未验证 提交 63646182 编写于 作者: O openharmony_ci 提交者: Gitee

!15071 [翻译完成】#I6DI3L

Merge pull request !15071 from Annie_wang/PR14346
# Module
## Configuration Rules
The Compilation and Building subsystem implements compilation and packaging by module, component, and product. A module is an target to build. It can be a dynamic library, static library, configuration file, or prebuilt module. A module must belong to a component and can belong to only one component. OpenHarmony uses customized GN templates to configure modules. For details about the GN basics, see https://gn.googlesource.com/gn/+/main/docs/reference.md.
The Compilation and Building subsystem implements compilation and packaging by module, component, and product. A module is a target to build. It can be a dynamic library, static library, configuration file, or prebuilt module. A module must belong to a component and can belong to only one component. OpenHarmony provides customized GN templates to configure modules. For details about the GN basics, see [GN Reference](https://gn.googlesource.com/gn/+/main/docs/reference.md).
The common templates for module configuration are as follows:
......@@ -25,15 +25,15 @@ ohos_resources
# Other templates
# Configuration file
ohos_prebuild_etc
ohos_prebuilt_etc
# SA profile
ohos_sa_profile
```
You are recommended to use the OpenHarmony customized templates.
You are advised to use the OpenHarmony customized templates.
### C/C++ Template Example
### C/C++ Template Examples
The .gni file corresponding to the templates starting with **ohos** is located in **openharmony/build/templates/cxx/cxx.gni**.
......@@ -63,14 +63,20 @@ ohos_shared_library("helloworld") {
part_name = [string] # (Mandatory) Component name.
output_dir
# Sanitizer variables
cfi = [boolean]
cfi_cross_dso = [boolean] # CFI: shared library support.
scs = [boolean]
scudo = []
ubsan = []
boundary_sanitize = []
integer_overflow_sanitize = []
# Sanitizer configuration. Each item is optional, and set to false or left unspecified by default.
sanitize = {
# Sanitizer settings
cfi = [boolean] # Whether to enable the control-flow integrity (CFI) check.
cfi_cross_dso = [boolean] # Whether to enable the cross-DSO CFI check.
integer_overflow = [boolean] # Whether to enable the integer overflow check.
boundary_sanitize = [boolean] # Whether to enable the bounds check.
ubsan = [boolean] # Whether to enable some Undefined Behavior Sanitizer (UBSAN) options.
all_ubsan = [boolean] # Whether to enable all UBSAN options.
...
debug = [boolean] # Whether to enable the debug mode.
blocklist = [string] # Path of the blocklist.
}
testonly = [boolean]
license_as_sources = []
......@@ -105,14 +111,20 @@ ohos_static_library("helloworld") {
lib_dirs = []
public_configs = []
# Sanitizer variables
cfi = [boolean]
cfi_cross_dso = [boolean] # CFI: shared library support.
scs = [boolean]
scudo = []
ubsan = []
boundary_sanitize = []
integer_overflow_sanitize = []
# Sanitizer configuration. Each item is optional, and set to false or left unspecified by default.
sanitize = {
# Sanitizer settings
cfi = [boolean] # Whether to enable the CFI check.
cfi_cross_dso = [boolean] # Whether to enable the cross-DSO CFI check.
integer_overflow = [boolean] # Whether to enable the integer overflow check.
boundary_sanitize = [boolean] # Whether to enable the bounds check.
ubsan = [boolean] # Whether to enable some UBSAN options.
all_ubsan = [boolean] # Whether to enable all UBSAN options.
...
debug = [boolean] # Whether to enable the debug mode.
blocklist = [string] # Path of the blocklist.
}
remove_configs = []
no_default_deps = []
......@@ -138,14 +150,20 @@ ohos_executable("helloworld") {
ohos_test = []
test_output_dir = []
# Sanitizer variables
cfi = [boolean]
cfi_cross_dso = [boolean] # CFI: shared library support.
scs = [boolean]
scudo = []
ubsan = []
boundary_sanitize = []
integer_overflow_sanitize = []
# Sanitizer configuration. Each item is optional, and set to false or left unspecified by default.
sanitize = {
# Sanitizer settings
cfi = [boolean] # Whether to enable the CFI check.
cfi_cross_dso = [boolean] # Whether to enable the cross-DSO CFI check.
integer_overflow = [boolean] # Whether to enable the integer overflow check.
boundary_sanitize = [boolean] # Whether to enable the bounds check.
ubsan = [boolean] # Whether to enable some Undefined Behavior Sanitizer (UBSAN) options.
all_ubsan = [boolean] # Whether to enable all UBSAN options.
