Add support for excluding paths from having integer_overflow applied to
them when using SANITIZE_TARGET=integer_overflow via an
INTEGER_OVERFLOW_EXCLUDE_PATHS make and product variable. This covers
the make side of the change.
Bug: 30969751
Test: Build with SANITIZE_TARGET=integer_overflow
SANITIZE_TARGET_DIAG=integer_overflow
INTEGER_OVERFLOW_EXCLUDE_PATHS=<path> and confirmed this was no
longer being applied to binaries in that path.
Change-Id: I24e328257bc5a7962024c8676a1e23d7d70a8666
We're removing LocalVariableType / LocalVariableType in order to
save space. Enabling stripping reduces AOSP image size save
by ~12MB.
Bug: 38224820
Test: CtsLibcoreTestCases
Change-Id: I3168d73ec6825aa5879db7e1135d7ed61d488d72
Add product variable that can override the ART module behavior
packing. Rules and meaning are detailed in art/Android.mk.
Bug: 62087184
Test: m
Change-Id: I88e1cb0925cf62c3951b486a178d4dfc5e888a93
This is useful for devices with low disk space with different
build variants.
Bug: 37469715
Test: Regular image builds successfully, errors occur when
the headroom size is greater than available partition space.
Change-Id: I526cdd0f84981bbd16e3afcfe1cd7fc43dce98ef
And by default 'speed' compile those apps at build time.
bug:33799337
Test: m -j32
(cherry picked from commit 9af483488a)
Change-Id: I66f1c675369fccc03b6529c08cb030264d15ba1c
Board-based rule can cause unexpected regression because build-time overlays
are different among products. So each product should be tested with its own
product-based rule considering its build-time overlays before applying
enforcing RRO.
Additionally RRO conversion is mandatory only for overlays of which target is
included in AOSP system image and is critical for CTS/VTS tests with AOSP
system image. So inclusive rule is more suitable instead of exclusive rule
to avoid unexpected regression due to unnecessary RRO conversion.
Note that we still support conversion for all the overlays by specifying
PRODUCT_ENFORCE_RRO_TARGETS as "*".
Test: building succeeded and tested with auto-generated RROs.
Bug: 36231603
Change-Id: I8e1d701d4f78b818c89ef3e7638110105370c5bc
(cherry picked from commit 2a209997e8)
This variable tells whether the product is an Android Things variant of
Android.
Bug: 32549448
Test: `make dist` on an iot product.
Change-Id: I0875951ae57867bc8bf47885e77e494d6284acdb
Enable iff WITH_DEXPREOPT_APP_IMAGE is true.
Test: Clean + build with the flag on and off. Tested Sailfish
booting.
Bug: 34927277
(cherry picked from commit e8ab2a71d7)
Change-Id: I63f98a85c69d99746b11bb6e85c23cf5e48910cf
These are all variables that we export from Soong, and are only used
after Soong's make_vars.mk is read.
Test: Compare build-aosp_flounder.ninja before/after -- only whitespace
Change-Id: Ibb6c6d7bc00ff5840a72c2bba5d97ac4b4724df3
Instead of using rot13 / rot26, use the Kati extension to mark these
variables as readonly.
Move $(strip) for a few variables to before they're marked readonly. Use
a different variable for modifications to BOARD_KERNEL_CMDLINE in
build/core/Makefile.
Test: build/tools/kati_all_products.mk on AOSP and internal master
Test: build-aosp_bullhead.ninja the same before / after
Change-Id: If98b24af763831a9c5c2de38037a69ab1bf9e023
$(shell) isn't particularly fast in Kati, and they have to be executed
both when reading the makefiles and determining whether the ninja file
needs to be regenerated.
Right now, the regen time is mostly hidden because we run them in
parallel. We've also configured it to ignore any commands that contain
"echo", "date", or the output directory. That happens to remove most
commands that contain side effects, so running them in parallel is fine.
But the side effects contain some important things, like the clean up
necessary when switching products. So I'm removing those filters, and
then we'll need to run the shell commands in sequence, since there will
be side-effects. That makes regen take longer though, so use pure-Make
implementations instead of $(shell) where possible.
This set of changes reduces aosp/master aosp_arm64-eng build $(shell)
usage and time by 2/3:
*kati*: func shell time: 3.135095 / 709
*kati*: func shell time: 1.067331 / 236
Bug: 30947985
Test: Manual test lines for math functions
Test: Compare build-aosp_arm64.ninja before/after
Change-Id: I4fc9d6318957992921972994f277c17918e7e1eb
To allow special sanitizer settings for modules shared between
products, add product-specific module settings.
