bfeade6424
- Updates the fuzzer builds to use SANITIZE_TARGET='fuzzer' instead of 'coverage'. - Removed an old dependency that made fuzzer builds without ASan an error. - Fixed up the build flags to allow fuzzers to be built. Previously, the coverage flags were manually provided. As the toolchain has moved on, these flags are no longer compatible with libFuzzer, and so I've updated them to use the correct, compatible flags. - Added a dependency mutator for fuzzer coverage. Bug: 121042685 Test: With all patches in the bug merged, build a fuzzer using 'SANITIZE_TARGET=fuzzer mmma <your_fuzzer>'. Change-Id: Ib6246980f77bc4babe587b1e88038aa12228fa83 Merged-In: Ib6246980f77bc4babe587b1e88038aa12228fa83
1054 lines
35 KiB
Go
1054 lines
35 KiB
Go
// Copyright 2016 Google Inc. All rights reserved.
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package cc
|
|
|
|
import (
|
|
"fmt"
|
|
"sort"
|
|
"strings"
|
|
"sync"
|
|
|
|
"github.com/google/blueprint"
|
|
|
|
"android/soong/android"
|
|
"android/soong/cc/config"
|
|
)
|
|
|
|
var (
|
|
// Any C flags added by sanitizer which libTooling tools may not
|
|
// understand also need to be added to ClangLibToolingUnknownCflags in
|
|
// cc/config/clang.go
|
|
|
|
asanCflags = []string{"-fno-omit-frame-pointer"}
|
|
asanLdflags = []string{"-Wl,-u,__asan_preinit"}
|
|
asanLibs = []string{"libasan"}
|
|
|
|
// TODO(pcc): Stop passing -hwasan-allow-ifunc here once it has been made
|
|
// the default.
|
|
hwasanCflags = []string{"-fno-omit-frame-pointer", "-Wno-frame-larger-than=",
|
|
"-mllvm", "-hwasan-create-frame-descriptions=0",
|
|
"-mllvm", "-hwasan-allow-ifunc",
|
|
"-fsanitize-hwaddress-abi=platform"}
|
|
|
|
cfiCflags = []string{"-flto", "-fsanitize-cfi-cross-dso",
|
|
"-fsanitize-blacklist=external/compiler-rt/lib/cfi/cfi_blacklist.txt"}
|
|
// -flto and -fvisibility are required by clang when -fsanitize=cfi is
|
|
// used, but have no effect on assembly files
|
|
cfiAsflags = []string{"-flto", "-fvisibility=default"}
|
|
cfiLdflags = []string{"-flto", "-fsanitize-cfi-cross-dso", "-fsanitize=cfi",
|
|
"-Wl,-plugin-opt,O1"}
|
|
cfiExportsMapPath = "build/soong/cc/config/cfi_exports.map"
|
|
cfiStaticLibsMutex sync.Mutex
|
|
hwasanStaticLibsMutex sync.Mutex
|
|
|
|
intOverflowCflags = []string{"-fsanitize-blacklist=build/soong/cc/config/integer_overflow_blacklist.txt"}
|
|
|
|
minimalRuntimeFlags = []string{"-fsanitize-minimal-runtime", "-fno-sanitize-trap=integer,undefined",
|
|
"-fno-sanitize-recover=integer,undefined"}
|
|
hwasanGlobalOptions = []string{"heap_history_size=1023,stack_history_size=512"}
|
|
)
|
|
|
|
type sanitizerType int
|
|
|
|
func boolPtr(v bool) *bool {
|
|
if v {
|
|
return &v
|
|
} else {
|
|
return nil
|
|
}
|
|
}
|
|
|
|
const (
|
|
asan sanitizerType = iota + 1
|
|
hwasan
|
|
tsan
|
|
intOverflow
|
|
cfi
|
|
scs
|
|
fuzzer
|
|
)
|
|
|
|
// Name of the sanitizer variation for this sanitizer type
|
|
func (t sanitizerType) variationName() string {
|
|
switch t {
|
|
case asan:
|
|
return "asan"
|
|
case hwasan:
|
|
return "hwasan"
|
|
case tsan:
|
|
return "tsan"
|
|
case intOverflow:
|
|
return "intOverflow"
|
|
case cfi:
|
|
return "cfi"
|
|
case scs:
|
|
return "scs"
|
|
case fuzzer:
|
|
return "fuzzer"
|
|
default:
|
|
panic(fmt.Errorf("unknown sanitizerType %d", t))
|
|
}
|
|
}
|
|
|
|
// This is the sanitizer names in SANITIZE_[TARGET|HOST]
|
|
func (t sanitizerType) name() string {
|
|
switch t {
|
|
case asan:
|
|
return "address"
|
|
case hwasan:
|
|
return "hwaddress"
|
|
case tsan:
|
|
return "thread"
|
|
case intOverflow:
|
|
return "integer_overflow"
|
|
case cfi:
|
|
return "cfi"
|
|
case scs:
|
|
return "shadow-call-stack"
|
|
case fuzzer:
|
|
return "fuzzer"
|
|
default:
|
|
panic(fmt.Errorf("unknown sanitizerType %d", t))
|
|
}
|
|
}
|
|
|
|
type SanitizeProperties struct {
|
|
// enable AddressSanitizer, ThreadSanitizer, or UndefinedBehaviorSanitizer
|
|
Sanitize struct {
|
|
Never *bool `android:"arch_variant"`
|
|
|
|
// main sanitizers
|
|
Address *bool `android:"arch_variant"`
|
|
Thread *bool `android:"arch_variant"`
|
|
Hwaddress *bool `android:"arch_variant"`
|
|
|
|
// local sanitizers
|
|
Undefined *bool `android:"arch_variant"`
|
|
All_undefined *bool `android:"arch_variant"`
|
|
Misc_undefined []string `android:"arch_variant"`
|
|
Fuzzer *bool `android:"arch_variant"`
|
|
Safestack *bool `android:"arch_variant"`
|
|
Cfi *bool `android:"arch_variant"`
|
|
Integer_overflow *bool `android:"arch_variant"`
|
|
Scudo *bool `android:"arch_variant"`
|
|
Scs *bool `android:"arch_variant"`
|
|
|
|
// Sanitizers to run in the diagnostic mode (as opposed to the release mode).
|
|
// Replaces abort() on error with a human-readable error message.
|
|
// Address and Thread sanitizers always run in diagnostic mode.
