| # Copyright 2018 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| # This file defines library targets and other auxillary definitions that |
| # are used for the resulting executable targets. |
| |
| import("//common-mk/dbus_glib.gni") |
| import("//common-mk/generate-dbus-adaptors.gni") |
| import("//common-mk/generate-dbus-proxies.gni") |
| import("//common-mk/pkg_config.gni") |
| import("//common-mk/proto_library.gni") |
| |
| config("target_defaults") { |
| defines = [ |
| "USE_PINWEAVER=${use.pinweaver}", |
| "USE_SELINUX=${use.selinux}", |
| "USE_TPM2=${use.tpm2}", |
| "USE_DOUBLE_EXTEND_PCR_ISSUE=${use.double_extend_pcr_issue}", |
| "USE_CRYPTOHOME_USERDATAAUTH_INTERFACE=${use.cryptohome_userdataauth_interface}", |
| "USE_USER_SESSION_ISOLATION=${use.user_session_isolation}", |
| ] |
| } |
| |
| # Protobufs. |
| action("cryptohome-proto-external") { |
| proto_out_dir = target_gen_dir |
| dbus_proto_path = "${sysroot}/usr/include/chromeos/dbus/cryptohome" |
| policy_proto_path = "${sysroot}/usr/include/proto" |
| script = "external_proto_generator.py" |
| inputs = [ |
| "${dbus_proto_path}/key.proto", |
| "${dbus_proto_path}/rpc.proto", |
| "${dbus_proto_path}/UserDataAuth.proto", |
| "${dbus_proto_path}/signed_secret.proto", |
| "${policy_proto_path}/install_attributes.proto", |
| ] |
| outputs = |
| process_file_template(inputs, [ "${proto_out_dir}/{{source_file_part}}" ]) |
| args = [ |
| "-o", |
| "${target_gen_dir}", |
| ] + inputs |
| } |
| |
| pkg_config("cryptohome-proto_config") { |
| pkg_deps = [ "protobuf" ] |
| } |
| |
| proto_library("cryptohome-proto") { |
| proto_in_dir = ".." |
| proto_out_dir = "include" |
| proto_lib_dirs = [ target_gen_dir ] |
| |
| # libcryptohome-proto.a is used by a shared_libary |
| # object, so we need to build it with '-fPIC' instead of '-fPIE'. |
| use_pic = true |
| |
| sources = [ |
| "${proto_in_dir}/attestation.proto", |
| "${proto_in_dir}/boot_lockbox_key.proto", |
| "${proto_in_dir}/fake_le_credential_metadata.proto", |
| "${proto_in_dir}/hash_tree_leaf_data.proto", |
| "${proto_in_dir}/signature_sealed_data.proto", |
| "${proto_in_dir}/tpm_status.proto", |
| "${proto_in_dir}/vault_keyset.proto", |
| ] |
| all_dependent_configs = [ ":cryptohome-proto_config" ] |
| public_deps = [ |
| ":cryptohome-generated-proto", |
| ] |
| } |
| |
| # Files generated by cryptohome-proto-external. |
| # TODO(oka): merge this with cryptohome-proto allowing proto_library to take |
| # sources in different directories. |
| proto_library("cryptohome-generated-proto") { |
| proto_in_dir = target_gen_dir |
| proto_out_dir = "include" |
| |
| # libcryptohome-proto.a is used by a shared_libary |
| # object, so we need to build it with '-fPIC' instead of '-fPIE'. |
| use_pic = true |
| sources = get_target_outputs(":cryptohome-proto-external") |
| public_deps = [ |
| ":cryptohome-proto-external", |
| ] |
| } |
| |
| pkg_config("cryptohome-dbus-client_dependent_config") { |
| pkg_deps = [ |
| "dbus-glib-1", |
| "glib-2.0", |
| ] |
| } |
| |
| # D-Bus bindings. |
| generate_dbus_glib("cryptohome-dbus-client") { |
| dbus_glib_out_dir = "include/bindings" |
| dbus_glib_prefix = "cryptohome" |
| dbus_glib_header_stem = "cryptohome" |
| dbus_glib_type = "client" |
| sources = [ |
| "../dbus_bindings/org.chromium.CryptohomeInterface.xml", |
| ] |
