2018-08-10 16:30:55 +01:00
|
|
|
cmake_minimum_required(VERSION 2.8.11)
|
2014-06-20 20:00:00 +01:00
|
|
|
|
2017-12-04 22:19:49 +00:00
|
|
|
# Report AppleClang separately from Clang. Their version numbers are different.
|
|
|
|
|
# https://cmake.org/cmake/help/v3.0/policy/CMP0025.html
|
|
|
|
|
if(POLICY CMP0025)
|
|
|
|
|
cmake_policy(SET CMP0025 NEW)
|
|
|
|
|
endif()
|
|
|
|
|
|
2016-02-06 02:58:39 +00:00
|
|
|
# Defer enabling C and CXX languages.
|
2018-08-10 16:30:55 +01:00
|
|
|
project(BoringSSL NONE)
|
2016-02-06 02:58:39 +00:00
|
|
|
|
|
|
|
|
if(WIN32)
|
|
|
|
|
# On Windows, prefer cl over gcc if both are available. By default most of
|
|
|
|
|
# the CMake generators prefer gcc, even on Windows.
|
|
|
|
|
set(CMAKE_GENERATOR_CC cl)
|
|
|
|
|
endif()
|
|
|
|
|
|
2017-05-19 20:26:18 +01:00
|
|
|
include(sources.cmake)
|
|
|
|
|
|
2016-02-06 02:58:39 +00:00
|
|
|
enable_language(C)
|
|
|
|
|
enable_language(CXX)
|
2014-06-20 20:00:00 +01:00
|
|
|
|
Support symbol prefixes
- In base.h, if BORINGSSL_PREFIX is defined, include
boringssl_prefix_symbols.h
- In all .S files, if BORINGSSL_PREFIX is defined, include
boringssl_prefix_symbols_asm.h
- In base.h, BSSL_NAMESPACE_BEGIN and BSSL_NAMESPACE_END are
defined with appropriate values depending on whether
BORINGSSL_PREFIX is defined; these macros are used in place
of 'namespace bssl {' and '}'
- Add util/make_prefix_headers.go, which takes a list of symbols
and auto-generates the header files mentioned above
- In CMakeLists.txt, if BORINGSSL_PREFIX and BORINGSSL_PREFIX_SYMBOLS
are defined, run util/make_prefix_headers.go to generate header
files
- In various CMakeLists.txt files, add "global_target" that all
targets depend on to give us a place to hook logic that must run
before all other targets (in particular, the header file generation
logic)
- Document this in BUILDING.md, including the fact that it is
the caller's responsibility to provide the symbol list and keep it
up to date
- Note that this scheme has not been tested on Windows, and likely
does not work on it; Windows support will need to be added in a
future commit
Change-Id: If66a7157f46b5b66230ef91e15826b910cf979a2
Reviewed-on: https://boringssl-review.googlesource.com/31364
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
2018-08-27 02:53:36 +01:00
|
|
|
# This is a dummy target which all other targets depend on (manually - see other
|
|
|
|
|
# CMakeLists.txt files). This gives us a hook to add any targets which need to
|
|
|
|
|
# run before all other targets.
|
|
|
|
|
add_custom_target(global_target)
|
|
|
|
|
|
2015-04-29 01:46:58 +01:00
|
|
|
if(ANDROID)
|
|
|
|
|
# Android-NDK CMake files reconfigure the path and so Go and Perl won't be
|
|
|
|
|
# found. However, ninja will still find them in $PATH if we just name them.
|
2016-05-19 14:28:14 +01:00
|
|
|
if(NOT PERL_EXECUTABLE)
|
|
|
|
|
set(PERL_EXECUTABLE "perl")
|
|
|
|
|
endif()
|
|
|
|
|
if(NOT GO_EXECUTABLE)
|
|
|
|
|
set(GO_EXECUTABLE "go")
|
|
|
|
|
endif()
|
2015-04-29 01:46:58 +01:00
|
|
|
else()
|
|
|
|
|
find_package(Perl REQUIRED)
|
|
|
|
|
find_program(GO_EXECUTABLE go)
|
|
|
|
|
endif()
|
2015-02-23 18:06:19 +00:00
|
|
|
|
2019-01-15 18:45:57 +00:00
|
|
|
if(CMAKE_SYSTEM_NAME STREQUAL "Linux" AND NOT CMAKE_CROSSCOMPILING)
|
2019-01-04 15:53:25 +00:00
|
|
|
find_package(PkgConfig QUIET)
|
|
|
|
|
if (PkgConfig_FOUND)
|
|
|
|
|
pkg_check_modules(LIBUNWIND libunwind-generic)
|
|
|
|
|
if(LIBUNWIND_FOUND)
|
|
|
|
|
add_definitions(-DBORINGSSL_HAVE_LIBUNWIND)
|
|
|
|
|
else()
|
|
|
|
|
message("libunwind not found. Disabling unwind tests.")
|
|
|
|
|
endif()
|
Add a CFI tester to CHECK_ABI.
This uses the x86 trap flag and libunwind to test CFI works at each
instruction. For now, it just uses the system one out of pkg-config and
disables unwind tests if unavailable. We'll probably want to stick a
copy into //third_party and perhaps try the LLVM one later.
This tester caught two bugs in P-256 CFI annotations already:
I47b5f9798b3bcee1748e537b21c173d312a14b42 and
I9f576d868850312d6c14d1386f8fbfa85021b347
An earlier design used PTRACE_SINGLESTEP with libunwind's remote
unwinding features. ptrace is a mess around stop signals (see group-stop
discussion in ptrace(2)) and this is 10x faster, so I went with it. The
question of which is more future-proof is complex:
- There are two libunwinds with the same API,
https://www.nongnu.org/libunwind/ and LLVM's. This currently uses the
system nongnu.org for convenience. In future, LLVM's should be easier
to bundle (less complex build) and appears to even support Windows,
but I haven't tested this. Moreover, setting the trap flag keeps the
test single-process, which is less complex on Windows. That suggests
the trap flag design and switching to LLVM later. However...
- Not all architectures have a trap flag settable by userspace. As far
as I can tell, ARMv8's PSTATE.SS can only be set from the kernel. If
we stick with nongnu.org libunwind, we can use PTRACE_SINGLESTEP and
remote unwinding. Or we implement it for LLVM. Another thought is for
the ptracer to bounce SIGTRAP back into the process, to share the
local unwinding code.
- ARMv7 has no trap flag at all and PTRACE_SINGLESTEP fails. Debuggers
single-step by injecting breakpoints instead. However, ARMv8's trap
flag seems to work in both AArch32 and AArch64 modes, so we may be
able to condition it on a 64-bit kernel.
Sadly, neither strategy works with Intel SDE. Adding flags to cpucap
vectors as we do with ARM would help, but it would not emulate CPUs
newer than the host CPU. For now, I've just had SDE tests disable these.
Annoyingly, CMake does not allow object libraries to have dependencies,
so make test_support a proper static library. Rename the target to
test_support_lib to avoid
https://gitlab.kitware.com/cmake/cmake/issues/17785
Update-Note: This adds a new optional test dependency, but it's disabled
by default (define BORINGSSL_HAVE_LIBUNWIND), so consumers do not need
to do anything. We'll probably want to adjust this in the future.
Bug: 181
Change-Id: I817263d7907aff0904a9cee83f8b26747262cc0c
Reviewed-on: https://boringssl-review.googlesource.com/c/33966
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2018-12-21 23:58:36 +00:00
|
|
|
else()
|
2019-01-04 15:53:25 +00:00
|
|
|
message("pkgconfig not found. Disabling unwind tests.")
|
Add a CFI tester to CHECK_ABI.
This uses the x86 trap flag and libunwind to test CFI works at each
instruction. For now, it just uses the system one out of pkg-config and
disables unwind tests if unavailable. We'll probably want to stick a
copy into //third_party and perhaps try the LLVM one later.
This tester caught two bugs in P-256 CFI annotations already:
I47b5f9798b3bcee1748e537b21c173d312a14b42 and
I9f576d868850312d6c14d1386f8fbfa85021b347
An earlier design used PTRACE_SINGLESTEP with libunwind's remote
unwinding features. ptrace is a mess around stop signals (see group-stop
discussion in ptrace(2)) and this is 10x faster, so I went with it. The
question of which is more future-proof is complex:
- There are two libunwinds with the same API,
https://www.nongnu.org/libunwind/ and LLVM's. This currently uses the
system nongnu.org for convenience. In future, LLVM's should be easier
to bundle (less complex build) and appears to even support Windows,
but I haven't tested this. Moreover, setting the trap flag keeps the
test single-process, which is less complex on Windows. That suggests
the trap flag design and switching to LLVM later. However...
- Not all architectures have a trap flag settable by userspace. As far
as I can tell, ARMv8's PSTATE.SS can only be set from the kernel. If
we stick with nongnu.org libunwind, we can use PTRACE_SINGLESTEP and
remote unwinding. Or we implement it for LLVM. Another thought is for
the ptracer to bounce SIGTRAP back into the process, to share the
local unwinding code.
- ARMv7 has no trap flag at all and PTRACE_SINGLESTEP fails. Debuggers
single-step by injecting breakpoints instead. However, ARMv8's trap
flag seems to work in both AArch32 and AArch64 modes, so we may be
able to condition it on a 64-bit kernel.
Sadly, neither strategy works with Intel SDE. Adding flags to cpucap
vectors as we do with ARM would help, but it would not emulate CPUs
newer than the host CPU. For now, I've just had SDE tests disable these.
Annoyingly, CMake does not allow object libraries to have dependencies,
so make test_support a proper static library. Rename the target to
test_support_lib to avoid
https://gitlab.kitware.com/cmake/cmake/issues/17785
Update-Note: This adds a new optional test dependency, but it's disabled
by default (define BORINGSSL_HAVE_LIBUNWIND), so consumers do not need
to do anything. We'll probably want to adjust this in the future.
