We should disable using imgdiff if *any* of the source and target
partitions uses squashfs.
Bug: 30004734
Test: Create an incremental with two builds with one of them uses squashfs.
Change-Id: I826cd13d7b852c548e4b45e61f5ae00f6407cac3
(cherry picked from commit f8acad1480)
We use imgdiff to handle files in zip format (e.g. jar/zip/apk) for
higher compression ratio.
For system/vendor in squashfs, a) all files are compressed in LZ4
format; b) we use 4096-byte block size in their sparse images, but the
files in squashfs may not be laid out as 4K-aligned. So the blocks for
a given file as listed in block map may not form a valid zip file, which
may fail the patch generation with imgdiff.
Disable using imgdiff for squashfs images, and use bsdiff instead.
Bug: 22322817
Change-Id: Ie76aa4cece5c9d38cb1d1a34c505a4a8f37512d3
(cherry picked from commit 293fd135c7)
Java code using the SDK should not link to java code built with the
platform APIs or the system SDK. Java code using the system SDK should
not link to the platform APIs either, but it can link to java code using
another SDK.
Change-Id: Iaae0a7e01993cfa1e023649fbd8a7974b5eca709
update_engine expects the extracted public key instead of the
certificate.
Bug: 28701652
Change-Id: I292d39da9e039f96d01a4214226aeb46f8cb881d
(cherry picked from commit afaf295cb8)
This moves build/tools/apksigner/core to its own project tools/apksig.
The move also renames the moved Java packages from
com.android.apksigner.core.* to com.android.apksig.* to reflect the
new name of the library.
Bug: 27461702
Change-Id: Iab812ae2b8f0a741014f842460c78e35bc249d43
The idea is that targets with LOCAL_SANITIZE = signed-integer-overflow
and SANITIZE_TARGET=safe-stack should get both sanitizers.
This should work just fine for SANITIZE_TARGET=address, too.
Bug: 27729263
Change-Id: Ifee350da4877008fb061bc7f6c700e7fade405bc
* changes:
Build: Add module-level product configuration of sanitization
Build: Add option to restrict sanitization by owner
Build: Add option to restrict sanitization by architecture
Fix the directory for secondary-architecture libraries under
sanitization. These incorrectly wrote into vendor/lib instead
of data/vendor/lib.
Bug: 29498013
Change-Id: Iee08422a1f7ad42cbe71a322347e98cb74e3ef7f
-Wl,-no-undefined is currently disabled for any SANITIZE_TARGET. Limit that to
the sanitizers with a runtime library (i.e. address, thread).
Re-enable the relocation packer for ASan. This has been fixed upstream a long
time ago.
Bug: 27729263
Change-Id: I566df6104de816223dc1c519d41a87629ce9c47c
Only sanitizers that intercept stuff need that. For example,
SafeStack does not, and I think UBSan too.
Bug: 27729263
Change-Id: I413cd46cc6c6914a363a3c53da7954beacd8f0d8
To allow special sanitizer settings for modules shared between
products, add product-specific module settings.
This was copied from the product-specific dexopt settings.
Bug: 29498013
Change-Id: I17a96b975bb6ac7f4ffb3d5b08e2f00b21bd97a1
(cherry picked from commit bb5454b6db)
Add Make variable SANITIZE_NEVER_BY_OWNER to selectively
sanitize modules. By default, both are being sanitized. The
value of the variable is interpreted as a space or colon
separated list of owner names.
This can be used to create builds that lower the sanitization
burden by not sanitizing parts of the platform.
Bug: 29498013
Change-Id: Ib4412657fd38ff28a5c0863eddc2acde63c88ebb
(cherry picked from commit ea38d8e95d)
Add Make variable SANITIZE_ARCH to selectively sanitize binaries.
This uses the "bitness," i.e., 32 or 64, to potentially filter
the sanitization. By default, both are being sanitized.
This can be used to create builds that lower the sanitization
burden by not sanitizing "half" of the platform.
Bug: 29498013
Change-Id: I73e6d479f08a970ba912f4f63967d32f3487125f
(cherry picked from commit 0290a416c8)
This can be used to selectively disable individual sanitizers on a
target. For example, some parts of libc should be built with
SafeStack (when requested with SANITIZE_TARGET), but never with
AddressSanitizer. Current build rules specify LOCAL_SANITIZE := never
to disable AddressSanitizer; the idea is to change that to
LOCAL_NOSANITIZE := address thread.
Bug: 27729263
Change-Id: I2b770f2ce3faf6ad6798792327e96adb86fe4a4f