| all_dependent_configs = [ ":cryptohome-dbus-client_dependent_config" ] |
| } |
| |
| pkg_config("cryptohome-dbus-server_dependent_config") { |
| pkg_deps = [ |
| "dbus-glib-1", |
| "glib-2.0", |
| ] |
| } |
| |
| generate_dbus_glib("cryptohome-dbus-server") { |
| dbus_glib_out_dir = "include/bindings" |
| dbus_glib_prefix = "cryptohome" |
| dbus_glib_header_stem = "cryptohome" |
| dbus_glib_type = "server" |
| sources = [ |
| "../dbus_bindings/org.chromium.CryptohomeInterface.xml", |
| ] |
| all_dependent_configs = [ ":cryptohome-dbus-server_dependent_config" ] |
| } |
| |
| generate_dbus_proxies("cryptohome-key-delegate-proxies") { |
| proxy_output_file = "include/cryptohome_key_delegate/dbus-proxies.h" |
| sources = [ |
| "../dbus_bindings/org.chromium.CryptohomeKeyDelegateInterface.xml", |
| ] |
| } |
| |
| pkg_config("libcrosplatform_dependent_config") { |
| pkg_deps = [ |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| "libecryptfs", |
| "libmetrics-${libbase_ver}", |
| "openssl", |
| "vboot_host", |
| ] |
| } |
| |
| # Common objects. |
| static_library("libcrosplatform") { |
| configs += [ ":target_defaults" ] |
| sources = [ |
| "../cryptohome_metrics.cc", |
| "../cryptolib.cc", |
| "../dircrypto_util.cc", |
| "../platform.cc", |
| ] |
| libs = [ |
| "keyutils", |
| "secure_erase_file", |
| ] |
| if (use.selinux) { |
| libs += [ "selinux" ] |
| } |
| all_dependent_configs = [ ":libcrosplatform_dependent_config" ] |
| |
| deps = [ |
| ":cryptohome-proto", |
| ] |
| } |
| |
| pkg_config("libcrostpm_dependent_config") { |
| pkg_deps = [ |
| "glib-2.0", |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| "openssl", |
| ] |
| } |
| |
| static_library("libcrostpm") { |
| configs += [ ":target_defaults" ] |
| sources = [ |
| "../attestation.cc", |
| "../bootlockbox/boot_lockbox.cc", |
| "../crc32.c", |
| "../crc8.c", |
| "../crypto.cc", |
| "../crypto_error.cc", |
| "../firmware_management_parameters.cc", |
| "../install_attributes.cc", |
| "../le_credential_manager_impl.cc", |
| "../lockbox.cc", |
| "../persistent_lookup_table.cc", |
| "../pin_weaver_auth_block.cc", |
| "../pkcs11_init.cc", |
| "../pkcs11_keystore.cc", |
| "../sign_in_hash_tree.cc", |
| "../tpm.cc", |
| "../tpm_auth_block.cc", |
| "../tpm_init.cc", |
| "../tpm_persistent_state.cc", |
| "../vault_keyset.cc", |
| ] |
| libs = [ |
| "chaps", |
| "tpm_manager", |
| "scrypt", |
| ] |
| all_dependent_configs = [ ":libcrostpm_dependent_config" ] |
| |
| deps = [ |
| ":libcrosplatform", |
| ] |
| public_deps = [ |
| ":cryptohome-proto", |
| ] |
| |
| if (use.tpm2) { |
| sources += [ |
| "../pinweaver_le_credential_backend.cc", |
| "../signature_sealing_backend_tpm2_impl.cc", |
| "../tpm2_impl.cc", |
| "../tpm2_metrics.cc", |
| ] |
| libs += [ "trunks" ] |
| deps += [ ":pinweaver-proto-external" ] |
| } |
| |
| if (!use.tpm2) { |
| sources += [ |
| "../signature_sealing_backend_tpm1_impl.cc", |
| "../tpm1_static_utils.cc", |
| "../tpm_impl.cc", |
| "../tpm_metrics.cc", |
| "../tpm_new_impl.cc", |
| ] |
| libs += [ |
| "hwsec", |
| "tspi", |
| ] |
| } |
| } |
| |
| generate_dbus_adaptors("userdataauth_adaptors") { |
| dbus_adaptors_out_dir = "include/dbus_adaptors" |
| dbus_service_config = "../dbus_bindings/dbus-service-config-UserDataAuth.json" |
| sources = [ |
| "../dbus_bindings/org.chromium.UserDataAuth.xml", |
| ] |
| } |
| |
