blob: 62b88dc4341198fa48bc9fcc1f5477fdce64bbdd [file] [log] [blame]
Dan Willemsen2acbec52017-09-14 17:28:36 -07001// Copyright (C) 2015 The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15// Common variables.
16// =========================================================
17libminijailSrcFiles = [
18 "bpf.c",
19 "libminijail.c",
20 "signal_handler.c",
21 "syscall_filter.c",
22 "syscall_wrapper.c",
23 "system.c",
24 "util.c",
25]
26
27unittestSrcFiles = [
28 "testrunner.cc",
29]
30
31minijailCommonLibraries = ["libcap"]
32
33cc_defaults {
34 name: "libminijail_flags",
35 cflags: [
Luis Hector Chavezc3e17722018-10-16 20:43:12 -070036 "-D_FILE_OFFSET_BITS=64",
Mike Frysinger916c6c32018-09-27 14:17:53 -040037 "-DALLOW_DEBUG_LOGGING",
Allen Webbee876072019-02-21 10:56:21 -080038 "-DDEFAULT_PIVOT_ROOT=\"/var/empty\"",
Dan Willemsen2acbec52017-09-14 17:28:36 -070039 "-Wall",
40 "-Werror",
41 ],
42 target: {
43 darwin: {
44 enabled: false,
45 },
46 },
47}
48
49// Static library for generated code.
50// =========================================================
51cc_object {
52 name: "libminijail_gen_syscall_obj",
53 vendor_available: true,
Jiyong Park85e7a262018-05-24 14:09:04 +090054 recovery_available: true,
Dan Willemsen2acbec52017-09-14 17:28:36 -070055 srcs: ["gen_syscalls.c"],
56 cflags: [
57 "-dD",
58 "-E",
Chih-Hung Hsiehed6a82e2017-10-04 10:54:11 -070059 "-Wall",
60 "-Werror",
Dan Willemsen2acbec52017-09-14 17:28:36 -070061 ],
Jiyong Parke3a5cae2020-04-08 22:37:24 +090062 apex_available: [
63 "//apex_available:platform",
64 "com.android.adbd",
65 "com.android.media.swcodec",
66 ],
Dan Willemsen2acbec52017-09-14 17:28:36 -070067}
68
69cc_genrule {
70 name: "libminijail_gen_syscall",
71 vendor_available: true,
Jiyong Park85e7a262018-05-24 14:09:04 +090072 recovery_available: true,
Dan Willemsen2acbec52017-09-14 17:28:36 -070073 tool_files: ["gen_syscalls.sh"],
74 cmd: "$(location gen_syscalls.sh) $(in) $(out)",
75 srcs: [":libminijail_gen_syscall_obj"],
76 out: ["libsyscalls.c"],
Jiyong Parke3a5cae2020-04-08 22:37:24 +090077 apex_available: [
78 "//apex_available:platform",
79 "com.android.adbd",
80 "com.android.media.swcodec",
81 ],
Dan Willemsen2acbec52017-09-14 17:28:36 -070082}
83
84cc_object {
85 name: "libminijail_gen_constants_obj",
86 vendor_available: true,
Jiyong Park85e7a262018-05-24 14:09:04 +090087 recovery_available: true,
Dan Willemsen2acbec52017-09-14 17:28:36 -070088 srcs: ["gen_constants.c"],
89 cflags: [
90 "-dD",
91 "-E",
Chih-Hung Hsiehed6a82e2017-10-04 10:54:11 -070092 "-Wall",
93 "-Werror",
Dan Willemsen2acbec52017-09-14 17:28:36 -070094 ],
Jiyong Parke3a5cae2020-04-08 22:37:24 +090095 apex_available: [
96 "//apex_available:platform",
97 "com.android.adbd",
98 "com.android.media.swcodec",
99 ],
Dan Willemsen2acbec52017-09-14 17:28:36 -0700100}
101
102cc_genrule {
103 name: "libminijail_gen_constants",
104 vendor_available: true,
Jiyong Park85e7a262018-05-24 14:09:04 +0900105 recovery_available: true,
Dan Willemsen2acbec52017-09-14 17:28:36 -0700106 tool_files: ["gen_constants.sh"],
107 cmd: "$(location gen_constants.sh) $(in) $(out)",
108 srcs: [":libminijail_gen_constants_obj"],
