2019-11-15 08:59:12 +08:00
|
|
|
// Copyright 2020 The Android Open Source Project
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
package cc
|
|
|
|
|
2020-12-02 12:14:28 +08:00
|
|
|
// This file contains singletons to capture vendor and recovery snapshot. They consist of prebuilt
|
|
|
|
// modules under AOSP so older vendor and recovery can be built with a newer system in a single
|
|
|
|
// source tree.
|
|
|
|
|
2019-11-15 08:59:12 +08:00
|
|
|
import (
|
|
|
|
"encoding/json"
|
|
|
|
"path/filepath"
|
|
|
|
"sort"
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
"github.com/google/blueprint/proptools"
|
|
|
|
|
|
|
|
"android/soong/android"
|
|
|
|
)
|
|
|
|
|
2020-11-14 04:07:36 +08:00
|
|
|
var vendorSnapshotSingleton = snapshotSingleton{
|
|
|
|
"vendor",
|
|
|
|
"SOONG_VENDOR_SNAPSHOT_ZIP",
|
|
|
|
android.OptionalPath{},
|
|
|
|
true,
|
2020-12-02 12:14:28 +08:00
|
|
|
vendorSnapshotImageSingleton,
|
2020-11-14 04:07:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
var recoverySnapshotSingleton = snapshotSingleton{
|
|
|
|
"recovery",
|
|
|
|
"SOONG_RECOVERY_SNAPSHOT_ZIP",
|
|
|
|
android.OptionalPath{},
|
|
|
|
false,
|
2020-12-02 12:14:28 +08:00
|
|
|
recoverySnapshotImageSingleton,
|
2019-11-15 08:59:12 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
func VendorSnapshotSingleton() android.Singleton {
|
2020-11-14 04:07:36 +08:00
|
|
|
return &vendorSnapshotSingleton
|
|
|
|
}
|
|
|
|
|
|
|
|
func RecoverySnapshotSingleton() android.Singleton {
|
|
|
|
return &recoverySnapshotSingleton
|
2019-11-15 08:59:12 +08:00
|
|
|
}
|
|
|
|
|
2020-11-14 04:07:36 +08:00
|
|
|
type snapshotSingleton struct {
|
|
|
|
// Name, e.g., "vendor", "recovery", "ramdisk".
|
|
|
|
name string
|
|
|
|
|
|
|
|
// Make variable that points to the snapshot file, e.g.,
|
|
|
|
// "SOONG_RECOVERY_SNAPSHOT_ZIP".
|
|
|
|
makeVar string
|
|
|
|
|
|
|
|
// Path to the snapshot zip file.
|
|
|
|
snapshotZipFile android.OptionalPath
|
|
|
|
|
|
|
|
// Whether the image supports VNDK extension modules.
|
|
|
|
supportsVndkExt bool
|
|
|
|
|
|
|
|
// Implementation of the image interface specific to the image
|
|
|
|
// associated with this snapshot (e.g., specific to the vendor image,
|
|
|
|
// recovery image, etc.).
|
2020-12-02 12:14:28 +08:00
|
|
|
image snapshotImage
|
2019-11-15 08:59:12 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
var (
|
|
|
|
// Modules under following directories are ignored. They are OEM's and vendor's
|
2020-07-29 07:04:38 +08:00
|
|
|
// proprietary modules(device/, kernel/, vendor/, and hardware/).
|
2019-11-15 08:59:12 +08:00
|
|
|
vendorProprietaryDirs = []string{
|
|
|
|
"device",
|
2020-07-29 07:04:38 +08:00
|
|
|
"kernel",
|
2019-11-15 08:59:12 +08:00
|
|
|
"vendor",
|
|
|
|
"hardware",
|
|
|
|
}
|
|
|
|
|
2020-11-14 04:07:36 +08:00
|
|
|
// Modules under following directories are ignored. They are OEM's and vendor's
|
|
|
|
// proprietary modules(device/, kernel/, vendor/, and hardware/).
|
|
|
|
recoveryProprietaryDirs = []string{
|
|
|
|
"bootable/recovery",
|
|
|
|
"device",
|
|
|
|
"hardware",
|
|
|
|
"kernel",
|
|
|
|
"vendor",
|
|
|
|
}
|
|
|
|
|
2019-11-15 08:59:12 +08:00
|
|
|
// Modules under following directories are included as they are in AOSP,
|
2020-07-29 07:04:38 +08:00
|
|
|
// although hardware/ and kernel/ are normally for vendor's own.
|
2019-11-15 08:59:12 +08:00
|
|
|
aospDirsUnderProprietary = []string{
|
2020-07-29 07:04:38 +08:00
|
|
|
"kernel/configs",
|
|
|
|
"kernel/prebuilts",
|
|
|
|
"kernel/tests",
|
2019-11-15 08:59:12 +08:00
|
|
|
"hardware/interfaces",
|
|
|
|
"hardware/libhardware",
|
|
|
|
"hardware/libhardware_legacy",
|
|
|
|
"hardware/ril",
|
|
|
|
}
|
|
|
|
)
|
|
|
|
|
|
|
|
// Determine if a dir under source tree is an SoC-owned proprietary directory, such as
|
|
|
|
// device/, vendor/, etc.
