Gitiles
Code Review Sign In
gerrit.openfyde.cn / android.googlesource.com / platform / external / minijail / d23ad7927113a86d4b023e18660aabe9697c4a71 / . / Android.bp
blob: 482f6c735d2213efe35a39638907bc383be33208 [file] [log] [blame]
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]1// Copyright (C) 2015 The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15// Common variables.
16// =========================================================
17libminijailSrcFiles = [
18 "bpf.c",
19 "libminijail.c",
20 "signal_handler.c",
21 "syscall_filter.c",
22 "syscall_wrapper.c",
23 "system.c",
24 "util.c",
25]
26
27unittestSrcFiles = [
28 "testrunner.cc",
29]
30
31minijailCommonLibraries = ["libcap"]
32
33cc_defaults {
34 name: "libminijail_flags",
35 cflags: [
Luis Hector Chavezc3e17722018-10-16 20:43:12 -0700[diff] [blame]36 "-D_FILE_OFFSET_BITS=64",
Mike Frysinger916c6c32018-09-27 14:17:53 -0400[diff] [blame]37 "-DALLOW_DEBUG_LOGGING",
Allen Webbee876072019-02-21 10:56:21 -0800[diff] [blame]38 "-DDEFAULT_PIVOT_ROOT=\"/var/empty\"",
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]39 "-Wall",
40 "-Werror",
41 ],
42 target: {
43 darwin: {
44 enabled: false,
45 },
46 },
47}
48
49// Static library for generated code.
50// =========================================================
51cc_object {
52 name: "libminijail_gen_syscall_obj",
53 vendor_available: true,
Jiyong Park85e7a262018-05-24 14:09:04 +0900[diff] [blame]54 recovery_available: true,
Martin Stjernholma74925e2020-04-08 01:02:51 +0100[diff] [blame]55 header_libs: ["libc_headers"], // TODO(b/153662223): Clean this up.
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]56 srcs: ["gen_syscalls.c"],
57 cflags: [
58 "-dD",
59 "-E",
Chih-Hung Hsiehed6a82e2017-10-04 10:54:11 -0700[diff] [blame]60 "-Wall",
61 "-Werror",
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]62 ],
Jiyong Parke3a5cae2020-04-08 22:37:24 +0900[diff] [blame]63 apex_available: [
64 "//apex_available:platform",
65 "com.android.adbd",
66 "com.android.media.swcodec",
67 ],
Jooyung Han42b623b2020-04-16 18:48:30 +0900[diff] [blame]68 min_sdk_version: "29",
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]69}
70
71cc_genrule {
72 name: "libminijail_gen_syscall",
73 vendor_available: true,
Jiyong Park85e7a262018-05-24 14:09:04 +0900[diff] [blame]74 recovery_available: true,
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]75 tool_files: ["gen_syscalls.sh"],
76 cmd: "$(location gen_syscalls.sh) $(in) $(out)",
77 srcs: [":libminijail_gen_syscall_obj"],
78 out: ["libsyscalls.c"],
Jiyong Parke3a5cae2020-04-08 22:37:24 +0900[diff] [blame]79 apex_available: [
80 "//apex_available:platform",
81 "com.android.adbd",
82 "com.android.media.swcodec",
83 ],
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]84}
85
86cc_object {
87 name: "libminijail_gen_constants_obj",
88 vendor_available: true,
Jiyong Park85e7a262018-05-24 14:09:04 +0900[diff] [blame]89 recovery_available: true,
Martin Stjernholma74925e2020-04-08 01:02:51 +0100[diff] [blame]90 header_libs: ["libc_headers"], // TODO(b/153662223): Clean this up.
