Commit graph

25956 commits

Author SHA1 Message Date
Elliott Hughes
b9b89e9385 Turn on stack protector for mips.
Go straight to -fstack-protector-strong, since it works to boot the emulator.

Change-Id: Ie44abd869355d2163dec7d9e2635b26b45255df6
2015-12-14 14:15:12 -08:00
Elliott Hughes
02191c97ef Merge "Enable -fstack-protector-strong for x86-64." 2015-12-14 21:45:40 +00:00
Elliott Hughes
19e85a25ee Merge "Be smarter about stack-protector on the host." 2015-12-14 21:41:58 +00:00
Elliott Hughes
505e4ec646 Be smarter about stack-protector on the host.
Some projects are still built with our host GCC 4.8, which doesn't
support -fstack-protector-strong. The combo .mk files are used by
GCC and clang, so it's not safe to turn on -fstack-protector-strong
there. Instead, do it in the clang-specific .mk for now.

We can clean this up when elfutils (the last code built for the host
with GCC that I'm aware of) is built by clang. We'll be able to
remove the host GCC prebuilts too!

Change-Id: I314b9eab071c132a8e2cb8cc779a75ae8abb12e2
2015-12-14 13:20:59 -08:00
Elliott Hughes
7abad39b78 Merge "Enable -fstack-protector-strong for x86." 2015-12-14 21:05:21 +00:00
Elliott Hughes
a4b3d20d28 Merge "Enable -fstack-protector-strong for the host." 2015-12-14 20:31:10 +00:00
Elliott Hughes
5324c3c19f Enable -fstack-protector-strong for x86-64.
This results in nearly all functions with the possibility of stack
corruption getting stack canaries, because it applies to any function
taking a reference to the frame or with a local array rather than just
the functions with arrays larger than 8 bytes. It was developed for use
in Chrome (and Chrome OS) and has also been adopted by various other
distributions (Arch, Fedora, Ubuntu, etc).

The code size increase ranges from ~1.5% to ~2.5%, compared to ~0.3% to
~0.7% with the more conservative switch. The increase in the performance
loss is usually minimal. The overall size increase once everything other
than C and C++ code is taken into account is minimal, and it greatly
improves the mitigation of stack buffer overflow vulnerabilities.

https://lwn.net/Articles/584225/

Change-Id: I3ce7a73c5cf36eba5c74df37367f3d3475b0a4ed
2015-12-14 11:16:20 -08:00
Elliott Hughes
8ebc4d6aab Enable -fstack-protector-strong for x86.
This results in nearly all functions with the possibility of stack
corruption getting stack canaries, because it applies to any function
taking a reference to the frame or with a local array rather than just
the functions with arrays larger than 8 bytes. It was developed for use
in Chrome (and Chrome OS) and has also been adopted by various other
distributions (Arch, Fedora, Ubuntu, etc).

The code size increase ranges from ~1.5% to ~2.5%, compared to ~0.3% to
~0.7% with the more conservative switch. The increase in the performance
loss is usually minimal. The overall size increase once everything other
than C and C++ code is taken into account is minimal, and it greatly
improves the mitigation of stack buffer overflow vulnerabilities.

https://lwn.net/Articles/584225/

Change-Id: I55a9fdbf5777ccdeed9f2e9a23c73bb94ad7b646
2015-12-14 11:15:15 -08:00
Elliott Hughes
ae316d2d59 Enable -fstack-protector-strong for the host.
This results in nearly all functions with the possibility of stack
corruption getting stack canaries, because it applies to any function
taking a reference to the frame or with a local array rather than just
the functions with arrays larger than 8 bytes. It was developed for use
in Chrome (and Chrome OS) and has also been adopted by various other
distributions (Arch, Fedora, Ubuntu, etc).

The code size increase ranges from ~1.5% to ~2.5%, compared to ~0.3% to
~0.7% with the more conservative switch. The increase in the performance
loss is usually minimal. The overall size increase once everything other
than C and C++ code is taken into account is minimal, and it greatly
improves the mitigation of stack buffer overflow vulnerabilities.

https://lwn.net/Articles/584225/

Change-Id: I97a2187cebac64e3b9f22b691d4676b6da083ebd
2015-12-14 11:14:21 -08:00
Stephen Hines
eca3206abb Merge "Revert "Change USE_CLANG_PLATFORM_BUILD default to true."" 2015-12-13 23:06:03 +00:00
Stephen Hines
7a0c88ec3e Revert "Change USE_CLANG_PLATFORM_BUILD default to true."
This reverts commit 3c8036da53.

Change-Id: I930bbebce8396d7c0abd847530640a696d3418e7
2015-12-13 22:58:22 +00:00
Nick Kralevich
154657f0e3 Merge "sepolicy: Fix 'avc denied' issues for the emulators" 2015-12-12 01:07:07 +00:00
Dan Albert
6674573897 Merge "Use lib64 for mips64 as well." 2015-12-12 00:09:16 +00:00
Dan Albert
445bc2fc2d Use lib64 for mips64 as well.
This was previously working because for some reason prebuilts/ndk had
a tangled mess of hand assembled symlinks that pointed lib -> lib64
for the multilib architectures.

