Some projects are still built with our host GCC 4.8, which doesn't
support -fstack-protector-strong. The combo .mk files are used by
GCC and clang, so it's not safe to turn on -fstack-protector-strong
there. Instead, do it in the clang-specific .mk for now.
We can clean this up when elfutils (the last code built for the host
with GCC that I'm aware of) is built by clang. We'll be able to
remove the host GCC prebuilts too!
Change-Id: I314b9eab071c132a8e2cb8cc779a75ae8abb12e2
This results in nearly all functions with the possibility of stack
corruption getting stack canaries, because it applies to any function
taking a reference to the frame or with a local array rather than just
the functions with arrays larger than 8 bytes. It was developed for use
in Chrome (and Chrome OS) and has also been adopted by various other
distributions (Arch, Fedora, Ubuntu, etc).
The code size increase ranges from ~1.5% to ~2.5%, compared to ~0.3% to
~0.7% with the more conservative switch. The increase in the performance
loss is usually minimal. The overall size increase once everything other
than C and C++ code is taken into account is minimal, and it greatly
improves the mitigation of stack buffer overflow vulnerabilities.
https://lwn.net/Articles/584225/
Change-Id: I97a2187cebac64e3b9f22b691d4676b6da083ebd
Currently, if a version script is passed to the linker (using
-Wl,--version-script,...), it is used to limit symbol visibility and
assign symbol versions. But if a symbol is listed in the version script
but is not present in the binary, no error or warning is given.
Pass -Wl,--no-undefined-version to the linker so that it verifies all
(non-wildcard, C) entries in the version script match symbols in the
binary.
Change-Id: I65878931ab61124ae75e2c738cc733adfb107afc
When a shared object is rebuilt, all dependent libraries and
executables are rebuilt. Such rebuild is unnecessary when there
is no interface change. With this patch, .toc files will be
generated for all .so files. The rule which generates .toc files
has ninja's restat=1 and .toc files are not changed ninja won't
rebuild dependent targets.
Performance:
$ m && touch bionic/libc/stdio/stdio.c && time m
Before: 1m03s (2563 targets)
After: 21s (90 targets)
Bug: 24597504
Change-Id: Ia5dd950273d143f4e99eee8bef7478f1a94cd138
The darwin version doesn't have a trailing slash. The common case is to
append a path to it:
$(HOST_TOOLCHAIN_FOR_CLANG)/lib/...
Which means we end up with two slashes.
Change-Id: I74e88924ecfd092c5f7871e188ede0aab29cf65b
Turns out that thanks to 9d59f41776 we actually
build *all* the host libraries both 32- and 64-bit. Rather than fix the
libraries (or fixing things so we don't build stuff we don't need) right now,
let's just put _FILE_OFFSET_BITS and _LARGEFILE_SOURCE back.
Change-Id: I6c2d6a6919d1518f775e0d6c050e2c774994c5bd
Enable the following compiler hardening flags:
* -Wl,-z,relro
* -Wl,-z,now
* -fstack-protector
relro / bind_now make the relro region read-only after linking,
preventing certain attacks against ELF data structures.
stack-protector adds stack canaries, which can detect exploits
which overwrite parts of the stack.
Explicitly not added in this change is FORTIFY_SOURCE=2. Adding that
option turns on glibc's warn_unused_result attributes. This generates
a huge number of new compile time warnings, and for the multiple
makefiles which have -Werror in them, turns those warnings into errors.
I'm not able to fix all the errors right away.
Bug: 20558757
Change-Id: I86791177c6695f5325233d9dd9a5dd3ccc2b1a2f
For ndk docs change, please refer to:
https://android-review.googlesource.com/#/c/110100/
Change-Id: I8428e7a979eb02441066aeeee43ce693d4d0dc8d
Signed-off-by: Alexander Ivchenko <alexander.ivchenko@intel.com>
This patch ensures the build system uses the prebuilt gcc-4.8 toolchain
when building host Linux binaries, instead of the gcc-4.6 one.
Change-Id: I7b449650714ba4314a780827e0243f2af40ec82c
This change basically ported our target multilib to the host side.
It supports 2 host build modes: x86 and x86_64 multilib build.
For now you need to set "BUILD_HOST_64bit=true" to switch to x86_64
multilib build. Later we'll default to x86_64 build and have a flag
to force 32-bit only build, which may be needed by SDK build.
In host module definition, like in target ones, you can use the
following
LOCAL variables to set up multilib configuration:
LOCAL_MULTILIB: can be "both", "first", "32" or "64".
