17d553d299
This uses the x86 trap flag and libunwind to test CFI works at each instruction. For now, it just uses the system one out of pkg-config and disables unwind tests if unavailable. We'll probably want to stick a copy into //third_party and perhaps try the LLVM one later. This tester caught two bugs in P-256 CFI annotations already: I47b5f9798b3bcee1748e537b21c173d312a14b42 and I9f576d868850312d6c14d1386f8fbfa85021b347 An earlier design used PTRACE_SINGLESTEP with libunwind's remote unwinding features. ptrace is a mess around stop signals (see group-stop discussion in ptrace(2)) and this is 10x faster, so I went with it. The question of which is more future-proof is complex: - There are two libunwinds with the same API, https://www.nongnu.org/libunwind/ and LLVM's. This currently uses the system nongnu.org for convenience. In future, LLVM's should be easier to bundle (less complex build) and appears to even support Windows, but I haven't tested this. Moreover, setting the trap flag keeps the test single-process, which is less complex on Windows. That suggests the trap flag design and switching to LLVM later. However... - Not all architectures have a trap flag settable by userspace. As far as I can tell, ARMv8's PSTATE.SS can only be set from the kernel. If we stick with nongnu.org libunwind, we can use PTRACE_SINGLESTEP and remote unwinding. Or we implement it for LLVM. Another thought is for the ptracer to bounce SIGTRAP back into the process, to share the local unwinding code. - ARMv7 has no trap flag at all and PTRACE_SINGLESTEP fails. Debuggers single-step by injecting breakpoints instead. However, ARMv8's trap flag seems to work in both AArch32 and AArch64 modes, so we may be able to condition it on a 64-bit kernel. Sadly, neither strategy works with Intel SDE. Adding flags to cpucap vectors as we do with ARM would help, but it would not emulate CPUs newer than the host CPU. For now, I've just had SDE tests disable these. Annoyingly, CMake does not allow object libraries to have dependencies, so make test_support a proper static library. Rename the target to test_support_lib to avoid https://gitlab.kitware.com/cmake/cmake/issues/17785 Update-Note: This adds a new optional test dependency, but it's disabled by default (define BORINGSSL_HAVE_LIBUNWIND), so consumers do not need to do anything. We'll probably want to adjust this in the future. Bug: 181 Change-Id: I817263d7907aff0904a9cee83f8b26747262cc0c Reviewed-on: https://boringssl-review.googlesource.com/c/33966 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
563 lines
22 KiB
CMake
563 lines
22 KiB
CMake
cmake_minimum_required(VERSION 2.8.11)
|
|
|
|
# Report AppleClang separately from Clang. Their version numbers are different.
|
|
# https://cmake.org/cmake/help/v3.0/policy/CMP0025.html
|
|
if(POLICY CMP0025)
|
|
cmake_policy(SET CMP0025 NEW)
|
|
endif()
|
|
|
|
# Defer enabling C and CXX languages.
|
|
project(BoringSSL NONE)
|
|
|
|
if(WIN32)
|
|
# On Windows, prefer cl over gcc if both are available. By default most of
|
|
# the CMake generators prefer gcc, even on Windows.
|
|
set(CMAKE_GENERATOR_CC cl)
|
|
endif()
|
|
|
|
include(sources.cmake)
|
|
|
|
enable_language(C)
|
|
enable_language(CXX)
|
|
|
|
# This is a dummy target which all other targets depend on (manually - see other
|
|
# CMakeLists.txt files). This gives us a hook to add any targets which need to
|
|
# run before all other targets.
|
|
add_custom_target(global_target)
|
|
|
|
if(ANDROID)