Change-Id: I294d67f58f2008b1a53790cf676f5223df449cbc
2015-12-11 15:04:59 -08:00
Dan Willemsen
e223965f0c Merge "Enforce linker version-scripts are valid" 2015-12-11 20:58:03 +00:00
Alex Klyubin
7884a63731 Merge "Make signapk use Conscrypt." 2015-12-11 18:29:36 +00:00
Chih-hung Hsieh
eb486309d8 Merge "Change USE_CLANG_PLATFORM_BUILD default to true." 2015-12-11 16:54:13 +00:00
Alex Klyubin
9667b18f23 Make signapk use Conscrypt.
This makes the signapk tool use Conscrypt (where possible) instead of
the platform-default JCA providers and the Bouncy Castle JCA provider.
This speeds up (by 10-30%) APK and OTA update signing because
Conscrypt's crypto primitives are backed by BoringSSL.

Previously, the signapk tool consisted only of the signapk.jar.
Because Conscrypt is backed by native code, signapk now consists of
signapk.jar and crypto_openjdk_jni shared library. This requires that
users of the tool be updated to provide a suitable -Djava.library.path
argument to the Java runtime. This change updates all known users of
the tool inside the Android source tree to do so.

Bug: 26097626
Change-Id: I8411b37d7f771ed99269751a3007dff103083552
2015-12-11 08:36:42 -08:00
Miroslav Tisma
36a76ec098 sepolicy: Fix 'avc denied' issues for the emulators
This commit fixes the avc denied issues in the emulators:
- goldfish_setup is granted for network access
- netd dontaudit for sys_module
- qemu_prop is granted domain for get_prop

Critical issue was that SELinux denied reading the lcd_density property
by SurfaceFlinger via qemu_prop and this commit fixes it.

Change-Id: I633d96f4d2ee6659f18482a53e21f816abde2a5f
Signed-off-by: Miroslav Tisma <miroslav.tisma@imgtec.com>
2015-12-11 16:21:00 +01:00
Chih-Hung Hsieh
3c8036da53 Change USE_CLANG_PLATFORM_BUILD default to true.
When USE_CLANG_PLATFORM_BUILD is not set, default will be clang/llvm.
USE_CLANG_PLATFORM_BUILD=false can be used to select gcc as default.

BUG: 23163853
BUG: 26102335

Change-Id: I00604c2aef4849e8c3505b2c4002eb1c46cd1fd1
2015-12-10 14:41:55 -08:00
Alex Deymo
6950168f1d Merge "Rename libext2 host libraries to standard suffix." 2015-12-10 22:18:34 +00:00
Mike Frysinger
50f21eb113 Merge "sepolicy: drop -- marker" 2015-12-10 18:27:22 +00:00
Mike Frysinger
db4883ca93 sepolicy: drop -- marker
It's not needed and is a bit confusing.

BUG=26018537

Change-Id: Ibb1c3995de97a442c95d5eea823523b5f0f26393
2015-12-10 18:18:27 +00:00
Alex Deymo
41ac44ed2b Rename libext2 host libraries to standard suffix.
libext2_uuid_host was renamed to libext2_uuid-host to match the
"-host" suffix used in most libraries.

Bug: 24619596
TEST=make dist

Change-Id: Ic5faccb4d5fdbbf3d3bba6f4a35cf99d4961bb54
2015-12-09 18:02:56 -08:00
Dan Albert
0f8bd686e1 Merge "Fix the mips build." 2015-12-10 00:28:25 +00:00
Dan Albert
8dca15f287 Fix the mips build.
The linker can't do --hash-style=gnu for mips.

Change-Id: I66a77067f8be6fc92ca686d3e6e159beb72cf76b
2015-12-09 16:26:20 -08:00
Dan Albert
2ad9079305 Merge "Add support for LOCAL_NDK_STL_VARIANT := none." 2015-12-10 00:17:23 +00:00
Dan Albert
0e2e71dc2e Add support for LOCAL_NDK_STL_VARIANT := none.
Sometimes we don't want any STL.

Change-Id: I08b4389b7882702c0e483a1456f7775fe4da1c75
2015-12-09 15:59:17 -08:00
Dan Albert
30cb36ff5e Merge "Build NDK binaries with --hash-style=both." 2015-12-09 23:41:01 +00:00
Dan Albert
ee629c9ffb Build NDK binaries with --hash-style=both.
Change-Id: I1c3b7415c654b783c6bb7e38a40d4c279826400f
2015-12-09 14:52:25 -08:00
Alex Klyubin
31066abfde Merge "Do not run zipalign when re-signing APKs." 2015-12-08 20:15:11 +00:00
Alex Klyubin
eb756d7b7b Do not run zipalign when re-signing APKs.
Running zipalign is no longer needed because signapk takes care of
alignment.

