• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright 2014 The Chromium Authors. All rights reserved.
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
4
5import("//testing/test.gni")
6
7# This needs to be a static library rather than a sources set because small
8# portions of this are used in some contexts (like chrome_elf), and it
9# doesnn't seem to dead-code strip very well. This saves 12K on chrome_elf.dll,
10# over a source set, for example.
11static_library("sandbox") {
12  sources = [
13    "src/acl.cc",
14    "src/acl.h",
15    "src/app_container.cc",
16    "src/app_container.h",
17    "src/broker_services.cc",
18    "src/broker_services.h",
19    "src/crosscall_client.h",
20    "src/crosscall_params.h",
21    "src/crosscall_server.cc",
22    "src/crosscall_server.h",
23    "src/eat_resolver.cc",
24    "src/eat_resolver.h",
25    "src/filesystem_dispatcher.cc",
26    "src/filesystem_dispatcher.h",
27    "src/filesystem_interception.cc",
28    "src/filesystem_interception.h",
29    "src/filesystem_policy.cc",
30    "src/filesystem_policy.h",
31    "src/handle_closer.cc",
32    "src/handle_closer.h",
33    "src/handle_closer_agent.cc",
34    "src/handle_closer_agent.h",
35    "src/handle_dispatcher.cc",
36    "src/handle_dispatcher.h",
37    "src/handle_interception.cc",
38    "src/handle_interception.h",
39    "src/handle_policy.cc",
40    "src/handle_policy.h",
41    "src/interception.cc",
42    "src/interception.h",
43    "src/interception_agent.cc",
44    "src/interception_agent.h",
45    "src/interception_internal.h",
46    "src/interceptors.h",
47    "src/internal_types.h",
48    "src/ipc_tags.h",
49    "src/job.cc",
50    "src/job.h",
51    "src/named_pipe_dispatcher.cc",
52    "src/named_pipe_dispatcher.h",
53    "src/named_pipe_interception.cc",
54    "src/named_pipe_interception.h",
55    "src/named_pipe_policy.cc",
56    "src/named_pipe_policy.h",
57    "src/nt_internals.h",
58    "src/policy_broker.cc",
59    "src/policy_broker.h",
60    "src/policy_engine_opcodes.cc",
61    "src/policy_engine_opcodes.h",
62    "src/policy_engine_params.h",
63    "src/policy_engine_processor.cc",
64    "src/policy_engine_processor.h",
65    "src/policy_low_level.cc",
66    "src/policy_low_level.h",
67    "src/policy_params.h",
68    "src/policy_target.cc",
69    "src/policy_target.h",
70    "src/process_mitigations.cc",
71    "src/process_mitigations.h",
72    "src/process_mitigations_win32k_dispatcher.cc",
73    "src/process_mitigations_win32k_dispatcher.h",
74    "src/process_mitigations_win32k_interception.cc",
75    "src/process_mitigations_win32k_interception.h",
76    "src/process_mitigations_win32k_policy.cc",
77    "src/process_mitigations_win32k_policy.h",
78    "src/process_thread_dispatcher.cc",
79    "src/process_thread_dispatcher.h",
80    "src/process_thread_interception.cc",
81    "src/process_thread_interception.h",
82    "src/process_thread_policy.cc",
83    "src/process_thread_policy.h",
84    "src/registry_dispatcher.cc",
85    "src/registry_dispatcher.h",
86    "src/registry_interception.cc",
87    "src/registry_interception.h",
88    "src/registry_policy.cc",
89    "src/registry_policy.h",
90    "src/resolver.cc",
91    "src/resolver.h",
92    "src/restricted_token.cc",
93    "src/restricted_token.h",
94    "src/restricted_token_utils.cc",
95    "src/restricted_token_utils.h",
96    "src/sandbox.cc",
97    "src/sandbox.h",
98    "src/sandbox_factory.h",
99    "src/sandbox_globals.cc",
100    "src/sandbox_nt_types.h",
101    "src/sandbox_nt_util.cc",
102    "src/sandbox_nt_util.h",
103    "src/sandbox_policy.h",
104    "src/sandbox_policy_base.cc",
105    "src/sandbox_policy_base.h",
106    "src/sandbox_rand.cc",
107    "src/sandbox_rand.h",
108    "src/sandbox_types.h",
109    "src/sandbox_utils.cc",
110    "src/sandbox_utils.h",
111    "src/security_level.h",
112    "src/service_resolver.cc",
113    "src/service_resolver.h",
114    "src/sharedmem_ipc_client.cc",
115    "src/sharedmem_ipc_client.h",
116    "src/sharedmem_ipc_server.cc",
117    "src/sharedmem_ipc_server.h",
118    "src/sid.cc",
119    "src/sid.h",
120    "src/sync_dispatcher.cc",
121    "src/sync_dispatcher.h",
122    "src/sync_interception.cc",
123    "src/sync_interception.h",
124    "src/sync_policy.cc",
125    "src/sync_policy.h",
126    "src/target_interceptions.cc",
127    "src/target_interceptions.h",
128    "src/target_process.cc",
129    "src/target_process.h",
130    "src/target_services.cc",
131    "src/target_services.h",
132    "src/top_level_dispatcher.cc",
133    "src/top_level_dispatcher.h",
134    "src/win2k_threadpool.cc",
135    "src/win2k_threadpool.h",
136    "src/win_utils.cc",
137    "src/win_utils.h",
138    "src/window.cc",
139    "src/window.h",
140  ]
141
142  if (current_cpu == "x64") {
143    sources += [
144      "src/Wow64_64.cc",
145      "src/interceptors_64.cc",
146      "src/interceptors_64.h",
147      "src/resolver_64.cc",
148      "src/service_resolver_64.cc",
149    ]
150  } else if (current_cpu == "x86") {
151    sources += [
152      "src/Wow64.cc",
153      "src/Wow64.h",
154      "src/resolver_32.cc",
155      "src/service_resolver_32.cc",
156      "src/sidestep/ia32_modrm_map.cpp",
157      "src/sidestep/ia32_opcode_map.cpp",
158      "src/sidestep/mini_disassembler.cpp",
159      "src/sidestep/mini_disassembler.h",
160      "src/sidestep/mini_disassembler_types.h",
161      "src/sidestep/preamble_patcher.h",
162      "src/sidestep/preamble_patcher_with_stub.cpp",
163      "src/sidestep_resolver.cc",
164      "src/sidestep_resolver.h",
165    ]
166  }
167
168  configs += [ "//build/config:precompiled_headers" ]
169
170  deps = [
171    "//base",
172    "//base:base_static",
173  ]
174  if (current_cpu == "x86") {
175    deps += [ ":copy_wow_helper" ]
176  }
177}
178
179if (current_cpu == "x86") {
180  # Make a target that copies the wow_helper files to the out dir.