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]91 srcs: ["gen_constants.c"],
92 cflags: [
93 "-dD",
94 "-E",
Chih-Hung Hsiehed6a82e2017-10-04 10:54:11 -0700[diff] [blame]95 "-Wall",
96 "-Werror",
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]97 ],
Jiyong Parke3a5cae2020-04-08 22:37:24 +0900[diff] [blame]98 apex_available: [
99 "//apex_available:platform",
100 "com.android.adbd",
101 "com.android.media.swcodec",
102 ],
Jooyung Han42b623b2020-04-16 18:48:30 +0900[diff] [blame]103 min_sdk_version: "29",
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]104}
105
106cc_genrule {
107 name: "libminijail_gen_constants",
108 vendor_available: true,
Jiyong Park85e7a262018-05-24 14:09:04 +0900[diff] [blame]109 recovery_available: true,
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]110 tool_files: ["gen_constants.sh"],
111 cmd: "$(location gen_constants.sh) $(in) $(out)",
112 srcs: [":libminijail_gen_constants_obj"],
113 out: ["libconstants.c"],
Jiyong Parke3a5cae2020-04-08 22:37:24 +0900[diff] [blame]114 apex_available: [
115 "//apex_available:platform",
116 "com.android.adbd",
117 "com.android.media.swcodec",
118 ],
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]119}
120
121cc_library_static {
122 name: "libminijail_generated",
123 vendor_available: true,
Jiyong Park85e7a262018-05-24 14:09:04 +0900[diff] [blame]124 recovery_available: true,
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]125 defaults: ["libminijail_flags"],
126 host_supported: true,
127
128 target: {
129 android: {
130 generated_sources: [
131 "libminijail_gen_syscall",
132 "libminijail_gen_constants",
133 ],
134 },
135 host: {
136 srcs: [
137 "linux-x86/libconstants.gen.c",
138 "linux-x86/libsyscalls.gen.c",
139 ],
140 },
141 },
Jiyong Parke3a5cae2020-04-08 22:37:24 +0900[diff] [blame]142 apex_available: [
143 "//apex_available:platform",
144 "com.android.adbd",
145 "com.android.media.swcodec",
146 ],
Jooyung Han42b623b2020-04-16 18:48:30 +0900[diff] [blame]147 min_sdk_version: "29",
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]148}
149
Luis Hector Chavezc90ec152019-12-13 09:12:33 -0800[diff] [blame]150cc_object {
151 name: "libminijail_gen_constants_llvmir",
152 vendor_available: true,
153 recovery_available: true,
154 host_supported: true,
Martin Stjernholma74925e2020-04-08 01:02:51 +0100[diff] [blame]155 header_libs: ["libc_headers"], // TODO(b/153662223): Clean this up.
Luis Hector Chavezc90ec152019-12-13 09:12:33 -0800[diff] [blame]156 cflags: [
157 "-S",
158 "-O0",
159 "-emit-llvm",
160 ],
161
162 target: {
163 android: {
164 generated_sources: ["libminijail_gen_constants"],
165 },
166 host: {
167 srcs: ["linux-x86/libconstants.gen.c"],
168 },
169 },
170}
171
172cc_object {
173 name: "libminijail_gen_syscall_llvmir",
174 vendor_available: true,
175 recovery_available: true,
176 host_supported: true,
Martin Stjernholma74925e2020-04-08 01:02:51 +0100[diff] [blame]177 header_libs: ["libc_headers"], // TODO(b/153662223): Clean this up.
Luis Hector Chavezc90ec152019-12-13 09:12:33 -0800[diff] [blame]178 cflags: [
179 "-S",
180 "-O0",
181 "-emit-llvm",
182 ],
183
184 target: {
185 android: {
186 generated_sources: ["libminijail_gen_syscall"],
187 },
188 host: {
189 srcs: ["linux-x86/libsyscalls.gen.c"],
190 },
191 },
192}
193
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]194// libminijail shared and static library for target.
