The modules sources have been moved, update the sdk variant whitelist.
Bug: 156286599
Test: m
Exempt-From-Owner-Approval: cherry-pick from internal
Change-Id: Idbd02b17b1c741f1dc20a3742ff57e8469a846c0
Merged-In: Idbd02b17b1c741f1dc20a3742ff57e8469a846c0
Allow modules under art/test to use `sdk_version: "none"`. This is so
that ART run-test module definitions can use the same settings as
Libcore tests:
sdk_version: "none",
system_modules: "core-all-system-modules",
Test: m nothing
Bug: 147814778
Change-Id: Ibb74d6a06a6609be511403c51ca7a02204bf606f
ART tests need to explicitly control the compression.
Bug: 157239179
Test: "atest ArtGtestsTarget" with http://go/aog/1302773
Change-Id: I4490aa0a61fa71f830feb6a46dffd8d20fccfc66
Merged-In: I4490aa0a61fa71f830feb6a46dffd8d20fccfc66
This exposes test func on ValueMatcher and helpers relevant for testing neverallows.
Bug: 153333044
Test: m
Change-Id: Ied07cd33afa537f9d7aa3c33e59f4ac985901a0f
Allow the platform stubs to specify sdk_version: none,
and add generic support for a regexp matcher.
Bug: 144149403
Test: m
Change-Id: Icaece0d9797bace8ae9741f7a029b9ea57fcbbb9
Revert submission 1242911-sdk_version_variant
Reason for revert: b/153394225
Reverted Changes:
Ife99745fb:Use libnativewindow for platform variant of libagq...
I1bae84c43:Use libnativewindow for platform variant of androi...
I6e6021ed3:Use stl to depend on libc++
Ife99745fb:Use libnativewindow for platform variant of libRSS...
I2c9f439b9:Fix static dependency on libprotobuf-cpp-lite-ndk
Iff2aff9cf:Set sdk_version for cc_genrules used by modules wi...
I7d72934aa:Add sdk mutator for native modules
Ief378a007:Use sdk variant of Soong modules when LOCAL_SDK_VE...
Bug: 149591340
Change-Id: I798fa902c779469c6382b6699351e5d12bf14785
Fixes: 153394225
Compiling native modules against the NDK disables platform features
like ASAN. For anything shipped on the system image there is no
reason to compile against the NDK. Add a new mutator to Soong that
creates a platform and an SDK variant for modules that set
sdk_version, and ignore sdk_version for the platform variant. The
SDK variant will be used for embedding in APKs that may be installed
on older platforms. Apexes use their own variants that enforce
backwards compatibility.
Test: sdk_test.go
Test: TestJNIPackaging
Bug: 149591340
Change-Id: I7d72934aaee2e1326cc0ba5f29f51f14feec4521
To build vndk-ext for product variants use `vndk.extends` property
with `product_specific: true` as for the vndk-ext for vendor
variants. For example:
cc_library {
name: "libvndk_ext_product",
product_specific: true,
vndk: {
enabled: true,
extends: "libvndk",
},
}
It will install the vndk-ext libs for product variants in
product/lib[64]/vndk/
Test: m nothing
Bug: 147778025
Change-Id: If1ee5be93c579abad302f44f18e6316f27e70019
Rename the two prefix-in-list funcs so that their usages are clearer.
Also find and replace all the code that essentially does either.
This introduces additional loops in some places, but I think the added
readability and simplicity outweighs the performance degradation, which
should be negligible anyway.
Test: m nothing
Test: TreeHugger
Change-Id: I37e2276ca0c815105ed0031f23c0b1264b480e4f
libhidlbase is now being built without intermediate static libraries.
This requires a different neverallow exception for the
'enforce_vintf_manifest' variable.
Bug: N/A
Test: N/A
Change-Id: I5b7f7fc8eb4ac37d658e60a491c39baa5ac137f8
The modules were moved from developement/build to frameworks/base.
In addition, they no longer uses 'sdk_version:"none"'. Reflect that
change here.
Bug: N/A
Test: m
Exempt-From-Owner-Approval: cherry-pick from internal
Merged-In: I6f69f7cb64a6ed3c2032a116500436eabe562dca
(cherry picked from commit 12cc126760)
Change-Id: I6f69f7cb64a6ed3c2032a116500436eabe562dca
Makes testing individual rules easier by allowing them to be specified
per test rather than having to add them to the global defaults.
Bug: 138428610
Test: m nothing
Change-Id: Ic65a55dee2a02b6d33254753c047295dd5804408
Adds a neverallow InDirectDeps(deps) verb that will allow a neverallow
rule to restrict access to a specific dependency, irrespective of how
it is specified.
Bug: 137543088
Test: m nothing
Change-Id: I0c6bb702d55175e9b78b79e86e96924c5dd83efa
This reverts commit ff3d72f0bf.
Repplies original change now that issue causing build breakage has been
resolved.
Adds a new StartsWith(string) ValueMatcher along with
With[Out]Matcher(...) methods to support new restrictions that prevent
any paths into runtime module repositories from being added to the
include_dirs.
Test: m nothing
Bug: 35624006
Change-Id: I4c802ef25ef56f0f9b0b5e9d75531ea6f7475714
Adds a new StartsWith(string) ValueMatcher along with
With[Out]Matcher(...) methods to support new restrictions that prevent
any paths into runtime module repositories from being added to the
include_dirs.