109 out: ["libconstants.c"],
Jiyong Parke3a5cae2020-04-08 22:37:24 +0900110 apex_available: [
111 "//apex_available:platform",
112 "com.android.adbd",
113 "com.android.media.swcodec",
114 ],
Dan Willemsen2acbec52017-09-14 17:28:36 -0700115}
116
117cc_library_static {
118 name: "libminijail_generated",
119 vendor_available: true,
Jiyong Park85e7a262018-05-24 14:09:04 +0900120 recovery_available: true,
Dan Willemsen2acbec52017-09-14 17:28:36 -0700121 defaults: ["libminijail_flags"],
122 host_supported: true,
123
124 target: {
125 android: {
126 generated_sources: [
127 "libminijail_gen_syscall",
128 "libminijail_gen_constants",
129 ],
130 },
131 host: {
132 srcs: [
133 "linux-x86/libconstants.gen.c",
134 "linux-x86/libsyscalls.gen.c",
135 ],
136 },
137 },
Jiyong Parke3a5cae2020-04-08 22:37:24 +0900138 apex_available: [
139 "//apex_available:platform",
140 "com.android.adbd",
141 "com.android.media.swcodec",
142 ],
Dan Willemsen2acbec52017-09-14 17:28:36 -0700143}
144
Luis Hector Chavezc90ec152019-12-13 09:12:33 -0800145cc_object {
146 name: "libminijail_gen_constants_llvmir",
147 vendor_available: true,
148 recovery_available: true,
149 host_supported: true,
150 cflags: [
151 "-S",
152 "-O0",
153 "-emit-llvm",
154 ],
155
156 target: {
157 android: {
158 generated_sources: ["libminijail_gen_constants"],
159 },
160 host: {
161 srcs: ["linux-x86/libconstants.gen.c"],
162 },
163 },
164}
165
166cc_object {
167 name: "libminijail_gen_syscall_llvmir",
168 vendor_available: true,
169 recovery_available: true,
170 host_supported: true,
171 cflags: [
172 "-S",
173 "-O0",
174 "-emit-llvm",
175 ],
176
177 target: {
178 android: {
179 generated_sources: ["libminijail_gen_syscall"],
180 },
181 host: {
182 srcs: ["linux-x86/libsyscalls.gen.c"],
183 },
184 },
185}
186
Dan Willemsen2acbec52017-09-14 17:28:36 -0700187// libminijail shared and static library for target.
188// =========================================================
189cc_library {
190 name: "libminijail",
Luis Hector Chavez413af652018-04-19 20:15:13 -0700191 host_supported: true,
Logan Chien9460f602017-11-21 20:32:45 +0800192
Dan Willemsen2acbec52017-09-14 17:28:36 -0700193 vendor_available: true,
Jiyong Park85e7a262018-05-24 14:09:04 +0900194 recovery_available: true,
Logan Chien9460f602017-11-21 20:32:45 +0800195 vndk: {
196 enabled: true,
197 },
198
Dan Willemsen2acbec52017-09-14 17:28:36 -0700199 defaults: ["libminijail_flags"],
200
201 srcs: libminijailSrcFiles,
202
203 static: {
204 whole_static_libs: ["libminijail_generated"] + minijailCommonLibraries,
205 },
206 shared: {
207 static_libs: ["libminijail_generated"],
208 shared_libs: minijailCommonLibraries,
209 },
210 export_include_dirs: ["."],
Luis Hector Chavez413af652018-04-19 20:15:13 -0700211
212 target: {
213 host: {
214 cflags: [
215 "-DPRELOADPATH=\"/invalidminijailpreload.so\"",
216 ],
217 },
218 },
Jiyong Parke3a5cae2020-04-08 22:37:24 +0900219 apex_available: [
220 "//apex_available:platform",
221 "com.android.adbd",
222 "com.android.media.swcodec",
223 ],
Dan Willemsen2acbec52017-09-14 17:28:36 -0700224}
225
226// Example ASan-ified libminijail shared library for target.