It also supports the same set of arch or 32-vs-64 specific LOCAL
variables.
By default, it builds only for the first arch.
To keep path compatibility, in x86_64 build files are still output to
out/host/linux-x86; Both 32-bit and 64-bit executables are in
out/host/linux-86/bin;
In x86_64 build 32-bit shared libraries are installed to
out/host/linux-x86/lib32
and 64-bit shared libraries are installed to out/host/linux-x86/lib;
32-bit object files are output to out/host/linux-x86/obj32 and 64-bit
object files
are output to out/host/linux-x86/obj.
Bug: 13751317
Change-Id: I6044f83b7db369a33e05209e8c588eb6dc83409f
GCC know a few pre-defined paths (relative to its location) to
search for headers, libraries, program, etc. By default GCC prefixes
its own path(argv[0]) and calls realpath() which result in absolute
path with all symlink, . and .. removed.
It's usually good to have canonicalised paths, but absolute paths
in *.d file can cause unnecessary relinking when stale entries
in ccache cache hit
Add -no-canonical-prefixes (gcc>=4.6) and
-fno-canonical-system-headers (gcc>4.6) to disable realpath() on
prefixed paths
Change-Id: I58d739e61fb013015fb05a9c98b2132b307f915a
This lays the groundwork for making builds hermetic on Darwin as well.
That will be fixed in a future patch.
bug 13435344
Change-Id: Iae82d0b9efad0598d682ff5fd4daa737aa607866
Previously HOST_TOOLCHAIN_PREFIX can't accept toolchain in arch-os-*-gcc
format. Fix it so we can try out new host toolchain, eg.
HOST_TOOLCHAIN_PREFIX=prebuilts/gcc/linux-x86/host/x86_64-linux-glibc2.11-4.6/bin/x86_64-linux- make
Change-Id: Ic1092593036c41d5471e788654fb4e0991dd7e40
Add -Wa,--noexecstack and -Wl,-z,noexecstack as default
flags when compiling host-side applications. This enables
NX protections, which prevent code from executing on the
stack or heap. NX protections make exploiting memory
corruption issues more challenging and is an important
security feature.
Change-Id: Iae580abe887e01f9029ec2a4e0fc0aae496724a4
Make the host and the target x86 build more uniform by using the same machine flags.
Its unlikely Android has ever been built on a machine without SSE3 support.
Bug: 8068608
Change-Id: I19635528b61bf2c6faf02c2e575b1d9bf8025d3a
By default we build tool in 32-bit. This flag allow individual tool and its
dependencies to be built in 64-bit (eg. Emulator). Fixes to resolve 64-bit
porting issues (in other git) will be submitted seperately.
Change-Id: I486cf7ddac727d3c374ed890857d497c3a69e598
While building Android with latest host gcc, it causes the following
build error:
Install: out/host/linux-x86/bin/mkbootimg
host C++: obbtool <= frameworks/base/tools/obbtool/Main.cpp
<command-line>:0:0: error: "_FORTIFY_SOURCE" redefined [-Werror]
<built-in>:0:0: note: this is the location of the previous definition
cc1plus: all warnings being treated as errors
In order to make build system happy, this patch does unset macro
_FORTIFY_SOURCE and then define it in host cflags.
Change-Id: Ic37a90f05081a2c3650b3335bc87e9e895900fb2
This is needed in order to build Linux SDK binaries that can run
properly on Ubuntu 8.04 (Hardy). By default, the host toolchain
on 10.04 (Lucid) generates machine code that won't run on Hardy
due to GLibc ABI mistmatches.
Note that nothing happens if the new toolchain is not in the
prebuilt tree.
Change-Id: I45c1f68e37e15a0032f885df1c5c0f297b3d8642
This detail got lost in my previous cleanup change 9b4a812.
Also add a comment explaining why the host side of the
simulator needs to be built in 64-bit (wxWidgets).
Change-Id: I2a867f7f80b43d53e73348b19f6ae834600295f9
The only OS-ARCH combo that would have benefited from it
is linux-x86, but it explicitly used separate configurations
for the HOST_ and TARGET_ side of things.
This makes is clear which files are related to the HOST_
configuration and which ones are related to the TARGET_
configuration, and expands $(combo_target) to the only
possible/reasonable value that it could have had in every
file.
This also cleans up the simulator, by moving it in a single
place in TARGET_linux_x86 (since the only part that's special
is to use HOST_ settings even when building TARGET_ modules).
Change-Id: I2420eeb8cfe539f5807ec99cb3177ffb9f2476d5