|
|
# Android-NDK CMake files reconfigure the path and so Go and Perl won't be
|
|
# found. However, ninja will still find them in $PATH if we just name them.
|
|
if(NOT PERL_EXECUTABLE)
|
|
set(PERL_EXECUTABLE "perl")
|
|
endif()
|
|
if(NOT GO_EXECUTABLE)
|
|
set(GO_EXECUTABLE "go")
|
|
endif()
|
|
else()
|
|
find_package(Perl REQUIRED)
|
|
find_program(GO_EXECUTABLE go)
|
|
endif()
|
|
|
|
if(CMAKE_SYSTEM_NAME STREQUAL "Linux")
|
|
find_package(PkgConfig REQUIRED)
|
|
pkg_check_modules(LIBUNWIND libunwind-generic)
|
|
if(LIBUNWIND_FOUND)
|
|
add_definitions(-DBORINGSSL_HAVE_LIBUNWIND)
|
|
else()
|
|
message("libunwind not found. Disabling unwind tests.")
|
|
endif()
|
|
endif()
|
|
|
|
if(NOT GO_EXECUTABLE)
|
|
message(FATAL_ERROR "Could not find Go")
|
|
endif()
|
|
|
|
if(USE_CUSTOM_LIBCXX)
|
|
set(BORINGSSL_ALLOW_CXX_RUNTIME 1)
|
|
endif()
|
|
|
|
if(BORINGSSL_ALLOW_CXX_RUNTIME)
|
|
add_definitions(-DBORINGSSL_ALLOW_CXX_RUNTIME)
|
|
endif()
|
|
|
|
if(BORINGSSL_PREFIX AND BORINGSSL_PREFIX_SYMBOLS)
|
|
add_definitions(-DBORINGSSL_PREFIX=${BORINGSSL_PREFIX})
|
|
# CMake automatically connects include_directories to the NASM command-line,
|
|
# but not add_definitions.
|
|
set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DBORINGSSL_PREFIX=${BORINGSSL_PREFIX}")
|
|
|
|
# Use "symbol_prefix_include" to store generated header files
|
|
include_directories(${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include)
|
|
add_custom_command(
|
|
OUTPUT symbol_prefix_include/boringssl_prefix_symbols.h
|
|
symbol_prefix_include/boringssl_prefix_symbols_asm.h
|
|
symbol_prefix_include/boringssl_prefix_symbols_nasm.inc
|
|
COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include
|
|
COMMAND ${GO_EXECUTABLE} run ${CMAKE_CURRENT_SOURCE_DIR}/util/make_prefix_headers.go -out ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include ${BORINGSSL_PREFIX_SYMBOLS}
|
|
DEPENDS util/make_prefix_headers.go
|
|
${CMAKE_BINARY_DIR}/${BORINGSSL_PREFIX_SYMBOLS})
|
|
|
|
# add_dependencies needs a target, not a file, so we add an intermediate
|
|
# target.
|
|
add_custom_target(
|
|
boringssl_prefix_symbols
|
|
DEPENDS symbol_prefix_include/boringssl_prefix_symbols.h
|
|
symbol_prefix_include/boringssl_prefix_symbols_asm.h
|
|
symbol_prefix_include/boringssl_prefix_symbols_nasm.inc)
|
|
add_dependencies(global_target boringssl_prefix_symbols)
|
|
elseif(BORINGSSL_PREFIX OR BORINGSSL_PREFIX_SYMBOLS)
|
|
message(FATAL_ERROR "Must specify both or neither of BORINGSSL_PREFIX and BORINGSSL_PREFIX_SYMBOLS")
|
|
endif()
|
|
|
|
if(CMAKE_CXX_COMPILER_ID MATCHES "Clang")
|
|
set(CLANG 1)
|
|
endif()
|
|
|
|
if(CMAKE_COMPILER_IS_GNUCXX OR CLANG)
|
|
# Note clang-cl is odd and sets both CLANG and MSVC. We base our configuration
|
|
# primarily on our normal Clang one.
|
|
set(C_CXX_FLAGS "-Werror -Wformat=2 -Wsign-compare -Wmissing-field-initializers -Wwrite-strings")
|
|
if(MSVC)
