build: add oss-fuzz switch

Signed-off-by: Christian Brauner (Microsoft) <christian.brauner@ubuntu.com>

diff --git a/meson.build b/meson.build
index f6d1eecf2052744592342f19c1d22c5d1a718c8e..f48694ee5b18e5b290594ec22148016c590c7b56 100644 (file)
--- a/meson.build
+++ b/meson.build
@@ -146,6 +146,7 @@ want_capabilities = get_option('capabilities')
 want_apparmor = get_option('apparmor')
 want_openssl = get_option('openssl')
 want_selinux = get_option('selinux')
+want_oss_fuzz = get_option('oss-fuzz')
 want_seccomp = get_option('seccomp')
 
 srcconf.set_quoted('DEFAULT_CGROUP_PATTERN', cgrouppattern)
@@ -232,6 +233,13 @@ endif
 add_project_arguments(cc.get_supported_arguments(basic_disabled_warnings), language : 'c')
 add_project_arguments(cc.get_supported_arguments(possible_cc_flags), language: 'c')
 
+if add_languages('cpp', required : want_oss_fuzz)
+    #  Used only for tests
+    cxx = meson.get_compiler('cpp')
+    cxx_cmd = ' '.join(cxx.cmd_array())
+    add_project_arguments(cxx.get_supported_arguments(basic_disabled_warnings), language : 'cpp')
+endif
+
 # Feature detection
 ## I/O uring.
 if want_io_uring
@@ -380,6 +388,12 @@ else
     srcconf.set10('HAVE_STATIC_LIBCAP', false)
 endif
 
+if want_oss_fuzz
+    srcconf.set10('FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION', true)
+    srcconf.set10('RUN_ON_OSS_FUZZ', true)
+    fuzzing_engine = meson.get_compiler('cpp').find_library('FuzzingEngine')
+endif
+
 ## PAM.
 pam = cc.find_library('pam', has_headers: 'security/pam_modules.h', required: want_pam_cgroup)
 srcconf.set10('HAVE_PAM', pam.found())
@@ -698,10 +712,7 @@ if want_io_uring
     liblxc_dependencies += [liburing]
 endif
 
-liblxc_link_whole = []
-if sanitize == 'none'
-    liblxc_link_whole = [liblxc_static]
-endif
+liblxc_link_whole = [liblxc_static]
 
 liblxc = shared_library(
     'lxc',

diff --git a/meson_options.txt b/meson_options.txt
index 8742583425ae329d4beac4265c1582b82763a9ba..807a6ebec226aa4ee0e127d40173bf692181bdba 100644 (file)
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -74,3 +74,6 @@ option('usernet-config-path', type: 'string', value: 'lxc/lxc-usernet',
 
 option('usernet-db-path', type: 'string', value: 'lxc/nics',
        description: 'User network database file path')
+
+option('oss-fuzz', type : 'boolean', value : 'false',
+       description : 'build against oss-fuzz')

diff --git a/src/lxc/meson.build b/src/lxc/meson.build
index 78b873f24fa8be109c82601c29f55c04f11c26ea..38faf7f5ed5470a4e3272bf2944ca6ed6cfc6160 100644 (file)
--- a/src/lxc/meson.build
+++ b/src/lxc/meson.build
@@ -147,15 +147,13 @@ if want_selinux and libselinux.found()
     liblxc_sources += files('lsm/selinux.c')
 endif
 
-if sanitize == 'none'
-    liblxc_static = static_library(
-        'lxc_static',
-        liblxc_sources + include_sources + netns_ifaddrs_sources,
-        install: true,
-        include_directories: liblxc_includes,
-        dependencies: [threads],
-        c_args: '-fvisibility=default')
-endif
+liblxc_static = static_library(
+    'lxc_static',
+    liblxc_sources + include_sources + netns_ifaddrs_sources,
+    install: true,
+    include_directories: liblxc_includes,
+    dependencies: [threads],
+    c_args: '-fvisibility=default')
 
 lxc_functions = configure_file(
     configuration: conf,