Linux sandbox: compile partially under Android.

Get a subset of sandbox/linux to compile under Android. BUG=166704 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11612014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@173954 0039d316-1c4b-4281-b951-d872f2087c98
author: jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2012-12-19 18:26:18 +0000
committer: jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2012-12-19 18:26:18 +0000
commit: 0795982840095652cb7e0e64b227dfff861ebb77 (patch)
tree: 703660ba9e5ee36b0278ae1a9ff81287d44586b6 /sandbox
parent: 36132026f76105e8dd4d665d234206c6813c7ecf (diff)
download: chromium_src-0795982840095652cb7e0e64b227dfff861ebb77.zip
chromium_src-0795982840095652cb7e0e64b227dfff861ebb77.tar.gz
chromium_src-0795982840095652cb7e0e64b227dfff861ebb77.tar.bz2
6 files changed, 102 insertions, 20 deletions
diff --git a/sandbox/linux/sandbox_linux.gypi b/sandbox/linux/sandbox_linux.gypi
index 9283d6a..936b3f6 100644
--- a/sandbox/linux/sandbox_linux.gypi
+++ b/sandbox/linux/sandbox_linux.gypi
@@ -3,6 +3,38 @@
 # found in the LICENSE file.
 
 {
+  'variables': {
+    'conditions': [
+      ['OS=="linux"', {
+        'compile_suid_client': 1,
+      }, {
+        'compile_suid_client': 0,
+      }],
+      ['(OS=="linux" or OS=="android") and (target_arch=="ia32" '
+             'or target_arch=="x64" or target_arch=="arm")', {
+        'compile_seccomp_bpf': 1,
+      }, {
+        'compile_seccomp_bpf': 0,
+      }],
+    ],
+  },
+  'target_defaults': {
+    'target_conditions': [
+      # All linux/ files will automatically be excluded on Android
+      # so make sure we re-include them explicitly.
+      ['OS == "android"', {
+        'sources/': [
+          ['include', '^linux/'],
+          # TODO(jln): some files don't yet even compile on Android.
+          # crbug.com/166704
+          ['exclude', 'errorcode_unittest\\.cc$'],
+          ['exclude', 'sandbox_bpf\\.cc$'],
+          ['exclude', 'sandbox_bpf_unittest\\.cc$'],
+          ['exclude', 'syscall_unittest\\.cc$'],
+        ],
+      }],
+    ],
+  },
   'targets': [
     # We have two principal targets: sandbox and sandbox_linux_unittests
     # All other targets are listed as dependencies.
@@ -12,10 +44,14 @@
       'target_name': 'sandbox',
       'type': 'none',
       'dependencies': [
-        'suid_sandbox_client',
         'sandbox_services',
       ],
       'conditions': [
+        [ 'compile_suid_client==1', {
+          'dependencies': [
+            'suid_sandbox_client',
+          ],
+        }],
         # Only compile in the seccomp mode 1 code for the flag combination
         # where we support it.
         [ 'OS=="linux" and (target_arch=="ia32" or target_arch=="x64") '
@@ -25,8 +61,7 @@
           ],
         }],
         # Similarly, compile seccomp BPF when we support it
-        [ 'OS=="linux" and (target_arch=="ia32" or target_arch=="x64" '
-                           'or target_arch=="arm")', {
+        [ 'compile_seccomp_bpf==1', {
           'type': 'static_library',
           'dependencies': [
             'seccomp_bpf',
@@ -36,7 +71,7 @@
     },
     {
       'target_name': 'sandbox_linux_unittests',
-      'type': 'executable',
+      'type': '<(gtest_target_type)',
       'dependencies': [
         'sandbox',
         '../testing/gtest.gyp:gtest',
@@ -45,15 +80,18 @@
         'tests/main.cc',
         'tests/unit_tests.cc',
         'tests/unit_tests.h',
-        'suid/client/setuid_sandbox_client_unittest.cc',
         'services/broker_process_unittest.cc',
       ],
       'include_dirs': [
         '../..',
       ],
       'conditions': [
-        [ 'OS=="linux" and (target_arch=="ia32" or target_arch=="x64" '
-                           'or target_arch=="arm")', {
+        [ 'compile_suid_client==1', {
+          'sources': [
+            'suid/client/setuid_sandbox_client_unittest.cc',
+          ],
+        }],
+        [ 'compile_seccomp_bpf==1', {
           'sources': [
             'seccomp-bpf/bpf_tests.h',
             'seccomp-bpf/codegen_unittest.cc',
@@ -162,4 +200,25 @@
     },
 
   ],
+  'conditions': [
+    # Strategy copied from base_unittests_apk in base/base.gyp.
+    [ 'OS=="android" and gtest_target_type == "shared_library"', {
+      'targets': [
+        {
+        'target_name': 'sandbox_linux_unittests_apk',
+        'type': 'none',
+        'dependencies': [
+          'sandbox_linux_unittests',
+        ],
+        'variables': {
+          'test_suite_name': 'sandbox_linux_unittests',
+          'input_shlib_path':
+              '<(SHARED_LIB_DIR)/<(SHARED_LIB_PREFIX)sandbox_linux_unittests'
+              '<(SHARED_LIB_SUFFIX)',
+        },
+        'includes': [ '../../build/apk_test.gypi' ],
+        }
+      ],
+    }],
+  ],
 }
diff --git a/sandbox/linux/seccomp-bpf/sandbox_bpf.h b/sandbox/linux/seccomp-bpf/sandbox_bpf.h
index 4771325..a551a52 100644
--- a/sandbox/linux/seccomp-bpf/sandbox_bpf.h
+++ b/sandbox/linux/seccomp-bpf/sandbox_bpf.h
@@ -8,7 +8,7 @@
 #include <endian.h>
 #include <errno.h>
 #include <fcntl.h>
-#include <linux/audit.h>
+// #include <linux/audit.h>
 #include <linux/filter.h>
 // #include <linux/seccomp.h>
 #include <linux/unistd.h>
@@ -26,7 +26,6 @@
 #include <sys/ipc.h>
 #include <sys/mman.h>
 #include <sys/prctl.h>
-#include <sys/shm.h>
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <sys/uio.h>
@@ -58,6 +57,34 @@
 // As we can't break compilation with these versions of the library,
 // we explicitly define all missing symbols.
 