|
|
# clang-cl sets different default warnings than clang. It also treats -Wall
|
|
# as -Weverything, to match MSVC. Instead -W3 is the alias for -Wall.
|
|
# See http://llvm.org/viewvc/llvm-project?view=revision&revision=319116
|
|
set(C_CXX_FLAGS "${C_CXX_FLAGS} -W3 -Wno-unused-parameter -fmsc-version=1900")
|
|
# googletest suppresses warning C4996 via a pragma, but clang-cl does not
|
|
# honor it. Suppress it here to compensate. See https://crbug.com/772117.
|
|
set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wno-deprecated-declarations")
|
|
else()
|
|
set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wall -ggdb -fvisibility=hidden -fno-common")
|
|
endif()
|
|
|
|
if(CLANG)
|
|
set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wnewline-eof -fcolor-diagnostics")
|
|
else()
|
|
# GCC (at least 4.8.4) has a bug where it'll find unreachable free() calls
|
|
# and declare that the code is trying to free a stack pointer.
|
|
set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wno-free-nonheap-object")
|
|
endif()
|
|
|
|
if(CLANG OR NOT "7.0.0" VERSION_GREATER CMAKE_C_COMPILER_VERSION)
|
|
set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wimplicit-fallthrough")
|
|
endif()
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${C_CXX_FLAGS} -Wmissing-prototypes -Wold-style-definition -Wstrict-prototypes")
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${C_CXX_FLAGS} -Wmissing-declarations")
|
|
|
|
if(NOT MSVC)
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11")
|
|
if(APPLE)
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -stdlib=libc++")
|
|
endif()
|
|
if(NOT BORINGSSL_ALLOW_CXX_RUNTIME)
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fno-exceptions -fno-rtti")
|
|
endif()
|
|
endif()
|
|
|
|
# In GCC, -Wmissing-declarations is the C++ spelling of -Wmissing-prototypes
|
|
# and using the wrong one is an error. In Clang, -Wmissing-prototypes is the
|
|
# spelling for both and -Wmissing-declarations is some other warning.
|
|
#
|
|
# https://gcc.gnu.org/onlinedocs/gcc-7.1.0/gcc/Warning-Options.html#Warning-Options
|
|
# https://clang.llvm.org/docs/DiagnosticsReference.html#wmissing-prototypes
|
|
# https://clang.llvm.org/docs/DiagnosticsReference.html#wmissing-declarations
|
|
if(CLANG)
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wmissing-prototypes")
|
|
endif()
|
|
|
|
if(CMAKE_COMPILER_IS_GNUCXX AND "4.8" VERSION_GREATER CMAKE_C_COMPILER_VERSION)
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-array-bounds")
|
|
endif()
|
|
|
|
elseif(MSVC)
|
|
set(MSVC_DISABLED_WARNINGS_LIST
|
|
"C4061" # enumerator 'identifier' in switch of enum 'enumeration' is not
|
|
# explicitly handled by a case label
|
|
# Disable this because it flags even when there is a default.
|
|
"C4100" # 'exarg' : unreferenced formal parameter
|
|
"C4127" # conditional expression is constant
|
|
"C4200" # nonstandard extension used : zero-sized array in
|
|
# struct/union.
|
|
"C4204" # nonstandard extension used: non-constant aggregate initializer
|
|
"C4221" # nonstandard extension used : 'identifier' : cannot be
|
|
# initialized using address of automatic variable
|
|
"C4242" # 'function' : conversion from 'int' to 'uint8_t',
|
|
# possible loss of data
|
|
"C4244" # 'function' : conversion from 'int' to 'uint8_t',
|
|
# possible loss of data
|
|
"C4267" # conversion from 'size_t' to 'int', possible loss of data
|
|
"C4371" # layout of class may have changed from a previous version of the
|
|
# compiler due to better packing of member '...'
|
|
"C4388" # signed/unsigned mismatch
|
|
"C4296" # '>=' : expression is always true
|
|
"C4350" # behavior change: 'std::_Wrap_alloc...'
|
|
"C4365" # '=' : conversion from 'size_t' to 'int',
|
|
# signed/unsigned mismatch
|
|
"C4389" # '!=' : signed/unsigned mismatch
|
|
"C4464" # relative include path contains '..'
