1# Copyright 2019 Google LLC 2# 3# Licensed under the Apache License, Version 2.0 (the "License"); 4# you may not use this file except in compliance with the License. 5# You may obtain a copy of the License at 6# 7# https://www.apache.org/licenses/LICENSE-2.0 8# 9# Unless required by applicable law or agreed to in writing, software 10# distributed under the License is distributed on an "AS IS" BASIS, 11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12# See the License for the specific language governing permissions and 13# limitations under the License. 14 15add_subdirectory(examples) 16add_subdirectory(unwind) 17add_subdirectory(util) 18add_subdirectory(network_proxy) 19 20# sandboxed_api/sandbox2:allow_all_syscalls 21add_library(sandbox2_allow_all_syscalls ${SAPI_LIB_TYPE} 22 allow_all_syscalls.h 23) 24add_library(sandbox2::allow_all_syscalls ALIAS sandbox2_allow_all_syscalls) 25target_link_libraries(sandbox2_allow_all_syscalls PRIVATE 26 sapi::base 27) 28 29# sandboxed_api/sandbox2:trace_all_syscalls 30add_library(sandbox2_trace_all_syscalls ${SAPI_LIB_TYPE} 31 trace_all_syscalls.h 32) 33add_library(sandbox2::trace_all_syscalls ALIAS sandbox2_trace_all_syscalls) 34target_link_libraries(sandbox2_trace_all_syscalls PRIVATE 35 sapi::base 36) 37 38# sandboxed_api/sandbox2:allow_unrestricted_networking 39add_library(sandbox2_allow_unrestricted_networking ${SAPI_LIB_TYPE} 40 allow_unrestricted_networking.h 41) 42add_library(sandbox2::allow_unrestricted_networking ALIAS sandbox2_allow_unrestricted_networking) 43target_link_libraries(sandbox2_allow_unrestricted_networking PRIVATE 44 sapi::base 45) 46 47# sandboxed_api/sandbox2:bpfdisassembler 48add_library(sandbox2_bpfdisassembler ${SAPI_LIB_TYPE} 49 bpfdisassembler.cc 50 bpfdisassembler.h 51) 52add_library(sandbox2::bpfdisassembler ALIAS sandbox2_bpfdisassembler) 53target_link_libraries(sandbox2_bpfdisassembler 54 PUBLIC absl::span 55 PRIVATE absl::strings 56 sapi::base 57) 58 59# sandboxed_api/sandbox2:regs 60add_library(sandbox2_regs ${SAPI_LIB_TYPE} 61 regs.cc 62 regs.h 63) 64add_library(sandbox2::regs ALIAS sandbox2_regs) 65target_link_libraries(sandbox2_regs 66 PUBLIC absl::status 67 sapi::config 68 sandbox2::syscall 69 sandbox2::violation_proto 70 PRIVATE absl::core_headers 71 absl::strings 72 sapi::strerror 73 sapi::base 74 sapi::status 75) 76 77# sandboxed_api/sandbox2:syscall 78add_library(sandbox2_syscall ${SAPI_LIB_TYPE} 79 syscall.cc 80 syscall.h 81 syscall_defs.cc 82 syscall_defs.h 83) 84add_library(sandbox2::syscall ALIAS sandbox2_syscall) 85target_link_libraries(sandbox2_syscall 86 PRIVATE absl::algorithm_container 87 absl::span 88 absl::statusor 89 absl::str_format 90 absl::strings 91 sandbox2::util 92 sapi::base 93 PUBLIC absl::log 94) 95 96# sandboxed_api/sandbox2:result 97add_library(sandbox2_result ${SAPI_LIB_TYPE} 98 result.cc 99 result.h 100) 101add_library(sandbox2::result ALIAS sandbox2_result) 102target_link_libraries(sandbox2_result PRIVATE 103 absl::base 104 absl::strings 105 sapi::config 106 sandbox2::regs 107 sandbox2::syscall 108 sandbox2::util 109 sapi::base 110 sapi::status 111) 112 113# sandboxed_api/sandbox2:logserver_proto 114sapi_protobuf_generate_cpp(_sandbox2_logserver_pb_h _sandbox2_logserver_pb_cc 115 logserver.proto 116) 117add_library(sandbox2_logserver_proto ${SAPI_LIB_TYPE} 118 ${_sandbox2_logserver_pb_cc} 119 ${_sandbox2_logserver_pb_h} 120) 121add_library(sandbox2::logserver_proto ALIAS sandbox2_logserver_proto) 122target_link_libraries(sandbox2_logserver_proto 123 PRIVATE sapi::base 124 PUBLIC protobuf::libprotobuf 125) 126 127# sandboxed_api/sandbox2:logserver 128add_library(sandbox2_logserver ${SAPI_LIB_TYPE} 129 logserver.cc 130 logserver.h 131) 132add_library(sandbox2::logserver ALIAS sandbox2_logserver) 133target_link_libraries(sandbox2_logserver 134 PRIVATE sandbox2::comms 135 sandbox2::logserver_proto 136 sapi::base 137 PUBLIC absl::log 138) 139 140# sandboxed_api/sandbox2:logsink 141add_library(sandbox2_logsink ${SAPI_LIB_TYPE} 142 logsink.cc 143 logsink.h 144) 145add_library(sandbox2::logsink ALIAS sandbox2_logsink) 146target_link_libraries(sandbox2_logsink 