2014-11-01 07:23:08 +08:00
|
|
|
##############################################
|
|
|
|
## Perform configuration steps for sanitizers.
|
|
|
|
##############################################
|
|
|
|
|
2015-04-17 07:21:02 +08:00
|
|
|
my_sanitize := $(strip $(LOCAL_SANITIZE))
|
2017-01-19 09:50:29 +08:00
|
|
|
my_sanitize_diag := $(strip $(LOCAL_SANITIZE_DIAG))
|
2014-12-12 10:56:26 +08:00
|
|
|
|
2015-08-20 11:13:33 +08:00
|
|
|
my_global_sanitize :=
|
2017-06-29 00:11:26 +08:00
|
|
|
my_global_sanitize_diag :=
|
2018-09-05 13:25:22 +08:00
|
|
|
ifdef LOCAL_IS_HOST_MODULE
|
|
|
|
ifneq ($($(my_prefix)OS),windows)
|
|
|
|
my_global_sanitize := $(strip $(SANITIZE_HOST))
|
2015-08-20 11:13:33 +08:00
|
|
|
|
2018-09-05 13:25:22 +08:00
|
|
|
# SANITIZE_HOST=true is a deprecated way to say SANITIZE_HOST=address.
|
|
|
|
my_global_sanitize := $(subst true,address,$(my_global_sanitize))
|
2015-06-12 04:57:10 +08:00
|
|
|
endif
|
2018-09-05 13:25:22 +08:00
|
|
|
else
|
|
|
|
my_global_sanitize := $(strip $(SANITIZE_TARGET))
|
|
|
|
my_global_sanitize_diag := $(strip $(SANITIZE_TARGET_DIAG))
|
2015-08-20 11:13:33 +08:00
|
|
|
endif
|
2015-04-18 02:04:06 +08:00
|
|
|
|
2017-07-22 01:33:32 +08:00
|
|
|
# Disable global integer_overflow in excluded paths.
|
|
|
|
ifneq ($(filter integer_overflow, $(my_global_sanitize)),)
|
|
|
|
combined_exclude_paths := $(INTEGER_OVERFLOW_EXCLUDE_PATHS) \
|
|
|
|
$(PRODUCT_INTEGER_OVERFLOW_EXCLUDE_PATHS)
|
|
|
|
|
|
|
|
ifneq ($(strip $(foreach dir,$(subst $(comma),$(space),$(combined_exclude_paths)),\
|
|
|
|
$(filter $(dir)%,$(LOCAL_PATH)))),)
|
|
|
|
my_global_sanitize := $(filter-out integer_overflow,$(my_global_sanitize))
|
|
|
|
my_global_sanitize_diag := $(filter-out integer_overflow,$(my_global_sanitize_diag))
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2018-03-16 05:49:20 +08:00
|
|
|
# Global integer sanitization doesn't support static modules.
|
|
|
|
ifeq ($(filter SHARED_LIBRARIES EXECUTABLES,$(LOCAL_MODULE_CLASS)),)
|
|
|
|
my_global_sanitize := $(filter-out integer_overflow,$(my_global_sanitize))
|
|
|
|
my_global_sanitize_diag := $(filter-out integer_overflow,$(my_global_sanitize_diag))
|
|
|
|
endif
|
|
|
|
ifeq ($(LOCAL_FORCE_STATIC_EXECUTABLE),true)
|
|
|
|
my_global_sanitize := $(filter-out integer_overflow,$(my_global_sanitize))
|
|
|
|
my_global_sanitize_diag := $(filter-out integer_overflow,$(my_global_sanitize_diag))
|
|
|
|
endif
|
|
|
|
|
2017-10-31 17:25:16 +08:00
|
|
|
# Disable global CFI in excluded paths
|
|
|
|
ifneq ($(filter cfi, $(my_global_sanitize)),)
|
|
|
|
combined_exclude_paths := $(CFI_EXCLUDE_PATHS) \
|
|
|
|
$(PRODUCT_CFI_EXCLUDE_PATHS)
|
|
|
|
|
|
|
|
ifneq ($(strip $(foreach dir,$(subst $(comma),$(space),$(combined_exclude_paths)),\
|
|
|
|
$(filter $(dir)%,$(LOCAL_PATH)))),)
|
|
|
|
my_global_sanitize := $(filter-out cfi,$(my_global_sanitize))
|
|
|
|
my_global_sanitize_diag := $(filter-out cfi,$(my_global_sanitize_diag))
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2021-01-14 04:14:55 +08:00
|
|
|
# Disable global memtag_heap in excluded paths
|
|
|
|
ifneq ($(filter memtag_heap, $(my_global_sanitize)),)
|
|
|
|
combined_exclude_paths := $(MEMTAG_HEAP_EXCLUDE_PATHS) \
|
|
|
|
$(PRODUCT_MEMTAG_HEAP_EXCLUDE_PATHS)
|
|
|
|
|
|
|
|
ifneq ($(strip $(foreach dir,$(subst $(comma),$(space),$(combined_exclude_paths)),\
|
|
|
|
$(filter $(dir)%,$(LOCAL_PATH)))),)
|
|
|
|
my_global_sanitize := $(filter-out memtag_heap,$(my_global_sanitize))
|
|
|
|
my_global_sanitize_diag := $(filter-out memtag_heap,$(my_global_sanitize_diag))
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2015-08-20 11:13:33 +08:00
|
|
|
ifneq ($(my_global_sanitize),)
|
2016-05-20 08:45:21 +08:00
|
|
|
my_sanitize := $(my_global_sanitize) $(my_sanitize)
|
2015-08-20 11:13:33 +08:00
|
|
|
endif
|
2017-06-29 00:11:26 +08:00
|
|
|
ifneq ($(my_global_sanitize_diag),)
|
|
|
|
my_sanitize_diag := $(my_global_sanitize_diag) $(my_sanitize_diag)