| generate_dbus_proxies("userdataauth-client-headers") { |
| dbus_service_config = "../dbus_bindings/dbus-service-config-UserDataAuth.json" |
| proxy_output_file = "include/user_data_auth/dbus-proxies.h" |
| mock_output_file = "include/user_data_auth/dbus-proxy-mocks.h" |
| proxy_path_in_mocks = "user_data_auth/dbus-proxies.h" |
| sources = [ |
| "../dbus_bindings/org.chromium.UserDataAuth.xml", |
| ] |
| } |
| |
| generate_dbus_adaptors("cryptohome_adaptors") { |
| dbus_adaptors_out_dir = "include/dbus_adaptors" |
| dbus_service_config = "../dbus_bindings/dbus-service-config.json" |
| sources = [ |
| "../dbus_bindings/org.chromium.CryptohomeInterface.xml", |
| ] |
| } |
| |
| pkg_config("libcryptohome_dependent_config") { |
| pkg_deps = [ |
| "dbus-glib-1", |
| "glib-2.0", |
| "libbrillo", |
| "libbrillo-glib", |
| "libchrome-${libbase_ver}", |
| ] |
| } |
| |
| static_library("libcryptohome") { |
| configs += [ |
| ":cryptohome-proto_config", |
| ":target_defaults", |
| ] |
| sources = [ |
| "../arc_disk_quota.cc", |
| "../attestation_task.cc", |
| "../bootlockbox/boot_attributes.cc", |
| "../challenge_credentials/challenge_credentials_constants.cc", |
| "../challenge_credentials/challenge_credentials_decrypt_operation.cc", |
| "../challenge_credentials/challenge_credentials_generate_new_operation.cc", |
| "../challenge_credentials/challenge_credentials_helper.cc", |
| "../challenge_credentials/challenge_credentials_operation.cc", |
| "../challenge_credentials/challenge_credentials_verify_key_operation.cc", |
| "../chaps_client_factory.cc", |
| "../credentials.cc", |
| "../cryptohome_event_source.cc", |
| "../dbus_transition.cc", |
| "../dircrypto_data_migrator/atomic_flag.cc", |
| "../dircrypto_data_migrator/migration_helper.cc", |
| "../homedirs.cc", |
| "../interface.cc", |
| "../key_challenge_service_impl.cc", |
| "../lockbox-cache.cc", |
| "../mount.cc", |
| "../mount_constants.cc", |
| "../mount_factory.cc", |
| "../mount_helper.cc", |
| "../mount_namespace.cc", |
| "../mount_stack.cc", |
| "../mount_task.cc", |
| "../mount_utils.cc", |
| "../obfuscated_username.cc", |
| "../out_of_process_mount_helper.cc", |
| "../service.cc", |
| "../service_distributed.cc", |
| "../service_monolithic.cc", |
| "../service_userdataauth.cc", |
| "../stateful_recovery.cc", |
| "../user_oldest_activity_timestamp_cache.cc", |
| "../user_session.cc", |
| "../userdataauth.cc", |
| "../vault_keyset_factory.cc", |
| ] |
| |
| # The generated dbus headers use "register". |
| cflags = [ "-Wno-deprecated-register" ] |
| libs = [ |
| "attestation", |
| "chaps", |
| "hwsec", |
| "policy", |
| "tpm_manager", |
| ] |
| all_dependent_configs = [ ":libcryptohome_dependent_config" ] |
| |
| deps = [ |
| ":cryptohome-dbus-server", |
| ":cryptohome-key-delegate-proxies", |
| ":cryptohome-proto", |
| ":libcrosplatform", |
| ":libcrostpm", |
| ":namespace-mounter-ipc-proto", |
| ":userdataauth_adaptors", |
| ] |
| |
| if (use.tpm2) { |
| deps += [ ":libnvram-boot-lockbox-client" ] |
| } |
| } |
| |
| # Copy boot_lockbox_rpc.proto from /usr/include/chromeos/dbus. |
| action("bootlockbox-proto-external") { |
| proto_out_dir = "${target_gen_dir}/bootlockbox" |
| shared_proto_path = "${sysroot}/usr/include/chromeos/dbus/bootlockbox" |
| inputs = [ |
| "${shared_proto_path}/boot_lockbox_rpc.proto", |
| ] |
| outputs = |