147 PRIVATE absl::strings 148 sandbox2::comms 149 sandbox2::logserver_proto 150 sapi::base 151 PUBLIC absl::synchronization 152 absl::log 153) 154 155# sandboxed_api/sandbox2:ipc 156add_library(sandbox2_ipc ${SAPI_LIB_TYPE} 157 ipc.cc 158 ipc.h 159) 160add_library(sandbox2::ipc ALIAS sandbox2_ipc) 161target_link_libraries(sandbox2_ipc PRIVATE 162 absl::core_headers 163 absl::strings 164 sandbox2::comms 165 sandbox2::logserver 166 sandbox2::logsink 167 sandbox2::network_proxy_client 168 sandbox2::network_proxy_server 169 sapi::base 170 sapi::raw_logging 171) 172 173# sandboxed_api/sandbox2:policy 174add_library(sandbox2_policy ${SAPI_LIB_TYPE} 175 policy.cc 176 policy.h 177) 178add_library(sandbox2::policy ALIAS sandbox2_policy) 179target_link_libraries(sandbox2_policy 180 PRIVATE absl::strings 181 sandbox2::bpf_helper 182 sandbox2::bpfdisassembler 183 sandbox2::comms 184 sandbox2::regs 185 sandbox2::syscall 186 sapi::base 187 sapi::config 188 PUBLIC sandbox2::network_proxy_filtering 189 sandbox2::namespace 190 sandbox2::violation_proto 191) 192 193# sandboxed_api/sandbox2:notify 194add_library(sandbox2_notify ${SAPI_LIB_TYPE} 195 notify.h 196) 197add_library(sandbox2::notify ALIAS sandbox2_notify) 198target_link_libraries(sandbox2_notify 199 PUBLIC absl::core_headers 200 absl::log 201 sandbox2::comms 202 sandbox2::result 203 sandbox2::syscall 204 sandbox2::util 205 PRIVATE sapi::base 206) 207 208# sandboxed_api/sandbox2:limits 209add_library(sandbox2_limits ${SAPI_LIB_TYPE} 210 limits.h 211) 212add_library(sandbox2::limits ALIAS sandbox2_limits) 213target_link_libraries(sandbox2_limits PRIVATE 214 absl::core_headers 215 absl::time 216 sapi::base 217) 218 219# sandboxed_api/sandbox2:forkserver_bin 220add_executable(sandbox2_forkserver_bin 221 forkserver_bin.cc 222) 223set_target_properties(sandbox2_forkserver_bin PROPERTIES 224 OUTPUT_NAME forkserver_bin) 225add_executable(sandbox2::forkserver_bin ALIAS sandbox2_forkserver_bin) 226target_link_libraries(sandbox2_forkserver_bin PRIVATE 227 absl::log_globals 228 absl::log_severity 229 absl::status 230 sandbox2::client 231 sandbox2::comms 232 sandbox2::forkserver 233 sandbox2::sanitizer 234 sandbox2::unwind 235 sandbox2::util 236 sapi::base 237 sapi::raw_logging 238) 239 240# sandboxed_api/sandbox2:forkserver_bin_embed 241sapi_cc_embed_data(NAME sandbox2_forkserver_bin_embed 242 OUTPUT_NAME forkserver_bin_embed 243 NAMESPACE "" 244 SOURCES sandbox2::forkserver_bin 245) 246add_library(sandbox2::forkserver_bin_embed ALIAS sandbox2_forkserver_bin_embed) 247 248# sandboxed_api/sandbox2:global_forkserver 249add_library(sandbox2_global_forkserver ${SAPI_LIB_TYPE} 250 global_forkclient.cc 251 global_forkclient.h 252) 253add_library(sandbox2::global_forkserver ALIAS sandbox2_global_forkserver) 254target_link_libraries(sandbox2_global_forkserver 255 PRIVATE absl::cleanup 256 absl::strings 257 absl::status 258 absl::statusor 259 absl::log 260 sandbox2::client 261 sandbox2::forkserver_bin_embed 262 sandbox2::util 263 sapi::strerror 264 sapi::base 265 sapi::config 266 sapi::embed_file 267 sapi::fileops 268 sapi::raw_logging 269 sapi::status 270 PUBLIC absl::core_headers 271 absl::flags 272 absl::synchronization 273 sandbox2::comms 274 sandbox2::fork_client 275 sandbox2::forkserver_proto 276) 277 278# sandboxed_api/sandbox2:start_global_forkserver_lib_constructor 279# Use only if Sandbox2 global forkserver has to be started very early on. 280# By default the forkserver is started on demand. 281add_library(sandbox2_start_global_forkserver_lib_constructor STATIC 282 global_forkclient_lib_ctor.cc 283) 284add_library(sandbox2::start_global_forkserver_lib_constructor ALIAS 285 sandbox2_start_global_forkserver_lib_constructor) 286target_link_libraries(sandbox2_start_global_forkserver_lib_constructor PRIVATE 287 absl::core_headers 288 sapi::base 289 sandbox2::fork_client 290 sandbox2::global_forkserver 291) 292 293# sandboxed_api/sandbox2:executor 294add_library(sandbox2_executor ${SAPI_LIB_TYPE} 295 executor.cc 296 executor.h 297) 298add_library(sandbox2::executor ALIAS sandbox2_executor) 299target_link_libraries(sandbox2_executor 