sandbox_linux.gypi revision 2a99a7e74a7f215066514fe81d2bfa6639d9eddd
1# Copyright (c) 2012 The Chromium Authors. All rights reserved. 2# Use of this source code is governed by a BSD-style license that can be 3# found in the LICENSE file. 4 5{ 6 'variables': { 7 'conditions': [ 8 ['OS=="linux"', { 9 'compile_suid_client': 1, 10 }, { 11 'compile_suid_client': 0, 12 }], 13 ['((OS=="linux" or OS=="android") and ' 14 '(target_arch=="ia32" or target_arch=="x64" or ' 15 'target_arch=="arm"))', { 16 'compile_seccomp_bpf': 1, 17 }, { 18 'compile_seccomp_bpf': 0, 19 }], 20 ], 21 }, 22 'target_defaults': { 23 'target_conditions': [ 24 # All linux/ files will automatically be excluded on Android 25 # so make sure we re-include them explicitly. 26 ['OS == "android"', { 27 'sources/': [ 28 ['include', '^linux/'], 29 ], 30 }], 31 ], 32 }, 33 'targets': [ 34 # We have two principal targets: sandbox and sandbox_linux_unittests 35 # All other targets are listed as dependencies. 36 # FIXME(jln): for historial reasons, sandbox_linux is the setuid sandbox 37 # and is its own target. 38 { 39 'target_name': 'sandbox', 40 'type': 'none', 41 'dependencies': [ 42 'sandbox_services', 43 ], 44 'conditions': [ 45 [ 'compile_suid_client==1', { 46 'dependencies': [ 47 'suid_sandbox_client', 48 ], 49 }], 50 # Only compile in the seccomp mode 1 code for the flag combination 51 # where we support it. 52 [ 'OS=="linux" and (target_arch=="ia32" or target_arch=="x64") ' 53 'and toolkit_views==0 and selinux==0', { 54 'dependencies': [ 55 'linux/seccomp-legacy/seccomp.gyp:seccomp_sandbox', 56 ], 57 }], 58 # Similarly, compile seccomp BPF when we support it 59 [ 'compile_seccomp_bpf==1', { 60 'dependencies': [ 61 'seccomp_bpf', 62 ], 63 }], 64 ], 65 }, 66 { 67 # The main sandboxing test target. 68 'target_name': 'sandbox_linux_unittests', 69 'includes': [ 70 'sandbox_linux_test_sources.gypi', 71 ], 72 'type': 'executable', 73 }, 74 { 75 # This target is the shared library used by Android APK (i.e. 76 # JNI-friendly) tests. 77 'target_name': 'sandbox_linux_jni_unittests', 78 'includes': [ 79 'sandbox_linux_test_sources.gypi', 80 ], 81 'type': 'shared_library', 82 'conditions': [ 83 [ 'OS == "android" and gtest_target_type == "shared_library"', { 84 'dependencies': [ 85 '../testing/android/native_test.gyp:native_test_native_code', 86 ], 87 }], 88 ], 89 }, 90 { 91 'target_name': 'seccomp_bpf', 92 'type': 'static_library', 93 'sources': [ 94 'seccomp-bpf/basicblock.cc', 95 'seccomp-bpf/basicblock.h', 96 'seccomp-bpf/codegen.cc', 97 'seccomp-bpf/codegen.h', 98 'seccomp-bpf/die.cc', 99 'seccomp-bpf/die.h', 100 'seccomp-bpf/errorcode.cc', 101 'seccomp-bpf/errorcode.h', 102 'seccomp-bpf/instruction.h', 103 'seccomp-bpf/linux_seccomp.h', 104 'seccomp-bpf/port.h', 105 'seccomp-bpf/sandbox_bpf.cc', 106 'seccomp-bpf/sandbox_bpf.h', 107 'seccomp-bpf/syscall.cc', 108 'seccomp-bpf/syscall.h', 109 'seccomp-bpf/syscall_iterator.cc', 110 'seccomp-bpf/syscall_iterator.h', 111 'seccomp-bpf/trap.cc', 112 'seccomp-bpf/trap.h', 113 'seccomp-bpf/verifier.cc', 114 'seccomp-bpf/verifier.h', 115 ], 116 'dependencies': [ 117 '../base/base.gyp:base', 118 'sandbox_services_headers', 119 ], 120 'include_dirs': [ 121 '../..', 122 ], 123 }, 124 { 125 # The setuid sandbox, for Linux 126 'target_name': 'chrome_sandbox', 127 'type': 'executable', 128 'sources': [ 129 'suid/common/sandbox.h', 130 'suid/common/suid_unsafe_environment_variables.h', 131 'suid/linux_util.c', 132 'suid/linux_util.h', 133 'suid/process_util.h', 134 'suid/process_util_linux.c', 135 'suid/sandbox.c', 136 ], 137 'cflags': [ 138 # For ULLONG_MAX 139 '-std=gnu99', 140 ], 141 'include_dirs': [ 142 '../..', 143 ], 144 }, 145 { 'target_name': 'sandbox_services', 146 'type': 'static_library', 147 'sources': [ 148 'services/broker_process.cc', 149 'services/broker_process.h', 150 ], 151 'dependencies': [ 152 '../base/base.gyp:base', 153 ], 154 'include_dirs': [ 155 '..', 156 ], 157 }, 158 { 'target_name': 'sandbox_services_headers', 159 'type': 'none', 160 'sources': [ 161 'services/android_arm_ucontext.h', 162 'services/android_ucontext.h', 163 'services/android_i386_ucontext.h', 164 'services/arm_linux_syscalls.h', 165 'services/linux_syscalls.h', 166 'services/x86_32_linux_syscalls.h', 167 'services/x86_64_linux_syscalls.h', 168 ], 169 'include_dirs': [ 170 '..', 171 ], 172 }, 173 { 174 # We make this its own target so that it does not interfere 175 # with our tests. 176 'target_name': 'libc_urandom_override', 177 'type': 'static_library', 178 'sources': [ 179 'services/libc_urandom_override.cc', 180 'services/libc_urandom_override.h', 181 ], 182 'dependencies': [ 183 '../base/base.gyp:base', 184 ], 185 'include_dirs': [ 186 '..', 187 ], 188 }, 189 { 190 'target_name': 'suid_sandbox_client', 191 'type': 'static_library', 192 'sources': [ 193 'suid/common/sandbox.h', 194 'suid/common/suid_unsafe_environment_variables.h', 195 'suid/client/setuid_sandbox_client.cc', 196 'suid/client/setuid_sandbox_client.h', 197 ], 198 'dependencies': [ 199 '../base/base.gyp:base', 200 ], 201 'include_dirs': [ 202 '..', 203 ], 204 }, 205 ], 206 'conditions': [ 207 # Strategy copied from base_unittests_apk in base/base.gyp. 208 [ 'OS=="android" and gtest_target_type == "shared_library"', { 209 'targets': [ 210 { 211 'target_name': 'sandbox_linux_jni_unittests_apk', 212 'type': 'none', 213 'variables': { 214 'test_suite_name': 'sandbox_linux_jni_unittests', 215 'input_shlib_path': 216 '<(SHARED_LIB_DIR)/<(SHARED_LIB_PREFIX)' 217 'sandbox_linux_jni_unittests' 218 '<(SHARED_LIB_SUFFIX)', 219 }, 220 'dependencies': [ 221 'sandbox_linux_jni_unittests', 222 ], 223 'includes': [ '../../build/apk_test.gypi' ], 224 } 225 ], 226 }], 227 ], 228} 229