195// =========================================================
196cc_library {
197 name: "libminijail",
Luis Hector Chavez413af652018-04-19 20:15:13 -0700[diff] [blame]198 host_supported: true,
Logan Chien9460f602017-11-21 20:32:45 +0800[diff] [blame]199
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]200 vendor_available: true,
Jiyong Park85e7a262018-05-24 14:09:04 +0900[diff] [blame]201 recovery_available: true,
Logan Chien9460f602017-11-21 20:32:45 +0800[diff] [blame]202 vndk: {
203 enabled: true,
204 },
205
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]206 defaults: ["libminijail_flags"],
207
208 srcs: libminijailSrcFiles,
209
210 static: {
211 whole_static_libs: ["libminijail_generated"] + minijailCommonLibraries,
212 },
213 shared: {
214 static_libs: ["libminijail_generated"],
215 shared_libs: minijailCommonLibraries,
216 },
217 export_include_dirs: ["."],
Luis Hector Chavez413af652018-04-19 20:15:13 -0700[diff] [blame]218
219 target: {
220 host: {
221 cflags: [
222 "-DPRELOADPATH=\"/invalidminijailpreload.so\"",
223 ],
224 },
225 },
Jiyong Parke3a5cae2020-04-08 22:37:24 +0900[diff] [blame]226 apex_available: [
227 "//apex_available:platform",
228 "com.android.adbd",
229 "com.android.media.swcodec",
230 ],
Jooyung Han42b623b2020-04-16 18:48:30 +0900[diff] [blame]231 min_sdk_version: "29",
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]232}
233
234// Example ASan-ified libminijail shared library for target.
235// Commented out since it's only needed for local debugging.
236// =========================================================
237//cc_library_shared {
238// name: "libminijail_asan",
239// defaults: ["libminijail_flags"],
240//
241// sanitize: {
242// address: true,
243// },
244// relative_install_path: "asan",
245// srcs: libminijailSrcFiles,
246//
247// static_libs: ["libminijail_generated"],
248// shared_libs: minijailCommonLibraries,
249// export_include_dirs: ["."],
250//}
251
252// libminijail native unit tests using gtest.
253//
254// For a device, run with:
255// adb shell /data/nativetest/libminijail_unittest_gtest/libminijail_unittest_gtest
256//
257// For host, run with:
258// out/host/linux-x86/nativetest(64)/libminijail_unittest_gtest/libminijail_unittest_gtest
259// =========================================================
260cc_test {
261 name: "libminijail_unittest_gtest",
262 defaults: ["libminijail_flags"],
263 // TODO(b/31395668): Re-enable once the seccomp(2) syscall becomes available.
264 //host_supported: true
265
266 srcs: libminijailSrcFiles + ["libminijail_unittest.cc"] + unittestSrcFiles,
267
268 static_libs: ["libminijail_generated"],
269 shared_libs: minijailCommonLibraries,
270
271 target: {
272 android: {
273 cflags: ["-Wno-writable-strings"],
274 test_suites: ["device-tests"],
275 },
276 host: {
277 cflags: ["-DPRELOADPATH=\"/invalid\""],
278 },
279 },
280}
281
282// Syscall filtering native unit tests using gtest.
283//
284// For a device, run with:
285// adb shell /data/nativetest/syscall_filter_unittest_gtest/syscall_filter_unittest_gtest
286//
287// For host, run with:
288// out/host/linux-x86/nativetest(64)/syscall_filter_unittest_gtest/syscall_filter_unittest_gtest
289// =========================================================
290cc_test {
291 name: "syscall_filter_unittest_gtest",
292 defaults: ["libminijail_flags"],
293 host_supported: true,
294
295 srcs: [
296 "bpf.c",
297 "syscall_filter.c",
298 "util.c",
299 "syscall_filter_unittest.cc",
300 ] + unittestSrcFiles,
301
302 static_libs: ["libminijail_generated"],
303 shared_libs: minijailCommonLibraries,
304
305 target: {
306 android: {
307 test_suites: ["device-tests"],
308 },
309 },
310}
311
312// System functionality unit tests using gtest.