300 PRIVATE absl::core_headers 301 absl::status 302 sandbox2::forkserver_proto 303 sandbox2::ipc 304 sandbox2::limits 305 sandbox2::namespace 306 sandbox2::util 307 sapi::base 308 sapi::status_proto 309 PUBLIC absl::log 310 absl::span 311 absl::statusor 312 absl::strings 313 sapi::config 314 sapi::fileops 315 sapi::status 316 sandbox2::fork_client 317 sandbox2::global_forkserver 318) 319 320# sandboxed_api/sandbox2:sandbox2 321add_library(sandbox2_sandbox2 ${SAPI_LIB_TYPE} 322 sandbox2.cc 323 sandbox2.h 324) 325add_library(sandbox2::sandbox2 ALIAS sandbox2_sandbox2) 326target_link_libraries(sandbox2_sandbox2 327 PRIVATE absl::core_headers 328 absl::flat_hash_set 329 absl::memory 330 absl::optional 331 absl::str_format 332 absl::strings 333 sandbox2::forkserver_proto 334 sandbox2::monitor_ptrace 335 sandbox2::monitor_unotify 336 sapi::base 337 PUBLIC absl::flat_hash_map 338 absl::status 339 absl::statusor 340 absl::time 341 sapi::config 342 sapi::fileops 343 sapi::temp_file 344 sandbox2::client 345 sandbox2::comms 346 sandbox2::executor 347 sandbox2::fork_client 348 sandbox2::global_forkserver 349 sandbox2::ipc 350 sandbox2::limits 351 sandbox2::logsink 352 sandbox2::monitor_base 353 sandbox2::mounts 354 sandbox2::mount_tree_proto 355 sandbox2::namespace 356 sandbox2::network_proxy_client 357 sandbox2::network_proxy_server 358 sandbox2::notify 359 sandbox2::policy 360 sandbox2::policybuilder 361 sandbox2::regs 362 sandbox2::result 363 sandbox2::syscall 364 sandbox2::util 365 sandbox2::violation_proto 366) 367 368 369# sandboxed_api/sandbox2:stack_trace 370add_library(sandbox2_stack_trace ${SAPI_LIB_TYPE} 371 stack_trace.cc 372 stack_trace.h 373) 374add_library(sandbox2::stack_trace ALIAS sandbox2_stack_trace) 375target_link_libraries(sandbox2_stack_trace 376 PRIVATE absl::cleanup 377 absl::flags 378 absl::log 379 absl::memory 380 absl::status 381 absl::strings 382 absl::time 383 sandbox2::client 384 sandbox2::limits 385 sandbox2::mounts 386 sandbox2::policybuilder 387 sandbox2::util 388 sandbox2::unwind 389 sandbox2::unwind_proto 390 sapi::base 391 sapi::config 392 sapi::file_base 393 sapi::fileops 394 sapi::raw_logging 395 sapi::status 396 PUBLIC absl::check 397 absl::statusor 398 sandbox2::comms 399 sandbox2::executor 400 sandbox2::namespace 401 sandbox2::policy 402 sandbox2::result 403 sandbox2::regs 404) 405 406 407# sandboxed_api/sandbox2:monitor_base 408add_library(sandbox2_monitor_base ${SAPI_LIB_TYPE} 409 monitor_base.cc 410 monitor_base.h 411) 412add_library(sandbox2::monitor_base ALIAS sandbox2_monitor_base) 413target_link_libraries(sandbox2_monitor_base 414 PRIVATE absl::cleanup 415 absl::status 416 absl::time 417 sandbox2::client 418 sandbox2::limits 419 sandbox2::mounts 420 sandbox2::namespace 421 sandbox2::stack_trace 422 sandbox2::util 423 sapi::file_helpers 424 sapi::temp_file 425 sapi::base 426 sapi::raw_logging 427 PUBLIC absl::statusor 428 absl::synchronization 429 sandbox2::comms 430 sandbox2::executor 431 sandbox2::fork_client 432 sandbox2::ipc 433 sandbox2::network_proxy_client 434 sandbox2::network_proxy_server 435 sandbox2::notify 436 sandbox2::policy 437 sandbox2::result 438 sandbox2::syscall 439) 440 441# sandboxed_api/sandbox2:monitor_ptrace 442add_library(sandbox2_monitor_ptrace ${SAPI_LIB_TYPE} 443 monitor_ptrace.cc 444 monitor_ptrace.h 445) 446add_library(sandbox2::monitor_ptrace ALIAS sandbox2_monitor_ptrace) 447target_link_libraries(sandbox2_monitor_ptrace 448 PRIVATE absl::core_headers 449 absl::cleanup 450 absl::flat_hash_set 451 absl::flags 452 absl::log 453 absl::status 454 absl::statusor 455 absl::str_format 456 absl::strings 457 absl::time 458 sapi::base 459 sapi::config 460 sapi::status 461 sandbox2::client 462 sandbox2::comms 463 sandbox2::result 464 sandbox2::sanitizer 465 sandbox2::util 466 PUBLIC absl::check 467 sandbox2::executor 468 sandbox2::monitor_base 469 sandbox2::notify 470 sandbox2::policy 471 sandbox2::regs 472 sandbox2::syscall 473 absl::synchronization 474 absl::flat_hash_map 475 sapi::raw_logging 476) 477 478# sandboxed_api/sandbox2:monitor_unotify 479add_library(sandbox2_monitor_unotify ${SAPI_LIB_TYPE} 480 monitor_unotify.cc 481 monitor_unotify.h 482) 483add_library(sandbox2::monitor_unotify ALIAS sandbox2_monitor_unotify) 484target_link_libraries(sandbox2_monitor_unotify 485 PRIVATE absl::check 486 absl::cleanup 487 absl::core_headers 488 absl::log 489 absl::optional 490 absl::span 491 absl::status 492 absl::strings 493 absl::time 494 sapi::base 495 sandbox2::client 496 sandbox2::forkserver_proto 497 sapi::config 498 sapi::status 499 PUBLIC sandbox2::executor 500 sandbox2::monitor_base 501 sandbox2::notify 502 sandbox2::policy 503 sandbox2::result 504 absl::statusor 505 absl::synchronization 506 sapi::fileops 507 sapi::raw_logging 508) 509 510# sandboxed_api/sandbox2:policybuilder 511add_library(sandbox2_policybuilder ${SAPI_LIB_TYPE} 512 policybuilder.cc 513 policybuilder.h 514) 515add_library(sandbox2::policybuilder ALIAS sandbox2_policybuilder) 516target_link_libraries(sandbox2_policybuilder 517 PRIVATE absl::log 518 absl::memory 519 absl::status 520 sapi::base 521 sapi::config 522 sandbox2::bpf_helper 523 sandbox2::namespace 524 sandbox2::syscall 525 sandbox2::violation_proto 526 sapi::file_base 527 sapi::status 528 PUBLIC absl::check 529 absl::core_headers 530 absl::flat_hash_set 531 absl::span 532 absl::strings 533 absl::statusor 534 sandbox2::mounts 535 sandbox2::network_proxy_filtering 536 sandbox2::policy 537) 538 539# sandboxed_api/sandbox2:client 540add_library(sandbox2_client ${SAPI_LIB_TYPE} 541 client.cc 542 client.h 543) 544add_library(sandbox2::client ALIAS sandbox2_client) 545target_link_libraries(sandbox2_client 546 PRIVATE absl::core_headers 547 absl::strings 548 sandbox2::bpf_helper 549 sandbox2::policy 550 sandbox2::sanitizer 551 sandbox2::syscall 552 sapi::base 553 sapi::raw_logging 554 PUBLIC absl::flat_hash_map 555 absl::status 556 sandbox2::comms 557 sandbox2::logsink 558 sandbox2::network_proxy_client 559) 560 561# sandboxed_api/sandbox2:sanitizer 562add_library(sandbox2_sanitizer ${SAPI_LIB_TYPE} 563 sanitizer.cc 564 sanitizer.h 565) 566add_library(sandbox2::sanitizer ALIAS sandbox2_sanitizer) 567target_link_libraries(sandbox2_sanitizer 568 PRIVATE absl::strings 569 sandbox2::util 570 sapi::fileops 571 sapi::strerror 572 sapi::raw_logging 573 sapi::base 574 PUBLIC absl::flat_hash_set 575 absl::status 576 absl::statusor 577) 578 579# sandboxed_api/sandbox2:forkserver 580add_library(sandbox2_forkserver ${SAPI_LIB_TYPE} 581 forkserver.cc 582 forkserver.h 583) 584add_library(sandbox2::forkserver ALIAS sandbox2_forkserver) 585target_link_libraries(sandbox2_forkserver 586 PRIVATE absl::flat_hash_map 587 absl::flat_hash_set 588 absl::status 589 absl::statusor 590 absl::strings 591 libcap::libcap 592 sandbox2::bpf_helper 593 sandbox2::client 594 sandbox2::comms 595 sandbox2::fork_client 596 sandbox2::forkserver_proto 597 sandbox2::namespace 598 sandbox2::policy 599 sapi::strerror 600 sandbox2::sanitizer 601 sandbox2::syscall 602 sandbox2::util 603 sapi::base 604 sapi::raw_logging 605 PUBLIC absl::core_headers 606 absl::log 607 sapi::fileops 608) 609 610# sandboxed_api/sandbox2:fork_client 611add_library(sandbox2_fork_client ${SAPI_LIB_TYPE} 612 fork_client.cc 613 fork_client.h 614) 615add_library(sandbox2::fork_client ALIAS sandbox2_fork_client) 616target_link_libraries(sandbox2_fork_client 617 PRIVATE sandbox2::comms 618 sandbox2::forkserver_proto 619 PUBLIC absl::core_headers 620 absl::synchronization 621 sapi::base 622 sapi::fileops 623) 624 625# sandboxed_api/sandbox2:mounts 626add_library(sandbox2_mounts ${SAPI_LIB_TYPE} 627 mounts.cc 628 mounts.h 629) 630add_library(sandbox2::mounts ALIAS sandbox2_mounts) 631target_link_libraries(sandbox2_mounts 632 PRIVATE absl::flat_hash_set 633 absl::str_format 634 protobuf::libprotobuf 635 sapi::config 636 sapi::file_base 637 sapi::fileops 638 sandbox2::minielf 639 sapi::strerror 640 sapi::base 641 sapi::raw_logging 642 sapi::status 643 PUBLIC absl::status 644 absl::statusor 645 absl::strings 646 sandbox2::mount_tree_proto 647) 648 649# sandboxed_api/sandbox2:namespace 650add_library(sandbox2_namespace ${SAPI_LIB_TYPE} 651 namespace.cc 652 namespace.h 653) 