|
|
|
|
endif
|
2015-04-18 02:04:06 +08:00
|
|
|
|
2016-06-28 06:15:31 +08:00
|
|
|
# The sanitizer specified in the product configuration wins over the previous.
|
|
|
|
ifneq ($(SANITIZER.$(TARGET_PRODUCT).$(LOCAL_MODULE).CONFIG),)
|
|
|
|
my_sanitize := $(SANITIZER.$(TARGET_PRODUCT).$(LOCAL_MODULE).CONFIG)
|
|
|
|
ifeq ($(my_sanitize),never)
|
|
|
|
my_sanitize :=
|
2017-06-29 00:11:26 +08:00
|
|
|
my_sanitize_diag :=
|
2016-06-28 06:15:31 +08:00
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2016-11-03 06:05:21 +08:00
|
|
|
ifndef LOCAL_IS_HOST_MODULE
|
|
|
|
# Add a filter point for 32-bit vs 64-bit sanitization (to lighten the burden)
|
|
|
|
SANITIZE_TARGET_ARCH ?= $(TARGET_ARCH) $(TARGET_2ND_ARCH)
|
|
|
|
ifeq ($(filter $(SANITIZE_TARGET_ARCH),$(TARGET_$(LOCAL_2ND_ARCH_VAR_PREFIX)ARCH)),)
|
|
|
|
my_sanitize :=
|
2017-06-29 00:11:26 +08:00
|
|
|
my_sanitize_diag :=
|
2016-11-03 06:05:21 +08:00
|
|
|
endif
|
2016-06-21 08:36:49 +08:00
|
|
|
endif
|
|
|
|
|
2016-06-21 08:46:29 +08:00
|
|
|
# Add a filter point based on module owner (to lighten the burden). The format is a space- or
|
|
|
|
# colon-separated list of owner names.
|
|
|
|
ifneq (,$(SANITIZE_NEVER_BY_OWNER))
|
|
|
|
ifneq (,$(LOCAL_MODULE_OWNER))
|
|
|
|
ifneq (,$(filter $(LOCAL_MODULE_OWNER),$(subst :, ,$(SANITIZE_NEVER_BY_OWNER))))
|
|
|
|
$(warning Not sanitizing $(LOCAL_MODULE) based on module owner.)
|
|
|
|
my_sanitize :=
|
2017-06-29 00:11:26 +08:00
|
|
|
my_sanitize_diag :=
|
2016-06-21 08:46:29 +08:00
|
|
|
endif
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2015-08-20 11:13:33 +08:00
|
|
|
# Don't apply sanitizers to NDK code.
|
|
|
|
ifdef LOCAL_SDK_VERSION
|
|
|
|
my_sanitize :=
|
2016-06-29 07:47:43 +08:00
|
|
|
my_global_sanitize :=
|
2017-06-29 00:11:26 +08:00
|
|
|
my_sanitize_diag :=
|
2015-04-17 07:21:02 +08:00
|
|
|
endif
|
|
|
|
|
2015-08-20 11:13:33 +08:00
|
|
|
# Never always wins.
|
|
|
|
ifeq ($(LOCAL_SANITIZE),never)
|
2014-12-12 10:56:26 +08:00
|
|
|
my_sanitize :=
|
2017-06-29 00:11:26 +08:00
|
|
|
my_sanitize_diag :=
|
2014-12-12 10:56:26 +08:00
|
|
|
endif
|
|
|
|
|
2021-04-14 17:02:29 +08:00
|
|
|
# Enable CFI in included paths.
|
2017-10-31 17:25:16 +08:00
|
|
|
ifeq ($(filter cfi, $(my_sanitize)),)
|
2021-04-14 17:02:29 +08:00
|
|
|
combined_include_paths := $(CFI_INCLUDE_PATHS) \
|
|
|
|
$(PRODUCT_CFI_INCLUDE_PATHS)
|
|
|
|
combined_exclude_paths := $(CFI_EXCLUDE_PATHS) \
|
|
|
|
$(PRODUCT_CFI_EXCLUDE_PATHS)
|
|
|
|
|
|
|
|
ifneq ($(strip $(foreach dir,$(subst $(comma),$(space),$(combined_include_paths)),\
|
|
|
|
$(filter $(dir)%,$(LOCAL_PATH)))),)
|
|
|
|
ifeq ($(strip $(foreach dir,$(subst $(comma),$(space),$(combined_exclude_paths)),\
|
|
|
|
$(filter $(dir)%,$(LOCAL_PATH)))),)
|
|
|
|
my_sanitize := cfi $(my_sanitize)