227// Commented out since it's only needed for local debugging.
228// =========================================================
229//cc_library_shared {
230// name: "libminijail_asan",
231// defaults: ["libminijail_flags"],
232//
233// sanitize: {
234// address: true,
235// },
236// relative_install_path: "asan",
237// srcs: libminijailSrcFiles,
238//
239// static_libs: ["libminijail_generated"],
240// shared_libs: minijailCommonLibraries,
241// export_include_dirs: ["."],
242//}
243
244// libminijail native unit tests using gtest.
245//
246// For a device, run with:
247// adb shell /data/nativetest/libminijail_unittest_gtest/libminijail_unittest_gtest
248//
249// For host, run with:
250// out/host/linux-x86/nativetest(64)/libminijail_unittest_gtest/libminijail_unittest_gtest
251// =========================================================
252cc_test {
253 name: "libminijail_unittest_gtest",
254 defaults: ["libminijail_flags"],
255 // TODO(b/31395668): Re-enable once the seccomp(2) syscall becomes available.
256 //host_supported: true
257
258 srcs: libminijailSrcFiles + ["libminijail_unittest.cc"] + unittestSrcFiles,
259
260 static_libs: ["libminijail_generated"],
261 shared_libs: minijailCommonLibraries,
262
263 target: {
264 android: {
265 cflags: ["-Wno-writable-strings"],
266 test_suites: ["device-tests"],
267 },
268 host: {
269 cflags: ["-DPRELOADPATH=\"/invalid\""],
270 },
271 },
272}
273
274// Syscall filtering native unit tests using gtest.
275//
276// For a device, run with:
277// adb shell /data/nativetest/syscall_filter_unittest_gtest/syscall_filter_unittest_gtest
278//
279// For host, run with:
280// out/host/linux-x86/nativetest(64)/syscall_filter_unittest_gtest/syscall_filter_unittest_gtest
281// =========================================================
282cc_test {
283 name: "syscall_filter_unittest_gtest",
284 defaults: ["libminijail_flags"],
285 host_supported: true,
286
287 srcs: [
288 "bpf.c",
289 "syscall_filter.c",
290 "util.c",
291 "syscall_filter_unittest.cc",
292 ] + unittestSrcFiles,
293
294 static_libs: ["libminijail_generated"],
295 shared_libs: minijailCommonLibraries,
296
297 target: {
298 android: {
299 test_suites: ["device-tests"],
300 },
301 },
302}
303
304// System functionality unit tests using gtest.
305//
306// For a device, run with:
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500307// adb shell /data/nativetest/mj_system_unittest_gtest/mj_system_unittest_gtest
Dan Willemsen2acbec52017-09-14 17:28:36 -0700308//
309// For host, run with:
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500310// out/host/linux-x86/nativetest(64)/mj_system_unittest_gtest/mj_system_unittest_gtest
Dan Willemsen2acbec52017-09-14 17:28:36 -0700311// =========================================================
312cc_test {
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500313 name: "mj_system_unittest_gtest",
Dan Willemsen2acbec52017-09-14 17:28:36 -0700314 defaults: ["libminijail_flags"],
315 host_supported: true,
316
317 srcs: [
318 "system.c",
319 "util.c",
320 "system_unittest.cc",
321 ] + unittestSrcFiles,
322
323 static_libs: ["libminijail_generated"],
324 shared_libs: minijailCommonLibraries,
325
326 target: {
327 android: {
328 test_suites: ["device-tests"],
329 },
330 },
331}
332
Mike Frysinger32c39922018-01-17 17:09:54 -0500333// Utility functionality unit tests using gtest.