Bug: 181
Change-Id: I817263d7907aff0904a9cee83f8b26747262cc0c
Reviewed-on: https://boringssl-review.googlesource.com/c/33966
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2018-12-21 23:58:36 +00:00
|
|
|
endif()
|
|
|
|
|
endif()
|
|
|
|
|
|
2018-08-10 16:30:55 +01:00
|
|
|
if(NOT GO_EXECUTABLE)
|
2015-03-05 06:19:27 +00:00
|
|
|
message(FATAL_ERROR "Could not find Go")
|
|
|
|
|
endif()
|
|
|
|
|
|
2018-08-10 16:30:55 +01:00
|
|
|
if(USE_CUSTOM_LIBCXX)
|
2018-08-09 21:33:07 +01:00
|
|
|
set(BORINGSSL_ALLOW_CXX_RUNTIME 1)
|
|
|
|
|
endif()
|
Support symbol prefixes
- In base.h, if BORINGSSL_PREFIX is defined, include
boringssl_prefix_symbols.h
- In all .S files, if BORINGSSL_PREFIX is defined, include
boringssl_prefix_symbols_asm.h
- In base.h, BSSL_NAMESPACE_BEGIN and BSSL_NAMESPACE_END are
defined with appropriate values depending on whether
BORINGSSL_PREFIX is defined; these macros are used in place
of 'namespace bssl {' and '}'
- Add util/make_prefix_headers.go, which takes a list of symbols
and auto-generates the header files mentioned above
- In CMakeLists.txt, if BORINGSSL_PREFIX and BORINGSSL_PREFIX_SYMBOLS
are defined, run util/make_prefix_headers.go to generate header
files
- In various CMakeLists.txt files, add "global_target" that all
targets depend on to give us a place to hook logic that must run
before all other targets (in particular, the header file generation
logic)
- Document this in BUILDING.md, including the fact that it is
the caller's responsibility to provide the symbol list and keep it
up to date
- Note that this scheme has not been tested on Windows, and likely
does not work on it; Windows support will need to be added in a
future commit
Change-Id: If66a7157f46b5b66230ef91e15826b910cf979a2
Reviewed-on: https://boringssl-review.googlesource.com/31364
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
2018-08-27 02:53:36 +01:00
|
|
|
|
2018-08-10 16:30:55 +01:00
|
|
|
if(BORINGSSL_ALLOW_CXX_RUNTIME)
|
2017-07-26 16:39:38 +01:00
|
|
|
add_definitions(-DBORINGSSL_ALLOW_CXX_RUNTIME)
|
|
|
|
|
endif()
|
|
|
|
|
|
2018-11-27 22:07:12 +00:00
|
|
|
if(CMAKE_BUILD_TYPE STREQUAL "Release")
|
|
|
|
|
# Windows release builds don't set NDEBUG in NASM flags automatically.
|
|
|
|
|
set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DNDEBUG")
|
|
|
|
|
endif()
|
|
|
|
|
|
Add a RelWithAsserts build configuration.
On our bots, debug unit tests take around 2.5x as long to complete as
release tests on Linux, 3x as long on macOS, and 6x as long on Windows.
Our tests are fast, so this does not particularly matter, but SDE
inflates a 13 second test run to 8 minutes. On Windows (MSVC), where we
don't but would like to test with SDE, the difference between optimized
and unoptimized is even larger, and test runs are slower in general.
This suggests running SDE tests in release mode. Release mode tests,
however, are less effective because they do not include asserts. Thus,
add a RelWithAsserts option.
(Chromium does something similar. I believe most of the test-running
configurations on the critical path run is_debug = false and
dcheck_always_on = true.)
Change-Id: I273dd86ab8ea039f34eca431483827c87dc5c461
Reviewed-on: https://boringssl-review.googlesource.com/c/34464
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2019-01-23 01:49:35 +00:00
|
|
|
# Add a RelWithAsserts build configuration. It is the same as Release, except it
|
|
|
|
|
# does not define NDEBUG, so asserts run.
|
|
|
|
|
foreach(VAR CMAKE_C_FLAGS CMAKE_CXX_FLAGS CMAKE_ASM_FLAGS)
|
|
|
|
|
string(REGEX REPLACE "(^| )[/-]DNDEBUG( |$)" " " "${VAR}_RELWITHASSERTS"
|
|
|
|
|
"${${VAR}_RELEASE}")
|
|
|
|
|
endforeach()
|
|
|
|
|
|
Support symbol prefixes
- In base.h, if BORINGSSL_PREFIX is defined, include
boringssl_prefix_symbols.h
- In all .S files, if BORINGSSL_PREFIX is defined, include
boringssl_prefix_symbols_asm.h
- In base.h, BSSL_NAMESPACE_BEGIN and BSSL_NAMESPACE_END are
defined with appropriate values depending on whether
BORINGSSL_PREFIX is defined; these macros are used in place
of 'namespace bssl {' and '}'
- Add util/make_prefix_headers.go, which takes a list of symbols
and auto-generates the header files mentioned above
- In CMakeLists.txt, if BORINGSSL_PREFIX and BORINGSSL_PREFIX_SYMBOLS
are defined, run util/make_prefix_headers.go to generate header
files
- In various CMakeLists.txt files, add "global_target" that all
targets depend on to give us a place to hook logic that must run
before all other targets (in particular, the header file generation
logic)
- Document this in BUILDING.md, including the fact that it is
the caller's responsibility to provide the symbol list and keep it
up to date
- Note that this scheme has not been tested on Windows, and likely
does not work on it; Windows support will need to be added in a
future commit
Change-Id: If66a7157f46b5b66230ef91e15826b910cf979a2
Reviewed-on: https://boringssl-review.googlesource.com/31364
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
2018-08-27 02:53:36 +01:00
|
|
|
if(BORINGSSL_PREFIX AND BORINGSSL_PREFIX_SYMBOLS)
|
|
|
|
|
add_definitions(-DBORINGSSL_PREFIX=${BORINGSSL_PREFIX})
|
2018-11-25 21:58:02 +00:00
|
|
|
# CMake automatically connects include_directories to the NASM command-line,
|
|
|
|
|
# but not add_definitions.
|
|
|
|
|
set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DBORINGSSL_PREFIX=${BORINGSSL_PREFIX}")
|
Support symbol prefixes
- In base.h, if BORINGSSL_PREFIX is defined, include
boringssl_prefix_symbols.h
- In all .S files, if BORINGSSL_PREFIX is defined, include
boringssl_prefix_symbols_asm.h
- In base.h, BSSL_NAMESPACE_BEGIN and BSSL_NAMESPACE_END are
defined with appropriate values depending on whether
BORINGSSL_PREFIX is defined; these macros are used in place
of 'namespace bssl {' and '}'
- Add util/make_prefix_headers.go, which takes a list of symbols
and auto-generates the header files mentioned above
- In CMakeLists.txt, if BORINGSSL_PREFIX and BORINGSSL_PREFIX_SYMBOLS
are defined, run util/make_prefix_headers.go to generate header
files
- In various CMakeLists.txt files, add "global_target" that all
targets depend on to give us a place to hook logic that must run
before all other targets (in particular, the header file generation
logic)
- Document this in BUILDING.md, including the fact that it is
the caller's responsibility to provide the symbol list and keep it
up to date
- Note that this scheme has not been tested on Windows, and likely
does not work on it; Windows support will need to be added in a
future commit
Change-Id: If66a7157f46b5b66230ef91e15826b910cf979a2
Reviewed-on: https://boringssl-review.googlesource.com/31364
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
2018-08-27 02:53:36 +01:00
|
|
|
|
|
|
|
|
# Use "symbol_prefix_include" to store generated header files
|
|
|
|
|
include_directories(${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include)
|
|
|
|
|
add_custom_command(
|
|
|
|
|
OUTPUT symbol_prefix_include/boringssl_prefix_symbols.h
|
|
|
|
|
symbol_prefix_include/boringssl_prefix_symbols_asm.h
|
|
|
|
|
symbol_prefix_include/boringssl_prefix_symbols_nasm.inc
|
|
|
|
|
COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include
|
|
|
|
|
COMMAND ${GO_EXECUTABLE} run ${CMAKE_CURRENT_SOURCE_DIR}/util/make_prefix_headers.go -out ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include ${BORINGSSL_PREFIX_SYMBOLS}
|
|
|
|
|
DEPENDS util/make_prefix_headers.go
|
|
|
|
|
${CMAKE_BINARY_DIR}/${BORINGSSL_PREFIX_SYMBOLS})
|
|
|
|
|
|
|
|
|
|
# add_dependencies needs a target, not a file, so we add an intermediate
|
|
|
|
|
# target.
|
|
|
|
|
add_custom_target(
|
|
|
|
|
boringssl_prefix_symbols
|
|
|
|
|
DEPENDS symbol_prefix_include/boringssl_prefix_symbols.h
|
|
|
|
|
symbol_prefix_include/boringssl_prefix_symbols_asm.h
|
|
|
|
|
symbol_prefix_include/boringssl_prefix_symbols_nasm.inc)
|
|
|
|
|
add_dependencies(global_target boringssl_prefix_symbols)
|
|
|
|
|
elseif(BORINGSSL_PREFIX OR BORINGSSL_PREFIX_SYMBOLS)
|
|
|
|
|
message(FATAL_ERROR "Must specify both or neither of BORINGSSL_PREFIX and BORINGSSL_PREFIX_SYMBOLS")
|
|
|
|
|
endif()
|
|
|
|
|
|
2017-10-05 20:04:08 +01:00
|
|
|
if(CMAKE_CXX_COMPILER_ID MATCHES "Clang")
|
|
|
|
|
set(CLANG 1)
|
|
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
if(CMAKE_COMPILER_IS_GNUCXX OR CLANG)