|
|
Diag struct {
|
|
Undefined *bool `android:"arch_variant"`
|
|
Cfi *bool `android:"arch_variant"`
|
|
Integer_overflow *bool `android:"arch_variant"`
|
|
Misc_undefined []string `android:"arch_variant"`
|
|
No_recover []string
|
|
}
|
|
|
|
// value to pass to -fsanitize-recover=
|
|
Recover []string
|
|
|
|
// value to pass to -fsanitize-blacklist
|
|
Blacklist *string
|
|
} `android:"arch_variant"`
|
|
|
|
SanitizerEnabled bool `blueprint:"mutated"`
|
|
SanitizeDep bool `blueprint:"mutated"`
|
|
MinimalRuntimeDep bool `blueprint:"mutated"`
|
|
UbsanRuntimeDep bool `blueprint:"mutated"`
|
|
InSanitizerDir bool `blueprint:"mutated"`
|
|
Sanitizers []string `blueprint:"mutated"`
|
|
DiagSanitizers []string `blueprint:"mutated"`
|
|
}
|
|
|
|
type sanitize struct {
|
|
Properties SanitizeProperties
|
|
}
|
|
|
|
func init() {
|
|
android.RegisterMakeVarsProvider(pctx, cfiMakeVarsProvider)
|
|
android.RegisterMakeVarsProvider(pctx, hwasanMakeVarsProvider)
|
|
}
|
|
|
|
func (sanitize *sanitize) props() []interface{} {
|
|
return []interface{}{&sanitize.Properties}
|
|
}
|
|
|
|
func (sanitize *sanitize) begin(ctx BaseModuleContext) {
|
|
s := &sanitize.Properties.Sanitize
|
|
|
|
// Don't apply sanitizers to NDK code.
|
|
if ctx.useSdk() {
|
|
s.Never = BoolPtr(true)
|
|
}
|
|
|
|
// Sanitizers do not work on Fuchsia yet.
|
|
if ctx.Fuchsia() {
|
|
s.Never = BoolPtr(true)
|
|
}
|
|
|
|
// Never always wins.
|
|
if Bool(s.Never) {
|
|
return
|
|
}
|
|
|
|
var globalSanitizers []string
|
|
var globalSanitizersDiag []string
|
|
|
|
if ctx.Host() {
|
|
if !ctx.Windows() {
|
|
globalSanitizers = ctx.Config().SanitizeHost()
|
|
}
|
|
} else {
|
|
arches := ctx.Config().SanitizeDeviceArch()
|
|
if len(arches) == 0 || inList(ctx.Arch().ArchType.Name, arches) {
|
|
globalSanitizers = ctx.Config().SanitizeDevice()
|
|
globalSanitizersDiag = ctx.Config().SanitizeDeviceDiag()
|
|
}
|
|
}
|
|
|
|
if len(globalSanitizers) > 0 {
|
|
var found bool
|
|
if found, globalSanitizers = removeFromList("undefined", globalSanitizers); found && s.All_undefined == nil {
|
|
s.All_undefined = boolPtr(true)
|
|
}
|
|
|
|
if found, globalSanitizers = removeFromList("default-ub", globalSanitizers); found && s.Undefined == nil {
|
|
s.Undefined = boolPtr(true)
|
|
}
|
|
|
|
if found, globalSanitizers = removeFromList("address", globalSanitizers); found && s.Address == nil {
|
|
s.Address = boolPtr(true)
|
|
}
|
|
|
|
if found, globalSanitizers = removeFromList("thread", globalSanitizers); found && s.Thread == nil {
|
|
s.Thread = boolPtr(true)
|
|
}
|
|
|
|
if found, globalSanitizers = removeFromList("fuzzer", globalSanitizers); found && s.Fuzzer == nil {
|
|
s.Fuzzer = boolPtr(true)
|
|
}
|
|
|
|
if found, globalSanitizers = removeFromList("safe-stack", globalSanitizers); found && s.Safestack == nil {
|
|
s.Safestack = boolPtr(true)
|
|
}
|
|
|
|
if found, globalSanitizers = removeFromList("cfi", globalSanitizers); found && s.Cfi == nil {
|
|
if !ctx.Config().CFIDisabledForPath(ctx.ModuleDir()) {
|
|
s.Cfi = boolPtr(true)
|
|
}
|
|
}
|
|
|
|
// Global integer_overflow builds do not support static libraries.
|
|
if found, globalSanitizers = removeFromList("integer_overflow", globalSanitizers); found && s.Integer_overflow == nil {
|
|
if !ctx.Config().IntegerOverflowDisabledForPath(ctx.ModuleDir()) && !ctx.static() {
|
|
s.Integer_overflow = boolPtr(true)
|
|
}
|
|
}
|
|
|
|
if found, globalSanitizers = removeFromList("scudo", globalSanitizers); found && s.Scudo == nil {
|
|
s.Scudo = boolPtr(true)
|
|
}
|
|
|
|
if found, globalSanitizers = removeFromList("hwaddress", globalSanitizers); found && s.Hwaddress == nil {
|
|
s.Hwaddress = boolPtr(true)
|
|
}
|
|
|
|
if len(globalSanitizers) > 0 {
|
|
ctx.ModuleErrorf("unknown global sanitizer option %s", globalSanitizers[0])
|
|
}
|
|
|
|
// Global integer_overflow builds do not support static library diagnostics.
|
|
if found, globalSanitizersDiag = removeFromList("integer_overflow", globalSanitizersDiag); found &&
|
|
s.Diag.Integer_overflow == nil && Bool(s.Integer_overflow) && !ctx.static() {
|
|
s.Diag.Integer_overflow = boolPtr(true)
|
|
}
|
|
|
|
if found, globalSanitizersDiag = removeFromList("cfi", globalSanitizersDiag); found &&
|
|
s.Diag.Cfi == nil && Bool(s.Cfi) {
|
|
s.Diag.Cfi = boolPtr(true)
|
|
}
|
|
|
|
if len(globalSanitizersDiag) > 0 {
|
|
ctx.ModuleErrorf("unknown global sanitizer diagnostics option %s", globalSanitizersDiag[0])
|
|
}
|
|
}
|
|
|
|
// Enable CFI for all components in the include paths (for Aarch64 only)
|
|
if s.Cfi == nil && ctx.Config().CFIEnabledForPath(ctx.ModuleDir()) && ctx.Arch().ArchType == android.Arm64 {
|
|
s.Cfi = boolPtr(true)
|
|
if inList("cfi", ctx.Config().SanitizeDeviceDiag()) {
|
|
s.Diag.Cfi = boolPtr(true)
|
|
}
|
|
}
|
|
|
|
// CFI needs gold linker, and mips toolchain does not have one.
