blob: 9606750e65ce0315d94cf82a7307d0d9023677ae [file] [log] [blame]
# Copyright 2017 The Fuchsia Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import("//build/fuzzing/fuzzer.gni")
import("BUILD.generated.gni")
import("BUILD.generated_tests.gni")
if (is_fuchsia) {
import("//build/package.gni")
import("//build/test/test_package.gni")
}
################################################################################
# Public targets
group("boringssl") {
public_deps = [
":crypto",
":ssl",
]
}
if (current_cpu == "arm64" && (is_fuchsia || is_linux)) {
crypto_sources += crypto_sources_linux_aarch64
} else if (current_cpu == "x64" && (is_fuchsia || is_linux)) {
crypto_sources += crypto_sources_linux_x86_64
} else if (current_cpu == "x64" && is_mac) {
crypto_sources += crypto_sources_mac_x86_64
} else {
assert(false, "unsupported OS or CPU: $current_os/$current_cpu")
}
# TODO(46139): remove this added source.
crypto_sources += [ "src/decrepit/xts/xts.c" ]
################
# libcrypto.so #
################
target(default_library_type, "crypto") {
sources = crypto_sources
public = crypto_headers
public_configs = [ ":boringssl_config" ]
configs += [ ":internal_config" ]
if (is_fuchsia) {
# TODO(46910): UBSan has found an instance of undefined behavior in this target.
# Disable UBSan for this target temporarily until it is migrated into CI/CQ.
configs += [ "//build/config:temporarily_disable_ubsan_do_not_use" ]
# TODO(60545): profile instrumentation significantly affects performance.
configs += [ "//build/config:no_profile" ]
# boringssl should always be optimized for speed because otherwise performance is significantly
# worse, impacting pave and boot times on debug builds (fxb/55456)
configs -= [ "//build/config:default_optimize" ]
configs += [ "//build/config:optimize_speed" ]
# sysrand() uses Zircon system call.
deps = [ "//src/zircon/lib/zircon" ]
}
}
target(default_library_type, "ssl") {
sources = ssl_sources
public = ssl_headers
public_configs = [ ":boringssl_config" ]
configs += [ ":internal_config" ]
deps = [ ":crypto" ]
if (is_fuchsia) {
# boringssl should always be optimized for speed because otherwise performance is significantly
# worse, impacting pave and boot times on debug builds (fxb/55456)
configs -= [ "//build/config:default_optimize" ]
configs += [ "//build/config:optimize_speed" ]
}
}
source_set("crypto_unsafe") {
testonly = true
visibility = [ ":*" ]
sources = crypto_sources
public = crypto_headers
configs += [ ":fuzz_config" ]
if (is_fuchsia) {
# TODO(46910): UBSan has found an instance of undefined behavior in this target.
# Disable UBSan for this target temporarily until it is migrated into CI/CQ.
configs += [ "//build/config:temporarily_disable_ubsan_do_not_use" ]
# sysrand() uses Zircon system call.
deps = [ "//src/zircon/lib/zircon" ]
}
}
source_set("ssl_unsafe") {
testonly = true
visibility = [ ":*" ]
sources = ssl_sources
public = ssl_headers
configs += [ ":fuzz_config" ]
deps = [ ":crypto_unsafe" ]
}
##########################
# bssl command line tool #
##########################
if (is_fuchsia) {
package("boringssl_tool") {
deps = [ ":bssl" ]
binaries = [
{
name = "bssl"
shell = true
},
]
}
} else {
group("boringssl_tool") {
deps = [ ":bssl" ]
}
}
# See //third_party/boringssl/tool/CMakeLists.txt
executable("bssl") {
visibility = [ ":*" ]
sources = [
"src/tool/args.cc",
"src/tool/ciphers.cc",
"src/tool/client.cc",
"src/tool/const.cc",
"src/tool/digest.cc",
"src/tool/file.cc",
"src/tool/generate_ed25519.cc",
"src/tool/genrsa.cc",
"src/tool/pkcs12.cc",
"src/tool/rand.cc",
"src/tool/server.cc",
"src/tool/sign.cc",
"src/tool/speed.cc",
"src/tool/tool.cc",
"src/tool/transport_common.cc",
]
configs += [ "//third_party/boringssl:internal_config" ]
deps = [
":crypto",
":ssl",
]
}
##############
# Unit tests #
##############
if (is_fuchsia) {
unittest_package("boringssl_tests") {
deps = [
":crypto_test",
":ssl_test",
]
tests = [
{
name = "crypto_test"
