In the previous mode, building Rust code using certain intrinsics would
fail on arm32 since our runtime is armv7, but our codegen was arm.
Test: cd external/rust; mma
Bug: 169245712
Change-Id: Ie800486b39325486f5ff319e46632df2a6987391
Rust is not passing the sysroot flag to Clang when invoking it as the
linker. This means files from the host may leak in, and host targets
may fail if sysroot files are not available from the host.
This patch prepends the lld flags from cc into rust linkargs. This
pulls in the sysroots flag, and also ensures that we remain in sync
with linkage flags used in cc.
The '-Wl,--no-undefined-version' from cc is overridden to avoid
missing version assignment errors for rust's generated alloc
functions.
Bug: 167690054
Test: cd external/rust; mma
Test: strace -f -e %file <host libstd.dylib.so build command> pulls
from correct sysroots.
Change-Id: Ic40597f546f3b112012155614056afed487c6ca1
LinuxBionic now supports arm64 architecture in addition to the existing
x86_64 arch. This is to make it possible to build host tools like adb,
fastboot, crosvm, etc. for Linux/ARM on regular Linux/x86 machines.
The arm64 target can be selected in various ways in Android.bp files:
- target.host (because this is still considered as a host target)
- target.linux (provided that the module is also enabled for host)
- target.linux_bionic (use the OS name directly)
- target.linux_bionic_arm64 (OS name + arch combo)
- target.linux_arm64 (provided that the module is also for host)
- target.not_windows
- arch.arm64
The toolchain for the new target is almost the same as the toolchain
config for Android/ARM64. One notable difference is that the clang
triple is aarch64-linux instead of aarch64-linux-android, so that
__ANDROID__ is not defined for the new OS type.
Bug: 134795810
Test: HOST_CROSS_OS=linux_bionic HOST_CROSS_ARCH=arm64 m nothing
Change-Id: If4300583edfb6d75bd4d984b38f73b6a406b4447
In order to rely on `-march`/`-mcpu` compiler flags for feature
detection, we introduce a new arch variant based on armv8.2 with the
addition of dot product features.
Test: test-art-target on Pixel 4.
Change-Id: I4d97db6129e2cd718a2b21008d36ec767739f925
Move the linting properties to an enum with 4 possible options:
"default", "android", "vendor" or "none". The previous logic for
default, based on the module's location, is kept. It is now possible to
force the upgrade to a certain lint level for some modules (e.g.
external/[...]/android). Update the unit tests and documentation.
Bug: 163400111
Test: m
Change-Id: I8e464b04401158ed2d3c518a9b72f145a9835c99
If the no_lint attribute is set, we now explicitly disable any warning
or error.
Bug: 162897623
Test: cd external/selinux; mma; check the build log for warnings
Change-Id: I5338bda77ab25ded7cc43cc3afd29419fcbd9808
This behavior is non-hermetic, but matches the behavior of the C++
support. On Linux, using lld works, but on OSX, this fails because lld
does not support Apple's new .tbd files.
Bug: 155302034
Test: On both Linux and Mac hosts:
cd external/rust; mma
Change-Id: I0ad489113d720bdb9c3b7a67cce9d1e72266f428
rustc expects Rust dylibs to have a .dylib extension on darwin.
Bug: 155302034
Test: rust_library_host outputs have correct extension on darwin.
Change-Id: I17b0d7eaf0f42f8186185e3f14c3a8e992c74fde
rust_library now produces only rlib and dylib variants.
rust_library_foreign now produces static and shared variants.
This change was made because both are common cases, but all four
together essentially never happens. This allows us to have fewer repeat
module definitions.
Bug: 143217452
Test: cd external/rust; mma
Change-Id: Iaf69e8da38f7c12710331c51464699cf7cbbb656
Add documentation on how lints are defined and used in Android. Merge
the deny_warnings attribute with a new attribute (no_lint) which can be
used to disable the default linting parameters.
Explicitly allow all lints for external/ and prebuilts/, which remove
any warning when building sysroot for the devices.
Test: cd external/rust/crates; mma
Test: add dummy internal Rust module; mma
Change-Id: I62be1c41aeda4068fb9e288038727c1de5ffe547
Depending on the location of the repository (e.g. external/, vendor/), a
different set of lints will be enabled. Add the clippy property to the
rust_* modules. This property can be used to overwrite the default
behaviour.