|
|
|
|
|
# Note clang-cl is odd and sets both CLANG and MSVC. We base our configuration
|
2018-01-05 20:43:09 +00:00
|
|
|
# primarily on our normal Clang one.
|
|
|
|
|
set(C_CXX_FLAGS "-Werror -Wformat=2 -Wsign-compare -Wmissing-field-initializers -Wwrite-strings")
|
2017-10-05 20:04:08 +01:00
|
|
|
if(MSVC)
|
2018-01-05 20:43:09 +00:00
|
|
|
# clang-cl sets different default warnings than clang. It also treats -Wall
|
|
|
|
|
# as -Weverything, to match MSVC. Instead -W3 is the alias for -Wall.
|
|
|
|
|
# See http://llvm.org/viewvc/llvm-project?view=revision&revision=319116
|
|
|
|
|
set(C_CXX_FLAGS "${C_CXX_FLAGS} -W3 -Wno-unused-parameter -fmsc-version=1900")
|
2017-10-05 20:04:08 +01:00
|
|
|
# googletest suppresses warning C4996 via a pragma, but clang-cl does not
|
|
|
|
|
# honor it. Suppress it here to compensate. See https://crbug.com/772117.
|
|
|
|
|
set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wno-deprecated-declarations")
|
|
|
|
|
else()
|
2018-01-05 20:43:09 +00:00
|
|
|
set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wall -ggdb -fvisibility=hidden -fno-common")
|
2017-10-05 20:04:08 +01:00
|
|
|
endif()
|
2017-09-20 16:51:54 +01:00
|
|
|
|
2017-10-05 20:04:08 +01:00
|
|
|
if(CLANG)
|
2017-07-31 19:03:38 +01:00
|
|
|
set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wnewline-eof -fcolor-diagnostics")
|
2017-04-28 22:47:06 +01:00
|
|
|
else()
|
|
|
|
|
# GCC (at least 4.8.4) has a bug where it'll find unreachable free() calls
|
|
|
|
|
# and declare that the code is trying to free a stack pointer.
|
|
|
|
|
set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wno-free-nonheap-object")
|
2016-08-29 19:59:31 +01:00
|
|
|
endif()
|
2017-09-20 16:51:54 +01:00
|
|
|
|
2017-10-05 20:04:08 +01:00
|
|
|
if(CLANG OR NOT "7.0.0" VERSION_GREATER CMAKE_C_COMPILER_VERSION)
|
2017-09-20 16:51:54 +01:00
|
|
|
set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wimplicit-fallthrough")
|
|
|
|
|
endif()
|
|
|
|
|
|
2016-06-30 22:16:59 +01:00
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${C_CXX_FLAGS} -Wmissing-prototypes -Wold-style-definition -Wstrict-prototypes")
|
2017-10-05 20:04:08 +01:00
|
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${C_CXX_FLAGS} -Wmissing-declarations")
|
2017-07-26 16:39:38 +01:00
|
|
|
|
2017-10-05 20:04:08 +01:00
|
|
|
if(NOT MSVC)
|
|
|
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11")
|
2017-10-16 20:58:08 +01:00
|
|
|
if(APPLE)
|
|
|
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -stdlib=libc++")
|
|
|
|
|
endif()
|
2017-10-05 20:04:08 +01:00
|
|
|
if(NOT BORINGSSL_ALLOW_CXX_RUNTIME)
|
|
|
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fno-exceptions -fno-rtti")
|
|
|
|
|
endif()
|
2017-07-26 16:39:38 +01:00
|
|
|
endif()
|
|
|
|
|
|
2017-07-13 22:53:07 +01:00
|
|
|
# In GCC, -Wmissing-declarations is the C++ spelling of -Wmissing-prototypes
|
|
|
|
|
# and using the wrong one is an error. In Clang, -Wmissing-prototypes is the
|
|
|
|
|
# spelling for both and -Wmissing-declarations is some other warning.
|
|
|
|
|
#
|
|
|
|
|
# https://gcc.gnu.org/onlinedocs/gcc-7.1.0/gcc/Warning-Options.html#Warning-Options
|
|
|
|
|
# https://clang.llvm.org/docs/DiagnosticsReference.html#wmissing-prototypes
|
|
|
|
|
# https://clang.llvm.org/docs/DiagnosticsReference.html#wmissing-declarations
|
2017-10-05 20:04:08 +01:00
|
|
|
if(CLANG)
|
2017-09-20 16:51:54 +01:00
|
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wmissing-prototypes")
|
2017-07-13 22:53:07 +01:00
|
|
|
endif()
|
2017-10-09 20:09:43 +01:00
|
|
|
|
|
|
|
|
if(CMAKE_COMPILER_IS_GNUCXX AND "4.8" VERSION_GREATER CMAKE_C_COMPILER_VERSION)
|
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-array-bounds")
|
|
|
|
|
endif()
|
|
|
|
|
|
2014-06-20 20:00:00 +01:00
|
|
|
elseif(MSVC)
|
2015-01-29 00:20:02 +00:00
|
|
|
set(MSVC_DISABLED_WARNINGS_LIST
|
Do a cursory conversion of a few tests to GTest.
For now, this is the laziest conversion possible. The intent is to just
get the build setup ready so that we can get everything working in our
consumers. The intended end state is:
- The standalone build produces three test targets, one per library:
{crypto,ssl,decrepit}_tests.
- Each FOO_test is made up of:
FOO/**/*_test.cc
crypto/test/gtest_main.cc
test_support
- generate_build_files.py emits variables crypto_test_sources and
ssl_test_sources. These variables are populated with FindCFiles,
looking for *_test.cc.
- The consuming file assembles those variables into the two test targets
(plus decrepit) from there. This avoids having generate_build_files.py
emit actual build rules.
- Our standalone builders, Chromium, and Android just run the top-level
test targets using whatever GTest-based reporting story they have.
In transition, we start by converting one of two tests in each library
to populate the three test targets. Those are added to all_tests.json
and all_tests.go hacked to handle them transparently. This keeps our
standalone builder working.
generate_build_files.py, to start with, populates the new source lists
manually and subtracts them out of the old machinery. We emit both for
the time being. When this change rolls in, we'll write all the build
glue needed to build the GTest-based tests and add it to consumers'
continuous builders.
Next, we'll subsume a file-based test and get the consumers working with
that. (I.e. make sure the GTest targets can depend on a data file.)
Once that's all done, we'll be sure all this will work. At that point,
we start subsuming the remaining tests into the GTest targets and,
asynchronously, rewriting tests to use GTest properly rather than
cursory conversion here.
When all non-GTest tests are gone, the old generate_build_files.py hooks
will be removed, consumers updated to not depend on them, and standalone
builders converted to not rely on all_tests.go, which can then be
removed. (Unless bits end up being needed as a malloc test driver. I'm
thinking we'll want to do something with --gtest_filter.)
As part of this CL, I've bumped the CMake requirements (for
target_include_directories) and added a few suppressions for warnings
that GTest doesn't pass.
BUG=129
Change-Id: I881b26b07a8739cc0b52dbb51a30956908e1b71a
Reviewed-on: https://boringssl-review.googlesource.com/13232
Reviewed-by: Adam Langley <agl@google.com>
2017-01-20 00:05:47 +00:00
|
|
|
"C4061" # enumerator 'identifier' in switch of enum 'enumeration' is not
|
|
|
|
|
# explicitly handled by a case label
|
|
|
|
|
# Disable this because it flags even when there is a default.
|
2015-01-29 00:20:02 +00:00
|
|
|
"C4100" # 'exarg' : unreferenced formal parameter
|
|
|
|
|
"C4127" # conditional expression is constant
|
|
|
|
|
"C4200" # nonstandard extension used : zero-sized array in
|
|
|
|
|
# struct/union.
|
2016-11-13 01:32:10 +00:00
|
|
|
"C4204" # nonstandard extension used: non-constant aggregate initializer
|
|
|
|
|
"C4221" # nonstandard extension used : 'identifier' : cannot be
|
|
|
|
|
# initialized using address of automatic variable
|
2015-01-29 00:20:02 +00:00
|
|
|
"C4242" # 'function' : conversion from 'int' to 'uint8_t',
|
|
|
|
|
# possible loss of data
|
|
|
|
|
"C4244" # 'function' : conversion from 'int' to 'uint8_t',
|
|
|
|
|
# possible loss of data
|
2015-02-11 20:12:05 +00:00
|
|
|
"C4267" # conversion from 'size_t' to 'int', possible loss of data
|
|
|
|
|
"C4371" # layout of class may have changed from a previous version of the
|
|
|
|
|
# compiler due to better packing of member '...'
|
|
|
|
|
"C4388" # signed/unsigned mismatch
|
2015-01-29 00:20:02 +00:00
|
|
|
"C4296" # '>=' : expression is always true
|
|
|
|
|
"C4350" # behavior change: 'std::_Wrap_alloc...'
|
|
|
|
|
"C4365" # '=' : conversion from 'size_t' to 'int',
|
|
|
|
|
# signed/unsigned mismatch
|
|
|
|
|
"C4389" # '!=' : signed/unsigned mismatch
|
2016-05-02 17:57:01 +01:00
|
|
|
"C4464" # relative include path contains '..'
|
2015-01-29 00:20:02 +00:00
|
|
|
"C4510" # 'argument' : default constructor could not be generated
|
|
|
|
|
"C4512" # 'argument' : assignment operator could not be generated
|
|
|
|
|
"C4514" # 'function': unreferenced inline function has been removed
|
|
|
|
|
"C4548" # expression before comma has no effect; expected expression with
|
|
|
|
|
# side-effect" caused by FD_* macros.
|
|
|
|
|
"C4610" # struct 'argument' can never be instantiated - user defined
|
|
|
|
|
# constructor required.
|
2016-05-02 17:57:01 +01:00
|
|
|
"C4623" # default constructor was implicitly defined as deleted
|
2015-02-11 20:12:05 +00:00
|
|
|
"C4625" # copy constructor could not be generated because a base class
|
|
|
|
|
# copy constructor is inaccessible or deleted
|
|
|
|
|
"C4626" # assignment operator could not be generated because a base class
|
|
|
|
|
# assignment operator is inaccessible or deleted
|
Do a cursory conversion of a few tests to GTest.