|
|
|
|
func isVendorProprietaryPath(dir string) bool {
|
2020-11-14 04:07:36 +08:00
|
|
|
return isProprietaryPath(dir, vendorProprietaryDirs)
|
|
|
|
}
|
|
|
|
|
|
|
|
func isRecoveryProprietaryPath(dir string) bool {
|
|
|
|
return isProprietaryPath(dir, recoveryProprietaryDirs)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Determine if a dir under source tree is an SoC-owned proprietary directory, such as
|
|
|
|
// device/, vendor/, etc.
|
|
|
|
func isProprietaryPath(dir string, proprietaryDirs []string) bool {
|
|
|
|
for _, p := range proprietaryDirs {
|
2019-11-15 08:59:12 +08:00
|
|
|
if strings.HasPrefix(dir, p) {
|
|
|
|
// filter out AOSP defined directories, e.g. hardware/interfaces/
|
|
|
|
aosp := false
|
|
|
|
for _, p := range aospDirsUnderProprietary {
|
|
|
|
if strings.HasPrefix(dir, p) {
|
|
|
|
aosp = true
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if !aosp {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
2020-09-01 07:07:58 +08:00
|
|
|
func isVendorProprietaryModule(ctx android.BaseModuleContext) bool {
|
|
|
|
// Any module in a vendor proprietary path is a vendor proprietary
|
|
|
|
// module.
|
|
|
|
if isVendorProprietaryPath(ctx.ModuleDir()) {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
|
|
|
// However if the module is not in a vendor proprietary path, it may
|
|
|
|
// still be a vendor proprietary module. This happens for cc modules
|
|
|
|
// that are excluded from the vendor snapshot, and it means that the
|
|
|
|
// vendor has assumed control of the framework-provided module.
|
|
|
|
if c, ok := ctx.Module().(*Module); ok {
|
|
|
|
if c.ExcludeFromVendorSnapshot() {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
2019-11-15 08:59:12 +08:00
|
|
|
// Determine if a module is going to be included in vendor snapshot or not.
|
|
|
|
//
|
|
|
|
// Targets of vendor snapshot are "vendor: true" or "vendor_available: true" modules in
|
|
|
|
// AOSP. They are not guaranteed to be compatible with older vendor images. (e.g. might
|
|
|
|
// depend on newer VNDK) So they are captured as vendor snapshot To build older vendor
|
|
|
|
// image and newer system image altogether.
|
2020-12-02 12:14:28 +08:00
|
|
|
func isVendorSnapshotAware(m *Module, inVendorProprietaryPath bool, apexInfo android.ApexInfo) bool {
|
|
|
|
return isSnapshotAware(m, inVendorProprietaryPath, apexInfo, vendorSnapshotImageSingleton)
|
2020-11-14 04:07:36 +08:00
|
|
|
}
|
|
|
|
|
2020-12-02 12:14:28 +08:00
|
|
|
// Determine if a module is going to be included in recovery snapshot or not.
|
|
|
|
//
|
|
|
|
// Targets of recovery snapshot are "recovery: true" or "recovery_available: true"
|
|
|
|
// modules in AOSP. They are not guaranteed to be compatible with older recovery images.
|
|
|
|
// So they are captured as recovery snapshot To build older recovery image.
|
|
|
|
func isRecoverySnapshotAware(m *Module, inRecoveryProprietaryPath bool, apexInfo android.ApexInfo) bool {
|
|
|
|
return isSnapshotAware(m, inRecoveryProprietaryPath, apexInfo, recoverySnapshotImageSingleton)
|
2020-11-14 04:07:36 +08:00
|
|
|
}
|
|
|
|
|
2020-12-02 12:14:28 +08:00
|
|
|
// Determines if the module is a candidate for snapshot.
|
|
|
|
func isSnapshotAware(m *Module, inProprietaryPath bool, apexInfo android.ApexInfo, image snapshotImage) bool {
|
2020-06-01 20:53:49 +08:00
|
|
|
if !m.Enabled() || m.Properties.HideFromMake {
|
2019-11-15 08:59:12 +08:00
|
|
|
return false
|
|
|
|
}
|
2020-09-10 08:46:05 +08:00
|
|
|
// When android/prebuilt.go selects between source and prebuilt, it sets
|
|
|
|
// SkipInstall on the other one to avoid duplicate install rules in make.
|
|
|
|
if m.IsSkipInstall() {
|
|
|
|
return false
|
|
|
|
}
|
2020-11-14 04:07:36 +08:00
|
|
|
// skip proprietary modules, but (for the vendor snapshot only)
|
|
|
|
// include all VNDK (static)
|
|
|
|
if inProprietaryPath && (!image.includeVndk() || !m.IsVndk()) {
|
2020-09-01 07:07:58 +08:00
|
|
|
return false
|
|
|
|
}
|
|
|
|
// If the module would be included based on its path, check to see if
|
|
|
|
// the module is marked to be excluded. If so, skip it.