|
|
"C4510" # 'argument' : default constructor could not be generated
|
|
"C4512" # 'argument' : assignment operator could not be generated
|
|
"C4514" # 'function': unreferenced inline function has been removed
|
|
"C4548" # expression before comma has no effect; expected expression with
|
|
# side-effect" caused by FD_* macros.
|
|
"C4610" # struct 'argument' can never be instantiated - user defined
|
|
# constructor required.
|
|
"C4623" # default constructor was implicitly defined as deleted
|
|
"C4625" # copy constructor could not be generated because a base class
|
|
# copy constructor is inaccessible or deleted
|
|
"C4626" # assignment operator could not be generated because a base class
|
|
# assignment operator is inaccessible or deleted
|
|
"C4668" # 'symbol' is not defined as a preprocessor macro, replacing with
|
|
# '0' for 'directives'
|
|
# Disable this because GTest uses it everywhere.
|
|
"C4706" # assignment within conditional expression
|
|
"C4710" # 'function': function not inlined
|
|
"C4711" # function 'function' selected for inline expansion
|
|
"C4800" # 'int' : forcing value to bool 'true' or 'false'
|
|
# (performance warning)
|
|
"C4820" # 'bytes' bytes padding added after construct 'member_name'
|
|
"C5026" # move constructor was implicitly defined as deleted
|
|
"C5027" # move assignment operator was implicitly defined as deleted
|
|
"C5045" # Compiler will insert Spectre mitigation for memory load if
|
|
# /Qspectre switch specified
|
|
)
|
|
set(MSVC_LEVEL4_WARNINGS_LIST
|
|
# See https://connect.microsoft.com/VisualStudio/feedback/details/1217660/warning-c4265-when-using-functional-header
|
|
"C4265" # class has virtual functions, but destructor is not virtual
|
|
)
|
|
string(REPLACE "C" " -wd" MSVC_DISABLED_WARNINGS_STR
|
|
${MSVC_DISABLED_WARNINGS_LIST})
|
|
string(REPLACE "C" " -w4" MSVC_LEVEL4_WARNINGS_STR
|
|
${MSVC_LEVEL4_WARNINGS_LIST})
|
|
set(CMAKE_C_FLAGS "-utf-8 -Wall -WX ${MSVC_DISABLED_WARNINGS_STR} ${MSVC_LEVEL4_WARNINGS_STR}")
|
|
set(CMAKE_CXX_FLAGS "-utf-8 -Wall -WX ${MSVC_DISABLED_WARNINGS_STR} ${MSVC_LEVEL4_WARNINGS_STR}")
|
|
endif()
|
|
|
|
if(WIN32)
|
|
add_definitions(-D_HAS_EXCEPTIONS=0)
|
|
add_definitions(-DWIN32_LEAN_AND_MEAN)
|
|
add_definitions(-DNOMINMAX)
|
|
# Allow use of fopen.
|
|
add_definitions(-D_CRT_SECURE_NO_WARNINGS)
|
|
# VS 2017 and higher supports STL-only warning suppressions. Manually add to
|
|
# C++ only to work around a CMake quoting bug when using NASM with the Visual
|
|
# Studio generator. This will be fixed in CMake 3.13.0. See
|
|
# https://gitlab.kitware.com/cmake/cmake/merge_requests/2179
|
|
add_compile_options($<$<COMPILE_LANGUAGE:CXX>:-D_STL_EXTRA_DISABLED_WARNINGS=4774\ 4987>)
|
|
endif()
|
|
|
|
if((CMAKE_COMPILER_IS_GNUCXX AND CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.7.99") OR
|
|
CLANG)
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow")
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wshadow")
|
|
endif()
|
|
|
|
if(CMAKE_COMPILER_IS_GNUCXX)
|
|
if((CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.8.99") OR CLANG)
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c11")
|
|
else()
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c99")
|
|
endif()
|
|
endif()
