# Copyright 2014 The Chromium Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import("//build/config/sanitizers/sanitizers.gni")
import("//build/toolchain/toolchain.gni")
# This config causes functions not to be automatically exported from shared
# libraries. By default, all symbols are exported but this means there are
# lots of exports that slow everything down. In general we explicitly mark
# which functiosn we want to export from components.
#
# Some third_party code assumes all functions are exported so this is separated
# into its own config so such libraries can remove this config to make symbols
# public again.
#
# See http://gcc.gnu.org/wiki/Visibility
config("symbol_visibility_hidden") {
# Note that -fvisibility-inlines-hidden is set globally in the compiler
# config since that can almost always be applied.
cflags = [ "-fvisibility=hidden" ]
}
# This config is usually set when :symbol_visibility_hidden is removed.
# It's often a good idea to set visibility explicitly, as there're flags
# which would error out otherwise (e.g. -fsanitize=cfi-unrelated-cast)
config("symbol_visibility_default") {
cflags = [ "-fvisibility=default" ]
}
# The rpath is the dynamic library search path. Setting this config on a link
# step will put the directory where the build generates shared libraries into
# the rpath.
#
# It's important that this *not* be used for release builds we push out.
# Chrome uses some setuid binaries, and hard links preserve setuid bits. An
# unprivileged user could gain root privileges by hardlinking a setuid
# executable and then adding in whatever binaries they want to run into the lib
# directory.
#
# Example bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520126
#
# This is required for component builds since the build generates many shared
# libraries in the build directory that we expect to be automatically loaded.
# It will be automatically applied in this case by :executable_ldconfig.
#
# In non-component builds, certain test binaries may expect to load dynamic
# libraries from the current directory. As long as these aren't distributed,
# this is OK. For these cases use something like this:
#
# if (is_linux && !is_component_build) {
# configs += [ "//build/config/gcc:rpath_for_built_shared_libraries" ]
# }
config("rpath_for_built_shared_libraries") {
if (!is_android) {
# Note: Android doesn't support rpath.
if (shlib_subdir != ".") {
rpath_link = "${shlib_subdir}/"
} else {
rpath_link = "."
}
ldflags = [
# Want to pass "\$". GN will re-escape as required for ninja.
"-Wl,-rpath=\$ORIGIN/${rpath_link}",
"-Wl,-rpath-link=${rpath_link}",
]
}
}
# Settings for executables.
config("executable_ldconfig") {
if (is_android) {
ldflags = [
"-Bdynamic",
"-Wl,-z,nocopyreloc",
]
} else {
# See the rpath_for... config above for why this is necessary for component
# builds. Sanitizers use a custom libc++ where this is also necessary.
if (is_component_build || using_sanitizer) {
configs = [ ":rpath_for_built_shared_libraries" ]
}
# Find the path containing shared libraries for this toolchain
# relative to the build directory. ${root_out_dir} will be a
# subdirectory of ${root_build_dir} when cross compiling.
rebased_out_dir = rebase_path(root_out_dir, root_build_dir)
if (shlib_subdir != ".") {
rpath_link = "${rebased_out_dir}/${shlib_subdir}"
} else {
rpath_link = rebased_out_dir
}
ldflags = [
"-Wl,-rpath-link=${rpath_link}",
# TODO(GYP): Do we need a check on the binutils version here?
#
# Newer binutils don't set DT_RPATH unless you disable "new" dtags
# and the new DT_RUNPATH doesn't work without --no-as-needed flag.
"-Wl,--disable-new-dtags",
]
if (current_cpu == "mipsel") {
ldflags += [ "-pie" ]
}
}
}
config("no_exceptions") {
cflags_cc = [ "-fno-exceptions" ]
cflags_objcc = cflags_cc
}