blob: c7efae56380e8ca6d906aa3d20e91dade95cbcf5 [file] [log] [blame]
Dan Willemsen2acbec52017-09-14 17:28:36 -07001// Copyright (C) 2015 The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15// Common variables.
16// =========================================================
17libminijailSrcFiles = [
18 "bpf.c",
19 "libminijail.c",
20 "signal_handler.c",
21 "syscall_filter.c",
22 "syscall_wrapper.c",
23 "system.c",
24 "util.c",
25]
26
27unittestSrcFiles = [
28 "testrunner.cc",
29]
30
31minijailCommonLibraries = ["libcap"]
32
33cc_defaults {
34 name: "libminijail_flags",
35 cflags: [
36 "-DHAVE_SECUREBITS_H",
37 "-Wall",
38 "-Werror",
39 ],
40 target: {
41 darwin: {
42 enabled: false,
43 },
44 },
45}
46
47// Static library for generated code.
48// =========================================================
49cc_object {
50 name: "libminijail_gen_syscall_obj",
51 vendor_available: true,
52 srcs: ["gen_syscalls.c"],
53 cflags: [
54 "-dD",
55 "-E",
Chih-Hung Hsiehed6a82e2017-10-04 10:54:11 -070056 "-Wall",
57 "-Werror",
Dan Willemsen2acbec52017-09-14 17:28:36 -070058 ],
59}
60
61cc_genrule {
62 name: "libminijail_gen_syscall",
63 vendor_available: true,
64 tool_files: ["gen_syscalls.sh"],
65 cmd: "$(location gen_syscalls.sh) $(in) $(out)",
66 srcs: [":libminijail_gen_syscall_obj"],
67 out: ["libsyscalls.c"],
68}
69
70cc_object {
71 name: "libminijail_gen_constants_obj",
72 vendor_available: true,
73 srcs: ["gen_constants.c"],
74 cflags: [
75 "-dD",
76 "-E",
Chih-Hung Hsiehed6a82e2017-10-04 10:54:11 -070077 "-Wall",
78 "-Werror",
Dan Willemsen2acbec52017-09-14 17:28:36 -070079 ],
80}
81
82cc_genrule {
83 name: "libminijail_gen_constants",
84 vendor_available: true,
85 tool_files: ["gen_constants.sh"],
86 cmd: "$(location gen_constants.sh) $(in) $(out)",
87 srcs: [":libminijail_gen_constants_obj"],
88 out: ["libconstants.c"],
89}
90
91cc_library_static {
92 name: "libminijail_generated",
93 vendor_available: true,
94 defaults: ["libminijail_flags"],
95 host_supported: true,
96
97 target: {
98 android: {
99 generated_sources: [
100 "libminijail_gen_syscall",
101 "libminijail_gen_constants",
102 ],
103 },
104 host: {
105 srcs: [
106 "linux-x86/libconstants.gen.c",
107 "linux-x86/libsyscalls.gen.c",
108 ],
109 },
110 },
111}
112
113// libminijail shared and static library for target.
114// =========================================================
115cc_library {
116 name: "libminijail",
117 vendor_available: true,
118 defaults: ["libminijail_flags"],
119
120 srcs: libminijailSrcFiles,
121
122 static: {
123 whole_static_libs: ["libminijail_generated"] + minijailCommonLibraries,
124 },
125 shared: {
126 static_libs: ["libminijail_generated"],
127 shared_libs: minijailCommonLibraries,
128 },
129 export_include_dirs: ["."],
130}
131
132// Example ASan-ified libminijail shared library for target.
133// Commented out since it's only needed for local debugging.
134// =========================================================
135//cc_library_shared {
136// name: "libminijail_asan",
137// defaults: ["libminijail_flags"],
138//
139// sanitize: {
140// address: true,
141// },
142// relative_install_path: "asan",
143// srcs: libminijailSrcFiles,
144//
145// static_libs: ["libminijail_generated"],
146// shared_libs: minijailCommonLibraries,
147// export_include_dirs: ["."],
148//}
149
150// libminijail native unit tests using gtest.
151//
152// For a device, run with:
153// adb shell /data/nativetest/libminijail_unittest_gtest/libminijail_unittest_gtest
154//
155// For host, run with:
156// out/host/linux-x86/nativetest(64)/libminijail_unittest_gtest/libminijail_unittest_gtest
157// =========================================================
158cc_test {
159 name: "libminijail_unittest_gtest",
160 defaults: ["libminijail_flags"],
161 // TODO(b/31395668): Re-enable once the seccomp(2) syscall becomes available.
162 //host_supported: true
163
164 srcs: libminijailSrcFiles + ["libminijail_unittest.cc"] + unittestSrcFiles,
165
166 static_libs: ["libminijail_generated"],
167 shared_libs: minijailCommonLibraries,
168
169 target: {
170 android: {
171 cflags: ["-Wno-writable-strings"],
172 test_suites: ["device-tests"],
173 },
174 host: {
175 cflags: ["-DPRELOADPATH=\"/invalid\""],
176 },
177 },
178}
179
180// Syscall filtering native unit tests using gtest.