|
|
if !ctx.Config().EnableCFI() || ctx.Arch().ArchType == android.Mips || ctx.Arch().ArchType == android.Mips64 {
|
|
s.Cfi = nil
|
|
s.Diag.Cfi = nil
|
|
}
|
|
|
|
// Also disable CFI for arm32 until b/35157333 is fixed.
|
|
if ctx.Arch().ArchType == android.Arm {
|
|
s.Cfi = nil
|
|
s.Diag.Cfi = nil
|
|
}
|
|
|
|
// HWASan requires AArch64 hardware feature (top-byte-ignore).
|
|
if ctx.Arch().ArchType != android.Arm64 {
|
|
s.Hwaddress = nil
|
|
}
|
|
|
|
// SCS is only implemented on AArch64.
|
|
if ctx.Arch().ArchType != android.Arm64 {
|
|
s.Scs = nil
|
|
}
|
|
|
|
// Also disable CFI if ASAN is enabled.
|
|
if Bool(s.Address) || Bool(s.Hwaddress) {
|
|
s.Cfi = nil
|
|
s.Diag.Cfi = nil
|
|
}
|
|
|
|
// Disable sanitizers that depend on the UBSan runtime for host builds.
|
|
if ctx.Host() {
|
|
s.Cfi = nil
|
|
s.Diag.Cfi = nil
|
|
s.Misc_undefined = nil
|
|
s.Undefined = nil
|
|
s.All_undefined = nil
|
|
s.Integer_overflow = nil
|
|
}
|
|
|
|
// Also disable CFI for VNDK variants of components
|
|
if ctx.isVndk() && ctx.useVndk() {
|
|
s.Cfi = nil
|
|
s.Diag.Cfi = nil
|
|
}
|
|
|
|
// HWASan ramdisk (which is built from recovery) goes over some bootloader limit.
|
|
// Keep libc instrumented so that recovery can run hwasan-instrumented code if necessary.
|
|
if ctx.inRecovery() && !strings.HasPrefix(ctx.ModuleDir(), "bionic/libc") {
|
|
s.Hwaddress = nil
|
|
}
|
|
|
|
if ctx.staticBinary() {
|
|
s.Address = nil
|
|
s.Fuzzer = nil
|
|
s.Thread = nil
|
|
}
|
|
|
|
if Bool(s.All_undefined) {
|
|
s.Undefined = nil
|
|
}
|
|
|
|
if !ctx.toolchain().Is64Bit() {
|
|
// TSAN and SafeStack are not supported on 32-bit architectures
|
|
s.Thread = nil
|
|
s.Safestack = nil
|
|
// TODO(ccross): error for compile_multilib = "32"?
|
|
}
|
|
|
|
if ctx.Os() != android.Windows && (Bool(s.All_undefined) || Bool(s.Undefined) || Bool(s.Address) || Bool(s.Thread) ||
|
|
Bool(s.Fuzzer) || Bool(s.Safestack) || Bool(s.Cfi) || Bool(s.Integer_overflow) || len(s.Misc_undefined) > 0 ||
|
|
Bool(s.Scudo) || Bool(s.Hwaddress) || Bool(s.Scs)) {
|
|
sanitize.Properties.SanitizerEnabled = true
|
|
}
|
|
|
|
// Disable Scudo if ASan or TSan is enabled, or if it's disabled globally.
|
|
if Bool(s.Address) || Bool(s.Thread) || Bool(s.Hwaddress) || ctx.Config().DisableScudo() {
|
|
s.Scudo = nil
|
|
}
|
|
|
|
if Bool(s.Hwaddress) {
|
|
s.Address = nil
|
|
s.Thread = nil
|
|
}
|
|
|
|
// TODO(b/131771163): CFI transiently depends on LTO, and thus Fuzzer is
|
|
// mutually incompatible.
|
|
if Bool(s.Fuzzer) {
|
|
s.Cfi = nil
|
|
}
|
|
}
|
|
|
|
func (sanitize *sanitize) deps(ctx BaseModuleContext, deps Deps) Deps {
|
|
if !sanitize.Properties.SanitizerEnabled { // || c.static() {
|
|
return deps
|
|
}
|
|
|
|
if ctx.Device() {
|
|
if Bool(sanitize.Properties.Sanitize.Address) {
|
|
deps.StaticLibs = append(deps.StaticLibs, asanLibs...)
|
|
// Compiling asan and having libc_scudo in the same
|
|
// executable will cause the executable to crash.
|
|
// Remove libc_scudo since it is only used to override
|
|
// allocation functions which asan already overrides.
|
|
_, deps.SharedLibs = removeFromList("libc_scudo", deps.SharedLibs)
|
|
}
|
|
}
|
|
|
|
return deps
|
|
}
|
|
|
|
func toDisableImplicitIntegerChange(flags []string) bool {
|
|
// Returns true if any flag is fsanitize*integer, and there is
|
|
// no explicit flag about sanitize=implicit-integer-sign-change.
|
|
for _, f := range flags {
|
|
if strings.Contains(f, "sanitize=implicit-integer-sign-change") {
|
|
return false
|
|
}
|
|
}
|
|
for _, f := range flags {
|
|
if strings.HasPrefix(f, "-fsanitize") && strings.Contains(f, "integer") {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
|
|
func (sanitize *sanitize) flags(ctx ModuleContext, flags Flags) Flags {
|
|
minimalRuntimeLib := config.UndefinedBehaviorSanitizerMinimalRuntimeLibrary(ctx.toolchain()) + ".a"
|
|
minimalRuntimePath := "${config.ClangAsanLibDir}/" + minimalRuntimeLib
|
|
|
|
if ctx.Device() && sanitize.Properties.MinimalRuntimeDep {
|
|
flags.LdFlags = append(flags.LdFlags, minimalRuntimePath)
|
|
flags.LdFlags = append(flags.LdFlags, "-Wl,--exclude-libs,"+minimalRuntimeLib)
|
|
}
|
|
if !sanitize.Properties.SanitizerEnabled && !sanitize.Properties.UbsanRuntimeDep {
|
|
return flags
|
|
}
|
|
|
|
if Bool(sanitize.Properties.Sanitize.Address) {
|
|
if ctx.Arch().ArchType == android.Arm {
|
|
// Frame pointer based unwinder in ASan requires ARM frame setup.
