Commit graph

274 commits

Author SHA1 Message Date
Mitch Phillips
5007c4a06d Revert "[cc_fuzz] Revert 'disable LTO' patches."
Revert submission 1976512-revert-nolto-fuzzing

Reason for revert: b/222160662
Reverted Changes:
Iacee4fa29:[cc_fuzz] Revert 'disable LTO' patches.
Ic509b00a1:[cc_fuzz] Revert 'disable LTO' patches.
If85931f09:[cc_fuzz] Revert 'disable LTO' patches.

Change-Id: I84e01a4f84145e3331c2955836c8cc9bfa05c36b
2022-03-02 01:25:22 +00:00
Mitch Phillips
7fbac74dc9 [cc_fuzz] Revert 'disable LTO' patches.
The toolchain no longer has a problem with sancov + LTO.

Bug: 131771163
Test: make haiku
Change-Id: If85931f092c41336a8a5e0e7999ad39dd8ec3daf
2022-02-08 10:51:35 -08:00
Florian Mayer
fd337b3963 Revert "Reland "Enable hwasan use after scope detection.""
This reverts commit 0edaddf2ce.

Reason for revert: b/http://b/214007768

Change-Id: I60a2e3a5386601992fcb5632c142dd28bdb611b2
2022-01-27 03:31:28 +00:00
Florian Mayer
0edaddf2ce Reland "Enable hwasan use after scope detection."
This reverts commit 77d0035a07.

Reason for revert: Fixing broken test in topic.

Change-Id: Ia09b6768e725af025522a25ad1289e9380b6bbbd
2022-01-20 19:34:36 +00:00
Evgenii Stepanov
4f41536076 Revert "Disable ubsan diagnostics under HWASan."
The original problem has been fixed in LLVM:
https://reviews.llvm.org/rG78f7e6d8d7956cb96d0fa0fd606192ca0218eee1

Bug: 191808836
Bug: 209991446
Test: m net_test_btm_iso with SANITIZE_TARGET=hwaddress

This reverts commit b15a564869.

Change-Id: Ie99a9a204e0a3f7c3ddf3efd74ac7f19db90215a
2021-12-21 16:31:31 -08:00
Pirama Arumuga Nainar
7448392895 [cc/sanitize] Re-enable new pass manager for fuzzer targets
Bug: http://b/133876586

This was turned off but the upstream change fixing this has been long
part of the Android toolchain.

Test: Output of
  m aidl_parser_fuzzer; readelf aidl_parser_fuzzer | grep -c sancov
hasn't changed.

Change-Id: Id7edd7ac5791b0e031fd4af46381acdbb1b80d47
2021-12-01 20:47:52 -08:00
Ivan Lozano
94e8a651fa Merge changes I26198187,Ia904d07b
* changes:
  rust: Support MTE memtag_heap sanitizer
  rust: Support global sanitizers
2021-11-12 19:26:04 +00:00
Ivan Lozano
62cd0388eb rust: Support MTE memtag_heap sanitizer
This CL adds support for the MTE memtag_heap sanitizer. This is
controlled via inclusion of an ELF note.

Bug: 170672854
Test: Heap MTE-enabled Rust test binary triggers MTE
Change-Id: I2619818785e86a94667d02b30d102c83456b7925
2021-11-04 10:51:54 -04:00
Yi Kong
286abc6f17 Pass HWASan workarounds cflags to linker as well
ThinLTO shifts codegen to linking stage. Need to pass the same set of
workaround flags to linker.

Test: m GLOBAL_THINLTO=true; adb shell incident_helper
Bug: 159343917
Bug: 204746309
Change-Id: I1e42bb043d6a86d880054b85e8831386ae4ea7e5
2021-11-04 20:19:57 +08:00
Ivan Lozano
5482d6a991 rust: Support global sanitizers
This CL adds Rust support for the SANITIZE_TARGET options.

This CL includes a couple small fixes to related to HWASAN, ASAN,
ensuring that the Never sanitize property is respected. Notably,
additional llvm-args are passed to ensure that HWASAN-ified Rust/C
interop works correctly.