|
2018-05-25 09:04:25 +08:00
|
|
|
endif
|
2017-10-31 17:25:16 +08:00
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2021-01-14 04:14:55 +08:00
|
|
|
# Enable memtag_heap in included paths (for Arm64 only).
|
|
|
|
ifeq ($(filter memtag_heap, $(my_sanitize)),)
|
|
|
|
ifneq ($(filter arm64,$(TARGET_$(LOCAL_2ND_ARCH_VAR_PREFIX)ARCH)),)
|
|
|
|
combined_sync_include_paths := $(MEMTAG_HEAP_SYNC_INCLUDE_PATHS) \
|
|
|
|
$(PRODUCT_MEMTAG_HEAP_SYNC_INCLUDE_PATHS)
|
|
|
|
combined_async_include_paths := $(MEMTAG_HEAP_ASYNC_INCLUDE_PATHS) \
|
|
|
|
$(PRODUCT_MEMTAG_HEAP_ASYNC_INCLUDE_PATHS)
|
2021-04-10 05:52:33 +08:00
|
|
|
combined_exclude_paths := $(MEMTAG_HEAP_EXCLUDE_PATHS) \
|
|
|
|
$(PRODUCT_MEMTAG_HEAP_EXCLUDE_PATHS)
|
|
|
|
|
|
|
|
ifeq ($(strip $(foreach dir,$(subst $(comma),$(space),$(combined_exclude_paths)),\
|
|
|
|
$(filter $(dir)%,$(LOCAL_PATH)))),)
|
|
|
|
ifneq ($(strip $(foreach dir,$(subst $(comma),$(space),$(combined_sync_include_paths)),\
|
|
|
|
$(filter $(dir)%,$(LOCAL_PATH)))),)
|
|
|
|
my_sanitize := memtag_heap $(my_sanitize)
|
|
|
|
my_sanitize_diag := memtag_heap $(my_sanitize_diag)
|
|
|
|
else ifneq ($(strip $(foreach dir,$(subst $(comma),$(space),$(combined_async_include_paths)),\
|
|
|
|
$(filter $(dir)%,$(LOCAL_PATH)))),)
|
|
|
|
my_sanitize := memtag_heap $(my_sanitize)
|
|
|
|
endif
|
2021-01-14 04:14:55 +08:00
|
|
|
endif
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2017-01-19 09:50:29 +08:00
|
|
|
# If CFI is disabled globally, remove it from my_sanitize.
|
2017-01-25 05:20:28 +08:00
|
|
|
ifeq ($(strip $(ENABLE_CFI)),false)
|
2017-01-19 09:50:29 +08:00
|
|
|
my_sanitize := $(filter-out cfi,$(my_sanitize))
|
2017-02-08 12:28:07 +08:00
|
|
|
my_sanitize_diag := $(filter-out cfi,$(my_sanitize_diag))
|
|
|
|
endif
|
|
|
|
|
2017-04-20 22:39:13 +08:00
|
|
|
# Also disable CFI if ASAN is enabled.
|
|
|
|
ifneq ($(filter address,$(my_sanitize)),)
|
|
|
|
my_sanitize := $(filter-out cfi,$(my_sanitize))
|
|
|
|
my_sanitize_diag := $(filter-out cfi,$(my_sanitize_diag))
|
|
|
|
endif
|
|
|
|
|
2021-05-20 02:29:02 +08:00
|
|
|
# Disable memtag for host targets. Host executables in AndroidMk files are
|
|
|
|
# deprecated, but some partners still have them floating around.
|
|
|
|
ifdef LOCAL_IS_HOST_MODULE
|
|
|
|
my_sanitize := $(filter-out memtag_heap,$(my_sanitize))
|
|
|
|
my_sanitize_diag := $(filter-out memtag_heap,$(my_sanitize_diag))
|
|
|
|
endif
|
|
|
|
|
2018-03-16 05:49:20 +08:00
|
|
|
# Disable sanitizers which need the UBSan runtime for host targets.
|
2017-11-18 03:19:36 +08:00
|
|
|
ifdef LOCAL_IS_HOST_MODULE
|
|
|
|
my_sanitize := $(filter-out cfi,$(my_sanitize))
|
|
|
|
my_sanitize_diag := $(filter-out cfi,$(my_sanitize_diag))
|
2018-03-16 05:49:20 +08:00
|
|
|
my_sanitize := $(filter-out signed-integer-overflow unsigned-integer-overflow integer_overflow,$(my_sanitize))
|
|
|
|
my_sanitize_diag := $(filter-out signed-integer-overflow unsigned-integer-overflow integer_overflow,$(my_sanitize_diag))
|
2017-11-18 03:19:36 +08:00
|
|
|
endif
|
|
|
|
|
2017-06-29 00:11:26 +08:00
|
|
|
# Support for local sanitize blacklist paths.
|
|
|
|
ifneq ($(my_sanitize)$(my_global_sanitize),)
|
2020-07-31 06:18:07 +08:00
|
|
|
ifneq ($(LOCAL_SANITIZE_BLOCKLIST),)
|
|
|
|
my_cflags += -fsanitize-blacklist=$(LOCAL_PATH)/$(LOCAL_SANITIZE_BLOCKLIST)