|
|
|
|
if m.ExcludeFromVendorSnapshot() {
|
2019-11-15 08:59:12 +08:00
|
|
|
return false
|
|
|
|
}
|
|
|
|
if m.Target().Os.Class != android.Device {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
if m.Target().NativeBridge == android.NativeBridgeEnabled {
|
|
|
|
return false
|
|
|
|
}
|
2020-12-02 12:14:28 +08:00
|
|
|
// the module must be installed in target image
|
2020-11-14 04:07:36 +08:00
|
|
|
if !apexInfo.IsForPlatform() || m.isSnapshotPrebuilt() || !image.inImage(m)() {
|
2019-11-15 08:59:12 +08:00
|
|
|
return false
|
|
|
|
}
|
2020-06-11 12:55:45 +08:00
|
|
|
// skip kernel_headers which always depend on vendor
|
|
|
|
if _, ok := m.linker.(*kernelHeadersDecorator); ok {
|
|
|
|
return false
|
|
|
|
}
|
2020-07-30 17:57:54 +08:00
|
|
|
// skip llndk_library and llndk_headers which are backward compatible
|
|
|
|
if _, ok := m.linker.(*llndkStubDecorator); ok {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
if _, ok := m.linker.(*llndkHeadersDecorator); ok {
|
|
|
|
return false
|
|
|
|
}
|
2019-11-15 08:59:12 +08:00
|
|
|
|
|
|
|
// Libraries
|
|
|
|
if l, ok := m.linker.(snapshotLibraryInterface); ok {
|
2020-06-01 20:53:49 +08:00
|
|
|
if m.sanitize != nil {
|
Add cfi static libraries to vendor snapshot
CFI modules can't link against non-CFI static libraries, and vice versa.
So without capturing both CFI and non-CFI static libraries, vendor
modules won't be able to use CFI, which will be a critical security
hole.
This captures both CFI and non-CFI variants of all static libraries for
vendor snapshot, except for those whose cfi are explicitly disabled.
For example, suppose that "libfoo" is defined as follows.
cc_library_static {
name: "libfoo",
vendor_available: true,
}
As it doesn't have cfi disabled, two libraries "libfoo.a" and
"libfoo.cfi.a" will be captured. When installed, vendor snapshot module
for "libfoo" will look like:
vendor_snapshot_static {
name: "libfoo",
src: "libfoo.a",
cfi: {
src: "libfoo.cfi.a",
},
}
The build system will recognize the "cfi" property, and will create both
CFI and non-CFI variant, allowing any modules to link against "libfoo"
safely, no matter whether CFI is enabled or not.
Two clarification:
1) The reason why we don't create separate modules is that DepsMutator
runs before sanitize mutators. CFI and non-CFI variant of a library
should exist in a single module.
2) We can't capture CFI variant if the source module explicitly disables
cfi variant by specifying the following.
sanitize: {
cfi: false,
}
In this case, only non-CFI variant will be created for the vendor
snapshot module.
Bug: 65377115
Test: m dist vendor-snapshot && install && build against snapshot
Change-Id: Idbf3e3205d581800d6093c8d6cf6152374129ba4
2020-07-29 19:32:10 +08:00
|
|
|
// scs and hwasan export both sanitized and unsanitized variants for static and header
|
2020-06-01 20:53:49 +08:00
|
|
|
// Always use unsanitized variants of them.
|
Add cfi static libraries to vendor snapshot
CFI modules can't link against non-CFI static libraries, and vice versa.
So without capturing both CFI and non-CFI static libraries, vendor
modules won't be able to use CFI, which will be a critical security
hole.
This captures both CFI and non-CFI variants of all static libraries for
vendor snapshot, except for those whose cfi are explicitly disabled.
For example, suppose that "libfoo" is defined as follows.
cc_library_static {
name: "libfoo",
vendor_available: true,
}
As it doesn't have cfi disabled, two libraries "libfoo.a" and
"libfoo.cfi.a" will be captured. When installed, vendor snapshot module
for "libfoo" will look like:
vendor_snapshot_static {
name: "libfoo",
src: "libfoo.a",
cfi: {
src: "libfoo.cfi.a",
},
}
The build system will recognize the "cfi" property, and will create both
CFI and non-CFI variant, allowing any modules to link against "libfoo"
safely, no matter whether CFI is enabled or not.
Two clarification:
1) The reason why we don't create separate modules is that DepsMutator
runs before sanitize mutators. CFI and non-CFI variant of a library
should exist in a single module.
2) We can't capture CFI variant if the source module explicitly disables
cfi variant by specifying the following.
sanitize: {
cfi: false,
}
In this case, only non-CFI variant will be created for the vendor
snapshot module.
Bug: 65377115
Test: m dist vendor-snapshot && install && build against snapshot
Change-Id: Idbf3e3205d581800d6093c8d6cf6152374129ba4
2020-07-29 19:32:10 +08:00
|
|
|
for _, t := range []sanitizerType{scs, hwasan} {
|
2020-06-01 20:53:49 +08:00
|
|
|
if !l.shared() && m.sanitize.isSanitizerEnabled(t) {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
}
|
Add cfi static libraries to vendor snapshot
CFI modules can't link against non-CFI static libraries, and vice versa.
So without capturing both CFI and non-CFI static libraries, vendor
modules won't be able to use CFI, which will be a critical security
hole.
This captures both CFI and non-CFI variants of all static libraries for
vendor snapshot, except for those whose cfi are explicitly disabled.
For example, suppose that "libfoo" is defined as follows.
cc_library_static {
name: "libfoo",
vendor_available: true,
}
As it doesn't have cfi disabled, two libraries "libfoo.a" and
"libfoo.cfi.a" will be captured. When installed, vendor snapshot module
for "libfoo" will look like:
vendor_snapshot_static {
name: "libfoo",
src: "libfoo.a",
cfi: {
src: "libfoo.cfi.a",
},
}
The build system will recognize the "cfi" property, and will create both
CFI and non-CFI variant, allowing any modules to link against "libfoo"
safely, no matter whether CFI is enabled or not.
