summaryrefslogtreecommitdiffstats
path: root/security/sandbox/linux/moz.build
diff options
context:
space:
mode:
Diffstat (limited to 'security/sandbox/linux/moz.build')
-rw-r--r--security/sandbox/linux/moz.build116
1 files changed, 116 insertions, 0 deletions
diff --git a/security/sandbox/linux/moz.build b/security/sandbox/linux/moz.build
new file mode 100644
index 000000000..bde75cdb7
--- /dev/null
+++ b/security/sandbox/linux/moz.build
@@ -0,0 +1,116 @@
+# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+SharedLibrary('mozsandbox')
+
+# Depend on mozglue if and only if it's a shared library;
+# this needs to match mozglue/build/moz.build:
+if CONFIG['OS_TARGET'] == 'Android':
+ USE_LIBS += [
+ 'mozglue',
+ ]
+
+EXPORTS.mozilla += [
+ 'Sandbox.h',
+ 'SandboxInfo.h',
+]
+
+SOURCES += [
+ '../chromium-shim/base/logging.cpp',
+ '../chromium/base/at_exit.cc',
+ '../chromium/base/callback_internal.cc',
+ '../chromium/base/lazy_instance.cc',
+ '../chromium/base/memory/ref_counted.cc',
+ '../chromium/base/memory/singleton.cc',
+ '../chromium/base/strings/safe_sprintf.cc',
+ '../chromium/base/strings/string16.cc',
+ '../chromium/base/strings/string_piece.cc',
+ '../chromium/base/strings/string_util.cc',
+ '../chromium/base/strings/string_util_constants.cc',
+ '../chromium/base/strings/stringprintf.cc',
+ '../chromium/base/strings/utf_string_conversion_utils.cc',
+ '../chromium/base/strings/utf_string_conversions.cc',
+ '../chromium/base/synchronization/condition_variable_posix.cc',
+ '../chromium/base/synchronization/lock.cc',
+ '../chromium/base/synchronization/lock_impl_posix.cc',
+ '../chromium/base/synchronization/waitable_event_posix.cc',
+ '../chromium/base/third_party/icu/icu_utf.cc',
+ '../chromium/base/threading/platform_thread_internal_posix.cc',
+ '../chromium/base/threading/platform_thread_linux.cc',
+ '../chromium/base/threading/platform_thread_posix.cc',
+ '../chromium/base/threading/thread_collision_warner.cc',
+ '../chromium/base/threading/thread_id_name_manager.cc',
+ '../chromium/base/threading/thread_local_posix.cc',
+ '../chromium/base/threading/thread_restrictions.cc',
+ '../chromium/base/time/time.cc',
+ '../chromium/base/time/time_posix.cc',
+ '../chromium/sandbox/linux/bpf_dsl/bpf_dsl.cc',
+ '../chromium/sandbox/linux/bpf_dsl/codegen.cc',
+ '../chromium/sandbox/linux/bpf_dsl/dump_bpf.cc',
+ '../chromium/sandbox/linux/bpf_dsl/policy.cc',
+ '../chromium/sandbox/linux/bpf_dsl/policy_compiler.cc',
+ '../chromium/sandbox/linux/bpf_dsl/syscall_set.cc',
+ '../chromium/sandbox/linux/seccomp-bpf/die.cc',
+ '../chromium/sandbox/linux/seccomp-bpf/syscall.cc',
+ '../chromium/sandbox/linux/seccomp-bpf/trap.cc',
+ '../chromium/sandbox/linux/services/syscall_wrappers.cc',
+ 'broker/SandboxBrokerCommon.cpp',
+ 'LinuxCapabilities.cpp',
+ 'Sandbox.cpp',
+ 'SandboxBrokerClient.cpp',
+ 'SandboxChroot.cpp',
+ 'SandboxFilter.cpp',
+ 'SandboxFilterUtil.cpp',
+ 'SandboxHooks.cpp',
+ 'SandboxInfo.cpp',
+ 'SandboxLogging.cpp',
+ 'SandboxUtil.cpp',
+]
+
+# This copy of SafeSPrintf doesn't need to avoid the Chromium logging
+# dependency like the one in libxul does, but this way the behavior is
+# consistent. See also the comment in SandboxLogging.h.
+SOURCES['../chromium/base/strings/safe_sprintf.cc'].flags += ['-DNDEBUG']
+
+# Keep clang from warning about intentional 'switch' fallthrough in icu_utf.cc:
+if CONFIG['CLANG_CXX']:
+ SOURCES['../chromium/base/third_party/icu/icu_utf.cc'].flags += ['-Wno-implicit-fallthrough']
+
+if CONFIG['GNU_CXX']:
+ CXXFLAGS += ['-Wno-shadow']
+ SOURCES['../chromium/sandbox/linux/services/syscall_wrappers.cc'].flags += [
+ '-Wno-empty-body',
+ ]
+
+# gcc lto likes to put the top level asm in syscall.cc in a different partition
+# from the function using it which breaks the build. Work around that by
+# forcing there to be only one partition.
+if '-flto' in CONFIG['OS_CXXFLAGS'] and not CONFIG['CLANG_CXX']:
+ LDFLAGS += ['--param lto-partitions=1']
+
+DEFINES['NS_NO_XPCOM'] = True
+DISABLE_STL_WRAPPING = True
+
+LOCAL_INCLUDES += ['/security/sandbox/linux']
+LOCAL_INCLUDES += ['/security/sandbox/chromium-shim']
+LOCAL_INCLUDES += ['/security/sandbox/chromium']
+LOCAL_INCLUDES += ['/nsprpub']
+
+
+if CONFIG['OS_TARGET'] != 'Android':
+ # Needed for clock_gettime with glibc < 2.17:
+ OS_LIBS += [
+ 'rt',
+ ]
+
+DIRS += [
+ 'broker',
+ 'glue',
+]
+
+TEST_DIRS += [
+ 'gtest',
+]