+// For audit.h
+#ifndef EM_ARM
+#define EM_ARM    40
+#endif
+#ifndef EM_386
+#define EM_386    3
+#endif
+#ifndef EM_X86_64
+#define EM_X86_64 62
+#endif
+
+#ifndef __AUDIT_ARCH_64BIT
+#define __AUDIT_ARCH_64BIT 0x80000000
+#endif
+#ifndef __AUDIT_ARCH_LE
+#define __AUDIT_ARCH_LE    0x40000000
+#endif
+#ifndef AUDIT_ARCH_ARM
+#define AUDIT_ARCH_ARM    (EM_ARM|__AUDIT_ARCH_LE)
+#endif
+#ifndef AUDIT_ARCH_I386
+#define AUDIT_ARCH_I386   (EM_386|__AUDIT_ARCH_LE)
+#endif
+#ifndef AUDIT_ARCH_X86_64
+#define AUDIT_ARCH_X86_64 (EM_X86_64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
+#endif
+
+// For prctl.h
 #ifndef PR_SET_NO_NEW_PRIVS
 #define PR_SET_NO_NEW_PRIVS          38
 #define PR_GET_NO_NEW_PRIVS          39
@@ -165,11 +192,7 @@
 #define MAX_PRIVATE_SYSCALL (MIN_PRIVATE_SYSCALL + 16u)
 #define MIN_GHOST_SYSCALL   ((unsigned int)__ARM_NR_BASE + 0xfff0u)
 #define MAX_SYSCALL         (MIN_GHOST_SYSCALL + 4u)
-// <linux/audit.h> includes <linux/elf-em.h>, which does not define EM_ARM.
-// <linux/elf.h> only includes <asm/elf.h> if we're in the kernel.
-# if !defined(EM_ARM)
-# define EM_ARM 40
-# endif
+
 #define SECCOMP_ARCH AUDIT_ARCH_ARM
 
 // ARM sigcontext_t is different from i386/x86_64.
diff --git a/sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc b/sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc
index f3952b0..25b6655 100644
--- a/sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc
+++ b/sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include <sys/prctl.h>
+#include <sys/syscall.h>
 #include <sys/utsname.h>
 
 #include <ostream>
@@ -12,6 +12,7 @@
 #include "sandbox/linux/seccomp-bpf/syscall.h"
 #include "sandbox/linux/seccomp-bpf/verifier.h"
 #include "sandbox/linux/services/broker_process.h"
+#include "sandbox/linux/services/linux_syscalls.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 using namespace playground2;
diff --git a/sandbox/linux/seccomp-bpf/syscall.cc b/sandbox/linux/seccomp-bpf/syscall.cc
index fe056d4..b5721e6 100644
--- a/sandbox/linux/seccomp-bpf/syscall.cc
+++ b/sandbox/linux/seccomp-bpf/syscall.cc
@@ -3,7 +3,6 @@
 // found in the LICENSE file.
 
 #include <asm/unistd.h>
-#include <bits/wordsize.h>
 #include <errno.h>
 
 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
diff --git a/sandbox/linux/seccomp-bpf/syscall_unittest.cc b/sandbox/linux/seccomp-bpf/syscall_unittest.cc
index 5209493..11fa315 100644
--- a/sandbox/linux/seccomp-bpf/syscall_unittest.cc
+++ b/sandbox/linux/seccomp-bpf/syscall_unittest.cc
@@ -5,6 +5,7 @@
 #include <asm/unistd.h>
 #include <fcntl.h>
 #include <sys/mman.h>
+#include <sys/syscall.h>
 #include <unistd.h>
 
 #include <vector>
diff --git a/sandbox/sandbox.gyp b/sandbox/sandbox.gyp
index c953f08..b48727a 100644
--- a/sandbox/sandbox.gyp
+++ b/sandbox/sandbox.gyp
@@ -12,14 +12,13 @@
         'win/sandbox_win.gypi',
       ],
     }],
-    [ 'OS=="linux"', {
+    [ 'OS=="linux" or OS=="android"', {
       'includes': [
         'linux/sandbox_linux.gypi',
       ],
     }],
-    [ 'OS!="win" and OS!="mac" and OS!="linux"', {
-      # We need a 'default' to accomodate the "sandbox" target, for instance
-      # on Android.
+    [ 'OS!="win" and OS!="mac" and OS!="linux" and OS!="android"', {
+      # A 'default' to accomodate the "sandbox" target.
       'targets': [
         {
           'target_name': 'sandbox',
author	jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2012-12-19 18:26:18 +0000
committer	jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2012-12-19 18:26:18 +0000
commit	0795982840095652cb7e0e64b227dfff861ebb77 (patch)
tree	703660ba9e5ee36b0278ae1a9ff81287d44586b6 /sandbox
parent	36132026f76105e8dd4d665d234206c6813c7ecf (diff)
download	chromium_src-0795982840095652cb7e0e64b227dfff861ebb77.zip chromium_src-0795982840095652cb7e0e64b227dfff861ebb77.tar.gz chromium_src-0795982840095652cb7e0e64b227dfff861ebb77.tar.bz2