For now, this is the laziest conversion possible. The intent is to just
get the build setup ready so that we can get everything working in our
consumers. The intended end state is:
- The standalone build produces three test targets, one per library:
{crypto,ssl,decrepit}_tests.
- Each FOO_test is made up of:
FOO/**/*_test.cc
crypto/test/gtest_main.cc
test_support
- generate_build_files.py emits variables crypto_test_sources and
ssl_test_sources. These variables are populated with FindCFiles,
looking for *_test.cc.
- The consuming file assembles those variables into the two test targets
(plus decrepit) from there. This avoids having generate_build_files.py
emit actual build rules.
- Our standalone builders, Chromium, and Android just run the top-level
test targets using whatever GTest-based reporting story they have.
In transition, we start by converting one of two tests in each library
to populate the three test targets. Those are added to all_tests.json
and all_tests.go hacked to handle them transparently. This keeps our
standalone builder working.
generate_build_files.py, to start with, populates the new source lists
manually and subtracts them out of the old machinery. We emit both for
the time being. When this change rolls in, we'll write all the build
glue needed to build the GTest-based tests and add it to consumers'
continuous builders.
Next, we'll subsume a file-based test and get the consumers working with
that. (I.e. make sure the GTest targets can depend on a data file.)
Once that's all done, we'll be sure all this will work. At that point,
we start subsuming the remaining tests into the GTest targets and,
asynchronously, rewriting tests to use GTest properly rather than
cursory conversion here.
When all non-GTest tests are gone, the old generate_build_files.py hooks
will be removed, consumers updated to not depend on them, and standalone
builders converted to not rely on all_tests.go, which can then be
removed. (Unless bits end up being needed as a malloc test driver. I'm
thinking we'll want to do something with --gtest_filter.)
As part of this CL, I've bumped the CMake requirements (for
target_include_directories) and added a few suppressions for warnings
that GTest doesn't pass.
BUG=129
Change-Id: I881b26b07a8739cc0b52dbb51a30956908e1b71a
Reviewed-on: https://boringssl-review.googlesource.com/13232
Reviewed-by: Adam Langley <agl@google.com>
2017-01-20 00:05:47 +00:00
|
|
|
"C4668" # 'symbol' is not defined as a preprocessor macro, replacing with
|
|
|
|
|
# '0' for 'directives'
|
|
|
|
|
# Disable this because GTest uses it everywhere.
|
2015-01-29 00:20:02 +00:00
|
|
|
"C4706" # assignment within conditional expression
|
|
|
|
|
"C4710" # 'function': function not inlined
|
|
|
|
|
"C4711" # function 'function' selected for inline expansion
|
|
|
|
|
"C4800" # 'int' : forcing value to bool 'true' or 'false'
|
|
|
|
|
# (performance warning)
|
|
|
|
|
"C4820" # 'bytes' bytes padding added after construct 'member_name'
|
Do a cursory conversion of a few tests to GTest.
For now, this is the laziest conversion possible. The intent is to just
get the build setup ready so that we can get everything working in our
consumers. The intended end state is:
- The standalone build produces three test targets, one per library:
{crypto,ssl,decrepit}_tests.
- Each FOO_test is made up of:
FOO/**/*_test.cc
crypto/test/gtest_main.cc
test_support
- generate_build_files.py emits variables crypto_test_sources and
ssl_test_sources. These variables are populated with FindCFiles,
looking for *_test.cc.
- The consuming file assembles those variables into the two test targets
(plus decrepit) from there. This avoids having generate_build_files.py
emit actual build rules.
- Our standalone builders, Chromium, and Android just run the top-level
test targets using whatever GTest-based reporting story they have.
In transition, we start by converting one of two tests in each library
to populate the three test targets. Those are added to all_tests.json
and all_tests.go hacked to handle them transparently. This keeps our
standalone builder working.
generate_build_files.py, to start with, populates the new source lists
manually and subtracts them out of the old machinery. We emit both for
the time being. When this change rolls in, we'll write all the build
glue needed to build the GTest-based tests and add it to consumers'
continuous builders.
Next, we'll subsume a file-based test and get the consumers working with
that. (I.e. make sure the GTest targets can depend on a data file.)
Once that's all done, we'll be sure all this will work. At that point,
we start subsuming the remaining tests into the GTest targets and,
asynchronously, rewriting tests to use GTest properly rather than
cursory conversion here.
When all non-GTest tests are gone, the old generate_build_files.py hooks
will be removed, consumers updated to not depend on them, and standalone
builders converted to not rely on all_tests.go, which can then be
removed. (Unless bits end up being needed as a malloc test driver. I'm
thinking we'll want to do something with --gtest_filter.)
As part of this CL, I've bumped the CMake requirements (for
target_include_directories) and added a few suppressions for warnings
that GTest doesn't pass.
BUG=129
Change-Id: I881b26b07a8739cc0b52dbb51a30956908e1b71a
Reviewed-on: https://boringssl-review.googlesource.com/13232
Reviewed-by: Adam Langley <agl@google.com>
2017-01-20 00:05:47 +00:00
|
|
|
"C5026" # move constructor was implicitly defined as deleted
|
2016-05-02 17:57:01 +01:00
|
|
|
"C5027" # move assignment operator was implicitly defined as deleted
|
2018-05-22 13:50:44 +01:00
|
|
|
"C5045" # Compiler will insert Spectre mitigation for memory load if
|
|
|
|
|
# /Qspectre switch specified
|
2016-05-02 17:57:01 +01:00
|
|
|
)
|
|
|
|
|
set(MSVC_LEVEL4_WARNINGS_LIST
|
|
|
|
|
# See https://connect.microsoft.com/VisualStudio/feedback/details/1217660/warning-c4265-when-using-functional-header
|
|
|
|
|
"C4265" # class has virtual functions, but destructor is not virtual
|
|
|
|
|
)
|
2015-01-29 00:20:02 +00:00
|
|
|
string(REPLACE "C" " -wd" MSVC_DISABLED_WARNINGS_STR
|
|
|
|
|
${MSVC_DISABLED_WARNINGS_LIST})
|
2016-05-02 17:57:01 +01:00
|
|
|
string(REPLACE "C" " -w4" MSVC_LEVEL4_WARNINGS_STR
|
|
|
|
|
${MSVC_LEVEL4_WARNINGS_LIST})
|
2018-03-11 10:20:51 +00:00
|
|
|
set(CMAKE_C_FLAGS "-utf-8 -Wall -WX ${MSVC_DISABLED_WARNINGS_STR} ${MSVC_LEVEL4_WARNINGS_STR}")
|
|
|
|
|
set(CMAKE_CXX_FLAGS "-utf-8 -Wall -WX ${MSVC_DISABLED_WARNINGS_STR} ${MSVC_LEVEL4_WARNINGS_STR}")
|
2017-08-16 20:25:27 +01:00
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
if(WIN32)
|
2015-01-29 00:37:10 +00:00
|
|
|
add_definitions(-D_HAS_EXCEPTIONS=0)
|
2015-01-29 04:34:47 +00:00
|
|
|
add_definitions(-DWIN32_LEAN_AND_MEAN)
|
2015-04-02 18:20:01 +01:00
|
|
|
add_definitions(-DNOMINMAX)
|
2017-06-16 01:44:30 +01:00
|
|
|
# Allow use of fopen.
|
|
|
|
|
add_definitions(-D_CRT_SECURE_NO_WARNINGS)
|
2018-06-29 18:44:36 +01:00
|
|
|
# VS 2017 and higher supports STL-only warning suppressions. Manually add to
|
|
|
|
|
# C++ only to work around a CMake quoting bug when using NASM with the Visual
|
2018-07-06 19:46:30 +01:00
|
|
|
# Studio generator. This will be fixed in CMake 3.13.0. See
|
|
|
|
|
# https://gitlab.kitware.com/cmake/cmake/merge_requests/2179
|
2018-06-29 18:44:36 +01:00
|
|
|
add_compile_options($<$<COMPILE_LANGUAGE:CXX>:-D_STL_EXTRA_DISABLED_WARNINGS=4774\ 4987>)
|
2014-06-20 20:00:00 +01:00
|
|
|
endif()
|
|
|
|
|
|
2015-02-28 05:00:44 +00:00
|
|
|
if((CMAKE_COMPILER_IS_GNUCXX AND CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.7.99") OR
|
2017-10-05 20:04:08 +01:00
|
|
|
CLANG)
|
2015-01-29 00:37:10 +00:00
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow")
|
|
|
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wshadow")
|
2015-01-16 23:20:54 +00:00
|
|
|
endif()
|
|
|
|
|
|
2016-06-09 21:22:26 +01:00
|
|
|
if(CMAKE_COMPILER_IS_GNUCXX)
|
2018-08-10 16:30:55 +01:00
|
|
|
if((CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.8.99") OR CLANG)
|
2016-06-09 21:22:26 +01:00
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c11")
|
|
|
|
|
else()
|
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c99")
|
|
|
|
|
endif()