Bug: 170672854
Bug: 204915322
Test: SANITIZE_TARGET globally applies hwasan to Rust targets
Change-Id: Ia904d07b4618f72cdc95c51f88961905c240ac53
2021-11-03 12:29:01 -04:00
Pirama Arumuga Nainar
582fc2d1dd [cc] Switch to -fsanitize-ignorelist
Upstream added this flag to replace -fsanitize-blacklist.

Test: presubmit
Change-Id: Iad6a1ac47b3a5693ed2107f491cbb36ac9f630ff
2021-08-27 15:12:56 -07:00
Florian Mayer
7c02c0883a Use new pass manager for HWASan builds.
Now that we have rolled to a sufficiently new clang, HWASan also works
with the new pass manager.

Bug: 135298400
Test: introduce memory safety bug and verify HWASan gets triggered.
Change-Id: I497ca6542971569cbcad949780e4c7df5b0bfb44
2021-08-20 10:07:20 +01:00
Elvis Chien
9c99354465 Allow PRODUCT_CFI_INCLUDE_PATHS to work with blueprints also
but disable it for host modules like how it's done for Android.mk

Bug:
179233410

Test:
m -j32

Change-Id: I246cd9163e06997a2b50cd25688370690c8929af
2021-08-04 18:07:51 +08:00
Colin Cross
528d67e523 Reland "Split the x86 host toolchain into glibc and musl variants"
Split the x86 host toolchain into glibc and musl variants

Create new musl toolchains that are based on the existing glibc
toolchains, and add the necessary flags for musl compiles.

This relands Ifc02f9e5afa61ff758be98b0c962f3a4b53d0546 with changes
for I46672e3a096b6ea94ff4c10e1c31e8fd010a163c.

Bug: 190084016
Change-Id: Iaa9f7a50ff601155ecd73acc5701a2c226be66dc
Test: TestArchMutator
2021-07-23 22:25:36 +00:00
Colin Cross
5d6904e1cf Revert "Split the x86 host toolchain into glibc and musl variants"
This reverts commit 4fb4ef2242.

Reason for revert: crossed with aosp/1775072

Change-Id: Ied922850b810d82627ba4f9ee42f672cfe286c91
2021-07-23 22:20:29 +00:00
Colin Cross
4fb4ef2242 Split the x86 host toolchain into glibc and musl variants
Create new musl toolchains that are based on the existing glibc
toolchains, and add the necessary flags for musl compiles.

Bug: 190084016
Test: TestArchMutator
Change-Id: Ifc02f9e5afa61ff758be98b0c962f3a4b53d0546
2021-07-23 08:57:17 -07:00
Colin Cross
b8d69871a8 Merge "Remove Fuchsia support from Soong" 2021-07-23 14:54:49 +00:00
Colin Cross
cb0ac95bde Remove Fuchsia support from Soong
Bug: 194215932
Test: m checkbuild
Change-Id: Id7d3964d9417f8b0938af9b168bb4c00cebe9390
2021-07-21 20:37:46 -07:00
Kiyoung Kim
48f3778cb4 Separate snapshot definition
Current snapshot definition is located in the CC module, so it is
difficult to capture non-CC module (such as prebuilt_etc) to the
snapshot. Separate general snapshot definition from cc so other modules
can also define its own snapshot.

Bug: 192430376
Test: m nothing passed
Change-Id: Ifb69fb3d2ec555b629aa31ec03e7ce5831fd3063
2021-07-19 11:42:32 +09:00
Liz Kammer
75db931843 Iterate over sanitizers
Test: go test soong tests
Change-Id: If89b7d0b04cad79b42a08504d4fcff36e914b7a4
2021-07-08 11:19:15 -04:00
Liz Kammer
7b920b4057 Update memtag code behavior to match comment.
Test: go test soong tests
Change-Id: I630c06f01c90256b1990c37b9236e8967a5fa316
2021-07-08 11:19:15 -04:00
Liz Kammer
75b9b40a56 Add comments to sanitizer properties.
Test: n/a
Change-Id: If71bb4683a4ae969670235c51b3f1b3af2073f91
2021-07-08 11:19:12 -04:00
Liz Kammer
187d5445e8 Remove IsDependencyRoot from interface
This is equivalent to Binary() -- reduce the interface and improve
clarity.