| process_file_template(inputs, [ "${proto_out_dir}/{{source_file_part}}" ]) |
| |
| script = "external_proto_generator.py" |
| args = [ |
| "-o", |
| "${proto_out_dir}", |
| ] + inputs |
| } |
| |
| pkg_config("bootlockbox-proto_config") { |
| pkg_deps = [ "protobuf" ] |
| } |
| |
| # BootLockbox rpc.proto. |
| proto_library("bootlockbox-proto") { |
| proto_in_dir = "../bootlockbox" |
| proto_lib_dirs = [ target_gen_dir ] |
| proto_out_dir = "include" |
| |
| # shared_libary. |
| use_pic = true |
| sources = [ |
| "${proto_in_dir}/key_value_map.proto", |
| ] |
| all_dependent_configs = [ ":cryptohome-proto_config" ] |
| deps = [ |
| ":bootlockbox-generated-proto", |
| ] |
| } |
| |
| # Files generated by bootlockbox-proto-external. |
| # TODO(oka): merge this with bootlockbox-proto allowing proto_library to take |
| # sources in different directories. |
| proto_library("bootlockbox-generated-proto") { |
| proto_in_dir = "${target_gen_dir}/bootlockbox" |
| proto_out_dir = "include" |
| |
| # shared_libary. |
| use_pic = true |
| sources = [ |
| "${target_gen_dir}/bootlockbox/boot_lockbox_rpc.proto", |
| ] |
| all_dependent_configs = [ ":cryptohome-proto_config" ] |
| deps = [ |
| ":bootlockbox-proto-external", |
| ] |
| } |
| |
| generate_dbus_adaptors("bootlockbox-adaptors") { |
| dbus_service_config = "../dbus_adaptors/dbus-service-config.json" |
| dbus_adaptors_out_dir = "include/dbus_adaptors" |
| sources = [ |
| "../dbus_adaptors/org.chromium.BootLockboxInterface.xml", |
| ] |
| } |
| |
| generate_dbus_proxies("bootlockbox-client-headers") { |
| dbus_service_config = "../dbus_adaptors/dbus-service-config.json" |
| proxy_output_file = "include/bootlockbox/dbus-proxies.h" |
| mock_output_file = "include/bootlockbox/dbus-proxy-mocks.h" |
| proxy_path_in_mocks = "bootlockbox/dbus-proxies.h" |
| sources = [ |
| "../dbus_adaptors/org.chromium.BootLockboxInterface.xml", |
| ] |
| } |
| |
| if (use.tpm2) { |
| proto_library("pinweaver-proto-external") { |
| proto_in_dir = "${sysroot}/usr/include/proto" |
| proto_out_dir = "include" |
| sources = [ |
| "${proto_in_dir}/pinweaver.proto", |
| ] |
| configs = [ ":cryptohome-proto_config" ] |
| } |
| |
| pkg_config("libnvram-boot-lockbox_dependent_config") { |
| pkg_deps = [ |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| ] |
| } |
| |
| static_library("libnvram-boot-lockbox-client") { |
| configs += [ ":target_defaults" ] |
| sources = [ |
| "../bootlockbox/boot_lockbox_client.cc", |
| ] |
| all_dependent_configs = [ ":libnvram-boot-lockbox_dependent_config" ] |
| |
| deps = [ |
| ":bootlockbox-client-headers", |
| ":bootlockbox-proto", |
| ] |
| } |
| |
| static_library("libnvram-boot-lockbox") { |
| configs += [ ":target_defaults" ] |
| sources = [ |
| "../bootlockbox/nvram_boot_lockbox.cc", |
| "../bootlockbox/tpm2_nvspace_utility.cc", |
| ] |
| all_dependent_configs = [ ":libnvram-boot-lockbox_dependent_config" ] |
| |
| deps = [ |
| ":bootlockbox-proto", |
| ":cryptohome-proto", |
| ":libcrosplatform", |
| ] |
| } |
| } |
| |
| # cryptohome <-> cryptohome-namespace-mounter IPC proto. |
| proto_library("namespace-mounter-ipc-proto") { |
| proto_in_dir = "../cryptohome_namespace_mounter" |
| proto_out_dir = "include/cryptohome" |
| |
| sources = [ |
| "${proto_in_dir}/namespace_mounter_ipc.proto", |
| ] |
| configs = [ ":cryptohome-proto_config" ] |
| } |