|
|
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
# pthread_rwlock_t requires a feature flag.
|
|
|
|
|
if(NOT WIN32)
|
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_XOPEN_SOURCE=700")
|
2015-05-15 20:01:29 +01:00
|
|
|
endif()
|
|
|
|
|
|
2015-11-09 21:57:26 +00:00
|
|
|
if(FUZZ)
|
2017-10-05 20:04:08 +01:00
|
|
|
if(NOT CLANG)
|
2016-09-28 22:14:01 +01:00
|
|
|
message(FATAL_ERROR "You need to build with Clang for fuzzing to work")
|
2015-11-09 21:57:26 +00:00
|
|
|
endif()
|
|
|
|
|
|
2018-08-24 18:46:01 +01:00
|
|
|
if(CMAKE_C_COMPILER_VERSION VERSION_LESS "6.0.0")
|
|
|
|
|
message(FATAL_ERROR "You need Clang ≥ 6.0.0")
|
|
|
|
|
endif()
|
|
|
|
|
|
2016-11-04 22:59:33 +00:00
|
|
|
add_definitions(-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE)
|
|
|
|
|
set(RUNNER_ARGS "-deterministic")
|
|
|
|
|
|
|
|
|
|
if(NOT NO_FUZZER_MODE)
|
|
|
|
|
add_definitions(-DBORINGSSL_UNSAFE_FUZZER_MODE)
|
|
|
|
|
set(RUNNER_ARGS ${RUNNER_ARGS} "-fuzzer" "-shim-config" "fuzzer_mode.json")
|
|
|
|
|
endif()
|
2016-03-02 03:57:32 +00:00
|
|
|
|
2018-08-24 18:46:01 +01:00
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address,fuzzer-no-link -fsanitize-coverage=edge,indirect-calls")
|
|
|
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address,fuzzer-no-link -fsanitize-coverage=edge,indirect-calls")
|
2015-11-09 21:57:26 +00:00
|
|
|
endif()
|
|
|
|
|
|
2014-07-31 00:02:14 +01:00
|
|
|
add_definitions(-DBORINGSSL_IMPLEMENTATION)
|
|
|
|
|
|
2018-08-10 16:30:55 +01:00
|
|
|
if(BUILD_SHARED_LIBS)
|
2015-01-29 00:37:10 +00:00
|
|
|
add_definitions(-DBORINGSSL_SHARED_LIBRARY)
|
|
|
|
|
# Enable position-independent code globally. This is needed because
|
|
|
|
|
# some library targets are OBJECT libraries.
|
|
|
|
|
set(CMAKE_POSITION_INDEPENDENT_CODE TRUE)
|
2015-01-28 05:50:21 +00:00
|
|
|
endif()
|
|
|
|
|
|
2018-08-10 16:30:55 +01:00
|
|
|
if(MSAN)
|
2017-10-05 20:04:08 +01:00
|
|
|
if(NOT CLANG)
|
2017-04-07 04:26:04 +01:00
|
|
|
message(FATAL_ERROR "Cannot enable MSAN unless using Clang")
|
|
|
|
|
endif()
|
|
|
|
|
|
2018-08-10 16:30:55 +01:00
|
|
|
if(ASAN)
|
2017-04-07 04:26:04 +01:00
|
|
|
message(FATAL_ERROR "ASAN and MSAN are mutually exclusive")
|
|
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer")
|
|
|
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer")
|
2018-09-07 19:20:23 +01:00
|
|
|
set(CMAKE_ASM_FLAGS "${CMAKE_ASM_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer")
|
2017-04-07 04:26:04 +01:00
|
|
|
endif()
|
|
|
|
|
|
2018-08-10 16:30:55 +01:00
|
|
|
if(ASAN)
|
2017-10-05 20:04:08 +01:00
|
|
|
if(NOT CLANG)
|
2017-04-07 04:26:04 +01:00
|
|
|
message(FATAL_ERROR "Cannot enable ASAN unless using Clang")
|
|
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address -fsanitize-address-use-after-scope -fno-omit-frame-pointer")
|
|
|
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address -fsanitize-address-use-after-scope -fno-omit-frame-pointer")
|
|
|
|
|
endif()
|
|
|
|
|
|
2017-11-21 13:16:42 +00:00
|
|
|
if(CFI)
|
|
|
|
|
if(NOT CLANG)
|
|
|
|
|
message(FATAL_ERROR "Cannot enable CFI unless using Clang")
|
|
|
|
|
endif()
|
|
|
|
|
|
2018-09-22 22:19:15 +01:00
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=cfi -fno-sanitize-trap=cfi -flto=thin")
|
|
|
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=cfi -fno-sanitize-trap=cfi -flto=thin")
|
2017-11-21 13:16:42 +00:00
|
|
|
# We use Chromium's copy of clang, which requires -fuse-ld=lld if building
|
|
|
|
|
# with -flto. That, in turn, can't handle -ggdb.
|
|
|
|
|
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fuse-ld=lld")
|
|
|
|
|
string(REPLACE "-ggdb" "-g" CMAKE_C_FLAGS "${CMAKE_C_FLAGS}")
|
|
|
|
|
string(REPLACE "-ggdb" "-g" CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS}")
|
|
|
|
|
# -flto causes object files to contain LLVM bitcode. Mixing those with
|
|
|
|
|
# assembly output in the same static library breaks the linker.
|
|
|
|
|
set(OPENSSL_NO_ASM "1")
|
|
|
|
|
endif()
|
|
|
|
|
|
2018-07-19 22:50:45 +01:00
|
|
|
if(TSAN)
|
|
|
|
|
if(NOT CLANG)
|
|
|
|
|
message(FATAL_ERROR "Cannot enable TSAN unless using Clang")
|
|
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=thread")
|
|
|
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=thread")
|
|
|
|
|
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=thread")
|
|
|
|
|
endif()
|
|
|
|
|
|
2019-01-21 07:25:12 +00:00
|
|
|
if(UBSAN)
|
|
|
|
|
if(NOT CLANG)
|
|
|
|
|
message(FATAL_ERROR "Cannot enable UBSAN unless using Clang")
|
|
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=undefined")
|
|
|
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=undefined")
|
|
|
|
|
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=undefined")
|
|
|
|
|
|
|
|
|
|
if(NOT UBSAN_RECOVER)
|
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fno-sanitize-recover=undefined")
|
|
|
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fno-sanitize-recover=undefined")
|
|
|
|
|
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fno-sanitize-recover=undefined")
|
|
|
|
|
endif()
|
|
|
|
|
endif()
|
|
|
|
|
|
2018-08-10 16:30:55 +01:00
|
|
|
if(GCOV)
|
2017-04-07 04:26:04 +01:00
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fprofile-arcs -ftest-coverage")
|
|
|
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fprofile-arcs -ftest-coverage")
|
|
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
if(FIPS)
|
|
|
|
|
add_definitions(-DBORINGSSL_FIPS)
|
2017-05-17 21:05:50 +01:00
|
|
|
if(FIPS_BREAK_TEST)
|
|
|
|
|
add_definitions("-DBORINGSSL_FIPS_BREAK_${FIPS_BREAK_TEST}=1")
|
|
|
|
|
endif()
|
|
|
|
|
# Delocate does not work for ASan and MSan builds.
|
|
|
|
|
if(NOT ASAN AND NOT MSAN)
|
|
|
|
|
set(FIPS_DELOCATE "1")
|
|
|
|
|
endif()
|
2017-04-07 04:26:04 +01:00
|
|
|
endif()
|
|
|
|
|
|
2018-03-23 17:49:27 +00:00
|
|
|
if(OPENSSL_SMALL)
|
|
|
|
|
add_definitions(-DOPENSSL_SMALL)
|
|
|
|
|
endif()
|
|
|
|
|
|
Add start of infrastructure for checking constant-time properties.
Valgrind's checking of uninitialised memory behaves very much like a
check for constant-time code: branches and memory indexes based on
uninitialised memory trigger warnings. Therefore, if we can tell
Valgrind that some secret is “uninitialised”, it'll give us a warning if
we do something non-constant-time with it.
This was the idea behind https://github.com/agl/ctgrind. But tricks like
that are no longer needed because Valgrind now comes with support for
marking regions of memory as defined or not. Therefore we can use that
API to check constant-time code.
This CL defines |CONSTTIME_SECRET| and |CONSTTIME_DECLASSIFY|, which are
no-ops unless the code is built with
|BORINGSSL_CONSTANT_TIME_VALIDATION| defined, which it isn't by default.
So this CL is a no-op itself so far. But it does show that a couple of
bits of constant-time time are, in fact, constant-time—seemingly even
when compiled with optimisations, which is nice.
The annotations in the RSA code are a) probably not marking all the
secrets as secret, and b) triggers warnings that are a little
interesting:
The anti-glitch check calls |BN_mod_exp_mont| which checks that the
input is less than the modulus. Of course, it is because the input is
the RSA plaintext that we just decrypted, but the plaintext is supposed
to be secret and so branching based on its contents isn't allows by
Valgrind. The answer isn't totally clear, but I've run out of time on
this for now.
Change-Id: I1608ed0b22d201e97595fafe46127159e02d5b1b
Reviewed-on: https://boringssl-review.googlesource.com/c/33504
Reviewed-by: Adam Langley <agl@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
2018-12-07 01:15:58 +00:00
|
|
|
if(CONSTANT_TIME_VALIDATION)
|
|
|
|
|
add_definitions(-DBORINGSSL_CONSTANT_TIME_VALIDATION)
|
|
|
|
|
# Asserts will often test secret data.
|
|
|
|
|
add_definitions(-DNDEBUG)
|
|
|
|
|
endif()
|
|
|
|
|
|
2018-09-13 22:37:28 +01:00
|
|
|
function(go_executable dest package)
|
|
|
|
|
set(godeps "${CMAKE_SOURCE_DIR}/util/godeps.go")
|
|
|
|
|
if(${CMAKE_VERSION} VERSION_LESS "3.7" OR
|
|
|
|
|
NOT ${CMAKE_GENERATOR} STREQUAL "Ninja")