Test: go test soong tests
Change-Id: I770f5ce79fd4d888586d31ec5e67be88153626b6
2021-07-07 16:29:09 -04:00
Liz Kammer
b2fc4700de Delete local boolPtr function
This is defined in proptools, no need to duplicate.

Test: go test soong tests
Change-Id: I32d4417dc4ae73bff98f36360ed22aed572d8c18
2021-07-07 16:29:09 -04:00
Liz Kammer
3b606c8218 Delete unused functions
As they're unused, also removing them from the interface.

Test: go test soong tests
Change-Id: I76e7cbca12876395d8d7eaae4481c5e0d1350d76
2021-06-28 12:29:30 -04:00
Evgenii Stepanov
b15a564869 Disable ubsan diagnostics under HWASan.
This is a workaround for a compiler bug that makes this combination
extremely slow to build.

Bug: 191808836
Test: m net_test_btm_iso with SANITIZE_TARGET=hwaddress
Change-Id: Ide7436bbc564413cb2f29355ada5286976607205
2021-06-23 12:57:46 -07:00
Ivan Lozano
d67a6b0a88 Export cc vendor functions for usage by rust.
This CL exports and refactors some cc vendor-snapshot related functions
so they can be reused by rust modules to support vendor snapshotting.

Bug: 184042776
Test: m nothing
Change-Id: I12706e62ce0ac3b2b4298085fafc1d77b8e0a0c4
2021-06-03 08:31:55 -04:00
Colin Cross
48a2d110b3 Merge "Don't propagate ASAN through shared library dependencies" 2021-05-18 19:20:34 +00:00
Colin Cross
af98f58242 Don't propagate ASAN through shared library dependencies
Propagating enabling ASAN through shared library dependencies
doesn't make much sense, because only the non-ASAN variant is exposed
to Make, leading to an non-installed dependency.

Bug: 186487510
Test: TestAsan
Change-Id: I7d3f20f2d10beac09c66c6b6dcb7a34a513ff3b8
2021-05-13 18:02:57 -07:00
Ivan Lozano
d7586b6526 Refactor vendor snapshot to use LinkableInterface.
Refactors the vendor snapshot support to use the LinkableInterface
so that support can be extended to Rust. This CL does not add
vendor snapshot support for Rust; that is left for a follow-on CL.

Bug: 184042776
Test: m nothing
Change-Id: Id0c4970ca00053484a52677d182153cbc454c301
2021-05-12 14:01:10 -04:00
Tri Vo
eed4716def Merge changes I46e851c8,I2c9eb248
* changes:
  rust: Add HWASan build support
  Export CC HWASan sanitizer type
2021-04-09 22:31:09 +00:00
Tri Vo
6eafc36e60 Export CC HWASan sanitizer type
We need this so that HWASan sanitizer mutator in CC can sanitize Rust.

Bug: 180495975
Test: m nothing
Change-Id: I2c9eb248df4e55a33f5d45083e91588f4c8e3e94
2021-04-08 14:24:06 -07:00
Inseob Kim
253f521dbc Redirect memtag libraries to snapshot
memtag sanitizer libraries are vendor available and can be captured as
snapshots. This change adds a redirection logic for memtag libraries.

This is just a workaround, just like other SnapshotInfoProvider calls.
In the future we need to refactor these codes. So TODO is added to
remind refactoring.