|
|
// TODO: put in flags?
|
|
flags.RequiredInstructionSet = "arm"
|
|
}
|
|
flags.CFlags = append(flags.CFlags, asanCflags...)
|
|
flags.LdFlags = append(flags.LdFlags, asanLdflags...)
|
|
|
|
if ctx.Host() {
|
|
// -nodefaultlibs (provided with libc++) prevents the driver from linking
|
|
// libraries needed with -fsanitize=address. http://b/18650275 (WAI)
|
|
flags.LdFlags = append(flags.LdFlags, "-Wl,--no-as-needed")
|
|
} else {
|
|
flags.CFlags = append(flags.CFlags, "-mllvm", "-asan-globals=0")
|
|
if ctx.bootstrap() {
|
|
flags.DynamicLinker = "/system/bin/bootstrap/linker_asan"
|
|
} else {
|
|
flags.DynamicLinker = "/system/bin/linker_asan"
|
|
}
|
|
if flags.Toolchain.Is64Bit() {
|
|
flags.DynamicLinker += "64"
|
|
}
|
|
}
|
|
}
|
|
|
|
if Bool(sanitize.Properties.Sanitize.Hwaddress) {
|
|
flags.CFlags = append(flags.CFlags, hwasanCflags...)
|
|
}
|
|
|
|
if Bool(sanitize.Properties.Sanitize.Fuzzer) {
|
|
flags.CFlags = append(flags.CFlags, "-fsanitize=fuzzer-no-link")
|
|
flags.LdFlags = append(flags.LdFlags, "-fsanitize=fuzzer-no-link")
|
|
|
|
// TODO(b/131771163): LTO and Fuzzer support is mutually incompatible.
|
|
_, flags.LdFlags = removeFromList("-flto", flags.LdFlags)
|
|
flags.LdFlags = append(flags.LdFlags, "-fno-lto")
|
|
}
|
|
|
|
if Bool(sanitize.Properties.Sanitize.Cfi) {
|
|
if ctx.Arch().ArchType == android.Arm {
|
|
// __cfi_check needs to be built as Thumb (see the code in linker_cfi.cpp). LLVM is not set up
|
|
// to do this on a function basis, so force Thumb on the entire module.
|
|
flags.RequiredInstructionSet = "thumb"
|
|
}
|
|
|
|
flags.CFlags = append(flags.CFlags, cfiCflags...)
|
|
flags.AsFlags = append(flags.AsFlags, cfiAsflags...)
|
|
// Only append the default visibility flag if -fvisibility has not already been set
|
|
// to hidden.
|
|
if !inList("-fvisibility=hidden", flags.CFlags) {
|
|
flags.CFlags = append(flags.CFlags, "-fvisibility=default")
|
|
}
|
|
flags.LdFlags = append(flags.LdFlags, cfiLdflags...)
|
|
|
|
if ctx.staticBinary() {
|
|
_, flags.CFlags = removeFromList("-fsanitize-cfi-cross-dso", flags.CFlags)
|
|
_, flags.LdFlags = removeFromList("-fsanitize-cfi-cross-dso", flags.LdFlags)
|
|
}
|
|
}
|
|
|
|
if Bool(sanitize.Properties.Sanitize.Integer_overflow) {
|
|
flags.CFlags = append(flags.CFlags, intOverflowCflags...)
|
|
}
|
|
|
|
if len(sanitize.Properties.Sanitizers) > 0 {
|
|
sanitizeArg := "-fsanitize=" + strings.Join(sanitize.Properties.Sanitizers, ",")
|
|
|
|
flags.CFlags = append(flags.CFlags, sanitizeArg)
|
|
flags.AsFlags = append(flags.AsFlags, sanitizeArg)
|
|
if ctx.Host() {
|
|
// Host sanitizers only link symbols in the final executable, so
|
|
// there will always be undefined symbols in intermediate libraries.
|
|
_, flags.LdFlags = removeFromList("-Wl,--no-undefined", flags.LdFlags)
|
|
flags.LdFlags = append(flags.LdFlags, sanitizeArg)
|
|
} else {
|
|
if enableMinimalRuntime(sanitize) {
|
|
flags.CFlags = append(flags.CFlags, strings.Join(minimalRuntimeFlags, " "))
|
|
flags.libFlags = append([]string{minimalRuntimePath}, flags.libFlags...)
|
|
flags.LdFlags = append(flags.LdFlags, "-Wl,--exclude-libs,"+minimalRuntimeLib)
|
|
}
|
|
}
|
|
|
|
if Bool(sanitize.Properties.Sanitize.Fuzzer) {
|
|
// When fuzzing, we wish to crash with diagnostics on any bug.
|
|
flags.CFlags = append(flags.CFlags, "-fno-sanitize-trap=all", "-fno-sanitize-recover=all")
|
|
} else if ctx.Host() {
|
|
flags.CFlags = append(flags.CFlags, "-fno-sanitize-recover=all")
|
|
} else {
|
|
flags.CFlags = append(flags.CFlags, "-fsanitize-trap=all", "-ftrap-function=abort")
|
|
}
|
|
// http://b/119329758, Android core does not boot up with this sanitizer yet.
|
|
if toDisableImplicitIntegerChange(flags.CFlags) {
|
|
flags.CFlags = append(flags.CFlags, "-fno-sanitize=implicit-integer-sign-change")
|
|
}
|
|
}
|
|
|
|
if len(sanitize.Properties.DiagSanitizers) > 0 {
|
|
flags.CFlags = append(flags.CFlags, "-fno-sanitize-trap="+strings.Join(sanitize.Properties.DiagSanitizers, ","))
|
|
}
|
|
// FIXME: enable RTTI if diag + (cfi or vptr)
|
|
|
|
if sanitize.Properties.Sanitize.Recover != nil {
|
|
flags.CFlags = append(flags.CFlags, "-fsanitize-recover="+
|
|
strings.Join(sanitize.Properties.Sanitize.Recover, ","))
|
|
}
|
|
|
|
if sanitize.Properties.Sanitize.Diag.No_recover != nil {
|
|
flags.CFlags = append(flags.CFlags, "-fno-sanitize-recover="+
|
|
strings.Join(sanitize.Properties.Sanitize.Diag.No_recover, ","))
|
|
}
|
|
|
|
blacklist := android.OptionalPathForModuleSrc(ctx, sanitize.Properties.Sanitize.Blacklist)
|
|
if blacklist.Valid() {
|
|
flags.CFlags = append(flags.CFlags, "-fsanitize-blacklist="+blacklist.String())
|
|
flags.CFlagsDeps = append(flags.CFlagsDeps, blacklist.Path())
|
|
}
|
|
|
|
return flags
|
|
}
|
|
|
|
func (sanitize *sanitize) AndroidMk(ctx AndroidMkContext, ret *android.AndroidMkData) {
|
|
// Add a suffix for CFI-enabled static libraries to allow surfacing both to make without a
|
|
// name conflict.