Bug: 25794543
Change-Id: I1080240a67ea6f1b41585fff83d18d57fdcf44e2
2015-12-08 11:05:13 -08:00
Ying Wang
914a568ba0 Merge "Set -bootclasspath to "" if LOCAL_NO_STANDARD_LIBRARIES"
am: 616b8a5370

* commit '616b8a5370e6ad5cb8519fbe2c00eaa6637da260':
  Set -bootclasspath to "" if LOCAL_NO_STANDARD_LIBRARIES
2015-12-08 17:59:55 +00:00
Ying Wang
616b8a5370 Merge "Set -bootclasspath to "" if LOCAL_NO_STANDARD_LIBRARIES" 2015-12-08 17:56:05 +00:00
Elliott Hughes
fff2841298 Merge "Revert "enable -fstack-protector-strong""
am: 27ab42654e

* commit '27ab42654ebd5ffdc55bb6b727723e6980649ef9':
  Revert "enable -fstack-protector-strong"
2015-12-07 18:58:25 -08:00
Alex Klyubin
fddfc2c604 Merge "Do not run zipalign when building APK (except prebuilts)."
am: b437f58006

* commit 'b437f58006af3d8b15eb3308ab5174da1a7c6c0d':
  Do not run zipalign when building APK (except prebuilts).
2015-12-07 18:58:19 -08:00
Ying Wang
4f0cb0307b Merge "Fix TARGET_ASAN build."
am: 9bbc67b55a

* commit '9bbc67b55ac6876920b3ca5a73673d0a10c3fb52':
  Fix TARGET_ASAN build.
2015-12-07 18:58:12 -08:00
Dimitry Ivanov
973decf35c Merge "Include libGLESv3.so to PRODUCT_PACKAGES"
am: 73661d4220

* commit '73661d4220b85987ee5e5f34a3fc538283c19c34':
  Include libGLESv3.so to PRODUCT_PACKAGES
2015-12-07 18:58:05 -08:00
Elliott Hughes
27ab42654e Merge "Revert "enable -fstack-protector-strong"" 2015-12-08 02:54:01 +00:00
Elliott Hughes
b8c4a6f1f8 Revert "enable -fstack-protector-strong"
This reverts commit 8765b1035f.

This prevents x86 from booting.

http://b/26046864

Change-Id: Ica3f7e7e639c99fd3158df3643acb49307197881
2015-12-08 02:53:51 +00:00
Ying Wang
4f2f19518e Set -bootclasspath to "" if LOCAL_NO_STANDARD_LIBRARIES
Without this if a Java libraryw with LOCAL_NO_STANDARD_LIBRARIES doesn't
have core-libart in its LOCAL_JAVA_LIBRARIES, it would use core-libart
as bootclasspath but without having dependency on it.

Change-Id: I611a5a5df2bf0ad59e0be50ed1ad1afe8b843e90
(cherry-pick from commit c6a301756c)
2015-12-07 18:50:34 -08:00
Alex Klyubin
b437f58006 Merge "Do not run zipalign when building APK (except prebuilts)." 2015-12-07 22:08:14 +00:00
Ying Wang
9bbc67b55a Merge "Fix TARGET_ASAN build." 2015-12-07 19:32:21 +00:00
Dimitry Ivanov
73661d4220 Merge "Include libGLESv3.so to PRODUCT_PACKAGES" 2015-12-07 19:00:58 +00:00
Ying Wang
03b6e8b6c4 Fix TARGET_ASAN build.
Bug: 26044735
Change-Id: I9c6b3b16637ca2d0da4765e896a9f03c1d5dc51c
2015-12-07 10:45:19 -08:00
Nick Kralevich
c5c2e60707 Merge "enable -fstack-protector-strong"
am: 2a49aba35b

* commit '2a49aba35b9b9216df1da245f1af13c6faa5a850':
  enable -fstack-protector-strong
2015-12-05 14:23:57 -08:00
Nick Kralevich
2a49aba35b Merge "enable -fstack-protector-strong" 2015-12-05 22:20:46 +00:00
Daniel Micay
8765b1035f enable -fstack-protector-strong
This results in nearly all functions with the possibility of stack
corruption getting stack canaries, because it applies to any function
taking a reference to the frame or with a local array rather than just
the functions with arrays larger than 8 bytes. It was developed for use
in Chrome (and Chrome OS) and has also been adopted by various other
distributions (Arch, Fedora, Ubuntu, etc).

The code size increase ranges from ~1.5% to ~2.5%, compared to ~0.3% to
~0.7% with the more conservative switch. The increase in the performance
loss is usually minimal. The overall size increase once everything other
than C and C++ code is taken into account is minimal, and it greatly
improves the mitigation of stack buffer overflow vulnerabilities.

https://lwn.net/Articles/584225/

Change-Id: Ie83d381e09d94deb34c5ff142a101ba3d14cf3ba
2015-12-05 01:52:45 -05:00
Ying Wang
fe27825ca5 Merge "Gmake doesn\'t like newline in macro expansion result."
am: c7d5e54dfe

* commit 'c7d5e54dfe71766dc60adcf06e6ec1a2b12cdda9':
  Gmake doesn't like newline in macro expansion result.
2015-12-05 00:53:25 +00:00
Ying Wang
c7d5e54dfe Merge "Gmake doesn't like newline in macro expansion result." 2015-12-05 00:49:46 +00:00