Test: m checkbuild
Bug: 157238651
Change-Id: Ife0f723ef4a74abb102597f8486a7b9f30e7d351
Give prebuilt_etc and sh_binary their own packages and split the
gigantic main Android.bp up to small, per-package ones.
Test: m nothing, TreeHugger
Bug: 156980228
Change-Id: I7b00cd344b9f16861f1ff39edf0029f016b853d0
Darwin builds aren't using the correct suffix for shared libraries or
proc macros (.dylib). This fixes that.
Bug: 155302034
Test: "cd external/rust; mma" no longer indicates wrong extension.
Change-Id: I5093e0bcc78dbb2dd9fcf39069f326101bb8f411
CC libraries which depend on Rust libraries get missing dependency
errors when building 32-bit variants dependent on Rust modules which
don't explicitly have "multilib: both" declared.
Because CC libraries use MultilibBoth by default, Rust should do the
same.
This also fixes a bug where the ARM32 toolchain incorrectly embedded
toolchain64Bit instead of toolchain32Bit.
Bug: 154730212
Test: Rust libraries provide both variants by default.
Change-Id: Ia545fe069d3c6b77c3d18f4f10267e2c72ee0bab
With kernel support being removed for execute-only memory layouts,
remove support for XOM until there's kernel support again.
Bug: 153457617
Test: Rust binaries no longer have execute-only text sections.
Change-Id: I19cfb5b347a1f44394a619e17bb0c057c09e76a9
The latest version of crosvm refers to minijail as a separate crate:
2dae56768c%5E%21/#F1
The current version of minijail in aosp crosvm-master isn't a crate,
but minijail in aosp master is a crate and builds with crosvm.
This allows the latest version of crosvm to build in the Android tree
and use minijail in the same tree.
Change-Id: I2231149f1488727754430183d04072c5cc0f570a
Rust has no backwards compatibility concerns, so no need to use
--use-android-relr-tags here.
Bug: http://b/147452927
Test: treehugger
Change-Id: I94de40bfad1ff2dcbc4241b944db90e0891bf9f3
This is no longer shipped by rustc, and wasn't really intended to be
implicitly available in the first place.
Bug: 147432625
Test: Built a sample rust device binary
Change-Id: I3c33ac3726c788debe14ed39a9ecbae7a7449351
The clang-r370808 upgrade contains a change to LLD allow PT_LOAD
segments to reside at non-multiples of the page size in the resulting
object file. https://reviews.llvm.org/rL369344
While this helps reduce the alignment waste and resulting image size, it
has interesting implications for execute only memory (XOM): The runtime
loader will now load code or data from other segments into pages with
different protections than intended.
This would partially defeat execute only (XOM) text sections as the
segment could now overlap with previous and following sections. This
might allow for code or data from the preceding and following sections
(like .eh_frame, and .data.rel.ro) to be executable, and either ends of
.text to be readable.
When the runtime loader (linker[64]) `mmap`s segments from *.so files,
the file offset parameter (see `man 2 mmap`) MUST be a multiple of the
page size. Since the updated LLD can now pack segments in a file (which
helps minimize resulting object file size) (previously, the segment
offsets were page aligned), this has interesting implications.
To appreciate the current bug, consider the following output from
`readelf` before this patch is applied, but after the toolchain upgrade:
```
$ readelf -lSW $OUT/symbols/apex/com.android.runtime/lib64/bionic/libc.so
...
[Nr] Name Type Address Off Size ES Flg Lk Inf Al
...
[13] .eh_frame PROGBITS 000000000002e7c0 02e7c0 013374 00 A 0 0 8
[14] .text PROGBITS 0000000000042b40 041b40 09ecb4 00 AX 0 0 64
[15] .plt PROGBITS 00000000000e1800 0e0800 001f30 00 AX 0 0 16
[16] .data.rel.ro PROGBITS 00000000000e4740 0e2740 005208 00 WA 0 0 32
...
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
PHDR 0x000040 0x0000000000000040 0x0000000000000040 0x000230 0x000230 R 0x8
LOAD 0x000000 0x0000000000000000 0x0000000000000000 0x041b34 0x041b34 R 0x1000
LOAD 0x041b40 0x0000000000042b40 0x0000000000042b40 0x0a0bf0 0x0a0bf0 E 0x1000
LOAD 0x0e2740 0x00000000000e4740 0x00000000000e4740 0x006720 0x006720 RW 0x1000
...
