Google Git
Sign in
android / platform / external / sandboxed-api / 177b969e8cf96b6254fa9195e4c501dc12a82de9 / . / sandboxed_api / sandbox2 / testcases / BUILD.bazel
blob: 2fc0e81d96277f450f7ca1c9cbc54ef05029fd84 [file] [log] [blame]
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Description: test cases for sandbox2 unit tests.
#
# The following cc_binary options avoid dynamic linking which uses a lot of
# syscalls (open, mmap, etc.):
# linkopts = ["-static"]
# linkstatic = 1
# features = ["-pie"]
# Bazel adds -pie by default but -static is incompatible with it, so we use
# the features flag to force it off.
package(default_visibility = [
"//sandboxed_api/sandbox2:__subpackages__",
])
licenses(["notice"]) # Apache 2.0
STATIC_LINKOPTS = [
# Necessary for linking pthread statically into the binary. See the
# answer to https://stackoverflow.com/questions/35116327/ for context.
# The odd '-Wl,' prefix before '-lpthread' is a workaround for Bazel's
# behavior when constructing the final linker command line.
"-Wl,--whole-archive",
"-Wl,-lpthread",
"-Wl,--no-whole-archive",
]
cc_binary(
name = "abort",
testonly = 1,
srcs = ["abort.cc"],
deps = ["//sandboxed_api/util:raw_logging"],
)
# security: disable=cc-static-no-pie
cc_binary(
name = "add_policy_on_syscalls",
testonly = 1,
srcs = ["add_policy_on_syscalls.cc"],
features = [
"-pie",
"fully_static_link", # link libc statically
],
linkopts = STATIC_LINKOPTS,
linkstatic = 1, # prefer static libraries
)
# security: disable=cc-static-no-pie
cc_binary(
name = "buffer",
testonly = 1,
srcs = ["buffer.cc"],
features = [
"-pie",
"fully_static_link", # link libc statically
],
linkopts = STATIC_LINKOPTS,
linkstatic = 1, # prefer static libraries
deps = [
"//sandboxed_api/sandbox2:buffer",
"//sandboxed_api/sandbox2:comms",
"@com_google_absl//absl/strings:str_format",
],
)
cc_binary(
name = "ipc",
testonly = 1,
srcs = ["ipc.cc"],
deps = [
"//sandboxed_api/sandbox2:client",
"//sandboxed_api/sandbox2:comms",
"//sandboxed_api/util:raw_logging",
"@com_google_absl//absl/strings",
],
)
# security: disable=cc-static-no-pie
cc_binary(
name = "malloc_system",
testonly = 1,
srcs = ["malloc.cc"],
features = [
"-pie",
"fully_static_link", # link libc statically
],
linkopts = STATIC_LINKOPTS,
linkstatic = 1, # prefer static libraries
)
cc_binary(
name = "minimal_dynamic",
testonly = 1,
srcs = ["minimal.cc"],
)
# security: disable=cc-static-no-pie
cc_binary(
name = "minimal",
testonly = 1,
srcs = ["minimal.cc"],
features = [
"-pie",
"fully_static_link", # link libc statically
],
linkopts = STATIC_LINKOPTS,
linkstatic = 1, # prefer static libraries
)
# security: disable=cc-static-no-pie
cc_binary(
name = "personality",
testonly = 1,
srcs = ["personality.cc"],
features = [
"-pie",
"fully_static_link", # link libc statically
],
linkopts = STATIC_LINKOPTS,
linkstatic = 1, # prefer static libraries
)
# security: disable=cc-static-no-pie
cc_binary(
name = "pidcomms",
testonly = 1,
srcs = ["pidcomms.cc"],
features = [
"-pie",
"fully_static_link", # link libc statically
],
linkopts = STATIC_LINKOPTS,
linkstatic = 1, # prefer static libraries
deps = [
"//sandboxed_api/sandbox2:client",
"//sandboxed_api/sandbox2:comms",
"//sandboxed_api/util:raw_logging",
],
)
# security: disable=cc-static-no-pie
cc_binary(
name = "policy",
testonly = 1,
srcs = ["policy.cc"],
features = [
"-pie",
"fully_static_link", # link libc statically
],
linkopts = STATIC_LINKOPTS,
linkstatic = 1, # prefer static libraries
)
# security: disable=cc-static-no-pie
cc_binary(
name = "print_fds",
testonly = 1,
srcs = ["print_fds.cc"],
features = [
"-pie",
"fully_static_link", # link libc statically
],
linkopts = STATIC_LINKOPTS,
linkstatic = 1, # prefer static libraries
)
# security: disable=cc-static-no-pie
cc_binary(
name = "sanitizer",
testonly = 1,
srcs = ["sanitizer.cc"],
features = [
"-pie",
"fully_static_link", # link libc statically
],
linkopts = STATIC_LINKOPTS,
linkstatic = 1, # prefer static libraries
)
# security: disable=cc-static-no-pie
cc_binary(
name = "sleep",
testonly = 1,
srcs = ["sleep.cc"],
features = [
"-pie",
"fully_static_link", # link libc statically
],
linkopts = STATIC_LINKOPTS,
linkstatic = 1, # prefer static libraries
)
# security: disable=cc-static-no-pie
cc_binary(
name = "symbolize",
testonly = 1,
srcs = ["symbolize.cc"],
features = [
"-pie",
"fully_static_link", # link libc statically
],
linkopts = STATIC_LINKOPTS,
linkstatic = 1, # prefer static libraries
deps = [
"//sandboxed_api/sandbox2/util:temp_file",
"//sandboxed_api/util:raw_logging",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/strings",
],
)
cc_binary(
name = "tsync",
testonly = 1,
srcs = ["tsync.cc"],
deps = [
"//sandboxed_api/sandbox2:client",
"//sandboxed_api/sandbox2:comms",
],
)
cc_binary(
name = "hostname",
testonly = 1,
srcs = ["hostname.cc"],
features = [
"-pie",
"fully_static_link", # link libc statically
],
linkopts = STATIC_LINKOPTS,
linkstatic = 1, # prefer static libraries
)
cc_binary(
name = "limits",
testonly = 1,
srcs = ["limits.cc"],
features = [
"-pie",
"fully_static_link", # link libc statically
],
linkopts = STATIC_LINKOPTS,
linkstatic = 1, # prefer static libraries
)
cc_binary(
name = "namespace",
testonly = 1,
srcs = ["namespace.cc"],
features = [
"-pie",
"fully_static_link", # link libc statically
],
linkopts = STATIC_LINKOPTS,
linkstatic = 1, # prefer static libraries
)