334//
335// For a device, run with:
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500336// adb shell /data/nativetest/mj_util_unittest_gtest/mj_util_unittest_gtest
Mike Frysinger32c39922018-01-17 17:09:54 -0500337//
338// For host, run with:
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500339// out/host/linux-x86/nativetest(64)/mj_util_unittest_gtest/mj_util_unittest_gtest
Mike Frysinger32c39922018-01-17 17:09:54 -0500340// =========================================================
341cc_test {
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500342 name: "mj_util_unittest_gtest",
Mike Frysinger32c39922018-01-17 17:09:54 -0500343 defaults: ["libminijail_flags"],
344 host_supported: true,
345
346 srcs: [
347 "util.c",
348 "util_unittest.cc",
349 ] + unittestSrcFiles,
350
351 static_libs: ["libminijail_generated"],
352 shared_libs: minijailCommonLibraries,
353
354 target: {
355 android: {
356 test_suites: ["device-tests"],
357 },
358 },
359}
360
Mike Frysinger4d2a81e2018-01-22 16:43:33 -0500361// Utility functionality unit tests using gtest.
362//
363// For a device, run with:
364// adb shell /data/nativetest/minijail0_cli_unittest_gtest/minijail0_cli_unittest_gtest
365//
366// For host, run with:
367// out/host/linux-x86/nativetest(64)/minijail0_cli_unittest_gtest/minijail0_cli_unittest_gtest
368// =========================================================
369cc_test {
370 name: "minijail0_cli_unittest_gtest",
371 defaults: ["libminijail_flags"],
372 host_supported: true,
373
374 cflags: [
375 "-DPRELOADPATH=\"/invalid\"",
376 ],
377 srcs: libminijailSrcFiles + [
378 "elfparse.c",
379 "minijail0_cli.c",
380 "minijail0_cli_unittest.cc",
381 ] + unittestSrcFiles,
382
383 static_libs: ["libminijail_generated"],
384 shared_libs: minijailCommonLibraries,
385
386 target: {
387 android: {
388 test_suites: ["device-tests"],
389 },
390 },
391}
392
Dan Willemsen2acbec52017-09-14 17:28:36 -0700393// libminijail_test executable for brillo_Minijail test.
394// =========================================================
395cc_test {
396 name: "libminijail_test",
397 defaults: ["libminijail_flags"],
398 test_suites: ["device-tests"],
399
400 gtest: false,
401
402 srcs: ["test/libminijail_test.cpp"],
403
404 shared_libs: [
405 "libbase",
406 "libminijail",
407 ],
408}
409
410// libminijail usage example.
411// =========================================================
412cc_binary {
413 name: "drop_privs",
414 defaults: ["libminijail_flags"],
415
416 // Don't build with ASan, but leave commented out for easy local debugging.
417 // sanitize: { address: true, },
418 srcs: ["examples/drop_privs.cpp"],
419
420 shared_libs: [
421 "libbase",
422 "libminijail",
423 ],
424}
425
426// minijail0 executable.
427// This is not currently used on Brillo/Android,
428// but it's convenient to be able to build it.
429// =========================================================
430cc_binary {
431 name: "minijail0",
432 defaults: ["libminijail_flags"],
Luis Hector Chavez413af652018-04-19 20:15:13 -0700433 host_supported: true,
Dan Willemsen2acbec52017-09-14 17:28:36 -0700434
435 cflags: [
Dan Willemsen2acbec52017-09-14 17:28:36 -0700436 "-DPRELOADPATH=\"/invalidminijailpreload.so\"",
437 ],
438 srcs: [
439 "elfparse.c",
440 "minijail0.c",
Mike Frysinger5ef22ca2018-01-20 13:42:10 -0500441 "minijail0_cli.c",
Dan Willemsen2acbec52017-09-14 17:28:36 -0700442 ],
443
444 static_libs: ["libminijail_generated"],
445 shared_libs: minijailCommonLibraries + ["libminijail"],
446}
Lingfeng Yanga111f542020-02-20 08:50:39 -0800447
448// Generated by cargo2android.
449rust_library_host_rlib {
450 name: "libminijail_sys",
451 crate_name: "minijail_sys",
452 srcs: ["lib.rs"],
453 edition: "2018",
454 rlibs: [
455 "liblibc",
456 ],
457 static_libs: [
458 "libminijail",
459 ],
460 shared_libs: [
461 "libcap",
462 ],
Lingfeng Yang6f9654d2020-02-21 07:35:51 -0800463 target: {
464 darwin: {
465 enabled: false,
466 }
467 },
Lingfeng Yanga111f542020-02-20 08:50:39 -0800468}