This was copied from the product-specific dexopt settings.
Bug: 29498013
Change-Id: I17a96b975bb6ac7f4ffb3d5b08e2f00b21bd97a1
(cherry picked from commit bb5454b6db)
Allow exceptions specified by module (VENDOR_EXCEPTION_MODULES) and
path (VENDOR_EXCEPTION_PATHS, not including leading vendor/).
BUG=26968426
Change-Id: I068e43f3eae14f8793c33ae916d46979ab1681d1
new read only product property ro.product.first_api_level.
PRODUCT_SHIPPING_API_LEVEL declares which API level a device first
shipped with. We use this variable to set a read-only property that
can be used in CTS/GTS tests.
Change-Id: If54202075d3b92ed380655cde8b3fc50c5ba73b3
PRODUCT_SHIPPING_API_LEVEL declares which API level a device first
shipped with.
We use this variable to set a read-only property that can be used in
CTS/GTS tests.
Bug: 26381401
Change-Id: I9dfeaf423146c35f57e69ac26c27e8a9e205bc4f
1. Combined ~10 calls to the make build system to only one.
We added a phony target "dump-many-vars" to the build system to dump
"<var>=<value>" pairs. We then store the pairs as shell variables.
With this cache get_build_var/get_abs_build_var can just return
the shell variables instead of querying the build system.
2. Prune .git when we search for AndroidProduct.mks.
In internal source tree lunch time was reduced from ~15s to ~1.5s.
Bug: 27429759
(cherry picked from commit 08800fd905)
Change-Id: I862a0ec3c1aae97c552054dacec133e857042edf
1. Combined ~10 calls to the make build system to only one.
We added a phony target "dump-many-vars" to the build system to dump
"<var>=<value>" pairs. We then store the pairs as shell variables.
With this cache get_build_var/get_abs_build_var can just return
the shell variables instead of querying the build system.
2. Prune .git when we search for AndroidProduct.mks.
In internal source tree lunch time was reduced from ~15s to ~1.5s.
Bug: 27429759
Change-Id: I24e88598f6fab598ef26518885fd5e86e71a772d
When searching device, product, or hardware, allow
find to follow symlinks.
Add KATI_EMULATE_FIND=false to allow disabling the find
emulator which changes findleaves.py behavior wrt
symlinks.
BUG=24605247
TEST=works with CL:783781 (without the find wrapper in that CL)
Change-Id: Ia9d0e4add391a56f34828a09a6cec3f435ccc548
Some vendor product makefiles call $(inherit-product) on the same
product makefile with different paths, by using "../" in relative paths.
However inherit-product requires unique path as ID for a product
makefile, for bookkeeping purpose.
Normalize the product makefile path in inherit-product, if the path
contains "../".
Change-Id: I1a864ce120c713d8e79ec179213b9fc9352aba53
Append error-correcting codes to verified partitions provided that
PRODUCT_SUPPORTS_VERITY_FEC is true.
This moves verity metadata to be after the hash tree, and requires
matching changes from
Ide48f581bbba77aed6132f77b309db71630d81ed
Bug: 21893453
Change-Id: I6945cbab99e214566a1f9d3702333f2dbbc35816
Many of these may not make a difference in the output images, but it's a
good idea to keep the make system as repeatable as possible.
Change-Id: I31804b8ad5805148ed08be7426a242a16f4d0df3
Currently, the keyblock was being generated using
data_key.vbprivk. However, we need to use kernel_subkey.vbprivk for
kernel keyblock generation. This did not create any issues until now
because dev-mode just throws a message saying that keyblock is
invalid. But, normal-mode does not boot if keyblock is
invalid. Add extra parameter for passing in kernel subkey to
vboot_signer script.
TEST="make bootimage-nodeps" generates correctly signed
boot.img. Verified that the image boots fine in normal mode.
Change-Id: I0fc2183b466e34ddf1d98c9532072548504fcec4
Signed-off-by: Furquan Shaikh <furquan@google.com>
Clang is really aggressive at optimizing a handful of cases (read:
clang will ruin your day some if you write bad code). Fortunately, it
also emits a warning when it's about to do this.
To prevent anyone from suffering from these optimizations, make these
warnings errors and make them impossible to disable.
Change-Id: I5e10bb0fc2ca23190017da716b3b84635577a0bd
Allow dm-verity to be enabled without boot and recovery images being
signed. This makes it possible to enable only dm-verity to detect
corruption without confusing bootloaders that do not understand signed
images.
Bug: 19985143
Change-Id: Ie52c6ff595faa7a5c1f1bc1b37f6899c4d0c7001