654add_library(sandbox2::namespace ALIAS sandbox2_namespace) 655target_link_libraries(sandbox2_namespace 656 PRIVATE absl::strings 657 sapi::file_base 658 sapi::fileops 659 sapi::base 660 sapi::raw_logging 661 PUBLIC sandbox2::violation_proto 662 sandbox2::mounts 663) 664 665# sandboxed_api/sandbox2:forkingclient 666add_library(sandbox2_forkingclient ${SAPI_LIB_TYPE} 667 forkingclient.cc 668 forkingclient.h 669) 670add_library(sandbox2::forkingclient ALIAS sandbox2_forkingclient) 671target_link_libraries(sandbox2_forkingclient 672 PRIVATE absl::check 673 absl::memory 674 absl::log 675 sandbox2::sanitizer 676 sapi::base 677 sapi::raw_logging 678 PUBLIC sandbox2::client 679 sandbox2::comms 680 sandbox2::forkserver 681) 682 683# sandboxed_api/sandbox2:util 684add_library(sandbox2_util ${SAPI_LIB_TYPE} 685 util.cc 686 util.h 687) 688add_library(sandbox2::util ALIAS sandbox2_util) 689target_link_libraries(sandbox2_util 690 PRIVATE absl::core_headers 691 absl::str_format 692 absl::strings 693 sapi::config 694 sapi::file_base 695 sapi::file_helpers 696 sapi::fileops 697 sapi::base 698 sapi::raw_logging 699 PUBLIC absl::status 700 absl::statusor 701) 702target_compile_options(sandbox2_util PRIVATE 703 # The default is 16384, however we need to do a clone with a 704 # stack-allocated buffer -- and PTHREAD_STACK_MIN also happens to be 16384. 705 # Thus the slight increase. 706 -Wframe-larger-than=17000 707) 708 709# sandboxed_api/sandbox2:buffer 710add_library(sandbox2_buffer ${SAPI_LIB_TYPE} 711 buffer.cc 712 buffer.h 713) 714add_library(sandbox2::buffer ALIAS sandbox2_buffer) 715target_link_libraries(sandbox2_buffer 716 PRIVATE absl::core_headers 717 absl::memory 718 absl::status 719 absl::strings 720 sapi::strerror 721 sandbox2::util 722 sapi::base 723 sapi::status 724 PUBLIC absl::statusor 725) 726 727# sandboxed_api/sandbox2:forkserver_proto 728sapi_protobuf_generate_cpp(_sandbox2_forkserver_pb_h _sandbox2_forkserver_pb_cc 729 forkserver.proto 730) 731add_library(sandbox2_forkserver_proto ${SAPI_LIB_TYPE} 732 ${_sandbox2_forkserver_pb_cc} 733 ${_sandbox2_forkserver_pb_h} 734) 735add_library(sandbox2::forkserver_proto ALIAS sandbox2_forkserver_proto) 736target_link_libraries(sandbox2_forkserver_proto PRIVATE 737 protobuf::libprotobuf 738 sandbox2::mount_tree_proto 739 sapi::base 740) 741 742# sandboxed_api/sandbox2:mount_tree_proto 743sapi_protobuf_generate_cpp(_sandbox2_mount_tree_pb_h _sandbox2_mount_tree_pb_cc 744 mount_tree.proto 745) 746add_library(sandbox2_mount_tree_proto ${SAPI_LIB_TYPE} 747 ${_sandbox2_mount_tree_pb_cc} 748 ${_sandbox2_mount_tree_pb_h} 749) 750add_library(sandbox2::mount_tree_proto ALIAS sandbox2_mount_tree_proto) 751target_link_libraries(sandbox2_mount_tree_proto PRIVATE 752 protobuf::libprotobuf 753 sapi::base 754) 755 756# sandboxed_api/sandbox2:comms 757add_library(sandbox2_comms ${SAPI_LIB_TYPE} 758 comms.cc 759 comms.h 760) 761add_library(sandbox2::comms ALIAS sandbox2_comms) 762target_link_libraries(sandbox2_comms 763 PRIVATE absl::die_if_null 764 absl::status 765 absl::statusor 766 absl::str_format 767 absl::strings 768 sandbox2::util 769 sapi::base 770 sapi::raw_logging 771 sapi::status_proto 772 PUBLIC absl::core_headers 773 absl::status 774 protobuf::libprotobuf 775 sapi::fileops 776 sapi::status 777) 778 779# sandboxed_api/sandbox2:violation_proto 780sapi_protobuf_generate_cpp(_sandbox2_violation_pb_cc _sandbox2_violation_pb_h 781 violation.proto 782) 783add_library(sandbox2_violation_proto ${SAPI_LIB_TYPE} 784 ${_sandbox2_violation_pb_cc} 785 ${_sandbox2_violation_pb_h} 786) 787add_library(sandbox2::violation_proto ALIAS sandbox2_violation_proto) 788target_link_libraries(sandbox2_violation_proto PRIVATE 789 protobuf::libprotobuf 790 sandbox2::mount_tree_proto 791 sapi::base 792) 793 794if(BUILD_TESTING AND SAPI_BUILD_TESTING) 795 add_subdirectory(testcases) 796 797 # sandboxed_api/sandbox2:regs_test 798 add_executable(sandbox2_regs_test 799 regs_test.cc 800 ) 801 set_target_properties(sandbox2_regs_test PROPERTIES 802 OUTPUT_NAME regs_test 803 ) 804 target_link_libraries(sandbox2_regs_test PRIVATE 805 absl::check 806 sapi::config 807 