# This test takes a long time to run, and it is included in every subset
# of the Fuchsia build.
# TODO(bgoldman): Find a way to skip this test when runtests is set to
# skip "large" tests.
disabled = true
},
{
name = "ssl_test"
},
]
}
}
group("tests") {
testonly = true
if (is_fuchsia) {
deps = [ ":boringssl_tests" ]
} else {
deps = [
":crypto_test",
":ssl_test",
]
}
}
executable("crypto_test") {
testonly = true
visibility = [ ":*" ]
sources = crypto_test_sources + test_support_sources
configs += [ ":test_config" ]
deps = [
":crypto",
"//third_party/googletest:gtest",
]
}
executable("ssl_test") {
testonly = true
visibility = [ ":*" ]
sources = ssl_test_sources + test_support_sources
configs += [ ":test_config" ]
deps = [
":crypto",
":ssl",
"//third_party/googletest:gtest",
]
}
################################################################################
# Fuzzers
# Upstream BoringSSL defines a `fuzzers` global variable in the generated
# GNI files; we rename it to avoid colliding with the similarly-named parameter
# on the fuzzers_package.
fuzzer_names = fuzzers
# Explicitly remove the arm_cpuinfo fuzzer, which tests Linux-specific routines
if (is_fuchsia) {
fuzzer_names -= [ "arm_cpuinfo" ]
}
foreach(name, fuzzer_names) {
fuzzer("${name}_fuzzer") {
visibility = [ ":*" ]
sources = [ "src/fuzz/${name}.cc" ]
configs += [ ":fuzz_config" ]
deps = [
":crypto_unsafe",
":ssl_unsafe",
]
}
}
fuzzers_package("boringssl_fuzzers") {
fuzzers = []
foreach(name, fuzzer_names) {
fuzzers += [ ":${name}_fuzzer" ]
}
}
################################################################################
# Configs
config("boringssl_config") {
include_dirs = [ "src/include" ]
}
config("internal_config") {
visibility = [ ":*" ]
defines = [
"BORINGSSL_ALLOW_CXX_RUNTIME",
"BORINGSSL_IMPLEMENTATION",
"BORINGSSL_NO_STATIC_INITIALIZER",
"BORINGSSL_SHARED_LIBRARY",
"OPENSSL_SMALL",
]
if (is_linux) {
# pthread_rwlock_t on Linux requires a feature flag.
defines += [ "_XOPEN_SOURCE=700" ]
}
cflags = [
"-Wno-unused-function",
"-Wno-conversion",
]
configs = [
":boringssl_config",
"//build/config:shared_library_config",
]
if (is_fuchsia) {
configs += [ "//build/config/fuchsia:static_cpp_standard_library" ]
}
}
config("test_config") {
visibility = [ ":*" ]
include_dirs = [
"src/crypto/test",
"src/ssl/test",
]
configs = [ ":internal_config" ]
# TODO(INTK-682): Newer googletest's are spamming about an API rename, but
# BoringSSL hasn't updated yet.
cflags = [ "-Wno-deprecated-declarations" ]
}
config("fuzz_config") {
visibility = [ ":*" ]
# BoringSSL explicitly decided against using the common LLVM fuzzing macro:
# https://boringssl-review.googlesource.com/c/boringssl/+/31244
defines = [ "BORINGSSL_UNSAFE_DETERMINISTIC_MODE" ]
configs = [ ":internal_config" ]
}