01 .note.android.ident .note.gnu.build-id .dynsym .gnu.version .gnu.version_d .gnu.version_r .gnu.hash .dynstr .rela.dyn .rela.plt .rodata .eh_frame_hdr .eh_frame
02 .text .plt
03 .data.rel.ro .fini_array .init_array .dynamic .got .got.plt
...
The above output tells us:
1. .text will wind up in the third (02) segment.
2. The third segment will be (LOAD)'ed as (E)xecutable.
3. Because the file (Offset) of the first segment (0x41b40) is NOT a
multiple of the page size, it cannot be passed as the `offset` to
`mmap`. As such it will be rounded down to the first multiple of the
page size, 0x41000.
4. The preceding section (.eh_frame) will be loaded in the preceding
segment (01). It occupies file (Off)set range [(0x2e7c0):0x41b34].
0x41b34 is not explicit in the output, instead you must use the
formula:
Off + Size == End
ie.
0x2e7c0 + 0x13374 == 0x41b34
(This happens to match (FileSiz) of the second segment, which makes
sense as .eh_frame is the final section in the second segment.)
5. mmap'ing file offset 0x41000 when loading the second segment will
include 0x4c0 bytes (0x42000 - 0x41b40) from .text, now mapped as
readable (oops). Suddenly code from .text is now readable (and thus
scannable for gadgets for ROP chains).
6. mmap'ing file offset 0x41000 when loading the third segment will
include 0xb34 bytes (0x41b34 - 0x41000) from .eh_frame, now mapped as
executable (oops). Suddenly data from .eh_frame is now executable
(and thus a potential gadget for ROP chains).
7. mmap'ing file offset 0xe2000 when loading the third segment will
include 0x8CO bytes (0xe3000 - 0xe2740) from .data.rel.ro, now mapped
as executable (oops). Suddenly data from .data.rel.ro is now
executable (and thus a potential gadget for ROP chains).
8. mmap'ing file offset 0xe2000 when loading the fourth segment will
include 0x730 bytes (0xe0800 + 0x1f30 - 0xe2000) from .plt, now
mapped as readable (oops). Suddenly data from .plt is now readable
(and thus scannable for gadgets for ROP chains).
All these oops' could be avoided if the linker placed .text+.plt at page
size aligned file offsets, which is what `-Wl,-z,separate-code` code
does. After this patch, we have:
```
$ readelf -lSW $OUT/symbols/apex/com.android.runtime/lib64/bionic/libc.so
...
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
PHDR 0x000040 0x0000000000000040 0x0000000000000040 0x000230 0x000230 R 0x8
LOAD 0x000000 0x0000000000000000 0x0000000000000000 0x041b34 0x041b34 R 0x1000
LOAD 0x042000 0x0000000000042000 0x0000000000042000 0x0a0be0 0x0a0be0 E 0x1000
LOAD 0x0e3000 0x00000000000e3000 0x00000000000e3000 0x006720 0x006720 RW 0x1000
```
In the future, we could go back to tightly packing segments in the
binary if the runtime loader was improved to detect the previously
stated problem, and `memset` over the problematic ranges of the freshly
`mmap`ed pages (implying additional startup cost for reduced binary
size). This might save ~6 KB from each native binary, which adds up to
~17 MB for an AOSP image.
Also, prefer
-Wl,--execute-only
rather than
-Wl,-execute-only
Bug: 139945549
Bug: 146144180
Test: readelf -lSW $OUT/symbols/apex/com.android.runtime/lib64/bionic/libc.so
Change-Id: I64527e034ca3c71565ea52ed06f81f75d5216627
Reported-by: Ryan Prichard <rprichard@google.com>
Suggested-by: Fangrui Song <maskray@google.com>
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
* Copy current configuration from
rust/config/x86_64_device.go and
cc/config/x86_device.go.
Bug: 145608833
Test: build rust modules for aosp_x86-userdebug
Change-Id: Ie4951dd4703596f8e503d813a6c4ac03c1f20980
Now that we have sysroots built in Soong, we can enable these devices
and they just work.
Bug: 141251907
Bug: 141381044
Change-Id: I562256fee372d331db883f7c1b46405945295c24
In order to ensure we are using current platform Bionic for any platform
Rust binaries, we need to build the sysroot in Soong. This will also
enable us too hook the "test" crate if necessary.
While both a dynamic and static sysroot are available, on device only a
dynamic sysroot will be injected. On host, we continue using the sysroot
used to build the compiler as before.
Bug: 139486496
Change-Id: I127377e5b056610ceb5015a34d266250320fbc31