|
|
|
|
endif
|
2017-06-29 00:11:26 +08:00
|
|
|
endif
|
|
|
|
|
2017-07-22 01:33:32 +08:00
|
|
|
# Disable integer_overflow if LOCAL_NOSANITIZE=integer.
|
2017-06-29 00:11:26 +08:00
|
|
|
ifneq ($(filter integer_overflow, $(my_global_sanitize) $(my_sanitize)),)
|
|
|
|
ifneq ($(filter integer, $(strip $(LOCAL_NOSANITIZE))),)
|
|
|
|
my_sanitize := $(filter-out integer_overflow,$(my_sanitize))
|
|
|
|
my_sanitize_diag := $(filter-out integer_overflow,$(my_sanitize_diag))
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2016-05-13 04:07:17 +08:00
|
|
|
my_nosanitize = $(strip $(LOCAL_NOSANITIZE))
|
|
|
|
ifneq ($(my_nosanitize),)
|
|
|
|
my_sanitize := $(filter-out $(my_nosanitize),$(my_sanitize))
|
|
|
|
endif
|
|
|
|
|
2018-07-28 02:54:32 +08:00
|
|
|
ifneq ($(filter arm x86 x86_64,$(TARGET_$(LOCAL_2ND_ARCH_VAR_PREFIX)ARCH)),)
|
|
|
|
my_sanitize := $(filter-out hwaddress,$(my_sanitize))
|
2021-01-14 04:14:55 +08:00
|
|
|
my_sanitize := $(filter-out memtag_heap,$(my_sanitize))
|
2018-07-28 02:54:32 +08:00
|
|
|
endif
|
|
|
|
|
|
|
|
ifneq ($(filter hwaddress,$(my_sanitize)),)
|
|
|
|
my_sanitize := $(filter-out address,$(my_sanitize))
|
|
|
|
my_sanitize := $(filter-out thread,$(my_sanitize))
|
2018-12-05 09:06:45 +08:00
|
|
|
my_sanitize := $(filter-out cfi,$(my_sanitize))
|
2018-07-28 02:54:32 +08:00
|
|
|
endif
|
|
|
|
|
|
|
|
ifneq ($(filter hwaddress,$(my_sanitize)),)
|
|
|
|
my_shared_libraries += $($(LOCAL_2ND_ARCH_VAR_PREFIX)HWADDRESS_SANITIZER_RUNTIME_LIBRARY)
|
2018-11-02 06:43:14 +08:00
|
|
|
ifneq ($(filter EXECUTABLES NATIVE_TESTS,$(LOCAL_MODULE_CLASS)),)
|
2018-07-28 02:54:32 +08:00
|
|
|
ifeq ($(LOCAL_FORCE_STATIC_EXECUTABLE),true)
|
Stop linking libdl.a into static bins
libdl.a has a no-op dlopen, which breaks static libraries that need a real
dlopen. Instead of automatically linking libdl.a into static executables,
make it optional.
Until recently, the libunwind_llvm.a unwinder, used on arm32, needed the
no-op dladdr, but it's now built using -D_LIBUNWIND_USE_DLADDR=0.
The HWASan run-time uses dlsym and dladdr, so add a libdl dependency for
HWASan-built static binaries. We could also remove the dependency from
libclang_rt.hwasan_static-*.a, but this is also easy to do.
Bug: http://b/141485154
Test: bionic unit tests, device boots, verify that static and dynamic
executables can throw/catch an exception
Test: verify that a static executable using dlopen doesn't link (unless it
adds an explicit dependency on libdl)
Change-Id: Id26741f79dca50256a2dc23453af3026a6c88dca
2019-10-22 11:47:53 +08:00
|
|
|
my_static_libraries := $(my_static_libraries) \
|
|
|
|
$($(LOCAL_2ND_ARCH_VAR_PREFIX)HWADDRESS_SANITIZER_STATIC_LIBRARY) \
|
|
|
|
libdl
|
2018-07-28 02:54:32 +08:00
|
|
|
endif
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2021-01-14 04:14:55 +08:00
|
|
|
ifneq ($(filter memtag_heap,$(my_sanitize)),)
|
|
|
|
# Add memtag ELF note.
|
2021-04-13 02:46:17 +08:00
|
|
|
ifneq ($(filter EXECUTABLES NATIVE_TESTS,$(LOCAL_MODULE_CLASS)),)
|
|
|
|
ifneq ($(filter memtag_heap,$(my_sanitize_diag)),)
|
|
|
|
my_whole_static_libraries += note_memtag_heap_sync
|
|
|
|
else
|
|
|
|
my_whole_static_libraries += note_memtag_heap_async
|
|
|
|
endif
|
2021-01-14 04:14:55 +08:00
|
|
|
endif
|
|
|
|
# This is all that memtag_heap does - it is not an actual -fsanitize argument.
|
|
|
|
# Remove it from the list.
|
|
|
|
my_sanitize := $(filter-out memtag_heap,$(my_sanitize))
|
|
|
|
endif
|
|
|
|
|
|
|
|
my_sanitize_diag := $(filter-out memtag_heap,$(my_sanitize_diag))
|
|
|
|
|
2015-07-31 01:17:33 +08:00
|
|
|
# TSAN is not supported on 32-bit architectures. For non-multilib cases, make
|
|
|
|
# its use an error. For multilib cases, don't use it for the 32-bit case.
|
|
|
|
ifneq ($(filter thread,$(my_sanitize)),)
|
|
|
|
ifeq ($(my_32_64_bit_suffix),32)
|
|
|
|
ifeq ($(my_module_multilib),both)
|
|
|
|
my_sanitize := $(filter-out thread,$(my_sanitize))
|
|
|
|
else
|
|
|
|
$(error $(LOCAL_PATH): $(LOCAL_MODULE): TSAN cannot be used for 32-bit modules.)
