Sanitized RPATH now mentions /system/vendor/lib to preserve overlay
in the case when a sanitized version of a vendor library can not be
built.
Bug: 22199458
Change-Id: I3222d2e1d6c08fdd1e0404fcb7db347aa4a92bb7
Due to the change in https://lwn.net/Articles/546473/, kernel reserves a
few extra blocks (lesser of 2% and 4096 blocks) on ext4 FS which leads to
OTA update failures. Adjust the size computation if the device has
BOARD_HAS_EXT4_RESERVED_BLOCKS := true.
It amends the last attemp in [1]. Now it computes the used blocks from the
make_ext4fs output, instead of altering its argument.
[1]: commit efbb5d2e69.
Bug: 21522719
Bug: 22023465
Bug: 22174684
Change-Id: Iaae6507f6de68a5892f2e3035d330039287b4492
(cherry picked from commit c7a6f1e4f8)
Due to the change in https://lwn.net/Articles/546473/, kernel reserves a
few extra blocks (lesser of 2% and 4096 blocks) on ext4 FS which leads to
OTA update failures. Adjust the size computation if the device has
BOARD_HAS_EXT4_RESERVED_BLOCKS := true.
It amends the last attemp in [1]. Now it computes the used blocks from the
make_ext4fs output, instead of altering its argument.
[1]: commit efbb5d2e69.
Bug: 21522719
Bug: 22023465
Bug: 22174684
Change-Id: I9783a51abe6581ff5c75db81e78ac606d0f32c4c
We should not change the parameter to mkfs_ext4. Bug filed at
b/22174684. Will come up with a new CL.
This reverts commit efbb5d2e69.
Change-Id: I15f7a9a07a65a936ba186d2ce672ec4832ed3e17
Without this change, if an app with "LOCAL_SDK_VERSION := current" links
against a static library that uses removed APIs, the app will fail
ProGuard processing because the removed APIs can't be found in the
current SDK. This works around the issue.
Bug: 18510449
Bug: 20667396
Change-Id: Ia6e2a81cf5ecba972d155e56238ea946f8539411
These symbols are defined in the ASan runtime library, which is always
present at runtime.
Bug:21785137
Change-Id: Ib8418c66323fd4cdfdc05548048f32380cb84ee5
Due to the change in https://lwn.net/Articles/546473/, kernel reserves a
few extra blocks (lesser of 2% and 4096 blocks) on ext4 FS which leads to
OTA update failures. Adjust the size computation if the device has
BOARD_HAS_EXT4_RESERVED_BLOCKS := true.
Bug: 21522719
Bug: 22023465
Change-Id: I49f16adbf2dedc5279fbb8622bf99ef71dcc494f
Introduce a way to speed up local builds. Don't build all test
modules if ANDROID_NO_TEST_CHECK is set to true.
On master branch this reduces what is built by more than
300 apps and 50 java libraries. Time for doing this on a
12 core machine running with -j13 is about 10 minutes.
Change-Id: I90feb108695ee60d0dbbf497644f767cc3748215
These symbols need to always be resolved for each binary. Making these
symbols hidden means that we will get a build breakage if this doesn't
happen, and should also prevent the situation where one unwinder's
symbols are visible to the other.
Bug: 18471342
Bug: 19958712
Change-Id: Ieff1f10dab254b60ed120410f45998cf75bb5b9b
Do not clean installed files, only intermediate files. This way, two
consequitive builds first without, then with SANITIZE_TARGET will
produce a frankenbuild with both sets of shared libraries.
Bug: 21785137
Change-Id: I231868b15331be942c783458cf36233c2e7740d3
A fully (or even mostly) asan-instrumented device will have 2 copies of each
shared library, which might not fit on system partition. Moving instrumented
libraries to /data.
Bug: 21785137
Change-Id: I64184261da2eb24a1382c67e4931c34a5a38b3c0
This also does a bit of cleanup in config_sanitizers.mk. The result is
that `LOCAL_SANITIZE := <any arbitrary ubsan group>` should function
fine for both host and target.
This is a superset of LOCAL_DETECT_INTEGER_OVERFLOWS, so remove that.
This also checks integer division by zero. It's supposed to cover
shifting undefined behaviors as well, but apparently it does not
(though `LOCAL_SANITIZE := shift` works fine).
Change-Id: I4ac99eafa6920a3f8cb82af37ce56ff0fdb95223
The two flags have been merged and renamed in ART.
(cherry picked from commit d8fae9a6a6)
Bug: 21924613
Change-Id: Iffc1dcc6764367239d6f45a3598cdb2c5d5d5013
The same as SANITIZE_HOST, but for the target.
Also, skip all LOCAL_FORCE_STATIC_EXECUTABLE targets, as ASan does not
support static linking.
Bug: 21785137
Change-Id: Ief53ff8de1fee18f230d6c7dd31845db5bbd415c
I've migrated all users of this to the new option now, so we can drop
this.
Dropping `SANITIZE_HOST := true` will have to wait until the build
server configs have been updated.
