2020-01-17 21:05:03 +08:00
|
|
|
# Copyright 2019 Google LLC
|
2019-05-06 20:03:29 +08:00
|
|
|
#
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
#
|
2022-01-28 17:38:27 +08:00
|
|
|
# https://www.apache.org/licenses/LICENSE-2.0
|
2019-05-06 20:03:29 +08:00
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
# limitations under the License.
|
|
|
|
|
2022-01-25 20:48:07 +08:00
|
|
|
cmake_minimum_required(VERSION 3.13..3.22)
|
2019-05-06 20:03:29 +08:00
|
|
|
|
2022-02-17 18:30:43 +08:00
|
|
|
if(POLICY CMP0083)
|
|
|
|
cmake_policy(SET CMP0083 NEW)
|
|
|
|
endif()
|
|
|
|
|
2019-07-26 20:50:45 +08:00
|
|
|
project(SandboxedAPI C CXX ASM)
|
2019-05-06 20:03:29 +08:00
|
|
|
|
2022-01-18 00:16:33 +08:00
|
|
|
# TODO(cblichmann): Enable for Android once support lands
|
|
|
|
if(NOT CMAKE_SYSTEM_NAME MATCHES "Linux")
|
|
|
|
message(FATAL_ERROR "Sandboxed API is only supported on Linux")
|
|
|
|
endif()
|
|
|
|
|
2019-07-09 21:11:47 +08:00
|
|
|
# SAPI-wide setting for the language level
|
2019-11-20 20:39:44 +08:00
|
|
|
set(SAPI_CXX_STANDARD 17)
|
2019-07-09 21:11:47 +08:00
|
|
|
|
2022-01-18 00:16:33 +08:00
|
|
|
if(NOT CMAKE_CXX_STANDARD)
|
|
|
|
set(CMAKE_CXX_STANDARD ${SAPI_CXX_STANDARD})
|
|
|
|
elseif(CMAKE_CXX_STANDARD LESS ${SAPI_CXX_STANDARD})
|
|
|
|
message(FATAL_ERROR
|
|
|
|
"Sandboxed API requires C++17. To ensure ABI compatibility"
|
|
|
|
" build and link all targets of the project with the same"
|
|
|
|
" version of C++."
|
|
|
|
)
|
|
|
|
endif()
|
|
|
|
|
2019-07-26 20:50:45 +08:00
|
|
|
set(SAPI_BINARY_DIR "${PROJECT_BINARY_DIR}" CACHE INTERNAL "" FORCE)
|
|
|
|
set(SAPI_SOURCE_DIR "${PROJECT_SOURCE_DIR}" CACHE INTERNAL "" FORCE)
|
|
|
|
|
2022-01-18 19:22:35 +08:00
|
|
|
get_directory_property(_sapi_has_parent PARENT_DIRECTORY)
|
|
|
|
if(PROJECT_IS_TOP_LEVEL OR NOT _sapi_has_parent)
|
|
|
|
set(SAPI_PROJECT_IS_TOP_LEVEL ON)
|
|
|
|
endif()
|
|
|
|
|
2019-07-30 21:51:15 +08:00
|
|
|
include(CheckCXXCompilerFlag)
|
|
|
|
|
2022-04-06 21:23:45 +08:00
|
|
|
# Allow the header generator to auto-configure include paths. Need to set a
|
|
|
|
# cache variable, so that sub- and super-projects also have this enabled.
|
|
|
|
set(CMAKE_EXPORT_COMPILE_COMMANDS ON CACHE INTERNAL "")
|
2019-06-25 20:48:56 +08:00
|
|
|
|
2022-02-16 17:47:46 +08:00
|
|
|
set(CMAKE_SKIP_BUILD_RPATH ON)
|
|
|
|
|
|
|
|
if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.14)
|
|
|
|
include(CheckPIESupported)
|
|
|
|
check_pie_supported()
|
2022-02-17 18:30:43 +08:00
|
|
|
set(CMAKE_POSITION_INDEPENDENT_CODE ON)
|
2022-02-16 17:47:46 +08:00
|
|
|
endif()
|
|
|
|
|
2022-02-17 18:30:43 +08:00
|
|
|
# SAPI CMake modules, order matters
|
|
|
|
list(APPEND CMAKE_MODULE_PATH "${SAPI_SOURCE_DIR}/cmake"
|
|
|
|
"${SAPI_SOURCE_DIR}/cmake/modules")
|
|
|
|
include(SapiOptions)
|
|
|
|
include(SapiDeps)
|
|
|
|
include(SapiUtil)
|
|
|
|
include(SapiBuildDefs)
|
|
|
|
include(GNUInstallDirs)
|
|
|
|
|
2022-01-18 00:16:33 +08:00
|
|
|
if(SAPI_HARDENED_SOURCE)
|
|
|
|
add_compile_options(-fstack-protector -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2)
|
|
|
|
add_link_options(-Wl,-z,relro -Wl,-z,now)
|
|
|
|
endif()
|
|
|
|
|
2020-12-12 06:58:01 +08:00
|
|
|
if(SAPI_FORCE_COLOR_OUTPUT)
|
2019-06-25 20:48:56 +08:00
|
|
|
if(CMAKE_CXX_COMPILER_ID STREQUAL "GNU") # GCC
|
|
|
|
add_compile_options(-fdiagnostics-color=always)
|
|
|
|
elseif(CMAKE_CXX_COMPILER_ID MATCHES "Clang") # Clang or Apple Clang
|
|
|
|
add_compile_options(-fcolor-diagnostics)
|
|
|
|
endif()
|
|
|
|
endif()
|
|
|
|
|
2019-07-15 19:12:55 +08:00
|
|
|
# Make Bazel-style includes work
|
2019-05-06 20:03:29 +08:00
|
|
|
configure_file(cmake/libcap_capability.h.in
|
2019-07-01 17:53:20 +08:00
|
|
|
libcap/include/sys/capability.h
|
2019-05-06 20:03:29 +08:00
|
|
|
@ONLY)