|
|
|
|
endif
|
2017-10-20 05:33:58 +08:00
|
|
|
else
|
|
|
|
my_shared_libraries += $(TSAN_RUNTIME_LIBRARY)
|
2015-07-31 01:17:33 +08:00
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2016-05-07 09:15:57 +08:00
|
|
|
ifneq ($(filter safe-stack,$(my_sanitize)),)
|
|
|
|
ifeq ($(my_32_64_bit_suffix),32)
|
|
|
|
my_sanitize := $(filter-out safe-stack,$(my_sanitize))
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2018-06-15 02:02:15 +08:00
|
|
|
# Disable Scudo if ASan or TSan is enabled.
|
2018-07-28 02:54:32 +08:00
|
|
|
ifneq ($(filter address thread hwaddress,$(my_sanitize)),)
|
2018-06-15 02:02:15 +08:00
|
|
|
my_sanitize := $(filter-out scudo,$(my_sanitize))
|
|
|
|
endif
|
|
|
|
|
2019-02-02 01:06:42 +08:00
|
|
|
# Or if disabled globally.
|
2019-03-28 23:45:40 +08:00
|
|
|
ifeq ($(PRODUCT_DISABLE_SCUDO),true)
|
2019-02-02 01:06:42 +08:00
|
|
|
my_sanitize := $(filter-out scudo,$(my_sanitize))
|
|
|
|
endif
|
|
|
|
|
2015-06-26 07:38:25 +08:00
|
|
|
# Undefined symbols can occur if a non-sanitized library links
|
|
|
|
# sanitized static libraries. That's OK, because the executable
|
|
|
|
# always depends on the ASan runtime library, which defines these
|
|
|
|
# symbols.
|
2016-05-20 08:49:51 +08:00
|
|
|
ifneq ($(filter address thread,$(strip $(SANITIZE_TARGET))),)
|
2015-06-26 07:38:25 +08:00
|
|
|
ifndef LOCAL_IS_HOST_MODULE
|
|
|
|
ifeq ($(LOCAL_MODULE_CLASS),SHARED_LIBRARIES)
|
|
|
|
ifeq ($(my_sanitize),)
|
|
|
|
my_allow_undefined_symbols := true
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2015-04-17 09:07:07 +08:00
|
|
|
ifneq ($(filter default-ub,$(my_sanitize)),)
|
|
|
|
my_sanitize := $(CLANG_DEFAULT_UB_CHECKS)
|
2014-12-12 10:56:26 +08:00
|
|
|
endif
|
|
|
|
|
2019-05-02 05:37:33 +08:00
|
|
|
ifneq ($(filter fuzzer,$(my_sanitize)),)
|
|
|
|
# SANITIZE_TARGET='fuzzer' actually means to create the fuzzer coverage
|
|
|
|
# information, not to link against the fuzzer main().
|
|
|
|
my_sanitize := $(filter-out fuzzer,$(my_sanitize))
|
|
|
|
my_sanitize += fuzzer-no-link
|
|
|
|
|
|
|
|
# TODO(b/131771163): Disable LTO for fuzzer builds. Note that Cfi causes
|
|
|
|
# dependency on LTO.
|
|
|
|
my_sanitize := $(filter-out cfi,$(my_sanitize))
|
|
|
|
my_cflags += -fno-lto
|
|
|
|
my_ldflags += -fno-lto
|
2019-06-18 01:37:55 +08:00
|
|
|
|
|
|
|
# TODO(b/133876586): Disable experimental pass manager for fuzzer builds.
|
|
|
|
my_cflags += -fno-experimental-new-pass-manager
|
2015-09-19 02:54:43 +08:00
|
|
|
endif
|
|
|
|
|
2017-06-29 00:11:26 +08:00
|
|
|
ifneq ($(filter integer_overflow,$(my_sanitize)),)
|
2018-03-16 05:49:20 +08:00
|
|
|
# Respect LOCAL_NOSANITIZE for integer-overflow flags.
|
|
|
|
ifeq ($(filter signed-integer-overflow, $(strip $(LOCAL_NOSANITIZE))),)
|
|
|
|
my_sanitize += signed-integer-overflow
|
|
|
|
endif
|
|
|
|
ifeq ($(filter unsigned-integer-overflow, $(strip $(LOCAL_NOSANITIZE))),)
|
|
|
|
my_sanitize += unsigned-integer-overflow
|
|
|
|
endif
|
|
|
|
my_cflags += $(INTEGER_OVERFLOW_EXTRA_CFLAGS)
|
2017-06-29 00:11:26 +08:00
|
|
|
|
2018-03-16 05:49:20 +08:00
|
|
|
# Check for diagnostics mode.
|
|
|
|
ifneq ($(filter integer_overflow,$(my_sanitize_diag)),)
|
|
|
|
ifneq ($(filter SHARED_LIBRARIES EXECUTABLES,$(LOCAL_MODULE_CLASS)),)
|
|
|
|
ifneq ($(LOCAL_FORCE_STATIC_EXECUTABLE),true)
|
2018-02-22 05:41:05 +08:00
|
|
|
my_sanitize_diag += signed-integer-overflow
|
|
|
|
my_sanitize_diag += unsigned-integer-overflow
|
2018-03-16 05:49:20 +08:00
|
|
|
else
|
|
|
|
$(call pretty-error,Make cannot apply integer overflow diagnostics to static binary.)