sapi::status_matchers 808 sandbox2::bpf_helper 809 sandbox2::regs 810 sandbox2::sanitizer 811 sandbox2::syscall 812 sandbox2::util 813 sapi::test_main 814 ) 815 gtest_discover_tests_xcompile(sandbox2_regs_test) 816 817 # sandboxed_api/sandbox2:syscall_test 818 add_executable(sandbox2_syscall_test 819 syscall_test.cc 820 ) 821 set_target_properties(sandbox2_syscall_test PROPERTIES 822 OUTPUT_NAME syscall_test 823 ) 824 target_link_libraries(sandbox2_syscall_test PRIVATE 825 absl::strings 826 sapi::config 827 sandbox2::syscall 828 sapi::test_main 829 ) 830 gtest_discover_tests_xcompile(sandbox2_syscall_test) 831 832 # sandboxed_api/sandbox2:mounts_test 833 add_executable(sandbox2_mounts_test 834 mounts_test.cc 835 ) 836 set_target_properties(sandbox2_mounts_test PROPERTIES 837 OUTPUT_NAME mounts_test 838 ) 839 add_dependencies(sandbox2_mounts_test 840 sandbox2::testcase_minimal_dynamic 841 ) 842 target_link_libraries(sandbox2_mounts_test PRIVATE 843 absl::status 844 absl::strings 845 sapi::file_base 846 sandbox2::mounts 847 sapi::temp_file 848 sapi::testing 849 sapi::status_matchers 850 sapi::test_main 851 ) 852 gtest_discover_tests_xcompile(sandbox2_mounts_test PROPERTIES 853 ENVIRONMENT "TEST_TMPDIR=/tmp" 854 ENVIRONMENT "TEST_SRCDIR=${PROJECT_BINARY_DIR}" 855 ) 856 857 # sandboxed_api/sandbox2:namespace_test 858 add_executable(sandbox2_namespace_test 859 namespace_test.cc 860 ) 861 set_target_properties(sandbox2_namespace_test PROPERTIES 862 OUTPUT_NAME namespace_test 863 ) 864 add_dependencies(sandbox2_namespace_test 865 sandbox2::testcase_namespace 866 ) 867 target_link_libraries(sandbox2_namespace_test PRIVATE 868 absl::check 869 absl::statusor 870 absl::strings 871 sandbox2::allow_all_syscalls 872 sandbox2::allow_unrestricted_networking 873 sapi::config 874 sapi::fileops 875 sandbox2::namespace 876 sandbox2::sandbox2 877 sapi::testing 878 sapi::temp_file 879 sapi::status_matchers 880 sapi::test_main 881 ) 882 gtest_discover_tests_xcompile(sandbox2_namespace_test PROPERTIES 883 ENVIRONMENT "TEST_TMPDIR=/tmp" 884 ENVIRONMENT "TEST_SRCDIR=${PROJECT_BINARY_DIR}" 885 ) 886 887 # sandboxed_api/sandbox2:buffer_test 888 add_executable(sandbox2_buffer_test 889 buffer_test.cc 890 ) 891 set_target_properties(sandbox2_buffer_test PROPERTIES 892 OUTPUT_NAME buffer_test 893 ) 894 add_dependencies(sandbox2_buffer_test 895 sandbox2::testcase_buffer 896 ) 897 target_link_libraries(sandbox2_buffer_test PRIVATE 898 sandbox2::buffer 899 sandbox2::sandbox2 900 sapi::testing 901 sapi::status_matchers 902 sapi::test_main 903 ) 904 gtest_discover_tests_xcompile(sandbox2_buffer_test PROPERTIES 905 ENVIRONMENT "TEST_SRCDIR=${PROJECT_BINARY_DIR}" 906 ) 907 908 # sandboxed_api/sandbox2:comms_test_proto 909 sapi_protobuf_generate_cpp( 910 _sandbox2_comms_test_pb_h _sandbox2_comms_test_pb_cc 911 comms_test.proto 912 ) 913 add_library(sandbox2_comms_test_proto ${SAPI_LIB_TYPE} 914 ${_sandbox2_comms_test_pb_cc} 915 ${_sandbox2_comms_test_pb_h} 916 ) 917 add_library(sandbox2::comms_test_proto ALIAS sandbox2_comms_test_proto) 918 target_link_libraries(sandbox2_comms_test_proto 919 PRIVATE sapi::base 920 PUBLIC protobuf::libprotobuf 921 ) 922 923 # sandboxed_api/sandbox2:comms_test 924 add_executable(sandbox2_comms_test 925 comms_test.cc 926 ) 927 target_link_libraries(sandbox2_comms_test PRIVATE 928 absl::check 929 absl::fixed_array 930 absl::log 931 absl::strings 932 sandbox2::comms 933 sandbox2::comms_test_proto 934 sapi::status_matchers 935 sapi::test_main 936 ) 937 gtest_discover_tests_xcompile(sandbox2_comms_test) 938 939 # sandboxed_api/sandbox2:forkserver_test 940 add_executable(sandbox2_forkserver_test 941 forkserver_test.cc 942 global_forkclient.h 943 ) 944 set_target_properties(sandbox2_forkserver_test PROPERTIES 945 OUTPUT_NAME forkserver_test 946 ) 947 add_dependencies(sandbox2_forkserver_test 948 sandbox2::testcase_minimal 949 ) 950 target_link_libraries(sandbox2_forkserver_test PRIVATE 951 absl::check 952 absl::strings 953 sandbox2::forkserver 954 sandbox2::forkserver_proto 955 sandbox2::sandbox2 956 sapi::raw_logging 957 sapi::testing 958 sapi::test_main 959 ) 960 