|
|
|
|
|
# The DEPFILE parameter to add_custom_command is new as of CMake 3.7 and
|
|
|
|
|
# only works with Ninja. Query the sources at configure time. Additionally,
|
|
|
|
|
# everything depends on go.mod. That affects what external packages to use.
|
|
|
|
|
execute_process(COMMAND ${GO_EXECUTABLE} run ${godeps} -format cmake
|
|
|
|
|
-pkg ${package}
|
|
|
|
|
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
|
|
|
|
|
OUTPUT_VARIABLE sources
|
|
|
|
|
RESULT_VARIABLE godeps_result)
|
|
|
|
|
add_custom_command(OUTPUT ${dest}
|
|
|
|
|
COMMAND ${GO_EXECUTABLE} build
|
|
|
|
|
-o ${CMAKE_CURRENT_BINARY_DIR}/${dest} ${package}
|
|
|
|
|
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
|
|
|
|
|
DEPENDS ${sources} ${CMAKE_SOURCE_DIR}/go.mod)
|
|
|
|
|
else()
|
|
|
|
|
# Ninja expects the target in the depfile to match the output. This is a
|
|
|
|
|
# relative path from the build directory.
|
|
|
|
|
string(LENGTH "${CMAKE_BINARY_DIR}" root_dir_length)
|
|
|
|
|
math(EXPR root_dir_length "${root_dir_length} + 1")
|
|
|
|
|
string(SUBSTRING "${CMAKE_CURRENT_BINARY_DIR}" ${root_dir_length} -1 target)
|
|
|
|
|
set(target "${target}/${dest}")
|
|
|
|
|
|
|
|
|
|
set(depfile "${CMAKE_CURRENT_BINARY_DIR}/${dest}.d")
|
|
|
|
|
add_custom_command(OUTPUT ${dest}
|
|
|
|
|
COMMAND ${GO_EXECUTABLE} build
|
|
|
|
|
-o ${CMAKE_CURRENT_BINARY_DIR}/${dest} ${package}
|
|
|
|
|
COMMAND ${GO_EXECUTABLE} run ${godeps} -format depfile
|
|
|
|
|
-target ${target} -pkg ${package} -out ${depfile}
|
|
|
|
|
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
|
|
|
|
|
DEPENDS ${godeps} ${CMAKE_SOURCE_DIR}/go.mod
|
|
|
|
|
DEPFILE ${depfile})
|
|
|
|
|
endif()
|
|
|
|
|
endfunction()
|
|
|
|
|
|
2017-04-07 04:26:04 +01:00
|
|
|
# CMake's iOS support uses Apple's multiple-architecture toolchain. It takes an
|
|
|
|
|
# architecture list from CMAKE_OSX_ARCHITECTURES, leaves CMAKE_SYSTEM_PROCESSOR
|
|
|
|
|
# alone, and expects all architecture-specific logic to be conditioned within
|
|
|
|
|
# the source files rather than the build. This does not work for our assembly
|
|
|
|
|
# files, so we fix CMAKE_SYSTEM_PROCESSOR and only support single-architecture
|
|
|
|
|
# builds.
|
2018-08-10 16:30:55 +01:00
|
|
|
if(NOT OPENSSL_NO_ASM AND CMAKE_OSX_ARCHITECTURES)
|
2017-04-07 04:26:04 +01:00
|
|
|
list(LENGTH CMAKE_OSX_ARCHITECTURES NUM_ARCHES)
|
2018-08-10 16:30:55 +01:00
|
|
|
if(NOT ${NUM_ARCHES} EQUAL 1)
|
2017-04-07 04:26:04 +01:00
|
|
|
message(FATAL_ERROR "Universal binaries not supported.")
|
|
|
|
|
endif()
|
|
|
|
|
list(GET CMAKE_OSX_ARCHITECTURES 0 CMAKE_SYSTEM_PROCESSOR)
|
|
|
|
|
endif()
|
|
|
|
|
|
2018-08-10 16:30:55 +01:00
|
|
|
if(OPENSSL_NO_ASM)
|
2017-04-07 04:26:04 +01:00
|
|
|
add_definitions(-DOPENSSL_NO_ASM)
|
|
|
|
|
set(ARCH "generic")
|
2018-08-10 16:30:55 +01:00
|
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "x86_64")
|
2015-01-29 00:37:10 +00:00
|
|
|
set(ARCH "x86_64")
|
2018-08-10 16:30:55 +01:00
|
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "amd64")
|
2015-01-29 00:37:10 +00:00
|
|
|
set(ARCH "x86_64")
|
2018-08-10 16:30:55 +01:00
|
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "AMD64")
|
2015-01-29 00:37:10 +00:00
|
|
|
# cmake reports AMD64 on Windows, but we might be building for 32-bit.
|
2018-08-10 16:30:55 +01:00
|
|
|
if(CMAKE_CL_64)
|
2015-01-29 00:37:10 +00:00
|
|
|
set(ARCH "x86_64")
|
|
|
|
|
else()
|
|
|
|
|
set(ARCH "x86")
|
|
|
|
|
endif()
|
2018-08-10 16:30:55 +01:00
|
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "x86")
|
2015-01-29 00:37:10 +00:00
|
|
|
set(ARCH "x86")
|
2018-08-10 16:30:55 +01:00
|
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "i386")
|
2015-01-29 00:37:10 +00:00
|
|
|
set(ARCH "x86")
|
2018-08-10 16:30:55 +01:00
|
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "i686")
|
2015-01-29 00:37:10 +00:00
|
|
|
set(ARCH "x86")
|
2018-08-10 16:30:55 +01:00
|
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "aarch64")
|
2015-01-29 00:37:10 +00:00
|
|
|
set(ARCH "aarch64")
|
2018-08-10 16:30:55 +01:00
|
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "arm64")
|
2017-04-07 04:26:04 +01:00
|
|
|
set(ARCH "aarch64")
|
2018-11-15 01:20:42 +00:00
|
|
|
# Apple A12 Bionic chipset which is added in iPhone XS/XS Max/XR uses arm64e architecture.
|
|
|
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "arm64e")
|
|
|
|
|
set(ARCH "aarch64")
|
2018-08-10 16:30:55 +01:00
|
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} MATCHES "^arm*")
|
2017-04-07 04:26:04 +01:00
|
|
|
set(ARCH "arm")
|
2018-08-10 16:30:55 +01:00
|
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "mips")
|
2016-10-28 14:05:32 +01:00
|
|
|
# Just to avoid the “unknown processor” error.
|
2017-01-24 22:18:09 +00:00
|
|
|
set(ARCH "generic")
|
2018-08-10 16:30:55 +01:00
|
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "ppc64le")
|
2016-11-12 01:18:53 +00:00
|
|
|
set(ARCH "ppc64le")
|
2014-06-20 20:00:00 +01:00
|
|
|
else()
|
2015-01-29 00:37:10 +00:00
|
|
|
message(FATAL_ERROR "Unknown processor:" ${CMAKE_SYSTEM_PROCESSOR})
|
2014-06-20 20:00:00 +01:00
|
|
|
endif()
|
|
|
|
|
|
2018-08-10 16:30:55 +01:00
|
|
|
if(ANDROID AND NOT ANDROID_NDK_REVISION AND ${ARCH} STREQUAL "arm")
|
2017-12-13 23:08:47 +00:00
|
|
|
# The third-party Android-NDK CMake files somehow fail to set the -march flag
|
|
|
|
|
# for assembly files. Without this flag, the compiler believes that it's
|
2015-04-29 01:46:58 +01:00
|
|
|
# building for ARMv5.
|
2017-12-13 23:08:47 +00:00
|
|
|
set(CMAKE_ASM_FLAGS "-march=${CMAKE_SYSTEM_PROCESSOR} ${CMAKE_ASM_FLAGS}")
|
2015-04-29 01:46:58 +01:00
|
|
|
endif()
|
|
|
|
|
|
2018-08-10 16:30:55 +01:00
|
|
|
if(${ARCH} STREQUAL "x86" AND APPLE AND ${CMAKE_VERSION} VERSION_LESS "3.0")
|
2015-01-29 00:37:10 +00:00
|
|
|
# With CMake 2.8.x, ${CMAKE_SYSTEM_PROCESSOR} evalutes to i386 on OS X,
|
|
|
|
|
# but clang defaults to 64-bit builds on OS X unless otherwise told.
|
|
|
|
|
# Set ARCH to x86_64 so clang and CMake agree. This is fixed in CMake 3.
|
|
|
|
|
set(ARCH "x86_64")
|
2014-11-18 20:14:46 +00:00
|
|
|
endif()
|
|
|
|
|
|
2018-08-10 16:30:55 +01:00
|
|
|
if(USE_CUSTOM_LIBCXX)
|
|
|
|
|
if(NOT CLANG)
|
2018-08-09 21:33:07 +01:00
|
|
|
message(FATAL_ERROR "USE_CUSTOM_LIBCXX only supported with Clang")
|
|
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
# CMAKE_CXX_FLAGS ends up in the linker flags as well, so use
|
|
|
|
|
# add_compile_options. There does not appear to be a way to set
|
|
|
|
|
# language-specific compile-only flags.
|
|
|
|
|
add_compile_options("-nostdinc++")
|
|
|
|
|
set(CMAKE_CXX_LINK_FLAGS "${CMAKE_CXX_LINK_FLAGS} -nostdlib++")
|
|
|
|
|
include_directories(
|
|
|
|
|
SYSTEM
|
|
|
|
|
util/bot/libcxx/include
|
|
|
|
|
util/bot/libcxxabi/include
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
# This is patterned after buildtools/third_party/libc++/BUILD.gn and
|
|
|
|
|
# buildtools/third_party/libc++abi/BUILD.gn in Chromium.
|
|
|
|
|
|
|
|
|
|
file(GLOB LIBCXX_SOURCES "util/bot/libcxx/src/*.cpp")
|
|
|
|
|
file(GLOB LIBCXXABI_SOURCES "util/bot/libcxxabi/src/*.cpp")
|
|
|
|
|
|
|
|
|
|
# This file is meant for exception-less builds.
|
|
|
|
|
list(REMOVE_ITEM LIBCXXABI_SOURCES "trunk/src/cxa_noexception.cpp")