Bug: 178470649
Test: soong test
Change-Id: Id77f1ce94255b56a68f3e1d7446a68189c45ac54
2021-04-08 17:10:31 +09:00
Colin Cross
32f1de3327 Append ".static" to ubsan runtime for static binaries
Bug: 183611452
Test: m BUILD_HOST_static=1 tinyplay2
Change-Id: I8d8ef762781f0583c8b9337ce5876c7d3140f665
2021-03-29 16:47:56 -07:00
Cindy Zhou
34d300ba76 Merge "Enable cfi for 32bit arch" 2021-03-12 12:41:39 +00:00
Cindy Zhou
e0c14678d4 Enable cfi for 32bit arch
Enabling cfi for 32-bit arch; b/35157333 seems to have been resolved in b/67507331.

Bug: 158010610

Test: manual interaction with Wimbley device: youtube video, chrome
navigations, gmail
MPTS testing on Sargo
Change-Id: I9eb034deed9938710f0f7b690fa57108d9bc5669

Change-Id: I434748ede352f998e64a6639de6ba162762ee7f0
2021-03-10 17:14:02 -08:00
Colin Cross
e0edaf9d49 Remove some global state from vendor and recovery snapshots
Snapshots storead global sets of modules that should be replaced with
vendor snapshot modules.  Move the data instead to a vendor_snapshot
or recovery_snapshot module type that depends on all the modules in
the snapshot, and then have modules that should use the snaphsot
depend on it to query for the set of modules that should be replaced.

Bug: 177098205
Test: vendor_snapshot_test.go
Change-Id: I2826adacfb473e9139b5ea93ba83b8a54cc1a56b
2021-02-01 20:02:39 +09:00
Evgenii Stepanov
04896cae35 Support memtag_heap in SANITIZE_TARGET_DIAG, fix cc_test interation.
cc_test without sanitize:memtag_heap acts as if it has implicit
sanitize{memtag_heap:true, diag:{memtag_heap:true}}. This is unaffected
by SANITIZE_TARGET.

Refactor the test to cover all permutations.

Change memtag include lists to act similar to SANITIZE_TARGET_DIAG: the
the sync include list upgrades async targets to sync, unless diag is
explicitly set to false in the target definition.

Bug: b/135772972
Test: cc_test.go

Change-Id: I6a969f2f5804cd5f47fc4e93a20e3b99ea5fa111
2021-01-20 22:27:45 +00:00
Evgenii Stepanov
4beaa0c964 Include/exclude lists for memtag_heap sanitizer.
Bug: b/135772972
Test: cc_test.go / TestSanitizeMemtagHeap
Change-Id: I263b23647f1874ae3024101dce1b07091c1c9403
2021-01-11 17:50:07 -08:00
Evgenii Stepanov
193ac2eb96 Support "memtag_heap" sanitizer.
Memtag_heap adds an ELF note that enables MTE heap tagging in
bionic/scudo. Ignored on non-executables. With diagnostic
(diag:{memtag_heap:true}) enables the SYNC mode, otherwise - ASYNC mode.

Memtag_heap defaults to set (with diag) on cc_test targets, unset
otherwise. Ignored on non MTE-compatible hardware.

Bug: b/135772972
Test: soong tests

Change-Id: I88fd0f159e609e17bd13487749980a1ba02cb91c
2021-01-11 21:50:39 +00:00
Ivan Lozano
3968d8f678 Refactor CC to prep for Rust sanitizable modules.
Adds a PlatformSanitizable interface which both CC and Rust can
implement so that the sanitizer mutators in CC can sanitize Rust
shared/static libraries appropriately.

Bug: 147140513
Test: m nothing
Change-Id: Ib31103b6c4902a4d5df2565c0d7c981298d100a3
2021-01-08 08:53:46 -05:00
Yabin Cui
db7dda89f3 Switch to clang-r407598 (12.0.1).
Also suppress a clang-tidy warning and a ubsan check to pass compilation.

Bug: 171348143
Test: build.
Change-Id: Ie5162c15df172cefd7cff9776e54531fd620bc23
2021-01-05 19:43:45 -08:00
Cindy Zhou
18417cbd72 Skip apex dep check when sanitizer diag is enabled
To avoid adding ubsan to the apex allowed_dep list, this commit adds a
check on depedency tags to see if apex check should be skipped.
The check is only used on sharedLib dependencies when diag mode are enabled
for sanitizers.

