CMake build improvements

- Check for Linux (Android TBD once that lands) and C++17
- Move `SAPI_HARDENED_SOURCE` check after compile options are evaluated
- Use a more modern way to set the required C++ standard, compatible with
  Abseil's `ABSL_PROPAGATE_CXX_STD`.
- Scope `-fno-exceptions` and `POSITION_INDEPENDENT_CODE` to SAPI targets
- Increase maximum stack frame size yet again

PiperOrigin-RevId: 422369190
Change-Id: If75405ee43740de90196f52cddc8938482eae851
This commit is contained in:
Christian Blichmann 2022-01-17 08:16:33 -08:00 committed by Copybara-Service
parent a339850dbf
commit 066af80c8b
2 changed files with 56 additions and 51 deletions

View File

@ -26,24 +26,29 @@ endif()
project(SandboxedAPI C CXX ASM) project(SandboxedAPI C CXX ASM)
# TODO(cblichmann): Enable for Android once support lands
if(NOT CMAKE_SYSTEM_NAME MATCHES "Linux")
message(FATAL_ERROR "Sandboxed API is only supported on Linux")
endif()
# SAPI-wide setting for the language level # SAPI-wide setting for the language level
set(SAPI_CXX_STANDARD 17) set(SAPI_CXX_STANDARD 17)
if(NOT CMAKE_CXX_STANDARD)
set(CMAKE_CXX_STANDARD ${SAPI_CXX_STANDARD})
elseif(CMAKE_CXX_STANDARD LESS ${SAPI_CXX_STANDARD})
message(FATAL_ERROR
"Sandboxed API requires C++17. To ensure ABI compatibility"
" build and link all targets of the project with the same"
" version of C++."
)
endif()
set(SAPI_BINARY_DIR "${PROJECT_BINARY_DIR}" CACHE INTERNAL "" FORCE) set(SAPI_BINARY_DIR "${PROJECT_BINARY_DIR}" CACHE INTERNAL "" FORCE)
set(SAPI_SOURCE_DIR "${PROJECT_SOURCE_DIR}" CACHE INTERNAL "" FORCE) set(SAPI_SOURCE_DIR "${PROJECT_SOURCE_DIR}" CACHE INTERNAL "" FORCE)
set(CMAKE_POSITION_INDEPENDENT_CODE TRUE CACHE BOOL "" FORCE)
include(CheckCXXCompilerFlag) include(CheckCXXCompilerFlag)
# TODO(cblichmann): Only apply this to SAPI and its dependencies
add_compile_options(-fno-exceptions)
if(SAPI_HARDENED_SOURCE)
add_compile_options(-fstack-protector -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2)
add_link_options(-Wl,-z,relro -Wl,-z,now)
endif()
# Sapi CMake modules, order matters # Sapi CMake modules, order matters
list(APPEND CMAKE_MODULE_PATH "${SAPI_SOURCE_DIR}/cmake" list(APPEND CMAKE_MODULE_PATH "${SAPI_SOURCE_DIR}/cmake"
"${SAPI_SOURCE_DIR}/cmake/modules") "${SAPI_SOURCE_DIR}/cmake/modules")
@ -56,6 +61,11 @@ include(GNUInstallDirs)
# Allow the header generator to auto-configure include paths # Allow the header generator to auto-configure include paths
set(CMAKE_EXPORT_COMPILE_COMMANDS ON) set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
if(SAPI_HARDENED_SOURCE)
add_compile_options(-fstack-protector -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2)
add_link_options(-Wl,-z,relro -Wl,-z,now)
endif()
if(SAPI_FORCE_COLOR_OUTPUT) if(SAPI_FORCE_COLOR_OUTPUT)
if(CMAKE_CXX_COMPILER_ID STREQUAL "GNU") # GCC if(CMAKE_CXX_COMPILER_ID STREQUAL "GNU") # GCC
add_compile_options(-fdiagnostics-color=always) add_compile_options(-fdiagnostics-color=always)
@ -76,33 +86,33 @@ add_library(sapi_base STATIC
"${SAPI_BINARY_DIR}/sapi_base_force_cxx_linkage.cc" "${SAPI_BINARY_DIR}/sapi_base_force_cxx_linkage.cc"
) )
add_library(sapi::base ALIAS sapi_base) add_library(sapi::base ALIAS sapi_base)
set_target_properties(sapi_base PROPERTIES target_compile_features(sapi_base PUBLIC
CXX_STANDARD ${SAPI_CXX_STANDARD} cxx_std_${SAPI_CXX_STANDARD}
CXX_STANDARD_REQUIRED TRUE
CXX_EXTENSIONS FALSE
SKIP_BUILD_RPATH TRUE
POSITION_INDEPENDENT_CODE TRUE
) )
target_include_directories(sapi_base INTERFACE set_target_properties(sapi_base PROPERTIES
SKIP_BUILD_RPATH ON
POSITION_INDEPENDENT_CODE ON
)
target_include_directories(sapi_base PUBLIC
"${SAPI_BINARY_DIR}" "${SAPI_BINARY_DIR}"
"${SAPI_SOURCE_DIR}" "${SAPI_SOURCE_DIR}"
"${Protobuf_INCLUDE_DIR}" "${Protobuf_INCLUDE_DIR}"
) )
if(UNIX) target_compile_options(sapi_base PUBLIC -fno-exceptions)
set(_sapi_check_no_deprecated set(_sapi_check_no_deprecated
-Wno-deprecated SAPI_HAS_W_NO_DEPRECATED -Wno-deprecated SAPI_HAS_W_NO_DEPRECATED
) )
# For sandbox2/util.cc's CloneAndJump() # For sandbox2/util.cc's CloneAndJump()
set(_sapi_check_frame_larger_than set(_sapi_check_frame_larger_than
-Wframe-larger-than=20480 SAPI_HAS_W_FRAME_LARGER_THAN -Wframe-larger-than=40960 SAPI_HAS_W_FRAME_LARGER_THAN
) )
set(_sapi_check_no_deprecated_declarations set(_sapi_check_no_deprecated_declarations
-Wno-deprecated-declarations SAPI_HAS_W_NO_DEPRECATED_DECLARATIONS -Wno-deprecated-declarations SAPI_HAS_W_NO_DEPRECATED_DECLARATIONS
) )
set(_sapi_check_no_psabi set(_sapi_check_no_psabi
-Wno-psabi SAPI_HAS_W_NO_PSABI -Wno-psabi SAPI_HAS_W_NO_PSABI
) )
foreach(check IN ITEMS _sapi_check_no_deprecated foreach(check IN ITEMS _sapi_check_no_deprecated
_sapi_check_frame_larger_than _sapi_check_frame_larger_than
_sapi_check_no_deprecated_declarations _sapi_check_no_deprecated_declarations
_sapi_check_no_psabi) _sapi_check_no_psabi)
@ -110,10 +120,9 @@ if(UNIX)
list(GET ${check} 1 var_name) list(GET ${check} 1 var_name)
check_cxx_compiler_flag(${opt_value} ${var_name}) check_cxx_compiler_flag(${opt_value} ${var_name})
if(${var_name}) if(${var_name})
target_compile_options(sapi_base INTERFACE ${opt_value}) target_compile_options(sapi_base PUBLIC ${opt_value})
endif() endif()
endforeach() endforeach()
endif()
add_library(sapi_test_main INTERFACE) add_library(sapi_test_main INTERFACE)
add_library(sapi::test_main ALIAS sapi_test_main) add_library(sapi::test_main ALIAS sapi_test_main)