Change-Id: I591436e197a6c6c079a6cd6a2decb702b574cd71
Add build system support for LOCAL_DETECT_INTEGER_OVERFLOWS. When enabled,
an attempt to perform an integer arithmetic operation which overflows
will result in a call to abort(). This is intended for security
sensitive code, where integer overflow operations are not expected
nor desirable.
Two classes of underflows/overflows are detected and blocked:
1) Signed integer underflow/overflow.
2) Unsigned integer underflow/overflows.
Signed integer overflows are undefined behavior, according to the
C standard. Unsigned integer overflows are defined behavior, but
still undesirable in security sensitive code.
Only clang is supported today. gcc has -ftrapv for handling signed
integer overflow, but it's widely considered broken
(https://gcc.gnu.org/bugzilla/show_bug.cgi?id=35412) and we're
deliberately avoiding it's use here.
Change-Id: Ib4918dc84e37e83d4205e5035544545d91671e5f
Vaguely-Related-Bug: 11859726
Clang is really aggressive at optimizing a handful of cases (read:
clang will ruin your day some if you write bad code). Fortunately, it
also emits a warning when it's about to do this.
To prevent anyone from suffering from these optimizations, make these
warnings errors and make them impossible to disable.
Change-Id: I5e10bb0fc2ca23190017da716b3b84635577a0bd
Prevents aapt from generating java symbols for strings that don't have
a default localization.
Bug: 21537397
Change-Id: I2f17397e33d823045f7dcff02e3d0817f3f81849
These directories are excluded in addition to OUT_DIR.
This can be useful if your build system has other output directories
beyond what OUT_DIR is set to.
Change-Id: I6d98a85bcc8c89279e939406a7fec32547e8922f
The catch all "org" package was catching several thousand
org.apache.harmony.tests.* tests that are already covered by
other packages. Replace the catch-all org.* with specific prefixes.
Needs additional support in CollectAllTests to handle multiple
prefixes. This is implemented in the companion change.
bug: 20862863
(cherry picked from commit cf7fbcd03d)
Change-Id: I1d28f91cfca098ccdcd62e88bb486b433d9c29d8
For historical reason, the aosp_* products were named full_*.
We keep the full, full_x86 and full_mips in case some tools still
reference these legacy names; But no reason the have the full_* product
names for the new 64-bit archs.
Change-Id: I240ed0c6ded0ded2d80603bd0c5ff24750999afc
The catch all "org" package was catching several thousand
org.apache.harmony.tests.* tests that are already covered by
other packages. Replace the catch-all org.* with specific prefixes.
Needs additional support in CollectAllTests to handle multiple
prefixes. This is implemented in the companion change.
bug: 20862863
Change-Id: I44348052d20312d478bdbf6df0e561db63e18cd8
New custom image configuration variables:
- CUSTOM_IMAGE_SELINUX, set to "true" if the image supports selinux.
- CUSTOM_IMAGE_SUPPORT_VERITY, set to "true" if the product supports verity.
- CUSTOM_IMAGE_VERITY_BLOCK_DEVICE
Also changed the staging directory name to the mount point, like we do
for other images built by the build system.
Bug: 19609718
Change-Id: I6bbf06b79eee63e4c77834f2e6f1d5a7f7e00a12
(cherry picked from commit 7d51a40295)
Build additional images requested by the product makefile.
This script gives the ability to build multiple additional images and
you can configure what modules/files to include in each image.
1. Define PRODUCT_CUSTOM_IMAGE_MAKEFILES in your product makefile.
PRODUCT_CUSTOM_IMAGE_MAKEFILES is a list of makefiles.
Each makefile configures an image.
For image configuration makefile foo/bar/xyz.mk, the built image
file name
will be xyz.img. So make sure they won't conflict.
2. In each image's configuration makefile, you can define variables:
- CUSTOM_IMAGE_MOUNT_POINT, the mount point, such as "oem", "odm"
etc.
- CUSTOM_IMAGE_PARTITION_SIZE
- CUSTOM_IMAGE_FILE_SYSTEM_TYPE
- CUSTOM_IMAGE_DICT_FILE, a text file defining a dictionary
accepted by BuildImage() in tools/releasetools/build_image.py.
- CUSTOM_IMAGE_MODULES, a list of module names you want to include
in the image; Not only the module itself will be installed to proper
path in the image, you can also piggyback additional files/directories
with the module's LOCAL_PICKUP_FILES.
- CUSTOM_IMAGE_COPY_FILES, a list of "<src>:<dest>" to be copied to
the image. <dest> is relativ to the root of the image.
To build all those images, run "make custom_images".
Bug: 19609718
Change-Id: Ic73587e08503a251be27797c7b00329716051927
(cherry picked from commit 5fcf1094f9)
- In uncompress-shared-libs we may strip .so files not for the current
TARGET_ARCH. So we need to strip first and then sign the apk.
- For PRESIGNED apks, make sure we don't strip the .so files even if
they are "fat".
Bug: 21571418
Bug: 8076853
Change-Id: Ifd1193dda0c2cd52ac148064ce5a32bcdd03f75c
- We don't need LOCAL_PAGE_ALIGN_JNI_SHARED_LIBRARIES now, for we always
page-align jni shared libraries and store them umcompressed.