|
|
|
|
|
2019-06-04 18:02:44 +08:00
|
|
|
# Library with basic project settings. The empty file is there to be able to
|
|
|
|
# define header-only libraries without cumbersome target_sources() hacks.
|
2022-02-16 17:47:46 +08:00
|
|
|
file(WRITE "${SAPI_BINARY_DIR}/sapi_base_force_cxx_linkage.cc" "")
|
2019-06-04 18:02:44 +08:00
|
|
|
add_library(sapi_base STATIC
|
2019-07-26 20:50:45 +08:00
|
|
|
"${SAPI_BINARY_DIR}/sapi_base_force_cxx_linkage.cc"
|
2019-06-04 18:02:44 +08:00
|
|
|
)
|
2019-05-06 20:03:29 +08:00
|
|
|
add_library(sapi::base ALIAS sapi_base)
|
2022-01-18 00:16:33 +08:00
|
|
|
target_compile_features(sapi_base PUBLIC
|
|
|
|
cxx_std_${SAPI_CXX_STANDARD}
|
|
|
|
)
|
2019-07-09 21:11:47 +08:00
|
|
|
set_target_properties(sapi_base PROPERTIES
|
2022-02-16 17:47:46 +08:00
|
|
|
INTERFACE_POSITION_INDEPENDENT_CODE ON
|
2019-07-09 21:11:47 +08:00
|
|
|
)
|
2022-01-18 00:16:33 +08:00
|
|
|
target_include_directories(sapi_base PUBLIC
|
2019-07-26 20:50:45 +08:00
|
|
|
"${SAPI_BINARY_DIR}"
|
|
|
|
"${SAPI_SOURCE_DIR}"
|
|
|
|
"${Protobuf_INCLUDE_DIR}"
|
2019-05-06 20:03:29 +08:00
|
|
|
)
|
2022-02-17 18:30:43 +08:00
|
|
|
target_compile_options(sapi_base PUBLIC
|
|
|
|
-fno-exceptions
|
|
|
|
)
|
|
|
|
if(CMAKE_CXX_COMPILER_ID MATCHES "Clang")
|
|
|
|
target_compile_options(sapi_base PUBLIC
|
|
|
|
# The syscall tables in sandbox2/syscall_defs.cc are `std::array`s using
|
|
|
|
# CTAD and have more entries than the default limit of 256.
|
|
|
|
-fbracket-depth=768
|
|
|
|
)
|
|
|
|
endif()
|
2022-01-18 00:16:33 +08:00
|
|
|
set(_sapi_check_no_deprecated
|
|
|
|
-Wno-deprecated SAPI_HAS_W_NO_DEPRECATED
|
|
|
|
)
|
|
|
|
set(_sapi_check_frame_larger_than
|
2022-02-17 18:30:43 +08:00
|
|
|
# For sandbox2/util.cc's CloneAndJump()
|
2022-01-18 00:16:33 +08:00
|
|
|
-Wframe-larger-than=40960 SAPI_HAS_W_FRAME_LARGER_THAN
|
|
|
|
)
|
|
|
|
set(_sapi_check_no_deprecated_declarations
|
|
|
|
-Wno-deprecated-declarations SAPI_HAS_W_NO_DEPRECATED_DECLARATIONS
|
|
|
|
)
|
|
|
|
set(_sapi_check_no_psabi
|
|
|
|
-Wno-psabi SAPI_HAS_W_NO_PSABI
|
|
|
|
)
|
|
|
|
foreach(check IN ITEMS _sapi_check_no_deprecated
|
|
|
|
_sapi_check_frame_larger_than
|
|
|
|
_sapi_check_no_deprecated_declarations
|
|
|
|
_sapi_check_no_psabi)
|
|
|
|
list(GET ${check} 0 opt_value)
|
|
|
|
list(GET ${check} 1 var_name)
|
|
|
|
check_cxx_compiler_flag(${opt_value} ${var_name})
|
|
|
|
if(${var_name})
|
|
|
|
target_compile_options(sapi_base PUBLIC ${opt_value})
|
|
|
|
endif()
|
|
|
|
endforeach()
|
2019-05-06 20:03:29 +08:00
|
|
|
|
|
|
|
add_library(sapi_test_main INTERFACE)
|
|
|
|
add_library(sapi::test_main ALIAS sapi_test_main)
|
|
|
|
target_link_libraries(sapi_test_main INTERFACE
|
|
|
|
gtest_main
|
|
|
|
gmock
|
|
|
|
sapi::base
|
|
|
|
)
|
|
|
|
|
2019-07-26 20:50:45 +08:00
|
|
|
if(SAPI_ENABLE_TESTS)
|
|
|
|
include(GoogleTest)
|
|
|
|
# Setup tests to work like with Bazel
|
|
|
|
create_directory_symlink("${SAPI_BINARY_DIR}" com_google_sandboxed_api)
|
|
|
|
enable_testing()
|
|
|
|
endif()
|
2019-05-06 20:03:29 +08:00
|
|
|
|
|
|
|
add_subdirectory(sandboxed_api)
|
2022-02-02 23:01:48 +08:00
|
|
|
|
|
|
|
if(SAPI_ENABLE_TESTS AND SAPI_ENABLE_CONTRIB_TESTS)
|
|
|
|
add_subdirectory(contrib)
|
|
|
|
endif()
|