscall_iterator.h', 111 'seccomp-bpf/trap.cc', 112 'seccomp-bpf/trap.h', 113 'seccomp-bpf/verifier.cc', 114 'seccomp-bpf/verifier.h', 115 ], 116 'dependencies': [ 117 '../base/base.gyp:base', 118 'sandbox_services_headers', 119 ], 120 'include_dirs': [ 121 '../..', 122 ], 123 }, 124 { 125 # The setuid sandbox, for Linux 126 'target_name': 'chrome_sandbox', 127 'type': 'executable', 128 'sources': [ 129 'suid/common/sandbox.h', 130 'suid/common/suid_unsafe_environment_variables.h', 131 'suid/linux_util.c', 132 'suid/linux_util.h', 133 'suid/process_util.h', 134 'suid/process_util_linux.c', 135 'suid/sandbox.c', 136 ], 137 'cflags': [ 138 # For ULLONG_MAX 139 '-std=gnu99', 140 ], 141 'include_dirs': [ 142 '../..', 143 ], 144 }, 145 { 'target_name': 'sandbox_services', 146 'type': 'static_library', 147 'sources': [ 148 'services/broker_process.cc', 149 'services/broker_process.h', 150 ], 151 'dependencies': [ 152 '../base/base.gyp:base', 153 ], 154 'conditions': [ 155 ['compile_credentials==1', { 156 'sources': [ 157 'services/credentials.cc', 158 'services/credentials.h', 159 ], 160 'dependencies': [ 161 # for capabilities.cc. 162 '../build/linux/system.gyp:libcap', 163 ], 164 }], 165 ], 166 'include_dirs': [ 167 '..', 168 ], 169 }, 170 { 'target_name': 'sandbox_services_headers', 171 'type': 'none', 172 'sources': [ 173 'services/android_arm_ucontext.h', 174 'services/android_ucontext.h', 175 'services/android_i386_ucontext.h', 176 'services/arm_linux_syscalls.h', 177 'services/linux_syscalls.h', 178 'services/x86_32_linux_syscalls.h', 179 'services/x86_64_linux_syscalls.h', 180 ], 181 'include_dirs': [ 182 '..', 183 ], 184 }, 185 { 186 # We make this its own target so that it does not interfere 187 # with our tests. 188 'target_name': 'libc_urandom_override', 189 'type': 'static_library', 190 'sources': [ 191 'services/libc_urandom_override.cc', 192 'services/libc_urandom_override.h', 193 ], 194 'dependencies': [ 195 '../base/base.gyp:base', 196 ], 197 'include_dirs': [ 198 '..', 199 ], 200 }, 201 { 202 'target_name': 'suid_sandbox_client', 203 'type': 'static_library', 204 'sources': [ 205 'suid/common/sandbox.h', 206 'suid/common/suid_unsafe_environment_variables.h', 207 'suid/client/setuid_sandbox_client.cc', 208 'suid/client/setuid_sandbox_client.h', 209 ], 210 'dependencies': [ 211 '../base/base.gyp:base', 212 ], 213 'include_dirs': [ 214 '..', 215 ], 216 }, 217 ], 218 'conditions': [ 219 # Strategy copied from base_unittests_apk in base/base.gyp. 220 [ 'OS=="android" and gtest_target_type == "shared_library"', { 221 'targets': [ 222 { 223 'target_name': 'sandbox_linux_jni_unittests_apk', 224 'type': 'none', 225 'variables': { 226 'test_suite_name': 'sandbox_linux_jni_unittests', 227 'input_shlib_path': 228 '<(SHARED_LIB_DIR)/<(SHARED_LIB_PREFIX)' 229 'sandbox_linux_jni_unittests' 230 '<(SHARED_LIB_SUFFIX)', 231 }, 232 'dependencies': [ 233 'sandbox_linux_jni_unittests', 234 ], 235 'includes': [ '../../build/apk_test.gypi' ], 236 } 237 ], 238 }], 239 ], 240} 241