|
|
if ret.Class == "STATIC_LIBRARIES" && Bool(sanitize.Properties.Sanitize.Cfi) {
|
|
ret.SubName += ".cfi"
|
|
}
|
|
if ret.Class == "STATIC_LIBRARIES" && Bool(sanitize.Properties.Sanitize.Hwaddress) {
|
|
ret.SubName += ".hwasan"
|
|
}
|
|
if ret.Class == "STATIC_LIBRARIES" && Bool(sanitize.Properties.Sanitize.Scs) {
|
|
ret.SubName += ".scs"
|
|
}
|
|
}
|
|
|
|
func (sanitize *sanitize) inSanitizerDir() bool {
|
|
return sanitize.Properties.InSanitizerDir
|
|
}
|
|
|
|
func (sanitize *sanitize) getSanitizerBoolPtr(t sanitizerType) *bool {
|
|
switch t {
|
|
case asan:
|
|
return sanitize.Properties.Sanitize.Address
|
|
case hwasan:
|
|
return sanitize.Properties.Sanitize.Hwaddress
|
|
case tsan:
|
|
return sanitize.Properties.Sanitize.Thread
|
|
case intOverflow:
|
|
return sanitize.Properties.Sanitize.Integer_overflow
|
|
case cfi:
|
|
return sanitize.Properties.Sanitize.Cfi
|
|
case scs:
|
|
return sanitize.Properties.Sanitize.Scs
|
|
case fuzzer:
|
|
return sanitize.Properties.Sanitize.Fuzzer
|
|
default:
|
|
panic(fmt.Errorf("unknown sanitizerType %d", t))
|
|
}
|
|
}
|
|
|
|
func (sanitize *sanitize) isUnsanitizedVariant() bool {
|
|
return !sanitize.isSanitizerEnabled(asan) &&
|
|
!sanitize.isSanitizerEnabled(hwasan) &&
|
|
!sanitize.isSanitizerEnabled(tsan) &&
|
|
!sanitize.isSanitizerEnabled(cfi) &&
|
|
!sanitize.isSanitizerEnabled(scs) &&
|
|
!sanitize.isSanitizerEnabled(fuzzer)
|
|
}
|
|
|
|
func (sanitize *sanitize) isVariantOnProductionDevice() bool {
|
|
return !sanitize.isSanitizerEnabled(asan) &&
|
|
!sanitize.isSanitizerEnabled(hwasan) &&
|
|
!sanitize.isSanitizerEnabled(tsan) &&
|
|
!sanitize.isSanitizerEnabled(fuzzer)
|
|
}
|
|
|
|
func (sanitize *sanitize) SetSanitizer(t sanitizerType, b bool) {
|
|
switch t {
|
|
case asan:
|
|
sanitize.Properties.Sanitize.Address = boolPtr(b)
|
|
case hwasan:
|
|
sanitize.Properties.Sanitize.Hwaddress = boolPtr(b)
|
|
case tsan:
|
|
sanitize.Properties.Sanitize.Thread = boolPtr(b)
|
|
case intOverflow:
|
|
sanitize.Properties.Sanitize.Integer_overflow = boolPtr(b)
|
|
case cfi:
|
|
sanitize.Properties.Sanitize.Cfi = boolPtr(b)
|
|
case scs:
|
|
sanitize.Properties.Sanitize.Scs = boolPtr(b)
|
|
case fuzzer:
|
|
sanitize.Properties.Sanitize.Fuzzer = boolPtr(b)
|
|
default:
|
|
panic(fmt.Errorf("unknown sanitizerType %d", t))
|
|
}
|
|
if b {
|
|
sanitize.Properties.SanitizerEnabled = true
|
|
}
|
|
}
|
|
|
|
// Check if the sanitizer is explicitly disabled (as opposed to nil by
|
|
// virtue of not being set).
|
|
func (sanitize *sanitize) isSanitizerExplicitlyDisabled(t sanitizerType) bool {
|
|
if sanitize == nil {
|
|
return false
|
|
}
|
|
|
|
sanitizerVal := sanitize.getSanitizerBoolPtr(t)
|
|
return sanitizerVal != nil && *sanitizerVal == false
|
|
}
|
|
|
|
// There isn't an analog of the method above (ie:isSanitizerExplicitlyEnabled)
|
|
// because enabling a sanitizer either directly (via the blueprint) or
|
|
// indirectly (via a mutator) sets the bool ptr to true, and you can't
|
|
// distinguish between the cases. It isn't needed though - both cases can be
|
|
// treated identically.
|
|
func (sanitize *sanitize) isSanitizerEnabled(t sanitizerType) bool {
|
|
if sanitize == nil {
|
|
return false
|
|
}
|
|
|
|
sanitizerVal := sanitize.getSanitizerBoolPtr(t)
|
|
return sanitizerVal != nil && *sanitizerVal == true
|
|
}
|
|
|
|
func isSanitizableDependencyTag(tag blueprint.DependencyTag) bool {
|
|
t, ok := tag.(dependencyTag)
|
|
return ok && t.library || t == reuseObjTag
|
|
}
|
|
|
|
// Propagate sanitizer requirements down from binaries
|
|
func sanitizerDepsMutator(t sanitizerType) func(android.TopDownMutatorContext) {
|
|
return func(mctx android.TopDownMutatorContext) {
|
|
if c, ok := mctx.Module().(*Module); ok && c.sanitize.isSanitizerEnabled(t) {
|
|
mctx.WalkDeps(func(child, parent android.Module) bool {
|
|
if !isSanitizableDependencyTag(mctx.OtherModuleDependencyTag(child)) {
|
|
return false
|
|
}
|
|
if d, ok := child.(*Module); ok && d.sanitize != nil &&
|
|
!Bool(d.sanitize.Properties.Sanitize.Never) &&
|
|
!d.sanitize.isSanitizerExplicitlyDisabled(t) {
|
|
if t == cfi || t == hwasan || t == scs {
|
|
if d.static() {
|
|
d.sanitize.Properties.SanitizeDep = true
|
|
}
|
|
} else {
|
|
d.sanitize.Properties.SanitizeDep = true
|
|
}
|
|
}
|
|
return true
|
|
})
|
|
} else if sanitizeable, ok := mctx.Module().(Sanitizeable); ok {
|
|
// If an APEX module includes a lib which is enabled for a sanitizer T, then
|
|
// the APEX module is also enabled for the same sanitizer type.