...
debug = [boolean] # Whether to enable the debug mode.
blocklist = [string] # Path of the blocklist.
}
testonly = [boolean]
license_as_sources = []
......@@ -182,14 +200,20 @@ ohos_source_set("helloworld") {
"part_name:module_name", # The value is in the Component_name:Module_name format.
] # The dependent modules must be declared in inner_kits by the dependent component.
# Sanitizer variables
cfi = [boolean]
cfi_cross_dso = [boolean] # CFI: shared library support.
scs = [boolean]
scudo = []
ubsan = []
boundary_sanitize = []
integer_overflow_sanitize = []
# Sanitizer configuration. Each item is optional, and set to false or left unspecified by default.
sanitize = {
# Sanitizer settings
cfi = [boolean] # Whether to enable the CFI check.
cfi_cross_dso = [boolean] # Whether to enable the cross-DSO CFI check.
integer_overflow = [boolean] # Whether to enable the integer overflow check.
boundary_sanitize = [boolean] # Whether to enable the bounds check.
ubsan = [boolean] # Whether to enable some Undefined Behavior Sanitizer (UBSAN) options.
all_ubsan = [boolean] # Whether to enable all UBSAN options.
...
debug = [boolean] # Whether to enable the debug mode.
blocklist = [string] # Path of the blocklist.
}
testonly = [boolean]
license_as_sources = []
......@@ -202,9 +226,12 @@ ohos_source_set("helloworld") {
}
```
>**NOTE**<br>Only **sources** and **part_name** are mandatory.
> **NOTE**
>
> - Only **sources** and **part_name** are mandatory.
> - For details about the Sanitizer configuration, see [Using Sanitizer](subsys-build-reference.md#using-sanitizer).
### Prebuilt Template Example
### Prebuilt Template Examples
The .gni file of the prebuilt templates is located in **openharmony/build/templates/cxx/prebuilt.gni**.
......@@ -289,7 +316,7 @@ ohos_prebuilt_static_library("helloworld") {
### HAP Templates
See [HAP Build Guide](subsys-build-gn-hap-compilation-guide.md).
For details, see [HAP Build Guide](subsys-build-gn-hap-compilation-guide.md).
......@@ -330,11 +357,11 @@ ohos_sa_profile("helloworld") {
}
```
>**NOTE**: Only **sources** and **part_name** are mandatory.
> **NOTE**<br>Only **sources** and **part_name** are mandatory.
## Adding and Building a Module
The figure below illustrates the process for adding a module. A module belongs to a component, which belongs to a subsystem. Please note that the chipset solution, as a special component, does not have a subsystem. You may need to:
The following figure shows the logic for adding a module. Generally, you need to add a module to a component of a subsystem. If there is no subsystem or component, you must add the subsystem and component first. Note that the chip solution is a special component and does not have a subsystem.
- Add a module to an existing component.
......@@ -382,7 +409,7 @@ The figure below illustrates the process for adding a module. A module belongs t
"build": { # Build-related configuration.
"sub_component": [
"//foundation/arkui/napi:napi_packages", # Existing module 1.
"//foundation/arkui/napi:napi_packages_ndk" # Existing module 2.
"//foundation/arkui/napi:napi_packages_ndk"# Existing module 2.
"//foundation/arkui/napi:new" # Module to add.
], # Component build entry. Configure the module here.
"inner_kits": [], # APIs between components.
......@@ -392,7 +419,7 @@ The figure below illustrates the process for adding a module. A module belongs t
}
```
>**NOTE**<br>The **bundle.json** file must be in the folder of the corresponding subsystem.
> **NOTE**<br>The **bundle.json** file must be in the folder of the corresponding subsystem.