Test: m nothing
Bug: 35624006
Change-Id: Ib954998e5fc190d8a11a8c6ac5f810cad927aac3
Make it easy to add additional ways of matching property values. Needed
to add support for a 'starts with' matcher that can be used to restrict
allowable values in include_dir.
Test: m nothing
Bug: 35624006
Change-Id: I82e7d95f08847bf294aac311968e1d9f3e4b385d
* Adds a Rule interface to hide the rule struct and expose the mutator
functions.
* Makes the neverallow() function public as NeverAllow().
* Adds AddNeverAllowRules func to add more rules.
* Moves the population of the builtin rules to init() function.
Bug: 136159343
Test: m droid
- changed a built in rule to cause build failure to ensure the
rules were still being applied, then reverted the change and
ran 'm droid' again.
Change-Id: Ie3a4456d1f6bc12c5b4931bf698333275347fdf0
Merged-In: Ie3a4456d1f6bc12c5b4931bf698333275347fdf0
(cherry picked from commit 18af090842)
(cherry picked from commit b1cacba022)
* Adds a Rule interface to hide the rule struct and expose the mutator
functions.
* Makes the neverallow() function public as NeverAllow().
* Adds AddNeverAllowRules func to add more rules.
* Moves the population of the builtin rules to init() function.
Bug: 136159343
Test: m droid
- changed a built in rule to cause build failure to ensure the
rules were still being applied, then reverted the change and
ran 'm droid' again.
Change-Id: Ie3a4456d1f6bc12c5b4931bf698333275347fdf0
Merged-In: Ie3a4456d1f6bc12c5b4931bf698333275347fdf0
Corrects an error message that refers to no_standard_libs.
Removes any tests that use no_standard_libs:true where possible as
there are duplicate tests for sdk_version:"none". Otherwise, switches
them over to use sdk_version:"none".
The androidmk mapping from LOCAL_NO_STANDARD_LIBRARIES to
no_standard_libs has also been removed. There was little point in
updating the tool to map it through to sdk_version:"none" as there are
only a couple of places where it is used, in art's test running mk
targets and in some unbundled packages to work around some limitation
in .mk based build.
Bug: 134566750
Test: m droid
Change-Id: I6413c9b1fe3e63b93753a6a017d2981e32b7e013
Where possible this duplicates any tests that use no_standard_libs:true
with ones that use sdk_version:"none". If not possible (e.g. in the
default targets included in java/testing.go) it switches some to use
sdk_version:"none" to ensure that there is no regression in the
behavior of no_standard_libs:true.
Follow up changes will switch all usages of no_standard_libs:true over
to use sdk_version:"none" at which point no_standard_libs will be
removed.
Bug: 134566750
Test: m droid
Change-Id: I5f0fd3daa980f6b223abe454cba7f25a97a39d7a
The rules that restricted access to core library targets are no longer
required as they have been replaced with visibility rules. The
visibility rules are safer because they check all dependencies whereas
the neverallow rules that have been removed only checked dependencies
in the libs property and so missed dependencies in static_libs and
java_libs properties.
Bug: 112158820
Test: m core-tests
Change-Id: Ibfef74db0769992266ebadf445836d2a183df3f7
Merged-In: Ibfef74db0769992266ebadf445836d2a183df3f7
(cherry picked from commit 8e8c01c382)
The rules that restricted access to core library targets are no longer
required as they have been replaced with visibility rules. The
visibility rules are safer because they check all dependencies whereas
the neverallow rules that have been removed only checked dependencies
in the libs property and so missed dependencies in static_libs and
java_libs properties.
(cherry picked from 8e8c01c382)
Bug: 112158820
Test: m core-tests
Change-Id: I3b50b705b7cd6fcdc55d26cd71b9149b3abd2b88
Merged-In: Ibfef74db0769992266ebadf445836d2a183df3f7
Guava can't compile against a device bootclasspath, it uses methods
that only exist in the host bootclasspath, and then avoids calling
them at runtime.
Bug: 130306229
Test: m checkbuild
Change-Id: I012030cb701c01ea9ff554c1b6156d0242365a4c
Merged-In: I012030cb701c01ea9ff554c1b6156d0242365a4c
Exempt-From-Owner-Approval: cherry pick
(cherry picked from commit b5191a573d)
Guava can't compile against a device bootclasspath, it uses methods
that only exist in the host bootclasspath, and then avoids calling
them at runtime.
Bug: 130306229
Test: m checkbuild
Change-Id: I012030cb701c01ea9ff554c1b6156d0242365a4c
java_device_for_host and java_host_for_device should rarely be
used and could cause problems if used incorrectly, so restrict them
to only the necessary projects through a neverallow whitelist.
Bug: 117920228
Test: neverallow_test.go
Change-Id: I37dce489c2fb8bca71bd46dbabaaa514bf6f7eee
Merged-In: I37dce489c2fb8bca71bd46dbabaaa514bf6f7eee
java_device_for_host and java_host_for_device should rarely be
used and could cause problems if used incorrectly, so restrict them
to only the necessary projects through a neverallow whitelist.
Bug: 117920228
Test: neverallow_test.go
Change-Id: I37dce489c2fb8bca71bd46dbabaaa514bf6f7eee
Add soong build restrictions for libcore targets to stop
other targets depending on internals.
Test: cd build/soong/; ./build_test.bash --products aosp_arm
Bug: 113148576
Change-Id: I2c15924fbecaf0c2076d08de65814a6dcb790e73