181  #
182  # TODO(brettw) we can probably just build this now that we have proper
183  # toolchain support.
184  copy("copy_wow_helper") {
185    sources = [
186      "wow_helper/wow_helper.exe",
187      "wow_helper/wow_helper.pdb",
188    ]
189    outputs = [
190      "$root_out_dir/{{source_file_part}}",
191    ]
192  }
193}
194
195test("sbox_integration_tests") {
196  sources = [
197    "src/address_sanitizer_test.cc",
198    "src/app_container_test.cc",
199    "src/file_policy_test.cc",
200    "src/handle_closer_test.cc",
201    "src/handle_inheritance_test.cc",
202    "src/handle_policy_test.cc",
203    "src/integrity_level_test.cc",
204    "src/ipc_ping_test.cc",
205    "src/lpc_policy_test.cc",
206    "src/named_pipe_policy_test.cc",
207    "src/policy_target_test.cc",
208    "src/process_mitigations_test.cc",
209    "src/process_policy_test.cc",
210    "src/registry_policy_test.cc",
211    "src/sync_policy_test.cc",
212    "src/sync_policy_test.h",
213    "src/unload_dll_test.cc",
214    "tests/common/controller.cc",
215    "tests/common/controller.h",
216    "tests/common/test_utils.cc",
217    "tests/common/test_utils.h",
218    "tests/integration_tests/integration_tests.cc",
219    "tests/integration_tests/integration_tests_test.cc",
220  ]
221
222  deps = [
223    ":sandbox",
224    "//base/test:test_support",
225    "//testing/gtest",
226  ]
227}
228
229test("sbox_validation_tests") {
230  sources = [
231    "tests/common/controller.cc",
232    "tests/common/controller.h",
233    "tests/validation_tests/commands.cc",
234    "tests/validation_tests/commands.h",
235    "tests/validation_tests/suite.cc",
236    "tests/validation_tests/unit_tests.cc",
237  ]
238
239  deps = [
240    ":sandbox",
241    "//base/test:test_support",
242    "//testing/gtest",
243  ]
244}
245
246test("sbox_unittests") {
247  sources = [
248    "src/app_container_unittest.cc",
249    "src/interception_unittest.cc",
250    "src/ipc_unittest.cc",
251    "src/job_unittest.cc",
252    "src/policy_engine_unittest.cc",
253    "src/policy_low_level_unittest.cc",
254    "src/policy_opcodes_unittest.cc",
255    "src/restricted_token_unittest.cc",
256    "src/sandbox_nt_util_unittest.cc",
257    "src/service_resolver_unittest.cc",
258    "src/sid_unittest.cc",
259    "src/threadpool_unittest.cc",
260    "src/win_utils_unittest.cc",
261    "tests/common/test_utils.cc",
262    "tests/common/test_utils.h",
263    "tests/unit_tests/unit_tests.cc",
264  ]
265
266  deps = [
267    ":sandbox",
268    "//base/test:test_support",
269    "//testing/gtest",
270  ]
271}
272
273test("sandbox_poc") {
274  sources = [
275    "sandbox_poc/main_ui_window.cc",
276    "sandbox_poc/main_ui_window.h",
277    "sandbox_poc/resource.h",
278    "sandbox_poc/sandbox.cc",
279    "sandbox_poc/sandbox.h",
280    "sandbox_poc/sandbox.ico",
281    "sandbox_poc/sandbox.rc",
282  ]
283
284  configs -= [ "//build/config/win:console" ]
285  configs += [ "//build/config/win:windowed" ]
286
287  libs = [ "comctl32.lib" ]
288
289  deps = [
290    ":pocdll",
291    ":sandbox",
292  ]
293}
294
295shared_library("pocdll") {
296  sources = [
297    "sandbox_poc/pocdll/exports.h",
298    "sandbox_poc/pocdll/fs.cc",
299    "sandbox_poc/pocdll/handles.cc",
300    "sandbox_poc/pocdll/invasive.cc",
301    "sandbox_poc/pocdll/network.cc",
302    "sandbox_poc/pocdll/pocdll.cc",
303    "sandbox_poc/pocdll/processes_and_threads.cc",
304    "sandbox_poc/pocdll/registry.cc",
305    "sandbox_poc/pocdll/spyware.cc",
306    "sandbox_poc/pocdll/utils.h",
307  ]
308
309  defines = [ "POCDLL_EXPORTS" ]
310
311  deps = [
312    "//build/config/sanitizers:deps",
313  ]
314}
315