Two clarification:
1) The reason why we don't create separate modules is that DepsMutator
runs before sanitize mutators. CFI and non-CFI variant of a library
should exist in a single module.
2) We can't capture CFI variant if the source module explicitly disables
cfi variant by specifying the following.
sanitize: {
cfi: false,
}
In this case, only non-CFI variant will be created for the vendor
snapshot module.
Bug: 65377115
Test: m dist vendor-snapshot && install && build against snapshot
Change-Id: Idbf3e3205d581800d6093c8d6cf6152374129ba4
2020-07-29 19:32:10 +08:00
|
|
|
// cfi also exports both variants. But for static, we capture both.
|
2020-12-02 12:14:28 +08:00
|
|
|
// This is because cfi static libraries can't be linked from non-cfi modules,
|
|
|
|
// and vice versa. This isn't the case for scs and hwasan sanitizers.
|
Add cfi static libraries to vendor snapshot
CFI modules can't link against non-CFI static libraries, and vice versa.
So without capturing both CFI and non-CFI static libraries, vendor
modules won't be able to use CFI, which will be a critical security
hole.
This captures both CFI and non-CFI variants of all static libraries for
vendor snapshot, except for those whose cfi are explicitly disabled.
For example, suppose that "libfoo" is defined as follows.
cc_library_static {
name: "libfoo",
vendor_available: true,
}
As it doesn't have cfi disabled, two libraries "libfoo.a" and
"libfoo.cfi.a" will be captured. When installed, vendor snapshot module
for "libfoo" will look like:
vendor_snapshot_static {
name: "libfoo",
src: "libfoo.a",
cfi: {
src: "libfoo.cfi.a",
},
}
The build system will recognize the "cfi" property, and will create both
CFI and non-CFI variant, allowing any modules to link against "libfoo"
safely, no matter whether CFI is enabled or not.
Two clarification:
1) The reason why we don't create separate modules is that DepsMutator
runs before sanitize mutators. CFI and non-CFI variant of a library
should exist in a single module.
2) We can't capture CFI variant if the source module explicitly disables
cfi variant by specifying the following.
sanitize: {
cfi: false,
}
In this case, only non-CFI variant will be created for the vendor
snapshot module.
Bug: 65377115
Test: m dist vendor-snapshot && install && build against snapshot
Change-Id: Idbf3e3205d581800d6093c8d6cf6152374129ba4
2020-07-29 19:32:10 +08:00
|
|
|
if !l.static() && !l.shared() && m.sanitize.isSanitizerEnabled(cfi) {
|
|
|
|
return false
|
|
|
|
}
|
2020-06-01 20:53:49 +08:00
|
|
|
}
|
2019-11-15 08:59:12 +08:00
|
|
|
if l.static() {
|
2020-11-14 04:07:36 +08:00
|
|
|
return m.outputFile.Valid() && proptools.BoolDefault(image.available(m), true)
|
2019-11-15 08:59:12 +08:00
|
|
|
}
|
|
|
|
if l.shared() {
|
2020-06-30 07:49:15 +08:00
|
|
|
if !m.outputFile.Valid() {
|
|
|
|
return false
|
|
|
|
}
|
2020-11-14 04:07:36 +08:00
|
|
|
if image.includeVndk() {
|
|
|
|
if !m.IsVndk() {
|
|
|
|
return true
|
|
|
|
}
|
2020-12-02 22:00:51 +08:00
|
|
|
return m.IsVndkExt()
|
2020-06-30 07:49:15 +08:00
|
|
|
}
|
2019-11-15 08:59:12 +08:00
|
|
|
}
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
2020-06-01 22:23:05 +08:00
|
|
|
// Binaries and Objects
|
|
|
|
if m.binary() || m.object() {
|
2020-11-14 04:07:36 +08:00
|
|
|
return m.outputFile.Valid() && proptools.BoolDefault(image.available(m), true)
|
2019-11-15 08:59:12 +08:00
|
|
|
}
|
2020-06-01 20:53:49 +08:00
|
|
|
|
|
|
|
return false
|
2019-11-15 08:59:12 +08:00
|
|
|
}
|
|
|
|
|
2020-12-02 12:14:28 +08:00
|
|
|
// This is to be saved as .json files, which is for development/vendor_snapshot/update.py.
|
|
|
|
// These flags become Android.bp snapshot module properties.
|
|
|
|
type snapshotJsonFlags struct {
|
|
|
|
ModuleName string `json:",omitempty"`
|
|
|
|
RelativeInstallPath string `json:",omitempty"`
|
|
|
|
|
|
|
|
// library flags
|
|
|
|
ExportedDirs []string `json:",omitempty"`
|
|
|
|
ExportedSystemDirs []string `json:",omitempty"`
|
|
|
|
ExportedFlags []string `json:",omitempty"`
|
|
|
|
Sanitize string `json:",omitempty"`
|
|
|
|
SanitizeMinimalDep bool `json:",omitempty"`
|
|
|
|
SanitizeUbsanDep bool `json:",omitempty"`
|
|
|
|
|
|
|
|
// binary flags
|
|
|
|
Symlinks []string `json:",omitempty"`
|
|
|
|
|
|
|
|
// dependencies
|
|
|
|
SharedLibs []string `json:",omitempty"`
|
|
|
|
RuntimeLibs []string `json:",omitempty"`
|
|
|
|
Required []string `json:",omitempty"`
|
|
|
|
|
|
|
|
// extra config files
|
|
|
|
InitRc []string `json:",omitempty"`
|
|
|
|
VintfFragments []string `json:",omitempty"`
|
|
|
|
}
|
|
|
|
|
2020-11-14 04:07:36 +08:00
|
|
|
func (c *snapshotSingleton) GenerateBuildActions(ctx android.SingletonContext) {
|
2019-11-15 08:59:12 +08:00
|
|
|
// BOARD_VNDK_VERSION must be set to 'current' in order to generate a vendor snapshot.
