From f03a265786a9e8a4fc6b843f38aded7b586563e3 Mon Sep 17 00:00:00 2001
From: Vishwath Mohan <vishwath@google.com>
Date: Wed, 28 Mar 2018 19:23:01 -0700
Subject: [PATCH] Change PRODUCT_CFI_INCLUDE_PATHS to opt-out (Make)

This CL changes PRODUCT_CFI_INCLUDE_PATHS to be included in all
product configs by default. To maintain the status quo, the sanitizer
logic has been modified to only respect this product config for Arm64
devices (where this was previously enabled).

Bug: 63926619
Test: m -j60 # the device still has CFI enabled thanks to the default
opt-in

Change-Id: I22788d92be881d3290568488f5458c85e02ee8c7
---
 core/config_sanitizers.mk  | 16 ++++++++++------
 target/product/embedded.mk | 24 ++++++++++++++++++++++++
 2 files changed, 34 insertions(+), 6 deletions(-)

diff --git a/core/config_sanitizers.mk b/core/config_sanitizers.mk
index 9ea1ff41e..a4c103c4a 100644
--- a/core/config_sanitizers.mk
+++ b/core/config_sanitizers.mk
@@ -98,13 +98,17 @@ endif
 
 # Enable CFI in included paths.
 ifeq ($(filter cfi, $(my_sanitize)),)
-  combined_include_paths := $(CFI_INCLUDE_PATHS) \
-                            $(PRODUCT_CFI_INCLUDE_PATHS)
+# Do not rely on include paths for anything other than ARM64.
+# TODO: Relax this constraint for 2019.
+  ifneq ($(filter arm64,$(TARGET_$(LOCAL_2ND_ARCH_VAR_PREFIX)ARCH)),)
+    combined_include_paths := $(CFI_INCLUDE_PATHS) \
+                              $(PRODUCT_CFI_INCLUDE_PATHS)
 
-  ifneq ($(strip $(foreach dir,$(subst $(comma),$(space),$(combined_include_paths)),\
-         $(filter $(dir)%,$(LOCAL_PATH)))),)
-    my_sanitize := cfi $(my_sanitize)
-    my_sanitize_diag := cfi $(my_sanitize_diag)
+    ifneq ($(strip $(foreach dir,$(subst $(comma),$(space),$(combined_include_paths)),\
+           $(filter $(dir)%,$(LOCAL_PATH)))),)
+      my_sanitize := cfi $(my_sanitize)
+      my_sanitize_diag := cfi $(my_sanitize_diag)
+    endif
   endif
 endif
 
diff --git a/target/product/embedded.mk b/target/product/embedded.mk
index 3f1d6dfb1..58258169f 100644
--- a/target/product/embedded.mk
+++ b/target/product/embedded.mk
@@ -121,3 +121,27 @@ PRODUCT_COPY_FILES += \
     system/core/rootdir/init.usb.configfs.rc:root/init.usb.configfs.rc \
     system/core/rootdir/ueventd.rc:root/ueventd.rc \
     system/core/rootdir/etc/hosts:system/etc/hosts
+
+# This is a set of common components to enable CFI for (across
+# compatible product configs)
+PRODUCT_CFI_INCLUDE_PATHS :=  \
+    device/google/cuttlefish_common/guest/libs/wpa_supplicant_8_lib \
+    device/google/wahoo/wifi_offload \
+    external/tinyxml2 \
+    external/wpa_supplicant_8 \
+    frameworks/av/camera \
+    frameworks/av/media \
+    frameworks/av/services \
+    frameworks/minikin \
+    hardware/broadcom/wlan/bcmdhd/wpa_supplicant_8_lib \
+    hardware/interfaces/nfc \
+    hardware/qcom/wlan/qcwcn/wpa_supplicant_8_lib \
+    harware/interfaces/keymaster \
+    system/bt \
+    system/chre \
+    system/core/libnetutils \
+    system/core/libziparchive \
+    system/gatekeeper \
+    system/keymaster \
+    system/nfc \
+    system/security \