DXR is a code search and navigation tool aimed at making sense of large projects. It supports full-text and regex searches as well as structural queries.

Mercurial (56e7b9127e89)

VCS Links

Line Code
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131
# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
# vim: set filetype=python:
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.

SharedLibrary('mozsandbox')

# Depend on mozglue if and only if it's a shared library;
# this needs to match mozglue/build/moz.build:
if CONFIG['OS_TARGET'] == 'Android':
    USE_LIBS += [
        'mozglue',
    ]

USE_LIBS += [
    # For PR_GetEnv
    'nspr',
]

EXPORTS.mozilla += [
    'Sandbox.h',
    'SandboxInfo.h',
]

SOURCES += [
    '../chromium-shim/base/logging.cpp',
    '../chromium-shim/base/threading/platform_thread_linux.cpp',
    '../chromium/base/at_exit.cc',
    '../chromium/base/callback_internal.cc',
    '../chromium/base/lazy_instance.cc',
    '../chromium/base/memory/ref_counted.cc',
    '../chromium/base/memory/singleton.cc',
    '../chromium/base/strings/safe_sprintf.cc',
    '../chromium/base/strings/string16.cc',
    '../chromium/base/strings/string_piece.cc',
    '../chromium/base/strings/string_util.cc',
    '../chromium/base/strings/string_util_constants.cc',
    '../chromium/base/strings/stringprintf.cc',
    '../chromium/base/strings/utf_string_conversion_utils.cc',
    '../chromium/base/strings/utf_string_conversions.cc',
    '../chromium/base/synchronization/condition_variable_posix.cc',
    '../chromium/base/synchronization/lock.cc',
    '../chromium/base/synchronization/lock_impl_posix.cc',
    '../chromium/base/synchronization/waitable_event_posix.cc',
    '../chromium/base/third_party/icu/icu_utf.cc',
    '../chromium/base/threading/platform_thread_internal_posix.cc',
    '../chromium/base/threading/platform_thread_posix.cc',
    '../chromium/base/threading/thread_collision_warner.cc',
    '../chromium/base/threading/thread_id_name_manager.cc',
    '../chromium/base/threading/thread_local_storage.cc',
    '../chromium/base/threading/thread_local_storage_posix.cc',
    '../chromium/base/threading/thread_restrictions.cc',
    '../chromium/base/time/time.cc',
    '../chromium/base/time/time_exploded_posix.cc',
    '../chromium/base/time/time_now_posix.cc',
    '../chromium/sandbox/linux/bpf_dsl/bpf_dsl.cc',
    '../chromium/sandbox/linux/bpf_dsl/codegen.cc',
    '../chromium/sandbox/linux/bpf_dsl/dump_bpf.cc',
    '../chromium/sandbox/linux/bpf_dsl/policy.cc',
    '../chromium/sandbox/linux/bpf_dsl/policy_compiler.cc',
    '../chromium/sandbox/linux/bpf_dsl/syscall_set.cc',
    '../chromium/sandbox/linux/seccomp-bpf/die.cc',
    '../chromium/sandbox/linux/seccomp-bpf/syscall.cc',
    '../chromium/sandbox/linux/seccomp-bpf/trap.cc',
    '../chromium/sandbox/linux/services/syscall_wrappers.cc',
    'broker/SandboxBrokerCommon.cpp',
    'Sandbox.cpp',
    'SandboxBrokerClient.cpp',
    'SandboxFilter.cpp',
    'SandboxFilterUtil.cpp',
    'SandboxHooks.cpp',
    'SandboxInfo.cpp',
    'SandboxLogging.cpp',
    'SandboxReporterClient.cpp',
]

if CONFIG['MOZ_GMP_SANDBOX']:
    SOURCES += [
        'SandboxOpenedFiles.cpp',
    ]

# This copy of SafeSPrintf doesn't need to avoid the Chromium logging
# dependency like the one in libxul does, but this way the behavior is
# consistent.  See also the comment in SandboxLogging.h.
SOURCES['../chromium/base/strings/safe_sprintf.cc'].flags += ['-DNDEBUG']

if CONFIG['CC_TYPE'] in ('clang', 'gcc'):
    # Keep clang from warning about intentional 'switch' fallthrough in icu_utf.cc:
    SOURCES['../chromium/base/third_party/icu/icu_utf.cc'].flags += ['-Wno-implicit-fallthrough']
    SOURCES['../chromium/sandbox/linux/seccomp-bpf/trap.cc'].flags += ['-Wno-unreachable-code-return']

if CONFIG['CC_TYPE'] in ('clang', 'gcc'):
    CXXFLAGS += ['-Wno-shadow']
    SOURCES['../chromium/sandbox/linux/services/syscall_wrappers.cc'].flags += [
        '-Wno-empty-body',
    ]

# gcc lto likes to put the top level asm in syscall.cc in a different partition
# from the function using it which breaks the build.  Work around that by
# forcing there to be only one partition.
for f in CONFIG['OS_CXXFLAGS']:
    if f.startswith('-flto') and CONFIG['CC_TYPE'] != 'clang':
        LDFLAGS += ['--param lto-partitions=1']

DEFINES['NS_NO_XPCOM'] = True
DisableStlWrapping()

LOCAL_INCLUDES += ['/security/sandbox/linux']
LOCAL_INCLUDES += ['/security/sandbox/chromium-shim']
LOCAL_INCLUDES += ['/security/sandbox/chromium']
LOCAL_INCLUDES += ['/nsprpub']


if CONFIG['OS_TARGET'] != 'Android':
    # Needed for clock_gettime with glibc < 2.17:
    OS_LIBS += [
        'rt',
    ]

DIRS += [
    'broker',
    'glue',
    'interfaces',
    'launch',
    'reporter',
]

TEST_DIRS += [
    'gtest',
]