|
2017-06-29 00:11:26 +08:00
|
|
|
endif
|
2018-03-16 05:49:20 +08:00
|
|
|
else
|
|
|
|
$(call pretty-error,Make cannot apply integer overflow diagnostics to static library.)
|
2017-06-29 00:11:26 +08:00
|
|
|
endif
|
|
|
|
endif
|
|
|
|
my_sanitize := $(filter-out integer_overflow,$(my_sanitize))
|
|
|
|
endif
|
|
|
|
|
|
|
|
# Makes sure integer_overflow diagnostics is removed from the diagnostics list
|
|
|
|
# even if integer_overflow is not set for some reason.
|
|
|
|
ifneq ($(filter integer_overflow,$(my_sanitize_diag)),)
|
|
|
|
my_sanitize_diag := $(filter-out integer_overflow,$(my_sanitize_diag))
|
|
|
|
endif
|
|
|
|
|
2014-12-12 10:56:26 +08:00
|
|
|
ifneq ($(my_sanitize),)
|
2015-11-10 08:32:11 +08:00
|
|
|
fsanitize_arg := $(subst $(space),$(comma),$(my_sanitize))
|
2014-12-12 10:56:26 +08:00
|
|
|
my_cflags += -fsanitize=$(fsanitize_arg)
|
2018-09-01 03:57:26 +08:00
|
|
|
my_asflags += -fsanitize=$(fsanitize_arg)
|
2014-12-12 10:56:26 +08:00
|
|
|
|
2019-05-02 05:37:33 +08:00
|
|
|
# When fuzzing, we wish to crash with diagnostics on any bug.
|
|
|
|
ifneq ($(filter fuzzer-no-link,$(my_sanitize)),)
|
|
|
|
my_cflags += -fno-sanitize-trap=all
|
|
|
|
my_cflags += -fno-sanitize-recover=all
|
|
|
|
my_ldflags += -fsanitize=fuzzer-no-link
|
|
|
|
else ifdef LOCAL_IS_HOST_MODULE
|
2015-06-17 14:27:34 +08:00
|
|
|
my_cflags += -fno-sanitize-recover=all
|
2014-12-12 10:56:26 +08:00
|
|
|
my_ldflags += -fsanitize=$(fsanitize_arg)
|
2015-06-17 14:27:34 +08:00
|
|
|
else
|
2016-05-20 08:45:21 +08:00
|
|
|
my_cflags += -fsanitize-trap=all
|
|
|
|
my_cflags += -ftrap-function=abort
|
2016-05-13 04:07:36 +08:00
|
|
|
ifneq ($(filter address thread,$(my_sanitize)),)
|
2016-05-20 08:45:21 +08:00
|
|
|
my_cflags += -fno-sanitize-trap=address,thread
|
2016-05-13 04:07:36 +08:00
|
|
|
my_shared_libraries += libdl
|
|
|
|
endif
|
2014-12-12 10:56:26 +08:00
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2016-07-08 01:56:39 +08:00
|
|
|
ifneq ($(filter cfi,$(my_sanitize)),)
|
2017-01-21 06:12:08 +08:00
|
|
|
# __cfi_check needs to be built as Thumb (see the code in linker_cfi.cpp).
|
|
|
|
# LLVM is not set up to do this on a function basis, so force Thumb on the
|
|
|
|
# entire module.
|
|
|
|
LOCAL_ARM_MODE := thumb
|
2017-02-14 23:55:37 +08:00
|
|
|
my_cflags += $(CFI_EXTRA_CFLAGS)
|
2018-09-01 03:57:26 +08:00
|
|
|
my_asflags += $(CFI_EXTRA_ASFLAGS)
|
2017-11-01 17:21:20 +08:00
|
|
|
# Only append the default visibility flag if -fvisibility has not already been
|
|
|
|
# set to hidden.
|
|
|
|
ifeq ($(filter -fvisibility=hidden,$(LOCAL_CFLAGS)),)
|
|
|
|
my_cflags += -fvisibility=default
|
|
|
|
endif
|
2017-02-14 23:55:37 +08:00
|
|
|
my_ldflags += $(CFI_EXTRA_LDFLAGS)
|
2017-01-24 08:57:38 +08:00
|
|
|
my_arflags += --plugin $(LLVM_PREBUILTS_PATH)/../lib64/LLVMgold.so
|
2017-11-01 17:21:20 +08:00
|
|
|
|
|
|
|
ifeq ($(LOCAL_FORCE_STATIC_EXECUTABLE),true)
|
|
|
|
my_ldflags := $(filter-out -fsanitize-cfi-cross-dso,$(my_ldflags))
|
|
|
|
my_cflags := $(filter-out -fsanitize-cfi-cross-dso,$(my_cflags))