|
|
mctx.VisitDirectDeps(func(child android.Module) {
|
|
if c, ok := child.(*Module); ok && c.sanitize.isSanitizerEnabled(t) {
|
|
sanitizeable.EnableSanitizer(t.name())
|
|
}
|
|
})
|
|
}
|
|
}
|
|
}
|
|
|
|
// Propagate the ubsan minimal runtime dependency when there are integer overflow sanitized static dependencies.
|
|
func sanitizerRuntimeDepsMutator(mctx android.TopDownMutatorContext) {
|
|
if c, ok := mctx.Module().(*Module); ok && c.sanitize != nil {
|
|
mctx.WalkDeps(func(child, parent android.Module) bool {
|
|
if !isSanitizableDependencyTag(mctx.OtherModuleDependencyTag(child)) {
|
|
return false
|
|
}
|
|
if d, ok := child.(*Module); ok && d.static() && d.sanitize != nil {
|
|
|
|
if enableMinimalRuntime(d.sanitize) {
|
|
// If a static dependency is built with the minimal runtime,
|
|
// make sure we include the ubsan minimal runtime.
|
|
c.sanitize.Properties.MinimalRuntimeDep = true
|
|
} else if Bool(d.sanitize.Properties.Sanitize.Diag.Integer_overflow) ||
|
|
len(d.sanitize.Properties.Sanitize.Diag.Misc_undefined) > 0 {
|
|
// If a static dependency runs with full ubsan diagnostics,
|
|
// make sure we include the ubsan runtime.
|
|
c.sanitize.Properties.UbsanRuntimeDep = true
|
|
}
|
|
}
|
|
return true
|
|
})
|
|
}
|
|
}
|
|
|
|
// Add the dependency to the runtime library for each of the sanitizer variants
|
|
func sanitizerRuntimeMutator(mctx android.BottomUpMutatorContext) {
|
|
if c, ok := mctx.Module().(*Module); ok && c.sanitize != nil {
|
|
if !c.Enabled() {
|
|
return
|
|
}
|
|
var sanitizers []string
|
|
var diagSanitizers []string
|
|
|
|
if Bool(c.sanitize.Properties.Sanitize.All_undefined) {
|
|
sanitizers = append(sanitizers, "undefined")
|
|
} else {
|
|
if Bool(c.sanitize.Properties.Sanitize.Undefined) {
|
|
sanitizers = append(sanitizers,
|
|
"bool",
|
|
"integer-divide-by-zero",
|
|
"return",
|
|
"returns-nonnull-attribute",
|
|
"shift-exponent",
|
|
"unreachable",
|
|
"vla-bound",
|
|
// TODO(danalbert): The following checks currently have compiler performance issues.
|
|
//"alignment",
|
|
//"bounds",
|
|
//"enum",
|
|
//"float-cast-overflow",
|
|
//"float-divide-by-zero",
|
|
//"nonnull-attribute",
|
|
//"null",
|
|
//"shift-base",
|
|
//"signed-integer-overflow",
|
|
// TODO(danalbert): Fix UB in libc++'s __tree so we can turn this on.
|
|
// https://llvm.org/PR19302
|
|
// http://reviews.llvm.org/D6974
|
|
// "object-size",
|
|
)
|
|
}
|
|
sanitizers = append(sanitizers, c.sanitize.Properties.Sanitize.Misc_undefined...)
|
|
}
|
|
|
|
if Bool(c.sanitize.Properties.Sanitize.Diag.Undefined) {
|
|
diagSanitizers = append(diagSanitizers, "undefined")
|
|
}
|
|
|
|
diagSanitizers = append(diagSanitizers, c.sanitize.Properties.Sanitize.Diag.Misc_undefined...)
|
|
|
|
if Bool(c.sanitize.Properties.Sanitize.Address) {
|
|
sanitizers = append(sanitizers, "address")
|
|
diagSanitizers = append(diagSanitizers, "address")
|
|
}
|
|
|
|
if Bool(c.sanitize.Properties.Sanitize.Hwaddress) {
|
|
sanitizers = append(sanitizers, "hwaddress")
|
|
}
|
|
|
|
if Bool(c.sanitize.Properties.Sanitize.Thread) {
|
|
sanitizers = append(sanitizers, "thread")
|
|
}
|
|
|
|
if Bool(c.sanitize.Properties.Sanitize.Safestack) {
|
|
sanitizers = append(sanitizers, "safe-stack")
|
|
}
|
|
|
|
if Bool(c.sanitize.Properties.Sanitize.Cfi) {
|
|
sanitizers = append(sanitizers, "cfi")
|
|
|
|
if Bool(c.sanitize.Properties.Sanitize.Diag.Cfi) {
|
|
diagSanitizers = append(diagSanitizers, "cfi")
|
|
}
|
|
}
|
|
|
|
if Bool(c.sanitize.Properties.Sanitize.Integer_overflow) {
|
|
sanitizers = append(sanitizers, "unsigned-integer-overflow")
|
|
sanitizers = append(sanitizers, "signed-integer-overflow")
|
|
if Bool(c.sanitize.Properties.Sanitize.Diag.Integer_overflow) {
|
|
diagSanitizers = append(diagSanitizers, "unsigned-integer-overflow")
|
|
diagSanitizers = append(diagSanitizers, "signed-integer-overflow")
|
|
}
|
|
}
|
|
|
|
if Bool(c.sanitize.Properties.Sanitize.Scudo) {
|
|
sanitizers = append(sanitizers, "scudo")
|
|
}
|
|
|
|
if Bool(c.sanitize.Properties.Sanitize.Scs) {
|
|
sanitizers = append(sanitizers, "shadow-call-stack")
|
|
}
|
|
|
|
if Bool(c.sanitize.Properties.Sanitize.Fuzzer) {
|
|
sanitizers = append(sanitizers, "fuzzer-no-link")
|
|
}
|
|
|
|
// Save the list of sanitizers. These will be used again when generating
|
|
// the build rules (for Cflags, etc.)
