From 1fa3ac552d3c55204520afad992280461f717228 Mon Sep 17 00:00:00 2001 From: Vishwath Mohan Date: Tue, 31 Oct 2017 02:26:14 -0700 Subject: [PATCH] CFI include/exclude path support (Soong) This CL adds the ability to centrally enable or disable CFI for components using either an environment or product config variable. This is a better, nore manageable option that enabling CFI across each component individually. Bug: 67507323 Test: CFI_INCLUDE_PATHS= system/nfc m -j40 Test: CFI_EXCLUDE_PATHS = frameworks/av m -j40 Change-Id: I38b77946759121aec99ab25f31aaee2e5d993f73 --- android/config.go | 14 ++++++++++++++ android/variable.go | 5 ++++- cc/sanitize.go | 17 ++++++++++++++++- 3 files changed, 34 insertions(+), 2 deletions(-) diff --git a/android/config.go b/android/config.go index e9a8d4218..b73680e6c 100644 --- a/android/config.go +++ b/android/config.go @@ -656,3 +656,17 @@ func (c *config) IntegerOverflowDisabledForPath(path string) bool { } return prefixInList(path, *c.ProductVariables.IntegerOverflowExcludePaths) } + +func (c *config) CFIDisabledForPath(path string) bool { + if c.ProductVariables.CFIExcludePaths == nil { + return false + } + return prefixInList(path, *c.ProductVariables.CFIExcludePaths) +} + +func (c *config) CFIEnabledForPath(path string) bool { + if c.ProductVariables.CFIIncludePaths == nil { + return false + } + return prefixInList(path, *c.ProductVariables.CFIIncludePaths) +} diff --git a/android/variable.go b/android/variable.go index 28841e22d..d89c14687 100644 --- a/android/variable.go +++ b/android/variable.go @@ -153,7 +153,6 @@ type productVariables struct { UseGoma *bool `json:",omitempty"` Debuggable *bool `json:",omitempty"` Eng *bool `json:",omitempty"` - EnableCFI *bool `json:",omitempty"` Device_uses_hwc2 *bool `json:",omitempty"` Treble *bool `json:",omitempty"` Pdk *bool `json:",omitempty"` @@ -162,6 +161,10 @@ type productVariables struct { IntegerOverflowExcludePaths *[]string `json:",omitempty"` + EnableCFI *bool `json:",omitempty"` + CFIExcludePaths *[]string `json:",omitempty"` + CFIIncludePaths *[]string `json:",omitempty"` + VendorPath *string `json:",omitempty"` ClangTidy *bool `json:",omitempty"` diff --git a/cc/sanitize.go b/cc/sanitize.go index aeaaf16fa..70aa41238 100644 --- a/cc/sanitize.go +++ b/cc/sanitize.go @@ -187,7 +187,9 @@ func (sanitize *sanitize) begin(ctx BaseModuleContext) { } if found, globalSanitizers = removeFromList("cfi", globalSanitizers); found && s.Cfi == nil { - s.Cfi = boolPtr(true) + if !ctx.AConfig().CFIDisabledForPath(ctx.ModuleDir()) { + s.Cfi = boolPtr(true) + } } if found, globalSanitizers = removeFromList("integer_overflow", globalSanitizers); found && s.Integer_overflow == nil { @@ -205,11 +207,24 @@ func (sanitize *sanitize) begin(ctx BaseModuleContext) { s.Diag.Integer_overflow = boolPtr(true) } + if found, globalSanitizersDiag = removeFromList("cfi", globalSanitizersDiag); found && + s.Diag.Cfi == nil && Bool(s.Cfi) { + s.Diag.Cfi = boolPtr(true) + } + if len(globalSanitizersDiag) > 0 { ctx.ModuleErrorf("unknown global sanitizer diagnostics option %s", globalSanitizersDiag[0]) } } + // Enable CFI for all components in the include paths + if s.Cfi == nil && ctx.AConfig().CFIEnabledForPath(ctx.ModuleDir()) { + s.Cfi = boolPtr(true) + if inList("cfi", ctx.AConfig().SanitizeDeviceDiag()) { + s.Diag.Cfi = boolPtr(true) + } + } + // CFI needs gold linker, and mips toolchain does not have one. if !ctx.AConfig().EnableCFI() || ctx.Arch().ArchType == android.Mips || ctx.Arch().ArchType == android.Mips64 { s.Cfi = nil