|
|
|
|
|
# libc++ also defines new and delete.
|
|
|
|
|
list(REMOVE_ITEM LIBCXXABI_SOURCES "trunk/src/stdlib_new_delete.cpp")
|
2018-08-10 16:30:55 +01:00
|
|
|
if(TSAN)
|
2018-08-09 21:33:07 +01:00
|
|
|
# ThreadSanitizer tries to intercept these symbols. Skip them to avoid
|
|
|
|
|
# symbol conflicts.
|
|
|
|
|
list(REMOVE_ITEM LIBCXXABI_SOURCES "trunk/src/cxa_guard.cpp")
|
|
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
add_library(libcxxabi ${LIBCXXABI_SOURCES})
|
|
|
|
|
target_compile_definitions(
|
|
|
|
|
libcxxabi PRIVATE
|
|
|
|
|
-D_LIBCPP_ENABLE_CXX17_REMOVED_UNEXPECTED_FUNCTIONS
|
|
|
|
|
)
|
|
|
|
|
set_target_properties(libcxxabi PROPERTIES COMPILE_FLAGS "-Wno-missing-prototypes -Wno-implicit-fallthrough")
|
|
|
|
|
|
|
|
|
|
add_library(libcxx ${LIBCXX_SOURCES})
|
2018-08-10 16:30:55 +01:00
|
|
|
if(ASAN OR MSAN OR TSAN)
|
2018-08-09 21:33:07 +01:00
|
|
|
# Sanitizers try to intercept new and delete.
|
|
|
|
|
target_compile_definitions(
|
|
|
|
|
libcxx PRIVATE
|
|
|
|
|
-D_LIBCPP_DISABLE_NEW_DELETE_DEFINITIONS
|
|
|
|
|
)
|
|
|
|
|
endif()
|
|
|
|
|
target_compile_definitions(
|
|
|
|
|
libcxx PRIVATE
|
|
|
|
|
-D_LIBCPP_BUILDING_LIBRARY
|
|
|
|
|
-DLIBCXX_BUILDING_LIBCXXABI
|
|
|
|
|
)
|
|
|
|
|
target_link_libraries(libcxx libcxxabi)
|
|
|
|
|
endif()
|
|
|
|
|
|
Do a cursory conversion of a few tests to GTest.
For now, this is the laziest conversion possible. The intent is to just
get the build setup ready so that we can get everything working in our
consumers. The intended end state is:
- The standalone build produces three test targets, one per library:
{crypto,ssl,decrepit}_tests.
- Each FOO_test is made up of:
FOO/**/*_test.cc
crypto/test/gtest_main.cc
test_support
- generate_build_files.py emits variables crypto_test_sources and
ssl_test_sources. These variables are populated with FindCFiles,
looking for *_test.cc.
- The consuming file assembles those variables into the two test targets
(plus decrepit) from there. This avoids having generate_build_files.py
emit actual build rules.
- Our standalone builders, Chromium, and Android just run the top-level
test targets using whatever GTest-based reporting story they have.
In transition, we start by converting one of two tests in each library
to populate the three test targets. Those are added to all_tests.json
and all_tests.go hacked to handle them transparently. This keeps our
standalone builder working.
generate_build_files.py, to start with, populates the new source lists
manually and subtracts them out of the old machinery. We emit both for
the time being. When this change rolls in, we'll write all the build
glue needed to build the GTest-based tests and add it to consumers'
continuous builders.
Next, we'll subsume a file-based test and get the consumers working with
that. (I.e. make sure the GTest targets can depend on a data file.)
Once that's all done, we'll be sure all this will work. At that point,
we start subsuming the remaining tests into the GTest targets and,
asynchronously, rewriting tests to use GTest properly rather than
cursory conversion here.
When all non-GTest tests are gone, the old generate_build_files.py hooks
will be removed, consumers updated to not depend on them, and standalone
builders converted to not rely on all_tests.go, which can then be
removed. (Unless bits end up being needed as a malloc test driver. I'm
thinking we'll want to do something with --gtest_filter.)
As part of this CL, I've bumped the CMake requirements (for
target_include_directories) and added a few suppressions for warnings
that GTest doesn't pass.
BUG=129
Change-Id: I881b26b07a8739cc0b52dbb51a30956908e1b71a
Reviewed-on: https://boringssl-review.googlesource.com/13232
Reviewed-by: Adam Langley <agl@google.com>
2017-01-20 00:05:47 +00:00
|
|
|
# Add minimal googletest targets. The provided one has many side-effects, and
|
|
|
|
|
# googletest has a very straightforward build.
|
2018-01-04 07:07:58 +00:00
|
|
|
add_library(boringssl_gtest third_party/googletest/src/gtest-all.cc)
|
|
|
|
|
target_include_directories(boringssl_gtest PRIVATE third_party/googletest)
|
Do a cursory conversion of a few tests to GTest.
For now, this is the laziest conversion possible. The intent is to just
get the build setup ready so that we can get everything working in our
consumers. The intended end state is:
- The standalone build produces three test targets, one per library:
{crypto,ssl,decrepit}_tests.
- Each FOO_test is made up of:
FOO/**/*_test.cc
crypto/test/gtest_main.cc
test_support
- generate_build_files.py emits variables crypto_test_sources and
ssl_test_sources. These variables are populated with FindCFiles,
looking for *_test.cc.
- The consuming file assembles those variables into the two test targets
(plus decrepit) from there. This avoids having generate_build_files.py
emit actual build rules.
- Our standalone builders, Chromium, and Android just run the top-level
test targets using whatever GTest-based reporting story they have.
In transition, we start by converting one of two tests in each library
to populate the three test targets. Those are added to all_tests.json
and all_tests.go hacked to handle them transparently. This keeps our
standalone builder working.
generate_build_files.py, to start with, populates the new source lists
manually and subtracts them out of the old machinery. We emit both for
the time being. When this change rolls in, we'll write all the build
glue needed to build the GTest-based tests and add it to consumers'
continuous builders.
Next, we'll subsume a file-based test and get the consumers working with
that. (I.e. make sure the GTest targets can depend on a data file.)
Once that's all done, we'll be sure all this will work. At that point,
we start subsuming the remaining tests into the GTest targets and,
asynchronously, rewriting tests to use GTest properly rather than
cursory conversion here.
When all non-GTest tests are gone, the old generate_build_files.py hooks
will be removed, consumers updated to not depend on them, and standalone
builders converted to not rely on all_tests.go, which can then be
removed. (Unless bits end up being needed as a malloc test driver. I'm
thinking we'll want to do something with --gtest_filter.)
As part of this CL, I've bumped the CMake requirements (for
target_include_directories) and added a few suppressions for warnings
that GTest doesn't pass.
BUG=129
Change-Id: I881b26b07a8739cc0b52dbb51a30956908e1b71a
Reviewed-on: https://boringssl-review.googlesource.com/13232
Reviewed-by: Adam Langley <agl@google.com>
2017-01-20 00:05:47 +00:00
|
|
|
|
|
|
|
|
include_directories(third_party/googletest/include)
|
|
|
|
|
|
Add a run_tests target to run all tests.
It's very annoying having to remember the right incant every time I want
to switch around between my build, build-release, build-asan, etc.,
output directories.
Unfortunately, this target is pretty unfriendly without CMake 3.2+ (and
Ninja 1.5+). This combination gives a USES_TERMINAL flag to
add_custom_target which uses Ninja's "console" pool, otherwise the
output buffering gets in the way. Ubuntu LTS is still on an older CMake,
so do a version check in the meantime.
CMake also has its own test mechanism (CTest), but this doesn't use it.
It seems to prefer knowing what all the tests are and then tries to do
its own output management and parallelizing and such. We already have
our own runners. all_tests.go could actually be converted tidily, but
generate_build_files.py also needs to read it, and runner.go has very
specific needs.
Naming the target ninja -C build test would be nice, but CTest squats
that name and CMake grumps when you use a reserved name, so I've gone
with run_tests.
Change-Id: Ibd20ebd50febe1b4e91bb19921f3bbbd9fbcf66c
Reviewed-on: https://boringssl-review.googlesource.com/6270
Reviewed-by: Adam Langley <alangley@gmail.com>
2015-10-15 02:34:40 +01:00
|
|
|
# Declare a dummy target to build all unit tests. Test targets should inject
|
|
|
|
|
# themselves as dependencies next to the target definition.
|
|
|
|
|
add_custom_target(all_tests)
|
|
|
|
|
|
2017-05-19 20:26:18 +01:00
|
|
|
add_custom_command(
|
|
|
|
|
OUTPUT crypto_test_data.cc
|
|
|
|
|
COMMAND ${GO_EXECUTABLE} run util/embed_test_data.go ${CRYPTO_TEST_DATA} >
|
|
|
|
|
${CMAKE_CURRENT_BINARY_DIR}/crypto_test_data.cc
|
|
|
|
|
DEPENDS util/embed_test_data.go ${CRYPTO_TEST_DATA}
|
|
|
|
|
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
|
|
|
|
|
|
|
|
|
|
add_library(crypto_test_data OBJECT crypto_test_data.cc)
|
|
|
|
|
|
2014-06-20 20:00:00 +01:00
|
|
|
add_subdirectory(crypto)
|
|
|
|
|
add_subdirectory(ssl)
|
|
|
|
|
add_subdirectory(ssl/test)
|
2017-05-12 23:34:45 +01:00
|
|
|
add_subdirectory(fipstools)
|
2014-06-20 20:00:00 +01:00
|
|
|
add_subdirectory(tool)
|
2015-02-03 18:45:12 +00:00
|
|
|
add_subdirectory(decrepit)
|
Add a run_tests target to run all tests.
It's very annoying having to remember the right incant every time I want
to switch around between my build, build-release, build-asan, etc.,
output directories.
Unfortunately, this target is pretty unfriendly without CMake 3.2+ (and
Ninja 1.5+). This combination gives a USES_TERMINAL flag to
add_custom_target which uses Ninja's "console" pool, otherwise the
output buffering gets in the way. Ubuntu LTS is still on an older CMake,
so do a version check in the meantime.
CMake also has its own test mechanism (CTest), but this doesn't use it.