181//
182// For a device, run with:
183// adb shell /data/nativetest/syscall_filter_unittest_gtest/syscall_filter_unittest_gtest
184//
185// For host, run with:
186// out/host/linux-x86/nativetest(64)/syscall_filter_unittest_gtest/syscall_filter_unittest_gtest
187// =========================================================
188cc_test {
189 name: "syscall_filter_unittest_gtest",
190 defaults: ["libminijail_flags"],
191 host_supported: true,
192
193 srcs: [
194 "bpf.c",
195 "syscall_filter.c",
196 "util.c",
197 "syscall_filter_unittest.cc",
198 ] + unittestSrcFiles,
199
200 static_libs: ["libminijail_generated"],
201 shared_libs: minijailCommonLibraries,
202
203 target: {
204 android: {
205 test_suites: ["device-tests"],
206 },
207 },
208}
209
210// System functionality unit tests using gtest.
211//
212// For a device, run with:
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500213// adb shell /data/nativetest/mj_system_unittest_gtest/mj_system_unittest_gtest
Dan Willemsen2acbec52017-09-14 17:28:36 -0700214//
215// For host, run with:
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500216// out/host/linux-x86/nativetest(64)/mj_system_unittest_gtest/mj_system_unittest_gtest
Dan Willemsen2acbec52017-09-14 17:28:36 -0700217// =========================================================
218cc_test {
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500219 name: "mj_system_unittest_gtest",
Dan Willemsen2acbec52017-09-14 17:28:36 -0700220 defaults: ["libminijail_flags"],
221 host_supported: true,
222
223 srcs: [
224 "system.c",
225 "util.c",
226 "system_unittest.cc",
227 ] + unittestSrcFiles,
228
229 static_libs: ["libminijail_generated"],
230 shared_libs: minijailCommonLibraries,
231
232 target: {
233 android: {
234 test_suites: ["device-tests"],
235 },
236 },
237}
238
Mike Frysinger32c39922018-01-17 17:09:54 -0500239// Utility functionality unit tests using gtest.
240//
241// For a device, run with:
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500242// adb shell /data/nativetest/mj_util_unittest_gtest/mj_util_unittest_gtest
Mike Frysinger32c39922018-01-17 17:09:54 -0500243//
244// For host, run with:
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500245// out/host/linux-x86/nativetest(64)/mj_util_unittest_gtest/mj_util_unittest_gtest
Mike Frysinger32c39922018-01-17 17:09:54 -0500246// =========================================================
247cc_test {
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500248 name: "mj_util_unittest_gtest",
Mike Frysinger32c39922018-01-17 17:09:54 -0500249 defaults: ["libminijail_flags"],
250 host_supported: true,
251
252 srcs: [
253 "util.c",
254 "util_unittest.cc",
255 ] + unittestSrcFiles,
256
257 static_libs: ["libminijail_generated"],
258 shared_libs: minijailCommonLibraries,
259
260 target: {
261 android: {
262 test_suites: ["device-tests"],
263 },
264 },
265}
266
Mike Frysinger4d2a81e2018-01-22 16:43:33 -0500267// Utility functionality unit tests using gtest.
268//
269// For a device, run with:
270// adb shell /data/nativetest/minijail0_cli_unittest_gtest/minijail0_cli_unittest_gtest
271//
272// For host, run with:
273// out/host/linux-x86/nativetest(64)/minijail0_cli_unittest_gtest/minijail0_cli_unittest_gtest
274// =========================================================
275cc_test {
276 name: "minijail0_cli_unittest_gtest",
277 defaults: ["libminijail_flags"],
278 host_supported: true,
279
280 cflags: [
281 "-DPRELOADPATH=\"/invalid\"",
282 ],
283 srcs: libminijailSrcFiles + [
284 "elfparse.c",
285 "minijail0_cli.c",
286 "minijail0_cli_unittest.cc",
287 ] + unittestSrcFiles,
288
289 static_libs: ["libminijail_generated"],
290 shared_libs: minijailCommonLibraries,
291
292 target: {
293 android: {
294 test_suites: ["device-tests"],
295 },
296 },
297}
298
Dan Willemsen2acbec52017-09-14 17:28:36 -0700299// libminijail_test executable for brillo_Minijail test.
300// =========================================================
301cc_test {
302 name: "libminijail_test",
303 defaults: ["libminijail_flags"],
304 test_suites: ["device-tests"],
305
306 gtest: false,
307
308 srcs: ["test/libminijail_test.cpp"],
309
310 shared_libs: [
311 "libbase",
312 "libminijail",
313 ],
314}
315
316// libminijail usage example.
317// =========================================================
318cc_binary {
319 name: "drop_privs",
320 defaults: ["libminijail_flags"],
321
322 // Don't build with ASan, but leave commented out for easy local debugging.
323 // sanitize: { address: true, },
324 srcs: ["examples/drop_privs.cpp"],
325
326 shared_libs: [
327 "libbase",
328 "libminijail",
329 ],
330}
331
332// minijail0 executable.
333// This is not currently used on Brillo/Android,
334// but it's convenient to be able to build it.
335// =========================================================
336cc_binary {
337 name: "minijail0",
338 defaults: ["libminijail_flags"],
339
340 cflags: [
Dan Willemsen2acbec52017-09-14 17:28:36 -0700341 "-DPRELOADPATH=\"/invalidminijailpreload.so\"",
342 ],
343 srcs: [
344 "elfparse.c",
345 "minijail0.c",
Mike Frysinger5ef22ca2018-01-20 13:42:10 -0500346 "minijail0_cli.c",
Dan Willemsen2acbec52017-09-14 17:28:36 -0700347 ],
348
349 static_libs: ["libminijail_generated"],
350 shared_libs: minijailCommonLibraries + ["libminijail"],
351}