View File

@ -51,15 +51,14 @@ if(error)
message(FATAL_ERROR "Build step for ${PROJECT_NAME} failed: ${error}") message(FATAL_ERROR "Build step for ${PROJECT_NAME} failed: ${error}")
endif() endif()
set(_sapi_saved_CMAKE_CXX_STANDARD ${CMAKE_CXX_STANDARD})
set(_sapi_saved_BUILD_TESTING ${BUILD_TESTING}) set(_sapi_saved_BUILD_TESTING ${BUILD_TESTING})
set(CMAKE_CXX_STANDARD ${SAPI_CXX_STANDARD})
set(ABSL_USE_GOOGLETEST_HEAD OFF CACHE BOOL "" FORCE)
set(ABSL_RUN_TESTS OFF CACHE BOOL "" FORCE)
set(BUILD_TESTING OFF) # Avoid errors when re-configuring SAPI
set(ABSL_CXX_STANDARD ${SAPI_CXX_STANDARD} CACHE STRING "" FORCE) set(ABSL_CXX_STANDARD ${SAPI_CXX_STANDARD} CACHE STRING "" FORCE)
set(ABSL_ENABLE_INSTALL ON CACHE BOOL "" FORCE) set(ABSL_ENABLE_INSTALL ON CACHE BOOL "" FORCE)
set(ABSL_PROPAGATE_CXX_STD ON CACHE BOOL "" FORCE)
set(ABSL_RUN_TESTS OFF CACHE BOOL "" FORCE)
set(ABSL_USE_GOOGLETEST_HEAD OFF CACHE BOOL "" FORCE)
set(BUILD_TESTING OFF) # Avoid errors when re-configuring SAPI
add_subdirectory("${SAPI_ABSL_SOURCE_DIR}" add_subdirectory("${SAPI_ABSL_SOURCE_DIR}"
"${SAPI_ABSL_BINARY_DIR}" EXCLUDE_FROM_ALL) "${SAPI_ABSL_BINARY_DIR}" EXCLUDE_FROM_ALL)
@ -67,6 +66,3 @@ add_subdirectory("${SAPI_ABSL_SOURCE_DIR}"
if(_sapi_saved_BUILD_TESTING) if(_sapi_saved_BUILD_TESTING)
set(BUILD_TESTING "${_sapi_saved_BUILD_TESTING}") set(BUILD_TESTING "${_sapi_saved_BUILD_TESTING}")
endif() endif()
if(_sapi_saved_CMAKE_CXX_STANDARD)
set(CMAKE_CXX_STANDARD "${_sapi_saved_CMAKE_CXX_STANDARD}")
endif()