|
|
|
|
# pthread_rwlock_t requires a feature flag.
|
|
if(NOT WIN32)
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_XOPEN_SOURCE=700")
|
|
endif()
|
|
|
|
if(FUZZ)
|
|
if(NOT CLANG)
|
|
message(FATAL_ERROR "You need to build with Clang for fuzzing to work")
|
|
endif()
|
|
|
|
if(CMAKE_C_COMPILER_VERSION VERSION_LESS "6.0.0")
|
|
message(FATAL_ERROR "You need Clang ≥ 6.0.0")
|
|
endif()
|
|
|
|
add_definitions(-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE)
|
|
set(RUNNER_ARGS "-deterministic")
|
|
|
|
if(NOT NO_FUZZER_MODE)
|
|
add_definitions(-DBORINGSSL_UNSAFE_FUZZER_MODE)
|
|
set(RUNNER_ARGS ${RUNNER_ARGS} "-fuzzer" "-shim-config" "fuzzer_mode.json")
|
|
endif()
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address,fuzzer-no-link -fsanitize-coverage=edge,indirect-calls")
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address,fuzzer-no-link -fsanitize-coverage=edge,indirect-calls")
|
|
endif()
|
|
|
|
add_definitions(-DBORINGSSL_IMPLEMENTATION)
|
|
|
|
if(BUILD_SHARED_LIBS)
|
|
add_definitions(-DBORINGSSL_SHARED_LIBRARY)
|
|
# Enable position-independent code globally. This is needed because
|
|
# some library targets are OBJECT libraries.
|
|
set(CMAKE_POSITION_INDEPENDENT_CODE TRUE)
|
|
endif()
|
|
|
|
if(MSAN)
|
|
if(NOT CLANG)
|
|
message(FATAL_ERROR "Cannot enable MSAN unless using Clang")
|
|
endif()
|
|
|
|
if(ASAN)
|
|
message(FATAL_ERROR "ASAN and MSAN are mutually exclusive")
|
|
endif()
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer")
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer")
|
|
set(CMAKE_ASM_FLAGS "${CMAKE_ASM_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer")
|
|
endif()
|
|
|
|
if(ASAN)
|
|
if(NOT CLANG)
|
|
message(FATAL_ERROR "Cannot enable ASAN unless using Clang")
|
|
endif()
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address -fsanitize-address-use-after-scope -fno-omit-frame-pointer")
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address -fsanitize-address-use-after-scope -fno-omit-frame-pointer")
|
|
endif()
|
|
|
|
if(CFI)
|
|
if(NOT CLANG)
|
|
message(FATAL_ERROR "Cannot enable CFI unless using Clang")
|
|
endif()
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=cfi -fno-sanitize-trap=cfi -flto=thin")
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=cfi -fno-sanitize-trap=cfi -flto=thin")
|
|
# We use Chromium's copy of clang, which requires -fuse-ld=lld if building
|
|
# with -flto. That, in turn, can't handle -ggdb.
|
|
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fuse-ld=lld")
|
|
string(REPLACE "-ggdb" "-g" CMAKE_C_FLAGS "${CMAKE_C_FLAGS}")
|
|
string(REPLACE "-ggdb" "-g" CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS}")
|
|
# -flto causes object files to contain LLVM bitcode. Mixing those with
|
|
# assembly output in the same static library breaks the linker.
|
|
set(OPENSSL_NO_ASM "1")
|
|
endif()
|
|
|
|
if(TSAN)
|
|
if(NOT CLANG)
|
|
message(FATAL_ERROR "Cannot enable TSAN unless using Clang")
|
|
endif()
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=thread")
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=thread")
|
|
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=thread")
|
|
endif()
|
|
|
|
if(GCOV)
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fprofile-arcs -ftest-coverage")
|
|
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fprofile-arcs -ftest-coverage")
|
|
endif()
|
|
|
|
if(FIPS)
|
|
add_definitions(-DBORINGSSL_FIPS)
|
|
if(FIPS_BREAK_TEST)
|
|
add_definitions("-DBORINGSSL_FIPS_BREAK_${FIPS_BREAK_TEST}=1")
|
|
endif()