gtest_discover_tests_xcompile(sandbox2_forkserver_test PROPERTIES 961 ENVIRONMENT "TEST_TMPDIR=/tmp" 962 ENVIRONMENT "TEST_SRCDIR=${PROJECT_BINARY_DIR}" 963 ) 964 965 # sandboxed_api/sandbox2:limits_test 966 add_executable(sandbox2_limits_test 967 limits_test.cc 968 ) 969 set_target_properties(sandbox2_limits_test PROPERTIES 970 OUTPUT_NAME limits_test 971 ) 972 add_dependencies(sandbox2_limits_test 973 sandbox2::testcase_limits 974 sandbox2::testcase_minimal 975 ) 976 target_link_libraries(sandbox2_limits_test PRIVATE 977 sandbox2::bpf_helper 978 sapi::config 979 sandbox2::limits 980 sandbox2::sandbox2 981 sapi::testing 982 sapi::status_matchers 983 sapi::test_main 984 ) 985 gtest_discover_tests_xcompile(sandbox2_limits_test PROPERTIES 986 ENVIRONMENT "TEST_TMPDIR=/tmp" 987 ENVIRONMENT "TEST_SRCDIR=${PROJECT_BINARY_DIR}" 988 ) 989 990 # sandboxed_api/sandbox2:notify_test 991 add_executable(sandbox2_notify_test 992 notify_test.cc 993 ) 994 set_target_properties(sandbox2_notify_test PROPERTIES 995 OUTPUT_NAME notify_test 996 ) 997 add_dependencies(sandbox2_notify_test 998 sandbox2::testcase_personality 999 sandbox2::testcase_pidcomms 1000 ) 1001 target_link_libraries(sandbox2_notify_test PRIVATE 1002 absl::strings 1003 sandbox2::comms 1004 sandbox2::regs 1005 sandbox2::sandbox2 1006 sandbox2::trace_all_syscalls 1007 sapi::testing 1008 sapi::test_main 1009 ) 1010 gtest_discover_tests_xcompile(sandbox2_notify_test PROPERTIES 1011 ENVIRONMENT "TEST_TMPDIR=/tmp" 1012 ENVIRONMENT "TEST_SRCDIR=${PROJECT_BINARY_DIR}" 1013 ) 1014 1015 # sandboxed_api/sandbox2:policy_test 1016 add_executable(sandbox2_policy_test 1017 policy_test.cc 1018 ) 1019 set_target_properties(sandbox2_policy_test PROPERTIES 1020 OUTPUT_NAME policy_test 1021 ) 1022 add_dependencies(sandbox2_policy_test 1023 sandbox2::testcase_add_policy_on_syscalls 1024 sandbox2::testcase_malloc_system 1025 sandbox2::testcase_minimal 1026 sandbox2::testcase_minimal_dynamic 1027 sandbox2::testcase_policy 1028 ) 1029 target_link_libraries(sandbox2_policy_test PRIVATE 1030 absl::strings 1031 sandbox2::bpf_helper 1032 sapi::config 1033 sandbox2::sandbox2 1034 sapi::status_matchers 1035 sapi::testing 1036 sapi::test_main 1037 ) 1038 gtest_discover_tests_xcompile(sandbox2_policy_test PROPERTIES 1039 ENVIRONMENT "TEST_TMPDIR=/tmp" 1040 ENVIRONMENT "TEST_SRCDIR=${PROJECT_BINARY_DIR}" 1041 ) 1042 1043 # sandboxed_api/sandbox2:sandbox2_test 1044 add_executable(sandbox2_sandbox2_test 1045 sandbox2_test.cc 1046 ) 1047 set_target_properties(sandbox2_sandbox2_test PROPERTIES 1048 OUTPUT_NAME sandbox2_test 1049 ) 1050 add_dependencies(sandbox2_sandbox2_test 1051 sandbox2::testcase_abort 1052 sandbox2::testcase_custom_fork 1053 sandbox2::testcase_minimal 1054 sandbox2::testcase_sleep 1055 sandbox2::testcase_tsync 1056 ) 1057 target_link_libraries(sandbox2_sandbox2_test PRIVATE 1058 absl::status 1059 absl::statusor 1060 absl::strings 1061 absl::synchronization 1062 absl::time 1063 sapi::config 1064 sandbox2::fork_client 1065 sandbox2::sandbox2 1066 sapi::testing 1067 sapi::status_matchers 1068 sapi::test_main 1069 ) 1070 gtest_discover_tests_xcompile(sandbox2_sandbox2_test PROPERTIES 1071 ENVIRONMENT "TEST_TMPDIR=/tmp" 1072 ENVIRONMENT "TEST_SRCDIR=${PROJECT_BINARY_DIR}" 1073 ) 1074 1075 # sandboxed_api/sandbox2:sanitizer_test 1076 add_executable(sandbox2_sanitizer_test 1077 sanitizer_test.cc 1078 ) 1079 set_target_properties(sandbox2_sanitizer_test PROPERTIES 1080 OUTPUT_NAME sanitizer_test 1081 ) 1082 add_dependencies(sandbox2_sanitizer_test 1083 sandbox2::testcase_sanitizer 1084 sandbox2::testcase_close_fds 1085 ) 1086 target_link_libraries(sandbox2_sanitizer_test PRIVATE 1087 absl::strings 1088 sandbox2::bpf_helper 1089 sandbox2::client 1090 sandbox2::comms 1091 sandbox2::sandbox2 1092 sandbox2::sanitizer 1093 sapi::testing 1094 sandbox2::util 1095 sapi::status_matchers 1096 sapi::test_main 1097 ) 1098 gtest_discover_tests_xcompile(sandbox2_sanitizer_test PROPERTIES 1099 ENVIRONMENT "TEST_TMPDIR=/tmp" 1100 ENVIRONMENT "TEST_SRCDIR=${PROJECT_BINARY_DIR}" 1101 ) 1102 1103 # sandboxed_api/sandbox2:util_test 1104 