|
|
c.sanitize.Properties.Sanitizers = sanitizers
|
|
c.sanitize.Properties.DiagSanitizers = diagSanitizers
|
|
|
|
// Determine the runtime library required
|
|
runtimeLibrary := ""
|
|
toolchain := c.toolchain(mctx)
|
|
if Bool(c.sanitize.Properties.Sanitize.Address) {
|
|
runtimeLibrary = config.AddressSanitizerRuntimeLibrary(toolchain)
|
|
} else if Bool(c.sanitize.Properties.Sanitize.Hwaddress) {
|
|
if c.staticBinary() {
|
|
runtimeLibrary = config.HWAddressSanitizerStaticLibrary(toolchain)
|
|
} else {
|
|
runtimeLibrary = config.HWAddressSanitizerRuntimeLibrary(toolchain)
|
|
}
|
|
} else if Bool(c.sanitize.Properties.Sanitize.Thread) {
|
|
runtimeLibrary = config.ThreadSanitizerRuntimeLibrary(toolchain)
|
|
} else if Bool(c.sanitize.Properties.Sanitize.Scudo) {
|
|
if len(diagSanitizers) == 0 && !c.sanitize.Properties.UbsanRuntimeDep {
|
|
runtimeLibrary = config.ScudoMinimalRuntimeLibrary(toolchain)
|
|
} else {
|
|
runtimeLibrary = config.ScudoRuntimeLibrary(toolchain)
|
|
}
|
|
} else if len(diagSanitizers) > 0 || c.sanitize.Properties.UbsanRuntimeDep {
|
|
runtimeLibrary = config.UndefinedBehaviorSanitizerRuntimeLibrary(toolchain)
|
|
}
|
|
|
|
if mctx.Device() && runtimeLibrary != "" {
|
|
if inList(runtimeLibrary, *llndkLibraries(mctx.Config())) && !c.static() && c.useVndk() {
|
|
runtimeLibrary = runtimeLibrary + llndkLibrarySuffix
|
|
}
|
|
|
|
// Adding dependency to the runtime library. We are using *FarVariation*
|
|
// because the runtime libraries themselves are not mutated by sanitizer
|
|
// mutators and thus don't have sanitizer variants whereas this module
|
|
// has been already mutated.
|
|
//
|
|
// Note that by adding dependency with {static|shared}DepTag, the lib is
|
|
// added to libFlags and LOCAL_SHARED_LIBRARIES by cc.Module
|
|
if c.staticBinary() {
|
|
// static executable gets static runtime libs
|
|
mctx.AddFarVariationDependencies([]blueprint.Variation{
|
|
{Mutator: "link", Variation: "static"},
|
|
{Mutator: "image", Variation: c.imageVariation()},
|
|
{Mutator: "arch", Variation: mctx.Target().String()},
|
|
}, staticDepTag, runtimeLibrary)
|
|
} else if !c.static() {
|
|
// dynamic executable and shared libs get shared runtime libs
|
|
mctx.AddFarVariationDependencies([]blueprint.Variation{
|
|
{Mutator: "link", Variation: "shared"},
|
|
{Mutator: "image", Variation: c.imageVariation()},
|
|
{Mutator: "arch", Variation: mctx.Target().String()},
|
|
}, earlySharedDepTag, runtimeLibrary)
|
|
}
|
|
// static lib does not have dependency to the runtime library. The
|
|
// dependency will be added to the executables or shared libs using
|
|
// the static lib.
|
|
}
|
|
}
|
|
}
|
|
|
|
type Sanitizeable interface {
|
|
android.Module
|
|
IsSanitizerEnabled(ctx android.BaseModuleContext, sanitizerName string) bool
|
|
EnableSanitizer(sanitizerName string)
|
|
}
|
|
|
|
// Create sanitized variants for modules that need them
|
|
func sanitizerMutator(t sanitizerType) func(android.BottomUpMutatorContext) {
|
|
return func(mctx android.BottomUpMutatorContext) {
|
|
if c, ok := mctx.Module().(*Module); ok && c.sanitize != nil {
|
|
if c.isDependencyRoot() && c.sanitize.isSanitizerEnabled(t) {
|
|
modules := mctx.CreateVariations(t.variationName())
|
|
modules[0].(*Module).sanitize.SetSanitizer(t, true)
|
|
} else if c.sanitize.isSanitizerEnabled(t) || c.sanitize.Properties.SanitizeDep {
|
|
// Save original sanitizer status before we assign values to variant
|
|
// 0 as that overwrites the original.
|
|
isSanitizerEnabled := c.sanitize.isSanitizerEnabled(t)
|
|
|
|
modules := mctx.CreateVariations("", t.variationName())
|
|
modules[0].(*Module).sanitize.SetSanitizer(t, false)
|
|
modules[1].(*Module).sanitize.SetSanitizer(t, true)
|
|
|
|
modules[0].(*Module).sanitize.Properties.SanitizeDep = false
|
|
modules[1].(*Module).sanitize.Properties.SanitizeDep = false
|
|
|
|
// We don't need both variants active for anything but CFI-enabled
|
|
// target static libraries, so suppress the appropriate variant in
|
|
// all other cases.
|
|
if t == cfi {
|
|
if c.static() {
|
|
if !mctx.Device() {
|
|
if isSanitizerEnabled {
|
|
modules[0].(*Module).Properties.PreventInstall = true
|
|
modules[0].(*Module).Properties.HideFromMake = true
|
|
} else {
|
|
modules[1].(*Module).Properties.PreventInstall = true
|
|
modules[1].(*Module).Properties.HideFromMake = true
|
|
}
|
|
} else {
|
|
cfiStaticLibs := cfiStaticLibs(mctx.Config())
|
|
|
|
cfiStaticLibsMutex.Lock()
|
|
*cfiStaticLibs = append(*cfiStaticLibs, c.Name())
|
|
cfiStaticLibsMutex.Unlock()
|
|
}
|
|
} else {
|
|
modules[0].(*Module).Properties.PreventInstall = true
|
|
modules[0].(*Module).Properties.HideFromMake = true
|
|
}
|
|
} else if t == asan {
|
|
if mctx.Device() {
|
|
// CFI and ASAN are currently mutually exclusive so disable
|
|
// CFI if this is an ASAN variant.