|
|
# Delocate does not work for ASan and MSan builds.
|
|
if(NOT ASAN AND NOT MSAN)
|
|
set(FIPS_DELOCATE "1")
|
|
endif()
|
|
endif()
|
|
|
|
if(OPENSSL_SMALL)
|
|
add_definitions(-DOPENSSL_SMALL)
|
|
endif()
|
|
|
|
if(CONSTANT_TIME_VALIDATION)
|
|
add_definitions(-DBORINGSSL_CONSTANT_TIME_VALIDATION)
|
|
# Asserts will often test secret data.
|
|
add_definitions(-DNDEBUG)
|
|
endif()
|
|
|
|
function(go_executable dest package)
|
|
set(godeps "${CMAKE_SOURCE_DIR}/util/godeps.go")
|
|
if(${CMAKE_VERSION} VERSION_LESS "3.7" OR
|
|
NOT ${CMAKE_GENERATOR} STREQUAL "Ninja")
|
|
# The DEPFILE parameter to add_custom_command is new as of CMake 3.7 and
|
|
# only works with Ninja. Query the sources at configure time. Additionally,
|
|
# everything depends on go.mod. That affects what external packages to use.
|
|
execute_process(COMMAND ${GO_EXECUTABLE} run ${godeps} -format cmake
|
|
-pkg ${package}
|
|
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
|
|
OUTPUT_VARIABLE sources
|
|
RESULT_VARIABLE godeps_result)
|
|
add_custom_command(OUTPUT ${dest}
|
|
COMMAND ${GO_EXECUTABLE} build
|
|
-o ${CMAKE_CURRENT_BINARY_DIR}/${dest} ${package}
|
|
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
|
|
DEPENDS ${sources} ${CMAKE_SOURCE_DIR}/go.mod)
|
|
else()
|
|
# Ninja expects the target in the depfile to match the output. This is a
|
|
# relative path from the build directory.
|
|
string(LENGTH "${CMAKE_BINARY_DIR}" root_dir_length)
|
|
math(EXPR root_dir_length "${root_dir_length} + 1")
|
|
string(SUBSTRING "${CMAKE_CURRENT_BINARY_DIR}" ${root_dir_length} -1 target)
|
|
set(target "${target}/${dest}")
|
|
|
|
set(depfile "${CMAKE_CURRENT_BINARY_DIR}/${dest}.d")
|
|
add_custom_command(OUTPUT ${dest}
|
|
COMMAND ${GO_EXECUTABLE} build
|
|
-o ${CMAKE_CURRENT_BINARY_DIR}/${dest} ${package}
|
|
COMMAND ${GO_EXECUTABLE} run ${godeps} -format depfile
|
|
-target ${target} -pkg ${package} -out ${depfile}
|
|
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
|
|
DEPENDS ${godeps} ${CMAKE_SOURCE_DIR}/go.mod
|
|
DEPFILE ${depfile})
|
|
endif()
|
|
endfunction()
|
|
|
|
# CMake's iOS support uses Apple's multiple-architecture toolchain. It takes an
|
|
# architecture list from CMAKE_OSX_ARCHITECTURES, leaves CMAKE_SYSTEM_PROCESSOR
|
|
# alone, and expects all architecture-specific logic to be conditioned within
|
|
# the source files rather than the build. This does not work for our assembly
|
|
# files, so we fix CMAKE_SYSTEM_PROCESSOR and only support single-architecture
|
|
# builds.
|
|
if(NOT OPENSSL_NO_ASM AND CMAKE_OSX_ARCHITECTURES)
|
|
list(LENGTH CMAKE_OSX_ARCHITECTURES NUM_ARCHES)
|
|
if(NOT ${NUM_ARCHES} EQUAL 1)
|
|
message(FATAL_ERROR "Universal binaries not supported.")