|
|
|
|
if ctx.DeviceConfig().VndkVersion() != "current" {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
var snapshotOutputs android.Paths
|
|
|
|
|
|
|
|
/*
|
|
|
|
Vendor snapshot zipped artifacts directory structure:
|
|
|
|
{SNAPSHOT_ARCH}/
|
|
|
|
arch-{TARGET_ARCH}-{TARGET_ARCH_VARIANT}/
|
|
|
|
shared/
|
|
|
|
(.so shared libraries)
|
|
|
|
static/
|
|
|
|
(.a static libraries)
|
|
|
|
header/
|
|
|
|
(header only libraries)
|
|
|
|
binary/
|
|
|
|
(executable binaries)
|
2020-06-01 22:23:05 +08:00
|
|
|
object/
|
|
|
|
(.o object files)
|
2019-11-15 08:59:12 +08:00
|
|
|
arch-{TARGET_2ND_ARCH}-{TARGET_2ND_ARCH_VARIANT}/
|
|
|
|
shared/
|
|
|
|
(.so shared libraries)
|
|
|
|
static/
|
|
|
|
(.a static libraries)
|
|
|
|
header/
|
|
|
|
(header only libraries)
|
|
|
|
binary/
|
|
|
|
(executable binaries)
|
2020-06-01 22:23:05 +08:00
|
|
|
object/
|
|
|
|
(.o object files)
|
2019-11-15 08:59:12 +08:00
|
|
|
NOTICE_FILES/
|
|
|
|
(notice files, e.g. libbase.txt)
|
|
|
|
configs/
|
|
|
|
(config files, e.g. init.rc files, vintf_fragments.xml files, etc.)
|
|
|
|
include/
|
|
|
|
(header files of same directory structure with source tree)
|
|
|
|
*/
|
|
|
|
|
2020-11-14 04:07:36 +08:00
|
|
|
snapshotDir := c.name + "-snapshot"
|
2019-11-15 08:59:12 +08:00
|
|
|
snapshotArchDir := filepath.Join(snapshotDir, ctx.DeviceConfig().DeviceArch())
|
|
|
|
|
|
|
|
includeDir := filepath.Join(snapshotArchDir, "include")
|
|
|
|
configsDir := filepath.Join(snapshotArchDir, "configs")
|
|
|
|
noticeDir := filepath.Join(snapshotArchDir, "NOTICE_FILES")
|
|
|
|
|
|
|
|
installedNotices := make(map[string]bool)
|
|
|
|
installedConfigs := make(map[string]bool)
|
|
|
|
|
|
|
|
var headers android.Paths
|
|
|
|
|
2020-12-02 12:14:28 +08:00
|
|
|
// installSnapshot function copies prebuilt file (.so, .a, or executable) and json flag file.
|
|
|
|
// For executables, init_rc and vintf_fragments files are also copied.
|
2019-11-15 08:59:12 +08:00
|
|
|
installSnapshot := func(m *Module) android.Paths {
|
|
|
|
targetArch := "arch-" + m.Target().Arch.ArchType.String()
|
|
|
|
if m.Target().Arch.ArchVariant != "" {
|
|
|
|
targetArch += "-" + m.Target().Arch.ArchVariant
|
|
|
|
}
|
|
|
|
|
|
|
|
var ret android.Paths
|
|
|
|
|
2020-12-02 12:14:28 +08:00
|
|
|
prop := snapshotJsonFlags{}
|
2019-11-15 08:59:12 +08:00
|
|
|
|
|
|
|
// Common properties among snapshots.
|
|
|
|
prop.ModuleName = ctx.ModuleName(m)
|
2020-12-02 22:00:51 +08:00
|
|
|
if c.supportsVndkExt && m.IsVndkExt() {
|
2020-06-30 07:49:15 +08:00
|
|
|
// vndk exts are installed to /vendor/lib(64)?/vndk(-sp)?
|
|
|
|
if m.isVndkSp() {
|
|
|
|
prop.RelativeInstallPath = "vndk-sp"
|
|
|
|
} else {
|
|
|
|
prop.RelativeInstallPath = "vndk"
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
prop.RelativeInstallPath = m.RelativeInstallPath()
|
|
|
|
}
|
2019-11-15 08:59:12 +08:00
|
|
|
prop.RuntimeLibs = m.Properties.SnapshotRuntimeLibs
|
|
|
|
prop.Required = m.RequiredModuleNames()
|
|
|
|
for _, path := range m.InitRc() {
|
|
|
|
prop.InitRc = append(prop.InitRc, filepath.Join("configs", path.Base()))
|
|
|
|
}
|
|
|
|
for _, path := range m.VintfFragments() {
|
|
|
|
prop.VintfFragments = append(prop.VintfFragments, filepath.Join("configs", path.Base()))
|
|
|
|
}
|
|
|
|
|
|
|
|
// install config files. ignores any duplicates.
|
|
|
|
for _, path := range append(m.InitRc(), m.VintfFragments()...) {
|
|
|
|
out := filepath.Join(configsDir, path.Base())
|
|
|
|
if !installedConfigs[out] {
|
|
|
|
installedConfigs[out] = true
|
2020-12-02 12:14:28 +08:00
|
|
|
ret = append(ret, copyFileRule(ctx, path, out))
|
2019-11-15 08:59:12 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
var propOut string
|
|
|
|
|
2020-03-03 21:06:32 +08:00
|
|
|
if l, ok := m.linker.(snapshotLibraryInterface); ok {
|
2020-09-19 05:15:30 +08:00
|
|
|
exporterInfo := ctx.ModuleProvider(m, FlagExporterInfoProvider).(FlagExporterInfo)
|
Add cfi static libraries to vendor snapshot
CFI modules can't link against non-CFI static libraries, and vice versa.
