Home | History | Annotate | Download | only in minijail 
      1 # Copyright (C) 2015 The Android Open Source Project
      2 #
      3 # Licensed under the Apache License, Version 2.0 (the "License");
      4 # you may not use this file except in compliance with the License.
      5 # You may obtain a copy of the License at
      6 #
      7 #      http://www.apache.org/licenses/LICENSE-2.0
      8 #
      9 # Unless required by applicable law or agreed to in writing, software
     10 # distributed under the License is distributed on an "AS IS" BASIS,
     11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     12 # See the License for the specific language governing permissions and
     13 # limitations under the License.
     14 
     15 LOCAL_PATH := $(call my-dir)
     16 
     17 
     18 # Common variables.
     19 # =========================================================
     20 libminijailSrcFiles := \
     21 	bpf.c \
     22 	libminijail.c \
     23 	signal_handler.c \
     24 	syscall_filter.c \
     25 	syscall_wrapper.c \
     26 	util.c
     27 
     28 hostUnittestSrcFiles := \
     29 	linux-x86/libconstants.gen.c \
     30 	linux-x86/libsyscalls.gen.c
     31 
     32 minijailCommonCFlags := -DHAVE_SECUREBITS_H -Wall -Werror
     33 minijailCommonLibraries := libcap
     34 
     35 
     36 # Static library for generated code.
     37 # =========================================================
     38 include $(CLEAR_VARS)
     39 LOCAL_MODULE := libminijail_generated
     40 
     41 LOCAL_MODULE_CLASS := STATIC_LIBRARIES
     42 generated_sources_dir := $(local-generated-sources-dir)
     43 
     44 my_gen := $(generated_sources_dir)/$(TARGET_ARCH)/libsyscalls.c
     45 # We need the quotes so the shell script treats the following as one argument.
     46 my_cc := "$(lastword $(CLANG)) \
     47     $(addprefix -I ,$(TARGET_C_INCLUDES)) \
     48     $(addprefix -isystem ,$(TARGET_C_SYSTEM_INCLUDES)) \
     49     $(CLANG_TARGET_GLOBAL_CFLAGS)"
     50 $(my_gen): PRIVATE_CC := $(my_cc)
     51 $(my_gen): PRIVATE_CUSTOM_TOOL = $< $(PRIVATE_CC) $@
     52 $(my_gen): $(LOCAL_PATH)/gen_syscalls.sh
     53 	$(transform-generated-source)
     54 $(call include-depfile,$(my_gen).d,$(my_gen))
     55 LOCAL_GENERATED_SOURCES_$(TARGET_ARCH) += $(my_gen)
     56 
     57 my_gen := $(generated_sources_dir)/$(TARGET_ARCH)/libconstants.c
     58 $(my_gen): PRIVATE_CC := $(my_cc)
     59 $(my_gen): PRIVATE_CUSTOM_TOOL = $< $(PRIVATE_CC) $@
     60 $(my_gen): $(LOCAL_PATH)/gen_constants.sh
     61 	$(transform-generated-source)
     62 $(call include-depfile,$(my_gen).d,$(my_gen))
     63 LOCAL_GENERATED_SOURCES_$(TARGET_ARCH) += $(my_gen)
     64 
     65 # For processes running in 32-bit compat mode on 64-bit processors.
     66 ifdef TARGET_2ND_ARCH
     67 my_gen := $(generated_sources_dir)/$(TARGET_2ND_ARCH)/libsyscalls.c
     68 my_cc := "$(lastword $(CLANG)) \
     69     $(addprefix -I ,$($(TARGET_2ND_ARCH_VAR_PREFIX)TARGET_C_INCLUDES)) \
     70     $(addprefix -isystem ,$($(TARGET_2ND_ARCH_VAR_PREFIX)TARGET_C_SYSTEM_INCLUDES)) \
     71     $($(TARGET_2ND_ARCH_VAR_PREFIX)CLANG_TARGET_GLOBAL_CFLAGS)"
     72 $(my_gen): PRIVATE_CC := $(my_cc)
     73 $(my_gen): PRIVATE_CUSTOM_TOOL = $< $(PRIVATE_CC) $@
     74 $(my_gen): $(LOCAL_PATH)/gen_syscalls.sh
     75 	$(transform-generated-source)
     76 LOCAL_GENERATED_SOURCES_$(TARGET_2ND_ARCH) += $(my_gen)
     77 
     78 my_gen := $(generated_sources_dir)/$(TARGET_2ND_ARCH)/libconstants.c
     79 $(my_gen): PRIVATE_CC := $(my_cc)
     80 $(my_gen): PRIVATE_CUSTOM_TOOL = $< $(PRIVATE_CC) $@
     81 $(my_gen): $(LOCAL_PATH)/gen_constants.sh
     82 	$(transform-generated-source)
     83 LOCAL_GENERATED_SOURCES_$(TARGET_2ND_ARCH) += $(my_gen)
     84 endif
     85 
     86 LOCAL_CFLAGS := $(minijailCommonCFlags)
     87 LOCAL_CLANG := true
     88 include $(BUILD_STATIC_LIBRARY)
     89 
     90 
     91 # libminijail shared library for target.