|
|
endif()
|
|
list(GET CMAKE_OSX_ARCHITECTURES 0 CMAKE_SYSTEM_PROCESSOR)
|
|
endif()
|
|
|
|
if(OPENSSL_NO_ASM)
|
|
add_definitions(-DOPENSSL_NO_ASM)
|
|
set(ARCH "generic")
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "x86_64")
|
|
set(ARCH "x86_64")
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "amd64")
|
|
set(ARCH "x86_64")
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "AMD64")
|
|
# cmake reports AMD64 on Windows, but we might be building for 32-bit.
|
|
if(CMAKE_CL_64)
|
|
set(ARCH "x86_64")
|
|
else()
|
|
set(ARCH "x86")
|
|
endif()
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "x86")
|
|
set(ARCH "x86")
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "i386")
|
|
set(ARCH "x86")
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "i686")
|
|
set(ARCH "x86")
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "aarch64")
|
|
set(ARCH "aarch64")
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "arm64")
|
|
set(ARCH "aarch64")
|
|
# Apple A12 Bionic chipset which is added in iPhone XS/XS Max/XR uses arm64e architecture.
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "arm64e")
|
|
set(ARCH "aarch64")
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} MATCHES "^arm*")
|
|
set(ARCH "arm")
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "mips")
|
|
# Just to avoid the “unknown processor” error.
|
|
set(ARCH "generic")
|
|
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "ppc64le")
|
|
set(ARCH "ppc64le")
|
|
else()
|
|
message(FATAL_ERROR "Unknown processor:" ${CMAKE_SYSTEM_PROCESSOR})
|
|
endif()
|
|
|
|
if(ANDROID AND NOT ANDROID_NDK_REVISION AND ${ARCH} STREQUAL "arm")
|
|
# The third-party Android-NDK CMake files somehow fail to set the -march flag
|
|
# for assembly files. Without this flag, the compiler believes that it's
|
|
# building for ARMv5.
|
|
set(CMAKE_ASM_FLAGS "-march=${CMAKE_SYSTEM_PROCESSOR} ${CMAKE_ASM_FLAGS}")
|
|
endif()
|
|
|
|
if(${ARCH} STREQUAL "x86" AND APPLE AND ${CMAKE_VERSION} VERSION_LESS "3.0")
|
|
# With CMake 2.8.x, ${CMAKE_SYSTEM_PROCESSOR} evalutes to i386 on OS X,
|
|
# but clang defaults to 64-bit builds on OS X unless otherwise told.
|
|
# Set ARCH to x86_64 so clang and CMake agree. This is fixed in CMake 3.
|
|
set(ARCH "x86_64")
|
|
endif()
|
|
|
|
if(USE_CUSTOM_LIBCXX)
|
|
if(NOT CLANG)
|
|
message(FATAL_ERROR "USE_CUSTOM_LIBCXX only supported with Clang")
|
|
endif()
|
|
|
|
# CMAKE_CXX_FLAGS ends up in the linker flags as well, so use
|
|
# add_compile_options. There does not appear to be a way to set
|
|
# language-specific compile-only flags.
|
|
add_compile_options("-nostdinc++")
|
|
set(CMAKE_CXX_LINK_FLAGS "${CMAKE_CXX_LINK_FLAGS} -nostdlib++")
|
|
include_directories(
|
|
SYSTEM
|
|
util/bot/libcxx/include
|
|
util/bot/libcxxabi/include
|
|
)
|
|
|
|
# This is patterned after buildtools/third_party/libc++/BUILD.gn and
|
|
# buildtools/third_party/libc++abi/BUILD.gn in Chromium.
|
|
|
|
file(GLOB LIBCXX_SOURCES "util/bot/libcxx/src/*.cpp")
|
|
file(GLOB LIBCXXABI_SOURCES "util/bot/libcxxabi/src/*.cpp")
|
|
|
|
# This file is meant for exception-less builds.
|
|
list(REMOVE_ITEM LIBCXXABI_SOURCES "trunk/src/cxa_noexception.cpp")