add_executable(sandbox2_util_test 1105 util_test.cc 1106 ) 1107 set_target_properties(sandbox2_util_test PROPERTIES 1108 OUTPUT_NAME util_test 1109 ) 1110 target_link_libraries(sandbox2_util_test PRIVATE 1111 sandbox2::util 1112 absl::statusor 1113 absl::strings 1114 absl::cleanup 1115 sapi::status_matchers 1116 sapi::test_main 1117 ) 1118 gtest_discover_tests_xcompile(sandbox2_util_test) 1119 1120 # sandboxed_api/sandbox2:stack_trace_test 1121 add_executable(sandbox2_stack_trace_test 1122 stack_trace_test.cc 1123 ) 1124 set_target_properties(sandbox2_stack_trace_test PROPERTIES 1125 OUTPUT_NAME stack_trace_test 1126 ) 1127 add_dependencies(sandbox2_stack_trace_test 1128 sandbox2::testcase_symbolize 1129 ) 1130 target_link_libraries(sandbox2_stack_trace_test PRIVATE 1131 absl::check 1132 absl::flags 1133 absl::log_severity 1134 absl::scoped_mock_log 1135 absl::status 1136 absl::strings 1137 absl::time 1138 sandbox2::global_forkserver 1139 sandbox2::sandbox2 1140 sandbox2::stack_trace 1141 sandbox2::util 1142 sapi::fileops 1143 sapi::testing 1144 sapi::status_matchers 1145 sapi::test_main 1146 ) 1147 gtest_discover_tests_xcompile(sandbox2_stack_trace_test PROPERTIES 1148 ENVIRONMENT "TEST_TMPDIR=/tmp" 1149 ENVIRONMENT "TEST_SRCDIR=${PROJECT_BINARY_DIR}" 1150 ) 1151 1152 # sandboxed_api/sandbox2:ipc_test 1153 add_executable(sandbox2_ipc_test 1154 ipc_test.cc 1155 ) 1156 set_target_properties(sandbox2_ipc_test PROPERTIES 1157 OUTPUT_NAME ipc_test 1158 ) 1159 add_dependencies(sandbox2_ipc_test 1160 sandbox2::testcase_ipc 1161 ) 1162 target_link_libraries(sandbox2_ipc_test PRIVATE 1163 sandbox2::comms 1164 sandbox2::ipc 1165 sandbox2::sandbox2 1166 sapi::testing 1167 sapi::status_matchers 1168 sapi::test_main 1169 ) 1170 gtest_discover_tests_xcompile(sandbox2_ipc_test PROPERTIES 1171 ENVIRONMENT "TEST_TMPDIR=/tmp" 1172 ENVIRONMENT "TEST_SRCDIR=${PROJECT_BINARY_DIR}" 1173 ) 1174 1175 # sandboxed_api/sandbox2:policybuilder_test 1176 add_executable(sandbox2_policybuilder_test 1177 policybuilder_test.cc 1178 ) 1179 set_target_properties(sandbox2_policybuilder_test PROPERTIES 1180 OUTPUT_NAME policybuilder_test 1181 ) 1182 target_link_libraries(sandbox2_policybuilder_test 1183 PRIVATE absl::strings 1184 absl::log 1185 absl::status 1186 absl::statusor 1187 sandbox2::bpf_helper 1188 sandbox2::policy 1189 sandbox2::policybuilder 1190 sandbox2::violation_proto 1191 sapi::testing 1192 sapi::status_matchers 1193 sapi::test_main 1194 ) 1195 gtest_discover_tests_xcompile(sandbox2_policybuilder_test PROPERTIES 1196 ENVIRONMENT "TEST_TMPDIR=/tmp" 1197 ENVIRONMENT "TEST_SRCDIR=${PROJECT_BINARY_DIR}" 1198 ) 1199 1200 # sandboxed_api/sandbox2:bpfdisassembler_test 1201 add_executable(sandbox2_bpfdisassembler_test 1202 bpfdisassembler_test.cc 1203 ) 1204 set_target_properties(sandbox2_bpfdisassembler_test PROPERTIES 1205 OUTPUT_NAME bpfdisassembler_test 1206 ) 1207 target_link_libraries(sandbox2_bpfdisassembler_test 1208 PRIVATE sandbox2::bpfdisassembler 1209 sandbox2::bpf_helper 1210 sapi::test_main 1211 ) 1212 gtest_discover_tests_xcompile(sandbox2_bpfdisassembler_test PROPERTIES 1213 ENVIRONMENT "TEST_TMPDIR=/tmp" 1214 ENVIRONMENT "TEST_SRCDIR=${PROJECT_BINARY_DIR}" 1215 ) 1216 1217 # sandboxed_api/sandbox2:network_proxy_test 1218 add_executable(sandbox2_network_proxy_test 1219 network_proxy_test.cc 1220 ) 1221 set_target_properties(sandbox2_network_proxy_test PROPERTIES 1222 OUTPUT_NAME network_proxy_test 1223 ) 1224 target_link_libraries(sandbox2_network_proxy_test 1225 PRIVATE absl::status 1226 absl::strings 1227 absl::time 1228 sandbox2::sandbox2 1229 sandbox2::network_proxy_testing 1230 sapi::status_matchers 1231 sapi::testing 1232 sapi::test_main 1233 ) 1234 gtest_discover_tests_xcompile(sandbox2_bpfdisassembler_test PROPERTIES 1235 ENVIRONMENT "TEST_TMPDIR=/tmp" 1236 ENVIRONMENT "TEST_SRCDIR=${PROJECT_BINARY_DIR}" 1237 ) 1238 1239endif() 1240 1241configure_file( 1242 "${PROJECT_SOURCE_DIR}/cmake/sandbox2.pc.in" 1243 "${PROJECT_BINARY_DIR}/sandbox2.pc" 1244 @ONLY 1245) 1246 1247install(FILES "${PROJECT_BINARY_DIR}/sandbox2.pc" 1248 DESTINATION "${CMAKE_INSTALL_LIBDIR}/pkgconfig") 1249