3. Start the build and check whether a .so file or binary file is generated.
......@@ -471,7 +498,7 @@ The figure below illustrates the process for adding a module. A module belongs t
]
},
{
"subsystem": "subsystem_new", # Name of the new subsystem to add
"subsystem": "subsystem_new", # Name of the new subsystem to add.
"components": [
{
"component": "component_new2", # Name of the component to be added to the new subsystem
......@@ -485,25 +512,25 @@ The figure below illustrates the process for adding a module. A module belongs t
4. Start the build and check whether a .so file or binary file is generated.
**Building a Module**
You can start the build by using the [CLI or hb tool](subsys-build-all.md#build-commands). The following uses the CLI as an example:
You can run the **--build-target** *Module_name* command to build a module separately.
```shell
./build.sh --build-target Module_name
```
```shell
./build.sh --build-target Module_name
```
You can also build a product. For example, to build hispark_taurus_standard, run the following command:
```shell
./build.sh --product-name hispark_taurus_standard --build-target Module_name --ccache
```
```shell
./build.sh --product-name hispark_taurus_standard --build-target Module_name --ccache
```
You can also build the component to which the module belongs.
```shell
./build.sh --product-name hispark_taurus_standard --build-target musl --build-target Module_name --ccache
```
```shell
./build.sh --product-name hispark_taurus_standard --build-target musl --build-target Module_name --ccache
```
......@@ -64,18 +64,21 @@ The dependency between modules can be classified into **deps** (left in the figu
## Using Sanitizer
When adding a module, you can enable the Sanitizer, such as the integer overflow check and control-flow integrity (CFI), provided by the compiler as required. You can also enable the debug or release mode and configure a blocklist. Each configuration item is optional. It is **false** by default. You can also leave it empty.
When adding a module, you can enable the Sanitizer, such as the integer overflow check and control-flow integrity (CFI), provided by the compiler as required. You can also enable the debug or release mode and configure a blocklist. Each configuration item is optional and **false** by default. You can also leave it empty.
Sanitizer configuration example:
``` shell
ohos_shared_library("example") {
sanitize = {
cfi = true
cfi_cross_dso = true # CFI: shared library support.
integer_overflow = true
debug = true # Optional. The debug mode is disabled by default.
blocklist = "./blocklist.txt" # Optional. Enter the path of the blocklist.
cfi = true # Enable the CFI check.
cfi_cross_dso = true # Enable the cross-DSO CFI check.
integer_overflow = true # Enable the integer overflow check.
boundary_sanitize = true # Enable the bounds check.
ubsan = true # Enable some UBSAN options.
all_ubsan = true # Enable all UBSAN options.
debug = true # Enable the debug mode, which is disabled by default.
blocklist = "./blocklist.txt" # Path of the blocklist.
}
...
}
......@@ -83,10 +86,13 @@ Sanitizer configuration example:
**Supported Sanitizer Types**
Currently, the following two types of Sanitizers are supported:
Currently, Sanitizers provides the following functions:
- Integer overflow check: provides check of unsigned integer overflow (unsigned_integer_overflow), check of signed integer overflow (signed_integer_overflow), or both (integer_overflow).
- CFI: prevents malware attacks from redirecting the control flow of a program.
- **integer_overflow**: provides check of unsigned integer overflow (unsigned_integer_overflow), check of signed integer overflow (signed_integer_overflow), or both (integer_overflow).
- CFI: provides CFI and cross-DSO CFI checks.
- **boundary_sanitize**: provides the bounds check.
- **ubsan**: checks some Undefined Behavior Sanitizer (UBSAN) options, including **bool**, **integer-divide-by-zero**, **return**, **returns-nonnull-attribute**, **shift-exponent**, **unreachable**, and **vla-bound**.
- **all_ubsan**: checks all UBSAN options.
**Release and Debug Modes**
......@@ -96,6 +102,7 @@ Currently, the following two types of Sanitizers are supported:
- Release mode: If release mode is enabled, the application will be directly interrupted when an error occurs. This can protect the system against errors or maliciously attacks.
**Blocklist**
The blocklist specifies the functions or source programs that are not affected by Sanitizer in the module. It prevents benign behavior from being identified as errors or prevents hotspot functions from generating unreasonable and unacceptable overheads. Exercise caution when using this function.
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册