|
|
# libc++ also defines new and delete.
|
|
list(REMOVE_ITEM LIBCXXABI_SOURCES "trunk/src/stdlib_new_delete.cpp")
|
|
if(TSAN)
|
|
# ThreadSanitizer tries to intercept these symbols. Skip them to avoid
|
|
# symbol conflicts.
|
|
list(REMOVE_ITEM LIBCXXABI_SOURCES "trunk/src/cxa_guard.cpp")
|
|
endif()
|
|
|
|
add_library(libcxxabi ${LIBCXXABI_SOURCES})
|
|
target_compile_definitions(
|
|
libcxxabi PRIVATE
|
|
-D_LIBCPP_ENABLE_CXX17_REMOVED_UNEXPECTED_FUNCTIONS
|
|
)
|
|
set_target_properties(libcxxabi PROPERTIES COMPILE_FLAGS "-Wno-missing-prototypes -Wno-implicit-fallthrough")
|
|
|
|
add_library(libcxx ${LIBCXX_SOURCES})
|
|
if(ASAN OR MSAN OR TSAN)
|
|
# Sanitizers try to intercept new and delete.
|
|
target_compile_definitions(
|
|
libcxx PRIVATE
|
|
-D_LIBCPP_DISABLE_NEW_DELETE_DEFINITIONS
|
|
)
|
|
endif()
|
|
target_compile_definitions(
|
|
libcxx PRIVATE
|
|
-D_LIBCPP_BUILDING_LIBRARY
|
|
-DLIBCXX_BUILDING_LIBCXXABI
|
|
)
|
|
target_link_libraries(libcxx libcxxabi)
|
|
endif()
|
|
|
|
# Add minimal googletest targets. The provided one has many side-effects, and
|
|
# googletest has a very straightforward build.
|
|
add_library(boringssl_gtest third_party/googletest/src/gtest-all.cc)
|
|
target_include_directories(boringssl_gtest PRIVATE third_party/googletest)
|
|
|
|
include_directories(third_party/googletest/include)
|
|
|
|
# Declare a dummy target to build all unit tests. Test targets should inject
|
|
# themselves as dependencies next to the target definition.
|
|
add_custom_target(all_tests)
|
|
|
|
add_custom_command(
|
|
OUTPUT crypto_test_data.cc
|
|
COMMAND ${GO_EXECUTABLE} run util/embed_test_data.go ${CRYPTO_TEST_DATA} >
|
|
${CMAKE_CURRENT_BINARY_DIR}/crypto_test_data.cc
|
|
DEPENDS util/embed_test_data.go ${CRYPTO_TEST_DATA}
|
|
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
|
|
|
|
add_library(crypto_test_data OBJECT crypto_test_data.cc)
|
|
|
|
add_subdirectory(crypto)
|
|
add_subdirectory(ssl)
|
|
add_subdirectory(ssl/test)
|
|
add_subdirectory(fipstools)
|
|
add_subdirectory(tool)
|
|
add_subdirectory(decrepit)
|
|
|
|
if(FUZZ)
|
|
add_subdirectory(fuzz)
|
|
endif()
|
|
|
|
if(NOT ${CMAKE_VERSION} VERSION_LESS "3.2")
|
|
# USES_TERMINAL is only available in CMake 3.2 or later.
|
|
set(MAYBE_USES_TERMINAL USES_TERMINAL)
|
|
endif()
|
|
|
|
if(UNIX AND NOT APPLE AND NOT ANDROID)
|
|
set(HANDSHAKER_ARGS "-handshaker-path" $<TARGET_FILE:handshaker>)
|
|
endif()
|
|
|
|
add_custom_target(
|
|
run_tests
|
|
COMMAND ${GO_EXECUTABLE} run util/all_tests.go -build-dir
|
|
${CMAKE_BINARY_DIR}
|
|
COMMAND cd ssl/test/runner &&
|
|
${GO_EXECUTABLE} test -shim-path $<TARGET_FILE:bssl_shim>
|
|
${HANDSHAKER_ARGS} ${RUNNER_ARGS}
|
|
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
|
|
DEPENDS all_tests bssl_shim handshaker
|
|
${MAYBE_USES_TERMINAL})
|