|
|
modules[1].(*Module).sanitize.Properties.InSanitizerDir = true
|
|
modules[1].(*Module).sanitize.SetSanitizer(cfi, false)
|
|
}
|
|
if isSanitizerEnabled {
|
|
modules[0].(*Module).Properties.PreventInstall = true
|
|
modules[0].(*Module).Properties.HideFromMake = true
|
|
} else {
|
|
modules[1].(*Module).Properties.PreventInstall = true
|
|
modules[1].(*Module).Properties.HideFromMake = true
|
|
}
|
|
} else if t == scs {
|
|
// We don't currently link any static libraries built with make into
|
|
// libraries built with SCS, so we don't need logic for propagating
|
|
// SCSness of dependencies into make.
|
|
if !c.static() {
|
|
if isSanitizerEnabled {
|
|
modules[0].(*Module).Properties.PreventInstall = true
|
|
modules[0].(*Module).Properties.HideFromMake = true
|
|
} else {
|
|
modules[1].(*Module).Properties.PreventInstall = true
|
|
modules[1].(*Module).Properties.HideFromMake = true
|
|
}
|
|
}
|
|
} else if t == fuzzer {
|
|
// TODO(b/131771163): CFI and fuzzer support are mutually incompatible
|
|
// as CFI pulls in LTO.
|
|
if mctx.Device() {
|
|
modules[1].(*Module).sanitize.SetSanitizer(cfi, false)
|
|
}
|
|
if isSanitizerEnabled {
|
|
modules[0].(*Module).Properties.PreventInstall = true
|
|
modules[0].(*Module).Properties.HideFromMake = true
|
|
} else {
|
|
modules[1].(*Module).Properties.PreventInstall = true
|
|
modules[1].(*Module).Properties.HideFromMake = true
|
|
}
|
|
} else if t == hwasan {
|
|
if mctx.Device() {
|
|
// CFI and HWASAN are currently mutually exclusive so disable
|
|
// CFI if this is an HWASAN variant.
|
|
modules[1].(*Module).sanitize.SetSanitizer(cfi, false)
|
|
}
|
|
|
|
if c.static() {
|
|
if c.useVndk() {
|
|
hwasanVendorStaticLibs := hwasanVendorStaticLibs(mctx.Config())
|
|
hwasanStaticLibsMutex.Lock()
|
|
*hwasanVendorStaticLibs = append(*hwasanVendorStaticLibs, c.Name())
|
|
hwasanStaticLibsMutex.Unlock()
|
|
} else {
|
|
hwasanStaticLibs := hwasanStaticLibs(mctx.Config())
|
|
hwasanStaticLibsMutex.Lock()
|
|
*hwasanStaticLibs = append(*hwasanStaticLibs, c.Name())
|
|
hwasanStaticLibsMutex.Unlock()
|
|
}
|
|
} else {
|
|
if isSanitizerEnabled {
|
|
modules[0].(*Module).Properties.PreventInstall = true
|
|
modules[0].(*Module).Properties.HideFromMake = true
|
|
} else {
|
|
modules[1].(*Module).Properties.PreventInstall = true
|
|
modules[1].(*Module).Properties.HideFromMake = true
|
|
}
|
|
}
|
|
}
|
|
}
|
|
c.sanitize.Properties.SanitizeDep = false
|
|
} else if sanitizeable, ok := mctx.Module().(Sanitizeable); ok && sanitizeable.IsSanitizerEnabled(mctx, t.name()) {
|
|
// APEX modules fall here
|
|
mctx.CreateVariations(t.variationName())
|
|
}
|
|
}
|
|
}
|
|
|
|
var cfiStaticLibsKey = android.NewOnceKey("cfiStaticLibs")
|
|
|
|
func cfiStaticLibs(config android.Config) *[]string {
|
|
return config.Once(cfiStaticLibsKey, func() interface{} {
|
|
return &[]string{}
|
|
}).(*[]string)
|
|
}
|
|
|
|
var hwasanStaticLibsKey = android.NewOnceKey("hwasanStaticLibs")
|
|
|
|
func hwasanStaticLibs(config android.Config) *[]string {
|
|
return config.Once(hwasanStaticLibsKey, func() interface{} {
|
|
return &[]string{}
|
|
}).(*[]string)
|
|
}
|
|
|
|
var hwasanVendorStaticLibsKey = android.NewOnceKey("hwasanVendorStaticLibs")
|
|
|
|
func hwasanVendorStaticLibs(config android.Config) *[]string {
|
|
return config.Once(hwasanVendorStaticLibsKey, func() interface{} {
|
|
return &[]string{}
|
|
}).(*[]string)
|
|
}
|
|
|
|
func enableMinimalRuntime(sanitize *sanitize) bool {
|
|
if !Bool(sanitize.Properties.Sanitize.Address) &&
|
|
!Bool(sanitize.Properties.Sanitize.Hwaddress) &&
|
|
!Bool(sanitize.Properties.Sanitize.Fuzzer) &&
|
|
(Bool(sanitize.Properties.Sanitize.Integer_overflow) ||
|
|
len(sanitize.Properties.Sanitize.Misc_undefined) > 0) &&
|
|
!(Bool(sanitize.Properties.Sanitize.Diag.Integer_overflow) ||
|
|
Bool(sanitize.Properties.Sanitize.Diag.Cfi) ||
|
|
len(sanitize.Properties.Sanitize.Diag.Misc_undefined) > 0) {
|
|
return true
|
|
}
|
|
return false
|
|
}
|
|
|
|
func cfiMakeVarsProvider(ctx android.MakeVarsContext) {
|
|
cfiStaticLibs := cfiStaticLibs(ctx.Config())
|
|
sort.Strings(*cfiStaticLibs)
|
|
ctx.Strict("SOONG_CFI_STATIC_LIBRARIES", strings.Join(*cfiStaticLibs, " "))
|
|
}
|
|
|
|
func hwasanMakeVarsProvider(ctx android.MakeVarsContext) {
|
|
hwasanStaticLibs := hwasanStaticLibs(ctx.Config())
|
|
sort.Strings(*hwasanStaticLibs)
|
|
ctx.Strict("SOONG_HWASAN_STATIC_LIBRARIES", strings.Join(*hwasanStaticLibs, " "))
|
|
|
|
hwasanVendorStaticLibs := hwasanVendorStaticLibs(ctx.Config())
|
|
sort.Strings(*hwasanVendorStaticLibs)
|
|
ctx.Strict("SOONG_HWASAN_VENDOR_STATIC_LIBRARIES", strings.Join(*hwasanVendorStaticLibs, " "))
|
|
}
|