|
|
|
|
else
|
|
|
|
# Apply the version script to non-static executables
|
|
|
|
my_ldflags += -Wl,--version-script,build/soong/cc/config/cfi_exports.map
|
|
|
|
LOCAL_ADDITIONAL_DEPENDENCIES += build/soong/cc/config/cfi_exports.map
|
|
|
|
endif
|
2016-07-08 01:56:39 +08:00
|
|
|
endif
|
|
|
|
|
2016-03-10 06:54:55 +08:00
|
|
|
# If local or global modules need ASAN, add linker flags.
|
|
|
|
ifneq ($(filter address,$(my_global_sanitize) $(my_sanitize)),)
|
2014-11-01 07:23:08 +08:00
|
|
|
my_ldflags += $(ADDRESS_SANITIZER_CONFIG_EXTRA_LDFLAGS)
|
|
|
|
ifdef LOCAL_IS_HOST_MODULE
|
2014-12-12 10:56:26 +08:00
|
|
|
# -nodefaultlibs (provided with libc++) prevents the driver from linking
|
|
|
|
# libraries needed with -fsanitize=address. http://b/18650275 (WAI)
|
2015-04-29 05:55:50 +08:00
|
|
|
my_ldflags += -Wl,--no-as-needed
|
2014-12-12 10:56:26 +08:00
|
|
|
else
|
2016-03-10 06:54:55 +08:00
|
|
|
# Add asan libraries unless LOCAL_MODULE is the asan library.
|
2015-04-25 07:34:47 +08:00
|
|
|
# ASan runtime library must be the first in the link order.
|
2016-03-10 06:54:55 +08:00
|
|
|
ifeq (,$(filter $(LOCAL_MODULE),$($(LOCAL_2ND_ARCH_VAR_PREFIX)ADDRESS_SANITIZER_RUNTIME_LIBRARY)))
|
|
|
|
my_shared_libraries := $($(LOCAL_2ND_ARCH_VAR_PREFIX)ADDRESS_SANITIZER_RUNTIME_LIBRARY) \
|
|
|
|
$(my_shared_libraries)
|
|
|
|
endif
|
|
|
|
|
|
|
|
# Do not add unnecessary dependency in shared libraries.
|
|
|
|
ifeq ($(LOCAL_MODULE_CLASS),SHARED_LIBRARIES)
|
|
|
|
my_ldflags += -Wl,--as-needed
|
|
|
|
endif
|
2015-08-18 07:13:24 +08:00
|
|
|
|
2018-12-21 07:55:08 +08:00
|
|
|
ifneq ($(filter EXECUTABLES NATIVE_TESTS,$(LOCAL_MODULE_CLASS)),)
|
2016-07-18 06:28:07 +08:00
|
|
|
ifneq ($(LOCAL_FORCE_STATIC_EXECUTABLE),true)
|
|
|
|
my_linker := $($(LOCAL_2ND_ARCH_VAR_PREFIX)ADDRESS_SANITIZER_LINKER)
|
|
|
|
# Make sure linker_asan get installed.
|
2019-01-31 17:07:50 +08:00
|
|
|
$(LOCAL_INSTALLED_MODULE) : | $(PRODUCT_OUT)$($(LOCAL_2ND_ARCH_VAR_PREFIX)ADDRESS_SANITIZER_LINKER_FILE)
|
2016-07-18 06:28:07 +08:00
|
|
|
endif
|
|
|
|
endif
|
2014-12-12 10:56:26 +08:00
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2016-03-10 06:54:55 +08:00
|
|
|
# If local module needs ASAN, add compiler flags.
|
|
|
|
ifneq ($(filter address,$(my_sanitize)),)
|
|
|
|
# Frame pointer based unwinder in ASan requires ARM frame setup.
|
|
|
|
LOCAL_ARM_MODE := arm
|
|
|
|
my_cflags += $(ADDRESS_SANITIZER_CONFIG_EXTRA_CFLAGS)
|
|
|
|
ifndef LOCAL_IS_HOST_MODULE
|
|
|
|
my_cflags += -mllvm -asan-globals=0
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2018-08-29 04:52:08 +08:00
|
|
|
# If local module needs HWASAN, add compiler flags.
|
|
|
|
ifneq ($(filter hwaddress,$(my_sanitize)),)
|
|
|
|
my_cflags += $(HWADDRESS_SANITIZER_CONFIG_EXTRA_CFLAGS)
|
|
|
|
endif
|
|
|
|
|
2020-03-07 10:09:06 +08:00
|
|
|
# Use minimal diagnostics when integer overflow is enabled; never do it for HOST modules
|
|
|
|
ifeq ($(LOCAL_IS_HOST_MODULE),)
|
2018-02-22 05:41:05 +08:00
|
|
|
# Pre-emptively add UBSAN minimal runtime incase a static library dependency requires it
|
|
|
|
ifeq ($(filter STATIC_LIBRARIES,$(LOCAL_MODULE_CLASS)),)
|
|
|
|
ifndef LOCAL_SDK_VERSION
|
|
|
|
my_static_libraries += $($(LOCAL_2ND_ARCH_VAR_PREFIX)UBSAN_MINIMAL_RUNTIME_LIBRARY)
|
2018-05-12 05:09:36 +08:00
|
|
|
my_ldflags += -Wl,--exclude-libs,$($(LOCAL_2ND_ARCH_VAR_PREFIX)UBSAN_MINIMAL_RUNTIME_LIBRARY).a
|
2018-02-22 05:41:05 +08:00
|
|
|
endif
|
|
|
|
endif
|
|
|
|
ifneq ($(filter unsigned-integer-overflow signed-integer-overflow integer,$(my_sanitize)),)
|
2018-10-11 23:56:12 +08:00
|
|
|
ifeq ($(filter unsigned-integer-overflow signed-integer-overflow integer,$(my_sanitize_diag)),)
|
2018-02-22 05:41:05 +08:00
|
|
|
ifeq ($(filter cfi,$(my_sanitize_diag)),)
|
2019-05-02 05:37:33 +08:00
|
|
|
ifeq ($(filter address hwaddress fuzzer-no-link,$(my_sanitize)),)