     92 # =========================================================
     93 include $(CLEAR_VARS)
     94 LOCAL_MODULE := libminijail
     95 
     96 LOCAL_CFLAGS := $(minijailCommonCFlags)
     97 LOCAL_CLANG := true
     98 LOCAL_SRC_FILES := $(libminijailSrcFiles)
     99 
    100 LOCAL_STATIC_LIBRARIES := libminijail_generated
    101 LOCAL_SHARED_LIBRARIES := $(minijailCommonLibraries)
    102 LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)
    103 include $(BUILD_SHARED_LIBRARY)
    104 
    105 
    106 # Example ASan-ified libminijail shared library for target.
    107 # Commented out since it's only needed for local debugging.
    108 # =========================================================
    109 # include $(CLEAR_VARS)
    110 # LOCAL_MODULE := libminijail_asan
    111 # LOCAL_MODULE_TAGS := optional
    112 #
    113 # LOCAL_CFLAGS := $(minijailCommonCFlags)
    114 # LOCAL_CLANG := true
    115 # LOCAL_SANITIZE := address
    116 # LOCAL_MODULE_RELATIVE_PATH := asan
    117 # LOCAL_SRC_FILES := $(libminijailSrcFiles)
    118 #
    119 # LOCAL_STATIC_LIBRARIES := libminijail_generated
    120 # LOCAL_SHARED_LIBRARIES := $(minijailCommonLibraries)
    121 # LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)
    122 # include $(BUILD_SHARED_LIBRARY)
    123 
    124 
    125 # libminijail static library for target.
    126 # =========================================================
    127 include $(CLEAR_VARS)
    128 LOCAL_MODULE := libminijail
    129 
    130 LOCAL_CFLAGS := $(minijailCommonCFlags)
    131 LOCAL_CLANG := true
    132 LOCAL_SRC_FILES := $(libminijailSrcFiles)
    133 
    134 LOCAL_WHOLE_STATIC_LIBRARIES := libminijail_generated $(minijailCommonLibraries)
    135 LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)
    136 include $(BUILD_STATIC_LIBRARY)
    137 
    138 
    139 # libminijail native unit tests using gtest. Run with:
    140 # adb shell /data/nativetest/libminijail_unittest_gtest/libminijail_unittest_gtest
    141 # =========================================================
    142 include $(CLEAR_VARS)
    143 LOCAL_MODULE := libminijail_unittest_gtest
    144 
    145 LOCAL_CPP_EXTENSION := .cc
    146 LOCAL_CFLAGS := $(minijailCommonCFlags) -Wno-writable-strings
    147 LOCAL_CLANG := true
    148 LOCAL_SRC_FILES := \
    149 	$(libminijailSrcFiles) \
    150 	libminijail_unittest.cc \
    151 
    152 LOCAL_STATIC_LIBRARIES := libminijail_generated
    153 LOCAL_SHARED_LIBRARIES := $(minijailCommonLibraries)
    154 include $(BUILD_NATIVE_TEST)
    155 
    156 
    157 # # libminijail native unit tests for the host. Run with:
    158 # # out/host/linux-x86/nativetest(64)/libminijail_unittest/libminijail_unittest_gtest
    159 # # TODO(b/31395668): Re-enable once the seccomp(2) syscall becomes available.