It seems to prefer knowing what all the tests are and then tries to do
its own output management and parallelizing and such. We already have
our own runners. all_tests.go could actually be converted tidily, but
generate_build_files.py also needs to read it, and runner.go has very
specific needs.
Naming the target ninja -C build test would be nice, but CTest squats
that name and CMake grumps when you use a reserved name, so I've gone
with run_tests.
Change-Id: Ibd20ebd50febe1b4e91bb19921f3bbbd9fbcf66c
Reviewed-on: https://boringssl-review.googlesource.com/6270
Reviewed-by: Adam Langley <alangley@gmail.com>
2015-10-15 02:34:40 +01:00
|
|
|
|
2015-11-09 21:57:26 +00:00
|
|
|
if(FUZZ)
|
Update tools.
Unfortunately, this requires partially reverting
https://boringssl-review.googlesource.com/31324. This is a mess.
While clang proper includes a fuzzer driver, Chromium doesn't use it.
Chromium builds exclusively with fuzzer-no-link and links to its own
copy of the fuzzer runtime[1]. As of [2], Chromium's clang (which we use
on bots) no longer includes the driver, so we must mimic them.
However, Chromium's setup is somewhat questionable because
fuzzer-no-link pulls in libclang_rt.fuzzer_no_main which still includes
most of libclang_rt.fuzzer, just not the one main function[3]. It
appears Chromium is actually linking two copies of
libclang_rt.fuzzer_no_main. Hopefully this mostly works out as Chromium's
clang and libFuzzer should be relatively aligned, but it's not a good
assumption for our build, which can take other Clangs too.
Thus, if you pass -DFUZZ=1 as-is, we will assume you are using a
"normal" Clang with all its relevant runtimes intact. If, however, you
are using Chromium clang, you must drop the matching libFuzzer where the
bots expected it and build with -DLIBFUZZER_FROM_DEPS=1.
This involves no changes to the bots because we never actually unwound
all the LIBFUZZER_FROM_DEPS bits before.
[1] https://cs.chromium.org/chromium/src/testing/libfuzzer/BUILD.gn?rcl=d21c49585f262e851e2984f96f52905782706325&l=14
[2] https://chromium.googlesource.com/chromium/src/+/c79bf2ea4cf65431dccb57cb2a44528c284645a1
[3] https://github.com/llvm-mirror/compiler-rt/blob/8ebc3668b07fc5cca6010265cd4795443f1c1bea/lib/fuzzer/CMakeLists.txt#L93-L107
https://github.com/llvm-mirror/compiler-rt/blob/8ebc3668b07fc5cca6010265cd4795443f1c1bea/lib/fuzzer/FuzzerMain.cpp
Change-Id: I946b3c821c3d7e6def7e07f1381f58241611ba3d
Reviewed-on: https://boringssl-review.googlesource.com/c/34184
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2019-01-07 21:13:04 +00:00
|
|
|
if(LIBFUZZER_FROM_DEPS)
|
|
|
|
|
file(GLOB LIBFUZZER_SOURCES "util/bot/libFuzzer/*.cpp")
|
|
|
|
|
add_library(Fuzzer STATIC ${LIBFUZZER_SOURCES})
|
|
|
|
|
# libFuzzer does not pass our aggressive warnings. It also must be built
|
|
|
|
|
# without -fsanitize-coverage options or clang crashes.
|
|
|
|
|
set_target_properties(Fuzzer PROPERTIES COMPILE_FLAGS "-Wno-shadow -Wno-format-nonliteral -Wno-missing-prototypes -fsanitize-coverage=0")
|
|
|
|
|
endif()
|
|
|
|
|
|
2015-11-09 21:57:26 +00:00
|
|
|
add_subdirectory(fuzz)
|
|
|
|
|
endif()
|
|
|
|
|
|
2018-08-10 16:30:55 +01:00
|
|
|
if(NOT ${CMAKE_VERSION} VERSION_LESS "3.2")
|
Add a run_tests target to run all tests.
It's very annoying having to remember the right incant every time I want
to switch around between my build, build-release, build-asan, etc.,
output directories.
Unfortunately, this target is pretty unfriendly without CMake 3.2+ (and
Ninja 1.5+). This combination gives a USES_TERMINAL flag to
add_custom_target which uses Ninja's "console" pool, otherwise the
output buffering gets in the way. Ubuntu LTS is still on an older CMake,
so do a version check in the meantime.
CMake also has its own test mechanism (CTest), but this doesn't use it.
It seems to prefer knowing what all the tests are and then tries to do
its own output management and parallelizing and such. We already have
our own runners. all_tests.go could actually be converted tidily, but
generate_build_files.py also needs to read it, and runner.go has very
specific needs.
Naming the target ninja -C build test would be nice, but CTest squats
that name and CMake grumps when you use a reserved name, so I've gone
with run_tests.
Change-Id: Ibd20ebd50febe1b4e91bb19921f3bbbd9fbcf66c
Reviewed-on: https://boringssl-review.googlesource.com/6270
Reviewed-by: Adam Langley <alangley@gmail.com>
2015-10-15 02:34:40 +01:00
|
|
|
# USES_TERMINAL is only available in CMake 3.2 or later.
|
|
|
|
|
set(MAYBE_USES_TERMINAL USES_TERMINAL)
|
|
|
|
|
endif()
|
|
|
|
|
|
2018-08-10 15:05:20 +01:00
|
|
|
if(UNIX AND NOT APPLE AND NOT ANDROID)
|
|
|
|
|
set(HANDSHAKER_ARGS "-handshaker-path" $<TARGET_FILE:handshaker>)
|
|
|
|
|
endif()
|
|
|
|
|
|
Add a run_tests target to run all tests.
It's very annoying having to remember the right incant every time I want
to switch around between my build, build-release, build-asan, etc.,
output directories.
Unfortunately, this target is pretty unfriendly without CMake 3.2+ (and
Ninja 1.5+). This combination gives a USES_TERMINAL flag to
add_custom_target which uses Ninja's "console" pool, otherwise the
output buffering gets in the way. Ubuntu LTS is still on an older CMake,
so do a version check in the meantime.
CMake also has its own test mechanism (CTest), but this doesn't use it.
It seems to prefer knowing what all the tests are and then tries to do
its own output management and parallelizing and such. We already have
our own runners. all_tests.go could actually be converted tidily, but
generate_build_files.py also needs to read it, and runner.go has very
specific needs.
Naming the target ninja -C build test would be nice, but CTest squats
that name and CMake grumps when you use a reserved name, so I've gone
with run_tests.
Change-Id: Ibd20ebd50febe1b4e91bb19921f3bbbd9fbcf66c
Reviewed-on: https://boringssl-review.googlesource.com/6270
Reviewed-by: Adam Langley <alangley@gmail.com>
2015-10-15 02:34:40 +01:00
|
|
|
add_custom_target(
|
|
|
|
|
run_tests
|
|
|
|
|
COMMAND ${GO_EXECUTABLE} run util/all_tests.go -build-dir
|
|
|
|
|
${CMAKE_BINARY_DIR}
|
2016-09-24 00:43:17 +01:00
|
|
|
COMMAND cd ssl/test/runner &&
|
|
|
|
|
${GO_EXECUTABLE} test -shim-path $<TARGET_FILE:bssl_shim>
|
2018-08-10 15:05:20 +01:00
|
|
|
${HANDSHAKER_ARGS} ${RUNNER_ARGS}
|
Add a run_tests target to run all tests.
It's very annoying having to remember the right incant every time I want
to switch around between my build, build-release, build-asan, etc.,
output directories.
Unfortunately, this target is pretty unfriendly without CMake 3.2+ (and
Ninja 1.5+). This combination gives a USES_TERMINAL flag to
add_custom_target which uses Ninja's "console" pool, otherwise the
output buffering gets in the way. Ubuntu LTS is still on an older CMake,
so do a version check in the meantime.
CMake also has its own test mechanism (CTest), but this doesn't use it.
It seems to prefer knowing what all the tests are and then tries to do
its own output management and parallelizing and such. We already have
our own runners. all_tests.go could actually be converted tidily, but
generate_build_files.py also needs to read it, and runner.go has very
specific needs.
Naming the target ninja -C build test would be nice, but CTest squats
that name and CMake grumps when you use a reserved name, so I've gone
with run_tests.
Change-Id: Ibd20ebd50febe1b4e91bb19921f3bbbd9fbcf66c
Reviewed-on: https://boringssl-review.googlesource.com/6270
Reviewed-by: Adam Langley <alangley@gmail.com>
2015-10-15 02:34:40 +01:00
|
|
|
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
|
2018-08-01 21:54:48 +01:00
|
|
|
DEPENDS all_tests bssl_shim handshaker
|
Add a run_tests target to run all tests.
It's very annoying having to remember the right incant every time I want
to switch around between my build, build-release, build-asan, etc.,
output directories.
Unfortunately, this target is pretty unfriendly without CMake 3.2+ (and
Ninja 1.5+). This combination gives a USES_TERMINAL flag to
add_custom_target which uses Ninja's "console" pool, otherwise the
output buffering gets in the way. Ubuntu LTS is still on an older CMake,
so do a version check in the meantime.
CMake also has its own test mechanism (CTest), but this doesn't use it.
It seems to prefer knowing what all the tests are and then tries to do
its own output management and parallelizing and such. We already have
our own runners. all_tests.go could actually be converted tidily, but
generate_build_files.py also needs to read it, and runner.go has very
specific needs.
Naming the target ninja -C build test would be nice, but CTest squats
that name and CMake grumps when you use a reserved name, so I've gone
with run_tests.
Change-Id: Ibd20ebd50febe1b4e91bb19921f3bbbd9fbcf66c
Reviewed-on: https://boringssl-review.googlesource.com/6270
Reviewed-by: Adam Langley <alangley@gmail.com>
2015-10-15 02:34:40 +01:00
|
|
|
${MAYBE_USES_TERMINAL})
|