- For prebuilt apks, we don't extract jni any more; Instead we always run
uncompress-shared-libs on them.
- For apks built from source, we still install the jni separately, because
that way multiple apks can share the same jni and it saves space.
With this change, for most prebuilt apks, we don't need to specify
LOCAL_PREBUILT_JNI_LIBS ("@lib/<abi>/foo.so") any more, for the build
system automatically replaces the embedded jni with uncompressed files;
But if a prebuilt is a fat apk (i.e. containing jni not needed by the
current product architecture), you still need LOCAL_PREBUILT_JNI_LIBS to
specify what jni to keep. Otherwise all embedded jni will be replaced with
uncompressed files, that wastes space.
Bug: 8076853
Change-Id: Ic3666dc72bf17cd293787414dd185470b365f967
This reverts commit 32e1689684.
Now that prebuilts/gcc/darwin-x86/aarch64/aarch64-linux-android-4.9 is also updated
Change-Id: Id95c1c4cc651c434461655e62b8f23afd56b53e4
Normally the binaries use the exsiting $ORIGIN/../lib[64] with binaries
in the bin subdirectory;
For historical reason the binaries in the SDK package don't have a bin
subdirectory. This workaround enables them to work in the existing SDK
directory structure.
Bug: 21301578
Change-Id: Ibebfbfb8b30e81e7bbaf13a21bb205f3f0282d24
(cherry-pick from commit 4fe7bfd373)
Normally the binaries use the exsiting $ORIGIN/../lib[64] with binaries
in the bin subdirectory;
For historical reason the binaries in the SDK package don't have a bin
subdirectory. This workaround enables them to work in the exsiting SDK
directory structure.
Bug: 21301578
Change-Id: Ibebfbfb8b30e81e7bbaf13a21bb205f3f0282d24
The gcc 4.9 devirtualization bug was fixed with a cherry pick of r212222.
BUG: 19872411
Change-Id: I6d9677f112402fe84d70da770f364392398e9cc9
(cherry picked from commit ad2494bb79)
GDB does not yet have support for compact branches, and is unable to
set a breakpoint on them. Turn compact branch generation off, until
GDB is fixed.
Change-Id: Ie7d6fb891e9934f8fc645fe9cf8f706be15a5f77
Set the initial (version 1!) value for the preview SDK version
readable by apps. If we're on a release version, force it to be 0.
Change-Id: Ib3e6cad1f59cea8e4a781827d4a35dd3620b90f1
Print modules and their transitive dependencies with license files.
To invoke, run
"make deps-license PROJ_PATH=<proj-path-patterns> DEP_PATH=<dep-path-patterns>".
PROJ_PATH restricts the paths of the source modules;
DEP_PATH restricts the paths of the dependency modules.
Both can be makefile patterns supported by makefile function $(filter).
Example:
$ make deps-license packages/app/% external/%
prints all modules in packages/app/ with their dpendencies in external/.
The printout lines look like "<module_name> :: <module_paths> :: <license_files>".
Bug: 20823995
Change-Id: I06b66e85ff56c8628bffa3d948085ed45870100f
(cherry-pick from 39b9b690a8)
- When raising the ProGuard sdk version for platform build, use
TARGET_DEFAULT_JAVA_LIBRARIES instead of just framework.
- Also added SUPPORT_LIBRARY_ROOT to reference support library resource
dir.
Bug: 20658265
Change-Id: Ib008d8e70508723db91431a062cac691367f2f6c
This allows to compile dex targeted java sources using Jack and Jill.
Default is still to compile with the legacy toolchain. Default can be
switched to the new toolchain by setting environement variable:
export ANDROID_COMPILE_WITH_JACK=true
Toolchain can also be forced for one module by defining
LOCAL_JACK_ENABLED:=full # disabled, full, incremental
in the mk portion defining the module.
Jack execution environement can be controlled with:
Global variable ANDROID_JACK_VM allow to change the jvm executing Jack.
Global variable ANDROID_JACK_VM_ARGS allows to change default args given
to the jvm.
Global variable ANDROID_JACK_EXTRA_ARGS allows to define some default args
to give to Jack
LOCAL_JACK_VM_ARGS allows to override default args given to the jvm for
the module.
LOCAL_JACK_EXTRA_ARGS allows to override default args passed to Jack.
This includes cherry-picks of the following changes:
b4c49cba5722c3fa6d73138768c1bb5dd3e1d31283d5d040478bc90fd2d6140274707e0fbc9ff2a2833b427d72f9a27f45b4280966694137822c443dc6b44d43c3d2a76c14bf06744f60fc95573d5036b8213916142794e7b582801f2c44d0c76d99dca1f528e132d676a5e0bd1ae25b3984ff Partially, only Jack related parts werekept
ec46a3b71fabee3a9f4177cbe10fd9daf07db4cdb6bfb5893a
Ie all Jack related changes untill
b6bfb5893a
except
a96cc59ab5 "Use Jack by default"
Change-Id: If9d47ef1c4fd1e6765ad2a47d816c1ad3cfab0e3
Ying Wang