So without capturing both CFI and non-CFI static libraries, vendor
modules won't be able to use CFI, which will be a critical security
hole.
This captures both CFI and non-CFI variants of all static libraries for
vendor snapshot, except for those whose cfi are explicitly disabled.
For example, suppose that "libfoo" is defined as follows.
cc_library_static {
name: "libfoo",
vendor_available: true,
}
As it doesn't have cfi disabled, two libraries "libfoo.a" and
"libfoo.cfi.a" will be captured. When installed, vendor snapshot module
for "libfoo" will look like:
vendor_snapshot_static {
name: "libfoo",
src: "libfoo.a",
cfi: {
src: "libfoo.cfi.a",
},
}
The build system will recognize the "cfi" property, and will create both
CFI and non-CFI variant, allowing any modules to link against "libfoo"
safely, no matter whether CFI is enabled or not.
Two clarification:
1) The reason why we don't create separate modules is that DepsMutator
runs before sanitize mutators. CFI and non-CFI variant of a library
should exist in a single module.
2) We can't capture CFI variant if the source module explicitly disables
cfi variant by specifying the following.
sanitize: {
cfi: false,
}
In this case, only non-CFI variant will be created for the vendor
snapshot module.
Bug: 65377115
Test: m dist vendor-snapshot && install && build against snapshot
Change-Id: Idbf3e3205d581800d6093c8d6cf6152374129ba4
2020-07-29 19:32:10 +08:00
|
|
|
|
2019-11-15 08:59:12 +08:00
|
|
|
// library flags
|
2020-09-19 05:15:30 +08:00
|
|
|
prop.ExportedFlags = exporterInfo.Flags
|
|
|
|
for _, dir := range exporterInfo.IncludeDirs {
|
2019-11-15 08:59:12 +08:00
|
|
|
prop.ExportedDirs = append(prop.ExportedDirs, filepath.Join("include", dir.String()))
|
|
|
|
}
|
2020-09-19 05:15:30 +08:00
|
|
|
for _, dir := range exporterInfo.SystemIncludeDirs {
|
2019-11-15 08:59:12 +08:00
|
|
|
prop.ExportedSystemDirs = append(prop.ExportedSystemDirs, filepath.Join("include", dir.String()))
|
|
|
|
}
|
|
|
|
// shared libs dependencies aren't meaningful on static or header libs
|
|
|
|
if l.shared() {
|
|
|
|
prop.SharedLibs = m.Properties.SnapshotSharedLibs
|
|
|
|
}
|
|
|
|
if l.static() && m.sanitize != nil {
|
|
|
|
prop.SanitizeMinimalDep = m.sanitize.Properties.MinimalRuntimeDep || enableMinimalRuntime(m.sanitize)
|
|
|
|
prop.SanitizeUbsanDep = m.sanitize.Properties.UbsanRuntimeDep || enableUbsanRuntime(m.sanitize)
|
|
|
|
}
|
|
|
|
|
|
|
|
var libType string
|
|
|
|
if l.static() {
|
|
|
|
libType = "static"
|
|
|
|
} else if l.shared() {
|
|
|
|
libType = "shared"
|
|
|
|
} else {
|
|
|
|
libType = "header"
|
|
|
|
}
|
|
|
|
|
|
|
|
var stem string
|
|
|
|
|
|
|
|
// install .a or .so
|
|
|
|
if libType != "header" {
|
|
|
|
libPath := m.outputFile.Path()
|
|
|
|
stem = libPath.Base()
|
Add cfi static libraries to vendor snapshot
CFI modules can't link against non-CFI static libraries, and vice versa.
So without capturing both CFI and non-CFI static libraries, vendor
modules won't be able to use CFI, which will be a critical security
hole.
This captures both CFI and non-CFI variants of all static libraries for
vendor snapshot, except for those whose cfi are explicitly disabled.
For example, suppose that "libfoo" is defined as follows.
cc_library_static {
name: "libfoo",
vendor_available: true,
}
As it doesn't have cfi disabled, two libraries "libfoo.a" and
"libfoo.cfi.a" will be captured. When installed, vendor snapshot module
for "libfoo" will look like:
vendor_snapshot_static {
name: "libfoo",
src: "libfoo.a",
cfi: {
src: "libfoo.cfi.a",
},
}
The build system will recognize the "cfi" property, and will create both
CFI and non-CFI variant, allowing any modules to link against "libfoo"
safely, no matter whether CFI is enabled or not.
Two clarification:
1) The reason why we don't create separate modules is that DepsMutator
runs before sanitize mutators. CFI and non-CFI variant of a library
should exist in a single module.