    160 # # =========================================================
    161 # include $(CLEAR_VARS)
    162 # LOCAL_MODULE := libminijail_unittest_gtest
    163 # LOCAL_MODULE_HOST_OS := linux
    164 
    165 # LOCAL_CPP_EXTENSION := .cc
    166 # LOCAL_CFLAGS := $(minijailCommonCFlags) -DPRELOADPATH=\"/invalid\"
    167 # LOCAL_CLANG := true
    168 # LOCAL_SRC_FILES := \
    169 # 	$(libminijailSrcFiles) \
    170 # 	libminijail_unittest.cc \
    171 # 	$(hostUnittestSrcFiles)
    172 
    173 # LOCAL_SHARED_LIBRARIES := $(minijailCommonLibraries)
    174 # include $(BUILD_HOST_NATIVE_TEST)
    175 
    176 
    177 # Syscall filtering native unit tests using gtest. Run with:
    178 # adb shell /data/nativetest/syscall_filter_unittest_gtest/syscall_filter_unittest_gtest
    179 # =========================================================
    180 include $(CLEAR_VARS)
    181 LOCAL_MODULE := syscall_filter_unittest_gtest
    182 
    183 LOCAL_CPP_EXTENSION := .cc
    184 LOCAL_CFLAGS := $(minijailCommonCFlags)
    185 LOCAL_CLANG := true
    186 LOCAL_SRC_FILES := \
    187 	bpf.c \
    188 	syscall_filter.c \
    189 	util.c \
    190 	syscall_filter_unittest.cc \
    191 
    192 LOCAL_STATIC_LIBRARIES := libminijail_generated
    193 LOCAL_SHARED_LIBRARIES := $(minijailCommonLibraries)
    194 include $(BUILD_NATIVE_TEST)
    195 
    196 
    197 # Syscall filtering native unit tests for the host. Run with:
    198 # out/host/linux-x86/nativetest(64)/syscall_filter_unittest_gtest/syscall_filter_unittest_gtest
    199 # =========================================================
    200 include $(CLEAR_VARS)
    201 LOCAL_MODULE := syscall_filter_unittest_gtest
    202 LOCAL_MODULE_HOST_OS := linux
    203 
    204 LOCAL_CPP_EXTENSION := .cc
    205 LOCAL_CFLAGS := $(minijailCommonCFlags)
    206 LOCAL_CLANG := true
    207 LOCAL_SRC_FILES := \
    208 	bpf.c \
    209 	syscall_filter.c \
    210 	util.c \
    211 	syscall_filter_unittest.cc \
    212 	$(hostUnittestSrcFiles)
    213 
    214 LOCAL_SHARED_LIBRARIES := $(minijailCommonLibraries)
    215 include $(BUILD_HOST_NATIVE_TEST)
    216 
    217 
    218 # libminijail_test executable for brillo_Minijail test.
    219 # =========================================================
    220 include $(CLEAR_VARS)
    221 LOCAL_MODULE := libminijail_test
    222 
    223 LOCAL_CFLAGS := $(minijailCommonCFlags)
    224 LOCAL_CLANG := true
    225 LOCAL_SRC_FILES := \
    226 	test/libminijail_test.cpp
    227 
    228 LOCAL_SHARED_LIBRARIES := libbase libminijail
    229 include $(BUILD_EXECUTABLE)
    230 
    231 
    232 # libminijail usage example.
    233 # =========================================================
    234 include $(CLEAR_VARS)
    235 LOCAL_MODULE := drop_privs
    236 LOCAL_MODULE_TAGS := optional
    237 LOCAL_CFLAGS := $(minijailCommonCFlags)
    238 LOCAL_CLANG := true
    239 # Don't build with ASan, but leave commented out for easy local debugging.
    240 # LOCAL_SANITIZE := address
    241 LOCAL_SRC_FILES := \
    242 	examples/drop_privs.cpp
    243 
    244 LOCAL_SHARED_LIBRARIES := libbase libminijail
    245 include $(BUILD_EXECUTABLE)
    246 
    247 
    248 # minijail0 executable.
    249 # This is not currently used on Brillo/Android,
    250 # but it's convenient to be able to build it.
    251 # =========================================================
    252 include $(CLEAR_VARS)
    253 LOCAL_MODULE := minijail0
    254 LOCAL_MODULE_TAGS := optional
    255 LOCAL_CFLAGS := \
    256 	$(minijailCommonCFlags) -Wno-missing-field-initializers \
    257 	-DPRELOADPATH=\"/invalidminijailpreload.so\"
    258 LOCAL_CLANG := true
    259 LOCAL_SRC_FILES := \
    260 	elfparse.c \
    261 	minijail0.c \
    262 
    263 LOCAL_STATIC_LIBRARIES := libminijail_generated
    264 LOCAL_SHARED_LIBRARIES := $(minijailCommonLibraries) libminijail
    265 include $(BUILD_EXECUTABLE)
    266