The relocation packer is causing the kernel to load the executable
overlapping ASAN's shadow space.
Bug: http://b/20665974
Change-Id: Ifc5914f4fbed5f4f00ed1c795d01cf2fcb849cfe
Always link libm with asan. Hasn't been a problem before because ASAN
was only ever used when libc++ was as well, which already links libm.
Pass --no-as-needed for host modules.
These aren't needed for the target builds because the target uses the
shared RTL.
Change-Id: I5d6a3c2dd557b5231be2b7711df6438693753a88
ASan runtime library (when using dynamic linking) must be the first
dependency of the main executable to achieve correct symbol
interposition. This matches how the clang driver works.
In multilib setup, ASan-RT name depends on the target arch:
/system/lib/libclang_rt.asan-arm-android.so
/system/lib64/libclang_rt.asan-arm64-android.so
We also set RPATH to /system/lib/asan or /system/lib64/asan
to have a place for ASan-only versions of system libraries.
Change-Id: I5c0cdb89e5e08a1950eb276e406da9f31a6e52dd
This is needed for projects that have known ubsan issues that we can't
fix right away (perhaps because it's an upstream project that we're
diligent about keeping in sync with upsteam).
Also make the normal ubsan use -fno-sanitize-recover=all by default.
Change-Id: I1b0f3309792f32dbd08c18816d7306e76c8d7c30
Enable the following compiler hardening flags:
* -Wl,-z,relro
* -Wl,-z,now
* -fstack-protector
relro / bind_now make the relro region read-only after linking,
preventing certain attacks against ELF data structures.
stack-protector adds stack canaries, which can detect exploits
which overwrite parts of the stack.
Explicitly not added in this change is FORTIFY_SOURCE=2. Adding that
option turns on glibc's warn_unused_result attributes. This generates
a huge number of new compile time warnings, and for the multiple
makefiles which have -Werror in them, turns those warnings into errors.
I'm not able to fix all the errors right away.
Bug: 20558757
Change-Id: I86791177c6695f5325233d9dd9a5dd3ccc2b1a2f
Do not pack relocations for prebuilds unless
LOCAL_PACK_MODULE_RELOCATIONS is true
Bug: http://b/20537715
Bug: http://b/18051137
Change-Id: Iddef3b09741da6ae10d73c98103b868cc7695d38
Add replocation-packer step for dynmic executables.
Enable it by default for arm and arm64 platforms.
Bug: http://b/18051137
Change-Id: I0c88fd31595bcea62a087f219acb9ecf9c80f2e5
Add ability to include dirs to the cts distribtion to enable bundling of shared
libraries on which host-side executables rely.
Bug: 19566396
Change-Id: Id501874244ae98fbfef2aa591885c88dee5b8b02
If a prebuilt APK contains shared libraries and the flag
LOCAL_PAGE_ALIGN_JNI_SHARED_LIBRARIES := true is set, then
uncompress any shared libraries stored within the APK.
This allows processes to load the shared library directly from
the APK.
Bug: 20247329
Bug: 8076853
Bug: 1162500
Change-Id: Iac4db32457d9ce31eb7256410023819b44fda0a6
Some of the ubsan checks expose a few pathological performance cases
in clang, and thus aren't suited to be used in SANITIZE_HOST.
This mode is also supported on the target despite not having the
target runtime libraries for ubsan by generating traps.
Change-Id: I0b0f0a08ca84d72e44e2174a66726b1c5e5cad7e
Ying pointed out in https://android-review.googlesource.com/#/c/147290
that my_sanitize_host would be read as some garbage value for target
builds. Move the configuration later and don't use the local at all.
Change-Id: Id8a095821d000a184e72f950b9481597073a7044
Previously using a sanitizer would imply clang. It should be an error
instead so it's more obvious.
Change-Id: I67c949bfda3718a0d19da7e358b5fde447fce334
* Refactor a few pieces to avoid deeply nested conditionals.
* LOCAL_SANITIZE := never replaces LOCAL_ADDRESS_SANITIZER := false.
Change-Id: I68bb8c5edda6ecd40179c5ba9f18d06e96aaa260
For dex preopt and JNI library extraction, we should remove the
classes.dex and .so files before we sign the APK so that there
isn't an entry in the manifest.
Prebuilt APKs which are pre-signed will simply not have the files
removed. This may cause some system.img bloat, but signature checks make
this necessary.
Bug: 20247329
Change-Id: I4742d1aa3aa64ab5aea2264304cb8c0bea24f784
After fixing the link order here, it seems libunwindbacktrace no
longer works for exception unwinding, but libgcc now does.
Change-Id: Ice79af4b8f234ed6a053ee818b6dec3aa9706c8a
Decouple generation of CFI from the rest of debug symbols.
This makes it possible to generate oat with CFI but without
the rest of debug symbols.
This is in line with intention of the .eh_frame section.
The section does not have the .debug_ prefix because it
is considered somewhat different to the rest of debug symbols.
Change-Id: I32816ecd4f30ac4e0dc69d69a4993e349c737f96