2) We can't capture CFI variant if the source module explicitly disables
cfi variant by specifying the following.
sanitize: {
cfi: false,
}
In this case, only non-CFI variant will be created for the vendor
snapshot module.
Bug: 65377115
Test: m dist vendor-snapshot && install && build against snapshot
Change-Id: Idbf3e3205d581800d6093c8d6cf6152374129ba4
2020-07-29 19:32:10 +08:00
|
|
|
if l.static() && m.sanitize != nil && m.sanitize.isSanitizerEnabled(cfi) {
|
|
|
|
// both cfi and non-cfi variant for static libraries can exist.
|
|
|
|
// attach .cfi to distinguish between cfi and non-cfi.
|
|
|
|
// e.g. libbase.a -> libbase.cfi.a
|
|
|
|
ext := filepath.Ext(stem)
|
|
|
|
stem = strings.TrimSuffix(stem, ext) + ".cfi" + ext
|
|
|
|
prop.Sanitize = "cfi"
|
|
|
|
prop.ModuleName += ".cfi"
|
|
|
|
}
|
2019-11-15 08:59:12 +08:00
|
|
|
snapshotLibOut := filepath.Join(snapshotArchDir, targetArch, libType, stem)
|
2020-12-02 12:14:28 +08:00
|
|
|
ret = append(ret, copyFileRule(ctx, libPath, snapshotLibOut))
|
2019-11-15 08:59:12 +08:00
|
|
|
} else {
|
|
|
|
stem = ctx.ModuleName(m)
|
|
|
|
}
|
|
|
|
|
|
|
|
propOut = filepath.Join(snapshotArchDir, targetArch, libType, stem+".json")
|
2020-06-01 20:53:49 +08:00
|
|
|
} else if m.binary() {
|
2019-11-15 08:59:12 +08:00
|
|
|
// binary flags
|
|
|
|
prop.Symlinks = m.Symlinks()
|
|
|
|
prop.SharedLibs = m.Properties.SnapshotSharedLibs
|
|
|
|
|
|
|
|
// install bin
|
|
|
|
binPath := m.outputFile.Path()
|
|
|
|
snapshotBinOut := filepath.Join(snapshotArchDir, targetArch, "binary", binPath.Base())
|
2020-12-02 12:14:28 +08:00
|
|
|
ret = append(ret, copyFileRule(ctx, binPath, snapshotBinOut))
|
2019-11-15 08:59:12 +08:00
|
|
|
propOut = snapshotBinOut + ".json"
|
2020-06-01 22:23:05 +08:00
|
|
|
} else if m.object() {
|
|
|
|
// object files aren't installed to the device, so their names can conflict.
|
|
|
|
// Use module name as stem.
|
|
|
|
objPath := m.outputFile.Path()
|
|
|
|
snapshotObjOut := filepath.Join(snapshotArchDir, targetArch, "object",
|
|
|
|
ctx.ModuleName(m)+filepath.Ext(objPath.Base()))
|
2020-12-02 12:14:28 +08:00
|
|
|
ret = append(ret, copyFileRule(ctx, objPath, snapshotObjOut))
|
2020-06-01 22:23:05 +08:00
|
|
|
propOut = snapshotObjOut + ".json"
|
2020-06-01 20:53:49 +08:00
|
|
|
} else {
|
|
|
|
ctx.Errorf("unknown module %q in vendor snapshot", m.String())
|
|
|
|
return nil
|
2019-11-15 08:59:12 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
j, err := json.Marshal(prop)
|
|
|
|
if err != nil {
|
|
|
|
ctx.Errorf("json marshal to %q failed: %#v", propOut, err)
|
|
|
|
return nil
|
|
|
|
}
|
2020-12-02 12:14:28 +08:00
|
|
|
ret = append(ret, writeStringToFileRule(ctx, string(j), propOut))
|
2019-11-15 08:59:12 +08:00
|
|
|
|
|
|
|
return ret
|
|
|
|
}
|
|
|
|
|
|
|
|
ctx.VisitAllModules(func(module android.Module) {
|
|
|
|
m, ok := module.(*Module)
|
2020-03-03 21:06:32 +08:00
|
|
|
if !ok {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
moduleDir := ctx.ModuleDir(module)
|
2020-11-14 04:07:36 +08:00
|
|
|
inProprietaryPath := c.image.isProprietaryPath(moduleDir)
|
2020-09-16 09:30:11 +08:00
|
|
|
apexInfo := ctx.ModuleProvider(module, android.ApexInfoProvider).(android.ApexInfo)
|
2020-09-01 07:07:58 +08:00
|
|
|
|
|
|
|
if m.ExcludeFromVendorSnapshot() {
|
2020-11-14 04:07:36 +08:00
|
|
|
if inProprietaryPath {
|
2020-09-01 07:07:58 +08:00
|
|
|
// Error: exclude_from_vendor_snapshot applies
|
|
|
|
// to framework-path modules only.
|
|
|
|
ctx.Errorf("module %q in vendor proprietary path %q may not use \"exclude_from_vendor_snapshot: true\"", m.String(), moduleDir)
|
|
|
|
return
|
|
|
|
}
|
2020-11-14 04:07:36 +08:00
|
|
|
if Bool(c.image.available(m)) {
|
2020-09-01 07:07:58 +08:00
|
|
|
// Error: may not combine "vendor_available:
|
|
|
|
// true" with "exclude_from_vendor_snapshot:
|
|
|
|
// true".