313//
314// For a device, run with:
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500[diff] [blame]315// adb shell /data/nativetest/mj_system_unittest_gtest/mj_system_unittest_gtest
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]316//
317// For host, run with:
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500[diff] [blame]318// out/host/linux-x86/nativetest(64)/mj_system_unittest_gtest/mj_system_unittest_gtest
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]319// =========================================================
320cc_test {
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500[diff] [blame]321 name: "mj_system_unittest_gtest",
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]322 defaults: ["libminijail_flags"],
323 host_supported: true,
324
325 srcs: [
326 "system.c",
327 "util.c",
328 "system_unittest.cc",
329 ] + unittestSrcFiles,
330
331 static_libs: ["libminijail_generated"],
332 shared_libs: minijailCommonLibraries,
333
334 target: {
335 android: {
336 test_suites: ["device-tests"],
337 },
338 },
339}
340
Mike Frysinger32c39922018-01-17 17:09:54 -0500[diff] [blame]341// Utility functionality unit tests using gtest.
342//
343// For a device, run with:
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500[diff] [blame]344// adb shell /data/nativetest/mj_util_unittest_gtest/mj_util_unittest_gtest
Mike Frysinger32c39922018-01-17 17:09:54 -0500[diff] [blame]345//
346// For host, run with:
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500[diff] [blame]347// out/host/linux-x86/nativetest(64)/mj_util_unittest_gtest/mj_util_unittest_gtest
Mike Frysinger32c39922018-01-17 17:09:54 -0500[diff] [blame]348// =========================================================
349cc_test {
Jorge Lucangeli Obes1ed75bc2018-01-25 14:06:42 -0500[diff] [blame]350 name: "mj_util_unittest_gtest",
Mike Frysinger32c39922018-01-17 17:09:54 -0500[diff] [blame]351 defaults: ["libminijail_flags"],
352 host_supported: true,
353
354 srcs: [
355 "util.c",
356 "util_unittest.cc",
357 ] + unittestSrcFiles,
358
359 static_libs: ["libminijail_generated"],
360 shared_libs: minijailCommonLibraries,
361
362 target: {
363 android: {
364 test_suites: ["device-tests"],
365 },
366 },
367}
368
Mike Frysinger4d2a81e2018-01-22 16:43:33 -0500[diff] [blame]369// Utility functionality unit tests using gtest.
370//
371// For a device, run with:
372// adb shell /data/nativetest/minijail0_cli_unittest_gtest/minijail0_cli_unittest_gtest
373//
374// For host, run with:
375// out/host/linux-x86/nativetest(64)/minijail0_cli_unittest_gtest/minijail0_cli_unittest_gtest
376// =========================================================
377cc_test {
378 name: "minijail0_cli_unittest_gtest",
379 defaults: ["libminijail_flags"],
380 host_supported: true,
381
382 cflags: [
383 "-DPRELOADPATH=\"/invalid\"",
384 ],
385 srcs: libminijailSrcFiles + [
386 "elfparse.c",
387 "minijail0_cli.c",
388 "minijail0_cli_unittest.cc",
389 ] + unittestSrcFiles,
390
391 static_libs: ["libminijail_generated"],
392 shared_libs: minijailCommonLibraries,
393
394 target: {
395 android: {
396 test_suites: ["device-tests"],
397 },
398 },
399}
400
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]401// libminijail_test executable for brillo_Minijail test.
402// =========================================================
403cc_test {
404 name: "libminijail_test",
405 defaults: ["libminijail_flags"],
406 test_suites: ["device-tests"],
407
408 gtest: false,
409
410 srcs: ["test/libminijail_test.cpp"],
411
412 shared_libs: [
413 "libbase",
414 "libminijail",
415 ],
416}
417
418// libminijail usage example.
419// =========================================================
420cc_binary {
421 name: "drop_privs",
422 defaults: ["libminijail_flags"],
423
424 // Don't build with ASan, but leave commented out for easy local debugging.
425 // sanitize: { address: true, },
426 srcs: ["examples/drop_privs.cpp"],
427
428 shared_libs: [
429 "libbase",
430 "libminijail",
431 ],
432}
433
434// minijail0 executable.