|
2018-02-22 05:41:05 +08:00
|
|
|
my_cflags += -fsanitize-minimal-runtime
|
|
|
|
my_cflags += -fno-sanitize-trap=integer
|
|
|
|
my_cflags += -fno-sanitize-recover=integer
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2018-10-11 23:56:12 +08:00
|
|
|
# For Scudo, we opt for the minimal runtime, unless some diagnostics are enabled.
|
|
|
|
ifneq ($(filter scudo,$(my_sanitize)),)
|
|
|
|
ifeq ($(filter unsigned-integer-overflow signed-integer-overflow integer cfi,$(my_sanitize_diag)),)
|
|
|
|
my_cflags += -fsanitize-minimal-runtime
|
|
|
|
endif
|
|
|
|
ifneq ($(filter -fsanitize-minimal-runtime,$(my_cflags)),)
|
|
|
|
my_shared_libraries += $($(LOCAL_2ND_ARCH_VAR_PREFIX)SCUDO_MINIMAL_RUNTIME_LIBRARY)
|
|
|
|
else
|
|
|
|
my_shared_libraries += $($(LOCAL_2ND_ARCH_VAR_PREFIX)SCUDO_RUNTIME_LIBRARY)
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2015-04-29 02:26:45 +08:00
|
|
|
ifneq ($(strip $(LOCAL_SANITIZE_RECOVER)),)
|
|
|
|
recover_arg := $(subst $(space),$(comma),$(LOCAL_SANITIZE_RECOVER)),
|
2015-04-17 09:08:44 +08:00
|
|
|
my_cflags += -fsanitize-recover=$(recover_arg)
|
|
|
|
endif
|
2016-07-08 01:56:39 +08:00
|
|
|
|
2018-12-13 02:04:34 +08:00
|
|
|
ifneq ($(strip $(LOCAL_SANITIZE_NO_RECOVER)),)
|
|
|
|
no_recover_arg := $(subst $(space),$(comma),$(LOCAL_SANITIZE_NO_RECOVER)),
|
|
|
|
my_cflags += -fno-sanitize-recover=$(no_recover_arg)
|
|
|
|
endif
|
|
|
|
|
2017-01-19 09:50:29 +08:00
|
|
|
ifneq ($(my_sanitize_diag),)
|
2017-11-01 17:21:20 +08:00
|
|
|
# TODO(vishwath): Add diagnostic support for static executables once
|
|
|
|
# we switch to clang-4393122 (which adds the static ubsan runtime
|
|
|
|
# that this depends on)
|
|
|
|
ifneq ($(LOCAL_FORCE_STATIC_EXECUTABLE),true)
|
|
|
|
notrap_arg := $(subst $(space),$(comma),$(my_sanitize_diag)),
|
|
|
|
my_cflags += -fno-sanitize-trap=$(notrap_arg)
|
|
|
|
# Diagnostic requires a runtime library, unless ASan or TSan are also enabled.
|
2018-07-28 02:54:32 +08:00
|
|
|
ifeq ($(filter address thread scudo hwaddress,$(my_sanitize)),)
|
2017-11-01 17:21:20 +08:00
|
|
|
# Does not have to be the first DT_NEEDED unlike ASan.
|
|
|
|
my_shared_libraries += $($(LOCAL_2ND_ARCH_VAR_PREFIX)UBSAN_RUNTIME_LIBRARY)
|
|
|
|
endif
|
2016-07-08 01:56:39 +08:00
|
|
|
endif
|
|
|
|
endif
|
2018-11-18 12:18:08 +08:00
|
|
|
|
|
|
|
# http://b/119329758, Android core does not boot up with this sanitizer yet.
|
|
|
|
# Previously sanitized modules might not pass new implicit-integer-sign-change check.
|
|
|
|
# Disable this check unless it has been explicitly specified.
|
|
|
|
ifneq ($(findstring fsanitize,$(my_cflags)),)
|
|
|
|
ifneq ($(findstring integer,$(my_cflags)),)
|
|
|
|
ifeq ($(findstring sanitize=implicit-integer-sign-change,$(my_cflags)),)
|
|
|
|
my_cflags += -fno-sanitize=implicit-integer-sign-change
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
endif
|
2021-01-15 06:05:54 +08:00
|
|
|
|
|
|
|
# http://b/177566116, libc++ may crash with this sanitizer.
|
|
|
|
# Disable this check unless it has been explicitly specified.
|
|
|
|
ifneq ($(findstring fsanitize,$(my_cflags)),)
|
|
|
|
ifneq ($(findstring integer,$(my_cflags)),)
|
|
|
|
ifeq ($(findstring sanitize=unsigned-shift-base,$(my_cflags)),)
|
|
|
|
my_cflags += -fno-sanitize=unsigned-shift-base
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
endif
|