|
2020-11-14 04:07:36 +08:00
|
|
|
ctx.Errorf(
|
|
|
|
"module %q may not use both \""+
|
|
|
|
c.name+
|
|
|
|
"_available: true\" and \"exclude_from_vendor_snapshot: true\"",
|
|
|
|
m.String())
|
2020-09-01 07:07:58 +08:00
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-12-02 12:14:28 +08:00
|
|
|
if !isSnapshotAware(m, inProprietaryPath, apexInfo, c.image) {
|
2019-11-15 08:59:12 +08:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-12-02 12:14:28 +08:00
|
|
|
// installSnapshot installs prebuilts and json flag files
|
2019-11-15 08:59:12 +08:00
|
|
|
snapshotOutputs = append(snapshotOutputs, installSnapshot(m)...)
|
2020-12-02 12:14:28 +08:00
|
|
|
|
|
|
|
// just gather headers and notice files here, because they are to be deduplicated
|
2020-03-03 21:06:32 +08:00
|
|
|
if l, ok := m.linker.(snapshotLibraryInterface); ok {
|
|
|
|
headers = append(headers, l.snapshotHeaders()...)
|
2019-11-15 08:59:12 +08:00
|
|
|
}
|
|
|
|
|
2020-02-19 12:21:55 +08:00
|
|
|
if len(m.NoticeFiles()) > 0 {
|
2019-11-15 08:59:12 +08:00
|
|
|
noticeName := ctx.ModuleName(m) + ".txt"
|
|
|
|
noticeOut := filepath.Join(noticeDir, noticeName)
|
|
|
|
// skip already copied notice file
|
|
|
|
if !installedNotices[noticeOut] {
|
|
|
|
installedNotices[noticeOut] = true
|
2020-12-02 12:14:28 +08:00
|
|
|
snapshotOutputs = append(snapshotOutputs, combineNoticesRule(
|
2020-02-19 12:21:55 +08:00
|
|
|
ctx, m.NoticeFiles(), noticeOut))
|
2019-11-15 08:59:12 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
})
|
|
|
|
|
|
|
|
// install all headers after removing duplicates
|
|
|
|
for _, header := range android.FirstUniquePaths(headers) {
|
2020-12-02 12:14:28 +08:00
|
|
|
snapshotOutputs = append(snapshotOutputs, copyFileRule(
|
2019-11-15 08:59:12 +08:00
|
|
|
ctx, header, filepath.Join(includeDir, header.String())))
|
|
|
|
}
|
|
|
|
|
|
|
|
// All artifacts are ready. Sort them to normalize ninja and then zip.
|
|
|
|
sort.Slice(snapshotOutputs, func(i, j int) bool {
|
|
|
|
return snapshotOutputs[i].String() < snapshotOutputs[j].String()
|
|
|
|
})
|
|
|
|
|
2020-11-14 04:07:36 +08:00
|
|
|
zipPath := android.PathForOutput(
|
|
|
|
ctx,
|
|
|
|
snapshotDir,
|
|
|
|
c.name+"-"+ctx.Config().DeviceName()+".zip")
|
2020-11-17 09:32:30 +08:00
|
|
|
zipRule := android.NewRuleBuilder(pctx, ctx)
|
2019-11-15 08:59:12 +08:00
|
|
|
|
|
|
|
// filenames in rspfile from FlagWithRspFileInputList might be single-quoted. Remove it with tr
|
2020-11-14 04:07:36 +08:00
|
|
|
snapshotOutputList := android.PathForOutput(
|
|
|
|
ctx,
|
|
|
|
snapshotDir,
|
|
|
|
c.name+"-"+ctx.Config().DeviceName()+"_list")
|
2019-11-15 08:59:12 +08:00
|
|
|
zipRule.Command().
|
|
|
|
Text("tr").
|
|
|
|
FlagWithArg("-d ", "\\'").
|
|
|
|
FlagWithRspFileInputList("< ", snapshotOutputs).
|
|
|
|
FlagWithOutput("> ", snapshotOutputList)
|
|
|
|
|
|
|
|
zipRule.Temporary(snapshotOutputList)
|
|
|
|
|
|
|
|
zipRule.Command().
|
2020-11-17 09:32:30 +08:00
|
|
|
BuiltTool("soong_zip").
|
2019-11-15 08:59:12 +08:00
|
|
|
FlagWithOutput("-o ", zipPath).
|
|
|
|
FlagWithArg("-C ", android.PathForOutput(ctx, snapshotDir).String()).
|
|
|
|
FlagWithInput("-l ", snapshotOutputList)
|
|
|
|
|
2020-11-17 09:32:30 +08:00
|
|
|
zipRule.Build(zipPath.String(), c.name+" snapshot "+zipPath.String())
|
2019-11-15 08:59:12 +08:00
|
|
|
zipRule.DeleteTemporaryFiles()
|
2020-11-14 04:07:36 +08:00
|
|
|
c.snapshotZipFile = android.OptionalPathForPath(zipPath)
|
2019-11-15 08:59:12 +08:00
|
|
|
}
|
|
|
|
|
2020-11-14 04:07:36 +08:00
|
|
|
func (c *snapshotSingleton) MakeVars(ctx android.MakeVarsContext) {
|
|
|
|
ctx.Strict(
|
|
|
|
c.makeVar,
|
|
|
|
c.snapshotZipFile.String())
|
2019-11-15 08:59:12 +08:00
|
|
|
}
|