435// This is not currently used on Brillo/Android,
436// but it's convenient to be able to build it.
437// =========================================================
438cc_binary {
439 name: "minijail0",
440 defaults: ["libminijail_flags"],
Luis Hector Chavez413af652018-04-19 20:15:13 -0700[diff] [blame]441 host_supported: true,
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]442
443 cflags: [
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]444 "-DPRELOADPATH=\"/invalidminijailpreload.so\"",
445 ],
446 srcs: [
447 "elfparse.c",
448 "minijail0.c",
Mike Frysinger5ef22ca2018-01-20 13:42:10 -0500[diff] [blame]449 "minijail0_cli.c",
Dan Willemsen2acbec52017-09-14 17:28:36 -0700[diff] [blame]450 ],
451
452 static_libs: ["libminijail_generated"],
453 shared_libs: minijailCommonLibraries + ["libminijail"],
454}
Lingfeng Yanga111f542020-02-20 08:50:39 -0800[diff] [blame]455
Yo Chiang81df0662020-07-25 19:40:44 +0800[diff] [blame]456rust_defaults {
457 name: "libminijail_rust_defaults",
458 target: {
459 darwin: {
460 enabled: false,
461 },
462 },
463}
464
Andrew Walbran9bd40192020-06-05 14:44:30 +0100[diff] [blame]465// This target was generated by cargo2android.py --run --device, with some
466// manual fixes.
Andrew Walbran7f5b63b2020-07-21 14:30:42 +0100[diff] [blame]467rust_library {
Lingfeng Yanga111f542020-02-20 08:50:39 -0800[diff] [blame]468 name: "libminijail_sys",
Yo Chiang81df0662020-07-25 19:40:44 +0800[diff] [blame]469 defaults: ["libminijail_rust_defaults"],
Andrew Walbran9bd40192020-06-05 14:44:30 +0100[diff] [blame]470 host_supported: true,
Lingfeng Yanga111f542020-02-20 08:50:39 -0800[diff] [blame]471 crate_name: "minijail_sys",
Allen Webb96dd14e2020-06-17 08:33:50 -0700[diff] [blame]472 srcs: ["rust/minijail-sys/lib.rs"],
Lingfeng Yanga111f542020-02-20 08:50:39 -0800[diff] [blame]473 edition: "2018",
Andrew Walbran7f5b63b2020-07-21 14:30:42 +0100[diff] [blame]474 rustlibs: [
Lingfeng Yanga111f542020-02-20 08:50:39 -0800[diff] [blame]475 "liblibc",
476 ],
Lingfeng Yanga111f542020-02-20 08:50:39 -0800[diff] [blame]477 shared_libs: [
478 "libcap",
Alistair Delva54fa7322020-08-24 13:01:05 -0700[diff] [blame]479 "libminijail",
Lingfeng Yanga111f542020-02-20 08:50:39 -0800[diff] [blame]480 ],
481}
Alistair Delva9072fad2020-07-20 22:57:57 -0700[diff] [blame]482
483// This target was generated by cargo2android.py --run --device, with some
484// manual fixes.
Andrew Walbran7f5b63b2020-07-21 14:30:42 +0100[diff] [blame]485rust_library {
Alistair Delva9072fad2020-07-20 22:57:57 -0700[diff] [blame]486 name: "libminijail_rust",
Yo Chiang81df0662020-07-25 19:40:44 +0800[diff] [blame]487 defaults: ["libminijail_rust_defaults"],
Alistair Delva9072fad2020-07-20 22:57:57 -0700[diff] [blame]488 host_supported: true,
489 crate_name: "minijail",
490 srcs: ["rust/minijail/src/lib.rs"],
491 edition: "2018",
Andrew Walbran7f5b63b2020-07-21 14:30:42 +0100[diff] [blame]492 rustlibs: [
Alistair Delva9072fad2020-07-20 22:57:57 -0700[diff] [blame]493 "liblibc",
494 "libminijail_sys",
495 ],
496}