Bug: 158010610

Test: make build for aosp-sargo and aosp_cf_x86_phone-userdebug

Change-Id: I3d7dbb70d8c80ffae1854819cf8cf9e6b0b15c00
2020-12-29 14:48:37 +00:00
Colin Cross
127bb8b9f6 Don't rewrite LLNDK dependencies with .llndk suffix
Rewriting LLNDK dependencies with .llndk suffix requries referencing
a global data structure to determine if a given library is an LLNDK
library and therefore needs the .llndk suffix.  References to
global data structures from mutators must be removed to support
incremental Soong analysis.  Instead, move the LLNDK stubs rules
into the vendor variant of the implementing cc_library so that
the original name can be used.

As an incremental step, the llndk_library modules are left in
place, and the properties are copied into the cc_library via
the dependency specified by the llndk_stub property.  A followup
will move the LLNDK properties directly into the cc_library and
delete the llndk_library modules.

The global list of LLNDK libraries is kept for now as it is used
to generate the vndk.libraries.txt file.

Bug: 170784825
Test: m checkbuild
Test: compare Soong outputs
Test: all Soong tests
Change-Id: I2a942b21c162541a49e27b2e5833c9aebccff1d0
2020-12-21 17:53:30 -08:00
Cindy Zhou
d3fe49289d Add arch_variant support for diag
Allow for different arch to specify sanitizer options.

Bug: 158010610
Test: Compiles with build options
Change-Id: I4db72f682e920e3c1a6d55473f316e56567636e6
2020-12-01 11:26:39 -08:00
Cindy Zhou
8cd45dea53 Add CFI support for assembly heavy libraries
This commit adds an new option to the sanitizer build config to enable CFI with the
"-fno-sanitize-cfi-canonical-jump-tables" flag in order to provide more
support for assembly heavy libraries.

Bug: 158010610
Test: Compile with option enabled in libaom and libvpx
Change-Id: I7d0d3ed6ff876582043fd72b687757426e3dc5aa
2020-11-18 17:32:54 -08:00
Jose Galmes
f729458e69 Support for recovery snapshot.
Bug: 171231437
Test: source build/envsetup.sh
Test: ALLOW_MISSING_DEPENDENCIES=true m -j nothing

Change-Id: I6b35fbb0b90ffffa941ea108cbd31a454b2dd403
2020-11-16 17:09:36 -08:00
Yifan Hong
60e0cfb5cb Add vendor-ramdisk image to Soong.
Add vendor_ramdisk_available and vendor_ramdisk attribute to
various rules. When a vendor_ramdisk variant of a module is
generated, it is installed to $OUT/vendor-ramdisk.

It is similar to a ramdisk image.
Test: m nothing -j

Change-Id: Ib2d16459f3094dbe21c3bdb7c016cb4b2bf62765
2020-10-22 10:26:26 -07:00
Colin Cross
e7257d2019 Add version dependencies to sanitizer runtime dependencies
The hwasan runtime has stubs, make the function to add all version
variants of a shared library available to the sanitizer mutator.

Test: m checkbuild
Change-Id: Ie4124022140f8520834d7bf7b59f0499cd381083
2020-09-30 21:17:59 +00:00
Martin Stjernholm
b024957791 Propagate all sanitizer flags in SDK snapshots.
liblog snapshot needs to sanitizer.address=false to avoid cycle in asan
builds. Adding that separately in library_sdk_member.go would start to
feel like whack-a-mole, so the snapshot generation is instead extended
to handle nested property structs.

This uses the BpPropertySet.AddProperty extension in
https://r.android.com/1423510, and common value optimisation now
recurses into non-anonymous structs, instead of comparing them as a
whole.

Test: m nothing
Test: `m SANITIZE_TARGET=address nothing` with prebuilts/runtime
  present in the manifest and a fresh snapshot made with this
Bug: 151303681
Change-Id: I472554117a488e6c800045cb2ed59377778571a4
2020-09-25 00:33:04 +01:00